just update capnproto

See merge request cloudflare/ew/workerd!184

… JSG_STRUCT unwrap to prevent process abort via prototype pollution

FieldWrapper::unwrap in src/workerd/jsg/struct.h used v8::Object::Get()
which performs a full ECMA-262 [[Get]] with prototype chain traversal.
When called from inside V8's ValueDeserializer host-object callback
(which installs a DisallowJavascriptExecution scope), a getter installed
on Object.prototype by attacker-controlled JS would trigger V8_Fatal →
abort(), killing the entire workerd process and all co-located tenant
isolates. The slow-path FieldWrapper::wrap (compat date < 2025-12-03)
also omitted kj::none Optional fields from the serialized init-dict
object, leaving those field names absent as own properties and forcing
the prototype chain lookup during deserialization.

The fix conditionally replaces Get() with HasOwnProperty + GetRealNamedProperty
(own-property-only, no prototype chain traversal) in unwrap.

The regression test installs Object.prototype getters on several
RequestInitializerDict field names (redirect, method, signal) and calls
structuredClone(new Request(...)) — pre-patch this deterministically
aborted the process; post-patch the clone succeeds normally.

Test validation: VALIDATED LOCALLY
Pre-patch run: FAIL (bazel test //src/workerd/api/tests:struct-prototype-pollution-test@)
Post-patch run: PASS (bazel test //src/workerd/api/tests:struct-prototype-pollution-test@)

Refs: AUTOVULN-CLOUDFLARE-WORKERD-369

See merge request cloudflare/ew/workerd!39

VULN-136602: fix(jsg): conditionally use own-property-only lookups in JSG_STRUCT unwrap to prevent process abort via prototype pollution

See merge request cloudflare/ew/workerd!39

Restore external memory accounting for global actor channels

See merge request cloudflare/ew/workerd!201

…il next turn of event loop

* fix(server): defer dynamic WorkerService destruction until next turn of event loop

DeleteQueue::scheduleDeletion() previously took the synchronous inline-delete
fast path whenever IoContext::current() matched, regardless of whether the
caller was inside a cppgc finalizer. When a WorkerStub (holding a child
v8::Isolate via WorkerStubImpl → WorkerService → Worker::Isolate) was
garbage-collected by the parent isolate, the parent's CppgcShim::~CppgcShim()
set the thread-local inCppgcShimDestructor flag and then synchronously
destroyed the child isolate chain. The child's HeapTracer::clearWrappers()
hit KJ_ASSERT(!inCppgcShimDestructor) at wrappable.c++:40 (the flag is
process-wide, not per-isolate), throwing from inside V8's noexcept cppgc
sweeper and triggering std::terminate().

The new worker-loader-gc-test exercises the exact crash scenario: load an
anonymous child worker, make a request to force full construction, drop the
stub, and trigger gc(). Pre-fix this aborts the process; post-fix the
deferred deletion completes safely. (AUTOVULN-CLOUDFLARE-WORKERD-102)

Test validation: VALIDATED LOCALLY
Pre-patch run: FAIL (bazel test //src/workerd/api/tests:worker-loader-gc-test@)
Post-patch run: PASS (bazel test //src/workerd/api/tests:worker-loader-gc-test@)

Refs: AUTOVULN-CLOUDFLARE-WORKERD-102

See merge request cloudflare/ew/workerd!6

VULN-136569: fix(server): defer dynamic WorkerService destruction until next turn of event loop

See merge request cloudflare/ew/workerd!6

Bump v8 to 14.9

See merge request cloudflare/ew/workerd!121

Normally, messages are caught by TryCatch scopes, but in some cases there is no scope.
This causes the message to be logged by the DefaultMessageListener to stdout, which
pollutes Kibana with things that should be js exceptions.

Add v8::Isolate MessageListener to log any messages

See merge request cloudflare/ew/workerd!205

GC tracing of the queue is unnecessary and potentially
dangerous. Most of it was non-op already. The danger
comes from cases like:

```cpp
struct Foo {
  jsg::Ref<Bar> bar;
  void visitForGc(jsg::GcVisitor& visitor) {
    visitor.visit(bar);
  }
}

auto foo = kj::heap<Foo>();
// something gc visits foo...

auto foo2 = kj::mv(foo);
// nothing visits foo2!
```

In the first visit, `bar` is marked weak. After
the move, if nothing gc visits `foo2` before the
next GC cycle, the garbage collector can decide
that `bar` is unreachable and collect it. There's
nothing in the move that would cause `bar` to be
marked strong again (unlike moving the `jsg::Ref`
itself).

A handful of changes in here, focused on improving the
robustness of queue.h/queue.c++. Extracted from the
larger reverted commit.

And as a bonus, fix two streams WPTs

Allow the standard AllReader to support strings and SAB's

Remove the original path and the autogate. Autogate has
been deployed for a while.

Both are obsolete.

Remove jsg::BufferSource/BackingStore from modules-new

See merge request cloudflare/ew/workerd!183

Remove Lock::bytes() and Lock::arrayBuffer() methods

See merge request cloudflare/ew/workerd!186

Don't use JSRPC for AI binding's toMarkdown() API.

See merge request cloudflare/ew/workerd!297

* Guard against WeakRef being torn down after isolate

See merge request cloudflare/ew/workerd!303

Guard against WeakRef being torn down after isolate

See merge request cloudflare/ew/workerd!303

Implement persistent stubs

See merge request cloudflare/ew/workerd!267

update capnp to bring Pin/Ptr/Weak improvements

See merge request cloudflare/ew/workerd!305