What does HackerNews think of wrangler2?

⛅️ The CLI for Cloudflare Workers®

Language: TypeScript

#74 in Command line interface
#110 in JavaScript
#14 in Serverless
Microsoft is phoning home the content of PowerPoint slides | Nov 2022
Expand Context ↕
> The fact that Apple itself relies on Linux for most of its servers is a pretty powerful heuristic that Linux is relatively safe [paraphrased by me]

Many world-class companies depend on Windows, so does that mean you think Windows is safe?

An individual does not have the same access to custom tools, and teams of competent people, that ensure their usage of the Linux ecology is secure.

A recent example: I was investigating using CloudFlare Functions, because I think CloudFlare has world-class security and that “serverless” product avoids many security issues I might have with other solutions. Yet one setup step suggested piping in a script from curl to shell (commonly suggested for install steps!). Even worse, https://github.com/cloudflare/wrangler2 is their CLI tool to help development, and Wrangler is based on the node ecology, which is completely insecurable as an individual developer IMHO (trillion dollar companies can probably secure the dev environment). I use a VM to provide some sandboxing, but it still leaves me feeling icky.
Static site hosting hurdles | Sep 2022
With wrangler2 (https://github.com/cloudflare/wrangler2) you can deploy a static site to Cloudflare for free (you don't get any of the features of Cloudflare Pages though):

echo '# Hmm' > index.md

npx @11ty/eleventy

npx wrangler publish --assets _site/ --name name-of-static-website --latest

Are V8 isolates the future of computing? | Jun 2022
I love v8 isolates so far-- I'm building chat tooling with it

When added to the "edge", it means they're (insanely) fast, obliterate cold-start problem (which is killer in chat where you might have not have retry), and as long as what you write can execute between 10-50ms (with ~30s for follow-on queries) it sometimes feels like cheating

The same way Cloudflare "pushes" configuration to their network, they use a similar mechanism to push code to their edge nodes.

They have killer dev tooling too-- https://github.com/cloudflare/wrangler2

You *DON'T* need to think about regions ever-- just deploy to a lot of small regions instantly & it usually "just works" and is fast everywhere.

For extra credit, you also get access to rough-grained location information from each "node" in their network that your users connect to (globally you can get access to rough-grained local timezone, country, city, zipcode, etc): https://blog.cloudflare.com/location-based-personalization-u...

ex. for chat, could so something like to prompt for location info: https://i.imgur.com/0qTt1Qd.gif

Kenton Varda (https://twitter.com/KentonVarda) who was in charge of Protobuf and other projects gave an overview tech talk @ 10:23 speaks to isolates: https://youtu.be/HK04UxENH10?t=625

## Downsides encountered so far

- Not 1-1 replacement, think of your code like a highly-performant service worker (usual suspects: https://developer.mozilla.org/en-US/docs/Web/API/Service_Wor...)

- Many libraries (like Axios for instance) won't work since they call out to Nodejs (this might be a good thing, there are so many web APIs available I was able to write a zero-dependency lib pretty easily) They're adding bespoke support for packages: https://blog.cloudflare.com/node-js-support-cloudflare-worke...

- There's only a tiny of bit of customization for Workers required, however, there's a bit of platform risk

If you haven't tried before, definitely worthy of further examination

Re: security, it seems like a pretty good model.