wrangler@4.86.0

Minor Changes

• #13605 ea943ff Thanks @danielgek! - Add namespace support to wrangler ai-search commands

  All wrangler ai-search instance commands (create, list, get, update, delete, stats, search) now accept a --namespace (or -n) flag to target a specific AI Search namespace. When the flag is omitted, commands default to the default namespace that Cloudflare automatically provisions for every account.

  wrangler ai-search list now displays a namespace column, and wrangler ai-search create offers an interactive picker for existing namespaces (with an option to create a new one) when --namespace is not supplied in an interactive session.

  A new wrangler ai-search namespace subcommand group is also introduced, with list, create, get, update, and delete subcommands for managing namespaces directly.

  wrangler ai-search list --namespace blog
  wrangler ai-search create my-instance --namespace blog --type r2 --source my-bucket
  wrangler ai-search namespace create blog --description "Blog content"

• #13637 9eb9e69 Thanks @edmundhung! - Add --tunnel flag to wrangler dev for sharing your local dev server via Cloudflare Quick Tunnels

  You can now expose your local dev server publicly by passing --tunnel:

  wrangler dev --tunnel

  This starts a Cloudflare Quick Tunnel that gives you a random *.trycloudflare.com URL to share. The tunnel stops automatically when the dev session ends. Quick tunnels don't require a Cloudflare account or any configuration.

  A warning is shown when Server-Sent Events (SSE) responses are detected through the tunnel, since quick tunnels don't support SSE.

• #13661 0a5db08 Thanks @aspizu! - wrangler tail will now log stack traces. These stack traces already include resolved frames if you have chosen to upload sourcemaps.

• #13617 118027d Thanks @roerohan! - Force Flagship bindings to always use remote mode in local dev

  Flagship bindings now always access the remote Flagship service during local development, matching the behavior of AI bindings. Previously, Flagship supported both local and remote modes, but the local stub only returned default values, providing no real functionality and creating a dual source of truth for flag evaluations.

  The remote config field is retained for backward compatibility but only controls whether a warning is displayed. Setting remote: true suppresses the warning that Flagship bindings always access remote resources and may incur usage charges in local dev.

• #13254 e867ac2 Thanks @tgarg-cf! - Add wrangler queues consumer list subcommands for listing queue consumers

  Three new commands are available for listing consumers on a queue:

  • wrangler queues consumer list <queue-name> — lists all consumers (both worker and HTTP pull), grouped by type
  • wrangler queues consumer worker list <queue-name> — lists only worker consumers
  • wrangler queues consumer http list <queue-name> — lists only HTTP pull consumers

Patch Changes

• #13696 62e9f2a Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260424.1	1.20260426.1

• #13576 2dc6175 Thanks @MattieTK! - Restore telemetry tracking for common CLI flags that were unintentionally dropped during sanitisation

  When argument sanitisation was introduced, only explicitly allow-listed args had their values included in telemetry. The allow list was very conservative, which meant common boolean flags like --remote, --json, --dry-run, --force, and many others were no longer being captured in sanitizedArgs despite previously being tracked. Boolean flags are inherently safe (values are only true/false), so these have now been added back to the global allow list. A small number of fixed-choice args (--local-protocol, --upstream-protocol, --containers-rollout) have also been added with their known value sets.

• #13649 ae8eae3 Thanks @petebacondarwin! - Fix service binding and tail consumer props being dropped between workers in different local dev instances

  When a service binding or tail consumer configured with props targeted a worker running in a separate wrangler dev instance (via the dev registry), the props were silently dropped and the remote entrypoint saw an empty ctx.props. Props are now forwarded correctly across the dev registry boundary, matching the behavior users get when all workers run in a single instance.

  // wrangler.json
  {
    "services": [
      {
        "binding": "AUTH",
        "service": "auth-worker", // may be in a separate `wrangler dev` process
        "entrypoint": "SessionEntry",
        "props": { "tenant": "acme" }
      }
    ]
  }

  The target worker's SessionEntry entrypoint now correctly receives { tenant: "acme" } on ctx.props regardless of which local dev instance it runs in.

• #13662 f2e2241 Thanks @petebacondarwin! - Fix three resource leaks in unstable_startWorker teardown that could prevent Node from exiting cleanly after worker.dispose().

  • The esbuild context created by bundleWorker is now disposed when the initial build fails. Previously a failing initial build (e.g. an unresolvable entrypoint, or a worker started with an invalid config via setConfig) left the esbuild child process running for the lifetime of the parent Node process.
  • runBuild's cleanup function now awaits the in-flight build before running the bundler's stop handler. Previously teardown could return before esbuild.BuildContext.dispose() had been called, so the esbuild watcher kept the event loop alive after dispose had resolved.
  • BundlerController.teardown() now runs the esbuild cleanup before removing the bundler's temporary directory, and aborts the in-flight bundle build so it cannot emit stale bundleStart/bundleComplete events after teardown. Previously the tmpdir was removed first, which in race with an in-flight rebuild produced confusing "Could not resolve .wrangler/tmp/bundle-XXXX/middleware-loader.entry.ts" errors during dispose.

• #13674 4f6ed93 Thanks @petebacondarwin! - Stop emitting a misleading [wrangler:error] Docker build exited with code: <n> log when the user aborts an in-progress container image build (for example by pressing the r rebuild hotkey while the previous build is still running).

  The abort-detection branch in the local and multi-worker runtime controllers was matching the wrong error message — it checked for "Build exited with code: 1", but the error thrown by the docker build helper is actually "Docker build exited with code: <n>", and the exit code after a process-group SIGINT/SIGKILL is typically 130/137/143, not 1. As a result, every legitimate user-initiated rebuild abort produced a spurious error event and [wrangler:error] log line. The check now matches the real error message prefix and ignores any non-zero exit code from the aborted build, so a user-requested rebuild while another build is in progress is silent.

• #13667 ed2f4ec Thanks @emily-shen! - fix: Preserve auth in remote proxy session data to avoid unnecessary session restarts

  maybeStartOrUpdateRemoteProxySession was not including auth in its return value, so on subsequent calls preExistingRemoteProxySessionData.auth was always undefined. This caused the auth comparison to always detect a change, disposing and recreating the remote proxy session on every reload even when auth had not changed.

• #13695 92bb8a5 Than...

miniflare@4.20260426.0

Minor Changes

• #13599 21b87b2 Thanks @Ltadrian! - Add extended sslmode support for Hyperdrive local dev. This adds support for sslmodes verify-full / verify-ca for Postgres and VERIFY_IDENTITY / VERIFY_CA for MySQL

• #13617 118027d Thanks @roerohan! - Force Flagship bindings to always use remote mode in local dev

  Flagship bindings now always access the remote Flagship service during local development, matching the behavior of AI bindings. Previously, Flagship supported both local and remote modes, but the local stub only returned default values, providing no real functionality and creating a dual source of truth for flag evaluations.

  The remote config field is retained for backward compatibility but only controls whether a warning is displayed. Setting remote: true suppresses the warning that Flagship bindings always access remote resources and may incur usage charges in local dev.

Patch Changes

• #13696 62e9f2a Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260424.1	1.20260426.1

• #13652 033d6ec Thanks @emily-shen! - fix: allow multiple workers with browser bindings in dev

  You can now run multiple workers with multiple browser bindings in miniflare. Previously, this would crash with kj/table.c++:49: failed: inserted row already exists in table.

• #13649 ae8eae3 Thanks @petebacondarwin! - Fix service binding and tail consumer props being dropped between workers in different local dev instances

  When a service binding or tail consumer configured with props targeted a worker running in a separate wrangler dev instance (via the dev registry), the props were silently dropped and the remote entrypoint saw an empty ctx.props. Props are now forwarded correctly across the dev registry boundary, matching the behavior users get when all workers run in a single instance.

  // wrangler.json
  {
    "services": [
      {
        "binding": "AUTH",
        "service": "auth-worker", // may be in a separate `wrangler dev` process
        "entrypoint": "SessionEntry",
        "props": { "tenant": "acme" }
      }
    ]
  }

  The target worker's SessionEntry entrypoint now correctly receives { tenant: "acme" } on ctx.props regardless of which local dev instance it runs in.

• #13668 ef24ff2 Thanks @for-the-kidz! - Fix TypeError: rules is not iterable in the router-worker when static_routing is configured without user_worker rules

  The router-worker's static-routing include-rule evaluation passed config.static_routing.user_worker directly to the matcher, which iterates with for...of. When static_routing was set but user_worker was omitted, the matcher threw TypeError: rules is not iterable and failed the request. The adjacent asset_worker branch already falls back to [] in this case; the user_worker branch now does the same.

• #13654 6d27479 Thanks @pombosilva! - fix: Preserve internal counter suffix on workflow step names in local explorer API

  Stop stripping the -N suffix from step names in the API response so the UI can distinguish duplicate step names. The suffix is now stripped only visually in the UI.

create-cloudflare@2.67.4

Patch Changes

• #13680 08fa62e Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-vite	9.0.4	9.0.6

• #13681 32cc1b4 Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-react-router	7.14.1	7.14.2

• #13682 c642d18 Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-analog	2.4.8	2.4.10

• #13683 a3496fa Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  @tanstack/create-start	0.59.21	0.59.22

• #13684 02ab1b4 Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-waku	0.12.5-1.0.0-alpha.7-0	0.12.5-1.0.0-alpha.8-0

• #13685 6fc418b Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-astro	5.0.5	5.0.6

• #13686 1d8bad5 Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  create-vue	3.22.2	3.22.3

• #13687 2bcfffc Thanks @dependabot! - Update dependencies of "create-cloudflare"

  The following dependency versions have been updated:

  Dependency	From	To
  sv	0.12.5	0.15.1

@cloudflare/workers-shared@0.19.3

Patch Changes

• #13668 ef24ff2 Thanks @for-the-kidz! - Fix TypeError: rules is not iterable in the router-worker when static_routing is configured without user_worker rules

  The router-worker's static-routing include-rule evaluation passed config.static_routing.user_worker directly to the matcher, which iterates with for...of. When static_routing was set but user_worker was omitted, the matcher threw TypeError: rules is not iterable and failed the request. The adjacent asset_worker branch already falls back to [] in this case; the user_worker branch now does the same.

@cloudflare/vitest-pool-workers@0.15.1

Patch Changes

• Updated dependencies [ea943ff, 21b87b2, 62e9f2a, 9eb9e69, 2dc6175, 0a5db08, 033d6ec, ae8eae3, f2e2241, 4f6ed93, ed2f4ec, ef24ff2, 92bb8a5, 6d27479, f2e2241, 118027d, fcc491a, e6c437a, e867ac2]:
  • wrangler@4.86.0
  • miniflare@4.20260426.0

@cloudflare/vite-plugin@1.34.0

Minor Changes

• #13666 edcff69 Thanks @edmundhung! - Add tunnel: true to the cloudflare() Vite plugin for sharing your local dev and preview servers via Cloudflare Quick Tunnels

  You can now expose your local dev server publicly by setting tunnel: true:

  cloudflare({
    tunnel: true,
  });

  You can also enable tunnel sharing dynamically using an environment variable:

  cloudflare({
    tunnel: process.env.ENABLE_DEV_TUNNEL === "true",
  });

  This starts a Cloudflare Quick Tunnel that gives you a random *.trycloudflare.com URL to share. The tunnel stops automatically when the dev or preview session ends. Quick tunnels don't require a Cloudflare account or any configuration.

  A warning is shown when Server-Sent Events (SSE) responses are detected through the tunnel, since quick tunnels don't support SSE.

Patch Changes

• Updated dependencies [ea943ff, 21b87b2, 62e9f2a, 9eb9e69, 2dc6175, 0a5db08, 033d6ec, ae8eae3, f2e2241, 4f6ed93, ed2f4ec, ef24ff2, 92bb8a5, 6d27479, f2e2241, 118027d, fcc491a, e6c437a, e867ac2]:
  • wrangler@4.86.0
  • miniflare@4.20260426.0

@cloudflare/pages-shared@0.13.129

Patch Changes

• Updated dependencies [21b87b2, 62e9f2a, 033d6ec, ae8eae3, ef24ff2, 6d27479, 118027d]:
  • miniflare@4.20260426.0

@cloudflare/local-explorer-ui@0.13.3

Patch Changes

• #13654 6d27479 Thanks @pombosilva! - fix: Preserve expanded workflow steps across polling and improve instance page UX

  Expanded steps no longer collapse when new steps arrive via polling. Expansion state is lifted into the parent component and tracked by stable step keys, and polling skips state updates when data hasn't changed.

  Also: navigate to instance page after triggering, distinct refresh/restart icons, toolbar layout below stats strip, always-visible stats, unified status colors, and visual-only stripping of internal step name suffixes.

wrangler@4.85.0

Minor Changes

• #13222 5680287 Thanks @maxwellpeterson! - Add enabled and previews_enabled support for custom domain routes

  Custom domain routes can now include optional enabled and previews_enabled boolean fields to control whether a custom domain serves production and/or preview traffic. When omitted, the API defaults apply (production enabled, previews disabled).

Patch Changes

• #13622 5a2968a Thanks @petebacondarwin! - Fix inherited ai_search_namespaces binding display in wrangler deploy

  When an ai_search_namespaces binding inherits from the existing deployment, the bindings table now correctly shows (inherited) instead of a raw Symbol(inherit_binding) string.

