DevOps Platform Updates
scanned 18d ago6Latest announcements and changes from GitHub, GitLab, Azure DevOps, Bitbucket, and Atlassian.
GitHub Copilot CLI adds experimental security review command
GitHub shipped an experimental /security-review command in Copilot CLI for AI-driven vulnerability detection directly in terminal workflows. The feature scans local code changes for high-impact vulnerabilities like injection flaws and weak cryptography, providing actionable fixes before code reaches production. This represents GitHub's push to integrate security validation deeper into developer workflows.
GitHub extends security validation to third-party AI agents
GitHub made security validation for third-party coding agents (Claude, OpenAI Codex) generally available, bringing CodeQL scanning, secret detection, and advisory database checks to agent-generated code. This addresses a key security gap as AI-generated code becomes more prevalent in enterprise development workflows.
Microsoft Build 2026 announces Defender-GitHub integration
Microsoft announced Microsoft Defender integration with GitHub Code Security at Build 2026, part of an expanded AI security stack spanning code, agents, and models. The integration includes Agent 365 runtime controls and Purview protections, positioning Microsoft as the control plane for AI development lifecycle governance before enterprise sprawl becomes permanent.
GitLab launches Next Generation Source Code Management
GitLab unveiled a re-vamped Git protocol implementation based on distributed architecture at Transcend 2026, enabling AI agents to complete tasks 50 times faster. The platform optimizes DevOps workflows for the volume of AI-generated code, with distributed processing and storage engines plus limited server-side queries for better performance.
Bitbucket app passwords enter deprecation brownouts
Bitbucket Cloud begins controlled brownouts for app passwords starting June 9, 2026, with full removal scheduled for July 28, 2026. Organizations must migrate to API tokens which offer improved security, expiration controls, and centralized management. The change affects all authentication workflows and CI/CD integrations currently using app passwords.
Atlassian releases May 2026 security bulletin with critical fixes
Atlassian issued its May 19, 2026 security bulletin addressing 39 high-severity vulnerabilities and 3 critical-severity third-party vulnerabilities across Jira, Confluence, and other products. The comprehensive update represents significant security patches affecting both Data Center and Cloud customers, requiring immediate attention for self-managed installations.