Jira Service Management 5.11.x リリース ノート

Jira Service Management リリース ノート

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

さらに読む

Jira Service Management 5.11.x のアップグレード ノートで、当該リリースに関する重要な詳細情報をご確認ください。また、解決済みの課題の完全なリストをご確認ください。

互換性のあるアプリケーション

互換性のある Jira アプリケーションをお探しの場合、次のページをご参照ください。


Link multiple Confluence spaces to a single portal DATA CENTER

Enhance your customer service experience and reduce request turnaround times by building a comprehensive knowledge base. Agents and customers can access a wider range of articles for self-service when you link your service project to multiple spaces. Learn how to set up a knowledge base

最新情報

  • Project admins can now link to multiple spaces from the same Confluence instance. To try this, navigate to Project settings > Knowledge base, and select Link space.
    Knowledge base page in Project settings linked to multiple spaces
  • Agents can choose the appropriate space when they create new articles. To try this, navigate to an issue and select the Create an article hyperlink in the Related knowledge base articles section. Note that spaces are available for selection only when you’ve linked your project to more than one space.
    Create an article dialog in the Related knowledge base articles section
  • We’ve also enhanced the knowledge base search and article creation experience. To try this, select Knowledge base from the sidebar.
    Knowledge base search dialog where you can choose a space before creating an article

Get data for any time slice DATA CENTER

Take advantage of the flexible date ranges in the reporting functionality. Project admins and agents can now analyze data for custom time periods by selecting specific date ranges in addition to the preset options. What's more, you are no longer limited to the past year – you can report data for any 12-month period that you need. Learn how to create custom reports

Article effectiveness report with custom date range

アセットの新しいエディター

We’re updating the editor in Assets to create a modern and consistent experience that aligns with the editor in the rest of the Jira Service Management UI. The updates also allow you to consistently apply text color and format text as code. We have rolled out these changes to object comments and the post-function email templates. To check out the new editor, add a comment to an object or create a new post-function email template.

Updated editor in object comments

カスタマー ページの検索エクスペリエンスを改善

We’ve improved the search experience on the Customers page and made the messaging displayed during search request timeouts clearer. In the current experience, the messaging indicates that there are no customers added to the project, which isn’t accurate. In the new experience, project admins will be directed to refine their search criteria and the search bar will be available for retrying.

Confluence ユーザーのアセット情報への読み取り専用アクセス

Improved security to Assets data with a strengthened access pattern. Unlicensed users can now access Assets data only when authorized through application links. With this change, Confluence users will have view-only access to Assets data through the Assets - Confluence Macro app without the need for a Jira Service Management license.

Performance improvements to the AQL connectedTickets() method

Advanced Query Language (AQL) searches that contain additional arguments in the connectedTickets() method consume a large amount of memory and impact performance for larger instances. We’ve tackled this issue and the fix increases the efficiency of such searches and enhances the stability of your Jira instance. We also recommend that you optimize AQL queries for faster searches. Learn how to optimize AQL queries 

Accessibility fixes for low-vision and keyboard-only users DATA CENTER

We’re bringing more accessibility updates for screen reader and keyboard-only users. The highlights of this release include improved announcements for help center errors, column headers when you switch between them, and the Activity section in issues. We’ve also improved the experience of reaching the show-and-hide toolbar element.

解決された問題の全リストをご確認ください。

Upgrade to version 2.0.0 of Assets - NVD Integration

National Vulnerability Database (NVD) are decommissioning the current API (1.0) used in the Assets -NVD Integration app. Assets - NVD Integration Versions 1.3.12 and earlier will not be able to import data into Assets after the API has been decommissioned.

We’ve integrated the new API (2.0) from NVD so Assets can continue to import data into Jira Service Management. Upgrade to version 2.0.0 of Assets - NVD Integration. Learn how to update your import configuration

次の機能は Jira プラットフォームのものです。つまり、Jira Software と Jira Service Managementで利用できます。

Jira automation 9.0 release

Along with Jira Service Management 5.11, we’re releasing Jira automation 9.0 – an upgrade to the Automation for Jira app. Jira automation 9.0 comes with security improvements and introduces two new actions to automation rules — Lookup issues and Create variable. This version is compatible with the following Jira applications:

  • Jira Software Data Center 8.20.0 以降
  • Jira Service Management 4.20.0 以降

New actions added to Jira automation DATA CENTER

Manage your work in Jira more efficiently by using two new actions added to Jira automation 9.0:

  • Lookup issues to query for issues and aggregate results for use in other actions.
  • Create variable to store text values or other smart values and use them in other actions.

