Forem: Mohamed Gallah

The JavaScript Runtime Showdown: Node.js vs Deno vs Bun

Mohamed Gallah — Mon, 13 Oct 2025 16:18:45 +0000

Dear fellow developer, are you still using Node/npm for every project? There might be better options.

The JavaScript runtime landscape has evolved significantly with tools like Bun and Deno (among others) offering better alternatives focusing on performance, security and DX.

Wait! What are JS runtimes anyway?

Think of runtimes as an environment that enables JS code execution; whether in a browser or on a server like Node.js. A runtime provides the necessary components for JS execution like:

JS Engine (V8 in Chrome and Node.js)
Runtime libraries and APIs for file system and networking etc ...
The event loop and task queues

Enter Node.js

Node.js was released in 2009 to address the limitation of traditional web servers like Apache that struggled with handling large number of simultaneous connections due to blocking I/O model. At the time, Node.js allowed developers to handle thousands of concurrent connections by introducing an event-driven non-blocking I/O model, which makes Node suitable for real-time applications and scalable servers.

A year later, npm was introduced to handle and simplify dependencies management for Node.js projects as the ecosystem grew significantly. Later, npm became the default package manager for Node.js by making code sharing and modular development more practical.

Since then, Node became the most used runtime powering millions of applications thanks to a unified JS everywhere architecture for both frontend and backend applications. It matured as a steady, widely adopted backend server, providing:

Extensive packages thanks to the npm ecosystem
Enterprise-level trust and adoption
Continuous integration of modern JS patterns standards

However, Node.js has notable limitations:

Single threaded nature, which limits performance for CPU intensive operations
Legacy callback-based pattern; having multiple nested callbacks leads to hard to maintain code
Unstable API changes
Memory usage
Security issues

The security-first alternative: Deno

Deno was developed by Ryan Dahl, the original Node creator, in 2018 to address several issues and design choices in Node.js. It's built on V8 engine and written in Rust.
Deno developers aimed for a more secure, modern runtime environment by avoiding complexities and security issues in Node.js.

By doing that, Deno provides:

Incorporates modern JS features like Promises and async/await
Creates a sandboxed environment with explicit permission for file system access
Being TypeScript native

On the other hand, Deno is still:

Lacking maturity
Has a long learning curve
Small community

The speedster: Bun

Bun is designed to be a drop-in replacement for Node.js, built to be fast as it's based on JavaScriptCore (unlike Node.js and Deno) and written in Zig.

It was introduced in 2023, and intended to be fast, high-performance runtime with faster startup times and excellent developer experience.

Bun provides:

An all-in-one tools set (bundler, test runner, package manager)
Native JS, TypeScript and JSX support without external transpilers
Faster performance in common tasks compared to Node.js

Although, Bun is still in early stages compared to Node and Deno, with smaller community.

Comparison

Feature	Node.js	Deno	Bun
Speed	Moderate (slower startup and dependency install)	Faster startup and runtime	Fastest (blazing fast; written in Zig)
Ecosystem Size	Huge (largest npm ecosystem)	Growing ecosystem, smaller than Node.js	Rapidly growing but smaller than Node.js
TypeScript Support	Experimental/native transpile requires config or tools like ts-node	Native support, zero config	Native support, zero config
Security Model	Low by default; experimental permission model available	Secure by default: sandbox, explicit permissions for file system and network access	Moderate; no default sandbox or permission control yet
Maturity	Most mature and widely adopted (12+ years)	Moderately mature since 2020	Newest (released 2023), rapidly evolving

Which Should You use?

It depends on what you are building; For enterprise-scale, Node.js remains the wise choice; it's mature, stabel and backed with massive community. Building something security-critical? Deno's ability to provide sandboxed environments is a plus comparing to Node.js.
If performance and modern tooling are your priority, Bun is a worthy choice.

Honorable mentions

The runtimes landscape extends beyond this trio. Different contexts demand specific solutions such as Edge computing or serverless functions. That's where runtimes like Cloudflare Workers, AWS lambdas, Google Cloud Functions are used to run JS in a serverless environments with rapid startup times and scalability.
IoT and embedded systems also have their runtimes, like JerryScript and DukTape, that are optimized for microcontrollers and resource restricted devices.

Conclusion

There is no clear winner here, each runtime is optimized for specific needs and contexts. This specificity and competition drives innovation and pushes features forward as for example how Node.js announced native TypeScript support (as it relied on external transpilers previously), Bun's native support for WebAssembly, and Deno's ability to run JavaScript and TypeScript code in a secure sandboxed environment.

Photo by Patrick Konior on Unsplash

Setting Up a VPS with Nginx, Docker, and GitHub Actions

Mohamed Gallah — Sat, 24 Aug 2024 10:33:41 +0000

Intro

In this article, we'll be walking through setting up a VPS using Nginx, Docker and Github Actions.
This setup will allow you to deploy your web projects seamlessly as soon as you push code to Github repos.

We'll be covering up the following:

Setting up the VPS
Installing and configuring Nginx
Installing Docker and setting up your environment.
Setting up GitHub Actions for continuous deployment.
Setting up SSL certificates with Let’s Encrypt and auto-renewal.

Pre-requisites

Before we get started, you'll need the following:

A VPS with root access. I'll be using a VPS from RackNerd (but you can use any provider: Hertzner, DigitalOcean, AWS ...).
A domain name. I'll be using a domain from Namecheap (required for SSL setup).
Basic knowledge of SSH, Linux commands, and GitHub.

Setting up the VPS

For this article, I’ll assume you’re using Ubuntu as the OS.

SSH into your VPS using the root user.

ssh root@your_vps_ip

Update the package list and upgrade the packages.

sudo apt update && sudo apt upgrade -y

Installing and configuring Nginx

Install Nginx.

sudo apt install nginx -y

Start and enable Nginx.

sudo systemctl start nginx
sudo systemctl enable nginx

Check the status of Nginx.

sudo systemctl status nginx

Open your browser and navigate to your VPS IP address. You should see the Nginx welcome page.
Configure Nginx to serve your web projects. Create a new configuration file for your project.

sudo nano /etc/nginx/sites-available/default

Update the configuration with your domain:

server {
    listen 80;
    server_name yourdomain.com www.yourdomain.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Save the file and exit the editor. Test the Nginx configuration.

sudo nginx -t

If the test is successful, reload Nginx.

sudo systemctl reload nginx

Installing Docker

(From Docker's official documentation)

Setup Docker's apt repo:

# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

Install Docker:

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Verify the installation:

sudo docker --version
docker-compose --version

Setup GH Actions

In your project's root, create a Dockerfile and a docker-compose.yml file.

FROM node:14
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 3000
CMD ["npm", "start"]

version: '3'
services:
  app:
    build: .
    ports:
      - "3000:3000"
    environment:
      NODE_ENV: production

Now, create a .github/workflows/deploy.yml file in your project's root.

name: Deploy to VPS

on:
  push:
    branches:
      - main

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v2

      - name: Build Docker image
        run: |
          docker build -t your-app:latest .
          docker save your-app:latest > your-app.tar
          chmod 664 your-app.tar

      - name: Transfer Docker image to VPS
        uses: appleboy/scp-action@master
        with:
          host: ${{ secrets.VPS_HOST }}
          username: ${{ secrets.VPS_USERNAME }}
          key: ${{ secrets.VPS_SSH }}
          port: ${{ secrets.VPS_PORT }}
          source: "your-app.tar"
          target: "/tmp"

      - name: Deploy to VPS
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.VPS_HOST }}
          username: ${{ secrets.VPS_USERNAME }}
          key: ${{ secrets.VPS_SSH }}
          port: ${{ secrets.VPS_PORT }}
          script: |
            docker load < /tmp/your-app.tar
            docker stop your-app || true
            docker rm your-app || true
            docker run -d --name your-app -p 8003:8003 your-app:latest

Important 1: Replace your-app with your actual values.

Important 2: Add your VPS IP, ssh key and username as secrets in your GitHub repo. You'll need to redo this step with each new repo.

Testing the Deployment

Push a new commit to the main branch, and GitHub Actions should automatically build and deploy your application to your VPS.

Setting up SSL

We’ll use Let’s Encrypt, a free SSL/TLS certificate authority, to get a free certificate and set up auto-renewal using `certbot.

Install Certbot with Nginx plugin:

bash sudo apt install certbot python3-certbot-nginx -y

Generate the SSL certificate:

bash sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

With Nginx plugin installed earlier, Certbot will configure Nginx to use the SSL certificate and set up redirects from HTTP to HTTPS. You’ll be prompted to enter your email address and agree to the terms of service.

Verify SSL installation:

Once Certbot completes the process, you can verify that your site is running with HTTPS by visiting https://yourdomain.com.

Set up auto-renewal:

Certbot will automatically set up a cron job to renew your SSL certificate. You can verify this by running:

bash sudo crontab -l

You should see a cron job similar to the following:

bash 0 */12 * * * certbot renew --quiet

Setup projects after deployment

After deploying your projects, you need to update your nginx configuration to point to the new containers.

First of all, make sure to change port used by your apps to avoid conflicts.

Now, given you deployed your app with the name your-app-container, using the port 8002, you can update your nginx configuration to point to the new container.

nginx server { # Your previous configuration # ... location /your-app-container { rewrite ^/your-app-container/(.*) /$1 break; proxy_pass http://localhost:8002; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # ... # SSL configuration }

Conclusion

You now have a fully automated deployment pipeline for your projects. Every time you push a new commit to the main/master branch, GitHub Actions will build and deploy your application to your VPS. You also have an SSL certificate installed on your server, which will automatically renew every 90 days.

Next Steps

You can take this basic setup further by adding more features like:

Setup an advanced Nginx configurtation to handle multiple domains and subdomains or complex load balancing.
Use Coolify or similar to create a vercel like deployment pipeline.
Adding firewall rules for additional security.

See ya! 🚀

Cover image: Photo by Kvistholt Photography on Unsplash