Release 1.7.0 (#557)

### Fixed

- Removed vulnerable module 'ip' [#545](#545)
- msg.context now handled properly

### Added

- Adaptive Lighting support [#335](#335)
- By default, registered Eve.app Characteristics for power management - for existing setup, requires old custom characteristics file to be removed

### Changed

- Updated hap-nodejs [0.11.1 to 0.12.3-beta.18](https://github.com/homebridge/HAP-NodeJS/blob/latest/CHANGELOG.md) (features
  and bug fixes)
- Dependencies upgrade
- Node `10`, `12` and `16` no longer supported, use Node 20! Or at least 18
- Updated GitHub Actions
- Some trivial PinCodes are no longer allowed
- MDNS Configuration is now deprecated, use Bind instead

.github/workflows/codeql-analysis.yml

@@ -31,16 +31,16 @@ jobs:
         language: [ 'javascript' ]
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
+      - name: Checkout repository
+        uses: actions/checkout@v4
 
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: ${{ matrix.language }}
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: ${{ matrix.language }}
 
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v1
 
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1

.github/workflows/publish-dev.yml

@@ -9,10 +9,10 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 20
       - run: |
           npm ci
           npm run build
@@ -22,10 +22,10 @@ jobs:
     needs: build
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 20
           registry-url: https://registry.npmjs.org/
           always-auth: true
       - name: Extract PACKAGE_VERSION
@@ -34,8 +34,8 @@ jobs:
       - name: Prepare Discord notification messages
         id: discord-prepare
         run: |
-         echo ::set-output name=DISCORD_MSG_DEV_ANN::'{"title":"New dev version `${{ steps.package-version.outputs.current-version }}` has been released.","description":"Changelog is available [here](https://github.com/NRCHKB/node-red-contrib-homekit-bridged/commits/dev/CHANGELOG.md)","url":"https://github.com/NRCHKB/node-red-contrib-homekit-bridged/tree/dev","color":9371648,"fields":[{"name":"How to install","value":"1. Stop node-red\n2. Backup `~/.node-red` folder\n3. `cd ~/.node-red`\n4. `npm i node-red-contrib-homekit-bridged@${{ steps.package-version.outputs.current-version }}`\n5. Start node-red"}]}' 
-         echo ::set-output name=DISCORD_MSG_ERROR::'{"title":"Dev version `${{ steps.package-version.outputs.current-version }}` failed to be released.","description":"Changelog is available [here](https://github.com/NRCHKB/node-red-contrib-homekit-bridged/commits/dev/CHANGELOG.md)","url":"https://github.com/NRCHKB/node-red-contrib-homekit-bridged/tree/dev","color":9371648,"fields":[{"name":"How to install","value":"1. Stop node-red\n2. Backup `~/.node-red` folder\n3. `cd ~/.node-red`\n4. `npm i node-red-contrib-homekit-bridged@${{ steps.package-version.outputs.current-version }}`\n5. Start node-red"}]}'
+          echo ::set-output name=DISCORD_MSG_DEV_ANN::'{"title":"New dev version `${{ steps.package-version.outputs.current-version }}` has been released.","description":"Changelog is available [here](https://github.com/NRCHKB/node-red-contrib-homekit-bridged/commits/dev/CHANGELOG.md)","url":"https://github.com/NRCHKB/node-red-contrib-homekit-bridged/tree/dev","color":9371648,"fields":[{"name":"How to install","value":"1. Stop node-red\n2. Backup `~/.node-red` folder\n3. `cd ~/.node-red`\n4. `npm i node-red-contrib-homekit-bridged@${{ steps.package-version.outputs.current-version }}`\n5. Start node-red"}]}' 
+          echo ::set-output name=DISCORD_MSG_ERROR::'{"title":"Dev version `${{ steps.package-version.outputs.current-version }}` failed to be released.","description":"Changelog is available [here](https://github.com/NRCHKB/node-red-contrib-homekit-bridged/commits/dev/CHANGELOG.md)","url":"https://github.com/NRCHKB/node-red-contrib-homekit-bridged/tree/dev","color":9371648,"fields":[{"name":"How to install","value":"1. Stop node-red\n2. Backup `~/.node-red` folder\n3. `cd ~/.node-red`\n4. `npm i node-red-contrib-homekit-bridged@${{ steps.package-version.outputs.current-version }}`\n5. Start node-red"}]}'
       - name: Publish
         if: contains(steps.package-version.outputs.current-version, 'dev') == true
         run: |

.github/workflows/publish.yml

@@ -9,10 +9,10 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 20
       - run: |
           npm ci
           npm run build
@@ -22,10 +22,10 @@ jobs:
     needs: build
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 20
           registry-url: https://registry.npmjs.org/
           always-auth: true
       - name: Extract PACKAGE_VERSION
@@ -47,10 +47,10 @@ jobs:
       contents: read
       packages: write
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 18
+          node-version: 20
           registry-url: https://npm.pkg.github.com/
           scope: '@nrchkb'
       - name: Extract PACKAGE_VERSION
@@ -64,3 +64,9 @@ jobs:
           npm publish
         env:
           NODE_AUTH_TOKEN: ${{secrets.GHUB_TKN}}
+      - name: Update Node-Red flow-library
+        if: contains(steps.package-version.outputs.current-version, 'dev') != true
+        uses: Zehir/[email protected]
+        continue-on-error: true
+        with:
+          package-name: 'node-red-contrib-homekit-bridged'

.github/workflows/tests.yml

@@ -1,17 +1,17 @@
 name: Tests
 
-on: [pull_request]
+on: [ pull_request ]
 
 jobs:
   build:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        node_version: [12, 14, 16, 18]
-        os: [ubuntu-latest, windows-latest, macOS-latest]
+        node_version: [ 18, 20, 22 ]
+        os: [ ubuntu-latest, windows-latest, macOS-latest ]
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
       - name: build and test

CHANGELOG.md

@@ -2,15 +2,35 @@
 
 ##### Before upgrading make sure that you are using the latest version of [Node-RED](https://nodered.org/docs/getting-started/local) and latest LTS version of [Node.js](https://nodejs.org/en/download/)
 
-###### Upgrading from versions 0.X to 1.X is a breaking change, all devices will be reset in the Home app. Please review the [release notes](https://github.com/NRCHKB/node-red-contrib-homekit-bridged/releases/tag/v1.0.1) thoroughly before updating!
-
 # Changelog
 
 All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres
 to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.7.0] - 2024-09-19
+
+### Fixed
+
+- Removed vulnerable module 'ip' [#545](https://github.com/NRCHKB/node-red-contrib-homekit-bridged/issues/545)
+- msg.context now handled properly
+
+### Added
+
+- Adaptive Lighting support [#335](https://github.com/NRCHKB/node-red-contrib-homekit-bridged/issues/335)
+- By default, registered Eve.app Characteristics for power management - for existing setup, requires old custom characteristics file to be removed
+
+### Changed
+
+- Updated hap-nodejs [0.11.1 to 0.12.3-beta.18](https://github.com/homebridge/HAP-NodeJS/blob/latest/CHANGELOG.md) (features
+  and bug fixes)
+- Dependencies upgrade
+- Node `10`, `12` and `16` no longer supported, use Node 20! Or at least 18
+- Updated GitHub Actions
+- Some trivial PinCodes are no longer allowed
+- MDNS Configuration is now deprecated, use Bind instead
+
 ## [1.6.1] - 2024-02-19
 
 ### Fixed

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2019 Node-RED Contribution - HomeKit Bridged
+Copyright (c) 2024 Node-RED Contribution - HomeKit Bridged
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

SECURITY.md

@@ -11,10 +11,10 @@ If vulnerability is a serious risk then please consider contacting us directly a
 
 ## Supported Versions
 
-| Version | Supported          |
-| ------- | ------------------ |
-| > = 1.2.0  | :white_check_mark: |
-| < 1.2.0   | :x: limited               |
+| Version  | Supported          |
+|----------|--------------------|
+| >= 1.x.y | :white_check_mark: |
+| < 1.x.y  | :x: limited        |
 
 ## Reporting a Vulnerability
 
@@ -35,8 +35,10 @@ To use node-red safely you should secure it properly with encryption and passwor
 
 ### Invalid Setup Codes
 
-The following Setup Codes must not be used due to their trivial, insecure nature. In future release (possibly 1.X.Y)
-they will be forbidden programmatically.
+Since 1.3 random Setup Code will be generated for new Host (Bridge or Standalone Accessory) nodes (instead of default 1111-1111)
+
+The following Setup Codes must not be used due to their trivial, insecure nature. 
+Since 1.7.0 they are forbidden programmatically.
 
 - 0000-0000
 - 1111-1111
@@ -51,4 +53,3 @@ they will be forbidden programmatically.
 - 1234-5678
 - 8765-4321
 
-Since 1.3 random Setup Code will be generated for new Bridge nodes (instead of default 1111-1111)

build/nodes/bridge.html

@@ -55,9 +55,14 @@
         <label for="node-config-input-allowMessagePassthrough" style="width: 70%;">&nbsp;&nbsp;<i class="fa fa-step-forward"></i> Allow Message Passthrough</label>
     </div>
     <hr>
+    <div class="form-row">
+        <label for="node-config-input-bind"><i class="fa fa-filter"></i> Bind</label>
+        <input type="text" id="node-config-input-bind" placeholder="::">
+        <input type="hidden" id="node-config-input-bindType">
+    </div>
     <div class="form-row">
         <input type="checkbox" id="node-config-input-customMdnsConfig" style="display: inline-block; width: auto; vertical-align: top;">
-        <label for="node-config-input-customMdnsConfig" style="width: 70%;">&nbsp;&nbsp;<i class="fa fa-filter"></i> Custom MDNS Configuration</label>
+        <label for="node-config-input-customMdnsConfig" style="width: 70%;">&nbsp;&nbsp;<i class="fa fa-filter"></i> Custom MDNS Configuration (DEPRECATED, use Bind)</label>
     </div>
     <div id="mdns-configuration" style="display: none;">
         <div class="form-row">
@@ -95,7 +100,7 @@
 
 <script data-help-name="homekit-bridge" type="text/x-red">
     <h3 id="toc_4">Bridge</h3>
-    <p>The Bridge node is a configuration node, specifying the <em>bridge</em> that iOS sees, i.e. the device that is manually being added by the user. All accessories behind a bridge noded are then automatically added by iOS.
+    <p>The Bridge node is a configuration node, specifying the <em>bridge</em> that iOS sees, i.e. the device that is manually being added by the user. All accessories behind a bridge node are then automatically added by iOS.
     </p>
     <ul>
         <li><strong>Pin Code</strong>: Specify the Pin for the pairing process.</li>
@@ -107,8 +112,61 @@ <h3 id="toc_4">Bridge</h3>
         <li><strong>Hardware Revision</strong>: Should be a version number string in the form of <em>MAJOR.MINOR.REVISION</em> e.g. <em>1.2.0</em>. Other types of strings are ignored and won't be displayed.</li>
         <li><strong>Software Revision</strong>: Should be a version number string in the form of <em>MAJOR.MINOR.REVISION</em> e.g. <em>1.2.0</em>. Other types of strings are ignored and won't be displayed.</li>
         <li><strong>Name</strong>: If you intend to simulate a rocket, then why don&#39;t you call it <em>Rocket</em>. Name should be maximum 64 chars long and not contain <pre>.</pre></li>
-        <li><strong>Allow Message Passthrough</strong>: If you allow then message from node input will be send to node output.</li>
-        <li><strong>Custom MDNS Configuration</strong>: Check if you would like to use custom mdns configuration.</li>
+        <li><strong>Allow Message Passthrough</strong>: If you allow then message from node input will be sent to node output.</li>
+        <li><strong>Bind</strong>: Defines the host where the HAP server will be bound to. </li>
+        <ul>
+         <li>
+   Defines the host where the HAP server will be bound to.
+   When undefined the HAP server will bind to all available interfaces
+   (see https://nodejs.org/api/net.html#net_server_listen_port_host_backlog_callback).
+
+   This property accepts a mixture of IPAddresses and network interface names.
+   Depending on the mixture of supplied addresses/names hap-nodejs will bind differently.
+
+   It is advised to not just bind to a specific address, but specifying the interface name
+   in oder to bind on all address records (and ip version) available.
+
+   HAP-NodeJS (or the underlying ciao library) will not report about misspelled interface names,
+   as it could be that the interface is currently just down and will come up later.
+
+   Here are a few examples:
+    - bind: "::"
+        Pretty much identical to not specifying anything, as most systems (with ipv6 support)
+        will default to the unspecified ipv6 address (with dual stack support).
+
+    - bind: "0.0.0.0"
+        Binding TCP socket to the unspecified ipv4 address.
+        The mdns advertisement will exclude any ipv6 address records.
+
+    - bind: ["en0", "lo0"]
+        The mdns advertising will advertise all records of the en0 and loopback interface (if available) and
+        will also react to address changes on those interfaces.
+        In order for the HAP server to accept all those address records (which may contain ipv6 records)
+        it will bind on the unspecified ipv6 address "::" (assuming dual stack is supported).
+
+    - bind: ["en0", "lo0", "0.0.0.0"]
+        Same as above, only that the HAP server will bind on the unspecified ipv4 address "0.0.0.0".
+        The mdns advertisement will not advertise any ipv6 records.
+
+    - bind: "169.254.104.90"
+        This will bind the HAP server to the address 0.0.0.0.
+        The mdns advertisement will only advertise the A record 169.254.104.90.
+        If the given network interface of that address encounters an ip address change (to a different address),
+        the mdns advertisement will result in not advertising an address at all.
+        So it is advised to specify an interface name instead of a specific address.
+        This is identical with ipv6 addresses.
+
+    - bind: ["169.254.104.90", "192.168.1.4"]
+        As the HAP TCP socket can only bind to a single address, when specifying multiple ip addresses
+        the HAP server will bind to the unspecified ip address (0.0.0.0 if only ipv4 addresses are supplied,
+        :: if a mixture or only ipv6 addresses are supplied).
+        The mdns advertisement will only advertise the specified ip addresses.
+        If the given network interface of that address encounters an ip address change (to different addresses),
+        the mdns advertisement will result in not advertising an address at all.
+        So it is advised to specify an interface name instead of a specific address.
+         </li>
+        </ul>
+        <li><strong>Custom MDNS Configuration (DEPRECATED, use Bind)</strong>: Check if you would like to use custom mdns configuration.</li>
         <ul>
             <li><strong>Multicast</strong>: Use udp multicasting. Optional. Default true.</li>
             <li><strong>Multicast Interface IP:</strong>: Explicitly specify a network interface. Optional. Defaults to all.</li>
@@ -137,7 +195,7 @@ <h3 id="toc_4">Bridge</h3>
             },
             pinCode: {
                 required: true,
-                validate: pinCodeRegex,
+                validate: validatePinCode,
             },
             port: {
                 required: false,
@@ -185,37 +243,42 @@ <h3 id="toc_4">Bridge</h3>
                 required: false,
                 validate: versionValidator,
             },
+            bind: {
+                value: undefined,
+                required: false,
+            },
+            bindType: {
+                value: undefined,
+                required: false,
+            },
             customMdnsConfig: {
                 value: false,
                 required: false,
+                validate: (value) => !value
             },
             mdnsMulticast: {
                 value: true,
-                required: false,
+                required: false
             },
             mdnsInterface: {
-                required: false,
+                required: false
             },
             mdnsPort: {
-                required: false,
-                validate: function (value) {
-                    if (value) return RED.validators.port(value)
-                    else return true
-                },
+                required: false
             },
             mdnsIp: {
-                required: false,
+                required: false
             },
             mdnsTtl: {
-                required: false,
+                required: false
             },
             mdnsLoopback: {
                 value: true,
-                required: false,
+                required: false
             },
             mdnsReuseAddr: {
                 value: true,
-                required: false,
+                required: false
             },
             allowMessagePassthrough: {
                 value: true,
@@ -229,9 +292,9 @@ <h3 id="toc_4">Bridge</h3>
             return this.bridgeName ? 'node_label_italic' : ''
         },
         oneditprepare: function () {
-            if (!pinCodeRegex(this.pinCode)) {
+            if (!validatePinCode(this.pinCode)) {
                 this.pinCode = generatePinCode()
-                $("#node-config-input-pinCode").val(this.pinCode)
+                $('#node-config-input-pinCode').val(this.pinCode)
             }
 
             if (typeof this.allowMessagePassthrough == 'undefined') {
@@ -256,6 +319,12 @@ <h3 id="toc_4">Bridge</h3>
                     }
                 })
                 .change()
+
+            $('#node-config-input-bind').typedInput({
+                typeField: '#node-config-input-bindType',
+                default: 'str',
+                types: ['json', 'str']
+            })
         },
     })
 </script>