Changelog

All notable changes to Sourcegraph are documented in this file.

5.4.0

Added

• Added rate and latency instrumentation for git / package repository syncing operations. These are visible in the gitserver dashboards (VCS "Clone/Fetch/IsCloneable" Metrics). #61708
• Added syntax highlighting for the Pkl configuration language. #61478
• New rev:at.time() search filter that allows you to search a branch at a point in time. #61513
• "cody.contextFilters" field to the site config. Admins can set include and exclude rules to define which repositories Cody can use as context in its requests to third-party LLMs. #61101, #61641
• Added whether "cody.contextFilters" field is configured in the site config to pings. #62080
• Added exhaustive logging for all gRPC requests sent to gitserver. This feature is off by default, and can be enabled by setting the SRC_GITSERVER_EXHAUSTIVE_LOGGING_ENABLED environment variable to true. #61270
• Added an internal option for the repositoryQuery field for GitHub Enterprise code host connections. This will mirror all internal repositories on the code host. #61924

Changed

• Improved syntax highlighting for Dart. #58480
• The default noop Event type in the honey package has been replaced with a new type that aggregates fields in memory for testing and logging purposes. #61854
• Improved the performance of Language Stats Insights by 50-70% by increasing the concurrent requests from the frontend to the gitserver from 1 to 4. You can override the concurrency with the GET_INVENTORY_GIT_SERVER_CONCURRENCY environment variable. #62011
• Raised the backend timeout for Language Stats Insights from 3 minutes to 5 minutes. You can override this with the GET_INVENTORY_TIMEOUT environment variable. #62011
• Code insights drilldown behavior has been changed from a diff search to a point-in-time search with the new rev:at.time(). #61953
• The FirstEverCommit gitserver client method has been changed to use a new bespoke gRPC endpoint instead of the legacy exec endpoint. #62173
• The GetBehindAhead gitserver client method has been changed to use a new bespoke gRPC endpoint instead of the legacy exec endpoint. #62217
• All uses of the DiffSymbols gitserver client method have been replaced with the new ChangedFiles method. As such, the DiffSymbos method has been removed #62355

Fixed

• Updated the Docker-in-Docker image to 26.0.0 to resolve several vulnerabilities. #61735
• The GetCommit() RPC in the gitserver service now uses the correct protobuf type that allows for non-utf8 byte sequences in commit messages, author names, and author emails. #61940
• The ArchiveReader() RPC in the gitserver service now uses the correct protobuf type that allows for non-utf8 byte sequences in file paths. #61970
• Pinned code intel popovers and popovers opened via the keyboard are properly shown again. #61966
• Syntax highlighting works correctly for JSX files. #62027
• Changesets with a skipped CI check now have their CI status correctly displayed in the Batch Changes UI. #62204
• Fixed the Sourcegraph login page auto-redirecting to the single auth provider when request access is enabled. #62376

5.3.12303

Added

• Indexed-search now supports draining a replica of indexes to support zero-downtime reduction in cluster size. #62005

Fixed

• Rust binaries are now built in release mode to avoid unnecessary debug checks. #61740
• Fixed how scip-ctags reports errors to avoid failing search indexing on non-fatal errors. #61712
• Fixed a bug in Enterprise Cody context for queries containing only stopwords. #61848, #62026
• Fixed the instance dropdown on the zoekt grafana dashboard. #61836

5.3.11625

Changed

• Notices configured in the site config now allow for specifying a style or color. #61338
• Reduce spamming error logs when canceling symbols indexing or canceling a syntax highlighting request. #61880, #61719, #61732

Fixed

• Fixed a bug where the src batch preview command could fail due to an incorrect file-not-found error. #61984
• Fixed a bug where the Roles page in the Site Admin view was inaccessible. #61738
• Fixed a panic in Cody Attribution in sourcegraph-frontend when reporting an error. #60439

5.3.9104

Added

• GitHub app installations can now be refreshed from the Batch Changes Site Admin page. #60125
• The SAML auth provider configuration now supports a usernameAttributeNames field that can be used to specify a list of SAML attribute that should be used as the username. #60603
• Added the GraphQL query User.evaluateFeatureFlag to show if a feature flag is enabled or disabled for a user. #60828
• Search Jobs now supports diff, commit and path searches. Before, only file searches were supported. #60883
• Auth providers now support a noSignIn option that, when set to true, will hide the auth provider from the sign in page, but still allow users to connect the external account from their Account Security page for permissions syncing. #60722
• Added a "Commits" button to the folders in repos that shows commits for the items in that folder. #60909
• The frontend Grafana dashboard has a new Prometheus metric that tracks the rate of requests that Sourcegraph issues to external services. #61348
• Added support for the gitURLType setting for Gerrit, Sourcegraph now supports cloning from Gerrit via SSH. Note: Not on Cloud yet, like for all code hosts. #61537
• Support for OpenAI chat models for enterprise customers. #61539
• Added support for explicitly enumerating repositories to sync from Bitbucket Cloud. Previously, Sourcegraph would automatically sync all repositories from a Bitbucket Cloud workspace. #61536

Changed

• GitHub apps installation records will only be deleted from the database if the GitHub App has been uninstalled or if the GitHub app has been deleted. #60460
• The Anthropic provider for Cody has been updated to use the messages API which includes support for Claude 3 models. This is applicable to both BYOK and Cody Gateway users. The messages API does not support model identifiers which only set a major model version such as: claude-2, claude-instant-v1 and claude-instant-1. Default values have been updated to claude-2.0 and claude-instant-1.2, any legacy models identifiers in the site config will be set to the corresponding default previously mentioned. #60953 #61324
• The AWS Bedrock provider for Cody has been updated to use Anthropic's Messages API, bringing support for Claude 3 models. #61347
• Notices configured in the site config now allow for specifying a style or color. #61338

Fixed

• Code Monitors now properly ignores monitors associated with soft-deleted users, which previously would have led to an error on the overview page. #60405
• Fixed a bug where clicking "Exclude Repo" on Azure DevOps or Gerrit repositories would not work. #60509
• Links in codeintel popovers respect the revision from the URL. #60545
• Fixed an issue where repositories with a name ending in .git failed to clone. #60627
• Fixed an issue where Sourcegraph could lose track of repositories on gitserver, leaving behind unnecessary data and inconsistent clone status in the UI. #60627
• The "Commits" button in repository and folder pages links to commits in the current revision instead of in the default branch. #61408
• Fixed an issue where code insights queries would fail if there are more than 65535 restricted repositories and regular expressions. #61580
• The "Commits" button in repository and folder pages uses Perforce language and links to /-/changelists for Perforce depots when the experimental feature perforceChangelistMapping is enabled. #61408
• Selecting "View blame prior to this change" on a file that was moved will now correctly navigate to the old file location at the specified commit. #61577
• Git blame performance on large files with a large number of commits has been drastically improved. #61577
• Code Insights now properly ignores search API alerts, which previously would have led to a code insight error. #61431

5.3.3

Added

Changed

• Changed the Azure OpenAI Cody provider to use the stable 2023-05-15 api version, due to the retirement of previous preview api versions. 61005

Fixed

• Fixed an issue in our build process that broke tooltips and validation in the settings editors. #60808

• Fixes a bug where the reference panel would not show any definitions or references for Protocol Buffers (and other languages where the name contained a space). #60987

• Fixed a bug where permission syncs could be scheduled for repositories or users even when a sync is already scheduled or in progress, leading to significant delays in the permissions sync system as a whole. #61024

• Fixed a bug in gitserver where it was possible to use expired Github App authorization tokens when syncing a large repository. Now, gitserver will use the latest tokens for each step of the syncing process (and refresh them if necessary). #61179

Removed

5.3.2

Fixed

• A bug in search that could trigger a panic
• An unintentional change to the search results when using the LineMatch API which would include surrounding lines with no matches
• Autoupgrade only looks for open db connections from the Sourcegraph application services, and disregards other applications connected to the postgres instance. #60771
• Fixes a bug where hovers would not show up in C++ headers with the .hxx extension. #60662

5.3.1

Fixed

• Updated container images to fix CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-5517, CVE-2023-5679, CVE-2023-6516

5.3.0

Added

• The search bar now supports keyword search by default, which ANDs terms together instead of searching literally as before. The behavior can be disabled through a toggle on the search results page. #58815
• The has.topic filter now supports filtering by Gitlab topics. #57649
• Batch Changes now allows changesets to be exported in CSV and JSON format. #56721
• Supports custom ChatCompletion models in Cody clients for dotcom users. #58158
• Topics synced from GitHub and GitLab are now displayed for repository matches in the search results and on the repository tree page. #58927
• Added a new column "Repository metadata JSON" to the CSV export of repository search results, which includes the JSON encoded object of metadata key-value pairs. #59334
• Expiry to access tokens. Users can now select a maximum timespan for which a token is valid. Tokens will automatically lose access after this period. Default timeframes and an override to disable access tokens without expiration can be configured in the auth.accessTokens section of the site configuration. #59565
• Gerrit code host connections now support an 'exclude' field that prevents repos in this list from being synced. #59739
• Limit the number of active access tokens for a user. By default users are able to have 25 active access tokens. This limit can be configured using the maxTokensPerUser setting in the auth.accessTokens section of the site configuration. #59731
• Add experimental support for .cody/ignore when retrieving remote context. To enable it, set experimentalFeatures.codyContextIgnore: true in the site configuration. #59836, #59907
• Site admin, link to the Cody Analytics service. #60371
• Added a reimagined filter panel to the search result page, facilitating a workflow centered around iterative refinement.
• Search results were treated to a design refresh, improving information density of results. #59834
• Added a preview pane to file search results so you can view the full file without navigating away from the search results. #58311

Changed

• cody.restrictUsersFeatureFlag has been deprecated and replaced by role based access control instead. Until the old configuration value is removed from your site config, it will be respected just as before but with a warning displayed at the top of Sourcegraph. Once removed, the old feature flag will not be respected and instead the Cody access will be managed via role based access controls, see the docs for more information. #58831
• The setting experimentalFeatures.searchQueryInput now refers to the new query input as v2 (not experimental).
• Search-based code intel doesn't include the currently selected search context anymore. It was possible to get into a situation where search-based code intel wouldn't find any information due to being restricted by the current search context. #58010
• The last commit which changed a file/directory is now shown in the files panel on the repo and file pages. To avoid duplicating information and confusion, the commits panel was removed. 58328
• Clicking on a search result now opens the blob view at the same commit as the search result. Before, blob views were opened at the tip of the default branch, which sometimes caused inconsistencies in line numbers if the index was out of date. #58381
• The exclude configuration for code host configuration has been updated to allow chaining multiple conditions together and filtering GitHub repositories based on their size or number of GitHub stars. #58377 and #58405
  • Multiple attributes on a single exclude entry now have to be all true for a repository to be excluded. Example: {"exclude": [{"name": "github.com/example/example"}, {"id": "my-id"}]} will only exclude repositories that have the name and the id mentioned.
  • GitHub code host connections can exclude by size and stars now: {"exclude": [{"name": "github.com/example/example"}, {"stars": "< 100", "size": ">= 1GB"}]}
  • For size and stars the supported operators are <, >, <=, >=.
  • For size the supported units are B, b, kB, KB, kiB, KiB, MiB, MB, GiB, GB. No decimals points are supported.
• Structural Search is now disabled by default. To enable it, set experimentalFeatures.structuralSearch: "enabled" in the site configuration. #57584
• Search Jobs switches the format of downloaded results from CSV to JSON. #59619
• Search Jobs is now in beta and enabled by default. It can be disabled in the site configuration by setting experimentalFeatures.searchJobs: false.
• The search input on the search homepage is now automatically focused when the page loads.
• gRPC is now the only method for our internal APIs, and can not be disabled. All of corresponding the REST implementations have been removed. The vast majority of customers upgrading to 5.3 don't need to take any action - the change should be invisible. However, if you have restrictions on Sourcegraph’s internal (service to service) traffic, some firewall or security configurations may be necessary. You can downgrade to Sourcegraph 5.2 and disable gRPC while you troubleshoot / reach out to our customer support team. See https://sourcegraph.com/docs/admin/updates/grpc for more details. #59093
• The default count: for search has been increased to 10000, significantly increasing the number of searches that are exhaustive by default. #60114

Fixed

• Site configuration edit history no longer breaks when the user that made the edit is deleted. #57656
• Drilling down into an insights query no longer mangles content: fields in your query. #57679
• The blame column now shows correct blame information when a hunk starts in a folded code section. #58042
• Fixed a bug where typing in the GraphQL editor in the Site Admin API console could cause the cursor to jump to the start of the editor. #57862
• The blame column no longer ignores whitespace-only changes by default. #58134
• Long lines now wrap correctly in the diff view. #58138
• Fixed an issue in the search input where pressing Enter after selecting a suggestion would sometimes insert another suggestions instead of submitting the query. #58186
• Fixed an issue where having sub-repo permissions enabled could cause repositories with a large number of files in directories to become unviewable. #59420
• On the search context, code monitoring, code insights, saved searches or notebook pages, when selecting a repository or file suggestion in the query input with Enter the suggestion is now properly appended to the query instead of navigating away to the corresponding repository or file page. #59941
• Perforce email matching for user permissions is now case insensitive, matching Perforce behavior. #60252
• A bug with syncing GitHub App installations that caused installations to be truncated after the first 30 orgs. #60383
• Various significant performance optimizations in the search and code navigation user flows.

Removed

• The experimental GraphQL query User.invitableCollaborators.
• The following experimental settings in site-configuration are now deprecated and will not be read anymore: maxReorderQueueSize, maxQueueMatchCount, maxReorderDurationMS. #57468
• The feature-flag search-ranking, which allowed to disable the improved ranking introduced in 5.1, is now deprecated and will not be read anymore. #57468
• The GitHub Proxy service is no longer required and has been removed from deployment options. #55290
• The VSCode search extension "Sourcegraph for VS Code" has been sunset and removed from Sourcegraph repository. #58023
• The rateLimit configuration for Perforce code host connections has been removed to avoid confusion, it was unused. #58188
• The feature flag search-ranking is now completely removed. #58156
• The notepad UI, notebook creation feature. #58217
• The experimental indexRepositoryName option for the rust packages code host connection has been removed. #59176
• The column "Repository metadata" in the CSV export of repository search results is now deprecated and will be removed in a future release. Use "Repository metadata JSON" instead #59334
• Remote embeddings as context source for Cody has been removed. #59493

5.2.7

Added

Fixed

• The reference panel correctly shows definition and reference information instead of a "Could not find token" error for MATLAB. #59636
• The auto-index configuration page correctly shows any auto-inference errors instead of a nil pointer exception. #59756

Removed

Changed

5.2.6

Added

• Implement adding automatic retry support for idempotent gRPC methods #59404

Fixed

• Fix executors auth header installSrc #59391
• Avoid constantly rerunning failed embeddings jobs. #58980

5.2.5

Added

• Added Cody providers data to pings. #58848
• Added the ability to proxy authentication requests when using the Azure OpenAI Cody provider. #58862

Fixed

• Fixed an issue where updating a generic git code host would cause it to become unrestricted if permissions user mapping is enabled. #58772
• Fail embeddings jobs immediately if the rate limit is exceeded. #58869

Changed

• Improved the admin page for search indexing. #58866

Removed

5.2.4

Added

• Added the ability to use Workload Identity, Managed Identity and Environmental credentials when using the Azure OpenAI completions and embeddings providers #58289
• Added support for cloning via SSH from Azure DevOps. #58655

Fixed

• Fixed two issues in Zoekt that could cause out of memory errors during search indexing. sourcegraph/zoekt#686, sourcegraph/zoekt#689
• Fixed performance issue with embeddings job scheduling. (#58651)[https://github.com/sourcegraph/sourcegraph/pull/58651]

5.2.3

Added

• Added configurable GraphQL query cost limitations to prevent unintended resource exhaustion. Default values are now provided and enforced, replacing the previously unlimited behaviour. For more information, please refer to: GraphQL Cost Limits Documentation. See details at #58346.
• Sourcegraph now supports connecting to Bitbucket Cloud using Workspace Access Tokens. #58465.

Fixed

• Defining file filters for embeddings jobs no longer causes all files to be skipped if MaxFileSizeBytes isn't defined. #58262

5.2.2

Added

• Added a new authorization configuration options to GitLab code host connections: "markInternalReposAsPublic". Setting "markInternalReposAsPublic" to true is useful for organizations that have a large amount of internal repositories that everyone on the instance should be able to access, removing the need to have permissions to access these repositories. Additionally, when configuring a GitLab auth provider, you can specify "syncInternalRepoPermissions": false, which will remove the need to sync permissions for these internal repositories. #57858
• Experimental support for OpenAI powered autocomplete has been added. #57872

Fixed

• Updated the endpoint used by the AWS Bedrock Claude provider. #58028

5.2.1

Added

• Added two new authorization configuration options to GitHub code host connections: "markInternalReposAsPublic" and "syncInternalRepoPermissions". Setting "markInternalReposAsPublic" to true is useful for organizations that have a large amount of internal repositories that everyone on the instance should be able to access, removing the need to have permissions to access these repositories. Setting "syncInternalRepoPermissions" to true adds an additional step to user permission syncs that explicitly checks for internal repositories. However, this could lead to longer user permission sync times. #56677
• Fixed an issue with Code Monitors that could cause users to be notified multiple times for the same commit #57546
• Fixed an issue with Code Monitors that could prevent a new code monitor from being created if it targeted multiple repos #57546
• Sourcegraph instances will now emit a limited set of telemetry events in the background by default (#57605). Enablement will be based on the following conditions:
  • Customers with a license key created after October 3, 2023, or do not have a valid license key configured, will export all telemetry events recorded in the new system.
  • Customers with a license key created before October 3, 2023 will export only Cody-related events recorded in the new system, as covered by the Cody Usage and Privacy Notice.
  • If you have a previous agreement regarding telemetry sharing, you account representative will reach out with more details.

Fixed

• Fixed a user's Permissions page being inaccessible if the user has had no permission syncs with an external account connected. #57372
• Fixed a bug where site admins could not view a user's permissions if they didn't have access to all of the repositories the user has. Admins still won't be able to see repositories they don't have access to, but they will now be able to view the rest of the user's repository permissions. #57375
• Fixed a bug where gitserver statistics would not be properly decoded / reported when using REST (i.e. experimentalFeatures.enableGRPC = false in site configuration). #57318
• Updated the curl and libcurl dependencies to 8.4.0-r0 to fix CVE-2023-38545. #57533
• Fixed a bug where commit signing failed when creating a changeset if batchChanges.enforceFork is set to true. #57520
• Fixed a regression in ranking of Go struct and interface in search results. zoekt#655

5.2.0

Added

• Experimental support for AWS Bedrock Claude for the completions provider has been added. #56321
• Recorded command logs can now be viewed for Git operations performed by Sourcegraph. This provides auditing and debugging capabilities. #54997
• Disk usage metrics for gitservers are now displayed on the site admin Git Servers page, showing free/total disk space. This helps site admins monitor storage capacity on GitServers. #55958
• Overhauled Admin Onboarding UI for enhanced user experience, introducing a license key modal with validation, automated navigation to Site Configuration Page, an interactive onboarding checklist button, and direct documentation links for SMTP and user authentication setup. 56366
• New experimental feature "Search Jobs". Search Jobs allows you to run search queries across your organization's codebase (all repositories, branches, and revisions) at scale. It enhances the existing Sourcegraph's search capabilities, enabling you to run searches without query timeouts or incomplete results. Please refer to the documentation for more information.

Changed

• OpenTelemetry Collector has been upgraded to v0.81, and OpenTelemetry packages have been upgraded to v1.16. #54969, #54999
• Bitbucket Cloud code host connections no longer automatically syncs the repository of the username used. The appropriate workspace name will have to be added to the teams list if repositories for that account need to be synced. #55095
• Newly created access tokens are now hidden by default in the Sourcegraph UI. To view a token, click "show" button next to the token. #56481
• The GitHub proxy service has been removed and is no longer required. You can safely remove it from your deployment. #55290
• On startup, Zoekt indexserver will now delete the <DATA_DIR>/.indexserver.tmp directory to remove leftover repository clones, possibly causing a brief delay. Due to a bug, this directory wasn't previously cleaned up and could cause unnecessary disk usage. zoekt#646.
• gRPC is now used by default for all internal (service to service) communication. This change should be invisible to most customers. However, if you're running in an environment that places restrictions on Sourcegraph's internal traffic, some prior configuration might be required. See the "Sourcegraph 5.2 gRPC Configuration Guide" for more information. #56738

Fixed

• Language detection for code highlighting now uses go-enry for all files by default, which fixes highlighting for MATLAB files. #56559

Removed

• indexed-search has removed the deprecated environment variable ZOEKT_ENABLE_LAZY_DOC_SECTIONS zoekt#620
• The federation feature that could redirect users from their own Sourcegraph instance to public repositories on Sourcegraph.com has been removed. It allowed users to open a repository URL on their own Sourcegraph instance and, if the repository wasn't found on that instance, the user would be redirect to the repository on Sourcegraph.com, where it was possibly found. The feature has been broken for over a year though and we don't know that it was used. If you want to use it, please open a feature-request issue and tag the @sourcegraph/source team. #55161
• The applySearchQuerySuggestionOnEnter experimental feature flag in user settings was removed, and this behavior is now always enabled. Previously, this behavior was on by default, but it was possible to disable it.
• The feature-flag search-hybrid, which allowed to disable the performance improvements for unindexed search in 4.3, is now deprecated and will not be read anymore. #56470

5.1.9

Added

• Enable "Test connection" for Perforce code hosts. The "Test connection" button in the code host page UI now works for Perforce code hosts. #56697

Changed

• User access to Perforce depots is sometimes denied unintentionally when using "authorization"/"subRepoPermissions": true in the code host config and the protects file contains exclusionary entries with the Host field filled out. Ignoring those rules (that use anything other than the wildcard (*) in the Host field) is now toggle-able by adding "authorization"/"ignoreRulesWithHost" to the code host config and setting the value to true. #56450

Fixed

• Fixed an issue where the "gitLabProjectVisibilityExperimental" feature flag would not be respected by the permissions syncer. This meant that users on Sourcegraph that have signed in with GitLab would not see GitLab internal repositories that should be accessible to everyone on the GitLab instance, even though the feature flag was enabled #56492
• Fixed a bug when syncing repository lists from GitHub that could lead to 404 errors showing up when running into GitHub rate limits #56478

5.1.8

Added

• Added experimental autocomplete support for Azure OpenAI #56063

Changed

• Improved stability of gRPC connections #56314, #56302, #56298, #56217

5.1.7

Changed

• Pressing Mod-f will always select the input value in the file view search #55546
• Caddy has been updated to version 2.7.3 resolving a number of vulnerabilities. #55606
• The commit message defined in a batch spec will now be passed to git commit on stdin using --file=- instead of being included inline with git commit -m to improve how the message is interpreted by git in certain edge cases, such as when the commit message begins with a dash, and to prevent extra quotes being added to the message. This may mean that previous escaping strategies will behave differently.

Fixed

• Fixed a bug in the deploy-sourcegraph-helm deployment of Sourcegraph, for sufficiantly large scip indexes uploads will fail when the precise-code-intel worker attempts to write to /tmp and doesn't have a volume mounted for this purpose. See kubernetes release notes for more details #342

5.1.6

Added

• New Prometheus metrics have been added to track the response / request sizes of gRPC calls. #55381
• A new embeddings site configuration setting excludeChunkOnError allows embedding jobs to complete job execution despite chunks of code or text that fail. When enabled the chunks are skipped after failed retries but the index can continue being populated. When disabled the entire job fails and the index is not saved. This setting is enabled by default. Embedding job statistics now capture code_chunks_excluded and text_chunks_excluded for successfully completed jobs. Total excluded chunks and file names for excluded chunks are logged as warnings. #55180
• Experimental support for Azure OpenAI for the completions and embeddings provider has been added. #55178
• Added a feature flag for alternate GitLab project visibility resolution. This may solve some weird cases with not being able to see GitLab internal projects. #54426
  • To use this feature flag, create a Boolean feature flag named "gitLabProjectVisibilityExperimental" and set the value to True.
• It is now possible to add annotations to pods spawned by jobs created by the Kubernetes executor. #55361

Changed

• Updated all packages in container images to latest versions
• Updated Docker-in-Docker image from 23.0.1 to 23.0.6
• The gRPC implementation for the Symbol service's LocalCodeIntel endpoint has been changed to stream its results. #55242
• When using OpenAI or Azure OpenAI for Cody completions, code completions will be disabled - chat will continue to work. This is because we currently don't support code completions with OpenAI. #55624

Fixed

• Fixed a bug where user account requests could not be approved even though the license would permit user creation otherwise. #55482
• Fixed a bug where the background scheduler for embedding jobs based on policies would not schedule jobs for private repositories. #55698
• Fixed a source of inconsistency in precise code navigation, affecting implementations and prototypes especially. #54410

Removed

5.1.5

Known Issues

• Standard and multi-version upgrades are not currently working from Sourcegraph versions 5.0.X to 5.1.5. As a temporary workaround, please upgrade 5.0.X to 5.1.0, then 5.1.0 to 5.1.5.

Fixed

• Fixed an embeddings job scheduler bug where if we cannot resolve one of the repositories or its default branch then all repositories submitted will not have their respective embeddings job enqueued. Embeddings job scheduler will now continue to schedule jobs for subsequent repositories in the submitted repositories set. #54701
• Creation of GitHub Apps will now respect system certificate authorities when specifying certificates for the tls.external site configuration. #55084
• Passing multi-line Coursier credentials in JVM packages configuration should now work correctly. #55113
• SCIP indexes are now ingested in a streaming fashion, eliminating out-of-memory errors in most cases, even when uploading very large indexes (1GB+ uncompressed). #53828
• Moved the license checks to worker service. We make sure to run only 1 instance of license checks this way. 54854
• Updated base images to resolve issues in curl, OpenSSL, and OpenSSL. 55310
• The default message size limit for gRPC clients has been raised from 4MB to 90MB. #55209
• The message printing feature for the custom gRPC internal error interceptor now supports logging all internal error types, instead of just non-utf 8 errors. #55130
• Fixed an issue where GitHub Apps could not be set up using Firefox. #55305
• Fixed nil panic on certain GraphQL fields when listing users. #55322

Changed

• The "Files" tab of the fuzzy finder now allows you to navigate directly to a line number by appending :NUMBER. For example, the fuzzy query main.ts:100 opens line 100 in the file main.ts. #55064
• The gRPC implementation for the Symbol service's LocalCodeIntel endpoint has been changed to stream its results. #55242
• GitLab auth providers now support an ssoURL option that facilitates scenarios where a GitLab group requires SAML/SSO. #54957

Added

Removed

5.1.4

Fixed

• A bug where we would temporarily use much more memory than needed during embeddings fetching. #54972

Changed

• The UI for license keys now displays more information about license validity. #54990
• Sourcegraph now supports more than one auth provider per URL. #54289
• Site-admins can now list, view and edit all code monitors. #54981

5.1.3

Changed

• Cody source code (for the VS Code extension, CLI, and client shared libraries) has been moved to the sourcegraph/cody repository.
• golang.org/x/net/trace instrumentation, previously available under /debug/requests and /debug/events, has been removed entirely from core Sourcegraph services. It remains available for Zoekt. #53795

Fixed

• Fixed an embeddings job scheduler bug where if we cannot resolve one of the repositories or its default branch then all repositories submitted will not have their respective embeddings job enqueued. Embeddings job scheduler will now continue to schedule jobs for subsequent repositories in the submitted repositories set. #54701

5.1.2

Fixed

• Fixes a crash when uploading indexes with malformed source ranges (this was a bug in scip-go). #54304
• Fixed validation of Bitbucket Cloud configuration in site-admin create/update form. #54494
• Fixed race condition with grpc server.send message. #54500
• Fixed a configuration initialization issue that broke the outbound request in the site admin page. #54745
• Fixed Postgres DSN construction edge-case. #54858

5.1.1

Fixed

• Fixed the default behaviour when the explicit permissions API is enabled. Repositories are no longer marked as unrestricted by default. #54419

5.1.0

Note: As of 5.1.0, the limited OSS subset of Sourcegraph has been removed, and code search OSS code has been relicensed going forward. See https://github.com/sourcegraph/sourcegraph/issues/53528#issuecomment-1594967818 for more information (blog post coming soon).

Note: As of 5.1.0, the rsa-sha signature algorithm is no longer supported when connecting to code hosts over SSH. If you encounter the error sign_and_send_pubkey: no mutual signature supported when syncing repositories, see Repository authentication for more information and steps to resolve the issue.

Known issues

• There is an issue with Sourcegraph instances configured to use explicit permissions using permissions.userMapping in Site configuration, where repository permissions are not enforced. Customers using the explicit permissions API are advised to upgrade to v5.1.1 directly.
• There is an issue with creating and updating existing Bitbucket.org (Cloud) code host connections due to problem with JSON schema validation which prevents the JSON editor from loading and surfaces as an error in the UI.

Added

• Executors natively support Kubernetes environments. #49236
• Documentation for GitHub fine-grained access tokens. #50274
• Code Insight dashboards retain size and order of the cards. #50301
• The LLM completions endpoint is now exposed through a GraphQL query in addition to the streaming endpoint #50455
• Permissions center statistics pane is added. Stats include numbers of queued jobs, users/repos with failed jobs, no permissions, and outdated permissions. #50535
• SCIM user provisioning support for Deactivate/Reactivation of users. #50533
• Login form can now be configured with ordering and limit of auth providers. See docs. #50586, 50284 and #50705
• OOM reaper events affecting p4-fusion jobs on gitserver are better detected and handled. Error (non-zero) exit status is used, and the resource (CPU, memory) usage of the job process is appended to the job output so that admins can infer possible OOM activity and take steps to address it. #51284
• When creating a new batch change, spaces are automatically replaced with dashes in the name field. #50825 and 51071
• Support for custom HTML injection behind an environment variable (ENABLE_INJECT_HTML). This allows users to enable or disable HTML customization as needed, which is now disabled by default. #51400
• Added the ability to block auto-indexing scheduling and inference via the codeintel_autoindexing_exceptions Postgres table. #51578
• When an admin has configured rollout windows for Batch Changes changesets, the configuration details are now visible to all users on the Batch Changes settings page. #50479
• Added support for regular expressions inexclude repositories for GitLab code host connections. #51862
• Branches created by Batch Changes will now be automatically deleted on the code host upon merging or closing a changeset if the new batchChanges.autoDeleteBranch site setting is enabled. #52055
• Repository metadata now generally available for everyone #50567, #50607, #50857, #50908, #972, #51031, #977, #50821, #51258, #52078, #51985, #52150, #52249, #51982, #51248, #51921, #52301
• Batch Changes for Gerrit Code Hosts #52647.
• Batch Changes now supports per-batch-change control for pushing to a fork of the upstream repository when the property changesetTemplate.fork is specified in the batch spec. #51572
• Executors can now be configured to process multiple queues. #52016
• Added isCodyEnabled as a new GraphQL field to Site. #52941
• Enabled improved search ranking by default. This feature can be disabled through the search-ranking feature flag.#53031
• Added token callback route for Cody in VS Code and VS Code insiders. #53313
• Latest repository clone/sync output is surfaced in the "Mirroring and cloning" page ({REPO}/-/settings/mirror). Added primarily to enable easier debugging of issues with Perforce depots, it can also be useful for other code hosts. #51598
• New file:has.contributor(...) predicate for filtering files based on contributors. #53206
• Added multi-repo scope selector for Cody on the web supporting unified context generation API which uses combination of embeddings search and keyword search as fallback for context generation. 53046
• Batch Changes can now sign commits for changesets published on GitHub code hosts via GitHub Apps. #52333
• Added history of changes to the site configuration page. Site admins can now see information about changes made to the site configuration, by whom and when. #49842
• For Perforce depots, users will now see the changelist ID (CL) instead of Git commit SHAs when visiting a depot or the view changelists page #51195
• Visiting a specific CL will now use the CL ID in the URL instead of the commit SHA. Other areas affected by this change are browsing files at a specific CL, viewing a specific file changed as part of a specific CL. To enable this behaviour, site admins should set "perforceChangelistMapping": "enabled" under experimentalFeatures in the site configuration. Note that currently we process only one perforce depot at a time to map the commit SHAs to their CL IDs in the backend. In a subsequent release we will add support to process multiple depots in parallel. Other areas where currently commit SHAs are used will be updated in future releases. #53253 #53608 #54051
• Added autoupgrading to automatically perform multi-version upgrades, without manual migrator invocations, through the frontend deployment. Please see the documentation for details. #52242 #53196

Changed

• Access tokens now begin with the prefix sgp_ to make them identifiable as secrets. You can also prepend sgp_ to previously generated access tokens, although they will continue to work as-is without that prefix.
• The commit message defined in a batch spec will now be quoted when git is invoked, i.e. git commit -m "commit message", to improve how the message is interpreted by the shell in certain edge cases, such as when the commit message begins with a dash. This may mean that previous escaping strategies will behave differently.
• 429 errors from external services Sourcegraph talks to are only retried automatically if the Retry-After header doesn't indicate that a retry would be useless. The time grace period can be configured using SRC_HTTP_CLI_EXTERNAL_RETRY_AFTER_MAX_DURATION and SRC_HTTP_CLI_INTERNAL_RETRY_AFTER_MAX_DURATION. #51743
• Security Events NO LONGER write to database by default - instead, they will be written in the audit log format to console. There is a new site config setting log.securityEventLogs that can be used to configure security event logs to write to database if the old behaviour is desired. This new default will significantly improve performance for large instances. In addition, the old environment variable SRC_DISABLE_LOG_PRIVATE_REPO_ACCESS no longer does anything. #51686
• Audit Logs & Security Events are written with the same severity level as SRC_LOG_LEVEL. This prevents a misconfiguration issue when log.AuditLogs.SeverityLevel was set below the overall instance log level. log.AuditLogs.SeverityLevel has been marked as deprecated and will be removed in a future release #52566
• Update minimum supported Redis version to 6.2 #52248
• The batch spec properties transformChanges and workspaces are now generally available.
• Cody feature flags have been simplified #52919 See the docs page for complete setup details
  • cody.enabled in site-config now controls whether Cody is on/off, default false.
  • When cody.enabled is set and no specific configuration for completions and embeddings are given, Cody will by default talk to the sourcegraph provider, Sourcegraphs Cody Gateway which allows access to chat completions and embeddings.
  • Enabling Cody now requires cody.enabled set to true and completions to be set.
  • cody.restrictUsersFeatureFlag replaces experimentalFeatures.CodyRestrictUsersFeatureFlag in site-config, default false.
  • completions.enabled has been deprecated, replaced by cody.enabled.
  • The feature flags for Cody in web features have been removed and the single source of truth is now cody.enabled.
  • The embeddings configuration now requires a provider field to be set.
  • Ping data now reflects whether cody.enabled and completions are set.
• If a Sourcegraph request is traced, its trace ID and span ID are now set to the X-Trace and X-Trace-Span response headers respectively. The trace URL (if a template is configured in observability.tracing.urlTemplate) is now set to X-Trace-URL - previously, the URL was set to X-Trace. #53259
• For users using the single-container server image with the default built-in database, the database must be reindexed. This process can take up to a few hours on systems with large datasets. See Migrating to Sourcegraph 5.1.x for full details. #53256
• Sourcegraph Own is now available as a beta enterprise feature. search-ownership feature flag is removed and doesn't need to be used.
• Update Jaeger to 1.45.0, and Opentelemetry-Collector to 0.75.0 #54000
• Switched container OS to Wolfi for hardened containers #47182, #47368
• Batches changes now supports for CODEOWNERS for Github. Pull requests requiring CODEOWNERS approval, will no longer show as approved unless explicitly approved by a CODEOWNER. https://github.com/sourcegraph/sourcegraph/pull/53601
• The insecure rsa-sha signature algorithm is no longer supported when connecting to code hosts over SSH. See the Repository authentication page for further details.

Fixed

• GitHub repositoryQuery searches now respect date ranges and use API requests more efficiently. #49969
• Fixed an issue where search based references were not displayed in the references panel. #50157
• Symbol suggestions only insert type:symbol filters when necessary. #50183
• Removed an incorrect beta label on the Search Context creation page #51188
• Multi-version upgrades to version 5.0.2 in a fully airgapped environment will not work without the command --skip-drift-check. #51164
• Could not set "permissions.syncOldestUsers" or "permissions.syncOldestRepos" to zero. #51255
• GitLab code host connections will disable repo-centric repository permission syncs when the authentication provider is set as "oauth". This prevents repo-centric permission sync from getting incorrect data. #51452
• Code intelligence background jobs did not correctly use an internal context, causing SCIP data to sometimes be prematurely deleted. #51591
• Slow request logs now have the correct trace and span IDs attached if a trace is present on the request. #51826
• The braindot menu on the blob view no longer fetches data eagerly to prevent performance issues for larger monorepo users. #53039
• Fixed an issue where commenting out redacted site-config secrets would re-add the secrets. #53152
• Fixed an issue where SCIP packages would sometimes not be written to the database, breaking cross-repository jump to definition. #53763
• Fixed an issue when adding a new user external account was not scheduling a new permission sync for the user. #54144
• Adding a new user account now correctly schedules a permission sync for the user. #54258
• Users/repos without an existing sync job in the permission_sync_jobs table are now scheduled properly. #54278

Removed

• User tags are removed in favor of the newer feature flags functionality. #49318
• Previously deprecated site config experimentalFeatures.bitbucketServerFastPerm has been removed. #50707
• Unused site-config field api.rateLimit has been removed. #51087
• Legacy (table-based) blob viewer. #50915

5.0.6

Fixed

• SAML assertions to get user display name are now compared case insensitively and we do not always return an error. #52992
• Fixed an issue where type:diff search would not work when sub-repo permissions are enabled. #53210

5.0.5

Added

• Organization members can now administer batch changes created by other members in their organization's namespace if the setting orgs.allMembersBatchChangesAdmin is enabled for that organization. #50724
• Allow instance public access mode based on auth.public site config and allow-anonymous-usage license tag #52440
• The endpoint configuration field for completions is now supported by the OpenAI provider #52530

Fixed

• MAU calculation in product analytics and pings use the same condition and UTC at all times. #52306 #52579 #52581
• Bitbucket native integration: fix code-intel popovers on the pull request pages. #52609
• id column of user_repo_permissions table was switched to bigint to avoid int overflow. #52299
• In some circumstances filenames containing .. either could not be read or would return a diff when viewed. We now always correctly read those files. #52605
• Syntax highlighting for several languages including Python, Java, C++, Ruby, TypeScript, and JavaScript is now working again when using the single Docker container deployment option. Other deployment options were not affected.

5.0.4

Fixed

• Git blame lookups of repositories synced through src serve-git or code hosts using a custom repositoryPathPattern will now use the correct URL when streaming git blame is enabled. #51525
• Code Insights scoped to a static list of repository names would fail to resolve repositories with permissions enabled, resulting in insights that would not process. #51657
• Batches: Resolved an issue with GitHub webhooks where CI check updates fail due to the removal of a field from the GitHub webhook payload. #52035

5.0.3

Added

• Cody aggregated pings. #50835

Fixed

• Bitbucket Server adding an error log if there is no account match for the user. #51030
• Editing search context with special characters such as / resulted in http 404 error. #51196
• Significantly improved performance and reduced memory usage of the embeeddings service. #50953, #51372
• Fixed an issue where a Code Insights query with structural search type received 0 search results for the latest commit of any matching repo. #51076

5.0.2

Added

• An experimental site config setting to restrict cody to users by the cody-experimental feature flag #50668

Changed

• Use the Alpine 3.17 releases of cURL and Git

Fixed

• For Cody, explicitly detect some cases where context is needed to avoid failed responses. #50541
• Code Insights that are run over zero repositories will finish processing and show "No data to display". #50561
• DNS timeouts on calls to host.docker.internal from every html page load for docker-compose air-gapped instances. No more DNS lookups in jscontext.go anymore. #50638
• Improved the speed of the embedding index by significantly decreasing the calls to Gitserver. #50410

Removed

5.0.1

Added

• The ability to exclude certain file path patterns from embeddings.
• Added a modal to show warnings and errors when exporting search results. #50348

Changed

Fixed

• Fixed CVE-2023-0464 in container images
• Fixed CVE-2023-24532 in container images
• Fixed an issue where Slack code monitoring notifications failed when the message was too long. #50083
• Fixed an edge case issue with usage statistics calculations that cross over month and year boundaries.
• Fixed the "Last incremental sync" value in user/repo permissions from displaying a wrong date if no sync had been completed yet.
• Fixed an issue that caused search context creation to fail with error "you must provide a first or last value to properly paginate" when defining the repositories and revisions with a JSON configuration.
• Fixed an issue where the incorrect actor was provided when searching an embeddings index.
• Fixed multiple requests downloading the embeddings index concurrently on an empty cache leading to an out-of-memory error.
• Fixed the encoding of embeddings indexes which caused out-of-memory errors for large indexes when uploading them from the worker service.
• Fixed git blame decorations styles
• CODEOWNERS rules with consecutive slashes (//) will no longer fail ownership searches
• Granting pending permissions to users when experimentalFeatures.unifiedPermissions is turned ON #50059
• The unified permissions out of band migration reported as unfinished if there were users with no permissions #50147
• Filenames with special characters are correctly handled in Cody's embedding service #50023
• Structural search correctly cleans up when done preventing a goroutine leak #50034
• Fetch search based definitions in the reference panel if no precise definitions were found #50179

Removed

5.0.0

Added

• The environment variable TELEMETRY_HTTP_PROXY can be set on the sourcegraph-frontend service, to use an HTTP proxy for telemetry and update check requests. #47466
• Kubernetes Deployments: Introduced a new Kubernetes deployment option (deploy-sourcegraph-k8s) to deploy Sourcegraph with Kustomize. #46755
• Kubernetes Deployments: The new Kustomize deployment (deploy-sourcegraph-k8s) introduces a new base cluster that runs all Sourcegraph services as non-root users with limited privileges and eliminates the need to create RBAC resources. #4213
• Added the other.exclude setting to Other external service config. It can be configured to exclude mirroring of repositories matching a pattern similar to other external services. This is useful when you want to exclude repositories discovered via src serve-git. #48168
• The Site admin > Updates page displays the upgrade readiness information about schema drift and out-of-band migrations. #48046
• Pings now contain ownership search and file-view activity counts. #47062
• Greatly improves keyboard handling and accessibility of the files and symbol tree on the repository pages. #12916
• The file tree on the repository page now automatically expands into single-child directories. #47117
• When encountering GitHub rate limits, Sourcegraph will now wait the recommended amount of time and retry the request. This prevents sync jobs from failing prematurely due to external rate limits. #48423
• Added a dashboard with information about user and repository background permissions sync jobs. #46317
• When encountering GitHub or GitLab rate limits, Sourcegraph will now wait the recommended amount of time and retry the request. This prevents sync jobs from failing prematurely due to external rate limits. #48423, #48616
• Switching between code editor, files and symbols trees using keyboard shortcuts (currently under the experimental feature flag: blob-page-switch-areas-shortcuts). #46829.
• Added "SCIM" badges for SCIM-controlled users on the User admin page. #48727
• Added Azure DevOps Services as a Tier 1 Code Host, including: repository syncing, permissions syncing, and Batch Changes support. #46265
• Added feature to disable some fields on user profiles for SCIM-controlled users. #48816
• Native support for ingesting and searching GitHub topics with repo:has.topic() #48875
• Role- Access Control is now available as an enterprise feature (in Beta). It is currently only supported for Batch Changes functionality. #43276
• Site admins can now [restrict creation of batch changes to certain users by tailoring their roles and the permissions granted to those )roles. #34491
• Site admins can now [configure outgoing webhooks for Batch Changes to inform external tools of events related to Sourceg)raph batch changes and their changesets. #38278
• [Sourcegraph Own is now available as an experimental enterprise feature. Enable the search-ownership fe)ature flag to use it.
• Gitserver supports a new COURSIER_CACHE_DIR env var to configure the cache location for coursier JVM package repos.
• Pings now emit a histogram of repository sizes cloned by Sourcegraph 48211.
• The search input has been redesigned to greatly improve usability. New contextual suggestions help users learn the Sourcegraph query language as they search. Suggestions have been unified across contexts and filters, and the history mode has been integrated into the input. Improved and expanded keyboard shortcuts also make navigation much easier. This functionality is in beta, and can be disabled in the user menu.

Changed

• Experimental GraphQL query, permissionsSyncJobs is substituted with new non-experimental query which provides full information about permissions sync jobs stored in the database. #47933
• Renders readme.txt files in the repository page. #47944
• Renders GitHub pull request references in all places where a commit message is referenced. #48183
• CodeMirror blob view (default) uses selection-driven code navigation. #48066
• Older Code Insights data points will now be automatically archived as configured by the site configuration setting insights.maximumSampleSize, set to 30 by default. All points can be exported. This behaviour can be disabled using the experimental setting insightsDataRetention. #48259
• The admin debug GraphQL endpoint for Code Insights will now include the series metadata in the response. #49473
• Usage telemetry has been streamlined; there are no longer two categories (critical and non-critical), and telemetry will be streamlined and reviewed/reduced further in upcoming releases. The site admin flag disableNonCriticalTelemetry currently still remains but has no effect.

