Developer Productivity Engineering Blog

The software delivery ecosystem is currently at an inflection point, driven largely by the sheer volume of code generated by GenAI. This shift has magnified challenges for engineering organizations, leading to an explosion in code output, test volume, and overall build complexity, all of which have begun to overload CI pipelines. But there’s good news: The clear path back to CI efficiency is comprehensive caching.

A key theme and major challenge that emerged from DPE Summit 2025 is the Developer Productivity Paradox—developers are using Generative AI to crank out code faster than ever before, but somehow, the metrics aren’t showing an overall productivity improvement.Engineers feel more effective with AI, yet the flood of new code is overwhelming everything downstream, breaking stability and exposing systemic friction.

Did you know that over 20,000 new software security vulnerabilities were disclosed in just the first half of 2025? And since February 2025, the volume of disclosed vulnerabilities has increased by more than 3x.

Although AI is opening up vast opportunities for innovation, it’s also introducing new risks, and in some cases, being used to attack the software toolchain itself. As a result, we need a more comprehensive approach that extends far beyond traditional security measures. For DevOps and software supply chain professionals, understanding and implementing robust Governance, Risk, and Compliance (GRC) is becoming essential for protecting an organization’s most critical business systems.

Taking measurements first to establish a base state before attempting to improve performance applies not just to optimizing application performance in production, but to optimizing the entire developer experience. Let’s apply that powerful performance engineering mindset to our internal processes and our path to production.

When you put an application in production today, being able to observe its real-time behavior is a non-negotiable requirement. Yet this is rarely the case for our internal software systems that we use to build and release these same production applications.

I see a persistent and dangerous blind spot in the industry in overlooking the operational health of the software toolchain itself. We should view every component related to the build, tests, CI pipelines, local build systems, and DevOps tools—what I refer to collectively as the toolchain—as production systems.

We’re excited to share a tool designed to cut down on the frustrating build and test cycle and bring build performance analysis right where you spend most of your time: your favorite IntelliJ IDE, like IDEA or Android Studio. We’re talking about the Develocity IntelliJ Plugin, which integrates powerful real-time analysis directly into your IDE.

In their blog post, the Commonhaus Foundation announced our sponsorship of their foundation with a with free dedicated instance of Develocity. This partnership brings comprehensive toolchain observability, build and test acceleration technologies, and rapid troubleshooting features to Commonhaus projects, enabling their communities to build, test, and deploy code faster and with greater confidence.

The software industry is currently at an inflection point due to the avalanche of GenAI code output. Engineering organizations are facing unprecedented challenges in feedback cycle frequency and code volume and complexity, magnifying the potential for errors, unintended behaviors, and deployment risks.

To meet the challenges AI has introduced to modern software delivery, we need a new approach: toolchain observability. Our toolchain observability platform, Develocity 360, empowers your organization to gain actionable insights for faster troubleshooting, optimize build performance and compute resources, create a more reliable software delivery pipeline, and ensure more secure and compliant software.

DevOps has brought remarkable improvements in efficiency and velocity across the SDLC, but a critical frontier remains: the automation of Governance, Risk, and Compliance (GRC). Learn why a Strongly Identifiable Binary (SIB) is the key to the next evolution of DevOps with Continuous GRC.