« Changelog History


sourcegraph v2.8.0 Release Notes

  • 🔄 Changed

    • ⚡️ gitMaxConcurrentClones now also limits the concurrency of updates to repos in addition to the initial clone.
    • In the GraphQL API, site.users has been renamed to users, site.orgs has been renamed to organizations, and site.repositories has been renamed to repositories.
    • 📚 An authentication provider must be set in site configuration (see authentication provider documentation). Previously the server defaulted to builtin auth if none was set.
    • 🐳 If a process dies inside the Sourcegraph container the whole container will shut down. We suggest operators configure a Docker Restart Policy or a Kubernetes Restart Policy. Previously the container would operate in a degraded mode if a process died.
    • 🔄 Changes to the auth.public site config are applied immediately in sourcegraph/server (no restart needed).
    • 0️⃣ The new search timeout behavior is now enabled by default. Set "experimentalFeatures": {"searchTimeoutParameter": "disabled"} in site config to disable it.
    • Search includes files up to 1MB (previous limit was 512KB for unindexed search and 128KB for indexed search).
    • 👉 Usernames and email addresses reported by OpenID Connect and SAML auth providers are now trusted, and users will sign into existing Sourcegraph accounts that match on the auth provider's reported username or email.
    • The repository sidebar file tree is much, much faster on massive repositories (200,000+ files)
    • The SAML authentication provider was significantly improved. Users who were signed in using SAML previously will need to reauthenticate via SAML next time they visit Sourcegraph.
    • The SAML serviceProviderCertificate and serviceProviderPrivateKey site config properties are now optional.

    🛠 Fixed

    • 🛠 Fixed an issue where Index Search status page failed to render.
    • 📈 User data on the site admin Analytics page is now paginated, filterable by a user's recent activity, and searchable.
    • The link to the root of a repository in the repository header now preserves the revision you're currently viewing.
    • When using the http-header auth provider, signin/signup/signout links are now hidden.
    • Repository paths beginning with go/ are no longer reservered by Sourcegraph.
    • Interpret X-Forwarded-Proto HTTP header when httpToHttpsRedirect is set to load-balanced.
    • Deleting a user account no longer prevents the creation of a new user account with the same username and/or association with authentication provider account (SAML/OpenID/etc.)
    • It is now possible for a user to verify an email address that was previously associated with now-deleted user account.
    • 🚀 Diff searches over empty repositories no longer fail (this was not an issue for Sourcegraph cluster deployments).
    • Stray tmp_pack_* files from interrupted fetches should now go away.
    • When multiple repo: tokens match the same repo, process @revspec requirements from all of them, not just the first one in the search.

    ✂ Removed

    • 🚚 The ssoUserHeader site config property (deprecated since January 2018) has been removed. The functionality was moved to the http-header authentication provider.
    • 🚚 The experiment flag showMissingReposEnabled, which defaulted to enabled, has been removed so it is no longer possible to disable this feature.
    • 🔧 Event-level telemetry has been completely removed from self-hosted Sourcegraph instances. As a result, the disableTelemetry site configuration option has been deprecated. The new site-admin Pings page clarifies the only high-level telemetry being sent to Sourcegraph.com.
    • 🚚 The deprecated adminUsernames site config property (deprecated since January 2018) has been removed because it is no longer necessary. Site admins can designate other users as site admins in the site admin area, and the first user to sign into a new instance always becomes a site admin (even when using an external authentication provider).

    ➕ Added

    • The new repository contributors page (linked from the repository homepage) displays the top Git commit authors in a repository, with filtering options.
    • 📇 Custom language servers in the site config may now specify a metadata property containing things like homepage/docs/issues URLs for the language server project, as well as whether or not the language server should be considered experimental (not ready for prime-time). This metadata will be displayed in the UI to better communicate the status of a language server project.
    • Access tokens now have scopes (which define the set of operations they permit). All access tokens still provide full control of all resources associated with the user account (the user:all scope, which is now explicitly displayed).
    • The new access token scope site-admin:sudo allows the holder to perform any action as any other user. Only site admins may create this token.
    • 🔗 Links to Sourcegraph's changelog have been added to the site admin Updates page and update alert.
    • 🔧 If the site configuration is invalid or uses deprecated properties, a global alert will be shown to all site admins.
    • There is now a code intelligence status indicator when viewing files. It contains information about the capabailities of the language server that is providing code intelligence for the file.
    • 👍 Java code intelligence can now be enabled for repositories that aren't automatically supported using a javaconfig.json file. For Gradle plugins, this file can be generated using the Javaconfig Gradle plugin.
    • 🗄 The new auth.providers site config is an array of authentication provider objects. Currently only 1 auth provider is supported. The singular auth.provider is deprecated.
    • 👉 Users authenticated with OpenID Connect are now able to sign out of Sourcegraph (if the provider supports token revocation or the end-session endpoint).
    • 👉 Users can now specify the number of days, weeks, and months of site activity to query through the GraphQL API.
    • ➕ Added 14 new experimental language servers on the code intelligence admin page.
    • ➕ Added httpStrictTransportSecurity site configuration option to customize the Strict-Transport-Security HTTP header. It defaults to max-age=31536000 (one year).
    • ➕ Added nameIDFormat in the saml auth provider to set the SAML NameID format. The default changed from transient to persistent.
    • (This feature has been removed.) Experimental env var expansion in site config JSON: set SOURCEGRAPH_EXPAND_CONFIG_VARS=1 to replace ${var} or $var (based on environment variables) in any string value in site config JSON (except for JSON object property names).
    • The new (optional) SAML serviceProviderIssuer site config property (in an auth.providers array entry with {"type":"saml", ...}) allows customizing the SAML Service Provider issuer name.
    • The site admin area now has an "Auth" section that shows the enabled authentication provider(s) and users' external accounts.