chore(deps): update dependency wrangler to v4.107.0#21
Open
renovate[bot] wants to merge 1 commit into
Open
Conversation
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
dependents-dev | 6a913b0 | Commit Preview URL Branch Preview URL |
Jul 04 2026, 02:01 AM |
9c300c1 to
6a913b0
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
4.105.0→4.107.0Release Notes
cloudflare/workers-sdk (wrangler)
v4.107.0Compare Source
Minor Changes
#14474
aa5d580Thanks @WillTaylorDev! - Add cache options for WorkerEntrypoint exportsYou can now set cache options on
WorkerEntrypointexports and configure cross-version cache behavior globally:Wrangler sends the
exportsconfig to the deploy and version upload APIs alongside the globalcache.enabledandcache.cross_version_cachesettings. The platform resolves those global settings plus cache overrides on exports and validates which entrypoint names are cacheable.#14382
fd92d56Thanks @petebacondarwin! - Add support for declarative Durable Object exportswrangler deploynow accepts anexportsmap inwrangler.jsonas a declarative alternative to the legacymigrationsarray.Each entry in
exportsis keyed by Durable Object class name.typecarries the export kind (currently always"durable-object"); thestatefield carries the lifecycle and defaults to"created"(live) when omitted:{ "exports": { // Provision a new Durable Object class (`MyDO`) "MyDO": { "type": "durable-object", "storage": "sqlite" }, // Delete Durable Object class (`OldGone`) "OldGone": { "type": "durable-object", "state": "deleted" }, // Rename a Durable Object class (from `OldName` to `NewName`) "OldName": { "type": "durable-object", "state": "renamed", "renamed_to": "NewName" }, "NewName": { "type": "durable-object", "storage": "sqlite" }, // Transfer a Durable Object (`Outgoing`) to a new Worker (`target-worker`) "Outgoing": { "type": "durable-object", "state": "transferred", "transferred_to": "target-worker" }, // Prepare to receive the transfer of a Durable Object (`Incoming`) from another Worker (`source-worker`) "Incoming": { "type": "durable-object", "state": "expecting-transfer", "storage": "sqlite", "transfer_from": "source-worker" } } }When a Worker declares Durable Object class bindings but no lifecycle for them (neither a
migrationsarray nor anexportsmap), wrangler warns and now suggests a declarativeexportsentry for each class (previously it suggested a legacymigrationsblock).The deployment response now surfaces the server's reconciliation result — created namespaces, applied tombstones, structured per-scenario info entries, and a
removable_entrieshint for stale tombstones that are safe to delete from the config. Blocking errors return the structured per-class detail with scenario tags, suggested remediation, and any referencing-script context.wrangler versions uploadalso forwardsexports. Declarativeexportslifecycle changes are reconciled when the version is deployed (wrangler versions deployorwrangler deploy), so aversions uploadpayload can declare new classes inexportswithout immediately provisioning them. An actor binding (durable_objects.bindings) to a class declared only inexportson the sameversions uploadis rejected with a clear error (code 100406) — the binding cannot be resolved until the namespace is provisioned. Either stage the new class viactx.exports.X(no binding required) onversions uploadand add the binding at deploy time, or usewrangler deployto provision and bind in one step (the same constraint applies to themigrationsflow).Multi-version deploys (
wrangler versions deploy A@50% B@50%) where the selected versions disagree on declarativeexportsare rejected server-side with a clear message: deploy the version that changesexportsat 100% first, then run the percentage-split deploy. This prevents traffic on one branch routing to code that references unprovisioned or just-deleted DO namespaces. Single-version (100%) deploys are unaffected.Local development (
wrangler dev,vite devandunstable_startWorker) reads Durable Object SQLite storage settings from the newexportsfield, so applications using the declarative flow get correct local-dev storage without needing to also declare amigrationsblock.@cloudflare/vitest-pool-workersalso picks up Durable Object configuration fromexports, so tests against anexports-only Worker run with the correct local SQLite storage and can reach unbound Durable Object classes viactx.exports.X.wrangler typesis also aware ofexports. Live entries (includingexpecting-transfer, the receiving side of a two-phase transfer) are added toCloudflare.GlobalProps.durableNamespaces, which typesctx.exports.Xfor unbound Durable Objects declared only viaexports.#14423
be3f792Thanks @akshitsinha! - Addwrangler flagshipcommands for managing Flagship apps and feature flags.The new
wrangler flagship appsandwrangler flagship flagscommand groups let you create, list, get, inspect, update, set, split, rollout, enable, disable, evaluate, and delete Flagship apps and flags from the CLI, including targeting rules, variations, percentage rollouts, evaluation context, and flag changelogs.#14156
e1532ebThanks @petebacondarwin! - Add opt-in OS keychain storage for OAuth credentialsBy default
wranglerstores your OAuth tokens in a plaintext file, and that is unchanged. You can now opt in to encrypting them at rest instead:wrangler login --use-keyringwrites the tokens to an AES-256-GCM-encrypted file whose key is held in your OS keyring (macOS Keychain, libsecret on Linux, or Windows Credential Manager). Existing plaintext credentials are migrated automatically on first use.Toggle it with any of:
wrangler login --use-keyring/--no-use-keyringwrangler auth keyring enable/disable(orwrangler auth keyringto print the current setting) — useful if you only use named profiles and never run the globalwrangler loginCLOUDFLARE_AUTH_USE_KEYRING=true|falseto override the saved preference for a single commandOpting out deletes the encrypted credentials rather than decrypting them back to disk, so you re-authenticate afterwards. The preference applies to every auth profile, and each named profile gets its own encrypted file and key.
Per-platform requirements: macOS uses the built-in
securitytool (nothing to install); Linux usessecret-toolfromlibsecret-tools(wrangler prints an install hint if it is missing); Windows lazily installs@napi-rs/keyring(~1.9 MB) on first opt-in, and errors with instructions in non-interactive/CI contexts.CLOUDFLARE_API_TOKENandCLOUDFLARE_API_KEY/CLOUDFLARE_EMAILcontinue to take priority over any stored OAuth credentials.Patch Changes
#14502
6b0ce98Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"The following dependency versions have been updated:
#14306
bfe48dbThanks @matingathani! - Remove deprecated--experimental-vm-modulesflag and prevent silent exit on unexpected errorswranglerwas silently exiting with code 1 on Node.js v26 with no error message shown. This release fixes two independent issues that caused this behaviour:A stale Node.js flag that caused unexpected behaviour on Node.js v26 has been removed.
If an error occurs in a situation where the normal error reporting path itself fails,
wranglernow always prints the original error to stderr so the cause is visible rather than silently disappearing.#14481
0277bfaThanks @dario-piotrowicz! - Improve error message when deploying to a non-existent Pages project in non-interactive modePreviously, running
wrangler pages deploywith a--project-namethat doesn't exist in a non-interactive context (e.g. CI, piped input) would fail with a generic "project not found" or "This command cannot be run in a non-interactive context" error. Now it provides a specific error message explaining that the project doesn't exist and suggests how to create it. The error also suggests usingwrangler deployto deploy a Worker instead.#14305
98793d8Thanks @jbwcloudflare! - Improve asset upload performance with single-file uploadsAsset uploads now use a more efficient per-file upload path when the platform enables it. This is rolled out server-side and requires no configuration changes. Existing upload behavior is unchanged when the new path is not enabled.
Updated dependencies [
6b0ce98]:v4.106.0Compare Source
Minor Changes
#14490
75d8cb0Thanks @petebacondarwin! - Addwrangler ai-search jobscommands for managing AI Search indexing jobsYou can now list, trigger, inspect, cancel, and read the logs of indexing jobs for an AI Search instance:
All commands accept
--namespace/-n(defaults todefault). All commands exceptcancelalso accept--jsonfor clean machine-readable output.#14490
75d8cb0Thanks @petebacondarwin! - Add--source-jurisdictiontowrangler ai-search createfor R2-backed instancesR2 buckets can live in a specific jurisdiction (for example
euorfedramp). You can now point an AI Search instance at a bucket in one of those jurisdictions:wrangler ai-search create my-instance --type r2 --source my-bucket --source-jurisdiction euWhen run interactively, the R2 source flow also prompts for a jurisdiction and lists (and can create) buckets within it. The value is a free-form string forwarded to the API as
source_params.r2_jurisdiction(server-side validated); omit the flag for no specific jurisdiction. This AI Search command is in open beta.#14490
75d8cb0Thanks @petebacondarwin! - Add auth profiles for managing multiple OAuth loginsAuth profiles let you maintain separate OAuth logins and bind them to directories, so you can switch between different accounts for different projects without having to re-login.
For example:
New commands under
wrangler auth:wrangler auth create <name>— create or re-authenticate a named profile via OAuthwrangler auth delete <name>— delete a profile and all its directory bindingswrangler auth activate <name> [dir]— bind a profile to a directory (defaults to cwd). Sub-directories will inherit this profile.wrangler auth deactivate [dir]— remove a directory bindingwrangler auth list— list all profiles and their corresponding directoriesThere is also a new global
--profileflag, which you can use to activate a profile for just that command run. Note that if you haveCLOUDFLARE_API_TOKENset, that will still take precedence over all profiles. Any account id settings (viaCLOUDFLARE_ACCOUNT_IDor wrangler config) will also still be respected.#14490
75d8cb0Thanks @petebacondarwin! - Add--strictflag towrangler versions uploadand improve pre-upload safety checkswrangler versions uploadnow runs the same pre-upload checks aswrangler deploy:The new
--strictflag (already available onwrangler deploy) causeswrangler versions uploadto abort in non-interactive/CI environments when any of these conflicts are detected, instead of auto-continuing.#14490
75d8cb0Thanks @petebacondarwin! - Add D1 migration setup tocreateTestHarness()Worker handlesTests using
createTestHarness()can now apply local D1 migrations before running requests:#14490
75d8cb0Thanks @petebacondarwin! - Add Workflow introspection tocreateTestHarness()Worker handles can now introspect Workflow bindings by name, allowing tests to disable sleeps, mock step results, and wait for Workflow outcomes. Tests can introspect a known Workflow instance by ID or track instances created after introspection starts.
#14446
e0cc2cbThanks @edmundhung! - AddbindingOverridesandgetExport()tocreateTestHarness()Test harness workers loaded from Wrangler config files can now replace a configured binding with a Worker in the same harness. This is useful for replacing platform bindings with test Workers while keeping the source Worker config production-like. You can also call
getExport()on a Worker returned byserver.getWorker(name)to access JSRPC methods on the default Worker export, including mock Workers used as override targets.#14490
75d8cb0Thanks @petebacondarwin! - Improvewrangler tailresilience and shutdown behaviourwrangler tailpreviously crashed with a raw stack trace when the keep-alive ping to the Worker timed out, and could exit with an ugly error on Ctrl-C.wrangler tailnow automatically tries to reconnect with exponential back-off (up to 5 retries).Patch Changes
#14490
75d8cb0Thanks @petebacondarwin! - Update dependencies of "miniflare", "wrangler"The following dependency versions have been updated:
#14478
f10d4adThanks @dependabot! - Update dependencies of "miniflare", "wrangler"The following dependency versions have been updated:
#14490
75d8cb0Thanks @petebacondarwin! - Improve the deploy warning shown when a Workflow name already belongs to another WorkerThe warning still notes that deploying reassigns the workflow to the current Worker, and now also explains why this happens (workflow names must be unique per account) and how to resolve it (rename the workflow in the Wrangler config).
#14490
75d8cb0Thanks @petebacondarwin! - usestreaminstead of deprecatedpipelinekey in pipelines setup config snippetThe
wrangler pipelines setupandwrangler pipelines createcommands now output the correctstreamproperty name in the configuration snippet, matching the rename frompipelinetostreamthat was applied across the rest of the codebase.#14490
75d8cb0Thanks @petebacondarwin! - Improve KV error messages to be clearer and more actionableError messages for KV namespace and key operations now consistently explain what went wrong, which flags or config fields to use, and what commands to run as alternatives. This covers namespace selection errors (delete, rename), binding resolution errors, config file issues, and preview namespace ambiguity.
#14479
d292046Thanks @dario-piotrowicz! - Improve R2 error messages to be clearer and more actionableError messages for
r2 bucket lifecycle,r2 bucket lock,r2 bucket catalog, andr2 sqlcommands now include the specific flag or argument that is missing or invalid, along with usage examples showing the correct syntax.#14490
75d8cb0Thanks @petebacondarwin! - Improvewrangler versions deployerror messages for non-interactive usageError messages in
wrangler versions deployare now clearer and more actionable, especially for non-interactive and agent-driven usage. Each error now explains what went wrong, what was expected, and how to fix it (e.g. suggesting the correct flag or command syntax).#14490
75d8cb0Thanks @petebacondarwin! - Fix the remote secrets override check during deploy targeting the wrong Worker when--nameis passedThe check that warns when a config value would override an existing remote secret was using the Worker name from the config file rather than the resolved name. If you passed
--name <other-worker>, the check ran against the config-file Worker name instead of the Worker actually being uploaded.#14490
75d8cb0Thanks @petebacondarwin! - Abort in-flight custom builds whenwrangler devexits or restarts a buildPreviously,
wrangler devmarked in-flight custom builds as stale but did not pass the abort signal to the spawned build command. This meant Ctrl-C could appear to hang while Wrangler waited for a custom build command to finish naturally. Custom build commands are now cancelled when the dev session tears down or a newer watched build supersedes them.#14490
75d8cb0Thanks @petebacondarwin! - Replace existing bindings when adding newly created resources to Wrangler configurationWhen config updates are authorized interactively or through
--update-configor--binding, Wrangler now replaces an existing resource binding with the selected name instead of adding a duplicate entry. This allows template bindings with placeholder resource IDs to be updated in both interactive and non-interactive workflows.#14490
75d8cb0Thanks @petebacondarwin! - Verify Docker is installed and running beforewrangler containers buildPreviously, running
wrangler containers buildwithout Docker installed or with the Docker daemon stopped would fail with an unhelpful spawn error. Now the command checks that Docker is reachable upfront and shows a clear, actionable error message with installation and troubleshooting steps.#14490
75d8cb0Thanks @petebacondarwin! - Addimagesas a valid--sourceforqueues subscription createThe Cloudflare Images service can emit events (e.g.
image.uploaded) to a Cloudflare Queue via the event subscriptions API, and this is supported by both the REST API and the Cloudflare Dashboard. However, the wrangler CLI was missingimagesfrom the hardcoded--sourcechoices list, causing the command to reject it with an "Invalid values" error.You can now subscribe a queue to Cloudflare Images events via the CLI:
Updated dependencies [
75d8cb0,f10d4ad,75d8cb0,75d8cb0]:Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.