[Snyk] Upgrade wrangler from 2.20.1 to 4.14.1

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade wrangler from 2.20.1 to 4.14.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 220 versions ahead of your current version.

• The recommended version was released 21 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Insecure Randomness SNYK-JS-UNDICI-8641354	57	Proof of Concept
	Improper Handling of Insufficient Privileges SNYK-JS-WRANGLER-6140500	57	No Known Exploit
	Denial of Service (DoS) SNYK-JS-WS-7266574	57	Proof of Concept
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	57	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	57	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ES5EXT-6095076	57	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	57	Proof of Concept
	Directory Traversal SNYK-JS-WRANGLER-5819554	57	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	57	No Known Exploit
	Improper Input Validation SNYK-JS-NANOID-8492085	57	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	57	Proof of Concept
	Improper Authorization SNYK-JS-UNDICI-6564964	57	No Known Exploit
	Information Exposure SNYK-JS-UNDICI-5962466	57	No Known Exploit
	Permissive Cross-domain Policy with Untrusted Domains SNYK-JS-UNDICI-6252336	57	No Known Exploit
	Improper Access Control SNYK-JS-UNDICI-6564963	57	No Known Exploit

Release notes

Package name: wrangler

• 4.14.1 - 2025-05-01
• 4.14.0 - 2025-04-29
• 4.13.2 - 2025-04-25
• 4.13.1 - 2025-04-24
• 4.13.0 - 2025-04-23
• 4.12.1 - 2025-04-22
• 4.12.0 - 2025-04-17
• 4.11.1 - 2025-04-15
• 4.11.0 - 2025-04-15
• 4.10.0 - 2025-04-10
• 4.9.1 - 2025-04-08
• 4.9.0 - 2025-04-08
• 4.8.0 - 2025-04-07
• 4.7.2 - 2025-04-04
• 4.7.1 - 2025-04-04
• 4.7.0 - 2025-04-02
• 4.6.0 - 2025-03-28
• 4.5.1 - 2025-03-27
• 4.5.0 - 2025-03-26
• 4.4.1 - 2025-03-26
• 4.4.0 - 2025-03-22
• 4.3.0 - 2025-03-20
• 4.2.0 - 2025-03-19
• 4.1.0 - 2025-03-17
• 4.0.0 - 2025-03-13
• 4.0.0-rc.0 - 2025-02-27
• 3.114.9 - 2025-05-22
  

  Patch Changes

  • #9262 2c3d8dd Thanks @ workers-devprod! - fix: add no-op props to ctx in getPlatformProxy to fix type mismatch

  • #8681 7a57c14 Thanks @ workers-devprod! - fix(miniflare): strip CF-Connecting-IP header from all outbound requests

  • #9128 c535845 Thanks @ dario-piotrowicz! - fix: remove outdated js-doc comment for unstable_startDevWorker's entrypoint

  • #9259 b742171 Thanks @ workers-devprod! - Relax R2 bucket validation for pages dev commands

  • #9172 4e943b1 Thanks @ vicb! - validate r2 bucket names

  • #9250 b2b5ee8 Thanks @ workers-devprod! - fix: strip CF-Connecting-IP header within fetch

    In v4.15.0, Miniflare began stripping the CF-Connecting-IP header via a global outbound service, which led to a TCP connection regression due to a bug in Workerd. This PR patches the fetch API to strip the header during local wrangler dev sessions as a temporary workaround until the underlying issue is resolved.

  • #9267 8b4f24a Thanks @ workers-devprod! - fix: setting triggers.crons:[] in Wrangler config should delete deployed cron schedules

  • #9163 d67cd0d Thanks @ petebacondarwin! - Do not report "d1 execute" command file missing error to Sentry

  • #8957 9d4ff5b Thanks @ workers-devprod! - Make sure custom build logging output is more clearly signposted, and make sure it doesn't interfere with the interactive dev session output.

  • #9166 9b4c91d Thanks @ lambrospetrou! - Fix d1 info command showing read_replication: [object Object]

  • Updated dependencies [7a57c14, b2b5ee8, 56a0d6e]:

    • miniflare@3.20250408.2
• 3.114.8 - 2025-05-01
• 3.114.7 - 2025-04-22
• 3.114.6 - 2025-04-14
• 3.114.5 - 2025-04-09
• 3.114.4 - 2025-04-03
• 3.114.3 - 2025-03-26
• 3.114.2 - 2025-03-17
• 3.114.1 - 2025-03-11
• 3.114.0 - 2025-03-06
• 3.113.0 - 2025-03-05
• 3.112.0 - 2025-03-04
• 3.111.0 - 2025-02-27
• 3.110.0 - 2025-02-25
• 3.109.3 - 2025-02-24
• 3.109.2 - 2025-02-18
• 3.109.1 - 2025-02-14
• 3.109.0 - 2025-02-13
• 3.108.1 - 2025-02-12
• 3.108.0 - 2025-02-11
• 3.107.3 - 2025-02-04
• 3.107.2 - 2025-01-31
• 3.107.1 - 2025-01-31
• 3.107.0 - 2025-01-30
• 3.106.0 - 2025-01-28
• 3.105.1 - 2025-01-24
• 3.105.0 - 2025-01-22
• 3.104.0 - 2025-01-22
• 3.103.2 - 2025-01-17
• 3.103.1 - 2025-01-16
• 3.103.0 - 2025-01-16
• 3.102.0 - 2025-01-14
• 3.101.0 - 2025-01-09
• 3.100.0 - 2025-01-07
• 3.99.0 - 2024-12-19
• 3.98.0 - 2024-12-19
• 3.97.0 - 2024-12-17
• 3.96.0 - 2024-12-16
• 3.95.0 - 2024-12-10
• 3.94.0 - 2024-12-09
• 3.93.0 - 2024-12-06
• 3.92.0 - 2024-12-03
• 3.91.0 - 2024-11-26
• 3.90.0 - 2024-11-22
• 3.89.0 - 2024-11-21
• 3.88.0 - 2024-11-19
• 3.87.0 - 2024-11-14
• 3.86.1 - 2024-11-11
• 3.86.0 - 2024-11-08
• 3.85.0 - 2024-11-06
• 3.84.1 - 2024-10-31
• 3.84.0 - 2024-10-30
• 3.83.0 - 2024-10-24
• 3.82.0 - 2024-10-22
• 3.81.0 - 2024-10-17
• 3.80.5 - 2024-10-16
• 3.80.4 - 2024-10-11
• 3.80.3 - 2024-10-10
• 3.80.2 - 2024-10-08
• 3.80.1 - 2024-10-07
• 3.80.0 - 2024-10-04
• 3.79.0 - 2024-10-01
• 3.78.12 - 2024-09-27
• 3.78.11 - 2024-09-27
• 3.78.10 - 2024-09-25
• 3.78.9 - 2024-09-25
• 3.78.8 - 2024-09-23
• 3.78.7 - 2024-09-20
• 3.78.6 - 2024-09-19
• 3.78.5 - 2024-09-18
• 3.78.4 - 2024-09-17
• 3.78.3 - 2024-09-16
• 3.78.2 - 2024-09-13
• 3.78.1 - 2024-09-13
• 3.78.0 - 2024-09-13
• 3.77.0 - 2024-09-12
• 3.76.0 - 2024-09-10
• 3.75.0 - 2024-09-06
• 3.74.0 - 2024-09-03
• 3.73.0 - 2024-08-30
• 3.72.3 - 2024-08-27
• 3.72.2 - 2024-08-22
• 3.72.1 - 2024-08-20
• 3.72.0 - 2024-08-16
• 3.71.0 - 2024-08-13
• 3.70.0 - 2024-08-09
• 3.69.1 - 2024-08-06
• 3.69.0 - 2024-08-06
• 3.68.0 - 2024-08-01
• 3.67.1 - 2024-07-26
• 3.67.0 - 2024-07-25
• 3.66.0 - 2024-07-23
• 3.65.1 - 2024-07-19
• 3.65.0 - 2024-07-16
• 3.64.0 - 2024-07-11
• 3.63.2 - 2024-07-09
• 3.63.1 - 2024-07-04
• 3.63.0 - 2024-07-03
• 3.62.0 - 2024-06-25
• 3.61.0 - 2024-06-18
• 3.60.3 - 2024-06-14
• 3.60.2 - 2024-06-11
• 3.60.1 - 2024-06-10
• 3.60.0 - 2024-06-07
• 3.59.0 - 2024-06-04
• 3.58.0 - 2024-05-31
• 3.57.2 - 2024-05-28
• 3.57.1 - 2024-05-21
• 3.57.0 - 2024-05-17
• 3.56.0 - 2024-05-14
• 3.55.0 - 2024-05-09
• 3.53.1 - 2024-05-02
• 3.53.0 - 2024-04-30
• 3.52.0 - 2024-04-24
• 3.51.2 - 2024-04-18
• 3.51.0 - 2024-04-17
• 3.50.0 - 2024-04-11
• 3.49.0 - 2024-04-10
• 3.48.0 - 2024-04-05
• 3.47.1 - 2024-04-04
• 3.47.0 - 2024-04-04
• 3.46.0 - 2024-04-04
• 3.45.0 - 2024-04-03
• 3.44.0 - 2024-04-02
• 3.43.0 - 2024-04-02
• 3.42.0 - 2024-04-01
• 3.41.0 - 2024-03-29
• 3.40.0 - 2024-03-29
• 3.39.0 - 2024-03-27
• 3.38.0 - 2024-03-26
• 3.37.0 - 2024-03-22
• 3.36.0 - 2024-03-20
• 3.35.0 - 2024-03-19
• 3.34.2 - 2024-03-14
• 3.34.1 - 2024-03-14
• 3.34.0 - 2024-03-14
• 3.33.0 - 2024-03-12
• 3.32.0 - 2024-03-07
• 3.31.0 - 2024-03-05
• 3.30.1 - 2024-02-29
• 3.30.0 - 2024-02-27
• 3.29.0 - 2024-02-22
• 3.28.4 - 2024-02-20
• 3.28.3 - 2024-02-16
• 3.28.2 - 2024-02-13
• 3.28.1 - 2024-02-09
• 3.28.0 - 2024-02-08
• 3.27.0 - 2024-02-06
• 3.26.0 - 2024-01-31
• 3.25.0 - 2024-01-26
• 3.24.0 - 2024-01-23
• 3.23.0 - 2024-01-18
• 3.22.5 - 2024-01-16
• 3.22.4 - 2024-01-09
• 3.22.3 - 2024-01-04
• 3.22.2 - 2024-01-02
• 3.22.1 - 2023-12-20
• 3.22.0 - 2023-12-19
• 3.21.0 - 2023-12-15
• 3.20.0 - 2023-12-12
• 3.19.0 - 2023-12-05
• 3.18.0 - 2023-11-30
• 3.17.1 - 2023-11-22
• 3.17.0 - 2023-11-21
• 3.16.0 - 2023-11-16
• 3.15.0 - 2023-10-26
• 3.14.0 - 2023-10-19
• 3.13.2 - 2023-10-17
• 3.13.1 - 2023-10-12
• 3.13.0 - 2023-10-12
• 3.12.0 - 2023-10-11
• 3.11.0 - 2023-10-05
• 3.10.1 - 2023-09-28
• 3.10.0 - 2023-09-26
• 3.9.1 - 2023-09-25
• 3.9.0 - 2023-09-20
• 3.8.0 - 2023-09-13
• 3.7.0 - 2023-09-05
• 3.6.0 - 2023-08-24
• 3.5.1 - 2023-08-15
• 3.5.0 - 2023-08-08
• 3.4.0 - 2023-07-27
• 3.3.0 - 2023-07-18
• 3.2.0 - 2023-07-11
• 3.1.2 - 2023-07-06
• 3.1.1 - 2023-06-20
• 3.1.0 - 2023-06-06
• 3.0.1 - 2023-05-22
• 3.0.0 - 2023-05-17
• 2.21.3 - 2025-03-13
• 2.21.2 - 2024-10-08
• 2.21.1 - 2024-03-21
• 2.21.0 - 2024-01-18
• 2.20.2 - 2023-12-15
• 2.20.1 - 2023-08-28

from wrangler GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Summary by Sourcery

Enhancements:

• Upgrade wrangler from 2.20.1 to 4.14.1 in examples/caching/with-cloudflare-workers-kv

[sourcery-ai]

Reviewer's Guide

The PR bumps the Wrangler CLI dev dependency in the caching example from 2.20.1 to 4.14.1, integrating over 200 versions of security fixes and feature updates but introducing a major version jump that may require compatibility checks.

File-Level Changes

Change	Details	Files
Upgrade Wrangler dev dependency version	Bump wrangler from 2.20.1 to 4.14.1	examples/caching/with-cloudflare-workers-kv/package.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.