What's changed:

Version 2.124.0 of our software introduces significant enhancements to the client automatic reconnection mechanism

• Client and Server Enhancements: Enhancements were made in reconnection logic and secure channel management, providing a more robust handling of network instabilities and secure communications.
• New Server Features: We introduced features like setNextSubscriptionId() to align with open62541 behavior (subcriptionId counting from 1)
• Maintenance and Debugging: We refined debugging outputs, adjusted test timings, and improved error handling across the system, enhancing both performance and developer experience.
• Bug Fixes: Notable bug fixes ensure correct behavior in data handling and client-server interactions, particularly in edge cases of network failures and reconnections.

🐛 Bug Fixes

• [0fb5fcf854] Fixed an issue where getters with ExtensionObject were not exposing the correct dataValue statusCode, ensuring data integrity and accurate reporting.
• [e6b944d3ae] Ensured nodeVersion operates properly when a node belongs to a custom namespace, maintaining namespace integrity.
• [ac7fd1a645] Corrected the raiseEvent method signature in TypeScript, aligning it with expected type definitions.

Security Updates

• [86d137bc51] Fixed vulnerabilities in packages/node-opcua-local-discovery-server/Dockerfile by upgrading dependencies to address security concerns highlighted by Snyk (Vulnerability 1, Vulnerability 2).

✨ Enhancements

• [5d34b30761] Improved secure channel recreation, enhancing the stability and reliability of secure connections.
• [6fb0c97b2b] Enhanced the reconnection workbench, optimizing the reconnection process under various network conditions.
• [2590d1aade] Client: Refined handling of reconnection edge cases, including server disconnections and network failures during ongoing reconnection attempts.
• [7329295a3c] findEndpoint now uses the same connection strategy as the parent OPCUAClient, harmonizing connection behaviors across the client.
• [3e1e4a5230] File-transfer: Exposed nodeId and async browseName, enhancing file handling capabilities in the client.
• [38caa350d9] Improved reconnection logic to provide smoother client-server interactions during network instability.
• [5ac2ae0ff6] Updated createMonitoredItemsLimit to avoid using maxMonitoredItemsPerCall=0, optimizing monitoring efficiency.

🛠 Maintenance and Refinements

• [a945169bf7] Adjusted test timing to better reflect real-world operational conditions.
• [f0a57b2985] Enhanced communication debug trace, offering more detailed diagnostic capabilities.
• [67ea74d5ab] Traced connection closure events, improving monitoring and troubleshooting of disconnections.
• [ab393f2148] Server: Added setNextSubscriptionId() to imitate open62541 behavior, enhancing subscription management capabilities.

What's Changed

• In this release, we've resolved a persistent issue in the OPCUA Client interface that led to premature disconnections or problems with security token renewal when there was a significant time discrepancy between the client and server clocks. Now, the OPCUA Client utilizes its own time, captured when the OpenSecurityChannelResponse is received, instead of relying on the server's time to calculate the security token's lifetime expiration. Additionally, it will display a warning in the console [NODE-OPCUA-W33] if there's a notable time difference between the server's time and the local time on the computer where the OPCUA client is running. This enhancement aims to make it easier to identify servers with time synchronization issues (#1349) (#1351). 🎉 Special kudo to EirikVea for nailing the root cause.

the warning message looks like: `

[NODE-OPCUA-W33]  client : server token creation date exposes a time discrepancy of 10 minutes 23 seconds
                  the remote server clock doesn't match this computer date !
                  please check both server and client clocks are properly set .
                  server time:  2024-03-17 10:20:30.300Z
                  client time:   2024-03-17 10:30:53.300Z
                  server URL = opc.tcp.//mydevice:4840

• Furthermore, we've incorporated the Aes256_Sha256_RsaPss security policy in this version, completing our transition to the OPC UA 1.05 security profiles by setting Aes256_Sha256_RsaPss as the default. We have also removed the Basic128Rsa15 and Basic256 security policies from the server's default policies. However, these can be reactivated, if necessary, by specifying the securityPolicies parameter in the OPCUA Server constructor. (#1348)

Default policies used if securityPolicies is not specified:

before	now in v2.123.0
None	None
Basic128Rsa15
Basic256
Basic256Sha256	Basic256Sha256
Aes128_Sha256_RsaOaep	Aes128_Sha256_RsaOaep
	Aes256_Sha256_RsaPss

