npm - node-red - Versions diffs - 4.0.0-beta.4 → 4.0.1 - Mend

node-red 4.0.0-beta.4 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,43 @@
+#### 4.0.1: Maintenance Release
+Editor
+ - Ensure subflow instance credential property values are extracted (#4802) @knolleary
+ - Use `_ADD_` value for both `add new...` and `none` options (#4800) @GogoVega
+ - Fix the config node select value assignment (#4788) @GogoVega
+ - Add tooltip for number of subflow instance on info tab (#4786) @kazuhitoyokoi
+ - Add Japanese translations for v4.0.0 (#4785) @kazuhitoyokoi
+Runtime
+ - Ensure group nodes are properly exported in /flow api (#4803) @knolleary
+ Nodes
+ - Joins: make using msg.parts optional in join node (#4796) @dceejay
+ - HTTP Request: UI proxy should setup agents for both http_proxy and https_proxy (#4794) @Steve-Mcl
+ - HTTP Request: Remove default user agent (#4791) @Steve-Mcl
+#### 4.0.0: Milestone Release
+This marks the next major release of Node-RED. The following changes represent
+those added since the last beta. Check the beta release details below for the complete
+list.
+Breaking Changes
+ - Node-RED now requires Node 18.x or later. At the time of release, we recommend
+   using Node 20.
+Editor
+ - Add `httpStaticCors` (#4761) @knolleary
+ - Update dependencies (#4763) @knolleary
+ - Sync master to dev (#4756) @knolleary
+ - Add tooltip and message validation to `typedInput` (#4747) @GogoVega
+ - Replace bcrypt with @node-rs/bcrypt (#4744) @knolleary
+ - Export Nodes dialog refinement (#4746) @Steve-Mcl
 #### 4.0.0-beta.4: Beta Release
 Editor

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "node-red",
-    "version": "4.0.0-beta.4",
+    "version": "4.0.1",
     "description": "Low-code programming for event-driven applications",
     "homepage": "https://nodered.org",
     "license": "Apache-2.0",
@@ -31,20 +31,21 @@
         "flow"
     ],
     "dependencies": {
-        "@node-red/editor-api": "4.0.0-beta.4",
-        "@node-red/runtime": "4.0.0-beta.4",
-        "@node-red/util": "4.0.0-beta.4",
-        "@node-red/nodes": "4.0.0-beta.4",
+        "@node-red/editor-api": "4.0.1",
+        "@node-red/runtime": "4.0.1",
+        "@node-red/util": "4.0.1",
+        "@node-red/nodes": "4.0.1",
         "basic-auth": "2.0.1",
         "bcryptjs": "2.4.3",
+        "cors": "2.8.5",
         "express": "4.19.2",
         "fs-extra": "11.2.0",
-        "node-red-admin": "^3.1.3",
+        "node-red-admin": "^4.0.0",
         "nopt": "5.0.0",
         "semver": "7.5.4"
     },
     "optionalDependencies": {
-        "bcrypt": "5.1.1"
+        "@node-rs/bcrypt": "1.10.4"
     },
     "engines": {
         "node": ">=18.5"

package/red.js CHANGED Viewed

@@ -38,12 +38,14 @@ var https = require('https');
 var util = require("util");
 var express = require("express");
 var crypto = require("crypto");
-try { bcrypt = require('bcrypt'); }
+try { bcrypt = require('@node-rs/bcrypt'); }
 catch(e) { bcrypt = require('bcryptjs'); }
 var nopt = require("nopt");
 var path = require("path");
 const os = require("os")
 var fs = require("fs-extra");
+const cors = require('cors');
 var RED = require("./lib/red.js");
 var server;
@@ -441,10 +443,16 @@ httpsPromise.then(function(startupHttps) {
             const thisRoot = sp.root || "/";
             const options = sp.options;
             const middleware = sp.middleware;
+            const corsOptions = sp.cors || settings.httpStaticCors;
             if(appUseMem[filePath + "::" + thisRoot]) {
                 continue;// this path and root already registered!
             }
             appUseMem[filePath + "::" + thisRoot] = true;
+            if (corsOptions) {
+                const corsHandler = cors(corsOptions);
+                app.options(thisRoot, corsHandler)
+                app.use(thisRoot, corsHandler)
+            }
             if (settings.httpStaticAuth) {
                 app.use(thisRoot, basicAuthMiddleware(settings.httpStaticAuth.user, settings.httpStaticAuth.pass));
             }

package/settings.js CHANGED Viewed

@@ -139,6 +139,7 @@ module.exports = {
  *  - httpNodeMiddleware
  *  - httpStatic
  *  - httpStaticRoot
+ *  - httpStaticCors
  ******************************************************************************/
     /** the tcp port that the Node-RED web server is listening on */
@@ -233,6 +234,9 @@ module.exports = {
      *  OR multiple static sources can be created using an array of objects...
      *  Each object can also contain an options object for further configuration.
      *  See https://expressjs.com/en/api.html#express.static for available options.
+     *  They can also contain an option `cors` object to set specific Cross-Origin
+     *  Resource Sharing rules for the source. `httpStaticCors` can be used to
+     *  set a default cors policy across all static routes.
      */
     //httpStatic: [
     //    {path: '/home/nol/pics/',    root: "/img/"},
@@ -250,6 +254,16 @@ module.exports = {
      */
     //httpStaticRoot: '/static/',
+    /** The following property can be used to configure cross-origin resource sharing
+     * in the http static routes.
+     * See https://github.com/troygoode/node-cors#configuration-options for
+     * details on its contents. The following is a basic permissive set of options:
+     */
+    //httpStaticCors: {
+    //    origin: "*",
+    //    methods: "GET,PUT,POST,DELETE"
+    //},
     /** The following property can be used to modify proxy options */
     // proxyOptions: {
     //     mode: "legacy", // legacy mode is for non-strict previous proxy determination logic (node-red < v4 compatible)