Atlassian developer changelog

What is changing?

We previously announced that usage of asynchronous Forge app invocations will become billable on Jul 1, 2026.

To compensate for the inclusion of these functions in your billable usage, we are doubling the free usage allowance for Forge functions from 100,000 GB-seconds per month to 200,000 GB-seconds per month.

The increased allowance will be rolled out progressively, for:

• Newly-created Forge apps starting on Jun 29, 2026

• Existing Forge apps starting on Jul 1, 2026

The increased allowance will apply for all apps for the billing month of July 2026.

What do I need to do?

No action is required. The increased allowance will be applied automatically.

We recommend reviewing your Forge functions consumption in the Forge Developer Console's Usage and Charges section to understand how this change affects your apps before billing begins.

Forge Realtime has moved from Preview to General Availability. You can now use Realtime in production apps with full platform support and operational readiness.

What's changing

• Distinct subscriber and publisher roles: You can now issue tokens that grant only subscribe or publish access to a channel using the new permissions argument in signRealtimeToken. This lets you restrict publishing to your backend while granting subscribe-only access to frontends. Tokens without explicit permissions remain with full access.

• Rate limits: Limits of 50 operations per app installation per second are now enforced. See Realtime limits and error messages for details.

What you need to do

• Run the following commands in your app directory to install the latest versions of these packages:
   npm install @forge/bridge@latest
 npm install @forge/realtime@latest

The global:ui module is now available through the Early Access Program (EAP). This module allows your Forge app to have its own end-to-end experience within the Atlassian platform, independent of specific product contexts like Jira or Confluence.

What's changing

The global:ui module enables your app to:

• Deliver a full-screen experience with side navigation that you control and top navigation provided by the Atlassian platform.

• Appear in the Atlassian app switcher, allowing users to reach your app from anywhere in the platform.

• Connect to one or more Atlassian apps through multi-app compatibility, and optionally surface data across them.

• Build on platform capabilities such as Teamwork Graph, Forge Agents, Rovo Search, and Rovo Chat.

What you need to do

To start building apps with the global:uimodule:

• Join the EAP by completing the sign-up form.

• Review the detailed documentation.

We wanted to share a few updates on the trust front:

1. Atlassian Enterprise Certified — our new trust program

We've heard your feedback, and we're excited to announce that our new trust program is officially named Atlassian Enterprise Certified. This badge will recognize apps that meet rigorous enterprise standards for security, reliability, privacy, accessibility, and responsible AI — going beyond the baseline cloud standards required of all Marketplace apps. We plan to begin rolling out the program in Q3 CY2026 and phase out the Cloud Fortified Apps program by the end of the year.

1. New trust filters and verified indicators on the Marketplace

We're introducing enhancements that make it easier for customers to evaluate apps against their security, privacy, compliance, and procurement requirements.

New filters for faster shortlisting

Today, customers can filter Marketplace apps by Runs on Atlassian and Cloud Fortified. We're adding filters for:

• SOC 2

• ISO 27001

• Penetration testing

• Bug bounty

• Partner trust center

• Standard Legal Agreement

Verified indicators on the Privacy & Security tab

We're also adding a blue verified-tick icon to selected Privacy & Security tab fields, helping customers distinguish Atlassian-verified information from partner-attested responses at a glance.

At launch, verified indicators will appear on:

• App REST APIs

• Integration permissions with Atlassian apps

• Marketplace Security Bug Bounty Program participation

• Atlassian trust programs

We plan to expand verified indicators to more fields over time.

What you need to do

The new filters and verified indicators draw from information Atlassian already holds or that partners have already provided through existing Marketplace processes and Privacy & Security tab responses.

That said, to ensure your apps show well in trust-based evaluations, we recommend reviewing your Privacy & Security tab to confirm that your security, privacy, and compliance details are complete and up to date.

Forge Object Store billing will be rolled out in stages starting June 29, 2026. While most existing apps won't see changes until July, new apps created during the transition window will have billing enabled immediately.

What’s changing

• Existing Forge apps: Object Store becomes a billable capability starting from your billing cycle on July 1, 2026. You will not see charges for Object Store usage before this date.

• New Forge apps: For any apps created on June 29, 2026 or June 30, 2026, Object Store is billable immediately upon creation. Charges will apply if your usage exceeds the free quota during this window.

What you need to do

• Review the Forge pricing guide to understand the free quota and pricing for Object Store.

• If you are planning to create new apps on June 29 or 30, factor in the immediate billing activation for Object Store.

For more context on the Object Store release, see the Forge Object Store is now in Preview changelog entry.

We've added new convenience components and hooks for routing in UI Kit. These are now available in Preview in the latest version of @forge/react.

Routing is available in any full-page module and enables your app to manipulate the current page URL using a familiar API.

What’s changing

You can now use the following components and hooks to manage navigation within your Forge apps:

• Router

• Route

• useNavigate

• useLocation

• useParams

What you need to do

To use these new features, update to the latest version of the @forge/react package. In your terminal, run the following command from your project directory:

npm install --save @forge/react@latest

For implementation details and code examples, refer to the documentation links above.

The Status Search API now exposes a new optional includeGlobalStatuses query parameter. When set to true on a project-scoped query, the response includes global statuses (statuses not tied to any specific project) alongside the project's own statuses. Defaults to false. This parameter is only relevant for project-scoped queries.

