This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade node-opcua from 2.81.0 to 2.121.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **50 versions** ahead of your current version.
- The recommended version was released **22 days ago**, on 2024-02-25.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Observable Discrepancy [SNYK-JS-JSRSASIGN-6070731](https://snyk.io/vuln/SNYK-JS-JSRSASIGN-6070731) | **696/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **696/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: node-opcua
This version may cause OPCUAClient to fail to connect when the OPCUA Server exposes a UserTokenIdentity policy based on Basic192RSA15. This issue has been addressed in 2.112.0
NodeOPCUA continues to grow and evolve, thanks to the invaluable support from community members like YOU! π
We're dedicated to enhancing and expanding the capabilities of node-opcua, and we invite you to be a part of this exciting journey. Consider contributing through our membership program at Sterfive or by donating on
[3c7c80b] Fix: packages/node-opcua-local-discovery-server/Dockerfile to reduce vulnerabilities
[9eeb81a] Use AcknowledgeableConditionType_Acknowledge/Confirm when ConditionId is not an instance
β¨ Enhancements
[84b55ee] Allow effectiveTransitionTime to be passed when setting a TwoStateVariable for instance UACondition#setEnableState(true, { effectiveTransitionTime: somedate})
[200e233] Allow time and receiveTime to be optionally passed on raiseNewCondition
[734c0d9] Issue #1303 refactor: Add 'host' parameter to OPCUAServer for specific interface binding
[8166185] Add findMethodId utility function to find a MethodId in a object or in its super type
[ee7b7e3] Factor out node-opcua-alarm-condition module
NodeOPCUA continues to grow and evolve, thanks to the invaluable support from community members like YOU! π
We're dedicated to enhancing and expanding the capabilities of node-opcua, and we invite you to be a part of this exciting journey. Consider contributing through our membership program at Sterfive or by donating on OpenCollective. Your support is crucial! π€
Your contributions foster innovation and strengthen a community founded on cooperation and the exchange of knowledge. π±
π Together, we can drive the future of node-opcua forward! π
We're profoundly grateful for your continued support and commitment to our mission! ππ
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade node-opcua from 2.81.0 to 2.121.0.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **50 versions** ahead of your current version. - The recommended version was released **22 days ago**, on 2024-02-25. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Observable Discrepancy
[SNYK-JS-JSRSASIGN-6070731](https://snyk.io/vuln/SNYK-JS-JSRSASIGN-6070731) | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **696/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: node-opcua
Release Notes
π Bug Fixes
d81924c60
Adjust UAVariable: fixing #1342 by forcing timestamp to be set when a simple variable getter is usedef9878409
Fix ambiguous abstract DataType with encoding while loading nodeset2 xml3b8613468
Server: monitored item; fix keep alive and resendInitialValue behavior7d161b074
Server channel: fix channel termination in registerChannelea7fac356
Fix release continuation point behaviorf521d25cb
Fix eventNotifier type to be a EventNotifierFlags in InstantiateObjectOptionse85efe29f
Fix boiler instantiation by specifying the correct value for event notifier7c42fe464
Ensure event notifier flag SubscribeToEvents automatically set when an object has EventSource or Notifieraacd2c86c
Fix default variable matrix value while loading nodeset2.xml7fb5d7c88
Fix a bug causing the server to crash while raising AuditCertificate Events1e51b2184
Call should return BadMethodInvalid instead of BadNodeIdUnknown when MethodId doesn't exist or is not a methode482774c8
BadChannelIdInvalid should be returned in a ServiceFault instead of a Valid Requestaae18eed7
Issue #1320 bug-fix: now instantiating variable with same name as parent objectType.b9503fdf4
Issue #1326 bug-fix: no longer adding nodes from an unrelated object type to a node with the same browseName.π‘οΈ Security Updates
8ec25b71a
Deprecate RSAPKCS1V15_Decrypt due to CVE-2023-4680997568f4bf
Update packages - node-opcua-crypto@4.8.0 CVE-2023-468090a27cef67
Fix: dockertest/Dockerfile to reduce vulnerabilitiesce26af470
Fix: packages/node-opcua-local-discovery-server/Dockerfile to reduce vulnerabilities⨠Enhancements
9ebe882e6
Feat: add description and displayName to base object when crawling17b48cc99
ArgumentList: verifyArgumentList returns BadTypeMismatch if at least one argument has a BadTypeMismatch status codeea7fac356
Fix release continuation point behaviorπ Maintenance
c38096565
Adjust flaky test on windows2eca643f2
Chore: reduce verbosity in test862ae72f5
Chore: adjust temporary folder location in tests22606c59b
Update CTT.xmladf2b22e9
CTT: ensure keepAlive is sent after 1xpublishInterval first time77ccf6417
Refactor: server tests to typescript88ba311f5
Add leak detector in test794e35cd1
Chore: fix typescript error in test47c75b7fb
Address space for ctt: fix matrix variables4610fa986
Chore: adjust TCP socket in testcd8d2705b
Chore: server_tcp_transport cleanup4e75b2d5a
ServerSecureChannel: return ServiceFault when OpenSecureChannel fails52388f80c
Chore: remove unused importb7b1f62ab
Chore: improve log messagedd8872782
Chore: fix typos in commentsf85e696f4
Chore: fix typescript issue2e60c9984
Chore: fix timer id dΓ©claration515303c2f
Chore: improve error message in internalDecodeVariant, when matrices are inconsistent1dd5562a0
Update standard UA nodeSet2.xml to version 1.5.3e8d592bb9
Update standard status codesd5f8f15c3
Improve Variable value set typescript definition and add new async modeπ¬π½ Contributors
What's Changed
New Contributors
Full Changelog: v2.120.0...v2.121.0
Release note for v2.200.0
π Bug Fixes
[521f18d2f]
Fixes #1277 - Instantiating ObjectType with two Folders[744648e3f]
Relax Encoding detection to cope with bugs in python's asyncua - fixing #1232[56b40b191]
ClientSecureChannel: fix connection issue highlighted when server imposes maxChunk=1 #1335 #1263[2372431fd]
Ensure client.isReconnecting=true when client emits the 'connection_reestablished' event fixing #1331β¨ Enhancements
[45240f862]
Add example for GitHub #1232π Maintenance
[a0234bbb5]
Update packages[37e181611]
Add open collective badges[2e6d5937b]
Update book URL[85bee187a]
Update lock file[af3520542]
Update copyright year[f3d452bd6]
Fix copyright year and other adjustmentsπ¬π½ contributors
π Join the NodeOPCUA Support Network! π
NodeOPCUA continues to grow and evolve, thanks to the invaluable support from community members like YOU! π
We're dedicated to enhancing and expanding the capabilities of node-opcua, and we invite you to be a part of this exciting journey. Consider contributing through our membership program at Sterfive or by donating on
OpenCollective.
Your support is crucial! π€
Your contributions foster innovation and strengthen a community founded on cooperation and the exchange of knowledge. π±
π Together, we can drive the future of node-opcua forward! π
v2.119.2
π Bug Fixes
β¨ Enhancements
π Maintenance
π¬π½ contributors
π Join the NodeOPCUA Support Network! π
NodeOPCUA continues to grow and evolve, thanks to the invaluable support from community members like YOU! π
We're dedicated to enhancing and expanding the capabilities of node-opcua, and we invite you to be a part of this exciting journey. Consider contributing through our membership program at Sterfive or by donating on OpenCollective. Your support is crucial! π€
Your contributions foster innovation and strengthen a community founded on cooperation and the exchange of knowledge. π±
π Together, we can drive the future of node-opcua forward! π
We're profoundly grateful for your continued support and commitment to our mission! ππ
Commit messages
Package name: node-opcua
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
π§ View latest project report
π Adjust upgrade PR settings
π Ignore this dependency or unsubscribe from future upgrade PRs