DenoDeno运行时构建

When to Use

User needs Deno expertise — secure TypeScript runtime with permissions model. Agent handles permission configuration, dependency management via URLs/npm, and migration from Node.js.

Quick Reference

Permission Traps

• - --allow-all in development — then production crashes because you don't know what permissions you actually need
• INLINECODE4 without path — grants access to entire filesystem, security hole
• INLINECODE5 without list — subprocess can run anything, specify: INLINECODE6
• INLINECODE7 without list — leaks all env vars, specify: INLINECODE8
• INLINECODE9 without list — can connect anywhere, specify hosts: INLINECODE10
• Missing permission in CI — hangs waiting for prompt that never comes, add INLINECODE11

Import Traps

• - Remote URLs in production — network failure = app won't start, vendor dependencies locally
• No lockfile by default — deps can change between runs, always use INLINECODE12
• INLINECODE13 semver syntax doesn't exist — use exact URLs or import maps
• Import maps in wrong place — must be in deno.json, not separate file (Deno 2.x)
• HTTPS required — HTTP imports blocked by default, most CDNs work but self-hosted may not
• URL typo — no error until runtime when import fails

TypeScript Traps

• - .ts extension required in imports — model generates extensionless imports that fail
• INLINECODE16 paths ignored — Deno uses import maps in deno.json, not tsconfig
• Type-only imports — must use import type or bundler may fail
• Decorators — experimental, different from tsc behavior
• INLINECODE19 — handled differently than tsc, may be ignored

Deployment Traps

• - deno compile includes runtime — binary is 50MB+ minimum
• INLINECODE21 requires prior cache — fresh server needs deno cache first
• Deno Deploy limitations — no filesystem, no subprocess, no FFI
• Environment variables — different API: Deno.env.get("VAR") not INLINECODE24
• Signals — Deno.addSignalListener not INLINECODE26

Testing Traps

• - Deno.test different from Jest — no describe, different assertions
• Async test without await — test passes before promise resolves
• Resource leaks — tests fail if you don't close files/connections
• Permissions in tests — test may need different permissions than main code
• Snapshot testing — format differs from Jest snapshots

npm Compatibility Traps

• - npm: specifier — works for most packages but native addons fail
• INLINECODE30 specifier required — import fs from 'fs' fails, need INLINECODE32
• INLINECODE33 optional — enable with "nodeModulesDir": true in deno.json
• INLINECODE35 scripts — not automatically supported, use deno.json tasks
• Peer dependencies — handled differently, may get wrong versions

Runtime Differences

• - Deno.readTextFile vs fs.readFile — different API, different error types
• INLINECODE38 is global — no import needed, unlike Node 18-
• Top-level await — works everywhere, no wrapper needed
• Permissions at runtime — can request dynamically but user must approve