Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(core): Upgrade express to address CVE-2024-29041 (no-changelog) #9021

Merged
merged 1 commit into from
Apr 3, 2024

Conversation

netroy
Copy link
Member

@netroy netroy commented Apr 2, 2024

GH Advisory

Review / Merge checklist

  • PR title and summary are descriptive

@n8n-assistant n8n-assistant bot added core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team labels Apr 2, 2024
Copy link
Contributor

github-actions bot commented Apr 3, 2024

⚠️ Some Cypress E2E specs are failing, please fix them before merging

Copy link

cypress bot commented Apr 3, 2024

1 flaky test on run #4544 ↗︎

0 345 12 0 Flakiness 1

Details:

🌳 🖥️ browsers:node18.12.0-chrome107 🤖 netroy 🗃️ e2e/*
Project: n8n Commit: d13222e953
Status: Passed Duration: 03:49 💡
Started: Apr 3, 2024 3:03 PM Ended: Apr 3, 2024 3:07 PM
Flakiness  cypress/e2e/5-ndv.cy.ts • 1 flaky test

View Output Video

Test Artifacts
NDV > should not retrieve remote options when required params throw errors Test Replay Screenshots Video

Review all test suite changes for PR #9021 ↗︎

Copy link
Contributor

github-actions bot commented Apr 3, 2024

✅ All Cypress E2E specs passed

@netroy netroy merged commit dc42ac1 into master Apr 3, 2024
28 checks passed
@netroy netroy deleted the fix-CVE-2024-29041 branch April 3, 2024 15:08
MiloradFilipovic added a commit that referenced this pull request Apr 4, 2024
* master:
  fix(core): Ensure `status` on Axios errors is available to the BE (#9015)
  fix(editor): Make Webhook node pinnable (#9047)
  fix(core): Upgrade express to address CVE-2024-29041 (no-changelog) (#9021)
  fix(editor): Add fallback for expression resolution in multi-output case (#9045)
  ci(core): Upgrade express-openapi-validator (no-changelog) (#9022)
  refactor(core): Delete all auth exclusion config and checks (no-changelog) (#9044)
  fix(editor): Make share modal content scrollable (#9025)
MiloradFilipovic added a commit that referenced this pull request Apr 4, 2024
* master:
  fix(core): Ensure `status` on Axios errors is available to the BE (#9015)
  fix(editor): Make Webhook node pinnable (#9047)
  fix(core): Upgrade express to address CVE-2024-29041 (no-changelog) (#9021)
  fix(editor): Add fallback for expression resolution in multi-output case (#9045)
  ci(core): Upgrade express-openapi-validator (no-changelog) (#9022)
  refactor(core): Delete all auth exclusion config and checks (no-changelog) (#9044)
  fix(editor): Make share modal content scrollable (#9025)
@janober
Copy link
Member

janober commented Apr 5, 2024

Got released with n8n@1.36.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team Released
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants