12 Factor Apps: Bad for smaller dev teams and people who hate bugs
Internet of Bugs 18:08
26,250 views · 1,237 likes Watch on YouTube ↗
A lot of commonly accepted practices in software development lead to consequences, which is one of the big reasons software quality has been going downhill the last few years (but nowhere near the only reason).
Today, I'm going to use the 12 factor app framework as an example of what some of those kinds of consequences can be, and make some suggestions to make things better - especially for smaller or solo dev teams.
For discussion of even more issues with the 12 factor app framework and current events in Internet bugs, see the newsletter here: https://iob.fyi/News
00:00 Patterns? or Anti-Patterns?
00:32 Note: 12-factor does have some good things
01:24 Video Intro
01:39 Faster development can lead to worse code
02:53 That time I broke Amazon (kinda)
06:57 How that relates to today's topic
08:30 Now, about the 12-factor app
08:40 How Factors 1 & 3 make bug isolation harder
10:24 What to do instead
11:33 The WORST consequence of 12 factor
12:37 Cloud independence makes for worse software
12:46 like with Factors 2 & 7
13:59 Devs teams need to care about production issues
14:34 unlike Factors 5 and 6
15:05 Three real bug-fixes that 12 factor would have disallowed
16:29 Oh and factor 11 is bad, too
17:14 Less critical gripes at https://iob.fyi/News
17:33 Wrap-up
17:49 Beware vendors who downplay problems
18:03 Closing
Links from the video:
# AI Code Article Montage:
https://builtin.com/artificial-intelligence/ai-fueled-software-crisis
https://leaddev.com/software-quality/how-ai-generated-code-accelerates-technical-debt
https://www.schneier.com/blog/archives/2025/01/ai-mistakes-are-very-different-from-human-mistakes.html
https://spectrum.ieee.org/ai-mistakes-schneier
https://visualstudiomagazine.com/Articles/2024/01/25/copilot-research.aspx
https://www.forbes.com/councils/forbestechcouncil/2024/06/12/navigating-the-challenges-of-generative-ai-in-software-development/
https://www.infoworld.com/article/3610521/refactoring-ai-code-the-good-the-bad-and-the-weird.html
https://www.code-intelligence.com/blog/risks-of-ai-generated-code
https://allinconsulting.substack.com/p/how-ai-generated-code-caused-a-10000
https://www.axios.com/2024/02/28/ai-software-bugs-google-gemini-att
https://cset.georgetown.edu/wp-content/uploads/CSET-Cybersecurity-Risks-of-AI-Generated-Code.pdf
https://www.cio.com/article/3540579/devs-gaining-little-if-anything-from-ai-coding-assistants.html
https://swagger.io/docs/specification/v3_0/about/
https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html
https://cloud.google.com/security/products/secret-manager
https://www.zdnet.com/article/botnets-have-been-silently-mass-scanning-the-internet-for-unsecured-env-files/
https://cyberpress.org/hackers-exploited-misconfigured-aws-env-files/
# C# LINQ Lambda functions
https://medium.com/@carlosbueno.kinder/key-functional-features-in-c-exploring-linq-lambda-expressions-tuples-and-async-await-ce7303b9deed
https://arxiv.org/abs/2304.09655
Today, I'm going to use the 12 factor app framework as an example of what some of those kinds of consequences can be, and make some suggestions to make things better - especially for smaller or solo dev teams.
For discussion of even more issues with the 12 factor app framework and current events in Internet bugs, see the newsletter here: https://iob.fyi/News
00:00 Patterns? or Anti-Patterns?
00:32 Note: 12-factor does have some good things
01:24 Video Intro
01:39 Faster development can lead to worse code
02:53 That time I broke Amazon (kinda)
06:57 How that relates to today's topic
08:30 Now, about the 12-factor app
08:40 How Factors 1 & 3 make bug isolation harder
10:24 What to do instead
11:33 The WORST consequence of 12 factor
12:37 Cloud independence makes for worse software
12:46 like with Factors 2 & 7
13:59 Devs teams need to care about production issues
14:34 unlike Factors 5 and 6
15:05 Three real bug-fixes that 12 factor would have disallowed
16:29 Oh and factor 11 is bad, too
17:14 Less critical gripes at https://iob.fyi/News
17:33 Wrap-up
17:49 Beware vendors who downplay problems
18:03 Closing
Links from the video:
# AI Code Article Montage:
https://builtin.com/artificial-intelligence/ai-fueled-software-crisis
https://leaddev.com/software-quality/how-ai-generated-code-accelerates-technical-debt
https://www.schneier.com/blog/archives/2025/01/ai-mistakes-are-very-different-from-human-mistakes.html
https://spectrum.ieee.org/ai-mistakes-schneier
https://visualstudiomagazine.com/Articles/2024/01/25/copilot-research.aspx
https://www.forbes.com/councils/forbestechcouncil/2024/06/12/navigating-the-challenges-of-generative-ai-in-software-development/
https://www.infoworld.com/article/3610521/refactoring-ai-code-the-good-the-bad-and-the-weird.html
https://www.code-intelligence.com/blog/risks-of-ai-generated-code
https://allinconsulting.substack.com/p/how-ai-generated-code-caused-a-10000
https://www.axios.com/2024/02/28/ai-software-bugs-google-gemini-att
https://cset.georgetown.edu/wp-content/uploads/CSET-Cybersecurity-Risks-of-AI-Generated-Code.pdf
https://www.cio.com/article/3540579/devs-gaining-little-if-anything-from-ai-coding-assistants.html
https://swagger.io/docs/specification/v3_0/about/
https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html
https://cloud.google.com/security/products/secret-manager
https://www.zdnet.com/article/botnets-have-been-silently-mass-scanning-the-internet-for-unsecured-env-files/
https://cyberpress.org/hackers-exploited-misconfigured-aws-env-files/
# C# LINQ Lambda functions
https://medium.com/@carlosbueno.kinder/key-functional-features-in-c-exploring-linq-lambda-expressions-tuples-and-async-await-ce7303b9deed
https://arxiv.org/abs/2304.09655
Playback is via YouTube's official embedded player. Data from YouTube; Exumo is not affiliated with YouTube.