• Combines features of the Language usage and Detect and track patterns insights to track code inventory metrics over time:
  • lines of code
  • size of code
  • file counts
• Can group those metrics by repository, by language, or not at all
• Can collect the metrics for a list of repositories, or a repo search query

• New GraphQL endpoints
  • query:
    • inventoryStatsPreview
  • mutation:
    • createInventoryStatsInsight
    • updateInventoryStatsInsight

• The Inventory environment variables have been moved into site config settings (in the "inventory" section):
  • USE_ENHANCED_LANGUAGE_DETECTION: "disableEnhancedLanguageDetection" (defaults to false)
  • GET_INVENTORY_GIT_SERVER_CONCURRENCY: "gitServerConcurrency" (defaults to 4)
  • GET_INVENTORY_REDIS_CONCURRENCY: "redisConcurrency" (defaults to 20)
  • GET_INVENTORY_MAX_INV_IN_MEMORY: "maxInventoryInMemory" (defaults to 1000)
  • GET_INVENTORY_TIMEOUT: "timeoutInMinutes" (defaults to 5)

• Add experimental icon + GitLab/GitHub only specification for pushed-only changesets in batch changes UI

Backport 04be437 from #6180

• Add 'push only' bulk operation for Github

• feat(telemetry): add canonical PG version check for detecting external db usage

[telemetry] add granular database telemetry.

• releaseplatform: add rpc endpoint for VerifyExecutorsWorkflow

• Correct handler init for gcp and aws clients in releaseplatform, add testing

• releaseplatform: added secret injection to aws and gcp clients

• add aws verification to VerifyExecutorsRelease temporal workflow

• GIN index to efficiently search workspace by changesetSpec
• resolver endpoint to get workspace from changesetSpec
• UI warning in preview step

Adds a tooltip to the retry button on the batch changes preview page.

fix(batches): GitLab webhooks for merge requests not associated with batch changes now return HTTP 204 instead of HTTP 500 errors
Backport b5e926187d14784ea9a51fefca626379a25bda3e from #6052

fix(batches): fixed an issue where Batch Changes would attempt to sync changesets from deleted namespaces resulting in delays and timeouts for active changesets

fix(batches): fixed an issue where GitLab merge request events would fail to handle labels

green ci

• make google cred pre commit hook more precise

Fixed an issue where Sourcegraph would mark executor jobs as failed when briefly losing connection to a pod, even though the pod was still running.

fix(batches): fixed an issue where Batch Changes would attempt to sync changesets from deleted namespaces resulting in delays and timeouts for active changesets

@sourcegraph/release

Fixed an issue where Sourcegraph was not handling rate limit responses from GitHub correctly.
Backport bf997a77ecc58fe669b015aa6e8d2578c4e78607 from #5787

Backport 1269f3af4920629aab9a6fbc6a770932a7b8e64f from #5689

release: add container test to verify glibc version does not get unintentionally upgraded in PostgreSQL container images`

Backport 68a8d54c9e8fd0a3ff0286d0141f07372209f19a from #5670

Backport 0bc959fd07f2f6d55da1f3e6ce6cc6f5e5b2d231 from #5643

Added suggested follow ups to deepsearch

Custom tool cards for GoToDefinition and FindReferences

When a deep search reaches it's turn limit, the user will be shown a summary of the search thus far and the next steps to determine if the search should continue

• In the site config, set experimentalSettings.subRepoPermissions.allowInsights to true
• Admins can decide if it is safe in their environment to allow Code Insights to generate graphs using data from repositories that use sub-repo permissions.

• Adds the ability to collapse/expand search results

• Add TypeScript syntactic indexing support

feat(batches): site admins can feature library records

feat(batches): Add site admin setting to configure the number of displayed batch spec library records

feat(batches): auto-merge for github code hosts

Adds database-to-proto conversion for enterprise subscriptions and implements the GetEnterpriseSubscription handler in the AdministrationService. This enables user-authenticated access to subscription data via the Administration API.

This PR adds the ListEnterpriseSubscriptions RPC to the administrationservice, allowing Enterprise Portal to retrieve subscriptions. It has support for multiple filter types: subscription IDs, archived status, display name, Salesforce data, instance domains, verified domains, and instance types

N/A - internal change

N/A - not customer facing

N/A - internal tooling

N/A
Backport 4e0ca00f1e5fb1951a0f24bb7ccb3af918ce33ec from #5531

If the DISABLE_GITSERVER_JANITOR is set, the janitor routines for gitserver will no longer run.

N/A

N/A

N/A
Backport 413705d76b9e4b258f3718f884e3c3c2ddf4f6fd from #5602

N/A

N/A

N/A

fix: show correct number of filtered feature flags

• Users can now filter diffs on the diff comparison page
  Backport a2725da3281de64d2d2e41438222d0f38700e441 from #4398

We've added new configuration options to help customers better manage search jobs:

• Control how frequently the system checks for new search jobs to process (SRC_SEARCH_JOB_WORKER_INTERVAL, default: 1s)
• Set a maximum time limit for how long a search job can run (SRC_SEARCH_JOB_MAXIMUM_RUNTIME_PER_JOB, default: 5h)
• Adjust how many search jobs can run simultaneously (SRC_SEARCH_JOB_NUM_HANDLERS, default: 5)

• Add support for chaining multiple filePaths together in URL

The grader service can now fix broken diagnostics that come out of a review, hopefully improving quality.

• New default for the review setting rules: ['builtin-rules', 'repo-rules']. Builtin rules allow you to start using the review agent without creating any *.rule.md files.

Adds reflection to the review process to filter out bad diagnostics before posting.

• new internal release command sg release steps to be used in pipeline gen

N/A

Backport 0b9ee7390bca046462737172c39d8ad2e13b99fb from #4652

Adds support for syntactic indexing for C++

It is possible for users to have rejectUnverifiedCommits site configuration enabled, and also apply changesets without having the necessary configurations for commit signing. This change provides a warning banner during the batch set preview stage in such a case.

With commit signing fully configured	Warning showing because no GitHub commit signing configured

• When syncing conversations from GitHub, we now fetch 100 comments by default instead of the default 30 comments

NA

Fixed an error where Sourcegraph would display an error when an existing GitHub App was added in Site Admin, even though the adding succeeded.

Fixes issue https://linear.app/sourcegraph/issue/SRCH-1387/chime-workspaces-not-updating

The workspace preview components rely on the apollo client cache to coordinate the state. Queries are made in two places;

• /client/web/src/enterprise/batches/batch-spec/edit/workspaces-preview/useWorkspacesPreview.ts
• /client/web/src/enterprise/batches/batch-spec/edit/workspaces-preview/useWorkspaces.ts

The desired effect is that both queries are cached under the same cache-key by apollo, and so when a query finds new results it triggers a component refresh with the new data.

The problem is that there is a subtle difference in the variables passed to the query - one has after: null and on does not provide the after field. This means that they are treated as different queries and the cache entries for the queries are separate.

Switch to Debian-based auto-indexing Docker image for scip-typescript, and official Node builds. The new image is compatible with recent Node versions (verified: 23.11.0).

The repository graphql API now supports fetchinig the databaseID field.
Backport cac91705f82f1221766f1576cdadd0b5c2c7502a from #4953

authz: Add Perforce IP rule interpretation modes (unified (default), directOnly, proxyOnly) in site configuration via rulesInterpretationMode field to provide more predictable sub-repo permissions behavior
Backport 774ac0c653371b0acbae62e233764dc6729fddf3 from #4713

Backport 0d9f70dd54a4c20621fe7404d3c7598e60264f59 from #4771

fix: prompt templates should not fail when pasting linebreaks

Backport 34dd46a20d9d9d3a52abaaeaa845b968bf781435 from #4528

• Fixes an issue where we OAuth would fail for Bitbucket Server users with special characters in their usernames
  Backport 28317328924ae0139edacc3711d169b37179c31f from #4490

We've enabled personalized ranking for search results in the new web app—marking the first step in integrating user-specific ranking signals into our search pipeline. As a result, queries spanning multiple repositories will prioritize results from repositories the user has frequently contributed to.

User can disable the feature by setting boostRelevantRepositories to false in the settings

{
  "experimentalFeatures": {
    "boostRelevantRepositories": false,
  },
}

The GetCodyContext endpoint is now deprecated. Instead, clients should use the search API with patterntype=nls. Here's an example of how Cody calls the search API: (nlsSearchQuery).

feat(batches): new batch spec examples library api

feat(batches): Batch Changes now supports fine-grained access tokens as user and site-admin credentials

Feature is behind batches-commit-signing feature flag.

Adds the UI form elements needed for submitting a private SSH key and passphrase for git commit signing.

note: only UI elements and graphql changes in this PR, backend changes are still required.

• Adds a site config setting, "attribution.mode": "enforced", which configures Cody IDE extensions after v1.82 (VSCode) or v7.82 (JetBrains) to not display code until attribution checks have finished.

Added rule stats to the .api/agents/{agent_id}/rules REST endpoint when the query string ?include=revision.stats is present

When a pull request is merged, diagnostic feedback is auto-generated via LLM judge from the comments and reactions

• New UIs to view an agent repos, conversations, PRs, reviews, and diagnostics

• It's now possible to POST /.api/agents/{agent_id}/runs to trigger a background review of a pull request
• It's now possible to list pull requests for an agent with GET /.api/agents/{agent_id}/changesets
• It's now possible to list repositories for an agent with GET /.api/agents/{agent_id}/repos
• It's now possible to trigger a background sync of pull requests via POST /.api/agents/{agent_id}/runs.

• Review comments on GitHub now link to the original rule. Previously, it only displayed the rule slug (short ID like logic) and it was difficult to find the source of the rule. Now, it's easy to find both the rule instructions or identify the rule author (via git blame).

• There is now a new "Spend" tab in the agent overview that gives insights into how expensive it is to run an operate an agent, which is helpful among other reasons when making a decision about what LLM model to use.
• The LLM API /.api/completions/stream now returns the used "modelref" (Sourcegraph canonical representation) alongside the used "model" (LLM provider canonical representation).

• Use the setting rules: ["repo-rules"] instead of rules: ["all-inferred"] to pick up *.rule.md files in the repository based on the changed files in the diff.

N/A

• feat(smart-apply): Add instant apply models

Gerrit code host connections now support a projectQuery option that allows for any arbitrary query parameters supported by the Gerrit API.

Site admins can now add their own pre-existing GitHub Apps to Sourcegraph. This also allows site admins to supply the App details of Enterprise GitHub Apps.

feat: configurable runtime for codemonitor jobs

NA

na

• Added a feature flag to run commit search on searcher, goal being to improve stability and resource usage of gitserver

feat: new GraphQL query evaluateFeatureFlags

• Fixes a bug where default selections were not being set.

Fixes a search bug where queries like repo:has.file(...) rev:1.0 would completely ignore the rev filter. Now, these types of searches are explicitly disallowed.

Fix a rare bug in repo:has.file queries where some searches could return no results.

With this change we delete all Rockskip indexes. In Sourcegraph v5.5.0 we shipped a bug in Rockskip which causes some unindexed symbol searches to return no results. The bug has been fixed in 6.2 and was backported to 6.1. However indexes that have been created prior to the fix are corrupted. Hence, we have to reindex all Rockskip repositories. A new index job will automatically be triggered. This requires no further action. However, during the reindex, symbol search at older revisions of very large repos will likely time out, so we encourage all customers to communicate this to their users ahead of the rollout of the new version.

• Deprecate the admin analytics pages (/site-admin/analytics) and redirect users to Sourcegraph Analytics (analytics.sourcegraph.com).

• Improve usability of auditlog API

• The API POST /.api/llm/chat/completions now does not panic anymore when sending a bad request (HTTP 400), which was possible to trigger if you used tool with an incorrect schema.

• Fixed error "empty string is not a valid pathspec" when loading diagnostics page
  Backport ac2034bc8b71c5983a94946777cc1f75b168c287 from #4407

• When creating a new agent program, it now automatically includes a feature flag trigger for the feature flag named agents-auto-review. You must create this feature flag to have the trigger activate.

• The review agent no longer automatically reviews draft PRs with the feature_flag_enabled trigger. Instead, users must explicitly request reviews on draft PRs through a comment (comment_starts_with) or a label (label_exists)

• Fix a bug where the review agent would error if a generated file had more than 100k tokens.
• Updated docs to describe the algorithm to detect and ignore generated files

• Fixed a bug where an agent run would be stuck in "running" mode forever. Now, these runs get correctly marked as "errored"

• The review agent now posts a comment reply when it's triggered by a comment trigger (example: @sourcegraph review). This is makes the agent behave more like a colleague would.
• The agent run page now links back to the pull request at the top of the page
• "Duration: 0s" is no longer shown on the agent run page while it's running.
• The links to the "applied_rules" in the agent run page now work correctly. Previously, the links were a 404 because they were one long ", " joined string. We plan to further improve the design of how rules are displayed in this page, so this is not a final solution, just a quick fix for the most immediate bug.

na

• (perf) Fixed quadratic behavior in commit and diff search

na

na

• fix(smart-apply): Change deployment id

N/A

• Enforces limits of 1.5 MiB and 50K lines for highlighting code files.

na

• Fixed a bug where paths that start with colons may be reported as not found.

fix(batches): batch workspaces to reduce memory pressure

NA

• (minor bugfix) Fixed an issue where we would show scrollbars on unscrollable items in the dynamic search filters sidebar

NA

NA

NA

na

Add AWS Bedrock client support for non-AWS Bedrock-compatible endpoints
Backport 9054d7c14db0ecf96200c2985c5b550b6dd2ded0 from #4145

Backport 04606e20fbc8f13ad473533820b8f5df71e20ad7 from #3989

Implement ownership information for the Sveltekit rewrite.

Backport 30f3ea6a6c115c633291c388ff599ff107d7f38b from #3738

• Adds read-only ownership panel to Sveltekit frontend
• Gated behind 'svelte-ownership' feature flag
  Backport 469f2ea37a214f3c0eb1cbde012625bdbef84b6f from #3558

This fixes a bug in Rockskip (symbol search) where we would miss symbol changes introduced by merge commits. This bug manifested in incorrect search results and errors of symbols service similar to "pathspec (...) did not match any files".

Backport d8426a9aec4930ce71922562fdebdcfd0d657cb4 from #3699

fix(batches): transformChanges.group.directory should not interpret file names as directories
Backport 6ffff463be1743b89ab865018e46a34ff4e549f5 from #3721

• Fixed issue where the code host connection editor would always ask for the token to be re-entered.
  Backport 428c1eef19d68b38037bd35457632a007a78494d from #3719

fix: prompt templates should not fail when pasting linebreaks

Added support for chain-of-thought reasoning in Anthropic models, allowing users to see the model's thinking process for complex tasks.
Backport 389bf9a4f2cf8ed7762cf8876b0efe4064e2b234 from #3507

• You can now create a GitHub App with all the right permissions/events for code review agents. Previously, you had to manually customize the apps.
  Backport 87e8d77f464912cbd4356a8c3c39fba1d099e3b6 from #3473

Fixes a bug in SCIP index processing for instances with a long history of processing large uploads.
Backport 48e7b47898ee7710f12270c6861c335a2ef75f48 from #3595

• HTTP header auth username and email headers, if configured, are no longer blocked by CORS.
  Backport 782b98a780dac335576b8f43affb4b1a10123882 from #3512

• Errors are now rendered as strings in agent run logs. Previously, they rendered as Source: {}, which wasn't helpful.
  Backport d1f18d280fc9d3a985a284c31e819412d2add606 from #3514

fix(rel): remove TimescaleDB from existing database if found during upgrade to Postgres 16 on the codeinsights database.
Backport 71b4af3d6faef054803db0151b2cc7b151bb1c0e from #3556

fix: transformChanges.group.directory now ignores file names
Backport 3b76fe4ab146565b0e736231353b1e24f1468241 from #3576

• Fixes an (unreleased) issue that could cause duplicate search results when switching between tabs.
  Backport 746a29a25d6e54dfe7ab38f70855a9f58a652426 from #3528

• Code review agents can now automatically run on GitHub Pull Requests (actions: opened and synchronize) based on a feature flag. Both boolean (true/false) and rollout (percentage-based ) feature flags are supported. For example, this means you can enable automatic reviews on 10% of all opened PRs.

• The Code Review Agent now reports live status with the GitHub Commit Status API making it possible to open Agent logs directly from GitHub.

Code reviews deduplicate diagnostics from historical reviews

Adds a feedback UI for diagnostics within the Agents app.

• You can now request review from the Review Agent by posting a pull request comment with a configurable substring

• Add GET /.api/agents/runs to list runs of an agent, and other related endpoints including the ability to view logs

• The Review agent can now review larger diffs.

Adds HTTP handlers for /.api/conversations for creating and filtering conversations as well as a DB method for querying conversations.

OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c

Move Gemini 2.0 Flash from Experimental to GA, add Gemini 2.0 Flash-Lite Preview Experimental and Gemini 2.0 Pro Experimental

• feat: add init cmd subsection to release.yaml parser
• feat: add init section to release.yaml

• allow the upgradetest to be run locally without knowing the bazel invocation required to stamp the build etc
• unlock local minor and major branch upgradetests

feat: prompt templates editor supports dynamic @ mentions

fix/auth: "http-header" auth provider can "allowSignup": false to disable automatic account creation

• Creating a new agent now redirects to the settings page for further setup

• Rule include/exclude patterns are now interpreted as globs (*.go) instead of regexp (.*\.go). Negative include patterns like !*.go will be interpreted as exclude patterns, and vice versa.

fix(rel): fix migrator upgrade check

Fix bug where the URL of a Gerrit code host connection could not be updated.

The logic that translates Bitbucket clone URLs to repository names has been fixed to support:

• URLs that have no scheme (like "bitbucket.sgdev.org/sourcegraph/sourcegraph")
• SSH clone urls that don't have a ssh:// scheme prefix (like [email protected]:sourcegraph/sourcegraph.git)

A bug on the user's account security page that could result in duplicated / buggy entries has been fixed.

• single docker server checks for 5.10-reindex.completed instead of 5.1-reindex.completed

fix: prompt templates should not fail when pasting linebreaks