CHANGELOG.md

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

[4.16.8] - 2026-04-09

Added

• Linear issue links in chat responses now render as a rich card-style UI showing the Linear logo, issue identifier, and title instead of plain hyperlinks. #1060
• Added reasoningEffort configuration option for the Azure OpenAI provider. #1101
• Added reasoningSummary configuration option for the OpenAI and Azure OpenAI providers. #1102
• Added per-model temperature configuration option for all language model providers. #1103

Changed

• Links in Ask Sourcebot chat responses now open in a new tab with a subtle external link icon indicator. #1059
• Removed /~ from the root of most app URLs. #1076
• Deprecated SOURCEBOT_CHAT_MODEL_TEMPERATURE environment variable in favor of per-model temperature config. It no longer defaults to 0.3; if unset and no per-model temperature is configured, temperature is not sent to the API. #1103

[4.16.7] - 2026-04-03

Fixed

• Fixed "TypeError: pathRegexp is not a function" type error in the worker. #1093

[4.16.6] - 2026-04-03

Changed

• Bumped dependencies. #1082 #1083 #1084 #1085 #1086 #1087 #1088 #1089 #1090 #1091 #1092

[4.16.5] - 2026-04-02

Added

• Added GET /api/commit endpoint for retrieving details about a single commit, including parent commit SHAs #1077

Changed

• Replaced placeholder avatars with deterministic minidenticon-based avatars generated from email addresses #1072
• Changed author_name and author_email fields to authorName and authorEmail in GET /api/commits response #1077
• Changed oldPath and newPath in GET /api/diff response from "/dev/null" to null for added/deleted files #1077
• Bumped simple-git to 3.33.0. #1078

[4.16.4] - 2026-04-01

Added

• Added GET /api/diff endpoint for retrieving structured diffs between two git refs #1063

Fixed

• Fixed GET /api/mcp hanging with zero bytes by returning 405 Method Not Allowed per the MCP Streamable HTTP spec #1064
• Fixed tokens with trailing newlines breaking git clone URLs by adding .trim() in getTokenFromConfig() #1067

Removed

• Removed "general" settings page with options to change organization name and domain. #1065

Changed

• Changed the analytics and license settings pages to only be viewable by organization owners. #1065

[4.16.3] - 2026-03-27

Added

• Added support for .gitattributes linguist-language overrides in the file viewer (#1048)
• Added Basic language syntax highlighting in the file viewer (#1054)

Fixed

• Fixed Ask GitHub landing page chat box placement to be centered on the page instead of at the bottom. #1046
• Fixed issue where local git connections (file://) would fail when matching a file instead of a directory. #1049
• Fixed regex queries containing parentheses (e.g. (test|render)<) being incorrectly split into multiple search terms instead of treated as a single regex pattern. #1050

[4.16.2] - 2026-03-25

Fixed

• Fixed line numbers being selectable in Safari in the lightweight code highlighter. #1037
• Fixed GitLab sync deleting repos when the API returns a non-404 error (e.g. 500) during group/user/project fetch. #1039
• Fixed React hydration mismatch in KeyboardShortcutHint caused by platform detection running at module load time during SSR. #1041
• Fixed rendering performance for ask threads, especially when hovering or selecting citations. #1042

Added

• Added optional copy button to the lightweight code highlighter (isCopyButtonVisible prop), shown on hover. #1037

[4.16.1] - 2026-03-24

Fixed

• Fixed scroll position when selecting chat references that point to lines further down in a file. #1036

[4.16.0] - 2026-03-24

Changed

• Changed language detection to resolve file extensions with multiple language resolutions (e.g., .md) to the most common resolution. #1026
• Changed the webUrl property of the /api/repos api to return a URL rather than just a path. #1014
• Changed the ask search scope selector to allow submitting questions with no search scope selected. When no selection is made, the agent will be able to search over all repos the user has access to. #1014
• Renamed the search_code tool to grep for ask and mcp. #1014
• Improved auto-scroll behavior in the ask chat thread. #1031

Added

• Added glob, find_symbol_definitions, and find_symbol_references tools to the ask agent and MCP server. #1014
• Added list_tree tool to the ask agent. #1014
• Added input & output token breakdown in ask details card. #1014
• Added path parameter to the /api/commits api to allow filtering commits by paths. #1014
• Search contexts now support topic-based filtering with new includeTopics and excludeTopics fields, enabling repository filtering by GitHub/GitLab topics with glob pattern support and case-insensitive matching.#1028

Fixed

• Fixed issue where ask responses would sometimes appear in the details panel while generating. #1014
• Fixed reference panel overflow issue in the ask UI. #1014
• Fixed homepage scrolling issue in the ask UI. #1014
• Fixed UI freeze when the grep tool returns a large number of results with groupByRepo=true. #1032
• Fixed issue where the search scope selection persisted after a new thread is created. #1033
• Fixed inaccurate scroll position when selecting a chat reference in the ask UI. #1035

[4.15.11] - 2026-03-20

Changed

• Updated JumpCloud SSO documentation to clarify token endpoint authentication method requirement and AUTH_SECRET configuration. #1022
• The ask_codebase MCP tool is now hidden when no language model providers are configured. #1018

[4.15.10] - 2026-03-20

Changed

• Increased SOURCEBOT_CHAT_MAX_STEP_COUNT default from 20 to 100 to allow agents to perform more autonomous steps. #1017
• [EE] Fix error with Jumpcloud SSO state param #1020

[4.15.9] - 2026-03-17

Added

• Added read-only annotations to MCP tools for compatibility with Cursor Ask mode and other MCP clients that restrict tool usage based on behavior hints. #1013

[4.15.8] - 2026-03-17

Added

• Added support for connecting to Redis over TLS via REDIS_TLS_ENABLED and related environment variables. #1011

Changed

• filterByFilepaths in the MCP search_code tool now accepts regular expressions matched against the full file path, instead of treating values as escaped literals. #1008

Fixed

• Connection sync job failures now log the actual error reason instead of a generic message. #1012

[4.15.7] - 2026-03-16

Added

• Added AGENTS.md with Cursor Cloud development environment instructions. #1001
• Added support for configuring SMTP via individual environment variables (SMTP_HOST, SMTP_PORT, SMTP_USERNAME, SMTP_PASSWORD) as an alternative to SMTP_CONNECTION_URL. #1002
• Added DISABLE_API_KEY_CREATION_FOR_NON_OWNER_USERS and DISABLE_API_KEY_USAGE_FOR_NON_OWNER_USERS environment variables to restrict API key creation and usage to organization owners. #1007

Changed

• Deprecated EXPERIMENT_DISABLE_API_KEY_CREATION_FOR_NON_ADMIN_USERS in favour of DISABLE_API_KEY_CREATION_FOR_NON_OWNER_USERS. The old variable will continue to work as a fallback. #1007

Modified

• Made OSS license audit runnable locally #1021

[4.15.6] - 2026-03-13

Added

• Added generated OpenAPI documentation for the public search, repo, and file browsing API surface. #996
• Added OSS license audit github action. #1003

Fixed

• [EE] Fixed account-driven permission sync silently wiping all Bitbucket Server repository permissions when the OAuth token expires on instances with anonymous access enabled. #998
• [EE] Fixed Bitbucket Server repos being incorrectly treated as public in Sourcebot when the instance-level feature.public.access flag is disabled but per-repo public flags were not reset. #999
• [EE] Fixed account-driven permission sync jobs failing when OAuth tokens expire between user visits by moving token refresh into the backend sync flow. #1000

[4.15.5] - 2026-03-12

Added

• [EE] Added JumpCloud as an identity provider for SSO authentication. #997

Changed

• Require explicit invocation of ask_codebase tool in MCP #995
• Gate MCP API behind authentication when Ask GitHub is enabled. #994

[4.15.4] - 2026-03-11

Added

• [EE] Added multi-owner support with promote/demote actions. #988
• [EE] Added PERMISSION_SYNC_REPO_DRIVEN_ENABLED environment variable to enable/disable repo-driven permission syncing. #989
• [EE] Added enforcePermissions per-connection flag to control whether repository permissions are enforced for a given connection. Defaults to the value of PERMISSION_SYNC_ENABLED. #991
• [EE] Added repoDrivenPermissionSyncIntervalMs and userDrivenPermissionSyncIntervalMs config settings, deprecating the experiment_ prefixed variants (still respected as fallbacks). #991
• [EE] Added enforcePermissionsForPublicRepos per-connection flag to restrict public repository visibility to users with a linked account for that connection's code host. #993

Changed

• [EE] Promoted PERMISSION_SYNC_ENABLED as the canonical env var for enabling permission syncing, deprecating EXPERIMENT_EE_PERMISSION_SYNC_ENABLED (still respected as a fallback). #991

[4.15.3] - 2026-03-10

Fixed

• [EE] Handle duplicate resource query parameters in the OAuth authorization endpoint. #987

[4.15.2] - 2026-03-06

Fixed

• [EE] Avoid advertising OAuth support on MCP endpoints if that entitlement is not actually configured. #985

[4.15.1] - 2026-03-06

Fixed

• Fixed issue where users would not be redirected to the homepage when clicking "continue with guest". #984

Changed

• Increased pagination limit to 1000 for bitbucket data center requests. #981

[4.15.0] - 2026-03-05

Added

• Added MCP and API key usage tracking to analytics dashboard and added audit retention system #950

[4.14.0] - 2026-03-05

Added

• Added support a MCP streamable http transport hosted at /api/mcp. #976
• [EE] Added support for Oauth 2.1 to the remote MCP server hosted at /api/mcp. #977

[4.13.2] - 2026-03-02

Changed

• Upgraded Vercel AI SDK from v5 to v6. #969
• Added support for using bearer tokens with anthropic. #967
• Updated to Next.JS 16. #970

Fixed

• Preserve regex and case sensitivity query parameters when loading more search results. #972
• Fixed page navigation failing after Next.js 16 upgrade by removing router.refresh() calls immediately following router.push(). #974
• Add filesystem-first GC scan to remove orphaned repo directories and index shards that have no corresponding database record. #973

[4.13.1] - 2026-02-28

Changed

• Bumped tar to 7.5.9. #953
• Bumped @isaacs/brace-expansion to 5.0.1. #952
• Bumped qs transitive dependency to ^6.14.2 via yarn resolutions. #954
• Bumped @aws-sdk/credential-providers to ^3.1000.0. #955
• Bumped rollup transitive dependency to ^4.59.0 via yarn resolutions. #956
• Bumped next to 15.5.10. #960
• Bumped nodemailer to 7.0.11. #959
• Bumped glob transitive dependency to ^10.5.0 via scoped yarn resolutions. #962
• Bumped @react-email/preview-server to 5.2.8. #961

Fixed

• Validate ref and path inputs in git API routes to reject values that could affect git command behavior. #965

[4.13.0] - 2026-02-27

Added

• Added pagination and UTC time range filtering to the audit GET endpoint. #949
• Added AI Search Assist — describe what you're looking for in natural language and AI will generate a code search query for you. #951

Fixed

• Fixed search query parser rejecting parenthesized regex alternation in filter values (e.g. file:(test|spec), -file:(test|spec)). #946
• Fixed content: filter ignoring the regex toggle. #947

[4.12.0] - 2026-02-26

Added

• Added Bitbucket Cloud SSO & Permission syncing support. #924 #925
• Added Bitbucket Data Center SSO & Permission syncing support. #934 #938
• Added PostHog events for chat UI interactions (details card expand/collapse, copy answer, table of contents toggle). #922
• Added wa_user_created PostHog event fired on successful user sign-up. #933
• Added wa_askgh_login_wall_prompted PostHog event fired when an unauthenticated user attempts to ask a question on Ask GitHub. #933
• Added login wall when anonymous users try to send messages on duplicated chats (askgh experiment). #939
• Added GET /api/ee/user endpoint that returns the authenticated owner's user info (name, email, createdAt, updatedAt). #940
• Added selectedReposCount to the wa_chat_message_sent PostHog event to track the number of selected repositories when users ask questions. #941
• Added ability to re-sync repo permissions from the "linked accounts" settings page. #945

Changed

• Hide version upgrade toast for askgithub deployment (EXPERIMENT_ASK_GH_ENABLED). #931
• Hide security notice on login and signup pages when EXPERIMENT_ASK_GH_ENABLED is enabled. #943

Fixed

• Fixed text inside angle brackets (e.g., <id>) being hidden in chat prompt display due to HTML parsing. #929 #932
• Fixed permission sync banner flashing on initial page load. #942
• Fixed issue where the permission sync banner would sometimes not appear until the page was refreshed. #942

[4.11.7] - 2026-02-23

Changed

• Skip redundant dev build when production release commits are pushed to main. #919
• Bumped zoekt version. #921

[4.11.6] - 2026-02-21

Added

• Added GitHub workflow to automatically tag Linear issues with the release version when a new release is published. #917
• Added optional gitUser field to the Bitbucket connection config to support Bitbucket Cloud API tokens, which require an email address for the REST API but an Atlassian username for git clone. #918

[4.11.5] - 2026-02-21

Fixed

• Skip calling getCommitHashForRefName for empty repositories to avoid noisy debug log output. #914
• Fixed "Open in GitLab" links having a double slash when the GitLab host URL is configured with a trailing slash. #915

[4.11.4] - 2026-02-20

Fixed

• Fixed og:image URL resolving to localhost instead of the public domain when the app is deployed behind a reverse proxy. #908
• Fixed search bar not taking the full width on the search results and browse pages. #909
• Added max height to the chat input box so it scrolls instead of expanding unboundedly when a large blob of text is pasted. #913

Changed

• Changed the "Open in" button copy to distinguish between Bitbucket serve & cloud. #910
• Alt+Enter (Option+Enter on Mac) now inserts a newline in the chat input instead of submitting. #912

[4.11.3] - 2026-02-19

Fixed

• Fixed issue where chat threads created via the /api/chat/blocking endpoint would not have any messages when called without authentication. #907

Changed

• Added chatId to all chat related posthog events. #907

[4.11.2] - 2026-02-18

Fixed

• Fixed Bitbucket Server and Cloud repo identifiers to include the project key, preventing collisions across projects. Note: Bitbucket Cloud users with exclude.repos patterns must update them from workspace/repo to workspace/PROJECT_KEY/repo format. #904

Added

• Added optional visibility parameter to /api/chat/blocking endpoint and MCP ask_codebase tool to allow controlling chat session visibility in shared environments. #903
• Added defaultBranch, isFork, and isArchived fields to the /api/repos endpoint response and MCP list_repos tool. #905

[4.11.1] - 2026-02-18

Changed

• Replaced backend_repo_index_job_completed PostHog event with backend_repo_first_indexed, which fires only on the first successful index of a repo. #900

Fixed

• Fixed startup env override parsing to ignore STDERR output, preventing Node warnings from breaking eval processing. #902

[4.11.0] - 2026-02-18

Added

• Added chat duplication to create copies of existing chats. #888
• Added Open Graph metadata and image generation for shared chat links. #888
• [EE] Added chat sharing with specific users, allowing chat owners to invite org members to view private chats. #888

Changed

• Changed chat permissions model from read-only flag to ownership-based access control. #888
• Improved anonymous chat experience: anonymous users can now create chats and claim them upon signing in. #888

Fixed

• Fixed issue where local repos with URL-encoded spaces in remote URLs would fail to load tree preview and index correctly. #899

[4.10.30] - 2026-02-12

Added

• Added PostHog events for repo index job success/failure and code host type to connection sync events. #878
• Added install_id to PostHog event properties. #880

Changed

• Changed the me-control to render the user's avatar in the top-bar. #874
• Moved the "current version" indicator into the "what's new" dropdown. #874
• Updated posthog-node to ^5.24.15 and posthog-js to ^1.345.5. #881

Fixed

• Fixed issue where "Open in Bitbucket" and commit links for Bitbucket Server repos had an extra /browse in the URL. #877
• Fixed slow repo indexing scheduling query by adding database indexes. #883

Removed

• Removed the Discord and GitHub buttons from the top corner. #874

[4.10.29] - 2026-02-10

Changed

• Changed the settings dropdown to display the commit SHA on which the deployment was built against. #868

Fixed

• Fixed issue where anonymous access on a Sourcebot instance with a unlimited seat license and anonymous access enabled would result in a "not authenticated" message being displayed. #866
• Fixed issue where session links generated for a ask_codebase mcp call would not be accessible to unauthed users. #873

[4.10.28] - 2026-02-07

Added

• Added support to set "Require approval for new members" via config with (REQUIRE_APPROVAL_NEW_MEMBERS). #858

Changed

• Improved stability for connection and repo indexing workers. #860

Fixed

• Fixed issue where certain file and folder names would cause type errors. #862
• Fixed token refresh error "Provider config not found or invalid for: x" when a sso is configured using deprecated env vars. #841
• Fixed issue where temporary shard files created on index failure were not being cleaned up. #805

[4.10.27] - 2026-02-05

Fixed

• [EE] Fixed issue where internal GitLab projects were not visible in Sourcebot when permission syncing is enabled. #857

[4.10.26] - 2026-02-05

Added

• [EE] Added notification banner when an account's permissions are being synced for the first time. #852

Fixed

• Fixed issue where the branch filter in the repos detail page would not return any results. #851
• Fixed issue where 5xx http errors would not be retried. #855

Changed

• Changed the queuing behaviour for permission syncing to prioritize newly created accounts & repos. #856
• Changed auth behaviour to store OAuth tokens, refresh tokens, and id tokens encrypted at rest in the database. #853
• Changed refresh token behaviour to source provider tokens from the DB rather than storing them in the JWT token. #853

