Nine years ago, I built an app called Highlander. It was one of those projects you never forget, but over time it broke: old dependencies, outdated tooling, local setup drift, and deployment blockers.
This week, I brought it back to life. Not by rewriting everything from scratch. By pairing with Codex and treating the work like a Product Engineer: fix what matters, unblock users, and ship value fast.
The Problem: The app was frozen in time:
- Old Node/Knex/Bookshelf stack
- Broken local boot flow
- DB connectivity issues
- Seed data problems
- Production-unfriendly hardcoded localhost URLs
- Security gaps before deploy
It had been broken long enough that I honestly didn’t expect a quick recovery.
The Approach: Product Engineering, Not Just Refactoring:
I didn’t just “clean code.” I prioritized outcomes:
- Get local working first
- Stabilize data + auth
- Fix UX trust issues for demo users
- Deploy to Fly.io
- Harden for real usage
That sequence mattered more than perfection.
Product Development Context:
This rebuild also reconnects to the original product planning work from the Highlander sprint board on Trello: Highlander product sprint board
That board reflects early MVP scope, feature prioritization, and roadmap thinking. Revisiting the app now with Codex let me combine that original product intent with modern implementation and deployment practices.
What Codex Helped Me Ship:
1) Local revival
- Pinned runtime compatibility (.nvmrc)
- Updated critical deps for modern macOS
- Fixed DB config to support local + production envs
- Restored migration/seed workflow
2) Demo-ready UX. I added a demo login path directly in the UI.
- “No account no problem…”
- Demo credentials on login + registration pages
- Direct link from registration to login
- Dashboard welcome message shown once per login session
3) Security hardening. Before deployment, I tightened core risks.
- Token-based auth middleware
- Protected routes
- Login rate limiting
- Removed sensitive console logs
- Removed password leaks in API responses
- Added safer headers and config defaults
4) Deployment to Fly.io
- Added fly.toml
- Added Dockerfile + .dockerignore
- Configured release migration flow
- Seeded production demo data
- Code Snapshot: killing localhost coupling
One of the most important production fixes was removing hardcoded localhost API calls
That one change removed mixed-content/CORS issues on deployed pages.
Why this matters for my career growth:
I’m not making a hard transition away from software engineering. I’m intentionally blending Software Engineer + Product Engineer skills so I can widen my career options and be more valuable to a broader set of teams and employers.
This project reflects that blend:
- AI-assisted delivery speed
- practical product prioritization
- hands-on code and architecture updates
- UX improvements
- deployment and production hardening
It wasn’t just a code cleanup. It was an end-to-end product delivery exercise.
What’s Next:
I have another 9-year-old app: Highlander-react-redux. It uses the same backend API, but the frontend is React/Redux. Next, I’m going to use Codex again to revive it with the same Product Engineer lens:
- improve onboarding
- modernize auth + data flows
- reduce complexity
- ship reliably
I’ll document that process too, including what worked, what failed, and what changed in my thinking.
Highlander Project
Demo: https://highlander.fly.dev/index.html
Github: https://github.com/heriberto-codes/highlander