CVE-2023-27562: Releases · n8n-io/n8n

[email protected]

Changes (2023-05-03)****Bug Fixes

• core: Fix bug running addUserActivatedColumn migration on MariaDB (#6157) (aa8e96d)

[email protected]

Changes (2023-05-03)****Bug Fixes

• AWS S3 Node: Fix File upload, and add node tests (#6153) (deb4c04)
• Compression Node: Fix issue with decompression failing with uppercase extensions (#6098) (aa59329)
• core: Account for nodes with renamable content (#6109) (c99f158)
• core: Assign Unknown Error only if message or description not present in error (8aedc03)
• core: Avoid using Object.keys on Buffer and other non-plain objects (#6131) (a3aba83)
• core: Better error message in Webhook node when using the POST method (a0dd17e)
• core: Better errors for common status codes fix (700cc39)
• core: Fix hasOwnProperty on augmented objects (#6124) (206b6b9)
• core: Fix bug running addUserActivatedColumn migration on MariaDB (#6157) (570790e)
• core: Fix canceled execution status (#6142) (839a56a)
• core: Improve saml endpoints and audit events (#6107) (c0b1cdd)
• core: Remove SAML config metadataUrl if XML metadata is set directly (#6143) (25fe14b)
• core: Skip auth for controllers/routes that don’t use the Authorized decorator, or use Authorized(‘none’) (#6106) (59aee22)
• Correctly allow sharees to test credential when opening the modal (#6111) (2e73f4a)
• Date & Time Node: Numbers conversions fix (14f7114)
• editor: Change execution list tab loader design (#6120) (188ef04)
• editor: Disable changing of email and pw when SAML login enabled (#6104) (3e9ecd9)
• editor: Fix Show details summary (#6113) (90a62cc)
• editor: Fix copy selection behavior (#6112) (1607aeb)
• editor: Fix cropped off completions docstrings (#6129) (85e8145)
• editor: Fix focus jumping when using chrome autofill (#6140) (c63181b)
• editor: Fix missing Stop Listening button (#6125) (20a72bb)
• editor: Fix quote handling on dollar-sign variable completions (#6128) (51f5990)
• editor: Fix sidebar button styling (#6138) (a72a511)
• editor: Fix unique names for node duplication (#6134) (71ae6c6)
• editor: Fix unscrollable node settings (#6133) (c8ff368)
• editor: Loading state for executions tab (#6100) (4cbb05b)
• editor: Remove pagination from binary data output (#6093) (c6e665a)
• editor: Restrict [empty] in parameter input hint to zero-length string (#6003) (8862e1e)
• editor: Show error in RLC if credentials are not set (#6108) (2c240a0)
• HTTP Request Node: Add description for ‘Specify Body’ option (#6114) (af097ae)
• HTTP Request Node: Always lowercase headers (983e6e1)
• Mattermost Node: Fix base url trailing slash error (#6097) (25a386d)
• Merge Node: Do not error if expected key is missing (d219af7)
• Prevent displaying an endless timer in the execution list for finished executions (#6137) (701105e)
• Prevent invocations of ‘GET /rest/license’ from returning an error when ephemeral licenses are used (#6154) (a3d26ef)
• Slack Node: Restore ability to send text in addition of blocks or attachments (8669f95)

Features

• core: Add notice to alert users a new version is available (cb497fb)
• editor: Add support for loadOptionsDependsOn to RLC (#6101) (b17d5f9)
• editor: Add version controls settings (WIP) (#6036) (0c9ce3a)
• Item Lists Node: Split out items work on objects as well as arrays (c65ac03)
• Microsoft Excel 365 Node: Overhaul (5364a2d)

[email protected]

Changes (2023-05-02)****Bug Fixes

• Compression Node: Fix issue with decompression failing with uppercase extensions (#6098) (7136500)
• core: Account for nodes with renamable content (#6109) (b561d46)
• core: Fix hasOwnProperty on augmented objects (#6124) (2f015c0)
• core: Fix canceled execution status (#6142) (1796101)
• core: Skip auth for controllers/routes that don’t use the Authorized decorator, or use Authorized(‘none’) (#6106) (9d44991)
• Correctly allow sharees to test credential when opening the modal (#6111) (240bb47)
• Date & Time Node: Numbers conversions fix (e11e7cd)
• editor: Change execution list tab loader design (#6120) (ffc033f)
• editor: Fix Show details summary (#6113) (e12bafb)
• editor: Fix copy selection behavior (#6112) (0efd94a)
• editor: Fix cropped off completions docstrings (#6129) (06594cc)
• editor: Fix missing Stop Listening button (#6125) (dcbd2d2)
• editor: Fix quote handling on dollar-sign variable completions (#6128) (c23ad35)
• editor: Fix sidebar button styling (#6138) (d3f4bc1)
• editor: Fix unique names for node duplication (#6134) (48a4068)
• editor: Fix unscrollable node settings (#6133) (f762f16)
• editor: Loading state for executions tab (#6100) (2e12c50)
• editor: Remove pagination from binary data output (#6093) (7b7d9de)
• editor: Show error in RLC if credentials are not set (#6108) (5bf3400)
• HTTP Request Node: Add description for ‘Specify Body’ option (#6114) (69b6ba8)
• HTTP Request Node: Always lowercase headers (31c56a1)
• Mattermost Node: Fix base url trailing slash error (#6097) (788fda1)
• Merge Node: Do not error if expected key is missing (8b59564)
• Prevent displaying an endless timer in the execution list for finished executions (#6137) (2672896)
• Slack Node: Restore ability to send text in addition of blocks or attachments (625d672)

[email protected]

Changes (2023-04-26)****Bug Fixes

• Code Node: Update vm2 to address CVE-2023-30547 (#6039) (8268f23)
• core: Improve domain and url matching for extractDomain and extractUrl (#6010) (33fb732)
• core: Serialize dates and regexps when reading from augmented objects (#6086) (a4eb46a)
• core: Skip license activation when instance was already activated (#6064) (eaf7090)
• editor: Clean up demo and template callouts from workflows page (#6023) (4ee5083)
• editor: Fix memory leak in Node Detail View by correctly unsubscribing from event buses (#6021) (0970ec0)
• editor: Fix typo in SSO upgrade link (#6031) (9b59f1d)
• editor: Resolve expressions for grandparent nodes (#5859) (a19d444)
• editor: SettingsSidebar should disconnect from push when navigating away (#6025) (41660d9)
• editor: Update LDAP and Log streaming paywalls (#6069) (8a3b3e5)
• editor: Update SSO upgrade link (#6016) (953198e)
• Notion Node: Update credential test to not require user permissions (#6022) (a68330f)

Features

• core: Add license:info command (#6047) (ab12d3e)
• core: Add SSH key generation (#6006) (71ed1f4)
• core: Add support for digestAuth to httpRequest and declarative style (#5676) (62f993c)
• core: Manage version control settings (#6079) (f3b4701)
• core: Upgrade google-timezones-json to use the correct timezone for Sao Paulo (#6042) (b8cb5d7), closes #2647
• editor: Add disable template experiment (#5963) (a74284b)
• editor: Add SQL editor support (#5517) (70aaf24)
• editor: Enhance Node Creator actions view (#5954) (390841b)
• editor: Version control (WIP) (#6013) (0e0a064)
• editor: Version control paywall (WIP) (#6030) (ef79b03)
• Google BigQuery Node: Node improvements (#4877) (9817a15)

[email protected]

[email protected]

[email protected]

Changes (2023-04-20)****Bug Fixes

• editor: Clean up demo and template callouts from workflows page (#6023) (6ec1c45)
• editor: Fix memory leak in Node Detail View by correctly unsubscribing from event buses (#6021) (1b9e047)
• editor: SettingsSidebar should disconnect from push when navigating away (#6025) (e9f8cfe)
• Notion Node: Update credential test to not require user permissions (#6022) (6d02ae5)

[email protected]

Changes (2023-04-20)****Bug Fixes

• core: Fix paired item returning wrong data (#5898) (2a45441)
• core: Make getExecutionId available on all nodes types (#5990) (8373aab)
• editor: Fix memory leak in Node Detail View by correctly unsubscribing from event buses (#6021) (d8fce5b)
• editor: Fix moving canvas on middle click preventing lasso selection (#5996) (a7a5778)
• editor: SettingsSidebar should disconnect from push when navigating away (#6025) (b475c8f)
• Google Sheets Trigger Node: Return actual error message (5e59141)
• HTTP Request Node: Fix itemIndex in HTTP Request errors (#5991) (4a521a4)
• Notion Node: Update credential test to not require user permissions (#6022) (14c9b5e)

[email protected]

Changes (2023-04-19)****Bug Fixes

• core: Fix broken API permissions in public API (#5978) (49d838f)
• core: Fix paired item returning wrong data (#5898) (b13b7d7)
• core: Improve SAML connection test result views (#5981) (4c994fa)
• core: Make getExecutionId available on all nodes types (#5990) (c42820e)
• core: Skip SAML onboarding for users with first- and lastname (#5966) (8474cd3)
• editor: Add padding to prepend input (#5874) (cd89489)
• editor: Cleanup demo/video experiment (#5974) (c171365)
• editor: Enterprise features missing with UM (#5995) (f9a810a)
• editor: Fix moving canvas on middle click preventing lasso selection (#5996) (3c2a569)
• editor: Make sure to redirect to blank canvas after personalization modal (#5980) (7c474d3)
• editor: Only treat as CTRL pressed by default on touch devices for MouseEvent (#5968) (536d810)
• editor: Fix n8n-checkbox alignment (#6004) (f544826)
• Code Node: Consistently handle various kinds of data returned by user code (#6002) (f9b3aea)
• Github Trigger Node: Remove content_reference event (#5830) (d288a91)
• Google Sheets Trigger Node: Return actual error message (ba5b4eb)
• HTTP Request Node: Fix itemIndex in HTTP Request errors (#5991) (b351c62)
• NocoDB Node: Fix for updating or deleting rows with not default primary keys (ee7f863)
• OpenAI Node: Update models to only show those supported (#5805) (29959be)
• OpenAI Node: Update OpenAI Text Moderate input placeholder text (#5823) (6b9909b)

Features

• core: Add variables feature (#5602) (1bb9871)
• core: Add versionControl feature flag (#6000) (33299ca)
• core: Support for google service account in HTTP node (0b48088)
• editor: Add Ask AI preview (#5916) (f8f8374)
• GitLab Node: Add Additional parameters for File List (#5621) (3810039)
• MySQL Node: Overhaul (0a53c95)

[email protected]

Changes (2023-04-14)****Bug Fixes

• core: Fix broken API permissions in public API (#5978) (f4be887)
• editor: Only treat as CTRL pressed by default on touch devices for MouseEvent (#5968) (57af90f)
• editor: Update vite legacy-plugin browser target (no-changelog) (#5952) (f565b16)