Map it deterministically
Codna traces calls, imports, and blast radius across the whole repo in about 60ms for zero LLM tokens — no docs, embeddings, or tribal knowledge required.
Old code nobody fully understands is risky to touch. Codna maps the whole repo deterministically in about 60ms, so a fix starts from the actual structure — not from someone's memory of how it used to work. It is the AI pair programmer that reads the legacy code for you before it changes a line.
The problem
A decade-old module, no docs, the original authors long gone. To understand legacy code well enough to fix it safely, you trace calls by hand, grep for symbols, and rebuild a mental model that lives in nobody's head anymore — and one change can still break something three call hops away. Most AI tools make this worse: they read the whole codebase into a model, which is slow, lossy, and still misses the implicit connections that matter. That is why legacy code refactoring with AI so often produces confident patches that quietly break a caller no one was watching. Codna builds the dependency and blast-radius graph from the code itself, so the agent fixes from evidence instead of inheriting tribal knowledge nobody has.
How Codna fixes it
Codna traces calls, imports, and blast radius across the whole repo in about 60ms for zero LLM tokens — no docs, embeddings, or tribal knowledge required.
The agent gets the suspect functions, their callers, and what a change would touch — about 600 tokens instead of the entire codebase, so it reasons about the real cause, not a vague summary.
Codna runs the project's own suite and only ships the patch when it passes — so an old codebase stays green and an unrelated regression is caught, not shipped.
codna fix . --issue "null pointer in legacy invoice export, no docs"
What you get
The deterministic engine builds the dependency and blast-radius graph from the source itself in ~60ms for zero LLM tokens — so you understand legacy code without reading it all or paying to embed it.
Instead of pushing the whole repo into the model, Codna hands the agent a measured ~600-token bundle — 162x less context than the raw code — so the fix is scoped to the actual cause.
The blast-radius graph shows what a change reaches, and Codna runs your existing suite before anything lands — at roughly $0.04 per verified fix.
The proof
Yes, if it works from structure rather than guesswork. Codna's deterministic map is built from the code itself, so it surfaces the dependencies and blast radius of a change without any docs, comments, or prior knowledge of the project — then verifies the fix against whatever tests exist.
Most AI tools read the whole codebase into a model to guess at structure, which is slow and lossy on old code. Codna resolves the dependency graph deterministically first, hands the agent a ~600-token evidence bundle, and gates the patch on your test suite — so a refactor or fix is grounded in the real call graph, not a summary.
It traces calls, imports, and blast radius across the whole repo in about 60ms for zero tokens, then shows the suspect functions and their callers. You see exactly what a change touches before a single line moves.
Codna verifies against whatever tests exist; the more coverage a change touches, the stronger the gate. Where a path is untested, the tight evidence bundle still keeps the fix scoped to the real cause instead of a broad rewrite.
The blast-radius graph shows exactly what a change reaches, and the test gate runs before anything lands — so unrelated regressions in old code are caught, not shipped.
However it fits your workflow: the CLI for a one-off fix, an MCP server inside Cursor or Claude, or the native GitHub App to triage and patch on a PR. Private setups can self-host with BYOK, fail-closed egress, and no training on your code.
Related