Code change management

Run code change campaigns to remove legacy code, fix critical security issues, and pay down tech debt. Compute changes, create branches, and track pull requests across all affected repositories.

Leading dev teams invest heavily in code change management

Google invests significant effort in maintaining code health to address some issues related to codebase complexity and dependency management. For instance, special tooling automatically detects and removes dead code, splits large refactorings, … and marks APIs as deprecated.
[At Facebook], analyzers participate as bots in code review, making automatic comments when an engineer submits a code modification. … [This automation] saw a 70% fix rate, where a more traditional "offline" or "batch" deployment (where bug lists are presented to engineers, outside their workflow) saw a 0% fix rate.

How code change campaigns help teams move quickly and safely

Remove deprecated code and legacy systems

You need a way to improve and change APIs used across all of your organization's code, to spend less time and effort in the migration period between the old and new API or service.

Triage and follow-through on critical security issues

You need to be able to identify everywhere that a vulnerable package or API is used, and open issues or pull requests on all affected projects. Then you can monitor the progress of fixing, merging, and deploying.

Keep dependencies up-to-date

Keep your library dependencies and how you use those libraries up-to-date and consistent across all of your organization's code, to avoid old bugs or security problems in old dependencies, and problems arising from inconsistent dependency version use across your codebase.

Deploy new static analysis gradually in the developer workflow

Increase adoption of linters and enable progressively stricter rules across all of your organization's code, so you can continuously improve the quality of all of your code. Developers will see diagnostics and fixes in their editor and on their code host to gently nudge them toward adherence, and you can enforce rules after a certain time period.

Standardize build and deploy configuration

Keep the build and deployment configurations up-to-date and consistent across all of your organization's code, so that you can iterate and deploy continuously and reliably with DevOps self-sufficiency.

Easily run campaigns and track their progress

Sourcegraph lets you create campaigns, which compute diffs and create branches and pull requests across multiple repositories. Use it for these common types of campaigns:

Deprecate a Java artifact dependency
Deprecate a package.json dependency (npm/yarn)
Gradually enforce a new ESLint rule
Require all files to have valid code owners
Find-replace across multiple repositories
Triage search results
Track an existing collection of issues and pull requests

When you create a campaign, Sourcegraph creates branches and pull requests as needed with the correct reviewers and context—and keeps them up-to-date. You can track the progress of the campaign with the burndown chart and see all related activity across all repositories. All this makes completing the campaign as fast and painless as possible.

See it in action

Watch how to use Sourcegraph to the deprecate a JavaScript library across 100+ repositories.

Elite companies trust Sourcegraph

Every developer at Uber uses Sourcegraph
Every developer at Lyft uses Sourcegraph
Every developer at Convoy uses Sourcegraph
Every developer at Yelp uses Sourcegraph
Every developer uses Sourcegraph
Every developer at Quantcast uses Sourcegraph
Every developer at Plaid uses Sourcegraph
Every developer at GetYourGuide uses Sourcegraph