Version Packages

[workers-devprod]

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

wrangler@4.75.0

Minor Changes

• #12492 3b81fc6 Thanks @thomasgauvin! - feat: add wrangler tunnel commands for managing Cloudflare Tunnels

  Adds a new set of commands for managing remotely-managed Cloudflare Tunnels directly from Wrangler:

  • wrangler tunnel create <name> - Create a new Cloudflare Tunnel
  • wrangler tunnel list - List all tunnels in your account
  • wrangler tunnel info <tunnel> - Display details about a specific tunnel
  • wrangler tunnel delete <tunnel> - Delete a tunnel (with confirmation)
  • wrangler tunnel run <tunnel> - Run a tunnel using cloudflared
  • wrangler tunnel quick-start <url> - Start a temporary tunnel (Try Cloudflare)

  The run and quick-start commands automatically download and manage the cloudflared binary, caching it in ~/.wrangler/cloudflared/. Users are prompted before downloading and warned if their PATH-installed cloudflared is outdated. You can override the binary location with the CLOUDFLARED_PATH environment variable.

  All commands are marked as experimental.

Patch Changes

• #12927 c9b3184 Thanks @penalosa! - Bump undici from 7.18.2 to 7.24.4

• #12875 13df6c7 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260312.1	1.20260316.1

• #12935 df0d112 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260316.1	1.20260317.1

• #12928 81ee98e Thanks @petebacondarwin! - Migrate chrome-devtools-patches deployment from Cloudflare Pages to Workers + Assets

  The DevTools frontend is now deployed as a Cloudflare Workers + Assets project instead of a Cloudflare Pages project. This uses wrangler deploy for production deployments and wrangler versions upload for PR preview deployments.

  The inspector proxy origin allowlists in both wrangler and miniflare have been updated to accept connections from the new workers.dev domain patterns, while retaining the legacy pages.dev patterns for backward compatibility.

• #12835 c600ce0 Thanks @dario-piotrowicz! - Fix execution freezing on debugger statements when DevTools is not attached

  Previously, wrangler always sent Debugger.enable to the runtime on connection, even when DevTools wasn't open. This caused scripts to freeze on debugger statements. Now Debugger.enable is only sent when DevTools is actually attached, and Debugger.disable is sent when DevTools disconnects to stop the runtime from performing debugging work.

• #12894 f509d13 Thanks @gpanders! - Simplify description of --json option

  Remove extraneous adjectives in the description of the --json option.

• #11888 0a7fef9 Thanks @staticpayload! - Reject cross-drive module paths in Pages Functions routing

  On Windows, module paths using a different drive letter could be parsed in a way that bypassed the project-root check. These paths are now parsed correctly and rejected when they resolve outside the project.

• Updated dependencies [c9b3184, 13df6c7, df0d112, 81ee98e]:

  • miniflare@4.20260317.0

create-cloudflare@2.64.9

Patch Changes

• #11639 e9f5f30 Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-next-app	15.5.6	16.1.6

• #12905 e7ef325 Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  nuxi	3.33.1	3.34.0

• #12907 92402f6 Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-astro	4.13.2	5.0.0

• #12908 eadb0fd Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  @angular/create	21.2.1	21.2.2

• #12909 75fa04b Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-qwik	1.19.1	1.19.2

miniflare@4.20260317.0

Patch Changes

• #12927 c9b3184 Thanks @penalosa! - Bump undici from 7.18.2 to 7.24.4

• #12875 13df6c7 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260312.1	1.20260316.1

• #12935 df0d112 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260316.1	1.20260317.1

• #12928 81ee98e Thanks @petebacondarwin! - Migrate chrome-devtools-patches deployment from Cloudflare Pages to Workers + Assets

  The DevTools frontend is now deployed as a Cloudflare Workers + Assets project instead of a Cloudflare Pages project. This uses wrangler deploy for production deployments and wrangler versions upload for PR preview deployments.

  The inspector proxy origin allowlists in both wrangler and miniflare have been updated to accept connections from the new workers.dev domain patterns, while retaining the legacy pages.dev patterns for backward compatibility.

@cloudflare/pages-shared@0.13.116

Patch Changes

• Updated dependencies [c9b3184, 13df6c7, df0d112, 81ee98e]:
  • miniflare@4.20260317.0

@cloudflare/vite-plugin@1.29.1

Patch Changes

• #12936 cff91ff Thanks @jamesopstad! - Select the appropriate vite/module-runner implementation during dev based on the user's Vite version

  The plugin now builds against Vite 8 and ships two bundled copies of vite/module-runner: one from Vite 8 and one from Vite 7.1.12 (the last version before a breaking change to the module runner in Vite 7.2.0). At dev server startup, the correct implementation is selected based on the user's installed Vite version. This is Vite 8's module runner for users on Vite >= 7.2.0, and the legacy module runner for users on older versions.

• Updated dependencies [c9b3184, 13df6c7, df0d112, 81ee98e, c600ce0, f509d13, 3b81fc6, 0a7fef9]:

  • wrangler@4.75.0
  • miniflare@4.20260317.0

@cloudflare/vitest-pool-workers@0.13.2

Patch Changes

• Updated dependencies [c9b3184, 13df6c7, df0d112, 81ee98e, c600ce0, f509d13, 3b81fc6, 0a7fef9]:
  • wrangler@4.75.0
  • miniflare@4.20260317.0

@cloudflare/chrome-devtools-patches@0.1.5

Patch Changes

• #12928 81ee98e Thanks @petebacondarwin! - Migrate chrome-devtools-patches deployment from Cloudflare Pages to Workers + Assets

  The DevTools frontend is now deployed as a Cloudflare Workers + Assets project instead of a Cloudflare Pages project. This uses wrangler deploy for production deployments and wrangler versions upload for PR preview deployments.

  The inspector proxy origin allowlists in both wrangler and miniflare have been updated to accept connections from the new workers.dev domain patterns, while retaining the legacy pages.dev patterns for backward compatibility.

[github-actions]

⚠️ Issues found

bump-undici.md

Issue: Missing context for manual dependency bump

The changeset reads:

Bump undici from 7.18.2 to 7.24.4

Unlike the auto-generated dependabot changesets, this appears to be a manually created changeset. The README guidelines explicitly flag "update dependency" (without context) as a bad example, asking "Which one? Why? Any user impact?" The description names the dependency and versions, but gives no reason for the manual bump (e.g., security fix, bug fix, performance improvement, required for another change) and no user-facing impact.

Recommendation: Add a body explaining why undici was bumped manually rather than via dependabot, and note any relevant user impact (e.g., "Bumped to pick up a security fix for CVE-XXX" or "Required to support X feature").

---

All other changesets look good:

• c3-frameworks-update-*.md: Dependency updates for create-cloudflare — skipped per review instructions.
• dependabot-update-12875.md / dependabot-update-12935.md: Auto-generated workerd version bumps — acceptable format.
• kind-beers-occur.md: Clear description of a behavioral fix in the vite plugin. Correct patch version.
• migrate-devtools-to-workers-assets.md: Good description of infrastructure migration with clear user impact (updated allowlists). Correct patch version.
• open-apples-heal.md: Well-written bug fix with before/after behavior. Correct patch version.
• quick-items-shine.md: Acceptable for a minor CLI description tweak. Correct patch version.
• tunnel-commands.md: New feature with clear command examples and explicit mention that all commands are experimental. Correct minor version.
• warm-mirrors-allow.md: Good description of a Windows path security fix. Correct patch version.

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no bugs or issues to report.

[pkg-pr-new]

create-cloudflare

npm i https://pkg.pr.new/create-cloudflare@12923

@cloudflare/kv-asset-handler

npm i https://pkg.pr.new/@cloudflare/kv-asset-handler@12923

miniflare

npm i https://pkg.pr.new/miniflare@12923

@cloudflare/pages-shared

npm i https://pkg.pr.new/@cloudflare/pages-shared@12923

@cloudflare/unenv-preset

npm i https://pkg.pr.new/@cloudflare/unenv-preset@12923

@cloudflare/vite-plugin

npm i https://pkg.pr.new/@cloudflare/vite-plugin@12923

@cloudflare/vitest-pool-workers

npm i https://pkg.pr.new/@cloudflare/vitest-pool-workers@12923

@cloudflare/workers-editor-shared

npm i https://pkg.pr.new/@cloudflare/workers-editor-shared@12923

wrangler

npm i https://pkg.pr.new/wrangler@12923

commit: fe54cde