For the past decade, Azure DevOps has powered software development at Microsoft, supporting some of our largest repositories and most complex engineering workflows across Azure Repos, Boards, and Pipelines. Software development is being reshaped by AI, and where code lives now have a direct impact on how much value organizations can capture. For teams that […]
The post How Microsoft is migrating repositories to GitHub appeared first on Azure DevOps Blog.

AI is changing how software gets planned, built, and reviewed. As teams adopt agentic development, the platform underneath those workflows matters more. They need tools that bring planning, coding, security, and collaboration together—and can keep pace with how development is evolving. That’s why we’re delivering the newest agentic capabilities on GitHub across planning, coding, code […]
The post Azure DevOps and GitHub: Journeying into the AI Era appeared first on Azure DevOps Blog.

We are releasing new patches for our self‑hosted product, Azure DevOps Server. We strongly recommend that all customers stay up to date with the latest, most secure version of Azure DevOps Server. The most recent release, Azure DevOps Server, is available on the download page. The following versions have been patched. For more details on […]
The post May Patches for Azure DevOps Server appeared first on Azure DevOps Blog.

On March 31, 2026, malicious versions of the widely used JavaScript HTTP client library Axios were briefly published to the npm registry as part of a supply chain attack. The affected versions — 1.14.1 and 0.30.4 — included a hidden malicious dependency that executed during installation and connected to attacker-controlled command-and-control (C2) infrastructure to retrieve […]
The post Axios npm Supply Chain Compromise – Guidance for Azure Pipelines Customers appeared first on Azure DevOps Blog.

With just a single improvement in the REST API of Azure DevOps, we achieved a massive reduction in CPU usage and execution time when managing Git policies: 2x less CPU and 10-15x faster execution! This change is already available to all users of Azure DevOps, and it’s time to share a bit more detail: the […]
The post Optimizing Git policy management at scale appeared first on Azure DevOps Blog.

We’re excited to announce the public preview of the highly anticipated Actual Result (AR) feature for manual testing in Azure Test Plans! This feature has been one of the top requests of the community, and we’re thrilled to make it available for you. Why use the Actual Result feature? Manual testing is a critical part […]
The post Public Preview: Actual Result for Manual Tests in Azure Test Plans appeared first on Azure DevOps Blog.

This update brings a set of improvements and changes across both local and remote Azure DevOps MCP Servers. Here’s a summary of what’s changed. Query work items with WIQL We’ve introduced a new wit_query_by_wiql tool that enables users to construct and run work item WIQL queries. For our remote MCP, to ensure reliability and performance, […]
The post Azure DevOps MCP Server April Update appeared first on Azure DevOps Blog.

We’re shipping two major capabilities that change how security teams enable and act on application security in Azure DevOps: CodeQL default setup makes it possible to enable code scanning across your organization without configuring a single pipeline, and a new combined alerts experience in Security Overview gives security administrators a single place to search, filter, […]
The post One-click security scanning and org-wide alert triage come to Advanced Security appeared first on Azure DevOps Blog.

We are releasing patches for our self‑hosted product, Azure DevOps Server. We strongly recommend that all customers remain on the latest, most secure version to ensure optimal protection and reliability. The latest release of Azure DevOps Server is available from the download page. This patch applies to the most recent version, Azure DevOps Server, and […]
The post April Patches for Azure DevOps Server appeared first on Azure DevOps Blog.

We introduced the Markdown editor in July 2025 to bring Markdown support to large text fields in work items. Since then, we’ve received valuable customer feedback highlighting challenges with the editing experience, particularly when switching in and out of edit mode. Many users found the current interaction model confusing and, at times, disruptive. For example, […]
The post Improving the Markdown Editor for Work Items appeared first on Azure DevOps Blog.

This post walks through how to implement “build once, deploy everywhere” patterns using Azure Container Apps with the new azd publish and layered infrastructure features in Azure Developer CLI v1.20.0. You’ll learn how to deploy the same containerized application across multiple environments with proper separation of concerns. This is the third installment in our Azure […]
The post Azure Developer CLI: Azure Container Apps Dev-to-Prod Deployment with Layered Infrastructure appeared first on Azure DevOps Blog.

To ensure our hosted agents in Azure Pipelines are operating in the most secure and up-to-date environments, we continuously update the supported images and phase out older ones. In October 2024, we announced support for Ubuntu-24.04. Soon, we plan to update the ubuntu-latest image to map to Ubuntu-24.04. Additionally, MacOS 15 Sequoia and Windows 2025 […]
The post Upcoming Updates for Azure Pipelines Agents Images appeared first on Azure DevOps Blog.

