Part 5 · Roadmap17 min read

A Complete Computer Science Roadmap for Builders

A practical computer science roadmap for builders: what to learn first, what to study next, what to skip, and how to turn the map into real projects.

Published: June 24, 2026Last updated: June 23, 2026

You do not need to memorize the whole map.

You need a route.

A useful computer science roadmap does three things:

  1. It tells you what to learn first.
  2. It tells you what can wait.
  3. It gives you projects that force the concepts to become real.

This roadmap is for builders. It is not the academic order. It is the order that pays off fastest when you are trying to ship real software.

How to use this series

Use this page as the hub.

0Start with the map

Read Part 0 to understand the four neighborhoods: data structures, algorithms, system design, and development process.

1Learn how data is stored

Use Part 1 when you need arrays, hash maps, stacks, queues, trees, and graphs.

2Learn how code grows

Use Part 2 when your app gets slow or you need Big O, binary search, and recursion.

3Learn how apps are shaped

Use Part 3 when you need HTTP, APIs, databases, caches, queues, load balancers, or tradeoffs.

4Learn how changes stay safe

Use Part 4 when you need Git, reviews, tests, CI/CD, and technical debt management.

6Learn how production fails

Use Part 6 after you ship something real and need monitoring, tracing, CI gates, and automated guardrails.

For deployment-specific work, pair this roadmap with the Deployment Guide for Vibe Coders.

The roadmap in one picture

Think in stages, not topics.

0Orient

Know the neighborhoods. Do not study randomly.

1Reason about code

Data structures, Big O, and the shape of slow code.

2Build web apps

HTTP, APIs, databases, auth, and permissions.

3Work safely

Git, reviews, tests, CI/CD, rollback thinking.

4Ship production systems

Deployment, logs, metrics, queues, retries, cost control.

5Specialize

Go deeper into AI apps, backend, frontend, infra, security, or data.

The dependencies are simple:

If you want to understand...Learn this firstThen learn
Why code gets slowHash maps and Big OIndexes, caching, profiling
How web apps workHTTP request/responseAPIs, auth, databases, deployment
How teams ship safelyGit branches and pull requestsTests, CI/CD, reviews, rollback
How production systems failLogs and metricsTracing, alerts, CI gates, guardrails
How AI apps scaleBackground jobs and cost trackingRAG, embeddings, queues, rate limits

Stage 0: Orientation

Do this before you go deep.

You should be able to explain the four neighborhoods in plain language:

  • Data structures: how data is stored so it can be found, changed, grouped, and connected.
  • Algorithms: the steps your program follows and how those steps behave as data grows.
  • System design: the shape of the app: clients, servers, APIs, databases, caches, queues, external services.
  • Development process: the habits that keep software changeable: Git, reviews, tests, CI/CD, debt management.

Checkpoint:

  • I can look at a bug or slow feature and guess which neighborhood it belongs to.
  • I can explain why I am learning a concept before I spend time on it.
  • I have one real project where I can apply what I learn.

Stage 1: Code reasoning

Start here because it changes how you read code immediately.

Learn:

  • Arrays and lists.
  • Hash maps and sets.
  • Stacks and queues.
  • Trees and graphs.
  • Big O.
  • Binary search.
  • Recursion.

Do not try to memorize every data structure. Learn the practical question:

How should this data be stored so the app can find it, change it, and connect it without wasting work?

Builder exercises:

ExerciseWhat it teaches
Replace repeated array.find() calls with a MapDirect lookup and Big O
Add pagination to a list pageLinear growth and API limits
Build nested commentsTrees and recursion
Build a simple job queueFIFO queues and background work
Detect duplicate recordsSets and uniqueness

You are ready to move on when:

  • You can spot a suspicious nested loop.
  • You can explain why direct lookup is faster than repeated scanning.
  • You can choose between array, hash map, queue, tree, and graph for common app problems.
  • You can estimate whether a piece of code is roughly O(1), O(log n), O(n), or O(n²).

Stage 2: Web app foundations

Most builders need this before advanced algorithms.

Learn:

  • HTTP methods, status codes, headers, request bodies, response bodies.
  • REST basics and when GraphQL or RPC may help.
  • JSON and basic serialization.
  • SQL vs NoSQL.
  • Tables, documents, indexes, migrations, and query shape.
  • Authentication and authorization.
  • Sessions, JWTs, OAuth, roles, permissions.
  • Secrets and environment variables.

The practical question is:

Can I draw what happens from browser click to database write and back?

Builder exercises:

ExerciseWhat it teaches
Draw one browser → API → server → database flowRequest lifecycle
Add login and logoutSessions, cookies, auth state
Add role-based access to an admin pageAuthorization and permissions
Add a database migrationSchema change discipline
Add an index and compare query speedDatabase performance

You are ready to move on when:

  • You can draw a request flow without guessing.
  • You know where secrets belong and where they do not belong.
  • You can explain the difference between authentication and authorization.
  • You can identify the main tables or documents your app owns.
  • You can name the risky endpoints in your app.

Stage 3: Safe engineering workflow

This is the stage that lets you work with other people, or with future-you.

Learn:

  • Git branches, commits, pull requests, merges, and reverts.
  • Code review as a risk-control system.
  • Unit, integration, and end-to-end tests.
  • Mocking and test data.
  • CI/CD basics.
  • Rollback thinking.
  • Technical debt tracking.
  • Basic code organization: modules, layers, boundaries, MVC-style separation.

The practical question is:

Can I change this app without making the next change harder or riskier?

Builder exercises:

ExerciseWhat it teaches
Use branch → PR → review → merge, even soloChange control
Add tests around login, payment, deletion, or permissionsRisk-based testing
Add a CI check that runs tests before mergeAutomated safety
Write a short PR description with risks and rollback planReview discipline
Refactor one messy file into smaller modulesCode organization

You are ready to move on when:

  • Your project can be changed through small branches.
  • Risky flows have tests.
  • You know how to revert or roll back a bad change.
  • You keep a debt list instead of relying on memory.
  • You can ask AI for a PR review instead of only asking it to generate code.

Stage 4: Production readiness

A demo only has to work once.

A production app has to keep working when users, data, cost, and failures grow.

Learn:

  • Deployment basics: build, environment variables, domains, logs, rollbacks.
  • Containers, serverless, and managed services at a practical level.
  • Caching, background jobs, queues, retries, idempotency.
  • Logging, metrics, tracing, alerts.
  • Performance profiling and measurement.
  • Slow query logs and query plans.
  • Rate limits and API quotas.
  • Security basics: OWASP Top 10, input validation, XSS, CSRF, SQL injection, dependency risk.
  • AI-specific production risks: token cost, model latency, rate limits, retries, prompt injection, data leakage.

The practical question is:

What will break first if this app gets 10x more users, 10x more data, or 10x more AI calls?

Builder exercises:

ExerciseWhat it teaches
Add structured logging around one risky requestDebuggability
Track p95 latency for one endpointPerformance measurement
Move a slow AI/file/email task into a background jobQueues and timeouts
Add retry with idempotency to a webhook processorFailure handling
Add token/cost tracking around AI callsAI production economics
Add alerts for error rate, latency, job failure, and cost spikesOperational guardrails

You are ready to move on when:

  • You can tell whether the app is healthy without clicking around manually.
  • You know which endpoint, job, or AI call is most likely to fail.
  • You have basic logs, metrics, and alerts.
  • You can deploy and roll back deliberately.
  • You have automated checks for the most predictable production failures.

Stage 5: Deeper computer science

This is where the map gets wide.

Do not study all of it at once. Pick the topic when your project creates the need.

Operating systems

Processes, threads, memory, file systems, I/O, CPU scheduling. Study this when debugging performance, crashes, memory, or local runtime behavior.

Networking beyond HTTP

TCP/IP, DNS, TLS, WebSockets, webhooks, proxies. Study this when requests fail, realtime features matter, or infrastructure gets confusing.

Concurrency and async

Event loops, promises, threads, locks, race conditions, parallelism. Study this when tasks overlap or timing bugs appear.

Database internals

Transactions, ACID, indexes, query planners, replication, sharding. Study this when data integrity or query performance becomes a real constraint.

Security

Threat modeling, OWASP, auth boundaries, input validation, secrets, dependency risk. Study this before handling sensitive user data.

Distributed systems

Consistency, availability, consensus, retries, partitions, queues. Study this when one service or one database is no longer enough.

The 30-day starter plan

Use the first month to build working instincts.

DaysFocusExerciseDeliverable
1–3Hash maps and arraysRewrite one feature to use direct lookup instead of repeated scanningBefore/after note explaining the lookup
4–6Big OMark the expensive parts of your app with rough complexity notesA short list of O(1), O(n), and possible O(n²) spots
7–10HTTP and APIsDraw one request flow from browser to database and backA request-flow diagram
11–14Database basicsIdentify tables/documents, owners, permissions, and indexesA small data model map
15–18Git flowUse branch → PR → review → merge, even if reviewing yourselfOne clean merged PR
19–21TestsAdd tests around login, payment, permissions, or deletionA risk-based test
22–25System designDecide whether cache, queue, or background job is neededA tradeoff note, not necessarily new infrastructure
26–30Review and debtWrite a technical debt list and repay one itemA debt list with one closed item

The 90-day builder roadmap

Use the next two months to make the app safer, clearer, and more production-ready.

DaysFocusWhat to learnDeliverable
31–45Auth and securitySessions, JWT, OAuth, roles, OWASP basics, validation, secretsAuth flow diagram and permission checklist
46–60Async and background workEvent loop, promises, queues, retries, idempotency, webhooksOne background job or webhook processor
61–75Database depthMigrations, transactions, indexes, query plans, connection poolingOne measured query improvement
76–90Production guardrailsLogs, metrics, tracing, alerts, CI gates, cost trackingA minimal production dashboard and pre-deploy checklist

By day 90, you should have shipped one real project with:

  • Auth and permissions.
  • Persistent data.
  • At least one tested risky flow.
  • A deliberate deployment path.
  • Basic logging or monitoring.
  • A debt list.
  • One production guardrail.

The 6-month roadmap

This is the practical depth path.

MonthGoalFocus
1Build foundationsData structures, Big O, HTTP, database basics, Git, tests
2Ship a real appAuth, permissions, migrations, deployment, rollback
3Make it observableLogs, metrics, tracing, alerts, slow query analysis, AI cost tracking
4Improve architectureModules, layers, API boundaries, background jobs, caching, queues
5Measure and scaleProfiling, load testing, pagination, rate limits, indexes, performance budgets
6SpecializeAI systems, backend, frontend architecture, infra/devops, security, or data systems

The point is not to finish computer science in six months. The point is to build a mental index: when something breaks, you know where to look.

Project ladder

Projects make the roadmap stick.

LevelProjectConcepts forced into practice
BeginnerTodo app with persistenceCRUD, database records, simple state
BeginnerURL shortenerHash maps, lookup, routing, redirects
BeginnerBlog or notes appData modeling, markdown/content, auth optional
IntermediateAuthenticated dashboardSessions, permissions, API boundaries
IntermediatePaginated admin tableQuery limits, indexes, API response shape
IntermediateWebhook processorQueues, retries, idempotency, logs
AdvancedChat or realtime collaboration appWebSockets, concurrency, presence, ordering
AdvancedRAG knowledge baseEmbeddings, vector search, chunking, ranking, cost
AdvancedMonitored AI appBackground jobs, tracing, token budgets, alerts, rollback

Pick one project. Keep improving the same project across stages. Starting a new tutorial every week usually teaches less than pushing one app through more realistic constraints.

When to go deeper

Use pain as the trigger.

If the pain is...Study this
The app gets slow as data growsBig O, database indexes, pagination, profiling
List screens freeze or responses get hugeAPI design, pagination, caching, frontend rendering
Login and permissions feel riskyAuth, authorization, sessions, security basics
Users wait on long AI or file workQueues, background jobs, retries, idempotency
Bugs come back after every changeTests, code review, modular design, CI
Production failures are hard to diagnoseLogs, metrics, tracing, alerts
AI bills grow unexpectedlyToken accounting, caching, rate limits, model selection
One server or one database is not enoughScaling, replication, queues, distributed systems

What to skip for now

A roadmap is useful because it protects your attention.

Skip these until you have the matching problem:

  • Kubernetes before you have deployment or scaling pain.
  • Microservices before you have team or domain complexity.
  • Advanced graph algorithms before you have graph problems.
  • Distributed consensus before you run distributed systems.
  • Compiler internals before language/runtime behavior matters.
  • Hand-rolled cryptography or authentication instead of trusted libraries.
  • Performance optimization before measurement.
  • Endless tutorials before one project has users or real usage.

Learning tactics with AI

AI can accelerate the roadmap if you ask it to explain the concept, not just produce code.

When code is confusing

"Explain the CS concept behind this code with a simple analogy, one production risk, and one small exercise."

When code is slow

"Estimate Big O and identify the first bottleneck at 10x, 100x, and 1000x data. Suggest the smallest measurable improvement."

When architecture feels messy

"Draw the request flow and name the client, API, server, DB, cache, queue, worker, and external services."

When shipping feels risky

"Review this as a pull request. Prioritize security, data loss, permissions, observability, and rollback risk."

Use this loop:

  1. Build until something hurts.
  2. Name the pain.
  3. Place it on the map.
  4. Learn the smallest concept that explains it.
  5. Apply it immediately.
  6. Measure or review the result.
  7. Write the lesson in your own words.

That loop is slower than binge-watching tutorials, but it compounds.

Frequently asked questions

How long does it take to learn computer science for building?

You do not need to learn everything. Most builders can cover the practical foundations in 30 to 90 days of focused, project-driven study.

What should I learn first?

Start with data structures and algorithms that match the pain you already feel in your project, then move to system design and process as your app gets users.

Do I need to learn advanced algorithms?

Not until you have a real problem that needs them. Most production apps are limited by data structure choice, API design, and database queries long before advanced algorithms matter.

How do I avoid tutorial overload?

Stop watching tutorials that are not connected to a project you are building. Learn the smallest concept that removes your current blocker, apply it, then return for the next concept.

Should I learn a framework or computer science first?

Learn them together. Build with a framework, and when you hit a performance, structure, or process problem, learn the computer science concept that explains it.

Minimum viable computer science checklist

If you build with AI coding tools, keep this checklist nearby.

  • I can explain arrays, hash maps, queues, trees, and graphs with examples.
  • I can spot a suspicious nested loop.
  • I can explain why direct lookup is faster than repeated scanning.
  • I can draw a browser → API → server → database request.
  • I know the difference between authentication and authorization.
  • I know where secrets belong.
  • I know when a background job or queue is needed.
  • I use Git branches and commits intentionally.
  • I know what kind of test belongs around risky logic.
  • I can deploy and roll back deliberately.
  • I can find basic logs, metrics, and errors after deployment.
  • I track technical debt instead of relying on memory.
  • I ask AI to explain the concept, risk, and tradeoff, not just produce code.

The takeaway

You do not need to finish computer science. You need a loop.

Build until something hurts. Name the pain. Place it on the map. Learn the smallest useful concept. Apply it. Measure it. Write it down. Repeat.

About the Author

Jaehee Song

Jaehee Song

Enterprise data platform architect with 20+ years of experience building data systems for Fortune 500 companies. AI development educator who has taught vibe coding and AI development to hundreds of students. Founder of Seattle Partners, helping Korean technology startups navigate the US market.

Author of the AI Development Guide