One of the most overlooked aspects of software development projects is the maintenance phase. A project is rarely ever truly finished; it will continue to require a non-negligible amount of work over time.

A Bit of Philosophy

People often say that code rusts, drawing an analogy with materials in the physical world. At Thirdbridge, we’ve never really liked that comparison. In reality, source code is a set of deterministic commands—when executed under the same conditions, it will produce the same results, even 50 years later.

The real issue is that the outside world evolves, making interactions with outdated code increasingly difficult. Take security vulnerabilities, for example: they do not arise from the degradation of code, like steel that oxidizes. Instead, the vulnerability has been there from day one—it is our understanding of security risks that has evolved, while the code itself has remained unchanged.

The Maintenance Plan

A maintenance plan typically covers three key aspects:

Updating core components and external dependencies
Changes driven by external factors
Changes driven by internal factors

Core Components & External Dependencies

Whether it’s the Android SDK version for a mobile app or the Node.js version for a web server, the vast majority of digital projects rely on components that are constantly evolving. Additionally, many projects depend on third-party libraries, which often require even more attention, as they tend to be less actively maintained than core technologies.

Keeping these components up to date is essential for two main reasons:

Security

Security is a never-ending battle. Regardless of the technology, new vulnerabilities are constantly being discovered. Having a predefined update cadence reduces the chances of using outdated, insecure versions. At Thirdbridge, we continuously monitor security vulnerabilities in the technologies we use, allowing us to take proactive action before bad actors can exploit them.

Development Speed

If a project is not maintained, future development slows down over time. While the short-term impact may seem minimal, developers will become less and less efficient as time goes on.

A great (and extreme) example is the banking sector. Today, banks are forced to spend massive amounts to hire programmers skilled in COBOL. Even worse, these aging systems are incompatible with modern technologies, making any updates painfully slow. To be clear: it takes decades to reach such an extreme situation. However, the decline in development speed starts much sooner.

External Factors

Sometimes, external factors force us to update a project. These factors vary widely. Here are a few examples we’ve encountered at Thirdbridge:

AWS EKS now charges $400 per month for Kubernetes clusters running outdated versions.
As of April 24, 2025, Apple will reject apps that do not use iOS SDK 18.
Quebec's Bill 25 required businesses to update their websites to include privacy policies.

Internal Factors

In other cases, internal needs drive updates. Examples include:

Small UI adjustments on a website
Minor API configuration updates
Updating app store images for a mobile app

The Financial Model

At Thirdbridge, our maintenance plan is structured as a non-expiring annual hour bank. Since the hours never expire, clients can spread out their maintenance costs over time. If there are unused hours, they can be applied as a credit toward future development projects.

The goal is simple: peace of mind. Unexpected security fixes shouldn’t disrupt your budget. With our approach, clients can maintain financial stability while keeping their software secure and up to date.

ROI Matters

A maintenance plan isn’t a blank check for developers to experiment with the latest trend every six months. Every maintenance effort must align with the long-term strategy of the project.

A recent example: Less than a month ago, React officially announced the end of Create React App. Several of our projects were built using this technology, but for some clients, migration isn’t even on the table. If future development is unlikely and security risks are minimal, the ROI simply isn’t there.

Conclusion

A digital project is rarely ever “done”. The tech landscape evolves so quickly that inaction can lead to major security risks and development slowdowns—sometimes in just a few years. This is why having a maintenance plan is critical, yet often overlooked.

With Thirdbridge's non-expiring hour bank, we provide technical stability and financial predictability. By rolling over unused hours, clients avoid budget surprises while ensuring their software remains up-to-date and secure.

Beyond the code itself, our mission is to deliver the best possible experience when building digital solutions. A well-planned maintenance strategy is a key part of achieving that goal.

Let me know if you’d like any refinements.

share this article

Other articles

Apr 24, 2025

Why Is Building an App So Expensive?

We've realized there’s a real need for education around the actual costs of designing and developing a digital product.

Apr 21, 2025

Passkeys: What are they?

Answers to the most frequently asked questions about Passkeys

Mar 31, 2025

Ratings & Reviews: Their Impact on an App's Success

An app’s success isn’t solely based on meticulous engineering or eye-catching designs. It’s crucial to deliver a product that is high-performing, accessible, useful, and user-friendly, alongside a go-to-market (GTM) strategy tailored to the digital product ecosystem.

Feb 25, 2025

Strategic Workshops: A Tailored Approach to Your Project Needs

Strategic workshops are at the core of our collaborative process, enabling us to co-create relevant and innovative solutions for our clients and their customers.

Feb 18, 2025

AWS, SPA and SEO

How to optimize the SEO of a SPA hosted on AWS

Feb 13, 2025

Aligning SSO with Business Models

It’s essential to align your business model with the cost structure of the SSO provider. Otherwise, the success of your product could quickly become a financial burden!

Jan 30, 2025

Game Day

It’s crucial to remember that the primary goal is to uncover the blind spots in the project.

Jan 14, 2025

Modern Password Management

At Thirdbridge, providing peace of mind to our clients is at the heart of our priorities, and we believe it all starts with the reliability of our internal practices and processes.

Oct 29, 2024

AI driving innovation: A new Era for Mobile Apps and User Experience

Artificial intelligence (AI) represents a digital transformation that impacts us all. This rapidly advancing technology, fueled by data analysis, not only enables informed decision-making and reliable forecasting but also allows for the completion of many tasks at a faster pace.

Oct 17, 2024

How to Gauge your Mobile App's performance?

A mobile application is the extension of a brand's customer experience.

Oct 15, 2024

Pierre-Étienne Bousquet guest of "Les Affaires"

Our president and co-founder, Pierre-Étienne Bousquet, discussed with Jean-François Venne from Les Affaires the significant growth of digital technology in the retail industry and its impact on online sales, which are becoming increasingly crucial for revenue.

Sep 24, 2024

Cybersecurity and Mobile Applications: Choosing the Right Authentication Method

Mobile applications are essential tools that handle personal data, access sensitive information, and are part of our daily lives. However, in an age where the term cybersecurity is on everyone's lips, ensuring the security of these applications and the information they contain is crucial.

Sep 4, 2024

The impact of UX research

Integrating user experience (UX) principles and practices into the software or application development process has become crucial.

Jul 15, 2024

The Phygital: Rethinking the Retail

Businesses have always had to innovate and rethink their approaches to remain relevant, and this is even more true in the digital age.

Jun 18, 2024

Hybrid vs. Native: Making the Right Choice

At Thirdbridge, the preferred development approach is hybrid. But let's delve deeper by comparing hybrid and native development across key stages of application development: costs, performance, security, and maintenance.

Jun 14, 2024

Funding Your Digital Project

It's no secret that realizing your wildest dreams regarding digital innovation within your company brings many benefits.

Jun 13, 2024

Launching Your Application: The Key to a Well-Planned Budget

Very few digital projects end within their initial budgets and timelines.

May 23, 2024

Tips and Tricks for Sustainable Software Design

When we think about reducing our ecological footprint, our first instinct is to consider the means of transportation we use or our recycling and consumption habits.

May 17, 2024

Maximizing Your App's Profitability: Our Advice

Whether you're looking to save time for your users, retain them, or enhance their shopping experience, we're sharing here the three key elements to consider to maximize your return on investment (ROI).

May 6, 2024

Couche-Tard Connecté: The Cashierless Convenience Store

Congratulations to our mobile development team, who gave their all in recent weeks to ensure a smooth launch of the Couche-Tard Connecté project.

Apr 25, 2024

Beyond Launch: Ensuring the Longevity of Your Application

You've diligently followed the development stages of your application and are about to launch it: congratulations! But even though this is a great accomplishment, your job is far from over...

Mar 22, 2024

Our 12 tips for succeeding in a software project after 12 years in the industry

Thirdbridge celebrates its 12th anniversary!

Apr 23, 2025

Gamification: Turning Engagement into a Performance Driver

Far beyond just playfulness, gamification is a powerful experiential strategy for positively influencing behavior.

Apr 4, 2025

CMS for your mobile app?

A quick guide to choosing the right CMS for your mobile app—comparing top platforms and highlighting integration tips for scalability and flexibility.

Mar 17, 2025