Update dependency wrangler to v4.96.0 (main)

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
wrangler (source)	4.59.1 → 4.96.0

---

Release Notes

cloudflare/workers-sdk (wrangler)

v4.96.0

Compare Source

Minor Changes

• #​14087 e3c862a Thanks @​edmundhung! - Add support for the new web_search binding kind.

  Cloudflare Web Search is a managed, zero-setup web discovery primitive for agents and Workers. Declare the binding as a single object in wrangler.jsonc:

  {
    "web_search": { "binding": "WEBSEARCH" }
  }

  There is exactly one shared web corpus, so there is no namespace, instance, or other field to specify -- only the variable name. The binding exposes a single search() method that returns URLs and catalog metadata for a query. Web Search is discovery-only -- to read a result's content the caller invokes the global fetch() API against the result's url.

  The binding is always remote in local development: Miniflare proxies to the production Web Search service via the remote-bindings transport. Adds the websearch.run OAuth scope to wrangler login.

  Also adds a wrangler websearch search command for running ad-hoc queries from the CLI:

  npx wrangler websearch search "cloudflare workers"
  npx wrangler websearch search "cloudflare workers" --limit 5
  npx wrangler websearch search "cloudflare workers" --json

  --limit is optional (defaults to 10, capped at 20). --json prints the raw response; without it the results render as a pretty table.

• #​13610 cbb39bd Thanks @​petebacondarwin! - Add support for agent_memory bindings

  Agent Memory bindings allow Workers to connect to Cloudflare's Agent Memory service for storing and retrieving agent conversation state. This binding is remote-only, meaning it always connects to the Cloudflare API during wrangler dev rather than using a local simulation.

  To configure an agent_memory binding, add the following to your wrangler.json:

  {
    "agent_memory": [
      {
        "binding": "MY_MEMORY",
        "namespace": "my-namespace"
      }
    ]
  }

  Wrangler will automatically provision the namespace during deployment if it does not already exist. Type generation via wrangler types is also supported.

  This change also adds the agent-memory:write OAuth scope to Wrangler's default login scopes, so wrangler login can request the permissions needed to provision and manage Agent Memory namespaces.

• #​13610 cbb39bd Thanks @​petebacondarwin! - Add wrangler agent-memory namespace commands

  The following commands have been added for managing Agent Memory namespaces:

  wrangler agent-memory namespace create <namespace>
  wrangler agent-memory namespace list [--json]
  wrangler agent-memory namespace get <namespace_name> [--json]
  wrangler agent-memory namespace delete <namespace_name> [--force]

• #​14087 e3c862a Thanks @​edmundhung! - Add confirmation prompt to wrangler containers images delete

  Previously, running wrangler containers images delete IMAGE:TAG would delete the image immediately with no confirmation. The command now prompts for confirmation before deleting. Use -y or --skip-confirmation to bypass the prompt in non-interactive or scripted environments.

• #​14087 e3c862a Thanks @​edmundhung! - Rename pipeline field to stream in pipeline bindings configuration

  The pipeline field inside pipelines bindings has been renamed to stream to align with the updated API wire format. The old pipeline field is still accepted but deprecated and will emit a warning.

  Before:

  // wrangler.json
  {
    "pipelines": [
      {
        "binding": "MY_PIPELINE",
        "pipeline": "my-stream-name"
      }
    ]
  }

  After:

  // wrangler.json
  {
    "pipelines": [
      {
        "binding": "MY_PIPELINE",
        "stream": "my-stream-name"
      }
    ]
  }

• #​14087 e3c862a Thanks @​edmundhung! - Allow pipeline, stream, and sink commands to resolve resources by name with pagination-aware lookups.

• #​14087 e3c862a Thanks @​edmundhung! - Support deleting secrets via wrangler secret bulk

  You can now delete secrets in bulk by setting their value to null in the JSON input file:

  { "SECRET_TO_DELETE": null, "SECRET_TO_UPDATE": "new-value" }

• #​14091 4c0da7b Thanks @​gpanders! - Add ProxyCommand support for wrangler containers ssh

  wrangler containers ssh now automatically switches to a stdio proxy when invoked by OpenSSH's ProxyCommand, and --stdio can force this mode. This lets users connect with ssh <instance_id> when their SSH config uses Wrangler as the proxy command.

• #​13892 13cbadb Thanks @​penalosa! - Remove the deprecated experimental.testMode option from unstable_dev

  experimental.testMode previously only affected the default logLevel (warn when testMode: true, log otherwise) and has been flagged for removal in its type-definition comment since it landed. It is now removed, and unstable_dev's default log level matches wrangler dev's (log).

  Callers that explicitly passed testMode: true to get quieter logs should now set logLevel: "warn" directly.

Patch Changes

• #​14016 408432a Thanks @​petebacondarwin! - report all failing triggers from a single deploy

  wrangler deploy deploys several kinds of trigger in parallel (routes, custom domains, schedules, queue producers/consumers, workflows). Previously, if one of those API calls failed, the first rejection short-circuited the rest, no other deployments were reported, and (in the case of custom-domain confirmation conflicts) some failures were silently logged to stdout without the deploy actually failing.

  wrangler deploy now waits for every trigger deployment to settle, prints every successfully-deployed target (so you still see what landed), and then throws a single error listing every trigger that failed.

  Note that this also turns the previously-silent "user declined to override a conflicting Custom Domain" case into a hard failure of wrangler deploy, which matches what was always implied by the message ("Publishing to Custom Domain ... was skipped, fix conflict and try again").

• #​14125 1103c07 Thanks @​dario-piotrowicz! - Bump rosie-skills from 0.7.6 to 0.8.1 and bundle it into the Wrangler output

  The new version of rosie-skills is a pure-TypeScript rewrite that removes the previously necessary ~600kb WASM binary. The package now ships only JavaScript with one minimal dependencies (modern-tar).

  Additionally, rosie-skills is now bundled directly into Wrangler's distributable rather than kept as an external runtime dependency. This eliminates the supply chain concern raised in #​14110: there is no separate package to resolve at install time, since all code is inlined into Wrangler's build output.

• #​14135 5b5cbd3 Thanks @​Refaerds! - Update the generated type for browser bindings to BrowserRun

  When running wrangler types, browser bindings were previously typed as the generic Fetcher. They now generate the more specific and accurate BrowserRun type.

• #​14087 e3c862a Thanks @​edmundhung! - Bump rosie-skills package from 0.6.3 to 0.7.6

• #​14087 e3c862a Thanks @​edmundhung! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260526.1	1.20260527.1

• #​14076 97d7d81 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260527.1	1.20260528.1

• #​14100 c647ccc Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260528.1	1.20260529.1

• #​14087 e3c862a Thanks @​edmundhung! - Disable Sentry error reporting by default

  WRANGLER_SEND_ERROR_REPORTS now defaults to false instead of prompting on every error. The current prompt produces too many false-positive reports. Users can still opt in explicitly by setting WRANGLER_SEND_ERROR_REPORTS=true.

• #​14087 e3c862a Thanks @​edmundhung! - Fix wrangler setup failing for Vite projects without a config file

  wrangler setup (and wrangler deploy --experimental-autoconfig) crashed with "Could not find Vite config file to modify" for Vite projects that don't have a vite.config.js or vite.config.ts. This affected 6 of the 16 create-vite templates: vanilla, vanilla-ts, react-swc, react-swc-ts, lit, and lit-ts.

  Autoconfig now creates a minimal Vite config with the Cloudflare plugin when no config file exists, instead of failing. The file extension (.ts or .js) is chosen based on whether the project has a tsconfig.json.

• #​14087 e3c862a Thanks @​edmundhung! - Show helpful message with URL when browser cannot be opened in headless/container environments

  Previously, running wrangler login (or any command that opens a browser) in headless Linux environments without xdg-open installed would crash with a confusing "A file or directory could not be found — Missing file or directory: xdg-open" error.

  Now wrangler catches the error and prints a clear warning with the URL so users can copy-paste it into a browser manually.

• #​14087 e3c862a Thanks @​edmundhung! - wrangler secrets-store secret create and secret update now reject secret values larger than 64 KiB (65,536 bytes) with a clear error before calling the Cloudflare API. Previously the CLI accepted them, the secret appeared in secret list, and the failure surfaced later (and confusingly) at worker deploy time as a "secret doesn't exist" error against the binding. 64 KiB is the cap enforced by the API; the CLI now enforces it at the same boundary.

• #​14059 b64b7e4 Thanks @​matingathani! - Fix wrangler kv bulk get printing "Success!" to stdout, which corrupted JSON output when piped to tools like jq

• #​14002 e4c8fd9 Thanks @​danyalahmed1995! - Show a clear error for invalid API token header characters

  Wrangler now detects API tokens containing characters that cannot be sent in the HTTP Authorization header before making an API request. This avoids a low-level ByteString conversion error and helps users recreate or recopy the token without printing the token value.

• #​14132 2dffeeb Thanks @​dario-piotrowicz! - Adapt React Router autoconfig based on v8_middleware future flag

  The React Router autoconfig (wrangler setup) now detects whether v8_middleware: true is set in the user's react-router.config.ts. When it is, the generated workers/app.ts uses a simplified fetch handler without AppLoadContext module augmentation, and the generated app/entry.server.tsx omits the _loadContext parameter. When v8_middleware is not set, the existing AppLoadContext pattern with env/ctx params is preserved.

  This avoids breaking projects that use the v8_middleware future flag (which changes the context API from AppLoadContext to RouterContextProvider), while keeping the traditional pattern for projects that haven't opted in.

• #​14133 59e43e4 Thanks @​matingathani! - Fix wrangler whoami printing a trailing period after the api-tokens URL

  The message To see token permissions visit https://...api-tokens. ended with
  a period that became part of the URL when clicked in terminals or GitHub Actions
  output, causing a 404. The period is removed and a comma added before "visit"
  so the sentence reads naturally without a trailing period on the URL.

• Updated dependencies [e3c862a, cbb39bd, 7bb5c7a, e3c862a, 97d7d81, c647ccc, e3c862a, e3c862a, 972d13d]:

  • miniflare@​4.20260529.0

v4.95.0

Compare Source

Minor Changes

• #​14009 ca5b604 Thanks @​dario-piotrowicz! - Add telemetry for detecting whether AI coding agents have Cloudflare skills installed

  Wrangler now includes a currentAgentSkillsInstalled property in telemetry events that reports whether the current AI coding agent has Cloudflare skills present on disk. The value distinguishes between skills installed automatically by Wrangler ("automatic"), skills installed manually by the user ("manual"), no skills present (false), or no supported agent detected (null). Skill names are fetched from the GitHub Contents API with a 24-hour disk cache to avoid rate limits.

• #​14014 d042705 Thanks @​emily-shen! - Add --x-deploy-helpers to gate an upcoming deploy path refactor.

Patch Changes

• #​14003 c1fd2fd Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260521.1	1.20260526.1

• #​13728 49c1a59 Thanks @​penalosa! - Reject remote: false on always-remote bindings (AI, AI Search, Media, Artifacts, Flagship, VPC Service, VPC Network)

  These binding types have no local simulator and the resource is fundamentally remote-only. Setting remote: false was previously silently accepted but produced a non-functional binding. wrangler dev now fails with a clear error directing users to either remove the remote field or set it to true.

• #​14039 fee1ce4 Thanks @​dario-piotrowicz! - Preserve --compatibility-flags in the interactive deploy config flow

  When running wrangler deploy without a config file and going through the interactive setup flow, any --compatibility-flags passed on the command line (e.g. --compatibility-flags=nodejs_compat) were lost in two places:

  1. The generated wrangler.jsonc file did not include compatibility_flags.
  2. The suggested CLI command shown when declining the config file write did not include --compatibility-flags.

