DEV Community

Jonas Brømsø
Jonas Brømsø

Posted on

Do you know SourceGraph's "Code Search"?

In episode #81 of "Founders Talk" from the marvellous Changelog podcast Quinn Slack the CEO of SourceGraph was interviewed by one of the ChangeLog hosts about their tool "Code Search". To me the description of this tool sounded very interesting and I immediately went to check it out. I registered with my GitHub account and started to search my own public available GitHub repositories, it was fun, but it was not something I could not find on my own laptop or directly in GitHub. Anyway, I really liked the user interface and the fact that it was incredibly fast.

A few weeks later I wanted to check if my repositories where all configured as expected in regard to using a certain configuration, it was quite easy.

I specified context: @jonasbn and the query: file:(\.)?spellcheck\.y(a)?ml

This have me a nice overview of which I my projects had the Spellcheck GitHub Action configured.

Then I got curious, could I use this for basic market research?

It is not something we do a lot for open source as maintainers, but it is nice to know if anybody is using your software.

So I tried to tweak the search a bit.

Under the context: global and made something along the lines of the following (\.)?spellcheck\.y(a)?ml archived:no

NB this is a constructed search, since I cannot remember the exact query I used, but is was somewhat similar , anyway the above example yielded: 61 hits.

All of these might not be using the Spellcheck Action, since the configuration originates from pyspelling, the core tool used by the action, so it required some more tweaking to match the path more accurately.

file:\.github/workflows/(\.)?spellcheck\.y(a)?ml

This was most helpful and I was convinced that this tool could prove really useful in the future for doing basic market research for the adaption of the GitHub Action for which I am the current maintainer.

Fast forward to the day before yesterday. I released GitHub Spellcheck Action, release 0.19.0. As I pushed the release to DockerHub I noticed that there has been downloads of older Docker images such as version: 0.13.0 and 0.14.0.

❯ hub-tool tag ls jonasbn/github-action-spellcheck
TAG                                        DIGEST                                                                     STATUS      LAST UPDATE     LAST PUSHED    LAST PULLED    SIZE
jonasbn/github-action-spellcheck:latest    sha256:ef858650e00b2b8e16307c261f116f94fb152283383a247ca4043c932d4283cd    active      3 hours ago     3 hours        4 minutes      73.39MB
jonasbn/github-action-spellcheck:0.19.0    sha256:ef858650e00b2b8e16307c261f116f94fb152283383a247ca4043c932d4283cd    active      3 hours ago     3 hours        4 minutes      73.39MB
jonasbn/github-action-spellcheck:0.18.0    sha256:66d140eb83ff1d887f5c8201b221356651ce3fe4ce9f802cfdf8bd06cff5d8ff    active      6 weeks ago     6 weeks        4 hours        72.34MB
jonasbn/github-action-spellcheck:0.17.0    sha256:07cec3e9217c214013c6ffce2dbc6c1af1290988da3131f821f46a802f4698a4    active      2 months ago    2 months       2 weeks        72.27MB
jonasbn/github-action-spellcheck:0.16.0    sha256:34704a9756b822a6a4ea47db0b4c7fa66a66ea560bfed04d501082441bd43af6    inactive    4 months ago    4 months       2 months       67.83MB
jonasbn/github-action-spellcheck:0.15.0    sha256:fbd89d0315ac2c13d51da29a9f0b790d28152f82319c2c249b1cfb524393bad9    inactive    4 months ago    4 months       5 weeks        68.4MB
jonasbn/github-action-spellcheck:0.14.0    sha256:dc6c61976b7afef0372a6765af4f2ccba36e3f895f4fe00a457f2b421e454e4a    active      7 months ago    7 months       4 days         71.33MB
jonasbn/github-action-spellcheck:0.13.0    sha256:dc6c61976b7afef0372a6765af4f2ccba36e3f895f4fe00a457f2b421e454e4a    active      8 months ago    8 months       4 days         71.33MB
Enter fullscreen mode Exit fullscreen mode

"Code Search" to the rescue...

Again with the context global I searched for: rojopolis/spellcheck-github-actions@0.13.0 archived:no, which yielded 3 hits. I did a variation more and 0.14.0 yielded 11 hits.

I created PRs for the ones using 0.13.0 and looked a the very long list and wondered how big a workload this was going to be, since just for the release 0.14.0, I could see that would require some work.

Just for the fun of it, I tried to search for the releases 0.12.0 and 0.11.0.

  • 0.12.0 yielded only my own repository
  • 0.11.0 yielded 3 hits

So there is a lot of work in there, either in creating PRs for updates to the configuration files or adaption of Dependabot to get this moving, luckily the Christmas holiday is coming up.

Any way the Docker images for 0.11.0 have been removed from DockerHub, so I thought I better makes some PRs for these projects to point to a more contemporary version, so I started by clicking into the first of the repositories found.

Much to my surprise I found out that the repository was active and the spellcheck action was working and passing. So I started to examine the log and guess what, it was pulling the Docker image tagged as latest.

So currently I am not wiser as too who pulls the older Docker images, I did the following search: context global query: docker://jonasbn/github-action-spellcheck: lang:yaml.

I can not see any public repositories point directly to these, at least not with "Code Search", but it helped me find a bug and I believe this tool to be a very powerful addition to my toolbox.

SourceGraph's "Code Search" is truly awesome.

  • I can use it to do basic market research
  • I can use it to find bugs

A 0.20.0 release of the Spellcheck GitHub Action is getting ready to be shipped and I plan to write a lot of Christmas PRs, assisting users of Spellcheck GitHub Action to get either updated or on the Dependabot bandwagon

There are several options in getting to use "Code Search", I have just used it for public repositories via the one available online - give it a go or as I as I normally put it: #techitout.

Top comments (0)