> ## Documentation Index
> Fetch the complete documentation index at: https://docs.getmilana.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Codebase Integration

> Connect your repositories so the Milana agent can read code alongside your session data.

Connect your codebase so the Milana agent can read source-level context — components, events, and flows — when investigating sessions.

Connecting your codebase is **optional**, but it unlocks a set of deeper workflows:

* **Source-aware analysis** — the agent can read your actual components, event names, and flows when investigating sessions, instead of guessing from the recording alone.
* **Automatic context gathering** — the agent picks up new events and product surfaces from your code so you don't have to brief it each time.
* **Launch monitoring** *(coming soon)* — Milana watches new releases land in your repos and automatically runs queries against the sessions that follow.

## Connect your repositories

<Steps>
  <Step title="Open product settings">
    Open [Settings](https://app.getmilana.ai/settings) in the Milana dashboard and scroll to the **GitHub** section.
  </Step>

  <Step title="Install the GitHub App">
    Click **Connect GitHub**. You'll be redirected to GitHub to install the **Milana** app on the organization that owns your repos. Choose **All repositories** or **Only select repositories**, then approve. You'll be returned to Milana once the install completes.
  </Step>

  <Step title="Link repositories to this product">
    Back in Milana, click **Add repository**, choose a repo from the list, and add a short note describing what part of the product this repo covers. The agent uses this note to understand the repo's role in your product.
  </Step>
</Steps>

## Security & privacy

Codebase access is scoped to the repos you choose and ephemeral by design.

### Scoped access

The Milana GitHub App is scoped to the repositories you explicitly select in GitHub's install screen — it cannot see or touch repos you didn't grant. Within those repos, the app can read source code and pull request data, and open pull requests on your behalf when you ask it to. You can change the repo selection or uninstall the app at any time from your GitHub organization settings.

### No source code stored at rest

Milana's database stores **only** repository metadata: the repo's owner, name, and default branch. Source code is **never** persisted to Milana's database, object storage, or search indexes.

### Ephemeral, isolated sandboxes

When the agent needs to read your code, it does so inside an isolated sandbox provisioned for a single session:

* A short-lived (1-hour) GitHub installation token is minted per session and passed to git via a credential helper. Tokens never land in process arguments, shell history, or `.git/config` inside the sandbox.
* Repositories are shallow-cloned (last 30 days of history) to minimize footprint.
* Source code does not survive sandbox deletion.

### Encryption

All traffic between your repositories, Milana, and the sandbox runs over TLS. Repository metadata stored in Milana's database is encrypted at rest.

### Revocation

You can sever access at any time:

1. **Per-repo, per-product** — unlink the repo from the product in **Settings → GitHub**.
2. Uninstall the Milana GitHub App from your GitHub organization.

If you have questions about how a specific part of your codebase is handled, email [help@getmilana.ai](mailto:help@getmilana.ai).
