Skip to content

fix(deps): update all non-major dependencies#87

Open
khepri-bot[bot] wants to merge 1 commit intomainfrom
renovate/all-non-major-dependencies
Open

fix(deps): update all non-major dependencies#87
khepri-bot[bot] wants to merge 1 commit intomainfrom
renovate/all-non-major-dependencies

Conversation

@khepri-bot
Copy link
Copy Markdown
Contributor

@khepri-bot khepri-bot Bot commented Apr 27, 2026
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence Type Update Pending
@cloudflare/vite-plugin (source) 1.30.11.32.2 age confidence devDependencies minor 1.33.2 (+3)
@cloudflare/vitest-pool-workers (source) 0.13.40.14.6 age confidence devDependencies minor 0.15.0 (+3)
@fast-check/vitest (source) ^0.4.00.4.0 age confidence devDependencies pin
@modelcontextprotocol/sdk (source) ^1.29.01.29.0 age confidence dependencies pin
@playwright/test (source) 1.58.21.59.1 age confidence devDependencies minor
@sentry/cloudflare (source) 10.46.010.48.0 age confidence dependencies minor 10.50.0 (+1)
@sentry/solid (source) 10.46.010.48.0 age confidence dependencies minor 10.50.0 (+1)
@types/ws (source) ^8.0.08.18.1 age confidence devDependencies pin
actions/setup-node (changelog) 53b839448b55a0 action digest
cloudflare/wrangler-action (changelog) da0e0df9acf94a action digest
happy-dom 20.8.920.9.0 age confidence devDependencies minor
node (source) >=22v25.9.0 age confidence engines pin
node 2424.15.0 age confidence uses-with pin
solid-js (source) 1.9.111.9.12 age confidence dependencies patch
tsup (source) ^8.0.08.5.1 age confidence devDependencies pin
tsx (source) ^4.0.04.21.0 age confidence devDependencies pin
vite (source) 8.0.58.0.8 age confidence devDependencies patch 8.0.10 (+1)
vite-plugin-solid 2.11.112.11.12 age confidence devDependencies patch
vitest (source) 4.1.14.1.4 age confidence devDependencies patch 4.1.5
vitest (source) ^4.0.04.1.0 age confidence devDependencies pin
wrangler (source) 4.77.04.82.2 age confidence devDependencies minor 4.85.0 (+3)
ws ^8.17.08.20.0 age confidence dependencies pin

⚠️ Renovate's pin functionality does not currently wire in the release age for a package, so the Minimum Release Age checks can apply. You will need to manually validate the Minimum Release Age for these package(s).

Release Notes

cloudflare/workers-sdk (@​cloudflare/vite-plugin)

v1.32.2

Compare Source

Patch Changes
  • Updated dependencies [9b2b6ba]:
    • wrangler@​4.82.2

v1.32.1

Compare Source

Patch Changes

v1.32.0

Compare Source

Minor Changes

  • #​13137 1313275 Thanks @​emily-shen! - Add e hotkey to open local explorer during dev

    Press e during vite dev to open the local explorer UI at /cdn-cgi/explorer, which allows you to inspect the state of your D1, R2, KV, DO and Workflow bindings.

Patch Changes

v1.31.2

Compare Source

Patch Changes

v1.31.1

Compare Source

Patch Changes

v1.31.0

Compare Source

Minor Changes

  • #​13011 b9b7e9d Thanks @​ruifigueira! - Add experimental headful browser rendering support for local development

    Experimental: This feature may be removed or changed without notice.

    When developing locally with the Browser Rendering API, you can enable headful (visible) mode via the X_BROWSER_HEADFUL environment variable to see the browser while debugging:

    X_BROWSER_HEADFUL=true wrangler dev
X_BROWSER_HEADFUL=true vite dev

    Note: when using @cloudflare/playwright, two Chrome windows may appear — the initial blank page and the one created by browser.newPage(). This is expected behavior due to how Playwright handles browser contexts via CDP.

