Merge branch 'production' into WAF_updates

Author: db-cloudflare

.github/CODEOWNERS

@@ -140,7 +140,7 @@
 /src/content/docs/cloudflare-for-platforms/workers-for-platforms/ @irvinebroque @angelampcosta @GregBrimble @cloudflare/deploy-config @cloudflare/pcx-technical-writing
 /src/content/docs/workers/observability/ @irvinebroque @mikenomitch @rohinlohe @ToriLindsay @cloudflare/pcx-technical-writing
 /src/content/docs/workers/static-assets @irvinebroque @GregBrimble @WalshyDev @ToriLindsay @cloudflare/deploy-config @cloudflare/pcx-technical-writing
-/src/content/docs/workflows/ @ToriLindsay @elithrar @celso @sidharthachatterjee @cloudflare/pcx-technical-writing
+/src/content/docs/workflows/ @elithrar @celso @sidharthachatterjee @cloudflare/pcx-technical-writing
 
 # DDoS Protection
 

src/assets/images/changelog/workers/builds-rerun.gif

@@ -0,0 +1,67 @@
+---
+title: Import `env` to access bindings in your Worker's global scope
+description: More easily configure your Worker and call bindings from anywhere with an importable `env`
+products:
+  - workers
+date: 2025-03-17T15:00:00Z
+---
+
+import { Render, TypeScriptExample } from "~/components";
+
+You can now access [bindings](/workers/runtime-apis/bindings/)
+from anywhere in your Worker by importing the `env` object from `cloudflare:workers`.
+
+Previously, `env` could only be accessed during a request. This meant that
+bindings could not be used in the top-level context of a Worker.
+
+Now, you can import `env` and access bindings such as [secrets](/workers/configuration/secrets/)
+or [environment variables](/workers/configuration/environment-variables/) in the
+initial setup for your Worker:
+
+```js
+import { env } from "cloudflare:workers";
+import ApiClient from "example-api-client";
+
+// API_KEY and LOG_LEVEL now usable in top-level scope
+const apiClient = ApiClient.new({ apiKey: env.API_KEY });
+const LOG_LEVEL = env.LOG_LEVEL || "info";
+
+export default {
+	fetch(req) {
+		// you can use apiClient or LOG_LEVEL, configured before any request is handled
+	},
+};
+```
+
+:::note
+Workers do not allow I/O from outside a request context. This means that even
+though `env` is accessible from the top-level scope, you will not be able to access
+every binding's methods.
+
+For instance, environment variables and secrets are accessible, and you are able to
+call `env.NAMESPACE.get` to get a [Durable Object stub](/durable-objects/api/stub/) in the
+top-level context. However, calling methods on the Durable Object stub, making [calls to a KV store](/kv/api/),
+and [calling to other Workers](/workers/runtime-apis/bindings/service-bindings) will not work.
+:::
+
+Additionally, `env` was normally accessed as a argument to a Worker's entrypoint handler,
+such as [`fetch`](/workers/runtime-apis/fetch/).
+This meant that if you needed to access a binding from a deeply nested function,
+you had to pass `env` as an argument through many functions to get it to the
+right spot. This could be cumbersome in complex codebases.
+
+Now, you can access the bindings from anywhere in your codebase
+without passing `env` as an argument:
+
+```js
+// helpers.js
+import { env } from "cloudflare:workers";
+
+// env is *not* an argument to this function
+export async function getValue(key) {
+	let prefix = env.KV_PREFIX;
+	return await env.KV.get(`${prefix}-${key}`);
+}
+```
+
+For more information, see [documentation on accessing `env`](/workers/runtime-apis/bindings#how-to-access-env).

src/content/changelog/workers/2025-03-17-importable-env.mdx

@@ -0,0 +1,23 @@
+---
+title: Retry Pages & Workers Builds Directly from GitHub
+description: Rerun builds for your Workers and Pages projects directly inside of GitHub.
+products:
+  - workers
+  - pages
+date: 2025-03-17T11:00:00Z
+---
+
+You can now retry your Cloudflare Pages and Workers builds directly from GitHub. No need to switch to the Cloudflare Dashboard for a simple retry!
+
+![Workers Builds GitHub Reruns](src/assets/images/changelog/workers/builds-rerun.gif)
+
+Let’s say you push a commit, but your build fails due to a spurious error like a network timeout. Instead of going to the Cloudflare Dashboard to manually retry, you can now rerun the build with just a few clicks inside GitHub, keeping you inside your workflow.
+
+For Pages and Workers projects connected to a GitHub repository:
+
+1. When a build fails, go to your GitHub repository or pull request
+2. Select the failed Check Run for the build
+3. Select "Details" on the Check Run
+4. Select "Rerun" to trigger a retry build for that commit
+
+Learn more about [Pages Builds](/pages/configuration/git-integration/github-integration/) and [Workers Builds](/workers/ci-cd/builds/git-integration/github-integration/).

src/content/changelog/workers/2025-03-17-rerun-build.mdx

@@ -0,0 +1,96 @@
+---
+pcx_content_type: reference
+title: Custom dashboards
+sidebar:
+  order: 8
+
+---
+
+Custom dashboards allow you to create tailored dashboards to monitor application security, performance, and usage. You can create monitors for ongoing monitoring of a previous incident, use them to identify indicators of suspicious activity, and access templates to help you get started.
+
+Dashboards provide a visual interface that displays key metrics and analytics, helping you monitor and analyze data efficiently. Different dashboards serve different purposes. For example, a security dashboard tracks attack attempts and threats, a performance dashboard monitors API latency and uptime, and a usage dashboard analyzes traffic patterns and user behavior.
+
+Different metrics serve distinct roles in providing insights into your application’s performance. For example, total HTTP requests offers an overview of traffic volume, while average response time helps assess application speed. Additionally, usage metrics such as traffic patterns and user behavior provide insight into how users interact with your application. These metrics together enable you to spot trends, identify problems, and make informed, data-driven decisions.
+
+:::note
+Custom Dashboards is currently available to customers participating in the Log Explorer beta. To begin using custom dashboards, you will first need to request access to [Log Explorer](/logs/log-explorer/). 
+:::
+
+## Create a new dashboard
+
+To create a new dashboard, log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login) and select your account. Then, navigate to **Analytics & Logs** and open the **Dashboards** section.
+
+When creating a dashboard, you have two options: building one from scratch or using a pre-designed template.
+
+- A **from-scratch dashboard** gives you full control over its structure, allowing you to choose the exact datasets, metrics, and visualizations that fit your needs. This approach is ideal if you have specific monitoring goals or need a highly customized view of your data.
+- On the other hand, **templates** provide a faster way to set up a dashboard with commonly used metrics and charts. They are useful for standard use cases, such as monitoring security threats, API performance, or bot traffic. Templates help you get started quickly while still allowing modifications to fit your requirements.
+
+Choosing between these options depends on whether you need a quick setup with predefined insights or a fully customized dashboard tailored to your unique analysis needs.
+
+### Create a dashboard from scratch
+
+When creating a dashboard from scratch, select the option **Create a new**. You can follow the instructions in the following sections to start adding charts to your dashboard. 
+
+#### Create a new chart
+
+To create a new chart, select **Add chart**. There are two ways to create a chart:
+
+- **Use a prompt**: Enter a query like `Compare status code ranges over time`. The AI model decides the most appropriate visualization and constructs your chart configuration.
+- **Customize your chart**: Select the chart elements manually, including the chart type, title, dataset to query, metrics, and filters. This option gives you full control over your chart’s structure. 
+
+Refer to the following sections for more information about the charts, datasets, fields, metrics, and filters available.
+
+##### Chart types
+
+The available chart types include:
+
+- **Timeseries**: Displays trends over time, enabling comparisons across multiple series.
+- **Categorical**: Compares proportions across different series.
+- **Stat**: Highlights a single value, showing its delta and sparkline for quick insights.
+- **Percentage**: Represents one value as a percentage of another.
+- **Top N**: Identifies the highest-ranking values for a given attribute.
+
+##### Datasets and metrics
+
+The available metrics and filters vary based on the dataset you want to use. For example, when using the HTTP Requests dataset, you can select **origin response duration** as a metric. You can then choose your preferred aggregation method for that metric, such as total, median, or quantiles. The following table outlines the datasets, fields, and available metrics:
+
+
+| Dataset          | Field                  | Definition | Metrics |
+|-----------------|-----------------|------------|---------|
+| HTTP Requests | Requests | The number of requests sent by a client to a server over the HTTP protocol. | Total |
+| | DNS Response Time | The time taken for a DNS query to be resolved, measured from when a request is made to when a response is received. | Total, Average, Median, 95th percentile, 99th percentile |
+| | Time to First Byte | The duration from when a request is made to when the first byte of the response is received from the server. | Total, Average, Median, 95th percentile, 99th percentile |
+| | Bytes returned to the Client | The amount of data (in bytes) sent from the server to the client in response to requests. | Total, Average, Median, 95th percentile, 99th percentile |
+| | Number of visits | Unique visits or sessions to a website or application. | Total |
+| | Origin response duration | The time taken by the origin server to process and respond to a request. | Total, Average, Median, 95th percentile, 99th percentile |
+| Security Events | Security events | Actions taken by Application Security products such as WAF and Bot Management. | Total |
+
+##### Filters
+
+You can also adjust the scope of your analytics by entering filter conditions. This allows you to focus on the most relevant data.
+
+1. Select **Add filter**.
+2. Select a **field**, an **operator**, and a **value**. For example, to filter events by source IP address, select the _Source IP_ field, select the _equals_ operator, and enter the _IP address_.
+3. Select **Apply**.
+
+### Create a dashboard from a template
+
+Alternatively, you can choose to create your dashboard using a pre-designed dashboard template. The templates available are:
+
+- **Bot monitoring**: Allows you to identify automated traffic accessing your website.
+- **API Security**: Allows you to monitor data transfers and exceptions for API endpoints in your application.
+- **API Performance**: Allows you to view timing data for API endpoints in your application, along with error rates. 
+- **Account takeover**: Allows you to monitor login attempts, usage of leaked credentials, and account takeover attacks.
+
+## Edit a dashboard or chart
+
+After creating your dashboard, to view your saved dashboards, select **Back to all dashboards** to access the full list. Regardless of the way you choose to create your dashboard, you can always edit existing charts and add new ones as needed.
+
+## Further analysis
+
+For each chart, you can:
+
+- Review related traffic in [Security Analytics](/waf/analytics/security-analytics/).
+- Explore detailed logs in [Log Explorer](/logs/log-explorer/).
+
+This ensures deeper insights into your application's security, performance, and usage patterns.

src/content/docs/analytics/dashboards.mdx

@@ -5,10 +5,9 @@ title: Endpoint labeling service
 sidebar:
   order: 1
   label: Labeling service
-
 ---
 
-import { Render } from "~/components"
+import { Render } from "~/components";
 
 API Shield's labeling service will help you organize your endpoints and address vulnerabilities in your API. The labeling service comes with managed and user-defined labels.
 
@@ -46,6 +45,8 @@ Use managed labels to identify endpoints by use case. Cloudflare may automatical
 
 `cf-rss-feed`: Add this label to endpoints that expect traffic from RSS clients.
 
+`cf-llm`: Services that are (partially) powered by Large Language Model (LLM).
+
 ### Risk labels
 
 Cloudflare automatically runs risk scans every 24 hours on your saved endpoints. API Shield applies these labels when a scan finds security risks on your endpoints. A corresponding Security Center Insight is also raised when risks are found.
@@ -58,11 +59,11 @@ Cloudflare automatically runs risk scans every 24 hours on your saved endpoints.
 
 `cf-risk-missing-schema`: Automatically added when a learned schema is available for an endpoint that has no active schema.
 
-`cf-risk-error-anomaly`: Automatically added when an endpoint experiences a recent increase in response errors over the last 24 hours. 
+`cf-risk-error-anomaly`: Automatically added when an endpoint experiences a recent increase in response errors over the last 24 hours.
 
-`cf-risk-latency-anomaly`: Automatically added when an endpoint experiences a recent increase in response latency over the last 24 hours. 
+`cf-risk-latency-anomaly`: Automatically added when an endpoint experiences a recent increase in response latency over the last 24 hours.
 
-`cf-risk-size-anomaly`: Automatically added when an endpoint experiences a spike in response body size over the last 24 hours. 
+`cf-risk-size-anomaly`: Automatically added when an endpoint experiences a spike in response body size over the last 24 hours.
 
 :::note
 Cloudflare will only add authentication labels to endpoints with successful response codes. Refer to the below table for more details.
@@ -108,4 +109,4 @@ Alternatively, you can create a user-defined label via Endpoint Management in AP
 
 ## Availability
 
-Endpoint Management's labeling service is currently available to Enterprise API Shield subscribers.
+Endpoint Management's labeling service is currently available to Enterprise API Shield subscribers.

src/content/docs/api-shield/management-and-monitoring/endpoint-labels.mdx

@@ -1,6 +1,7 @@
 ---
 title: Create tokens via API
 pcx_content_type: how-to
+description: Learn how to create API tokens via Cloudflare's API. Follow steps to define access policies, set restrictions, and generate tokens securely.
 sidebar:
   order: 3
 

src/content/docs/fundamentals/api/how-to/create-via-api.mdx

@@ -1,5 +1,6 @@
 ---
 title: Make API calls
+description: Learn how to make API calls using Cloudflare's API with step-by-step instructions for Windows, including using curl and PowerShell, and handling JSON.
 pcx_content_type: how-to
 sidebar:
   order: 2

src/content/docs/fundamentals/api/how-to/make-api-calls.mdx

@@ -1,7 +1,7 @@
 ---
 title: Multi-Factor Email Authentication
 pcx_content_type: troubleshooting
-
+description: Cloudflare's Multi-Factor Email Authentication prevents unauthorized access by sending one-time codes to your email.
 ---
 
 ## Overview

src/content/docs/fundamentals/setup/account/account-security/multi-factor-email-authentication.mdx

@@ -1,6 +1,7 @@
 ---
 pcx_content_type: reference
 title: Move a domain between Cloudflare accounts
+description: Learn how to transfer a domain between Cloudflare accounts, including requirements, DNS settings, and SSL/TLS certificate management for seamless migration.
 
 ---