Bitbucket Forge page modules will now have their menu items grouped into sections by their app. This change improves the organization of the Bitbucket navigation menu, making it easier for users to identify which menu items belong to specific apps.

What’s changing:

The following modules will now have their menu items grouped by app:

• bitbucket:workspaceGlobalPage

• bitbucket:workspaceSettingsMenuPage

• bitbucket:workspacePersonalSettingsPage

• bitbucket:repoMainMenuPage

• bitbucket:repoSettingsMenuPage

• bitbucket:projectSettingsMenuPage

What you need to do:

No action is required from you. If your app uses these modules, their menu items will automatically be grouped. You can see the linked documentation pages for example screenshots of the new grouping behaviour.

We've added a new Forge module (devops:securityInfoProvider) that lets your app send security information (such as vulnerabilities and security containers) to Jira and associate it with issues. This is now available in preview.

What's new

The devops:securityInfoProvider module surfaces your app's security data directly in the development panel of Jira issues. Apps can write and delete security information using the https://developer.atlassian.com/cloud/jira/software/rest/ via the requestJira function.

To register a provider, declare the module in your manifest.yml and configure the required endpoint handlers:

• fetchWorkspaces: returns the list of workspaces available to the user

• fetchContainers: returns security containers within a workspace

• searchContainers: searches containers matching a query

Two optional lifecycle hooks are also available: onEntityAssociated and onEntityDisassociated, invoked when a container is linked or unlinked from a Jira entity.

Important behaviour to note

When a user uninstalls your app, all security data your app sent to Jira is deleted after a grace period.

Get started

See the https://developer.atlassian.com/platform/forge/manifest-reference/modules/jira-software-security-info/ for the full manifest schema, example requests/responses, and property details.

A new --debugHost (or -d) option has been added to the Forge CLI tunnel debugger. This allows you to start the debugger at any valid IPv4 or IPv6 address, providing more flexibility for your local development environment.

What's changing

• You can now specify a custom host for the tunnel debugger using the --debugHost or -d flag.

• If no host is specified, the debugger will default to localhost (127.0.0.1).

What you need to do

• Update your Forge CLI to the latest version to access this feature.

• To start the debugger at a specific address, use the following command:
  forge tunnel --debugHost <address>

• For more information on debugging Forge apps, refer to the Tunneling documentation.

The Forge CLI now includes a new forge module command group (in Preview) for adding modules to an existing app — and for discovering and inspecting the modules you can add — directly from the command line.

What's changing

Previously, adding a module to an existing app meant editing your manifest.yml and creating the source files yourself. The new forge module command group gives you three subcommands to do this from the command line:

• forge module add — add a module to your app. The command guides you through choosing a module and UI framework (UI Kit or custom UI), then generates the source files, updates your manifest.yml, and installs any required dependencies. Use --dry-run to preview the changes first.

• forge module list — browse the available module templates, filterable by product, UI framework, or module key.

• forge module show <moduleType> — view the details and documentation for a specific module.

Why this matters

• Faster setup: scaffold a new module in seconds instead of wiring up the manifest, files, and dependencies by hand.

• Safer changes: forge module add runs key-collision and file-conflict checks before writing anything, and --dry-run lets you preview first.

• Efficient resource usage: modules are bundled using multi-entry resource bundles.

Key details

• forge module add extends an app you already have. To scaffold a brand-new app from a template, use forge create instead.

• The manifest and resources that forge module add generates are built on multi-entry resource bundles, a Preview feature.

• Custom UI modules are scaffolded with a Vite-based build setup.

• These commands are in Preview and may modify your app files (manifest.yml, source files, and package.json). We recommend committing your work beforehand.

• Only a subset of Forge modules is available today, and we're adding more over time.

Support for Claude Sonnet 4.6 model is now available in Forge LLMs. For the exhaustive list of supported models, refer to our documentation here

What's changing
The legacy storage module has been removed from the @forge/api package. This follows the deprecation notice issued in Dec 1, 2025.

Starting today, any apps still using import { storage } from '@forge/api' will fail to build or run, as this export is no longer available.

What you need to do
If your app still uses the legacy storage module, you must migrate to the @forge/kvs package immediately to avoid service disruption.

• Install the @forge/kvs package: npm install @forge/kvs

• Update your imports from import { storage } from '@forge/api' to import { storage } from '@forge/kvs'

• Deploy the updated version of your app.

For detailed instructions, refer to the KVS migration guide. You can also use the Forge CLI linting tool to identify any remaining references to the deprecated module.

Forge packages now ship TypeScript 5-compatible type declarations and declare an optional peer dependency on typescript >= 5.0.0.

What's changing

• TypeScript 4 compatibility is not guaranteed in future releases.

• An optional peer dependency on typescript >= 5.0.0 has been added to each package.

What you need to do

If you use TypeScript, and want to use the latest Forge package versions, upgrade to TypeScript 5:

1. In your project, run: npm install typescript@^5.0.0 --save-dev

2. Update your Forge package dependencies to the latest major version.

3. Review your tsconfig.json for any TypeScript 5-specific settings you may want to enable.

4. Re-build and test your app.

Forge Object Store and front-end `useObjectStore` hook is now available in Preview. Forge Object Store EAP is now closed.

The Preview release provides improvements to pre-signed links and adds CDN support. The service will be available to all developers as a billable capability, starting on Jul 1, 2026.

Please review the available documentation, ‘useObjectStore’ documentation and pricing information to get started with Forge Object Store, including assessing all of the current limitations of the service.