Bump node-opcua from 2.162.0 to 2.165.0

[dependabot]

Bumps node-opcua from 2.162.0 to 2.165.0.

Release notes

Sourced from node-opcua's releases.

🚀 Release Notes — v2.165.0

node-opcua v2.165.0 — Release Notes

Release date: 2026-03-18

This release brings advertised-endpoints support (ideal for Docker / NAT / proxy deployments), a global method-call interceptor API, several new server lifecycle helpers, and important bug fixes for extension-object binding and certificate handling.

---

✨ New Features

1. Advertised Endpoints — Docker / NAT / Proxy support

When a server runs behind Docker port-mapping, a reverse proxy, or a NAT gateway, the internal listen URL differs from the URL that clients actually use. The new advertisedEndpoints option lets you declare external URLs that are returned in GetEndpoints responses, while the server continues to listen on its original port.

Simple string shorthand

import { OPCUAServer } from "node-opcua";
const server = new OPCUAServer({
port: 4840,
advertisedEndpoints: "opc.tcp://public.example.com:48401",
});

Multiple URLs

const server = new OPCUAServer({
    port: 4840,
    advertisedEndpoints: [
        "opc.tcp://public.example.com:48401",
        "opc.tcp://vpn.internal:4840",
    ],
});

Per-URL security overrides

Different interfaces can have different security requirements — for example a public endpoint that enforces SignAndEncrypt and disallows anonymous access, while the internal one allows all modes:

import { MessageSecurityMode, OPCUAServer } from "node-opcua";
const server = new OPCUAServer({
port: 4840,
securityModes: [
MessageSecurityMode.None,
MessageSecurityMode.Sign,
</tr></table>

... (truncated)

Commits

• fe53ac0 v2.165.0
• b19a68d fix: setValueFromSource corrupts terminal-type fields in bound extension objects
• f8add3a chore: minor adjustments
• 453f504 chore: introduce biome.json
• e37358e chore(modeler): biome migration — fix all lint warnings
• 7924015 fix(modeler): resolve string dataType names in addExtensionObjectDataType fields
• aa3fba5 chore: biome cleanup
• 676028d fix(verify): suppress false BadCertificateUntrusted warning
• cb961b7 fix: correct certificate type NodeIds to match OPC UA 1.05 spec
• 8b202b5 fix(server): address Copilot review comments on PR #1485
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)