100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace

Deno Cheat Sheet

Deno Cheat Sheet

Deno runtime essentials: permissions flags, built-in tooling, npm/JSR imports, and the standard library APIs for common tasks.

2 PagesIntermediateFeb 27, 2026

Running & Permissions

Deno is secure-by-default; explicitly grant only the permissions a script needs.

bash
deno run app.ts                        # no permissions granteddeno run --allow-net --allow-read app.tsdeno run -A app.ts                     # allow-all (dev only)deno run --allow-net=api.example.com:443 fetcher.ts  # scoped permissiondeno compile --allow-net -o myapp app.ts  # single self-contained binarydeno test --allow-read                    # run testsdeno fmt                                  # built-in formatterdeno lint                                 # built-in linter

Imports: npm, JSR, and URLs

Deno resolves npm: and jsr: specifiers natively, alongside direct URL imports.

typescript
import { serve } from "jsr:@std/http/server";import express from "npm:express@4";import { z } from "npm:zod@3";// deno.json import map keeps specifiers short// {//   "imports": { "std/": "jsr:/@std/" }// }import { join } from "std/path/mod.ts";

Native HTTP Server

Deno.serve is the built-in, zero-dependency way to handle HTTP requests.

typescript
Deno.serve({ port: 8000 }, (req) => {  const url = new URL(req.url)  if (url.pathname === "/api/health") {    return new Response(JSON.stringify({ ok: true }), {      headers: { "content-type": "application/json" },    })  }  return new Response("Not Found", { status: 404 })})

Deno KV

Built-in transactional key-value database, no external dependency required.

typescript
const kv = await Deno.openKv()await kv.set(["users", "u1"], { name: "Ana" })const entry = await kv.get(["users", "u1"])console.log(entry.value) // { name: "Ana" }const atomic = kv.atomic()atomic.check({ key: ["users", "u1"], versionstamp: entry.versionstamp })atomic.set(["users", "u1"], { name: "Ana", age: 31 })await atomic.commit()

Common CLI Flags & Config

Frequently needed permission and config flags.

  • --allow-net[=hosts]- network access, optionally scoped to a comma-separated host list
  • --allow-read[=paths] / --allow-write[=paths]- filesystem access, optionally scoped
  • --allow-env[=vars]- environment variable access
  • --watch- restart the process on file change (deno run --watch app.ts)
  • deno.json / deno.jsonc- project config: import maps, compiler options, tasks
  • deno task <name>- run a script defined under `tasks` in deno.json, like npm scripts
Pro Tip

Use scoped permissions (`--allow-net=api.example.com`, `--allow-read=./data`) rather than `-A` in anything beyond local prototyping — Deno's whole security model is undermined the moment you reach for allow-all, including in CI.

Was this cheat sheet helpful?

Explore Topics

#Deno#DenoCheatSheet#WebDevelopment#Intermediate#RunningPermissions#Imports#Npm#JSR#APIs#CheatSheet#SkillVeris
Advertisement
Sri Hayavadhana Info-Tech

Professional Web Designing Services

  • Responsive Websites
  • E-commerce Solutions
  • SEO Friendly Design
  • Fast & Secure
  • Support & Maintenance
Get a Free Quote

Share this Cheat Sheet