Skip to content

wrangler — releases

Latest 20 GitHub releases for cloudflare/workers-sdk. Auto-mirrored by playbooks/local/autodocgen.yml.

[!info] Pinned in BreeZ-CF: 4.85.0 · upstream latest: [email protected].

[email protected] · [email protected]

2026-04-28 · by @workers-devprod

Minor Changes

  • #13605 ea943ff Thanks @danielgek! - Add namespace support to wrangler ai-search commands

    All wrangler ai-search instance commands (create, list, get, update, delete, stats, search) now accept a --namespace (or -n) flag to target a specific AI Search namespace. When the flag is omitted, commands default to the default namespace that Cloudflare automatically provisions for every account.

    wrangler ai-search list now displays a namespace column, and wrangler ai-search create offers an interactive picker for existing namespaces (with an option to create a new one) when --namespace is not supplied in an interactive session.

    A new wrangler ai-search namespace subcommand group is also introduced, with list, create, get, update, and delete subcommands for managing namespaces directly.

    wrangler ai-search list --namespace blog
wrangler ai-search create my-instance --namespace blog --type r2 --source my-bucket
wrangler ai-search namespace create blog --description "Blog content"

  • #13637 9eb9e69 Thanks @edmundhung! - Add --tunnel flag to wrangler dev for sharing your local dev server via Cloudflare Quick Tunnels

    You can now expose your local dev server publicly by passing --tunnel:

    wrangler dev --tunnel

    This starts a Cloudflare Quick Tunnel that gives you a random *.trycloudflare.com URL to share. The tunnel stops automatically when the dev session ends. Quick tunnels don't require a Cloudflare account or any configuration.

    A warning is shown when Server-Sent Events (SSE) responses are detected through the tunnel, since quick tunnels don't support SSE.

  • #13661 0a5db08 Thanks @aspizu! - wrangler tail will now log stack traces. These stack traces already include resolved frames if you have chosen to upload sourcemaps.

  • #13617 118027d Thanks @roerohan! - Force Flagship bindings to always use remote mode in local dev

    Flagship bindings now always access the remote Flagship service during local development, matching the behavior of AI bindings. Previously, Flagship supported both local and remote modes, but the local stub only returned default values, providing no real functionality and creating a dual source of truth for flag evaluations.

    The remote config field is retained for backward compatibility but only controls whether a warning is displayed. Setting remote: true suppresses the warning that Flagship bindings always access remote resources and may incur usage charges in local dev.

  • #13254 e867ac2 Thanks @tgarg-cf! - Add wrangler queues consumer list subcommands for listing queue consumers

    Three new commands are available for listing consumers on a queue:

    • wrangler queues consumer list <queue-name> — lists all consumers (both worker and HTTP pull), grouped by type
    • wrangler queues consumer worker list <queue-name> — lists only worker consumers
    • wrangler queues consumer http list <queue-name> — lists only HTTP pull consumers

Patch Changes

  • #13696 62e9f2a Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260424.1 1.20260426.1

  • #13576 2dc6175 Thanks @MattieTK! - Restore telemetry tracking for common CLI flags that were unintentionally dropped during sanitisation

    When argument sanitisation was introduced, only explicitly allow-listed args had their values included in telemetry. The allow list was very conservative, which meant common boolean flags like --remote, --json, --dry-run, --force, and many others were no longer being captured in sanitizedArgs despite previously being tracked. Boolean flags are inherently safe (values are only true/false), so these have now been added back to the global allow list. A small number of fixed-choice args (--local-protocol, --upstream-protocol, --containers-rollout) have also been added with their known value sets.

  • #13649 ae8eae3 Thanks @petebacondarwin! - Fix service binding and tail consumer props being dropped between workers in different local dev instances

    When a service binding or tail consumer configured with props targeted a worker running in a separate wrangler dev instance (via the dev registry), the props were silently dropped and the remote entrypoint saw an empty ctx.props. Props are now forwarded correctly across the dev registry boundary, matching the behavior users get when all workers run in a single instance.

    // wrangler.json
{
  "services": [
    {
      "binding": "AUTH",
      "service": "auth-worker", // may be in a separate `wrangler dev` process
      "entrypoint": "SessionEntry",
      "props": { "tenant": "acme" }
    }
  ]
}

    The target worker's SessionEntry entrypoint now correctly receives { tenant: "acme" } on ctx.props regardless of which local dev instance it runs in.

  • #13662 f2e2241 Thanks @petebacondarwin! - Fix three resource leaks in unstable_startWorker teardown that could prevent Node from exiting cleanly after worker.dispose().

    • The esbuild context created by bundleWorker is now disposed when the initial build fails. Previously a failing initial build (e.g. an unresolvable entrypoint, or a worker started with an invalid config via setConfig) left the esbuild child process running for the lifetime of the parent Node process.
    • runBuild's cleanup function now awaits the in-flight build before running the bundler's stop handler. Previously teardown could return before esbuild.BuildContext.dispose() had been called, so the esbuild watcher kept the event loop alive after dispose had resolved.
    • BundlerController.teardown() now runs the esbuild cleanup before removing the bundler's temporary directory, and aborts the in-flight bundle build so it cannot emit stale bundleStart/bundleComplete events after teardown. Previously the tmpdir was removed first, which in race with an in-flight rebuild produced confusing "Could not resolve .wrangler/tmp/bundle-XXXX/middleware-loader.entry.ts" errors during dispose.

  • #13674 4f6ed93 Thanks @petebacondarwin! - Stop emitting a misleading [wrangler:error] Docker build exited with code: <n> log when the user aborts an in-progress container image build (for example by pressing the r rebuild hotkey while the previous build is still running).

    The abort-detection branch in the local and multi-worker runtime controllers was matching the wrong error message — it checked for "Build exited with code: 1", but the error thrown by the docker build helper is actually "Docker build exited with code: <n>", and the exit code after a process-group SIGINT/SIGKILL is typically 130/137/143, not 1. As a result, every legitimate user-initiated rebuild abort produced a spurious error event and [wrangler:error] log line. The check now matches the real error message prefix and ignores any non-zero exit code from the aborted build, so a user-requested rebuild while another build is in progress is silent.

  • #13667 ed2f4ec Thanks @emily-shen! - fix: Preserve auth in remote proxy session data to avoid unnecessary session restarts

    maybeStartOrUpdateRemoteProxySession was not including auth in its return value, so on subsequent calls preExistingRemoteProxySessionData.auth was always undefined. This caused the auth comparison to always detect a change, disposing and recreating the remote proxy session on every reload even when auth had not changed.

  • #13695 92bb8a5 Thanks @alexanderniebuhr! - wrangler types --check no longer throws when the types file was generated with an explicit boolean flag. Previously, yargs would parse such flags as actual booleans rather than strings, causing an internal parse error.

  • #13662 f2e2241 Thanks @petebacondarwin! - Fix the wrangler tail command leaking a signal-exit listener after the tail has been cleanly closed.

    The tail command registered both a tail.on("close", exit) listener and a process-level onExit(exit) handler, but never removed the latter after exit() had run. In long-lived CLI processes this is harmless — the handler eventually runs once on shutdown — but in unit tests that repeatedly invoke wrangler tail, every invocation accumulates a handler that fires during test-runner shutdown. Those late invocations call deleteTail() after the test's auth mocks have been torn down, producing spurious "Not logged in" unhandled rejections which fail the Linux CI runs.

    The handler is now removed as soon as exit() runs, and exit() is guarded against re-entry so it is idempotent if both the WebSocket close event and a real signal fire for the same session.

  • #13187 fcc491a Thanks @dario-piotrowicz! - Recognize Hydrogen as a known unsupported framework in autoconfig

    Previously, Hydrogen projects were incorrectly identified as React Router (since Hydrogen uses React Router under the hood), leading to a confusing autoconfig experience. Hydrogen is now recognized as a distinct unsupported framework, so users see a clear message that Hydrogen is not yet supported instead of being guided through React Router configuration.

  • #13628 e6c437a Thanks @emily-shen! - fix: prioritise CLOUDFLARE_ACCOUNT_ID over a cached account id for all Pages commands

    Previously, some Pages commands (pages deploy, pages deployment list/delete/tail, pages download config, pages secret) used a cached account id over the CLOUDFLARE_ACCOUNT_ID environment variable. The pages project commands already correctly prioritised CLOUDFLARE_ACCOUNT_ID.

  • Updated dependencies [21b87b2, 62e9f2a, 033d6ec, ae8eae3, ef24ff2, 6d27479, 118027d]:

[email protected] · [email protected]

2026-04-28 · by @workers-devprod

Minor Changes

  • #13599 21b87b2 Thanks @Ltadrian! - Add extended sslmode support for Hyperdrive local dev. This adds support for sslmodes verify-full / verify-ca for Postgres and VERIFY_IDENTITY / VERIFY_CA for MySQL

  • #13617 118027d Thanks @roerohan! - Force Flagship bindings to always use remote mode in local dev

    Flagship bindings now always access the remote Flagship service during local development, matching the behavior of AI bindings. Previously, Flagship supported both local and remote modes, but the local stub only returned default values, providing no real functionality and creating a dual source of truth for flag evaluations.

    The remote config field is retained for backward compatibility but only controls whether a warning is displayed. Setting remote: true suppresses the warning that Flagship bindings always access remote resources and may incur usage charges in local dev.

Patch Changes

  • #13696 62e9f2a Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260424.1 1.20260426.1

  • #13652 033d6ec Thanks @emily-shen! - fix: allow multiple workers with browser bindings in dev

    You can now run multiple workers with multiple browser bindings in miniflare. Previously, this would crash with kj/table.c++:49: failed: inserted row already exists in table.

  • #13649 ae8eae3 Thanks @petebacondarwin! - Fix service binding and tail consumer props being dropped between workers in different local dev instances

    When a service binding or tail consumer configured with props targeted a worker running in a separate wrangler dev instance (via the dev registry), the props were silently dropped and the remote entrypoint saw an empty ctx.props. Props are now forwarded correctly across the dev registry boundary, matching the behavior users get when all workers run in a single instance.

    // wrangler.json
{
  "services": [
    {
      "binding": "AUTH",
      "service": "auth-worker", // may be in a separate `wrangler dev` process
      "entrypoint": "SessionEntry",
      "props": { "tenant": "acme" }
    }
  ]
}

    The target worker's SessionEntry entrypoint now correctly receives { tenant: "acme" } on ctx.props regardless of which local dev instance it runs in.

  • #13668 ef24ff2 Thanks @for-the-kidz! - Fix TypeError: rules is not iterable in the router-worker when static_routing is configured without user_worker rules

    The router-worker's static-routing include-rule evaluation passed config.static_routing.user_worker directly to the matcher, which iterates with for...of. When static_routing was set but user_worker was omitted, the matcher threw TypeError: rules is not iterable and failed the request. The adjacent asset_worker branch already falls back to [] in this case; the user_worker branch now does the same.

  • #13654 6d27479 Thanks @pombosilva! - fix: Preserve internal counter suffix on workflow step names in local explorer API

    Stop stripping the -N suffix from step names in the API response so the UI can distinguish duplicate step names. The suffix is now stripped only visually in the UI.

[email protected] · [email protected]

2026-04-28 · by @workers-devprod

Patch Changes

  • #13680 08fa62e Thanks @dependabot! - Update dependencies of "create-cloudflare"

    The following dependency versions have been updated:

    Dependency From To
    create-vite 9.0.4 9.0.6

  • #13681 32cc1b4 Thanks @dependabot! - Update dependencies of "create-cloudflare"

    The following dependency versions have been updated:

    Dependency From To
    create-react-router 7.14.1 7.14.2

  • #13682 c642d18 Thanks @dependabot! - Update dependencies of "create-cloudflare"

    The following dependency versions have been updated:

