Azure DevOps Blog
DevOps, Git, and Agile updates from the team building Azure DevOps
Latest posts
The New Test Run Hub is Going Generally Available!
Delivering high-quality software requires clarity, speed, and collaboration. That’s why we introduced the New Test Run Hub in Azure Test Plans. A modern, streamlined experience designed to make test execution and analysis fast and intuitive. And we’re excited to announce that this experience is moving to General Availability (GA) for the Azure DevOps Services throughout January 2026. Why the New Test Run Hub? The new hub centralizes test execution for both manual and automated runs, giving teams: Your Feedback Matters Based on your feedback, we’ve made several improvements ahead of General Availabi...
Work item linking for Advanced Security alerts now available
Security vulnerabilities don't fix themselves. Someone needs to track them, prioritize them, and actually ship the fix. If you've ever tried to manage security alerts alongside your regular sprint work, though, you know the friction: you're looking at an alert in one tab, switching to your backlog in another, trying to remember which vulnerability you were supposed to file a bug for. We shipped work item linking for GitHub Advanced Security for Azure DevOps alerts to fix this. It's now generally available and it does exactly what it sounds like: you can link work items in Boards directly to security alerts. Note...
Azure Boards integration with GitHub Copilot
A few months ago we introduced the Azure Boards integration with GitHub Copilot in private preview. The goal was simple: allow teams to take a work item from Azure Boards and send it directly to GitHub Copilot so the coding agent could begin working on it, track progress, and generate a pull request. We are happy to announce that this integration is now being rolled out as generally available 🎉. Customers who participated in the preview helped us validate the experience, find issues, and shape improvements. GA includes the same workflow introduced in preview, along with new capabilities based on customer feedbac...
Retirement of Global Personal Access Tokens in Azure DevOps
In the new year, we’ll be retiring the Global Personal Access Token (PAT) type in Azure DevOps. Global PATs allow users to authenticate across all accessible organizations. While this can feel convenient, a single credential with broad reach creates a concentrated security risk — especially as a user’s access footprint grows. This level of privilege becomes an attractive target for bad actors, making global tokens unsuitable for today’s security‑conscious environments. Setting clear boundaries around high‑impact credentials is one of the most effective ways to prevent large‑scale breaches. As part of Microsof...
Announcing Azure DevOps Server General Availability
We’re thrilled to announce that Azure DevOps Server is now generally available (GA)! This release marks the transition from the Release Candidate (RC) phase to full production readiness, delivering enterprise-grade DevOps capabilities for organizations that prefer self-hosted solutions. You can upgrade directly from Azure DevOps Server RC or any supported version of Team Foundation Server (TFS 2015 and newer). Head over to the release notes for a complete breakdown of changes included with this release. Note: Team Foundation Server 2015 reached the end of Extended Support on October 14, 2025. We strongly rec...
Azure DevOps and GitHub Repositories — Next Steps in the Path to Agentic AI
In May, we talked about the evolution of GitHub Copilot from a coding assistant into an AI powered peer programmer. Since then, GitHub has taken a major step forward - becoming an open platform for agentic development, where Agent HQ enables developers to orchestrate any agent, anytime, anywhere. Agent HQ provides observability, governance, and security controls for agents, so organizations can manage access, audit usage, and enforce policies. Meanwhile, the new GitHub Code Quality (in public preview) provides in-context findings, maintainability scores, and one-click fixes—helping teams ensure their code is heal...
November Patches for Azure DevOps Server
Today we are releasing patches that impact our self-hosted product, Azure DevOps Server. We strongly encourage and recommend that all customers use the latest, most secure release of Azure DevOps Server. You can download the latest version of the product, Azure DevOps Server 2022.2 from the Azure DevOps Server download page. Azure DevOps Server 2022.2 Patch 7 Release notes If you have Azure DevOps Server 2022.2, you should install Azure DevOps Server 2022.2 Patch 7 to have the most secure and updated product experience. With this patch we are fixing the following: Verifying Installation Run , is the...
Azure Developer CLI: Azure Container Apps Dev-to-Prod Deployment with Layered Infrastructure
This post walks through how to implement "build once, deploy everywhere" patterns using Azure Container Apps with the new and layered infrastructure features in Azure Developer CLI v1.20.0. You'll learn how to deploy the same containerized application across multiple environments with proper separation of concerns. This is the third installment in our Azure Developer CLI series, building on our previous explorations: - Azure App Service and GitHub Actions - Azure DevOps Pipelines Build once, deploy everywhere The challenge we're solving If you've worked with containers in production, you've probably run into...
Upcoming Updates for Azure Pipelines Agents Images
To ensure our hosted agents in Azure Pipelines are operating in the most secure and up-to-date environments, we continuously update the supported images and phase out older ones. In October 2024, we announced support for Ubuntu-24.04. Soon, we plan to update the ubuntu-latest image to map to Ubuntu-24.04. Additionally, MacOS 15 Sequoia and Windows 2025 images will be generally available later this year. Alongside these new releases, we will deprecate older images like Ubuntu-20.04 and Windows Server 2019. Please refer to the following subsections for detailed updates on individual images. Ubuntu Ubuntu 24.04 ...