  Both are now fixed. Compatibility flags are persisted to the generated config and included in the suggested command.

• #​14010 b3962ff Thanks @​dario-piotrowicz! - Improve error messages for Pages CLI commands

  Error messages across wrangler pages subcommands (deploy, dev, secret, project, etc.) now provide clearer descriptions and actionable guidance. For example, instead of "Must specify a project name.", you'll now see "Missing Pages project name. Use --project-name or set the name in your wrangler.jsonc configuration file."

• #​14011 420e457 Thanks @​petebacondarwin! - Warn when a remote-bindings request is blocked by Cloudflare Access

  When wrangler dev is used with remote bindings and a request from the local remote-bindings proxy client to the remote workers.dev proxy server is blocked by Cloudflare Access (HTTP 403 with the Cloudflare Access block page), Wrangler now:

  • Logs a single, visually striking warning per dev session explaining how to set CLOUDFLARE_ACCESS_CLIENT_ID / CLOUDFLARE_ACCESS_CLIENT_SECRET (Service Token credentials) or run cloudflared access login to authenticate.
  • Replaces the original Access HTML block page with a readable plain-text body containing the same guidance, so the message also reaches the user via binding error messages (e.g. InferenceUpstreamError from env.AI.run()) and any browser response piped back via a service binding .fetch().

  Previously the 403 was returned to user code with the full Access HTML, which both drowned out other logs and made it hard to tell that the failure was due to Cloudflare Access on workers.dev rather than a problem in the binding itself or the deployed proxy server. The detection runs inside the proxy client worker (which only ever talks to the remote-bindings proxy URL), so it does not trigger false positives on user-worker 403s.

• #​14044 8b1467e Thanks @​pombosilva! - Rename Workflow binding schedule property to schedules

  The schedule property on Workflow bindings introduced in #​13467 has been renamed to schedules to match the control plane API.

  Note: This remains a configuration-only change. Scheduled triggering of Workflow instances is not yet available — adding schedules to a Workflow binding will not result in scheduled invocations at this time.

• Updated dependencies [c1fd2fd, 420e457]:

  • miniflare@​4.20260526.0

v4.94.0

Compare Source

Minor Changes

• #​13897 52e9082 Thanks @​dario-piotrowicz! - Add automatic Cloudflare skills installation for AI coding agents

  Wrangler now detects AI coding agents and offers to install Cloudflare skill files from the cloudflare/skills GitHub repository. Users are prompted once interactively; subsequent runs skip the prompt. Use --install-skills to install without prompting.

• #​13989 f598eac Thanks @​MattieTK! - Print a QR code alongside the tunnel URL when sharing via Cloudflare Tunnel

  When a tunnel is started (via wrangler dev --tunnel or the Vite plugin with tunnel: true), a scannable QR code is now printed to the terminal beneath the tunnel URL. This makes it easy to open the tunnel on a mobile device without manually copying the URL.

  The QR code uses Unicode block characters for a compact representation and is generated best-effort -- if generation fails for any reason, the tunnel URL is still displayed as before.

• #​13467 3a1fbed Thanks @​deloreyj! - Add schedule property to Workflow bindings for cron-based triggering

  Note: This is a configuration-only change. Scheduled triggering of Workflow instances is not yet available — adding schedule to a Workflow binding will not result in scheduled invocations at this time. This change lays the groundwork for an upcoming feature.

  Workflow bindings in wrangler.json now accept an optional schedule field that configures one or more cron expressions to automatically trigger new workflow instances on a schedule.

  // wrangler.json
  {
    "workflows": [
      {
        "binding": "MY_WORKFLOW",
        "name": "my-workflow",
        "class_name": "MyWorkflow",
        "schedule": "0 9 * * 1"
      }
    ]
  }

  Multiple schedules can be provided as an array:

  {
    "workflows": [
      {
        "binding": "MY_WORKFLOW",
        "name": "my-workflow",
        "class_name": "MyWorkflow",
        "schedule": ["0 9 * * 1", "0 17 * * 5"]
      }
    ]
  }

  The schedule is sent to the Workflows control plane on wrangler deploy. Configuring schedule on a workflow binding that references an external script_name is an error — the schedule must be configured on the worker that defines the workflow.

Patch Changes

• #​13993 0733688 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260520.1	1.20260521.1

• #​14008 fc1f7b9 Thanks @​petebacondarwin! - Fix Access Service Token authentication for applications that only allow service tokens

  When using remote bindings against a Worker behind a Cloudflare Access application configured to only allow Service Auth tokens (no interactive user authentication), Wrangler previously ignored the CLOUDFLARE_ACCESS_CLIENT_ID and CLOUDFLARE_ACCESS_CLIENT_SECRET environment variables and the request would fail with a 403.

  This happened because Wrangler detects Access by looking for a 302 redirect to cloudflareaccess.com. A service-auth-only Access application has no interactive login path, so it responds with a hard 403 instead of redirecting. Wrangler concluded the domain was not behind Access and skipped attaching the service token headers entirely.

  The env-var check now runs before the Access detection step, so the configured service token credentials are always used when present.

• #​12277 8c569c6 Thanks @​penalosa! - Include column names in D1 SQL export INSERT statements

  D1 SQL exports now include column names in INSERT statements (e.g., INSERT INTO "table" ("col1","col2") VALUES(...)). This ensures that exported SQL can be successfully imported even when the target table has columns in a different order than the original, which commonly occurs during iterative development when schemas evolve.

• Updated dependencies [0733688, 30657e1]:

  • miniflare@​4.20260521.0

v4.93.1

Compare Source

Patch Changes

• #​13978 fa1f61f Thanks @​sassyconsultingllc! - Bump ws from 8.18.0 to 8.20.1 to address GHSA-58qx-3vcg-4xpx

  GHSA-58qx-3vcg-4xpx / CVE-2026-45736 reports an uninitialized-memory disclosure in ws@<8.20.1 when a TypedArray is passed as the reason argument to WebSocket.close(). The fix shipped in ws@8.20.1 on 2026-05-12. This change bumps the workspace catalog entry so that miniflare, wrangler, and @cloudflare/vite-plugin all pick up the patched release.

• #​13977 2679e05 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260518.1	1.20260519.1

• #​13984 7e40d98 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260519.1	1.20260520.1

• #​13963 adc9221 Thanks @​gabivlj! - Preserve sibling container image tags during local dev cleanup

  Wrangler now keeps other cloudflare-dev image tags from the same dev session when multiple containers share a Dockerfile. Previously, duplicate-image cleanup could remove earlier container tags if Docker BuildKit produced the same image ID for each build.

• #​13839 735852d Thanks @​matingathani! - fix: show actionable hint when /memberships returns a bad-credentials error (code 9106)

  Previously, wrangler threw a raw Cloudflare API error ("Missing X-Auth-Key, X-Auth-Email or Authorization headers") with no guidance. Now it emits a UserError explaining that an environment variable such as CLOUDFLARE_API_TOKEN, CLOUDFLARE_API_KEY, or CLOUDFLARE_EMAIL may be set to an invalid value, and suggests running wrangler logout / wrangler login to re-authenticate.

• #​13912 d803737 Thanks @​petebacondarwin! - Fix /cdn-cgi/* host validation incorrectly accepting subdomains of exact configured routes

  Miniflare's /cdn-cgi/* host/origin validator was treating exact configured routes the same as wildcard configured routes, so a request whose Host or Origin hostname was a subdomain of an exact route (e.g. sub.my-custom-site.com for a my-custom-site.com/* route) was incorrectly accepted. Exact configured routes and the configured upstream hostname are now required to match the request hostname exactly. Subdomain matching is only applied to wildcard routes such as *.example.com/*. Localhost hostnames continue to be allowed as before.

  This affects wrangler dev and local development through @cloudflare/vite-plugin, both of which use Miniflare under the hood.

• #​13919 c7eab7f Thanks @​petebacondarwin! - Fix the outbound CF-Worker header reflecting the route pattern hostname instead of the parent zone, and falling back to <worker-name>.example.com under vite dev, vitest-pool-workers, and getPlatformProxy

  Two related issues affected the CF-Worker header on outbound subrequests in local development:

  1. Under @cloudflare/vite-plugin, @cloudflare/vitest-pool-workers, and getPlatformProxy, the header fell back to <worker-name>.example.com even when routes were configured, because unstable_getMiniflareWorkerOptions and the equivalent getPlatformProxy worker-options path did not propagate a zone value to Miniflare. This broke local development against services that reject unknown CF-Worker hosts (for example, Apple WeatherKit returns 403 Forbidden).
  2. Across the above paths and wrangler dev --local, when a route used the zone_name field (for example { pattern: "foo.example.com/*", zone_name: "example.com" }), the header was set to the pattern's hostname (foo.example.com) rather than the zone name (example.com). Production sets CF-Worker to the zone name that owns the Worker, so this was inconsistent with deployed behaviour.

  Both bugs are fixed: the new unstable_getMiniflareWorkerOptions / getPlatformProxy path now propagates a zone derived from the first configured route, and all four local-dev paths now prefer a route's explicit zone_name over the pattern hostname when computing that zone. When zone_name isn't set, the existing best-effort behaviour is preserved — for wrangler dev this means dev.host is still honoured as a local override and the pattern hostname is used as a final fallback. Resolving the parent zone for zone_id-only, custom_domain, or plain-string routes would require an API lookup, so locally we still approximate it with the pattern hostname.

  Note: dev.host is intentionally not consulted by the unstable_getMiniflareWorkerOptions / getPlatformProxy paths — the dev config block is specific to wrangler dev.

• #​13990 e04e180 Thanks @​petebacondarwin! - Improve the log message shown when an asset upload attempt fails and is retried

  The retry message now reports which attempt is being made (e.g. Asset upload failed. Retrying... 1 of 5 attempts.), making it easier to gauge how close Wrangler is to exhausting its retry budget. The raw error object is no longer appended to this user-facing message; it is instead logged at debug level (visible via WRANGLER_LOG=debug).

• #​13954 62abf97 Thanks @​petebacondarwin! - Read the on-disk OAuth state lazily so CLOUDFLARE_API_TOKEN from .env takes priority correctly

  Wrangler previously read its OAuth state from the user auth config file (for example ~/.config/.wrangler/config/default.toml) eagerly at module-import time. That happens before .env files are loaded, so the in-memory state would always hold the OAuth tokens even when the user only wanted to authenticate via CLOUDFLARE_API_TOKEN. If that stored OAuth token happened to be expired, Wrangler would try to refresh it (and fail), aborting the command with Failed to fetch auth token: 400 Bad Request and Not logged in. — even though a valid API token was in scope.

  Wrangler now reads the auth config file on demand, after .env has been loaded. When CLOUDFLARE_API_TOKEN (or CLOUDFLARE_API_KEY + CLOUDFLARE_EMAIL) is present, the OAuth state on disk is no longer consulted, the OAuth refresh endpoint is no longer called, and the env-based token is used directly. Sibling-process refresh-token rotation is also handled naturally because every check reads the current file contents.

  Internally, the exported reinitialiseAuthTokens() function is removed — there is no module-level OAuth cache left to invalidate.

  Fixes #​13744.

• #​13951 e349fe0 Thanks @​sejoker! - Enforce minimum 60 second interval for R2 Data Catalog sinks

  R2 Data Catalog sinks now require a minimum --roll-interval of 60 seconds to prevent compaction issues in the R2 Data Catalog. This validation is applied when creating sinks via wrangler pipelines sinks create with type r2-data-catalog, and during the interactive wrangler pipelines setup flow.

  Regular R2 sinks are not affected and can still use intervals as low as 10 seconds.

• #​13959 da0fa8c Thanks @​dmmulroy! - Recognize Artifacts repositories that are still being created

  Wrangler's Artifacts repo status type now accepts the creating lifecycle state alongside existing in-progress statuses.

• #​13964 a5c9365 Thanks @​danielrs! - Use dedicated API endpoint for wrangler secret bulk

  wrangler secret bulk now uses a more efficient, dedicated API endpoint. This reduces the operation from 2 API calls to 1 and eliminates the risk of accidentally affecting non-secret bindings.

• Updated dependencies [fa1f61f, 2679e05, 7e40d98, d803737, 59cd880, e8c2031]:

  • miniflare@​4.20260520.0

v4.93.0

Compare Source

Minor Changes

• #​13901 aac7ca0 Thanks @​bghira! - Add wrangler ai models schema command for fetching model schemas

  You can now run wrangler ai models schema <model> to fetch the input and output schema for a Workers AI model from the public model catalog schema endpoint.

• #​12656 ae047ee Thanks @​mikenomitch! - Add --containers-rollout=none

  This allows you to skip deploying a container. This is useful if you know that your container is not going to be updated or you don't have Docker locally, but still want to make changes to your Worker.

• #​13901 aac7ca0 Thanks @​bghira! - Add wrangler ai models list command for querying the Workers AI model catalog

  wrangler ai models list accepts --search, --task, --author, --source, and --hide-experimental, matching the public model catalog search endpoint.

Patch Changes

• #​13948 b25dc0d Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260515.1	1.20260518.1

• #​13882 a4f22bc Thanks @​matingathani! - Throw a clear error when a D1 migration is cancelled instead of silently returning

• #​13950 f78d435 Thanks @​dario-piotrowicz! - Improve the Docker CLI error message to be more actionable.

  Include a link to Docker installation docs, platform-specific instructions for starting the daemon, and guidance for alternative Docker-compatible CLIs.

• #​11896 c5c9e20 Thanks @​staticpayload! - Surface remote proxy session errors

  When remote bindings fail to start, include the controller reason and root cause in the error message to make failures like missing cloudflared clearer.

• #​13932 ebf4b24 Thanks @​zebp! - Fix local Workflow startup when compatibility flags include experimental

  Miniflare now deduplicates compatibility flags for the internal Workflow engine service. This prevents wrangler dev from failing with Compatibility flag specified multiple times: experimental when the user's Worker already enables that flag.

• #​13929 895baf5 Thanks @​Caio-Nogueira! - Prompt to provision a workers.dev subdomain before deploying Workflows

  Wrangler now checks for the account-level workers.dev subdomain when deploying Workflows, even if the Worker is not being published to workers.dev. If the subdomain has not been registered yet, Wrangler prompts to create one before calling the Workflows deploy API so users avoid an opaque server-side deployment failure.

• #​13930 7bcdf45 Thanks @​shiminshen! - Sweep stale .wrangler/tmp/* dirs left behind by abnormal exits

  A wrangler dev session creates .wrangler/tmp/bundle-* and .wrangler/tmp/dev-* directories at startup and removes them via a signal-exit hook on graceful shutdown. When the process exited abnormally (SIGKILL, OOM, host crash) those directories were left behind and accumulated across sessions, slowing down dependency-walking tools that follow the bundle-emitted absolute-path imports.

  wrangler now sweeps entries in .wrangler/tmp/ older than 24 hours when a new temporary directory is requested, bounding the leak regardless of how prior sessions exited.

• Updated dependencies [b25dc0d, ebf4b24, b27eb18]:

  • miniflare@​4.20260518.0

v4.92.0

Compare Source

Minor Changes

• #​13670 506aa02 Thanks @​elithrar! - Add wrangler artifacts commands for managing Artifacts repos and repo tokens.

  This adds CLI support for the Artifacts control-plane workflows that were previously only available through the API. You can now list and inspect namespaces, create, list, inspect, and delete repos, and issue repo-scoped tokens when you need to authenticate git access.

  The new commands support both human-readable output and --json output so they fit existing Wrangler automation patterns.

• #​13916 be8a98c Thanks @​emily-shen! - Add --keep-vars flag to wrangler versions upload, matching the existing behavior in wrangler deploy. When set, environment variables configured via the dashboard are preserved rather than being deleted before the upload.

Patch Changes

• #​13926 19ed49a Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260511.1	1.20260515.1

• #​11471 3ff0a50 Thanks @​HW13! - Improve wrangler types --env-interface for multi-worker projects.

  Custom env interfaces generated by wrangler types no longer expand from Cloudflare.Env, avoiding some unintended type expansion when multiple workers' generated types are used together.

• #​13910 bf688f7 Thanks @​timoconnellaus! - Fix Failed to fetch auth token: 401 Unauthorized from sibling-rotated refresh tokens

  refreshToken previously used the refresh token from module-level localState, which is populated once at startup and never re-read. OAuth refresh tokens are single-use, so when a sibling wrangler process (in another repo, another shell, or a parallel script) refreshes first, it rotates the token server-side and writes the new value to the shared config file (~/Library/Preferences/.wrangler/config/default.toml on macOS). The long-lived process — typically wrangler dev — then sends its stale in-memory token on the next refresh and gets 401 Unauthorized from https://dash.cloudflare.com/oauth2/token, falling through to interactive login and timing out unattended.

  refreshToken now calls reinitialiseAuthTokens() before exchanging, picking up the latest refresh token written by any sibling process. The previously empty catch {} also now logs the underlying error at debug level so future refresh failures are diagnosable without source-diving.

• #​13843 2e72c83 Thanks @​nzws! - Fix wrangler versions secret put/delete/bulk to preserve the existing version's placement settings

  When creating a new version via wrangler versions secret, the previous code only re-emitted a bare { mode: "smart" } placement when the API reported placement_mode === "smart", dropping any other placement entirely. The new version is now created with the placement settings returned by the API, so placement settings survive a secret put/delete/bulk round-trip.

• #​13908 802eaf4 Thanks @​shiminshen! - fix: stop rewriting query strings that happen to contain the request Host

  wrangler dev previously rewrote occurrences of the outer host inside request.url's query string. For example, a request to ?echo=https%3A%2F%2Fdevelopment.test%2Fpath with Host: development.test would be seen by the user worker as ?echo=https%3A%2F%2Fproduction.test%2Fpath, silently mutating opaque application data such as redirect_uri values in OAuth flows.

  The proxy worker now sets the internal MF-Original-URL header after its blanket host-rewriting pass over request headers, so the URL passed to the user worker preserves the original query string.

• #​13827 8f5cdb1 Thanks @​greyvugrin! - Fix multi-environment warning when CLOUDFLARE_ENV is set

  Commands that warn when multiple environments are configured but none is specified (e.g. wrangler deploy, wrangler secret put) were not accounting for the CLOUDFLARE_ENV environment variable when deciding whether to show the warning. This caused a misleading warning to appear even when the target environment was correctly specified via CLOUDFLARE_ENV.

• Updated dependencies [19ed49a]:

  • miniflare@​4.20260515.0

v4.91.0

Compare Source

Minor Changes

• #​13822 c8be316 Thanks @​edmundhung! - Add named tunnel support and tunnel shortcuts to wrangler dev

  You can now use wrangler dev --tunnel --tunnel-name <name> to start a dev session with

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM (* 0-3 * * *)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

🚀 Preview is available at https://039f4b07.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://08300ee1.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://6626ba07.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://547ec4d3.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://777ca95c.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://41dff465.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://604b8a26.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://cfdb8b39.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://360d8039.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://bf28eac1.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://1eb41ed8.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://aca153ea.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://5981a43f.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://0fc38ee8.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://3ae6f59b.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://3264d610.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://ffdc1ecf.enterprise-contract.pages.dev

[github-actions]

🚀 Preview is available at https://b1164918.enterprise-contract.pages.dev