Dominic Farr

Delivery Processes Are Trust Mechanisms

2026-02-25T00:00:00+00:00

Every gate in your software pipeline exists because someone once asked: how do I know this is safe to ship?

Code review, test coverage, staging environments, deployment approvals. These are trust infrastructure. They encode what your organisation learned from past failures.

Agent-generated code doesn’t change that question. It increases the volume and velocity at which it needs answering.

A team generating code 10x faster through an agent still needs to validate it. If your review process was already shallow — two-minute glances, no checklist, tests written after the fact — you haven’t changed the process. You’ve increased the throughput of it.

Consider a team with inconsistent test coverage and informal review norms. They adopt an agent-assisted workflow. Output doubles within a sprint. Review latency spikes. Reviewers feel the pressure to keep up. A two-second glance and a merge becomes the default. Within two months, defect rates climb and the blame lands on the AI.

The AI didn’t introduce the dysfunction but it dud scaled it.

Teams that adapt well tend to share one characteristic: deliberate validation design before adoption. Structured review checklists. Defined defect classes. Clear ownership of what automated testing covers and what it does not.

They also expect a J-curve. Early adoption slows throughput before it speeds it up. That dip is where trust infrastructure gets stress-tested.

The practical move is to audit your current pipeline before expanding agent usage. Identify where review is weakest. Fix that first. Then scale.

The sequence matters.

Your Delivery System Was Designed for a Different Constraint

2026-02-24T00:00:00+00:00

Most engineers don’t review transpiled output or minified bundles. They review the source and trust the pipeline. At some point, that output became a black box. Validation moved up a level. Nobody held a ceremony about it.

The same shift is happening with agentic code generation. And most delivery systems haven’t adjusted.

Dave Farley recently explained the Nyquist-Shannon Sampling Theorem in the context of software delivery[1]. To reliably detect change, you must sample at twice the frequency of the change itself. If AI increases code output volume, and humans remain the primary sampling layer, review doesn’t scale. The human becomes the bottleneck by design.

The METR study[2] found developers using AI tools were 19% slower on average. The code changed. The delivery system didn’t. That mismatch is where the cost accumulates.

So where does validation move?

Three places. Contracts define expected behaviour before anything is written. External test coverage confirms the implementation meets those contracts. Runtime monitoring catches what slips through both. Together, they replace the pull request as the primary quality gate.

Teams on the frontier are already redesigning around this. They’re not reviewing every line of generated code. They’re investing in interface definitions, automated coverage thresholds, and production observability. The checkpoint moved.

If your team’s primary validation mechanism is still a pull request review, that process was built for a world where implementation speed was the constraint. It probably isn’t anymore.

Audit where your validation actually sits. That’s where to start.

[1] https://www.youtube.com/watch?v=XavrebMKH2A [2] https://metr.org/blog/2025-07-10-early-2025-ai-experienced-os-dev-study/

The Constraint Has Moved. Most Teams Haven’t.

2026-02-24T00:00:00+00:00

Software delivery has spent thirty years managing human inconsistency. Two developers interpret the same requirement differently. A third forgets an edge case. A fourth ships something untested on Friday. So you built process around it. Standups, sprint reviews, merge gates, retrospectives.

That process was solving a real problem. The problem is changing.

When implementation becomes agentic, you stop managing variance between ten engineers. You’re managing a system that produces consistent output at volume, with failure modes that look nothing like what Jira was designed to track.

The compiler analogy holds here. Nobody reviews compiled bytecode in a pull request. You validate the source, trust the compiler, and monitor runtime behavior. Specification in. Behavior out. You test the contract, not the intermediate steps. Agentic code delivery is heading toward the same model.

Teams already operating near this boundary aren’t running two-week sprints. They’re investing in three things: prompt discipline (what goes in), evaluation frameworks (how correct output is defined), and observability (what happens at runtime). The constraint has moved from writing code to specifying behavior and catching drift when it occurs.

The Scrum Master role was an answer to a specific organisational problem. That problem is dissolving. New ones are forming around specification quality, automated validation, and governance of systems you didn’t write line by line.

Audit your ceremonies against the risks they were built to manage. Some of them no longer apply.