That was a late night and I was thinking of posting some new tech news that could be added to ROI+ initiative started in Accubits. That’s when I came to know about Deno.
If you want to know if its really worth looking into Deno compare Github stars 44.7k (even at this early stage at the time of writing this blog) to Node.JS which got 67.8k stars after all this years being used into real world application development.
Github stars usually represent how much interest the community shows in a project and eagerness to contribute to it.
I have referred to this blog to understand what Deno offers for someone who sees NodeJs fs security flaws and centralized npm repository as an issue.
Ryan Dahl, who created Node.Js has shown his concern about not focusing more on how modules, security, and dependency systems got implemented. And he believes that Deno will solve those issues.
Overview
While the Node.Js was written in C++ Deno is written in Rust language runs on Google V8 engine and supports Typescript out of the box along with Javascript. So no hassles over configuring lint and build tools in your project.
Decentralized Modules
The big issue for me with deploying Node.JS application on a machine is that it requires at least 100mb data download for a basic project and either the server runs out of storage or when I build docker images I run out of bandwidth or data itself.
Let’s look at common issues expressed as Memes on the internet on npm.
With Deno, you get to use packages or modules from the internet or local file system by simply mentioning the download URL in your import statement. But if you think it is not feasible for you to do it all over again in every module in your project don’t stop there you have — importmap which is basically symlinking the URLs with package name which we are familiar with (npm).
Like newer npm versions Deno also does cache so if your internet connection drops you still get the modules imported in your project. The cache location is also configurable with a change $DENO_DIR environment variable.
importsmap.json
{
"imports": {
"http/": "https://deno.land/std/http/"
}
}denocode.ts
## Importsmap
import { serve } from "http/server.ts";## URL referencing
export { test, assertEquals } from "https://deno.land/std/testing/mod.ts";## Local or downloaded module
import { test, assertEquals } from './local-test-utils.ts';
When your packages are decentralized you get to choose where you want to host your packages and version control is the choice of each individual. Sometimes I felt npm is forcing me to change the version number or npm is not publishing my package update immediately or npm is not able to show actual stats of my package downloads.
How is the Security?
Yes, security. Working in Accubits I get to see how my white hat hacker friend can access all the server files by injecting values into the HTTP requests.
Deno runs the code in sandbox mode, unlike Node. For writing a file to disk it has to ask permission to access during execution of each statement getting file system access.
While Node has fs package to access file system without requiring any additional permission. You can also give access to file systems by default by passing some parameters while running the code.
## Allow file system write access
--allow-write## Allow network access
--allow-net## Allowing access to environmental variables
--allow-env## Starting additional processes
--allow-run
So should I learn and start replacing Node.Js code with Deno. The answer is no from my side as well the creators as Deno is still in the early stages and until a stable version gets released to use (expected in this summer 2020) let us learn about it and create the best folder structure for Deno projects as I have worked in many Node.Js projects over the past few years and unlike Java or Angular the Node.Js projects never had a standard structure.
This is my first technical blog so I hope to get comments that can shape future blogs.
