diff --git a/docs/technical-changelog.mdx b/docs/technical-changelog.mdx
index bb506f58e..11ecee361 100644
--- a/docs/technical-changelog.mdx
+++ b/docs/technical-changelog.mdx
@@ -4,6 +4,677 @@ This page documents all notable changes to Sourcegraph. For more detailed change
 
 {/* CHANGELOG_START */}
 
+# sourcegraph 5 Release 9 Patch 0
+
+## v5.9.0
+
+- [sourcegraph](https://github.com/sourcegraph/sourcegraph/releases/tag/v5.9.0)
+
+- [docker-compose](https://github.com/sourcegraph/deploy-sourcegraph-docker/releases/tag/v5.9.0)
+
+- [helm](https://github.com/sourcegraph/deploy-sourcegraph-helm/releases/tag/v5.9.0)
+
+- [kustomize](https://github.com/sourcegraph/deploy-sourcegraph-kustomize/releases/tag/v5.9.0)
+
+### Features
+
+#### Api
+
+- Added a better error message for 429 errors for `/.api/cody/completions` (CODY-4097) [#1380](https://github.com/sourcegraph/sourcegraph/pull/1380)
+
+#### Audit
+
+- add tenant to audit logs, fix log stack [#960](https://github.com/sourcegraph/sourcegraph/pull/960)
+
+#### Batch Changes
+
+- show name of additional fields that cause errors [#799](https://github.com/sourcegraph/sourcegraph/pull/799)
+  - feat(batches): show name of additional fields that cause errors
+
+#### Ci
+
+- generate frozen files as part of stich_migration_graph generation [#957](https://github.com/sourcegraph/sourcegraph/pull/957)
+- record Test infrastructure failures [#884](https://github.com/sourcegraph/sourcegraph/pull/884)
+  - add library that writes to TEST_INFRASTRUCTURE_FAILURE_FILE if it is defined for test failures
+
+#### Cloud
+
+- allow monolithsams instances to have no conf auth providers [#1247](https://github.com/sourcegraph/sourcegraph/pull/1247)
+- add support to override target managed service endpoints [#1238](https://github.com/sourcegraph/sourcegraph/pull/1238)
+- add support to override license generation public key from cloud site config [#1193](https://github.com/sourcegraph/sourcegraph/pull/1193)
+
+#### Code Intelligence
+
+- Syntactic indexing grafana monitoring dashboard [#1263](https://github.com/sourcegraph/sourcegraph/pull/1263)
+
+#### Cody
+
+- add more API docs content [#1378](https://github.com/sourcegraph/sourcegraph/pull/1378)
+  - OPTIONAL; info at [https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c](https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c)
+- add CLI tool to compute PCW [#1349](https://github.com/sourcegraph/sourcegraph/pull/1349)
+- Add Claude 3.5 Sonnet (Latest) & Claude 3 Opus (Latest) [#1244](https://github.com/sourcegraph/sourcegraph/pull/1244)
+  - OPTIONAL; info at [https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c](https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c)
+- add Cody Audit Log [#1232](https://github.com/sourcegraph/sourcegraph/pull/1232)
+- add cody audit log table and store [#1182](https://github.com/sourcegraph/sourcegraph/pull/1182)
+- Expose token usage in the LLM API [#1070](https://github.com/sourcegraph/sourcegraph/pull/1070)
+  - The `/.api/completions/stream` API now includes used input/output tokens and the upstream model name in the response body when using the query parameter `api-version=5` or higher. Does not apply to: Vertex Anthropic, Azure OpenAI (mo model name, and no token usage in streaming response), Gemini (no model name in streaming response)
+  - LLM chat completions now support `stream: false` when using Azure OpenAI and OpenAI-compatible providers.
+- update telemetry feature prefix for Cody API [#1023](https://github.com/sourcegraph/sourcegraph/pull/1023)
+- add embedded API docs via OpenAPI/Redocly [#1014](https://github.com/sourcegraph/sourcegraph/pull/1014)
+  - New OpenAPI API docs within the instance at the URL `$SRC_ENDPOINT/api/openapi/public`. Alternatively, reach the page at "User > Settings > OpenAPI Reference".
+- add basic telemetry recording for Cody API [#943](https://github.com/sourcegraph/sourcegraph/pull/943)
+- add support to format raw API responses for Cody [#877](https://github.com/sourcegraph/sourcegraph/pull/877)
+  - The raw HTTP API now accepts the query paramter `format=cody` or header `Accept: application/cody` to render files and directories as context items for Cody. Example request path: `/github.com/sourcegraph/cody/-/raw/agent/src/index.ts?format=cody`.
+
+#### Cody-Gateway
+
+- add new claude-3-5-haiku-latest model [#1471](https://github.com/sourcegraph/sourcegraph/pull/1471)
+  - OPTIONAL; info at [https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c](https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c)Cody Gateway: add new claude-3-5-haiku-latest & claude-3-5-opus-latest models to Cody Gateway allow list
+Cody Gateway: add new claude-3-5-haiku-latest dotcom models list  Backport 11e7481ba3c810ae5b47d32b8cf32066e2f0b2bb from #1470
+- deprecate old claude 3.5 sonnet [#1248](https://github.com/sourcegraph/sourcegraph/pull/1248)
+  - OPTIONAL; info at [https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c](https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c)
+
+#### Dev
+
+- add externalSecret support for commandsets [#1027](https://github.com/sourcegraph/sourcegraph/pull/1027)
+- sg sams login and cookie-less workspace creation [#913](https://github.com/sourcegraph/sourcegraph/pull/913)
+
+#### Graphql
+
+- upload graphql schemas to GCS bucket [#1245](https://github.com/sourcegraph/sourcegraph/pull/1245)
+
+#### Internal/Requestclient
+
+- have HTTP middleware populate all response headers with observed X-Forwarded-For and calculated IP for debugging purposes [#524](https://github.com/sourcegraph/sourcegraph/pull/524)
+  - All of Sourcegraph's HTTP responses now contain two new headers for easier debugging purposes.
+- `Observed-X-Forwarded-For`: echos the `X-Forwarded-For` header
+that we observed on the user's incoming request
+- `Observed-Calculated-IP-From-Forwarded-For`: indicates the IP address that we derived from the user's `X-Forwarded-For` header
+
+#### Local
+
+- use pending spinner for build waiting in cloud ephemeral [#1039](https://github.com/sourcegraph/sourcegraph/pull/1039)
+- add format for displaying env [#918](https://github.com/sourcegraph/sourcegraph/pull/918)
+
+#### Monitoring
+
+- set decimals to 1 for standard heatmap [#1361](https://github.com/sourcegraph/sourcegraph/pull/1361)
+
+#### Monolithsams
+
+- load SAMS provider and creds from env [#1024](https://github.com/sourcegraph/sourcegraph/pull/1024)
+
+#### Msp
+
+- package 'auditlog' [#1223](https://github.com/sourcegraph/sourcegraph/pull/1223)
+
+#### Msp/Pg
+
+- updated o11y for pool acquire, add overrides for pgxpool.Config [#1375](https://github.com/sourcegraph/sourcegraph/pull/1375)
+
+#### Search
+
+- (new web ui) Show loading feedback for hovercards [#1239](https://github.com/sourcegraph/sourcegraph/pull/1239)
+- (new web ui) Add ability so switch search scope in fuzzy finder [#1201](https://github.com/sourcegraph/sourcegraph/pull/1201)
+- (new web ui) Make view modes available when opening a file at a commit [#1090](https://github.com/sourcegraph/sourcegraph/pull/1090)
+- (new web ui) Render relative images in rich text documents [#841](https://github.com/sourcegraph/sourcegraph/pull/841)
+
+#### Sg
+
+- make workspaces endpoint configurable [#998](https://github.com/sourcegraph/sourcegraph/pull/998)
+- implement show-env flag [#883](https://github.com/sourcegraph/sourcegraph/pull/883)
+
+#### Site Admin
+
+- site config 'telemetry: { disableLocalEventLogs }' to disable event_logs [#1275](https://github.com/sourcegraph/sourcegraph/pull/1275)
+  - Long-term local retention of user telemetry as 'event logs' can now be disabled entirely via the `telemetry: { disableLocalEventLogs }` site configuration.
+
+#### Sub_repo_perms
+
+- add conditional logging for seeing if sub_repo_permisisons are working [#673](https://github.com/sourcegraph/sourcegraph/pull/673)
+  - The sub repository permissions implementation now emits logs that describe the rules that were evaluated for a given request whenever tracing is enabled. (We limit these logs for only when tracing is enabled since they can be quite verbose).
+
+#### Telemetry
+
+- Log estimated LLM cost telemetry (CODY-4007) [#1312](https://github.com/sourcegraph/sourcegraph/pull/1312)
+  - Adds cost estimates to the ModelConfiguration returned by `.api/llm/supported-models.json`
+  - Adds `llmTokenUsageCostEstimate` telemetry value with estimates of each requests LLM cost in pennies
+- Add check for PGDATASOURCE [#1281](https://github.com/sourcegraph/sourcegraph/pull/1281)
+  - OPTIONAL; info at [https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c](https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c)
+- Add source.server.server_client.user_agent to telemetry payload [#1120](https://github.com/sourcegraph/sourcegraph/pull/1120)
+  - Add the sourcegraph API client user-agent to telemetry payload types under `source.server.server_client.user_agent`.
+- check for external dbs [#1083](https://github.com/sourcegraph/sourcegraph/pull/1083)
+- propagate new x-sourcegraph-api-client-* headers to request clients [#1025](https://github.com/sourcegraph/sourcegraph/pull/1025)
+  - Propagates new X-Sourcegraph-API-Client-Name and X-Sourcegraph-API-Client-Version headers to request clients
+
+#### Telemetry-Gateway
+
+- improve logging on processing done [#1252](https://github.com/sourcegraph/sourcegraph/pull/1252)
+
+#### Telemetrygateway
+
+- implement publishusermetadata RPC [#1095](https://github.com/sourcegraph/sourcegraph/pull/1095)
+- spec PublishInstanceUserMetadata and pubsub format [#1053](https://github.com/sourcegraph/sourcegraph/pull/1053)
+
+#### Telemetrygatewayexporter
+
+- log export duration, use better duration buckets [#1305](https://github.com/sourcegraph/sourcegraph/pull/1305)
+
+#### Tenant/Reconciler
+
+- full membership reconcile [#953](https://github.com/sourcegraph/sourcegraph/pull/953)
+- handle tenant-exists, new-tenant, and error combination paths [#895](https://github.com/sourcegraph/sourcegraph/pull/895)
+
+#### Worker
+
+- delete legacy event_logs exporter [#859](https://github.com/sourcegraph/sourcegraph/pull/859)
+
+#### Worker/Telemetrygatewayexporter
+
+- opt-in user metadata exporter [#1096](https://github.com/sourcegraph/sourcegraph/pull/1096)
+
+#### Workspaces
+
+- notify user state updates [#1316](https://github.com/sourcegraph/sourcegraph/pull/1316)
+- allow join-by-email to be provided on creation [#1280](https://github.com/sourcegraph/sourcegraph/pull/1280)
+- add management GetWorkspace that allows view-by-email-domain [#1277](https://github.com/sourcegraph/sourcegraph/pull/1277)
+- guard against excessive join-workspaces [#1251](https://github.com/sourcegraph/sourcegraph/pull/1251)
+- restrict memberships/admins before allowing workspace creation [#1212](https://github.com/sourcegraph/sourcegraph/pull/1212)
+- join by email domain POC [#1162](https://github.com/sourcegraph/sourcegraph/pull/1162)
+- configure join by email domains [#1158](https://github.com/sourcegraph/sourcegraph/pull/1158)
+- only recently seen instances are candidates for hosting workspace [#1031](https://github.com/sourcegraph/sourcegraph/pull/1031)
+- ban 'default' as a workspace name [#992](https://github.com/sourcegraph/sourcegraph/pull/992)
+- forbid 'src-'-prefix workspace names [#920](https://github.com/sourcegraph/sourcegraph/pull/920)
+- refactor workspace states with reconcile and dormancy [#819](https://github.com/sourcegraph/sourcegraph/pull/819)
+
+#### Workspaces/Management
+
+- always return roles [#1358](https://github.com/sourcegraph/sourcegraph/pull/1358)
+- provide workspace URI [#1055](https://github.com/sourcegraph/sourcegraph/pull/1055)
+
+#### Workspacesreconciler
+
+- add WORKSPACESRECONCILER_INSTANCE_STATE_OVERRIDE and 'AT_CAPACITY' state [#1297](https://github.com/sourcegraph/sourcegraph/pull/1297)
+- global periodic reconciler [#997](https://github.com/sourcegraph/sourcegraph/pull/997)
+
+#### Others
+
+- surface result precision in the explore panel [#1359](https://github.com/sourcegraph/sourcegraph/pull/1359)
+- more complete search backend events [#1257](https://github.com/sourcegraph/sourcegraph/pull/1257)
+- add embedded file snippet page [#1196](https://github.com/sourcegraph/sourcegraph/pull/1196)
+  - Added embeddable page for file snippets
+- add embedded file snippet component [#1122](https://github.com/sourcegraph/sourcegraph/pull/1122)
+- add search aggregations to svelte webapp [#1093](https://github.com/sourcegraph/sourcegraph/pull/1093)
+
+### Fix
+
+#### Api-Docs
+
+- Added OpenAPI Urls to static page info [#1379](https://github.com/sourcegraph/sourcegraph/pull/1379)
+
+#### Batch Changes
+
+- enable request splitting by default [#1229](https://github.com/sourcegraph/sourcegraph/pull/1229)
+  - fix(batches): enable request splitting by default
+- handle spec being nil for suffix salt [#1228](https://github.com/sourcegraph/sourcegraph/pull/1228)
+  - fix(batches): handle spec being nil for suffix salt
+- enable GQL request splitting via BATCH_CHANGES_REQUEST_SPLITTING [#1150](https://github.com/sourcegraph/sourcegraph/pull/1150)
+  - fix(batches): enable GQL request splitting via BATCH_CHANGES_REQUEST_SPLITTING
+- display "Deleted Namespace" instead of throwing an error [#778](https://github.com/sourcegraph/sourcegraph/pull/778)
+  - fix(batches): display "Deleted Namespace" instead of throwing an error
+
+#### Ci
+
+- remove dependsOn key for PG16 step [#1295](https://github.com/sourcegraph/sourcegraph/pull/1295)
+- disable db test task temporarily [#1292](https://github.com/sourcegraph/sourcegraph/pull/1292)
+- generate coreos iptable BUILD.bazel file [#1230](https://github.com/sourcegraph/sourcegraph/pull/1230)
+- cap branch names in image tags [#1103](https://github.com/sourcegraph/sourcegraph/pull/1103)
+
+#### Code Monitor
+
+- fail monitors with missing/unverified primary email address [#938](https://github.com/sourcegraph/sourcegraph/pull/938)
+  - fix(code-monitor): fail monitors with missing/unverified primary email address
+
+#### Code Intelligence
+
+- Add more limits in auto-indexing inference code [#1170](https://github.com/sourcegraph/sourcegraph/pull/1170)
+  - Introduces new limits for auto-indexing inference to reduce the risk of continuously growing auto-indexing queues.
+  - The number of jobs spawned per round of auto-indexing inference per repo is capped (default: 100) to reduce risk of clogging of auto-indexing queues. Excess jobs will be discarded.
+  - The number of paths inspected for a single round of auto-indexing inference per repo is capped (default: 500) to reduce risk of timeouts. Excess paths will be discarded.
+- Handle annotated tag hashes passed as 'commit' for uploads [#1135](https://github.com/sourcegraph/sourcegraph/pull/1135)
+  - Fixes handling of SCIP uploads when the hash passed to the `-commit` flag of `src-cli` corresponds to the hash of an annotated tag instead of the hash of a commit. Previously, these uploads were not accessible for code navigation.
+- Propagate error collector to fix retention tab GraphQL API call [#847](https://github.com/sourcegraph/sourcegraph/pull/847)
+  - Fixes a bug where the retention tab for precise indexes would show
+a nil pointer exception instead of retention information.
+
+#### Code Nav
+
+- Trigger hovers for all programming languages [#1076](https://github.com/sourcegraph/sourcegraph/pull/1076)
+  - Fixes a bug where hovers were not triggered for less mainstream languages like F#,
+Standard ML, Visual Basic, Pkl, Hack, MATLAB etc.
+
+#### Cody
+
+- convert nil message content parts for OpenAI compatability [#1467](https://github.com/sourcegraph/sourcegraph/pull/1467)
+- guard against completion usage missing (CODY-4135) [#1218](https://github.com/sourcegraph/sourcegraph/pull/1218)
+- API telemetry [#1026](https://github.com/sourcegraph/sourcegraph/pull/1026)
+- reset usage when rate limit value or interval decreased [#1015](https://github.com/sourcegraph/sourcegraph/pull/1015)
+- fix CodyLLMConfiguration resolver [#839](https://github.com/sourcegraph/sourcegraph/pull/839)
+
+#### Codyapi
+
+- Restrict audit log retrieval to site admins only [#1285](https://github.com/sourcegraph/sourcegraph/pull/1285)
+  - OPTIONAL; info at [https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c](https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c)
+- Add usage to completions/chat (CODY-3498) [#1131](https://github.com/sourcegraph/sourcegraph/pull/1131)
+  - Added token usage information to `.api/llm/chat/completions`
+
+#### Completions
+
+- clear out usage information on the completions API when version < 5 (CODY-4114) [#1153](https://github.com/sourcegraph/sourcegraph/pull/1153)
+
+#### Dev
+
+- Correctly propagate error key-value pairs [#1258](https://github.com/sourcegraph/sourcegraph/pull/1258)
+  - Fixes a bug where logs and traces were sometimes missing key-value pairs recorded alongside errors.
+- fix sg db reset-pg PGUSER overwrite [#1220](https://github.com/sourcegraph/sourcegraph/pull/1220)
+- fix secrets deadlock [#1032](https://github.com/sourcegraph/sourcegraph/pull/1032)
+- fix workspaces client in local dev [#1028](https://github.com/sourcegraph/sourcegraph/pull/1028)
+- (new web ui) Properly initialize local dev defaults [#961](https://github.com/sourcegraph/sourcegraph/pull/961)
+- remove removed table from MT migration [#910](https://github.com/sourcegraph/sourcegraph/pull/910)
+- report warning if workspace creation failed [#909](https://github.com/sourcegraph/sourcegraph/pull/909)
+- fix workspaces flakey test [#862](https://github.com/sourcegraph/sourcegraph/pull/862)
+
+#### Frontend
+
+- place requestclient as one of the first middleware [#1215](https://github.com/sourcegraph/sourcegraph/pull/1215)
+
+#### Local
+
+- move env into correct grouping [#1332](https://github.com/sourcegraph/sourcegraph/pull/1332)
+- specify default database when checking psql version in `sg setup` [#924](https://github.com/sourcegraph/sourcegraph/pull/924)
+- fix issue with sg start monitoring ignoring dockerCommands [#848](https://github.com/sourcegraph/sourcegraph/pull/848)
+
+#### Mt-Router
+
+- prevent infinite oauth redirect [#1118](https://github.com/sourcegraph/sourcegraph/pull/1118)
+
+#### Release
+
+- rename generated changelog file [#1136](https://github.com/sourcegraph/sourcegraph/pull/1136)
+- Add stitched migration graph override (#935) [#941](https://github.com/sourcegraph/sourcegraph/pull/941)
+  - NA
+
+#### Search
+
+- disable hybrid search with index:no [#1462](https://github.com/sourcegraph/sourcegraph/pull/1462)
+  - `index:no` will now avoid the index completely. Previously it would still consult the index via a process called hybrid search. Search jobs always uses `index:no`, so if you notice a performance problem please reach out to Sourcegraph support. Setting `SRC_DISABLE_RESPECT_INDEX_FIELD` environment variable on the frontend and worker pods will disable this new behaviour in 5.9.x only.Stacked on [https://github.com/sourcegraph/sourcegraph/pull/1456](https://github.com/sourcegraph/sourcegraph/pull/1456)Closes [https://linear.app/sourcegraph/issue/SPLF-663/disable-hybrid-search-for-search-jobs](https://linear.app/sourcegraph/issue/SPLF-663/disable-hybrid-search-for-search-jobs)  Backport 7aced46a7bc3526695a77e492ee69ad2cfa7bb17 from #1460
+- (new web ui) Render submodules differently in file trees [#1377](https://github.com/sourcegraph/sourcegraph/pull/1377)
+- Fix document highlights in certain situations [#1343](https://github.com/sourcegraph/sourcegraph/pull/1343)
+- (new web ui) Fix relative links to folders [#1331](https://github.com/sourcegraph/sourcegraph/pull/1331)
+- (new web ui) Fix file tree sidebar not staying at top level directory [#1328](https://github.com/sourcegraph/sourcegraph/pull/1328)
+- (new web ui) Show informative message when repo has no README or description [#1240](https://github.com/sourcegraph/sourcegraph/pull/1240)
+- (new web ui) Fix linkifying files [#1236](https://github.com/sourcegraph/sourcegraph/pull/1236)
+- (new web ui) Make blob view readonly [#1234](https://github.com/sourcegraph/sourcegraph/pull/1234)
+  - Prevents default browser shortcuts from modifying the file content locally.
+- (new web ui) Prevent uncaught error when navigating back to file page [#1199](https://github.com/sourcegraph/sourcegraph/pull/1199)
+- (new web ui) Show helpful message for root commit/change list page [#1138](https://github.com/sourcegraph/sourcegraph/pull/1138)
+- (new web ui) Do not show loading spinner for empty commit ranges on compare page [#1126](https://github.com/sourcegraph/sourcegraph/pull/1126)
+- (new web ui) Fix search aggregation styles [#1125](https://github.com/sourcegraph/sourcegraph/pull/1125)
+- exclude content filters from phrase boosting [#1038](https://github.com/sourcegraph/sourcegraph/pull/1038)
+  - This fixes a bug where we would apply a phrase boost if a `content:` filter was specified with keyword search enabled. This led to inconsistent behavior (regexp vs keyword search) and it also rendered the `content:` filter ineffective, because we ran a general text search instead of a just a content search.
+- (new web ui) 'File not found' when quickly navigating between files [#959](https://github.com/sourcegraph/sourcegraph/pull/959)
+- (new web ui) Blame view not visible for files that use `\r` as line separators [#929](https://github.com/sourcegraph/sourcegraph/pull/929)
+- (new web ui) Show settings link to site admins when repo error occurs [#817](https://github.com/sourcegraph/sourcegraph/pull/817)
+
+#### Sg
+
+- workaround dangling dev resources [#1048](https://github.com/sourcegraph/sourcegraph/pull/1048)
+
+#### Source
+
+- correct Name() documentation for gitserver's ReadDirIterator [#1278](https://github.com/sourcegraph/sourcegraph/pull/1278)
+  - The documentation for gitserver's ReadDir method has been clarified to reflect that the return iterator's Name() method returns the full path of the file, as opposed to just the basename.
+- multiple GitHub external accounts to the same URL now refresh correctly [#1260](https://github.com/sourcegraph/sourcegraph/pull/1260)
+  - When there are multiple auth providers configured that point to the same GitHub URL, as can be the case when using private GitHub Apps, user external account tokens will now refresh correctly.
+- clarify exclude docs in github connection schema to say that individual expressions within block are `and`-ed together [#1249](https://github.com/sourcegraph/sourcegraph/pull/1249)
+  - The documentation for the "exclude" section in the github code host connection schema has been clarified to explain that each block is OR'd together, and the expressions within each block are AND'd together.
+- Fix Azure Devops OnPrem connection editing and repo name [#1184](https://github.com/sourcegraph/sourcegraph/pull/1184)
+- The sync of a GitHub repositoryQuery failing will no longer cause repos to be deleted [#1177](https://github.com/sourcegraph/sourcegraph/pull/1177)
+  - GitHub code host connections using `repositoryQuery` will no longer delete repositories if the sync fails for reasons like a GitHub outage or a token expiring.
+
+#### Sourcegraphaccounts
+
+- use native openidconnect provider [#1030](https://github.com/sourcegraph/sourcegraph/pull/1030)
+
+#### Telemetry
+
+- only log Cody API events to a remote data store, do n… [#1304](https://github.com/sourcegraph/sourcegraph/pull/1304)
+  - OPTIONAL; info at [https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c](https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c)
+
+#### Telemetry-Gateway
+
+- fix configuration [#1129](https://github.com/sourcegraph/sourcegraph/pull/1129)
+
+#### Tenant/Reconciler
+
+- avoid illegal state transitions [#1133](https://github.com/sourcegraph/sourcegraph/pull/1133)
+- double-check assigned instance ID [#1092](https://github.com/sourcegraph/sourcegraph/pull/1092)
+- try to audit log after tenant context creation [#1051](https://github.com/sourcegraph/sourcegraph/pull/1051)
+
+#### Workspaces
+
+- build full redirect_to URL [#1315](https://github.com/sourcegraph/sourcegraph/pull/1315)
+- apply 'secure headers' to SPA [#1313](https://github.com/sourcegraph/sourcegraph/pull/1313)
+
+#### Others
+
+- copy changes to prompt settings [#1286](https://github.com/sourcegraph/sourcegraph/pull/1286)
+- remove call to possibly nil error [#973](https://github.com/sourcegraph/sourcegraph/pull/973)
+
+### Chore
+
+#### Ci
+
+- add TAG_DB_TEST to all go_tests that depends on dbtest [#1288](https://github.com/sourcegraph/sourcegraph/pull/1288)
+- add test task in workflows for dbtest to run on postgres 16 agents [#1287](https://github.com/sourcegraph/sourcegraph/pull/1287)
+- use bazel 7.4.0 [#1284](https://github.com/sourcegraph/sourcegraph/pull/1284)
+- nix - update pg-utils for patch renames [#1172](https://github.com/sourcegraph/sourcegraph/pull/1172)
+- Move //client/svelte:e2e_test to Integration/E2E_test step [#1148](https://github.com/sourcegraph/sourcegraph/pull/1148)
+- upgrade platform rules [#1020](https://github.com/sourcegraph/sourcegraph/pull/1020)
+- move rustfmt flags to ci bazelrc [#1017](https://github.com/sourcegraph/sourcegraph/pull/1017)
+- upgrade rules_ts and rules_js [#1006](https://github.com/sourcegraph/sourcegraph/pull/1006)
+- upgrade aspect rules swc [#988](https://github.com/sourcegraph/sourcegraph/pull/988)
+- update rules rust v0.52.2 [#985](https://github.com/sourcegraph/sourcegraph/pull/985)
+- set test label prefix for backcompat tests [#984](https://github.com/sourcegraph/sourcegraph/pull/984)
+- upgrade rules_buf [#974](https://github.com/sourcegraph/sourcegraph/pull/974)
+- skip check if author is sg teammate [#969](https://github.com/sourcegraph/sourcegraph/pull/969)
+- bazel skylib 1.7.1 [#936](https://github.com/sourcegraph/sourcegraph/pull/936)
+- Upgrade rules_go, gazelle, buildifier_prebuilt & rules_proto [#791](https://github.com/sourcegraph/sourcegraph/pull/791)
+
+#### Code Intelligence
+
+- Remove unused parameter [#1204](https://github.com/sourcegraph/sourcegraph/pull/1204)
+- Rename flag -update -> -update-jobs-snapshots [#1203](https://github.com/sourcegraph/sourcegraph/pull/1203)
+- Use HTTPError type in uploadhandler code paths [#1174](https://github.com/sourcegraph/sourcegraph/pull/1174)
+- Remove unused parameters [#1166](https://github.com/sourcegraph/sourcegraph/pull/1166)
+- Introduce new FileContentsMap type for clarity [#828](https://github.com/sourcegraph/sourcegraph/pull/828)
+- Use consistent casing for op strings [#789](https://github.com/sourcegraph/sourcegraph/pull/789)
+- Clarify state transitions in GetUsages [#755](https://github.com/sourcegraph/sourcegraph/pull/755)
+
+#### Database
+
+- remove residual event_logs export stuff [#864](https://github.com/sourcegraph/sourcegraph/pull/864)
+- drop product_licenses and product_subscriptions [#264](https://github.com/sourcegraph/sourcegraph/pull/264)
+
+#### Database
+
+- OOB migration for setting non-null columns via page [#885](https://github.com/sourcegraph/sourcegraph/pull/885)
+  - An out of band migration is introduced to set slowly set the value of a new column on all tables. If you have a large postgres database for Sourcegraph (1tb+) please ensure you deploy 5.9 instead of doing a multi-version upgrade past it.
+
+#### Dev
+
+- Use clearer names in health server initialization [#1383](https://github.com/sourcegraph/sourcegraph/pull/1383)
+- Make syntactic-code-intel-worker config uniform [#1382](https://github.com/sourcegraph/sourcegraph/pull/1382)
+- Enable metrics for precise-code-intel-worker in dev [#1365](https://github.com/sourcegraph/sourcegraph/pull/1365)
+- Merge fileutil package into fsext [#1351](https://github.com/sourcegraph/sourcegraph/pull/1351)
+- Migrate gitserver APIs from fs.FileInfo to fsext.FileInfo [#1318](https://github.com/sourcegraph/sourcegraph/pull/1318)
+- Introduce new package with FileInfo type [#1317](https://github.com/sourcegraph/sourcegraph/pull/1317)
+- Document footguns around escaping trace data writers [#1291](https://github.com/sourcegraph/sourcegraph/pull/1291)
+- Rename errors.ErrCollector -> errors.Collector [#1265](https://github.com/sourcegraph/sourcegraph/pull/1265)
+- Introduce new o11y-friendly RichError interface [#1264](https://github.com/sourcegraph/sourcegraph/pull/1264)
+- Replace WithErrors -> With for simplicity [#1261](https://github.com/sourcegraph/sourcegraph/pull/1261)
+- Generalize 'observation.With' for custom errors [#1233](https://github.com/sourcegraph/sourcegraph/pull/1233)
+
+#### Gitserver
+
+- Inline one-liner for error checking [#1108](https://github.com/sourcegraph/sourcegraph/pull/1108)
+
+#### Msp
+
+- upgrade openfga dependency [#1357](https://github.com/sourcegraph/sourcegraph/pull/1357)
+
+#### Mt-Router
+
+- disable proxy for s2 [#1186](https://github.com/sourcegraph/sourcegraph/pull/1186)
+- use bazel to run generator [#1065](https://github.com/sourcegraph/sourcegraph/pull/1065)
+- setup sentry for stage environment [#1064](https://github.com/sourcegraph/sourcegraph/pull/1064)
+- add scripts to interact with local kv [#1056](https://github.com/sourcegraph/sourcegraph/pull/1056)
+
+#### Search
+
+- (new web ui) Enable new web UI by default [#1373](https://github.com/sourcegraph/sourcegraph/pull/1373)
+- fix description for KUBERNETES_JOB_STEP_IMAGE [#1360](https://github.com/sourcegraph/sourcegraph/pull/1360)
+- Remove all non-single job pod code from Executors on Kubernetes. [#1163](https://github.com/sourcegraph/sourcegraph/pull/1163)
+  - The environment variable `KUBERNETES_SINGLE_JOB_STEP_IMAGE` is now `KUBERNETES_JOB_STEP_IMAGE`.
+  - Both environment variables are read, with preference given to `KUBERNETES_JOB_STEP_IMAGE`, to preserve backward compatibility, but reading of `KUBERNETES_SINGLE_JOB_STEP_IMAGE` may be removed in a future version.
+- (new web ui) Improve search input CSS [#962](https://github.com/sourcegraph/sourcegraph/pull/962)
+
+#### Security
+
+- Update rules_apko and fix issues with sg wolfi v2 [#901](https://github.com/sourcegraph/sourcegraph/pull/901)
+  - Build containers using latest version of apko and rules_apko
+
+#### Telemetry
+
+- report token usage per request to telemetry [#1165](https://github.com/sourcegraph/sourcegraph/pull/1165)
+  - Added LLM token usage telemetry
+
+#### Telemetrygatewayexporter
+
+- bump default TELEMETRY_GATEWAY_EXPORTER_EXPORT_INTERVAL [#1303](https://github.com/sourcegraph/sourcegraph/pull/1303)
+
+#### Telemetrytest
+
+- add working example [#1274](https://github.com/sourcegraph/sourcegraph/pull/1274)
+
+#### Others
+
+- fix storybook [#1335](https://github.com/sourcegraph/sourcegraph/pull/1335)
+- add searchSource to new search events [#1306](https://github.com/sourcegraph/sourcegraph/pull/1306)
+- make core-services internal/telemetry codeowners [#1272](https://github.com/sourcegraph/sourcegraph/pull/1272)
+- upgrade Mocha from 8.3.4 to ^10 [#1246](https://github.com/sourcegraph/sourcegraph/pull/1246)
+- move web app into child layout group to make room for embedded pages [#1128](https://github.com/sourcegraph/sourcegraph/pull/1128)
+- run prettier [#906](https://github.com/sourcegraph/sourcegraph/pull/906)
+- Upgrade hermetic cc toolchain [#844](https://github.com/sourcegraph/sourcegraph/pull/844)
+- upgrade rules_oci [#818](https://github.com/sourcegraph/sourcegraph/pull/818)
+
+### Test
+
+#### Others
+
+- implement structure for e2e tests [#108](https://github.com/sourcegraph/sourcegraph/pull/108)
+
+### Refactor
+
+#### Cody-Gateway
+
+- support max_completion_tokens for o1 models [#947](https://github.com/sourcegraph/sourcegraph/pull/947)
+  - refactor(cody-gateway): support max_completion_tokens for o1 models
+
+#### Search
+
+- (new web ui) Update folder page table styling [#1221](https://github.com/sourcegraph/sourcegraph/pull/1221)
+
+#### Others
+
+- move all business logic out of context resolvers [#821](https://github.com/sourcegraph/sourcegraph/pull/821)
+
+### Reverts
+
+- revert filtering out deprecated models on server [#-1](https://github.com/sourcegraph/sourcegraph/pull/1267)
+
+### Uncategorized
+
+#### Others
+
+- [Backport 5.9.x] oob: Run without tenant iterator for older versions [#1429](https://github.com/sourcegraph/sourcegraph/pull/1429)
+- Release: Prep stitched migration graph for release (#1388) [#1389](https://github.com/sourcegraph/sourcegraph/pull/1389)
+  - n/a
+- Move cody.serverSideContext out of experimentalFeatures in site config [#1385](https://github.com/sourcegraph/sourcegraph/pull/1385)
+- bugfix: add key to search result file header [#1374](https://github.com/sourcegraph/sourcegraph/pull/1374)
+- gitserver: Parse LastChanged, LastFetched as nulltime [#1372](https://github.com/sourcegraph/sourcegraph/pull/1372)
+- add code llama 7B model for ab test [#1371](https://github.com/sourcegraph/sourcegraph/pull/1371)
+  - adding code llama 7B for completions
+- Hide auto submit checkbox and add promoted badge [#1367](https://github.com/sourcegraph/sourcegraph/pull/1367)
+  - OPTIONAL; info at [https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c](https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c)
+- Enable reranker by default if Gateway is enabled [#1366](https://github.com/sourcegraph/sourcegraph/pull/1366)
+  - Cody Chat: the context engine now uses the reranker by default everywhere where Cody Gateway is enabled.
+- db: Set default permissions to RLS user as well [#1362](https://github.com/sourcegraph/sourcegraph/pull/1362)
+- Remove promote-to-public dependency on bazel-push-images step [#1356](https://github.com/sourcegraph/sourcegraph/pull/1356)
+- release: Only fail SBOM step if all uploads fail [#1355](https://github.com/sourcegraph/sourcegraph/pull/1355)
+- source: Fix code host connection editor validation [#1354](https://github.com/sourcegraph/sourcegraph/pull/1354)
+- bugfix: fix symbol tree hover selector [#1353](https://github.com/sourcegraph/sourcegraph/pull/1353)
+- dev: Exclude generated code from prettier [#1341](https://github.com/sourcegraph/sourcegraph/pull/1341)
+- Prompt library: fix input description for prompt name [#1337](https://github.com/sourcegraph/sourcegraph/pull/1337)
+- workspaces: Various mini fixes and a landing page [#1336](https://github.com/sourcegraph/sourcegraph/pull/1336)
+- tenant: Fix gRPC in local dev [#1334](https://github.com/sourcegraph/sourcegraph/pull/1334)
+- Reapply "worker: Fix configuration error reporting" [#1311](https://github.com/sourcegraph/sourcegraph/pull/1311)
+- Search: document choice for ZoektScoreBoost [#1310](https://github.com/sourcegraph/sourcegraph/pull/1310)
+- bugfix: escape file paths [#1308](https://github.com/sourcegraph/sourcegraph/pull/1308)
+- Change clickable elements to buttons [#1298](https://github.com/sourcegraph/sourcegraph/pull/1298)
+- Allow users to insert chips according to cursor position [#1296](https://github.com/sourcegraph/sourcegraph/pull/1296)
+- Change prompt creation flow feature flag name [#1294](https://github.com/sourcegraph/sourcegraph/pull/1294)
+- Pass Context to scip-syntax invocation to propagate cancellation [#1290](https://github.com/sourcegraph/sourcegraph/pull/1290)
+- gomod: bump Zoekt for metrics improvement [#1276](https://github.com/sourcegraph/sourcegraph/pull/1276)
+- Redis: rename RedisWrapper [#1273](https://github.com/sourcegraph/sourcegraph/pull/1273)
+- connectutil: UnexpectedError handler [#1271](https://github.com/sourcegraph/sourcegraph/pull/1271)
+- Add recommended flag to Prompt Templates [#1268](https://github.com/sourcegraph/sourcegraph/pull/1268)
+  - Adds ability to mark prompts as recommended and then sort the recommended prompts at the top.
+- bugfix: remove possibility of infinite recursion from the symbol tree [#1256](https://github.com/sourcegraph/sourcegraph/pull/1256)
+- Update cody web to 0.10.0 [#1254](https://github.com/sourcegraph/sourcegraph/pull/1254)
+- bugfix: use short OID for file popover [#1242](https://github.com/sourcegraph/sourcegraph/pull/1242)
+- Remove outdated install instructions for sg [#1227](https://github.com/sourcegraph/sourcegraph/pull/1227)
+- site: Fix missing unredaction in site config [#1226](https://github.com/sourcegraph/sourcegraph/pull/1226)
+- Update the sg docs link [#1225](https://github.com/sourcegraph/sourcegraph/pull/1225)
+- multi-tenant: support synchronized user sign-out [#1222](https://github.com/sourcegraph/sourcegraph/pull/1222)
+- sg: Fix db reset with default local settings [#1217](https://github.com/sourcegraph/sourcegraph/pull/1217)
+- db: Improve error message for failed version update [#1216](https://github.com/sourcegraph/sourcegraph/pull/1216)
+- Only push final images on specific default runtypes [#1211](https://github.com/sourcegraph/sourcegraph/pull/1211)
+- OpenaI completions response type fixing for gpt-3.5-turbo-instruct and gpt-4o-mini [#1207](https://github.com/sourcegraph/sourcegraph/pull/1207)
+- sg: Always run with lower privileges in dev [#1197](https://github.com/sourcegraph/sourcegraph/pull/1197)
+- tenant: Deactivate OOB migrations [#1192](https://github.com/sourcegraph/sourcegraph/pull/1192)
+- Update Enterprise footer link on dotcom [#1191](https://github.com/sourcegraph/sourcegraph/pull/1191)
+- bugfix: escape spaces in repo filter names [#1187](https://github.com/sourcegraph/sourcegraph/pull/1187)
+  - Fixed a bug that would cause filters added from the search sidebar to not be correctly escaped
+- Attempt to fix flaky database test [#1181](https://github.com/sourcegraph/sourcegraph/pull/1181)
+- chore/search - Remove runner.Spec.Image and use command.Spec.Image instead [#1161](https://github.com/sourcegraph/sourcegraph/pull/1161)
+- dev: Disable otel in MT dev [#1157](https://github.com/sourcegraph/sourcegraph/pull/1157)
+- bug(release): remove semver check for release branch in `sg backport`  [#1156](https://github.com/sourcegraph/sourcegraph/pull/1156)
+- Make GetCodyContextAlternatives usable for evals [#1152](https://github.com/sourcegraph/sourcegraph/pull/1152)
+- multi-tenant: list workspaces for the authenticated user [#1146](https://github.com/sourcegraph/sourcegraph/pull/1146)
+- saml: Prevent logspam from context cancel [#1143](https://github.com/sourcegraph/sourcegraph/pull/1143)
+- sg: Update localdev migration [#1132](https://github.com/sourcegraph/sourcegraph/pull/1132)
+- tenant: Exclude product subscription tables from OOB migrator [#1124](https://github.com/sourcegraph/sourcegraph/pull/1124)
+- Add prompt mode [#1123](https://github.com/sourcegraph/sourcegraph/pull/1123)
+  - Adds mode (CHAT, EDIT, INSERT) to prompt.
+- gitserver: Clarify annotated tags behavior in ResolveRevision [#1107](https://github.com/sourcegraph/sourcegraph/pull/1107)
+- Rate limit: rename GlobalLimiter to DistributedLimiter [#1100](https://github.com/sourcegraph/sourcegraph/pull/1100)
+- Rate limit: make GlobalLimiter tenant-aware [#1099](https://github.com/sourcegraph/sourcegraph/pull/1099)
+- saml: Fix nil panic [#1098](https://github.com/sourcegraph/sourcegraph/pull/1098)
+- tenant: Disable migrator for ranking tables [#1097](https://github.com/sourcegraph/sourcegraph/pull/1097)
+- Rate limit: avoid using KeyValue within GlobalLimiter [#1082](https://github.com/sourcegraph/sourcegraph/pull/1082)
+- Rate limit: simplify inMemoryLimiter [#1081](https://github.com/sourcegraph/sourcegraph/pull/1081)
+- tenant: Use frozen schema for OOB migration [#1077](https://github.com/sourcegraph/sourcegraph/pull/1077)
+- Make user emails soft-deletable [#1071](https://github.com/sourcegraph/sourcegraph/pull/1071)
+- Fix prompt duplication name [#1067](https://github.com/sourcegraph/sourcegraph/pull/1067)
+- sg: Add no-open flag to workspaces create [#1057](https://github.com/sourcegraph/sourcegraph/pull/1057)
+- Creating/Editing Prompts Re-design [#1054](https://github.com/sourcegraph/sourcegraph/pull/1054)
+  - The prompt creation/edit page has been redesigned.
+- GraphQL: remove anonymous rate limiter [#1052](https://github.com/sourcegraph/sourcegraph/pull/1052)
+- oob: Make out of band migration runner tenant-aware [#1047](https://github.com/sourcegraph/sourcegraph/pull/1047)
+- Fix the CTA to point to chat [#1044](https://github.com/sourcegraph/sourcegraph/pull/1044)
+- Fix bug where text pushed buttons out of the container [#1043](https://github.com/sourcegraph/sourcegraph/pull/1043)
+- dev: Implement wrangler router provider [#1035](https://github.com/sourcegraph/sourcegraph/pull/1035)
+- router: Ensure HTTPS protocol on auth redirect [#1034](https://github.com/sourcegraph/sourcegraph/pull/1034)
+- workspaces: Fix race condition registering state listener [#1033](https://github.com/sourcegraph/sourcegraph/pull/1033)
+- dev: Introduce devDNS helper to resolve testdomains [#1029](https://github.com/sourcegraph/sourcegraph/pull/1029)
+- Add ability to duplicate existing prompts [#1022](https://github.com/sourcegraph/sourcegraph/pull/1022)
+  - Users can now duplicate existing prompts.
+- GraphQL: simplify rate limit interface [#1021](https://github.com/sourcegraph/sourcegraph/pull/1021)
+- Add autoSubmit & includeViewerDrafts to Cody prompts [#1003](https://github.com/sourcegraph/sourcegraph/pull/1003)
+  - Adds options to set prompts to "Auto Submit", which would automatically execute the prompts in one-click.
+- vsce: patch release v2.2.19 [#1002](https://github.com/sourcegraph/sourcegraph/pull/1002)
+- workspacesreconciler: fix grpc tls transport [#1000](https://github.com/sourcegraph/sourcegraph/pull/1000)
+- tenant: Move externalhttp to separate package [#996](https://github.com/sourcegraph/sourcegraph/pull/996)
+- goroutine: reenable recording when multitenancy is enabled [#995](https://github.com/sourcegraph/sourcegraph/pull/995)
+- Rename globaldbtenant to servicetenant [#994](https://github.com/sourcegraph/sourcegraph/pull/994)
+- ci/mt-router: add bazel build [#990](https://github.com/sourcegraph/sourcegraph/pull/990)
+- Search: populate rev in select repo [#989](https://github.com/sourcegraph/sourcegraph/pull/989)
+- Search: correct has.commit.after query example [#987](https://github.com/sourcegraph/sourcegraph/pull/987)
+- mt-router: import repo [#986](https://github.com/sourcegraph/sourcegraph/pull/986)
+- tenant: add mt-router to local dev [#968](https://github.com/sourcegraph/sourcegraph/pull/968)
+- tenant: Remove tenant auth redirect in monolith [#967](https://github.com/sourcegraph/sourcegraph/pull/967)
+- Do not fail if link parsing fails in relative fix processing [#966](https://github.com/sourcegraph/sourcegraph/pull/966)
+- dev/msp: improve tfc creation error message [#964](https://github.com/sourcegraph/sourcegraph/pull/964)
+- goroutine: remove unused support for concurrency [#963](https://github.com/sourcegraph/sourcegraph/pull/963)
+- ci: Bump backcompat test target to 5.8.0 [#954](https://github.com/sourcegraph/sourcegraph/pull/954)
+- tenant: Mark tenant as initialized in db [#950](https://github.com/sourcegraph/sourcegraph/pull/950)
+- bug(release): workspace cash time dance [#948](https://github.com/sourcegraph/sourcegraph/pull/948)
+- tenant: Fix missing tenant in auth check [#933](https://github.com/sourcegraph/sourcegraph/pull/933)
+- db: Use non-superuser in DB tests [#930](https://github.com/sourcegraph/sourcegraph/pull/930)
+- db: Migrator can provision RLS user permissions [#919](https://github.com/sourcegraph/sourcegraph/pull/919)
+- ci: Bump backcompat target to 5.7 [#916](https://github.com/sourcegraph/sourcegraph/pull/916)
+- sg: Add default tenant to hosts [#915](https://github.com/sourcegraph/sourcegraph/pull/915)
+- remove "Don't commit private code yet" from PR template [#908](https://github.com/sourcegraph/sourcegraph/pull/908)
+- "Prompt Library" in navbar (capitalize the L for consistency) [#907](https://github.com/sourcegraph/sourcegraph/pull/907)
+- Blob View: Ensure copy button copies full path and not displayed path [#903](https://github.com/sourcegraph/sourcegraph/pull/903)
+  - Fixes a bug where certain copy path buttons were only copying the visible path and not the full path of a file.
+- sg: Fix reference to deleted table in localdev MT migration [#898](https://github.com/sourcegraph/sourcegraph/pull/898)
+- tenant: Separate store package and create tenant1, tenant2 via workspaces [#897](https://github.com/sourcegraph/sourcegraph/pull/897)
+- Tenant: skip some global Prometheus metrics [#892](https://github.com/sourcegraph/sourcegraph/pull/892)
+- sg: Fix startup of workspaces service [#891](https://github.com/sourcegraph/sourcegraph/pull/891)
+- ci: do not run executors e2e for eph [#886](https://github.com/sourcegraph/sourcegraph/pull/886)
+- Perforce IP enforcement integration test [#876](https://github.com/sourcegraph/sourcegraph/pull/876)
+- goroutine: Make iterator required [#875](https://github.com/sourcegraph/sourcegraph/pull/875)
+- dev/msp: add project id validation [#874](https://github.com/sourcegraph/sourcegraph/pull/874)
+- db: Drop unused user_public_repos table [#873](https://github.com/sourcegraph/sourcegraph/pull/873)
+- Deprecate long-running OOB migrations [#872](https://github.com/sourcegraph/sourcegraph/pull/872)
+- lib/cloudapi: add support for multi tenant mode [#871](https://github.com/sourcegraph/sourcegraph/pull/871)
+- event_logs: add new `aggregatedMetrics` ping [#869](https://github.com/sourcegraph/sourcegraph/pull/869)
+- Redis: refactor rcache interface [#860](https://github.com/sourcegraph/sourcegraph/pull/860)
+- Add extra reranker metrics to Gateway events [#838](https://github.com/sourcegraph/sourcegraph/pull/838)
+- Sourcegraph teammate approval GH action [#824](https://github.com/sourcegraph/sourcegraph/pull/824)
+- Redis: remove KEYS call in completions token usage [#820](https://github.com/sourcegraph/sourcegraph/pull/820)
+- tenant: Properly initialize RBAC [#754](https://github.com/sourcegraph/sourcegraph/pull/754)
+- sg: Provision RLS user during setup [#749](https://github.com/sourcegraph/sourcegraph/pull/749)
+- tenant: Add database migration to enable RLS policies [#743](https://github.com/sourcegraph/sourcegraph/pull/743)
+- tenant: Add workspace ID and display name [#741](https://github.com/sourcegraph/sourcegraph/pull/741)
+- tenant: Check that all tables have RLS policy set [#734](https://github.com/sourcegraph/sourcegraph/pull/734)
+- tenant: Simplify dev migration [#726](https://github.com/sourcegraph/sourcegraph/pull/726)
+- db: Mark tenant_id columns as non-nullable [#707](https://github.com/sourcegraph/sourcegraph/pull/707)
+- feature: add internal/tracelog: a log.Logger that only logs if tracing is enabled [#634](https://github.com/sourcegraph/sourcegraph/pull/634)
+  - Added a new `internal/tracelog` package that provides a conditional logger for tracing. This logger only logs when tracing is enabled, improving performance by reducing unnecessary logging.
+- Hackathon: SBOMs feat. bazel [#566](https://github.com/sourcegraph/sourcegraph/pull/566)
+  - feature(security): Publish SBOMs for Sourcegraph releases
+- tenant: Unique constraint migration [#430](https://github.com/sourcegraph/sourcegraph/pull/430)
+- security: Auto-update package lockfiles for Sourcegraph base images [#246](https://github.com/sourcegraph/sourcegraph/pull/246)
+- (feature): site-config: add ipParseCacheSize to schema for enforce IP restrictions schema [#220](https://github.com/sourcegraph/sourcegraph/pull/220)
+  - Added a new `ipParseCacheSize` configuration option for sub-repo permissions to control the caching of Perforce "Host" to IP address translations.
+- feature/source: implement core logic for parsing / evaluating Perforce IP addresses for sub repo permissions [#46](https://github.com/sourcegraph/sourcegraph/pull/46)
+  - For the Perforce IP permissions implementation, this PR introduces machinery that implements the ability to parse the [IP address expressions from the perforce protections table](https://www.perforce.com/manuals/p4sag/Content/P4SAG/protections.set.html#IP_address) and compare them against the user's IP address (that's advertised from the incoming X-FORWARDED-FOR header.Namely, this PR:
+  - Introduced parsePerforceIPString, which parses Perforce IP strings (e.g., CIDR expressions, specific IP addresses) into an ipMatcher for IP validation.
+  - Implemented multiple ipMatcher types, including:
+    - addrMatcher for exact IP matches.
+    - cidrMatcher for checking IPs within a CIDR range.
+    - alwaysTrueMatcher for wildcard * expressions.
+  - Added toggleableIPMatcher, which either enables or disables IP enforcement based on site configuration settings.
+  - Created matcherCache for caching recent IP string to ipMatcher translations, improving efficiency.
+  - Updated NewRequestClientIPSource to properly derive IP from the x-forwarded-for header.
+- feature/site-config: add site configuration setting for enforcing IP restrictions [#45](https://github.com/sourcegraph/sourcegraph/pull/45)
+  - Added enforceIPRestrictions setting to the SubRepoPermissions section in site configuration, allowing IP-based enforcement using the X-FORWARDED-FOR header.Updated JSON schema to require SubRepoPermissions to be enabled when enforceIPRestrictions is enabled.Added validation in Perforce external service configuration to ensure IgnoreRulesWithHost and enforceIPRestrictions cannot be enabled simultaneously.Updated internal implementation to associate each Perforce rule with an IPMatcher for IP-based rule enforcement.
+- feature/plumbing: sub_repo_perms: do pumbling to thread comparing IP addresses alongside paths [#23](https://github.com/sourcegraph/sourcegraph/pull/23)
+  -
+
+### Untracked
+
+The following PRs were merged onto the previous release branch but could not be automatically mapped to a corresponding commit in this release:
+
+- check for external dbs (#1083) [#1121](https://github.com/sourcegraph/sourcegraph/pull/1121)
+- bug(release): workspace cash time dance (#948) [#949](https://github.com/sourcegraph/sourcegraph/pull/949)
+
+{/* RSS={"version":"v5.9.0", "releasedAt": "2024-11-04"} */}
+
+
 
 # Sourcegraph 5 Release 8 Patch 1