The runtime-portable TypeScript framework with supply-chain-aware defaults

Most backend code is now AI-written and shipped before anyone reviews it. DaloyJS makes the safe path the easy one: a secure-by-default runtime, blocked install scripts, source-verified lockfiles, a zero-runtime-dependency core, and an optional hardened GitHub Actions bundle for teams on GitHub.

contract flowRequest -> Response

01routeGET /books/:id

02schemaz.object(...)

03OpenAPI3.1 spec

04clienttyped fetch

Contract-first routing, Standard Schema validation, OpenAPI 3.1 with Hey API typed client codegen, streaming and OpenTelemetry tracing, edge-friendly sessions, a security-focused runtime by default, and a supply-chain-hardened release pipeline for the framework itself. One line on the App constructor, docs: true: auto-mounts a Scalar API reference at /docs and the live OpenAPI 3.1 spec at /openapi.json, the same DX as FastAPI.

ᜇᜎᜓᜌ᜔ Daloy means flow in Tagalog, pronounced da-loy. About the name

Get started Read the docs

$ pnpm create daloy@latest my-api

1,870/1,870 tests passing≥90% line, function, and branch coverage gatesNode 24+, Bun, Deno, Cloudflare, Vercel

Why developers pick DaloyJS

The pitch is simple: keep the delightful parts of the modern web framework ecosystem, then move security and supply-chain posture from "later" to "already handled." That is the difference.

Security is the product

Most frameworks leave supply-chain posture as a company checklist. DaloyJS puts runtime guardrails, pnpm hardening, CI hygiene, ownership files, and release discipline on the happy path from the first scaffold.

One contract, fewer moving parts

Define the route once and get validation, types, OpenAPI 3.1, Scalar docs, Hey API clients, and contract tests from the same source. Less glue code, fewer stale specs, fewer places for an agent or teammate to drift.

Portable without giving up ops

You get a web-standard core that runs on Node, Bun, Deno, Workers, and Edge, plus the production pieces teams expect: request ids, structured logs, plugin encapsulation, graceful shutdown, and first-party middleware.

Built for the vibe-coding era

When code is vibe-coded and deployed within the hour, the dangerous defaults have to be off when nobody remembered to turn them off. DaloyJS assumes coding agents are in the loop: body limits, prototype-pollution-safe JSON, and path-traversal rejection ship in the constructor, scaffolds carry agent guidance, and installs are source-verified.

Hello, contract

One route, types, validation, OpenAPI, and the typed client all generated from it.

import { z } from "zod";
import { App, secureHeaders, rateLimit, requestId } from "@daloyjs/core";
import { serve } from "@daloyjs/core/node";

const app = new App({ bodyLimitBytes: 1 << 20, requestTimeoutMs: 5_000 });

app.use(requestId());
app.use(secureHeaders());
app.use(rateLimit({ windowMs: 60_000, max: 120 })); // global unless you configure keyGenerator or trustProxyHeaders

app.route({
  method: "GET",
  path: "/books/:id",
  operationId: "getBookById",
  request: { params: z.object({ id: z.string() }) },
  responses: {
    200: { description: "Found", body: z.object({ id: z.string(), title: z.string() }) },
    404: { description: "Not found" },
  },
  handler: async ({ params }) => ({
    status: 200,
    body: { id: params.id, title: `Book ${params.id}` },
  }),
});

serve(app, { port: 3000 });

Why DaloyJS

The JS framework that is secure by default at the runtime layer, and ships create-daloy with pnpm install-time hardening and an optional hardened GitHub Actions bundle, so the app-safe pieces of the LLM-era supply-chain defense are on the happy path without giving up OpenAPI ergonomics, runtime portability, typed clients, or Node ops.

Supply-chain-hardened pnpm scaffolds

Pick pnpm in create-daloy and you get a hardened .npmrc out of the box: ignore-scripts=true blocks malicious post-install payloads, minimum-release-age=1440 waits out fresh-package attacks, and verify-store-integrity keeps installs honest. The optional GitHub Actions bundle adds lockfile source checks so git deps and non-registry tarballs cannot quietly sneak in.

Secure-by-default runtime

Unlike frameworks that leave basic protections to plugins or manual error routing, the DaloyJS core starts with guardrails on: prototype-pollution-safe JSON, built-in load shedding, proper 405 Method Not Allowed responses, automatic 5xx info-disclosure stripping in production, and a rate-limited CSP violation receiver.

Hardened against LLM-era attacks

Attackers can use LLMs to scale package impersonation, slopsquatting, dependency reconnaissance, and vulnerability hunting. DaloyJS answers with boring but sharp defaults: blocked lifecycle scripts, delayed fresh-package resolution, source-verified lockfiles, and a zero-runtime-dependency core.

AI-native scaffolding

Every project scaffolded by create-daloy includes an AGENTS.md and context skills. Copilot, Claude, and Cursor automatically understand your framework's conventions, routing rules, and security primitives without a prompt-engineering ritual.

Contract-first by design

One route definition is the source of truth for validation, types, OpenAPI 3.1, the typed client, and built-in contract tests, so drift has fewer places to hide.

Runtime-portable

The core only sees Request → Response. Adapters live at the edge: Node, Bun, Deno, Cloudflare Workers, Vercel - same app, same tests, five runtimes.

Hey API typed clients

Run pnpm gen and get a fully typed fetch SDK, for any consumer, in any TS project, generated from your real spec. Or skip codegen with the in-process typed client.