Fixed

• The symbols service CACHE_DIR and MAX_TOTAL_PATHS_LENGTH were renamed to have a SYMBOLS_ prefix in the last version of Sourcegraph; this version fixes a bug where the old names without the SYMBOLS_ prefix were not respected correctly. Both names now work.
• Fixed issues with propagating tracing configuration throughout the application. #47428
• Enable auto gc on fetch when SRC_ENABLE_GC_AUTO is set to true. #47852
• Fixes syntax highlighting and line number issues in the code preview rendered inside the references panel. #48107
• The ordering of code host sync error messages in the notifications menu will now be persistent. Previously the order was not guaranteed on a refresh of the status messages, which would make the code host sync error messages jump positions, giving a false sense of change to the site admins. #48722
• Fixed Detect & Track Code Insights running over all repositories when during creation a search was used to specify the repositories for the insight. #49633

Removed

• The LSIF upload endpoint is no longer supported and has been replaced by a diagnostic error page. src-cli v4.5+ will translate all local LSIF files to SCIP prior to upload. #47547
• The experimental setting authz.syncJobsRecordsLimit has been removed. #47933
• Storing permissions sync jobs statuses in Redis has been removed as now all permissions sync related data is stored in a database. #47933
• The key shared_steps has been removed from auto-indexing configuration descriptions. If you have a custom JSON auto-indexing configuration set for a repository that defines this key, you should inline the content into each index job's steps array. #48770

4.5.1

Changed

• Updated git to version 2.39.2 to address reported security vulnerabilities #47892
• Updated curl to 7.88.1 to address reported security vulnerabilities #48144

4.5.0

Added

• Endpoint environment variables (SEARCHER_URL, SYMBOLS_URL, INDEXED_SEARCH_SERVERS, SRC_GIT_SERVERS) now can be set to replica count values in Kubernetes, Kustomize, Helm and Docker Compose environments. This avoids the need to use service discovery or generating the respective list of addresses in those environments. #45862
• The default author and email for changesets will now be pulled from user account details when possible. #46385
• Code Insights has a new display option: "Max number of series points to display". This setting controls the number of data points you see per series on an insight. #46653
• Added out-of-band migration that will migrate all existing data from LSIF to SCIP (see additional [migration documentation). #45106)
• Code Insights has a new search-powered repositories field that allows you to select repositories with Sourcegraph search syntax. #45687
• You can now export all data for a Code Insight from the card menu or the standalone page. #46795, #46694
• Added Gerrit as an officially supported code host with permissions syncing. #46763
• Markdown files now support <picture> and <video> elements in the rendered view. #47074
• Batch Changes: Log outputs from execution steps are now paginated in the web interface. #46335
• Monitoring: the searcher dashboard now contains more detailed request metrics as well as information on interactions with the local cache (via gitserver). #47654
• Renders GitHub pull request references in the commit list. #47593
• Added a new background permissions syncer & scheduler which is backed by database, unlike the old one that was based on an in-memory processing queue. The new system is enabled by default, but can be disabled. Revert to the in-memory processing queue by setting the feature flag database-permission-sync-worker to false. #47783
• Zoekt introduces a new opt-in feature, "shard merging". Shard merging consolidates small index files into larger ones, which reduces Zoekt-webserver's memory footprint [documentation)
• Blob viewer is now backed by the CodeMirror editor. Previous table-based blob viewer can be re-enabled by setting experimentalFeatures.enableCodeMirrorFileView to false. #47563
• Code folding support for the CodeMirror blob viewer. #47266
• CodeMirror blob keyboard navigation as experimental feature. Can be enabled in settings by setting experimentalFeatures.codeNavigation to selection-driven. #44698

Changed

• Archived and deleted changesets are no longer counted towards the completion percentage shown in the Batch Changes UI. #46831
• Code Insights has a new UI for the "Add or remove insights" view, which now allows you to search code insights by series label in addition to insight title. #46538
• When SMTP is configured, users created by site admins via the "Create user" page will no longer have their email verified by default - users must verify their emails by using the "Set password" link they get sent, or have their emails verified by a site admin via the "Emails" tab in user settings or the setUserEmailVerified mutation. The createUser mutation retains the old behaviour of automatically marking emails as verified. To learn more, refer to the [SMTP and email delivery documentation. #46187)
• Connection checks for code host connections have been changed to talk to code host APIs directly via HTTP instead of doing DNS lookup and TCP dial. That makes them more resistant in environments where proxies are used. #46918
• Expiration of licenses is now handled differently. When a license is expired promotion to site-admin is disabled, license-specific features are disabled (exceptions being SSO & permission syncing), grace period has been replaced with a 7-day-before-expiration warning. #47251
• Searcher will now timeout searches in 2 hours instead of 10 minutes. This timeout was raised for batch use cases (such as code insights) searching old revisions in very large repositories. This limit can be tuned with the environment variable PROCESSING_TIMEOUT. #47469
• Zoekt now bypasses the regex engine for queries that are common in the context of search-based code intelligence, such as \bLITERAL\b case:yes. This can lead to a significant speed-up for "Find references" and "Find implementations" if precise code intelligence is not available. zoekt#526
• The Sourcegraph Free license has undergone a number of changes. Please contact support@sourcegraph.com with any questions or concerns. #46504
  • The Free license allows for only a single private repository on the instance.
  • The Free license does not support SSO of any kind.
  • The Free license does not offer mirroring of code host user permissions.
• Expired Sourcegraph licenses no longer allow continued use of the product. #47251
  • Licensed features are disabled once a license expires.
  • Users can no longer be promoted to Site Admins once a license expires.

Fixed

• Resolved issue which would prevent Batch Changes from being able to update changesets on forks of repositories on Bitbucket Server created prior to version 4.2. #47397
• Fixed a bug where changesets created on forks of repositories in a personal user's namespace on GitHub could not be updated after creation. #47397
• Fixed a bug where saving default Sort & Limit filters in Code Insights did not persist #46653
• Restored the old syntax for repo:contains filters that was previously removed in version 4.0.0. For now, both the old and new syntaxes are supported to allow for smooth upgrades. Users are encouraged to switch to the new syntax, since the old one may still be removed in a future version.
• Fixed a bug where removing an auth provider would render a user's Account Security page inaccessible if they still had an external account associated with the removed auth provider. #47092
• Fixed a bug where the repo:has.description() parameter now correctly shows description of a repository synced from a Bitbucket server code host connection, while previously it used to show the repository name instead #46752
• Fixed a bug where permissions syncs consumed more rate limit tokens than required. This should lead to speed-ups in permission syncs, as well as other possible cases where a process runs in repo-updater. #47374
• Fixes UI bug where folders with single child were appearing as child folders themselves. #46628
• Performance issue with the Outbound requests page. #47544

Removed

• The Code insights "run over all repositories" mode has been replaced with search-powered repositories filed syntax. #45687
• The settings search.repositoryGroups, codeInsightsGqlApi, codeInsightsAllRepos, experimentalFeatures.copyQueryButton,, experimentalFeatures.showRepogroupHomepage, experimentalFeatures.showOnboardingTour, experimentalFeatures.showSearchContextManagement and codeIntelligence.autoIndexRepositoryGroups have been removed as they were deprecated and unsued. #47481
• The site config enableLegacyExtensions setting was removed. It is no longer possible to enable legacy Sourcegraph extension API functionality in this version.

4.4.2

Changed

• Expiration of licenses is now handled differently. When a license is expired promotion to site-admin is disabled, license-specific features are disabled (exceptions being SSO & permission syncing), grace period has been replaced with a 7-day-before-expiration warning. #47251

4.4.1

Changed

• Connection checks for code host connections have been changed to talk to code host APIs directly via HTTP instead of doing DNS lookup and TCP dial. That makes them more resistant in environments where proxies are used. #46918
• The search query input overflow behavior on search home page has been fixed. #46922

4.4.0

Added

• Added a button "Reindex now" to the index status page. Admins can now force an immediate reindex of a repository. #45533
• Added an option "Unlock user" to the actions dropdown on the Site Admin Users page. Admins can unlock user accounts that wer locked after too many sign-in attempts. #45650
• Templates for certain emails sent by Sourcegraph are now configurable via email.templates in site configuration. #45671, #46085
• Keyboard navigation for search results is now enabled by default. Use Arrow Up/Down keys to navigate between search results, Arrow Left/Right to collapse and expand file matches, Enter to open the search result in the current tab, Ctrl/Cmd+Enter to open the result in a separate tab, / to refocus the search input, and Ctrl/Cmd+Arrow Down to jump from the search input to the first result. Arrow Left/Down/Up/Right in previous examples can be substituted with h/j/k/l for Vim-style bindings. Keyboard navigation can be disabled by creating the search-results-keyboard-navigation feature flag and setting it to false. #45890
• Added support for receiving GitLab webhook push events. #45856
• Added support for receiving Bitbucket Server / Datacenter webhook push events. #45909
• Monitoring: Indexed-Search's dashboard now has new graphs for search request durations and "in-flight" search request workloads #45966
• The GraphQL API now supports listing single-file commit history across renames (with GitCommit.ancestors(follow: true, path: "<some-path>")). #45882
• Added support for receiving Bitbucket Cloud webhook push events. #45960
• Added a way to test code host connection from the Manage code hosts page. #45972
• Updates to the site configuration from the site admin panel will now also record the user id of the author in the database in the critical_and_site_config.author_user_id column. #46150
• When setting and resetting passwords, if the user's primary email address is not yet verified, using the password reset link sent via email will now also verify the email address. #46307
• Added new code host details and updated edit code host pages in site admin area. #46327
• If the experimental setting insightsDataRetention is enabled, the number of Code Insights data points that can be viewed will be limited by the site configuration setting insights.maximumSampleSize, set to 30 by default. Older points beyond that number will be periodically archived. #46206, #46440
• Bitbucket Cloud can now be added as an authentication provider on Sourcegraph. #46309
• Bitbucket Cloud code host connections now support permissions syncing. #46312
• Keep a log of corruption events that happen on repositories as they are detected. The Admin repositories page will now show when a repository has been detected as being corrupt and they'll also be able to see a history log of the corruption for that repository. #46004
• Added corrupted statistic as part of the global repositories statistics. 46412
• Added a Corrupted status filter on the Admin repositories page, allowing Administrators to filter the list of repositories to only those that have been detected as corrupt. #46415
• Added “Background job dashboard” admin feature #44901

