Blog

Our changelog, announcements, dev posts, and anything else we think you'll find interesting.

Sourcegraph 4.2 release

Sourcegraph 4.2 is here! This month, we are kicking off significant work to improve the scale, speed, and security of Sourcegraph.

Sourcegraph's code intelligence platform is built to help you find and understand code fast, stay in flow, and focus more on what you love doing: writing great code. In order to do this seamlessly for all sizes of engineering teams, Sourcegraph must be able to operate across massive numbers of repositories, search millions of commits, and bake security into every part of the product.

To accomplish this and support even the most demanding engineering teams, Sourcegraph is focused on improving scale, speed, and security over the next several releases in addition to releasing new features.

Here's what's new in Sourcegraph 4.2:

Admin

Get enhanced security visibility with audit logs

Sourcegraph users frequently want to answer questions regarding who has accessed their instance, what actions they've taken, and when. Sourcegraph already provides some information (such as monitoring and pings), but more data is needed to serve pentesting and security testing use cases.

In 4.2, Sourcegraph now ships with an easy-to-consume audit log. The log contains security events, Gitserver access events, and GraphQL requests. The audit log is available for Sourcegraph self-hosted instances, with availability coming soon for Sourcegraph Cloud.

Docs
Batch Changes

Secrets in server-side Batch Changes (Beta)

It's common to use secrets in batch changes steps. Developers can use secrets in batch changes to authenticate to a private registry to install packages, create tickets from within a batch change, or make authenticated API calls to other services. In local runs, secrets can be either hardcoded in the batch spec or loaded from environment variables using step.env, but until now, there was no robust and secure way to manage secrets for server-side runs.

To solve this, we're releasing executor secrets. You can now define secrets to be passed to server-side runs, and those secrets can be referenced as env variables in the batch change spec.

Sourcegraph supports two types of secrets: namespaced secrets that can only be accessed by their owner, and global secrets that site admins can set and make available to all users on an instance.

This feature is in Beta, and feedback is very welcome. Tweet at us, or drop a comment in this issue.

Docs
Code Search

Smart Search helps with search queries to find more results, faster

To help you find information in your codebase faster than ever, we're introducing Smart Search, a new query assistant that activates when a search returns no results. It can be turned on with the new lightning bolt toggle in the search bar.

Smart Search helps find search results that are likely to be more useful than showing "no results" by trying slight variations of a user's original query. Smart Search automatically tries alternative queries based on a handful of rules (we know how easy it is to get tripped up by query syntax). When a query alternative finds results, those results are shown immediately. See the documentation to learn more about Smart Search behavior and configuration.

Docs

Sourcegraph 4.2 is now available to download. For Sourcegraph Cloud users, instances will be upgraded to 4.2 beginning December 5.

Changelog highlights

* Please contact Sourcegraph with any licensing questions.

Try Sourcegraph on your code.

Experience code intelligence with a free trial for you and your team, or search millions of open source repositories.