Bump the npm_and_yarn group across 23 directories with 11 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the / directory: wrangler and hono.
Bumps the npm_and_yarn group with 3 updates in the /astro-blog-starter-template directory: wrangler, devalue and rollup.
Bumps the npm_and_yarn group with 4 updates in the /chanfana-openapi-template directory: wrangler, hono, devalue and rollup.
Bumps the npm_and_yarn group with 2 updates in the /containers-template directory: wrangler and hono.
Bumps the npm_and_yarn group with 3 updates in the /d1-starter-sessions-api-template directory: wrangler, devalue and rollup.
Bumps the npm_and_yarn group with 3 updates in the /llm-chat-app-template directory: wrangler, devalue and rollup.
Bumps the npm_and_yarn group with 2 updates in the /microfrontend-template directory: wrangler and rollup.
Bumps the npm_and_yarn group with 3 updates in the /mysql-hyperdrive-template directory: wrangler, devalue and rollup.
Bumps the npm_and_yarn group with 2 updates in the /openauth-template directory: wrangler and hono.
Bumps the npm_and_yarn group with 3 updates in the /postgres-hyperdrive-template directory: wrangler, devalue and rollup.
Bumps the npm_and_yarn group with 2 updates in the /r2-explorer-template directory: wrangler and hono.
Bumps the npm_and_yarn group with 4 updates in the /react-postgres-fullstack-template directory: wrangler, hono, minimatch and rollup.
Bumps the npm_and_yarn group with 5 updates in the /react-router-hono-fullstack-template directory:

Package	From	To
wrangler	4.56.0	4.59.1
hono	4.11.1	4.12.7
lodash	4.17.21	4.17.23
minimatch	9.0.5	9.0.9
rollup	4.53.5	4.59.0

Bumps the npm_and_yarn group with 5 updates in the /react-router-postgres-ssr-template directory:

Package	From	To
wrangler	4.56.0	4.59.1
hono	4.11.1	4.12.7
lodash	4.17.21	4.17.23
minimatch	9.0.5	9.0.9
rollup	4.53.5	4.59.0

Bumps the npm_and_yarn group with 5 updates in the /remix-starter-template directory:

Package	From	To
wrangler	3.114.15	3.114.17
lodash	4.17.21	4.17.23
minimatch	9.0.5	9.0.9
minimatch	3.1.2	3.1.5
qs	6.14.0	6.14.2
rollup	4.53.5	4.59.0

Bumps the npm_and_yarn group with 3 updates in the /saas-admin-template directory: wrangler, devalue and rollup.
Bumps the npm_and_yarn group with 5 updates in the /to-do-list-kv-template directory:

Package	From	To
wrangler	3.114.15	3.114.17
lodash	4.17.21	4.17.23
minimatch	9.0.5	9.0.9
minimatch	3.1.2	3.1.5
qs	6.14.0	6.14.2
rollup	4.53.5	4.59.0

Bumps the npm_and_yarn group with 4 updates in the /vite-react-template directory: wrangler, hono, minimatch and rollup.
Bumps the npm_and_yarn group with 1 update in the /worker-publisher-template directory: wrangler.
Bumps the npm_and_yarn group with 2 updates in the /workers-builds-notifications-template directory: wrangler and rollup.
Bumps the npm_and_yarn group with 3 updates in the /workers-for-platforms-template directory: wrangler, hono and esbuild.
Bumps the npm_and_yarn group with 3 updates in the /workflows-starter-template directory: wrangler, minimatch and rollup.
Bumps the npm_and_yarn group with 7 updates in the /x402-proxy-template directory:

Package	From	To
wrangler	4.56.0	4.59.1
hono	4.11.1	4.12.7
axios	1.13.2	1.13.6
bn.js	5.2.2	5.2.3
h3	1.15.4	1.15.6
lodash	4.17.21	4.17.23
minimatch	3.1.2	3.1.5
minimatch	9.0.5	9.0.9

Updates wrangler from 3.114.15 to 3.114.17

Changelog

Sourced from wrangler's changelog.

3.114.17

Patch Changes

• #11891 6d5557b Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

  Pass user provided values from --commit-hash safely to underlying git command.

3.114.16

Patch Changes

• #11689 9bab0a0 Thanks @​ascorbic! - Display a warning when authentication errors occur and the account_id in your Wrangler configuration does not match any of your authenticated accounts. This helps identify configuration issues where you may have the wrong account ID set in your wrangler.toml or wrangler.jsonc file.

• #10737 c41a078 Thanks @​workers-devprod! - Allow WRANGLER_SEND_ERROR_REPORTS env var to override whether to report Wrangler crashes to Sentry

• #11134 bd39455 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

  Now the argument values that are captured come from an allow list, and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

• #11020 9cb702e Thanks @​dario-piotrowicz! - Fix observability.logs.persist being flagged as an unexpected field during the wrangler config file validation

• #11147 cf4993b Thanks @​FlorentCollin! - Improve the formatting of the D1 execute command to always show the duration in milliseconds with two decimal places.

• #11650 cc29ead Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

  When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

• #11179 7f779e9 Thanks @​ascorbic! - Log a more helpful error when attempting to "r2 object put" a non-existent file

• #11501 c78d942 Thanks @​edmundhung! - fix: prevent reporting SQLite error from wrangler d1 execute to Sentry

• #11262 b2683f7 Thanks @​workers-devprod! - Avoid using object lookup for OAuth Error classes

• #11107 d8037d3 Thanks @​workers-devprod! - Fixed conflict between --env and --expires flags in wrangler r2 object put.

  --e now aliases --env only, and NOT --expires.

• #10961 02d2ea9 Thanks @​devin-ai-integration! - Acquire Cloudflare Access tokens for additional requests made during a wrangler dev --remote session

• #11108 892ec4f Thanks @​emily-shen! - Fixed self-bindings (service bindings to the same worker) showing as [not connected] in wrangler dev. Self-bindings now correctly show as [connected] since a worker is always available to itself.

• #11138 3db872a Thanks @​devin-ai-integration! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

• #10889 204616c Thanks @​workers-devprod! - Clarify that wrangler check startup generates a local CPU profile

• #11491 ed8aaef Thanks @​edmundhung! - Explicitly close FileHandle in wrangler d1 execute to support Node 25

• #10962 203e599 Thanks @​devin-ai-integration! - Fixed duplicate warning messages appearing during wrangler dev when configuration changes or state transitions occur

... (truncated)

Commits

• f21ee75 Version Packages (#11895)
• 6d5557b fix: execute git commands in pages deploy safely (#11889) (#11891)
• 0e19ae9 Version Packages (#10906)
• 3db872a [v3 backport] Backport tail-based logging from #11135 and #11346 (#11138)
• 02d2ea9 Fix remote dev with Access (#10961)
• 9bab0a0 fix(wrangler): add warning when account_id mismatch detected on auth error (v...
• 4b18c6f Introduce internal isWorkerNotFoundError utility and avoid worker-not-found...
• ed8aaef fix(wrangler): close FileHandle in to support Node 25 (#11491)
• c78d942 V3 backport of #11467: prevent SQLite users error from being reported to Sent...
• cc29ead fix: respect TypeScript path aliases when resolving non-JS modules with modul...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for wrangler since your current version.

Updates hono from 4.11.1 to 4.12.7

Release notes

Sourced from hono's releases.

v4.12.7

Security hardening

Ignore __proto__ path segments in parseBody({ dot: true }) to prevent potential prototype pollution when merged with unsafe patterns.

---

Full Changelog: honojs/hono@v4.12.6...v4.12.7

v4.12.6

What's Changed

• fix(accept): replace regex split to mitigate ReDoS by @​EdamAme-x in honojs/hono#4758
• fix(jsx): align link hoisting and dedupe with React 19 by @​usualoma in honojs/hono#4792
• chore(builld): tsconfig project references by @​BarryThePenguin in honojs/hono#4797
• chore: add tsconfig.spec.json by @​yusukebe in honojs/hono#4798
• feat(jsx-renderer): support function-based options by @​3w36zj6 in honojs/hono#4780
• fix(lambda-edge): avoid callback handler deprecation on NODEJS_24_X by @​t0waxx in honojs/hono#4782

New Contributors

• @​t0waxx made their first contribution in honojs/hono#4782

Full Changelog: honojs/hono@v4.12.5...v4.12.6

v4.12.5

What's Changed

• fix(request): return string | undefined from param() when path type is any by @​andrewdamelio in honojs/hono#4723
• fix(jwt): validate token format in decode and decodeHeader functions by @​otoneko1102 in honojs/hono#4752
• fix(jsx): Fix "Invalid state: Controller is already closed" by @​gaearon in honojs/hono#4770
• chore(eslint): upgrade @hono/eslint-config by @​BarryThePenguin in honojs/hono#4781

New Contributors

• @​andrewdamelio made their first contribution in honojs/hono#4723
• @​otoneko1102 made their first contribution in honojs/hono#4752
• @​gaearon made their first contribution in honojs/hono#4770

Full Changelog: honojs/hono@v4.12.4...v4.12.5

v4.12.4

Security fixes

This release includes fixes for the following security issues:

SSE Control Field Injection

Affects: streamSSE() in Streaming Helper. Fixes injection of unintended SSE fields by rejecting CR/LF characters in event, id, and retry. GHSA-p6xx-57qc-3wxr

Cookie Attribute Injection in setCookie()

Affects: setCookie() from hono/cookie. Fixes cookie attribute manipulation by rejecting ;, \r, and \n in domain and path options. GHSA-5pq2-9x2x-5p6w

... (truncated)

Commits

• b0aba5b 4.12.7
• 1be3a53 ci: apply automated fixes
• ef90225 Merge commit from fork
• 3f88636 4.12.6
• 53b66ae fix(lambda-edge): avoid callback handler deprecation on NODEJS_24_X (#4782)
• 58825a7 feat(jsx-renderer): support function-based options (#4780)
• 0e80acb chore: add tsconfig.spec.json (#4798)
• d69deb8 chore(builld): tsconfig project references (#4797)
• 8217d9e fix(jsx): align link hoisting and dedupe with React 19 (#4792)
• 5086956 fix(accept): replace regex split to mitigate ReDoS (#4758)
• Additional commits viewable in compare view

Updates wrangler from 4.56.0 to 4.59.1

Changelog

Sourced from wrangler's changelog.

3.114.17

Patch Changes

• #11891 6d5557b Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

  Pass user provided values from --commit-hash safely to underlying git command.

3.114.16

Patch Changes

• #11689 9bab0a0 Thanks @​ascorbic! - Display a warning when authentication errors occur and the account_id in your Wrangler configuration does not match any of your authenticated accounts. This helps identify configuration issues where you may have the wrong account ID set in your wrangler.toml or wrangler.jsonc file.

• #10737 c41a078 Thanks @​workers-devprod! - Allow WRANGLER_SEND_ERROR_REPORTS env var to override whether to report Wrangler crashes to Sentry

• #11134 bd39455 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

  Now the argument values that are captured come from an allow list, and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

• #11020 9cb702e Thanks @​dario-piotrowicz! - Fix observability.logs.persist being flagged as an unexpected field during the wrangler config file validation

• #11147 cf4993b Thanks @​FlorentCollin! - Improve the formatting of the D1 execute command to always show the duration in milliseconds with two decimal places.

• #11650 cc29ead Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

  When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

• #11179 7f779e9 Thanks @​ascorbic! - Log a more helpful error when attempting to "r2 object put" a non-existent file

• #11501 c78d942 Thanks @​edmundhung! - fix: prevent reporting SQLite error from wrangler d1 execute to Sentry

• #11262 b2683f7 Thanks @​workers-devprod! - Avoid using object lookup for OAuth Error classes

• #11107 d8037d3 Thanks @​workers-devprod! - Fixed conflict between --env and --expires flags in wrangler r2 object put.

  --e now aliases --env only, and NOT --expires.

• #10961 02d2ea9 Thanks @​devin-ai-integration! - Acquire Cloudflare Access tokens for additional requests made during a wrangler dev --remote session

• #11108 892ec4f Thanks @​emily-shen! - Fixed self-bindings (service bindings to the same worker) showing as [not connected] in wrangler dev. Self-bindings now correctly show as [connected] since a worker is always available to itself.

• #11138 3db872a Thanks @​devin-ai-integration! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

• #10889 204616c Thanks @​workers-devprod! - Clarify that wrangler check startup generates a local CPU profile

• #11491 ed8aaef Thanks @​edmundhung! - Explicitly close FileHandle in wrangler d1 execute to support Node 25

• #10962 203e599 Thanks @​devin-ai-integration! - Fixed duplicate warning messages appearing during wrangler dev when configuration changes or state transitions occur

... (truncated)

Commits

• f21ee75 Version Packages (#11895)
• 6d5557b fix: execute git commands in pages deploy safely (#11889) (#11891)
• 0e19ae9 Version Packages (#10906)
• 3db872a [v3 backport] Backport tail-based logging from #11135 and #11346 (#11138)
• 02d2ea9 Fix remote dev with Access (#10961)
• 9bab0a0 fix(wrangler): add warning when account_id mismatch detected on auth error (v...
• 4b18c6f Introduce internal isWorkerNotFoundError utility and avoid worker-not-found...
• ed8aaef fix(wrangler): close FileHandle in to support Node 25 (#11491)
• c78d942 V3 backport of #11467: prevent SQLite users error from being reported to Sent...
• cc29ead fix: respect TypeScript path aliases when resolving non-JS modules with modul...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for wrangler since your current version.

Updates devalue from 5.6.2 to 5.6.4

Release notes

Sourced from devalue's releases.

v5.6.4

Patch Changes

• 87c1f3c: fix: reject __proto__ keys in malformed Object wrapper payloads

  This validates the "Object" parse path and throws when the wrapped value has an own __proto__ key.

• 40f1db1: fix: ensure sparse array indices are integers

• 87c1f3c: fix: disallow __proto__ keys in null-prototype object parsing

  This disallows __proto__ keys in the "null" parse path so null-prototype object hydration cannot carry that key through parse/unflatten.

v5.6.3

Patch Changes

• 0f04d4d: fix: Properly handle __proto__
• 819f1ac: fix: better encoding for sparse arrays

Changelog

Sourced from devalue's changelog.

5.6.4

Patch Changes

• 87c1f3c: fix: reject __proto__ keys in malformed Object wrapper payloads

  This validates the "Object" parse path and throws when the wrapped value has an own __proto__ key.

• 40f1db1: fix: ensure sparse array indices are integers

• 87c1f3c: fix: disallow __proto__ keys in null-prototype object parsing

  This disallows __proto__ keys in the "null" parse path so null-prototype object hydration cannot carry that key through parse/unflatten.

5.6.3

Patch Changes

• 0f04d4d: fix: Properly handle __proto__
• 819f1ac: fix: better encoding for sparse arrays

Commits

• 6cbb3f5 Version Packages (#133)
• 40f1db1 Merge commit from fork
• 87c1f3c Merge commit from fork
• a4a37d2 Version Packages (#132)
• 819f1ac Merge commit from fork
• 0f04d4d Merge commit from fork
• See full diff in compare view

Updates rollup from 4.55.1 to 4.59.0

Release notes

Sourced from rollup's releases.

v4.59.0

4.59.0

2026-02-22

Features

• Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

• #6275: Validate bundle stays within output dir (@​lukastaegert)

v4.58.0

4.58.0

2026-02-20

Features

• Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

• #6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@​njg7194, @​lukastaegert)
• #6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@​millerick, @​lukastaegert)
• #6260: fix(deps): update rust crate swc_compiler_base to v47 (@​renovate[bot], @​lukastaegert)
• #6261: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6262: Avoid unnecessary cloning of the code string (@​lukastaegert)
• #6263: fix(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6265: chore(deps): lock file maintenance (@​renovate[bot])
• #6267: fix(deps): update minor/patch updates (@​renovate[bot])
• #6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@​renovate[bot], @​lukastaegert)
• #6269: chore(deps): update dependency lru-cache to v11 (@​renovate[bot])
• #6270: chore(deps): lock file maintenance (@​renovate[bot])
• #6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@​lukastaegert)

v4.57.1

4.57.1

2026-01-30

Bug Fixes

• Fix heap corruption issue in Windows (#6251)
• Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

• #6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@​alan-agius4, @​lukastaegert)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.59.0

2026-02-22

Features

• Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

• #6275: Validate bundle stays within output dir (@​lukastaegert)

4.58.0

2026-02-20

Features

• Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

• #6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@​njg7194, @​lukastaegert)
• #6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@​millerick, @​lukastaegert)
• #6260: fix(deps): update rust crate swc_compiler_base to v47 (@​renovate[bot], @​lukastaegert)
• #6261: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6262: Avoid unnecessary cloning of the code string (@​lukastaegert)
• #6263: fix(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6265: chore(deps): lock file maintenance (@​renovate[bot])
• #6267: fix(deps): update minor/patch updates (@​renovate[bot])
• #6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@​renovate[bot], @​lukastaegert)
• #6269: chore(deps): update dependency lru-cache to v11 (@​renovate[bot])
• #6270: chore(deps): lock file maintenance (@​renovate[bot])
• #6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@​lukastaegert)

4.57.1

2026-01-30

Bug Fixes

• Fix heap corruption issue in Windows (#6251)
• Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

• #6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@​alan-agius4, @​lukastaegert)
• #6252: chore(deps): update dependency lru-cache to v11 (@​renovate[bot])
• #6253: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6254: Fully include dynamic imports in a try-catch (@​lukastaegert)

... (truncated)

Commits

• ae84695 4.59.0
• b39616e Update audit-resolve
• c60770d Validate bundle stays within output dir (#6275)
• 33f39c1 4.58.0
• b61c408 forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...
• 7f00689 Extend agent instructions
• e7b2b85 chore(deps): lock file maintenance (#6270)
• 2aa5da9 fix(deps): update minor/patch updates (#6267)
• 4319837 chore(deps): update dependency lru-cache to v11 (#6269)
• c3b6b4b chore(deps): update dependency eslint-plugin-unicorn to v63 (#6268)
• Additional commits viewable in compare view

Updates wrangler from 4.56.0 to 4.59.1

Changelog

Sourced from wrangler's changelog.

3.114.17

Patch Changes

• #11891 6d5557b Thanks @​emily-shen! - Use argument array when executing git commands with wrangler pages deploy

  Pass user provided values from --commit-hash safely to underlying git command.

3.114.16

Patch Changes

• #11689 9bab0a0 Thanks @​ascorbic! - Display a warning when authentication errors occur and the account_id in your Wrangler configuration does not match any of your authenticated accounts. This helps identify configuration issues where you may have the wrong account ID set in your wrangler.toml or wrangler.jsonc file.

• #10737 c41a078 Thanks @​workers-devprod! - Allow WRANGLER_SEND_ERROR_REPORTS env var to override whether to report Wrangler crashes to Sentry

• #11134 bd39455 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

  Now the argument values that are captured come from an allow list, and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

• #11020 9cb702e Thanks @​dario-piotrowicz! - Fix observability.logs.persist being flagged as an unexpected field during the wrangler config file validation

• #11147 cf4993b Thanks @​FlorentCollin! - Improve the formatting of the D1 execute command to always show the duration in milliseconds with two decimal places.

• #11650 cc29ead Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

  When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

• #11179 7f779e9 Thanks @​ascorbic! - Log a more helpful error when attempting to "r2 object put" a non-existent file

• #11501 c78d942 Thanks @​edmundhung! - fix: prevent reporting SQLite error from wrangler d1 execute to Sentry

• #11262 b2683f7 Thanks @​workers-devprod! - Avoid using object lookup for OAuth Error classes

• #11107 d8037d3 Thanks @​workers-devprod! - Fixed conflict between --env and --expires flags in wrangler r2 object put.

  --e now aliases --env only, and NOT --expires.

• #10961 02d2ea9 Thanks @​devin-ai-integration! - Acquire Cloudflare Access tokens for additional requests made during a wrangler dev --remote session

• #11108 892ec4f Thanks @​emily-shen! - Fixed self-bindings (service bindings to the same worker) showing as [not connected] in wrangler dev. Self-bindings now correctly show as [connected] since a worker is always available to itself.

• #11138 3db872a Thanks @​devin-ai-integration! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

• #10889 204616c Thanks @​workers-devprod! - Clarify that wrangler check startup generates a local CPU profile

• #11491 ed8aaef Thanks @​edmundhung! - Explicitly close FileHandle in wrangler d1 execute to support Node 25

• #10962 203e599 Thanks @​devin-ai-integration! - Fixed duplicate warning messages appearing during wrangler dev when configuration changes or state transitions occur

... (truncated)

Commits

• f21ee75 Version Packages (#11895)
• 6d5557b fix: execute git commands in pages deploy safely (#11889) (#11891)
• 0e19ae9 Version Packages (#10906)
• 3db872a [v3 backport] Backport tail-based logging from #11135 and #11346 (#11138)
• 02d2ea9 Fix remote dev with Access (#10961)
• 9bab0a0 fix(wrangler): add warning when account_id mismatch detected on auth error (v...
• 4b18c6f Introduce internal isWorkerNotFoundError utility and avoid worker-not-found...
• ed8aaef fix(wrangler): close FileHandle in to support Node 25 (