Does Ghost run on Deno?

I’m not a web dev, typically speaking, I’m not a fan of most web stacks. That said, when it comes to CMSs my options are limited. Ghost looks pretty solid, but if I can be that much more secure with Deno, that would be preferable.

3 Likes

Some pertinent posts I found…

Hey @khionu :wave:

To add some context, deno was released 3 days ago, and as a general rule of thumb, there are some hurdles it has before it will be adopted for production.

I’m not a core developer of Ghost, but I am pretty confident in saying they deno won’t be supported for a while. Here’s why (note - some of these points are also discussed in the article @denvergeeks linked to):

  1. Ghost supports active LTS versions of node, so it will be a few years before they can use ES modules in the core product. Since deno doesn’t support common.js require statements, you have to at least wait until that happens.

  2. Ghost is composed of quite a few components. Some of the components are lazy-loaded for performance. Since lazy-imports in es-modules are async, this would require some architectural changes to Ghost (though Deno seems to have a workaround for this)

  3. Ghost uses many open-source libraries. These libraries will need to be updated (e.g. single file export rather than multi-file requires) to support deno

  4. My understanding is Deno’s permission boundaries are limited to the application-level rather than the module level. Ghost will need access to most if not all of the permissions that deno restricts, so you won’t be gaining security from that perspective. Ghost already uses a lockfile for module resolution, meaning people that install ghost will be using the same dependencies as the people that develop ghost.

So to summarize: we will have to wait, it’s going to require a decent amount of work, and from a security perspective, it won’t provide much (if any) benefit.

10 Likes

Wow. Scholarly. Thanks for this cogent analysis, @vikaspotluri123!

2 Likes

Thank you very much, looking forward to when Ghost gets to the point!

Two years later, now that Deno is a bit more established, is it possible to deploy on Deno Deploy?

Seeing as Node has started supporting standard web API’s (fetch, modules, etc) and Deno has always followed standards, it would be rather sad if it was not interoperable.

Also relevant: Deno recently started supported NPM packages.

Ghost still has a lot of node-specific dependencies. I know the Deno team is working to make node/npm interop feasible, but it’s still at least a few months out.

The other thing to realize is Ghost is designed to run as a single monolith, and Deno Deploy is distributed. While Ghost has made progress to be less-monolith focused, there’s still a single-instance limitation which Deno Deploy would (theoretically) violate

Coming to modules and fetch - Ghost is still written in CommonJS and lazy loads modules - converting them to esm is not a trivial task! For fetch, Ghost supports all LTS versions of node, so it would take at least a year (I’m not sure if it was backported to 16.x) before native fetch would be used

2 Likes