NOVEMBER 04, 2024

Sourcegraph 5.9.0

A newer patch release is available: 5.9.17785. See all changes in Sourcegraph 5.9.

Highlights

Promoted Prompts for VS Code and Cody Web

Admins can now highlight prompts at the top of the Prompt list to encourage best practices.

The Prompt Library is a great way for users within an organization to share, discover, and use prompts while working with Cody chat. We've introduced a new concept to Prompts called Promoted Prompts which allows admins to highlight Prompts to users that appear at the top of a Prompt list, directing users to use specific Prompts that encourage best practices within the organization.

Admins can promote a Prompt by checking the Promoted box in the Prompt edit screen.

Admins can promote a prompt by checking the Promoted box in the prompt edit screen.

Promoted Prompts are marked with an icon next to their name and will appear at the top of the Prompt list in the Cody Chat window in an IDE, as well as in the Prompt Library.

Promoted prompts are marked with an icon next to their name and will appear at the top of the prompt list in the Cody Chat window in an IDE.

Promoted prompts will also appear at the top of the Prompt Library for easy discovery and use.

Promoted Prompts are available for VS Code and Cody Web for all plans. Cody Enterprise customers should upgrade to the latest release (5.9.0) to access this functionality.

IP-based permissions support for Perforce

Admins can now enforce Perforce access restrictions based on user IP addresses.

Perforce allows gating access to individual parts of a depot based on criteria besides username, including by IP address. Previously, Sourcegraph only supported enforcing username-based restrictions to individual files and folders based on the Perforce protections table. In this release, admins can configure their network infrastructure to securely communicate user IP addresses to Sourcegraph, enforcing allow/deny access to individual files and folders based on the user's IP address as well.

Please read our docs for more information.

Details

Improvements

Cody Gateway Add new claude-3-5-haiku-latest model
OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c

Cody Gateway: add new claude-3-5-haiku-latest & claude-3-5-opus-latest models to Cody Gateway allow list Cody Gateway: add new claude-3-5-haiku-latest dotcom models list
Backport 11e7481ba3c810ae5b47d32b8cf32066e2f0b2bb from #1470
Cody Add more API docs content
OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c
Cody Add embedded API docs via OpenAPI/Redocly
- New OpenAPI API docs within the instance at the URL $SRC_ENDPOINT/api/openapi/public. Alternatively, reach the page at "User > Settings > OpenAPI Reference".
Analytics Log estimated LLM cost telemetry (CODY-4007)
- Adds cost estimates to the ModelConfiguration returned by .api/llm/supported-models.json
- Adds llmTokenUsageCostEstimate telemetry value with estimates of each requests LLM cost in pennies
Analytics Add check for PGDATASOURCE
OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c
Administration Site config 'telemetry: { disableLocalEventLogs }' to disable event_logs
Long-term local retention of user telemetry as 'event logs' can now be disabled entirely via the telemetry: { disableLocalEventLogs } site configuration.
Add embedded file snippet page
- Added embeddable page for file snippets
Cody Gateway Deprecate old claude 3.5 sonnet
OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c
Cody Add Claude 3.5 Sonnet (Latest) & Claude 3 Opus (Latest)
OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c
Sub_repo_perms Add conditional logging for seeing if sub_repo_permisisons are working
The sub repository permissions implementation now emits logs that describe the rules that were evaluated for a given request whenever tracing is enabled. (We limit these logs for only when tracing is enabled since they can be quite verbose).
Analytics Add source.server.server_client.user_agent to telemetry payload
- Add the sourcegraph API client user-agent to telemetry payload types under source.server.server_client.user_agent.
Cody Expose token usage in the LLM API
- The /.api/completions/stream API now includes used input/output tokens and the upstream model name in the response body when using the query parameter api-version=5 or higher. Does not apply to: Vertex Anthropic, Azure OpenAI (mo model name, and no token usage in streaming response), Gemini (no model name in streaming response)
- LLM chat completions now support stream: false when using Azure OpenAI and OpenAI-compatible providers.
Analytics Propagate new x-sourcegraph-api-client-* headers to request clients
- Propagates new X-Sourcegraph-API-Client-Name and X-Sourcegraph-API-Client-Version headers to request clients
Ci Record Test infrastructure failures
- add library that writes to TEST_INFRASTRUCTURE_FAILURE_FILE if it is defined for test failures
Batch Changes Show name of additional fields that cause errors
feat(batches): show name of additional fields that cause errors
Cody Add support to format raw API responses for Cody
- The raw HTTP API now accepts the query paramter format=cody or header Accept: application/cody to render files and directories as context items for Cody. Example request path: /github.com/sourcegraph/cody/-/raw/agent/src/index.ts?format=cody.

Fixes

Batch Changes Enable request splitting by default
fix(batches): enable request splitting by default
Source Correct Name() documentation for gitserver's ReadDirIterator
The documentation for gitserver's ReadDir method has been clarified to reflect that the return iterator's Name() method returns the full path of the file, as opposed to just the basename.
Analytics Only log Cody API events to a remote data store, do n…
OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c
Codyapi Restrict audit log retrieval to site admins only
OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c
Dev Correctly propagate error key-value pairs
Fixes a bug where logs and traces were sometimes missing key-value pairs recorded alongside errors.
Source Clarify exclude docs in github connection schema to say that individual expressions within block are `and`-ed together
The documentation for the "exclude" section in the github code host connection schema has been clarified to explain that each block is OR'd together, and the expressions within each block are AND'd together.
Source Multiple GitHub external accounts to the same URL now refresh correctly
- When there are multiple auth providers configured that point to the same GitHub URL, as can be the case when using private GitHub Apps, user external account tokens will now refresh correctly.
Code Search (new web ui) Make blob view readonly
Prevents default browser shortcuts from modifying the file content locally.
Batch Changes Handle spec being nil for suffix salt
fix(batches): handle spec being nil for suffix salt
Code Intel Add more limits in auto-indexing inference code
Introduces new limits for auto-indexing inference to reduce the risk of continuously growing auto-indexing queues.
- The number of jobs spawned per round of auto-indexing inference per repo is capped (default: 100) to reduce risk of clogging of auto-indexing queues. Excess jobs will be discarded.
- The number of paths inspected for a single round of auto-indexing inference per repo is capped (default: 500) to reduce risk of timeouts. Excess paths will be discarded.
Code Intel Handle annotated tag hashes passed as 'commit' for uploads
Fixes handling of SCIP uploads when the hash passed to the -commit flag of src-cli corresponds to the hash of an annotated tag instead of the hash of a commit. Previously, these uploads were not accessible for code navigation.
Source The sync of a GitHub repositoryQuery failing will no longer cause repos to be deleted
- GitHub code host connections using repositoryQuery will no longer delete repositories if the sync fails for reasons like a GitHub outage or a token expiring.
Batch Changes Enable GQL request splitting via BATCH_CHANGES_REQUEST_SPLITTING
fix(batches): enable GQL request splitting via BATCH_CHANGES_REQUEST_SPLITTING
Codyapi Add usage to completions/chat (CODY-3498)
Added token usage information to .api/llm/chat/completions
Code Nav Trigger hovers for all programming languages
Fixes a bug where hovers were not triggered for less mainstream languages like F#, Standard ML, Visual Basic, Pkl, Hack, MATLAB etc.
Code Search Exclude content filters from phrase boosting
This fixes a bug where we would apply a phrase boost if a content: filter was specified with keyword search enabled. This led to inconsistent behavior (regexp vs keyword search) and it also rendered the content: filter ineffective, because we ran a general text search instead of a just a content search.
Code Monitor Fail monitors with missing/unverified primary email address
fix(code-monitor): fail monitors with missing/unverified primary email address
Release Add stitched migration graph override (#935)
NA
Batch Changes Display "Deleted Namespace" instead of throwing an error
fix(batches): display "Deleted Namespace" instead of throwing an error
Code Intel Propagate error collector to fix retention tab GraphQL API call
Fixes a bug where the retention tab for precise indexes would show a nil pointer exception instead of retention information.

Other

Release: Prep stitched migration graph for release (#1388)
n/a
Enable reranker by default if Gateway is enabled
Cody Chat: the context engine now uses the reranker by default everywhere where Cody Gateway is enabled.
Add code llama 7B model for ab test
- adding code llama 7B for completions
Hide auto submit checkbox and add promoted badge
OPTIONAL; info at https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c
Worker: Fix configuration error reporting
A bug in configuration validation in the worker service has been fixed. Configuration mistakes are now correctly reported again.
Creating/Editing Prompts Re-design
- The prompt creation/edit page has been redesigned.
Add recommended flag to Prompt Templates
- Adds ability to mark prompts as recommended and then sort the recommended prompts at the top.
Analytics Report token usage per request to telemetry
Added LLM token usage telemetry
Code Search Remove all non-single job pod code from Executors on Kubernetes.
- The environment variable KUBERNETES_SINGLE_JOB_STEP_IMAGE is now KUBERNETES_JOB_STEP_IMAGE.
- Both environment variables are read, with preference given to KUBERNETES_JOB_STEP_IMAGE, to preserve backward compatibility, but reading of KUBERNETES_SINGLE_JOB_STEP_IMAGE may be removed in a future version.
Bugfix: escape spaces in repo filter names
- Fixed a bug that would cause filters added from the search sidebar to not be correctly escaped
Add prompt mode
- Adds mode (CHAT, EDIT, INSERT) to prompt.
Feature: add internal/tracelog: a log.Logger that only logs if tracing is enabled
Added a new internal/tracelog package that provides a conditional logger for tracing. This logger only logs when tracing is enabled, improving performance by reducing unnecessary logging.
Feature/source: implement core logic for parsing / evaluating Perforce IP addresses for sub repo permissions
For the Perforce IP permissions implementation, this PR introduces machinery that implements the ability to parse the IP address expressions from the perforce protections table and compare them against the user's IP address (that's advertised from the incoming X-FORWARDED-FOR header.

Namely, this PR:
- Introduced parsePerforceIPString, which parses Perforce IP strings (e.g., CIDR expressions, specific IP addresses) into an ipMatcher for IP validation.
- Implemented multiple ipMatcher types, including:
  - addrMatcher for exact IP matches.
  - cidrMatcher for checking IPs within a CIDR range.
  - alwaysTrueMatcher for wildcard * expressions.
- Added toggleableIPMatcher, which either enables or disables IP enforcement based on site configuration settings.
- Created matcherCache for caching recent IP string to ipMatcher translations, improving efficiency.
- Updated NewRequestClientIPSource to properly derive IP from the x-forwarded-for header.
(feature): site-config: add ipParseCacheSize to schema for enforce IP restrictions schema
Added a new ipParseCacheSize configuration option for sub-repo permissions to control the caching of Perforce "Host" to IP address translations.
Feature/site-config: add site configuration setting for enforcing IP restrictions
Added enforceIPRestrictions setting to the SubRepoPermissions section in site configuration, allowing IP-based enforcement using the X-FORWARDED-FOR header.

Updated JSON schema to require SubRepoPermissions to be enabled when enforceIPRestrictions is enabled.

Added validation in Perforce external service configuration to ensure IgnoreRulesWithHost and enforceIPRestrictions cannot be enabled simultaneously.

Updated internal implementation to associate each Perforce rule with an IPMatcher for IP-based rule enforcement.
Feature/plumbing: sub_repo_perms: do pumbling to thread comparing IP addresses alongside paths
This PR introduces logic for IP-based permissions in the authz provider for Perforce: 1. Modified interfaces in internal/authz/sub_repo_perms.go to accept caller's IP address for enforcing IP permissions. 2. Introduced a new IPSource interface to provide IP addresses for sub-repo permissions implementation. 3. Updated rule implementation to include an IPMatcher for comparing provided IP addresses with Perforce rule IP addresses.

This change lays the groundwork for supporting IP-based permissions in Perforce authz provider.
Add autoSubmit & includeViewerDrafts to Cody prompts
- Adds options to set prompts to "Auto Submit", which would automatically execute the prompts in one-click.
Fix bug where text pushed buttons out of the container
Add ability to duplicate existing prompts
- Users can now duplicate existing prompts.
Security Update rules_apko and fix issues with sg wolfi v2
- Build containers using latest version of apko and rules_apko
Blob View: Ensure copy button copies full path and not displayed path
- Fixes a bug where certain copy path buttons were only copying the visible path and not the full path of a file.