CodeNSM
codensm / blog

Field notes on code, debt and judgment in the LLM era.

Essays from the team behind CodeNSM — first a long, honest walk through the problems of the AI coding era, then the methodology we built in response: what production telemetry reveals about codebases, why the old debt instruments stopped working, and how we run pre-registered science on the results.

The Problem — a 30-part walk through the AI coding era

Written to be read in order. Start at Part 1 →

1 The Problem · Part 1 Nobody wrote this code Every line of code used to ship with an invisible warranty: a human being once understood it. Sometime in the last two years that warranty quietly expired, and almost nobody read … 7 min 2 The Problem · Part 2 The prompt lottery Same developer. Same ticket. Two different prompts. Radically different code — one elegant, one a slow-motion liability — and the diff looks equally green either way. Code quality… 7 min 3 The Problem · Part 3 Graduating without scars There's a whole cohort of engineers entering the industry right now who have never once debugged their own 2am disaster — because they've never had to. The pain is gone. Here's th… 7 min 4 The Problem · Part 4 The review theater Code review was engineered for a world where humans typed the code, at human speed. That world ended. The ritual survived. What's running in your PR queue right now isn't quality … 7 min 5 The Problem · Part 5 Copy-paste velocity Your team is shipping more code than ever, and the charts have never looked better. One problem: shipping faster and progressing faster are different things, and the gap between t… 7 min 6 The Problem · Part 6 The confidence machine Humans leak uncertainty everywhere — hedging comments, TODO flags, that one Slack message that says 'not sure about this bit.' Models leak nothing. Every line arrives with the sam… 7 min 7 The Problem · Part 7 Ten thousand lines a day Your codebase is growing faster than any group of humans can read, let alone understand. That gap between what exists and what anyone comprehends has a name, it compounds like deb… 7 min 8 The Problem · Part 8 The missing mentor The most valuable code review comments were never about the code in the diff. They were twenty years of scar tissue, transmitted one 'hmm, are you sure about this name?' at a time… 7 min 9 The Problem · Part 9 Tests that test nothing Ask an AI to write tests for a function and it will — beautiful ones, lots of them, green across the board. There's just one small catch: they assert that the code does whatever t… 7 min 10 The Problem · Part 10 The abstraction collapse Developers have stopped reading below the function signature — and honestly, who can blame them? But every abstraction era before this one kept a few people stationed at the botto… 8 min 11 The Problem · Part 11 You own a multi-million-dollar asset you have never met You would never run a warehouse you've never walked through. Yet the core asset of a software company — the codebase — is unwalkable by its own owner, and everyone has quietly agr… 7 min 12 The Problem · Part 12 You have a dashboard for everything except the thing you sell Count your dashboards: servers, funnels, revenue, ad spend, uptime. Now find the one that shows what the code itself did today. There isn't one. The entire observability industry … 7 min 13 The Problem · Part 13 The employees who haven't shown up in three years (and are still getting paid) Dead code doesn't cost CPU — dormant functions are nearly free to run, because they don't run. What they cost is comprehension: every engineer who reads the file must still step a… 7 min 14 The Problem · Part 14 Ten functions are carrying your entire company. Name them. Production traffic doesn't spread politely across your codebase — it stampedes through a handful of functions while thousands of others watch. Every team has a hot path. Almost no… 7 min 15 The Problem · Part 15 Nobody made it slow. It's slow. Your app used to feel fast. Now it doesn't. You can git-blame a bug to a line and a lunch break — but slowness has no author, no commit, and no witness. Latency doesn't break; it … 7 min 16 The Problem · Part 16 “Oh, that one always throws” — the five scariest words in software Every mature system runs a background hum of failures that everyone has stopped hearing. Sociologist Diane Vaughan studied how NASA normalized O-ring damage until Challenger. Your… 7 min 17 The Problem · Part 17 The questions your CTO can't answer (and why that's not a firing offense) You have a great CTO. This post is not about replacing them. It's about the honest unknowns even an excellent technical leader carries — which code is secretly load-bearing, what … 7 min 18 The Problem · Part 18 The scariest code in your company runs four times a year Everyone worries about the bus factor as a people problem — what if Dana leaves? But the sharpest version is a code problem: the refund handler, the auth edge case, the year-end j… 7 min 19 The Problem · Part 19 Your codebase is 80% glue. Do you know where the gold is? A gold mine is almost entirely rock — and nobody minds, because the mine knows exactly where its seam runs. Your codebase is mostly vanilla integration glue wrapped around a thin … 7 min 20 The Problem · Part 20 How to buy a software company: check every invoice, skim the software Acquirers diligence the financials to the decimal — forensic accountants, quality-of-earnings reports, months of scrutiny. The codebase, the machine that GENERATES those financial… 8 min 21 The Problem · Part 21 Debt without a borrower: the 2 a.m. loan nobody signed Ward Cunningham's debt metaphor had a hidden assumption so obvious nobody wrote it down: somebody chose to borrow. In 2026, code debt is taken out by a model at 2 a.m. with nobody… 7 min 22 The Problem · Part 22 Interest compounds in prod: why your ugliest code might be free Two identical horrible functions. One has cost you nothing in three years. The other bills you daily and is quietly writing your next incident report. The difference isn't in the … 7 min 23 The Problem · Part 23 The firefighting ratio: the most important number your team has never measured What share of your engineering commits chase fragile code, and what share builds new value? Almost no team can answer. Which is strange, because it might be the single most expens… 7 min 24 The Problem · Part 24 Rewrite roulette: 'let's just rebuild it' is debt denial with a project plan At some point in every debt-soaked codebase's life, someone says the five most expensive words in software: let's just rewrite it. Brooks warned you in 1975. Naur explained why in… 7 min 25 The Problem · Part 25 The non-technical CEO's survival guide to an engineering org you can't audit You can read a P&L, interrogate a funnel, and smell a bad sales forecast from across the room. And the asset everything depends on reports to you through one channel: what your en… 7 min 26 The Problem · Part 26 Hiring a tech lead vs. renting judgment You're not paying a great tech lead for their typing. You're paying for two hundred daily decisions about where to look — what to review deeply, what to wave through, which quiet … 7 min 27 The Problem · Part 27 What good looks like: five observable properties of a healthy codebase Twenty-six parts of this series have been about the disease. This one is about health — not as a vibe or an architecture diagram, but as five properties you can literally observe.… 7 min 28 The Problem · Part 28 The checklist: are you flying blind? Pilots learned the hard way that 'it feels fine' is not flight data — in clouds, your inner ear confidently lies to you. Twelve questions, four themes, one honest score. Find out … 6 min 29 The Problem · Part 29 Measuring what the code does (not what it says) Static analysis reads your code like an essay. Repo mining reads your commits like a diary. Both are real instruments — and both go dark at the exact boundary where this series' p… 7 min 30 The Problem · Part 30 The case for code telemetry: what thirty parts add up to The AI era broke three controls at once — authorship, review, and apprenticeship — and no amount of process nostalgia brings them back. This closing part assembles the argument: v… 8 min

Methodology & Product — how CodeNSM answers it

Research programme

Pre-registered software telemetry science: why we wrote 51 falsifiable hypotheses before looking at the data

Most vendor 'research' is marketing that went looking for a p-value. We did the opposite: registered 51 falsifiable hypotheses about production codebases in code, before the data arrived — and built the anonymization so the database itself can be shared for verification.

2026-07-01·7 min read
Engineering philosophy

Rule engines where we know the physics, LLMs only for the last mile

The fashionable way to build CodeNSM would be to pour telemetry into a large model and ask it what it thinks. We refused. Here is why every archetype, state and score in CodeNSM is deterministic — and where the LLM genuinely belongs.

2026-06-22·6 min read
Methodology

Meet your code employees: the CodeNSM archetype taxonomy

Every function in a production codebase is doing a job — routing, record-keeping, diplomacy, security, cleanup. Name the job and suddenly 'is this function healthy?' becomes answerable, because you can compare it to its peers instead of to the whole company.

2026-06-14·7 min read
Diligence

Reading a codebase like a balance sheet

Acquirers diligence revenue to two decimal places and diligence the codebase with a two-hour architecture call. Here is the split that actually matters — unique engineering IP versus vanilla glue — and how runtime evidence turns 'trust me' into a schedule of assets.

2026-06-07·7 min read
Agencies & studios

Proof over promises: attaching living quality evidence to agency deliverables

Every agency says 'we write clean code.' None of them can prove it a month after handover, when the invoice is paid and the codebase is a stranger's problem. Living telemetry turns the handover from a zip file into a warranty.

2026-05-31·6 min read
Engineering leadership

Walking the floor at scale: what tech leads actually monitor, and why your dashboards miss it

Great tech leads do a daily gemba walk through the codebase — noticing fragile corners, drifting boundaries, load-bearing hacks. Commit counts and velocity charts capture none of it. Here is what the walk actually consists of, and what it takes to keep walking at 40 engineers.

2026-05-24·7 min read
Founder lens

The non-technical founder's blind spot

You can read your P&L, your funnel, your churn cohort — and you cannot read the one asset everything else depends on. What a great tech lead sees daily, why you structurally can't, and how much of that judgment layer is now automatable.

2026-05-17·6 min read
LLM-era debt

The tech-debt crisis nobody codes anymore

Cunningham's debt metaphor assumed the borrower knew they were borrowing. In 2026, most new code is drafted by models, reviewed by people who never wrote the line, and shipped at a volume no review process was designed for. The metaphor needs an upgrade — and so does the measurement.

2026-05-10·7 min read