Changed

• Code Insights no longer uses a custom index of commits to compress historical backfill and instead queries the repository log directly. This allows the compression algorithm to span any arbitrary time frame, and should improve the reliability of the compression in general. #45644
• GitHub code host configuration: The error message for non-existent organizations has been clarified to indicate that the organization is one that the user manually specified in their code host configuration. #45918
• Git blame view got a user-interface overhaul and now shows data in a more structured way with additional visual hints. #44397
• User emails marked as unverified will no longer receive code monitors and account update emails - unverified emails can be verified from the user settings page to continue receiving these emails. #46184
• Zoekt by default eagerly unmarshals the symbol index into memory. Previously we would unmarshal on every request for the purposes of symbol searches or ranking. This lead to pressure on the Go garbage collector. On sourcegraph.com we have noticed time spent in the garbage collector halved. In the unlikely event this leads to more OOMs in zoekt-webserver, you can disable by setting the environment variable ZOEKT_ENABLE_LAZY_DOC_SECTIONS=t. zoekt#503
• Removes the right side action sidebar that is shown on the code view page and moves the icons into the top nav. #46339
• The sourcegraph/prometheus image no longer starts with --web.enable-lifecycle --web.enable-admin-api by default - these flags can be re-enabled by configuring PROMETHEUS_ADDITIONAL_FLAGS on the container. #46393
• The experimental setting authz.syncJobsRecordsTTL has been changed to authz.syncJobsRecordsLimit - records are no longer retained based on age, but based on this size cap. #46676
• Renders GitHub pull request references in git blame view. #46409

Fixed

• Made search results export use the same results list as the search results page. #45702
• Code insights with more than 1 year of history will correctly show 12 data points instead of 11. #45644
• Hourly code insights will now behave correctly and will no longer truncate to midnight UTC on the calendar date the insight was created. #45644
• Code Insights: fixed an issue where filtering by a search context that included multiple repositories would exclude data. #45574
• Ignore null JSON objects returned from GitHub API when listing public repositories. #45969
• Fixed issue where emails that have never been verified before would be unable to receive resent verification emails. #46185
• Resolved issue preventing LSIF uploads larger than 2GiB (gzipped) from uploading successfully. #46209
• Local vars in Typescript are now detected as symbols which will positively impact ranking of search results. go-ctags#10
• Fix issue in Gitlab OAuth in which user group membership is set too wide - adds min_access_level=10 to /groups request. #46480

Removed

• The extension registry no longer supports browsing, creating, or updating legacy extensions. Existing extensions may still be enabled or disabled in user settings and may be listed via the API. (The extension API was deprecated in 2022-09 but is still available if the enableLegacyExtensions site config experimental features flag is enabled.)
• User and organization auto-defined search contexts have been permanently removed along with the autoDefinedSearchContexts GraphQL query. The only auto-defined context now is the global context. #46083
• The settings experimentalFeatures.showSearchContext, experimentalFeatures.showSearchNotebook, and experimentalFeatures.codeMonitoring have been removed and these features are now permanently enabled when available. #46086
• The legacy panels on the homepage (recent searches, etc) which were turned off by default but could still be re-enabled by setting experimentalFeatures.showEnterpriseHomePanels to true, are permanently removed now. #45705
• The site { monitoringStatistics { alerts } } GraphQL query has been deprecated and will no longer return any data. The query will be removed entirely in a future release. #46299
• The Monaco version of the search query input and the corresponding feature flag (experimentalFeatures.editor) have been permanently removed. #46249

4.3.1

Changed

• A bug that broke the site-admin page when no repositories have been added to the Sourcegraph instance has been fixed. #46123

4.3.0

Added

• A "copy path" button has been added to file content, path, and symbol search results on hover or focus, next to the file path. The button copies the relative path of the file in the repo, in the same way as the "copy path" button in the file and repo pages. #42721
• Unindexed search now use the index for files that have not changed between the unindexed commit and the indexed commit. The result is faster unindexed search in general. If you are noticing issues you can disable by setting the feature flag search-hybrid to false. #37112
• The number of commits listed in the History tab can now be customized for all users by site admins under Configuration -> Global Settings from the site admin page by using the config history.defaultPageSize. Individual users may also set history.defaultPagesize from their user settings page to override the value set under the Global Settings. #44651
• Batch Changes: Mounted files can be accessed via the UI on the executions page. #43180
• Added "Outbound request log" feature for site admins #44286
• Code Insights: the data series API now provides information about incomplete datapoints during processing
• Added a best-effort migration such that existing Code Insights will display zero results instead of missing points at the start and end of a graph. #44928
• More complete stack traces for Outbound request log #45151
• A new status message now reports how many repositories have already been indexed for search. #45246
• Search contexts can now be starred (favorited) in the search context management page. Starred search contexts will appear before other contexts in the context dropdown menu next to the search box. #45230
• Search contexts now let you set a context as your default. The default will be selected every time you open Sourcegraph and will appear near the top in the context dropdown menu next to the search box. #45387
• [search.largeFiles accepts an optional prefix ! to negate a pattern. The o)rder of the patterns within search.largeFiles is honored such that the last pattern matching overrides preceding patterns. For patterns that begin with a literal ! prefix with a backslash, for example, \!fileNameStartsWithExcl!.txt. Previously indexed files that become excluded due to this change will remain in the index until the next reindex #45318
• [Webhooks have been overhauled completely and can now be found under Site admin >) Repositories > Incoming webhooks. Webhooks that were added via code host configuration are [deprecated and will be removed in 5.1.0.
• Added support fo)r receiving webhook push events from GitHub which will trigger Sourcegraph to fetch the latest commit rather than relying on polling.
• Added support for private container registries in Sourcegraph executors. [Using private registries)

Changed

• Batch Change: When one or more changesets are selected, we now display all bulk operations but disable the ones that aren't applicable to the changesets. #44617
• Gitserver's repository purge worker now runs on a regular interval instead of just on weekends, configurable by the repoPurgeWorker site configuration. #44753
• Editing the presentation metadata (title, line color, line label) or the default filters of a scoped Code Insight will no longer trigger insight recalculation. #44769, #44797
• Indexed Search's memory_map_areas_percentage_used alert has been modified to alert earlier than it used to. It now issues a warning at 60% (previously 70%) and issues a critical alert at 80% (previously 90%).
• Saving a new view of a scoped Code Insight will no longer trigger insight recalculation. #44679

Fixed

• The Code Insights commit indexer no longer errors when fetching commits from empty repositories when sub-repo permissions are enabled. #44558
• Unintended newline characters that could appear in diff view rendering have been fixed. #44805
• Signing out doesn't immediately log the user back in when there's only one OAuth provider enabled. It now redirects the user to the Sourcegraph login page. #44803
• An issue causing certain kinds of queries to behave inconsistently in Code Insights. #44917
• When the setting batchChanges.enforceForks is enabled, Batch Changes will now prefix the name of the fork repo it creates with the original repo's namespace name in order to prevent repo name collisions. #43681, #44458, #44548, #44924
• Code Insights: fixed an issue where certain queries matching sequential whitespace characters would overcount. #44969
• GitHub fine-grained Personal Access Tokens can now clone repositories correctly, but are not yet officially supported. #45137
• Detect-and-track Code Insights will now return data for repositories without sub-repo permissions even when sub-repo permissions are enabled on the instance. #45631

Removed

• Removed legacy GraphQL field dirtyMetadata on an insight series. insightViewDebug can be used as an alternative. #44416
• Removed search.index.enabled site configuration setting. Search indexing is now always enabled.
• Removed the experimental feature setting showSearchContextManagement. The search context management page is now available to all users with access to search contexts. #45230
• Removed the experimental feature setting showComputeComponent. Any notebooks that made use of the compute component will no longer render the block. The block will be deleted from the databse the next time a notebook that uses it is saved. #45360

4.2.1

• minio has been replaced with blobstore. Please see the update notes here

4.2.0

Added

• Creating access tokens is now tracked in the security events. #43226
• Added codeIntelAutoIndexing.indexerMap to site-config that allows users to update the indexers used when inferring precise code intelligence auto-indexing jobs (without having to overwrite the entire inference scripts). For example, "codeIntelAutoIndexing.indexerMap": {"go": "my.registry/sourcegraph/lsif-go"} will cause Go projects to use the specified container (in a alternative Docker registry). #43199
• Code Insights data points that do not contain any results will display zero instead of being omitted from the visualization. Only applies to insight data created after 4.2. #43166
• Sourcegraph ships with node-exporter, a Prometheus tool that provides hardware / OS metrics that helps Sourcegraph scale your deployment. See your deployment update for more information:
  • Kubernetes
  • Docker Compose
• A structural search diagnostic to warn users when a language filter is not set. #43835
• GitHub/GitLab OAuth success/fail attempts are now a part of the audit log. #43886
• When rendering a file which is backed by Git LFS, we show a page informing the file is LFS and linking to the file on the codehost. Previously we rendered the LFS pointer. #43686
• Batch changes run server-side now support secrets. #27926
• OIDC success/fail login attempts are now a part of the audit log. #44467
• A new experimental GraphQL query, permissionsSyncJobs, that lists the states of recently completed permissions sync jobs and the state of each provider. The TTL of entries retrained can be configured with authz.syncJobsRecordsTTL. #44387, #44258
• The search input has a new search history button and allows cycling through recent searches via up/down arrow keys. #44544
• Repositories can now be ordered by size on the repo admin page. #44360
• The search bar contains a new Smart Search toggle. If a search returns no results, Smart Search attempts alternative queries based on a fixed set of rules, and shows their results (if there are any). Smart Search is enabled by default. It can be disabled by default with "search.defaultMode": "precise" in settings. #44385
• Repositories in the site-admin area can now be filtered, so that only indexed repositories are displayed #45288

Changed

• Updated minimum required version of git to 2.38.1 in gitserver and server Docker image. This addresses: https://github.blog/2022-04-12-git-security-vulnerability-announced/ and https://lore.kernel.org/git/d1d460f6-e70f-b17f-73a5-e56d604dd9d5@github.com/. #43615
• When a content: filter is used in a query, only file contents will be searched (previously any of file contents, paths, or repos were searched). However, as before, if type: is also set, the content: filter will search for results of the specified type:. #43442
• Updated p4-fusion from 1.11 to 1.12.

Fixed

• Fixed a bug where path matches on files in the root directory of a repository were not highlighted. #43275
• Fixed a bug where a search query wouldn't be validated after the query type has changed. #43849
• Fixed an issue with insights where a single erroring insight would block access to all insights. This is a breaking change for users of the insights GraphQL api as the InsightViewConnection.nodes list may now contain null. #44491
• Fixed a bug where Open in Editor didn't work well with "repositoryPathPattern" = "{nameWithOwner}" #43839

Removed

• Remove the older log.gitserver.accessLogs site config setting. The setting is succeeded by log.auditLog.gitserverAccess. #43174
• Remove LOG_ALL_GRAPHQL_REQUESTS env var. The setting is succeeded by log.auditLog.graphQL. #43181
• Removed support for setting SRC_ENDPOINTS_CONSISTENT_HASH. This was an environment variable to support the transition to a new consistent hashing scheme introduced in 3.31.0. #43528
• Removed legacy environment variable ENABLE_CODE_INSIGHTS_SETTINGS_STORAGE used in old versions of Code Insights to fall back to JSON settings based storage. All data was previously migrated in version 3.35 and this is no longer supported.

4.1.3

Fixed

• Fixed a bug that caused the Phabricator native extension to not load the right CSS assets. #43868
• Fixed a bug that prevented search result exports to load. #43344

4.1.2

Fixed

• Fix code navigation on OSS when CodeIntel is unavailable. #43458

Removed

• Removed the onboarding checklist for new users that showed up in the top navigation bar, on user profiles, and in the site-admin overview page. After changes to the underlying user statistics system, the checklist caused severe performance issues for customers with large and heavily-used instances. #43591

4.1.1

Fixed

• Fixed a bug with normalizing the published draft value for changeset_specs. #43390

4.1.0

Added

• Outdated executors now show a warning from the admin page. #40916
• Added support for better Slack link previews for private instances. Link previews are currently feature-flagged, and site admins can turn them on by creating the enable-link-previews feature flag on the /site-admin/feature-flags page. #41843
• Added a new button in the repository settings, under "Mirroring", to delete a repository from disk and reclone it. #42177
• Batch changes run on the server can now be created within organisations. #36536
• GraphQL request logs are now compliant with the audit logging format. The old GraphQl logging based on LOG_ALL_GRAPHQL_REQUESTS env var is now deprecated and scheduled for removal. #42550
• Mounting files now works when running batch changes server side. #31792
• Added mini dashboard of total batch change metrics to the top of the batch changes list page. #42046
• Added repository sync counters to the code host details page. #43039

Changed

• Git server access logs are now compliant with the audit logging format. Breaking change: The 'actor' field is now nested under 'audit' field. #41865
• All Perforce rules are now stored together in one column and evaluated on a "last rule takes precedence" basis. #41785
• Security events are now a part of the audit log. #42653
• "GC AUTO" is now the default garbage collection job. We disable sg maintenance, which had previously replace "GC AUTO", after repeated reports about repo corruption. #42856
• Security events (audit log) can now optionally omit the internal actor actions (internal traffic). #42946
• To use the optional customGitFetch feature, the ENABLE_CUSTOM_GIT_FETCH env var must be set on gitserver. #42704

Fixed

• WIP changesets in Gitlab >= 14.0 are now prefixed with Draft: instead of WIP: to accomodate for the breaking change in Gitlab 14.0. #42024
• When updating the site configuration, the provided Last ID is now used to prevent race conditions when simultaneous config updates occur. #42691
• When multiple auth providers of the same external service type is set up, there are now separate entries in the user's Account Security settings. #42865
• Fixed a bug with GitHub code hosts that did not label archived repos correctly when using the "public" repositoryQuery keyword. #41461
• Fixed a bug that would display the blank batch spec that a batch change is initialized with in the batch specs executions tab. #42914
• Fixed a bug that would cause menu dropdowns to not open appropriately. #42779

Removed

4.0.1

Fixed

• Fixed a panic that can be caused by some tracing configurations. #42027
• Fixed broken code navigation for Javascript. #42055
• Fixed issue with empty code navigation popovers. #41958

4.0.0

Added

• A new look for Sourcegraph, previously in beta as "Simple UI", is now permanently enabled. #41021
• A new multi-version upgrade process now allows Sourcegraph instances to upgrade more than a single minor version. Instances at version 3.20 or later can now jump directly to 4.0. #40628
• Matching ranges in file paths are now highlighted for path results and content results. Matching paths in repository names are now highlighted for repository results. #41296 #41385 #41470
• Aggregations by repository, file, author, and capture group are now provided for search results. #39643
• Blob views and search results are now lazily syntax highlighted for better performance. #39563 #40263
• File links in both the search results and the blob sidebar and now prefetched on hover or focus. #40354 #41420
• Negation support for the search predicates -repo:has.path() and -repo:has.content(). #40283
• Experimental clientside OpenTelemetry can now be enabled with "observability.client": { "openTelemetry": "/-/debug/otlp" }, which sends OpenTelemetry to the new bundled OpenTelemetry Collector. #37907
• File diff stats are now characterized by 2 figures: lines added and lines removed. Previously, a 3rd figure for lines modified was also used. This is represented by the fields on the DiffStat type on the GraphQL API. #40454

Changed

• Sourcegraph with Kubernetes (without Helm): The jaeger-agent sidecar has been replaced by an OpenTelemetry Collector DaemonSet + Deployment configuration. The bundled Jaeger instance is now disabled by default, instead of enabled. #40456
• Sourcegraph with Docker Compose: The jaeger service has been replaced by an OpenTelemetry Collector service. The bundled Jaeger instance is now disabled by default, instead of enabled. #40455
• "observability.tracing": { "type": "opentelemetry" } is now the default tracer type. To revert to existing behaviour, set "type": "jaeger" instead. The legacy values "type": "opentracing" and "type": "datadog" have been removed. #41242
• "observability.tracing": { "urlTemplate": "" } is now the default, and if "urlTemplate" is left empty, no trace URLs are generated. To revert to existing behaviour, set "urlTemplate": "{{ .ExternalURL }}/-/debug/jaeger/trace/{{ .TraceID }}" instead. #41242
• Code host connection tokens are no longer supported as a fallback method for syncing changesets in Batch Changes. #25394
• IMPORTANT: repo:contains(file:foo content:bar) has been renamed to repo:contains.file(path:foo content:bar). repo:contains.file(foo) has been renamed to repo:contains.path(foo). repo:contains() is no longer a valid predicate. Saved searches using repo:contains() will need to be updated to use the new syntax. #40389

Fixed

• Fixed support for bare repositories using the src-cli and other codehost type. This requires the latest version of src-cli. #40863
• The recommended src-cli version is now reported consistently. #39468
• A performance issue affecting structural search causing results to not stream. It is much faster now. #40872
• An issue where the saved search input box reports an invalid pattern type for standard, which is now valid. #41068
• Git will now respect system certificate authorities when specifying certificates for the tls.external site configuration. #38128
• Fixed a bug where setting "observability.tracing": {} would disable tracing, when the intended behaviour is to default to tracing with "sampling": "selective" enabled by default. #41242
• The performance, stability, and latency of search predicates like repo:has.file(), repo:has.content(), and file:has.content() have been dramatically improved. #418, #40239, #38988, #39501
• A search query issue where quoted patterns inside parenthesized expressions would be interpreted incorrectly. #41455

Removed

• CACHE_DIR has been removed from the sourcegraph-frontend deployment. This required ephemeral storage which will no longer be needed. This variable (and corresponding filesystem mount) has been unused for many releases. #38934
• Quick links will no longer be shown on the homepage or search sidebar. The quicklink setting is now marked as deprecated. #40750
• Quick links will no longer be shown on the homepage or search sidebar if the "Simple UI" toggle is enabled and will be removed entirely in a future release. The quicklink setting is now marked as deprecated. #40750
• file:contains() has been removed from the list of valid predicates. file:has.content() and file:contains.content() remain, both of which work the same as file:contains() and are valid aliases of each other.
• The single-container sourcegraph/server deployment no longer bundles a Jaeger instance. #41244
• The following previously-deprecated fields have been removed from the Batch Changes GraphQL API: GitBranchChangesetDescription.headRepository, BatchChange.initialApplier, BatchChange.specCreator, Changeset.publicationState, Changeset.reconcilerState, Changeset.externalState.

Older versions

For older versions of Sourcegraph, see the CHANGELOG on GitHub.