---
title: Changelogs
image: https://developers.cloudflare.com/cf-twitter-card.png
---

> Documentation Index  
> Fetch the complete documentation index at: https://developers.cloudflare.com/changelog/llms.txt  
> Use this file to discover all available pages before exploring further. 

[Skip to content](#%5Ftop) 

# Changelog

New updates and improvements at Cloudflare.

[ Subscribe to RSS ](https://developers.cloudflare.com/changelog/rss/index.xml) [ View RSS feeds ](https://developers.cloudflare.com/fundamentals/new-features/available-rss-feeds/) 

All products

![hero image](https://developers.cloudflare.com/_astro/hero.CVYJHPAd_26AMqX.svg) 

Dec 16, 2025
1. ### [Configure your framework for Cloudflare automatically](https://developers.cloudflare.com/changelog/post/2025-12-16-wrangler-autoconfig/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
Wrangler now supports automatic configuration for popular web frameworks in experimental mode, making it even easier to deploy to Cloudflare Workers.  
Previously, if you wanted to deploy an application using a popular web framework like Next.js or Astro, you had to follow tutorials to set up your application for deployment to Cloudflare Workers. This usually involved creating a Wrangler file, installing adapters, or changing configuration options.  
Now `wrangler deploy` does this for you. Starting with Wrangler 4.55, you can use `npx wrangler deploy --x-autoconfig` in the directory of any web application using one of the supported frameworks. Wrangler will then proceed to configure and deploy it to your Cloudflare account.  
You can also configure your application without deploying it by using the new `npx wrangler setup` command. This enables you to easily review what changes we are making so your application is ready for Cloudflare Workers.  
The following application frameworks are supported starting today:

  * Next.js
  * Astro
  * Nuxt
  * TanStack Start
  * SolidStart
  * React Router
  * SvelteKit
  * Docusaurus
  * Qwik
  * Analog  
Automatic configuration also supports static sites by detecting the assets directory and build command. From a single index.html file to the output of a generator like Jekyll or Hugo, you can just run `npx wrangler deploy --x-autoconfig` to upload to Cloudflare.  
We're really excited to bring you automatic configuration so you can do more with Workers. Please let us know if you run into challenges using this experimentally. We’ve opened a [GitHub discussion ↗](https://github.com/cloudflare/workers-sdk/discussions/11667) and would love to hear your feedback.

Dec 15, 2025
1. ### [New Best Practices guide for Durable Objects](https://developers.cloudflare.com/changelog/post/2025-12-15-rules-of-durable-objects/)  
[ Durable Objects ](https://developers.cloudflare.com/durable-objects/)[ Workers ](https://developers.cloudflare.com/workers/)  
A new [Rules of Durable Objects](https://developers.cloudflare.com/durable-objects/best-practices/rules-of-durable-objects/) guide is now available, providing opinionated best practices for building effective Durable Objects applications. This guide covers design patterns, storage strategies, concurrency, and common anti-patterns to avoid.  
Key guidance includes:

  * **Design around your "atom" of coordination** — Create one Durable Object per logical unit (chat room, game session, user) instead of a global singleton that becomes a bottleneck.
  * **Use SQLite storage with RPC methods** — SQLite-backed Durable Objects with typed RPC methods provide the best developer experience and performance.
  * **Understand input and output gates** — Learn how Cloudflare's runtime prevents data races by default, how write coalescing works, and when to use `blockConcurrencyWhile()`.
  * **Leverage Hibernatable WebSockets** — Reduce costs for real-time applications by allowing Durable Objects to sleep while maintaining WebSocket connections.  
The [testing documentation](https://developers.cloudflare.com/durable-objects/examples/testing-with-durable-objects/) has also been updated with modern patterns using `@cloudflare/vitest-pool-workers`, including examples for testing SQLite storage, alarms, and direct instance access:

  * [  JavaScript ](#tab-panel-4869)
  * [  TypeScript ](#tab-panel-4870)

**test/counter.test.js**  
```js  
import { env, runDurableObjectAlarm } from "cloudflare:test";  
import { it, expect } from "vitest";  
it("can test Durable Objects with isolated storage", async () => {  
  const stub = env.COUNTER.getByName("test");  
  // Call RPC methods directly on the stub  
  await stub.increment();  
  expect(await stub.getCount()).toBe(1);  
  // Trigger alarms immediately without waiting  
  await runDurableObjectAlarm(stub);  
});  
```

**test/counter.test.ts**  
```ts  
import { env, runDurableObjectAlarm } from "cloudflare:test";  
import { it, expect } from "vitest";  
it("can test Durable Objects with isolated storage", async () => {  
  const stub = env.COUNTER.getByName("test");  
  // Call RPC methods directly on the stub  
  await stub.increment();  
  expect(await stub.getCount()).toBe(1);  
  // Trigger alarms immediately without waiting  
  await runDurableObjectAlarm(stub);  
});  
```

Dec 12, 2025
1. ### [Billing for SQLite Storage](https://developers.cloudflare.com/changelog/post/2025-12-12-durable-objects-sqlite-storage-billing/)  
[ Durable Objects ](https://developers.cloudflare.com/durable-objects/)[ Workers ](https://developers.cloudflare.com/workers/)  
Storage billing for SQLite-backed Durable Objects will be enabled in January 2026, with a target date of January 7, 2026 (no earlier).  
To view your SQLite storage usage, go to the **Durable Objects** page  
[ Go to **Durable Objects** ](https://dash.cloudflare.com/?to=/:account/workers/durable-objects)  
If you do not want to incur costs, please take action such as optimizing queries or deleting unnecessary stored data in order to reduce your SQLite storage usage ahead of the January 7th target. Only usage on and after the billing target date will incur charges.  
Developers on the Workers Paid plan with Durable Object's SQLite storage usage beyond included limits will incur charges according to [SQLite storage pricing](https://developers.cloudflare.com/durable-objects/platform/pricing/#sqlite-storage-backend) announced in September 2024 with the [public beta ↗](https://blog.cloudflare.com/sqlite-in-durable-objects/). Developers on the Workers Free plan will not be charged.  
Compute billing for SQLite-backed Durable Objects has been enabled since the initial public beta. SQLite-backed Durable Objects currently incur [charges for requests and duration](https://developers.cloudflare.com/durable-objects/platform/pricing/#compute-billing), and no changes are being made to compute billing.  
For more information about SQLite storage pricing and limits, refer to the [Durable Objects pricing documentation](https://developers.cloudflare.com/durable-objects/platform/pricing/#sqlite-storage-backend).

Dec 12, 2025
1. ### [R2 SQL now supports aggregations and schema discovery](https://developers.cloudflare.com/changelog/post/2025-12-12-aggregation-support-and-more/)  
[ R2 SQL ](https://developers.cloudflare.com/r2-sql/)  
R2 SQL now supports aggregation functions, `GROUP BY`, `HAVING`, along with schema discovery commands to make it easy to explore your data catalog.  
#### Aggregation Functions  
You can now perform aggregations on Apache Iceberg tables in [R2 Data Catalog](https://developers.cloudflare.com/r2/data-catalog/) using standard SQL functions including `COUNT(*)`, `SUM()`, `AVG()`, `MIN()`, and `MAX()`. Combine these with `GROUP BY` to analyze data across dimensions, and use `HAVING` to filter aggregated results.  
```sql
-- Calculate average transaction amounts by department  
SELECT department, COUNT(*), AVG(total_amount)  
FROM my_namespace.sales_data  
WHERE region = 'North'  
GROUP BY department  
HAVING COUNT(*) > 50  
ORDER BY AVG(total_amount) DESC  
```  
```sql
-- Find high-value departments  
SELECT department, SUM(total_amount)  
FROM my_namespace.sales_data  
GROUP BY department  
HAVING SUM(total_amount) > 50000  
```  
#### Schema Discovery  
New metadata commands make it easy to explore your data catalog and understand table structures:

  * `SHOW DATABASES` or `SHOW NAMESPACES` \- List all available namespaces
  * `SHOW TABLES IN namespace_name` \- List tables within a namespace
  * `DESCRIBE namespace_name.table_name` \- View table schema and column types  
```bash  
❯ npx wrangler r2 sql query "{ACCOUNT_ID}_{BUCKET_NAME}" "DESCRIBE default.sales_data;"  
 ⛅️ wrangler 4.54.0  
─────────────────────────────────────────────  
┌──────────────────┬────────────────┬──────────┬─────────────────┬───────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────┐  
│ column_name      │ type           │ required │ initial_default │ write_default │ doc                                                                                               │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ sale_id          │ BIGINT         │ false    │                 │               │ Unique identifier for each sales transaction                                                      │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ sale_timestamp   │ TIMESTAMPTZ    │ false    │                 │               │ Exact date and time when the sale occurred (used for partitioning)                                │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ department       │ TEXT           │ false    │                 │               │ Product department (8 categories: Electronics, Beauty, Home, Toys, Sports, Food, Clothing, Books) │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ category         │ TEXT           │ false    │                 │               │ Product category grouping (4 categories: Premium, Standard, Budget, Clearance)                    │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ region           │ TEXT           │ false    │                 │               │ Geographic sales region (5 regions: North, South, East, West, Central)                            │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ product_id       │ INT            │ false    │                 │               │ Unique identifier for the product sold                                                            │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ quantity         │ INT            │ false    │                 │               │ Number of units sold in this transaction (range: 1-50)                                            │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ unit_price       │ DECIMAL(10, 2) │ false    │                 │               │ Price per unit in dollars (range: $5.00-$500.00)                                                  │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ total_amount     │ DECIMAL(10, 2) │ false    │                 │               │ Total sale amount before tax (quantity × unit_price with discounts applied)                       │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ discount_percent │ INT            │ false    │                 │               │ Discount percentage applied to this sale (0-50%)                                                  │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ tax_amount       │ DECIMAL(10, 2) │ false    │                 │               │ Tax amount collected on this sale                                                                 │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ profit_margin    │ DECIMAL(10, 2) │ false    │                 │               │ Profit margin on this sale as a decimal percentage                                                │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ customer_id      │ INT            │ false    │                 │               │ Unique identifier for the customer who made the purchase                                          │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ is_online_sale   │ BOOLEAN        │ false    │                 │               │ Boolean flag indicating if sale was made online (true) or in-store (false)                        │  
├──────────────────┼────────────────┼──────────┼─────────────────┼───────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────┤  
│ sale_date        │ DATE           │ false    │                 │               │ Calendar date of the sale (extracted from sale_timestamp)                                         │  
└──────────────────┴────────────────┴──────────┴─────────────────┴───────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────┘  
Read 0 B across 0 files from R2  
On average, 0 B / s  
```  
To learn more about the new aggregation capabilities and schema discovery commands, check out the [SQL reference](https://developers.cloudflare.com/r2-sql/sql-reference/). If you're new to R2 SQL, visit our [getting started guide](https://developers.cloudflare.com/r2-sql/get-started/) to begin querying your data.

Dec 11, 2025
1. ### [SentinelOne as Logpush destination](https://developers.cloudflare.com/changelog/post/2025-12-11-sentinelone-destination/)  
[ Logs ](https://developers.cloudflare.com/logs/)  
Cloudflare Logpush now supports **SentinelOne** as a native destination.  
Logs from Cloudflare can be sent to [SentinelOne AI SIEM ↗](https://www.sentinelone.com/) via [Logpush](https://developers.cloudflare.com/logs/logpush/). The destination can be configured through the Logpush UI in the Cloudflare dashboard or by using the [Logpush API](https://developers.cloudflare.com/api/resources/logpush/subresources/jobs/).  
For more information, refer to the [Destination Configuration](https://developers.cloudflare.com/logs/logpush/logpush-job/enable-destinations/sentinelone/) documentation.

Dec 11, 2025
1. ### [WAF Release - 2025-12-11 - Emergency](https://developers.cloudflare.com/changelog/post/2025-12-11-emergency-waf-release/)  
[ WAF ](https://developers.cloudflare.com/waf/)  
This emergency release introduces rules for CVE-2025-55183 and CVE-2025-55184, targeting server-side function exposure and resource-exhaustion patterns, respectively.

**Key Findings**  
Added coverage for Leaking Server Functions (CVE-2025-55183) and React Function DoS detection (CVE-2025-55184).

**Impact**  
These updates strengthen protection for server-function abuse techniques (CVE-2025-55183, CVE-2025-55184) that may expose internal logic or disrupt application availability.

| Ruleset                    | Rule ID     | Legacy Rule ID | Description                                           | Previous Action | New Action | Comments                                                            |
| -------------------------- | ----------- | -------------- | ----------------------------------------------------- | --------------- | ---------- | ------------------------------------------------------------------- |
| Cloudflare Managed Ruleset | ...fefb4e9b | N/A            | React - Leaking Server Functions - CVE:CVE-2025-55183 | N/A             | Block      | This was labeled as Generic - Server Function Source Code Exposure. |
| Cloudflare Free Ruleset    | ...251e86aa | N/A            | React - Leaking Server Functions - CVE:CVE-2025-55183 | N/A             | Block      | This was labeled as Generic - Server Function Source Code Exposure. |
| Cloudflare Managed Ruleset | ...102ec699 | N/A            | React - DoS - CVE:CVE-2025-55184                      | N/A             | Disabled   | This was labeled as Generic – Server Function Resource Exhaustion.  |

Dec 10, 2025
1. ### [Pay Per Crawl (Private beta) - Discovery API, custom pricing, and advanced configuration](https://developers.cloudflare.com/changelog/post/2025-12-10-pay-per-crawl-enhancements/)  
[ AI Crawl Control ](https://developers.cloudflare.com/ai-crawl-control/)  
Pay Per Crawl is introducing enhancements for both AI crawler operators and site owners, focusing on programmatic discovery, flexible pricing models, and granular configuration control.  
#### For AI crawler operators  
#### Discovery API  
A new authenticated API endpoint allows verified crawlers to programmatically discover domains participating in Pay Per Crawl. Crawlers can use this to build optimized crawl queues, cache domain lists, and identify new participating sites. This eliminates the need to discover payable content through trial requests.  
The API endpoint is `GET https://crawlers-api.ai-audit.cfdata.org/charged_zones` and requires Web Bot Auth authentication. Refer to [Discover payable content](https://developers.cloudflare.com/ai-crawl-control/features/pay-per-crawl/use-pay-per-crawl-as-ai-owner/discover-payable-content/) for authentication steps, request parameters, and response schema.  
#### Payment header signature requirement  
Payment headers (`crawler-exact-price` or `crawler-max-price`) must now be included in the Web Bot Auth `signature-input` header components. This security enhancement prevents payment header tampering, ensures authenticated payment intent, validates crawler identity with payment commitment, and protects against replay attacks with modified pricing. Crawlers must add their payment header to the list of signed components when [constructing the signature-input header](https://developers.cloudflare.com/ai-crawl-control/features/pay-per-crawl/use-pay-per-crawl-as-ai-owner/crawl-pages/#22-sign-your-request-with-web-bot-auth).  
#### New `crawler-error` header  
Pay Per Crawl error responses now include a new `crawler-error` header with 11 specific [error codes](https://developers.cloudflare.com/ai-crawl-control/features/pay-per-crawl/use-pay-per-crawl-as-ai-owner/error-codes/) for programmatic handling. Error response bodies remain unchanged for compatibility. These codes enable robust error handling, automated retry logic, and accurate spending tracking.  
#### For site owners  
#### Configure free pages  
Site owners can now offer free access to specific pages like homepages, navigation, or discovery pages while charging for other content. Create a [Configuration Rule](https://developers.cloudflare.com/ai-crawl-control/features/pay-per-crawl/use-pay-per-crawl-as-site-owner/advanced-configuration/#disable-pay-per-crawl-by-uri-pattern) in **Rules** \> **Configuration Rules**, set your URI pattern using wildcard, exact, or prefix matching on the **URI Full** field, and enable the **Disable Pay Per Crawl** setting. When disabled for a URI pattern, crawler requests pass through without blocking or charging.  
Some paths are always free to crawl. These paths are: `/robots.txt`, `/sitemap.xml`, `/security.txt`, `/.well-known/security.txt`, `/crawlers.json`.  
#### Get started

**AI crawler operators**: [Discover payable content](https://developers.cloudflare.com/ai-crawl-control/features/pay-per-crawl/use-pay-per-crawl-as-ai-owner/discover-payable-content/) | [Crawl pages](https://developers.cloudflare.com/ai-crawl-control/features/pay-per-crawl/use-pay-per-crawl-as-ai-owner/crawl-pages/)

**Site owners**: [Advanced configuration](https://developers.cloudflare.com/ai-crawl-control/features/pay-per-crawl/use-pay-per-crawl-as-site-owner/advanced-configuration/)

Dec 10, 2025
1. ### [WAF Release - 2025-12-10 - Emergency](https://developers.cloudflare.com/changelog/post/2025-12-10-emergency-waf-release/)  
[ WAF ](https://developers.cloudflare.com/waf/)  
This additional week's emergency release introduces improvements to our existing rule for React – Remote Code Execution – CVE-2025-55182 - 2, along with two new generic detections covering server-side function exposure and resource-exhaustion patterns.

**Key Findings**  
Enhanced detection logic for React – RCE – CVE-2025-55182, added Generic – Server Function Source Code Exposure, and added Generic – Server Function Resource Exhaustion.

**Impact**  
These updates strengthen protection against React RCE exploitation attempts and broaden coverage for common server-function abuse techniques that may expose internal logic or disrupt application availability.

| Ruleset                    | Rule ID     | Legacy Rule ID | Description                                            | Previous Action | New Action | Comments                       |
| -------------------------- | ----------- | -------------- | ------------------------------------------------------ | --------------- | ---------- | ------------------------------ |
| Cloudflare Managed Ruleset | ...15fce168 | N/A            | React - Remote Code Execution - CVE:CVE-2025-55182 - 2 | N/A             | Block      | This is an improved detection. |
| Cloudflare Free Ruleset    | ...74746aff | N/A            | React - Remote Code Execution - CVE:CVE-2025-55182 - 2 | N/A             | Block      | This is an improved detection. |
| Cloudflare Managed Ruleset | ...fefb4e9b | N/A            | Generic - Server Function Source Code Exposure         | N/A             | Block      | This is a new detection.       |
| Cloudflare Free Ruleset    | ...251e86aa | N/A            | Generic - Server Function Source Code Exposure         | N/A             | Block      | This is a new detection.       |
| Cloudflare Managed Ruleset | ...102ec699 | N/A            | Generic - Server Function Resource Exhaustion          | N/A             | Disabled   | This is a new detection.       |

Dec 09, 2025
1. ### [WARP client for Windows (version 2025.10.118.1)](https://developers.cloudflare.com/changelog/post/2025-12-09-warp-windows-beta/)  
[ Cloudflare One Client ](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/)  
A new Beta release for the Windows WARP client is now available on the [beta releases downloads page](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/download/beta-releases/).  
This release contains minor fixes and improvements.

**Changes and improvements**

  * The [Local Domain Fallback](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/configure/route-traffic/local-domains/) feature has been fixed for devices running WARP client version 2025.4.929.0 and newer. Previously, these devices could experience failures with Local Domain Fallback unless a fallback server was explicitly configured. This configuration is no longer a requirement for the feature to function correctly.
  * [Proxy mode](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/configure/modes/#local-proxy-mode) now supports transparent HTTP proxying in addition to CONNECT-based proxying.
  * Fixed an issue where sending large messages to the WARP daemon by Inter-Process Communication (IPC) could cause WARP to crash and result in service interruptions.

**Known issues**

  * For Windows 11 24H2 users, Microsoft has confirmed a regression that may lead to performance issues like mouse lag, audio cracking, or other slowdowns. Cloudflare recommends users experiencing these issues upgrade to a minimum [Windows 11 24H2 KB5062553](https://support.microsoft.com/en-us/topic/july-8-2025-kb5062553-os-build-26100-4652-523e69cb-051b-43c6-8376-6a76d6caeefd) or higher for resolution.
  * Devices with KB5055523 installed may receive a warning about `Win32/ClickFix.ABA` being present in the installer. To resolve this false positive, update Microsoft Security Intelligence to [version 1.429.19.0](https://www.microsoft.com/en-us/wdsi/definitions/antimalware-definition-release-notes?requestVersion=1.429.19.0) or later.
  * DNS resolution may be broken when the following conditions are all true:

    * WARP is in Secure Web Gateway without DNS filtering (tunnel-only) mode.
    * A custom DNS server address is configured on the primary network adapter.
    * The custom DNS server address on the primary network adapter is changed while WARP is connected.  
  To work around this issue, reconnect the WARP client by toggling off and back on.

Dec 09, 2025
1. ### [WARP client for macOS (version 2025.10.118.1)](https://developers.cloudflare.com/changelog/post/2025-12-09-warp-macos-beta/)  
[ Cloudflare One Client ](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/)  
A new Beta release for the macOS WARP client is now available on the [beta releases downloads page](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/download/beta-releases/).  
This release contains minor fixes and improvements.

**Changes and improvements**

  * The [Local Domain Fallback](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/configure/route-traffic/local-domains/) feature has been fixed for devices running WARP client version 2025.4.929.0 and newer. Previously, these devices could experience failures with Local Domain Fallback unless a fallback server was explicitly configured. This configuration is no longer a requirement for the feature to function correctly.
  * [Proxy mode](https://developers.cloudflare.com/cloudflare-one/team-and-resources/devices/cloudflare-one-client/configure/modes/#local-proxy-mode) now supports transparent HTTP proxying in addition to CONNECT-based proxying.

Dec 08, 2025
1. ### [Python cold start improvements](https://developers.cloudflare.com/changelog/post/2025-12-08-python-cold-start-improvements/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
Python Workers now feature improved cold start performance, reducing initialization time for new Worker instances. This improvement is particularly noticeable for Workers with larger dependency sets or complex initialization logic.  
Every time you deploy a Python Worker, a memory snapshot is captured after the top level of the Worker is executed. This snapshot captures all imports, including package imports that are often costly to load. The memory snapshot is loaded when the Worker is first started, avoiding the need to reload the Python runtime and all dependencies on each cold start.  
We set up a benchmark that imports common packages ([httpx ↗](https://www.python-httpx.org/), [fastapi ↗](https://fastapi.tiangolo.com/) and [pydantic ↗](https://docs.pydantic.dev/latest/)) to see how Python Workers stack up against other platforms:

| Platform                  | Mean Cold Start (ms) |
| ------------------------- | -------------------- |
| Cloudflare Python Workers | 1027                 |
| AWS Lambda                | 2502                 |
| Google Cloud Run          | 3069                 |  
These benchmarks run continuously. You can view the results and the methodology on our [benchmark page ↗](https://cold.edgeworker.net).  
In additional testing, we have found that without any memory snapshot, the cold start for this benchmark takes around 10 seconds, so this change improves cold start performance by roughly a factor of 10.  
To get started with Python Workers, check out our [Python Workers overview](https://developers.cloudflare.com/workers/languages/python/).

Dec 08, 2025
1. ### [Easy Python package management with Pywrangler](https://developers.cloudflare.com/changelog/post/2025-12-08-python-pywrangler/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
We are introducing a brand new tool called Pywrangler, which simplifies package management in Python Workers by automatically installing Workers-compatible Python packages into your project.  
With Pywrangler, you specify your Worker's Python dependencies in your `pyproject.toml` file:

**TOML**  
```toml  
[project]  
name = "python-beautifulsoup-worker"  
version = "0.1.0"  
description = "A simple Worker using beautifulsoup4"  
requires-python = ">=3.12"  
dependencies = [  
    "beautifulsoup4"  
]  
[dependency-groups]  
dev = [  
  "workers-py",  
  "workers-runtime-sdk"  
]  
```  
You can then develop and deploy your Worker using the following commands:  
```bash  
uv run pywrangler dev  
uv run pywrangler deploy  
```  
Pywrangler automatically downloads and vendors the necessary packages for your Worker, and these packages are bundled with the Worker when you deploy.  
Consult the [Python packages documentation](https://developers.cloudflare.com/workers/languages/python/packages/) for full details on Pywrangler and Python package management in Workers.

Dec 08, 2025
1. ### [Wrangler config is optional when using Vite plugin](https://developers.cloudflare.com/changelog/post/2025-12-08-vite-optional-config/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
When using the [Cloudflare Vite plugin](https://developers.cloudflare.com/workers/vite-plugin/) to build and deploy Workers, a Wrangler configuration file is now optional for assets-only (static) sites. If no `wrangler.toml`, `wrangler.json`, or `wrangler.jsonc` file is found, the plugin generates sensible defaults for an assets-only site. The `name` is based on the `package.json` or the project directory name, and the `compatibility_date` uses the latest date supported by your installed Miniflare version.  
This allows easier setup for static sites using Vite. Note that SPAs will still need to [set assets.not\_found\_handling to single-page-application ↗](https://developers.cloudflare.com/workers/static-assets/routing/single-page-application/) in order to function correctly.

Dec 08, 2025
1. ### [Configure Workers programmatically using the Vite plugin](https://developers.cloudflare.com/changelog/post/2025-12-08-vite-programmatic-config/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
The [Cloudflare Vite plugin](https://developers.cloudflare.com/workers/vite-plugin/) now supports programmatic configuration of Workers without a Wrangler configuration file. You can use the `config` option to define Worker settings directly in your Vite configuration, or to modify existing configuration loaded from a Wrangler config file. This is particularly useful when integrating with other build tools or frameworks, as it allows them to control Worker configuration without needing users to manage a separate config file.  
#### The `config` option  
The Vite plugin's new `config` option accepts either a partial configuration object or a function that receives the current configuration and returns overrides. This option is applied after any config file is loaded, allowing the plugin to override specific values or define Worker configuration entirely in code.  
#### Example usage  
Setting `config` to an object to provide configuration values that merge with defaults and config file settings:

**vite.config.ts**  
```ts  
import { defineConfig } from "vite";  
import { cloudflare } from "@cloudflare/vite-plugin";  
export default defineConfig({  
  plugins: [  
    cloudflare({  
      config: {  
        name: "my-worker",  
        compatibility_flags: ["nodejs_compat"],  
        send_email: [  
          {  
            name: "EMAIL",  
          },  
        ],  
      },  
    }),  
  ],  
});  
```  
Use a function to modify the existing configuration:

**vite.config.ts**  
```ts  
import { defineConfig } from "vite";  
import { cloudflare } from "@cloudflare/vite-plugin";  
export default defineConfig({  
  plugins: [  
    cloudflare({  
      config: (userConfig) => {  
        delete userConfig.compatibility_flags;  
      },  
    }),  
  ],  
});  
```  
Return an object with values to merge:

**vite.config.ts**  
```ts  
import { defineConfig } from "vite";  
import { cloudflare } from "@cloudflare/vite-plugin";  
export default defineConfig({  
  plugins: [  
    cloudflare({  
      config: (userConfig) => {  
        if (!userConfig.compatibility_flags.includes("no_nodejs_compat")) {  
          return { compatibility_flags: ["nodejs_compat"] };  
        }  
      },  
    }),  
  ],  
});  
```  
#### Auxiliary Workers  
Auxiliary Workers also support the `config` option, enabling multi-Worker architectures without config files.  
Define auxiliary Workers without config files using `config` inside the `auxiliaryWorkers` array:

**vite.config.ts**  
```ts  
import { defineConfig } from "vite";  
import { cloudflare } from "@cloudflare/vite-plugin";  
export default defineConfig({  
  plugins: [  
    cloudflare({  
      config: {  
        name: "entry-worker",  
        main: "./src/entry.ts",  
        services: [{ binding: "API", service: "api-worker" }],  
      },  
      auxiliaryWorkers: [  
        {  
          config: {  
            name: "api-worker",  
            main: "./src/api.ts",  
          },  
        },  
      ],  
    }),  
  ],  
});  
```  
For more details and examples, see [Programmatic configuration](https://developers.cloudflare.com/workers/vite-plugin/reference/programmatic-configuration/).

Dec 05, 2025
1. ### [Terraform v5.14.0 now available](https://developers.cloudflare.com/changelog/post/2025-12-05-terraform-v5140-provider/)  
[ Cloudflare Fundamentals ](https://developers.cloudflare.com/fundamentals/)[ Terraform ](https://developers.cloudflare.com/terraform/)  
Earlier this year, we announced the launch of the new Terraform v5 Provider. We are aware of the high number of issues reported by the Cloudflare community related to the v5 release. We have committed to releasing improvements on a [2-3 week cadence ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/5774) to ensure its stability and reliability, including the v5.14 release. We have also pivoted from an [issue-to-issue approach to a resource-per-resource approach ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6237) \- we will be focusing on specific resources to not only stabilize the resource but also ensure it is migration-friendly for those migrating from v4 to v5.  
Thank you for continuing to raise issues. They make our provider stronger and help us build products that reflect your needs.  
This release includes bug fixes, the stabilization of even more popular resources, and more.  
#### Deprecation notice  
Resource affected: `api_shield_discovery_operation`  
Cloudflare continuously discovers and updates API endpoints and web assets of your web applications. To improve the maintainability of these dynamic resources, we are working on reducing the need to actively engage with discovered operations.  
The corresponding public API endpoint of [discovered operations ↗](https://developers.cloudflare.com/api/resources/api%5Fgateway/subresources/discovery/subresources/operations/) is not affected and will continue to be supported.  
#### Features

  * **pages\_project**: Add v4 -> v5 migration tests ([#6506 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/pull/6506))  
#### Bug fixes

  * **account\_members**: Makes member policies a set ([#6488 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6488))
  * **pages\_project**: Ensures non empty refresh plans ([#6515 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6515))
  * **R2**: Improves sweeper ([#6512 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6512))
  * **workers\_kv**: Ignores value import state for verify ([#6521 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6521))
  * **workers\_script**: No longer treats the migrations attribute as WriteOnly ([#6489 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6489))
  * **workers\_script**: Resolves resource drift when worker has unmanaged secret ([#6504 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6504))
  * **zero\_trust\_device\_posture\_rule**: Preserves input.version and other fields ([#6500 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6500)) and ([#6503 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6503))
  * **zero\_trust\_dlp\_custom\_profile**: Adds sweepers for `dlp_custom_profile`
  * **zone\_subscription|account\_subscription**: Adds `partners_ent` as valid enum for `rate_plan.id` ([#6505 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6505))
  * **zone**: Ensures datasource model schema parity ([#6487 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6487))
  * **subscription**: Updates import signature to accept account\_id/subscription\_id to import account subscription ([#6510 ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6510))  
#### Upgrade to newer version  
We suggest waiting to migrate to v5 while we work on stabilization. This helps with avoiding any blocking issues while the Terraform resources are actively being [stabilized ↗](https://github.com/cloudflare/terraform-provider-cloudflare/issues/6237). We will be releasing a new migration tool in March 2026 to help support v4 to v5 transitions for our most popular resources.  
#### For more information

  * [Terraform Provider ↗](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs)
  * [Documentation on using Terraform with Cloudflare ↗](https://developers.cloudflare.com/terraform/)

Dec 05, 2025
1. ### [Increased WAF payload limit for all plans](https://developers.cloudflare.com/changelog/post/2025-12-05-rcs-vuln/)  
[ WAF ](https://developers.cloudflare.com/waf/)  
Cloudflare WAF now inspects request-payload size of up to 1 MB across all plans to enhance our detection capabilities for React RCE (CVE-2025-55182).

**Key Findings**  
React payloads commonly have a default maximum size of 1 MB. Cloudflare WAF previously inspected up to 128 KB on Enterprise plans, with even lower limits on other plans.

**Update:** We later reinstated the maximum request-payload size the Cloudflare WAF inspects. Refer to [Updating the WAF maximum payload values](https://developers.cloudflare.com/changelog/2025-12-05-waf-max-payload-size-change/) for details.

Dec 05, 2025
1. ### [Updating the WAF maximum payload values](https://developers.cloudflare.com/changelog/post/2025-12-05-waf-max-payload-size-change/)  
[ WAF ](https://developers.cloudflare.com/waf/)  
We are reinstating the maximum request-payload size the Cloudflare WAF inspects, with WAF on Enterprise zones inspecting up to 128 KB.

**Key Findings**  
On [December 5, 2025](https://developers.cloudflare.com/changelog/2025-12-05-rcs-vuln/), we initially attempted to increase the maximum WAF payload limit to 1 MB across all plans. However, an automatic rollout for all customers proved impractical because the increase led to a surge in false positives for existing managed rules.  
This issue was particularly notable within the Cloudflare Managed Ruleset and the Cloudflare OWASP Core Ruleset, impacting customer traffic.

**Impact**  
Customers on paid plans can increase the limit to 1 MB for any of their zones by contacting Cloudflare Support. Free zones are already protected up to 1 MB and do not require any action.

Dec 04, 2025
1. ### [Connect to remote databases during local development with wrangler dev](https://developers.cloudflare.com/changelog/post/2025-12-04-hyperdrive-remote-database-local-dev/)  
[ Hyperdrive ](https://developers.cloudflare.com/hyperdrive/)  
You can now connect directly to remote databases and databases requiring TLS with `wrangler dev`. This lets you run your Worker code locally while connecting to remote databases, without needing to use `wrangler dev --remote`.  
The `localConnectionString` field and `CLOUDFLARE_HYPERDRIVE_LOCAL_CONNECTION_STRING_<BINDING_NAME>` environment variable can be used to configure the connection string used by `wrangler dev`.

**JSONC**  
```jsonc  
{  
  "hyperdrive": [  
    {  
      "binding": "HYPERDRIVE",  
      "id": "your-hyperdrive-id",  
      "localConnectionString": "postgres://user:password@remote-host.example.com:5432/database?sslmode=require"  
    }  
  ]  
}  
```  
Learn more about [local development with Hyperdrive](https://developers.cloudflare.com/hyperdrive/configuration/local-development/).

Dec 04, 2025
1. ### [One-click Access protection for Workers now creates reusable Cloudflare Access policies](https://developers.cloudflare.com/changelog/post/2025-12-03-reusable-access-policies/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
Workers applications now use reusable [Cloudflare Access policies](https://developers.cloudflare.com/cloudflare-one/access-controls/policies/) to reduce duplication and simplify access management across multiple Workers.  
Previously, enabling Cloudflare Access on a Worker created per-application policies, unique to each application. Now, we create reusable policies that can be shared across applications:

  * **Preview URLs**: All Workers preview URLs share a single "Cloudflare Workers Preview URLs" policy across your account. This policy is automatically created the first time you enable Access on any preview URL. By sharing a single policy across all preview URLs, you can configure access rules once and have them apply company-wide to all Workers which protect preview URLs. This makes it much easier to manage who can access preview environments without having to update individual policies for each Worker.
  * **Production workers.dev URLs**: When enabled, each Worker gets its own reusable policy (named `<worker-name> - Production`) by default. We recognize production services often have different access requirements and having individual policies here makes it easier to configure service-to-service authentication or protect internal dashboards or applications with specific user groups. Keeping these policies separate gives you the flexibility to configure exactly the right access rules for each production service. When you disable Access on a production Worker, the associated policy is automatically cleaned up if it's not being used by other applications.  
This change reduces policy duplication, simplifies cross-company access management for preview environments, and provides the flexibility needed for production services. You can still customize access rules by editing the reusable policies in the Zero Trust dashboard.  
To enable Cloudflare Access on your Worker:

  1. In the Cloudflare dashboard, go to **Workers & Pages**.
  2. Select your Worker.
  3. Go to **Settings** \> **Domains & Routes**.
  4. For `workers.dev` or Preview URLs, click **Enable Cloudflare Access**.
  5. Optionally, click **Manage Cloudflare Access** to customize the policy.  
For more information on configuring Cloudflare Access for Workers, refer to the [Workers Access documentation](https://developers.cloudflare.com/workers/configuration/routing/workers-dev/#manage-access-to-workersdev).

Dec 03, 2025
1. ### [Reclassifications to Submissions](https://developers.cloudflare.com/changelog/post/2025-12-03-submission-terminology-update/)  
[ Email security ](https://developers.cloudflare.com/cloudflare-one/email-security/)  
We have updated the terminology “Reclassify” and “Reclassifications” to “Submit” and “Submissions” respectively. This update more accurately reflects the outcome of providing these items to Cloudflare.  
Submissions are leveraged to tune future variants of campaigns. To respect data sanctity, providing a submission does not change the original disposition of the emails submitted.  
![nav_example](https://developers.cloudflare.com/_astro/reclassification-submission.B6nL5Hw7_Z2qliyJ.webp)  
This applies to all Email Security packages:

  * **Advantage**
  * **Enterprise**
  * **Enterprise + PhishGuard**

Dec 03, 2025
1. ### [WAF Release - 2025-12-03 - Emergency](https://developers.cloudflare.com/changelog/post/2025-12-03-emergency-waf-release/)  
[ WAF ](https://developers.cloudflare.com/waf/)  
The WAF rule deployed yesterday to block unsafe deserialization-based RCE has been updated. The rule description now reads “React – RCE – CVE-2025-55182”, explicitly mapping to the recently disclosed React Server Components vulnerability. Detection logic remains unchanged.

**Key Findings**  
Rule description updated to reference React – RCE – CVE-2025-55182 while retaining existing unsafe-deserialization detection.

**Impact**  
Improved classification and traceability with no change to coverage against remote code execution attempts.

| Ruleset                    | Rule ID     | Legacy Rule ID | Description                      | Previous Action | New Action | Comments                                                |
| -------------------------- | ----------- | -------------- | -------------------------------- | --------------- | ---------- | ------------------------------------------------------- |
| Cloudflare Managed Ruleset | ...5fb92fba | N/A            | React - RCE - CVE:CVE-2025-55182 | N/A             | Block      | Rule metadata description changed. Detection unchanged. |
| Cloudflare Free Ruleset    | ...99702280 | N/A            | React - RCE - CVE:CVE-2025-55182 | N/A             | Block      | Rule metadata description changed. Detection unchanged. |

Dec 02, 2025
1. ### [WAF Release - 2025-12-02 - Emergency](https://developers.cloudflare.com/changelog/post/2025-12-02-emergency-waf-release/)  
[ WAF ](https://developers.cloudflare.com/waf/)  
This week's emergency release introduces a new rule to block a critical RCE vulnerability in widely-used web frameworks through unsafe deserialization patterns.

**Key Findings**  
New WAF rule deployed for RCE Generic Framework to block malicious POST requests containing unsafe deserialization patterns. If successfully exploited, this vulnerability allows attackers with network access via HTTP to execute arbitrary code remotely.

**Impact**

  * Successful exploitation allows unauthenticated attackers to execute arbitrary code remotely through crafted serialization payloads, enabling complete system compromise, data exfiltration, and potential lateral movement within affected environments.

| Ruleset                    | Rule ID     | Legacy Rule ID | Description             | Previous Action | New Action | Comments                 |
| -------------------------- | ----------- | -------------- | ----------------------- | --------------- | ---------- | ------------------------ |
| Cloudflare Managed Ruleset | ...5fb92fba | N/A            | RCE Generic - Framework | N/A             | Block      | This is a new detection. |
| Cloudflare Free Ruleset    | ...99702280 | N/A            | RCE Generic - Framework | N/A             | Block      | This is a new detection. |

Dec 01, 2025
1. ### [WAF Release - 2025-12-01](https://developers.cloudflare.com/changelog/post/2025-12-01-waf-release/)  
[ WAF ](https://developers.cloudflare.com/waf/)  
This week’s release introduces new detections for remote code execution attempts targeting Monsta FTP (CVE-2025-34299), alongside improvements to an existing XSS detection to enhance coverage.

**Key Findings**

  * CVE-2025-34299 is a critical remote code execution flaw in Monsta FTP, arising from improper handling of user-supplied parameters within the file-handling interface. Certain builds allow crafted requests to bypass sanitization and reach backend PHP functions that execute arbitrary commands. Attackers can send manipulated parameters through the web panel to trigger command execution within the application’s runtime environment.

**Impact**  
If exploited, the vulnerability enables full remote command execution on the underlying server, allowing takeover of the hosting environment, unauthorized file access, and potential lateral movement. As the flaw can be triggered without authentication on exposed Monsta FTP instances, it represents a severe risk for publicly reachable deployments.

| Ruleset                    | Rule ID     | Legacy Rule ID | Description                                             | Previous Action | New Action | Comments                                                                                 |
| -------------------------- | ----------- | -------------- | ------------------------------------------------------- | --------------- | ---------- | ---------------------------------------------------------------------------------------- |
| Cloudflare Managed Ruleset | ...a4fcc8a8 | N/A            | Monsta FTP - Remote Code Execution - CVE:CVE-2025-34299 | Log             | Block      | This is a new detection                                                                  |
| Cloudflare Managed Ruleset | ...b7492846 | N/A            | XSS - JS Context Escape - Beta                          | Log             | Block      | This rule is merged into the original rule "XSS - JS Context Escape" (ID: ...7a3769d3  ) |

Nov 26, 2025
1. ### [Agents SDK v0.2.24 with resumable streaming, MCP improvements, and schedule fixes](https://developers.cloudflare.com/changelog/post/2025-11-26-agents-resumable-streaming/)  
[ Agents ](https://developers.cloudflare.com/agents/)[ Workers ](https://developers.cloudflare.com/workers/)  
The latest release of [@cloudflare/agents ↗](https://github.com/cloudflare/agents) brings resumable streaming, significant MCP client improvements, and critical fixes for schedules and Durable Object lifecycle management.  
#### Resumable streaming  
`AIChatAgent` now supports resumable streaming, allowing clients to reconnect and continue receiving streamed responses without losing data. This is useful for:

  * Long-running AI responses
  * Users on unreliable networks
  * Users switching between devices mid-conversation
  * Background tasks where users navigate away and return
  * Real-time collaboration where multiple clients need to stay in sync  
Streams are maintained across page refreshes, broken connections, and syncing across open tabs and devices.  
#### Other improvements

  * Default JSON schema validator added to MCP client
  * [Schedules ↗](https://developers.cloudflare.com/agents/runtime/execution/schedule-tasks/) can now safely destroy the agent  
#### MCP client API improvements  
The `MCPClientManager` API has been redesigned for better clarity and control:

  * **New `registerServer()` method**: Register MCP servers without immediately connecting
  * **New `connectToServer()` method**: Establish connections to registered servers
  * **Improved reconnect logic**: `restoreConnectionsFromStorage()` now properly handles failed connections

**TypeScript**  
```ts  
// Register a server to Agent  
const { id } = await this.mcp.registerServer({  
  name: "my-server",  
  url: "https://my-mcp-server.example.com",  
});  
// Connect when ready  
await this.mcp.connectToServer(id);  
// Discover tools, prompts and resources  
await this.mcp.discoverIfConnected(id);  
```  
The SDK now includes a formalized `MCPConnectionState` enum with states: `idle`, `connecting`, `authenticating`, `connected`, `discovering`, and `ready`.  
#### Enhanced MCP discovery  
MCP discovery fetches the available tools, prompts, and resources from an MCP server so your agent knows what capabilities are available. The `MCPClientConnection` class now includes a dedicated `discover()` method with improved reliability:

  * Supports cancellation via AbortController
  * Configurable timeout (default 15s)
  * Discovery failures now throw errors immediately instead of silently continuing  
#### Bug fixes

  * Fixed a bug where [schedules ↗](https://developers.cloudflare.com/agents/runtime/execution/schedule-tasks/) meant to fire immediately with this.schedule(0, ...) or `this.schedule(new Date(), ...)` would not fire
  * Fixed an issue where schedules that took longer than 30 seconds would occasionally time out
  * Fixed SSE transport now properly forwards session IDs and request headers
  * Fixed AI SDK stream events conversion to UIMessageStreamPart  
#### Upgrade  
To update to the latest version:  
```sh  
npm i agents@latest  
```

Nov 25, 2025
1. ### [New Zombie API detection for API Shield](https://developers.cloudflare.com/changelog/post/2025-11-25-zombie-endpoint-risk-label/)  
[ API Shield ](https://developers.cloudflare.com/api-shield/)  
API Shield now automatically detects zombie endpoints — saved endpoints that have not received traffic for an extended period. When detected, the `cf-risk-zombie` [risk label](https://developers.cloudflare.com/api-shield/management-and-monitoring/endpoint-labels/#risk-labels) is applied.  
The scan runs daily alongside existing risk scans. Endpoints are labeled after 32 days without traffic.  
Zombie endpoints may indicate deprecated or forgotten API surface area that could pose a security risk. Review these endpoints and consider removing them from Endpoint Management if they are no longer in use. Also consider using a [fallthrough rule](https://developers.cloudflare.com/api-shield/security/schema-validation/#add-validation-by-adding-a-fallthrough-rule) to prevent communication with endpoints removed from Endpoint Management.

```json
{"@context":"https://schema.org","@type":"BlogPosting","@id":"https://developers.cloudflare.com/changelog/20/#page","headline":"Changelogs | Cloudflare Docs","url":"https://developers.cloudflare.com/changelog/20/","inLanguage":"en","image":"https://developers.cloudflare.com/cf-twitter-card.png","publisher":{"@type":"Organization","name":"Cloudflare","url":"https://www.cloudflare.com/"},"isPartOf":{"@type":"WebSite","@id":"https://developers.cloudflare.com/#website","name":"Cloudflare Docs","url":"https://developers.cloudflare.com/"}}
```
