What the Hex is a Dex? Introducing Deterministic Transformation Artifacts
Source: Dev.to
The Problem: Code Transformations Are Usually Chaos
Software engineers constantly need to transform codebases.
Not just small edits – we’re talking about massive structural changes:
- API migrations
- Framework upgrades
- Localization rewrites
- Security patches across hundreds of repositories
- Refactors touching thousands of files
Most of the time these transformations are done with a mix of:
- fragile scripts
- regex sorcery
- one‑off codemods
- questionable search‑and‑replace rituals involving chickens
And once the script runs… well, good luck.
You often get:
- no clear audit trail
- no reproducibility
- no safe rollback
- no way to inspect the transformation beforehand
In other words: you just ran a very large mutation across your codebase and now you’re praying to the CI gods that the chicken satisfied their thirst for bugs.
But… What If Code Transformations Were Artifacts?
Imagine this: instead of executing transformations blindly, we treat them like first‑class artifacts—something you can:
- inspect
- verify
- share
- sign
- reproduce
- undo (without needing any chickens)
This is the idea behind DEX.
DEX: Deterministic Transformation Artifacts
A DEX artifact is a portable package that describes a code transformation in a deterministic way. Think of it as:
Git commit
+ migration script
+ cryptographic signature
+ replayable transformation planBut instead of being tied to a specific repository state, a DEX artifact describes the transformation itself.
Typical layout:
DEX
├── manifest.json
├── payload/
│ └── plan.json
└── signatures/The transformation plan (plan.json) contains:
- which files change
- which lines are modified
- the original code
- the replacement code
- any helpers that were injected
- the exact hash of each source file
Everything needed to reproduce the change deterministically. Given the same inputs, the artifact will always produce the same output—no hidden state, no runtime surprises.
The Dennis Forge
DEX artifacts are produced by a tool called Dennis. Dennis is a deterministic codemod engine built around a simple philosophy:
“Transformations should be planned, inspectable, and reversible.”
Workflow
Scan → Plan → Package → Sign → Verify → ApplyInstead of modifying your project directly, Dennis first generates a plan. It’s safe enough to try at home—no chickens required.
Let’s Forge an Artifact
1. Clone the example repository
git clone https://github.com/crevilla2050/hello-dennis
cd hello-dennisInside you’ll find a minimal Python program:
#!/usr/bin/env python3
def main():
print("Hello world.")
print("Thank you for using Dennis. Love, the Dennis Team.")
if __name__ == "__main__":
main()Nothing fancy—just two hard‑coded strings, the kind of thing that quietly spreads across a codebase until someone eventually says, “We should probably internationalize this.”
2. Generate the Transformation Plan
dennis plan run . \
--dict messages_en.json \
--add-helper helper.py \
--target-file hello.py \
--line 12This command analyzes the project and produces a deterministic transformation plan (plan.json). No files are modified yet—Dennis always starts with a plan that you can inspect directly.
3. Package the Artifact
dennis pack plan.json hello-dennis.dexNow the transformation becomes a portable artifact that can be shared, inspected, versioned, and stored like any other build artifact.
4. Sign the Artifact
First generate a signing key:
dennis keygenThen sign the artifact:
dennis dex sign hello-dennis.dex --key dennis.keyThe artifact now contains a verifiable signature proving its origin. If someone modifies the payload and signs it again, older signatures remain inside the artifact as part of its historical record, creating a chain of custody for transformations.
5. Inspect the Artifact
dennis inspect hello-dennis.dexDennis will display:
- artifact metadata
- payload type
- payload hash
- signatures
- transformation information
This lets engineers verify what the artifact contains before trusting it.
6. Apply the Transformation
dennis rehydrate hello-dennis.dex
dennis apply rehydrated-plan.jsonYour Python script will be transformed into a localization‑ready structure. Instead of hard‑coded strings, the program now loads messages from a dictionary.
7. Test the Result
python hello.pyYou should see the output coming from the external messages_en.json dictionary rather than from hard‑coded literals.
Summary
- DEX turns code transformations into inspectable, reproducible, and reversible artifacts.
- Dennis provides a deterministic pipeline: plan → package → sign → verify → apply.
- The workflow gives you an audit trail, cryptographic proof of origin, and safe roll‑backs—no more blind “run‑and‑pray” scripts or ritual chickens.
Using Different Language Settings
You can run your script with a specific locale by prefixing the command with LANG:
LANG=es python hello.pyor
LANG=de python hello.pyThe program will automatically load the corresponding translation dictionary. No “chicken magic” – just deterministic, reversible transformations.
Undoing the Transformation
Dennis transformations are reversible by design. If something goes wrong, generate the inverse plan:
dennis invert rehydrated-plan.json
dennis apply rehydrated-plan.undo.jsonYour project returns to its original state.
- No Git resets.
- No archaeology.
- Just a deterministic undo.
Encrypted Artifacts: XDEX
In some situations you may want to distribute a transformation artifact without exposing the internal transformation logic. For that purpose Dennis supports XDEX artifacts.
An XDEX artifact is simply an encrypted version of a DEX file:
DEX → XDEXThe payload is encrypted while the outer metadata remains visible. This allows organizations to distribute verifiable transformation artifacts while keeping the transformation plan confidential.
You can encrypt an artifact like this:
dennis encrypt hello-dennis.dexWhy This Matters
Modern software pipelines treat many things as artifacts:
- Container images
- Compiled binaries
- Dependency locks
- Signed releases
But code transformations themselves are often invisible. DEX artifacts change that. They turn transformations into portable, inspectable, verifiable objects, making software evolution something we can track, audit, and reproduce.
Final Thoughts
Software history is written through transformations:
- Refactors
- Migrations
- Patches
- Upgrades
Most of the time those transformations vanish after they run. DEX artifacts make them visible, and Dennis is the forge where they are made.
The forge lives at:
Install with pip or pipx, and start DEX‑ing your code. DEX artifacts turn transformations into something you can pass around, inspect, and trust.
And may chickens live forever!
