Granular file access differences between Git & TFVC
When creating a new Azure DevOps project you will have to make a choice on the source control system you want to use on your project. The two main choices are: Git and Team Foundation Version Control (TFVC).
What are the differences between the two? Git is a distributed source control system, where as TFVC is a centralised system. A full comparison between the two is documented here: https://docs.microsoft.com/en-us/azure/devops/repos/tfvc/comparison-git-tfvc?view=azure-devops
Git vs. TFVC
Although Microsoft recommends using Git as the version control system, there are some instances when you need granular-level file access control. TFVC allows you to do this, Git does not. This means that you can restrict changes to a single file on a user-by-user basis.
The image below is a snapshot of the TFVC repository. The repository contains several files. The highlighted file: UpgradeTemplate.xaml can have restrictions placed on modifying the contents. For instance, if this was a secret file containing database connections strings, only specific users such as the database team can be granted read/write access.
In Git, access control settings are restricted to the branch itself.
This is great when you have a project lead by a principal lead. It allows he/she to control when and how files are changed and merged back into master.