v0.23.0 — n8n-security-governance ships + hero-vs-product audit closures
v0.23.0 — n8n-security-governance ships + hero-vs-product audit closures
This release promotes the security skill to a real shipped product and uses a hero-vs-product audit (image claims vs actual skill content) to close three concrete gaps. The Code2n8n hero diagram is now fully backed by code.
🆕 New skill: skills/tigerai/n8n-security-governance/ (141 lines)
A dedicated production-readiness gate, not a caption.
- 12 mandatory check areas: Authentication, Authorization, Injection, Webhooks, Secrets, Input/files, Browser/API, AI/agents (prompt-injection boundary + tool allowlists), Data, Operations, n8n-specific (production webhook auth, credential references, Code-node sandbox), Dependencies
- Structured
SEC-###finding format: Severity, Status, Evidence, Impact, Reproduction, Required fix, Validation, Owner, Target version - PASS / CONDITIONAL / BLOCKED decision matrix
- Version control + CI/CD gate (7 required checks) + Rollback (5 required facts per release)
- NEW Observability section: 8 runtime signals (success/error counts, latency p50/p95/p99, webhook 4xx/5xx, credential usage frequency, queue depth, disk usage, exception classes), 3 alert routes, mandatory dashboard link, plus an honesty rule — "no monitoring = SECURITY-CAVEATS finding"
Registered in plugin.json with role: security. Skills count 14 → 15.
🔗 marquee code-to-workflow upgraded
Two new hard rules wire the security skill into the migration methodology:
- Rule 8 — "Security review is a real gate, not a caption." Step 1.5 must invoke
n8n-security-governanceand record evidence + severity + decision. - Rule 9 — "Every release must be traceable and reversible." The reviewed JSON, SDD, security artifacts, tests, Git commit SHA, workflow internal version, n8n release tag, and rollback target must describe the same release.
🆕 Pillar 4.2 in tigerai-enterprise-patterns — Human-in-the-Loop
Closes the hero diagram's Step-4 "Approval" claim with a concrete pattern, not a footnote.
- 5 approval node types (Email, Slack, Form, Telegram, native
sendAndWait) with use-case mapping - Mandatory timeout policy: money 4h, support 2h, default 24h
- 3 escalation modes after timeout: auto-reject / escalate / accept-with-followup
- Mandatory audit trail fields:
request_id, requester, approver, decision, timestamp, reason, channel - Reject path must include a compensating action — not just "flow ends"
- Handover design rules for human takeover, cross-shift handoff, AI→engineer escalation
- 5 anti-patterns explicitly rejected at generation time
🆕 New doc: docs/enterprise-setup.md
Settles the ambiguity in the hero's third block: SSO / IAM / HA / DR is n8n self-hosted enterprise + your IT — not this Pack. The Pack's job is making sure Code2n8n-produced workflows land cleanly on top.
- Pack vs n8n vs your IT responsibility table
- SSO chapter — SAML / OIDC / LDAP / RBAC / Project belong to n8n self-hosted enterprise; the Pack adds IAM-friendly workflow rules (don't hardcode user identity, credential references only, project ownership, no
manualTriggerin production) - HA chapter — n8n queue mode + multi-worker; the Pack adds queue-safe workflow rules (no local-file passing between nodes,
Waitinstead of sleep, idempotency keys, mandatory timeouts) + deployment-layer checklist - DR chapter — 4 backup targets (Postgres, encryption key, workflow JSON exports, IaC), quarterly DR drill procedure
- Adoption order: enterprise n8n + SSO/RBAC first → install Pack → run Code2n8n port → Step 1.5 review → CI gate → production
📝 Surrounding updates
CODE2N8N.mdadds a Pack / n8n / IT responsibility callout after the "demo isn't production" section- Both READMEs add a responsibility-boundary callout right after the proof bar, linking to
enterprise-setup.md - English README hero swapped to v16 (user master remaster native)
- Chinese README hero still on v11 pending a v15-equivalent layout fix
✅ Hero-claim-by-claim audit
| Hero element | Backed by |
|---|---|
| Path A intent → workflow | sticky-note-to-workflow |
| Path B existing system → migration | code-to-workflow |
| Step 1 Inventory | code-to-workflow Step 1 |
| Step 2 Partition | code-to-workflow Step 2 |
| Step 3 Security Audit | ✅✅ n8n-security-governance (141 lines) + code-to-workflow Step 1.5 + hard rules §8/§9 |
| Step 4 Retry / Approval / Handover | Retry across 5 skills; Approval newly covered by Pillar 4.2; Handover central to code-to-workflow |
| Step 5 Production Validation | code-to-workflow Step 6 (3-layer funnel) + working _audit.mjs / _n8n_import_test.mjs in examples |
Unfixed findings → SECURITY-CAVEATS.md |
required output #2 in n8n-security-governance + real file in on-prem example |
| Block-3 SSO / IAM / HA / DR | docs/enterprise-setup.md settles the boundary and gives Pack-side rules |
| Block-3 Observability | new Observability section in n8n-security-governance |
The hero is no longer a marketing claim. Every block is backed by a file in the repo.
🤖 Generated with Claude Code