With this Test-DbaBuild you have the option to check how many CU's your instance can be behind.
What I would like is that you can check on how much time the latest applied CU is behind and check for compliancy based on a time-period eg. 6 months, because for one version 2CU behind can be just 2 months whereas in other cases it might be over 1 year. That would also mean a change to dbatools-buildref-index.json by adding the releasedate of the CU.
Is there a command that is similiar or close to what you are looking for?
Yes
Technical Details
Similar or close is the current one based on CU's.
If I have some more time I could fork and start testing something. If it's too much hassle to enter all releasedates in the json-file it would be an idea to do only the recent ones (f.e. released during the last year) and leave the others empty. And when running the command based on CU-age doesn't encounter a date also state that it isn't compliant.
I mean, everything can be done, but if in some years this is the first time it pops up, I think it'll be too much of a hassle to set it up.
Other cons:
security on "how many months passed since you installed last patch" is a bad(?) posture to compliance
the cadence of new releases is pretty much set in stone by MS
Summarize Functionality
With this Test-DbaBuild you have the option to check how many CU's your instance can be behind. What I would like is that you can check on how much time the latest applied CU is behind and check for compliancy based on a time-period eg. 6 months, because for one version 2CU behind can be just 2 months whereas in other cases it might be over 1 year. That would also mean a change to dbatools-buildref-index.json by adding the releasedate of the CU.
But then you could enter f.e.
Test-DbaBuild -SqlInstance $SRV -Update -MaxTimeBehind 6Mo
Is there a command that is similiar or close to what you are looking for?
Yes
Technical Details
Similar or close is the current one based on CU's.
If I have some more time I could fork and start testing something. If it's too much hassle to enter all releasedates in the json-file it would be an idea to do only the recent ones (f.e. released during the last year) and leave the others empty. And when running the command based on CU-age doesn't encounter a date also state that it isn't compliant.