By Hakan Akcan · Reepa Solutions
The stack decision at the start of a web app project determines three years of operating costs, maintainability, and the ability to bring in new developers later. In 2026, this decision has become simultaneously easier and harder: easier because a stable default ecosystem has formed around Next.js and React 19 that works in most business scenarios; harder because serious alternatives — SvelteKit 2, Solid, Astro, Hono on Cloudflare — are technically superior in specific use cases. This article maps out the most important building blocks of a modern web stack and shows which technology makes sense for which project. It concludes with the default stack we use at Reepa Solutions for most client projects — as a reference, not a dogma. For context within our overall software development strategy, see the Software Development Guide.
What a modern web app looks like in 2026 — and why it matters economically
A business web app in 2026 looks very different from what users and clients expected in 2020. Time-to-interactive under two seconds is no longer nice-to-have — it is the standard. Mobile usage exceeds desktop usage in almost all B2C scenarios, and even in B2B mid-market businesses, a significant share of logins happens on smartphones and tablets. Accessibility under the BFSG has been mandatory for many providers since mid-2025 and is increasingly requested by clients in supplier audits. Data protection requirements — GDPR, Schrems-II-compliant hosting locations, cookie minimisation — are hard cost drivers that already influence stack selection.
On top of this, three economic levers must be factored into every stack decision. First, the hiring market: a stack is only a good decision if developers will still be available for it in three years. Second, hosting costs: the choice between serverless, edge, and classic container hosting changes ongoing costs by a factor of five to ten. Third, operating costs: a TypeScript-first stack with solid test infrastructure noticeably reduces maintenance and bug-fixing effort, which adds up over the project's lifetime.
An observation from our practice: in most mid-market projects, the build phase is significantly shorter than the operating phase. A project built in four months is typically run, maintained, and extended for three to five years. Stack decisions that ignore this — exotic frameworks that are fun to build with but have little maintenance personnel available — generate later remediation costs in the six-figure range. The following overview is therefore written pragmatically, not trend-setting.
Frontend — the serious options
In the frontend, five options are under discussion in 2026 that hold up for serious projects. Each has a clear profile.
| Framework | Profile | When it makes sense |
|---|---|---|
| React 19 | Largest ecosystem, Server Components as standard, strong tooling, highest developer availability | Default for business apps with multiple developers and a multi-year lifecycle |
| Vue 3.5 | Excellent developer experience, clear reactivity model, widely used in DACH and Asia | Teams with Vue background, long-lived in-house tools |
| SvelteKit 2 | Smallest bundle sizes, less boilerplate, excellent performance, smaller ecosystem | Performance-critical frontends, small teams, in-house tools |
| Solid | Fine-grained reactivity without a virtual DOM, best rendering performance, very compact | Dashboard-heavy apps with many updates per second, visualisations |
| Astro | Content-centred, Islands architecture, multiple UI frameworks mixable per page | Marketing sites, blogs, documentation, SEO clusters like this page |
The reality: for business web apps in the German mid-market, React 19 is the right choice in 70 to 80 percent of projects, because the hiring market decides. For internal tools, performance-critical frontends, or teams with a clear Svelte profile, SvelteKit is an excellent alternative. We at Reepa do not use Astro for main applications, but for content sites and clusters — static delivery is clearly superior for SEO clusters and marketing.
Meta-frameworks — who handles routing, rendering, and data fetching
A bare frontend framework is not enough for serious web apps. Routing, server rendering, data fetching, build pipeline, and deployment integration all come from a meta-framework. In 2026, four options are relevant.
Next.js 16 remains the default for React projects. Cache Components, partial pre-rendering, and Server Components are mature, the tooling around Vercel is highly integrated, and the third-party library ecosystem is larger than any competitor's. Weaknesses: high complexity, many new concepts per major release, and real lock-in to Vercel or custom infrastructure. Still the lowest-risk choice for mid-market business apps.
Nuxt 4 is the Vue equivalent of Next.js and is on par in many disciplines in 2026. Teams already in Vue have no reason to switch. Server Components, the data model, module ecosystem, and hosting integration are all solid.
Remix / React Router 7 is worth another look after the merger into React Router 7. The approach — routing as a data model, forms as a first-class mechanism — is conceptually cleaner than Next.js, but the ecosystem is noticeably smaller and hosting options outside Vercel and Cloudflare Workers are less mature.
SvelteKit 2 is by far the fastest and conceptually clearest meta-framework. Build output is small, the mental model is manageable, and server functions plus form actions are elegantly solved. If the team is already using Svelte: there is no better choice.
Pragmatic recommendation: Next.js for most React projects, Nuxt when Vue is a given, SvelteKit when performance or team profile suggests it. Remix only when the team has a clear track record with it.
Styling — Tailwind, component libraries, or a custom design system
In the styling layer, a clear consensus has emerged in 2026: Tailwind CSS 4 is the standard for utility-first styling, and two patterns have established themselves beyond that.
- Tailwind 4 as the foundationFast styling, unified design token model, excellent editor integration, small build output. Almost every new project in 2026 starts with Tailwind 4 as the base, regardless of the frontend framework.
- shadcn/ui for ReactNot a package, but a collection of copy-and-own components built on Radix Primitives and Tailwind. Full control over the code, no hidden CSS-in-JS layer, easily adapted to your own design guidelines. The pragmatic default for React apps in a business context.
- Headless UI / Radix PrimitivesFor teams building their own design system, unstyled and fully accessible primitives are the right foundation. They provide the logic — Dialog, Combobox, Toast, Tabs — while the look comes from the system itself.
- CSS Modules as a fallbackIn projects without Tailwind or with a very distinctive design requirement, CSS Modules remain the clean default. Predictable, framework-agnostic, no build magic.
Classic CSS-in-JS — emotion, styled-components — continues to lose ground because it causes problems in combination with Server Components and unnecessarily inflates bundle size. No longer our recommendation for new projects.
Stack consulting for your web app project
Planning a new web app and don't want to leave the stack decision to chance? We offer a free 45-minute stack audit — we assess your requirements around hiring market, hosting, GDPR, and performance, and deliver a concrete stack recommendation with a risk assessment.
Request a stack auditBackend — Node, Deno, Bun, and the lean frameworks
Backend decisions have diversified noticeably in 2026. Node.js remains the stable backbone, but has gained serious competition — and lean web frameworks have established themselves to replace the Express model.
Node.js remains the default. Maturity, ecosystem size, and hosting availability are unbeatable. For API backends, web app servers, and background workers, Node is still the lowest-risk choice.
Bun is production-ready in 2026 and noticeably ahead of Node in many disciplines — start time, package installation, built-in test runner. We use Bun for build pipelines and CLI tools; for production HTTP servers at client sites we remain defensively on Node, because the ecosystem lead there will hold for years.
Deno is technically mature, but remains a niche in the DACH mid-market. Teams with an existing Deno background get a clear security model and excellent TypeScript support out of the box. For new projects without prior exposure, we rarely recommend it as a default.
At the framework level, two lean alternatives to Express have established themselves:
- Hono — ultralight web framework that runs on Node, Bun, Deno, Cloudflare Workers, and Vercel Edge. First choice when backend code needs to be portable across different runtimes or when Cloudflare Workers is the hosting target.
- Elysia — Bun-centric framework with very strong TypeScript inference and automatic OpenAPI generation. Ideal for teams already using Bun who want maximum type safety between backend and frontend.
Express remains reasonable for existing codebases, but is no longer our recommendation for new projects — it lacks a modern async middleware story and solid TypeScript inference. Teams working in Next.js already have Route Handlers and Server Actions as an integrated backend and often don't need a separate framework at all.
TypeScript end-to-end — the most important lever
If we could give only a single recommendation for 2026, it would be this: TypeScript end-to-end. That means TypeScript in the frontend, in the backend, in shared libraries, and in database models — with real type propagation between layers. The effects are dramatic: significantly fewer runtime errors in production, faster refactoring, documented interfaces without a separate schema document, and automatic API completion in the frontend.
Implementation in practice is significantly easier in 2026 than it was three years ago. Drizzle ORM delivers types directly from the database schema. tRPC or Zod schemas behind Server Actions give the frontend exactly the types that the backend actually produces. Tools like Hey API generate TypeScript clients from OpenAPI specs, so even external API integrations are fully typed. For a deeper look at our specific setup recommendation, see the cluster on the TypeScript Stack 2026.
Databases in the web stack
The database is the part of the stack with the highest persistence — it will outlive the frontend framework, sometimes the company itself. The choice should be correspondingly conservative.
| Option | Profile | When it makes sense |
|---|---|---|
| Postgres (Hetzner, AWS RDS) | Universal, relational + JSON + full-text + vector in one engine | Default for 90% of all business web apps |
| Neon | Serverless Postgres, branching per branch, EU region available | Rapid development, many preview environments, small to medium production |
| Supabase | Managed Postgres with auth, storage, and realtime in one package | MVP phase, small teams, fast time-to-market |
| Turso (SQLite Edge) | Edge-replicated SQLite, very low latency worldwide | Read-heavy apps with a global user base and simple data modelling |
| Planetscale | Distributed MySQL-compatible database, good branching model | Very large data volumes, teams with a MySQL background |
At the ORM level, Drizzle is our default in 2026. It delivers genuine SQL understanding with first-class TypeScript inference, without a codegen step in the build and without the overhead that Prisma introduces in larger schemas. Prisma remains reasonable for existing projects or very large data models with an established migration workflow.
Authentication — the layer no one should build themselves
Auth is the one area where we almost always recommend managed solutions in 2026. The security requirements — password hashing, token rotation, OAuth, MFA, session management, audit log — are high enough that custom implementations statistically produce security vulnerabilities more often than they save effort.
- Clerk — excellent developer experience, ready-made UI components, broad provider support, dedicated EU region — our default for Next.js projects with clear time-to-market pressure
- NextAuth / Auth.js — open-source classic, self-hosted, very flexible, significantly more custom configuration than Clerk — well suited for projects with their own auth backend
- Better-Auth — a newer TypeScript-first auth layer with very good architecture, self-hosted, framework-agnostic — first choice for SvelteKit, Hono, and Nuxt
- Lucia — minimal, framework-agnostic session manager — appropriate when the team wants full control over auth without ready-made UI components
For GDPR-sensitive workloads we recommend Clerk in the EU region, or self-hosting with Better-Auth or NextAuth. Anyone processing auth data in the US should document this clearly in the data protection impact assessment.
Deployment — where the app actually runs
Hosting decisions have grown more economically significant in 2026, because serverless functions can range from very cheap to very expensive depending on usage patterns. Four profiles cover most mid-market cases.
- VercelFastest time-to-production for Next.js, integrated preview environments, excellent developer experience. Cost-effective up to medium load; can become expensive with long function runtimes and large data volumes. Our default for marketing sites and most smaller apps.
- CloudflareWorkers, R2, D1, Pages — very strong edge model, very aggressive pricing for static content and CDN. Ideal for global apps with high read load and for Hono-based backends. Slightly more custom configuration required than Vercel.
- Fly.ioGlobal container hosting with good region control, suitable for apps that are not serverless-compatible but still need global deployment. Solid value for money, moderate operational overhead.
- Hetzner + Coolify or DokploySelf-hosting on EU servers, significantly cheaper than all cloud hyperscalers at medium traffic volumes, fully GDPR-compliant. Requires a person with Linux experience and a clear backup and monitoring concept. Our default for the main applications in larger Reepa client projects.
In practice we often combine: marketing sites and preview environments on Vercel, main application with database on Hetzner with Coolify, asset delivery via Cloudflare. This combination delivers a good developer experience, low operating costs, and GDPR-compliant data processing.
Bundle size, streaming, edge — the performance layer
Three concepts have established themselves as standard in 2026 and should be considered in every serious web app architecture. React Server Components move rendering work to the server and dramatically reduce the JavaScript payload in the browser — a business app that still ships 800 KB of JavaScript in 2026 has an architecture problem. Streaming HTML delivers the page as soon as the first meaningful content is renderable, rather than waiting for the slowest database call — the perceived performance gain is substantial. Edge rendering moves server-side logic to CDN-adjacent nodes and reduces latency for global users to double-digit milliseconds. These three building blocks are available as first-class features in Next.js 16, Nuxt 4, and SvelteKit 2.
The Reepa default stack 2026 — what we actually build
Finally, the pragmatic standard with which we at Reepa Solutions start most new client projects in the mid-market. It is not the most exciting stack, but it has the best risk profile over a three-to-five year lifespan.
| Layer | Choice | Why |
|---|---|---|
| Frontend | React 19 | Hiring market, ecosystem, stability |
| Meta-framework | Next.js 16 | Server Components, Cache Components, Vercel integration |
| Styling | Tailwind 4 + shadcn/ui | Fast, consistent, full code ownership |
| Language | TypeScript end-to-end | Type safety between frontend, backend, and database |
| Database | Postgres (Hetzner or Neon) | Universal, EU region, JSON + full-text + vector in one engine |
| ORM | Drizzle | Type inference, no codegen, SQL proximity |
| Auth | Clerk or Better-Auth | Managed security, EU region or fully self-hosted |
| Hosting | Vercel + Hetzner + Cloudflare | Marketing on Vercel, main app on Hetzner, assets via Cloudflare |
| Testing | Vitest + Playwright | Fast unit tests, robust end-to-end tests |
This stack is deliberately conservative. It will not win an innovation award, but it delivers predictable maintenance costs, a large hiring pool, and low technical risk over several years. For special cases — highly global apps, performance-critical frontends, data-intensive dashboards — we deviate intentionally. Anyone building a B2B mid-market web app gets it right 80 percent of the time with this combination. Further notes on interface architecture are in the cluster REST vs. GraphQL; anyone scaling this for a SaaS platform will find the business side in the SaaS Build Guide.
Frequently asked questions
Which stack is the safest choice for a new business web app in 2026?
For the vast majority of mid-market business apps, Next.js 16 with React 19, TypeScript, Tailwind 4, Drizzle ORM, a Postgres database (Neon or Hetzner), and Clerk or Better-Auth is a very low-risk choice. The ecosystem is large, hosting on Vercel or self-hosting via Coolify on Hetzner are both well-established, and developers are readily available on the market. Special cases such as content sites, real-time applications, or high edge requirements point toward SvelteKit, Astro, or Hono on Cloudflare — but those are deliberate decisions, not defaults.
Is SvelteKit or Solid worth considering instead of React for new projects?
Technically, SvelteKit 2 and Solid outperform React in many disciplines — bundle size, performance, developer experience. Economically, however, the hiring market usually decides: React developers are far more abundant in the DACH region than Svelte or Solid specialists. For internal tools, small teams, or products with a clear performance focus, SvelteKit is an excellent choice. For a platform with a three-year lifecycle and multiple rotating developers, React remains the more pragmatic default.
Which database suits a modern web app?
For almost every business web app, Postgres is the right choice — as a managed service via Neon, Supabase, or directly via AWS RDS, or self-hosted on a Hetzner server. Postgres covers relational data, JSON fields, full-text search, and vector search in a single database, reducing the number of components in the stack. Edge databases such as Turso or Planetscale only pay off when global latency is demonstrably a problem.
Should you still use Prisma in 2026 or switch directly to Drizzle?
Drizzle is the better choice for most new projects in 2026: smaller build output, no codegen step in the build, native SQL proximity, and excellent TypeScript inference. Prisma remains reasonable when the team has already standardised a lot of migration and studio tooling on Prisma, or when the data model is very large and the older schema DSL is preferred. For new projects we recommend Drizzle; for existing Prisma projects, we advise against a hasty migration.
Vercel, Cloudflare, or self-hosting on Hetzner — what is the right choice?
Vercel is the fastest choice for time-to-production and the natural partner for Next.js — the premium is worth it as long as growth is predictable and function runtimes stay manageable. Cloudflare is the first choice when the application is heavily edge-oriented and works with Workers, R2, and D1. Self-hosting on Hetzner with Coolify or Dokploy is the significantly cheaper option at medium traffic volumes and is preferred for GDPR-sensitive workloads — but it requires ongoing operational responsibility. Reepa uses a combination of Vercel for marketing pages and Hetzner+Coolify for the main application in most client projects.
Ready to put your web app on a solid foundation?
Let's talk for 30 minutes with no obligation. We assess your requirements — hiring market, GDPR, performance, hosting budget — and deliver a concrete stack recommendation with a risk assessment and effort estimate for the first 90 days.
Schedule a 30-minute call
IT security and cloud architect with over ten years of experience. Builds web platforms and SaaS products for the German mid-market together with his team, and writes regularly on web stacks, TypeScript architecture, hosting, and software maintainability.
Reviewed: 22 May 2026 · More about Hakan