Merge branch 'production'

Author: RebeccaTamachiro

.github/workflows/anchor-link-audit.yml

@@ -39,7 +39,6 @@ jobs:
       - run: npm run build
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NODE_OPTIONS: "--max-old-space-size=4192"
 
       - name: Install dependencies
         run: curl https://htmltest.wjdp.uk | bash

.github/workflows/ci.yml

@@ -65,7 +65,6 @@ jobs:
       - run: npm run build
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NODE_OPTIONS: "--max-old-space-size=6144"
           RUN_LINK_CHECK: true
 
       - run: npm run check:worker

.github/workflows/publish-preview.yml

@@ -33,7 +33,6 @@ jobs:
         name: Build
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NODE_OPTIONS: --max-old-space-size=6144
       - name: Deploy to Cloudflare Workers
         env:
           CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}

.github/workflows/publish-production.yml

@@ -28,7 +28,6 @@ jobs:
         name: Build
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NODE_OPTIONS: --max-old-space-size=6144
       - run: npx wrangler deploy
         name: Deploy to Cloudflare Workers
         env:

bin/generate-descriptions.ts

@@ -14,21 +14,35 @@
  * 2. Have a local Worker running on `localhost:8787` with the following code (also requires adding a binding in the Wrangler config file):
  *
  * 		```
- * 		export interface Env {
- * 			AI: Ai;
- * 		}
-
- * 		export default {
- * 			async fetch(request, env): Promise<Response> {
- * 				const response = await env.AI.run("@cf/facebook/bart-large-cnn", {
- * 					input_text: await request.text(),
- * 					max_length: 60
- * 				});
- * 				return Response.json(response.summary);
- * 			},
- * 		} satisfies ExportedHandler<Env>;
+  		export interface Env {
+				AI: Ai;
+			}
+
+			export default {
+				async fetch(request, env): Promise<Response> {
+
+					const input_text = await request.text()
+
+					const messages = [
+						{ role: "system", content: "You are an assistant who helps summarize long chunks of text." },
+						{ role: "system", content: "You help generate optimized SEO descriptions that are - at most - 60 words. These also convey the most important points of the page and contain keywords." },
+						{ role: "system", content: "In your response, provide no content other than the summary text."},
+						{
+							role: "user",
+							content: input_text,
+						},
+					];
+					const response = await env.AI.run("@cf/meta/llama-3.3-70b-instruct-fp8-fast", { messages });
+
+					return Response.json(response.response);
+				},
+			} satisfies ExportedHandler<Env>;
  * 		```
- * 3. Run `npx tsx bin/generate-descriptions.ts --pcx-content-type $TYPE` to generate the descriptions.
+ * 3. Run `npx tsx bin/generate-descriptions.ts [options]` to generate the descriptions.
+ *
+ * Available options:
+ * - `--pcx-content-type $TYPE`: Filter by content type (e.g., tutorial, overview)
+ * - `--product $PRODUCT`: Filter by product folder (e.g., workers, pages, r2)
  *
  */
 
@@ -166,18 +180,22 @@ async function updateFrontmatter(
 function parseArgs() {
 	const args = process.argv.slice(2);
 	let pcxContentType: string | undefined;
+	let product: string | undefined;
 	let showHelp = false;
 
 	for (let i = 0; i < args.length; i++) {
 		if (args[i] === "--pcx-content-type" && i + 1 < args.length) {
 			pcxContentType = args[i + 1];
 			i++; // Skip the next argument as it's the value
+		} else if (args[i] === "--product" && i + 1 < args.length) {
+			product = args[i + 1];
+			i++; // Skip the next argument as it's the value
 		} else if (args[i] === "--help" || args[i] === "-h") {
 			showHelp = true;
 		}
 	}
 
-	return { pcxContentType, showHelp };
+	return { pcxContentType, product, showHelp };
 }
 
 /**
@@ -189,13 +207,14 @@ Usage: npx tsx bin/generate-descriptions.ts [options]
 
 Options:
   --pcx-content-type <type>  Filter MDX files by pcx_content_type (e.g., overview, tutorial, navigation)
+  --product <product>        Filter MDX files by product folder (e.g., workers, pages, r2)
   --help, -h                 Show this help message
 `);
 }
 
 async function main() {
 	// Parse command line arguments
-	const { pcxContentType, showHelp } = parseArgs();
+	const { pcxContentType, product, showHelp } = parseArgs();
 
 	if (showHelp) {
 		showUsage();
@@ -205,6 +224,10 @@ async function main() {
 	if (pcxContentType) {
 		console.log(`Filtering by pcx_content_type: ${pcxContentType}`);
 	}
+
+	if (product) {
+		console.log(`Filtering by product: ${product}`);
+	}
 	try {
 		// Find all MDX files in the docs directory
 		const mdxFiles = await globby("**/*.mdx", {
@@ -213,21 +236,45 @@ async function main() {
 		});
 		console.log(`Found ${mdxFiles.length} MDX files in the docs directory`);
 
-		// Filter files by pcx_content_type if specified
+		// Filter files by product if specified
 		let filteredMdxFiles = mdxFiles;
+		if (product) {
+			const productPath = path.join(DOCS_DIR, product);
+
+			// Check if the product directory exists
+			try {
+				await fs.access(productPath);
+			} catch (error) {
+				console.error(
+					`Product directory not found: ${productPath} -- ${error}`,
+				);
+				process.exit(1);
+			}
+
+			// Filter files by product
+			filteredMdxFiles = mdxFiles.filter((file) => {
+				return file.startsWith(productPath);
+			});
+			console.log(
+				`Filtered to ${filteredMdxFiles.length} MDX files in product: ${product}`,
+			);
+		}
+
+		// Further filter files by pcx_content_type if specified
 		if (pcxContentType) {
-			filteredMdxFiles = [];
-			for (const mdxFile of mdxFiles) {
+			const contentTypeFiltered = [];
+			for (const mdxFile of filteredMdxFiles) {
 				try {
 					const content = await fs.readFile(mdxFile, "utf-8");
 					const { data: frontmatter } = matter(content);
 					if (frontmatter.pcx_content_type === pcxContentType) {
-						filteredMdxFiles.push(mdxFile);
+						contentTypeFiltered.push(mdxFile);
 					}
 				} catch (error) {
 					console.error(`Error reading ${mdxFile}:`, error);
 				}
 			}
+			filteredMdxFiles = contentTypeFiltered;
 			console.log(
 				`Filtered to ${filteredMdxFiles.length} MDX files with pcx_content_type: ${pcxContentType}`,
 			);
@@ -306,6 +353,14 @@ async function main() {
 
 		console.log("\n--- Summary ---");
 		console.log(`Total MDX files: ${mdxFiles.length}`);
+		if (product) {
+			console.log(`Files in product '${product}': ${filteredMdxFiles.length}`);
+		}
+		if (pcxContentType) {
+			console.log(
+				`Files with pcx_content_type '${pcxContentType}': ${filteredMdxFiles.length}`,
+			);
+		}
 		console.log(`Updated: ${updatedCount}`);
 		console.log(`Skipped (already had description): ${skippedExistingCount}`);
 		console.log(`Skipped (description unchanged): ${skippedUnchangedCount}`);

package.json

@@ -4,7 +4,7 @@
 	"type": "module",
 	"scripts": {
 		"astro": "npx astro",
-		"build": "npx astro build",
+		"build": "export NODE_OPTIONS='--max-old-space-size=6192' || set NODE_OPTIONS='--max-old-space-size=6192'&& npx astro build",
 		"typegen:worker": "npx wrangler types ./worker/worker-configuration.d.ts",
 		"check": "npm run check:astro && npm run check:worker",
 		"check:astro": "npx astro check",

src/content/changelog/fundamentals/2025-10-30-email-2FA.mdx

@@ -0,0 +1,29 @@
+---
+title: Introducing email two-factor authentication
+description: Cloudflare now offers email two-factor authentication to protect your account
+date: 2025-10-30
+---
+
+Two-factor authentication (2FA) is one of the best ways to protect your account from the risk of account takeover. Cloudflare has offered phishing resistant 2FA options including hardware based keys (for example, a Yubikey) and app based TOTP (time-based one-time password) options which use apps like Google or Microsoft's Authenticator app. Unfortunately, while these solutions are very secure, they can be lost if you misplace the hardware based key, or lose the phone which includes that app. The result is that users sometimes get locked out of their accounts and need to contact support. 
+
+Today, we are announcing the addition of email as a 2FA factor for all Cloudflare accounts. Email 2FA is in wide use across the industry as a least common denominator for 2FA because it is low friction, loss resistant, and still improves security over username/password login only. We also know that most commercial email providers already require 2FA, so your email address is usually well protected already. 
+
+You can now enable email 2FA on the Cloudflare dashboard:
+
+1. Go to **Profile** at the top right corner.
+2. Select **Authentication**.
+3. Under **Two-Factor Authentication**, select **Set up**.  
+
+## Sign-in security best practices
+
+Cloudflare is critical infrastructure, and you should protect it as such. Review the following best practices and make sure you are doing your part to secure your account:
+
+- Use a unique password for every website, including Cloudflare, and store it in a password manager like 1Password or Keeper. These services are cross-platform and simplify the process of managing secure passwords.
+- Use 2FA to make it harder for an attacker to get into your account in the event your password is leaked.
+- Store your backup codes securely. A password manager is the best place since it keeps the backup codes encrypted, but you can also print them and put them somewhere safe in your home.
+- If you use an app to manage your 2FA keys, enable cloud backup, so that you don't lose your keys in the event you lose your phone.
+- If you use a custom email domain to sign in, [configure SSO](/fundamentals/manage-members/dashboard-sso/).
+- If you use a public email domain like Gmail or Hotmail, you can also use social login with Apple, GitHub, or Google to sign in.
+- If you manage a Cloudflare account for work:
+  - Have at least two administrators in case one of them unexpectedly leaves your company.
+  - Use SCIM to automate permissions management for members in your Cloudflare account.

src/content/docs/images/upload-images/sourcing-kit/index.mdx

@@ -10,8 +10,6 @@ With Sourcing Kit you can define one or multiple repositories of images to bulk
 
 Sourcing Kit also lets you target paths, define prefixes for imported images, and obtain error logs for bulk operations.
 
-Sourcing Kit is available in beta. If you have any comments, questions, or bugs to report, contact the Images team on our [Discord channel](https://discord.cloudflare.com). You can also engage with other users and the Images team on the [Cloudflare Community](https://community.cloudflare.com/c/developers/images/63).
-
 ## When to use Sourcing Kit
 
 Sourcing Kit can be a good choice if the Amazon S3 bucket you are importing consists primarily of images stored using non-archival storage classes, as images stored using [archival storage classes](https://aws.amazon.com/s3/storage-classes/#Archive) will be skipped and need to be imported separately. Specifically:

src/content/docs/r2/demos.mdx

@@ -3,6 +3,8 @@ pcx_content_type: navigation
 title: Demos and architectures
 sidebar:
   order: 10
+description: >-
+  Explore Cloudflare R2 demos and reference architectures for fullstack applications, storage, and AI, with examples and use cases.
 ---
 
 import {

src/content/docs/r2/get-started.mdx

@@ -6,6 +6,8 @@ sidebar:
 head:
   - tag: title
     content: Getting started guide
+description: >-
+  Cloudflare R2 Storage allows developers to store unstructured data without costly egress fees, offering bucket creation and object upload via dashboard or API.
 ---
 
 import { Render, PackageManagers, DashButton } from "~/components";