Skip to content

Bump node-opcua from 2.162.0 to 2.164.2#35

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/node-opcua-2.164.2
Closed

Bump node-opcua from 2.162.0 to 2.164.2#35
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/node-opcua-2.164.2

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 10, 2026

Bumps node-opcua from 2.162.0 to 2.164.2.

Release notes

Sourced from node-opcua's releases.

🚀 v2.164.2

Release Notes (v2.163.2 -> HEAD)

🚀 Features & Improvements

  • ServerConfiguration: Architectural overhaul of PushCertificateManagerServerImpl, extracting file transaction and certificate validation logic. Refactored to utilize the OPCUACertificateManager API. ([f594e65b9], [52c405787], [2099377d2], [09d79f2d9], [cd7f6126d])
  • Resource Management: Improved resource leak detection with mem_leak_detector and increased timer proxy robustness. Prevented potential stdio deadlocks, file descriptor leaks, and memory leaks in TCP_transport socket dispose. ([7b96b9d75], [ae162d368], [de0e91fde], [46eeccf4a])
  • Address Space: Added missing dispose() to IContinuationPointManager implementations. ([00f0076e0])
  • Tooling: Replaced deprecated ts-node with tsx across the monorepo to enhance compatibility and performance. ([f1377523c], [00fee249e])

🐛 Bug Fixes

  • Client / Publish Engine: Handled BadSecureChannelIdInvalid correctly within the client publish engine. ([73d944344], [364b86d6c])
  • Secure Channel & Transport: Resolved TR19 test failure caused by a race condition and forced immediate socket destruction on connection break. ([310f8fc7c], [73e7b6f6e])
  • Data Types: Fixed BaseDataType/Variant mismatch, corrected bitfield encoding, and improved subtype validation. ([1ec0a3986])
  • Alarms & Conditions: Prevented enabledState missing properties during reconstruction and updated Certificate Expiry to use setTimeout instead of setInterval. ([e350e2e84], [e40ef26e1])
  • Historical Access: Ensured startOfOnlineArchive gracefully handles null dates. ([599f2c8f4])
  • Certificate Manager: Fixed ENOENT race condition during concurrent certificate trust and addressed related EPERM lock and 0-size certificate checks. ([e9b4ea40a], [d9c2f4cde], [e85a46d8d])
  • General: Preserved original error in backoff abort handler and replaced deprecated url.parse() with WHATWG URL API as well as deprecated Buffer() constructor. ([ec1aca8d0], [4508fc8bf], [0e015259a])

🛠️ Refactoring & Chores

  • Dependencies: Bumped @ster5/global-mutex to ^3.1.2, node-opcua-pki up to 6.7.3, and updated node-opcua-crypto to ^5.0.0. Adapted client and server codebases to the new node-opcua-pki@6 API. ([cdcdf36f5], [9c22cb941], [d1206227c], [34939fc4c], [3c044d627], [2f0fa1473], [acc794c77])
  • CI/CD: Added Windows CI/CD pipeline matrix testing for Node.js 20, 22, and 24. ([9619bb27f], [48c17a06b])
  • Cleanup: Removed mkdirp and rimraf dependency usage. Replaced istanbul ignore with c8 ignore. Normalized all Mocha configuration files to .mocharc.yml. ([4c4cd465a], [00b9f6959], [9860ed265], [7cbef7a7b], [1daab6314])
  • Documentation: Created CONTRIBUTING.md. ([cdbf9d580])

🧪 Testing

  • Resolved various test flakiness issues (e.g., AZAZ-B, SubscriptionDiagnostics-3, test discovery hang). ([e85a46d8d], [132cc666f], [63e1283fa])
  • Improved test robustness under heavy load and adjusted timings to be resilient to publish cycle timing variations. ([7dd6caf55], [035fb8c97], [5a4766025], [1daa42896])
  • Added support for ESM TypeScript test files in Mocha runner. ([90faf5686])
  • Resolved OOM errors in server-configuration tests by implementing PKI pooling and cleaned up imports awaiting async parses. ([a24a098fd], [26d8613e8], [d1dc69cf3])

👬🏽 Contributors

  • @​AndreasHeine : improvement on push certificate management [2099377d2] [09d79f2d9]

🚀 v2.163.0

This release is a major step forward for DataType handling performance and OPC UA 1.05 compliance. It introduces a new lazy and parallel DataType extraction pipeline, significantly improving scalability for large and complex information models. In parallel, full support for OPC UA 1.05 subtyped structures and unions has been finalized, alongside multiple performance optimizations, correctness fixes, and test expansions.

✨ TL;DR

  • 🚄 Massive performance improvements for dynamic DataType discovery (lazy + parallel extraction)
  • 🧠 New Lazy DataType extraction strategy (default on client side)
  • 🧬 Full support for OPC UA 1.05 StructureWithSubtypedValues and UnionWithSubtypedValues
  • 🧪 Expanded test coverage for large DataType trees, continuation points, and reconnection edge cases
  • 🧹 Package updates and generated nodeset-type adjustments

🌟 Key Features & Enhancements

🧠 Lazy & Parallel DataType Extraction

  • 3ad017c4e1364bcb285052a8e083df75d12529af Introduced a Lazy DataTypeExtractStrategy to efficiently handle very large DataType trees:

... (truncated)

Commits
  • eb76d34 v2.164.2
  • 1cd17c4 update packages
  • fc52629 v2.164.1
  • a064b7b update packages
  • d3095a0 v2.164.0
  • fa5c0b7 chore: update packages
  • d9c2f4c test: disable ENOENT on overlapping trustCertificate invocations in test envi...
  • e85a46d fix: resolve AZAZ-B test flakiness, global-mutex EPERM lock and 0-size certif...
  • 132cc66 fix: fix SubscriptionDiagnostics-3 flaky test
  • 63e1283 fix: prevent test_discovery hang by fixing resource leaks
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump node-opcua from 2.162.0 to 2.164.2
965dfd6 
Bumps [node-opcua](https://github.com/node-opcua/node-opcua) from 2.162.0 to 2.164.2.
- [Release notes](https://github.com/node-opcua/node-opcua/releases)
- [Changelog](https://github.com/node-opcua/node-opcua/blob/master/RELEASE_NOTES.md)
- [Commits](node-opcua/node-opcua@v2.162.0...v2.164.2)

---
updated-dependencies:
- dependency-name: node-opcua
  dependency-version: 2.164.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 10, 2026
@dependabot dependabot bot mentioned this pull request Mar 10, 2026
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 19, 2026

Superseded by #37.

@dependabot dependabot bot closed this Mar 19, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/node-opcua-2.164.2 branch March 19, 2026 10:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants