Software keeps moving—and so must we. From end-of-life frameworks to sprawling polyglot stacks and never-ending CVEs, modernizing code at scale is one of the toughest, most necessary problems in engineering today. In this keynote, we’ll take a clear-eyed look at where we are—and what it really takes to move forward.
We’ll unpack the rise of agentic AI, and why the future isn’t just about bigger models but better data and tools. Generative AI may be great at writing new code, but modernizing existing code? That takes precision—and deterministic systems that know when not to guess.
We’ll also dig into the language engineering problem: how do you unify modernization with codebases written in Java, C#, Python, JavaScript, and more? Each language needs a custom model that captures types, formatting, and structure for meaningful, accurate change at scale.
Finally, we’ll confront the security tradeoffs facing modern teams: should you upgrade fast to stay on the latest most secure versions, or leverage back patches to stay secure on what you know? The answer isn't always forward motion—it’s smarter, safer modernization.
We're helping teams navigate all of this with confidence at Moderne, providing AI-driven, multi-language refactoring and modernization at scale. After all, modern software demands more than speed—it demands the ability to evolve, safely and continuously, no matter how complex the codebase or how fast the industry moves.
Join us as we kick off Code Remix Summit—your front-row seat to the future of code.
Imagine a giant corporation with hundreds of product development teams, many who joined through acquisitions. How do you remediate thousands of container images with 80-100 vulnerabilities each when facing a deadline for FedRAMP compliance?
Hear how a small team leveraged OpenRewrite to successfully drive the organization toward compliance while saving millions in development costs.
Security problems empirically fall into two categories: bugs and flaws. Roughly half of the problems we encounter in the wild are bugs and about half are design flaws. A significant number of the bugs can be found through automated testing tools which frees you up to focus on the more pernicious design issues.
In addition to detecting the presence of common bugs, however, we can also imagine automating the application of corrective refactoring. In this talk, I will discuss using OpenRewrite to fix common security issues and keep them from coming back.
In this talk we will focus on:
Using OpenRewrite to automatically identify and fix known security vulnerabilities.
Integrating security scans with OpenRewrite for continuous improvement.
*Free up your time to address larger concerns by addressing the pedestrian but time-consuming security bugs.
Generative AI can be a powerful force multiplier for developers, but it also comes with limitations. Developers are expected to co-create with AI, and check the generated output, or risk hallucinations running wild. This can aid development at a local machine, but what happens when you try to apply these tools on a massive scale?
For mass-scale code operations, AI needs to have agency, able to operate with some degree of autonomy. In this session, we’ll cover how you can combine retrieval and tool calling techniques, the richest code data source for Java called the Lossless Semantic Tree (LST), and OpenRewrite rules-based recipes to drive more efficient and accurate AI model output for refactoring and analyzing large codebases.
You’ll learn about how you can use AI embeddings as a powerful tool to visualize, analyze, and even do smarter sampling for your codebase. Plus, we’ll show you how to leverage GenAI to accelerate writing OpenRewrite deterministic recipes.
We’ll take an honest look back and a look ahead on our process, to show you how enterprises can now reliably leverage AI for code modernization at scale.
Spring Boot 3.x and Java 21 have arrived, making it an exciting time to be a Java developer! Join me, Josh Long (@starbuxman), as we dive into the future of Spring Boot with Java 21. Discover how to scale your applications and codebases effortlessly. We’ll explore the robust Spring Boot ecosystem, featuring AI, modularity, seamless data access, and cutting-edge production optimizations like Project Loom’s virtual threads, GraalVM, AppCDS, and more.
Let’s explore the latest-and-greatest in Spring Boot to build faster, more scalable, more efficient, more modular, more secure, and more intelligent systems and services.
We’ll discuss and demonstrate how to write custom recipes using OpenRewrite, an open source auto-refactoring tool, to study and analyze your code before planning migration and modernization efforts—and then automate code changes for your teams.
Join us to deepen your understanding of migration engineering with OpenRewrite and gain actionable strategies to streamline modernization and bring your codebase into the future with confidence.
IDEs have provided ways to refactor code for a long time now. In spite of their effectiveness, that journey is arduous and time consuming. Reluctance to refactor increases the cost of development. However, refactoring for the sake of doing so can lead to greater productivity loss as well.
In this presentation we will use data driven approach. We will take examples of code, measure code quality, and then use automated code transformation tools to refactor the code, and then, once again, measure the quality of code and see how much we have improved. This can help us to not only refactor faster but also see the benefits realized and motivate us to move faster with greater efficiency.
The age of hypermedia-driven APIs is finally upon us, and it’s unlocking a radical new future for AI agents. By combining the power of the Hydra linked-data vocabulary with semantic payloads, APIs can become fully self-describing and consumable by intelligent agents, paving the way for a new class of autonomous systems. In this session, we’ll explore how mature REST APIs (level 3) open up groundbreaking possibilities for agentic systems, where AI agents can perform complex tasks without human intervention.
You’ll learn how language models can understand and interact with hypermedia-driven APIs, and how linked data can power autonomous decision-making. We’ll also examine real-world use cases where AI agents use these advanced APIs to transform industries—from e-commerce to enterprise software. If you’re ready to explore the future of AI-driven systems and how hypermedia APIs are the key to unlocking it, this session will give you the knowledge and tools to get started.
Software vulnerability is a huge concern. What's lurking in code is a question that keeps passionate programmers up at night. Is there a memory leak, what about a race condition, oh what about security issues, are we violating purity of functions when we're not supposed to? We have to maintain code that others have written and it's not always easy and quick to detect those defects ticking away in the code.
In this presentation we will use AI based tools to detect issues in code, using multiple examples, and apply automated fixes and will reason about our approach and the change.
Modern type systems have come a long way since C. They’re no longer just book-keeping checks to satisfy the compiler. These days a good type system lets you express ideas about what your code does, what problems you're trying to solve, and what design constraints you're up against. But only if you know how to make use of them.
So let's take a look at the best of modern type systems and learn how to read & write them. You'll see that they types are so much more than a tool for correctness - they're a whole design language. And with a good design language, you can speak more clearly to your computer, your software can speak more clearly to your team, and you can even learn to spot poorly-expressed ideas and find new opportunities for refactoring.”
“We’re living in an ever growing distributed world, making our services smaller, deployed and multiple container instances, deployed in different nodes and regions around the globe, making it even harder to profile our application, analyze and improve its performance.
Continuous profiling is rapidly gaining interest and growing in popularity within the cloud native community. Unlike traditional profiling strategies where data at some specific point in time, continuous profiling advocates for continuous data collection and analysis with the goal of obtaining a near real-time understanding of application performance and improving code efficiency across the entire stack.
This pragmatic talk will help you understand the ins and outs of continuous profiling. You’ll also understand how continuous profiling fits into the observability stack? What are some popular open source options ? and what are its challenges ?
In this session, discover how Choice Hotels handled their migration to Java 21, navigating the complexities and challenges of adopting a new Java version while ensuring minimal disruption to their existing systems. Choice Hotels aimed to leverage the latest advancements in Java 21 to enhance performance, security, and scalability across their platforms.
Attendees will gain insights into the decision-making process behind the migration, the technical strategies used to ensure a smooth transition, and the business outcomes that have resulted.
Developer toil is real — days, even weeks, are spent conducting manual, repetitive, timegobbling tasks like unit testing, which slows enterprises down. And while GenAI coding assistants can support developers, they repeatedly fall short in performing complex unit testing tasks without human oversight.
The problem is compounded by the shortage of experienced testers, leaving developers drowning in unit testing rather than writing and innovating application code. Reports show 75% of developers’ time is spent on tasks other than code generation, resulting in 57% of developers admitting to skipping unit tests entirely.
For companies to succeed, code must be fool proof. So how can enterprises ensure testing is comprehensive and done with due diligence — and at scale?
The answer lies in reinforcement learningbased autonomous AI, which can eliminate up to 95% of the time developers typically spend on test writing. In this session, you will learn how to
Improve business productivity and eliminate developer toil by automating manual and tedious test operations at scale (both locally and in CI);
How the right tools can autonomously write and maintain unit tests for entire Java code bases;
The latest best practices for implementing AIdriven unit testing in Java projects, strategies for overcoming common challenges in automated test generation, and the related quantifiable benefits observed in development team productivity and software reliability
This talk is designed for companies and dev leaders looking to push the boundaries of what’s possible in testing with emerging AI technology.
In today's fastpaced world, technology evolves at an incredible speed, and businesses need data solutions that can keep up. This talk explores the challenge of building data platforms that not only scale efficiently but also provide fresh, realtime data to meet the needs of an impatient tech landscape.
We’ll discuss how to create systems that handle high volumes of data instantly and maintain performance under pressure, so your business can stay ahead in a world that doesn’t wait.
When you have billions of lines of code and thousands of software repositories, code maintenance and modernization can be challenging. In his keynote, Dov Katz will cover how Morgan Stanley is saving tens of thousands of development hours on just one migration with the help of OpenRewrite recipes and Moderne, enabling largescale code changes, and paving the way for faster feature delivery, improved security compliance, and a more sustainable development lifecycle.
Attendees will gain insights into the strategic planning, implementation process, and realworld challenges tackled during this journey. Leave with actionable strategies to unlock efficiencies and alleviate tech debt within your organizations.
Have you ever wondered what it takes to develop a solution similar to Google Docs and then build on top of it with extra layers of security and functionality?
During the planning phase of a military operation, there are multiple text documents that need to be updated simultaneously by multiple users. At the same time, there is a requirement to provide security in airgapped deployments.
As such, a solution that follows high standards for security, performance and quality is required.
Within my presentation, I will be describing an embedded solution based on advanced operational transformation algorithms which allows realtime secure collaborative editing, as well as several challenges that we have faced during development and how we managed to overcome each of them.
Software running in production today is often unpatched, yet businesses and customers place their trust in it daily. What happens when we shift the narrative? In this session, I’ll share stories from the frontlines of working with organizations worldwide to adopt OpenRewrite. We'll explore the state of software before OpenRewrite, the challenges teams faced, and the critical lessons learned in building maintainable systems.
Discover how OpenRewrite is transforming the ROI of software by enabling teams to refactor with confidence, keep their systems secure, and futureproof their applications. We'll also explore the current landscape of teams that have mastered OpenRewrite, showcasing how they’ve turned maintenance into a competitive advantage.
The future of software development is clear: if we design with maintenance in mind, we create organizations that are more efficient, secure, and, ultimately, more enjoyable places to work. Join me as we explore this evolving story and envision a better path forward.
In this architectural kata, you will step into the shoes of a software architect tasked with designing a modern healthcare management system for a rapidly growing provider, MedBest.
The challenge is to create a system that integrates patient records, appointment scheduling, billing, and telemedicine while ensuring robust security, compliance with regulations, scalability, and cost efficiency.
Change is at the core of software engineering. Product requirements, performance problems, old bugs, and outdated dependencies mean that even the code we'd least like to modify must often be changed. Unfortunately, each change is an opportunity to introduce a whole host of subtle bugs. These oversights lurking in the shadows of every codebase are what keep software engineers up at night.
There is no shortcut to effortless code change, but intentional design in programming languages like Roc can make it vastly easier. Roc's expressiveyetsimple type system, penchant for explicitness, and thoughtful focus on developer experience make it a powerful tool for evolving a codebase over time. Features like purity inference, tag unions, and exhaustive pattern matching remove whole categories of bugs, make many others unlikely, and ultimately free up bandwidth for us to build better software faster.
In this session, we’ll examine how Intel Capital identifies highgrowth investment opportunities in tech software while mitigating risks in a rapidly shifting market.
Through realworld case studies and expert analysis, you will gain a deeper understanding of the key drivers of value creation in the tech sector, strategies for portfolio diversification, and the metrics that matter most when evaluating earlystage ventures versus mature technology firms.
For many obsolete APIs, it's possible to implement them in the very same manner it would prefer callers did for themselves. This is an excellent practice, since it guarantees equivalent behavior, and thus no surprises for complying users.A user replacing a call to such an API with its own implementation (adjusting variable names and so forth) is called inlining the method.
@InlineMe lets the API owner trigger this inlining to happen automatically for all the API's users via static analysis.
“Spring Boot has a new release every 6 months. Your organization has hundreds (thousands? tens of thousands?) of Spring Boot applications owned by nearly as many separate teams. Those teams each have diverse priorities, and hygiene is usually not at the top of the list.
How do you compel those teams to stay up-to-date? What are the real costs and benefits? And what if those apps aren't ““quite”” Spring Boot, but actually an in-house framework built on top?
Hint: OpenRewrite helps a bunch.
This session approaches these questions from experience inside JPMorgan Chase, a technology organization of 50k people, 17b annual spend, and a whole lotta Spring Boot.
Programming languages like Java have been in the market for almost 30 years, resulting in hundreds of thousands of lines of legacy code that need maintenance and upgrades.
In this talk, we'll explore how genAI can revolutionize the process of upgrading legacy code. You'll learn about 10 essential tools and tips to efficiently refactor, modernize, and enhance your existing Java codebase.
As an architect you're often working at a high level on projects, thinking of architectural concerns such as distributed applications, CI/CD pipelines, inter-team APIs, and setting standards. Code quality affects everything that a software architect needs to work on - from a small way to a big way.
We typically look at 6 Code Quality Areas:
Readability
Flexibility
Reusability
Scalability
Extendibility
Maintainability
In this talk, we'll look at techniques and tools for managing code quality. Our goal as architects is to maximize the manageability of code, consider different coding paradigms and their effect on the six areas, and how to create habits and processes to ensure long term code viability. We'll take a couple of sidebars on performant vs manageable code and OO vs Data Oriented coding. We'll look at tools for doing static analysis vs dynamic analysis.
AI is changing the way your organization builds software; boosting developer productivity but introducing new privacy and security risks. AI agents and assistants silently leak sensitive data as “context,” while large language models hallucinate exploitable packages.
This session exposes top threats and provides actionable solutions to safeguard your projects.
GenAI has gone from generally available, novel technology to widely adopted in a matter of months. Most engineering organizations are using GenAI to generate code, write tests, and assist in code reviews. New code is becoming dirt cheap to write but our delivery pipelines remain miserably unprepared for the tsunami of new code flowing at a much more rapid pace.
Our current pipelines need a hard reset to prepare us for the GenAI revolution and engineering managers need to get started TODAY.
This talk will dive into where GenAI is starting to break down our delivery pipelines. While scaling CI/CD is easy, and we can always add a few more workers, scaling the humans in the process is the hard part. This talk will demonstrate how massive amounts of new machinegenerated code will impact our pipelines, in ways that will require either greater headcount, or smarter, automated pipelines. You'll come away with ideas for how to modernize your delivery pipeline so you can fully embrace the GenAI revolution.
Get a deep dive into the types of threats outlined by OWASP and beyond. You’ll learn concrete, actionable steps to protect your team's AI projects from the biggest threats and get a chance to grasp the gravity of AI security by live-hacking AI applications/LLMs.
Join us to gain better knowledge and strategies to safeguard your organizations reputation, assets, and bottom line in an AI-driven landscape.
Join a panel of trailblazing engineering leaders who are shaping how the industry thinks about scaling software development. From navigating technical debt to responsibly integrating generative AI, this conversation will cover the hard-won lessons and emerging strategies for managing massive codebases.
We’ll dive into:
Come with questions—this panel is built to spark insight and honest discussion.