Deno: has a basic permission model that is very helpful, written in Rust, and native TypeScript support.
I'm not deep in the webdev / node / Bun ecosystems, I've just been a happy user of Deno for small services for several years. Can someone explain why it sounds like there's such rapid growth of Bun? Is it just being used as a bundler, but not as JS runtime?
Just the permission system alone (though I wish it extended to modules) is so compelling with Deno that I'm perplexed at why someone would transition from node to bun and not node to Deno.
> Can someone explain why it sounds like there's such rapid growth of Bun?
In my case, when I start a little Typescript side project, instead of drowning in the sea of npm/yarn/berry/pnpm/bubble/vite/webpack/rollup/rolldown/rollout/swc/esbuild/teatime/etc I can just use one thing. And yes, only some of those are Pokémon moves and not actual tools from the JS/TS ecosystem.
Deno's goal was to address Node's design weaknesses, while Bun came out with the promise of faster performance. Especially if you're coming from Node or migrating an existing project, it's easier to justify switching to Bun than to Deno.
Since then, all three runtimes have been gradually converging (adopting Web APIs, first class TypeScript support), so there's little reason to move away from Node's vast ecosystem to Deno; most npm packages weren't made with Deno's security model in mind.
Deno's biggest strength is when you want its security model and don't plan on using npm packages, e.g. if you want to let agents write and run quick scripts on your machine without awaiting your permission.
Deno has many of those things now, but my past experience wasn’t good. The first versions of Deno had a lot of friction; Bun however was more or less useful from day 1.
if the numbers look good, I pick it up -- though whether the numbers actually hold in reality is... well something I should check... but won't due to laziness...
I should check actual perf numbers... well next week or month?
Deno and Bun had very different focuses when they launched. Deno was trying to fix a lot of what Ryan (the original creator of Node) thought was wrong with Node. Bun focused on compatibility with Node and the ability to run popular frameworks like Nextjs from the beginning.
A lot of dependencies and frameworks simply did not work with Deno for a long time. In the beginning it didn't even have the ability to install dependencies from npm. (In hindsight with all the npm supply chain attacks Ryan was probably right about all of these things).
So Bun was a better Node with a lot of very nice quality of life features that just worked and it required much less configuration.
I think the Deno team kind of realized they needed to have compatibility with Node to succeed and that has been their focus for the past couple years.
Edit: And Deno is now more compatible with node than bun.
> In hindsight with all the npm supply chain attacks Ryan was probably right about all of these things
"Probably"? Are you saying there's a chance he wasn't right?
I really think Ryan deserves a lot more credit than a "probably". He put in a lot of effort to do the right thing and improve the security of the entire ecosystem he created.
I started a new project with Deno specifically to avoid the NPM mess, and because it was created by Node's creator to fix its shortcomings. I'm new to Web development, but so far the experience has been pretty good.
Nice to see Deno being maintained. The features listed seem pretty substantial.
Same, I'm mostly a back end dev but when I dip my toes into frontend for personal projects Deno just seems like the most sane choice. It's really nice to work with. I'm kind of sad it doesn't seem to have taken off among the JS folks.
I use (and like) both. Bun is a drop-in replacement for node. If you don't want to fuss with test config, tsconfig, esmodules, etc., I find that it just works.
Deno has a nice standard lib, great CLI support, and I used to love deno deploy but its gotten very clunky these days.
Deno is from scratch attempting to pass as many NodeJS tests as possible. Bun piggybacks off the WebkitJS library iirc and shims anything nodejs specific it needs.
I can tell you my experience as a js package dev, last tried a few weeks ago. We're building an npm package that's supposed to run on both node.js, deno & bun & the web.
This is an annoying to do for exactly two platforms: node.js, and deno.
node.js bcs it requires a workaround whenever something networking comes in: fetch doesn't work the same. So you structure you're code around having a node.js workaround. Same story for some other APIs. But you can test if itn works!
Deno is more annoying, you just can't test your package with deno before publishing. Before we released to npm, we installed a tar file and sent those around for testing. Works in node, in vite (node, for browser), works in bun, like a charm. Doesn't work with deno unless you switch to package.json, and you use exactly the subset of the spec that deno supports. You can't "deno install xyz.tar", you have to use npm for that (inserts a single line into package.json), THEN you can use deno to execute. No docs, no hint, just trial & error.
