Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Beyond Coding

Beyond Coding

Avatar for Rodrigo Graciano

Rodrigo Graciano

September 30, 2025
Tweet

More Decks by Rodrigo Graciano

Other Decks in Technology

Transcript

  1. The Developer Reality ONLY ~30% OF DEV TIME SPENT CODING

    MEETINGS ~20–40% OF DEV TIME OTHER TASKS
  2. The Good News TOOLS EVOLVING TO HELP DEVELOPERS OPEN-SOURCE +

    COMMERCIAL ECOSYSTEMS GOAL: PRODUCTIVITY + COMPLIANCE + QUALITY
  3. About the Author – Rodrigo Graciano • Java Champion (since

    2022) • Oracle ACE Director • Java Community Process EC Member • Technical Editor of Real-World Java • Speaker at JavaOne, Devnexus, JNation, TDC, dev2next • Focus: Developer productivity, AI adoption, modernization
  4. Dependabot AUTOMATES DEPENDENCY UPDATES VIA PULL REQUESTS. HIGHLIGHTS KNOWN VULNERABILITIES

    IN DEPENDENCIES. NATIVE TO GITHUB, EASY CI/CD INTEGRATION.
  5. Snyk SCANS CODE, DEPENDENCIES, CONTAINERS, AND IAC FOR VULNERABILITIES. PROVIDES

    REMEDIATION GUIDANCE AND PATCHES. BROAD ECOSYSTEM SUPPORT, INTEGRATES WITH IDES, REPOS, CI/CD.
  6. Static Analysis & Security Tools TOOL STRENGTHS LIMITATIONS BEST FOR

    SonarQube Mature; huge rule set; dashboards Heavy to run; requires server Enterprise-wide adoption Qodana Deep IDE/CI integration; JetBrains-native Best for JetBrains shops; newer Teams already in JetBrains ecosystem Checkstyle Lightweight; configurable rules Narrow scope (style only) Style enforcement Dependabot Wide variety of languages and frameworks Narrow scope. Dependencies only Update vulnerable dependencies Snyk Broad ecosystem; wide variety of vulnerability scams Free-tier is limited Security coverage
  7. AI Tools for Testing COPILOT – AI ASSISTANT IN IDE

    SCAFFOLDS TESTS & ASSERTIONS DEPENDS ON PROMPTS & REVIEW
  8. Unit Testing & Coverage Tools Tool Strengths Limitations Best For

    Diffblue Cover Generates runnable unit tests quickly; CI integration Commercial license; Java only Enterprises needing fast coverage boost EvoSuite OSS; generates JUnit tests; free Tests may need cleanup; setup tricky Teams wanting open-source alternative PiTest Checks test quality via mutation testing Slower; doesn’t generate tests Teams validating existing tests Copilot Inline test scaffolding & assertions Dependent on prompts; depth varies Individual productivity in IDE
  9. Considerations HIGH COVERAGE IS DIFFERENT THAN HIGH QUALITY WE SHOULD

    ALWAYS AIM FOR HIGH QUALITY IF YOUR TESTS NEVER FAIL, DO THEY REALLY TEST?
  10. Tackling Technical Debt & Modernization Tool Strengths Limitations Best For

    OpenRewrite Automates migrations (Java, Spring) Needs maintained recipes Enterprises with legacy portfolios Moderne Fleet-wide migrations; dashboards Commercial license; setup effort Large orgs modernizing many repos Manual Refactoring Full control, no licensing Time-consuming; inconsistent Small/custom projects
  11. AI Tools Copilot – assists coding & testing Windsurf –

    Cursor Amazon Q – enterprise knowledge + code search
  12. Real-World Impact Code coverage nearly doubled in 1 year Release

    frequency increased by 50% Java upgrades cut from weeks to days
  13. How to Choose Tools INTEGRATION WITH IDE/CI/CD COST: OPEN- SOURCE

    VS PAID ECOSYSTEM & COMMUNITY SECURITY & COMPLIANCE NEEDS
  14. Key Takeaways TOOLS REDUCE COMPLIANCE VS INNOVATION TRADE-OFF OSS +

    AI + ENTERPRISE SOLUTIONS = STRONG TOOLKIT FOCUS ON INNOVATION, NOT DRUDGERY
  15. Resources & References • Unit Testing • Diffblue Cover →

    https://www.diffblue.com • EvoSuite → https://www.evosuite.org • PiTest → https://pitest.org • GitHub Copilot → https://github.com/features/copilot • Technical Debt / Modernization • OpenRewrite → https://docs.openrewrite.org • Moderne → https://moderne.io • Qodana → https://www.jetbrains.com/qodana • Static Analysis & Security • SonarQube → https://www.sonarsource.com/products/sonarqube • Checkstyle → https://checkstyle.sourceforge.io • PMD → https://pmd.github.io • AI Tools • Amazon Q → https://aws.amazon.com/q • Windsurf → https://windsurf.ai