- Add intelligent URL detection supporting BASE_URL, PUBLIC_URL, and proxy headers
- Fix hardcoded localhost URLs in server console output
- Add hostname validation to prevent host header injection attacks
- Restrict URL schemes to http/https only (block javascript:, file://, etc.)
- Remove sensitive environment data from API responses
- Add GET endpoints (/, /mcp) for better API discovery
- Fix version inconsistency between server implementations
- Update HTTP bridge to use HOST/PORT environment variables
- Add comprehensive test scripts for URL configuration and security
This resolves issues #41 and #42 by making the HTTP server properly handle
deployment behind reverse proxies and adds critical security validations.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove default settings logic from cleanWorkflowForUpdate that was causing
"settings must NOT have additional properties" error
- The function now only removes read-only fields without adding any properties
- Add comprehensive test coverage in test-issue-45-fix.ts
- Add documentation explaining the difference between create and update functions
- Bump version to 2.7.14
This fixes the issue where n8n_update_partial_workflow would pass validation
but fail during execution when workflows didn't have settings defined.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Enhanced database adapter to support multiple WASM file resolution strategies
- Added require.resolve() for reliable package location in npm environments
- Made better-sqlite3 an optional dependency
- Improved error handling with clear messages
- Updated version to 2.7.13
- Updated CHANGELOG and README badges
- Updated n8n from 1.100.1 to 1.101.1
- Updated n8n-core from 1.99.0 to 1.100.0
- Updated n8n-workflow from 1.97.0 to 1.98.0
- Updated @n8n/n8n-nodes-langchain from 1.99.0 to 1.100.1
- Rebuilt node database with 528 nodes
- All validation tests passing
- Bumped version to 2.7.12
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added runtime FTS5 detection in database adapters
- Removed FTS5 from required schema to prevent "no such module" errors
- FTS5 tables/triggers created conditionally only if supported
- Template search automatically falls back to LIKE when FTS5 unavailable
- Works in ALL SQLite environments (Claude Desktop, restricted envs, etc.)
This ensures search_templates() works correctly regardless of SQLite build,
while still providing optimal performance when FTS5 is available.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Reduced average description length from 250-450 to 93-129 chars
- Documentation tools now average 129 chars per description
- Management tools average just 93 chars per description
- Moved detailed documentation to tools_documentation() system
- Only 2 tools exceed 200 chars (necessarily verbose)
Also includes search_nodes improvements:
- Fixed primary node ranking (webhook, HTTP Request now appear first)
- Fixed FUZZY mode threshold for better typo tolerance
- Removed unnecessary searchInfo messages
- Fixed HTTP node type case sensitivity issue
This significantly improves AI agent performance by reducing context usage
while preserving all essential information.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Critical fixes based on Claude Desktop feedback:
1. Fixed crypto documentation: require('crypto') IS available despite editor warnings
- Added clear examples of crypto usage
- Updated validation to guide correct require() usage
2. Clarified $helpers vs standalone functions
- $getWorkflowStaticData() is standalone, NOT $helpers.getWorkflowStaticData()
- Added validation to catch incorrect usage (prevents '$helpers is not defined' errors)
- Enhanced examples showing proper $helpers availability checks
3. Fixed JMESPath numeric literal documentation
- n8n requires backticks around numbers in filters: [?age >= `18`]
- Added multiple examples and validation to detect missing backticks
- Prevents 'JMESPath syntax error' that Claude Desktop encountered
4. Fixed webhook data access gotcha
- Webhook payload is at items[0].json.body, NOT items[0].json
- Added dedicated 'Webhook Data Access' section with clear examples
- Created process_webhook_data task template
- Added validation to detect incorrect webhook data access patterns
All fixes based on production workflows TaNqYoZNNeHC4Hne and JZ9urD7PNClDZ1bm
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Root cause: AI agents were placing error handling properties inside `parameters` instead of at node level
Major changes:
- Enhanced workflow validator to check for ALL node-level properties (expanded from 6 to 11)
- Added validation for onError property values and deprecation warnings for continueOnFail
- Updated all examples to use modern error handling (onError instead of continueOnFail)
- Added comprehensive node-level properties documentation in tools_documentation
- Enhanced MCP tool documentation for n8n_create_workflow and n8n_update_partial_workflow
- Added test script demonstrating correct node-level property usage
Node-level properties now validated:
- credentials, disabled, notes, notesInFlow, executeOnce
- onError, retryOnFail, maxTries, waitBetweenTries, alwaysOutputData
- continueOnFail (deprecated)
Validation improvements:
- Detects misplaced properties and provides clear fix examples
- Shows complete node structure when properties are incorrectly placed
- Type validation for all node-level boolean and string properties
- Smart error messages with correct placement guidance
