Latest Backend posts
MongoDB vs PostgreSQL for SaaS: a 2026 decision framework
The database-choice argument has calmed down since 2020. PostgreSQL covers more workloads than MongoDB ever did, and MongoDB still wins in specific, well-defined cases. Here is the 2026 decision framework — when each one earns its slot, and the scaling myth that still sends teams down the wrong path.
API versioning strategies that don't hurt later
Three ways to version an API, one way Stripe does it, and one trap that turns every v2 into a reimplementation project. Here's how to pick a strategy that survives three years of shipping without forcing a rewrite on every integrator.
Job queues in Node.js: BullMQ, Inngest, Trigger.dev, or build your own?
Every Node.js backend eventually needs a queue. The choice between BullMQ, Inngest, Trigger.dev, a Postgres table, or SQS shapes your ops surface for years. Here's an honest comparison with the tradeoffs that matter at 100, 10K, and 10M jobs a day.
Node.js in 2026: ESM everywhere, native test runner, permission model
Node.js in 2026 looks very different from Node.js in 2022. ESM is the default, the test runner ships in the box, the permission model is stable, and TypeScript runs without a build step. Here is what actually changed, what to migrate, and where Jest and Mocha still earn their keep.
Building rate limiters that scale: Redis, sliding windows, and token buckets
Rate limiting is one of those boring backend primitives that only becomes interesting the day it breaks. Here's a honest comparison of the four algorithms that matter, the Redis patterns that make them work across nodes, and the traps — clock skew, stampedes, hot keys — that catch teams the first time they ship at real volume.
Secure file uploads: validation, virus scanning, and S3 best practices
File uploads are where most SaaS apps ship their first serious vulnerability. Here's the pipeline we wire up on every client project — MIME sniffing, size caps, image sanitization, virus scanning, and presigned S3 uploads — with the failure modes nobody writes tutorials about.