Build a REST API with Deno 2 using Web Standards APIs. Secure by default with explicit permissions, built-in testing, and zero config.
## Task
REST API using Deno 2 with Web Standards and explicit permissions.
## Requirements
- Runtime: Deno 2+
- Router: Hono or Oak
- Database: Deno KV or PostgreSQL via deno-postgres
- No package.json — use import maps or jsr: imports
## Specifications
```typescript
// Deno.serve — built-in HTTP server
Deno.serve({ port: 3000 }, handler);
// Routes:
// GET /api/posts → list with pagination
// POST /api/posts → create (auth required)
// GET /api/posts/:id → read
// PATCH /api/posts/:id → update (auth + owner)
// DELETE /api/posts/:id → delete (auth + owner)
// Deno permissions (run with):
// deno run --allow-net=0.0.0.0:3000,db.example.com --allow-env=DATABASE_URL main.ts
```
## Implementation Notes
1. Use Web Standards: Request, Response, URL, Headers, crypto.subtle
2. Deno KV for simple storage: await Deno.openKv()
3. Built-in testing: "ca39919f8b0f268ea3c4be973",
4. Permissions: document exactly which --allow-* flags are needed and why
5. Type checking: deno check (built-in, no tsconfig needed)
6. Deploy: deno deploy (Deno's edge hosting) with zero configNo gallery images yet.