AI coding agents are producing more code than ever, but the world still runs on massive, decades-old codebases. Why owning and understanding them may be the hardest job in software.
Read more
The bottleneck in most large-scale migrations is not the engineers or the plan. It is that the tools cannot see the whole codebase.
Read more
On nine CodeScaleBench tasks designed to evaluate agent effectiveness in large codebases, Claude Sonnet 4.6 with the Sourcegraph MCP server outscored Fable 5, winning six of nine at roughly half the cost for each point of quality.
Read more
Every engineering org has the files nobody wants to open. Here's what that actually costs.
Read more
How Sourcegraph uses HackerOne webhooks and Deep Search to automatically validate, triage, and investigate vulnerability reports before engineers start their day.
Read more
How Sourcegraph's security team evolved from a Slack-based triage bot to programmatic SIEM detection with expression-based auto-close rules.
Read more
Dependency prefixes like ^ and ~ make updates easy, but the version ranges they create widen the path a compromised package can take into production.
Read more
A Slack bot triages every GitHub advisory, posts a rocket-to-trigger ask in the channel, and on one human reaction runs the full content pipeline: detection queries, blog scaffold, social drafts, a 35-second auto-cut demo. The operator's remaining job is to read the drafts and decide whether they're honest.
Read more
Data from 1,281 agent runs across 40+ large open source repos reveals five repeatable failure patterns in coding agents, and the infrastructure fixes for each.
Read more
We built a Deep Search Slack agent for large companies. Here is what we learned about user experience, enterprise security, and Redis-backed rate limiting.
Read more
AI added new ways to search code, but not all of them apply to every problem. Here’s how to choose between Code Search, Deep Search, and MCP.
Read more
We audited what it would take to build a Sourcegraph equivalent internally, mapped the platform to 90 engineering requirements across 10 categories, and modeled 3-year costs for different environment sizes.
Read more
Poisoned LiteLLM packages on PyPI started stealing credentials. Using Deep Search and Code Search, we traced which public repos were protected by version pinning and which were left exposed. Here's how—and how you can do the same for any supply chain incident.
Read more
We are excited to announce our transition to a community-driven open source project. While making this change, we reaffirm our deep commitment to remaining active members of the community.
Read more
While direct API calls seem cheaper and easier, they lack the safety layer large organizations rely on. Tool connection protocols aren't dead; they remain vital for security, governance, and centralized control in big teams.
Read more
The initial findings from CodeScaleBench, a new benchmark designed to evaluate coding agents against the true complexity of enterprise software development, including large codebases and multi-repository tasks.
Read more
Today, we're announcing Sourcegraph 7.0, a release that marks the beginning of a new chapter for our company and product.
Read more
The hidden cost of being a data-driven company is context-switching for analysts due to "quick questions." DataBot allows the data team to focus on auditing analysis instead of performing it.
Read more
Deep Search empowers our Support Engineers to bypass initial escalations, enabling them to dive directly into investigating the root cause of issues.
Read more
Cross-repo search provides semantic code understanding across repositories.
Read more