Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
| What's New | Developer Community | DevOps Blog | Documentation |
Product roadmap
This feature list is a peek into our roadmap. It identifies some of the significant features we are currently working on and a rough timeframe for when you can expect to see them. It is not comprehensive but is intended to provide some visibility into key investments. At the top you will find a list of our large multi-quarter initiatives and the features that they break down into. Further down you will find the full list of significant features we have planned.
Each feature is linked to an article where you can learn more about a particular item. These features and dates are the current plans and are subject to change. The Timeframe columns reflect when we expect the feature to be available.
Initiatives
GitHub Advanced Security for Azure DevOps
GitHub Advanced Security for Azure DevOps (GHAzDO) brings additional security features to Azure DevOps under an additional license. Any project collection administrator can now enable Advanced Security for their organization, projects and repos from the Project Settings or Organization Settings.
The main capabilities of GitHub Advanced Security for Azure DevOps are:
- Secret Scanning: Detect and remediate plaintext secrets in your git repositories. If push protection is enabled, it also detects and blocks secrets before they are pushed to your repositories.
- Code Scanning: Search for potential security vulnerabilities and coding errors in your code using CodeQL or a third-party tool.
- Dependency Scanning: Detect and alert when your code depends on a package that is insecure and receive straightforward remediation guidance.
You can learn more about how to configure GitHub Advanced Security for Azure DevOps in our documentation.
Upcoming capabilities we expect to deliver include:
| Feature | Area | Quarter |
|---|---|---|
| Determine detected partner secrets validity | GitHub Advanced Security for Azure DevOps |  2025 Q3 |
| Link Boards items to Advanced Security Alerts | GitHub Advanced Security for Azure DevOps | 2025 Q4 |
| Status check policies for Advanced Security alerts | GitHub Advanced Security for Azure DevOps | 2026 Q1 |
| CodeQL default setup (one-click enablement) | GitHub Advanced Security for Azure DevOps | 2026 Q2 |
| Automatically fix detected dependency scanning vulnerabilities with Dependabot security updates | GitHub Advanced Security for Azure DevOps | Future |
Minimizing the risks associated with credential theft
Azure DevOps supports many different authentication mechanisms, including basic authentication, personal access tokens (PATs), SSH, and Microsoft Entra ID (formerly Azure Active Directory) access tokens. These mechanisms are not created equally from a security perspective, especially when it comes to the potential for credential theft. For example, unintended leakage of credentials like PATs can let malicious actors into Azure DevOps organizations where they can gain access to critical assets like source code, pivot toward supply chain attacks, or even pivot toward compromising production infrastructure. To minimize the risks of credential theft, we will focus our efforts in the upcoming quarters in the following areas:
Enable administrators to improve authentication security through control plane policies.
Reducing the need for PATs and other stealable secrets by adding support for more secure alternatives.
Deepening Azure DevOps' integration with Microsoft Entra ID to better support its various security features.
Avoiding the need to store production secrets in Azure Pipelines service connections.
| Feature | Area | Quarter |
|---|---|---|
| Workload identity federation for Docker service connection | Pipelines | 2024 H2 |
| Full web support for Conditional Access Policies | General | 2024 Q4 |
| Policies to disable the use of personal access tokens (PAT) | General | 2025 Q2 |
| PAT-less authentication from pipeline tasks to Azure DevOps APIs | Pipelines | 2026 Q1 |
| Continuous access evaluation | General | Future |
| Using device bound Entra tokens in Azure DevOps | General | Future |
| Workload identity federation Azure DevOps issuer retirement | Pipelines | Future |
Improved Boards + GitHub Integration
The existing Azure Boards + GitHub integration has been in place for several years now. The integration is a great starting point, but it does not offer the level of traceability that our customers have grown accustomed to. Based on customer feedback, we have put together set of investments to enhance this integration. Our goal is to improve upon it so that Azure Boards customers who choose to use GitHub repositories can maintain an equivalent level of traceability to having repositories in Azure DevOps.
These recent investments include:
| Feature | Area | Quarter |
|---|---|---|
| Support for GitHub Enterprise Cloud with data residency | Boards | 2025 Q3 |
| MCP Server for Azure DevOps | General | 2025 Q4 |
| Support work item integration with the GitHub Copilot coding agent (private preview) |
Boards | 2025 Q4 |
| Increase limit of connected GitHub repositories | Boards | 2026 Q1 |
Migrate to Managed DevOps Pools
Managed DevOps Pools is an evolution of Azure DevOps Virtual Machine Scale Set agent pools. It provides better pool scalability and reliability, simplifies pool management, and allows you to use the VM images from Microsoft-hosted agents on custom Azure VMs. You can read more about Managed DevOps Pools here. Features to support new scenarios will be added to Managed DevOps Pools and not Virtual Machine Scale Set pools. Managed DevOps Pools is generally available, so you can migrate your Virtual Machine Scale Set pools to Managed DevOps Pools and use them for production workflows, wherever possible.
You will find the detailed roadmap here.
YAML and release pipelines feature parity
For the past several years, all our pipelines investments have been in the area of YAML pipelines. Furthermore, all our security improvements have been for YAML pipelines. For example, with YAML pipelines, the control over protected resources (e.g., repositories, service connections, etc.) is in the hands of the resource owners as opposed to pipeline authors. The job access tokens that are used in YAML pipelines are scoped to specific repositories that are specified in the YAML file. These are just two examples of security features that are available for YAML pipelines. For these reasons, we recommend using YAML pipelines over classic. Adoption of YAML over classic has been significant for builds (CI). However, many customers have continued to use classic release management pipelines over YAML for releases (CD). The primary reason for this is the lack of parity in various CD features between the two solutions. Over the past year, we addressed several gaps in this area, notably in Checks. Checks are the primary mechanism in YAML pipelines to gate promotion of a build from one stage to another. We will continue to address gaps in other areas over the next year. Our focus will be on user experiences, traceability, and environments.
| Feature | Area | Quarter |
|---|---|---|
| Stage-level traceability | Pipelines | 2026 Q1 |
| On-demand out of order execution of stages | Pipelines | 2026 Q1 |
| Service connections in checks | Pipelines | Future |
| Checks extensibility | Pipelines | Future |
Azure Test Plans improvements
Azure DevOps provides a variety of testing tools and integrations to support different testing needs. These include manual testing, automated testing, and exploratory testing. The platform allows for the creation and management of test plans and test suites, which can be used to track manual testing for sprints or milestones. Additionally, Azure DevOps integrates with CI/CD pipelines, enabling automated test execution and reporting.
We are ramping up our investments in this area in response to feedback from our most active customer base. Our focus will be on the following aspects of test management: improving end-to-end test traceability; extending support for various programming languages and frameworks for automated testing in Test Plans; redesigning workflows and experiences for consuming test runs and test results.
Below, you will find several investments that we plan to deliver as part of this initiative:
| Feature | Area | Quarter |
|---|---|---|
| Quick access to Test Results in Test Case | Test Plans | 2025 Q4 |
| Latest Test Outcome in Requirements | Test Plans | 2025 Q4 |
| New Test Run experience - Public Preview | Test Plans | 2025 Q4 |
| Enhanced Test Point Result Panel | Test Plans | 2025 Q4 |
| Support for JavaScript (Playwright) in Azure Test Plans | Test Plans | 2026 Q1 |
| Support YAML pipelines in Azure Test Plans | Test Plans | 2026 Q1 |
| Support for re-running of data driven tests | Test Plans | 2026 Q1 |
| Improve Reliability of Test & Feedback Extension for Edge and Chrome | Test Plans | 2026 Q2 |
| Support Capturing of Actual Test Result | Test Plans | 2026 Q2 |
| Revamp of the Web Runner | Test Plans | 2026 Q2 |
All features
Azure DevOps Services
Azure DevOps Server
How to provide feedback
We would love to hear what you think about these features. Report any problems or suggest a feature through Developer Community.
You can also get advice and your questions answered by the community on Stack Overflow.