Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-7659

Updated pull requests don't automatically get unapproved

    XMLWordPrintable

Details

    • Bug
    • Resolution: Not a bug
    • High
    • None
    • 3.11.1
    • Pull Requests
    • None

    Description

      Pull requests that were approved, not yet merged, then updated by the developer are not getting automatically unapproved. Merging them merges unapproved changes.

      This results in unapproved code getting into the repository, which is a huge compliance and security hole.

      Example:
      Developer changes file f1 on feature/123, commits it, then pushes and creates pull request
      Senior developer reviews and approves pull request (but it's not yet merged)
      Developer changes file f2 on feature/123, commits it, then pushes again
      Senior developer merges the pull request
      At this point unreviewed and unapproved f2 gets into the system!

      There's an unofficial plugin to address this, and it's unsupported by Atlassian. Pull requests are integral part of Atlassian Stash, and this is a bug that introduces a huge security and compliance issue.

      Attachments

        Issue Links

          is related to

          Suggestion - BSERV-3887 Indicate which pull request approvals are "out of date"

          • Gathering Interest

          Activity

            People

              Unassigned Unassigned
              a7d8cf71caed Pavel Chernikov
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: