DevOps Platform Updates
scanned 44d ago5Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
GitHub AI-Powered Bug Detection Expands Security Coverage
GitHub adopts AI-based scanning for Code Security tool to expand vulnerability detection beyond CodeQL static analysis. The AI system processed over 170,000 findings in 30 days with 80% positive developer feedback, targeting Shell/Bash, Dockerfiles, Terraform, PHP and other ecosystems previously uncovered.
GitLab Agentic SAST Vulnerability Resolution Generally Available
GitLab 18.11 introduces Agentic SAST Vulnerability Resolution using iterative reasoning to analyze vulnerability context, generate fixes, and provide confidence scoring. The AI-driven feature includes autonomous remediation capabilities and foundational agents for CI and analytics workflows.
GitLab Security Update Fixes CVE-2026-5173 Websocket Vulnerability
GitLab releases critical security update addressing CVE-2026-5173 (CVSS 8.5) affecting websocket connections, allowing authenticated attackers to bypass access controls. The patch resolves twelve vulnerabilities total, including multiple denial-of-service issues across versions 18.10.3, 18.9.5, and 18.8.9.
Azure DevOps Bitbucket API Deprecation Causes Integration Issues
Microsoft Azure DevOps experiencing integration failures with Bitbucket due to deprecated API usage (CHANGE-2770). Azure DevOps team investigating and deployed hotfix for App Service Bitbucket integration on April 8, though broader pipeline impacts remain unresolved.
Atlassian Data Contribution Policy Changes for AI Training
Atlassian announces revised data contribution policy effective August 17, 2026, using customer metadata and application content from Jira and Confluence to train AI models. Enterprise customers can opt out, but Free/Standard/Premium users cannot opt out of metadata contribution, affecting approximately 300,000 clients.