Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(core): Force-upgrade decode-uri-component to address CVE-2022-38900 #5734

Merged
merged 1 commit into from
Mar 21, 2023

Conversation

netroy
Copy link
Member

@netroy netroy commented Mar 20, 2023

@n8n-assistant n8n-assistant bot added the n8n team Authored by the n8n team label Mar 20, 2023
@codecov
Copy link

codecov bot commented Mar 20, 2023

Codecov Report

Patch coverage has no change and project coverage change: -0.01 ⚠️

Comparison is base (cb2ba97) 14.31% compared to head (449c423) 14.30%.

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #5734      +/-   ##
==========================================
- Coverage   14.31%   14.30%   -0.01%     
==========================================
  Files        2466     2466              
  Lines      112903   112903              
  Branches    17557    17557              
==========================================
- Hits        16159    16155       -4     
- Misses      96244    96248       +4     
  Partials      500      500              

see 3 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@netroy netroy merged commit 8dd7f6e into master Mar 21, 2023
@netroy netroy deleted the CVE-2022-38900 branch March 21, 2023 13:49
@n8n-assistant n8n-assistant bot added the Upcoming Release Will be part of the upcoming release label Mar 21, 2023
MiloradFilipovic added a commit that referenced this pull request Mar 23, 2023
…nd-foundations-sheets-node-api-endpoint

* feature/resource-mapping-component:
  fix(editor): Use credentials when fetching node and credential types (#5760)
  fix: Update Posthog no-capture (#5693)
  fix(core): Return SAML service provider urls with config (#5759)
  fix(HTTP Request Node): Fix AWS credentials to automatically deconstruct the url (#5751)
  feat(editor): Fix ResourceLocator dropdown style (#5714)
  feat(Filter Node): New node
  fix(core): Require Auth on icons and nodes/credentials types static files (no-changelog) (#5745)
  refactor(core): Stop importing LoggerProxy and createDeferredPromise in nodes-base (no-changelog) (#5742)
  feat(core): Make OAuth2 error handling consistent with success handling (#5555)
  fix(Split In Batches Node): Roll back changes in v1 and create v2 (#5747)
  ci: Upgrade sanitize-html from 2.9.0 to 2.10.0 (#5744)
  fix(core): Remove circular refs from Code and push msg (#5741)
  fix(HTTP Request Node): Add streaming to binary response  (#5701)
  fix(core): Force-upgrade `http-cache-semantics` to address CVE-2022-25881 (#5733)
  fix(core): Force-upgrade `decode-uri-component` to address CVE-2022-38900 (#5734)
@janober
Copy link
Member

janober commented Mar 30, 2023

Got released with [email protected]

sunilrr pushed a commit to fl-g6/qp-n8n that referenced this pull request Apr 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
n8n team Authored by the n8n team Released security skip-e2e Upcoming Release Will be part of the upcoming release
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants