Migrate to Node.js 16
On 30 Apr 2022, Node.js v12 went out of long-term support (LTS), which means that the Node.js development team no longer back-ports critical security fixes to this version. This could potentially expose your extensibility code to security vulnerabilities. Therefore, Auth0 is migrating from Node 12 to Node 16.
Recommendations
Although the Node 16 update will not introduce any breaking changes in the Node.js standard library (Rules and Custom Database Action Scripts are affected; see the Breaking changes - Rules and Custom Database Action Scripts only section), we encourage customers on Node version 12 to stay current with Active Long-Term Support (LTS) Node versions for security and compliance purposes. Customers who are still on Node 8 are out of security compliance and must migrate to Node 16 to eliminate security risks. We removed the Node 8 runtime on 22 Feb 2022 for Public Cloud tenants and removed it in the April 2022 Private Cloud release. After these dates, tenants still set to Node 8 run the risk of a service interruption.
In addition, going forward we will support every LTS Node.js version through Auth0 Actions only. Customers using Rules and Hooks are highly encouraged to migrate to Actions using Node 16 as soon as possible.
Actions is designed to support multiple versions of node concurrently, and currently supports both Node 12 and Node 16. In addition, no-code Actions Integrations will follow industry-standard "always current" version control with minor versions updated automatically; the underlying code will always remain current and to the latest version of Node.js.
Customers Using | Should | Task |
---|---|---|
Actions Node 12 | Update any existing custom Action versions to a new version, which will update to Node 16. | Update all custom Action versions as soon as possible. |
Legacy Node 12 (Rules/Hooks/Extensions) | Begin migrating to Actions Node 16. | Migrate to Actions Node 16 as soon as possible. |
Legacy Node 8 | Immediately migrate to Actions wherever possible. For Rules and Hooks that cannot immediately be migrated to Actions, you must, at a minimum, update your code to Node 12 and update tenant settings to Node 12. | Migrate to Actions Node 16 immediately. |
Tasks
Upgrade Actions
Existing Actions built on Node 12 can be upgraded to Node 16 and later reverted to a previous version on Node 12 if needed. Upgrade Actions to Node 16 by creating and deploying a new version set to use Node 16 as the runtime.
Migrate Rules and Hooks to Actions
Wherever possible, migrate Rules and Hooks to Actions. To determine which Rules and Hooks can be migrated, read Actions Limitations. To learn how to migrate your Rules and Hooks to Actions, see our guides available at Migrate to Actions.
Enable Node 16 runtime
If you use any legacy extensibility products, like Rules, Hooks, or Extensions, then you must enable the Node 16 runtime at the tenant level. We recommend that you first switch your development tenant to Node 16 runtime, test your configuration, then switch your production tenant.
Enable Node 16 on your development tenant using the Extensibility panel on the Advanced Tenant Settings page of the Dashboard. Choose Node 16 from the Runtime drop-down.
Click Save.
Check that you either do not have the items listed below, or have completed the migration steps for each.
Test your configuration.When you finish testing, repeat steps 1 and 2 above using your production tenant to enable Node 16 in production.
Breaking changes - Rules and Custom Database Action Scripts only
Rules run in a JavaScript sandbox. The sandbox supports the ECMAScript 6 language and a large number of Node.js (version 16+) modules. If you are using any of these global properties within Rules or Custom Database Action Scripts, look for an alternative in our list of supported sandbox modules and explicitly require it.
_
async
Auth0
azure_storage
bcrypt
crypto
couchbase
cql
ip
jwt
Knex
mongo
mysql
mysql_pool
ObjectID
pbkdf2
pg
postgres
Pubnub
q
querystring
request
sqlserver
uuid
xml2js
xmldom
xpath
xtend