{"slug": "deno-2-6-dx-is-the-new-npx", "title": "Deno 2.6: dx is the new npx", "summary": "Deno 2.6 introduces a new tool called `dx`, which functions as an equivalent to `npx` for conveniently running binaries from npm and JSR packages. The release also adds more granular permission controls with `--ignore-read` and `--ignore-env` flags, along with an experimental permission broker for advanced permission management.", "body_md": "To upgrade to Deno 2.6, run the following in your terminal:\n\n```\ndeno upgrade\n```\n\nIf Deno is not yet installed, run one of the following commands to install or\n[learn how to install it here](https://docs.deno.com/runtime/manual/getting_started/installation).\n\n```\n# Using Shell (macOS and Linux):\ncurl -fsSL https://deno.land/install.sh | sh\n\n# Using PowerShell (Windows):\niwr https://deno.land/install.ps1 -useb | iex\n```\n\nWhat’s new in Deno 2.6\n\n[Run package binaries with](#run-package-binaries-with-dx)`dx`\n\n[More granular permissions](#more-granular-permissions)[Faster typechecking with tsgo and LSP improvements](#faster-type-checking-with-tsgo-and-language-server-improvements)[Wasm source phase imports](#wasm-source-phase-imports)[Run CommonJS with](#run-commonjs-with---require)`--require`\n\n[Security auditing with](#security-auditing-with-deno-audit)`deno audit`\n\n[Dependency management](#dependency-management)[Bundler improvements](#bundler-improvements)[Node.js compatibility](#nodejs-compatibility)[API changes](#api-changes)[Performance improvements](#performance-improvements)[Quality of life improvements](#quality-of-life-improvements)[V8 14.2](#v8-14-2)[Acknowledgments](#acknowledgments)\n\nRun package binaries with `dx`\n\nDeno 2.6 introduces a new tool, `dx`\n\n, that is an equivalent to `npx`\n\nand is a\nconvenient way to run binaries from npm and JSR packages.\n\n``` bash\n$ dx cowsay \"Hello, Deno!\"\n ______________\n< Hello, Deno! >\n --------------\n        \\   ^__^\n         \\  (oo)\\_______\n            (__)\\       )\\/\\\n                ||----w |\n                ||     ||\n```\n\n*Make sure to install the dx alias: deno x --install-alias*\n\nMore experienced users might recognize that `dx`\n\nworks similarly to `deno run`\n\n,\nbut with the following differences:\n\n`dx`\n\ndefaults to`--allow-all`\n\npermissions, unless another permission flag is passed`dx`\n\nprompts you before downloading a package`dx`\n\nruns lifecycle scripts automatically if you accept the aforementioned prompt`dx`\n\ndefaults to`npm:<package_name>`\n\nunless otherwise specified`dx`\n\nerrors if you try to use it to run a local file\n\nWith the addition of `dx`\n\n, users should find it easier to run package binaries\nin already known fashion. You can enjoy the convenience of `npx`\n\nwhile\nleveraging Deno’s robust security model and performance optimizations.\n\n[Learn more about dx at the Deno docs](https://docs.deno.com/runtime/reference/cli/x/).\n\nMore granular permissions\n\nThis release brings more granular control over permissions. We’ve introduced\n`--ignore-read`\n\nand `--ignore-env`\n\nflags, which allow you to selectively ignore\ncertain file reads or environment variable access. Instead of throwing\n`NotCapable`\n\nerror, you can instead direct Deno to return `NotFound`\n\nerror and\n`undefined`\n\nrespectively.\n\nLet’s see an example of how this works:\n\n``` js\nconst awsSecretKey = Deno.env.get(\"AWS_SECRET_KEY\");\nconsole.log(awsSecretKey);\n\nconst passwd = await Deno.readTextFile(\"/etc/passwd\");\nconsole.log(passwd);\nbash\n$ deno run --ignore-read=/etc --ignore-env=AWS_SECRET_KEY main.ts\nundefined\nerror: Uncaught (in promise) NotFound: No such file or directory (os error 2)\nconst passwd = await Deno.readTextFile(\"/etc/passwd\");\n                          ^\n    at Object.readTextFile (ext:deno_fs/30_fs.js:799:24)\n    at file:///dev/main.ts:4:27\n```\n\nThese new flags allow more flexibility when running untrusted code. Often times\nyou might not want to open up a sandbox, but a certain dependency is insisting\non reading 20 env vars or config files from your home directory. These\ndependencies handle missing env vars or files gracefully, but they were not able\nto handle Deno’s `NotCapable`\n\nerrors. With these new flags, you can now run such\ncode without granting full permissions.\n\nIn addition,\n[ Deno.env.toObject()](https://docs.deno.com/api/deno/~/Deno.Env.toObject) now\nworks with partial environment permissions. If you only grant access to a subset\nof environment variables,\n\n`Deno.env.toObject()`\n\nwill only return the allowed\nvariables.\n\n```\nconsole.log(Deno.env.toObject());\nbash\n$ SOME_SECRET=foo deno run --allow-env=SOME_SECRET main.ts\n{ SOME_SECRET: \"foo\" }\n```\n\nThis release also includes an experimental permission broker. A new feature that allows for advanced controls over permissions with a separate process responsible for managing permission requests.\n\n``` bash\n$ DENO_PERMISSION_BROKER_PATH=/perm_broker.sock deno run untrusted_code.ts\n```\n\nThis can be useful for platform authors that would like to run untrusted code but have a higher-level process to mediate permission requests.\n\nWhen permission broker is active, all `--allow-*`\n\n, `--deny-*`\n\nand `--ignore-*`\n\npermission flags are ignored, and all permission requests are sent to the broker\nprocess instead.\n\nFaster type checking with `tsgo`\n\nand language server improvements\n\nDeno 2.6 integrates [ tsgo](https://github.com/microsoft/typescript-go), a new\nexperimental type checker for TypeScript written in Go. This new type checker is\nsignificantly faster than the previous implementation, which was written in\nTypeScript.\n\nYou can enable `tsgo`\n\nby using the `--unstable-tsgo`\n\nflag or\n`DENO_UNSTABLE_TSGO=1`\n\nenv variable with `deno check`\n\n:\n\n``` bash\n$ deno check --unstable-tsgo main.ts\n```\n\nWe’ve seen 2x speed improvements in type checking times for internal projects when using TSGO.\n\nOn the type checking side, several long-standing pain points have been fixed. Deno is now more tolerant of non-standard import schemes and bare ambient module declarations, which means fewer false-positive errors when working with framework tooling or custom module loaders.\n\nSupport for common `tsconfig.json`\n\noptions has also improved:\n\n`compilerOptions.paths`\n\nnow works as expected for module resolution,`skipLibCheck`\n\nis respected for graph errors,advanced settings like\n\n`isolatedDeclarations`\n\nare supported.\n\nAll of this adds up to a more predictable check experience, especially in multi-package workspaces.\n\nThe language server (LSP) also saw some quality-of-life upgrades. The\n`source.organizeImports`\n\naction is now supported, helping you automatically sort\nand clean up imports from within your editor. Deno will use the editor’s native\nimplementation when available and avoid unnecessary resolution work, making the\nfeature feel native. Test authoring also gets a boost with improved integration\nfor `describe`\n\nand `it`\n\nstyle test functions — editors can now understand and\nsurface information about individual test cases.\n\nSeveral behind-the-scenes fixes make the language server less intrusive:\nconfiguration updates are detected immediately when `tsconfig.json`\n\nchanges,\nlockfiles aren’t written during “cache on save”, and lint-ignore directives\nbehave more consistently with leading comments. These refinements reduce\nfriction and help the language tools stay out of your way while you work.\n\nSource phase imports\n\nDeno 2.6 ships with\n[a new JavaScript feature called “source phase imports”](https://github.com/tc39/proposal-source-phase-imports).\n\nSource phase imports are a new kind of `import`\n\n. Instead of giving you a live\nmodule instance — like `import`\n\nnormally does — they give you the raw source\nrepresentation of a module. In the case of Wasm, that means you can import the\ncompiled `Wasm.Module`\n\ndirectly as part of your build step, without having to\nfetch the file at runtime.\n\nHere’s an example of how you can use it today:\n\n``` python\nimport source addModule from \"./add.wasm\";\n\nconst addInstance = WebAssembly.instantiate(addModule);\nconst add = addInstance.exports.add;\nconsole.log(add(1, 2));\n```\n\nWith this addition and\n[the Wasm imports shipped in Deno v2.1](/blog/v2.1#first-class-wasm-support),\nworking with WebAssembly in Deno is now more ergonomic and efficient.