Skip to content

ci: bump wrangler from 4.75.0 to 4.76.0 in /.github in the minor-and-patch group#732

Merged
Aureliolo merged 2 commits intomainfrom
dependabot/npm_and_yarn/dot-github/minor-and-patch-645524ad4a
Mar 22, 2026
Merged

ci: bump wrangler from 4.75.0 to 4.76.0 in /.github in the minor-and-patch group#732
Aureliolo merged 2 commits intomainfrom
dependabot/npm_and_yarn/dot-github/minor-and-patch-645524ad4a

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 22, 2026

Bumps the minor-and-patch group in /.github with 1 update: wrangler.

Updates wrangler from 4.75.0 to 4.76.0

Release notes

Sourced from wrangler's releases.

wrangler@4.76.0

Minor Changes

  • #12893 782df44 Thanks @​gpanders! - Rewrite wrangler containers list to use the paginated Dash API endpoint

    wrangler containers list now fetches from the /dash/applications endpoint instead of /applications, displaying results in a paginated table with columns for ID, Name, State, Live Instances, and Last Modified. Container state is derived from health instance counters (active, degraded, provisioning, ready).

    The command supports --per-page (default 25) for interactive pagination with Enter to load more and q/Esc to quit, and --json for machine-readable output. Non-interactive environments load all results in a single request.

  • #12957 62545c9 Thanks @​natewong1313! - Add Stream binding support to Wrangler and workers-utils

    Wrangler and workers-utils now recognize the stream binding in configuration, deployment metadata, and generated worker types. This enables projects to declare Stream bindings in wrangler.json and have the binding represented consistently across validation, metadata mapping, and type generation.

  • #12848 ce48b77 Thanks @​emily-shen! - Enable local explorer by default

    This ungates the local explorer, a UI that lets you inspect the state of D1, DO and KV resources locally by visiting /cdn-cgi/explorer during local development.

    Note: this feature is still experimental, and can be disabled by setting the env var X_LOCAL_EXPLORER=false.

Patch Changes

  • #12938 71ab981 Thanks @​dario-piotrowicz! - Add backward-compatible autoconfig support for Astro v5 and v4 projects

    The astro add cloudflare command in older Astro versions installs the latest adapter version, which causes compatibility issues. This change adds manual configuration logic for projects using Astro versions before 6.0.0:

    • Astro 6.0.0+: Uses the native astro add cloudflare command (unchanged behavior)
    • Astro 5.x: Installs @astrojs/cloudflare@12 and manually configures the adapter
    • Astro 4.x: Installs @astrojs/cloudflare@11 and manually configures the adapter
    • Astro < 4.0.0: Returns an error prompting the user to upgrade

  • #11892 7c3c6c6 Thanks @​staticpayload! - Handle registry ports when matching container image digests

    Wrangler now strips tags without breaking registry ports when comparing local images to remote digests. This prevents unnecessary pushes for tags like localhost:5000/app:tag.

  • Updated dependencies [3c988e2, d028ffb, cb71403, 3a1c149, ce48b77, 8729f3d]:

    • miniflare@4.20260317.1
    • @​cloudflare/unenv-preset@​2.16.0
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
ci: bump wrangler in /.github in the minor-and-patch group
05b6951 
Bumps the minor-and-patch group in /.github with 1 update: [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler).


Updates `wrangler` from 4.75.0 to 4.76.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.76.0/packages/wrangler)

---
updated-dependencies:
- dependency-name: wrangler
  dependency-version: 4.76.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 22, 2026

Labels

The following labels could not be found: type:ci. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from Aureliolo as a code owner March 22, 2026 14:38
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 22, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@cloudflare/unenv-preset 2.16.0 UnknownUnknown
npm/@emnapi/runtime 1.9.1 🟢 3.8
Details
CheckScoreReason
Code-Review⚠️ 0Found 1/30 approved changesets -- score normalized to 0
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1017 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@speed-highlight/core 1.2.15 UnknownUnknown
npm/miniflare 4.20260317.1 UnknownUnknown
npm/wrangler 4.76.0 UnknownUnknown

Scanned Files

  • .github/package-lock.json

@socket-security
Copy link
Copy Markdown

socket-security bot commented Mar 22, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatednpm/​wrangler@​4.75.0 ⏵ 4.76.098 +110092 +196 +1100

View full report

Aureliolo
Aureliolo approved these changes Mar 22, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@Aureliolo Aureliolo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changelog reviewed (4.75.0 -> 4.76.0). All changes are for features we don't use (Containers, Stream bindings, local explorer, Astro adapter autoconfig). Our usage is strictly \ in pages-preview.yml -- unaffected. Ship it.

Aureliolo
Aureliolo approved these changes Mar 22, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@Aureliolo Aureliolo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changelog reviewed (4.75.0 -> 4.76.0). All changes are for features we do not use (Containers, Stream bindings, local explorer, Astro adapter autoconfig). Our usage is strictly wrangler pages deploy in pages-preview.yml -- unaffected. Ship it.

@Aureliolo Aureliolo merged commit a6cafc7 into main Mar 22, 2026
21 checks passed
@Aureliolo Aureliolo deleted the dependabot/npm_and_yarn/dot-github/minor-and-patch-645524ad4a branch March 22, 2026 14:56
@Aureliolo Aureliolo mentioned this pull request Mar 22, 2026
Merged
Aureliolo added a commit that referenced this pull request Mar 22, 2026
@Aureliolo
chore(main): release 0.4.7 (#711)
3045df8 
🤖 I have created a release *beep* *boop*
---


##
[0.4.7](v0.4.6...v0.4.7)
(2026-03-22)


### Features

* add system user for CLI-to-backend authentication
([#710](#710))
([dc6bd3f](dc6bd3f))
* dev channel builds with incremental pre-releases between stable
releases ([#715](#715))
([0e8a714](0e8a714))
* replace hardcoded name pools with Faker multi-locale name generation
([#714](#714))
([5edc6ec](5edc6ec))


### Bug Fixes

* dev-release tag creation, dependabot coverage, go -C cli convention
([#730](#730))
([7634843](7634843))
* improve name generation step UX and fix sentinel expansion bug
([#739](#739))
([f03fd05](f03fd05))
* settings page UX polish -- toggle bug, source badges, form
improvements ([#712](#712))
([d16a0ac](d16a0ac))
* switch dev tags to semver and use same release pipeline as stable
([#729](#729))
([4df6b9b](4df6b9b)),
closes [#713](#713)
* unify CLI image discovery and standardize Go tooling
([#738](#738))
([712a785](712a785))
* use PAT in dev-release workflow to trigger downstream pipelines
([#716](#716))
([d767aa3](d767aa3))


### CI/CD

* bump astral-sh/setup-uv from 7.4.0 to 7.6.0 in
/.github/actions/setup-python-uv in the minor-and-patch group
([#731](#731))
([7887257](7887257))
* bump the minor-and-patch group with 3 updates
([#735](#735))
([7cd253a](7cd253a))
* bump wrangler from 4.75.0 to 4.76.0 in /.github in the minor-and-patch
group ([#732](#732))
([a6cafc7](a6cafc7))
* clean up all dev releases and tags on stable release
([#737](#737))
([8d90f5c](8d90f5c))


### Maintenance

* bump the minor-and-patch group across 2 directories with 2 updates
([#733](#733))
([2b60069](2b60069))
* bump the minor-and-patch group with 3 updates
([#734](#734))
([859bc25](859bc25))
* fix dependabot labels and add scope tags
([#736](#736))
([677eb15](677eb15))
* remove redundant pytest.mark.timeout(30) markers
([#740](#740))
([9ec2163](9ec2163))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Aureliolo Aureliolo Aureliolo approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Aureliolo