Skip to content

re: Explain Deno Like I'm Five VIEW POST


Ryan Dahl (the creator of Node.js) did a talk about thing he regrets about Node.js. The post and comment below summarize the talk.

Deno was created to help address those issues. Since Ryan Dahl is a proven creator and the issues it is trying to address are things that have caused problems in the Node ecosystem, it has organic word-of-mouth around it as a real successor to Node.js.

The goal of Node was event driven HTTP servers.

1 Regret: Not sticking with Promises.
* I added promises to Node in June 2009 but foolishly removed them in February 2010.
* Promises are the necessary abstraction for async/await.
* It's possible unified usage of promises in Node would have sped the delivery of the eventual standartization and async/await.
* Today Node's many async APIs are aging baldly due to this.

2 Regret: Security
* V8 by itself is a very good security sandbox
* Had I put more thought into how that could be maintained for certain applications, Node could have had some nice security guarantees not available in any other language.
* Example: Your linter shouldn't get complete access to your computer and network.

3 Regret: The Build System (GYP)
* Build systems are very difficult and very important.
* V8 (via Chrome) started using GYP and I switched Node over in tow.
* Later Chrome dropped GYP for GN. Leaving Node the sole GYP user.
* GYP is not an ugly internal interface either - it is exposed to anyone who's trying to bind to V8.
* It's an awful experience for users. It's this non-JSON, Python adaptation of JSON.
* The continued usage of GYP is the probably largest failure of Node core.
* Instead of guiding users to write C++ bindings to V8, I should have provided a core foreign function interface (FFI)
* Many people, early on, suggested moving to an FFI (namely Cantrill) and regrettably I ignored them.
* (And I am extremely displeased that libuv adopted autotools.)

4 Regret: package.json
* Isaac, in NPM, invented package.json (for the most part)
* But I sanctioned it by allowing Nod's require() to inspect package.json files for "main"
* Ultimately I included NPM in the Node distribution, which much made it the defacto standard.
* It's unfortunate that there is centralized (privately controlled even) repository for modules.
* Allowing package.json gave rise to the concept of a "module" as a directory of files.
* This is no a stictly necessary abstraction - and one that doesn't exist on the web.
* package.json now includes all sorts of unnecessary information. License? Repository? Description? It's boilerplate noise.
* If only relative files and URLs were used when importing, the path defines the version. There is no need to list dependencies.

5 Regret: node_modules
* It massively complicates the module resolution algorithm.
* vendored-by-default has good intentios, but in practice just using $NODE_PATH wouldn't have precluded that.
* Deviates greatly from browser semantics
* It's my fault and I'm very sorry.
* Unfortunately it's impossible to undo now.

6 Regret: require("module") without the extension ".js"
* Needlessly less explicit.
* Not how browser javascript works. You cannot omit the ".js" in a script tag src attribute.
* The module loader has to query the file system at multiple locations trying to guess what the user intended.

7 Regret: index.js
* I thought it was cute, because there was index.html
* It needlessly complicated the module loading system.
* It became especially unnecessary after require supported package.json

15:28 Talks about Deno.

code of conduct - report abuse