Database

Firebase BaaS with Firestore, Authentication, Cloud Functions, and Hosting

Hasura is an open-source engine that connects to your databases (PostgreSQL, MS SQL, etc.) and instantly gives you a production-ready GraphQL API. It simplifies data access, real-time subscriptions, and authorization management, making it ideal for rapidly developing data-driven applications.

Nhost BaaS with Hasura GraphQL, PostgreSQL, authentication, and storage

Parse Server is an open-source backend framework that provides a scalable and flexible way to build web and mobile applications with a self-hostable backend-as-a-service (BaaS). It offers database management, REST APIs, GraphQL, push notifications, and user authentication.

PocketBase single-binary BaaS with SQLite, auth, real-time, and file storage

Strapi is an open-source, headless CMS that allows you to build custom APIs and manage content.

Supabase BaaS with Postgres, Auth, Realtime, Storage, and Edge Functions

Identify and fix common code smells that indicate deeper design problems

Manage dependencies and reduce coupling to build modular, flexible systems

Implement clean error handling strategies that keep code readable and robust

Design small, focused functions that do one thing well and are easy to test

Choose clear, intention-revealing names for variables, functions, classes, and modules

Apply common refactoring patterns to improve code structure without changing behavior

Apply SOLID principles to design flexible, maintainable object-oriented code

Design effective tests using the testing pyramid, clean test structure, and test-driven thinking

Configure Content-Security-Policy headers to mitigate XSS, data injection, and clickjacking attacks.

Configure CORS headers correctly to control cross-origin resource access while preventing overly permissive policies.

Protect web applications against cross-site request forgery (CSRF) using tokens, SameSite cookies, and origin validation.

Validate and sanitize all user input at application boundaries using schemas, type coercion, and allowlists.

Securely store, access, rotate, and audit application secrets and credentials using vaults, environment variables, and CI/CD integrations.

Prevent SQL injection attacks using parameterized queries, ORM best practices, and input validation layers.

Secure your software supply chain by auditing dependencies, pinning versions, verifying integrity, and monitoring for vulnerabilities.

Prevent cross-site scripting (XSS) attacks through output encoding, input sanitization, and secure rendering practices.

Convert React class components to functional components with hooks

Migrate a Create React App project to Next.js for server-side rendering and file-based routing

Migrate a JavaScript codebase to TypeScript incrementally with minimal disruption

Migrate a test suite from Jest to Vitest for faster execution and native ESM support

Decompose a monolithic application into microservices using the strangler fig pattern

Migrate a REST API to GraphQL while maintaining backward compatibility

Migrate from a relational SQL database to a NoSQL document or key-value store

Migrate a Webpack-based project to Vite for faster development builds and HMR

Server-side form mutations with action functions, progressive enhancement, and optimistic UI in Remix

Authentication patterns in Remix using sessions, cookies, JWT, OAuth flows, and route protection

Deploying Remix applications to various platforms including Vercel, Fly.io, Cloudflare, and Node.js servers

Error boundaries, catch boundaries, and structured error handling strategies in Remix applications

Server-side data loading with loader functions, useLoaderData, and type-safe data fetching in Remix

Nested routes, dynamic segments, outlets, and file-based routing conventions in Remix

Streaming responses and deferred data loading with defer, Await, and Suspense in Remix

CSS strategies in Remix including route-scoped links, Tailwind CSS, CSS Modules, and CSS-in-JS approaches

Auto-update mechanisms for desktop applications using electron-updater and Tauri's built-in updater

IPC communication patterns for Electron main and renderer process messaging

Electron fundamentals for building cross-platform desktop applications with web technologies

File system access patterns, native dialogs, and drag-and-drop for desktop applications

System tray icons, native application menus, and desktop notifications for Electron and Tauri apps

Building, packaging, and distributing desktop applications for Windows, macOS, and Linux

Desktop application security including context isolation, preload scripts, CSP, and sandboxing for Electron and Tauri

Tauri framework for building lightweight, secure desktop applications with a Rust backend and web frontend

Independent deployment patterns for micro-frontends including CI/CD pipelines, versioning, rollback, and environment strategies.

Strategies for sharing design systems, component libraries, and visual consistency across independently deployed micro-frontends.

iFrame-based micro-frontend composition for maximum isolation between independently deployed frontend applications.

Webpack Module Federation for sharing code and dependencies across independently deployed micro-frontends at runtime.

Cross-application routing strategies for micro-frontends including shell-controlled routing, distributed routing, and URL contracts.

Cross-application state sharing patterns for micro-frontends including event buses, shared stores, and URL-based state.

Single-SPA framework for orchestrating multiple JavaScript micro-frontends within a single page application shell.

Web Components and Shadow DOM as a framework-agnostic encapsulation layer for micro-frontend composition.

Cloudflare D1 for running SQLite databases at the edge with SQL query support

Cloudflare Workers KV for globally distributed key-value storage at the edge

Cloudflare Workers for serverless edge compute using the V8 isolate model

Deno Deploy for globally distributed edge applications using the Deno runtime

Authentication and authorization at the edge for securing requests before they reach the origin