Show HN: Fully automated codebase migrations and upgrades using AI

43 points by immortalloom ↗ HN
Hi folks! I’m Eric Rowell, and I’m really excited to share what our startup has been working on: https://www.second.dev. Second automates codebase migrations and upgrades for developers using AI agents and static analysis. You log in, connect Second to your GitHub repo, run a module, and get a pull request.

Here’s a demo video: https://www.youtube.com/watch?v=d5IldYeCPBY.

We believe that most developers want to spend their time innovating and creating new software. A lot of time at large companies is spent on basic codebase maintenance instead. Not all of this is automatable, but some is! And the technology to support it is developing rapidly.

Unlike generic AI agents, our AI agents specialize in codebase migrations and upgrades. The agents run modules which include a procedural plan of attack, and execute prompts using RAG (Retrieval-Augmented Generation) to utilize the most up-to-date context to do the job, including documentation and code examples, crawled with LangChain and stored in vector DBs. Our agents also reshape directory structures, resolve dependencies, and update build systems. The agents can run in our Second Cloud, in your own AWS or Azure VPC, or they can run fully on-premise with open source LLMs.

Today, we specialize in Angular → React, CRA → Next, JS → TS, and Upgrade Next. We’re building new modules every week, and we plan to open up an SDK to enable the Second community to build their own modules too.

You can try Second for free on codebases up to 2MB. For larger codebases, we charge $10/MB for the first module run, and then after that you can run it as many times as you like for free.

Please try it out and let us know what you think. We are obsessed with codebase migrations and upgrades, so please let us know how we can help!

20 comments

[ 2.5 ms ] story [ 44.1 ms ] thread
I can definitely relate. As an engineering manager, migration projects are often the least fun to work on. They are complex, take a ton of time and no one wants to work on them. If this works as promised. I would like to try it on a few migrations myself. Best of luck on your work,
Yea! Let me know if we can help your team with any of those. Right now we specialize in AngularJS -> React, CRA -> Next, JS -> TS, and Upgrade Next
How do you handle dependencies like libraries?
We use LangChain to crawl documentation and code examples for relevant frameworks and libraries, to make sure that the AI generated PR is up-to-date. We also have a custom dependency resolver that detects which new dependencies need to be added, as well as updating the package.json files with the correct version numbers
"custom dependency resolver" I am intrigued, Ill check it out.
In general, as our AI agents produce code files, we collect dependencies, and then at the end, use npm to determine the correct version numbers without actually installing on disk
I've seen a team crawl through a Python 2 -> 3 migration for months, paralyzing product dev. Applying AI to the migration space is really smart.
Yea! It turns out that we get this request quite often (Python 2 -> 3). It's on the roadmap.
How is this better than deterministic codemods?

Next 12 to 13 (with app router) is a struggle for even seasoned teams. Not looking forward to AI handing off a 162833292 line PR.

Great question! So our AI agents actually use a combination codemods plus generated AI results. We use static analysis and codemods as much as possible, but there are lots of situations where AI is the best tool. We have found that AI is particularly good at transforming EXISTING logic from one state to another, in a fairly predictable and consistent way, so long as the code transformations are individual functions or code files.

In combination with our RAG approach, you will find that if you run the same module multiple times, the generated results are incredibly similar with very little variation. Give it a go for yourself! You can try it for free on codebases up to 2MB, or use any of our example repos.

But I can’t ask the AI why it renamed all my files to mediocre 80s bands.
Hah yea. But, we use RAG to ensure that the choices made are really good. LLMs on their own can't be trusted, they are just great communicators. LLMs combined with reputable sources (like documentation and code examples) provide really great results! And these data sources actually can be queried, as they are shipped with each module.
Migration projects are painful and no developer enjoys them. Good to see a great solution to automate this!
I love this. I'm really curious to see what the SDK for this looks like.

These kinds of migrations are unbelievably tedious on large codebases, and when lots of teams are involved they can turn very high-friction. Being able to build a module to conduct a one-off migration over a huge codebase would be a massive force-multiplier for a lot of teams.

Really love the direction here.

One thing that is nice about human teams doing migrations is the opportunities to redirect, optimize, and discuss.

1. Are these migrations purely A -> B or is it A -> Optimized B? 2. Are there any opportunities for the AI to be interactive to request feedback or have a discussion with the process as it is going?

I'm incredibly excited about this one. Migrations are a hidden cost that most people don't want to see it.
Next 12 to 13 migration could be interesting for our (open source) code base. Currently using tRPC, page router and next auth. Until now I did not push for the migration as it seemed rather complex and non-urgent.

Do you have learnings on for which kind of project setups the migration works well and for which it struggles?

None come to mind - you should give it a go and see how the PR turns out
How would this cover for security vulnerabilities and other invisible tech debt that was incurred in the previous iterations? Generally, in the migrations, humans discard a lot of old code for new modules and capabilities which have become available. Does the AI take care of that?