wrangler 4.0.0 → 4.2.0

package/wrangler-dist/cli.js

@@ -15588,8 +15588,8 @@ var require_util6 = __commonJS({
       }
     }
     __name(validateCookiePath, "validateCookiePath");
-    function validateCookieDomain(domain3) {
-      if (domain3.startsWith("-") || domain3.endsWith(".") || domain3.endsWith("-")) {
+    function validateCookieDomain(domain4) {
+      if (domain4.startsWith("-") || domain4.endsWith(".") || domain4.endsWith("-")) {
         throw new Error("Invalid cookie domain");
       }
     }
@@ -29673,18 +29673,18 @@ var require_async = __commonJS({
       ];
     }, "defaultPaths");
     var defaultIsFile = /* @__PURE__ */ __name(function isFile(file, cb2) {
-      fs23.stat(file, function(err, stat8) {
+      fs23.stat(file, function(err, stat9) {
         if (!err) {
-          return cb2(null, stat8.isFile() || stat8.isFIFO());
+          return cb2(null, stat9.isFile() || stat9.isFIFO());
         }
         if (err.code === "ENOENT" || err.code === "ENOTDIR") return cb2(null, false);
         return cb2(err);
       });
     }, "isFile");
     var defaultIsDir = /* @__PURE__ */ __name(function isDirectory2(dir, cb2) {
-      fs23.stat(dir, function(err, stat8) {
+      fs23.stat(dir, function(err, stat9) {
         if (!err) {
-          return cb2(null, stat8.isDirectory());
+          return cb2(null, stat9.isDirectory());
         }
         if (err.code === "ENOENT" || err.code === "ENOTDIR") return cb2(null, false);
         return cb2(err);
@@ -30176,21 +30176,21 @@ var require_sync = __commonJS({
     }, "defaultPaths");
     var defaultIsFile = /* @__PURE__ */ __name(function isFile(file) {
       try {
-        var stat8 = fs23.statSync(file, { throwIfNoEntry: false });
+        var stat9 = fs23.statSync(file, { throwIfNoEntry: false });
       } catch (e7) {
         if (e7 && (e7.code === "ENOENT" || e7.code === "ENOTDIR")) return false;
         throw e7;
       }
-      return !!stat8 && (stat8.isFile() || stat8.isFIFO());
+      return !!stat9 && (stat9.isFile() || stat9.isFIFO());
     }, "isFile");
     var defaultIsDir = /* @__PURE__ */ __name(function isDirectory2(dir) {
       try {
-        var stat8 = fs23.statSync(dir, { throwIfNoEntry: false });
+        var stat9 = fs23.statSync(dir, { throwIfNoEntry: false });
       } catch (e7) {
         if (e7 && (e7.code === "ENOENT" || e7.code === "ENOTDIR")) return false;
         throw e7;
       }
-      return !!stat8 && stat8.isDirectory();
+      return !!stat9 && stat9.isDirectory();
     }, "isDirectory");
     var defaultRealpathSync = /* @__PURE__ */ __name(function realpathSync4(x6) {
       try {
@@ -53578,16 +53578,16 @@ var require_windows = __commonJS({
       return false;
     }
     __name(checkPathExt, "checkPathExt");
-    function checkStat(stat8, path69, options32) {
-      if (!stat8.isSymbolicLink() && !stat8.isFile()) {
+    function checkStat(stat9, path69, options32) {
+      if (!stat9.isSymbolicLink() && !stat9.isFile()) {
         return false;
       }
       return checkPathExt(path69, options32);
     }
     __name(checkStat, "checkStat");
     function isexe(path69, options32, cb2) {
-      fs23.stat(path69, function(er, stat8) {
-        cb2(er, er ? false : checkStat(stat8, path69, options32));
+      fs23.stat(path69, function(er, stat9) {
+        cb2(er, er ? false : checkStat(stat9, path69, options32));
       });
     }
     __name(isexe, "isexe");
@@ -53606,8 +53606,8 @@ var require_mode = __commonJS({
     isexe.sync = sync;
     var fs23 = require("fs");
     function isexe(path69, options32, cb2) {
-      fs23.stat(path69, function(er, stat8) {
-        cb2(er, er ? false : checkStat(stat8, options32));
+      fs23.stat(path69, function(er, stat9) {
+        cb2(er, er ? false : checkStat(stat9, options32));
       });
     }
     __name(isexe, "isexe");
@@ -53615,14 +53615,14 @@ var require_mode = __commonJS({
       return checkStat(fs23.statSync(path69), options32);
     }
     __name(sync, "sync");
-    function checkStat(stat8, options32) {
-      return stat8.isFile() && checkMode(stat8, options32);
+    function checkStat(stat9, options32) {
+      return stat9.isFile() && checkMode(stat9, options32);
     }
     __name(checkStat, "checkStat");
-    function checkMode(stat8, options32) {
-      var mod = stat8.mode;
-      var uid = stat8.uid;
-      var gid = stat8.gid;
+    function checkMode(stat9, options32) {
+      var mod = stat9.mode;
+      var uid = stat9.uid;
+      var gid = stat9.gid;
       var myUid = options32.uid !== void 0 ? options32.uid : process.getuid && process.getuid();
       var myGid = options32.gid !== void 0 ? options32.gid : process.getgid && process.getgid();
       var u5 = parseInt("100", 8);
@@ -56650,12 +56650,12 @@ function defaultOptions() {
     highWaterMark: 4096
   };
 }
-var import_fs10, import_promises23, import_stream3, import_path14, RECURSIVE_ERROR_CODE, NORMAL_FLOW_ERRORS, FILE_TYPE, DIR_TYPE, FILE_DIR_TYPE, EVERYTHING_TYPE, ALL_TYPES, DIR_TYPES, FILE_TYPES, isNormalFlowError, wantBigintFsStats, emptyFn, normalizeFilter, ReaddirpStream, readdirp;
+var import_fs10, import_promises24, import_stream3, import_path14, RECURSIVE_ERROR_CODE, NORMAL_FLOW_ERRORS, FILE_TYPE, DIR_TYPE, FILE_DIR_TYPE, EVERYTHING_TYPE, ALL_TYPES, DIR_TYPES, FILE_TYPES, isNormalFlowError, wantBigintFsStats, emptyFn, normalizeFilter, ReaddirpStream, readdirp;
 var init_esm = __esm({
   "../../node_modules/.pnpm/readdirp@4.0.1/node_modules/readdirp/esm/index.js"() {
     init_import_meta_url();
     import_fs10 = require("fs");
-    import_promises23 = require("fs/promises");
+    import_promises24 = require("fs/promises");
     import_stream3 = require("stream");
     import_path14 = require("path");
     __name(defaultOptions, "defaultOptions");
@@ -56772,7 +56772,7 @@ var init_esm = __esm({
       async _exploreDir(path69, depth) {
         let files;
         try {
-          files = await (0, import_promises23.readdir)(path69, this._rdOptions);
+          files = await (0, import_promises24.readdir)(path69, this._rdOptions);
         } catch (error2) {
           this._onError(error2);
         }
@@ -56810,7 +56810,7 @@ var init_esm = __esm({
         if (stats && stats.isSymbolicLink()) {
           const full = entry.fullPath;
           try {
-            const entryRealPath = await (0, import_promises23.realpath)(full);
+            const entryRealPath = await (0, import_promises24.realpath)(full);
             const entryRealPathStats = (0, import_fs10.lstatSync)(entryRealPath);
             if (entryRealPathStats.isFile()) {
               return "file";
@@ -56872,12 +56872,12 @@ function createFsWatchInstance(path69, options32, listener, errHandler, emitRaw)
     return void 0;
   }
 }
-var import_fs11, import_promises24, sysPath, import_os4, STR_DATA, STR_END, STR_CLOSE, EMPTY_FN, pl, isWindows2, isMacos, isLinux, isIBMi, EVENTS, EV, THROTTLE_MODE_WATCH, statMethods, KEY_LISTENERS, KEY_ERR, KEY_RAW, HANDLER_KEYS, binaryExtensions, isBinaryPath, foreach, addAndConvert, clearItem, delFromSet, isEmptySet, FsWatchInstances, fsWatchBroadcast, setFsWatchListener, FsWatchFileInstances, setFsWatchFileListener, NodeFsHandler;
+var import_fs11, import_promises25, sysPath, import_os4, STR_DATA, STR_END, STR_CLOSE, EMPTY_FN, pl, isWindows2, isMacos, isLinux, isIBMi, EVENTS, EV, THROTTLE_MODE_WATCH, statMethods, KEY_LISTENERS, KEY_ERR, KEY_RAW, HANDLER_KEYS, binaryExtensions, isBinaryPath, foreach, addAndConvert, clearItem, delFromSet, isEmptySet, FsWatchInstances, fsWatchBroadcast, setFsWatchListener, FsWatchFileInstances, setFsWatchFileListener, NodeFsHandler;
 var init_handler = __esm({
   "../../node_modules/.pnpm/chokidar@4.0.1/node_modules/chokidar/esm/handler.js"() {
     init_import_meta_url();
     import_fs11 = require("fs");
-    import_promises24 = require("fs/promises");
+    import_promises25 = require("fs/promises");
     sysPath = __toESM(require("path"), 1);
     import_os4 = require("os");
     STR_DATA = "data";
@@ -56903,7 +56903,7 @@ var init_handler = __esm({
     };
     EV = EVENTS;
     THROTTLE_MODE_WATCH = "watch";
-    statMethods = { lstat: import_promises24.lstat, stat: import_promises24.stat };
+    statMethods = { lstat: import_promises25.lstat, stat: import_promises25.stat };
     KEY_LISTENERS = "listeners";
     KEY_ERR = "errHandlers";
     KEY_RAW = "rawEmitters";
@@ -57244,7 +57244,7 @@ var init_handler = __esm({
             cont.watcherUnusable = true;
           if (isWindows2 && error2.code === "EPERM") {
             try {
-              const fd = await (0, import_promises24.open)(path69, "r");
+              const fd = await (0, import_promises25.open)(path69, "r");
               await fd.close();
               broadcastErr(error2);
             } catch (err) {
@@ -57376,7 +57376,7 @@ var init_handler = __esm({
             return;
           if (!newStats || newStats.mtimeMs === 0) {
             try {
-              const newStats2 = await (0, import_promises24.stat)(file);
+              const newStats2 = await (0, import_promises25.stat)(file);
               if (this.fsw.closed)
                 return;
               const at2 = newStats2.atimeMs;
@@ -57431,7 +57431,7 @@ var init_handler = __esm({
           this.fsw._incrReadyCount();
           let linkPath;
           try {
-            linkPath = await (0, import_promises24.realpath)(path69);
+            linkPath = await (0, import_promises25.realpath)(path69);
           } catch (e7) {
             this.fsw._emitReady();
             return true;
@@ -57579,7 +57579,7 @@ var init_handler = __esm({
           let closer;
           if (stats.isDirectory()) {
             const absPath = sysPath.resolve(path69);
-            const targetPath = follow ? await (0, import_promises24.realpath)(path69) : path69;
+            const targetPath = follow ? await (0, import_promises25.realpath)(path69) : path69;
             if (this.fsw.closed)
               return;
             closer = await this._handleDir(wh.watchPath, stats, initialAdd, depth, target, wh, targetPath);
@@ -57589,7 +57589,7 @@ var init_handler = __esm({
               this.fsw._symlinkPaths.set(absPath, targetPath);
             }
           } else if (stats.isSymbolicLink()) {
-            const targetPath = follow ? await (0, import_promises24.realpath)(path69) : path69;
+            const targetPath = follow ? await (0, import_promises25.realpath)(path69) : path69;
             if (this.fsw.closed)
               return;
             const parent = sysPath.dirname(wh.watchPath);
@@ -57689,12 +57689,12 @@ function watch(paths, options32 = {}) {
   watcher.add(paths);
   return watcher;
 }
-var import_fs12, import_promises25, import_events4, sysPath2, SLASH, SLASH_SLASH, ONE_DOT, TWO_DOTS, STRING_TYPE, BACK_SLASH_RE, DOUBLE_SLASH_RE, DOT_RE, REPLACER_RE, isMatcherObject, unifyPaths, toUnix, normalizePathToUnix, normalizeIgnored, getAbsolutePath, EMPTY_SET, DirEntry, STAT_METHOD_F, STAT_METHOD_L, WatchHelper, FSWatcher;
+var import_fs12, import_promises26, import_events4, sysPath2, SLASH, SLASH_SLASH, ONE_DOT, TWO_DOTS, STRING_TYPE, BACK_SLASH_RE, DOUBLE_SLASH_RE, DOT_RE, REPLACER_RE, isMatcherObject, unifyPaths, toUnix, normalizePathToUnix, normalizeIgnored, getAbsolutePath, EMPTY_SET, DirEntry, STAT_METHOD_F, STAT_METHOD_L, WatchHelper, FSWatcher;
 var init_esm2 = __esm({
   "../../node_modules/.pnpm/chokidar@4.0.1/node_modules/chokidar/esm/index.js"() {
     init_import_meta_url();
     import_fs12 = require("fs");
-    import_promises25 = require("fs/promises");
+    import_promises26 = require("fs/promises");
     import_events4 = require("events");
     sysPath2 = __toESM(require("path"), 1);
     init_esm();
@@ -57775,7 +57775,7 @@ var init_esm2 = __esm({
           return;
         const dir = this.path;
         try {
-          await (0, import_promises25.readdir)(dir);
+          await (0, import_promises26.readdir)(dir);
         } catch (err) {
           if (this._removeWatcher) {
             this._removeWatcher(sysPath2.dirname(dir), sysPath2.basename(dir));
@@ -58106,7 +58106,7 @@ var init_esm2 = __esm({
           const fullPath = opts.cwd ? sysPath2.join(opts.cwd, path69) : path69;
           let stats2;
           try {
-            stats2 = await (0, import_promises25.stat)(fullPath);
+            stats2 = await (0, import_promises26.stat)(fullPath);
           } catch (err) {
           }
           if (!stats2 || this.closed)
@@ -58234,8 +58234,8 @@ var init_esm2 = __esm({
         }
         return this._userIgnored(path69, stats);
       }
-      _isntIgnored(path69, stat8) {
-        return !this._isIgnored(path69, stat8);
+      _isntIgnored(path69, stat9) {
+        return !this._isIgnored(path69, stat9);
       }
       /**
        * Provides a set of common helpers and properties relating to symlink handling.
@@ -69377,14 +69377,14 @@ var init_retry_wrapper = __esm({
 });
 
 // ../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.716.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js
-var import_promises27, AWS_CONTAINER_CREDENTIALS_RELATIVE_URI, DEFAULT_LINK_LOCAL_HOST, AWS_CONTAINER_CREDENTIALS_FULL_URI, AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE, AWS_CONTAINER_AUTHORIZATION_TOKEN, fromHttp;
+var import_promises28, AWS_CONTAINER_CREDENTIALS_RELATIVE_URI, DEFAULT_LINK_LOCAL_HOST, AWS_CONTAINER_CREDENTIALS_FULL_URI, AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE, AWS_CONTAINER_AUTHORIZATION_TOKEN, fromHttp;
 var init_fromHttp = __esm({
   "../../node_modules/.pnpm/@aws-sdk+credential-provider-http@3.716.0/node_modules/@aws-sdk/credential-provider-http/dist-es/fromHttp/fromHttp.js"() {
     init_import_meta_url();
     init_client2();
     init_dist_es11();
     init_dist_es16();
-    import_promises27 = __toESM(require("fs/promises"));
+    import_promises28 = __toESM(require("fs/promises"));
     init_checkUrl();
     init_requestHelpers();
     init_retry_wrapper();
@@ -69428,7 +69428,7 @@ Set AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI
         if (token) {
           request4.headers.Authorization = token;
         } else if (tokenFile) {
-          request4.headers.Authorization = (await import_promises27.default.readFile(tokenFile)).toString();
+          request4.headers.Authorization = (await import_promises28.default.readFile(tokenFile)).toString();
         }
         try {
           const result = await requestHandler.handle(request4);
@@ -81177,7 +81177,7 @@ var import_undici3 = __toESM(require_undici());
 
 // package.json
 var name = "wrangler";
-var version = "4.0.0";
+var version = "4.2.0";
 
 // src/environment-variables/misc-variables.ts
 init_import_meta_url();
@@ -83598,7 +83598,7 @@ function checkType(type) {
   throw new Error(`Invalid type specified: ${type}`);
 }
 __name(checkType, "checkType");
-var matchType = /* @__PURE__ */ __name((type, stat8) => type === void 0 || stat8[typeMappings[type]](), "matchType");
+var matchType = /* @__PURE__ */ __name((type, stat9) => type === void 0 || stat9[typeMappings[type]](), "matchType");
 var toPath = /* @__PURE__ */ __name((urlOrPath) => urlOrPath instanceof URL ? (0, import_node_url.fileURLToPath)(urlOrPath) : urlOrPath, "toPath");
 function locatePathSync(paths, {
   cwd: cwd2 = import_node_process2.default.cwd(),
@@ -83610,8 +83610,8 @@ function locatePathSync(paths, {
   const statFunction = allowSymlinks ? import_node_fs3.default.statSync : import_node_fs3.default.lstatSync;
   for (const path_ of paths) {
     try {
-      const stat8 = statFunction(import_node_path6.default.resolve(cwd2, path_));
-      if (matchType(type, stat8)) {
+      const stat9 = statFunction(import_node_path6.default.resolve(cwd2, path_));
+      if (matchType(type, stat9)) {
         return path_;
       }
     } catch {
@@ -85513,7 +85513,7 @@ function normalizeAndValidateEnvironment(diagnostics, configPath, rawEnv, isDisp
       envName,
       "containers",
       validateContainerAppConfig,
-      { app: [] }
+      void 0
     ),
     send_email: notInheritable(
       diagnostics,
@@ -86335,52 +86335,45 @@ Please add a binding for "${configBindingName}" to "env.${envName}.${field}.bind
 }, "validateBindingArray");
 var validateContainerAppConfig = /* @__PURE__ */ __name((diagnostics, _field, value) => {
   if (!value) {
-    diagnostics.errors.push(
-      `"containers" should be an object, but got a falsy value`
-    );
-    return false;
+    return true;
   }
   if (typeof value !== "object") {
     diagnostics.errors.push(
-      `"containers" should be an object, but got ${typeof value}`
-    );
-    return false;
-  }
-  if (Array.isArray(value)) {
-    diagnostics.errors.push(
-      `"containers" should be an object, but got an array`
+      `"containers" should be an object, but got ${JSON.stringify(value)}`
     );
     return false;
   }
-  if (!("app" in value)) {
-    return true;
-  }
-  value = value.app;
   if (!Array.isArray(value)) {
     diagnostics.errors.push(
-      `"containers.app" should be an array, but got ${JSON.stringify(value)}`
+      `"containers" should be an array, but got ${JSON.stringify(value)}`
     );
     return false;
   }
   for (const containerApp of value) {
     const containerAppOptional = containerApp;
-    if (!isRequiredProperty(containerAppOptional, "instances", "number")) {
-      diagnostics.errors.push(
-        `"containers.app.instances" should be defined and an integer`
-      );
-    }
     if (!isRequiredProperty(containerAppOptional, "name", "string")) {
       diagnostics.errors.push(
-        `"containers.app.name" should be defined and a string`
+        `"containers.name" should be defined and a string`
       );
     }
+    if ("image" in containerAppOptional && containerAppOptional.image !== void 0) {
+      if (containerAppOptional.configuration?.image !== void 0) {
+        diagnostics.errors.push(
+          `"containers.image" and "containers.configuration.image" can't be defined at the same time`
+        );
+        return false;
+      }
+      containerAppOptional.configuration ??= {
+        image: containerAppOptional.image
+      };
+      containerAppOptional.configuration.image = containerAppOptional.image;
+      delete containerAppOptional["image"];
+    }
     if (!("configuration" in containerAppOptional)) {
-      diagnostics.errors.push(
-        `"containers.app.configuration" should be defined`
-      );
+      diagnostics.errors.push(`"containers.configuration" should be defined`);
     } else if (Array.isArray(containerAppOptional.configuration)) {
       diagnostics.errors.push(
-        `"containers.app.configuration" is defined as an array, it should be an object`
+        `"containers.configuration" is defined as an array, it should be an object`
       );
     } else if (!isRequiredProperty(
       containerAppOptional.configuration,
@@ -86388,7 +86381,7 @@ var validateContainerAppConfig = /* @__PURE__ */ __name((diagnostics, _field, va
       "string"
     )) {
       diagnostics.errors.push(
-        `"containers.app.configuration.image" should be defined and a string`
+        `"containers.image" should be defined and a string`
       );
     }
   }
@@ -87399,7 +87392,7 @@ var defaultWranglerConfig = {
   /** NON-INHERITABLE ENVIRONMENT FIELDS **/
   define: {},
   cloudchamber: {},
-  containers: { app: [] },
+  containers: void 0,
   send_email: [],
   browser: void 0,
   unsafe: {},
@@ -87415,6 +87408,7 @@ var supportedPagesConfigFields = [
   "compatibility_date",
   "compatibility_flags",
   "send_metrics",
+  "no_bundle",
   "limits",
   "placement",
   "vars",
@@ -89824,45 +89818,45 @@ var import_child_process = require("child_process");
 var import_undici = __toESM(require_undici());
 var cache = {};
 var usesAccessCache = /* @__PURE__ */ new Map();
-async function domainUsesAccess(domain3) {
-  logger.debug("Checking if domain has Access enabled:", domain3);
-  if (usesAccessCache.has(domain3)) {
+async function domainUsesAccess(domain4) {
+  logger.debug("Checking if domain has Access enabled:", domain4);
+  if (usesAccessCache.has(domain4)) {
     logger.debug(
       "Using cached Access switch for:",
-      domain3,
-      usesAccessCache.get(domain3)
+      domain4,
+      usesAccessCache.get(domain4)
     );
-    return usesAccessCache.get(domain3);
+    return usesAccessCache.get(domain4);
   }
-  logger.debug("Access switch not cached for:", domain3);
+  logger.debug("Access switch not cached for:", domain4);
   try {
     const controller = new AbortController();
     const cancel3 = setTimeout(() => {
       controller.abort();
     }, 1e3);
-    const output = await (0, import_undici.fetch)(`https://${domain3}`, {
+    const output = await (0, import_undici.fetch)(`https://${domain4}`, {
       redirect: "manual",
       signal: controller.signal
     });
     clearTimeout(cancel3);
     const usesAccess = !!(output.status === 302 && output.headers.get("location")?.includes("cloudflareaccess.com"));
-    logger.debug("Caching access switch for:", domain3);
-    usesAccessCache.set(domain3, usesAccess);
+    logger.debug("Caching access switch for:", domain4);
+    usesAccessCache.set(domain4, usesAccess);
     return usesAccess;
   } catch (e7) {
-    usesAccessCache.set(domain3, false);
+    usesAccessCache.set(domain4, false);
     return false;
   }
 }
 __name(domainUsesAccess, "domainUsesAccess");
-async function getAccessToken(domain3) {
-  if (!await domainUsesAccess(domain3)) {
+async function getAccessToken(domain4) {
+  if (!await domainUsesAccess(domain4)) {
     return void 0;
   }
-  if (cache[domain3]) {
-    return cache[domain3];
+  if (cache[domain4]) {
+    return cache[domain4];
   }
-  const output = (0, import_child_process.spawnSync)("cloudflared", ["access", "login", domain3]);
+  const output = (0, import_child_process.spawnSync)("cloudflared", ["access", "login", domain4]);
   if (output.error) {
     throw new UserError(
       "To use Wrangler with Cloudflare Access, please install `cloudflared` from https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation"
@@ -89871,7 +89865,7 @@ async function getAccessToken(domain3) {
   const stringOutput = output.stdout.toString();
   const matches = stringOutput.match(/fetched your token:\n\n(.*)/m);
   if (matches && matches.length >= 2) {
-    cache[domain3] = matches[1];
+    cache[domain4] = matches[1];
     return matches[1];
   }
   throw new Error("Failed to authenticate with Cloudflare Access");
@@ -94741,7 +94735,7 @@ var NoOpProxyController = class extends ProxyController {
 init_import_meta_url();
 var import_node_assert24 = __toESM(require("node:assert"));
 var import_node_fs31 = require("node:fs");
-var import_promises36 = require("node:fs/promises");
+var import_promises37 = require("node:fs/promises");
 var path62 = __toESM(require("node:path"));
 
 // ../workers-shared/index.ts
@@ -104078,6 +104072,7 @@ function createWorkerUploadForm(worker) {
   const metadata = {
     ...main2.type !== "commonjs" ? { main_module: main2.name } : { body_part: main2.name },
     bindings: metadataBindings,
+    containers: worker.containers === void 0 ? void 0 : worker.containers.map((c6) => ({ class_name: c6.class_name })),
     ...compatibility_date && { compatibility_date },
     ...compatibility_flags && {
       compatibility_flags
@@ -105163,22 +105158,22 @@ __name(triggersDeploy, "triggersDeploy");
 
 // src/utils/friendly-validator-errors.ts
 init_import_meta_url();
-var import_promises35 = require("node:fs/promises");
+var import_promises36 = require("node:fs/promises");
 var import_node_path58 = __toESM(require("node:path"));
 
 // src/check/commands.ts
 init_import_meta_url();
 var import_crypto6 = require("crypto");
-var import_promises33 = require("fs/promises");
+var import_promises34 = require("fs/promises");
 var import_node_events4 = __toESM(require("node:events"));
-var import_promises34 = require("node:fs/promises");
+var import_promises35 = require("node:fs/promises");
 var import_path23 = __toESM(require("path"));
 var import_miniflare22 = require("miniflare");
 
 // src/index.ts
 init_import_meta_url();
 var import_node_os7 = __toESM(require("node:os"));
-var import_promises32 = require("node:timers/promises");
+var import_promises33 = require("node:timers/promises");
 var import_undici20 = __toESM(require_undici());
 
 // ../../node_modules/.pnpm/yargs@17.7.2/node_modules/yargs/index.mjs
@@ -110165,12 +110160,12 @@ var ImageRegistriesService = class {
    * @returns AccountRegistryToken Credentials with 'pull' or 'push' permissions to access the registry
    * @throws ApiError
    */
-  static generateImageRegistryCredentials(domain3, requestBody) {
+  static generateImageRegistryCredentials(domain4, requestBody) {
     return request(OpenAPI, {
       method: "POST",
       url: "/registries/{domain}/credentials",
       path: {
-        domain: domain3
+        domain: domain4
       },
       body: requestBody,
       mediaType: "application/json",
@@ -110189,12 +110184,12 @@ var ImageRegistriesService = class {
    * @returns EmptyResponse The image registry is deleted
    * @throws ApiError
    */
-  static deleteImageRegistry(domain3) {
+  static deleteImageRegistry(domain4) {
     return request(OpenAPI, {
       method: "DELETE",
       url: "/registries/{domain}",
       path: {
-        domain: domain3
+        domain: domain4
       },
       errors: {
         404: `The image registry does not exist`,
@@ -110437,8 +110432,8 @@ var imageRe = (() => {
   const alphaNumeric = "[a-z0-9]+";
   const separator = "(?:\\.|_|__|-+)";
   const port = ":[0-9]+";
-  const domain3 = `${alphaNumeric}(?:${separator}${alphaNumeric})*`;
-  const name2 = `(?:${domain3}(?:${port})?/)?(?:${domain3}/)*(?:${domain3})`;
+  const domain4 = `${alphaNumeric}(?:${separator}${alphaNumeric})*`;
+  const name2 = `(?:${domain4}(?:${port})?/)?(?:${domain4}/)*(?:${domain4})`;
   const tag = ":([a-zA-Z0-9_][a-zA-Z0-9._-]{0,127})";
   const digest = "@(sha256:[A-Fa-f0-9]+)";
   const reference = `(?:${tag}(?:${digest})?|${digest})`;
@@ -111080,7 +111075,7 @@ function applicationToCreateApplication(application) {
 __name(applicationToCreateApplication, "applicationToCreateApplication");
 function containerAppToCreateApplication(containerApp, skipDefaults = false) {
   const configuration = containerApp.configuration;
-  return {
+  const app = {
     ...containerApp,
     configuration,
     scheduling_policy: containerApp.scheduling_policy ?? "regional" /* REGIONAL */,
@@ -111094,6 +111089,9 @@ function containerAppToCreateApplication(containerApp, skipDefaults = false) {
       )
     }
   };
+  delete app["class_name"];
+  delete app["image"];
+  return app;
 }
 __name(containerAppToCreateApplication, "containerAppToCreateApplication");
 function isNumber(c6) {
@@ -111232,21 +111230,20 @@ async function applyCommand(args, config) {
     "Deploy a container application",
     "deploy changes to your application"
   );
-  if (config.containers.app.length === 0) {
+  config.containers ??= [];
+  if (config.containers.length === 0) {
     endSection(
       "You don't have any container applications defined in your wrangler.toml",
       "You can set the following configuration in your wrangler.toml"
     );
     const configuration = {
-      configuration: {
-        image: "docker.io/cloudflare/hello-world:1.0"
-      },
+      image: "docker.io/cloudflare/hello-world:1.0",
       instances: 2,
       name: config.name ?? "my-containers-application"
     };
     const endConfig = args.env !== void 0 ? {
-      env: { [args.env]: { containers: { app: [configuration] } } }
-    } : { containers: { app: [configuration] } };
+      env: { [args.env]: { containers: [configuration] } }
+    } : { containers: [configuration] };
     formatConfigSnippet(endConfig, config.configPath).split("\n").forEach((el) => {
       printLine(el, "  ", logRaw);
     });
@@ -111262,7 +111259,7 @@ async function applyCommand(args, config) {
   }
   const actions = [];
   log(dim("Container application changes\n"));
-  for (const appConfigNoDefaults of config.containers.app) {
+  for (const appConfigNoDefaults of config.containers) {
     const appConfig = containerAppToCreateApplication(
       appConfigNoDefaults,
       args.skipDefaults
@@ -111273,18 +111270,16 @@ async function applyCommand(args, config) {
         stripUndefined(applicationToCreateApplication(application))
       );
       const prev = formatConfigSnippet(
-        { containers: { app: [prevApp] } },
+        { containers: [prevApp] },
         config.configPath
       );
       const now = formatConfigSnippet(
         {
-          containers: {
-            app: [
-              sortObjectRecursive(
-                appConfig
-              )
-            ]
-          }
+          containers: [
+            sortObjectRecursive(
+              appConfig
+            )
+          ]
         },
         config.configPath
       );
@@ -111364,15 +111359,16 @@ async function applyCommand(args, config) {
     }
     updateStatus(bold.underline(green.underline("NEW")) + ` ${appConfig.name}`);
     const s5 = formatConfigSnippet(
-      { containers: { app: [appConfig] } },
+      { containers: [appConfig] },
       config.configPath
     );
     s5.split("\n").map((line) => line.trim()).forEach((el) => {
       printLine(el, "  ");
     });
+    const configToPush = { ...appConfig };
     actions.push({
       action: "create",
-      application: appConfig
+      application: configToPush
     });
   }
   if (actions.length == 0) {
@@ -111473,6 +111469,7 @@ __name(applyCommand, "applyCommand");
 // src/cloudchamber/build.ts
 init_import_meta_url();
 var import_child_process2 = require("child_process");
+var import_promises10 = require("fs/promises");
 var domain = "registry.cloudchamber.cfdata.org";
 async function dockerLoginManagedRegistry(options32) {
   const dockerPath = options32.pathToDocker ?? "docker";
@@ -111516,17 +111513,18 @@ async function constructBuildCommand(options32) {
   return defaultBuildCommand;
 }
 __name(constructBuildCommand, "constructBuildCommand");
-async function dockerBuild(options32) {
-  const buildCmd = options32.buildCmd.split(" ").slice(1);
-  const buildExec = options32.buildCmd.split(" ").shift();
-  const child = (0, import_child_process2.spawn)(String(buildExec), buildCmd, { stdio: "inherit" }).on(
-    "error",
-    (err) => {
-      throw err;
-    }
-  );
-  await new Promise((resolve24) => {
-    child.on("close", resolve24);
+function dockerBuild(options32) {
+  return new Promise((resolve24, reject) => {
+    const buildCmd = options32.buildCmd.split(" ").slice(1);
+    const buildExec = options32.buildCmd.split(" ").shift();
+    const child = (0, import_child_process2.spawn)(String(buildExec), buildCmd, { stdio: "inherit" });
+    child.on("exit", (code) => {
+      if (code === 0) {
+        resolve24();
+      } else {
+        reject(new Error(`Build exited with code: ${code}`));
+      }
+    });
   });
 }
 __name(dockerBuild, "dockerBuild");
@@ -111596,13 +111594,28 @@ function pushYargs(yargs) {
   }).positional("TAG", { type: "string", demandOption: true });
 }
 __name(pushYargs, "pushYargs");
+async function isDir(path69) {
+  const stats = await (0, import_promises10.stat)(path69);
+  return await stats.isDirectory();
+}
+__name(isDir, "isDir");
 async function buildCommand(args, _4) {
+  try {
+    const dir = await isDir(args.PATH);
+    if (!dir) {
+      logRaw(`PATH must be a directory`);
+      return;
+    }
+  } catch (error2) {
+    logRaw(`Error when checking ${args.PATH}: ${error2}`);
+    return;
+  }
   try {
     await constructBuildCommand({
       imageTag: args.tag,
       pathToDockerfile: args.PATH,
       pathToDocker: args.pathToDocker
-    }).then(async (bc2) => dockerBuild({ buildCmd: bc2 })).then(async () => {
+    }).then((bc2) => dockerBuild({ buildCmd: bc2 })).then(async () => {
       if (args.push) {
         await dockerLoginManagedRegistry({
           pathToDocker: args.pathToDocker
@@ -111615,7 +111628,7 @@ async function buildCommand(args, _4) {
     if (error2 instanceof Error) {
       logRaw(error2.message);
     } else {
-      logRaw("An unknown error occurred");
+      logRaw("Unknown error");
     }
   }
 }
@@ -112078,7 +112091,7 @@ __name(getNetworkInput, "getNetworkInput");
 
 // src/cloudchamber/ssh/ssh.ts
 init_import_meta_url();
-var import_promises10 = require("fs/promises");
+var import_promises11 = require("fs/promises");
 var import_os3 = require("os");
 var import_process4 = require("process");
 
@@ -112142,7 +112155,7 @@ function createSSHPublicKeyOptionalYargs(yargs) {
 __name(createSSHPublicKeyOptionalYargs, "createSSHPublicKeyOptionalYargs");
 async function retrieveSSHKey(sshKeyPath, { json } = { json: false }) {
   try {
-    const file = (await (0, import_promises10.readFile)(sshKeyPath)).toString();
+    const file = (await (0, import_promises11.readFile)(sshKeyPath)).toString();
     validatePublicSSHKeyCLI(file, { json });
     return file;
   } catch (err) {
@@ -112223,10 +112236,10 @@ async function tryToRetrieveAllDefaultSSHKeyPaths() {
   const path69 = `${HOME}/.ssh`;
   const paths = [];
   try {
-    const dirList = await (0, import_promises10.readdir)(path69);
+    const dirList = await (0, import_promises11.readdir)(path69);
     for (const file of dirList) {
       if (file.endsWith(".pub")) {
-        const s5 = await (0, import_promises10.stat)(`${path69}/${file}`);
+        const s5 = await (0, import_promises11.stat)(`${path69}/${file}`);
         if (s5.isFile()) {
           paths.push(`${path69}/${file}`);
         }
@@ -112268,7 +112281,7 @@ async function shouldPromptForNewSSHKeyAppear(keys = void 0) {
     }
     let foundValidSSHKeyThatDontExist = false;
     for (const defaultSSHKeyPath of defaultSSHKeyPaths) {
-      const file = (await (0, import_promises10.readFile)(defaultSSHKeyPath)).toString().trim();
+      const file = (await (0, import_promises11.readFile)(defaultSSHKeyPath)).toString().trim();
       try {
         validateSSHKey(file);
       } catch {
@@ -113130,7 +113143,7 @@ public_key: ${dim(
 __name(handleListImageRegistriesCommand, "handleListImageRegistriesCommand");
 async function handleConfigureImageRegistryCommand(args, _config) {
   startSection("Configure a Docker registry in Cloudflare");
-  const domain3 = await processArgument({ domain: args.domain }, "domain", {
+  const domain4 = await processArgument({ domain: args.domain }, "domain", {
     type: "text",
     question: "What is the domain of your registry?",
     validate: /* @__PURE__ */ __name((text) => {
@@ -113152,7 +113165,7 @@ async function handleConfigureImageRegistryCommand(args, _config) {
   const [registry, err] = await wrap2(
     promiseSpinner(
       ImageRegistriesService.createImageRegistry({
-        domain: domain3,
+        domain: domain4,
         is_public: isPublic
       })
     )
@@ -113184,6 +113197,199 @@ async function handleConfigureImageRegistryCommand(args, _config) {
 }
 __name(handleConfigureImageRegistryCommand, "handleConfigureImageRegistryCommand");
 
+// src/cloudchamber/images/list.ts
+init_import_meta_url();
+var domain2 = "registry.cloudchamber.cfdata.org";
+var imagesCommand = /* @__PURE__ */ __name((yargs) => {
+  return yargs.command(
+    "list",
+    "perform operations on images in your cloudchamber registry",
+    (args) => listImagesYargs(args),
+    (args) => handleFailure(async (_args, config) => {
+      await handleListImagesCommand(args, config);
+    })(args)
+  ).command(
+    "delete [image]",
+    "remove an image from your cloudchamber registry",
+    (args) => deleteImageYargs(args),
+    (args) => handleFailure(async (_args, config) => {
+      await handleDeleteImageCommand(args, config);
+    })(args)
+  );
+}, "imagesCommand");
+function deleteImageYargs(yargs) {
+  return yargs.positional("image", {
+    type: "string",
+    description: "image to delete",
+    demandOption: true
+  });
+}
+__name(deleteImageYargs, "deleteImageYargs");
+function listImagesYargs(yargs) {
+  return yargs.option("filter", {
+    type: "string",
+    description: "Regex to filter results"
+  });
+}
+__name(listImagesYargs, "listImagesYargs");
+async function handleDeleteImageCommand(args, _config) {
+  try {
+    if (!args.image.includes(":")) {
+      throw new Error(`Must provide a tag to delete`);
+    }
+    return await promiseSpinner(
+      getCreds().then(async (creds) => {
+        const url4 = new URL(`https://${domain2}`);
+        const baseUrl = `${url4.protocol}//${url4.host}`;
+        const [image, tag] = args.image.split(":");
+        await deleteTag(baseUrl, image, tag, creds);
+        const gcUrl = `${baseUrl}/v2/gc/layers`;
+        const gcResponse = await fetch(gcUrl, {
+          method: "PUT",
+          headers: {
+            Authorization: `Basic ${creds}`,
+            "Content-Type": "application/json"
+          }
+        });
+        if (!gcResponse.ok) {
+          throw new Error(
+            `Failed to delete image ${args.image}: ${gcResponse.status} ${gcResponse.statusText}`
+          );
+        }
+        await logger.log(`Deleted tag: ${args.image}`);
+      }),
+      { message: "Deleting", json: args.json }
+    );
+  } catch (error2) {
+    logger.log(`Error when removing image: ${error2}`);
+  }
+}
+__name(handleDeleteImageCommand, "handleDeleteImageCommand");
+async function handleListImagesCommand(args, _config) {
+  try {
+    return await promiseSpinner(
+      getCreds().then(async (creds) => {
+        const repos = await listRepos(creds);
+        const tags = [];
+        for (const repo of repos) {
+          const stripped = repo.replace(/^\/+/, "");
+          const regex2 = new RegExp(args.filter ?? "");
+          if (regex2.test(stripped)) {
+            const repoTags = await listTags(stripped, creds);
+            tags.push({ name: stripped, tags: repoTags });
+          }
+        }
+        await ListTags(tags, false, args.json);
+      }),
+      { message: "Listing", json: args.json }
+    );
+  } catch (error2) {
+    logger.log(`Error listing images: ${error2}`);
+  }
+}
+__name(handleListImagesCommand, "handleListImagesCommand");
+async function ListTags(responses, digests = false, json = false) {
+  if (!digests) {
+    responses = responses.map((resp) => {
+      return {
+        name: resp.name,
+        tags: resp.tags.filter((t7) => !t7.startsWith("sha256"))
+      };
+    });
+  }
+  responses = responses.filter((resp) => {
+    return resp.tags !== void 0 && resp.tags.length != 0;
+  });
+  if (json) {
+    logger.log(JSON.stringify(responses, null, 2));
+  } else {
+    const rows = responses.map((resp) => {
+      return {
+        REPOSITORY: resp.name,
+        TAG: resp.tags.join(" ")
+      };
+    }).flat();
+    logger.table(rows);
+  }
+}
+__name(ListTags, "ListTags");
+async function listTags(repo, creds) {
+  const url4 = new URL(`https://${domain2}`);
+  const baseUrl = `${url4.protocol}//${url4.host}`;
+  const tagsUrl = `${baseUrl}/v2/${repo}/tags/list`;
+  const tagsResponse = await fetch(tagsUrl, {
+    method: "GET",
+    headers: {
+      Authorization: `Basic ${creds}`
+    }
+  });
+  const tagsData = await tagsResponse.json();
+  return tagsData.tags || [];
+}
+__name(listTags, "listTags");
+async function listRepos(creds) {
+  const url4 = new URL(`https://${domain2}`);
+  const catalogUrl = `${url4.protocol}//${url4.host}/v2/_catalog`;
+  const response = await fetch(catalogUrl, {
+    method: "GET",
+    headers: {
+      Authorization: `Basic ${creds}`
+    }
+  });
+  if (!response.ok) {
+    console.log(JSON.stringify(response));
+    throw new Error(
+      `Failed to fetch repository catalog: ${response.status} ${response.statusText}`
+    );
+  }
+  const data = await response.json();
+  return data.repositories || [];
+}
+__name(listRepos, "listRepos");
+async function deleteTag(baseUrl, image, tag, creds) {
+  const manifestAcceptHeader = "application/vnd.oci.image.manifest.v1+json, application/vnd.docker.distribution.manifest.v2+json";
+  const manifestUrl = `${baseUrl}/v2/${image}/manifests/${tag}`;
+  const headResponse = await fetch(manifestUrl, {
+    method: "HEAD",
+    headers: {
+      Authorization: `Basic ${creds}`,
+      Accept: manifestAcceptHeader
+    }
+  });
+  if (!headResponse.ok) {
+    throw new Error(
+      `failed to retrieve tag info for ${tag}: ${headResponse.status} ${headResponse.statusText}`
+    );
+  }
+  const digest = headResponse.headers.get("Docker-Content-Digest");
+  if (!digest) {
+    throw new Error(`Digest not found for tag "${tag}".`);
+  }
+  const deleteUrl = `${baseUrl}/v2/${image}/manifests/${tag}`;
+  const deleteResponse = await fetch(deleteUrl, {
+    method: "DELETE",
+    headers: {
+      Authorization: `Basic ${creds}`,
+      Accept: manifestAcceptHeader
+    }
+  });
+  if (!deleteResponse.ok) {
+    throw new Error(
+      `Failed to delete tag "${tag}" (digest: ${digest}): ${deleteResponse.status} ${deleteResponse.statusText}`
+    );
+  }
+}
+__name(deleteTag, "deleteTag");
+async function getCreds() {
+  return await ImageRegistriesService.generateImageRegistryCredentials(domain2, {
+    expiration_minutes: 5,
+    permissions: ["pull", "push"]
+  }).then(async (credentials) => {
+    return Buffer.from(`v1:${credentials.password}`).toString("base64");
+  });
+}
+__name(getCreds, "getCreds");
+
 // src/cloudchamber/list.ts
 init_import_meta_url();
 function listDeploymentsYargs(args) {
@@ -113592,6 +113798,10 @@ var cloudchamber = /* @__PURE__ */ __name((yargs, subHelp) => {
     "push a tagged image to a Cloudflare managed registry, which is automatically integrated with your account",
     (args) => pushYargs(args),
     (args) => handleFailure(pushCommand)(args)
+  ).command(
+    "images",
+    "perform operations on images in your clouchamber registry",
+    (args) => imagesCommand(args).command(subHelp)
   );
 }, "cloudchamber");
 
@@ -114778,7 +114988,7 @@ __name(checkForSQLiteBinary, "checkForSQLiteBinary");
 
 // src/d1/export.ts
 init_import_meta_url();
-var import_promises11 = __toESM(require("node:fs/promises"));
+var import_promises12 = __toESM(require("node:fs/promises"));
 var import_node_path29 = __toESM(require("node:path"));
 var import_miniflare18 = require("miniflare");
 var import_undici10 = __toESM(require_undici());
@@ -114859,7 +115069,7 @@ async function exportLocal(config, name2, output, tables, noSchema, noData) {
   logger.log(`\u{1F300} Exporting SQL to ${output}...`);
   try {
     const dump = await db.prepare(`PRAGMA miniflare_d1_export(?,?,?);`).bind(noSchema, noData, ...tables).raw();
-    await import_promises11.default.writeFile(output, dump[0].join("\n"));
+    await import_promises12.default.writeFile(output, dump[0].join("\n"));
   } catch (e7) {
     throw new UserError(e7.message);
   } finally {
@@ -114904,7 +115114,7 @@ async function exportRemotely(config, name2, output, tables, noSchema, noData) {
           `There was an error while downloading from the presigned URL with status code: ${contents.status}`
         );
       }
-      await import_promises11.default.writeFile(output, contents.body || "");
+      await import_promises12.default.writeFile(output, contents.body || "");
     }
   });
   logger.log(`\u{1F300} Downloaded to ${output} successfully!`);
@@ -117152,7 +117362,8 @@ async function handler4(args) {
   const database = await createConfig(config, {
     name: args.name,
     origin,
-    caching: getCacheOptionsFromArgs(args)
+    caching: getCacheOptionsFromArgs(args),
+    mtls: getMtlsFromArgs(args)
   });
   logger.log(`\u2705 Created new Hyperdrive config: ${database.id}`);
   logger.log(
@@ -117223,7 +117434,8 @@ async function handler7(args) {
       host: database.origin.host ?? "",
       port: database.origin.port?.toString() ?? "",
       database: database.origin.database ?? "",
-      caching: JSON.stringify(database.caching)
+      caching: JSON.stringify(database.caching),
+      mtls: JSON.stringify(database.mtls)
     }))
   );
 }
@@ -117249,7 +117461,8 @@ async function handler8(args) {
   const updated = await patchConfig(config, args.id, {
     name: args.name,
     origin,
-    caching: getCacheOptionsFromArgs(args)
+    caching: getCacheOptionsFromArgs(args),
+    mtls: getMtlsFromArgs(args)
   });
   logger.log(
     `\u2705 Updated ${updated.id} Hyperdrive config
@@ -117346,6 +117559,14 @@ function upsertOptions(yargs) {
     swr: {
       type: "number",
       describe: "Indicates the number of seconds cache may serve the response after it becomes stale, cannot be set when caching is disabled"
+    },
+    "ca-certificate-uuid": {
+      type: "string",
+      describe: "Sets custom CA certificate when connecting to origin database. Must be valid UUID of already uploaded CA certificate."
+    },
+    "mtls-certificate-uuid": {
+      type: "string",
+      describe: "Sets custom mTLS client certificates when connecting to origin database. Must be valid UUID of already uploaded public/private key certificates."
     }
   }).group(
     ["connection-string"],
@@ -117494,10 +117715,22 @@ function getCacheOptionsFromArgs(args) {
   }
 }
 __name(getCacheOptionsFromArgs, "getCacheOptionsFromArgs");
+function getMtlsFromArgs(args) {
+  const mtls = {
+    ca_certificate_uuid: args.caCertificateUuid,
+    mtls_certificate_uuid: args.mtlsCertificateUuid
+  };
+  if (JSON.stringify(mtls) === "{}") {
+    return void 0;
+  } else {
+    return mtls;
+  }
+}
+__name(getMtlsFromArgs, "getMtlsFromArgs");
 
 // src/init.ts
 init_import_meta_url();
-var import_promises12 = require("node:fs/promises");
+var import_promises13 = require("node:fs/promises");
 var import_node_path35 = __toESM(require("node:path"));
 var import_toml4 = __toESM(require_toml());
 
@@ -117601,9 +117834,9 @@ async function initHandler(args) {
       throw err;
     }
     const creationDir = import_node_path35.default.join(process.cwd(), args.fromDash);
-    await (0, import_promises12.mkdir)(creationDir, { recursive: true });
+    await (0, import_promises13.mkdir)(creationDir, { recursive: true });
     const { modules, config } = await downloadWorker(accountId, args.fromDash);
-    await (0, import_promises12.mkdir)(import_node_path35.default.join(creationDir, "./src"), {
+    await (0, import_promises13.mkdir)(import_node_path35.default.join(creationDir, "./src"), {
       recursive: true
     });
     config.main = `src/${config.main}`;
@@ -117613,12 +117846,12 @@ async function initHandler(args) {
         files.map(async (file) => {
           const filepath = import_node_path35.default.join(creationDir, `./src/${file.name}`);
           const directory = (0, import_node_path35.dirname)(filepath);
-          await (0, import_promises12.mkdir)(directory, { recursive: true });
-          await (0, import_promises12.writeFile)(filepath, file.stream());
+          await (0, import_promises13.mkdir)(directory, { recursive: true });
+          await (0, import_promises13.writeFile)(filepath, file.stream());
         })
       );
     }
-    await (0, import_promises12.writeFile)(
+    await (0, import_promises13.writeFile)(
       import_node_path35.default.join(creationDir, "wrangler.toml"),
       import_toml4.default.stringify(config)
     );
@@ -118963,7 +119196,7 @@ init_import_meta_url();
 init_import_meta_url();
 var import_node_crypto11 = require("node:crypto");
 var import_node_fs20 = require("node:fs");
-var import_promises17 = require("node:fs/promises");
+var import_promises18 = require("node:fs/promises");
 var import_node_path44 = __toESM(require("node:path"));
 
 // src/api/pages/create-worker-bundle-contents.ts
@@ -119020,7 +119253,7 @@ var import_node_path43 = require("node:path");
 
 // src/pages/functions/buildPlugin.ts
 init_import_meta_url();
-var import_promises14 = require("node:fs/promises");
+var import_promises15 = require("node:fs/promises");
 var import_node_path39 = require("node:path");
 
 // src/pages/utils.ts
@@ -119086,7 +119319,7 @@ __name(debounce, "debounce");
 // src/pages/functions/buildWorker.ts
 init_import_meta_url();
 var import_node_crypto10 = __toESM(require("node:crypto"));
-var import_promises13 = require("node:fs/promises");
+var import_promises14 = require("node:fs/promises");
 var import_node_path38 = require("node:path");
 var import_esbuild3 = require("esbuild");
 function buildWorkerFromFunctions({
@@ -119367,8 +119600,8 @@ function assetsPlugin(buildOutputDirectory) {
           args.resolveDir,
           args.path.slice("assets:".length)
         );
-        const exists = await (0, import_promises13.access)(directory).then(() => true).catch(() => false);
-        const isDirectory2 = exists && (await (0, import_promises13.lstat)(directory)).isDirectory();
+        const exists = await (0, import_promises14.access)(directory).then(() => true).catch(() => false);
+        const isDirectory2 = exists && (await (0, import_promises14.lstat)(directory)).isDirectory();
         if (!isDirectory2) {
           return {
             errors: [
@@ -119397,11 +119630,11 @@ function assetsPlugin(buildOutputDirectory) {
               "pages-plugins",
               identifier
             );
-            await (0, import_promises13.rm)(staticAssetsOutputDirectory, {
+            await (0, import_promises14.rm)(staticAssetsOutputDirectory, {
               force: true,
               recursive: true
             });
-            await (0, import_promises13.cp)(args.path, staticAssetsOutputDirectory, {
+            await (0, import_promises14.cp)(args.path, staticAssetsOutputDirectory, {
               force: true,
               recursive: true
             });
@@ -119480,8 +119713,8 @@ function buildPluginFromFunctions({
               args.resolveDir,
               args.path.slice("assets:".length)
             );
-            const exists = await (0, import_promises14.access)(directory).then(() => true).catch(() => false);
-            const isDirectory2 = exists && (await (0, import_promises14.lstat)(directory)).isDirectory();
+            const exists = await (0, import_promises15.access)(directory).then(() => true).catch(() => false);
+            const isDirectory2 = exists && (await (0, import_promises15.lstat)(directory)).isDirectory();
             if (!isDirectory2) {
               return {
                 errors: [
@@ -119531,7 +119764,7 @@ __name(buildPluginFromFunctions, "buildPluginFromFunctions");
 
 // src/pages/functions/filepath-routing.ts
 init_import_meta_url();
-var import_promises15 = __toESM(require("node:fs/promises"));
+var import_promises16 = __toESM(require("node:fs/promises"));
 var import_node_path40 = __toESM(require("node:path"));
 var import_esbuild4 = require("esbuild");
 async function generateConfigFromFileTree({
@@ -119663,7 +119896,7 @@ async function forEachFile(baseDir, fn) {
   const returnValues = [];
   while (isNotEmpty(searchPaths)) {
     const cwd2 = searchPaths.shift();
-    const dir = await import_promises15.default.readdir(cwd2, { withFileTypes: true });
+    const dir = await import_promises16.default.readdir(cwd2, { withFileTypes: true });
     for (const entry of dir) {
       const pathname = import_node_path40.default.join(cwd2, entry.name);
       if (entry.isDirectory()) {
@@ -119708,7 +119941,7 @@ __name(convertSimpleParams, "convertSimpleParams");
 
 // src/pages/functions/routes.ts
 init_import_meta_url();
-var import_promises16 = __toESM(require("node:fs/promises"));
+var import_promises17 = __toESM(require("node:fs/promises"));
 var import_node_path41 = __toESM(require("node:path"));
 
 // src/pages/functions/identifiers.ts
@@ -119786,7 +120019,7 @@ async function writeRoutesModule({
 }) {
   const { importMap, routes } = parseConfig(config, srcDir);
   const routesModule = generateRoutesModule(importMap, routes);
-  await import_promises16.default.writeFile(outfile, routesModule);
+  await import_promises17.default.writeFile(outfile, routesModule);
   return outfile;
 }
 __name(writeRoutesModule, "writeRoutesModule");
@@ -120331,7 +120564,7 @@ async function maybeReadPagesConfig(args) {
     });
     return {
       ...config,
-      hash: (0, import_node_crypto11.createHash)("sha256").update(await (0, import_promises17.readFile)(configPath)).digest("hex")
+      hash: (0, import_node_crypto11.createHash)("sha256").update(await (0, import_promises18.readFile)(configPath)).digest("hex")
     };
   } catch (e7) {
     if (e7 instanceof FatalError && e7.code === EXIT_CODE_INVALID_PAGES_CONFIG) {
@@ -120538,26 +120771,26 @@ var Handler9 = /* @__PURE__ */ __name(async (args) => {
 // src/pages/deploy.ts
 init_import_meta_url();
 var import_node_child_process4 = require("node:child_process");
-var import_promises21 = require("node:fs/promises");
+var import_promises22 = require("node:fs/promises");
 var import_node_path50 = __toESM(require("node:path"));
 
 // src/api/pages/deploy.ts
 init_import_meta_url();
 var import_node_crypto12 = require("node:crypto");
 var import_node_fs23 = require("node:fs");
-var import_promises20 = require("node:fs/promises");
+var import_promises21 = require("node:fs/promises");
 var import_node_path49 = __toESM(require("node:path"));
 var import_node_process11 = require("node:process");
 var import_undici13 = __toESM(require_undici());
 
 // src/pages/upload.ts
 init_import_meta_url();
-var import_promises19 = require("node:fs/promises");
+var import_promises20 = require("node:fs/promises");
 var import_node_path48 = require("node:path");
 
 // src/pages/validate.ts
 init_import_meta_url();
-var import_promises18 = require("node:fs/promises");
+var import_promises19 = require("node:fs/promises");
 var import_node_path47 = require("node:path");
 var import_mime2 = __toESM(require_mime());
 var import_minimatch = __toESM(require_minimatch());
@@ -120591,12 +120824,12 @@ var validate = /* @__PURE__ */ __name(async (args) => {
   ].map((pattern) => new import_minimatch.Minimatch(pattern));
   const directory = (0, import_node_path47.resolve)(args.directory);
   const walk = /* @__PURE__ */ __name(async (dir, fileMap2 = /* @__PURE__ */ new Map(), startingDir = dir) => {
-    const files = await (0, import_promises18.readdir)(dir);
+    const files = await (0, import_promises19.readdir)(dir);
     await Promise.all(
       files.map(async (file) => {
         const filepath = (0, import_node_path47.join)(dir, file);
         const relativeFilepath = (0, import_node_path47.relative)(startingDir, filepath);
-        const filestat = await (0, import_promises18.stat)(filepath);
+        const filestat = await (0, import_promises19.stat)(filepath);
         for (const minimatch of IGNORE_LIST) {
           if (minimatch.match(relativeFilepath)) {
             return;
@@ -120678,8 +120911,8 @@ var Handler11 = /* @__PURE__ */ __name(async ({
     skipCaching: skipCaching ?? false
   });
   if (outputManifestPath) {
-    await (0, import_promises19.mkdir)((0, import_node_path48.dirname)(outputManifestPath), { recursive: true });
-    await (0, import_promises19.writeFile)(outputManifestPath, JSON.stringify(manifest));
+    await (0, import_promises20.mkdir)((0, import_node_path48.dirname)(outputManifestPath), { recursive: true });
+    await (0, import_promises20.writeFile)(outputManifestPath, JSON.stringify(manifest));
   }
   logger.log(`\u2728 Upload complete!`);
 }, "Handler");
@@ -120768,7 +121001,7 @@ var upload = /* @__PURE__ */ __name(async (args) => {
       const payload = await Promise.all(
         bucket.files.map(async (file) => ({
           key: file.hash,
-          value: (await (0, import_promises19.readFile)(file.path)).toString("base64"),
+          value: (await (0, import_promises20.readFile)(file.path)).toString("base64"),
           metadata: {
             contentType: file.contentType
           },
@@ -121077,7 +121310,7 @@ async function deploy2({
     );
   }
   if (config !== void 0 && config.configPath !== void 0 && config.pages_build_output_dir) {
-    const configHash = (0, import_node_crypto12.createHash)("sha256").update(await (0, import_promises20.readFile)(config.configPath)).digest("hex");
+    const configHash = (0, import_node_crypto12.createHash)("sha256").update(await (0, import_promises21.readFile)(config.configPath)).digest("hex");
     const outputDir = import_node_path49.default.relative(
       process.cwd(),
       config.pages_build_output_dir
@@ -121546,7 +121779,8 @@ function Options12(yargs) {
     },
     "no-bundle": {
       type: "boolean",
-      default: false,
+      default: void 0,
+      conflicts: "bundle",
       description: "Whether to run bundling on `_worker.js` before deploying"
     },
     config: {
@@ -121749,6 +121983,7 @@ To silence this warning, pass in --commit-dirty=true`
       commitDirty = isGitDirty;
     }
   }
+  const enableBundling = args.bundle ?? !(args.noBundle ?? config?.no_bundle);
   const { deploymentResponse, formData } = await deploy2({
     directory,
     accountId,
@@ -121758,9 +121993,7 @@ To silence this warning, pass in --commit-dirty=true`
     commitHash,
     commitDirty,
     skipCaching: args.skipCaching,
-    // TODO: Here lies a known bug. If you specify both `--bundle` and `--no-bundle`, this behavior is undefined and you will get unexpected results.
-    // There is no sane way to get the true value out of yargs, so here we are.
-    bundle: args.bundle ?? !args.noBundle,
+    bundle: enableBundling,
     // Sourcemaps from deploy arguments will take precedence so people can try it for one-off deployments without updating their wrangler.toml
     sourceMaps: config?.upload_source_maps || args.uploadSourceMaps,
     args
@@ -121805,7 +122038,7 @@ To silence this warning, pass in --commit-dirty=true`
     if (failureMessage.includes("Script startup exceeded CPU time limit")) {
       const workerBundle = formData.get("_worker.bundle");
       const filePath = import_node_path50.default.join(getPagesTmpDir(), "_worker.bundle");
-      await (0, import_promises21.writeFile)(filePath, workerBundle.stream());
+      await (0, import_promises22.writeFile)(filePath, workerBundle.stream());
       await handleStartupError(filePath, getPagesProjectRoot());
     }
     throw new FatalError(
@@ -121854,7 +122087,7 @@ __name(promptSelectExistingOrNewProject, "promptSelectExistingOrNewProject");
 
 // src/pages/deployment-tails.ts
 init_import_meta_url();
-var import_promises22 = require("node:timers/promises");
+var import_promises23 = require("node:timers/promises");
 var import_signal_exit5 = __toESM(require_signal_exit());
 
 // src/tail/createTail.ts
@@ -122373,10 +122606,10 @@ async function Handler13({
   while (tail.readyState !== tail.OPEN) {
     switch (tail.readyState) {
       case tail.CONNECTING:
-        await (0, import_promises22.setTimeout)(100);
+        await (0, import_promises23.setTimeout)(100);
         break;
       case tail.CLOSING:
-        await (0, import_promises22.setTimeout)(100);
+        await (0, import_promises23.setTimeout)(100);
         break;
       case tail.CLOSED:
         sendMetricsEvent("end log stream", {
@@ -122562,7 +122795,8 @@ function Options14(yargs) {
     },
     "no-bundle": {
       type: "boolean",
-      default: false,
+      default: void 0,
+      conflicts: "bundle",
       description: "Whether to run bundling on `_worker.js`"
     },
     binding: {
@@ -122747,7 +122981,7 @@ The Worker script should be named \`_worker.js\` and located in the build output
   const workerScriptPath = directory !== void 0 ? (0, import_node_path51.join)(directory, singleWorkerScriptPath) : (0, import_node_path51.resolve)(singleWorkerScriptPath);
   const usingWorkerDirectory = (0, import_node_fs24.existsSync)(workerScriptPath) && (0, import_node_fs24.lstatSync)(workerScriptPath).isDirectory();
   const usingWorkerScript = (0, import_node_fs24.existsSync)(workerScriptPath);
-  const enableBundling = args.bundle ?? !args.noBundle;
+  const enableBundling = args.bundle ?? !(args.noBundle ?? config.no_bundle);
   const functionsDirectory = "./functions";
   let usingFunctions = !usingWorkerScript && (0, import_node_fs24.existsSync)(functionsDirectory);
   let scriptPath3 = "";
@@ -122755,7 +122989,7 @@ The Worker script should be named \`_worker.js\` and located in the build output
     args.compatibilityDate ?? config.compatibility_date,
     args.compatibilityFlags ?? config.compatibility_flags ?? [],
     {
-      noBundle: args.noBundle ?? config.no_bundle
+      noBundle: !enableBundling
     }
   );
   const defineNavigatorUserAgent = isNavigatorDefined(
@@ -123379,7 +123613,7 @@ __name(getBindingsFromArgs, "getBindingsFromArgs");
 // src/pages/download-config.ts
 init_import_meta_url();
 var import_fs13 = require("fs");
-var import_promises26 = require("node:fs/promises");
+var import_promises27 = require("node:fs/promises");
 var import_toml5 = __toESM(require_toml());
 var import_miniflare19 = require("miniflare");
 async function toEnvironment(deploymentConfig, accountId) {
@@ -123492,7 +123726,7 @@ __name(toEnvironment, "toEnvironment");
 async function writeWranglerToml(toml) {
   let tomlString = import_toml5.default.stringify(toml);
   tomlString = tomlString.split("\n").map((line) => line.trimStart()).join("\n");
-  await (0, import_promises26.writeFile)(
+  await (0, import_promises27.writeFile)(
     "wrangler.toml",
     `# Generated by Wrangler on ${/* @__PURE__ */ new Date()}
 ${tomlString}`
@@ -124506,7 +124740,7 @@ __name(pages, "pages");
 
 // src/pipelines/index.ts
 init_import_meta_url();
-var import_promises29 = require("node:timers/promises");
+var import_promises30 = require("node:timers/promises");
 
 // ../../node_modules/.pnpm/@aws-sdk+client-s3@3.721.0/node_modules/@aws-sdk/client-s3/dist-es/S3Client.js
 init_import_meta_url();
@@ -128242,14 +128476,14 @@ init_import_meta_url();
 init_import_meta_url();
 var import_node_assert21 = __toESM(require("node:assert"));
 var import_node_http2 = __toESM(require("node:http"));
-var import_promises28 = require("node:timers/promises");
+var import_promises29 = require("node:timers/promises");
 var API_HEADERS = {
   "Content-Type": "application/json"
 };
 async function generateR2ServiceToken(accountId, bucketName, pipelineName) {
   const controller = new AbortController();
   const signal = controller.signal;
-  const timeoutPromise = (0, import_promises28.setTimeout)(12e4, "timeout", { signal });
+  const timeoutPromise = (0, import_promises29.setTimeout)(12e4, "timeout", { signal });
   const serverPromise = new Promise((resolve24, reject) => {
     const server = import_node_http2.default.createServer(async (request4, response) => {
       (0, import_node_assert21.default)(request4.url, "This request doesn't have a URL");
@@ -128922,7 +129156,7 @@ async function verifyBucketAccess(r22, bucketName) {
       if (attempt === MAX_ATTEMPTS2) {
         throw error2;
       }
-      await (0, import_promises29.setTimeout)(DELAY_MS);
+      await (0, import_promises30.setTimeout)(DELAY_MS);
     }
   }
 }
@@ -130687,15 +130921,15 @@ var r2BucketDomainGetCommand = createCommand({
       type: "string"
     }
   },
-  async handler({ bucket, domain: domain3, jurisdiction }, { config }) {
+  async handler({ bucket, domain: domain4, jurisdiction }, { config }) {
     const accountId = await requireAuth(config);
     logger.log(
-      `Retrieving custom domain '${domain3}' connected to bucket '${bucket}'...`
+      `Retrieving custom domain '${domain4}' connected to bucket '${bucket}'...`
     );
     const domainResponse = await getCustomDomain(
       accountId,
       bucket,
-      domain3,
+      domain4,
       jurisdiction
     );
     const tableOutput = tableFromCustomDomainListResponse([domainResponse]);
@@ -130784,7 +131018,7 @@ var r2BucketDomainAddCommand = createCommand({
     const accountId = await requireAuth(config);
     const {
       bucket,
-      domain: domain3,
+      domain: domain4,
       zoneId,
       minTls = "1.0",
       jurisdiction,
@@ -130792,25 +131026,25 @@ var r2BucketDomainAddCommand = createCommand({
     } = args;
     if (!force) {
       const confirmedAdd = await confirm(
-        `Are you sure you want to add the custom domain '${domain3}' to bucket '${bucket}'? The contents of your bucket will be made publicly available at 'https://${domain3}'`
+        `Are you sure you want to add the custom domain '${domain4}' to bucket '${bucket}'? The contents of your bucket will be made publicly available at 'https://${domain4}'`
       );
       if (!confirmedAdd) {
         logger.log("Add cancelled.");
         return;
       }
     }
-    logger.log(`Connecting custom domain '${domain3}' to bucket '${bucket}'...`);
+    logger.log(`Connecting custom domain '${domain4}' to bucket '${bucket}'...`);
     await attachCustomDomainToBucket(
       accountId,
       bucket,
       {
-        domain: domain3,
+        domain: domain4,
         zoneId,
         minTLS: minTls
       },
       jurisdiction
     );
-    logger.log(`\u2728 Custom domain '${domain3}' connected successfully.`);
+    logger.log(`\u2728 Custom domain '${domain4}' connected successfully.`);
   }
 });
 var r2BucketDomainRemoveCommand = createCommand({
@@ -130846,19 +131080,19 @@ var r2BucketDomainRemoveCommand = createCommand({
   },
   async handler(args, { config }) {
     const accountId = await requireAuth(config);
-    const { bucket, domain: domain3, jurisdiction, force } = args;
+    const { bucket, domain: domain4, jurisdiction, force } = args;
     if (!force) {
       const confirmedRemoval = await confirm(
-        `Are you sure you want to remove the custom domain '${domain3}' from bucket '${bucket}'? Your bucket will no longer be available from 'https://${domain3}'`
+        `Are you sure you want to remove the custom domain '${domain4}' from bucket '${bucket}'? Your bucket will no longer be available from 'https://${domain4}'`
       );
       if (!confirmedRemoval) {
         logger.log("Removal cancelled.");
         return;
       }
     }
-    logger.log(`Removing custom domain '${domain3}' from bucket '${bucket}'...`);
-    await removeCustomDomainFromBucket(accountId, bucket, domain3, jurisdiction);
-    logger.log(`Custom domain '${domain3}' removed successfully.`);
+    logger.log(`Removing custom domain '${domain4}' from bucket '${bucket}'...`);
+    await removeCustomDomainFromBucket(accountId, bucket, domain4, jurisdiction);
+    logger.log(`Custom domain '${domain4}' removed successfully.`);
   }
 });
 var r2BucketDomainUpdateCommand = createCommand({
@@ -130893,19 +131127,19 @@ var r2BucketDomainUpdateCommand = createCommand({
   },
   async handler(args, { config }) {
     const accountId = await requireAuth(config);
-    const { bucket, domain: domain3, minTls, jurisdiction } = args;
-    logger.log(`Updating custom domain '${domain3}' for bucket '${bucket}'...`);
+    const { bucket, domain: domain4, minTls, jurisdiction } = args;
+    logger.log(`Updating custom domain '${domain4}' for bucket '${bucket}'...`);
     await configureCustomDomainSettings(
       accountId,
       bucket,
-      domain3,
+      domain4,
       {
-        domain: domain3,
+        domain: domain4,
         minTLS: minTls
       },
       jurisdiction
     );
-    logger.log(`\u2728 Custom domain '${domain3}' updated successfully.`);
+    logger.log(`\u2728 Custom domain '${domain4}' updated successfully.`);
   }
 });
 
@@ -139648,9 +139882,9 @@ var NODE_VERSION = parseSemver(process.versions.node);
 
 // ../../node_modules/.pnpm/@sentry+node@7.87.0_supports-color@9.2.2/node_modules/@sentry/node/esm/async/domain.js
 init_import_meta_url();
-var domain2 = __toESM(require("domain"));
+var domain3 = __toESM(require("domain"));
 function getActiveDomain() {
-  return domain2.active;
+  return domain3.active;
 }
 __name(getActiveDomain, "getActiveDomain");
 function getCurrentHub2() {
@@ -139673,7 +139907,7 @@ function runWithAsyncContext2(callback, options32) {
   if (activeDomain && _optionalChain([options32, "optionalAccess", (_4) => _4.reuseExisting])) {
     return callback();
   }
-  const local = domain2.create();
+  const local = domain3.create();
   const parentHub = activeDomain ? getHubFromCarrier(activeDomain) : void 0;
   const newHub = createNewHub(parentHub);
   setHubOnCarrier(local, newHub);
@@ -141775,7 +142009,7 @@ __name(closeSentry, "closeSentry");
 
 // src/tail/index.ts
 init_import_meta_url();
-var import_promises30 = require("node:timers/promises");
+var import_promises31 = require("node:timers/promises");
 var import_signal_exit6 = __toESM(require_signal_exit());
 var tailCommand = createCommand({
   metadata: {
@@ -141908,10 +142142,10 @@ var tailCommand = createCommand({
     while (tail.readyState !== tail.OPEN) {
       switch (tail.readyState) {
         case tail.CONNECTING:
-          await (0, import_promises30.setTimeout)(100);
+          await (0, import_promises31.setTimeout)(100);
           break;
         case tail.CLOSING:
-          await (0, import_promises30.setTimeout)(100);
+          await (0, import_promises31.setTimeout)(100);
           break;
         case tail.CLOSED:
           sendMetricsEvent("end log stream", {
@@ -142060,10 +142294,26 @@ function getVarsForDev(config, env6, silent = false) {
 }
 __name(getVarsForDev, "getVarsForDev");
 
+// src/process-env.ts
+init_import_meta_url();
+function isProcessEnvPopulated(compatibility_date, compatibility_flags = []) {
+  if (compatibility_flags.includes("nodejs_compat_populate_process_env") && compatibility_flags.includes("nodejs_compat_do_not_populate_process_env")) {
+    throw new UserError("Can't both enable and disable a flag");
+  }
+  if (compatibility_flags.includes("nodejs_compat_populate_process_env") && compatibility_flags.includes("nodejs_compat")) {
+    return true;
+  }
+  if (compatibility_flags.includes("nodejs_compat_do_not_populate_process_env")) {
+    return false;
+  }
+  return compatibility_flags.includes("nodejs_compat") && !!compatibility_date && compatibility_date >= "2025-04-01";
+}
+__name(isProcessEnvPopulated, "isProcessEnvPopulated");
+
 // src/type-generation/runtime/index.ts
 init_import_meta_url();
 var import_fs22 = require("fs");
-var import_promises31 = require("fs/promises");
+var import_promises32 = require("fs/promises");
 var import_miniflare20 = require("miniflare");
 var import_workerd = require("workerd");
 var DEFAULT_OUTFILE_RELATIVE_PATH = "worker-configuration.d.ts";
@@ -142076,7 +142326,7 @@ async function generateRuntimeTypes({
   }
   const header = `// Runtime types generated with workerd@${import_workerd.version} ${compatibility_date} ${compatibility_flags.sort().join(",")}`;
   try {
-    const lines = (await (0, import_promises31.readFile)(outFile, "utf8")).split("\n");
+    const lines = (await (0, import_promises32.readFile)(outFile, "utf8")).split("\n");
     const existingHeader = lines.find(
       (line) => line.startsWith("// Runtime types generated with workerd@")
     );
@@ -142379,6 +142629,7 @@ function generateImportSpecifier(from, to) {
 }
 __name(generateImportSpecifier, "generateImportSpecifier");
 async function generateEnvTypes(config, args, envInterface, outputPath, entrypoint, log2 = true) {
+  const stringKeys = [];
   const secrets = getVarsForDev(
     // We do not want `getVarsForDev()` to merge in the standard vars into the dev vars
     // because we want to be able to work with secrets differently to vars.
@@ -142443,10 +142694,12 @@ async function generateEnvTypes(config, args, envInterface, outputPath, entrypoi
         constructTypeKey(varName),
         varValues.length === 1 ? varValues[0] : varValues.join(" | ")
       ]);
+      stringKeys.push(varName);
     }
   }
   for (const secretName in configToDTS.secrets) {
     envTypeStructure.push([constructTypeKey(secretName), "string"]);
+    stringKeys.push(secretName);
   }
   if (configToDTS.durable_objects?.bindings) {
     const importPath = entrypoint?.file ? generateImportSpecifier(fullOutputPath, entrypoint.file) : void 0;
@@ -142612,7 +142865,10 @@ async function generateEnvTypes(config, args, envInterface, outputPath, entrypoi
       entrypointFormat,
       envInterface,
       envTypeStructure.map(([key, value]) => `${key}: ${value};`),
-      modulesTypeStructure
+      modulesTypeStructure,
+      stringKeys,
+      config.compatibility_date,
+      config.compatibility_flags
     );
     const hash = (0, import_node_crypto13.createHash)("sha256").update(consoleOutput).digest("hex").slice(0, 32);
     const envHeader = `// Generated by Wrangler by running \`${wranglerCommandUsed}\` (hash: ${hash})`;
@@ -142650,16 +142906,29 @@ var checkPath = /* @__PURE__ */ __name((path69) => {
     }
   }
 }, "checkPath");
-function generateTypeStrings(formatType, envInterface, envTypeStructure, modulesTypeStructure) {
+function generateTypeStrings(formatType, envInterface, envTypeStructure, modulesTypeStructure, stringKeys, compatibilityDate, compatibilityFlags) {
   let baseContent = "";
   let eslintDisable = "";
+  let processEnv = "";
   if (formatType === "modules") {
     if (envTypeStructure.length === 0) {
-      eslintDisable = "// eslint-disable-next-line @typescript-eslint/no-empty-interface,@typescript-eslint/no-empty-object-type\n";
+      eslintDisable = "	// eslint-disable-next-line @typescript-eslint/no-empty-interface,@typescript-eslint/no-empty-object-type\n";
     }
-    baseContent = `interface ${envInterface} {${envTypeStructure.map((value) => `
-	${value}`).join("")}
+    if (isProcessEnvPopulated(compatibilityDate, compatibilityFlags) && stringKeys.length > 0) {
+      processEnv = `
+type StringifyValues<EnvType extends Record<string, unknown>> = {
+	[Binding in keyof EnvType]: EnvType[Binding] extends string ? EnvType[Binding] : string;
+};
+declare namespace NodeJS {
+	interface ProcessEnv extends StringifyValues<Pick<Cloudflare.Env, ${stringKeys.map((k6) => `"${k6}"`).join(" | ")}>> {}
 }`;
+    }
+    baseContent = `declare namespace Cloudflare {
+${eslintDisable}	interface Env {${envTypeStructure.map((value) => `
+		${value}`).join("")}
+	}
+}
+interface ${envInterface} extends Cloudflare.Env {}${processEnv}`;
   } else {
     baseContent = `export {};
 declare global {
@@ -142668,7 +142937,7 @@ ${envTypeStructure.map((value) => `	const ${value}`).join("\n")}
   }
   const modulesContent = modulesTypeStructure.join("\n");
   return {
-    fileContent: `${eslintDisable}${baseContent}
+    fileContent: `${baseContent}
 ${modulesContent}`,
     consoleOutput: `${baseContent}
 ${modulesContent}`
@@ -148666,7 +148935,7 @@ ${tryRunningItIn}${oneOfThese}`
       const controller = new AbortController();
       await Promise.race([
         Promise.allSettled(dispatcher?.requests ?? []),
-        (0, import_promises32.setTimeout)(1e3, void 0, controller)
+        (0, import_promises33.setTimeout)(1e3, void 0, controller)
         // Ensure we don't hang indefinitely
       ]).then(() => controller.abort());
     } catch (e7) {
@@ -148730,7 +148999,7 @@ async function checkStartupHandler({
     startMessage: "Analysing",
     endMessage: source_default.green("Startup phase analysed")
   });
-  await (0, import_promises34.writeFile)(outfile, JSON.stringify(await cpuProfileResult));
+  await (0, import_promises35.writeFile)(outfile, JSON.stringify(await cpuProfileResult));
   log(
     `CPU Profile written to ${outfile}. Load it into the Chrome DevTools profiler (or directly in VSCode) to view a flamegraph.`
   );
@@ -148786,7 +149055,13 @@ async function getEntryValue(entry) {
 __name(getEntryValue, "getEntryValue");
 function getModuleType(entry) {
   if (entry instanceof Blob) {
-    return ModuleTypeToRuleType[mimeTypeModuleType[entry.type]];
+    const type = ModuleTypeToRuleType[mimeTypeModuleType[entry.type]];
+    if (!type) {
+      throw new Error(
+        `Unable to determine module type for ${entry.type} mime type`
+      );
+    }
+    return type;
   } else {
     return "Text";
   }
@@ -148803,7 +149078,7 @@ async function convertWorkerBundleToModules(workerBundle) {
 }
 __name(convertWorkerBundleToModules, "convertWorkerBundleToModules");
 async function parseFormDataFromFile(file) {
-  const bundle = await (0, import_promises33.readFile)(file);
+  const bundle = await (0, import_promises34.readFile)(file);
   const firstLine = bundle.findIndex((v7) => v7 === 10);
   const boundary = Uint8Array.prototype.slice.call(bundle, 2, firstLine).toString();
   return await new Response(bundle, {
@@ -148901,7 +149176,7 @@ async function handleStartupError(workerBundle, projectRoot) {
     projectRoot ?? process.cwd(),
     import_node_path58.default.join(tmpDir.path, `worker.cpuprofile`)
   );
-  await (0, import_promises35.writeFile)(profile, JSON.stringify(cpuProfile));
+  await (0, import_promises36.writeFile)(profile, JSON.stringify(cpuProfile));
   throw new UserError(esm_default2`
 		Your Worker failed validation because it exceeded startup limits.
 		To ensure fast responses, there are constraints on Worker startup, such as how much CPU it can use, or how long it can take. Your Worker has hit one of these startup limits. Try reducing the amount of work done during startup (outside the event handler), either by removing code or relocating it inside the event handler.
@@ -149030,18 +149305,18 @@ async function publishCustomDomains(workerUrl, accountId, domains) {
       }
     );
     const updatesRequired = changeset.updated.filter(
-      (domain3) => domain3.modified
+      (domain4) => domain4.modified
     );
     if (updatesRequired.length > 0) {
       const existing = await Promise.all(
         updatesRequired.map(
-          (domain3) => fetchResult(
-            `/accounts/${accountId}/workers/domains/records/${domain3.id}`
+          (domain4) => fetchResult(
+            `/accounts/${accountId}/workers/domains/records/${domain4.id}`
           )
         )
       );
       const existingRendered = existing.map(
-        (domain3) => `	\u2022 ${domain3.hostname} (used as a domain for "${domain3.service}")`
+        (domain4) => `	\u2022 ${domain4.hostname} (used as a domain for "${domain4.service}")`
       ).join("\n");
       const message = `Custom Domains already exist for these domains:
 ${existingRendered}
@@ -149052,7 +149327,7 @@ Update them to point to this script instead?`;
       config.override_existing_origin = true;
     }
     if (changeset.conflicting.length > 0) {
-      const conflicitingRendered = changeset.conflicting.map((domain3) => `	\u2022 ${domain3.hostname}`).join("\n");
+      const conflicitingRendered = changeset.conflicting.map((domain4) => `	\u2022 ${domain4.hostname}`).join("\n");
       const message = `You already have DNS records that conflict for these Custom Domains:
 ${conflicitingRendered}
 Update them to point to this script instead?`;
@@ -149069,7 +149344,7 @@ Update them to point to this script instead?`;
       "Content-Type": "application/json"
     }
   });
-  return domains.map((domain3) => renderRoute(domain3));
+  return domains.map((domain4) => renderRoute(domain4));
 }
 __name(publishCustomDomains, "publishCustomDomains");
 async function deploy(props) {
@@ -149324,6 +149599,7 @@ See https://developers.cloudflare.com/workers/platform/compatibility-dates for m
       bindings,
       migrations,
       modules,
+      containers: config.containers ?? void 0,
       sourceMaps: uploadSourceMaps ? loadSourceMaps(main2, modules, bundle) : void 0,
       compatibility_date: props.compatibilityDate ?? config.compatibility_date,
       compatibility_flags: compatibilityFlags,
@@ -149362,7 +149638,7 @@ See https://developers.cloudflare.com/workers/platform/compatibility-dates for m
         maskedVars[key] = "(hidden)";
       }
     }
-    const canUseNewVersionsDeploymentsApi = workerExists && props.dispatchNamespace === void 0 && prod && format9 === "modules" && migrations === void 0 && !config.first_party_worker;
+    const canUseNewVersionsDeploymentsApi = workerExists && props.dispatchNamespace === void 0 && prod && format9 === "modules" && migrations === void 0 && !config.first_party_worker && config.containers === void 0;
     let workerBundle;
     if (props.dryRun) {
       workerBundle = createWorkerUploadForm(worker);
@@ -149842,7 +150118,7 @@ var syncAssets = /* @__PURE__ */ __name(async (accountId, assetDirectory, script
         payload.append(
           manifestEntry[1].hash,
           new import_undici22.File(
-            [(await (0, import_promises36.readFile)(absFilePath)).toString("base64")],
+            [(await (0, import_promises37.readFile)(absFilePath)).toString("base64")],
             manifestEntry[1].hash,
             {
               // Most formdata body encoders (incl. undici's) will override with "application/octet-stream" if you use a falsy value here
@@ -149934,7 +150210,7 @@ Assets already uploaded have been saved, so the next attempt will automatically
   return completionJwt;
 }, "syncAssets");
 var buildAssetManifest = /* @__PURE__ */ __name(async (dir) => {
-  const files = await (0, import_promises36.readdir)(dir, { recursive: true });
+  const files = await (0, import_promises37.readdir)(dir, { recursive: true });
   const manifest = {};
   let counter = 0;
   const { assetsIgnoreFunction, assetsIgnoreFilePresent } = await createAssetsIgnoreFunction(dir);
@@ -149945,7 +150221,7 @@ var buildAssetManifest = /* @__PURE__ */ __name(async (dir) => {
         return;
       }
       const filepath = path62.join(dir, relativeFilepath);
-      const filestat = await (0, import_promises36.stat)(filepath);
+      const filestat = await (0, import_promises37.stat)(filepath);
       if (filestat.isSymbolicLink() || filestat.isDirectory()) {
         return;
       } else {
@@ -150050,8 +150326,10 @@ ${resolvedAssetsPath}`,
       "Cannot set run_worker_first=true without a Worker script.\nPlease remove run_worker_first from your configuration file, or provide a Worker script in your configuration file (`main`)."
     );
   }
-  const redirects = maybeGetFile(path62.join(directory, REDIRECTS_FILENAME));
-  const headers = maybeGetFile(path62.join(directory, HEADERS_FILENAME));
+  const redirects = maybeGetFile(
+    path62.join(resolvedAssetsPath, REDIRECTS_FILENAME)
+  );
+  const headers = maybeGetFile(path62.join(resolvedAssetsPath, HEADERS_FILENAME));
   const assetConfig = {
     html_handling: config.assets?.html_handling,
     not_found_handling: config.assets?.not_found_handling
@@ -150115,7 +150393,7 @@ init_import_meta_url();
 // src/dev-registry/file-registry.ts
 init_import_meta_url();
 var import_node_fs32 = require("node:fs");
-var import_promises37 = require("node:fs/promises");
+var import_promises38 = require("node:fs/promises");
 var import_node_path60 = __toESM(require("node:path"));
 var util3 = __toESM(require("node:util"));
 init_esm2();
@@ -150187,8 +150465,8 @@ async function registerWorker(name2, definition) {
   if (existingHeartbeat) {
     clearInterval(existingHeartbeat);
   }
-  await (0, import_promises37.mkdir)(DEV_REGISTRY_PATH, { recursive: true });
-  await (0, import_promises37.writeFile)(
+  await (0, import_promises38.mkdir)(DEV_REGISTRY_PATH, { recursive: true });
+  await (0, import_promises38.writeFile)(
     import_node_path60.default.join(DEV_REGISTRY_PATH, name2),
     // We don't currently do anything with the stored Wrangler version,
     // but if we need to make breaking changes to this format in the future
@@ -150211,7 +150489,7 @@ async function getRegisteredWorkers() {
 __name(getRegisteredWorkers, "getRegisteredWorkers");
 async function unregisterWorker(name2) {
   try {
-    await (0, import_promises37.unlink)(import_node_path60.default.join(DEV_REGISTRY_PATH, name2));
+    await (0, import_promises38.unlink)(import_node_path60.default.join(DEV_REGISTRY_PATH, name2));
     const existingHeartbeat = heartbeats.get(name2);
     if (existingHeartbeat) {
       clearInterval(existingHeartbeat);
@@ -150223,17 +150501,17 @@ async function unregisterWorker(name2) {
 }
 __name(unregisterWorker, "unregisterWorker");
 async function loadWorkerDefinitions() {
-  await (0, import_promises37.mkdir)(DEV_REGISTRY_PATH, { recursive: true });
+  await (0, import_promises38.mkdir)(DEV_REGISTRY_PATH, { recursive: true });
   globalWorkers ??= {};
   const newWorkers = /* @__PURE__ */ new Set();
-  const workerDefinitions = await (0, import_promises37.readdir)(DEV_REGISTRY_PATH);
+  const workerDefinitions = await (0, import_promises38.readdir)(DEV_REGISTRY_PATH);
   for (const workerName of workerDefinitions) {
     try {
-      const file = await (0, import_promises37.readFile)(
+      const file = await (0, import_promises38.readFile)(
         import_node_path60.default.join(DEV_REGISTRY_PATH, workerName),
         "utf8"
       );
-      const stats = await (0, import_promises37.stat)(import_node_path60.default.join(DEV_REGISTRY_PATH, workerName));
+      const stats = await (0, import_promises38.stat)(import_node_path60.default.join(DEV_REGISTRY_PATH, workerName));
       if (stats.mtime.getTime() < Date.now() - 6e5) {
         await unregisterWorker(workerName);
       } else {
@@ -153434,7 +153712,7 @@ function deepFreeze(obj) {
   });
 }
 __name(deepFreeze, "deepFreeze");
-function unstable_getMiniflareWorkerOptions(configOrConfigPath, env6) {
+function unstable_getMiniflareWorkerOptions(configOrConfigPath, env6, options32) {
   const config = typeof configOrConfigPath === "string" ? readConfig({ config: configOrConfigPath, env: env6 }) : configOrConfigPath;
   const modulesRules = config.rules.concat(DEFAULT_MODULE_RULES).map((rule) => ({
     type: rule.type,
@@ -153450,7 +153728,7 @@ function unstable_getMiniflareWorkerOptions(configOrConfigPath, env6) {
     services: [],
     serviceBindings: {},
     migrations: config.migrations,
-    imagesLocalMode: false
+    imagesLocalMode: !!options32?.imagesLocalMode
   });
   if (bindings.services !== void 0) {
     bindingOptions.serviceBindings = Object.fromEntries(