fix(core): Prevent prototype pollution on injectable services #6309
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportPatch and project coverage have no change.
Additional details and impacted files@@ Coverage Diff @@
## master #6309 +/- ##
=======================================
Coverage 27.66% 27.66%
=======================================
Files 2958 2958
Lines 181357 181357
Branches 19723 19724 +1
=======================================
Hits 50179 50179
Misses 130433 130433
Partials 745 745 ☔ View full report in Codecov by Sentry. |
This helps prevent classes from being tampered by external-hooks or community nodes
netroy
force-pushed
the
tamper-proof-services
branch
from
7ae1c9a
to
176733c
Compare
flipswitchingmonkey
approved these changes
May 26, 2023
|
✅ All Cypress E2E specs passed |
csuermann
pushed a commit
that referenced
this pull request
May 26, 2023
This helps prevent classes from being tampered by external-hooks or community nodes
maspio
pushed a commit
that referenced
this pull request
May 30, 2023
This helps prevent classes from being tampered by external-hooks or community nodes
|
Got released with |
MiloradFilipovic
added a commit
that referenced
this pull request
Jun 1, 2023
* master: (54 commits) feat: Version control mvp (#6271) feat(editor): Implement Resource Mapper component (#6207) fix(editor): Update SSO settings styles (#6342) fix: Show `Ask AI` only on Code Node (#6336) feat(core): Add metadata (customdata) to event log (#6334) refactor: Add telemetry to upgrade paths (no-changelog) (#6313) fix(Code Node): Fix `item` and `items` alias regression (#6331) feat: Add manual login option and password reset link for SSO (#6328) fix(editor): Fix Luxon date parsing of ExecutionsUsage component (#6333) fix(core): Do not track errored workflow executions for automated executions (no-changelog) (#6322) fix(core): Prevent prototype pollution on injectable services (#6309) fix(core): Optimize getSharedWorkflowIds query (#6314) ci: Reset DB only once per e2e test (no-changelog) (#6216) feat(editor): Bring back checklist experiment (no-changelog) (#6307) fix: Add ldapts to nodes-base package (no-changelog) (#6315) fix(Code Node): Update vm2 to address CVE-2023-32313 (#6318) feat: Add tab visibility change detection when polling executions (no-changelog) (#6311) fix(editor): Fix locale plularisation if count is 0 (#6312) 🚀 Release 0.230.0 (#6310) fix(Execute Command Node): Block executions when `command` is empty (#6308) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This helps prevent classes from being tampered by external-hooks or community nodes