Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-11435

Detect and prevent passwords in Bitbucket commits


    • Icon: Suggestion Suggestion
    • Resolution: Fixed
    • 8.3.0, 8.5.0
    • None
    • None
    • 14
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Atlassian status as of Oct 2022

      Hi everyone,

      I'm happy to announce that in Bitbucket Data Center 8.3 we released Secret scanner. It checks commits for secrets after they get into repositories. Secret rules can be configured as regex expressions on global, project and repository level. Scanner also has an allow-list for secrets to help minimize false positive results, and an exempt-list for repositories that don't need scanning. We plan to keep on enhancing Secret scanner in the future to help you get the most out of Bitbucket Data Center.

      You can find more information about Secret scanner in the docs.

      Anton Genkin
      Product Manager - Bitbucket Data Center


      Please implement the the ability to detect and thwart stored passwords in an effort to prevent users from accidentally or on purpose storing passwords in plain text in Bitbucket commits.

            Unassigned Unassigned
            kwall@atlassian.com Kim Wall
            29 Vote for this issue
            12 Start watching this issue