Changelog
This changelog details meaningful changes made to Workers across the Cloudflare dashboard, Wrangler, the API, and the workerd runtime. These changes are not configurable.
This is different from compatibility dates and compatibility flags, which let you explicitly opt-in to or opt-out of specific changes to the Workers Runtime.
- Cloudflare GitHub App Permissions Update
- Cloudflare is requesting updated permissions for the Cloudflare GitHub App to enable features like automatically creating a repository on your GitHub account and deploying the new repository for you when getting started with a template. This feature is coming out soon to support a better onboarding experience.
- Requested permissions:
- Repository Administration (read/write) to create repositories.
- Contents (read/write) to push code to the created repositories.
- Who is impacted:
- Existing users will be prompted to update permissions when GitHub sends an email with subject "[GitHub] Cloudflare Workers & Pages is requesting updated permission" on December 19th, 2024.
- New users installing the app will see the updated permissions during the connecting repository process.
- Action: Review and accept the permissions update to use upcoming features. If you decline or take no action, you can continue connecting repositories and deploying changes via the Cloudflare GitHub App as you do today, but new features requiring these permissions will not be available.
- Questions? Visit #github-permissions-update in the Cloudflare Developers Discord.
- Fixed encoding of WebSocket pong messages when talking to remote servers. Previously, when a Worker made a WebSocket connection to an external server, the server may have prematurely closed the WebSocket for failure to respond correctly to pings. Client-side connections were not affected.
- You can now connect your GitHub or GitLab repository to an existing Worker to automatically build and deploy your changes when you make a git push with Workers Builds.
- Workers now support the [
handle_cross_request_promise_resolution
] compatibility flag which addresses certain edge cases around awaiting and resolving promises across multiple requests.
- Revamped Workers and Pages UI settings to simplify the creation and management of project configurations. For bugs and general feedback, please submit this form.
- Workers now support the
allow_custom_ports
compatibility flag which enables using thefetch()
calls to custom ports.
- Updated v8 to version 12.8.
- You can now use
Promise.try()
in Cloudflare Workers. Refer totc39/proposal-promise-try
for more context on this API that has recently been added to the JavaScript language.
- When using the
nodejs_compat_v2
compatibility flag, thesetImmediate(fn)
API from Node.js is now available at the global scope. - The
internal_writable_stream_abort_clears_queue
compatibility flag will ensure that certainWritableStream
abort()
operations are handled immediately rather than lazily, ensuring that the stream is appropriately aborted when the consumer of the stream is no longer active.
- Workers with the mTLS binding now support Gradual Deployments.
- Added a new
truncated
flag to Tail Worker events to indicate when the event buffer is full and events are being dropped.
- Added community contributed tutorial on how to create custom access control for files in R2 using D1 and Workers.
- Added community contributed tutorial on how to send form submissions using Astro and Resend.
- Added community contributed tutorial on how to create a sitemap from Sanity CMS with Workers.
- The
node:crypto
implementation now includes the scrypt(...) and scryptSync(...) APIs. - Workers now support the standard EventSource API.
- Fixed a bug where when writing to an HTTP Response body would sometimes hang when the client disconnected (and sometimes throw an exception). It will now always throw an exception.
- When using Gradual Deployments, you can now use version overrides to send a request to a specific version of your Worker.
- Fixed a bug which caused
Date.now()
to return skewed results if called before the first I/O of the first request after a Worker first started up. The value returned would be offset backwards by the amount of CPU time spent starting the Worker (compiling and running global scope), making it seem like the first I/O (e.g. first fetch()) was slower than it really was. This skew had nothing to do with Spectre mitigations; it was simply a longstanding bug.
- Exceptions thrown from Durable Object internal operations and tunneled to the caller may now be populated with a
.retryable: true
property if the exception was likely due to a transient failure, or populated with an.overloaded: true
property if the exception was due to overload.
- We now prompt for extra confirmation if attempting to rollback to a version of a Worker using the Deployments API where the value of a secret is different than the currently deployed version. A
?force=true
query parameter can be specified to proceed with the rollback.
- When using
nodejs_compat
compatibility flag, thebuffer
module now has an implementation ofisAscii()
andisUtf8()
methods. - Fixed a bug where exceptions propagated from JS RPC calls to Durable Objects would lack the
.remote
property that exceptions fromfetch()
calls to Durable Objects have.
- Workers with Smart Placement enabled now support Gradual Deployments.
- The new
fetch_standard_url
compatibility flag will become active by default on June 3rd, 2024 and ensures that URLs passed into thefetch(...)
API, thenew Request(...)
constructor, and redirected requests will be parsed using the standard WHATWG URL parser. - DigestStream is now more efficient and exposes a new
bytesWritten
property that indicates that number of bytes written to the digest.
- Updated v8 to version 12.5.
- A bug in the fetch API implementation would cause the content type of a Blob to be incorrectly set. The fix is being released behind a new
blob_standard_mime_type
compatibility flag.
- Fixed RPC to/from Durable Objects not honoring the output gate.
- The
internal_stream_byob_return_view
compatibility flag can be used to improve the standards compliance of theReadableStreamBYOBReader
implementation when working with BYOB streams provided by the runtime (like inresponse.body
orrequest.body
). The flag ensures that the final read result will always include avalue
field whose value is set to an emptyUint8Array
whose underlyingArrayBuffer
is the same memory allocation as the one passed in on the call toread()
. - The Web platform standard
reportError(err)
global API is now available in workers. The reported error will first be emitted as an 'error' event on the global scope then reported in both the console output and tail worker exceptions by default.
- Improve Streams API spec compliance by exposing
desiredSize
and other properties on stream class prototypes - The new
URL.parse(...)
method is implemented. This provides an alternative to the URL constructor that does not throw exceptions on invalid URLs. - R2 bindings objects now have a
storageClass
option. This can be set on object upload to specify the R2 storage class - Standard or Infrequent Access. The property is also returned with object metadata.
- A new JavaScript-native remote procedure call (RPC) API is now available, allowing you to communicate more easily across Workers and between Workers and Durable Objects.
- There is no longer an explicit limit on the total amount of data which may be uploaded with Cache API
put()
per request. Other Cache API Limits continue to apply. - The Web standard
ReadableStream.from()
API is now implemented. The API enables creating aReadableStream
from a either a sync or async iterable.
- When the
brotli_content_encoding
compatibility flag is enabled, the Workers runtime now supports compressing and decompressing request bodies encoded using the Brotli compression algorithm. Refer to this docs section for more detail.
- You can now write Workers in Python
- The new
unwrap_custom_thenables
compatibility flag enables workers to accept custom thenables in internal APIs that expect a promise (for instance, thectx.waitUntil(...)
method). - TransformStreams created with the TransformStream constructor now have a cancel algorithm that is called when the stream is canceled or aborted. This change is part of the implementation of the WHATWG Streams standard.
- The
nodejs_compat
compatibility flag now includes an implementation of theMockTracker
API fromnode:test
. This is not an implementation of the fullnode:test
module, and mock timers are currently not included. - Exceptions reported to Tail Workers now include a "stack" property containing the exception's stack trace, if available.
- Built-in APIs that return Promises will now produce stack traces when the Promise rejects. Previously, the rejection error lacked a stack trace.
- A new compat flag
fetcher_no_get_put_delete
removes theget()
,put()
, anddelete()
methods on service bindings and Durable Object stubs. This will become the default as of compatibility date 2024-03-26. These methods were designed as simple convenience wrappers aroundfetch()
, but were never documented. - Updated v8 to version 12.3.
- v8 updated to version 12.2.
- You can now use Iterator helpers in Workers.
- You can now use new methods on
Set
, such asSet.intersection
andSet.union
, in Workers.
- Sockets now support an
opened
attribute. - Durable Object alarm handlers now impose a maximum wall time of 15 minutes.
- The Web Platform standard
navigator.sendBeacon(...)
API is now provided by the Workers runtime. - V8 updated to 12.0.
- A new usage model called Workers Standard is available for Workers and Pages Functions pricing. This is now the default usage model for accounts that are first upgraded to the Workers Paid plan. Read the blog post for more information.
- The usage model set in a script's wrangler.toml will be ignored after an account has opted-in to Workers Standard pricing. It must be configured through the dashboard (Workers & Pages > Select your Worker > Settings > Usage Model).
- Workers and Pages Functions on the Standard usage model can set custom CPU limits for their Workers
- Added the
crypto_preserve_public_exponent
compatibility flag to correct a wrong type being used in the algorithm field of RSA keys in the WebCrypto API.
- The limit of 3 Cron Triggers per Worker has been removed. Account-level limits on the total number of Cron Triggers across all Workers still apply.
- A TCP Socket's WritableStream now ensures the connection has opened before resolving the promise returned by
close
.
- The Web Platform standard
CustomEvent
class is now available in Workers. - Fixed a bug in the WebCrypto API where the
publicExponent
field of the algorithm of RSA keys would have the wrong type. Use thecrypto_preserve_public_exponent
compatibility flag to enable the new behavior.
- An implementation of the
node:crypto
API from Node.js is now available when thenodejs_compat
compatibility flag is enabled.
- An implementation of the
util.MIMEType
API from Node.js is now available when thenodejs_compat
compatibility flag is enabled.
- An implementation of the
process.env
API from Node.js is now available when using thenodejs_compat
compatibility flag. - An implementation of the
diagnostics_channel
API from Node.js is now available when using thenodejs_compat
compatibility flag.
- Added the
strict_crypto_checks
compatibility flag to enable additional Web Crypto API error and security checking. - Fixes regression in the TCP Sockets API where
connect("google.com:443")
would fail with aTypeError
.
- The TCP Sockets API now reports clearer errors when a connection cannot be established.
- Updated V8 to 11.5.
AbortSignal.any()
is now available.- Updated V8 to 11.4.
- Following an update to the WHATWG URL spec, the
delete()
andhas()
methods of theURLSearchParams
class now accept an optional second argument to specify the search parameter’s value. This is potentially a breaking change, so it is gated behind the newurlsearchparams_delete_has_value_arg
andurl_standard
compatibility flags. - Added the
strict_compression_checks
compatibility flag for additionalDecompressionStream
error checking.
- A new Hibernatable WebSockets API (beta) has been added to Durable Objects. The Hibernatable WebSockets API allows a Durable Object that is not currently running an event handler (for example, processing a WebSocket message or alarm) to be removed from memory while keeping its WebSockets connected (“hibernation”). A Durable Object that hibernates will not incur billable Duration (GB-sec) charges.
- The new
connect()
method allows you to connect to any TCP-speaking services directly from your Workers. To learn more about other protocols supported on the Workers platform, visit the new Protocols documentation. - We have added new native database integrations for popular serverless database providers, including Neon, PlanetScale, and Supabase. Native integrations automatically handle the process of creating a connection string and adding it as a Secret to your Worker.
- You can now also connect directly to databases over TCP from a Worker, starting with PostgreSQL. Support for PostgreSQL is based on the popular
pg
driver, and allows you to connect to any PostgreSQL instance over TLS from a Worker directly. - The R2 Migrator (Super Slurper), which automates the process of migrating from existing object storage providers to R2, is now Generally Available.
- Cursor, an experimental AI assistant, trained to answer questions about Cloudflare's Developer Platform, is now available to preview! Cursor can answer questions about Workers and the Cloudflare Developer Platform, and is itself built on Workers. You can read more about Cursor in the announcement blog.
- The
performance.now()
andperformance.timeOrigin
APIs can now be used in Cloudflare Workers. Just likeDate.now()
, for security reasons time only advances after I/O.
- The new
nodeJsCompatModule
type can be used with a Worker bundle to emulate a Node.js environment. Common Node.js globals such asprocess
andBuffer
will be present, andrequire('...')
can be used to load Node.js built-ins without thenode:
specifier prefix. - Fixed an issue where websocket connections would be disconnected when updating workers. Now, only WebSockets connected to Durable Objects are disconnected by updates to that Durable Object’s code.
- The Web Crypto API now supports curves Ed25519 and X25519 defined in the Secure Curves specification.
- The global
connect
method has been moved to acloudflare:sockets
module.
URL.canParse(...)
is a new standard API for testing that an input string can be parsed successfully as a URL without the additional cost of creating and throwing an error.- The Workers-specific
IdentityTransformStream
andFixedLengthStream
classes now support specifying ahighWaterMark
for the writable-side that is used for backpressure signaling using the standardwriter.desiredSize
/writer.ready
mechanisms.
- Fixed a bug in Wrangler tail and live logs on the dashboard that prevented the Administrator Read-Only and Workers Tail Read roles from successfully tailing Workers.
- Workers Logpush now supports 300 characters per log line. This is an increase from the previous limit of 150 characters per line.
- Fixed a bug where transferring large request bodies to a Durable Object was unexpectedly slow.
- Previously, an error would be thrown when trying to access unimplemented standard
Request
andResponse
properties. Now those will be left asundefined
.
- The
request.cf
object now includes two additional properties,tlsClientHelloLength
andtlsClientRandom
.
- Durable Objects can now use jurisdictions with
idFromName
via a new subnamespace API. - V8 updated to 10.9.