← All repositories

denolanddeno

0
GitHub
106,258 stars5,902 forksRustmit1 view
deno.com

Deno

Deno is a high-performance runtime for JavaScript and TypeScript that prioritizes security and developer productivity. Built on the V8 engine, it provides a secure execution environment that enforces a default-deny security model, requiring explicit user authorization for access to system resources like the file system, network, and environment variables. The runtime natively supports modern web-standard APIs, ensuring consistent behavior and portability across different environments.

What distinguishes Deno is its integrated approach to the software development lifecycle. It bundles essential utilities—including a formatter, linter, test runner, and dependency manager—directly into the runtime, eliminating the need for external build tools or complex transpilation steps. The platform features a universal module resolution system that supports remote HTTPS URLs, local paths, and standard package registries, all backed by lockfiles to ensure build determinism and supply chain security.

Beyond its core runtime capabilities, Deno includes a built-in, persistent key-value database engine that supports atomic transactions and reactive data monitoring. It also provides a robust compatibility layer for the Node.js ecosystem, allowing for the seamless execution of legacy modules and native binary addons. For multi-tenant or distributed applications, the runtime offers isolated sandbox environments that manage resource constraints and security boundaries, facilitating secure code execution in shared infrastructure.

The project is distributed as a single binary, providing a unified toolchain for managing dependencies, executing tasks, and configuring runtime security policies.

Features

  • JavaScript and TypeScript RuntimesRun modern server-side code by leveraging a high-performance engine that interprets and executes scripts directly without requiring complex build steps or external transpilation.
  • JavaScript Runtimes"Leverages a high-performance engine to execute JavaScript and TypeScript directly, providing native support for modern web-standard APIs."
  • Secure JavaScript RuntimesA high-performance execution environment for JavaScript and TypeScript that enforces granular, permission-based security for all system-level operations.
  • Web-Standard RuntimesA runtime environment that prioritizes browser-compatible APIs and native support for modern web protocols to ensure maximum code portability.
  • TypeScript ExecutionExecute type-safe code directly by automatically transforming and checking syntax at runtime, eliminating the need for manual build steps or separate compilation processes.
  • Secure Server-Side RuntimesBuilding high-performance web services with a default-deny security model that restricts access to system resources and sensitive environment data.
  • Remote Module Loaders"Resolves dependencies via remote HTTPS URLs or local paths, enabling a decentralized and version-controlled module loading system."
  • Standard Library Compatibility ShimsDeno imports standard runtime utilities by prefixing module names with specific specifiers to ensure seamless compatibility when migrating existing codebases.
  • Universal Module ResolversA flexible dependency management layer that natively supports remote URLs, local file paths, and legacy package registry ecosystems.
  • TypeScript Compiler ConfigurationsDeno enables configuration of compiler settings to align build behavior with project requirements, coding standards, and environment constraints for consistent type checking.
  • Native Addon LoadersDeno runs native binary addons by providing access to local dependency directories and granting explicit foreign function interface permissions to bridge compiled code with the runtime.
  • Runtime Permission PoliciesDeno defines granular security policies for runtime execution by applying allow, deny, or ignore rules to specific system resources and sensitive operations.
  • Network Access ControlsDeno controls connectivity by explicitly allowing or denying access to specific hostnames, IP addresses, and ports for network requests.
  • Sandbox Workload ExecutionDeno executes code in isolated environments using language-specific SDKs that provide lifecycle management and standard execution patterns.
  • Permission-Based SecurityRestrict access to system resources like file systems, networks, and environment variables by requiring explicit user authorization before executing potentially sensitive operations during runtime.
  • Permission-Based Security ModelsDeno defines security policies by granting or denying access to system resources like the file system, network, and environment variables via command-line flags.
  • Sandbox Security ConfigurationsDeno restricts network access to approved hosts and injects secrets securely into isolated environments to prevent unauthorized data exposure.
  • File System Access ControlsDeno restricts or permits read and write operations on specific files and directories using granular security flags.
  • Isolated Execution SandboxesRunning untrusted scripts or multi-tenant applications within secure, resource-constrained sandboxes to prevent unauthorized host system access.
  • Isolate Execution EnvironmentsRun untrusted code within a secure sandbox that limits access to host resources, preventing unauthorized interactions and ensuring process isolation for multi-tenant applications.
  • Isolated Command ExecutionDeno manages file uploads, spawns processes, and executes shell commands within isolated environments to maintain state and stream output across operations.
  • Sandbox ConfigurationsDeno defines resource constraints, deployment regions, network access policies, and secret redaction rules during the creation of isolated execution environments.
  • Execution Sandboxes"Executes untrusted code within ephemeral, resource-constrained environments to ensure secure process isolation and multi-tenant safety."
  • Supply Chain SecurityDeno ensures build determinism by pinning versions, committing lockfiles, and enforcing frozen dependency checks in automated pipelines to prevent unexpected drift.
  • Environment Access ControlsDeno specifies allowed keys or uses wildcard patterns to prevent unauthorized reading or modification of system configuration variables.
  • TLS/SSL ImplementationsDeno secures HTTP servers by providing TLS certificates and private keys to enable encrypted communication for incoming requests.
  • Foreign Interface AuthorizationsDeno grants explicit permission to load dynamic libraries and native addons, bypassing default security restrictions for foreign code execution.
  • Sandbox Lifecycle ControlsDeno releases resources and invalidates network sessions by immediately stopping sandbox instances before their natural expiration.
  • Sandbox Lifecycle ManagementDeno persists sandbox instances for the duration of script execution and automatically releases resources upon closure to prevent orphaned infrastructure.
  • Integrated Development ToolchainsA comprehensive suite of built-in utilities that provides native formatting, linting, testing, and dependency management within a single binary.
  • Registry IntegrationsDeno imports external packages directly via specifiers to eliminate the need for local dependency directories while maintaining access to the global registry ecosystem.
  • TypeScript ValidatorsDeno validates code for type errors during development using command-line tools that support remote modules, npm packages, and documentation snippets.
  • Integrated Development ToolingStreamline development workflows by bundling essential utilities like formatters, linters, and test runners directly into the environment to maintain code quality without external dependencies.
  • Code FormattersDeno enforces consistent source code formatting by validating style guidelines during continuous integration pipelines to ensure uniform standards across all project contributions.
  • Linting EnginesDeno provides tools to browse available code quality rules and their associated documentation to identify potential issues and enforce consistent programming patterns.
  • Task Execution EnginesDeno executes custom commands using a task runner that supports environment-specific configurations, permission settings, and automated workflows for project maintenance.
  • Workspace ManagementDeno runs testing, linting, formatting, and type checking tasks across all workspace members or specific sub-packages from a single root directory.
  • NPM Script RunnersDeno executes existing project automation tasks by parsing package configurations to trigger build, test, or deployment workflows without requiring external task runner dependencies.
  • Module Resolution SystemsManage project dependencies by fetching and linking remote or local modules through a standardized resolution mechanism that ensures consistent and secure code distribution.
  • Module LoadersDeno loads local modules using file paths with mandatory extensions or remote modules via HTTPS URLs to organize and share code across files.
  • Dependency Resolution ControlsDeno allows mapping bare specifiers to remote URLs or local paths, overriding packages with local versions to facilitate development workflows.
  • Resource ConstraintsDeno controls resource constraints including memory, CPU, storage, and session lifetime to ensure stable and predictable compute performance.
  • Dependency AliasingDeno centralizes and aliases remote dependencies, local paths, or package registries using import maps to simplify import statements and maintain consistent module resolution.
  • Import Map ConfigurationsDeno resolves module specifiers and directory mappings by defining import maps that standardize how dependencies are located and loaded across the codebase.
  • Unified Module ResolversResolving dependencies from remote URLs, local paths, and package registries through a standardized, lockfile-backed system for consistent builds.
  • Legacy Ecosystem CompatibilityExecuting existing Node.js codebases and npm packages seamlessly within a modern runtime by providing native compatibility layers and API support.
  • Node.js Compatibility LayersExecute legacy codebases by providing a compatibility layer that maps standard runtime APIs to existing module resolution patterns and common library expectations.
  • Runtime Compatibility Layers"Maps legacy module formats and built-in APIs to the runtime, allowing seamless integration of existing package ecosystems and binary addons."
  • HTTP ServersDeno processes incoming HTTP requests using handler functions that support standard protocols and return responses to clients.
  • WebSocket ServersDeno upgrades standard HTTP requests to persistent WebSocket connections to enable bidirectional, real-time communication between servers and clients.
  • Fetch-based HandlersDeno defines HTTP server logic by exporting a standard fetch function that processes incoming requests and returns responses for runtime execution.
  • Web-Standard APIsExpose familiar browser-compatible interfaces for networking, storage, and streams to ensure code portability and consistent behavior across different environments and runtime platforms.
  • Key-Value Stores"Provides a built-in, persistent database engine supporting atomic transactions and reactive data monitoring for high-performance state management."
  • Test RunnersDeno runs test suites via command-line interfaces to support file-specific execution, parallel processing, and custom permission configurations for isolated environments.
  • Test Coverage CollectionsDeno measures code coverage metrics directly from the runtime engine to ensure high-accuracy analysis of execution paths and identify untested logic.
  • Test SanitizersDeno enforces runtime safety by automatically detecting leaked I/O resources, unawaited asynchronous operations, and improper process exits to maintain stability throughout test execution.
  • Snapshot Testing UtilitiesDeno validates code output by comparing values against stored reference snapshots to simplify assertions for complex or frequently changing data structures.
  • Test Lifecycle HooksDeno defines setup and teardown logic using lifecycle hooks that execute before or after individual tests or suites to ensure consistent environments.
  • Atomic TransactionsDeno performs multiple data manipulation operations as a single atomic unit, ensuring consistency by conditionally validating values before committing changes to the store.
  • Key-Value DatabasesPersist structured data using a key-value database engine that provides atomic transactions and efficient indexing for high-performance state management within your application logic.
  • Data ObservabilityDeno listens for real-time changes to specific keys and triggers asynchronous logic automatically whenever the underlying data is modified.
  • Subhosting PlatformsHost multiple isolated user applications on shared infrastructure by utilizing a multi-tenant execution model that manages resource allocation and security boundaries for each instance.
  • Distributed Edge Compute PlatformsA multi-tenant infrastructure layer that enables the deployment of isolated, resource-constrained sandbox environments for executing untrusted code.
  • CommonJS CompatibilityDeno executes CommonJS modules by identifying specific file extensions or package configurations to resolve local dependencies and maintain compatibility with legacy module loading patterns.
  • Server Network ConfigurationsDeno defines port numbers and hostnames to control where HTTP servers listen for incoming traffic and manage network connectivity.