-
Type:
Suggestion
-
Resolution: Unresolved
-
Component/s: Workspace - Security
-
None
-
1
Currently, Bitbucket Cloud allows read-only access to public repositories and certain metadata without authentication. While workspaces can be set to private, any repository within that workspace that is set to "Public" remains accessible to anonymous requests.
For organizations with strict security and compliance requirements, the existence of any unauthenticated entry point is a risk. Customers need a way to ensure that no data, including repository metadata, commit history, or source code, can be retrieved without a valid Atlassian account and appropriate permissions, regardless of individual repository settings.