    Dependency From To
    create-analog 2.4.8 2.4.10

  • #13683 a3496fa Thanks @dependabot! - Update dependencies of "create-cloudflare"

    The following dependency versions have been updated:

    Dependency From To
    @tanstack/create-start 0.59.21 0.59.22

  • #13684 02ab1b4 Thanks @dependabot! - Update dependencies of "create-cloudflare"

    The following dependency versions have been updated:

    Dependency From To
    create-waku 0.12.5-1.0.0-alpha.7-0 0.12.5-1.0.0-alpha.8-0

  • #13685 6fc418b Thanks @dependabot! - Update dependencies of "create-cloudflare"

    The following dependency versions have been updated:

    Dependency From To
    create-astro 5.0.5 5.0.6

  • #13686 1d8bad5 Thanks @dependabot! - Update dependencies of "create-cloudflare"

    The following dependency versions have been updated:

    Dependency From To
    create-vue 3.22.2 3.22.3

  • #13687 2bcfffc Thanks @dependabot! - Update dependencies of "create-cloudflare"

    The following dependency versions have been updated:

    Dependency From To
    sv 0.12.5 0.15.1

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-28 · by @workers-devprod

Patch Changes

  • #13668 ef24ff2 Thanks @for-the-kidz! - Fix TypeError: rules is not iterable in the router-worker when static_routing is configured without user_worker rules

    The router-worker's static-routing include-rule evaluation passed config.static_routing.user_worker directly to the matcher, which iterates with for...of. When static_routing was set but user_worker was omitted, the matcher threw TypeError: rules is not iterable and failed the request. The adjacent asset_worker branch already falls back to [] in this case; the user_worker branch now does the same.

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-28 · by @workers-devprod

Patch Changes

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-28 · by @workers-devprod

Minor Changes

  • #13666 edcff69 Thanks @edmundhung! - Add tunnel: true to the cloudflare() Vite plugin for sharing your local dev and preview servers via Cloudflare Quick Tunnels

    You can now expose your local dev server publicly by setting tunnel: true:

    cloudflare({
  tunnel: true,
});

    You can also enable tunnel sharing dynamically using an environment variable:

    cloudflare({
  tunnel: process.env.ENABLE_DEV_TUNNEL === "true",
});

    This starts a Cloudflare Quick Tunnel that gives you a random *.trycloudflare.com URL to share. The tunnel stops automatically when the dev or preview session ends. Quick tunnels don't require a Cloudflare account or any configuration.

    A warning is shown when Server-Sent Events (SSE) responses are detected through the tunnel, since quick tunnels don't support SSE.

Patch Changes

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-28 · by @workers-devprod

Patch Changes

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-28 · by @workers-devprod

Patch Changes

  • #13654 6d27479 Thanks @pombosilva! - fix: Preserve expanded workflow steps across polling and improve instance page UX

    Expanded steps no longer collapse when new steps arrive via polling. Expansion state is lifted into the parent component and tracked by stable step keys, and polling skips state updates when data hasn't changed.

    Also: navigate to instance page after triggering, distinct refresh/restart icons, toolbar layout below stats strip, always-visible stats, unified status colors, and visual-only stripping of internal step name suffixes.

[email protected] · [email protected]

2026-04-27 · by @emily-shen

Minor Changes

Custom domain routes can now include optional enabled and previews_enabled boolean fields to control whether a custom domain serves production and/or preview traffic. When omitted, the API defaults apply (production enabled, previews disabled).

Patch Changes

When an ai_search_namespaces binding inherits from the existing deployment, the bindings table now correctly shows (inherited) instead of a raw Symbol(inherit_binding) string.

The following dependency versions have been updated:

Dependency From To
workerd 1.20260421.1 1.20260422.1

The following dependency versions have been updated:

Dependency From To
workerd 1.20260422.1 1.20260423.1

The following dependency versions have been updated:

Dependency From To
workerd 1.20260423.1 1.20260424.1

When the Cloudflare WAF blocks an API request, the response is an HTML page rather than JSON. Previously, this caused a confusing "Received a malformed response from the API" error with a truncated HTML snippet. Wrangler now detects WAF block pages and displays a clear error message explaining that the request was blocked by the firewall, along with the Cloudflare Ray ID (when available) for use in support tickets.

For other non-JSON responses that aren't WAF blocks, the "malformed response" error also now includes the Ray ID to help reference failing requests in support tickets.

  • #13560 7567ef7 Thanks @vaishnav-mk! - Preserve NonRetryableError message and name when the workflows_preserve_non_retryable_error_message compatibility flag is enabled, instead of replacing it with a generic error message.

  • #11784 2831b54 Thanks @JPeer264! - fix(wrangler): Bind the console methods directly instead of using a global proxy

  • #13644 377715d Thanks @MattieTK! - Update @clack/core and @clack/prompts to v1.2.0

Bumps the bundled @clack/core dependency used internally by @cloudflare/cli from 0.3.x to 1.2.0, and the @clack/prompts dependency in create-cloudflare from 0.6.x to 1.2.0. Clack v1 includes a number of API changes, but no user-facing prompt behaviour changes are expected.

[email protected] · [email protected]

2026-04-27 · by @emily-shen

Minor Changes

  • #13234 7fc50c1 Thanks @natewong1313! - Support serving videos locally, add publicUrl option for stable stream preview URLs, and add caption upload support via ReadableStream

Videos uploaded while in local mode are now served at /cdn-cgi/mf/stream/<video-id>/watch. The preview field in StreamVideo is now directly fetchable during development.

A new publicUrl option on MiniflareOptions allows callers (e.g. Wrangler, the Vite plugin) to advertise a stable, externally-reachable URL for the Miniflare instance. When set, Stream preview URLs use this value instead of the runtime entry URL, so they remain valid across runtime restarts and port changes. The same value is also exposed as a mutable miniflare.publicUrl property.

The helper functions buildPublicUrl and getLocallyAccessibleHost are now exported from miniflare, enabling consumers to construct client-reachable URLs that correctly handle IPv6 addresses (bracketing) and wildcard listen addresses (0.0.0.0, ::, *127.0.0.1).

Caption uploads via ReadableStream are now supported in local mode. They no longer throw a "not supported in local mode" error.

Patch Changes

The following dependency versions have been updated:

Dependency From To
workerd 1.20260421.1 1.20260422.1

The following dependency versions have been updated:

Dependency From To
workerd 1.20260422.1 1.20260423.1

The following dependency versions have been updated:

Dependency From To
workerd 1.20260423.1 1.20260424.1

The filesystem-based dev registry used chokidar with default settings, which on Windows backs onto fs.watch (ReadDirectoryChangesW). That API is known to drop or delay create events for files added shortly after the watcher attaches, which is especially common under CI virtualization. When this happened, a process that had attached its watcher before another process registered its worker would never be notified of the new entry until the next 30-second heartbeat — long enough to time out cross-process service-binding calls.

Switch to chokidar's polling mode on Windows so the dev registry observes cross-process worker registrations reliably. The registry directory is small and a 100ms poll interval has negligible cost. Non-Windows platforms continue to use the more efficient native filesystem-event backend.

  • #13560 7567ef7 Thanks @vaishnav-mk! - Preserve NonRetryableError message and name when the workflows_preserve_non_retryable_error_message compatibility flag is enabled, instead of replacing it with a generic error message.

  • #13644 377715d Thanks @MattieTK! - Update @clack/core and @clack/prompts to v1.2.0

Bumps the bundled @clack/core dependency used internally by @cloudflare/cli from 0.3.x to 1.2.0, and the @clack/prompts dependency in create-cloudflare from 0.6.x to 1.2.0. Clack v1 includes a number of API changes, but no user-facing prompt behaviour changes are expected.

[email protected] · [email protected]

2026-04-27 · by @emily-shen

Patch Changes

Bumps the bundled @clack/core dependency used internally by @cloudflare/cli from 0.3.x to 1.2.0, and the @clack/prompts dependency in create-cloudflare from 0.6.x to 1.2.0. Clack v1 includes a number of API changes, but no user-facing prompt behaviour changes are expected.

