What’s new in Eficode ROOT: January 2025

The latest version of Bitbucket 8.19.13 LTS, brings enhanced stability and improved performance to your repositories. This release also addresses key bug fixes to ensure smoother collaboration and reduced downtime.

Audit logs

Every audit log stream runs a daily health check automatically. Enterprise owners receive an email notification if a stream is misconfigured, ensuring issues are promptly identified and resolved. This proactive approach keeps your audit logs reliable and helps you stay on top of critical activity tracking.

Push protection customization

Users can now configure which teams or roles have permission to bypass push protection. This functionality is currently available as a public beta and may change in the future. Learn more here.

Enhanced secret scanning

Secret scanning now identifies leaked secrets in discussions, as well as in pull request titles, descriptions, and comments. This feature is also in public beta and is subject to updates. Learn more here.

Blocking secret uploads

When push protection is enabled, secret scanning prevents contributors from uploading files containing detected secrets to a repository. This feature remains in public beta and may evolve over time.

Audit log integration

Audit log events are generated whenever non-provider secret scanning patterns are enabled or disabled at the repository, organization, or Enterprise level, ensuring administrators have full visibility into configuration changes.

Code scanning merge protection

Users can now create dedicated code scanning rules to block pull request merges, eliminating the need to rely solely on status checks. This feature is currently in public beta and may change as it evolves. Learn more here.

CodeQL scanning for Java projects

CodeQL now supports scanning Java projects without requiring a build. This feature is currently in public beta and may change as it develops.

Updated CodeQL CLI

This release includes CodeQL CLI version 2.17.6, which is used in the CodeQL action for code scanning. Notable improvements compared to the version bundled with GitHub Enterprise Server 3.13 include:

• Support for Java 22, Swift 5.10, TS 5.4, and C# 12.
• New queries for C/C++, Go, Java, and Ruby:
  • cpp/type-confusion: Detects casts to invalid types.
  • cpp/iterator-to-expired-container: Detects the creation of iterators owned by temporary objects that are about to be destroyed.
  • go/uncontrolled-allocation-size: Detects slice memory allocation with excessive size value.
  • java/unvalidated-url-forward: Prevents information disclosure caused by unsafe URL construction.
  • rb/insecure-mass-assignment: Detects instances of mass assignment operations accepting arbitrary parameters.
  • rb/csrf-protection-not-enabled: Detects cases where Cross Site Request Forgery (CSRF) protection is not enabled in Ruby on Rails controllers.

Dependabot Enhancements

Users can now streamline Dependabot pull requests by enabling grouped security updates for related dependencies within the same package ecosystem. Learn more here.

Dependabot now supports Cargo private registries, enabling updates for Rust dependencies from private sources. Learn more here.

Private registry configurations specified in the dependabot.yml file now behave as expected, even when a target-branch is defined. This ensures security updates are applied correctly, regardless of the repository's configuration. Learn more here.

In the dependabot.yml file, users can apply the same configuration to manifest files across multiple directories using the directories key. Support includes direct strings, glob syntax, and wildcards (*) for efficient targeting. Learn more here

Security overview (Enterprise)

The security overview dashboard now provides enhanced visibility, including metrics for secret scanning and trends for adopting security features. This allows administrators to monitor security enablement across their organization effectively. Learn more here.

^{Security overview board.}

Administration

Add groups to security policy scope (Ultimate)

This feature introduces the ability to include groups/subgroups within the scope of your security policies. This enhancement streamlines the management of security settings by allowing administrators to apply policies at the group level, ensuring consistent protection across multiple projects. It's a time-saver for admins and a win for your organization’s security strategy. Learn more here.

Selective SAML single sign-on enforcement (all users) 

With this feature, administrators can enforce SAML single sign-on (SSO) selectively, targeting specific groups or users. This allows for greater flexibility in managing authentication requirements, ensuring compliance without disrupting access for every user. Learn more here.

Access compliance center on projects (Premium, Ultimate)

A new feature that allows access to the compliance center directly at the project level. This enhancement simplifies monitoring and managing compliance requirements by providing a dedicated space for project-specific policies and audits. It’s a game-changer for teams seeking streamlined governance without navigating across the entire organization. Learn more here.

View token associations using API

You can now view token associations via the API. This feature provides greater visibility into which tokens are linked to specific resources, improving transparency and making managing authentication and access controls programmatically easier. It’s a powerful addition for administrators seeking to maintain token usage security and clarity. Learn more here.

AI

Introducing Duo Quick Chat (Premium, Ultimate, Duo Pro, Duo Enterprise)

Duo Quick Chat is your new go-to feature for instant collaboration. Whether you need to discuss a code snippet, clarify a task, or share quick feedback, Duo Quick Chat makes communicating directly within your workflow easy. It’s fast, seamless, and designed to keep your team connected without missing a beat. Learn more here.

 

Elevate your coding: Duo Chat is now in Visual Studio for Windows (Premium, Ultimate, Duo Pro, Duo Enterprise)

Coding just got a whole lot more interactive! Duo Chat is now available in Visual Studio for Windows, bringing seamless collaboration and real-time communication directly into your favorite IDE. Whether brainstorming ideas, debugging with teammates, or discussing code changes, this integration helps you stay in the zone while keeping conversations close. Learn more here.

^{Duo Chat in Visual Studio for Windows.}

Have a conversation with GitLab Duo Chat about your merge request (Ultimate, Duo Enterprise)

GitLab Duo Chat now lets you discuss your merge requests directly within the platform. Need clarification on code changes or feedback on your MR? Simply start a conversation with Duo Chat to streamline collaboration and decision-making. It’s like having a helpful assistant that’s always ready to talk things through—perfect for keeping your team on the same page. Learn more here.

 

Export code suggestion usage events (Ultimate, Duo Enterprise)

Now, you can export raw code suggestion events from the GraphQL API. This way, you can import the data into your data analysis tool to get deeper insights into acceptance rates across more dimensions, such as suggestion size, language, and user. The raw events are not stored in ClickHouse, so some AI impact analytics metrics have become available for all GitLab deployments, including GitLab Dedicated and self-managed. Learn more here.

Use self-hosted model for GitLab Duo Code Suggestions (Ultimate, Duo Enterprise)

With GitLab Duo, you can deploy a self-hosted model for code suggestions. This feature gives organizations greater control over their data and infrastructure while still enjoying the benefits of intelligent coding assistance. It’s an ideal solution for teams prioritizing privacy and customization in their development workflows. Learn more here.

^{Self-hosted models view.}

UI/UX

Enhanced branch rules editing capabilities (all users)

A feature that offers enhanced capabilities for editing branch rules, making it easier to manage your repository’s workflows. With a more intuitive interface and additional customization options, administrators can quickly set and update rules to enforce best practices and maintain code quality. Simplified, powerful, and built for efficiency. Learn more here.

 

Project development

Configure agent and GitOps environment settings with the REST API (all users)

GitLab now lets you configure agent and GitOps environment settings directly through the REST API. This feature streamlines automation and allows for more flexible infrastructure management, enabling administrators to update settings programmatically and integrate GitOps workflows seamlessly. Learn more here.

Kubernetes integration support for firewalled GitLab installations (Ultimate)

This feature supports Kubernetes integration for installations behind a firewall. This enhancement ensures that even in restricted environments, you can seamlessly connect GitLab with your Kubernetes clusters, enabling secure and efficient orchestration of your deployments without compromising accessibility. Learn more here.

Easy bootstrapping of GitLab Kubernetes integration (all users)

GitLab makes integrating with Kubernetes easier than ever with streamlined bootstrapping. The GitLab CLI now offers the glab cluster agent bootstrap command to simplify installing the agent on top of an existing Flux installation. Now, you can configure Flux and the agent with two simple commands. Learn more here. 

Ruby support and rule updates for Advanced SAST (Ultimate)

GitLab’s Advanced SAST now supports Ruby, expanding its capabilities to detect vulnerabilities in Ruby codebases. Additionally, updated security rules improve accuracy and coverage, ensuring your applications remain secure against emerging threats. It’s a powerful upgrade for safeguarding your code. Learn more here

Suspend or resume GitOps reconciliation from the GitLab UI

You can suspend or resume GitOps reconciliation directly from the UI, which gives teams greater flexibility in managing deployments, letting you pause updates when needed and resume them seamlessly—all with just a few clicks. Learn more here.

Stream Kubernetes resource events (all users)

GitLab now lets you stream Kubernetes resource events in real-time, providing instant visibility into your cluster’s activity. Whether tracking deployments, scaling changes, or troubleshooting issues, this feature ensures you’re always up-to-date with what’s happening in your Kubernetes environment. Learn more here.

Jenkins gets a makeover in 2025 with several refinements and modernizations to improve usability and aesthetics:

• Enhancements and refinements were made to the appearance of several pages in Jenkins. 
• Refinements and modernizations to sections of the Jenkins UI.
• User properties are now categorized on different pages.
• Updated design of the build history widget.
• Use Notice component for views lacking jobs.
• Do not edit unrelated checkboxes in rowSelectionController.

Agents functionality also got cut in 2025, enhancing usability and performance. The significant ones are:

• Usage of webSocket in the inbound agent command line sample.
• Display improvement of HTTP handshake errors (such as authentication issues) from the CLI in -webSocket mode.
• The latency for bringing up offline agents can be improved using a new global config option, Computer Retention Check Interval, and setting an in-demand delay of zero on the agents.

Among all those UI and agent changes worth mentioning is one general feature that allows some administrative monitors to be displayed for users with Overall/MANAGE permission.

Artifactory

Breaking changes

Classic navigation sunset

The classic navigation has reached its end of life, so you will no longer be able to switch back to it. Learn more here.

API key creation is disabled

The creation of new API keys has now been disabled. You can use identity tokens instead, which replace API keys and offer enhanced security. The usage of API Keys was disabled at the end of Q4 2024. Learn more here

Breaking change when using Get User Details API for details of non-logged-in users

When retrieving user details for non-logged-in users via the Rest API, a random date in the distant past was returned. Now, a null value will be returned. Previously, if a user never logged in a response to the Get User Details API, the value of last_logged_in was 1970-01-01T00:00:00.000Z. Now, if a user never logged in, the value of last_logged_in will be null.

UI

Significant changes to the Packages UI

From the Packages home page, you can now view a list of the most recently viewed packages. An upgraded filter option has been added that allows you to create refined filters to easily see the packages that interest you. Learn more here.

^{Packages user interface}

Improved UI for deleting Release Bundle v2 versions and promotions

The UI offers improved options for deleting Release Bundle v2 versions and promotions, including versions distributed to Edge nodes. Learn more here.

^{Actions menu}

Administration

Cleanup Policies

JFrog Cleanup Policies empower platform and project administrators to create tailored rules for removing unused binaries across their JFrog platform. These policies provide precise control over storage usage and help maintain optimal system performance. Administrators can define specific criteria to implement a consistent and customizable cleanup process that aligns with their organization’s needs. Learn more here.

Support for GitHub Enterprise in self-hosted environments 

Users in a self-hosted environment can now select GitHub Enterprise as the Git provider for Go Remote Repositories. When using this option, you should configure the Go Remote Repository with the URL of the GitHub Enterprise server located at your site. This feature requires Enterprise Server 3.10 and above.

Support for multi-architecture tag deletion

Artifactory now supports deleting multi-architecture Docker and OCI image tags with one action. Learn more here.

^{Architecture deletion} 

OpenID Connect integration

The JFrog platform now supports projects, multiple values, wildcard values, and dynamic mapping for OpenID Connect integrations. Project administrators can define identity mappings that are tied directly to specific projects. JSON claims in identity mappings now support multiple and wildcard values, enabling more flexible configurations. Additionally, dynamic mappings allow verification or modification of usernames or group names in the token subject based on predefined patterns, enhancing integration efficiency and adaptability.

Multiple SAML SSO provider configurations

The JFrog platform now supports multiple configurations for SAML SSO providers. Enabling multiple SAML SSO configurations can help large organizations streamline the login and authentication processes for multiple platforms, resulting in a faster and more convenient authentication experience.

General

Cannot modify or delete files that belong to a promoted Release Bundle v2

To protect the immutability of Release Bundle v2, users are now blocked from modifying or deleting a file that belongs to a promoted Release Bundle. Users must first delete the promotion or the Release Bundle version before the files can be modified or deleted.

Release Bundles v2 protected from expired GPG keys

When a user attempts to create, promote, or distribute a Release Bundle v2 version, the action is blocked if the GPG key expires.

Adding pagination to Release Bundle v2 version details REST API

The REST API for getting Release Bundle v2 version details now includes the ability to paginate the results using the offset and limit query parameters. In addition, the response now includes the total_artifacts_count.

Among the improvements listed above, Artifactory brought enhancements related to the Cargo, Hugging Face, and Federated repositories. What’s more, dozens of issues were resolved.

Xray

Retention period enhancement

Improved the retention period of scans, which will be recalculated once the artifact is downloaded. The retention period will be measured from the beginning of the configured retention.

Use JFrog Catalog Labels as waivers in a policy

This feature enables the security team to specify multiple packages and versions that can be excluded from the Policy (i.e., not violating it), allowing them to enter the repository. Waivers are added as labels on a per-policy basis using preset labels from the JFrog Catalog.

SonarQube’s 9.9.8 update represents a key step as it appears to be the final release in the current Long-Term Alignment (LTA) version before the debut of the next LTA. This update ensures stability and addresses minor enhancements, providing a solid foundation for organizations preparing for the upcoming release. 

This month, Sonatype Nexus Repository receives a targeted update to version 3.71.0-06, focusing on database migration and improvements. For OSS customers, the platform transitions from OrientDB to the H2 database, now serving as the default database for Nexus Repository OSS licenses. Meanwhile, Pro customers will benefit from migrating to the robust and scalable PostgreSQL database, ensuring enhanced performance and reliability moving forward.