I'm seeing unknown users checking in code to PRIVATE repositories. I found out who they are by reviewing it with my teams, but the system should automatically disallow this from happening. If a repository is PRIVATE, it should ONLY allow access to the people that have permissions to access it. That includes doing any management on it.
The issue here is that people who currently have access to this repository are committing with incorrect e-mail aliases. See: https://confluence.atlassian.com/bitbucket/set-your-username-for-bitbucket-cloud-actions-272597445.html
If they have an unknown e-mail set in their .gitconfig file, then it will show up as "Unknown" under Bitbucket, as it does not match their primary e-mail on Bitbucket. Once they fix this, their subsequent commits will show up under their correct user account.
They can also set their Email alias under *Bitbucket Settings*, so it can attribute to incorrect commits to the correct user.
There is no way to disallow this from happening, but I've created a feature request: https://bitbucket.org/site/master/issues/14663/create-flag-to-prevent-unknown-committers
Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs