Sourcegraph 4.2 release

Sourcegraph 4.2 is here! This month, we are kicking off significant work to improve the scale, speed, and security of Sourcegraph.

Sourcegraph's code intelligence platform is built to help you find and understand code fast, stay in flow, and focus more on what you love doing: writing great code. In order to do this seamlessly for all sizes of engineering teams, Sourcegraph must be able to operate across massive numbers of repositories, search millions of commits, and bake security into every part of the product.

To accomplish this and support even the most demanding engineering teams, Sourcegraph is focused on improving scale, speed, and security over the next several releases in addition to releasing new features.

Here's what's new in Sourcegraph 4.2:


Get enhanced security visibility with audit logs

Sourcegraph users frequently want to answer questions regarding who has accessed their instance, what actions they've taken, and when. Sourcegraph already provides some information (such as monitoring and pings), but more data is needed to serve pentesting and security testing use cases.

In 4.2, Sourcegraph now ships with an easy-to-consume audit log. The log contains security events, Gitserver access events, and GraphQL requests. The audit log is available for Sourcegraph self-hosted instances, with availability coming soon for Sourcegraph Cloud.

Batch Changes

Secrets in server-side Batch Changes (Beta)

It's common to use secrets in batch changes steps. Developers can use secrets in batch changes to authenticate to a private registry to install packages, create tickets from within a batch change, or make authenticated API calls to other services. In local runs, secrets can be either hardcoded in the batch spec or loaded from environment variables using step.env, but until now, there was no robust and secure way to manage secrets for server-side runs.

To solve this, we're releasing executor secrets. You can now define secrets to be passed to server-side runs, and those secrets can be referenced as env variables in the batch change spec.

Sourcegraph supports two types of secrets: namespaced secrets that can only be accessed by their owner, and global secrets that site admins can set and make available to all users on an instance.

This feature is in Beta, and feedback is very welcome. Tweet at us, or drop a comment in this issue.

Code Search

Smart Search helps with search queries to find more results, faster

To help you find information in your codebase faster than ever, we're introducing Smart Search, a new query assistant that activates when a search returns no results. It can be turned on with the new lightning bolt toggle in the search bar.

Smart Search helps find search results that are likely to be more useful than showing "no results" by trying slight variations of a user's original query. Smart Search automatically tries alternative queries based on a handful of rules (we know how easy it is to get tripped up by query syntax). When a query alternative finds results, those results are shown immediately. See the documentation to learn more about Smart Search behavior and configuration.


Sourcegraph 4.2 is now available to download. For Sourcegraph Cloud users, instances will be upgraded to 4.2 beginning December 5.

Changelog highlights

  1. Search
    The search input has a new recent searches button, and recent searches can be cycled via the up/down arrow keys for quick access to previous searches.
  2. Search
    When the `content:` filter is used in a query, it now behaves more predictably by only searching file contents. Previously, file contents, paths, and repositories were searched. However, as before, if `type:` is also set, the `content:` filter will search for results of the specified `type:`.
  3. Search
    When rendering a file that is backed by Git LFS, Sourcegraph now displays a page that links directly to the file on the code host. Previously we rendered the LFS pointer.
  4. Code Insights
    Code Insights data points that do not contain any results will display zero instead of being omitted from the visualization for clarity. This only applies to insight data created after 4.2.
  5. API
    A new experimental GraphQL query, `permissionsSyncJobs`, now lists the states of recently completed permissions sync jobs and the state of each provider to check that syncing is working as intended. The TTL of entries can be configured with `authz.syncJobsRecordsTTL`.
  6. Admin
    Repositories can now be ordered by size on the repository admin page to make it easy to find the largest synced repositories.
  7. Admin
    Access token creation, GitHub and GitLab OAuth login attempts, and OIDC login attempts are now part of the audit log.

Get Cody, the AI coding assistant

Cody makes it easy to write, fix, and maintain code.