chore(deps): update dependency wrangler to v3.22.4

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
wrangler (source)	3.14.0 -> 3.22.4

---

Release Notes

cloudflare/workers-sdk (wrangler)

v3.22.4

Compare Source

Patch Changes

• #​4699 4b4c1416 Thanks @​mrbbot! - fix: prevent repeated reloads with circular service bindings

  [email protected] introduced a bug where starting multiple wrangler dev sessions with service bindings to each other resulted in a reload loop. This change ensures Wrangler only reloads when dependent wrangler dev sessions start/stop.

v3.22.3

Compare Source

Patch Changes

• #​4693 93e88c43 Thanks @​mrbbot! - fix: ensure wrangler dev exits with code 0 on clean exit

  Previously, wrangler dev would exit with a non-zero exit code when pressing CTRL+C or x. This change ensures wrangler exits with code 0 in these cases.

• #​4630 037de5ec Thanks @​petebacondarwin! - fix: ensure User Worker gets the correct Host header in wrangler dev local mode

  Some full-stack frameworks, such as Next.js, check that the Host header for a server
  side action request matches the host where the application is expected to run.

  In wrangler dev we have a Proxy Worker in between the browser and the actual User Worker.
  This Proxy Worker is forwarding on the request from the browser, but then the actual User
  Worker is running on a different host:port combination than that which the browser thinks
  it should be on. This was causing the framework to think the request is malicious and blocking
  it.

  Now we update the request's Host header to that passed from the Proxy Worker in a custom MF-Original-Url
  header, but only do this if the request also contains a shared secret between the Proxy Worker
  and User Worker, which is passed via the MF-Proxy-Shared-Secret header. This last feature is to
  prevent a malicious website from faking the Host header in a request directly to the User Worker.

  Fixes https://github.com/cloudflare/next-on-pages/issues/588

• #​4695 0f8a03c0 Thanks @​mrbbot! - fix: ensure API failures without additional messages logged correctly

• #​4693 93e88c43 Thanks @​mrbbot! - fix: ensure wrangler pages dev exits cleanly

  Previously, pressing CTRL+C or x when running wrangler pages dev wouldn't actually exit wrangler. You'd need to press CTRL+C a second time to exit the process. This change ensures wrangler exits the first time.

• #​4696 624084c4 Thanks @​mrbbot! - fix: include additional modules in largest dependencies warning

  If your Worker fails to deploy because it's too large, Wrangler will display of list of your Worker's largest dependencies. Previously, this just included JavaScript dependencies. This change ensures additional module dependencies (e.g. WebAssembly, text blobs, etc.) are included when computing this list.

• Updated dependencies [037de5ec]:

  • [email protected]

v3.22.2

Compare Source

Patch Changes

• #​4600 4233e514 Thanks @​mrbbot! - fix: apply source mapping to deployment validation errors

  Previously if a Worker failed validation during wrangler deploy, the displayed error would reference locations in built JavaScript files. This made it more difficult to debug validation errors. This change ensures these errors are now source mapped, referencing locations in source files instead.

• #​4440 15717333 Thanks @​mrbbot! - fix: automatically create required directories for wrangler r2 object get

  Previously, if you tried to use wrangler r2 object get with an object name containing a / or used the --file flag with a path containing a /, and the specified directory didn't exist, Wrangler would throw an ENOENT error. This change ensures Wrangler automatically creates required parent directories if they don't exist.

• #​4592 20da658e Thanks @​mrbbot! - fix: throw helpful error if email validation required

  Previously, Wrangler would display the raw API error message and code if email validation was required during wrangler deploy. This change ensures a helpful error message is displayed instead, prompting users to check their emails or visit the dashboard for a verification link.

• #​4597 e1d50407 Thanks @​mrbbot! - fix: suggest checking permissions on authentication error with API token set

• #​4593 c370026d Thanks @​mrbbot! - fix: include messages from API in errors

• #​4588 4e5ed0b2 Thanks @​mrbbot! - fix: require worker name for rollback

  Previously, Wrangler would fail with a cryptic error if you tried to run wrangler rollback outside of a directory containing a Wrangler configuration file with a name defined. This change validates that a worker name is defined, and allows you to set it from the command line using the --name flag.

• Updated dependencies [c410ea14]:

  • [email protected]

v3.22.1

Compare Source

Patch Changes

• #​4635 5bc2699d Thanks @​mrbbot! - fix: prevent zombie workerd processes

  Previously, running wrangler dev would leave behind "zombie" workerd processes. These processes prevented the same port being bound if wrangler dev was restarted and sometimes consumed lots of CPU time. This change ensures all workerd processes are killed when wrangler dev is shutdown.

