fix(core): Update packages to address CVE-2023-2142 and CVE-2020-28469 (#6844)

GH Advisories: [ CVE-2023-2142](https://github.com/advisories/GHSA-x77j-w7wf-fjmw) [CVE-2020-28469](https://github.com/advisories/GHSA-ww39-953v-wcq6) --------- Co-authored-by: Marcus <marcus@n8n.io>
2025-12-17 10:02:05 +00:00 · 2023-08-03 16:31:55 +02:00
parent 6ec7033bb7
commit a5667e6c42
5 changed files with 120 additions and 107 deletions
--- a/packages/nodes-base/nodes/MQTT/MqttTrigger.node.ts
+++ b/packages/nodes-base/nodes/MQTT/MqttTrigger.node.ts
@@ -7,7 +7,7 @@ import type {
 } from 'n8n-workflow';
 import { NodeOperationError } from 'n8n-workflow';

-import mqtt from 'mqtt';
+import * as mqtt from 'mqtt';

 export class MqttTrigger implements INodeType {
 	description: INodeTypeDescription = {
@@ -142,9 +142,9 @@ export class MqttTrigger implements INodeType {
 		const manualTriggerFunction = async () => {
 			await new Promise((resolve, reject) => {
 				client.on('connect', () => {
-					client.subscribe(topicsQoS as mqtt.ISubscriptionMap, (err, _granted) => {
-						if (err) {
-							reject(err);
+					client.subscribe(topicsQoS as mqtt.ISubscriptionMap, (error, _granted) => {
+						if (error) {
+							reject(error);
 						}
 						client.on('message', (topic: string, message: Buffer | string) => {
 							let result: IDataObject = {};
@@ -154,7 +154,7 @@ export class MqttTrigger implements INodeType {
 							if (options.jsonParseBody) {
 								try {
 									message = JSON.parse(message.toString());
-								} catch (error) {}
+								} catch (e) {}
 							}

 							result.message = message;