Last updated Dec 6, 2023

Rate this page:

Changelog

This changelog is the source of truth for all changes to the Bitbucket API and Bitbucket Connect API that affect people using Bitbucket Cloud and developing Bitbucket Cloud apps.

To ask any questions related to Bitbucket Cloud development please visit the Bitbucket Cloud developer community.

6 December 2023

Added Bitbucket workspaceId in custom UI/UI Kit 2 invocation context

Bitbucket Forge apps will now provide the workspaceId field, available within the context retrieved from the getContext function. We’ve updated the FullContext type to reflect this.

When a Bitbucket Forge app invokes the Forge resolver, it will also include the workspaceId in the context.

27 November 2023

Announcement Icons for Bitbucket Forge modules

As part of the Bitbucket integration (EAP) release, you can now set an icon for any module that features an icon property.

See Bitbucket modules to find out which modules support icons.

24 November 2023

Announcement Bitbucket apps distribution in developer console

As part of the Bitbucket integration (EAP) release, you can now distribute Bitbucket apps on Forge via the installation link in the developer console. See Distribute your apps for more details.

21 November 2023

Added Introducing signing of Connect app installation redirect URIs

We’ve introduced the ability to validate Connect app installation redirect URLs for registered apps. When a redirect_uri parameter is included in an installation link, a jwt parameter containing a JWT token will be added to the URL when the user is redirected upon successful installation.

More details

Why are we making this change?

Signing redirect URIs improves security by allowing developers to ensure authenticity and integrity of redirect requests. The JWT will include a query string hash (QSH) and is signed using the Connect app shared secret.

The QSH hashes the canonical request of the redirect (excluding the jwt URL parameter), and can be used to verify URL parameters haven’t been tampered with. Verifying the JWT signature with your app’s secret will ensure the request originated from Bitbucket Cloud.

Who is affected?

If you're parsing the query parameters on the redirect URI in a such a way that breaks on unexpected parameters, you will need to update your code so that the new jwt parameter is handled or ignored.

To start validating installation redirects, follow the steps in Exposing a service from our authentication documentation.

20 November 2023

Announcement Enhanced Forge CLI integration for Bitbucket app development

We've improved the Forge CLI to better integrate with Bitbucket app development.

You can now install your app into Bitbucket using the forge install command.

Additionally, we've introduced templates for the currently available Bitbucket modules. These can be used when creating new apps via the forge create command.

13 November 2023

Announcement UI Kit 2 supports Bitbucket Forge modules

You can now use Forge UI Kit 2 to build the user interface of your apps across all Bitbucket modules (EAP).

For more information on using UI Kit 2 components to design and build apps, see the UI Kit 2 components documentation.

26 September 2023

Announcement Bitbucket integration (EAP)

We're working on enabling developers to build Bitbucket apps on Forge. In line with this, we're launching this Bitbucket integration under Forge's Early Access Program (EAP) through a series of modules, events, and APIs.

You can start using these capabilities to build apps and deploy them to any environment (including PRODUCTION). Like all EAP features, these capabilities are still under active development, and as such are not supported. We strongly recommend that you exercise caution in deploying and using Bitbucket apps outside of test workspaces.

Forge apps can’t be installed on personal workspaces. You’ll have to install them on a shared Bitbucket team workspace.

More details

Limitation

  • The forge lint --fix command can't apply scopes required any Bitbucket APIs called by your app.

We’re working on addressing this limitation for our next release milestone. If we fix them before then, we’ll announce it through the Forge changelog.

EDITS: we updated this changelog on the following dates by removing some limitations listed on our initial release.

Nov 24, 2023: Previously, you couldn’t distribute your Bitbucket Forge apps via the developer console. We’ve since addressed this limitation; you can now distribute Bitbucket apps on Forge via the installation link in the developer console. Refer to this changelog for more information.

Nov 20, 2023: We now feature several Forge templates you can use for your Bitbucket apps. Refer to this changelog for more information.

References

We also published two tutorials for building Bitbucket apps using these capabilities:

Feedback

We want to hear about your experience building Bitbucket apps on Forge! To report bugs or provide feedback on these EAP capabilities, visit the Bitbucket Cloud x Forge - EAP community group.

18 May 2023

Deprecation Notice Bitbucket Cloud Pipelines is ending support for the legacy runtime execution environment in favor of Containerd

Bitbucket Pipelines operates in a Kubernetes-based infrastructure environment, and our internal execution environment leverages Containerd by default for all customers in a transparent manner.

A small number of users have been provisioned onto Docker based runtime infrastructure after a specific exemption was applied by Customer Support; it’s now time to retire that infrastructure.
A runtime change does not impact your ability to build containers using the Docker CLI, the primary impact is if you’re using out-of-date Docker tooling, or tooling that leverages deprecated Docker APIs
The Docker project has been committed to the Containerd project for a number of years Extending Docker’s Integration with containerd | Docker

30 March 2023

Deprecation Notice Jira issue glance module in Forge or Connect app being deprecated and replaced.

The jiraIssueGlances and jira:issueGlance module in Forge and Connect are being deprecated and replaced with the issueContext module on Oct 6, 2023.

1 February 2023

Announcement Introducing Project and Workspace Access Tokens

Bitbucket Cloud now features Project and Workspace Access Tokens, which are similar to the recently released Repository Access Tokens, providing access to a single project or workspace and all the repositories under that resource. These tokens can be used to authenticate with Bitbucket APIs for scripting, CI/CD tools, Bitbucket Cloud-connected apps, and Bitbucket Cloud integrations. 

Workspace admins can set a Project or Workspace Access Token’s access level through permission scopes during creation. Each token is linked to a project or workspace; preventing them from being used to access any repositories outside the specific project or workspace.

More details

To start using Project Access Tokens, visit a Bitbucket Cloud project you have admin access to, and navigate to Project settings > Security > Access tokens. For Workspace Access Tokens, navigate to the Workspace view, then select Settings > Security > Access tokens.

For details, see:

18 January 2023

Announcement We’re updating our API token, API key, and Repository Access Token length

On January 18, 2023, we'll be extending the length of API tokens for Atlassian accounts, API keys, and Repository Access Tokens. This ensures new tokens and keys generated after this date are more secure and reliable. Tokens and keys created before January 18, 2023 won’t be affected.

5 January 2023

Removed Bitbucket no longer supports personal Connect apps

We’ve discontinued support for personal Connect apps in Bitbucket. Please see the deprecation notice for more details.

24 November 2022

Announcement Introducing Repository Access Tokens

Bitbucket Cloud now features Repository Access Tokens, a new form of authentication that provides access to a single repository. These tokens can be used to authenticate with Bitbucket APIs for scripting, CI/CD tools, Bitbucket Cloud-connected apps, and Bitbucket Cloud integrations.

Repository admins can set a Repository Access Token’s access level through permission scopes during creation. Each token is linked to its repository, not a user or workspace; this prevents them from being used to access any other repositories or workspaces.

More details

To start using Repository Access Tokens, select Repository Settings > Security > Access Tokens on your repository.

For more information, see:

8 August 2022

Announcement Announcement — Introducing 'App User' type on Feb 9, 2023

To support the development of a new feature, we're introducing a new subtype of the Account definition called App User into the Bitbucket Cloud API. After a 6-month deprecation period, ending on Feb 9, 2023, any API which documents an Account type can start returning App User objects, along with the currently expected Team and User objects.

Read more about the impact of the changes here: https://developer.atlassian.com/cloud/bitbucket/announcement-introducing-app-user/

1 August 2022

Deprecation Notice Deprecation of personal Connect apps in Bitbucket

Bitbucket is deprecating support for Personal Connect apps on January 1, 2023. This is an uncommon type of Connect app that installs into a user’s personal account rather than the workspace.

Below you can find more information about this change, as well as steps to update your app.

More details

Personal Connect apps are a type of Bitbucket Connect app that is installed into the user’s personal account - as opposed to the typical Connect app that is installed into a Bitbucket workspace. As such, Personal Connect apps ‘follow’ users around as they navigate content across different workspaces.

From January 1, 2023, Bitbucket will no longer support Personal Connect apps. Their installation will be blocked. Soon after, Personal Connect apps will be removed from users' accounts. After this, the only valid Bitbucket Connect context type will be “account”.

This is part of an ongoing effort to give workspace admins more control over which integrations can access their data. Additionally, simplifying our Connect framework will help us create and roll out new features to customers faster.

If you're an app developer that maintains a personal Connect app, we suggest converting your app into a workspace Connect app. This will effectively reduce the reach of your app to the workspace of the user, rather than any workspace that the user can access.

In order to do this, you will need to update your Connect descriptor to change its "contexts" attribute from ["personal"] to ["account"]. This change will then be applied to new installations of your app.

To apply this change to existing installations you have 2 options:

As a user, check if any of your installed apps are “personal” apps by navigating to your workspace settings > Apps and Features > Installed Apps. For each app you can see the installation context (personal or workspace).

You can also contact your app vendor to learn more about the recommended upgrade path.