DevOps Platform Updates
scanned 27d ago8Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
GitHub AI-Powered Security Detections Public Preview
GitHub introduces AI-powered security detections in GitHub Code Security to expand application security coverage across more languages and frameworks. These detections complement CodeQL by surfacing potential vulnerabilities in areas difficult to support with traditional static analysis, including Shell/Bash, Dockerfiles, Terraform configurations, and PHP. Internal testing showed 80% positive developer feedback.
GitHub Actions 2026 Security Roadmap Released
GitHub published its comprehensive security roadmap for Actions, focusing on secure-by-default automation with dependency locking, centralized policy controls, and CI/CD observability. The roadmap addresses software supply chain attacks and introduces workflows with dependencies sections that lock direct and transitive dependencies with commit SHA, similar to Go's go.mod + go.sum.
Microsoft Build 2026: GitHub Copilot App and AI Security
Microsoft announced the GitHub Copilot app in preview, bringing agentic workflows to a native desktop experience. Azure DevOps gains Copilot Code Review capabilities and enhanced security features through GitHub Advanced Security integration. Microsoft emphasized AI security with multi-model agentic scanning and automated remediation agents.
Atlassian Connect Platform End-of-Support Warnings
Atlassian began rolling out in-product warnings for apps built on the Connect framework to prepare for its end-of-support in December 2026. These notifications appear in Jira, Confluence, and Atlassian Administration to help organizations identify affected apps and plan migration to Forge. Rate limits for Forge Realtime will be enforced starting June 26, 2026.
DevOps Security Threats Report Shows 68 AI-Related Incidents
The 2026 DevOps Threats Report revealed 68 AI-related incidents across popular DevOps platforms in 2025, including malicious prompt injections, remote code execution, and credential leaks. More than half of all patched vulnerabilities in 2025 were of critical and high severity. Supply chain attacks through CI/CD pipelines and long-lived tokens are increasing.
Atlassian Intelligence GA and Forge LLMs Billing
Atlassian Intelligence became generally available to all Premium and Enterprise customers. Forge LLM usage transitioned to paid billing starting June 1, 2026, with organizations requiring active billing details to continue using AI features. New capabilities include AI-powered automation and enhanced Confluence content linking.
Atlassian Security Bulletin: 39 High-Severity Vulnerabilities
Atlassian released security bulletin addressing 39 high-severity vulnerabilities and 3 critical-severity third-party vulnerabilities fixed in recent product updates. The bulletin covers Jira, Confluence, and related products with patches available in latest versions as of May 19, 2026.
GitLab 19.0 Released with Secrets Manager
GitLab released version 19.0 on May 21, 2026, featuring integrated CI/CD credentials management with Secrets Manager. The release focuses on reducing manual work around code, merge requests, credentials, and pipeline components. GitLab continues its monthly release cadence with enhanced DevSecOps capabilities.