Learn more about Jira automation actions and how to use them

Lookup issues action

This action allows you to search for issues based on a JQL query and store their data in the smart value {{lookupIssues}}. This value acts like a list so it’ll work with other values of the same format.

Learn more about using smart values in the following guides:

既定では、JQL クエリで取得できる課題の最大数は 100 に設定されています。次の値を使用すると、グローバル設定で課題リストの制限を変更できます。

  • 1 から始まる任意の整数を追加します。
  • Enter “-1” to remove the limit. Consider that this might potentially lead to performance issues.

  1. Global configuration options in Jira automation
  2. 課題のルックアップ アクションで JQL がクエリする課題の制限を設定

Learn how to configure the issue results limit

Create variable action

This action allows you to store the content of a smart value inside a variable, which will be available within the entire scope of the rule, including inside branches.

For example, you can create a variable called storypoints, which is accessed in the rule by using the syntax {{storypoints}}.

Consider that the variable name can only contain alphabetical characters. If this condition isn't met, the app will return the error “Value can only be alphabetic characters” when you try to save the action.

Masking secret keys in your automation rules DATA CENTER

We realize how important it is to establish a secure and uncompromised connection with an external app, like Microsoft Teams or Slack. In Jira automation 9.0, we’ve started masking secret keys and URLs that you use in notification actions for automation rules to connect to external services.

影響を受ける通知アクション
  • Hipchat メッセージを送信する
  • Microsoft Teams のメッセージを送信する
  • Stride メッセージを送信する
  • Twilio に通知を送信
  • Slack に通知を送信
  • Web リクエストを送信

With secret key masking, we’re providing a reliable solution for security concerns and safe data reuse across your instance:

  • The masking mechanism ensures that the values of secret keys in automation rules aren’t visible to any user. When viewing a secret key or selecting it from a list, you’ll see the name of the secret key, but not the value.
  • You now have one place – the Secret keys panel – where you can create, edit, and remove secret keys according to your role.
  • Based on its scope, you can reuse a secret key across multiple projects without the risk of disclosure.

To view secret keys or create a new one:

  1. 画面右上で [管理] > [システム] の順に選択します。
  2. 左側のパネルで [Automation rules (自動化ルール)] を選択します。
  3. ミートボール メニューで [シークレット キーを管理] を選択します。
    シークレット キーを管理
  4. 新しいシークレット キーを作成するには、[新しいシークレット] を選択します。
  5. Fill in the fields and select Add. Note that if you’re a project admin, you can select only the Single project scope for your secret key. If you’re a system admin, you can select the Single project, Multiple Projects, or All projects scope.

Learn more about secret key masking

Allowlist in Jira automation is now enabled by default INCLUDES BREAKING CHANGES

This change might break currently configured rules if the provided URLs aren’t allowlisted.

Jira system administrators can fix broken rules by adding the URLs to the allowlist or disabling allowlist verification. We don’t recommend disabling the feature as it can pose a security risk.

Learn more about checking URLs against the Jira allowlist

To strengthen the security in Jira automation and enhance the protection against Server-Side Request Forgery (SSRF) attacks, we’re changing the way Jira handles external requests by enabling Jira allowlist by default. In Jira automation, the allowlist for sending outbound HTTP requests is always enabled in the Global configuration menu.

How this affects your automation rules

You can’t publish a rule if the URL you are requesting isn’t present in Jira's allowlist.

Automation rules that no longer work after this change can still be marked as successfully executed in the UI. To check if the rule was triggered and view its final result, inspect the audit log — if the rule doesn’t work due to allowlisting changes, you’ll see an execution error. Learn more about the audit log

If a rule is currently disabled, you won’t be able to make it active and will see the “Error 404: file not found” in the web console. Adding the requested URL to the allowlist will fix the error.

The information about allowlist settings is stored in the Application properties table on the System info page. To access the settings, go to Administration > System > System info.

Learn more about advanced Jira configuration

プロジェクトへのアクセス権を持つユーザーのみから課題ウォッチャーを選択

Have you ever added a user to watch an issue without knowing if they have access to your project? The user picker for the Watchers field listed all available users and responded with an error if you selected a user without project access.

We've addressed this scenario by configuring a background filter that sorts out users without access to a specific project from the list of potential issue watchers. Therefore, confidential information won’t be disclosed in email notifications to users who shouldn't view the project.

Now, when adding a watcher to an issue, you’re selecting only from users who have the Browse projects permission in the project the issue belongs to. Other users won’t be listed in the Add watchers dialog.

If you enter the name of the user who can’t view the issue, the dialog will display the “No matches“ message.

No allowed watchers with the name you enter

廃止されたテキスト ガジェットに代わるリッチ テキスト ガジェットを導入

We’re deprecating the Text gadget for dashboards and introducing the Rich Text gadget instead. The Rich Text gadget uses the rich text editor instead of the plaintext area in edit mode. The new gadget eliminates a potential security risk posed by a possible arbitrary HTML that the Text gadget might contain.

The rich text editor at the core of the Rich Text gadget

The input in the gadget

The output of the rich text editor usage

The view of the output in the gadget

Feature improvement: project shortcuts can now be reordered DATA CENTER

Keep project shortcuts better organized as we add the ability to rearrange them in the project sidebar. You can now make the frequently used links appear first in the list, or group them together to keep all related info in one spot:

  • rearrange the shortcuts by dragging and dropping
  • change shortcut positioning in the list by using the Move up and Move down buttons

Learn more about managing project shortcuts

サポート zip 作成の改善

In this release, we’ve revamped the process of creating a support zip in the Atlassian Troubleshooting and Support Tools (ATST) app. The Create a support zip page got a new design and enhanced functionality:

  • Users are now able to pick one of four file size limitation options (25/100/500 MB per file)
  • Added an option to select logs based on the last file modification date: any time, today, or in the past 3/5/10 days
  • The default maximum file size is now 100 MB per file
  • Added new API parameters to support File modification date and Maximum file size options
  • After creating a zip, the customization preferences are saved and shared across the instance

  1. Verify the contents of your zip file
  2. Customize the contents of your zip file
  3. Create a new support zip on this node

Learn more about creating a support zip


Store attachments more efficiently in the S3 object storage DATA CENTER INCLUDES BREAKING CHANGES

This feature is currently available behind the feature flag com.atlassian.jira.attachments.storage.configurable. When enabled, it introduces breaking changes to the API and might also break some Jira apps. Check what’s changed in the API

Make sure that you properly test the feature before enabling it in your production environment. Learn how to enable dark features in Jira

If you’re using Jira Service Management 5.11.0 and running your application in AWS, you can store attachments in Amazon S3 object storage. This doesn’t apply to Asset object attachments in Jira Service Management as they’ll still be stored in Jira shared home directory.

S3 object storage offers an enhanced enterprise experience compared to the Network File System (NFS), especially for customers with large or growing data storage needs. Learn more about configuring Amazon S3 object storage

You can also store attachments in a third-party object store that exposes an S3-compatible API. However, we’re not providing direct support for attachments that are stored in an object store other than Amazon S3.

Changes to the API

Some Jira APIs aren't compatible with the introduced S3 object storage method as they expose filesystem-specific concepts such as java.io.File.

Some apps still use these incompatible APIs and may not function correctly when attachments are stored in S3. Ensure you test the apps on your instance before enabling this feature.

 These APIs have been deprecated since Jira 5.7 or earlier, and most of them have alternatives documented in the Javadocs:

The following API classes may not function correctly from Jira 5.11 for instances that have configured their attachments to be stored in S3.

Expand to view API classes incompatible with attachments stored in S3

クラス

Reason for incompatibility

代替手段

com.atlassian.jira.config.util.AttachmentPathManager

Exposes the path attachments are stored at.

The contents of this path may be migrated to S3 and therefore would become inaccessible via this class.

Use the com.atlassian.jira.issue.AttachmentManager directly.

If your app needs to store data unrelated to Jira attachments use <dataDirectory>/<your-plugin-key> where <dataDirectory> is the directory returned by com.atlassian.jira.config.util.JiraHome#getDataDirectory().

com.atlassian.jira.util.AttachmentUtils

Returns java.io.Files for attachments and thumbnails that are filesystem specific and allow bypassing AttachmentManager.

Instead of accessing attachment or thumbnail files directly, use com.atlassian.jira.issue.AttachmentManager or com.atlassian.jira.issue.thumbnail.ThumbnailManager to create, delete, or stream their content.

How S3 object storage is configured in Jira

S3 object storage is configured in the filestore-config.xml file that should be located in Jira <localhome>. To use S3 as a target location for attachments, the filestore attribute in the filestore-config.xml must match the s3-filestore id.

Example filestore-config.xml file configured to use S3 object storage
<?xml version="1.1" ?>
<filestore-config>
  <filestores>
    <s3-filestore id="attachmentBucket">
      <config>
        <bucket-name>jira-bucket</bucket-name>
        <region>us-east-1</region>
      </config>
    </s3-filestore>
  </filestores>
  <associations>
    <association target="attachments" file-store="attachmentBucket" />
  </associations>
</filestore-config>

If you’re already using Amazon S3 to store avatars

If you already have S3 object storage configured and want to keep attachments in the same bucket as avatars, the filestore attribute should point to the same bucket where avatars are located.

Example filestore-config.xml for storing both avatars and attachments in S3, in the same bucket
<?xml version="1.1" ?>
<filestore-config>
  <filestores>
    <s3-filestore id="jiraBucket">
      <config>
        <bucket-name>jira-bucket</bucket-name>
        <region>us-east-1</region>
      </config>
    </s3-filestore>
  </filestores>
  <associations>
    <association target="avatars" file-store="jiraBucket" />
    <association target="attachments" file-store="jiraBucket" />
  </associations>
</filestore-config>

To use separate buckets for attachments and avatars, define multiple <s3-filestore> elements and reference each of them in the respective association targets.

Example filestore-config.xml for storing both avatars and attachments in S3, in separate buckets
<?xml version="1.1" ?>
<filestore-config>
  <filestores>
    <s3-filestore id="avatarBucket">
      <config>
        <bucket-name>jira-avatar-bucket</bucket-name>
        <region>us-east-1</region>
      </config>
    </s3-filestore>
    <s3-filestore id="attachmentBucket">
      <config>
        <bucket-name>jira-attachment-bucket</bucket-name>
        <region>us-east-1</region>
      </config>
    </s3-filestore>
  </filestores>
  <associations>
    <association target="avatars" file-store="avatarBucket" />
    <association target="attachments" file-store="attachmentBucket" />
  </associations>
</filestore-config>


Project permissions get extended configuration DATA CENTER

After this update, some users might not see every person that was previously displayed in Assignee, Reporter, and user mentions.

If you don’t want to have this update immediately and need to adjust the project permissions first, disable this feature flag: com.atlassian.jira.ignoreBrowseUsersPermissionsInUserPickers. To use the updated functionality, just enable the flag again.

Jira でダーク機能を管理する方法を確認

To enhance the privacy and security of your project information, we’re making changes to the project permissions that’ll give your more granular control over the level of data displayed to users.

You can now set up more “contextual” browsing within the project by defining user visibility in mentions, Assignee, and Reporter pickers. This lets you disclose the key information needed to complete a task, without giving users full permissions in the project.

What has changed

We no longer check the Browse users permission for User mentions (@user) as well as Assignee and Reporter pickers. Instead, we validate the following permissions of a user that's interacting with the pickers or wants to mention someone:

  • Assign issues for Assignee. This picker will now show all users that have the Assignable user permission in the project.
  • Modify reporter for Reporter.
  • Browse projects for User mentions.

Based on these permissions, we define whom the user will see in these pickers and mentions.

The pickers and mentions will also work for anonymous users if those users have proper access to the project. For bulk edit operations that include issues from multiple projects, only users that have appropriate permissions to all of these projects will be displayed.

Learn more about project permissions and how to configure them


解決済みの課題

最終更新日 2023 年 8 月 31 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.