Last updated Jun 13, 2024

Changelog

This page includes release notes and updates for Jira Cloud app developers. Use this page to keep track of upcoming changes, deprecation notices, new features, and feature updates from Jira Cloud Platform.

Forge changelog

For updates about changes to the Forge platform, see the Forge changelog in the Forge documentation.

Go to our developer community to ask questions. You may also be interested in the What's New blog for Atlassian Cloud where details of major changes that affect all users of the Jira Cloud products are announced.

13 June 2024

Deprecation Notice Removing access to Forms data using Jira entity properties API

We’ll soon be removing access to Forms (previously ProForma) data currently stored in entity properties from Issue properties routes and Project properties routes in Jira Cloud platform REST APIs.

We’ll be moving this data and storing it in an alternate location which will enable us to build new functionality, plus increase performance and reliability of Forms.

These changes will be made on or after 5 August 2024.

More details

We anticipate most of the required functionality is available through the Forms REST API that you’ll need to migrate to in order to access this data in future.

5 June 2024

Deprecation Notice Approval configuration will no longer appear in workflow status properties

As of 5th December 2024, we’ll be moving the location of the configuration for JSM approvals in company-managed projects from status properties to a new approvalConfiguration property on the status. The following endpoints will be affected:

This change is part of a larger initiative that we are working on to support the configuration of approvals in company-managed projects in the new workflow editor.

More details

If your app relies on approval configuration being available in workflow status properties, you’ll need to update your code to retrieve the configuration from the approvalConfiguration property instead. Please refer to the JSON below which shows the updated format of the workflow in more detail:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 { "statuses": [...], "workflows": [ { "id": "deb0579e-8e14-4df1-a66d-7f0aba58f5a9", "name": "IP: Service Request Fulfilment with Approvals workflow for Jira Service Management", "description": "This Jira Service Management Service Request Fulfilment with Approvals workflow was generated for Project IP", "isEditable": true, "scope": { "type": "GLOBAL" }, "startPointLayout": { "x": -100.00030899047852, "y": -153.00020599365234 }, "statuses": [ { "statusReference": "10006", "layout": { "x": -460.7112121582031, "y": -354.9021301269531 }, "properties": { <---------- EXISTING APPROVAL CONFIG LOCATION "approval.active": "true", "approval.condition.type": "percent", "approval.condition.value": "100", "approval.exclude": "reporter", "approval.field.id": "customfield_10035", "approval.pre-populated": "", "approval.transition.approved": "901", "approval.transition.rejected": "911" }, "approvalConfiguration": { <---------- NEW APPROVAL CONFIG LOCATION "active": "true", "conditionType": "percent", "conditionValue": "100", "exclude": [ "reporter" ], "fieldId": "customfield_10035", "prePopulatedFieldId": "", "transitionApproved": "901", "transitionRejected": "911" }, "deprecated": false } ], "transitions": [...], "usages": [], "version": { "id": "f010ac1b-3dd3-43a3-aa66-0ee8a447f76e", "versionNumber": 0 } } ] }

Deprecation Notice Deprecation of Backup for Server feature

Developers, we’re deprecating the Backup for server feature in Backup Manager, as we are shifting focus to our Cloud platforms. Starting 30th November 2024, users will no longer be able to use this feature. If you are looking to move your data from Cloud to Data Center, you can still leverage the CSV file import wizard, bearing in mind it doesn’t cover all data entities available in Jira.

More details

What do I need to do?

This change doesn’t require any actions from you as the deprecation will not affect any existing APIs.

Can I still use the Backup manager?

Yes, we encourage our users to stay on Cloud for a seamless and optimized experience. The Backup for Cloud feature is still available in Backup manager.

3 June 2024

Announcement New method in the UI modifications API

The UI modifications API (UIM API) module now has a new method: onError. This method allows apps to process error data related to the UI modifications module. The first type of error exposed is a validation error, which is related to invalid usage of the UIM FieldAPI. We’ll be adding more error types in the future.

31 May 2024

Removed Changes to Delete Priority

Following our earlier deprecation notice, we’ve enabled Jira admins to associate different priorities for different projects in Jira Cloud.

As a result, the following changes have been made to Delete priority v2 and Delete priority v3:

  • A Jira admin cannot delete a priority if it is used in a priority scheme. The Jira admin must first remove the priority from any schemes and then delete it. If the API is called with a priority that is used in a priority scheme, a 409 error response will be returned.

  • We are removing the following query parameter: replaceWith. Because of the change above, the priority you want to delete is no longer being used by any issues and therefore does not need to be replaced.

22 May 2024

Deprecation Notice Deprecation of search priorities API 'onlyDefault' parameter and 'isDefault' property

We are deprecating the following functionality of the Search priorities REST API endpoint.

  • The onlyDefault parameter is deprecated and will be removed at a later date.

    • Users are instead encouraged to use the recently announced Get priority scheme, which includes the ID of the default priority, and optionally a list of associated priorities.

  • The isDefault property of priorities is deprecated and will be removed at a later date.

More details
  • The onlyDefault parameter is deprecated and will be removed at a later date.

    • Users are instead encouraged to use the recently announced Get priority scheme, which includes the ID of the default priority and, optionally, a list of associated priorities.

    • During the transition, this will return the global default priority and may not be the default priority for any priority scheme.

  • The isDefault property of priorities is deprecated and will be removed later.

    • Users are instead encouraged to use the recently announced Get Priorities by Priority Scheme endpoint, which lists priorities and includes whether they are the default for the priority scheme.

    • During the transition, this will return true for the global default priority only and may not reflect whether a priority is a default for any priority scheme.

16 May 2024

Deprecation Notice Loading styles from Connect CDN instead of inline

We're deprecating injecting stylesheets for Connect apps via inline styles in favor of loading from the Connect CDN. This affects the Theming API and dynamic content macros that supported the legacy Confluence editor.

At the end of the deprecation period (18th November 2024), we’ll stop injecting any inline styles and only load from the CDN.

If your app doesn’t use the above Connect features, or doesn’t use a Content Security Policy (CSP) for style-src, no action is required. Otherwise, please read the details here or see https://developer.atlassian.com/platform/marketplace/security-requirements/#connect-apps on how to modify your CSP to support these changes.

More details

Action required

To support these changes in your app, if you're using a Content Security Policy that sets the style-src policy, you must add the Connect CDN (https://connect-cdn.atl-paas.net) to your policy to allow these stylesheets to be injected. It's safe to remove unsafe-inline from your policy if you've been using it up until now.

Additional context

The stylesheets mentioned here are included automatically via the Connect JS script, not manually by the app vendor. There are two circumstances under which Connect injects stylesheets into your app.

The first is only for apps which opted in to the Theming API. The theme stylesheets currently load via an inline stylesheet, which forces vendors to adopt the insecure unsafe-inline policy, and is the main motivation for this change.

The second location is only for dynamic content macros. We inject a stylesheet with CSS classes representing colors from the legacy Confluence editor. This happens without opt-in, to be backwards-compatible with macros created in the legacy editor. This injection is currently done via CSSOM, not inline styles, and therefore isn’t impacted by style-src CSP rules currently. However it’ll also start being served from the CDN.

During the deprecation period, styles will be loaded simultaneously via the current methods described above and from the CDN. After the deprecation period, styles will only be loaded from the CDN, and the inline/CSSOM methods will be removed.

14 May 2024

Announcement New API endpoints to fetch, create, update, and delete priority schemes

We’re happy to inform you that we’re making the following new API endpoints available:

  • Get priority schemes

    • Returns a paginated list of priority schemes

    • GET /rest/api/3/priorityscheme

  • Get available priorities by priority scheme

    • Returns a paginated list of available priorities to be added to a scheme

    • GET /rest/api/3/priorityscheme/priorities/available

  • Get priorities by priority scheme

    • Returns a paginated list of priorities

    • GET /rest/api/3/priorityscheme/{schemeId}/priorities

  • Get projects by priority scheme

    • Returns a paginated list of projects

    • GET /rest/api/3/priorityscheme/{schemeId}/projects

  • Create priority scheme

    • POST /rest/api/3/priorityscheme

  • Update priority scheme

    • PUT /rest/api/3/priorityscheme/{schemeId}

  • Delete priority scheme

    • DEL /rest/api/3/priorityscheme/{schemeId}

  • Suggested priorities for mappings

    • Returns a paginated list of priorities

    • POST /rest/api/3/priorityscheme/mappings

9 May 2024

Removed The products field now mandatory in the Create User API

Following the deprecation notice (see https://developer.atlassian.com/cloud/jira/platform/changelog/#CHANGE-916), the products field will be mandatory for the Jira User Create REST API.

This change will take effect as soon as the new Create User API doc is released, expected within the next few days.

More details

Valid product name for the products field: jira-core, jira-servicedesk, jira-product-discovery and jira-software. To create a user without product access, set this field to be an empty array.

7 May 2024

Announcement UIM supports new issue view entry points

The UI modifications (UIM) module now supports three new entry points for the issue view:

  • list

  • issues

  • search

The complete list of supported entry points is available here.

1 May 2024

Announcement Atlassian Security Scanner from a bird’s eye view

Atlassian Security Scanner is already checking your Marketplace apps for any critical- or high-severity vulnerabilities in third-party dependency trees and .jar files. The tool is helping us ensure that all apps on the Marketplace are safe for our customers to download and install on their instances.

While .jar files are scanned every day due to the nature of modern cyber threats, third-party dependencies are checked when you submit your app for approval for the first time and during the regular annual review.

If Security Scanner doesn’t detect any vulnerability in your app, it’s safe to be on the Marketplace.

In case a security issue has been found, a Jira ticket about it will be created in the Atlassian Marketplace Security (AMS) project, and you’ll receive an automated email notification about the ticket. As soon as you fix the issue, upload the new version of your app to the Marketplace. Your ticket will be closed automatically the next day after Security Scanner checks the app again and finds no vulnerabilities.

If you need help or have questions, don’t hesitate to chat with an entitled representative of the Data Center Review team in the ticket’s comments. Or you can always contact Atlassian Support directly.

More details

We’d like to highlight that the security scanning on our side is a complementary process to catch the most obvious security issues in case there are no security processes established on the app partner’s side. Thus, our solution doesn’t aim to substitute security checks on your side with a tool you trust. We rather provide assistance with a security audit in case these checks aren’t done.

15 April 2024

Announcement UI modifications support more fields

The UI modifications (UIM) module now supports new fields on the following views:

Issue view

Global issue create

The complete list of supported fields for the issue view is available here.

Fixed Fixed incorrect scope check for OAuth 2.0 requests with a trailing forward slash

We have now fixed the incorrect scope check requests with a trailing forward slash.

Assume there is a scenario where a request is made to an endpoint https://api.atlassian.com/some/path/. Scope checking may find a valid scope for path /some/path/** and pass the scope check. Once the request reaches the backend service, if the service does not have a path with a trailing slash, it may remove it and invoke the parent endpoint https://api.atlassian.com/some/path which may not have the same scope requirements.

With this fix, scope checking will ignore the trailing slash when matching scopes to the path.

This means that a request to https://api.atlassian.com/some/path/ and https://api.atlassian.com/some/path will be treated the same with respect to scope checking.

11 April 2024

Deprecation Notice Jira Web Panel module in Forge or Connect app being deprecated and replaced.

We are announcing the deprecation of two Jira Web Panel (webPanels) module locations within Forge or Connect applications. The affected locations are:

  • atl.jira.view.issue.left.context: For web panels that appear in the content section on the left. We advise transitioning to the Issue Context module for similar functionality.

  • atl.jira.view.issue.right.context: For web panels that are displayed in the context section on the right, resembling a glance panel. We recommend migrating to the Issue Context module for these needs.

This change means that if your Forge or Connect app currently utilizes these two Jira Web Panel (webPanels) module locations, it is essential to migrate to the issueContext module. Detailed guidance on adopting the new Issue Context API is available in our documentation.

Added App access rule under data security policies: Data security policy events upper limit

The progressive rollout of data security policy events has been completed. Data security policy events are generated when installed apps' access to certain data within Confluence, Jira, Jira Service Management, or Jira Software has been blocked by an administrative policy with an App access rule. You can now subscribe to these events.

Being a new capability however, we are scaling up our processing of these data security policy events over the next few months. In the meantime we have set a upper limit of 50,000 objects. This means that if a customer activates or updates a data security policy that affects more than 50,000 objects, you will receive the first 50k objects in the events and the rest would be omitted.

We intend to raise these limits and will advise once we have reached our final threshold— and have determined our final hard limits.

More details

Data security policies help customers keep their organization’s data secure by letting them govern how users, apps, and people outside of their organization can interact with content such as Confluence pages and Jira issues.

The new app access rule under data security policies allows customers to restrict app access to the content in Confluence spaces or Jira projects under a given policy. In this way, customers can benefit from apps while still limiting 3rd-party app access to certain content in select spaces.

If you are looking to update your apps with custom in-app messaging whenever your app is affected by an app access rule, we encourage you to use the Developer guide.

Rate this page: