Added suggested follow ups to deepsearch

Custom tool cards for GoToDefinition and FindReferences

When a deep search reaches it's turn limit, the user will be shown a summary of the search thus far and the next steps to determine if the search should continue

• In the site config, set experimentalSettings.subRepoPermissions.allowInsights to true
• Admins can decide if it is safe in their environment to allow Code Insights to generate graphs using data from repositories that use sub-repo permissions.

• Adds the ability to collapse/expand search results

• Add TypeScript syntactic indexing support

feat(batches): site admins can feature library records

feat(batches): Add site admin setting to configure the number of displayed batch spec library records

feat(batches): auto-merge for github code hosts

Adds database-to-proto conversion for enterprise subscriptions and implements the GetEnterpriseSubscription handler in the AdministrationService. This enables user-authenticated access to subscription data via the Administration API.

This PR adds the ListEnterpriseSubscriptions RPC to the administrationservice, allowing Enterprise Portal to retrieve subscriptions. It has support for multiple filter types: subscription IDs, archived status, display name, Salesforce data, instance domains, verified domains, and instance types

N/A - internal change

N/A - not customer facing

N/A - internal tooling

N/A
Backport 4e0ca00f1e5fb1951a0f24bb7ccb3af918ce33ec from #5531

If the DISABLE_GITSERVER_JANITOR is set, the janitor routines for gitserver will no longer run.

N/A

N/A

N/A
Backport 413705d76b9e4b258f3718f884e3c3c2ddf4f6fd from #5602

N/A

N/A

N/A

fix: show correct number of filtered feature flags

• Users can now filter diffs on the diff comparison page
  Backport a2725da3281de64d2d2e41438222d0f38700e441 from #4398

We've added new configuration options to help customers better manage search jobs:

• Control how frequently the system checks for new search jobs to process (SRC_SEARCH_JOB_WORKER_INTERVAL, default: 1s)
• Set a maximum time limit for how long a search job can run (SRC_SEARCH_JOB_MAXIMUM_RUNTIME_PER_JOB, default: 5h)
• Adjust how many search jobs can run simultaneously (SRC_SEARCH_JOB_NUM_HANDLERS, default: 5)

• Add support for chaining multiple filePaths together in URL

The grader service can now fix broken diagnostics that come out of a review, hopefully improving quality.

• New default for the review setting rules: ['builtin-rules', 'repo-rules']. Builtin rules allow you to start using the review agent without creating any *.rule.md files.

Adds reflection to the review process to filter out bad diagnostics before posting.

• new internal release command sg release steps to be used in pipeline gen

N/A

Backport 0b9ee7390bca046462737172c39d8ad2e13b99fb from #4652

Adds support for syntactic indexing for C++

It is possible for users to have rejectUnverifiedCommits site configuration enabled, and also apply changesets without having the necessary configurations for commit signing. This change provides a warning banner during the batch set preview stage in such a case.

With commit signing fully configured	Warning showing because no GitHub commit signing configured

• When syncing conversations from GitHub, we now fetch 100 comments by default instead of the default 30 comments

NA

Fixed an error where Sourcegraph would display an error when an existing GitHub App was added in Site Admin, even though the adding succeeded.

Fixes issue https://linear.app/sourcegraph/issue/SRCH-1387/chime-workspaces-not-updating

The workspace preview components rely on the apollo client cache to coordinate the state. Queries are made in two places;

• /client/web/src/enterprise/batches/batch-spec/edit/workspaces-preview/useWorkspacesPreview.ts
• /client/web/src/enterprise/batches/batch-spec/edit/workspaces-preview/useWorkspaces.ts

The desired effect is that both queries are cached under the same cache-key by apollo, and so when a query finds new results it triggers a component refresh with the new data.

The problem is that there is a subtle difference in the variables passed to the query - one has after: null and on does not provide the after field. This means that they are treated as different queries and the cache entries for the queries are separate.

Switch to Debian-based auto-indexing Docker image for scip-typescript, and official Node builds. The new image is compatible with recent Node versions (verified: 23.11.0).

The repository graphql API now supports fetchinig the databaseID field.
Backport cac91705f82f1221766f1576cdadd0b5c2c7502a from #4953

authz: Add Perforce IP rule interpretation modes (unified (default), directOnly, proxyOnly) in site configuration via rulesInterpretationMode field to provide more predictable sub-repo permissions behavior
Backport 774ac0c653371b0acbae62e233764dc6729fddf3 from #4713

Backport 0d9f70dd54a4c20621fe7404d3c7598e60264f59 from #4771

fix: prompt templates should not fail when pasting linebreaks

Backport 34dd46a20d9d9d3a52abaaeaa845b968bf781435 from #4528

• Fixes an issue where we OAuth would fail for Bitbucket Server users with special characters in their usernames
  Backport 28317328924ae0139edacc3711d169b37179c31f from #4490

We've enabled personalized ranking for search results in the new web app—marking the first step in integrating user-specific ranking signals into our search pipeline. As a result, queries spanning multiple repositories will prioritize results from repositories the user has frequently contributed to.

User can disable the feature by setting boostRelevantRepositories to false in the settings

{
  "experimentalFeatures": {
    "boostRelevantRepositories": false,
  },
}

The GetCodyContext endpoint is now deprecated. Instead, clients should use the search API with patterntype=nls. Here's an example of how Cody calls the search API: (nlsSearchQuery).

feat(batches): new batch spec examples library api

feat(batches): Batch Changes now supports fine-grained access tokens as user and site-admin credentials

Feature is behind batches-commit-signing feature flag.

Adds the UI form elements needed for submitting a private SSH key and passphrase for git commit signing.

note: only UI elements and graphql changes in this PR, backend changes are still required.

• Adds a site config setting, "attribution.mode": "enforced", which configures Cody IDE extensions after v1.82 (VSCode) or v7.82 (JetBrains) to not display code until attribution checks have finished.

Added rule stats to the .api/agents/{agent_id}/rules REST endpoint when the query string ?include=revision.stats is present

When a pull request is merged, diagnostic feedback is auto-generated via LLM judge from the comments and reactions

• New UIs to view an agent repos, conversations, PRs, reviews, and diagnostics

• It's now possible to POST /.api/agents/{agent_id}/runs to trigger a background review of a pull request
• It's now possible to list pull requests for an agent with GET /.api/agents/{agent_id}/changesets
• It's now possible to list repositories for an agent with GET /.api/agents/{agent_id}/repos
• It's now possible to trigger a background sync of pull requests via POST /.api/agents/{agent_id}/runs.

• Review comments on GitHub now link to the original rule. Previously, it only displayed the rule slug (short ID like logic) and it was difficult to find the source of the rule. Now, it's easy to find both the rule instructions or identify the rule author (via git blame).

• There is now a new "Spend" tab in the agent overview that gives insights into how expensive it is to run an operate an agent, which is helpful among other reasons when making a decision about what LLM model to use.
• The LLM API /.api/completions/stream now returns the used "modelref" (Sourcegraph canonical representation) alongside the used "model" (LLM provider canonical representation).

• Use the setting rules: ["repo-rules"] instead of rules: ["all-inferred"] to pick up *.rule.md files in the repository based on the changed files in the diff.

N/A

• feat(smart-apply): Add instant apply models

Gerrit code host connections now support a projectQuery option that allows for any arbitrary query parameters supported by the Gerrit API.

Site admins can now add their own pre-existing GitHub Apps to Sourcegraph. This also allows site admins to supply the App details of Enterprise GitHub Apps.

feat: configurable runtime for codemonitor jobs

NA

na

• Added a feature flag to run commit search on searcher, goal being to improve stability and resource usage of gitserver

feat: new GraphQL query evaluateFeatureFlags

• Fixes a bug where default selections were not being set.

Fixes a search bug where queries like repo:has.file(...) rev:1.0 would completely ignore the rev filter. Now, these types of searches are explicitly disallowed.

Fix a rare bug in repo:has.file queries where some searches could return no results.

With this change we delete all Rockskip indexes. In Sourcegraph v5.5.0 we shipped a bug in Rockskip which causes some unindexed symbol searches to return no results. The bug has been fixed in 6.2 and was backported to 6.1. However indexes that have been created prior to the fix are corrupted. Hence, we have to reindex all Rockskip repositories. A new index job will automatically be triggered. This requires no further action. However, during the reindex, symbol search at older revisions of very large repos will likely time out, so we encourage all customers to communicate this to their users ahead of the rollout of the new version.

• Deprecate the admin analytics pages (/site-admin/analytics) and redirect users to Sourcegraph Analytics (analytics.sourcegraph.com).

• Improve usability of auditlog API

• The API POST /.api/llm/chat/completions now does not panic anymore when sending a bad request (HTTP 400), which was possible to trigger if you used tool with an incorrect schema.

• Fixed error "empty string is not a valid pathspec" when loading diagnostics page
  Backport ac2034bc8b71c5983a94946777cc1f75b168c287 from #4407

• When creating a new agent program, it now automatically includes a feature flag trigger for the feature flag named agents-auto-review. You must create this feature flag to have the trigger activate.

• The review agent no longer automatically reviews draft PRs with the feature_flag_enabled trigger. Instead, users must explicitly request reviews on draft PRs through a comment (comment_starts_with) or a label (label_exists)

• Fix a bug where the review agent would error if a generated file had more than 100k tokens.
• Updated docs to describe the algorithm to detect and ignore generated files

• Fixed a bug where an agent run would be stuck in "running" mode forever. Now, these runs get correctly marked as "errored"

• The review agent now posts a comment reply when it's triggered by a comment trigger (example: @sourcegraph review). This is makes the agent behave more like a colleague would.
• The agent run page now links back to the pull request at the top of the page
• "Duration: 0s" is no longer shown on the agent run page while it's running.
• The links to the "applied_rules" in the agent run page now work correctly. Previously, the links were a 404 because they were one long ", " joined string. We plan to further improve the design of how rules are displayed in this page, so this is not a final solution, just a quick fix for the most immediate bug.

na

• (perf) Fixed quadratic behavior in commit and diff search

na

na

• fix(smart-apply): Change deployment id

N/A

• Enforces limits of 1.5 MiB and 50K lines for highlighting code files.

na

• Fixed a bug where paths that start with colons may be reported as not found.

fix(batches): batch workspaces to reduce memory pressure

NA

• (minor bugfix) Fixed an issue where we would show scrollbars on unscrollable items in the dynamic search filters sidebar

NA

NA

NA

na

Add AWS Bedrock client support for non-AWS Bedrock-compatible endpoints
Backport 9054d7c14db0ecf96200c2985c5b550b6dd2ded0 from #4145

Backport 04606e20fbc8f13ad473533820b8f5df71e20ad7 from #3989

Implement ownership information for the Sveltekit rewrite.

Backport 30f3ea6a6c115c633291c388ff599ff107d7f38b from #3738

• Adds read-only ownership panel to Sveltekit frontend
• Gated behind 'svelte-ownership' feature flag
  Backport 469f2ea37a214f3c0eb1cbde012625bdbef84b6f from #3558

This fixes a bug in Rockskip (symbol search) where we would miss symbol changes introduced by merge commits. This bug manifested in incorrect search results and errors of symbols service similar to "pathspec (...) did not match any files".

Backport d8426a9aec4930ce71922562fdebdcfd0d657cb4 from #3699

fix(batches): transformChanges.group.directory should not interpret file names as directories
Backport 6ffff463be1743b89ab865018e46a34ff4e549f5 from #3721

• Fixed issue where the code host connection editor would always ask for the token to be re-entered.
  Backport 428c1eef19d68b38037bd35457632a007a78494d from #3719

fix: prompt templates should not fail when pasting linebreaks

Added support for chain-of-thought reasoning in Anthropic models, allowing users to see the model's thinking process for complex tasks.
Backport 389bf9a4f2cf8ed7762cf8876b0efe4064e2b234 from #3507

• You can now create a GitHub App with all the right permissions/events for code review agents. Previously, you had to manually customize the apps.
  Backport 87e8d77f464912cbd4356a8c3c39fba1d099e3b6 from #3473

Fixes a bug in SCIP index processing for instances with a long history of processing large uploads.
Backport 48e7b47898ee7710f12270c6861c335a2ef75f48 from #3595

• HTTP header auth username and email headers, if configured, are no longer blocked by CORS.
  Backport 782b98a780dac335576b8f43affb4b1a10123882 from #3512

• Errors are now rendered as strings in agent run logs. Previously, they rendered as Source: {}, which wasn't helpful.
  Backport d1f18d280fc9d3a985a284c31e819412d2add606 from #3514

fix(rel): remove TimescaleDB from existing database if found during upgrade to Postgres 16 on the codeinsights database.
Backport 71b4af3d6faef054803db0151b2cc7b151bb1c0e from #3556

fix: transformChanges.group.directory now ignores file names
Backport 3b76fe4ab146565b0e736231353b1e24f1468241 from #3576

• Fixes an (unreleased) issue that could cause duplicate search results when switching between tabs.
  Backport 746a29a25d6e54dfe7ab38f70855a9f58a652426 from #3528

• Code review agents can now automatically run on GitHub Pull Requests (actions: opened and synchronize) based on a feature flag. Both boolean (true/false) and rollout (percentage-based ) feature flags are supported. For example, this means you can enable automatic reviews on 10% of all opened PRs.

• The Code Review Agent now reports live status with the GitHub Commit Status API making it possible to open Agent logs directly from GitHub.

Code reviews deduplicate diagnostics from historical reviews

Adds a feedback UI for diagnostics within the Agents app.

• You can now request review from the Review Agent by posting a pull request comment with a configurable substring

• Add GET /.api/agents/runs to list runs of an agent, and other related endpoints including the ability to view logs

• The Review agent can now review larger diffs.

Adds HTTP handlers for /.api/conversations for creating and filtering conversations as well as a DB method for querying conversations.

OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c

Move Gemini 2.0 Flash from Experimental to GA, add Gemini 2.0 Flash-Lite Preview Experimental and Gemini 2.0 Pro Experimental

• feat: add init cmd subsection to release.yaml parser
• feat: add init section to release.yaml

• allow the upgradetest to be run locally without knowing the bazel invocation required to stamp the build etc
• unlock local minor and major branch upgradetests

feat: prompt templates editor supports dynamic @ mentions

fix/auth: "http-header" auth provider can "allowSignup": false to disable automatic account creation

• Creating a new agent now redirects to the settings page for further setup

• Rule include/exclude patterns are now interpreted as globs (*.go) instead of regexp (.*\.go). Negative include patterns like !*.go will be interpreted as exclude patterns, and vice versa.

fix(rel): fix migrator upgrade check

Fix bug where the URL of a Gerrit code host connection could not be updated.

The logic that translates Bitbucket clone URLs to repository names has been fixed to support:

• URLs that have no scheme (like "bitbucket.sgdev.org/sourcegraph/sourcegraph")
• SSH clone urls that don't have a ssh:// scheme prefix (like [email protected]:sourcegraph/sourcegraph.git)

A bug on the user's account security page that could result in duplicated / buggy entries has been fixed.

• single docker server checks for 5.10-reindex.completed instead of 5.1-reindex.completed

fix: prompt templates should not fail when pasting linebreaks

Move Gemini 2.0 Flash from Experimental to GA, add Gemini 2.0 Flash-Lite Preview Experimental and Gemini 2.0 Pro Experimental

Co-authored-by: arafatkatze [email protected] (cherry picked from commit 4aa5aa41cc0f5e2be80c77e8e8709e198ff54b94)

PR description tips: https://www.notion.so/sourcegraph/Write-a-good-pull-request-description-610a7fd3e613496eb76f450db5a49b6e

feat: prompt templates editor supports dynamic @ mentions

PR description tips: https://www.notion.so/sourcegraph/Write-a-good-pull-request-description-610a7fd3e613496eb76f450db5a49b6e

Fix bug where the URL of a Gerrit code host connection could not be updated.

(cherry picked from commit e6da1ceb9586bf109339f06220c1fdbbf570a6d9)

Commit listing should work correctly for repos which contain arbitrary characters in commit messages. This also affects downstream functionality such as commit graph updates needed for precise code navigation.

Backport 2eae8e1 from #3359

Combines Cody chat and Code Search into a single unified interface.

Improved highlighting for JSON files

• The Review Agent now includes the rule ID when posting comments on pull requests. By default, the minimum review severity is errors (previously it was warning). When the minimum severity is overridden to be warnings, then the review comments will also include the severity.

• Configure custom review rules for the Review Agent by adding *.rule.md files nested under .sourcegraph/ directories in any ancestor director of files in the diff.

• New /.api/agents/** endpoints to manage the creation of Sourcegraph Agents (EAP feature).
• New support to automatically review GitHub Pull Requests with a Review Agent via GitHub Apps (EAP feature).

• New GET /.api/tools endpoint to list tool definitions for Sourcegraph API endpoints to use with the LLM /chat/completions endpoint for function calling.
• New POST /.api/review/diff endpoint to get a list of code review comments given a git diff (including GitHub pull requests and Gitlab merge requests).

• The Review agent now requires the program file .sourcegraph/review-agent.json with at least the content "{}" to enable posting Pull Requests review through the GitHub App. The JSON file may contain additional configuration options to override defaults of the ReviewRequestConfiguration object (see OpenAPI spec)

• Normalize drift detection to handle for postgres 12 to 16 upgrade

feat: prompt templates now support specific @ mentions

• For broad matches, we now center the best-scoring line in search results

• The /.api/llm/chat/completions endpoint now support function calling via the tools property. This feature works when using the LLM providers: OpenAI, Anthropic, Fireworks, AWS Bedrock, and Gemini.

OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c

OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c

• fixes 404 errors when trying to load "authSidebar.js" when the Code Search VS Code extension is used with the VSCode Remote SSH extension

In the site admin configuration for code graph policies, restricts the creation of policies for syntactic indexing to HEAD-only. This restriction may be lifted in the future. Policies for precise auto-indexing are not affected.

We are changing the behavior of session expiration to be a hard-cap instead of a rolling window. auth.sessionExpiry will now set a hard-limit on the sessions lifetime, and users will have to re-authenticate after this period. To preserve the previous behavior where sessions would be invalidated after they haven't been used for a while, a new configuration option named auth.maxSessionIdleDuration has been introduced that controls session expiration based on inactivity.

Fixed an issue where Sourcegraph user sessions initiated via OAuth integrations did not respect the auth.sessionExpiry configuration and expired much earlier.

Backport dc8deea005067145855b03a3344675386bc75be7 from #3078

Backport 9639850855bb169f7dee4fbcff869c77c17f9328 from #3007

• Fixed bug in Review Agent where it didn't post review comments even for small diffs Backport 4710b59 from #3019

OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c

N/A

N/A

fix(rel): add handling for permissions errors when handling custom Postgres configurations in database containers.

Backport 67bddb2 from #3041

NA - no customer facing changes

NA

fix: don't show current prompt in suggestions

Publish signatures for release containers.
Backport c11764be4adb377521e4067c4852953d7c434e24 from #2697

• server: runs postgresql from /var/run/postgresql instead of /run/postgresql
  Backport 36c78cdf596e1b22079512931fa526346c2ec821 from #2711

fix(rel): fix issue with Postgres docker container failing upgrades after an unclean database shutdown.
Backport ca5185ce2528b67e1ce6bcb5170f96d3699e11e0 from #2660