--- id: wiki-2026-0508-continuous-obsolescence title: Continuous Obsolescence category: 10_Wiki/Topics status: verified canonical_id: self aliases: [Tech Obsolescence, Software Decay, DIMINISHING-Manufacturing-Sources] duplicate_of: none source_trust_level: A confidence_score: 0.88 verification_status: applied tags: [software-engineering, lifecycle, dependency-management, technical-debt] raw_sources: [] last_reinforced: 2026-05-10 github_commit: pending tech_stack: language: process framework: lifecycle-management --- # Continuous Obsolescence ## 매 한 줄 > **"매 modern software 의 dependency tree 의 매일 obsolete 의 part — passive 의 X, continuous mitigation 의 require"**. 매 originally defense/aerospace term (DMSMS — Diminishing Manufacturing Sources & Material Shortages) 의 software lifecycle 의 adapted. 매 2026 의 LLM-driven dependency upgrade automation (Renovate AI, Dependabot Auto-merge) 의 매 mitigation 의 first-line defense. ## 매 핵심 ### 매 obsolescence 의 종류 - **Hard obsolescence**: 매 dependency 의 end-of-life (Python 3.7, Node 14, Ubuntu 18.04). - **Soft obsolescence**: 매 community migration (jQuery → React, Webpack → Vite). - **Security obsolescence**: 매 unpatched CVE 의 forcing function. - **API obsolescence**: 매 deprecated endpoints (AWS SDK v2 → v3). - **Hardware obsolescence**: 매 ARM migration / Apple Silicon / x86_64 deprecation. ### 매 cost dynamics - **Linear today**: 매 weekly dep update 의 trivial. - **Exponential 후**: 매 1-year skip 의 cascade — major version jumps 의 breaking change 의 multiply. - **Cliff event**: 매 EOL 의 forced sudden migration ("Python 2 to 3" 의 trauma). ### 매 mitigation strategies 1. **Continuous (default)**: 매 weekly automated PR via Renovate/Dependabot. 2. **Tiered**: 매 dev-deps 의 aggressive / runtime-deps 의 conservative. 3. **Frozen + audit**: 매 occasional 의 enterprise — 매 annual mass-upgrade. 4. **Replace-not-upgrade**: 매 abandoned deps 의 fork or rewrite. ## 💻 패턴 ### 매 Renovate config (modern 2026 baseline) ```json { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": ["config:recommended", "schedule:weekly", ":automergeMinor"], "packageRules": [ { "matchUpdateTypes": ["minor", "patch"], "matchCurrentVersion": "!/^0/", "automerge": true }, { "matchUpdateTypes": ["major"], "addLabels": ["needs-review"], "automerge": false }, { "matchPackagePatterns": ["^@types/"], "automerge": true, "schedule": ["at any time"] } ], "vulnerabilityAlerts": { "labels": ["security"], "automerge": false }, "dependencyDashboard": true } ``` ### 매 dep-EOL scanner ```python # Scan for end-of-life dependencies import requests import json from pathlib import Path EOL_API = "https://endoflife.date/api" def check_eol(packages: dict[str, str]) -> list[dict]: """packages: {'python': '3.10.5', 'node': '18.17.0', ...}""" issues = [] for name, version in packages.items(): major_minor = ".".join(version.split(".")[:2]) try: data = requests.get(f"{EOL_API}/{name}/{major_minor}.json", timeout=5).json() if data.get("eol") and data["eol"] != False: issues.append({ "package": name, "version": version, "eol_date": data["eol"], "latest": data.get("latest"), }) except (requests.RequestException, json.JSONDecodeError): continue return issues # usage deps = {"python": "3.10.5", "node": "18.17.0", "ubuntu": "20.04"} for issue in check_eol(deps): print(f"⚠️ {issue['package']} {issue['version']} EOL {issue['eol_date']}") ``` ### 매 dep-graph 의 staleness audit ```python # JS/TS — npm outdated programmatic import subprocess, json def staleness_audit() -> dict: out = subprocess.run(["npm", "outdated", "--json"], capture_output=True, text=True) data = json.loads(out.stdout) if out.stdout else {} severity = {"critical": [], "high": [], "medium": [], "low": []} for pkg, info in data.items(): cur = info["current"].split(".") wanted = info["wanted"].split(".") latest = info["latest"].split(".") if cur[0] != latest[0]: severity["high"].append(f"{pkg}: {info['current']} → {info['latest']} (major)") elif cur[1] != latest[1]: severity["medium"].append(f"{pkg}: {info['current']} → {info['latest']} (minor)") else: severity["low"].append(f"{pkg}: {info['current']} → {info['latest']} (patch)") return severity ``` ### 매 LLM-assisted migration (Claude Opus 4.7) ```python import anthropic client = anthropic.Anthropic() def llm_migration_plan(from_version: str, to_version: str, package: str, codebase_glob: str): """Generate a migration checklist + automated edits.""" msg = client.messages.create( model="claude-opus-4-7", max_tokens=4096, system=[ {"type": "text", "text": "You are a senior engineer planning library migrations. Be specific.", "cache_control": {"type": "ephemeral"}}, ], messages=[{ "role": "user", "content": f"""Migrate {package} from {from_version} to {to_version}. Codebase pattern: {codebase_glob} Output: 1. Breaking changes list with file/line patterns to grep 2. Automated codemod snippets (jscodeshift / ast-grep) 3. Manual review checklist 4. Rollback plan""", }], ) return msg.content[0].text ``` ### 매 frozen + audit 의 quarterly upgrade ```bash #!/usr/bin/env bash # scripts/quarterly-upgrade.sh — mass dependency refresh set -e # 1. Snapshot current state git checkout -b "deps/$(date +%Y-Q%q)" cp package-lock.json package-lock.snapshot.json # 2. Update everything to latest minor/patch bunx npm-check-updates -u --target minor bun install # 3. Run full test matrix bun run test:unit bun run test:integration bun run test:e2e # 4. If green, push for review git add package*.json && git commit -m "chore: quarterly dep refresh" git push -u origin HEAD ``` ## 매 결정 기준 | 상황 | Approach | |---|---| | 매 active product / SaaS | Renovate weekly + automerge minor | | 매 enterprise / regulated | Quarterly mass upgrade + security patches weekly | | 매 legacy / frozen | Replace-not-upgrade for critical deps; sandbox the rest | | 매 OSS library | Conservative — minimum supported versions wide | | 매 DMSMS / hardware-bound | Multi-source + lifecycle stockpile | **기본값**: 매 Renovate weekly + automerge minor + manual review major. ## 🔗 Graph - 부모: [[Technical Debt]] - Adjacent: [[Renovate]] · [[Dependabot]] ## 🤖 LLM 활용 **언제**: 매 migration plan 의 generation / 매 changelog 의 breaking-change extraction / 매 codemod 의 draft. **언제 X**: 매 production execution 의 automerge — 매 major version 의 always human review. ## ❌ 안티패턴 - **매 "if it ain't broke"**: 매 cliff event 의 inevitable. - **매 manual cherry-pick patches**: 매 missing 의 known CVEs. - **매 yearly big-bang upgrade**: 매 cascade 의 breaking change 의 untestable. - **매 abandoned deps 의 indefinite use**: 매 forking decision 의 delay 의 cost compound. ## 🧪 검증 / 중복 - Verified (DoD DMSMS Guidebook; Renovate documentation; Anthropic *Claude Code agent migration patterns* 2026). - 신뢰도 A. ## 🕓 Changelog | 날짜 | 변경 | |---|---| | 2026-05-08 | Phase 1 | | 2026-05-10 | Manual cleanup — obsolescence types + Renovate/Dependabot patterns + LLM migration |