Showing archive results for August 2025

Building on our previous post about implementing dev-to-prod promotion with GitHub Actions, this follow-up demonstrates the same "build once, deploy everywhere" pattern using Azure DevOps Pipelines. You'll learn how to leverage Azure DevOps YAML pipelines with Azure Developer CLI (azd). This approach ensures consistent, reliable deployments across ...

We’re making an important change to how Azure DevOps displays OAuth client secrets to align with industry best practices and improve our overall security posture. Starting September, newly generated client secrets will be shown only once at the time of creation. After that, they will no longer be retrievable via the UI or API. This update helps re...

If you’ve ever waded through a swamp of secret scanning alerts wondering, “Which of these are actually dangerous right now?” — this enhancement is for you. Secret validity checks in GitHub Advanced Security for Azure DevOps (and the standalone Secret Protection experience) add a high‑signal field to each alert: (still usable), or (couldn’t be ve...

Update (Nov 20): Continuous Access Evaluation (CAE) rollouts are in progress. It is now available to some customers, and will be rolled out to all customers by mid-December. We’re thrilled to announce that Continuous Access Evaluation (CAE) is now supported on Azure DevOps, bringing a new level of near real-time security enforcement to your de...

Any experiences that require additional setup is cumbersome, especially when there are multiple people needed. In GitHub Advanced Security for Azure DevOps, we're working to make it easier to enable features and scale out enablement across your enterprise. You can now automatically inject the dependency scanning task into any pipeline run targetin...