Glossary
Every technical term the masterclass introduces, defined in plain language for a builder who is smart but not senior — 1223 terms, all free. Each entry notes the topic where the term is first defined.
#
- 1099-K (Form 1099-K)
- — A US tax form for third-party settlement entities reporting the gross payment volume moved to independent sellers or contractors; required threshold is currently $20,000 + 200 transactions. — (first defined in PAY-017)
- 3DS / 3D Secure
- — The technical protocol that implements Strong Customer Authentication by routing a cardholder to their bank for verification (a challenge), shifting fraud liability to the card issuer on success. — (first defined in PAY-010)
- 409A valuation
- — An independent fair-market-value assessment of a private company's common stock, required by IRS regulations before granting employee options to set a legally defensible strike price. — (first defined in FUND-005)
- 410 Gone (HTTP status)
- — An HTTP response code indicating the target resource is no longer available and the condition is permanent; the standard signal for a deprecated endpoint. — (first defined in SCA-011)
- 83(b) election
- — A US tax filing that must be submitted within 30 days of receiving restricted stock, ensuring the founder is taxed on the grant date rather than on each vesting installment. — (first defined in FUND-001)
- [A] (one product, two clients)
- — A topology where one backend and one source of truth serves two or more user-facing clients (e.g., mobile and desktop), keeping data and auth unified across surfaces. — (first defined in META-002)
- [B] (two separate products)
- — A topology where each user-facing client (mobile, desktop) has its own independent backend and data model, allowing independent release cycles but requiring duplicate engineering for shared features. — (first defined in META-002)
A
- A/B experiment
- — A randomized test that assigns users to control or variant groups and measures the causal effect of a change on a metric, requiring statistical power to reach significance. — (first defined in ANL-006)
- AAL2 / AAL3
- — NIST Assurance Levels; AAL2 (authenticator app or synced passkey) vs. AAL3 (hardware-bound, impersonation-resistant key). — (first defined in ARC-005)
- ABAC (Attribute-Based Access Control)
- — An authorization model where access decisions are based on attributes of the user, resource, environment, and action (e.g., time-of-day, IP address, department). — (first defined in BE-004)
- ABI splits
- — Architecture-specific app splits; Google Play serves arm64-only APKs to arm64 devices, reducing per-device download size by ~30%. — (first defined in MOB-017)
- Abstention
- — Model declining to answer when it lacks information, trained as a first-class output so it says I don't know instead of guessing. — (first defined in AI-014)
- Acceptable-Use Policy (AUP)
- — Plain-language documentation of what an AI feature is designed for and explicitly not for, surfaced to users. — (first defined in AI-019)
- Acceptance criteria
- — Testable assertions that define when a requirement is complete, written as "When [precondition], then [observable result]," and serving as the oracle for both tests and AI agents. — (first defined in STR-006)
- Accessibility Conformance Report (ACR)
- — A document (typically a VPAT) listing each WCAG criterion and stating whether an app Supports, Partially Supports, Does Not Support, or Not Applicable—required for B2B, government, and regulated-industry sales. — (first defined in A11Y-007)
- Accessibility label / content description
- — A text string attached to a UI control that describes its purpose for screen readers when the visible label alone is insufficient. — (first defined in MOB-012)
- Accessibility Nutrition Labels
- — Apple's standardized App Store declarations (VoiceOver, Voice Control, captions, Dynamic Type, contrast, reduced motion, etc.) that signal to users which accessibility features an app genuinely supports. — (first defined in A11Y-008)
- Accessibility testing (layers)
- — A multi-level verification approach combining linting at authoring, automated scanning in CI, component-level assertions, and manual keyboard/screen-reader passes—automation catches ~30-50%, human testing catches the rest. — (first defined in A11Y-006)
- Accessible name
- — The programmatic label a screen reader announces for an interactive element or image; distinct from visible text and required for blind users to identify and interact with controls. — (first defined in A11Y-003)
- Account linking (opt-in)
- — A feature that explicitly connects two separate product accounts under one login, never auto-merged, so users retain control. — (first defined in XP-006)
- Accrual accounting
- — Recording revenue when it is earned (e.g., each month of a subscription) and expenses when incurred, regardless of when cash moves; required for an accurate picture of multi-month prepaid revenue and a more complete view than cash-basis. — (first defined in FUND-002)
- ACID
- — Atomicity, Consistency, Isolation, Durability; database guarantees that transactions are reliable and data stays coherent. — (first defined in ARC-009)
- Activation
- — A measurable event proving a user has reached their aha-moment and experienced core product value. — (first defined in UX-005)
- Activation funnel
- — The sequence from signup through the first core action a user takes, measured as the percentage of users who complete each step and treated as the foundation before measuring retention. — (first defined in STR-002)
- Activation moment
- — The first action that proves a user got value from the app (e.g., first note created, first message sent), distinguished from just opening the app. — (first defined in ITER-003)
- Activation-gated reward
- — A referral incentive that is released only after the referred user completes a costly action (purchase, content creation, D7 active), not on signup, to prevent fraud. — (first defined in GTM-012)
- Activity Result API
- — The modern Android API for handling permission requests and other activities, replacing the deprecated request-code pattern. — (first defined in MOB-008)
- Ad mediation
- — An SDK and dashboard that runs a real-time auction across multiple ad networks and demand sources, selecting the highest-paying offer per impression. — (first defined in PAY-018)
- Ad unit
- — A unique identifier (ca-app-pub-xxx~yyy) for a specific ad placement and format; created in the mediator console and requested by client code. — (first defined in MOB-023)
- ADA Title III
- — US law prohibiting discrimination in places of public accommodation; increasingly interpreted by courts to apply to private digital products and services, enforced through private litigation and DOJ action. — (first defined in A11Y-001)
- Adapter (bidding line)
- — A network integrated into a mediator SDK so it competes in the auction without being a separate SDK; the correct way to add a network, not a parallel mediator. — (first defined in MOB-023)
- Adaptive icon
- — An Android icon format with separate foreground and background layers plus a system-defined mask (rounded square, circle, etc.), ensuring the logo is legible regardless of the device manufacturer's choice of shape. — (first defined in UI-002)
- AdAttributionKit (AAK)
- — Apple's privacy-preserving on-device attribution framework (iOS 18+, successor to SKAdNetwork) that reports conversions without requiring ATT or IDFA; adds re-engagement attribution, geo-level postbacks, development postbacks for testing, and separate measurement windows. — (first defined in MOB-010)
- Adoption slicing (feature-adoption bias)
- — Comparing retention of users who adopted a new feature vs. those who didn't; biased by self-selection (engaged users adopt features) and does not prove causation. — (first defined in ITER-007)
- Adstock (decay)
- — The carryover effect where marketing spend in one period continues to influence outcomes in future periods, with exponential or geometric decay curves modeling how this effect diminishes over time. — (first defined in GRO-010)
- AES-256-GCM
- — A symmetric encryption algorithm (AES with 256-bit key size) using Galois/Counter Mode, which is the NIST-recommended authenticated cipher for encrypting data at rest. — (first defined in SEC-002)
- Affected-only task running
- — In CI, running tests or builds only on packages that changed since the last build, skipping unchanged work to save time. — (first defined in ENV-001)
- Affected-test selection
- — A CI optimization that runs only the tests relevant to changed files or packages, rather than the entire test suite, to keep gate time under a threshold. — (first defined in TST-001)
- Affinity diagramming
- — A research analysis technique where findings are clustered by theme or root cause rather than by individual user, revealing patterns. — (first defined in TST-006)
- Age assurance
- — The technical and legal process of verifying whether a user meets the minimum age threshold for using an app or feature. — (first defined in PRV-010)
- Age bracket
- — A coarse age category (under_13, 13_17, 18_plus) used for compliance gating; finer than a raw birthdate and sufficient for most regulatory thresholds. — (first defined in MOB-016)
- Agent / agentic feature
- — An LLM loop where the model decides which tools to call, sees the result, and re-plans the next step based on what it learns — distinct from a single API call or a fixed workflow. — (first defined in AI-009)
- Agent context file (AGENTS.md, CLAUDE.md)
- — A machine-readable file listing non-obvious project conventions, exact build/test commands, and explicit 'always/ask-first/never' rules for AI agents. — (first defined in ENV-013)
- AGPL-3.0 (Affero General Public License)
- — A strong-copyleft license that treats network access (like a SaaS product users hit over HTTP) as distribution, obligating you to offer source to users—it catches service deployments that plain GPL misses. — (first defined in CMP-013)
- Aha-moment
- — The first time a user experiences the core value of your product—the moment that proves the app works for them. — (first defined in UX-005)
- AI coding agent
- — A system you point at a goal via a prompt or ticket that reads your codebase, proposes a plan, edits multiple files, runs commands and tests, and iterates until the goal is met. — (first defined in META-006)
- Alert threshold
- — A numerical value that triggers an alert when crossed, such as error rate exceeding 5% for several minutes or crash-free sessions dropping below 99%. — (first defined in OPS-001)
- Algorithmic non-discrimination
- — Systematic testing and verification that AI or ML ranking, recommendation, or decision-support features do not systematically disadvantage protected groups. — (first defined in ETH-002)
- All-in pricing
- — Displaying the total cost, including post-trial price and fees, at the same prominence as the advertised price before purchase. — (first defined in UX-011)
- Amortize
- — To spread a fixed cost across many units so the per-unit share shrinks as volume grows. — (first defined in FIN-001)
- Annex I (CRA essential requirements)
- — The 16 cybersecurity and resilience requirements all CRA products must meet, covering secure development, vulnerability handling, incident response, and more. — (first defined in SHIP-014)
- Annual Contract Value (ACV)
- — The yearly revenue from a single business customer, used to determine whether a deal justifies founder time or a full-time account executive. — (first defined in GTM-016)
- Anomaly detection
- — Machine-learning–based automated monitoring that flags unexpected spikes in cloud spending without manual thresholds. — (first defined in FIN-002)
- Anonymization
- — Irreversibly removing all identifying information so a person can no longer be re-identified, exempting the data from GDPR and privacy laws. — (first defined in PRV-002)
- ANR (Application Not Responding)
- — A state where the main thread is blocked for so long the OS shows a 'not responding' dialog to the user, tracked as a bad-behavior metric on Android. — (first defined in QA-011)
- Anti-persona
- — An explicit description of who the product is explicitly not being built for, used to kill off-target feature requests and scope creep. — (first defined in VAL-004)
- APNs (Apple Push Notification service)
- — Apple's gateway service for delivering push notifications to iOS devices using either certificate-based or token-based (JWT) authentication. — (first defined in MOB-006)
- APNs priority
- — A flag on push notifications controlling delivery timing: priority 10 for user-visible alerts (sent immediately) and priority 5 for silent background pushes (delivered at the OS's discretion). — (first defined in MOB-006)
- App Attest (iOS)
- — Apple's cryptographic verification that a request came from your genuine, unmodified app on a real device; verified server-side against Apple's keys and a server-issued nonce. — (first defined in MOB-019)
- App Bundle (AAB)
- — Android's delivery format that Google Play uses to generate per-device APKs; mandatory for new Play apps and automatically splits on architecture and screen density. — (first defined in MOB-017)
- App Clips
- — iOS install-free tryout (scan-to-act); separate binary with App Store limitations; real rival is a universal-link-to-web, which is often simpler. — (first defined in MOB-021)
- App Groups
- — iOS entitlement enabling app and extensions to share data via a common container (UserDefaults, files); required for widgets and share extensions to sync with the main app. — (first defined in MOB-021)
- App Intents
- — iOS framework exposing app actions to Siri and Apple Intelligence; the modern path (SiriKit is legacy) for voice/agent discoverability. — (first defined in MOB-021)
- App Links
- — Android deep links validated against an assetlinks.json file and the app's signing key fingerprints, allowing your app to claim specific URLs. — (first defined in MOB-007)
- App Review (Apple App Store Review)
- — The mandatory process Apple uses to inspect your app for policy compliance before allowing it to be sold or updated on the App Store. — (first defined in SHIP-008)
- App Sandbox (macOS)
- — A security constraint on Mac App Store apps that restricts filesystem access, helper processes, and system integrations compared to direct distribution. — (first defined in SHIP-009)
- App Slicing
- — iOS automatic mechanism that delivers per-device binaries with only the architectures and asset densities that device needs, reducing download size 20–40%. — (first defined in MOB-013)
- App Store Server API
- — Apple's server-side API for validating in-app purchases and subscriptions, querying transaction history, and managing subscriptions; the correct path instead of the deprecated
verifyReceipt. — (first defined in SHIP-007) - App Tracking Transparency (ATT)
- — Apple's iOS prompt and framework that requires prior user permission before an app can access the advertising identifier (IDFA) or track across apps. — (first defined in PRV-004)
- Appended Token (appAccountToken) / Obfuscated Account ID (obfuscatedAccountId)
- — Fields passed at purchase time to bind a transaction to the user's stable server user ID, enabling cross-device sync and family sharing. — (first defined in MOB-009)
- Approval rate
- — Percentage of escalated cases a reviewer approves; >95% sustained signals rubber-stamping and requires intervention. — (first defined in AI-018)
- App-store name availability
- — The uniqueness requirement within app stores (Apple App Store, Google Play, etc.); a distinct namespace from domain and trademark where collisions prevent mobile launch. — (first defined in VAL-009)
- ARB (Application Resource Bundle)
- — A JSON-based format for managing localized strings in Flutter apps, with support for ICU MessageFormat and type-safe code generation. — (first defined in MOB-012)
- Architectural Decision Record (ADR)
- — A documented record of a significant design choice, its rationale, alternatives considered, and consequences, kept in the repo for future context. — (first defined in META-004)
- ARIA (Accessible Rich Internet Applications)
- — A W3C specification providing semantic roles, states, and properties (via HTML attributes) to describe the purpose and state of custom UI widgets to screen readers. — (first defined in A11Y-003)
- ARPPU (Average Revenue Per Paying User)
- — Total revenue divided by the number of paying customers in a period, measuring revenue per customer rather than per install. — (first defined in GRO-001)
- ARPU (average revenue per user)
- — The average revenue generated from each active user over a defined period, used to compare monetization effectiveness across models. — (first defined in MON-001)
- Article 50 (EU AI Act)
- — Regulation requiring AI-generated content to be marked in machine-readable format and detectable as artificial, effective 2 August 2026. — (first defined in AI-015)
- ASC 606
- — The US accounting standard for revenue recognition that requires revenue from a performance obligation to be recognized as the obligation is satisfied, typically ratably over the service period for subscriptions. — (first defined in PAY-015)
- ASO (App Store Optimization)
- — The practice of making your app discoverable in store search and persuasive to convert users who land on your listing through metadata, keywords, visuals, and ratings. — (first defined in SHIP-001)
- Assistive technology
- — Tools used by people with disabilities to interact with digital products (e.g., screen readers, voice control, keyboard-navigation software); compliance requires testing against real AT. — (first defined in CMP-004)
- Assumptions log
- — A table tracking the 5–10 core bets the build depends on, with columns for the assumption, why you believe it, how you'll test it, and whether it's been validated. — (first defined in STR-007)
- Astroturfing
- — Creating the false appearance of grassroots support by using fake accounts, coordinated voting, or undisclosed promotional activity. — (first defined in GTM-005)
- Asymmetric ownership
- — A data model where each record has one authoritative writer (e.g., a task belongs to its author), so conflicts cannot occur on owned fields. — (first defined in XP-004)
- Async conflict (queued conflict review)
- — A pattern where conflicting edits are queued for later review rather than immediately surfaced as a modal, used when conflicts are rare and high-stakes. — (first defined in XP-004)
- At-least-once delivery
- — The guarantee that a message/webhook will be delivered at least one time, requiring idempotent handling by receivers. — (first defined in ARC-023)
- Attestation
- — Cryptographic proof that a passkey was created by a genuine device authenticator, not a forged credential. — (first defined in ARC-005)
- Attribution (post-privacy)
- — The process of linking a user conversion (install, signup, purchase) back to the marketing that caused it; shifted from deterministic per-user tracking to probabilistic, aggregated signals at the campaign level. — (first defined in GRO-008)
- Audit logging
- — Creating an immutable, append-only record of who accessed or changed personal data, when, and what action they performed. — (first defined in PRV-009)
- Audit trail / Audit log
- — An append-only record of who did what, when, and why — immutable proof for compliance and dispute resolution. — (first defined in BE-012)
- Authenticode
- — Microsoft's code-signing standard for Windows binaries using RSA + SHA-256 certificates, required for Smart App Control and trusted by the OS, separate from update-manifest signing. — (first defined in DSK-007)
- Auto Layout
- — A Figma feature that defines responsive container sizing and spacing rules, so components reflow correctly as content changes and can scale across breakpoints. — (first defined in UI-003)
- Autocapture
- — Automatic instrumentation of common interactions like clicks, pageviews, and form submits without manual event firing, reducing the need for a detailed tracking plan. — (first defined in ANL-002)
- Auto-renewable subscription (iOS)
- — An iOS in-app purchase that automatically renews at a set interval and duration; placed in a Subscription Group to prevent users from holding multiple tiers simultaneously. — (first defined in SHIP-007)
- Auto-renewal / negative-option marketing
- — A subscription or billing arrangement in which charges recur automatically on a schedule unless the consumer affirmatively cancels; heavily regulated by ROSCA, state auto-renewal laws, and EU/UK consumer law, triggering disclosure and easy-cancellation requirements. — (first defined in CMP-008)
- Autosave
- — Continuous, debounced writing of user edits to disk after each change so an uncontrolled crash loses only under a second of work. — (first defined in DSK-016)
- Autoscaling
- — Automatically adding or removing compute instances based on metrics (CPU, memory, or custom) to match demand without manual intervention. — (first defined in ARC-016)
- Auto-update enabled
- — A user setting that allows automatic installation of app updates; phased rollout percentages only count users with auto-update enabled, not all active users. — (first defined in LAU-001)
- Auto-updater / update mechanism
- — Software that periodically checks for new versions and automatically installs them, allowing you to push fixes without the user manually downloading. — (first defined in SHIP-009)
- axe-core
- — An open-source (MPL-2.0) automated accessibility testing engine that scans rendered DOM against WCAG rules, reliably catching roughly a third to half of real-world violations. — (first defined in A11Y-006)
B
- Backend-for-Frontend (BFF)
- — An architectural pattern that adds a thin adapter layer in front of a shared core backend to reshape the API for each client's unique needs, used when clients diverge without splitting the data model. — (first defined in META-002)
- Backup pin
- — A second SPKI pin (from a different key pair) included in the app from day one; allows emergency key rotation without bricking every installed copy. — (first defined in MOB-019)
- Backward compatibility
- — An app or API that continues to work with both old and new versions of another component without breaking existing consumers. — (first defined in ENV-007)
- Backward-compatibility testing
- — Validation that an app works with older OS versions and API versions that users still run, and that older app versions can call a new backend. — (first defined in TST-003)
- Backward-compatible API
- — An API change that allows existing clients built against an older version to continue working, so clients at different versions can coexist during a rollout. — (first defined in LAU-003)
- Baseline (performance baseline)
- — Measured normal values (p95 latency, crash-free rate, error rate, transaction success) from week-1 production or staging, used as the reference for detecting regressions. — (first defined in LAU-002)
- Batch API / batch processing
- — An asynchronous API tier that processes requests without real-time latency, offering ~50% discount on all tokens for overnight jobs, bulk classification, or any non-interactive work. — (first defined in AI-004)
- Batches API
- — An asynchronous endpoint for submitting multiple inference requests at 50% discount, completing within hours rather than sub-second. — (first defined in ARC-024)
- Bayesian priors
- — Initial probability distributions in Bayesian modeling that express prior knowledge or beliefs about a parameter, allowing models to behave acceptably with limited historical data when seeded from experimental results. — (first defined in GRO-010)
- Behavioral SCA (Software Composition Analysis)
- — A type of security scanning that analyzes what a software package actually does at install and runtime—such as network access, file-system access, or obfuscation—rather than just checking for known CVEs. — (first defined in SEC-005)
- Beta cohort
- — A segment of beta testers, typically marked by environment or version, allowing separate monitoring and alerting rules. — (first defined in TST-007)
- BGTaskScheduler
- — iOS background-task API for scheduling deferred work (database maintenance, sync) that runs when the OS decides; throttled by system power state, not guaranteed. — (first defined in MOB-017)
- Bidding (real-time bidding)
- — A mediation model where multiple ad networks submit simultaneous bids for an impression in an auction, selecting the highest-paying offer; superior to sequential waterfall. — (first defined in PAY-018)
- Bidi (bidirectional) text
- — Mixed-direction content (e.g., Latin name inside Arabic text) that requires proper unicode handling so the text renders coherently. — (first defined in QA-008)
- Billing anchor
- — The day of the month on which a subscription renews; keeping it 'unchanged' during migrations ensures the customer's renewal date stays the same even if the plan changes. — (first defined in PAY-020)
- Biome
- — A single Rust tool that replaces ESLint + Prettier by combining linting and formatting, with type-aware rules without requiring the TypeScript compiler. — (first defined in ENV-005)
- Biometric-gated storage
- — A secure storage configuration where the OS requires a biometric or device-credential check before releasing a stored value, adding an authentication gate at the storage layer. — (first defined in MOB-005)
- Blameless postmortem
- — A structured review of an incident focused on identifying failed systems and controls rather than assigning personal blame. — (first defined in SEC-012)
- Blast radius (of a stale fact)
- — The scope and severity of harm that results if an outdated external fact is used in a decision—e.g., a wrong commission rate breaks unit economics; a missed regulatory deadline causes legal exposure. — (first defined in META-005)
- Blind index
- — A technique for searching encrypted data by storing an HMAC (keyed hash) of the encrypted value in a separate indexed column, allowing lookups without decrypting the original value. — (first defined in SEC-002)
- Block (safety control)
- — A user-initiated action that cuts all contact between two accounts, preventing the blocked user from seeing, messaging, or interacting. — (first defined in UX-010)
- BNPL (Buy-now-pay-later)
- — A payment method that splits a purchase into installments (e.g., Klarna, Affirm), charging the merchant a fee instead of the customer. — (first defined in PAY-001)
- Bottleneck
- — A specific, measurable constraint that limits a company's growth or founder productivity—identifiable in one sentence with a number attached (e.g., 'support tickets unanswered for 3 days'). — (first defined in PPL-004)
- Bounce rate
- — The percentage of emails that permanently failed to deliver, usually because the address doesn't exist or the domain is invalid. — (first defined in BE-015)
- Bounded module
- — A logically isolated component (identity, entitlements, payments) with a clean interface, allowing future extraction without rewrite. — (first defined in ARC-025)
- Branch protection
- — A feature in version-control systems that enforces rules (such as required status checks or approvals) before code can be merged into a critical branch like main, preventing bypassing of security gates. — (first defined in SEC-004)
- Breach
- — An incident where personal data was or is reasonably believed to have been accessed, taken, or exposed, triggering regulatory notification obligations. — (first defined in SEC-012)
- Break-even (cash flow break-even)
- — The point at which monthly revenue equals monthly costs, so net cash flow turns non-negative and the cash balance stops declining; distinct from accounting profit break-even. — (first defined in GRO-013)
- Break-even MAU/price
- — The point where a product's total cost per user equals its revenue per user, indicating whether a pricing and cost combination is sustainable. — (first defined in FIN-001)
- Breaking change
- — An API or interface modification that causes existing client code to fail at compile time or runtime without updating the consumer. — (first defined in DOC-001)
- Brownfield vs. greenfield
- — Building on existing code or infrastructure (brownfield, higher upfront constraints) versus starting from scratch (greenfield, higher initial freedom). — (first defined in META-001)
- Browser contexts
- — Isolated, independent browser sessions within a single process that allow testing multiple concurrent users (e.g., two clients) without external orchestration. — (first defined in QA-002)
- Bug bounty program
- — A program that pays security researchers for discovering and responsibly reporting vulnerabilities in an application. — (first defined in SEC-011)
- Build number (versionCode / CFBundleVersion)
- — A monotonically increasing integer used by app stores to order releases; must only ever increase and never hand-edited, derived from git commit count or timestamps instead. — (first defined in SHIP-006)
- Burn (cash burn)
- — The net amount of cash (or negative cash flow) a company loses per month, calculated as costs minus revenue; determines runway by dividing available cash by monthly burn. — (first defined in GRO-013)
- Burn rate
- — The rate at which a company spends its cash reserves, typically measured in dollars per month. — (first defined in PPL-004)
- Burn-rate condition
- — An alert condition based on how fast your error budget is being consumed (at this rate, the monthly budget is gone in <N hours), rather than raw error-rate thresholds. — (first defined in OPS-001)
- Bus factor
- — The minimum number of people who would need to become unavailable (illness, departure, etc.) before a project becomes unmaintainable due to concentrated critical knowledge. — (first defined in DOC-005)
- Business model
- — The mechanism by how money flows through the product—one-time purchase, subscription, freemium, usage-based, ads, or marketplace—which shapes operations, compliance load, and retention incentives. — (first defined in STR-003)
C
- C2PA Content Credentials
- — A standard for embedding provenance metadata into digital media to disclose when content was created and whether it is AI-generated. — (first defined in ETH-004)
- CAC (customer acquisition cost)
- — The total cost (marketing, ads, sales effort) spent to acquire one paying customer. — (first defined in MON-001)
- Cache invalidation
- — Removing or refreshing stale data from a cache so clients see current values, a notoriously hard problem. — (first defined in ARC-009)
- Cache stampede (thundering herd)
- — A performance failure where a popular cached value expires under load, causing thousands of requests to simultaneously miss the cache and overwhelm the origin. — (first defined in BE-009)
- Cache-aside pattern
- — A caching strategy where the application checks the cache, and on a miss, fetches the value from the source and updates the cache. — (first defined in BE-009)
- Cache-control breakpoint
- — The point in a system prompt before which context must be byte-identical across requests to maintain cache hits. — (first defined in AI-016)
- Cache-hit ratio
- — The percentage of requests served from cache rather than the origin, a leading indicator for egress costs on media-heavy apps. — (first defined in FIN-002)
- Canary deployment
- — Deploying a new version to a small percentage of servers/traffic first to catch issues before rolling out to all traffic; similar to phased rollout but at the infrastructure layer. — (first defined in LAU-004)
- Canonical backend
- — The single authoritative server that stores the source of truth for user data, entitlements, and sessions across all clients. — (first defined in ARC-025)
- canRequestAds()
- — UMP's per-device gate returning whether a personalized ad request is permitted; the certified signal, not a hand-rolled boolean or backend entitlement record. — (first defined in MOB-023)
- Cap table (capitalization table)
- — A record of who owns what percentage of the company—the list of all shareholders, their equity stakes, and vesting schedules. — (first defined in PPL-002)
- Card sorting
- — A research method where users group content items to see how they naturally categorize them, validating your information architecture. — (first defined in UX-001)
- Card-account updater (network tokenization)
- — A card-network service that automatically refreshes expired or reissued card credentials at payment time, recovering ~25–35% of failed renewals without retries. — (first defined in OPS-009)
- Cash basis accounting
- — Recording business income when cash is actually received and expenses when they are actually paid, rather than when they are earned or incurred. — (first defined in FUND-002)
- CCPA (California Consumer Privacy Act)
- — A California state privacy law granting consumers opt-out rights for data sale/sharing and mandating annual privacy-policy updates, with penalties of $2,663–$7,988 per violation. — (first defined in LEG-002)
- CDN (content delivery network)
- — A global cache that serves static assets and optionally cached API responses from edge locations near users, reducing latency and egress costs. — (first defined in ARC-010)
- CE marking
- — A digital (for software) or physical mark indicating conformity with EU product-safety and consumer-protection regulations; under the Cyber Resilience Act, a self-declared attestation by default-class software. — (first defined in CMP-005)
- Certificate pinning
- — A technique where a mobile or desktop app stores a backup copy of the server's certificate or public key so that even if a Certificate Authority is compromised, the app can detect and reject a fraudulent certificate. — (first defined in SEC-002)
- Certificate Transparency (CT)
- — A public, append-only log system requiring all publicly-trusted certificates to be recorded, making rogue certificate issuance detectable. — (first defined in SEC-009)
- Chain of title
- — The documented proof that the company (not an individual or contractor) owns each piece of intellectual property, including all intermediate assignments and transfers from creator to company. — (first defined in PPL-003)
- Change-data-capture (CDC) pipeline
- — An ongoing system (like Debezium or a polling job) that detects and propagates database changes to a separate search index, keeping the two systems in sync. — (first defined in ARC-015)
- Changelog
- — A public, time-ordered record of what shipped in each release — including new features, fixes, breaking changes, and deprecations — organized by version. — (first defined in DOC-004)
- Channel allocation
- — The process of dividing marketing budget across performance channels (paid ads, affiliate, etc.) and brand channels (content, community) based on unit economics and ROI. — (first defined in GTM-013)
- Chargeback
- — When a customer disputes a charge with their bank and the bank reverses the payment, costing the merchant both the sale and a processing fee plus risk of account termination. — (first defined in QA-010)
- Chargeback ratio
- — The percentage of transactions that are disputed and finalized as chargebacks (chargebacks ÷ total transactions); crossing network thresholds (~0.5–1.5%) triggers fines, reserves, or account termination. — (first defined in PAY-012)
- Chromatic
- — A cloud service for visual regression testing integrated with Storybook, capturing and comparing component snapshots across browsers and flagging unexpected visual changes. — (first defined in UI-003)
- Chunking
- — The process of splitting documents into retrievable pieces (typically 500 tokens with 10-15% overlap) before embedding them for vector search. — (first defined in AI-008)
- Churn
- — The rate at which users stop using your app or cancel their subscription each period, expressed as a percentage. — (first defined in MON-001)
- Churn rate
- — The percentage of customers or subscribers who stop using or paying for a service in a given time period (e.g., monthly churn). — (first defined in FUND-004)
- CI gate
- — An automated checkpoint in a continuous integration pipeline that must pass before code can be merged or deployed, configured to block on test failures, coverage gaps, or security violations. — (first defined in QA-001)
- Circuit breaker
- — A per-user quota or rate limit in application code that halts a feature to prevent one user or loop from exhausting an API budget. — (first defined in FIN-001)
- Claims-made (insurance)
- — An insurance model where coverage applies only to claims filed while the policy is active, not claims for incidents that occurred during coverage; common in professional liability. — (first defined in LEG-004)
- Class 42 (trademark goods/services)
- — USPTO classification for software-as-a-service, cloud application services, and network-delivered software functionality. — (first defined in LEG-003)
- Class 9 (trademark goods/services)
- — USPTO classification for downloadable software, downloadable mobile apps, and other computer programs sold as goods. — (first defined in LEG-003)
- CLDR (Common Locale Data Repository)
- — A Unicode standard database encoding formatting conventions, plural rules, and locale data for 190+ countries that powers native formatter APIs like Intl, Foundation, and Android. — (first defined in I18N-004)
- ClickHouse
- — A columnar database optimized for analytical queries on large event streams, used by PostHog and other analytics tools as the storage backbone. — (first defined in ANL-003)
- Click-to-cancel
- — A consumer-protection requirement that canceling a subscription be as easy and fast as signing up: online, in roughly the same number of steps and medium, typically a single button or link; mandated by state auto-renewal laws and consumer-protection directives. — (first defined in MON-001)
- Cliff (vesting cliff)
- — The initial period (typically one year) during which no equity vests; after the cliff date, a lump portion of equity vests at once and the rest continues vesting gradually. — (first defined in PPL-002)
- CNAME cloaking
- — A technique to mask a tracking endpoint behind a custom subdomain to evade tracker-blocking browser protections, though modern privacy browsers can now detect it. — (first defined in ANL-008)
- Code signing
- — Digitally signing a compiled application binary with a certificate and private key so the OS and users can verify who built it and that it hasn't been tampered with. — (first defined in SEC-013)
- Code splitting
- — Dividing a JavaScript bundle into smaller chunks loaded on-demand (e.g., at a specific route) to reduce startup parse time and initial memory footprint. — (first defined in DSK-012)
- Code-native (process)
- — Processes and rules embedded in version-control artifacts (markdown, YAML) rather than external tools or wiki pages, so they travel with the codebase. — (first defined in SCA-003)
- CODEOWNERS
- — A Git file that routes pull requests to specific reviewers based on the paths changed, routing code to domain experts. — (first defined in ENV-010)
- Cohen's kappa
- — Inter-rater agreement statistic; ≥0.70 indicates substantial agreement between judge and human labels. — (first defined in AI-012)
- Cohort
- — A group of users bucketed by a shared attribute, most commonly the time period they first appeared (e.g., 'users who signed up in week 1'), used to compare behavior across groups. — (first defined in ANL-005)
- Cold start
- — The latency penalty when a serverless function invokes for the first time or after a period of inactivity, which must be load-tested separately from steady-state performance. — (first defined in QA-004)
- Cold-start latency
- — Initial startup delay on serverless functions before they can handle requests, making warm runtimes an advantage. — (first defined in ARC-008)
- Cold-to-hot send pattern
- — An email deliverability risk where a silent list suddenly receives a burst of campaigns, landing in spam folders. — (first defined in GTM-003)
- Color-blind-safe palette (or CVD-safe)
- — A color palette designed or tested so that information is never conveyed by color alone, and key distinctions survive simulation of red-green, blue-yellow, and full color-blindness. — (first defined in UI-010)
- Color-vision deficiency (CVD)
- — Inability to distinguish certain colors (commonly red-green); affects roughly 1 in 12 men and 1 in 200 women; requires that UI state be signaled by shape/icon/text in addition to color. — (first defined in A11Y-005)
- Comms gating
- — Making the volume of marketing traffic driven toward the app a function of infrastructure health — amplify only while metrics are green, hold or post a holding statement if red. — (first defined in LAU-004)
- Community presence
- — Showing up as a builder in places your target users congregate (Reddit, Discord, forums) to earn trust and gather feedback. — (first defined in GTM-005)
- Compare-and-set (CAS)
- — An atomic database operation that only updates a row if a specific version/condition is met, used to prevent lost writes on concurrent edits. — (first defined in XP-004)
- Competitive-alternative framing
- — Positioning your product against what the user does today (the status quo) rather than against named competitors. — (first defined in GTM-001)
- Complaint rate
- — The percentage of delivered emails that the recipient marked as spam — the highest-risk signal to mailbox provider reputation. — (first defined in BE-015)
- Compliance calendar
- — A documented table of dated OS and store-policy cliffs (SDK bumps, API floors, new requirements), with source URLs and refresh dates, serving as visibility and lead time. — (first defined in OPS-006)
- Component library
- — A collection of reusable, pre-built UI elements (buttons, inputs, modals) that consume design tokens and carry accessibility and state logic, so screens are composed rather than built from scratch. — (first defined in UI-003)
- Conditional UI
- — WebAuthn autofill that surfaces passkeys in the browser's credential picker instead of a modal, reducing enrollment friction. — (first defined in ARC-005)
- Confirmshaming
- — A deceptive UI pattern where the decline option uses negative language (e.g., 'No, I don't want to save money') to make rejection feel unpleasant or shameful. — (first defined in ETH-001)
- Conformance claim
- — A public statement asserting that your app meets a specific WCAG level; legally binding and distinct from your actual build target, so claims must be defensible and auditable. — (first defined in A11Y-001)
- Connection pool exhaustion
- — A state where all available database connections are in use and no new queries can execute, causing the backend to fail; prevented by scaling the pool and monitoring utilization. — (first defined in LAU-002)
- Connection pooling
- — A technique to reuse database connections across multiple requests, preventing connection-limit exhaustion that commonly breaks serverless + SQL database apps. — (first defined in QA-004)
- Consent gate
- — A code-level barrier that prevents a telemetry SDK from initializing until the user has explicitly consented, satisfying privacy regulations like the EU ePrivacy Directive. — (first defined in DSK-010)
- Consent logging
- — Recording which version of a privacy policy a user accepted, when, and through which interface; critical audit evidence for regulators and essential for re-consent workflows. — (first defined in LEG-002)
- Consent Mode v2
- — Google's GA4 feature that adjusts measurement based on user consent state, firing behavioral and conversion events only after appropriate consent is granted. — (first defined in ANL-008)
- Consent-management platform (CMP)
- — Software that captures, stores, and enforces user consent choices for tracking, analytics, and personalization across web and mobile surfaces. — (first defined in PRV-004)
- Consumer-driven contracts
- — A contract testing approach where each client explicitly states its expectations of the backend's API shape, and the backend verifies it can satisfy all clients' contracts. — (first defined in QA-002)
- Content rating questionnaire
- — A store-required form where developers answer whether their app contains violence, sexual content, profanity, loot boxes, user-generated content, or other sensitive material to determine age-appropriateness. — (first defined in SHIP-004)
- Content strategy
- — The practice of deciding what to say, when, in what voice, and ensuring copy stays consistent and localizeable. — (first defined in UX-006)
- Content-available push
- — A silent background push notification that wakes the app for background processing without showing a user-visible alert or badge. — (first defined in MOB-006)
- Continuous control monitoring
- — Automated, ongoing testing of security and compliance controls between audits, surfacing failures immediately instead of waiting for annual review. — (first defined in SCA-010)
- Continuous Delivery / Deployment (CD)
- — Automation that packages, signs, and deploys code to staging or production after CI passes. — (first defined in ENV-006)
- Continuous Native Generation (CNG)
- — A build process that automatically generates native iOS and Android project directories from your configuration files on demand, rather than requiring you to manually maintain them. — (first defined in MOB-001)
- Contract artifact (typed, versioned)
- — A published schema (OpenAPI, Protobuf, or shared types package) that both products compile against, so API drift becomes a build-time error. — (first defined in XP-006)
- Contract test
- — An integration test that exercises the real backend API to verify its response shape, catching schema drift before it reaches clients. — (first defined in ENV-012)
- Contract testing
- — Testing that verifies the API contract (request/response shape and behavior) between a client and backend stays compatible, catching when the backend drifts from what clients expect. — (first defined in QA-002)
- Contrast ratio
- — The mathematical measure of luminance difference between foreground and background colors; WCAG AA requires 4.5:1 for normal text and 3:1 for large text or UI components. — (first defined in A11Y-005)
- Contribution margin
- — The share of each revenue dollar remaining after direct costs like payment processing, store fees, and per-user infrastructure—the foundation for LTV calculations. — (first defined in GRO-001)
- Contribution margin ROAS (Return on Ad Spend)
- — Return on ad spend measured on gross profit rather than total revenue: revenue net of store commission, payment fees, refunds, trial drop-off, and cost of goods sold, divided by acquisition spend; the net-of-costs ROAS that reveals true profitability. — (first defined in GTM-013)
- Controller
- — The party that decides what personal data to collect and why; in a consumer app, you are the controller of user data. — (first defined in PRV-008)
- Conventional commits
- — A commit-message standard where subjects start with
feat:,fix:,refactor:, orBREAKING CHANGE:to automatically classify changes for changelog generation. — (first defined in SHIP-006) - Convergence (data sync)
- — The state where two or more clients agree on the canonical data after being offline and reconnecting. — (first defined in TST-011)
- Conversion funnel
- — A step-by-step map of user progression from install through signup, activation, trial/paywall, and paid, showing where users drop off. — (first defined in GRO-004)
- Conversion lift (statistical significance)
- — A measurable, statistically-significant improvement in conversion rate from a variant compared to control, typically requiring a minimum detectable effect and sample size to validate before shipping. — (first defined in GRO-012)
- Conversion-optimized landing page
- — A single-purpose web surface (1–3 screens) designed to move a visitor through exactly one action: install, sign up, trial, or join a waitlist. — (first defined in GTM-002)
- Conversions API (CAPI)
- — Meta's server-to-server API that sends purchase and conversion events from your backend so Meta sees post-install revenue. — (first defined in GTM-009)
- Conversion-value schema
- — The deliberately-designed mapping of SKAdNetwork fine values (0–63) or coarse values (low/medium/high) to business events (subscription active, purchase, trial), essential for mobile attribution. — (first defined in ANL-007)
- Coordinated disclosure
- — The practice of giving security researchers a private channel and an agreed timeline (typically 90 days) to report vulnerabilities before public disclosure, allowing time for fixes; also called responsible or vulnerability disclosure. The EU Cyber Resilience Act separately mandates a 24-hour early warning and 72-hour full notification. — (first defined in SEC-011)
- COPPA (Children's Online Privacy Protection Act)
- — US regulation requiring parental consent and data minimization for collecting personal data from children under 13. — (first defined in PRV-010)
- Copyleft / Strong copyleft
- — An open-source license that requires you to release your entire application's source code under the same license if you distribute a binary containing it—GPL-2.0 and GPL-3.0 are strong copyleft, AGPL-3.0 extends it to network access. — (first defined in CMP-013)
- Copyleft license
- — A software license that requires derivative works to be released under the same license (e.g., GPL), as opposed to permissive licenses like MIT or Apache. — (first defined in META-006)
- Core Web Vitals
- — Google's key page-speed and user-experience metrics: LCP (≤2.5s), CLS (<0.1), and INP (≤200ms). — (first defined in GTM-002)
- Cost-center tag
- — A label attached to cloud resources to allocate costs by team, product, or service, enabling accurate bill apportionment. — (first defined in FIN-002)
- Cost-of-error
- — The consequence if an AI decision is wrong; determines whether it requires human review before execution. — (first defined in AI-018)
- Cost-per-MAU
- — The total monthly cost to serve one active user, the key metric for pricing a product sustainably. — (first defined in FIN-001)
- Counter-metric
- — A secondary metric on the same dashboard as the north star that tracks the thing most likely to break as you optimize the primary goal, forcing visible tradeoffs. — (first defined in STR-002)
- Counter-positioning
- — A competitive strategy where you deliberately own a job or dimension that the incumbent ignores or avoids because it threatens their core business model. — (first defined in VAL-008)
- Coverage floor
- — A minimum code-coverage threshold (as a percentage of lines executed by tests) that a build must reach to pass a gate, never a ceiling target. — (first defined in QA-001)
- CPI (Cost Per Install)
- — The average cost to acquire one app install, calculated as total acquisition spend divided by installs; distinct from CAC which is cost per paying customer. — (first defined in GRO-007)
- CRA (EU Cyber Resilience Act)
- — A European regulation requiring manufacturers of digital products to follow a risk-based security approach, report vulnerabilities, and include an SBOM; main obligations bind from December 2027. — (first defined in SEC-006)
- Crash reporting / Crash reporter
- — An SDK (like Crashlytics or Sentry) that automatically captures crashes, stack traces, and device info from production users to enable debugging. — (first defined in SHIP-012)
- Crash-free rate
- — The percentage of sessions (or users) that did not end in a crash, a key retention and app-store ranking metric typically gated at ≥99.5%. — (first defined in QA-011)
- Crash-free sessions
- — A reliability metric measuring the percentage of user sessions that completed without an unhandled crash, a key SLI for mobile app quality. — (first defined in MOB-011)
- Crash-on-launch
- — A critical bug causing the app to crash immediately when opened, preventing any telemetry or monitoring signals from reaching your servers. — (first defined in SHIP-013)
- CRDT (Conflict-free Replicated Data Type)
- — A data structure designed for distributed systems where concurrent updates on different devices can be merged without a central authority, used for offline-first sync. — (first defined in META-001)
- Crisis brief
- — A one-page plan documenting who speaks, pre-approved talking points, and holding statements for responding to public incidents. — (first defined in GTM-006)
- CRO (Conversion Rate Optimization)
- — The discipline of testing and improving a web page or form to increase the percentage of visitors who complete the desired action. — (first defined in GTM-002)
- Cross-client identity
- — A unified account system where the same user sees consistent data and billing across multiple clients (e.g., mobile and desktop), verified before a coordinated launch. — (first defined in GTM-017)
- Cross-device sync
- — The synchronization of data between multiple clients (mobile and desktop) connected to the same backend, ensuring writes on one client become visible on the other within a specified latency window. — (first defined in QA-002)
- Cross-platform subscription layer (RevenueCat / Adapty)
- — A third-party service that unifies App Store, Google Play, and Stripe subscriptions into one source of truth; enables consistent subscription state and cancellation across mobile and desktop clients. — (first defined in CMP-008)
- Crypto-shredding
- — Encryption of user data under a per-user key; deleting the key makes recovery of the data cryptographically impossible without further access. — (first defined in PRV-005)
- CSAM (Child Sexual Abuse Material)
- — Child sexual abuse material—a strict-liability category where platforms must route to an NCMEC-authorized hash-matching provider, file a CyberTipline report, preserve (not copy) the content, and never notify the user. — (first defined in CMP-010)
- CSP (Content-Security-Policy)
- — A browser security header that restricts the sources from which the page can load scripts, styles, images, and other resources, providing a defense-in-depth layer against XSS. — (first defined in SEC-007)
- CUPED (controlled experiment using pre-experiment data)
- — A variance-reduction technique that uses pre-existing user data to remove noise and shrink required sample sizes by 30–50%. — (first defined in ITER-002)
- Custodial (cryptocurrency)
- — When a cryptocurrency platform holds or controls private keys and customer assets; triggers money-transmitter and exchange licensing, as opposed to non-custodial read-only trackers. — (first defined in CMP-001)
- Custom URL scheme
- — A simple deep-link format like
yourapp://screenthat the OS delivers to your app without cryptographic validation, vulnerable to spoofing and not recommended for production. — (first defined in MOB-007) - Customer Portal (Stripe billing)
- — A hosted, configurable page where subscription customers can manage their plan, update payment methods, and cancel; compliant click-to-cancel surface for direct/web billing. — (first defined in CMP-008)
- Customer-data platform (CDP)
- — A middleware that ingests events from clients and normalizes them once, then routes to many downstream destinations (analytics, email, CRM) by configuration rather than recoding each integration. — (first defined in ANL-003)
- Cut manifest
- — A living, version-controlled document (typically CUTS.md) that inventories every feature deferred, faked, skipped, or rebuilt, with reasons and timelines. — (first defined in META-004)
- CVE (Common Vulnerabilities and Exposures)
- — A publicly disclosed vulnerability in software that has been assigned a unique identifier and cataloged in a database for tracking and remediation. — (first defined in SEC-005)
- Cyber insurance
- — Coverage for breach forensics, user notification costs, regulatory fines, and third-party breach liability; typically the most expensive layer for data-handling apps. — (first defined in LEG-004)
- CycloneDX
- — A standard format for expressing an SBOM in JSON or XML, purpose-built for tracking software components and their vulnerabilities. — (first defined in SEC-006)
D
- D1, D7, D30, D90 retention
- — The percentage of users from a cohort still active 1, 7, 30, and 90 days after signup or first open, measured with a rolling time-based window. — (first defined in GRO-003)
- D30 retention (or D90)
- — The percentage of users who remain active 30 (or 90) days after first install; the key measure of whether a product can sustain recurring revenue. — (first defined in MON-001)
- Daily spend cap
- — A hard limit on the amount an ad campaign can spend in a single day, preventing misconfiguration from burning a week's budget in one day. — (first defined in GTM-013)
- Dark mode (or appearance theming)
- — The ability for an app to render in a dark color palette, either following the operating system's preference or user-selected override, without rebuilding the interface. — (first defined in UI-006)
- Dark pattern (deceptive design)
- — An interface choice that deliberately steers users into decisions they would not make if the screen were honest—like pre-checked consent boxes, buried "reject" buttons, hidden fees, or cancellation harder than signup. — (first defined in CMP-009)
- DAST (dynamic application security testing)
- — Automated security testing of a running application by sending malicious inputs over the network to find runtime flaws like injection attacks and misconfigured headers. — (first defined in SEC-008)
- Data gravity
- — A moat where switching to a competitor means re-entering or re-categorizing a large accreted dataset, creating stickiness as the user's data volume grows. — (first defined in VAL-008)
- Data integrity
- — Correctness of stored data — no silent corruption, failed writes, or sync conflicts; a launch gate because data loss is a silent failure that crashes and errors won't surface. — (first defined in LAU-001)
- Data inventory
- — A machine-readable, versioned list of every data category an app collects, its purpose, retention period, and third-party recipients. — (first defined in ETH-004)
- Data linkage (linked to identity)
- — Data that is connected to a user's account or persistent identifier; distinguished from tracking (cross-app profiling) in store privacy disclosures. — (first defined in SHIP-003)
- Data migration
- — The process of transforming and moving data to fit a new schema or structure when the database layout changes, must be reversible and safe. — (first defined in QA-006)
- Data minimization
- — The principle and practice of collecting only the personal data that is adequate, relevant, and necessary for a stated purpose, and no more. — (first defined in PRV-002)
- Data Privacy Framework (DPF)
- — An EU–US adequacy mechanism adopted in 2023 that allows personal data to flow from the EU to certified US organizations without requiring additional contractual safeguards. — (first defined in PRV-007)
- Data Processing Agreement (DPA)
- — A binding contract between a controller and a processor that specifies the lawful terms of personal-data processing and the processor's obligations. — (first defined in PRV-008)
- Data Protection Impact Assessment (DPIA)
- — A mandatory impact analysis required before processing large-scale or sensitive personal data, assessing risks and mitigation measures. — (first defined in PRV-009)
- Data residency
- — A regulatory requirement that personal data be stored and processed within a specific geographic region (e.g., EU, China) and not transferred out. — (first defined in SCA-005)
- Data Safety form (Android)
- — Google Play's required disclosure questionnaire declaring what data your app collects, how it's used (analytics, ads, etc.), security practices, and retention periods; mismatches between the form and actual app behavior trigger rejections and enforcement. — (first defined in CMP-014)
- Data subject access request (DSAR)
- — A user's legal right under GDPR and CCPA to request all data a company holds about them, requiring the company to fulfill it within 30 days. — (first defined in QA-007)
- Data warehouse
- — A centralized repository that stores raw events and business records (revenue, support, subscription state) for analysis and BI, distinct from product-analytics SaaS. — (first defined in ITER-009)
- Database branching
- — A feature (in Neon, Supabase) that creates instant, isolated copy-on-write clones of a database for per-environment or per-PR testing. — (first defined in ENV-007)
- DAU (Daily Active Users)
- — The count of unique users who opened or performed a qualifying action on a given day, the standard engagement metric for habit-forming products. — (first defined in GRO-004)
- Day-1 cliff
- — The drop-off from day-0 (signup) to day-1 retention; a steep cliff points to onboarding problems, a flat cliff with later drops points to product value problems. — (first defined in ITER-003)
- Day-1/Day-7/Day-30 retention
- — The percentage of users who return and open an app one day, seven days, and thirty days after installing it; critical signals that app stores now weight as primary ranking factors. — (first defined in SHIP-001)
- Day-N retention (D7, D30)
- — The percentage of users who were active on a specific day (day 7 or day 30 after signup) who return to perform an action within that measured period, showing whether users find lasting value. — (first defined in STR-002)
- dbt (data build tool)
- — A version-controlled SQL templating and testing framework that transforms raw events into modeled tables for analytics, enabling repeatable and auditable data pipelines. — (first defined in ANL-004)
- Dead-letter queue (DLQ)
- — A separate holding queue for messages that failed all retry attempts, so they can be inspected and recovered later without blocking the main queue. — (first defined in BE-011)
- Decision log
- — A Markdown document that records fork-shaped decisions (choices that change system architecture or product direction), their alternatives, reasoning, and what would flip the decision. — (first defined in PPL-005)
- Declaration of Conformity (DoC)
- — A signed legal statement attesting that your product meets the essential requirements of the EU Cyber Resilience Act and relevant harmonised standards. — (first defined in SHIP-014)
- Declared Age Range API (Apple)
- — An iOS API that returns a user's coarse age bracket (under-13 / teen / adult) derived from App Store account data, without collecting or storing an exact birthdate; designed to satisfy US state App Store Accountability Act requirements. — (first defined in CMP-007)
- Decoy effect
- — A pricing psychology principle where the middle tier of three options attracts the most upgrades because it appears to be the sensible compromise between cheap and expensive. — (first defined in STR-004)
- Dedup / Deduplication
- — Ensuring the same event or request is never processed twice by checking a unique identifier (such as an idempotency key) before applying the change; if already processed, the server returns the cached result instead of re-applying the mutation. — (first defined in BE-018)
- Dedup key (deduplication key)
- — A unique identifier (e.g., provider event ID, fingerprint) used to detect and suppress duplicate processing of the same event. — (first defined in BE-011)
- Deep linking
- — A URL path that routes directly to a specific screen with its data pre-loaded, enabling app sharing and bookmarking. — (first defined in UX-001)
- Deep-link attribution
- — Technology that preserves referral identity across app-store install boundaries by encoding a payload in a shared link that survives the install and identifies the referrer. — (first defined in GRO-011)
- Defer (feature disposition)
- — A marked decision to postpone a feature to a later release cycle on the same code path and backend, documenting the deferral in code comments and a cut manifest. — (first defined in META-004)
- Deferred deep linking
- — The technical approach of embedding referral data in a link such that even if the user is not already in the app, the payload survives the install and identifies the referrer. — (first defined in GRO-011)
- Deferred revenue
- — Cash received for future services (e.g., annual subscription upfront); a liability until the service is delivered, at which point it becomes recognized revenue. — (first defined in SCA-004)
- Deflection
- — The practice of reducing support volume by having users self-serve answers through a help center or search instead of contacting support directly. — (first defined in DOC-004)
- Deletion log
- — An append-only record of every erasure event (user, table, timestamp, reason), used to prove compliance and replay on backup restore. — (first defined in ARC-021)
- Delta updates
- — Only downloading and applying the bytes that changed between versions, reducing bandwidth and update time. — (first defined in ARC-007)
- Demand-capture channel
- — A paid advertising channel that reaches people already searching for a solution (e.g., Apple Search Ads, Google Search). — (first defined in GTM-009)
- Demand-creation channel
- — A paid advertising channel that reaches people who don't yet know they need your product (e.g., Meta, TikTok). — (first defined in GTM-009)
- Demand-validation method
- — A lightweight test designed to measure willingness to act (not just willingness to say nice things) before building the full product. — (first defined in VAL-006)
- Demo account
- — A pre-loaded test account you provide to app reviewers so they can navigate your app's core features without requiring live registration. — (first defined in SHIP-008)
- Denial-of-wallet
- — Abuse where an authenticated attacker uses a legitimate account to exhaust credits or incur high costs (e.g., running up an AI inference bill). — (first defined in ARC-022)
- Dependabot
- — GitHub's built-in tool that automatically opens pull requests to update dependencies when new versions are released or vulnerabilities are discovered. — (first defined in SEC-005)
- Deployer vs. provider (Art. 25)
- — EU AI Act role split: you (deployer) build the system using a vendor's model (provider); you owe a model card for your deployment. — (first defined in AI-019)
- Design tokens
- — Named design decisions (color values, spacing units, font sizes) stored as reusable data in code that serves as the single source of truth for visual consistency across all platforms. — (first defined in UI-003)
- Destination charge
- — A Stripe payment method where the charge is created on the platform account with a transfer_data.destination routing the seller's share directly to their connected account; the platform is the merchant of record. — (first defined in PAY-017)
- Detection latency
- — The time delay between when a bug or anomaly occurs in production and when monitoring systems alert the team; near-real-time (minutes) vs. lagging aggregates (hours) is critical at launch. — (first defined in LAU-003)
- Determinism (in tests)
- — The property that running a test multiple times produces the same result, not dependent on random data, clock, or timing. — (first defined in ENV-012)
- Deterministic attribution
- — Attribution that links individual user clicks to conversions with certainty (e.g., 'this user clicked this ad and installed'), as opposed to probabilistic or aggregate attribution. — (first defined in GRO-008)
- Deterministic conflict testing
- — Testing sync conflict resolution with injected time and delivery order as inputs, rather than racing wall-clock timing, to eliminate flake. — (first defined in XP-005)
- Deterministic gate (CI gate)
- — An automated checklist in continuous integration (tests, type-checking, linting, SAST, dependency scanning) that must pass before a human reviews any code, acting as a surrogate reviewer. — (first defined in META-006)
- Dev Mode (Figma)
- — A Figma feature that exposes design specifications, component mappings, and code snippets to developers and AI agents, enabling structured design-to-code handoff. — (first defined in UI-009)
- Developer ID (macOS)
- — Apple's credential for signing and distributing macOS apps outside the App Store, bundled with the Developer Program membership. — (first defined in SHIP-009)
- Developer ID Application (macOS)
- — A signing certificate used to sign and notarize desktop macOS apps distributed outside the Mac App Store, proving identity to Gatekeeper. — (first defined in SHIP-005)
- Development build
- — A custom build of your app containing your native dependencies, distinct from Expo Go which only runs JavaScript against a pre-built SDK. — (first defined in MOB-001)
- Device attestation
- — Hardware-backed verification by the OS that an app and device are genuine, verified server-side without relying on client-side checks. — (first defined in SEC-009)
- Device farm
- — A cloud service that rents physical or virtual mobile devices by the minute or subscription, runs tests remotely, and returns logs and video without the builder maintaining hardware. — (first defined in QA-003)
- Device integrity
- — A platform-verified claim that the device is authentic (not emulated/rooted); Play Integrity returns labels like
MEETS_DEVICE_INTEGRITYandMEETS_STRONG_INTEGRITY. — (first defined in MOB-019) - Device pixel ratio (DPR)
- — The scaling factor converting logical CSS pixels to physical pixels on the display; 1.0 for standard displays, 2.0 or higher for Retina and high-DPI screens. — (first defined in DSK-012)
- Device token
- — An opaque per-installation identifier issued by Apple Push Notification service (APNs) or Firebase Cloud Messaging (FCM) that uniquely addresses a device for push delivery. — (first defined in MOB-006)
- Diff coverage
- — A code coverage metric that measures test coverage only for lines changed in a pull request, rather than the entire codebase, to ensure new code is adequately tested. — (first defined in TST-001)
- Differentiation
- — Your day-one reason to be chosen over alternatives, including 'do nothing'; the specific dimension where you are demonstrably better for one specific user. — (first defined in VAL-008)
- Digital consent age (GDPR Article 8)
- — The age below which a child cannot give lawful consent to data processing under GDPR; member states set it between 13 and 16, requiring parental consent for younger users. — (first defined in CMP-002)
- Diligence (due diligence)
- — The background investigation and verification process a buyer or investor conducts before committing money, including review of IP ownership, contracts, and legal compliance. — (first defined in PPL-003)
- Dilution (equity)
- — The reduction in a founder's ownership percentage when new equity is issued to investors or employees. — (first defined in FUND-005)
- Diminishing returns
- — The declining efficiency of each successive dollar spent on a channel as audience saturation, creative fatigue, and auction competition increase the cost per install. — (first defined in GRO-007)
- Direct competitors
- — Products that solve the same job for the same user with the same positioning and price band. — (first defined in VAL-003)
- Disparate impact
- — A policy or system that produces unequal outcomes for protected groups regardless of whether discrimination was intended, making it potentially unlawful. — (first defined in ETH-002)
- Dispute
- — When a customer's bank reverses a charge on the customer's initiative, pulling back funds and notifying the processor before the chargeback is finalized. — (first defined in PAY-012)
- Dispute rate (or chargeback rate)
- — The percentage of charges that are disputed with the card network; payment processors monitor this, and high rates can trigger penalties or account termination. — (first defined in ITER-005)
- Distillation
- — A technique where a smaller 'student' model learns to mimic a larger 'teacher' model's behavior on synthetic examples, reducing inference cost and latency. — (first defined in AI-010)
- Distributed tracing
- — Following a single request's path across multiple services to identify where latency or failures occur. — (first defined in ARC-019)
- Distribution advantage
- — An existing credible channel or audience—a niche podcast, relevant prior title, warm supplier network, or owned email list—that lets you reach target users without cold outreach. — (first defined in VAL-010)
- DKIM (DomainKeys Identified Mail)
- — A protocol that cryptographically signs outgoing emails so receivers can verify the sender actually owns the domain and the message wasn't tampered with. — (first defined in BE-015)
- DMA (Digital Markets Act)
- — EU regulation that requires Apple and Google to allow steering (link-outs to external purchase mechanisms) and alternative app stores in the EU, reducing their commission—also introduces compliance traps around disclosure and link-out mechanics. — (first defined in CMP-014)
- DMARC (Domain-based Message Authentication, Reporting and Conformance)
- — A policy you publish in DNS that tells mailbox providers what to do with emails that fail SPF or DKIM checks and where to send reports about failures. — (first defined in BE-015)
- DMCA safe harbor
- — A conditional legal shield in US law that protects platforms from liability for user-uploaded copyright infringement, provided they register a designated agent, implement a repeat-infringer termination policy, and respond to takedown notices. — (first defined in CMP-010)
- Docker Compose
- — A tool for defining and running multiple stateful services (databases, caches) as containers in a single configuration, isolated from the client code. — (first defined in ENV-003)
- Docker image
- — A portable, reproducible snapshot of an application including code, dependencies, runtime, and OS-level packages. — (first defined in ENV-011)
- Dockerfile
- — A text file that describes how to build a Docker image: the base image, dependencies, and commands to run the application. — (first defined in ENV-011)
- Domain knowledge
- — Experiential understanding of a domain that lets you see the unsexy gaps insiders have normalized; the ability to name problems that cannot be solved and solutions already tried. — (first defined in VAL-010)
- Double opt-in
- — A consent flow where a user signs up and then confirms via a follow-up email click, keeping email lists clean and GDPR-compliant. — (first defined in GTM-003)
- DRI (directly responsible individual)
- — The single named owner of a task or decision who is accountable for its completion and must escalate or inform others. — (first defined in FIN-005)
- Drift
- — Quality degradation in production caused by model updates, user-behavior shifts, retrieval staleness, or cost increases. — (first defined in AI-017)
- Drift detection
- — A check that compares declared infrastructure (code) to actual infrastructure (cloud console), catching manual changes that code doesn't reflect. — (first defined in ENV-011)
- Drip pricing
- — A deceptive practice of revealing fees gradually during checkout, hiding the full cost until the final confirmation step. — (first defined in ETH-001)
- Dry-wallet test
- — A real-money smoke test where you wire a genuine Stripe checkout that captures a card and either authorizes-and-refunds or collects a small refundable deposit to measure revealed WTP. — (first defined in VAL-007)
- dSYM (Debug Symbol Mapping)
- — An iOS build artifact containing symbol information needed to symbolicate crashes, must be uploaded to crash-reporting services at release time. — (first defined in MOB-011)
- DTCG (Design Tokens Community Group format)
- — The W3C-standardized JSON format for defining design tokens (colors, spacing, typography) in a portable, platform-agnostic way that tools can read and transform. — (first defined in UI-003)
- Dunning
- — The process of automatically retrying failed subscription payments and reminding users to update payment information before canceling their account; retry windows and counts are bounded by card-network rules and state law. — (first defined in MON-001)
- D-U-N-S number
- — A unique nine-digit business identifier issued by Dun & Bradstreet, required for app store organization accounts and potentially taking up to 30 business days to obtain. — (first defined in LEG-001)
- Durable mutation queue
- — A SQLite-persisted table of mutations (POST/PUT/DELETE) waiting to send; survives force-quit and reboot so offline work is never lost. — (first defined in MOB-018)
- Durable sink
- — Indexed database (SQLite, DuckDB, or server DB) for storing traces queryably, not a flat JSONL that re-scans on every query. — (first defined in AI-017)
- Dynamic Island
- — Apple's adaptive status region on iPhone 14 Pro and later that displays notifications and live activity; handled via safe-area insets like a traditional notch. — (first defined in MOB-013)
- Dynamic Type
- — Apple's OS-level text scaling system that allows users to enlarge text across apps without developer intervention, for low vision and readability. — (first defined in A11Y-004)
E
- EAS Update
- — Expo's OTA (over-the-air) service that ships JS/asset diffs without a store release; reduces iteration latency but does not shrink the first install. — (first defined in MOB-017)
- ECCN (Export Control Classification Number)
- — A seven-character code (e.g., 5D992.c) assigned by the US Department of Commerce that categorizes a controlled item—5D992.c is "mass-market encryption software" and is the classification most consumer apps qualify for. — (first defined in CMP-012)
- Economic nexus
- — A threshold (e.g., $100k in sales or 200 transactions in a US state) above which a remote seller must register for and remit sales tax in that jurisdiction, regardless of physical presence. — (first defined in PAY-014)
- eCPM (Effective Cost Per Mille)
- — The effective revenue earned per 1,000 ad impressions; the standard metric for comparing ad-network performance across formats and geographies. — (first defined in PAY-018)
- EdDSA (Edwards-Curve Digital Signature Algorithm)
- — A public-key signature scheme used by desktop updaters (Tauri, Sparkle) to sign update manifests, different from the RSA Authenticode that signs the binary itself. — (first defined in DSK-007)
- Edge-to-edge (Android 15)
- — Android 15+ enforcement that lays out apps edge-to-edge by default; developers must consume WindowInsets explicitly to keep content out of system bars. — (first defined in MOB-013)
- Editorial featuring
- — Human-curated placement on app-store homepage or featured collections (e.g. Apple Today tab, Google Editors' Choice), decided weeks in advance and separate from algorithmic charts. — (first defined in GTM-014)
- Egress
- — Data leaving a provider's network toward users or other services, typically charged per gigabyte and a frequent source of surprise costs. — (first defined in FIN-001)
- Egress cost
- — The charge imposed by a cloud provider for data leaving their infrastructure toward the internet or other regions. — (first defined in BE-007)
- Elasticity (channel elasticity)
- — A measure of how sensitive an outcome (revenue, installs) is to changes in a marketing input (spend); expressed as percentage change in outcome per 1% change in input. — (first defined in GRO-010)
- Embargo
- — An agreement where a journalist receives news early in exchange for agreeing not to publish until a specified time, allowing coordinated coverage. — (first defined in GTM-006)
- Embedding model
- — A model that converts text into vectors (arrays of numbers) where similar text produces similar vectors, enabling semantic similarity search without calling a large language model. — (first defined in AI-008)
- EN 301 549
- — The EU's harmonized accessibility standard for ICT products and services, referenced by the European Accessibility Act (EAA) as the technical conformance baseline. — (first defined in A11Y-001)
- Encryption at rest
- — The practice of encrypting data stored on disk—such as in a database or on a user's device—so that stealing the disk or device yields only ciphertext, not readable information. — (first defined in SEC-002)
- Endogeneity (reverse causality)
- — A statistical bias where you spend more on channels that already look successful (because they are driving demand), making it impossible to disentangle whether spend caused the success or success justified the spend. — (first defined in GRO-010)
- End-to-end (E2E) tests
- — Tests that drive the real app like a user would—through a real browser or device—to prove the assembled product actually works as intended from user perspective. — (first defined in QA-001)
- Enhanced Tracking Protection (ETP)
- — Firefox's default privacy feature (since 2019) that blocks third-party cookies and known trackers. — (first defined in ANL-008)
- Entitlement (subscription/purchase record)
- — A server-side record of which features or tiers a user has paid for or subscribed to, verified on the backend and kept consistent across payment processors and client platforms. — (first defined in STR-004)
- Entitlement sync (remove-ads purchase)
- — Server-side state ensuring a 'remove ads' purchase on one client disables ads on the other [A] client; gates ad requests on
canServeAds() && user.adFreeUntil > now(). — (first defined in MOB-023) - Entitlement/receipt fraud
- — A type of attack where a user falsely claims to have paid for or be eligible for a premium feature, either by forging a receipt or lying about having a valid payment. — (first defined in SEC-001)
- Envelope encryption
- — A pattern where data is encrypted with a short-lived data key, and that data key is then encrypted with a long-lived key-encryption key, allowing rotation of the long-lived key without re-encrypting all data. — (first defined in SEC-002)
- Environment drift
- — A situation where different machines (developer laptops, CI, production) run different tool or dependency versions, causing 'works on my machine' failures. — (first defined in ENV-003)
- Ephemeral backend (in CI)
- — A real application instance booted fresh per test run using Docker Compose, then torn down, to give test fidelity without standing staging infrastructure. — (first defined in XP-005)
- Ephemeral environment
- — A temporary, isolated database or backend instance created per test run and destroyed afterward, ensuring clean state. — (first defined in TST-011)
- Ephemeral permission grant
- — A one-time access grant that the user can give for a single operation (e.g., allow camera once), after which the app must request again on next use. — (first defined in MOB-008)
- ePrivacy Directive
- — The EU rule (Article 5(3), the basis of cookie consent) requiring prior consent before storing or accessing any information on a user's device (cookies, localStorage, device identifiers, mobile analytics SDKs) unless strictly necessary to provide the requested service; applies to apps as well as websites, regardless of whether you own or share the data. — (first defined in PRV-003)
- EPSS (Exploit Prediction Scoring System)
- — A probabilistic metric predicting the likelihood a CVE will be exploited in the next 30 days, used alongside CVSS to prioritize patching. — (first defined in OPS-007)
- Erasure (right to be forgotten)
- — A user's legal right under GDPR to request deletion of their personal data, requiring the controller to remove or anonymize it without undue delay. — (first defined in PRV-005)
- Error budget
- — The inverse of an SLO expressed as allowable downtime—at 99.5% availability it permits ~3.6 hours per month. — (first defined in ARC-019)
- Error rate
- — The percentage of backend requests that return an error (5xx status code); a signal of backend health and a trigger threshold during launch monitoring. — (first defined in LAU-002)
- Errors & Omissions (E&O) insurance
- — Professional-liability coverage for claims-based losses from bad advice, features, or decisions users relied on; for AI apps moved into day-one stack due to hallucination risk. — (first defined in LEG-004)
- Escalation
- — Deterministic routing of AI outputs to human review based on category, reversibility, or policy breach. — (first defined in AI-018)
- Escrow
- — The practice of holding buyer funds in a separate account for a window before paying the seller, allowing time for refunds, disputes, and fraud to resolve before final settlement. — (first defined in PAY-017)
- ESLint
- — A JavaScript/TypeScript linter that finds bugs and enforces patterns; uses plugins to extend its ruleset beyond core. — (first defined in ENV-005)
- Essential cybersecurity requirements (CRA Annex I)
- — The core security design obligations under the Cyber Resilience Act: secure-by-default design, encryption in transit and at rest, least-privilege access, no hardcoded secrets, and incident response. — (first defined in CMP-005)
- European Accessibility Act (EAA)
- — EU Directive 2019/882 enforced from 28 June 2025, requiring consumer-facing products and services to meet accessibility standards (EN 301 549 / WCAG AA), with limited transition periods and a microenterprise exemption. — (first defined in A11Y-001)
- EV certificate (Extended Validation code-signing certificate)
- — A premium code-signing certificate requiring identity verification and HSM custody, historically granting immediate Windows SmartScreen reputation. — (first defined in SHIP-009)
- Eval drift (evaluation drift)
- — A degradation in AI feature quality over time, detected when pass-rate on a golden set of test cases drops below baseline. — (first defined in OPS-010)
- Event loop
- — The mechanism in single-threaded runtimes (Node.js, Python async) that interleaves multiple I/O operations without blocking. — (first defined in ARC-008)
- Event Match Quality (EMQ)
- — A platform metric (particularly in Meta Conversions API) indicating how reliably user events sent server-to-server are matched to real platform users; low EMQ makes incrementality tests unreliable. — (first defined in GRO-008)
- Event-triggered sending
- — Dispatching a message in response to a user action or state change (e.g., signup, inactivity) rather than on a fixed calendar schedule. — (first defined in GTM-011)
- Eventual consistency (in sync)
- — A sync model where changes propagate asynchronously across devices and may temporarily show different values, but eventually converge to the same state. — (first defined in META-001)
- Excessive Agency (LLM06)
- — The risk that an AI agent takes unintended or irreversible actions (OWASP LLM vulnerability category). — (first defined in AI-013)
- Exit rule
- — A pre-defined threshold that determines when a soft launch is complete, based on sample size, metric stability over time, and absence of critical bugs — not a calendar date. — (first defined in LAU-001)
- Expand-contract migration
- — A database migration pattern where you add a new column/table alongside the old one (expand phase), migrate data, update code to use the new structure, then remove the old one (contract phase). — (first defined in META-004)
- Expo SQLite
- — A bundled SQLite database API provided with the Expo SDK that uses a synchronous interface and is versioned with the SDK for clean upgrades. — (first defined in MOB-004)
- Exponential backoff
- — A retry strategy that waits 2^n seconds between retries, starting small and increasing to avoid overwhelming a recovering system. — (first defined in ARC-001)
- Exponential backoff with full jitter
- — A retry strategy where wait times grow exponentially (1s, 2s, 4s...) and include randomization across the full range to desynchronize retries across many clients and prevent thundering herd. — (first defined in ARC-014)
- Export Administration Regulations (EAR)
- — US federal rules governing the export of controlled items including encryption; they require self-classification of encryption products under an ECCN and, for certain classes, annual reporting to BIS and NSA. — (first defined in CMP-012)
- Express account (Stripe Connect)
- — A Stripe-hosted seller account type where the platform controls payout timing, holds, and reserves; used for marketplace escrow and dispute protection. — (first defined in PAY-017)
F
- Fail-closed / fail-open
- — Fail-closed: when a check or validation cannot complete, deny access; the safer default for security enforcement. Fail-open: allow access when the check fails; appropriate for non-critical nudges like deprecation warnings but dangerous for security gates. The right strategy depends on severity and the user's network state. — (first defined in MOB-014)
- Fail-open vs. fail-closed
- — Explicit choice: return unverified output if classifier/moderation fails (fail-open for UX) or block it (fail-closed for safety). — (first defined in AI-013)
- Fair use
- — Legal doctrine permitting limited use of copyrighted works for transformative purposes; applied inconsistently to AI training and not a substitute for licensing. — (first defined in AI-011)
- Fairness gap
- — A consistent difference in output quality, refusal rate, or tone when only demographic markers change. — (first defined in AI-019)
- Fake (feature disposition)
- — A UI shell or stub endpoint that exists but whose business logic is not wired, marked to signal incompleteness and carry risk of app-store rejection if the stub is discovered. — (first defined in META-004)
- Fake.js / Faker
- — A library that generates realistic but deterministic fake data for tests and seed scripts. — (first defined in ENV-012)
- Fake-door test
- — A software-native paywall validation where you build a thin shell of core value with a real purchase decision point and measure tap-through to the native purchase sheet. — (first defined in VAL-006)
- Fallback (degraded path)
- — A cheaper/faster model, cached prior answer, or honest error shown when inference times out or fails; must be labeled so the user knows it's downgraded. — (first defined in MOB-020)
- Fallback chain
- — An ordered list of locales the app tries in sequence when a translation is missing—e.g., requested locale → language without region → English—so users never see a raw key or blank. — (first defined in I18N-001)
- Family sharing / Family account (platform)
- — Native family-account systems (Apple Family Sharing, Google Family Link, Microsoft Family Safety) that link parent and child accounts, can mediate consent and access controls across devices, and allow eligible family members to share in-app purchases. — (first defined in CMP-007)
- Fastlane (snapshot / screengrab / deliver / supply)
- — A free automation toolkit for capturing localized screenshots across devices and locales, and uploading them to App Stores, driven by real simulator/emulator runs. — (first defined in UI-008)
- Fastlane Match
- — A Fastlane tool that stores code-signing certificates and provisioning profiles encrypted in a separate Git repo, synced to CI runners. — (first defined in ENV-006)
- FCM (Firebase Cloud Messaging)
- — Google's service for delivering push notifications to Android devices via the Google Play Services infrastructure. — (first defined in MOB-006)
- Feature branch
- — A short-lived Git branch created from main to develop a feature or fix in isolation, merged back via pull request. — (first defined in ENV-010)
- Feature flag
- — A configuration that decouples code deploy from release, allowing features to ship in an 'off' state and be toggled on later without redeployment. — (first defined in ANL-006)
- Feature parity
- — The goal of keeping two client implementations in sync with the same feature set and behavior, requiring deliberate governance in [A] topologies to prevent drift. — (first defined in META-002)
- File-based routing
- — A routing pattern where creating a file in a designated directory automatically registers a route, eliminating the need for a central route registry. — (first defined in MOB-002)
- Fill rate
- — Percentage of ad requests that return an ad (vs. no-fill); the key metric for catching silent failures; should be monitored separately from crash-free rate. — (first defined in MOB-023)
- Fine-tuning
- — Retraining a base model on your own labeled data to change its behavior (tone, format, domain knowledge) or to enable a smaller model to match a larger one's quality. — (first defined in AI-010)
- Firebase Crashlytics
- — A free crash-reporting service bundled with Firebase that auto-symbolicates native crashes, captures ANRs on Android, and stores crashes offline. — (first defined in MOB-011)
- First-party analytics
- — Behavioral measurement where the analytics script and ingest endpoint run under your own domain (served via reverse proxy), making requests genuinely first-party rather than calls to a third-party tracker host. — (first defined in ANL-008)
- First-party event tracking
- — Server-side logging of user events (installs, purchases, retention milestones) keyed to an account ID you control, creating a deterministic, privacy-proof record independent of platform attribution. — (first defined in GRO-008)
- Flake (test flake)
- — A test that passes and fails randomly under the same conditions, usually due to timing races or non-deterministic behavior. — (first defined in TST-001)
- Flaky test
- — A test that fails intermittently or unpredictably due to timing races, shared state, or non-deterministic behavior, rather than from a real bug in the code. — (first defined in QA-001)
- Flip criterion
- — A specific, quantified statement written in advance that describes a competitive event that would change your roadmap or strategy if it occurs. — (first defined in VAL-003)
- Focus management
- — The practice of controlling which UI element receives keyboard/screen-reader attention and ensuring focus order matches visual and logical flow. — (first defined in A11Y-002)
- Focus trap
- — A modal or dialog that traps keyboard focus within its bounds so Tab/Shift+Tab does not escape until the dialog closes; required for WCAG conformance. — (first defined in A11Y-004)
- Foldable
- — A mobile device (Samsung Galaxy Z Fold/Z Flip, Google Pixel Fold) that folds mid-session; the app must detect hinge position and reflow layout so content isn't stranded at the crease. — (first defined in MOB-013)
- Foreground handler
- — A callback that executes when a push notification arrives while the app is actively running in the foreground, needed because the OS normally routes notifications to the system tray instead. — (first defined in MOB-006)
- Foreign-qualification
- — Registration of a business entity in a state where it operates but was incorporated elsewhere, often required when an LLC formed in one state has employees or income in another state. — (first defined in FUND-001)
- Formatting
- — Automatic, deterministic enforcement of code style (whitespace, indentation, quote style) so every developer writes in the same voice. — (first defined in ENV-005)
- Founder-market fit
- — The degree to which your specific unfair advantages (domain knowledge, user empathy, distribution) actually match the problem you're solving. — (first defined in VAL-010)
- Four-fifths rule
- — An employment-selection guideline that flags potential adverse impact when the selection rate for a protected group is below 80% of the highest-rate group's selection rate. — (first defined in ETH-002)
- Fractional CTO / fractional technical partner
- — A senior technical leader who takes a modest equity stake (typically 5–15% with vesting) and real responsibility for architecture and code quality on a part-time basis. — (first defined in PPL-001)
- Fraud holdback
- — A delay in paying affiliate commissions (e.g., 14 days after a signup clears) to allow refunds and ensure the conversion is genuine. — (first defined in GTM-007)
- Freemium
- — A monetization model where users get a free basic version of the app and pay for premium features or advanced functionality. — (first defined in MON-001)
- Frequency (% of sessions)
- — In crash triage, the percentage of user sessions affected by a crash type, used to identify bugs that are devastating where they land. — (first defined in OPS-002)
- Frequency and urgency
- — The two axes that determine whether a job can sustain a consumer app: how often the job recurs and how much pain it causes when it isn't solved. — (first defined in VAL-001)
- Frequency capping
- — A server-side limit on how many notifications of a given category a user receives within a time period (e.g., no more than 1 discretionary notification per day). — (first defined in ETH-003)
- Frida
- — A free, actively-maintained runtime instrumentation toolkit that can bypass client-side security checks like jailbreak detection and TLS pinning. — (first defined in SEC-009)
- Friendly fraud
- — A chargeback where the customer genuinely authorized the charge but later disputes it, typically due to forgetting the purchase, not recognizing the descriptor, or being surprised by a renewal. — (first defined in PAY-012)
- Frozen install
- — Installing dependencies from a committed lockfile without resolving version ranges, ensuring every build uses the exact same tree. — (first defined in ENV-003)
- FTC disclosure
- — A clear, upfront statement (e.g., #ad, #sponsored) required by US law when a creator endorses a product in exchange for material benefit. — (first defined in GTM-007)
- Full-jitter exponential backoff
- — A retry strategy where
sleep = random(0, min(cap, base · 2^attempt)); desynchronizes retries so thousands of reconnecting phones don't all retry at once (no fixed jitter). — (first defined in MOB-017) - Full-text search (FTS)
- — Database-native keyword matching using inverted indexes, allowing substring and relevance ranking; the default starting point for search in most apps. — (first defined in ARC-015)
- Fully-loaded cost
- — An employee's true expense to the company, calculated as base salary plus payroll taxes, benefits, equipment, software, and management overhead—typically 1.25x to 1.4x the base salary. — (first defined in PPL-004)
- Funnel
- — An ordered sequence of steps toward a goal (e.g., signup → onboarding → purchase) measured by how many users complete each step in sequence. — (first defined in ANL-005)
G
- GDPR 72-hour notification
- — A regulatory requirement under GDPR Article 33 to notify the supervisory authority of a personal data breach within 72 hours of awareness. — (first defined in SEC-012)
- General Liability (GL) insurance
- — Coverage for third-party bodily injury, property damage, and personal/advertising injury (not data breach or professional errors); foundational and inexpensive for small apps. — (first defined in LEG-004)
- General-Purpose AI (GPAI) model
- — An AI model trained on broad data and capable of adapting to multiple tasks (e.g., Claude, GPT-4, Gemini); subject to GPAI-specific obligations under EU AI Act Articles 53–54. — (first defined in CMP-006)
- Geo-holdout test
- — An incrementality experiment that pauses ad spend in selected geographic markets (test markets) while continuing in matched control markets, comparing aggregated backend revenue to isolate channel impact. — (first defined in GRO-009)
- Gestalt laws (or visual grouping)
- — Design principles that explain how people perceive visual relationships and hierarchies, used to organize content so viewers naturally understand structure. — (first defined in UI-004)
- Git LFS (Large File Storage)
- — A Git extension that stores large binary files (images, video) outside the repository to avoid bloating clone time, with pointers kept in Git. — (first defined in ENV-001)
- GitHub Actions
- — GitHub's native CI/CD platform that runs workflows in YAML, with hosted runners for Linux, Windows, and macOS. — (first defined in ENV-006)
- GitHub Issues
- — GitHub's native issue tracker, integrated with pull requests and repositories, with auto-close on PR merge via 'Closes #N' keywords. — (first defined in ENV-009)
- Gitleaks
- — A command-line secret scanner using regex patterns to search git history for accidentally-committed credentials and tokens. — (first defined in SEC-008)
- Global Privacy Control (GPC)
- — A browser and device signal that communicates a user's opt-out preference for data sale/sharing; businesses are legally required to honor this signal in many US states and some EU jurisdictions. — (first defined in CMP-002)
- Go / no-go gate
- — A binary checklist of pre-decided conditions (all green to GO, any red to NO-GO) executed at launch time to decide whether to ship or hold; removes judgment from a sleep-deprived moment. — (first defined in LAU-005)
- Golden set
- — A curated collection of 20–50 real test cases (inputs + expected behaviors) that serves as a regression suite for AI features, sourced from real usage not synthetic generation. — (first defined in QA-009)
- Golden-DB corpus
- — A collection of real database files captured at each historical shipped schema version, replayed forward through migrations to catch data loss and skip-version breaks. — (first defined in QA-006)
- Google Consent Mode v2
- — Google's framework that passes consent state to Google services and enables measurement in the EU even when certain tracking is not allowed. — (first defined in PRV-004)
- Google Play Billing Library
- — Google's in-app purchase SDK with required acknowledgement within 3 days (or auto-refund), supporting subscriptions and consumables. — (first defined in MOB-009)
- Google Play closed testing
- — Google's beta testing track for Android, allowing controlled distribution to selected testers with feedback collection and crash tracking. — (first defined in TST-007)
- GPU-backed animation (or compositor animation)
- — Animation of properties like transform and opacity that the graphics processor can handle without forcing layout recalculation, keeping motion smooth at 60 fps. — (first defined in UI-007)
- Grace period
- — A window of days (typically 3-7) where a user retains access to a subscription after a payment fails, allowing time to update their payment method before service is cut. — (first defined in MON-001)
- Grace window
- — A bounded offline period after a periodic license check during which an app continues to work even without network connectivity, expiring at a server-issued timestamp. — (first defined in DSK-009)
- Graceful shutdown
- — A process where a server drains in-flight requests and closes live connections cleanly before stopping, rather than terminating abruptly. — (first defined in SCA-001)
- GraphQL
- — A query language and API style where clients request exactly the fields they need, reducing over/under-fetching but adding resolver complexity. — (first defined in ARC-003)
- Gray-box testing
- — Test automation that synchronizes with the application's internal event loop or state, reducing timing flakiness compared to black-box approaches that only observe external behavior. — (first defined in QA-002)
- Grounding
- — Anchoring an LLM output to verified sources via retrieval so it does not fabricate facts. — (first defined in AI-014)
- Growth accounting
- — A formula decomposing user growth into three components (new users + resurrected users − churned users) that prevents acquisition spend from masking underlying churn. — (first defined in STR-002)
- GTM motion
- — The coordinated execution of a product launch across channels and touchpoints — including announcement timing, messaging, platform pushes, and the sequencing of surfaces. — (first defined in GTM-017)
- Guardrail metrics
- — Secondary metrics (e.g., crash rate, 7-day retention, refund rate) watched alongside the primary metric to catch local maxima—wins that help one metric while hurting others. — (first defined in ITER-002)
H
- Hallucination
- — When an LLM generates plausible-sounding but false or invented information, a core failure mode that evaluation must catch. — (first defined in QA-009)
- Handoff (cross-device)
- — A feature that lets users resume their context (scroll position, document, screen) on another device where they left off. — (first defined in XP-004)
- Hard paywall
- — A trial or subscription gating model where free users cannot use core features until they pay, typically driving higher conversion but lower top-of-funnel volume. — (first defined in STR-004)
- Hard spend cap
- — An enforced limit set at the provider level that stops serving requests when spending reaches a threshold, preventing runaway costs. — (first defined in FIN-001)
- Hard-delete
- — Permanently and immediately removing a row or record from a database, as opposed to marking it as deleted with a timestamp. — (first defined in PRV-005)
- Hardened Runtime
- — A macOS security feature that blocks exploit classes like JIT and code injection at the OS level; prerequisite for notarization. — (first defined in DSK-014)
- Hash-matching
- — A technique that compares image or video file hashes against known CSAM databases (e.g., NCMEC's) to detect and block known illegal material. — (first defined in ETH-005)
- Headless accessible component library
- — A library (e.g., React Aria, Radix UI) that provides keyboard, focus, and ARIA behavior for custom widgets without imposing styles, so you own the look while reusing correct semantics. — (first defined in A11Y-003)
- Health Breach Notification Rule (HBNR)
- — An FTC regulation that applies to non-HIPAA consumer health apps; requires breach notification and prohibits sharing consumer health data with advertisers without explicit consent. — (first defined in CMP-003)
- Health check
- — A read-only API endpoint or command that returns the status of a system or service, used to verify that a deploy or recovery succeeded before considering it complete. — (first defined in DOC-003)
- Hermes
- — A JavaScript engine developed by Meta, the default and mandatory engine on Expo SDK 56+; reduces JS bundle size 15–25% versus plain JavaScript via bytecode compilation. — (first defined in MOB-017)
- High-fidelity mockup (or high-fi)
- — A near-production design rendering showing final colors, typography, spacing, icons, imagery, and every interactive state, serving as the bridge between wireframes and code. — (first defined in UI-004)
- High-risk AI (Annex III, EU AI Act)
- — An AI system that makes or materially influences decisions about employment, education, creditworthiness, essential services, law enforcement, biometrics, or migration; requires conformity assessment and human oversight. — (first defined in CMP-006)
- HIPAA covered entity
- — Under HIPAA, a healthcare provider, health plan, or healthcare clearinghouse; only these entities and their business associates are bound by HIPAA, not consumer health apps. — (first defined in CMP-003)
- Hoisted node_modules
- — A dependency resolution strategy where packages are placed at the root level so tools like Metro can find and transform them, used to work around limitations of symlink-based dependency resolution. — (first defined in MOB-001)
- Hold window
- — The delay period between when a payment lands and when a seller's cut is transferred to their bank, protecting against chargebacks. — (first defined in BE-019)
- Holdout (control group)
- — A subset of users (typically 5-20%) intentionally excluded from an ad campaign so their behavior can be compared against exposed users to measure true causal effect. — (first defined in GRO-009)
- Hot reload
- — Development feature that instantly reflects code changes in the running app, preserving app state. — (first defined in ARC-006)
- Hotfix
- — An expedited security fix deployed through a fast-track CI/CD path that bypasses normal release cooldowns to address a critical vulnerability quickly. — (first defined in SEC-013)
- HSM (Hardware Security Module)
- — A physical or cloud-based device that stores cryptographic keys and performs signing operations, now required by law for publicly-trusted Windows code-signing keys to prevent key theft. — (first defined in DSK-007)
- HSTS (HTTP Strict-Transport-Security)
- — A security header that tells browsers to always connect to your site over HTTPS, even on first visit, preventing downgrade attacks. — (first defined in SEC-002)
- HTTP caching
- — Using Cache-Control headers and ETags to let CDNs and clients cache GET responses without extra infrastructure. — (first defined in ARC-003)
- Human Interface Guidelines (HIG)
- — Apple's published design language and principles for iOS and macOS, defining navigation, typography, spacing, color semantics, accessibility, and motion standards. — (first defined in UI-005)
- Human-in-the-loop (HITL)
- — Routing AI decisions to a person for review and override authority before the output ships or action executes. — (first defined in AI-018)
- Hurdle rate
- — The minimum acceptable return (e.g., ROAS or CAC) required to justify spend on a channel, typically derived from LTV and payback-period targets. — (first defined in GRO-007)
- Husky
- — A Git hooks framework that runs scripts (like linting or tests) before commit or push, preventing bad code from being committed. — (first defined in ENV-005)
- Hybrid search
- — Combining keyword-based search (BM25) with semantic vector search, then fusing the results — necessary for corpora with exact-match requirements (names, SKUs, product codes). — (first defined in AI-008)
I
- I/O-bound
- — A workload where most request time is spent waiting on external I/O (database, API, storage) rather than executing code. — (first defined in ARC-008)
- i18n (internationalization)
- — The architecture and code that separates user-facing strings from logic, storing them in external translation catalogs keyed by ID so adding a new language is data translation rather than code rewriting. — (first defined in I18N-001)
- IARC (International Age Rating Coalition)
- — A coalition of regional rating boards (ESRB, PEGI, USK, ClassInd, GRAC) that generates age ratings for multiple storefronts from a single questionnaire response. — (first defined in SHIP-004)
- ICP (ideal customer profile)
- — A precise description of the target user or buyer—who they are, what they do, what they spend, and why they'd choose your solution—used to focus research and recruiting. — (first defined in VAL-002)
- ICU MessageFormat (ICU MF1)
- — A standard message templating format that handles plurals, genders, numbers, and dates using Unicode CLDR locale rules so your code doesn't need language-specific branching logic. — (first defined in I18N-001)
- Idempotency
- — The property that performing an operation multiple times produces the same result as performing it once; critical for payment and webhook handlers that may retry, to prevent double-charging or double-granting. — (first defined in MON-001)
- Idempotency key
- — A unique identifier passed with an external API request so that retries result in the same outcome without duplication or side effects. — (first defined in PRV-005)
- Idempotent webhook
- — A webhook handler that safely processes the same event multiple times without creating duplicate charges or grants, using event deduplication. — (first defined in FIN-004)
- Idempotent webhook handler
- — A webhook handler designed to produce the same result no matter how many times it runs, so retried payment notifications don't double-charge or duplicate entitlements. — (first defined in I18N-007)
- Identity merge
- — The process of stitching together events from an anonymous visitor and their logged-in account using an identify call, so one human's journey is a single user record. — (first defined in ANL-005)
- Identity realm
- — The authentication system (provider) that issues and validates tokens for all clients and products, a single source of truth. — (first defined in ARC-025)
- IDFA (Identifier for Advertisers)
- — A unique Apple-provided ID per device used for cross-app behavioral advertising; accessing it requires App Tracking Transparency (ATT) prompt consent on iOS. — (first defined in CMP-014)
- Impact level (critical, serious, moderate, minor)
- — A severity classification axe-core assigns to violations; gating CI on critical+serious lets teams adopt automation on legacy codebases without freezing all merges. — (first defined in A11Y-006)
- Impression
- — A single ad display/load event; the unit of measurement for fill rate and no-fill alerting. — (first defined in MOB-023)
- In-app account deletion
- — A required feature allowing users to delete their account directly within the app, mandated by Apple's review guidelines. — (first defined in SHIP-008)
- In-app inbox
- — A persistent notification center within the app where users pull non-urgent messages on their own schedule, reducing the need for push interruptions. — (first defined in ETH-003)
- In-app purchase (IAP) / app-store subscription
- — A subscription sold through Apple App Store or Google Play; the platform collects the priced consent via its purchase sheet and owns the cancellation surface (which users access via system Settings). — (first defined in CMP-008)
- Incident
- — An event involving a suspected data leak, unauthorized access, compromised dependency, or suspicious access pattern requiring containment and assessment. — (first defined in SEC-012)
- Incident commander
- — The role responsible for declaring an incident, running the response runbook, and coordinating between technical responders and decision-makers. — (first defined in SEC-012)
- Incrementality (causal lift)
- — A controlled measurement of whether ad spend actually caused an outcome that wouldn't have happened without it, answered through experiments with randomized control and test groups rather than attribution alone. — (first defined in GRO-009)
- Incrementality test
- — A holdout test (pausing ads in a region/time window and comparing to a control) to measure the actual installs an ad channel caused. — (first defined in GTM-009)
- Indirect competitors
- — Products that solve the same job via a different wedge, for a different user, or at a different price; they may converge on your target over time. — (first defined in VAL-003)
- Indirect prompt injection (for agents)
- — An attack where instructions are hidden in content the agent fetches (web pages, issues, READMEs) to try to override the agent's original instructions and steer its behavior. — (first defined in META-006)
- Information Architecture (IA)
- — How you organize screens, content, and features so users know where they are and how to get where they need to go. — (first defined in UX-001)
- Infrastructure-as-Code (IaC)
- — Declaring servers, databases, networking, and secrets in version-controlled text files instead of clicking them together in a cloud console. — (first defined in ENV-011)
- Injection attack
- — A broad class of attacks where attacker-supplied data crosses from being treated as a value into being treated as code or a command (SQL, NoSQL, shell, LDAP, XPath). — (first defined in SEC-007)
- INP (Interaction to Next Paint)
- — A Core Web Vitals metric measuring the delay from user input to visual feedback, with a 'good' threshold of ≤200 ms, threatened most by main-thread animation and heavy script. — (first defined in UI-007)
- In-progress state (dedup)
- — A state marking a mutation as being processed; concurrent retries check this state and back off (409 Conflict) rather than racing to apply the same change twice. — (first defined in MOB-018)
- Input metrics (leading indicators)
- — 3–6 measurable behaviors your team can move this sprint that predict where the north-star metric goes next, such as activation rate or day-3 return rate. — (first defined in GRO-005)
- Input validation
- — The practice of checking that data arriving at a trust boundary conforms to expected type, format, length, and range before the system acts on it. — (first defined in SEC-007)
- Integration tests
- — Tests that exercise multiple pieces of code working together—such as a component rendered with real interactions or an API route against a real test database—catching bugs at system boundaries. — (first defined in QA-001)
- Intelligent Tracking Prevention (ITP)
- — Safari's privacy mechanism (since 2020) that blocks third-party cookies by default and limits first-party tracking to defined windows. — (first defined in ANL-008)
- Intended use
- — The purpose a regulatory authority reads from the product's user interface, marketing, and functionality—not from your disclaimer—used by the FDA to classify medical devices and by regulators to determine licensing requirements. — (first defined in CMP-001)
- Interaction design
- — The specification of what happens when a user taps, swipes, or types—including animations, feedback, and haptics. — (first defined in UX-004)
- Interception (sentiment interception)
- — Detecting user sentiment in-app before they post a public review, routing unhappy users to private feedback/support instead of public complaints. — (first defined in OPS-004)
- Interchange-plus
- — A payment processor pricing model based on actual card-network fees (interchange and scheme costs) plus a percentage markup, which beats flat-rate pricing at high volume. — (first defined in PAY-001)
- Interstitial
- — A full-screen ad that interrupts the user experience, typically shown at natural breakpoints; high eCPM but retention-damaging if overused or poorly timed. — (first defined in PAY-018)
- Interstitial ad
- — A full-screen advertisement that appears at natural breaks in app flow, like between levels or after task completion. — (first defined in UX-011)
- Intl API (ECMA-402)
- — JavaScript's built-in internationalization object (Intl.DateTimeFormat, Intl.NumberFormat, Intl.PluralRules) that formats dates, numbers, and currency correctly per locale using CLDR data. — (first defined in I18N-004)
- Introductory offer / trial conversion
- — A temporary promotional rate or free trial that converts to a full-price charge; must disclose the full rate ladder and exact first-charge date and amount before enrollment. — (first defined in CMP-008)
- Invalid traffic
- — Bots, fraud, or incentivized fake clicks flagged by the ad network; using production ad units in development can trigger invalid-traffic flags. — (first defined in MOB-023)
- Invariant
- — A business rule that must always hold true (e.g., a user cannot have two active subscriptions), enforced by database constraints and application logic. — (first defined in BE-005)
- Involuntary churn
- — When a paying customer's subscription ends because their payment method failed rather than because they voluntarily cancelled. — (first defined in PAY-011)
- IP assignment
- — A signed written agreement that transfers ownership of intellectual property (code, designs, algorithms, trade secrets) from the person who created it to the company. — (first defined in PPL-003)
- IPC (Interprocess Communication)
- — A mechanism for the JavaScript/webview layer and the native Rust/OS layer to exchange messages and commands, crossing the boundary between them without exposing OS internals to the renderer. — (first defined in DSK-001)
- iROAS (incremental return on ad spend)
- — The revenue actually driven by ad spend, measured through incrementality testing, correcting for the difference between attributed ROAS (which includes organic overlap) and true causal impact. — (first defined in GRO-009)
- Irreversibility
- — Whether an action can be undone (sending email, moving money, deleting data are irreversible; drafts are reversible). — (first defined in AI-018)
- ISMS (Information Security Management System)
- — A documented set of policies, procedures, and controls an organization operates to manage information security—ISO 27001 requires you to build and maintain one; it includes access control, incident response, vendor management, and audit logging. — (first defined in CMP-015)
- ISO/IEC 27001:2022
- — International pass/fail certification against a standard for information security management; you build a documented ISMS (Information Security Management System) and an accredited body audits it; certificate valid three years with annual surveillance audits. — (first defined in CMP-015)
- Issue tracker
- — A tool that maintains the canonical list of what is being built, what is broken, and what is next, with state transitions and history. — (first defined in ENV-009)
- ITSAppUsesNonExemptEncryption
- — An iOS Info.plist key that tells Apple whether your app uses encryption beyond the platform's standard TLS and Keychain—set to NO if you only use exempt encryption (HTTPS, OS APIs) to skip the App Store encryption questionnaire. — (first defined in CMP-012)
- ITU (intent-to-use) trademark filing
- — A USPTO §1(b) application that locks a nationwide priority date for a trademark before you've used it in commerce, valid if you file a Statement of Use after launch. — (first defined in VAL-009)
J
- Jailbreak
- — A prompt designed to make a model ignore its safety rules or system instructions. — (first defined in AI-013)
- Jailbreak / root detection
- — Client-side checks for suspicious file paths and capabilities suggesting the device is jailbroken (iOS) or rooted (Android), i.e., its OS security sandbox has been removed; best treated as a signal to backend risk-scoring, not a hard gate. — (first defined in SEC-009)
- Jank
- — Visible stuttering or frame drops in the UI (< 50 fps on standard or < 60 fps on 120 Hz displays), perceived by users as 'broken' even without a crash. — (first defined in QA-011)
- Job story
- — A variant of the user story framed around the triggering situation: "When [situation], I want to [motivation], so I can [outcome]," emphasizing context over assumed solutions. — (first defined in STR-006)
- Journey map
- — A high-level view of a user's entire lifecycle through key stages like discover, onboard, activate, engage, convert, and churn. — (first defined in UX-002)
- JSI binding
- — A native binding that allows JavaScript code to call C++ or native functions directly without crossing the JavaScript bridge, reducing overhead for performance-critical operations. — (first defined in MOB-004)
- JSONB
- — A PostgreSQL column type for storing and querying semi-structured data as JSON, balancing flexibility with searchability. — (first defined in ARC-002)
- JTBD (job-to-be-done)
- — The specific outcome a user is trying to accomplish in a particular situation, framed as their own motivation rather than as a product feature. — (first defined in VAL-001)
- Just-in-time disclosure
- — Explaining data collection or AI use at the moment it happens (e.g., when asking for location permission), rather than burying it in a policy document. — (first defined in ETH-004)
- JWKS (JSON Web Key Set)
- — A standard public-key endpoint that identity providers expose for token verification; should be cached to avoid rate-limiting. — (first defined in XP-006)
K
- KEV (Known Exploited Vulnerabilities)
- — A CVE that is actively being exploited in the wild, tracked by CISA, and prioritized for immediate patching over less-exploited vulnerabilities. — (first defined in OPS-007)
- Key completeness
- — A test gate that verifies every user-visible string key in the source language has a translation in the target language with no empty or untranslated values. — (first defined in QA-008)
- Keyboard operability
- — The ability to reach and trigger every interactive element on a page using only keyboard (Tab, Enter, Escape, arrow keys, etc.), with no mouse required. — (first defined in A11Y-004)
- Keyword stuffing
- — Overloading app titles, subtitles, or keyword fields with repeated or irrelevant search terms to manipulate ranking; a policy violation that triggers store rejection or deindexing. — (first defined in SHIP-001)
- Kill criteria
- — Specific, written conditions (metric + threshold + date horizon) under which you stop, pivot, or abandon a feature or the whole product, decided upfront to prevent emotional drift. — (first defined in STR-007)
- Kill switch (feature flag)
- — A remote, server-side control that instantly disables a broken or risky feature (or blocks old app versions entirely for critical security fixes) without requiring a new build, mobile app update, or store review. — (first defined in OPS-005)
- Knowledge base / Help center
- — A searchable repository of articles answering user questions, designed to self-serve common support issues before they reach your inbox. — (first defined in SHIP-011)
- KYB (Know Your Business)
- — The business equivalent of KYC, requiring verification of business registration, beneficial ownership, and legitimacy before enabling payouts for business sellers. — (first defined in PAY-017)
- KYC (Know Your Customer)
- — The process of verifying a person's identity and confirming they are not sanctioned or engaged in illegal activity; a precondition for enabling payouts in a marketplace. — (first defined in PAY-017)
L
- Lagging indicator
- — A metric that reflects past outcomes but arrives too late to act on for the affected cohort (e.g., day-30 retention is 30 days behind the day-0 signup). — (first defined in ITER-001)
- Landing-page smoke test
- — A one-page description of the product with a call to action (signup, waitlist, 'buy' button) sent paid traffic to measure whether the message resonates. — (first defined in VAL-006)
- Latency budget
- — Maximum milliseconds your UX can wait for a response before falling back to a cached answer, cheaper model, or manual input. — (first defined in AI-016)
- Launch window
- — The concentrated period around launch day (typically T-0 to T+4-6 hours) when peak traffic and risk are highest, requiring active monitoring and decision-making. — (first defined in LAU-004)
- Launch-at-login
- — OS-native registration that starts the app automatically when the user logs in, implemented via SMAppService on macOS or registry keys on Windows. — (first defined in DSK-016)
- Lawful basis
- — One of six legal grounds under GDPR that justifies processing personal data: consent, contract, legal obligation, vital interests, public task, or legitimate interest. — (first defined in PRV-003)
- Leading indicator
- — A metric you can move this sprint that predicts the outcome you care about, like activation rate or time-to-first-value, as opposed to lagging indicators that describe what already happened. — (first defined in STR-002)
- Learning phase
- — The period after launching an ad campaign during which Meta and Google optimize their algorithms; requires sufficient conversions per week to exit. — (first defined in GTM-009)
- Least-privilege (for agents)
- — A security posture where an agent has only the minimal scoped credentials and tool access needed for its task, with production-mutating tools strictly forbidden. — (first defined in META-006)
- Legitimate interest
- — A lawful basis for processing personal data when the controller has a real, documented business need that does not override the user's privacy rights. — (first defined in PRV-003)
- Legitimate Interests Assessment (LIA)
- — A mandatory three-part documented analysis proving a legitimate-interest processing is lawful: the interest exists, processing is necessary, and it does not override user rights. — (first defined in PRV-003)
- License Exception ENC (15 CFR §740.17)
- — A US regulatory path that allows export of mass-market encryption under conditions including self-classification and annual reporting to BIS and NSA—the standard path for consumer apps shipping app-level encryption. — (first defined in CMP-012)
- Lifecycle messaging
- — Automated, behavior-triggered multi-step communication across email and push that follows a user through their product journey (onboarding, activation, re-engagement, retention). — (first defined in GTM-011)
- Lighthouse (Core Web Vitals)
- — Google's web performance auditing tool that measures and reports on loading speed, interactivity, and visual stability metrics that affect user experience and search ranking. — (first defined in UI-007)
- Limited ads (non-personalized)
- — Lower-CPM ad tier served when personalized targeting isn't available; silently downgraded for regulated-zone users without a certified consent gate. — (first defined in MOB-023)
- Limited-risk AI (EU AI Act)
- — An AI system that assists but does not make binding decisions (e.g., chatbot, recommendation, content generation); requires transparency disclosure but not conformity assessment. — (first defined in CMP-006)
- Linear
- — A dedicated issue tracker optimized for fast triage, with keyboard-driven workflows, GitHub/GitLab sync, and native agent integrations. — (first defined in ENV-009)
- Linting
- — Static analysis that catches bugs, anti-patterns, and suspicious code (unused variables, missing error handling) without running it. — (first defined in ENV-005)
- lint-staged
- — A tool that runs linters only on staged files in a Git commit, re-staging the fixed versions so they are included in the commit. — (first defined in ENV-005)
- Liquidation preference
- — In a preferred-stock round, the priority an investor's shares have over common stock in receiving proceeds from a sale or liquidation. — (first defined in FUND-005)
- Live Activities (ActivityKit)
- — iOS lock-screen and Dynamic Island status feed for in-progress events (deliveries, workouts); server-push-driven, must end when the event concludes. — (first defined in MOB-021)
- Live region
- — An HTML element marked with
aria-liveor platform-equivalent that announces dynamic content changes to screen readers without requiring page reload (e.g., toast notifications, validation errors). — (first defined in A11Y-002) - Liveness probe
- — A health check that verifies only that a process is running (with no dependency checks) to determine whether a platform should restart it. — (first defined in BE-002)
- LLM evaluation
