chore(deps): update dependency wrangler to v4

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
wrangler (source)	^3.74 -> ^4.0.0

---

Release Notes

cloudflare/workers-sdk (wrangler)

v4.26.0

Compare Source

Minor Changes

• #​10016 c5b291d Thanks @​emily-shen! - Interactively handle wrangler deploys that are probably assets-only, where there is no config file and flags are incorrect or missing.

  For example:

  npx wrangler deploy ./public will now ask if you meant to deploy a folder of assets only, ask for a name, set the compat date and then ask whether to write your choices out to wrangler.json for subsequent deployments.

  npx wrangler deploy --assets=./public will now ask for a name, set the compat date and then ask whether to write your choices out to wrangler.json for subsequent deployments.

  In non-interactive contexts, Wrangler will error as it currently does.

• #​9971 19794bf Thanks @​edmundhung! - Improved script source display on the pretty error screen

Patch Changes

• #​9800 3d4f946 Thanks @​helloimalastair! - remove banner from r2 getobject in pipe mode

• #​9910 7245101 Thanks @​dario-piotrowicz! - make sure that the ready-on message is printed after the appropriate runtime controller is ready

  fix the fact that when starting a local (or remote) dev session the log saying Ready on http://localhost:xxxx could be displayed before the runtime is actually ready to handle requests (this is quite noticeable when locally running dev sessions with containers, where the ready message currently gets displayed before the container images building/pulling process)

• #​10031 823cba8 Thanks @​vicb! - wrangler and vite-plugin now depend upon the latest version of unenv-preset

• #​10032 154acf7 Thanks @​dario-piotrowicz! - add support for containers in wrangler multiworker dev

  currently when running wrangler dev with different workers (meaning that the -c|--config flag is used multiple times) containers are not being included, meaning that trying to interact with them at runtime would not work and cause errors instead. The changes here address the above making wrangler correctly detect and wire up the containers.

• #​9988 7fb0bfd Thanks @​penalosa! - Correctly label mtls remote bindings warning

• Updated dependencies [823cba8, 19794bf, 059a39e]:

  • @​cloudflare/unenv-preset@​2.4.1
  • [email protected]

v4.25.1

Compare Source

Patch Changes

• #​10000 c02b067 Thanks @​emily-shen! - Include more (sanitised) user errors in telemetry.

  We manually vet and sanitised error messages before including them in our telemetry collection - this PR just includes a couple more.

• #​9996 b0217f9 Thanks @​nikitassharma! - Disallow users from pushing images with unsupported platforms to the container image registry

• #​10009 e87198a Thanks @​gpanders! - Fix containers diff output when using JSONC config files

• #​9976 ad02ad3 Thanks @​dario-piotrowicz! - add warning for when users run wrangler dev --remote with (enabled) containers

• #​9819 0c4008c Thanks @​CarmenPopoviciu! - feat(vite-plugin): Add containers support in vite dev

  Adds support for Cloudflare Containers in vite dev. Please note that at the time of this PR a container image can only specify the path to a Dockerfile. Support for registry links will be added in a later version, as will containers support in vite preview.

• Updated dependencies [189fe23, 7e5585d]:

  • @​cloudflare/unenv-preset@​2.4.0
  • [email protected]

v4.25.0

Compare Source

Minor Changes

• #​9835 9f0c175 Thanks @​thomasgauvin! - Added rename namespace command to Workers KV

Patch Changes

• #​9934 6cc24c0 Thanks @​emily-shen! - Add more thorough validation to containers configuration

v4.24.4

Compare Source

Patch Changes

• #​9905 4ba9f25 Thanks @​dom96! - Support for Python packages in python_modules dir

• #​9886 17b1e5a Thanks @​dom96! - Python packages are now read from cf-requirements.txt instead of requirements.txt by default

• #​9899 d6a1b9b Thanks @​simonabadoiu! - Print local mode when running a browser binding in local mode

• #​9951 e2672c5 Thanks @​penalosa! - Recommend remote bindings when wrangler dev --remote is used

• #​9875 a5d7b35 Thanks @​gpanders! - Show expected format in error message for "containers images delete"

• #​9954 bf4c9ab Thanks @​penalosa! - Support Images binding in getPlatformProxy()

• #​9847 14ce577 Thanks @​penalosa! - Upgrade Undici

• #​9974 f73da0d Thanks @​penalosa! - Pass worker name & compliance region through correctly when starting a remote bindings session

• Updated dependencies [ac08e68, 3bb69fa, 274a826, 77d1cb2, 5b0fc9e, bf4c9ab, 14ce577]:

  • [email protected]

v4.24.3

Compare Source

Patch Changes

• #​9923 c01c4ee Thanks @​gpanders! - Fix image name resolution when modifying a container application

• #​9833 3743896 Thanks @​dario-piotrowicz! - fix: ensure that container builds don't disrupt dev hotkey handling

  currently container builds run during local development (via wrangler dev or startWorker) prevent the standard hotkeys not to be recognized (most noticeably ctrl+c, preventing developers from existing the process), the changes here ensure that hotkeys are instead correctly handled as expected

• Updated dependencies []:

  • [email protected]

v4.24.2

Compare Source

Patch Changes

• #​9917 80cc834 Thanks @​edmundhung! - fix: assets only versions upload should include tag and message

v4.24.1

Compare Source

Patch Changes

• #​9765 05adc61 Thanks @​hasip-timurtas! - Build container images without the user's account ID. This allows containers to be built and verified in dry run mode (where we do not necessarily have the user's account info).

  When we push the image to the managed registry, we first re-tag the image to include the user's account ID so that the image has the full resolved image name.

• Updated dependencies [bb09e50, 25dbe54, 3bdec6b]:

  • [email protected]

v4.24.0

Compare Source

Minor Changes

• #​9796 ba69586 Thanks @​simonabadoiu! - Browser Rendering local mode

• #​9825 49c85c5 Thanks @​ReppCodes! - Add support for origin_connection_limit to Wrangler

  Configure connection limits to Hyperdrive via command line options:

  • --origin-connection-limit: The (soft) maximum number of connections that Hyperdrive may establish to the origin database.

• #​9064 a1181bf Thanks @​sdnts! - Added an event-subscriptions subcommand

Patch Changes

• #​9729 1b3a2b7 Thanks @​404Wolf! - Set docker build context to the Dockerfile directory when image_build_context is not explicitly provided

• #​9845 dbfa4ef Thanks @​jonboulle! - remove extraneous double spaces from Wrangler help output

• #​9811 fc29c31 Thanks @​gpanders! - Fix unauthorized errors on "containers images delete".

• #​9813 45497ab Thanks @​gpanders! - Support container image names without account ID

• #​9821 a447d67 Thanks @​WillTaylorDev! - Preview Aliases: Force alias generation to meet stricter naming requirements.

  For cases where CI is requesting Wrangler to generate the alias based on the branch name, we want a stricter check around the generated alias name in order to avoid version upload failures. If a valid alias name was not able to be generated, we warn and do not provide an alias (avoiding a version upload failure).

• #​9840 7c55f9e Thanks @​dario-piotrowicz! - fix: make sure that the experimental remoteBindings flag is properly handled in getPlatformProxy

  There are two issues related to how the experimental remoteBindings flag is handled in getPlatformProxy that are being fixed by this change:

  • the experimental_remote configuration flag set on service bindings is incorrectly always taken into account, even if remoteBindings is set to false
  • the experimental_remote configuration flag of all the other bindings is never taken into account (effectively preventing the bindings to be used in remote mode) since the remoteBindings flag is not being properly propagated

• #​9801 0bb619a Thanks @​IRCody! - Containers: Fix issue where setting an image URI instead of dockerfile would incorrectly not update the image

• #​9872 a727db3 Thanks @​emily-shen! - fix: resolve Dockerfile path relative to the Wrangler config path

  This fixes a bug where Wrangler would not be able to find a Dockerfile if a Wrangler config path had been specified with the --config flag.

