Skip to content
Cloudflare Docs
Docs DirectoryAPIsSDKs

Changelog

New updates and improvements at Cloudflare.

Subscribe to RSS View RSS feeds
Workers
hero image

  1. Build MCP servers with the Agents SDK

    Agents Workers

    The Agents SDK now includes built-in support for building remote MCP (Model Context Protocol) servers directly as part of your Agent. This allows you to easily create and manage MCP servers, without the need for additional infrastructure or configuration.

    The SDK includes a new MCPAgent class that extends the Agent class and allows you to expose resources and tools over the MCP protocol, as well as authorization and authentication to enable remote MCP servers.

    JavaScript
    export class MyMCP extends McpAgent {
      server = new McpServer({
        name: "Demo",
        version: "1.0.0",
      });
    

      async init() {
        this.server.resource(`counter`, `mcp://resource/counter`, (uri) => {
          // ...
        });
    

        this.server.tool(
          "add",
          "Add two numbers together",
          { a: z.number(), b: z.number() },
          async ({ a, b }) => {
            // ...
          },
        );
      }
    }

    See the example for the full code and as the basis for building your own MCP servers, and the client example for how to build an Agent that acts as an MCP client.

    To learn more, review the announcement blog as part of Developer Week 2025.

    Agents SDK updates

    We've made a number of improvements to the Agents SDK, including:

    • Support for building MCP servers with the new MCPAgent class.
    • The ability to export the current agent, request and WebSocket connection context using import { context } from "agents", allowing you to minimize or avoid direct dependency injection when calling tools.
    • Fixed a bug that prevented query parameters from being sent to the Agent server from the useAgent React hook.
    • Automatically converting the agent name in useAgent or useAgentChat to kebab-case to ensure it matches the naming convention expected by routeAgentRequest.

    To install or update the Agents SDK, run npm i agents@latest in an existing project, or explore the agents-starter project:

    Terminal window
    npm create cloudflare@latest -- --template cloudflare/agents-starter

    See the full release notes and changelog on the Agents SDK repository and

  1. Durable Objects on Workers Free plan

    Durable Objects Workers

    Durable Objects can now be used with zero commitment on the Workers Free plan allowing you to build AI agents with Agents SDK, collaboration tools, and real-time applications like chat or multiplayer games.

    Durable Objects let you build stateful, serverless applications with millions of tiny coordination instances that run your application code alongside (in the same thread!) your durable storage. Each Durable Object can access its own SQLite database through a Storage API. A Durable Object class is defined in a Worker script encapsulating the Durable Object's behavior when accessed from a Worker. To try the code below, click the button:

    Deploy to Cloudflare

    JavaScript
    import { DurableObject } from "cloudflare:workers";
    

    // Durable Object
    export class MyDurableObject extends DurableObject {
      ...
      async sayHello(name) {
        return `Hello, ${name}!`;
      }
    }
    

    // Worker
    export default {
      async fetch(request, env) {
        // Every unique ID refers to an individual instance of the Durable Object class
        const id = env.MY_DURABLE_OBJECT.idFromName("foo");
    

        // A stub is a client used to invoke methods on the Durable Object
        const stub = env.MY_DURABLE_OBJECT.get(id);
    

        // Methods on the Durable Object are invoked via the stub
        const response = await stub.sayHello("world");
    

        return response;
      },
    };

    Free plan limits apply to Durable Objects compute and storage usage. Limits allow developers to build real-world applications, with every Worker request able to call a Durable Object on the free plan.

    For more information, checkout:

  1. SQLite in Durable Objects GA with 10GB storage per object

    Durable Objects Workers

    SQLite in Durable Objects is now generally available (GA) with 10GB SQLite database per Durable Object. Since the public beta in September 2024, we've added feature parity and robustness for the SQLite storage backend compared to the preexisting key-value (KV) storage backend for Durable Objects.

    SQLite-backed Durable Objects are recommended for all new Durable Object classes, using new_sqlite_classes Wrangler configuration. Only SQLite-backed Durable Objects have access to Storage API's SQL and point-in-time recovery methods, which provide relational data modeling, SQL querying, and better data management.

    JavaScript
    export class MyDurableObject extends DurableObject {
      sql: SqlStorage
      constructor(ctx: DurableObjectState, env: Env) {
        super(ctx, env);
        this.sql = ctx.storage.sql;
      }
    

      async sayHello() {
        let result = this.sql
          .exec("SELECT 'Hello, World!' AS greeting")
          .one();
        return result.greeting;
      }
    }

    KV-backed Durable Objects remain for backwards compatibility, and a migration path from key-value storage to SQL storage for existing Durable Object classes will be offered in the future.

    For more details on SQLite storage, checkout Zero-latency SQLite storage in every Durable Object blog.

  1. Capture up to 256 KB of log events in each Workers Invocation

    Workers

    You can now capture a maximum of 256 KB of log events per Workers invocation, helping you gain better visibility into application behavior.

    All console.log() statements, exceptions, request metadata, and headers are automatically captured during the Worker invocation and emitted as JSON object. Workers Logs deserializes this object before indexing the fields and storing them. You can also capture, transform, and export the JSON object in a Tail Worker.

    256 KB is a 2x increase from the previous 128 KB limit. After you exceed this limit, further context associated with the request will not be recorded in your logs.

    This limit is automatically applied to all Workers.

  1. Workflows is now Generally Available

    Workflows Workers

    Workflows is now Generally Available (or "GA"): in short, it's ready for production workloads. Alongside marking Workflows as GA, we've introduced a number of changes during the beta period, including:

    • A new waitForEvent API that allows a Workflow to wait for an event to occur before continuing execution.
    • Increased concurrency: you can run up to 4,500 Workflow instances concurrently — and this will continue to grow.
    • Improved observability, including new CPU time metrics that allow you to better understand which Workflow instances are consuming the most resources and/or contributing to your bill.
    • Support for vitest for testing Workflows locally and in CI/CD pipelines.

    Workflows also supports the new increased CPU limits that apply to Workers, allowing you to run more CPU-intensive tasks (up to 5 minutes of CPU time per instance), not including the time spent waiting on network calls, AI models, or other I/O bound tasks.

    Human-in-the-loop

    The new step.waitForEvent API allows a Workflow instance to wait on events and data, enabling human-in-the-the-loop interactions, such as approving or rejecting a request, directly handling webhooks from other systems, or pushing event data to a Workflow while it's running.

    Because Workflows are just code, you can conditionally execute code based on the result of a waitForEvent call, and/or call waitForEvent multiple times in a single Workflow based on what the Workflow needs.

    For example, if you wanted to implement a human-in-the-loop approval process, you could use waitForEvent to wait for a user to approve or reject a request, and then conditionally execute code based on the result.

    JavaScript
    import {
      WorkflowEntrypoint,
      WorkflowStep,
      WorkflowEvent,
    } from "cloudflare:workers";
    

    export class MyWorkflow extends WorkflowEntrypoint {
      async run(event, step) {
        // Other steps in your Workflow
        let stripeEvent = await step.waitForEvent(
          "receive invoice paid webhook from Stripe",
          { type: "stripe-webhook", timeout: "1 hour" },
        );
        // Rest of your Workflow
      }
    }

    You can then send a Workflow an event from an external service via HTTP or from within a Worker using the Workers API for Workflows:

    JavaScript
    export default {
      async fetch(req, env) {
        const instanceId = new URL(req.url).searchParams.get("instanceId");
        const webhookPayload = await req.json();
    

        let instance = await env.MY_WORKFLOW.get(instanceId);
        // Send our event, with `type` matching the event type defined in
        // our step.waitForEvent call
        await instance.sendEvent({
          type: "stripe-webhook",
          payload: webhookPayload,
        });
    

        return Response.json({
          status: await instance.status(),
        });
      },
    };

    Read the GA announcement blog to learn more about what landed as part of the Workflows GA.

  1. Run Workers for up to 5 minutes of CPU-time

    Workers

    You can now run a Worker for up to 5 minutes of CPU time for each request.

    Previously, each Workers request ran for a maximum of 30 seconds of CPU time — that is the time that a Worker is actually performing a task (we still allowed unlimited wall-clock time, in case you were waiting on slow resources). This meant that some compute-intensive tasks were impossible to do with a Worker. For instance, you might want to take the cryptographic hash of a large file from R2. If this computation ran for over 30 seconds, the Worker request would have timed out.

    By default, Workers are still limited to 30 seconds of CPU time. This protects developers from incurring accidental cost due to buggy code.

    By changing the cpu_ms value in your Wrangler configuration, you can opt in to any value up to 300,000 (5 minutes).

    JSONC
    {
      // ...rest of your configuration...
      "limits": {
        "cpu_ms": 300000,
      },
      // ...rest of your configuration...
    }

    For more information on the updates limits, see the documentation on Wrangler configuration for cpu_ms and on Workers CPU time limits.

    For building long-running tasks on Cloudflare, we also recommend checking out Workflows and Queues.

  1. Source Maps are Generally Available

    Workers

    Source maps are now Generally Available (GA). You can now be uploaded with a maximum gzipped size of 15 MB. Previously, the maximum size limit was 15 MB uncompressed.

    Source maps help map between the original source code and the transformed/minified code that gets deployed to production. By uploading your source map, you allow Cloudflare to map the stack trace from exceptions onto the original source code making it easier to debug.

    Stack Trace without Source Map remapping

    With no source maps uploaded: notice how all the Javascript has been minified to one file, so the stack trace is missing information on file name, shows incorrect line numbers, and incorrectly references js instead of ts.

    Stack Trace with Source Map remapping

    With source maps uploaded: all methods reference the correct files and line numbers.

    Uploading source maps and stack trace remapping happens out of band from the Worker execution, so source maps do not affect upload speed, bundle size, or cold starts. The remapped stack traces are accessible through Tail Workers, Workers Logs, and Workers Logpush.

    To enable source maps, add the following to your Pages Function's or Worker's wrangler configuration:

    JSONC
    {
      "upload_source_maps": true
    }

  1. New Managed WAF rule for Next.js CVE-2025-29927.

    Workers Pages WAF

    Update: Mon Mar 24th, 11PM UTC: Next.js has made further changes to address a smaller vulnerability introduced in the patches made to its middleware handling. Users should upgrade to Next.js versions 15.2.4, 14.2.26, 13.5.10 or 12.3.6. If you are unable to immediately upgrade or are running an older version of Next.js, you can enable the WAF rule described in this changelog as a mitigation.

    Update: Mon Mar 24th, 8PM UTC: Next.js has now backported the patch for this vulnerability to cover Next.js v12 and v13. Users on those versions will need to patch to 13.5.9 and 12.3.5 (respectively) to mitigate the vulnerability.

    Update: Sat Mar 22nd, 4PM UTC: We have changed this WAF rule to opt-in only, as sites that use auth middleware with third-party auth vendors were observing failing requests.

    We strongly recommend updating your version of Next.js (if eligible) to the patched versions, as your app will otherwise be vulnerable to an authentication bypass attack regardless of auth provider.

    This rule is opt-in only for sites on the Pro plan or above in the WAF managed ruleset.

    To enable the rule:

    1. Head to Security > WAF > Managed rules in the Cloudflare dashboard for the zone (website) you want to protect.
    2. Click the three dots next to Cloudflare Managed Ruleset and choose Edit
    3. Scroll down and choose Browse Rules
    4. Search for CVE-2025-29927 (ruleId: 34583778093748cc83ff7b38f472013e)
    5. Change the Status to Enabled and the Action to Block. You can optionally set the rule to Log, to validate potential impact before enabling it. Log will not block requests.
    6. Click Next
    7. Scroll down and choose Save

    This will enable the WAF rule and block requests with the x-middleware-subrequest header regardless of Next.js version.

    Create a WAF rule (manual)

    For users on the Free plan, or who want to define a more specific rule, you can create a Custom WAF rule to block requests with the x-middleware-subrequest header regardless of Next.js version.

    To create a custom rule:

    1. Head to Security > WAF > Custom rules in the Cloudflare dashboard for the zone (website) you want to protect.
    2. Give the rule a name - e.g. next-js-CVE-2025-29927
    3. Set the matching parameters for the rule match any request where the x-middleware-subrequest header exists per the rule expression below.
    Terminal window
    (len(http.request.headers["x-middleware-subrequest"]) > 0)
    1. Set the action to 'block'. If you want to observe the impact before blocking requests, set the action to 'log' (and edit the rule later).
    2. Deploy the rule.
    Next.js CVE-2025-29927 WAF rule

    Next.js CVE-2025-29927

    We've made a WAF (Web Application Firewall) rule available to all sites on Cloudflare to protect against the Next.js authentication bypass vulnerability (CVE-2025-29927) published on March 21st, 2025.

    Note: This rule is not enabled by default as it blocked requests across sites for specific authentication middleware.

    • This managed rule protects sites using Next.js on Workers and Pages, as well as sites using Cloudflare to protect Next.js applications hosted elsewhere.
    • This rule has been made available (but not enabled by default) to all sites as part of our WAF Managed Ruleset and blocks requests that attempt to bypass authentication in Next.js applications.
    • The vulnerability affects almost all Next.js versions, and has been fully patched in Next.js 14.2.26 and 15.2.4. Earlier, interim releases did not fully patch this vulnerability.
    • Users on older versions of Next.js (11.1.4 to 13.5.6) did not originally have a patch available, but this the patch for this vulnerability and a subsequent additional patch have been backported to Next.js versions 12.3.6 and 13.5.10 as of Monday, March 24th. Users on Next.js v11 will need to deploy the stated workaround or enable the WAF rule.

    The managed WAF rule mitigates this by blocking external user requests with the x-middleware-subrequest header regardless of Next.js version, but we recommend users using Next.js 14 and 15 upgrade to the patched versions of Next.js as an additional mitigation.

  1. Smart Placement is smarter about running Workers and Pages Functions in the best locations

    Workers Pages

    Smart Placement is a unique Cloudflare feature that can make decisions to move your Worker to run in a more optimal location (such as closer to a database). Instead of always running in the default location (the one closest to where the request is received), Smart Placement uses certain “heuristics” (rules and thresholds) to decide if a different location might be faster or more efficient.

    Previously, if these heuristics weren't consistently met, your Worker would revert to running in the default location—even after it had been optimally placed. This meant that if your Worker received minimal traffic for a period of time, the system would reset to the default location, rather than remaining in the optimal one.

    Now, once Smart Placement has identified and assigned an optimal location, temporarily dropping below the heuristic thresholds will not force a return to default locations. For example in the previous algorithm, a drop in requests for a few days might return to default locations and heuristics would have to be met again. This was problematic for workloads that made requests to a geographically located resource every few days or longer. In this scenario, your Worker would never get placed optimally. This is no longer the case.

  1. npm i agents

    Agents Workers
    npm i agents

    agents-sdk -> agents Updated

    📝 We've renamed the Agents package to agents!

    If you've already been building with the Agents SDK, you can update your dependencies to use the new package name, and replace references to agents-sdk with agents:

    Terminal window
    # Install the new package
    npm i agents
    Terminal window
    # Remove the old (deprecated) package
    npm uninstall agents-sdk
    

    # Find instances of the old package name in your codebase
    grep -r 'agents-sdk' .
    # Replace instances of the old package name with the new one
    # (or use find-replace in your editor)
    sed -i 's/agents-sdk/agents/g' $(grep -rl 'agents-sdk' .)

    All future updates will be pushed to the new agents package, and the older package has been marked as deprecated.

    Agents SDK updates New

    We've added a number of big new features to the Agents SDK over the past few weeks, including:

    • You can now set cors: true when using routeAgentRequest to return permissive default CORS headers to Agent responses.
    • The regular client now syncs state on the agent (just like the React version).
    • useAgentChat bug fixes for passing headers/credentials, including properly clearing cache on unmount.
    • Experimental /schedule module with a prompt/schema for adding scheduling to your app (with evals!).
    • Changed the internal zod schema to be compatible with the limitations of Google's Gemini models by removing the discriminated union, allowing you to use Gemini models with the scheduling API.

    We've also fixed a number of bugs with state synchronization and the React hooks.

    JavaScript
    // via https://github.com/cloudflare/agents/tree/main/examples/cross-domain
    export default {
      async fetch(request, env) {
        return (
          // Set { cors: true } to enable CORS headers.
          (await routeAgentRequest(request, env, { cors: true })) ||
          new Response("Not found", { status: 404 })
        );
      },
    };

    Call Agent methods from your client code New

    We've added a new @unstable_callable() decorator for defining methods that can be called directly from clients. This allows you call methods from within your client code: you can call methods (with arguments) and get native JavaScript objects back.

    JavaScript
    // server.ts
    import { unstable_callable, Agent } from "agents";
    

    export class Rpc extends Agent {
      // Use the decorator to define a callable method
      @unstable_callable({
        description: "rpc test",
      })
      async getHistory() {
        return this.sql`SELECT * FROM history ORDER BY created_at DESC LIMIT 10`;
      }
    }

    agents-starter Updated

    We've fixed a number of small bugs in the agents-starter project — a real-time, chat-based example application with tool-calling & human-in-the-loop built using the Agents SDK. The starter has also been upgraded to use the latest wrangler v4 release.

    If you're new to Agents, you can install and run the agents-starter project in two commands:

    Terminal window
    # Install it
    $ npm create cloudflare@latest agents-starter -- --template="cloudflare/agents-starter"
    # Run it
    $ npm run start

    You can use the starter as a template for your own Agents projects: open up src/server.ts and src/client.tsx to see how the Agents SDK is used.

    More documentation Updated

    We've heard your feedback on the Agents SDK documentation, and we're shipping more API reference material and usage examples, including:

    • Expanded API reference documentation, covering the methods and properties exposed by the Agents SDK, as well as more usage examples.
    • More Client API documentation that documents useAgent, useAgentChat and the new @unstable_callable RPC decorator exposed by the SDK.
    • New documentation on how to route requests to agents and (optionally) authenticate clients before they connect to your Agents.

    Note that the Agents SDK is continually growing: the type definitions included in the SDK will always include the latest APIs exposed by the agents package.

    If you're still wondering what Agents are, read our blog on building AI Agents on Cloudflare and/or visit the Agents documentation to learn more.

  1. Import `env` to access bindings in your Worker's global scope

    Workers

    You can now access bindings from anywhere in your Worker by importing the env object from cloudflare:workers.

    Previously, env could only be accessed during a request. This meant that bindings could not be used in the top-level context of a Worker.

    Now, you can import env and access bindings such as secrets or environment variables in the initial setup for your Worker:

    JavaScript
    import { env } from "cloudflare:workers";
    import ApiClient from "example-api-client";
    

    // API_KEY and LOG_LEVEL now usable in top-level scope
    const apiClient = ApiClient.new({ apiKey: env.API_KEY });
    const LOG_LEVEL = env.LOG_LEVEL || "info";
    

    export default {
      fetch(req) {
        // you can use apiClient or LOG_LEVEL, configured before any request is handled
      },
    };

    Additionally, env was normally accessed as a argument to a Worker's entrypoint handler, such as fetch. This meant that if you needed to access a binding from a deeply nested function, you had to pass env as an argument through many functions to get it to the right spot. This could be cumbersome in complex codebases.

    Now, you can access the bindings from anywhere in your codebase without passing env as an argument:

    JavaScript
    // helpers.js
    import { env } from "cloudflare:workers";
    

    // env is *not* an argument to this function
    export async function getValue(key) {
      let prefix = env.KV_PREFIX;
      return await env.KV.get(`${prefix}-${key}`);
    }

    For more information, see documentation on accessing env.

  1. Retry Pages & Workers Builds Directly from GitHub

    Workers Pages

    You can now retry your Cloudflare Pages and Workers builds directly from GitHub. No need to switch to the Cloudflare Dashboard for a simple retry!

    Let\u2019s say you push a commit, but your build fails due to a spurious error like a network timeout. Instead of going to the Cloudflare Dashboard to manually retry, you can now rerun the build with just a few clicks inside GitHub, keeping you inside your workflow.

    For Pages and Workers projects connected to a GitHub repository:

    1. When a build fails, go to your GitHub repository or pull request
    2. Select the failed Check Run for the build
    3. Select "Details" on the Check Run
    4. Select "Rerun" to trigger a retry build for that commit

    Learn more about Pages Builds and Workers Builds.

  1. Use the latest JavaScript features with Wrangler CLI v4

    Workers

    We've released the next major version of Wrangler, the CLI for Cloudflare Workers — wrangler@4.0.0. Wrangler v4 is a major release focused on updates to underlying systems and dependencies, along with improvements to keep Wrangler commands consistent and clear.

    You can run the following command to install it in your projects:

    npm i wrangler@latest

    Unlike previous major versions of Wrangler, which were foundational rewrites and rearchitectures — Version 4 of Wrangler includes a much smaller set of changes. If you use Wrangler today, your workflow is very unlikely to change.

    A detailed migration guide is available and if you find a bug or hit a roadblock when upgrading to Wrangler v4, open an issue on the cloudflare/workers-sdk repository on GitHub.

    Going forward, we'll continue supporting Wrangler v3 with bug fixes and security updates until Q1 2026, and with critical security updates until Q1 2027, at which point it will be out of support.

  1. Set breakpoints and debug your Workers tests with @cloudflare/vitest-pool-workers

    Workers

    You can now debug your Workers tests with our Vitest integration by running the following command:

    Terminal window
    vitest --inspect --no-file-parallelism

    Attach a debugger to the port 9229 and you can start stepping through your Workers tests. This is available with @cloudflare/vitest-pool-workers v0.7.5 or later.

    Learn more in our documentation.

  1. Access your Worker's environment variables from process.env

    Workers

    You can now access environment variables and secrets on process.env when using the nodejs_compat compatibility flag.

    JavaScript
    const apiClient = ApiClient.new({ apiKey: process.env.API_KEY });
    const LOG_LEVEL = process.env.LOG_LEVEL || "info";

    In Node.js, environment variables are exposed via the global process.env object. Some libraries assume that this object will be populated, and many developers may be used to accessing variables in this way.

    Previously, the process.env object was always empty unless written to in Worker code. This could cause unexpected errors or friction when developing Workers using code previously written for Node.js.

    Now, environment variables, secrets, and version metadata can all be accessed on process.env.

    To opt-in to the new process.env behaviour now, add the nodejs_compat_populate_process_env compatibility flag to your wrangler.json configuration:

    JSONC
    {
      // Rest of your configuration
      // Add "nodejs_compat_populate_process_env" to your compatibility_flags array
      "compatibility_flags": ["nodejs_compat", "nodejs_compat_populate_process_env"],
      // Rest of your configuration

    After April 1, 2025, populating process.env will become the default behavior when both nodejs_compat is enabled and your Worker's compatibility_date is after "2025-04-01".

  1. Use the latest JavaScript features with Wrangler CLI v4.0.0-rc.0

    Workers

    We've released a release candidate of the next major version of Wrangler, the CLI for Cloudflare Workers — wrangler@4.0.0-rc.0.

    You can run the following command to install it and be one of the first to try it out:

    npm i wrangler@v4-rc

    Unlike previous major versions of Wrangler, which were foundational rewrites and rearchitectures — Version 4 of Wrangler includes a much smaller set of changes. If you use Wrangler today, your workflow is very unlikely to change. Before we release Wrangler v4 and advance past the release candidate stage, we'll share a detailed migration guide in the Workers developer docs. But for the vast majority of cases, you won't need to do anything to migrate — things will just work as they do today. We are sharing this release candidate in advance of the official release of v4, so that you can try it out early and share feedback.

    New JavaScript language features that you can now use with Wrangler v4

    Version 4 of Wrangler updates the version of esbuild that Wrangler uses internally, allowing you to use modern JavaScript language features, including:

    The using keyword from Explicit Resource Management

    The using keyword from the Explicit Resource Management standard makes it easier to work with the JavaScript-native RPC system built into Workers. This means that when you obtain a stub, you can ensure that it is automatically disposed when you exit scope it was created in:

    JavaScript
    function sendEmail(id, message) {
      using user = await env.USER_SERVICE.findUser(id);
      await user.sendEmail(message);
    

      // user[Symbol.dispose]() is implicitly called at the end of the scope.
    }
    Import attributes

    Import attributes allow you to denote the type or other attributes of the module that your code imports. For example, you can import a JSON module, using the following syntax:

    JavaScript
    import data from "./data.json" with { type: "json" };

    Other changes

    --local is now the default for all CLI commands

    All commands that access resources (for example, wrangler kv, wrangler r2, wrangler d1) now access local datastores by default, ensuring consistent behavior.

    Clearer policy for the minimum required version of Node.js required to run Wrangler

    Moving forward, the active, maintenance, and current versions of Node.js will be officially supported by Wrangler. This means the minimum officially supported version of Node.js you must have installed for Wrangler v4 will be Node.js v18 or later. This policy mirrors how many other packages and CLIs support older versions of Node.js, and ensures that as long as you are using a version of Node.js that the Node.js project itself supports, this will be supported by Wrangler as well.

    Features previously deprecated in Wrangler v3 are now removed in Wrangler v4

    All previously deprecated features in Wrangler v2 and in Wrangler v3 have now been removed. Additionally, the following features that were deprecated during the Wrangler v3 release have been removed:

    • Legacy Assets (using wrangler dev/deploy --legacy-assets or the legacy_assets config file property). Instead, we recommend you migrate to Workers assets.
    • Legacy Node.js compatibility (using wrangler dev/deploy --node-compat or the node_compat config file property). Instead, use the nodejs_compat compatibility flag. This includes the functionality from legacy node_compat polyfills and natively implemented Node.js APIs.
    • wrangler version. Instead, use wrangler --version to check the current version of Wrangler.
    • getBindingsProxy() (via import { getBindingsProxy } from "wrangler"). Instead, use the getPlatformProxy() API, which takes exactly the same arguments.
    • usage_model. This no longer has any effect, after the rollout of Workers Standard Pricing.

    We'd love your feedback! If you find a bug or hit a roadblock when upgrading to Wrangler v4, open an issue on the cloudflare/workers-sdk repository on GitHub.

  1. Introducing the Agents SDK

    Agents Workers

    We've released the Agents SDK, a package and set of tools that help you build and ship AI Agents.

    You can get up and running with a chat-based AI Agent (and deploy it to Workers) that uses the Agents SDK, tool calling, and state syncing with a React-based front-end by running the following command:

    Terminal window
    npm create cloudflare@latest agents-starter -- --template="cloudflare/agents-starter"
    # open up README.md and follow the instructions

    You can also add an Agent to any existing Workers application by installing the agents package directly

    Terminal window
    npm i agents

    ... and then define your first Agent:

    TypeScript
    import { Agent } from "agents";
    

    export class YourAgent extends Agent<Env> {
      // Build it out
      // Access state on this.state or query the Agent's database via this.sql
      // Handle WebSocket events with onConnect and onMessage
      // Run tasks on a schedule with this.schedule
      // Call AI models
      // ... and/or call other Agents.
    }

    Head over to the Agents documentation to learn more about the Agents SDK, the SDK APIs, as well as how to test and deploying agents to production.

  1. Autofix Worker name configuration errors at build time

    Workers
    Auto-fixing Workers Name in Git Repo

    Small misconfigurations shouldn’t break your deployments. Cloudflare is introducing automatic error detection and fixes in Workers Builds, identifying common issues in your wrangler.toml or wrangler.jsonc and proactively offering fixes, so you spend less time debugging and more time shipping.

    Here's how it works:

    1. Before running your build, Cloudflare checks your Worker's Wrangler configuration file (wrangler.toml or wrangler.jsonc) for common errors.
    2. Once you submit a build, if Cloudflare finds an error it can fix, it will submit a pull request to your repository that fixes it.
    3. Once you merge this pull request, Cloudflare will run another build.

    We're starting with fixing name mismatches between your Wrangler file and the Cloudflare dashboard, a top cause of build failures.

    This is just the beginning, we want your feedback on what other errors we should catch and fix next. Let us know in the Cloudflare Developers Discord, #workers-and-pages-feature-suggestions.

  1. Build AI Agents with Example Prompts

    Agents Workers Workflows

    We've added an example prompt to help you get started with building AI agents and applications on Cloudflare Workers, including Workflows, Durable Objects, and Workers KV.

    You can use this prompt with your favorite AI model, including Claude 3.5 Sonnet, OpenAI's o3-mini, Gemini 2.0 Flash, or Llama 3.3 on Workers AI. Models with large context windows will allow you to paste the prompt directly: provide your own prompt within the <user_prompt></user_prompt> tags.

    Terminal window
    {paste_prompt_here}
    <user_prompt>
    user: Build an AI agent using Cloudflare Workflows. The Workflow should run when a new GitHub issue is opened on a specific project with the label 'help' or 'bug', and attempt to help the user troubleshoot the issue by calling the OpenAI API with the issue title and description, and a clear, structured prompt that asks the model to suggest 1-3 possible solutions to the issue. Any code snippets should be formatted in Markdown code blocks. Documentation and sources should be referenced at the bottom of the response. The agent should then post the response to the GitHub issue. The agent should run as the provided GitHub bot account.
    </user_prompt>

    This prompt is still experimental, but we encourage you to try it out and provide feedback.

  1. Create and deploy Workers from Git repositories

    Workers
    Import repo or choose template

    You can now create a Worker by:

    • Importing a Git repository: Choose an existing Git repo on your GitHub/GitLab account and set up Workers Builds to deploy your Worker.
    • Deploying a template with Git: Choose from a brand new selection of production ready examples to help you get started with popular frameworks like Astro, Remix and Next or build stateful applications with Cloudflare resources like D1 databases, Workers AI or Durable Objects! When you're ready to deploy, Cloudflare will set up your project by cloning the template to your GitHub/GitLab account, provisioning any required resources and deploying your Worker.

    With every push to your chosen branch, Cloudflare will automatically build and deploy your Worker.

    To get started, go to the Workers dashboard.

    These new features are available today in the Cloudflare dashboard to a subset of Cloudflare customers, and will be coming to all customers in the next few weeks. Don't see it in your dashboard, but want early access? Add your Cloudflare Account ID to this form.

  1. Revamped Workers Metrics

    Workers

    We've revamped the Workers Metrics dashboard.

    Workers Metrics dashboard

    Now you can easily compare metrics across Worker versions, understand the current state of a gradual deployment, and review key Workers metrics in a single view. This new interface enables you to:

    • Drag-and-select using a graphical timepicker for precise metric selection.
    Workers Metrics graphical timepicker
    • Use histograms to visualize cumulative metrics, allowing you to bucket and compare rates over time.
    • Focus on Worker versions by directly interacting with the version numbers in the legend.
    Workers Metrics legend selector
    • Monitor and compare active gradual deployments.
    • Track error rates across versions with grouping both by version and by invocation status.
    • Measure how Smart Placement improves request duration.

    Learn more about metrics.

  1. Transform HTML quickly with streaming content

    Workers

    You can now transform HTML elements with streamed content using HTMLRewriter.

    Methods like replace, append, and prepend now accept Response and ReadableStream values as Content.

    This can be helpful in a variety of situations. For instance, you may have a Worker in front of an origin, and want to replace an element with content from a different source. Prior to this change, you would have to load all of the content from the upstream URL and convert it into a string before replacing the element. This slowed down overall response times.

    Now, you can pass the Response object directly into the replace method, and HTMLRewriter will immediately start replacing the content as it is streamed in. This makes responses faster.

    index.js
    class ElementRewriter {
      async element(element) {
        // able to replace elements while streaming content
        // the fetched body is not buffered into memory as part
        // of the replace
        let res = await fetch("https://upstream-content-provider.example");
        element.replace(res);
      }
    }
    

    export default {
      async fetch(request, env, ctx) {
        let response = await fetch("https://site-to-replace.com");
        return new HTMLRewriter()
          .on("[data-to-replace]", new ElementRewriter())
          .transform(response);
      },
    };

    For more information, see the HTMLRewriter documentation.

  1. Increased Browser Rendering limits!

    Workers Browser Run

    Browser Rendering now supports 10 concurrent browser instances per account and 10 new instances per minute, up from the previous limits of 2.

    This allows you to launch more browser tasks from Cloudflare Workers.

    To manage concurrent browser sessions, you can use Queues or Workflows:

    index.js
    export default {
      async queue(batch, env) {
        for (const message of batch.messages) {
          const browser = await puppeteer.launch(env.BROWSER);
          const page = await browser.newPage();
    

          try {
            await page.goto(message.url, {
              waitUntil: message.waitUntil,
            });
            // Process page...
          } finally {
            await browser.close();
          }
        }
      },
    };

  1. Support for Node.js DNS, Net, and Timer APIs in Workers

    Workers

    When using a Worker with the nodejs_compat compatibility flag enabled, you can now use the following Node.js APIs:

    node:net

    You can use node:net to create a direct connection to servers via a TCP sockets with net.Socket.

    index.js
    import net from "node:net";
    

    const exampleIP = "127.0.0.1";
    

    export default {
      async fetch(req) {
        const socket = new net.Socket();
        socket.connect(4000, exampleIP, function () {
          console.log("Connected");
        });
    

        socket.write("Hello, Server!");
        socket.end();
    

        return new Response("Wrote to server", { status: 200 });
      },
    };

    Additionally, you can now use other APIs including net.BlockList and net.SocketAddress.

    Note that net.Server is not supported.

    node:dns

    You can use node:dns for name resolution via DNS over HTTPS using Cloudflare DNS at 1.1.1.1.

    index.js
    import dns from "node:dns";
    

    let response = await dns.promises.resolve4("cloudflare.com", "NS");

    All node:dns functions are available, except lookup, lookupService, and resolve which throw "Not implemented" errors when called.

    node:timers

    You can use node:timers to schedule functions to be called at some future period of time.

    This includes setTimeout for calling a function after a delay, setInterval for calling a function repeatedly, and setImmediate for calling a function in the next iteration of the event loop.

    index.js
    import timers from "node:timers";
    

    console.log("first");
    timers.setTimeout(() => {
      console.log("last");
    }, 10);
    

    timers.setTimeout(() => {
      console.log("next");
    });

  1. Faster Workers Builds with Build Caching and Watch Paths

    Workers
    Build caching settingsBuild watch path settings

    Workers Builds, the integrated CI/CD system for Workers (currently in beta), now lets you cache artifacts across builds, speeding up build jobs by eliminating repeated work, such as downloading dependencies at the start of each build.

    • Build Caching: Cache dependencies and build outputs between builds with a shared project-wide cache, ensuring faster builds for the entire team.

    • Build Watch Paths: Define paths to include or exclude from the build process, ideal for monorepos to target only the files that need to be rebuilt per Workers project.

    To get started, select your Worker on the Cloudflare dashboard then go to Settings > Builds, and connect a GitHub or GitLab repository. Once connected, you'll see options to configure Build Caching and Build Watch Paths.