At a conference this week, a VP at PingCAP (the company behind TiDB) dropped a line that's been rattling around my head ever since:
"Coding is over, Software is not."
Writing code is getting solved by LLMs, fast. But shipping complex software into an enterprise is still hard — and the hard part was never the code. It's permissions, memory, collaboration, security, context. That half didn't get easier. That half is the whole game now.
#
The signal: they banned engineers from writing code — and the hard part remained
A few things from the last week line up suspiciously well:
"Coding is over, Software is not." The same VP revealed their org has shifted to an agent-led development model — 300+ engineers are now banned from writing code, and even banned from manually reviewing code; agents do most of the work autonomously. And yet he stressed: building and delivering complex systems is still hard — permissions, memory, collaboration, security, context management are far harder than code generation itself.
- Another exec at the same event: AI coding exploded code throughput, but created a new bottleneck — enterprises must build a stable, reliable, explainable, governable AI code-review system.
- Industry reality check: coding agents now reliably handle tasks that take a human ~30 minutes (a year ago it was under 10), but performance is still "uneven" — leading systems still trip on deceptively simple tasks.
Put together: the "writing code" half is basically won — speed won. What's unsolved is the Software half: turning code into a system where permissions are right, data is consistent, security is governable, and the thing can evolve for years. That half is what I'd call rigor.
#
Why "Software is not over" — the AI can't be trusted with the hard parts
Every word in that list is an enterprise pressure point, and each is exactly where AI most often breaks:
Permissions — who can see / edit / approve; one wrong cell is a privilege-escalation incident. #
Memory / context — consistent state across modules and systems; the first thing an agent drops. #
Collaboration — many people, roles, orgs; rules tangled together. #
Security / governability — explainable, auditable, rollbackable; not "black-box generate and ship."
AI can write all of this fast — but written ≠ correct, and ≠ controlled. The "explainable, governable review system" is the industry trying to patch exactly this. The catch: if governance is just a human/automated review layer around the agent, you're forever racing its output. What it generates in a day, your review system can't keep up with.
So: is it possible to make the hardest, can't-be-wrong part of "Software" not depend on the AI's diligence, nor on after-the-fact review?
#
Welding the "Software" half into the architecture
This is the core idea behind Oinone — let AI own the speed of Coding, and let the framework own the rigor of Software:
The AI emits metadata, not code. "Add a 3-level approval to the quote object" produces a structured metadata diff of model/view/flow/permission — a few dozen readable lines, not a wall of code to review line by line. Permissions, collaboration, context become structured and checkable, not hazards scattered through code. #
The hard parts are enforced by the framework, not the AI's good intentions. Permission model, data validation, transactional consistency, audit — the genuinely-hard parts of Software — are framework-enforced. The AI can't move them or route around them. Those pressure points are welded into the foundation. #
The review surface shrinks and becomes governable. "Explainable, governable" is native to metadata: you review a few dozen lines of structured diff — wrong, roll the whole thing back; what changed is obvious. Oversight goes from "chase the agent's code output" to "scan a structural change." Review finally keeps up with AI. #
Change once, consistent everywhere. A model change derives UI/API/permissions in sync — no "changed the field, forgot the permission," which is exactly where context/memory gets dropped and the AI trips.
One line: Speed by AI, rigor by Oinone. AI won the Coding half; the Software half is a contest of rigor — and Oinone welds permissions, memory, collaboration, security, and context into the architecture, so the AI can run flat-out inside the safe zone.
#
Three questions for anyone evaluating tools
What backstops your "Software" problem? A review layer around the agent (racing its output), or architecture that welds permissions/consistency shut and shrinks the review surface? #
After you "ban engineers from writing code," who guarantees it's right? The agent's diligence, or framework enforcement plus a governable structured diff? #
Would you hand a core system fully to an agent? A wall-of-code system won't; a metadata-driven, framework-backstopped one will let go in the safe zone — because the hardest part of Software isn't in the AI's reach.
#
FAQ
Q: What does "Coding is over, Software is not" mean?
A: A PingCAP/TiDB VP's take at a June 2026 conference — writing code is rapidly being solved by LLMs (Coding nearly over), but delivering complex software into enterprises (permissions, memory, collaboration, security, context) is still hard (Software far from over). That hard half is enterprise "rigor."
Q: What's this got to do with low-code / Oinone?
A: Oinone builds the hard half of Software into the framework — the AI emits architecture-constrained metadata, with permissions/validation/consistency/audit enforced by the framework, governable and rollbackable, not dependent on the AI's diligence or after-the-fact human review.
Q: Is it open source?
A: Yes (AGPL-3.0). One docker compose
and it's up in ~5 minutes; self-hosted, data never leaves your environment. It runs in the core systems of billion-scale enterprises.
If this framing helped, the project is open source (AGPL-3.0) — a ⭐ supports the maintainers:
(Disclosure: I work with Oinone.)