Build · beginner · 10 min read
The Vibe Coding Glossary: 50 Terms Explained in Plain English
Every technical term you'll encounter when building with AI tools — explained without jargon for non-technical founders and PMs.
Technical documentation assumes you already know things. This glossary doesn’t. Every term you’ll encounter when building with AI tools is explained here as if you’re hearing it for the first time — because you probably are.
Bookmark this page. You’ll come back to it.
The App Stack
These are the building blocks every app is made of. When an AI tool says it’s “full-stack,” it means it handles all of these.
Frontend The part of an app that users see and interact with. Everything visual — buttons, forms, lists, navigation — lives in the frontend. When AI tools like Lovable or V0 generate a UI, they’re building the frontend. Frontend code runs inside the user’s browser.
Backend The invisible machinery behind your app. The backend processes requests, applies business logic (“only show contacts that belong to this user”), and talks to the database. When someone clicks “Save” and data persists, that’s the backend handling it. Backend code runs on a server, not in the user’s browser.
Database Where your app stores its data permanently. Think of it as a structured spreadsheet that never goes away. When a user creates an account, that account gets saved to the database. When they log in, the app checks the database to verify their credentials. Supabase and Firebase are the most common databases used in vibe coding.
API (Application Programming Interface) A defined set of rules for how two pieces of software communicate with each other. When your app talks to Stripe to process a payment, it uses Stripe’s API. When Lovable connects your frontend to your database, it uses the database’s API. You don’t need to write APIs yourself — vibe coding tools handle this — but you’ll encounter the term when integrating third-party services.
Authentication The system that verifies who a user is. Sign-up, log-in, log-out, and password reset are all part of authentication. In AI building tools, this is usually handled automatically through a service like Supabase Auth or Clerk. When an AI tool says it “includes auth out of the box,” it means you don’t have to build this yourself.
Authorization Different from authentication. Authentication answers “who are you?” Authorization answers “what are you allowed to do?” A logged-in user can see their own data but not someone else’s — that’s authorization. AI tools handle basic authorization, but complex permission systems (like user roles: admin vs. standard user) sometimes need explicit instruction.
Deployment The act of publishing your app from a private development environment to a public URL that real users can access. Before deployment, your app exists only on your laptop or in a tool’s preview. After deployment, it’s live on the internet. Tools like Lovable handle deployment automatically; others require you to push your code to Vercel or Cloudflare Pages.
Stack A shorthand for all the technologies an app uses together. “Full-stack” means a tool handles both frontend and backend. The “MERN stack” is a specific combination of four technologies (MongoDB, Express, React, Node.js). When founders ask “what stack should I use?” they’re asking which combination of technologies to build with. For vibe coding, let the tool choose — this isn’t a decision you need to make.
AI Tool Terms
Understanding these terms will make you a better prompter and help you choose the right tool for your situation.
Tokens The unit AI models use to measure and charge for text processing. Roughly speaking, one token equals about four characters or three-quarters of a word. When you send a prompt and the AI responds, both your input and the output consume tokens. Long prompts, long conversations, and complex codebases all cost more tokens. Tools like Cursor charge based on token consumption; tools like Lovable charge a flat subscription instead.
Context Window How much text an AI model can “see” and consider at once — including your prompt, the conversation history, and any code it’s working with. Think of it as the AI’s short-term memory. A small context window means the AI forgets early parts of your conversation as it gets longer. A large context window means it can hold more of your project in mind simultaneously. Claude’s context window is among the largest available, which is why it’s particularly good for working with large codebases.
Prompt The instruction you give an AI. Every message you send to an AI coding tool is a prompt. Better prompts produce better results. A prompt can be a feature request, a debugging question, a clarification, or a constraint. See the best practices guide for how to write prompts that work.
System Prompt A set of instructions given to an AI before the conversation begins — usually by the tool builder, not the end user. When you use Lovable, Lovable has already given the AI a system prompt that tells it to behave like a coding assistant and follow certain conventions. You don’t write system prompts in normal use, but you may encounter the term in documentation.
Hallucination When an AI states something false with confidence. In coding contexts, this means the AI might describe a feature that doesn’t exist in a library, reference a function name incorrectly, or claim to have fixed something it hasn’t. Hallucinations are a real problem and a reason to test every change the AI makes rather than assuming it worked.
Agentic Describes AI systems that can take multi-step actions autonomously — not just responding to a single prompt but executing a sequence of tasks, making decisions along the way. Tools like Devin and Replit Agent are more agentic: you describe a goal and they attempt to complete it independently. More agentic tools are powerful but also harder to control and more likely to make unwanted changes.
RAG (Retrieval-Augmented Generation) A technique where AI is given access to a specific knowledge base to improve the accuracy of its responses. Some coding tools use RAG to give the AI access to your codebase or relevant documentation, so it can give answers that are specific to your project rather than generic. You don’t need to configure this — it happens behind the scenes.
Development Terms
These are the terms you’ll encounter when tools talk about how your code is organized and managed.
Repository (Repo) A folder that contains all the code for a project, along with a history of every change ever made to it. Git is the most common system for managing repositories. GitHub is a website that hosts repositories. When someone says “push to the repo,” they mean uploading your latest code changes to GitHub.
Branch A parallel version of your codebase where you can make changes without affecting the main version. Think of it like making a copy of a document to edit, then deciding whether to merge the edits back into the original. In vibe coding, you probably won’t manage branches manually — tools like Lovable handle this — but the concept appears in documentation and error messages.
Commit A saved snapshot of your code at a specific point in time, with a description of what changed. When the AI makes changes to your codebase, it often creates commits automatically. Version history in tools like Lovable is a user-friendly layer on top of Git commits.
Environment Variables Configuration values stored outside your code — things like database passwords, API keys, and settings that differ between development and production. You never hardcode these values directly into the app (that would expose them to anyone who reads the code). Instead, they’re stored separately and loaded when the app runs. When a deployment fails with an error about a “missing environment variable,” it means a required configuration value wasn’t set up in the production environment.
Localhost A way of referring to your own computer as if it were a server. When developers say “the app is running on localhost:3000,” they mean the app is running on their machine at port 3000, accessible only to them. In tools like Lovable, you get a live preview URL instead of localhost, so this term matters less for vibe coders.
npm / package.json
npm is the package manager for JavaScript — a system for installing and managing the libraries your app depends on. package.json is the file that lists all of those dependencies. If you ever need to run the app locally or look at the raw code, you’ll run npm install to set up the project. You’ll encounter this if you export your code from a vibe coding tool.
Infrastructure Terms
Where your app lives and how it gets to users.
Hosting A service that keeps your app running on a server so people can access it via a URL. Vercel, Cloudflare Pages, and Railway are common hosting services. Some vibe coding tools (like Lovable) include hosting automatically. Others require you to connect to a hosting provider separately.
CDN (Content Delivery Network) A network of servers distributed around the world that store copies of your app’s files. When a user in Tokyo visits your app hosted in the US, a CDN serves them files from a nearby server instead, making the app load faster. Cloudflare Pages uses a CDN by default. For most MVP-stage apps, this is handled automatically and you don’t need to think about it.
Domain The human-readable address of a website (e.g., yourapp.com). Domains are rented annually from a registrar like Cloudflare or Namecheap. After buying a domain, you point it at your hosting provider through a DNS settings change — a simple process that takes about 15 minutes.
DNS (Domain Name System) The system that translates domain names into the IP addresses where servers actually live. When you change DNS settings to point a domain at Vercel, you’re telling the internet “when someone visits myapp.com, send them to Vercel’s servers.” Changes to DNS settings can take a few hours to propagate globally.
SSL / HTTPS The encryption that protects data sent between users and your app. The padlock icon in a browser’s address bar indicates SSL is active. All reputable hosting services (Vercel, Cloudflare, Lovable) handle SSL automatically. Never launch an app that collects user data without HTTPS — browsers will show scary warnings and users won’t trust it.
Serverless A hosting model where instead of running a server constantly, your backend code runs only when a request comes in. You pay only for actual usage. Vercel’s “serverless functions” and Cloudflare Workers are examples. For vibe-coded apps, this is usually the default and requires no special configuration.
Cloudflare Both a domain registrar and a company that provides CDN, security, and hosting services. Cloudflare Pages is a free hosting platform. Cloudflare is also widely used as a layer in front of other hosting providers for its security features and CDN.
Common Patterns
Patterns that come up repeatedly when building apps, regardless of the tool you’re using.
CRUD Create, Read, Update, Delete — the four basic operations any database-backed app needs to support. A contacts app needs to: create contacts, read (display) contacts, update contact details, and delete contacts. Almost every feature in a business application is some combination of CRUD operations. When you describe a feature to an AI, think about which CRUD operations it involves.
REST A set of conventions for how web apps communicate with servers and databases. RESTful APIs use standard URL patterns and HTTP methods (GET, POST, PUT, DELETE) to perform operations. Most modern apps use REST or its newer alternative, GraphQL. You don’t need to understand the details — just know that when documentation says “REST API,” it means a standard, well-understood way of communicating.
Webhook A way for one service to notify another when something happens. For example: when a user pays via Stripe, Stripe sends a webhook to your app saying “this payment succeeded.” Your app receives the webhook and updates the user’s account. Webhooks are event-driven — they’re not triggered by your app asking “did anything happen?” but by the other service proactively telling you. You’ll need to set up webhooks when integrating payments or certain third-party services.
OAuth An authentication protocol that lets users log in to your app using an existing account from another service — “Sign in with Google” or “Sign in with GitHub.” From the user’s perspective, it’s convenient. From a developer’s perspective, it offloads the security of authentication to a large, trusted provider. Many AI coding tools support OAuth out of the box.
Session / Cookie When a user logs in, the server creates a session — a temporary record that this user is authenticated. The browser stores a cookie (a small piece of data) that identifies this session. On subsequent page loads, the browser sends the cookie to the server, which looks up the session to verify the user is still logged in. Sessions typically expire after a set period (e.g., 30 days). When a user complains they keep getting logged out, session expiry is usually the culprit.
Row-Level Security (RLS) A database feature that controls which rows of data each user can access. In Supabase, RLS is the mechanism that ensures User A can only see their own contacts and not User B’s. AI tools sometimes generate this correctly automatically and sometimes don’t. Testing data isolation between user accounts is important specifically because of this.
Migration A script that changes your database structure. Adding a new field to a table, creating a new table, or removing an old column — these are all migrations. When you add a feature that requires storing new data, the AI tool will run a migration to update the database schema. Migrations can sometimes fail or conflict with existing data, which is one reason for the “data isn’t saving” failure described in the debugging guide.
Schema The definition of your database structure — what tables exist, what columns they have, and what type of data each column stores. A schema is like the column headers of a spreadsheet. When an AI tool sets up your database, it’s creating a schema based on the data you described. Changes to the schema after the app is in use require migrations.
Environment (Dev / Staging / Production) Most apps have multiple environments: development (where you build and test), sometimes staging (a copy of production used for final testing), and production (the live version real users see). In simple vibe coding setups, you often have just two: the preview (development) and the deployed app (production). “It works in preview but not in production” is a common problem caused by configuration differences between environments.
Related guides
beginner · 12 min read
The Non-Coder's Prompt Library: 50 Copy-Paste Templates
Tested prompts for building common features with AI tools — authentication, payments, dashboards, onboarding, and more.
beginner · 7 min read
When Things Break: A Debugging Guide for Non-Coders
What to do when your AI-built app stops working — a practical guide to diagnosing and fixing the most common vibe coding problems.
Enjoying this guide?
Get the weekly digest — new tools, honest takes, and what founders are shipping.