Faster than you'd expect

Static routes resolve via a single Map.get (~12.3M ops/sec). Dynamic routes walk a trie in O(segments) regardless of route count.

Streaming & observability

Backpressure-safe SSE and NDJSON helpers, plus an OpenTelemetry tracing hook that emits HTTP server spans with semantic-convention attributes.

Hardened scaffolds, batteries included

create-daloy's security bundle ships hardened GitHub Actions (top-level permissions:{}, persist-credentials:false, pinned actions, harden-runner), Dependabot, CODEOWNERS, SECURITY.md, lockfile verification, container templates with non-root + tini PID 1, and a daloy doctor production-posture validator.

Competitor strengths, fewer tradeoffs

DaloyJS is not trying to win one checkbox. It is trying to remove the glue work between the best ideas developers already like.

You want	Today's best-of	What DaloyJS gives you
Best OpenAPI ergonomics	FastAPI	Built-in OpenAPI 3.1 from one route definition
Vercel / serverless / edge fit	Hono	Web-standard core, multi-runtime adapters
Mature Node ops & docs	Fastify	Encapsulated plugins, structured logs, graceful shutdown
Modern TS-first DX, Bun OK	Elysia	End-to-end typed handlers, typed context, typed client
Best typed client codegen	Hey API	pnpm gen → fully typed fetch SDK
Portable supply-chain hardening for the apps you build	pnpm defaults + zero-runtime-dep core	Hardened .npmrc, source-verified lockfiles, SBOM + npm provenance

Benchmarks

The numbers, with the asterisks attached

DaloyJS ships security on by default, so a fair comparison has to say so out loud. These charts come straight from the repo's own benchmark suite, and the caveats are part of the chart.

How DaloyJS measures up

Real numbers from the repo's own benchmark suite. Pick a metric, but keep the caveats below in mind, because none of these are a clean apples-to-apples comparison.

Transitive dependencies installed

Every package your install pulls in is attack surface someone has to trust. DaloyJS and Hono are the only two that bring zero.

What this means for you: Fewer packages to trust means fewer CVEs and no surprise postinstall scripts. Zero dependencies is zero supply-chain doors left open for an attacker.

Takeaway: DaloyJS installs 0 transitive dependencies, tied with Hono for the smallest supply-chain surface, while a secure NestJS app drags in 86.

Apple M3 Max · 16 cores · Node v25.7 · June 2026 · @daloyjs/core 1.0.0-beta.1 · source in bench/cross-framework

Why this is apples to oranges

These frameworks are not the same tool, so a head-to-head chart is closer to apples vs oranges than a fair race. Here is what these numbers do and don't prove, in plain terms.

Apples vs oranges, not apples to apples. These are different tools doing different amounts of work. On every request, DaloyJS validates the body against your Zod or Valibot schema and runs secure headers, a request ID, body-size limits, and request timeouts, all out of the box. The 'minimal' apps for the other frameworks do almost none of this, and even 'secure parity' rarely matches it one for one. So part of every DaloyJS number is security and validation you would otherwise have to build yourself.
Footprint methodology differs: DaloyJS is one zero-dependency package, while the others resolve transitive trees whose exact size depends on when the lockfile was generated.
Throughput is workload-shaped: with a comparable middleware stack on both sides, DaloyJS and Hono land within a handful of percent of each other (DaloyJS ~6% ahead on these GET routes). Real services are usually bound by database and I/O time, not framework dispatch, so these micro-numbers rarely predict production.
Different target runtimes: some frameworks (e.g. Elysia) are tuned for Bun but are measured here under their Node adapters for a fair single-runtime baseline.
Single machine, single moment: one Apple M3 Max, Node v25.7, June 2026, against @daloyjs/core 1.0.0-beta.1. Your hardware, runtime, and versions will move these numbers.

Support the project

If DaloyJS saves you time, you can buy me a coffee

DaloyJS is free and MIT-licensed. If the docs, posts, or the framework itself helped you ship something with a little less drama, coffee is a perfectly reasonable way to keep the work going.

Buy me a coffee Read the blog

Ready to ship, secure by default?

Scaffold a project in seconds with pnpm hardening when you choose pnpm, generated CI that blocks install scripts, pinned GitHub Actions, Dependabot, CODEOWNERS, and lockfile source verification. Then keep the contract as the app grows, the same app runs on Node, Bun, Deno, Cloudflare Workers, and Vercel.

Install DaloyJS Build a bookstore API View source

For developers and AI agents

Read the docs over MCP

DaloyJS ships a public Model Context Protocol (MCP) endpoint, so your AI coding agent (Claude, Cursor, VS Code, and friends) can search and read these docs without copy and paste. It is read-only, needs no API key, and speaks the standard Streamable HTTP transport, so it works for humans and LLM agents alike.

Endpoint

Point any MCP-compatible client at this URL:

https://daloyjs.dev/mcp

search_docsKeyword search across every docs page, ranked by relevance.
get_docRead the full text of one page by its route or slug.
list_docsBrowse every available documentation page in one call.

Add it to your MCP client config

json

{
  "mcpServers": {
    "daloyjs-docs": {
      "url": "https://daloyjs.dev/mcp"
    }
  }
}

Using a stdio-only client? Bridge it with npx -y mcp-remote https://daloyjs.dev/mcp.