Over the last few weeks, we've been highlighting our integrations with Atlassian, which bring open source governance insights into your favorite Atlassian tools. We have integrations for planning and building applications. We wanted to save our newest integration into developer tooling for last: Bitbucket Code Insights.
According to Atlassian, "Code Insights in Bitbucket Cloud lets you bring the best DevOps scanning, testing and analysis tools into your code review process."
Using Sonatype Lifecycle and Bitbucket Server or Cloud, developers experience better code reviews and bring open source component security and license information into your pull requests. Developers can see all the details needed to remediate any policy issues on their branch, and fix violations quickly. They can even drill down to the specific line(s) of code that introduced the violation, with instructions on how to fix them. No need to switch applications. No need to slow down the process. No need to fail builds, or return to this a week later because of a security report. This kind of information accelerates feedback loops for Bitbucket users that are critical to successful DevSecOps practices.
As a developer, you can:
Check out this video to see how our integrations with Jira Software, Bamboo, and Bitbucket work holistically to keep your application secure at every stage in the SDLC.
Want a more in-depth look into all of our integrations with Atlassian? Learn more about how we help development organizations deliver higher quality applications faster.