- — Testing of language-model features by running a curated set of inputs through the model, scoring outputs by rule or by cross-model LLM-as-judge. — (first defined in QA-009)
- Load test (load testing)
- — Simulating a realistic spike of user traffic on staging to find the backend's capacity cliff (where latency or error rate spikes) before live launch. — (first defined in LAU-004)
- Load testing
- — Synthetic testing that drives traffic at a backend to measure latency, error rate, and resource use as concurrency climbs, validating the system can sustain real-world load. — (first defined in QA-004)
- Load-bearing fact
- — An external fact (like app-store commission rate, compliance deadline, or framework version EOL) whose change would materially affect a product decision or unit economics. — (first defined in META-005)
- Local evaluation
- — Client-side flag evaluation from a cached ruleset, avoiding network round trips and latency on every flag check. — (first defined in ARC-018)
- Local payment rails
- — Region-specific payment methods like UPI (India), Pix (Brazil), GCash (Philippines), iDEAL (EU), and Konbini (Japan) that are dominant in their home markets. — (first defined in I18N-007)
- Locale
- — A code like en-US, de-DE, or ja-JP that specifies a language and region, determining how dates, numbers, currency, and text direction are formatted. — (first defined in I18N-004)
- Localization (L10N)
- — The process of translating and adapting an app's text, numbers, dates, imagery, and layout (including resizing for text expansion) for specific languages, regions, and cultural expectations; distinct from internationalization (i18n), the engineering work that makes it possible. — (first defined in MOB-012)
- Lockfile
- — A file generated by a package manager that records the exact version and integrity hash of every dependency and transitive dependency, ensuring reproducible builds across machines and time. — (first defined in SEC-005)
- Lock-in (vendor lock-in)
- — The situation where switching away from a tool or service becomes expensive or difficult because data, content, or integrations are stored in a proprietary format that does not export cleanly. — (first defined in DOC-005)
- Logical CSS properties
- — CSS properties like margin-inline-start and padding-block-end that automatically reverse in RTL contexts, replacing physical left/right properties so a single layout works for both directions. — (first defined in I18N-003)
- Logical pixels (DIPs)
- — The coordinate system used for layout and drawing in code; the OS maps these to physical pixels at runtime based on the device pixel ratio. — (first defined in DSK-015)
- Logical replication
- — A PostgreSQL feature that streams logical changes (inserts/updates/deletes) to subscribers, enabling client sync engines. — (first defined in ARC-009)
- loopback interface
- — A local-only network listener on 127.0.0.1 (not 0.0.0.0) that an app can bind to receive OAuth callbacks, keeping the exchange local to the machine without exposing it to the network. — (first defined in DSK-005)
- LoRA (Low-Rank Adaptation)
- — A parameter-efficient fine-tuning technique that trains only ~0.1-1% of a model's weights as a small adapter that layers on top of a frozen base, reducing training cost and hardware requirements. — (first defined in AI-010)
- Lottie (animation format/library)
- — An open-source format and runtime for exporting After Effects animations as JSON, playable natively on iOS, Android, and web, though it can silently drop unsupported effects. — (first defined in UI-007)
- Low-code platform
- — A hosted visual builder (Bubble, FlutterFlow, Webflow) where you draw screens and wire logic in a flow editor instead of writing source code. — (first defined in VAL-011)
- LRU (least recently used)
- — A cache eviction policy that removes the least-recently-accessed entry when the cache fills. — (first defined in ARC-009)
- LTV (lifetime value)
- — The total profit a business expects to earn from a single customer over the duration of their relationship. — (first defined in MON-001)
- Luhn check
- — An algorithm that validates credit card numbers by checking their mathematical checksum, catching typos and invalid numbers. — (first defined in UX-008)
- LWW (Last-Write-Wins)
- — The newest write to a field wins; simple but silently discards the loser's edit. — (first defined in ARC-001)
M
- Machine-readable marking (AI Act Article 50)
- — Metadata or digital provenance (e.g., C2PA Content Credentials) attached to AI-generated media indicating it is artificially generated, designed to survive resharing and re-encoding. — (first defined in CMP-006)
- MADR (Markdown Any Decision Records)
- — A lightweight template format for documenting architecture decisions with sections for context, options considered, the chosen option, and consequences, designed to live in version control. — (first defined in DOC-002)
- Managed sync engine
- — A service (PowerSync, ElectricSQL) that handles offline-first sync between client SQLite and a backend database, owning conflict resolution. — (first defined in ARC-001)
- Marginal return (marginal efficiency)
- — The revenue or installs gained from the next incremental dollar spent on a channel, measured as the slope of the response curve at current spend. — (first defined in GRO-007)
- Marketing-mix modeling (MMM)
- — A statistical technique that estimates each marketing channel's contribution to installs or revenue by analyzing aggregate weekly spend and outcomes, working backward from totals rather than tracking individual users. — (first defined in GRO-010)
- Marketplace payout
- — The transfer of a seller's portion of a buyer's payment from the platform's account to the seller's bank account after a hold period. — (first defined in BE-019)
- Marshalling data (schema versioning)
- — Ensuring that a mutation created on an old schema can be replayed after a backend migration without crashing or corrupting data. — (first defined in XP-005)
- Mart (or business table)
- — A finalized dbt table shaped for BI and analysis (one row per user, one row per account-month), distinct from raw staging tables. — (first defined in ITER-009)
- Master Service Agreement (MSA)
- — A contract that governs the terms of service, including liability caps, indemnification, data privacy, and payment terms, between a business and a software vendor. — (first defined in GTM-016)
- Material change (privacy policy)
- — A modification to your data practices (new tracker, new data type, expanded use, or new data sharing) that legally requires re-consent from users rather than silent update. — (first defined in LEG-002)
- Material Design (or Material 3)
- — Google's design system and language for Android apps, defining interaction patterns, typography scales, color semantics, accessibility guidelines, and motion conventions. — (first defined in UI-005)
- Material terms (subscription)
- — Subscription details that must be clearly and conspicuously disclosed before purchase: price, billing frequency, trial duration, exact first-charge date, and how to cancel. — (first defined in CMP-008)
- Materialized view
- — A pre-computed, persistently stored query result in a database that can be refreshed on a schedule, used for expensive aggregations without recalculating them on every query. — (first defined in ANL-004)
- MAU (monthly active users)
- — People who used an app at least once in the last 30 days, the primary unit for measuring both costs and revenue per user. — (first defined in FIN-001)
- McCabe's cyclomatic complexity
- — A metric counting the number of linearly independent paths through code; complexity ≥10 is a testability threshold and a code-quality warning. — (first defined in SCA-009)
- MCP (Model Context Protocol)
- — A standard protocol that allows AI agents to call external tools and APIs (like databases, deployment systems) in a controlled, structured way. — (first defined in META-006)
- Measurement partner (MMP)
- — A vendor (AppsFlyer, Adjust, Branch) that centralizes iOS and Android attribution data from multiple ad networks and provides cross-network campaign comparison and fraud detection. — (first defined in ANL-007)
- Memory budget (30 MB)
- — iOS WidgetKit's documented approximate memory ceiling; exceed it and the system silently terminates the widget process with no user-facing error. — (first defined in MOB-021)
- Memory-mapped key-value store
- — A synchronous storage mechanism that keeps data in memory-mapped regions so reads and writes do not cross the application bridge, enabling fast access without async latency. — (first defined in MOB-004)
- Merchant of record (MoR)
- — The entity legally responsible as the seller of your product: collecting payment, remitting VAT/sales tax, and handling chargebacks and PCI compliance. On app stores Apple/Google are the MoR; for direct/web sales the developer is, unless using a third-party MoR like Paddle. — (first defined in FIN-001)
- Merge gate (branch protection)
- — Automated rules enforced by version control that block code from merging to main without passing required checks (tests, security scans, approvals). — (first defined in SCA-003)
- Merge queue
- — A CI feature that batches parallel PRs, rebases each against the latest main in order, and merges only those that pass. — (first defined in ENV-010)
- Metric contradiction
- — A silent error where the same event is fired under different names from different code paths, causing dashboards to double-count or split users unpredictably. — (first defined in ANL-001)
- Metro bundler
- — React Native's bundler that historically had issues with pnpm symlinks, requiring special configuration to resolve workspace packages correctly. — (first defined in XP-001)
- MFA (multi-factor authentication)
- — Requiring a second proof of identity (passkey, authenticator app, recovery code) in addition to the primary credential. — (first defined in ARC-004)
- MFN (Most Favored Nation)
- — A clause granting an investor automatic access to the best terms granted to any other investor in the same funding round. — (first defined in FUND-005)
- Microcopy
- — Small, task-focused text like button labels, error messages, and tooltips that guides users through a single action. — (first defined in UX-006)
- Migration
- — A version-controlled, repeatable change to your database schema (adding a column, creating an index, renaming a table) that is committed to Git and applied identically across environments. — (first defined in BE-001)
- Minidump
- — A compact binary core dump of a crashed process that is meaningless until symbolicated (mapped back to function names and line numbers using debug symbols). — (first defined in DSK-010)
- Minimum commitment
- — A contractual requirement to spend at least a certain amount during a contract period, locking in costs and creating exit friction. — (first defined in FIN-005)
- Minimum detectable effect (MDE)
- — The smallest change in a metric (e.g., a 2% lift in conversion) that an experiment is designed to detect with the given sample size and confidence level. — (first defined in ANL-006)
- Minimum release age (dependency cooldown)
- — A time-based gate in Renovate that prevents pulling a dependency version until it has been live in the wild for N days, defending against poisoned package releases. — (first defined in OPS-007)
- Minimum sample size
- — The minimum number of sessions or users required before a metric dip is treated as real rather than statistical noise, preventing false alarms at low-volume launches. — (first defined in LAU-005)
- Minimum-version gate
- — A server-side check that rejects client requests from app versions below a specified minimum, forcing users to update to receive patched code. — (first defined in SEC-013)
- mise.toml
- — A configuration file that pins all language runtime versions (Node, Python, Go, Rust, etc.) to exact versions, activating them on cd. — (first defined in ENV-003)
- MIT (Merchant-initiated transaction)
- — A payment initiated by you (the merchant) on a saved card without the customer present, which is out of scope for SCA/3DS requirements for renewal subscriptions. — (first defined in PAY-010)
- MITM (man-in-the-middle)
- — An attack where an attacker positioned between a client and server intercepts and potentially modifies traffic by presenting a valid certificate. — (first defined in SEC-009)
- MMKV
- — A synchronous, memory-mapped key-value storage library written in C++, faster for hot state than asynchronous alternatives because it avoids JavaScript bridge overhead. — (first defined in MOB-004)
- Moat
- — A structural advantage that makes it hard for competitors to displace you over time (e.g., data gravity, switching costs, distribution lead, network effects, reputation). — (first defined in VAL-008)
- MobSF (Mobile Security Framework)
- — A free tool for static and dynamic security testing of Android and iOS app binaries, checking for insecure storage, weak crypto, and exposed data. — (first defined in SEC-008)
- Mock service (stub)
- — A fake implementation of a third-party service (Stripe, email, push notifications) that returns scripted responses instead of calling the real API. — (first defined in ENV-012)
- Mock Service Worker (MSW)
- — A tool that intercepts HTTP requests at the network layer and returns mocked responses, reusable across unit, integration, and client tests. — (first defined in ENV-012)
- Model card
- — Documentation of an AI model's purpose, performance on evals, known limitations, and bias risks. — (first defined in AI-019)
- Model fallback
- — Switching to a cheaper or faster model (e.g. Claude Haiku instead of Opus) when the primary model times out or is rate-limited. — (first defined in AI-016)
- Model gateway
- — A server-side module that owns the provider API key and enforces cost caps, rate limits, and logging on all inference requests. — (first defined in ARC-024)
- Model versioning
- — Pinning prompts and feature logic to specific model IDs (e.g.,
claude-sonnet-4-6, not a floating 'latest' alias) so behavior and eval results remain reproducible over time. — (first defined in AI-007) - Moderated testing
- — Usability testing where a facilitator is present to ask follow-up questions and observe non-verbal hesitation. — (first defined in UX-007)
- Moderated user testing (with assistive technology users)
- — Recruiting disabled users who use screen readers, magnification, or switch access to test your app's usability in real-world conditions; high-signal feedback often cheaper than a formal audit. — (first defined in A11Y-007)
- Money Transmitter / Money Services Business (MSB)
- — A business that receives and holds customer funds or routes money between users, triggering state licensing requirements; determined by whether funds rest in or move through an account you control. — (first defined in CMP-001)
- Monitoring gate
- — A set of metrics and thresholds that must pass before proceeding to the next stage of a staged release (e.g., advancing from 1% to 10% rollout). — (first defined in SHIP-013)
- Monochrome layer (Android adaptive icon)
- — An optional single-color outline of an Android app icon that enables Material You theming on Android 13+, allowing the system to tint the icon to match the user's accent color. — (first defined in UI-002)
- Monorepo
- — A single Git repository containing multiple related packages or applications, unified by a workspace tool so they install once and share dependencies. — (first defined in ENV-001)
- Monorepo vs. multi-repo
- — Architectural choice between keeping all codebases in one repository (monorepo: easier code-sharing and cross-project refactors) or separate repositories (multi-repo: clearer ownership and independent deployment). — (first defined in META-002)
- Monotonic version number
- — A server-assigned counter that only increases and never decreases, used to order events reliably regardless of clock skew. — (first defined in XP-004)
- MoSCoW prioritization
- — A prioritization framework that categorizes features as Must-have, Should-have, Could-have, or Won't-have in this release. — (first defined in META-004)
- Motion budget
- — A documented performance limit defining which properties can animate (transform and opacity only, not layout), target frame rate, standard durations, and which animations must respect the OS reduce-motion setting. — (first defined in UI-007)
- MRR (monthly recurring revenue)
- — The predictable revenue generated every month from subscription or recurring-payment customers, used to assess business stability and validate demand. — (first defined in PPL-004)
- mTLS (mutual TLS)
- — A form of TLS where both the client and server present certificates to authenticate each other, providing identity verification in both directions. — (first defined in SEC-002)
- MTPE (machine translation + post-editing)
- — A workflow where an LLM or neural-MT engine produces a first-draft translation that a human reviewer then edits to fix errors and refine tone. — (first defined in I18N-005)
- MTR (monthly tracked revenue)
- — Gross revenue before payment-processor fees, used as the billing metric for entitlement platforms and subscription analytics services. — (first defined in FIN-004)
- MTTR (mean time to remediation)
- — The average time between discovering a vulnerability and having a fix deployed to users, a key metric for security response effectiveness. — (first defined in SEC-013)
- MTU (monthly tracked users)
- — A billing unit used by some analytics platforms (notably Amplitude) that counts unique users active in a month, independent of event volume. — (first defined in ANL-002)
- Multicollinearity
- — A situation where two or more predictor variables (e.g., Facebook and Instagram spend) are tightly correlated, making it impossible for a statistical model to separately estimate their individual contributions. — (first defined in GRO-010)
- Multi-stage build
- — A Dockerfile pattern that uses multiple FROM statements to separate build steps from runtime, reducing the final image size. — (first defined in ENV-011)
- Mutation testing
- — A technique that intentionally introduces bugs into code and verifies that tests catch those mutations, measuring whether tests actually detect bugs rather than just execute lines. — (first defined in QA-001)
- Mute (safety control)
- — A user-initiated action that silences content or notifications from another user without preventing them from seeing your content. — (first defined in UX-010)
- MVP (Minimum Viable Product)
- — The smallest product that tests your core hypothesis about whether the problem and solution are real, not the smallest product by feature count but by assumption risk. — (first defined in STR-005)
N
- N+1 query
- — A query pattern where a single request triggers N+1 database queries (one parent plus N child queries), causing severe performance degradation. — (first defined in ARC-003)
- N+1 query problem
- — A performance anti-pattern where loading N records triggers N separate queries instead of one batched query. — (first defined in ENV-012)
- Nano/micro creator
- — A content creator with 1K–100K followers, typically with higher engagement rates and more authentic audiences than larger creators. — (first defined in GTM-007)
- NAT Gateway
- — A networking resource that routes traffic from a private VPC to the internet, incurring standing hourly charges plus per-gigabyte fees regardless of usage. — (first defined in FIN-002)
- Natural Language Inference (NLI) / Entailment
- — Checking whether a claim is logically supported by source text, used to verify hallucinations were not made up. — (first defined in AI-014)
- Negative-option / dark pattern (subscription)
- — Deceptive design practices that make it easy to subscribe but hard to cancel (e.g., multi-step cancellation, required survey, phone-call-only cancellation); prohibited by US state laws and EU consumer-protection rules. — (first defined in CMP-008)
- Network effects
- — A moat where the product becomes more valuable as more people use it, creating a reinforcing loop where early users accrue value but later entrants cannot catch up. — (first defined in VAL-008)
- Network tokenization
- — A card-network system (Visa Account Updater, Mastercard ABU) that refreshes expired or reissued card credentials at the network level before a payment retry is attempted. — (first defined in PAY-011)
- New Architecture (Fabric + Hermes)
- — React Native's modernized rendering engine and JavaScript interpreter, default since React Native 0.84, improving performance and interoperability. — (first defined in ARC-006)
- North star metric
- — A single, durable behavioral measure of delivered core value (like weekly active users completing the core action) that the team optimizes for and that stays stable even as tactics, goals, and roadmaps change. — (first defined in STR-001)
- NoSQL injection
- — An attack where an attacker supplies a JavaScript object or operator (e.g., {"$gt": ""}) as user input to a NoSQL database, causing the query logic to behave unexpectedly and bypass authentication or authorization. — (first defined in SEC-007)
- Notarization
- — Apple's process of scanning and approving macOS binaries before they can run without security warnings, effectively a required gate for distribution. — (first defined in SEC-013)
- Notice-and-action mechanism
- — A required legal channel (web form or email address) that allows users or rights holders to report illegal content, to which the platform must respond in a timely and documented manner—a core Digital Services Act obligation. — (first defined in CMP-010)
- Notified body
- — A third-party organization authorized by an EU member state to conduct conformity assessments and issue certificates; required for important/critical CRA products, not for default-class software. — (first defined in CMP-005)
- Novelty effect
- — A temporary lift in engagement from a new UI or feature that regresses back to baseline after a few weeks, often mistaken for a real win. — (first defined in ANL-006)
- NSPrivacyAccessedAPITypes
- — The section of iOS PrivacyInfo.xcprivacy that lists which privacy-sensitive APIs your app calls (UserDefaults, file timestamp, disk space, system boot time) and the approved reason for each—missing declarations trigger Apple's automated rejection. — (first defined in CMP-014)
- NVDA (NonVisual Desktop Access)
- — A free, open-source screen reader for Windows; the de-facto standard for testing web and desktop accessibility on Windows due to its zero cost and wide adoption. — (first defined in A11Y-003)
O
- OAuth 2.0 / OIDC
- — Standard protocols for delegating access and authentication without sharing passwords: OAuth 2.0 authorizes access to resources (social login, third-party integrations), and OIDC (OpenID Connect) adds a verifiable identity token on top; also used by CI platforms to mint short-lived signed tokens for cloud authentication instead of long-lived static credentials. — (first defined in ARC-004)
- Object Lock
- — An AWS S3 feature that prevents overwrite or deletion of stored objects for a retention period, creating tamper-evident storage for audit logs. — (first defined in BE-014)
- Observability
- — Infrastructure to trace every LLM call with prompts, outputs, tokens burned, latency, retrieved context, and model version. — (first defined in AI-017)
- Observation period (SOC 2)
- — The time window during which a SOC 2 Type II auditor monitors your controls to verify they operated effectively—first-time observations can be as short as 3 months, not the often-repeated (false) 6-month minimum. — (first defined in CMP-015)
- Office Action (trademark)
- — A refusal or objection issued by the USPTO during examination, requiring a response within six months to address concerns like descriptiveness or likelihood of confusion. — (first defined in LEG-003)
- OKR (Objectives & Key Results)
- — A goal-setting framework pairing a qualitative Objective (the big ambition) with measurable Key Results (how you'll know you succeeded), with the north star typically the primary key result. — (first defined in STR-001)
- Onboarding runbook
- — A documented, executable procedure that takes a new developer from clone to first merged PR without asking re-answered questions. — (first defined in ENV-013)
- On-device inference
- — Running a model locally on the device (Core ML on iOS, LiteRT-LM on Android) with no network; trades latency for privacy and offline capability, with real device-support constraints. — (first defined in MOB-020)
- OpenAPI
- — A standardized, machine-readable specification for describing HTTP APIs that enables automatic documentation and typed client generation. — (first defined in BE-002)
- OpenAPI 3.1 (specification)
- — A universal, JSON-Schema-aligned standard for documenting HTTP API contracts in a machine-readable format, from which typed clients can be automatically generated. — (first defined in DOC-001)
- OpenAPI contract
- — A machine-readable specification of an API's endpoints, request shapes, and response shapes that doubles as a contract verifiable against a running backend. — (first defined in QA-005)
- Open-core
- — A business model that publishes the core product as open-source or free and monetizes a service wrapper (hosting, premium features, or support) around it. — (first defined in STR-003)
- OpenFeature
- — A vendor-neutral API abstraction layer for feature flags that allows swapping flag providers without changing application code. — (first defined in ARC-018)
- OpenTelemetry (OTel)
- — A vendor-neutral standard for collecting logs, metrics, and traces from applications, allowing flexible backend swaps. — (first defined in ARC-019)
- Optimistic UI
- — Updating the interface immediately to show the result of a user action before the server confirms it, improving perceived responsiveness. — (first defined in UX-008)
- Optimistic update
- — UI assumes a write will succeed and shows the result immediately, rolling back if the server rejects it. — (first defined in ARC-001)
- Orchestration (notification)
- — A central system that routes each event to the right channels (push, email, SMS, in-app) at the right time based on user preferences. — (first defined in BE-016)
- Ordering guard
- — A comparison of a message's timestamp to the latest applied event to reject stale or out-of-order updates. — (first defined in ARC-023)
- Organic acquisition
- — Users who find and install your app through non-paid channels: word-of-mouth, press, app store search, organic social. — (first defined in GTM-004)
- Organic baseline
- — A measurement of installs, retention, and conversions with zero paid acquisition to establish a control for comparing channel performance. — (first defined in GTM-009)
- Organic overlap (organic attribution bias)
- — The portion of attributed conversions that would have happened anyway without the ad; commonly 40-70% of attributed installs in mobile apps, causing platform ROAS to overstate true incremental impact. — (first defined in GRO-009)
- ORM (object-relational mapping)
- — A library that maps database tables to code objects, handling queries and migrations while providing type safety. — (first defined in ARC-008)
- OTA (over-the-air) translation updates
- — A mobile SDK feature that pushes translation fixes to users without requiring an App Store or Play Store review cycle. — (first defined in I18N-005)
- Outbox pattern
- — A reliable mechanism for coordinating external API calls by first recording the operation locally, then processing it asynchronously with retries. — (first defined in PRV-005)
- Output encoding
- — The practice of escaping data when emitting it into a particular context (HTML, SQL, shell command) so the receiving context cannot interpret it as code. — (first defined in SEC-007)
- OV certificate (Organization Validation)
- — An organization-verified code-signing certificate requiring identity verification but not ESM custody, triggering SmartScreen warnings until reputation builds. — (first defined in SHIP-009)
- OWASP (Open Web Application Security Project)
- — A nonprofit organization that publishes security testing guides, vulnerability rankings, and best-practice frameworks used for security assessments. — (first defined in SEC-010)
P
- P0 (critical / release-blocker)
- — The highest bug severity: crashes on startup, core features broken, data loss, or payment failure; zero acceptable at release. — (first defined in TST-010)
- P1 (high)
- — Medium bug severity: feature degraded but usable with a workaround, or rare crash; ships only if documented and fix scheduled. — (first defined in TST-010)
- P2 (low)
- — Lowest bug severity: cosmetic issues, typos, or rare edge cases; no action required at release. — (first defined in TST-010)
- P95 latency (tail latency)
- — The 95th percentile response time; captures the slow requests users actually feel and is more representative of user experience than average latency. — (first defined in LAU-002)
- PaaS (Platform-as-a-Service)
- — A managed cloud service where you push code and the vendor runs the container, deployment, autoscaler, and database, hiding the underlying OS and infrastructure. — (first defined in ARC-010)
- Package hallucination
- — An AI-generated reference to a package name that does not actually exist on the registry, either completely invented or a typosquat. — (first defined in ENV-004)
- Paid conversion
- — The percentage of free or freemium users who upgrade to a paid tier; for consumer apps, this is typically low single-digit. — (first defined in VAL-002)
- Parameterized query
- — A database query where the SQL structure is defined separately from the parameters, preventing injection attacks because data is always treated as data, not executable code. — (first defined in SEC-007)
- Parental consent
- — Documented proof that a verified adult (parent or guardian) has agreed to allow collection and processing of a child's personal data. — (first defined in PRV-010)
- Parity-safe default
- — A feature flag that defaults OFF on every client so that offline or cold-start clients won't show conflicting availability. — (first defined in XP-003)
- Partition-drop
- — Deleting an entire time-based partition of data (e.g., all events from January) in a single fast metadata operation rather than row-by-row deletion. — (first defined in PRV-006)
- Passkey
- — A cryptographic credential stored in a device keychain and synced via platform cloud, using WebAuthn to prove possession without a shared password. — (first defined in ARC-005)
- Payback period
- — How many months of margin a customer must generate to cover their CAC; a key gate for scaling spend (payback must fit within runway). — (first defined in ITER-010)
- PaymentIntent
- — A Stripe API object that coordinates a payment lifecycle from initial creation through optional 3D Secure authentication and final settlement, replacing the older Charges API. — (first defined in PAY-002)
- Paywall (purchase gate)
- — The UI moment in an app where a user is presented with subscription or payment options; testing placement, price, trial terms, and copy on the paywall optimizes revenue-per-user. — (first defined in GRO-012)
- PCI scope
- — The regulatory requirements for storing and handling credit-card data, reduced to near-zero when using hosted payment forms instead of custom card capture. — (first defined in FIN-004)
- Peeking
- — Checking a test result before the pre-registered end date; naive peeking inflates false positives (declaring a winner on noise), but sequential stats make peeking valid. — (first defined in ITER-002)
- Penetration testing
- — A deliberate, authorized security test where a human attacker systematically probes an application to find exploitable flaws. — (first defined in SEC-010)
- Penpot
- — An open-source, self-hostable design tool alternative to Figma with native design-token support, SVG-based file storage, and a 2026 MCP server for AI agent integration. — (first defined in UI-004)
- Per-call budget cap (AI operations)
- — A maximum token spend enforced at request time (e.g., via a gateway or inline guard) that hard-blocks AI calls exceeding a per-session or per-user budget. — (first defined in OPS-010)
- Percentile latency (p50, p95, p99)
- — Performance measurements where p95 means 95% of requests meet that latency (and 5% are slower)—a key metric because averages hide the slow tail that causes churn. — (first defined in QA-004)
- Perceptual hash (CSAM detection)
- — A fingerprint derived from image content that identifies known child sexual abuse material (CSAM) via matching against PhotoDNA and NCMEC databases. — (first defined in OPS-011)
- Performance spend vs. brand spend
- — Performance spend drives measurable, immediate installs; brand spend builds awareness and positioning with diffuse, delayed returns, typically allocated in a 70/30 to 80/20 ratio post-PMF. — (first defined in GTM-013)
- Permission priming
- — The practice of asking for OS permissions only after the user understands why—at the moment they take an action that needs it. — (first defined in UX-009)
- Permissive license (open-source)
- — An open-source license that imposes minimal restrictions—MIT, Apache-2.0, BSD, ISC—allowing you to use, modify, and ship the code closed-source, provided you include the license text and copyright attribution. — (first defined in CMP-013)
- Per-monitor DPI (PMv2)
- — Windows Per-Monitor V2 awareness that renders a window at the correct scale when moved between monitors with different DPI settings. — (first defined in DSK-015)
- Per-session revocation
- — A feature that allows revoking a user's access on one specific device while keeping their other devices logged in, powered by the identity provider. — (first defined in XP-002)
- Persona
- — A short, concrete character sketch representing a cluster of real users: their context, job, friction, current workaround, and what would make them switch. — (first defined in VAL-004)
- Personal data
- — Any information relating to an identified or identifiable natural person; the subject matter of GDPR and privacy law regulation. — (first defined in CMP-003)
- Perturbation testing
- — Varying demographic signals (names, dialect, language, stated identity) in test prompts to detect unfair output differences. — (first defined in AI-019)
- Phase (in the grid model)
- — One of 18 sequenced decision points across 8 stages of building a consumer app, from validation and strategy through operating and growing the product, used to order work. — (first defined in META-001)
- Phased Release (iOS)
- — Apple's fixed, 7-day staged-rollout schedule for iOS apps where the system auto-increments release percentage (1%, 2%, 5%, 10%, 20%, 50%, 100%); you cannot customize the steps. — (first defined in SHIP-007)
- Phased rollout (staged rollout, gradual rollout)
- — A delivery technique that exposes a release to an increasing percentage of existing users over time, gated by stability metrics, to limit blast radius if a regression occurs. — (first defined in LAU-001)
- Photo Picker
- — A system interface on Android and iOS allowing users to select specific photos without granting the app broad photo library access or requiring a permission prompt. — (first defined in MOB-008)
- Piercing the veil
- — When a court disregards the legal separation between a business entity and its owner's personal assets, typically due to commingling funds or fraud, exposing personal assets to business liabilities. — (first defined in FUND-001)
- PKCE
- — Proof Key for Public Clients; a security extension to OAuth that prevents authorization-code interception on mobile. — (first defined in ARC-004)
- Plan Mode (for agents)
- — A read-only planning state where an agent proposes a solution (files to touch, schema changes, dependencies) before implementing, allowing human review of the plan before code is written. — (first defined in META-006)
- Platform compliance (or design-language compliance)
- — The practice of honoring each platform's native interaction patterns and conventions (navigation, back-gesture, system colors) so the app feels at home on that OS. — (first defined in UI-005)
- Platform conventions
- — Established UI and interaction patterns users expect from their device (e.g., bottom tabs on iOS, Android system back). — (first defined in UX-003)
- Platform conversion lift
- — A native A/B testing feature (Meta Conversion Lift, Google Ads Conversion Lift) where the ad platform itself randomizes users, runs a holdout, and reports incremental lift without per-user export. — (first defined in GRO-009)
- Play Install Referrer API
- — Google's deterministic mechanism for passing referral data through the Play Store install, allowing Android apps to know which campaign triggered an install without third-party matching. — (first defined in MOB-007)
- Point-in-time recovery (PITR)
- — The ability to restore a database to any moment in time using continuous WAL archiving, allowing an RPO (recovery point objective) measured in minutes instead of hours or days. — (first defined in ARC-010)
- Policy decision point (PDP)
- — A service that evaluates authorization policies and returns whether an action is allowed, decoupled from the application's enforcement point. — (first defined in BE-004)
- Polyrepo (multi-repo)
- — Multiple separate Git repositories, each independently versioned and deployed, with shared code published to a registry and consumed by version. — (first defined in ENV-001)
- Pooling (connection pooling)
- — A technique where a single database pooler manages many client connections as a small pool of backend connections, so the application's connection limit stops being the binding constraint on scale. — (first defined in SCA-001)
- Population Stability Index (PSI)
- — Statistical measure of input-distribution change week-over-week, used as a diagnostic to explain quality drop. — (first defined in AI-017)
- Positioning
- — The internal decision about how your app sits in the user's mind: who it's for, what job it does, what it competes against, and why users should believe you. — (first defined in GTM-001)
- Postback (attribution postback)
- — A secure, cryptographically-signed message sent by Apple (SKAN) or other networks to an app's backend after a conversion, containing aggregated attribution data; not retried if lost. — (first defined in GRO-008)
- PostgreSQL
- — A mature, open-source relational database with ACID guarantees, strong SQL support, and extensions (pgvector, JSONB) for modern use cases. — (first defined in ARC-009)
- Post-money SAFE
- — A SAFE in which each investor's ownership percentage is fixed at signing; later SAFEs do not dilute earlier ones, but the founder absorbs all dilution plus the option-pool top-up. — (first defined in FUND-005)
- Postmortem (blameless postmortem)
- — A documented analysis after an incident focusing on systemic causes rather than individual blame, with tracked action items to prevent recurrence. — (first defined in OPS-005)
- Power (statistical power)
- — The probability a statistical test will detect a true effect if one exists, typically set to 80%; underpowered tests cannot reliably detect real effects and produce noise. — (first defined in GRO-009)
- PPP (Purchasing Power Parity) pricing
- — Regional pricing strategy that adjusts prices by country to match local purchasing power and willingness-to-pay, so a $9.99 US subscription becomes ₹499 in India. — (first defined in PAY-020)
- PRAGMA user_version
- — A SQLite integer field that tracks the database schema version, used to know which migrations have been applied and run only pending steps on each app launch. — (first defined in DSK-004)
- prefers-color-scheme (CSS media query)
- — A web standard that detects the user's OS dark-mode preference and allows CSS to apply different styles accordingly, respecting light and dark values. — (first defined in UI-006)
- Pre-money SAFE
- — An older SAFE variant in which later SAFEs dilute earlier investors' ownership; less common than post-money SAFEs in current practice. — (first defined in FUND-005)
- Pre-renewal reminder / billing reminder
- — Notification sent to a subscriber before a recurring charge is processed, disclosing the amount and charge date and offering a one-click cancel link; typically required 7+ days before charge. — (first defined in CMP-008)
- Presence
- — Ephemeral, high-churn state indicating who is online, who is typing, or where their cursor is; requires tight synchronization and fans out poorly if implemented naively. — (first defined in ARC-013)
- Presigned URL
- — A time-limited, cryptographically signed URL that grants temporary access to a resource (e.g., upload to an object store) without requiring long-lived credentials. — (first defined in BE-007)
- Press kit
- — A collection of media-ready assets (company description, founder bios, logos, screenshots) that journalists use to write about you without emailing for details. — (first defined in GTM-006)
- Prettier
- — An opinionated code formatter that re-prints code to a single canonical style, leaving almost nothing to configure. — (first defined in ENV-005)
- Price migration
- — The operational event of changing prices for existing users, typically involving advance notice, grandfathering or conversion with credits, and careful management to minimize churn. — (first defined in PAY-020)
- Privacy floor (crowd anonymity)
- — The minimum number of conversions (roughly 20-120 per campaign per day) required before Apple releases detailed SKAN postback data; below this threshold, data is suppressed or returns coarse-only values. — (first defined in GRO-008)
- Privacy manifest
- — Apple's required declaration of the data an app collects and why, enforced since May 2024, which must map to your tracking plan's stated purposes and any required-reason API use; Android's parallel disclosure is the Data Safety form. — (first defined in ANL-001)
- Privacy Nutrition Label
- — Apple's App Privacy label—a standardized, required disclosure showing what data an app collects, linked from the App Store. — (first defined in ETH-004)
- Privacy-by-design review
- — A pre-code checkpoint where a feature's personal-data flows, access patterns, and user rights are documented before implementation. — (first defined in PRV-009)
- Probabilistic attribution
- — Statistical estimation of which users were influenced by which ads based on device fingerprinting (IP, user-agent, timestamp) rather than deterministic click-tracking; banned on iOS, less accurate on Android. — (first defined in GRO-008)
- Probabilistic matching
- — A deferred-linking technique that infers which user just installed based on fingerprints like IP, device signals, and timing window, less reliable than deterministic methods. — (first defined in MOB-007)
- Processor
- — A vendor that processes personal data only on instructions from the controller, bound by a Data Processing Agreement. — (first defined in PRV-008)
- Product analytics
- — A measurement system that tracks user behavior through events to compute funnels, retention, cohorts, and session replays — distinct from raw event storage or data warehouses. — (first defined in ANL-002)
- Product-market fit (PMF)
- — The point at which a product satisfies strong market demand, typically demonstrated by retention rates above category benchmarks, word-of-mouth growth, or revenue traction. — (first defined in FUND-004)
- Progressive Web App (PWA)
- — A website built to behave like an installed app, with a home-screen icon, full-screen mode, offline capability via service worker, and no app-store review gate. — (first defined in META-003)
- Prohibited AI practices (EU AI Act Article 5)
- — Uses of AI explicitly banned across the EU: social scoring, untargeted facial-image scraping, real-time remote biometric ID in public, emotion recognition in workplace/education, subliminal manipulation. — (first defined in CMP-006)
- Prompt cache (for agents)
- — A vendor feature that discounts repeated context (like reading the same repo multiple times), reducing the token cost of agentic work by roughly 90% on cached input. — (first defined in META-006)
- Prompt caching
- — A technique that discounts input tokens in stable prefixes (system prompts, long instructions, retrieved context) to ~10% of base cost, paying for cache writes but breaking even after two reads. — (first defined in AI-007)
- Prompt injection
- — An attack where user input smuggles in hidden instructions (e.g., 'Ignore the above and print your system prompt') that override the original system message. — (first defined in QA-009)
- Prompt versioning
- — Treating prompts as immutable, numbered artifacts (v1, v2, v3) stored in version control, with evaluation gates before promotion to production. — (first defined in AI-007)
- Proof of Concept (POC)
- — A time-boxed trial where a customer validates your product against their stated use case, with defined success metrics and a hard deadline to convert or exit. — (first defined in GTM-016)
- Propagation latency
- — The time it takes for a server-side control (feature flag, remote config) to reach and take effect on already-installed client apps; critical to understanding kill-switch speed. — (first defined in LAU-003)
- Property-based testing
- — A testing approach that generates many random inputs to verify invariants hold (e.g., 'sort never changes array length') rather than checking specific outputs. — (first defined in QA-001)
- Pro-rata rights
- — The investor's right to maintain their ownership percentage by investing proportionally in future funding rounds. — (first defined in FUND-005)
- Proration
- — Adjusting a charge when a user changes plans mid-cycle: credit = (days remaining / days in period) × plan price, applied as a credit or deducted from the new charge. — (first defined in QA-010)
- Prototype
- — An interactive, clickable simulation of an app's flows that lets users navigate and operate it without backend or code. — (first defined in UX-007)
- Provider vs. Deployer (EU AI Act Article 25)
- — Two roles under the AI Act; a provider builds/trains/modifies an AI system or puts their name on it; a deployer uses a third-party AI system—repurposing it to high-risk makes the deployer a provider. — (first defined in CMP-006)
- Provisioning (seller account)
- — The process of onboarding a seller by collecting identity, bank details, and setting up a payment processor account. — (first defined in BE-019)
- Provisioning profile
- — An iOS certificate that binds an app's bundle ID, signing certificate, enabled capabilities (push, IAP, App Groups), and allowed devices together to allow installation. — (first defined in SHIP-005)
- Pseudo-localization
- — A test technique that lengthens strings by 30-40% and adds accents to simulate translation, used to catch layout clipping and hardcoded text before any real translator exists. — (first defined in I18N-001)
- Pseudonymization
- — Replacing direct identifiers (name, email) with hashes or other non-identifying tokens, keeping the key separate; the data remains personal data if re-identification is possible. — (first defined in PRV-002)
- public client
- — An OAuth 2.0 client that has no server-side secret and runs on the user's device (like a desktop or mobile app), relying on PKCE instead of a secret for security. — (first defined in DSK-005)
- Pull request (PR)
- — A request to merge changes from a branch into main, with automated checks and peer review, the standard gate before code reaches production. — (first defined in ENV-010)
- Purpose limitation
- — The rule that once data is collected for a specific purpose, it cannot be reused for a different purpose without a new legal basis and, where required, explicit consent. — (first defined in PRV-002)
- Push protection
- — A mechanism that blocks a commit from being pushed to a repository if it contains a recognized secret or credential. — (first defined in SEC-008)
Q
- QSBS (Qualified Small Business Stock)
- — A class of stock in a C-corp held for five or more years that can exempt the greater of $15M (post-July 2025) or 10x basis of federal capital gains when sold, provided the company meets IRS criteria. — (first defined in FUND-001)
- Qualified referral
- — A referred user who not only signed up but also activated (first core action) or paid, distinguishing real conversions from vanity installs. — (first defined in ITER-006)
- Quantization
- — Reducing the precision of model weights (e.g., INT4 or INT8 instead of FP16) to decrease model size and inference cost with minimal quality loss. — (first defined in AI-010)
- Query deduplication
- — A mechanism that prevents multiple identical in-flight network requests, ensuring only one request is sent and the result is shared among all subscribers. — (first defined in MOB-003)
- Query guardrail
- — Cost and performance caps (e.g., maximum_bytes_billed on BigQuery, STATEMENT_TIMEOUT on Snowflake) that prevent unbounded queries from running up bills or crashing. — (first defined in ITER-009)
- Quiet hours
- — A time window (usually evening to early morning) during which non-urgent notifications are suppressed, defaulting to local timezone rather than UTC. — (first defined in ETH-003)
R
- R8 / ProGuard
- — Android's code obfuscation and optimization tools; R8 is the default modern replacement that requires uploading a mapping file for crash symbolication. — (first defined in MOB-011)
- Race condition
- — A timing hazard where two operations compete unexpectedly, such as a client-side change syncing at the same moment the server changes the same data. — (first defined in UX-002)
- RACI (Responsible, Accountable, Consulted, Informed)
- — A matrix assigning decision authority and accountability for each control or domain, ensuring clarity on who owns what as a team scales. — (first defined in SCA-010)
- RAG (retrieval-augmented generation)
- — An AI technique where an LLM receives retrieved relevant documents or data as context before generating an answer, grounding the response in factual sources. — (first defined in DOC-004)
- Rate limiting
- — A quota on how many requests a given identity (IP, user, API key) may make per time window. — (first defined in ARC-022)
- Raw-event export
- — Scheduled batch output of raw event data to object storage (S3, GCS) or a data warehouse for ownership and long-term retention. — (first defined in ARC-020)
- RBAC (Role-Based Access Control)
- — A security model where permissions are assigned to defined roles (editor, viewer, admin) and users inherit permissions through their assigned roles, rather than granting permissions individually. — (first defined in DOC-005)
- Reach (distinct users)
- — In crash triage, the count of individual users affected by a crash type over a time period, used to determine if a bug is widespread. — (first defined in OPS-002)
- Read-committed (transaction isolation)
- — A database isolation level where concurrent transactions don't see each other's uncommitted changes, preventing most race conditions without blocking. — (first defined in BE-018)
- Readiness probe
- — A health check that verifies whether a service is ready to serve traffic (including dependency checks) to determine whether a platform should route requests to it. — (first defined in BE-002)
- Reading order
- — The sequence in which a screen reader traverses elements; must match visual/logical flow, not DOM order scrambled by flexbox reversal or absolute positioning. — (first defined in A11Y-002)
- Real-database integration test
- — An integration test that runs against an actual database (not mocked) to verify that data persists and business logic operates on real stored state. — (first defined in TST-001)
- Real-time architecture
- — The mechanism by which clients learn of changes—via WebSockets, Server-Sent Events, or a managed service—without repeatedly polling, enabling features like presence and live updates. — (first defined in ARC-013)
- Real-time launch monitoring
- — Keeping a live, human-watched dashboard on client crash rates, backend error rates, latency, and resource usage during the first hours after launch to enable fast mitigation. — (first defined in LAU-002)
- ReBAC (Relationship-Based Access Control)
- — An authorization model (also called Zanzibar model) where permissions are derived from explicit relationships between users, teams, and resources (e.g., group membership, sharing). — (first defined in BE-004)
- Rebuild (feature disposition)
- — A deliberate architectural choice to take a shortcut in v1 (e.g., manual sync, password-only auth) with the intention to rearchitect it differently in v2+. — (first defined in META-004)
- Reconciliation
- — A scheduled job that polls external processors to detect and heal disagreement between local and remote entitlement state. — (first defined in ARC-023)
- Record of Processing Activities (RoPA)
- — A required catalog documenting every category of personal data collected, its purpose, where it is stored, retention period, and who can access it. — (first defined in PRV-001)
- Red-teaming
- — Adversarial testing that deliberately attacks an AI feature to surface jailbreaks, prompt injection, sensitive-info disclosure, and unsafe outputs before users find them. — (first defined in QA-009)
- Reduce-motion (or prefers-reduced-motion)
- — An operating system and browser setting that disables non-essential animations for users who experience motion sickness or vestibular sensitivity; apps must honor this setting. — (first defined in UI-007)
- Redundancy rule
- — The accessibility principle that an interface state must be signaled by color AND icon AND text together, never by color alone, so it is legible to users with color blindness. — (first defined in UI-010)
- Referee code-entry
- — An explicit signup field accepting the referral code; necessary because iOS doesn't pass query strings to fresh App Store installs, so code-entry is the fallback attribution path. — (first defined in MOB-022)
- Referral code
- — A short, stable identifier (e.g., ABC123) that encodes the referrer's ID; survives being typed, pasted, transcribed better than long parameter-laden URLs. — (first defined in MOB-022)
- Referral cohort quality
- — The retention and lifetime value of users acquired via referral, measured separately from other channels to assess whether referred users are genuinely higher-quality. — (first defined in GTM-012)
- Referral graph
- — The backend data structure that stores the relationships between referrers and referred users, enabling attribution of signups to their source and computing referral metrics like k-factor. — (first defined in GRO-011)
- Referral loop
- — A mechanism where users share a unique link or code to recruit others, often with rewards for successful referrals. — (first defined in GTM-003)
- Referral payback period
- — The time it takes a referred user to generate enough margin to cover the acquisition incentive cost paid for the referral; typically measured in weeks, with under 8 weeks considered healthy. — (first defined in GRO-011)
- Reflow
- — The ability of a layout to adapt when text is resized or the viewport is zoomed; WCAG 2.2 requires content to remain usable when text is enlarged to 200% without horizontal scrolling. — (first defined in A11Y-004)
- Refresh token rotation
- — A security mechanism where each use of a refresh token issues a new one, so a compromised token expires after one use. — (first defined in XP-002)
- Refund policy
- — Your written statement describing how users can request refunds and whether you or the platform processes them. — (first defined in SHIP-011)
- Refusal (AI safety)
- — When an AI model declines to answer a prompt, returning an empty response with stop_reason='refusal' rather than generating potentially harmful output. — (first defined in BE-020)
- Region gate (availability gate)
- — A configuration flag per region that controls whether payment checkout and other region-dependent features are available, allowing quick enable/disable without a code deploy. — (first defined in I18N-007)
- Regression testing
- — Testing to ensure that new changes do not break functionality that previously worked. — (first defined in TST-003)
- Rejection (app review)
- — A refusal by the app store to approve your submission, which sends the build back for fixes and requires a new submission and review cycle. — (first defined in SHIP-008)
- Release cooldown window
- — A deliberate 3–7 day delay before automatically merging a non-security dependency update, allowing time for a malicious or compromised package to be discovered and yanked before it reaches your build. — (first defined in SEC-005)
- Release criteria
- — The explicit, written bar a build must clear before shipping, combining automated gates (tests, security, coverage) and human sign-off on real devices. — (first defined in QA-011)
- Release sign-off
- — A named person's explicit approval that a build is safe to ship, confirmed by a written record with evidence of blocker checks. — (first defined in TST-010)
- Relying-party ID (RP ID)
- — A domain/app identifier that binds a passkey credential to one application, requiring consistent configuration across iOS and Android for multi-device enrollment. — (first defined in XP-002)
- Remediation time
- — How long it takes to pivot or fix a decision if an underlying external fact changes—e.g., framework version changes are quick; legal compliance reshuffles are slow. — (first defined in META-005)
- Remote Cache (Turborepo)
- — A shared cache server (hosted by Vercel or self-hosted) that stores task outputs across the team so a rebuild in CI can reuse a teammate's artifact. — (first defined in ENV-006)
- Remote config
- — Configuration values (prices, URLs, timeouts, copy) delivered to clients at runtime without requiring a rebuild. — (first defined in ARC-018)
- Repeat-infringer policy
- — A published, enforced rule terminating user accounts that repeatedly post copyright-infringing content; required for DMCA safe harbor and must be actually implemented, not just written. — (first defined in LEG-006)
- Repeat-infringer termination policy
- — A documented rule stating that accounts posting infringing content will be terminated after N violations, and actual enforcement of that rule by logging violations and terminating at the threshold—"reasonably implemented" enforcement is what the law requires, not just a policy on paper. — (first defined in CMP-010)
- Report affordance
- — A visible button or menu option allowing users to report abuse, spam, or harmful content in-app. — (first defined in UX-010)
- Reporter-side mute
- — An automatic, reversible action that hides reported content only for the person who reported it, without making any global removal decision. — (first defined in ETH-005)
- Request gating (Playwright)
- — Using
page.route()to hold a specific HTTP request until another completes, forcing a deterministic order for race conditions. — (first defined in XP-005) - Required-reason API
- — iOS APIs (file timestamps, UserDefaults, disk space, system boot time, keyboard activity) whose use must be declared in the privacy manifest with an Apple-approved reason code. — (first defined in MOB-008)
- Reserved concurrency
- — A pre-allocated limit on simultaneous serverless function invocations that acts as a hard ceiling to prevent cost explosion from uncontrolled scaling. — (first defined in FIN-002)
- Residency region (data residency)
- — The geographical region where personal data is physically stored (e.g., us-east-1 or eu-central-1), governed by regulatory and contractual requirements. — (first defined in PRV-007)
- Responsive design (or adaptive layout)
- — The approach of designing layouts that reflow and reorganize across different screen sizes and orientations, using breakpoints or flexible containers. — (first defined in UI-004)
- REST
- — Resource-oriented HTTP API where endpoints represent nouns (users, posts) and HTTP verbs express actions (GET, POST, PATCH, DELETE). — (first defined in ARC-003)
- Retained contractor
- — A contractor on a standing monthly engagement (typically 10–15 hours per week), providing continuity and long-term support without equity and without the commitment of a full-time hire. — (first defined in PPL-001)
- Retention
- — The percentage of a cohort that remains active in subsequent time periods, computed as (active users in period N) / (original cohort size). — (first defined in ANL-005)
- Retention curve
- — A plot showing what fraction of a cohort remains active N days after acquisition (e.g., D1, D7, D30), revealing product-market fit signals through its shape. — (first defined in GRO-003)
- Revealed preference
- — What users actually do when real money or effort is on the table; the most predictive signal of adoption and the basis for demand-validation tests. — (first defined in VAL-005)
- Revenue recognition
- — The accounting practice of recording revenue as it is earned (as a service is delivered) rather than when cash is received, governed by ASC 606 (US) and IFRS 15 (global). — (first defined in PAY-015)
- Revenue-based financing (RBF)
- — A funding mechanism where investors advance capital against future revenue, repaid as a percentage (typically 5–10%) of monthly revenue until a cap is reached, carrying effective APR of 30–50%. — (first defined in FUND-004)
- RevenueCat
- — A managed service that normalizes App Store, Google Play, and Stripe receipts into a unified entitlement API, handling webhook dedup and cross-platform entitlement sync. — (first defined in PAY-004)
- Reverse charge
- — A VAT/GST mechanism for B2B sales where the buyer (not the seller) accounts for tax when the buyer has a valid tax ID; the seller invoices at 0% tax. — (first defined in PAY-014)
- Reverse trial
- — A monetization model where users access full value first and encounter the paywall or account requirement only after experiencing value. — (first defined in UX-005)
- Reverse-ETL
- — A pattern that takes audience segments or metric outputs computed in a warehouse and pushes them back to operational systems (email, ads, CRM) for activation. — (first defined in ANL-003)
- Review-bombing
- — A coordinated or clustered spike in negative reviews (often 1-star ratings) that distorts an app's store rating, usually from a bot run or competitor action. — (first defined in OPS-004)
- Rewarded video
- — An ad format where the user opts in to watch a video advertisement in exchange for in-app currency or progression; user-initiated and retention-neutral. — (first defined in PAY-018)
- RICE scoring
- — A prioritization formula that ranks features by Reach (users affected) × Impact (per-user value) × Confidence (certainty of estimates) / Effort (team-weeks to ship). — (first defined in META-004)
- Right of access / Right to access and portability
- — A GDPR (Art. 15) and CCPA right allowing users to request a copy of all personal data a company holds about them in a structured, machine-readable format. — (first defined in CMP-003)
- Right of erasure / Right to be forgotten
- — A GDPR (Art. 17) and CCPA/CPRA right allowing users to request deletion of their personal data, with certain exceptions for legal holds and necessary retentions. — (first defined in CMP-003)
- Risk assessment (cybersecurity)
- — A documented analysis of threats, attack vectors, assets at risk, and mitigating controls, required for CRA technical-file conformity. — (first defined in SHIP-014)
- Rive (animation runtime)
- — A cross-platform animation and interactive graphics runtime with a visual editor, state-machine support, and native SDKs for iOS, Android, Flutter, React Native, and web. — (first defined in UI-007)
- RLS (row-level security)
- — Database policies that enforce authorization at the row level, preventing users from accessing rows outside their permissions even with a leaked token. — (first defined in ARC-004)
- Roadmap
- — A short (2–6 week) forward look of sequenced work, split into now (this week), next (2–4 weeks), and later (rough), with a one-line why and done-when for each item. — (first defined in STR-007)
- ROAS (Return On Ad Spend)
- — The ratio of revenue generated by a paid campaign to the cost of that campaign; a 3:1 ROAS means $300 revenue from $100 spend. — (first defined in GRO-006)
- Rollback
- — The process of reverting a service or database to its previous known-good state after a bad release or change, undoing the failure without manual repair. — (first defined in DOC-003)
- Rollback trigger
- — A pre-decided numeric red-line (e.g., crash-free below X%) that, if crossed, automatically means halt and execute the rollback procedure with no debate. — (first defined in LAU-005)
- Rolling deployment (or rolling update)
- — A zero-downtime deployment where new containers replace old ones incrementally behind a load balancer, draining old instances gracefully rather than cutting over at once. — (first defined in ARC-016)
- Rolling reserve
- — A percentage of seller payouts withheld by the payment processor to cover chargebacks, released when disputes age out. — (first defined in BE-019)
- Rolling window
- — Pooling samples across multiple days (e.g. 7 days) to compute a statistically meaningful pass-rate with proper confidence intervals. — (first defined in AI-017)
- ROSCA (Restore Online Shoppers' Confidence Act)
- — The federal US statute (15 U.S.C. § 8401 et seq.) governing negative-option (auto-renewal) marketing online; requires clear disclosure, informed consent, and simple cancellation. — (first defined in CMP-008)
- Rotating refresh token
- — A token-refresh pattern where each use of a refresh token returns a new refresh token, reducing the window for token reuse attacks. — (first defined in MOB-005)
- RPO (Recovery Point Objective)
- — The maximum tolerable data loss, measured in time; an RPO of one hour means accepting the loss of up to one hour of writes if disaster strikes. — (first defined in ARC-016)
- RPU (revenue per user)
- — The average revenue generated per user, typically measured monthly (ARPU) or across lifetime (LTV); the primary output optimized through paywall and pricing experiments. — (first defined in GRO-012)
- RTL (right-to-left) layout
- — Mirroring the entire interface design—navigation, buttons, spacing, reading order—for languages like Arabic, Hebrew, Persian, and Urdu that read from right to left. — (first defined in I18N-003)
- RTO (Recovery Time Objective)
- — The maximum tolerable time to restore service after an outage, measured from failure detection to full recovery. — (first defined in ARC-016)
- Rubber-stamping
- — A reviewer approving decisions at >95% rate without genuine deliberation, indicating the human review loop has broken. — (first defined in AI-018)
- RUM (Real User Monitoring)
- — Passive measurement of actual users in production to capture real-world latency, errors, and performance that synthetic load tests cannot reproduce. — (first defined in QA-004)
- Runbook (operational runbook)
- — A step-by-step, checklist-driven procedure for executing a high-stakes operational event like a deploy, rollback, or incident recovery, with expected output at each step so execution succeeds even under stress. — (first defined in DOC-003)
- Runtime permission
- — An Android mechanism (since API 23) requiring the app to request dangerous permissions at runtime rather than merely declaring them in the manifest. — (first defined in MOB-008)
- Runway
- — The number of months a company can operate at its current burn rate before exhausting its cash reserves; calculated as total cash available divided by monthly spending. — (first defined in PPL-004)
S
- S2S (server-to-server) postback
- — A webhook that an MMP sends to your backend with attributed install data, verified by HMAC signature, so you can reconcile installs with revenue. — (first defined in ANL-007)
- SaaS bill
- — The transparent, credit-card–visible cost of a managed service, contrasted with hidden operational labor costs. — (first defined in FIN-003)
- SAFE (Simple Agreement for Future Equity)
- — A standardized, investor-friendly instrument that defers valuation to a future priced round or exit, converting to equity at that point; the dominant pre-seed/seed instrument. — (first defined in FUND-005)
- Safe areas (insets)
- — Screen regions protected by the OS (notches, home indicators, Dynamic Island) where an app must not draw interactive content; read as insets (top, bottom, left, right) and applied to fixed UI. — (first defined in MOB-013)
- Safe harbor (§512)
- — A conditional legal shield under the Digital Millennium Copyright Act that protects online platforms from liability for user copyright infringement when they meet specific requirements including agent registration and repeat-infringer enforcement. — (first defined in LEG-006)
- Safe mode (AI safe mode)
- — A graceful fallback when an AI provider is unavailable or producing refusals, serving a cached response, template, or human escalation instead. — (first defined in OPS-010)
- Safe-harbor pledge
- — A written promise from an organization not to pursue legal action against good-faith security researchers who follow the disclosure policy. — (first defined in SEC-011)
- safeStorage
- — An Electron API that encrypts and stores sensitive strings (like tokens) using the operating system's native vault—DPAPI on Windows, Keychain on macOS, libsecret on Linux. — (first defined in DSK-005)
- Safety-by-design
- — Embedding report, block, and mute affordances into a UGC product before launch, with an auditable queue and a minimal automated floor for when humans are unavailable. — (first defined in ETH-005)
- SAM (Serviceable Addressable Market)
- — The slice of TAM you can actually reach given your product, platform, geography, and go-to-market capabilities. — (first defined in VAL-002)
- Sampling (observability)
- — Recording only a percentage of events (like 10% of requests) to keep data volume manageable without losing visibility on critical issues. — (first defined in BE-013)
- Sandbox
- — An isolated testing environment (e.g., Stripe test mode, App Store sandbox) where transactions don't use real money, but has limits like time compression and no SCA emulation. — (first defined in QA-010)
- Sanitization
- — The act of removing or neutralizing dangerous characters from user input so that it can be safely stored or displayed without causing an injection attack. — (first defined in SEC-007)
- SAQ (Self-Assessment Questionnaire)
- — A compliance questionnaire whose size and audit burden depend on whether your systems directly handle card data: SAQ A (fully hosted, ~20 questions), SAQ A-EP (embedded fields, ~self-assessed), or SAQ D (raw cards, 300+ questions + third-party auditor). — (first defined in PAY-002)
- SAST (Static Application Security Testing)
- — Automated code scanning that detects potential security vulnerabilities and code-quality issues without running the application. — (first defined in META-006)
- SBOM (Software Bill of Materials)
- — A structured inventory of all dependencies and components in your codebase, generated by tools like Syft, used to track licenses and security vulnerabilities. — (first defined in META-006)
- SCA (software composition analysis)
- — Scanning of project dependencies and third-party libraries for known vulnerabilities and outdated packages. — (first defined in SEC-008)
- Scenario modeling
- — Building multiple coherent financial forecasts (base/downside/upside) that differ by key assumptions (growth, churn), showing the range of possible outcomes rather than predicting a single future. — (first defined in GRO-013)
- Schema seam
- — An early schema affordance (like server timestamps or soft-delete markers) added to v1 even if not used, to make retrofitting a future feature (like sync) cheap instead of requiring a backfill migration. — (first defined in META-004)
- Schema validation
- — The process of checking that structured input (JSON, form data) matches a predefined shape and type specification, and rejecting any data that does not conform. — (first defined in SEC-007)
- Schema versioning / API versioning
- — Maintaining backward-compatible changes to data structure and API contracts so old clients continue to work when the backend evolves. — (first defined in SCA-006)
- Schema-shape test
- — A fast test that asserts an API response contains required fields with expected types, without mocking. — (first defined in TST-003)
- Schrems II
- — A 2020 EU court ruling that struck down the Privacy Shield and established that SCCs alone are insufficient for legal transfers without supplementary safeguards. — (first defined in PRV-007)
- Scoped storage
- — An Android privacy model (API 30+) restricting direct filesystem access and requiring apps to use system pickers or scoped directories, replacing broad READ_EXTERNAL_STORAGE. — (first defined in MOB-008)
- Screen inventory
- — A queryable table listing every screen in your app with its purpose, inputs, outputs, key states, and navigation connections. — (first defined in UX-001)
- Screen reader
- — Assistive software (VoiceOver on iOS/macOS, TalkBack on Android, NVDA or JAWS on Windows) that converts visual UI into speech and/or braille for users with low or no vision. — (first defined in A11Y-003)
- Screenshot captions (OCR-indexed)
- — Text overlaid on store screenshots that Apple now extracts via optical character recognition and uses for both conversion and ranking signals. — (first defined in SHIP-001)
- SDLC (Secure Software Development Lifecycle)
- — A development process that integrates security practices throughout the entire lifecycle—from design, through code review and testing, to deployment—rather than bolting security on after release. — (first defined in SEC-004)
- Secret rotation
- — The practice of replacing old, long-lived credentials with new ones on a schedule or after suspected compromise to limit how long a leaked secret remains valid. — (first defined in SEC-003)
- Secret scanning
- — Automated detection of credentials (API keys, database passwords, tokens) accidentally exposed in code and commits, typically run in CI or as a pre-commit hook so secrets never reach version control. — (first defined in SEC-008)
- Section 230 immunity (CDA §230)
- — US law protecting online platforms from liability for third-party content (defamation, harassment) but explicitly not covering copyright; distinct from DMCA safe harbor. — (first defined in LEG-006)
- Section 508 (US federal)
- — US law requiring federal agencies and their contractors to meet WCAG accessibility standards; distinct from Title III (which covers private businesses). — (first defined in A11Y-001)
- Section 8 Declaration (trademark maintenance)
- — A required filing between years 5 and 6 after trademark registration, proving the mark is still in use; missing this deadline causes automatic cancellation regardless of the 10-year renewal. — (first defined in LEG-003)
- Secure Enclave / TEE (Trusted Execution Environment)
- — Hardware-isolated processor on iOS and Android that performs cryptographic operations; keys never leave it, providing the strongest protection for secrets. — (first defined in MOB-019)
- security.txt
- — A standardized text file published at
/.well-known/security.txtthat contains a security contact and vulnerability disclosure policy for a domain. — (first defined in SEC-011) - Seed data
- — Initial, canonical records in a database used for development and testing, providing a known starting state. — (first defined in ENV-012)
- Segment
- — The underlying group of users, defined by behavior or attributes, that a persona represents. — (first defined in VAL-004)
- Self-serve B2B (Teams tier)
- — A productized business offering with seat-based pricing and online checkout, allowing small teams to buy without a sales call, contrasted with a sales-motion-driven enterprise model. — (first defined in GTM-016)
- Self-validation trap
- — A failure mode where an AI agent writes both code and tests that prove it works, encoding the same wrong assumption in both so tests pass while the behavior is incorrect. — (first defined in QA-001)
- Semantic HTML
- — Using native HTML elements (
<button>,<nav>,<label>,<input>) instead of generic<div>with ARIA, so screen readers and keyboards work without manual wiring. — (first defined in A11Y-002) - Semantic Layer (dbt)
- — A dbt feature that defines metrics in YAML (not the BI tool's UI), serving them to BI tools so metrics are version-controlled and testable. — (first defined in ITER-009)
- Semantic layout (leading/trailing / start/end)
- — A layout approach using logical directional properties that automatically mirror for RTL languages, rather than hardcoding left/right. — (first defined in MOB-012)
- Semantic tokens (or semantic naming)
- — Design tokens named by their role or purpose (e.g., 'surface', 'text-primary') rather than appearance, so the same token resolves to different values in light and dark themes. — (first defined in UI-006)
- Semantic Versioning
- — A versioning scheme using three numbers (MAJOR.MINOR.PATCH) where MAJOR signals breaking changes, MINOR signals backward-compatible features, and PATCH signals bug fixes — enabling automated tool decisions about compatibility. — (first defined in DOC-002)
- Semgrep
- — An open-source SAST tool using simple YAML rules to detect vulnerable patterns in source code across multiple programming languages. — (first defined in SEC-008)
- Semi-structured interview
- — An interview format with a set of open prompts and follow-up triggers, allowing you to compare across interviews while remaining responsive to what the user raises. — (first defined in VAL-005)
- Sensitive data (CCPA/CPRA)
- — Personal information categories (precise geolocation, health, biometrics, Social Security number) that receive stricter opt-in/restricted-use protections under California privacy law. — (first defined in CMP-003)
- Sensitivity analysis
- — A modeling technique that isolates which single assumption or input most dramatically affects an outcome (like runway), revealing the binding constraint that actually determines survival. — (first defined in GRO-013)
- Sentiment routing
- — Offering dissatisfied users an easy private feedback path (not withholding the store-review option) without using sentiment as a deceptive gate. — (first defined in ITER-008)
- Sentry
- — An error-monitoring platform that captures crashes and errors across mobile, desktop, and backend with environment segmentation and alerting. — (first defined in TST-007)
- Sequential statistics (or always-valid statistics)
- — A statistical method that lets you peek at test results as data arrives and stop early without inflating false-positive rates, unlike naive peeking. — (first defined in ITER-002)
- Series A
- — An institutional venture capital funding round that typically requires $5M+ ARR for consumer apps and follows early traction (angel/seed rounds). — (first defined in FUND-004)
- Server state vs. client state
- — A separation where server state is data cached from the backend and client state is ephemeral UI-only data, requiring different management tools and lifecycle handling. — (first defined in MOB-003)
- Server-Sent Events (SSE)
- — A one-directional persistent connection (server-to-client only) for pushing updates; simpler than WebSockets with auto-reconnect built in, ideal for feeds and notifications. — (first defined in ARC-013)
- Server-side retention
- — Retention computed from backend activity (API records) rather than client-side SDK events, removing bias from ATT/GDPR tracking opt-outs on mobile. — (first defined in ITER-007)
- Service worker
- — A small script the browser keeps running in the background to cache files and handle network requests, enabling a web app to work offline. — (first defined in META-003)
- Session replay
- — A recording of a user's session showing screen interactions, clicks, and form inputs to diagnose user friction and funnel drop-off. — (first defined in ANL-002)
- Session restore
- — The mechanism that rebuilds the app's UI on launch by reading autosaved session state, independent of whether the previous exit was a crash. — (first defined in DSK-016)
- Session revocation
- — Invalidating a user's existing session or authentication tokens immediately (e.g., after logout or role change) rather than waiting for expiry. — (first defined in BE-003)
- SEV1, SEV2, SEV3 (Severity levels)
- — A three-tier classification of incidents: SEV1 (Critical, requires immediate page), SEV2 (Major, degraded but usable), SEV3 (Minor, no real impact). — (first defined in OPS-005)
- Severity tier
- — A categorization of security findings by blast radius and data exposure impact, guiding response time and escalation (critical, high, medium, low). — (first defined in SEC-010)
- shadcn/ui
- — An open-source component library that provides copy-paste React components built on Radix primitives and Tailwind CSS, so you own the code without a dependency. — (first defined in UI-003)
- Shadow subscription
- — A recurring charge the organization has forgotten about, discovered through bank-feed review rather than active management. — (first defined in FIN-005)
- Sherlocking
- — When a platform owner (Apple, Google, or a dominant super-app) ships a user's core feature as a built-in, making a standalone app obsolete. — (first defined in VAL-003)
- Show HN
- — A Hacker News category for showing a project or product you made to the community for feedback. — (first defined in GTM-008)
- Signature counter
- — A value incremented with each passkey authentication; its check detects cloned credentials. — (first defined in ARC-005)
- Sign-off artifact
- — A dated, named record (e.g., RELEASES.md entry) documenting what was tested, what criteria passed, who approved, and known issues, serving as the audit trail for a release. — (first defined in QA-011)
- Simulator
- — A software emulation of a device (iOS Simulator, Android Emulator) that runs on a development machine, fast and free but missing real hardware constraints like thermal throttling and network jitter. — (first defined in QA-003)
- Single-flight (request coalescing)
- — A lock-based mechanism that allows only one request to rebuild a missing cache key while others wait and re-read, preventing cache stampede. — (first defined in BE-009)
- single-instance lock
- — An OS-level gate that ensures only one instance of the app runs at a time, preventing duplicate windows and state desync when the app is launched again. — (first defined in DSK-002)
- SKAdNetwork (SKAN)
- — Apple's privacy-preserving, aggregated attribution framework that reports ad-driven conversions without IDFA; postbacks are delayed (24–144 hours) and suppressed below crowd-anonymity thresholds. SKAN 5 (iOS 19, 2026) expands conversion values to 8-bit (256 values) and requires privacy manifest declaration. — (first defined in MOB-010)
- Skeleton loading (or skeleton screen)
- — A layout-preserving placeholder that mimics the final content structure while data is loading, preventing layout shift and communicating that content is arriving. — (first defined in UI-006)
- Skeleton state (skeleton screen)
- — A dim, animated placeholder shaped like the final answer, shown while content loads; sets the eye's expectation and prevents layout shift. — (first defined in MOB-020)
- Skill-vs-chance (gambling classification)
- — The distinction in gaming law between skill-based games and games of material chance; purely skill games may avoid licensing in some states, while chance-based games require state gaming licenses. — (first defined in CMP-001)
- Skip (feature disposition)
- — A marked decision not to build a feature at all, with explicit documentation of why so future builders understand the choice rather than re-arguing it. — (first defined in META-004)
- Skip-version upgrade
- — When a user jumps from version 1.4 directly to v2.0 instead of upgrading through intervening versions (v1.5–v1.8), exposing untested migration compositions. — (first defined in QA-006)
- SLA (service-level agreement)
- — A documented commitment to response and resolution times for security reports; e.g., acknowledge within 48 hours, patch critical issues within 30 days. — (first defined in SEC-011)
- SLI (Service Level Indicator)
- — A measured property of a system such as request latency, error rate, or crash-free-session rate. — (first defined in ARC-019)
- SLO (service-level objective)
- — A specific, measurable performance target (e.g., p95 latency < 500ms, error rate < 0.5%) that gates a release and is monitored in production. — (first defined in QA-004)
- Slopsquatting
- — An attack where adversaries register typo or variant package names that agents hallucinate, then inject malicious code into those fake packages. — (first defined in META-006)
- SmartScreen (Windows)
- — Microsoft Defender's warning that triggers on unsigned or untrusted Windows applications, which kills conversion for users installing unknown-publisher apps. — (first defined in SHIP-009)
- SmartScreen reputation
- — A Windows security mechanism that warns users about freshly-signed binaries from unknown publishers until the signing identity accumulates download reputation. — (first defined in DSK-013)
- Smoke testing
- — A quick validation of the core functionality (critical paths like login, payment, core feature) before each release. — (first defined in TST-003)
- Snapshot testing
- — A testing technique that records a reference output (image, DOM structure, or serialized object) and fails if a new run produces a different output. — (first defined in QA-005)
- SOC 2 (Service Organization Control 2)
- — An audit report by a licensed CPA firm attesting that your organization's security controls are designed (Type I) or operating effectively (Type II) against the AICPA Trust Services Criteria—it is a B2B sales credential, not legally required, but enterprise procurement teams demand it. — (first defined in CMP-015)
- Soft delete
- — Marking a record as deleted (e.g., a deleted_at timestamp) without physically removing it, hiding it from normal views while allowing auditing and recovery until it is purged later. — (first defined in UX-008)
- Soft launch
- — A pre-market release of a production-quality app to a small, contained audience (closed beta or one low-stakes country) to validate product-market fit and monetization before a wide launch. — (first defined in LAU-001)
- Soft paywall
- — A freemium gating model where free users hit limits (feature access, usage count, or storage) but can continue using the app and are invited to upgrade. — (first defined in STR-003)
- Soft-ask (pre-prompt)
- — A custom in-app dialog explaining a permission or opt-in before firing the system prompt, so users pre-qualify before the one-shot system dialog. — (first defined in UX-009)
- Soft-delete marker
- — A database field (typically
deleted_at) that records when a record was logically deleted but keeps the row in the database, enabling sync layers and audit trails without physical deletion. — (first defined in META-004) - Software as a Medical Device (SaMD)
- — Software that diagnoses, treats, mitigates, or prevents a disease or condition and is subject to FDA regulatory oversight based on its intended use, not its disclaimer. — (first defined in CMP-001)
- Solution hypothesis
- — A falsifiable prediction about whether your proposed product will solve a real problem, stated as direction plus a kill-signal rather than as a guaranteed outcome. — (first defined in VAL-001)
- SOM (Serviceable Obtainable Market)
- — What you can realistically capture in your first 18–24 months given competition and your own execution capacity. — (first defined in VAL-002)
- SPDX (Software Package Data Exchange)
- — A standardized format for expressing an SBOM with emphasis on legal and licensing compliance, maintained by the Linux Foundation. — (first defined in SEC-006)
- Spend gate
- — Hard limit on token cost, checked before sending a request and downgrading the model or rejecting the request if quota is exceeded. — (first defined in AI-016)
- SPF (Sender Policy Framework)
- — A DNS record that tells mailbox providers which servers are authorized to send email from your domain. — (first defined in BE-015)
- SPKI (SubjectPublicKeyInfo)
- — The ASN.1 format that contains a certificate's public key; SPKI pinning ensures the same key pair is used across certificate renewals. — (first defined in SEC-009)
- SQL injection
- — An attack where an attacker crafts malicious SQL within user input (e.g., in a form field) so that when concatenated into a query string, the attacker's SQL executes instead of the intended query. — (first defined in SEC-007)
- SQLite
- — An embedded, single-writer SQL database library with no server overhead, ideal for client-side offline storage. — (first defined in ARC-009)
- Squash merge
- — A merge strategy that combines all commits on a feature branch into one clean commit on main, keeping history linear and bisectable. — (first defined in ENV-010)
- Stacked PRs (stacked diffs)
- — A workflow where each logical change is its own small PR, stacked on top of others, reviewed and merged bottom-up. — (first defined in ENV-010)
- Staged rollout
- — Releasing an update to a small percentage of users first (e.g., 1% → 10% → 100%) while monitoring crashes and errors before full deployment, capping the blast radius of a bad release; also called a phased or canary release. — (first defined in QA-006)
- Staged rollout halt
- — Pausing the automatic percentage advance of an app release on a store (Apple App Store or Google Play) to prevent a bad build from reaching additional users. — (first defined in LAU-003)
- Staged-[A]
- — A shipping sequence for [A] topology where the backend is designed multi-client from day one, but client surfaces ship in sequence (typically mobile first, desktop later) rather than simultaneously. — (first defined in META-002)
- Stale-while-revalidate
- — A caching strategy where cached data is served immediately to the user while a background request updates it, providing fast perceived performance while ensuring freshness. — (first defined in MOB-003)
- Standard Contractual Clauses (SCCs)
- — EU-approved pre-written contract language that legalizes the transfer of personal data outside the EEA to non-certified countries, often used as a fallback or belt-and-suspenders measure. — (first defined in PRV-007)
- State machine
- — A diagram showing all possible states a system can be in and the transitions between them, triggered by specific events. — (first defined in UX-002)
- Stated intent
- — What users say they will do in response to a question (e.g., 'Would you pay $X?'); systematically biased high compared to revealed preference. — (first defined in VAL-005)
- Statement of Applicability (ISO 27001)
- — A document listing each ISO control and stating whether it is implemented, planned, or not applicable with justification; a required artifact of ISO certification. — (first defined in SCA-010)
- Statement of reasons
- — A required notice informing a user when their content is removed or account suspended, explaining which policy was violated and whether automation was involved. — (first defined in ETH-005)
- Static host / CDN
- — Cloud infrastructure serving files directly without a backend database, used for hosting legal pages and marketing sites with high uptime. — (first defined in SHIP-010)
- Statistical power
- — The probability that an A/B test will detect a true effect of a given size; standard practice requires 80% power, but small apps often lack traffic to reach it. — (first defined in ANL-006)
- Status page
- — A public-facing page showing your app or service's current operational status and any ongoing incidents, reducing support load during outages. — (first defined in SHIP-011)
- Stickiness (DAU/MAU ratio)
- — The ratio of daily to monthly active users, indicating what fraction of monthly users return on an average day, with >20% signaling habit formation. — (first defined in GRO-004)
- Stop reason (refusal)
- — A signal indicating the model declined to answer (e.g., stop_reason='refusal'), checked structurally rather than by parsing text. — (first defined in ARC-024)
- Store IAP (In-App Purchase)
- — The Apple App Store and Google Play's built-in payment mechanism, which handles local payment methods and consumption tax collection for apps. — (first defined in SCA-005)
- StoreKit 2
- — Apple's modern in-app purchase framework that issues JWS-signed Transaction and AppTransaction objects validated against the App Store Server API; replaces legacy on-device receipt validation. — (first defined in PAY-016)
- Story mapping
- — A technique that lays out a user journey on one axis and feature capabilities on another, then slices vertically into thin, independently shippable stories that each traverse all layers. — (first defined in STR-006)
- Storybook
- — An open-source tool for developing, documenting, and visually testing UI components in isolation, with support for multiple frameworks and add-ons for visual regression and interaction testing. — (first defined in UI-003)
- Streaming (SSE / Server-Sent Events)
- — Server-side delivery of tokens one-by-one as they're generated; client renders partial output immediately (time-to-first-token) instead of waiting for completion. — (first defined in MOB-020)
- STRIDE
- — A framework for threat identification that prompts you to ask six questions at each trust boundary: can someone Spoof identity, Tamper with data, Repudiate an action, leak Information, Deny service, or Elevate privilege? — (first defined in SEC-001)
- String Catalog (.xcstrings)
- — An Xcode file format for managing localized strings with built-in support for plurals and per-locale variants, the modern iOS default. — (first defined in MOB-012)
- Structural inclusion
- — Design with no ability, language, culture, age, or device assumptions baked in, allowing users to succeed without requiring them to overcome unnecessary barriers. — (first defined in ETH-002)
- Structured logging
- — Emitting logs as machine-readable JSON with fixed fields (timestamp, level, request ID, user ID) instead of free-form text, enabling querying and analysis. — (first defined in OPS-001)
- Structured output
- — An API feature (also called constrained decoding) that forces an LLM's response to conform to a defined JSON schema, guaranteeing valid, machine-consumable output that cannot escape your rules. — (first defined in AI-010)
- Style Dictionary
- — An open-source tool that transforms design tokens in DTCG JSON format into platform-specific outputs (CSS variables, Swift, Kotlin, Dart) so one token source feeds all clients. — (first defined in UI-003)
- Sub-processor
- — A vendor engaged by a processor (your processor's vendor) to handle personal data on their behalf; you must be notified of changes and can object. — (first defined in PRV-008)
- Subscription Group (iOS)
- — An iOS IAP container that holds multiple subscription tiers so a user can hold only one active subscription per group; handles tier upgrades/downgrades and cancellation rules. — (first defined in SHIP-007)
- Substitute competitors
- — The manual workaround, the spreadsheet, pen and paper, or 'do nothing'—the free solution users currently rely on instead of a purpose-built product. — (first defined in VAL-003)
- Supply-chain attack
- — An attack that compromises a dependency or library so that when developers install it, they inherit a vulnerability or malware that reaches production. — (first defined in SEC-005)
- Supply-chain compromise / Software supply-chain security
- — An attack on a dependency or build tool that lets an attacker inject malicious code into downstream users' applications. — (first defined in BE-021)
- Suppression (email/push)
- — Permanently blocking a contact from receiving messages due to hard bounce, complaint, or explicit unsubscribe, ensuring mail is never re-sent to an invalid address. — (first defined in GTM-011)
- Survivor bias
- — A measurement error where event loss from crashes, consent opt-outs, or data gaps causes retained users to appear healthier than reality because the denominator is silently reduced. — (first defined in ANL-005)
- SUTVA (stable unit treatment value assumption)
- — A statistical assumption that one user's experience is independent of another's; violated in social/marketplace products where users affect each other. — (first defined in ANL-006)
- Switching cost
- — The total friction a user faces leaving the incumbent product, including procedural (time to learn new UI), relational (social graph, community), technical (data lock-in), and contractual barriers. — (first defined in VAL-007)
- Syft
- — An open-source tool that scans source code or packaged binaries to generate a Software Bill of Materials automatically. — (first defined in BE-021)
- Symbolication
- — The process of converting obfuscated binary memory addresses in a crash trace back to human-readable method names, filenames, and line numbers. — (first defined in MOB-011)
- Synthetic control
- — A statistical method that builds a counterfactual prediction of what would have happened without an intervention by combining data from untreated regions or time periods. — (first defined in GRO-009)
- Synthetic data
- — Artificially generated training examples, often used to avoid real personal data in fine-tuning. — (first defined in AI-011)
- Synthetic monitoring
- — Automated probes that actively test applications from controlled locations on a schedule after deployment, measuring availability and performance from user perspective. — (first defined in QA-004)
- SynthID
- — Google's imperceptible watermark embedded in generated images, audio, and video that survives compression and transcoding. — (first defined in AI-015)
T
- Tail coverage (insurance)
- — Extended reporting-period insurance that continues claims-made coverage for a set period (typically 1–3 years) after a policy ends, protecting claims filed post-cancellation. — (first defined in LEG-004)
- Tail-based sampling
- — Retaining all error and slow traces while sampling only a fraction of routine fast traces, capturing incidents without wasting budget. — (first defined in ARC-019)
- TalkBack
- — Google's built-in screen reader for Android; uses gestures to navigate and announce screen content to blind and low-vision users. — (first defined in A11Y-003)
- TAM (Total Addressable Market)
- — The theoretical annual revenue if every person who could use your product bought it at full price. — (first defined in VAL-002)
- Tamper-resistant store
- — A log or data store (such as S3 with Object Lock) that cannot be edited or deleted by application code or database users even if their credentials are compromised. — (first defined in PRV-009)
- Target API level
- — The minimum Android API version that an app must target to be accepted on Google Play, a requirement that increases annually. — (first defined in OPS-006)
- Task orchestrator (Turborepo, Nx)
- — A build tool that caches task outputs and runs only affected packages, avoiding rebuilds of unchanged code in a monorepo. — (first defined in ENV-001)
- Task scenario
- — A realistic goal-based instruction for a usability test (e.g., 'Find and start the paid trial') without revealing how to do it. — (first defined in TST-006)
- TCF (Transparency & Consent Framework)
- — Standard for recording and communicating GDPR consent; a certified CMP following TCF is required to serve personalized ads to EEA/UK users. — (first defined in MOB-023)
- TDD (Test-Driven Development)
- — A development methodology where you write failing tests first, then implement code to make them pass, inverting the usual code-then-test order. — (first defined in META-006)
- TDM (Text and Data Mining) reservation
- — A copyright opt-out signal (X-Robots-Tag, robots.txt) that creators can set to indicate AI training is not permitted. — (first defined in AI-011)
- Temp-ID remapping
- — Substituting a client-generated temporary ID with the server's authoritative ID after creation; necessary for ordered mutations where a child references a parent's temp ID. — (first defined in MOB-018)
- Terraform / OpenTofu
- — Tools for declaring cloud infrastructure in HCL, supporting multi-cloud provisioning with state management and plan/apply workflow. — (first defined in ENV-011)
- Terraform state
- — A file (local or remote) that tracks the current infrastructure and its resource IDs, used by Terraform to plan changes and detect drift. — (first defined in ENV-011)
- Test clock
- — A Stripe testing tool that advances the processor's internal time without waiting, allowing realistic renewal and proration scenarios to be tested in seconds. — (first defined in QA-010)
- Test container
- — An ephemeral real service (Postgres, Redis) spun up in Docker for integration tests, torn down after the suite runs. — (first defined in ENV-012)
- Test fixture
- — Per-test data setup, often derived from seed data but customized for the specific test case. — (first defined in ENV-012)
- Test isolation
- — The mechanism ensuring one test's writes do not corrupt the next test's starting state, typically via truncation, transaction rollback, or database branching. — (first defined in ENV-012)
- Test pyramid
- — A testing strategy structure with a wide base of fast unit tests, a middle layer of integration tests, and a narrow tip of slow end-to-end tests, reflecting the trade-off between test speed and breadth of coverage. — (first defined in QA-001)
- TestFlight
- — Apple's beta distribution platform for iOS apps, allowing testing by up to 10,000 external users with automatic crash and crash-free rate reporting. — (first defined in TST-007)
- Text expansion
- — The phenomenon that translated strings are usually longer or shorter than source English—German and French run 20-35% longer, while Chinese and Japanese often shrink to 50-70% of source length. — (first defined in I18N-003)
- Text-expansion overflow
- — A localization failure where translated strings (often 20–40% longer than English) cause UI elements to clip or break layout. — (first defined in TST-005)
- Thematic saturation
- — The point in qualitative research where new interviews stop surfacing new themes; typically reached around 8–12 interviews for a homogeneous sample. — (first defined in VAL-005)
- Third normal form (3NF)
- — A database design where every fact exists in only one place, eliminating data redundancy through foreign keys and constraints. — (first defined in ARC-002)
- Thread (in the grid model)
- — One of 15 continuous disciplinary concerns (security, privacy, payments, analytics, etc.) that start early and run through every phase of a build, used to trace dependencies across the entire product lifecycle. — (first defined in META-001)
- Threat modeling
- — A practice of systematically identifying how an attacker could abuse your app by drawing trust boundaries, listing potential attacks, and deciding whether to accept, mitigate, or eliminate each one. — (first defined in SEC-001)
- Tiering (content moderation tiers)
- — Classification of content by harm and reversibility (T0 auto-reject, T1 model + human on disagreement, T2 human before irreversible action, T3 senior + audit). — (first defined in OPS-011)
- Time-to-first-token (TTFT)
- — The latency from when a user submits a request to when the first token of a streamed response appears on the client; a better measure of perceived speed than total completion time. — (first defined in AI-004)
- Time-to-throwaway
- — The speed at which you can get a clickable artifact in front of users; low-code's core superpower but not sufficient for a product you intend to keep. — (first defined in VAL-011)
- Timezone-aware sending
- — Scheduling messages to deliver at a consistent local time for each user based on their geography or time zone, improving open rates vs. server-time scheduling. — (first defined in GTM-011)
- TLS (Transport Layer Security)
- — The cryptographic protocol that encrypts data in transit between client and server (the security layer behind HTTPS) so a network eavesdropper cannot read or modify it; required for all store URLs and the foundation of exemption from encryption export controls. — (first defined in SEC-002)
- TMS (Translation Management System)
- — A platform like Crowdin or Lokalise that manages the workflow of extracting source strings, assigning translators, maintaining translation memory (past translations for reuse), and syncing results back to your codebase. — (first defined in I18N-005)
- Token bucket
- — A rate-limiting algorithm that refills N tokens per second and drains one per request, allowing controlled bursts. — (first defined in ARC-022)
- Token budget (for agents)
- — A planned allocation of input and output tokens for an agent to complete a feature, used to detect scope drift or poorly-specified tickets when actual spend exceeds the budget. — (first defined in META-006)
- Token-based APNs authentication
- — A method of connecting to APNs using a JWT signed with a .p8 key from the Apple Developer portal, recommended over certificate-based auth because tokens do not expire. — (first defined in MOB-006)
- Tokenization
- — Converting a raw card number into an opaque reference (token) that only the processor can resolve, so you store a reusable payment handle instead of sensitive card data. — (first defined in PAY-002)
- Tombstone
- — A marker indicating a deleted row that syncs to other clients, allowing them to reconcile deletes without losing data. — (first defined in ARC-002)
- Tool calling / tool use
- — A feature that lets an LLM request to call external functions (APIs, database queries, file reads) as part of its reasoning, enabling it to fetch data or take actions. — (first defined in AI-009)
- Topical depth
- — Creating multiple related articles clustered around a single topic, signaling authority to search engines and AI systems. — (first defined in GTM-004)
- Total cost of ownership (TCO)
- — The full expense of running a service, including both visible vendor fees and invisible operational labor costs. — (first defined in FIN-003)
- TOTP
- — Time-based One-Time Password; a second factor generated by an authenticator app, more reliable and phishing-resistant than SMS. — (first defined in ARC-004)
- Touch target
- — The minimum finger-tappable area for an interactive element; WCAG 2.2 AA requires 24×24 CSS pixels, but platform guidelines recommend 44×44 pt (iOS) and 48×48 dp (Android). — (first defined in A11Y-002)
- Touch-target size
- — The minimum physical area a user can tap: 44×44pt (iOS), 48dp (Android), 24px (web) to be accessible for motor control. — (first defined in TST-005)
- Tracking plan
- — A written specification documenting the analytics events your app fires, their properties, ownership, and purpose — defined before instrumentation to prevent metric ambiguity and event sprawl. — (first defined in ANL-001)
- Trader status (DSA)
- — A declaration under EU law that you are acting for purposes related to trade, business, or profession—if monetized at all (IAP, subscription, ads, affiliate links, or tip jar) you are a trader and must disclose your real name, address, phone, and email on the EU app store. — (first defined in CMP-011)
- Transactional inbox / Inbox pattern
- — A durable queue that stores unprocessed events in a database before handling them asynchronously, ensuring no message is lost if your handler crashes. — (first defined in BE-018)
- Transactional outbox / inbox
- — A pattern where an event and its processing record (e.g., an entitlement change plus a dedup record) are written in the same database transaction, with inbound events recorded atomically and then processed asynchronously by a worker; guarantees exactly-once application under at-least-once delivery and retries. — (first defined in PAY-009)
- Transactional outbox pattern
- — An atomic pattern where a business write and an outgoing side-effect message (e.g., a webhook to enqueue) are recorded in the same database transaction. — (first defined in BE-006)
- Transfer Impact Assessment
- — A documented analysis assessing whether a transfer of personal data outside the EEA is lawful under GDPR post-Schrems II. — (first defined in PRV-007)
- Translation memory (TM)
- — A database of source-to-target string pairs accumulated over releases that automatically reuses unchanged phrases so translators don't retranslate the same button or error message each version. — (first defined in I18N-005)
- Tree testing (first-click testing)
- — A usability research method where users try to find something in a bare text navigation tree to validate information discoverability. — (first defined in UX-001)
- Triage
- — The process of reviewing a bug, assigning it a severity and priority, and deciding whether it blocks release or can be deferred. — (first defined in TST-010)
- Trial shape
- — The trial configuration (length, required payment method up front, immediate vs. deferred charge) that affects conversion rates and user quality. — (first defined in ITER-005)
- Trial window
- — The duration users have access to paid features before payment is collected, with card-required trials converting far higher than opt-in (no-card) trials. — (first defined in STR-004)
- Trial-to-paid conversion
- — The percentage of free-trial users who complete the conversion to a paid subscription; varies by card-gating strategy (48-60% for card-required vs. 18-25% for cardless) and time-to-value. — (first defined in GRO-012)
- tRPC (end-to-end typed RPC)
- — A TypeScript framework where API types flow directly from server to client with no schema artifact to maintain, eliminating the need to keep a separate specification in sync. — (first defined in DOC-001)
- TruffleHog
- — A secret scanner that goes beyond pattern matching by verifying whether found credentials are actually live and currently valid. — (first defined in SEC-008)
- Truncation (document retrieval)
- — The practice of limiting search results to a maximum page size to prevent abuse and manage resource consumption. — (first defined in BE-010)
- Trunk-based development
- — A branching strategy where short-lived feature branches (1–3 days) merge directly to main, with rare long-lived branches. — (first defined in ENV-010)
- Trust boundary
- — A line in your system where the security context changes—such as between an untrusted client and your backend, or between your backend and a third-party service—marking where you must verify data and enforce security rules. — (first defined in SEC-001)
- Trust Services Criteria (AICPA)
- — Five optional audit criteria (Availability, Confidentiality, Processing Integrity, Privacy, and the required Security) that make up a SOC 2 report. — (first defined in SCA-010)
- TTL (time-to-live)
- — A database field and rule that automatically expires and deletes a row or item after a specified duration. — (first defined in PRV-006)
- Turnstile
- — Cloudflare's low-friction CAPTCHA alternative for bot detection with no per-solve cost and minimal user friction. — (first defined in ARC-022)
- Type I vs. Type II (SOC 2)
- — Type I attests controls are properly designed at a point in time (2–3 months, ~$8k–$25k); Type II attests they operated effectively over an observation period (3–12 months, ~$20k–$50k)—enterprise buyers increasingly demand Type II. — (first defined in CMP-015)
- Typed routes
- — A routing system feature where the type system validates that route names and parameters are correct at compile time, catching broken links before runtime. — (first defined in MOB-002)
- Typosquatting
- — A technique where an attacker registers a package name that is similar to a popular package (e.g., 'lodahs' instead of 'lodash') to trick developers into installing malware. — (first defined in SEC-005)
U
- UDRP (Uniform Domain-Name Dispute-Resolution Policy)
- — An ICANN process for recovering a domain name registered in bad faith without filing a lawsuit, costing roughly $1,500 and faster than federal court. — (first defined in LEG-003)
- UMP (User Messaging Platform)
- — Google's free, certified consent-management platform for ad consent that handles GDPR/EEA/UK consent and bridges Apple's ATT; required for publishers since January 2024. — (first defined in PAY-018)
- Undo (reversibility)
- — The ability to restore a previous state after a user action, removing the need for pre-action confirmation dialogs. — (first defined in UX-008)
- Unicode Bidirectional Algorithm (UAX #9)
- — The Unicode standard that resolves mixed-direction text (e.g., Arabic + Latin + numbers in one line) by analyzing character properties and direction markers. — (first defined in I18N-003)
- Unicode isolate (bidi isolation)
- — Special Unicode characters (U+2068 FSI and U+2069 PDI) that wrap mixed-direction text to prevent stray RTL/LTR runs from reordering surrounding content. — (first defined in I18N-003)
- Unified identity realm
- — A single identity provider shared by two products, so one login works in both, but creates coupling that is expensive to reverse. — (first defined in XP-006)
- Unit tests
- — Tests that verify the behavior of a single function or component in isolation, with external dependencies mocked, executing in milliseconds. — (first defined in QA-001)
- Universal Links
- — iOS deep links validated against an AASA file on your domain, letting your app claim specific HTTPS URLs (opening the app if installed, the website otherwise) and preventing spoofing; Android's equivalent is App Links. — (first defined in MOB-007)
- Unmoderated testing
- — Asynchronous usability testing where users interact with a prototype recorded, without a facilitator present. — (first defined in UX-007)
- Upgrade prompt
- — An in-app message inviting the user to unlock a paid feature, typically shown when they try to use a premium-only action. — (first defined in UX-011)
- Upgrade testing
- — Validation that an app can safely transition from an old version to a new one without losing or corrupting data, a test distinct from regular feature testing. — (first defined in QA-006)
- Usability testing
- — Watching real users from your target segment operate a prototype or product to discover where they struggle or misunderstand. — (first defined in UX-007)
- Usage description string
- — A user-facing explanation required by iOS in Info.plist for each permission the app requests, displayed when prompting the user for access. — (first defined in MOB-008)
- Usage-based pricing
- — Billing customers by meter reading of actual consumption (per query, per GB, per API call) rather than a flat fee, aligning revenue with cost-to-serve. — (first defined in STR-003)
- User empathy
- — Either lived experience of the problem you're solving or extensive, uncompensated time with users who have it; the foundation for building what users actually need. — (first defined in VAL-010)
- User flow
- — A step-by-step path through your app showing how users accomplish a specific job, including decision branches and failure cases. — (first defined in UX-002)
- User story
- — A narrative requirement framed as "As a [role], I want [capability], so that [outcome]," capturing intent before mechanism. — (first defined in STR-006)
- User-generated content (UGC)
- — Content posted or created by users themselves (comments, posts, messages, profiles) rather than by the app operator. — (first defined in ETH-005)
- UUIDv7
- — A time-ordered UUID that keeps new inserts sequential in the B-tree index, avoiding fragmentation of random UUIDs. — (first defined in ARC-002)
- UX writing
- — The craft of using precise, clear words in labels, errors, empty states, and copy to guide users without friction. — (first defined in UX-006)
V
- Valuation cap
- — In a SAFE, the maximum valuation at which the investor's shares will convert to equity at a future round, capping the investor's dilution. — (first defined in FUND-005)
- Value proposition
- — A one-sentence claim that names the specific user, the specific outcome they get, and the specific reason you deliver it better than alternatives. — (first defined in VAL-008)
- Van Westendorp Price Sensitivity Meter (PSM)
- — A survey instrument using four anchors (too cheap, bargain, expensive, too expensive) to infer a band of acceptable prices without leading questions about willingness to pay. — (first defined in VAL-007)
- Vanity metrics
- — Metrics that rise without indicating whether the product actually delivers value—like downloads, signups, or page views—often inflated by acquisition spend while the underlying product leaks users. — (first defined in STR-002)
- Variance (measurement variance)
- — Random fluctuation in observed data; high-variance metrics (rare events, small samples) require longer tests or larger sample sizes to achieve statistical significance. — (first defined in GRO-012)
- VAT (Value Added Tax)
- — A consumption tax applied at each stage of a supply chain, collected and remitted by the seller, used across the EU and 100+ countries; must be applied at the right rate based on customer location and business status. — (first defined in PAY-014)
- VDP (vulnerability disclosure program)
- — A structured, no-bounty variant of coordinated disclosure offering researcher identity verification and intake management without monetary rewards. — (first defined in SEC-011)
- Vector database
- — A database optimized for storing embeddings (arrays of numbers that capture meaning) and retrieving the most similar vectors to a query by similarity score, used for RAG retrieval. — (first defined in ARC-024)
- Vector search (semantic search)
- — Search based on meaning rather than keywords, using embeddings (numerical representations) to find similar items; useful for RAG, recommendations, and fuzzy discovery. — (first defined in ARC-015)
- Velocity cap
- — A rate limit on how many invitations a single user can send per day or time window, preventing abuse and mercenary sign-ups. — (first defined in GTM-012)
- Velocity circuit-breaker
- — An automated guard that auto-hides content reaching multiple distinct independent reports (typically 3+) before human review, preventing raids and abuse raids from staying visible. — (first defined in ETH-005)
- Venture-shaped
- — A business that has network effects, winner-take-most dynamics, a cold-start liquidity problem (as in marketplaces or social networks), or other characteristics making it suitable for venture capital funding. — (first defined in FUND-004)
- Verification cadence
- — The schedule at which you re-check an external fact to confirm it hasn't changed, matched to how fast-moving the fact is (regulatory dates: monthly; framework versions: quarterly). — (first defined in META-005)
- Version catalog
- — In pnpm, a catalog stores the pinned version of a shared dependency once so all packages reference it, preventing version drift across the monorepo. — (first defined in ENV-004)
- Version field (optimistic concurrency)
- — A row-level counter incremented on each write, used to detect when a client's mutation conflicts with a concurrent edit server-side. — (first defined in XP-004)
- Version gate (minimum-version gate)
- — A server-side check that rejects clients below a minimum version, forcing users to update; a prerequisite for deprecating mobile app features. — (first defined in SCA-011)
- Version skew
- — A mismatch in dependency versions across different parts of a codebase, causing 'works on my machine' bugs when components expect different APIs. — (first defined in ENV-001)
- Versioning (app versioning)
- — The system for labeling app releases with a semantic version (major.minor.patch) and an incrementing build number to track iterations. — (first defined in SHIP-013)
- Vesting (equity vesting)
- — The process by which a founder or employee gradually earns ownership of their equity stake over time, usually over 4 years with a 1-year cliff, meaning they earn nothing in the first 12 months but then 25% vests at the cliff and the remainder vests monthly thereafter. — (first defined in PPL-002)
- VEX (Vulnerability Exploitability eXchange)
- — A statement in an SBOM asserting that a listed vulnerability does not actually affect a component, either because the vulnerable code is not used or the threat is mitigated. — (first defined in SEC-006)
- Visual regression testing
- — Automated testing that compares pixel-by-pixel screenshots of rendered UI against a baseline to detect unintended visual changes. — (first defined in QA-005)
- VoiceOver
- — Apple's built-in screen reader for iOS, macOS, and other Apple platforms; uses gestures and rotor navigation to let blind and low-vision users operate apps (Android's counterpart is TalkBack). — (first defined in A11Y-003)
- Voluntary churn
- — Subscription cancellation because the user chose to leave (product didn't fit, switched to a competitor, or changed their mind). — (first defined in ITER-004)
- VPAT (Voluntary Product Accessibility Template)
- — A standardized form maintained by ITI that documents conformance to WCAG, filled in by vendors to produce an ACR (Accessibility Conformance Report) for procurement. — (first defined in A11Y-007)
W
- WAL (write-ahead logging)
- — A database technique where changes are written to a log before the main data file, enabling crash recovery and concurrent reads. — (first defined in ARC-009)
- War room
- — A coordinated, single-location (physical or virtual) command center where health metrics, comms, and rollout decisions are run as one integrated operation during launch. — (first defined in LAU-004)
- WAU (Weekly Active Users)
- — The count of unique users active in a rolling 7-day window, typically on a Monday-Sunday or fixed-window basis. — (first defined in GRO-004)
- WCAG (Web Content Accessibility Guidelines)
- — A set of testable technical standards from the W3C that define accessibility requirements for web and digital content, organized by conformance levels A, AA, and AAA. — (first defined in A11Y-001)
- Web App Manifest
- — A JSON file that describes a web app's name, icons, display mode, and startup behavior, enabling it to be installed as an app from a browser. — (first defined in META-003)
- WebAuthn / FIDO2
- — A W3C standard for public-key authentication, enabled by platform authenticators (Face ID, Windows Hello, security keys). — (first defined in ARC-005)
- Webhook
- — An HTTP callback that a payment processor (or other provider) sends to your backend to notify it of events (charge succeeded, subscription renewed, refund issued). — (first defined in QA-010)
- Webhook idempotency
- — The property that receiving the same webhook notification twice produces the same net effect as receiving it once, essential because processors retry delivery. — (first defined in QA-010)
- WebP
- — A modern image format supporting lossy (~78 quality for photos) and lossless compression; ~25–35% smaller than PNG/JPEG, supported on iOS 14+ and essentially all Android. — (first defined in MOB-017)
- WebSocket
- — A bidirectional persistent connection protocol allowing both server-to-client and client-to-server messages; the load-bearing transport for real-time features but with connection-lifecycle complexity. — (first defined in ARC-013)
- WebView
- — OS-embedded browser component (WebView2, WKWebView, WebKitGTK) that renders HTML/CSS/JS in a native app without bundling Chromium. — (first defined in ARC-007)
- Wedge
- — A narrow, defensible position in the market where you are demonstrably better for one specific job or user, used to enter a competitive category. — (first defined in VAL-008)
- Wedge client
- — The lead product surface launched first where the target audience already lives, with subsequent surfaces folded in later under the same narrative. — (first defined in GTM-017)
- WidgetKit
- — iOS framework for home-screen and lock-screen widgets; runs in a sandboxed process with ~30 MB memory budget, no networking, only reads cached data from App Groups. — (first defined in MOB-021)
- Win-back (resurrection)
- — The process of reactivating churned users through campaigns, economically justified when the cost to resurrect is less than the forward LTV of the resurrected user. — (first defined in GRO-003)
- Wireframe
- — A low-fidelity, stripped-to-structure blueprint showing layout and navigation flow without design details like color or typography. — (first defined in UX-004)
- Wire-level API compatibility
- — A backend API contract that remains backward-compatible so an older mobile app binary already installed cannot break when the backend changes underneath it. — (first defined in XP-001)
- Wizard-of-Oz test
- — A manual/concierge validation where you deliver the core job by hand for 5–10 users to learn what the product must actually do before writing code. — (first defined in VAL-006)
- Wizard-of-Oz testing
- — A technique where a human manually simulates backend behavior (e.g., playing an AI) so you can test the user experience of the output without building the serving stack. — (first defined in UX-007)
- Wordmark
- — A logo composed of the app's name set in a chosen typeface with optional geometric accents, as opposed to an icon or symbol mark. — (first defined in UI-001)
- Work made for hire
- — A legal doctrine under US copyright law by which certain works are owned by the employer or commissioning party rather than the creator; does not automatically apply to contractor-created software. — (first defined in PPL-003)
- Worker misclassification
- — The legal and tax problem that arises when someone classified as an independent contractor is actually treated and controlled like an employee, exposing the company to back taxes and penalties. — (first defined in PPL-004)
- Workload identity
- — A method where an application or service proves its identity to a cloud provider and receives short-lived credentials without needing to store a long-lived secret key. — (first defined in SEC-003)
- Workload identity federation
- — A cloud authentication pattern where a CI platform mints a short-lived token asserting its identity, exchanged for temporary cloud credentials. — (first defined in ENV-008)
- Workload Unit (WU)
- — Bubble's metered billing unit; one inefficient operation (e.g., a text search on a large table) can burn thousands of WU and create hidden scaling costs. — (first defined in VAL-011)
- Work-made-for-hire clause
- — A legal agreement clause that automatically vests ownership of creative work (code, assets) in a company when the creator is an employee, but often fails for independent contractors without a companion assignment clause. — (first defined in LEG-003)
- WorkManager
- — Android's JobScheduler wrapper (Jetpack) that schedules deferred work respecting Doze and battery-saver; the correct way to do background polling instead of raw timers. — (first defined in MOB-017)
- Workspace linking
- — A package-management pattern where shared code in a monorepo is imported as local dependencies using a protocol like
workspace:*instead of requiring a publish cycle. — (first defined in MOB-001) - Workspace protocol (workspace:*)
- — A pnpm syntax that references a local package by name, instructing the installer to use the live version in the monorepo instead of a published version. — (first defined in ENV-001)
- Workspace tool (pnpm/npm workspaces)
- — A package manager feature that links local packages in a monorepo so one imports another without publishing to a registry. — (first defined in ENV-001)
- WORM (Write-Once-Read-Many)
- — Storage where data can be written once and read many times but never modified or deleted, even by an admin — perfect for audit trails. — (first defined in BE-017)
- Write ceiling
- — The maximum number of write transactions per second a single database instance can sustain before performance degrades or it reaches capacity. — (first defined in SCA-001)
- WTP (willingness-to-pay)
- — The actual amount a target user will commit money to when a real trade-off is on the table; distinct from stated WTP, which systematically overstates revealed WTP. — (first defined in VAL-007)
X
- XDG Base Directory
- — A freedesktop.org standard specifying where Linux apps should store config, data, and cache files in the user's home directory (e.g., ~/.config, ~/.local/share, ~/.cache). — (first defined in DSK-008)
- XSS (Cross-Site Scripting)
- — An attack where an attacker injects JavaScript code into a web page, usually via user input, so that the script executes in other users' browsers and can steal cookies, session tokens, or hijack actions. — (first defined in SEC-007)
Z
- ZAP (OWASP Zed Attack Proxy)
- — A free, open-source web application security scanner used for automated dynamic testing of APIs and web services. — (first defined in SEC-008)
- Zero-click search
- — A search that ends on Google's own answer surfaces (maps, shopping, AI Overviews) without the user clicking through to an external website. — (first defined in GTM-004)
- Zero-data-retention (ZDR)
- — A contractual mode where the provider does not retain or use API traffic for model training, required for regulated data. — (first defined in ARC-024)
- Zero-shot / few-shot
- — Zero-shot: performing a task with no training examples, only instructions. Few-shot: including a handful of examples in the prompt to demonstrate expected behavior. — (first defined in AI-001)