fix: FLOWISE-553, 598, 616

packages/components/nodes/chains/SqlDatabaseChain/SqlDatabaseChain.ts

@@ -7,6 +7,7 @@ import { SqlDatabase } from '@langchain/classic/sql_db'
 import { ICommonObject, INode, INodeData, INodeParams, IServerSideEventStreamer } from '../../../src/Interface'
 import { ConsoleCallbackHandler, CustomChainHandler, additionalCallbacks } from '../../../src/handler'
 import { getBaseClasses, getInputVariables, transformBracesWithColon } from '../../../src/utils'
+import { validateSQLitePath } from '../../../src/validator'
 import { checkInputs, Moderation, streamResponse } from '../../moderation/Moderation'
 import { formatResponse } from '../../outputparsers/OutputParserHelpers'
 
@@ -223,7 +224,7 @@ const getSQLDBChain = async (
         databaseType === 'sqlite'
             ? {
                   type: databaseType,
-                  database: url
+                  database: validateSQLitePath(url)
               }
             : ({
                   type: databaseType,

packages/components/nodes/memory/AgentMemory/AgentMemory.ts

@@ -6,6 +6,7 @@ import { SqliteSaver } from './SQLiteAgentMemory/sqliteSaver'
 import { DataSource } from 'typeorm'
 import { PostgresSaver } from './PostgresAgentMemory/pgSaver'
 import { MySQLSaver } from './MySQLAgentMemory/mysqlSaver'
+import { sanitizeDataSourceOptions } from '../../../src/sanitizeDataSourceOptions'
 
 class AgentMemory_Memory implements INode {
     label: string
@@ -96,6 +97,8 @@ class AgentMemory_Memory implements INode {
                 label: 'Additional Connection Configuration',
                 name: 'additionalConfig',
                 type: 'json',
+                description:
+                    'Optional TypeORM connection options (e.g. ssl, connectTimeout). entities, subscribers, migrations, and extra are not allowed.',
                 additionalParams: true,
                 optional: true
             }
@@ -118,6 +121,7 @@ class AgentMemory_Memory implements INode {
             } catch (exception) {
                 throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
             }
+            additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
         }
 
         const threadId = options.sessionId || options.chatId

packages/components/nodes/memory/AgentMemory/MySQLAgentMemory/MySQLAgentMemory.ts

@@ -3,6 +3,7 @@ import { SaverOptions } from '../interface'
 import { ICommonObject, IDatabaseEntity, INode, INodeData, INodeParams } from '../../../../src/Interface'
 import { DataSource } from 'typeorm'
 import { MySQLSaver } from './mysqlSaver'
+import { sanitizeDataSourceOptions } from '../../../../src/sanitizeDataSourceOptions'
 
 class MySQLAgentMemory_Memory implements INode {
     label: string
@@ -54,6 +55,8 @@ class MySQLAgentMemory_Memory implements INode {
                 label: 'Additional Connection Configuration',
                 name: 'additionalConfig',
                 type: 'json',
+                description:
+                    'Optional TypeORM connection options (e.g. ssl, connectTimeout). entities, subscribers, migrations, and extra are not allowed.',
                 additionalParams: true,
                 optional: true
             }
@@ -74,6 +77,7 @@ class MySQLAgentMemory_Memory implements INode {
             } catch (exception) {
                 throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
             }
+            additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
         }
 
         const threadId = options.sessionId || options.chatId

packages/components/nodes/memory/AgentMemory/PostgresAgentMemory/PostgresAgentMemory.ts

@@ -3,6 +3,7 @@ import { SaverOptions } from '../interface'
 import { ICommonObject, IDatabaseEntity, INode, INodeData, INodeParams } from '../../../../src/Interface'
 import { DataSource } from 'typeorm'
 import { PostgresSaver } from './pgSaver'
+import { sanitizeDataSourceOptions } from '../../../../src/sanitizeDataSourceOptions'
 
 class PostgresAgentMemory_Memory implements INode {
     label: string
@@ -54,6 +55,8 @@ class PostgresAgentMemory_Memory implements INode {
                 label: 'Additional Connection Configuration',
                 name: 'additionalConfig',
                 type: 'json',
+                description:
+                    'Optional TypeORM connection options (e.g. ssl, connectTimeout). entities, subscribers, migrations, and extra are not allowed.',
                 additionalParams: true,
                 optional: true
             }
@@ -74,6 +77,7 @@ class PostgresAgentMemory_Memory implements INode {
             } catch (exception) {
                 throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
             }
+            additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
         }
 
         const threadId = options.sessionId || options.chatId

packages/components/nodes/memory/AgentMemory/SQLiteAgentMemory/SQLiteAgentMemory.ts

@@ -4,6 +4,7 @@ import { SaverOptions } from '../interface'
 import { ICommonObject, IDatabaseEntity, INode, INodeData, INodeParams } from '../../../../src/Interface'
 import { SqliteSaver } from './sqliteSaver'
 import { DataSource } from 'typeorm'
+import { sanitizeDataSourceOptions } from '../../../../src/sanitizeDataSourceOptions'
 
 class SQLiteAgentMemory_Memory implements INode {
     label: string
@@ -40,6 +41,8 @@ class SQLiteAgentMemory_Memory implements INode {
                 label: 'Additional Connection Configuration',
                 name: 'additionalConfig',
                 type: 'json',
+                description:
+                    'Optional TypeORM connection options (e.g. ssl, connectTimeout). entities, subscribers, migrations, and extra are not allowed.',
                 additionalParams: true,
                 optional: true
             }
@@ -60,6 +63,7 @@ class SQLiteAgentMemory_Memory implements INode {
             } catch (exception) {
                 throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
             }
+            additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
         }
 
         const threadId = options.sessionId || options.chatId

packages/components/nodes/recordmanager/MySQLRecordManager/MySQLrecordManager.ts

@@ -1,5 +1,6 @@
 import { ICommonObject, INode, INodeData, INodeParams } from '../../../src/Interface'
 import { getBaseClasses, getCredentialData, getCredentialParam } from '../../../src/utils'
+import { sanitizeDataSourceOptions } from '../../../src/sanitizeDataSourceOptions'
 import { ListKeyOptions, RecordManagerInterface, UpdateOptions } from '@langchain/community/indexes/base'
 import { DataSource } from 'typeorm'
 
@@ -47,6 +48,8 @@ class MySQLRecordManager_RecordManager implements INode {
                 label: 'Additional Connection Configuration',
                 name: 'additionalConfig',
                 type: 'json',
+                description:
+                    'Optional TypeORM connection options (e.g. ssl, connectTimeout). entities, subscribers, migrations, and extra are not allowed.',
                 additionalParams: true,
                 optional: true
             },
@@ -133,6 +136,7 @@ class MySQLRecordManager_RecordManager implements INode {
             } catch (exception) {
                 throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
             }
+            additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
         }
 
         const mysqlOptions = {

packages/components/nodes/recordmanager/PostgresRecordManager/PostgresRecordManager.ts

@@ -4,6 +4,7 @@ import { ListKeyOptions, RecordManagerInterface, UpdateOptions } from '@langchai
 import { DataSource } from 'typeorm'
 import { getHost, getSSL } from '../../vectorstores/Postgres/utils'
 import { getDatabase, getPort, getTableName } from './utils'
+import { sanitizeDataSourceOptions } from '../../../src/sanitizeDataSourceOptions'
 
 const serverCredentialsExists = !!process.env.POSTGRES_RECORDMANAGER_USER && !!process.env.POSTGRES_RECORDMANAGER_PASSWORD
 
@@ -63,6 +64,8 @@ class PostgresRecordManager_RecordManager implements INode {
                 label: 'Additional Connection Configuration',
                 name: 'additionalConfig',
                 type: 'json',
+                description:
+                    'Optional TypeORM connection options (e.g. ssl, connectTimeout). entities, subscribers, migrations, and extra are not allowed.',
                 additionalParams: true,
                 optional: true
             },
@@ -149,6 +152,7 @@ class PostgresRecordManager_RecordManager implements INode {
             } catch (exception) {
                 throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
             }
+            additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
         }
 
         const postgresConnectionOptions = {

packages/components/nodes/recordmanager/SQLiteRecordManager/SQLiteRecordManager.ts

@@ -3,6 +3,7 @@ import { getBaseClasses, getUserHome } from '../../../src/utils'
 import { ListKeyOptions, RecordManagerInterface, UpdateOptions } from '@langchain/community/indexes/base'
 import { DataSource } from 'typeorm'
 import path from 'path'
+import { sanitizeDataSourceOptions } from '../../../src/sanitizeDataSourceOptions'
 
 class SQLiteRecordManager_RecordManager implements INode {
     label: string
@@ -36,6 +37,8 @@ class SQLiteRecordManager_RecordManager implements INode {
                 label: 'Additional Connection Configuration',
                 name: 'additionalConfig',
                 type: 'json',
+                description:
+                    'Optional TypeORM connection options (e.g. ssl, connectTimeout). entities, subscribers, migrations, and extra are not allowed.',
                 additionalParams: true,
                 optional: true
             },
@@ -113,6 +116,7 @@ class SQLiteRecordManager_RecordManager implements INode {
             } catch (exception) {
                 throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
             }
+            additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
         }
 
         const database = path.join(process.env.DATABASE_PATH ?? path.join(getUserHome(), '.flowise'), 'database.sqlite')

packages/components/nodes/vectorstores/Postgres/Postgres.ts

@@ -186,6 +186,8 @@ class Postgres_VectorStores implements INode {
                 label: 'Additional Configuration',
                 name: 'additionalConfig',
                 type: 'json',
+                description:
+                    'Optional TypeORM connection options (e.g. ssl, connectTimeout). entities, subscribers, migrations, and extra are not allowed.',
                 additionalParams: true,
                 optional: true
             },

