---
title: Changelogs
image: https://developers.cloudflare.com/cf-twitter-card.png
---

> Documentation Index  
> Fetch the complete documentation index at: https://developers.cloudflare.com/changelog/llms.txt  
> Use this file to discover all available pages before exploring further. 

[Skip to content](#%5Ftop) 

# Changelog

New updates and improvements at Cloudflare.

[ Subscribe to RSS ](https://developers.cloudflare.com/changelog/rss/index.xml) [ View RSS feeds ](https://developers.cloudflare.com/fundamentals/new-features/available-rss-feeds/) 

All products

![hero image](https://developers.cloudflare.com/_astro/hero.CVYJHPAd_26AMqX.svg) 

Apr 09, 2025
1. ### [Cloudflare Snippets are now Generally Available](https://developers.cloudflare.com/changelog/post/2025-04-09-snippets-ga/)  
[ Rules ](https://developers.cloudflare.com/rules/)  
![Cloudflare Snippets are now GA](https://developers.cloudflare.com/_astro/snippets-ga.BJr3csvv_Z2q49jT.webp)  
[Cloudflare Snippets](https://developers.cloudflare.com/rules/snippets/) are now generally available at no extra cost across all paid plans — giving you a fast, flexible way to programmatically control HTTP traffic using lightweight JavaScript.  
You can now use Snippets to modify HTTP requests and responses with confidence, reliability, and scale. Snippets are production-ready and deeply integrated with Cloudflare Rules, making them ideal for everything from quick dynamic header rewrites to advanced routing logic.  
What's new:

  * **Snippets are now GA** – Available at no extra cost on all Pro, Business, and Enterprise plans.
  * **Ready for production** – Snippets deliver a production-grade experience built for scale.
  * **Part of the Cloudflare Rules platform** – Snippets inherit request modifications from other Cloudflare products and support sequential execution, allowing you to run multiple Snippets on the same request and apply custom modifications step by step.
  * **Trace integration** – Use [Cloudflare Trace](https://developers.cloudflare.com/rules/trace-request/) to see which Snippets were triggered on a request — helping you understand traffic flow and debug more effectively.  
  ![Snippets shown in Cloudflare Trace results](https://developers.cloudflare.com/_astro/snippets-ga-trace.WlCshaFo_1WNo07.webp)  
Learn more in the [launch blog post ↗](https://blog.cloudflare.com/snippets/).

Apr 09, 2025
1. ### [Cloudflare Secrets Store now available in Beta](https://developers.cloudflare.com/changelog/post/2025-04-09-secrets-store-beta/)  
[ Secrets Store ](https://developers.cloudflare.com/secrets-store/)[ SSL/TLS ](https://developers.cloudflare.com/ssl/)  
Cloudflare Secrets Store is available today in Beta. You can now store, manage, and deploy account level secrets from a secure, centralized platform to your Workers.  
![Import repo or choose template](https://developers.cloudflare.com/_astro/secrets-store-landing-page.BQoEWsq8_ZUrGq1.webp)  
To spin up your Cloudflare Secrets Store, simply click the new Secrets Store tab [in the dashboard ↗](http://dash.cloudflare.com/?to=/:account/secrets-store) or use this Wrangler command:  
Terminal window  
```  
wrangler secrets-store store create <name> --remote  
```  
The following are supported in the Secrets Store beta:

  * Secrets Store UI & API: create your store & create, duplicate, update, scope, and delete a secret
  * Workers UI: bind a new or existing account level secret to a Worker and deploy in code
  * Wrangler: create your store & create, duplicate, update, scope, and delete a secret
  * Account Management UI & API: assign Secrets Store permissions roles & view audit logs for actions taken in Secrets Store core platform  
For instructions on how to get started, visit our [developer documentation](https://developers.cloudflare.com/secrets-store/).

Apr 09, 2025
1. ### [Investigate your Workers with the Query Builder in the new Observability dashboard](https://developers.cloudflare.com/changelog/post/2025-04-09-qb-workers-logs-ga/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
The [Workers Observability dashboard ↗](https://dash.cloudflare.com/?to=/:account/workers-and-pages/observability/) offers a single place to investigate and explore your [Workers Logs](https://developers.cloudflare.com/workers/observability/logs/workers-logs).  
The **Overview** tab shows logs from all your Workers in one place. The **Invocations** view groups logs together by invocation, which refers to the specific trigger that started the execution of the Worker (i.e. fetch). The **Events** view shows logs in the order they were produced, based on timestamp. Previously, you could only view logs for a single Worker.  
![Workers Observability Overview Tab](https://developers.cloudflare.com/_astro/2025-04-09-workers-observability-overview.BKVvdscp_Z2bR5zE.webp)  
The **Investigate** tab presents a Query Builder, which helps you write structured queries to investigate and visualize your logs. The Query Builder can help answer questions such as:

  * Which paths are experiencing the most 5XX errors?
  * What is the wall time distribution by status code for my Worker?
  * What are the slowest requests, and where are they coming from?
  * Who are my top N users?  
![Workers Observability Overview Tab](https://developers.cloudflare.com/_astro/2025-04-09-query-builder.CaW9IZza_ZBBKf9.webp)  
The Query Builder can use any field that you store in your logs as a key to visualize, filter, and group by. Use the Query Builder to quickly access your data, build visualizations, save queries, and share them with your team.  
#### Workers Logs is now Generally Available  
[Workers Logs](https://developers.cloudflare.com/workers/observability/logs/workers-logs) is now Generally Available. With a [small change](https://developers.cloudflare.com/workers/observability/logs/workers-logs/#enable-workers-logs) to your Wrangler configuration, Workers Logs ingests, indexes, and stores all logs emitted from your Workers for up to 7 days.  
We've introduced a number of changes during our beta period, including:

  * Dashboard enhancements with customizable fields as columns in the Logs view and support for invocation-based grouping
  * Performance improvements to ensure no adverse impact
  * Public [API endpoints ↗](https://developers.cloudflare.com/api/resources/workers/subresources/observability/) for broader consumption  
The API documents three endpoints: list the keys in the telemetry dataset, run a query, and list the unique values for a key. For more, visit our [REST API documentation ↗](https://developers.cloudflare.com/api/resources/workers/subresources/observability/).  
Visit the [docs](https://developers.cloudflare.com/workers/observability/query-builder) to learn more about the capabilities and methods exposed by the Query Builder. Start using Workers Logs and the Query Builder today by enabling observability for your Workers:

  * [  wrangler.jsonc ](#tab-panel-4889)
  * [  wrangler.toml ](#tab-panel-4890)  
JSONC  
```  
{  "observability": {    "enabled": true,    "logs": {      "invocation_logs": true,      "head_sampling_rate": 1 // optional. default = 1.    }  }}  
```  
TOML  
```  
[observability]enabled = true  
  [observability.logs]  invocation_logs = true  head_sampling_rate = 1  
```

Apr 09, 2025
1. ### [CPU time and Wall time now published for Workers Invocations](https://developers.cloudflare.com/changelog/post/2025-04-09-workers-timing/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
You can now observe and investigate the CPU time and Wall time for every Workers Invocations.

  * For [Workers Logs](https://developers.cloudflare.com/workers/observability/logs/workers-logs), CPU time and Wall time are surfaced in the [Invocation Log](https://developers.cloudflare.com/workers/observability/logs/workers-logs/#invocation-logs)..
  * For [Tail Workers](https://developers.cloudflare.com/workers/observability/logs/tail-workers), CPU time and Wall time are surfaced at the top level of the [Workers Trace Events object](https://developers.cloudflare.com/logs/logpush/logpush-job/datasets/account/workers%5Ftrace%5Fevents).
  * For [Workers Logpush](https://developers.cloudflare.com/workers/observability/logs/logpush), CPU and Wall time are surfaced at the top level of the [Workers Trace Events object](https://developers.cloudflare.com/logs/logpush/logpush-job/datasets/account/workers%5Ftrace%5Fevents). All new jobs will have these new fields included by default. Existing jobs need to be updated to include CPU time and Wall time.  
You can use a Workers Logs filter to search for logs where Wall time exceeds 100ms.  
![Workers Logs Wall Time Filter](https://developers.cloudflare.com/_astro/2025-04-09-wall-time-filter.CT-VQyTS_Z97Aoe.webp)  
You can also use the Workers Observability [Query Builder ↗](https://dash.cloudflare.com/?to=/:account/workers-and-pages/observability/investigate) to find the median CPU time and median Wall time for all of your Workers.  
![Query Builder filter](https://developers.cloudflare.com/_astro/2025-04-09-query-builder.CaW9IZza_ZBBKf9.webp)

Apr 08, 2025
1. ### [Local development support for Email Workers](https://developers.cloudflare.com/changelog/post/2025-04-08-local-development/)  
[ Email Service ](https://developers.cloudflare.com/email-service/)  
Email Workers enables developers to programmatically take action on anything that hits their email inbox. If you're building with Email Workers, you can now test the behavior of an Email Worker script, receiving, replying and sending emails in your local environment using `wrangler dev`.  
Below is an example that shows you how you can receive messages using the `email()` handler and parse them using [postal-mime ↗](https://www.npmjs.com/package/postal-mime):  
TypeScript  
```  
import * as PostalMime from "postal-mime";  
export default {  async email(message, env, ctx) {    const parser = new PostalMime.default();    const rawEmail = new Response(message.raw);    const email = await parser.parse(await rawEmail.arrayBuffer());    console.log(email);  },};  
```  
Now when you run `npx wrangler dev`, wrangler will expose a local `/cdn-cgi/handler/email` endpoint that you can `POST` email messages to and trigger your Worker's `email()` handler:  
Terminal window  
```  
curl -X POST 'http://localhost:8787/cdn-cgi/handler/email' \  --url-query 'from=sender@example.com' \  --url-query 'to=recipient@example.com' \  --header 'Content-Type: application/json' \  --data-raw 'Received: from smtp.example.com (127.0.0.1)        by cloudflare-email.com (unknown) id 4fwwffRXOpyR        for <recipient@example.com>; Tue, 27 Aug 2024 15:50:20 +0000From: "John" <sender@example.com>Reply-To: sender@example.comTo: recipient@example.comSubject: Testing Email Workers Local DevContent-Type: text/html; charset="windows-1252"X-Mailer: CurlDate: Tue, 27 Aug 2024 08:49:44 -0700Message-ID: <6114391943504294873000@ZSH-GHOSTTY>  
Hi there'  
```  
This is what you get in the console:  
```  
{  "headers": [    {      "key": "received",      "value": "from smtp.example.com (127.0.0.1) by cloudflare-email.com (unknown) id 4fwwffRXOpyR for <recipient@example.com>; Tue, 27 Aug 2024 15:50:20 +0000"    },    { "key": "from", "value": "\"John\" <sender@example.com>" },    { "key": "reply-to", "value": "sender@example.com" },    { "key": "to", "value": "recipient@example.com" },    { "key": "subject", "value": "Testing Email Workers Local Dev" },    { "key": "content-type", "value": "text/html; charset=\"windows-1252\"" },    { "key": "x-mailer", "value": "Curl" },    { "key": "date", "value": "Tue, 27 Aug 2024 08:49:44 -0700" },    {      "key": "message-id",      "value": "<6114391943504294873000@ZSH-GHOSTTY>"    }  ],  "from": { "address": "sender@example.com", "name": "John" },  "to": [{ "address": "recipient@example.com", "name": "" }],  "replyTo": [{ "address": "sender@example.com", "name": "" }],  "subject": "Testing Email Workers Local Dev",  "messageId": "<6114391943504294873000@ZSH-GHOSTTY>",  "date": "2024-08-27T15:49:44.000Z",  "html": "Hi there\n",  "attachments": []}  
```  
Local development is a critical part of the development flow, and also works for sending, replying and forwarding emails. See [our documentation](https://developers.cloudflare.com/email-service/local-development/routing/) for more information.

Apr 08, 2025
1. ### [Hyperdrive Free plan makes fast, global database access available to all](https://developers.cloudflare.com/changelog/post/2025-04-08-hyperdrive-free-plan/)  
[ Hyperdrive ](https://developers.cloudflare.com/hyperdrive/)  
Hyperdrive is now available on the Free plan of Cloudflare Workers, enabling you to build Workers that connect to PostgreSQL or MySQL databases without compromise.  
Low-latency access to SQL databases is critical to building full-stack Workers applications. We want you to be able to build on fast, global apps on Workers, regardless of the tools you use. So we made Hyperdrive available for all, to make it easier to build Workers that connect to PostgreSQL and MySQL.  
If you want to learn more about how Hyperdrive works, read the [deep dive ↗](https://blog.cloudflare.com/how-hyperdrive-speeds-up-database-access) on how Hyperdrive can make your database queries up to 4x faster.  
![Hyperdrive provides edge connection setup and global connection pooling for optimal latencies.](https://developers.cloudflare.com/_astro/hyperdrive-global-placement.DHxlaFbz_1MNCXL.webp)  
Visit the docs to [get started](https://developers.cloudflare.com/hyperdrive/get-started/) with Hyperdrive for PostgreSQL or MySQL.

Apr 08, 2025
1. ### [Hyperdrive introduces support for MySQL and MySQL-compatible databases](https://developers.cloudflare.com/changelog/post/2025-04-08-hyperdrive-mysql-support/)  
[ Hyperdrive ](https://developers.cloudflare.com/hyperdrive/)  
Hyperdrive now supports connecting to MySQL and MySQL-compatible databases, including Amazon RDS and Aurora MySQL, Google Cloud SQL for MySQL, Azure Database for MySQL, PlanetScale and MariaDB.  
Hyperdrive makes your regional, MySQL databases fast when connecting from Cloudflare Workers. It eliminates unnecessary network roundtrips during connection setup, pools database connections globally, and can cache query results to provide the fastest possible response times.  
Best of all, you can connect using your existing drivers, ORMs, and query builders with Hyperdrive's secure credentials, no code changes required.  
TypeScript  
```  
import { createConnection } from "mysql2/promise";  
export interface Env {  HYPERDRIVE: Hyperdrive;}  
export default {  async fetch(request, env, ctx): Promise<Response> {    const connection = await createConnection({      host: env.HYPERDRIVE.host,      user: env.HYPERDRIVE.user,      password: env.HYPERDRIVE.password,      database: env.HYPERDRIVE.database,      port: env.HYPERDRIVE.port,      disableEval: true, // Required for Workers compatibility    });  
    const [results, fields] = await connection.query("SHOW tables;");  
    ctx.waitUntil(connection.end());  
    return new Response(JSON.stringify({ results, fields }), {      headers: {        "Content-Type": "application/json",        "Access-Control-Allow-Origin": "*",      },    });  },} satisfies ExportedHandler<Env>;  
```  
Learn more about [how Hyperdrive works](https://developers.cloudflare.com/hyperdrive/concepts/how-hyperdrive-works/) and [get started building Workers that connect to MySQL with Hyperdrive](https://developers.cloudflare.com/hyperdrive/get-started/).

Apr 08, 2025
1. ### [Deploy a Workers application in seconds with one-click](https://developers.cloudflare.com/changelog/post/2025-04-08-deploy-to-cloudflare-button/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
You can now add a [Deploy to Cloudflare](https://developers.cloudflare.com/workers/platform/deploy-buttons/) button to the README of your Git repository containing a Workers application — making it simple for other developers to quickly set up and deploy your project!  
[![Deploy to Cloudflare](https://deploy.workers.cloudflare.com/button)](https://deploy.workers.cloudflare.com/?url=https://github.com/cloudflare/templates/tree/main/saas-admin-template)  
The Deploy to Cloudflare button:

  1. **Creates a new Git repository on your GitHub/ GitLab account**: Cloudflare will automatically clone and create a new repository on your account, so you can continue developing.
  2. **Automatically provisions resources the app needs**: If your repository requires Cloudflare primitives like a [Workers KV namespace](https://developers.cloudflare.com/kv/), a [D1 database](https://developers.cloudflare.com/d1/), or an [R2 bucket](https://developers.cloudflare.com/r2/), Cloudflare will automatically provision them on your account and bind them to your Worker upon deployment.
  3. **Configures Workers Builds (CI/CD)**: Every new push to your production branch on your newly created repository will automatically build and deploy courtesy of [Workers Builds](https://developers.cloudflare.com/workers/ci-cd/builds/).
  4. **Adds preview URLs to each pull request**: If you'd like to test your changes before deploying, you can push changes to a [non-production branch](https://developers.cloudflare.com/workers/ci-cd/builds/build-branches/#configure-non-production-branch-builds) and [preview URLs](https://developers.cloudflare.com/workers/configuration/previews/) will be generated and [posted back to GitHub as a comment](https://developers.cloudflare.com/workers/ci-cd/builds/git-integration/github-integration/#pull-request-comment).  
![Import repo or choose template](https://developers.cloudflare.com/_astro/dtw-user-flow.zgS3Y8iK_Z1r8gDo.webp)  
To create a Deploy to Cloudflare button in your README, you can add the following snippet, including your Git repository URL:  
```  
[![Deploy to Cloudflare](https://deploy.workers.cloudflare.com/button)](https://deploy.workers.cloudflare.com/?url=<YOUR_GIT_REPO_URL>)  
```  
Check out our [documentation](https://developers.cloudflare.com/workers/platform/deploy-buttons/) for more information on how to set up a deploy button for your application and best practices to ensure a successful deployment for other developers.

Apr 08, 2025
1. ### [Full-stack frameworks are now Generally Available on Cloudflare Workers](https://developers.cloudflare.com/changelog/post/2025-04-08-fullstack-on-workers/)  
[ Workers ](https://developers.cloudflare.com/workers/)[ Workers for Platforms ](https://developers.cloudflare.com/cloudflare-for-platforms/workers-for-platforms/)  
![Full-stack on Cloudflare Workers](https://developers.cloudflare.com/_astro/fullstack-on-workers.D7fotYu2_ZMwDKf.webp)  
The following full-stack frameworks now have Generally Available ("GA") adapters for Cloudflare Workers, and are ready for you to use in production:

  * [React Router v7 (Remix)](https://developers.cloudflare.com/workers/framework-guides/web-apps/react-router/)
  * [Astro](https://developers.cloudflare.com/workers/framework-guides/web-apps/astro/)
  * [Hono](https://developers.cloudflare.com/workers/framework-guides/web-apps/more-web-frameworks/hono/)
  * [Vue.js](https://developers.cloudflare.com/workers/framework-guides/web-apps/vue/)
  * [Nuxt](https://developers.cloudflare.com/workers/framework-guides/web-apps/more-web-frameworks/nuxt/)
  * [Svelte (SvelteKit)](https://developers.cloudflare.com/workers/framework-guides/web-apps/sveltekit/)
  * And [more](https://developers.cloudflare.com/workers/framework-guides/).  
The following frameworks are now in **beta**, with GA support coming very soon:

  * [Next.js](https://developers.cloudflare.com/workers/framework-guides/web-apps/nextjs/), supported through [@opennextjs/cloudflare ↗](https://opennext.js.org/cloudflare) is now `v1.0-beta`.
  * [Angular](https://developers.cloudflare.com/workers/framework-guides/web-apps/more-web-frameworks/angular/)
  * [SolidJS (SolidStart)](https://developers.cloudflare.com/workers/framework-guides/web-apps/more-web-frameworks/solid/)  
You can also build complete full-stack apps on Workers **without a framework**:

  * You can [“just use Vite" ↗](https://blog.cloudflare.com/introducing-the-cloudflare-vite-plugin) and React together, and build a back-end API in the same Worker. Follow our [React SPA with an API tutorial](https://developers.cloudflare.com/workers/vite-plugin/tutorial/) to learn how.

**Get started building today with our [framework guides](https://developers.cloudflare.com/workers/framework-guides/)**, or read our [Developer Week 2025 blog post ↗](https://blog.cloudflare.com/full-stack-development-on-cloudflare-workers) about all the updates to building full-stack applications on Workers.

Apr 08, 2025
1. ### [Improved support for Node.js Crypto and TLS APIs in Workers](https://developers.cloudflare.com/changelog/post/2025-04-08-nodejs-crypto-and-tls/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
When using a Worker with the [nodejs\_compat](https://developers.cloudflare.com/workers/runtime-apis/nodejs/) compatibility flag enabled, the following Node.js APIs are now available:

  * [node:crypto](https://developers.cloudflare.com/workers/runtime-apis/nodejs/crypto/)
  * [node:tls](https://developers.cloudflare.com/workers/runtime-apis/nodejs/tls/)  
This make it easier to reuse existing Node.js code in Workers or use npm packages that depend on these APIs.  
#### node:crypto  
The full [node:crypto ↗](https://nodejs.org/api/crypto.html) API is now available in Workers.  
You can use it to verify and sign data:  
JavaScript  
```  
import { sign, verify } from "node:crypto";  
const signature = sign("sha256", "-data to sign-", env.PRIVATE_KEY);const verified = verify("sha256", "-data to sign-", env.PUBLIC_KEY, signature);  
```  
Or, to encrypt and decrypt data:  
JavaScript  
```  
import { publicEncrypt, privateDecrypt } from "node:crypto";  
const encrypted = publicEncrypt(env.PUBLIC_KEY, "some data");const plaintext = privateDecrypt(env.PRIVATE_KEY, encrypted);  
```  
See the [node:crypto documentation](https://developers.cloudflare.com/workers/runtime-apis/nodejs/crypto/) for more information.  
#### node:tls  
The following APIs from `node:tls` are now available:

  * [connect ↗](https://nodejs.org/api/tls.html#tlsconnectoptions-callback)
  * [TLSSocket ↗](https://nodejs.org/api/tls.html#class-tlstlssocket)
  * [checkServerIdentity ↗](https://nodejs.org/api/tls.html#tlscheckserveridentityhostname-cert)
  * [createSecureContext ↗](https://nodejs.org/api/tls.html#tlscreatesecurecontextoptions)  
This enables secure connections over TLS (Transport Layer Security) to external services.  
JavaScript  
```  
import { connect } from "node:tls";  
// ... in a request handler ...const connectionOptions = { key: env.KEY, cert: env.CERT };const socket = connect(url, connectionOptions, () => {  if (socket.authorized) {    console.log("Connection authorized");  }});  
socket.on("data", (data) => {  console.log(data);});  
socket.on("end", () => {  console.log("server ends connection");});  
```  
See the [node:tls documentation](https://developers.cloudflare.com/workers/runtime-apis/nodejs/tls/) for more information.

Apr 08, 2025
1. ### [The Cloudflare Vite plugin is now Generally Available](https://developers.cloudflare.com/changelog/post/2025-04-08-vite-plugin/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
The [Cloudflare Vite plugin](https://developers.cloudflare.com/workers/vite-plugin/) has [reached v1.0 ↗](https://blog.cloudflare.com/introducing-the-cloudflare-vite-plugin) and is now Generally Available ("GA").  
When you use `@cloudflare/vite-plugin`, you can use Vite's local development server and build tooling, while ensuring that while developing, your code runs in [workerd ↗](https://github.com/cloudflare/workerd), the open-source Workers runtime.  
This lets you get the best of both worlds for a full-stack app — you can use [Hot Module Replacement ↗](https://vite.dev/guide/features.html#hot-module-replacement) from Vite right alongside [Durable Objects](https://developers.cloudflare.com/durable-objects/) and other runtime APIs and bindings that are unique to Cloudflare Workers.  
`@cloudflare/vite-plugin` is made possible by the new [environment API ↗](https://vite.dev/guide/api-environment) in Vite, and was built [in partnership with the Vite team ↗](https://blog.cloudflare.com/introducing-the-cloudflare-vite-plugin).  
#### Framework support  
You can build any type of application with `@cloudflare/vite-plugin`, using any rendering mode, from single page applications (SPA) and static sites to server-side rendered (SSR) pages and API routes.  
[React Router v7 (Remix)](https://developers.cloudflare.com/workers/framework-guides/web-apps/react-router/) is the first full-stack framework to provide full support for Cloudflare Vite plugin, allowing you to use all parts of Cloudflare's developer platform, without additional build steps.  
You can also build complete full-stack apps on Workers **without a framework** — ["just use Vite" ↗](https://blog.cloudflare.com/introducing-the-cloudflare-vite-plugin) and React together, and build a back-end API in the same Worker. Follow our [React SPA with an API tutorial](https://developers.cloudflare.com/workers/vite-plugin/tutorial/) to learn how.  
#### Configuration  
If you're already using [Vite ↗](https://vite.dev/) in your build and development toolchain, you can start using our plugin with minimal changes to your `vite.config.ts`:  
vite.config.ts  
```  
import { defineConfig } from "vite";import { cloudflare } from "@cloudflare/vite-plugin";  
export default defineConfig({  plugins: [cloudflare()],});  
```  
Take a look at the [documentation for our Cloudflare Vite plugin](https://developers.cloudflare.com/workers/vite-plugin/) for more information!

Apr 07, 2025
1. ### [Build MCP servers with the Agents SDK](https://developers.cloudflare.com/changelog/post/2025-04-07-mcp-servers-agents-sdk-updates/)  
[ Agents ](https://developers.cloudflare.com/agents/)[ Workers ](https://developers.cloudflare.com/workers/)  
The Agents SDK now includes built-in support for building remote MCP (Model Context Protocol) servers directly as part of your Agent. This allows you to easily create and manage MCP servers, without the need for additional infrastructure or configuration.  
The SDK includes a new `MCPAgent` class that extends the `Agent` class and allows you to expose resources and tools over the MCP protocol, as well as authorization and authentication to enable remote MCP servers.

  * [  JavaScript ](#tab-panel-4893)
  * [  TypeScript ](#tab-panel-4894)  
JavaScript  
```  
export class MyMCP extends McpAgent {  server = new McpServer({    name: "Demo",    version: "1.0.0",  });  
  async init() {    this.server.resource(`counter`, `mcp://resource/counter`, (uri) => {      // ...    });  
    this.server.tool(      "add",      "Add two numbers together",      { a: z.number(), b: z.number() },      async ({ a, b }) => {        // ...      },    );  }}  
```  
TypeScript  
```  
export class MyMCP extends McpAgent<Env> {  server = new McpServer({    name: "Demo",    version: "1.0.0",  });  
  async init() {    this.server.resource(`counter`, `mcp://resource/counter`, (uri) => {      // ...    });  
    this.server.tool(      "add",      "Add two numbers together",      { a: z.number(), b: z.number() },      async ({ a, b }) => {        // ...      },    );  }}  
```  
See [the example ↗](https://github.com/cloudflare/agents/tree/main/examples/mcp) for the full code and as the basis for building your own MCP servers, and the [client example ↗](https://github.com/cloudflare/agents/tree/main/examples/mcp-client) for how to build an Agent that acts as an MCP client.  
To learn more, review the [announcement blog ↗](https://blog.cloudflare.com/building-ai-agents-with-mcp-authn-authz-and-durable-objects) as part of Developer Week 2025.  
#### Agents SDK updates  
We've made a number of improvements to the [Agents SDK](https://developers.cloudflare.com/agents/), including:

  * Support for building MCP servers with the new `MCPAgent` class.
  * The ability to export the current agent, request and WebSocket connection context using `import { context } from "agents"`, allowing you to minimize or avoid direct dependency injection when calling tools.
  * Fixed a bug that prevented query parameters from being sent to the Agent server from the `useAgent` React hook.
  * Automatically converting the `agent` name in `useAgent` or `useAgentChat` to kebab-case to ensure it matches the naming convention expected by [routeAgentRequest](https://developers.cloudflare.com/agents/runtime/communication/routing/).  
To install or update the Agents SDK, run `npm i agents@latest` in an existing project, or explore the `agents-starter` project:  
Terminal window  
```  
npm create cloudflare@latest -- --template cloudflare/agents-starter  
```  
See the full release notes and changelog [on the Agents SDK repository ↗](https://github.com/cloudflare/agents/blob/main/packages/agents/CHANGELOG.md) and

Apr 07, 2025
1. ### [Create fully-managed RAG pipelines for your AI applications with AutoRAG](https://developers.cloudflare.com/changelog/post/2025-04-07-autorag-open-beta/)  
[ AI Search ](https://developers.cloudflare.com/ai-search/)[ Vectorize ](https://developers.cloudflare.com/vectorize/)  
[AutoRAG](https://developers.cloudflare.com/ai-search/) is now in open beta, making it easy for you to build fully-managed retrieval-augmented generation (RAG) pipelines without managing infrastructure. Just upload your docs to [R2](https://developers.cloudflare.com/r2/get-started/), and AutoRAG handles the rest: embeddings, indexing, retrieval, and response generation via API.  
With AutoRAG, you can:

  * **Customize your pipeline:** Choose from [Workers AI](https://developers.cloudflare.com/workers-ai) models, configure chunking strategies, edit system prompts, and more.
  * **Instant setup:** AutoRAG provisions everything you need from [Vectorize](https://developers.cloudflare.com/vectorize), [AI gateway](https://developers.cloudflare.com/ai-gateway), to pipeline logic for you, so you can go from zero to a working RAG pipeline in seconds.
  * **Keep your index fresh:** AutoRAG continuously syncs your index with your data source to ensure responses stay accurate and up to date.
  * **Ask questions:** Query your data and receive grounded responses via a [Workers binding](https://developers.cloudflare.com/ai-search/api/search/workers-binding/) or [API](https://developers.cloudflare.com/ai-search/api/search/rest-api/).  
Whether you're building internal tools, AI-powered search, or a support assistant, AutoRAG gets you from idea to deployment in minutes.  
Get started in the [Cloudflare dashboard ↗](https://dash.cloudflare.com/?to=/:account/ai/autorag) or check out the [guide](https://developers.cloudflare.com/ai-search/get-started/) for instructions on how to build your RAG pipeline today.

Apr 07, 2025
1. ### [Browser Rendering REST API is Generally Available, with new endpoints and a free tier](https://developers.cloudflare.com/changelog/post/2025-04-07-br-free-ga-playwright/)  
[ Browser Run ](https://developers.cloudflare.com/browser-run/)  
We’re excited to announce Browser Rendering is now available on the [Workers Free plan ↗](https://www.cloudflare.com/plans/developer-platform/), making it even easier to prototype and experiment with web search and headless browser use-cases when building applications on Workers.  
The Browser Rendering **[REST API](https://developers.cloudflare.com/browser-run/quick-actions/) is now Generally Available**, allowing you to control browser instances from outside of Workers applications. We've added three new endpoints to help automate more browser tasks:

  * **Extract structured data** – Use `/json` to retrieve structured data from a webpage.
  * **Retrieve links** – Use `/links` to pull all links from a webpage.
  * **Convert to Markdown** – Use `/markdown` to convert webpage content into Markdown format.  
For example, to fetch the Markdown representation of a webpage:  
Markdown example  
```  
curl -X 'POST' 'https://api.cloudflare.com/client/v4/accounts/<accountId>/browser-rendering/markdown' \  -H 'Content-Type: application/json' \  -H 'Authorization: Bearer <apiToken>' \  -d '{    "url": "https://example.com"  }'  
```  
For the full list of endpoints, check out our [REST API documentation](https://developers.cloudflare.com/browser-run/quick-actions/). You can also interact with Browser Rendering via the [Cloudflare TypeScript SDK ↗](https://github.com/cloudflare/cloudflare-typescript).  
We also recently landed support for [Playwright](https://developers.cloudflare.com/browser-run/playwright/) in Browser Rendering for browser automation from Cloudflare [Workers](https://developers.cloudflare.com/workers/), in addition to [Puppeteer](https://developers.cloudflare.com/browser-run/puppeteer/), giving you more flexibility to test across different browser environments.  
Visit the [Browser Rendering docs](https://developers.cloudflare.com/browser-run/) to learn more about how to use headless browsers in your applications.

Apr 07, 2025
1. ### [Durable Objects on Workers Free plan](https://developers.cloudflare.com/changelog/post/2025-04-07-durable-objects-free-tier/)  
[ Durable Objects ](https://developers.cloudflare.com/durable-objects/)[ Workers ](https://developers.cloudflare.com/workers/)  
Durable Objects can now be used with zero commitment on the [Workers Free plan](https://developers.cloudflare.com/workers/platform/pricing/) allowing you to build AI agents with [Agents SDK](https://developers.cloudflare.com/agents/), collaboration tools, and real-time applications like chat or multiplayer games.  
Durable Objects let you build stateful, serverless applications with millions of tiny coordination instances that run your application code alongside (in the same thread!) your durable storage. Each Durable Object can access its own SQLite database through a [Storage API](https://developers.cloudflare.com/durable-objects/best-practices/access-durable-objects-storage/). A Durable Object class is defined in a Worker script encapsulating the Durable Object's behavior when accessed from a Worker. To try the code below, click the button:  
[![Deploy to Cloudflare](https://deploy.workers.cloudflare.com/button)](https://deploy.workers.cloudflare.com/?url=https://github.com/cloudflare/templates/tree/main/hello-world-do-template)  
JavaScript  
```  
import { DurableObject } from "cloudflare:workers";  
// Durable Objectexport class MyDurableObject extends DurableObject {  ...  async sayHello(name) {    return `Hello, ${name}!`;  }}  
// Workerexport default {  async fetch(request, env) {    // Every unique ID refers to an individual instance of the Durable Object class    const id = env.MY_DURABLE_OBJECT.idFromName("foo");  
    // A stub is a client used to invoke methods on the Durable Object    const stub = env.MY_DURABLE_OBJECT.get(id);  
    // Methods on the Durable Object are invoked via the stub    const response = await stub.sayHello("world");  
    return response;  },};  
```  
Free plan [limits](https://developers.cloudflare.com/durable-objects/platform/pricing/) apply to Durable Objects compute and storage usage. Limits allow developers to build real-world applications, with every Worker request able to call a Durable Object on the free plan.  
For more information, checkout:

  * [Documentation](https://developers.cloudflare.com/durable-objects/concepts/what-are-durable-objects/)
  * [Zero-latency SQLite storage in every Durable Object blog ↗](https://blog.cloudflare.com/sqlite-in-durable-objects/)

Apr 07, 2025
1. ### [SQLite in Durable Objects GA with 10GB storage per object](https://developers.cloudflare.com/changelog/post/2025-04-07-sqlite-in-durable-objects-ga/)  
[ Durable Objects ](https://developers.cloudflare.com/durable-objects/)[ Workers ](https://developers.cloudflare.com/workers/)  
SQLite in Durable Objects is now generally available (GA) with 10GB SQLite database per Durable Object. Since the [public beta ↗](https://blog.cloudflare.com/sqlite-in-durable-objects/) in September 2024, we've added feature parity and robustness for the SQLite storage backend compared to the preexisting key-value (KV) storage backend for Durable Objects.  
SQLite-backed Durable Objects are recommended for all new Durable Object classes, using `new_sqlite_classes` [Wrangler configuration](https://developers.cloudflare.com/durable-objects/best-practices/access-durable-objects-storage/#create-sqlite-backed-durable-object-class). Only SQLite-backed Durable Objects have access to Storage API's [SQL](https://developers.cloudflare.com/durable-objects/api/sqlite-storage-api/#sql-api) and [point-in-time recovery](https://developers.cloudflare.com/durable-objects/api/sqlite-storage-api/#pitr-point-in-time-recovery-api) methods, which provide relational data modeling, SQL querying, and better data management.  
JavaScript  
```  
export class MyDurableObject extends DurableObject {  sql: SqlStorage  constructor(ctx: DurableObjectState, env: Env) {    super(ctx, env);    this.sql = ctx.storage.sql;  }  
  async sayHello() {    let result = this.sql      .exec("SELECT 'Hello, World!' AS greeting")      .one();    return result.greeting;  }}  
```  
KV-backed Durable Objects remain for backwards compatibility, and a migration path from key-value storage to SQL storage for existing Durable Object classes will be offered in the future.  
For more details on SQLite storage, checkout [Zero-latency SQLite storage in every Durable Object blog ↗](https://blog.cloudflare.com/sqlite-in-durable-objects/).

Apr 07, 2025
1. ### [Capture up to 256 KB of log events in each Workers Invocation](https://developers.cloudflare.com/changelog/post/2025-04-07-increase-trace-events-limit/)  
[ Workers ](https://developers.cloudflare.com/workers/)  
You can now capture a maximum of 256 KB of log events per Workers invocation, helping you gain better visibility into application behavior.  
All console.log() statements, exceptions, request metadata, and headers are automatically captured during the Worker invocation and emitted as [JSON object](https://developers.cloudflare.com/logs/logpush/logpush-job/datasets/account/workers%5Ftrace%5Fevents). [Workers Logs](https://developers.cloudflare.com/workers/observability/logs/workers-logs) deserializes this object before indexing the fields and storing them. You can also capture, transform, and export the JSON object in a [Tail Worker](https://developers.cloudflare.com/workers/observability/logs/tail-workers).  
256 KB is a 2x increase from the previous 128 KB limit. After you exceed this limit, further context associated with the request will not be recorded in your logs.  
This limit is automatically applied to all Workers.

Apr 07, 2025
1. ### [Workflows is now Generally Available](https://developers.cloudflare.com/changelog/post/2025-04-07-workflows-ga/)  
[ Workflows ](https://developers.cloudflare.com/workflows/)[ Workers ](https://developers.cloudflare.com/workers/)  
[Workflows](https://developers.cloudflare.com/workflows/) is now _Generally Available_ (or "GA"): in short, it's ready for production workloads. Alongside marking Workflows as GA, we've introduced a number of changes during the beta period, including:

  * A new `waitForEvent` API that allows a Workflow to wait for an event to occur before continuing execution.
  * Increased concurrency: you can [run up to 4,500 Workflow instances](https://developers.cloudflare.com/changelog/2025-02-25-workflows-concurrency-increased/) concurrently — and this will continue to grow.
  * Improved observability, including new CPU time metrics that allow you to better understand which Workflow instances are consuming the most resources and/or contributing to your bill.
  * Support for `vitest` for testing Workflows locally and in CI/CD pipelines.  
Workflows also supports the new [increased CPU limits](https://developers.cloudflare.com/changelog/2025-03-25-higher-cpu-limits/) that apply to Workers, allowing you to run more CPU-intensive tasks (up to 5 minutes of CPU time per instance), not including the time spent waiting on network calls, AI models, or other I/O bound tasks.  
#### Human-in-the-loop  
The new `step.waitForEvent` API allows a Workflow instance to wait on events and data, enabling human-in-the-the-loop interactions, such as approving or rejecting a request, directly handling webhooks from other systems, or pushing event data to a Workflow while it's running.  
Because Workflows are just code, you can conditionally execute code based on the result of a `waitForEvent` call, and/or call `waitForEvent` multiple times in a single Workflow based on what the Workflow needs.  
For example, if you wanted to implement a human-in-the-loop approval process, you could use `waitForEvent` to wait for a user to approve or reject a request, and then conditionally execute code based on the result.

  * [  JavaScript ](#tab-panel-4891)
  * [  TypeScript ](#tab-panel-4892)  
JavaScript  
```  
import {  WorkflowEntrypoint,  WorkflowStep,  WorkflowEvent,} from "cloudflare:workers";  
export class MyWorkflow extends WorkflowEntrypoint {  async run(event, step) {    // Other steps in your Workflow    let stripeEvent = await step.waitForEvent(      "receive invoice paid webhook from Stripe",      { type: "stripe-webhook", timeout: "1 hour" },    );    // Rest of your Workflow  }}  
```  
TypeScript  
```  
import { WorkflowEntrypoint, WorkflowStep, WorkflowEvent } from "cloudflare:workers";  
export class MyWorkflow extends WorkflowEntrypoint<Env, Params> {  async run(event: WorkflowEvent<Params>, step: WorkflowStep) {    // Other steps in your Workflow    let stripeEvent = await step.waitForEvent<IncomingStripeWebhook>("receive invoice paid webhook from Stripe", { type: "stripe-webhook", timeout: "1 hour" })    // Rest of your Workflow  }}  
```  
You can then send a Workflow an event from an external service via HTTP or from within a Worker using the [Workers API](https://developers.cloudflare.com/workflows/build/workers-api/) for Workflows:

  * [  JavaScript ](#tab-panel-4895)
  * [  TypeScript ](#tab-panel-4896)  
JavaScript  
```  
export default {  async fetch(req, env) {    const instanceId = new URL(req.url).searchParams.get("instanceId");    const webhookPayload = await req.json();  
    let instance = await env.MY_WORKFLOW.get(instanceId);    // Send our event, with `type` matching the event type defined in    // our step.waitForEvent call    await instance.sendEvent({      type: "stripe-webhook",      payload: webhookPayload,    });  
    return Response.json({      status: await instance.status(),    });  },};  
```  
TypeScript  
```  
export default {  async fetch(req: Request, env: Env) {    const instanceId = new URL(req.url).searchParams.get("instanceId")    const webhookPayload = await req.json<Payload>()  
    let instance = await env.MY_WORKFLOW.get(instanceId);    // Send our event, with `type` matching the event type defined in    // our step.waitForEvent call    await instance.sendEvent({type: "stripe-webhook", payload: webhookPayload})  
    return Response.json({      status: await instance.status(),    });  },};  
```  
Read the [GA announcement blog ↗](https://blog.cloudflare.com/workflows-is-now-generally-available/) to learn more about what landed as part of the Workflows GA.

Apr 04, 2025
1. ### [Playwright for Browser Rendering now available](https://developers.cloudflare.com/changelog/post/2025-04-04-playwright-beta/)  
[ Browser Run ](https://developers.cloudflare.com/browser-run/)  
We're excited to share that you can now use Playwright's browser automation [capabilities ↗](https://playwright.dev/docs/api/class-playwright) from Cloudflare [Workers](https://developers.cloudflare.com/workers/).  
[Playwright ↗](https://playwright.dev/) is an open-source package developed by Microsoft that can do browser automation tasks; it's commonly used to write software tests, debug applications, create screenshots, and crawl pages. Like [Puppeteer](https://developers.cloudflare.com/browser-run/puppeteer/), we [forked ↗](https://github.com/cloudflare/playwright) Playwright and modified it to be compatible with Cloudflare Workers and [Browser Rendering](https://developers.cloudflare.com/browser-run/).  
Below is an example of how to use Playwright with Browser Rendering to test a TODO application using assertions:  
Assertion example  
```  
import { launch, type BrowserWorker } from "@cloudflare/playwright";import { expect } from "@cloudflare/playwright/test";  
interface Env {  MYBROWSER: BrowserWorker;}  
export default {  async fetch(request: Request, env: Env) {    const browser = await launch(env.MYBROWSER);    const page = await browser.newPage();  
    await page.goto("https://demo.playwright.dev/todomvc");  
    const TODO_ITEMS = [      "buy some cheese",      "feed the cat",      "book a doctors appointment",    ];  
    const newTodo = page.getByPlaceholder("What needs to be done?");    for (const item of TODO_ITEMS) {      await newTodo.fill(item);      await newTodo.press("Enter");    }  
    await expect(page.getByTestId("todo-title")).toHaveCount(TODO_ITEMS.length);  
    await Promise.all(      TODO_ITEMS.map((value, index) =>        expect(page.getByTestId("todo-title").nth(index)).toHaveText(value),      ),    );  },};  
```  
Playwright is available as an npm package at [@cloudflare/playwright ↗](https://www.npmjs.com/package/@cloudflare/playwright) and the code is at [GitHub ↗](https://github.com/cloudflare/playwright).  
Learn more in our [documentation](https://developers.cloudflare.com/browser-run/playwright/).

Apr 04, 2025
1. ### [Workers Fetch API can override Cache Rules](https://developers.cloudflare.com/changelog/post/2025-04-04-workers-fetch-api-override-cache-rules/)  
[ Cache / CDN ](https://developers.cloudflare.com/cache/)  
You can now programmatically override Cache Rules using the `cf` object in the `fetch()` command. This feature gives you fine-grained control over caching behavior on a per-request basis, allowing Workers to customize cache settings dynamically based on request properties, user context, or business logic.  
#### How it works  
Using the `cf` object in `fetch()`, you can override specific Cache Rules settings by:

  1. **Setting custom cache options**: Pass cache properties in the `cf` object as the second argument to `fetch()` to override default Cache Rules.
  2. **Dynamic cache control**: Apply different caching strategies based on request headers, cookies, or other runtime conditions.
  3. **Per-request customization**: Bypass or modify Cache Rules for individual requests while maintaining default behavior for others.
  4. **Programmatic cache management**: Implement complex caching logic that adapts to your application's needs.  
#### What can be configured  
Workers can override the following Cache Rules settings through the `cf` object:

  * **`cacheEverything`**: Treat all content as static and cache all file types beyond the default cached content.
  * **`cacheTtl`**: Set custom time-to-live values in seconds for cached content at the edge, regardless of origin headers.
  * **`cacheTtlByStatus`**: Set different TTLs based on the response status code (for example, `{ "200-299": 86400, 404: 1, "500-599": 0 }`).
  * **`cacheKey`**: Customize cache keys to control which requests are treated as the same for caching purposes (Enterprise only).
  * **`cacheTags`**: Append additional cache tags for targeted cache purging operations.  
#### Benefits

  * **Enhanced flexibility**: Customize cache behavior without modifying zone-level Cache Rules.
  * **Dynamic optimization**: Adjust caching strategies in real-time based on request context.
  * **Simplified configuration**: Reduce the number of Cache Rules needed by handling edge cases programmatically.
  * **Improved performance**: Fine-tune cache behavior for specific use cases to maximize hit rates.  
#### Get started  
To get started, refer to the [Workers Fetch API documentation](https://developers.cloudflare.com/workers/runtime-apis/fetch/) and the [cf object properties documentation](https://developers.cloudflare.com/workers/runtime-apis/request/#the-cf-property-requestinitcfproperties).

Apr 03, 2025
1. ### [All cache purge methods now available for all plans](https://developers.cloudflare.com/changelog/post/2025-04-01-purge-for-all/)  
[ Cache / CDN ](https://developers.cloudflare.com/cache/)  
You can now access all Cloudflare cache purge methods — no matter which plan you’re on. Whether you need to update a single asset or instantly invalidate large portions of your site’s content, you now have the same powerful tools previously reserved for Enterprise customers.

**Anyone on Cloudflare can now:**

  1. [Purge Everything](https://developers.cloudflare.com/cache/how-to/purge-cache/purge-everything/): Clears all cached content associated with a website.
  2. [Purge by Prefix](https://developers.cloudflare.com/cache/how-to/purge-cache/purge%5Fby%5Fprefix/): Targets URLs sharing a common prefix.
  3. [Purge by Hostname](https://developers.cloudflare.com/cache/how-to/purge-cache/purge-by-hostname/): Invalidates content by specific hostnames.
  4. [Purge by URL (single-file purge)](https://developers.cloudflare.com/cache/how-to/purge-cache/purge-by-single-file/): Precisely targets individual URLs.
  5. [Purge by Tag](https://developers.cloudflare.com/cache/how-to/purge-cache/purge-by-tags/): Uses Cache-Tag response headers to invalidate grouped assets, offering flexibility for complex cache management scenarios.  
Want to learn how each purge method works, when to use them, or what limits apply to your plan? Dive into our [purge cache documentation](https://developers.cloudflare.com/cache/how-to/purge-cache/) and [API reference ↗](https://developers.cloudflare.com/api/resources/cache/methods/purge/) for all the details.

Apr 02, 2025
1. ### [WAF Release - 2025-04-02](https://developers.cloudflare.com/changelog/post/2025-04-02-waf-release/)  
[ WAF ](https://developers.cloudflare.com/waf/)  

| Ruleset                    | Rule ID     | Legacy Rule ID | Description                                                                             | Previous Action | New Action | Comments                |
| -------------------------- | ----------- | -------------- | --------------------------------------------------------------------------------------- | --------------- | ---------- | ----------------------- |
| Cloudflare Managed Ruleset | ...622f0483 | 100732         | Sitecore - Code Injection - CVE:CVE-2025-27218                                          | Log             | Block      | This is a New Detection |
| Cloudflare Managed Ruleset | ...0f101cca | 100733         | Angular-Base64-Upload - Remote Code Execution - CVE:CVE-2024-42640                      | Log             | Block      | This is a New Detection |
| Cloudflare Managed Ruleset | ...1bbcd247 | 100734         | Apache Camel - Remote Code Execution - CVE:CVE-2025-29891                               | Log             | Disabled   | This is a New Detection |
| Cloudflare Managed Ruleset | ...90aea1ca | 100735         | Progress Software WhatsUp Gold - Remote Code Execution - CVE:CVE-2024-4885              | Log             | Block      | This is a New Detection |
| Cloudflare Managed Ruleset | ...d9d8c5f2 | 100737         | Apache Tomcat - Remote Code Execution - CVE:CVE-2025-24813                              | Log             | Block      | This is a New Detection |
| Cloudflare Managed Ruleset | ...a28a42c4 | 100659         | Common Payloads for Server-side Template Injection                                      | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...daa4b037 | 100659         | Common Payloads for Server-side Template Injection - Base64                             | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...48f6a9cf | 100642         | LDAP Injection                                                                          | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...e0713e9f | 100642         | LDAP Injection Base64                                                                   | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...1bc977d1 | 100005         | DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892, CVE:CVE-2022-31474  | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...bb70a463 | 100527         | Apache Struts - CVE:CVE-2021-31805                                                      | N/A             | Block      | N/A                     |
| Cloudflare Managed Ruleset | ...0c99546a | 100702         | Command Injection - CVE:CVE-2022-24108                                                  | N/A             | Block      | N/A                     |
| Cloudflare Managed Ruleset | ...9a5581d0 | 100622C        | Ivanti - Command Injection - CVE:CVE-2023-46805, CVE:CVE-2024-21887, CVE:CVE-2024-22024 | N/A             | Block      | N/A                     |
| Cloudflare Managed Ruleset | ...06d0b009 | 100536C        | GraphQL Command Injection                                                               | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...1651d0c8 | 100536         | GraphQL Injection                                                                       | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...af00f61d | 100536A        | GraphQL Introspection                                                                   | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...a41e5b67 | 100536B        | GraphQL SSRF                                                                            | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...433e5b3d | 100559A        | Prototype Pollution - Common Payloads                                                   | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...4816b26f | 100559A        | Prototype Pollution - Common Payloads - Base64                                          | N/A             | Disabled   | N/A                     |
| Cloudflare Managed Ruleset | ...fcea5ed2 | 100734         | Apache Camel - Remote Code Execution - CVE:CVE-2025-29891                               | N/A             | Disabled   | N/A                     |

Apr 01, 2025
1. ### [CASB and Email security](https://developers.cloudflare.com/changelog/post/2025-04-01-casb-email-security/)  
[ Email security ](https://developers.cloudflare.com/cloudflare-one/email-security/)  
With Email security, you get two free CASB integrations.  
Use one SaaS integration for Email security to sync with your directory of users, take actions on delivered emails, automatically provide EMLs for reclassification requests for clean emails, discover CASB findings and more.  
With the other integration, you can have a separate SaaS integration for CASB findings for another SaaS provider.  
Refer to [Add an integration](https://developers.cloudflare.com/cloudflare-one/integrations/cloud-and-saas/) to learn more about this feature.  
![CASB-EmailSecurity](https://developers.cloudflare.com/_astro/CASB-EmailSecurity.B1wd9be2_PR5LD.webp)  
This feature is available across these Email security packages:

  * **Enterprise**
  * **Enterprise + PhishGuard**

Mar 27, 2025
1. ### [New Pause & Purge APIs for Queues](https://developers.cloudflare.com/changelog/post/2025-03-25-pause-purge-queues/)  
[ Queues ](https://developers.cloudflare.com/queues/)  
[Queues](https://developers.cloudflare.com/queues/) now supports the ability to pause message delivery and/or purge (delete) messages on a queue. These operations can be useful when:

  * Your consumer has a bug or downtime, and you want to temporarily stop messages from being processed while you fix the bug
  * You have pushed invalid messages to a queue due to a code change during development, and you want to clean up the backlog
  * Your queue has a backlog that is stale and you want to clean it up to allow new messages to be consumed  
To pause a queue using [Wrangler](https://developers.cloudflare.com/workers/wrangler/), run the `pause-delivery` command. Paused queues continue to receive messages. And you can easily unpause a queue using the `resume-delivery` command.  
Pause and resume a queue  
```  
$ wrangler queues pause-delivery my-queuePausing message delivery for queue my-queue.Paused message delivery for queue my-queue.  
$ wrangler queues resume-delivery my-queueResuming message delivery for queue my-queue.Resumed message delivery for queue my-queue.  
```  
Purging a queue permanently deletes all messages in the queue. Unlike pausing, purging is an irreversible operation:  
Purge a queue  
```  
$ wrangler queues purge my-queue✔ This operation will permanently delete all the messages in queue my-queue. Type my-queue to proceed. … my-queuePurged queue 'my-queue'  
```  
You can also do these operations using the [Queues REST API](https://developers.cloudflare.com/api/resources/queues/), or the dashboard page for a queue.  
![Pause and purge using the dashboard](https://developers.cloudflare.com/_astro/pause-purge.SQ7B3RCF_2dqU5K.webp)  
This feature is available on all new and existing queues. Head over to the [pause and purge documentation](https://developers.cloudflare.com/queues/configuration/pause-purge) to learn more. And if you haven't used Cloudflare Queues before, [get started with the Cloudflare Queues guide](https://developers.cloudflare.com/queues/get-started).

Mar 27, 2025
1. ### [Register and renew .ai and .shop domains at cost](https://developers.cloudflare.com/changelog/post/2025-03-27-ai-domains-available/)  
[ Registrar ](https://developers.cloudflare.com/registrar/)  
![Example search for .ai domains](https://developers.cloudflare.com/_astro/2025-03-27-ai-domains-available.D96eztke_Z1gk2MU.webp)  
Cloudflare Registrar now supports `.ai` and `.shop` domains. These are two of our most highly-requested top-level domains (TLDs) and are great additions to the [300+ other TLDs we support ↗](https://domains.cloudflare.com/tlds).  
Starting today, customers can:

  * Register and renew these domains _at cost_ without any markups or add-on fees
  * Enjoy best-in-class security and performance with native integrations with Cloudflare DNS, CDN, and SSL services like one-click DNSSEC
  * Combat domain hijacking with [Custom Domain Protection ↗](https://www.cloudflare.com/products/registrar/custom-domain-protection/) (available on enterprise plans)  
We can't wait to see what AI and e-commerce projects you deploy on Cloudflare. To get started, transfer your domains to Cloudflare or [search for new ones to register ↗](https://domains.cloudflare.com/).

```json
{"@context":"https://schema.org","@type":"BlogPosting","@id":"https://developers.cloudflare.com/changelog/35/#page","headline":"Changelogs | Cloudflare Docs","url":"https://developers.cloudflare.com/changelog/35/","inLanguage":"en","image":"https://developers.cloudflare.com/cf-twitter-card.png","publisher":{"@type":"Organization","name":"Cloudflare","url":"https://www.cloudflare.com/"},"isPartOf":{"@type":"WebSite","@id":"https://developers.cloudflare.com/#website","name":"Cloudflare Docs","url":"https://developers.cloudflare.com/"}}
```
