legion-data 1.2.0 → 1.3.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '09d8c21be1d2410f76565f4fabd1fee21160f35bd58912cc98bcc8ad63fa52a3'
-  data.tar.gz: 86524c9bfad846debf51cdd225e2e021af50649803ebf18d5c92392bf8a10ec2
+  metadata.gz: d10f18bacc47360ad1829628bffc116ecbeea74b0b49359f1cee7fba0a7e9d44
+  data.tar.gz: e13f4acfa8992e3a00129322fef794b80877f723e0c59210016f64fee57c5cae
 SHA512:
-  metadata.gz: 7d59b15c21ad79a121342bd58c794efb6a4805bc3b2e57f11c095794c69d5f03ff5152429b48f78c9484444085be91b3f320ccd58c5072257a70bb27809c019c
-  data.tar.gz: 5218ff04d17b9b8a0e4a9ad8fb5e968d8421f869e58abf4ddf8356d76d377d2a4a027c938627a667011d503f6206e07ea4e1b7963a65391c8ddef698ccfcb53a
+  metadata.gz: 0e61649208294598ecdf19ffca469cba3db7b77d31e0e0a065e4c82e47949e4ea87aa291c5fae18970318e0c27ac1dfcd7eb53143bd7b5acc279eb84c0f2b231
+  data.tar.gz: 7692efc8d123ad178c3f3a66531723518e0fac2cb5999d01833bfa472ac8eb5bee06289dd193886fe66c369f3d49ebff689e68267eff4ab030ce746377a6c9a3

data/.github/workflows/ci.yml

@@ -0,0 +1,16 @@
+name: CI
+on:
+  push:
+    branches: [main]
+  pull_request:
+
+jobs:
+  ci:
+    uses: LegionIO/.github/.github/workflows/ci.yml@main
+
+  release:
+    needs: ci
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    uses: LegionIO/.github/.github/workflows/release.yml@main
+    secrets:
+      rubygems-api-key: ${{ secrets.RUBYGEMS_API_KEY }}

data/.gitignore

@@ -13,3 +13,8 @@
 # rspec failure tracking
 .rspec_status
 legionio.key
+# logs and OS artifacts
+legion.log
+.DS_Store
+# SQLite database files
+*.db

data/.rubocop.yml

@@ -1,22 +1,51 @@
+AllCops:
+  TargetRubyVersion: 3.4
+  NewCops: enable
+  SuggestExtensions: false
+
 Layout/LineLength:
-  Max: 120
-  Exclude:
-    - 'lib/legion/data/migrations/*.rb'
+  Max: 160
+
+Layout/SpaceAroundEqualsInParameterDefault:
+  EnforcedStyle: space
+
+Layout/HashAlignment:
+  EnforcedHashRocketStyle: table
+  EnforcedColonStyle: table
+
 Metrics/MethodLength:
-  Max: 30
+  Max: 50
+
 Metrics/ClassLength:
   Max: 1500
-Metrics/AbcSize:
-  Max: 34
+
+Metrics/ModuleLength:
+  Max: 1500
+
 Metrics/BlockLength:
-  Max: 50
+  Max: 40
   Exclude:
-    - 'lib/legion/data/migrations/*'
+    - 'spec/**/*'
+    - 'lib/legion/data/migrations/**/*'
+
+Metrics/AbcSize:
+  Max: 60
+
+Metrics/CyclomaticComplexity:
+  Max: 15
+
+Metrics/PerceivedComplexity:
+  Max: 17
+
 Style/Documentation:
   Enabled: false
-AllCops:
-  TargetRubyVersion: 2.5
-  NewCops: enable
-  SuggestExtensions: false
+
+Style/SymbolArray:
+  Enabled: true
+
 Style/FrozenStringLiteralComment:
+  Enabled: true
+  EnforcedStyle: always
+
+Naming/FileName:
   Enabled: false

data/CHANGELOG.md

@@ -1,4 +1,83 @@
 # Legion::Data Changelog
 
+## v1.3.7
+
+### Added
+- Migration 020: `webhooks`, `webhook_deliveries`, `webhook_dead_letters` tables
+
+### Fixed
+- Migration 019: guard against duplicate column adds when `record_hash` already exists from migration 017
+
+## v1.3.6
+
+### Added
+- Migration 019: adds `record_hash`, `previous_hash`, `retention_tier` columns to `audit_log`
+
+## v1.3.5
+
+### Added
+- `Legion::Data::EventStore`: append-only governance event store with stream semantics
+- Hash chain integrity verification for tamper detection
+- `EventStore::Projection` base class with `build_from` stream replay
+- `ConsentState` projection: rebuild consent state from event history
+- `GovernanceTimeline` projection: chronological governance event timeline
+- Migration 018: governance_events table with stream/sequence indexing
+
+## v1.3.4
+
+### Added
+- `Legion::Data::Encryption::Cipher`: AES-256-GCM with versioned binary format, random IV, and AAD
+- `Legion::Data::Encryption::KeyProvider`: Vault-backed key derivation with local fallback for dev mode
+- `Legion::Data::Encryption::SequelPlugin`: transparent `encrypted_column` DSL for Sequel models
+- Per-tenant key scope support for cryptographic erasure compliance
+
+## v1.3.3
+
+### Added
+- Migration 017: `audit_log` table with SHA-256 hash chain columns (`record_hash`, `prev_hash`)
+- `Legion::Data::Model::AuditLog` immutable Sequel model with event type/status validation
+- Indexes on `event_type`, `principal_id`, and `created_at` for audit query performance
+
+## v1.3.2
+
+### Added
+- Migration 016: worker health columns (`health_status`, `last_heartbeat_at`, `health_node` on digital_workers; `metrics`, `hosted_worker_ids`, `version` on nodes)
+- `DigitalWorker#health_status` validation against `HEALTH_STATUSES` (`online`, `offline`, `unknown`)
+- `DigitalWorker#online?` and `DigitalWorker#offline?` convenience methods
+- `Node#parsed_metrics` and `Node#parsed_hosted_worker_ids` JSON deserialization helpers
+
+## v1.3.1
+
+### Added
+- Migration 015: RBAC tables (rbac_role_assignments, rbac_runner_grants, rbac_cross_team_grants)
+- `Legion::Data::Model::RbacRoleAssignment` Sequel model with expiry and validation
+- `Legion::Data::Model::RbacRunnerGrant` Sequel model with actions_list helper
+- `Legion::Data::Model::RbacCrossTeamGrant` Sequel model with cross-team validation
+
+## v1.3.0
+
+### Added
+- `Legion::Data::Local` module — parallel local SQLite database for agentic cognitive state persistence
+- TimestampMigrator-based migration registration for per-extension local schemas
+- `Legion::Data::Local.model(:table)` helper for local-bound Sequel models
+- Dev mode fallback: shared DB falls back to SQLite when `dev_mode: true` and network DB unreachable
+- New settings: `data.local.enabled`, `data.local.database`, `data.dev_mode`, `data.dev_fallback`
+- `Legion::Data.local` accessor for the Local module
+- Local connection lifecycle wired into `Legion::Data.setup` / `.shutdown`
+- 13 new specs (62 total)
+
+## v1.2.2
+
+### Added
+- Migration 014: add missing columns to `relationships` table (`delay`, `chain_id`, `debug`, `allow_new_chains`, `conditions`, `transformation`, `active`) required by lex-tasker query helpers
+
+## v1.2.1
+
+### Added
+- Migration 013: `relationships` table with trigger/action foreign keys to functions
+- `Legion::Data::Model::Relationship` Sequel model with trigger/action associations
+- Relationship model registered in model loader (loaded before Task for association resolution)
+- Uncommented `trigger_relationships` and `action_relationships` associations on Function model
+
 ## v1.2.0
-Moving from BitBucket to GitHub inside the Optum org. All git history is reset from this point on
+Moving from BitBucket to GitHub. All git history is reset from this point on

data/CLAUDE.md

@@ -0,0 +1,199 @@
+# legion-data: Persistent Storage for LegionIO
+
+**Repository Level 3 Documentation**
+- **Parent**: `/Users/miverso2/rubymine/legion/CLAUDE.md`
+
+## Purpose
+
+Manages persistent database storage for the LegionIO framework. Supports SQLite (default), MySQL, and PostgreSQL via Sequel ORM. Provides automatic schema migrations and data models for extensions, functions, runners, nodes, tasks, settings, digital workers, task relationships, and Apollo shared knowledge tables (PostgreSQL only). Also provides a parallel local SQLite database (`Legion::Data::Local`) for agentic cognitive state persistence.
+
+**GitHub**: https://github.com/LegionIO/legion-data
+**License**: Apache-2.0
+
+## Supported Databases
+
+| Database | Adapter | Gem | Use Case |
+|----------|---------|-----|----------|
+| SQLite | `sqlite` | `sqlite3` (bundled) | Default, dev/test, single-node |
+| MySQL | `mysql2` | `mysql2` (optional) | Production |
+| PostgreSQL | `postgres` | `pg` (optional) | Production |
+
+Adapter is set via `Legion::Settings[:data][:adapter]`. All migrations use Sequel DSL for cross-database compatibility.
+
+## Architecture
+
+```
+Legion::Data (singleton module)
+├── .setup             # Connect, migrate, load models, setup cache, setup local
+├── .connection        # Sequel database handle (shared/central)
+├── .local             # Legion::Data::Local accessor
+├── .shutdown          # Close both connections
+│
+├── Connection         # Sequel database connection management (shared)
+│   ├── .adapter       # Reads from settings (sqlite, mysql2, postgres)
+│   ├── .setup         # Establish connection (dev_mode fallback to SQLite if network DB unreachable)
+│   ├── .sequel        # Raw Sequel::Database accessor
+│   └── .shutdown      # Close connection
+│
+├── Local              # Local SQLite database for agentic cognitive state
+│   ├── .setup         # Lazy init — creates legionio_local.db on first access
+│   ├── .connection    # Sequel::SQLite::Database handle
+│   ├── .connected?    # Whether local DB is active
+│   ├── .db_path       # Path to the local SQLite file
+│   ├── .model(:table) # Create Sequel::Model bound to local connection
+│   ├── .register_migrations(name:, path:) # Extensions register their migration dirs
+│   ├── .shutdown      # Close local connection
+│   └── .reset!        # Clear all state (testing)
+│
+├── Migration          # Auto-migration system (14 migrations, Sequel DSL)
+│   └── migrations/
+│       ├── 001_add_schema_columns
+│       ├── 002_add_nodes
+│       ├── 003_add_settings
+│       ├── 004_add_extensions
+│       ├── 005_add_runners
+│       ├── 006_add_functions
+│       ├── 007_add_default_extensions
+│       ├── 008_add_tasks
+│       ├── 009_add_digital_workers
+│       ├── 010_add_value_metrics
+│       ├── 011_add_extensions_registry
+│       ├── 012_add_apollo_tables      # postgres-only: pgvector, uuid-ossp, 4 apollo tables
+│       ├── 013_add_relationships      # relationships table with trigger/action FK to functions
+│       ├── 014_add_relationship_columns  # delay, chain_id, debug, conditions, transformation, active, allow_new_chains
+│       ├── 015_add_rbac_tables
+│       ├── 016_add_worker_health
+│       ├── 017_add_audit_log
+│       └── 018_add_governance_events    # append-only event store with hash chain
+│
+├── Model              # Sequel model loader
+│   └── Models/
+│       ├── Extension      # Installed LEX extensions
+│       ├── Function       # Available functions per extension (with trigger/action relationship associations)
+│       ├── Runner         # Runner definitions (extension + function bindings)
+│       ├── Node           # Cluster node registry
+│       ├── Task           # Task instances (belongs_to Relationship, belongs_to DigitalWorker)
+│       ├── TaskLog        # Task execution logs
+│       ├── Setting        # Persistent settings store
+│       ├── DigitalWorker  # Digital worker registry (lifecycle: bootstrap/active/paused/retired/terminated)
+│       ├── Relationship   # Task trigger/action relationships between functions (migration 013/014)
+│       ├── ApolloEntry    # Apollo knowledge entries — postgres only (pgvector embedding, confidence lifecycle)
+│       ├── ApolloRelation # Weighted relations between Apollo entries — postgres only
+│       ├── ApolloExpertise  # Per-agent domain expertise tracking — postgres only
+│       └── ApolloAccessLog  # Apollo entry access audit log — postgres only
+│   Note: value_metrics table (migration 010) is accessed via raw Sequel dataset,
+│         not via a named Sequel::Model subclass.
+│   Note: Apollo models are guarded with `return unless adapter == :postgres` at load time.
+│
+├── Settings           # Default DB config with per-adapter credential presets
+└── Version
+```
+
+### Key Design Patterns
+
+- **Two-Database Architecture**: Shared (MySQL/PG/SQLite) for control plane data + Local (always SQLite) for agentic cognitive state. Two files, always separate, no cross-database joins.
+- **Adapter-Driven**: `Connection.adapter` reads from settings; SQLite uses `Sequel.sqlite(path)`, others use `Sequel.connect`
+- **Dev Mode Fallback**: When `dev_mode: true` and network DB unreachable, shared connection falls back to SQLite (`legionio.db`) with warning log
+- **Cross-DB Migrations**: Shared migrations use IntegerMigrator (Sequel DSL), local migrations use TimestampMigrator (per-extension registration)
+- **Auto-Migration**: Runs Sequel migrations on startup (`auto_migrate: true` by default)
+- **Sequel ORM**: Shared models are `Sequel::Model` subclasses (inherit global connection). Local models use `Legion::Data::Local.model(:table)` (explicit connection binding).
+- **Optional Caching**: `setup_cache` checks for `Legion::Cache` presence but Sequel model caching is currently disabled (code is commented out, pending implementation)
+- **Cryptographic Erasure**: Deleting `legionio_local.db` is a hard guarantee — no residual data. Used by `lex-privatecore`.
+- **CLI Executable**: Ships with `legionio_migrate` executable in `exe/` for running database migrations standalone
+
+## Default Settings
+
+```json
+{
+  "adapter": "sqlite",
+  "connected": false,
+  "dev_mode": false,
+  "dev_fallback": true,
+  "connect_on_start": true,
+  "connection": {
+    "log": false,
+    "log_connection_info": false,
+    "log_warn_duration": 1,
+    "sql_log_level": "debug",
+    "max_connections": 10,
+    "preconnect": false
+  },
+  "creds": {
+    "database": "legionio.db"
+  },
+  "migrations": {
+    "continue_on_fail": false,
+    "auto_migrate": true,
+    "ran": false,
+    "version": null
+  },
+  "models": {
+    "continue_on_load_fail": false,
+    "autoload": true
+  },
+  "local": {
+    "enabled": true,
+    "database": "legionio_local.db",
+    "migrations": {
+      "auto_migrate": true
+    }
+  },
+  "cache": {
+    "connected": false,
+    "auto_enable": false,
+    "ttl": 60
+  }
+}
+```
+
+Per-adapter credential defaults are defined in `Settings::CREDS`:
+- **sqlite**: `{ database: "legionio.db" }`
+- **mysql2**: `{ username: "legion", password: "legion", database: "legionio", host: "127.0.0.1", port: 3306 }`
+- **postgres**: `{ user: "legion", password: "legion", database: "legionio", host: "127.0.0.1", port: 5432 }`
+
+## Dependencies
+
+| Gem | Purpose |
+|-----|---------|
+| `sequel` (>= 5.70) | ORM and migration framework |
+| `sqlite3` (>= 2.0) | SQLite adapter (default, bundled) |
+| `mysql2` (>= 0.5.5) | MySQL adapter (optional) |
+| `pg` (>= 1.5) | PostgreSQL adapter (optional) |
+| `legion-logging` | Logging |
+| `legion-settings` | Configuration |
+
+## File Map
+
+| Path | Purpose |
+|------|---------|
+| `lib/legion/data.rb` | Module entry, setup/shutdown lifecycle |
+| `lib/legion/data/connection.rb` | Sequel database connection (adapter selection) |
+| `lib/legion/data/migration.rb` | Migration runner |
+| `lib/legion/data/migrations/` | 14 numbered migration files (Sequel DSL) |
+| `lib/legion/data/model.rb` | Model autoloader |
+| `lib/legion/data/local.rb` | Local SQLite module for agentic cognitive state |
+| `lib/legion/data/models/` | Sequel models (Extension, Function, Runner, Node, Task, TaskLog, Setting, DigitalWorker, Relationship, ApolloEntry, ApolloRelation, ApolloExpertise, ApolloAccessLog) |
+| `lib/legion/data/encryption/cipher.rb` | AES-256-GCM encrypt/decrypt with versioned binary format and AAD |
+| `lib/legion/data/encryption/key_provider.rb` | Vault-backed key derivation with per-tenant scope and local fallback |
+| `lib/legion/data/encryption/sequel_plugin.rb` | Transparent `encrypted_column` DSL for Sequel models |
+| `lib/legion/data/event_store.rb` | Append-only governance event store with hash chain integrity |
+| `lib/legion/data/event_store/projection.rb` | Projection base class, ConsentState, GovernanceTimeline |
+| `lib/legion/data/settings.rb` | Default configuration with per-adapter credential presets |
+| `lib/legion/data/version.rb` | VERSION constant |
+| `exe/legionio_migrate` | CLI executable for running database migrations standalone |
+
+## Role in LegionIO
+
+Optional persistent storage initialized during `Legion::Service` startup (after transport). Provides:
+1. Extension and function registry (which LEXs are installed, what functions they expose)
+2. Task scheduling and logging
+3. Node cluster membership tracking
+4. Persistent settings storage
+5. Digital worker registry (AI-as-labor platform)
+6. Task relationship graph (trigger/action chains)
+7. Apollo shared knowledge store (PostgreSQL + pgvector only, used by lex-apollo)
+8. Local SQLite for agentic cognitive state (memory traces, trust scores, dream journals) — always on-node, independent of shared DB
+
+---
+
+**Maintained By**: Matthew Iverson (@Esity)

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 gemspec
@@ -8,3 +10,5 @@ group :test do
   gem 'rubocop'
   gem 'simplecov'
 end
+gem 'mysql2', '>= 0.5.5'
+gem 'pg', '>= 1.5'

data/LICENSE

@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright 2021 Optum
+   Copyright 2021 Esity
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

data/README.md

@@ -1,74 +1,181 @@
-Legion::Data
-=====
+# legion-data
 
-Legion::Data is a gem for the LegionIO framework to use persistent storage. Currently only MySQL is supported
+Persistent database storage for the [LegionIO](https://github.com/LegionIO/LegionIO) framework. Provides database connectivity via Sequel ORM, automatic schema migrations, and data models for extensions, functions, runners, nodes, tasks, settings, digital workers, task relationships, and Apollo shared knowledge tables.
 
-Supported Ruby versions and implementations
-------------------------------------------------
+Version: 1.3.0
 
-Legion::Json should work identically on:
+## Supported Databases
 
-* Ruby 2.5+
+| Database | Adapter | Gem | Default |
+|----------|---------|-----|---------|
+| SQLite | `sqlite` | `sqlite3` (included) | Yes |
+| MySQL | `mysql2` | `mysql2` | No |
+| PostgreSQL | `postgres` | `pg` | No |
 
+SQLite is the default adapter and requires no external database server. For MySQL or PostgreSQL, install the corresponding gem and set the adapter in your configuration.
 
-Installation and Usage
-------------------------
-
-You can verify your installation using this piece of code:
+## Installation
 
 ```bash
 gem install legion-data
 ```
 
+Or add to your Gemfile:
+
+```ruby
+gem 'legion-data'
+
+# Add one of these for production databases:
+# gem 'mysql2', '>= 0.5.5'
+# gem 'pg', '>= 1.5'
+```
+
+## Data Models
+
+| Model | Table | Description |
+|-------|-------|-------------|
+| `Extension` | `extensions` | Installed LEX extensions |
+| `Function` | `functions` | Available functions per extension |
+| `Runner` | `runners` | Runner definitions (extension + function bindings) |
+| `Node` | `nodes` | Cluster node registry |
+| `Task` | `tasks` | Task instances |
+| `TaskLog` | `task_logs` | Task execution logs |
+| `Setting` | `settings` | Persistent settings store |
+| `DigitalWorker` | `digital_workers` | Digital worker registry (AI-as-labor platform) |
+| `Relationship` | `relationships` | Task trigger/action relationships between functions |
+| `ApolloEntry` | `apollo_entries` | Apollo shared knowledge entries (PostgreSQL only) |
+| `ApolloRelation` | `apollo_relations` | Relations between Apollo knowledge entries (PostgreSQL only) |
+| `ApolloExpertise` | `apollo_expertise` | Per-agent domain expertise tracking (PostgreSQL only) |
+| `ApolloAccessLog` | `apollo_access_log` | Apollo entry access audit log (PostgreSQL only) |
+
+Apollo models require PostgreSQL with the `pgvector` extension. They are skipped silently on SQLite and MySQL.
+
+## Usage
+
 ```ruby
 require 'legion/data'
 
+# Standard setup (shared DB + local SQLite)
 Legion::Data.setup
-Legion::Data.connected? # => true
-Legion::Data::Model::Extension.all # Sequel::Dataset
+Legion::Data.connection              # => Sequel::Database (shared)
+Legion::Data.local.connection        # => Sequel::SQLite::Database (local cognitive state)
+Legion::Data::Model::Extension.all  # => Sequel::Dataset
+```
+
+### Local Database
+
+v1.3.0 introduces `Legion::Data::Local`, a parallel SQLite database always stored locally on the node. It is used for agentic cognitive state persistence (memory traces, trust scores, dream journals, etc.) and is independent of the shared database.
+
+```ruby
+# Local DB is set up automatically during Legion::Data.setup
+# Extensions register their own migration directories
+Legion::Data::Local.register_migrations(name: :memory, path: '/path/to/migrations')
+
+# Create a model bound to the local connection
+MyModel = Legion::Data::Local.model(:my_table)
+
+# Check status
+Legion::Data::Local.connected?   # => true
+Legion::Data::Local.db_path      # => "legionio_local.db"
+```
+
+The local database file (`legionio_local.db` by default) can be deleted for cryptographic erasure — no residual data. This is used by `lex-privatecore`.
+
+## Configuration
+
+### SQLite (default)
+
+```json
+{
+  "data": {
+    "adapter": "sqlite",
+    "creds": {
+      "database": "legionio.db"
+    }
+  }
+}
+```
+
+### MySQL
+
+```json
+{
+  "data": {
+    "adapter": "mysql2",
+    "creds": {
+      "username": "legion",
+      "password": "legion",
+      "database": "legionio",
+      "host": "127.0.0.1",
+      "port": 3306
+    }
+  }
+}
+```
+
+### PostgreSQL
+
+```json
+{
+  "data": {
+    "adapter": "postgres",
+    "creds": {
+      "user": "legion",
+      "password": "legion",
+      "database": "legionio",
+      "host": "127.0.0.1",
+      "port": 5432
+    }
+  }
+}
+```
+
+PostgreSQL with `pgvector` is required for Apollo models. Install the extension in your database before running migrations:
+
+```sql
+CREATE EXTENSION IF NOT EXISTS vector;
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
 ```
 
-Settings
-----------
+### Local Database
 
 ```json
 {
-  "connected": false,
-  "cache": {
-    "connected": false,
-    "auto_enable": null,
-    "ttl": 60
-  },
-  "connection": {
-    "log": false,
-    "log_connection_info": false,
-    "log_warn_duration": 1,
-    "log_warn_duration": "debug",
-    "max_connections": 10,
-    "preconnect": false
-  },
-  "creds": {
-    "username": "legion",
-    "password": "legion",
-    "database": "legionio",
-    "host": "127.0.0.1",
-    "port": 3306
-  },
-  "migrations": {
-    "continue_on_fail": false,
-    "auto_migrate": true,
-    "ran": false,
-    "version": null
-  },
-  "models": {
-    "continue_on_load_fail": false,
-    "autoload": true
-  },
-  "connect_on_start": true
+  "data": {
+    "local": {
+      "enabled": true,
+      "database": "legionio_local.db",
+      "migrations": {
+        "auto_migrate": true
+      }
+    }
+  }
 }
 ```
 
-Authors
-----------
+Set `enabled: false` to disable local SQLite entirely.
+
+### Dev Mode Fallback
+
+When `dev_mode: true` and a network database (MySQL/PostgreSQL) is unreachable, the shared connection falls back to SQLite automatically instead of raising.
+
+```json
+{
+  "data": {
+    "dev_mode": true,
+    "dev_fallback": true
+  }
+}
+```
+
+### HashiCorp Vault Integration
+
+When Vault is connected and a `database/creds/legion` secret path exists, credentials are fetched dynamically from Vault at connection time, overriding any static `creds` configuration.
+
+## Requirements
+
+- Ruby >= 3.4
+
+## License
 
-* [Matthew Iverson](https://github.com/Esity) - current maintainer
+Apache-2.0