Deno is 4 years old now and is slowly maturing. Among other things, the Node alternative has become known for the really good security principles. Deno is running in a kind of sandbox, just like the browser sandbox. Many developers really like the idea. But how mature is Deno really? Is the effort of changing your runtime worth it if you are already familiar with Node? What’s still missing from the young competitor? Architecture expert Sebastian Springer answers these questions:
What is the most important security feature of Deno?
“The fact that you can manage access permissions to system resources. However, this should be taken with a grain of salt. I can a) leave it out and Deno asks me. Or b) make it explicit via options. Or c) turn off security with an option. If an application needs too many permissions and asks for them, one is quickly tempted to just choose option c).”
What do you have to get used to when you switch from Node to Deno?
“Deno does away with many of Node’s weaknesses and, for example, relies on the ECMAScript module system, supports modern JavaScript and TypeScript out of the box. Unusual is the absence of a package manager, which is reflected in the omission of package.json, package-lock.json and the node_modules directory. For Node developers, this removes familiar structures and perhaps a bit of stability, as the packages now come directly from the Internet.”
Does it make sense to change from Node to Deno in existing projects?
“Personally, I continue to rely on Node in the large projects, the platform is stable, established and has a huge ecosystem to utilize. For small and medium projects, completed services or prototypes, Deno is definitely a very good solution. Even though Deno is already 4 years old, very important developments have taken place only in the last months and years. Like, for example, the collaboration with Node and the community.”
“I know that I need Deno when”
“…I implement small and modern applications, attach importance to additional security in the form of a sandbox. Concrete projects are also a great opportunity to learn the Deno way of doing things.”
What do you miss in Deno?
“What I miss with Deno is the stability of Node. There’s a lot happening under the hood right now, the community is growing and evolving. That’s excellent for me as a developer, I want to try new things. For my big project, sometimes I don’t want that flexibility and modernity.
Deno is evolving in a very interesting direction and getting closer and closer to Node. My hope is that many of these modern concepts will find their way into Node and both platforms will peacefully coexist and challenge each other and make sure that new features find their way into the server-side JavaScript world.”
About the author
Sebastian Springer is a JavaScript developer at MaibornWolff, focussing on the architecture of client- and server-side JavaScript. He is also regularly speaking about JavaScript at national and international conferences and events. MaibornWolff is hiring! If you want to work with Sebastian, this job might be interesting to you: Web Developer (m/f/d) Javascript / Typescript