[Snyk] Upgrade node-opcua from 2.81.0 to 2.110.0 #247
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade node-opcua from 2.81.0 to 2.110.0. See this package in npm: https://www.npmjs.com/package/node-opcua See this project in Snyk: https://app.snyk.io/org/biancode/project/db549ece-73d1-4409-9a75-04ab0ef67f4d?utm_source=github&utm_medium=referral&page=upgrade-pr
|
Greet Contributors Bot |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade node-opcua from 2.81.0 to 2.110.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-SEMVER-3247795
Why? Proof of Concept exploit, CVSS 7.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: node-opcua
-
2.110.0 - 2023-08-17
- this release fixes #1289, whereby the new X509 certificate generation method based used by node-opcua-crypto could randomly crash.
- this version relies on [email protected].
- @ sseiber
-
2.109.0 - 2023-08-15
- [c789a36] addressSpace: BaseNode now expose a setDescription and setDisplayName to enable dynamic change. ( resolves #1284 )
- [c15331d] remove eumabois
- [6367995] fix NodeJS.Timeout issue caused by latest @ types/node ts definition.
- [e0d5581] [address-space-base] don't use chalk module - fix issue#1285
- [6eefed7] add regression test and investigation code for #1289
- @ ptorrent , @ sseiber
- this version introduces a new way of creating privateKeys and Certificate that do not relies on openssl any more but on the newly introduce WebCrypto API in nodeJS , when it's availbalbe or fall back to a polyfill @ pecular/X509 when the suble api is not available.
-
2.108.0 - 2023-07-18
- this version introduces a new way of creating privateKeys and Certificate that do not relies on
- We discovered after releasing 2.108 that the suble API may not behave consistently between nodejs version.
- We recommand that you use [email protected] with nodejs 20.5 or above or with nodejs 16.20 and avoid specifically nodejs 18.x version and version nodejs<=20.04. see #1289
- 1a06642 properly enum values to coerceInt64 while parsing nodeset2.xml files
- 9024dda add more unittest for coerceInt64
- 83bca12 fix enum default value issue
- 8318259 add extract field in pseudo session.
- 8571c54 1cd110f refactor extractConditionFields.
- 72dfbf8 refactor constructEventFilter and constructSelectClause.
- 2e9e962 loading old nodesets : better detection and handling of <1.03 nodesets in server
- 4c82abc chore: fix PseudoVariant definition typo
- 66d7047 fix acknwoledgeAllConditions spelling
- 3086de3 chore: use warningLog
- 9ff68ba chore: invalidPrivateKey now null
- 6f79f83 chore: clean-up crypto imports
- 9187aac update packages
- c838dcd chore: fix spelling error in trace and comments
- a348156 chore: fix eslint script typo
- 53c90b3 chore: turn warning to debug message
-
2.107.0 - 2023-07-11
- the AvailableStates and AvailableTransitions variables are automatically populated if they exist on the model.
- TransitionTime, EffectiveDisplayName are now automatically update if present in the model , when the state changes.
- server: implement automatic support for EffectiveTransitionTime on FiniteStateMachine d5493c1
- server : StateMachine setState and lastUpdateDate implemened fba2813
- server: handle with a warning instead of throwing in a error for case where a Variable refers to a TypeDefinition being a ObjectType instead of a VariableType f6831cc
- server: fix potential crashes in deactivateAlarm bade5e2
-
2.106.0 - 2023-06-30
- 472f424 expose BaseNode#setDescription #1284
- b3ac8eb implement UAView#dumpXML
- 283bd1f improve client reconnection when ActivateSession returns BadUserAccessDenied
- 5c3f84e improve warningLog for buffer inconsistency
- 199348a d828855 chore: minor test adjustment
- 4dfb651 29b18e3 f1e1061 08024e5 8aa8944 f4dfe99 asyncify ServerEngine
- 5b6228e client: silently ignore server message sent after channel have been closed by client
- @ ptorrent
-
2.105.1 - 2023-06-16
-
2.105.0 - 2023-06-10
- Resolved an issue with OPCUAClient#emit('connection_failed',...) where connection failures were not handled correctly. This fix should provide a more robust experience in scenarios with unstable connections. bd5dc55
-
-
- special thanks to @ everhardt
-
2.104.0 - 2023-06-05
-
2.103.0 - 2023-05-05
-
2.102.0 - 2023-05-02
-
2.101.0 - 2023-05-01
-
2.100.0 - 2023-04-14
-
2.99.0 - 2023-04-11
-
2.98.2 - 2023-04-10
-
2.98.1 - 2023-04-10
-
2.98.0 - 2023-04-09
-
2.97.0 - 2023-04-05
-
2.96.0 - 2023-03-24
-
2.95.0 - 2023-03-18
-
2.94.0 - 2023-03-14
-
2.93.0 - 2023-03-13
-
2.92.0 - 2023-03-12
-
2.91.1 - 2023-02-24
-
2.91.0 - 2023-02-17
-
2.90.1 - 2023-02-15
-
2.90.0 - 2023-01-29
-
2.89.0 - 2023-01-22
-
2.88.0 - 2023-01-03
-
2.87.0 - 2022-12-18
-
2.86.1 - 2022-12-16
-
2.86.0 - 2022-12-15
-
2.85.0 - 2022-11-25
-
2.84.0 - 2022-11-18
-
2.83.0 - 2022-11-14
-
2.82.0 - 2022-10-27
-
2.81.0 - 2022-10-11
from node-opcua GitHub release notes🐛 bug fix
👬🏽 contributors:
🚀 enhancement
🚧 maintenance
🐛 bug fixes
👬🏽 contributors
🧨 known issues:
( see #1289 )
we recommand you use [email protected] instead
📛 known issues
opensslany more but on the newly introduce WebCrypto API in nodeJS , when it's availbalbe or fall back to a polyfill @ pecular/X509 when the suble api is not available.🐛 bug fixes:
🚀 enhancements:
💕 typos fixes that could introduce breaking changes
🚧 maintenance
This version brings significant improvements on the server side with a better handling of StateMachine object;
StateMachine internals are now fully handled by node-opcua ;
On StateMachine with SubState, the EffectiveTransitionTime variable of the parent state is automatically updated when the stat of the substate machine changes.
🚀 enhancements
🐛 bug fixes
🚀 Enhancement
🐛 bug fix
🧑🏭 maintenance and refactoring
👭🏽 contributors:
As we continue to refine and expand node-opcua, we warmly welcome sponsorships and contributions via our membership program at Sterfive or through OpenCollective. Your generous support empowers us to innovate and foster a community built on shared knowledge and creativity. Together, we are shaping the future of node-opcua!
v2.105.1
🐛 Bug Fixes
🔧 Maintenance Tasks
For better debugging experience, we've removed the use of console.log in the codebase (#1279) 65deea0). This should help to clean up the console output and improve readability during development.
We've corrected lerna.json configurations after upgrading to version 7. 65deea059ec1cb5fa8f19bfc9c441003ee56e46
👬🏽 contributors
Read more
Read more
Read more
Commit messages
Package name: node-opcua
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs