The software industrial revolution has arrived. Software is now 80% open source and third-party
and 20% proprietary code that stitches it together into business-critical applications. In these large and diversely composed codebases, dependencies change frequently at their own pace and security vulnerabilities can be introduced at any time by anyone. Not updating software regularly leads to critical bugs, performance, and security issues (plus your code can just get harder to work with!).
Mass code refactoring in these massive codebases is a multi-point operation that requires accuracy and consistency. It’s about affecting change across many individual cursor positions in thousands of repositories representing tens or hundreds of millions of lines of code. Whether you’re migrating frameworks or guarding against vulnerabilities, this requires coordination, tracking, and accuracy.
This is not a problem AI can solve alone. AI, like many humans, is not good at math and programming. AI needs a computer just like a human does.
In this talk, we’ll discuss automated code remediation with the deterministic OpenRewrite refactoring engine, a technology born at Netflix in 2016. It’s built on manipulating the Lossless Semantic Tree (LST) representation of code with recipes (programs) that result in 100% accurate style-preserving code transformations. It is a rule-based, authoritative system.
Then we’ll show how to couple the precision of a rules-based system with the power of AI.
We'll demonstrate a generative AI procedure that samples source code to identify defects and uses OpenRewrite to fix them. This is a general purpose pattern you're going to start seeing a lot of — "ChatGPT gets a computer" (with OpenRewrite as the computer in this case).