Skip to content

chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.18.0#185

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/cloudflare-vitest-pool-workers-0.x
Open

chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.18.0#185
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/cloudflare-vitest-pool-workers-0.x

Conversation

@renovate

@renovate renovate Bot commented Mar 27, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
@cloudflare/vitest-pool-workers (source) ^0.10.3^0.18.0 age confidence

Release Notes

cloudflare/workers-sdk (@​cloudflare/vitest-pool-workers)

v0.18.0

Compare Source

Minor Changes
  • #​14382 fd92d56 Thanks @​petebacondarwin! - Add support for declarative Durable Object exports

    wrangler deploy now accepts an exports map in wrangler.json as a declarative alternative to the legacy migrations array.

    Each entry in exports is keyed by Durable Object class name. type carries the export kind (currently always "durable-object"); the state field carries the lifecycle and defaults to "created" (live) when omitted:

    {
      "exports": {
        // Provision a new Durable Object class (`MyDO`)
        "MyDO": { "type": "durable-object", "storage": "sqlite" },
        // Delete Durable Object class (`OldGone`)
        "OldGone": { "type": "durable-object", "state": "deleted" },
        // Rename a Durable Object class (from `OldName` to `NewName`)
        "OldName": {
          "type": "durable-object",
          "state": "renamed",
          "renamed_to": "NewName"
        },
        "NewName": { "type": "durable-object", "storage": "sqlite" },
        // Transfer a Durable Object (`Outgoing`) to a new Worker (`target-worker`)
        "Outgoing": {
          "type": "durable-object",
          "state": "transferred",
          "transferred_to": "target-worker"
        },
        // Prepare to receive the transfer of a Durable Object (`Incoming`) from another Worker (`source-worker`)
        "Incoming": {
          "type": "durable-object",
          "state": "expecting-transfer",
          "storage": "sqlite",
          "transfer_from": "source-worker"
        }
      }
    }

    When a Worker declares Durable Object class bindings but no lifecycle for them (neither a migrations array nor an exports map), wrangler warns and now suggests a declarative exports entry for each class (previously it suggested a legacy migrations block).

    The deployment response now surfaces the server's reconciliation result — created namespaces, applied tombstones, structured per-scenario info entries, and a removable_entries hint for stale tombstones that are safe to delete from the config. Blocking errors return the structured per-class detail with scenario tags, suggested remediation, and any referencing-script context.

    wrangler versions upload also forwards exports. Declarative exports lifecycle changes are reconciled when the version is deployed (wrangler versions deploy or wrangler deploy), so a versions upload payload can declare new classes in exports without immediately provisioning them. An actor binding (durable_objects.bindings) to a class declared only in exports on the same versions upload is rejected with a clear error (code 100406) — the binding cannot be resolved until the namespace is provisioned. Either stage the new class via ctx.exports.X (no binding required) on versions upload and add the binding at deploy time, or use wrangler deploy to provision and bind in one step (the same constraint applies to the migrations flow).

    Multi-version deploys (wrangler versions deploy A@50% B@50%) where the selected versions disagree on declarative exports are rejected server-side with a clear message: deploy the version that changes exports at 100% first, then run the percentage-split deploy. This prevents traffic on one branch routing to code that references unprovisioned or just-deleted DO namespaces. Single-version (100%) deploys are unaffected.

    Local development (wrangler dev, vite dev and unstable_startWorker) reads Durable Object SQLite storage settings from the new exports field, so applications using the declarative flow get correct local-dev storage without needing to also declare a migrations block.

    @cloudflare/vitest-pool-workers also picks up Durable Object configuration from exports, so tests against an exports-only Worker run with the correct local SQLite storage and can reach unbound Durable Object classes via ctx.exports.X.

    wrangler types is also aware of exports. Live entries (including expecting-transfer, the receiving side of a two-phase transfer) are added to Cloudflare.GlobalProps.durableNamespaces, which types ctx.exports.X for unbound Durable Objects declared only via exports.

Patch Changes

v0.17.0

Compare Source

Minor Changes
  • #​14490 75d8cb0 Thanks @​petebacondarwin! - Make Workflow introspector get() async

    The introspectWorkflow(...).get() method now returns a promise, so callers must await it:

    const introspector = await introspectWorkflow(env.MY_WORKFLOW);
    
    // Before
    const instances = introspector.get();
    
    // After
    const instances = await introspector.get();

    This aligns Workflow introspection with the shared implementation used by createTestHarness().

Patch Changes
  • #​14490 75d8cb0 Thanks @​petebacondarwin! - Support require("./x.wasm?module") in CommonJS dependencies

    Previously, only literal await import("./x.wasm?module") specifiers were rewritten through the static analysis path added in #​11094. CommonJS dependencies that use require("./x.wasm?module") reach the module-fallback service at runtime, where the ?module suffix went unhandled. The fallback either failed with No such module "<abs>/x.wasm?module" or, when a CompiledWasm rule was configured, attempted to evaluate the WebAssembly bytes as JavaScript.

    However, these require()s work in deployed workers because esbuild's bundler statically rewrites these require() calls into ES dynamic imports. vitest-pool-workers' Vite-based pipeline doesn't do that rewrite and instead defers to the module-fallback at runtime.

    The module-fallback now strips ?module from the resolved target and synthesizes a CommonJS wrapper that re-requires the underlying .wasm by absolute path, exposing it on default to match what workerd produces for CompiledWasm modules.

  • Updated dependencies [75d8cb0, 75d8cb0, 75d8cb0, 75d8cb0, 75d8cb0, f10d4ad, 75d8cb0, 75d8cb0, 75d8cb0, 75d8cb0, d292046, 75d8cb0, 75d8cb0, 75d8cb0, 75d8cb0, 75d8cb0, 75d8cb0, e0cc2cb, 75d8cb0, 75d8cb0, 75d8cb0]:

    • wrangler@​4.106.0
    • miniflare@​4.20260630.0

v0.16.20

Compare Source

Patch Changes
  • #​14398 c5014cc Thanks @​apeacock1991! - Add evictDurableObject and evictAllDurableObjects test helpers to cloudflare:test

    These helpers let you exercise how a Durable Object behaves across evictions in your tests. Eviction is graceful: durable storage is preserved, in-memory state is reset by tearing down the instance, hibernatable WebSockets are hibernated rather than closed, and eviction waits for in-flight requests to drain.

    import { evictDurableObject, evictAllDurableObjects } from "cloudflare:test";
    import { env } from "cloudflare:workers";
    
    const id = env.COUNTER.idFromName("my-counter");
    const stub = env.COUNTER.get(id);
    
    // Evict the Durable Object instance pointed to by a specific stub
    await evictDurableObject(stub);
    await evictDurableObject(stub, { webSockets: "close" });
    
    // Evict all currently-running Durable Objects in evictable namespaces
    await evictAllDurableObjects();
  • #​14394 8a5cf8c Thanks @​Partha-Shankar! - fix(d1): escape migrationsTableName and filenames in SQLite queries

    D1 migration commands in both wrangler and @cloudflare/vitest-pool-workers interpolated the migrationsTableName config value and migration filenames directly into SQL strings without any escaping. This meant:

    • A table name such as my"table would produce invalid SQL in CREATE TABLE, SELECT, and INSERT statements, and
    • A migration filename containing an apostrophe (e.g. what's-new.sql) would break the INSERT INTO ... VALUES ('...') statement appended after each migration in wrangler.

    Both identifiers are now properly escaped before interpolation: migrationsTableName is wrapped in double-quotes with internal double-quotes doubled (SQL-standard identifier quoting), and migration filenames used as string literals have their single-quotes doubled before insertion.

  • Updated dependencies [5f40dd5, 34e0cef, 3b743c1, daa5389, 8a5cf8c]:

    • wrangler@​4.105.0
    • miniflare@​4.20260625.0

v0.16.19

Compare Source

Patch Changes

v0.16.18

Compare Source

Patch Changes

v0.16.17

Compare Source

Patch Changes

v0.16.16

Compare Source

Patch Changes

v0.16.15

Compare Source

Patch Changes

v0.16.14

Compare Source

Patch Changes

v0.16.13

Compare Source

Patch Changes

v0.16.12

Compare Source

Patch Changes
  • #​14152 3d7992e Thanks @​petebacondarwin! - Fix module resolution failing when project path contains spaces

    When a project lived under a directory with spaces (e.g. /Users/me/Documents/Master CMS/project), the vitest pool would fail with No such module "threads.js" before any test executed. The module fallback service now uses the rawSpecifier from workerd's fallback request to correctly decode file:// URLs, avoiding the double-encoding of spaces (%20%2520) that occurred when workerd resolved these URLs as relative paths.

  • #​14105 337e912 Thanks @​dario-piotrowicz! - Remove trailing periods from URLs in terminal output

    URLs printed to the terminal with a sentence-ending period (e.g. https://example.com/path.) would include the period when clicked in some terminal emulators, causing 404 errors. This removes trailing periods from all URLs displayed in CLI output across wrangler, miniflare, vitest-pool-workers, and workers-utils.

  • #​14112 3a746ac Thanks @​penalosa! - Pin non-bundled runtime dependencies to exact versions

    Dependencies that are not bundled into a package's published output are installed directly into consumers' dependency trees, so they are now pinned to exact versions instead of semver ranges. This closes a supply-chain gap where an unpinned external dependency could resolve to a compromised upstream release on a fresh install. A new pnpm check:pinned-deps lint enforces this for all published packages (and for the shared pnpm catalog) going forward.

  • #​14061 da8e306 Thanks @​Vardiak! - Preserve Durable Object WebSocket handler invocation order

    Durable Object WebSocket events could begin executing out of order in the Workers Vitest integration when several events arrived while the test wrapper was resolving user code.

    Handler invocation now preserves arrival order while still allowing asynchronous handler completion to run concurrently.

  • Updated dependencies [b210c5e, aec1bb8, e06cbb7, 9a26191, 5565823, 4ef790b, 890fca7, 6fc9777, 337e912, 8e7b74f, e86489a, 42288d4, 65b5f9e, 3a746ac, 64ef9fd, 94b29f7]:

    • wrangler@​4.97.0
    • miniflare@​4.20260601.0

v0.16.11

Compare Source

Patch Changes

v0.16.10

Compare Source

Patch Changes

v0.16.9

Compare Source

Patch Changes
  • #​13933 90092c0 Thanks @​petebacondarwin! - Derive bundler externals from package.json and shrink the published bundle

    The bundler's external list was previously hand-maintained and out of sync with package.jsonundici and semver were both listed as external despite being only devDependencies. The published dist/pool/index.mjs consequently contained a top-level import { fetch } from "undici" that was only resolvable because pnpm happened to hoist undici from other packages' devDependencies during local development.

    The bundler now derives its external list from dependencies + peerDependencies in package.json, making it impossible for a devDependency to silently end up externalized.

    Combined with the new "sideEffects": false declaration in @cloudflare/workers-utils, the unused cloudflared / tunnel exports (and their transitive undici import) are now tree-shaken out of the pool entirely. dist/pool/index.mjs no longer references undici at all, and shrinks from ~489 KB to ~125 KB.

  • Updated dependencies [52e9082, 0733688, fc1f7b9, 30657e1, 8c569c6, f598eac, 3a1fbed]:

    • wrangler@​4.94.0
    • miniflare@​4.20260521.0

v0.16.8

Compare Source

Patch Changes
  • #​13919 c7eab7f Thanks @​petebacondarwin! - Fix the outbound CF-Worker header reflecting the route pattern hostname instead of the parent zone, and falling back to <worker-name>.example.com under vite dev, vitest-pool-workers, and getPlatformProxy

    Two related issues affected the CF-Worker header on outbound subrequests in local development:

    1. Under @cloudflare/vite-plugin, @cloudflare/vitest-pool-workers, and getPlatformProxy, the header fell back to <worker-name>.example.com even when routes were configured, because unstable_getMiniflareWorkerOptions and the equivalent getPlatformProxy worker-options path did not propagate a zone value to Miniflare. This broke local development against services that reject unknown CF-Worker hosts (for example, Apple WeatherKit returns 403 Forbidden).
    2. Across the above paths and wrangler dev --local, when a route used the zone_name field (for example { pattern: "foo.example.com/*", zone_name: "example.com" }), the header was set to the pattern's hostname (foo.example.com) rather than the zone name (example.com). Production sets CF-Worker to the zone name that owns the Worker, so this was inconsistent with deployed behaviour.

    Both bugs are fixed: the new unstable_getMiniflareWorkerOptions / getPlatformProxy path now propagates a zone derived from the first configured route, and all four local-dev paths now prefer a route's explicit zone_name over the pattern hostname when computing that zone. When zone_name isn't set, the existing best-effort behaviour is preserved — for wrangler dev this means dev.host is still honoured as a local override and the pattern hostname is used as a final fallback. Resolving the parent zone for zone_id-only, custom_domain, or plain-string routes would require an API lookup, so locally we still approximate it with the pattern hostname.

    Note: dev.host is intentionally not consulted by the unstable_getMiniflareWorkerOptions / getPlatformProxy paths — the dev config block is specific to wrangler dev.

  • Updated dependencies [fa1f61f, 2679e05, 7e40d98, adc9221, 735852d, d803737, c7eab7f, e04e180, 59cd880, 62abf97, e8c2031, e349fe0, da0fa8c, a5c9365]:

    • miniflare@​4.20260520.0
    • wrangler@​4.93.1

v0.16.7

Compare Source

Patch Changes

v0.16.6

Compare Source

Patch Changes
  • #​13833 0e4a830 Thanks @​thegeekasteroid! - Filter benign disconnected: WebSocket peer disconnected workerd stderr noise during test runs.

    The ignoreMessages array in the pool already filters several benign workerd disconnect messages (e.g. disconnected: WebSocket was aborted). On recent workerd versions, tests that exercise the WebSocket API also surface disconnected: WebSocket peer disconnected warnings during normal teardown. These are not user-actionable and obscure real test failures. Add the message to the existing filter alongside the other disconnected: entries.

  • Updated dependencies [19ed49a, 3ff0a50, bf688f7, 2e72c83, 802eaf4, 506aa02, 8f5cdb1, be8a98c]:

    • miniflare@​4.20260515.0
    • wrangler@​4.92.0

v0.16.5

Compare Source

Patch Changes

v0.16.4

Compare Source

Patch Changes

v0.16.3

Compare Source

Patch Changes

v0.16.2

Compare Source

Patch Changes

v0.16.1

Compare Source

Patch Changes

v0.16.0

Compare Source

Minor Changes
  • #​13810 2b8c0cc Thanks @​jamesopstad! - Stabilize the secrets configuration property

    The secrets property in the Wrangler config file is no longer experimental and will no longer emit an experimental warning when used. Required secrets are validated during local development and deploy, and used as the source of truth for type generation.

    {
      "secrets": {
        "required": ["API_KEY", "DB_PASSWORD"]
      }
    }
Patch Changes
  • #​12974 1127114 Thanks @​ask-bonk! - Rewrite self-referencing service bindings to kCurrentWorker before renaming the runner worker

    When a wrangler config has a service binding to itself (e.g. services: [{ binding: "SELF", service: "my-worker" }] where the worker is named "my-worker"), the binding's literal name pointed to a worker that no longer existed once vitest-pool-workers renamed the runner to vitest-pool-workers-runner-<project>. The self-reference is now rewritten to the miniflare kCurrentWorker symbol, which resolves at request time relative to the referer worker and so survives the rename. Previously this rewrite lived in wrangler's unstable_getMiniflareWorkerOptions, but it's only needed for vitest-pool-workers' rename — other consumers (getPlatformProxy, @cloudflare/vite-plugin) preserve the original worker name and so don't need it.

  • Updated depend

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@changeset-bot

changeset-bot Bot commented Mar 27, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: f2a8edb

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 2 times, most recently from bf23539 to 8a278fb Compare March 31, 2026 13:32
@renovate renovate Bot changed the title chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.13.0 chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.14.0 Mar 31, 2026
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 2 times, most recently from 7e7471f to 1a795f0 Compare April 7, 2026 21:33
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 5 times, most recently from 24ef734 to 8f3d2dd Compare April 16, 2026 09:56
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 3 times, most recently from 6087f0e to f7dce3b Compare April 24, 2026 14:16
@renovate renovate Bot changed the title chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.14.0 chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.15.0 Apr 24, 2026
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 2 times, most recently from 7fcd00c to 5782fb7 Compare April 30, 2026 18:38
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch from 5782fb7 to 8d294b3 Compare May 5, 2026 19:32
@renovate renovate Bot changed the title chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.15.0 chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.16.0 May 5, 2026
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 3 times, most recently from d84d827 to 2326a15 Compare May 14, 2026 13:31
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 3 times, most recently from 198914d to 940c2da Compare May 21, 2026 14:57
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 2 times, most recently from 0f5652c to c8ee09b Compare May 26, 2026 22:33
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 3 times, most recently from d1a9280 to bb9f905 Compare June 4, 2026 15:16
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 2 times, most recently from 782cf06 to 0baa158 Compare June 11, 2026 17:11
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 3 times, most recently from 0cb0211 to 9ed149a Compare June 19, 2026 16:10
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch 2 times, most recently from 79ec3f7 to 401424e Compare June 25, 2026 16:13
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch from 401424e to e8e5e60 Compare June 30, 2026 16:55
@renovate renovate Bot changed the title chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.16.0 chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.17.0 Jun 30, 2026
@renovate renovate Bot force-pushed the renovate/cloudflare-vitest-pool-workers-0.x branch from e8e5e60 to f2a8edb Compare July 2, 2026 16:51
@renovate renovate Bot changed the title chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.17.0 chore(deps): update dependency @cloudflare/vitest-pool-workers to ^0.18.0 Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants