Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(MongoDB Node): Upgrade mongodb package to address CVE-2021-32050 #7054

Merged
merged 1 commit into from
Aug 31, 2023
Merged

fix(MongoDB Node): Upgrade mongodb package to address CVE-2021-32050 #7054

merged 1 commit into from
Aug 31, 2023

Conversation

netroy
Copy link
Member

@netroy netroy commented Aug 31, 2023

@github-actions
Copy link
Contributor

Great PR! Please pay attention to the following items before merging:

Files matching packages/**:

  • If fixing bug, added test to cover scenario.
  • If addressing forum or Github issue, added link to description.

Files matching packages/nodes-base/package.json:

  • Avoided adding dependencies for nodes if not absolutely necessary.

Make sure to check off this list before asking for review.

Joffcom
Joffcom approved these changes Aug 31, 2023
View reviewed changes
Copy link
Member

@Joffcom Joffcom left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nothing broke in my test flows.

@codecov
Copy link

codecov bot commented Aug 31, 2023

Codecov Report

Patch coverage has no change and project coverage change: -0.01% ⚠️

Comparison is base (3b9f0fe) 32.10% compared to head (0271247) 32.10%.
Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #7054      +/-   ##
==========================================
- Coverage   32.10%   32.10%   -0.01%     
==========================================
  Files        3186     3186              
  Lines      195791   195791              
  Branches    21353    21351       -2     
==========================================
- Hits        62861    62859       -2     
- Misses     131896   131898       +2     
  Partials     1034     1034

see 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@cypress
Copy link

cypress bot commented Aug 31, 2023

2 flaky tests on run #2042 ↗︎

0 233 0 0 Flakiness 2

Details:

🌳 fix-CVE-2021-32050 🖥️ browsers:node18.12.0-chrome107 🤖 netroy 🗃️ e2e/*
Project: n8n Commit: 0271247534
Status: Passed Duration: 08:39 💡
Started: Aug 31, 2023 10:17 AM Ended: Aug 31, 2023 10:26 AM
Flakiness  7-workflow-actions.cy.ts • 1 flaky test

View Output Video

Test Artifacts
Workflow Actions > should not save workflow if canvas is loading Output Screenshots Video
Flakiness  24-ndv-paired-item.cy.ts • 1 flaky test

View Output Video

Test Artifacts
NDV > resolves expression with default item when input node is not parent, while still pairing items Output Screenshots Video

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings.

@github-actions
Copy link
Contributor

✅ All Cypress E2E specs passed

@netroy netroy merged commit d3f6356 into master Aug 31, 2023
51 of 52 checks passed
@netroy netroy deleted the fix-CVE-2021-32050 branch August 31, 2023 10:29
@github-actions github-actions bot mentioned this pull request Aug 31, 2023
Merged
netroy added a commit that referenced this pull request Aug 31, 2023
@github-actions @netroy
🚀 Release 1.5.0 (#7056)
0ca2c78 
# [1.5.0](https://github.com/n8n-io/n8n/compare/n8n@1.4.0...n8n@1.5.0)
(2023-08-31)


### Bug Fixes

* **Agile CRM Node:** Fix issue with company address not working
([#6997](#6997))
([2f81652](2f81652))
* **Code Node:** Switch over to vm2 fork
([#7018](#7018))
([dfe0fa6](dfe0fa6))
* **core:** Invalid NODES_INCLUDE should not crash the app
([#7038](#7038))
([04e3178](04e3178)),
closes [#6683](#6683)
* **core:** Setup websocket keep-live messages
([#6866](#6866))
([8bdb07d](8bdb07d)),
closes [#6757](#6757)
* **core:** Throw `NodeSSLError` only for nodes that allow ignoring SSL
issues ([#6928](#6928))
([a01c3fb](a01c3fb))
* **Date & Time Node:** Dont parse date if it's not set (null or
undefined) ([#7050](#7050))
([d72f79f](d72f79f))
* **editor:** Fix sending of Ask AI tracking events
([#7002](#7002))
([fb05afa](fb05afa))
* **Microsoft Excel 365 Node:** Support for more extensions in workbook
rlc ([#7020](#7020))
([d6e1cf2](d6e1cf2))
* **MongoDB Node:** Stringify response ObjectIDs
([#6990](#6990))
([9ca990b](9ca990b))
* **MongoDB Node:** Upgrade mongodb package to address CVE-2021-32050
([#7054](#7054))
([d3f6356](d3f6356))
* **Postgres Node:** Empty return data fix for Postgres and MySQL
([#7016](#7016))
([176ccd6](176ccd6))
* **Webhook Node:** Fix URL params for webhooks
([#6986](#6986))
([596b569](596b569))


### Features

* **core:** External Secrets storage for credentials
([#6477](#6477))
([ed927d3](ed927d3))
* **core:** Add MFA ([#4767](#4767))
([2b7ba6f](2b7ba6f))
* **core:** Add filtering, selection and pagination to users
([#6994](#6994))
([b716241](b716241))
* **editor:** Debug executions in the editor
([#6834](#6834))
([c833078](c833078))
* **RSS Read Node:** Add support for self signed certificates
([#7039](#7039))
([3b9f0fe](3b9f0fe))

Co-authored-by: netroy <netroy@users.noreply.github.com>
@janober
Copy link
Member

janober commented Aug 31, 2023

Got released with n8n@1.5.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Joffcom Joffcom Joffcom approved these changes

Assignees
No one assigned
Labels
Released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@netroy @janober @Joffcom