Azure DevOps Blog
DevOps, Git, and Agile updates from the team building Azure DevOps
Latest posts
June Patches for Azure DevOps Server
Today we are releasing patches that impact the latest version of our self-hosted product, Azure DevOps Server. We strongly encourage and recommend that all customers use the latest, most secure release of Azure DevOps Server. You can download the latest version of the product, Azure DevOps Server 2022.2 from the Azure DevOps Server download page. Note: Azure DevOps Server 2022.2 is the latest version of Azure DevOps Server. If you have installed Azure DevOps Server 2022 or Azure DevOps Server 2022.1, you should first upgrade to Azure DevOps Server 2022.2 and then install Azure DevOps Server 2022.2 Patch 6. ...
Restricting PAT Creation in Azure DevOps Is Now in Preview
As organizations continue to strengthen their security posture, restricting usage of personal access tokens (PATs) has become a critical area of focus. With the latest public preview of the Restrict personal access token creation policy in Azure DevOps, Project Collection Administrators (PCAs) now have another powerful tool to reduce unnecessary PAT usage and enforce tighter controls across their organizations. 🗣️ This has been one of our most requested features -- we're excited to finally deliver it. Why This Matters PATs are a convenient way for users to authenticate with Azure DevOps, but they also pose...
GitHub Secret Protection and GitHub Code Security for Azure DevOps
Following the changes to GitHub Advanced Security on GitHub, we're launching the standalone security products of GitHub Secret Protection and GitHub Code Security for Azure DevOps today. You can bring the protection of Advanced Security to your enterprise with the flexibility to enable the right level of protection for your repositories. GitHub Secret Protection for Azure DevOps Secret Protection is available for $19 per active committer per month, which provides features including: GitHub Code Security for Azure DevOps Code Security is available for $30 per active committer per month, which provides f...
Azure DevOps with GitHub Repositories – Your path to Agentic AI
GitHub Copilot has evolved beyond a coding assistant in the IDE into an agentic teammate – providing actionable feedback on pull requests, fixing bugs and implementing new features, creating pull requests and responding to feedback, and much more. These new capabilities will transform every aspect of the software development lifecycle, as we are already seeing on our own teams within Microsoft and GitHub. Copilot’s agentic capabilities are most powerful when your code lives in GitHub, and that’s why we’ve been working hard to make the experience of using GitHub, Copilot, and Azure DevOps seamless. Now is the tim...
One Pipeline to Rule Them All: Ensuring CodeQL Scanning Results and Dependency Scanning Results Go to the Intended Repository
"One Ring to rule them all, One Ring to find them, One Ring to bring them all, and in the darkness bind them." – J.R.R. Tolkien, The Lord of the Rings In the world of code scanning and dependency scanning, your pipeline is the One Ring—a single definition that can orchestrate scans across multiple repositories. However, much like the One Ring, if misused, it can lead to chaos: publishing results to the unintended repository. Fear not, brave developer! This guide will show you how to wield your pipeline wisely so that CodeQL scanning results and Dependency Scanning results are always published to the inten...
Introducing Azure DevOps ID Token Refresh and Terraform Task Version 5
We are excited to share some recent updates that improve the experience of using Workload identity federation (OpenID Connect) with Azure DevOps and Terraform on Microsoft Azure. Many working parts have come together to make this possible and we'll share those here. We are also very pleased to announce version 5 of the Microsoft DevLabs Terraform Task, which supports ID Token refresh by default. What is ID Token Refresh? Workload identity federation requires an ID Token issued from the identity provider, in our case Azure DevOps. This ID Token has a short lifespan of ~5 minutes by design. It is immediately ex...
Spring Cleaning: A CTA for Azure DevOps OAuth Apps with expired or long-living secrets
Today, we officially closed the doors on any new Azure DevOps OAuth app registrations. As we prepare for the end-of-life for Azure DevOps OAuth apps in 2026, we'll begin outreach to engage existing app owners and support them through the migration process to use the Microsoft Identity platform instead for future app development with Azure DevOps. This platform, used across Microsoft teams, can access the same Azure DevOps REST APIs, with the added benefit of ongoing regular investment and additional security controls available to company admins. We've collected a list of helpful resources from Microsoft Entra do...
Azure Boards + GitHub: Recent Updates
Over the past several months, we’ve delivered a series of improvements to the Azure Boards + GitHub integration. Whether you're tracking code, managing pull requests, or connecting pipelines, these updates aim to simplify and strengthen the link between your work items and your GitHub activity. Here’s a recap of everything we’ve released (or are just about to release): 🔗 Smarter Link Management for Branches, PRs, and Commits We’ve made it easier than ever to keep your work items automatically updated as your development progresses: These changes reduce the need for manual linking and help keep your work...
April Patches for Azure DevOps Server and Team Foundation Server
Today we are releasing patches that impact our self-hosted product, Azure DevOps Server, as well as Team Foundation Server 2018.3.2. We strongly encourage and recommend that all customers use the latest, most secure release of Azure DevOps Server. You can download the latest version of the product, Azure DevOps Server 2022.2 from the Azure DevOps Server download page. Previously, the Azure DevOps Agent used the Edgio CDN with endpoint . As part of Edgio's retirement, the domain is being decommissioned. To ensure continued availability, we have migrated to an Akamai-backed CDN with a new endpoint . This patch in...