n8n-mcp

ros/n8n-mcp

Fork 0

Commit Graph

Author	SHA1	Message	Date
czlonkowski	9cd5e42cb7	fix: resolve Docker integration test failures in CI Root cause analysis and fixes: 1. MCP_MODE environment variable tests - Issue: Tests were checking env vars after exec process replacement - Fix: Test actual HTTP server behavior instead of env vars - Changed tests to verify health endpoint responds in HTTP mode 2. NODE_DB_PATH configuration tests - Issue: Tests expected env var output but got initialization logs - Fix: Check process environment via /proc/1/environ - Added proper async handling for container startup 3. Permission handling tests - Issue: BusyBox sleep syntax and timing race conditions - Fix: Use detached containers with proper wait times - Check permissions after entrypoint completes 4. Implementation improvements - Export NODE_DB_PATH in entrypoint for visibility - Preserve env vars when switching to nodejs user - Add debug output option in n8n-mcp wrapper - Handle NODE_DB_PATH case preservation in parse-config.js 5. Test infrastructure - Created test-helpers.ts with proper async utilities - Use health checks instead of arbitrary sleep times - Test actual functionality rather than implementation details These changes ensure tests verify the actual behavior (server running, health endpoint responding) rather than checking internal implementation details that aren't accessible after process replacement. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-07-31 14:08:21 +02:00
czlonkowski	71cd20bf95	fix: address security issues and improve Docker implementation Security Fixes: - Add command injection prevention in n8n-mcp wrapper with whitelist validation - Fix race condition in database initialization with proper lock directory creation - Add flock availability check with fallback behavior - Implement comprehensive input sanitization in parse-config.js Improvements: - Add debug logging support to parse-config.js (DEBUG_CONFIG=true) - Improve test cleanup error handling with proper error tracking - Increase integration test timeouts for CI compatibility - Update test assertions to check environment variables instead of processes All critical security vulnerabilities identified by code review have been addressed. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-07-31 13:04:25 +02:00

Author

SHA1

Message

Date

czlonkowski

9cd5e42cb7

fix: resolve Docker integration test failures in CI

Root cause analysis and fixes:

1. **MCP_MODE environment variable tests**
   - Issue: Tests were checking env vars after exec process replacement
   - Fix: Test actual HTTP server behavior instead of env vars
   - Changed tests to verify health endpoint responds in HTTP mode

2. **NODE_DB_PATH configuration tests**
   - Issue: Tests expected env var output but got initialization logs
   - Fix: Check process environment via /proc/1/environ
   - Added proper async handling for container startup

3. **Permission handling tests**
   - Issue: BusyBox sleep syntax and timing race conditions
   - Fix: Use detached containers with proper wait times
   - Check permissions after entrypoint completes

4. **Implementation improvements**
   - Export NODE_DB_PATH in entrypoint for visibility
   - Preserve env vars when switching to nodejs user
   - Add debug output option in n8n-mcp wrapper
   - Handle NODE_DB_PATH case preservation in parse-config.js

5. **Test infrastructure**
   - Created test-helpers.ts with proper async utilities
   - Use health checks instead of arbitrary sleep times
   - Test actual functionality rather than implementation details

These changes ensure tests verify the actual behavior (server running,
health endpoint responding) rather than checking internal implementation
details that aren't accessible after process replacement.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-07-31 14:08:21 +02:00

czlonkowski

71cd20bf95

fix: address security issues and improve Docker implementation

Security Fixes:
- Add command injection prevention in n8n-mcp wrapper with whitelist validation
- Fix race condition in database initialization with proper lock directory creation
- Add flock availability check with fallback behavior
- Implement comprehensive input sanitization in parse-config.js

Improvements:
- Add debug logging support to parse-config.js (DEBUG_CONFIG=true)
- Improve test cleanup error handling with proper error tracking
- Increase integration test timeouts for CI compatibility
- Update test assertions to check environment variables instead of processes

All critical security vulnerabilities identified by code review have been addressed.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-07-31 13:04:25 +02:00

2 Commits