fix incorrect bindings remote deduplication logic

[dario-piotrowicz]

Fixes https://jira.cfdata.org/browse/DEVX-2062
Fixes #9842

---

• Tests
  • Tests included
  • Tests not necessary because:
• Public documentation
  • Cloudflare docs PR(s):
  • Documentation not necessary because: bugfix
• Wrangler V3 Backport
  • Wrangler PR:
  • Not necessary because: bugfix to a non-wrangler-v3 feature

[changeset-bot]

🦋 Changeset detected

Latest commit: 826b5d2

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 5 packages

Name	Type
miniflare	Patch
@cloudflare/pages-shared	Patch
@cloudflare/vite-plugin	Patch
@cloudflare/vitest-pool-workers	Patch
wrangler	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[pkg-pr-new]

create-cloudflare

npm i https://pkg.pr.new/create-cloudflare@9854

@cloudflare/kv-asset-handler

npm i https://pkg.pr.new/@cloudflare/kv-asset-handler@9854

miniflare

npm i https://pkg.pr.new/miniflare@9854

@cloudflare/pages-shared

npm i https://pkg.pr.new/@cloudflare/pages-shared@9854

@cloudflare/unenv-preset

npm i https://pkg.pr.new/@cloudflare/unenv-preset@9854

@cloudflare/vite-plugin

npm i https://pkg.pr.new/@cloudflare/vite-plugin@9854

@cloudflare/vitest-pool-workers

npm i https://pkg.pr.new/@cloudflare/vitest-pool-workers@9854

@cloudflare/workers-editor-shared

npm i https://pkg.pr.new/@cloudflare/workers-editor-shared@9854

wrangler

npm i https://pkg.pr.new/wrangler@9854

commit: 826b5d2

[edmundhung]

Is 6 characters safe enough to make sure it is unique? What will happen if there are two services end up with the same remoteShortSha?

What about extracting parts of the remoteProxyConnectionString instead? Assuming there would be some common bits in all connection strings.

[dario-piotrowicz]

Is 6 characters safe enough to make sure it is unique?

I think it's very safe, only a handful of remote proxy connection strings can be present at a time and having collision on such a small amount seems quite impossible to me (I use 6 digit SHAs in git and I virtually never see conflicts even in huge repositories with thousand of commits).

What will happen if there are two services end up with the same remoteShortSha?

The wrong remote resource will be used by one of the two services, but this will only happen if:

• the resources are practically identical (for example an R2 binding with the exact same bucket name)
• the remote resources below to different users, meaning that the remote proxies are started with different auth values (which is unlikely something that we'll provide out of the box anyways)

So based on the above I think that the risk of this being problematic is extremely extremely small, restarting the dev session would fix it, and most likely the impact would also be quite minimal.

[dario-piotrowicz]

What about extracting parts of the remoteProxyConnectionString instead? Assuming there would be some common bits in all connection strings.

Yes, I could extract the port from the remoteProxyConnectionString and use that, that would guarantee that we do get different values here

I did consider that but that would require us to basically add coupling/rely on what the remoteProxyConnectionString is (a localhost URL). That's why I preferred going with a SHA approach where we don't care/need to know that the remoteProxyConnectionString contains, all we care about is that it is a string, and as I mentioned above I think that the risk of collisions is so small that it's practically non-existent.

But if you prefer I'm ok using the URL port instead 🙂