mirror of
https://github.com/czlonkowski/n8n-mcp.git
synced 2026-03-20 01:13:07 +00:00
99c5907b71
* feat: add comprehensive telemetry for partial workflow updates Implement telemetry infrastructure to track workflow mutations from partial update operations. This enables data-driven improvements to partial update tooling by capturing: - Workflow state before and after mutations - User intent and operation patterns - Validation results and improvements - Change metrics (nodes/connections modified) - Success/failure rates and error patterns New Components: - Intent classifier: Categorizes mutation patterns - Intent sanitizer: Removes PII from user instructions - Mutation validator: Ensures data quality before tracking - Mutation tracker: Coordinates validation and metric calculation Extended Components: - TelemetryManager: New trackWorkflowMutation() method - EventTracker: Mutation queue management - BatchProcessor: Mutation data flushing to Supabase MCP Tool Enhancements: - n8n_update_partial_workflow: Added optional 'intent' parameter - n8n_update_full_workflow: Added optional 'intent' parameter - Both tools now track mutations asynchronously Database Schema: - New workflow_mutations table with 20+ fields - Comprehensive indexes for efficient querying - Supports deduplication and data analysis This telemetry system is: - Privacy-focused (PII sanitization, anonymized users) - Non-blocking (async tracking, silent failures) - Production-ready (batching, retries, circuit breaker) - Backward compatible (all parameters optional) Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en * fix: correct SQL syntax for expression index in workflow_mutations schema The expression index for significant changes needs double parentheses around the arithmetic expression to be valid PostgreSQL syntax. Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en * fix: enable RLS policies for workflow_mutations table Enable Row-Level Security and add policies: - Allow anonymous (anon) inserts for telemetry data collection - Allow authenticated reads for data analysis and querying These policies are required for the telemetry system to function correctly with Supabase, as the MCP server uses the anon key to insert mutation data. Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en * fix: reduce mutation auto-flush threshold from 5 to 2 Lower the auto-flush threshold for workflow mutations from 5 to 2 to ensure more timely data persistence. Since mutations are less frequent than regular telemetry events, a lower threshold provides: - Faster data persistence (don't wait for 5 mutations) - Better testing experience (easier to verify with fewer operations) - Reduced risk of data loss if process exits before threshold - More responsive telemetry for low-volume mutation scenarios This complements the existing 5-second periodic flush and process exit handlers, ensuring mutations are persisted promptly. Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en * fix: improve mutation telemetry error logging and diagnostics Changes: - Upgrade error logging from debug to warn level for better visibility - Add diagnostic logging to track mutation processing - Log telemetry disabled state explicitly - Add context info (sessionId, intent, operationCount) to error logs - Remove 'await' from telemetry calls to make them truly non-blocking This will help identify why mutations aren't being persisted to the workflow_mutations table despite successful workflow operations. Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en * feat: enhance workflow mutation telemetry for better AI responses Improve workflow mutation tracking to capture comprehensive data that helps provide better responses when users update workflows. This enhancement collects workflow state, user intent, and operation details to enable more context-aware assistance. Key improvements: - Reduce auto-flush threshold from 5 to 2 for more reliable mutation tracking - Add comprehensive workflow and credential sanitization to mutation tracker - Document intent parameter in workflow update tools for better UX - Fix mutation queue handling in telemetry manager (flush now handles 3 queues) - Add extensive unit tests for mutation tracking and validation (35 new tests) Technical changes: - mutation-tracker.ts: Multi-layer sanitization (workflow, node, parameter levels) - batch-processor.ts: Support mutation data flushing to Supabase - telemetry-manager.ts: Auto-flush mutations at threshold 2, track mutations queue - handlers-workflow-diff.ts: Track workflow mutations with sanitized data - Tests: 13 tests for mutation-tracker, 22 tests for mutation-validator The intent parameter messaging emphasizes user benefit ("helps to return better response") rather than technical implementation details. Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * chore: bump version to 2.22.16 with telemetry changelog Updated package.json and package.runtime.json to version 2.22.16. Added comprehensive CHANGELOG entry documenting workflow mutation telemetry enhancements for better AI-powered workflow assistance. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en Co-Authored-By: Claude <noreply@anthropic.com> * fix: resolve TypeScript lint errors in telemetry tests Fixed type issues in mutation-tracker and mutation-validator tests: - Import and use MutationToolName enum instead of string literals - Fix ValidationResult.errors to use proper object structure - Add UpdateNodeOperation type assertion for operation with nodeName All TypeScript errors resolved, lint now passes. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Conceived by Romuald Członkowski - https://www.aiadvisors.pl/en Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Claude <noreply@anthropic.com>
188 lines
5.1 KiB
TypeScript
188 lines
5.1 KiB
TypeScript
/**
|
|
* Intent sanitizer for removing PII from user intent strings
|
|
* Ensures privacy by masking sensitive information
|
|
*/
|
|
|
|
/**
|
|
* Patterns for detecting and removing PII
|
|
*/
|
|
const PII_PATTERNS = {
|
|
// Email addresses
|
|
email: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/gi,
|
|
|
|
// URLs with domains
|
|
url: /https?:\/\/[^\s]+/gi,
|
|
|
|
// IP addresses
|
|
ip: /\b(?:\d{1,3}\.){3}\d{1,3}\b/g,
|
|
|
|
// Phone numbers (various formats)
|
|
phone: /\b(?:\+?\d{1,3}[-.\s]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}\b/g,
|
|
|
|
// Credit card-like numbers (groups of 4 digits)
|
|
creditCard: /\b\d{4}[-\s]?\d{4}[-\s]?\d{4}[-\s]?\d{4}\b/g,
|
|
|
|
// API keys and tokens (long alphanumeric strings)
|
|
apiKey: /\b[A-Za-z0-9_-]{32,}\b/g,
|
|
|
|
// UUIDs
|
|
uuid: /\b[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\b/gi,
|
|
|
|
// File paths (Unix and Windows)
|
|
filePath: /(?:\/[\w.-]+)+\/?|(?:[A-Z]:\\(?:[\w.-]+\\)*[\w.-]+)/g,
|
|
|
|
// Potential passwords or secrets (common patterns)
|
|
secret: /\b(?:password|passwd|pwd|secret|token|key)[:=\s]+[^\s]+/gi,
|
|
};
|
|
|
|
/**
|
|
* Company/organization name patterns to anonymize
|
|
* These are common patterns that might appear in workflow intents
|
|
*/
|
|
const COMPANY_PATTERNS = {
|
|
// Company suffixes
|
|
companySuffix: /\b\w+(?:\s+(?:Inc|LLC|Corp|Corporation|Ltd|Limited|GmbH|AG)\.?)\b/gi,
|
|
|
|
// Common business terms that might indicate company names
|
|
businessContext: /\b(?:company|organization|client|customer)\s+(?:named?|called)\s+\w+/gi,
|
|
};
|
|
|
|
/**
|
|
* Sanitizes user intent by removing PII and sensitive information
|
|
*/
|
|
export class IntentSanitizer {
|
