Skip to content

chore(deps): Bump the npm-minor-and-patch group with 7 updates#19

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-minor-and-patch-b08e9be363
Jun 4, 2026
Merged

chore(deps): Bump the npm-minor-and-patch group with 7 updates#19
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-minor-and-patch-b08e9be363

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 4, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-minor-and-patch group with 7 updates:

Package From To
react 19.2.6 19.2.7
@types/react 19.2.15 19.2.16
react-dom 19.2.6 19.2.7
@cloudflare/vite-plugin 1.39.0 1.40.0
@cloudflare/workers-types 4.20260528.1 4.20260604.1
vite 8.0.14 8.0.16
wrangler 4.95.0 4.98.0

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.


Updates @types/react from 19.2.15 to 19.2.16

Commits

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.


Updates @cloudflare/vite-plugin from 1.39.0 to 1.40.0

Release notes

Sourced from @​cloudflare/vite-plugin's releases.

@​cloudflare/vite-plugin@​1.39.2

Patch Changes

  • #13893 d8a16e7 Thanks @​penalosa! - Add an experimental, internal cf-vite delegate binary

    This adds an experimental bin/cf-vite binary that is spawned by Cloudflare's own parent tooling to drive the plugin as a long-running dev-server subprocess. It is not part of the plugin's public API surface, is not intended to be invoked directly, and its contract may change at any time without notice.

  • #14117 3c86121 Thanks @​aicayzer! - Forward response headers from the Worker on WebSocket upgrade responses

    Headers set on a new Response(null, { status: 101, webSocket, headers }) returned from the Worker are now propagated to the upgrade response sent to the browser during vite dev. Previously the headers were dropped, so cookies (Set-Cookie) and custom headers (X-*) on WebSocket handshake responses were invisible client-side — even though they were delivered correctly by wrangler dev.

  • Updated dependencies [b210c5e, aec1bb8, e06cbb7, 9a26191, 5565823, 4ef790b, 890fca7, 6fc9777, 337e912, 8e7b74f, e86489a, 42288d4, 65b5f9e, 3a746ac, 64ef9fd, 94b29f7]:

    • wrangler@4.97.0
    • miniflare@4.20260601.0

@​cloudflare/vite-plugin@​1.39.1

Patch Changes

Changelog

Sourced from @​cloudflare/vite-plugin's changelog.

1.40.0

Minor Changes

  • #14013 3cf9d0e Thanks @​jamesopstad! - Add experimental experimental.newConfig option to load the entry Worker's configuration from cloudflare.config.ts

    This is an experimental, opt-in feature. When enabled, the plugin loads the entry Worker's configuration from a cloudflare.config.ts file instead of the usual wrangler.json / wrangler.jsonc / wrangler.toml.

    Pass true to enable with defaults, or an object to customise behaviour. Currently the only sub-option is types.generate (defaults to true), which writes a worker-configuration.d.ts file next to the config. This enables typed env and exports for your Worker and currently assumes that you have @cloudflare/workers-types installed.

    // vite.config.ts
    import { defineConfig } from "vite";
    import { cloudflare } from "@cloudflare/vite-plugin";
    export default defineConfig({
    plugins: [
    cloudflare({
    experimental: {
    newConfig: true,
    },
    }),
    ],
    });

    // cloudflare.config.ts
    import {
    	defineWorker,
    	bindings,
    } from "@cloudflare/vite-plugin/experimental-config";
    import * as entrypoint from "./src/index.ts" with { type: "cf-worker" };
    export default defineWorker((ctx) => ({
    name: "my-worker",
    entrypoint,
    compatibilityDate: "2026-05-18",
    env: {
    MY_TEXT: bindings.text(The mode is ${ctx.mode}),
    MY_KV: bindings.kv(),
    },
    }));

    A few limitations apply while the feature is experimental:

    • configPath cannot be combined with experimental.newConfig. The entry Worker is always loaded from cloudflare.config.ts at the project root.
    • auxiliaryWorkers are not yet supported with experimental.newConfig.

... (truncated)

Commits

Updates @cloudflare/workers-types from 4.20260528.1 to 4.20260604.1

Commits

Updates @types/react from 19.2.15 to 19.2.16

Commits

Updates vite from 8.0.14 to 8.0.16

Release notes

Sourced from vite's releases.

v8.0.16

Please refer to CHANGELOG.md for details.

v8.0.15

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.16 (2026-06-01)

Bug Fixes

8.0.15 (2026-06-01)

Features

Bug Fixes

  • capitalize error messages and remove spurious space in parse error (#22488) (85a0eff)
  • deps: update all non-major dependencies (#22511) (2686d7d)
  • dev: fix html-proxy cache key mismatch for /@fs/ HTML paths (#21762) (47c4213)
  • glob: error on relative glob in virtual module when no files match (#22497) (5c8e98f)
  • optimizer: close the rolldown bundle when write() rejects (#22528) (e3cfb9d)
  • resolve: provide onWarn for viteResolvePlugin in JS plugin containers (#22509) (40985f1)

Miscellaneous Chores

Code Refactoring

Commits

Updates wrangler from 4.95.0 to 4.98.0

Release notes

Sourced from wrangler's releases.

wrangler@4.97.0

Minor Changes

  • #13996 94b29f7 Thanks @​vaishnav-mk! - Add restart-from-step options to wrangler workflows instances restart

    You can now restart a Workflow instance from a specific step using --from-step-name, with optional --from-step-count and --from-step-type disambiguation. These options work for both remote Workflow instances and local wrangler dev --local sessions.

Patch Changes

  • #14141 b210c5e Thanks @​MattieTK! - Add re-authentication hint to account fetch error messages

    When Wrangler fails to automatically retrieve account IDs, the error messages now suggest running wrangler login as a troubleshooting step. This addresses confusion for users who encounter these errors after OAuth system changes or other authentication issues.

  • #14078 aec1bb8 Thanks @​MattieTK! - Bump am-i-vibing from 0.1.1 to 0.4.0

    This updates the agentic environment detection library to the latest version, which includes improved detection coverage for newer AI coding agents.

  • #14147 e06cbb7 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

    The following dependency versions have been updated:

    Dependency From To
    workerd 1.20260529.1 1.20260601.1
  • #14027 9a26191 Thanks @​matingathani! - Gracefully handle EMFILE error when assets directory exceeds OS watcher limit

    Previously, when wrangler dev was pointed at an assets directory with more than ~4,096 subdirectories, the chokidar file watcher threw an EMFILE: too many open files error that was not caught, causing an infinite error loop that made the dev server unresponsive.

    Now the error is caught and wrangler:

    1. Logs a clear warning explaining the platform watcher limit was hit
    2. Recommends reducing the number of subdirectories by flattening or restructuring the assets directory
    3. Disables the assets watcher gracefully so the dev server continues working without hot-reload
  • #14041 5565823 Thanks @​matingathani! - Fix wrangler complete printing the AI skills prompt into shell completion output

    Previously, running eval "$(wrangler complete zsh)" (or any other shell) would fail with errors like zsh: command not found: --install-skills because the interactive AI agent skills installation prompt was included in the completion script output.

    The skills prompt is now skipped when running wrangler complete, so the generated completion script is clean and can be sourced correctly.

  • #13881 890fca7 Thanks @​matingathani! - Show a clear error when --metadata is not valid JSON instead of silently ignoring the value

  • #14149 6fc9777 Thanks @​mattjohnsonpint! - Fix wrangler deploy --upload-source-maps silently skipping source maps when the entry file ends with magic comments after //# sourceMappingURL=

    Wrangler previously assumed the //# sourceMappingURL= comment was the last non-empty line of a module. Tools like sentry-cli sourcemaps inject append a //# debugId= comment after it, which silently caused source maps to be omitted from the upload form, most commonly when deploying with --no-bundle --upload-source-maps. Wrangler now scans trailing magic comments (lines starting with //# or //@) and detects the //# sourceMappingURL= comment regardless of which other magic comments follow it.

  • #14105 337e912 Thanks @​dario-piotrowicz! - Remove trailing periods from URLs in terminal output

    URLs printed to the terminal with a sentence-ending period (e.g. https://example.com/path.) would include the period when clicked in some terminal emulators, causing 404 errors. This removes trailing periods from all URLs displayed in CLI output across wrangler, miniflare, vitest-pool-workers, and workers-utils.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm-minor-and-patch group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.15` | `19.2.16` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [@cloudflare/vite-plugin](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/vite-plugin-cloudflare) | `1.39.0` | `1.40.0` |
| [@cloudflare/workers-types](https://github.com/cloudflare/workerd) | `4.20260528.1` | `4.20260604.1` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.14` | `8.0.16` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.95.0` | `4.98.0` |


Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `@types/react` from 19.2.15 to 19.2.16
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `@cloudflare/vite-plugin` from 1.39.0 to 1.40.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Changelog](https://github.com/cloudflare/workers-sdk/blob/main/packages/vite-plugin-cloudflare/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/HEAD/packages/vite-plugin-cloudflare)

Updates `@cloudflare/workers-types` from 4.20260528.1 to 4.20260604.1
- [Release notes](https://github.com/cloudflare/workerd/releases)
- [Changelog](https://github.com/cloudflare/workerd/blob/main/RELEASE.md)
- [Commits](https://github.com/cloudflare/workerd/commits)

Updates `@types/react` from 19.2.15 to 19.2.16
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `vite` from 8.0.14 to 8.0.16
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.16/packages/vite)

Updates `wrangler` from 4.95.0 to 4.98.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/HEAD/packages/wrangler)

---
updated-dependencies:
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: "@types/react"
  dependency-version: 19.2.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: "@cloudflare/vite-plugin"
  dependency-version: 1.40.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: "@cloudflare/workers-types"
  dependency-version: 4.20260604.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: "@types/react"
  dependency-version: 19.2.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: vite
  dependency-version: 8.0.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-and-patch
- dependency-name: wrangler
  dependency-version: 4.98.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 4, 2026
@github-actions github-actions Bot merged commit 84c802f into main Jun 4, 2026
1 check passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm-minor-and-patch-b08e9be363 branch June 4, 2026 20:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants