He probably means in terms of general usability. This is the reason why I don't use bitbucket at all, and I'm happy to give some money to github in exchange for their service.
Bitbucket's issue tracker is such a pain to work with. I remember being redirected to a new page whenever I had to create a new tag. Then I'd loose the content of the issue I had started to write, something like that.
you are doing it wrong. If you want issue management you will buy Jira from the same company which is superior to github. Bitbucket is one tool of many for Atlassian.
Isn't that the problem, though? GitHub has one Issue tracker that is "good enough" for most projects I've worked on, and gets better over time because GitHub dog foods it (even if they don't always see some of the large open projects issues with it). Bitbucket has two Issue trackers, a "sort of useful" minimalist one that is worse than GitHub's and an upsell to Jira which is maximalist overkill for any project I've worked on. Atlassian doesn't have much incentive to make Bitbucket's issue tracker any better than it's current "almost decent" because it wants to upsell Jira. You can pretty much assume that Atlassian only works in Jira themselves.
(Similarly, VS Team Services has only one issue tracker and I'd rather use that than both of Atlassian's offerings, even though it's almost equally maximalist with Jira, mostly because they clearly dog food it and don't try to upsell into it from a worse system that nobody wants to use.)
I've never said I'm a fan of Jira. I also think it is overkill for all the little projects I've been working on. As other mentioned before here: Maybe look into gitlab.com ... they dogfood their project and the bugtracker is pretty good. https://about.gitlab.com/2016/05/11/git-repository-pricing/
I've found github better for open source projects, and bitbucket better for businesses. Github only just recently introduced the idea that one 'deploy key' could be used on more than one repo(!), for example, not to mention that deploy keys had full write access.
User management - more important for a business - is much nicer on BitBucket, and was the specific reason why we shifted. And it will continue to be nicer, until they infect BitBucket with the same user management mess that blights Jira/Confluence. :)
Bitbucket is ok for private repos. I think private repos are relatively secure there because Atlassian has much of reputation to loose if there is a security breach. Another plus for Bitbucket is the integration with Jira and other Atlassians tools.
Beside that plus points I will rather go to GitLab.com (more features, better UI and integration with 3rd party) but my trust in private repos is lower there than on Bitbucket. I wished we could measure security somehow for private repos between Bitbucket, GitHub and Gitlab.com
Make a dedicated site on gitlab.com about security (make it bold) and about private repos. Some buzzwords: Countermeasures, security tracking, rate limiting, DDoS attacks, Backups... what do you do to ensure security, privacy or that nothing is lost? It's a littlebit in the dark. I would love to see comparisons between gitlab, bitbucket and github if possible (but I'm guessing that's not easy) or I would love to see somehow you take that extremely seriously for gitlab.com. I only have this gut feeling (I cannot exactly say why) that bitbucket and github feel more secure for private repos than gitlab because their business is dependent on security of hosting private repos. On gitlab.com the hosted private repos are a bonus and not the business of gitlab (because the real business is selling gitlab enterprise software and their support).
Just ask yourself and imagine this: You have a new start up company based on very valuable closed source but you entirely do not want to host my own gitlab etc. server. Which service would you use? I'm guessing it is bitbucket or github because they are offering "premium" private repos and have a good reputation (at least I do not know that a private repo there was once disclosed).
Creating a Security page on the site to explain your infosec policies would go a long way. I like that we're able to view previous disclosures [1] and active security issues [2], but I had to dig a bit to find them. Surface those.
All those sites are secure. Actually, between the three, GitHub has had the most vulnerabilities reported, like that one time someone got administration privileges over the entire website... yet people still trust them somehow.
If you're working on government contracted stuff or something like that, where you need perfect and utter secrecy, you could self-host a GitLab instance. Which is $0, compared to GitHub Enterprise.
