AI Codebase Context Platforms
How do we use Sourcegraph Batch Changes to open and track PRs across hundreds of repos for a dependency upgrade or API migration?
8 min read
When your org has hundreds or thousands of repositories, a “simple” dependency upgrade or API migration quickly becomes a governance problem. You’re not just changing code—you’re coordinating PRs across multiple code hosts, tracking progress, and making sure nothing slips through. This is exactly what Sourcegraph Batch Changes is built for: automated, repeatable multi-repo edits with a single place to open, review, and track all the resulting PRs.
Quick Answer: The best overall choice for running and tracking multi-repo dependency upgrades or API migrations is Sourcegraph Batch Changes. If your priority is fine‑grained, deep code analysis to design the change safely before you automate it, Sourcegraph Deep Search is often a stronger fit. For monitoring and validating long-running migration work over time, consider Sourcegraph Insights.
At-a-Glance Comparison
| Rank | Option | Best For | Primary Strength | Watch Out For |
|---|---|---|---|---|
| 1 | Sourcegraph Batch Changes | Executing and tracking multi-repo upgrades/migrations | Automates PR creation and lifecycle across all repos | Requires up-front batch spec design and testing |
| 2 | Sourcegraph Deep Search / Code Search | Designing safe, correct migration patterns | Exhaustive, cross-repo search to find all impacted code | Doesn’t execute changes on its own; needs pairing with Batch Changes or scripts |
| 3 | Sourcegraph Insights | Tracking migration progress and completion | Time-series dashboards on migration-related patterns | More about monitoring than performing edits |
Comparison Criteria
We evaluated these options for dependency upgrades and API migrations using three pragmatic criteria:
- Execution automation: How well the option can actually apply changes across hundreds of repos, open PRs, and keep them in sync with your workflow.
- Code understanding & coverage: How reliably it finds all the call sites, configs, and edge cases across your entire codebase—GitHub, GitLab, Bitbucket, Gerrit, Perforce, and more.
- Tracking & governance: How clearly it exposes progress, failures, and risks so you can report status and enforce standards (especially in regulated or security-sensitive environments).
Detailed Breakdown
1. Sourcegraph Batch Changes (Best overall for executing and tracking multi-repo upgrades)
Sourcegraph Batch Changes ranks as the top choice because it combines cross-repo execution, PR creation, and lifecycle tracking into a single workflow that scales from tens to thousands of repositories.
Batch Changes sits on top of Sourcegraph’s code understanding platform. You define a declarative “batch spec” that describes:
- which repositories to target,
- what change to apply (script, codemod, or tool),
- how to publish those changes as PRs/merge requests on each code host.
Sourcegraph then executes that spec across all matching repos, shows the resulting diffs in one UI, and manages the PRs from creation through checks and reviews until merged.
What it does well:
-
Automated, repeatable multi-repo edits:
You describe your dependency upgrade or API migration once in a batch spec. Batch Changes then:- runs your transformation (bash script, codemod, Comby, etc.) in each matched repo,
- generates diffs,
- and publishes PRs or changesets on GitHub, GitLab, Bitbucket, Gerrit, Perforce, and more.
This is ideal for: - bumping library versions everywhere (e.g.,
v1→v2), - migrating function signatures (e.g.,
doThing(a, b)→doThing(ctx, a, b)), - updating import paths,
- changing base Docker images,
- or removing deprecated APIs across your entire estate.
The same spec can be reused and versioned for similar migrations later.
-
Centralized PR tracking and status management:
The Batch Changes UI is effectively your mission control:- See all changesets (PRs/merge requests) created by the batch, across all code hosts.
- Filter by state: open, merged, closed, draft, or failed.
- Track checks and reviews without jumping across tools.
- Re-run failed changes or adjust the batch when your spec needs tweaks.
This replaces spreadsheets or ad-hoc dashboards with a single, auditable view of the entire migration.
Tradeoffs & Limitations:
- Requires up-front spec design and validation:
Batch Changes is powerful because it’s declarative. But that means you’ll:- invest time to design a robust batch spec,
- test it on a small subset of repositories,
- and iterate until the diffs and CI behavior are safe to roll out widely.
For complex API migrations with many edge cases, you still need strong test coverage and review discipline. Batch Changes doesn’t override your normal review processes; it works with them.
Decision Trigger: Choose Sourcegraph Batch Changes if you want to open and track PRs across hundreds of repos for dependency upgrades or API migrations in a controlled, repeatable way, and you prioritize execution automation plus centralized, auditable tracking.
2. Sourcegraph Deep Search / Code Search (Best for designing safe migration patterns)
Sourcegraph Deep Search / Code Search is the strongest fit when your main challenge is figuring out where and how to change code safely before you automate the edits.
Deep Search gives you “Agentic AI Search” over your entire codebase, powered by a fast, exhaustive code search engine. Instead of guessing where a dependency or API is used, you query once and see all the occurrences—including tricky edge cases—across all repositories and code hosts.
What it does well:
-
Exhaustive discovery of impacted code:
Before writing a batch spec, you should know:- which repos actually depend on the library you’re upgrading,
- where deprecated APIs are called,
- what patterns will break once you change signatures or behaviors.
With Code Search and Deep Search, you can: - run structural searches (regex, patterns, operators) across 100 or 1M repositories,
- narrow results by language, file path, or repo metadata,
- and use Deep Search to get AI answers that summarize usage patterns and risks.
This is how you design migration rules that won’t miss critical edges.
-
Context for humans and agents:
Deep Search surfaces the exact files, symbols, and call graphs that your migration will touch. That context:- helps developers reason about the change,
- and gives coding agents a reliable map of the legacy codebase so they’re not “hallucinating” usage.
You can feed those results into your batch spec design or codemods and iterate quickly.
Tradeoffs & Limitations:
- Doesn’t execute the changes on its own:
Deep Search and Code Search give you understanding, not mass edits. To actually:- rewrite call sites,
- update imports,
- or bump dependency versions at scale,
you still need Batch Changes or your own scripts. Deep Search is the planning and validation layer, not the execution engine.
Decision Trigger: Choose Deep Search / Code Search as your first move if you want to design a safe dependency upgrade or API migration plan and you prioritize complete coverage and code understanding before you start opening PRs at scale.
3. Sourcegraph Insights (Best for tracking long-running migration progress)
Sourcegraph Insights stands out when your dependency upgrade or API migration isn’t a one-and-done task but a multi-month initiative that needs clear progress visibility for engineering leadership and governance.
Insights uses Sourcegraph’s search capabilities to power dashboards that show how patterns in your codebase evolve over time.
What it does well:
-
Time-series views of migration progress:
You can create Insights that:- count remaining uses of a deprecated API,
- track how many repos still depend on an old library version,
- or measure adoption of a new pattern or framework.
Because Insights sits on top of Code Search, it works across all your code hosts and repositories, not just a single org or project.
-
Alignment with org-wide migrations and standards:
Pair Insights with Batch Changes like this:- Use Batch Changes to apply the initial migration across as many repos as possible.
- Use Insights dashboards to:
- confirm that deprecated patterns are actually decreasing over time,
- detect new regressions (e.g., someone reintroduces the old dependency),
- and communicate progress to stakeholders without pulling data manually.
This is especially valuable for security-driven upgrades or compliance-mandated API changes.
Tradeoffs & Limitations:
- Monitoring, not editing:
Insights won’t change code or open PRs. It’s a measurement and visibility layer. To move from “observed risk” to “fixed code,” you still pair it with Batch Changes, manual work, or other automation.
Decision Trigger: Choose Insights if you want to measure and report on a dependency upgrade or API migration over weeks or months and you prioritize clear, persistent visibility into how your codebase is changing.
Final Verdict
For the specific job of opening and tracking PRs across hundreds of repos for a dependency upgrade or API migration, Sourcegraph Batch Changes is the primary tool you should reach for. It’s designed to:
- apply the same scripted change across all matching repositories,
- publish PRs or merge requests on your existing code hosts,
- and track their lifecycle in a single UI until each change is merged.
Use Deep Search / Code Search to design and validate the migration pattern up front—ensuring you catch all usages and edge cases before you roll anything out broadly. Then layer Insights on top if you need ongoing, org-wide visibility into migration progress or standards adoption.
Together, these workflows give you a reliable way to move from “we should upgrade this dependency everywhere” to “every impacted repo has a tracked PR, and we can prove the migration is complete”—across GitHub, GitLab, Bitbucket, Gerrit, Perforce, and more, and at the scale of 100 to 1M repositories.