Azure DevOps Blog

We are announcing the deprecation of the Azure DevOps issuer in workload identity federation (WIF) service connections, with planned retirement on July 1, 2027. The Azure DevOps issuer uses the https://vstoken.dev.azure.com prefix in federated credentials. This change is part of Microsoft’s broader initiative to standardize on the Microsoft Entra issuer across Azure services that implement The post Retirement of Azure DevOps issuer in Workload identity federation service connections appeared first on Azure DevOps Blog.

We are releasing new patches for our self‑hosted product, Azure DevOps Server. We strongly recommend that all customers stay up to date with the latest, most secure version of Azure DevOps Server. The most recent release, Azure DevOps Server, is available on the download page. The following versions have been patched. For more details on The post June Patches for Azure DevOps Server appeared first on Azure DevOps Blog.

Over the last few years, we’ve encouraged customers to move their repositories from Azure Repos to GitHub, where the newest AI-powered and agentic development experiences land first. Migrating isn’t equally simple for everyone. A move to GitHub can range from straightforward to a multi-year program, depending on an organization’s size, customizations, compliance requirements, tooling, and The post Copilot Autofix for GitHub Advanced Security for Azure DevOps appeared first on Azure DevOps Blog.

🚨 ​​​​​​​Attention: We are accepting a final round of preview requests, with those organizations scheduled for enablement beginning the second week of July. Requests submitted after July 3 will not be accepted into the preview program. Over the last several years, we have encouraged customers to move their repositories from Azure Repos to GitHub to The post Copilot Code Reviews for Azure Repos appeared first on Azure DevOps Blog.

Over the last several years, we’ve encouraged customers to move their repositories from Azure Repos to GitHub to take advantage of the latest AI-powered and agentic development experiences. For many enterprise teams, however, migrating at scale comes with real constraints. Traditional approaches can require extended downtime – sometimes days – which isn’t acceptable for teams The post Enterprise Live Migrations: Moving from Azure DevOps Repo to GitHub with minimal disruption appeared first on Azure DevOps Blog.

For the past decade, Azure DevOps has powered software development at Microsoft, supporting some of our largest repositories and most complex engineering workflows across Azure Repos, Boards, and Pipelines. Software development is being reshaped by AI, and where code lives now have a direct impact on how much value organizations can capture. For teams that The post How Microsoft is migrating repositories to GitHub appeared first on Azure DevOps Blog.

AI is changing how software gets planned, built, and reviewed. As teams adopt agentic development, the platform underneath those workflows matters more. They need tools that bring planning, coding, security, and collaboration together—and can keep pace with how development is evolving. That’s why we’re delivering the newest agentic capabilities on GitHub across planning, coding, code The post Azure DevOps and GitHub: Journeying into the AI Era appeared first on Azure DevOps Blog.

We are releasing new patches for our self‑hosted product, Azure DevOps Server. We strongly recommend that all customers stay up to date with the latest, most secure version of Azure DevOps Server. The most recent release, Azure DevOps Server, is available on the download page. The following versions have been patched. For more details on The post May Patches for Azure DevOps Server appeared first on Azure DevOps Blog.

On March 31, 2026, malicious versions of the widely used JavaScript HTTP client library Axios were briefly published to the npm registry as part of a supply chain attack. The affected versions — 1.14.1 and 0.30.4 — included a hidden malicious dependency that executed during installation and connected to attacker-controlled command-and-control (C2) infrastructure to retrieve The post Axios npm Supply Chain Compromise – Guidance for Azure Pipelines Customers appeared first on Azure DevOps Blog.

With just a single improvement in the REST API of Azure DevOps, we achieved a massive reduction in CPU usage and execution time when managing Git policies: 2x less CPU and 10-15x faster execution! This change is already available to all users of Azure DevOps, and it’s time to share a bit more detail: the The post Optimizing Git policy management at scale appeared first on Azure DevOps Blog.