Bump node-opcua from 2.133.0 to 2.140.0

[dependabot]

Bumps node-opcua from 2.133.0 to 2.140.0.

Release notes

Sourced from node-opcua's releases.

v2.140.0

Release Notes for 2.140.0

🛠 Maintenance

• f1ab2f22fc473d1d8f3af3890c1f38dc26e5cc82: Updated the license copyright year

🚀 Enhancements

• d5c4e0fbb0bcc8efb49933cd80a0a5bf31a6f35a: Improved getExtraDataTypeManager and its caching mechanism:
  • Enhanced parallelization of dataType definition extraction, benefiting users of the @sterfive/optimized-client module.
  • Added tests to ensure caching is properly managed, particularly checking that cache gets cleared when reconnection leads to a reconstructed client session and is preserved when the session can be recycled.

📦 Package Updates

• 9e4d936014f531c1837c4b9e0dd0d474bacfc002: Bumped the version number of the io-link package.
• 99e8aed2718fff7745da8353eb2fc64ea604b77d: Updated node-opcua-pki to version 4.18, which includes a bug fix for certificates with CN containing slashes or backslashes, ensuring they are properly interpreted and serialized in the PKI trusted or rejected folders.

What's Changed

• improve getExtraDataTypeManager and caching by @​erossignon in node-opcua/node-opcua#1405 Full Changelog: node-opcua/node-opcua@v2.139.0...v2.140.0

v2.139.0

What's Changed

This version introduced two important fixes on the server side:

• We address a bug that would cause the server to run out of sessions, while loosing connection with a constantly reconnecting client when Session credentials are used. [12c1407a3b3a3d469246357f947bf7e7297d5934]

• We address a bug that could cause the server to crash when receiving malformed packet credentials information from a client. [ab2bc84994eb9c40b10136f70f9ffa3cd477666c]

🐛 Bug Fixes

• ce21e3037499154b8a5e728fce5853c5276c9397: Resolved issues in clean scripts to improve build processes.
• bd12868c4113cb453dc26b7b9ec33ef0ef3d60da: Addressed a bug in session transfer tests to ensure robust session management.
• ab2bc84994eb9c40b10136f70f9ffa3cd477666c: Prevented a crash in transport due to missed form packet, enhancing stability.
• 12c1407a3b3a3d469246357f947bf7e7297d5934: Corrected token comparison logic to account for non-unique password encryption scenarios.
• ee94d1c12718b3da719955bdb7a8f9117aaf7cce: Fixed an unexpected assert that could disrupt normal operations.

✨ Enhancements

• 99d04141abbbcc8a9021080280c4983b201af185: Enhanced the LDS server by exposing MSDNSResponser and registerServerMap, improving server discoverability and management.

🛠 Maintenance and Refactoring

• b3c2ba0a309cd08f5c78c82de13bc8c774b877ab: Switched to using node:slim to reduce the Docker image size, optimizing deployment.

• 2e30bc4f796acb03cf645de75d60b3c50d76bdaa: Added a SECURITY.md to the repository to provide clear security guidelines and practices.

• 4255b44cd0ab84af8e7cc9c45bfb5c0d5a1d8189: Replaced deprecated vorpal with @inquire/prompt to modernize CLI interactions and limit vulnerabilities. node-opcua/node-opcua#1402

• 333f44a0f4d6a2d2957f14797505334499208983: Updated various packages to the latest versions to leverage new features and security improvements.

... (truncated)

Commits

• f966ee4 v2.140.0
• f1ab2f2 update licence year
• d5c4e0f improve getExtraDataTypeManager and caching
• 9e4d936 bump io-link package number
• 99e8aed update node-opcua-pki to 4.18
• b7a01d3 v2.139.0
• ce21e30 chore: fix clean scripts
• b3c2ba0 chore: use node:slim
• 2e30bc4 add SECURIY.md
• 376af74 ci on legacy node16 require old pnpm version
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #377.