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added specific error reasons for auth failures: no_auth_header, invalid_auth_format, invalid_token
- Fixed AUTH_TOKEN_FILE support in Docker production stacks (issue #16)
- Added AUTH_TOKEN_FILE support to single-session HTTP server for consistency
- Enhanced security by removing token lengths from logs
- Added token trimming and empty token validation
- Updated Docker entrypoint to properly support AUTH_TOKEN_FILE
- Bumped version to 2.7.10
This improves debugging for mcp-remote authentication issues and enables
proper Docker secrets usage in production environments.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add bin configuration to package.json for npx execution
- Implement smart database path resolution for npx/global/local installs
- Create dedicated npm publish script using runtime-only dependencies
- Add .npmignore to control published package contents
- Update README with npx as primary installation method
- Add n8n version badge to README
- Sync version between package.json and package.runtime.json
- Update CHANGELOG for v2.7.8 release
This allows users to run 'npx n8n-mcp' without installing the package,
reducing friction and making it easier to get started with n8n-MCP.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add AUTH_TOKEN_FILE environment variable support for reading auth tokens from files
- Support Docker secrets pattern for production deployments
- Add Known Issues section documenting Claude Desktop container duplication bug
- Update documentation with authentication options and best practices
- Fix issue #16: AUTH_TOKEN_FILE was documented but not implemented
- Add comprehensive tests for AUTH_TOKEN_FILE functionality
BREAKING CHANGE: None - AUTH_TOKEN continues to work as before
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Renamed start_here_workflow_guide to tools_documentation for clarity
- Added depth parameter to control documentation detail (essentials/full)
- Converted output from JSON to LLM-friendly plain text format
- Added per-tool documentation capability
- Created two-tier documentation system:
- Essentials: brief info with key parameters and tips
- Full: comprehensive docs with examples and best practices
- Documented 8 commonly used MCP tools
- Removed 380+ lines of unused getWorkflowGuide method
- Fixed duplicate tool definitions
- Updated all documentation references
- Added test script for tools documentation
BREAKING CHANGE: start_here_workflow_guide renamed to tools_documentation
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Removed ~965MB of temporary directories (temp/, extracted-nodes/, etc)
- Deleted outdated database files and backups (.bak files)
- Removed legacy shell scripts (mcp-server-v20.sh, rebuild-v20.sh)
- Cleaned up orphan test files and debugging scripts
- Removed duplicate schema file (src/db/schema.sql)
- Deleted old Dockerfile.old and empty database files
- Updated documentation structure in README.md
- Added n8n_diagnostic tool to documentation
- Condensed version history in CLAUDE.md
- Created release notes for v2.7.0
Total impact: Removed 34 files, saving ~965MB+ of disk space
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added uuid ^10.0.0 to package.json and package.runtime.json
- Fixed MODULE_NOT_FOUND error in Docker containers
- Updated package.runtime.json version to match main (2.7.0)
- Aligned @modelcontextprotocol/sdk version between packages
- Updated CHANGELOG.md with v2.7.0 release notes
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Update n8n version from v1.97.1 to v1.99.1 in README
- Fix 7 broken documentation links to point to existing files
- Standardize Docker image size to ~280MB across all docs (was inconsistent: 150MB/200MB/283MB)
- Add missing npm scripts for test commands (test:essentials, test:enhanced-validation, etc.)
- Update CHANGELOG.md with missing versions 2.4.0 through 2.5.1
- Update README_CLAUDE_SETUP.md to list all 21+ MCP tools (was only showing 6)
- Document 5 additional npm scripts in CLAUDE.md
- Update AI-capable nodes count to 263 (was 35 in old docs)
All documentation now accurately reflects the current codebase state.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated CLAUDE.md with v2.3.3 achievements and metrics
- Updated README.md with new node counts and v2.3.3 features
- Added comprehensive CHANGELOG.md entry for v2.3.3
- Bumped version in package.json to 2.3.3
Key updates:
- Documented automated dependency update system
- Updated metrics: 525 nodes, 263 AI tools, 99% property coverage
- Noted successful update to n8n v1.97.1
- Documented validation script fixes
Major documentation cleanup and updates:
Updates:
- Add USE_FIXED_HTTP=true to all Docker and HTTP deployment examples
- Update main README with v2.3.2 release notes and version badges
- Add HTTP server troubleshooting section for stream errors
- Update CHANGELOG with v2.3.1 and v2.3.2 entries
- Update all configuration examples (.env.example, docker-compose.yml)
- Add clear instructions for using the fixed HTTP implementation
Removed legacy documentation (11 files):
- Implementation plans that have been completed
- Architecture analysis documents
- Intermediate fix documentation
- Planning documents for features now implemented
- Duplicate SETUP.md (content merged into INSTALLATION.md)
The documentation now accurately reflects the current v2.3.2 state
with the complete HTTP server fix using USE_FIXED_HTTP=true.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
