Deno

[whoknows]

Is a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust.

Secure by default. No file, network, or environment access, unless explicitly enabled.

https://deno.land/

65k stars @
https://github.com/denoland/deno

 

[atom0s]

Would recommend avoiding this for the time being. Deno is a re-envision of NodeJS, created/founded by the original creator of NodeJS. However, the project is more of a dictatorship now than being an open source community collaboration. Safety/security are also not something I would say this project actually is, and rather just a buzz-word way of saying, "If you don't enable anything and basically have a useless shell of an application; it's secure!". Majority of any real-world usage out of this will require various flags be enabled that completely diminish the security aspect of it.

The way imports/third-party libraries is handled is done via remote URL inclusions directly from your source code. Rather than allow any means of locking things down in a sensible way, the author has decided third-party includes are allowed to break the mixed-mode browser security implications and inherit from insecure sources. So importing a library you assume is safe via an HTTPS url can then itself import insecure libraries. Would say more than half their GitHub issues are revolved around this security problem and the creator has basically said 'deal with it' because normal JavaScript <script> tags allow for http includes, therefore he sees it as 'fine'. 

Give the project a lot more time to mature and break from the chains of the main guys "final say" over things and become an actual community project before bothering with it, imo.

[whoknows]

https://www.infoq.com/articles/deno-loves-webassembly