Update Deno version to 2.5

[randallb]

Chore

Describe the chore

I'd like to upgrade the edge runtime from 2.1 to 2.5.

Additional context

I'm happy to dev this effort.

[nyannyacha]

Generally, upgrading the Deno codebase in edge-runtime requires overhauling three major components: crates/deno_facade, deno/, and vendor/.

But since we currently lack documented guidelines for this task, it could be a challenging journey for you. So, we generally do not recommend doing it yourself.

We currently expect updates toward version 2.5 to begin early next year.

[riderx]

@nyannyacha the current Deno version is 2.1; it was released 1 year ago. Early next year, will makes 2.5 already 6 months old. Can we get a better timeline for minor versions? Deno docs do not keep old documentation up, so we always deal with a deprecated doc because we lag a lot from minor versions, which is quite ineffective.

[kallebysantos]

Hey @riderx, pls check this answer

Deno itself is composed by multiples crates (sub-packages) so in fact theses LTS are just a version pins over all theses crates, it means that is possible to upgrade theses packages deps gradually. Also the edge-runtime is not a directly 1:1 with upstream and a loot of things was cherry-picked/cloned and customised. This also applies for security patches and bug fixes, so even on 2.1 we can still grab something from latest.

[riderx]

@kallebysantos thanks for enlightening me on this; I do understand the flexibility, but I'm not really sure if that's helpful here to remove confusion.

Following as closely as possible the version that is in a public release is the way to keep confusion as low as possible.

I checked in deno-core there are 4 commits that are not in Deno upstream.

I also saw there are some others fork from Deno; https://github.com/supabase/deno_core https://github.com/supabase/eszip https://github.com/supabase/rusty_v8

That really doesn't help us trust the runtime. I literally use it less and less as it's impossible to know what is in the version we use. That may be why Drizzle Postgres has an SSL issue, and no one gets why.

I really love Deno, but the way it exists in Supabase makes it really hard to deal with. I know lately there is some discussion to have other runtimes, I dont believe Deno is the issue, most of the issue would be fixed if we had the most up to date and complete Deno version.

[kallebysantos]

Hey @riderx, I do understand the confusion and I'm sure that Supabase team does as well. There's already internal plans to improve the version compatibility and Deno support.

I really love Deno, but the way it exists in Supabase makes it really hard to deal with. I know lately there is some discussion to have other runtimes, I dont believe Deno is the issue, most of the issue would be fixed

Yes, Deno does a great job and in fact is not the issue here. The current Edge Runtime codebase is a bit challenging to maintain and requires great tech skills, that's why I believe that they prefer to slow major version upgrades 😔 But I'm sure that even its not being pinned to latest version, they can apply security patches and cherry pick fixes from upstream. If you're facing some 2.1 compatibility problem or think that some upstream feature can be relevant, please open a gh issue for it 💚

[riderx]

Thanks for sharing. I wish I could help. Right now I don't get why there are forks of most Deno packages, plus I have little Rust understanding.