[pull] main from cloudflare:main

.changeset/add-web-search-binding.md

@@ -0,0 +1,29 @@
+---
+"miniflare": minor
+"wrangler": minor
+"@cloudflare/workers-utils": minor
+---
+
+Add support for the new `web_search` binding kind.
+
+Cloudflare Web Search is a managed, zero-setup web discovery primitive for agents and Workers. Declare the binding as a single object in `wrangler.jsonc`:
+
+```jsonc
+{
+	"web_search": { "binding": "WEBSEARCH" },
+}
+```
+
+There is exactly one shared web corpus, so there is no namespace, instance, or other field to specify -- only the variable name. The binding exposes a single `search()` method that returns URLs and catalog metadata for a query. Web Search is discovery-only -- to read a result's content the caller invokes the global `fetch()` API against the result's `url`.
+
+The binding is **always remote** in local development: Miniflare proxies to the production Web Search service via the remote-bindings transport. Adds the `websearch.run` OAuth scope to `wrangler login`.
+
+Also adds a `wrangler websearch search` command for running ad-hoc queries from the CLI:
+
+```sh
+npx wrangler websearch search "cloudflare workers"
+npx wrangler websearch search "cloudflare workers" --limit 5
+npx wrangler websearch search "cloudflare workers" --json
+```
+
+`--limit` is optional (defaults to 10, capped at 20). `--json` prints the raw response; without it the results render as a pretty table.

.changeset/bump-rosie-skills.md

@@ -0,0 +1,5 @@
+---
+"wrangler": patch
+---
+
+Bump `rosie-skills` package from 0.6.3 to 0.7.6

.changeset/dependabot-update-14060.md

@@ -0,0 +1,12 @@
+---
+"miniflare": patch
+"wrangler": patch
+---
+
+Update dependencies of "miniflare", "wrangler"
+
+The following dependency versions have been updated:
+
+| Dependency | From         | To           |
+| ---------- | ------------ | ------------ |
+| workerd    | 1.20260526.1 | 1.20260527.1 |

.changeset/disable-sentry-by-default.md

@@ -0,0 +1,7 @@
+---
+"wrangler": patch
+---
+
+Disable Sentry error reporting by default
+
+`WRANGLER_SEND_ERROR_REPORTS` now defaults to `false` instead of prompting on every error. The current prompt produces too many false-positive reports. Users can still opt in explicitly by setting `WRANGLER_SEND_ERROR_REPORTS=true`.

.changeset/fix-autoconfig-vite-no-config.md

@@ -0,0 +1,9 @@
+---
+"wrangler": patch
+---
+
+Fix `wrangler setup` failing for Vite projects without a config file
+
+`wrangler setup` (and `wrangler deploy --experimental-autoconfig`) crashed with "Could not find Vite config file to modify" for Vite projects that don't have a `vite.config.js` or `vite.config.ts`. This affected 6 of the 16 `create-vite` templates: `vanilla`, `vanilla-ts`, `react-swc`, `react-swc-ts`, `lit`, and `lit-ts`.
+
+Autoconfig now creates a minimal Vite config with the Cloudflare plugin when no config file exists, instead of failing. The file extension (`.ts` or `.js`) is chosen based on whether the project has a `tsconfig.json`.

.changeset/fix-miniflare-pnp-sourcemap.md

@@ -0,0 +1,7 @@
+---
+"miniflare": patch
+---
+
+Fix `wrangler dev` crash under Yarn PnP when the worker emits a structured log or the inspector forwards a stack trace.
+
+`getFreshSourceMapSupport` was unconditionally indexing `require.cache`, but when `miniflare` is `import`ed from ESM under Yarn PnP, Node's ESM->CJS bridge (`loadCJSModule` in `node:internal/modules/esm/translators`) hands the wrapped CJS module a re-invented `require` that only carries `.resolve` and `.main`, with no `.cache`. Fall back to `createRequire(__filename)` in that case so the fresh-load cache-swap keeps working.

.changeset/fix-open-in-browser-enoent-headless.md

@@ -0,0 +1,9 @@
+---
+"wrangler": patch
+---
+
+Show helpful message with URL when browser cannot be opened in headless/container environments
+
+Previously, running `wrangler login` (or any command that opens a browser) in headless Linux environments without `xdg-open` installed would crash with a confusing "A file or directory could not be found — Missing file or directory: xdg-open" error.
+
+Now wrangler catches the error and prints a clear warning with the URL so users can copy-paste it into a browser manually.

.changeset/fix-secrets-store-value-length-validation.md

@@ -0,0 +1,5 @@
+---
+"wrangler": patch
+---
+
+`wrangler secrets-store secret create` and `secret update` now reject secret values larger than 64 KiB (65,536 bytes) with a clear error before calling the Cloudflare API. Previously the CLI accepted them, the secret appeared in `secret list`, and the failure surfaced later (and confusingly) at worker deploy time as a "secret doesn't exist" error against the binding. 64 KiB is the cap enforced by the API; the CLI now enforces it at the same boundary.

.changeset/nine-mangos-camp.md

@@ -0,0 +1,7 @@
+---
+"wrangler": minor
+---
+
+Add confirmation prompt to `wrangler containers images delete`
+
+Previously, running `wrangler containers images delete IMAGE:TAG` would delete the image immediately with no confirmation. The command now prompts for confirmation before deleting. Use `-y` or `--skip-confirmation` to bypass the prompt in non-interactive or scripted environments.

.changeset/pipeline-stream-rename.md

@@ -0,0 +1,37 @@
+---
+"wrangler": minor
+"@cloudflare/workers-utils": minor
+"miniflare": minor
+---
+
+Rename `pipeline` field to `stream` in pipeline bindings configuration
+
+The `pipeline` field inside `pipelines` bindings has been renamed to `stream` to align with the updated API wire format. The old `pipeline` field is still accepted but deprecated and will emit a warning.
+
+Before:
+
+```jsonc
+// wrangler.json
+{
+	"pipelines": [
+		{
+			"binding": "MY_PIPELINE",
+			"pipeline": "my-stream-name",
+		},
+	],
+}
+```
+
+After:
+
+```jsonc
+// wrangler.json
+{
+	"pipelines": [
+		{
+			"binding": "MY_PIPELINE",
+			"stream": "my-stream-name",
+		},
+	],
+}
+```

.changeset/proxied-durable-object-rpc.md

@@ -0,0 +1,7 @@
+---
+"@cloudflare/vitest-pool-workers": patch
+---
+
+Fix Durable Object RPC dispatch for constructors that return proxies
+
+Durable Object RPC methods mediated by a returned `Proxy` are now resolved through that proxy after validating prototype exposure. This allows wrappers that bind methods to the underlying instance to use private fields and methods in Vitest, while matching workerd's rejection of constructor-assigned RPC overrides.

.changeset/quiet-birds-fly.md

@@ -0,0 +1,10 @@
+---
+"@cloudflare/vite-plugin": patch
+"@cloudflare/workers-utils": patch
+---
+
+Filter compatibility date fallback warning when no update is available
+
+The compatibility date warning from workerd (e.g., "The latest compatibility date supported by the installed Cloudflare Workers Runtime is...") is now only shown when a newer version of `@cloudflare/vite-plugin` is available. This matches the behavior in Wrangler and reduces noise when the user is already on the latest version.
+
+The update-check logic has been extracted to `@cloudflare/workers-utils` so it can be shared across packages.

.changeset/resolve-pipeline-names.md

@@ -0,0 +1,5 @@
+---
+"wrangler": minor
+---
+
+Allow pipeline, stream, and sink commands to resolve resources by name with pagination-aware lookups.

.changeset/secret-bulk-delete-support.md

@@ -0,0 +1,11 @@
+---
+"wrangler": minor
+---
+
+Support deleting secrets via `wrangler secret bulk`
+
+You can now delete secrets in bulk by setting their value to `null` in the JSON input file:
+
+```json
+{ "SECRET_TO_DELETE": null, "SECRET_TO_UPDATE": "new-value" }
+```

.github/workflows/README.md

@@ -4,6 +4,21 @@ See below for a summary of this repo's Actions
 
 - _Actions marked with "⚠️" are expected to sometimes fail._
 
+## Security auditing
+
+We use [`zizmor`](https://docs.zizmor.sh/) to audit GitHub Actions workflow definitions and keep CI workflows as safe as possible. When changing files in this directory, run:
+
+```sh
+zizmor .github/workflows/*.yml
+```
+
+Workflow changes should avoid unsuppressed `zizmor` findings. In particular:
+
+- Pin external actions to immutable commit SHAs, not tags.
+- Use `actions/checkout` v6 or newer so persisted credentials are stored under `$RUNNER_TEMP`; set `persist-credentials: false` when a job does not need follow-up authenticated Git operations.
+- Pass GitHub expression values into shell steps through `env` instead of expanding `${{ ... }}` directly inside `run` blocks.
+- Treat privileged triggers such as `pull_request_target` and `workflow_run` as security-sensitive. If a privileged trigger is required, document the safety model and add a targeted `zizmor` ignore with a reason.
+
 ## PR related actions
 
 ### Tests + Checks (test-and-check.yml)

.github/workflows/auto-assign-issues.yml

@@ -14,10 +14,12 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        with:
+          persist-credentials: false
 
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
         with:
           node-version: 22 # need this version for `Set` methods
 

.github/workflows/bonk-pr-review.yml

@@ -26,20 +26,22 @@ jobs:
           STATUS=$(gh api \
             -H "Accept: application/vnd.github+json" \
             -H "X-GitHub-Api-Version: 2022-11-28" \
-            /orgs/cloudflare/members/${{ github.event.pull_request.user.login }} \
+            "/orgs/cloudflare/members/${PR_AUTHOR}" \
             --silent -i 2>/dev/null | head -1 | awk '{print $2}') || true
           if [ "$STATUS" != "204" ]; then
-            echo "User ${{ github.event.pull_request.user.login }} is not a member of the Cloudflare organization"
+            echo "User ${PR_AUTHOR} is not a member of the Cloudflare organization"
             exit 1
           fi
-          echo "User ${{ github.event.pull_request.user.login }} is a Cloudflare org member"
+          echo "User ${PR_AUTHOR} is a Cloudflare org member"
         env:
           GH_TOKEN: ${{ secrets.READ_ONLY_ORG_GITHUB_TOKEN }}
+          PR_AUTHOR: ${{ github.event.pull_request.user.login }}
 
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 30
+          persist-credentials: false
 
       - name: Load review prompt
         id: prompt

.github/workflows/bonk.yml

@@ -26,28 +26,30 @@ jobs:
           STATUS=$(gh api \
             -H "Accept: application/vnd.github+json" \
             -H "X-GitHub-Api-Version: 2022-11-28" \
-            /orgs/cloudflare/members/${{ github.event.comment.user.login }} \
+            "/orgs/cloudflare/members/${COMMENT_AUTHOR}" \
             --silent -i 2>/dev/null | head -1 | awk '{print $2}') || true
           if [ "$STATUS" != "204" ]; then
-            echo "User ${{ github.event.comment.user.login }} is not a member of the Cloudflare organization"
+            echo "User ${COMMENT_AUTHOR} is not a member of the Cloudflare organization"
             exit 1
           fi
-          echo "User ${{ github.event.comment.user.login }} is a Cloudflare org member"
+          echo "User ${COMMENT_AUTHOR} is a Cloudflare org member"
         env:
           GH_TOKEN: ${{ secrets.READ_ONLY_ORG_GITHUB_TOKEN }}
+          COMMENT_AUTHOR: ${{ github.event.comment.user.login }}
 
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 1
+          persist-credentials: false
 
       - name: Build prompt with triggering comment
         id: prompt
         run: |
           {
             DELIMITER=$(openssl rand -hex 16)
             echo "value<<$DELIMITER"
-            echo "You were invoked by @${{ github.event.comment.user.login }} on ${{ github.event.comment.html_url }}"
+            echo "You were invoked by @${COMMENT_AUTHOR} on ${COMMENT_URL}"
             echo ""
             echo "Their comment:"
             echo '```'
@@ -58,7 +60,9 @@ jobs:
             echo "$DELIMITER"
           } >> "$GITHUB_OUTPUT"
         env:
+          COMMENT_AUTHOR: ${{ github.event.comment.user.login }}
           COMMENT_BODY: ${{ github.event.comment.body }}
+          COMMENT_URL: ${{ github.event.comment.html_url }}
 
       - name: Run Bonk
         uses: ask-bonk/ask-bonk/github@c39e982defd0114385df54e72012a3fc4333c4d4

.github/workflows/c3-dependabot-versioning-prs.yml

@@ -1,6 +1,6 @@
 name: "C3 - Generate changesets for dependabot PRs"
 on:
-  pull_request_target:
+  pull_request_target: # zizmor: ignore[dangerous-triggers] dependabot-only job requires write access to push generated changesets; checkout v6 persists credentials under RUNNER_TEMP
     paths:
       - "packages/create-cloudflare/src/frameworks/package.json"
 
@@ -13,12 +13,14 @@ jobs:
   generate-changeset:
     runs-on: ubuntu-slim
     if: |
-      github.event.pull_request.user.login == 'dependabot[bot]'
+      github.event.pull_request.user.login == 'dependabot[bot]' &&
+      github.event.pull_request.head.repo.full_name == github.repository
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 2
+          persist-credentials: true
           ref: ${{ github.head_ref }}
           token: ${{ secrets.GH_ACCESS_TOKEN }}
 
@@ -32,4 +34,6 @@ jobs:
 
       - name: Generate C3 changesets
         # Keep the final param (the changeset prefix: `c3-frameworks-update`) in sync with the filter in the `.github/workflows/c3-e2e-dependabot.yml` workflow.
-        run: node -r esbuild-register tools/dependabot/generate-dependabot-pr-changesets.ts ${{ github.event.number }} create-cloudflare packages/create-cloudflare/src/frameworks/package.json c3-frameworks-update
+        run: node -r esbuild-register tools/dependabot/generate-dependabot-pr-changesets.ts "$PR_NUMBER" create-cloudflare packages/create-cloudflare/src/frameworks/package.json c3-frameworks-update
+        env:
+          PR_NUMBER: ${{ github.event.number }}

.github/workflows/c3-e2e.yml

@@ -44,9 +44,10 @@ jobs:
     runs-on: ${{ matrix.os.name }}
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
+          persist-credentials: false
 
       - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
         id: changes
@@ -95,15 +96,15 @@ jobs:
           GITHUB_TOKEN: ${{ github.token }} # Needed for begit to clone the repo in the e2e tests for solid-start
 
       - name: Upload Logs
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         if: ${{ !cancelled() && steps.changes.outputs.everything_but_markdown == 'true' }}
         with:
           name: ${{ format('e2e-logs-{0}-{1}-{2}-{3}', matrix.pm.name, matrix.os.description, matrix.experimental && 'experimental' || 'normal', matrix.filter) }}
           path: packages/create-cloudflare/.e2e-logs${{matrix.experimental == 'true' && '-experimental' || ''}}/${{ matrix.pm.name }}/${{ matrix.filter }}
           include-hidden-files: true
 
       - name: Upload Turbo Summary
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         if: ${{ !cancelled() && steps.changes.outputs.everything_but_markdown == 'true' }}
         with:
           name: ${{ format('turbo-runs-{0}-{1}-{2}-{3}', matrix.pm.name, matrix.os.description, matrix.experimental && 'experimental' || 'normal', matrix.filter) }}
@@ -132,9 +133,10 @@ jobs:
     runs-on: ${{ matrix.os.name }}
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
+          persist-credentials: false
 
       - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
         id: changes
@@ -209,15 +211,15 @@ jobs:
           GITHUB_TOKEN: ${{ github.token }}
 
       - name: Upload Logs
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         if: ${{ !cancelled() && steps.check-frameworks.outputs.run_frameworks == 'true' && steps.changes.outputs.everything_but_markdown == 'true' }}
         with:
           name: ${{ format('e2e-logs-{0}-{1}-{2}-frameworks', matrix.pm.name, matrix.os.description, matrix.experimental && 'experimental' || 'normal') }}
           path: packages/create-cloudflare/.e2e-logs${{matrix.experimental == 'true' && '-experimental' || ''}}/${{ matrix.pm.name }}/frameworks
           include-hidden-files: true
 
       - name: Upload Turbo Summary
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
         if: ${{ !cancelled() && steps.check-frameworks.outputs.run_frameworks == 'true' && steps.changes.outputs.everything_but_markdown == 'true' }}
         with:
           name: ${{ format('turbo-runs-{0}-{1}-{2}-frameworks', matrix.pm.name, matrix.os.description, matrix.experimental && 'experimental' || 'normal') }}

.github/workflows/changeset-review.yml

@@ -21,9 +21,10 @@ jobs:
     if: github.event.pull_request.head.repo.full_name == github.repository
     steps:
       - name: Checkout changesets
-        uses: actions/checkout@v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
+          persist-credentials: false
           sparse-checkout: |
             .changeset
             .github/opencode.json