Lest we throw rocks while we live in glass houses, counterparty risk is rampant in software ecosystems as well, especially distributed and cloud environments. This is an old, old problem in complex environments.
I've yet to find a solution that tracks down every dependency from a call made inside an application that crosses many platform boundaries. There are dependency mapping "solutions" but they all are incomplete inventories at best, and I've yet to find one that acts as a metadata repository for distributed tracing solutions.
I would really like an AOP-style way of attaching code, turtles all the way down as much as possible, that shows me all dependencies and each of their various affiliated sensors and probes that get automatically called for known failure modes whenever there is an unexpected value, and when an unknown failure mode happens dumps all the sensors and probes instead of just a stack trace. I want to be able to attach such tracing code to third party code without causing their support teams to suck in their breath through their teeth and with a grimace tell me they can't support that "modification". These days, I not only need a call graph, I need the exact state of everything when something broke because I increasingly see Heisenbugs in environments due to various pressures in software development, and most vendor support teams' way of collecting data is woefully inadequate in cloud/distributed ecosystems.
I've yet to find a solution that tracks down every dependency from a call made inside an application that crosses many platform boundaries. There are dependency mapping "solutions" but they all are incomplete inventories at best, and I've yet to find one that acts as a metadata repository for distributed tracing solutions.
I would really like an AOP-style way of attaching code, turtles all the way down as much as possible, that shows me all dependencies and each of their various affiliated sensors and probes that get automatically called for known failure modes whenever there is an unexpected value, and when an unknown failure mode happens dumps all the sensors and probes instead of just a stack trace. I want to be able to attach such tracing code to third party code without causing their support teams to suck in their breath through their teeth and with a grimace tell me they can't support that "modification". These days, I not only need a call graph, I need the exact state of everything when something broke because I increasingly see Heisenbugs in environments due to various pressures in software development, and most vendor support teams' way of collecting data is woefully inadequate in cloud/distributed ecosystems.