The ability to quickly develop and deploy innovative software solutions is crucial in today’s fast-paced market. Unfortunately, today’s tech stack is a living codebase that requires constant attention and optimization, which detracts from this forward momentum.
The complexity and scale of the software supply chain requires development teams to be ever-vigilant and constantly update their code to keep it all secure and working. However, this is an impossible task.
There are too many dependencies, too many repositories, and too many vulnerabilities. Manual developer labor simply cannot keep up.
For example, we’ve worked with a financial services company that has over 20,000 applications built on a variation of Spring Boot. When a breaking change is introduced in the underlying Spring Framework, that’s 20,000 repositories to potentially change.
By not keeping up with software upgrades, organizations can miss out on important security patches, bug fixes, and performance improvements from the software community. This leaves applications more vulnerable to security threats and less adaptable to evolving technological challenges. Ultimately, this can hinder an organization's ability to maneuver in a rapidly changing business landscape, and it may incur more costs in terms of maintenance and technical debt.
This was echoed in a conversation with our customer Choice Hotels:
“Now, 400-500 apps that are all using different dependencies, different versions all over the place…. It’s really difficult to maintain that and ensure compliance. In my experience, I haven’t seen a good currency strategy.” —Stephen Cihak, Sr. Director, Cloud Platform at Choice Hotels
The ability for your software to adapt at a much faster pace is one of the most fundamental advantages your business can have. We call this tech stack liquidity. Read on to learn more.
The perils of software supply chain management
It’s common for developers to focus on updating software that’s part of a current sprint or that’s absolutely critical. These small, incremental changes are also safer (i.e., less likely to cause disruptions and downtime). But what about all the software dependencies that are moving forward outside your control?
Eventually, software must be upgraded or migrated, perhaps because of obsolescence, a critical vulnerability, necessary dependency updates, or technology decisions. And this can be daunting.
For example, if a team wanted to upgrade from Spring Boot 2 to 3 to optimize application performance with its GraalVM native image support, they would also have to upgrade to Java 17, plus update a host of other cascading dependencies as shown in Figure 1.
In the case of the Spring4Shell vulnerability, which was a critical unauthenticated Remote Code Execution vulnerability in the Spring Framework (CVE-2022-22965), development teams would have to mitigate fast. This means upgrading to Spring Framework v5.2.20 and v5.3.18 to eliminate the vulnerability, and then upgrading to the latest versions of Spring Boot 2.6.6 and 2.5.12.
Another example would be wanting to shift to a different cloud provider for performance, regional, or cost reasons. Each provider offers a wide selection of services, each with its own features and APIs. Because your applications can become tightly integrated with these proprietary services, this makes moving apps to a different cloud provider very difficult. You must rewrite and modify the code to work with a different provider’s APIs and tools.
These major software modernization efforts can expend the time and resources of your development teams for months on end. In the case of security vulnerabilities, teams may scramble to fix the code, worrying that an exploit is coming, and it becomes a race between your developers fixing it and the bad actors attacking it. Third-party software suppliers are releasing software more frequently, as well, so by the time you have upgraded, you’ll have to start another major lift in your tech stack.
This is not adaptable software.
Software migrations, whether that’s moving to a new version of software or to an alternate software vendor, are always risky. A lot of change needs to happen across multiple repositories, often in a coordinated way. Because these massive coordination efforts are largely manual and error prone, they can lead to production outages. This is why businesses tend to avoid them.
As we continue to produce new software at an accelerated rate, software migrations can no longer be manual. We should begin thinking of migration engineering as a discipline that requires systematic automation, not endless clerical work.
Tech stack liquidity and automated software modernization
The opportunity costs to your business can be significant when developers are bogged down with software maintenance and migration tasks that are not delivering customer value. This puts you at a disadvantage compared to competitors who have cleaner and more updated codebases, allowing them to leverage the latest technologies and gain an edge in the market.
You need tech stack liquidity to roll with the changes more seamlessly and ensure your organization is leveraging the best solutions in the market. We define tech stack liquidity as the ease with which organizations can upgrade and adopt various technologies and infrastructure components to enhance, maintain, and evolve their applications and systems. It reflects an organization’s ability to adapt quickly and efficiently to changes in technology and market demands.
Imagine if development teams could visualize and analyze their entire codebase—all the source code plus the complex software supply chain—then accurately automate the work of software modernization. Your organization would have a new “liquidity” superpower. That’s what Moderne is all about.
By automating application modernization and maintenance with Moderne, you gain tech stack liquidity and the ability to drive innovation and new business value all the time. Plus, you can significantly reduce the costs associated with code maintenance, migration, and security—and in some cases, eliminate them.
Learn more about tech stack liquidity and how it can help accelerate your business in our new eBook.