Skip to content

Bump undici and wrangler#140

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-f321e87257
Open

Bump undici and wrangler#140
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-f321e87257

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 7, 2026

Bumps undici to 7.24.8 and updates ancestor dependency wrangler. These dependencies need to be updated together.

Updates undici from 7.14.0 to 7.24.8

Release notes

Sourced from undici's releases.

v7.24.8

What's Changed

Full Changelog: nodejs/undici@v7.24.7...v7.24.8

v7.24.7

What's Changed

New Contributors

Full Changelog: nodejs/undici@v7.24.6...v7.24.7

v7.24.6

What's Changed

New Contributors

Full Changelog: nodejs/undici@v7.24.5...v7.24.6

v7.24.5

What's Changed

... (truncated)

Commits
  • 7a6f7fe Bumped v7.24.8 (#5020)
  • 1f85ae4 fix: avoid 401 failures for stream-backed request bodies (#4941) (#5006)
  • c661067 chore: update v7.x maintenance release flow
  • 84f23e2 Bumped v7.24.7 (#4947)
  • a770b10 ignore AGENTS.md (#4942)
  • 6acd19b fix: correctly handle multi-value rawHeaders in fetch (#4938)
  • 1da1c74 test: skip IPv6 tests when IPv6 is not available (#4939)
  • 04cb773 fix(types): Fix clone method type declaration to be an instance method rather...
  • 5145a7c fix(types): align Response with DOM fetch types (#4867)
  • ec23620 test: skip flaky macOS Node 20 cookie fetch cases
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for undici since your current version.


Updates wrangler from 4.59.2 to 4.89.1

Release notes

Sourced from wrangler's releases.

wrangler@4.89.1

Patch Changes

  • #13824 dd3baf3 Thanks @​emily-shen! - Fix container deployment being skipped for Workers for Platforms user workers

    Previously, deploying a worker with --dispatch-namespace would early-exit before calling deployContainers(), meaning container-app registration that links the image to the Durable Object namespace was never executed for WfP user workers. Container deployment now runs before the WfP early exit.

  • Updated dependencies [5cf6f81]:

    • miniflare@4.20260507.1

wrangler@4.89.0

Minor Changes

  • #13055 f3fed88 Thanks @​GregBrimble! - Introducing the cache configuration option for Workers.

    You can now set { cache: { enabled: true } } in your Wrangler configuration file to enable a HTTP cache in front of your Worker's fetch handler. This is also supported in [previews] configuration — previews.cache overrides the top-level cache setting for preview deployments, and falls back to the top-level value when absent. More information can be found in our documentation.

  • #13776 1a54ac5 Thanks @​petebacondarwin! - wrangler dev and other Miniflare-backed commands now run the local workerd runtime with TZ=UTC to match production

    Previously, wrangler dev (and other commands that spin up Miniflare, such as wrangler kv, wrangler d1, wrangler r2, wrangler check) inherited the host machine's timezone, so Date and Intl APIs inside a Worker observed the developer's local timezone during local development but UTC in production. This caused subtle, hard-to-debug differences between local and deployed behaviour.

    Local development now matches production. Code that previously relied on the host timezone during wrangler dev will need to either accept UTC (the production behaviour) or explicitly construct dates/formatters with the desired timezone.

Patch Changes

  • #13829 2284f20 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260504.1 1.20260506.1

  • #13841 332f527 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260506.1 1.20260507.1

  • #13777 18e833d Thanks @​matingathani! - fix: throw a clear error when _routes.json contains invalid JSON instead of silently skipping it

  • #13751 b6cea17 Thanks @​matingathani! - fix: ensure wrangler types --check --env-file does not falsely report stale types when .dev.vars exists

  • #13775 53e846a Thanks @​maxwellpeterson! - Fix wrangler preview not propagating the assets binding to preview deployments

    Previously, wrangler preview would upload the asset manifest correctly but the resulting preview deployment had no ASSETS binding (or whatever name was configured under assets.binding). Workers reading from the binding would see undefined and fail at runtime.

    The fix emits the assets binding into the deployment's env map alongside other bindings, mirroring wrangler deploy.

... (truncated)

Commits
  • e0c97ad Version Packages (#13851)
  • dd3baf3 [wrangler] Fix container deployment being skipped for WfP user workers (#13824)
  • 553aaa2 Version Packages (#13826)
  • cf09891 Revert "Support stream (but keep pipeline backwards compatible) binding for P...
  • 18e833d [wrangler] fix: throw clear error when _routes.json contains invalid JSON (#1...
  • b6cea17 [wrangler] fix: ensure types --check --env-file does not falsely report stale...
  • 332f527 chore(deps): bump the workerd-and-workers-types group with 2 updates (#13841)
  • af42fed Show containers ssh in help output (#13832)
  • 2284f20 Bump the workerd-and-workers-types group with 2 updates (#13829)
  • beff19c [wrangler] Only show accounts available for the current login auth (#13770)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump undici and wrangler
44991c2 
Bumps [undici](https://github.com/nodejs/undici) to 7.24.8 and updates ancestor dependency [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler). These dependencies need to be updated together.


Updates `undici` from 7.14.0 to 7.24.8
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v7.14.0...v7.24.8)

Updates `wrangler` from 4.59.2 to 4.89.1
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.89.1/packages/wrangler)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 7.24.8
  dependency-type: indirect
- dependency-name: wrangler
  dependency-version: 4.89.1
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants