chore: add skew-version support in Cloudflare open-next worker

[dario-piotrowicz]

Description

This PR adds support for skew protection in the Cloudflare open-next deployment (which has been recently added to the open-next adapter (in 1.5.0))

For more details on the feature see: https://opennext.js.org/cloudflare/howtos/skew

Validation

I've applied the changes and deployed the site: https://nodejs-org.testing.devprod.cloudflare.dev/en
And everything seems to be working as expected 🙂

I'll double check with @vicb if he has some suggestion to best test that the skew protection is actually in place and working as expected 🙂

Related Issues

Check List

• I have read the Contributing Guidelines and made commit messages that follow the guideline.
• I have run pnpm format to ensure the code follows the style guide.
• I have run pnpm test to check if all tests are passing.
• I have run pnpm build to check if the website builds without errors.
• I've covered new added functionality with unit tests if necessary.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Updated (UTC)
nodejs-org	✅ Ready (Inspect)	Visit Preview	Jul 15, 2025 10:07pm

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 1 line in your changes missing coverage. Please review.

Project coverage is 73.09%. Comparing base (b035290) to head (9256c7a).
Report is 4 commits behind head on main.

✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
packages/rehype-shiki/src/index.mjs	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7980      +/-   ##
==========================================
- Coverage   73.10%   73.09%   -0.02%     
==========================================
  Files          95       95              
  Lines        8355     8354       -1     
  Branches      219      219              
==========================================
- Hits         6108     6106       -2     
- Misses       2246     2247       +1     
  Partials        1        1              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[dario-piotrowicz]

https://github.com/nodejs/nodejs.org/actions/runs/16280236085/job/45968187377?pr=7980#step:11:74 👀

again! is this something that is happening quite often? 😓

[avivkeller]

https://github.com/nodejs/nodejs.org/actions/runs/16280236085/job/45968187377?pr=7980#step:11:74 👀

again! is this something that is happening quite often? 😓

Yea, it happens pretty often now that I think about it.

https://github.com/nodejs/nodejs.org/actions/workflows/playwright-cloudflare-open-next.yml?query=is%3Afailure

[dario-piotrowicz]

https://github.com/nodejs/nodejs.org/actions/runs/16280236085/job/45968187377?pr=7980#step:11:74 👀
again! is this something that is happening quite often? 😓

Yea, it happens pretty often now that I think about it.

https://github.com/nodejs/nodejs.org/actions/workflows/playwright-cloudflare-open-next.yml?query=is%3Afailure

oof... and do you know if it is just happening on the open-next build?

[avivkeller]

oof... and do you know if it is just happening on the open-next build?

yes, it's not duplicated on the regular Playwright run. We've had no¹ failures on that.

Footnotes

1. Excluding changes that you would expect to break Playwright. ↩

[dario-piotrowicz]

oof... and do you know if it is just happening on the open-next build?

yes, it's not duplicated on the regular Playwright run. We've had no1 failures on that.

Footnotes

1. Excluding changes that you would expect to break Playwright. ↩

ok, so sorry for the inconvenience 🙇 I'll look into addressing the issue then 🙇

[avivkeller]

No problem! It's not a required check so it's not breaking anything

[dario-piotrowicz]

No problem! It's not a required check so it's not breaking anything

good! but it must be pretty annoying 😅😓

[AugustinMauroy]

LGMT !

[ovflowd]

LGTM! Buit can we document this variable for the time being somewhere? (the OPEN_NEXT_CLOUDFLARE)

[ovflowd]

LGMT !

Every time you write LGMT I feel like I want to eat Subway's BLT for some reason

[avivkeller]

LGMT !

Every time you write LGMT I feel like I want to eat Subway's BLT for some reason

Looks good, me too!

[dario-piotrowicz]

Sorry @avivkeller let's wait for tomorrow to merge this if that's ok 🙏

It should be all good but before merging I wanted to double check that the deployed version does implement version skew protection correctly, I'll do that at some point tomorrow 🙇

[dario-piotrowicz]

Sorry @avivkeller let's wait for tomorrow to merge this if that's ok 🙏

It should be all good but before merging I wanted to double check that the deployed version does implement version skew protection correctly, I'll do that at some point tomorrow 🙇

Sorry, I'm having some trouble validating that the skew protection works correctly (since it seems like it (intentionally) does not work on .workers.dev subdomains and I don't currently have a custom domain at hand), I'll let y'all know when I manage to validate this change 🙂