• We reintroduced PKCS1 padding (Issue #1347), which was previously removed in version 2.122.0, due to Node.js discontinuing support for PKCS padding with private key encryption. However, this reintroduction comes with a caveat for users of Node.js versions newer than 18.11.1 or NodeJS > 20.11.1. To enable PKCS1 padding, you must include the argument --security-revert=CVE-2023-46809 when running the Node.js executable. This step reverses a security fix in Node.js, allowing PKCS1 padding to function. Failure to apply this workaround may result in connectivity issues between the Client and Server when interacting with devices that still utilize the now-deprecated 128Rsa15 security policy for channel or user token encryption.

• We found out that the recent version of NodeJS now emits an AggregateError instead of a Error on windows when multiple network cards are present, causing the connection mechanism to struggle, this only affects Node 20.11.1 on windows as far as we are aware [b4ff2588ba]

details

🐛 Bug Fixes

• [cd9dcb0474] Fix crawler has throw error if the object does not contain displayName or description #1343
• [b4ff2588ba] Fix error message of AggregateError generated by Node.js 20.11.1 on Windows when connection is refused

✨ Enhancements

• [26359c0c1f] Fix Aes256_Sha256_RsaPss security policy #1259 #1281 (sponsored)
• [31af8b26b5] Server: Adjust default security policies - add Aes256_Sha256_RsaPss in default security policies and remove deprecated Basic128Rsa15 and Basic256 from default security policies
• [a9ec280c07] Client now displays a warning when the remote server clock is out of sync by more than 5 seconds #1349
• [28efd1a274] Now print time drift statistic to ClientSecureChannelLayer#toString [92dd8db924] Display warning when the nodejs --security-revert=CVE-2023-46809 command line option needs to be used to allow legacy Basic192Rsa15 encryption and server ( in 20.11.1 and 18.11.1 onward)

🛠 Maintenance

• [e65ef43683] Chore: code cleanup
• [2f8275fe07] Chore: remove unused files
• [fa0b34f43d] Chore: coerceSecurityPolicies
• [bec0df27f1] Chore: improve client connection error feedback
• [5a10fb1fd8] Chore: fix import issue
• [ccf10eed0d] Chore: adjust test assert
• [8fcfcdc24d] Chore: exclude tsbuildinfo files from packages
• [7402e8c7e7] Chore: make build_address_space_for_conformance_testing async
• [b853ea6ace] Chore: add missing describe with leak detector in test
• [28fbdde5db] Investigate test failure on Windows

👬🏽 contributors

• @narttmk @raptorsj @EirikVea @burgerni10

Full Changelog: https://github.com/node-opcua/node-opcua/compare/v2.122.0...v2.123.0

🌟 Join the NodeOPCUA Support Network! 🌟 NodeOPCUA continues to grow and evolve, thanks to the invaluable support from community members like YOU! 🚀

We're dedicated to enhancing and expanding the capabilities of node-opcua, and we invite you to be a part of this exciting journey. Consider contributing through our membership program at Sterfive or by donating on

OpenCollective.

🤝 Your support is crucial!

Your contributions foster innovation and strengthen a community founded on cooperation and the exchange of knowledge. 🌱

🌍 Together, we can drive the future of node-opcua forward! 🌍

What's Changed

🚨 Security update

• OPCUAClient now avoids selecting deprecated security policy while choosing user identity token #1344

For instance, when OPCUAClient encounters multiple identity token policyId for the same tokenType, the OPCUClient will select the policyId that provides the most robust encryption method. It will also avoid using Basic192RSA15, which is now deprecated in NodeJS 20.11.1 onward, to fix CVE-2023-46809.

