There are three groups of people around every legacy system - those who are stuck with it, those who don't want to be with it, and those who love it and see its value. How do we reconcile these three opinions and rewrite legacy code without completely replacing it? Today we talk with Dave Thomas . Dave is an all-around player in the software industry with vast experience as an executive, investor, board member, consultant, architect, and engineer. He is Chairman of Bedarra Corp, which provides consulting on technology and business strategy for emerging technology, products, and services. He tells us what the drivers of legacy innovations are, why he thinks refactoring is a "little lie" of the modern software industry, and how to approach modifications in less-than-ideal situations. When you finish listening to the episode, connect with Dave on LinkedIn and visit his website at www.davethomas.net . Mentioned in this episode: Dave Thomas on LinkedIn at https://www.linkedin.com/in/davidathomas/ Dave’s website at https://www.davethomas.net/index.html Badera Corporation at https://www.bedarra.com/…

One of the reasons why it is difficult to work with legacy code is the lack of preserving the contextual reasons for past coding choices. Today we talk with Chelsea Troy, a Machine Learning Team Lead at Mozilla and a computer science lecturer at the University of Chicago. She tells us about the value of code review in the software-building process and why code review should not be treated solely as a mechanism for approval. When you finish listening to the episode, visit Chelsea's website at https://chelseatroy.com . Mentioned in this episode: Chelsea’s website at https://chelseatroy.com…

Mending code while it is running is risky. One wrong move and a small change can bring the entire system to a halt. Today we talk with Edward Hieatt , Chief Customer Officer at Mechanical Orchard , a GenAI native company that modernizes critical legacy applications without disrupting what they are doing. He tells us how to use AI to identify system dependencies, why it is important to first understand data flow before diving into code, and how to maintain functionality during the modernization process. When you finish listening to the episode, connect with Edward on LinkedIn . Mentioned in this episode: Edward on LinkedIn at https://www.linkedin.com/in/edwardhieatt/ Mechanical Orchard at https://www.mechanical-orchard.com/…

AI proves to be great at writing new code, but what are its capabilities when it comes to mending the old one? Today we talk with Ray Myers , a legacy code expert and sceptical enthusiast for AI. With 16 years of software engineering experience, he focuses on collective lessons learned to improve our existing systems and organizations. He tells us where is the place of AI in legacy code mending, whether AI can provide help when editing existing code, how to train AI with up-to-date coding skills, how to utilize AI when writing tests, and much more. When you finish listening to the episode, make sure to connect with Ray on LinkedIn , visit his website at https://mender.ai , his YouTube channel Craft vs. Cruft , and take a listen to Empathy in Tech - a new podcast cohosted by Ray and Legacy Code Rocks former cohost, Andrea Goulet! Mentioned in this episode: Ray on LinkedIn at https://www.linkedin.com/in/cadrlife/ Craft vs. Cruft at https://www.youtube.com/@craftvscruft8060 Mender website at https://mender.ai Nopilot.dev at https://nopilot.dev Empathy in Tech at https://empathyintech.com Untangler at https://github.com/craftvscruft/untangler…

Many of the largest companies rely on third-party code to run critical parts of their software. However, there's often little focus on ensuring the quality of these external dependencies. Today we speak with Feross Aboukhadijeh, CEO and founder of Socket , a developer-first security platform. Socket helps developers and security teams release software faster and reduce time spent on security busywork. Feross is also a lecturer at Stanford, where he teaches CS233 Web Security. We discuss why the quality of third-party dependencies matters, when to start addressing this issue, how to handle unmaintained dependencies, and what tools are available for managing third-party dependencies. After listening to the episode, be sure to visit the Socket website, connect with Feross on Twitter , and check out his personal website . Mentioned in this episode: Socket at https://socket.dev/ Feross on X at https://x.com/feross Feross website at: https://feross.org/…

How do the love for vintage computers and test automation come together? Can one inspire another and how? Today we talk with Sophia Mckeever , a software development engineer at Pokemon Company International , a test automation framework architect, and a computer historian. She tells us what led her to collect vintage computers, how they evolved into machines we work on today, and what is the connecting thread between computer history and test automation. When you finish listening to the episode, connect with Sophia on LinkedIn . Mentioned in this episode: Sophia on LinkedIn at https://www.linkedin.com/in/sophiamckeever/…

In Kubernetes , security is a joint effort between security engineers and DevOps. A perfect tool to bring these two together is Kubescape , an open-source Kubernetes security project. Today, we talk with Shauli Rozen , the CEO of ARMO , the company behind Kubescape. Shauli has more than fifteen years of experience in technology, B2B management, and business development. He tells us about the advantages of Kubescape, what it does, and when would you want to use it. When you finish listening to the episode, connect with Shauli via LinkedIn , visit the ARMO website, and check out Kubescape . Mentioned in this episode: Shauli on LinkedIn at https://www.linkedin.com/in/shaulirozen/ ARMO at https://www.armosec.io Kubescape at https://www.armosec.io/kubescape/…

Reviewing logs for security threats and operational functions can be a cumbersome task. Attention is a finite resource, and it is easy to miss something when faced with megabytes of data. Today, we talk with Joe Gross , the Director of Solutions Engineering at Graylog , a leading centralized log management solution for capturing, storing, and enabling real-time analysis of terabytes of machine data. Joe guides us through SIEM (Security Information and Event Management), revealing the secrets of how the pros find the needles in the haystack. When you finish listening to the episode, connect with Joe on LinkedIn , check out the Graylog platform , and visit Graylog Open - an online community dedicated to increasing and sharing IT knowledge to solve real-world problems. Mentioned in this episode: Joe on LinkedIn at https://www.linkedin.com/in/joe-gross-se/ Graylog at https://graylog.org Graylog Open at https://graylog.org/products/source-available/…

Cyber security is not a core activity of most software development companies. It is an outsourced activity that simply has to be done so that we can deploy our core services. Today, we talk with Scott McCrady , CEO of SolCyber Managed Security Services and an accomplished international executive with broad experience in sales, business development, and the operations side of a cloud-based and information security-based business. He tells us about the trends in the cybersecurity market and what he expects the future of cybersecurity services to be. When you finish listening to the episode, connect with Scott on LinkedIn and visit the SolCyber website to check out their services and connect with Scott's team. Mentioned in this episode: Scott on LinkedIn at https://www.linkedin.com/in/scottmccrady/ SolCyber at https://solcyber.com…

How to set up developers for success? For the longest time, companies left developers to their own devices to figure out the workflows and tools they will be using. As the teams grew, so did their problems due to the lack of established procedures and good practices. Today, we talk with Ramiro Berrelleza , the CEO and co-founder of Okteto , the leading platform for developer experience automation. Ramiro is a true visionary, continuously searching for new ways to improve the software development process and build a more inclusive tech industry. When you finish listening to the episode, connect with Ramiro on X and visit Okteto's website where you can get a free trial of their product. Mentioned in this episode: Ramiro on X at https://twitter.com/rberrelleza Okteto at https://www.okteto.com…

Back in August 2023, HashiCorp announced that after nine years of Terraform being open source under the MPL license, they were switching it to a non-open source BSL license. This sent shockwaves through the software development community. Today we talk with Cory O'Daniel , a CEO and co-founder of Massdriver , a company helping improve developers' experience of cloud operations, offering self-service capabilities along with governance and guardrails to developers. Cory is also one of the drivers behind the Open TF initiative in response to Hashicorp's changing their open source licenses from MPL to BSL. He tells us why this switch matters, what to do about it, and how to keep open-source projects sustainable. When you finish listening to the episode, connect with Cory on LinkedIn , visit Massdriver's website, and check out the Open TF initiative. Mentioned in this episode Cory O’Daniel on LinkedIn at https://www.linkedin.com/in/coryodaniel/ Massdriver at https://www.massdriver.cloud Open TF at https://opentofu.org Open TF GitHub at https://github.com/opentofu…

Simply knowing what is in your software is not any guarantee of safety. We need to know what that software does versus what we expect it to do. We need to know its rules of behavior. Today, we talk with Andrew Hendela, a founder of Karambit.ai, a company dedicated to automatically detecting malware and securing your software supply chain. Andrew worked for over a decade automating hard cybersecurity problems. He has many years of experience in cybersecurity leadership and deep technical expertise in fields such as malware analysis and automated cyber attribution. He tells us about software bills of behavior and why SBOMs are insufficient to protect your software supply chain from attacks. When you finish listening to the episode, connect with Andrew on LinkedIn and visit Karambit.ai website. Mentioned in this episode: Andrew on LinkedIn at https://www.linkedin.com/in/andrew-hendela/ Karambit.ai at https://karambit.ai…

In the age of rising AI, we cannot neglect the topic of the social and political consequences of the code we leave behind. Today, we talk with Amy Newell, a 24-year veteran of the tech industry and an avid activist in issues spanning from local politics to tech. Amy discusses how to engage with emerging technologies, how to use them, and how to create them while being cognisant of the harm we can inadvertently cause along the way. When you finish listening to the episode, visit Amy's website at amynewell.com and check out their newsletter at amywriteswords.com . Mentioned in this episode Amy’s website at www.amynewell.com Amy’s newsletter at www.amywriteswords.com Amy on LinkedIn at https://www.linkedin.com/in/amynewell/…

Automating refactoring and code transformation is a fascinating and efficient way to eliminate technical debt. Today, we talk with Jonathan Schneider , a Co-Founder and CEO of Moderne, Inc. , and a former senior Software Engineer at Netflix, where he created Netflix Rewrite - a large-scale automated refactoring tool for Java codebases. Jonathan is also the author of SRE with Java Microservices . Jonathan tells us about the advantages, challenges, and pitfalls of creating automated refactoring tools and how to use them. When you finish listening to the episode, connect with Jonathan through the Moderne website and grab his book . Mentioned in this episode: Jonathan on LinkedIn at https://www.linkedin.com/in/jonkschneider/ Moderne, Inc. at https://www.moderne.io SRE with Java Microservices at https://www.oreilly.com/library/view/sre-with-java/9781492073918/…

Imagine if you could counter ransomware by exploiting it to create a backup of your attacked data for you. Now, that would be disruptive! Today, we talk with Lance James. James is an experienced cybersecurity specialist with 25 years of experience in the field. Building on his programming, network security, digital forensics, malware research, and counterintelligence experience, Lance tells us how to use disruptive thinking to improve cyber security and predict and counter major cyber threats. When you finish listening to the episode, connect with Lance on LinkedIn. Lance on LinkedIn at https://www.linkedin.com/in/unit221b/ Lance’s TedTalk at https://www.ted.com/talks/lance_james_how_attackers_can_use_your_brain_against_you_in_psy_ops…

Going from monolith to microservices is one of the most popular topics in software engineering. But jumping the boat without understanding why can be a dangerous (and expensive) adventure. Today we talk with Nelida Velazquez . Nelida is a senior software engineer at Cobalt , a cyber security company that offers pentest as a service. As a backend developer, she had numerous opportunities to witness ill-informed migrations from monolith to microservices, and she is sharing her experience with us. When you finish listening to this episode, connect with Nelida on X and visit her blog at https://tolkiana.com . Mentioned in this episode: Nelida on X at: https://twitter.com/tolkiana Nelida’s blog at https://tolkiana.com…

Microsoft invited the Legacy Code Rocks team to attend Microsoft Build Conference and gave us access to the studio on the third floor of the Seattle Convention Center. In this episode, we talk with Raymond Chen, a senior software engineer at Microsoft. Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information. When you finish listening the episode, connect with Raymond on LinkedIn . Mentioned in this episode: Raymond on LinkedIn at https://www.linkedin.com/in/raymond-cheng-18460a82/ The Old New Thing at https://devblogs.microsoft.com/oldnewthing/ The Old New Thing (book) at https://www.amazon.com/Old-New-Thing-Development-Throughout/dp/0321440307…

Microsoft invited the Legacy Code Rocks team to attend Microsoft Build Conference and gave us access to the studio on the third floor of the Seattle Convention Center. In this episode, we talk with Debbie O’Brien and Max Schmitt, both part of the Microsoft Playwright team.. Playwright is a tool developed by Microsoft that allows developers to automate the testing of web applications.. Playwright's unique feature is its ability to handle multiple browser contexts, making it efficient for testing complex scenarios and improving cross-browser compatibility. The opinions expressed in this episode are Debbie’s, Max’s, and Scott’s and cannot be attributed to Microsoft or its employees in any way. Mentioned in this episode: Playwright at: https://playwright.dev…

Microsoft invited the Legacy Code Rocks team to attend Microsoft Build Conference and gave us access to the studio on the third floor of the Seattle Convention Center. In this episode, we talk with Kayla Cinnamon , the first of the three guests we had an opportunity to chat with at the Conference. Kayla is a Product Manager with Microsoft. She’s currently working on Microsoft Dev Home and helps out the Microsoft PowerToys team. Kayla is also the former product manager of Windows Terminal. She tells us about the maintenance and improvements of the Windows Terminal including the brand-new features added to it, such as tab tear-off. When you finish listening to the episode, connect with Kayla on Twitter . The opinions expressed in this episode are Kayla’s and Scott’s and cannot be attributed to Microsoft or its employees in any way. Mentioned in this episode: Kayla on Twitter at https://twitter.com/cinnamon_msft Windows Development Blog at https://blogs.windows.com/windowsdeveloper/ Microsoft Build 2023 at https://news.microsoft.com/build-2023/…

How many of your passwords do you actually know? Now, how many of those passwords are already on the black web? We are living in a fascinating age of transition from personalised passwords dependent on text inputs and our memory to more advanced access solutions. To help us navigate this evolution, we talk with Justin Richer . Justin is a technologist working on a wide variety of projects and problems throughout the internet. Justin is the founder of Bespoke Engineering , an independent consultancy specialising in internet security and identity. He is the author of OAuth in Action along with Antonio Sanso. He is the editor of several security standards including http message signatures, GNAP, OAuth dynamic client registration, OAuth token introspection, and vectors of trust, and has contributed to dozens of others. He previously spent 15 years at the MITRE Corporation contributing to many different efforts, including collaboration, identity, serious gaming, and security research programs. When you finish listening to the episode, visit the Bespoke Engineering website , grab Justin's and Antonio's book , or connect with Justin on LinkedIn or Twitter . Mentioned in this episode: Justin on LinkedIn at https://www.linkedin.com/in/justinricher/ Justin on Twitter at https://twitter.com/justin__richer Bespoke Engineering at https://bspk.io OAuth in Action at https://www.manning.com/books/oauth-2-in-action…

There is some disconnect between business people and engineers when talking about technical debt. While engineers understand the metaphor as a credit card debt that has to be paid off entirely and as soon as possible, business people see it more as a mortgage paid in small installments over a long period. Today we talk with Dave Mangot , CEO of Mangoteque and the consultant, author, and speaker helping private equity portfolio companies get good at delivering software. As a former architect at SalesForce , Dave is well-placed to tell us how to bridge the gap between the executives and the engineers and tackle technical debt in a technically sound and economical way. When you finish listening to the episode, visit the Magoteque website , read the Magoteque blog , and connect with Dave on LinkedIn . Mentioned in this episode: Dave on LinkedIn at https://www.linkedin.com/in/dmangot/ Mangoteque at https://www.mangoteque.com Mangoteque blog at https://blog.mangoteque.com Dominica DeGrandis, Making Work Visible at https://www.amazon.com/Making-Work-Visible-Exposing-Optimize/dp/1942788150…

How to ensure that your code review practices are not just an expensive bottleneck in your team’s productivity but its ultimate superpower? Today we talk with Michaela Greiler , a Head of Research at DX and the owner of a consultancy and training company, Awesome Code Reviews , focused on helping development teams improve their practices and processes. She tells us when to do code reviews, how to get the most value out of them, how to incentivize meaningful code reviews, and much more. When you finish listening to the episode, connect with Michaela on Twitter , visit her website , and check out the available workshops and courses at www.awesomecodereviews.com . Mentioned in this episode: Michaela on Twitter at https://twitter.com/mgreiler Michaela’s website at https://www.michaelagreiler.com Awesome Code Reviews at https://www.awesomecodereviews.com Characteristics of Useful Code Reviews: An Empirical Study at Microsoft at https://www.microsoft.com/en-us/research/publication/characteristics-of-useful-code-reviews-an-empirical-study-at-microsoft/…

What does it mean to build a cost-free feature in the software, and are cost-free features even possible? Today we talk with Avdi Grimm . Avdi is a software developer with more than twenty years of experience. During his career, Avdi worked on everything from aerospace embedded systems to enterprise web applications. He is the author of Confident Ruby: 32 Patterns for Joyful Coding and a recipient of the Ruby Hero Award. Currently, he spends his time helping developers deepen their coding practice at Graceful.Dev . He tells us about practices that increase software maintenance costs and how to avoid them. When you finish listening to the episode, connect with Avdi on Twitter or LinkedIn , visit his website , and check out his training courses at Graceful.Dev . Mentioned in this episode: Avdi on Twitter at https://twitter.com/avdi Avdi on LinkedIn at https://www.linkedin.com/in/avdigrimm/ Avdi’s training courses at https://graceful.dev Avdi’s website at https://avdi.codes Avdi Grimm, Confident Ruby: 32 Patterns for Joyful Coding at https://www.amazon.com/Confident-Ruby-Patterns-Joyful-Coding-ebook/dp/B00ETE0D2S/?_encoding=UTF8&pd_rd_w=Vvn53&content-id=amzn1.sym.22f5776b-4878-4918-9222-7bb79ff649f4&pf_rd_p=22f5776b-4878-4918-9222-7bb79ff649f4&pf_rd_r=135-0405864-9131715&pd_rd_wg=PIKbJ&pd_rd_r=01acffe0-cfc0-46a5-b78a-9679fb0ebfcb&ref_=aufs_ap_sc_dsk…

Every once in a while, it is wise to stop for a second and think about why we do things in a specific way and whether we need to change something. This is where rethinking processes kick in. Today we talk with Stefanni Brasil , a co-founder of hexdevs, a senior developer at Thoughtbot, and a core maintainer of faker-ruby. Stefanni is also a co-host of the hexdevs podcast, a show helping developers take their Ruby career to the next level. She tells us about her keen interest in processes, why they matter, and when the time is ripe to reevaluate them. When you finish listening to the episode, visit Stefanni's blog, check out the Hexdevs website, and listen to the hexdevs podcast. Mentioned in this episode: hexdevs website at https://www.hexdevs.com hexdevs podcast at https://podcast.hexdevs.com Thoughtbot at https://thoughtbot.com/blog Marry Lynn Manns, Linda Rising, Fearless Change, Patterns for Introducing New Ideas at https://www.amazon.com/Fearless-Change-Patterns-Introducing-paperback/dp/0134395255…

There is an eternal dilemma among software developers - should we try our best to predict the future and build it into our code, or should we just plan for frequent iterations? Today we talk with Ashu Chatterji , CEO of Caravel Labs and software engineer with 3+ decades of industry experience, working to reimagine IT consulting as an industry incentivized by innovative outcomes in global sustainability and social justice. Ashu built and led a global practice of "player-coach engineers" that helped sell and deliver path-breaking digital transformation engagements and laid the foundation of Agile software development in Microsoft consulting services. He tells us how to build durable software that will withstand the test of time and the ever-changing needs of its users. When you finish listening to the episode, connect with Ashu on LinkedIn and visit the Caravel Labs website to learn more. Mentioned in this episode: Ashu on Linked In at https://www.linkedin.com/in/ashutoshchatterji/ Caravel Labs at https://www.caravellabs.com…

To build anew or to rebuild? Many developers have a knee-jerk reaction to start building existing software systems from scratch because they think that is the easiest way forward. Today, we talk with John Ousterhout . John is the Bosack Lerner Professor of Computer Science at Stanford University. His current research focuses on new software stack layers to allow data center applications to take advantage of communication and storage technologies with microsecond-scale latencies. He is the author of the book " A Philosophy of Software Design ", co-creator of the Raft consensus algorithm , and creator of the Tcl scripting language and the Tk toolkit. He tells us about the software designs of legacy systems, why incremental changes of legacy systems are inevitable, and how to resist the impulse of rewriting large software systems from scratch. When you finish listening to the episode, connect with John on Twitter , read his book, and join his discussion group on software design . Mentioned in this episode: John on Twitter at https://twitter.com/johnousterhout?lang=en John’s profile at Stanford University at https://web.stanford.edu/~ouster/cgi-bin/home.php A Philosophy of Software design at https://www.amazon.com/Philosophy-Software-Design-John-Ousterhout/dp/1732102201 Raft Consensus Algorithm at https://raft.github.io TCL/Tk at https://www.tcl.tk/about/language.html John’s Software Design Discussion Group at software-design-book@googlegroups.com…

Working on legacy code is never easy, but some programming languages make it more enjoyable. Today, we talk with Richard Feldman , the creator of the Roc programming language , the author of Elm in Action , and the creator of the Frontend Masters courses Introduction to Elm and Introduction to Rust . Richard tells us about the advantages of the Elm, Rock, and Rust languages and why they are more enjoyable to work with than other languages. When you finish listening to the episode, connect with Richard on Twitter , check out his book and courses , and take a look at the Roc programming language . Mentioned in this episode: Richard on Twitter at https://twitter.com/rtfeldman Roc programming language at: https://www.roc-lang.org Elm in Action at https://www.manning.com/books/elm-in-action Richard’s Frontend Masters courses at: https://frontendmasters.com/teachers/richard-feldman/…

Product teams are scared of technical debt and refactoring. They press on to make something new, not to question what they have already created. However, the urgency to deliver new products carries the risk of technical debt. Today, we talk with Andreas Creten , a software engineer turned CTO. Andreas is a co-founder of Made With Love , a company that helps startups and scaleups to get out of technical trouble. Andreas tells us how to work with product teams to address technical debt in the early stages of software development, what tools to use, and what mistakes to avoid. When you finish listening to the episode, connect with Andreas on Twitter or LinkedIn and visit madewithlove.com . Mentioned in this episode: Andreas on Twitter at https://twitter.com/andreascreten Andreas on LinkedIn at https://www.linkedin.com/in/andreascreten Made With Love at https://madewithlove.com…

How can cooking help you have a better team? Today, we talk with Kimberly Fox . Kimberly leads virtual and in-person cooking classes and is a recipe developer and writer for her blog, From Market to Table . Building on more than ten years of experience working in STEM and witnessing gender inequalities and micro-cultures in corporate settings, Kimberly developed her signature corporate cooking experiences helping leaders to build more inclusive and diverse teams. When you finish listening to the episode, start following Kimberly on Instagram and check out her blog, From Market to Table .…

In this episode, we are talking with Michael Kennedy , Python expert and the founder and host of two podcasts - Talk Python To Me and Python Bytes . He also runs Talk Python Training which provides online courses for Python developers. Michael tells us about the reception of Python version changes and the most challenging aspects of the transition to ARM processors. When you finish listening to the episode, connect with Michael on LinkedIn and Twitter, subscribe to his podcasts, and check out his training courses. Mentioned in this episode: Michael on Twitter: https://twitter.com/mkennedy Michael on LinkedIn: https://www.linkedin.com/in/mkennedy Talk Python To Me Podcast: https://talkpython.fm/ Python Bytes Podcast: https://pythonbytes.fm/ Talk Python Training: https://training.talkpython.fm/…