Update dependency wrangler to v4.91.0 (main) by renovate[bot] · Pull Request #527 · conforma/conforma.github.io

renovate · 2026-02-26T03:42:31Z

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
wrangler (source)	`4.59.1` → `4.91.0`

Release Notes

cloudflare/workers-sdk (wrangler)

`v4.91.0`

Minor Changes

#13822 c8be316 Thanks @edmundhung! - Add named tunnel support and tunnel shortcuts to wrangler dev

You can now use wrangler dev --tunnel --tunnel-name <name> to start a dev session with an existing named Cloudflare Tunnel, or set --tunnel-name ahead of time and start it later by pressing t to start or close the tunnel. This gives you a stable public hostname for local development instead of the temporary trycloudflare.com URL used by Quick Tunnels.

Patch Changes

#13848 d4794a8 Thanks @MattieTK! - Condense repeated environment configuration warnings

Wrangler now summarises repeated missing vars and define entries in environment configuration warnings. Experimental unsafe warnings are also only emitted once when the field appears at both the top level and in the active environment.
#13894 58b4403 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260508.1 1.20260511.1
#13780 4352f87 Thanks @matingathani! - Normalize legacy instance type aliases (standard → standard-1, dev → lite) to prevent phantom EDIT diffs on every deploy
#13834 a9e6741 Thanks @matingathani! - fix: hotkeys now work with Caps Lock enabled

Wrangler's dev server hotkeys (e.g. b to open browser and x to exit) did not respond when Caps Lock was enabled. These hotkeys now work consistently whether or not Caps Lock is on.
#13750 da664d5 Thanks @matingathani! - fix: automatically delete log files older than 30 days and add WRANGLER_WRITE_LOGS=false to disable disk logging

Wrangler previously accumulated log files in ~/.wrangler/logs/ indefinitely, causing some users to accumulate gigabytes of logs over time.

Log files older than 30 days are now automatically cleaned up on the first log write. Disk logging can be disabled entirely by setting WRANGLER_WRITE_LOGS=false.
#13914 bdc398c Thanks @Maximo-Guk! - preserve native shape of non-string vars in worker previews

wrangler preview previously coerced every non-string entry in previews.vars (arrays, objects, numbers, booleans) into a plain_text binding via JSON.stringify, so at runtime the worker saw a literal string instead of the value declared in wrangler.jsonc. wrangler deploy already serializes non-string vars as json bindings so the Workers runtime parses them back into native JS values; previews now match.

Before:
```
// wrangler.jsonc — previews.vars
{ "ALLOWLIST": ["a@example.com", "b@example.com"] }
// runtime
typeof env.ALLOWLIST === "string" // true (was '["a@example.com","b@example.com"]')
```
After:
```
typeof env.ALLOWLIST === "object"; // Array.isArray(env.ALLOWLIST) === true
```
#13778 1420f10 Thanks @maxwellpeterson! - Propagate unsafe.bindings and service binding cross_account_grant to worker previews

Worker previews now propagate unsafe.bindings declared on the previews config block to the deployment metadata, mirroring the deploy-time behavior. Without this, internal binding shapes that wrangler doesn't yet model (notably service bindings carrying cross_account_grant) were silently dropped on previews while working fine on regular deploys. The same change wires through cross_account_grant on typed services bindings.
Updated dependencies [58b4403, f781a2b]:
- miniflare@4.20260511.0

`v4.90.1`

Compare Source

Patch Changes

#13866 4e44ce6 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260507.1 1.20260508.1
#13837 b0cee1d Thanks @matingathani! - Fix beta/open-beta status message ignoring printBanner: false — when a command sets printBanner: (args) => !args.json, the status banner no longer appears in JSON output
#13887 d878e13 Thanks @apeacock1991! - Fix wrangler dev hanging on shutdown when remote bindings are present

startDev() registers dev hotkeys before authenticating the user. During interactive dev sessions, the auth callback re-registers hotkeys, which updates the local unregisterHotKeys variable to a new cleanup function. However, the unregisterHotKeys value returned to callers was captured as a direct reference to the initial registration, so it would call the stale cleanup function instead of the current one.

This has been fixed by returning a wrapper function () => unregisterHotKeys?.() instead of the variable directly. The wrapper evaluates unregisterHotKeys at call time, ensuring it always invokes the latest cleanup function even after re-registration.
#13867 971dfe3 Thanks @petebacondarwin! - Fix race in RemoteProxySession.updateBindings so it waits for the remote worker to finish reloading with the new bindings before resolving

Previously, updateBindings resolved as soon as the config update event was dispatched, long before the remote worker had been re-uploaded and the local proxy worker had unpaused. Callers that issued requests immediately afterwards could see flaky failures — typically "WebSocket connection failed" for JSRPC bindings such as service bindings or dispatch namespaces — because the local proxy worker was still in its paused state during the reload window. updateBindings now waits for the next reloadComplete event and for the local proxy worker's runtime-message queue to drain before returning, so callers can safely issue requests after await session.updateBindings(...). If the reload fails, the rejection from updateBindings carries the underlying error.
#13867 971dfe3 Thanks @petebacondarwin! - Fix unhandled AbortError from wrangler dev's remote tail WebSocket when the bundle rebuilds or the dev session shuts down

The remote-runtime tail-logs WebSocket (#activeTail in RemoteRuntimeController) was constructed with the same AbortSignal that onBundleStart aborts to cancel in-flight preview-session operations. The abort destroyed the WebSocket's underlying upgrade request with AbortError, which had no error listener attached and propagated as an unhandled exception. We now attach an error listener at WebSocket construction that ignores errors (logging at debug level), matching the safeguards already present on the terminate paths in #previewToken and teardown().
Updated dependencies [4e44ce6, 5d936c5]:
- miniflare@4.20260508.0

`v4.90.0`

Compare Source

Minor Changes

#12279 248bc08 Thanks @penalosa! - Add deprecation warning for delivery_delay in queue producer bindings

The delivery_delay setting in [[queues.producers]] was silently having no effect since 2024. This change adds a deprecation warning when the setting is used, informing users that queue-level settings should be configured using wrangler queues update instead. The setting will be removed in a future version.

Patch Changes

#13853 8852b0c Thanks @gpanders! - Fix Containers SSH config
#13858 e414e56 Thanks @penalosa! - Fix wrangler whoami and account selection failing for Account API Tokens

The /memberships fallback for Account API Tokens was checking for code 9109, but /memberships actually returns 9106 for that case. Correct the code so the fallback to /accounts triggers as intended.
Updated dependencies []:
- miniflare@4.20260507.1

`v4.89.1`

Compare Source

Patch Changes

#13824 dd3baf3 Thanks @emily-shen! - Fix container deployment being skipped for Workers for Platforms user workers

Previously, deploying a worker with --dispatch-namespace would early-exit before calling deployContainers(), meaning container-app registration that links the image to the Durable Object namespace was never executed for WfP user workers. Container deployment now runs before the WfP early exit.
Updated dependencies [5cf6f81]:
- miniflare@4.20260507.1

`v4.89.0`

Compare Source

Minor Changes

#13055 f3fed88 Thanks @GregBrimble! - Introducing the cache configuration option for Workers.

You can now set { cache: { enabled: true } } in your Wrangler configuration file to enable a HTTP cache in front of your Worker's fetch handler. This is also supported in [previews] configuration — previews.cache overrides the top-level cache setting for preview deployments, and falls back to the top-level value when absent. More information can be found in our documentation.
#13776 1a54ac5 Thanks @petebacondarwin! - wrangler dev and other Miniflare-backed commands now run the local workerd runtime with TZ=UTC to match production

Previously, wrangler dev (and other commands that spin up Miniflare, such as wrangler kv, wrangler d1, wrangler r2, wrangler check) inherited the host machine's timezone, so Date and Intl APIs inside a Worker observed the developer's local timezone during local development but UTC in production. This caused subtle, hard-to-debug differences between local and deployed behaviour.

Local development now matches production. Code that previously relied on the host timezone during wrangler dev will need to either accept UTC (the production behaviour) or explicitly construct dates/formatters with the desired timezone.

Patch Changes

#13829 2284f20 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260504.1 1.20260506.1
#13841 332f527 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260506.1 1.20260507.1
#13777 18e833d Thanks @matingathani! - fix: throw a clear error when _routes.json contains invalid JSON instead of silently skipping it
#13751 b6cea17 Thanks @matingathani! - fix: ensure wrangler types --check --env-file does not falsely report stale types when .dev.vars exists
#13775 53e846a Thanks @maxwellpeterson! - Fix wrangler preview not propagating the assets binding to preview deployments

Previously, wrangler preview would upload the asset manifest correctly but the resulting preview deployment had no ASSETS binding (or whatever name was configured under assets.binding). Workers reading from the binding would see undefined and fail at runtime.

The fix emits the assets binding into the deployment's env map alongside other bindings, mirroring wrangler deploy.
#13770 beff19c Thanks @petebacondarwin! - Only show accounts available for the current login auth in wrangler whoami and the interactive account picker

Wrangler now lists the intersection of /accounts and /memberships instead of either endpoint alone, dropping accounts the active OAuth token or API token has no membership in. The accounts field of wrangler whoami --json is filtered the same way. When /memberships is inaccessible to the current auth (e.g. Account API Tokens) Wrangler falls back to /accounts so those tokens continue to work as before.
#13832 af42fed Thanks @gpanders! - Show containers ssh in wrangler containers --help and in wrangler containers ssh --help

The containers ssh command was previously hidden, so it did not appear in the list of subcommands shown by wrangler containers --help, and its description was omitted from wrangler containers ssh --help. The command is now listed with its description in both places.
Updated dependencies [2284f20, 332f527, 039bada, 1a54ac5]:
- miniflare@4.20260507.0

`v4.88.0`

Compare Source

Minor Changes

#13760 e07825a Thanks @danielgek! - Add builtin storage option to wrangler ai-search create.

wrangler ai-search create now supports a third storage type, builtin, in addition to r2 and web-crawler. When --type builtin is selected (or chosen interactively), Wrangler creates the instance using Cloudflare-managed storage by omitting type and source from the API request — the API treats an absent type as builtin storage. Builtin instances do not accept --source, --prefix, --include-items, or --exclude-items.
#13721 58899d8 Thanks @danielgek! - Add optional custom_metadata step to wrangler ai-search create

The wrangler ai-search create interactive wizard now lets you declare custom metadata fields that the new AI Search instance should index. Each field is a field_name paired with a data_type (text, number, boolean, or datetime).

You can provide fields up-front via the new repeatable --custom-metadata flag using field_name:data_type syntax:
```
wrangler ai-search create my-instance \
  --type r2 --source my-bucket \
  --custom-metadata title:text \
  --custom-metadata views:number
```
For larger schemas, use --custom-metadata-schema to point at a JSON file containing an array of { field_name, data_type } objects:
```
wrangler ai-search create my-instance \
  --type r2 --source my-bucket \
  --custom-metadata-schema schema.json
```
```
[
  { "field_name": "title", "data_type": "text" },
  { "field_name": "views", "data_type": "number" }
]
```
#13701 18b9d5b Thanks @dario-piotrowicz! - Prompt for missing name and compatibility date interactively during wrangler deploy

When deploying without a project name or compatibility_date in your configuration or CLI arguments, wrangler deploy now interactively prompts for the missing values instead of immediately failing with an error. For compatibility date, the prompt offers to use today's date; if you decline, the existing error is shown. The compatibility date prompt is skipped when --latest is passed. In non-interactive or CI environments, behavior is unchanged.

Additionally, when no config file exists, wrangler deploy now offers to save the prompted name and compatibility date to a wrangler.jsonc file for future use. This interactive flow is available for all wrangler deploy invocations — not just asset-only deployments.
#13810 2b8c0cc Thanks @jamesopstad! - Stabilize the secrets configuration property

The secrets property in the Wrangler config file is no longer experimental and will no longer emit an experimental warning when used. Required secrets are validated during local development and deploy, and used as the source of truth for type generation.
```
{
  "secrets": {
    "required": ["API_KEY", "DB_PASSWORD"]
  }
}
```

Patch Changes

#13765 3020214 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260430.1 1.20260501.1
#13800 0099265 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260501.1 1.20260504.1
#13812 25f5ef2 Thanks @emily-shen! - fix: --alias CLI flag now works in wrangler deploy

The --alias flag was accepted but silently ignored during wrangler deploy — only config.alias took effect. We now collect aliases from both config and CLI flags.
#13772 194d75e Thanks @zakcutner! - Fix wrangler types to generate Fetcher for unsafe.bindings entries with type: "service"

Previously, all entries in unsafe.bindings (other than ratelimit) generated a fallback any type. wrangler types now generates Fetcher for unsafe bindings declared with type: "service", matching the type used for regular service bindings.
#13818 9f532f7 Thanks @1000hz! - Support Flagship bindings in Worker Previews

wrangler preview now accepts flagship entries in the previews block and includes them in Preview deployment bindings. This lets Workers that use Flagship bindings deploy Preview versions with preview-specific Flagship app IDs.
#12974 1127114 Thanks @ask-bonk! - Fix props and fetcher-type service bindings being dropped in unstable_getMiniflareWorkerOptions

The post-processing in unstable_getMiniflareWorkerOptions was rebuilding serviceBindings from scratch, which silently dropped props on service bindings and dropped fetcher-type bindings entirely. It was also re-deriving durableObjects identically to what buildMiniflareBindingOptions already produces. Both have been removed; buildMiniflareBindingOptions now produces the final bindings unchanged.
#13739 3ceadef Thanks @edmundhung! - Skip confirmation prompts in wrangler versions deploy when versions are provided as CLI arguments

Passing version IDs or version specs to wrangler versions deploy now applies those values directly instead of opening interactive prompts to confirm the same versions and percentages. This makes the command easier to automate without requiring --yes.
#13745 1a5cc86 Thanks @edmundhung! - fix: preserve request ports in Origin and Referer headers when using wrangler dev --host
Updated dependencies [3020214, 0099265, bb27219, 12fb5db]:
- miniflare@4.20260504.0

`v4.87.0`

Compare Source

Minor Changes

#13726 b5ac54b Thanks @penalosa! - Hard fail on Node.js < 22

Wrangler no longer supports Node.js 20.x, as it reached end-of-life on 2026-04-30. The minimum supported Node.js version is now 22.0.0. See https://github.com/nodejs/release?tab=readme-ov-file#end-of-life-releases.
#13717 9a1f014 Thanks @NuroDev! - Add an experimental experimental_generateTypes() programmatic API.

Wrangler now exposes experimental_generateTypes() from the package root so you can generate Worker types in code using the same logic as wrangler types. The API supports the same core type-generation options (include env/runtime toggles) and returns structured output with separate env and runtime content alongside the combined formatted output.

Patch Changes

#13732 22e1a61 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260426.1 1.20260429.1
#13754 00523c8 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260429.1 1.20260430.1
#13711 1c4d850 Thanks @dario-piotrowicz! - fix: skip auto-config and OpenNext delegation when --config is explicitly provided

When --config is passed to wrangler deploy, the user is explicitly targeting a specific Worker configuration. Previously, wrangler would ignore --config and delegate to opennextjs-cloudflare deploy if it detected an OpenNext project in the working directory, silently deploying the wrong Worker. Now, both auto-config detection and OpenNext delegation are skipped when --config is provided, matching the existing behavior for --script and --assets.
#13735 6d28037 Thanks @edmundhung! - Improve config-schema.json hover text in more editors

Wrangler now emits markdownDescription in config-schema.json alongside the existing description field. Editors that support rich JSON Schema hovers can use that markdown directly instead of rendering escaped links and formatting.
#13722 0827815 Thanks @MattieTK! - Improve safe telemetry categorisation for user-facing Wrangler errors.
#13116 e539008 Thanks @dario-piotrowicz! - Allow getPlatformProxy and unstable_getMiniflareWorkerOptions to start when the assets directory does not exist yet

Previously, getPlatformProxy would catch and swallow NonExistentAssetsDirError internally when the configured assets directory was absent on disk. This has been refactored so that the directory-existence check is skipped entirely for getPlatformProxy and unstable_getMiniflareWorkerOptions, since these APIs are typically used at dev time in frameworks where the assets directory is a build output that may not exist yet.

wrangler dev, wrangler deploy, wrangler versions upload, and wrangler triggers deploy continue to require the assets directory to exist when specified.
Updated dependencies [22e1a61, 00523c8, b5ac54b, e653edf, e1eff94, e539008, 0bf64a7, b04eedf, 6457fb3, c07d0cb]:
- miniflare@4.20260430.0
- @cloudflare/kv-asset-handler@0.5.0

`v4.86.0`

Compare Source

Minor Changes

#13605 ea943ff Thanks @danielgek! - Add namespace support to wrangler ai-search commands

All wrangler ai-search instance commands (create, list, get, update, delete, stats, search) now accept a --namespace (or -n) flag to target a specific AI Search namespace. When the flag is omitted, commands default to the default namespace that Cloudflare automatically provisions for every account.

wrangler ai-search list now displays a namespace column, and wrangler ai-search create offers an interactive picker for existing namespaces (with an option to create a new one) when --namespace is not supplied in an interactive session.

A new wrangler ai-search namespace subcommand group is also introduced, with list, create, get, update, and delete subcommands for managing namespaces directly.
```
wrangler ai-search list --namespace blog
wrangler ai-search create my-instance --namespace blog --type r2 --source my-bucket
wrangler ai-search namespace create blog --description "Blog content"
```
#13637 9eb9e69 Thanks @edmundhung! - Add --tunnel flag to wrangler dev for sharing your local dev server via Cloudflare Quick Tunnels

You can now expose your local dev server publicly by passing --tunnel:
```
wrangler dev --tunnel
```
This starts a Cloudflare Quick Tunnel that gives you a random *.trycloudflare.com URL to share. The tunnel stops automatically when the dev session ends. Quick tunnels don't require a Cloudflare account or any configuration.

