Update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
hono (source)	4.12.1 → 4.12.3
wrangler (source)	4.67.0 → 4.69.0

---

Release Notes

honojs/hono (hono)

v4.12.3

Compare Source

What's Changed

• fix(validator): prevent type diff bug in form data parsing by @​EdamAme-x in #​4753
• fix(jwt): use Math.floor instead of bitwise OR for safe timestamp by @​EdamAme-x in #​4754
• fix(jwt): fix JwtVariables for ContextVariableMap by @​yusukebe in #​4764
• fix(types): remove DOM type dependencies from ClientResponse and request method by @​YevheniiKotyrlo in #​4768
• fix(types): correct middleware types by @​hmnd in #​4774
• fix(jwt): prevent memory leak by avoiding mutation of options object by @​EdamAme-x in #​4759

New Contributors

• @​YevheniiKotyrlo made their first contribution in #​4768
• @​hmnd made their first contribution in #​4774

Full Changelog: honojs/hono@v4.12.2...v4.12.3

v4.12.2

Compare Source

Security fix

Fixed incorrect handling of X-Forwarded-For in the AWS Lambda adapter behind ALB that could allow IP-based access control bypass. The detail: GHSA-xh87-mx6m-69f3

Thanks @​EdamAme-x

What's Changed

• fix(context): revert PR #​4707 by @​yusukebe in #​4757

Full Changelog: honojs/hono@v4.12.1...v4.12.2

cloudflare/workers-sdk (wrangler)

v4.69.0

Compare Source

Minor Changes

• #​12625 c0e9e08 Thanks @​WillTaylorDev! - Add cache configuration option for enabling worker cache (experimental)

  You can now enable cache before worker execution using the new cache configuration:

  {
  	"cache": {
  		"enabled": true,
  	},
  }

  This setting is environment-inheritable and opt-in. When enabled, cache behavior is applied before your worker runs.

  Note: This feature is experimental. The runtime API is not yet generally available.

Patch Changes

• #​12661 99037e3 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260302.0	1.20260303.0

• #​12680 295297a Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260303.0	1.20260305.0

• #​12671 f765244 Thanks @​MattieTK! - fix: Only redact account names in CI environments, not all non-interactive contexts

  The multi-account selection error in getAccountId now only redacts account names
  when running in a CI environment (detected via ci-info). Non-interactive terminals
  such as coding agents and piped commands can now see account names, which they need
  to identify which account to configure. CI logs remain protected.

• Updated dependencies [99037e3, 295297a]:

  • miniflare@​4.20260305.0

v4.68.1

Compare Source

Patch Changes

• #​12648 3d6e421 Thanks @​petebacondarwin! - Fix Angular scaffolding to allow localhost SSR in development mode

  Recent versions of Angular's AngularAppEngine block serving SSR on localhost by default. This caused wrangler dev / wrangler pages dev to fail with URL with hostname "localhost" is not allowed.

  The fix passes allowedHosts: ["localhost"] to the AngularAppEngine constructor in server.ts, which is safe to do even in production since Cloudflare will already restrict which host is allowed.

• #​12657 294297e Thanks @​dario-piotrowicz! - Update Waku autoconfig logic

  As of 1.0.0-alpha.4, Waku projects can be built on top of the Cloudflare Vite plugin, and the changes here allow Wrangler autoconfig to support this. Running autoconfig on older versions of Waku will result in an error.

• Updated dependencies []:

  • miniflare@​4.20260302.0

v4.68.0

Compare Source

Minor Changes

• #​12614 8d882fa Thanks @​dario-piotrowicz! - Enable autoconfig for wrangler deploy by default (while allowing users to still disable it via --x-autoconfig=false if necessary)

• #​12614 8d882fa Thanks @​dario-piotrowicz! - Mark the wrangler setup command as stable

v4.67.1

Compare Source

Patch Changes

• #​12595 e93dc01 Thanks @​dario-piotrowicz! - Add a warning in the autoconfig logic letting users know that support for projects inside workspaces is limited

• #​12582 c2ed7c2 Thanks @​penalosa! - Internal refactor to use capnweb's native ReadableStream support to power remote Media and Dispatch Namespace bindings.

• #​12618 d920811 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260219.0	1.20260227.0

• #​12637 896734d Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260227.0	1.20260302.0

• #​12601 ebdbe52 Thanks @​43081j! - Switch to empathic for file-system upwards traversal to reduce dependency bloat.

• #​12602 58a4020 Thanks @​anonrig! - Optimize filesystem operations by using Node.js's throwIfNoEntry: false option

  This reduces the number of system calls made when checking for file existence by avoiding the overhead of throwing and catching errors for missing paths. This is an internal performance optimization with no user-visible behavioral changes.

• #​12591 6f6cd94 Thanks @​martinezjandrew! - Implemented logic within wrangler containers registries configure to check if a specified secret name is already in-use and offer to reuse that secret. Also added --skip-confirmation flag to the command to skip all interactive prompts.

• Updated dependencies [c2ed7c2, d920811, 896734d, 58a4020]:

  • miniflare@​4.20260302.0

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.