Jira Service Management 5.15.x release notes
27 March 2024
We're excited to present Jira Service Management 5.15.
Highlights
- Archive unused Assets objects
- Improvements to modal dialogs in Assets
- Changes to Security Bug Fix Policy
- Transition from http-builder library to native Groovy GET and POST
- Groovy 4 upgrade
- Expected downtime due to database upgrade in Jira Software 10.0 and Jira Service Management 10.0
- Removal of internal GraphQL APIs in Assets
- Restrict file extensions that can be uploaded to your Jira
- Tightening access with a websudo allowlist
- Confluence Page Viewer replaces the Confluence Page Gadget
- Introducing the Software Bill of Materials (SBOMs)
- Resolved issues
More
Read the Jira Service Management 5.15.x upgrade notes for important details about this release and see the full list of issues resolved.
Compatible applications
If you're looking for compatible Jira applications, look no further:
Jira Service Management 5.15.0 and 5.15.1 are affected by a bug, which causes random values to appear in the Assets custom field. We're working on fixing this issue in an upcoming bufgix release. More information about this issue is available under the following link:
JSDSERVER-15255 - Getting issue details... STATUS
Archive unused Assets objects
For: ADMINS
Declutter your instance and improve the performance of object searches by archiving the assets you no longer need. Previously, you had to permanently delete objects when your available index memory was low to make room for new objects. Now, you can archive objects instead. If you accidentally archive any objects, you can always restore them. Learn more about archiving objects
To archive an object:
- Log in as an Assets Manager, Assets Administrator, or a Jira admin.
- Navigate to an object and then from the More options menu, select Archive.
If you’ve unintentionally archive an object and want to restore it:
- From the top navigation bar, select Assets then Archived objects.
- Use the filters to search for the object and select Restore.
Archiving objects reduces the amount of memory used, allowing more objects to be stored without the need for additional instance memory.
For example, archiving 30% of the objects in an instance will:
- reduce memory usage by ~30%
- speed up operations that act on all objects by 30%, for example performing a re-index or opening the Object Schemas list page.
Archived objects do not count towards the Assets Objects limits in guardrails.
Improvements to modal dialogs in Assets
For: EVERYONE
We improved the user experience of modal dialogs and addressed several accessibility issues by upgrading the Atlassian User Interface (AUI) dialog from AUI Dialog1 to AUI Dialog2 in Assets.
Changes to Security Bug Fix Policy
For: EVERYONE
We are updating the Atlassian Security Bug Fix Policy. Changes will take effect across all Data Center products on March 15, 2024.
What’s changing?
Previously, we delivered bug fix releases for any supported Long Term Support release in accordance with the Atlassian Support End-of-Life Policy, and for all product versions that are no older than 6 months.
With our new policy, we will continue to deliver a bug fix release for any supported Long Term Support release in accordance with the Atlassian Support End-of-Life Policy, but we are updating our policy to only support the most recently shipped feature release.
In the event of a critical vulnerability, we will take all of the following steps:
Ship a bug fix for the latest feature release of the product affected by the vulnerability.
Ship a new feature release for the affected product according to the release schedule.
Ship a bug fix release for all supported Long Term Support releases of the affected product, adhering to the Atlassian Support End of Life Policy.
We aim to develop the most effective methods for enhancing the security of our software and delivering updates faster and more frequently. When considering an upgrade, you can be sure that the latest feature release is the most secure and stable product version as it contains the most up-to-date security fixes and feature enhancements.
If you have any concerns or if you require clarification on any aspect of the updated bug fix policy, please do not hesitate to reach out to our support team.
ADVANCE NOTICE Transition from http-builder library to native Groovy GET and POST
For: ADMINS
We are planning to remove the http-library in Jira Service Management 10.0 because it is not being actively maintained. If you are using this library in Groovy scripts, we recommend that you switch to the native Groovy GET and POST methods.
ADVANCE NOTICE Groovy 4 upgrade
For: ADMINS
We’re planning to upgrade from Groovy 2 to Groovy 4 in Jira Service Management 10.0 for better security, functionality, and syntax support. If you’ve been using Groovy scripts in Assets, test your existing scripts in the EAP release of Jira Service Management 10.0 or the Groovy 4 console to make sure your scripts work properly.
Here’s some of the important breaking changes:
- Changes to the syntax of the
switchstatement. - Changes to the syntax of the
intersect()method on arrays. - Changes to the resolution of properties of isser/getter.
picoclipackage is no longer bundled, use an extra@Grabinstead.ImportCustomizeris applied once per module (previously it was applied once per class).groovy-jaxb,groovy-bsf, andStaticTypeCheckingVisitor#collectAllInterfacesByNamemodules are no longer available.- Antlr2 based parse is no longer available (use the new Parrot parser).
- Changes to the formatting of some CLI help messages.
If you run into the following issue with
JsonSlurper, replace JsonSlurper withJackson ObjectMapper.java.lang.RuntimeException: Unable to load FastStringService at org.apache.groovy.json.internal.FastStringUtils.getService(FastStringUtils.java:56) ~[?:?] at org.apache.groovy.json.internal.FastStringUtils.toCharArray(FastStringUtils.java:66) ~[?:?] at org.apache.groovy.json.internal.BaseJsonParser.parse(BaseJsonParser.java:114) ~[?:?] at groovy.json.JsonSlurper.parseText(JsonSlurper.java:205) ~[?:?]The following table lists the changes to the names of classes, packages, and modules:
Class/package/module name Groovy 2 Groovy 4 groovy-xml groovy.utilgroovy.xmlgroovy groovy.xml.QNamegroovy.namespacegroovy-ant groovy.utilgroovy.antgroovy-console groovy.inspectgroovy.consolegroovy.inpsect.swinguigroovy.uigroovy.console.uigroovy.ui.ConsoleAppletDeprecated groovy-groovysh org.codehaus.groovy.tools.shellorg.apache.groovy.groovyshgroovy-jmx groovy.util.GroovyMBeangroovy.jmxgroovy-nio org.codehaus.groovy.runtime.NioGroovyMethodsorg.apache.groovy.nio.extensions.NioExtensionsorg.codehaus.groovy.runtime.WritablePathorg.apache.groovy.nio.runtimegroovy-swing org.codehaus.groovy.bindingorg.apache.groovy.swing.bindinggroovy.modelgroovy.swing.modelgroovy.inspect.swinguiorg.apache.groovy.swing.tablegroovy-test org.codehaus.groovy.runtime.ScriptTestAdapterorg.apache.groovy.testgroovy.transform.NotYetImplementedgroovy.test.NotYetImplementedgroovy.utilgroovy.testgroovy.langgroovy.testGroovyClassLoader Types for sourceCacheandclassCachehave changed fromMapto stronger types
For the full list of breaking changes, check out:
ADVANCE NOTICE Expected downtime due to database upgrade in Jira Software 10.0 and Jira Service Management 10.0
For: ADMINS
We’re planning to change the structure of MySQL and Oracle databases in Jira Software 10.0 and Jira Service Management 10.0 to enhance the accuracy of timestamps for operations, down to the millisecond (operations such as creating issues, updating comments, or changing statuses).
If you’re using a MySQL or Oracle database, you’ll notice an additional upgrade downtime as some columns from the jiraissue, jiraaction, and changegroup tables will be migrated during the upgrade. We expect this downtime to be less than 20 minutes if you have fewer than five million issues. Note that the downtime will be proportional to your database performance, size, and the row count in the jiraissue, jiraaction, and changegroup tables.
To get an accurate estimate and plan your upgrade:
Find the row counts by running the following commands in your database:
SELECT COUNT(*) FROM jiraissue; SELECT COUNT(*) FROM jiraaction; SELECT COUNT(*) FROM changegroup;- Use the following benchmark data provided for Amazon RDS db.m6g.8xlarge and estimate your downtime:
jiraissuetable: approximately 26.527 seconds per million rowsjiraactiontable: approximately 7.592 seconds per million rows- changegroup table: approximately 9.468 seconds per million rows
For example, if you have 5 million, 8 million, and 80 million rows in the jiraissue, jiraaction, and changegroup tables respectively, you can expect a downtime of about 16.65 minutes.
ADVANCE NOTICE Removal of internal GraphQL APIs in Assets
For: ADMINS
In Jira Service Management 10.0, we are planning to remove the internal Assets GraphQL APIs to enhance security, establish consistent API patterns across Jira Service Management and Assets, and to clean up our code base. We will migrate the APIs that are used to configure Assets icons to new internal REST endpoints.
We’ll be removing the following:
- GraphQL endpoint
/insight/graphql GraphQL queries:
Query name Description findObjectSchemasFind object schemas for provided filter. If no filter is provided, all object schemas will be returned.
objectSchemaGet an object schema by its ID
findObjectTypesFind object types for provided filter. If no filter is provided, all object types will be returned.
findObjectTypeRelationsFind related object types
objectTypeGet an object type by its ID
iconGet an icon by its ID
globalIconThemeGet the global icon theme
findObjectsFind objects for provided filter. If no filter is provided, all objects will be returned.
findObjectReferencesFind inbound and outbound references for the given object
findStatusTypesFind status types for provided the filter. If no filter is provided, all object status types will be returned.
findReferenceTypesFind reference types for the provided filter
objectGet an object by its ID
findObjectTypeAttributesFind object type attributes for provided filter. If no filter is provided, all object type attributes will be returned.
objectTypeAttributeGet an object type attribute by its ID
findUniqueObjectAttributeValuesFind unique object attribute values for a given object type attribute
GraphQL mutations:
Mutation name Description createObjectSchemaCreate a new object schema
updateObjectSchemaUpdate an existing object schema's name or description
copyObjectSchemaCopy an existing object schema
deleteObjectSchemaDelete an existing object schema
createObjectTypeCreate a new object type
updateObjectTypeUpdate an existing object type
updateObjectTypePositionChange the position of an object type in the object types structure
copyObjectTypeCopy an existing object type
deleteObjectTypeDelete an existing object type
createObjectCreate a new object
updateObjectUpdate an existing object
deleteObjectDelete an existing object
createObjectTypeAttributeCreate a new object type attribute
updateObjectTypeAttributeUpdate an existing object type attribute
configureObjectTypeAttributeChange configuration of the object type attribute
updateObjectTypeAttributePositionChange the position of an object type attribute in attribute list
deleteObjectTypeAttributeDelete an existing object type attribute
createIconCreate new icon
updateIconUpdate an existing icon
deleteIconDelete an existing icon
configureGlobalIconThemeConfigure the global icon theme
resetGlobalIconThemeReset the global icon theme to its default configuration
The following features live in the Jira platform, which means it's available for Jira Software and Jira Service Management.
Restrict file extensions that can be uploaded to your Jira
Grab one more security feature out of the box! To protect your Jira instance and your organization’s infrastructure from potential malware, admins can now restrict unwanted file extensions from being uploaded through issues. To restrict specific file formats, you just need to create a blocklist or an allowlist of file extensions that must be blocked or allowed, respectively.
How to restrict file extensions
Tightening access with a websudo allowlist
To add an extra layer of security to websudo operations, you can configure and enable your own IP address/subnet allowlist for Jira. This means that certain superuser operations can only be performed from pre-approved IP addresses.
How to create a websudo allowlist
Confluence Page Viewer replaces the Confluence Page Gadget
In this release, we’re replacing the old and popular Confluence Page Gadget with the new Confluence Page Viewer. The new gadget is built on top of a modern and secure technology stack and comes with several UI improvements for a better overall experience. And just like with the old one, you can use the Confluence Page Viewer to embed a page from a linked Confluence Data Center site on your Jira dashboard.
About gadgets for Jira applications
Introducing the Software Bill of Materials (SBOMs) in Jira Software and Jira Service Management
Continuing our commitment to providing the most secure products for our customers, we’re introducing Software Bill of Materials (SBOMs) for Jira Service Management.
Resolved issues
Issues resolved in 5.15.0
Released on 27 March 2024
Due to a third-party app compatibility problem, this release has been removed and shouldn't be installed. We've delivered a fix for this problem in Jira Service Management 5.15.2, which is available for download.
Issues resolved in 5.15.1
Released on 17 April 2024
Due to a third-party app compatibility problem, this release has been removed and shouldn't be installed. We've delivered a fix for this problem in Jira Service Management 5.15.2, which is available for download.
Issues resolved in 5.15.2
Released on 2 May 2024
With the Jira Software 9.15.2 release, the compatibility issues with third-party apps found in the previous 9.15.0 and 9.15.1 versions have been resolved by removing the REST v2 plugin. However, if you've already moved any plugins to REST v2, this removal might affect them. Plugins should rely on REST v2 starting from Jira Software 10.0 (EAP02) and later.