\n\nRun CommonJS with `--require`\n\n[Deno v2.4 shipped with --preload flag](/blog/v2.4#modify-the-deno-environment-with-the-new---preload-flag)\nwhich allows you to load files before executing the main module, making it\npossible to customize the execution environment.\n\nThis release adds the `--require`\n\nflag that serves the same purpose but is meant\nfor executing CommonJS modules instead of ES modules.\n\n``` bash\n$ deno run --require ./setup.cjs main.ts\n```\n\nThis brings Deno closer to Node.js compatibility by supporting a common pattern for preloading modules. The next step on our roadmap is support for custom module loaders, which is planned for a future release.\n\nSecurity auditing with `deno audit`\n\nOne of the most important additions is the new\n[ deno audit](https://docs.deno.com/runtime/reference/cli/audit/) subcommand,\nwhich helps you identify security vulnerabilities in your dependencies by\nchecking GitHub CVE database. This command scans and generates a report for both\nJSR and npm packages.\n\nFor another layer of security, we’ve also added the experimental\n`deno audit --socket`\n\nflag that integrates with\n[socket.dev](https://socket.dev):\n\n``` bash\n$ deno install npm:lodahs\nAdd npm:lodahs@0.0.1-security\n\nDependencies:\n+ npm:lodahs 0.0.1-security\n\n$ deno audit --socket\n\nNo known vulnerabilities found\n\nSocket.dev firewall report\n\n╭ pkg:npm/lodahs@0.0.1-security\n│ Supply Chain Risk: 0\n│ Maintenance: 76\n│ Quality: 41\n│ Vulnerabilities: 100\n│ License: 100\n╰ Alerts (1/0/0): [critical] malware\n\nFound 1 alerts across 1 packages\nSeverity: 0 low, 0 medium, 0 high, 1 critical\n```\n\nThe `deno audit`\n\ncommand scans through your entire dependency graph, checking\neach package against the GitHub CVE database and, if `--socket`\n\nis present,\nsocket.dev’s vulnerability database. This is particularly valuable in CI/CD\npipelines where you want to fail builds if vulnerabilities are found.\n\nIf Deno discovers the `SOCKET_API_KEY`\n\nenvironment variable, it will use it when\ntalking to socket.dev for even more detailed reports, applying your\norganization’s policies and access rules.\n\nDependency management\n\nDeno 2.6 continues to improve Deno’s dependency management features, bringing several significant improvements to how you manage, audit, and control your project dependencies. These enhancements address common pain points in dependency management and provide better visibility into your supply chain security.\n\nGranular control over `postinstall`\n\nscripts with `deno approve-scripts`\n\nMany npm packages run lifecycle scripts (like `postinstall`\n\n, `install`\n\n, or\n`preinstall`\n\n) that execute arbitrary code during installation. While these\nscripts are often legitimate, e.g. compiling native addons or setting up package\nconfigurations, they can also be a security risk.\n\nThe new `deno approve-scripts`\n\nreplaces the `deno install --allow-scripts`\n\nflag\nto give you more ergonomic and granular control over which packages can run\nthese scripts.\n\nWhen you run\n[ deno install](https://docs.deno.com/runtime/reference/cli/install/) and\nencounter packages with lifecycle scripts that aren’t approved, Deno will warn\nyou and suggest running\n\n`deno approve-scripts`\n\n. This command presents an\ninteractive picker where you can review each package that wants to run scripts\nand selectively approve or deny them:\n\n``` bash\n$ deno approve-scripts\n? Select which packages to approve lifecycle scripts for (<space> to select, ↑/↓/j/k to navigate, a to select all, i to\ninvert selection, enter to accept, <Ctrl-c> to cancel)\n  ○ npm:@denotest/node-addon@1.0.0\n  ● npm:chalk@5.0.0\n```\n\nYour choices are saved to `deno.json`\n\nin the `allowScripts`\n\nconfiguration,\ncreating an audit trail of which packages you trust to execute code during\ninstallation.\n\nControlling dependency stability\n\nAdditionally, you can now control the minimum age of dependencies, ensuring that your project only uses dependencies that have been vetted. This helps reduce the risk of using newly published packages that may contain malware or breaking changes shortly after release.\n\nYou can specify the minimum age in your configuration:\n\n```\n{\n  // only install or update to dependencies at least two hours old\n  \"minimumDependencyAge\": \"120\"\n}\n```\n\nOr via a `--minimum-dependency-age=120`\n\nflag.\n\nYou can specify the minimum age in minutes, ISO-8601 duration, or RFC3339\nabsolute timestamp - e.g. `\"120\"`\n\nfor two hours, `\"P2D\"`\n\nfor two days,\n`\"2025-09-16\"`\n\nfor a cutoff date, or `\"2025-09-16T12:00:00+00:00\"`\n\nfor a cutoff\ntime.\n\nImproved lockfile and install workflows\n\nThe `--lockfile-only`\n\nflag for `deno install`\n\nallows you to update your lockfile\nwithout downloading or installing the actual packages. This is particularly\nuseful in CI environments where you want to verify dependency changes without\nmodifying your node_modules or cache. This separation of concerns makes it\neasier to parallelize builds and reduces unnecessary downloads:\n\n``` bash\n$ deno install --lockfile-only\n# Updates deno.lock without fetching packages\n\n$ deno install\n# Now installs with verified lockfile\n```\n\nWe’ve also improved how npm packages are installed and reported, making it\neasier to understand what’s being added to your project. The install output now\nprovides clearer feedback about which packages were added, updated, or reused\nfrom cache, even when not using a traditional node_modules directory.\nAdditionally, we’ve fixed several edge cases around package.bin resolution and\nshimming on Windows to match npm’s behavior more closely, ensuring better\ncompatibility with npm ecosystem tools and scripts. Finally, subpath imports\nstarting with `'#/'`\n\nare now supported for better Node.js compatibility.\n\nBundler improvements\n\nDeno 2.6 brings several important refinements to the bundler, making it more\nreliable and compatible with more use cases. The bundler now works seamlessly\nwithin Web Workers, allowing you to dynamically bundle code even in\nmultithreaded contexts. We’ve improved handling of different target\nplatforms—when bundling for the browser with `--platform browser`\n\n, the bundler\nnow correctly avoids using `createRequire`\n\nand other Node.js-specific APIs to\nensure your bundles run cleanly in browser environments.\n\nRuntime-specific specifiers like `cloudflare:`\n\nand `bun:`\n\nare now treated as\nexternal dependencies by default, preventing them from being bundled and causing\nimport errors:\n\n``` js\nimport { serve } from \"jsr:@std/http\";\nimport { toml } from \"bun:toml\"; // External, not bundled\nimport { parseEnv } from \"cloudflare:workers\"; // External, not bundled\n\nexport default {\n  fetch(req) {\n    return new Response(\"Hello from Cloudflare Workers\");\n  },\n};\nbash\n$ deno bundle --platform browser main.ts bundle.js\n# bun:toml and cloudflare:workers remain as external imports\n```\n\nWe’ve also fixed the transformation of `import.meta.main`\n\nwhen bundling JSR\nentrypoints, improved type safety by properly typing the output file from\n`Deno.bundle()`\n\nas `Uint8Array<ArrayBuffer>`\n\n, and enhanced development workflows\nso that HTML entrypoints properly reload with `--watch`\n\n. Additional reliability\nimprovements include better handling of failed esbuild cleanup operations and\nfixes for internal name clashing that could cause mysterious build failures.\n\nNode.js compatibility\n\nDeno’s Node.js compatibility layer continues to mature in Deno 2.6, with dozens of improvements across file operations, cryptography, process management, and database APIs. This release is a testament to our commitment to making Node.js code “just work” in Deno.\n\n`@types/node`\n\nincluded by default\n\nTypeScript developers get a major quality-of-life improvement: `@types/node`\n\ntype declarations are now included by default. Previously, you’d need to\nmanually import `@types/node`\n\nto get proper type hints for Node.js APIs. Now\nDeno handles this automatically, giving you IDE autocompletion and type safety\nfor all Node.js compatibility features without any setup:\n\n``` js\nimport { readFile } from \"node:fs/promises\";\n\n// ✅ Full type hints without manual installation\nconst data = await readFile(\"./file.txt\", \"utf-8\");\n```\n\n*Deno will still respect your project’s existing @types/node version if you\nhave it installed, ensuring compatibility with your specific type requirements.*\n\nNode.js API fixes and changes:\n\n`node:crypto`\n\n- respect\n`authTagLength`\n\nin`createCipheriv`\n\nfor GCM ciphers ([#31253](https://github.com/denoland/deno/pull/31253)) - autopadding behavior on\n`crypto.Cipheriv`\n\n([#31389](https://github.com/denoland/deno/pull/31389)) - crypto\n`Cipheriv`\n\nand`Decipheriv`\n\nbase64 encoding ([#30806](https://github.com/denoland/deno/pull/30806)) - inspect\n`X509Certificate`\n\nclass ([#30882](https://github.com/denoland/deno/pull/30882)) - prevent cipher operations after finalize\n(\n[#31533](https://github.com/denoland/deno/pull/31533)) - accept\n`ArrayBuffer`\n\non`crypto.timingSafeEqual`\n\n([#30773](https://github.com/denoland/deno/pull/30773))\n\n- respect\n`node:fs`\n\n- implement\n`FileHandle.appendFile(data[, options])`\n\n([#31301](https://github.com/denoland/deno/pull/31301)) - implement\n`FileHandle.readLines()`\n\n([#31107](https://github.com/denoland/deno/pull/31107)) - missing\n`statfs`\n\nexport from`node:fs/promises`\n\n([#31528](https://github.com/denoland/deno/pull/31528)) `fs.cp`\n\nand`fs.cpSync`\n\ncompatibility ([#30502](https://github.com/denoland/deno/pull/30502))`fs.read/fs.readSync`\n\nand`fs.write/fs.writeSync`\n\ncompatibility ([#31013](https://github.com/denoland/deno/pull/31013))`fs.readFile`\n\n,`fs.readFileSync`\n\nassert encoding ([#30830](https://github.com/denoland/deno/pull/30830))`fs.stat`\n\nand`fs.statSync`\n\ncompatibility ([#30637](https://github.com/denoland/deno/pull/30637))`fs.stat`\n\nand`fs.statSync`\n\ncompatibility ([#30866](https://github.com/denoland/deno/pull/30866))`fs.statfsSync`\n\nand`fs.statfs`\n\ncompatibility ([#30662](https://github.com/denoland/deno/pull/30662))`FileHandle`\n\ncompatibility ([#31164](https://github.com/denoland/deno/pull/31164),[#31094](https://github.com/denoland/deno/pull/31094))`fs.realpath`\n\nbuffer encoding ([#30885](https://github.com/denoland/deno/pull/30885))- respect abort signal option on\n`FileHandle.readFile`\n\n([#31462](https://github.com/denoland/deno/pull/31462)) - respects\n`flag`\n\noption on`fs.readfile`\n\nand`fs.readfilesync`\n\n([#31129](https://github.com/denoland/deno/pull/31129)) - set default callback for\n`fs.close`\n\n([#30720](https://github.com/denoland/deno/pull/30720)) - validate\n`fs.close`\n\ncallback function ([#30679](https://github.com/denoland/deno/pull/30679)) - validate\n`fs.read`\n\non empty buffer ([#30706](https://github.com/denoland/deno/pull/30706)) - validate\n`readlink`\n\narguments ([#30691](https://github.com/denoland/deno/pull/30691)) - support option object parameter on\n`fs.write`\n\nand`fs.writeSync`\n\n([#30999](https://github.com/denoland/deno/pull/30999)) - make\n`fs.glob`\n\naccepts`URL`\n\ncwd ([#30705](https://github.com/denoland/deno/pull/30705))\n\n- implement\n`node:process`\n\n- define\n`process.versions.sqlite`\n\n([#31277](https://github.com/denoland/deno/pull/31277)) - export\n`process.ppid`\n\n([#31137](https://github.com/denoland/deno/pull/31137)) - false deprecation warning on\n`crypto.createHmac`\n\n([#31025](https://github.com/denoland/deno/pull/31025)) - implement\n`process:seteuid()`\n\n([#31160](https://github.com/denoland/deno/pull/31160)) - implement\n`process.setegid()`\n\n([#31155](https://github.com/denoland/deno/pull/31155)) - implement\n`process.setgid()`\n\nand`process.setuid()`\n\n([#31162](https://github.com/denoland/deno/pull/31162)) `process.moduleLoadList`\n\nas undefined ([#31022](https://github.com/denoland/deno/pull/31022))- ensure\n`process.argv`\n\nis an array of strings ([#31322](https://github.com/denoland/deno/pull/31322)) - stub missing\n`process.sourceMapsEnabled`\n\n([#31358](https://github.com/denoland/deno/pull/31358)) - make\n`process.stdin.isTTY`\n\nwritable ([#31464](https://github.com/denoland/deno/pull/31464)) - checking\n`Symbol`\n\nin`env`\n\nshould not ask for permission ([#30965](https://github.com/denoland/deno/pull/30965)) - handle falsy values enumerability in process.env\n(\n[#30708](https://github.com/denoland/deno/pull/30708))\n\n- define\n`node:sqlite`\n\n- implement ‘backup’ capability\n(\n[#29842](https://github.com/denoland/deno/pull/29842)) `StatementSync.iterate()`\n\nshould reset`is_iter_finished`\n\nflag on every call ([#31361](https://github.com/denoland/deno/pull/31361))- allow ATTACH DATABASE with\n`--allow-all`\n\n([#30763](https://github.com/denoland/deno/pull/30763)) - fix\n`sqlite`\n\nextension used for testing; ensure related tests are actually meaningful ([#31455](https://github.com/denoland/deno/pull/31455)) - implement\n`DatabaseSync.aggregate()`\n\n([#31461](https://github.com/denoland/deno/pull/31461)) - implement\n`DatabaseSync.function()`\n\nand better error details ([#31386](https://github.com/denoland/deno/pull/31386)) - implement\n`StatementSync#columns()`\n\nmethod ([#31119](https://github.com/denoland/deno/pull/31119)) `setAllowUnknownNamedParameters`\n\nerror message ([#31319](https://github.com/denoland/deno/pull/31319))`sqlite.DatabaseSync`\n\nexplicit resource management compatibility ([#31311](https://github.com/denoland/deno/pull/31311))- fix segfault on calling\n`StatementSync`\n\nmethods after connection has closed ([#31331](https://github.com/denoland/deno/pull/31331)) - add\n`setAllowUnknownNamedParameters`\n\noption ([#31202](https://github.com/denoland/deno/pull/31202))\n\n- implement ‘backup’ capability\n(\n\nOther assorted changes include:\n\n- fix misused\n`napi_callback_info`\n\nin`CallbackInfo`\n\n([#30983](https://github.com/denoland/deno/pull/30983)) - ensure that the\n`node:console`\n\nimplementation has an implementation for`emitWarning`\n\nin scope ([#31263](https://github.com/denoland/deno/pull/31263)) - support advanced serialization in IPC\n(\n[#31380](https://github.com/denoland/deno/pull/31380)) `deepStrictEqual`\n\nnow correctly handles`Number`\n\nobjects ([#31233](https://github.com/denoland/deno/pull/31233))- return string\n`family`\n\nin`server.address()`\n\n([#31465](https://github.com/denoland/deno/pull/31465)) - ensure active timers entry is deleted on\n`Timeout.prototype.refresh`\n\n([#31436](https://github.com/denoland/deno/pull/31436)) `dns.resolve6`\n\ncompatibility ([#30974](https://github.com/denoland/deno/pull/30974))`path.matchesGlob`\n\ncompatibility ([#30976](https://github.com/denoland/deno/pull/30976))`url.domainToASCII`\n\nreturns empty string for invalid domains ([#31219](https://github.com/denoland/deno/pull/31219))- avoid stack overflow in\n`node:zlib`\n\n’s`gunzip`\n\n([#30865](https://github.com/denoland/deno/pull/30865)) `cpus()`\n\nshould not error when there’s no cpu info ([#31097](https://github.com/denoland/deno/pull/31097))- ensure\n`'exit'`\n\nevent is fired only once for`worker_threads`\n\n([#31231](https://github.com/denoland/deno/pull/31231)) - handle empty writes in chunked HTTP requests\n(\n[#31066](https://github.com/denoland/deno/pull/31066)) - handle multiple calls in\n`inspector.Session.post()`\n\n([#31067](https://github.com/denoland/deno/pull/31067)) - implement\n`dns.lookupService`\n\n([#31310](https://github.com/denoland/deno/pull/31310)) - implement\n`fchmod`\n\non windows ([#30704](https://github.com/denoland/deno/pull/30704)) - implement\n`performance.timerify()`\n\n([#31238](https://github.com/denoland/deno/pull/31238)) - implement\n`util.getSystemErrorMessage()`\n\n([#31147](https://github.com/denoland/deno/pull/31147)) - inconsistent error message thrown by\n`AssertionError`\n\n([#31089](https://github.com/denoland/deno/pull/31089)) - make\n`kReinitializeHandle`\n\nwork for TLS wrap ([#31079](https://github.com/denoland/deno/pull/31079)) - map BadResource error to the corresponding node error\n(\n[#30926](https://github.com/denoland/deno/pull/30926)) - omit\n`smi`\n\nfrom`zlib.crc32`\n\nop function ([#30907](https://github.com/denoland/deno/pull/30907)) - reimplement\n`setImmediate`\n\nAPI ([#30328](https://github.com/denoland/deno/pull/30328)) `setTimeout`\n\npromisified