sourcebot-dev
diff --git a/‎.github/workflows/claude-bug-fixer.yml‎
Lines changed: 50 additions & 0 deletions b/‎.github/workflows/claude-bug-fixer.yml‎
Lines changed: 50 additions & 0 deletions
diff --git a/‎.github/workflows/claude-code-review.yml‎
Lines changed: 1 addition & 0 deletions b/‎.github/workflows/claude-code-review.yml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/workflows/deploy-railway.yml‎
Lines changed: 23 additions & 0 deletions b/‎.github/workflows/deploy-railway.yml‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎.github/workflows/release-prod.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/release-prod.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/tag-linear-issues.yml‎
Lines changed: 47 additions & 0 deletions b/‎.github/workflows/tag-linear-issues.yml‎
Lines changed: 47 additions & 0 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 29 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 29 additions & 0 deletions
diff --git a/‎CLAUDE.md‎
Lines changed: 13 additions & 0 deletions b/‎CLAUDE.md‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎docs/docs.json‎
Lines changed: 2 additions & 1 deletion b/‎docs/docs.json‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎docs/docs/configuration/idp.mdx‎
Lines changed: 53 additions & 0 deletions b/‎docs/docs/configuration/idp.mdx‎
Lines changed: 53 additions & 0 deletions
diff --git a/‎docs/docs/connections/bitbucket-cloud.mdx‎
Lines changed: 93 additions & 13 deletions b/‎docs/docs/connections/bitbucket-cloud.mdx‎
Lines changed: 93 additions & 13 deletions
@@ -0,0 +1,50 @@
+name: Claude Bug Fixer
+
+on:
+  issues:
+    types: [labeled]
+
+jobs:
+  claude-fix-bug:
+    if: github.event.label.name == 'bug'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      issues: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run Claude Bug Fixer
+        id: claude-bug-fixer
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          allowed_tools: 'Bash,Read,Write,Edit,Glob,Grep'
+          prompt: |
+            A bug has been reported in issue #${{ github.event.issue.number }}.
+
+            Issue title: ${{ github.event.issue.title }}
+            Issue body:
+            ${{ github.event.issue.body }}
+
+            Please do the following:
+            1. Analyze the issue carefully to understand the bug being reported.
+            2. Explore the codebase to find the relevant code that is likely causing the bug.
+            3. Implement a fix for the bug.
+            4. Create a new branch named `fix/issue-${{ github.event.issue.number }}` from main.
+            5. Commit your changes to that branch with a descriptive commit message.
+            6. Open a **draft** pull request targeting the main branch with:
+               - A clear title summarizing the fix
+               - A description explaining what the bug was and how you fixed it
+               - `Fixes #${{ github.event.issue.number }}` in the PR body
+
+            Important guidelines:
+            - Only change code that is directly related to fixing the reported bug. Do not refactor or make unrelated improvements.
+            - If you cannot determine the root cause or the fix is too risky/complex, leave a comment on the issue explaining what you found and why an automated fix isn't appropriate.
+            - Make sure the fix is complete and the code compiles/passes linting before opening the PR.
@@ -39,6 +39,7 @@ jobs:
           plugin_marketplaces: 'https://github.com/anthropics/claude-code.git'
           plugins: 'code-review@claude-code-plugins'
           prompt: '/code-review:code-review ${{ github.repository }}/pull/${{ github.event.pull_request.number }}'
+          allowed_bots: '*'
           # See https://github.com/anthropics/claude-code-action/blob/main/docs/usage.md
           # or https://code.claude.com/docs/en/cli-reference for available options
 
@@ -0,0 +1,23 @@
+name: Deploy to Railway
+
+on:
+  workflow_run:
+    workflows: ["Release Sourcebot (Development)"]
+    types: [completed]
+
+concurrency:
+  group: deploy-railway
+  cancel-in-progress: false
+
+jobs:
+  deploy:
+    name: Deploy to Railway
+    runs-on: ubuntu-latest
+    container: ghcr.io/railwayapp/cli:latest
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    env:
+      RAILWAY_TOKEN: ${{ secrets.RAILWAY_TOKEN }}
+
+    steps:
+      - name: Deploy image to Railway
+        run: railway redeploy --service=sourcebot --yes
@@ -134,7 +134,7 @@ jobs:
       - name: Commit changes
         run: |
           git add CHANGELOG.md packages/shared/src/version.ts
-          git commit -m "Release v$VERSION"
+          git commit -m "[skip ci] Release v$VERSION"
 