• #13633 3494842 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260421.1	1.20260422.1

• #13645 7d728fb Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260422.1	1.20260423.1

• #13657 df9319d Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260423.1	1.20260424.1

• #13574 d5e3c57 Thanks @dario-piotrowicz! - Detect Cloudflare WAF block pages and include Ray ID in API error messages

  When the Cloudflare WAF blocks an API request, the response is an HTML page rather than JSON. Previously, this caused a confusing "Received a malformed response from the API" error with a truncated HTML snippet. Wrangler now detects WAF block pages and displays a clear error message explaining that the request was blocked by the firewall, along with the Cloudflare Ray ID (when available) for use in support tickets.

  For other non-JSON responses that aren't WAF blocks, the "malformed response" error also now includes the Ray ID to help reference failing requests in support tickets.

• #13560 7567ef7 Thanks @vaishnav-mk! - Preserve NonRetryableError message and name when the workflows_preserve_non_retryable_error_message compatibility flag is enabled, instead of replacing it with a generic error message.

• #11784 2831b54 Thanks @JPeer264! - fix(wrangler): Bind the console methods directly instead of using a global proxy

• #13644 377715d Thanks @MattieTK! - Update @clack/core and @clack/prompts to v1.2.0

  Bumps the bundled @clack/core dependency used internally by @cloudflare/cli from 0.3.x to 1.2.0, and the @clack/prompts dependency in create-cloudflare from 0.6.x to 1.2.0. Clack v1 includes a number of API changes, but no user-facing prompt behaviour changes are expected.

• Updated dependencies [3494842, 7d728fb, df9319d, 3ceeec3, 7567ef7, 0a95061, 7fc50c1, 377715d]:

  • miniflare@4.20260424.0
  • @cloudflare/unenv-preset@2.16

miniflare@4.20260424.0

Minor Changes

• #13234 7fc50c1 Thanks @natewong1313! - Support serving videos locally, add publicUrl option for stable stream preview URLs, and add caption upload support via ReadableStream

  Videos uploaded while in local mode are now served at /cdn-cgi/mf/stream/<video-id>/watch. The preview field in StreamVideo is now directly fetchable during development.

  A new publicUrl option on MiniflareOptions allows callers (e.g. Wrangler, the Vite plugin) to advertise a stable, externally-reachable URL for the Miniflare instance. When set, Stream preview URLs use this value instead of the runtime entry URL, so they remain valid across runtime restarts and port changes. The same value is also exposed as a mutable miniflare.publicUrl property.

  The helper functions buildPublicUrl and getLocallyAccessibleHost are now exported from miniflare, enabling consumers to construct client-reachable URLs that correctly handle IPv6 addresses (bracketing) and wildcard listen addresses (0.0.0.0, ::, * → 127.0.0.1).

  Caption uploads via ReadableStream are now supported in local mode. They no longer throw a "not supported in local mode" error.

Patch Changes

• #13633 3494842 Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260421.1	1.20260422.1

• #13645 7d728fb Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260422.1	1.20260423.1

• #13657 df9319d Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260423.1	1.20260424.1

• #13659 3ceeec3 Thanks @petebacondarwin! - Make the dev registry watcher reliable on Windows

  The filesystem-based dev registry used chokidar with default settings, which on Windows backs onto fs.watch (ReadDirectoryChangesW). That API is known to drop or delay create events for files added shortly after the watcher attaches, which is especially common under CI virtualization. When this happened, a process that had attached its watcher before another process registered its worker would never be notified of the new entry until the next 30-second heartbeat — long enough to time out cross-process service-binding calls.

  Switch to chokidar's polling mode on Windows so the dev registry observes cross-process worker registrations reliably. The registry directory is small and a 100ms poll interval has negligible cost. Non-Windows platforms continue to use the more efficient native filesystem-event backend.

• #13560 7567ef7 Thanks @vaishnav-mk! - Preserve NonRetryableError message and name when the workflows_preserve_non_retryable_error_message compatibility flag is enabled, instead of replacing it with a generic error message.

• #13644 377715d Thanks @MattieTK! - Update @clack/core and @clack/prompts to v1.2.0

  Bumps the bundled @clack/core dependency used internally by @cloudflare/cli from 0.3.x to 1.2.0, and the @clack/prompts dependency in create-cloudflare from 0.6.x to 1.2.0. Clack v1 includes a number of API changes, but no user-facing prompt behaviour changes are expected.