mirror/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2026-06-19 07:36:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Fix 4 security issues in @grpc/grpc-js, hono (#32281)

Browse Source 
Co-authored-by: aikido-autofix[bot] <119856028+aikido-autofix[bot]@users.noreply.github.com>
This commit is contained in:
aikido-autofix[bot]
2026-06-15 08:25:12 +01:00
committed by GitHub
parent 818ce6b0de
commit e292779f1a
2 changed files with 25 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
package.json
+2 -2
View File
@@ -175,7 +175,6 @@
"yaml@<=2.8.3": "2.8.3",
"axios": "1.16.1",
"fast-xml-parser": "5.7.2",
"hono": "4.12.21",
"postcss@<=8.5.9": "8.5.10",
"@anthropic-ai/sdk@<=0.91.1": "0.91.1",
"uuid@<=13.0.1": "13.0.1",
@@ -187,7 +186,8 @@
"@tootallnate/once@2": "2.0.1",
"@opentelemetry/exporter-prometheus@<=0.217.0": "0.217.0",
"@opentelemetry/sdk-node@<=0.217.0": "0.217.0",
"langsmith": "0.6.0"
"langsmith": "0.6.0",
"hono": "4.12.25"
},
"patchedDependencies": {
"bull@4.16.4": "patches/bull@4.16.4.patch",
pnpm-lock.yaml
Generated
+23 -23
View File
@@ -578,7 +578,6 @@ overrides:
yaml@<=2.8.3: 2.8.3
axios: 1.16.1
fast-xml-parser: 5.7.2
hono: 4.12.21
postcss@<=8.5.9: 8.5.10
'@anthropic-ai/sdk@<=0.91.1': 0.91.1
uuid@<=13.0.1: 13.0.1
@@ -591,6 +590,7 @@ overrides:
'@opentelemetry/exporter-prometheus@<=0.217.0': 0.217.0
'@opentelemetry/sdk-node@<=0.217.0': 0.217.0
langsmith: 0.6.0
hono: 4.12.25
patchedDependencies:
'@lezer/highlight':
@@ -7301,8 +7301,8 @@ packages:
peerDependencies:
graphql: ^0.8.0 || ^0.9.0 || ^0.10.0 || ^0.11.0 || ^0.12.0 || ^0.13.0 || ^14.0.0 || ^15.0.0 || ^16.0.0 || ^17.0.0
'@grpc/grpc-js@1.14.3':
resolution: {integrity: sha512-Iq8QQQ/7X3Sac15oB6p0FmUg/klxQvXLeileoqrTRGJYLV+/9tubbr9ipz0GKHjmXVsgFPo/+W+2cA8eNcR+XA==}
'@grpc/grpc-js@1.14.4':
resolution: {integrity: sha512-k9Dj3DV/itK9D06Y8f190Qgop7/Ui+D0njFV3LHMPwPT75DpXLQohE9Wmz0QElrJnzsjB7KPWiKJbOl7IPDArQ==}
engines: {node: '>=12.10.0'}
'@grpc/proto-loader@0.7.13':
@@ -7319,7 +7319,7 @@ packages:
resolution: {integrity: sha512-TsQLe4i2gvoTtrHje625ngThGBySOgSK3Xo2XRYOdqGN1teR8+I7vchQC46uLJi8OF62YTYA3AhSpumtkhsaKQ==}
engines: {node: '>=18.14.1'}
peerDependencies:
hono: 4.12.21
hono: 4.12.25
'@huggingface/inference@4.0.5':
resolution: {integrity: sha512-/Qc45BGrN+FBA3JfdeoHfafxfNShH/dxvOsXbBdcxyxIRIYOyefeiXSlShZGVCaiqYpm+10na28D0YtvjKPTlw==}
@@ -15087,8 +15087,8 @@ packages:
resolution: {integrity: sha512-eSmmWE5bZTK2Nou4g0AI3zZ9rswp7GRKoKXS1BLUkvPviOqs4YTN1djQIqrXy9k5gEtdLPy86JjRwsNM9tnDcA==}
engines: {node: '>=0.10.0'}
hono@4.12.21:
resolution: {integrity: sha512-uV63apnb0kyPtAUwoWgaGh9HyIFcv8lgmzPZSiTBQAFOFGIzka5EZ1dZocmGnn0XdX0+XTqJ6Tqv7selMuGLRQ==}
hono@4.12.25:
resolution: {integrity: sha512-2NFaIyNVgJmBs/ecmtGzlmluTFs5cHEWGTdu0t1HBwYzoGXOL5nUQBRMXsXWla5i4KkG//QMzVP88m1+I3fdAQ==}
engines: {node: '>=16.9.0'}
hookable@5.5.3:
@@ -21173,7 +21173,7 @@ packages:
engines: {node: '>=18'}
xlsx@https://cdn.sheetjs.com/xlsx-0.20.2/xlsx-0.20.2.tgz:
resolution: {integrity: sha512-+nKZ39+nvK7Qq6i0PvWWRA4j/EkfWOtkP/YhMtupm+lJIiHxUrgTr1CcKv1nBk1rHtkRRQ3O2+Ih/q/sA+FXZA==, tarball: https://cdn.sheetjs.com/xlsx-0.20.2/xlsx-0.20.2.tgz}
resolution: {tarball: https://cdn.sheetjs.com/xlsx-0.20.2/xlsx-0.20.2.tgz}
version: 0.20.2
engines: {node: '>=0.8'}
hasBin: true
@@ -24523,7 +24523,7 @@ snapshots:
dependencies:
graphql: 16.11.0
'@grpc/grpc-js@1.14.3':
'@grpc/grpc-js@1.14.4':
dependencies:
'@grpc/proto-loader': 0.8.0
'@js-sdsl/ordered-map': 4.4.2
@@ -24542,9 +24542,9 @@ snapshots:
protobufjs: 7.5.8
yargs: 17.7.2
'@hono/node-server@1.19.13(hono@4.12.21)':
'@hono/node-server@1.19.13(hono@4.12.25)':
dependencies:
hono: 4.12.21
hono: 4.12.25
'@huggingface/inference@4.0.5':
dependencies:
@@ -25655,7 +25655,7 @@ snapshots:
'@microsoft/agents-a365-runtime': 0.1.0-preview.113
'@microsoft/agents-a365-tooling': 0.1.0-preview.113(zod@3.25.67)
'@microsoft/agents-hosting': 1.2.3
hono: 4.12.21
hono: 4.12.25
langchain: 1.2.30(@langchain/core@1.1.41(@opentelemetry/api@1.9.0)(@opentelemetry/exporter-trace-otlp-proto@0.217.0(@opentelemetry/api@1.9.0))(@opentelemetry/sdk-trace-base@2.7.1(@opentelemetry/api@1.9.0))(openai@6.34.0(ws@8.21.0(bufferutil@4.0.9)(utf-8-validate@5.0.10))(zod@3.25.67))(ws@8.21.0(bufferutil@4.0.9)(utf-8-validate@5.0.10)))(@opentelemetry/api@1.9.0)(@opentelemetry/exporter-trace-otlp-proto@0.217.0(@opentelemetry/api@1.9.0))(@opentelemetry/sdk-trace-base@2.7.1(@opentelemetry/api@1.9.0))(openai@6.34.0(ws@8.21.0(bufferutil@4.0.9)(utf-8-validate@5.0.10))(zod@3.25.67))(react-dom@18.2.0(react@18.2.0))(react@18.2.0)(vue@3.5.26(typescript@6.0.2))(ws@8.21.0(bufferutil@4.0.9)(utf-8-validate@5.0.10))(zod-to-json-schema@3.23.3(zod@3.25.67))
uuid: 13.0.1
optionalDependencies:
@@ -25683,7 +25683,7 @@ snapshots:
'@microsoft/agents-hosting': 1.2.3
'@modelcontextprotocol/sdk': 1.26.0(zod@3.25.67)
express: 5.2.1
hono: 4.12.21
hono: 4.12.25
transitivePeerDependencies:
- '@cfworker/json-schema'
- debug
@@ -25770,7 +25770,7 @@ snapshots:
'@modelcontextprotocol/sdk@1.26.0(zod@3.25.67)':
dependencies:
'@hono/node-server': 1.19.13(hono@4.12.21)
'@hono/node-server': 1.19.13(hono@4.12.25)
ajv: 8.18.0
ajv-formats: 3.0.1(ajv@8.18.0)
content-type: 1.0.5
@@ -25780,7 +25780,7 @@ snapshots:
eventsource-parser: 3.0.8
express: 5.2.1
express-rate-limit: 8.2.2(express@5.2.1)
hono: 4.12.21
hono: 4.12.25
jose: 6.2.2
json-schema-typed: 8.0.2
pkce-challenge: 5.0.0(patch_hash=651e785d0b7bbf5be9210e1e895c39a16dc3ce8a5a3843b4819565fb6e175b90)
@@ -26211,7 +26211,7 @@ snapshots:
'@opentelemetry/exporter-logs-otlp-grpc@0.217.0(@opentelemetry/api@1.9.0)':
dependencies:
'@grpc/grpc-js': 1.14.3
'@grpc/grpc-js': 1.14.4
'@opentelemetry/api': 1.9.0
'@opentelemetry/core': 2.7.1(@opentelemetry/api@1.9.0)
'@opentelemetry/otlp-exporter-base': 0.217.0(@opentelemetry/api@1.9.0)
@@ -26241,7 +26241,7 @@ snapshots:
'@opentelemetry/exporter-metrics-otlp-grpc@0.217.0(@opentelemetry/api@1.9.0)':
dependencies:
'@grpc/grpc-js': 1.14.3
'@grpc/grpc-js': 1.14.4
'@opentelemetry/api': 1.9.0
'@opentelemetry/core': 2.7.1(@opentelemetry/api@1.9.0)
'@opentelemetry/exporter-metrics-otlp-http': 0.217.0(@opentelemetry/api@1.9.0)
@@ -26280,7 +26280,7 @@ snapshots:
'@opentelemetry/exporter-trace-otlp-grpc@0.217.0(@opentelemetry/api@1.9.0)':
dependencies:
'@grpc/grpc-js': 1.14.3
'@grpc/grpc-js': 1.14.4
'@opentelemetry/api': 1.9.0
'@opentelemetry/core': 2.7.1(@opentelemetry/api@1.9.0)
'@opentelemetry/otlp-exporter-base': 0.217.0(@opentelemetry/api@1.9.0)
@@ -26375,7 +26375,7 @@ snapshots:
'@opentelemetry/otlp-grpc-exporter-base@0.217.0(@opentelemetry/api@1.9.0)':
dependencies:
'@grpc/grpc-js': 1.14.3
'@grpc/grpc-js': 1.14.4
'@opentelemetry/api': 1.9.0
'@opentelemetry/core': 2.7.1(@opentelemetry/api@1.9.0)
'@opentelemetry/otlp-exporter-base': 0.217.0(@opentelemetry/api@1.9.0)
@@ -29583,7 +29583,7 @@ snapshots:
'@zilliz/milvus2-sdk-node@2.5.7':
dependencies:
'@grpc/grpc-js': 1.14.3
'@grpc/grpc-js': 1.14.4
'@grpc/proto-loader': 0.7.13
'@opentelemetry/api': 1.9.0
'@petamoriken/float16': 3.9.2
@@ -31696,7 +31696,7 @@ snapshots:
dockerode@4.0.9:
dependencies:
'@balena/dockerignore': 1.0.2
'@grpc/grpc-js': 1.14.3
'@grpc/grpc-js': 1.14.4
'@grpc/proto-loader': 0.7.13
docker-modem: 5.0.6
protobufjs: 7.5.8
@@ -33324,7 +33324,7 @@ snapshots:
google-gax@4.6.1(encoding@0.1.13):
dependencies:
'@grpc/grpc-js': 1.14.3
'@grpc/grpc-js': 1.14.4
'@grpc/proto-loader': 0.7.13
'@types/long': 4.0.2
abort-controller: 3.0.0
@@ -33487,7 +33487,7 @@ snapshots:
dependencies:
parse-passwd: 1.0.0
hono@4.12.21: {}
hono@4.12.25: {}
hookable@5.5.3: {}
@@ -36349,7 +36349,7 @@ snapshots:
nice-grpc@2.1.12:
dependencies:
'@grpc/grpc-js': 1.14.3
'@grpc/grpc-js': 1.14.4
abort-controller-x: 0.4.3
nice-grpc-common: 2.0.2