fix: Upgrade axios to address CVE-2023-45857 #7713
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
n8n-assistant
bot
added
core
2 flaky tests on run #3413 ↗︎
Details:
|
|||||||||||||||||||||||||||
| Test | Artifacts | |
|---|---|---|
| Sharing > should work for admin role on credentials created by others (also can share it with themselves) |
Screenshots
Video
|
|
24-ndv-paired-item.cy.ts • 1 flaky test
| Test | Artifacts | |
|---|---|---|
| NDV > resolves expression with default item when input node is not parent, while still pairing items |
Screenshots
Video
|
|
Review all test suite changes for PR #7713 ↗︎
netroy
force-pushed
the
upgrade-axios
branch
from
9576fb8
to
cb95e5a
Compare
This comment was marked as spam.
This comment was marked as spam.
netroy
force-pushed
the
upgrade-axios
branch
2 times, most recently
from
6a6f658
to
89edbcc
Compare
netroy
force-pushed
the
upgrade-axios
branch
from
89edbcc
to
c8d8d22
Compare
krynble
approved these changes
Dec 19, 2023
|
✅ All Cypress E2E specs passed |
MiloradFilipovic
added a commit
that referenced
this pull request
Dec 21, 2023
* master: (22 commits) fix(editor): Make keyboard shortcuts more strict; don't accept extra Ctrl/Alt/Shift keys (#8024) fix(core): Downgrade Rudderstack SDK (no-changelog) (#8107) fix(editor): Move versions check to init function and refactor store (no-changelog) (#8067) refactor(editor): Add telemetry for SSO/SAML (no-changelog) (#8102) fix(editor): Ensure execution data overrides pinned data when copying in executions view (#8009) fix(editor): Fix copy/paste issue when switch node is in workflow (#8103) feat(editor): Upgrade frontend tooling to address a few vulnerabilities (#8100) feat(editor): De-duplicate frontend devDependencies (no-changelog) (#8094) refactor(core): Improve test-webhooks (no-changelog) (#8069) refactor: Add telemetry for RBAC (no-changelog) (#8056) feat(core): Upgrade Rudderstack SDK (no-changelog) (#8090) fix: Upgrade axios to address CVE-2023-45857 (#7713) fix(core): Do not display error when stopping jobless execution in queue mode (#8007) feat(editor): Gracefully ignore invalid payloads in postMessage handler (#8096) feat(editor): Add lead enrichment suggestions to workflow list (#8042) refactor(Discord Node): Stop reporting to Sentry inaccessible guild error (no-changelog) (#8095) feat: Add opt-in enterprise license trial checkbox (no-changelog) (#7826) ci: Remove unnecessary async/await, enable await-thenable linting rule (no-changelog) (#8076) refactor(editor): Add telemetry for log streaming (no-changelog) (#8075) fix(core): Use relative imports for dynamic imports in SecurityAuditService (#8086) ...
Merged
ivov
added a commit
that referenced
this pull request
Dec 21, 2023
# [1.22.0](https://github.com/n8n-io/n8n/compare/n8n@1.21.0...n8n@1.22.0) (2023-12-21) ### Bug Fixes * **core:** Close db connection gracefully when exiting ([#8045](#8045)) ([e69707e](e69707e)) * **core:** Consider timeout in shutdown an error ([#8050](#8050)) ([4cae976](4cae976)) * **core:** Do not display error when stopping jobless execution in queue mode ([#8007](#8007)) ([8e6b951](8e6b951)) * **core:** Fix shutdown if terminating before hooks are initialized ([#8047](#8047)) ([6ae2f5e](6ae2f5e)) * **core:** Handle multiple termination signals correctly ([#8046](#8046)) ([67bd8ad](67bd8ad)) * **core:** Initialize queue once in queue mode ([#8025](#8025)) ([53c0b49](53c0b49)) * **core:** Prevent axios from force setting a form-urlencoded content-type ([#8117](#8117)) ([bba9576](bba9576)) * **core:** Remove circular references before serializing executions in public API ([#8043](#8043)) ([989888d](989888d)) * **core:** Restore workflow ID during execution creation ([#8031](#8031)) ([c5e6ba8](c5e6ba8)) * **core:** Use relative imports for dynamic imports in SecurityAuditService ([#8086](#8086)) ([785bf99](785bf99)) * **core:** Stop binary data restoration from preventing execution from finishing ([#8082](#8082)) ([5ffff1b](5ffff1b)) * **editor:** Add back credential `use` permission ([#8023](#8023)) ([329e5bf](329e5bf)) * **editor:** Cleanup Executions page component ([#8053](#8053)) ([2689c37](2689c37)) * **editor:** Disable auto scroll and list size check when clicking on executions ([#7983](#7983)) ([fcb8b91](fcb8b91)) * **editor:** Ensure execution data overrides pinned data when copying in executions view ([#8009](#8009)) ([1d1cb0d](1d1cb0d)) * **editor:** Fix copy/paste issue when switch node is in workflow ([#8103](#8103)) ([4b86926](4b86926)) * **editor:** Make keyboard shortcuts more strict; don't accept extra Ctrl/Alt/Shift keys ([#8024](#8024)) ([8df49e1](8df49e1)) * **editor:** Show credential share info only to appropriate users ([#8020](#8020)) ([b29b4d4](b29b4d4)) * **editor:** Turn off executions list auto-refresh after leaving the page ([#8005](#8005)) ([e3c363d](e3c363d)) * **editor:** Update image sizes in template description not to be full width always ([#8037](#8037)) ([63a6e7e](63a6e7e)) * **ActiveCampaign Node:** Fix pagination issue when loading tags ([#8017](#8017)) ([1943857](1943857)) * **HTTP Request Node:** Do not create circular references in HTTP request node output ([#8030](#8030)) ([5b7ea16](5b7ea16)) * Upgrade axios to address CVE-2023-45857 ([#7713](#7713)) ([64eb9bb](64eb9bb)) ### Features * Add option to `returnIntermediateSteps` for AI agents ([#8113](#8113)) ([7806a65](7806a65)) * **core:** Add config option to prefer GET request over LIST when using Hashicorp Vault ([#8049](#8049)) ([439a22d](439a22d)) * **core:** Add N8N_GRACEFUL_SHUTDOWN_TIMEOUT env var ([#8068](#8068)) ([614f488](614f488)) * **editor:** Add lead enrichment suggestions to workflow list ([#8042](#8042)) ([36a923c](36a923c)) * **editor:** Finalize workers view ([#8052](#8052)) ([edfa784](edfa784)) * **editor:** Gracefully ignore invalid payloads in postMessage handler ([#8096](#8096)) ([9d22c7a](9d22c7a)) * **editor:** Upgrade frontend tooling to address a few vulnerabilities ([#8100](#8100)) ([19b7f1f](19b7f1f)) * **Filter Node:** Overhaul UI by adding the new filter component ([#8016](#8016)) ([3d53052](3d53052)) * **Respond to Webhook Node:** Overhaul with improvements like returning all items ([#8093](#8093)) ([32d397e](32d397e)) ### Performance Improvements * **editor:** Improve canvas rendering performance ([#8022](#8022)) ([b780436](b780436)) Co-authored-by: ivov <ivov@users.noreply.github.com>
|
Got released with |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
GH Advisory