Deno Cheat Sheet
Deno runtime essentials: permissions flags, built-in tooling, npm/JSR imports, and the standard library APIs for common tasks.
2 PagesIntermediateFeb 27, 2026
Running & Permissions
Deno is secure-by-default; explicitly grant only the permissions a script needs.
bash
deno run app.ts # no permissions granteddeno run --allow-net --allow-read app.tsdeno run -A app.ts # allow-all (dev only)deno run --allow-net=api.example.com:443 fetcher.ts # scoped permissiondeno compile --allow-net -o myapp app.ts # single self-contained binarydeno test --allow-read # run testsdeno fmt # built-in formatterdeno lint # built-in linter
Imports: npm, JSR, and URLs
Deno resolves npm: and jsr: specifiers natively, alongside direct URL imports.
typescript
import { serve } from "jsr:@std/http/server";import express from "npm:express@4";import { z } from "npm:zod@3";// deno.json import map keeps specifiers short// {// "imports": { "std/": "jsr:/@std/" }// }import { join } from "std/path/mod.ts";
Native HTTP Server
Deno.serve is the built-in, zero-dependency way to handle HTTP requests.
typescript
Deno.serve({ port: 8000 }, (req) => { const url = new URL(req.url) if (url.pathname === "/api/health") { return new Response(JSON.stringify({ ok: true }), { headers: { "content-type": "application/json" }, }) } return new Response("Not Found", { status: 404 })})
Deno KV
Built-in transactional key-value database, no external dependency required.
typescript
const kv = await Deno.openKv()await kv.set(["users", "u1"], { name: "Ana" })const entry = await kv.get(["users", "u1"])console.log(entry.value) // { name: "Ana" }const atomic = kv.atomic()atomic.check({ key: ["users", "u1"], versionstamp: entry.versionstamp })atomic.set(["users", "u1"], { name: "Ana", age: 31 })await atomic.commit()
Common CLI Flags & Config
Frequently needed permission and config flags.
- --allow-net[=hosts]- network access, optionally scoped to a comma-separated host list
- --allow-read[=paths] / --allow-write[=paths]- filesystem access, optionally scoped
- --allow-env[=vars]- environment variable access
- --watch- restart the process on file change (deno run --watch app.ts)
- deno.json / deno.jsonc- project config: import maps, compiler options, tasks
- deno task <name>- run a script defined under `tasks` in deno.json, like npm scripts
Pro Tip
Use scoped permissions (`--allow-net=api.example.com`, `--allow-read=./data`) rather than `-A` in anything beyond local prototyping — Deno's whole security model is undermined the moment you reach for allow-all, including in CI.
Was this cheat sheet helpful?
Explore Topics
#Deno#DenoCheatSheet#WebDevelopment#Intermediate#RunningPermissions#Imports#Npm#JSR#APIs#CheatSheet#SkillVeris
Advertisement
Sri Hayavadhana Info-Tech
Professional Web Designing Services
- Responsive Websites
- E-commerce Solutions
- SEO Friendly Design
- Fast & Secure
- Support & Maintenance