What's Changed

Breaking Changes: v.2.16.1 → v.3.0.0

This document summarizes the breaking changes introduced in Azure Quick Review (azqr) version 3.0.0.

Summary

Version 3.0.0 represents a major architectural refactoring with significant CLI changes. The core functionality remains the same, but how you interact with the tool has changed to provide better flexibility and control over scan stages.

1. CLI Flag Changes

Removed Flags

The following boolean flags have been removed and replaced with the unified --stages flag:

New Unified Stage Control

The --stages flag provides granular control over scan stages:

# Enable specific stages (replaces defaults)
azqr scan --stages cost,policy,arc

# Disable specific stages (keeps other defaults enabled)
azqr scan --stages -diagnostics

# Enable all stages
azqr scan --stages advisor,defender,defender-recommendations,arc,policy,cost,diagnostics

Available stages:

• advisor - Azure Advisor recommendations
• defender - Microsoft Defender for Cloud status
• defender-recommendations - Microsoft Defender for Cloud detailed recommendations
• arc - Azure Arc-enabled SQL Server instances
• policy - Azure Policy compliance states
• cost - Cost analysis for the last calendar month
• diagnostics - Diagnostic settings scan (includes azqr recommendations)

Changed Flag Names

2. Default Behavior Changes

Enabled by Default (v3.0.0)

• diagnostics - Diagnostic settings and azqr recommendations
• advisor - Azure Advisor recommendations
• defender - Microsoft Defender for Cloud status

Now Disabled by Default

The following stages are now disabled by default and must be explicitly enabled:

• cost - Cost analysis (was enabled by default in v2.16.1)
• policy - Azure Policy compliance (unchanged)
• arc - Azure Arc-enabled SQL Server (unchanged)
• defender-recommendations - Defender recommendations (unchanged)

Migration example:

# v2.16.1 (cost enabled by default)
azqr scan

# v3.0.0 (cost must be enabled explicitly)
azqr scan --stages cost

3. New Stage Parameter System

Introduction of --stage-param

v3.0.0 introduces a new --stage-param flag for passing stage-specific options:

# Generic format
azqr scan --stage-param stage.key=value

# Example (for future parameters)
azqr scan --stage-param cost.currency=USD

This replaces the old approach of having dedicated flags for each stage option.

4. Excel Report Structure Changes

Report Sheet Changes

The Excel output now organizes sheets differently based on enabled stages:

Core Sheets (always generated):

• Recommendations
• ImpactedResources
• ResourceTypes
• Inventory
• OutOfScope

Optional Sheets (enabled by default):

• Advisor (disable with --stages -advisor)
• Defender (disable with --stages -defender)

Optional Sheets (disabled by default):

• DefenderRecommendations (enable with --stages defender-recommendations)
• Azure Policy (enable with --stages policy)
• Arc SQL (enable with --stages arc)
• Costs (enable with --stages cost)

5. Migration Checklist

Use this checklist to update your scripts and automation:

• Replace --defender=false with --stages -defender
• Replace --advisor=false with --stages -advisor
• Replace --costs=false with --stages -cost (or remove if you want cost disabled)
• Replace --policy=true with --stages policy
• Replace --arc=false with --stages -arc
• Add --stages cost if you need cost analysis (now disabled by default)
• Test your scripts with the new default behavior
• Update CI/CD pipelines and automation scripts

6. Migration Examples

Example 1: Full Scan with All Features

# v2.16.1
azqr scan --subscription-id <sub-id> --defender=true --advisor=true --costs=true --policy=true

# v3.0.0
azqr scan --subscription-id <sub-id> --stages advisor,defender,cost,policy

Example 2: Minimal Scan (No Optional Features)

# v2.16.1
azqr scan --subscription-id <sub-id> --defender=false --advisor=false --costs=false

# v3.0.0
azqr scan --subscription-id <sub-id> --stages -advisor,-defender,-diagnostics

# Or be explicit about enabled stages:
azqr scan --subscription-id <sub-id> --stages cost

Example 3: Custom Output with Cost Analysis

# v2.16.1
azqr scan -s <sub-id> -o custom_report --costs=true

# v3.0.0
azqr scan -s <sub-id> --output-name custom_report --stages cost

Example 4: Resource Group Scan with Policy

# v2.16.1
azqr scan -s <sub-id> -g <rg-name> --policy=true

# v3.0.0
azqr scan -s <sub-id> -g <rg-name> --stages policy

Need Help?

• Documentation: https://azure.github.io/azqr/
• Issues: https://github.com/Azure/azqr/issues
• Discussions: https://github.com/Azure/azqr/discussions

Version Information

• Previous Version: v.2.16.1
• Current Version: v.3.0.0
• Release Date: February 2026
• Total Commits Between Versions: 209

Full Changelog: v.2.16.1...v.3.0.0

What's Changed

• build(deps): bump github/codeql-action from 4.32.1 to 4.32.2 by @dependabot[bot] in #744
• build(deps): bump step-security/harden-runner from 2.14.1 to 2.14.2 by @dependabot[bot] in #746

Full Changelog: v.2.16.1...v.3.0.0-preview.8

Full Changelog: v.3.0.0-preview.6...v.3.0.0-preview.7

Full Changelog: v.3.0.0-preview.5...v.3.0.0-preview.6

Full Changelog: v.3.0.0-preview.4...v.3.0.0-preview.5

Full Changelog: v.3.0.0-preview.3...v.3.0.0-preview.4

What's Changed

• refactor: update HttpClient to use options for better configurability and testing by @cmendible in #731
• build(deps): bump step-security/harden-runner from 2.14.0 to 2.14.1 by @dependabot[bot] in #733
• build(deps): bump github/codeql-action from 4.31.11 to 4.32.0 by @dependabot[bot] in #732
• build(deps): bump docker/login-action from 3.6.0 to 3.7.0 by @dependabot[bot] in #736
• Fix incorrect recommendation text for Virtual Network Gateway availability zones by @Copilot in #735
• build(deps-dev): bump hugo-extended from 0.154.5 to 0.155.0 in /docs by @dependabot[bot] in #737
• build(deps): bump actions/cache from 5.0.2 to 5.0.3 by @dependabot[bot] in #738
• build(deps-dev): bump hugo-extended from 0.155.0 to 0.155.1 in /docs by @dependabot[bot] in #740
• build(deps): bump github/codeql-action from 4.32.0 to 4.32.1 by @dependabot[bot] in #742
• build(deps-dev): bump hugo-extended from 0.155.1 to 0.155.2 in /docs by @dependabot[bot] in #741
• fix: improved defender recommendations scan. #712 by @cmendible in #743

Full Changelog: v.2.16.0...v.2.16.1

What's Changed

• Full migration to ARG queries.
• New --stages param allows for enabling or disabling scan stages (i.e. costs, defender-recommendations)
• Fix Cost assessment dates
• Fix throttling policy
• refactor: update HttpClient to use options for better configurability and testing by @cmendible in #731
• build(deps): bump step-security/harden-runner from 2.14.0 to 2.14.1 by @dependabot[bot] in #733
• build(deps): bump github/codeql-action from 4.31.11 to 4.32.0 by @dependabot[bot] in #732
• build(deps): bump docker/login-action from 3.6.0 to 3.7.0 by @dependabot[bot] in #736
• Fix incorrect recommendation text for Virtual Network Gateway availability zones by @Copilot in #735
• build(deps-dev): bump hugo-extended from 0.154.5 to 0.155.0 in /docs by @dependabot[bot] in #737
• build(deps): bump actions/cache from 5.0.2 to 5.0.3 by @dependabot[bot] in #738

Full Changelog: v.2.16.0...v.3.0.0-preview.1

What's Changed

• Full migration to ARG queries.
• New --stages param allows for enabling or disabling scan stages (i.e. costs, defender-recommendations)
• Fix Cost assessment dates
• refactor: update HttpClient to use options for better configurability and testing by @cmendible in #731
• build(deps): bump step-security/harden-runner from 2.14.0 to 2.14.1 by @dependabot[bot] in #733
• build(deps): bump github/codeql-action from 4.31.11 to 4.32.0 by @dependabot[bot] in #732
• build(deps): bump docker/login-action from 3.6.0 to 3.7.0 by @dependabot[bot] in #736
• Fix incorrect recommendation text for Virtual Network Gateway availability zones by @Copilot in #735
• build(deps-dev): bump hugo-extended from 0.154.5 to 0.155.0 in /docs by @dependabot[bot] in #737
• build(deps): bump actions/cache from 5.0.2 to 5.0.3 by @dependabot[bot] in #738

Full Changelog: v.2.16.0...v.3.0.0-preview.1