KeyTypePriorityStatusSummaryDescriptionAffects versionsFixversionsSCFB-53HighestClosedFixing the vulnerability CVE-2024-57699Please update to the version 5.0.1. Because this version contains the vulnerability CVE-2024-57699. This vulnerability occurs because the library json-smart-2.5.1.jar which was shipped and used in earlier versions. This version contains json-smart-2.5.2.jar.SCFB-51MediumClosedFixing the vulnerability CVE-2023-1370Jira actions are performed with a JSON payload. In this case the libray "net.minidev-json-smart", which is affected by CVE-2023-1370, was used to create this payload. However, the critical functionality had no negative impact on the add-on. Nevertheless, the library was updated. SCFB-47HighestClosedFixing the vulnerability CVE-2021-27568Please update to the version 3.0.5. Because this version contains the vulnerability CVE-2021-27568 . This vulnerability occurs because the library json-smart-1.1.1.jar which is shipped and used with this version. SCFB-42MediumClosedHook is not working if the header option as not been set.If the option "Enable or disable the Jira comment header" is initially not set, the hook runs into a exception case an do not continue the processing of the smart actions.SCFB-41MediumResolvedWorklog will not be createdEven the worklog action is enabled ("Work logs - add work logs to issues"), a worklog will not be created. A worklog will only be created if the option is enabled in combination with a further option ("Time tracking - return the time tracking values")SCFB-39MediumResolvedA reviewer action was not possible together with a pull request creationIn some situations it was not possible to create a pull request and add a reviewer in the same commit message. Example: #pull master #reviewer @tester SCFB-29LowClosedSome general refactorings to improve the performanceThe code has been refactored to improve the general workflow. The results is a more performant way to parse and execute commands.SCFB-28LowClosedNo empty tags and branches are handled by the pluginThe hook does not longer handle empty branches, notes and tags. This will improve the performance is some cases (factor 10)SCFB-27LowClosedImproved the handling of magic keywordsKeywords are now better organized to reduce the traffic to JiraSCFB-14MediumClosedConfusing licensing error message The error message does not contain the plugin name, if no valid license is available.SCFB-6LowResolvedThe keyword @stash is used to create a Pull-Request commentThe plugin has been developed for Stash. Thats the reason, why magic keywords in the commit messages are based on the name @stash. Since the renaming to Bitbucket, the magic comments needs to be renamed also. Both keywords should be supported. Since the version 3.0.0 in addition also @bb is possible to create comments