Full Changelog: https://github.com/node-opcua/node-opcua/compare/v2.121.0...v2.122.0

Release Notes

🐛 Bug Fixes

• d81924c60 Adjust UAVariable: fixing #1342 by forcing timestamp to be set when a simple variable getter is used
• ef9878409 Fix ambiguous abstract DataType with encoding while loading nodeset2 xml
• 3b8613468 Server: monitored item; fix keep alive and resendInitialValue behavior
• 7d161b074 Server channel: fix channel termination in registerChannel
• ea7fac356 Fix release continuation point behavior
• f521d25cb Fix eventNotifier type to be a EventNotifierFlags in InstantiateObjectOptions
• e85efe29f Fix boiler instantiation by specifying the correct value for event notifier
• 7c42fe464 Ensure event notifier flag SubscribeToEvents automatically set when an object has EventSource or Notifier
• aacd2c86c Fix default variable matrix value while loading nodeset2.xml
• 7fb5d7c88 Fix a bug causing the server to crash while raising AuditCertificate Events
• 1e51b2184 Call should return BadMethodInvalid instead of BadNodeIdUnknown when MethodId doesn't exist or is not a method
• e482774c8 BadChannelIdInvalid should be returned in a ServiceFault instead of a Valid Request
• aae18eed7 Issue #1320 bug-fix: now instantiating variable with same name as parent objectType.
• b9503fdf4 Issue #1326 bug-fix: no longer adding nodes from an unrelated object type to a node with the same browseName.

🛡️ Security Updates

• 8ec25b71a Deprecate RSAPKCS1V15_Decrypt due to CVE-2023-46809
• 97568f4bf Update packages - [email protected] CVE-2023-46809
• 0a27cef67 Fix: dockertest/Dockerfile to reduce vulnerabilities
• ce26af470 Fix: packages/node-opcua-local-discovery-server/Dockerfile to reduce vulnerabilities

✨ Enhancements

• 9ebe882e6 Feat: add description and displayName to base object when crawling
• 17b48cc99 ArgumentList: verifyArgumentList returns BadTypeMismatch if at least one argument has a BadTypeMismatch status code
• ea7fac356 Fix release continuation point behavior

🛠 Maintenance

• c38096565 Adjust flaky test on windows
• 2eca643f2 Chore: reduce verbosity in test
• 862ae72f5 Chore: adjust temporary folder location in tests
• 22606c59b Update CTT.xml
• adf2b22e9 CTT: ensure keepAlive is sent after 1xpublishInterval first time
• 77ccf6417 Refactor: server tests to typescript
• 88ba311f5 Add leak detector in test
• 794e35cd1 Chore: fix typescript error in test
• 47c75b7fb Address space for ctt: fix matrix variables
• 4610fa986 Chore: adjust TCP socket in test
• cd8d2705b Chore: server_tcp_transport cleanup
• 4e75b2d5a ServerSecureChannel: return ServiceFault when OpenSecureChannel fails
• 52388f80c Chore: remove unused import
• b7b1f62ab Chore: improve log message
• dd8872782 Chore: fix typos in comments
• f85e696f4 Chore: fix typescript issue
• 2e60c9984 Chore: fix timer id déclaration
• 515303c2f Chore: improve error message in internalDecodeVariant, when matrices are inconsistent
• 1dd5562a0 Update standard UA nodeSet2.xml to version 1.5.3
• e8d592bb9 Update standard status codes
• d5f8f15c3 Improve Variable value set typescript definition and add new async mode

👬🏽 Contributors

• @mb-software, @tetanw

What's Changed

• feat: add a description and displayName to base object when crawling by @narttmk in https://github.com/node-opcua/node-opcua/pull/1338
• [Snyk] Security upgrade node from 21.2-alpine3.18 to 21.6-alpine3.18 by @erossignon in https://github.com/node-opcua/node-opcua/pull/1337
• [Snyk] Security upgrade node from 20.8-bookworm-slim to 20.11.0-bookworm-slim by @erossignon in https://github.com/node-opcua/node-opcua/pull/1340
• Fix variable with the same name as object type by @tetanw in https://github.com/node-opcua/node-opcua/pull/1329

New Contributors

• @narttmk made their first contribution in https://github.com/node-opcua/node-opcua/pull/1338
• @tetanw made their first contribution in https://github.com/node-opcua/node-opcua/pull/1329

Full Changelog: https://github.com/node-opcua/node-opcua/compare/v2.120.0...v2.121.0

⚠️ Known issue

• This version may cause OPCUAClient to fail to connect when the OPCUA Server exposes a UserTokenIdentity policy based on Basic192RSA15. This issue has been addressed in 2.112.0

Release note for v2.200.0

🐛 Bug Fixes

• [521f18d2f] Fixes #1277 - Instantiating ObjectType with two Folders
• [744648e3f] Relax Encoding detection to cope with bugs in python's asyncua - fixing #1232
• [56b40b191] ClientSecureChannel: fix connection issue highlighted when server imposes maxChunk=1 #1335 #1263
• [2372431fd] Ensure client.isReconnecting=true when client emits the 'connection_reestablished' event fixing #1331

✨ Enhancements

• [45240f862] Add example for GitHub #1232

🛠 Maintenance

• [a0234bbb5] Update packages
• [37e181611] Add open collective badges
• [2e6d5937b] Update book URL
• [85bee187a] Update lock file
• [af3520542] Update copyright year
• [f3d452bd6] Fix copyright year and other adjustments

👬🏽 contributors

• @Salvoc14 , @nakr94 , @szelski , @ePluvinage

🌟 Join the NodeOPCUA Support Network! 🌟

NodeOPCUA continues to grow and evolve, thanks to the invaluable support from community members like YOU! 🚀

We're dedicated to enhancing and expanding the capabilities of node-opcua, and we invite you to be a part of this exciting journey. Consider contributing through our membership program at Sterfive or by donating on

OpenCollective.

Your support is crucial! 🤝

Your contributions foster innovation and strengthen a community founded on cooperation and the exchange of knowledge. 🌱

🌍 Together, we can drive the future of node-opcua forward! 🌍

Release Notes for 2.119.0

🐛 Bug Fixes

• [c70438e49] Fix ConditionVariableType behavior with SourceTimestamp property
• [77f1bf6e1] Fix MultiStateValueDiscrete behavior #1323
• [3c7c80bad] Fix: packages/node-opcua-local-discovery-server/Dockerfile to reduce vulnerabilities
• [9eeb81a4b] Use AcknowledgeableConditionType_Acknowledge/Confirm when ConditionId is not an instance

✨ Enhancements

• [84b55ee73] Allow effectiveTransitionTime to be passed when setting a TwoStateVariable for instance UACondition#setEnableState(true, { effectiveTransitionTime: somedate})
• [200e233db] Allow time and receiveTime to be optionally passed on raiseNewCondition
• [734c0d9ea] Issue #1303 refactor: Add 'host' parameter to OPCUAServer for specific interface binding
• [8166185c8] Add findMethodId utility function to find a MethodId in a object or in its super type
• [ee7b7e32f] Factor out node-opcua-alarm-condition module

🛠 Maintenance

• [0270f16b6] Update packages
• [1cba6e96e] Chore: refactor client example
• [7843dec7d] Add some more edge tests

👬🏽 contributors

• @muddasir-barnes , @tetanw
• special thanks for @iliareshetov for fixing #1303

🌟 Join the NodeOPCUA Support Network! 🌟

NodeOPCUA continues to grow and evolve, thanks to the invaluable support from community members like YOU! 🚀

We're dedicated to enhancing and expanding the capabilities of node-opcua, and we invite you to be a part of this exciting journey. Consider contributing through our membership program at Sterfive or by donating on OpenCollective. Your support is crucial! 🤝

Your contributions foster innovation and strengthen a community founded on cooperation and the exchange of knowledge. 🌱

🌍 Together, we can drive the future of node-opcua forward! 🌍

We're profoundly grateful for your continued support and commitment to our mission! 💕👐

Release Notes for 2.118.0

In this version, OPCUA Server now automatically populate the following standard UA variables with the appropriate value from the OPCUAServer constructor options:

ServerConfiguration property	value
ServerCapabilities	same as options.capabilitiesForMDNS like ["DA", "HA"]
ApplicationType	same as options.serverInfo.applicationType
ApplicationUri	as computed by the server
ProductUri	same as options.serverInfo.productUri
MulticastDnsEnabled	true if Server uses the MDNS ie options.registerServerMethod === RegisterServerMethod.MDNS
SupportedPrivateKeyFormats	defaulted to ["PEM"]

✨ Enhancements

• [3410d6917a] - Server: deprecate alternateEndpoints
• [8a6eaf7def] - Server: expose Server.ServerConfiguration properties
• [4d32977e2a] - Server: add a mechanism to simulate user identity password being encrypted inside an encrypted channel to simulate Siemens PLCs behavior.
• [4192e06bdd] - Add traceLog

🛠 Maintenance

• [147a330cda] - Update lock file
• [874a9c8a35] - Chore: clean-up imports
• [9d7eeb3095] - Chore: use IBasicSessionAsync whenever possible
• [3e2be22cb3] - Update packages [email protected] [email protected]
• [1d399831f6] - Chore: reorder import

💡 Sponsorship Call! 💡

NodeOPCUA thrives because of supporters like YOU! 🌟

As we passionately improve and broaden the scope of node-opcua, we're reaching out for your generous support. Join us in making a difference through our membership program at Sterfive or directly on OpenCollective. 🤝

Your contribution paves the way for innovation and nurtures a community built on collaboration and shared insights. 🚀

🌐 Let's shape the future of node-opcua together! 🌐

Thank you for being a pivotal part of our journey! 💖🙌

🐛 Bug Fixes

• [4767145f1] - Fix subscription repair when the server doesn't support TransferSubscription nor Republish #1059
• [0243c5ab2] - Fix minor typos

🛠 Maintenance

• [131fa12ad] - No need for OpenSSL anymore in docker file
• [c1ef91a0a] - Add missing fixture file
• [45d754d17] - Chore: replace xlsx component
• [3cd69260d] - Chore: update .gitignore
• [ff70927e8] - Update packages

✨ Enhancements

Those two enhancements have been introduced to improve the performance of @sterfive/modeler and @sterfive/toolbox

• [91cd139e8] - Improve nodeset export
  • better detect in which nodeset the references that are joining two nodes from different namespaces should belong to.
• [19b8863f8] - Improve loadnodeset
  • nodeset2.xml doesn't have to be loaded in priority order; the loader will prescan them and figure out the correct loading order

🧪 Tests

• [55a5dce90] - Add test case to reproduce issue #1059

👬🏽 Contributors:

• thanks mg90707 and robertsLando for reporting #1059 and our open-collective donators for sponsoring its resolution.

🐛 Bug Fixes

• [66c0bafe7] - Server: don't display endpoint warning if URL contains localhost
• [a66305a6e] - Fix then/catch sequence
• [58e97585a] - Fix: dockertest/Dockerfile to reduce vulnerabilities
• [f7b07a6ed] - Fix writing into variable with a custom basic dataType

🛠 Maintenance

• [2840c7c73] - Refactor getIpAddresses
• [eac74c31d] - Minor refactoring
• [95439f399] - Refactor readUAAnalogItem
• [0c855fb8e] - Refactor ISession interfaces

✨ Enhancements

• [475ab8d48] - Server: add skipOwnNamespace option
• [d953163c7] - Address-space: detect nodeset loading ordering
• [d20eadd2d] - Add missing modules
• [9e5a34a49] - Improve tests coverage for validate_data_type_correctness
• [c20155b7f] - Add test for UABaseNode#setDescription

🔒 Security

• [58e97585a] - Fix: dockertest/Dockerfile to reduce vulnerabilities

🧪 Tests

• [60864a0c1] - Add pseudo session test for write
• [9e5a34a49] - Improve tests coverage for validate_data_type_correctness
• [c20155b7f] - Add test for UABaseNode#setDescription

:bug: bug fixing

• 9cc09bc8f [nodeset2xml loading] use -1 as default EnumValue when not specified in XML
• 9f65a034b improve getBasicDataType
• 709cafcf9 make sure to explore Variant value for building namespace dependencies durring nodeset export

🚀 enhancement

• f6bf8a6b4 add DeviceHealthAlarm helpers
• e5cf35d9b use es2020
• 12ef30166 add sample test code for helping issue #1262

🪱 chore

• e37cfebf5 disable eslint no-unsafe-declaration-merging
• d3f410c7d add missing fixture
• 760e3a1ff update lock file
• 9aa91a400 promote sponsors in readme.md
• 156a4e487 fix dependencies in package.json
• 7a6ed498a update ids

💡 Sponsorship Call! 💡

NodeOPCUA thrives because of supporters like YOU! 🌟

As we passionately improve and broaden the scope of node-opcua, we're reaching out for your generous support. Join us in making a difference through our membership program at Sterfive or directly on OpenCollective. 🤝

Your contribution paves the way for innovation and nurtures a community built on collaboration and shared insights. 🚀

🌐 Let's shape the future of node-opcua together! 🌐

Thank you for being a pivotal part of our journey! 💖🙌