github-actions[bot]
commented
1 year ago Greet Contributors Bot
Thank you for taking your time and effort for your contribution, we truly value it. :tada:
The amazing contributor in this pull request is @snyk-bot
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade node-opcua from 2.81.0 to 2.104.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **28 versions** ahead of your current version. - The recommended version was released **23 days ago**, on 2023-06-05. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **444/1000**
**Why?** Proof of Concept exploit, Recently disclosed, CVSS 5.3 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: node-opcua
v2.104.0, a significant milestone packed with crucial enhancements, most notably the elimination of openSSL command usage for creating private keys and self-signed certificates.
In this release, we have successfully upgraded node-opcua-crypto to v3.0.0. As a result, crypto key pairs are now generated via the node crypto module, a substantial shift from the previous openSSL dependency.
This enhancement not only simplifies the client integration within your environment by eradicating the need for openssl installation but also ensures a smoother user experience during node-opcua installation in restricted networks. You will no longer experience attempts to fetch and install openssl during the first run, leading to a streamlined installation process.
However, please note that due to this change, node.js version 16.0 or greater is now required, as earlier versions do not support the necessary crypto API.
A series of commits have led to updates to the new node-opcua-crypto & pki, and better warning messages for 'BadCertificateChainIncomplete'.
π Bug Fixes
Several bugs were squashed in this release, including TypeScript issues that surfaces with the switch to thenew typescript 5.x version, as well as fixes for EnumValueType value initialization.
Our commitment to high-quality code has seen an upgrade in code coverage, with several commits dedicated to this, and the integration of a new coverall.
π§βπ Maintenance and Code Improvement
Routine maintenance and code cleanup were undertaken, which included verification of certain fixes, package.json cleanup, removal of obsolete WriteMask, and TypeScript fixes in test.
The README.md file was updated, and an example was added to illustrate a particular issue, thereby enhancing the overall documentation.
π¬π½ community support
As we continue to refine and expand node-opcua, we warmly welcome sponsorships and contributions via our membership program at Sterfive or through OpenCollective. Your generous support empowers us to innovate and foster a community built on shared knowledge and creativity. Together, we are shaping the future of node-opcua!
π¬π½ contributors
improve UAVariable/UAAnalogDataItem write OutOfBound value ( #1119)
add an optional acceptValueOutOfRange flag to addAnalogItem.
The acceptValueOutOfRange property indicates whether the write operation will accept or reject
value which is out of range of the instrumentRange.
if true: during am writeOperation by a client if the dataValue that is outside of the
instrumentRange. it will be recorded database and the statusCode will be set to BadOutOfRange, and
the write operation will return Good. The value will be ecorded in the history database if the variable supports historizing.
if false: during a writeOperation by a client, if the dataValue that is outside of the
instrumentRangeit will be denied and the write operation will return BadOutOfRange.
Commit messages
Package name: node-opcua
- 3cd6d35 v2.104.0
- c63625e update pnpm-lock file
- af92e66 chore: code clean-up
- fdcdb03 chore: cleanup
- 7cad04a clean-up package.json
- a8ef721 chore: improve code coverage and remove unused code
- b96cec0 improve codecoverage
- 14c4051 improve codecoverage
- 8e2021e use new coverall integration
- aa95d2a chore: test adjustments
- 578b1fd chore: test tuning
- aff600b adjust Makefile
- dc8b411 adjust test
- 212dd90 adjust test
- ac94751 give more memory for coverage
- 35f7969 chore: createPrivateKey fix issue with node<=16
- 8ffcb1c remove obsolete WriteMask
- 7f34b48 chore: nyc script
- fa05883 chore: verify that #937 is fixed
- 511af5f chore: fix typescript in test
- a484a02 add test script
- 9d5cdb1 chore: fix export
- bf9495d adjust nyc
- 186bbd1 fix typescript issues raised with new ts version
CompareNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
π§ View latest project report
π Adjust upgrade PR settings
π Ignore this dependency or unsubscribe from future upgrade PRs