CodeScene: The First Three Years of a Bootstrapped Startup
Empear, the product company behind CodeScene, celebrates its 3 years anniversary this month. Empear is a bootstrapped startup so this is a significant milestone as roughly 30% of all startups fail in their first years. In this article I’ll reflect on those first years, what we learned, and where CodeScene is heading in the future.
A Year in the Basement
Founding a company wasn’t an easy decision. I had a comfortable job as a software consultant, earned well with a predictable income, and enjoyed a good night’s sleep. However, my heart was in software analysis, particularly in the evolutionary and social aspects of large-scale software products. I knew that Your Code As A Crime Scene had really just scratched the surface of what’s possible, and I also knew that to popularize these techniques there had to be good tool support. After all, ideas grow in value when they are accessible and actionable. If we could automate all the techniques from the book we would have the potential to revolutionize how the software industry thinks about code.
So in July 2015 I quit my job as a consultant, barricaded my self in the basement and started to work on what eventually became CodeScene while I burned through my savings account. Empear, the company itself, took a few months longer to incorporate but we hit the road running in October that year with our first customer.
At that time in 2015 CodeScene wasn’t good enough to sell. So we started by providing the analysis as a service based on the still unreleased CodeScene product. This had several advantages. First of all, we earned enough money to fund the development of the product. Second, and perhaps even more important, we got a lot of experience analyzing code from different companies across different domains. That gave us an excellent opportunity to evaluate what works, what doesn’t, and what features CodeScene would need.
Looking back, bootstrapping CodeScene by using the tool for our own services has been one of the most important decisions we ever made. To this day we use CodeScene ourselves on a daily basis and we continue to discover and learn a lot about how systems evolve, where the risks are, how they go wrong, and how we can prevent future problems. All that learning gets transformed into automated analyses inside CodeScene so that all users can benefit from our experience.
Releasing the Product
After 6 intense months we had the first version of CodeScene ready. Even better, we had a few customers willing to pay for the product so we made the first installations in early 2016.
That first version had the same core as today’s CodeScene, but it lacked some of the advanced analysis capabilities we use on a daily basis today like the X-Ray technology, the Code Health calculations, the risk predictions and CI/CD quality gates, as well as the team-level measurements of operational boundaries and team autonomy.
CodeScene has evolved a lot since that early release. The analyses themselves have improved in both speed and predictive power, but we have also added enterprise features that we didn’t consider three years ago. Some of the highlights include:
- Analyze Microservices: Microservice architectures have become mainstream, and traditional static code analysis won’t cover the critical aspects of such architectures. With CodeScene, you can measure organizational aspects such as team autonomy as well as detecting implicit dependencies between services even when they are implemented in separate repositories.
- Single Sign-On and LDAP Integration: CodeScene lets you integrate with services such as Active Directory to authenticate users and simplify operations.
- CI/CD Support with Risk Prediction: CodeScene calculates a delivery risk for branches, pull requests, and even individual commits. This helps organizations to focus code reviews and additional tests where they are likely to be needed the most.
- Virtual Code Reviews: During our services, we found out that we frequently had to inspect the code behind the hotspots. To automate that task, we built a virtual code reviewer into CodeScene that looks for high-level patterns that are known to correlate with increased maintenance costs.
- Assigning Costs on Technical Debt: CodeScene integrates with project management tools such as JIRA in order to provide specific costs for each hotspot and sub-system.
- On- and Off-Boarding Simulation: CodeScene comes with a simulation module that lets you plan projects and detect potential on- and off-boarding risks.
None of this would have been possible without our great team. I’m incredibly proud of all the skilled people I get to call my colleagues and I learn a lot from them, often on a daily basis.
Making CodeScene happen has been a lot of hard work, so each public recognition counts. Just last week we got a beautiful certificate from UC:
UC is Sweden’s leading institute for credit ratings, and Empear lands in the highest category with its gold rating. That’s definitely a sign we’re doing something right.
And earlier this year we got the following wonderful recognition as we took CodeScene to the research community:
Finally, a really fun and motivating event was when Carl XVI Gustaf the king of Sweden visited our office and got to meet CodeScene:
Today, CodeScene’s on-prem version is used by organizations on five continents to analyze codebases of all scales. From small projects with a handful of developers to large codebases with millions lines of code and thousands of developers. We also provide a SaaS version of CodeScene at codescene.io that serves thousands of users.
Many users is of course good. But it also comes with responsibilities for us as a company. That’s why we have a number of fundamental principles that influence our decisions about the future of CodeScene:
- Actionable: CodeScene’s insights and metrics have to be actionable. All information in CodeScene is there for a reason, and we base our analyses on real-world experience and use case. We never add anything just because we can.
- Facts: CodeScene’s analyses are based on empiric research, and we are part of the research community ourselves. This gives both us and our users confidence in the information CodeScene delivers.
- Guide, don’t Judge: CodeScene intends to complement your expertise and contextual knowledge, not replace it. As such, the tool is there to guide your expertise and attention to where it’s likely to be needed the most. The decisions are still yours – you’re the expert.
- Friendly: My vision for CodeScene from day one was to build a tool that feels more like a helpful extra team member. You know, that person who’s always ready to offer some guidance, answer the hard questions, catch bugs and mistakes before they become issues, and have an unbiased mind. CodeScene is getting there, and as a team member it’s comfortable serving thousands of people in parallel 24⁄7 without missing a beat.
Our next major version is going to reflect and enhance all of these values. We’re looking to bring humans more closely into the loop. That combination of CodeScene’s algorithms and machine learning with human insights are going to feel magical, and I’d like to think that it represents a step forward for the whole field of software analysis.
Happy Birthday, CodeScene – you are an amazing and wickedly smart friend, and I’m proud of what you have become!