ros/n8n-mcp
1
0
Fork 0
mirror of https://github.com/czlonkowski/n8n-mcp.git synced 2026-03-20 17:33:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: critical telemetry improvements for data quality and security (#421)

Browse Source 
* fix: critical telemetry improvements for data quality and security

Fixed three critical issues in workflow mutation telemetry:

1. Fixed Inconsistent Sanitization (Security Critical)
   - Problem: 30% of workflows unsanitized, exposing credentials/tokens
   - Solution: Use robust WorkflowSanitizer.sanitizeWorkflowRaw()
   - Impact: 100% sanitization with 17 sensitive patterns redacted
   - Files: workflow-sanitizer.ts, mutation-tracker.ts

2. Enabled Validation Data Capture (Data Quality)
   - Problem: Zero validation metrics captured (all NULL)
   - Solution: Add pre/post mutation validation with WorkflowValidator
   - Impact: Measure mutation quality, track error resolution
   - Non-blocking validation that captures errors/warnings
   - Files: handlers-workflow-diff.ts

3. Improved Intent Capture (Data Quality)
   - Problem: 92.62% generic "Partial workflow update" intents
   - Solution: Enhanced docs + automatic intent inference
   - Impact: Meaningful intents auto-generated from operations
   - Files: n8n-update-partial-workflow.ts, handlers-workflow-diff.ts

Expected Results:
- 100% sanitization coverage (up from 70%)
- 100% validation capture (up from 0%)
- 50%+ meaningful intents (up from 7.33%)

Version bumped to 2.22.17

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en

Co-Authored-By: Claude <noreply@anthropic.com>

* perf: implement validator instance caching to avoid redundant initialization

- Add module-level cached WorkflowValidator instance
- Create getValidator() helper to reuse validator across mutations
- Update pre/post mutation validation to use cached instance
- Avoids redundant NodeSimilarityService initialization on every mutation

Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* fix: restore backward-compatible sanitization with context preservation

Fixed CI test failures by updating WorkflowSanitizer to use pattern-specific
placeholders while maintaining backward compatibility:

Changes:
- Convert SENSITIVE_PATTERNS to PatternDefinition objects with specific placeholders
- Update sanitizeString() to preserve context (Bearer prefix, URL paths)
- Refactor sanitizeObject() to handle sensitive fields vs URL fields differently
- Remove overly greedy field patterns that conflicted with token patterns

Pattern-specific placeholders:
- [REDACTED_URL_WITH_AUTH] for URLs with credentials
- [REDACTED_TOKEN] for long tokens (32+ chars)
- [REDACTED_APIKEY] for OpenAI-style keys
- Bearer [REDACTED] for Bearer tokens (preserves "Bearer " prefix)
- [REDACTED] for generic sensitive fields

Test Results:
- All 13 mutation-tracker tests passing
- URL with auth: preserves path after credentials
- Long tokens: properly detected and marked
- OpenAI keys: correctly identified
- Bearer tokens: prefix preserved
- Sensitive field names: generic redaction for non-URL fields

Fixes #421 CI failures

Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* fix: prevent double-redaction in workflow sanitizer

Added safeguard to stop pattern matching once a placeholder is detected,
preventing token patterns from matching text inside placeholders like
[REDACTED_URL_WITH_AUTH].

Also expanded database URL pattern to match full URLs including port and
path, and updated test expectations to match context-preserving sanitization.

Fixes:
- Database URLs now properly sanitized to [REDACTED_URL_WITH_AUTH]
- Prevents [[REDACTED]] double-redaction issue
- All 25 workflow-sanitizer tests passing
- No regression in mutation-tracker tests

Conceived by Romuald Członkowski - www.aiadvisors.pl/en

---------

Co-authored-by: Claude <noreply@anthropic.com>
This commit is contained in:
Romuald Członkowski
2025-11-13 22:13:31 +01:00
committed by GitHub
parent 99c5907b71
commit 597bd290b6
11 changed files with 630 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
src/telemetry/mutation-tracker.ts
View File

@@ -41,8 +41,8 @@ export class MutationTracker {
}
// Sanitize workflows to remove credentials and sensitive data
const workflowBefore = this.sanitizeFullWorkflow(data.workflowBefore);
const workflowAfter = this.sanitizeFullWorkflow(data.workflowAfter);
const workflowBefore = WorkflowSanitizer.sanitizeWorkflowRaw(data.workflowBefore);
const workflowAfter = WorkflowSanitizer.sanitizeWorkflowRaw(data.workflowAfter);
// Sanitize user intent
const sanitizedIntent = intentSanitizer.sanitize(data.userIntent);
@@ -200,98 +200,6 @@ export class MutationTracker {
return metrics;
}
/**
* Sanitize a full workflow while preserving structure
* Removes credentials and sensitive data but keeps all nodes, connections, parameters
*/
private sanitizeFullWorkflow(workflow: any): any {
if (!workflow) return workflow;
// Deep clone to avoid modifying original
const sanitized = JSON.parse(JSON.stringify(workflow));
// Remove sensitive workflow-level fields
delete sanitized.credentials;
delete sanitized.sharedWorkflows;
delete sanitized.ownedBy;
delete sanitized.createdBy;
delete sanitized.updatedBy;
// Sanitize each node
if (sanitized.nodes && Array.isArray(sanitized.nodes)) {
sanitized.nodes = sanitized.nodes.map((node: any) => {
const sanitizedNode = { ...node };
// Remove credentials field
delete sanitizedNode.credentials;
// Sanitize parameters if present
if (sanitizedNode.parameters && typeof sanitizedNode.parameters === 'object') {
sanitizedNode.parameters = this.sanitizeParameters(sanitizedNode.parameters);
}
return sanitizedNode;
});
}
return sanitized;
}
/**
* Recursively sanitize parameters object
*/
private sanitizeParameters(params: any): any {
if (!params || typeof params !== 'object') return params;
const sensitiveKeys = [
'apiKey', 'api_key', 'token', 'secret', 'password', 'credential',
'auth', 'authorization', 'privateKey', 'accessToken', 'refreshToken'
];
const sanitized: any = Array.isArray(params) ? [] : {};
for (const [key, value] of Object.entries(params)) {
const lowerKey = key.toLowerCase();
// Check if key is sensitive
if (sensitiveKeys.some(sk => lowerKey.includes(sk.toLowerCase()))) {
sanitized[key] = '[REDACTED]';
} else if (typeof value === 'object' && value !== null) {
// Recursively sanitize nested objects
sanitized[key] = this.sanitizeParameters(value);
} else if (typeof value === 'string') {
// Sanitize string values that might contain sensitive data
sanitized[key] = this.sanitizeStringValue(value);
} else {
sanitized[key] = value;
}
}
return sanitized;
}
/**
* Sanitize string values that might contain sensitive data
*/
private sanitizeStringValue(value: string): string {
if (!value || typeof value !== 'string') return value;
let sanitized = value;
// Redact URLs with authentication
sanitized = sanitized.replace(/https?:\/\/[^:]+:[^@]+@[^\s/]+/g, '[REDACTED_URL_WITH_AUTH]');
// Redact long API keys/tokens (20+ alphanumeric chars)
sanitized = sanitized.replace(/\b[A-Za-z0-9_-]{32,}\b/g, '[REDACTED_TOKEN]');
// Redact OpenAI-style keys
sanitized = sanitized.replace(/\bsk-[A-Za-z0-9]{32,}\b/g, '[REDACTED_APIKEY]');
// Redact Bearer tokens
sanitized = sanitized.replace(/Bearer\s+[^\s]+/gi, 'Bearer [REDACTED]');
return sanitized;
}
/**
* Calculate validation improvement metrics

146
src/telemetry/workflow-sanitizer.ts
View File

@@ -27,29 +27,32 @@ interface SanitizedWorkflow {
workflowHash: string;
}
interface PatternDefinition {
pattern: RegExp;
placeholder: string;
preservePrefix?: boolean; // For patterns like "Bearer [REDACTED]"
}
export class WorkflowSanitizer {
private static readonly SENSITIVE_PATTERNS = [
private static readonly SENSITIVE_PATTERNS: PatternDefinition[] = [
// Webhook URLs (replace with placeholder but keep structure) - MUST BE FIRST
/https?:\/\/[^\s/]+\/webhook\/[^\s]+/g,
/https?:\/\/[^\s/]+\/hook\/[^\s]+/g,
{ pattern: /https?:\/\/[^\s/]+\/webhook\/[^\s]+/g, placeholder: '[REDACTED_WEBHOOK]' },
{ pattern: /https?:\/\/[^\s/]+\/hook\/[^\s]+/g, placeholder: '[REDACTED_WEBHOOK]' },
// API keys and tokens
/sk-[a-zA-Z0-9]{16,}/g, // OpenAI keys
/Bearer\s+[^\s]+/gi, // Bearer tokens
/[a-zA-Z0-9_-]{20,}/g, // Long alphanumeric strings (API keys) - reduced threshold
/token['":\s]+[^,}]+/gi, // Token fields
/apikey['":\s]+[^,}]+/gi, // API key fields
/api_key['":\s]+[^,}]+/gi,
/secret['":\s]+[^,}]+/gi,
/password['":\s]+[^,}]+/gi,
/credential['":\s]+[^,}]+/gi,
// URLs with authentication - MUST BE BEFORE BEARER TOKENS
{ pattern: /https?:\/\/[^:]+:[^@]+@[^\s/]+/g, placeholder: '[REDACTED_URL_WITH_AUTH]' },
{ pattern: /wss?:\/\/[^:]+:[^@]+@[^\s/]+/g, placeholder: '[REDACTED_URL_WITH_AUTH]' },
{ pattern: /(?:postgres|mysql|mongodb|redis):\/\/[^:]+:[^@]+@[^\s]+/g, placeholder: '[REDACTED_URL_WITH_AUTH]' }, // Database protocols - includes port and path
// URLs with authentication
/https?:\/\/[^:]+:[^@]+@[^\s/]+/g, // URLs with auth
/wss?:\/\/[^:]+:[^@]+@[^\s/]+/g,
// API keys and tokens - ORDER MATTERS!
// More specific patterns first, then general patterns
{ pattern: /sk-[a-zA-Z0-9]{16,}/g, placeholder: '[REDACTED_APIKEY]' }, // OpenAI keys
{ pattern: /Bearer\s+[^\s]+/gi, placeholder: 'Bearer [REDACTED]', preservePrefix: true }, // Bearer tokens
{ pattern: /\b[a-zA-Z0-9_-]{32,}\b/g, placeholder: '[REDACTED_TOKEN]' }, // Long tokens (32+ chars)
{ pattern: /\b[a-zA-Z0-9_-]{20,31}\b/g, placeholder: '[REDACTED]' }, // Short tokens (20-31 chars)
// Email addresses (optional - uncomment if needed)
// /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g,
// { pattern: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g, placeholder: '[REDACTED_EMAIL]' },
];
private static readonly SENSITIVE_FIELDS = [
@@ -178,19 +181,34 @@ export class WorkflowSanitizer {
const sanitized: any = {};
for (const [key, value] of Object.entries(obj)) {
// Check if key is sensitive
if (this.isSensitiveField(key)) {
sanitized[key] = '[REDACTED]';
continue;
}
// Check if field name is sensitive
const isSensitive = this.isSensitiveField(key);
const isUrlField = key.toLowerCase().includes('url') ||
key.toLowerCase().includes('endpoint') ||
key.toLowerCase().includes('webhook');
// Recursively sanitize nested objects
// Recursively sanitize nested objects (unless it's a sensitive non-URL field)
if (typeof value === 'object' && value !== null) {
sanitized[key] = this.sanitizeObject(value);
if (isSensitive && !isUrlField) {
// For sensitive object fields (like 'authentication'), redact completely
sanitized[key] = '[REDACTED]';
} else {
sanitized[key] = this.sanitizeObject(value);
}
}
// Sanitize string values
else if (typeof value === 'string') {
sanitized[key] = this.sanitizeString(value, key);
// For sensitive fields (except URL fields), use generic redaction
if (isSensitive && !isUrlField) {
sanitized[key] = '[REDACTED]';
} else {
// For URL fields or non-sensitive fields, use pattern-specific sanitization
sanitized[key] = this.sanitizeString(value, key);
}
}
// For non-string sensitive fields, redact completely
else if (isSensitive) {
sanitized[key] = '[REDACTED]';
}
// Keep other types as-is
else {
@@ -212,13 +230,42 @@ export class WorkflowSanitizer {
let sanitized = value;
// Apply all sensitive patterns
for (const pattern of this.SENSITIVE_PATTERNS) {
// Apply all sensitive patterns with their specific placeholders
for (const patternDef of this.SENSITIVE_PATTERNS) {
// Skip webhook patterns - already handled above
if (pattern.toString().includes('webhook')) {
if (patternDef.placeholder.includes('WEBHOOK')) {
continue;
}
sanitized = sanitized.replace(pattern, '[REDACTED]');
// Skip if already sanitized with a placeholder to prevent double-redaction
if (sanitized.includes('[REDACTED')) {
break;
}
// Special handling for URL with auth - preserve path after credentials
if (patternDef.placeholder === '[REDACTED_URL_WITH_AUTH]') {
const matches = value.match(patternDef.pattern);
if (matches) {
for (const match of matches) {
// Extract path after the authenticated URL
const fullUrlMatch = value.indexOf(match);
if (fullUrlMatch !== -1) {
const afterUrl = value.substring(fullUrlMatch + match.length);
// If there's a path after the URL, preserve it
if (afterUrl && afterUrl.startsWith('/')) {
const pathPart = afterUrl.split(/[\s?&#]/)[0]; // Get path until query/fragment
sanitized = sanitized.replace(match + pathPart, patternDef.placeholder + pathPart);
} else {
sanitized = sanitized.replace(match, patternDef.placeholder);
}
}
}
}
continue;
}
// Apply pattern with its specific placeholder
sanitized = sanitized.replace(patternDef.pattern, patternDef.placeholder);
}
// Additional sanitization for specific field types
@@ -226,9 +273,13 @@ export class WorkflowSanitizer {
fieldName.toLowerCase().includes('endpoint')) {
// Keep URL structure but remove domain details
if (sanitized.startsWith('http://') || sanitized.startsWith('https://')) {
// If value has been redacted, leave it as is
// If value has been redacted with URL_WITH_AUTH, preserve it
if (sanitized.includes('[REDACTED_URL_WITH_AUTH]')) {
return sanitized; // Already properly sanitized with path preserved
}
// If value has other redactions, leave it as is
if (sanitized.includes('[REDACTED]')) {
return '[REDACTED]';
return sanitized;
}
const urlParts = sanitized.split('/');
if (urlParts.length > 2) {
@@ -296,4 +347,37 @@ export class WorkflowSanitizer {
const sanitized = this.sanitizeWorkflow(workflow);
return sanitized.workflowHash;
}
/**
* Sanitize workflow and return raw workflow object (without metrics)
* For use in telemetry where we need plain workflow structure
*/
static sanitizeWorkflowRaw(workflow: any): any {
// Create a deep copy to avoid modifying original
const sanitized = JSON.parse(JSON.stringify(workflow));
// Sanitize nodes
if (sanitized.nodes && Array.isArray(sanitized.nodes)) {
sanitized.nodes = sanitized.nodes.map((node: WorkflowNode) =>
this.sanitizeNode(node)
);
}
// Sanitize connections (keep structure only)
if (sanitized.connections) {
sanitized.connections = this.sanitizeConnections(sanitized.connections);
}
// Remove other potentially sensitive data
delete sanitized.settings?.errorWorkflow;
delete sanitized.staticData;
delete sanitized.pinData;
delete sanitized.credentials;
delete sanitized.sharedWorkflows;
delete sanitized.ownedBy;
delete sanitized.createdBy;
delete sanitized.updatedBy;
return sanitized;
}
}