The Hidden Risks of Stuck Code: How Thermal Expansion in Legacy Systems Reveals Tech Debt During M&A Due Diligence

When one tech company acquires another, a deep technical audit is required. I’ll explain why a target company’s approach to this specific problem can be a major red flag or a green light during an M&A deal.

I’ll never forget the time I walked into a data center and saw engineers struggling with servers packed so tightly that removing one microservice looked like trying to pull pennies from those old plastic coin tubes from the 1960s. Sealed shut. Fused by time. One wrong move and everything cracks.

That moment stayed with me. Because this isn’t just about hardware. It’s about the software equivalent—what happens when legacy code, outdated libraries, and tangled dependencies create a system where nothing can move freely. What looks like a clean architecture on paper can hide tightly coupled dependencies, brittle deployment pipelines, and thermally expanded tech debt that only reveals itself under pressure.

In variation #45 of our M&A due diligence series, we’re looking at one of the most telling signals I’ve found: how a company handles “stuck” components in its tech stack. Think of it like the physics of expansion. In materials, different rates of thermal expansion cause stress. In software, the same happens—when systems, services, and dependencies don’t expand or contract at the same rate under pressure, it creates hidden fractures.

The “Coin Tube Problem” in Modern Software Architecture

When Systems Shrink-Fit Around Legacy Code

Over years of development, software systems behave like those old coin tubes. Legacy code, outdated libraries, and tightly coupled microservices create a kind of digital shrink-fit—where the core functionality gets sealed in, impossible to extract without risking the whole system.

This happens most often in companies that grew fast. They built MVPs, added features, and never paused to refactor. Now? Their monolithic controllers, spaghetti APIs, and undocumented integrations are like pennies fused in plastic. Every change risks breaking something downstream—a deal-killer in post-acquisition integration.

“The first sign of trouble isn’t the code itself—it’s how hard it is to move.”

Why This Matters in M&A Due Diligence

When I evaluate a target, I don’t just look at what the code does. I care about what happens when you try to change it. Can you extract a service? Migrate a module? Refactor without triggering a chain reaction?

A well-structured system? Like a modern coin tube—parts slide out cleanly. But a system with shrink-fit dependencies? That’s a scalability time bomb waiting to explode during integration.

Here’s what I ask:

• Can one service be pulled without breaking others?
• Do all services redeploy when only one changes?
• How many systems still rely on that deprecated module?
• Are the “stuck” parts even tested?

Code Quality Audit: The Thermal Expansion Test

Using CTE (Coefficient of Thermal Expansion) as a Metaphor for Tech Debt

In physics, CTE measures how materials expand or contract with temperature. In software, think of it as a system’s ability to handle change under stress—whether from load, new features, or organizational shifts.

Low CTE? The system is rigid, brittle, cracks under pressure. High CTE? It flexes, adapts, survives. In due diligence, I use this lens to spot the difference between a resilient system and one that’s one change away from collapse.

1. Dependency Graph Depth – Shallow graphs mean less stress. Deep, tangled webs? Red flag. Circular dependencies are like pennies welded together.


// Example: Dependency mapping via static analysis
// High-risk pattern: circular imports
// low-level-service.js
const { User } = require('./high-level-api');
// high-level-api.js
const { Logger } = require('./low-level-service');


2. Change Impact Analysis – I simulate a “temperature spike” by tweaking a schema slightly. One time, a 5-line update in a user module broke 14 downstream services. All because a legacy logging service expected exact field names. That’s shrink-fit in action.

3. Deployment Isolation – If one code change triggers a full rebuild of every service, it’s like trying to hammer the entire coin tube at once. Risky. Messy. Inefficient.

Red Flags in Code Quality

<
• No automated tests around core modules (like the bottom penny stuck in the tube)

<

• Shared global state (e.g., singleton configurations)

<

• Hardcoded external URLs or credentials
• Monoliths disguised as microservices

Scalability Assessment: Can the System “Expand” Under Pressure?

Load Testing as a Thermal Expansion Simulation

Heating a coin tube expands the plastic and frees the coins. Load testing does the same for software. It shows whether a system can expand to handle growth—or cracks under the strain.

I simulate traffic spikes and watch closely:

• Where do bottlenecks appear?
• Do old components leak memory?
• Does the system scale horizontally, or does it freeze like a stuck cap?

A few years ago, I saw a company’s API gateway handle 100 RPS just fine. But at 500 RPS? A decade-old auth module crashed. No tests. No logging. Just cascading timeouts. Fixing that 200-line black box added $2M to integration costs. One stuck component. One avoidable cost.

Green Flags in Scalability

• Stateless services that scale horizontally
• Async processing for heavy tasks
• Clear circuit-breaker patterns in service calls

Technology Risk Analysis: The Freezer, Boiling Water, or Acetone Approach?

Evaluating Escalation Strategies

Just like with coin tubes, tech teams have different ways to free stuck code:

• Freezing (rollback, isolation): Disable the module. Quick fix. But only temporary.
• Boiling (refactoring under pressure): High risk, high reward. Done right in staging, it can save the system.
• Acetone (complete rearchitecture): Dissolve the whole layer. Costly, but sometimes the only option.

I look at which approach a team has used before. Always patching? That’s a sign of high technical debt. Teams that refactor strategically? That’s a green light.

Cutting with Precision: The Pipe Cutter Method

The best teams don’t brute-force it. They use precision tools—like a pipe cutter—to extract what they need without collateral damage. In software, that means:

• Stratified refactoring: Break monoliths layer by layer
• Feature flags to decouple deployment from release
• API versioning to allow gradual migration


// Example: Safe extraction using feature flags
if (featureFlags.useNewPaymentService) {
await newPaymentProcessor().charge(amount);
} else {
await legacyPaymentService.charge(amount);
}


Conclusion: Don’t Buy a Codebase You Can’t Open

The coin tube lesson applies here: if you can’t safely extract the core value, you’re not buying an asset. You’re inheriting a liability.

In M&A due diligence, ask these questions:

• What’s the CTE of the system? Can it handle change?
• Are there “shrink-fit” components that will crack under integration stress?
• Does the team know how to free stuck code—safely?
• Is the tech debt worth the price, or will extraction cost more than the deal?

A clean codebase isn’t about perfection. It’s about optionality, flexibility, and future scalability. Not every penny is worth the effort to extract. And not every acquisition is worth the cost of freeing the code. Use the thermal expansion lens to spot the red flags—before you sign the deal.

Related Resources

You might also find these related articles helpful:

• A CTO’s Framework for Solving Legacy Constraints: Lessons from Stuck Pennies in Vintage Coin Tubes – As a CTO, I’ve spent years wrestling with systems that just won’t budge. My job isn’t just about picking the right tech—…
• How Thermal Dynamics and Material Science Can Launch Your Career as a Tech Expert Witness in Legal Cases – Ever sat in a courtroom and thought, “I could explain that tech issue way better”? You might have what it takes to be a …
• How I Wrote a Technical Book on Extracting Stuck Pennies from 1960s Coin Tubes (And How You Can Too) – Writing a technical book changed my career. But not in the way you might expect. My book isn’t about AI or software. It’…