chore(deps): bump the workerd-and-workers-types group with 2 updates

[dependabot]

Bumps the workerd-and-workers-types group with 2 updates: workerd and @cloudflare/workers-types.

Updates workerd from 1.20251217.0 to 1.20251219.0

Release notes

Sourced from workerd's releases.

v1.20251219.0

What's Changed

• Fix JSRPC Return event timing to fire when handler returns by @​danlapid in cloudflare/workerd#5721
• [build] 12-17-25 Update bzlmod deps by @​fhanau in cloudflare/workerd#5722
• deflake container tests by @​anonrig in cloudflare/workerd#5720
• Fix Body::text() and Body::json() to handle BOMs by @​anonrig in cloudflare/workerd#5621
• handle different builtin types in rust jsg registry by @​anonrig in cloudflare/workerd#5719
• Suppress WorkerTracer warning for duplicate alarm requests by @​mar-cf in cloudflare/workerd#5685

Full Changelog: cloudflare/workerd@v1.20251218.0...v1.20251219.0

v1.20251218.0

What's Changed

• disable info level logging in perfetto by @​dcarney-cf in cloudflare/workerd#5714
• throw when using a shared backing store for ArrayBuffer construction by @​dcarney-cf in cloudflare/workerd#5715
• Deduplicate some minor streams backpressure calculations by @​jasnell in cloudflare/workerd#5716
• [NFC] Let's all thank claude for helping complete the jsg docs by @​jasnell in cloudflare/workerd#5700
• Refine fetch iterable type support to better handle edge cases by @​jasnell in cloudflare/workerd#5711
• handle invalid utf-16 surrogates on TextDecoder by @​anonrig in cloudflare/workerd#5673
• Copy featureFlagsForFl rather than pass by reference by @​danlapid in cloudflare/workerd#5712
• Make update-deps.py generate bzlmod-compatible output by @​npaun in cloudflare/workerd#5691

New Contributors

• @​dcarney-cf made their first contribution in cloudflare/workerd#5714

Full Changelog: cloudflare/workerd@v1.20251217.0...v1.20251218.0

Commits

• 7a405cc Release 2025-12-19
• 117eda7 Merge pull request #5685 from cloudflare/mar/stw-alarm
• ec2f9b1 handle todo in rust jsg registry
• d6a2740 Fix Body::text() and Body::json() to handle BOMs (#5621)
• d3ade51 Suppress WorkerTracer warning for duplicate alarm requests
• 7b5d410 deflake container tests
• ca8b383 [build] 12-17-25 Update bzlmod deps
• f4e24b0 Merge pull request #5721 from cloudflare/dlapid/fix_jsrpc_return_event
• 3d282f4 Release 2025-12-18
• 2fbab14 Make update-deps.py generate bzlmod-compatible output (#5691)
• Additional commits viewable in compare view

Updates @cloudflare/workers-types from 4.20251217.0 to 4.20251219.0

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot]

🦋 Changeset detected

Latest commit: fb50e25

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[claude]

Claude finished @dependabot[bot]'s task —— View job

---

Changeset Review Complete

⚠️ Issues found

The changeset .changeset/dependabot-update-11714.md has the following issues:

1. Incomplete Package Coverage: The changeset only includes miniflare as a patch, but according to the PR description and changed files, both miniflare AND wrangler have their workerd dependency updated (from 1.20251217.0 to 1.20251219.0). The changeset should include both packages:

---
"miniflare": patch
"wrangler": patch
---

2. Missing @cloudflare/workers-types: The PR description mentions that @cloudflare/workers-types was also updated from 4.20251217.0 to 4.20251219.0, but this is not reflected in the changeset description. While this might be in the catalog (pnpm-workspace.yaml), if it affects user-facing packages, it should be mentioned.

3. Formatting: The changeset uses a markdown table which is fine, but it only lists workerd. If both packages are being updated, the description should reflect all dependency changes accurately.

Recommendations:

• Add "wrangler": patch to the frontmatter
• Update the table to show that both miniflare and wrangler are affected
• Consider mentioning the workers-types update if it's user-facing

Positive aspects:

• ✅ Correct version type (patch) for dependency updates
• ✅ No forbidden h1/h2/h3 headers
• ✅ Clear description of what's being updated

---

Image Report: This appears to be a small orange/coral colored dot. Not a cute animal, but it's trying its best. Would give it a 7/10 for geometric perfection.

[pkg-pr-new]

create-cloudflare

npm i https://pkg.pr.new/create-cloudflare@11714

@cloudflare/kv-asset-handler

npm i https://pkg.pr.new/@cloudflare/kv-asset-handler@11714

miniflare

npm i https://pkg.pr.new/miniflare@11714

@cloudflare/pages-shared

npm i https://pkg.pr.new/@cloudflare/pages-shared@11714

@cloudflare/unenv-preset

npm i https://pkg.pr.new/@cloudflare/unenv-preset@11714

@cloudflare/vite-plugin

npm i https://pkg.pr.new/@cloudflare/vite-plugin@11714

@cloudflare/vitest-pool-workers

npm i https://pkg.pr.new/@cloudflare/vitest-pool-workers@11714

@cloudflare/workers-editor-shared

npm i https://pkg.pr.new/@cloudflare/workers-editor-shared@11714

@cloudflare/workers-utils

npm i https://pkg.pr.new/@cloudflare/workers-utils@11714

wrangler

npm i https://pkg.pr.new/wrangler@11714

commit: fb50e25