Sourced from @​cloudflare/vitest-pool-workers's releases.

@​cloudflare/vitest-pool-workers@​0.16.15

Patch Changes

• Updated dependencies [98c9afe, e305126, f3990b2, 4597f08, 25722ac, 41f75c0, 10b5538, 818c105, 2ae6099, 2047a32, 2047a32, e8561c2]:
  • wrangler@4.100.0
  • miniflare@4.20260611.0

@​cloudflare/vitest-pool-workers@​0.16.14

Patch Changes

• Updated dependencies [23aecac, b932e47, d076bcc, 24497d0, 4bb572f, 165adb2, 776098c, 0706fbf, 7993711, 48c4ff0, 8cf8c61, 8923f97, b205fb7, a61ac29]:
  • wrangler@4.99.0
  • miniflare@4.20260609.0

@​cloudflare/vitest-pool-workers@​0.16.13

Patch Changes

• Updated dependencies [c6c61b5, c6c61b5, a3eea27, 7a6b1a4, 7539a9b, 1fdd8de, 3b8b80a, 0bb2d55, 8400fb9, b502d54, 7949f81, d462013, c2280cd, 3b8b80a, ea12b58, acf7817]:
  • wrangler@4.98.0
  • miniflare@4.20260603.0

@​cloudflare/vitest-pool-workers@​0.16.12

Patch Changes

• #14152 3d7992e Thanks @​petebacondarwin! - Fix module resolution failing when project path contains spaces

  When a project lived under a directory with spaces (e.g. /Users/me/Documents/Master CMS/project), the vitest pool would fail with No such module "threads.js" before any test executed. The module fallback service now uses the rawSpecifier from workerd's fallback request to correctly decode file:// URLs, avoiding the double-encoding of spaces (%20 → %2520) that occurred when workerd resolved these URLs as relative paths.

• #14105 337e912 Thanks @​dario-piotrowicz! - Remove trailing periods from URLs in terminal output

  URLs printed to the terminal with a sentence-ending period (e.g. https://example.com/path.) would include the period when clicked in some terminal emulators, causing 404 errors. This removes trailing periods from all URLs displayed in CLI output across wrangler, miniflare, vitest-pool-workers, and workers-utils.

• #14112 3a746ac Thanks @​penalosa! - Pin non-bundled runtime dependencies to exact versions

  Dependencies that are not bundled into a package's published output are installed directly into consumers' dependency trees, so they are now pinned to exact versions instead of semver ranges. This closes a supply-chain gap where an unpinned external dependency could resolve to a compromised upstream release on a fresh install. A new pnpm check:pinned-deps lint enforces this for all published packages (and for the shared pnpm catalog) going forward.

• #14061 da8e306 Thanks @​Vardiak! - Preserve Durable Object WebSocket handler invocation order

  Durable Object WebSocket events could begin executing out of order in the Workers Vitest integration when several events arrived while the test wrapper was resolving user code.

  Handler invocation now preserves arrival order while still allowing asynchronous handler completion to run concurrently.

• Updated dependencies [b210c5e, aec1bb8, e06cbb7, 9a26191, 5565823, 4ef790b, 890fca7, 6fc9777, 337e912, 8e7b74f, e86489a, 42288d4, 65b5f9e, 3a746ac, 64ef9fd, 94b29f7]:

  • wrangler@4.97.0
  • miniflare@4.20260601.0

@​cloudflare/vitest-pool-workers@​0.16.11

Patch Changes

• #14070 96ae856 Thanks @​dmmulroy! - Fix Durable Object RPC dispatch for constructors that return proxies

... (truncated)

Sourced from @​cloudflare/vitest-pool-workers's changelog.

0.16.15

Patch Changes

• Updated dependencies [98c9afe, e305126, f3990b2, 4597f08, 25722ac, 41f75c0, 10b5538, 818c105, 2ae6099, 2047a32, 2047a32, e8561c2]:
  • wrangler@4.100.0
  • miniflare@4.20260611.0

0.16.14

Patch Changes

• Updated dependencies [23aecac, b932e47, d076bcc, 24497d0, 4bb572f, 165adb2, 776098c, 0706fbf, 7993711, 48c4ff0, 8cf8c61, 8923f97, b205fb7, a61ac29]:
  • wrangler@4.99.0
  • miniflare@4.20260609.0

0.16.13

Patch Changes

• Updated dependencies [c6c61b5, c6c61b5, a3eea27, 7a6b1a4, 7539a9b, 1fdd8de, 3b8b80a, 0bb2d55, 8400fb9, b502d54, 7949f81, d462013, c2280cd, 3b8b80a, ea12b58, acf7817]:
  • wrangler@4.98.0
  • miniflare@4.20260603.0

0.16.12

Patch Changes

• #14152 3d7992e Thanks @​petebacondarwin! - Fix module resolution failing when project path contains spaces

  When a project lived under a directory with spaces (e.g. /Users/me/Documents/Master CMS/project), the vitest pool would fail with No such module "threads.js" before any test executed. The module fallback service now uses the rawSpecifier from workerd's fallback request to correctly decode file:// URLs, avoiding the double-encoding of spaces (%20 → %2520) that occurred when workerd resolved these URLs as relative paths.

• #14105 337e912 Thanks @​dario-piotrowicz! - Remove trailing periods from URLs in terminal output

  URLs printed to the terminal with a sentence-ending period (e.g. https://example.com/path.) would include the period when clicked in some terminal emulators, causing 404 errors. This removes trailing periods from all URLs displayed in CLI output across wrangler, miniflare, vitest-pool-workers, and workers-utils.

• #14112 3a746ac Thanks @​penalosa! - Pin non-bundled runtime dependencies to exact versions

  Dependencies that are not bundled into a package's published output are installed directly into consumers' dependency trees, so they are now pinned to exact versions instead of semver ranges. This closes a supply-chain gap where an unpinned external dependency could resolve to a compromised upstream release on a fresh install. A new pnpm check:pinned-deps lint enforces this for all published packages (and for the shared pnpm catalog) going forward.

• #14061 da8e306 Thanks @​Vardiak! - Preserve Durable Object WebSocket handler invocation order

  Durable Object WebSocket events could begin executing out of order in the Workers Vitest integration when several events arrived while the test wrapper was resolving user code.

  Handler invocation now preserves arrival order while still allowing asynchronous handler completion to run concurrently.

• Updated dependencies [b210c5e, aec1bb8, e06cbb7, 9a26191, 5565823, 4ef790b, 890fca7, 6fc9777, 337e912, 8e7b74f, e86489a, 42288d4, 65b5f9e, 3a746ac, 64ef9fd, 94b29f7]:

  • wrangler@4.97.0
  • miniflare@4.20260601.0

... (truncated)

• 341bd13 Version Packages (#14237)
• 8a4bfe5 Version Packages (#14179)
• c8c366e Version Packages (#14159)
• 0b60424 Version Packages (#14142)
• 3d7992e [vitest-pool-workers] Fix module resolution for paths with spaces (#14152)
• da8e306 [vitest-pool-workers] Preserve Durable Object handler order (for hibernated D...
• 0998725 Set disallowTypeAnnotations to false in `@typescript-eslint/consistent-ty...
• 3a746ac [tools] Lint that all non-bundled deps of published packages are pinned (#14112)
• 337e912 Remove trailing periods from URLs in terminal output (#14105)
• 50ef724 Version Packages (#14082)
• Additional commits viewable in compare view

• See full diff in compare view

Sourced from wrangler's releases.

wrangler@4.100.0

Minor Changes

• #14119 2047a32 Thanks @​tahmid-23! - Serve local R2 bucket objects publicly via the dev server

  When running wrangler dev locally, objects in each local R2 binding are now reachable under /cdn-cgi/local/r2/public/<bucket-id>/<key> on the existing dev server, simulating a public bucket. The <bucket-id> is the bucket's bucket_name when set, otherwise its binding. Bindings configured with remote: true are not exposed.

• #14202 e8561c2 Thanks @​jamesopstad! - Add experimental --x-new-config flag for authoring config in TypeScript

  This is an experimental, opt-in feature. When enabled, wrangler dev, wrangler build, wrangler deploy, wrangler versions upload, and wrangler versions deploy load the Worker's configuration from a cloudflare.config.ts file instead of wrangler.json / wrangler.jsonc / wrangler.toml. Additionally, an optional wrangler.config.ts file can be provided for Wrangler-specific dev/build configuration.

  • cloudflare.config.ts (required) — Worker runtime configuration (bindings, triggers, observability, placement, limits, compatibility, routes, etc.). Authored via defineWorker from wrangler/experimental-config.
  • wrangler.config.ts (optional) — Tooling / bundling / dev-server configuration (noBundle, minify, alias, define, rules, tsconfig, build, dev, assetsDirectory, etc.). Authored via defineWranglerConfig from wrangler/experimental-config.

  Per-environment configuration is via ctx.mode branching inside the function form of either file.

  Example cloudflare.config.ts:

  import { defineWorker, bindings } from "wrangler/experimental-config";
  import * as entrypoint from "./src/index.ts" with { type: "cf-worker" };
  export default defineWorker((ctx) => ({
  name: "my-worker",
  entrypoint,
  compatibilityDate: "2026-05-18",
  env: {
  MY_KV: bindings.kv(),
  MY_TEXT: bindings.text(The mode is ${ctx.mode}),
  },
  }));

  Example wrangler.config.ts:

  import { defineWranglerConfig } from "wrangler/experimental-config";
  export default defineWranglerConfig({
  minify: true,
  assetsDirectory: "./public",
  });

  Because this is experimental, the flag, the config formats, and the wrangler/experimental-config exports may change in any release.

Patch Changes

• #14185 98c9afe Thanks @​penalosa! - Use the shared env-credential resolver from @cloudflare/workers-auth

... (truncated)

• 341bd13 Version Packages (#14237)
• e8561c2 Wrangler support for experimental new config (#14202)
• 4597f08 Bump the workerd-and-workers-types group with 2 updates (#14256)
• 2ae6099 move build earlier in deploy path (#14259)
• 25722ac Gate Network.enable on an attached DevTools client (#14243)
• 98c9afe [workers-auth] Make OAuth identity and token storage injectable for reuse by ...
• 10b5538 Improve authentication error messages with specific failure reasons (#14213)
• e305126 [wrangler] Add cf-wrangler delegate entrypoint; remove @​cloudflare/wrangler-b...
• 818c105 Improve R2 Sippy error messages (#14233)
• f3990b2 Bump the workerd-and-workers-types group with 2 updates (#14246)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions