⬆️ Bump cloudflare/wrangler-action from 1.3.0 to 3.5.0

[dependabot]

Bumps cloudflare/wrangler-action from 1.3.0 to 3.5.0.

Release notes

Sourced from cloudflare/wrangler-action's releases.

v3.5.0

Minor Changes

• #255 31a6263ef3ec73ff2d03cb4c0260379f96f7598c Thanks @​matthewdavidrodgers! - Stop racing secret uploads

  For up to date versions of wrangler, secrets are uploaded via the 'secret:bulk' command, which batches updates in a single API call.

  For versions of wrangler without that capability, the action falls back to the single 'secret put' command for each secret. It races all these with a Promise.all()

  Unfortunately, the single secret API cannot handle concurrency - at best, these calls have to wait on one another, holding requests open all the while. Often it times out and errors.

  This fixes the legacy secret upload errors by making these calls serially instead of concurrently.

v3.4.1

Patch Changes

• #227 bbedd8e54f256d36f81f81f1f05b90937d533bb7 Thanks @​AdiRishi! - Surface inner exception when secret:bulk upload command fails

v3.4.0

Minor Changes

• #213 d13856dfc92816473ebf47f66e263a2668a97896 Thanks @​GrantBirki! - This change introduces three new GitHub Actions output variables. These variables are as follows:

  • command-output - contains the string results of stdout
  • command-stderr - contains the string results of stderr
  • deployment-url - contains the string results of the URL that was deployed (ex: https://<your_pages_site>.pages.dev)

  These output variables are intended to be used by more advanced workflows that require the output results or deployment url from Wrangler commands in subsequent workflow steps.

Patch Changes

• #216 9aba9c34daabca23a88191a5fe1b81fa721c1f11 Thanks @​Cherry! - Fixes issues with semver comparison, where version parts were treated lexicographically instead of numerically.

  Bulk secret uploading was introduced in wrangler 3.4.0, and this action tries to check if the version used is greater than 3.4.0, and then if so, using the new bulk secret API which is faster. Due to a bug in the semver comparison, 3.19.0 was being considered less than 3.4.0, and then using an older and slower method for uploading secrets.

  Now the semver comparison is fixed, the faster bulk method is used for uploading secrets when available.

v3.3.2

Patch Changes

• #171 76d614f Thanks @​1000hz! - Fixed issues that caused the action to fail if any secret or var values contained shell metacharacters.

• #171 473d9cb Thanks @​1000hz! - Bumped DEFAULT_WRANGLER_VERSION to 3.13.2

v3.3.1

Patch Changes

• #193 a4509d5 Thanks @​1000hz! - Fixed the package manager not being inferred based on lockfile when the packageManager input isn't set.

v3.3.0

... (truncated)

Changelog

Sourced from cloudflare/wrangler-action's changelog.

3.5.0

Minor Changes

• #255 31a6263ef3ec73ff2d03cb4c0260379f96f7598c Thanks @​matthewdavidrodgers! - Stop racing secret uploads

  For up to date versions of wrangler, secrets are uploaded via the 'secret:bulk' command, which batches updates in a single API call.

  For versions of wrangler without that capability, the action falls back to the single 'secret put' command for each secret. It races all these with a Promise.all()

  Unfortunately, the single secret API cannot handle concurrency - at best, these calls have to wait on one another, holding requests open all the while. Often it times out and errors.

  This fixes the legacy secret upload errors by making these calls serially instead of concurrently.

3.4.1

Patch Changes

• #227 bbedd8e54f256d36f81f81f1f05b90937d533bb7 Thanks @​AdiRishi! - Surface inner exception when secret:bulk upload command fails

3.4.0

Minor Changes

• #213 d13856dfc92816473ebf47f66e263a2668a97896 Thanks @​GrantBirki! - This change introduces three new GitHub Actions output variables. These variables are as follows:

  • command-output - contains the string results of stdout
  • command-stderr - contains the string results of stderr
  • deployment-url - contains the string results of the URL that was deployed (ex: https://<your_pages_site>.pages.dev)

  These output variables are intended to be used by more advanced workflows that require the output results or deployment url from Wrangler commands in subsequent workflow steps.

Patch Changes

• #216 9aba9c34daabca23a88191a5fe1b81fa721c1f11 Thanks @​Cherry! - Fixes issues with semver comparison, where version parts were treated lexicographically instead of numerically.

  Bulk secret uploading was introduced in wrangler 3.4.0, and this action tries to check if the version used is greater than 3.4.0, and then if so, using the new bulk secret API which is faster. Due to a bug in the semver comparison, 3.19.0 was being considered less than 3.4.0, and then using an older and slower method for uploading secrets.

  Now the semver comparison is fixed, the faster bulk method is used for uploading secrets when available.

3.3.2

Patch Changes

• #171 76d614f Thanks @​1000hz! - Fixed issues that caused the action to fail if any secret or var values contained shell metacharacters.

• #171 473d9cb Thanks @​1000hz! - Bumped DEFAULT_WRANGLER_VERSION to 3.13.2

3.3.1

... (truncated)

Commits

• a84dcc6 Automatic compilation
• ea5754c Merge pull request #257 from cloudflare/changeset-release/main
• 983b634 Version Packages
• b05934f Merge pull request #255 from matthewdavidrodgers/legacy-concurrent-secret-upl...
• 31a6263 Stop racing secret uploads
• 8890678 docs: Update README.md (#252)
• ebef541 Delete .github/workflows/pullrequests.yml (#243)
• 9d4ca0f Merge pull request #247 from cloudflare/versions-upload
• 1be73b9 update copy
• 1806480 add minimum wrangler version info
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)