Azure DevOps Blog

DevOps, Git, and Agile updates from the team building Azure DevOps

Supporting AzureAD Conditional Access Policy across VSTS

In February 2017, VSTS announced support for Azure Active Directory Conditional Access Policy (CAP).  One caveat that was called out in that announcement was that alternate authentication mechanisms, such as personal access tokens, would not enforce CAP. As I discussed previously, many VSTS administrators gave us feedback that they need a ...

VSTS will no longer allow creation of new MSA users with custom domain names backed by AzureAD

3-28-2018 UPDATE : The deadline listed below has been extended to the end of September.  Read my latest blog post for more information. On September 15, 2016, the Azure Active Directory (Azure AD) team blocked the ability to create new Microsoft accounts using email addresses in domains that are configured in Azure AD. Many VSTS customers ...

Remembering How We Should Manage Open Source

A DevSecOps best practice is root cause analysis, so that we can learn from live site incidents and prevent their recurrence. Equifax made news recently with the exfiltration of data from half the US population. This is a sobering opportunity to look at the root cause. The Equifax attack used Apache Struts, a popular open source project for ...

Using Open Source Components? Using TFS?

Back in March, I wrote about the WhiteSource Bolt extension for VSTS. This is a fantastic way to automate security checks for open source vulnerabilities in the release pipeline of your team project. The most frequent question I’ve received is, When can we have this for TFS too? I’m happy to announce that the extension now works ...

Open Source Scanning in Visual Studio Team Services with WhiteSource Bolt

Most organizations today consume open source software in their development projects. The reuse of components enables great productivity gains. However, this practice has an unintended consequence: you can reuse security vulnerabilities or violate licenses without realizing the risk. I wrote about this in an article in MSDN Magazine on Rugged ...

Live Dependency Validation in Visual Studio 2017

Last month we announced that Visual Studio “Dev15” Preview 5 now supported Live Dependency Validation. In this blog post,   On demand video about dependency validation During the connect 2016 event, we’ve proposed an on-demand video which explains in detail why you’d want to use Dependency ...

UML Designers have been removed; Layer Designer now supports live architectural analysis

We are removing the UML designers from Visual Studio "15" Enterprise. Removing a feature is always a hard decision, but we want to ensure that our resources are invested in features that deliver the most customer value.  Our reasons are twofold: If you are a significant user of the UML designers, you can continue to use Visual Studio...

Live architecture dependency validation in Visual Studio “15” Preview 5

In the past year, you told us that you considered removing unwanted dependencies to be an important part of managing your technical debt. The Layer designer enables you to validate architectural dependencies in your Visual Studio solutions. It first shipped in Visual Studio 2010, and is now part of Visual Studio Enterprise. But the experience ...

Code Map: From Visual Studio 2013 Ultimate to Visual Studio 2015 Enterprise

When you want to understand specific dependencies in your code, visualize them by creating code maps. You can then navigate these relationships by using the map, which appears next to your code. Code maps can also help you keep track of your place in the code while you work or debug code, so you'll read less code while you learn more about ...

Feedback usabilla icon