A warning is shown when Server-Sent Events (SSE) responses are detected through the tunnel, since quick tunnels don't support SSE.
#13661 0a5db08 Thanks @aspizu! - wrangler tail will now log stack traces. These stack traces already include resolved frames if you have chosen to upload sourcemaps.
#13617 118027d Thanks @roerohan! - Force Flagship bindings to always use remote mode in local dev

Flagship bindings now always access the remote Flagship service during local development, matching the behavior of AI bindings. Previously, Flagship supported both local and remote modes, but the local stub only returned default values, providing no real functionality and creating a dual source of truth for flag evaluations.

The remote config field is retained for backward compatibility but only controls whether a warning is displayed. Setting remote: true suppresses the warning that Flagship bindings always access remote resources and may incur usage charges in local dev.
#13254 e867ac2 Thanks @tgarg-cf! - Add wrangler queues consumer list subcommands for listing queue consumers

Three new commands are available for listing consumers on a queue:
- wrangler queues consumer list <queue-name> — lists all consumers (both worker and HTTP pull), grouped by type
- wrangler queues consumer worker list <queue-name> — lists only worker consumers
- wrangler queues consumer http list <queue-name> — lists only HTTP pull consumers

Patch Changes

#13696 62e9f2a Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260424.1 1.20260426.1
#13576 2dc6175 Thanks @MattieTK! - Restore telemetry tracking for common CLI flags that were unintentionally dropped during sanitisation

When argument sanitisation was introduced, only explicitly allow-listed args had their values included in telemetry. The allow list was very conservative, which meant common boolean flags like --remote, --json, --dry-run, --force, and many others were no longer being captured in sanitizedArgs despite previously being tracked. Boolean flags are inherently safe (values are only true/false), so these have now been added back to the global allow list. A small number of fixed-choice args (--local-protocol, --upstream-protocol, --containers-rollout) have also been added with their known value sets.
#13649 ae8eae3 Thanks @petebacondarwin! - Fix service binding and tail consumer props being dropped between workers in different local dev instances

When a service binding or tail consumer configured with props targeted a worker running in a separate wrangler dev instance (via the dev registry), the props were silently dropped and the remote entrypoint saw an empty ctx.props. Props are now forwarded correctly across the dev registry boundary, matching the behavior users get when all workers run in a single instance.
```
// wrangler.json
{
  "services": [
    {
      "binding": "AUTH",
      "service": "auth-worker", // may be in a separate `wrangler dev` process
      "entrypoint": "SessionEntry",
      "props": { "tenant": "acme" }
    }
  ]
}
```
The target worker's SessionEntry entrypoint now correctly receives { tenant: "acme" } on ctx.props regardless of which local dev instance it runs in.
#13662 f2e2241 Thanks @petebacondarwin! - Fix three resource leaks in unstable_startWorker teardown that could prevent Node from exiting cleanly after worker.dispose().
- The esbuild context created by bundleWorker is now disposed when the initial build fails. Previously a failing initial build (e.g. an unresolvable entrypoint, or a worker started with an invalid config via setConfig) left the esbuild child process running for the lifetime of the parent Node process.
- runBuild's cleanup function now awaits the in-flight build before running the bundler's stop handler. Previously teardown could return before esbuild.BuildContext.dispose() had been called, so the esbuild watcher kept the event loop alive after dispose had resolved.
- BundlerController.teardown() now runs the esbuild cleanup before removing the bundler's temporary directory, and aborts the in-flight bundle build so it cannot emit stale bundleStart/bundleComplete events after teardown. Previously the tmpdir was removed first, which in race with an in-flight rebuild produced confusing "Could not resolve .wrangler/tmp/bundle-XXXX/middleware-loader.entry.ts" errors during dispose.
#13674 4f6ed93 Thanks @petebacondarwin! - Stop emitting a misleading [wrangler:error] Docker build exited with code: <n> log when the user aborts an in-progress container image build (for example by pressing the r rebuild hotkey while the previous build is still running).

The abort-detection branch in the local and multi-worker runtime controllers was matching the wrong error message — it checked for "Build exited with code: 1", but the error thrown by the docker build helper is actually "Docker build exited with code: <n>", and the exit code after a process-group SIGINT/SIGKILL is typically 130/137/143, not 1. As a result, every legitimate user-initiated rebuild abort produced a spurious error event and [wrangler:error] log line. The check now matches the real error message prefix and ignores any non-zero exit code from the aborted build, so a user-requested rebuild while another build is in progress is silent.
#13667 ed2f4ec Thanks @emily-shen! - fix: Preserve auth in remote proxy session data to avoid unnecessary session restarts

maybeStartOrUpdateRemoteProxySession was not including auth in its return value, so on subsequent calls preExistingRemoteProxySessionData.auth was always undefined. This caused the auth comparison to always detect a change, disposing and recreating the remote proxy session on every reload even when auth had not changed.
#13695 92bb8a5 Thanks @alexanderniebuhr! - wrangler types --check no longer throws when the types file was generated with an explicit boolean flag. Previously, yargs would parse such flags as actual booleans rather than strings, causing an internal parse error.
#13662 f2e2241 Thanks @petebacondarwin! - Fix the wrangler tail command leaking a signal-exit listener after the tail has been cleanly closed.

The tail command registered both a tail.on("close", exit) listener and a process-level onExit(exit) handler, but never removed the latter after exit() had run. In long-lived CLI processes this is harmless — the handler eventually runs once on shutdown — but in unit tests that repeatedly invoke wrangler tail, every invocation accumulates a handler that fires during test-runner shutdown. Those late invocations call deleteTail() after the test's auth mocks have been torn down, producing spurious "Not logged in" unhandled rejections which fail the Linux CI runs.

The handler is now removed as soon as exit() runs, and exit() is guarded against re-entry so it is idempotent if both the WebSocket close event and a real signal fire for the same session.
#13187 fcc491a Thanks @dario-piotrowicz! - Recognize Hydrogen as a known unsupported framework in autoconfig

Previously, Hydrogen projects were incorrectly identified as React Router (since Hydrogen uses React Router under the hood), leading to a confusing autoconfig experience. Hydrogen is now recognized as a distinct unsupported framework, so users see a clear message that Hydrogen is not yet supported instead of being guided through React Router configuration.
#13628 e6c437a Thanks @emily-shen! - fix: prioritise CLOUDFLARE_ACCOUNT_ID over a cached account id for all Pages commands

Previously, some Pages commands (pages deploy, pages deployment list/delete/tail, pages download config, pages secret) used a cached account id over the CLOUDFLARE_ACCOUNT_ID environment variable. The pages project commands already correctly prioritised CLOUDFLARE_ACCOUNT_ID.
Updated dependencies [21b87b2, 62e9f2a, 033d6ec, ae8eae3, ef24ff2, 6d27479, 118027d]:
- miniflare@4.20260426.0

`v4.85.0`

Compare Source

Minor Changes

#13222 5680287 Thanks @maxwellpeterson! - Add enabled and previews_enabled support for custom domain routes

Custom domain routes can now include optional enabled and previews_enabled boolean fields to control whether a custom domain serves production and/or preview traffic. When omitted, the API defaults apply (production enabled, previews disabled).

Patch Changes

#13622 5a2968a Thanks @petebacondarwin! - Fix inherited ai_search_namespaces binding display in wrangler deploy

When an ai_search_namespaces binding inherits from the existing deployment, the bindings table now correctly shows (inherited) instead of a raw Symbol(inherit_binding) string.
#13633 3494842 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260421.1 1.20260422.1
#13645 7d728fb Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260422.1 1.20260423.1
#13657 df9319d Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

The following dependency versions have been updated:

Dependency From To

workerd 1.20260423.1 1.20260424.1
#13574 d5e3c57 Thanks @dario-piotrowicz! - Detect Cloudflare WAF block pages and include Ray ID in API error messages

When the Cloudflare WAF blocks an API request, the response is an HTML page rather than JSON. Previously, this caused a confusing "Received a malformed response from the API" error with a truncated HTML snippet. Wrangler now detects WAF block pages and displays a clear error message explaining that the request was blocked by the firewall, along with the Cloudflare Ray ID (when available) for use in support tickets.

For other non-JSON responses that aren't WAF blocks, the "malformed response" error also now includes the Ray ID to help reference failing requests in support tickets.
#13560 7567ef7 Thanks @vaishnav-mk! - Preserve NonRetryableError message and name when the workflows_preserve_non_retryable_error_message compatibility flag is enabled, instead of replacing it with a generic error message.
#11784 2831b54 Thanks @JPeer264! - fix(wrangler): Bind the console methods directly instead of using a global proxy
#13644 377715d Thanks @MattieTK! - Update @clack/core and @clack/prompts to v1.2.0

Bumps the bundled @clack/core dependency used internally by @cloudflare/cli from 0.3.x to 1.2.0, and the @clack/prompts dependency in create-cloudflare from 0.6.x to 1.2.0. Clack v1 includes a number of API changes, but no user-facing prompt behaviour changes are expected.
Updated dependencies [3494842, 7d728fb, df9319d, 3ceeec3, 7567ef7, 0a95061, 7fc50c1, 377715d]:
- miniflare@4.20260424.0
- @cloudflare/unenv-preset@2.16.1

[`v4.84.1`](https://redirect.github.com/cloudflare/workers-sdk/blob/HEA

✂ Note

PR body was truncated to here.

Configuration

📅 Schedule: (UTC)

Branch creation
- Between 12:00 AM and 03:59 AM (* 0-3 * * *)
Automerge
- At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2026-02-26T03:44:07Z

🚀 Preview is available at https://039f4b07.enterprise-contract.pages.dev

github-actions · 2026-02-26T17:35:05Z

🚀 Preview is available at https://08300ee1.enterprise-contract.pages.dev

github-actions · 2026-03-04T00:40:10Z

🚀 Preview is available at https://6626ba07.enterprise-contract.pages.dev

github-actions · 2026-03-05T23:55:35Z

🚀 Preview is available at https://547ec4d3.enterprise-contract.pages.dev

github-actions · 2026-03-09T12:49:51Z

🚀 Preview is available at https://777ca95c.enterprise-contract.pages.dev

github-actions · 2026-03-10T23:04:30Z

🚀 Preview is available at https://41dff465.enterprise-contract.pages.dev

github-actions · 2026-03-13T09:55:22Z

🚀 Preview is available at https://604b8a26.enterprise-contract.pages.dev

github-actions · 2026-03-24T13:28:28Z

🚀 Preview is available at https://cfdb8b39.enterprise-contract.pages.dev

github-actions · 2026-03-27T18:35:59Z

🚀 Preview is available at https://360d8039.enterprise-contract.pages.dev

github-actions · 2026-03-31T14:03:19Z

🚀 Preview is available at https://bf28eac1.enterprise-contract.pages.dev

github-actions · 2026-04-20T18:52:44Z

🚀 Preview is available at https://3b890ad9.enterprise-contract.pages.dev

github-actions · 2026-04-21T19:16:07Z

🚀 Preview is available at https://4b2bcdbc.enterprise-contract.pages.dev

github-actions · 2026-04-24T15:04:30Z

🚀 Preview is available at https://647e09d3.enterprise-contract.pages.dev

github-actions · 2026-04-28T15:42:34Z

🚀 Preview is available at https://16978123.enterprise-contract.pages.dev

github-actions · 2026-04-30T20:06:38Z

🚀 Preview is available at https://d7b0a185.enterprise-contract.pages.dev

github-actions · 2026-05-05T19:15:30Z

🚀 Preview is available at https://d9c98f14.enterprise-contract.pages.dev

github-actions · 2026-05-07T21:30:45Z

🚀 Preview is available at https://df5cf757.enterprise-contract.pages.dev

github-actions · 2026-05-11T14:57:27Z

🚀 Preview is available at https://1eb41ed8.enterprise-contract.pages.dev

github-actions · 2026-05-11T22:10:36Z

🚀 Preview is available at https://aca153ea.enterprise-contract.pages.dev

github-actions · 2026-05-12T10:51:15Z

🚀 Preview is available at https://5981a43f.enterprise-contract.pages.dev

github-actions · 2026-05-14T13:08:29Z

🚀 Preview is available at https://0fc38ee8.enterprise-contract.pages.dev

renovate Bot added main renovate labels Feb 26, 2026

github-actions Bot added the size: XL label Feb 26, 2026

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 4de6708 to 8f5d08f Compare February 26, 2026 17:33

renovate Bot changed the title ~~Update dependency wrangler to v4.68.1 (main)~~ Update dependency wrangler to v4.69.0 (main) Feb 26, 2026

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 8f5d08f to 063bccc Compare March 4, 2026 00:38

renovate Bot changed the title ~~Update dependency wrangler to v4.69.0 (main)~~ Update dependency wrangler to v4.70.0 (main) Mar 4, 2026

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 063bccc to d1bb21f Compare March 5, 2026 23:53

renovate Bot changed the title ~~Update dependency wrangler to v4.70.0 (main)~~ Update dependency wrangler to v4.71.0 (main) Mar 5, 2026

renovate Bot force-pushed the renovate/main-npm-dependencies branch from d1bb21f to 085816e Compare March 9, 2026 12:48

renovate Bot changed the title ~~Update dependency wrangler to v4.71.0 (main)~~ Update npm dependencies (main) (minor) Mar 9, 2026

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 085816e to 04a82b2 Compare March 10, 2026 23:02

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 04a82b2 to d42d94a Compare March 13, 2026 09:53

renovate Bot force-pushed the renovate/main-npm-dependencies branch 3 times, most recently from d3d3ce0 to 8b18491 Compare March 20, 2026 09:56

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 8b18491 to 7fc3e4c Compare March 24, 2026 13:26

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 7fc3e4c to ab5547c Compare March 27, 2026 18:34

renovate Bot force-pushed the renovate/main-npm-dependencies branch from ab5547c to aa15d89 Compare March 31, 2026 14:01

renovate Bot force-pushed the renovate/main-npm-dependencies branch from aa15d89 to f3e5e17 Compare April 1, 2026 12:31

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 71a05b5 to cd4168e Compare April 20, 2026 18:50

renovate Bot force-pushed the renovate/main-npm-dependencies branch from cd4168e to 2aaf470 Compare April 21, 2026 19:14

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 2aaf470 to 4271883 Compare April 24, 2026 15:02

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 4271883 to 135ea33 Compare April 28, 2026 15:40

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 135ea33 to e4a0d10 Compare April 30, 2026 20:04

renovate Bot force-pushed the renovate/main-npm-dependencies branch from e4a0d10 to d71dbe0 Compare May 5, 2026 19:13

renovate Bot force-pushed the renovate/main-npm-dependencies branch from d71dbe0 to 0923760 Compare May 7, 2026 21:29

renovate Bot force-pushed the renovate/main-npm-dependencies branch from 0923760 to fa3b4af Compare May 11, 2026 14:55

github-actions Bot added size: XXL and removed size: XL labels May 11, 2026

renovate Bot force-pushed the renovate/main-npm-dependencies branch from fa3b4af to e9ce0a6 Compare May 11, 2026 22:09

renovate Bot changed the title ~~Update npm dependencies (main) (minor)~~ Update dependency wrangler to v4.90.0 (main) May 11, 2026

github-actions Bot added size: XL and removed size: XXL labels May 11, 2026

renovate Bot force-pushed the renovate/main-npm-dependencies branch from e9ce0a6 to d7da44d Compare May 12, 2026 10:49

renovate Bot changed the title ~~Update dependency wrangler to v4.90.0 (main)~~ Update dependency wrangler to v4.90.1 (main) May 12, 2026

Update dependency wrangler to v4.91.0

8569b96

renovate Bot force-pushed the renovate/main-npm-dependencies branch from d7da44d to 8569b96 Compare May 14, 2026 13:07

renovate Bot changed the title ~~Update dependency wrangler to v4.90.1 (main)~~ Update dependency wrangler to v4.91.0 (main) May 14, 2026

Conversation

renovate Bot commented Feb 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

Minor Changes

Patch Changes

Patch Changes

Minor Changes

Patch Changes

Patch Changes

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Minor Changes

Patch Changes

[v4.84.1](https://redirect.github.com/cloudflare/workers-sdk/blob/HEA

Configuration

Uh oh!

github-actions Bot commented Feb 26, 2026

Uh oh!

github-actions Bot commented Feb 26, 2026

Uh oh!

github-actions Bot commented Mar 4, 2026

Uh oh!

github-actions Bot commented Mar 5, 2026

Uh oh!

github-actions Bot commented Mar 9, 2026

Uh oh!

github-actions Bot commented Mar 10, 2026

Uh oh!

github-actions Bot commented Mar 13, 2026

Uh oh!

github-actions Bot commented Mar 24, 2026

Uh oh!

github-actions Bot commented Mar 27, 2026

Uh oh!

github-actions Bot commented Mar 31, 2026

Uh oh!

github-actions Bot commented Apr 20, 2026

Uh oh!

github-actions Bot commented Apr 21, 2026

Uh oh!

github-actions Bot commented Apr 24, 2026

Uh oh!

github-actions Bot commented Apr 28, 2026

Uh oh!

github-actions Bot commented Apr 30, 2026

Uh oh!

github-actions Bot commented May 5, 2026

Uh oh!

github-actions Bot commented May 7, 2026

Uh oh!

github-actions Bot commented May 11, 2026

Uh oh!

github-actions Bot commented May 11, 2026

Uh oh!

github-actions Bot commented May 12, 2026

Uh oh!

github-actions Bot commented May 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate Bot commented Feb 26, 2026 •

edited

Loading

[`v4.84.1`](https://redirect.github.com/cloudflare/workers-sdk/blob/HEA