Changelog History
Page 13
-
v1.5.2.1 Changes
September 26, 2017⚡️ Updating to Meteor 1.5.2.1 will automatically patch a security vulnerability in the
allow-deny
package, since[email protected]_1
requires[email protected]
or later. If for any reason you are not ready or able to update to Meteor 1.5.2.1 by runningmeteor update
, please at least runmeteor update allow-deny
instead. More details about the security vulnerability can be found on the Meteor forums.
The command-line
meteor
tool no longer invokesnode
with the--expose-gc
flag. Although this flag allowed the build process to be more aggressive about collecting garbage, it was also a source of problems in Meteor 1.5.2 and Node 4.8.4, from increased segmentation faults during (the more frequent) garbage collections to occasional slowness in rebuilding local packages. The flag is likely to return in Meteor 1.6, where it has not exhibited any of the same problems.👷 Meteor now supports
.meteorignore
files, which cause the build system to ignore certain files and directories using the same pattern syntax as.gitignore
files. These files may appear in any directory of your app or package, specifying rules for the directory tree below them. Of course,.meteorignore
files are also fully integrated with Meteor's file watching system, so they can be added, removed, or modified during development. Feature request #5🗄 DDP's
connection.onReconnect = func
feature has been deprecated. This functionality was previously supported as a way to set a function to be called as the first step of reconnecting. This approach has proven to be inflexible as only one function can be defined to be called when reconnecting. Meteor's accounts system was already setting anonReconnect
callback to be used internally, which means anyone setting their ownonReconnect
callback was inadvertently overwriting code used internally. Moving forward theDDP.onReconnect(callback)
method should be used to register callbacks to call when a connection reconnects. The connection that is reconnecting is passed as the only argument tocallback
. This is used by the accounts system to re-login on reconnects without interfering with other code that usesconnection.onReconnect
. Issue #5665 PR #9092👍
reactive-dict
now supportsdestroy
.destroy
will clear theReactiveDict
s data and unregister theReactiveDict
from data migration. i.e. When aReactiveDict
is instantiated with a name on the client and thereload
package is present in the project. Feature Request #76 PR #9063⚡️ The
webapp
package has been updated to support UNIX domain sockets. If aUNIX_SOCKET_PATH
environment variable is set with a valid UNIX socket file path (e.g.UNIX_SOCKET_PATH=/tmp/socktest.sock
), Meteor's HTTP server will use that socket file for inter-process communication, instead of TCP. This can be useful in cases like using Nginx to proxy requests back to an internal Meteor application. Leveraging UNIX domain sockets for inter-process communication reduces the sometimes unnecessary overhead required by TCP based communication. Issue #7392 PR #8702📦 The
fastclick
package (previously included by default in Cordova applications through themobile-experience
package) has been deprecated. This package is no longer maintained and has years of outstanding unresolved issues, some of which are impacting Meteor users. Most modern mobile web browsers have removed the 300ms tap delay thatfastclick
worked around, as long as the following<head />
meta
element is set (which is generally considered a mobile best practice regardless, and which the Meteor boilerplate generator already sets by default for Cordova apps):<meta name="viewport" content="width=device-width">
If anyone is still interested in usingfastclick
with their application, it can be installed from npm directly (meteor npm install --save fastclick
). Reference: Mobile Chrome Mobile Safari PR #9039Minimongo cursors are now JavaScript iterable objects and can now be iterated over using
for...of
loops, spread operator,yield*
, and destructuring assignments. PR #8888
-
v1.5.1 Changes
July 12, 2017⬆️ Node has been upgraded to version 4.8.4.
