March 16, 2026

March 16th updates

Highlights

Deep Search reads Deep Search

Deep Search can now load prior Deep Search investigations from a URL or read token so you can continue and extend earlier research.

Paste a Deep Search URL or read token into your message, and the agent will load that investigation as context for your new prompt. For example:

Read https://sourcegraph.com/deepsearch/b875dd16-a58f-4c27-84b8-4b4306e49df7 and tell me what else we should investigate about our flaky tests
Based on the findings in https://sourcegraph.com/deepsearch/shared/e3c0150a-b7ef-4955-bed4-d5820ca7a70d, investigate whether the same logging patterns appear in our other microservices
What did we learn about authentication in https://sourcegraph.com/deepsearch/71a48f28-d241-4efa-bc62-4afde5499b00? Are there similar issues in the authorization code?
Continue the investigation from https://sourcegraph.com/deepsearch/7347ddaa-d579-4b91-b152-ca27e4ddb656 by checking if those dead code patterns exist in our newer repositories
Compare what we found in https://sourcegraph.com/deepsearch/e782c115-2dfa-44a5-8a88-2fad218a2fe1 with the current state of the codebase - has the performance issue been addressed?
Look at https://sourcegraph.com/deepsearch/shared/3f1beb2b-bded-4fda-96cc-1af7192f24b6 and investigate whether those security concerns apply to our newer API endpoints

Deep Search pulls in the conversation making prior investigations available as context for new questions. This lets you build on previous research, cross-reference findings, and continue investigations where teammates left off.

Improved token efficiency in agentic Sourcegraph tools

Deep Search and MCP tools are now more token-efficient.

We've improved the set of tools available for agents inside Sourcegraph to emit more token-efficient outputs. This includes tools that Deep Search uses under the hood, as well as tools available in our MCP server.

Instead of JSON, the tools now emit a more compact plaintext format, saving tokens on every execution. A lower token count also leads to lower latency and costs. The new format is also more selective about which pieces of information it shows to the agent.

In practice, we've observed a reduction of around 30% in the number of tokens our search tools emit with no loss in output relevancy. This means that agents working with our tools can now run for longer before filling up their context window - whether you're using MCP or Deep Search, you'll be able to get more done.

Deep Search usage pacing charts in Sourcegraph Analytics

See how Deep Search usage trends month over month with new pacing charts.

Sourcegraph Analytics now includes pacing charts for Deep Search, making it easy for admins to track usage against their purchased quota as the month progresses. The charts show both burndown and cumulative views for the current month, mapped against the previous month so you can spot trends at a glance.

The burndown view tracks usage against your purchased amount, helping you know when it’s time to top up.

New to Sourcegraph Analytics? Check out the docs and enable it to start exploring usage across your organization.

Details

Improvements

Deep Search Add deepsearch_read to tools

Deep Search can now read other Deep Search threads when you include a URL in your conversation.
Deep Search Add question categorization for analytics
Code Search Show git notes count in commit results

Commit search results now display a count of git notes attached to each commit.
Code Search Compact output format for all tools

Deep Search and MCP tools now return outputs in a more compact format, reducing token usage.
Analytics Notify site admins when telemetry export fails

Site admins on self-hosted instances now see a warning notification on the admin dashboard when telemetry export has failed persistently, including the target address and last error. The notification auto-clears once export recovers.
Executors Add support to configure Kubernetes job security context

Added KUBERNETES_EXECUTOR_POD_SECURITY_CONTEXT and KUBERNETES_EXECUTOR_CONTAINER_SECURITY_CONTEXT to configure Kubernetes Executors pod and container security contexts.
RBAC Add RBAC permission for accessing global search contexts

Added a new RBAC permission SEARCH_CONTEXTS#WRITE_GLOBAL for managing global search contexts. Users with this permission can manage global search contexts independently of site-admin status.
Security Convert filesystem operations to be path-traversal resistant

Filesystem operations in gitserver and archive extraction use Go 1.24's os.OpenRoot API, replacing manual path-traversal checks.
Slack Add multi-workspace support

Multiple Slack workspaces can now be connected to the same Sourcegraph instance. Visit the Administration > Slack integration page for setup.
UI Show warning when GitHub App URL contains a path

Show a warning when entering a GitHub App base URL that contains a path
Feature Flags Delete overrides when deleting a feature flag

Deleting a feature flag now automatically removes its per-user and per-org overrides.

Fixes

Deep Search Fix Deep Search UI quota warning state

Quota warnings and errors now display correctly in the Deep Search UI when quota limits are reached.
Deep Search Switch Gemini 3 Flash to low reasoning effort

Improve reliability of conversation title generation by reducing reasoning overhead for simple tasks.
Deep Search Fix Gemini 3 Flash incorrectly marked as experimental

Fixed an issue where Gemini 3 Flash was incorrectly marked as experimental, preventing query categorization, title suggestions, open-source research sub-agent, and the finder tool from working on customer instances with model status filters.
Deep Search Preserve truncated responses on follow-up questions
Deep Search Validate image content type

Harden Deep Search image upload validation to verify content type matches declared MIME type.
Code Search Fix expand/collapse state of bottom file view panel

Fixed incorrect panel state when navigating between search results and file views
Code Search Text overlaps in search result counter display

Search results toolbar is now more responsive, keeping result stats and action buttons stable and readable across screen sizes.
Code Intel Fix bottleneck in upload discovery phase

Optimized upload discovery query by reversing join order and preventing full upload table scans, eliminating timeouts on large instances
Batch Changes Remove GH App team_discussions permission

Fixed an issue where creating a GitHub App through the Batch Changes settings interface would fail.
Authentication Fix checkmark style on device flow page
GitHub Failing to load GHApp connections are no longer fatal to frontend

Loading GitHub App code host connections from a declarative config file no longer prevents frontend pods from starting when failures occur.
Inference Increase timeout from 2m to 10m

This increases the timeout on SMP from 2 to 10 minutes and also removes the capability to override the timeout by setting the header "X-Timeout-Ms".
Inference Preserve Gemini thinking signature if thinking text is empty

Preserve Gemini thinking signature when thinking text is empty to prevent inference failures on tool calls
Repositories Don't mark cloning repos as not_cloned

Fixed incorrect status reporting for long-running repository clones
Slack Improve error message on email mismatch

Improved Slack integration error messages when an associated Sourcegraph account email could not be found, informing the user how to resolve the issue themselves.
UI Move button chrome to variant level

Icon and link button variants no longer incorrectly display borders, shadows, or push-down effects when used in expandable sections and tree nodes.
UI Fix Overview UI and hover view card layout issues
UI Remove stale global sourcegraph-mark preload

Removed stale preload for sourcegraph-mark.svg that was causing browser warnings on SvelteKit pages where the asset is not used.

Removed

Code Search Remove auto-navigate to single search result feature

Other

Administration Clarify between roles and permissions

Renamed sidebar entries from "Permissions" and "Roles" to "Repository permissions" and "Role-based access control" for clarity.
Analytics Enable collection of userIds in admin user deletion events

Enabled collection of user IDs in telemetry when admins delete users to improve user deduplication.