Addresses "Cannot read properties of undefined (reading 'map')" error
by adding validation and fallback handling for n8n API responses.
Changes:
- Add response structure validation in listWorkflows, listExecutions,
listCredentials, and listTags methods
- Handle edge case where API returns array directly instead of
{data: [], nextCursor} wrapper object
- Provide clear error messages when response format is unexpected
- Add logging when using fallback format handling
This fix ensures compatibility with different n8n API versions and
prevents runtime errors when the response structure varies from expected.
Fixes#349
Conceived by Romuald Członkowski - www.aiadvisors.pl/en
This commit implements HIGH-02 (Rate Limiting) and HIGH-03 (SSRF Protection)
from the security audit, protecting against brute force attacks and
Server-Side Request Forgery.
Security Enhancements:
- Rate limiting: 20 attempts per 15 minutes per IP (configurable)
- SSRF protection: Three security modes (strict/moderate/permissive)
- DNS rebinding prevention
- Cloud metadata blocking in all modes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Fixed health check to use correct /healthz endpoint instead of /health
- Added MCP version (mcpVersion) and supported n8n version (supportedN8nVersion) to health check response
- Added versionNote field with instructions for AI agents about manual version verification
- n8n API limitation: instance version cannot be determined automatically
- Updated axios usage for healthz endpoint access with proper error handling
