#13391 60565dd Thanks @mikenomitch! - Mark wrangler containers commands as stable
This changes the status of the Containers CLI from open beta to stable. Wrangler no longer shows [open beta] labels or beta warning text for wrangler containers commands, so the help output matches the feature's current availability.
#13311 6cbcdeb Thanks @ryanking13! - JS files imported by the Python Workers runtime SDK are now handled as ESM modules.
This is not a user-facing change, but Python Workers users should update their wrangler version to make sure to get Python workers SDK working properly.
#13450 6f63eaa Thanks @petebacondarwin! - Fix POST/PUT requests with non-2xx responses throwing "fetch failed"
Previously, sending a POST or PUT request that received a non-2xx response (e.g. 401, 400, 403) would throw a TypeError: fetch failed error. This was caused by an undici bug where isTraversableNavigable() incorrectly returned true, causing the 401 credential-retry block to execute in Node.js and fail on stream-backed request bodies. This has been fixed upstream in undici v7.24.8, so we've bumped our dependency and removed the previous pnpm patch workaround.
#13447 aef9825 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260410.1 | 1.20260413.1 |
#13475 eaaa728 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260413.1 | 1.20260415.1 |
#13386 5e5bbc1 Thanks @mksglu! - Make startup network requests non-blocking on slow connections
Wrangler makes network requests during startup (npm update check, request.cf data fetch) that previously blocked the CLI indefinitely on slow or degraded connections (airplane wifi, trains), causing 10+ second delays.
update-check library's auth-retry path.request.cf fetch: The fetch to workers.cloudflare.com/cf.json now uses AbortSignal.timeout(3000), falling back to cached/default data on timeout.#13469 07a918c Thanks @1000hz! - wrangler preview no longer warns on inheritable binding types being missing from previews config.
#13463 90aee27 Thanks @roerohan! - Remove unnecessary flagship:read OAuth scope
The flagship:read scope is not needed since flagship:write already implies read access. This reduces the OAuth permissions requested during login to only what is required.
Updated dependencies [854d66c, 6f63eaa, aef9825, eaaa728, 58292f6, 5e5bbc1, d5ff5a4, 89c7829]:
#13454 bac2311 Thanks @G4brym! - Upgrade OpenAPI template to chanfana 3 and Zod v4
The OpenAPI worker template has been upgraded to use chanfana v3.3 (from v2.6) and Zod v4 (from v3). All removed chanfana parameter helpers (Str, Bool, Num, DateTime) have been replaced with native Zod v4 equivalents. Other dependency updates include hono v4.12, wrangler v4, and @cloudflare/workers-types.
Additional template improvements:
NotFoundException for 404 responses instead of raw Response.json()strict mode in tsconfig (previously silently overridden)@types/service-worker-mock dependency#12563 a25270e Thanks @irvinebroque! - Add best practices documentation links to generated AGENTS.md
The AGENTS.md file generated for new Workers projects now directs AI coding agents to fetch and understand the latest best practices before writing code, including Workers best practices, Durable Objects rules, and Workflows rules.
#12906 7cf5095 Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-vite | 8.3.0 | 9.0.4 |
#13277 44dc73a Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-analog | 2.3.1 | 2.4.7 |
#13437 fe4101c Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-waku | 0.12.5-1.0.0-alpha.6-0 | 0.12.5-1.0.0-alpha.7-0 |
#13316 21d0b53 Thanks @emily-shen! - Fix Vue project scaffolding failing when javascript is selected
#13429 54ceb95 Thanks @NuroDev! - Add shift-click multi-select to R2 object list
Shift-clicking a checkbox in the R2 object list now selects or deselects a contiguous range of rows between the last individually clicked row (the anchor) and the shift-clicked row. This matches standard shift-select behavior in file managers and data tables.
854d66c Thanks @courtney-sims! - Prepares asset-worker for a more gradual rollout by refactoring and separating out the invocation from the business logic. In the future, this will provide space for us to route requests to new versions of asset-worker based on their plan, but should make no functional difference today.#13427 c4deb1d Thanks @edmundhung! - Harden file serving for Vite dev
The Vite plugin now includes Wrangler config files, Vite config files, and .wrangler state files in server.fs.deny so they cannot be fetched directly from the Vite dev server.
Updated dependencies [854d66c, 6f63eaa, aef9825, eaaa728, 58292f6, 5e5bbc1, d5ff5a4, 07a918c, 89c7829, 60565dd, 6cbcdeb, 90aee27]:
#13468 051db1f Thanks @jamesopstad! - Make all properties in previews optional
All properties in previews were previously incorrectly typed as required.
#13354 854d66c Thanks @courtney-sims! - Prepares asset-worker for a more gradual rollout by refactoring and separating out the invocation from the business logic. In the future, this will provide space for us to route requests to new versions of asset-worker based on their plan, but should make no functional difference today.
#13450 6f63eaa Thanks @petebacondarwin! - Fix POST/PUT requests with non-2xx responses throwing "fetch failed"
Previously, sending a POST or PUT request that received a non-2xx response (e.g. 401, 400, 403) would throw a TypeError: fetch failed error. This was caused by an undici bug where isTraversableNavigable() incorrectly returned true, causing the 401 credential-retry block to execute in Node.js and fail on stream-backed request bodies. This has been fixed upstream in undici v7.24.8, so we've bumped our dependency and removed the previous pnpm patch workaround.
#13447 aef9825 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260410.1 | 1.20260413.1 |
#13475 eaaa728 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260413.1 | 1.20260415.1 |
#13472 58292f6 Thanks @roerohan! - Fix wrangler dev crash when using a Flagship binding with remote: true
In remote mode, the flagship binding is backed by a generic proxy worker that only has a default export. The plugin was requesting a named entrypoint "FlagshipBinding" which doesn't exist on it, causing workerd to reject the binding at startup. The named entrypoint is now omitted in remote mode so workerd routes to the default export, which correctly proxies all RPC calls to the remote Flagship service.
#13386 5e5bbc1 Thanks @mksglu! - Make startup network requests non-blocking on slow connections
Wrangler makes network requests during startup (npm update check, request.cf data fetch) that previously blocked the CLI indefinitely on slow or degraded connections (airplane wifi, trains), causing 10+ second delays.
update-check library's auth-retry path.request.cf fetch: The fetch to workers.cloudflare.com/cf.json now uses AbortSignal.timeout(3000), falling back to cached/default data on timeout.#13476 d5ff5a4 Thanks @roerohan! - Fix wrangler dev crash when using a Stream binding with remote: true
In remote mode, the Stream binding is backed by a generic proxy worker that only has a default export. The plugin was requesting a named entrypoint "StreamBinding" which doesn't exist on it, causing workerd to reject the binding at startup. The named entrypoint is now omitted in remote mode so workerd routes to the default export, which correctly proxies all RPC calls to the remote Stream service.
#13426 89c7829 Thanks @edmundhung! - Reject non-local /cdn-cgi/* requests in Miniflare
Miniflare now validates Host and Origin on /cdn-cgi/* requests before request rewriting. Requests are still allowed for localhost, configured route hostnames, and the configured upstream hostname, but non-local hostnames can no longer reach internal development endpoints such as platform-proxy, handler routes, live reload, and the local explorer.
9b2b6ba Thanks @jamesopstad! - Add Flagship OAuth scopes to wrangler login9b2b6ba]:
9b2b6ba]:
#13453 6b11b07 Thanks @petebacondarwin! - Disable flagship OAuth scopes that are not yet valid in the Cloudflare backend
The flagship:read and flagship:write OAuth scopes have been temporarily commented out from the default scopes requested during login, as they are not yet recognized by the Cloudflare backend.
#13438 dd4e888 Thanks @dependabot! - fix: handle Vike config files that use a variable-referenced default export
Newer versions of create-vike (0.0.616+) generate pages/+config.ts files using const config: Config = { ... }; export default config; instead of the previous export default { ... } satisfies Config;. The Wrangler autoconfig AST transformation now resolves Identifier exports to their variable declarations, supporting both old and new Vike config file formats.
#13438 dd4e888 Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-vike | 0.0.599 | 0.0.616 |
#13353 5338bb6 Thanks @mattzcarey! - Add artifacts:write to Wrangler's default OAuth scopes, enabling wrangler login to request access to Cloudflare Artifacts (registries and artifacts).
#13139 79fd529 Thanks @roerohan! - feat: add Flagship feature flag binding support
Adds end-to-end support for the Flagship feature flag binding, which allows Workers to evaluate feature flags from Cloudflare's Flagship service. Configure it in wrangler.json with a flagship array containing binding and app_id entries. In local dev, the binding returns default values for all flag evaluations; use "remote": true in the binding to evaluate flags against the live Flagship service.
#12983 28bc2be Thanks @1000hz! - Added the wrangler preview command family for creating Preview deployments (currently in private beta).
#13197 4fd138b Thanks @shahsimpson! - Add preview output-file entries for wrangler preview deployments
wrangler preview now writes a preview entry to the Wrangler output file when WRANGLER_OUTPUT_FILE_PATH or WRANGLER_OUTPUT_FILE_DIRECTORY is configured. The entry includes the Worker name, preview metadata (preview_id, preview_name, preview_slug, preview_urls) and deployment metadata (deployment_id, deployment_urls).
This makes preview command runs machine-readable in the same output stream as other Wrangler commands, which helps CI integrations consume preview URLs and IDs directly.
#13159 bafb96b Thanks @ruifigueira! - Add wrangler browser commands for managing Browser Rendering sessions
New commands for Browser Rendering DevTools:
wrangler browser create [--lab] [--keepAlive <seconds>] [--open] - Create a new sessionwrangler browser close <sessionId> - Close a sessionwrangler browser list - List active sessionswrangler browser view [sessionId] [--target <selector>] [--open] - View a live browser sessionThe view command auto-selects when only one session exists, or prompts for selection when multiple are available.
The --open flag controls whether to open DevTools in browser (default: true in interactive mode, false in CI/scripts). Use --no-open to just print the DevTools URL.
All commands support --json for programmatic output. Also adds browser:write OAuth scope to wrangler login.
#13392 2589395 Thanks @emily-shen! - Add telemetry to local REST API
The local REST API (used by the local explorer) now collects anonymous usage telemetry. This respects any existing telemetry preferences, which can be disabled by running the command wrangler telemetry disable.
This only applies when the dev session is started via Wrangler, and not via the Vite plugin or standalone Miniflare.
No actual data values, keys, query contents, or resource IDs are collected.
Event schema:
{
"event": "localapi.<route>.<method>", // e.g. localapi.kv.keys.get
"deviceId": "<uuid>",
"timestamp": 1234567890,
"properties": {
"userAgent": "Mozilla/5.0 ...",
// Only for localapi.local.workers.get:
"workerCount": 2,
"kvCount": 3,
"d1Count": 1,
"r2Count": 0,
"doCount": 1,
"workflowsCount": 0
}
}Note: the Local Explorer and corresponding local REST API is still an experimental feature.
#13137 1313275 Thanks @emily-shen! - explorer: expose the local explorer hotkey
List the local explorer's hotkey [e] in wrangler dev output.
#13393 c50cb5b Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260409.1 | 1.20260410.1 |
#13424 525a46b Thanks @paulelliotco! - Keep proxy notices off stdout for JSON Wrangler commands
Wrangler now writes the startup notice for HTTP_PROXY and HTTPS_PROXY to stderr instead of stdout. This keeps commands like wrangler auth token --json machine-readable when a proxy is configured.
Updated dependencies [79fd529, c50cb5b, 2589395, 5eff8c1]:
#13137 1313275 Thanks @emily-shen! - Add e hotkey to open local explorer during dev
Press e during vite dev to open the local explorer UI at /cdn-cgi/explorer, which allows you to inspect the state of your D1, R2, KV, DO and Workflow bindings.
#13330 b30eb67 Thanks @NuroDev! - Update local explorer sidebar with collapsible groups, theme persistence, and Kumo v1.17
Adds localStorage persistence for sidebar group expansion states and theme mode (light/dark/system). The sidebar now uses Kumo v1.17 primitives with collapsible groups and a theme toggle in the footer.
Users can now cycle between light, dark, and system theme modes, and their preference will be persisted across sessions.
Sidebar groups (D1, Durable Objects, KV, R2, Workflows) also remember their collapsed/expanded state.
#13361 a4f1d5c Thanks @NuroDev! - Cleaned up local explorer workflows page design.
The core design & layout of the workflows page(s) in the local explorer has been tweaked to make it more uniform and consistent with all other resource pages.
#13407 496c5d5 Thanks @NuroDev! - Add new "Copy prompt for agent" button.
This adds a clipboard copy field to the Local Explorer homepage for sharing an agent/LLM Local Explorer API prompt.
#13158 67be6b0 Thanks @NuroDev! - Improves local explorer invalid route error handling.
Visiting a route either as a 404 or 500 error now has dedicated components to handle as such, rather than the generic TanStack error UI.
Additionally, it also fixes route loaders to correctly throw a 404 error if a resource is not found, rather than showing a generic error.
#13407 496c5d5 Thanks @NuroDev! - Updates the Local Explorer homepage prompt to use the current runtime origin for the Explorer API endpoint.
This ensures copied prompt text points to the correct local URL instead of a placeholder localhost port.