Merge branch 'sourcebot-dev:main' into main

Author: aanogueira

.github/workflows/changelog-reminder.yml

@@ -0,0 +1,17 @@
+name: Changelog Reminder
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  remind:
+    name: Changelog Reminder
+    runs-on: ubuntu-latest
+    if: ${{ !github.event.pull_request.draft }}
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: mskelton/changelog-reminder-action@v3

CHANGELOG.md

@@ -7,8 +7,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Changed
+- Fixed typos in UI, docs, code [#369](https://github.com/sourcebot-dev/sourcebot/pull/369)
+
+## [4.5.1] - 2025-07-14
+
+### Changed
+- Revamped onboarding experience. [#376](https://github.com/sourcebot-dev/sourcebot/pull/376)
+
 ### Fixed
 - Fixed issue with external source code links being broken for paths with spaces. [#364](https://github.com/sourcebot-dev/sourcebot/pull/364)
+- Makes base retry indexing configuration configurable and move from a default of `5s` to `60s`. [#377](https://github.com/sourcebot-dev/sourcebot/pull/377)
+- Fixed issue where files would sometimes never load in the code browser. [#365](https://github.com/sourcebot-dev/sourcebot/pull/365)
 
 ## [4.5.0] - 2025-06-21
 
@@ -229,7 +239,7 @@ Sourcebot v3 is here and brings a number of structural changes to the tool's fou
 
 ### Added
 
-- Added `maxTrigramCount` to the config to control the maximum allowable of trigrams per document. 
+- Added `maxTrigramCount` to the config to control the maximum allowable of trigrams per document.
 
 ### Fixed
 
@@ -287,7 +297,7 @@ Sourcebot v3 is here and brings a number of structural changes to the tool's fou
 - Added config option `settings.maxFileSize` to control the maximum file size zoekt will index. ([#118](https://github.com/sourcebot-dev/sourcebot/pull/118))
 
 ### Fixed
- 
+
 - Fixed syntax highlighting for zoekt query language. ([#115](https://github.com/sourcebot-dev/sourcebot/pull/115))
 - Fixed issue with Gerrit repo fetching not paginating. ([#114](https://github.com/sourcebot-dev/sourcebot/pull/114))
 - Fixed visual issues with filter panel. ([#105](https://github.com/sourcebot-dev/sourcebot/pull/105))
@@ -339,13 +349,13 @@ Sourcebot v3 is here and brings a number of structural changes to the tool's fou
 ### Added
 
 - Added `DOMAIN_SUB_PATH` environment variable to allow overriding the default domain subpath. ([#74](https://github.com/sourcebot-dev/sourcebot/pull/74))
-- Added option `all` to the GitLab index schema, allowing for indexing all projects in a self-hosted GitLab instance. ([#84](https://github.com/sourcebot-dev/sourcebot/pull/84)) 
+- Added option `all` to the GitLab index schema, allowing for indexing all projects in a self-hosted GitLab instance. ([#84](https://github.com/sourcebot-dev/sourcebot/pull/84))
 
 ## [2.4.3] - 2024-11-18
 
 ### Changed
 
-- Bumped NodeJS version to v20. ([#78](https://github.com/sourcebot-dev/sourcebot/pull/78)) 
+- Bumped NodeJS version to v20. ([#78](https://github.com/sourcebot-dev/sourcebot/pull/78))
 
 ## [2.4.2] - 2024-11-14
 

CONTRIBUTING.md

@@ -38,7 +38,7 @@
 
 6. Create a copy of `.env.development` and name it `.env.development.local`. Update the required environment variables.
 
-7. If you're using a declerative configuration file, create a configuration file and update the `CONFIG_PATH` environment variable in your `.env.development.local` file.
+7. If you're using a declarative configuration file, create a configuration file and update the `CONFIG_PATH` environment variable in your `.env.development.local` file.
 
 8. Start Sourcebot with the command:
     ```sh

Makefile

@@ -10,7 +10,7 @@ yarn:
 zoekt:
 	mkdir -p bin
 	go build -C vendor/zoekt -o $(PWD)/bin ./cmd/...
-	export PATH=$(PWD)/bin:$(PATH)
+	export PATH="$(PWD)/bin:$(PATH)"
 	export CTAGS_COMMANDS=ctags
 
 clean:

_typos.toml

@@ -0,0 +1,6 @@
+[default.extend-words]
+# Don't correct the surname "Do Not Exists"
+dne = "dne"
+
+[files]
+extend-exclude = ["vendor/**/*", "CHANGELOG.md", "packages/web/src/lib/languageMetadata.ts"]

docs/docs.json

@@ -52,7 +52,7 @@
                         "group": "Configuration",
                         "pages": [
                             {
-                                "group": "Connecting your code",
+                                "group": "Indexing your code",
                                 "pages": [
                                     "docs/connections/overview",
                                     "docs/connections/github",
@@ -72,7 +72,10 @@
                                 "group": "Authentication",
                                 "pages": [
                                     "docs/configuration/auth/overview",
-                                    "docs/configuration/auth/roles-and-permissions"
+                                    "docs/configuration/auth/providers",
+                                    "docs/configuration/auth/inviting-members",
+                                    "docs/configuration/auth/roles-and-permissions",
+                                    "docs/configuration/auth/faq"
                                 ]
                             },
                             "docs/configuration/transactional-emails",

docs/docs/configuration/audit-logs.mdx

@@ -125,7 +125,6 @@ curl --request GET '$SOURCEBOT_URL/api/ee/audit' \
 | `user.join_requested`                 | `user` | `org` |
 | `user.join_request_approve_failed`    | `user` | `account_join_request` |
 | `user.join_request_approved`          | `user` | `account_join_request` |
-| `user.join_request_removed`           | `user` | `account_join_request` |
 | `user.invite_failed`                  | `user` | `org` |
 | `user.invites_created`                | `user` | `org` |
 | `user.invite_accept_failed`           | `user` | `invite` |

docs/docs/configuration/auth/faq.mdx

@@ -0,0 +1,46 @@
+---
+title: FAQ
+---
+
+This page covers a range of frequently asked questions about Sourcebot's built-in authentication system.
+
+<AccordionGroup>
+<Accordion title="Can I disable the authentication system?">
+    No, at this time it's not possible to disable the authentication system. If this is preventing you from deploying Sourcebot
+    within your organization please [reach out](https://www.sourcebot.dev/contact)
+</Accordion>
+
+<Accordion title="I don't want to restrict access to my Sourcebot deployment, what should I do?">
+    Every user must register an account within your Sourcebot deployment. However, this dosn't mean their access
+    is restricted.
+
+    Unless member approval is required, anyone can sign up for an account on your deployment and immediately be granted access.
+</Accordion>
+
+<Accordion title="Does any data related to authentication (emails, passwords, etc) leave my deployment?">
+    **No data related to authentication (or your code) leaves your deployment**. Authentication is handled
+    purely by your deployment and the authentication providers you configure. 
+
+    This data does not leave your device and is stored within in the database managed by your deployment. If you're
+    using credential login, passwords are encrypted at rest and in transit.
+</Accordion>
+
+<Accordion title="I'm deploying Sourcebot behind an identity proxy, do I still need to create an account in Sourcebot?">
+    <Note>Please note that IAP bridges are an enterprise feature</Note>
+    Sourcebot supports connecting your identity proxy directly into the built-in auth system using an IAP bridge. This allows Sourcebot to
+    register and authenticate automatically on a successful identity proxy log in.
+
+    Sourcebot currently supports [GCP IAP](/docs/configuration/auth/providers#gcp-iap). If you're using a different IAP
+    and require support, please [reach out](https://www.sourcebot.dev/contact)
+</Accordion>
+
+<Accordion title="How does Sourcebot implement authentication?">
+    Sourcebot uses [Auth.js](https://authjs.dev/) as its underlying authentication framework. Auth.js provides authentication providers
+    (credientials, Google, GitHub, etc) and an interface to enable user registration and log in. Internally, Auth.js uses JWT to provide
+    Sourcebot secure and reliable information about user authentication.
+</Accordion>
+</AccordionGroup>
+
+
+Have a question that's not answered here? Submit it on our [GitHub discussions](https://github.com/sourcebot-dev/sourcebot/discussions)
+page and we'll get back to you as soon as we can!

docs/docs/configuration/auth/inviting-members.mdx

@@ -0,0 +1,30 @@
+---
+title: Inviting Members
+sidebarTitle: Inviting members
+---
+
+There are various ways to configure how members can join a Sourcebot deployment. 
+
+## Member Approval 
+
+**By default, Sourcebot requires new members to be approved by the owner of the deployment**. This section explains how approvals work and how
+to configure this behavior.
+
+### Configuration
+Member approval can be configured by the owner of the deployment by navigating to **Settings -> Members**:
+
+![Member Approval Toggle](/images/member_approval_toggle.png)
+
+### Managing Requests
+
+If member approval is enabled, new members will be asked to submit a join request after signing up. They will not have access to the Sourcebot deployment
+until this request is approved by the owner.
+
+The owner can see and manage all pending join requests by navigating to **Settings -> Members**.
+
+## Invite link
+
+If member approval is required, an owner of the deployment can enable an invite link. When enabled, users
+can use this invite link to register and be automatically added to the organization without approval:
+
+![Invite Link Toggle](/images/invite_link_toggle.png)

docs/docs/configuration/auth/overview.mdx

@@ -4,124 +4,23 @@ title: Overview
 
 <Warning>If you're deploying Sourcebot behind a domain, you must set the [AUTH_URL](/docs/configuration/environment-variables) environment variable.</Warning>
 
-Sourcebot has built-in authentication that gates access to your organization. OAuth, email codes, and email / password are supported. 
+Sourcebot's built-in authentication system gates your deployment, and allows administrators to manage users and their permissions. 
+
+<CardGroup cols={2}>
+    <Card horizontal title="Authentication providers" icon="lock" href="/docs/configuration/auth/providers">
+        Configure additional authentication providers for your deployment.
+    </Card>
+    <Card horizontal title="Inviting members" icon="user" href="/docs/configuration/auth/inviting-members">
+        Learn how to configure how members join your deployment.
+    </Card>
+    <Card horizontal title="Roles and permissions" icon="shield" href="/docs/configuration/auth/roles-and-permissions">
+        Learn more about the different roles and permissions in Sourcebot.
+    </Card>
+    <Card horizontal title="FAQ" icon="question" href="/docs/configuration/auth/faq">
+        Have a question about Sourcebot's auth system? We might have the answers here.
+    </Card>
+</CardGroup>
 
-The first account that's registered on a Sourcebot deployment is made the owner. All other users who register must be [approved](/docs/configuration/auth/overview#approving-new-members) by the owner.
-
-![Login Page](/images/login.png)
-
-
-# Approving New Members
-
-All account registrations after the first account must be approved by the owner. The owner can see all join requests by going into **Settings -> Members**.
-
-If you have an [enterprise license](/docs/license-key), you can enable [AUTH_EE_ENABLE_JIT_PROVISIONING](/docs/configuration/auth/overview#enterprise-authentication-providers) to 
-have Sourcebot accounts automatically created and approved on registration.
-
-You can setup emails to be sent when new join requests are created/approved by configurating [transactional emails](/docs/configuration/transactional-emails)
-# Authentication Providers
-
-To enable an authentication provider in Sourcebot, configure the required environment variables for the provider. Under the hood, Sourcebot uses Auth.js which supports [many providers](https://authjs.dev/getting-started/authentication/oauth). Submit a [feature request on GitHub](https://github.com/sourcebot-dev/sourcebot/discussions/categories/ideas) if you want us to add support for a specific provider.
-
-## Core Authentication Providers
-
-### Email / Password
----
-Email / password authentication is enabled by default. It can be **disabled** by setting `AUTH_CREDENTIALS_LOGIN_ENABLED` to `false`.
-
-### Email codes
----
-Email codes are 6 digit codes sent to a provided email. Email codes are enabled when transactional emails are configured using the following environment variables:
-
-- `AUTH_EMAIL_CODE_LOGIN_ENABLED`
-- `SMTP_CONNECTION_URL`
-- `EMAIL_FROM_ADDRESS`
-
-
-See [transactional emails](/docs/configuration/transactional-emails) for more details.
-
-## Enterprise Authentication Providers
-
-The following authentication providers require an [enterprise license](/docs/license-key) to be enabled.
-
-By default, a new user registering using these providers must have their join request accepted by the owner of the organization to join. To allow a user to join automatically when
-they register for the first time, set the `AUTH_EE_ENABLE_JIT_PROVISIONING` environment variable to `true`. 
-
-### GitHub
----
-
-[Auth.js GitHub Provider Docs](https://authjs.dev/getting-started/providers/github)
-
-**Required environment variables:**
-- `AUTH_EE_GITHUB_CLIENT_ID`
-- `AUTH_EE_GITHUB_CLIENT_SECRET`
-
-Optional environment variables:
-- `AUTH_EE_GITHUB_BASE_URL` - Base URL for GitHub Enterprise (defaults to https://github.com)
-
-### GitLab
----
-
-[Auth.js GitLab Provider Docs](https://authjs.dev/getting-started/providers/gitlab)
-
-**Required environment variables:**
-- `AUTH_EE_GITLAB_CLIENT_ID`
-- `AUTH_EE_GITLAB_CLIENT_SECRET`
-
-Optional environment variables:
-- `AUTH_EE_GITLAB_BASE_URL` - Base URL for GitLab instance (defaults to https://gitlab.com)
-
-### Google
----
-
-[Auth.js Google Provider Docs](https://authjs.dev/getting-started/providers/google)
-
-**Required environment variables:**
-- `AUTH_EE_GOOGLE_CLIENT_ID`
-- `AUTH_EE_GOOGLE_CLIENT_SECRET`
-
-### GCP IAP
----
-
-<Note>If you're running Sourcebot in an environment that blocks egress, make sure you allow the [IAP IP ranges](https://www.gstatic.com/ipranges/goog.json)</Note>
-
-Custom provider built to enable automatic Sourcebot account registration/login when using GCP IAP.
-
-**Required environment variables**
-- `AUTH_EE_GCP_IAP_ENABLED`
-- `AUTH_EE_GCP_IAP_AUDIENCE`
-    - This can be found by selecting the ⋮ icon next to the IAP-enabled backend service and pressing `Get JWT audience code`
-
-### Okta
----
-
-[Auth.js Okta Provider Docs](https://authjs.dev/getting-started/providers/okta)
-
-**Required environment variables:**
-- `AUTH_EE_OKTA_CLIENT_ID`
-- `AUTH_EE_OKTA_CLIENT_SECRET`
-- `AUTH_EE_OKTA_ISSUER`
-
-### Keycloak
----
-
-[Auth.js Keycloak Provider Docs](https://authjs.dev/getting-started/providers/keycloak)
-
-**Required environment variables:**
-- `AUTH_EE_KEYCLOAK_CLIENT_ID`
-- `AUTH_EE_KEYCLOAK_CLIENT_SECRET`
-- `AUTH_EE_KEYCLOAK_ISSUER`
-
-### Microsoft Entra ID
-
-[Auth.js Microsoft Entra ID Provider Docs](https://authjs.dev/getting-started/providers/microsoft-entra-id)
-
-**Required environment variables:**
-- `AUTH_EE_MICROSOFT_ENTRA_ID_CLIENT_ID`
-- `AUTH_EE_MICROSOFT_ENTRA_ID_CLIENT_SECRET`
-- `AUTH_EE_MICROSOFT_ENTRA_ID_ISSUER`
-
----
 
 # Troubleshooting