DEV Community

Mayank Kumar
Mayank Kumar

Posted on

My Contribution to Deno 2.0

Over the past couple of weeks, I came across multiple blogs and YouTube videos about the v2.0 release of Deno - a JavaScript, TypeScript, and WebAssembly runtime built with Rust and designed to offer secure defaults for developers. Since I was searching for an issue to create my second PR in Hacktoberfest, I decided contributed to this trending repository. My pull request focused on the compatibility layer of Deno, which was enhanced with the recent release to better support Node.js and npm. The specific task in my PR involved replacing built-in global proxy functions with primordials in the Node compatibility layer.

GitHub logo denoland / deno

A modern runtime for JavaScript and TypeScript.

Deno

Twitter badge Discord badge YouTube badge

the deno mascot dinosaur standing in the rain

Deno (/ˈdiːnoʊ/, pronounced dee-no) is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults and a great developer experience. It's built on V8 Rust, and Tokio.

Learn more about the Deno runtime in the documentation.

Installation

Install the Deno runtime on your system using one of the commands below. Note that there are a number of ways to install Deno - a comprehensive list of installation options can be found here.

Shell (Mac, Linux):

curl -fsSL https://deno.land/install.sh | sh
Enter fullscreen mode Exit fullscreen mode

PowerShell (Windows):

irm https://deno.land/install.ps1 | iex
Enter fullscreen mode Exit fullscreen mode

Homebrew (Mac):

brew install deno
Enter fullscreen mode Exit fullscreen mode

Chocolatey (Windows):

choco install deno
Enter fullscreen mode Exit fullscreen mode

WinGet (Windows):

winget install --id=DenoLand.Deno
Enter fullscreen mode Exit fullscreen mode

Build and install from source

Complete instructions for building Deno from source can be found in the manual here.

Your first Deno program

Deno can be used for many different applications, but is…

Exploring the Project

Given that Deno is a large and complex project with multiple languages and layers of functionality, setting up the environment was a critical first step. The setup process required installing Rust and configuring Cargo, along with other necessary dependencies for local development. Following the contribution guidelines, I reviewed both the project documentation and setup instructions. This part took some time but was essential for navigating the project’s structure and development process smoothly.

Working on the Issue

The issue I tackled was part of a larger effort to increase code reliability and security in Deno’s Node compatibility layer - Issue #24236. As per the documentation, Primordials are frozen intrinsic objects in Deno, used to safeguard against prototype pollution by replacing direct references to global objects with safe alternatives. In my case, I worked on updating randomInt.ts - a file responsible for the randomInt function’s implementation in the core.

My task was to replace certain global methods, like Number.isSafeInteger, with their primordial equivalents e.g., NumberIsSafeInteger. To ensure accuracy, I first researched the correct primordials for each global method. This led me to explore both the Node and Deno documentation to confirm the use of primordials and understand their role in reducing security risks in Deno’s core.

Code Changes and Pull Request

As always I created a new branch for this pull request and made the necessary changes to the randomInt.ts file, while reviewing similar accepted pull requests to align with best practices. I followed Deno’s style guidelines for linting and formatting, but I was not able to run the lint script due to some issue with cargo. I decided to push the code changes after testing locally and to review the linting errors(if any) generated by the CI workflow on GitHub. I submitted my PR, following the guidelines for new pull requests and eventually got a lint error. After changing the PR to draft and resolving the error locally, I pushed the new changes which passed all the tests and it was ready for review.

fix(ext/node): use primordials in ext\node\polyfills\internal\crypto\_randomInt.ts #26534

Towards #24236

used primordials from ext:core to replace usage of built-in functions

While waiting for review on my PR I noticed new commits were merged into main and my branch was out of sync. Out of boredom, I decided to merge the new main branch into my branch which interestingly made my PR fail most of the cases. After investigating the cause for a while I concluded it was because of the new changes still under CI/CD workflows runs. Since I had the previous branch locally I forced pushed to origin in order to revert the merge and decided to leave merging for reviewers. The PR was reviewed and accepted after several hours and this time it did not fail any tests during merge.

Conclusion

This PR allowed me to explore Rust alongside JavaScript in a large, open-source project being used by numerous users. Though it involved minimal code changes, contributing to a project as substantial as Deno was a valuable experience, helping me understand how small adjustments can enhance overall system stability and security.

Top comments (0)