Add scope/namespace to nodes/plugins during registration

disclaimer: since my english is poor, I asked chatgpt to rewrite my proposal. The arguments are the same.

Currently, a limitation exists within the Node-RED ecosystem where installing multiple packages that define nodes with identical type strings results in only one of the nodes being registered and recognized by the runtime. This creates a significant challenge, especially when different packages inadvertently define nodes using the same type, such as credentials.

When package authors control both conflicting packages, resolving such conflicts is relatively straightforward—they can manually namespace or prefix node types to prevent collisions. For example, in a scenario where two packages are installed—one for AWS integration and another for Salesforce—both may define a config node of type credentials. In this case, the developers can rename the types to aws-credentials and salesforce-credentials, respectively, thus avoiding conflicts during registration.

However, this solution becomes problematic for package consumers. Consumers who do not own or maintain the packages would need to clone or fork the source code, identify all occurrences of the node types, and manually update them across potentially many files. This process is error-prone, non-trivial, and unsuitable for users without programming experience. Furthermore, any update to the original packages would require repeating this cumbersome process, risking further breakage or incompatibility.

To address this issue in a more user-friendly and robust manner, a potential solution would involve enhancing the Node-RED runtime and editor SDKs to automatically namespace node types during registration. This could be achieved by prefixing node types with a deterministic hash derived from each package's package-lock.json. By doing so, collisions would be inherently avoided without requiring manual intervention, ensuring that multiple packages can coexist even if they define nodes with the same original type names. This approach maintains compatibility while improving the experience for both developers and end users.

Maybe using the package name as a prefix would be better because the lock file can change over time.

True, but it would require renaming at the registerType level because there's no need in each node definition containing the package name as prefix.

This way, developers and users don't have to do anything. The flow will contain nodes with the prefixed type.

The format should be <package-name>/<node-type>. e.g. node-red/inject.

Extreme maybe, but I think that could still result in a clash since there is now no requirement for package names not to be equal as long as they are npm namespaced.

@fred/some-package
@jim/some-package

Is this really an issue that requires complex changes to Node-RED to "fix"? How many times has this happened in the past? I can think only of a handful in more than a decade.

The package name contains the scope if present.

This can happen if the user searches for a node and installs multiple nodes. Perhaps another solution would be a major cleanup of the catalog. Sure, it would help, but it doesn't solve the problem.

I'm just thinking that there may be far more important things to be developing in Node-RED than something that doesn't come up that often?

Certainly, but the problem is real and will have to be addressed one day.

For now, still waiting for 4.1 and its magic features