Atlassian has launched a new control feature in Bitbucket Cloud that allows workspace administrators to restrict the forking of private repositories outside their workspace, addressing growing concerns about code security in cloud environments.
- Admins can prevent private repo forks outside their workspace
- Public repositories remain forkable to support collaboration
- Feature part of broader 2025-2026 security improvements
What happened
Atlassian introduced a new setting for Bitbucket Cloud that gives workspace administrators the ability to forbid forking of private repositories to external workspaces. Previously, users could fork repositories into any workspace, which raised security concerns for organizations wanting to keep code within their control. By enabling this setting, admins can ensure that private code stays contained within their designated workspace.
This change reflects Bitbucket’s ongoing investment in workspace privacy and security. The feature is accessible through workspace settings where admins simply toggle the option to disallow forks of private content outside the workspace. Importantly, this restriction does not apply to public repositories, which remain open for external forks to promote collaboration.
Why it matters
Code forking is a common practice to enable parallel development and experimentation, but when private repositories can be forked outside the organization's control, sensitive intellectual property may be exposed or leaked unintentionally. By curtailing this, Bitbucket Cloud helps organizations better safeguard their proprietary code against unauthorized distribution and potential misuse.
This enhancement aligns with Bitbucket’s broader strategy emphasizing security and privacy at the workspace and project levels. It also supports the needs of enterprise customers on Premium plans, who require stricter governance over how code assets are shared and maintained remotely amid increasingly complex compliance landscapes.
What to watch next
Looking ahead, Bitbucket plans to continue evolving its cloud platform priorities by focusing on scalability, resiliency, and data residency initiatives. The company announced upcoming data residency options starting with the European Union by December 2026 and India by June 2027, which will address regulatory requirements tied to data localization.
Additionally, further refinement of merge and branch restriction features will support large organizations managing extensive repositories. As enterprises demand tighter controls and integration with AI-driven development workflows, Bitbucket’s roadmap suggests ongoing enhancements that balance openness with enterprise-grade security and compliance.