From 4b6e5f09e6770938de5e590a7e0d4565e3dc865c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?= =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?= =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?= Date: Fri, 31 May 2024 11:54:30 +0200 Subject: [PATCH] fix(core): Upgrade mysql2 to address CVE-2024-21512 (#9565) --- packages/cli/package.json | 2 +- packages/nodes-base/package.json | 2 +- pnpm-lock.yaml | 24 ++++++++++++------------ 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/packages/cli/package.json b/packages/cli/package.json index bfef67e580d7b..48c4c46993658 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -145,7 +145,7 @@ "ldapts": "4.2.6", "lodash": "4.17.21", "luxon": "3.3.0", - "mysql2": "3.9.7", + "mysql2": "3.10.0", "n8n-core": "workspace:*", "n8n-editor-ui": "workspace:*", "n8n-nodes-base": "workspace:*", diff --git a/packages/nodes-base/package.json b/packages/nodes-base/package.json index 8f003a91902c7..904a1753da158 100644 --- a/packages/nodes-base/package.json +++ b/packages/nodes-base/package.json @@ -875,7 +875,7 @@ "mongodb": "6.3.0", "mqtt": "5.0.2", "mssql": "10.0.2", - "mysql2": "3.9.7", + "mysql2": "3.10.0", "n8n-workflow": "workspace:*", "nanoid": "3.3.6", "node-html-markdown": "1.2.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 95590344e2f4f..7829a04d14641 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -499,7 +499,7 @@ importers: dependencies: '@langchain/community': specifier: 0.2.2 - version: 0.2.2(@pinecone-database/pinecone@2.1.0)(axios@1.6.7)(handlebars@4.7.8)(ioredis@5.3.2)(jsonwebtoken@9.0.2)(lodash@4.17.21)(mysql2@3.9.7)(pg@8.11.3)(ws@8.14.2) + version: 0.2.2(@pinecone-database/pinecone@2.1.0)(axios@1.6.7)(handlebars@4.7.8)(ioredis@5.3.2)(jsonwebtoken@9.0.2)(lodash@4.17.21)(mysql2@3.10.0)(pg@8.11.3)(ws@8.14.2) '@langchain/core': specifier: 0.2.0 version: 0.2.0 @@ -523,7 +523,7 @@ importers: version: link:../@n8n/permissions '@n8n/typeorm': specifier: 0.3.20-10 - version: 0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mysql2@3.9.7)(pg@8.11.3)(sqlite3@5.1.7) + version: 0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mysql2@3.10.0)(pg@8.11.3)(sqlite3@5.1.7) '@n8n_io/license-sdk': specifier: 2.12.0 version: 2.12.0 @@ -663,8 +663,8 @@ importers: specifier: 3.3.0 version: 3.3.0 mysql2: - specifier: 3.9.7 - version: 3.9.7 + specifier: 3.10.0 + version: 3.10.0 n8n-core: specifier: workspace:* version: link:../core @@ -1436,8 +1436,8 @@ importers: specifier: 10.0.2 version: 10.0.2 mysql2: - specifier: 3.9.7 - version: 3.9.7 + specifier: 3.10.0 + version: 3.10.0 n8n-workflow: specifier: workspace:* version: link:../workflow @@ -6514,7 +6514,7 @@ packages: - supports-color dev: false - /@langchain/community@0.2.2(@pinecone-database/pinecone@2.1.0)(axios@1.6.7)(handlebars@4.7.8)(ioredis@5.3.2)(jsonwebtoken@9.0.2)(lodash@4.17.21)(mysql2@3.9.7)(pg@8.11.3)(ws@8.14.2): + /@langchain/community@0.2.2(@pinecone-database/pinecone@2.1.0)(axios@1.6.7)(handlebars@4.7.8)(ioredis@5.3.2)(jsonwebtoken@9.0.2)(lodash@4.17.21)(mysql2@3.10.0)(pg@8.11.3)(ws@8.14.2): resolution: {integrity: sha512-TtlZnPBYt7Sujc1hAYvdZKUmV97wuF15O7b4nBX4lBfQeW38N0DwGbhqpitDbpaJqZ2s8DM4rjapECk0kIdAww==} engines: {node: '>=18'} peerDependencies: @@ -6883,7 +6883,7 @@ packages: langchain: 0.2.2(@pinecone-database/pinecone@2.1.0)(axios@1.6.7)(handlebars@4.7.8)(ioredis@5.3.2)(ws@8.14.2) langsmith: 0.1.12 lodash: 4.17.21 - mysql2: 3.9.7 + mysql2: 3.10.0 pg: 8.11.3 uuid: 9.0.1 ws: 8.14.2 @@ -7216,7 +7216,7 @@ packages: recast: 0.22.0 dev: false - /@n8n/typeorm@0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mysql2@3.9.7)(pg@8.11.3)(sqlite3@5.1.7): + /@n8n/typeorm@0.3.20-10(@sentry/node@7.87.0)(ioredis@5.3.2)(mysql2@3.10.0)(pg@8.11.3)(sqlite3@5.1.7): resolution: {integrity: sha512-YYQKkafEGqNAG+VgtGbJOWpcyF4ZsRJ+Q7qXigTXZFQb4xpL/+t0BXEMhy8Gw0OEjnZI5cbLGHcQtj7Xlfg7dw==} engines: {node: '>=16.13.0'} hasBin: true @@ -7293,7 +7293,7 @@ packages: glob: 10.3.10 ioredis: 5.3.2 mkdirp: 2.1.3 - mysql2: 3.9.7 + mysql2: 3.10.0 pg: 8.11.3 reflect-metadata: 0.2.2 sha.js: 2.4.11 @@ -20026,8 +20026,8 @@ packages: engines: {node: '>=12.0.0'} dev: true - /mysql2@3.9.7: - resolution: {integrity: sha512-KnJT8vYRcNAZv73uf9zpXqNbvBG7DJrs+1nACsjZP1HMJ1TgXEy8wnNilXAn/5i57JizXKtrUtwDB7HxT9DDpw==} + /mysql2@3.10.0: + resolution: {integrity: sha512-qx0mfWYt1DpTPkw8mAcHW/OwqqyNqBLBHvY5IjN8+icIYTjt6znrgYJ+gxqNNRpVknb5Wc/gcCM4XjbCR0j5tw==} engines: {node: '>= 8.0'} dependencies: denque: 2.1.0