36 minute read
News Watch
by d2emerge
< continued from page 7 tify strengths and weaknesses, instill trust, and eventually coalesce into a team. The purpose of team building exercises is to shorten the time it takes to turn a crowd into a team. A good team building exercise can start, if not achieve, that in as little as an afternoon.
Team building exercises can be complex, requiring a large indoor space, considerable props, and overseen by outside behavioral experts; or as simple as an hour or two spent in a conference room with an HR trainer. In both cases, the participants are asked to work with others on small and ideally amusing tasks that demonstrate the benefits of working together. In addition, the hopefully fun nature of the exercise, will generate a sense of camaraderie and familiarity among the participants. Team building exercises have successfully built team esprit de corps or group spirit through simple shared experiences.
Formal team building exercises work well at the beginning of the project. Mid-project pizza parties, softball games, laser tag, and Friday night “ programmer meetings ” at a local pub, can contribute to a well-oiled team.
3. Challenging individual tasks.
Each team member should be assigned unique challenging tasks.
One of the project manager ’ s most important jobs is staffing — assigning team members to project tasks. For many project managers staffing consists of two components: (1) examining the task to be performed and (2) finding someone who can do the job. Sort of plugging work holes with people. But there is more to staffing than that. Project managers also need to (3) be aware of the individual’ s personality and work history (too heavy, too many boring tasks, not in the team members skill set, etc.) and assign work based on team member personal dynamics as well as skills. And don ’t forget development needs. Some tasks should be dead set in the individual’ s strike zone — what they do best. But other tasks should stretch the individual, to learn new skills or expand existing ones.
Every project has boring and workaday tasks that need to be completed. Managers should ensure that these less popular tasks are evenly distributed among team members. No one should be assigned only boring tasks or only the more popular or challenging ones.
4. Measure, evaluate, and communicate each team member’s per-
formance. The performance of every team member should be objectively assessed and feedback provided to the team member.
In these modern times, project managers are very familiar with HR. There was a time when the personnel department was only involved in hiring and benefits. Now there are a whole range of HR activities that involve the project manager. Have a problem worker? Well HR will require that you document the poor behavior or work. Detailed documentation is necessary before formally chastising or firing a worker. But the good worker? Well HR’ s folder on him or her is much smaller. The fact is we spend far more time on the problem child than on the good one. This is a grave disservice to the good worker.
Every team member should know exactly what his or her team leader and project manager thinks of their work. This evaluation should be objective and conveyed to the team member in a timely manner. It is of little use if their only assessment is at the end of the project. The team member should have sufficient time to correct deficiencies and improve performance before the project ends. 5. Recognize individual work. IT loves praising work. We have done our share to keep the tee-shirt, coffee mug, and mousepad industry in business. Every milestone — project kickoff, first system test, starting beta etc.
— involves another tchotchke. However, users and IT management praise usually stops at the team level. Individual praise is less common.
No one is suggesting that you praise mediocre performance. This is not summer camp where everyone wins a trophy. However, there is a lot of good work going on between star performer and deadbeat. The yeomen on the team should be recognized for their individual contributions and given a little pat on the back for their achievements. You don ’t need to award a tee-shirt, but you should recognize individual contributions. Praise is good but can be overdone. The operative word is more recognition than praise. Individual team members should feel that project management knows who they are, what they do, and their contribution to the project.
Fungibility: The reality of the situation
First, fungibility and its associated concepts of person-month and full time equivalent, are useful when estimating the work required to complete a project. However, their value diminishes significantly once the project starts. Actual team members and actual team size are not fungible. Keeping the fungibility notion alive after project planning can be a costly mistake.
Second, recognizing the causes of the fungible fallacy can help the project manager mitigate them, even if they cannot be eliminated. When to use fungible concepts, attention to team structure and size, and the proper treatment of staff can go a long way to minimizing the fungible fallacy. z
An unsettled year
This year started out in much the same way 2020 ended — with people still uncertain about the future of work, whether or not their offices would reopen, and figuring out how to work from remote offices in their homes.
To address these issues, we ’ ve seen huge growth in certain market segments — collaboration tools such as Slack, Zoom and Teams; new digital platforms for hosting conferences replete with virtual exhibit halls, meetup rooms and other experiences (SD Times produced two this year, on value stream management and low code/no code development); and more digital transformations that include big moves to the cloud.
Once development teams got the work part of it down, those people had to manage their time — what hours should they work, what hours are family time, as part of the worklife balance people seek. What we ’ ve seen is that people are actually working more hours from home than they would at an office in an attempt to keep pace with the organizational demands for software delivery quickly and that will delight users.
This has been a big challenge for development managers, who can ’t simply walk over to a desk to assess where a developer is at with a project. Often, a Teams message or Google Meet invite will go unanswered for hours, putting a drag on the development effort. This is the new work reality, and why, in the January issue of SD Times, we ’ re declaring 2022 The Year of Hybrid Work. Now that developers have settled in to their new normal, this series will look at how workers can improve on software delivery and how managers can do a better job keeping the team humming.
But first, here ’ s a look back at what made news in 2021. We wish you all a joyous holiday season and all the best for the new year. z — The editors of SD Times
Breaches put security on center stage
BY JAKUB LEWKOWICZ
2021 was a tumultuous time for security, marking both massive breaches — a trend that sped up during the pandemic — and widespread action for trying to fix the problem.
On May 7, 2021, the Colonial Pipeline, an American oil pipeline system, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline.
In response, President Biden issued an Executive Order on Improving the Nation ’ s Cybersecurity that includes sweeping measures on how cybersecurity in the federal government is handled.
The order requires contracts with IT and OT service providers to conduct an array of day-to-day functions on Federal Information Systems. The government plans to take “decisive steps to modernize its approach to cybersecurity, including by increasing the Federal Government’ s visibility into threats, while protecting privacy and civil liberties. ”
Automation, modernization trends in testing
BY KATIE DEE
Coming out of the COVID-19 pandemic, 2021 has been a year of acceleration and enhancements in the technology industry. In the testing space, we have seen a strong pull towards testing automation and the overall modernization of the way software teams conduct tests.
This year, financial services teams have felt this push towards automation and modernization of testing in response to increasing customer expectations. Back in January, an SD Times story showed that several financial services teams made the move to an open-source, technology-agnostic, test automation framework with the capability to span the entirety of the DevOps life cycle.
The primary reasons financial services organizations found themselves flocking towards modernizing testing are the improvements in performance and efficiency that came as a result. It was reported that modernizing and automating testing led to a 10% improvement in developer efficiency as well as a significant improvement in application performance.
Also in the testing space, in February of this year, BlazeMeter released BlazeData in order to make generating test data simpler. This allowed users of varying skill levels to quickly and synthetically generate data for any UI functional test. This came as a response to user demand for an easier way to create reliable test data.
This release provided many benefits to the developer community such as ease of use, not requiring specialized training to create test data, lower costs, and the ability to reuse the data once it's been created. This release served as a one-stop shop solution in the marketplace for the users entire testing process. Months after this release, in October of this year, BlazeMeter was acquired by Perforce Software.
Also in October of 2021, the UI testing framework Selenium was updated with the release of Selenium 4. This release introduced several new features, including relative locators, which
However, security initiatives at organizations will still need to evolve to gain wholesale developer support.
According to the VMware-commissioned Forrester survey called Bridging the Developer and Security Divide, over half of the developers feel that current security policies stifle innovation.
“Organizations expect developers to be more involved with security tasks in the future, particularly among cloud and workload tasks. However, developers currently aren ’t very involved in security strategy planning or execution, ” the report stated.
The best way around these bottlenecks, according to Forrester, is to make sure security is no longer a specialization at an organization and that security tasks should be embedded across people, teams processes, and technologies like in DevSecOps.
As employees left their companies throughout the year ’ s “Great Resignation ” , they oftentimes — intentionally or otherwise — took valuable source code, patent applications, and customer lists with them, resulting in data leakage.
Code42, an insider risk detection and response company, unveiled these findings from its Incydr software solution, reporting that insider data leaks and theft contribute to losses up to 20%
allows testers to describe where an element is on a page using human language. In addition, Selenium 4 added support for handling authentication, intercepting and stubbing out network traffic, and capturing JavaScript errors. Furthermore, this release brought testers new support for Chromiumbased Edge out of the box.
Along with this trend, PractiTest’ s 2021 State of Testing report from April of this year showed that 90% of organizations were actively implementing testing automation into their processes throughout 2021. In addition, 96% of respondents reported that they believe test automation patterns, principals, and practices are now critical for businesses. The report also showed that 97% of those surveyed believed that functional of revenue annually and due to widespread job exits, this problem might get worse before it gets better.
From April-June of 2021 there were 61% more data exposure events than the previous quarter, and that same time frame accounts for 86% of all exposure events experienced by organizations throughout the first half of the year, according to Code42.
The best way to prevent these types of leaks is for organizations to give employees thorough training on their data and handling policies so that everyone knows what guidelines they are expected to follow, and also, new cloud-based insider risk management technologies can verify whether people are working within those guidelines, according to Joe Payne, CEO of Code42.
testing automation has become important for a company ’ s success.
The report also showed that there is a divide among testing teams as 59% shifted left in 2021 while 40% shifted right with practices such as testing in
Another shift in the security landscape are the vulnerabilities that now pose the biggest threat. The latest edition of the OWASP Top 10 showed that all of the highest-priority vulnerabilities since 2017 have shifted and new ones have been introduced.
Broken Access Control has dethroned Injection as the top vulnerability, whereas it previously held fifth place.
Also, new categories of top 10 vulnerabilities this year included Insecure Design, Software and Data Integrity Failures, and Server-Side Request Forgery.
Mobile usage skyrocketed throughout the pandemic and as a result, created a larger attack surface.
Android recognized the additional security needs required for the medium and with the release of Android 12 in October 2021, the company introduced more security features and services for enterprise customers, including improving password complexity controls.
The features make it easier to protect company data and disable USB signaling on company-owned devices to limit USB-based attacks.
Android also launched the Enterprise Vulnerability Rewards Program with the offer of up to $250,000 for a full exploit on a Pixel device running Android Enterprise. z production or chaos engineering. However, when the report was published in April, the number of teams shifting right was on a downward trend.
Following the shift software teams are seeing towards automated testing, earlier this year SmartBear, a provider of software development and quality tools, expanded its support of codeless, automated testing for mobile and ERP applications. The company integrated its UI test automation tool, TestComplete, with its native mobile device cloud, BitBar.
This integration allows TestComplete users to create a codeless mobile test and then use that test in BitBar across devices. With this, the company also increased its support for testing enterprise applications such as Salesforce, Oracle EBS, and SAP. z
Low code solutions come of age
BY JENNA SARGENT At the start of the year, we declared that 2021 would be the year of low code. It turned out to be a fairly accurate prediction.
Low code was used throughout the past two years by small businesses needing to quickly open online storefronts, companies needing to create tooling to support remote workers, and by developers looking to save some time by turning to a low-code solution rather than having to write out unique code that would have taken much longer to produce.
When interviewed for our Year of Low Code story last December, Shane Young, PowerApps guru at consulting company PowerApps911, said: “What it’ s really been a lot of is people realized that they have a lot of processes that required paper, walking it over to somebody ’ s desk and saying ‘hey, sign this ’ or ‘do this, ’ and when we ’ re all working from home, you can ’t walk over to my desk and have me sign this, or share some information with me. So a lot of the app uptake has been just trying to [create] simple apps, which lends itself so well to low code, but just things that facilitate conversations, or facilitate approvals, or what are the processes that used to be paper or hand-driven that now need to be electronically driven?”
When low code was first introduced, it didn ’t have quite the stellar reputation it does now. People who worked in technical roles scoffed at it, believing that there was no way a tool could handle the complex tasks they had to do on a daily basis. And for a while low code was mainly used for simpler tasks, like creating something as simple as a vacation scheduler. But now low-code platforms are much more hefty and can be used to create some pretty powerful applications.
