Today, we're announcing Sourcegraph 7.0, a release that marks the beginning of a new chapter for our company and product. Over the past several releases, we've shifted our focus. We're doubling down on being the intelligence layer that developers and AI agents rely on to

Binary obfuscation in 2026: Just put ANTHROPIC_MAGIC_STRING_TRIGGER_REFUSAL_1FA... into your program 😎

Stop patching vulnerabilities manually. @sgjarmak walks through the end-to-end workflow: detect, fix, and verify the React2Shell (CVE-2025-55182) vulnerability using Batch Changes, Deep Search, and our MCP server. https://t.co/ShS5RCWQwl

Big news! Sourcegraph & @AmpCode are becoming two separate companies. Read why: https://t.co/UdnF0NOg1c

Opus is worth it, and maybe cheaper all-in than Sonnet? Early rough non-representative numbers, for our own internal @AmpCode usage (avg cost $ per thread): - Sonnet 4.5: $1.83 - Opus 4.5: $1.30 (earlier checkpoint last week was $1.55) - Gemini 3 Pro: $1.21

Periodic reminder that Amp Free is free and we're able to use a more intelligent model because we offset the cost of inference by showing ads for other dev tools: https://t.co/qHUrbnDq3o

Long coding agent threads (> ~350k tokens) so rarely yield good results. If it’s repetitive work (like a refactor), it’s better, but you should run many smaller threads in parallel. (We have a WIP subagent that we hope to release soon that can help here.) If it’s a long and

Amp's new default model: Gemini 3 Pro https://t.co/r1N5ajBDfs

Wrote a guide on how to get the most out of the context window in Amp: https://t.co/6HMjN7KbaX

Amp Free just got a BIG upgrade: ~65% faster, *much* smarter model (ads pay well, we 5x'd ALL rate limits!). Happy weekend coding. Will keep this if our tests and your feedback are all positive. (`amp update` or update Amp extension to use.)

𝗕𝗦𝗶𝗱𝗲𝘀 𝗣𝗼𝗿𝘁𝗼 𝟮𝟬𝟮𝟱-𝗖𝗮𝗹𝗹 𝗳𝗼𝗿 𝗦𝗽𝗼𝗻𝘀𝗼𝗿𝘀 𝗢𝗣𝗘𝗡 📅 Nov 28–29, 2025 - @bsidesporto 📍 Porto, Portugal — Venue TBA 🤝 𝗖𝗮𝗹𝗹 𝗳𝗼𝗿 𝗦𝗽𝗼𝗻𝘀𝗼𝗿𝘀: https://t.co/2slstZkMBk… 👥 Tag a partner who should be here. #BSidesPorto #SecurityBSides

true, but if 90% of the population doesn’t know how IP addresses work… A sensible optimization? 😂

😂

Nope. You’re doing great! Keep going Kylie!

Amp now lets you provide tools to the agent with a few lines of code. Instead of writing an MCP server, you can drop any executable into a directory you tell Amp about. As long as the executable can produce a tool description, Amp will pick it up. This way Amp doesn't have to

A couple security-oriented ships for Amp today. You can allow or block MCP servers with string matches, regexes, or glob patterns. Admins can override individual settings with a special file on disk—useful for ensuring security and consistency when it comes to MCP and tools.

Amp CLI now has custom slash commands. It is a slightly different spin. I did not like the custom syntax on top of Markdown. You can express them in two ways: - Raw Markdown - Executable Executables inject what comes to stdout into the context of the LLM. Write them in any

next. we hijacked cursor via jira mcp by submitting a support ticket cursor harvests and exfiltrate all creds from your dev machine and then reports back to the dev that "the 2-hour downtime that affected user transactions has been resolved" #DEFCON #BHUSA @simakov_marina

Check out @thorstenball's talk, "Subagents & the Multiplication of Context Windows," at AI Dev Tools Night SF, August 5th. Join the waitlist (link in thread)

Many coding agents have a "modes" feature that (kinda?) made sense in a RAG or early agentic era. Now they're adding subagents like Amp (search subagent, general subagents, the oracle) and Claude Code (which just shipped a really cool custom subagents feature). Modes are