packages/components/nodes/vectorstores/Postgres/driver/PGVector.ts

@@ -4,6 +4,7 @@
 
 import { VectorStoreDriver } from './Base'
 import { FLOWISE_CHATID } from '../../../../src'
+import { sanitizeDataSourceOptions } from '../../../../src/sanitizeDataSourceOptions'
 import { DistanceStrategy, PGVectorStore, PGVectorStoreArgs } from '@langchain/community/vectorstores/pgvector'
 import { Document } from '@langchain/core/documents'
 import { PoolConfig } from 'pg'
@@ -27,6 +28,7 @@ export class PGVectorDriver extends VectorStoreDriver {
                 } catch (exception) {
                     throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
                 }
+                additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
             }
 
             this._postgresConnectionOptions = {

packages/components/nodes/vectorstores/Postgres/driver/TypeORM.ts

@@ -1,6 +1,7 @@
 import { DataSourceOptions } from 'typeorm'
 import { VectorStoreDriver } from './Base'
 import { FLOWISE_CHATID, ICommonObject } from '../../../../src'
+import { sanitizeDataSourceOptions } from '../../../../src/sanitizeDataSourceOptions'
 import { TypeORMVectorStore, TypeORMVectorStoreArgs, TypeORMVectorStoreDocument } from '@langchain/community/vectorstores/typeorm'
 import { VectorStore } from '@langchain/core/vectorstores'
 import { Document } from '@langchain/core/documents'
@@ -27,6 +28,7 @@ export class TypeORMDriver extends VectorStoreDriver {
                 } catch (exception) {
                     throw new Error('Invalid JSON in the Additional Configuration: ' + exception)
                 }
+                additionalConfiguration = sanitizeDataSourceOptions(additionalConfiguration)
             }
 
             this._postgresConnectionOptions = {

packages/components/src/index.ts

@@ -19,4 +19,5 @@ export * from './agentflowv2Generator'
 export * from './httpSecurity'
 export * from './headerValidation'
 export * from './pythonCodeValidator'
+export * from './sanitizeDataSourceOptions'
 export { MCPToolkit } from '../nodes/tools/MCP/core'

packages/components/src/sanitizeDataSourceOptions.test.ts

@@ -0,0 +1,43 @@
+import { sanitizeDataSourceOptions } from './sanitizeDataSourceOptions'
+
+describe('sanitizeDataSourceOptions', () => {
+    it('returns empty object for empty input', () => {
+        expect(sanitizeDataSourceOptions({})).toEqual({})
+    })
+
+    it('returns empty object for nullish-like invalid input', () => {
+        expect(sanitizeDataSourceOptions(null as any)).toEqual({})
+        expect(sanitizeDataSourceOptions(undefined as any)).toEqual({})
+    })
+
+    it('passes through safe connection options', () => {
+        const config = {
+            ssl: { rejectUnauthorized: false },
+            connectTimeout: 10000,
+            poolSize: 5
+        }
+        expect(sanitizeDataSourceOptions(config)).toEqual(config)
+    })
+
+    it('returns a shallow copy and does not mutate the input', () => {
+        const config = { poolSize: 5 }
+        const result = sanitizeDataSourceOptions(config)
+        expect(result).toEqual(config)
+        expect(result).not.toBe(config)
+    })
+
+    describe('blocked keys', () => {
+        it.each(['entities', 'subscribers', 'migrations', 'extra'] as const)('throws when %s is present', (key) => {
+            expect(() => sanitizeDataSourceOptions({ [key]: ['/tmp/evil.js'] })).toThrow(`Disallowed TypeORM DataSource option: ${key}`)
+        })
+
+        it('throws when multiple blocked keys are present', () => {
+            expect(() =>
+                sanitizeDataSourceOptions({
+                    entities: ['/tmp/a.js'],
+                    extra: { foo: 'bar' }
+                })
+            ).toThrow('Disallowed TypeORM DataSource option:')
+        })
+    })
+})

packages/components/src/sanitizeDataSourceOptions.ts

@@ -0,0 +1,24 @@
+import { ICommonObject } from './Interface'
+
+/** TypeORM DataSource options that can load and execute arbitrary local JavaScript files. */
+const BLOCKED_DATASOURCE_KEYS = ['entities', 'subscribers', 'migrations', 'extra'] as const
+
+export type BlockedDataSourceKey = (typeof BLOCKED_DATASOURCE_KEYS)[number]
+
+/**
+ * Rejects user-supplied TypeORM DataSource options that can lead to arbitrary code execution
+ * when passed to `new DataSource(options).initialize()`.
+ */
+export function sanitizeDataSourceOptions(config: ICommonObject): ICommonObject {
+    if (!config || typeof config !== 'object' || Array.isArray(config)) {
+        return {}
+    }
+
+    for (const key of BLOCKED_DATASOURCE_KEYS) {
+        if (Object.prototype.hasOwnProperty.call(config, key)) {
+            throw new Error(`Disallowed TypeORM DataSource option: ${key}`)
+        }
+    }
+
+    return { ...config }
+}