📦 A new core Meteor package called
server-render
provides generic support for server-side rendering of HTML, as described in the package'sREADME.md
. PR #8841To reduce the total number of file descriptors held open by the Meteor build system, native file watchers will now be started only for files that have changed at least once. This new policy means you may have to wait up to 5000ms for changes to be detected when you first edit a file, but thereafter changes will be detected instantaneously. In return for that small initial waiting time, the number of open file descriptors will now be bounded roughly by the number of files you are actively editing, rather than the number of files involved in the build (often thousands), which should help with issues like #8648. If you need to disable the new behavior for any reason, simply set the
METEOR_WATCH_PRIORITIZE_CHANGED
environment variable to"false"
, as explained in PR #8866.All
observe
andobserveChanges
callbacks are now bound usingMeteor.bindEnvironment
. The sameEnvironmentVariable
s that were present whenobserve
orobserveChanges
was called are now available inside the callbacks. PR #8734A subscription's
onReady
is now fired again during a re-subscription, even if the subscription has the same arguments. Previously, when subscribing to a publication theonReady
would have only been called if the arguments were different, creating a confusing difference in functionality. This may be breaking behavior if an app uses the firing ofonReady
as an assumption that the data was just received from the server. If such functionality is still necessary, consider usingobserve
orobserveChanges
PR #8754 Issue #1173📦 The
minimongo
andmongo
packages are now compliant with the upsert behavior of MongoDB 2.6 and higher. As a result support for MongoDB 2.4 has been dropped. This mainly changes the effect of the selector on newly inserted documents. PR #8815👍
reactive-dict
now supports setting initial data when defining a namedReactiveDict
. No longer run migration logic when used on the server, this is to prevent duplicate name error on reloads. Initial data is now properly serialized.0️⃣
accounts-password
now usesexample.com
as a default "from" address instead ofmeteor.com
. This change could break account-related e-mail notifications (forgot password, activation, etc.) for applications which do not properly configure a "from" domain since e-mail providers will often reject mail sent fromexample.com
. Ensure thatAccounts.emailTemplates.from
is set to a proper domain in all applications. PR #8760⚡️ The
accounts-facebook
andfacebook-oauth
packages have been updated to use the v2.9 of the Facebook Graph API for the Login Dialog since the v2.2 version will be deprecated by Facebook in July. There shouldn't be a problem regardless since Facebook simply rolls over to the next active version (v2.3, in this case) however this should assist in avoiding deprecation warnings and should enable any new functionality which has become available. PR #8858Add
DDP._CurrentPublicationInvocation
andDDP._CurrentMethodInvocation
.DDP._CurrentInvocation
remains for backwards-compatibility. This change allows method calls from publications to inherit theconnection
from the the publication which called the method. PR #8629
Note: If you're calling methods from publications that are using
this.connection
to see if the method was called from server code or not. These checks will now be more restrictive becausethis.connection
will now be available when a method is called from a publication.🛠 Fix issue with publications temporarily having
DDP._CurrentInvocation
set on re-run after a user logged in. This is now provided throughDDP._CurrentPublicationInvocation
at all times inside a publication, as described above. PR #8031 PR #8629Meteor.userId()
andMeteor.user()
can now be used in both method calls and publications. PR #8629this.onStop
callbacks in publications are now run with the publication's context and with itsEnvironmentVariable
s bound. PR #8629📦 The
minifier-js
package will now replaceprocess.env.NODE_ENV
with its string value (or"development"
if unspecified).⬆️ The
meteor-babel
npm package has been upgraded to version 0.22.0.⬆️ The
reify
npm package has been upgraded to version 0.11.24.⬆️ The
uglify-js
npm package has been upgraded to version 3.0.18.🏗 Illegal characters in paths written in build output directories will now be replaced with
_
s rather than removed, so that file and directory names consisting of only illegal characters do not become empty strings. PR #8765.➕ Additional "extra" packages (packages that aren't saved in
.meteor/packages
) can be included temporarily using the--extra-packages
option. For example:meteor run --extra-packages bundle-visualizer
. Bothmeteor test
andmeteor test-packages
also support the--extra-packages
option and commas separate multiple package names. PR #8769
Note: Packages specified using the
--extra-packages
option override version constraints from.meteor/packages
.⚡️ The
coffeescript
package has been updated to use CoffeeScript version 1.12.6. PR #8777It's now possible to pipe a series of statements to
meteor shell
, whereas previously the input had to be an expression; for example:> echo 'import pkg from "babel-runtime/package.json"; quote> pkg.version' | pipe> meteor shell "6.23.0"
Any
Error
thrown by a DDP method with theerror.isClientSafe
property set totrue
will now be serialized and displayed to the client, whereas previously onlyMeteor.Error
objects were considered client-safe. PR #8756
-
v1.5 Changes
May 30, 2017📦 The
meteor-base
package implies a newdynamic-import
package, which provides runtime support for the proposed ECMAScript dynamicimport(...)
syntax, enabling asynchronous module fetching or "code splitting." If your app does not use themeteor-base
package, you can use the package by simply runningmeteor add dynamic-import
. See this blog post and PR #8327 for more information about how dynamicimport(...)
works in Meteor, and how to use it in your applications.📦 The
ecmascript-runtime
package, which provides polyfills for various new ECMAScript runtime APIs and language features, has been split intoecmascript-runtime-client
andecmascript-runtime-server
, to reflect the different needs of browsers versus Node 4. The client runtime now relies on thecore-js
library found in thenode_modules
directory of the application, rather than a private duplicate installed viaNpm.depends
. This is unlikely to be a disruptive change for most developers, since thebabel-runtime
npm package is expected to be installed, andcore-js
is a dependency ofbabel-runtime
, sonode_modules/core-js
should already be present. If that's not the case, just runmeteor npm install --save core-js
to install it.⬆️ The
npm
npm package has been upgraded to version 4.6.1.⬆️ The
meteor-babel
npm package has been upgraded to version 0.21.4, enabling the latest Reify compiler and the transform-class-properties plugin, among other improvements.⬆️ The
reify
npm package has been upgraded to version 0.11.21, fixing issue #8595 and improving compilation and runtime performance.
Note: With this version of Reify,
import
declarations are compiled tomodule.watch(require(id), ...)
instead ofmodule.importSync(id, ...)
or the oldermodule.import(id, ...)
. The behavior of the compiled code should be the same as before, but the details seemed different enough to warrant a note.⬆️ The
install
npm package has been upgraded to version 0.10.1.⬆️ The
meteor-promise
npm package has been upgraded to version 0.8.4.⬆️ The
uglify-js
npm package has been upgraded to version 3.0.13, fixing #8704.📦 If you're using the
standard-minifier-js
Meteor package, as most Meteor developers do, it will now produce a detailed analysis of package and module sizes within your production.js
bundle whenever you runmeteor build
ormeteor run --production
. These data are served by the application web server at the same URL as the minified.js
bundle, except with a.stats.json
file extension instead of.js
. If you're using a different minifier plugin, and would like to support similar functionality, refer to these commits for inspiration.To visualize the bundle size data produced by
standard-minifier-js
, runmeteor add bundle-visualizer
and then start your development server in production mode withmeteor run --production
. Be sure to remove thebundle-visualizer
package before actually deploying your app, or the visualization will be displayed to your users.If you've been developing an app with multiple versions of Meteor, or testing with beta versions, and you haven't recently run
meteor reset
, your.meteor/local/bundler-cache
directory may have become quite large. This is just a friendly reminder that this directory is perfectly safe to delete, and Meteor will repopulate it with only the most recent cached bundles.Apps created with
meteor create --bare
now use thestatic-html
package for processing.html
files instead ofblaze-html-templates
, to avoid large unnecessary dependencies like thejquery
package.🔌 Babel plugins now receive file paths without leading
/
characters, which should prevent confusion about whether the path should be treated as absolute. PR #8610It is now possible to override the Cordova iOS and/or Android compatibility version by setting the
METEOR_CORDOVA_COMPAT_VERSION_IOS
and/orMETEOR_CORDOVA_COMPAT_VERSION_ANDROID
environment variables. PR #8581Modules in
node_modules
directories will no longer automatically have access to theBuffer
polyfill on the client, since that polyfill contributed more than 22KB of minified JavaScript to the client bundle, and was rarely used. If you really need the Buffer API on the client, you should now obtain it explicitly withrequire("buffer").Buffer
. Issue #8645.📦 Packages in
node_modules
directories are now considered non-portable (and thus may be automatically rebuilt for the current architecture), if theirpackage.json
files contain any of the following install hooks:install
,preinstall
, orpostinstall
. Previously, a package was considered non-portable only if it contained any.node
binary modules. Issue #8225
-
v1.4.4 Changes
April 07, 2017⬆️ Node has been upgraded to version 4.8.1.
⬆️ The
npm
npm package has been upgraded to version 4.4.4. It should be noted that this version reduces extra noise previously included in some npm errors.⬆️ The
node-gyp
npm package has been upgraded to 3.6.0 which adds support for VS2017 on Windows.⚡️ The
node-pre-gyp
npm package has been updated to 0.6.34.Thanks to the outstanding efforts of @sethmurphy18, the
minifier-js
package now uses Babili instead of UglifyJS, resolving numerous long-standing bugs due to UglifyJS's poor support for ES2015+ syntax. Issue #8378 PR #8397⬆️ The
meteor-babel
npm package has been upgraded to version 0.19.1, andreify
has been upgraded to version 0.6.6, fixing several subtle bugs introduced by Meteor 1.4.3 (see below), including issue #8461.🔌 The Reify module compiler is now a Babel plugin, making it possible for other custom Babel plugins configured in
.babelrc
orpackage.json
files to run before Reify, fixing bugs that resulted from running Reify before other plugins in Meteor 1.4.3. Issue #8399 Issue #8422meteor-babel
issue #13👍 Two new
export ... from ...
syntax extensions are now supported:export * as namespace from "./module" export def from "./module"
Read the ECMA262 proposals here:
When
Meteor.call
is used on the server to invoke a method that returns aPromise
object, the result will no longer be thePromise
object, but the resolved value of thePromise
. Issue #8367
Note: if you actually want a
Promise
when callingMeteor.call
orMeteor.apply
on the server, useMeteor.callAsync
and/orMeteor.applyAsync
instead. Issue #8367, https://github.com/meteor/meteor/commit/0cbd25111d1249a61ca7adce23fad5215408c821⚡️ The
mailcomposer
andsmtp-connection
npms have been updated to resolve an issue with the encoding of long header lines. Issue #8425 PR #8495👍
Accounts.config
now supports anambiguousErrorMessages
option which enabled generalization of messages produced by theaccounts-*
packages. PR #8520🛠 A bug which caused account enrollment tokens to be deleted too soon was fixed. Issue #8218 PR #8474
🚀 On Windows, bundles built during
meteor build
ormeteor deploy
will maintain the executable bit for commands installed in thenode_modules\.bin
directory. PR #8503⬆️ On Windows, the upgrades to Node.js,
npm
andmongodb
are now in-sync with other archs again after being mistakenly overlooked in 1.4.3.2. An admin script enhancement has been applied to prevent this from happening again. PR #8505
-
v1.4.4.6 Changes
April 02, 2018⬆️ Node has been upgraded to version 4.9.0, an important security release. The Node v4.x release line will exit the Node.js Foundation's long-term support (LTS) status on April 30,
- We strongly advise updating to a version of Meteor using a newer version of Node which is still under LTS status, such as Meteor 1.6.x which uses Node 8.x.
⬆️ The
npm
package has been upgraded to version 4.6.1.
-
v1.4.4.5 Changes
December 08, 2017- ⬆️ Node has been upgraded to version 4.8.7, an important security release.
-
v1.4.4.4 Changes
September 26, 2017- ⚡️ Updating to Meteor 1.4.4.4 will automatically patch a security
vulnerability in the
allow-deny
package, since[email protected]_4
requires[email protected]
or later. If for any reason you are not ready or able to update to Meteor 1.4.4.4 by runningmeteor update
, please at least runsh meteor update allow-deny
instead. More details about the security vulnerability can be found on the Meteor forums.
- ⚡️ Updating to Meteor 1.4.4.4 will automatically patch a security
vulnerability in the
-
v1.4.4.3 Changes
May 22, 2017⬆️ Node has been upgraded to version 4.8.3.
A bug in checking body lengths of HTTP responses that was affecting Galaxy deploys has been fixed. PR #8709.
-
v1.4.4.2 Changes
May 02, 2017⬆️ Node has been upgraded to version 4.8.2.
⬆️ The
npm
npm package has been upgraded to version 4.5.0. Note that when using npmscripts
there has been a change regarding what happens whenSIGINT
(Ctrl-C) is received. Read more here.🛠 Fix a regression which prevented us from displaying a helpful banner when running
meteor debug
because of a change in Node.js.⚡️ Update
node-inspector
npm to 1.1.1, fixing a problem encountered when trying to press "Enter" in the inspector console. Issue #8469📦 The
email
package has had itsmailcomposer
npm package swapped with a Node 4 fork ofnodemailer
due to its ability to support connection pooling in a similar fashion as the originalmailcomposer
. Issue #8591 PR #8605Note: The
MAIL_URL
should be configured with a scheme which matches the protocol desired by your e-mail vendor/mail-transport agent. For encrypted connections (typically listening on port 465), this means usingsmtps://
. Unencrypted connections or those secured through aSTARTTLS
connection upgrade (typically using port 587 and sometimes port 25) should continue to usesmtp://
. TLS/SSL will be automatically enabled if the mail provider supports it.A new
Tracker.inFlush()
has been added to provide a global Tracker "flushing" state. PR #8565.⬆️ The
meteor-babel
npm package has been upgraded to version 0.20.1, and thereify
npm package has been upgraded to version 0.7.4, fixing issue #8595. (This was fixed between full Meteor releases, but is being mentioned here.)
-
v1.4.4.1 Changes
April 07, 2017- 🚚 A change in Meteor 1.4.4 to remove "garbage" directories asynchronously
in
files.renameDirAlmostAtomically
had unintended consequences for rebuilding some npm packages, so that change was reverted, and those directories are now removed beforefiles.renameDirAlmostAtomically
returns. PR #8574
- 🚚 A change in Meteor 1.4.4 to remove "garbage" directories asynchronously
in