Rate this page:
This changelog is the source of truth for all changes to the Forge platform that affect people developing Forge apps.
Posts are made in the Forge announcements category of the developer community when the changelog is updated. Subscribe to the Forge announcements category to get notifications.
See what's next for Forge on our platform roadmap.
We're excited to share that Forge, our app development platform for Atlassian cloud products, is now generally available. You can rely on Forge's hosted infrastructure, storage, and FaaS functions to support apps in production; all of which are backed by Atlassian's operational readiness. Learn more about building the next Marketplace hit with Forge.
Note that some functionality in Forge remains in beta while we're still making changes that may break your apps. Learn more about the current functionality in beta.
The Custom UI modal class size argument with xlarge value will no longer use 100% width and instead uses 968px in Jira.
The change will occur on 27th February 2023.
To retain the same behavior, use the max size instead for Custom UI apps in Jira that are currently using the xlarge size modal.
Connect on Forge apps can now use OAuth 2.0 to authenticate with Atlassian services (as an App via client credentials grant type).
To authenticate with OAuth 2.0:
In the Forge manifest.yaml file, under app.connect , add authentication type as oauth2 (default is jwt). The App installation or App major upgrade will send the new OAuth client credentials through a lifecycle event.
Make OAuth 2.0 authenticated requests from Connect Frameworks:
We’ve introduced new features to the jira:workflowCondition Forge module for Jira.
You can now:
define a custom UI to create, edit or display the workflow condition configuration
save workflow condition configuration to the config context variable
override the Jira expressions defined in the manifest with those stored in the workflow condition configuration
See the Jira workflow condition (preview) documentation and the new jira-workflow-condition-custom-ui template for more details.
When updating the remote key in the manifest.yml file, a minor version of the app was created, which bypasses the user consent. This is now fixed by treating connect remotes the same as egress permissions which will trigger a major version upgrade.
For more information, see Understanding app versions and remote.
In Jira Work Management, users can no longer access integrated apps through the project sidebar. Instead, users will now be accessing integrated apps through an Apps drop-down list in a new project view navigation. This new navigation is a horizontal menu bar appearing below the project name.
This new project navigation only affects Jira Work Management. Apps in all other Jira products will still be available through the project sidebar.
If your app uses the Jira project page module, any defined Subpages will still appear in the project sidebar (even in Jira Work Management).
For user documentation on the Jira Work Management project sidebar, see Manage projects, shortcuts, versions, reports and more.
Starting 2 Jan 2022, we will release a fix for ACJIRA-2584 and JRACLOUD-72099. Workflow rule IDs will be changed when copying workflows instead of being duplicated.
UI modifications, which is a Forge module that allows apps to modify fields on the Global issue create modal, now support the following custom fields:
user picker
multiple user picker
multiple select
textfield
For more information, see the list of supported fields.
A new tutorial for configuring continuous delivery workflows for Forge apps is now available. This tutorial focuses on the use of environment variables for builds. It includes steps you can use to build a functional Bitbucket Cloud pipeline, along with general guidelines for GitHub users.
From now on, Forge will only allow an HTTPS connection if it is encrypted by any of the following protocols:
TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-CHACHA20-POLY1305
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES256-GCM-SHA384
To quickly identify the current state of your Forge apps, the developer console now displays values, as well as charts, for each metric. For more information, see View app metrics.
Atlassian has shipped a data processing addendum for Forge developers (the "Forge DPA"). The Forge DPA is incorporated by reference in the Forge Terms, which all Forge developers must comply with in order to use the Forge platform. Learn more on the Atlassian developer blog.
Click here to review and accept the new Forge Terms, including the Forge DPA, by December 27, 2022.
UI modifications, which is a Forge module that allows apps to modify fields on the Global issue create modal, now support two custom fields:
single select
paragraph
For more information, see the list of supported fields.
The forge install list should return all installations for a given app. However, previous versions of the CLI only limited results to the latest 100 installations. This led to discrepancies with the Developer Console for apps with more than 100 installations.
With this release, the CLI will now fetch and display all installations for the given app.
Run npm install -g @forge/cli@latest on the command line to install the latest version of @forge/cli.
To help you debug your Forge apps, the developer console now lets you group your metrics by app version. Each chart now has a Group by dropdown menu, with the option to select Version. For more information, see Monitor your apps.
Several months ago, we announced new security requirements for cloud apps, which take effect today (October 31). As of today, all Marketplace apps and Trello Apps (Power-Ups) are expected to meet the new requirements.
Maintaining a secure Marketplace is a collective effort, shared by Atlassian and partners. The new requirements reflect the most current best practices for building secure apps and provide platform-specific guidance. They set Atlassian’s baseline standard for cloud app security, and will be updated annually to ensure alignment with industry standards.
The new requirements apply across five categories: Authentication & Authorization, Data Protection, Application Security, Privacy, and Vulnerability Management. They benefit both developers and customers by providing guidelines for building secure apps and elevating the trust posture of our cloud ecosystem.
Read the blog to find out more about the changes that take effect today, and how we will validate that apps are following security requirements moving forward.