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-24 · by @workers-devprod

Patch Changes

  • #13560 7567ef7 Thanks @vaishnav-mk! - Preserve NonRetryableError message and name when the workflows_preserve_non_retryable_error_message compatibility flag is enabled, instead of replacing it with a generic error message.

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-27 · by @emily-shen

Minor Changes

The reset() helper deletes all data from attached bindings, and resets all Durable Object instances. This is useful for resetting state between test blocks.

The abortAllDurableObjects() helper resets all Durable Object instances without deleting persisted data.

import { reset } from "cloudflare:test";
import { afterEach } from "vitest";

afterEach(async () => {
  await reset();
});

Patch Changes

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-27 · by @emily-shen

Patch Changes

This allows projects to access vite.config.* files during development when needed.

When no compatibility date was set by the user, the plugin was falling back to the current date. This meant that the date could get ahead of the latest date supported by the installed version of workerd. We now populate the default compatibility date when the plugin is built. This means that it is updated with each release but then stays fixed.

We now only add special handling for /cdn-cgi/handler/* routes, so that trigger handlers are invoked on the User Worker.

Previously, using a registry.cloudflare.com image in a containers binding would crash vite dev with an unsupported error. The Vite plugin now configures the Cloudflare API client using CLOUDFLARE_API_TOKEN and CLOUDFLARE_ACCOUNT_ID before pulling container images, matching the behavior of wrangler dev.

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-27 · by @emily-shen

Patch Changes

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-24 · by @workers-devprod

Patch Changes

  • #13611 6e99feb Thanks @smaldd14! - Support Cloudflare-managed registry images in Vite plugin local dev

    Previously, using a registry.cloudflare.com image in a containers binding would crash vite dev with an unsupported error. The Vite plugin now configures the Cloudflare API client using CLOUDFLARE_API_TOKEN and CLOUDFLARE_ACCOUNT_ID before pulling container images, matching the behavior of wrangler dev.

@cloudflare/[email protected] · @cloudflare/[email protected]

2026-04-24 · by @workers-devprod

Minor Changes

  • #13651 47ac63f Thanks @penalosa! - Publish @cloudflare/cli-shared-helpers and @cloudflare/workers-utils to npm

Patch Changes

[email protected] · [email protected]

2026-04-21 · by @workers-devprod

Patch Changes

  • #13615 8fec8b8 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260420.1 1.20260421.1

  • #13572 a610749 Thanks @dario-piotrowicz! - Fix wrangler types --check ignoring --env-interface and secondary --config entries

    Previously, wrangler types --check ran its staleness check before resolving the --env-interface flag and before collecting secondary worker entry points from additional --config arguments. This meant it could incorrectly report types as up to date when they were actually stale due to a different env interface name or changes in secondary worker configs. The check now runs after all options are fully resolved, so it correctly detects mismatches.

  • Updated dependencies [8fec8b8, 2f3d7b9]:

[email protected] · [email protected]

2026-04-21 · by @workers-devprod

Patch Changes

  • #13615 8fec8b8 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260420.1 1.20260421.1

  • #13613 2f3d7b9 Thanks @dario-piotrowicz! - Fix sourcemap warnings caused by references to files outside the package boundary

    miniflare's bundled sourcemap contained sources entries pointing into node_modules dependencies (zod, capnp-es, chokidar, etc.), which produced dozens of warnings in pnpm monorepos when tools like Vite or Vitest validated the sourcemaps at runtime. The build now inlines sourcesContent and patches any null entries left by upstream dependencies that don't publish their original source files

[email protected] · [email protected]

2026-04-21 · by @workers-devprod

Patch Changes

  • #13513 f822594 Thanks @edmundhung! - Update the design of the React Workers starter

    The React Workers template now follows the latest Vite React starter more closely, so new projects get the refreshed upstream design alongside the existing Cloudflare integration.