* fix: intercept process.stdout.write to prevent JSON-RPC corruption in stdio mode (#628, #627, #567)
Console method suppression alone was insufficient — native modules, n8n packages,
and third-party code can call process.stdout.write() directly, leaking debug output
(refCount, dbPath, clientVersion, protocolVersion, etc.) into the MCP JSON-RPC stream.
Added stdout write interceptor that only allows JSON-RPC messages through (objects
containing "jsonrpc" field). All other writes are redirected to stderr. This fixes
the flood of "Unexpected token is not valid JSON" warnings on every new Claude
Desktop chat.
Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* ci: add Docker Hub login to fix buildx bootstrap rate limiting
GitHub-hosted runners hit Docker Hub anonymous pull limits when
setup-buildx-action pulls moby/buildkit. Add docker/login-action
for Docker Hub before setup-buildx-action in all 4 workflows:
docker-build.yml, docker-build-fast.yml, docker-build-n8n.yml, release.yml.
Uses DOCKERHUB_USERNAME and DOCKERHUB_TOKEN repository secrets.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The release workflow only ran `npm run build` (TypeScript), skipping the
UI apps build. This meant ui-apps/dist/ was missing from npm packages.
- Change `npm run build` to `npm run build:all` in build-and-verify and
publish-npm jobs
- Copy ui-apps/dist into the npm publish directory
- Add ui-apps/dist/**/* to the published package files list
- Bump version to 2.34.2
Conceived by Romuald Czlonkowski - https://www.aiadvisors.pl/en
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Docker images were built with stale package.runtime.json (v2.29.5)
while npm package was at v2.33.0. This was caused by the build-docker
job not syncing the version before building, while publish-npm did.
Changes:
- Add "Sync runtime version" step to release.yml build-docker job
- Add "Sync runtime version" step to docker-build.yml build job
- Add "Sync runtime version" step to docker-build.yml build-railway job
- Bump version to 2.33.1 to trigger release with fix
The sync uses a lightweight Node.js one-liner (no npm install needed)
to update package.runtime.json version from package.json before
Docker builds.
Conceived by Romuald Czlonkowski - www.aiadvisors.pl/en
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
NPM classic tokens were revoked on Dec 9, 2025. OIDC trusted publishing
requires npm >= 11.5.1 which caused lockfile sync issues with npm ci.
Reverted to Node 20 with granular access token approach:
- Removed OIDC permissions block
- Removed npm upgrade step
- Restored NODE_AUTH_TOKEN usage
- Removed --provenance flag
User created new granular token with "Bypass 2FA" enabled.
Conceived by Romuald Członkowski - www.aiadvisors.pl/en
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
OIDC trusted publishing requires npm >= 11.5.1, but Node.js 20/22
ships with npm 10.x. Added explicit npm upgrade step before publish.
Also upgraded to Node.js 22 for better npm compatibility.
Conceived by Romuald Członkowski - www.aiadvisors.pl/en
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fixed invalid multi-line string syntax at line 148 that was breaking
YAML parsing and blocking CI on main branch.
Changed from quoted multi-line string to heredoc (cat <<EOF) which is
the proper way to handle multi-line strings in bash within GitHub Actions.
Error: "You have an error in your yaml syntax on line 148"
Root cause: Multi-line bash string using quotes breaks YAML parsing
Resolution: Use heredoc for multi-line strings in bash scripts
This resolves CI failure: https://github.com/czlonkowski/n8n-mcp/actions/runs/18777697750
Concieved by Romuald Członkowski - www.aiadvisors.pl/en
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add commit-based release notes generation to GitHub releases.
This PR updates the release workflow to generate release notes from git commits instead of extracting from CHANGELOG.md. The new system:
- Automatically detects the previous tag for comparison
- Categorizes commits using conventional commit types
- Includes commit hashes and contributor statistics
- Handles first release scenario gracefully
Related: #362 (test architecture refactoring)
Conceived by Romuald Członkowski - www.aiadvisors.pl/en
* fix: Prevent Docker multi-arch race condition (fixes#328)
Resolves race condition where docker-build.yml and release.yml both
push to 'latest' tag simultaneously, causing temporary ARM64-only
manifest that breaks AMD64 users.
Root Cause Analysis:
- During v2.20.0 release, 5 workflows ran concurrently on same commit
- docker-build.yml (triggered by main push + v* tag)
- release.yml (triggered by package.json version change)
- Both workflows pushed to 'latest' tag with no coordination
- Temporal window existed where only ARM64 platform was available
Changes - docker-build.yml:
- Remove v* tag trigger (let release.yml handle versioned releases)
- Add concurrency group to prevent overlapping runs on same branch
- Enable build cache (change no-cache: true -> false)
- Add cache-from/cache-to for consistency with release.yml
- Add multi-arch manifest verification after push
Changes - release.yml:
- Update concurrency group to be ref-specific (release-${{ github.ref }})
- Add multi-arch manifest verification for 'latest' tag
- Add multi-arch manifest verification for version tag
- Add 5s delay before verification to ensure registry processes push
Impact:
✅ Eliminates race condition between workflows
✅ Ensures 'latest' tag always has both AMD64 and ARM64
✅ Faster builds (caching enabled in docker-build.yml)
✅ Automatic verification catches incomplete pushes
✅ Clearer separation: docker-build.yml for CI, release.yml for releases
Testing:
- TypeScript compilation passes
- YAML syntax validated
- Will test on feature branch before merge
Closes#328🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* fix: Address code review - use shared concurrency group and add retry logic
Critical fixes based on code review feedback:
1. CRITICAL: Fixed concurrency groups to be shared between workflows
- Changed from workflow-specific groups to shared 'docker-push-${{ github.ref }}'
- This actually prevents the race condition (previous groups were isolated)
- Both workflows now serialize Docker pushes to prevent simultaneous updates
2. Added retry logic with exponential backoff
- Replaced fixed 5s sleep with intelligent retry mechanism
- Retries up to 5 times with exponential backoff: 2s, 4s, 8s, 16s
- Accounts for registry propagation delays
- Fails fast if manifest is still incomplete after all retries
3. Improved Railway build job
- Added 'needs: build' dependency to ensure sequential execution
- Enabled caching (no-cache: false) for faster builds
- Added cache-from/cache-to for consistency
4. Enhanced verification messaging
- Clarified version tag format (without 'v' prefix)
- Added attempt counters and wait time indicators
- Better error messages with full manifest output
Previous Issue:
- docker-build.yml used group: docker-build-${{ github.ref }}
- release.yml used group: release-${{ github.ref }}
- These are DIFFERENT groups, so no serialization occurred
Fixed:
- Both now use group: docker-push-${{ github.ref }}
- Workflows will wait for each other to complete
- Race condition eliminated
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* chore: bump version to 2.20.1 and update CHANGELOG
Version Changes:
- package.json: 2.20.0 → 2.20.1
- package.runtime.json: 2.19.6 → 2.20.1 (sync with main version)
CHANGELOG Updates:
- Added comprehensive v2.20.1 entry documenting Issue #328 fix
- Detailed problem analysis with race condition timeline
- Root cause explanation (separate concurrency groups)
- Complete list of fixes and improvements
- Before/after comparison showing impact
- Technical details on concurrency serialization and retry logic
- References to issue #328, PR #334, and code review
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
## Problem
PR #309 added `main`, `types`, and `exports` fields to package.json for library usage,
but v2.18.9 was published without these fields. The publish scripts (both local and CI/CD)
use package.runtime.json as the base and didn't copy these critical fields.
Result: npm package broke library usage for multi-tenant backends.
## Root Cause
Both scripts/publish-npm.sh and .github/workflows/release.yml:
- Copy package.runtime.json as base package.json
- Add metadata fields (name, bin, repository, etc.)
- Missing: main, types, exports fields
## Changes
### 1. scripts/publish-npm.sh
- Added main, types, exports fields to package.json generation
- Removed test suite execution (already runs in CI)
### 2. .github/workflows/release.yml
- Added main, types, exports fields to CI publish step
### 3. Version bump
- Bumped to v2.18.10 to republish with correct fields
## Verification
✅ Local publish preparation tested
✅ Generated package.json has all required fields:
- main: "dist/index.js"
- types: "dist/index.d.ts"
- exports: { "." : { types, require, import } }
✅ TypeScript compilation passes
✅ All library export paths validated
## Impact
- Fixes library usage for multi-tenant deployments
- Enables downstream n8n-mcp-backend project
- Maintains backward compatibility (CLI/Docker unchanged)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit fixes the critical release pipeline failures that have
blocked 19 out of 20 recent npm package releases.
## Root Cause Analysis
The release workflow was failing with exit code 139 (segmentation fault)
during the "npm run rebuild" step. The rebuild process loads 400+ n8n
nodes with full metadata into memory, causing memory exhaustion and
crashes on GitHub Actions runners.
## Changes Made
### 1. NPM Registry Version Validation
- Added version validation against npm registry before release
- Prevents attempting to publish already-published versions
- Ensures new version is greater than current npm version
- Provides early failure with clear error messages
### 2. Database Rebuild Removal
- Removed `npm run rebuild` from both build-and-verify and publish-npm jobs
- Database file (data/nodes.db) is already built during development and committed
- Added verification step to ensure database exists before proceeding
- Saves 2-3 minutes per release and eliminates segfault risk
### 3. Redundant Test Removal
- Removed `npm test` from build-and-verify job
- Tests already pass in PR before merge (GitHub branch protection)
- Same commit gets released - no code changes between PR and release
- Saves 6-7 minutes per release
- Kept `npm run typecheck` for fast syntax validation
### 4. Job Renaming and Dependencies
- Renamed `build-and-test` → `build-and-verify` (reflects actual purpose)
- Updated all job dependencies to reference new job name
- Workflow now aligns with `publish-npm-quick.sh` philosophy
## Performance Impact
- **Time savings**: ~8-10 minutes per release
- Database rebuild: 2-3 minutes saved
- Redundant tests: 6-7 minutes saved
- **Reliability**: 19/20 failures → 0% expected failure rate
- **Safety**: All safeguards maintained via PR testing and typecheck
## Benefits
✅ No more segmentation faults (exit code 139)
✅ No duplicate version publishes (npm registry check)
✅ Faster releases (8-10 minutes saved)
✅ Simpler, more maintainable pipeline
✅ Tests run once (in PR), deploy many times
✅ Database verified but not rebuilt
## Version Bump
Bumped version from 2.17.5 → 2.17.6 to trigger release workflow
and validate the new npm registry version check.
Fixes: Release automation blocked by CI/CD failures (19/20 releases)
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- GitHub Actions doesn't support both 'paths' and 'paths-ignore' in the same trigger
- This was causing the release workflow to fail on startup
- Keeping only the 'paths' filter for package.json changes
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add comprehensive paths-ignore to all workflows to skip runs when only docs are changed
- Standardize pattern ordering across all workflow files
- Fix redundant path configuration in benchmark-pr.yml
- Add support for more documentation file types (*.txt, examples/**, .gitignore, etc.)
- Ensure LICENSE* pattern covers all license file variants
This optimization saves CI/CD minutes and reduces costs by avoiding unnecessary
test runs, Docker builds, and benchmarks for documentation-only commits.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix GitHub Actions expression in shell script by using env variable
- Prevents YAML parsing error on line 452
- Ensures workflow can execute properly
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fix multiline commit message syntax that was breaking YAML parsing
- Add missing GITHUB_TOKEN environment variable for gh CLI commands
- Simplify commit message to avoid YAML parsing issues
The workflow was failing due to unescaped multiline string in git commit command.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add release.yml GitHub workflow for automated npm releases
- Add prepare-release.js script for version bumping and changelog
- Add extract-changelog.js for release notes extraction
- Add test-release-automation.js for testing the workflow
- Add documentation for automated releases
This enables automatic npm publishing when tags are pushed,
fixing the issue where releases were created but npm packages
were not published.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
