|Deno 1.36 Improves Security|
|Written by Kay Ewbank|
|Thursday, 07 September 2023|
Deno uses V8 and is built in Rust. It is described as secure by default as it has no file, network, or environment access, unless explicitly enabled. Deno was created by the same developer who created node.js - Ryan Dahl - and its name is a rearrangement of the letters in node.
The new release has added to the existing --allow-- flags with --deny-- flags. This means developers can now configure both allow and deny lists for network communication, file system access, and other potentially sensitive APIs.
Testing has also received attention, with the addition of an option that can be used to transform Deno test output to a Junit XML file. The JUnit XML format can be consumed natively by many services like GitLab, CircleCI, Jenkins or BuildPulse.
There's also a new
Node.js and npm support improvements mean you can now run npm package scripts that aren't configured as binaries, and can use all the node:os APIs with Deno's latest polyfill, as well as being able to call native code add-ons with process.dlopen.
A number of "Quality of life improvements" have also been carried out including better error messages, language server improvements, and more forgiving WebSocket APIs.
The language server has been improved with the aim of making using Deno with an editor that supports an LSP (like Visual Studio Code) "significantly more pleasant", according to the developers. The changes supporting this include better diagnostics when the Deno namespace is missing; more reliable auto-discovery of deno.json; and better handling of the exclude setting by the LSP.
Deno 1.36 is available now.
or email your comment to: email@example.com