[4.10.25] - 2026-02-04

Fixed

• Fixed issue where opening GitLab file links would result in a 404. #846
• Fixed issue where file references in copied chat answers were relative paths instead of full browse URLs. #847
• [EE] Fixed issue where account driven permission syncing would fail when attempting to authenticate with a GitHub App user token. #850

Added

• [EE] Added AUTH_EE_ALLOW_EMAIL_ACCOUNT_LINKING env var that, when enabled, will automatically link SSO accounts with the same email address. #849

[4.10.24] - 2026-02-03

Fixed

• Fixed issue where external links would use internal service DNS names in k8s deployments, making them inaccessible. #844

[4.10.23] - 2026-02-02

Added

• Added listCommits tool to Ask agent. #843

[4.10.22] - 2026-02-02

Added

• Added maxAccountPermissionSyncJobConcurrency and maxRepoPermissionSyncJobConcurrency settings to configure concurrency for permission sync jobs (default: 8). #840

[4.10.21] - 2026-02-02

Added

• Added /api/chat/blocking endpoint that creates a blocking Ask thread, used by the MCP server. #814
• Added /api/models endpoint to list configured language models. #814
• Added additional telemetry for api requests. #835

Fixed

• Fixed issue where files with a comma would not render correctly in file tree. #831

Changed

• Changed /api/source api to support fetching source code for any revision, not just revisions that are indexed by zoekt. #829
• Adjusted prompts and tools for Ask agent. #814

[4.10.20] - 2026-01-28

Fixed

• Fixed issue where searching for refs/heads/<default_branch> would return no matches. #809
• Fixed issue where source files would fail to load in the search preview panel and ask client. #812

[4.10.19] - 2026-01-28

Fixed

• Fixed loadConfig import in resolveEnvOverrides #802

[4.10.18] - 2026-01-28

Added

• Added ask sidebar to homepage. #721
• Added endpoint for searching commit history for a git repository. #625
• Added pushedAt field to the Repo table to track when a repository last was committed to across all branches. #790
• Added offset pagination to the /api/repos endpoint. #795
• Added offset pagination to the /api/commits endpoint. #795

Changed

• Added commit graph generation to improve performance for commit traversal operations. #791
• Made the code search lang: filter case insensitive. #795
• Changed the /api/source endpoint from a POST request to a GET request. Repo, path, and ref are specified as query params. #795
• Changed the /api/commits endpoint from a POST request to a GET request. #795
• Renamed webUrl to externalWebUrl for various apis. Moving forward, webUrl will be used for URLs that point to Sourcebot, and externalWebUrl will be used for URLs that point to external code hosts. #795
• Renamed various fields on the /api/source endpoint response body. #795

Fixed

• Fixed issue where a file would fail to load when opening it from the /search view and it matched multiple branches. #797
• [EE] Fixed GitLab OAuth token refresh failures by including the required redirect_uri parameter. #798

[4.10.17] - 2026-01-23

Fixed

• Properly map all hotkeys in UI based on the platform #784
• Allow parenthesis in query and filter terms #788
• Fixed issue where Sourcebot would not index the new default branch when changed. #789

Changed

• Changed the UI to display the default branch name instead of HEAD where applicable. #789

[4.10.16] - 2026-01-22

Changed

• Added isBranchFilteringEnabled flag to search_finished PostHog event. #781

Fixed

• Fixed reference guide key hint for PC #782

[4.10.15] - 2026-01-22

Fixed

• Fixed an issue where the value for ALWAYS_INDEX_FILE_PATTERNS env var wasn't being parsed correctly #773

[4.10.14] - 2026-01-21

Fixed

• Fixed "The data directory was initialized by PostgreSQL version 16, which is not compatible with this version 18.1" error when using the embedded database and upgrading to v14.10.13. #770

[4.10.13] - 2026-01-21

Changed

• Bumped AI SDK and associated packages version. #752
• Bumped Node.js version to v24. #753

Fixed

• Fixed hardcoded localhost URLs in org URL and invite links by using AUTH_URL as fallback. #764
• Fix autocomplete when repo includes default port #762
• Fixed "Repository not found for file: x" error when searching in orphaned shards. #761

[4.10.12] - 2026-01-16

Changed

• Added dialog when no authentication provider is configured. #744

Fixed

• Fixed "Invalid line number XXX in 21-line document" error when a invalid highlight range is passed to the file viewer. #745
• Fixed visual nit where ask sb search scope selector would render long repository names poorly. #747
• Fixed visual nit where long search previews in ask sb would take up a lot of space. #747
• Fixed issue where the last search results was getting clipped for searches that exceed the viewport height. #749

[4.10.11] - 2026-01-16

Fixed

• Fixed issue with filtering on generic git repo indexed from http/https #742
• Fixed auth error when trying to sync public gitlab.com project with no token #748
• Fixed "Ranges must be added sorted by from position and startSide" error when browsing certain files. #743

[4.10.10] - 2026-01-16

Added

• [EE] Add Ask chat usage metrics to analytics dashboard #736

Changed

• Improved initial file tree load times, especially for larger repositories. #739

[4.10.9] - 2026-01-14

Changed

• Remove references to demo from docs. #734
• Add docs for GitHub App connection auth. #735
• Improved error messaging around oauth scope errors with user driven permission syncing. #639

Fixed

• Fixed issue where 403 errors were being raised during a user driven permission sync against a self-hosted code host. #729
• Fixed "ambiguous argument 'HEAD^{commit}': unknown revision or path not in the working tree" error for blank repositories. #733
• Fixed issue where folders containing files with non-ASCII characters in their paths would appear duplicated in the file tree. #726

[4.10.8] - 2026-01-13

Changed

• Changed the default /repos pagination size to 20. #706
• Changed pull policy in docker compose file to always. #716
• Added Trigger Sync to /repos dropdown menu #710

Fixed

• Add warning logs when local repo index fails to match pattern. #712
• Fixed issue with text direction issues with special characters in filter panel. #474

[4.10.7] - 2025-12-29

Fixed

• Fixed auto-suggestion dropdown breaking queries with whitespace in repository names. Repository names containing spaces are now properly wrapped in quotes. #705

[4.10.6] - 2025-12-28

Fixed

• Fixed repository images not loading when anonymous access is disabled. #703

Changed

• Enable browser assisted autofill for username and password.#696

[4.10.5] - 2025-12-23

Changed

• Bake Sourcebot version into code rather than relying on build arg. #680
• Fix issue with /repos page pagination. #689
• Add better logs for gitlab config sync fails. #692

[4.10.4] - 2025-12-18

Fixed

• Fixed issue where parenthesis in query params were not being encoded, resulting in a poor experience when embedding links in Markdown. #674
• Gitlab clone respects host protocol setting in environment variable. #676
• Fixed performance issues with /repos page. #677

[4.10.3] - 2025-12-12

Fixed

• Fixed review agent so that it works with GHES instances #611
• Updated next package version to fix CVE-2025-55184 and CVE-2025-55183. #673

Added

• Added support for arbitrary user IDs required for OpenShift. #658

Updated

• Improved error messages in file source api. #665

[4.10.2] - 2025-12-04

Fixed

• Fixed issue where the disable telemetry flag was not being respected for web server telemetry. #657

[4.10.1] - 2025-12-03

Added

• Added ALWAYS_INDEX_FILE_PATTERNS environment variable to allow specifying a comma seperated list of glob patterns matching file paths that should always be indexed, regardless of size or # of trigrams. #631
• Added button to explore menu to toggle cross-repository search. #647
• Added server side telemetry for search metrics. #652

Fixed

• Fixed issue where single quotes could not be used in search queries. #629
• Fixed issue where files with special characters would fail to load. #636
• Fixed Ask performance issues. #632
• Fixed regression where creating a new Ask thread when unauthenticated would result in a 404. #641
• Updated react and next package versions to fix CVE 2025-55182. #654

Changed

• Changed the default behaviour for code nav to scope references & definitions search to the current repository. #647

[4.10.0] - 2025-11-24

Added

• Added support for streaming code search results. #623
• Added buttons to toggle case sensitivity and regex patterns. #623
• Added counts to members, requets, and invites tabs in the members settings. #621
• [Sourcebot EE] Add support for Authentik as a identity provider. #627

Changed

• Changed the default search behaviour to match patterns as substrings and not regular expressions. Regular expressions can be used by toggling the regex button in search bar. #623
• Renamed public query prefix to visibility. Allowed values for visibility are public, private, and any. #623
• Changed archived query prefix to accept values yes, no, and only. #623
• Changed lang query prefix to be case sensitive. #623

Removed

• Removed case query prefix. #623
• Removed branch and b query prefixes. Please use rev: instead. #623
• Removed regex query prefix. #623

Fixed

• Fixed spurious infinite loads with explore panel, file tree, and file search command. #617
• Wipe search context on init if entitlement no longer exists #618
• Fixed Bitbucket repository exclusions not supporting glob patterns. #620
• Fixed issue where the repo driven permission syncer was attempting to sync public repositories. #624
• Fixed issue where worker would not shutdown while a permission sync job (repo or user) was in progress. #624

[4.9.2] - 2025-11-13

Changed

• Bumped the default requested search result count from 5k to 10k after optimization pass. #615

Fixed

• Fixed incorrect shutdown of PostHog SDK in the worker. #609
• Fixed race condition in job schedulers. #607
• Fixed connection sync jobs getting stuck in pending or in progress after restarting the worker. #612
• Fixed issue where connections would always sync on startup, regardless if they changed or not. #613
• Fixed performance bottleneck in search api. Result is a order of magnitutde improvement to average search time according to benchmarks. #615

Added

• Added force resync buttons for connections and repositories. #610
• Added environment variable to configure default search result count. #616

[4.9.1] - 2025-11-07

Added

• Added support for running Sourcebot as non-root user. #599

[4.9.0] - 2025-11-04

Added

• [Experimental][Sourcebot EE] Added GitLab permission syncing. #585
• [Sourcebot EE] Added external identity provider config and support for multiple accounts. #595
• Added ability to configure environment variables from the config. #597

Fixed

• [ask sb] Fixed issue where reasoning tokens would appear in text content for openai compatible models. #582
• Fixed issue with GitHub app token tracking and refreshing. #583
• Fixed "The account is already associated with another user" errors with GitLab oauth provider. #584
• Fixed error when viewing a generic git connection in /settings/connections. #588
• Fixed issue with an unbounded Promise.allSettled(...) when retrieving details from the GitHub API about a large number of repositories (or orgs or users). #591
• Fixed resource exhaustion (EAGAIN errors) when syncing generic-git-host connections with thousands of repositories. #593

Removed

• Removed built-in secret manager. #592

Changed

• Changed internal representation of how repo permissions are represented in the database. #600

[4.8.1] - 2025-10-29

Fixed

• Fixed commit and branch hyperlinks not rendering for Gerrit repos. #581
• Fixed visual bug when a repository does not have a image. #581
• Fixed issue where the Ask homepage was not scrollable. #581

[4.8.0] - 2025-10-28

Added

• Implement dynamic tab titles for files and folders in browse tab. #560
• Added support for passing db connection url as seperate DATABASE_HOST, DATABASE_USERNAME, DATABASE_PASSWORD, DATABASE_NAME, and DATABASE_ARGS env vars. #545
• Added support for GitHub Apps for service auth. #570
• Added prometheus metrics for repo index manager. #571
• Added experimental environment variable to disable API key creation for non-admin users. #577
• [Experimental][Sourcebot EE] Added REST API to get users and delete a user. #578

Fixed

• Fixed "dubious ownership" errors when cloning / fetching repos. #553
• Fixed issue with Ask Sourcebot tutorial re-appearing after restarting the browser. #563
• Fixed repoIndexTimeoutMs not being used for index job timeouts. #567

Changed

• Improved search performance for unbounded search queries. #555
• Improved homepage performance by removing client side polling. #563
• Changed navbar indexing indicator to only report progress for first time indexing jobs. #563
• Improved repo indexing job stability and robustness. #563
• Improved repositories table. #572
• Improved connections table. #579

Removed

• Removed spam "login page loaded" log. #552
• Removed connections management page. #563

[4.7.3] - 2025-09-29

Fixed

• Manually pass auth token for ado server deployments. #543

[4.7.2] - 2025-09-22

Fixed

• Fix support email. #529

Added

• [Experimental][Sourcebot EE] Added permission syncing repository Access Control Lists (ACLs) between Sourcebot and GitHub. #508

Changed

• Improved repository query performance by adding db indices. #526
• Improved repository query performance by removing JOIN on Connection table. #527
• Changed repo carousel and repo list links to redirect to the file browser. #528
• Changed file headers, files/directories in file tree, and reference list buttons into links. #532

[4.7.1] - 2025-09-19

Fixed

• Fixed sourcebot not pulling github forked repos #499
• Fixed azure devop cloud pat issue #524

[4.7.0] - 2025-09-17

Added

• Added fallback to default the Node.JS AWS SDK's fromNodeProviderChain when no credentials are provided for a bedrock config. #513
• Added support for Azure Devops support. #514

Fixed

• Fixed "At least one project, user, or group must be specified" for GitLab configs with all in web configurator. #512
• Fixed zoekt indexing failing with pipe in branch/tag names #506
• Removed deprecated connection creation/edit UI #515

[4.6.8] - 2025-09-15

Fixed

• Fixed Bitbucket Cloud pagination not working beyond first page. #295
• Fixed search bar line wrapping. #501
• Fixed carousel perf issues. #507

[4.6.7] - 2025-09-08

Added

• Added exclude.userOwnedProjects setting to GitLab configs. #498

Fixed

• Fixed "couldn't find remote ref HEAD" errors when re-indexing certain repositories. #497

Changed

• Disable page scroll when using arrow keys on search suggestions box. #493

[4.6.6] - 2025-09-04

Added

• Added support for specifying query params for openai compatible language models. #490

Fixed

• Fix issue where zoekt was failing to index repositories due to HEAD pointing to a branch that does not exist. #488

[4.6.5] - 2025-09-02

Fixed

• Remove setting remote.origin.url for remote git repositories. #483
• Fix error when navigating to paths with percentage symbols. #485

Changed

• Updated NextJS to version 15. #477
• Add sessionToken as optional Bedrock configuration parameter. #478

[4.6.4] - 2025-08-11

Added

• Added multi-branch indexing support for Gerrit. #433
• [ask sb] Added reasoningEffort option to OpenAI provider. #446
• [ask db] Added headers option to all providers. #449

Fixed

• Removed prefix from structured log output. #443
• [ask sb] Fixed long generation times for first message in a chat thread. #447

Changed

• Bumped AI SDK and associated packages version. #444

[4.6.3] - 2025-08-04

Fixed

• Fixed issue where users specified in a GitHub config were not getting picked up when a token is also specified. #428

Added

• [ask sb] Added OpenAI Compatible Language Provider. #424

[4.6.2] - 2025-07-31

Changed

• Bumped AI SDK and associated packages version. #417

Fixed

• [ask sb] Fixed "413 content too large" error when starting a new chat with many repos selected. #416

Added

• [ask sb] PostHog telemetry for chat thread creation. #418

[4.6.1] - 2025-07-29

Added

• Add search context to ask sourcebot context selector. #397
• Add ability to include/exclude connection in search context. #399
• Search context refactor to search scope and demo card UI changes. #405
• Add GitHub star toast. #409
• Added a onboarding modal when first visiting the homepage when ask mode is selected. #408
• [ask sb] Added searchReposTool and listAllReposTool. #400

Fixed

• Fixed multiple writes race condition on config file watcher. #398

Changed

• Bumped AI SDK and associated packages version. #404
• Bumped form-data package version. #407
• Bumped next version. #406
• [ask sb] Improved search code tool with filter options. #400
• [ask sb] Removed search scope constraint. #400
• Update README with new features and videos. #410
• [ask sb] Add back search scope requirement and other UI changes. #411

[4.6.0] - 2025-07-25

Added

• Introducing Ask Sourcebot - ask natural langauge about your codebase. Get back comprehensive Markdown responses with inline citations back to the code. Bring your own LLM api key. #392

Fixed

• Fixed onboarding infinite loop when GCP IAP Auth is enabled. #381

[4.5.3] - 2025-07-20

Changed

• Relicense core to FSL-1.1-ALv2. #388

Added

• Added GITLAB_CLIENT_QUERY_TIMEOUT_SECONDS env var to configure the GitLab client's query timeout. #390

[4.5.2] - 2025-07-19

Changed

• Fixed typos in UI, docs, code #369
• Add anonymous access option to core and deprecate the enablePublicAccess config setting. #385

[4.5.1] - 2025-07-14

Changed

• Revamped onboarding experience. #376

Fixed

• Fixed issue with external source code links being broken for paths with spaces. #364
• Makes base retry indexing configuration configurable and move from a default of 5s to 60s. #377
• Fixed issue where files would sometimes never load in the code browser. #365

[4.5.0] - 2025-06-21

Added

• Added code nav and syntax highlighting for TCL. #362
• Added analytics dashboard. #358

Fixed

• Fixed issue where invites appeared to be created successfully, but were not actually being created in the database. #359

Changed

• Audit logging is now enabled by default. #358

[4.4.0] - 2025-06-18

Added

• Added audit logging. #355

Fixed

• Delete account join request when redeeming an invite. #352
• Fix issue where a repository would not be included in a search context if the context was created before the repository. #354

Changed

• Changed search api (and all apis that depend on it) to return raw source code instead of base64 encoded string. (356).

[4.3.0] - 2025-06-11

Added

• Changed repository link in search to file tree + move external link to code host logo. #340
• Added a basic file search dialog when browsing a repository. #341

Fixed

• Text highlighting clarity. #342
• Fixed repo list column header styling. #344
• Clean up successful and failed jobs in Redis queues. #343
• Fixed issue with files occasionally not loading after moving the cursor rapidly over the file browser. #346

[4.2.0] - 2025-06-09

Added

• Added seperate page for signup. #311
• Fix repo images in authed instance case and add manifest json. #332
• Added encryption logic for license keys. #335
• Added hover tooltip for long repo names in filter panel. #338
• Added repo shard validation on startup. #339
• Added support for a file explorer when browsing files. #336

[4.1.1] - 2025-06-03

Added

• Added copy button for filenames. #328
• Added development docker compose file. #328
• Added keyboard shortcuts for find all refs / go to def. #329
• Added GCP IAP JIT provisioning. #330

Fixed

• Fixed issue with the symbol hover popover clipping at the top of the page. #326
• Fixed slow rendering issue with large reference/definition lists. #327

[4.1.0] - 2025-06-02

Added

• Added structured logging support. #323

Fixed

• Fixed issue where new oauth providers weren't being display in the login page. commit
• Fixed client side "mark decorations may not be empty" error when viewing certain files. #325
• Fixed issue where the symbol hover popover would not appear for large source files. #325

[4.0.1] - 2025-05-28

Fixed

• Fixed issue with how entitlements are resolved for cloud. #319

[4.0.0] - 2025-05-28

Sourcebot V4 introduces authentication, performance improvements and code navigation. Checkout the migration guide for information on upgrading your instance to v4.

Changed

• [Breaking Change] Authentication is now required by default. Notes:
  • When setting up your instance, email / password login will be the default authentication provider.
  • The first user that logs into the instance is given the owner role. (docs).
  • Subsequent users can request to join the instance. The owner can approve / deny requests to join the instance via Settings > Members > Pending Requests.
  • If a user is approved to join the instance, they are given the member role.
  • Additional login providers, including email links and SSO, can be configured with additional environment variables. (docs).
• Clicking on a search result now takes you to the /browse view. Files can still be previewed by clicking the "Preview" button or holding Cmd / Ctrl when clicking on a search result. #315

Added

• [Sourcebot EE] Added search-based code navigation, allowing you to jump between symbol definition and references when viewing source files. Read the documentation. #315
• Added collapsible filter panel. #315
• Added Sourcebot API key management for external clients. #311

Fixed

• Improved scroll performance for large numbers of search results. #315

[3.2.1] - 2025-05-15

Added

• Added support for indexing generic git hosts given a remote clone url or local path. #307

[3.2.0] - 2025-05-12

Added

• Added AI code review agent #298. Checkout the docs for more information.

Fixed

• Fixed issue with repos appearing in the carousel when they fail indexing for the first time. #305
• Align gitea clone_url with gitea host url #303

[3.1.4] - 2025-05-10

Fixed

• Added better error handling to git operations

[3.1.3] - 2025-05-07

Fixed

• Fixes bug with repos not being visible in the homepage carousel when re-indexing. #294

Added

• Added special * value for rev: to allow searching across all branches. #281
• Added the Sourcebot Model Context Protocol (MCP) server in packages/mcp to allow LLMs to interface with Sourcebot. Checkout the npm package here. #292

[3.1.2] - 2025-04-30

Added

• Added exclude.readOnly and exclude.hidden options to Gerrit connection config. #280

Fixes

• Fixes regression introduced in v3.1.0 that causes auth errors with GitHub. #288

[3.1.1] - 2025-04-28

Changed

• Changed the filter panel to embed the filter selection state in the query params. #276

[3.1.0] - 2025-04-25

Added

• [Sourcebot EE] Added search contexts, user-defined groupings of repositories that help focus searches on specific areas of a codebase. #273
• Added support for Bitbucket Cloud and Bitbucket Data Center connections. #275

[3.0.4] - 2025-04-12

Fixes

• Fix issue with gerrit gitiles web urls not being correctly formatted

[3.0.3] - 2025-04-10

Fixes

• Prevent database in container from being initialized and started if we're using an external database #267

Added

• Add additional logging for repo and connection syncing, and display proper names instead of ids

[3.0.2] - 2025-04-04

Fixes

• Change connection manager upsert timeout to 5 minutes
• Fix issue with repo display names being poorly formatted, especially for gerrit. (#259)

Added

• Added config setting resyncConnectionIntervalMs to control how often a connection should be re-synced. (#260)

[3.0.1] - 2025-04-01

Fixes

• Fix issue with match highlighting not appearing when first clicking on a search result. (#255)

[3.0.0] - 2025-04-01

Sourcebot v3 is here and brings a number of structural changes to the tool's foundation, including a SQL database, parallelized indexing, authentication support, multitenancy, and more. Checkout the migration guide for information on upgrading your instance to v3.

Changed

• [Breaking Change] Changed the config schema such that connection objects are specified in the connection map, instead of the repos array. See migration guide.
• Updated the tool's color-palette in dark mode.

Added

• Added parallelized repo indexing and connection syncing via Redis & BullMQ. See the architecture overview.
• Added repo indexing progress indicators in the navbar.
• Added authentication support via OAuth or email/password. For instructions on enabling, see this doc.
• Added the following UI for managing your deployment when auth is enabled:
  • connection management: create and manage your JSON configs via a integrated web-editor.
  • secrets: import personal access tokens (PAT) into Sourcebot (AES-256 encrypted). Reference secrets in your connection config by name.
  • team & invite management: invite users to your instance to give them access. Configure team roles & permissions.
• Added multi-tenancy support. See this doc.

Removed

• [Breaking Change] Removed db.json in favour of a Postgres database for transactional workloads. See the architecture overview.
• [Breaking Change] Removed local folder & arbitrary .git repo support. If your deployment depended on these features, please open a issue and let us know.
• [Breaking Chnage] Removed ability to specify a token as a string literal from the schema.
• [Breaking Change] Removed support for DOMAIN_SUB_PATH configuration.

[2.8.4] - 2025-03-14

Fixed

• Fixed bug where Sourcebot Cloud card was shown to self-hosted users

[2.8.3] - 2025-03-13

Fixed

• Made syntax reference guide keyboard shortcut hints clickable. (#229)

[2.8.2] - 2025-02-20

Fixed

• Remove repo_synced telemetry event.

[2.8.1] - 2025-01-28

Added

• Added maxTrigramCount to the config to control the maximum allowable of trigrams per document.

Fixed

• Fixed issue with version upgrade toast not appearing without a hard refresh. (#179)

[2.8.0] - 2025-01-17

Added

• Added a syntax reference guide. The guide can be opened using the hotkey "Cmd + /" ("Ctrl + /" on Windows). (#169)

[2.7.1] - 2025-01-15

Fixed

• Fixed issue where we crash on startup if the install / upgrade PostHog event fails to send. (#159)
• Fixed issue with broken file links. (#161)

[2.7.0] - 2025-01-10

Added

• Added support for creating share links to snippets of code. (#149)
• Added support for indexing raw remote git repository. (#152)

[2.6.3] - 2024-12-18

Added

• Added config option settings.reindexInterval and settings.resyncInterval to control how often the index should be re-indexed and re-synced. (#134)
• Added exclude.size to the GitHub config to allow excluding repositories by size. (#137)

Fixed

• Fixed issue where config synchronization was failing entirely when a single api call fails. (#142)
• Fixed 'directory not found' error in certain scenarios when deleting a repository. (#136)

[2.6.2] - 2024-12-13

Added

• Added config support for filtering GitLab & GitHub repositories by topic. (#121)
• Added additional language syntax support. (#125)
• Added additional language icon support. (#129)

Changed

• Made language suggestions case insensitive. (#124)
• Stale repositories are now automatically deleted from the index. This can be configured via settings.autoDeleteStaleRepos in the config. (#128)

[2.6.1] - 2024-12-09

Added

• Added config option settings.maxFileSize to control the maximum file size zoekt will index. (#118)

Fixed

• Fixed syntax highlighting for zoekt query language. (#115)
• Fixed issue with Gerrit repo fetching not paginating. (#114)
• Fixed visual issues with filter panel. (#105)

[2.6.0] - 2024-12-02

Added

• Gerrit support. (#104)

[2.5.4] - 2024-11-29

Added

• Added search history to the search bar. (#99)

[2.5.3] - 2024-11-28

Added

• Added symbol suggestions as suggestion type. (#98)

[2.5.2] - 2024-11-27

Fixed

• Fixed issue where incorrect repository icons were shown occasionally in the filter panel. (#95)
• Fixed homepage links not resolving correctly when DOMAIN_SUB_PATH is set. (#96)

[2.5.1] - 2024-11-26

Added

• Added file suggestions as a suggestion type. (#88)
• Added icon and link support for self-hosted repositories. (#93)

Changed

• Changed how PostHog telemetry key is passed into the docker image. (#92)

[2.5.0] - 2024-11-22

Added

• Added search suggestions to the search bar. (#85)

[2.4.4] - 2024-11-20

Added

• Added DOMAIN_SUB_PATH environment variable to allow overriding the default domain subpath. (#74)
• Added option all to the GitLab index schema, allowing for indexing all projects in a self-hosted GitLab instance. (#84)

[2.4.3] - 2024-11-18

Changed

• Bumped NodeJS version to v20. (#78)

[2.4.2] - 2024-11-14

Added

• Added support for syntax highlighting in the search bar. (#66)

Changed

• Changed the exclude.repo property to support glob patterns. (#70)

Fixed

• Fixed issue with indexing failing for empty repositories. (#73)
• Fixed typos in schema. (#71)

[2.4.1] - 2024-11-11

Added

• Added additional telemetry events. (#63)

[2.4.0] - 2024-11-06

Added

• Added support for indexing and searching repositories across multiple revisions (tag or branch). (#58)

[2.3.0] - 2024-11-01

Added

• Local directory indexing support. (#56)

[2.2.0] - 2024-10-30

Added

• Added filtering panel for filtering results by repository and by language. (#48)

Fixed

• Fixed issue with GitLab sub-projects not being included recursively. (#54)
• Fixed slow rendering performance when rendering a large number of results. (#52)
• Fixed issue with either star_count or fork_count not being included in the GitLab api response. (#55)

[2.1.1] - 2024-10-25

Fixed

• Fixed issue with GitLab projects that are not owned but still visible by the provided token not being synchronized. (#51)

[2.1.0] - 2024-10-22

Added

• Gitea support (#45)

[2.0.2] - 2024-10-18

Added

• Added a toast notification when a new Sourcebot version is available (#44)

[2.0.1] - 2024-10-17

Added

• Added support for specifying urls for the --configPath option in the backend.

[2.0.0] - 2024-10-17

Added

• [Breaking Change] Added index schema v2. This new schema brings many quality of life features like clearer syntax, ability to specify individual repos, projects, groups, and orgs, and the ability to easily exclude repositories.
• Added a SOURCEBOT_VERSION build argument to the Docker image. (#41)
• Added the sourcebot_version property to all PostHog events for versioned telemetry. (#41

[1.0.3] - 2024-10-15

Fixed

• Fixed issue with unicode characters not being displayed correctly (#38)

[1.0.2] - 2024-10-09

Fixed

• Fixed issue with filtering by gitlab groups (#36)

[1.0.1] - 2024-10-03

Added

• Added GITLAB_HOSTNAME and GITHUB_HOSTNAME environment variables to allow overriding the default hostnames for GitLab and GitHub.

[1.0.0] - 2024-10-01

Added

• Initial release