Roadmap

This roadmap is designed for communication and planning purposes and is subject to change.

FY23

See the prod/eng strategy page for more context on the themes for this year: 5 use cases and improving the admin experience.

Quarter	5 use cases	Admin experience
Q1	Focus: learn how to do use case driven development 🚀 Code insights GA 🚀 Search notebooks GA Dependency search for Go and NPM Batch changes on Bitbucket Cloud Feb - 3.37: Code insights GA, code intel performance Mar - 3.38: Search notebooks, NPM dependency search Apr - 3.39: Coming soon on April 22nd	🚀 Helm Charts SOC2 Type1 Improved performance for monorepos up to 15 GB Sub-repo permissions for Perforce
Q2	Focus: Finding and fixing vulnerabilities Code insights commit trends, change heatmaps, new charting options 99% accurate symbol rename using batch changes Batch changes library Dependency search for PyPi and JVM	Bitbucket Cloud permissions CVS permissions Gerrit permissions
Q3	Focus: TBD Code insights integrates 3rd party data Code insights monitoring/alerting/recurring reports	SOC2 Type 2
Q4	Focus: TBD Code insights and batch changes integration Server-side batch changes GA Auto-indexing for precise code intelligence GA	WCAG 2.1 AA Accessibility

Use case roadmap

Use case	Q1	Q2	Q3	Q4
Finding and fixing vulnerabilities Sourcegraph is the security remediation tool that CISOs and security teams use to assess, implement, and verify security patches across their code. (Many other tools focus on alerting, but Sourcegraph is used to close the loop.)	Search notebooks GA allows you to provide a step by step search guide to your teams on how to find the vulnerable code that they own. Code insights GA makes it so you can verify that a vulnerability has been remediated at the source of truth - the code Dependency search means you can understand if libraries you are dependent on are vulnerable to a CVE	Understanding which areas of the code may be stale and haven’t changed in a long time can surface potential audit/review efforts that catch vulnerabilities before they go live.
Dev onboarding Sourcegraph anchors technical onboarding inside the engineering organization and enables engineers to dive into unfamiliar code and get to “first bug fix or feature” quickly.	Search Notebooks help create focused onboarding docs that stay up to date.	Seeing change heatmaps can help someone understand which areas of the codebase they should focus on learning, and commit patterns (from a high level POV, not focused on individual performance) can help indicate how successful onboarding efforts are.
Incident response Sourcegraph is the primary “step 2” incident response tool that devs turn to immediately after the first-line response tool (e.g., PagerDuty, Grafana) to locate the source of the issue and understand what needs to be patched to resolve it.	Search notebooks allow on call devs to quickly track their debugging and document complex issues for others to understand. Dependency search helps to make sure the full breadth of	Commit behavior helps you understand how fast/slow your response was, as well as how long after an incident you had to continue responding.
Code reuse Sourcegraph is the way that devs discover libraries and learn how to reuse them. It’s also how library maintainers monitor and understand usage.	Code insights allows you to track adoption and deprecation of libraries.	Seeing the frequency of various topics or APIs in commit messages, or frequent updating of key library files, can indicate high or low code reuse, so a customer can actually measure their efforts to increase code reuse more.
Code health Sourcegraph provides a dashboard source of truth for overall code structure and health. It makes visible the impact of changes on health and provides interventions for improving code health.	Code insights is the lens into your code, helping you track code smells and health	Change heatmaps let customers understand which areas of the code change often, which can indicate brittle code or healthy code, depending on the use of a file