Merge remote-tracking branch 'upstream/main' into task/RNTL-25108-sync-fork

Author: keijokuusmik

.github/dependabot.yml

@@ -1,12 +1,13 @@
 version: 2
 updates:
-- package-ecosystem: github-actions
-  directory: "/"
-  schedule:
-    interval: daily
-  open-pull-requests-limit: 10
-- package-ecosystem: npm
-  directory: "/"
-  schedule:
-    interval: daily
-  open-pull-requests-limit: 10
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: daily
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: daily
+    open-pull-requests-limit: 10

.github/workflows/ci.yml

@@ -1,4 +1,4 @@
-name: ci
+name: CI
 
 on:
   push:
@@ -10,40 +10,43 @@ on:
       - 'docs/**'
       - '*.md'
 
+permissions:
+  contents: read
+
 jobs:
   dependency-review:
     name: Dependency Review
     if: github.event_name == 'pull_request'
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
     steps:
-        - name: Check out repo
-          uses: actions/checkout@v3
+        - name: Checkout repository
+          uses: actions/checkout@v4
           with:
             persist-credentials: false
 
         - name: Dependency review
-          uses: actions/dependency-review-action@v2
+          uses: actions/dependency-review-action@v4
 
   test:
     runs-on: ${{ matrix.os }}
-    permissions:
-      contents: read
     strategy:
       matrix:
-        node-version: [14, 16, '*']
+        node-version: [16, 18, 20]
         os: [ubuntu-latest, windows-latest, macOS-latest]
+      fail-fast: false
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v4
         with:
           persist-credentials: false
 
       - name: Use Node.js
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
           check-latest: true
+          cache: npm
+          cache-dependency-path: package.json
 
       - name: Install
         run: |
@@ -67,8 +70,6 @@ jobs:
   coverage:
     needs: test
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
     steps:
       - name: Coveralls Finished
         uses: coverallsapp/github-action@master

.github/workflows/sast.yml .github/workflows/codeql.yml.github/workflows/sast.yml renamed to .github/workflows/codeql.yml

@@ -1,4 +1,4 @@
-name: sast
+name: CodeQL
 
 on:
   push:
@@ -11,19 +11,25 @@ jobs:
     name: Analyze
     runs-on: ubuntu-latest
     permissions:
+      actions: read
       contents: read
       security-events: write
     strategy:
       fail-fast: true
       matrix:
-        language: [ 'javascript' ]
+        language: [ 'javascript-typescript' ]
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v4
         with:
           persist-credentials: false
 
-      - uses: github/codeql-action/init@v2
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
 
-      - uses: github/codeql-action/analyze@v2
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{ matrix.language }}"

.github/workflows/labeler.yml

@@ -1,10 +1,15 @@
-name: "Pull Request Labeler"
+name: Pull Request Labeler
+
 on: pull_request_target
 
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   label:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/labeler@main
-      with:
-        repo-token: "${{ secrets.GITHUB_TOKEN }}"
+      - uses: actions/labeler@v5
+        with:
+          repo-token: "${{ secrets.GITHUB_TOKEN }}"

README.md

@@ -1,12 +1,10 @@
-<!-- markdownlint-disable MD013 MD024 -->
+<!-- markdownlint-disable MD013 -->
 # Aedes
 
 ![ci](https://github.com/moscajs/aedes/workflows/ci/badge.svg)
-[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](http://standardjs.com/)
+[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](https://standardjs.com/)
 [![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)](https://github.com/moscajs/aedes/graphs/commit-activity)
 [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](https://github.com/moscajs/aedes/pulls)\
-[![Total alerts](https://img.shields.io/lgtm/alerts/g/moscajs/aedes.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/moscajs/aedes/alerts/)
-[![Language grade: JavaScript](https://img.shields.io/lgtm/grade/javascript/g/moscajs/aedes.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/moscajs/aedes/context:javascript)
 [![Coverage Status](https://coveralls.io/repos/moscajs/aedes/badge.svg?branch=main&service=github)](https://coveralls.io/github/moscajs/aedes?branch=main)
 [![Known Vulnerabilities](https://snyk.io/test/github/moscajs/aedes/badge.svg)](https://snyk.io/test/github/moscajs/aedes)\
 ![node](https://img.shields.io/node/v/aedes)
@@ -281,6 +279,12 @@ Here is a list of some interesting projects that are using Aedes as MQTT Broker.
 Want to contribute? Check our list of
 [features/bugs](https://github.com/moscajs/aedes/projects/1)
 
+## Security notice
+
+Messages sent to the broker are considered _valid_ once they pass the [`authorizePublish`](./docs/Aedes.md#handler-authorizepublish-client-packet-callback) callback.
+In other terms, if permissions for the given client are revoked after the call completes, the message is still considered valid.
+In case you are sending time-sensitive messages, make sure to use QoS 0 or connect with a clean session.
+
 ## Support
 
 If there are bugs/leaks in production scenarios, we encourage people to send Pull Request and/or reach out maintainers for some paid support.

