[Snyk] Upgrade node-opcua from 2.81.0 to 2.110.0

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade node-opcua from 2.81.0 to 2.110.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

- The recommended version is **35 versions** ahead of your current version. - The recommended version was released **a month ago**, on 2023-08-17. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: node-opcua

2.110.0 - 2023-08-17
🐛 bug fix
- this release fixes #1289, whereby the new X509 certificate generation method based used by node-opcua-crypto could randomly crash.
- this version relies on node-opcua-crypto@4.2.0.
👬🏽 contributors:
- @ sseiber
```
 </li>
 <li>
 2.109.0 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.109.0">2023-08-15</a>🚀 enhancement
```
- [c789a36] addressSpace: BaseNode now expose a setDescription and setDisplayName to enable dynamic change. ( resolves #1284 )
🚧 maintenance
- [c15331d] remove eumabois
- [6367995] fix NodeJS.Timeout issue caused by latest @ types/node ts definition.
🐛 bug fixes
- [e0d5581] [address-space-base] don't use chalk module - fix issue#1285
- [6eefed7] add regression test and investigation code for #1289
👬🏽 contributors
- @ ptorrent , @ sseiber
🧨 known issues:
- this version introduces a new way of creating privateKeys and Certificate that do not relies on openssl any more but on the newly introduce WebCrypto API in nodeJS , when it's availbalbe or fall back to a polyfill @ pecular/X509 when the suble api is not available.
 ( see #1289 )
 we recommand you use node-opcua@2.110.0 instead
```
 </li>
 <li>
 2.108.0 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.108.0">2023-07-18</a>📛 known issues
```
- this version introduces a new way of creating privateKeys and Certificate that do not relies on openssl any more but on the newly introduce WebCrypto API in nodeJS , when it's availbalbe or fall back to a polyfill @ pecular/X509 when the suble api is not available.
- We discovered after releasing 2.108 that the suble API may not behave consistently between nodejs version.
- We recommand that you use node-opcua@2.108 with nodejs 20.5 or above or with nodejs 16.20 and avoid specifically nodejs 18.x version and version nodejs<=20.04. see #1289
🐛 bug fixes:
- 1a06642 properly enum values to coerceInt64 while parsing nodeset2.xml files
- 9024dda add more unittest for coerceInt64
- 83bca12 fix enum default value issue
🚀 enhancements:
- 8318259 add extract field in pseudo session.
- 8571c54 1cd110f refactor extractConditionFields.
- 72dfbf8 refactor constructEventFilter and constructSelectClause.
- 2e9e962 loading old nodesets : better detection and handling of <1.03 nodesets in server
💕 typos fixes that could introduce breaking changes
- 4c82abc chore: fix PseudoVariant definition typo
- 66d7047 fix acknwoledgeAllConditions spelling
🚧 maintenance
- 3086de3 chore: use warningLog
- 9ff68ba chore: invalidPrivateKey now null
- 6f79f83 chore: clean-up crypto imports
- 9187aac update packages
- c838dcd chore: fix spelling error in trace and comments
- a348156 chore: fix eslint script typo
- 53c90b3 chore: turn warning to debug message
```
 </li>
 <li>
 2.107.0 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.107.0">2023-07-11</a>This version brings significant improvements on the server side with a better handling of StateMachine object;
```
StateMachine internals are now fully handled by node-opcua ;
- the AvailableStates and AvailableTransitions variables are automatically populated if they exist on the model.
- TransitionTime, EffectiveDisplayName are now automatically update if present in the model , when the state changes.
 On StateMachine with SubState, the EffectiveTransitionTime variable of the parent state is automatically updated when the stat of the substate machine changes.
🚀 enhancements
- server: implement automatic support for EffectiveTransitionTime on FiniteStateMachine d5493c1
- server : StateMachine setState and lastUpdateDate implemened fba2813
🐛 bug fixes
- server: handle with a warning instead of throwing in a error for case where a Variable refers to a TypeDefinition being a ObjectType instead of a VariableType f6831cc
- server: fix potential crashes in deactivateAlarm bade5e2
```
 </li>
 <li>
 2.106.0 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.106.0">2023-06-30</a>🚀 Enhancement
```
- 472f424 expose BaseNode#setDescription #1284
- b3ac8eb implement UAView#dumpXML
🐛 bug fix
- 283bd1f improve client reconnection when ActivateSession returns BadUserAccessDenied
- 5c3f84e improve warningLog for buffer inconsistency
🧑‍🏭 maintenance and refactoring
- 199348a d828855 chore: minor test adjustment
- 4dfb651 29b18e3 f1e1061 08024e5 8aa8944 f4dfe99 asyncify ServerEngine
- 5b6228e client: silently ignore server message sent after channel have been closed by client
👭🏽 contributors:
- @ ptorrent
As we continue to refine and expand node-opcua, we warmly welcome sponsorships and contributions via our membership program at Sterfive or through OpenCollective. Your generous support empowers us to innovate and foster a community built on shared knowledge and creativity. Together, we are shaping the future of node-opcua!
```
 </li>
 <li>
 2.105.1 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.105.1">2023-06-16</a>v2.105.1
 </li>
 <li>
 2.105.0 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.105.0">2023-06-10</a>🐛 Bug Fixes
```
- Resolved an issue with OPCUAClient#emit('connection_failed',...) where connection failures were not handled correctly. This fix should provide a more robust experience in scenarios with unstable connections. bd5dc55
🔧 Maintenance Tasks
- For better debugging experience, we've removed the use of console.log in the codebase (#1279) 65deea0). This should help to clean up the console output and improve readability during development.
- We've corrected lerna.json configurations after upgrading to version 7. 65deea059ec1cb5fa8f19bfc9c441003ee56e46
👬🏽 contributors
- special thanks to @ everhardt
```
 </li>
 <li>
 2.104.0 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.104.0">2023-06-05</a><a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.104.0"> Read more </a>
 </li>
 <li>
 2.103.0 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.103.0">2023-05-05</a><a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.103.0"> Read more </a>
 </li>
 <li>
 2.102.0 - <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.102.0">2023-05-02</a><a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases/tag/v2.102.0"> Read more </a>
 </li>
 <li>
 2.101.0 - 2023-05-01
 </li>
 <li>
 2.100.0 - 2023-04-14
 </li>
 <li>
 2.99.0 - 2023-04-11
 </li>
 <li>
 2.98.2 - 2023-04-10
 </li>
 <li>
 2.98.1 - 2023-04-10
 </li>
 <li>
 2.98.0 - 2023-04-09
 </li>
 <li>
 2.97.0 - 2023-04-05
 </li>
 <li>
 2.96.0 - 2023-03-24
 </li>
 <li>
 2.95.0 - 2023-03-18
 </li>
 <li>
 2.94.0 - 2023-03-14
 </li>
 <li>
 2.93.0 - 2023-03-13
 </li>
 <li>
 2.92.0 - 2023-03-12
 </li>
 <li>
 2.91.1 - 2023-02-24
 </li>
 <li>
 2.91.0 - 2023-02-17
 </li>
 <li>
 2.90.1 - 2023-02-15
 </li>
 <li>
 2.90.0 - 2023-01-29
 </li>
 <li>
 2.89.0 - 2023-01-22
 </li>
 <li>
 2.88.0 - 2023-01-03
 </li>
 <li>
 2.87.0 - 2022-12-18
 </li>
 <li>
 2.86.1 - 2022-12-16
 </li>
 <li>
 2.86.0 - 2022-12-15
 </li>
 <li>
 2.85.0 - 2022-11-25
 </li>
 <li>
 2.84.0 - 2022-11-18
 </li>
 <li>
 2.83.0 - 2022-11-14
 </li>
 <li>
 2.82.0 - 2022-10-27
 </li>
 <li>
 2.81.0 - 2022-10-11
 </li>
</ul>
from <a href="https://snyk.io/redirect/github/node-opcua/node-opcua/releases">node-opcua GitHub release notes</a>
```

Commit messages

Package name: node-opcua

f419b91 v2.110.0
11e6e12 update to node-opcua-cryto@4.2.0 to fix #1289
50cfa07 v2.109.0
6eefed7 add regression test code for #1289
f51277e remove nyc and coverage from package.json, they are installed independantly during ci phase
6367995 fix NodeJS.Timeout issue caused by latest @ types/node ts definition refinement
8b3716d update packages and to node-opcua-crypto@4
8d89478 update to node-opcua-crypto@4 beta
e0d5581 address-space-base: don't use chalk module - fix issue#1285
c15331d eumabois
89484b0 update gitignore
f7dd04d chore: reduce verbosity
c789a36 BaseNode: expose setDescription and setDisplayName
dc706ce v2.108.0
9ff68ba chore: invalidPrivateKey now null
6f79f83 chore: clean-up crypto imports
a348156 chore: fix eslint script typo
9187aac update packages
c838dcd chore: fix spelling error in trace and comments
66d7047 fix acknwoledgeAllConditions spelling
8571c54 refactor extractConditionFields
3086de3 chore: use warningLog
72dfbf8 refactor constructEventFilter and constructSelectClause
1cd110f add unit test for extractFields

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

BiancoRoyal / node-red-contrib-iiot-opcua

[Snyk] Upgrade node-opcua from 2.81.0 to 2.110.0 #247

Snyk has created this PR to upgrade node-opcua from 2.81.0 to 2.110.0.