node-opcua-address-space 2.166.0 → 2.168.0

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "node-opcua-address-space",
-    "version": "2.166.0",
+    "version": "2.168.0",
     "description": "pure nodejs OPCUA SDK - module address-space",
     "main": "./dist/src/index_current.js",
     "types": "./dist/source/index.d.ts",
@@ -10,6 +10,7 @@
     "scripts": {
         "build": "tsc -b",
         "test": "mocha",
+        "test:check": "tsc --noEmit -p test/tsconfig.json",
         "lint": "eslint source test src source_nodejs test_helpers",
         "format": "prettier --write source test src source_nodejs test_helpers",
         "clean": "npx rimraf -g node_modules dist *.tsbuildinfo",
@@ -17,53 +18,51 @@
         "fix:tsconfig": "node ../../code_gen/extract-modules.js tsconfig_base.json"
     },
     "dependencies": {
-        "@types/lodash": "4.17.24",
         "@types/semver": "7.7.1",
         "chalk": "4.1.2",
         "dequeue": "^1.0.5",
-        "lodash": "4.17.23",
-        "node-opcua-address-space-base": "2.165.0",
+        "node-opcua-address-space-base": "2.168.0",
         "node-opcua-assert": "2.164.0",
-        "node-opcua-basic-types": "2.165.0",
-        "node-opcua-binary-stream": "2.165.0",
-        "node-opcua-client-dynamic-extension-object": "2.166.0",
+        "node-opcua-basic-types": "2.168.0",
+        "node-opcua-binary-stream": "2.168.0",
+        "node-opcua-client-dynamic-extension-object": "2.168.0",
         "node-opcua-constants": "2.157.0",
-        "node-opcua-crypto": "5.3.0",
-        "node-opcua-data-access": "2.165.0",
-        "node-opcua-data-model": "2.165.0",
-        "node-opcua-data-value": "2.165.0",
-        "node-opcua-date-time": "2.165.0",
-        "node-opcua-debug": "2.165.0",
-        "node-opcua-enum": "2.165.0",
-        "node-opcua-extension-object": "2.165.0",
-        "node-opcua-factory": "2.165.0",
-        "node-opcua-nodeid": "2.165.0",
-        "node-opcua-nodeset-ua": "2.165.0",
-        "node-opcua-numeric-range": "2.165.0",
-        "node-opcua-object-registry": "2.165.0",
-        "node-opcua-pseudo-session": "2.166.0",
-        "node-opcua-service-browse": "2.165.0",
-        "node-opcua-service-call": "2.165.0",
-        "node-opcua-service-history": "2.165.0",
-        "node-opcua-service-translate-browse-path": "2.165.0",
-        "node-opcua-service-write": "2.165.0",
-        "node-opcua-status-code": "2.165.0",
-        "node-opcua-types": "2.165.0",
-        "node-opcua-utils": "2.165.0",
-        "node-opcua-variant": "2.165.0",
-        "node-opcua-xml2json": "2.165.0",
+        "node-opcua-crypto": "5.3.3",
+        "node-opcua-data-access": "2.168.0",
+        "node-opcua-data-model": "2.168.0",
+        "node-opcua-data-value": "2.168.0",
+        "node-opcua-date-time": "2.168.0",
+        "node-opcua-debug": "2.168.0",
+        "node-opcua-enum": "2.168.0",
+        "node-opcua-extension-object": "2.168.0",
+        "node-opcua-factory": "2.168.0",
+        "node-opcua-nodeid": "2.168.0",
+        "node-opcua-nodeset-ua": "2.168.0",
+        "node-opcua-numeric-range": "2.168.0",
+        "node-opcua-object-registry": "2.168.0",
+        "node-opcua-pseudo-session": "2.168.0",
+        "node-opcua-service-browse": "2.168.0",
+        "node-opcua-service-call": "2.168.0",
+        "node-opcua-service-history": "2.168.0",
+        "node-opcua-service-translate-browse-path": "2.168.0",
+        "node-opcua-service-write": "2.168.0",
+        "node-opcua-status-code": "2.168.0",
+        "node-opcua-types": "2.168.0",
+        "node-opcua-utils": "2.168.0",
+        "node-opcua-variant": "2.168.0",
+        "node-opcua-xml2json": "2.168.0",
         "semver": "^7.7.4",
         "thenify-ex": "4.4.0",
         "xml-writer": "^1.7.0"
     },
     "devDependencies": {
         "humanize": "0.0.9",
-        "node-opcua-benchmarker": "2.165.0",
-        "node-opcua-leak-detector": "2.165.0",
+        "node-opcua-benchmarker": "2.168.0",
+        "node-opcua-leak-detector": "2.168.0",
         "node-opcua-nodesets": "2.163.1",
-        "node-opcua-packet-analyzer": "2.165.0",
-        "node-opcua-schemas": "2.165.0",
-        "node-opcua-service-filter": "2.165.0",
+        "node-opcua-packet-analyzer": "2.168.0",
+        "node-opcua-schemas": "2.168.0",
+        "node-opcua-service-filter": "2.168.0",
         "node-opcua-test-fixtures": "2.157.0"
     },
     "author": "Etienne Rossignon",
@@ -81,7 +80,7 @@
         "internet of things"
     ],
     "homepage": "http://node-opcua.github.io/",
-    "gitHead": "b50d48c0ebd4761670529bf66f39a9c402a07845",
+    "gitHead": "653b6d6df801ca17298308089dee32e5b12102b6",
     "files": [
         "dist",
         "distHelpers",

package/source/session_context.ts

@@ -1,25 +1,26 @@
 /**
  * @module node-opcua-address-space
  */
+/** biome-ignore-all lint/style/useLiteralEnumMembers: still needed */
 
+import type { BaseNode, ISessionBase, ISessionContext, UAObject, UAObjectType, UAVariable } from "node-opcua-address-space-base";
 import { assert } from "node-opcua-assert";
-import { Certificate, CertificateInternals, exploreCertificate } from "node-opcua-crypto/web";
-import { AccessRestrictionsFlag, allPermissions, AttributeIds, PermissionFlag } from "node-opcua-data-model";
-import { PreciseClock } from "node-opcua-date-time";
-import { NodeId, NodeIdLike, resolveNodeId, sameNodeId } from "node-opcua-nodeid";
+import { ObjectIds } from "node-opcua-constants";
+import { type Certificate, type CertificateInternals, exploreCertificate } from "node-opcua-crypto/web";
+import { AccessRestrictionsFlag, AttributeIds, allPermissions, PermissionFlag } from "node-opcua-data-model";
+import type { PreciseClock } from "node-opcua-date-time";
+import { type NodeId, type NodeIdLike, resolveNodeId, sameNodeId } from "node-opcua-nodeid";
 import {
     AnonymousIdentityToken,
     MessageSecurityMode,
     PermissionType,
-    RolePermissionType,
+    type RolePermissionType,
     UserNameIdentityToken,
     X509IdentityToken
 } from "node-opcua-types";
-import { ISessionContext, UAObject, UAObjectType, UAVariable, BaseNode, ISessionBase } from "node-opcua-address-space-base";
-import { ObjectIds } from "node-opcua-constants";
-import { NamespacePrivate } from "../src/namespace_private";
+import type { NamespacePrivate } from "../src/namespace_private";
 
-export { RolePermissionType, RolePermissionTypeOptions, PermissionType } from "node-opcua-types";
+export { PermissionType, RolePermissionType, RolePermissionTypeOptions } from "node-opcua-types";
 
 type AnyUserIdentityToken = UserNameIdentityToken | AnonymousIdentityToken | X509IdentityToken;
 
@@ -28,7 +29,10 @@ function getUserName(userIdentityToken: AnyUserIdentityToken): string {
         return "anonymous";
     }
     if (userIdentityToken instanceof X509IdentityToken) {
-        const certInfo: CertificateInternals = exploreCertificate(userIdentityToken.certificateData);
+        const cert = Array.isArray(userIdentityToken.certificateData)
+            ? userIdentityToken.certificateData[0]
+            : userIdentityToken.certificateData;
+        const certInfo: CertificateInternals = exploreCertificate(cert);
         const userName = certInfo.tbsCertificate.subject.commonName || "";
         if (typeof userName !== "string") {
             throw new Error("Invalid username");
@@ -39,8 +43,7 @@ function getUserName(userIdentityToken: AnyUserIdentityToken): string {
         if (userIdentityToken.policyId === "anonymous") {
             return "anonymous";
         }
-        assert(Object.prototype.hasOwnProperty.call(userIdentityToken, "userName"));
-        return userIdentityToken.userName!;
+        return typeof userIdentityToken.userName === "string" ? userIdentityToken.userName : "";
     }
     throw new Error("Invalid user identity token");
 }
@@ -48,7 +51,6 @@ function getUserName(userIdentityToken: AnyUserIdentityToken): string {
 /**
  *
  */
-
 export enum WellKnownRoles {
     Anonymous = ObjectIds.WellKnownRole_Anonymous,
     AuthenticatedUser = ObjectIds.WellKnownRole_AuthenticatedUser,
@@ -128,9 +130,12 @@ function getPermissionForRole(rolePermissions: RolePermissionType[] | null, role
         return allPermissions;
     }
     const a = rolePermissions.find((r) => {
-        return sameNodeId(resolveNodeId(r.roleId!), role);
+        if (!r.roleId) {
+            return false;
+        }
+        return sameNodeId(resolveNodeId(r.roleId), role);
     });
-    return a !== undefined ? a.permissions! | PermissionFlag.None : PermissionFlag.None;
+    return a?.permissions !== undefined ? a.permissions | PermissionFlag.None : PermissionFlag.None;
 }
 
 function isDefaultContext(context: SessionContext) {
@@ -152,7 +157,7 @@ function getAccessRestrictionsOnNamespace(namespace: NamespacePrivate, context:
     const defaultAccessRestriction = namespaceObject.getChildByName("defaultAccessRestriction");
     if (defaultAccessRestriction) {
         const dataValue = defaultAccessRestriction.readAttribute(null, AttributeIds.Value);
-        if (dataValue && dataValue.statusCode.isGood()) {
+        if (dataValue?.statusCode.isGood()) {
             return dataValue.value.value as AccessRestrictionsFlag;
         }
     }
@@ -179,14 +184,14 @@ function getDefaultUserRolePermissionsOnNamespace(
     const defaultUserRolePermissions = uaNamespaceObject.getChildByName("DefaultUserRolePermissions") as UAVariable;
     if (defaultUserRolePermissions) {
         const dataValue = defaultUserRolePermissions.readValue();
-        if (dataValue && dataValue.statusCode.isGood() && dataValue.value.value && dataValue.value.value.length > 0) {
+        if (dataValue?.statusCode.isGood() && dataValue.value.value && dataValue.value.value.length > 0) {
             return dataValue.value.value as RolePermissionType[];
         }
     }
     const defaultRolePermissions = uaNamespaceObject.getChildByName("DefaultRolePermissions") as UAVariable;
     if (defaultRolePermissions) {
         const dataValue = defaultRolePermissions.readValue();
-        if (dataValue && dataValue.statusCode.isGood()) {
+        if (dataValue?.statusCode.isGood()) {
             return dataValue.value.value as RolePermissionType[] | null;
         }
     }
@@ -198,14 +203,14 @@ export function makeRoles(roleIds: NodeIdLike[] | string | WellKnownRoles): Node
         roleIds = [roleIds];
     }
     if (typeof roleIds === "string") {
-        roleIds = roleIds.split(";").map((r) => resolveNodeId("WellKnownRole_" + r));
+        roleIds = roleIds.split(";").map((r) => resolveNodeId(`WellKnownRole_${r}`));
     }
     return roleIds.map((r) => resolveNodeId(r));
 }
 export class SessionContext implements ISessionContext {
     public static defaultContext = new SessionContext({});
 
-    public object: any;
+    public object: UAObject | UAObjectType | undefined;
     public currentTime?: PreciseClock;
     public continuationPoints: Buffer[] = [];
     public userIdentity?: string;
@@ -355,7 +360,9 @@ export class SessionContext implements ISessionContext {
                 return true;
             }
         }
-        if (!this.session) { return false; }
+        if (!this.session) {
+            return false;
+        }
         const securityMode = this.session?.channel?.securityMode;
         if (accessRestrictions & AccessRestrictionsFlag.SigningRequired) {
             if (securityMode !== MessageSecurityMode.Sign && securityMode !== MessageSecurityMode.SignAndEncrypt) {

package/src/alarms_and_conditions/ua_alarm_condition_impl.ts

@@ -1,23 +1,21 @@
 /**
  * @module node-opcua-address-space.AlarmsAndConditions
  */
-import { isEqual } from "lodash";
-
+import { isDeepStrictEqual as isEqual } from "node:util";
+import type { BaseNode, INamespace, UAEventType, UAVariable } from "node-opcua-address-space-base";
 import { assert } from "node-opcua-assert";
 import { NodeClass } from "node-opcua-data-model";
-import { DataValue } from "node-opcua-data-value";
+import type { DataValue } from "node-opcua-data-value";
+import { make_debugLog } from "node-opcua-debug";
 import { NodeId, sameNodeId } from "node-opcua-nodeid";
 import { StatusCodes } from "node-opcua-status-code";
-import { DataType, VariantOptions } from "node-opcua-variant";
-import { make_debugLog } from "node-opcua-debug";
-import { BaseNode, INamespace, UAEventType, UAVariable } from "node-opcua-address-space-base";
-
+import { DataType, type VariantOptions } from "node-opcua-variant";
+import type { ConditionInfo } from "../../source/interfaces/alarms_and_conditions/condition_info_i";
+import type { InstantiateAlarmConditionOptions } from "../../source/interfaces/alarms_and_conditions/instantiate_alarm_condition_options";
+import type { UAAlarmConditionEx } from "../../source/interfaces/alarms_and_conditions/ua_alarm_condition_ex";
+import type { AddressSpacePrivate } from "../address_space_private";
+import { _clear_timer_if_any, UAShelvedStateMachineExImpl } from "../state_machine/ua_shelving_state_machine_ex";
 import { _install_TwoStateVariable_machinery } from "../state_machine/ua_two_state_variable";
-import { UAShelvedStateMachineExImpl, _clear_timer_if_any } from "../state_machine/ua_shelving_state_machine_ex";
-import { AddressSpacePrivate } from "../address_space_private";
-import { ConditionInfo } from "../../source/interfaces/alarms_and_conditions/condition_info_i";
-import { UAAlarmConditionEx } from "../../source/interfaces/alarms_and_conditions/ua_alarm_condition_ex";
-import { InstantiateAlarmConditionOptions } from "../../source/interfaces/alarms_and_conditions/instantiate_alarm_condition_options";
 
 import { ConditionInfoImpl } from "./condition_info_impl";
 import { UAAcknowledgeableConditionImpl } from "./ua_acknowledgeable_condition_impl";
@@ -35,7 +33,7 @@ export declare interface UAAlarmConditionImpl extends UAAlarmConditionEx, UAAckn
 }
 
 export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl implements UAAlarmConditionEx {
-    public static MaxDuration = Math.pow(2, 31);
+    public static MaxDuration = 2 ** 31;
 
     public static instantiate(
         namespace: INamespace,
@@ -45,12 +43,12 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
     ): UAAlarmConditionImpl {
         const addressSpace = namespace.addressSpace;
         // xx assert(Object.prototype.hasOwnProperty.call(options,"conditionOf")); // must provide a conditionOf
-        assert(Object.prototype.hasOwnProperty.call(options, "inputNode")); // must provide a inputNode
+        assert(Object.hasOwn(options, "inputNode")); // must provide a inputNode
         const alarmConditionType = addressSpace.findEventType(alarmConditionTypeId);
 
         /* c8 ignore next */
         if (!alarmConditionType) {
-            throw new Error(" cannot find Alarm Condition Type for " + alarmConditionTypeId);
+            throw new Error(` cannot find Alarm Condition Type for ${alarmConditionTypeId}`);
         }
 
         const alarmConditionTypeBase = addressSpace.findEventType("AlarmConditionType");
@@ -60,9 +58,9 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
         }
 
         options.optionals = options.optionals || [];
-        if (Object.prototype.hasOwnProperty.call(options, "maxTimeShelved")) {
+        if (Object.hasOwn(options, "maxTimeShelved")) {
             options.optionals.push("MaxTimeShelved");
-            assert(isFinite(options.maxTimeShelved!));
+            assert(Number.isFinite(options.maxTimeShelved!));
         }
 
         assert(alarmConditionTypeBase === alarmConditionType || alarmConditionType.isSubtypeOf(alarmConditionTypeBase));
@@ -142,12 +140,12 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
          *
          */
         if (alarmNode.suppressedState) {
-            alarmNode.suppressedState.on("value_changed", (newDataValue: DataValue) => {
+            alarmNode.suppressedState.on("value_changed", (_newDataValue: DataValue) => {
                 _update_suppressedOrShelved(alarmNode);
             });
         }
         if (alarmNode.shelvingState) {
-            alarmNode.shelvingState.currentState.on("value_changed", (newDataValue: DataValue) => {
+            alarmNode.shelvingState.currentState.on("value_changed", (_newDataValue: DataValue) => {
                 _update_suppressedOrShelved(alarmNode);
             });
         }
@@ -220,7 +218,7 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
     public isSuppressedOrShelved(): boolean {
         let suppressed = false;
         if (this.suppressedState) {
-            suppressed = this.suppressedState.id!.readValue().value.value;
+            suppressed = this.suppressedState.id?.readValue().value.value;
         }
         let shelved = false;
         if (this.shelvingState) {
@@ -241,8 +239,8 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
      * note: duration must be greater than 10ms and lesser than 2**31 ms
      */
     public setMaxTimeShelved(duration: number): void {
-        if (duration < 10 || duration >= Math.pow(2, 31)) {
-            throw new Error(" Invalid maxTimeShelved duration: " + duration + "  must be [10,2**31] ");
+        if (duration < 10 || duration >= 2 ** 31) {
+            throw new Error(` Invalid maxTimeShelved duration: ${duration}  must be [10,2**31] `);
         }
         this.maxTimeShelved?.setValueFromSource({
             dataType: "Duration", // <= Duration is basic Type Double! ( milliseconds)
@@ -280,7 +278,7 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
         return this.addressSpace.findNode(nodeId) as UAVariable | null;
     }
     /**
-     * 
+     *
      */
     public getInputNodeValue(): any | null {
         const node = this.getInputNodeNode();
@@ -297,7 +295,7 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
         this._onInputDataValueChange(dataValue);
     }
 
-    protected _onInputDataValueChange(newValue: DataValue): void {
+    protected _onInputDataValueChange(_newValue: DataValue): void {
         /**  */
     }
 
@@ -397,9 +395,9 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
      */
     public _calculateConditionInfo(
         stateData: string | null,
-        isActive: boolean,
+        _isActive: boolean,
         value: string,
-        oldCondition: ConditionInfo
+        _oldCondition: ConditionInfo
     ): ConditionInfo {
         if (!stateData) {
             return new ConditionInfoImpl({
@@ -410,7 +408,7 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
             });
         } else {
             return new ConditionInfoImpl({
-                message: "Condition is " + value + " and state is " + stateData,
+                message: `Condition is ${value} and state is ${stateData}`,
                 quality: StatusCodes.Good,
                 retain: true,
                 severity: 150
@@ -441,7 +439,7 @@ export class UAAlarmConditionImpl extends UAAcknowledgeableConditionImpl impleme
             debugLog("oldConditionInfo", oldConditionInfo);
             debugLog("oldConditionInfo", newConditionInfo);
             throw new Error(
-                "condition values have not change, shall we really raise an event ? alarm " + this.browseName.toString()
+                `condition values have not change, shall we really raise an event ? alarm ${this.browseName.toString()}`
             );
         }
         assert(!isEqual(oldConditionInfo, newConditionInfo), "condition values have not change, shall we really raise an event ?");

package/src/alarms_and_conditions/ua_certificate_expiration_alarm_impl.ts

@@ -1,16 +1,17 @@
 /**
  * @module node-opcua-address-space.AlarmsAndConditions
  */
-import { Certificate, exploreCertificate, makeSHA1Thumbprint } from "node-opcua-crypto/web";
-import { DateTime, getMinOPCUADate, isMinDate, StatusCodes } from "node-opcua-basic-types";
-import { make_warningLog } from "node-opcua-debug";
-import { NodeId } from "node-opcua-nodeid";
-import { DataType, Variant, VariantOptions } from "node-opcua-variant";
-import { INamespace, UAObject, UAProperty, UAVariable } from "node-opcua-address-space-base";
+
+import type { INamespace, UAObject, UAProperty, UAVariable } from "node-opcua-address-space-base";
+import { type DateTime, getMinOPCUADate, isMinDate, StatusCodes } from "node-opcua-basic-types";
 import { ObjectTypeIds } from "node-opcua-constants";
+import { type Certificate, exploreCertificate, makeSHA1Thumbprint } from "node-opcua-crypto/web";
 import { makeAccessLevelExFlag } from "node-opcua-data-model";
-import { UACertificateExpirationAlarmEx } from "../../source/interfaces/alarms_and_conditions/ua_certificate_expiration_alarm_ex";
-import { InstantiateOffNormalAlarmOptions } from "../../source/interfaces/alarms_and_conditions/instantiate_off_normal_alarm_options";
+import { make_warningLog } from "node-opcua-debug";
+import type { NodeId } from "node-opcua-nodeid";
+import { DataType } from "node-opcua-variant";
+import type { InstantiateOffNormalAlarmOptions } from "../../source/interfaces/alarms_and_conditions/instantiate_off_normal_alarm_options";
+import type { UACertificateExpirationAlarmEx } from "../../source/interfaces/alarms_and_conditions/ua_certificate_expiration_alarm_ex";
 import { registerNodePromoter } from "../../source/loader/register_node_promoter";
 import { UASystemOffNormalAlarmImpl } from "./ua_system_off_normal_alarm_impl";
 
@@ -18,7 +19,7 @@ const warningLog = make_warningLog("AlarmsAndConditions");
 
 const ellipsis = (arg0: string, arg1 = 4) => {
     arg1 = Math.max(arg1, 4);
-    return arg0.length <= arg1 ? arg0 : arg0.slice(0, arg1 / 2) + "..." + arg0.slice(arg0.length - arg1 / 2);
+    return arg0.length <= arg1 ? arg0 : `${arg0.slice(0, arg1 / 2)}...${arg0.slice(arg0.length - arg1 / 2)}`;
 };
 const d = (d: Date) => {
     return d.toISOString();
@@ -31,24 +32,22 @@ export function instantiateCertificateExpirationAlarm(
     return UACertificateExpirationAlarmImpl.instantiate(namespace, alarmType, options);
 }
 
-interface UACertificateExpirationAlarmImpl {
-    expirationDate: UAProperty<Date, /*z*/ DataType.DateTime>;
-    expirationLimit?: UAProperty<number, /*z*/ DataType.Double>;
-    certificateType: UAProperty<NodeId, /*z*/ DataType.NodeId>;
-    certificate: UAProperty<Buffer, /*z*/ DataType.ByteString>;
-}
-
 // This Simple DataType is a Double that defines an interval of time in milliseconds (fractions can be used to define sub-millisecond values).
 // Negative values are generally invalid but may have special meanings where the Duration is used.
 export const OneDayDuration = 1000 * 60 * 60 * 24;
 export const TwoWeeksDuration = OneDayDuration * 2 * 7;
 
 /**
- * This UACertificateExpirationAlarm (SystemOffNormalAlarmType) is raised by the Server when the Server’s
+ * This UACertificateExpirationAlarm (SystemOffNormalAlarmType) is raised by the Server when the Server's
  * Certificate is within the ExpirationLimit
  * of expiration. This alarm automatically returns to normal when the certificate is updated.
  */
 class UACertificateExpirationAlarmImpl extends UASystemOffNormalAlarmImpl implements UACertificateExpirationAlarmEx {
+    declare expirationDate: UAProperty<Date, DataType.DateTime>;
+    declare expirationLimit: UAProperty<number, DataType.Double> | undefined;
+    declare certificateType: UAProperty<NodeId, DataType.NodeId>;
+    declare certificate: UAProperty<Buffer, DataType.ByteString>;
+
     private timer: NodeJS.Timeout | null = null;
 
     public static instantiate(
@@ -57,7 +56,6 @@ class UACertificateExpirationAlarmImpl extends UASystemOffNormalAlarmImpl implem
         options: InstantiateOffNormalAlarmOptions
         // data?: Record<string, VariantOptions>
     ): UACertificateExpirationAlarmImpl {
-        
         const alarm = UASystemOffNormalAlarmImpl.instantiate(
             namespace,
             alarmType || "CertificateExpirationAlarmType",
@@ -78,7 +76,7 @@ class UACertificateExpirationAlarmImpl extends UASystemOffNormalAlarmImpl implem
         this.raiseNewCondition({
             message,
             quality: StatusCodes.Good,
-            retain: isActive ? true : false,
+            retain: !!isActive,
             severity
         });
     }
@@ -92,7 +90,7 @@ class UACertificateExpirationAlarmImpl extends UASystemOffNormalAlarmImpl implem
             warningLog(`expiry alarm ${this.nodeId.toString()}  has no enabledState property`);
             return;
         }
-        
+
         const expirationDate = this.getExpirationDate();
 
         const now = new Date();
@@ -104,7 +102,7 @@ class UACertificateExpirationAlarmImpl extends UASystemOffNormalAlarmImpl implem
         const certificate = this.getCertificate();
 
         if (!expirationDate || (isMinDate(expirationDate) && !certificate)) {
-            if (!this.currentBranch() || this.currentBranch().getActiveState()) {
+            if (this.currentBranch()?.getActiveState()) {
                 this.updateAlarmState2(true, 255, "certificate is missing");
             }
             return;
@@ -147,11 +145,11 @@ class UACertificateExpirationAlarmImpl extends UASystemOffNormalAlarmImpl implem
         if (!this.expirationLimit) {
             return TwoWeeksDuration;
         }
-        const dataValue = this.expirationLimit!.readValue();
-        if ((dataValue as any).dataType === DataType.Null) {
+        const dataValue = this.expirationLimit.readValue();
+        if ((dataValue.value.dataType as DataType) === DataType.Null) {
             return TwoWeeksDuration;
         }
-        return (this.expirationLimit?.readValue().value.value as number) || 0;
+        return (dataValue.value.value as number) || 0;
     }
 
     public setExpirationLimit(value: number): void {
@@ -163,7 +161,7 @@ class UACertificateExpirationAlarmImpl extends UASystemOffNormalAlarmImpl implem
     }
 
     public getCertificate(): Certificate | null {
-        return (this.getChildByName("Certificate") as UAVariable)?.readValue().value.value as Certificate || null;
+        return ((this.getChildByName("Certificate") as UAVariable)?.readValue().value.value as Certificate) || null;
     }
 
     private _extractAndSetExpiryDate(certificate: Certificate | null): void {
@@ -193,20 +191,28 @@ class UACertificateExpirationAlarmImpl extends UASystemOffNormalAlarmImpl implem
             this.timer = null;
         }
     }
-    
+
     private _startTimer() {
         this.timer = setTimeout(() => {
             if (!this.timer) return;
             this.update();
             this._startTimer();
         }, OneDayDuration / 48);
+        // don't keep the process alive just for this monitoring timer
+        if (this.timer && typeof this.timer.unref === "function") {
+            this.timer.unref();
+        }
     }
 
     _post_initialize() {
+        // ensure _branch0 is created (base UAConditionImpl)
+        if (!this.currentBranch()) {
+            this.post_initialize();
+        }
         if (this.expirationLimit) {
             this.expirationLimit.accessLevel = makeAccessLevelExFlag("CurrentRead | CurrentWrite");
             this.expirationLimit.userAccessLevel = makeAccessLevelExFlag("CurrentRead | CurrentWrite");
-            this.expirationLimit.on("value_changed", (dataValue) => {
+            this.expirationLimit.on("value_changed", (_dataValue) => {
                 // make sure we re-evaluate the certificate
                 const certificate = this.getCertificate();
                 this.setCertificate(certificate);