Sourcegraph 7.2.0

Clarified Deep Search sharing notice to explicitly indicate that code will be visible to anyone with the link.

Converted Deep Search history sidebar from fixed overlay to inline layout that persists state across reloads

Improved visual feedback when forking conversations

Forked conversations display a fork indicator in the sidebar and thread header, with a "View parent conversation" option in the menu

Added a copy button next to file paths in the Deep Search citations panel for easier copying to clipboard.

Conversation titles can now be renamed by clicking the title or using the rename button in the options menu.

• Deep Search displays a proactive warning at 75% context capacity
• When context limit is reached and summarization fails, Deep Search now shows a call-to-action to fork the conversation

Use TypeWriter effect for smoother Deep Search conversation streaming

Add in-place conversation forking and parent navigation to the Deep Search sidebar. Users can fork a conversation from any question and navigate back to the parent conversation, all without leaving the sidebar. This mirrors the forking behavior already available on the main Deep Search page.

Load mermaid diagram renderer lazily to reduce initial JavaScript bundle size when opening Deep Search.

Tool calls and redis broker operations now have a 2-minute timeout to prevent runaway operations and improve system stability.

Added PDF export option to Deep Search conversations.

Deep Search now uses a faster and more reliable model (GPT-5.4 Nano) to generate conversation titles.

Deep Search users can now fork from any question in an existing conversation. Forking creates a new conversation that includes all questions and answers up to and including the selected question, making it easy to branch into a new line of inquiry while preserving valuable context

When you delete a Deep Search conversation from history, you’ll now see the same small confirmation pop-up used in "Recent conversations".

Deep Search homepage now displays global notices configured with location "home", matching the behavior of the code search homepage.

Improve styling of inline errors in deep search conversations.

Deep Search now receives the user and date info at the start of every conversation.

Code Navigation tooltips can now be used in the Deep Search citations panel without needing to expand a citation.

Commit searches with date filters (after: / before:) are now significantly faster on large repositories.

Indexed search is now faster during both searching and indexing.

Added onboarding prompts to help new users discover Query Assist.

Query assist is now enabled by default for customers with code search licenses who have signed AI terms.

Adds a focus=search URL parameter for the search results page. When present, the search input is focused instead of the first search result, and suggestions are suppressed until the user interacts with the input. This enables external tools (e.g. golinks) to deep-link into Sourcegraph search with the cursor ready for query refinement.

Added Alt+B keyboard shortcut to toggle git blame view in file viewer

Code intelligence hovers are now faster thanks to a simplified architecture that initiates requests earlier during file load and falls back to search-based results more quickly when precise data is unavailable.

Batch change admins can now select changesets and trigger a high-priority status sync from the code host using the "Sync changesets" bulk action on the batch change detail page.

GitHub OAuth tokens can now be used as Batch Changes credentials, providing an alternative to personal access tokens and GitHub Apps.

Added agentic workflows client prototype with three main pages: home page listing predefined workflows and running instances, template page with canvas UI for workflow configuration, and running instance page with logs and outputs panels for monitoring workflow progress.

Usage export now includes user metadata, eliminating the need for additional lookups based on user_id.

Include whether a user is a service account in opt-in user metadata exports.

Add filter support to ListConversationSummaries. Two filter types are supported: content_query for substring search (min 3 characters) and starred for filtering by starred status. Duplicate filters of the same type are rejected with InvalidArgument.

Add a basic repositories service to the Sourcegraph API that can fetch repositories by their ID.

A default ReferenceExample authentication provider is now available in /api-reference. Users can click "Authorize" in the "Authentication" modal to use their own credentials when making test requests in the reference.

The GetUser RPC now supports looking up users by their verified email address using the name parameter, for example: GetUser({ name: 'users/[email protected]' }

The users.v1.Service API now returns verified emails associated with the user.

Add repos field to Azure DevOps external service for explicit repository selection

Updated the required src CLI version to 7.0.2, with OAuth support and more.

Retry git operations on executors to improve reliability during gitserver pod shutdowns.

Admins now receive notifications to clean up GitHub Apps on Sourcegraph if they have been deleted on GitHub.

Normalized LLM provider stop reasons into a consistent enum, enabling provider-agnostic error handling for refusal and content filter cases in deep search and subagents.

Added support for specifying reasoning effort overrides per request, allowing different applications to use different thinking levels with the same model.

Add support for GPT-5.4 models (base, mini and nano).

Added a thinking variant of Claude Sonnet 4.6 to the model selector for comparison and testing purposes.

Add support for Gemini 3.1 Flash Lite

The Code Intelligence Platform and Cody Enterprise plans no longer require a separate license key to use AI features beyond Cody. Deep Search, AI query assist, and future AI features are now automatically enabled on these plans.

MCP tools now validate arguments earlier and provide clearer error messages that mention the specific argument incorrectly used.

• MCP read_file: Large files (>128KB) now return the first 200 lines (further capped by bytes to avoid huge responses from files with very long lines) as accurately line-numbered content. The truncation notice is returned in ToolExecutionResponse.Note instead of being appended to the file content, preserving the guarantee that each numbered line corresponds to an actual file line. Binary files are detected and return a clear message with MIME type instead of a misleading line count.
• MCP nls_search: Tool description rewritten to accurately describe OR-logic keyword matching with stemming. No longer claims to be "semantic search". Includes explicit examples of correct vs incorrect query formatting.
• MCP list_repos: Now accepts an empty query to list all available repositories. A default pagination limit is always applied at the database layer to prevent unbounded table scans.
• MCP tool descriptions: Removed redundant preamble from all non-dotcom tool descriptions.

Added a new RBAC permission MCP#ACCESS for accessing MCP endpoints under /.api/mcp.

Added a new "/all" MCP endpoint that users can opt into before it becomes the default in the next release.

Added site configuration mcp.enabled to allow admins to disable MCP API endpoints instance-wide

Added MCP tool behavior annotations so Sourcegraph tool definitions now expose safety hints like read-only, destructive, idempotent, and open-world to clients

For self-hosted customers:

• Grafana panels now display informative tooltips on hover to help interpret each panel
• Gitserver and Zoekt Grafana dashboards now include improved explanatory text for resource usage interpretation

Added granular SITE_CONFIG#{READ,WRITE} RBAC permissions for site administration endpoints, allowing non-admin users with the appropriate role to view or modify site configuration options.

Administrators can now grant non-site-admin users the ability to manage repositories and code host connections through the new REPO_MANAGEMENT permission. Users with this permission can access the Repositories section of the admin interface without requiring full site administrator privileges.

Gitserver can now be scaled up or down without downtime using secondary fallbacks and a graceful drain mechanism via the SRC_GITSERVER_DRAIN_SHARDS environment variable.

Added sort by last committed (asc/desc) to /admin/repositories, making it easier for admins to identify stale repositories.

Repository pages now show repository icons sync'd from code hosts.

Inline markdown (such as backtick-wrapped code) in changelog post titles and taglines now renders correctly in the in-product changelog modal.

External services with expired credentials are now automatically suspended and will not retry syncing until credentials are updated. The UI displays the suspended state and prompts admins to take action.

Support GitHub's theme-specific image syntax in markdown rendering, allowing images to adapt based on light/dark theme context.

Added adminOnly attribute to notices configuration, allowing site administrators to create banners visible only to other admins.

Self-hosted Sourcegraph no longer requires separate buckets for LSIF uploads and search jobs: a single SOURCEGRAPH_UPLOADS_ bucket can now be used for all features. Existing configurations for AWS S3 and GCS object storage will be respected for LSIF uploads and search jobs. To learn more, refer to https://sourcegraph.com/docs/self-hosted/external-services/object-storage

Added warning to administrators when the new sourcegraph bucket requirement is not fulfilled. Self-hosted customers using GCS or AWS S3 will soon need to manually prepare this bucket - see https://sourcegraph.com/docs/self-hosted/external-services/object-storage for more details.

Deep search now displays tool call errors instead of silently showing no results.

Fixed an issue where clicking "Cancel" while a Deep Search conversation or follow-up question was being created would be silently ignored. The cancel now executes once the server responds with the conversation/question ID.

Fixed token limit error incorrectly suggesting to fork on the first question when there's no prior context.

Adjusted copy button positioning in deep search code blocks for more balanced spacing.

Fixed summarization failures in Deep Search when token limits are exceeded.

The prompt editor now automatically receives focus when the /deepsearch page loads.

Fixed explore panel not populating when using "find references" from citation hover cards by including the end position of the symbol range.

Cancelled Deep Search questions now remain visible in conversation history when asking follow-up questions.

Add copy button to code blocks without a language specifier in deep search answers

Aligned error boxes with question cards in deep search interface

Fixed visual jitter of question-answer pairs in forked conversations during streaming.

Hide the fork button on DeepSearch answers that are part of the fork origin context.

MCP and Deep Search tools now surface search alerts when a query matches no repositories, times out, or hits another issue.

Reduced visual jitter in conversations by only animating the most recent answer card instead of all cards during conversation reloads.

Fixed an issue where deleted Deep Search conversations could reappear in the history sidebar or recent conversations menu. Deleted conversations are now consistently removed across both views.

