chore(deps): update dependency zeebe-node to v8

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
zeebe-node (source)	^1.0.0 -> ^1.0.0 || ^8.0.0
zeebe-node (source)	1.4.0 -> 8.3.2

---

Release Notes

camunda-community-hub/zeebe-client-node-js (zeebe-node)

v8.3.2

Compare Source

New Features

New shiny stuff

• Added support for providing a value for a scope field in the OAuth request. This can be set with environment variable ZEEBE_TOKEN_SCOPE, or by passing a scope field as part of the oAuth config options for a ZBClient. This is needed to support OIDC / EntraID. Thanks to @​nikku for the implementation. See PR #​363 for more details.

v8.3.1

Compare Source

New Features

New shiny stuff

• You can now deploy forms to the Zeebe broker using ZBClient.deployResource(). See #​332 for more details.

v8.3.0

Compare Source

Breaking changes

Changes in APIs or behaviour that may affect existing applications that use zeebe-node.

• Several method signatures for CreateProcessInstance and CreateProcessInstanceWithResult have been removed, leaving only the method that takes an object parameter. See #​330 for more details.

Known Issues

Things that don't work or don't work as expected, and which will be addressed in a future release

• The onConnectionError event fires correctly for Camunda SaaS, but fires a false positive when connecting to a Self-Managed instance. See #​340 for more details.

New Features

New shiny stuff.

• Camunda Platform 8.3.0 introduces multi-tenancy. To support this, the Node.js client adds an optional tenantId parameter to DeployResource, DeployProcess, CreateProcessInstance, CreateProcessInstanceWithResult, and PublishMessage. You can also specify a tenantId in the ZBClient constructor or via the environment variable ZEEBE_TENANT_ID. In the case that you specify it via the environment or constructor, it will be transparently added to all method invocations. See #​330 for more details.
• @grpc/grpc-js has been updated to 1.9.7, and @grpc/proto-loader has been updated to 0.7.10.

Things that were broken and are now fixed.

• The onReady and onConnection event tests now pass, so these events should be usable. See #​215 for more details.

Fixes

Things that were broken and are now fixed.

• An error message "Grpc Stream Error: 16 UNAUTHENTICATED: Failed to parse bearer token, see cause for details" would be logged intermittently. This was because under particular conditions an expired token cached on disk could be used for API calls. To prevent this, the disk-cached token is evicted at the same time as the in-memory token. See #​336 for more details.
• The onReady and onConnection event tests now pass for Camunda SaaS. The onReady event fires correctly for Self-Managed started with docker-compose. See #​215 and #​340 for more details.

v8.2.5

Compare Source

New Features

New shiny stuff.

• Throwing a BPMN Error, either from the ZBClient or in the job handler of a ZBWorker, accepted an error message and an error code. The gRPC API for ThrowError now accepts a variables field, but the Node client did not allow you to set variables along with the error code and message. The Node client now accepts an object for job.error that includes a variables field, as does ZBClient.throwError, allowing you to set variables when throwing a BPMN error. See #​323, the README file, and the Client API documentation for more details.

Chores

Things that shouldn't have a visible impact.

• Unit tests used a unique process model for each test run. As a result, the number of deployed process models in a cluster increased over time until a SaaS cluster would fail due to sharding of the ElasticSearch. Unit tests have been refactored to reuse process models. This will have no impact for end-users, but for developers it means that you can use the same cluster for unit tests.

v8.2.4

Compare Source

Fixes

Things that were broken and are now fixed.

• Custom root certificates were not being passed to the Camunda SaaS OAuth provider. This caused a failure to connect when an SSL terminating firewall that uses a custom root certificate sits between the client and Camunda SaaS. Custom root certificates are now passed to the Camunda SaaS OAuth provider, and are used when making the connection. Thanks to @​nikku for reporting this and providing the patch. See #​319 for more details.

v8.2.3

Compare Source

Fixes

Things that were broken and are now fixed.

• The object signature for job.fail() did not correctly apply an explicit value for retries. As a result, job retries would decrement automatically if this signature and option were used. The value is now correctly parsed and applied, and job retry count can be explicitly set in the job.fail() command with the object signature. Thanks to @​patozgg for reporting this. See #​316 for more details.

v8.2.2

Compare Source

Chores

Things that shouldn't have a visible impact.

• Updated uuid dependency from v3 to v7. This avoids a warning message at install time that "versions prior to 7 may use Math.random()".

v8.2.1

Compare Source

New Features

New shiny stuff.

• Add ZBClient.broadcastSignal, enabling the client to broadcast a signal. See #​312 for more details.

Fixes

Things that were broken and are now fixed.

• Previously, the timeToLive property of ZBClient.publishMessage was required, although it was documented as optional. In this release, both timeToLive and variables have been made optional. If no value is supplied for timeToLive, it defaults to 0. Thanks to @​nhomble for raising this issue. See #​311 for more details.

v8.2.0

Compare Source

New Features

New shiny stuff.

• Add ZBClient.evaluateDecision, enabling a DMN table to be evaluated on a Zeebe 8.2 and later broker. See #​296 for more details.

v8.1.8

Compare Source

Fixes

Things that were broken and are now fixed.

• The OAuth token was being evicted from the in-memory cache immediately, resulting in the file cache being used for every request. This release correctly sets the expiry time for the in-memory token cache. See #​307 for more details. Thanks to @​walliee for the fix.

v8.1.6

Compare Source

Chores

Things that shouldn't have a visible impact.

• Bump fast-xml-parser to 4.1.3 to address SNYK-JS-FASTXMLPARSER-3325616. Thanks to @​barmac for the patch.

v8.1.5

Compare Source

New Features

New shiny stuff.

• The ZBClient now implements the modifyProcessInstance API, introduced in Zeebe 8.1. This allows you to modify a running process instance, moving execution tokens and changing variables. This can be used, for example, to migrate a running process instance to a new version of the process model. See #​294 for more details.
• The ZBClient createProcessInstance method now allows you to specify startInstructions (introduced in Zeebe 8.1), allowing you to start a new process instance from an arbitrary point. Along with modifyProcessInstance, this is a powerful primitive for building migration functionality. See [#​295] for more details.

v8.1.4

Compare Source

Fixes

Things that were broken and are now fixed.

• The @​grpc dependencies are now pinned to a specific version - 1.8.7 for grpc-js and 0.7.4 for proto-loader. This is to avoid broken upstream dependencies impacting installs. Previously, with the dependency unpinned, an install on different days could result in a library that worked, or did not work, depending on the state of the upstream libraries. Now, the same dependencies are installed every time, resulting in a consistent experience. Thanks to @​nikku and @​barmac from the Camunda Modeler team for identifying this. See #​290 for more context.
• The docker subdirectory is back, with a docker-compose.yml file to start a local broker for testing purposes. See #​289 for more details.

New Features

New shiny stuff.

• A custom SSL certificate is now able to be used for the oAuth endpoint. The got library used for the token exchange needs the certificate explicitly, and it can now be passed in as a customRootCert property to the oAuth property in the ZBClient constructor. Thanks to luca-waldmann-cimt for the feature. See #​284 for more details.

v8.1.3

Compare Source

v8.1.2

Compare Source

Fixes

Things that were broken and are now fixed.

• In 8.1.1, the update to the version of got introduced a regression that broke the OAuth token request with certain gateway configurations. This is now reverted, and a test has been introduced to ensure this regression does not happen again. See #​280 for more details.

New Features

New shiny stuff.

• Applications can now extend the user agent identifier by setting a value for the environment variable ZEEBE_CLIENT_CUSTOM_AGENT_STRING. This will be appended to the standard user agent string. See #​279 for more details.

v8.1.1

Compare Source

Chores

Things that shouldn't have a visible impact.

• Bump got to 11.8.5 to fix CVE-2022-33987. Thanks to @​nithinssabu for the PR. See #​275 for more detail.

v8.1.0

Compare Source

v8.0.3

Compare Source

Fixes

Things that were broken and are now fixed.

• Previously, the fetchVariable option passed to createWorker had no effect. All variables were always fetched by workers. This option setting is now respected, allowing you to constrain the variables fetched by workers. See #​264 for details. Thanks to @​Veckatimest for reporting this.

v8.0.1

Compare Source

v8.0.0

Compare Source

Version 8.0.0 is the release to support Camunda Platform 8. The semver change does not denote a breaking API change. It's a product marketing alignment, rather than a technical semver change.

New Features

New shiny stuff.

• Zeebe 8.0.0 and later support an optional retry backoff for failed jobs. This is a communication to the broker about how long it should delay before making the job available for activation again. This is implemented as a new interface for job.fail. See [#​248] for more details.

v2.4.0

Compare Source

Breaking changes

Changes in APIs or behaviour that may affect existing applications that use zeebe-node.

• The C-based gRPC implementation has been removed in this release. It is unmaintained, and does not build with Node 17. The Zeebe Node client now uses the pure JS gRPC implementation and requires Node version 12.22.5+, 14.17.5+, or 16.6.1+. See #​201 and #​247 for more details.

Known Issues

Things that don't work or don't work as expected, and which will be addressed in a future release

• The onConnectionError and onReady events do not work as expected. Applications that rely on these should not upgrade until this is fixed. See #​215.

v2.3.0

Compare Source

v2.2.0

Compare Source

v2.1.0

Compare Source

v2.0.0

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.