Skip to content

chore(deps): update all non-major dependencies #727

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pi0 merged 1 commit into from
Jan 15, 2026
Merged

chore(deps): update all non-major dependencies #727

pi0 merged 1 commit into from
Jan 15, 2026
+328 −347

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jan 8, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@cloudflare/workers-types ^4.20260103.0^4.20260115.0 age confidence
@electric-sql/pglite (source) ^0.3.14^0.3.15 age confidence
@types/node (source) ^25.0.3^25.0.8 age confidence
@upstash/redis ^1.36.0^1.36.1 age confidence
@vercel/functions (source) ^3.3.5^3.3.6 age confidence
@vitest/coverage-v8 (source) ^4.0.16^4.0.17 age confidence
h3 (source) ^2.0.1-rc.7^2.0.1-rc.8 age confidence
ioredis ^5.9.0^5.9.1 age confidence
pnpm (source) 10.27.010.28.0 age confidence
prettier (source) ^3.7.4^3.8.0 age confidence
vitest (source) ^4.0.16^4.0.17 age confidence
wrangler (source) ^4.54.0^4.59.2 age confidence

Release Notes

cloudflare/workerd (@​cloudflare/workers-types)

v4.20260115.0

Compare Source

v4.20260114.0

Compare Source

v4.20260113.0

Compare Source

v4.20260111.0

Compare Source

v4.20260109.0

Compare Source

v4.20260108.0

Compare Source

v4.20260107.1

Compare Source

electric-sql/pglite (@​electric-sql/pglite)

v0.3.15

Patch Changes
  • 45bff97: added pgcrypto extension
  • 5ec474f: Added pg_hashids extension.
upstash/upstash-redis (@​upstash/redis)

v1.36.1

Compare Source

What's Changed

Full Changelog: upstash/redis-js@v1.36.0...v1.36.1

vercel/vercel (@​vercel/functions)

v3.3.6

Compare Source

Patch Changes
  • Fix TimeoutNegativeWarning in Node.js v24 when process runs longer than 15 minutes by ensuring minimum wait time of 100ms (#​14491)
vitest-dev/vitest (@​vitest/coverage-v8)

v4.0.17

Compare Source

   🚀 Features
   🐞 Bug Fixes
    View changes on GitHub
h3js/h3 (h3)

v2.0.1-rc.8

Compare Source

compare changes

🩹 Fixes
  • fromNodeHandler: Pipe responses once (#​1273)
💅 Refactors
  • Avoid unnecessary Error.captureStackTrace (652e883)
🏡 Chore
❤️ Contributors
luin/ioredis (ioredis)

v5.9.1

Compare Source

Bug Fixes
pnpm/pnpm (pnpm)

v10.28.0

Compare Source

prettier/prettier (prettier)

v3.8.0

Compare Source

diff

🔗 Release note

cloudflare/workers-sdk (wrangler)

v4.59.2

Patch Changes

  • #​11908 e78186d Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260111.0 1.20260114.0

  • #​11880 fe4faa3 Thanks @​penalosa! - Show helpful messages for errors outside of Wrangler's control. This prevents unnecessary Sentry reports.

    Errors now handled with user-friendly messages:

    • Connection timeouts to Cloudflare's API (UND_ERR_CONNECT_TIMEOUT) - typically due to slow networks or connectivity issues
    • File system permission errors (EPERM, EACCES) - caused by insufficient permissions, locked files, or antivirus software
    • DNS resolution failures (ENOTFOUND) - caused by network connectivity issues or DNS configuration problems

  • #​11882 695b043 Thanks @​GregBrimble! - Improve the error message for wrangler secret put when using Worker versions or gradual deployments. wrangler versions secret put should be used instead, or ensure to deploy the latest version before using wrangler secret put. wrangler secret put alone will add the new secret to the latest version (possibly undeployed) and immediately deploy that which is usually not intended.

  • Updated dependencies [e78186d, fec8f5b, d39777f, 4714ca1, c17e971]:

v4.59.1

Compare Source

Patch Changes

  • #​11889 99b1f32 Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

    Pass user provided values from --commit-hash safely to underlying git command.

v4.59.0

Compare Source

Minor Changes

  • #​11852 ad65efa Thanks @​NuroDev! - Add --check flag to wrangler types command

    The new --check flag allows you to verify that your generated types file is up-to-date without regenerating it. This is useful for CI/CD pipelines, pre-commit hooks, or any scenario where you want to ensure types have been committed after configuration changes.

    When types are up-to-date, the command exits with code 0:

    $ wrangler types --check
✨ Types at worker-configuration.d.ts are up to date.

    When types are out-of-date, the command exits with code 1:

    $ wrangler types --check
✘ [ERROR] Types at worker-configuration.d.ts are out of date. Run `wrangler types` to regenerate.

    You can also use it with a custom output path:

    $ wrangler types ./custom-types.d.ts --check

  • #​11529 43d5363 Thanks @​matthewdavidrodgers! - Add ability to enable higher asset count limits for Pages deployments

    Wrangler can now read asset count limits from JWT claims during Pages deployments,
    allowing users to be enabled for higher limits (up to 100,000 assets) on a per-account
    basis. The default limit remains at 20,000 assets.

  • #​11755 0f8d69d Thanks @​nikitassharma! - Users can now specify constraints.tiers for their container applications. tier is deprecated in favor of tiers.
    If left unset, we will default to tiers: [1, 2].
    Note that constraints is an experimental feature.

Patch Changes

  • #​11820 b0e54b2 Thanks @​MattieTK! - Add AI agent detection to analytics events

    Wrangler now detects when commands are executed by AI coding agents (such as Claude Code, Cursor, GitHub Copilot, etc.) using the am-i-vibing library. This information is included as an agent property in all analytics events, helping Cloudflare understand how developers interact with Wrangler through AI assistants.

    The agent property will contain the agent ID (e.g., "claude-code", "cursor-agent") when detected, or null when running outside an agentic environment.

  • #​11494 ed60c4f Thanks @​jalmonter! - Fix scheduled trigger warning showing undefined port

    When running wrangler dev with a worker that has cron triggers, the warning message displayed an invalid URL like curl "http://localhost:undefined/cdn-cgi/handler/scheduled" because the port wasn't yet determined when the warning was logged.

    Moved the warning to after the proxy server is fully ready, where the actual public URL and port are known.

  • #​11831 faa5753 Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260107.1 1.20260108.0

  • #​11844 e574ef3 Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260108.0 1.20260109.0

  • #​11872 b6148ed Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260109.0 1.20260111.0

  • #​11843 ab3859c Thanks @​dario-piotrowicz! - Update the Wrangler autoconfig logic to work with the latest version of Waku

    The latest version of Waku (0.12.5-1.0.0-alpha.1-0) requires a src/waku.server.tsx file instead of a src/server-entry.tsx one, so the Wrangler autoconfig logic (the logic being run as part of wrangler setup and wrangler deploy --x-autoconfig that configures a project to be deployable on Cloudflare) has been updated accordingly.

    Also the way the worker needs to handle static assets has been updated as recommended from the Waku team.

  • #​11848 0eb973d Thanks @​petebacondarwin! - Fix incorrect warning about multiple environments when using redirected config

    Previously, when using a redirected config (via configPath in another config file) that originated from a config with multiple environments, wrangler would incorrectly warn about missing environment specification. This fix ensures the warning is only shown when the actual config being used has multiple environments defined, not when the original config did.

  • Updated dependencies [ed60c4f, 5c59217, faa5753, e574ef3, b6148ed, beb96af, 5c59217, fc96e5f]:

v4.58.0

Compare Source

Minor Changes

  • #​11728 7d63fa5 Thanks @​NuroDev! - Add command categories to wrangler help menu

    The help output now groups commands by product category (Account, Compute & AI, Storage & Databases, Networking & Security) to match the Cloudflare dashboard organization:

    $ wrangler --help

COMMANDS
  wrangler docs [search..]  📚 Open Wrangler's command documentation in your browser

ACCOUNT
  wrangler auth    🔓 Manage authentication
  wrangler login   🔑 Login to Cloudflare
  ...

COMPUTE & AI
  wrangler ai          🤖 Manage AI models
  wrangler containers  📦 Manage Containers [open beta]
  ...

    This improves discoverability by organizing the 20+ wrangler commands into logical groups.

Patch Changes

  • #​11822 97e67b9 Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260103.0 1.20260107.1

  • Updated dependencies [97e67b9]:

    • miniflare@​4.20260107.0

v4.57.0

Compare Source

Minor Changes

  • #​11682 b993d95 Thanks @​ascorbic! - Add wrangler auth token command to retrieve your current authentication credentials.

    You can now retrieve your authentication token for use with other tools and scripts:

    wrangler auth token

    The command returns whichever authentication method is currently configured:

    • OAuth token from wrangler login (automatically refreshed if expired)
    • API token from CLOUDFLARE_API_TOKEN environment variable

    Use --json to get structured output including the token type, which also supports API key/email authentication:

    wrangler auth token --json

    This is similar to gh auth token in the GitHub CLI.

  • #​11702 f612b46 Thanks @​gpanders! - Add support for trusted_user_ca_keys in Wrangler

    You can now configure SSH trusted user CA keys for containers. Add the following to your wrangler.toml:

    [[containers.trusted_user_ca_keys]]
public_key = "ssh-ed25519 AAAAC3..."

    This allows you to specify CA public keys that can be used to verify SSH user certificates.

  • #​11437 9e360f6 Thanks @​ichernetsky-cf! - Drop deprecated containers observability.logging field

  • #​11616 fc95831 Thanks @​NuroDev! - Add type generation support to wrangler dev

    You can now have your worker configuration types be automatically generated when the local Wrangler development server starts.

    To use it you can either:

    1. Add the --types flag when running wrangler dev.
    2. Update your Wrangler configuration file to add the new dev.generate_types boolean property.
    {
	"$schema": "node_modules/wrangler/config-schema.json",
	"name": "example",
	"main": "src/index.ts",
	"compatibility_date": "2025-12-12",
	"dev": {
		"generate_types": true
	}
}

  • #​11524 b0dbf1a Thanks @​penalosa! - Add hidden CLI flags to wrangler setup for suppressing output

    Two new hidden flags have been added to wrangler setup:

    • --no-completion-message: Suppresses the deployment details message after setup completes
    • --no-install-wrangler: Skips Wrangler installation during project setup

  • #​11777 69979a3 Thanks @​MattieTK! - Add analytics properties to secret commands for better usage insights

    Secret commands (wrangler secret put, wrangler secret bulk, and their Pages/versions equivalents) now include additional analytics properties to help understand how secrets are being managed:

    • secretOperation: Whether this is a "single" or "bulk" secret operation
    • secretSource: How the secret was provided ("interactive", "stdin", or "file")
    • secretFormat: For bulk operations, the format used ("json" or "dotenv")
    • hasEnvironment: Whether an environment was specified

    These properties help improve the developer experience by understanding common usage patterns. No sensitive information (secret names, values, or counts) is tracked.

  • #​11738 c54f8da Thanks @​jamesopstad! - Add default Text module rule for .sql files.

    This enables importing .sql files directly in Wrangler and the Cloudflare Vite plugin without extra configuration.

  • #​11692 df1f9c9 Thanks @​dario-piotrowicz! - Support Waku in autoconfig

  • #​11549 d059f69 Thanks @​dario-piotrowicz! - Support Vike in autoconfig

Patch Changes

  • #​11683 02fbd22 Thanks @​ascorbic! - Display a warning when authentication errors occur and the account_id in your Wrangler configuration does not match any of your authenticated accounts. This helps identify configuration issues where you may have the wrong account ID set in your wrangler.toml or wrangler.jsonc file.

  • #​11704 77078ef Thanks @​dario-piotrowicz! - Fix autoconfig handling of Next.js apps with CJS config files and incompatible Next.js versions

    Previously, wrangler setup and wrangler deploy --x-autoconfig would fail when working with Next.js applications that use CommonJS config files (next.config.cjs) or have versions of Next.js that don't match the required peer dependencies. The autoconfig process now uses dynamic imports and forced installation to handle these scenarios gracefully.

  • #​11796 2510723 Thanks @​dario-piotrowicz! - wrangler deploy delegates to opennextjs-cloudflare deploy only when the --x-autoconfig flag is used

    The wrangler deploy command has been updated to delegate to the opennextjs-cloudflare deploy command when run in an open-next project. Once this behavior had been introduced it caused a few issues. So it's been decided to enable it for the time being only when the --x-autoconfig flag is set (since this behavior, although generally valid, is only strictly necessary for the wrangler deploy's autoconfig flow).

  • #​11764 9f6dd71 Thanks @​terakoya76! - Fix R2 Data Catalog snapshot-expiration API field names

    The wrangler r2 bucket catalog snapshot-expiration enable command was sending incorrect field names
    to the Cloudflare API, resulting in a 422 Unprocessable Entity error. This fix updates the API request
    body to use the correct field names:

    • olderThanDays -> max_snapshot_age (as duration string, e.g., "30d")
    • retainLast -> min_snapshots_to_keep

    The CLI options (--older-than-days and --retain-last) remain unchanged.

  • #​11651 d123ad0 Thanks @​dario-piotrowicz! - Surface a more helpful error message for TOML Date, Date-Time, and Time values in vars

    TOML parses unquoted date/time values like DATE = 2024-01-01 as objects. Previously this would cause an unhelpful error message further down the stack. Now wrangler surfaces a more helpful error message earlier, telling you to quote the value as a string, e.g. DATE = "2024-01-01".

  • #​11711 5121b23 Thanks @​southpolesteve! - Show an error when D1 migration commands are run without a configuration file

    Previously, running wrangler d1 migrations apply, wrangler d1 migrations list, or wrangler d1 migrations create in a directory without a Wrangler configuration file would silently exit with no feedback. Now these commands display a clear error message:

    "No configuration file found. Create a wrangler.jsonc file to define your D1 database."

  • #​11710 82e7e90 Thanks @​dario-piotrowicz! - Fix arguments passed to wrangler deploy not being forwarded to opennextjs-cloudflare deploy

    wrangler deploy run in an open-next project delegates to opennextjs-cloudflare deploy, as part of this all the arguments passed to wrangler deploy need be forwarded to opennextjs-cloudflare deploy, before the arguments would be lost, now they will be successfully forwarded (for example wrangler deploy --keep-vars will call opennextjs-cloudflare deploy --keep-vars)

  • #​10750 4688f59 Thanks @​jacoblearned! - Notify user on local dev server reload.

    When running wrangler dev, the local server suppresses Miniflare's reload messages to prevent duplicate log entries from the proxy and user workers. This update adds a reload complete message so users know their changes were applied, instead of only seeing "Reloading local server...".

  • #​11673 b827893 Thanks @​MattieTK! - Breaks out version numbers into sortable number types for analytics logging

  • Updated dependencies [65d1850, 1615fce, b2769bf, 554a4df, 8eede3f, 6a05b1c, 62fd118, a7e9f80, eac5cf7]:

v4.56.0

Compare Source

Minor Changes

  • #​11196 171cfd9 Thanks @​emily-shen! - For containers being created in a FedRAMP high environment, registry credentials are encrypted by the container platform.
    Update wrangler to correctly send a request to configure a registry for FedRAMP containers.

  • #​11646 472cf72 Thanks @​vovacf201! - feat: add R2 Data Catalog snapshot expiration commands

    Adds new commands to manage automatic snapshot expiration for R2 Data Catalog tables:

    • wrangler r2 bucket catalog snapshot-expiration enable - Enable automatic snapshot expiration
    • wrangler r2 bucket catalog snapshot-expiration disable - Disable automatic snapshot expiration

    Snapshot expiration helps manage storage costs by automatically removing old table snapshots while keeping a minimum number of recent snapshots for recovery purposes.

    Example usage:

    # Enable snapshot expiration for entire catalog (keep 10 snapshots, expire after 5 days)
wrangler r2 bucket catalog snapshot-expiration enable my-bucket --token $R2_CATALOG_TOKEN --max-age 7200 --min-count 10

# Enable for specific table
wrangler r2 bucket catalog snapshot-expiration enable my-bucket my-namespace my-table --token $R2_CATALOG_TOKEN --max-age 2880 --min-count 5

# Disable snapshot expiration
wrangler r2 bucket catalog snapshot-expiration disable my-bucket
Patch Changes

  • #​11649 428ae9e Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

    When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

  • #​11647 c0e249e Thanks @​dario-piotrowicz! - The auto-configuration logic present in wrangler setup and wrangler deploy --x-autoconfig cannot reliably handle Hono projects, so in these cases make sure to properly error saying that automatically configuring such projects is not supported.

  • #​11694 3853200 Thanks @​dario-piotrowicz! - fix: improve the open-next detection that wrangler deploy performs to eliminate false positives for non open-next projects

  • Updated dependencies [ae1ad22, 737c0f4]:

    • miniflare@​4.20251217.0

v4.55.0

Compare Source

Minor Changes
Patch Changes

  • #​11615 ed42010 Thanks @​elithrar! - Add helpful warning when SSL certificate errors occur due to corporate proxies or VPNs intercepting HTTPS traffic. When errors like "self-signed certificate in certificate chain" are detected, wrangler now displays guidance about installing missing system roots from your corporate proxy vendor.

  • #​11641 6b28de1 Thanks @​petebacondarwin! - update command status text and formatting

  • #​11578 4201472 Thanks @​gpanders! - Fixup UX papercuts in containers SSH

  • #​11550 95d81e1 Thanks @​hiendv! - Fix "TypeError: Body is unusable: Body has already been read" when failing to exchange oauth code because of double response.text().

  • Updated dependencies [5d085fb, b75b710, 1e9be12]:

    • miniflare@​4.20251213.0

Configuration

📅 Schedule: Branch creation - "after 2am and before 3am" (UTC), Automerge - "after 1am and before 2am" (UTC).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from pi0 as a code owner January 8, 2026 02:53
@codecov
Copy link

codecov bot commented Jan 8, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.77%. Comparing base (aede4e0) to head (6106326).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #727   +/-   ##
=======================================
  Coverage   91.77%   91.77%           
=======================================
  Files           5        5           
  Lines         401      401           
  Branches      127      126    -1     
=======================================
  Hits          368      368           
  Misses         33       33

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 13 times, most recently from 3b93bb0 to 54cb12c Compare January 15, 2026 03:49
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 54cb12c to 9a18ed6 Compare January 15, 2026 11:40
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 9a18ed6 to 6106326 Compare January 15, 2026 12:10
@pi0 pi0 merged commit 57a5e39 into main Jan 15, 2026
7 checks passed
@renovate renovate bot deleted the renovate/all-minor-patch branch January 15, 2026 12:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pi0 pi0 Awaiting requested review from pi0 pi0 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pi0