fix(Microsoft SQL Node): Prevent SQL injection #7467
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…possible-sql-injection
michael-radency
added
n8n team
|
Great PR! Please pay attention to the following items before merging: Files matching
Files matching
Files matching
Make sure to check off this list before asking for review. |
netroy
reviewed
Oct 19, 2023
netroy
reviewed
Oct 19, 2023
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## master #7467 +/- ##
==========================================
+ Coverage 33.57% 33.60% +0.03%
==========================================
Files 3399 3399
Lines 207458 207465 +7
Branches 22426 22415 -11
==========================================
+ Hits 69653 69725 +72
+ Misses 136675 136607 -68
- Partials 1130 1133 +3
☔ View full report in Codecov by Sentry. |
netroy
requested changes
Oct 20, 2023
setup is rather easy with docker, here's is guide: |
…possible-sql-injection
…possible-sql-injection
Passing run #2559 ↗︎
Details:
Review all test suite changes for PR #7467 ↗︎ |
|||||||||||||||
|
✅ All Cypress E2E specs passed |
Merged
netroy
added a commit
that referenced
this pull request
Oct 25, 2023
# [1.13.0](https://github.com/n8n-io/n8n/compare/[email protected]@1.13.0) (2023-10-25) ### Bug Fixes * **core:** Do not return `inviteAcceptUrl` in response if email was sent ([#7465](#7465)) ([55c6a1b](55c6a1b)) * **core:** Ensure nodes post-processors run in the correct order ([#7500](#7500)) ([6f45298](6f45298)) * **core:** Fix `frontend.settings` external hook execution ([#7496](#7496)) ([774fe20](774fe20)) * **core:** Handle gzip and deflate compressed request payloads ([#7461](#7461)) ([83762e0](83762e0)) * **core:** Reduce logging overhead for levels that do not output ([#7479](#7479)) ([76c0481](76c0481)) * **Customer.io Node:** Fix api endpoint when using EU region ([#7485](#7485)) ([519680c](519680c)) * **editor:** Allow importing the same workflow multiple times ([#7458](#7458)) ([3c0a166](3c0a166)) * **editor:** Fix canvas selection breaking after interacting with node actions ([#7466](#7466)) ([bc47365](bc47365)) * **editor:** Fix connections disappearing after reactivating canvas and renaming a node ([#7483](#7483)) ([450e0cc](450e0cc)) * **Google Sheets Node:** Append or update runs forever when without column headers ([#7463](#7463)) ([ab6a9bb](ab6a9bb)) * **Microsoft SQL Node:** Prevent SQL injection ([#7467](#7467)) ([a739245](a739245)) * **MQTT Trigger Node:** Fix node causing a start up hang when active ([#7498](#7498)) ([baecb93](baecb93)) * **MySQL Node:** Resolve expressions in v1 ([#7464](#7464)) ([5c46bb0](5c46bb0)) * **Redis Node:** Fix adding sets data types ([#7444](#7444)) ([4e66023](4e66023)) * **Spreadsheet File Node:** Fix include empty cells not working with v2 ([#7505](#7505)) ([05e6f2a](05e6f2a)) ### Features * **core:** Add support for oauth based service accounts with UM SMTP ([#7311](#7311)) ([647372b](647372b)) * **editor:** Add PH tracking to event ([#7511](#7511)) ([c47d27d](c47d27d)) * **Facebook Lead Ads Trigger Node:** Add Facebook Lead Ads Trigger Node ([#7113](#7113)) ([ac814a9](ac814a9)) * **Ghost Node:** Add support for lexical format ([#7488](#7488)) ([7b1973c](7b1973c)) * **RSS Feed Trigger Node:** Add RSS feed trigger node ([#7386](#7386)) ([689360e](689360e)) Co-authored-by: netroy <[email protected]>
MiloradFilipovic
added a commit
that referenced
this pull request
Oct 25, 2023
* master: (30 commits) 🚀 Release 1.14.0 (#7514) ci: Fix oclif manifest generation feat(Switch Node): Add support for infinite Switch outputs (#7499) 🚀 Release 1.13.0 (#7512) fix(core): Ensure nodes post-processors run in the correct order (#7500) feat(editor): Add PH tracking to event (#7511) fix(core): Fix workflow activation with history and workflow history for EE (no-changelog) (#7508) refactor(core): Make executions pruning more resilient (#7480) fix(Spreadsheet File Node): Fix include empty cells not working with v2 (#7505) fix(core): Create instance settings directory recursively (no-changelog) (#7506) fix(Microsoft SQL Node): Prevent SQL injection (#7467) refactor(core): Make pruning via lifecycle configuration in S3 mode mandatory (#7482) fix(core): Always derive `instanceId` from the encryption key (no-changlog) (#7501) fix(MQTT Trigger Node): Fix node causing a start up hang when active (#7498) feat: Collect usage metrics on license renewal (no-changelog) (#7486) fix(core): Fix `frontend.settings` external hook execution (#7496) fix(Redis Node): Fix adding sets data types (#7444) fix: Save new version of the workflow instead of the previous (no-changelog) (#7428) refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) fix(Customer.io Node): Fix api endpoint when using EU region (#7485) ...
|
Got released with |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Github issue / Community forum post (link here to close automatically):