releases.shpreview

Actionable threat intelligence and deeper platform control

June 1–7, 2026

Cloudflare turned threat indicators into instant WAF rules, Workflows gained saga-style rollbacks, and Workers traffic can now be filtered through Gateway policies. Vercel shipped experimental realtime voice support in the AI SDK and persistent drives for sandboxes.

Threat intelligence you can act on immediately

The week’s most significant development was Cloudflare’s Security Center upgrades. You can now create WAF rules directly from Threat Events saved views, turning Cloudforce One indicators into active defense without manual extraction. Security teams can also pivot from a blocked event to a full Threat Actor Profile, revealing the “who, why, and how” behind an attack. This closes the gap between detection and response — intelligence that isn’t immediately actionable is just noise.

A platform for building more resilient applications

Cloudflare Workflows now supports saga-style rollbacks, letting you add compensating logic to each step.do() that executes in reverse order on failure — critical for multi-step operations touching inventory, payments, or external APIs. Separately, the Workers VPC binding now routes public Internet egress through Cloudflare Gateway, so Zero Trust policies that apply to WARP users also govern your Workers’ traffic. The AI Gateway’s new spend limits track cumulative dollar cost per model or user, blocking requests when budgets are exceeded — a practical alternative to rate limiting for cost control.

Wrangler 4.98.0 introduced a migrations_pattern field for D1 bindings, supporting ORM-generated migration folders, while the deploy command now accepts a generic path argument that auto-detects whether the target is a Worker file or static assets. The Vite Plugin gained experimental cloudflare.config.ts support, and the SMTP submission beta adds a third way to send transactional email from Workers. R2 SQL now supports UNION, INTERSECT, EXCEPT, and SELECT DISTINCT for analytical queries on Iceberg tables.

Realtime voice, persistent sandboxes, and OIDC

The AI SDK’s experimental Realtime API support adds a useRealtime hook for speech-to-speech conversations, with provider implementations for OpenAI, Google, and xAI including server-side ephemeral token creation. Vercel’s Sandbox Drives (private beta) provide persistent, attachable storage independent of any sandbox lifecycle — useful for keeping agent workspaces across disposable environments. The skills.sh API is now available, querying 600,000+ open-source skills via short-lived OIDC tokens. Render added OIDC authentication with AWS in beta, and Turborepo’s latest canary ignores peer dependencies in the package graph, reducing false positives in dependency resolution.

On the smaller side, Railway shipped five CLI versions — durable streaming exec over WebSocket, agentic auth flows, and an interactive sandbox directory picker — and Next.js continued its canary cycle with Turbopack memory management improvements and App Shell staging.

Releases covered