Automation

Automate large-scale code changes to remove legacy code, fix critical security issues, and pay down tech debt.

The most elite teams invest
heavily in code change automation

Google invests significant effort in maintaining code health to address some issues related to codebase complexity and dependency management. For instance, special tooling automatically detects and removes dead code, splits large refactorings, … and marks APIs as deprecated.
[At Facebook], analyzers participate as bots in code review, making automatic comments when an engineer submits a code modification. … [This automation] saw a 70% fix rate, where a more traditional "offline" or "batch" deployment (where bug lists are presented to engineers, outside their workflow) saw a 0% fix rate.

How automation helps teams move quickly and safely

Remove deprecated code and legacy systems

You need a way to improve and change APIs used across all of your organization's code, to spend less time and effort in the migration period between the old and new API or service.

Triage and follow-through on critical security issues

You need to be able to identify everywhere that a vulnerable package or API is used, and open issues or pull requests on all affected projects. Then you can monitor the progress of fixing, merging, and deploying.

Dependency updates

Keep your library dependencies and how you use those libraries up-to-date and consistent across all of your organization's code, to avoid old bugs or security problems in old dependencies, and problems arising from inconsistent dependency version use across your codebase.

Deploy new static analysis gradually in the developer workflow

Increase adoption of automatic linters and enable progressively stricter rules across all of your organization's code, so you can continuously improve the quality of all of your code. Developers will see diagnostics and fixes in their editor and on their code host to gently nudge them toward adherence, and you can enforce rules after a certain time period.

Consistent build and deploy configuration

Keep the build and deployment configurations up-to-date and consistent across all of your organization's code, so that you can iterate and deploy continuously and reliably with DevOps self-sufficiency.

Easily define campaigns and track their progress

Sourcegraph's automation lets you create campaigns, which are collections of pull requests and issues across multiple repositories. The following campaign types are built in, and you can create other ad-hoc campaigns from the UI or use the Sourcegraph extension API for more advanced campaigns:

Deprecate a Java artifact dependency
Deprecate a package.json dependency (npm/yarn)
Gradually enforce a new ESLint rule
Require all files to have valid code owners
Find-replace across multiple repositories
Triage search results
Track an existing collection of issues and pull requests

When you create a campaign, Sourcegraph automatically creates pull requests and issues as needed with the correct reviewers and context—and keeps them up-to-date. You can track the progress of the campaign with the burndown chart and see all related activity across all repositories. All this makes completing the campaign as fast and painless as possible.

See it in action

Watch how to use Sourcegraph to automate the deprecation of a JavaScript library across 100+ projects.


Elite companies trust Sourcegraph

Every developer at Uber uses Sourcegraph
Every developer at Lyft uses Sourcegraph
Every developer at Convoy uses Sourcegraph
Every developer at Yelp uses Sourcegraph
Every developer uses Sourcegraph
Every developer at Quantcast uses Sourcegraph
Every developer at Plaid uses Sourcegraph
Every developer at GetYourGuide uses Sourcegraph