As part of our ongoing commitment to security and modernization, we’re updating outdated authentication mechanisms used by older versions of clients reliant on our older Visual Studio client libraries. For full details on all known impacted clients, refer to the official announcement we made in April 2024: End of Support for Microsoft products reliant on […]
The post Modernizing Authentication for Legacy Visual Studio Clients appeared first on Azure DevOps Blog.

Today we are excited to take our local MCP Server for Azure DevOps out of preview 🥳. Since the initial preview announcement, we’ve worked closely with early adopters and the community to incorporate feature suggestions and feedback. We’ve improved login and authorization, added and refined tooling, and introduced domains so users can scope active tools […]
The post Azure DevOps local MCP Server is generally available appeared first on Azure DevOps Blog.

We’re excited to announce the release candidate (RC) of Azure DevOps Server, bringing new features previously available in our hosted version. You can  download Azure DevOps Server RC today. A direct upgrade to Azure DevOps Server RC is supported from any version of Team Foundation Server, including Team Foundation Server 2015 and newer. Note: October […]
The post Announcing the new Azure DevOps Server RC Release appeared first on Azure DevOps Blog.

As of October 16, 2025, we are no longer accepting organization signups for the private preview. Our focus is now on completing the feature and preparing it for general availability in the coming weeks. Several months ago, GitHub introduced the public preview of its Copilot coding agent, a powerful new capability that allows you to […]
The post Azure Boards integration with GitHub Copilot (Private Preview) appeared first on Azure DevOps Blog.

Delivering high-quality software is a necessity and that’s why Azure Test Plans has introduced the all-new Test Run Hub, an enabler for teams who want to take control of their testing process and drive continuous improvement. What Makes the Test Run Hub a Must-Have? The Test Run Hub is designed to help teams track test […]
The post New Test Run Hub in Azure Test Plans appeared first on Azure DevOps Blog.

Building on our previous post about implementing dev-to-prod promotion with GitHub Actions, this follow-up demonstrates the same “build once, deploy everywhere” pattern using Azure DevOps Pipelines. You’ll learn how to leverage Azure DevOps YAML pipelines with Azure Developer CLI (azd). This approach ensures consistent, reliable deployments across environments. Environment-Specific Infrastructure The infrastructure approach is identical […]
The post Azure Developer CLI: From Dev to Prod with Azure DevOps Pipelines appeared first on Azure DevOps Blog.

We’re making an important change to how Azure DevOps displays OAuth client secrets to align with industry best practices and improve our overall security posture. Starting September, newly generated client secrets will be shown only once at the time of creation. After that, they will no longer be retrievable via the UI or API. This […]
The post Azure DevOps OAuth Client Secrets Now Shown Only Once appeared first on Azure DevOps Blog.

If you’ve ever waded through a swamp of secret scanning alerts wondering, “Which of these are actually dangerous right now?” — this enhancement is for you. Secret validity checks in GitHub Advanced Security for Azure DevOps (and the standalone Secret Protection experience) add a high‑signal field to each alert: Active (still usable), or Unknown (couldn’t […]
The post Hunting Living Secrets: Secret Validity Checks Arrive in GitHub Advanced Security for Azure DevOps appeared first on Azure DevOps Blog.

We’re thrilled to announce that Continuous Access Evaluation (CAE) is now supported on Azure DevOps, bringing a new level of near real-time security enforcement to your development workflows. 🔐 What Is CAE? Continuous Access Evaluation (CAE) is a feature from Microsoft Entra ID that enables near real-time enforcement of Conditional Access policies. Traditionally, Microsoft Entra […]
The post Real-Time Security with Continuous Access Evaluation (CAE) comes to Azure DevOps appeared first on Azure DevOps Blog.

Any experiences that require additional setup is cumbersome, especially when there are multiple people needed. In GitHub Advanced Security for Azure DevOps, we’re working to make it easier to enable features and scale out enablement across your enterprise. You can now automatically inject the dependency scanning task into any pipeline run targeting your default branch. […]
The post Automate your open-source dependency scanning with Advanced Security appeared first on Azure DevOps Blog.

In today’s fast-paced software development cycles, manual testing often becomes a significant bottleneck. Our team was facing a growing backlog of test cases that required repetitive manual execution—running the entire test suite every sprint. This consumed valuable time that could be better spent on exploratory testing and higher-value tasks. We set out to solve this […]
The post From Manual Testing to AI-Generated Automation: Our Azure DevOps MCP + Playwright Success Story appeared first on Azure DevOps Blog.

This post walks through how to implement a “build once, deploy everywhere” pattern using Azure Developer CLI (azd) that provisions environment-specific infrastructure and promotes applications from dev to prod with the same build artifacts. You’ll learn how to use conditional Bicep deployment, environment variable injection, package preservation across environments, and automated CI/CD promotion from development […]
The post Azure Developer CLI: From Dev to Prod with One Click appeared first on Azure DevOps Blog.

