DevOps Pulse

Three platform breaking changes land this week — Bitbucket kills OAuth 1.0 on March 14

Azure DevOps blocks Global PAT creation on March 15, and GitHub enforces minimum runner versions on March 16 — any of which could break integration pipelines if not already mitigated. GitProtect 2.1.0 added granular Jira Cloud backup and Azure DevOps Artifacts support, directly expanding into Veeam's target DevOps protection market, while Veeam was excluded from IDC's SaaS Data Protection MarketScape for insufficient SaaS-app breadth. A convergent pattern spans all sections: competitors (Rubrik, Druva, Commvault) are shipping agentic AI features for backup operations while Datadog and Cisco reports confirm CI/CD pipelines and AI agents are the fastest-growing attack surfaces — validating DevOps backup as an urgent product category. The PM team should prioritize verifying all integrations survive this week's triple deprecation wave, formulating a competitive response to GitProtect's Jira and Azure DevOps Artifacts coverage, and accelerating an agentic AI roadmap for Data Command Center.

Signals
32
Sections
5/5
Threats
9
Fresh
0
Updated
112d ago

DevOps Platform Updates

scanned 112d ago7

Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.

Azure DevOps Retiring Global Personal Access Tokens

Azure DevOps Sprint 270 announces the retirement of Global PATs to strengthen security. Creation and regeneration of global PATs will be blocked on March 15, 2026, with full decommissioning on December 1, 2026. Teams using global PATs for integrations must transition to organization-scoped PATs or Microsoft Entra-based authentication.

azure-devopsMicrosoft Learn — Azure DevOps Release Notes·6 Mar

GitHub Actions Self-Hosted Runner Version Enforcement March 16

GitHub will permanently block registration of self-hosted runners below v2.329.0 starting March 16, 2026. Brownout testing ran through early March. Organizations running Actions on self-hosted infrastructure must update all runners and container images before the deadline or face broken CI/CD pipelines.

githubGitHub Changelog·7 Mar

GitHub Secret Scanning Adds 28 New Detectors

GitHub's March 2026 secret scanning update adds 28 new secret detectors from 15 providers including Snowflake, Vercel, and Supabase. Additionally, 39 detectors now have push protection enabled by default, covering Airtable, Databricks, Heroku, and Shopify. This expands the coverage surface for credential leak prevention.

githubGitHub Changelog·10 Mar

Bitbucket Cloud OAuth 1.0 Removal Completes March 14

Bitbucket Cloud's deprecation of OAuth 1.0 and implicit grant flows reaches final enforcement on March 14, 2026. After brownouts running since late February, all OAuth 1.0 access token requests will return HTTP 400 and existing tokens will return HTTP 401. Integrations must migrate to OAuth 2.0 immediately.

bitbucketBitbucket Cloud Changelog·7 Mar

Azure DevOps Adds Push Protection Bypass Audit Logging

Sprint 270 introduces audit log entries when developers bypass push protection to commit detected secrets. Logs capture the repository, secret type, and bypassing user identity. This gives security teams a complete audit trail of secret push protection overrides for incident investigation and policy enforcement.

azure-devopsMicrosoft Learn — GitHub Advanced Security for Azure DevOps·6 Mar

Atlassian Enforcing Points-Based API Rate Limits for Jira and Confluence

Effective March 2, 2026, Atlassian began phased enforcement of points-based quota rate limits for Jira and Confluence Cloud REST APIs. The rollout starts with a small percentage of apps and expands over several weeks. API consumers should adopt new unified rate-limit headers and adjust request patterns to avoid throttling.

jiraJira Cloud Platform Changelog·2 Mar

GitHub Customer Terms Deprecated for Generative AI Terms

As of March 5, 2026, GitHub customer terms are deprecated and new subscriptions will be governed by the GitHub Generative AI Services Terms. This signals a formal restructuring of GitHub's legal framework around AI-powered features like Copilot, affecting enterprise procurement and compliance reviews.

githubGitHub Customer Terms Updates·5 Mar