Pull Request Explorer

Summary

Add last-used timestamp to API keys

This PR adds a last-used timestamp to API keys, enabling tracking of key activity and improving security monitoring. The change updates the database schema, auth strategy, and UI to display usage dates.

Health Assessment

• • Q
• • u
• • i
• • c
• • k
• •
• • r
• • e
• • v
• • i
• • e
• • w
• •
• • b
• • u
• • t
• •
• • l
• • o
• • n
• • g
• •
• • c
• • y
• • c
• • l
• • e
• •
• • t
• • i
• • m
• • e
• •
• • d
• • u
• • e
• •
• • t
• • o
• •
• • m
• • e
• • r
• • g
• • e
• •
• • d
• • e
• • l
• • a
• • y
• • s
• • ;
• •
• • o
• • v
• • e
• • r
• • a
• • l
• • l
• •
• • l
• • o
• • w
• •
• • f
• • r
• • i
• • c
• • t
• • i
• • o
• • n
• •
• • a
• • n
• • d
• •
• • m
• • o
• • d
• • e
• • r
• • a
• • t
• • e
• •
• • s
• • c
• • o
• • p
• • e
• • .

Summary

Coerce non-string node names to string

Ensures workflow node names are always strings, preventing errors in node indexing.

Health Assessment

• • Quick AI-assisted review, minimal changes, fast merge.

Summary

Add node execution settings to MCP update_workflow

Enables AI models to modify node execution behavior, improving workflow flexibility and error handling for end users.

Health Assessment

• • Long review and merge cycle due to complex changes, but minimal back‑and‑forth discussion.

Summary

Allow scoped jest runs to pass with no tests

Ensures CI passes for changes without related Jest tests, preventing false failures and improving developer experience. This reduces unnecessary CI failures for unit-covered changes.

Health Assessment

• • Fast turnaround with minimal changes and quick review, indicating low complexity.

Summary

ci: Wire workflow/core through janitor and fix global-trigger scope gap

Wires packages/workflow and packages/core through janitor test-scoped and fixes the global-trigger gap that meant those triggers were silently ignored at the scope layer.

Health Assessment

• • The PR was merged quickly with a cycle time of 12.5 hours and a time to first review of 12.3 hours, indicating a smooth review process.

Summary

Normalize Sentry stack frame paths for stable links

Improves Sentry error mapping by normalizing stack frame paths, enabling accurate GitHub links and better issue tracking for backend errors.

Health Assessment

• • Merged within 24 minutes with a single review, indicating a straightforward bug fix with minimal risk.

Summary

Add restrictToSupportedNodes flag for credentials

Introduces an opt‑in flag that limits credential usage to specified nodes, preventing accidental misuse and improving security and user experience.

Health Assessment

• • PR added a new opt‑in flag to restrict credential usage across UI, API, and runtime. The review was quick, but many commits followed, indicating iterative refinement. The large code changes suggest moderate risk but no breaking changes.

Summary

Encode contact lookup query parameters

Ensures contact lookup queries are correctly encoded, preventing errors with special characters and improving reliability of data retrieval.

Health Assessment

• • Quick fix with minimal rework; AI review helped catch issues early.

Summary

Add offending node JSON to workflow errors

Enhances error reporting for workflow validation, enabling AI to better diagnose issues and improve workflow creation reliability.

Health Assessment

• • The PR was reviewed and approved in a single round with minimal comments, indicating a smooth review process, but the large line count reflects a substantial code change that may warrant careful testing.

Summary

Scope CLI integration tests via janitor

Reduces CI runtime by running only relevant integration tests for CLI changes, improving build efficiency.

Health Assessment

• • Fast cycle time and single review round indicate smooth process; minimal rework and clear CI improvement.

Summary

Clean up credential data on static/private mode toggle

Ensures credential data integrity when toggling OAuth modes, preventing stale tokens and disconnecting users, improving security and user experience.

Health Assessment

• • Fast cycle time and minimal review comments indicate smooth integration; moderate scope but no major blockers.

Summary

Use slugs instead of IDs for MCP registry servers

Ensures consistent server identification across environments, reducing race conditions and improving reliability of the MCP registry. This change prevents duplicate entries and ensures accurate server tracking during deployments and tests.

Health Assessment

• • The PR was merged quickly with minimal rework, indicating a straightforward bug fix with clear tests.

Summary

Drop legacy bridge function-dispatch channel

This refactor removes a legacy generic dispatch channel, tightening the security model and reducing runtime overhead, ensuring that only typed RPCs are exposed to the host environment.

Health Assessment

Summary

Refactor: Share scrubSecretsInText via @n8n/utils

Centralizes secret scrubbing logic to ensure consistent handling across backend and frontend, improving maintainability and reducing duplication.

Health Assessment

• • Quick turnaround with minimal review, indicating a straightforward refactor that improves code consistency.

Summary

Set Content-Type for Meta-family trigger node responses

Ensures webhook verification responses use correct Content-Type, improving security and preventing XSS.

Health Assessment

• • Fast cycle time with minimal rework; AI review helped catch issues quickly.

Summary

Enhance source control endpoint access control

Improves security by restricting source control endpoints based on user permissions, reducing exposure of sensitive data.

Health Assessment

• • Fast cycle time and single review indicate a smooth process with minimal rework.

Summary

Add MCP catalog search for agents

Introduces a new builder tool that searches MCP servers and updates prompting to use MCP servers as the primary integration method, simplifying agent configuration and improving connectivity.

Health Assessment

• • The PR was reviewed quickly and merged within a day, showing efficient collaboration, but the large number of lines added and removed indicates a substantial change that required multiple commits before final approval.

Summary

Validate MongoDB update key scalar type

Ensures that MongoDB node update keys are primitive values, preventing runtime errors and improving data integrity for users’ workflows.

Health Assessment

• • The PR was reviewed and merged within 2.2 hours with minimal back‑and‑forth, indicating a straightforward, low‑risk bug fix.

Summary

Fix reserved token handling in execution engine

Ensures reserved tokens are preserved during execution, improving data integrity and preventing errors in node operations.

Health Assessment

• • F
• • a
• • s
• • t
• •
• • c
• • y
• • c
• • l
• • e
• •
• • t
• • i
• • m
• • e
• •
• • o
• • f
• •
• • 3
• •
• • h
• • o
• • u
• • r
• • s
• •
• • w
• • i
• • t
• • h
• •
• • a
• •
• • s
• • i
• • n
• • g
• • l
• • e
• •
• • r
• • e
• • v
• • i
• • e
• • w
• •
• • a
• • n
• • d
• •
• • m
• • i
• • n
• • i
• • m
• • a
• • l
• •
• • r
• • e
• • w
• • o
• • r
• • k
• •
• • i
• • n
• • d
• • i
• • c
• • a
• • t
• • e
• • s
• •
• • a
• •
• • s
• • t
• • r
• • a
• • i
• • g
• • h
• • t
• • f
• • o
• • r
• • w
• • a
• • r
• • d
• •
• • b
• • u
• • g
• •
• • f
• • i
• • x
• •
• • w
• • i
• • t
• • h
• •
• • l
• • o
• • w
• •
• • r
• • i
• • s
• • k
• • .

Summary

Use stored webhook secret for request verification

Enhances Stripe webhook security by using stored secrets for verification, with fallback to existing credentials, reducing unauthorized request risk.

Health Assessment

• • Quick review and merge with minimal rework, indicating a stable, low‑risk change.

Summary

Add execution source telemetry

Adds minimal execution-source metadata to workflow execution telemetry, enabling analytics to distinguish Instance AI-initiated executions from user-initiated ones.

Health Assessment

• • PR merged quickly with minimal review, indicating a straightforward implementation and thorough testing.

Summary

Auto-approve non-conflicting backport PRs

Automatically approves backport pull requests that have no merge conflicts, streamlining release workflow and reducing manual review overhead.

Health Assessment

• • Fast cycle, minimal review, automated approval reduces manual effort.

Summary

Add execution source telemetry

Adds telemetry metadata to differentiate Instance AI executions from user-initiated ones, improving analytics accuracy and operational insights.

Health Assessment

• • The PR received a quick review but required multiple commits to refine the telemetry implementation, indicating moderate complexity. The overall cycle time exceeded three days, suggesting integration or testing delays.

Summary

Sanitize inputs before passing to bash

Ensures CI workflow inputs are sanitized before executing bash commands, reducing risk of injection attacks.

Health Assessment

• • Quick review and merge with minimal changes, indicating straightforward update.

Summary

Sanitize bash inputs in CI action

Adds input sanitization to the GitHub Action that loads the n8n Docker image, reducing risk of unsafe shell execution.

Health Assessment

• • Fast cycle time, single review, minimal changes, low risk.

Summary

Apply instance redaction floor per-select in workflow settings

Adds granular per-select redaction floor lock to workflow settings, enabling admins to control data redaction based on instance floor and improving compliance and user experience.

Health Assessment

• • PR received a single review with no requested changes and merged within 43 hours, indicating a straightforward implementation with minimal friction.

Summary

Revert input validation for workflow and data table names

Restores ability to use '<' and '>' characters in workflow and data table names, preventing workflow save failures and maintaining backward compatibility.

Health Assessment

• • Quick backport with minimal changes, fast review, no rework, low risk.

Summary

Revert input validation for workflow and data table names

Restores ability to save workflows with < or > characters in the name, fixing a regression that blocked workflow creation.

Health Assessment

• • Fast turnaround with minimal rework; quick review and merge indicate low complexity.

Summary

Add guidance on dynamic object key handling

Adds documentation and automated review guidance for handling dynamic object key writes in nodes.

Health Assessment

• • Quick review and merge process, indicating a straightforward and well-structured PR.

Summary

Switch checkout to useblacksmith/checkout to reduce flakes

This change updates GitHub Actions workflows to use a more reliable checkout action, reducing flaky builds and improving CI stability.

Health Assessment

• • Fast review and merge with minimal changes to CI workflows, indicating low risk and high confidence.

Summary

Revert input validation for workflow names

Restores ability to save workflows with < or > in names by undoing recent validation change.

Health Assessment

• • Quick revert with minimal changes, fast review, low risk.

Summary

Support binary data in eval mock layer

Enables the AI-driven evaluation framework to handle binary payloads, improving test coverage for file upload/download workflows and ensuring realistic end‑to‑end scenarios.

Health Assessment

• • Long cycle time and multiple merge conflicts indicate significant rework; extensive binary handling added to core evaluation engine.

Summary

Drop redundant isolated-vm rebuild from runners image

Reduces build time and image size for JavaScript runner images, improving CI efficiency and resource usage.

Health Assessment

• • Quick, single-file change with minimal review, indicating low complexity and high confidence in the modification.

Summary

Reduce eval secret exposure in CI workflow

Tightens secret handling and branch validation in the test-evals AI workflow, preventing accidental exposure of Anthropic and LangSmith credentials and ensuring only allowed branches trigger the job. This improves security posture by limiting secret visibility to the evaluation step and guarding against arbitrary branch inputs.

Health Assessment

• • Fast review and merge with minimal changes indicates low risk and efficient process.

Summary

Resolve all external licenses in release SBOM

Ensures all external dependencies have license metadata, improving compliance and reducing risk.

Health Assessment

• • PR fixed a critical compliance gap with minimal rework, quick review turnaround, and moderate code changes.

Summary

Render setup step dropdown above chat input

Fixes UI layering issue in the Instance AI surface, ensuring the setup step dropdown appears above the chat input and removes unnecessary stacking context.

Health Assessment

• • Quick fix with minimal changes, AI review bot confirmed no issues, fast cycle time.

Summary

Sort MCP search_workflows by most recently edited

Fixes ordering of MCP search_workflows to return most recently edited workflows first, improving agent accuracy and user experience.

Health Assessment

• • Fast review and minimal changes indicate a straightforward bug fix with quick approval.

Summary

Restore AI Assistant HITL state across restart

Adds persistence for HITL confirmations so that the AI Assistant can resume after restarts, improving reliability and user experience.

Health Assessment

• • Extensive refactoring and persistence logic led to a slow review cycle and high scope, but the change adds critical resilience for the AI Assistant.

Summary

Scope cli unit tests via janitor

Adds CI pipeline changes to scope cli unit tests via janitor, improving test efficiency and reducing unnecessary test runs.

Health Assessment

• • The PR was reviewed and merged within 14 hours, indicating a smooth process.
• • The change is small and focused on CI configuration, posing minimal risk.

Summary

Refactor credential setup to Computer Use skill

Simplifies credential configuration by consolidating browser tooling into a single runtime skill, improving user experience and reducing maintenance overhead.

Health Assessment

• • The PR was reviewed and merged quickly, but the large code churn and multiple commits after the initial review suggest a significant refactor that may introduce subtle bugs.

Summary

Add audit event for redaction enforcement policy changes

Enables audit logging of redaction enforcement floor changes, allowing admins to track policy updates and ensuring compliance.

Health Assessment

• • Fast review with a single comment, but the PR required multiple commits and extensive testing, leading to a longer cycle time.

Summary

Add telemetry for workflow publish timeline

Adds telemetry events to track user engagement with the Publish Timeline tab, enabling better insight into feature usage.

Health Assessment

• • Quick review and merge with minimal changes indicates low complexity and high confidence in telemetry implementation.

Summary

Add private credential badge and validation in NDV

Enables users to see when a node uses a private credential and prompts them to connect, improving workflow reliability and user experience.

Health Assessment

• • Quick review and merge within 43 hours, minimal back‑and‑forth, indicating a well‑tested and straightforward feature addition.

Summary

Strengthen workflow-checksum assertions

Adds targeted assertions to improve mutation coverage of workflow checksum logic, raising mutation score from 38.64% to 72.73%.

Health Assessment

• • Long review cycle (152h) with minimal changes; low risk as only tests added.

Summary

Use slugs instead of IDs for MCP registry servers

Ensures consistent server identification across environments, eliminating race conditions and improving reliability of the MCP registry.

Health Assessment

• • Fast cycle time with a single review round and minimal rework indicates a straightforward bug fix with low risk.

Summary

Drop redundant Electron postinstall and CI flag

Simplifies CI pipeline by removing unnecessary Electron binary download steps, reducing build time and resource usage.

Health Assessment

• • Fast review and merge with minimal changes; no tests or documentation updates required.

Summary

Surface n8n startup logs and readiness payload

This change captures startup logs and readiness payloads for n8n containers, ensuring failures are logged as artifacts. It improves observability and reduces triage time for startup issues.

Health Assessment

• • The PR had a long cycle time and multiple review rounds, indicating significant rework and potential complexity. The large scope and slow review process suggest higher risk for integration.

Summary

Preserve code-builder thread suffix when parsing session

Fixes AI session lookup errors by correctly handling thread suffix, improving reliability of AI Builder and code-builder features.

Health Assessment

• • Quick fix with minimal changes, resolved in under 4 hours, indicating efficient review and low complexity.

Summary

Decouple agent library bundle from build:data

Rewrites build scripts to remove implicit dependency on the agents package, ensuring the docs sync workflow runs without errors and improving build reliability.

Health Assessment

• • Quick, single‑commit change with one approval; minimal code churn and no runtime impact.

Summary

Update ldapts to fix long DN rename

Fixes LDAP rename consistency issue in deep OU paths by upgrading ldapts to 8.1.7, ensuring reliable data integrity for Active Directory workflows. This prevents silent failures where rename reports success but does not apply.

Health Assessment

• • PR had a quick AI‑assisted review and minimal code changes, but the long cycle time was due to multiple merges from master. The update resolves a critical data consistency bug in LDAP operations.