A short while ago the BitBucket API changed the clone URL it returns from
<account/team>@bitbucket.org. This impacted our private Composer hosting (Satis-based) because of the following:
- The API returns the team name as the user for cloning (e.g. firstname.lastname@example.org/team/repository.git)
- Developers attached to the team do not have access to the team user clone URL (e.g. user called 'developer', who has read/write/admin access to the team called 'team', cannot clone any repository from email@example.com/team/repository.git)
- Composer projects would get firstname.lastname@example.org/team/* URLs in the composer.lock file, developer2 would then get issues as they do not have access to the developer user.
In my opinion it should be possible for team members to clone from team repositories using their own SSH keys on the team user.