build(deps-dev): Bump miniflare from 4.20260424.0 to 4.20260426.0

[dependabot]

Bumps miniflare from 4.20260424.0 to 4.20260426.0.

Release notes

Sourced from miniflare's releases.

miniflare@4.20260426.0

Minor Changes

• #13599 21b87b2 Thanks @​Ltadrian! - Add extended sslmode support for Hyperdrive local dev. This adds support for sslmodes verify-full / verify-ca for Postgres and VERIFY_IDENTITY / VERIFY_CA for MySQL

• #13617 118027d Thanks @​roerohan! - Force Flagship bindings to always use remote mode in local dev

  Flagship bindings now always access the remote Flagship service during local development, matching the behavior of AI bindings. Previously, Flagship supported both local and remote modes, but the local stub only returned default values, providing no real functionality and creating a dual source of truth for flag evaluations.

  The remote config field is retained for backward compatibility but only controls whether a warning is displayed. Setting remote: true suppresses the warning that Flagship bindings always access remote resources and may incur usage charges in local dev.

Patch Changes

• #13696 62e9f2a Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260424.1	1.20260426.1

• #13652 033d6ec Thanks @​emily-shen! - fix: allow multiple workers with browser bindings in dev

  You can now run multiple workers with multiple browser bindings in miniflare. Previously, this would crash with kj/table.c++:49: failed: inserted row already exists in table.

• #13649 ae8eae3 Thanks @​petebacondarwin! - Fix service binding and tail consumer props being dropped between workers in different local dev instances

  When a service binding or tail consumer configured with props targeted a worker running in a separate wrangler dev instance (via the dev registry), the props were silently dropped and the remote entrypoint saw an empty ctx.props. Props are now forwarded correctly across the dev registry boundary, matching the behavior users get when all workers run in a single instance.

  // wrangler.json
  {
    "services": [
      {
        "binding": "AUTH",
        "service": "auth-worker", // may be in a separate `wrangler dev` process
        "entrypoint": "SessionEntry",
        "props": { "tenant": "acme" }
      }
    ]
  }

  The target worker's SessionEntry entrypoint now correctly receives { tenant: "acme" } on ctx.props regardless of which local dev instance it runs in.

• #13668 ef24ff2 Thanks @​for-the-kidz! - Fix TypeError: rules is not iterable in the router-worker when static_routing is configured without user_worker rules

  The router-worker's static-routing include-rule evaluation passed config.static_routing.user_worker directly to the matcher, which iterates with for...of. When static_routing was set but user_worker was omitted, the matcher threw TypeError: rules is not iterable and failed the request. The adjacent asset_worker branch already falls back to [] in this case; the user_worker branch now does the same.

• #13654 6d27479 Thanks @​pombosilva! - fix: Preserve internal counter suffix on workflow step names in local explorer API

... (truncated)

Changelog

Sourced from miniflare's changelog.

4.20260426.0

Minor Changes

• #13599 21b87b2 Thanks @​Ltadrian! - Add extended sslmode support for Hyperdrive local dev. This adds support for sslmodes verify-full / verify-ca for Postgres and VERIFY_IDENTITY / VERIFY_CA for MySQL

• #13617 118027d Thanks @​roerohan! - Force Flagship bindings to always use remote mode in local dev

  Flagship bindings now always access the remote Flagship service during local development, matching the behavior of AI bindings. Previously, Flagship supported both local and remote modes, but the local stub only returned default values, providing no real functionality and creating a dual source of truth for flag evaluations.

  The remote config field is retained for backward compatibility but only controls whether a warning is displayed. Setting remote: true suppresses the warning that Flagship bindings always access remote resources and may incur usage charges in local dev.

Patch Changes

• #13696 62e9f2a Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260424.1	1.20260426.1

• #13652 033d6ec Thanks @​emily-shen! - fix: allow multiple workers with browser bindings in dev

  You can now run multiple workers with multiple browser bindings in miniflare. Previously, this would crash with kj/table.c++:49: failed: inserted row already exists in table.

• #13649 ae8eae3 Thanks @​petebacondarwin! - Fix service binding and tail consumer props being dropped between workers in different local dev instances

  When a service binding or tail consumer configured with props targeted a worker running in a separate wrangler dev instance (via the dev registry), the props were silently dropped and the remote entrypoint saw an empty ctx.props. Props are now forwarded correctly across the dev registry boundary, matching the behavior users get when all workers run in a single instance.

  // wrangler.json
  {
    "services": [
      {
        "binding": "AUTH",
        "service": "auth-worker", // may be in a separate `wrangler dev` process
        "entrypoint": "SessionEntry",
        "props": { "tenant": "acme" }
      }
    ]
  }

  The target worker's SessionEntry entrypoint now correctly receives { tenant: "acme" } on ctx.props regardless of which local dev instance it runs in.

• #13668 ef24ff2 Thanks @​for-the-kidz! - Fix TypeError: rules is not iterable in the router-worker when static_routing is configured without user_worker rules

  The router-worker's static-routing include-rule evaluation passed config.static_routing.user_worker directly to the matcher, which iterates with for...of. When static_routing was set but user_worker was omitted, the matcher threw TypeError: rules is not iterable and failed the request. The adjacent asset_worker branch already falls back to [] in this case; the user_worker branch now does the same.

... (truncated)

Commits

• 87b094e Version Packages (#13665)
• 3f39c7e fix(miniflare): skip SNI for Hyperdrive IP targets (#13708)
• 21b87b2 SQC-813 support hyperdrive local dev sslmodes verify-ca / verify-full (#13599)
• 6d27479 [local-explorer-ui] Fix Workflows page (colors, icons, etc) (#13654)
• 41e7b4c chore(miniflare): Add KV ArrayBuffer & stream tests (#13561)
• 033d6ec fix multiple workers with browser bindings (#13652)
• 62e9f2a Bump the workerd-and-workers-types group with 2 updates (#13696)
• 118027d [wrangler] Force Flagship bindings to always use remote mode in local dev (#1...
• 175ec8b [miniflare] Fix flaky dev-registry prop forwarding tests (#13671)
• ae8eae3 [miniflare] Forward service binding and tail consumer props across the dev re...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)