github microsoft/azure-pipelines-tasks v276
on GitHub

5 hours ago

Sprint 276

AppCenterDistribute (V3)

  • AppCenterDistributeV3: remediate package vulnerabilities with minimal dependency update (#22261) (2026-06-18)

AzureAppServiceManage (V0)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureAppServiceSettings (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureCLI (V2)

  • Fix AzureCLI@2/V3 version parsing failure for table format output (#22245) (2026-06-17)
  • Update PowerShell argument sanitizer to allow special characters (#22249) (2026-06-11)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)
  • Update task dependencies and bump task versions to 277.0 (#22294) (2026-06-25)

AzureCLI (V3)

  • Fix AzureCLI@2/V3 version parsing failure for table format output (#22245) (2026-06-17)
  • Update PowerShell argument sanitizer to allow special characters (#22249) (2026-06-11)
  • AzureCLIV3: surface warnings on azure-devops extension install fallback and add L0 coverage (#22257) (2026-06-15)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)
  • Update task dependencies and bump task versions to 277.0 (#22294) (2026-06-25)

AzureCloudPowerShellDeployment (V1)

  • package feed updates (#22200) (2026-06-10)
  • Sanitize NewPsSessionOptionArguments / new-service inputs in PowerShellOnTargetMachinesV3 and AzureCloudPowerShellDeploymentV1 (#22286) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureCloudPowerShellDeployment (V2)

  • package feed updates (#22200) (2026-06-10)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureContainerApps (V0)

  • [AzureContainerAppsV1,V0] Log Docker out of ACR after task completes (#22259) (2026-06-26)

AzureContainerApps (V1)

  • [AzureContainerAppsV1,V0] Log Docker out of ACR after task completes (#22259) (2026-06-26)

AzureFileCopy (V1)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Escape ##vso in output from remote machines (#22282) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFileCopy (V2)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Escape ##vso in output from remote machines (#22282) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFileCopy (V3)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Escape ##vso in output from remote machines (#22282) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFileCopy (V4)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Escape ##vso in output from remote machines (#22282) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFileCopy (V5)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Escape ##vso in output from remote machines (#22282) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFileCopy (V6)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Escape ##vso in output from remote machines (#22282) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFunctionAppContainer (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFunctionApp (V1)

  • Update dependencies and increment patch versions (#22275) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFunctionApp (V2)

  • Update dependencies and increment patch versions (#22275) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureFunctionOnKubernetes (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureIoTEdge (V2)

  • AzureIoTEdgeV2: harden docker login and command invocation (#22288) (2026-06-26)
  • AzureIoTEdgeV2: add Node24 handler and migrate to Node 24 (#22289) (2026-06-25)

AzureKeyVault (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureKeyVault (V2)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureMysqlDeployment (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureMysqlDeployment (V2)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureNLBManagement (V1)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)
  • Update dependencies and increment patch versions (#22275) (2026-06-25)

AzurePowerShell (V2)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzurePowerShell (V3)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzurePowerShell (V4)

  • package feed updates (#22200) (2026-06-10)
  • Fix AzurePowerShell token leak and temp file cleanup (#22266) (2026-06-18)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzurePowerShell (V5)

  • package feed updates (#22200) (2026-06-10)
  • Fix AzurePowerShell token leak and temp file cleanup (#22266) (2026-06-18)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureResourceGroupDeployment (V2)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureResourceManagerTemplateDeployment (V3)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)
  • Update task dependencies and bump task versions to 277.0 (#22294) (2026-06-25)

AzureRmWebAppDeployment (V3)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureRmWebAppDeployment (V4)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureRmWebAppDeployment (V5)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

AzureSpringCloud (V0)

  • Bump azure-pipelines-task-lib and form-data versions in AzureSpringCloudV0 Task (#22278) (2026-06-22)

AzureVmssDeployment (V0)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)
  • Update task dependencies and bump task versions to 277.0 (#22294) (2026-06-25)

AzureVmssDeployment (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)
  • Update task dependencies and bump task versions to 277.0 (#22294) (2026-06-25)

AzureWebApp (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

CmdLine (V2)

  • package feed updates (#22200) (2026-06-10)

CondaEnvironment (V0)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)

ContainerBuild (V0)

  • Fix credential leak in ContainerBuild@0: add connection.close() after build/push (#22267) (2026-06-17)
  • Update azure-pipelines-tasks-docker-common to 2.276.0 (security fix) (#22281) (2026-06-24)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

ContainerStructureTest (V0)

  • Update azure-pipelines-tasks-docker-common to 2.276.0 (security fix) (#22281) (2026-06-24)

CopyFiles (V2)

  • Bump package versions to address security vulnerabilities in CopyFilesV2 Task (#22246) (2026-06-17)

Docker (V1)

  • DockerV1: skip redundant tag and bump task version (#22199) (2026-06-12)

Docker (V2)

  • Update azure-pipelines-tasks-docker-common to 2.276.0 (security fix) (#22281) (2026-06-24)

DotNetCoreInstaller (V0)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)

DotNetCoreInstaller (V1)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)

DownloadGitHubNugetPackage (V1)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)
  • Bump package versions to address security vulnerabilities in DownloadGitHubNugetPackageV1 Task (#22262) (2026-06-17)

GitHubRelease (V0)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)
  • Update dependencies and increment patch versions (#22275) (2026-06-25)

GradleAuthenticate (V0)

  • GradleAuthenticateV0 (#22165) (2026-06-08)
  • Vulnerability fix for GradleAuthenticateV0 task (#22252) (2026-06-15)

Gradle (V2)

  • Bump dependencies to remediate vulnerabilities (#22188) (2026-06-12)

Gradle (V3)

  • Bump dependencies to remediate vulnerabilities (#22188) (2026-06-12)

Gradle (V4)

  • Bump dependencies to remediate vulnerabilities (#22188) (2026-06-12)

HelmDeploy (V0)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

HelmDeploy (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

IISWebAppManagementOnMachineGroup (V0)

  • package feed updates (#22200) (2026-06-10)

JenkinsDownloadArtifacts (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)
  • Dependency update and version bump in JenkinsDownloadArtifactsV1 Task (#22303) (2026-06-26)

JenkinsDownloadArtifacts (V2)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)
  • Update task dependencies and bump task versions to 277.0 (#22294) (2026-06-25)

KubeloginInstaller (V0)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

KubernetesManifest (V1)

  • Update openssl to 3.5.7 (#22291) (2026-06-25)

Kubernetes (V1)

  • KubernetesV1: Sanitize kubectl version output to prevent ##vso[ comma… (#22260) (2026-06-25)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

MSBuild (V1)

  • package feed updates (#22200) (2026-06-10)

Maven (V2)

  • Patch vulnerable dependencies in MavenV2/V3/V4 Tasks and CI utilities (#22274) (2026-06-23)

Maven (V3)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)
  • Patch vulnerable dependencies in MavenV2/V3/V4 Tasks and CI utilities (#22274) (2026-06-23)

Maven (V4)

  • Bump dependencies to remediate vulnerabilities (#22188) (2026-06-12)
  • Patch vulnerable dependencies in MavenV2/V3/V4 Tasks and CI utilities (#22274) (2026-06-23)

MysqlDeploymentOnMachineGroup (V1)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)
  • Update dependencies and increment patch versions (#22275) (2026-06-25)

NuGetAuthenticate (V0)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)

NuGetInstaller (V0)

  • Update NuGetInstaller task to version 276 and bump dependencies for security improvements (#22277) (2026-06-24)

NuGetPublisher (V0)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)

NuGetRestore (V1)

  • Bump package versions to address security vulnerabilities in Deprecated Tasks (#22212) (2026-06-12)

PowerShellOnTargetMachines (V1)

  • Escape ##vso in output from remote machines (#22282) (2026-06-25)

PowerShellOnTargetMachines (V2)

  • package feed updates (#22200) (2026-06-10)
  • Escape ##vso in output from remote machines (#22282) (2026-06-25)

PowerShellOnTargetMachines (V3)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Escape ##vso in output from remote machines (#22282) (2026-06-25)
  • Sanitize NewPsSessionOptionArguments / new-service inputs in PowerShellOnTargetMachinesV3 and AzureCloudPowerShellDeploymentV1 (#22286) (2026-06-25)

PowerShell (V2)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)

PublishCodeCoverageResults (V1)

  • PublishCodeCoverageResultsV1: dependency refresh and version bump (#22295) (2026-06-26)

PublishCodeCoverageResults (V2)

  • Update packages to eliminate security issues in Common/coveragepublisher (#22272) (2026-06-18)

PublishSymbols (V2)

  • package feed updates (#22200) (2026-06-10)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

PublishTestResults (V1)

  • Bump form-data dependency to version 4.0.6 in PublishTestResultsV1 ,PublishTestResultsV2 and VsTestPlatformToolInstallerV1 (#22284) (2026-06-24)

PublishTestResults (V2)

  • Bump form-data dependency to version 4.0.6 in PublishTestResultsV1 ,PublishTestResultsV2 and VsTestPlatformToolInstallerV1 (#22284) (2026-06-24)

PyPIPublisher (V0)

  • Bump dependencies to remediate vulnerabilities (#22188) (2026-06-12)

ServiceFabricComposeDeploy (V0)

  • package feed updates (#22200) (2026-06-10)

ServiceFabricDeploy (V1)

  • package feed updates (#22200) (2026-06-10)

ServiceFabricPowerShell (V1)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)

ServiceFabricUpdateManifests (V2)

  • package feed updates (#22200) (2026-06-10)

SqlAzureDacpacDeployment (V1)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)
  • Update openssl to 3.5.7 (#22291) (2026-06-25)

SqlDacpacDeploymentOnMachineGroup (V0)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)

Ssh (V0)

  • Fix SshV0 ##vso logging-command injection via remote output (#22297) (2026-06-26)

UsePythonVersion (V0)

  • Bump dependencies to remediate vulnerabilities (#22188) (2026-06-12)

VSBuild (V1)

  • package feed updates (#22200) (2026-06-10)

VsTestPlatformToolInstaller (V1)

  • Bump form-data dependency to version 4.0.6 in PublishTestResultsV1 ,PublishTestResultsV2 and VsTestPlatformToolInstallerV1 (#22284) (2026-06-24)

WindowsMachineFileCopy (V1)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)

WindowsMachineFileCopy (V2)

  • package feed updates (#22200) (2026-06-10)
  • Common/Sanitizer: block data-constructor RCE via AST backstop (issue #22173, supersedes #22253) (#22273) (2026-06-23)

XamarinAndroid (V1)

  • package feed updates (#22200) (2026-06-10)
Check out latest releases or
releases around microsoft/azure-pipelines-tasks v276

Don't miss a new azure-pipelines-tasks release

NewReleases is sending notifications on new releases.

Get notifications