#11697 67a4ab1 Thanks @jamesopstad! - Add experimental.prerenderWorker option to the plugin config.
This enables configuring a dedicated Worker for prerendering at build time. This is an experimental feature and may change or be removed at any time.
#12214 4db3864 Thanks @jamesopstad! - Use Hook Filters to optimize plugin performance with Vite 8. This skips unnecessary Rust-to-JS calls with Rolldown powered Vite.
#12358 4340c42 Thanks @jamesopstad! - Always emit a .assetsignore file in the client output directory.
Previously, we would emit a .assetsignore file in the client output directory only if the client output included a wrangler.json file.
We now always emit it, which prevents a wrangler.json file being deployed as an asset if it is copied into this directory by mistake.
Updated dependencies [964a39d, 253a85d, ce736b9, 0c9625a, 47944d1, 4c4d5a5, b05b919, 0aaf080, b981db5, a113c0d, fdd7a9f, a5fca2c, 1bd1488, f7aa8c7]:
#12186 0c9625a Thanks @penalosa! - Add CF-Worker header to outgoing fetch requests in local development to match production behavior. A new optional zone option allows specifying the zone value for the header. When not specified, the header defaults to ${worker-name}.example.com.
#12185 f7aa8c7 Thanks @penalosa! - Add timestamp field to the version metadata binding in local development. The version metadata binding now includes id, tag, and timestamp fields, making it easier to test version-aware logic locally.
#12289 0aaf080 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260128.0 | 1.20260129.0 |
#12295 b981db5 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260129.0 | 1.20260130.0 |
#12355 a113c0d Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260130.0 | 1.20260131.0 |
#12269 a1450ca Thanks @penalosa! - Handle git commit failures gracefully
When creating the initial commit fails (for example, when GPG signing is cancelled or misconfigured), the setup process now continues instead of crashing. A message is displayed informing the user that the commit was skipped and they can commit manually later.
#12339 ff3bf9d Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-analog | 2.2.2 | 2.2.3 |
#12340 1d12aef Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-vue | 3.19.0 | 3.20.0 |
#12341 4a563bd Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-qwik | 1.18.0 | 1.19.0 |
#12342 6d79ade Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| sv | 0.11.3 | 0.11.4 |
#12343 10eb094 Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-vike | 0.0.566 | 0.0.572 |
#12344 8a01a1c Thanks @dependabot! - Update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-waku | 0.12.5-1.0.0-alpha.2-0 | 0.12.5-1.0.0-alpha.3-0 |
#12291 75062fe Thanks @vicb! - Simplify creating a new Astro app
The Astro CLI should not ask users whether they want to use git as create-cloudflare handles that already
#12152 8a210af Thanks @emily-shen! - Implement local KV API for experimental/WIP local resource explorer
The following APIs have been (mostly) implemented: GET /storage/kv/namespaces - List namespaces GET /storage/kv/namespaces/:id/keys - List keys GET /storage/kv/namespaces/:id/values/:key - Get value PUT /storage/kv/namespaces/:id/values/:key - Write value DELETE /storage/kv/namespaces/:id/values/:key - Delete key POST /storage/kv/namespaces/:id/bulk/get - Bulk get values
#12183 17961bb Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260124.0 | 1.20260127.0 |
#12196 52fdfe7 Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260127.0 | 1.20260128.0 |
#11860 4a4007d Thanks @dependabot! - chore: update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| @angular/create | 21.0.4 | 21.1.1 |
#12156 abd2b71 Thanks @irvinebroque! - Fix compatibility date detection failing when creating new projects
Previously, getLocalWorkerdCompatibilityDate() would fail to find the locally installed miniflare and workerd packages, causing npm create cloudflare@latest to fall back to a hardcoded date (2025-09-27) instead of using the current workerd compatibility date.
The issue was that module.createRequire() was called with a directory path. Node.js treats this as a filename at that location and looks for node_modules in the parent directory rather than the intended directory. This is now fixed by appending package.json to the path, which ensures module resolution starts from the correct location.
Fixes #12155
5f060c9 Thanks @petebacondarwin! - Add support for native node:repl module when the enable_nodejs_repl_module and experimental compatibility flags are enabled.#12154 e36c0c9 Thanks @petebacondarwin! - Use X-Forwarded-Host header for extension authority when behind a proxy
When Quick Edit is accessed through a proxy, the X-Forwarded-Host header is now used to determine the authority for loading builtin extensions. This ensures extensions load correctly when the Worker is behind a reverse proxy. The header value is only used if it matches *.devprod.cloudflare.dev for security.
