 okay you ready three two one wait what do we do now i don't know it was so in sync we don't well we we normally did it twice but that's because we were sitting like 100 miles apart but i i'm not very good at geography how much are we sitting apart now oh that's a good question because it needs to be safe because things aren't back to normal yet it needs to be two meters at least at least is it absolutely terrifying watching this coming towards me keep going two meters and 20 perfect did you just lose a finger no just a bit of pain but that's okay excellent good that's your slide clicker hand where's my slide clicker it's uh down there there you go right shall we talk about the web let's talk about the web come on i'm actually i'm actually web adjacent with this one because i want to talk about this yeah mate you realize in css you can have font sizes bigger than 12 i just installed the webpons and something must have gone wrong this is what you get okay so it's hang on it's den uh oh now this is controversial this is exactly why i put it there and didn't say it myself because you wanted me to make the mistake yeah all the youtube now you're wrong not me so because it right it's den or dino that much it's great it's one of the two and you know what i did i went back to this presentation you know what this is oh who this is rather this is uh mr dino isn't it jeremy dino because it's ryan dal ry on github yep originally the creator of node and now also the creator of the thing yep and this is js conf 2018 where he announced it and i was in the audience and i was like and he called it deno oh there you go that's a truly case closed and i smugly tweeted just in case here's proof it's called deno everyone well there you go then deno tweeted at me saying like actually ryan is wrong who's behind that account now apparently he got convinced everyone it should be called dino and so it's dino the canonical pronunciation is dino it's like gith just so everyone knows i will probably get this wrong in this episode i will probably even use both interchangeably it's both the same we're talking about the thing the thing that i want to talk about so what is dino well it's that it's it is basically node it's it's a javascript runtime but it has type script i think that's what most people already know instead of running javascript it can also run typescript it's actually typescript first and has a bunch of very interesting not necessarily new takes but just a combination of things into one which is a different take on package management security web compatibility and you know i thought just give a little little round up because i've been playing with it i've been liking it it's really good to because i've i've used it once in passing but i don't know a lot about it so i'm gonna learn a lot here uh yeah i put it on my cv now um but it's we've not had a lot of competition in this space like there was a hundred years ago there was the server-side javascript stuff that Netscape did and then there was nothing i don't know that one oh yeah you're younger than me uh there's a long long time ago and then there was node and now there's dino so it's like this and so much had changed between the old Netscape thing and uh and and node so it's interesting to see what like what's that you know what have they learned what have they changed what have they learned from node and gone and you know what i think they have learned the talk from rindal from jscorp 2018 actually is explicitly was a talk 10 things i learned or 10 mistakes i did in node something like that um any kind of user talk would then lead into dino um but the mistakes he talks about are really interesting so we're going to link to that all right but i just want to basically just look at dino by itself and just talk about a bunch of things so this is don't be intimidated by this oh perfect yes this is from their website you don't need to know this but there's a couple of interesting things and you don't want to i want to extract the one thing is dino's written rust that by itself doesn't mean much immediately although i have no experience at actually contributing to dino like hacking around in the actual engine quite doable you just dropped that in there you you're now a no i i i just hacked you corrected the spell spelling mistake read me right yeah i didn't even i don't even have a commit all right i added a sum function a global okay and that was that was easy enough and you know that is saying something i was actually like i have some i know some rust i'm far from an expert but the cool thing is the build system is super easy and if you've ever tried to build v8 or something like that you know that that is not easy yeah and the nice thing is they extract it all the way it just builds um and the other thing that i want to point out it uses v8 so it's our trusty v8 engine running the java script and the other thing that's just you don't really need to know that but i found it interesting in in note most of the file system functions are direct bindings to c++ backed functions which is where you often see native function when you see a stack trace or something in dino you have exactly two native functions which are just able to send buffers to the isolate background and so you always have to communicate to these two functions that has that is that a good thing or a bad thing it's a good thing because the okay that's the only way to get out of the v8 sandbox only through these two functions on the audit surface it's very small unless that function is a vowel you know what so what are we talking here how i think i think it is interesting that if if something goes wrong it has to go through one of these functions you only have to see i'm not an expert on this so i'm i probably shouldn't be talking i just found it interesting that in contrast to note where loads of things call directly into c++ you only have two functions called c++ here and those are these two functions for receiving buffers and sending buffers okay and that's quite interesting but that's not really interesting in terms of us web developers so i want to talk a bit more about the first thing that's quite interesting is the standard library um you know i know we you have a extensive library and so does dino but you have to import it it's not just that you have to import it as a url and the the interesting thing is that that's an actual url like if you type in this url into your browser you will see typescript code appear okay because i yeah if you're leaving note behind i guess you're also leaving npm behind yes true yes pretty much so it's there is actually no real package manager in dino because it's like you know what we're just going to use the thing that javascript on the web uses you just import modules and that works really well so on the one hand you would see the url is versioned so you import a specific version of the standard library which is nice because it decouples the standard library from the engine which in note is not the case you always require fs and that is the fs that came with your note version so in this case dino the engine can evolve without the standard library evolving which is also i think a benefit for backwards compatibility you import a specific version but also there's obviously a place to publish user modules you say obviously didn't know that well you have to you want to be able to to import code right and so you know just put this on your own web server you can and that's what i find really so they have this dino dot land slash x where you can go on and publish your own code under a nice memorable url but as i said it's a normal request a normal url so you can actually in fact also point straight to get up look at that or point to your own web server and that's actually kind of nice it kind of has this decentralized thing built in that you don't rely on the central registry to keep all the code you depend on so what's the offline story for this then that's a good question because obviously you you want to run a script and you do it like this you just do dino run and your script and on the first run that will download all these files via an actual request and then look at dependencies and do that and then it will never do it again which obviously sometimes is a problem i mean if the url is versioned you would hope it's kind of a mutable and the same version should not deliver different code in the future so it's not paying attention to the caching headers specifically of the request it's i don't think it is okay but i'm actually not 100 sure but dino has a command r command f5 whatever built in by passing a reload flag and then it will actually reload everything so in case you do get stuck you can't really but also it is you know if you want to develop on a flight without wi-fi just make sure you run once before and then you're pretty good to go so that's my that's my thinking pose so uh how does dynamic importing fit into this because that's that's one of those things of like you're not just going to be able to say you know load once then go on your flight or remember flights but then because if it's a dynamic import you do all that and then you know you hit a runtime import so dynamic imports work good excellent um i think for the offline story you would have to have them loaded once for them to work offline i see okay um i think that's that that's all there is to it i think it's it's a very it's a system with very simple rules but there will be drawbacks at the same time how often do we really run into this i'm developing offline cases well i would say it's quite rare to have a when you're running a server style app having a dynamic import of a module is pretty rare but your dynamic imports are more likely to be adjacent or something like you know something that is local anyway yeah um so yeah it's yeah for server side i think it doesn't happen that often and we'll actually see a bit more that dino is actually going all in on this like it should probably mostly be static imports anyway like i feel like dynamic imports are going to be rare in this context but they do work i did try it and that's that's good all right um you can even run scripts that are non-local so for example the standard library does provide a file server something that you know in node you often have to like either write or npm install like you can just run the url nice and it will download the script and run it and all as well you see that um dash dash allow net is a flag yes because by default you can't just access your network from a script and actually that's a whole security story here indeed i want to talk about a bit more because the security story around node and npm is sort of terrifying yes have you heard of post install scripts right exactly um yeah so as we have no npm or anything so there is no such thing but even this has even just reading files accessing your network opening a server has a permission story so for example here we use the deno global which has the couple of functions that haven't found a web compatible home i'm going to talk about that a bit later but reading files you do via the deno global um and it's all promise based also great promises now it's it's it's kind of nice sometimes to start from scratch isn't it yeah you can like catch up on the developments um and if you run this script in indino it will fail and tell you well it will throw rather saying like you don't have permission to read files please run me again such a nice default it is just by running like npm whatever it's it can read anything on your file system exactly so let's drill that a little bit more because you know i can you know i can add allow read and it will be fine but this is obviously a bit binary it's a bit all or nothing oh you're gonna tell me it's scoped so what if i did this like i have a legit reason to read a file so a person would be quite keen to give me allow read but then i use my permissions i abuse my permissions and read my bitcoin wallet which i don't actually have but i thought that might tie it to monetary values people actually care um so if i run it like this it would work and that would be bad and what you can do is you can actually supply this flag multiple times for every individual file that this script should be allowed to read so you can actually give very granular permissions can it be for like a whole directory or i would hope so yeah i actually haven't tried it but even then i would say like this doesn't necessarily scale because sometimes you don't know upfront which files you might want to read or the script can't potentially even tell you and this is for something really interesting comes in i think is that you can even dynamically request permissions oh like what we do in the browser like pretty much it is very and that i think is a story that you see all through our dino is that they really took the web model or many and learned many many things from the web because you know the web has really taken their security quite seriously and lots of other things that they want to be secure by default and still be able to run random sites that you don't trust like that's a pretty hard hard place to start and we have found a way to make that kind of work and so if you do this you you do there is these request objects and you pass it to dino permission request and it will manifest as a prompt on the cli like where it goes hey the script wants to do the thing do you want to permit to do the thing or would you rather that's very good i would say one thing like the browser gets away with the browser has special ui for permissions i guess we don't really have the equivalent in dino no a dino program could output there i think this is an escape hatch when you don't know which file or you just it just doesn't scale with the amount of file to want to request i'm not quite sure but i like that there is a way it's not nice or not the most beautiful way necessarily maybe there will be better ways in the future maybe at some point in the future we can actually forward this permission request to the browser or something give it a nice common ui who knows but i mean in that sense it's early days for dino it's got announced in late 2018 i think yeah and it's gotten a good amount of attention recently but they're still i think even they're 1.0 it's not that all so they're still early days and iterating on all these things and they're going all in on the web apis as well so like the streams or what do we do streams hold on to that oh okay okay yeah zip speaking of all right let's talk about a couple of global objects that are available in dino and i try to order them by increasing amount of surprised face that i pulled yeah i'm not surprised at global this is a quick stand but it's a it's a javascript stand yeah right okay not surprised okay hang on is web assembly in node as well because you can do web assembly so this is a global in node as well no surprise base no and that's a web standard right so we're talking a little bit more surprised now because node would have as a note its own crypto module all right but i like that it's using the compatible api because all this will boil down to i have more chances to write i guess this is isomorphic code code that works without changes on both sides the server side the client side that's a good thing yeah all right all right nice not really a surprise well we know node has workers as well but you have to import them they're not api compatible with the web these are so it's the same same pattern the web uses yeah amazing yeah well you see i did know this one so i not surprise base but i was very happy about this because i i much prefer the the streams that's the what do we do standardized over the various ones that no i just saw a couple days ago note no has them as well yes they've been they've kind of changed your mind a lot of stuff because they're looking at fetch as well so yeah it seems that everything is converging on standardized apis which is good that's what standard are for so we could converge on them absolutely absolutely yes okay so node has some of the things to this now i think so that's yeah we now have an event target yeah so node has that as well that's good oh do they yes yes i did not know that yeah no you can use signals to remove event listeners and stuff fascinating notes so that's well maybe i didn't get the order right but so it's interesting based on me having a slightly lopsided knowledge of of how node and denom work but location that does surprise me i didn't know that as well nice i actually forgot what how it's actually but i think it is it is compatible and it mostly reflects import meta URL nice yeah excellent so this is building up to fetch right this is where we're going yeah of course but these are all the prerequisites for having a full fetch actually i think i fetch on the list because it surprised me very little that fetch was in there but i found it isn't at the request or response objects are actually fully so i guess it makes sense because it has to be this the sort of prerequisites and also windows on there as well but okay that is surprising i think it's such a little developer experience why not if it's literally equivalent to global this what's the harm yes just to make the code work that works on both sides well hang on when you start a worker does it have window i do not because i do not know okay anyway i would have to check that um and that closes the process process yeah very good excellent now what do these do these are basically similar to to the permission request there is cli mode cli variant of these things of course but yeah like window alert confirm and promise will be synchronous and blocking until the user acknowledges like an alert needs to press okay confirm obviously the yes no or yes no cancel even and a prompt is type something in this is fun and exciting it is is there more uh a bit more there is uh well what's it oh hang on does it persist local storage it does oh between runs how where is that it has like if you deno if you run deno info it will give you a folder where it stores per origin data and you have to supply an origin as a command line flag otherwise it fails we have to say okay i'm pretending to run on the origin whatever and then it creates its own little folder and everything in local storage will go in there and on the next run you can read the data back and don't have to worry about file system shenanigans this is amazing so is there something more do i know my own slides i don't know is there oh there is this my favorite because not only does it have navigator it has navigator dot gpu and this is straight through to web gpu so yeah i i've been looking a little bit to web gpu i'm not going to get into it but the way to the the main new thing about web gpu is not only is a newer saner approachable api but it decouples the gpu from canvas you can use web gpu just for purely computational purposes and that's exactly what they're exposing here and you can it's experimental so it's behind an experimental flag but it's exposed just like it is in the browser and i that made me happy that's so good it's so good so i looking at this i could really see the whole okay i do i can actually use dino as a stepping stone to write some code and i can be fairly confident that it will run on the web as well later on or the other way around if i've written web code it's quite likely that it will also run in dino i can move modules around almost seamlessly and i'm kind of not even talk about typescript much but you know dino can run javascript if it's typescript it will strip out that it will do the type checks and so about the types but in the end it's just javascript you can also just import normal javascript as well nice that's really cool so going back to to the imports and talking a bit more about standards that we have on the web these URLs are long and annoying wouldn't it be much nicer if i could say something shorter you know i think it's a bit more idiot to remember how would i do this on the web jake this is exciting this would be import maps does it spot import maps oh my god so basically you can provide an import map as a file and that i think is is really good again it allows the thing we can really go in on the web standard stuff and they keep they keep keeping up with those as well as far as i can tell they really keep an eye for the things that are useful to them i'm actually now waiting for them to do the newer import type assertions and because that would solve the how do i get adjacent in because currently i think you have to go by a reading by the file apis well that stuff's there in v8 now so could it just work maybe i haven't checked but you know and and i love seeing this that they're keeping up with it will also help solidify these standards testing them out in more scenarios um this is exciting this is an exciting future for like seeing where dino and node like diverge where they converge i also saw the node people talking about that they actually they don't necessarily see dino as a competition it's a different take on a similar problem space and they're learning from each other and i love seeing that that and i think maybe that is why they were now starting to look at streams a bit more and starting to ship the what wg streams to node because just it just makes sense to be more compatible on that front node obviously has the burden of being around for much longer and having backwards compatibility and all these things the what wg streams didn't just appear out of nowhere you're being much better they learned from the mistakes that that node had made over a few iterations of their streams so yeah yeah it's it's great to see sort of yeah and just as a quick tie up in the end here's a couple of commands that come support because they really try to come in with all batteries included so they have a rebel you can run a file and they have a pretty printer they have a test runner and a test framework they have a coverage tool bundle is a bit like parcel like roll up in that they just inline all your static imports into one big file if whether it's standard library or something else it just makes it one big script as an optimization step i guess um what's compile do tell me what compile file is like bundle but it even bundles dino itself so you get one single statically linked binary that contains your script which i think is probably really interesting for all the the back end folks who want an easy time deploying something to a function or like a a docker container put this one binary in there you don't need a base image it's just that one file it's very neat um it's still that again the compile bit is experimental which yeah it's considered unstable but i tried it and it worked i was kind of cool i obviously didn't use it to to a large in a large project it's just that no a script but yeah i thought it's really cool it's like obviously the binary is like i don't know 70 mechs or something but at the same time you know size on the server side matters less the ease of deployment could matter more on that front makes it easier to cache potentially as well or to to roll back a deployment i could see it really beneficial on on the back end side for for folks amazing uh yeah if people want to know more the website i do yeah well to go right there that's the url yeah dot land is a proper top level dino dot land and now i would like to see in the comments how often i said dano how often i said dino because i i don't even know anymore look look at the things we we couldn't do before for a whole year i know we couldn't cut our fingers off now we can i couldn't tell you where you're slightly close it's just it's just everything back to normal you couldn't put tape measure in my mouth it's look i'm i'm just so glad we're back so glad i'm sure people have missed this