Details
-
Suggestion
-
Resolution: Fixed
-
2
-
Description
Good news! In Bitbucket Data Center 7.0 we added Advanced Auditing feature which helps admins and security teams to have a global view on auditing events. Pull request comment events are also audited if you set Level of coverage -> End user activity -> Full.
You can find more information in the Bitbucket Server 7.0 release notes and Advanced Auditing documentation.
Anton Genkin
Product Manager Bitbucket Server
Original message
My company works within the regulated space, and we have observed that comments can be deleted from Bitbucket Pull Requests possibly losing important documentary evidence. Besides having the ability to disable the deletion of comments as per related issue BSERV-8513 it would be highly desirable for Pull Request comment lifecyle events to be logged.
Having reviewed https://confluence.atlassian.com/bitbucketserver/audit-events-in-bitbucket-server-776640423.html that lists the events logged by Bitbucket Server for a Pull Request there is currently nothing there relating to the logging of events relating to comments. At my company we believe that there should be.
| PullRequestEvent | Fired at different points in the pull request lifecycle (declined, merged, opened, reopened, rescoped [code updated], updated, approved, unapproved, participants updated). |
The reasoning here, is that Pull Request evidence can help show the design reasoning behind how an implementation took shape. It is important evidence, it should be considered a potential quality record, just like a Jira issue is and this is why we need similar full logging for pull requests and their comments.