Elgato_dark/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n synced 2026-04-21 15:47:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

chore: Audit and secure .github/scripts shadow dependencies (#27083)

Browse source
This commit is contained in:
Matsu 2026-03-16 12:06:27 +02:00 committed by GitHub
parent 2d6a0e1041
commit 9d975450e3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
18 changed files with 593 additions and 165 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
.github/scripts/package.json vendored
View file

@ -1,16 +1,17 @@
{
"name": "workflow-scripts",
"scripts": {
"test": "node --test --experimental-test-module-mocks ./*.test.mjs"
},
"dependencies": {
"cacheable-lookup": "6.1.0",
"conventional-changelog": "^4.0.0",
"debug": "4.3.4",
"glob": "10.5.0",
"p-limit": "3.1.0",
"picocolors": "1.0.1",
"semver": "7.5.4",
"tempfile": "5.0.0",
"@actions/github": "9.0.0"
"@actions/github": "9.0.0",
"conventional-changelog": "7.2.0",
"debug": "4.4.3",
"glob": "13.0.6",
"semver": "7.7.4",
"tempfile": "6.0.1"
},
"devDependencies": {
"conventional-changelog-angular": "^8.3.0"
}
}

536
.github/scripts/pnpm-lock.yaml vendored Normal file
View file

@ -0,0 +1,536 @@
lockfileVersion: '9.0'
settings:
autoInstallPeers: true
excludeLinksFromLockfile: false
importers:
.:
dependencies:
'@actions/github':
specifier: 9.0.0
version: 9.0.0
conventional-changelog:
specifier: 7.2.0
version: 7.2.0(conventional-commits-filter@5.0.0)
debug:
specifier: 4.4.3
version: 4.4.3
glob:
specifier: 13.0.6
version: 13.0.6
semver:
specifier: 7.7.4
version: 7.7.4
tempfile:
specifier: 6.0.1
version: 6.0.1
devDependencies:
conventional-changelog-angular:
specifier: ^8.3.0
version: 8.3.0
packages:
'@actions/github@9.0.0':
resolution: {integrity: sha512-yJ0RoswsAaKcvkmpCE4XxBRiy/whH2SdTBHWzs0gi4wkqTDhXMChjSdqBz/F4AeiDlP28rQqL33iHb+kjAMX6w==}
'@actions/http-client@3.0.2':
resolution: {integrity: sha512-JP38FYYpyqvUsz+Igqlc/JG6YO9PaKuvqjM3iGvaLqFnJ7TFmcLyy2IDrY0bI0qCQug8E9K+elv5ZNfw62ZJzA==}
'@conventional-changelog/git-client@2.6.0':
resolution: {integrity: sha512-T+uPDciKf0/ioNNDpMGc8FDsehJClZP0yR3Q5MN6wE/Y/1QZ7F+80OgznnTCOlMEG4AV0LvH2UJi3C/nBnaBUg==}
engines: {node: '>=18'}
peerDependencies:
conventional-commits-filter: ^5.0.0
conventional-commits-parser: ^6.3.0
peerDependenciesMeta:
conventional-commits-filter:
optional: true
conventional-commits-parser:
optional: true
'@octokit/auth-token@6.0.0':
resolution: {integrity: sha512-P4YJBPdPSpWTQ1NU4XYdvHvXJJDxM6YwpS0FZHRgP7YFkdVxsWcpWGy/NVqlAA7PcPCnMacXlRm1y2PFZRWL/w==}
engines: {node: '>= 20'}
'@octokit/core@7.0.6':
resolution: {integrity: sha512-DhGl4xMVFGVIyMwswXeyzdL4uXD5OGILGX5N8Y+f6W7LhC1Ze2poSNrkF/fedpVDHEEZ+PHFW0vL14I+mm8K3Q==}
engines: {node: '>= 20'}
'@octokit/endpoint@11.0.3':
resolution: {integrity: sha512-FWFlNxghg4HrXkD3ifYbS/IdL/mDHjh9QcsNyhQjN8dplUoZbejsdpmuqdA76nxj2xoWPs7p8uX2SNr9rYu0Ag==}
engines: {node: '>= 20'}
'@octokit/graphql@9.0.3':
resolution: {integrity: sha512-grAEuupr/C1rALFnXTv6ZQhFuL1D8G5y8CN04RgrO4FIPMrtm+mcZzFG7dcBm+nq+1ppNixu+Jd78aeJOYxlGA==}
engines: {node: '>= 20'}
'@octokit/openapi-types@27.0.0':
resolution: {integrity: sha512-whrdktVs1h6gtR+09+QsNk2+FO+49j6ga1c55YZudfEG+oKJVvJLQi3zkOm5JjiUXAagWK2tI2kTGKJ2Ys7MGA==}
'@octokit/plugin-paginate-rest@14.0.0':
resolution: {integrity: sha512-fNVRE7ufJiAA3XUrha2omTA39M6IXIc6GIZLvlbsm8QOQCYvpq/LkMNGyFlB1d8hTDzsAXa3OKtybdMAYsV/fw==}
engines: {node: '>= 20'}
peerDependencies:
'@octokit/core': '>=6'
'@octokit/plugin-rest-endpoint-methods@17.0.0':
resolution: {integrity: sha512-B5yCyIlOJFPqUUeiD0cnBJwWJO8lkJs5d8+ze9QDP6SvfiXSz1BF+91+0MeI1d2yxgOhU/O+CvtiZ9jSkHhFAw==}
engines: {node: '>= 20'}
peerDependencies:
'@octokit/core': '>=6'
'@octokit/request-error@7.1.0':
resolution: {integrity: sha512-KMQIfq5sOPpkQYajXHwnhjCC0slzCNScLHs9JafXc4RAJI+9f+jNDlBNaIMTvazOPLgb4BnlhGJOTbnN0wIjPw==}
engines: {node: '>= 20'}
'@octokit/request@10.0.8':
resolution: {integrity: sha512-SJZNwY9pur9Agf7l87ywFi14W+Hd9Jg6Ifivsd33+/bGUQIjNujdFiXII2/qSlN2ybqUHfp5xpekMEjIBTjlSw==}
engines: {node: '>= 20'}
'@octokit/types@16.0.0':
resolution: {integrity: sha512-sKq+9r1Mm4efXW1FCk7hFSeJo4QKreL/tTbR0rz/qx/r1Oa2VV83LTA/H/MuCOX7uCIJmQVRKBcbmWoySjAnSg==}
'@simple-libs/child-process-utils@1.0.2':
resolution: {integrity: sha512-/4R8QKnd/8agJynkNdJmNw2MBxuFTRcNFnE5Sg/G+jkSsV8/UBgULMzhizWWW42p8L5H7flImV2ATi79Ove2Tw==}
engines: {node: '>=18'}
'@simple-libs/hosted-git-info@1.0.2':
resolution: {integrity: sha512-aAmGQdMH+ZinytKuA2832u0ATeOFNYNk4meBEXtB5xaPotUgggYNhq5tYU/v17wEbmTW5P9iHNqNrFyrhnqBAg==}
engines: {node: '>=18'}
'@simple-libs/stream-utils@1.2.0':
resolution: {integrity: sha512-KxXvfapcixpz6rVEB6HPjOUZT22yN6v0vI0urQSk1L8MlEWPDFCZkhw2xmkyoTGYeFw7tWTZd7e3lVzRZRN/EA==}
engines: {node: '>=18'}
'@types/normalize-package-data@2.4.4':
resolution: {integrity: sha512-37i+OaWTh9qeK4LSHPsyRC7NahnGotNuZvjLSgcPzblpHB3rrCJxAOgI5gCdKm7coonsaX1Of0ILiTcnZjbfxA==}
array-ify@1.0.0:
resolution: {integrity: sha512-c5AMf34bKdvPhQ7tBGhqkgKNUzMr4WUs+WDtC2ZUGOUncbxKMTvqxYctiseW3+L4bA8ec+GcZ6/A/FW4m8ukng==}
balanced-match@4.0.4:
resolution: {integrity: sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==}
engines: {node: 18 || 20 || >=22}
before-after-hook@4.0.0:
resolution: {integrity: sha512-q6tR3RPqIB1pMiTRMFcZwuG5T8vwp+vUvEG0vuI6B+Rikh5BfPp2fQ82c925FOs+b0lcFQ8CFrL+KbilfZFhOQ==}
brace-expansion@5.0.4:
resolution: {integrity: sha512-h+DEnpVvxmfVefa4jFbCf5HdH5YMDXRsmKflpf1pILZWRFlTbJpxeU55nJl4Smt5HQaGzg1o6RHFPJaOqnmBDg==}
engines: {node: 18 || 20 || >=22}
compare-func@2.0.0:
resolution: {integrity: sha512-zHig5N+tPWARooBnb0Zx1MFcdfpyJrfTJ3Y5L+IFvUm8rM74hHz66z0gw0x4tijh5CorKkKUCnW82R2vmpeCRA==}
conventional-changelog-angular@8.3.0:
resolution: {integrity: sha512-DOuBwYSqWzfwuRByY9O4oOIvDlkUCTDzfbOgcSbkY+imXXj+4tmrEFao3K+FxemClYfYnZzsvudbwrhje9VHDA==}
engines: {node: '>=18'}
conventional-changelog-preset-loader@5.0.0:
resolution: {integrity: sha512-SetDSntXLk8Jh1NOAl1Gu5uLiCNSYenB5tm0YVeZKePRIgDW9lQImromTwLa3c/Gae298tsgOM+/CYT9XAl0NA==}
engines: {node: '>=18'}
conventional-changelog-writer@8.4.0:
resolution: {integrity: sha512-HHBFkk1EECxxmCi4CTu091iuDpQv5/OavuCUAuZmrkWpmYfyD816nom1CvtfXJ/uYfAAjavgHvXHX291tSLK8g==}
engines: {node: '>=18'}
hasBin: true
conventional-changelog@7.2.0:
resolution: {integrity: sha512-BEdgG+vPl53EVlTTk9sZ96aagFp0AQ5pw/ggiQMy2SClLbTo1r0l+8dSg79gkLOO5DS1Lswuhp5fWn6RwE+ivg==}
engines: {node: '>=18'}
hasBin: true
conventional-commits-filter@5.0.0:
resolution: {integrity: sha512-tQMagCOC59EVgNZcC5zl7XqO30Wki9i9J3acbUvkaosCT6JX3EeFwJD7Qqp4MCikRnzS18WXV3BLIQ66ytu6+Q==}
engines: {node: '>=18'}
conventional-commits-parser@6.3.0:
resolution: {integrity: sha512-RfOq/Cqy9xV9bOA8N+ZH6DlrDR+5S3Mi0B5kACEjESpE+AviIpAptx9a9cFpWCCvgRtWT+0BbUw+e1BZfts9jg==}
engines: {node: '>=18'}
hasBin: true
debug@4.4.3:
resolution: {integrity: sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==}
engines: {node: '>=6.0'}
peerDependencies:
supports-color: '*'
peerDependenciesMeta:
supports-color:
optional: true
dot-prop@5.3.0:
resolution: {integrity: sha512-QM8q3zDe58hqUqjraQOmzZ1LIH9SWQJTlEKCH4kJ2oQvLZk7RbQXvtDM2XEq3fwkV9CCvvH4LA0AV+ogFsBM2Q==}
engines: {node: '>=8'}
fast-content-type-parse@3.0.0:
resolution: {integrity: sha512-ZvLdcY8P+N8mGQJahJV5G4U88CSvT1rP8ApL6uETe88MBXrBHAkZlSEySdUlyztF7ccb+Znos3TFqaepHxdhBg==}
fd-package-json@2.0.0:
resolution: {integrity: sha512-jKmm9YtsNXN789RS/0mSzOC1NUq9mkVd65vbSSVsKdjGvYXBuE4oWe2QOEoFeRmJg+lPuZxpmrfFclNhoRMneQ==}
glob@13.0.6:
resolution: {integrity: sha512-Wjlyrolmm8uDpm/ogGyXZXb1Z+Ca2B8NbJwqBVg0axK9GbBeoS7yGV6vjXnYdGm6X53iehEuxxbyiKp8QmN4Vw==}
engines: {node: 18 || 20 || >=22}
handlebars@4.7.8:
resolution: {integrity: sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==}
engines: {node: '>=0.4.7'}
hasBin: true
hosted-git-info@8.1.0:
resolution: {integrity: sha512-Rw/B2DNQaPBICNXEm8balFz9a6WpZrkCGpcWFpy7nCj+NyhSdqXipmfvtmWt9xGfp0wZnBxB+iVpLmQMYt47Tw==}
engines: {node: ^18.17.0 || >=20.5.0}
is-obj@2.0.0:
resolution: {integrity: sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==}
engines: {node: '>=8'}
is-safe-filename@0.1.1:
resolution: {integrity: sha512-4SrR7AdnY11LHfDKTZY1u6Ga3RuxZdl3YKWWShO5iyuG5h8QS4GD2tOb04peBJ5I7pXbR+CGBNEhTcwK+FzN3g==}
engines: {node: '>=20'}
json-with-bigint@3.5.7:
resolution: {integrity: sha512-7ei3MdAI5+fJPVnKlW77TKNKwQ5ppSzWvhPuSuINT/GYW9ZOC1eRKOuhV9yHG5aEsUPj9BBx5JIekkmoLHxZOw==}
lru-cache@10.4.3:
resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==}
lru-cache@11.2.7:
resolution: {integrity: sha512-aY/R+aEsRelme17KGQa/1ZSIpLpNYYrhcrepKTZgE+W3WM16YMCaPwOHLHsmopZHELU0Ojin1lPVxKR0MihncA==}
engines: {node: 20 || >=22}
meow@13.2.0:
resolution: {integrity: sha512-pxQJQzB6djGPXh08dacEloMFopsOqGVRKFPYvPOt9XDZ1HasbgDZA74CJGreSU4G3Ak7EFJGoiH2auq+yXISgA==}
engines: {node: '>=18'}
minimatch@10.2.4:
resolution: {integrity: sha512-oRjTw/97aTBN0RHbYCdtF1MQfvusSIBQM0IZEgzl6426+8jSC0nF1a/GmnVLpfB9yyr6g6FTqWqiZVbxrtaCIg==}
engines: {node: 18 || 20 || >=22}
minimist@1.2.8:
resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==}
minipass@7.1.3:
resolution: {integrity: sha512-tEBHqDnIoM/1rXME1zgka9g6Q2lcoCkxHLuc7ODJ5BxbP5d4c2Z5cGgtXAku59200Cx7diuHTOYfSBD8n6mm8A==}
engines: {node: '>=16 || 14 >=14.17'}
ms@2.1.3:
resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==}
neo-async@2.6.2:
resolution: {integrity: sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==}
normalize-package-data@7.0.1:
resolution: {integrity: sha512-linxNAT6M0ebEYZOx2tO6vBEFsVgnPpv+AVjk0wJHfaUIbq31Jm3T6vvZaarnOeWDh8ShnwXuaAyM7WT3RzErA==}
engines: {node: ^18.17.0 || >=20.5.0}
path-scurry@2.0.2:
resolution: {integrity: sha512-3O/iVVsJAPsOnpwWIeD+d6z/7PmqApyQePUtCndjatj/9I5LylHvt5qluFaBT3I5h3r1ejfR056c+FCv+NnNXg==}
engines: {node: 18 || 20 || >=22}
semver@7.7.4:
resolution: {integrity: sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==}
engines: {node: '>=10'}
hasBin: true
source-map@0.6.1:
resolution: {integrity: sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==}
engines: {node: '>=0.10.0'}
spdx-correct@3.2.0:
resolution: {integrity: sha512-kN9dJbvnySHULIluDHy32WHRUu3Og7B9sbY7tsFLctQkIqnMh3hErYgdMjTYuqmcXX+lK5T1lnUt3G7zNswmZA==}
spdx-exceptions@2.5.0:
resolution: {integrity: sha512-PiU42r+xO4UbUS1buo3LPJkjlO7430Xn5SVAhdpzzsPHsjbYVflnnFdATgabnLude+Cqu25p6N+g2lw/PFsa4w==}
spdx-expression-parse@3.0.1:
resolution: {integrity: sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==}
spdx-license-ids@3.0.23:
resolution: {integrity: sha512-CWLcCCH7VLu13TgOH+r8p1O/Znwhqv/dbb6lqWy67G+pT1kHmeD/+V36AVb/vq8QMIQwVShJ6Ssl5FPh0fuSdw==}
temp-dir@3.0.0:
resolution: {integrity: sha512-nHc6S/bwIilKHNRgK/3jlhDoIHcp45YgyiwcAk46Tr0LfEqGBVpmiAyuiuxeVE44m3mXnEeVhaipLOEWmH+Njw==}
engines: {node: '>=14.16'}
tempfile@6.0.1:
resolution: {integrity: sha512-DE4nURsf7nUqYHJKTgOVdpt0SBY5r4us4kbFXqg7KZFB7ih27NxIk3qXv29FtqTaE45stnLKTECmSc9ICuRbDQ==}
engines: {node: '>=20'}
tunnel@0.0.6:
resolution: {integrity: sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==}
engines: {node: '>=0.6.11 <=0.7.0 || >=0.7.3'}
uglify-js@3.19.3:
resolution: {integrity: sha512-v3Xu+yuwBXisp6QYTcH4UbH+xYJXqnq2m/LtQVWKWzYc1iehYnLixoQDN9FH6/j9/oybfd6W9Ghwkl8+UMKTKQ==}
engines: {node: '>=0.8.0'}
hasBin: true
undici@6.24.1:
resolution: {integrity: sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==}
engines: {node: '>=18.17'}
universal-user-agent@7.0.3:
resolution: {integrity: sha512-TmnEAEAsBJVZM/AADELsK76llnwcf9vMKuPz8JflO1frO8Lchitr0fNaN9d+Ap0BjKtqWqd/J17qeDnXh8CL2A==}
validate-npm-package-license@3.0.4:
resolution: {integrity: sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==}
walk-up-path@4.0.0:
resolution: {integrity: sha512-3hu+tD8YzSLGuFYtPRb48vdhKMi0KQV5sn+uWr8+7dMEq/2G/dtLrdDinkLjqq5TIbIBjYJ4Ax/n3YiaW7QM8A==}
engines: {node: 20 || >=22}
wordwrap@1.0.0:
resolution: {integrity: sha512-gvVzJFlPycKc5dZN4yPkP8w7Dc37BtP1yczEneOb4uq34pXZcvrtRTmWV8W+Ume+XCxKgbjM+nevkyFPMybd4Q==}
snapshots:
'@actions/github@9.0.0':
dependencies:
'@actions/http-client': 3.0.2
'@octokit/core': 7.0.6
'@octokit/plugin-paginate-rest': 14.0.0(@octokit/core@7.0.6)
'@octokit/plugin-rest-endpoint-methods': 17.0.0(@octokit/core@7.0.6)
'@octokit/request': 10.0.8
'@octokit/request-error': 7.1.0
undici: 6.24.1
'@actions/http-client@3.0.2':
dependencies:
tunnel: 0.0.6
undici: 6.24.1
'@conventional-changelog/git-client@2.6.0(conventional-commits-filter@5.0.0)(conventional-commits-parser@6.3.0)':
dependencies:
'@simple-libs/child-process-utils': 1.0.2
'@simple-libs/stream-utils': 1.2.0
semver: 7.7.4
optionalDependencies:
conventional-commits-filter: 5.0.0
conventional-commits-parser: 6.3.0
'@octokit/auth-token@6.0.0': {}
'@octokit/core@7.0.6':
dependencies:
'@octokit/auth-token': 6.0.0
'@octokit/graphql': 9.0.3
'@octokit/request': 10.0.8
'@octokit/request-error': 7.1.0
'@octokit/types': 16.0.0
before-after-hook: 4.0.0
universal-user-agent: 7.0.3
'@octokit/endpoint@11.0.3':
dependencies:
'@octokit/types': 16.0.0
universal-user-agent: 7.0.3
'@octokit/graphql@9.0.3':
dependencies:
'@octokit/request': 10.0.8
'@octokit/types': 16.0.0
universal-user-agent: 7.0.3
'@octokit/openapi-types@27.0.0': {}
'@octokit/plugin-paginate-rest@14.0.0(@octokit/core@7.0.6)':
dependencies:
'@octokit/core': 7.0.6
'@octokit/types': 16.0.0
'@octokit/plugin-rest-endpoint-methods@17.0.0(@octokit/core@7.0.6)':
dependencies:
'@octokit/core': 7.0.6
'@octokit/types': 16.0.0
'@octokit/request-error@7.1.0':
dependencies:
'@octokit/types': 16.0.0
'@octokit/request@10.0.8':
dependencies:
'@octokit/endpoint': 11.0.3
'@octokit/request-error': 7.1.0
'@octokit/types': 16.0.0
fast-content-type-parse: 3.0.0
json-with-bigint: 3.5.7
universal-user-agent: 7.0.3
'@octokit/types@16.0.0':
dependencies:
'@octokit/openapi-types': 27.0.0
'@simple-libs/child-process-utils@1.0.2':
dependencies:
'@simple-libs/stream-utils': 1.2.0
'@simple-libs/hosted-git-info@1.0.2': {}
'@simple-libs/stream-utils@1.2.0': {}
'@types/normalize-package-data@2.4.4': {}
array-ify@1.0.0: {}
balanced-match@4.0.4: {}
before-after-hook@4.0.0: {}
brace-expansion@5.0.4:
dependencies:
balanced-match: 4.0.4
compare-func@2.0.0:
dependencies:
array-ify: 1.0.0
dot-prop: 5.3.0
conventional-changelog-angular@8.3.0:
dependencies:
compare-func: 2.0.0
conventional-changelog-preset-loader@5.0.0: {}
conventional-changelog-writer@8.4.0:
dependencies:
'@simple-libs/stream-utils': 1.2.0
conventional-commits-filter: 5.0.0
handlebars: 4.7.8
meow: 13.2.0
semver: 7.7.4
conventional-changelog@7.2.0(conventional-commits-filter@5.0.0):
dependencies:
'@conventional-changelog/git-client': 2.6.0(conventional-commits-filter@5.0.0)(conventional-commits-parser@6.3.0)
'@simple-libs/hosted-git-info': 1.0.2
'@types/normalize-package-data': 2.4.4
conventional-changelog-preset-loader: 5.0.0
conventional-changelog-writer: 8.4.0
conventional-commits-parser: 6.3.0
fd-package-json: 2.0.0
meow: 13.2.0
normalize-package-data: 7.0.1
transitivePeerDependencies:
- conventional-commits-filter
conventional-commits-filter@5.0.0: {}
conventional-commits-parser@6.3.0:
dependencies:
'@simple-libs/stream-utils': 1.2.0
meow: 13.2.0
debug@4.4.3:
dependencies:
ms: 2.1.3
dot-prop@5.3.0:
dependencies:
is-obj: 2.0.0
fast-content-type-parse@3.0.0: {}
fd-package-json@2.0.0:
dependencies:
walk-up-path: 4.0.0
glob@13.0.6:
dependencies:
minimatch: 10.2.4
minipass: 7.1.3
path-scurry: 2.0.2
handlebars@4.7.8:
dependencies:
minimist: 1.2.8
neo-async: 2.6.2
source-map: 0.6.1
wordwrap: 1.0.0
optionalDependencies:
uglify-js: 3.19.3
hosted-git-info@8.1.0:
dependencies:
lru-cache: 10.4.3
is-obj@2.0.0: {}
is-safe-filename@0.1.1: {}
json-with-bigint@3.5.7: {}
lru-cache@10.4.3: {}
lru-cache@11.2.7: {}
meow@13.2.0: {}
minimatch@10.2.4:
dependencies:
brace-expansion: 5.0.4
minimist@1.2.8: {}
minipass@7.1.3: {}
ms@2.1.3: {}
neo-async@2.6.2: {}
normalize-package-data@7.0.1:
dependencies:
hosted-git-info: 8.1.0
semver: 7.7.4
validate-npm-package-license: 3.0.4
path-scurry@2.0.2:
dependencies:
lru-cache: 11.2.7
minipass: 7.1.3
semver@7.7.4: {}
source-map@0.6.1: {}
spdx-correct@3.2.0:
dependencies:
spdx-expression-parse: 3.0.1
spdx-license-ids: 3.0.23
spdx-exceptions@2.5.0: {}
spdx-expression-parse@3.0.1:
dependencies:
spdx-exceptions: 2.5.0
spdx-license-ids: 3.0.23
spdx-license-ids@3.0.23: {}
temp-dir@3.0.0: {}
tempfile@6.0.1:
dependencies:
is-safe-filename: 0.1.1
temp-dir: 3.0.0
tunnel@0.0.6: {}
uglify-js@3.19.3:
optional: true
undici@6.24.1: {}
universal-user-agent@7.0.3: {}
validate-npm-package-license@3.0.4:
dependencies:
spdx-correct: 3.2.0
spdx-expression-parse: 3.0.1
walk-up-path@4.0.0: {}
wordwrap@1.0.0: {}

42
.github/scripts/update-changelog.mjs vendored
View file

@ -1,5 +1,5 @@
import createTempFile from 'tempfile';
import conventionalChangelog from 'conventional-changelog';
import { ConventionalChangelog, packagePrefix } from 'conventional-changelog';
import { resolve } from 'path';
import { createReadStream, createWriteStream } from 'fs';
import { dirname } from 'path';
@ -12,21 +12,32 @@ const fullChangelogFile = resolve(baseDir, 'CHANGELOG.md');
// Version includes experimental versions (e.g., 1.2.3-exp.0)
const versionChangelogFile = resolve(baseDir, `CHANGELOG-${packageJson.version}.md`);
const changelogStream = conventionalChangelog({
preset: 'angular',
releaseCount: 1,
tagPrefix: 'n8n@',
transform: (commit, callback) => {
const hasNoChangelogInHeader = commit.header.includes('(no-changelog)');
const isBenchmarkScope = commit.scope === 'benchmark';
const changelogStream = new ConventionalChangelog()
.package(packageJson)
.readRepository()
.loadPreset('angular')
.tags({
prefix: 'n8n@',
})
.context({
version: packageJson.version,
repoUrl: 'https://github.com/n8n-io/n8n',
})
.options({
releaseCount: 1,
transformCommit(commit) {
const hasNoChangelogInHeader = commit.header?.includes('(no-changelog)');
const isBenchmarkScope = commit.scope === 'benchmark';
// Ignore commits that have 'benchmark' scope or '(no-changelog)' in the header
callback(null, hasNoChangelogInHeader || isBenchmarkScope ? undefined : commit);
},
}).on('error', (err) => {
console.error(err.stack);
process.exit(1);
});
// Ignore commits that have 'benchmark' scope or '(no-changelog)' in the header
return hasNoChangelogInHeader || isBenchmarkScope ? null : commit;
},
})
.writeStream()
.on('error', (err) => {
console.error(err.stack);
process.exit(1);
});
// Write the new changelog to a new temporary file, so that the contents can be used in the PR description
await pipeline(changelogStream, createWriteStream(versionChangelogFile));
@ -36,5 +47,6 @@ await pipeline(changelogStream, createWriteStream(versionChangelogFile));
const tmpFile = createTempFile();
const tmpStream = createWriteStream(tmpFile);
await pipeline(createReadStream(versionChangelogFile), tmpStream, { end: false });
tmpStream.write('\n\n');
await pipeline(createReadStream(fullChangelogFile), tmpStream);
await pipeline(createReadStream(tmpFile), createWriteStream(fullChangelogFile));

90
.github/scripts/validate-docs-links.js vendored
View file

@ -1,90 +0,0 @@
#!/usr/bin/env node
const packages = ['nodes-base', '@n8n/nodes-langchain'];
const concurrency = 20;
let exitCode = 0;
const debug = require('debug')('n8n');
const path = require('path');
const https = require('https');
const glob = require('glob');
const pLimit = require('p-limit');
const picocolors = require('picocolors');
const Lookup = require('cacheable-lookup').default;
const agent = new https.Agent({ keepAlive: true, keepAliveMsecs: 5000 });
new Lookup().install(agent);
const limiter = pLimit(concurrency);
const validateUrl = async (packageName, kind, type) =>
new Promise((resolve, reject) => {
const name = type.displayName;
const documentationUrl =
kind === 'credentials'
? type.documentationUrl
: type.codex?.resources?.primaryDocumentation?.[0]?.url;
if (!documentationUrl) resolve([name, null]);
const url = new URL(
/^https?:\/\//.test(documentationUrl)
? documentationUrl
: `https://docs.n8n.io/integrations/builtin/${kind}/${documentationUrl.toLowerCase()}/`,
);
https
.request(
{
hostname: url.hostname,
port: 443,
path: url.pathname,
method: 'HEAD',
agent,
},
(res) => {
debug(picocolors.green('✓'), packageName, kind, name);
resolve([name, res.statusCode]);
},
)
.on('error', (e) => {
debug(picocolors.red('✘'), packageName, kind, name);
reject(e);
})
.end();
});
const checkLinks = async (packageName, kind) => {
const baseDir = path.resolve(__dirname, '../../packages', packageName);
let types = require(path.join(baseDir, `dist/types/${kind}.json`));
if (kind === 'nodes')
types = types.filter(
({ codex, hidden }) => !!codex?.resources?.primaryDocumentation && !hidden,
);
debug(packageName, kind, types.length);
const statuses = await Promise.all(
types.map((type) =>
limiter(() => {
return validateUrl(packageName, kind, type);
}),
),
);
const missingDocs = [];
const invalidUrls = [];
for (const [name, statusCode] of statuses) {
if (statusCode === null) missingDocs.push(name);
if (statusCode !== 200) invalidUrls.push(name);
}
if (missingDocs.length)
console.log('Documentation URL missing in %s for %s', packageName, kind, missingDocs);
if (invalidUrls.length)
console.log('Documentation URL invalid in %s for %s', packageName, kind, invalidUrls);
if (missingDocs.length || invalidUrls.length) exitCode = 1;
};
(async () => {
for (const packageName of packages) {
await Promise.all([checkLinks(packageName, 'credentials'), checkLinks(packageName, 'nodes')]);
if (exitCode !== 0) process.exit(exitCode);
}
})();

2
.github/workflows/backport.yml vendored
View file

@ -39,7 +39,7 @@ jobs:
uses: ./.github/actions/setup-nodejs
with:
build-command: ''
install-command: npm install --prefix=.github/scripts --no-package-lock
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Compute backport targets
id: targets

2
.github/workflows/release-create-patch-pr.yml vendored
View file

@ -27,7 +27,7 @@ jobs:
uses: ./.github/actions/setup-nodejs
with:
build-command: ''
install-command: npm install --prefix=.github/scripts --no-package-lock
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Determine release candidate branch from track
id: determine-branch

8
.github/workflows/release-create-pr.yml vendored
View file

@ -70,11 +70,11 @@ jobs:
BASE_BRANCH: ${{ inputs.base-branch }}
run: git checkout "$BASE_BRANCH"
- uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
- name: Setup Node.js
uses: ./.github/actions/setup-nodejs
with:
node-version: 24.13.1
- run: npm install --prefix=.github/scripts --no-package-lock
build-command: ''
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Setup corepack and pnpm
run: |

2
.github/workflows/release-populate-cloud-with-releases.yml vendored
View file

@ -48,7 +48,7 @@ jobs:
uses: ./.github/actions/setup-nodejs
with:
build-command: ''
install-command: npm install --prefix=.github/scripts --no-package-lock
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Extract changes
id: get-changes

2
.github/workflows/release-publish.yml vendored
View file

@ -30,7 +30,7 @@ jobs:
uses: ./.github/actions/setup-nodejs
with:
build-command: ''
install-command: npm install --prefix=.github/scripts --no-package-lock
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Determine track from package version number
id: determine-info

2
.github/workflows/release-update-pointer-tag.yml vendored
View file

@ -51,8 +51,8 @@ jobs:
- name: Setup NodeJS
uses: ./.github/actions/setup-nodejs
with:
install-command: npm install --prefix=.github/scripts --no-package-lock
build-command: ''
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Configure git author
run: |

2
.github/workflows/release-version-release-notification.yml vendored
View file

@ -37,7 +37,7 @@ jobs:
uses: ./.github/actions/setup-nodejs
with:
build-command: ''
install-command: npm install --prefix=.github/scripts --no-package-lock
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Send release notification
env:

2
.github/workflows/test-workflow-scripts-reusable.yml vendored
View file

@ -30,7 +30,7 @@ jobs:
uses: ./.github/actions/setup-nodejs
with:
build-command: ''
install-command: npm install --prefix=.github/scripts --no-package-lock
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Run tests
id: run-tests

37
.github/workflows/util-check-docs-urls.yml vendored
View file

@ -1,37 +0,0 @@
name: 'Util: Check Docs URLs'
on:
release:
types: [published]
schedule:
- cron: '0 0 * * *'
workflow_dispatch:
jobs:
check-docs-urls:
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Node.js
uses: ./.github/actions/setup-nodejs
with:
build-command: turbo build --filter=*nodes*
- run: npm install --prefix=.github/scripts --no-package-lock
- name: Test URLs
run: node .github/scripts/validate-docs-links.js
- name: Notify Slack on failure
uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d # v2.1.0
if: failure()
with:
status: ${{ job.status }}
channel: '#alerts-build'
webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}
message: |
<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}| Documentation URLs check failed >

2
.github/workflows/util-cleanup-abandoned-release-branches.yml vendored
View file

@ -30,7 +30,7 @@ jobs:
uses: ./.github/actions/setup-nodejs
with:
build-command: ''
install-command: npm install --prefix=.github/scripts --no-package-lock
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Cleanup release branch if PR qualifies
run: node .github/scripts/cleanup-release-branch.mjs

2
.github/workflows/util-determine-current-version.yml vendored
View file

@ -32,7 +32,7 @@ jobs:
uses: ./.github/actions/setup-nodejs
with:
build-command: ''
install-command: npm install --prefix=.github/scripts --no-package-lock
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Extract release versions
id: get-tags

2
.github/workflows/util-ensure-release-candidate-branches.yml vendored
View file

@ -20,8 +20,8 @@ jobs:
- name: Setup NodeJS
uses: ./.github/actions/setup-nodejs
with:
install-command: npm install --prefix=.github/scripts --no-package-lock
build-command: ''
install-command: pnpm install --frozen-lockfile --dir ./.github/scripts --ignore-workspace
- name: Ensure release-candidate branches
run: node ./.github/scripts/ensure-release-candidate-branches.mjs

1
.gitignore vendored
View file

@ -16,6 +16,7 @@ _START_PACKAGE
.idea
nodelinter.config.json
**/package-lock.json
!.github/scripts/package-lock.json
packages/**/.turbo
.turbo
*.tsbuildinfo

5
renovate.json
View file

@ -64,6 +64,11 @@
"description": "Group TypeScript packages",
"matchPackageNames": ["typescript", "*tsx*", "*tsup*"],
"groupName": "TypeScript"
},
{
"description": "Group Workflow script (.github/scripts) dependencies",
"matchFileNames": [".github/scripts/package.json"],
"groupName": "Workflow script dependencies"
}
],
"lockFileMaintenance": {