新的 secrets 配置属性允许你在 Wrangler 配置文件里声明 Worker 所需的 secret 名称。必需的 secrets 会在本地开发和部署时被校验,并作为类型生成的事实来源。开发时,wrangler dev 和 vite dev 只会加载 .dev.vars 或 .env/process.env 里列在 secrets.required 中的 key。类型生成时,wrangler types 会根据 secrets.required 生成绑定类型。部署时,如果缺少必需 secret,命令会失败并提示缺失项。
The new secrets configuration property lets you declare the secret names your Worker requires in your Wrangler configuration file. Required secrets are validated during local development and deploy, and used as the source of truth for type generation. wrangler.jsonc { "secrets": { "required": ["API_KEY", "DB_PASSWORD"], },} wrangler.toml [secrets]required = [ "API_KEY", "DB_PASSWORD" ] Local development When secrets is defined, wrangler dev and vite dev load only the keys listed in secrets.required from .dev.vars or .env/process.env. Additional keys in those files are excluded. If any required secrets are missing, a warning is logged listing the missing names. Type generation wrangler types generates typed bindings from secrets.required instead of inferring names from .dev.vars or .env. This lets you run type generation in CI or other environments where those files are not present. Per-environment secrets are supported — the aggregated Env type marks secrets that only appear in some environments as optional. Deploy wrangler deploy and wrangler versions upload validate that all secrets in secrets.required are configured on the Worker before the operation succeeds. If any required secrets are missing, the command fails with an error listing which secrets need to be set. For more information, refer to the secrets configuration property reference.
发布日期:2026-03-25 · 来源:Cloudflare
Published: 2026-03-25 · Source: Cloudflare
了解 STADLER 如何使用 ChatGPT 改造知识工作,为 650 名员工节省时间并提升生产效率。
Learn how STADLER uses ChatGPT to transform knowledge work, saving time and accelerating productivity across 650 employees.
发布日期:2026-03-27 · 来源:OpenAI
Published: 2026-03-27 · Source: OpenAI
DXDX
Workflows 现在会在仪表盘里以步骤图显示。这里介绍了我们如何把 TypeScript 代码翻译成工作流的可视化表达。
2026-03-27Workflows are now visualized via step diagrams in the dashboard. Here’s how we translate your TypeScript code into a visual representation of the workflow. ...Continue reading »André VenceslauMia Malden
发布日期:2026-03-27 · 来源:Cloudflare Blog
Published: 2026-03-27 · Source: Cloudflare Blog
DXDX
看看 GitHub Actions 的 2026 路线图,了解 secure defaults、policy controls 和 CI/CD observability 如何端到端加固软件供应链。原文最早发表于 The GitHub Blog。
A look at GitHub Actions’ 2026 roadmap, outlining how secure defaults, policy controls, and CI/CD observability harden the software supply chain end to end. The post What’s coming to our GitHub Actions 2026 security roadmap appeared first on The GitHub Blog.
发布日期:2026-03-26 · 来源:GitHub Blog
Published: 2026-03-26 · Source: GitHub Blog
DevOpsDevOpsSecuritySecurity
Containers 和 Sandboxes 现在可以通过 HTTP 直接连接到 Workers。你可以在容器里通过特定主机名调用 Workers 的函数和绑定,例如 KV 或 R2。你可以定义 outbound handler 捕获任意 HTTP 请求,或者用 outboundByHost 只处理某些 host。所有 handler 都运行在 Workers runtime 中,位于容器沙箱之外。HTTPS 拦截也即将支持。
Containers and Sandboxes now support connecting directly to Workers over HTTP. This allows you to call Workers functions and bindings, like KV or R2, from within the container at specific hostnames. Run Worker code Define an outbound handler to capture any HTTP request or use outboundByHost to capture requests to individual hostnames and IPs. export class MyApp extends Sandbox {} MyApp.outbound = async (request, env, ctx) => { // you can run arbitrary functions defined in your Worker on any HTTP request return await someWorkersFunction(request.body);}; MyApp.outboundByHost = { "my.worker": async (request, env, ctx) => { return await anotherFunction(request.body); },}; In this example, requests from the container to http://my.worker will run the function defined within outboundByHost, and any other HTTP requests will run the outbound handler. These handlers run entirely inside the Workers runtime, outside of the container sandbox. TLS support coming soonContainers and Sandboxes currently only intercept HTTP traffic. HTTPS interception is coming soon. This will enable using Workers as a transparent proxy for credential injection.Even though this is just using HTTP, traffic to Workers is secure and runs on the same machine as the container. If needed, you can also upgrade requests to TLS from the Worker itself. Access Workers bindings Each handler has access to env, so it can call any binding set in Wrangler config. Code inside the container makes a standard HTTP request to that hostname and the outbound Worker translates it into a binding call. export class MyApp extends Sandbox {} MyApp.outboundByHost = { "my.kv": async (request, env, ctx) => { const key = new URL(request.url).pathname.slice(1); const value = await env.KV.get(key); return new Response(value ?? "", { status: value ? 200 : 404 }); }, "my.r2": async (request, env, ctx) => { const key = new URL(request.url).pathname.slice(1); const object = await env.BUCKET.get(key); return new Response(object?.body ?? "", { status: object ? 200 : 404 }); },}; Now, from inside the container sandbox, curl http://my.kv/some-key will access Workers KV and curl http://my.r2/some-object will access R2. Access Durable Object state Use ctx.containerId to reference the container's automatically provisioned Durable Object. export class MyContainer extends Container {} MyContainer.outboundByHost = { "get-state.do": async (request, env, ctx) => { const id = env.MY_CONTAINER.idFromString(ctx.containerId); const stub = env.MY_CONTAINER.get(id); return stub.getStateForKey(request.body); },}; This provides an easy way to associate state with any container instance, and includes a built-in SQLite database. Get Started Today Upgrade to @cloudflare/containers version 0.2.0 or later, or @cloudflare/sandbox version 0.8.0 or later to use outbound Workers. Refer to Containers outbound traffic and Sandboxes outbound traffic for more details and examples.
发布日期:2026-03-26 · 来源:Cloudflare
Published: 2026-03-26 · Source: Cloudflare
BackendBackend
经审查的漏洞披露数量跌至四年新低,恶意软件类披露激增,CNA 发布量继续增长。本文总结了这些变化意味着什么,以及你在分流和响应上该怎么做。原文最早发表于 The GitHub Blog。
Reviewed advisories hit a four-year low, malware advisories surged, and CNA publishing grew—here’s what changed and what it means for your triage and response. The post A year of open source vulnerability trends: CVEs, advisories, and malware appeared first on The GitHub Blog.
发布日期:2026-03-26 · 来源:GitHub Blog
Published: 2026-03-26 · Source: GitHub Blog
SecuritySecurityOpen SourceOpen Source
我们排查 Atlantis 实例为什么要花 30 分钟重启时,发现瓶颈在 Kubernetes 处理卷权限的方式。通过调整 fsGroup 配置,最终把一年里累计的 600 多小时浪费省了下来。
2026-03-26KubernetesTerraformPlatform EngineeringInfrastructureSREWhen we investigated why our Atlantis instance took 30 minutes to restart, we discovered a bottleneck in how Kubernetes handles volume permissions. By adjusting the fsGroupC…
发布日期:2026-03-26 · 来源:Cloudflare Blog
Published: 2026-03-26 · Source: Cloudflare Blog
DevOpsDevOps
了解 OpenAI 的 Model Spec 如何作为模型行为的公开框架,在 AI 系统不断进化时平衡安全、用户自由和责任。
Learn how OpenAI’s Model Spec serves as a public framework for model behavior, balancing safety, user freedom, and accountability as AI systems advance.
发布日期:2026-03-25 · 来源:OpenAI
Published: 2026-03-25 · Source: OpenAI
AIAI
去年 7 月我们发布了 Awesome GitHub Copilot Customizations 仓库,最初只是想给社区一个地方,分享自定义指令、提示词和聊天模式,方便定制 GitHub Copilot 的 AI 回复。我们原本预计每周也许只有一条社区贡献,但结果完全不是这样,大家热情地参与了进来。现在它又多了网站、学习中心和插件。
Back in July, we launched the Awesome GitHub Copilot Customizations repo with a simple goal: give the community a place to share custom instructions, prompts, and chat modes to customize the AI responses from GitHub Copilot. We were hoping for maybe one community contribution per week. That… did not happen. Instead, you all showed up. […] The post Awesome GitHub Copilot just got a website, and a learning hub, and plugins! appeared first on Microsoft for Developers.
发布日期:2026-03-16 · 来源:Microsoft DevBlogs
Published: 2026-03-16 · Source: Microsoft DevBlogs
AIAI
2026 年 2 月和 1 月的发布专题、OpenRouter 在 2 月 17 日和 19 日的故障回顾、可蒸馏模型与合成数据流水线等内容都被整理在一起,作为 Auto Exacto 的背景说明。
February Release SpotlightFebruary 23, 2026OpenRouter Outages on February 17 and 19, 2026February 20, 2026January Release SpotlightJanuary 9, 2026Distillable Models and Synthetic Data Pipelines with NeMo Data DesignerDecember 24, 2025Decem…
发布日期:2026-03-12 · 来源:OpenRouter
Published: 2026-03-12 · Source: OpenRouter
AIAI