Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-9063

As a user, I'd like to know which authenticated user added a commit to a repository in Bitbucket Server

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Duplicate
    • None
    • None
    • None
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      BitBucket should provide information regarding which authenticated user is responsible for each commit being on the server.

      Authentication is not done on the commit author, authentication is done on the push.

      For example, a BitBucket Server git repository "my-git-repo" has a commit with the author reported as "Mickey Mouse". There is no account for "Mickey Mouse" in BitBucket Server. Which authenticated user put that commit on the BitBucket Server?

      We are not looking for push traceability. We are looking for tool integrity concerning accountability in maintenance of company source code.

      Currently, users can create commits as another team member (or any entity with access) and push those commits to the bitbucket server without accountability.

      This poses a risk to customers.

      Increasing log levels and/or tracking IP is not sufficient.

      The ability to add write access keys without being tied to an id should be implemented as well in this regard.

      Attachments

        Issue Links

          duplicates

          Suggestion - BSERV-2642 Push Traceability

          • Closed

          Activity

            People

              Unassigned Unassigned
              nhansberry Nate Hansberry
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: