Optimizing Developer Workflow with Sourcegraph https://sourcegraph.com

Prosper Otemuyiwa Co-founder, forloop Africa & Eden Life Developer Advocate, Sourcegraph

Build. Ship. Scale. The Software Developers’ Mantra >>>

Building, shipping & scaling great software is hard. The Software Developers’ Excruciating Pain>>>

Developer Tools that make you move fast, and at scale. The Software Developers’ Best Companion >>>

Fast & Scalable Code Search. #1. Developer Workflow Optimization with Code Search >>>

“Knowledge is of two kinds. We know a subject ourselves, or we know where we can find information upon it” - Samuel Johnson

Sourcegraph’s users report an average of 30 mins a day saved by using code search. #1. Developer Workflow Optimization with Code Search >>>

When you have 500 engineers searching code repos, multiple times a day, throughout each day, that’s huge time savings #1. Developer Workflow Optimization with Code Search >>>

#1. Developer Workflow Optimization with Code Search >>>

#1. Developer Workflow Optimization with Code Search >>> LITERAL SEARCH

#1. Developer Workflow Optimization with Code Search >>> LITERAL SEARCH

#1. Developer Workflow Optimization with Code Search >>> LITERAL SEARCH

#1. Developer Workflow Optimization with Code Search >>> REGULAR EXPRESSION SEARCH

#1. Developer Workflow Optimization with Code Search >>> STRUCTURAL SEARCH

#1. Developer Workflow Optimization with Code Search >>> STRUCTURAL SEARCH

Jump to definitions & Find code references in a jiffy! #2. Developer Workflow Optimization with Efficient Code Browsing >>>

#2. Developer Workflow Optimization with Efficient Code Browsing >>> Code Intelligence

#2. Developer Workflow Optimization with Efficient Code Browsing >>> Find References

#2. Developer Workflow Optimization with Efficient Code Browsing >>> Jump to Definition

“You don’t have to know everything, but you should learn how and where to find the things you need and want to know” - Albert Einstein

Change code everywhere (hundreds of repos) with a single declarative file. #3. Developer Workflow Optimization with Batch Changes >>>

#3. Developer Workflow Optimization with Batch Changes >>>

#3. Developer Workflow Optimization with Batch Changes >>>

#3. Developer Workflow Optimization with Batch Changes >>> Get started with Batch changes in less than 10 mins. Batch Changes Quick Start Guide >>>

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> Find secrets, tokens, keys across the entire org’s codebase via optimized code search.

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> Regex Secret Search

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> repo:[our targeted repos]$ patterntype:regex // Strings longer than 32 characters, maybe base-64 encoded ("[a-z0-9+/]{32,}=?"|'[a-z0-9+/]{32,}=?'|`[a-z0-9+/]{32,}=?`) // Private keys -----BEGIN (RSA )?PRIVATE KEY----- // Lines ending with "=" (likely base64 values) [a-z0-9+/]+==?(['"],?)?\n

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> repo:[our targeted repos]$ patterntype:regex (token|secret|password|credential|key|private|sensitive)[^a-z0-9+/\n]+[a-z0-9+/]{16,}(['"] ,?)?\n or // Likely k8s secrets (kind: secret|kind secret|kubectl create secret) or //Slack (xox[pborsa]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32}) or // GitHub [gG][iI][tT][hH][uU][bB].*['|\"][0-9a-zA-Z]{35,40}['|\"] // Google, GCP, GSuite AIza[0-9A-Za-z\\-_]{35} or [0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com or ya29\\.[0-9A-Za-z\\-_]+

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> repo:[our targeted repos]$ patterntype:regex (credential|secret|private|\Wkey\W|token|sensitive|password|s ession|auth|license|\Wid\W) or [sS][eE][cC][rR][eE][tT].*['|\"][0-9a-zA-Z]{32,45}['|\"]

#4. Developer Workflow Optimization via Optimized Vulnerability Discovery >>> Find exact vulnerable dependencies

How to make Sourcegraph a part of your dev tools stack? Integrating Sourcegraph to You & Your Team’s Workflow >>>

Integrating Sourcegraph to You & Your Team’s Workflow >>> ● What’s the best way to run a trial of Sourcegraph in my team/org? ○ Running a Sourcegraph trial/POC ● How can I best communicate the value of code search to developers who’ve not used it before? ○ See how developers at Uber, Lyft, Yelp depend on Sourcegraph every day

Integrating Sourcegraph to You & Your Team’s Workflow >>> ● Sign up on Sourcegraph Cloud (sourcegraph.com) ○ Team Support (early access) on Sourcegraph Cloud coming in December, 2021

● Hiring more engineers is good, leveraging better developer tools is great. ● Make it a priority to bring the best developer tools to your organization. Developer Wisdom >>>

● Search over 2.1M open source & public repositories across GitHub & Gitlab. ● Search private code across several repositories ● Precise code intelligence ● Automation of large scale code changes via Batch changes. ● Code monitoring ● Code insights (still in beta) #1. Recap: Why you need to Optimize Developer Workflow with Sourcegraph >>>

#2. Recap: Why you need to Optimize Developer Workflow with Sourcegraph >>> ● Developer velocity - Help all your developers to move fast. With code intelligence & great search, code discovery is a walk in the park. ● Onboarding new developers to a codebase - The faster developers can understand your massive codebase, the better. ● Codebase refactors (batch changes) - as codebase grows, you need to refactor the codebase more intelligently.

Learn more about Sourcegraph >>> https://learn.sourcegraph.com

Sourcegraph Resources! ● learn.sourcegraph.com ● docs.sourcegraph.com ● dev.to/sourcegraph ● about.sourcegraph.com/blog ● info.sourcegraph.com/dev-tool-time ● about.sourcegraph.com/podcast

Twitter: @unicodeveloper GitHub: @unicodeveloper Thanks & Optimize your dev. workflow today!