build(deps-dev): bump wrangler from 3.14.0 to 3.17.1

[dependabot]

Bumps wrangler from 3.14.0 to 3.17.1.

Release notes

Sourced from wrangler's releases.

wrangler@3.17.1

Patch Changes

• #4474 382ef8f5 Thanks @​mrbbot! - fix: open browser to correct url pressing b in --remote mode

  This change ensures Wrangler doesn't try to open http://* when * is used as the dev server's hostname. Instead, Wrangler will now open http://127.0.0.1.

• #4488 3bd57238 Thanks @​RamIdeas! - Changes the default directory for log files to workaround frameworks that are watching the entire .wrangler directory in the project root for changes

  Also includes a fix for commands with --json where the log file location message would cause stdout to not be valid JSON. That message now goes to stderr.

wrangler@3.17.0

Minor Changes

• #4341 d9908743 Thanks @​RamIdeas! - Wrangler now writes all logs to a .log file in the .wrangler directory. Set a directory or specific .log filepath to write logs to with WRANGLER_LOG_PATH=../Desktop/my-logs/ or WRANGLER_LOG_PATH=../Desktop/my-logs/my-log-file.log. When specifying a directory or using the default location, a filename with a timestamp is used.

  Wrangler now filters workerd stdout/stderr and marks unactionable messages as debug logs. These debug logs are still observable in the debug log file but will no longer show in the terminal by default without the user setting the env var WRANGLER_LOG=debug.

Patch Changes

• #4469 d5e1966b Thanks @​mrbbot! - fix: report correct line and column numbers when source mapping errors with wrangler dev --remote

• #4455 1747d215 Thanks @​rozenmd! - fix: make it possible to ignore hyperdrive warnings

• #4456 805d5241 Thanks @​dario-piotrowicz! - add warnings about ai and verctorize bindings not being supported locally

• #4478 7b54350b Thanks @​penalosa! - Don't log sensitive data to the Wrangler debug log file by default. This includes API request headers and responses.

• Updated dependencies [be2b9cf5, d9908743]:

  • miniflare@3.20231030.1

wrangler@3.16.0

Minor Changes

• #4347 102e15f9 Thanks @​Skye-31! - Feat(unstable_dev): Provide an option for unstable_dev to perform the check that prompts users to update wrangler, defaulting to false. This will prevent unstable_dev from sending a request to NPM on startup to determine whether it needs to be updated.

• #4179 dd270d00 Thanks @​matthewdavidrodgers! - Simplify secret:bulk api via script settings

  Firing PUTs to the secret api in parallel has never been a great solution - each request independently needs to lock the script, so running in parallel is at best just as bad as running serially.

  Luckily, we have the script settings PATCH api now, which can update the settings for a script (including secret bindings) at once, which means we don't need any parallelization. However this api doesn't work with a partial list of bindings, so we have to fetch the current bindings and merge in with the new secrets before PATCHing. We can however just omit the value of the binding (i.e. only provide the name and type) which instructs the config service to inherit the existing value, which simplifies this as well. Note that we don't use the bindings in your current wrangler.toml, as you could be in a draft state, and it makes sense as a user that a bulk secrets update won't update anything else. Instead, we use script settings api again to fetch the current state of your bindings.

  This simplified implementation means the operation can only fail or succeed, rather than succeeding in updating some secrets but failing for others. In order to not introduce breaking changes for logging output, the language around "${x} secrets were updated" or "${x} secrets failed" is kept, even if it doesn't make much sense anymore.

Patch Changes

... (truncated)

Changelog

Sourced from wrangler's changelog.

3.17.1

Patch Changes

• #4474 382ef8f5 Thanks @​mrbbot! - fix: open browser to correct url pressing b in --remote mode

  This change ensures Wrangler doesn't try to open http://* when * is used as the dev server's hostname. Instead, Wrangler will now open http://127.0.0.1.

• #4488 3bd57238 Thanks @​RamIdeas! - Changes the default directory for log files to workaround frameworks that are watching the entire .wrangler directory in the project root for changes

  Also includes a fix for commands with --json where the log file location message would cause stdout to not be valid JSON. That message now goes to stderr.

3.17.0

Minor Changes

• #4341 d9908743 Thanks @​RamIdeas! - Wrangler now writes all logs to a .log file in the .wrangler directory. Set a directory or specific .log filepath to write logs to with WRANGLER_LOG_PATH=../Desktop/my-logs/ or WRANGLER_LOG_PATH=../Desktop/my-logs/my-log-file.log. When specifying a directory or using the default location, a filename with a timestamp is used.

  Wrangler now filters workerd stdout/stderr and marks unactionable messages as debug logs. These debug logs are still observable in the debug log file but will no longer show in the terminal by default without the user setting the env var WRANGLER_LOG=debug.

Patch Changes

• #4469 d5e1966b Thanks @​mrbbot! - fix: report correct line and column numbers when source mapping errors with wrangler dev --remote

• #4455 1747d215 Thanks @​rozenmd! - fix: make it possible to ignore hyperdrive warnings

• #4456 805d5241 Thanks @​dario-piotrowicz! - add warnings about ai and verctorize bindings not being supported locally

• #4478 7b54350b Thanks @​penalosa! - Don't log sensitive data to the Wrangler debug log file by default. This includes API request headers and responses.

• Updated dependencies [be2b9cf5, d9908743]:

  • miniflare@3.20231030.1

3.16.0

Minor Changes

• #4347 102e15f9 Thanks @​Skye-31! - Feat(unstable_dev): Provide an option for unstable_dev to perform the check that prompts users to update wrangler, defaulting to false. This will prevent unstable_dev from sending a request to NPM on startup to determine whether it needs to be updated.

• #4179 dd270d00 Thanks @​matthewdavidrodgers! - Simplify secret:bulk api via script settings

  Firing PUTs to the secret api in parallel has never been a great solution - each request independently needs to lock the script, so running in parallel is at best just as bad as running serially.

  Luckily, we have the script settings PATCH api now, which can update the settings for a script (including secret bindings) at once, which means we don't need any parallelization. However this api doesn't work with a partial list of bindings, so we have to fetch the current bindings and merge in with the new secrets before PATCHing. We can however just omit the value of the binding (i.e. only provide the name and type) which instructs the config service to inherit the existing value, which simplifies this as well. Note that we don't use the bindings in your current wrangler.toml, as you could be in a draft state, and it makes sense as a user that a bulk secrets update won't update anything else. Instead, we use script settings api again to fetch the current state of your bindings.

  This simplified implementation means the operation can only fail or succeed, rather than succeeding in updating some secrets but failing for others. In order to not introduce breaking changes for logging output, the language around "${x} secrets were updated" or "${x} secrets failed" is kept, even if it doesn't make much sense anymore.

Patch Changes

• #4402 baa76e77 Thanks @​rozenmd! - This PR adds a fetch handler that uses page, assuming result_info provided by the endpoint contains page, per_page, and total

... (truncated)

Commits

• 7438e5c Version Packages (#4484)
• 3bd5723 Log file fixes (#4488)
• 382ef8f fix: open browser to correct url pressing b (#4474)
• f728503 Version Packages (#4463)
• 7b54350 Don't log API response by default (#4478)
• 805d524 Warn about AI in dev local (#4456)
• d990874 Intercept workerd logs + write all debug logs to a hidden file (#4341)
• d5e1966 fix: report correct line/column numbers source mapping remote errors (#4469)
• 1747d21 [Hyperdrive] Update validation.ts (#4455)
• 08615aa Version Packages (#4291)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #95.