  • #​13051 d5bffde Thanks @​dario-piotrowicz! - Update getLocalWorkerdCompatibilityDate to return today's date

    The re-exported getLocalWorkerdCompatibilityDate function from @cloudflare/vite-plugin previously resolved the workerd compatibility date by traversing the local miniflare installation, which was unreliable in some package manager setups. It now simply returns today's date. The function is also marked as deprecated — callers should just use today's date instead, for example like so: new Date().toISOString().slice(0, 10)

Patch Changes

  • #​13125 f76652c Thanks @​kayluhb! - Fix SyntaxError when SSR-transformed module ends with a single-line comment

    When module code ends with a // comment (e.g. //# sourceMappingURL=... preserved by vite-plus), the closing } of the async wrapper in runInlinedModule was absorbed into the comment, causing SyntaxError: Unexpected end of input. Adding a newline before the closing brace prevents this.

  • #​13188 110002c Thanks @​shulaoda! - Normalize the return value of getAssetsDirectory() with vite.normalizePath() to ensure assets.directory in the output wrangler.json always uses forward slashes

  • Updated dependencies [9c4035b, 5d29055, fb67a18, d5bffde, ab44870, 48d83ca, b2f53ea, b9b7e9d, 14e72eb, 4dc94fd, b2f53ea, d5bffde, 48d83ca]:

    • wrangler@​4.80.0
    • miniflare@​4.20260401.0

v1.30.3

Compare Source

Patch Changes

  • #​13111 f214760 Thanks @​dependabot! - Add missing connect key to WorkerEntrypoint and DurableObject key lists in the runner worker

    The connect method was added to the WorkerEntrypoint and DurableObject types in workerd 1.20260329.1 but was missing from the WORKER_ENTRYPOINT_KEYS and DURABLE_OBJECT_KEYS arrays used for RPC property access in the Vite plugin runner worker. This caused the compile-time exhaustiveness check to fail with the updated workers-types.

  • Updated dependencies [ffbc268, 9eff028, ed20a9b, f214760, 746858a, 9aad27f, 1fc5518, b539dc7, 9282493, a532eea, cd0e971, d4c6158, 2565b1d]:

    • wrangler@​4.79.0
    • miniflare@​4.20260329.0

v1.30.2

Compare Source

Patch Changes
cloudflare/workers-sdk (@​cloudflare/vitest-pool-workers)

v0.14.6

Compare Source

Patch Changes
  • Updated dependencies [9b2b6ba]:
    • wrangler@​4.82.2

v0.14.5

Compare Source

Patch Changes

v0.14.4

Compare Source

Patch Changes

v0.14.3

Compare Source

Patch Changes

v0.14.2

Compare Source

Patch Changes

  • #​13095 65e6684 Thanks @​penalosa! - Reject V8 coverage provider with a clear error message

    V8 native code coverage (@vitest/coverage-v8) requires node:inspector to collect profiling data from V8's runtime. workerd only provides node:inspector as a non-functional stub, so V8 coverage would silently fail or crash with a confusing No such module "node:inspector" error.

    The pool now detects this configuration early — during Vite plugin setup, before Vitest tries to load the coverage provider — and throws a clear error directing users to use Istanbul coverage instead, which works by instrumenting source code at build time and runs on any JavaScript runtime.

  • Updated dependencies [a3e3b57, 7d318e1, fa6d84f, 96ee5d4, 7d318e1, 7a60d4b, 78cbe37, 6fa5dfd]:

    • miniflare@​4.20260405.0
    • wrangler@​4.81.0

v0.14.1

Compare Source

Patch Changes

  • #​13131 65acf66 Thanks @​dario-piotrowicz! - Use miniflare's handleStructuredLogs option instead of handleRuntimeStdio for processing workerd output

    Previously, vitest-pool-workers manually processed raw stdout/stderr streams from the workerd runtime via handleRuntimeStdio, with its own filtering of known noisy messages (e.g. LLVM symbolizer warnings). This switches to miniflare's handleStructuredLogs option, which parses workerd's structured JSON log output and automatically filters known unhelpful messages. This aligns with how both wrangler and vite-plugin-cloudflare handle workerd logs.

  • Updated dependencies [9c4035b, 5d29055, fb67a18, d5bffde, ab44870, 48d83ca, b2f53ea, b9b7e9d, 14e72eb, 4dc94fd, b2f53ea, d5bffde, 48d83ca]:

    • wrangler@​4.80.0
    • miniflare@​4.20260401.0

v0.14.0

Compare Source

Minor Changes

  • #​12858 f05f2da Thanks @​repository! - Add disableRetryDelays() to WorkflowInstanceModifier to skip retry backoff delays in tests

    When testing Workflows with retry configurations, the backoff delays between retry attempts of a failing step.do() caused real wall-clock waiting (e.g., 35 seconds for 3 retries with 5-second exponential backoff), even when step results were fully mocked. The new disableRetryDelays() method eliminates these delays while preserving retry behavior — all attempts still execute, just without waiting between them.

Patch Changes

  • #​13091 6d58f0f Thanks @​penalosa! - Use today's date for the RTTI compat date query instead of a hardcoded "2023-12-01", so newly added Node.js builtin modules are recognized by the module fallback service.

  • #​13070 cdb9c88 Thanks @​penalosa! - Suppress CODE_MOVED for unknown code block log spam from workerd

    These are internal workerd diagnostic messages not relevant to application developers. Miniflare's structured log handler already filters them, but vitest-pool-workers uses a custom handleRuntimeStdio that bypasses that pipeline. This adds the pattern to the pool's own ignore list.

  • #​13069 6d0e329 Thanks @​penalosa! - fix: suppress outputGateBroken stderr noise when testing Workflows

  • #​13075 b8df076 Thanks @​penalosa! - Support @voidzero-dev/vite-plus-test as an alternative to vitest

    Users running tests via Vite+ (@voidzero-dev/vite-plus-test) with the recommended pnpm overrides no longer hit spurious version warnings or Disallowed operation called within global scope errors.

  • Updated dependencies [ffbc268, 9eff028, ed20a9b, f214760, 746858a, 9aad27f, 1fc5518, b539dc7, 9282493, a532eea, cd0e971, d4c6158, 2565b1d]:

    • wrangler@​4.79.0
    • miniflare@​4.20260329.0

v0.13.5

Compare Source

Patch Changes

  • #​13077 11c77b7 Thanks @​penalosa! - fix: runInDurableObject now correctly returns redirect responses (3xx) from Durable Object callbacks instead of throwing "Expected callback for X" errors

  • #​13056 8384743 Thanks @​penalosa! - fix: Support dynamic import() inside entrypoint and Durable Object handlers

    Previously, calling exports.default.fetch() or SELF.fetch() on a worker whose handler used a dynamic import() would hang and fail with "Cannot perform I/O on behalf of a different Durable Object". This happened because the module runner's transport — which communicates over a WebSocket owned by the runner Durable Object — was invoked from a different DO context.

    The fix patches the module runner's transport via the onModuleRunner hook so that all invoke() calls are routed through the runner DO's I/O context, regardless of where the import() originates.

  • #​13074 4618c05 Thanks @​penalosa! - fix: only apply module fallback extension probing for require(), not import

    The module fallback service previously tried adding .js, .mjs, .cjs, and .json suffixes to extensionless specifiers unconditionally. Per the Node.js spec, this extension-probing behaviour is specific to CommonJS require(). ESM import statements must include explicit file extensions.

    Extension-less TypeScript import specifiers continue to work correctly — they are resolved by Vite's resolver rather than the fallback's extension loop.

  • #​13073 baec845 Thanks @​penalosa! - Add adminSecretsStore() to cloudflare:test for seeding secrets in tests

    Secrets store bindings only expose a read-only .get() method, so there was previously no way to seed secret values from within a test. The new adminSecretsStore() helper returns Miniflare's admin API for a secrets store binding, giving tests full control over create, update, and delete operations.

    import { adminSecretsStore } from "cloudflare:test";
import { env } from "cloudflare:workers";

const admin = adminSecretsStore(env.MY_SECRET);
await admin.create("test-value");

const value = await env.MY_SECRET.get(); // "test-value"

  • #​13083 cfd513f Thanks @​penalosa! - Add a 30-second timeout to waitUntil promise draining to prevent hanging tests

    Previously, if a ctx.waitUntil() promise never resolved, the test suite would hang indefinitely after the test file finished. Now, any waitUntil promises that haven't settled within 30 seconds are abandoned with a warning, allowing the test suite to continue. This aligns with the production waitUntil limit.

  • Updated dependencies [eeaa473, 9fcdfca, bc24ec8, 1faff35, 0b4c21a, 535582d, 992f9a3, f4ea4ac, 91b7f73, f6cdab2, 53ed15a, ce65246, 7a5be20, 6b50bfa, 0386553, 9c5ebf5, 53ed15a, 53ed15a]:

    • wrangler@​4.78.0
    • miniflare@​4.20260317.3
microsoft/playwright (@​playwright/test)

v1.59.1

Compare Source

Bug Fixes
  • [Windows] Reverted hiding console window when spawning browser processes, which caused regressions including broken codegen, --ui and show commands (#​39990)

v1.59.0

Compare Source

🎬 Screencast

New page.screencast API provides a unified interface for capturing page content with:

  • Screencast recordings
  • Action annotations
  • Visual overlays
  • Real-time frame capture
  • Agentic video receipts
Demo

Screencast recording — record video with precise start/stop control, as an alternative to the recordVideo option:

await page.screencast.start({ path: 'video.webm' });
// ... perform actions ...
await page.screencast.stop();

Action annotations — enable built-in visual annotations that highlight interacted elements and display action titles during recording:

await page.screencast.showActions({ position: 'top-right' });

screencast.showActions() accepts position ('top-left', 'top', 'top-right', 'bottom-left', 'bottom', 'bottom-right'), duration (ms per annotation), and fontSize (px). Returns a disposable to stop showing actions.

Action annotations can also be enabled in test fixtures via the video option:

// playwright.config.ts
export default defineConfig({
  use: {
    video: {
      mode: 'on',
      show: {
        actions: { position: 'top-left' },
        test: { position: 'top-right' },
      },
    },
  },
});

Visual overlays — add chapter titles and custom HTML overlays on top of the page for richer narration:

await page.screencast.showChapter('Adding TODOs', {
  description: 'Type and press enter for each TODO',
  duration: 1000,
});

await page.screencast.showOverlay('<div style="color: red">Recording</div>');

Real-time frame capture — stream JPEG-encoded frames for custom processing like thumbnails, live previews, AI vision, and more:

await page.screencast.start({
  onFrame: ({ data }) => sendToVisionModel(data),
  size: { width: 800, height: 600 },
});

Agentic video receipts — coding agents can produce video evidence of their work. After completing a task, an agent can record a walkthrough video with rich annotations for human review:

await page.screencast.start({ path: 'receipt.webm' });
await page.screencast.showActions({ position: 'top-right' });

await page.screencast.showChapter('Verifying checkout flow', {
  description: 'Added coupon code support per ticket #&#8203;1234',
});

// Agent performs the verification steps...
await page.locator('#coupon').fill('SAVE20');
await page.locator('#apply-coupon').click();
await expect(page.locator('.discount')).toContainText('20%');

await page.screencast.showChapter('Done', {
  description: 'Coupon applied, discount reflected in total',
});

await page.screencast.stop();

The resulting video serves as a receipt: chapter titles provide context, action annotations highlight each interaction, and the visual walkthrough is faster to review than text logs.

🔗 Interoperability

New browser.bind() API makes a launched browser available for playwright-cli, @playwright/mcp, and other clients to connect to.

Bind a browser — start a browser and bind it so others can connect:

const { endpoint } = await browser.bind('my-session', {
  workspaceDir: '/my/project',
});

Connect from playwright-cli — connect to the running browser from your favorite coding agent.

playwright-cli attach my-session
playwright-cli -s my-session snapshot

Connect from @​playwright/mcp — or point your MCP server to the running browser.

@&#8203;playwright/mcp --endpoint=my-session

Connect from a Playwright client — use API to connect to the browser. Multiple clients at a time are supported!

const browser = await chromium.connect(endpoint);

Pass host and port options to bind over WebSocket instead of a named pipe:

const { endpoint } = await browser.bind('my-session', {
  host: 'localhost',
  port: 0,
});
// endpoint is a ws:// URL

Call browser.unbind() to stop accepting new connections.

📊 Observability

Run playwright-cli show to open the Dashboard that lists all the bound browsers, their statuses, and allows interacting with them:

  • See what your agent is doing on the background browsers
  • Click into the sessions for manual interventions
  • Open DevTools to inspect pages from the background browsers.
Demo - `playwright-cli` binds all of its browsers automatically, so you can see what your agents are doing. - Pass `PLAYWRIGHT_DASHBOARD=1` env variable to see all `@playwright/test` browsers in the dashboard.

🐛 CLI debugger for agents

Coding agents can now run npx playwright test --debug=cli to attach and debug tests over playwright-cli — perfect for automatically fixing tests in agentic workflows:

$ npx playwright test --debug=cli

### Debugging Instructions
- Run "playwright-cli attach tw-87b59e" to attach to this test

$ playwright-cli attach tw-87b59e

### Session `tw-87b59e` created, attached to `tw-87b59e`.
Run commands with: playwright-cli --session=tw-87b59e <command>

### Paused
- Navigate to "/" at output/tests/example.spec.ts:4

$ playwright-cli --session tw-87b59e step-over

### Page
- Page URL: https://playwright.dev/
- Page Title: Fast and reliable end-to-end testing for modern web apps | Playwright

### Paused
- Expect "toHaveTitle" at output/tests/example.spec.ts:7

📋 CLI trace analysis for agents

Coding agents can run npx playwright trace to explore Playwright Trace and understand failing or flaky tests from the command line:

$ npx playwright trace open test-results/example-has-title-chromium/trace.zip
  Title:        example.spec.ts:3 › has title

$ npx playwright trace actions --grep="expect"
     # Time       Action                                                  Duration
  ──── ─────────  ─────────────────────────────────────────────────────── ────────
    9. 0:00.859  Expect "toHaveTitle"                                        5.1s  ✗

$ npx playwright trace action 9
  Expect "toHaveTitle"
  Error: expect(page).toHaveTitle(expected) failed
    Expected pattern: /Wrong Title/
    Received string:  "Fast and reliable end-to-end testing for modern web apps | Playwright"
    Timeout: 5000ms
  Snapshots
    available: before, after
    usage:     npx playwright trace snapshot 9 --name <before|after>

$ npx playwright trace snapshot 9 --name after

### Page
- Page Title: Fast and reliable end-to-end testing for modern web apps | Playwright

$ npx playwright trace close

♻️ await using

Many APIs now return async disposables, enabling the await using syntax for automatic cleanup:

await using page = await context.newPage();
{
  await using route = await page.route('**/*', route => route.continue());
  await using script = await page.addInitScript('console.log("init script here")');
  await page.goto('https://playwright.dev');
  // do something
}
// route and init script have been removed at this point

🔍 Snapshots and Locators

New APIs

Screencast
Storage, Console and Errors
Miscellaneous

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 08:59 AM, only on Monday ( * 0-8 * * 1 ) in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@khepri-bot khepri-bot Bot added the renovate label Apr 27, 2026
@khepri-bot khepri-bot Bot requested a review from wgordon17 as a code owner April 27, 2026 05:56
@khepri-bot khepri-bot Bot added the renovate label Apr 27, 2026
@khepri-bot khepri-bot Bot force-pushed the renovate/all-non-major-dependencies branch 3 times, most recently from 5059b11 to 16966f5 Compare April 27, 2026 19:19
@khepri-bot khepri-bot Bot force-pushed the renovate/all-non-major-dependencies branch from 16966f5 to f134968 Compare April 28, 2026 02:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wgordon17 wgordon17 Awaiting requested review from wgordon17 wgordon17 is a code owner

Assignees

No one assigned

Labels

renovate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants