Merge branch 'production' into patricia/pcx17327-pt1

Author: patriciasantaana

.hyperlint/config.yaml

@@ -14,14 +14,14 @@ reviewer:
     enabled: true
   custom_style_guide:
     enabled: false
-    path_to_style_guide_dir: ".hyperlint/styles/plain-text-style-checks/"
+    path_to_style_guide_dir: ".hyperlint/automations/styles/plain-text-style-checks/"
     check_status_upon_review_failure: neutral
   limit_num_reviews: 2
   limit_num_comments: 5
 automation:
   custom_style_guide:
     enabled: true
-    path_to_style_guide_dir: ".hyperlint/styles/plain-text-style-checks/"
+    path_to_style_guide_dir: ".hyperlint/automations/styles/plain-text-style-checks/"
   enabled: true
   vale_style_guide:
     enabled: true

src/assets/images/changelog/rules/snippets-lists-scores.png

@@ -5,8 +5,8 @@ import { zodEnumFromObjKeys } from "~/util/helpers";
 type Props = z.infer<typeof props>;
 
 const mappings = {
-	data_center_cities: "over 335 cities",
-	total_bandwidth: "over 348 Tbps network capacity",
+	data_center_cities: "over 330 cities",
+	total_bandwidth: "over 388 Tbps network capacity",
 	network_peers: "over 13,000 network peers",
 } as const satisfies Record<string, string>;
 

src/components/PublicStats.astro

@@ -0,0 +1,21 @@
+---
+title: More ways to match — Snippets now support Custom Lists, Bot Score, and WAF Attack Score
+description: Snippets and Cloud Connector now support user-defined IP, AS, and Hostname Custom Lists — plus Bot Score and WAF Attack Score in Snippets.
+products:
+  - rules
+date: 2025-05-09T10:00:00Z
+---
+
+You can now use IP, Autonomous System (AS), and Hostname [custom lists](/waf/tools/lists/custom-lists/) to route traffic to [Snippets](/rules/snippets/) and [Cloud Connector](/rules/cloud-connector/), giving you greater precision and control over how you match and process requests at the edge.
+
+In Snippets, you can now also match on [Bot Score](/bots/concepts/bot-score/) and [WAF Attack Score](/waf/detections/attack-score/), unlocking smarter edge logic for everything from request filtering and mitigation to [tarpitting](/rules/snippets/examples/slow-suspicious-requests/) and logging.
+
+**What’s new:**
+- [Custom lists](/waf/tools/lists/custom-lists/) matching – Snippets and Cloud Connector now support user-created IP, AS, and Hostname lists via dashboard or [Lists API](/api/resources/rules/subresources/lists/methods/list/). Great for shared logic across zones.
+- [Bot Score](/bots/concepts/bot-score/) and [WAF Attack Score](/waf/detections/attack-score/) – Use Cloudflare’s intelligent traffic signals to detect bots or attacks and take advanced, tailored actions with just a few lines of code.
+
+![New fields in Snippets](~/assets/images/changelog/rules/snippets-lists-scores.png)
+
+These enhancements unlock new possibilities for building smarter traffic workflows with minimal code and maximum efficiency.
+
+Learn more in the [Snippets](/rules/snippets/) and [Cloud Connector](/rules/cloud-connector/) documentation.

src/content/changelog/rules/2025-05-09-snippets-cloud-connector-lists-waf-bot-scores.mdx

@@ -42,7 +42,7 @@ Below is a list of our supported model providers:
 
 If you do not have a provider preference, start with one of our dedicated tutorials:
 
-- [OpenAI](/ai-gateway/integrations/aig-workers-ai-binding/)
+- [OpenAI](/ai-gateway/tutorials/deploy-aig-worker/)
 - [Workers AI](/ai-gateway/tutorials/create-first-aig-workers/)
 
 ## View analytics

src/content/docs/ai-gateway/get-started.mdx

@@ -12,6 +12,10 @@ import { Render, Plan } from "~/components";
 
 ## Workers Free
 
+Users on the [Workers Free plan](/workers/platform/pricing/) are limited to **10 minutes of browser rendering usage per day**.
+
+To increase this limit, you’ll need to [upgrade to a Workers Paid plan](/workers/platform/pricing).
+
 | Feature                                | Limit           |
 | -------------------------------------- | --------------- |
 | Concurrent browsers per account (Workers Binding API only)        | 3 per account   |

src/content/docs/browser-rendering/platform/limits.mdx

@@ -91,7 +91,7 @@ curl --request POST 'https://api.cloudflare.com/client/v4/accounts/CF_ACCOUNT_ID
 ### With only a prompt
 
 In this example, only a prompt is provided. The endpoint will use the prompt to extract the data, but the response will not be structured according to a JSON schema.
-This is useful for simple extractions where you don't need a specific format.
+This is useful for simple extractions where you do not need a specific format.
 
 ```bash
 curl --request POST 'https://api.cloudflare.com/client/v4/accounts/CF_ACCOUNT_ID/browser-rendering/json' \

src/content/docs/browser-rendering/rest-api/json-endpoint.mdx

@@ -136,7 +136,7 @@ export default {
 };
 ```
 
-Besides `puppeteer.sessions()`, we've added other methods to facilitate [Session Management](/browser-rendering/platform/puppeteer/#session-management).
+Besides `puppeteer.sessions()`, we have added other methods to facilitate [Session Management](/browser-rendering/platform/puppeteer/#session-management).
 
 ## 5. Test
 

src/content/docs/browser-rendering/workers-binding-api/reuse-sessions.mdx

@@ -60,7 +60,7 @@ Before sending any file data, you need to tell Cloudflare which files you intend
 <Aside type="note" title="Asset Isolation Considerations">
 Static assets uploaded to Workers for Platforms are associated with the namespace rather than with individual User Worker. If multiple User Workers exist under the same namespace, assets with identical hashes may be shared across them. **JWTs should therefore only be shared with trusted platform services and should never be distributed to end-users.**
 
-If strict isolation of assets is required, we recommend either salting with a random value each time, or incorporating an end-user identifier (e.g. account ID or Worker script ID) within the hashing process, to ensure uniqueness. For example, `hash = slice(sha256(accountID + fileContents), 32)`.
+If strict isolation of assets is required, we recommend either salting with a random value each time, or incorporating an end-user identifier (for example, account ID or Worker script ID) within the hashing process, to ensure uniqueness. For example, `hash = slice(sha256(accountID + fileContents), 32)`.
 
 </Aside>
 
@@ -122,7 +122,7 @@ You can compute a SHA-256 digest of the file contents, then truncate or otherwis
 If all the files are already stored on Cloudflare, the response will only return the JWT token. If new or updated files are needed, the response will return:
 
 - `jwt`: An upload token (valid for 1 hour) which will be used in the API request to upload the file contents (Step 2).
-- `buckets`: An array of file-hash groups indicating which files to upload together. Files that have been recently uploaded won't appear in buckets, since Cloudflare already has them.
+- `buckets`: An array of file-hash groups indicating which files to upload together. Files that have been recently uploaded will not appear in buckets, since Cloudflare already has them.
 
 :::note
 This step alone does not store files on Cloudflare. You must upload the actual file data in the next step.
@@ -132,7 +132,7 @@ This step alone does not store files on Cloudflare. You must upload the actual f
 
 If the response to the Upload Session API returns `buckets`, that means you have new or changed files that need to be uploaded to Cloudflare.
 
-Use the [Workers Assets Upload API](https://developers.cloudflare.com/api/resources/workers/subresources/assets/subresources/upload/) to transmit the raw file bytes in base64-encoded format for any missing or changed files. Once uploaded, Cloudflare will store these files so they can then be attached to a User Worker.
+Use the [Workers Assets Upload API](/api/resources/workers/subresources/assets/subresources/upload/) to transmit the raw file bytes in base64-encoded format for any missing or changed files. Once uploaded, Cloudflare will store these files so they can then be attached to a User Worker.
 
 <Aside type="caution">
 	Asset uniqueness is determined by the provided hash and are associated globally to their namespace rather than with each specific User Worker. If an asset has already been uploaded for that namespace earlier, Cloudflare will automatically omit sending this asset hash back in the `buckets` response to save you from re-uploading the same thing twice. This means that an asset can be shared between multiple User Workers if it shares the same hash unless you **explicitly make the hash unique**. If you require full isolation between assets across User Workers, incorporate a unique identifier within your asset hashing process (either salting it with something entirely random each time, or by including the end-user account ID or their Worker name to retain per-customer re-use).
@@ -203,7 +203,7 @@ Once every file in the manifest has been uploaded, a status code of `201` will b
 
 ### 3. Deploy the User Worker with static assets
 
-Now that Cloudflare has all the files it needs (from the previous upload steps), you must attach them to the User Worker by making a PUT request to the [Upload User Worker API](https://developers.cloudflare.com/api/resources/workers_for_platforms/subresources/dispatch/subresources/namespaces/subresources/scripts/methods/update/). This final step links the static assets to the User Worker using the completion token you received after uploading file contents.
+Now that Cloudflare has all the files it needs (from the previous upload steps), you must attach them to the User Worker by making a PUT request to the [Upload User Worker API](/api/resources/workers_for_platforms/subresources/dispatch/subresources/namespaces/subresources/scripts/methods/update/). This final step links the static assets to the User Worker using the completion token you received after uploading file contents.
 
 You can also specify any optional settings under the `assets.config` field to customize how your files are served (for example, to handle trailing slashes in HTML paths).
 

src/content/docs/cloudflare-for-platforms/workers-for-platforms/configuration/static-assets.mdx

@@ -14,7 +14,7 @@ Cloudflare provides an unlimited number of scripts for Workers for Platforms cus
 
 ## `cf` object
 
-The [`cf` object](/workers/runtime-apis/request/#the-cf-property-requestinitcfproperties) contains Cloudflare-specific properties of a request. This field is not accessible in [user Workers](/cloudflare-for-platforms/workers-for-platforms/reference/how-workers-for-platforms-works/#user-workers) because some fields in this object are sensitive and can be used to manipulate Cloudflare features (eg.`cacheKey`, `resolveOverride`, `scrapeShield`.)
+The [`cf` object](/workers/runtime-apis/request/#the-cf-property-requestinitcfproperties) contains Cloudflare-specific properties of a request. This field is not accessible in [user Workers](/cloudflare-for-platforms/workers-for-platforms/reference/how-workers-for-platforms-works/#user-workers) because some fields in this object are sensitive and can be used to manipulate Cloudflare features (for example, `cacheKey`, `resolveOverride`, `scrapeShield`.)
 
 ## Durable Object namespace limits