The mechanism
Generic agents know files. Findry understands the software estate.
The Engineering Memory Graph is the mechanism that makes autonomous change safe. It spans code, APIs, events, database tables, ownership, deployments, incidents, and tickets, and every single connection carries its proof. AI coding is commoditised; the defensible thing is this evidence-backed understanding of the whole software estate. The graph is the moat.
Every trusted edge is backed by a piece of immutable evidence.
This is the invariant the whole system is built on. An edge exists as trusted only because a concrete artifact, a parsed annotation, a config, a confirmed observation, justifies it. Remove the evidence and the edge cannot exist. This is a database constraint, not a convention.
An edge is trusted only because a piece of immutable evidence justifies it. Remove the evidence and the edge cannot exist: this is a database constraint, not a convention.
Evidence · immutable
- repo
- checkout-service
- path
- src/…/PaymentClient.java
- lines
- 12–18
- extractor
- [email protected]
- snippet_hash
- sha256:9f2ac1…
@FeignClient("payment-service")
interface PaymentClient {
@PostMapping("/payments/authorize")
AuthResp authorize(AuthReq req);
}Provenance, confidence, and freshness travel with every edge.
It is an Evidence-backed dependency graph: each edge records where it came from, how confident the extractor was, what status that confidence resolves to, and when it was last confirmed.
- confidence
- 0.00 – 1.00· extractor-declared, mono, two decimals
- source_kind
- static-parse · config · llm-inferred · human-confirmed
- status
- trusted · candidate · weak · rejected· derived by threshold
- created_by
- extractor@version · ai · human
- last_verified
- scan @ commit SHA· freshness, anti-CMDB-rot
LLM output is never evidence. Anything AI-inferred enters as llm-inferred and is capped below trusted status until a human confirms it. Parser-first, always.
A graph that evolves with the code instead of rotting like a CMDB.
Every scan pins a commit SHA. An edge that stops being re-confirmed by later scans is flagged stale and demoted below trusted, so the graph never quietly asserts a dependency that no longer exists. A CMDB rots because nothing forces it to stay true; this graph demotes anything the evidence stops supporting.
The result is an evidence-graded model an autonomous change can trust: correct enough to scope a change the first time, and honest about what it does not yet know.
See the graph drive a real change in how it works, or read where it sits in the platform.
Questions we get asked.
- What is an Engineering Memory Graph?
- An Engineering Memory Graph is an evidence-backed dependency graph of the whole software estate. It spans code, APIs, events, database tables, ownership, deployments, incidents, and tickets, and every single connection carries its proof. It is the mechanism that makes autonomous change safe, because a change can be scoped from evidence before anyone writes code.
- How is it different from a CMDB or service catalog?
- Unlike a CMDB or service catalog, every edge is evidence-backed and re-verified per scan at a commit SHA. An edge that stops being re-confirmed by later scans is flagged stale and demoted below trusted, instead of rotting silently. A CMDB rots because nothing forces it to stay true; this graph demotes anything the evidence stops supporting.
- What makes an edge trusted?
- An edge is trusted only because a piece of immutable evidence justifies it and its confidence clears the threshold. Remove the evidence and the edge cannot exist: this is a database constraint, not a convention. LLM output is never evidence, so anything AI-inferred enters as llm-inferred and is capped below trusted until a human confirms it.