Atlassian developer changelog

Forge platform pricing is now in effect for Forge apps. To avoid any service interruptions to your Forge apps that exceed the free usage allowance, please make sure you:

• Set up a developer space

• Assign your private Forge apps to a developer space

• Add a payment method for your developer space

After you’ve completed the developer space setup and assigned your private apps to the space, apps that provided consent to the developer terms during this process will automatically receive usage alert emails when any chargeable resource in the app reaches 50%, 75%, 90%, or 100% of the free usage allowance.

To help our Marketplace Partners build more secure applications and streamline the app approval process, we are open-sourcing the security ruleset used by our internal marketplace-sast-scanner.

Earlier this year, we introduced mandatory SAST (Static Application Security Testing) scanning for Data Center apps as part of our Security Requirements. Since then, we’ve heard valuable feedback from our partner community regarding transparency into the automated security testing to help you identify and fix vulnerabilities before you submit your apps to the Marketplace.

By making these rules public, we aim to:

• Support Shift-left Security practices: Empower you to run the same checks locally that our Ecoscanner platform runs

• Foster collaboration: Allow community to contribute to the ruleset, helping the entire ecosystem stay ahead of emerging threats

The ruleset is built for Semgrep and is now available on GitHub. You can integrate these rules into your local development environment or CI/CD pipelines today.

Key resources:

• Ruleset Repository: atlassian-labs/atlassian-sast-ruleset

• Documentation: SAST Scanner for Data Center apps

• Support: If you have questions about specific scan results, please reach out via the Partner Support Portal

On Dec 17, 2025, a bug fix rolled out that started counting compute used by async functions (e.g. event‑driven long‑running tasks) and scheduled triggers. This caused a noticeable spike in reported compute usage for some apps.

To avoid an unexpected cost increase ahead of Forge pricing effective Jan 1, 2026, we’re temporarily reverting this change and delaying charging for async compute.

What this means:

• Async and scheduled functions will not be charged from Jan 1, 2026.

• Early in the new year, we will share an updated timeline for the implementation of async compute charging.

• When we re‑enable async tracking and charging, we will provide clear advance notice.

You can now deploy Forge app builds directly via the developer console.

1. Selecting Deploy build from the actions menu next for the build you want to deploy.

2. Select the environment to which you’re deploying the build to.

Note, app build deployment permissions adhere to the existing permission structure for app contributors.

We have fixed an issue in how compute usage was calculated for async events and scheduled triggers in Forge apps.

This change was rolled out progressively between Dec 17, 2025 and Dec 19, 2025. As a result, affected apps may now report higher compute usage than before. This reflects more accurate tracking of the resources consumed; there is no change to the actual behavior or performance of your apps.

If you have alerts, monitoring, or internal reports based on Forge usage metrics, you may want to review them to account for this correction.

Logs automatically generated by the Forge platform during remote invocations (not logs generated by the app itself) are removed. The following platform-generated log statements are impacted:

• Making remote request: When remote invocation is triggered

• Successful remote request: When remote invocation was successful

• Failed remote request: When remote invocation fails

These logs will no longer be visible on the logs page in the developer console or in the logs CLI command. As a result, they are excluded from usage calculations and billing.

Developers utilising Forge remote will notice a reduction in their logs usage starting today.

To maintain visibility into remote invocations, we will be introducing success and failure information via metrics in the near future.

Existing implementations that include the cleanHistory field will continue to function during the deprecation period. However, we recommend that you start implementing the following changes for any apps impacted by this change:

1. Update your API client to treat cleanHistory as an optional field.

2. Use the versionNumber field to specify the historical version you want to redact.

3. Remove the cleanHistory parameter from your redaction requests.

We are migrating marketplace promotion codes from the legacy billing system to our new billing system. This migration aligns Data Center promotion processing more closely with how we handle cloud promotion codes today, and helps ensure data consistency and integrity across systems.

During the migration window, only redeemed inactive promotion codes will:

• Not appear in the Partner Portal UI

• Not be returned by the Promotions API:
  GET /marketplace/catalog/partners/{partnerId}/promotions/paged
  (see docs: https://developer.atlassian.com/platform/marketplace/rest/v1/api-group-promotions/#api-marketplace-catalog-partners-partnerid-promotions-paged-get))

We require a short, controlled window to safely migrate promotion code data, ensuring data integrity and consistency across systems.

Promotion codes will be processed by the new billing system similar to cloud promotion codes going forward.

• If you rely on historical redeemed inactive promotion codes, Export or record any needed data (bundled or standalone) via:

  • Partner Portal UI, or

  • Promotions API: https://developer.atlassian.com/platform/marketplace/rest/v1/api-group-promotions/#api-marketplace-catalog-partners-partnerid-promotions-paged-get

• If you need redeemed inactive promotion data or Bundled promotion code during the migration window(5 Jan - 29 Jan 2026), please raise an ECO-HELP ticket and we can retrieve it for you.

• Redeemed inactive promotion codes will be backfilled and visible again in both:

  • the Partner Portal UI, and

  • the Promotions API byJan 29, 2026 .

We’re releasing an experimental REST API endpoint that allows you to switch workflow schemes for projects with improved performance and reliability.

POST /rest/api/3/workflowscheme/project/switch

The API accepts mapping instructions to handle updates for issues and performs asynchronous operations that leverages temporary schemes and workflows to co-ordinate updates efficiently and safely.

• Enhanced performance and reliability

• Support for projects with existing issues

• Asynchronous processing with progress tracking

• Comprehensive issue status migration handling

Requires Administer Jira global permission.

See the Switch workflow scheme for project API documentation.

We’ve added two new REST API operations that let you access historical version data for workflows in Jira Cloud. These endpoints make it easier to audit and review previous workflow versions.

You can now:

• List all stored versions for a specific workflow using the List history for workflow operation.

  • POST /rest/api/3/workflow/history/list

• Retrieve a specific workflow version from history using the Read specific workflow version operation.

  • POST /rest/api/3/workflow/history

Permissions required:

• To access all workflows: Administer Jira global permission.

• To access project-scoped workflows: Either Administer projects or View (read-only) workflow project permission.
  For more information, see the API documentation for List history for workflow and Read specific workflow version.

Notes:

• We only store workflow data dating back 28 days

• Workflow data from before Oct 30, 2025 is not available.

You can now use UI modifications with Jira Service Management (JSM) request create portal view. This is an extension of the existing jira:uiModifications module, allowing you to change the look and behaviour of JSM request create portal view. The module is designed to be used in conjunction with the UI modifications (apps) REST API.

For more information, see the JSM UI modifications module documentation.

Support for response streaming is now available in Forge LLMs. The new stream function in the @forge/llm SDK allows apps to process outputs as they are generated rather than waiting for the complete response.

Forge LLMs remain in Early Access (EAP). Due to high demand, participation is limited. To request access, join the waitlist here.

As part of the Forge platform pricing effective from Jan 1, 2026, we have introduced usage alerts. Developers will automatically receive notifications when the usage of any billable capability in the Forge app reaches key thresholds— at 50%, 75%, 90%, and 100% of free monthly usage allowance.

Alert emails are sent for apps in developer spaces that completed consent in the console for existing apps and the CLI for new forge apps.

We’re introducing two new APIs to assign and remove organization-level roles. These APIs let organization admins assign or remove roles that have organization-wide privileges. Currently, this only applies to the organization admin role.

• Assign organization-level role

• Remove organization-level role

This API is available to all customers.

The following UI Kit components are now generally available:

• Comment, which displays discussions and user feedback.

• Pressable, which is a primitive for building custom buttons.

• CommentEditor, provides a contained comment editor UI with a simple toolbar.

• ChromelessEditor, provides a simple text editor that does not have a toolbar.

For more information, see the component documentation.