v3.5.2 - Dependency updates and React strict mode stabilization

v3.5.2

Highlights

• Dependency Maintenance: Updated multiple core packages including React, TypeScript, Vite, and ESLint to their latest versions.
• Security Validation: Pinned tar to 7.5.13 in both npm overrides and Dockerfile to address upstream vulnerabilities.
• Production Stability: Resolved React hook linting violations (react-hooks/set-state-in-effect) by batching state updates in queueMicrotask, preventing React Compiler memoization errors and ensuring stable dashboard rendering.

Changed

• Bumped various npm dependencies including react, lucide-react, vite, typescript, eslint, and wrangler.
• Pinned tar to 7.5.13 in package.json overrides and Dockerfile to align with the latest version.

Fixed

• Remediated multiple react-hooks/set-state-in-effect violations across dashboard components and hooks by wrapping setState calls in queueMicrotask to avoid synchronous re-renders and React Compiler memoization errors.
• Removed unnecessary type assertions in webhookApi.ts to satisfy @typescript-eslint/no-unnecessary-type-assertion.

---

Compare: v3.5.1...v3.5.2

Installation

docker pull writenotenow/r2-bucket-manager:3.5.2

v3.5.1 - Fix layout-agnostic patching and dependencies

Highlights

• Fixed high-severity vulnerabilities in transitive dependencies mapping (picomatch, flatted) without changing lockfile constraints.
• Optimized frontend and worker development dependencies (esbuild, lucide-react, typescript, @cloudflare/workers-types).
• Eliminated zero-step sequence hang issues in brace-expansion.

Security

• Added Dockerfile layout-agnostic patching for picomatch to fix Method Injection vulnerability
• Pinned flatted transitive dependency to fix Prototype Pollution vulnerability
• Updated brace-expansion override to address zero-step sequence hang issue

Changed

• Bumped esbuild to 0.28.0
• Bumped lucide-react to 1.7.0
• Bumped typescript to 6.0.2
• Bumped @cloudflare/workers-types to 4.20260405.1
• Various minor and patch dependency updates via npm update

---

Compare: v3.5.0...v3.5.1

v3.5.0 - Dependency refresh and LightningCSS migration

Highlights

• LightningCSS Migration: Switched Vite's CSS transformer to lightningcss, drastically reducing build times from 29s to 1.9s.
• Dependency Refresh: Synchronized the ecosystem bumping workers-types, vite, wrangler, and esbuild to lock in bug fixes and better types.
• Security Hotfix: Addressed vulnerabilities in undici by explicitly pinning the patched version.

Security

• Fixed multiple high severity vulnerabilities in undici by pinning exact patched version 7.24.4 via package.json overrides.

Performance

• Migrated CSS transformer and minifier to lightningcss in Vite 8, accelerating application compile time from 29 seconds to 1.9 seconds.

Changed

Dependency Updates

• Bumped @cloudflare/workers-types to 4.20260316.1
• Bumped @types/node to 25.5.0
• Bumped @vitejs/plugin-react to 6.0.1
• Bumped esbuild to 0.27.4
• Bumped vite to 8.0.0
• Bumped wrangler to 4.74.0
• Added lightningcss to devDependencies for optimized build speeds

---

Full Changelog: v3.4.4...v3.5.0

v3.4.4 - Dependency Updates and Security Patches

🎉 R2 Bucket Manager v3.4.4 - Patch Release

This patch release updates npm dependencies, patches a tar security vulnerability, and bumps Docker GitHub Actions to their latest major versions.

Changed

• Dependency Updates: @cloudflare/workers-types, @types/node, jose, typescript-eslint, wrangler
• Security Patches: tar override 7.5.10 → 7.5.11 (npm + Docker layers)
• GitHub Actions: docker/setup-buildx-action (v3 → v4), docker/login-action (v3 → v4), docker/metadata-action (v5 → v6), docker/build-push-action (v6 → v7)

---

Comparison

Compare v3.4.3 to v3.4.4

v3.4.3 - Patch Release

🎉 R2 Bucket Manager v3.4.3 - Patch Release

This patch release fixes a CI/CD workflow bug that prevented Docker deployments from updating the Docker Hub README on successful tag pushes.

CI/CD

• Docker Publishing - Fixed conditionals in docker-publish.yml that prevented the Docker Hub README and Deployment Summary steps from executing on tag pushes

---

Comparison

Compare v3.4.2 to v3.4.3

v3.4.2 - Dependency updates and security patches

🎉 R2 Bucket Manager v3.4.2 - Patch Release

This patch release delivers dependency updates and security fixes for the R2 Bucket Manager.

Security

• tar CVE Fix - Updated tar override from 7.5.8 to 7.5.10 to fix reported vulnerabilities
• GitHub Actions - Bumped actions/upload-artifact from v6 to v7 and actions/download-artifact from v7 to v8

Changed

• Dependency Updates - Updated npm dependencies to latest versions
  • @cloudflare/workers-types: 4.20260305.0 → 4.20260307.1
  • @types/node: 25.3.3 → 25.3.5
  • brace-expansion: 5.0.3 → 5.0.4
  • caniuse-lite: 1.0.30001774 → 1.0.30001775
  • eslint: 10.0.2 → 10.0.3
  • jose: 6.1.3 → 6.2.0
  • lucide-react: 0.575.0 → 0.577.0
  • wrangler: 4.69.0 → 4.71.0

---

Comparison

Compare v3.4.1 to v3.4.2

v3.4.1 - ESLint 10, Accessibility, Rate Limits, Dependencies, Security

🎉 R2 Bucket Manager v3.4.1 - Patch Release

Release Date: March 1, 2026
Status: ✅ Production Ready

This patch release delivers ESLint 10 migration, accessibility fixes, relaxed API rate limits, dependency updates, and security fixes for the R2 Bucket Manager.

---

🐛 Fixed

Local Uploads Accessibility

Fixed "No label associated with a form field" violation in the LocalUploadsToggle component.

• Changed <label> to <span> since the toggle button already carries a descriptive aria-label
• Resolves 5 accessibility violations (one per rendered bucket)

ESLint 10 Code Quality Fixes

Resolved 9 new violations surfaced by ESLint 10:

• Fixed 5 no-useless-assignment violations in JobHistoryDialog.tsx, api.ts, worker/index.ts, and worker/routes/files.ts
• Fixed 4 preserve-caught-error violations in api.ts by attaching { cause: error } to re-thrown errors
• Suppressed 6 no-deprecated violations for autorag → aiSearch API migration (tracked as TODO)

---

🔄 Changed

Relaxed API Rate Limits

Doubled all rate limit tiers to reduce 429 errors during normal usage:

Tier	Previous	New
READ	300/min	600/min
WRITE	100/min	200/min
DELETE	30/min	60/min

ESLint 10 Migration

Upgraded linting toolchain to ESLint 10 with strict checking:

• eslint: 9.39.2 → 10.0.1
• @eslint/js: 9.39.2 → 10.0.1
• tsconfig.app.json target and lib: ES2020 → ES2022 (enables Error cause option)
• Removed brace-expansion override (incompatible with ESLint 10's minimatch 10.x)
• Added eslint-plugin-react-hooks peer dependency override for ESLint 10
• Added @typescript-eslint/typescript-estree → minimatch override (^10.2.1)

Dependency Updates

Package	Previous	New	Note
@cloudflare/workers-types	4.20260212.0	4.20260305.0
@types/node	25.2.3	25.3.3
eslint	10.0.1	10.0.2
eslint-plugin-react-refresh	0.5.0	0.5.2
globals	17.3.0	17.4.0
lucide-react	0.563.0	0.575.0
typescript-eslint	8.55.0	8.56.1
wrangler	4.65.0	4.69.0
react-dropzone	14.4.1	15.0.0	Major; no breaking impact [1]

[1] The only breaking change in react-dropzone 15.0.0 is isDragReject behavior, which this project does not use.

---

🛡️ Security

tar CVE Fix

• Updated tar override from 7.5.7 → 7.5.8 to address CVE-2026-26960

minimatch ReDoS

• Updated override from ^10.2.1 → ^10.2.4 and promoted to top-level override
• Fixes GHSA-7r86-cg39-jmmj and GHSA-23c5-xmqv-rm74

CodeQL Workflow

• Removed deprecated fail-on: error and wait-for-processing inputs from codeql.yml

Docker minimatch CVE

• Patched npm CLI's bundled minimatch 10.2.2 → 10.2.4 in Dockerfile
• Fixes CVE-2026-27904 (HIGH 7.5) and CVE-2026-27903 (HIGH 7.5) — Inefficient Regular Expression / Algorithmic Complexity

---

📦 CI/CD

Removed Dependabot Auto-Merge Workflow

• Deleted dependabot-auto-merge.yml to prevent automatic merging of dependency PRs
• Dependabot will still open PRs for visibility into available updates
• Dependencies are now updated manually in batched local sessions to avoid unnecessary Docker deployments

---

🛠️ Technical Details

Code Quality Metrics

• ✅ TypeScript: Clean compilation with strict mode
• ✅ ESLint 10: 0 errors
• ✅ Prettier: Fully formatted
• ✅ npm audit: 0 vulnerabilities

---

📦 Downloads

• Source Code (zip): Download
• Source Code (tar.gz): Download
• Docker Image: docker pull writenotenow/r2-bucket-manager:v3.4.1

---

🚀 Upgrade Instructions

From v3.4.0 to v3.4.1

1. Pull the latest code:

   git pull origin main

2. Update dependencies:

   npm install

3. Rebuild and deploy:

   npm run build
   npx wrangler deploy

No database migrations required for this release.

---

🔗 Links

• Live Demo: https://r2.adamic.tech/
• GitHub Repository: https://github.com/neverinfamous/R2-Manager-Worker
• Docker Hub: https://hub.docker.com/r/writenotenow/r2-bucket-manager
• GitHub Wiki: https://github.com/neverinfamous/R2-Manager-Worker/wiki
• CHANGELOG: View Full Changelog

---

🔜 What's Next?

Looking ahead to future releases:

Planned Features

• File Versioning - Track and restore previous file versions
• Advanced Webhooks - Custom headers, retry logic, and delivery logs
• Offline Upload Queue - Resumable uploads with service workers

See the full Roadmap for details.

---

🐛 Known Issues

None reported at this time.

If you encounter any issues, please open an issue on GitHub with:

• Version number (3.4.1)
• Browser and OS
• Steps to reproduce
• Expected vs actual behavior

---

Made with ❤️ for the Cloudflare community

v3.4.0 - Local Uploads, Node.js 24 LTS

🎉 R2 Bucket Manager v3.4.0 - Minor Release

Release Date: February 11, 2026
Status: ✅ Production Ready

This minor release introduces Local Uploads (BETA) for up to 75% faster upload performance, upgrades to the Node.js 24 LTS baseline, fixes lifecycle rules displaying incorrect day values, resolves React 19 deprecation warnings, and remediates all ESLint disable suppressions across the codebase.

---

✨ What's New

⚡ Local Uploads Toggle (BETA)

Enable per-bucket local uploads for dramatically faster upload performance by writing data to storage near the client.

• Up to 75% reduction in upload latency
• Inline toggle in both list and grid bucket views
• Optimistic UI with loading and error states
• Mock data support for local development

New API Endpoints

Endpoint	Method	Description
/api/local-uploads/:bucketName	GET	Get local uploads status for a bucket
/api/local-uploads/:bucketName	PUT	Enable or disable local uploads

New Types

• LocalUploadsStatus, LocalUploadsResponse

New API Methods

• getLocalUploadsStatus(), setLocalUploadsStatus()

---

🔄 Changed

Node.js 24 LTS Baseline

Upgraded from Node 20 to Node 24 LTS across all configurations.

• Dockerfile already using node:24-alpine for both builder and runtime stages
• GitHub Actions workflows updated to use Node 24.x as primary version
• package.json now includes engines field requiring Node.js >=24.0.0
• README prerequisites updated to specify Node.js 24+ (LTS)
• DOCKER_README updated to reflect Node 24-alpine base image

Dependency Updates

Package	Previous	New	Note
@babel/core	7.28.6	7.29.0
@cloudflare/workers-types	4.20260127.0	4.20260210.0
@types/node	25.0.10	25.2.3
@types/react	19.2.10	19.2.14
@vitejs/plugin-react	5.1.2	5.1.4
esbuild	0.27.2	0.27.3
eslint-plugin-react-refresh	0.4.26	0.5.0	Major update
globals	17.1.0	17.3.0
react-dropzone	14.3.8	14.4.1
typescript-eslint	8.54.0	8.55.0
wrangler	4.61.0	4.64.0

---

🛡️ Security

tar Package Security

Updated tar override to 7.5.4 to fix HIGH severity CVEs:

• CVE-2026-23745 (HIGH 8.2) - Path Traversal via hardlink/symlink escape
• CVE-2026-23950 (HIGH 8.8) - Unicode handling race condition on macOS APFS

Docker Security

Documented 3 curl CVEs as accepted upstream risks:

• CVE-2025-14819 (MEDIUM 5.3) - Fix 8.18.0-r0 not yet in Alpine repos
• CVE-2025-14524 (MEDIUM 5.3) - Fix 8.18.0-r0 not yet in Alpine repos
• CVE-2025-14017 (N/A) - Fix 8.18.0-r0 not yet in Alpine repos
• Will upgrade when Alpine publishes patched packages

---

🐛 Fixed

Lifecycle Rules Display

Fixed lifecycle rules showing incorrect day values (e.g., 86,400 days instead of 1 day).

• CreateLifecycleRuleModal.tsx incorrectly converted days to seconds (days * 86400) before setting maxAge
• Cloudflare R2 lifecycle API maxAge is already in days, not seconds
• Affects both Expiration (Delete) and Transition to Infrequent Access rule types

React 19 Compatibility

Resolved deprecated FormEvent usage across the codebase.

• Replaced deprecated React.FormEvent with inline type { preventDefault(): void } in form handlers
• Fixed in app.tsx, AISearchQuery.tsx, CreateLifecycleRuleModal.tsx, S3CredentialsForm.tsx
• Removed unused eslint-disable directives in filegrid.tsx
• Added missing sortedFilesRef to useCallback dependency arrays

ESLint Disable Remediation

Properly fixed all eslint-disable suppressions across the codebase:

File	Fix Applied
JobHistory.tsx	Refactored to use separate fetchJobs callback with proper dependencies
JobHistoryDialog.tsx	Wrapped loadEvents in useCallback with proper dependencies
ThemeContext.tsx	Split context into theme-context-value.ts for react-refresh compliance
useFileFilters.ts	Replaced useEffect + setState with useMemo for availableExtensions
api.ts	Extracted file validation regex to documented top-level constant
logger.ts	Consolidated 8 individual eslint-disable-next-line into single scoped block
filegrid.tsx	Captured ref values at effect start for cleanup function pattern

---

📖 Documentation

• Added Local Uploads wiki page
• Updated Sidebar and Home with Local Uploads feature link

---

🛠️ Technical Details

Code Quality Metrics

• ✅ TypeScript: Clean compilation with strict mode
• ✅ ESLint: 0 errors, 0 suppressions
• ✅ Prettier: Fully formatted
• ✅ Zero eslint-disable directives remaining in codebase

---

📦 Downloads

• Source Code (zip): Download
• Source Code (tar.gz): Download
• Docker Image: docker pull writenotenow/r2-bucket-manager:v3.4.0

---

🚀 Upgrade Instructions

From v3.3.0 to v3.4.0

⚠️ Node.js 24 Required: This release requires Node.js 24+ (LTS). Please upgrade your Node.js installation before proceeding.

1. Update Node.js to 24 LTS:

   # Verify your Node.js version
   node --version  # Must be v24.x.x or higher

2. Pull the latest code:

   git pull origin main

3. Update dependencies:

   npm install

4. Rebuild and deploy:

   npm run build
   npx wrangler deploy

No database migrations required for this release.

---

🔗 Links

• Live Demo: https://r2.adamic.tech/
• GitHub Repository: https://github.com/neverinfamous/R2-Manager-Worker
• Docker Hub: https://hub.docker.com/r/writenotenow/r2-bucket-manager
• GitHub Wiki: https://github.com/neverinfamous/R2-Manager-Worker/wiki
• CHANGELOG: View Full Changelog

---

🔜 What's Next?

Looking ahead to future releases:

Planned Features

• File Versioning - Track and restore previous file versions
• Advanced Webhooks - Custom headers, retry logic, and delivery logs
• Offline Upload Queue - Resumable uploads with service workers

See the full Roadmap for details.

---

🐛 Known Issues

None reported at this time.

If you encounter any issues, please open an issue on GitHub with:

• Version number (3.4.0)
• Browser and OS
• Steps to reproduce
• Expected vs actual behavior

---

🎬 Breaking Changes

Node.js Version Requirement

This release requires Node.js 24+ (LTS). Users on Node.js 20 or earlier must upgrade before building or deploying. The Docker image is unaffected as it ships with Node 24-alpine.

---

Made with ❤️ for the Cloudflare community

v3.3.0 - Object Lifecycle Management

🎉 R2 Bucket Manager v3.3.0 - Minor Release

Release Date: January 14, 2026
Status: ✅ Production Ready

This minor release introduces Object Lifecycle Management, enabling automated object expiration and transition to Infrequent Access storage. It also includes dependency updates and CI/CD improvements.

---

✨ What's New

🔄 Object Lifecycle Management

Automate your R2 storage lifecycle with powerful rule-based management.

• Expiration Rules - Automatically delete objects after a specified number of days
• Transition Rules - Move objects to Infrequent Access storage for 33% cost savings
• Prefix Filtering - Target specific objects by path prefix (e.g., logs/, temp/)
• Enable/Disable Toggle - Temporarily disable rules without deleting them
• Lifecycle Panel - New bucket-level panel accessible from list and grid views

New API Endpoints

Endpoint	Method	Description
/api/lifecycle/:bucketName	GET	Retrieve lifecycle rules for a bucket
/api/lifecycle/:bucketName	PUT	Set lifecycle rules (replaces all rules)

New Components

• LifecycleRulesPanel.tsx - View, toggle, and delete lifecycle rules
• CreateLifecycleRuleModal.tsx - Create expiration or transition rules
• lifecycle.css - Styling matching the app design system

New Types

• LifecycleRule, LifecycleTransitionCondition, ObjectTransition
• StorageClassTransition, LifecycleRuleConditions, LifecycleConfiguration

---

🔄 Changed

CI/CD Improvements

Modernized GitHub Actions workflows to match the d1/do/kv-manager fleet pattern.

• docker-publish.yml - Migrated from single-job to 5-job architecture
  • lint → codeql → build-platform → security-scan → merge-and-push
• Native ARM builds via ubuntu-24.04-arm runner (replaces slow QEMU emulation)
• Lint and CodeQL gates block Docker builds on failure
• Docker Scout security scanning with SARIF upload to GitHub Security
• codeql.yml - Added fail-on: error to block builds on security vulnerabilities
• Consolidated workflows - Removed standalone deploy.yml

Dependency Updates

Package	Previous	New
@cloudflare/workers-types	4.20260109.0	4.20260114.0
@types/node	25.0.3	25.0.8
@types/react	19.2.7	19.2.8
@babel/core	7.28.5	7.28.6
baseline-browser-mapping	2.9.11	2.9.14
caniuse-lite	1.0.30001762	1.0.30001764
rollup	4.54.0	4.55.1
typescript-eslint	8.51.0	8.53.0
vite	7.3.0	7.3.1
wrangler	4.56.0	4.59.1

---

🐛 Fixed

CodeQL Alerts

Resolved 4 code scanning issues:

• Removed redundant null check on narrowed variable in files.ts
• Removed unused variable url in src/worker.js
• Removed useless hasMore = false assignments before break in folders.ts
• Removed always-true conditional userEmail ?? undefined in index.ts

---

📖 Documentation

• Added Object Lifecycles wiki page
• Updated Sidebar and Home with Object Lifecycle Management feature link

---

🛠️ Technical Details

Cloudflare API Integration

The lifecycle feature integrates with the Cloudflare R2 REST API:

• Read-Modify-Write Pattern - Fetches existing rules before adding new ones
• API Format - Uses maxAge in seconds with required conditions field
• Types - deleteObjectsTransition, storageClassTransitions, abortMultipartUploadsTransition

Code Quality Metrics

• ✅ TypeScript: Clean compilation with strict mode
• ✅ ESLint: 0 errors
• ✅ Browser Testing: Verified in Chrome/Edge

---

📦 Downloads

• Source Code (zip): Download
• Source Code (tar.gz): Download
• Docker Image: docker pull writenotenow/r2-bucket-manager:v3.3.0

---

🚀 Upgrade Instructions

From v3.2.0 to v3.3.0

1. Pull the latest code:

   git pull origin main

2. Update dependencies:

   npm install

3. Rebuild and deploy:

   npm run build
   npx wrangler deploy

No database migrations required for this release.

---

🔗 Links

• Live Demo: https://r2.adamic.tech/
• GitHub Repository: https://github.com/neverinfamous/R2-Manager-Worker
• Docker Hub: https://hub.docker.com/r/writenotenow/r2-bucket-manager
• GitHub Wiki: https://github.com/neverinfamous/R2-Manager-Worker/wiki
• CHANGELOG: View Full Changelog

---

🔜 What's Next?

Looking ahead to v3.4.0 and beyond:

Planned Features

• File Versioning - Track and restore previous file versions
• Advanced Webhooks - Custom headers, retry logic, and delivery logs
• Offline Upload Queue - Resumable uploads with service workers

See the full Roadmap for details.

---

🐛 Known Issues

None reported at this time.

If you encounter any issues, please open an issue on GitHub with:

• Version number (3.3.0)
• Browser and OS
• Steps to reproduce
• Expected vs actual behavior

---

🎬 Breaking Changes

No breaking changes in this release. All v3.2.0 functionality remains intact.

---

🛡️ Security

No security changes in this release. All security features from v3.2.0 remain active.

---

Made with ❤️ for the Cloudflare community

v3.2.0 - Metrics Storage Tab, Health Dashboard, Expanded Webhooks

🎉 R2 Bucket Manager v3.2.0 - Minor Release

Release Date: January 9, 2026
Status: ✅ Production Ready

This minor release brings Metrics Storage Tab, Health Dashboard, Expanded Webhook Events, AI Search Improvements, and significant Developer Experience enhancements to the R2 Bucket Manager. Version 3.2.0 adds powerful monitoring, operational visibility, and streamlined local development.

---

✨ What's New

📊 Metrics Dashboard Storage Tab

Dedicated storage trend visualization with comprehensive bucket analytics.

• New "Storage" Tab - View storage and object count trends over time
• Storage Distribution Chart - Visualize storage allocation by bucket
• Storage Details Table - Per-bucket breakdown with percentages
• Bucket Filtering - Filter metrics by specific bucket using dropdown selector
• API Support - New bucketName query parameter for filtered metrics

---

🏥 Health Dashboard

New tab providing at-a-glance operational status and system health monitoring.

• System Health Score - 0-100 score based on job failures, webhook config, and organization
• Summary Cards - Quick view of buckets, operations, webhooks, and recent jobs
• Failed Jobs Alert - Expandable details for failed job investigation
• Low Activity Detection - Identifies buckets with 7+ days without activity
• Organization Status - Displays color/tag coverage across buckets
• 2-Minute Caching - Optimized performance with smart caching
• New Backend Route - GET /api/health

---

🤖 AI Search Instance Status

Real-time visibility into AI Search indexing jobs.

• Instance Cards - Now display last sync time and files indexed count
• Parallel Loading - Status data fetched in parallel for fast loading
• New Backend Endpoint - GET /api/ai-search/instances/:name/status
• Job History - Returns up to 10 recent indexing jobs per instance

---

📁 Dynamic File Type Detection

Always up-to-date supported file types for AI Search compatibility.

• New Backend Endpoint - GET /api/ai-search/supported-types
• Live API Integration - Dynamically fetches types from Cloudflare toMarkdown() API
• Smart Caching - 5-minute cache with fallback to hardcoded list
• Extended Formats - Includes .pdf, .docx, .odt, .jpeg and more

---

🪝 Expanded Webhook Events

6 new granular event types for comprehensive R2 operation tracking.

Event	Description
file_move	Track file transfer operations
file_copy	Monitor file duplication
file_rename	Capture file rename events
folder_create	Monitor folder creation
folder_delete	Track folder removal
bucket_rename	Capture bucket rename operations

• Total Events - Increased from 7 to 15 webhook event types
• Future Events - Helper payloads for bulk_download_complete, s3_import_complete

---

⚡ Auto-Detect Dev/Prod API Endpoint

Simplified local development workflow with automatic environment detection.

• New .env.development - Automatic API URL switching for development
• Vite Integration - Auto-loads development config during npm run dev
• Zero Configuration - No manual commenting/uncommenting of VITE_WORKER_API

---

🐛 Fixed

Local Development Environment

Fixed issues preventing local development from working (#149).

• URL Signing Key Fallback - Auto-generates random signing key when URL_SIGNING_KEY not configured
• Metrics API - Updated to use VITE_WORKER_API for cross-port requests
• Webhooks API - Updated to use VITE_WORKER_API for cross-port requests
• Vite Compatibility - Replaced process.env.NODE_ENV with import.meta.env.DEV

Thanks to @denzyve for identifying these issues in PR #150.

AI Search Fixes

• Instance Listing - Fixed instances not appearing (corrected API response parsing)
• Sync Operations - Fixed "Route not found" error (changed POST to PATCH)
• Query Results - Fixed empty results (added response transformation)
• Instance Status - Fixed "Last sync" time not displaying (corrected field mappings)

Docker Scout Security Scan

• Fixed vulnerability check incorrectly blocking builds
• Grep pattern now correctly parses CRITICAL/HIGH counts
• MEDIUM/LOW vulnerabilities no longer falsely trigger failures

---

🔄 Changed

Increased API Rate Limits

Prevents 429 errors during rapid UI navigation.

Tier	Previous	New
READ	100/min	300/min
WRITE	30/min	100/min
DELETE	10/min	30/min

Support Email in Error Messages

All API error responses now include support contact.

• New Utility - Centralized createErrorResponse in worker/utils/error-response.ts
• Automatic Inclusion - Support email (admin@adamic.tech) for all 4xx/5xx errors
• Consistent Format - { error, support?, code?, details? }
• 70+ Locations - Updated across 8 route files

Dependency Updates

Package	Previous	New
@cloudflare/workers-types	4.20251213.0	4.20260109.0
@types/node	25.0.2	25.0.3
esbuild	0.27.1	0.27.2
eslint-plugin-react-refresh	0.4.25	0.4.26
globals	16.5.0	17.0.0
lucide-react	0.561.0	0.562.0
typescript-eslint	8.49.0	8.52.0
vite	7.3.0	7.3.1
wrangler	4.55.0	4.58.0

---

📖 Documentation

• Added Upgrade Guide - Comprehensive documentation for the automated in-app upgrade system covering all 4 schema migrations

---

🛠️ Technical Details

New API Endpoints

Endpoint	Method	Description
/api/health	GET	System health status and metrics
/api/ai-search/instances/:name/status	GET	AI Search instance indexing status
/api/ai-search/supported-types	GET	Dynamic file type detection

Code Quality Metrics

• ✅ TypeScript: Clean compilation with strict mode
• ✅ ESLint: 0 errors
• ✅ Browser Testing: Verified in Chrome/Edge

---

📦 Downloads

• Source Code (zip): Download
• Source Code (tar.gz): Download
• Docker Image: docker pull writenotenow/r2-bucket-manager:v3.2.0

---

🚀 Upgrade Instructions

From v3.1.0 to v3.2.0

1. Pull the latest code:

   git pull origin main

2. Update dependencies:

   npm install

3. Rebuild and deploy:

   npm run build
   npx wrangler deploy

No database migrations required for this release.

---

🔗 Links

• Live Demo: https://r2.adamic.tech/
• GitHub Repository: https://github.com/neverinfamous/R2-Manager-Worker
• Docker Hub: https://hub.docker.com/r/writenotenow/r2-bucket-manager
• GitHub Wiki: https://github.com/neverinfamous/R2-Manager-Worker/wiki
• Release Article: https://adamic.tech/articles/r2-manager
• CHANGELOG: View Full Changelog

---

🔜 What's Next?

Looking ahead to v3.3.0 and beyond:

Planned Features

• File Versioning - Track and restore previous file versions
• Advanced Webhooks - Custom headers, retry logic, and delivery logs
• Offline Upload Queue - Resumable uploads with service workers

See the full Roadmap for details.

---

🐛 Known Issues

None reported at this time.

If you encounter any issues, please open an issue on GitHub with:

• Version number (3.2.0)
• Browser and OS
• Steps to reproduce
• Expected vs actual behavior

---

🎬 Breaking Changes

No breaking changes in this release. All v3.1.0 functionality remains intact.

---

🛡️ Security

No security changes in this release. All security features from v3.1.0 remain active.

---

🙏 Acknowledgments

Special thanks to @denzyve for identifying and reporting local development issues that were fixed in this release.

---

Made with ❤️ for the Cloudflare community