Security for Bitbucket allows for customizing the messages displayed to developers when the pre-receive hook either blocks or warns about the contents of a commit. These settings can be used to to provide additional information, like a link to a company security policy:
Reject message: displayed when user’s commits are blocked by the hook.
Warn message: displayed when a user’s commits have potentially sensitive content, but the hook is in warn mode.
Override message: displayed when the hook is run despite repository or project settings (e.g., when the global hook is configured to always run).
The custom text provided will be displayed as a header of a rejection banner, followed by list of detected vulnerabilities. It affects all repositories in the Bitbucket instance.
To restore any of the default messages, set the corresponding text field to an empty value.