Bump cloudflare/wrangler-action from 3.14.1 to 4.0.0

[dependabot]

Bumps cloudflare/wrangler-action from 3.14.1 to 4.0.0.

Release notes

Sourced from cloudflare/wrangler-action's releases.

v4.0.0

Major Changes

• #412 1029e90 Thanks @​ericclemmons! - Update default Wrangler version to v4 (latest). The action now installs Wrangler v4 by default when no wranglerVersion input is specified. Users can still pin to v3 by setting wranglerVersion: "3.90.0" explicitly.

v3.15.0

Minor Changes

• #426 febbda6 Thanks @​WillTaylorDev! - Support version ranges and tags in wranglerVersion input. You can now set wranglerVersion to values like 4, ^4.0.0, 4.x, or latest instead of only exact versions like 4.81.0.

Changelog

Sourced from cloudflare/wrangler-action's changelog.

Changelog

4.0.0

Major Changes

• #412 1029e90 Thanks @​ericclemmons! - Update default Wrangler version to v4 (latest). The action now installs Wrangler v4 by default when no wranglerVersion input is specified. Users can still pin to v3 by setting wranglerVersion: "3.90.0" explicitly.

3.15.0

Minor Changes

• #426 febbda6 Thanks @​WillTaylorDev! - Support version ranges and tags in wranglerVersion input. You can now set wranglerVersion to values like 4, ^4.0.0, 4.x, or latest instead of only exact versions like 4.81.0.

3.14.1

Patch Changes

• #358 cd6314a Thanks @​penalosa! - Use secret bulk instead of deprecated secret:bulk command

3.14.0

Minor Changes

• #351 4ff07f4 Thanks @​Maximo-Guk! - Use wrangler outputs for version upload and wrangler deploy

Patch Changes

• #350 e209094 Thanks @​Maximo-Guk! - Handle failures in createGitHubDeployment and createGitHubJobSummary

3.13.1

Patch Changes

• #345 e819570 Thanks @​Maximo-Guk! - fix: Pages GitHub Deployment not triggering

3.13.0

Minor Changes

• #325 cada7a6 Thanks @​Maximo-Guk! - Add GitHub deployments and job summaries for parity with pages-action

• #334 9fed19a Thanks @​Maximo-Guk! - Bump default wrangler version to 3.90.0

3.12.1

Patch Changes

• #319 59c04629408d58978884fadd18755f1a15f96157 Thanks @​Maximo-Guk! - Fixes #317: Generate a new output directory with a randomUUID in the tmpDir, so that when the action is executed multiple times, we use the artifacts from that run, opposed to the artifacts from a previous run.

... (truncated)

Commits

• ebbaa15 Automatic compilation
• a61fbea Merge pull request #429 from cloudflare/changeset-release/main
• e804ea3 Version Packages
• 8d0324a fix: update release workflow to v5 actions and regenerate lockfile
• 2f18b18 Merge pull request #431 from cloudflare/fix/semgrep-blocking-findings
• 622ff0d fix: upgrade checkout and setup-node to v5 for Node 24 runtime
• f501f05 fix: force GitHub actions to run on Node 24 via env var
• f990691 fix: resolve npm audit vulnerabilities via undici override and vitest v3
• 652762d fix: migrate action runtime from node20 to node24
• bd3f4f0 fix: add retry support to worker health check using better-result
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[changeset-bot]

⚠️ No Changeset found

Latest commit: 07fd9c2

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/cloudflare/wrangler-action	ebbaa1584979971c8614a24965b4405ff95890e0	🟢 6.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 16 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found SAST 🟢 4 SAST tool is not run on all commits -- score normalized to 4

Scanned Files

• .github/workflows/publish-customer.yml