Buck Hodges

It is my pleasure to announce another exciting expansion of the Microsoft Bounty Programs. Today, we are adding a security bug bounty program for Azure DevOps in partnership with the Microsoft Security Response Center (MSRC) to our suite of Bounty programs.

On November 26, 2018, the npm package manager released security advisory 737 regarding the flatmap-stream package. It was determined that this package was malicious, and contained harmful code. In addition, the popular event-stream package was modified to make use of the harmful flatmap-stream package.

We are making a change to Azure DevOps to block the harmful flatmap-stream 0.1.0 package and the versions of event-stream newer than version 3.3.4 which make use of the flatmap-stream package.

One question that I often get from customers is how we manage exposing features in the service. Features may not be complete or need to be revealed at a particular time. We may want to get early feedback. With the team working in master and deploying every three-week sprint,

We have now released TFS “15” RC2. We are using it in production internally. It is fully supported for production use. You can upgrade from TFS 2012 or newer to RC2. You can also upgrade the RC1 release to RC2, and you will be able to upgrade from RC2 to RTM (that should be a very fast upgrade,

We get quite a few questions from customers on how we made the transition to shipping both an on-premises product and a cloud service. We moved from shipping every 2-3 years to shipping Visual Studio Online every three weeks and TFS every 3-4 months.

We have now released a patch with a set of fixes for TFS 2012 Update 1. Many of you saw that we released a patch in early January and then pulled it down. This is the re-release.
Shipping major changes to the server on this much faster cadence has been a learning experience for us.

Yesterday’s update of Team Foundation Service requires a new build of git-tf, which is now available for download. Using a version of git-tf prior to the update will result in repeated prompts for your password but will never succeed in authenticating.

Normally when you connect to the Team Foundation Service you are presented with a web page to log in with your Microsoft Account (aka LiveID). When you log in you can choose to have it remember you and you won’t have to enter your Microsoft Account credentials again (unless you don’t log in again for a long time,

This past weekend we upgraded the TFS server used by the Developer Division and other teams who deliver Visual Studio 2012. It is now running TFS 2012 RC!
read more about it…
 
Follow me at twitter.com/tfsbuck