       - name: Push to temporary branch
         id: push_temp_branch
 
@@ -0,0 +1,47 @@
+name: Tag Linear Issues with Release
+
+on:
+    workflow_run:
+        workflows: ["Release Sourcebot (Production)"]
+        types:
+            - completed
+
+permissions:
+    contents: read
+
+jobs:
+    tag-linear-issues:
+        if: ${{ github.event.workflow_run.conclusion == 'success' }}
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+              with:
+                  ref: main
+                  fetch-depth: 0
+
+            - name: Setup Node.js
+              uses: actions/setup-node@v4
+              with:
+                  node-version: "24"
+
+            - name: Extract version from release
+              id: extract_version
+              run: |
+                  # Get the latest version from CHANGELOG.md (first non-Unreleased version)
+                  VERSION=$(grep -oP '## \[\K[0-9]+\.[0-9]+\.[0-9]+' CHANGELOG.md | head -n 1)
+                  
+                  if [ -z "$VERSION" ]; then
+                      echo "Error: Could not extract version from CHANGELOG.md"
+                      exit 1
+                  fi
+                  
+                  echo "Detected version: $VERSION"
+                  echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+            - name: Tag Linear issues
+              env:
+                  LINEAR_API_KEY: ${{ secrets.LINEAR_API_KEY }}
+                  LINEAR_TEAM_ID: ${{ secrets.LINEAR_TEAM_ID }}
+              run: |
+                  node scripts/tagLinearIssuesWithRelease.mjs "${{ steps.extract_version.outputs.version }}"
@@ -7,6 +7,35 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+- Added PostHog events for chat UI interactions (details card expand/collapse, copy answer, table of contents toggle) and repo tracking in `wa_chat_message_sent`. [#922](https://github.com/sourcebot-dev/sourcebot/pull/922)
+- Added Bitbucket Cloud OAuth identity provider support (`provider: "bitbucket-cloud"`) for SSO and account-linked permission syncing. [#924](https://github.com/sourcebot-dev/sourcebot/pull/924)
+- Added permission syncing support for Bitbucket Cloud. [#925](https://github.com/sourcebot-dev/sourcebot/pull/925)
+
+### Changed
+- Hide version upgrade toast for askgithub deployment (`EXPERIMENT_ASK_GH_ENABLED`). [#931](https://github.com/sourcebot-dev/sourcebot/pull/931)
+
+### Fixed
+- Fixed text inside angle brackets (e.g., `<id>`) being hidden in chat prompt display due to HTML parsing. [#929](https://github.com/sourcebot-dev/sourcebot/pull/929) [#932](https://github.com/sourcebot-dev/sourcebot/pull/932)
+
+## [4.11.7] - 2026-02-23
+
+### Changed
+- Skip redundant dev build when production release commits are pushed to main. [#919](https://github.com/sourcebot-dev/sourcebot/pull/919)
+- Bumped zoekt version. [#921](https://github.com/sourcebot-dev/sourcebot/pull/921)
+
+## [4.11.6] - 2026-02-21
+
+### Added
+- Added GitHub workflow to automatically tag Linear issues with the release version when a new release is published. [#917](https://github.com/sourcebot-dev/sourcebot/pull/917)
+- Added optional `gitUser` field to the Bitbucket connection config to support Bitbucket Cloud API tokens, which require an email address for the REST API but an Atlassian username for git clone. [#918](https://github.com/sourcebot-dev/sourcebot/pull/918)
+
+## [4.11.5] - 2026-02-21
+
+### Fixed
+- Skip calling `getCommitHashForRefName` for empty repositories to avoid noisy debug log output. [#914](https://github.com/sourcebot-dev/sourcebot/pull/914)
+- Fixed "Open in GitLab" links having a double slash when the GitLab host URL is configured with a trailing slash. [#915](https://github.com/sourcebot-dev/sourcebot/pull/915)
+
 ## [4.11.4] - 2026-02-20
 
 ### Fixed
 
@@ -193,9 +193,22 @@ Branch naming convention:
 - Bug fixes: `<username>/fix-<linear_issue_id>`
 - If no Linear issue ID is available, omit it from the branch name
 
+PR title should follow conventional commit standards:
+- `feat:` new feature or functionality
+- `fix:` bug fix
+- `docs:` documentation or README changes
+- `chore:` maintenance tasks, dependency updates, etc.
+- `refactor:` code refactoring without changing behavior
+- `test:` adding or updating tests
+
+You can optionally include a scope to indicate which package is affected:
+- `feat(web):` feature in the web package
+- `fix(worker):` bug fix in the worker package (`backend/`)
+
 PR description:
 - If a GitHub issue number was provided, include `Fixes #<github_issue_number>` in the PR description
 
 After the PR is created:
 - Update CHANGELOG.md with an entry under `[Unreleased]` linking to the new PR. New entries should be placed at the bottom of their section.
 - If the change touches `packages/mcp`, update `packages/mcp/CHANGELOG.md` instead
+- Do NOT add a CHANGELOG entry for documentation-only changes (e.g., changes only in `docs/`)
@@ -25,7 +25,8 @@
                                 "group": "Deployment",
                                 "pages": [
                                     "docs/deployment/docker-compose",
-                                    "docs/deployment/k8s"
+                                    "docs/deployment/k8s",
+                                    "docs/deployment/sizing-guide"
                                 ]
                             }
                         ]
 
@@ -165,6 +165,59 @@ in the GitLab identity provider config.
 </Steps>
 </Accordion>
 
+### Bitbucket Cloud
+
+[Auth.js Bitbucket Provider Docs](https://authjs.dev/getting-started/providers/bitbucket)
+
+A Bitbucket Cloud connection can be used for [authentication](/docs/configuration/auth) and/or [permission syncing](/docs/features/permission-syncing). This is controlled using the `purpose` field
+in the Bitbucket Cloud identity provider config.
+
+<Accordion title="instructions">
+<Steps>
+    <Step title="Register an OAuth Consumer">
+        To begin, you must register an OAuth consumer in Bitbucket to facilitate the identity provider connection.
+
+        Navigate to your Bitbucket workspace settings at `https://bitbucket.org/<your-workspace>/workspace/settings/api` and create a new **OAuth consumer** under the **OAuth consumers** section.
+
+        When configuring your consumer:
+        - Set the callback URL to `<sourcebot_url>/api/auth/callback/bitbucket-cloud` (ex. https://sourcebot.coolcorp.com/api/auth/callback/bitbucket-cloud)
+        - Enable **Account: Read**
+        - If using for permission syncing, also enable **Repositories: Read**
+
+        The result of creating an OAuth consumer is a `Key` (`CLIENT_ID`) and `Secret` (`CLIENT_SECRET`) which you'll provide to Sourcebot.
+    </Step>
+    <Step title="Define environment variables">
+        To provide Sourcebot the client id and secret for your OAuth consumer you must set them as environment variables. These can be named whatever you like
+        (ex. `BITBUCKET_CLOUD_IDENTITY_PROVIDER_CLIENT_ID` and `BITBUCKET_CLOUD_IDENTITY_PROVIDER_CLIENT_SECRET`)
+    </Step>
+    <Step title="Define the identity provider config">
+        Finally, pass the client id and secret to Sourcebot by defining a `identityProvider` object in the [config file](/docs/configuration/config-file):
+
+       ```json wrap icon="code"
+        {
+            "$schema": "https://raw.githubusercontent.com/sourcebot-dev/sourcebot/main/schemas/v3/index.json",
+            "identityProviders": [
+                {
+                    "provider": "bitbucket-cloud",
+                    // "sso" for auth + perm sync, "account_linking" for only perm sync
+                    "purpose": "account_linking",
+                    // if purpose == "account_linking" this controls if a user must connect to the IdP
+                    "accountLinkingRequired": true,
+                    "clientId": {
+                        "env": "YOUR_CLIENT_ID_ENV_VAR"
+                    },
+                    "clientSecret": {
+                        "env": "YOUR_CLIENT_SECRET_ENV_VAR"
+                    }
+                }
+            ]
+        }
+        ```
+    </Step>
+</Steps>
+</Accordion>
+
+
 ### Google
 
 [Auth.js Google Provider Docs](https://authjs.dev/getting-started/providers/google)
 
@@ -4,8 +4,6 @@ sidebarTitle: Bitbucket Cloud
 icon: Bitbucket
 ---
 
-import BitbucketToken from '/snippets/bitbucket-token.mdx';
-import BitbucketAppPassword from '/snippets/bitbucket-app-password.mdx';
 import BitbucketSchema from '/snippets/schemas/v3/bitbucket.schema.mdx'
 
 <Note>
@@ -78,25 +76,107 @@ If you're not familiar with Sourcebot [connections](/docs/connections/overview),
 
 ## Authenticating with Bitbucket Cloud
 
-In order to index private repositories, you'll need to provide authentication credentials via a [token](/docs/configuration/config-file#tokens). You can do this using an `App Password` or an `Access Token`
+In order to index private repositories, you'll need to provide authentication credentials via a [token](/docs/configuration/config-file#tokens). You can do this using an `API Token`, `Access Token`, or `App Password`.
 
 <Tabs>
-    <Tab title="App Password">
-      Navigate to the [app password creation page](https://bitbucket.org/account/settings/app-passwords/) and create an app password. Ensure that it has the proper permissions for the scope
-      of info you want to fetch (i.e. workspace, project, and/or repo level) 
-      ![Bitbucket App Password Permissions](/images/bitbucket_app_password_perms.png)
-
-      Next, provide your username + app password pair to Sourcebot:
-
-      <BitbucketAppPassword />
+    <Tab title="API Token">
+      1. Navigate to [Personal Settings → API tokens](https://id.atlassian.com/manage-profile/security/api-tokens) and click **Create API token with scopes**. Give the token a name and set an expiry date.
+
+      2. Select **Bitbucket** as the app.
+
+      3. Select the following scopes:
+         - `read:repository:bitbucket` — View your repositories
+         - `read:workspace:bitbucket` — View your workspaces
+
+      4. Click **Create token** and copy the token value.
+
+      5. Add the `user` (your account email), `gitUser` (your Bitbucket username), and `token` to your connection config. [Learn why both are needed](https://support.atlassian.com/bitbucket-cloud/docs/using-api-tokens/)
+
+      ```json
+      {
+          "type": "bitbucket",
+          "deploymentType": "cloud",
+          "user": "you@example.com",
+          "gitUser": "myusername",
+          "token": {
+              // note: this env var can be named anything. It
+              // doesn't need to be `BITBUCKET_TOKEN`.
+              "env": "BITBUCKET_TOKEN"
+          }
+          // .. rest of config ..
+      }
+      ```
+
+      6. Pass this environment variable each time you run Sourcebot:
+
+      ```bash
+      docker run \
+          -e BITBUCKET_TOKEN=<API_TOKEN> \
+          /* additional args */ \
+          ghcr.io/sourcebot-dev/sourcebot:latest
+      ```
     </Tab>
     <Tab title="Access Token">
       Create an access token for the desired scope (repo, project, or workspace). Visit the official [Bitbucket Cloud docs](https://support.atlassian.com/bitbucket-cloud/docs/access-tokens/)
       for more info.
 
-      Next, provide the access token to Sourcebot:
+      1. Add the `token` property to your connection config:
+
+      ```json
+      {
+          "type": "bitbucket",
+          "deploymentType": "cloud",
+          "token": {
+              // note: this env var can be named anything. It
+              // doesn't need to be `BITBUCKET_TOKEN`.
+              "env": "BITBUCKET_TOKEN"
+          }
+          // .. rest of config ..
+      }
+      ```
+
+      2. Pass this environment variable each time you run Sourcebot:
+
+      ```bash
+      docker run \
+          -e BITBUCKET_TOKEN=<ACCESS_TOKEN> \
+          /* additional args */ \
+          ghcr.io/sourcebot-dev/sourcebot:latest
+      ```
+    </Tab>
+    <Tab title="App Password">
+      <Warning>
+        App Passwords are deprecated. Atlassian recommends migrating to API tokens. [Learn more](https://www.atlassian.com/blog/bitbucket/bitbucket-cloud-transitions-to-api-tokens-enhancing-security-with-app-password-deprecation)
+      </Warning>
+
+      Navigate to the [app password creation page](https://bitbucket.org/account/settings/app-passwords/) and create an app password. Ensure that it has the proper permissions for the scope
+      of info you want to fetch (i.e. workspace, project, and/or repo level)
+      ![Bitbucket App Password Permissions](/images/bitbucket_app_password_perms.png)
 
-      <BitbucketToken />
+      1. Add the `user` (your Bitbucket username) and `token` properties to your connection config:
+
+      ```json
+      {
+          "type": "bitbucket",
+          "deploymentType": "cloud",
+          "user": "myusername",
+          "token": {
+              // note: this env var can be named anything. It
+              // doesn't need to be `BITBUCKET_TOKEN`.
+              "env": "BITBUCKET_TOKEN"
+          }
+          // .. rest of config ..
+      }
+      ```
+
+      2. Pass this environment variable each time you run Sourcebot:
+
+      ```bash
+      docker run \
+          -e BITBUCKET_TOKEN=<APP_PASSWORD> \
+          /* additional args */ \
+          ghcr.io/sourcebot-dev/sourcebot:latest
+      ```
     </Tab>
 </Tabs>
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,8 @@`
`25`	`25`	`"group": "Deployment",`
`26`	`26`	`"pages": [`
`27`	`27`	`"docs/deployment/docker-compose",`
`28`		`- "docs/deployment/k8s"`
	`28`	`+ "docs/deployment/k8s",`
	`29`	`+ "docs/deployment/sizing-guide"`
`29`	`30`	`]`
`30`	`31`	`}`
`31`	`32`	`]`