ci: bump wrangler from 4.79.0 to 4.80.0 in /.github in the all group

[dependabot]

Bumps the all group in /.github with 1 update: wrangler.

Updates wrangler from 4.79.0 to 4.80.0

Release notes

Sourced from wrangler's releases.

wrangler@4.80.0

Minor Changes

• #13151 9c4035b Thanks @​G4brym! - Add type generation for AI Search bindings

  Running wrangler types now generates AiSearchNamespace and AiSearchInstance types for ai_search_namespaces and ai_search config bindings respectively. Both simple and per-environment modes are supported.

  // wrangler.json
  {
    "ai_search_namespaces": [
      { "binding": "AI_SEARCH", "namespace": "production" }
    ],
    "ai_search": [
      { "binding": "BLOG_SEARCH", "instance_name": "cloudflare-blog" }
    ]
  }

  // Generated by `wrangler types`
  interface Env {
    AI_SEARCH: AiSearchNamespace;
    BLOG_SEARCH: AiSearchInstance;
  }

• #13011 b9b7e9d Thanks @​ruifigueira! - Add experimental headful browser rendering support for local development

  Experimental: This feature may be removed or changed without notice.

  When developing locally with the Browser Rendering API, you can enable headful (visible) mode via the X_BROWSER_HEADFUL environment variable to see the browser while debugging:

  X_BROWSER_HEADFUL=true wrangler dev
  X_BROWSER_HEADFUL=true vite dev

  Note: when using @cloudflare/playwright, two Chrome windows may appear — the initial blank page and the one created by browser.newPage(). This is expected behavior due to how Playwright handles browser contexts via CDP.

• #12992 48d83ca Thanks @​RiscadoA! - Add vpc_networks binding support for routing Worker traffic through a Cloudflare Tunnel or network.

  {
    "vpc_networks": [
      // Route through a specific Cloudflare Tunnel
      { "binding": "MY_FIRST_VPC", "tunnel_id": "<tunnel-id>" },
      // Route through the Cloudflare One mesh network
      { "binding": "MY_SECOND_VPC", "network_id": "cf1:network" }
    ]

... (truncated)

Commits

• 0de6989 Version Packages (#13141)
• d5bffde Use today as the compat date instead of relying on the actual workerd compat ...
• 48d83ca [wrangler] Add vpc_networks binding support (#12992)
• fb67a18 Bump the workerd-and-workers-types group with 2 updates (#13162)
• 9c4035b [wrangler] Add type generation for AI Search bindings (#13151)
• 4dc94fd Polish Cloudflare Vite plugin installation during autoconfig (#13150)
• 14e72eb [wrangler] Fix D1 migration file ordering (#10126)
• db60b94 Add gitignore-like helpers to cli package and remove old duplicated logic fro...
• 5d29055 Bump the workerd-and-workers-types group with 2 updates (#13155)
• 260d0ad Remove all removable eslint disabling comments for no-restricted-imports in...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​wrangler@​4.80.0

View full report

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 75d3493.

Ensure that dependencies are being submitted on PR branches. Re-running this action after a short time may resolve the issue. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@cloudflare/workerd-darwin-64	1.20260401.1	Unknown	Unknown
npm/@cloudflare/workerd-darwin-arm64	1.20260401.1	Unknown	Unknown
npm/@cloudflare/workerd-linux-64	1.20260401.1	Unknown	Unknown
npm/@cloudflare/workerd-linux-arm64	1.20260401.1	Unknown	Unknown
npm/@cloudflare/workerd-windows-64	1.20260401.1	Unknown	Unknown
npm/@emnapi/runtime	1.9.2	🟢 3.8	Details Check Score Reason Code-Review ⚠️ 0 Found 1/30 approved changesets -- score normalized to 0 Maintained 🟢 10 16 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/miniflare	4.20260401.0	Unknown	Unknown
npm/workerd	1.20260401.1	Unknown	Unknown
npm/wrangler	4.80.0	Unknown	Unknown

Scanned Files

• .github/package-lock.json