If you’re coming from a node background, it may not be obvious how to pin dependency versions in Deno. There is no package.json or lockfile, so how do we pin down versions of our dependencies?

The answer lies in our import statements. Let’s say we’re importing the oak server library. We might import it like this:

import { Application } from 'https://deno.land/x/oak/mod.ts';

However, there’s a better way to do this—one that specifies the version of the package we’re importing:

import { Application } from 'https://deno.land/x/oak@v4.0.0/mod.ts';

Now we’ve specified that we want the oak router specifically at version 4.0.0! Deno will see if we have a cached version of oak specifically at this version. If not, it will download and cache the specific dependency version.

What About Indirect Dependencies?

Indirect dependencies are dependencies that our direct dependencies import. In node-based applications, we can generally change the versions of these indirect dependencies by modifying our lock file. In Deno, there doesn’t seem to currently be a way to do this (as of Deno 1.0.0).

This is a question that has me a bit concerned about Deno currently. Deno is young, so there will likely be a good solution to this eventually.

🎓 Learn how the web works

One of the best ways to level up your tech career is to have a great foundational understanding of how the web works. In my free newsletter, How the Web Works, I provide simple, bite-sized explanations for various web topics that can help you boost your knowledge. Join 2,500+ other learners on the newsletter today!

Signing up is free, I never spam, and you can unsubscribe any time. You won't regret it!