- Update flexible-instance-security.test.ts to match new specific error messages
- Update flexible-instance-security-advanced.test.ts for enhanced validation
- Improve security by removing sensitive data from validation error messages
- All 37 security tests now passing
Fixes CI test failures after validation enhancement
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Add cache-utils.ts with hash memoization, configurable cache, metrics tracking, mutex, and retry logic
- Enhance validation with field-specific error messages in instance-context.ts
- Add JSDoc documentation to all public methods
- Make cache configurable via INSTANCE_CACHE_MAX and INSTANCE_CACHE_TTL_MINUTES env vars
- Add comprehensive test coverage for cache utilities and metrics monitoring
- Fix test expectations for new validation error format
Addresses all feedback from PR #209 code review
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Add InstanceContext interface for runtime configuration
- Implement dual-mode API client (singleton + instance-specific)
- Add secure SHA-256 hashing for cache keys
- Implement LRU cache with TTL (100 instances, 30min expiry)
- Add comprehensive input validation for URLs and API keys
- Sanitize all logging to prevent API key exposure
- Fix session context cleanup and memory management
- Add comprehensive security and integration tests
- Maintain full backward compatibility for single-player usage
Security improvements based on code review:
- Cache keys are now cryptographically hashed
- API credentials never appear in logs
- Memory-bounded cache prevents resource exhaustion
- Input validation rejects invalid/placeholder values
- Proper cleanup of orphaned session contexts
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Changed UpdateNodeOperation interface to use 'updates' instead of 'changes'
- Updated UpdateConnectionOperation for consistency
- Fixed implementation in workflow-diff-engine.ts
- Updated Zod schema validation
- Fixed documentation and examples
- Updated tests to match new property name
This resolves GitHub issues #159 and #168 where partial workflow updates
were failing, forcing AI agents to fall back to expensive full updates.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix getTemplatesByCategory to use parameterized SQL concatenation
- Fix searchTemplatesByMetadata to handle empty string filters
- Change truthy checks to explicit undefined checks for filter parameters
- Update test expectations to match secure parameterization patterns
All 21 tests in template-repository-security.test.ts now pass ✓
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix method name mismatches in template repository tests
- Enhance node categorization logic for AI/ML nodes
- Correct test expectations for metadata search
- Add missing schema properties in MCP tools
- Improve detection of agent and OpenAI nodes
All 21 failing tests now passing
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix template service tests to include description field
- Add missing repository methods for metadata queries
- Fix metadata generator test mocking issues
- Add missing runtime dependencies (openai, zod) to package.runtime.json
- Update test expectations for new template format
Fixes CI failures in PR #194
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix SQL injection vulnerability in template-repository.ts
- Use proper parameterization with SQLite concatenation operator
- Escape JSON strings correctly for LIKE queries
- Prevent malicious SQL through filter parameters
- Add input sanitization for OpenAI API calls
- Sanitize template names and descriptions before sending to API
- Remove control characters and prompt injection patterns
- Limit input length to prevent token abuse
- Lower temperature to 0.3 for consistent structured outputs
- Add comprehensive test coverage
- 100+ new tests for metadata functionality
- Security-focused tests for SQL injection prevention
- Integration tests with real database operations
Co-Authored-By: Claude <noreply@anthropic.com>
- Implement OpenAI batch API integration for metadata generation
- Add search_templates_by_metadata tool with advanced filtering
- Enhance list_templates to include descriptions and optional metadata
- Generate metadata for 2,534 templates (97.5% coverage)
- Update README with Template Tools section and enhanced Claude setup
- Add comprehensive documentation for metadata system
Enables intelligent template discovery through:
- Complexity levels (simple/medium/complex)
- Setup time estimates (5-480 minutes)
- Target audience filtering (developers/marketers/analysts)
- Required services detection
- Category and use case classification
Co-Authored-By: Claude <noreply@anthropic.com>
- Implement OpenAI batch API integration for metadata generation
- Add metadata columns to database schema (metadata_json, metadata_generated_at)
- Create MetadataGenerator service with structured output schemas
- Create BatchProcessor for handling OpenAI batch jobs
- Add --generate-metadata flag to fetch-templates script
- Update template repository with metadata management methods
- Add OpenAI configuration to environment variables
- Include comprehensive tests for metadata generation
- Use gpt-4o-mini model with 50% cost savings via batch API
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add template-node-resolver utility to handle various input formats
- Support bare node names (e.g., 'slack' → 'n8n-nodes-base.slack')
- Handle partial prefixes (e.g., 'nodes-base.webhook')
- Implement case-insensitive matching
- Add intelligent expansions for related node types
- Update template repository to use resolver for fuzzy matching
- Add comprehensive test suite with 23 tests
This addresses improvement #1.1 from the AI agent enhancement report,
reducing failed template queries by ~50% and making the API more intuitive
for both AI agents and human users.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add pagination support to all template search/list tools
- Consistent response format with total, limit, offset, hasMore
- Support for customizable limits (1-100) and offsets
- Add new list_templates tool for browsing all templates
- Returns minimal data (id, name, views, node count)
- Supports sorting by views, created_at, or name
- Efficient for discovering available templates
- Enhance get_template with flexible response modes
- nodes_only: Just list of node types (minimal tokens)
- structure: Nodes with positions and connections
- full: Complete workflow JSON (default)
- Update database_statistics to show template count
- Shows total templates, average/min/max views
- Provides complete database overview
- Add count methods to repository for pagination
- getSearchCount, getNodeTemplatesCount, getTaskTemplatesCount
- Enables accurate pagination info
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add gzip compression for workflow JSONs (89% size reduction)
- Filter templates with ≤10 views to remove low-quality content
- Reduce template count from 4,505 to 2,596 high-quality templates
- Compress template data from ~75MB to 12.10MB
- Total database reduced from 117MB to 48MB
- Add on-the-fly decompression for template retrieval
- Update schema to support compressed workflow storage
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated n8n-nodes-base to 1.106.3
- Updated @n8n/n8n-nodes-langchain to 1.106.3
- Enhanced SQL.js compatibility in database adapter
- Fixed parameter binding and state management in SQLJSStatement
- Rebuilt node database with 535 nodes
- All tests passing with Node.js v22.17.0 LTS
- Fix type safety vulnerability in enhanced-config-validator.ts
- Added proper type checking before string operations
- Return early when nodeType is invalid instead of using empty string
- Improve error handling robustness in MCP server
- Wrapped validation in try-catch to handle unexpected errors
- Properly re-throw ValidationError instances
- Add user-friendly error messages for internal errors
- Write comprehensive CHANGELOG entry for v2.10.3
- Document fixes for issues #58, #68, #70, #73
- Detail new validation system features
- List all enhancements and test coverage
Addressed HIGH priority issues from code review:
- Type safety holes in config validator
- Missing error handling for validation system failures
- Consistent error types across validation tools
- Fix cycle detection to allow legitimate SplitInBatches loops while preventing other cycles
- Fix loop back detection by properly accessing workflow connections structure
- Update test expectations to match actual validation behavior:
- Processing nodes on wrong outputs that loop back generate errors (not warnings)
- Valid loop structures should generate no split-related warnings
- Correct node naming in tests to avoid triggering unintended validation patterns
- Update node repository core tests to handle new outputs/outputNames columns
- Add comprehensive loop validation test coverage with 16 + 19 tests
All workflow validator tests now pass: 35/35 tests ✅🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
## Problem
AI assistants were consistently connecting SplitInBatches node outputs backwards because:
- Output index 0 = "done" (runs after loop completes)
- Output index 1 = "loop" (processes items inside loop)
This counterintuitive ordering caused incorrect workflow connections.
## Solution
Enhanced the n8n-mcp system to expose and clarify output information:
### Database & Schema
- Added `outputs` and `output_names` columns to nodes table
- Updated NodeRepository to store/retrieve output information
### Node Parsing
- Enhanced NodeParser to extract outputs and outputNames from nodes
- Properly handles versioned nodes like SplitInBatchesV3
### MCP Server
- Modified getNodeInfo to return detailed output descriptions
- Added connection guidance for each output
- Special handling for loop nodes (SplitInBatches, IF, Switch)
### Documentation
- Enhanced DocsMapper to inject critical output guidance
- Added warnings about counterintuitive output ordering
- Provides correct connection patterns for loop nodes
### Workflow Validation
- Added validateSplitInBatchesConnection method
- Detects reversed connections and provides specific errors
- Added checkForLoopBack with depth limit to prevent stack overflow
- Smart heuristics to identify likely connection mistakes
## Testing
- Created comprehensive test suite (81 tests)
- Unit tests for all modified components
- Edge case handling for malformed data
- Performance testing with large workflows
## Impact
AI assistants will now:
- See explicit output indices and names (e.g., "Output 0: done")
- Receive clear connection guidance
- Get validation errors when connections are reversed
- Have enhanced documentation explaining the correct pattern
Fixes#97🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added cleanupTimer property to track setInterval timer
- Implemented destroy() method to clear timer and prevent memory leak
- Updated MCP server shutdown to call cache.destroy()
- Enhanced HTTP server error handling with transport.onerror
- Fixed event listener cleanup to prevent accumulation
- Added comprehensive test coverage for memory leak prevention
This fixes the issue where MCP server would lose connection after
several hours due to timer accumulation causing memory exhaustion.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add FixedCollectionValidator utility to handle all fixedCollection patterns
- Support validation for 12 different node types including Switch, If, Filter,
Summarize, Compare Datasets, Sort, Aggregate, Set, HTML, HTTP Request, and Airtable
- Refactor enhanced-config-validator to use the generic utility
- Add comprehensive tests with 19 test cases covering all node types
- Maintain backward compatibility with existing validation behavior
This prevents the 'propertyValues[itemName] is not iterable' error across all
susceptible n8n nodes, not just Switch/If/Filter.
- Add validation for invalid fixedCollection structures in Switch, If, and Filter nodes
- Detect and prevent nested 'conditions.values' patterns that cause n8n UI crashes
- Support both 'n8n-nodes-base.x' and 'nodes-base.x' node type formats
- Provide auto-fix suggestions for invalid structures
- Add comprehensive test coverage for all edge cases
This prevents AI agents from creating invalid node configurations that break n8n's UI.
- Add validateToolParams method with clear error messages
- Fix failing tests to expect new parameter validation errors
- Create comprehensive parameter validation test suite (52 tests)
- Add parameter validation for all n8n management tools
- Test numeric parameter conversion and edge cases
- Ensure consistent error format across all tools
- Verify MCP error response handling
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix express.json() mocking issue in tests by properly creating express mock
- Update test expectations to match new security-enhanced response format
- Adjust CORS test to include DELETE method added for session management
- All n8n mode tests now passing with security features intact
The server now includes:
- Production token validation with minimum 32 character requirement
- Session limiting (max 100 concurrent sessions)
- Automatic session cleanup every 5 minutes
- Enhanced health endpoint with security and session metrics
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add N8N_MODE environment variable for n8n-specific behavior
- Implement HTTP Streamable transport with multiple session support
- Add protocol version endpoint (GET /mcp) for n8n compatibility
- Support multiple initialize requests for stateless n8n clients
- Add Docker configuration for n8n deployment
- Add test script with persistent volume support
- Add comprehensive unit tests for n8n mode
- Fix session management to handle per-request transport pattern
BREAKING CHANGE: Server now creates new transport for each initialize request
when running in n8n mode to support n8n's stateless client architecture
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Major improvements based on comprehensive test suite review:
Test Fixes:
- Fix all 78 failing tests across logger, MSW, and validator tests
- Fix console spy management in logger tests with proper DEBUG env handling
- Fix MSW test environment restoration in session-management.test.ts
- Fix workflow validator tests by adding proper node connections
- Fix mock setup issues in edge case tests
Test Organization:
- Split large config-validator.test.ts (1,075 lines) into 4 focused files
- Rename 63+ tests to follow "should X when Y" naming convention
- Add comprehensive edge case test files for all major validators
- Create tests/README.md with testing guidelines and best practices
New Features:
- Add ConfigValidator.validateBatch() method for bulk validation
- Add edge case coverage for null/undefined, boundaries, invalid data
- Add CI-aware performance test timeouts
- Add JSDoc comments to test utilities and factories
- Add workflow duplicate node name validation tests
Results:
- All tests passing: 1,356 passed, 19 skipped
- Test coverage: 85.34% statements, 85.3% branches
- From 78 failures to 0 failures
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove AI agent coordination files and progress tracking
- Remove temporary test results and generated artifacts
- Remove diagnostic test scripts from src/scripts/
- Remove development planning documents
- Update .gitignore to exclude test artifacts
- Clean up 53 temporary files total
- Fixed undefined variable reference in server.ts (possiblePaths)
- Fixed type mismatches in database performance tests
- Added proper type assertions for MCP response objects
- Fixed TemplateNode interface compliance in tests
All TypeScript checks now pass successfully.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed better-sqlite3 ES module imports across all tests
- Updated template repository method to handle undefined results
- Fixed all database column references to match schema
- Corrected MCP transport initialization
- All integration tests now passing
- Create benchmark test suites for critical operations:
- Node loading performance
- Database query performance
- Search operations performance
- Validation performance
- MCP tool execution performance
- Add GitHub Actions workflow for benchmark tracking:
- Runs on push to main and PRs
- Uses github-action-benchmark for historical tracking
- Comments on PRs with performance results
- Alerts on >10% performance regressions
- Stores results in GitHub Pages
- Create benchmark infrastructure:
- Custom Vitest benchmark configuration
- JSON reporter for CI results
- Result formatter for github-action-benchmark
- Performance threshold documentation
- Add supporting utilities:
- SQLiteStorageService for benchmark database setup
- MCPEngine wrapper for testing MCP tools
- Test factories for generating benchmark data
- Enhanced NodeRepository with benchmark methods
- Document benchmark system:
- Comprehensive benchmark guide in docs/BENCHMARKS.md
- Performance thresholds in .github/BENCHMARK_THRESHOLDS.md
- README for benchmarks directory
- Integration with existing test suite
The benchmark system will help monitor performance over time and catch regressions before they reach production.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Create comprehensive test suite with 69 tests for WorkflowValidator
- Increase coverage from 2.32% to 97.59%
- Fix bugs in WorkflowValidator:
- Add null checks for workflow.nodes before accessing length
- Fix checkNodeErrorHandling to process each node individually
- Fix disabled node validation logic
- Ensure error-prone nodes generate proper warnings
- Test all major methods and edge cases:
- validateWorkflow with different options
- validateAllNodes with various node types
- validateConnections including cycles and orphans
- validateExpressions with complex expressions
- checkWorkflowPatterns for best practices
- checkNodeErrorHandling for error configurations
- generateSuggestions for helpful tips
All 69 tests now passing with excellent coverage.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove Jest and all related packages
- Install Vitest with coverage support
- Create vitest.config.ts with path aliases
- Set up global test configuration
- Migrate all 6 test files to Vitest syntax
- Update TypeScript configuration for better Vitest support
- Create separate tsconfig.build.json for clean builds
- Fix all import/module issues in tests
- All 68 tests passing successfully
- Current coverage baseline: 2.45%
Phase 1 of testing suite improvement complete.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added proper SIGTERM/SIGINT signal handlers to stdio-wrapper.ts
- Removed problematic trap commands from docker-entrypoint.sh
- Added STOPSIGNAL directive to Dockerfile for explicit signal handling
- Implemented graceful shutdown in MCP server with database cleanup
- Added stdin close detection for proper cleanup when Claude Desktop closes the pipe
- Containers now properly exit with the --rm flag, preventing accumulation
- Added --init flag to all Docker configuration examples
- Updated documentation with container lifecycle management best practices
- Bumped version to 2.7.20
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added support for n8n-nodes-langchain.* → nodes-langchain.* normalization
- Implemented case-insensitive node name matching (e.g., chattrigger → chatTrigger)
- Added smart camelCase detection for common patterns (trigger, request, sheets, etc.)
- Fixed get_node_documentation tool to use same normalization logic as other tools
- Updated all 7 node lookup locations to use normalized types for alternatives
- Enhanced getNodeTypeAlternatives() to normalize all generated alternatives
All MCP tools now consistently handle various format variations:
- nodes-langchain.chatTrigger (correct format)
- n8n-nodes-langchain.chatTrigger (package format)
- n8n-nodes-langchain.chattrigger (package + wrong case)
- nodes-langchain.chattrigger (wrong case only)
- @n8n/n8n-nodes-langchain.chatTrigger (full npm format)
Bump version to 2.7.19
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Changed misleading 'total' field to 'returned' to clarify it's the count in current page
- Added 'hasMore' boolean flag for clear pagination indication
- Added '_note' guidance when more data is available
- Applied same improvements to n8n_list_executions for consistency
Performance improvements:
- Tool now returns only minimal metadata instead of full workflow structure
- Reduced response size by ~95% (from thousands to ~10 tokens per workflow)
- Eliminated token limit errors when listing workflows with many nodes
- Updated descriptions and documentation to clarify minimal response
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed health check to use correct /healthz endpoint instead of /health
- Added MCP version (mcpVersion) and supported n8n version (supportedN8nVersion) to health check response
- Added versionNote field with instructions for AI agents about manual version verification
- n8n API limitation: instance version cannot be determined automatically
- Updated axios usage for healthz endpoint access with proper error handling
- Added workflowNodeType field to all node-returning MCP tools
- AI agents now receive both internal format (nodes-base.webhook) and workflow format (n8n-nodes-base.webhook)
- Created getWorkflowNodeType() utility to construct proper n8n format from package name
- Solves issue where AI agents would search nodes and use wrong format in workflows
- No database changes required - uses existing package_name field
- Updated: search_nodes, get_node_info, get_node_essentials, get_node_as_tool_info, validate_node_operation
- Updated CHANGELOG.md with comprehensive documentation of the changes
This completes the fix for issue #71, ensuring AI agents can seamlessly create workflows
with the correct node type format without manual intervention.
- Add centralized normalizeNodeType utility to handle prefix conversion
- n8n-nodes-base.* → nodes-base.*
- @n8n/n8n-nodes-langchain.* → nodes-langchain.*
- Update all 9 affected MCP tools to use normalized node types
- AI agents can now use node types directly from n8n workflow exports
- Maintains backward compatibility with existing shortened prefixes
- Add comprehensive test coverage for all affected methods
Fixes#71🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
