Added support for reserved application names ('none', 'All', 'Office365', 'MicrosoftAdminPortals') when validating includeApplications and excludeApplications in New-CIPPCAPolicy. This ensures these reserved names are accepted even if not present in the service principals list.

Enhanced robustness in Compare-CIPPIntuneObject and New-CIPPCATemplate by adding explicit checks for arrays and PSCustomObject types before property access or recursion. Updated Invoke-CIPPStandardConditionalAccessTemplate to handle errors during object comparison gracefully and log them. These changes prevent runtime errors when processing unexpected array structures in conditional access policy objects.

Replaced the warning and return in Sync-CippExtensionData with a thrown exception to enforce deprecation. Added a new cleanup rule in Start-TableCleanup.ps1 to target scheduled tasks for Sync-CippExtensionData.

Added try/catch blocks to Invoke-ListmailboxPermissions and Invoke-ListMFAUsers to return proper HTTP 500 responses and error messages on failure. Updated Get-CIPPMFAStateReport and Get-CIPPMailboxPermissionReport to exclude count rows from database query results.

Introduces Get-CIPPCalendarPermissionReport to generate calendar permission reports from the reporting database, supporting grouping by calendar or user. Updates Invoke-ListCalendarPermissions to optionally use the report database for bulk queries, improving performance and flexibility.

- Fixes running the reports for singular tenants
- ERROR: Cannot process argument because the value of argument "Property" is not valid. Change the value of the "Property" argument and run the operation again.

Refactored to store the OpenId configuration in a variable and added it to the HTTP response body. This provides more context about the tenant's OpenId configuration in the API response.

- Update Invoke-ExecExcludeLicenses to load excluded licenses from a JSON config file when the count is low.
- Clean up logging and variable usage

- Refactor Invoke-ExecExcludeLicenses function to only manage excluded licenses.
- Introduce action for restoring default exclusions.
- Split list functionality into Invoke-ListExcludedLicenses function.
- Implement Initialize-CIPPExcludedLicenses function to populate excluded licenses from config instead of hardcoded variable.

Added checks in Get-TenantGroups.ps1 and Update-CIPPDynamicTenantGroups.ps1 to skip processing members that do not have a GroupId. This prevents errors and ensures only valid group members are handled.

Included the 'licenseProcessingState' property in the $SelectString for group queries to ensure this field is returned in group listings and when querying by GroupID.

Introduces Invoke-ExecReprocessUserLicenses.ps1, an HTTP entrypoint for triggering Microsoft Graph API calls to reprocess license assignments for a specified user. Handles request parameters, logs outcomes, and returns appropriate HTTP responses.

Feat: Refactor license exclusion management and initialize from config

Fix: Assesment tests for single tenants

… dev

Enhanced parsing of CAPolicies and MFAMethods in Invoke-ListMFAUsers to ensure consistent array output and handle empty or non-string values. Updated Get-CIPPMFAState to wrap CAPolicies in an array and added a more descriptive error message for licensing issues. Improved error logging in Set-CIPPDBCacheMFAState by including detailed exception data.

Replaces the mikepenz/release-changelog-builder-action with the GitHub API via actions/github-script to generate release notes. Adds a step to fetch the previous tag for more accurate changelog generation.

Enhanced Get-CippDbRoleMembers to include direct role assignments by querying 'Roles' and merging unique members. Updated Invoke-CippTestZTNA21836 to use the correct parameter name '-RoleTemplateId' for Get-CippDbRoleMembers.

Standardized parameter names in Add-CippTestResult.ps1 and Invoke-CippTestORCA119.ps1 for consistency. Changed 'testType' to 'TestType' and updated usage of 'TestType' to 'Type' in New-CIPPDbRequest call.

Replaced usage of New-GraphGetRequest with New-ExoRequest for CAS mailbox retrieval

Refactored Add-CIPPDbItem to process data in batches, reducing memory usage when handling large datasets. Updated Push-StoreMailboxPermissions and Set-CIPPDBCacheUsers to use generic lists and explicit cleanup for better memory management. Added new Set-CIPPDBCacheCASMailboxes function to cache CAS mailboxes, and registered 'CASMailboxes' in Push-CIPPDBCacheData. These changes enhance reliability and scalability when caching large volumes of data.

Add-CIPPDbItem.ps1 now dynamically calculates batch size based on available memory and estimated item size, improving efficiency and stability for large datasets. Both Add-CIPPDbItem.ps1 and Set-CIPPDBCacheUsers.ps1 now include enhanced error logging with detailed exception data using Get-CippException.

Reduced the maximum batch size from 2000 to 500 to prevent out-of-memory errors with large datasets. Updated the information log to include target memory and calculated batch size for better diagnostics.