chore(deps): update dependency wrangler to v3.114.17 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
wrangler (source)	3.114.2 → 3.114.17

GitHub Vulnerability Alerts

CVE-2026-0933

Summary

A command injection vulnerability (CWE-78) has been found to exist in the wrangler pages deploy command. The issue occurs because the --commit-hash parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of --commit-hash to execute arbitrary commands on the system running Wrangler.

Root cause

The commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution.

Impact

This vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where wrangler pages deploy is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to:

• Run any shell command.
• Exfiltrate environment variables.
• Compromise the CI runner to install backdoors or modify build artifacts.

Mitigation

• Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher.
• Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher.
• Users on Wrangler v2 (EOL) should upgrade to a supported major version.

Credits

Disclosed responsibly by kny4hacker.

Severity

• CVSS Score: 7.7 / 10 (High)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N

---

Release Notes

cloudflare/workers-sdk (wrangler)

v3.114.17

Compare Source

Patch Changes

• #​11891 6d5557b Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

  Pass user provided values from --commit-hash safely to underlying git command.

v3.114.16

Compare Source

Patch Changes

• #​11689 9bab0a0 Thanks @​ascorbic! - Display a warning when authentication errors occur and the account_id in your Wrangler configuration does not match any of your authenticated accounts. This helps identify configuration issues where you may have the wrong account ID set in your wrangler.toml or wrangler.jsonc file.

• #​10737 c41a078 Thanks @​workers-devprod! - Allow WRANGLER_SEND_ERROR_REPORTS env var to override whether to report Wrangler crashes to Sentry

• #​11134 bd39455 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

  Now the argument values that are captured come from an allow list,
  and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

• #​11020 9cb702e Thanks @​dario-piotrowicz! - Fix observability.logs.persist being flagged as an unexpected field during the wrangler config file validation

• #​11147 cf4993b Thanks @​FlorentCollin! - Improve the formatting of the D1 execute command to always show the duration in milliseconds with two decimal places.

• #​11650 cc29ead Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

  When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

• #​11179 7f779e9 Thanks @​ascorbic! - Log a more helpful error when attempting to "r2 object put" a non-existent file

• #​11501 c78d942 Thanks @​edmundhung! - fix: prevent reporting SQLite error from wrangler d1 execute to Sentry

• #​11262 b2683f7 Thanks @​workers-devprod! - Avoid using object lookup for OAuth Error classes

• #​11107 d8037d3 Thanks @​workers-devprod! - Fixed conflict between --env and --expires flags in wrangler r2 object put.

  --e now aliases --env only, and NOT --expires.

• #​10961 02d2ea9 Thanks @​devin-ai-integration! - Acquire Cloudflare Access tokens for additional requests made during a wrangler dev --remote session

• #​11108 892ec4f Thanks @​emily-shen! - Fixed self-bindings (service bindings to the same worker) showing as [not connected] in wrangler dev. Self-bindings now correctly show as [connected] since a worker is always available to itself.

• #​11138 3db872a Thanks @​devin-ai-integration! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

• #​10889 204616c Thanks @​workers-devprod! - Clarify that wrangler check startup generates a local CPU profile

• #​11491 ed8aaef Thanks @​edmundhung! - Explicitly close FileHandle in wrangler d1 execute to support Node 25

• #​10962 203e599 Thanks @​devin-ai-integration! - Fixed duplicate warning messages appearing during wrangler dev when configuration changes or state transitions occur

• #​11601 62754f8 Thanks @​petebacondarwin! - Fix "TypeError: Body is unusable: Body has already been read" when failing to exchange oauth code because of double response.text().

• #​11138 3db872a Thanks @​devin-ai-integration! - We're soon going to make backend changes that mean that wrangler dev --remote sessions will no longer have an associated inspector connection. In advance of these backend changes, we've enabled a new wrangler tail-based logging strategy for wrangler dev --remote. For now, you can revert to the previous logging strategy with wrangler dev --remote --no-x-tail-logs, but in future it will not be possible to revert.

  The impact of this will be that logs that were previously available via devtools will now be provided directly to the Wrangler console and it will no longer be possible to interact with the remote Worker via the devtools console.

• #​11194 71758e9 Thanks @​petebacondarwin! - add more logging around Wrangler authentication to help diagnose issues

• Updated dependencies [d006fae, 4ae9ead]:

  • miniflare@​3.20250718.3

v3.114.15

Compare Source

Patch Changes

• #​10758 c9d567e Thanks @​dario-piotrowicz! - fix console.debug logs not being logged at the info level (as users expect)

• #​10762 081647b Thanks @​petebacondarwin! - switch zone route warning to an info message

• #​10782 9e79d9d Thanks @​penalosa! - Improve formatting of logged errors in some cases

• #​10516 dfa81fd Thanks @​workers-devprod! - fix: script should be accepted as a positional arg in the versions upload command

• #​10760 cb7ace5 Thanks @​petebacondarwin! - Support the deletion of secrets with complex names

• #​9991 3d9b3a0 Thanks @​workers-devprod! - Fix startup profiling when sourcemaps are enabled

• Updated dependencies [a879fe0, 6de07fb, ab47329]:

  • miniflare@​3.20250718.2

v3.114.14

Compare Source

Patch Changes

• #​10330 dab7683 Thanks @​petebacondarwin! - Do not attempt to update queue producer settings when deploying a Worker with a queue binding

  Previously, each deployed Worker would update a subset of the queue producer's settings for each queue binding, which could result in broken queue producers or at least conflicts where different Workers tried to set different producer settings on a shared queue.

• #​10233 a00a124 Thanks @​veggiedefender! - Increase the maxBuffer size for capnp uploads

• #​10228 77a4364 Thanks @​dario-piotrowicz! - fix NonRetryableError thrown with an empty error message not stopping workflow retries locally

• Updated dependencies []:

  • miniflare@​3.20250718.1

v3.114.13

Compare Source

Patch Changes

• #​10015 b5d9bb0 Thanks @​dario-piotrowicz! - fix wrangler dev logs being logged on the incorrect level in some cases

  currently the way wrangler dev prints logs is faulty, for example the following code

  console.error("this is an error");
  console.warn("this is a warning");
  console.debug("this is a debug");

  inside a worker would cause the following logs:

  ✘ [ERROR] this is an error
  
  ✘ [ERROR] this is a warning
  
  this is a debug
  

  (note that the warning is printed as an error and the debug log is printed even if by default it should not)

  the changes here make sure that the logs are instead logged to their correct level, so for the code about the following will be logged instead:

  ✘ [ERROR] this is an error
  
  ▲ [WARNING] this is a warning
  

  (running wrangler dev with the --log-level=debug flag will also cause the debug log to be included as well)

• #​10187 f480ec7 Thanks @​workers-devprod! - Deleting when Pages project binds to worker requires confirmation

• #​10182 1f686ef Thanks @​devin-ai-integration! - fix: report startup errors before workerd profiling

• #​10226 989e17e Thanks @​petebacondarwin! - Enforce 64-character limit for Workflow binding names locally to match production validation

• #​10216 76d3002 Thanks @​devin-ai-integration! - Add macOS version validation to prevent EPIPE errors on unsupported macOS versions (below 13.5). Miniflare and C3 fail hard while Wrangler shows warnings but continues execution.

• #​10261 8c38b65 Thanks @​petebacondarwin! - fix: strip ANSI escape codes from log files to improve readability and parsing

• #​10171 0d73563 Thanks @​devin-ai-integration! - Handle UTF BOM in config files - detect and remove UTF-8 BOMs, error on unsupported BOMs (UTF-16, UTF-32)

• Updated dependencies [b5d9bb0, 76d3002]:

  • miniflare@​3.20250718.1

v3.114.12

Compare Source

Patch Changes

• #​10019 cce7f6f Thanks @​dario-piotrowicz! - chore: update workerd dependency to latest

• #​10050 ef003a2 Thanks @​emily-shen! - remove banner from r2 getobject in pipe mode

• #​10003 6940d39 Thanks @​emily-shen! - Include more (sanitised) user errors in telemetry.

  We manually vet and sanitised error messages before including them in our telemetry collection - this PR just includes a couple more.

• #​9973 58c09cf Thanks @​penalosa! - Make Wrangler warn more loudly if you're missing auth scopes

• Updated dependencies [cce7f6f, 028f689]:

  • miniflare@​3.20250718.0

v3.114.11

Compare Source

Patch Changes

• #​9685 cbea64b Thanks @​WillTaylorDev! - Select only successfully deployed deployments when tailing.

• #​9776 6e09672 Thanks @​vicb! - Cap the number of errors and warnings for bulk KV put to avoid consuming too much memory

• #​9694 dacfc35 Thanks @​dario-piotrowicz! - add support for assets bindings to getPlatformProxy

  this change makes sure that that getPlatformProxy, when the input configuration
  file contains an assets field, correctly returns the appropriate asset binding proxy

  example:

  // wrangler.jsonc
  {
  	"name": "my-worker",
  	"assets": {
  		"directory": "./public/",
  		"binding": "ASSETS",
  	},
  }

  import { getPlatformProxy } from "wrangler";
  
  const { env, dispose } = await getPlatformProxy();
  
  const text = await (await env.ASSETS.fetch("http://0.0.0.0/file.txt")).text();
  console.log(text); // logs the content of file.txt
  
  await dispose();

• #​9807 4dd026b Thanks @​penalosa! - Better messaging for account owned tokens in wrangler whoami

v3.114.10

Compare Source

Patch Changes

• #​9713 3ff9592 Thanks @​penalosa! - Support wrangler version upload for Python Workers

• #​9453 0e2949c Thanks @​emily-shen! - Point to the right location for docs on telemetry

• #​9594 0f2f75d Thanks @​vicb! - drop unused WRANGLER_UNENV_RESOLVE_PATHS env var

• #​9631 e101451 Thanks @​CarmenPopoviciu! - Remove "Cloudchamber" from user facing error messages

v3.114.9

Compare Source

Patch Changes

• #​9262 2c3d8dd Thanks @​workers-devprod! - fix: add no-op props to ctx in getPlatformProxy to fix type mismatch

• #​8681 7a57c14 Thanks @​workers-devprod! - fix(miniflare): strip CF-Connecting-IP header from all outbound requests

• #​9128 c535845 Thanks @​dario-piotrowicz! - fix: remove outdated js-doc comment for unstable_startDevWorker's entrypoint

• #​9259 b742171 Thanks @​workers-devprod! - Relax R2 bucket validation for pages dev commands

• #​9172 4e943b1 Thanks @​vicb! - validate r2 bucket names

• #​9250 b2b5ee8 Thanks @​workers-devprod! - fix: strip CF-Connecting-IP header within fetch

  In v4.15.0, Miniflare began stripping the CF-Connecting-IP header via a global outbound service, which led to a TCP connection regression due to a bug in Workerd. This PR patches the fetch API to strip the header during local wrangler dev sessions as a temporary workaround until the underlying issue is resolved.

• #​9267 8b4f24a Thanks @​workers-devprod! - fix: setting triggers.crons:[] in Wrangler config should delete deployed cron schedules

• #​9163 d67cd0d Thanks @​petebacondarwin! - Do not report "d1 execute" command file missing error to Sentry

• #​8957 9d4ff5b Thanks @​workers-devprod! - Make sure custom build logging output is more clearly signposted, and make sure it doesn't interfere with the interactive dev session output.

• #​9166 9b4c91d Thanks @​lambrospetrou! - Fix d1 info command showing read_replication: [object Object]

• Updated dependencies [7a57c14, b2b5ee8, 56a0d6e]:

  • miniflare@​3.20250408.2

v3.114.8

Compare Source

Patch Changes

• #​9086 a2a56c8 Thanks @​petebacondarwin! - Do not include .wrangler and Wrangler config files in additional modules

  Previously, if you added modules rules such as **/*.js or **/*.json, specified no_bundle: true, and the entry-point to the Worker was in the project root directory, Wrangler could include files that were not intended, such as .wrangler/tmp/xxx.js or the Wrangler config file itself. Now these files are automatically skipped when trying to find additional modules by searching the file tree.

• #​9037 d0d0025 Thanks @​CarmenPopoviciu! - fix: When generating Env types, set type of version metadata binding to WorkerVersionMetadata. This means it now correctly includes the timestamp field.

• #​9093 2f2f7ba Thanks @​CarmenPopoviciu! - fix: Validate input file for Vectorize inserts

• Updated dependencies [fc04292, a01adca]:

  • miniflare@​3.20250408.1

v3.114.7

Compare Source

Patch Changes

• #​8955 b7eba92 Thanks @​workers-devprod! - When Wrangler encounters an error, if the Bun runtime is detected it will now warn users that Wrangler does not officially support Bun.

• #​8928 8bcb257 Thanks @​dario-piotrowicz! - fix redirected config env validation breaking wrangler pages commands

  a validation check has recently been introduced to make wrangler error on
  deploy commands when an environment is specified and a redirected configuration
  is in use (the reason being that redirected configurations should not include
  any environment), this check is problematic with pages commands where the
  "production" environment is anyways set by default, to address this the validation
  check is being relaxed here on pages commands

v3.114.6

Compare Source

Patch Changes

• #​8783 7bcf352 Thanks @​petebacondarwin! - Improve error message when request to obtain membership info fails

  Wrangler now informs user that specific permission might be not granted when fails to obtain membership info. The same information is provided when Wrangler is unable to fetch user's email.

• #​8866 db673d6 Thanks @​edmundhung! - improve error message when redirected config contains environments

  this change improves that validation error message that users see
  when a redirected config file contains environments, by:

  • cleaning the message formatting and displaying the
    offending environments in a list
  • prompting the user to report the issue to the author
    of the tool which has generated the config

• #​8600 91cf028 Thanks @​workers-devprod! - add validation to redirected configs in regards to environments

  add the following validation behaviors to wrangler deploy commands, that relate
  to redirected configs (i.e. config files specified by .wrangler/deploy/config.json files):

  • redirected configs are supposed to be already flattened configurations without any
    environment (i.e. a build tool should generate redirected configs already targeting specific
    environments), so if wrangler encounters a redirected config with some environments defined
    it should error
  • given the point above, specifying an environment (--env=my-env) when using redirected
    configs is incorrect, so these environments should be ignored and a warning should be
    presented to the user

v3.114.5

Compare Source

Patch Changes

• Updated dependencies [dec7e2a, db2207a]:
  • miniflare@​3.20250408.0

v3.114.4

Compare Source

Patch Changes

• #​8758 04ba075 Thanks @​emily-shen! - fix: return actual error on wrangler secret bulk

• #​8703 ef89e6b Thanks @​CarmenPopoviciu! - Improve formatting of cache options for hyperdrive list command

• #​8751 e1ef298 Thanks @​emily-shen! - fix: include documentation_url in API Errors if provided

• #​8713 47bf369 Thanks @​CarmenPopoviciu! - fix: stop getPlatformProxy crashing when internal DOs are present

  Internal DOs still do not work with getPlatformProxy, but warn instead of crashing.

• #​8683 90d93c9 Thanks @​CarmenPopoviciu! - Remove NodeJSCompatModule. This was never fully supported, and never worked for deploying Workers from Wrangler.

• Updated dependencies [90d93c9]:

  • miniflare@​3.20250310.2

v3.114.3

Compare Source

Patch Changes

• #​8662 5e57717 Thanks @​workers-devprod! - Amend pages dev error message when an environment is requested

• #​8535 6f8e892 Thanks @​workers-devprod! - improve the error messaging when the user provides neither an entry point nor an asset directory

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • ""
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

built with Refined Cloudflare Pages Action

⚡ Cloudflare Pages Deployment

Name	Status	Preview	Last Commit
enclosed-docs	✅ Ready (View Log)	Visit Preview	e9b9198
enclosed	✅ Ready (View Log)	Visit Preview	e9b9198

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud