Skip to content

deps(npm): bump the ui-dependencies group with 2 updates#136

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/ui-dependencies-e082da45f2
Open

deps(npm): bump the ui-dependencies group with 2 updates#136
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/ui-dependencies-e082da45f2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown
Contributor

Bumps the ui-dependencies group with 2 updates: typescript and wrangler.

Updates typescript from 6.0.3 to 7.0.2

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for typescript since your current version.


Updates wrangler from 4.108.0 to 4.109.0

Release notes

Sourced from wrangler's releases.

wrangler@4.109.0

Minor Changes

  • #14489 e3f0cd6 Thanks @​edmundhung! - Add listDurableObjectIds() to createTestHarness Worker handles

    Tests using createTestHarness can now list persisted Durable Object instance IDs for a Durable Object binding. This helps integration tests discover objects created by app behavior without adding test-only endpoints.

  • #14465 2fedb1f Thanks @​vaishnav-mk! - Add rollback support when terminating Workflow instances

    WorkflowInstance.terminate({ rollback: true }) now runs registered rollback handlers before marking a local Workflow instance as terminated. Wrangler also supports this via wrangler workflows instances terminate --rollback, including local mode.

    The rollback option is only sent for terminate operations and is rejected by the Local Explorer API for pause, resume, and restart actions.

  • #14511 17d2fc1 Thanks @​juleslemee! - Add wrangler turnstile widget commands for managing Turnstile widgets

    You can now create, list, inspect, update, and delete Turnstile widgets from the CLI:

    wrangler turnstile widget create <name> --domain example.com --mode managed
    wrangler turnstile widget list
    wrangler turnstile widget get <sitekey>
    wrangler turnstile widget update <sitekey> --name "Renamed"
    wrangler turnstile widget delete <sitekey>
    

    All five subcommands accept --json for machine-readable output (get prints a formatted view by default; the rest print a short human summary). --domain accepts comma-separated values, e.g. --domain a.com,b.com. delete --json requires --skip-confirmation/-y to keep output pipeable.

    create prints the sitekey, the secret, and the canonical challenges.cloudflare.com/turnstile/v0/siteverify endpoint for backend verification. The hint is backend-agnostic; it doesn't assume Workers. The secret is redacted from list and update output but remains available via get for retrieval later. delete prompts for confirmation; pass --skip-confirmation/-y to bypass.

    The OAuth flow now requests the challenge-widgets.write scope (the existing Bach-derived scope for Turnstile widget CRUD). Existing OAuth sessions need to run wrangler login again to pick it up. API token users need a token with the Account.Turnstile:Edit permission.

Patch Changes

  • #14596 8511ddf Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260706.1 1.20260708.1
    @​cloudflare/workers-types ^5.20260706.1 ^5.20260708.1
  • #14604 9f74a5f Thanks @​vaishnav-mk! - Improve the deploy error for cron-triggered Workflows on free plans

    Wrangler now explains that Workflow schedules require a paid Workers plan instead of showing only the generic Workflows API request failure.

  • #14616 c782e2a Thanks @​penalosa! - Fix wrangler deploy aborting in CI for autoconfigured projects

    A recent change guarded non-interactive deploys against overwriting a same-named Worker whenever there was no config file naming it. This was too broad: a plain wrangler deploy run in CI without a config file (for example an autoconfigured project whose generated config PR has not been merged) would fail with "A Worker named ... already exists in your account", even though re-deploying to that Worker is the intended behaviour.

... (truncated)

Commits
  • 774c09e Version Packages (#14603)
  • 2fedb1f Support workflow terminate rollback (#14465)
  • c782e2a [wrangler] Restrict name-ownership guard to Pages-to-Workers delegation (#14616)
  • 17d2fc1 [wrangler] Add turnstile widget CLI commands (#14511)
  • 315c77c chore: use catalog for workerd dependency (#14607)
  • 9f74a5f Workflows: Improve scheduled Workflows free-plan deploy error (#14604)
  • 394b8ae Fix wrangler linting (failing because of deprecated detectAgenticEnvironment ...
  • dbf024e Enable @typescript-eslint/no-deprecated linting rule for wrangler (#14579)
  • e3f0cd6 feat(wrangler): list durable object ids in test harness (#14489)
  • 8511ddf Bump the workerd-and-workers-types group with 2 updates (#14596)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the ui-dependencies group with 2 updates: [typescript](https://github.com/microsoft/TypeScript) and [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler).


Updates `typescript` from 6.0.3 to 7.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/commits)

Updates `wrangler` from 4.108.0 to 4.109.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.109.0/packages/wrangler)

---
updated-dependencies:
- dependency-name: typescript
  dependency-version: 7.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: ui-dependencies
- dependency-name: wrangler
  dependency-version: 4.109.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: ui-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 9, 2026
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 9, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
❌ Deployment failed
View logs
github-readme-leetcode-card 2270490 Jul 09 2026, 03:05 PM

@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedwrangler@​4.108.0 ⏵ 4.109.071 -2710092 +196100
Updatedtypescript@​6.0.3 ⏵ 7.0.299 -110089 -196 -3100 +10

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants