fix(deps): update dependency node-opcua to v2.174.0#763
Open
renovate[bot] wants to merge 1 commit into
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.173.1→2.174.0Release Notes
node-opcua/node-opcua (node-opcua)
v2.174.0Compare Source
node-opcua 2.174.0
Compare:
v2.173.1...v2.174.0✨ Headline feature — Role-Based Security & User Management (OPC 10000-18)
This release introduces a complete, spec-conformant implementation of OPC UA Role-Based Security and User Management as defined in OPC 10000-18. node-opcua servers can now model who a connecting user is, which Roles they hold, and what each Role is allowed to do — and let administrators manage all of it at runtime over OPC UA itself, using the standard
RoleSetandUserManagementMethods.What you get:
RoleSetwith well-known Roles (Anonymous, AuthenticatedUser, Operator, Observer, SecurityAdmin, ConfigureAdmin, …) plus the ability to create/remove custom Roles at runtime (AddRole/RemoveRole).AddIdentity/RemoveIdentity.AddApplication/AddEndpoint/…), enforced at role-resolution time against the calling application's certificate, security mode, and endpoint URL.AddUser/ModifyUser/RemoveUser/ChangePassword) with salted scrypt password hashing, password policies, must-change-password flow (Good_PasswordChangeRequired), and forced session termination on disable/remove.createRoleBasedSecurity()— one call to set up users, roles, identities, and persistence consistently, with optionally-encrypted (AES-256-GCM) persistence that survives restarts.ClientRoleSet/ClientUserManagement) and a ready-to-shiprole-set-adminCLI (npm i -g node-opcua-role-set-admin) to administer any compliant server over OPC UA.RoleMappingRuleChangedAuditEventType,AuditUpdateMethodEventType) that never leak passwords.Delivered across five new packages:
node-opcua-role-set-common,node-opcua-role-set-server,node-opcua-role-set-client,node-opcua-role-set-admin, andnode-opcua-role-set-test.🚀 Role-Based Security & User Management — key commits
installRoleSet, clientClientRole, integration tests),WellKnownRoles,IRoleResolver. [d017a0c]createRoleBasedSecurity()one-call wiring with a single shared user + identity store; unified via theuserManagerbridge. [6037983] [f58f0e2]AddRole/RemoveRolewith collision-proof GUID NodeIds and unique-name enforcement. [964d692]AddIdentity/RemoveIdentity(§4.3–4.4.5). [55c83b7] [34ade4e]SessionContext(§4.4.1–4.4.10). [c6d8fcf] [b8226d3] [0713897] [45553c5] [9fe26bb]ClientUserManagement; MustChangePassword /Good_PasswordChangeRequiredsurfaced end-to-end (§5). [c71f966] [f00d023] [603b39c] [d441175] [804f4bc]db8e0fc] [593b474] [2e99681]dfb71f4] [a017677]41385cd]e94e44f]ClientRoleSetcohesive client entry point; all tests interact only via the client. [0d938bc]5e54521] [6322406]role-set-adminCLI extracted into its own shippable package (hidden password prompt, programmatic API). [5831c48] [0ac0d68]1cafb0e]getCurrentUserRolesguards auserManagerreturning no roles. [43b95d4]🚀 Other features
EventFilter / ContentFilter validation (OPC UA Part 4 §7.4.4.4 / §7.7)
MaxWhereClause/MaxSelectClauseParameterslimits — rejecting non-conformant EventFilters at monitored-item create and modify with precise status codes. Validation is iterative so deep filters can't exhaust the stack. [6d3e490] [9374540] [0d225d5] [62e6f52] [f7fa976] [3edc016] [adc4258] [04cdd58]Other
setDefaultCertificateSubject()for ESM compatibility, with validation. (#1519) [6ef6032]🐛 Fixes
BadMessageNotAvailable(e.g. CoDeSys) — terminate the republish loop and replenish the publish-request queue on the session-reactivation path. (#1524) [86127dc]afbd99d] [a76dc10] [807ba48]BadWaitingForInitialDataand defensively emit a self-consistent empty matrix. (reported by Mika Karaila) [36eba55]maxSessions; avoid double-counting session timeouts (+ regression test). [0851311] [80e514b] [dd0ac10]b4d4265]Mocha is not a constructor). [5d2f4b9]🔒 Security / dependencies
benchmark/lodash, bump mocha, pin patched transitive dep:js-yaml,brace-expansion,picomatch,esbuild) —ppm auditreports 0. [9eae2d5]🧹 Docs / CI / chore
supported_features.md; Ecosystem section (MCP server, OPC UA Modeler). [1015045] [080a323] [5f32edb]01d817c] [4ce14ad] [ac10a05] [f2f22d2] [aae5e08] [fbbf602] [726a94c]bbb29c6] [bf7b61b]before()hooks to avoid load-time crashes; role-set leak-detector wrapping. [103b770] [ade0b16] [6326b74]080a323] [ab19561] [ab624e0] [e77af7d]🙏 Contributors
Thanks to everyone who contributed to this release:
setDefaultCertificateSubjectfor ESM (#1519)The Sterfive Team.
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.