Granular file access differences between Git & TFVC


When creating a new Azure DevOps project you will have to make a choice on the source control system you want to use on your project. The two main choices are: Git and Team Foundation Version Control (TFVC).

What are the differences between the two? Git is a distributed source control system, where as TFVC is a centralised system. A full comparison between the two is documented here:

Git vs. TFVC

Although Microsoft recommends using Git as the version control system, there are some instances when you need granular-level file access control. TFVC allows you to do this, Git does not. This means that you can restrict changes to a single file on a user-by-user basis.

The image below is a snapshot of the TFVC repository. The repository contains several files. The highlighted file: UpgradeTemplate.xaml can have restrictions placed on modifying the contents. For instance, if this was a secret file containing database connections strings, only specific users such as the database team can be granted read/write access.

TFVC granular access control permissions.

In Git, access control settings are restricted to the branch itself.

Git branch-level access control.

This is great when you have a project lead by a principal lead. It allows he/she to control when and how files are changed and merged back into master.

You must be logged in to post a comment.