• #​9815 1358034 Thanks @​gpanders! - Remove --json flag from containers and cloudchamber commands (except for "images list")

• #​9734 1a58bc3 Thanks @​penalosa! - Make Wrangler warn more loudly if you're missing auth scopes

• #​9748 7e3aa1b Thanks @​alsuren! - Internal-only WRANGLER_D1_EXTRA_LOCATION_CHOICES environment variable for enabling D1's testing location hints

• Updated dependencies [ba69586, 1a75f85, 395f36d, 6f344bf]:

  • [email protected]

v4.23.0

Compare Source

Minor Changes

• #​9535 56dc5c4 Thanks @​penalosa! - In 2023 we announced breakpoint debugging support for Workers, which meant that you could easily debug your Worker code in Wrangler's built-in devtools (accessible via the [d] hotkey) as well as multiple other devtools clients, including VSCode. For most developers, breakpoint debugging via VSCode is the most natural flow, but until now it's required manually configuring a launch.json file, running wrangler dev, and connecting via VSCode's built-in debugger.

  Now, using VSCode's built-in JavaScript Debug Terminals, there are just two steps: open a JS debug terminal and run wrangler dev (or vite dev). VSCode will automatically connect to your running Worker (even if you're running multiple Workers at once!) and start a debugging session.

• #​9810 8acaf43 Thanks @​WillTaylorDev! - WC-3626 Pull branch name from WORKERS_CI_BRANCH if exists.

Patch Changes

• #​9775 4309bb3 Thanks @​vicb! - Cap the number of errors and warnings for bulk KV put to avoid consuming too much memory

• #​9799 d11288a Thanks @​penalosa! - Better messaging for account owned tokens in wrangler whoami

• Updated dependencies [56dc5c4]:

  • [email protected]

v4.22.0

Compare Source

Minor Changes

• #​7871 f2a8d4a Thanks @​dario-piotrowicz! - add support for assets bindings to getPlatformProxy

  this change makes sure that that getPlatformProxy, when the input configuration
  file contains an assets field, correctly returns the appropriate asset binding proxy

  example:

  // wrangler.jsonc
  {
  	"name": "my-worker",
  	"assets": {
  		"directory": "./public/",
  		"binding": "ASSETS",
  	},
  }

  import { getPlatformProxy } from "wrangler";
  
  const { env, dispose } = await getPlatformProxy();
  
  const text = await (await env.ASSETS.fetch("http://0.0.0.0/file.txt")).text();
  console.log(text); // logs the content of file.txt
  
  await dispose();

Patch Changes

• #​9717 d2f2f72 Thanks @​nikitassharma! - Containers should default to a "dev" instance type when no instance type is specified in the wrangler config

• #​9620 1b967ea Thanks @​gpanders! - Simplify containers images list output format

• #​9684 94a340e Thanks @​WillTaylorDev! - Select only successfully deployed deployments when tailing.

v4.21.2

Compare Source

Patch Changes

• #​9731 75b75f3 Thanks @​gabivlj! - containers: Check for container scopes before running a container command to give a better error

• #​9641 fdbc9f6 Thanks @​IRCody! - Update container builds to use a more robust method for detecting if the currently built image already exists.

• #​9736 55c83a7 Thanks @​gabivlj! - containers: Do not check scopes if not defined

• #​9667 406fba5 Thanks @​IRCody! - Fail earlier in the deploy process when deploying a container worker if docker is not detected.

v4.21.1

Compare Source

Patch Changes

• #​9626 9c938c2 Thanks @​penalosa! - Support wrangler version upload for Python Workers

• #​9718 fb83341 Thanks @​mhart! - fix error message when docker daemon is not running

• #​9689 b137a6f Thanks @​emily-shen! - fix: correctly pass container engine config to miniflare

• #​9722 29e911a Thanks @​emily-shen! - Update containers config schema.

  Deprecates containers.configuration in favour of top level fields. Makes top level image required. Deprecates instances and durable_objects. Makes name optional.

• #​9666 f3c5791 Thanks @​IRCody! - Add a reasonable default name for containers that have no defined name.

• Updated dependencies [b137a6f]:

  • [email protected]

v4.21.0

Compare Source

Minor Changes

• #​9692 273952f Thanks @​dom96! - Condenses Python vendored modules in output table

• #​9654 2a5988c Thanks @​dom96! - Python Workers now automatically bundle .so files from vendored packages

Patch Changes

• #​9695 0e64c35 Thanks @​emily-shen! - Move hotkey registration later in dev start up

  This should have no functional change, but allows us to conditionally render hotkeys based on config.

• #​9098 ef20754 Thanks @​jseba! - Migrate Workers Containers commands to Containers API Endpoints

  The Workers Containers API was built on top of Cloudchamber, but has now been moved to its own API
  with a reduced scoping and new token.

• #​9712 2a4c467 Thanks @​emily-shen! - Make wrangler container commands print open-beta status

v4.20.5

Compare Source

Patch Changes

• #​9688 086e29d Thanks @​dario-piotrowicz! - add remote bindings support to getPlatformProxy

  Example:

  // wrangler.jsonc
  {
  	"name": "get-platform-proxy-test",
  	"services": [
  		{
  			"binding": "MY_WORKER",
  			"service": "my-worker",
  			"experimental_remote": true
  		}
  	]
  }

  // index.mjs
  import { getPlatformProxy } from "wrangler";
  
  const { env } = await getPlatformProxy({
  	experimental: {
  		remoteBindings: true,
  	},
  });
  
  // env.MY_WORKER.fetch() fetches from the remote my-worker service

• #​9558 d5edf52 Thanks @​ichernetsky-cf! - wrangler containers apply uses observability configuration.

• #​9678 24b2c66 Thanks @​dario-piotrowicz! - remove warnings during config validations on experimental_remote fields

  wrangler commands, run without the --x-remote-bindings flag, parsing config files containing experimental_remote fields currently show warnings stating that the field is not recognized. This is usually more cumbersome than helpful so here we're loosening up this validation and making wrangler always recognize the field even when no --x-remote-bindings flag is provided

• #​9633 3f478af Thanks @​nikitassharma! - Add support for setting an instance type for containers in wrangler. This allows users to configure memory, disk, and vCPU by setting instance type when interacting with containers.

• #​9596 5162c51 Thanks @​CarmenPopoviciu! - add ability to pull images for containers local dev

• Updated dependencies [bfb791e, 5162c51]:

  • [email protected]

v4.20.4

Compare Source

Patch Changes

• #​9673 ffa742f Thanks @​dario-piotrowicz! - fix: ensure that wrangler deploy and version upload don't override the remote-bindings flag

• #​9653 8a60fe7 Thanks @​penalosa! - Rename WRANGLER_CONTAINERS_DOCKER_PATH to WRANGLER_DOCKER_BIN

• #​9664 c489a44 Thanks @​IRCody! - Remove cloudchamber/container apply confirmation dialog when run non-interactively.

• #​9653 8a60fe7 Thanks @​penalosa! - Add a warning banner to wrangler cloudchamber and wrangler containers commands

• #​9605 17d23d8 Thanks @​emily-shen! - Add rebuild hotkey for containers local dev, and clean up containers at the end of a dev session.

• Updated dependencies [17d23d8]:

  • [email protected]

v4.20.3

Compare Source

Patch Changes

• #​9621 08be3ed Thanks @​gabivlj! - wrangler containers: 'default' scheduling policy should be the default

• #​9586 d1d34fe Thanks @​penalosa! - Remove the Mixed Mode naming in favour of "remote bindings"/"remote proxy"

• Updated dependencies [d1d34fe]:

  • [email protected]

v4.20.2

Compare Source

Patch Changes

• #​9565 b1c9139 Thanks @​IRCody! - Ensure that a container applications image configuration is not updated if there were not changes to the image.

• #​9628 92f12f4 Thanks @​gpanders! - Remove "Cloudchamber" from user facing error messages

• #​9576 2671e77 Thanks @​vicb! - Add core local dev functionality for containers.
  Adds a new WRANGLER_DOCKER_HOST env var to customise what socket to connect to.

• Updated dependencies [828b7df, 2671e77]:

  • [email protected]

v4.20.1

Compare Source

Patch Changes

• #​9536 3b61c41 Thanks @​dario-piotrowicz! - expose Unstable_Binding type

• #​9564 1d3293f Thanks @​skepticfx! - Switch container registry to registry.cloudflare.com from registry.cloudchamber.cfdata.org.
  Also adds the env var CLOUDFLARE_CONTAINER_REGISTRY to override this

• #​9520 04f9164 Thanks @​vicb! - fix the default value for keep_names (true)

• #​9506 36113c2 Thanks @​penalosa! - Strip the CF-Connecting-IP header from outgoing fetches

• #​9592 49f5ac7 Thanks @​petebacondarwin! - Point to the right location for docs on telemetry

• #​9593 cf33417 Thanks @​vicb! - drop unused WRANGLER_UNENV_RESOLVE_PATHS env var

• #​9566 521eeb9 Thanks @​vicb! - Bump @cloudflare/unenv-preset to 2.3.3

• #​9344 02e2c1e Thanks @​dario-piotrowicz! - add warning about env not specified to potentially risky wrangler commands

  add a warning suggesting users to specify their target environment (via -e or --env)
  when their wrangler config file contains some environments and they are calling one
  of the following commands:

  • wrangler deploy
  • wrangler versions upload
  • wrangler versions deploy
  • wrangler versions secret bulk
  • wrangler versions secret put
  • wrangler versions secret delete
  • wrangler secret bulk
  • wrangler secret put
  • wrangler secret delete
  • wrangler triggers deploy

  this is a measure we're putting in place to try to prevent developers from accidentally applying
  changes to an incorrect (potentially even production) environment

• #​9344 02e2c1e Thanks @​dario-piotrowicz! - allow passing an empty string to the -e|--env flag to target the top-level environment

• #​9536 3b61c41 Thanks @​dario-piotrowicz! - performance improvement: restart a mixed mode session only if the worker's remote bindings have changed

• #​9550 c117904 Thanks @​dario-piotrowicz! - allow startWorker to accept false as an inspector option (to disable the inspector server)

• #​9473 fae8c02 Thanks @​dario-piotrowicz! - expose new experimental_maybeStartOrUpdateMixedModeSession utility

• Updated dependencies [bd528d5, 2177fb4, 36113c2, e16fcc7]:

  • [email protected]

v4.20.0

Compare Source

Minor Changes

• #​9509 0b2ba45 Thanks @​emily-shen! - feat: add static routing options via 'run_worker_first' to Wrangler

  Implements the proposal noted here https://github.com/cloudflare/workers-sdk/discussions/9143.

  This is now usable in wrangler dev and in production - just specify the routes that should hit the worker first with run_worker_first in your Wrangler config. You can also omit certain paths with ! negative rules.

Patch Changes

• #​9507 1914b87 Thanks @​dario-piotrowicz! - slightly improve wrangler dev bindings loggings

  improve the bindings loggings by:

  • removing the unnecessary (and potentially incorrect) [connected] suffix for remote bindings
  • making sure that the modes presented in the bindings logs are correctly aligned

• #​9475 931f467 Thanks @​edmundhung! - add hello world binding that serves as as an explanatory example.

• #​9443 95eb47d Thanks @​dario-piotrowicz! - add workerName option to startMixedModeSession API

• #​9541 80b8bd9 Thanks @​dario-piotrowicz! - make workers created with startWorker await the ready promise on dispose

• #​9443 95eb47d Thanks @​dario-piotrowicz! - add mixed-mode support for mtls bindings

• #​9515 9e4cd16 Thanks @​dario-piotrowicz! - make sure that remote binding errors are surfaced when using mixed (hybrid) mode

• #​9516 92305af Thanks @​IRCody! - Reorder deploy output when deploying a container worker so the worker url is printed last and the worker triggers aren't deployed until the container has been built and deployed successfully.

• Updated dependencies [931f467, 95eb47d, 0b2ba45]:

  • [email protected]
  • @​cloudflare/unenv-preset@​2.3.3

v4.19.2

Compare Source

Patch Changes

• #​9461 66edd2f Thanks @​skepticfx! - Enforce disk limits on container builds

• #​9481 d1a1787 Thanks @​WillTaylorDev! - Force autogenerated aliases to be fully lowercased.

• #​9480 1f84092 Thanks @​dario-piotrowicz! - add experimentalMixedMode dev option to unstable_startWorker

  add an new experimentalMixedMode dev option to unstable_startWorker
  that allows developers to programmatically start a new mixed mode
  session using startWorker.

  Example usage:

  // index.mjs
  import { unstable_startWorker } from "wrangler";
  
  await unstable_startWorker({
  	dev: {
  		experimentalMixedMode: true,
  	},
  });

  // wrangler.jsonc
  {
  	"$schema": "node_modules/wrangler/config-schema.json",
  	"name": "programmatic-start-worker-example",
  	"main": "src/index.ts",
  	"compatibility_date": "2025-06-01",
  	"services": [
  		{ "binding": "REMOTE_WORKER", "service": "remote-worker", "remote": true }
  	]
  }

• Updated dependencies [4ab5a40, 485cd08, e3b3ef5, 3261957]:

  • [email protected]
  • @​cloudflare/unenv-preset@​2.3.3

v4.19.1

Compare Source

Patch Changes

• #​9456 db2cdc6 Thanks @​WillTaylorDev! - Fix bug causing preview alias to always be generated.

v4.19.0

Compare Source

Minor Changes

• #​9401 03b8c1c Thanks @​WillTaylorDev! - Provide ability for Wrangler to upload preview aliases during version upload.

Patch Changes

• #​9390 80e75f4 Thanks @​penalosa! - Support additional Mixed Mode resources in Wrangler:

  • AI
  • Browser
  • Images
  • Vectorize
  • Dispatch Namespaces

• #​9395 b3be057 Thanks @​Maximo-Guk! - Add WRANGLER_CI_OVERRIDE_NETWORK_MODE_HOST for Workers CI

• #​9410 87f3843 Thanks @​dario-piotrowicz! - enable consumers of unstable_readConfig to silence remote warnings

• Updated dependencies [8c7ce77, 80e75f4, 80e75f4, fac2f9d, 92719a5]:

  • [email protected]

v4.18.0

Compare Source

Minor Changes

• #​9393 34b6174 Thanks @​jamesopstad! - Hard fail on Node.js < 20. Wrangler no longer supports Node.js 18.x as it reached end-of-life on 2025-04-30. See https://github.com/nodejs/release?tab=readme-ov-file#end-of-life-releases.

Patch Changes

• #​9308 d3a6eb3 Thanks @​dario-piotrowicz! - expose new utilities and types to aid consumers of the programmatic mixed-mode API

  Specifically the exports have been added:

  • Experimental_MixedModeSession: type representing a mixed-mode session
  • Experimental_ConfigBindingsOptions: type representing config-bindings
  • experimental_pickRemoteBindings: utility for picking only the remote bindings from a record of start-worker bindings.
  • unstable_convertConfigBindingsToStartWorkerBindings: utility for converting config-bindings into start-worker bindings (that can be passed to startMixedModeSession)

• #​9347 b8f058c Thanks @​penalosa! - Improve binding display on narrower terminals

• Updated dependencies [d9d937a, e39a45f, fdae3f7]:

  • [email protected]

v4.17.0

Compare Source

Minor Changes

• #​9321 6c03bde Thanks @​petebacondarwin! - Add support for FedRAMP High compliance region

  Now it is possible to target Wrangler at the FedRAMP High compliance region.
  There are two ways to signal to Wrangler to run in this mode:

  • set "compliance_region": "fedramp_high" in a Wrangler configuration
  • set CLOUDFLARE_COMPLIANCE_REGION=fedramp_high environment variable when running Wrangler

  If both are provided and the values do not match then Wrangler will exit

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Package Changes Through 79919fb

No changes.

Add a change file through the GitHub UI by following this link.

---

Read about change files or the docs at github.com/jbolda/covector

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​wrangler@​3.95.0 ⏵ 4.26.0	+1		+1

View full report