James Opstad

This commit **fixes a potential memory leak** within the **`module-runner`** component of the **`vite-plugin-cloudflare`** package. It refactors the `runInRunnerObject` function to incorporate a `try...finally` block, which guarantees that resources are properly cleaned up after callback execution, even if errors occur. This change also removes redundant cleanup logic from `executeCallback`, preventing memory accumulation during worker module execution. This crucial **bug fix** enhances the stability and resource management of the worker runner, ensuring more robust operation.

This commit **fixes** "Cannot perform I/O on behalf of a different request" errors encountered with **deferred dynamic imports** within the **Cloudflare Vite plugin's worker runner**. It refactors `packages/vite-plugin-cloudflare/src/workers/runner-worker/module-runner.ts` to correctly manage the Durable Object's `IoContext` during dynamic module loading. The change introduces a new callback execution mechanism and removes a problematic custom module runner implementation. This ensures reliable I/O operations for dynamically imported modules, significantly enhancing the stability and functionality of applications utilizing Durable Objects.

This commit provides comprehensive **documentation** for the new `secrets` configuration property in **Wrangler**, enhancing the user experience for **Cloudflare Workers** developers. It introduces a new changelog entry and updates several documentation pages, including `src/content/docs/workers/wrangler/configuration.mdx`, to detail the property's usage for local development, type generation, and deployment. The updates also clarify how the `secrets` property interacts with environment variables and validate secrets before deployment. This **documentation update** is crucial for users to effectively leverage this new configuration capability, improving their understanding and workflow for managing sensitive data.

This commit introduces **support for explicit secrets during the versions upload process** within `packages/wrangler`, marking a **new capability**. It centralizes critical secrets validation logic, including functions like `addRequiredSecretsInheritBindings` and `handleMissingSecretsError`, into a new `secrets-validation.ts` module. This enhanced validation is integrated into the **deployment flow** and the `uploadWorker` function, which now passes a `bindings_inherit: strict` parameter to the versions upload API. This ensures proper inheritance and validation of required secrets, preventing deployment issues, and is thoroughly covered by new unit tests.

This commit introduces a **new feature** to **Wrangler's deployment process**, enabling explicit declaration of **required secrets** via `secrets.required` in `wrangler.jsonc`. It enhances the `uploadWorker` logic to **validate the presence of these secrets** during deployment, ensuring all necessary `inherit` bindings are available and providing improved error reporting for missing secrets. This change significantly improves deployment reliability by preventing builds with undeclared or missing critical secrets, and includes new test coverage and a dedicated error code (`INVALID_INHERIT_BINDING_CODE`) for better diagnostics.

This commit implements a **bug fix** within the **`vite-plugin-cloudflare`** package to correctly resolve and handle **subpath imports** for **additional module types**. The primary changes are in the `additional-modules` plugin (`src/plugins/additional-modules.ts`), which now properly processes these specialized imports. This ensures that projects leveraging `vite-plugin-cloudflare` can reliably use subpath imports when defining complex module structures, preventing previous import resolution errors. Associated tests and playground configurations have been updated to validate the corrected behavior.

This commit **refactors the middleware integration logic** within the **`vite-plugin-cloudflare`** package to ensure proper behavior across different Vite versions. It **avoids splicing into the middleware stack** for Vite versions other than v6, instead utilizing `server.middlewares.use()` for Vite 7+ and applying specific re-splicing logic only when running with Vite 6. This **bug fix and compatibility improvement** prevents incorrect middleware ordering and ensures stable operation of the Cloudflare development server plugin. Additionally, the internal utility function `satisfiesViteVersion` was **refactored** and renamed to `satisfiesMinimumViteVersion` for improved clarity and accuracy.

This commit provides a **maintenance fix** by correcting **formatting issues** within two specific **changeset markdown files**, `open-gifts-repair.md` and `spicy-buttons-heal.md`. This ensures the consistency and readability of the **release notes** generated from these changesets. The work primarily impacts the **documentation generation process** by rectifying minor stylistic inconsistencies in the changeset descriptions, improving the clarity of future release announcements.

This commit **upgrades** the project's core build and test infrastructure to **Vite 8**, establishing it as the default for building the **`vite-plugin-cloudflare`** and running associated tests. This **feature** work involved updating numerous `package.json` dependencies across the root, the plugin, its playgrounds, and all e2e test fixtures to ensure full compatibility. Key changes include dynamically selecting the appropriate module runner in `packages/vite-plugin-cloudflare/src/miniflare-options.ts` based on the installed Vite version, updating GitHub Actions workflows, and removing outdated `@ts-expect-error` comments. This ensures the plugin leverages the latest Vite features and maintains forward compatibility, impacting all development and testing environments.

This commit introduces **support for `/cdn-cgi/` routes** within the **`vite-plugin-cloudflare`** development environment, enabling proper functioning of Cloudflare's local explorer and trigger handlers. A new `cdnCgiPlugin` is added to forward these specific routes to Miniflare during local development. This **new feature** replaces and consolidates the functionality previously handled by `triggerHandlersPlugin`, streamlining the handling of special Cloudflare routes and significantly improving the local development experience for applications utilizing these features.

This commit **refactors** the project's **CI/CD pipeline** by splitting the existing End-to-End (E2E) tests into dedicated **GitHub Actions workflows**. Specifically, new workflow files `e2e-vite.yml` and `e2e-wrangler.yml` are introduced to independently run E2E tests for **Vite** and **Wrangler** integrations. This **maintenance** change improves the organization and clarity of the test suite execution, allowing for more focused and potentially parallelized testing. The `README.md` for workflows is also updated to document these newly separated processes, ensuring up-to-date project documentation.

This commit introduces a **new capability** to the `vite-plugin-cloudflare` package, specifically enhancing its **worker configuration validation**. It now **warns users** when the `assets` field is provided for **auxiliary Workers**, as this configuration is not supported. The change updates the plugin's configuration resolution logic (`plugin-config.ts`) and the warning generation system (`workers-configs.ts`) to identify and flag these unsupported configurations, ensuring that `getWarningForWorkersConfigs` correctly produces the relevant warnings. This **feature enhancement** improves the **developer experience** by proactively alerting users to potential misconfigurations, preventing unexpected behavior in their Cloudflare Worker deployments.

This commit primarily focuses on **dependency management improvements** and a **tooling infrastructure update**. It updates the `@hey-api/openapi-ts` dependency across the `local-explorer-ui` and `miniflare` packages, ensuring they benefit from the latest features and fixes. Concurrently, the project's dependency resolution is migrated to leverage the **pnpm catalog structure**, which involves modifications to `pnpm-workspace.yaml` and individual `package.json` files. This **chore** streamlines monorepo dependency consistency and maintainability by centralizing version management.

This commit **re-integrates** the `workers-utils` package into the project's **changesets system**, ensuring that future modifications to this utility package are properly tracked for release notes and versioning. This **maintenance fix** addresses a previous oversight where `workers-utils` was excluded from changeset generation, as indicated by the fixed commit `a3f9d1a4b`. Consequently, the **deployment tooling's validation tests** (`tools/deployments/__tests__/validate-changesets.test.ts`) have been updated to correctly reflect the inclusion of `workers-utils` in the changeset process, preventing build failures and ensuring consistent release management.

This commit **fixes a bug** in **Wrangler's deployment process** where **WASM module names** containing query strings were not correctly handled, particularly on **Windows**, leading to potential issues when writing them to disk. It introduces a new utility function, `stripQueryString`, within `packages/wrangler/src/deployment-bundle/module-collection.ts` to remove query strings from module paths before processing. This ensures that **Wrangler** can correctly deploy applications using such modules, preventing deployment failures and improving cross-platform compatibility. New test cases have been added to verify this behavior.

This commit reverts dependency updates for `workerd` and `workers-types` within the `miniflare` and `wrangler` packages. Consequently, these packages will now utilize their previous, older versions of these core dependencies.

This commit adds a new entry to the project's changelog, documenting the upcoming release or addition of a Vite plugin. It's an isolated change to the release process with no direct runtime impact.

This is an isolated documentation update for the `workers-utils` package, specifically for `secrets` properties and JSDoc. It has no functional impact on runtime behavior or downstream services.

This is an isolated change to the project's release tooling, specifically removing a planned entry from the next release notes. It has no impact on runtime functionality or user-facing features.

This change introduces experimental `secrets` support to `wrangler`'s local development environment and the `vite-plugin-cloudflare`. This new capability allows developers to more accurately test applications relying on secrets during local development.