Support for including default values in custom pipelines has been a highly requested feature. We are happy to announce that this feature is now live. Providing a default value helps avoid errors when you manually trigger a custom pipeline. If you often rely on the same value for certain variables, it can be frustrating to get a failed build when you forget to specify the value or have a typo when providing the value.

As software applications grow in scale and complexity, the surface areas for security vulnerabilities and exploits grow with it. Modern development practices include large amounts of code reuse. First, in the form of language-specific standard libraries such as the C++ STL, the Golang standard library, and Microsoft.NET. Second, in the form of open-source libraries found on places like Github. Much of this code is built using other libraries, introducing a web of dependencies into modern software.

Back in July I published Encountering some turbulence on Bitbucket's journey to a new platform, sharing with the public for the first time that Bitbucket Cloud is in the final stages of a migration from our data center onto Atlassian's cloud platform—the same internal platform underlying Jira Cloud, Confluence Cloud, Statuspage, and many other internal services. I also shared that because of increased file system latency as a result of this platform move, certain operations have become slower.

You've always been able to execute CI/CD workflows via Bitbucket Pipelines using Atlassian's infrastructure. This is the easiest way to use Bitbucket Pipelines because you don't need to host or manage any servers. We host it and manage it for you. But sometimes you need more control of your hardware, software, and the environment your builds are executed into.

The past week has been a turbulent time for Bitbucket Cloud's engineering and support teams as well as our customers. Some of you have expressed concern regarding our services’ performance and reliability in recent days. Fortunately, for the majority of Bitbucket users, our services have continued to perform smoothly. But given the number of developers who use Bitbucket daily, even a small percentage of our active users represents a lot of people.

It used to be simple: write code, test it locally, deploy to prod, everything runs perfectly forever. Right? Wrong! Software development is messy, and growing more complex every day. Doing DevOps isn't just committing code once it has passed a prescribed set of unit tests on your machine.

This post was written by Michael Knighten, Founder & COO of Sleuth There are some similarities between deploying continuously and driving in the fast lane. When driving, you need to be always on the alert, proactively looking down the road for potential hazards. When you see them, you need to be able to react immediately, hit the brakes, and change course nimbly.

I stepped into the role of Head of Engineering for Bitbucket Cloud in late 2020, having served as one of the team's senior engineering managers for several years. It is an honor and a privilege to lead this team, and I couldn't be prouder of the hard work we've done and continue to do each day to make Bitbucket a world-class product empowering teams to build, test, and deploy software to millions of people around the world. It has been an eventful journey, and the past few weeks are no exception.

While PR analysis within Code Insights and Snyk Pipes are available to use right now, we're rolling out a native Security tab in Bitbucket Cloud. This will be a gradual rollout through the month of May so watch out for it in the left nav. We look forward to your feedback. Even small vulnerabilities can cost a team a lot. All too frequently we see news reports of organisations that mishandled their code & build level security, causing customer data to be exposed.

Bitbucket Cloud’s code review experience is highlighted by the pull request view – a central place to view and discuss proposed changes, create actionable tasks from discussion, and reach a consensus on the changes making their way to your codebase.