In February 2022, we extended the Data Center App Approval process and introduced a mandatory review of security vulnerabilities for all Data Center apps. We also announced that starting from April 2022 we’ll track vulnerabilities in the Atlassian Marketplace Security Jira project.
Today we are announcing some revisions to these plans.
What is the impact?
Since February 2022, all submissions for Data Center App Approval require a security scan report free of critical- and high-severity vulnerabilities in the libraries bundled with an app. This requirement doesn’t change.
We were also planning to track vulnerabilities in the Atlassian Marketplace Security Jira project starting from April 2022. We decided to postpone this initiative. We’ll release a separate announcement once we are ready for the rollout of this integration.
Take a look at the changes in the Data Center App Approval process. For more technical details, see Security Scanner for DC Apps documentation.
We’ll be monitoring this thread to answer your questions.