Fixed source reference pills in the deep search prompt editor and question cards from triggering unnecessary page reloads when clicked. Pills in the prompt editor are now non-clickable, while question card pills only navigate when showing different content than currently displayed.

Fixed symbol search and conversation search not returning results in the command palette.

count and timeout fields now apply consistently across OR expressions in search queries.

All citations and sources are now always visible for Deep Search conversations, with consistent counts between the conversation header and the right sidebar.

Disabled a recent optimization in search indexers which sometimes led to git processes with large memory usage while indexing a repository.

Query assist promo now remains visible in search suggestions after onboarding, positioned above the "Narrow your search" section instead of being removed entirely.

Hid the Query Assist promo suggestion after a user starts typing a query.

Unindexed search now uses the same maximum file limits as indexed search (1 MB instead of 2 MB).

Fixed non-deterministic count of "skipped files" in index options. For large repos, the count could fluctuate with every page refresh.

When switching from Precise to Search in the Explore panel, fetch search-based results from the API instead of showing an empty tab. Previously, the Search tab reused the same precise query and showed no results.

Fixed explore panel not showing local references in certain situations when clicking "Find references" on a local symbol.

Removed deprecated PRECISE_CODE_INTEL_UPLOAD_TTL environment variable. Configure CODEINTEL_UPLOADSTORE_EXPIRER_MAX_AGE on the worker container instead.

Fixed an issue where enqueuing already existing Precise auto-indexing jobs resulted in a warning.

Fixed bulk delete to only affect uploads from the active tab (auto-indexing or user uploads), preventing unintended deletion of uploads from the other source.

Fixed database constraint for pushed-only changesets to align with application code

Fixed setup error display for GitHub Apps and OAuth apps in code host connections

OAuth authentication options are now hidden when adding site credentials for batch changes, as OAuth is not supported for site-level credentials. Only Personal Access Token authentication is shown for GitLab and Bitbucket site credentials.

Deleting a batch changes user credential now also removes its associated BATCH_CHANGES external account, preventing orphaned accounts while preserving AUTH accounts to maintain user access.

Fixed error when updating changeset events with GitLab pipeline metadata

Fixed incorrect GitHub review statuses showing as pending after a PR is merged

All GitHub Apps, including ones used for Batch Changes, can now be deleted from the /admin/github-apps page.

Fixed OAuth client scope selection for admin-created clients

Fixed an issue where GitHub App code host connection pages without an installationID would crash.

Admin notifications for deleted code hosts are now automatically cleared.

MCP clients using random ports in redirect URIs no longer require reauthentication when the port changes.

Fixed OAuth device authorization endpoint advertisement to match the actual registered endpoint path, preventing 404 errors for clients using metadata-based discovery.

Enabled OAuth tokens to make API requests on sourcegraph.com

• Kubernetes executor jobs now include a run ID in their name to ensure uniqueness for each execution
• Labels (job-id, queue, run-id, commit) and repository annotation added to jobs for easier querying and debugging

Reduced the number of stale executors tracked in the executors list.

Deprecated statusFilters in modelConfiguration to simplify model availability. Sourcegraph now automatically determines which models should be available, eliminating cases where important models may be accidentally excluded through configuration. Individual and provider-specific models may still be excluded through modelFilters.

Fixed auto-edit failures on instances using modelConfiguration.systemPreInstruction.

Fixed tool call events for Gemini models to prevent client-side errors when mapping responses to tool calls.

Preserve raw JSON bytes in Anthropic tool-call handling to prevent cache invalidation caused by JSON reformatting.

MCP endpoints now accept Personal Access Tokens using the standard Authorization: Bearer <token> format for compliance with the MCP authorization specification (RFC 6750).

Fixed certain notifications not appearing in the sidebar admin alerts

Grandfathered in the MCP#ACCESS RBAC role to all existing service account roles to avoid restricting access if your system role previously used MCP.

Acronyms in RBAC namespaces are now correctly displayed in uppercase (e.g., "IdP" instead of "Idp").

Fixed unwanted shadow and border styling on role collapsible headers in the RBAC roles page

Fixed edge-case in gitserver where zero repos on the primary shard caused database errors when syncing repo status

Fixed cross-site scripting vulnerability where repository file paths containing HTML metacharacters could execute arbitrary scripts when viewing file diffs.

Fixed Slack bot not responding in Enterprise Grid environments with shared channels or org-level installs

Fixed GitHub icon display in dark mode on the code host connections configuration page

Removed duplicate close button from export modal

Improved performance when retrieving git notes for commits

Fixed cache disk filling up due to temporary files never being cleaned up after process restarts.

Removed Mixtral 8x22B Instruct model from available model configurations

Gemini 3 Pro and 2.0-flash-exp are not accessible anymore.