Releases Release 6.9
OCTOBER 29, 2025

Sourcegraph 6.9

A newer version of Sourcegraph is available: Sourcegraph 6.12.

Details

Improvements

  • Deep Search Make MCP tool outputs conform to output schema

    We have updated the structured response of all MCP tools to conform to the advertised output schema.

  • Deep Search Introducing Pricing Plans and Major Updates for Deep Search
  • Deep Search Add retry button for failed questions

    Add retry button to resubmit questions when errors occur in Deep Search

  • Deep Search Add RBAC

    Added RBAC to Deep Search. By default, all users have full read and write access for Deep Search, but this can be restricted by changing the default role permissions or by creating new custom roles.

  • Deep Search Add quick link from repo navigation

    Added a new Explain with Deep Search button in repository navigation that opens a pre-filled Deep Search conversation with context about the current repository or file.

  • Deep Search Disallow deep-search for older Sourcegraph instances
  • Deep Search Revise quota management system in Enterprise Portal
  • Batch Changes Embed batch changes creation page in SvelteKit app

    Migrated the batch changes creation page to SvelteKit, including all three UI variations: new template creation, classic form creation, and execution-disabled instruction page.

  • Batch Changes Embed home page in SvelteKit app

    Batch Changes home page is now rendered within the SvelteKit application framework.

  • Administration Add site admin pings page

    Added a pings page to the site admin interface.

  • Administration Add site admin gitservers page
  • Administration Add license site-admin page to Svelte app
  • Administration Add feature flags page to Svelte app
  • Administration Add global-settings page

    Added global-settings page to site admin interface

  • Administration Add site admin support to Svelte app

    Added site admin support to the Svelte app, including Overview, Feedback surveys, and Site configuration pages

  • Authentication Embed password reset page
  • Authentication Embed sign-in, sign-up and post-sign-up pages

    Sign-in, sign-up, and post-sign-up pages are now embedded in the Svelte application.

  • Cody Add Claude Haiku 4.5
  • Cody Add Claude Sonnet 4.5
  • Access Control Add 'request access' page to Svelte app

    Added a 'request access' page to the Svelte app, allowing users to request access when needed.

  • Code Graph Embed React repo code-graph pages
  • Source Allow 'all' value for requiredSsoOrgs

    Allow 'all' value for requiredSsoOrgs parameter to require authorization to all SSO organizations

  • Source Handle X-GitHub-SSO headers for auth validation

    Added support for validating GitHub SSO authentication via X-GitHub-SSO headers. Admins can now configure required SSO organizations in the sign-in provider settings to ensure users properly authenticate with SSO-enabled orgs. Error messages for authentication issues are now displayed on the Account Security page.

  • Source Have git fetch mark repositories as corrupt if "fatal: bad object xxx" occurs
  • User Settings Embed user profile and settings into Svelte app

    User profile and settings pages are now rendered in the Svelte app, with improved UI for the profile page and enhanced sidebar navigation supporting menu groups.

  • Webhooks Add incoming webhooks site-admin pages
  • Webhooks Add site admin outgoing webhooks page

    Added site admin page for managing outgoing webhooks

Fixes

  • Deep Search Emit telemetry events for external client API usage
  • Deep Search Fix viewer polling API calls for shared threads
  • Deep Search Fix broken links in responses with deepsearch in URL

    Converts schemeless URLs generated by the LLM to absolute URLs to prevent broken links containing /deepsearch/ in the path.

  • Deep Search Fix up/down arrow keys in text box
  • Deep Search Fix code preview spacing
  • Code Search Ignore deleted users when fetching saved searches
  • Batch Changes Add metadata identification for gitlab pushed-only changesets
  • Batch Changes Avoid changeset duplication for Gerrit

    Fixed changeset duplication for Gerrit during network instability by adding pre-retry verification to check if changes already exist before retrying failed operations.

  • Batch Changes Replace react-router imports with universal wildcard for changeset list UI

    Fixed runtime errors in batch changes changeset diff UI when rendered within SvelteKit

  • Authentication Correctly advertise all scopes
  • Authentication Do not let IdP tokens do IdP write operations
  • Authentication Fix client-side password comparison and validation

    Fixed password validation to properly compare password and confirm password fields across component re-renders

  • Cody Fix prompt visibility toggle permission check
  • Cody Make thread history button more discoverable
  • Executors Make k8s jobs secret creation idempotent

    The kubernetes executor now idempotentally creates secrets (deleting and recreating it if it exists already) instead of failing the entire job.

  • Permissions Preserve permissions during temporary API errors
  • Permissions Github: treat 500/502/503/504 and HTTP/2 stream cancellations as temporary errors
  • Permissions Always clean up permissions for non-existent accounts

    Fixed a race condition where deleting an external account in the middle of a permissions sync could cause permissions for that account to stick around indefinitely.

  • RBAC Ensure that create role modal is fully visible
  • Repositories Fix Gerrit icon theme adaptation

    Gerrit icon now properly adapts to light and dark themes.

  • Security Update redis to 7.4.6-272

    Updated redis to 7.4.6-272, which patches CVE-2025-49844, CVE-2025-46817, CVE-2025-46818, and CVE-2025-46819

  • Autocomplete Fix trailing whitespace in assistant messages for all API versions
  • Perforce Don't error on empty p4broker data

    Fixed an issue where a Perforce user's permissions would not be removed when the user was deleted on Perforce and p4broker was being used as a proxy.

  • Source Gitserver: change fs.DeleteRepo repository existence check to see if the folder exists, not HEAD file alone
  • Source Gitserver: have fetch corruption detection logic also examine last megabyte of command output
  • Source Remove verified email requirement when connecting an external account

    Allow connecting GitHub accounts with no verified emails when already authenticated

  • Source Various external accounts modal tweaks
    • Fixed Gerrit account connection modal not reopening after being closed in external accounts settings
    • Fixed Gerrit icon visibility issues
    • Improved spacing consistency between React and Svelte external account modals
  • User Settings Fix password update form validation

    Fixed password update form validation in user settings

Removed

  • Code Intel All code associated with LSIF support

    Removed support for LSIF format.

  • Analytics Remove site-admin/analytics pages

    The deprecated site-admin analytics pages have been removed. All Sourcegraph analytics are available at analytics.sourcegraph.com.

  • Inference Remove support for gemini-1.5-pro-002

    Removed support for the deprecated gemini-1.5-pro-002 model

Self-hosted resources