From d7b86cc186f56069b387cac567fde3c88e83545b Mon Sep 17 00:00:00 2001
From: Scott Idem <stidem@gmail.com>
Date: Tue, 17 Mar 2026 19:24:05 -0400
Subject: [PATCH] =?UTF-8?q?docs(todo):=20add=20Bitbucket=20app=20password?=
 =?UTF-8?q?=20=E2=86=92=20API=20token=20migration=20deadline?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

App passwords inactive 2026-06-09.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 documentation/TODO__Agents.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/documentation/TODO__Agents.md b/documentation/TODO__Agents.md
index 15215ac..2e520d0 100644
--- a/documentation/TODO__Agents.md
+++ b/documentation/TODO__Agents.md
@@ -32,6 +32,9 @@
 - **Status:** **ENFORCED**.
 - **Maintenance:** Run `tests/e2e/test_e2e_v3_security_audit.py` after ANY router or registry change.
 
+## 🔑 Credentials / Access Maintenance
+- [ ] **Bitbucket API Token Migration:** Bitbucket is deprecating app passwords — all existing ones become inactive **2026-06-09**. Switch `git` remote auth to an API token before that date. Ref: https://support.atlassian.com/bitbucket-cloud/docs/api-tokens/
+
 ## 🚧 Strategic Goals (V3.5+)
 - [ ] **Pydantic V2 / SQLAlchemy 2.0:** Major framework upgrade for performance and type safety.
     - SQLAlchemy 2.0 is likely the easier migration (additive, legacy mode available).