-
Notifications
You must be signed in to change notification settings - Fork 7.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(editor): Update vite legacy-plugin browser target (no-changelog) #5952
Conversation
Currently the generated `polyfills-legacy-*.js` has a md5sum that conflicts with some known malware, which is making n8n instances being incorrectly marked as malware. Changing the browserlist target changes the browser coverage from [88.3%](https://browsersl.ist/#q=defaults) to [88.2%](https://browsersl.ist/#q=%3E1%25%2Clast+3+versions%2Cnot+dead), and changes the md5sum from ` 7bbe04e33326032f3bf00ac7685bfccb` to `457638e9318cc92d88d45730c81724e4`.
Great PR! Please pay attention to the following items before merging: Files matching
Files matching
Make sure to check off this list before asking for review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for looking into this, great that you've found it.
I hope this solves the false positive outcomes.
Codecov ReportPatch and project coverage have no change.
Additional details and impacted files@@ Coverage Diff @@
## master #5952 +/- ##
=======================================
Coverage 17.53% 17.53%
=======================================
Files 2500 2500
Lines 114336 114336
Branches 17849 17850 +1
=======================================
Hits 20050 20050
Misses 93694 93694
Partials 592 592 Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report in Codecov by Sentry. |
✅ All Cypress E2E specs passed |
thanks!!! |
* master: (62 commits) fix(editor): Redirect to home page after saving data on SAML onboarding page (no-changelog) (#5961) feat: Replace Vue.extend with defineComponent in design system (no-changelog) (#5918) feat(MySQL Node): Overhaul fix(OpenAI Node): Update models to only show those supported (#5805) ci: Add test for wait node (no-changelog) (#5414) fix(Github Trigger Node): Remove content_reference event (#5830) ci: Validate load options methods in nodes-base (no-changelog) (#5862) ci: Use `--chown=node:node` in COPY commands in the custom docker image (no-changelog) (#5913) 🚀 Release 0.224.0 (#5957) fix(NocoDB Node): Fix for updating or deleting rows with not default primary keys fix(HTTP Request Node): Show detailed error message in the UI again (#5959) ci: Prevent skipping of E2E fail job (no-changelog) (#5958) ci: Fix E2E tests on master (no-changelog) (#5960) refactor(core): Use injectable classes for db repositories (part-1) (no-changelog) (#5953) fix(core): Validate customData keys and values (#5920) (no-changelog) feat(editor): Add user activation survey (#5677) fix(editor): Update vite legacy-plugin browser target (no-changelog) (#5952) docs: Fix typo in AWS S3 and S3 nodes for parent folder key (#5933) fix(core): Update xml2js to address CVE-2023-0842 (#5948) fix(Code Node): Update vm2 to address CVE-2023-29017 (#5947) ... # Conflicts: # packages/workflow/src/Interfaces.ts
…rce-mapper-ui * feature/resource-mapping-component: (62 commits) fix(editor): Redirect to home page after saving data on SAML onboarding page (no-changelog) (#5961) feat: Replace Vue.extend with defineComponent in design system (no-changelog) (#5918) feat(MySQL Node): Overhaul fix(OpenAI Node): Update models to only show those supported (#5805) ci: Add test for wait node (no-changelog) (#5414) fix(Github Trigger Node): Remove content_reference event (#5830) ci: Validate load options methods in nodes-base (no-changelog) (#5862) ci: Use `--chown=node:node` in COPY commands in the custom docker image (no-changelog) (#5913) 🚀 Release 0.224.0 (#5957) fix(NocoDB Node): Fix for updating or deleting rows with not default primary keys fix(HTTP Request Node): Show detailed error message in the UI again (#5959) ci: Prevent skipping of E2E fail job (no-changelog) (#5958) ci: Fix E2E tests on master (no-changelog) (#5960) refactor(core): Use injectable classes for db repositories (part-1) (no-changelog) (#5953) fix(core): Validate customData keys and values (#5920) (no-changelog) feat(editor): Add user activation survey (#5677) fix(editor): Update vite legacy-plugin browser target (no-changelog) (#5952) docs: Fix typo in AWS S3 and S3 nodes for parent folder key (#5933) fix(core): Update xml2js to address CVE-2023-0842 (#5948) fix(Code Node): Update vm2 to address CVE-2023-29017 (#5947) ... # Conflicts: # packages/workflow/src/Interfaces.ts
…5952) fix(editor-ui): Update vite legacy-plugin browser target (no-changelog) Currently the generated `polyfills-legacy-*.js` has a md5sum that conflicts with some known malware, which is making n8n instances being incorrectly marked as malware. Changing the browserlist target changes the browser coverage from [88.3%](https://browsersl.ist/#q=defaults) to [88.2%](https://browsersl.ist/#q=%3E1%25%2Clast+3+versions%2Cnot+dead), and changes the md5sum from ` 7bbe04e33326032f3bf00ac7685bfccb` to `457638e9318cc92d88d45730c81724e4`.
Got released with |
…8n-io#5952) fix(editor-ui): Update vite legacy-plugin browser target (no-changelog) Currently the generated `polyfills-legacy-*.js` has a md5sum that conflicts with some known malware, which is making n8n instances being incorrectly marked as malware. Changing the browserlist target changes the browser coverage from [88.3%](https://browsersl.ist/#q=defaults) to [88.2%](https://browsersl.ist/#q=%3E1%25%2Clast+3+versions%2Cnot+dead), and changes the md5sum from ` 7bbe04e33326032f3bf00ac7685bfccb` to `457638e9318cc92d88d45730c81724e4`.
Hey @netroy, maintainer of Typebot here 👋 I have the same kind of issue on the project (baptisteArno/typebot.io#492). I have no clue how to debug this. Can you tell me how you targeted the issue? |
Hey @baptisteArno If you use a scanner like quttera, they tell you the file that they think is is causing the website to be flagged. |
Currently the generated/bundled
polyfills-legacy-*.js
has a md5sum that conflicts with some known malware, which is making n8n instances being incorrectly marked as malware.Changing the browserlist target changes the browser coverage from 88.3% to 88.2%, and changes the md5sum from
7bbe04e33326032f3bf00ac7685bfccb
to457638e9318cc92d88d45730c81724e4
.Fixes: