Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-9063

As a user, I'd like to know which authenticated user added a commit to a repository in Bitbucket Server

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Duplicate
    • None
    • None
    • None
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      BitBucket should provide information regarding which authenticated user is responsible for each commit being on the server.

      Authentication is not done on the commit author, authentication is done on the push.

      For example, a BitBucket Server git repository "my-git-repo" has a commit with the author reported as "Mickey Mouse". There is no account for "Mickey Mouse" in BitBucket Server. Which authenticated user put that commit on the BitBucket Server?

      We are not looking for push traceability. We are looking for tool integrity concerning accountability in maintenance of company source code.

      Currently, users can create commits as another team member (or any entity with access) and push those commits to the bitbucket server without accountability.

      This poses a risk to customers.

      Increasing log levels and/or tracking IP is not sufficient.

      The ability to add write access keys without being tied to an id should be implemented as well in this regard.

            [BSERV-9063] As a user, I'd like to know which authenticated user added a commit to a repository in Bitbucket Server

            Bryan Turner (Inactive) added a comment -

            Providing "information regarding which authenticated user is responsible for each commit being on the server" is the definition of push traceability. Saying "We are not looking for push traceability" is simply not accurate. That's exactly what this is asking for, just using different words.

            Best regards,
            Bryan Turner
            Atlassian Bitbucket

            Bryan Turner (Inactive) added a comment - Providing "information regarding which authenticated user is responsible for each commit being on the server" is the definition of push traceability. Saying "We are not looking for push traceability" is simply not accurate. That's exactly what this is asking for, just using different words. Best regards, Bryan Turner Atlassian Bitbucket

              Unassigned Unassigned
              nhansberry Nate Hansberry
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: