State of the Web: Deno

Deno is a modern JavaScript runtime, a competitor to Node.js, with plans to introduce features such as secure I/O and native TypeScript support. Deno is built using the Rust language by Ryan Dahl, the creator of Node.js.

background

In the report “

10 things i regret about Node

Ryan Dahl talks about many of the issues with Node. One of the issues raised is Node’s inability to use web standards, security, the way it compiles its own GYP and NPM modules. Then Deno was announced. Deno was a new project that addressed many of the issues Ryan had raised, and offered additional benefits like the TypeScript support mentioned. Initially, Deno was designed in the Go language, but later the choice was made on Rust.

Since Deno was first announced, the project has made significant progress. In August 2020, version 1.0 was released and some companies like Slack adopted it. Also, Deno released his own edge serverless platform Deno Deploy.

Why Deno is important

Safety

V8 is a JavaScript engine that isolates code in a sandbox, preventing actions from outside of it. However, Node.js provides access to things like the network and file system inside the sandbox, which takes away the security of V8. Even in the case of trusted programs, this approach is undesirable, since unsafe code or malicious dependencies can cause significant damage or steal data.

Deno solves security problems with the system permissions. Such a system allows you to specifically and precisely define what a program can do outside the sandbox, such as accessing the file system and environment variables. If you want to allow reading files in the local directory, then you can start Deno with the following command:

deno run –allow-read=./assets

By ensuring that your code does not go outside the designated environment, overall security is improved.

Standardized APIs

Since Node.js and web frameworks have evolved in parallel, they have many differences. There are many examples of this, for example, the system of modules and HTTP requests.

ECMAScript and CommonJS

When Node.JS came along, JavaScript could only use other models by inlining them in tags script and using them from the global window scope. Since HTML and window were not available on the server, Node.js needed a modular format. Therefore, Node.js adopted the concept of the popular and simple CommonJS. However, CommonJS was not supported by browsers (for this you need to use a library like Browserify) and there were differences between CommonJS implementations.

Years later, in 2016, the ECMAScript Modules (ESM) specification was finalized in ES6. This specification could run in the browser without any libraries. On top of that, many issues related to CommonJS were addressed, such as asynchronous module loading and tree shaking. However, it took some time for Node.js to implement support for ESM, and even after that, the adoption rate of ESM in Node.js was not very high, since most NPM packages still only include CommonJS versions. Also, Node.js does not have a fully standards-compliant ESM implementation.

In contrast to Node.js, Deno only works with a standardized ESM. This greatly simplifies the use of Deno for both users and library developers. From experience, using a single module format is much easier than ESM and CommonJS. Compliance with Deno standards simplifies the work, because you know for sure that your module code works correctly in the browser.

HTTP fetching

Sending HTTP requests is another problem area that Deno solves. Node.js allows you to make HTTP requests using the http and https standard library functions. However, the modern practice of making HTTP requests is based on the fetch() API function, which is standardized and simpler than http. Node.js does not support fetch(), so to use it, you have to refer to packages such as node fetch or cross fetch. This is problematic, since it requires another dependency that is not available without import. Deno supports the fetch() API by default.

Decentralized module hosting

Just because it’s decentralized doesn’t mean it uses the blockchain (

although there is a blockchain-enabled Deno package hosting service

). Instead, Deno’s decentralized module hosting allows modules to be requested from a URL rather than from a centralized database like NPM. This approach provides more freedom when hosting modules. Deno does offer the service of placing modules on

deno.land/x

, but that doesn’t limit you. You can link to any ESM CDN or whatever serves up the JavaScript file. Many people worry about changing code remotely because it’s not necessarily controlled, but most Deno module hosting services are immutable. In addition, Deno caches files, so it can only change if you update the cache.

Native TypeScript support

Deno allows you to directly run TypeScript files without the involvement of a compiler. Deno optimizes this process by caching the resulting JavaScript and using

SWC

is a fast Rust-based compiler when type checking is not required. Built-in TypeScript support improves efficiency because you don’t have to set up a build step if you’re building your app with TypeScript. There are ways to automatically compile in Node.js, for example with

ts-node

, but they are not as functional and are not installed by default.

The State of Deno

Ecosystem

This is currently Deno’s biggest problem and, at the same time, the main reason why Node.js developers are not moving to Deno. On the

deno.land/x

3501 modules are hosted, and NPM has 1.3 million. However, many people use other hosting services (see “Decentralized Module Hosting”) and most modern webpacks should run on Deno. The biggest issues for Node.js compatibility are CommonJS and the Node API. Deno provides

Compatibility Mode

with Node.js, but it’s experimental.

Deployment

Deno can be deployed quite widely, although not as widely as Node.js

Containers and virtual machines

Deno supports various container services, and deno.land provides docker when needed. However, while most popular services support Deno, this support is often unofficial and not always permanent. Here is a list of tools and resources for running Deno in containerized services:

Serverless computing

This is where Deno shines best. Deno’s main selling point is Deno Deploy, a serverless edge module. It is conceptually similar to Cloudflare Workers as it uses V8 isolation for ultra-fast startup. The advantage of Deno Deploy is that it includes the Deno API and other features that make Deno so useful. However, Deno Deploy is in beta testing. Here is a list of tools to run Deno with serverless compute providers:

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *