1. Bitbucket
  2. Public Issue Tracker
  3. master
  4. Issues


Issue #6434 open

Cannot remove a follower (BB-13944)

Fun Bucket
created an issue

Someone who is a follower but is not involved in any of my repositories receives notification when I add someone else as administrator of my account. This creates a hole in privacy. Please provide the feature to remove followers.

Comments (50)

  1. Brian Nguyen


    This definitely should not be the case. When you add a user as an administrator only the added user should be notified and not any followers.

    We will look into this, but can you clarify that the problem occurs when you add a user as an administrator of a repository? Or is it when you add a user as an administrator of a team.

    Cheers, Brian

  2. Fun Bucket reporter

    To clarify, I have been invited to bitbucket by a friend who received 3 additional users to his account limit thanks to this. I created a team account and did not include my orginal friend in it. Then I invited someone else as adminsitrator of the team. When he accepted the invitation my original friend received a notification as follower. First, note that my original friend has been put as follower of the account without any explicit request. Second, I have no way to keep my relationships private as there is no way I found to remove followers.

  3. Zach Davis staff

    You are correct that your friend should not have automatically followed you when you signed up. This was a bug that I'm currently working on fixing.

    However, I have been completely unable to reproduce the notification of access changes to a follower. Can you provide any additional information? When you say your friend was notified, do you mean in his newsfeed, by email, or in his Bitbucket inbox?


  4. Gabe D

    In any case if you care to have a private account with no followers you should be able to remove followers or block people there is no option for either of these options. Especially as followers can see private profiles.

  5. Marcelo Zabani

    This really should be a feature! Everytime an employee leaves a company they shouldn't have access to the code anymore. This exact situation is happening right now here at our company.

  6. vexed

    We really need a way to remove followers, creating a new account/repo seems like a very silly thing to do, but, that is the only way to remove them now!

  7. Zach Davis staff
    • changed status to open

    To clarify, I fixed a bug last year with automatically following users you invited.

    I was never able to reproduce the notification issue that Fun Bucket described.

    However, I'm reopening this (as I should have a while ago) as a ticket for adding the ability to remove followers from any account you have admin rights to.

  8. 1vexed

    Perhaps, if we knew why this seemingly trivial thing to do is taking so long, we could help out?

    This bug has been open for more than 2 years now, and yes, it is a bug when a Admin of a project can't get rid of followers, when they should have full access to do anything.

  9. hendra_motion

    This is a huge security flaw, and bitbucket still not fixing it. If the algorithm in bitbucket have a bug and the follower can see the private repository, can follow our activity, or notification in their email. You can imagine how horrible it is.

    If i were know this, i'll not recommend it to my friend.

  10. David Feldsine

    I am a paying customer and would like to be able to remove, NO NEED TO BE ABLE TO REMOVE, individuals who has left the company. This is a security issue that needs to be addressed quickly.

  11. Sean Marshall

    I have a similar issue as voiced by others. There are former developers that no longer work for my company that cannot be removed from the list of followers. Is there a way to have them manually removed if this option is not available through the interface?

  12. 1vexed

    It seems the ONLY way to handle this is to contact support. There is nobody that can/wants to fix this and all attempts to try to get a response from the staff in this ticket have failed.

    zachary Davis [Atlassian] staff doesn't reply to messages about this.

  13. amplifi-admin

    I too need to remove followers that are no longer with the company. This seems like a serious security issue that should be addressed. It has been 3 years now and still no update.

  14. Anonymous

    At this point I believe we should all move to GitHub or GitLab. This has been opened since 2013-02-19. They either don't know about this ticket or simply don't care.

  15. Log in to comment