Skip to content

fix: pass auth profiles to vite#14588

Draft
emily-shen wants to merge 1 commit into
mainfrom
emily/fix-vite-profiles
Draft

fix: pass auth profiles to vite#14588
emily-shen wants to merge 1 commit into
mainfrom
emily/fix-vite-profiles

Conversation

@emily-shen

Copy link
Copy Markdown
Contributor

Fixes #14580


  • Tests
    • Tests included/updated
    • Automated tests not possible - manual testing has been completed as follows:
    • Additional testing not necessary because:
  • Public documentation
    • Cloudflare docs PR(s):
    • Documentation not necessary because:

A picture of a cute animal (not mandatory, but encouraged)

@changeset-bot

changeset-bot Bot commented Jul 7, 2026

Copy link
Copy Markdown

🦋 Changeset detected

Latest commit: 7400be0

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages
Name Type
wrangler Patch
@cloudflare/vite-plugin Patch
@cloudflare/vitest-pool-workers Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@ask-bonk ask-bonk Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm Bonk, and I've done a quick review of your PR.

Summary: adds an import-time initProfileResolution() in the public API barrel that resolves the auth profile from directory bindings against process.cwd() and calls setProfile, so the Vite plugin picks up directory-activated profiles.

Ranked issues:

  1. (High) Profile is resolved against process.cwd(), but the CLI resolves against the config file's directory. This means the fix silently does nothing when Vite is run from a directory other than the one containing wrangler.jsonc (monorepo root, subdir, custom --config). The directory binding created by wrangler auth activate is keyed on the config/project dir, so a process.cwd() lookup will miss it and fall back to default — reproducing the original bug. See detail on the inline comment.

  2. (Medium) Import-time global side effect for all consumers. This runs for every importer of wrangler / wrangler/api (including the unstable_dev test harness), doing a filesystem read of directory-bindings.json and mutating the global OAuth singleton via setProfile merely as a side effect of import. That's a behavior change beyond the Vite plugin; worth confirming it doesn't surprise unstable_dev users or interfere with tests.

  3. (Medium) The doc comment says "the CLI's yargs handler will override this later with the explicit --profile flag". That's true for the CLI, but the Vite plugin — the actual consumer being fixed — has no yargs handler and no way to pass --profile, so directory-binding resolution at process.cwd() is the only path. The comment is misleading about how Vite obtains an explicit profile.

  4. (Low) No changeset and no tests for a user-facing behavior change to a published package. changeset-bot already flagged the missing changeset; per repo conventions this needs a patch changeset for wrangler (and ideally a test asserting the Vite/library path respects an activated profile).

* override this later with the explicit `--profile` flag if one was provided.
*/
export function initProfileResolution(): void {
const profile = createWranglerProfileStore().resolve({

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

resolve uses process.cwd(), but the CLI handler resolves the profile against the config file's directory (register-yargs-command.ts:154-160):

const cwd = firstConfigPath ? path.dirname(path.resolve(firstConfigPath)) : process.cwd();
const profile = createWranglerProfileStore().resolve({ profile: args.profile, cwd });

Directory bindings from wrangler auth activate are keyed on the project/config directory. If Vite is launched from anywhere other than that directory (monorepo root, a subdir, or with a configPath pointing elsewhere), this lookup misses the binding and falls back to "default" — i.e. the original bug (#14580) still reproduces in those layouts.

Because this runs at import time it can't know the eventual configPath. Consider resolving lazily from the Vite plugin once configPath is known (the plugin already has it in plugin-config.ts) rather than a blanket process.cwd() resolution here — e.g. export a setter/resolver the plugin calls with path.dirname(configPath). At minimum, please confirm the intended behavior when cwd !== dirname(configPath).

@ask-bonk

ask-bonk Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Review posted successfully to PR #14588.

I reviewed the PR, which adds an import-time initProfileResolution() to the wrangler public API barrel to make the Vite plugin respect directory-activated auth profiles. I flagged 4 issues, ranked by severity:

  1. (High) Resolving against process.cwd() instead of the config file's directory (as the CLI does) means the fix silently fails when Vite runs from a different directory than the wrangler config — reproducing the original bug. Included an inline suggestion to resolve lazily from the plugin using dirname(configPath).
  2. (Medium) Import-time global side effect affects all consumers (including unstable_dev), doing filesystem reads and mutating the OAuth singleton on mere import.
  3. (Medium) The doc comment about the yargs handler "overriding later" is misleading for the Vite consumer, which has no yargs handler.
  4. (Low) Missing changeset and tests for a user-facing behavior change.

github run

@pkg-pr-new

pkg-pr-new Bot commented Jul 7, 2026

Copy link
Copy Markdown
@cloudflare/autoconfig

npm i https://pkg.pr.new/@cloudflare/autoconfig@14588

create-cloudflare

npm i https://pkg.pr.new/create-cloudflare@14588

@cloudflare/deploy-helpers

npm i https://pkg.pr.new/@cloudflare/deploy-helpers@14588

@cloudflare/kv-asset-handler

npm i https://pkg.pr.new/@cloudflare/kv-asset-handler@14588

miniflare

npm i https://pkg.pr.new/miniflare@14588

@cloudflare/pages-shared

npm i https://pkg.pr.new/@cloudflare/pages-shared@14588

@cloudflare/unenv-preset

npm i https://pkg.pr.new/@cloudflare/unenv-preset@14588

@cloudflare/vite-plugin

npm i https://pkg.pr.new/@cloudflare/vite-plugin@14588

@cloudflare/vitest-pool-workers

npm i https://pkg.pr.new/@cloudflare/vitest-pool-workers@14588

@cloudflare/workers-auth

npm i https://pkg.pr.new/@cloudflare/workers-auth@14588

@cloudflare/workers-editor-shared

npm i https://pkg.pr.new/@cloudflare/workers-editor-shared@14588

@cloudflare/workers-utils

npm i https://pkg.pr.new/@cloudflare/workers-utils@14588

wrangler

npm i https://pkg.pr.new/wrangler@14588

commit: 7400be0

@emily-shen emily-shen force-pushed the emily/fix-vite-profiles branch from bb98bf0 to 8e9a085 Compare July 8, 2026 15:23
@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

✅ All changesets look good

@emily-shen emily-shen force-pushed the emily/fix-vite-profiles branch from 8e9a085 to 7400be0 Compare July 8, 2026 16:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: Untriaged

Development

Successfully merging this pull request may close these issues.

bug: @cloudflare/vite-plugin ignores active wrangler auth profiles and defaults to default.toml

2 participants