Today we are releasing patches that impact the latest version of our self-hosted product, Azure DevOps Server. We strongly encourage and recommend that all customers use the latest, most secure release of Azure DevOps Server. You can download the latest version of the product, Azure DevOps Server 2022.2 from the Azure DevOps Server download page. […]
The post July Patches for Azure DevOps Server appeared first on Azure DevOps Blog.

After several months in private preview and many bug fixes along the way, we’re excited to announce that Markdown support in large text fields is now generally available! 🎉 🦄 How it works By default, all existing and new work items will continue using the HTML editor for large text fields. However, you now have […]
The post Markdown Support Arrives for Work Items appeared first on Azure DevOps Blog.

Azure DevOps will no longer depend on the Azure Resource Manager (ARM) resource (https://management.azure.com) when you sign in or refresh Microsoft Entra access tokens. Previously, Azure DevOps required the ARM audience during sign-in and token refresh flows. This requirement meant administrators had to allow all Azure DevOps users to bypass ARM-based Conditional Access policies to […]
The post Removing Azure Resource Manager reliance on Azure DevOps sign-ins appeared first on Azure DevOps Blog.

A few weeks ago at BUILD, we announced the upcoming Azure DevOps MCP Server: 👉 Azure DevOps with GitHub Repositories – Your path to Agentic AI Today, we’re excited to share that the local Azure DevOps MCP Server is now available in public preview. This lets GitHub Copilot in Visual Studio and Visual Studio Code […]
The post Azure DevOps MCP Server, Public Preview appeared first on Azure DevOps Blog.

Today we are releasing patches that impact the latest version of our self-hosted product, Azure DevOps Server. We strongly encourage and recommend that all customers use the latest, most secure release of Azure DevOps Server. You can download the latest version of the product, Azure DevOps Server 2022.2 from the Azure DevOps Server download page. […]
The post June Patches for Azure DevOps Server appeared first on Azure DevOps Blog.

As organizations continue to strengthen their security posture, restricting usage of personal access tokens (PATs) has become a critical area of focus. With the latest public preview of the Restrict personal access token creation policy in Azure DevOps, Project Collection Administrators (PCAs) now have another powerful tool to reduce unnecessary PAT usage and enforce tighter […]
The post Restricting PAT Creation in Azure DevOps Is Now in Preview appeared first on Azure DevOps Blog.

Following the changes to GitHub Advanced Security on GitHub, we’re launching the standalone security products of GitHub Secret Protection and GitHub Code Security for Azure DevOps today. You can bring the protection of Advanced Security to your enterprise with the flexibility to enable the right level of protection for your repositories. GitHub Secret Protection for […]
The post GitHub Secret Protection and GitHub Code Security for Azure DevOps appeared first on Azure DevOps Blog.

GitHub Copilot has evolved beyond a coding assistant in the IDE into an agentic teammate – providing actionable feedback on pull requests, fixing bugs and implementing new features, creating pull requests and responding to feedback, and much more. These new capabilities will transform every aspect of the software development lifecycle, as we are already seeing […]
The post Azure DevOps with GitHub Repositories – Your path to Agentic AI appeared first on Azure DevOps Blog.

“One Ring to rule them all, One Ring to find them, One Ring to bring them all, and in the darkness bind them.” – J.R.R. Tolkien, The Lord of the Rings In the world of code scanning and dependency scanning, your pipeline is the One Ring—a single definition that can orchestrate scans across multiple repositories. […]
The post One Pipeline to Rule Them All: Ensuring CodeQL Scanning Results and Dependency Scanning Results Go to the Intended Repository appeared first on Azure DevOps Blog.

We are excited to share some recent updates that improve the experience of using Workload identity federation (OpenID Connect) with Azure DevOps and Terraform on Microsoft Azure. Many working parts have come together to make this possible and we’ll share those here. We are also very pleased to announce version 5 of the Microsoft DevLabs […]
The post Introducing Azure DevOps ID Token Refresh and Terraform Task Version 5 appeared first on Azure DevOps Blog.

Although the process may seem slow, we are steadily progressing toward rolling out the New Boards Hub to all customers. Our plan is to deprecate the old Boards experience for all Azure DevOps service users by the end Q1 2025. The rollout is advancing on two fronts. First, we are setting the New Boards Hub […]
The post New Boards Hub Rollout Expectations appeared first on Azure DevOps Blog.

The Microsoft DevLabs publisher was created as a hub for internal teams at Microsoft to channel their passion for Azure DevOps into experimental extensions. These extensions helped address product gaps and fostered innovation, ultimately benefiting Azure DevOps customers via the public marketplace. The challenge Over time, as the original creators of these extensions moved on […]
The post Microsoft DevLabs Extensions appeared first on Azure DevOps Blog.