One way in which low code has changed the face of development is that it allows for the creation of better UIs. Traditionally, a lot of development time is spent writing the user interface, while the core application code only takes up a small portion of the codebase as a whole.
According to Kiasco Research analyst Michael Azoff, low-code tools can be used as a cross-platform UI builder. This will eliminate much of the repetitive work relating to the UI that needs to get done on many development projects.
“It is no surprise to me to see the rise of LCNC, taking the burden out of cross-platform UI development is a great opportunity, I think this sector of appdev will continue to grow, ” Azoff wrote in an article for SD Times.
The idea of low code doesn ’t necessarily mean that no code is written at all, just that a lot of the work can be accomplished through drag-and-drop interfaces. Earlier this year, Microsoft actually released an open-source lowcode programming language called Power FX. Power Fx is based on Microsoft Excel and it uses a lot of formulas that people are already familiar with, which opens up the language to a broad range of users and skill sets.
“With Power Fx, we can amplify the impact of developers by many multiples over the same time horizon. By offering citizen developers a familiar and approachable way to express logic, we ’ re dramatically expanding who can build sophisticated solutions. By delivering Power Fx with the tools a professional expects, including the ability to directly edit apps in text editors like Visual Studio Code and use source control, we ’ re making it possible for developers to go faster and find common ground with millions of makers, ” Ryan Cunningham, director PM of Power Apps at Microsoft, wrote in a post.
A lot of new folks are interested in learning about low-code if they ’ re not already implementing it. D2Emerge, publishers of SD Times, produced a conference about low code in October called Low-Code/No-Code DevDay and nearly 600 people attended to learn more about the subject.
Here are some of the sessions we had at our 2021 event: • Designing a developer-led culture • Text nudges, chatbots, self-service and more: Why now is the time for low-code CX • Maximizing the value of hybrid dev teams in remote environments • Mastering Power Apps &
SharePoint related lists z
Next phase of DevOps should take pressure off devs, focus more on value
BY JENNA SARGENT As the workplace we once knew changed over the past two years, so did the way DevOps teams worked.
While the initial goal of DevOps was to facilitate greater collaboration between developers and operations teams, a lot of recent focus has been on how DevOps teams can measure the value they are providing to the business. New trends like value stream management and BizOps have begun to gain popularity as a means to this end.
Another interesting trend is the declaration by GitLab that we are now in the fourth wave of DevOps. According to GitLab, the four phases of DevOps include: 1. Silo DevOps, where each team selects their own tools 2. Fragmented DevOps, where organizations utilize the same set of tools for different life cycle stages 3. DIY DevOps, where teams use toolchains built with parts not designed to work together 4. Platform DevOps, where tools have advanced capabilities that allow developers to build software with velocity, trust, and visibility
“There ’ s an old expression, ‘If you want to go fast, go alone and if you want to go far, go together, ’” said Sid Sijbrandij, cofounder and CEO of GitLab, during his keynote at GitLab Commit earlier this year.
However, going together often means that developers are asked to do things they aren ’t trained to do — involving areas like testing, security, and governance — and organizations have been slow to actually provide the training needed to learn those skills. On top of this, traditional IT operations have been sidelined and precautions they would take before releasing an application are now only being dealt with after the fact. This leads DevOps to feel like “The Bad Place, ” and open up organizations to risks.
And even though today more and more departments are coexisting with each other and collaborating, a lot of silos still exist. So rather than DevOps breaking down silos as it originally intended, more tend to get created.
One potential solution to some of these problems is to take some of that burden off untrained developers and onto specialists. It won ’t solve all of DevOps ’ current problems, but it could be a start.
Another struggle with DevOps is that though a lot of new developers come into the industry fresh out of college programs, a lot of universities still aren ’t incorporating DevOps into their curriculums. In an episode of the What the Dev? podcast,
Microsoft goes all in on open source, security
BY JAKUB LEWKOWICZ This year, Microsoft went all in on open-source and security and launched a plethora of new solutions aimed at bettering the lives of developers working remotely and on-premises.
Microsoft launched its flagship Visual Studio 2022 and .NET 6. in November. .NET 6 is a follow-up to the notable .NET 5, which merged .NET Framework and .NET Core in 2019. .NET 6 is a long-term support release meaning it will be supported for three years. .NET 6 dunked Microsoft into the world of macOS’ s Apple Silicon, in addition to its support on Windows Arm64. The open-source platform now includes Hot Reload, which allows code changes to be viewed without needing to restart the app, OpenTelemetry and dotnet monitor support, and much more.
Meanwhile, Visual Studio 2022 received a feature called IntelliCode, an AI-assisted tool that can complete whole lines of code and spot repeated edits and suggest similar fixes throughout the codebase, and many other features.
Microsoft, known for its dominion of the collaboration space with Microsoft Teams, which grew tremendously during the pandemic, created other means through which developers can share ideas.
The company recently announced the .NET Tech Community Forums for all .NET developer topics and discussions. Developers can then receive updates on the forum through email, RSS feeds, or on the user ’ s tech community homepage.
In November, Microsoft signed the Java Specification Participation Agreement (JSPA) to officially join the Java Community Process.
Microsoft also advanced its hardware sphere by announcing its new Surface Duo 2 and is now inviting developers to start building or enhancing apps for dual-screen devices.
As the owner of GitHub since 2018, Microsoft shared its views this year on how open-source and software development can improve moving forward.
The major points of improvement included seeking different perspectives and feedback on what the community requests, finding a balance between policy and autonomy, securing every link in the supply chain as open can contain security defects since attackers can become maintainers and introduce mal-
Christina Hupy, senior education program manager at GitLab said: “I would say that most college graduates who are studying computer science and learning coding come out of their degree program with a very solid grasp of the fundamentals of coding, usually with a specific language or two. They learn how to build code, how to run code, how to compile it, and do some testing. Generally speaking we find that the DevOps process itself is not being taught. ”
Some courses are available to help developers fill in those gaps in their knowledge. Recently, the Linux Foundation and Continuous Delivery Foundation partnered to provide the DevOps Bootcamp. The bootcamp provides an overview of DevOps and Site Reliability Engineering, goes into detail about specific DevOps toolsets, and explains more specific topics such as GitOps and DevSecOps.
In addition, to help companies assess how well they ’ re doing at DevOps compared to similar organizations, this year the DevOps Institute announced its Assessment of DevOps Capabilities (ADOC), which does take into account the human aspect of DevOps. It looks at five different areas: human aspects, process and frameworks, functional composition, intelligent automation, and technology ecosystems. z
M i c r o s o f t o f c o u r t e s y I l l u s t r a t i o n
ware. Last but not least is that communication is key, especially in a remote work environment.
Likely one of Microsoft’ s biggest moves this year was in the field of security. In September, Microsoft announced that consumers can now completely remove passwords from their accounts, predicting that “the future is passwordless. ”
Some of the alternative authentication methods that now offers include the Authenticator app, Windows Hello, a security key, or a verification code sent to you. z
Java 2021: Latest LTS released, Oracle updated Java license
BY JENNA SARGENT This year, there were two major releases of Java — Java 16 and Java 17. Java 17 is also a long-term support (LTS) release, the last of which was Java 11. The next LTS release of Java will be in 2023 with Java 21. This will change the LTS release cadence from three to two years.
Java 16 introduced a number of new enhancements, such as an incubator model for expressing vector calculations that are compiled at runtime (JEP 338), C++14 support (JEP 347), warnings for value-based classes (JEP 390), and more. Additions to Java 17 included a new macOS rendering pipeline (JEP 382), strong encapsulation for JDK internals (JEP 403), sealed classes (JEP 409), and more.
Another major change to the programming language this year is that Oracle updated the Java license. Starting with Java 17, releases will be provided under a free-to-use license until one year after the next LTS release.
Oracle also announced Java Management Service in order to accelerate Java adoption in cloud settings. The service provides visibility over Java deployments, highlights unplanned Java applications, and ensures that the latest security patches have been applied.
A survey from the Eclipse Foundation in September revealed that there had been an increasing interest in enterprise Java in cloud native spaces. Sixty percent of respondents use Spring or Spring Boot as a cloud native Java framework, and 48% use Jakarta EE. Adoption of Eclipse MicroProfile, which offers a microservices architecture for enterprise Java, also grew to 34% use — up from 29% the year before.
Another survey from July, conducted by Snyk, revealed that developers began to move away from Java 8 and onto Java 11, the most recent LTS release prior to Java 17. Previous reports of the Java community had found that developers were mainly using Java 8 rather than upgrading to newer releases. According to the survey, 61.5% of respondents use Java 11 somewhere in production, while 12% used the latest Java version at the time, which was Java 15. Half of the respondents who use Java 11 also still use Java 8 somewhere in their production stack, according to the survey.
Last month, Microsoft announced its support of the Java community. It officially joined the Java Community Process, which is the mechanism for developing specifications for the programming language. This followed the company ’ s April announcement of its Microsoft build of OpenJDK, since which use of Java within Microsoft grew significantly.
“Java is one of the most important programming languages used today — developers use Java to build everything from critical enterprise applications to hobby robots. At Microsoft, we ’ ve seen increasing growth in customer use of Java across our cloud services and development tools. We ’ re continually working to broaden and deepen our Java support for customers and developers, ” Bruno Borges, principal program manager of the Java Engineering Group at Microsoft, wrote in a post announcing the build. z
When developers lie awake at night, they ’ re likely not thinking that they didn ’t turn around enough tickets that day, or write a certain number of lines of code. Their fear is that they ’ ve broken something, and that they ’ll be in trouble.
In the meantime, C-level managers are primarily concerned with innovation, creating new products and enhancing old ones. So there is a natural divide when it comes to assessing how productive developers are.
Eric Minick, vice president and head of product at CodeLogic, said, “I think what a lot of our developers would celebrate most is, if someone said, ‘Today, I took 300 lines of code that were a mess, and I consolidated it down to 40 lines of code that are clean. And so my net code for the day was minus 260 lines. And that would be celebrated wildly. And so lines of code is about as toxic a measure as you could come up with, as it encourages bad behavior. ”
“You know, a development team or an IT shop, looking at that developer who took that 300 lines of mess and turned it into 40 lines of elegant clean code, as being productive, ” he continued. “Somebody in a business suite, however, might say,
‘You are not advancing our product, you added no new features, nothing happened. How are you being productive?’ “
Gartner analyst Thomas Murphy explained, “We advise clients that they should not be focused on individual productivity metrics — software is about teams — thus we look at team productivity and things are measured more in agile terms of Story Velocity, but that is useful more to understand a backlog and how long it will take. ”
It’ s this misalignment between the business and IT that continues to exist — despite the ideals of Agile development and DevOps that should bring the sides closer — that makes defining developer productivity difficult. It is Minick’ s opinion that from a measurement point of view, most development teams have yet to make business outcomes their goals. Organizations might be using OKRs or KPIs to say that in the next six months, we ’ re going to improve conversion rates by 5%. But developers are saying, ‘We ’ re still closing 100 tickets a week, we are good at our jobs. ’ Michick said, “I don ’t think most organizations have really tightened up the alignment to bring the business metric into the definition of success for the application team. But we ’ re starting to see the beginnings of that. ” Murphy explained,
“From a metrics perspective you should be shifting away from metrics that are ‘ output’ driven and to metrics that are ‘ outcome ’ driven. Thus are we delivering the business outcomes — which means it isn ’t just an engineering thing. ”
One thing that organizations have started to embrace in an attempt to make developers more productive is
Developer Productivity
As modern applications grow more complex and developers are taking on more tasks, gauging productivity isn’t as simple as counting lines of code anymore
the notion of the developer experience, with the belief that giving developers the best possible employment experience increases their productivity. That experience can range from things like the chair they sit in, the size of the monitors they use while working, the software tools they are given to do their jobs, and the hours they put in.
“There ’ s nothing more frustrating than having to close down a bunch of apps just to start running your tests and get your own software to run, and being constrained by a cheap laptop, or a monitor that’ s too small or anything like that, ” Minick said. “You want loyalty from your developers. Give them a powerful box and a big screen. like step one. Step two … big investment in better chairs, standing desks, all of these things that set up the developer to be comfortable, alert, helping and able to concentrate for a long time on their code and be effective. ”
After that, he said, make sure they ’ ve got the right tools at their disposal. Make sure they ’ ve got a good development environment, that they ’ ve got the other software packages they need.
Changing roles for developers
One of the difficulties in assessing developer productivity is the fact that their job is much broader than it was in the days when developers primarily wrote and maintained code. Now, they ’ re more involved in testing, more involved in security and in compliance and governance.
Minick said measuring things like features delivered by the development team is better than measuring the amount of code generated. And, organizations that take productivity seriously will put in place measurements for ‘ good behavior, ’ such as how code coverage is changing, and is technical debt increasing or being reduced. Or, he noted, crediting developers for taking something highly complex and streamlining it to something simpler. While there was no feature added by that work, the technical debt score should go down, and that would be the productive activity.
A productive development team, according to Minick, will deliver features, mitigate risk, and fix bugs. want to make sure you ’ re balancing your investment in a development team pretty well across those things, ” Minick said. “If you ’ re delivering no features, you ’ re probably failing. At the same time, if you ’ re delivering only features and accumulating a tremendous amount of technical debt and risk, you ’ re setting yourself up for failure in the future. And it’ s really a business decision how to weigh that investment, but that should be done consciously, and too often, it’ s not. ”
How to make development teams more productive
One of the ways organizations can increase feature flow is through value stream management, with which they can identify the impediments that slow productivity and work to remove them. “So metrically, this is where the DORA metrics come in, or the Flow Framework, and this is what comes into a ‘Value Stream Management’ system, ” Murphy said, “but with this you are also looking at what are the bottlenecks. ‘Ahh, it takes two hours to provision a test system, that limits how quickly we can build and test software — how can we make that faster. ’”
This is especially true as it pertains to the various tools developers need to be productive. There are communication tools such as Teams and Slack, CI tools, IDEs, test tools, code repositories and security tools. Some of this tool sprawl is necessary, Murphy said. “I have to have an IDE, a compiler and such, ” he said. “The hope would be that I don ’t have Teams and Slack and email for communications. ”
Many organizations have more than one tool for continuous integration, which could be because teams have the freedom to select the tool they feel is best to do their job. Murphy noted that Gartner has seen a shift toward choosing standard solutions and tools that take a more integrated approach. “More clients are buying Jira/Confluence/Bitbucket/Bamboo… than did in the past, where it may have been Jira/ Confluence/Git-something/Jenkins/ Artifactory, ” he said, adding that this will be a slow evolution, because of sunk investments and personal preference, but that organizations want to control their spend, be more efficient and have the ability to move resources between teams.
This is another aspect where the business and IT seem to be at odds, though organizations are recognizing the value of having business knowledge in and with the technology. The way many of them are meeting this challenge is through retraining. CodeLogic ’ s Minick said that’ s the best way to go, as opposed to hiring more developers, “because you have the knowledge of business in those people, and you want to keep that in house. ” This approach can keep the deep business under-
standing of how the business works as close to the developers as possible.
Gartner ’ s Murphy said organizations do a mixed job of providing time and resources to support learning and upskilling, which is leading to growth in informal training — communities of practice, dojos, use of StackOverflow, and more use of pairing and mentoring. “Entities are having to rethink strategies and tools to support how new people are onboarded, how to get effective knowledge transfer and how to evolve employees, ” he said. “But this also means you have to be prepared to train
Keep it as simple as you can
In the face of all this, Murphy suggests organizations do what they can to simplify things. Among the steps they can take are reducing the number of tools where possible, and being consistent in business direction/objectives so you have a unified set of activities that everyone is actioning toward.
Going forward, organizations are looking to AI-assisted coding to help with productivity, but Murphy noted that will “take a while to perfect. ” In the meantime, he said, “toolchains will be a bit messy, and our ‘legacy challenge’ of unforeseen needs of the future will always dog us. ” z
How does CodeLogic help make developers more productive?
Eric Minick, VP, Head of Product at CodeLogic
CodeLogic helps developers surface risky dependencies in their code. We know the feeling when the latest feature changes something that might break something else: What could break? What do we review? Whether a feature requires a change to an attribute in a database column, or you’re considering pulling some module out into its own service, the question is “What’s using this?” .
As applications have grown in complexity over time, teams have become ever more reliant on a handful of experienced developers who know the dependencies. Other developers end up either waiting for their help or crushing those senior developers with requests. Either way, the team’s productivity slips.
CodeLogic believes that if every developer had a clear view into dependencies within and across their applications, they could make changes more confidently and more quickly. CodeLogic combines static scans of binaries with active scans of systems under test to form a comprehensive graph of dependencies from APIs, through code and down into database dependencies.
With a clear view of dependencies, developers can avoid miserable break-fix cycles where each change seems to cause something new and unexpected to break. CodeLogic makes these ripple effects more predictable, leading to more peace of mind, faster development, more confidence in quality, and more senior developers that get to write code gain.
Get dependency insights today. Visit https://codelogic.com/ for more information. z
A guide to productivity tools
Developer productivity encompasses the use of many different kinds of tools — a comfortable chair and two big monitors, for example. On the software side, developers need tools for writing code, integrating code changes, testing, putting security around their work, and more. What follows is a sampling of tools in each productivity category.
Code repositories
Bitbucket ClearCase Codebase Eclipse Git GitHub GitLab IntelliJ IDEA Java.net Netbeans Perforce SourceForge Subversion Visual Studio
Collaboration tools
Codenvy Codestream Engine Yard JetBrains SmartBear
DevOps platforms
Atlassian Bamboo AWS Code Pipeline Azure Pipelines Bitbucket Pipelines Broadcom CircleCI CloudBees Codefresh Digital.ai Harness.io Jenkins LaunchDarkly Optimizely Split Software TeamCity
Security tools
Aqua Security Bridgeview Checkmarx Contrast Security Sonatype
Communication tools
Google Mail Google Meet Microsoft Teams Slack Trello Zoom
Testing tools
Applitools Applause Eggplant HCL Software Mabl Parasoft Progress Software Sauce Labs Testim Tricentis
< continued from page 17 them in the new hot technology, pay them more, or (risk losing them). ”
A matter of trust
It’ s critical that IT and the business have trust, so that when the business asks IT why something will take six months to complete, the answer is framed in such a way that the business can decide if it wants to proceed down that path or not. According to Minick, you ’ re starting to see more product management people put into that intersection.
Business talks about how quickly features and bug fixes can be released. But developers talk about velocity. Velocity, as any student of physics would recall, is different than speed. “Velocity is a vector, velocity has direction, ” Minick said. “And what we really need is speed in the right direction. That’ s why people are pulling in the SME [subject matter expert] knowledge to business, to better make sure that when we write a lot of code… it’ s what the business wants — and more specifically, what they need. And that often requires someone who has a good understanding of the business to translate from what the business says, which may not be precise enough or clear enough. There may be very ambiguous language to actual features that development can build that will actually push the application and therefore the business in the right direction. ”
The crushing demand for modern apps
The demand by the business for new applications and modern experiences far outstrips the availability of developers to do the work — a labor shortage that has plagued IT in the United States for going on two decades. Combine that with the growing complexity of modern applications and the near-constant introduction of new platforms, technologies and modes of interaction, and — Gartner ’ s Murphy said — overloaded engineers “have a feeling of, ‘Here, let me toss a few more bricks on the hod. ’
This, he said, is part of the reason that there is such growth in low-code solutions, to ease the burden on
