Just curious what people are using n8n for.
I just finished setting up a workflow that sends me a Telegram message every night about photography opportunities for the next day. It puts together weather data, POIs (which I defined for my location), sun/moon position, milky way visibility, cloud cover, etc. The message then simply tells me if it’s worth it going out in the morning.
I’m not willing to run something that risky on my own infrastructure, therefore I wont run it. I can do all of those things with a handful of scripts or Home Assistant anyway.
May I ask why you consider n8n risky?
I’m not a slop jockey and I’m watching people plug these kinds of things into public data and having it do operations with financial/business impacts.
I’d rather employ a gremlin to write scripts.
Are you aware that you are not required to run AI with n8n? There are two flavors: With AI and without.
lowcode environments are the O.G slop.
Wow! Well, you can keep your attitude.
Just look at the recent vulnerabilities it had. It just had a CVE 10 in January and March of this year.
https://app.opencve.io/cve/?vendor=n8n
Almost all of them affect authenticated users. The only ones that allow unauthenticated users access are for old versions. So to be honest: I am not that much concerned.
Well, this “authenticated user” could be your fucking LLM and this is really concerning. Besides that a single CVE 10 is also very concerning no matter how old the affected version is.
You aren’t concerned about a severity 10 vuln? Those are found in software with exceptionally bad qa and abandonware. That should give you pause about how hard n8n is “going fast and breaking things”.