The past week has been a turbulent time for Bitbucket Cloud's engineering and support teams as well as our customers. Some of you have expressed concern regarding our services’ performance and reliability in recent days. Fortunately, for the majority of Bitbucket users, our services have continued to perform smoothly. But given the number of developers who use Bitbucket daily, even a small percentage of our active users represents a lot of people.

It used to be simple: write code, test it locally, deploy to prod, everything runs perfectly forever. Right? Wrong! Software development is messy, and growing more complex every day. Doing DevOps isn't just committing code once it has passed a prescribed set of unit tests on your machine.

This post was written by Michael Knighten, Founder & COO of Sleuth There are some similarities between deploying continuously and driving in the fast lane. When driving, you need to be always on the alert, proactively looking down the road for potential hazards. When you see them, you need to be able to react immediately, hit the brakes, and change course nimbly.

I stepped into the role of Head of Engineering for Bitbucket Cloud in late 2020, having served as one of the team's senior engineering managers for several years. It is an honor and a privilege to lead this team, and I couldn't be prouder of the hard work we've done and continue to do each day to make Bitbucket a world-class product empowering teams to build, test, and deploy software to millions of people around the world. It has been an eventful journey, and the past few weeks are no exception.

While PR analysis within Code Insights and Snyk Pipes are available to use right now, we're rolling out a native Security tab in Bitbucket Cloud. This will be a gradual rollout through the month of May so watch out for it in the left nav. We look forward to your feedback. Even small vulnerabilities can cost a team a lot. All too frequently we see news reports of organisations that mishandled their code & build level security, causing customer data to be exposed.

Bitbucket Cloud’s code review experience is highlighted by the pull request view – a central place to view and discuss proposed changes, create actionable tasks from discussion, and reach a consensus on the changes making their way to your codebase.

Docker v20 was officially released a few months ago, bringing new features that will make your builds faster and more secure. We will be progressively rolling out the new version to Bitbucket Pipelines throughout the month of June 2021.

In 2020, cloud migration sped up by a factor of 24, according to McKinsey. Would you be surprised to learn there were a lot of factors driving that shift? Due to COVID-19, companies needed to go remote fast and securely. They wanted to lift the maintenance burden off overworked IT teams. And, in the face of the year’s worldwide economic uncertainty, motivation to take advantage of cloud’s cost savings was running high.

Allowing steps to skip downloading artifacts has been a highly requested feature from our customers. You can now disable artifact downloading on certain steps that do not require any artifacts, which will allow faster builds and can reduce your costs as a result. Disabling artifact downloads during a step is as easy as switching off a flag. Note that these steps can still produce artifacts to pass down to future steps.

Bitbucket Pipelines now allows you to talk to your favorite third-party applications without an access token or secret. You no longer need to store your secrets in Bitbucket Pipelines. You can generate an OpenID Connect token in Bitbucket Pipelines, and use that to talk to any third-party application that supports OpenID Connect.