chore(deps): update dependency n8n to v1.53.2

[uniget-bot]

This PR contains the following updates:

Package	Update	Change
n8n (source)	minor	1.52.2 -> 1.53.2

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

n8n-io/n8n (n8n)

v1.53.2

Compare Source

Bug Fixes

• core: VM2 sandbox should not throw on new Promise (#​10298) (6677033)

v1.53.1

Compare Source

Bug Fixes

• core: Upgrade tournament to address some XSS vulnerabilities (#​10277) (887ed17)
• editor: Enable moving resources only if team projects are available by the license (#​10271) (d9a638a)
• editor: Fix execution retry button (#​10275) (3978b93)
• Loop node no input data shown (#​10224) (2cfa75d)

v1.53.0

Compare Source

Bug Fixes

• Better error message when calling data transformation functions on a null value (#​10210) (1718125)
• core: Fix missing successful items on continueErrorOutput with multiple outputs (#​10218) (1a7713e)
• core: Flush instance stopped event immediately (#​10238) (d6770b5)
• core: Restore log event n8n.workflow.failed (#​10253) (3e96b29)
• core: Upgrade @​n8n/vm2 to address CVE‑2023‑37466 (#​10265) (2a09a03)
• editor: Defer User saved credentials telemetry event for OAuth credentials (#​10215) (40a5226)
• editor: Fix custom API call notice (#​10227) (5b47c8b)
• editor: Fix issue with existing credential not opening in HTTP agent tool (#​10167) (906b4c3)
• editor: Fix parameter input glitch when there was an error loading remote options (#​10209) (c0e3743)
• editor: Fix workflow execution list scrolling after filter change (#​10226) (7e64358)
• Google BigQuery Node: Send timeoutMs in query, pagination support (#​10205) (f5722e8)
• Google Sheets Node: Add column names row if sheet is empty (#​10200) (82eba9f)
• Google Sheets Node: Do not insert row_number as a new column, do not checkForSchemaChanges in update operation (#​10201) (5136d10)
• Google Sheets Node: Fix Google Sheet URL regex (#​10195) (e6fd996)
• HTTP Request Node: Resolve max pages expression (#​10192) (bfc8e1b)
• LinkedIn Node: Fix issue with some characters cutting off posts early (#​10185) (361b5e7)
• Postgres Node: Expressions in query parameters for Postgres executeQuery operation (#​10217) (519fc4d)
• Postgres Node: Option to treat query parameters enclosed in single quotas as text (#​10214) (00ec253)
• Read/Write Files from Disk Node: Notice update in file selector, replace backslashes with forward slashes if windows path (#​10186) (3eac673)
• Text Classifier Node: Use proper documentation URL and respect continueOnFail (#​10216) (452f52c)
• Trello Node: Use body for POST requests (#​10189) (7775d50)
• Wait Node: Authentication fix (#​10236) (f87854f)

Features

• Calendly Trigger Node: Add OAuth Credentials Support (#​10251) (326c983)
• core: Allow filtering workflows by project and transferring workflows in Public API (#​10231) (d719899)
• editor: Show new executions as Queued in the UI, until they actually start (#​10204) (44728d7)
• HTTP Request Node: Add option to disable lowercase headers (#​10154) (5aba69b)
• Information Extractor Node: Add new simplified AI-node for information extraction (#​10149) (3d235b0)
• Introduce Google Cloud Platform as external secrets provider (#​10146) (3ccb9df)
• n8n Form Trigger Node: Improvements (#​10092) (711b667)
• Recovery option for jsonParse helper (#​10182) (d165b33)
• Sentiment Analysis Node: Implement Sentiment Analysis node (#​10184) (8ef0a0c)
• Shopify Node: Update Shopify API version (#​10155) (e2ee915)
• Support create, read, delete variables in Public API (#​10241) (af695eb)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[nicholasdille-bot]

Auto-approved because label type/renovate is present.

[github-actions]

🔍 Vulnerabilities of ghcr.io/uniget-org/tools/n8n:1.53.2

📦 Image Reference ghcr.io/uniget-org/tools/n8n:1.53.2

digest	sha256:7c4016bc3977eec6984e8412a10973d39aa8e2c6a82de59b5c7cd6407f91f71c
vulnerabilities
platform	linux/amd64
size	137 MB
packages	1343

semver 5.3.0 (npm) pkg:npm/semver@5.3.0 Inefficient Regular Expression Complexity Affected range <5.7.2 Fixed version 5.7.2 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Description Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.

pdfjs-dist 2.16.105 (npm) pkg:npm/pdfjs-dist@2.16.105 Affected range <=4.1.392 Fixed version 4.2.67 Description Impact If pdf.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. Patches The patch removes the use of eval: mozilla/pdf.js#18015 Workarounds Set the option isEvalSupported to false. References https://bugzilla.mozilla.org/show_bug.cgi?id=1893645

fast-xml-parser 4.2.5 (npm) pkg:npm/fast-xml-parser@4.2.5 Uncontrolled Resource Consumption Affected range <4.4.1 Fixed version 4.4.1 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Description Summary A ReDOS exists on currency.js was discovered by Gauss Security Labs R&D team. Details https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10 contains a vulnerable regex PoC pass the following string '\t'.repeat(13337) + '.' Impact Denial of service during currency parsing in experimental version 5 of fast-xml-parser-library https://gauss-security.com

identity 3.4.2 (npm) pkg:npm/%40azure/identity@3.4.2 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Affected range <4.2.1 Fixed version 4.2.1 CVSS Score 5.5 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Description Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.

[github-actions]

Attempting automerge. See https://github.com/uniget-org/tools/actions/runs/10306008759.

[github-actions]

PR is clean and can be merged. See https://github.com/uniget-org/tools/actions/runs/10306008759.