Node-RED 0.20.0-beta.2 released

Given the scale of some of the changes to the internals of Node-RED in 0.20, we've decided to approach the 0.20 release slightly differently to previous releases.

Today we've published the first beta release of 0.20. (Okay, technically, the second beta, but the first we're telling y'all about).

If you aren't comfortable with backing up your existing Node-RED install, upgrading and rolling back when it all goes wrong, then this beta release is not for you. Please hold off for the final 0.20 release.

If you are comfortable with all of that, then please do try it out. It would be great to flush out any of the edge cases that you are all so adept at hitting before the final 0.20 release.

As we mentioned in the 0.19 release blog post, the 0.20 release no longer supports Node 4. You must be using Node 6 or later.

As a beta, we're not doing a full release blog post, and haven't done all of the documentation updates yet. However, the CHANGELOG has a full list of changes in this release.

The main change in this release is the internals of Node-RED have been split into multiple npm modules. This will make it easier to reuse components of Node-RED and create more customised applications. But from an end-user perspective, that's all hidden detail.

Some of the more visible highlights include (in no particular order):

Editor

• new flow tabs can be added by double clicking on the tab bar. The tab will get inserted where you click - such as in between two existing flows
• Cmd (or Ctrl) - Clicking on a tab selects it. You can select multiple tabs. Once selected, pressing delete will delete the tabs. Opening the export to clipboard dialog (from the menu, or Cmd/Ctrl-E) will let you export the selected tabs.
• The edit dialog for nodes has been reworked as a set of tabs rather than collapsible sections.
• One of these tabs is a description field so you can add markdown-formatted help to any node.
• Any of the markdown edit fields now have a markdown formatting toolbar and can open into a full-screen editor with markdown preview.
• 0.19 allowed you to change a node's icon. You can now also pick from the Font-Awesome v4 range of icons for the node. (excluding any brand-specific icons)
• From the node appearance tab you can hide a node's label - just like the Link node does. (and you can chose to show the Link node's label).
• There are tooltips on lots of the buttons and controls in the UI. Any that have a keyboard shortcut associated with it will also show the shortcut.
• You can delete individual context entries in the Context Sidebar
• You can select Config nodes in the Config node sidebar, Ctrl-Click to select multiple. Pressing delete will delete the selected config nodes - easier than dbl clicking to open the dialog for each one.
• When you kick off either a git push/pull in the Projects sidebar, or an install/remove of a node from the Manage Palette dialog, you'll see a button to 'view log'. This will open the new Event Log (also accessible from the menu, View->Event Log). This lets you see more log output from the underlying git/npm commands those actions run.
• The Import from Clipboard dialog lets you upload a file rather than paste from the clipboard. It also does a better job of highlighting errors if you provide invalid JSON.
• The Export to Clipboard dialog lets you download the flow as a file, rather than copy to clipboard.
• A new 'Restart Flows' option has been added to the deploy menu - this causes the runtime to reload its active flows from storage and restart them.
• The Manage Palette dialog will refuse to install a module if it provides a node type that is already installed.

Runtime

• Add --safe mode flag to allow starting without flows running
• Add setting-defined accessToken for automated access to the adminAPI
• Allow a project to be loaded from cmdline - specifying the project name where you would provide the flow file name will load that project.

There are also lots of updates to various nodes - the CHANGELOG has the full list.

Installing the beta

If you want to try out the beta, you will need specify node-red@next when you use npm to update. Without the @next you'll still get 0.19.5.

So on a Pi you'd do:

sudo npm install -g --unsafe-perm node-red@next

Reporting problems

If you hit any problems, please report them either as a reply on this topic, or in the #dev slack channel. Please do not post new topics to the forum regarding the beta as that could confuse users who are not using the beta.

Outstanding work

There are a small number of open issues and PRs we still have targeted for 0.20. The plan is to get them resolved over the next few weeks so we can get 0.20-final published in early January.

One of the larger pieces of work is the documentation for all the internal modules. A key feature of 0.20 will be a formal runtime API - something we've never properly published. We've started on the documentation for that and you can see a snapshot of the auto-generated docs here.
You'll see there's lots of work still to do on that front. But the fact we can now auto-generate that documentation from the code is a big step forward.

I didn't even know I wanted this until now... it will go a long way for some of the flows I've developed at work and handed off to other maintainers!

If you ever find yourself in Flint, I owe you a beer for this (made with safe water, I promise.)

Note: I upgraded an existing 0.19.5 PiZero install

Can't get this to work (Win10 - Chrome or Vivaldi browser)
Holding ctrl and clicking on a tab doesn't appear to do anything and then pressing delete key does not delete the tab

Very nice feature - works OK for me

Very nice for those of of who use an empty function node as a wire joiner

Might be a need to increase size of no label option/link node a little bit to enclose some of the new icons?

Be nice to have a "restart flows in this tab only" option as well

Great work, thank you so much!

I am still(?) seeing crytpo deprecation warnings, is that expected?

(node:25318) [DEP0091] DeprecationWarning: crypto.DEFAULT_ENCODING is deprecated.
(node:25318) [DEP0010] DeprecationWarning: crypto.createCredentials is deprecated. Use tls.createSecureContext instead.
(node:25318) [DEP0011] DeprecationWarning: crypto.Credentials is deprecated. Use tls.SecureContext instead.

Takes deep breath and installs into 64bit Windows 10 dev environment:

C:\src\nr
λ  node --version
v8.12.0
C:\src\nr
λ  npm --version
6.4.1
C:\src\nr
λ  npm install --unsafe-perm node-red@next
npm WARN deprecated mimelib@0.3.1: This project is unmaintained
npm WARN node-red-master@0.19.5 No repository field.

+ node-red@0.20.0-beta.2
added 26 packages from 13 contributors, removed 17 packages, updated 16 packages and audited 1419 packages in 19.959s
found 6 vulnerabilities (1 low, 5 moderate)
  run `npm audit fix` to fix them, or `npm audit` for details
C:\src\nr
λ  npm audit

                       === npm audit security report ===
                                 Manual Review
             Some vulnerabilities require your attention to resolve
          Visit https://go.npm.me/audit-guide for additional guidance

  Moderate        Prototype pollution
  Package         hoek
  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3
  Dependency of   node-red-admin
  Path            node-red-admin > request > hawk > boom > hoek
  More info       https://nodesecurity.io/advisories/566

  Moderate        Prototype pollution
  Package         hoek
  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3
  Dependency of   node-red-admin
  Path            node-red-admin > request > hawk > cryptiles > boom > hoek
  More info       https://nodesecurity.io/advisories/566

  Moderate        Prototype pollution
  Package         hoek
  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3
  Dependency of   node-red-admin
  Path            node-red-admin > request > hawk > hoek
  More info       https://nodesecurity.io/advisories/566

  Moderate        Prototype pollution
  Package         hoek
  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3
  Dependency of   node-red-admin
  Path            node-red-admin > request > hawk > sntp > hoek
  More info       https://nodesecurity.io/advisories/566

  Moderate        Memory Exposure
  Package         tunnel-agent
  Patched in      >=0.6.0
  Dependency of   node-red-admin
  Path            node-red-admin > request > tunnel-agent
  More info       https://nodesecurity.io/advisories/598

  Low             Prototype Pollution
  Package         deep-extend
  Patched in      >=0.5.1
  Dependency of   node-red
  Path            node-red > bcrypt > node-pre-gyp > rc > deep-extend
  More info       https://nodesecurity.io/advisories/612

found 6 vulnerabilities (1 low, 5 moderate) in 1419 scanned packages
  6 vulnerabilities require manual review. See the full report for details.
C:\src\nr
λ

Install was really quick. OK, so it's an i7 with 16GB of RAM and a fast SSD but even so.

Still a few packages with vulnerabilities though. Be nice to get rid of those if possible. Thankfully nothing major though & probably impossible to be completely free of issues given the rate of change of some of these packages.

C:\src\nr
λ  npm start

> node-red-master@0.19.5 start C:\src\nr
> node node_modules/node-red/red.js --userDir ./data

8 Dec 11:20:33 - [info]

Welcome to Node-RED
===================

8 Dec 11:20:33 - [info] Node-RED version: v0.20.0-beta.2
8 Dec 11:20:33 - [info] Node.js  version: v8.12.0
8 Dec 11:20:33 - [info] Windows_NT 10.0.17134 x64 LE
8 Dec 11:20:34 - [info] Loading palette nodes
8 Dec 11:20:36 - [info] Dashboard version 2.11.0 started at /ui
8 Dec 11:20:38 - [info] Settings file  : C:\src\nr\data\settings.js
8 Dec 11:20:38 - [info] HTTP Static    : C:\src\nr\public
8 Dec 11:20:38 - [info] Context store  : 'default' [module=localfilesystem]
8 Dec 11:20:38 - [info] Context store  : 'memory' [module=memory]
8 Dec 11:20:38 - [info] Context store  : 'file' [module=localfilesystem]
8 Dec 11:20:38 - [info] User directory : C:\src\nr\data
8 Dec 11:20:38 - [warn] Projects disabled : editorTheme.projects.enabled=false
8 Dec 11:20:38 - [info] Flows file     : C:\src\nr\data\flows_DESKTOP-M1M6R28.json
8 Dec 11:20:38 - [info] Server now running at http://127.0.0.1:1880/red/
8 Dec 11:20:38 - [info] Starting flows
8 Dec 11:20:38 - [info] UI Builder - Version 1.0.8 started at /uibuilder
8 Dec 11:20:38 - [info] UI Builder - Local file overrides at C:\src\nr\data\uibuilder\uibuilder
8 Dec 11:20:38 - [info] UI Builder - Version 1.0.8 started at /moon
8 Dec 11:20:38 - [info] UI Builder - Local file overrides at C:\src\nr\data\uibuilder\moon
8 Dec 11:20:38 - [info] UI Builder - Version 1.0.8 started at /cachetest
8 Dec 11:20:38 - [info] UI Builder - Local file overrides at C:\src\nr\data\uibuilder\cachetest
8 Dec 11:20:38 - [info] Started flows
8 Dec 11:20:38 - [info] [sqlitedb:7b0d8d85.503434] opened mydb2 ok

OK, that's hopeful.

I wasnt aware you were seeing these before, so hard to say. Not sure where they are coming from... could be a node you have installed.

Oops, first issue and this is a weird one:

image.png1626×1464 332 KB

Note the repeating set of headings and lists! Not what I wrote in the comment

Double checked with v0.19.5 and the same node is fine.

To be clear - that is 2 repeats of the body.

I am not sure whether I was seeing the crypto warnings before, will investigate

Also, the comment node doesn't show the formatting toolbar.

@TotallyInformation - most of those warnings are for node-red-admin package which are not part of core - so for the purposes of keeping this thread on topic we will ignore those for now...

Of course, not a problem.

Favourite things:

• Descriptions
• Label hiding
• Pallet Hiding
• So many good updates - this has to be the best one yet

Some other thoughts - you probably already have them covered, but just in case:

• The context variable sidebar could really do with tooltips for the action icons, the icons are very small and grey so very hard to read their meaning. Especially now that delete is included.
• Import from file is not very obvious to find. Hidden as it is behind Import > Clipboard.
• Allow config nodes to be selected in sidebar and deleted - Urg! Scary - thankfully ctrl-z undoes it. I can see some people getting panicked by that.
• As settings.js is gradually changing over time, I suspect that it would be really helpful to non-programmers to have a more obvious way of knowing that there were new items available.

Things that I can't work out yet:

• Add event log to editor - I assume this means the npm output when installing a new node?

I've run out of time for now and I'm only a fraction of the way through the changelog! Great work as always and many thanks for continuing to make Node-RED a fantastic tool.

Event log - yes - is for more info when you use palette manager to install a node.
(and yes have noted node-red-admin updates)

Small formatting issue. Link out node.

Rather a lot of white-space on the left.

Link in node as well but not as bad:

I really like the new shortcodes to swap sidebar tabs

But why noe for the dashboard? why not use 'b' since 'd' is already taken?

BUG: "TypeError: Cannot set property 'topic' of undefined"
NR: v0.20.0-beta.2
node.js: v8.12.0
Dashboard: v2.12.1
platform: RPI 3 with stretch

Don't know if this if dashboard or the beta, but this is a simple flow of an inject and a dashboard button.The inject sets msg.topic and the Label property of the button node is {{topic}}. This works in v0.19.5 with dashboard v2.10.1

[{"id":"89210bf0.655198","type":"inject","z":"6b216599.303b94","name":"","topic":"Does it work?","payload":"","payloadType":"date","repeat":"","crontab":"","once":false,"onceDelay":0.1,"x":280,"y":180,"wires":[["8f9ba2e.27651e"]]},{"id":"8f9ba2e.27651e","type":"ui_button","z":"6b216599.303b94","name":"","group":"79c52fd.f4c9bd","order":1,"width":0,"height":0,"passthru":false,"label":"{{topic}}","color":"","bgcolor":"","icon":"","payload":"","payloadType":"str","topic":"","x":540,"y":180,"wires":[[]]},{"id":"79c52fd.f4c9bd","type":"ui_group","name":"Group 1","tab":"782b192.dbe65e8","order":1,"disp":true,"width":6},{"id":"782b192.dbe65e8","type":"ui_tab","name":"Tab 3","icon":"dashboard","order":1}]

{{msg.topic}} works ok... will investigate

This was what was reported under the new Dashboard release a few days ago.

??? sorry - missed that ? got a link ?