All Services | Auxiliar.ai

Weaviate

Trust: /10

Open-source vector database with built-in vectorization modules. Self-host free or use Weaviate Cloud. Strong module ecosystem for text, image, and multi-modal search.

3 known gotchas

Module complexity: Weaviate's module system is powerful but adds configuration complexity. Choosing between text2vec-openai, text2vec-cohere, text2vec-transformers requires understanding trade-offs.
Sandbox 14-day expiry: The free sandbox cluster expires after 14 days with no way to extend. Data is deleted. Don't use it for anything you want to keep.
Memory-intensive self-hosting: Self-hosted Weaviate needs significant RAM (8 GB+) for production workloads. The HNSW index is memory-resident by default.

Vonage

Trust: /10

Formerly Nexmo. Good international SMS coverage with simpler pricing than Twilio. $0.0068/SMS (US). Strong voice and video APIs. Dashboard UX is dated but API is solid.

3 known gotchas

Dashboard UX is dated: The Vonage developer dashboard has not been modernized like competitors. Navigation is confusing and documentation search can be frustrating. The API itself is solid.
Post-Ericsson acquisition uncertainty: Ericsson acquired Vonage in 2022. The communications API business strategy is shifting. Long-term product direction is less clear than independent competitors.
Trial credit is minimal: The $2 trial credit covers about 30 US SMS messages. This is insufficient for meaningful testing. Plan to add funds early.

Vercel Cron

Trust: /10

Built-in cron jobs for Vercel projects. Zero configuration — just add cron expressions to vercel.json. Free on Hobby (1/day), unlimited on Pro. Vercel-only.

3 known gotchas

Complete Vercel vendor lock-in: Vercel Cron only works on Vercel. If you migrate to another hosting provider, you must replace your entire cron setup. There is no portable abstraction.
Hobby tier is practically unusable: 1 cron job per day on the Hobby tier is insufficient for any real development workflow. You effectively need Pro ($20/month) for cron to be useful.
No built-in retries or observability: Vercel Cron triggers your function but offers no retry logic, failure alerting, or run history beyond basic function logs. For reliability, add your own retry logic.

Vercel

Trust: /10

The deployment platform behind Next.js. Best-in-class for React frameworks with edge functions, preview deployments, and Fluid compute — but per-seat pricing and bandwidth overage can add up.

4 known gotchas

Bandwidth overage shock: Vercel charges starting at $0.15/GB for bandwidth beyond your plan's included usage. The Pro plan includes $20 of usage credit, but a viral post or product launch can still generate surprise charges. Set up spend alerts.
Hobby tier is non-commercial: The free Hobby plan explicitly prohibits commercial use. Any revenue-generating app needs the $20/month Pro plan.
Framework lock-in: Advanced features (ISR, edge middleware, image optimization) are deeply integrated with Next.js. Migrating to another platform means losing these optimizations.
Cold starts on serverless functions: Serverless functions can have cold starts of 200-500ms. Edge functions are faster but have runtime limitations (no Node.js APIs).

Upstash

Trust: /10

Serverless Redis with HTTP-based access and pay-per-request pricing. Best Redis option for serverless and edge runtimes.

3 known gotchas

10K daily command limit on free tier: The free tier allows only 10,000 commands per day. A single page load can use 5-10 Redis commands, meaning the free tier supports roughly 1,000-2,000 page views per day.
HTTP latency vs native Redis: Upstash's HTTP-based access adds 1-5ms latency compared to native Redis TCP connections. For most use cases this is fine, but latency-sensitive applications should benchmark.
Not all Redis commands supported: Upstash supports most Redis commands but not all. Some advanced commands (SUBSCRIBE in serverless), Lua script limitations, and module support may be missing.

UploadThing

Trust: /10

File uploads purpose-built for Next.js and React. Best DX for the React ecosystem, but limited outside it.

3 known gotchas

Framework lock-in: UploadThing is deeply integrated with React/Next.js. If you switch frameworks or need uploads from a non-React client, you'll need to rewrite the upload logic.
2 GB free tier is tiny: 2 GB fills up fast with any real user uploads. Plan to upgrade to Pro ($10/mo) almost immediately for production apps.
Young company: UploadThing is a 2023 startup with a small team. While growing fast, it doesn't have the track record of S3 or R2. Consider the bus factor for production dependencies.

Typesense

Trust: /10

Open-source search engine with great developer experience. Self-host for free or use Typesense Cloud. Best Algolia alternative with lower cost and no vendor lock-in.

2 known gotchas

Smaller ecosystem than Algolia: Typesense has fewer pre-built UI components and third-party integrations than Algolia. InstantSearch adapter exists but some Algolia widgets may not work perfectly.
Self-hosting requires separate infrastructure: Running Typesense yourself means managing a separate server, monitoring, backups, and updates. For small teams, Typesense Cloud may be worth the cost.

Twilio

Trust: /10

Market-leading SMS API with the most features. Pricing starts at $0.0079/SMS (US). Complex pricing with carrier fees, but broadest feature set including voice, video, and WhatsApp.

3 known gotchas

Complex pricing with hidden carrier fees: The $0.0079/SMS base price is misleading. Carrier fees ($0.003-0.006), phone number rental ($1.15/mo), and A2P registration fees add 50-100% to effective cost.
A2P 10DLC registration required: US business SMS requires A2P 10DLC registration. Without it, messages are filtered or blocked. Registration takes 1-4 weeks and costs $15/brand + $3/campaign.
Trial tier has recipient verification: On the trial tier, you must manually verify each phone number before sending. This blocks automated testing workflows.

Turso

Trust: /10

Edge-native SQLite database built on libSQL. 100 free databases with 5 GB storage. Zero cold starts, embedded replicas for edge deployments.

4 known gotchas

Not PostgreSQL: Turso is SQLite/libSQL, not PostgreSQL. If your app or ORM assumes PostgreSQL (Prisma with PostgreSQL provider, pg driver), you'll need to switch to a libSQL-compatible driver. Drizzle ORM has first-class libSQL support.
Limited ORM support: Works with Drizzle ORM (first-class), and has a Prisma adapter. Does not work with TypeORM, Knex, or other PostgreSQL-specific ORMs.
No complex joins at scale: SQLite handles joins but is not optimized for complex analytical queries the way PostgreSQL is. For OLAP workloads, use PostgreSQL.
Younger ecosystem: Turso and libSQL are newer than PostgreSQL managed services. The ecosystem of tools, tutorials, and community support is smaller.

Trigger.dev

Trust: /10

Background jobs for Next.js and Node.js. Open source, serverless-friendly, excellent DX. Best for simple-to-medium background jobs.

3 known gotchas

5 concurrent run limit on free tier: The free tier allows only 5 concurrent runs. If you queue 100 jobs, 95 will wait. This can create significant delays for batch processing workloads.
Node.js/TypeScript only: Trigger.dev only supports Node.js and TypeScript. If your backend is Python, Go, or another language, you cannot use Trigger.dev. Use Inngest (multi-language) or BullMQ (Redis-based, any consumer).
Still maturing: Trigger.dev is a young project (2022). While it's growing fast and has good DX, expect occasional breaking changes and evolving APIs. Pin your SDK versions.

Trigger.dev

Trust: /10

Scheduled tasks and background jobs for Node.js. TypeScript-first with great developer experience. Free tier includes 50K runs/month. Best DX for TypeScript teams.

3 known gotchas

Node.js only: Trigger.dev only supports Node.js/TypeScript. If your scheduled jobs need Python, Go, or other languages, you cannot use Trigger.dev.
Younger platform, API evolving: Trigger.dev v3 was a major rewrite from v2 with breaking changes. The platform is improving rapidly but API stability is a concern for long-term projects.
Concurrency limits: Free tier limits to 5 concurrent runs. If your cron jobs overlap or run long, you'll hit this quickly. Pro tier increases to 25.

Auth built into the Supabase platform. PostgreSQL-backed, Row Level Security integration, generous free tier (50K MAU free, 100K on Pro at $0.00325/MAU overage — far cheaper than Clerk's $0.02/MRU) — but tightly coupled to Supabase.

4 known gotchas

Coupled to Supabase platform: Supabase Auth is not a standalone service. You get auth as part of the Supabase platform (database, storage, functions). If you only need auth, you're paying for unused services.
Row Level Security learning curve: Supabase Auth shines with PostgreSQL RLS policies — but RLS has a learning curve. Incorrect policies can expose data. Test thoroughly.
Self-hosted complexity: Supabase is open source and can be self-hosted, but self-hosting auth correctly (token management, session security) is complex. The managed service is much simpler.
Email templates limited: Built-in email templates (confirmation, password reset) are basic. Custom email templates require configuring an external SMTP provider.

Supabase

Trust: /10

Open-source Firebase alternative with managed Postgres. Full platform with auth (100K MAU on Pro), storage, realtime, edge functions — with a spend cap to prevent bill shock.

5 known gotchas

Free tier pauses after inactivity: Free tier projects are paused after 1 week of inactivity. Your data is preserved but the database stops. This blocks staging environments and hobby projects you don't check daily.
You're buying the platform, not just a database: Supabase pricing includes auth, storage, edge functions, and realtime. If you only need Postgres, you're paying for services you don't use. Consider Neon or plain RDS.
Performance at scale: Supabase shared infrastructure (free/Pro) has variable performance under load. For consistent performance, you need Team tier ($599/month) or dedicated infrastructure.
Compute pricing is separate: The $25/month Pro plan includes $10 in compute credits (enough for one Micro instance). Larger compute sizes cost extra: Medium $60/mo, Large $110/mo, XL $210/mo. For production apps needing more than 1 GB RAM, budget for compute add-ons.
Vendor lock-in despite open source: While Supabase is open source, self-hosting the full stack (Postgres + Auth + Realtime + Storage + Edge Functions) is complex. Most teams are effectively locked into the managed service.

Stripe

Trust: /10

The most popular payment API. Maximum flexibility, best documentation, global coverage — but you're responsible for tax collection and compliance.

3 known gotchas

You handle tax compliance: Stripe is NOT a merchant of record. You are responsible for collecting and remitting sales tax, VAT, and GST. Stripe Tax helps but costs $0.50/txn extra.
Account freezes for high-risk industries: Stripe may freeze accounts in gambling, crypto, adult content, and other high-risk categories. Verify your industry is supported before building.
Payout delays for new accounts: New accounts start with 2-7 day rolling payouts. This improves over time but can cause cash flow issues early on.

Strapi

Trust: /10

Open source headless CMS, self-hosted with full control. Largest plugin ecosystem, but self-hosting requires DevOps.

3 known gotchas

Self-hosting requires DevOps: Running Strapi in production requires managing Node.js, a database (PostgreSQL recommended), file storage, and deployments. Budget 1-2 days for initial production setup.
Plugin quality varies: The plugin marketplace is large but quality is inconsistent. Some popular plugins are unmaintained or break on major Strapi upgrades. Always check last update date.
Major version upgrades can break plugins: Strapi v4 to v5 migration broke many community plugins. Plan for plugin compatibility issues during major upgrades.

Statsig

Trust: /10

Feature flags combined with experimentation and analytics. Free tier includes 1M events/month. Usage-based pricing is more cost-effective than per-seat for most teams.

3 known gotchas

Event-based billing can spike: Usage-based pricing is great for small teams but can spike unexpectedly when you launch high-traffic features or experiments. Monitor event volume closely.
Younger platform than LaunchDarkly: Statsig was founded in 2021 — much younger than LaunchDarkly (2014). While growing fast, enterprise governance features are still maturing.
Low migration difficulty: Statsig uses simple API-based flag evaluation. Migration in or out is straightforward — no streaming connections or complex SDK patterns to replace.

Sentry

Trust: /10

Industry-standard error tracking with performance monitoring. Open source self-host option. Best error tracking DX, but alert fatigue is real.

3 known gotchas

Alert fatigue: Default Sentry setup generates too many alerts. Spend time configuring issue grouping, alert rules, and noise reduction. Without tuning, teams start ignoring Sentry notifications within weeks.
Self-hosted is complex: Self-hosting Sentry requires PostgreSQL, Redis, Kafka, ClickHouse, and several microservices. It's a significant infrastructure project — not a simple Docker Compose deploy.
Transaction limits separate from error limits: Performance monitoring (transactions) has separate quotas from error tracking. You can exhaust one while having plenty of the other, leading to unexpected overage charges.

SendGrid

Trust: /10

Legacy email platform with both transactional and marketing features. Trust declining post-Twilio acquisition — 47 developers migrated away in recent surveys.

5 known gotchas

Trust erosion post-Twilio acquisition: Since Twilio acquired SendGrid in 2019, developer trust has declined. 47 developers in recent surveys reported migrating away, citing degraded support and reliability.
Deliverability inconsistency: Reports of intermittent deliverability issues, especially on shared IPs. Dedicated IP ($25/month extra) strongly recommended for production.
Complex API surface: SendGrid's API has accumulated cruft over the years. The v3 API is decent but has inconsistencies. Documentation quality is uneven.
Account suspension without warning: Some developers report accounts being suspended without clear communication. Ensure you have proper email authentication (SPF, DKIM, DMARC) set up from day one.
Free tier removed: SendGrid removed its permanent free tier in March 2025. It now offers only a 60-day trial. Many blog posts and AI training data still reference the old free tier. After 60 days you must pay $19.95/month minimum.

Sanity

Trust: /10

Real-time headless CMS with GROQ query language and open source studio. Best DX in class, but GROQ has a learning curve.

3 known gotchas

GROQ learning curve: GROQ is powerful but unique — it's neither SQL nor GraphQL. Expect 1-2 days to become productive. The payoff is worth it, but plan for the ramp-up.
API request limits include CDN misses: The 500K API request limit on free tier counts CDN cache misses and real-time listeners. High-traffic sites or real-time apps can hit this fast.
Dataset size includes history: The 10 GB dataset limit includes all document revisions and history. Large content libraries with frequent edits can hit this limit sooner than expected.

RevenueCat

Trust: /10

In-app subscription management for mobile apps. Handles Apple App Store and Google Play billing complexity — free up to $2,500 MTR.

3 known gotchas

Store fees still apply: Apple and Google take 15-30% of every subscription payment. RevenueCat's fee is on top of that. Your effective take-home on a $10/month subscription may be as low as $6-7.
Web support is limited: RevenueCat is designed for mobile. Web billing support exists but is basic compared to Stripe or Paddle. Don't use it as your primary web payment solution.
MTR tracking can be confusing: Free tier is based on monthly tracked revenue, not total revenue. Make sure you understand what counts toward the $2,500 threshold.

Resend

Trust: /10

Modern email API with React Email support. Best DX in class, but free tier has a 100/day cap that blocks staging.

3 known gotchas

100/day cap on free tier: The 3K/month free tier is misleading — you can only send 100 emails per day. This blocks staging environments and automated testing.
Domain verification delay: DNS propagation for domain verification can take 24-48 hours. Plan this before launch day.
React Email requires JSX: The React Email template system is excellent but requires a JSX build step. If you're not using React, use plain HTML templates instead.

Render Postgres

Trust: /10

Simple managed Postgres on Render. Easy setup and fair pricing — but free tier databases are deleted after 30 days without warning.

4 known gotchas

Free tier deleted after 30 days: Render's free Postgres databases are permanently deleted after 30 days. Render shortened this from 90 days. There is no warning email that's easy to miss. If you're using the free tier for staging or a side project, set a calendar reminder.
No connection pooling on cheap tiers: Lower tiers don't include PgBouncer-style connection pooling. Serverless apps (Lambda, edge functions) that open many short-lived connections will exhaust the connection limit quickly.
Limited region availability: Render databases are available in fewer regions than AWS RDS or Neon. Check that your preferred region is supported.
No horizontal scaling: Render Postgres is single-node (with optional read replicas on Pro+). For write-heavy workloads that need horizontal scaling, look at PlanetScale or CockroachDB.

Render

Trust: /10

All-in-one platform: web services, databases, cron jobs, static sites. Workspace pricing ($0-29/user/mo) plus compute costs. Free tier web services sleep after 15 minutes.

3 known gotchas

Free tier sleeps after 15 minutes: Free web services spin down after 15 minutes of no traffic. The cold start when they wake up takes 30+ seconds. Unusable for production APIs.
Slow builds: Render builds can be slow compared to Vercel or Railway. Docker builds especially. Plan for 3-10 minute deploy times.
Limited regions: Fewer deployment regions than AWS or Fly.io. Check that your preferred region is available.

Redis Cloud

Trust: /10

Managed Redis by Redis Inc. Full Redis feature set with persistent connections. The official managed option.

3 known gotchas

30 MB free tier is tiny: 30 MB of Redis storage holds approximately 30,000 small key-value pairs. Any real caching workload will exceed this quickly. Plan to upgrade to Essentials ($7/mo) for development.
Connection limits: The free tier is limited to 30 concurrent connections. Connection pooling in your application can hit this limit, especially with multiple app instances.
Persistence costs extra: Data persistence (AOF/RDB) with guaranteed durability requires the Pro tier ($65/mo). Lower tiers may lose data during restarts.

Railway Postgres

Trust: /10

PostgreSQL on Railway's PaaS. Usage-based pricing starting at ~$5/month. Simple setup but it's a container, not a purpose-built managed database.

3 known gotchas

Not a managed database service: Railway Postgres is a PostgreSQL container, not a purpose-built managed database like Neon or RDS. No built-in connection pooling, no branching, no read replicas, no point-in-time recovery on lower tiers.
No permanent free tier: Railway offers a 30-day trial with $5 credit. After that, the free tier becomes $1/month, or the Hobby plan starts at $5/month. Many comparison articles still list Railway as having a fully free tier.
Limited database management: No built-in database dashboard, no query analytics, no automated failover. You manage the database through Railway's general-purpose container UI.

Railway

Trust: /10

Usage-based deployment platform. Deploy anything with a Dockerfile or supported buildpack. Pay per second of compute. Free 30-day trial then $1/month; no permanent free tier.

3 known gotchas

No permanent free tier: Railway's free trial is 30 days with $5 credit. After that, the free tier becomes $1/month. Many comparison articles still reference an old free tier that was fully free.
Usage billing can surprise: Per-second billing means an always-on service costs ~$5-15/month even on the Hobby plan. Forgetting to shut down a dev environment costs money.
Limited build customization: Railway uses Nixpacks for auto-detection. Complex builds may need a Dockerfile. Build logs can be opaque when auto-detection fails.

QStash

Trust: /10

Serverless message queue with cron scheduling by Upstash. Edge-compatible, HTTP-based. Free tier includes 500 messages/day. Best for serverless and edge environments.

3 known gotchas

It's a message queue, not a cron service: QStash schedules HTTP requests to your endpoints. It's not a full cron platform — there's no built-in job runner, dashboard for function logs, or step-based execution. Your endpoint handles all logic.
Endpoint must be publicly accessible: QStash sends HTTP requests to your endpoint. For local development, you need a tunnel (like ngrok). For production, your cron endpoints must be publicly reachable.
Retries cost extra: Retries are billed separately at $0.20/100K. If your endpoints fail frequently, retry costs add up on top of base message pricing.

Qdrant

Trust: /10

Open-source, Rust-based vector database with excellent performance and low resource usage. Free to self-host or 1 GB free cloud. Best price/performance ratio.

3 known gotchas

Smaller ecosystem: Qdrant has fewer third-party integrations and framework plugins compared to Pinecone or Weaviate. LangChain and LlamaIndex support exists but the community is smaller.
Cloud free tier is 1 GB only: The 1 GB free cloud tier fills quickly with high-dimensional embeddings (1536-dim). Plan to upgrade early for any real workload.
gRPC vs REST trade-off: Qdrant offers both gRPC (faster) and REST APIs. For best performance use gRPC, but it adds client complexity. REST is simpler but slower for batch operations.

Postmark

Trust: /10

Transactional email service known for exceptional deliverability — up to 4x faster delivery than competitors. Trusted by IKEA, Asana, and 1Password.

5 known gotchas

DKIM/SPF setup required: Postmark requires proper email authentication (DKIM, SPF, DMARC) before sending. This is good practice but adds setup time if you're new to email infrastructure.
Shared IP reputation risk: On shared IPs, your deliverability depends on other senders' behavior. For production at scale, consider dedicated IP ($50/month).
No marketing email support: Postmark is transactional-only by design. If you also need marketing/bulk email, you'll need a second service.
ActiveCampaign acquisition: Acquired by ActiveCampaign in 2022. So far operating independently, but watch for pricing or feature changes.
Inbound email only on Pro+: Inbound email processing (receiving and parsing emails) is only available on Pro ($16.50/month) and Platform ($18/month) plans, not Basic.

PostHog Feature Flags

Trust: /10

Feature flags bundled with PostHog product analytics. Free tier includes 1M API calls/month. Best value if you already use PostHog for analytics.

3 known gotchas

Flags drive analytics costs: Feature flag evaluations are free, but they typically drive analytics events (page views, actions) that count toward your PostHog analytics quota. The flag feature is a funnel to paid analytics.
Flags are secondary to analytics: PostHog's core product is analytics. Feature flags are bundled but don't receive the same depth of development as dedicated flag platforms like LaunchDarkly.
Low migration difficulty: PostHog feature flags use simple API-based evaluation. If you decide to switch to a dedicated flag service, migration is straightforward.

PostHog

Trust: /10

All-in-one product analytics with feature flags, session replay, and A/B testing. Open source. Best value for product teams.

3 known gotchas

Autocapture can spike event volume: PostHog's autocapture feature automatically tracks clicks, page views, and form interactions. On high-traffic sites, this can consume your free 1M events in days. Disable autocapture and track events manually to control costs.
Session replay storage: Session replay recordings consume significant storage. The 5K recordings/month free tier can fill up fast on high-traffic sites. Consider sampling strategies.
Self-hosted complexity: Self-hosting PostHog requires Kubernetes, ClickHouse, PostgreSQL, Redis, and Kafka. It's a production-grade data pipeline — not a simple deployment.

PostgreSQL Full-Text Search

Trust: /10

Built-in full-text search in PostgreSQL. No extra service, no extra cost, no extra infrastructure — use what you already have.

3 known gotchas

Limited relevance ranking compared to dedicated search: PostgreSQL FTS uses ts_rank which is basic compared to Algolia/Typesense/Meilisearch. No behavioral ranking, no AI-powered relevance, no click analytics. Results may feel less 'smart' to users.
No typo tolerance by default: PostgreSQL FTS matches exact stems only. 'iphon' won't match 'iPhone'. You can add pg_trgm extension for fuzzy matching, but it's not as good as dedicated search engines.
Requires tsvector column management: You need to create and maintain tsvector columns (or use generated columns), create GIN indexes, and handle updates. Not hard, but more manual than dedicated search engines.

PlanetScale

Trust: /10

Serverless MySQL with branching and zero-downtime schema changes. Removed free tier in 2024 — now starts at $39/month.

4 known gotchas

Free tier removed: PlanetScale removed its free tier in April 2024, forcing all free-tier users to migrate or pay. This caused significant community backlash and trust erosion. Many agents and blog posts still reference the free tier.
MySQL only: PlanetScale is MySQL-compatible (built on Vitess). If your stack uses PostgreSQL, PlanetScale is not an option. Most modern ORMs work fine but some PostgreSQL-specific features won't be available.
No foreign keys: PlanetScale historically did not support foreign key constraints (due to Vitess). Foreign key constraints are now GA on unsharded databases, but are still not recommended for sharded tables due to performance implications.
Business model uncertainty: The free tier removal and business model pivot signal financial pressure. PlanetScale is well-funded but the trajectory is uncertain. Factor this into long-term decisions.

Pinecone

Trust: /10

Managed serverless vector database. Zero-ops, scales automatically. Free tier includes 5M vectors. Best choice for production AI applications needing managed infrastructure.

3 known gotchas

Proprietary format creates lock-in: Data stored in Pinecone's proprietary format. Exporting vectors for migration requires fetching all vectors via API, which can be slow and expensive at scale.
Read/write unit pricing is complex: Storage cost ($0.33/1M vectors) is just one component. Read units ($8.25/1M) and write units ($2/1M) add up quickly with high-throughput workloads.
Cold start on serverless: Serverless indexes can have cold start latency of 1-2 seconds after periods of inactivity. Plan for this in latency-sensitive applications.

Paddle

Trust: /10

Merchant of record for SaaS. Handles tax, compliance, and billing globally — strong in EU market but slower payouts.

3 known gotchas

They own the customer relationship: As merchant of record, invoices and receipts come from Paddle, not your company. Customers see 'Paddle' on their credit card statement.
Slow payouts: Net-15 to net-30 payout schedule vs Stripe's 2-day rolling payouts. This can create significant cash flow challenges for early-stage companies.
Migration is hard: All subscriptions are with Paddle as merchant of record. Switching to Stripe or another provider means re-collecting payment details from every customer.

OpenAI

Trust: /10

GPT-4o and o3 models, largest LLM ecosystem. Most popular API with broadest third-party integrations. Risk: changed data policy retroactively.

3 known gotchas

Changed data policy retroactively: OpenAI has changed its data usage policies after launch, creating trust concerns for sensitive applications. API data is not used for training by default, but the policy has shifted before.
Rate limits are complex and tiered: Rate limits depend on your usage tier (1-5), which increases based on total spend. New accounts start at Tier 1 with very low limits. Check your tier before estimating throughput.
Output tokens are expensive: Output tokens cost 2-4x more than input. For applications that generate long responses, the effective cost is much higher than the headline input price suggests.

Neon

Trust: /10

Serverless Postgres with branching, built-in connection pooling (pgBouncer, up to 10K connections), multi-AZ HA, read replicas, and Neon Auth (Better Auth, 60K MAU free) — all included on every plan. Usage-based pricing with no minimum spend.

4 known gotchas

350ms cold starts on Free tier: Compute pauses after 5 min inactivity and takes ~350ms to resume. On Launch tier and above, you can disable scale-to-zero to avoid cold starts entirely.
Free tier is generous but storage-limited: 100 projects with 100 CU-hrs each and unlimited team members — great for prototyping and dev. But 0.5 GB storage per project means you'll move to Launch for real data.
Usage-based pricing can be unpredictable: Since there's no fixed monthly fee, costs vary with load. Set autoscaling limits to control costs. Monitor CU-hr consumption to avoid bill surprises.
Branching is powerful but unfamiliar: Neon's database branching (like git branches for your database) is innovative but requires learning new workflows. Not all ORMs and migration tools handle it smoothly.

MessageBird

Trust: /10

EU-based communications platform with strong GDPR compliance. Good WhatsApp Business API support. Pricing varies by country. Best choice for European companies.

3 known gotchas

Pricing not transparent: Unlike Twilio and Vonage, MessageBird does not publish clear per-message pricing on their website. You must create an account to see country-specific rates.
Rebranding confusion (MessageBird -> Bird): The company rebranded from MessageBird to Bird. SDKs, documentation, and community resources are split between old and new names. This creates confusion during integration.
US coverage weaker than competitors: MessageBird's strength is European and international SMS. US coverage and pricing are less competitive than Twilio or Vonage. For US-focused use cases, consider alternatives.

Meilisearch

Trust: /10

Open-source search engine built in Rust. Simplest setup of any dedicated search — single binary, zero configuration, instant results out of the box.

2 known gotchas

Less mature for large-scale production: Meilisearch is newer than Algolia and Typesense. While it handles millions of documents well, its clustering and high-availability features are still maturing. Evaluate carefully for mission-critical search at scale.
Fewer language-specific features: CJK (Chinese, Japanese, Korean) tokenization and right-to-left language support are improving but not as mature as Algolia's. Test with your specific language data before committing.

Mailgun

Trust: /10

Developer-focused email API by Sinch. Strong API design and good deliverability, but pricing changed significantly after Sinch acquisition.

4 known gotchas

Free tier removed: Mailgun removed its free tier in 2023. Many agents and blog posts still reference it. The 'trial' is only 30 days and 100 emails/day.
Sinch acquisition pricing changes: Pricing increased after Sinch acquisition. Legacy plans were grandfathered but new signups pay more. Watch for further changes.
Log retention is tier-gated: Foundation tier ($35/month) only retains logs for 5 days. You need Scale ($90/month) for 30 days. This matters for debugging deliverability issues.
EU data routing requires configuration: Default data routing is US. For GDPR compliance, you need to explicitly configure EU endpoints (api.eu.mailgun.net).

Logtail

Trust: /10

Log management platform by Better Stack. Clean UI, affordable pricing, fast search. Best value for log management.

3 known gotchas

3-day retention on free tier: The free tier only retains logs for 3 days. Most debugging requires looking back further than that. Plan to upgrade to Pro ($24/mo) for any production use.
Logs only — no APM or metrics: Logtail handles logs only. You'll need separate tools for error tracking (Sentry), product analytics (PostHog), and infrastructure metrics (Datadog or Prometheus).
Log volume can surprise: Verbose logging, debug output, or high-traffic apps can generate more logs than expected. Monitor ingestion volume and set up log level filtering to stay within tier limits.

Lemon Squeezy

Trust: /10

Merchant of record for digital products and SaaS. Handles all sales tax, VAT, and compliance — but takes a 5% cut.

3 known gotchas

Higher fees than Stripe: 5% + $0.50 vs Stripe's 2.9% + $0.30. At $10K/month revenue, that's $200+ more per month. You're paying for tax handling convenience.
Stripe acquisition uncertainty: Acquired by Stripe in 2024, currently operating independently. Long-term pricing, features, or even existence may change.
Limited physical goods support: Designed for digital products and SaaS. Physical goods support is minimal — use Stripe or Shopify for physical commerce.

LaunchDarkly

Trust: /10

Enterprise standard for feature flags. Most mature targeting rules and governance features. Free tier includes 1K MAU. Paid plans start at $10/seat/month.

3 known gotchas

Per-seat pricing adds up: At $10/seat/month, a 20-person engineering team pays $200/month before MAU costs. This makes LaunchDarkly expensive compared to usage-based alternatives like Statsig.
Migration is medium difficulty: LaunchDarkly SDKs use streaming connections for real-time flag updates. Migrating away requires replacing this real-time evaluation pattern, which is more complex than simple API calls.
Free tier is very limited: 1,000 MAU on the free tier is enough for a proof of concept but not for staging or development environments with meaningful traffic.

Inngest

Trust: /10

Event-driven durable functions with automatic retries and step functions. Best for complex workflows, but vendor lock-in risk.

3 known gotchas

Steps count as separate runs: In a multi-step function with 5 steps, each step execution counts as a separate run. A function with 5 steps uses 5 of your 25K monthly runs. This can deplete the free tier faster than expected.
Vendor lock-in: Inngest functions use a proprietary SDK format. Migrating away from Inngest requires rewriting all workflow logic. There's no standard format for durable functions.
Local development complexity: Local development requires running the Inngest Dev Server alongside your app. It works well but adds a step to the dev workflow and can occasionally have synchronization issues.

Inngest

Trust: /10

Durable cron and event-driven functions. Free tier includes 25K runs/month. Automatic retries, step functions, and observability built in. Best for reliable scheduled workflows.

3 known gotchas

Step functions have a learning curve: Inngest's step function model (step.run, step.sleep, step.waitForEvent) is powerful but adds complexity. Simple cron jobs don't need this, but you'll learn the pattern anyway.
Steps count as separate runs: Each step.run() in a function counts as a separate run toward your quota. A cron job with 5 steps uses 5 runs per execution, not 1.
Framework integration required: Inngest works by serving functions via HTTP endpoints in your app. You need to integrate their SDK into your web framework (Next.js, Express, etc.). It's not a standalone cron daemon.

Groq

Trust: /10

Fastest LLM inference using custom LPU hardware. Best for open-source models like Llama and Mixtral. Free tier with 14,400 tokens/min. Cheapest inference available.

3 known gotchas

Limited model selection: Groq only offers open-source models (Llama, Mixtral, Gemma). No proprietary models like GPT-4o or Claude. Model selection is narrower than other providers.
Rate limits on free tier: The free tier is generous (14,400 tokens/min) but has per-model rate limits. High-throughput production workloads will need paid tier quickly.
OpenAI-compatible API simplifies migration: Groq's API is OpenAI-compatible, meaning you can switch from OpenAI by changing the base URL and API key. This is a feature, not a gotcha — but be aware model capabilities differ.

Google AI

Trust: /10

Gemini 2.5 models, best multimodal capabilities. Free tier via AI Studio. Risk: trains on your prompts in AI Studio free tier.

3 known gotchas

AI Studio trains on your prompts: The free AI Studio tier uses your prompts to improve Google's models. For proprietary data, you must use the paid API or Vertex AI where data is not used for training.
Google kills products: Google has a history of discontinuing products and APIs. While Gemini is a strategic priority, API stability is a concern for long-term projects.
Vertex AI vs AI Studio confusion: Google offers two paths: AI Studio (simple, free tier, data used for training) and Vertex AI (enterprise, GCP-only, data not used). Choosing wrong can expose proprietary data.

Ghost

Trust: /10

Publishing platform with built-in newsletters and memberships. Best for blogs and publications, but limited as a general-purpose headless CMS.

3 known gotchas

Limited content modeling: Ghost is built for posts and pages. It doesn't support custom content types, relations, or structured data like Sanity or Contentful. Not suitable as a general-purpose headless CMS.
Newsletter delivery costs: Ghost's built-in newsletter feature uses Mailgun for delivery. Free for small lists, but costs add up at scale (Mailgun charges after 30-day trial).
Handlebars templating: Ghost themes use Handlebars — not React, Vue, or modern frameworks. Custom theme development has a learning curve if you're used to component-based frameworks.

Fly.io

Trust: /10

Global edge deployment with Firecracker VMs. Deploy containers close to users worldwide. Powerful but steeper learning curve than Vercel or Render.

3 known gotchas

Steeper learning curve: Fly.io uses a CLI-driven workflow with flyctl. Deployment requires understanding Dockerfiles, fly.toml config, and Fly's networking model. Not as simple as Vercel or Render.
Postgres is self-managed: Fly Postgres is NOT managed — it's PostgreSQL running on Fly VMs. You handle backups, failover, and upgrades. For managed Postgres, use Neon or Supabase instead.
Networking complexity: Fly uses WireGuard for private networking and has its own DNS (fly.dev). Multi-region deployment requires understanding Fly's anycast and replay headers.

Flagsmith

Trust: /10

Open-source feature flag and remote config service. Self-host free or use cloud starting at $45/month. Full-featured with API, SDKs, and admin UI.

3 known gotchas

Self-hosting requires infrastructure: Self-hosted Flagsmith needs PostgreSQL and optionally Redis. For production, you need monitoring, backups, and high availability. This is real operational overhead.
No built-in experimentation: Unlike Statsig, Flagsmith does not include A/B testing or statistical experiment analysis. You need a separate tool for experimentation.
Low migration difficulty: Flagsmith uses simple REST API-based evaluation. The data model (flags + segments) maps cleanly to other providers. Migration in or out is straightforward.

Firebase Auth

Trust: /10

Google's managed auth service. Generous free tier (50K MAU), broad provider support, but ties you into the Firebase/Google Cloud ecosystem.

4 known gotchas

Google Cloud ecosystem lock-in: Firebase Auth works best with other Firebase services (Firestore, Cloud Functions). Using it standalone with a non-Google backend is possible but awkward.
Limited customization: Pre-built UI (FirebaseUI) is functional but not customizable enough for polished apps. Most teams end up building custom UI anyway, negating much of the convenience.
Admin SDK required for server-side: Verifying tokens on your own backend requires the Firebase Admin SDK. This adds a dependency and requires service account credentials management.
Migration complexity: Exporting users from Firebase Auth is possible via CLI but password hashes use a Firebase-specific scrypt variant. Migration to another provider requires careful handling.

Dragonfly

Trust: /10

Redis-compatible in-memory store with higher performance. Multi-threaded architecture. Best self-hosted Redis alternative.

3 known gotchas

No managed free tier: Unlike Redis Cloud or Upstash, Dragonfly has no managed free tier. You must self-host or wait for Dragonfly Cloud (early access). Self-hosting requires provisioning and managing a server.
BSL license restrictions: Dragonfly uses the Business Source License, which prevents you from offering Dragonfly as a managed database service. For internal use, this is not an issue. The license converts to Apache 2.0 after 4 years.
Not 100% Redis compatible: While Dragonfly supports most Redis commands, some edge cases and rarely-used commands may behave differently. Test thoroughly when migrating from Redis.

Datadog

Trust: /10

Full-stack observability platform — metrics, logs, traces, APM. Enterprise-grade but expensive. Per-host pricing adds up fast.

3 known gotchas

Per-host pricing explodes with microservices: At $15-23/host/month, a 20-service microservice architecture costs $300-460/month just for infrastructure monitoring. Add APM ($31/host) and logs ($0.10/GB) and you're easily at $1,000+/month.
1-day retention on free tier: The free tier's 1-day metric retention makes it impractical for any real debugging. You can't look at yesterday's metrics. It's essentially a demo, not a usable free tier.
Log ingestion costs are unpredictable: Logs are priced per GB ingested ($0.10/GB). Verbose logging, debug output, or chatty services can generate hundreds of GB/month, creating surprise bills.

Contentful

Trust: /10

Headless CMS with API-first architecture. Enterprise-ready with mature ecosystem, but expensive and complex content modeling.

3 known gotchas

48 content type limit: Even on paid plans, you're limited to 48 content types per space. This forces careful upfront modeling and can be a hard constraint for complex projects.
GraphQL API has limitations: The GraphQL API doesn't support all query patterns available in the REST API. Nested references beyond 10 levels are not resolved.
Migration tooling is complex: Content migrations require the Contentful CLI and migration scripts. There's no visual migration tool — it's all code-based.

Cloudinary

Trust: /10

Image and video processing platform with built-in CDN. Best for media-heavy apps, but credit-based pricing is confusing.

3 known gotchas

Credit system is confusing: Cloudinary uses a credit-based system where 1 credit equals different amounts of storage, bandwidth, and transformations. It's nearly impossible to predict monthly costs without a spreadsheet.
Video processing is expensive: Video transformations consume 4-10x more credits than image transformations. A media-heavy app with video can exhaust credits surprisingly fast.
URL-based transforms can be abused: Cloudinary's URL-based transformation API is powerful but can be exploited if not locked down. Attackers can generate expensive transformations via URL manipulation.

Cloudflare R2

Trust: /10

S3-compatible object storage with zero egress fees. Best value for read-heavy workloads, but fewer features than S3.

3 known gotchas

Fewer features than S3: R2 lacks lifecycle policies, S3 Select, Glacier integration, and native event notifications. For advanced S3 features, you'll need to implement them with Cloudflare Workers.
Class A operation costs: Write operations (PUT, POST, LIST) cost $4.50/million. Write-heavy workloads (frequent small file uploads) can accumulate costs that offset egress savings.
Cloudflare ecosystem coupling: While the API is S3-compatible, features like custom domains and caching work best within the Cloudflare ecosystem. Using R2 outside Cloudflare adds complexity.

Cloudflare KV

Trust: /10

Global key-value store on Cloudflare's edge network. Eventually consistent, edge-native, best for read-heavy config and caching.

3 known gotchas

Eventually consistent reads: KV is eventually consistent with a propagation delay of up to 60 seconds. After a write, reads from other regions may return stale data. Not suitable for real-time counters, session state, or anything requiring strong consistency.
Cloudflare platform coupling: KV works best within Cloudflare Workers. Using it from outside Cloudflare via REST API is possible but loses the edge performance advantage and adds HTTP overhead.
Simple KV only — no data structures: KV stores simple string key-value pairs. No lists, sets, sorted sets, or other data structures. If you need Redis-like data structures, use Upstash.

Clerk

Trust: /10

Drop-in auth with pre-built UI components. 50K MRU free tier, but stores data in US only — GDPR risk for EU apps.

4 known gotchas

US data storage by default: Clerk stores ALL user data in the US. There is no EU data residency option — not even on Enterprise tier. Clerk relies on the Data Privacy Framework (DPF) for GDPR compliance, but DPF's legal standing has been challenged (Privacy Shield was invalidated by Schrems II). If you need guaranteed EU data residency, use Better Auth or Auth.js (self-hosted).
Pricing scales fast: Free tier now includes 50,000 MRU (up from 10,000 MAU in Feb 2026 restructure). Volume discounts reduce per-user cost at scale: $0.02 → $0.018 → $0.015 → $0.012. At 100K MRU on Pro: $25 base + (50K × $0.02) = $1,025/month. At 1M MRU: ~$16,325/month.
Vendor lock-in risk: Clerk manages your user data. Migrating away means exporting users and rebuilding auth flows. Password hashes may not be exportable depending on the auth method used.
Bundle size: Clerk's React SDK adds ~50KB to your client bundle. Acceptable for most apps, but worth noting for performance-sensitive projects.

Chroma

Trust: /10

Embedded vector database for AI applications. Open source, zero setup, runs in-process. Perfect for prototyping and local development. Cloud offering coming soon.

3 known gotchas

No cloud offering yet: Chroma Cloud has been announced but is not yet generally available. For production workloads that need managed hosting, you must self-host or use another provider.
Memory usage scales with collection size: In embedded mode, the vector index lives in your application's memory. Large collections (1M+ vectors) can consume significant RAM.
Not designed for multi-tenant production: Chroma excels for single-application use cases but lacks built-in multi-tenancy, auth, and access control for production SaaS deployments.

BullMQ

Trust: /10

Redis-based job queue for Node.js. Open source, battle-tested, zero recurring cost. The standard self-hosted queue.

3 known gotchas

Requires Redis: BullMQ requires a running Redis instance. This means provisioning and managing Redis (self-hosted, Upstash, Redis Cloud, etc.). The queue itself is free, but Redis is not.
No built-in monitoring: Unlike Inngest and Trigger.dev, BullMQ has no built-in dashboard or monitoring. You need Taskforce.sh ($15/mo), Bull Board (open source), or custom monitoring.
Worker management is manual: You're responsible for running, scaling, and deploying worker processes. There's no auto-scaling — you manage concurrency and process lifecycle yourself.

Better Auth

Trust: /10

Open-source TypeScript auth framework. The Auth.js team joined Better Auth in Sept 2025, making it the recommended path forward for Next.js authentication.

4 known gotchas

No pre-built UI components: Better Auth handles backend auth flows but you build all login/signup UI. Budget 1-3 days for a polished auth experience vs. 10 minutes with Clerk.
Younger project: Better Auth is newer than Auth.js/NextAuth. The Auth.js team joining in Sept 2025 added maturity, but the ecosystem of adapters and plugins is still growing.
Bun runtime issues: Known compatibility issues with Bun runtime on Next.js 16. Use Node.js runtime for now.
Past security vulnerability: CVE-2025-61928 (API key auth bypass) was discovered and patched. Normal for active projects but worth noting.

AWS SQS

Trust: /10

Fully managed message queue by AWS. Infinite scale, 1M free requests/month. Enterprise-grade but complex setup.

3 known gotchas

AWS complexity: SQS itself is simple, but integrating it requires IAM policies, Lambda triggers or polling workers, dead letter queues, and monitoring via CloudWatch. Budget 4-8 hours for production-ready setup.
No built-in job scheduling: SQS is a message queue, not a job scheduler. You can't schedule jobs for the future without adding EventBridge, Step Functions, or delay queues (max 15 minutes). This is a fundamental architectural difference from BullMQ or Inngest.
FIFO queue throughput limits: FIFO queues are limited to 300 transactions per second (3,000 with batching). High-throughput ordered processing requires careful message group design.

AWS SES

Trust: /10

Amazon's email sending service. Cheapest at scale but complex setup requiring multiple AWS services. Best for teams already on AWS.

5 known gotchas

Complex multi-service setup: A production SES setup typically requires: SES + IAM + Lambda + SNS + S3 (for logs) + CloudWatch. This is not 'just an email service' — it's an infrastructure project.
Sandbox mode by default: New SES accounts are in sandbox mode — you can only send to verified addresses. Getting out of sandbox requires a support request that can take 24-48 hours.
No built-in template management: SES has basic templates but nothing like React Email or Postmark's template editor. You'll build your own template pipeline.
Bounce/complaint handling is DIY: You must set up SNS topics + Lambda functions to handle bounces and complaints. If you don't, AWS will suspend your sending.
Regional availability: SES is not available in all AWS regions. Check that your preferred region supports SES before building.

AWS S3

Trust: /10

The industry standard for object storage. Most features, biggest ecosystem, but egress fees and IAM complexity add up.

3 known gotchas

Egress fees add up fast: At $0.09/GB, serving 1 TB/month of files costs $90 in egress alone. This is the #1 surprise cost. For read-heavy public assets, use Cloudflare R2 (zero egress) or put CloudFront in front.
IAM complexity: S3 permissions require understanding IAM policies, bucket policies, and ACLs (which are legacy). Misconfiguration is the #1 cause of S3 data breaches. Budget 2-4 hours for proper IAM setup.
Free tier expires: Unlike most services, AWS S3's free tier expires after 12 months. You'll start paying for storage even if usage is minimal.

AWS RDS

Trust: /10

Amazon's managed relational database. Battle-tested and feature-complete, but complex pricing with many hidden add-on costs.

5 known gotchas

Free tier is only 12 months: The RDS free tier (750 hours of db.t3.micro) expires after 12 months from AWS account creation. After that, you're billed at full rate. Set a reminder.
Multi-AZ doubles the cost: For production reliability, you need Multi-AZ deployment. This literally doubles your instance cost. A $50/month instance becomes $100/month with Multi-AZ.
Connection pooling costs extra: RDS doesn't include connection pooling. For serverless apps (Lambda), you need RDS Proxy at additional cost. Without it, Lambda will exhaust your connection limit.
Complex pricing model: RDS pricing has many dimensions: instance hours + storage + IOPS + data transfer + backups + proxies + read replicas. Estimating total cost requires AWS Cost Calculator.
Maintenance windows: RDS requires maintenance windows for patches and minor version upgrades. These cause brief downtime on single-AZ instances. Multi-AZ handles this with failover.

Auth0

Trust: /10

Enterprise-grade identity platform. Feature-rich but expensive — pricing has drifted upward since Okta acquisition in 2022.

4 known gotchas

Pricing drift post-Okta acquisition: Since Okta acquired Auth0 in 2022, pricing has increased and the free tier terms have changed. Developer sentiment has shifted negative. Watch for further pricing changes.
Complex pricing model: Auth0's pricing is confusing. The 'Essentials' tier starts at $35/month for just 500 MAU, but the free tier gives you 25K MAU. The jump from free to paid doesn't make obvious sense.
SDK complexity: Auth0 has SDKs for every platform but they vary in quality. The React SDK is good, but some framework integrations have rough edges and outdated docs.
Migration difficulty: Moving off Auth0 is non-trivial. Password hashes can be exported but the process is complex. Plan for this before committing.

Auth.js

Trust: /10

MAINTENANCE MODE: Auth.js team joined Better Auth in Sept 2025. v5 never left beta. Use Better Auth for new projects.

5 known gotchas

Maintenance mode: Auth.js team joined Better Auth in September 2025. v5 never left beta and will not receive new features. All new projects should use Better Auth.
No pre-built UI: Auth.js handles the backend auth flow but you build all the login/signup UI yourself. Budget 2-5 days for a polished auth experience vs. 10 minutes with Clerk.
v5 migration complexity: Auth.js v5 (from NextAuth v4) introduced significant breaking changes. Migration guides exist but the transition is non-trivial. Make sure you're reading v5 docs, not v4.
Security is your responsibility: Auth.js provides the primitives, but rate limiting, brute force protection, and account lockout are your responsibility to implement.
Database adapter selection: Works with Prisma, Drizzle, TypeORM, and others via adapters. But adapter quality varies — Prisma adapter is most battle-tested. Choose your adapter carefully.

Anthropic

Trust: /10

Claude 4.5 and 4.6 models, strongest coding and analysis capabilities. Best safety and alignment practices. Strongest privacy commitments among frontier labs.

3 known gotchas

Smaller third-party ecosystem: Anthropic has fewer third-party integrations, plugins, and tools compared to OpenAI. Most major frameworks (LangChain, LlamaIndex) support Claude, but the long tail of integrations is thinner.
No image generation: Anthropic does not offer image generation. If you need both LLM and image generation from one API, OpenAI is the only frontier option.
Output token pricing is steep: Output tokens cost 5x input across all Claude models. For applications generating long outputs, effective costs are much higher than input pricing suggests.

Algolia

Trust: /10

The most popular hosted search-as-a-service. Fastest query speeds, largest ecosystem with InstantSearch UI widgets, but pricing scales aggressively.

3 known gotchas

Pricing is negotiable — always negotiate: Algolia's list pricing is 30-60% higher than what most teams actually pay. Always ask for a discount, especially on annual contracts. Small teams often don't know this and overpay significantly.
Vendor lock-in with proprietary query format: Algolia uses its own query DSL and ranking formula. Migrating away requires rewriting search logic. InstantSearch widgets are Algolia-specific.
Egress and record costs add up: You're billed for both search requests AND record storage. Large indexes with frequent updates can cost more than expected.