Even more annoyingly, npm & bun both offer 'link': in package repo, call npm/bun link, in the test repo do npm/bun link @yourpackage, and that's it, it's installed. Creates a dyn link to the source's build dir so you can rebuild without packing or sending tars or anything like that, you just build in your package dir and the test project is immediately updated.
Deno doesn't have that. What's worse, they don't tell you they don't have that. Also basically no error messages. It just fails in weird ways. Spent hours trying to do it. Now I just publish without testing for deno and wait for bug reports.
So out of the three: bun just works. That's it. Better than any platform. It just works, and it has a nicer CLI & nicer error messages, and it's faster on startup. It has the web api and the node api (i think) and its own api that's very nice as well, nicer than e.g. node. And e.g. if you run bun link, it tells you exactly what happened: this is what just happened, this is what you have to do to use it elsewhere. Node doesn't have that!
I think deno recognized bun's strategy of using npm dev's backbone as being the better call - that's why they're now slowly introducing node.js features, even though that goes against their original USP.
I used Deno for about a year. I liked it for the reasons you gave, but there were way too many compatibility issues with packages like Astro, Prisma, Vite.
So, I switched to Bun and things have been much smoother!
because for most people they don't need what deno promises.
me for example only use nodejs or bun to run a basic sveltekit server, so it can render the html for the first time. all core functionalities are delegated to backend services written in crystal or rust. I don't need some bloated js runtime that hoard 500MB of ram for that purpose (crystal services only take 20+ MB each).
bun promised a lean runtime, every essential functionality is written in zig to increase the speed and memory footprint. and javascriptcore also uses less memory compare to v8. the only thing we expect is for bun to stabilize and can run 24/7 without memory leaking or crashing.
I don’t consider them a problem at all. It’s how browsers have worked for a long time.
My point was at the time when deno came out it was completely different to node with its imports and that meant a lot of existing packages just didn’t work out of the box. That just slowed its traction.
Personally I would have like deno it stick with url imports and not added the npm support.
Ryan set out to “fix” his mistakes with node only to fully embrace them again.
I imagine some of Bun's growth is just simply V8 fatigue. JavaScriptCore does have some different runtime characteristics and it is nice to a diversity in language engines.
(It seems too bad ChakraCore is mostly out to pasture and not keeping up with TC-39 and that there's still no good Node-compatible wrapper for SpiderMonkey, but having one for JavaScriptCore is still a breath of fresh air.)
I'm very confident that users of these runtimes do not care about the underlying Js engine powering them. Bun succeeded because it was compatible with node and required much less configuration to get a standard typescript and react app running.
I'm not suggesting it is a conscious decision point. Node has since done a lot to catch up on "less configuration" but Bun still seems to be growing even as what Bun does well Node starts to emulate. Runtime performance is mentioned in this thread here and elsewhere and while some are attributing that to Zig I think some are overlooking the different runtime experience of JavaScriptCore. It's also the "only" runtime difference between Deno and Bun if you assume that Rust and Zig are similarly performant native layers for some saying they like Bun's runtime performance better than Deno's.
When Deno first came out it was deliberately incompatible with Node, which limited its ecosystem and audience. Bun came along with a lot of Deno's great features but also Node compatibility, and people really took to that.
But Deno's got Node compatibility now, and Node has adopted a lot of the features that make Deno and Bun so usable. So I'm not sure the choice matters so much these days.
Node's the stable solution and will be with us forever. You can now use TypeScript with it and, soon enough, you'll be able to build your app to a single executable -- including native deps.
Bun's chaotic but, nonetheless, it's _fast_ and it's taking an interesting approach by including everything in the stdlib. Plus, bought by Anthropic.
Deno had an awesome story with the sandbox and ease of import for third-party dependencies. Sandboxes feel pretty commoditized now and I'm not sure the import mechanism ended up being that much nicer than a `npm add`.
I agree philosophically, but the JavaScript ecosystem has never been languishing for lack of options. If anything, excessive fragmentation is a real concern.
Running out of money is never the issue with a big company buying an open source project. There are countless examples of projects dying or changing significantly for the worse after acquisition.
Also “no human wrote any of this code” is not my personal benchmark for a reliable dependency.
Afaik there is no proof Anthropic is profitable. This, and uv buyout by OpenAI only adds a risk to supply chains. In few years these companies can be overrun by open source models or startups delivering new hardware/software breakthrough in LLM. It is not like uv and bun are acquired by IBMs or Alphabets of today.
Wasn't it announced that Anthropic is having their first profitable quarter right now in Q2? From what I've personally seen it's all driven by enterprise adoption.
Open source/foreign models are already way cheaper and will work just fine for most use cases but a lot of businesses are already pretty locked in to Claude, and with enterprise costing $240 a year at a 20 seat minimum it's a pretty big investment to make and won't be worth migrating unless the gains are significant.
> It means they're a whole lot less likely to run out of money, which makes them a safer bet as a dependency.
I don't think this logically follows. That is, yes being acquired makes one less likely to run out of money, but doesn't necessarily make something safer as a dependency.
Plenty of open source projects have little to no funding and continue on for years with no problems. But being acquired suddenly creates a requirement of return-on-investment. A corporation will happily shut the whole thing down if and when it's decided that they're just not gaining enough value from it.
(There's also the general fact that, a corporate-acquired project is going to first and forement serve the needs of the corporation vs. the community at large - if your use case or edge case doesn't align with the needs of Anthropic then you should probably not hold your breath waiting for the Bun project to address it.)
For those who care about their dependencies being "safe bets", Bun should already be out of the question after the recent "vibe code the entire thing into a different language in a week with zero human intervention" fiasco.
Yeah, that's my immediate debate in reading this blog post: `deno pack` might be a great replacement to my existing `npm publish` workflow for my open source packages and continue shifting my work to Deno-first/Deno-mostly, but on the flipside, with Node's growing TS support I'm also considering switching to Typescript-only npm packages as a (tiny) message to the ecosystem.
Though I'm also happy that JSR exists as that (mostly) cleaner ecosystem.
Deno is a JavaScript and TypeScript runtime, for those who don't recognize the name. Here's a review of Deno 2.6 vs competitors Bun 1.3 and Node.js 25:
It's surprising to me that bun is so much faster serving web requests. The article mentions Zig as a factor, but is micromanaging memory really gaining over 2x vs node?
Similarly, it seems, though they didnt exactly say, that they're running bun with a warm package cache... What about the others? Do they have caches?
npm by default: When I tried Deno ~1-2 years ago - I immediately shinned myself on this and decided to wait for more sensible defaults. (I've not followed closely, just the basic story)
And reading the features, I'm impressed! - I spot many commands & features that map to my workflow.
I wrap most node-isms and use deno as the runtime. Works well. If a project is pure typescript I just have deno run it. Extra options for security are great, installation scripts disabled by default, etc.
If you're using node directly, please stop. At a minimum use Bun.
With agentic work, there is little reason to use anything besides Rust and Typescript in any case. Room to disagree but type safety, memory safety, and a large corpus of work is critical. Agents need difficult errors and baked in patterns they navigate it easily. For UI, Typescript makes the most sense just because of the mass of design examples.
I think if Deno had held on to their initial values for a little longer the pressure towards node compatibility would have been mended by AI agents, because a lot of the pressure is the result of skill issues: if the only way you know how to set up is using express.js then any subsequent tool or runtime must provide a similar abstraction for a “smooth” transition, regardless of how bad the first solution was in the first place. Nowadays you introduce devs to new tech by delivering your product with a set of skills that in practice have replaced documentation and sometimes can be very good at showing better alternative approaches to whatever you’re building.
My gripe is why doesn't Webassembly fully support dom manipulation. If we got that working anyone could just bring any language to the browser and we would finally be free from the shackles of JS.
Because "it doesn't exist". It's just a layer on top of js, it doesn't have its own runtime, and btw what would supporting ts a the browser level mean? If you want to support a static typed language then you could just compile it down to wasm, if you just want to support types and ignore them at runtime there's an overhead price to pay, or should do runtime type checking? And with which tsconfig? Strict or not?
There wouldn't be any benefit. It's not sound so it can't really be used to improve performance.
There was a proposal to support TypeScript syntax, but ignore the actual types (this is basically how Python works). That would be kind of nice because you can skip the compilation step completely (less faff for small projects), but I don't think it went anywhere... or if it is it's getting there at a snail's pace:
I actually lost interest in Deno once it started leaning into NPM. I thought it was a bold and wise idea to make a clean break from the mess of Node and restart with a sensible ecosystem. Absent that... I'm just sticking with Node.
I think Deno's done a pretty good job at keeping what it did well in Deno 1 while also playing ball with Node/npm compatibility. JSR feels like the more sensible ecosystem we all need (especially high scoring packages) and while this current change leaves JSR prefixed when doing a `deno install` it doesn't change the fact that the more packages you install from JSR instead of npm the better things feel. (Especially once you can break from package.json and node_modules, but even the baby steps along the way to that goal still feel pretty good.)
I previously worked at Deno and even with all that tbh, I am not sure the http deps were the right way to go. I've really wanted to like them but package managers really have advantages.
I would not say npm was the right direction. I actually was a fan of JSR (didn't work on it but all my experience with it was great)
Oh, for sure. But I'm old enough to remember when standard IT tools would have never supported Node in the first place and the idea of JS on the server made everyone scream. You just need to build demand for that support.
Yes, IT from customer, or agency delivery operations, dictates what are the official tools in specific projects, including 3rd party dependencies in internal repos, and CI/CD is cut off from accessing public Internet.
Deno: has a basic permission model that is very helpful, written in Rust, and native TypeScript support.
I'm not deep in the webdev / node / Bun ecosystems, I've just been a happy user of Deno for small services for several years. Can someone explain why it sounds like there's such rapid growth of Bun? Is it just being used as a bundler, but not as JS runtime?
Just the permission system alone (though I wish it extended to modules) is so compelling with Deno that I'm perplexed at why someone would transition from node to bun and not node to Deno.
> Can someone explain why it sounds like there's such rapid growth of Bun?
In my case, when I start a little Typescript side project, instead of drowning in the sea of npm/yarn/berry/pnpm/bubble/vite/webpack/rollup/rolldown/rollout/swc/esbuild/teatime/etc I can just use one thing. And yes, only some of those are Pokémon moves and not actual tools from the JS/TS ecosystem.
But...Deno also has an all in one CLI too. The question was why Bun specifically grew in popularity over Deno.
Deno's goal was to address Node's design weaknesses, while Bun came out with the promise of faster performance. Especially if you're coming from Node or migrating an existing project, it's easier to justify switching to Bun than to Deno.
Since then, all three runtimes have been gradually converging (adopting Web APIs, first class TypeScript support), so there's little reason to move away from Node's vast ecosystem to Deno; most npm packages weren't made with Deno's security model in mind.
Deno's biggest strength is when you want its security model and don't plan on using npm packages, e.g. if you want to let agents write and run quick scripts on your machine without awaiting your permission.
yeah it's such a pity deno's security features could have made recent npm attacks moot...
Mainly DX.
Deno has many of those things now, but my past experience wasn’t good. The first versions of Deno had a lot of friction; Bun however was more or less useful from day 1.
well benchmarks that's why
if the numbers look good, I pick it up -- though whether the numbers actually hold in reality is... well something I should check... but won't due to laziness...
I should check actual perf numbers... well next week or month?
Deno and Bun had very different focuses when they launched. Deno was trying to fix a lot of what Ryan (the original creator of Node) thought was wrong with Node. Bun focused on compatibility with Node and the ability to run popular frameworks like Nextjs from the beginning.
A lot of dependencies and frameworks simply did not work with Deno for a long time. In the beginning it didn't even have the ability to install dependencies from npm. (In hindsight with all the npm supply chain attacks Ryan was probably right about all of these things).
So Bun was a better Node with a lot of very nice quality of life features that just worked and it required much less configuration.
I think the Deno team kind of realized they needed to have compatibility with Node to succeed and that has been their focus for the past couple years.
Edit: And Deno is now more compatible with node than bun.
> In hindsight with all the npm supply chain attacks Ryan was probably right about all of these things
"Probably"? Are you saying there's a chance he wasn't right?
I really think Ryan deserves a lot more credit than a "probably". He put in a lot of effort to do the right thing and improve the security of the entire ecosystem he created.
this
we nodejs devs were just ignorant/lazy
npmjs should mark libs "deno compatible" and move over to deno gradually for security
I started a new project with Deno specifically to avoid the NPM mess, and because it was created by Node's creator to fix its shortcomings. I'm new to Web development, but so far the experience has been pretty good.
Nice to see Deno being maintained. The features listed seem pretty substantial.
(thinking emoji) they could merge.
Seriously, they're both Rust now. They share goals.
I doubt it would work out. The engineering cultures could not be any different.
well bun could 'gradually become deno':
1. add 'enhanced security mode' that's actually 'deno-compatible/like' (permissions, etc)
2. mark libs/executables/etc as 'enhanced security compatible'
3. ...merge by buying out deno?
> Bun focused on compatibility with Node and the ability to run popular frameworks like Nextjs from the beginning.
and yet Bun's npm compat is much much lower than deno
https://x.com/rough__sea/status/2057579066744881188
I was talking about the history and not the current state of the projects if that was not obvious.
Same, I'm mostly a back end dev but when I dip my toes into frontend for personal projects Deno just seems like the most sane choice. It's really nice to work with. I'm kind of sad it doesn't seem to have taken off among the JS folks.
I use (and like) both. Bun is a drop-in replacement for node. If you don't want to fuss with test config, tsconfig, esmodules, etc., I find that it just works. Deno has a nice standard lib, great CLI support, and I used to love deno deploy but its gotten very clunky these days.
But if you look at the node compliance tests, deno has better compliance now days…
Insanely better, at 76% Node compliance in Deno 2.8.
Bun 1.3.14 is at just 40.6% with same compliance test.
https://node-test-viewer.deno.dev/
Deno is from scratch attempting to pass as many NodeJS tests as possible. Bun piggybacks off the WebkitJS library iirc and shims anything nodejs specific it needs.
I can tell you my experience as a js package dev, last tried a few weeks ago. We're building an npm package that's supposed to run on both node.js, deno & bun & the web.
This is an annoying to do for exactly two platforms: node.js, and deno.
node.js bcs it requires a workaround whenever something networking comes in: fetch doesn't work the same. So you structure you're code around having a node.js workaround. Same story for some other APIs. But you can test if itn works!
Deno is more annoying, you just can't test your package with deno before publishing. Before we released to npm, we installed a tar file and sent those around for testing. Works in node, in vite (node, for browser), works in bun, like a charm. Doesn't work with deno unless you switch to package.json, and you use exactly the subset of the spec that deno supports. You can't "deno install xyz.tar", you have to use npm for that (inserts a single line into package.json), THEN you can use deno to execute. No docs, no hint, just trial & error.
Even more annoyingly, npm & bun both offer 'link': in package repo, call npm/bun link, in the test repo do npm/bun link @yourpackage, and that's it, it's installed. Creates a dyn link to the source's build dir so you can rebuild without packing or sending tars or anything like that, you just build in your package dir and the test project is immediately updated.
Deno doesn't have that. What's worse, they don't tell you they don't have that. Also basically no error messages. It just fails in weird ways. Spent hours trying to do it. Now I just publish without testing for deno and wait for bug reports.
So out of the three: bun just works. That's it. Better than any platform. It just works, and it has a nicer CLI & nicer error messages, and it's faster on startup. It has the web api and the node api (i think) and its own api that's very nice as well, nicer than e.g. node. And e.g. if you run bun link, it tells you exactly what happened: this is what just happened, this is what you have to do to use it elsewhere. Node doesn't have that!
I think deno recognized bun's strategy of using npm dev's backbone as being the better call - that's why they're now slowly introducing node.js features, even though that goes against their original USP.
I used Deno for about a year. I liked it for the reasons you gave, but there were way too many compatibility issues with packages like Astro, Prisma, Vite.
So, I switched to Bun and things have been much smoother!
because for most people they don't need what deno promises.
me for example only use nodejs or bun to run a basic sveltekit server, so it can render the html for the first time. all core functionalities are delegated to backend services written in crystal or rust. I don't need some bloated js runtime that hoard 500MB of ram for that purpose (crystal services only take 20+ MB each).
bun promised a lean runtime, every essential functionality is written in zig to increase the speed and memory footprint. and javascriptcore also uses less memory compare to v8. the only thing we expect is for bun to stabilize and can run 24/7 without memory leaking or crashing.
too bad it is a failed promise now.
I hadn't heard of crystal somehow, I work with ruby a lot so that might be fun to play around with.
I think the main issue was when deno first came out it used urls for imports then later added support for npm.
By then bun was already a thing and just ate into its share.
Why do you consider URLs a problem?
I don’t consider them a problem at all. It’s how browsers have worked for a long time.
My point was at the time when deno came out it was completely different to node with its imports and that meant a lot of existing packages just didn’t work out of the box. That just slowed its traction.
Personally I would have like deno it stick with url imports and not added the npm support.
Ryan set out to “fix” his mistakes with node only to fully embrace them again.
Annoying to update instead of a package.json, which they now have an equivalent of, realizing their mistake.
I imagine some of Bun's growth is just simply V8 fatigue. JavaScriptCore does have some different runtime characteristics and it is nice to a diversity in language engines.
(It seems too bad ChakraCore is mostly out to pasture and not keeping up with TC-39 and that there's still no good Node-compatible wrapper for SpiderMonkey, but having one for JavaScriptCore is still a breath of fresh air.)
I'm very confident that users of these runtimes do not care about the underlying Js engine powering them. Bun succeeded because it was compatible with node and required much less configuration to get a standard typescript and react app running.
I'm not suggesting it is a conscious decision point. Node has since done a lot to catch up on "less configuration" but Bun still seems to be growing even as what Bun does well Node starts to emulate. Runtime performance is mentioned in this thread here and elsewhere and while some are attributing that to Zig I think some are overlooking the different runtime experience of JavaScriptCore. It's also the "only" runtime difference between Deno and Bun if you assume that Rust and Zig are similarly performant native layers for some saying they like Bun's runtime performance better than Deno's.
When Deno first came out it was deliberately incompatible with Node, which limited its ecosystem and audience. Bun came along with a lot of Deno's great features but also Node compatibility, and people really took to that.
But Deno's got Node compatibility now, and Node has adopted a lot of the features that make Deno and Bun so usable. So I'm not sure the choice matters so much these days.
I wonder how Deno's faring.
Node's the stable solution and will be with us forever. You can now use TypeScript with it and, soon enough, you'll be able to build your app to a single executable -- including native deps.
Bun's chaotic but, nonetheless, it's _fast_ and it's taking an interesting approach by including everything in the stdlib. Plus, bought by Anthropic.
Deno had an awesome story with the sandbox and ease of import for third-party dependencies. Sandboxes feel pretty commoditized now and I'm not sure the import mechanism ended up being that much nicer than a `npm add`.
They did lay off ~half the company ~2 months ago: https://news.ycombinator.com/item?id=47467746
It's good to have some options, to prevent the ecosystem from stalling
I agree philosophically, but the JavaScript ecosystem has never been languishing for lack of options. If anything, excessive fragmentation is a real concern.
Interesting, I'm not aware of that many nodejs alternatives...
> Plus, bought by Anthropic.
Who thinks this is a positive?!
That wasn't a value judgment on the acquisition. I was just pointing out that it made the project more sustainable.
It really doesn't. You think Anthropic will still be in business in 10 years? If they are, it's not likely they'll be in the same shape.
It means they're a whole lot less likely to run out of money, which makes them a safer bet as a dependency.
Running out of money is never the issue with a big company buying an open source project. There are countless examples of projects dying or changing significantly for the worse after acquisition.
Also “no human wrote any of this code” is not my personal benchmark for a reliable dependency.
> Running out of money is never the issue with a big company buying an open source project.
I'm going to dare to say that running out of money was often an issue before a big company bought an open source project.
Afaik there is no proof Anthropic is profitable. This, and uv buyout by OpenAI only adds a risk to supply chains. In few years these companies can be overrun by open source models or startups delivering new hardware/software breakthrough in LLM. It is not like uv and bun are acquired by IBMs or Alphabets of today.
Wasn't it announced that Anthropic is having their first profitable quarter right now in Q2? From what I've personally seen it's all driven by enterprise adoption.
Open source/foreign models are already way cheaper and will work just fine for most use cases but a lot of businesses are already pretty locked in to Claude, and with enterprise costing $240 a year at a 20 seat minimum it's a pretty big investment to make and won't be worth migrating unless the gains are significant.
What happens if Anthropic and OpenAI shut down?
Is it different from the status quo prior?
> It means they're a whole lot less likely to run out of money, which makes them a safer bet as a dependency.
I don't think this logically follows. That is, yes being acquired makes one less likely to run out of money, but doesn't necessarily make something safer as a dependency.
Plenty of open source projects have little to no funding and continue on for years with no problems. But being acquired suddenly creates a requirement of return-on-investment. A corporation will happily shut the whole thing down if and when it's decided that they're just not gaining enough value from it.
(There's also the general fact that, a corporate-acquired project is going to first and forement serve the needs of the corporation vs. the community at large - if your use case or edge case doesn't align with the needs of Anthropic then you should probably not hold your breath waiting for the Bun project to address it.)
> safer bet as a dependency.
The recent 1 million line vibe coded PR suggests it is not so reliable as a dependency.
That was Bun at Anthropic, not uv at OpenAI. (UPDATE: My mistake, this thread is about Bun, not uv.)
Is this a joke I'm not getting or are your wires crossed? Bun is the topic of this subthread.
Huh, you're right. I'd just been reading this other thread about uv and got my wires crossed: https://news.ycombinator.com/item?id=48228788
Yes, famously, acquisitions only make services more reliable, as in the case of Microsoft and Github, or Apple and DarkSky.
There are so many it's a meme: https://ourincrediblejourney.tumblr.com
running out of money, for an open source project of almost any kind, is safer than "running into money" with the wrong strings attached
(still reserving judgement on Bun, though — I mean, we'll soon see, one way or the other!)
> which makes them a safer bet as a dependency
Wouldn't node be the safest bet as a dependency?
For those who care about their dependencies being "safe bets", Bun should already be out of the question after the recent "vibe code the entire thing into a different language in a week with zero human intervention" fiasco.
Exactly.
https://github.com/yt-dlp/yt-dlp/issues/16766
You can already ship single executables, my product's CLI is a Node single executable application
> and, soon enough, you'll be able to build your app to a single executable -- including native deps.
Whoa, did not know that. That's a killer feature!
The new *deno pack* command is a nice addition for safe and simple packaging.
For those using Node.js, a similar single command is available with https://www.npmjs.com/package/ts-node-pack
Now that Node.js supports importing .ts modules, more repos can use them without a build step or putting any build artifacts in the checkout.
Yeah, that's my immediate debate in reading this blog post: `deno pack` might be a great replacement to my existing `npm publish` workflow for my open source packages and continue shifting my work to Deno-first/Deno-mostly, but on the flipside, with Node's growing TS support I'm also considering switching to Typescript-only npm packages as a (tiny) message to the ecosystem.
Though I'm also happy that JSR exists as that (mostly) cleaner ecosystem.
Deno is a JavaScript and TypeScript runtime, for those who don't recognize the name. Here's a review of Deno 2.6 vs competitors Bun 1.3 and Node.js 25:
https://www.devtoolreviews.com/reviews/bun-vs-node-vs-deno-2...
It's surprising to me that bun is so much faster serving web requests. The article mentions Zig as a factor, but is micromanaging memory really gaining over 2x vs node?
Similarly, it seems, though they didnt exactly say, that they're running bun with a warm package cache... What about the others? Do they have caches?
> The article mentions Zig as a factor, but is micromanaging memory really gaining over 2x vs node?
As someone who has optimized by reducing/batching heap allocations, 2x seems within the realm of possibility, depending on the exact circumstances.
That being said, iirc, node also has more hooks for things like observability than bun does, which might hurt it here
npm by default: When I tried Deno ~1-2 years ago - I immediately shinned myself on this and decided to wait for more sensible defaults. (I've not followed closely, just the basic story)
And reading the features, I'm impressed! - I spot many commands & features that map to my workflow.
Well done Deno team.
I wrap most node-isms and use deno as the runtime. Works well. If a project is pure typescript I just have deno run it. Extra options for security are great, installation scripts disabled by default, etc.
If you're using node directly, please stop. At a minimum use Bun.
With agentic work, there is little reason to use anything besides Rust and Typescript in any case. Room to disagree but type safety, memory safety, and a large corpus of work is critical. Agents need difficult errors and baked in patterns they navigate it easily. For UI, Typescript makes the most sense just because of the mass of design examples.
I think if Deno had held on to their initial values for a little longer the pressure towards node compatibility would have been mended by AI agents, because a lot of the pressure is the result of skill issues: if the only way you know how to set up is using express.js then any subsequent tool or runtime must provide a similar abstraction for a “smooth” transition, regardless of how bad the first solution was in the first place. Nowadays you introduce devs to new tech by delivering your product with a set of skills that in practice have replaced documentation and sometimes can be very good at showing better alternative approaches to whatever you’re building.
Is anyone here using Deno in production?
By the time I read this, the blog post doesn't exist yet:
> The release post for v2.8 is not yet published.
> Check GitHub releases page for the latest release status of Deno.
The release is here: https://github.com/denoland/deno/releases/tag/v2.8.0
EDIT: Formatting
I like Deno for the web standards. I think it should be sponsored by the government for it to flourish.
The release post for v2.8 is not yet published. Check GitHub releases page for the latest release status of Deno.
I don't get it why the hell is TypeScript still not nativly supported in modern browsers?
Likely because everybody would still strip types, bundle and minify their typescript code anyway.
Because standardization is a political process that takes time and consensus to achieve?
https://github.com/tc39/proposal-type-annotations
My gripe is why doesn't Webassembly fully support dom manipulation. If we got that working anyone could just bring any language to the browser and we would finally be free from the shackles of JS.
Because "it doesn't exist". It's just a layer on top of js, it doesn't have its own runtime, and btw what would supporting ts a the browser level mean? If you want to support a static typed language then you could just compile it down to wasm, if you just want to support types and ignore them at runtime there's an overhead price to pay, or should do runtime type checking? And with which tsconfig? Strict or not?
All good questions. But... it would simply eliminate a step and result in a single language.
Python supports types and is interpreted, right?
JS promise to never break the web. can't say the same about TS
There wouldn't be any benefit. It's not sound so it can't really be used to improve performance.
There was a proposal to support TypeScript syntax, but ignore the actual types (this is basically how Python works). That would be kind of nice because you can skip the compilation step completely (less faff for small projects), but I don't think it went anywhere... or if it is it's getting there at a snail's pace:
https://github.com/tc39/proposal-type-annotations
> Deno now defaults to npm:
This is an interesting development. npm after all is the de-facto ecosystem and leaning into it makes sense.
I'm wondering how Deno would've been received if it supported npm and package.json from day 1.
I actually lost interest in Deno once it started leaning into NPM. I thought it was a bold and wise idea to make a clean break from the mess of Node and restart with a sensible ecosystem. Absent that... I'm just sticking with Node.
I think Deno's done a pretty good job at keeping what it did well in Deno 1 while also playing ball with Node/npm compatibility. JSR feels like the more sensible ecosystem we all need (especially high scoring packages) and while this current change leaves JSR prefixed when doing a `deno install` it doesn't change the fact that the more packages you install from JSR instead of npm the better things feel. (Especially once you can break from package.json and node_modules, but even the baby steps along the way to that goal still feel pretty good.)
I previously worked at Deno and even with all that tbh, I am not sure the http deps were the right way to go. I've really wanted to like them but package managers really have advantages.
I would not say npm was the right direction. I actually was a fan of JSR (didn't work on it but all my experience with it was great)
As someone that works in projects with standard IT tools, not supporting NPM made it a non starter for us.
No way it would go through standard build pipelines, or team skills.
Oh, for sure. But I'm old enough to remember when standard IT tools would have never supported Node in the first place and the idea of JS on the server made everyone scream. You just need to build demand for that support.
For us the demand is, does it run everything that either Angular or Next.js require, or the SDKs from headless SaaS products.
"standard" IT tools?
Yes, IT from customer, or agency delivery operations, dictates what are the official tools in specific projects, including 3rd party dependencies in internal repos, and CI/CD is cut off from accessing public Internet.
I don't know why they copied NPM's backwards `npm install/ci` thing. Most people think that `install` does use the lock file.