Software Development 6 min read

Hybrid development in enterprise: balancing custom code and low-code

How to combine the flexibility of custom development with the speed of low-code while maintaining engineering discipline, version control, and robust system architecture.

Enterprise IT leaders are increasingly adopting hybrid development models. Organizations strive to combine the delivery speed of low-code platforms with the full architectural control, scalability, and security of custom software. The main dilemma lies in integrating these approaches without losing long-term code manageability or accumulating technical debt.

The speed trap: why isolated low-code creates architectural risks

The drive to minimize time-to-market sometimes pushes companies to extremes—abandoning traditional coding for closed visual builders. Initially, building interfaces and forms quickly seems like a clear win. However, organizations soon face limitations: implementing unique business logic becomes difficult, integration issues arise, and business units start creating "shadow IT" systems that bypass security audits.

The main mistake is viewing low-code as a complete replacement for classic development. The Thoughtworks Technology Radar report clearly emphasizes that engineering discipline—including automated testing and code review—remains critical regardless of whether the team chooses custom development or low-code platforms. If a visual tool does not support modern CI/CD pipelines and isolates developers from versioning, it will inevitably generate technical debt.

The hybrid model and the role of UnityBase

An effective solution is a hybrid architecture. In this model, the core of unique business logic and complex integrations are implemented as custom code, while routine operations, user interfaces, and standard document management processes are delegated to a specialized platform.

The technological foundation for this approach is the low-code platform UnityBase (a joint development by the Intecracy Group alliance, where InBase is a key developer). UnityBase functions as a full-stack JavaScript framework aimed at professional developers. The platform's core architectural concept is a unified domain metadata model that simultaneously describes data structure, user interface, API, and basic system behavior.

Developers describe entities in a declarative format, and the platform automatically generates REST API, Admin UI, and manages physical database structure synchronization (via built-in ORM). This frees up engineering resources to focus on server-side business logic (based on the SpiderMonkey engine) and modern Vue interfaces. It is worth noting that in the early stages of projects, a monolith-first architecture is often more economically viable than premature microservices decomposition. UnityBase allows starting a project as a structured monolith with the potential for future horizontal scaling.

Engineering discipline: CI/CD and configuration control

To keep hybrid development manageable, it must rely on cloud development standards. According to The Twelve-Factor App methodology, modern applications should ensure a clear separation of code and configuration, store dependencies declaratively, and support stateless processes for horizontal scaling. Thanks to compatibility with the npm ecosystem, UnityBase allows storing all platform settings as JSON and JavaScript files in a Git repository.

According to Google Cloud / DORA (DevOps Research and Assessment) research, industry standards for measuring team performance include Deployment Frequency, Lead Time, Change Fail Rate, and Mean Time to Recovery (MTTR). Using CI/CD pipelines for hybrid code ensures that platform automation improves these metrics without sacrificing quality control. At the same time, DORA notes that organizational factors—such as team culture and leadership support—can lead to a twofold difference in performance when adopting new technologies.

Architectural audit: how to avoid system degradation

Even with clear CI/CD, hybrid architecture requires constant oversight. According to AWS Well-Architected Framework recommendations, regular architectural reviews are necessary to identify risks in production systems before they turn into incidents.

During audits of hybrid projects based on UnityBase, pay attention to key integration points:

  1. API contracts: Interaction between custom services (e.g., Java or Go) and the platform must occur exclusively via REST API or task queues, avoiding direct database manipulation that bypasses the platform's ORM.
  2. Access control: The platform includes powerful Role-Based Access Control (RBAC) and Row-Level Security (RLS) mechanisms. Custom components must respect these security policies and use a unified authorization context (e.g., JWT-based authentication or OpenID Connect in commercial editions).
  3. Query performance: High-load analysis of automatically generated ORM queries to ensure optimal use of database indexes.

Practical case: task distribution in BPM processes

Consider an example of implementing a complex process: automating a credit pipeline that combines standard document management with specific risk calculations.

Instead of programming the system from scratch, architects use ready-made products based on UnityBase—for example, the Scriptum or Megapolis.DocNet process management systems. Document lifecycle management, file storage in DB-independent repositories (BLOB), and task assignment are handled by ready-made platform modules.

Simultaneously, a custom microservice (e.g., Node.js) is responsible solely for the scoring mathematical model. When the process in Scriptum reaches the "Evaluation" step, the platform initiates a request to the microservice, passes the necessary data via API, receives the calculated result, and continues the process. This approach allows developers to focus on business logic, leaving administration, security, and UI to the platform.

Task distribution matrix in hybrid enterprise architecture

System componentOptimal approachTechnological stack (Example)
Core unique business logicCustom developmentNode.js / Go / Java services
User interfaces and formsLow-code platformUnityBase metadata, Vue.js components
Document management and BPMReady-made platform modulesScriptum / Megapolis.DocNet
Integration buses and API contractsHybrid (Custom schemas + platform)npm modules, generated REST API

The hybrid approach proves that enterprise systems do not have to be exclusively monolithic custom code or a closed "black box." By combining engineering discipline with the capabilities of the UnityBase platform, organizations maintain the flexibility needed for long-term IT landscape development.

FAQ

How to ensure version control (Git) when using low-code platforms?

In hybrid platforms like UnityBase, system configuration (data models, processes, access rights) is stored as declarative JSON and JavaScript files. This allows the use of standard Git tools, mandatory code reviews, and CI/CD pipeline configuration.

Can a hybrid solution on UnityBase be deployed entirely on-premises for security requirements?

Yes, UnityBase supports both cloud deployment and autonomous on-premises installation. For projects with high security requirements and heavy loads, commercial Enterprise and Defence editions are available, supporting additional encryption, digital signatures (QES), and extended access policies (RLS, ACL).

How does the hybrid approach affect DORA metrics compared to pure custom development?

The hybrid approach improves Lead Time and Deployment Frequency through automatic REST API and Admin UI generation based on metadata. This allows the team to quickly deliver basic functionality while maintaining engineering quality control standards to reduce the Change Fail Rate.

Data sources

Sources & materials

Materials and sources used in this article.

  1. Thoughtworks Technology Radar — thoughtworks.com
  2. Amazon Web Services: AWS Well-Architected Framework — docs.aws.amazon.com
  3. Google Cloud / DORA: DORA — DevOps Research and Assessment — dora.dev
  4. Heroku / community: The Twelve-Factor App — 12factor.net