Patch Changes
-
#14147
e06cbb7Thanks @dependabot! - Update dependencies of "miniflare", "wrangler"The following dependency versions have been updated:
Dependency From To workerd 1.20260529.1 1.20260601.1 -
#14086
4ef790bThanks @dario-piotrowicz! - Use127.0.0.1instead oflocalhostfor the runtime inspector addressOn systems where
getaddrinfo("localhost")returns::1but IPv6 is disabled at the kernel level,workerdfails to bind the inspector socket and silently continues without emitting thelisten-inspectorevent to the control FD. This causedwrangler devto hang indefinitely at "Starting local server..." with no error output.Using
127.0.0.1explicitly is consistent withDEFAULT_HOST,--debug-port, andresolveLocalhost()already in the codebase. -
#14105
337e912Thanks @dario-piotrowicz! - Remove trailing periods from URLs in terminal outputURLs printed to the terminal with a sentence-ending period (e.g.
https://example.com/path.) would include the period when clicked in some terminal emulators, causing 404 errors. This removes trailing periods from all URLs displayed in CLI output across wrangler, miniflare, vitest-pool-workers, and workers-utils. -
#14112
3a746acThanks @penalosa! - Pin non-bundled runtime dependencies to exact versionsDependencies that are not bundled into a package's published output are installed directly into consumers' dependency trees, so they are now pinned to exact versions instead of semver ranges. This closes a supply-chain gap where an unpinned external dependency could resolve to a compromised upstream release on a fresh install. A new
pnpm check:pinned-depslint enforces this for all published packages (and for the shared pnpm catalog) going forward.