15.0.0

Released Released on August 19, 2025

Summary

This release prepares Cypress Studio for the next era of AI-assisted test creation. You can record interactions, add assertions by right-clicking, and now edit tests inline without leaving Cypress. Turn on experimentalStudio in your config to try it out and share your feedback. Read more about the foundation for what's next in our blog post.

Breaking Changes:

:::info

Refer to the v15 Migration Guide for help migrating your code.

:::

  • Removed support for Node.js 18 and Node.js 23. Addresses #31302.

  • Removed support for Linux distributions with glibc older than 2.31. This support is in-line with Node.js' support for Linux in Node v20+. Addressed in #31912.

  • Removed support for Chrome DevTools Protocol with the Firefox browser. Addresses #31189.

  • Removed support of the deprecated 3 argument signature of cy.stub. Use cy.stub(object, name).callsFake(fn) instead. Addresses #31346.

  • @cypress/webpack-preprocessor no longer supports webpack version 4. Addresses #31344. If you still need to use webpack version 4, please see our migration guide.

  • In order to better align with best practices, @cypress/webpack-batteries-included-preprocessor no longer includes certain browser built-ins that were automatically provided by Webpack 4. The removed built-ins are assert, constants, crypto, domain, events, http, https, punycode, querystring, string_decoder, sys, timers, tty, url, util, vm, and zlib. However, we know that certain built-ins are popular, given that many users have files that are shared between their Cypress tests and node context. Because of this, @cypress/webpack-batteries-included-preprocessor will ship with built-in support for buffer, path, process, os, and stream. If there is a built-in that isn't supported by default and you need to add support, please refer to the Webpack resolve.fallback documentation and the @cypress/webpack-batteries-included-preprocessor README. Addresses #31039.

  • The application under test's pagehide event in Chromium browsers will no longer trigger Cypress's window:unload event. Addressed in #31853.

  • The Cypress.SelectorPlayground API has been renamed to Cypress.ElementSelector. This API was renamed to accommodate its use for defining selectorPriority in Cypress Studio and our future cy.prompt release. Additionally, the getSelector method and the onElement option of defaults were removed from this API. Addresses #31801. Addressed in #31889 and #32098.

  • The direct download option for installing Cypress is no longer supported. Users should install via a package manager. Addressed in #32249.

  • Updated execa from 1.0.0 to 4.1.0. This changes the code property returned by cy.exec() to exitCode. Addressed in #32238.

  • Component Testing breaking changes:

    • Removed support for Angular 17. The minimum supported version is now 18.0.0. Addresses #31303.

    • @cypress/angular now requires a minimum of zone.js 0.14.0. Addresses #31582.

    • The Cypress configuration wizard for Component Testing supports TypeScript 5.0 or greater. Addresses #31187.

    • @cypress/vite-dev-server is now an ESM only package. You will no longer be able to use this package from a CommonJS context. Addresses #28373, #29557 and #31882.

      • Removed support for Vite 4 inside @cypress/vite-dev-server. The minimum Vite version is 5. Addresses #32038.

    • @cypress/webpack-dev-server no longer supports webpack-dev-server version 4. Addresses #31605. If you still need to use webpack-dev-server version 4, please see our migration guide.

Features:

  • cy.url(), cy.hash(), cy.go(), cy.reload(), cy.title(), and cy.location() now use the automation client (CDP for Chromium browsers and WebDriver BiDi for Firefox) to return the appropriate values from the commands to the user instead of the window object. This is to avoid cross origin issues with cy.origin() so these commands can be invoked anywhere inside a Cypress test without having to worry about origin access issues. Experimental WebKit still will use the window object to retrieve these values. Also, cy.window() will always return the current window object, regardless of origin restrictions. Not every property from the window object will be accessible depending on the origin context. Addresses #31196.

  • Selectors accepted in the selectorPriority of the SelectorPlayground (renamed to ElementSelector) API have been expanded to accept name and attributes:*. Additionally, the default selector priority used by Cypress now includes name. Addresses #31801 and #6876. Addressed in #31889.

  • tsx is now used in all cases to run the Cypress config, replacing ts-node for TypeScript and Node.js for CommonJS/ESM. This should allow for more interoperability for users who are using any variant of ES Modules. Addresses #8090, #15724, #21805, #22273, #22747, #23141, #25958, #25959, #26606, #27359, #27450, #28442, #28696, #29186, #30318, #30718, #30907, #30915, #30925, #30954, and #31185.

  • Component Testing features:

    • @cypress/vite-dev-server now supports vite version 7. Addresses #31882.

    • Angular version 20 is now supported within component testing. As of now, cypress/angular still requires zone.js and @angular-devkit/build-angular. Addresses #31304.

Bugfixes:

  • Fixed an issue where Create from Component feature might not be able to parse React components from project files. Fixed in #31457.

  • Fixed an issue where isSecureContext would be false on localhost when testing with Cypress. Addresses #18217.

  • Fixed an issue where Angular legacy Output() decorators were broken when making component instance field references safe. Fixes #32137.

  • Fixed an issue where .fixture() would not return updated content after the underlying file was modified via .writeFile(). The fixture cache is now properly invalidated when the backing file is written to, ensuring updated content is returned in subsequent .fixture() calls. Fixes #4716.

  • Fixed an issue where .fixture() calls with a specified encoding would sometimes still attempt to parse the file based on its extension. Files with an explicit encoding are now always treated as raw content. Fixes #32139.

  • Fixed an issue where .fixture() calls with different encoding options would return inconsistent content based on execution order. Fixes #32138.

  • Filters content written to stderr to prevent Electron from spamming with inconsequential errors/warnings. This stderr content can be viewed by enabling the cypress:internal-stderr debug namespace. Fixes #32070

  • Fixed an issue where Angular Component Testing was printing extraneous warnings to the console by default. By default, errors only will now print to the console. This can still be overridden by passing in a custom webpack config or setting the verbose option inside your angular.json. Addresses #26456.

  • Fixed an issue where ts-loader was improperly being detected inside @cypress/webpack-preprocessor. Fixes #32265.

  • Fixed an issue where .fixture() calls with null and undefined encoding options would incorrectly share cache entries, causing unexpected content to be returned. Cache keys now properly distinguish between these encoding values. Fixes #32274.

Misc:

  • The Cypress Command log has a new design when viewing a list of tests. Addresses #31677. Addressed in #31914.

  • Migration helpers and related errors are no longer shown when upgrading from Cypress versions earlier than 10.0.0. To migrate from a pre-10.0.0 version, upgrade one major version at a time to receive the appropriate guidance. Addresses #31345. Addressed in https://github.com/cypress-io/cypress/pull/31629/.

Dependency Updates:

  • Upgraded electron from 33.2.1 to 36.4.0. Addresses #31257. Addressed in #31912.

  • Upgraded bundled Node.js version from 20.18.1 to 22.15.1. Addresses #31257. Addressed in #31912.

  • Upgraded bundled Chromium version from 130.0.6723.137 to 136.0.7103.149. Addresses #31257. Addressed in #31912.

  • Upgraded body-parser from 1.20.2 to 1.20.3. This removes the SNYK-JS-BODYPARSER-7926860 vulnerability being reported in security scans. Addressed in #32225.

  • Upgraded systeminformation from 5.22.8 to 5.27.7. Addressed in #32234.

  • Upgraded tmp from ~0.2.3 to ~0.2.4. This removes the CVE-2025-54798 vulnerability being reported in security scans. Addresses #32176.