|
/**
|
|
* Sanitize user intent string
|
|
*/
|
|
sanitize(intent: string): string {
|
|
if (!intent) {
|
|
return intent;
|
|
}
|
|
|
|
let sanitized = intent;
|
|
|
|
// Remove email addresses
|
|
sanitized = sanitized.replace(PII_PATTERNS.email, '[EMAIL]');
|
|
|
|
// Remove URLs
|
|
sanitized = sanitized.replace(PII_PATTERNS.url, '[URL]');
|
|
|
|
// Remove IP addresses
|
|
sanitized = sanitized.replace(PII_PATTERNS.ip, '[IP_ADDRESS]');
|
|
|
|
// Remove phone numbers
|
|
sanitized = sanitized.replace(PII_PATTERNS.phone, '[PHONE]');
|
|
|
|
// Remove credit card numbers
|
|
sanitized = sanitized.replace(PII_PATTERNS.creditCard, '[CARD_NUMBER]');
|
|
|
|
// Remove API keys and long tokens
|
|
sanitized = sanitized.replace(PII_PATTERNS.apiKey, '[API_KEY]');
|
|
|
|
// Remove UUIDs
|
|
sanitized = sanitized.replace(PII_PATTERNS.uuid, '[UUID]');
|
|
|
|
// Remove file paths
|
|
sanitized = sanitized.replace(PII_PATTERNS.filePath, '[FILE_PATH]');
|
|
|
|
// Remove secrets/passwords
|
|
sanitized = sanitized.replace(PII_PATTERNS.secret, '[SECRET]');
|
|
|
|
// Anonymize company names
|
|
sanitized = sanitized.replace(COMPANY_PATTERNS.companySuffix, '[COMPANY]');
|
|
sanitized = sanitized.replace(COMPANY_PATTERNS.businessContext, '[COMPANY_CONTEXT]');
|
|
|
|
// Clean up multiple spaces
|
|
sanitized = sanitized.replace(/\s{2,}/g, ' ').trim();
|
|
|
|
return sanitized;
|
|
}
|
|
|
|
/**
|
|
* Check if intent contains potential PII
|
|
*/
|
|
containsPII(intent: string): boolean {
|
|
if (!intent) {
|
|
return false;
|
|
}
|
|
|
|
return Object.values(PII_PATTERNS).some((pattern) => pattern.test(intent));
|
|
}
|
|
|
|
/**
|
|
* Get list of PII types detected in the intent
|
|
*/
|
|
detectPIITypes(intent: string): string[] {
|
|
if (!intent) {
|
|
return [];
|
|
}
|
|
|
|
const detected: string[] = [];
|
|
|
|
if (PII_PATTERNS.email.test(intent)) detected.push('email');
|
|
if (PII_PATTERNS.url.test(intent)) detected.push('url');
|
|
if (PII_PATTERNS.ip.test(intent)) detected.push('ip_address');
|
|
if (PII_PATTERNS.phone.test(intent)) detected.push('phone');
|
|
if (PII_PATTERNS.creditCard.test(intent)) detected.push('credit_card');
|
|
if (PII_PATTERNS.apiKey.test(intent)) detected.push('api_key');
|
|
if (PII_PATTERNS.uuid.test(intent)) detected.push('uuid');
|
|
if (PII_PATTERNS.filePath.test(intent)) detected.push('file_path');
|
|
if (PII_PATTERNS.secret.test(intent)) detected.push('secret');
|
|
|
|
// Reset lastIndex for global regexes
|
|
Object.values(PII_PATTERNS).forEach((pattern) => {
|
|
pattern.lastIndex = 0;
|
|
});
|
|
|
|
return detected;
|
|
}
|
|
|
|
/**
|
|
* Truncate intent to maximum length while preserving meaning
|
|
*/
|
|
truncate(intent: string, maxLength: number = 1000): string {
|
|
if (!intent || intent.length <= maxLength) {
|
|
return intent;
|
|
}
|
|
|
|
// Try to truncate at sentence boundary
|
|
const truncated = intent.substring(0, maxLength);
|
|
const lastSentence = truncated.lastIndexOf('.');
|
|
const lastSpace = truncated.lastIndexOf(' ');
|
|
|
|
if (lastSentence > maxLength * 0.8) {
|
|
return truncated.substring(0, lastSentence + 1);
|
|
} else if (lastSpace > maxLength * 0.9) {
|
|
return truncated.substring(0, lastSpace) + '...';
|
|
}
|
|
|
|
return truncated + '...';
|
|
}
|
|
|
|
/**
|
|
* Validate intent is safe for telemetry
|
|
*/
|
|
isSafeForTelemetry(intent: string): boolean {
|
|
if (!intent) {
|
|
return true;
|
|
}
|
|
|
|
// Check length
|
|
if (intent.length > 5000) {
|
|
return false;
|
|
}
|
|
|
|
// Check for null bytes or control characters
|
|
if (/[\x00-\x08\x0B\x0C\x0E-\x1F]/.test(intent)) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Singleton instance for easy access
|
|
*/
|
|
export const intentSanitizer = new IntentSanitizer();
|