References
Sources & further reading
Every external claim in this site is sourced. We use official docs only — MDN, framework docs, platform docs, RFCs. No blog spam.
When a tool's specifics matter for what you're doing, verify against the official docs at the time of use — the web moves.
Web fundamentals
- MDN — HTTP — request/response, status codes, methods, headers
- MDN Learn — Web development — the canonical free curriculum
- RFC 9110 — HTTP Semantics — the spec itself, if you want bedrock
- MDN Glossary — definitions for almost every web term
Frontend frameworks
Backends, runtimes, languages
Databases & ORMs
Auth
- RFC 6749 — OAuth 2.0 — the spec
- RFC 7519 — JSON Web Tokens (JWT) — the spec
- Auth.js (NextAuth) — auth for Next.js and others
- Clerk — drop-in auth provider
- WorkOS — enterprise auth (SSO, SCIM)
Git, hosting, deploys
- Git — official docs and the Pro Git book
- GitHub — workflow, Actions, security
- GitLab — alternative host with built-in CI
- Cloudflare Pages — static + functions
- Vercel — Next.js's home platform
- Netlify — static + functions
- Render — full-stack hosting with managed Postgres
- Railway — deploy any stack
- Fly.io — apps run close to users globally
CI/CD
- GitHub Actions — workflow syntax, runners, secrets
- GitLab CI/CD — pipelines and runners
- CircleCI — config reference
Monitoring & observability
- Sentry — error monitoring
- Datadog — APM, logs, metrics
- Grafana — dashboards, alerts
- OpenTelemetry — vendor-neutral observability standard
AI coding agents
- Claude Code — Anthropic's terminal-based coding agent
- Cursor — AI-first IDE
- v0 — UI generation by Vercel
- Lovable — full-app generation
- Bolt — in-browser app builder
- Replit — agent + cloud IDE
- Windsurf — AI-first IDE (formerly Codeium)
- GitHub Copilot — inline AI completion + chat
Security primers
- OWASP Top 10 — the canonical list of web vulnerabilities
- OWASP Cheat Sheet Series — practical guides per topic
- MDN — Web security