- Add bin configuration to package.json for npx execution
- Implement smart database path resolution for npx/global/local installs
- Create dedicated npm publish script using runtime-only dependencies
- Add .npmignore to control published package contents
- Update README with npx as primary installation method
- Add n8n version badge to README
- Sync version between package.json and package.runtime.json
- Update CHANGELOG for v2.7.8 release
This allows users to run 'npx n8n-mcp' without installing the package,
reducing friction and making it easier to get started with n8n-MCP.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add TRUST_PROXY environment variable to enable proxy header trust
- Configure Express trust proxy in both HTTP server implementations
- Fix issue #19: Docker internal IPs logged instead of real client IPs
- Update documentation with reverse proxy configuration guide
- Add examples for nginx proxy header forwarding
- Maintain backward compatibility (disabled by default)
When TRUST_PROXY=1 is set, the server will correctly log client IPs
from X-Forwarded-For headers instead of proxy/container IPs.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add AUTH_TOKEN_FILE environment variable support for reading auth tokens from files
- Support Docker secrets pattern for production deployments
- Add Known Issues section documenting Claude Desktop container duplication bug
- Update documentation with authentication options and best practices
- Fix issue #16: AUTH_TOKEN_FILE was documented but not implemented
- Add comprehensive tests for AUTH_TOKEN_FILE functionality
BREAKING CHANGE: None - AUTH_TOKEN continues to work as before
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove hardcoded API key and URL from debug-n8n-auth.ts
- Require environment variables with proper validation
- Add comprehensive SECURITY.md with best practices
- Address security concerns raised in issue #18
The SecureKeyGuard alert was a false positive (mistaking "validate_workflow"
for "VAULT_TOKEN"), but the review uncovered actual hardcoded credentials
that have now been removed.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixed issue where Docker images using sql.js adapter returned boolean fields
as strings, causing is_trigger=0 to evaluate as true instead of false.
Changes:
- Added convertIntegerColumns() to sql.js adapter to convert SQLite integers
- Updated server.ts and node-repository.ts to use Number() conversion as backup
- Added test script to verify fix works with sql.js adapter
This fixes webhook, cron, interval, and emailReadImap nodes showing
isTrigger: false in Docker deployments.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Update rebuild script to automatically sanitize templates after node processing
- Update documentation to reflect GitHub push protection changes
- Add notes about template sanitization in n8n update process
- Ensures databases are always clean before push
This prevents GitHub push protection from blocking database updates
due to API tokens in workflow templates.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Add TemplateSanitizer utility class for detecting and replacing API tokens
- Update template repository to automatically sanitize on save
- Add sanitize:templates command to clean existing templates
- Uses pattern matching to detect various API token formats
- Fixes GitHub push protection blocking database updates
Note: Database will be updated separately after code is deployed
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Removed unused empty nodes-v2.db file
- Updated NodeDocumentationService to use nodes.db as default
- Updated test file to use correct database
- Added secret scanning exclusion for database files
This prevents confusion about which database is actually used and removes
the file that GitHub's security advisor was flagging.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Updated trigger detection logic in both parsers to check if a node's group array includes 'trigger'. This fixes an issue where webhook, cron, interval, and emailReadImap nodes were not being identified as triggers despite having category='trigger'.
Note: After pulling this change, run `npm run rebuild` to update your local database.
Fixes#13🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Renamed start_here_workflow_guide to tools_documentation for clarity
- Added depth parameter to control documentation detail (essentials/full)
- Converted output from JSON to LLM-friendly plain text format
- Added per-tool documentation capability
- Created two-tier documentation system:
- Essentials: brief info with key parameters and tips
- Full: comprehensive docs with examples and best practices
- Documented 8 commonly used MCP tools
- Removed 380+ lines of unused getWorkflowGuide method
- Fixed duplicate tool definitions
- Updated all documentation references
- Added test script for tools documentation
BREAKING CHANGE: start_here_workflow_guide renamed to tools_documentation
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added warning about experimental remote server deployment
- Clarified HTTP bridge architecture in documentation
- Added deployment scenarios section explaining local vs remote options
- Enhanced troubleshooting with bridge-specific issues
- Created http-bridge.js for local HTTP testing
- Fixed HTTP server to include management tools in tools/list
The documentation now clearly explains:
- Why "node" command is used instead of "docker" (stdio bridge requirement)
- Three deployment scenarios with pros/cons
- How to test locally with Docker
- Bridge architecture (Claude Desktop → bridge → HTTP server)
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Implement dynamic n8n API configuration checking
- Remove static config export in favor of lazy getter function
- Fix management tools not being registered when env vars set after startup
- Optimize logger performance with cached environment variables
- Clean up debug logging and remove console.error usage
- Bump version to 2.7.1
This ensures all 38 tools (22 documentation + 16 management) are properly
registered regardless of when environment variables become available.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated n8n from 1.99.1 to 1.100.1
- Updated n8n-core from 1.98.0 to 1.99.0
- Updated n8n-workflow from 1.96.0 to 1.97.0
- Updated @n8n/n8n-nodes-langchain from 1.98.1 to 1.99.0
- Fixed node loader path for n8n-nodes-base
- Rebuilt node database with 526 nodes
- All validation tests passing
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Updates the protocol version from '1.0' to the current MCP specification version '2024-11-05'.
This resolves compatibility issues with modern MCP clients and ensures proper protocol negotiation.
- Commented out console.log statements that were interfering with JSON-RPC communication
- Fixed Claude Desktop errors for list_nodes and list_ai_tools
- All stdout in MCP servers must be valid JSON messages
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Removed ~965MB of temporary directories (temp/, extracted-nodes/, etc)
- Deleted outdated database files and backups (.bak files)
- Removed legacy shell scripts (mcp-server-v20.sh, rebuild-v20.sh)
- Cleaned up orphan test files and debugging scripts
- Removed duplicate schema file (src/db/schema.sql)
- Deleted old Dockerfile.old and empty database files
- Updated documentation structure in README.md
- Added n8n_diagnostic tool to documentation
- Condensed version history in CLAUDE.md
- Created release notes for v2.7.0
Total impact: Removed 34 files, saving ~965MB+ of disk space
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Renamed files to remove unnecessary suffixes:
- tools-update.ts → tools.ts
- server-update.ts → server.ts
- http-server-fixed.ts → http-server.ts
- Created version utility to read from package.json as single source of truth
- Updated all imports across 21+ files
- Removed legacy files:
- src/http-server.ts (legacy HTTP server with known issues)
- src/utils/n8n-client.ts (unused legacy API client)
- Added n8n_diagnostic tool to help troubleshoot management tools visibility
- Added script to sync package.runtime.json version
- Fixed version mismatch issue (was hardcoded 2.4.1, now reads 2.7.0 from package.json)
This addresses GitHub issue #5 regarding version mismatch and provides better diagnostics for users.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
BREAKING CHANGES:
- Renamed n8n_update_workflow to n8n_update_full_workflow for clarity
NEW FEATURES:
- Added n8n_update_partial_workflow tool for diff-based workflow editing
- Implemented WorkflowDiffEngine with 13 operation types
- Added transactional updates with two-pass processing
- Maximum 5 operations per request for reliability
- Operations can be in any order - engine handles dependencies
- Added validateOnly mode for testing changes before applying
- 80-90% token savings by only sending changes
IMPROVEMENTS:
- Enhanced tool description with comprehensive parameter documentation
- Added clear examples for simple and complex use cases
- Improved error messages and validation
- Added extensive test coverage for all operations
DOCUMENTATION:
- Added workflow-diff-examples.md with usage patterns
- Added transactional-updates-example.md showing before/after
- Updated README.md with v2.7.0 features
- Updated CLAUDE.md with latest changes
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- NEW: n8n_validate_workflow tool to validate workflows from n8n instance by ID
- Fetches workflow via API and runs comprehensive validation
- Uses existing WorkflowValidator for consistency
- Supports all validation profiles and options
- Updated start_here tool with new workflow lifecycle info
- Updated README with new tool documentation
- Updated Claude Project Setup instructions
This completes the workflow lifecycle management:
discover → build → validate → deploy → execute → monitor
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add node type existence validation that catches invalid types
- Fix critical issue: now catches 'nodes-base.webhook' BEFORE database lookup
- Add smart suggestions for common mistakes (webhook → n8n-nodes-base.webhook)
- Add minimum viable workflow validation (prevents single-node workflows)
- Add empty connection detection for multi-node workflows
- Add helper functions for workflow structure examples and fix suggestions
- Prevent AI agents from creating workflows with question mark nodes
This fixes the exact issue where workflows created with 'nodes-base.webhook'
would show as broken (question marks) in the n8n UI.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Enhanced workflow validator to enforce typeVersion on versioned nodes
- Returns errors for missing typeVersion with suggested version to add
- Warns about outdated typeVersion values
- Prevents invalid typeVersion (zero, negative, or exceeding maximum)
- Added comprehensive test script for typeVersion validation
- Helps AI agents avoid common workflow creation mistakes
This ensures workflows always use compatible node versions before deployment.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added complete workflow lifecycle documentation (Discover → Build → Validate → Deploy → Execute)
- Added new 'n8n_management' topic with comprehensive guide for all 14 management tools
- Documented API requirements, limitations, and best practices
- Added examples showing integration between documentation and management tools
- Included debug script for troubleshooting n8n API authentication
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add comprehensive AI tools guide in start_here_workflow_guide
- New 'ai_tools' topic with detailed AI workflow patterns
- Key insight: ANY node can be used as an AI tool
- $fromAI() expression examples and best practices
- AI tool connection validation guidance
- Update recommended workflow to include validate_node_minimal
- Quick required fields check before full validation
- Performance tips for validation tools
- Enhance Claude Project Setup instructions
- Clear 5-phase workflow process
- Emphasis on AI tool integration
- Validation best practices
- Better tool usage examples
- Add validation_guide section to workflow guide
- When to use each validation tool
- Performance considerations
- AI workflow validation patterns
These updates make it much clearer how to use the MCP tools effectively,
especially for AI workflows where ANY node can be connected as a tool.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Update tool descriptions to clarify ANY node can be used as AI tool
- Add get_node_as_tool_info to available tools in README
- Enhance workflow validation tool descriptions for AI connections
- Update README with v2.5.1 release notes
- Remove redundant _General__Scrape_with_HTTP_tool.json file
- Bump version to 2.5.1 in package.json
The key insight: ANY n8n node can be connected to an AI Agent's tool
port, not just those marked with usableAsTool=true. This update makes
that clear throughout the documentation and tool descriptions.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Phase 2 Professional Validation Features:
1. Validation Profiles:
- minimal: Only required fields
- runtime: Critical errors + security warnings
- ai-friendly: Balanced (default)
- strict: All checks + best practices
2. New Node Validators:
- Webhook: Path validation, response modes, auth warnings
- PostgreSQL: SQL injection detection, query safety
- MySQL: Similar to Postgres with MySQL-specific checks
3. New Tools:
- validate_node_minimal: Lightning-fast required field checking
- Updated validate_node_operation with profile support
4. SQL Safety Features:
- Detects template expressions vulnerable to injection
- Warns about DELETE/UPDATE without WHERE
- Catches dangerous operations (DROP, TRUNCATE)
- Suggests parameterized queries
5. Enhanced Coverage:
- Now supports 7+ major nodes with specific validators
- Flexible validation based on use case
- Professional-grade safety checks
This completes the major validation system overhaul from the original plan.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Filter out @version and internal properties from warnings
- Deduplicate validation errors (keep most specific message)
- Add basic code syntax validation for JavaScript and Python
- Check for unbalanced braces/parentheses
- Validate Python indentation consistency
- Add n8n-specific pattern checks (return statements, input access)
- Bump version to 2.4.2
Based on comprehensive AI agent review showing 9.5/10 rating
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Add validate_node_operation tool with 80%+ fewer false positives
- Remove deprecated validate_node_config tool
- Add EnhancedConfigValidator with operation context filtering
- Add node-specific validators for Slack, Google Sheets, OpenAI, MongoDB
- Integrate working examples in validation responses
- Add actionable next steps and auto-fix suggestions
- Test shows Slack validation reduced from 45 errors to 1 error\!
BREAKING CHANGE: validate_node_config removed in favor of validate_node_operation
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated search_templates description to clarify it searches template names/descriptions, NOT node types
- Added clear examples showing the correct way to find templates by node type
- Updated template timeframe references from 6 months to 1 year (399 templates)
- Added TEMPLATE SEARCHING section to quick reference guide
- Made it clear that for node-based search, use list_node_templates instead
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Changed template time window from 6 months to 1 year
- Added robust incremental template fetcher that saves as it goes
- Successfully fetched and saved 399 templates (up from 199)
- Added npm script 'fetch:templates:robust' for better error handling
- Templates now save incrementally to prevent data loss on errors
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Move TemplateFetcher import to dynamic import in fetchAndUpdateTemplates
- Templates now work everywhere since they just read from database
- axios only loaded when actually fetching new templates
- Fixes Docker runtime error while keeping full template functionality
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Use dynamic import for TemplateService to avoid runtime errors
- Skip template initialization when IS_DOCKER=true
- Return friendly messages for template tools in Docker mode
- Templates work from pre-built database, no runtime fetching needed
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- SQLite doesn't allow datetime('now') in CHECK constraints
- Drop tables before recreating to ensure clean schema
- 6-month filtering is already handled in application logic
- Successfully fetched and stored 199 templates
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Add 4 new MCP tools for workflow templates
- Integrate with n8n.io API to fetch community templates
- Filter templates to last 6 months only
- Store templates in SQLite with full workflow JSON
- Manual fetch system (not part of regular rebuild)
- Support search by nodes, keywords, and task categories
- Add fetch:templates and test:templates npm scripts
- Update to v2.4.1
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed extractVersion to properly handle nodes with version arrays like [1, 1.1, 1.2]
- Updated detectVersioned to mark nodes with version arrays as versioned
- Added test script to verify version extraction
- Gmail Trigger now correctly shows version 1.2 instead of 1
- All 97 nodes with version arrays now show their latest version
- Database rebuilt with correct versions for all affected nodes
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Set environment variables BEFORE imports in stdio-wrapper
- Override ALL console methods to prevent any output
- Update docker-entrypoint.sh to use exec for proper signal handling
- Add fallback if stdio-wrapper.js is missing
- Remove background process handling in stdio mode
This ensures absolutely no log output corrupts the JSON-RPC stream
- Add InitializeRequestSchema handler to MCP server
- Implement stdout flushing for Docker environments
- Create stdio-wrapper for clean JSON-RPC communication
- Update docker-entrypoint.sh to prevent stdout pollution
- Fix logger to check MCP_MODE before level check
These changes ensure the MCP server responds to initialization requests
within Claude Desktop's 60-second timeout when running in Docker.
Fixed the initialization timeout issue with minimal changes:
1. Added stdout flush after server connection to combat Docker buffering
2. Fixed docker-entrypoint.sh to not output to stdout in stdio mode
3. Added process.stdin.resume() to keep server alive
4. Added IS_DOCKER environment variable for future use
5. Updated README to prioritize Docker with correct -i flag configuration
The core issue was Docker's block buffering preventing immediate JSON-RPC
responses. The -i flag maintains stdin connection, and explicit flushing
ensures responses reach Claude Desktop immediately.
Also fixed "Shutting down..." message that was breaking JSON-RPC protocol
by redirecting it to stderr in stdio mode.
Docker is now the recommended installation method as originally intended.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added new 'start_here_workflow_guide' tool for AI agents to get started
- Clarified search_nodes behavior (OR logic for multiple words)
- Simplified list_nodes description with package name clarification
- Updated get_node_info to recommend essentials first
- Made get_property_dependencies description more concise with example
- Removed confusing quick reference comment (now in dedicated tool)
The workflow guide tool provides:
- Recommended workflow patterns
- Search tips and best practices
- Common node references
- Known issues and workarounds
- Performance guidance
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
Based on Claude Desktop evaluation feedback, implemented minimal fixes:
## Day 1 - Deploy & Debug
- Added /version and /test-tools endpoints for deployment verification
- Added debug logging to list_nodes and list_ai_tools
- Fixed version display in health and initialization responses
## Day 2 - Core Fixes
- Fixed multi-word search to handle phrases like "send slack message"
- Added property deduplication to eliminate duplicate webhook/email properties
- Fixed package name mismatch to handle both formats (@n8n/ prefix variations)
## Day 3 - Polish & Test
- Added simple in-memory cache with 1-hour TTL for essentials
- Added documentation fallback when nodes lack documentation
- All features tested and verified working
Total code changes: ~62 lines as planned
No overengineering, just simple focused fixes
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add get_node_essentials tool for 10-20 essential properties only
- Add search_node_properties for targeted property search
- Add get_node_for_task with 14 pre-configured templates
- Add validate_node_config for comprehensive validation
- Add get_property_dependencies for visibility analysis
- Implement PropertyFilter service with curated essentials
- Implement ExampleGenerator with working examples
- Implement TaskTemplates for common workflows
- Implement ConfigValidator with security checks
- Implement PropertyDependencies for dependency analysis
- Enhance property descriptions to 100% coverage
- Add version information to essentials response
- Update documentation with new tools
Response sizes reduced from 100KB+ to <5KB for better AI agent usability.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
The recent commit c4d8c73 renamed the exported constant from
'n8nDocumentationTools' to 'n8nDocumentationToolsFinal' in
tools-update.ts, but the imports in other files were not updated.
This caused TypeScript compilation errors during Docker builds:
- Cannot find name 'n8nDocumentationTools'
- Build failures in GitHub Actions
Fixed by updating imports and usages in:
- src/mcp/server-update.ts (lines 9 and 100)
- src/http-server-fixed.ts (lines 8 and 188)
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed console output interference with stdio JSON-RPC protocol:
- Modified logger to suppress ALL output in stdio mode
- Added DISABLE_CONSOLE_OUTPUT environment variable support
- Updated error handlers to respect stdio mode
- Updated Claude Desktop configuration documentation:
- Added required environment variables for clean stdio communication
- Promoted local installation as recommended method
- Fixed remote connection instructions (removed broken mcp-remote)
- Added troubleshooting section for common issues
- Updated both README.md and docs/README_CLAUDE_SETUP.md
- Environment variables now required for stdio mode:
- MCP_MODE=stdio
- LOG_LEVEL=error
- DISABLE_CONSOLE_OUTPUT=true
- NODE_ENV=production
This ensures clean JSON-RPC communication without console output corruption.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Removed unused legacy files:
- server.ts (legacy server with workflow management)
- tools.ts (legacy tool definitions)
- prompts.ts (unused prompt definitions)
- resources.ts (unused resource definitions)
- server-optimized.ts (unused alternative implementation)
- Updated tools-update.ts with improved MCP tool descriptions:
- Clear, action-oriented descriptions following MCP best practices
- Better parameter documentation with examples
- Emphasized documentation-only nature of the server
- Added technical details (e.g., SQLite FTS5 for search)
The active implementation now only uses server-update.ts and tools-update.ts
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
