Release 8.x

8.55.0

There are only core component changes in ScriptRunner for Bitbucket 8.55.0, so we do not have any new features or bug fixes to report.

8.54.0

There are only core component changes in ScriptRunner for Bitbucket 8.54.0, so we do not have any new features or bug fixes to report.

8.53.0

There are only core component changes in ScriptRunner for Bitbucket 8.53.0, so we do not have any new features or bug fixes to report.

8.52.0

Security Improvement

We've made a couple of security improvements in this release:

• We have implemented a security improvement to our switch user feature. This update strengthens our protection against potential unauthorized account access.

• We've addressed a known Common Vulnerabilities and Exposures (CVE).

We want to emphasize that this update doesn't mean your instance was vulnerable to security issues. We're always working to make ScriptRunner as safe as possible, and this update is part of that ongoing effort. Check out our page on Vulnerabilities and Security for more details on how we scan for vulnerabilities and common security concerns.

8.51.0

Security Improvement

In this release, we've focused on improving the security of ScriptRunner for Bitbucket by addressing known Common Vulnerabilities and Exposures (CVEs). We want to emphasize that this update doesn't mean your instance was vulnerable to security issues. We're always working to make ScriptRunner as safe as possible, and this update is part of that ongoing effort. Check out our page on Vulnerabilities and Security for more details on how we scan for vulnerabilities and common security concerns.

8.49.0

There are only core component changes in ScriptRunner for Bitbucket 8.49.0, so we do not have any new features or bug fixes to report.

8.48.0

Security Improvement

In this release, we've focused on improving the security of ScriptRunner for Bitbucket by addressing a known Common Vulnerabilities and Exposure (CVE). We want to emphasize that this update doesn't mean your instance was vulnerable to security issues. We're always working to make ScriptRunner as safe as possible, and this update is part of that ongoing effort. Check out our page on Vulnerabilities and Security for more details on how we scan for vulnerabilities and common security concerns.

8.47.0

There are only core component changes in ScriptRunner for Bitbucket 8.47.0, so we do not have any new features or bug fixes to report.

8.46.0

Vulnerability scanner updates

We have updated and added new vulnerability scanners to reduce discrepancies in your vulnerability reports. This is an internal feature and does not require any action from you.

8.45.0

There are only core component changes in ScriptRunner for Bitbucket 8.45.0, so we do not have any new features or bug fixes to report.

8.44.0

There are only core component changes in ScriptRunner for Bitbucket 8.44.0, so we do not have any new features or bug fixes to report.

8.43.0

There are only core component changes in ScriptRunner for Bitbucket 8.43.0, so we do not have any new features or bug fixes to report.

8.42.0

Product update

There are only core component changes in ScriptRunner for Bitbucket 8.42.0, so we do not have any new features or bug fixes to report.

Documentation update: Removal of legacy versions

In the next few weeks, we will be phasing out all 6.x.x and 7.x.x versions of our documentation from public access. While this change is not expected to impact most users, we recommend taking the following actions:

• Review your bookmarks: If you have any saved links to our documentation, please verify that they don’t point to versions that will be removed.
• Update your references: Ensure that you’re using the most current documentation version for your needs.

If you have any concerns, please contact our support team.

8.41.0

Product update

There are only core component changes in ScriptRunner for Bitbucket 8.41.0, so we do not have any new features or bug fixes to report.

Library update: Example scripts have moved to ScriptRunner HQ

Adaptavist Library has been renamed to Example Scripts and all scripts have been moved to their new home on the ScriptRunner HQ website. These example scripts now live alongside the tutorials, case studies and other content designed to help you get the most from ScriptRunner. For more information, check out our blog on this update.

8.40.0

There are only core component changes in ScriptRunner for Bitbucket 8.40.0, so we do not have any new features or bug fixes to report.

8.39.0

Security Improvement

In this release, we've focused on improving the security of ScriptRunner for Bitbucket by addressing a known Common Vulnerabilities and Exposure (CVE). We want to emphasize that this update doesn't mean your instance was vulnerable to security issues. We're always working to make ScriptRunner as safe as possible, and this update is part of that ongoing effort. Check out our page on Vulnerabilities and Security for more details on how we scan for vulnerabilities and common security concerns.

New: In-app feedback

In this release, we have introduced a new feedback system to improve the way we gather user insights. You may encounter notifications linking to surveys, which offer a convenient method to share your thoughts about the product.

The notifications will not appear:

• If you've disabled in-app communications in ScriptRunner.
• If you're using an evaluation license.
• If your instance is isolated from the internet. 

8.38.0

Resources update
We have removed some visibility of passwords within Resources. This change is designed to enhance security by preventing credentials from being viewed by other Bitbucket administrators. 

8.36.0

There are only core component changes in ScriptRunner for Bitbucket 8.36.0, so we do not have any new features or bug fixes to report.

8.35.0

Bugs Fixed

• Setting REST endpoint package to scan to empty value does not work (SRPLAT-1209)
• Restrict File Size Pre Hook can fail while checking binary non-lfs files (Backport for Bitbucket 8) (SRBITB-1407)
• Fix adjustDropdownZIndex() being triggered when the Fragment Locator is disabled (SRBITB-1406)

8.34.0

Switch user vulnerability fixed

We have patched a vulnerability related to the Switch User built in script.

8.33.0

There are only core component changes in ScriptRunner for Bitbucket 8.33.0, so we do not have any new features or bug fixes to report.

8.32.0

There are only core component changes in ScriptRunner for Bitbucket 8.32.0, so we do not have any new features or bug fixes to report.

8.31.0

There are only core component changes in ScriptRunner for Bitbucket 8.31.0, so we do not have any new features or bug fixes to report.

8.30.0

There are only core component changes in ScriptRunner for Bitbucket 8.30.0, so we do not have any new features or bug fixes to report.

8.29.0

There are only core component changes in ScriptRunner for Bitbucket 8.29.0, so we do not have any new features or bug fixes to report.

8.28.0

Bugs Fixed

• Restrict File Size pre-hook logs an exception (SRBITB-1317)

8.27.0

There are only core component changes in ScriptRunner for Bitbucket 8.27.0, so we do not have any new features or bug fixes to report.

8.26.0

Fragments improvements

We have made the following improvements to UI Fragments:

• Updated the UI so fragment locations appear as buttons. Currently, this update only applies to UI Fragments that have related binding information. 

• Added the copy function to fragment locations that appear as buttons. 

New Features

• All Users: Enabled Locator: New Button (SRPLAT-2395)

8.25.0

Fragments improvements

In this release, we have made the following improvements to Fragments:

• Updated the name from Script Fragments to UI Fragments to better reflect its purpose.
• Updated the UI Fragments view page so your UI fragments are easier to recognize and navigate.
• You can now enable/disable the fragment locator from within a fragment. Previously you could only enable/disable the fragment locator from the UI Fragments feature page.
  

New Features

• Rename "Fragments" to "UI Fragments" in SR tabs section (SRPLAT-2415)
• Enable/Disable fragment locator when using Fragments (SRBITB-1300)

Bugs Fixed

• Script Editor layout is broken for Jobs/Listeners/Macros when Expanded and switched from Inline to File (SRPLAT-2379)
• ExecutionError: java.lang.StackOverflowError (SRPLAT-2372)

8.24.0

There are only core component changes in ScriptRunner for Bitbucket 8.24.0, so we do not have any new features or bug fixes to report.

New support portal

Our Adaptavist Support Portal has moved! Please update your bookmarks.

Visit this page for help logging into the portal.

Copy the location path of a variable 

You can now copy the location path of a fragment from the binding information window when the Fragment Locator is turned on.

8.23.0

There are only core component changes in ScriptRunner for Bitbucket 8.23.0, so we do not have any new features or bug fixes to report.

8.22.0

Bugs Fixed

• Repository Size Report allowed to 'Run' multiple times by pressing a button (SRBITB-1306)
• Dynamically add reviewers listener takes one extra update to add mandatory reviewer after PR creation (SRBITB-1304)

8.21.0

Bugs Fixed

• Errors binding events in 'Send Email' Listener (SRPLAT-2382)
• Prevent unauthorised user redirection form our SR switchuser-endsession endpoint (SRPLAT-2366)
• Tolerate CommandFailedException when checking existence of commits (SRBITB-1293)

Script editor refresh

The Example Scripts modal is now accessible on the Script Editor page using the button. In addition, we have moved the Help and Fullscreen buttons so they sit above the code editor for easy accessibility. 

We have also made the type checking dialog more prominent so you can easily see when there is an error with your code. 

8.20.0

There are only core component changes in ScriptRunner for Bitbucket 8.20.0, so we do not have any new features or bug fixes to report.

8.19.0

There are only core component changes in ScriptRunner for Bitbucket 8.19.0, so we do not have any new features or bug fixes to report.

8.18.0

There are only core component changes in ScriptRunner for Bitbucket 8.18.0, so we do not have any new features or bug fixes to report.

8.17.0

New Example scripts modal

The Example scripts modal is your go-to destination for finding basic script examples (formerly snippets) and Library scripts without having to leave the ScriptRunner app. This modal replaces the Show snippet dropdown.

To access this modal, you can select the Example Scripts button in any code editor within ScriptRunner. Learn more about this new modal on the Example Scripts page.

Code editor refresh

In addition to the new Example Scripts modal, we have redesigned the code editor so it's even more user-friendly. We have moved the Help, Expand editor and Fullscreen buttons so they sit above the code editor and are easily accessible. We've also made the type checking dialog more prominent so you can easily see when there is an error with your code. 

8.16.0

There are only core component changes in ScriptRunner for Bitbucket 8.16.0, so we do not have any new features or bug fixes to report.

8.15.0

There are only core component changes in ScriptRunner for Bitbucket 8.15.0, so we do not have any new features or bug fixes to report.

8.14.0

There are only core component changes in ScriptRunner for Bitbucket 8.14.0, so we do not have any new features or bug fixes to report.

8.13.0

There are only core component changes in ScriptRunner for Bitbucket 8.13.0, so we do not have any new features or bug fixes to report.

8.12.0

Bugs Fixed

• Repository and project Admins can update user information of other users (SRBITB-1291)

We have fixed a bug affecting all previous versions of ScriptRunner for Bitbucket that presented a potential security vulnerability. The bug allowed the repository and project administrators to update the user information of other users, specifically in relation to avatars.

8.11.0

There are only core component changes in ScriptRunner for Bitbucket 8.11.0, so we do not have any new features or bug fixes to report.

8.10.0

There are only core component changes in ScriptRunner for Bitbucket 8.10.0, so we do not have any new features or bug fixes to report.

8.9.0

Script plugin bug fixed

We have resolved the known bug that was highlighted in the ScriptRunner for Bitbucket 8.8.0 release, which means that script plugins are working as expected.

UI update for Listeners, Jobs, and Fragments

The Note field has been updated to Name for Listeners, Jobs, and Fragments. It's also been given more prominence on those pages so you can easily identify your configurations.

New Features

• Changes to the Notes field (SRPLAT-2297)
• Fix db issues on RequireValidJiraIssueHookSpec cleanup (SRBITB-1286)
• Clone Repository is not copying the full Branching model (SRBITB-1282)
• Ability to add files when repository gets created (SRBITB-1266)

Bugs Fixed

• Script Plugins do not work in SR 8.8.0 (SRBITB-1285)

8.8.0

Script plugins update

We've done some work on the infrastructure supporting script plugins. As part of this, resources can now be exported and worked on in a script plugin. 

Known bug

Currently, there is a bug that causes script plugins to fail to install or work in ScriptRunner for Bitbucket 8.8.0. If you are using script plugins, you should not upgrade until the fix we are working on is resolved. Other ScriptRunner products are unaffected.

Dynamic forms update

You can use optionsGenerator within the select list annotation to customize your own list options. This is useful if you can't find a dynamic form annotation that is suitable for your purpose.

Bugs Fixed

• @Select annotation should not default to first option (SRPLAT-2310)
• allow @Select annotation to take a closure to generate options (SRPLAT-2309)
• CodeEditor doesn't load because of wrong MIME type (SRPLAT-2116)

8.7.0

Updated: Clone repository built-in script

We have updated the Clone repository built-in script. With this built-in script, you can clone the content of a repository, and/or clone the repository configuration, including permissions, hooks and the branch model. Previously you only had the option to close the repository configuration and not the content.

Having the option to clone the repository configuration and the content is useful when you need to generate new repositories with a consistent structure or setup. You can use any existing repository as a template to quickly and easily create new repositories that adhere to any standards you have in your organization.

New Features

• Optional caching of forks in Trusted Commit Authors hook (SRBITB-1272)
• Template repositories (SRBITB-1260)

8.6.0

New Features

• Get mandatory and default reviewers in a merge check condition (SRBITB-163)

Bugs Fixed

• Ignore flakey test PullRequestParticipantsTimezonesSnippetSpec (SRBITB-1268)

8.5.0

New Built-in Listener

The new Execution Failure Notifier allows you to listen for script execution failures in your instance and to notify you of the failure. Check out the Execution Failure Notifier page for more information.

New Merge Check: Require all comments are resolved

From version 8.9.0, Bitbucket introduced the ability to resolve comments. As is often the case, pull request authors fail to act on feedback provided as comments. This new merge check restricts the merge of a pull request until all the comments on that pull request have been resolved. This helps prevent accidentally missing out on comments and forces the user to act on every comment.

New Features

• Merge Check to block merge until all comments are resolved (SRBITB-1251)

Bugs Fixed

• CodeEditor doesn't load because of wrong MIME type (SRPLAT-2116)

8.4.0

Documentation update

We've added a Vulnerabilities and Security page to our documentation that provides you with details on how we scan for vulnerabilities and common security concerns.  

The new Groovy 4 Breaking Change for Grab Annotations page has also been added, which includes some solutions/fixes. This identifies a breaking change in Groovy 4 that can impact those who use the @Grab annotation to import certain external libraries. 

Bugs Fixed

• Reduce number of files written to classes directory (SRPLAT-2293)
• Empty result set in Local DB connection test return NullPointerException (SRPLAT-2234)

8.3.0

New Features

• Add a section or link to blueprints from PostInstall page (SRBITB-1226)

Bugs Fixed

• SRBITB-1249 Config for 'Check Delete Branch Checkbox' corrupted after upgrade (SRBITB-1249)
• SRBITB-1246 Link to Atlassian docs in Binding information return 404 (SRBITB-1246)
• SRBITB-1244 static type checking and binding information error in Send custom email post hook (SRBITB-1244)

8.2.1

Bugs Fixed

• The 'Script Root' window in Script Editor cannot vertically scroll at version 8.0.0 (SRPLAT-2289)

8.2.0

New Features

• Whitelist more events for repository level event handlers (SRBITB-247)

Bugs Fixed

• Spread operator shows STC errors for varargs methods (SRPLAT-2280)
• New class loaded on each execution of condition scripts configured at a repository or project level (SRBITB-1247)
• Log analyzer reports 'Bitbucket Server hangs right after it starts' (SRBITB-1161)

8.1.0

New Features

• Create snippet for reviewer groups (SRBITB-1234)

Bugs Fixed

• 3.0.1-b10 version of javax.el has CVE (SRPLAT-2282)
• IllegalAccessException within DiagnosticsExecutionHandlerImpl (SRPLAT-2281)
• Remove the errors if the script executes successfully (SRPLAT-2278)
• Allow rest endpoints to handle file uploads (SRPLAT-2274)
• Cannot view EnforceGitWorklfow and BlockChangingProjKeyFromNonAdmins in library (SRBITB-1241)
• [Pre hook] Push is rejected as commit message is case-sensitive (SRBITB-1235)

8.0.0

Groovy 4 update

We have updated ScriptRunner for Bitbucket to Groovy 4!

Our primary motivator for this update is to provide support for JDK 17. Groovy 3 doesn't support JDK 17, and with Jira 9.5.0 and Confluence 8.0 being JDK 17 compatible, an upgrade to Groovy 4 is necessary.

So, apart from JDK 17 compatibility, what comes with this update and how will it benefit you? 

New features in Groovy 4

The following are the most significant new features that have been added in Groovy 4 :

• Switch expressions which, unlike switch statements, are optimised towards branches that handle one case and break out rather than fall through to the next case.
• Sealed types
• Records
• Ranges have been enhanced with support for ranges open on the left, for example, 3<..5, or both sides, for example, 0<..<3
• Support for annotating generic types, for example List<@IntRange(min = 0, max = 10) Integer>

Please have a look at the Groovy 4 Release Notes for a complete list of new features.

Breaking changes in Groovy 4

Groovy 4 contains a number of breaking changes. The ones which are the most significant, and likely to affect ScriptRunner users, are listed below. Please have a look at the Groovy 4 Release Notes for a complete list of breaking changes.

1) Changes to the resolution of properties with both a getter and isser returning different types

For properties that have a getter and an isser returning different types (for example, JiraAuthenticationContext#getLoggedInUser and JiraAuthenticationContext#isLoggedInUser) when accessing the property, instead of calling one of the methods (for example, jiraAuthenticationContext.loggedInUser), the getter is called in Groovy 3 but the isser is called in Groovy 4 - see GROOVY-10821.

Solution

From Groovy 4 if you have custom classes, or are using external classes that implement conflicting isser and getter methods, and you are using the property syntax to get the getter value, you must re-write the logic to use the getter method directly.

For example, this class demonstrates conflicting isser and getter methods:

class GetterIsser {
  String getSomething() { 'yes' }
  boolean isSomething() { false }
}
 
def myClass = new GetterIsser()
 
myClass.something // used to return 'yes', as of Groovy 4 will return false

From Groovy 4, this should be written as:

class GetterIsser {
  String getSomething() { 'yes' }
  boolean isSomething() { false }
}
 
def myClass = new GetterIsser()
 
myClass.getSomething() // will return 'yes'

2) Legacy package removal

Groovy 3 provided duplicate versions of numerous classes (in old and new packages) to allow Groovy users to migrate towards the new JPMS compliant package names - see the section about it in Groovy 3 Release Notes for more details. Groovy 4 no longer provides the duplicate legacy classes.

For backward compatibility reasons ScriptRunner still ships with deprecated version of groovy.util.XmlSlurper and groovy.xml.XmlParser. We recommend you don't use these legacy classes going forward and use their equivalents that can be found in groovy.xml package.

3) Changes related to how Groovy code accesses private fields from within closures

Groovy developers are currently attempting to improve how their code accesses private fields in certain scenarios where such access is expected but problematic. For example, within closure definitions, where subclasses or inner classes are involved (GROOVY-5438). You may notice breakages in Groovy 4 code in such scenarios until they fix this issue.

4) Change to intersect() default Groovy method

intersect() default Groovy method used to draw elements from the second argument passed to it, but now it draws elements from the first argument passed to it - see GROOVY-10275.

JVM Flags
Important notice for Java 17 users

There is currently an omission in the Bitbucket archive that may cause compatibility issues with Java 17. You need to manually add the following JVM flags to avoid these issues:

java
 --add-opens java.base/java.lang.reflect=ALL-UNNAMED
 --add-opens java.base/java.io=ALL-UNNAMED 

See this Resolution in Atlassian’s documentation for an example of how to add a JVM argument. Use this example as a guide to add the JVM flags listed above. 

These flags are required to address module encapsulation introduced in Java 9 and later, which can cause issues when using reflection or accessing certain internal APIs. We are working closely with Atlassian to address this issue in future releases. 

New Features

• Support for JDK 17 (SRPLAT-2179)
• Create a blueprint with the most widely used/recommended scriptrunner features (SRBITB-1224)
• Option to allow pushes when only one commit references a Jira issue (SRBITB-914)

Bugs Fixed

• Marking closing bracket in editor not working (SRPLAT-2267)

• The last couple of lines are not visible when the code editor is in the maximised mode (SRPLAT-2262)