chore(deps): update wrangler to v4.100.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
wrangler (source)	4.98.0 → 4.100.0

---

Release Notes

cloudflare/workers-sdk (wrangler)

v4.100.0

Compare Source

Minor Changes

• #​14119 2047a32 Thanks @​tahmid-23! - Serve local R2 bucket objects publicly via the dev server

  When running wrangler dev locally, objects in each local R2 binding are now reachable under /cdn-cgi/local/r2/public/<bucket-id>/<key> on the existing dev server, simulating a public bucket. The <bucket-id> is the bucket's bucket_name when set, otherwise its binding. Bindings configured with remote: true are not exposed.

• #​14202 e8561c2 Thanks @​jamesopstad! - Add experimental --x-new-config flag for authoring config in TypeScript

  This is an experimental, opt-in feature. When enabled, wrangler dev, wrangler build, wrangler deploy, wrangler versions upload, and wrangler versions deploy load the Worker's configuration from a cloudflare.config.ts file instead of wrangler.json / wrangler.jsonc / wrangler.toml. Additionally, an optional wrangler.config.ts file can be provided for Wrangler-specific dev/build configuration.

  • cloudflare.config.ts (required) — Worker runtime configuration (bindings, triggers, observability, placement, limits, compatibility, routes, etc.). Authored via defineWorker from wrangler/experimental-config.
  • wrangler.config.ts (optional) — Tooling / bundling / dev-server configuration (noBundle, minify, alias, define, rules, tsconfig, build, dev, assetsDirectory, etc.). Authored via defineWranglerConfig from wrangler/experimental-config.

  Per-environment configuration is via ctx.mode branching inside the function form of either file.

  Example cloudflare.config.ts:

  import { defineWorker, bindings } from "wrangler/experimental-config";
  import * as entrypoint from "./src/index.ts" with { type: "cf-worker" };
  
  export default defineWorker((ctx) => ({
  	name: "my-worker",
  	entrypoint,
  	compatibilityDate: "2026-05-18",
  	env: {
  		MY_KV: bindings.kv(),
  		MY_TEXT: bindings.text(`The mode is ${ctx.mode}`),
  	},
  }));

  Example wrangler.config.ts:

  import { defineWranglerConfig } from "wrangler/experimental-config";
  
  export default defineWranglerConfig({
    minify: true,
    assetsDirectory: "./public",
  });

  Because this is experimental, the flag, the config formats, and the wrangler/experimental-config exports may change in any release.

Patch Changes

• #​14185 98c9afe Thanks @​penalosa! - Use the shared env-credential resolver from @cloudflare/workers-auth

  No user-facing behaviour change. Credential resolution order (global API key + email → CLOUDFLARE_API_TOKEN → stored OAuth token) is preserved.

• #​14184 e305126 Thanks @​penalosa! - Add an experimental cf-wrangler delegate entrypoint for projects that can't use @cloudflare/vite-plugin (service workers, old compatibility dates, Python, Rust, etc.).

  cf-wrangler dev starts the same local dev server as wrangler dev — it sits directly on wrangler's internal dev server, so the bundling and runtime behaviour are identical — but exposes a deliberately narrow CLI surface (--mode, --port, --host, --local) for a parent CLI to delegate to, and other dev server config options are read from the wrangler config file.

  This replaces the separate @cloudflare/wrangler-bundler package. This is an internal integration point and is not intended to be run directly by users.

• #​14246 f3990b2 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260609.1	1.20260610.1

• #​14256 4597f08 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260610.1	1.20260611.1

• #​14243 25722ac Thanks @​com6056! - Fix a memory leak that could make long-running headless wrangler dev sessions unresponsive

  Long-running wrangler dev sessions with no DevTools attached (for example using the containers feature under sustained traffic) could gradually consume unbounded memory and eventually stop accepting connections. The inspector proxy now only enables network tracking while a DevTools client is connected, so the buildup no longer happens. Interactive debugging is unaffected. Fixes #​14191.

• #​14230 41f75c0 Thanks @​dario-piotrowicz! - Improve D1 error messages for missing or conflicting options

  Error messages for d1 execute, d1 export, d1 time-travel restore, and d1 insights now clearly state which option is missing or conflicting, explain why the combination is invalid, and suggest how to fix the issue.

  Additionally, duration validation errors in d1 insights are now thrown as UserError instead of plain Error, ensuring they are displayed cleanly to users rather than as unexpected crashes.

• #​14213 10b5538 Thanks @​dario-piotrowicz! - Improve authentication error messages with specific failure reasons

  When authentication fails (e.g. during wrangler dev --remote or when using remote bindings), the error message now explains exactly what went wrong -- whether no credentials were found, the token expired, or the environment is non-interactive -- and lists actionable steps to fix it, including a wrangler whoami tip.

  Previously, auth failures could produce multiple confusing errors (e.g. "Failed to fetch auth token: 400 Bad Request" followed by "Failed to start the remote proxy session"). Now a single, clear error is shown.

• #​14233 818c105 Thanks @​dario-piotrowicz! - Improve R2 Sippy error messages

  Now error messages in wrangler r2 bucket sippy follow a consistent pattern: they describe what is missing, name the exact --flag to use, and provide context (e.g. example values, links to the dashboard). Previously, many errors said only "Error: must provide --flag." with no guidance on what the flag does or how to obtain the value.

• #​14259 2ae6099 Thanks @​emily-shen! - Move worker build step earlier in deploy/upload step, before upload specific config validation

• Updated dependencies [f3990b2, 4597f08, 2047a32]:

  • miniflare@​4.20260611.0

v4.99.0

Compare Source

Minor Changes

• #​14169 0706fbf Thanks @​edmundhung! - Introduce createTestHarness() for integration testing Workers

  It runs Workers in a local preview environment using production build output and works with both Wrangler projects and Workers built by the Cloudflare Vite plugin.

  Use it from any Node.js test runner to send requests to individual Workers, trigger scheduled events, reset the server between tests, and mock outbound requests with libraries that intercept globalThis.fetch(), such as MSW.

  You can also capture structured logs from your Workers with getLogs(), or dump out a diagnostic timeline with debug() when tests fail:

  import { createTestHarness } from "wrangler";
  
  const server = createTestHarness({
    workers: [
      { configPath: "./dist/web_worker/wrangler.json" },
      { configPath: "./dist/api_worker/wrangler.json" },
    ],
  });
  
  await server.listen();
  await server.fetch("http://example.com");
  
  const apiWorker = server.getWorker("api-worker");
  await apiWorker.fetch("http://example.com/users/123");
  await apiWorker.scheduled({ cron: "0 0 * * *" });
  
  server.getLogs();
  
  if (testFailed) {
    server.debug();
  }
  
  await server.reset();
  await server.close();

• #​14174 8cf8c61 Thanks @​oliy! - Surface pipeline status and failure reasons in wrangler pipelines list and wrangler pipelines get

  wrangler pipelines list now includes a Status column, and when any pipelines are in a failed state it prints a summary of each failing pipeline along with the reason reported by the API.

  wrangler pipelines get now shows the pipeline Status in the general details and, for failed pipelines, highlights the failure with the reason returned by the server so it is clear why a pipeline is not running.

• #​14211 a61ac29 Thanks @​james-elicx! - Add --version-tag support to wrangler versions deploy to deploy a version by its tag

  You can now roll out or roll back a version by the tag it was uploaded with (e.g. a commit SHA passed to --tag at upload time) instead of first looking up its Version ID:

  wrangler versions deploy --version-tag <sha>@&#8203;100%

  The tag is resolved to a Version ID against the worker's deployable versions, and the <version-tag>@&#8203;<percentage> shorthand works just like the existing <version-id>@&#8203;<percentage> notation, including splitting traffic across multiple --version-tag values. If a tag matches no deployable version, or matches more than one, the command errors and asks you to deploy by Version ID directly. Note that tags can only be resolved against recent (deployable) versions — older versions that have aged out of that window must still be deployed by Version ID.

Patch Changes

• #​14163 23aecac Thanks @​emily-shen! - Print deploy warnings even in non-interactive contexts when strict mode is off

  Currently, wrangler deploy checks whether the incoming deploy configuration has destructive conflicts with the current configuration. Previously, we only performed this check in interactive contexts, or if the --strict flag was passed in. Now this warning is always printed, and it remains non-blocking in non-interactive contexts.

• #​14173 b932e47 Thanks @​gpanders! - Handle API validation errors from wrangler containers ssh

  Wrangler now lets the Containers API validate SSH instance IDs and preserves raw API error bodies such as INVALID_INSTANCE_ID when reporting validation failures.

• #​14192 d076bcc Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260603.1	1.20260605.1

• #​14217 24497d0 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260605.1	1.20260608.1

• #​14231 4bb572f Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260608.1	1.20260609.1

• #​14195 165adb2 Thanks @​dario-piotrowicz! - Show actionable error message when authentication fails during remote dev

  When wrangler dev with remote bindings encountered an authentication error (expired token, revoked OAuth, or invalid API token), the user saw a generic "A request to the Cloudflare API failed" message with no indication that authentication was the problem.

  Now, authentication failures during remote dev display a clear error message with actionable steps.

• #​14034 776098c Thanks @​matingathani! - Fix wrangler types --check reporting types as out of date in multi-worker setups

  Previously, running wrangler types --check -c primary/wrangler.jsonc in a multi-worker project would incorrectly report types as out of date, even when they were current. This happened because the secondary worker config paths (passed via additional -c flags during generation) were not stored in the generated types file header, so --check had no way to resolve the secondary workers' service bindings when verifying the hash.

  The fix stores secondary config paths in the generated file's header comment so that --check can recover them automatically. Users no longer need to re-pass every -c flag when running --check — only the primary config is required.

• #​14053 7993711 Thanks @​fallintoplace! - Prevent delete-only wrangler secret bulk input from creating a new Worker

  Previously, wrangler secret bulk could create a draft Worker when the input only deleted secrets and the target Worker name did not exist. Delete-only bulk secret operations now leave Worker-not-found as an error instead of creating a new Worker.

• #​14055 8923f97 Thanks @​dario-piotrowicz! - Preserve all deployment-affecting CLI flags in the interactive deploy config flow

  When running wrangler deploy without a config file and going through the interactive setup flow, CLI flags beyond --compatibility-flags (such as --routes/--route, --domains/--domain, --triggers, --var, --define, --alias, --jsx-factory, --jsx-fragment, --tsconfig, --minify, --upload-source-maps, --no-bundle, --logpush, --keep-vars, --legacy-env, and --dispatch-namespace) were silently dropped. These flags are now persisted to the generated wrangler.jsonc config file (where a config field equivalent exists) and included in the suggested CLI command when the user declines config file generation.

• #​14196 b205fb7 Thanks @​odiak! - Validate JSON stdin values for wrangler secret bulk

  JSON input piped through stdin now validates that secret values are strings or null before sending them to the API, matching the existing behavior for file input.

• Updated dependencies [d076bcc, 24497d0, 4bb572f, 48c4ff0]:

  • miniflare@​4.20260609.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	editor	8c6e61b	Commit Preview URL Branch Preview URL	Jun 13 2026, 12:55 AM