I absolutely love Ryan Dahl. Such a visionary and cool dude. First he dragged the world kicking and screaming into multi-threaded servers, and now he's gonna do it again with security. The NPM import system is so cool.
KV is going to be huge. Calling it If the first half was about eating Node’s lunch the second is about eating Cloudflare Worker’s 2nd mover energy is real
KV is interesting, but will people be able to e.g. use a postgres, redis, mongo or whatever backend for it later? Nothing against deno deploy, but i dont want vendor locking on a runtime level. If it is only really useful for deno deploy (in practice, for a large scale app) i dont think i will be using this feature and would prefer it being a 3rd party library rather than a core API
Had a school project last semester where I convinced my group to use Fresh and Deno Deploy (we were meant to test out new technology). We used SurrealDB as our database and it worked brilliantly on Deno Deploy.
This 100%. KV should be treated as an abstraction for built in persistent data storage with sane defaults, rather than a vendor lock-in service which only works with Deno Deploy at scale.
better docs. That’s all i’m saying. It keeps saying node isn’t this or that but you have to really present some docs where I’m like wow 🤩 I like the idea of deno. I’m not a programming expert at work. Like most people I know. So i need some more hand holding if I would ever adopt deno. Side note qwik came out last year (frontend framework) and even their docs are better than deno’s. Node doesn’t need docs. Just type node with whatever and boom there. No problem. I’m just telling the truth. It’s the same with solidjs. Great framework apparently but instead of giving me these lower level explanations just show me how to start from A to get to B, C etc… The one page example isn’t working for me. Even angular has you build an app though it’s a frontend app to get the usage of it across. This idea of, here’s the base of what you can do and figure the rest stuff is getting old. If it’s so much better show me. All these benchmarks mean nothing if I don’t know how to use it. I’ll just keep using Java 😂. the best default with tons of boilerplate but examples galore 😂 . I’m a horrible programmer by the way 😊Rant over
@@sofianikiforova7790 I’m just getting tired 🥱 of the whole we are better then this or that. Show me. Make a million deno small projects on youtube. Link them in the docs. Not just github links. Give me a basic app, then a medium app and maybe a edge case app for the really advanced, so like that i can say, “you know I had this same issue at work with node and this implementation is much more straight forward” or “We did this in node with typescript at work but this deno implementation is amazing!”. I can’t walk in there with a one page example telling them oh let’s stop what we are doing cause deno is here and from now on that’s what we are using 😂. That would be my last scrum meeting ever hahaha. I am not hating because I like the things I have seen but when you get up there and give me this deeply technical low level talk that means nothing in a meeting at work where half the people won’t understand what the hell Im saying anyway. I’ve already been fired from a job (which sucked) where I couldn’t for the life of me speak in a more metaphorical way and got canned.
I really don't see the feasibility of the new security model if it is evaluated at runtime... Having a deployed application suddenly break because an edge case caused a dependency to request access to an environment variable sounds like a nightmare. I would imagine a lot of devs would opt to run apps with --allow-all to avoid such unforseen scenarios. A better approach (not sure if this is scalable) would be to analyze dependencies before runtime to determine the set of permissions they might request, and then declare these before the dependency is ever hooked up to the project. You would then be able to know exactly what is required by a dependency when installing it. This also begs the question... why even provide the option to deny a permission request? In which case would a dev want to rely on a dependency only to intentionally sabotage it to fail at runtime? Is the expectation that dependencies should gracefully handle being denied a permission? That might work for packages going forward, but certainly won't hold for existing npm packages.
The power of js is the avility to create Objects as easy as possible. JSON is the real power os js. For me every languaje that shoose this as a standard for objects is going to be successfull.
I don't understand this secure by default thing. Looks like it's not possible to manage permissions at the dependency level. One of your dependencies asked for some permission, cool you grant it, then everyone gets that permission. Isn't it just .. useless at that point?
@@neoesm that means if I want to give only a certain dependency permission, I will have to split it onto another process and use some sort of interprocess communication right?
Yea this security thing feels useless, unless if you are one of the very few devs that work in a very sensitive area. It should only be active if configured this way. Many (or most) people not only don't care at all about this micro security that actually feels weak but also feel annoyed by it. They talk about that so much since Deno beginning but feels like a waste of resource and marketing.
you can specify what is allowed --allow-net=domain1,domain2,domain3 --allow-env=env1,env2 --allow-read=path_to_file1,path_to_file2,path_to_directory1 etc
Built in security model. ESM. URL imports, Web standards. Native TypeScript support. Robust toolchain including testing, linting. Compile your script to a single binary executable. A vetted std lib. And more :)
Isn't that just how JavaScript works? Even if the runtime is created in Rust, JavaScript I believe is a single-threaded language? But from my very limited understanding of it, I think you can use Deno's implementation of Web Workers to achieve multi-threading.
Easier accessobility for newer developers usually means less accessibility for intermediate developers. I *want* to know what's going on under the hood and I *want* to be able to tune and adjust how the things work.
For me deno is for simple thing, if you really want to adjust thing you should pick a low level language like rust to maximize performance or make binding to deno code
I haven’t listened to any of his other talks but he sounds super nervous, lots of stuttering, lots of checking notes. Almost felt like he was presenting while being held at gunpoint.
I wish game developers would adopt the same attitude rather than over develop how a game looks when the game itself takes a log time to load. It seems to me that the game software isn't using the full capability of the hardware available.
If there ever was an industry that completely dropped the ball on performance I would say that the web development one would be a great candidate. A few steps in the right direction (by adding more complication, not simplifying things, really) is not enough to make up for the immense waste that most people in the web dev industry are causing daily. I like Deno, but to say that this type of thinking is even remotely close in effort to what game devs have been doing for decades to make things run fast is either incredibly naïve/ignorant or disingenuous.
@@raglandasir6885 yes, but deno was basically fixing at lot of the issues with js and making it usable bc ts was supported out the box with stupid transportation
@@1998goodboy I don’t think you know what you are saying. You are just putting words together. A language and a runtime are not the same thing. A runtime does not fix a language.