SECURITY.md

@@ -2,4 +2,4 @@
 
 ## Reporting a Vulnerability
 
-Please email daniel.sorridi+aedes@gmail.com; matteo.collina+aedes@gmail.com
+Please report all vulnerabilities to [https://github.com/moscajs/aedes/security](https://github.com/moscajs/aedes/security).

aedes.d.ts

@@ -1,3 +1,9 @@
-/// <reference path="./types/instance.d.ts" />
-/// <reference path="./types/client.d.ts" />
-/// <reference path="./types/packet.d.ts" />
+import Aedes, { AedesOptions } from './types/instance'
+
+export declare function createBroker(options?: AedesOptions): Aedes
+
+export * from './types/instance'
+export * from './types/packet'
+export * from './types/client'
+
+export { default } from './types/instance'

aedes.js

@@ -14,7 +14,7 @@ const Client = require('./lib/client')
 const { $SYS_PREFIX, bulk } = require('./lib/utils')
 const _ = require('lodash')
 
-module.exports = Aedes.Server = Aedes
+module.exports = Aedes.createBroker = Aedes
 
 const defaultOptions = {
   concurrency: 100,
@@ -31,7 +31,8 @@ const defaultOptions = {
   sharedTopicsEnabled: false,
   trustedProxies: [],
   queueLimit: 42,
-  maxClientsIdLength: 23
+  maxClientsIdLength: 23,
+  keepaliveLimit: 0
 }
 
 function Aedes (opts) {
@@ -49,6 +50,7 @@ function Aedes (opts) {
   this.counter = 0
   this.queueLimit = opts.queueLimit
   this.connectTimeout = opts.connectTimeout
+  this.keepaliveLimit = opts.keepaliveLimit
   this.maxClientsIdLength = opts.maxClientsIdLength
   this.mq = opts.mq || mqemitter({
     concurrency: opts.concurrency,
@@ -171,7 +173,13 @@ function Aedes (opts) {
     const clientId = packet.payload.toString()
 
     if (that.clients[clientId] && serverId !== that.id) {
-      that.clients[clientId].close(done)
+      if (that.clients[clientId].closed) {
+        // remove the client from the list if it is already closed
+        that.deleteClient(clientId)
+        done()
+      } else {
+        that.clients[clientId].close(done)
+      }
     } else {
       done()
     }
@@ -347,15 +355,19 @@ Aedes.prototype._finishRegisterClient = function (client) {
 }
 
 Aedes.prototype.unregisterClient = function (client) {
-  this.connectedClients--
-  delete this.clients[client.id]
+  this.deleteClient(client.id)
   this.emit('clientDisconnect', client)
   this.publish({
     topic: $SYS_PREFIX + this.id + '/disconnect/clients',
     payload: Buffer.from(client.id, 'utf8')
   }, noop)
 }
 
+Aedes.prototype.deleteClient = function (clientId) {
+  this.connectedClients--
+  delete this.clients[clientId]
+}
+
 function closeClient (client, cb) {
   this.clients[client].close(cb)
 }

docs/Aedes.md

@@ -42,6 +42,7 @@
   - `heartbeatInterval` `<number>` an interval in millisconds at which server beats its health signal in `$SYS/<aedes.id>/heartbeat` topic. __Default__: `60000`
   - `id` `<string>` aedes broker unique identifier. __Default__: `uuidv4()`
   - `connectTimeout` `<number>` maximum waiting time in milliseconds waiting for a [`CONNECT`][CONNECT] packet. __Default__: `30000`
+  - `keepaliveLimit` `<number>` maximum client keep alive time allowed, 0 means no limit. __Default__: `0`
 - Returns `<Aedes>`
 
 Create a new Aedes server.

docs/Examples.md

@@ -13,6 +13,22 @@ server.listen(port, function () {
 })
 ```
 
+## Typescript
+
+```ts
+import Aedes from 'aedes'
+import { createServer } from 'net'
+
+const port = 1883
+
+const aedes = new Aedes()
+const server = createServer(aedes.handle)
+
+server.listen(port, function () {
+  console.log('server started and listening on port ', port)
+})
+```
+
 ## Simple plain MQTT server using server-factory
 
 ```js