Java modernization is one of those tasks that sits in the backlog for years. Everyone knows it needs to happen. Nobody wants to be the team that breaks production by doing it.
Blue Pearl, a South African IT consultancy, was in exactly that position. Their flagship product, Blue App, is a talent-matching platform used by roughly 26,000 consultants and freelancers, as well as their enterprise clients. The application was built in Java 11 back in 2020, and by the time the team got serious about modernizing it, the codebase had accumulated years of technical debt.
The list was long: outdated API calls, more than 50 outdated dependencies, known CVEs, no automated test coverage, and an infrastructure design that no longer matched what the platform actually needed. A traditional modernization effort would have required 30-plus person-days of dedicated engineering work — and carried a serious risk of regression on a platform that nearly 30,000 users depended on.
They used IBM Bob instead. The project took three days.
What the Team Actually Did
Before writing a single line of new code, the Blue Pearl team spent about three hours building context. They fed Bob architecture diagrams, AWS workflow documentation, endpoint definitions, inter-service dependencies, and data flow maps. They also included input from actual platform users about what they needed from the application.
That upfront work mattered. Bob used it to produce a full dependency map of the codebase, surface deprecated API calls, highlight outdated libraries, and flag integration points that had never been formally documented.
From there, Bob guided the team through the full transformation:
- Migration from Java 11 to Java 21 LTS
- Adoption of modern Java features, including records, sealed classes, pattern matching, and virtual threads
- Spring Boot and Hibernate updates to Java 21-compatible releases
- Namespace migration from javax to jakarta
- Restructured services with cleaner interfaces and reduced coupling
Security was part of the same pass, not a separate effort. Bob helped strengthen authentication and authorization logic, standardize input validation, and map sensitive data flows. It also flagged the lack of observability as an architectural risk and recommended adding structured JSON logging, distributed tracing with Micrometer and OpenTelemetry, and health check endpoints across service boundaries.
The Results
When the dust settled, Blue Pearl had a platform that passed scans from Semgrep, Snyk, and SonarQube on the first attempt. Post-deployment results:
- Zero CVE-bearing dependencies
- 92% regression test coverage, up from zero
- Zero production incidents after deployment
- 100% functional equivalence with the legacy system
- Estimated 15% JVM performance improvement
No customer complaints. No rollbacks. The team immediately moved on to UI improvements and new features rather than cleaning up backend issues.
How Bob Handled the Heavy Lifting
One thing worth understanding is how Bob approaches this task technically. It doesn't rely on a single model. Bob dynamically routes each task to a suitable model based on accuracy, performance, and cost, drawing from a mix of frontier models, including Anthropic Claude, Mistral, and IBM Granite, as well as specialized fine-tuned models for code reasoning and security analysis.
Simpler completions go to lighter models. More complex analysis and transformation tasks go to more capable ones. The goal is better output at lower cost — and the developer doesn't have to manage any of that routing manually.
The Pattern That Made It Work
Bob didn't replace engineering judgment on this project. The pattern that worked was: context first, Bob second, senior developer validation third. Every recommendation Bob made was reviewed by a senior developer before implementation. Testing and internal UAT were followed before anything went to production.
That's an important detail for anyone evaluating AI-assisted modernization. Bob accelerated the discovery, planning, and transformation phases. But experienced engineers stayed accountable for what shipped.
Why This Matters for Your Backlog
Most development teams have at least one version of this problem sitting somewhere. A legacy Java app. An undocumented codebase. A modernization project that's been "almost ready to start" for two years.
The Blue Pearl project is a useful proof point — not because the numbers are impressive, but because the approach is repeatable. Context in, Bob analyzes and recommends, and the senior engineer validates. The dependency mapping that would have taken multiple sprints was done in hours. The automated test baseline that didn't exist now provides a regression safety net for every future change.
That shifts where engineering effort actually goes. Less time on code archaeology and regression anxiety. More time on product work that users notice.
IBM Bob is now available at bob.ibm.com, with a 30-day free trial for teams who want to see what it can do with their own codebase.