Modernizing Authentication for Legacy Visual Studio Clients
As part of our ongoing commitment to security and modernization, we’re updating outdated authentication mechanisms used by older versions of clients reliant on our older Visual Studio client libraries. For full details on all known impacted clients, refer to the official announcement we made in April 2024: End of Support for Microsoft products reliant on older Azure DevOps and Visual Studio authentication. In order to minimize disruption due to removing these legacy tokens, over the past few months, we’ve worked on seamlessly transitioning these legacy tokens to Entra-backed authentication when possible. This c...
Azure DevOps local MCP Server is generally available
Today we are excited to take our local MCP Server for Azure DevOps out of preview 🥳. Since the initial preview announcement, we've worked closely with early adopters and the community to incorporate feature suggestions and feedback. We’ve improved login and authorization, added and refined tooling, and introduced domains so users can scope active tools to stay under client limits. 🤷♂️ What is an MCP Server? A local MCP Server (Model Context Provider) is a tool that sits between your AI assistant (like GitHub Copilot) and your Azure DevOps organization. Its job is to inject rich, real-time context such as work ...
Announcing the new Azure DevOps Server RC Release
We’re excited to announce the release candidate (RC) of Azure DevOps Server, bringing new features previously available in our hosted version. You can download Azure DevOps Server RC today. A direct upgrade to Azure DevOps Server RC is supported from any version of Team Foundation Server, including Team Foundation Server 2015 and newer. Note: October 14, 2025, is the date for the end of Extended Support for Team Foundation Server 2015. This means that it will no longer receive security updates or technical support. We strongly recommend that customers upgrade to the latest versions of Azure DevOps as they ar...
Azure Boards integration with GitHub Copilot (Private Preview)
As of October 16, 2025, we are no longer accepting organization signups for the private preview. Our focus is now on completing the feature and preparing it for general availability in the coming weeks. Several months ago, GitHub introduced the public preview of its Copilot coding agent, a powerful new capability that allows you to assign GitHub Issues directly to Copilot. From there, the agent works independently in the background, much like a human developer, to complete the task. Copilot evaluates the request based on the information you provide, whether from the issue description or a chat message, then ...
New Test Run Hub in Azure Test Plans
Delivering high-quality software is a necessity and that’s why Azure Test Plans has introduced the all-new Test Run Hub, an enabler for teams who want to take control of their testing process and drive continuous improvement. What Makes the Test Run Hub a Must-Have? The Test Run Hub is designed to help teams track test progress, analyze results, and maintain quality across every development cycle. Whether you’re running manual or automated tests, the new test run hub brings clarity and efficiency to your quality assurance workflow. Key Benefits Real-Time Visibility: Instantly monitor test progress and quali...
Azure Developer CLI: From Dev to Prod with Azure DevOps Pipelines
Building on our previous post about implementing dev-to-prod promotion with GitHub Actions, this follow-up demonstrates the same "build once, deploy everywhere" pattern using Azure DevOps Pipelines. You'll learn how to leverage Azure DevOps YAML pipelines with Azure Developer CLI (azd). This approach ensures consistent, reliable deployments across environments. Environment-Specific Infrastructure The infrastructure approach is identical to our previous GitHub Actions implementation. It uses conditional Bicep deployment with a single parameter. This drives environment-specific resource configuration. The same B...
Azure DevOps OAuth Client Secrets Now Shown Only Once
We’re making an important change to how Azure DevOps displays OAuth client secrets to align with industry best practices and improve our overall security posture. Starting September, newly generated client secrets will be shown only once at the time of creation. After that, they will no longer be retrievable via the UI or API. This update helps reduce the risk of accidental exposure and encourages secure storage practices, such as saving secrets in Azure Key Vault or other secure vaults. These changes will go into effect for all apps by September 2, 2025. We will also be retiring the Get Registration Secret ...
Hunting Living Secrets: Secret Validity Checks Arrive in GitHub Advanced Security for Azure DevOps
If you’ve ever waded through a swamp of secret scanning alerts wondering, “Which of these are actually dangerous right now?” — this enhancement is for you. Secret validity checks in GitHub Advanced Security for Azure DevOps (and the standalone Secret Protection experience) add a high‑signal field to each alert: (still usable), or (couldn’t be verified). Instead of treating every alert like a five‑alarm fire, you can now fast‑path the truly risky stuff and spend less time chasing ghosts. TL;DR Why This Matters Traditional secret scanning: Found something → raise alert → you investigate → sometimes...
Real-Time Security with Continuous Access Evaluation (CAE) comes to Azure DevOps
Update (Nov 20): Continuous Access Evaluation (CAE) rollouts are in progress. It is now available to some customers, and will be rolled out to all customers by mid-December. We’re thrilled to announce that Continuous Access Evaluation (CAE) is now supported on Azure DevOps, bringing a new level of near real-time security enforcement to your development workflows. 🔐 What Is CAE? Continuous Access Evaluation (CAE) is a feature from Microsoft Entra ID that enables near real-time enforcement of Conditional Access policies. Traditionally, Microsoft Entra access tokens in Azure DevOps are valid for up to an hour...