#12156 abd2b71 Thanks @irvinebroque! - Fix compatibility date detection failing when creating new projects
Previously, getLocalWorkerdCompatibilityDate() would fail to find the locally installed miniflare and workerd packages, causing npm create cloudflare@latest to fall back to a hardcoded date (2025-09-27) instead of using the current workerd compatibility date.
The issue was that module.createRequire() was called with a directory path. Node.js treats this as a filename at that location and looks for node_modules in the parent directory rather than the intended directory. This is now fixed by appending package.json to the path, which ensures module resolution starts from the correct location.
Fixes #12155
#11969 9acb24b Thanks @emily-shen! - Validate environments for unexpected fields in Wrangler config
Previously, this check only applied to the top-level environment.
09a8829 Thanks @WillTaylorDev! - The asset-worker now uses a shorter 10-second TTL for cached assets, down from 60 seconds. This ensures that asset updates are reflected more quickly during development and deployment, reducing the window where stale assets might be served.#12189 eb8a415 Thanks @NuroDev! - Fixed Durable Object missing migrations warning message.
If a Workers project includes some durable_objects in it but no migrations we show a warning to the user to add migrations to their config. However, this warning recommended new_classes for their migrations, but we instead now recommend all users use new_sqlite_classes instead.
#11804 3b06b18 Thanks @emily-shen! - fix: allow d1 execute, d1 export, and d1 migrations to work locally without database_id in config.
#12183 17961bb Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260124.0 | 1.20260127.0 |
#12196 52fdfe7 Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260127.0 | 1.20260128.0 |
#12199 6d8d9cd Thanks @petebacondarwin! - Prevent wrangler logout from failing when the Wrangler configuration file is invalid
Previously, if your wrangler.toml or wrangler.json file contained syntax errors or invalid values, the wrangler logout command would fail. Now, configuration parsing errors are caught and logged at debug level, allowing you to log out regardless of the state of your configuration file.
#12153 cb72c11 Thanks @petebacondarwin! - Sanitize commands and arguments in telemetry to prevent accidentally capturing sensitive information.
Changes:
command/args to sanitizedCommand/sanitizedArgs to distinguish from historical fields that may have contained sensitive data in older versionsCOMMAND_ARG_ALLOW_LISTUpdated dependencies [8a210af, 17961bb, 52fdfe7, 5f060c9]:
#12008 e414f05 Thanks @penalosa! - Add support for customising the inspector IP address
Adds a new --inspector-ip CLI flag and dev.inspector_ip configuration option to allow customising the IP address that the inspector server listens on. Previously, the inspector was hardcoded to listen only on 127.0.0.1.
Example usage:
# CLI flag
wrangler dev --inspector-ip 0.0.0.0// wrangler.json
{
"dev": {
"inspector_ip": "0.0.0.0",
},
}
#12034 05714f8 Thanks @emily-shen! - Add a no-op local explorer worker, which is gated by the experimental flag X_LOCAL_EXPLORER.
#12134 a0a9ef6 Thanks @NuroDev! - Fixed Fish shell tab completions.
The wrangler tab completions are powered by @bomb.sh/tab which has been upgraded to version 0.0.12 which includes a fix for the Fish shell which was previously not working at all.
#12006 ad4666c Thanks @penalosa! - Remove --use-remote option from wrangler hyperdrive create command
Hyperdrive does not support remote bindings during local development - it requires a localConnectionString to connect to a local database. This change removes the confusing "remote resource" prompt that was shown when creating a Hyperdrive config.
Fixes #11674
#11853 014e7aa Thanks @43081j! - Use built-in stripVTControlCharacters utility rather than the strip-ansi package.
#12040 77e82d2 Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260120.0 | 1.20260122.0 |
#12061 f08ef21 Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260122.0 | 1.20260123.0 |
#12088 0641e6c Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260123.0 | 1.20260124.0 |
#12044 eacedba Thanks @edmundhung! - Fix wrangler secret list to error when the Worker is not found
Previously, running wrangler secret list against a non-existent Worker would silently return an empty array, making it difficult to diagnose issues like being logged into the wrong account. It now returns an error with suggestions for common causes.
#12150 e8b2ef5 Thanks @dario-piotrowicz! - Emit autoconfig summary as a separate output entry
Move the autoconfig summary from the deploy output entry to a dedicated autoconfig output entry type. This entry is now emitted by both wrangler deploy and wrangler setup commands when autoconfig runs, making it easier to track autoconfig results independently of deployments.
Updated dependencies [014e7aa, e414f05, 77e82d2, f08ef21, 0641e6c, 05714f8, bbd8a5e]:
#12114 efac63d Thanks @dependabot! - chore: update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-vue | 3.18.5 | 3.19.0 |
#12115 ade4ac2 Thanks @dependabot! - chore: update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-react-router | 7.12.0 | 7.13.0 |
#12116 dd3e1d7 Thanks @dependabot! - chore: update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| sv | 0.11.2 | 0.11.3 |
#12117 88e352b Thanks @dependabot! - chore: update dependencies of "create-cloudflare"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| create-vike | 0.0.564 | 0.0.566 |
#12062 5658448 Thanks @jamesopstad! - Skip modifying the root tsconfig.json in projects that use TypeScript project references.
#12046 99454f0 Thanks @jamesopstad! - Remove duplicate references to ./worker-configuration.d.ts in the React template's tsconfig.worker.json file.
#12008 e414f05 Thanks @penalosa! - Add support for customising the inspector IP address
Adds a new --inspector-ip CLI flag and dev.inspector_ip configuration option to allow customising the IP address that the inspector server listens on. Previously, the inspector was hardcoded to listen only on 127.0.0.1.
Example usage:
# CLI flag
wrangler dev --inspector-ip 0.0.0.0// wrangler.json
{
"dev": {
"inspector_ip": "0.0.0.0",
},
}
#12034 05714f8 Thanks @emily-shen! - Add a no-op local explorer worker, which is gated by the experimental flag X_LOCAL_EXPLORER.
#11853 014e7aa Thanks @43081j! - Use built-in stripVTControlCharacters utility rather than the strip-ansi package.
#12040 77e82d2 Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260120.0 | 1.20260122.0 |
#12061 f08ef21 Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260122.0 | 1.20260123.0 |
#12088 0641e6c Thanks @dependabot! - chore: update dependencies of "miniflare", "wrangler"
The following dependency versions have been updated:
| Dependency | From | To |
|---|---|---|
| workerd | 1.20260123.0 | 1.20260124.0 |
#11897 bbd8a5e Thanks @dario-piotrowicz! - Bundle the zod dependency to reduce supply chain attack surface
In order to prevent possible npm vulnerability attacks, the team's policy is to bundle dependencies in our packages where possible. This helps ensure that only trusted code runs on the user's system, even if compromised packages are later published to npm.
This change bundles zod (a pure JavaScript validation library with no native dependencies)
into miniflare and @cloudflare/vitest-pool-workers.
Other dependencies remain external for technical reasons:
sharp: Native binary with platform-specific buildsundici: Dynamically required at runtime in worker threadsws: Has optional native bindings for performanceworkerd: Native binary (Cloudflare's JavaScript runtime)@cspotcode/source-map-support: Uses require.cache manipulation at runtimeyouch: Dynamically required for lazy loading#12008 e414f05 Thanks @penalosa! - Add support for customising the inspector IP address
Adds a new --inspector-ip CLI flag and dev.inspector_ip configuration option to allow customising the IP address that the inspector server listens on. Previously, the inspector was hardcoded to listen only on 127.0.0.1.
Example usage:
# CLI flag
wrangler dev --inspector-ip 0.0.0.0// wrangler.json
{
"dev": {
"inspector_ip": "0.0.0.0",
},
}
#12034 05714f8 Thanks @emily-shen! - Add a no-op local explorer worker, which is gated by the experimental flag X_LOCAL_EXPLORER.
#12056 6d5f69f Thanks @edmundhung! - fix: allow Vite query parameters like ?raw on .sql file imports
Importing .sql files with Vite query parameters (e.g., import sql from "./query.sql?raw") would fail with "No such module" errors in vitest-pool-workers 0.12.x. Both import styles now work:
import sql from "./query.sql?raw" (Vite handles the ?raw transform)import sql from "./query.sql" (loaded as Text module)#11917 7b40ceb Thanks @ksawaneh! - Fix CommonJS require() of .json files in the module fallback service (avoids SyntaxError: Unexpected token ':').
#11897 bbd8a5e Thanks @dario-piotrowicz! - Bundle the zod dependency to reduce supply chain attack surface
In order to prevent possible npm vulnerability attacks, the team's policy is to bundle dependencies in our packages where possible. This helps ensure that only trusted code runs on the user's system, even if compromised packages are later published to npm.
This change bundles zod (a pure JavaScript validation library with no native dependencies)
into miniflare and @cloudflare/vitest-pool-workers.
Other dependencies remain external for technical reasons:
sharp: Native binary with platform-specific buildsundici: Dynamically required at runtime in worker threadsws: Has optional native bindings for performanceworkerd: Native binary (Cloudflare's JavaScript runtime)@cspotcode/source-map-support: Uses require.cache manipulation at runtimeyouch: Dynamically required for lazy loadingUpdated dependencies [a0a9ef6, ad4666c, 014e7aa, e414f05, 77e82d2, f08ef21, 0641e6c, eacedba, 05714f8, e8b2ef5, bbd8a5e]: