mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2025-02-21 02:56:40 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(core): Disable Node.js custom inspection to address CVE-2023-37903 (#7125)

Browse source 
This seems like a better fix than #7122
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™ 2023-09-07 10:25:59 +02:00 committed by GitHub
parent 01f875a94d
commit a223734a4a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
packages/cli/bin/n8n
View file

@ -32,6 +32,10 @@ if (![18, 20].includes(nodeVersionMajor)) {
// Prevent oclif from loading ts-node and typescript // Prevent oclif from loading ts-node and typescript
process.env.OCLIF_TS_NODE = '0'; process.env.OCLIF_TS_NODE = '0';
// Disable nodejs custom inspection across the app
const { inspect } = require('util');
inspect.defaultOptions.customInspect = false;
require('express-async-errors'); require('express-async-errors');
require('source-map-support').install(); require('source-map-support').install();
require('reflect-metadata'); require('reflect-metadata');