Architecture

Data and storage

Understand what LegionCode stores for product state, credentials, run history, and review.

LegionCode stores enough state to authenticate users, connect repositories, run tasks, and reconstruct review history. Browser storage may cache UI state, but product state lives on the server.

Product data

Server-side product data includes:

  • user identity and session records;
  • connected repositories and selected branches;
  • encrypted provider credential records and connection status;
  • run metadata, transcripts, tool activity, and review artifacts;
  • permission decisions and Git action metadata.

Secrets are stored separately from the metadata returned to the browser. API responses should expose status and fingerprints, not secret values.

Runtime data

Runtime state tracks active execution, streaming events, and run-specific coordination. Keep bug reports focused on sanitized identifiers and error messages; do not include private repository contents or provider credentials.

If a run fails, its transcript and review metadata should remain available so you can understand what happened before retrying.

Migrations

Database migrations live in the repository and should be applied deliberately before deploying code that depends on new schema.

For production, prefer a manual migration step with verification. Do not mark a failed migration as complete without inspecting the exact statement that failed.

PreviousExecution and isolationNextLocal development