to handle abort signal ([#30855](https://github.com/denoland/deno/pull/30855))- truncate first non-hex value on\n`Buffer.from`\n\n([#31227](https://github.com/denoland/deno/pull/31227))\n\nAPI changes\n\nDeno 2.6 introduces several new APIs and stabilizations that expand what you can\ndo with the platform. The `BroadcastChannel`\n\nAPI is now stable after being\nexperimental, making it easier to communicate across workers and contexts:\n\n``` js\nconst channel = new BroadcastChannel(\"my-channel\");\n\nchannel.onmessage = (event) => {\n  console.log(\"Message from worker:\", event.data);\n};\n\nconst worker = new Worker(\"./worker.ts\");\nworker.postMessage(\"Hello from main\");\njs\nconst channel = new BroadcastChannel(\"my-channel\");\nchannel.postMessage(\"Hello from worker\");\n```\n\nWeb streams like `ReadableStream`\n\n, `WritableStream`\n\n, and `TransformStream`\n\nnow\nsupport transferability, allowing you to efficiently pass these streams between\nworkers without copying:\n\n``` js\nconst INDEX_HTML = Deno.readTextFileSync(\"./index.html\");\nconst worker = new Worker(\"./the_algorithm.js\", { type: \"module\" });\n\nDeno.serve(async (req) => {\n  if (req.method === \"POST\" && req.path === \"/the-algorithm\") {\n    const { port1, port2 } = new MessageChannel();\n    worker.postMessage({ stream: req.body, port: port1 }, {\n      transfer: [req.body, port1],\n    });\n    const res = await new Promise((resolve) => {\n      port1.onmessage = (e) => resolve(e.data);\n    });\n    return new Response(res);\n  }\n  if (req.path === \"/\") {\n    return new Response(INDEX_HTML, { \"content-type\": \"text/html\" });\n  }\n  return new Response(null, { status: 404 });\n});\n```\n\n`ImageData`\n\nnow supports `Float16Array`\n\n, enabling more efficient memory usage\nfor certain image processing workflows:\n\n``` js\nconst imageData = new ImageData(\n  new Float16Array(width * height * 4),\n  width,\n  height,\n);\n```\n\nSignal handling has been improved with support for integer signals in\n`Deno.kill()`\n\nand child process kill methods, and `Deno.HttpClient`\n\nnow works\nwith `WebSocket`\n\nconnections, including new TCP proxy support:\n\n``` js\nconst client = new Deno.HttpClient({\n  allowHost: true,\n  proxy: { url: new URL(\"http://proxy.example.com:8080\") },\n});\n\nconst ws = new WebSocket(\"wss://api.example.com/socket\", {\n  httpClient: client,\n});\n```\n\nPerformance improvements\n\nDeno 2.6 delivers performance improvements across the board.\n\nMost notably, we fixed a memory leak in the `fetch`\n\nAPI that increased memory\nusage in multi-threaded programs.\n\nWe’ve also optimized the V8 engine integration by implementing stack-allocated scopes, reducing memory allocation overhead and improving garbage collection efficiency.\n\nOn the Node.js compatibility side, we’ve moved critical operations like\n`getOwnNonIndexProperties`\n\nand `Buffer.compare`\n\ninto native code, delivering\nperformance improvements for code relying on these APIs.\n\nQuality of life improvements\n\nBeyond the major features, Deno 2.6 includes many small but meaningful\nimprovements that make your day-to-day development smoother. The\n`deno install -g`\n\ncommand now requires a `--`\n\nseparator when passing arguments\nto your installed scripts, preventing confusion between flags for `deno`\n\nitself\nand flags for your script. Additionally, you can now install multiple global\npackages in a single command:\n\n```\n# Install multiple packages at once\ndeno install -g npm:prettier npm:typescript\n```\n\nIf you’re publishing packages to JSR, you can now add `\"publish\": false`\n\nto your\n`deno.json`\n\nto prevent accidental publishes of monorepo packages or private\nmodules that shouldn’t be released:\n\n```\n{\n  \"name\": \"@myorg/private-tools\",\n  \"publish\": false\n}\n```\n\nTest coverage improvements make it easier to measure code quality.\n\nCoverage data is now collected from workers—previously, any code running in worker threads wouldn’t count toward your coverage report, giving you incomplete metrics. Blob URLs are also now properly excluded from coverage, avoiding noise from dynamically generated code.\n\nHTML coverage reports now include a dark mode toggle, so you can review coverage reports comfortably in any lighting.\n\nJUnit test reports are now properly formatted without ANSI escape codes, making them compatible with CI/CD systems that expect clean XML output.\n\nStack traces have been dramatically improved with better filtering of internal frames. Deno now filters out noisy internal frames, dims internal Deno runtime frames in grey to distinguish them from your code, and shows relative paths for better readability:\n\nCommand-line completions for `deno task`\n\nare now dynamic and context-aware. As\nyou define more tasks in your `deno.json`\n\n, shell autocompletion will\nautomatically discover and suggest them.\n\n*Make sure to re-generate your shell completions after upgrading, use\ndeno completions --dynamic.*\n\nThe lint plugin API now has access to `env`\n\nand `read`\n\npermissions, enabling\nmore sophisticated linting rules that can access environment configuration and\nread files.\n\nA small but useful feature in this release is the `--empty`\n\nflag for\n`deno init`\n\n. This flag creates an empty `deno.json`\n\nfile, which can be useful\nwhen you want to start a new project from scratch.\n\n``` bash\n$ deno init --empty\n✅ Project initialized\n\n$ cat deno.json\n{}\n```\n\nFrom the very first release, Deno shipped with support for source maps,\nespecially automatically generated source maps for TypeScript files. This\nrelease improves source map support by adding native runtime support—any time an\nexception is thrown, Deno will check for “magic” comments like\n`//# sourceMappingURL=...`\n\nand apply the source map to the stack trace.\n\nV8 14.2\n\nDeno 2.6 upgrades the V8 engine to version 14.2, bringing the latest performance improvements, bug fixes, and new JavaScript features from the V8 team.\n\nAcknowledgments\n\nWe couldn’t build Deno without the help of our community! Whether by answering\nquestions in our\ncommunity [Discord server](https://discord.gg/deno) or [reporting bugs](https://github.com/denoland/deno/issues),\nwe are incredibly grateful for your support. In particular, we’d like to thank\nthe following people for their contributions to Deno 2.6: Adriano, amitihere,\nAsher Gomez, Azeem Pinjari, Charles Duffy, codepage949, CPunisher, ctrl+d,\nDaniel Osvaldo Rahmanto, Edilson Pateguana, Felipe Cardozo, geogrego, Ishita\nSIngh, j-k, Jake Champion, James McNally, Kenta Moriuchi, Kisaragi Hiu, Lach,\nLucas Wang, Maksim Bondarenkov, Murat Kirazkaya, Nassim Z, Nicholas R, Ohkubo\nKOHEI, prempyla, ryu, Sahil H. Mobaidin, Shannon Poole, Sravanth, Takumi\nAkimoto, TarikSogukpinar, Tugrul Ates, ud2, Uday Kumar Choudhary, valentin\nrichard, Vamshi Krishna Pendyala, withtimezone, xBZZZZ, and xtqqczze.\n\nWould you like to join the ranks of Deno\ncontributors? [Check out our contribution docs here](https://docs.deno.com/runtime/manual/references/contributing),\nand we’ll see you on the list next time.\n\nBelieve it or not, the changes listed above still don’t tell you everything that\ngot better in 2.6. You can view\nthe [full list of pull requests merged in Deno 2.6 on GitHub](https://github.com/denoland/deno/releases/tag/v2.6.0).\n\nThank you for catching up with our 2.6 release, and we hope you love building with Deno!\n\n🚨️[There have been major updates to Deno Deploy!]🚨️\n\n[Database connections and data explorer right in the UI][Connect to AWS and GCP via Cloud Connections][Automatic and immediate observability and telemetry]and\n\n[much more!]", "url": "https://wpnews.pro/news/deno-2-6-dx-is-the-new-npx", "canonical_source": "https://deno.com/blog/v2.6", "published_at": "2025-12-10 09:00:00+00:00", "updated_at": "2026-05-22 12:22:04.842570+00:00", "lang": "en", "topics": ["developer-tools", "open-source"], "entities": ["Deno", "npm", "JSR", "V8"], "alternates": {"html": "https://wpnews.pro/news/deno-2-6-dx-is-the-new-npx", "markdown": "https://wpnews.pro/news/deno-2-6-dx-is-the-new-npx.md", "text": "https://wpnews.pro/news/deno-2-6-dx-is-the-new-npx.txt", "jsonld": "https://wpnews.pro/news/deno-2-6-dx-is-the-new-npx.jsonld"}}