chore(deps): update n8n to v2.27.3

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Update	Change
n8nio/n8n (source)	minor	2.15.1 → 2.27.3

---

Release Notes

n8n-io/n8n (n8nio/n8n)

v2.27.0

Bug Fixes

• API: Make conditional credential fields optional instead of forbidden (#​32010) (0ab043c)
• Bump task-runner-launcher to 1.4.7 to clear stdlib CVEs (#​32095) (4d974e3)
• Computer use disconnect status on client stop (#​32059) (5c61d0e)
• core: Add RFC 8707 resource parameter to client-side OAuth flow (#​30924) (04b4a79)
• core: Allow publishing workflows that use private credentials (#​32306) (27d8426)
• core: Enforce API key scope/endpoint parity in public API (#​32231) (58999f0)
• core: Ensure workflows that fail to activate are removed from active, preventing unintended executions (#​31767) (79d1695)
• core: Fix workers processing queued jobs before module initialization completes (#​32145) (506461f)
• core: Hide resource URL for synthetic OAuth2 credentials for MCP registry tools (#​32351) (51fe9ff)
• core: Include indexes and TOAST in Postgres data table size (#​31606) (c9f4aa8)
• core: Preserve trailing letter-less text in toSentenceCase() exp… (#​32242) (7a77898)
• core: Prevent nodes from throwing context.getNodeParameter is not a function when n8n is installed via npm (#​32123) (a254a89)
• core: Prevent pollers from starting executions for old workflow versions when registered while in-flight (#​32006) (21c786c)
• core: Prevent post-execution writes against closed pool on worker shutdown (#​31915) (3059088)
• core: Prevent queue recovery from marking waiting executions as crashed (#​32316) (c4c0e91)
• core: Propagate sub-workflow errors to parent after wait resume (#​31927) (6afba57)
• core: Remove user:enforceMfa from public API key scopes (#​32223) (3c39a0e)
• core: Retry role mapping create order conflicts (#​30687) (448c114)
• core: Surface a final response when a builder follow-up completes silently (#​31986) (29abe78)
• core: Throw a clear error for $evaluateExpression in the Code node under secure mode (#​31721) (fbad049)
• core: Upgrade nodemailer to 8.0.10 (DEVP-401) (#​31998) (c339095)
• core: Use npm's bundled node-gyp for isolated-vm Docker rebuild (#​32158) (67cdf44)
• Correct Form URL Encoded label in HTTP Request node (#​31852) (ff7f35e)
• editor: Agent builder progress log lines visual glitches (#​32077) (f9496c2)
• editor: Auto-reload editor on stale Vite chunk preload error (#​31747) (2f3ebb6)
• editor: Close credential modal after successful setup (#​31925) (7b2c722)
• editor: Harden credential modal against async hangs (#​31292) (037bdb2)
• editor: Hide template setup button once setup is complete (#​31912) (af9caff)
• editor: Insert instance ai prompt suggestions instead of submit (#​32008) (3386aa8)
• editor: Make workflow settings and actions menu work in the AI artifact view (#​32082) (5a28683)
• editor: Mute Never expiration in API keys table (#​32224) (115d9c7)
• editor: Open sticky note color picker from context menu (#​31917) (0685db8)
• editor: Preserve loaded options value when navigating between nodes (#​31946) (f6e5705)
• editor: Refresh Instance AI workflow preview on update and restore-version (#​31904) (f2c764a)
• editor: Remove 'Building your agent' loading state and go straight to full-page builder (#​32120) (d553602)
• editor: Restore cross-origin notification after OAuth popup completes (#​32087) (090fa9e)
• editor: Scope publish history scrollbar to timeline sidebar (#​31661) (497226e)
• editor: Send only credential id when authorizing OAuth credentials (#​31926) (4f10853)
• editor: Show AI assistant error when stream ends with unparseable content (#​32068) (a7b910f)
• editor: Show an error when imported JSON is not a valid workflow (#​31782) (0731871)
• editor: Show correct project in workflow breadcrumb for projectId links (#​32103) (fd23d4d)
• editor: Show run data of stopped executions in scaling mode (#​32142) (889769a)
• editor: Skip external-secrets fetch on Community Edition (#​31906) (f6518a5)
• editor: Stop showing deleted resources in dependency pill (#​32106) (4e10568)
• editor: Truncate long API key labels in settings table (#​32232) (607634a)
• editor: Use workflow-scoped credential fetch in node credential picker (#​31938) (8cd67d3)
• Fix 4 security issues in @​grpc/grpc-js, hono (#​32281) (e292779)
• Fix security issue in shell-quote via minor version upgrade from 1.8.3 to 1.8.4 (SEC-809) (#​32107) (131e4ea)
• Http Request Node: Preserve multipart filenames for binary uploads (#​29022) (f412820)
• Kafka Node: Distinguish the Schema Registry credential from the Kafka credential (#​32335) (41ee940)
• Move unstable PURL-pinned overrides to version-agnostic byName (#​31985) (e77dd74)
• Oracle Database Node: Support OUT bind parameters (#​30083) (d3406dd)
• Require justified mutants in mutation-health gate (#​32340) (b3a34fc)
• Set task status to 'cancelled' in BackgroundTaskManager.cancelAll() (#​31764) (5733fb7)
• Store messages even if stream is undrained (#​32119) (f2da1d1)

Features

• Calendly Trigger Node: Deprecate API key auth and default to OAuth2 (#​28367) (3f88c6e)
• Computer use supports reading local pdf and image files (#​30704) (b810bfd)
• core: Add cred-filename-against-convention community node lint rule (#​32356) (e436e1a)
• core: Add explore_node_resources MCP tool (#​31018) (9373433)
• core: Add Instance AI builder planning guardrails (#​31984) (63cdd9f)
• core: Add instance settings env telemetry (#​31949) (3753c34)
• core: Add OpenTelemetry test trace endpoint and settings button (#​32333) (4fde44b)
• core: Add output redactor guardrail for instance AI use (#​31929) (06df815)
• core: Add S3 storage mode for execution data (#​32226) (2a6acf3)
• core: Add tags support to MCP server (#​31446) (1640a69)
• core: Add telemetry for import/export on server CLI (#​32297) (2ac0660)
• core: Add valid-author community node lint rule (#​32357) (029cf72)
• core: Add validation and size limits to package archive reading (#​31812) (e0cb99e)
• core: Add workflowPublishingPolicy to package import (#​31961) (140a319)
• core: Configure OpenTelemetry settings via UI (#​31781) (e2dd95d)
• core: Email public API key owners when their key is revoked by an admin (#​32086) (ac19787)
• core: Expose DNS cache metrics via PrometheusMetricsService (#​32013) (5ab381c)
• core: Expose SSRF protection check outcomes as Prometheus metrics (#​32004) (58c4cd1)
• core: Introduce credentialBindings for package import (#​32228) (f161bf0)
• core: Make data redaction enforcement generally available (#​31966) (2afc32a)
• core: Remove n8n packages license check (#​32317) (93e2f86)
• core: Workflow import workflowIdPolicy (#​32075) (24c264c)
• editor: Add docs links for data redaction (#​32220) (bc90a4b)
• editor: Allow creating variables and data tables from the universal add menu (#​32079) (3cff611)
• editor: Open API key modal in read-only mode for non-owners (#​32254) (9496996)
• editor: Redesign API key created modal (#​32256) (e6bc501)
• editor: Reposition nodes on group collapse/expand (#​32128) (053126f)
• editor: Rewrite icon picker with search, full Lucide set, emoji sections, and color/skin tone pickers (#​25649) (12ba0d0)
• editor: Use an action menu for API key row actions (#​32339) (f80fca2)
• Force Microsoft account selection on OAuth for all Microsoft credentials (#​32015) (939307a)
• GitHub Node: Introduce get members operation on organization resource (#​23822) (05d44e4)
• JWT Node: Support custom header claims for the Sign operation (#​31918) (160cb09)
• Kafka Node: Add Schema Registry credential type (#​32026) (93d9387)
• LmChatAnthropic Node: Add streaming option (#​30991) (cf223af)
• MCP Server Trigger Node: Add n8n OAuth2 authentication option (#​32326) (e7b1c1c)
• Microsoft OneDrive Node: Support the generic Microsoft OAuth2 credential (#​32295) (30b5451)
• Pipedrive Trigger Node: Allow lead entities to be triggered upon (#​23977) (da8b7c7)
• Reduces delay in displaying AI Assistant workflow preview examples (#​32194) (2e9946c)
• Show the workflow name on the OAuth consent screen (#​32362) (7a5c208)

Performance Improvements

• core: Add partial index on execution_entity to fix executions list CPU spike (#​32116) (3b53949)
• core: Optimize workflow lookups (#​24690) (c3b35c1)
• core: Ungate minimize execution data fetching (#​30969) (4b4a76a)

v2.26.8

Bug Fixes

• Form Trigger Node: Add default value for authentication parameter to prevent crash on old workflows (#​32629) (174da99)

---

v2.26.7

Bug Fixes

• Compression Node: Decompress only the archive members (#​32517) (b17a293)

---

v2.26.6

Bug Fixes

• core: Suspend query acquisition during database connection recovery (#​32467) (b0458a4)

---

v2.26.5

Features

• core: Add telemetry for import/export on server CLI (#​32321) (2d93907)

---

v2.26.4

Bug Fixes

• core: Prevent nodes from throwing context.getNodeParameter is not a function when n8n is installed via npm (#​32186) (31b9f90)

Features

• Reduces delay in displaying AI Assistant workflow preview examples (#​32212) (e6ec246)

---

v2.26.3

Bug Fixes

• editor: Insert instance ai prompt suggestions instead of submit (#​32126) (b4242c8)

v2.26.2

Bug Fixes

• Move unstable PURL-pinned overrides to version-agnostic byName (#​32038) (2f89ba4)

Features

• core: Add instance settings env telemetry (#​32000) (f250bc4)

v2.26.1

No changelog generated. Likely points to fixes in our CI.

v2.26.0

Bug Fixes

• API: Enforce the redaction floor when creating workflows (#​31898) (03eecb1)
• AWS Rekognition Node: Handle all binary data modes correctly (#​31065) (e264e06)
• Bump hono and postcss to patch CVEs from Trivy nightly scan (#​31790) (0c26304)
• core: Allow exporting workflows with AI Gateway-managed credentials (#​31136) (8376a4f)
• core: Bump qs, tmp, uuid, @​tootallnate/once (#​31674) (868e988)
• core: Dedupe getConnectedNodes results and add fast-check property tests (#​31793) (be85b10)
• core: Delete orphaned per-user entries on unshare and membership changes (#​31741) (8832194)
• core: Disable iAI e2e tests temporarily (#​31779) (91ae2a2)
• core: External agent channels correctly utilise the user ID for episodic memory (#​31584) (2a9a23f)
• core: Fix dropdown menu safety triangle (#​31583) (ff1a7ae)
• core: Fix hardcoded aud claim in MCP OAuth tokens (#​30558) (6bcd02a)
• core: Ground AI workflow completion in saved graph (#​31742) (491360f)
• core: Improve validator error messages for name and label fields (#​31391) (24f27ed)
• core: Include node and field details in WorkflowHasIssuesError message (#​30944) (68b2053)
• core: Invalidate cached redaction floor across mains on change (#​31831) (ad59171)
• core: Keep Instance AI builder sandboxes thread-scoped and non-ephemeral (#​31745) (2993afb)
• core: Lock execution row during data-only condition re-check (#​31547) (f83efe5)
• core: Make AI assistant conversation pruning happen regularly (#​31707) (13a1a99)
• core: Make Sentry event loop block detection configurable (#​31823) (ddac0e0)
• core: Move instance AI builds to a skill (#​31412) (332d2df)
• core: Normalize LangChain parser errors (#​31499) (872171c)
• core: Polyfill DOMMatrix when parsing PDFs in Data Loader (#​31669) (5e0e266)
• core: Prefer MCP registry nodes when wiring AI Agent tools (#​30774) (f4e998f)
• core: Preserve verification failure in budget-exhausted blocked responses (#​31907) (f7076a3)
• core: Prevent evaluation executions from stalling in status new (#​31619) (ea800f7)
• core: Prevent isUniqueConstraintError false positives (#​31284) (a3e37fc)
• core: Reclassify expected backend errors out of the Sentry error stream (#​31423) (ecce350)
• core: Report only error class and stack for unhandled node errors (#​31628) (364c250)
• core: Resolve custom node icon paths (#​30946) (7ab8254)
• core: Restore OIDC login for IdPs returning expires_in: 0 (#​31265) (41b2bda)
• core: Resume Instance AI sandboxes that were stopped or deleted while idle (#​31761) (06cf1d9)
• core: Show actionable message when OAuth2 token refresh fails (#​30460) (5e9a8a0)
• core: Stop parent workflows getting stuck waiting on sub-workflow completion (#​31736) (61af45a)
• core: Store OAuth CSRF and PKCE state per-flow in the cache (#​31254) (7d729ff)
• core: Strip legacy unsupported config before agent JSON validation (#​31577) (255b7a1)
• core: Sub-workflows to respect own timeout settings and global timeout config (#​31536) (0b2a632)
• core: Teach the builder the SDK language subset and stop repeated invalid repairs (#​31911) (4271d42)
• core: Temporarily disable error card from iAi chat (#​31740) (d58b7ea)
• core: The n8n import:workflow --activeState=fromJson cli can fail for subworkflow dependencies (#​31377) (e785e4e)
• Declare @​smithy/node-http-handler and @​aws-sdk (#​31562) (485c153)
• Discord Node: Preserve object author in embed JSON for icon_url support (#​30046) (cb38338)
• editor: Add evaluation trigger from setup (#​31102) (5504361)
• editor: Allow editing IdP mapping rules when SSO is configured v… (#​31809) (b9af480)
• editor: Attribute experiment telemetry in PostHog (#​31137) (4ea8068)
• editor: Constrain debug overwrite pinned data confirmation modal (#​31665) (6e67ffd)
• editor: Copy only selected markdown editor text (#​31851) (5036147)
• editor: Load all SSO role mapping rules instead of first page (#​31523) (330d441)
• editor: Make project delete dialog backdrop cover the sidebar (#​31735) (c02665a)
• editor: Move the AI Assistant status line into the conversation flow (#​31811) (4c0628a)
• editor: Persist switching workflow credential resolver back to system resolver (#​31703) (f723f54)
• editor: Polish Instance AI panel interactions (#​31903) (054c85d)
• editor: Polish private credential pills, callout, and banners (#​31604) (7e83c7b)
• editor: Preserve non-string JSON values when importing cURL commands (#​31791) (ed09c08)
• editor: Preserve workflow redaction policy under instance floor (#​31932) (72ab6d7)
• editor: Reference manage data redaction permission in enforcement dialogs (#​31893) (c05a623)
• editor: Reset connection state when switching credential to private (#​31713) (b2942b4)
• editor: Show data redaction upgrade prompt on unlicensed instances (#​31816) (b755ee4)
• editor: Show error feedback when copying non-duplicatable triggers (#​31104) (151fd83)
• editor: Show switch-to-static warning after connecting a private credential (#​31712) (f1d87fd)
• Format single-line PEM keys when newlines are stripped on paste (#​31129) (ec44980)
• Google Sheets Trigger Node: Custom OAuth option not availble when there are managed credentials (#​29933) (a44197c)
• Harden mutation picker against low-value source files (#​31914) (7e5c5c4)
• HTTP Request Node: Sign Amazon Bedrock requests as 'bedrock' service (#​31250) (9963143)
• Improve Instance AI workflow-builder eval reliability and node diagnostics (#​31506) (4e0e0ed)
• LangChain Code Node: Hide node from the node catalogue (#​31464) (18d4fdd)
• MCP Client Tool Node: Tie transport lifecycle to execution cancel signal to prevent GET stream leak (#​31087) (2a88b50)
• Microsoft Entra Node: Refresh expired OAuth2 tokens (#​30943) (ab849d3)
• Postgres Node: Spread array queryReplacement across multiple bind values (#​31704) (ee7aa0b)
• Read/Write Files from Disk Node: Escape square brackets in file path selector (#​31706) (89ae45f)
• Remove PLAYWRIGHT_BROWSERS_PATH from install-browsers turbo (#​31856) (a0df2a3)
• Salesforce Node: Preserve detailed API errors in continueOnFail mode (#​30990) (8cfc9d2)
• Slack Node: Normalize multiOptions values when expression returns a string (#​31269) (95e4ee7)
• Stabilise midnight-sensitive integration tests and harden CTE (#​31901) (4ef9944)
• TheHiveProject Node: Normalize analyzers when expression returns a string (#​31580) (43d32fd)
• Use logical-or fallback for GitHub env vars in send-metrics (#​31783) (d39d944)

Features

• Add AWS Assume Role support for Bedrock nodes (#​28663) (add5ab2)
• Add MCP registry instance AI connections endpoints (#​31618) (7efcc31)
• Add support for NVIDIA Nemotron Embeddings Node (#​31797) (3dd9c9d)
• API: Expose mfaEnabled field in Public API user endpoints (#​25512) (717b860)
• core: Add "Additional scopes" field to OIDC SSO setup (#​31708) (f459d73)
• core: Add id-only credential resolution to package import (#​31223) (91166af)
• core: Add inline sub-agent delegation (#​31553) (73d8bbe)
• core: Add KB tools to orchestrator and planner (#​31608) (21d7daa)
• core: Add knowledge base to snapshot image (#​31551) (8a245a5)
• core: Add Prometheus metrics for execution data (#​31655) (b858fbe)
• core: Add smooth stream options to agents sdk (#​31715) (790afbc)
• core: Add sub-agent executions (#​31540) (bfff25f)
• core: Add sub-agent session linkage migration (#​31534) (25f2d3c)
• core: Add support for per-user connections to MCP servers from the registry in instance AI (#​31325) (ee3b277)
• core: Add workflowConflictPolicy to package import (#​31798) (05985ba)
• core: Allow stricter-than-floor workflow redaction updates (#​31304) (de95eb8)
• core: Apply instance redaction floor to new workflows (#​31532) (21db4bc)
• core: Attach executionId and execution deep link to Sentry events (#​31645) (7afc32a)
• core: Decouple Instance AI workflow verification from planning (#​31340) (52a1a08)
• core: Grant execution owners access to their own redacted data (#​31139) (8de9958)
• core: Implement preview-workflow app (#​31647) (bef0eda)
• core: Invalidate instance-ai build-workflow cache on canvas edits (#​31274) (e27c4fe)
• core: Monitor and recover Postgres connection pool (#​31008) (957fdec)
• core: Replace get_suggested_nodes MCP tool with get_workflow_best_practices (#​31048) (cc9fa17)
• core: Revamp infisical implementation (#​30843) (a82384f)
• core: Signal team-projects availability via MCP search_projects (#​31445) (dba4717)
• core: Split API key scopes and let admins see and revoke any key (#​31237) (4120447)
• core: Support inline sub-agent difficulty models (#​31749) (950e99f)
• core: Track OpenTelemetry usage telemetry (#​31570) (c32a33c)
• core: Track redaction policy source on execution runtime data (#​31079) (58b0965)
• core: Use maxChildren for sub-agent fanout (#​31730) (34f85d9)
• editor: Add Mine and All tabs to the API keys settings ([#​31239](https://redirect.github.com/n8n-io

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "every weekend"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.