  To clean-up existing zombie processes, run pkill -KILL workerd on macOS/Linux or taskkill /f /im workerd.exe on Windows.

v3.22.0

Compare Source

Minor Changes

• #​4632 a6a4e8a4 Thanks @​G4brym! - Deprecate constellation commands and add a warning when using the constellation binding

• #​4130 e8a2a1d9 Thanks @​vkrasnov! - Added support for R2 Sippy incremental migration

• #​4621 98dee932 Thanks @​rozenmd! - feat: add rows written/read in the last 24 hours to wrangler d1 info output

• #​4426 c628de59 Thanks @​OilyLime! - Improve queues list displaying as table, update queues API types

v3.21.0

Compare Source

Minor Changes

• #​4423 a94ef570 Thanks @​mrbbot! - feat: apply source mapping to logged strings

  Previously, Wrangler would only apply source mapping to uncaught exceptions. This meant if you caught an exception and logged its stack trace, the call sites would reference built JavaScript files as opposed to source files. This change looks for stack traces in logged messages, and tries to source map them.

  Note source mapping is only applied when outputting logs. Error#stack does not return a source mapped stack trace. This means the actual runtime value of new Error().stack and the output from console.log(new Error().stack) may be different.

Patch Changes

• #​4511 66394681 Thanks @​huw! - Add 'took recursive isolate lock' warning to workerd output exceptions

v3.20.0

Compare Source

Minor Changes

• #​4522 c10bf0fd Thanks @​G4brym! - Add support for Workers AI in local mode

• #​4571 3314dbde Thanks @​penalosa! - feat: When Wrangler crashes, send an error report to Sentry to aid in debugging.

  When Wrangler's top-level exception handler catches an error thrown from Wrangler's application, it will offer to report the error to Sentry. This requires opt-in from the user every time.

Patch Changes

• #​4577 4c85fe99 Thanks @​dario-piotrowicz! - During the R2 validation, show MAX_UPLOAD_SIZE errors using MiB (consistently with the Cloudflare docs)

• #​4577 4c85fe99 Thanks @​dario-piotrowicz! - During the Pages validation, show MAX_UPLOAD_SIZE errors using MiB (consistently with the Cloudflare docs)

• Updated dependencies [eb08e2dc]:

  • [email protected]

v3.19.0

Compare Source

Minor Changes

• #​4547 86c81ff0 Thanks @​mrbbot! - fix: listen on IPv4 loopback only by default on Windows

  Due to a known issue, workerd will only listen on the IPv4 loopback address 127.0.0.1 when it's asked to listen on localhost. On Node.js > 17, localhost will resolve to the IPv6 loopback address, meaning requests to workerd would fail. This change switches to using the IPv4 loopback address throughout Wrangler on Windows, while workerd#1408 gets fixed.

• #​4535 29df8e17 Thanks @​mrbbot! - Reintroduces some internal refactorings of wrangler dev servers (including wrangler dev, wrangler dev --remote, and unstable_dev()).

  These changes were released in 3.13.0 and reverted in 3.13.1 -- we believe the changes are now more stable and ready for release again.

  There are no changes required for developers to opt-in. Improvements include:

  • fewer 'address in use' errors upon reloads
  • upon config/source file changes, requests are buffered to guarantee the response is from the new version of the Worker

Patch Changes

• #​4521 6c5bc704 Thanks @​zebp! - fix: init from dash specifying explicit usage model in wrangler.toml for standard users

• #​4550 63708a94 Thanks @​mrbbot! - fix: validate Host and Orgin headers where appropriate

  Host and Origin headers are now checked when connecting to the inspector and Miniflare's magic proxy. If these don't match what's expected, the request will fail.

• Updated dependencies [71fb0b86, 63708a94]:

  • [email protected]

v3.18.0

Compare Source

Minor Changes

• #​4532 311ffbd5 Thanks @​mrbbot! - fix: change wrangler (pages) dev to listen on localhost by default

  Previously, Wrangler listened on all interfaces (*) by default. This change switches wrangler (pages) dev to just listen on local interfaces. Whilst this is technically a breaking change, we've decided the security benefits outweigh the potential disruption caused. If you need to access your dev server from another device on your network, you can use wrangler (pages) dev --ip * to restore the previous behaviour.

Patch Changes

• Updated dependencies [1b348782]:
  • [email protected]

v3.17.1

Compare Source

Patch Changes

• #​4474 382ef8f5 Thanks @​mrbbot! - fix: open browser to correct url pressing b in --remote mode

  This change ensures Wrangler doesn't try to open http://* when * is used as the dev server's hostname. Instead, Wrangler will now open http://127.0.0.1.

• #​4488 3bd57238 Thanks @​RamIdeas! - Changes the default directory for log files to workaround frameworks that are watching the entire .wrangler directory in the project root for changes

  Also includes a fix for commands with --json where the log file location message would cause stdout to not be valid JSON. That message now goes to stderr.

v3.17.0

Compare Source

Minor Changes

• #​4341 d9908743 Thanks @​RamIdeas! - Wrangler now writes all logs to a .log file in the .wrangler directory. Set a directory or specific .log filepath to write logs to with WRANGLER_LOG_PATH=../Desktop/my-logs/ or WRANGLER_LOG_PATH=../Desktop/my-logs/my-log-file.log. When specifying a directory or using the default location, a filename with a timestamp is used.

  Wrangler now filters workerd stdout/stderr and marks unactionable messages as debug logs. These debug logs are still observable in the debug log file but will no longer show in the terminal by default without the user setting the env var WRANGLER_LOG=debug.

Patch Changes

• #​4469 d5e1966b Thanks @​mrbbot! - fix: report correct line and column numbers when source mapping errors with wrangler dev --remote

• #​4455 1747d215 Thanks @​rozenmd! - fix: make it possible to ignore hyperdrive warnings

• #​4456 805d5241 Thanks @​dario-piotrowicz! - add warnings about ai and verctorize bindings not being supported locally

• #​4478 7b54350b Thanks @​penalosa! - Don't log sensitive data to the Wrangler debug log file by default. This includes API request headers and responses.

• Updated dependencies [be2b9cf5, d9908743]:

  • [email protected]

v3.16.0

Compare Source

Minor Changes

• #​4347 102e15f9 Thanks @​Skye-31! - Feat(unstable_dev): Provide an option for unstable_dev to perform the check that prompts users to update wrangler, defaulting to false. This will prevent unstable_dev from sending a request to NPM on startup to determine whether it needs to be updated.

• #​4179 dd270d00 Thanks @​matthewdavidrodgers! - Simplify secret:bulk api via script settings

  Firing PUTs to the secret api in parallel has never been a great solution - each request independently needs to lock the script, so running in parallel is at best just as bad as running serially.

  Luckily, we have the script settings PATCH api now, which can update the settings for a script (including secret bindings) at once, which means we don't need any parallelization. However this api doesn't work with a partial list of bindings, so we have to fetch the current bindings and merge in with the new secrets before PATCHing. We can however just omit the value of the binding (i.e. only provide the name and type) which instructs the config service to inherit the existing value, which simplifies this as well. Note that we don't use the bindings in your current wrangler.toml, as you could be in a draft state, and it makes sense as a user that a bulk secrets update won't update anything else. Instead, we use script settings api again to fetch the current state of your bindings.

  This simplified implementation means the operation can only fail or succeed, rather than succeeding in updating some secrets but failing for others. In order to not introduce breaking changes for logging output, the language around "${x} secrets were updated" or "${x} secrets failed" is kept, even if it doesn't make much sense anymore.

Patch Changes

• #​4402 baa76e77 Thanks @​rozenmd! - This PR adds a fetch handler that uses page, assuming result_info provided by the endpoint contains page, per_page, and total

  This is needed as the existing fetchListResult handler for fetching potentially paginated results doesn't work for endpoints that don't implement cursor.

  Fixes #​4349

• #​4337 6c8f41f8 Thanks @​Skye-31! - Improve the error message when a script isn't exported a Durable Object class

  Previously, wrangler would error with a message like Uncaught TypeError: Class extends value undefined is not a constructor or null. This improves that messaging to be more understandable to users.

• #​4307 7fbe1937 Thanks @​jspspike! - Change local dev server default ip to * instead of 0.0.0.0. This will cause the dev server to listen on both ipv4 and ipv6 interfaces

• #​4222 f867e01c Thanks @​tmthecoder! - Support for hyperdrive bindings in local wrangler dev

• #​4149 7e05f38e Thanks @​jspspike! - Fixed issue with tail not using proxy

• #​4219 0453b447 Thanks @​maxwellpeterson! - Allows uploads with both cron triggers and smart placement enabled

• #​4437 05b1bbd2 Thanks @​jspspike! - Change dev registry and inspector server to listen on 127.0.0.1 instead of all interfaces

• Updated dependencies [4f8b3420, 16cc2e92, 3637d97a, 29a59d4e, 7fbe1937, 76787861, 8a25b7fb]:

  • [email protected]

v3.15.0

Compare Source

Minor Changes

• #​4201 0cac2c46 Thanks @​penalosa! - Callout --minify when script size is too large

• #​4209 24d1c5cf Thanks @​mrbbot! - fix: suppress compatibility date fallback warnings if no wrangler update is available

  If a compatibility date greater than the installed version of workerd was
  configured, a warning would be logged. This warning was only actionable if a new
  version of wrangler was available. The intent here was to warn if a user set
  a new compatibility date, but forgot to update wrangler meaning changes
  enabled by the new date wouldn't take effect. This change hides the warning if
  no update is available.

  It also changes the default compatibility date for wrangler dev sessions
  without a configured compatibility date to the installed version of workerd.
  This previously defaulted to the current date, which may have been unsupported
  by the installed runtime.

• #​4135 53218261 Thanks @​Cherry! - feat: resolve npm exports for file imports

  Previously, when using wasm (or other static files) from an npm package, you would have to import the file like so:

  import wasm from "../../node_modules/svg2png-wasm/svg2png_wasm_bg.wasm";

  This update now allows you to import the file like so, assuming it's exposed and available in the package's exports field:

  import wasm from "svg2png-wasm/svg2png_wasm_bg.wasm";

  This will look at the package's exports field in package.json and resolve the file using resolve.exports.

• #​4232 69b43030 Thanks @​romeupalos! - fix: use zone_name to determine a zone when the pattern is a custom hostname

  In Cloudflare for SaaS, custom hostnames of third party domain owners can be used in Cloudflare.
  Workers are allowed to intercept these requests based on the routes configuration.
  Before this change, the same logic used by wrangler dev was used in wrangler deploy, which caused wrangler to fail with:

  ✘ [ERROR] Could not find zone for [partner-saas-domain.com]

• #​4198 b404ab70 Thanks @​penalosa! - When uploading additional modules with your worker, Wrangler will now report the (uncompressed) size of each individual module, as well as the aggregate size of your Worker

Patch Changes

• #​4215 950bc401 Thanks @​RamIdeas! - fix various logging of shell commands to correctly quote args when needed

• #​4274 be0c6283 Thanks @​jspspike! - chore: bump miniflare to 3.20231025.0

  This change enables Node-like console.log()ing in local mode. Objects with
  lots of properties, and instances of internal classes like Request, Headers,
  ReadableStream, etc will now be logged with much more detail.

• #​4127 3d55f965 Thanks @​mrbbot! - fix: store temporary files in .wrangler

  As Wrangler builds your code, it writes intermediate files to a temporary
  directory that gets cleaned up on exit. Previously, Wrangler used the OS's
  default temporary directory. On Windows, this is usually on the C: drive.
  If your source code was on a different drive, our bundling tool would generate
  invalid source maps, breaking breakpoint debugging. This change ensures
  intermediate files are always written to the same drive as sources. It also
  ensures unused build outputs are cleaned up when running wrangler pages dev.

  This change also means you no longer need to set cwd and
  resolveSourceMapLocations in .vscode/launch.json when creating an attach
  configuration for breakpoint debugging. Your .vscode/launch.json should now
  look something like...

  {
  	"configurations": [
  		{
  			"name": "Wrangler",
  			"type": "node",
  			"request": "attach",
  			"port": 9229,
  			// These can be omitted, but doing so causes silent errors in the runtime
  			"attachExistingChildren": false,
  			"autoAttachChildProcesses": false
  		}
  	]
  }

• #​4189 05798038 Thanks @​gabivlj! - Move helper cli files of C3 into @​cloudflare/cli and make Wrangler and C3 depend on it

• #​4235 46cd2df5 Thanks @​mrbbot! - fix: ensure console.log()s during startup are displayed

  Previously, console.log() calls before the Workers runtime was ready to
  receive requests wouldn't be shown. This meant any logs in the global scope
  likely weren't visible. This change ensures startup logs are shown. In particular,
  this should fix Remix's HMR,
  which relies on startup logs to know when the Worker is ready.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
the-guild-components-storybook	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jan 9, 2024 6:06pm

[changeset-bot]

⚠️ No Changeset found

Latest commit: d0ab31c

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR