All Versions
Latest Version
Avg Release Cycle
57 days
Latest Release
944 days ago

Changelog History
Page 13

  • v1.5.2.1 Changes

    September 26, 2017
    • ⚡️ Updating to Meteor will automatically patch a security vulnerability in the allow-deny package, since [email protected]_1 requires [email protected] or later. If for any reason you are not ready or able to update to Meteor by running meteor update, please at least run

      meteor update allow-deny

      instead. More details about the security vulnerability can be found on the Meteor forums.

    • The command-line meteor tool no longer invokes node with the --expose-gc flag. Although this flag allowed the build process to be more aggressive about collecting garbage, it was also a source of problems in Meteor 1.5.2 and Node 4.8.4, from increased segmentation faults during (the more frequent) garbage collections to occasional slowness in rebuilding local packages. The flag is likely to return in Meteor 1.6, where it has not exhibited any of the same problems.

    • 👷 Meteor now supports .meteorignore files, which cause the build system to ignore certain files and directories using the same pattern syntax as .gitignore files. These files may appear in any directory of your app or package, specifying rules for the directory tree below them. Of course, .meteorignore files are also fully integrated with Meteor's file watching system, so they can be added, removed, or modified during development. Feature request #5

    • 🗄 DDP's connection.onReconnect = func feature has been deprecated. This functionality was previously supported as a way to set a function to be called as the first step of reconnecting. This approach has proven to be inflexible as only one function can be defined to be called when reconnecting. Meteor's accounts system was already setting an onReconnect callback to be used internally, which means anyone setting their own onReconnect callback was inadvertently overwriting code used internally. Moving forward the DDP.onReconnect(callback) method should be used to register callbacks to call when a connection reconnects. The connection that is reconnecting is passed as the only argument to callback. This is used by the accounts system to re-login on reconnects without interfering with other code that uses connection.onReconnect. Issue #5665 PR #9092

    • 👍 reactive-dict now supports destroy. destroy will clear the ReactiveDicts data and unregister the ReactiveDict from data migration. i.e. When a ReactiveDict is instantiated with a name on the client and the reload package is present in the project. Feature Request #76 PR #9063

    • ⚡️ The webapp package has been updated to support UNIX domain sockets. If a UNIX_SOCKET_PATH environment variable is set with a valid UNIX socket file path (e.g. UNIX_SOCKET_PATH=/tmp/socktest.sock), Meteor's HTTP server will use that socket file for inter-process communication, instead of TCP. This can be useful in cases like using Nginx to proxy requests back to an internal Meteor application. Leveraging UNIX domain sockets for inter-process communication reduces the sometimes unnecessary overhead required by TCP based communication. Issue #7392 PR #8702

    • 📦 The fastclick package (previously included by default in Cordova applications through the mobile-experience package) has been deprecated. This package is no longer maintained and has years of outstanding unresolved issues, some of which are impacting Meteor users. Most modern mobile web browsers have removed the 300ms tap delay that fastclick worked around, as long as the following <head /> meta element is set (which is generally considered a mobile best practice regardless, and which the Meteor boilerplate generator already sets by default for Cordova apps): <meta name="viewport" content="width=device-width"> If anyone is still interested in using fastclick with their application, it can be installed from npm directly (meteor npm install --save fastclick). Reference: Mobile Chrome Mobile Safari PR #9039

    • Minimongo cursors are now JavaScript iterable objects and can now be iterated over using for...of loops, spread operator, yield*, and destructuring assignments. PR #8888

  • v1.5.1 Changes

    July 12, 2017
    • ⬆️ Node has been upgraded to version 4.8.4.

    • 📦 A new core Meteor package called server-render provides generic support for server-side rendering of HTML, as described in the package's PR #8841

    • To reduce the total number of file descriptors held open by the Meteor build system, native file watchers will now be started only for files that have changed at least once. This new policy means you may have to wait up to 5000ms for changes to be detected when you first edit a file, but thereafter changes will be detected instantaneously. In return for that small initial waiting time, the number of open file descriptors will now be bounded roughly by the number of files you are actively editing, rather than the number of files involved in the build (often thousands), which should help with issues like #8648. If you need to disable the new behavior for any reason, simply set the METEOR_WATCH_PRIORITIZE_CHANGED environment variable to "false", as explained in PR #8866.

    • All observe and observeChanges callbacks are now bound using Meteor.bindEnvironment. The same EnvironmentVariables that were present when observe or observeChanges was called are now available inside the callbacks. PR #8734

    • A subscription's onReady is now fired again during a re-subscription, even if the subscription has the same arguments. Previously, when subscribing to a publication the onReady would have only been called if the arguments were different, creating a confusing difference in functionality. This may be breaking behavior if an app uses the firing of onReady as an assumption that the data was just received from the server. If such functionality is still necessary, consider using observe or observeChanges PR #8754 Issue #1173

    • 📦 The minimongo and mongo packages are now compliant with the upsert behavior of MongoDB 2.6 and higher. As a result support for MongoDB 2.4 has been dropped. This mainly changes the effect of the selector on newly inserted documents. PR #8815

    • 👍 reactive-dict now supports setting initial data when defining a named ReactiveDict. No longer run migration logic when used on the server, this is to prevent duplicate name error on reloads. Initial data is now properly serialized.

    • 0️⃣ accounts-password now uses as a default "from" address instead of This change could break account-related e-mail notifications (forgot password, activation, etc.) for applications which do not properly configure a "from" domain since e-mail providers will often reject mail sent from Ensure that Accounts.emailTemplates.from is set to a proper domain in all applications. PR #8760

    • ⚡️ The accounts-facebook and facebook-oauth packages have been updated to use the v2.9 of the Facebook Graph API for the Login Dialog since the v2.2 version will be deprecated by Facebook in July. There shouldn't be a problem regardless since Facebook simply rolls over to the next active version (v2.3, in this case) however this should assist in avoiding deprecation warnings and should enable any new functionality which has become available. PR #8858

    • Add DDP._CurrentPublicationInvocation and DDP._CurrentMethodInvocation. DDP._CurrentInvocation remains for backwards-compatibility. This change allows method calls from publications to inherit the connection from the the publication which called the method. PR #8629

    Note: If you're calling methods from publications that are using this.connection to see if the method was called from server code or not. These checks will now be more restrictive because this.connection will now be available when a method is called from a publication.

    • 🛠 Fix issue with publications temporarily having DDP._CurrentInvocation set on re-run after a user logged in. This is now provided through DDP._CurrentPublicationInvocation at all times inside a publication, as described above. PR #8031 PR #8629

    • Meteor.userId() and Meteor.user() can now be used in both method calls and publications. PR #8629

    • this.onStop callbacks in publications are now run with the publication's context and with its EnvironmentVariables bound. PR #8629

    • 📦 The minifier-js package will now replace process.env.NODE_ENV with its string value (or "development" if unspecified).

    • ⬆️ The meteor-babel npm package has been upgraded to version 0.22.0.

    • ⬆️ The reify npm package has been upgraded to version 0.11.24.

    • ⬆️ The uglify-js npm package has been upgraded to version 3.0.18.

    • 🏗 Illegal characters in paths written in build output directories will now be replaced with _s rather than removed, so that file and directory names consisting of only illegal characters do not become empty strings. PR #8765.

    • ➕ Additional "extra" packages (packages that aren't saved in .meteor/packages) can be included temporarily using the --extra-packages option. For example: meteor run --extra-packages bundle-visualizer. Both meteor test and meteor test-packages also support the --extra-packages option and commas separate multiple package names. PR #8769

    Note: Packages specified using the --extra-packages option override version constraints from .meteor/packages.

    • ⚡️ The coffeescript package has been updated to use CoffeeScript version 1.12.6. PR #8777

    • It's now possible to pipe a series of statements to meteor shell, whereas previously the input had to be an expression; for example:

      > echo 'import pkg from "babel-runtime/package.json";
      quote> pkg.version' |
      pipe> meteor shell

      Issue #8823 PR #8833

    • Any Error thrown by a DDP method with the error.isClientSafe property set to true will now be serialized and displayed to the client, whereas previously only Meteor.Error objects were considered client-safe. PR #8756

  • v1.5 Changes

    May 30, 2017
    • 📦 The meteor-base package implies a new dynamic-import package, which provides runtime support for the proposed ECMAScript dynamic import(...) syntax, enabling asynchronous module fetching or "code splitting." If your app does not use the meteor-base package, you can use the package by simply running meteor add dynamic-import. See this blog post and PR #8327 for more information about how dynamic import(...) works in Meteor, and how to use it in your applications.

    • 📦 The ecmascript-runtime package, which provides polyfills for various new ECMAScript runtime APIs and language features, has been split into ecmascript-runtime-client and ecmascript-runtime-server, to reflect the different needs of browsers versus Node 4. The client runtime now relies on the core-js library found in the node_modules directory of the application, rather than a private duplicate installed via Npm.depends. This is unlikely to be a disruptive change for most developers, since the babel-runtime npm package is expected to be installed, and core-js is a dependency of babel-runtime, so node_modules/core-js should already be present. If that's not the case, just run meteor npm install --save core-js to install it.

    • ⬆️ The npm npm package has been upgraded to version 4.6.1.

    • ⬆️ The meteor-babel npm package has been upgraded to version 0.21.4, enabling the latest Reify compiler and the transform-class-properties plugin, among other improvements.

    • ⬆️ The reify npm package has been upgraded to version 0.11.21, fixing issue #8595 and improving compilation and runtime performance.

    Note: With this version of Reify, import declarations are compiled to, ...) instead of module.importSync(id, ...) or the older module.import(id, ...). The behavior of the compiled code should be the same as before, but the details seemed different enough to warrant a note.

    • ⬆️ The install npm package has been upgraded to version 0.10.1.

    • ⬆️ The meteor-promise npm package has been upgraded to version 0.8.4.

    • ⬆️ The uglify-js npm package has been upgraded to version 3.0.13, fixing #8704.

    • 📦 If you're using the standard-minifier-js Meteor package, as most Meteor developers do, it will now produce a detailed analysis of package and module sizes within your production .js bundle whenever you run meteor build or meteor run --production. These data are served by the application web server at the same URL as the minified .js bundle, except with a .stats.json file extension instead of .js. If you're using a different minifier plugin, and would like to support similar functionality, refer to these commits for inspiration.

    • To visualize the bundle size data produced by standard-minifier-js, run meteor add bundle-visualizer and then start your development server in production mode with meteor run --production. Be sure to remove the bundle-visualizer package before actually deploying your app, or the visualization will be displayed to your users.

    • If you've been developing an app with multiple versions of Meteor, or testing with beta versions, and you haven't recently run meteor reset, your .meteor/local/bundler-cache directory may have become quite large. This is just a friendly reminder that this directory is perfectly safe to delete, and Meteor will repopulate it with only the most recent cached bundles.

    • Apps created with meteor create --bare now use the static-html package for processing .html files instead of blaze-html-templates, to avoid large unnecessary dependencies like the jquery package.

    • 🔌 Babel plugins now receive file paths without leading / characters, which should prevent confusion about whether the path should be treated as absolute. PR #8610

    • It is now possible to override the Cordova iOS and/or Android compatibility version by setting the METEOR_CORDOVA_COMPAT_VERSION_IOS and/or METEOR_CORDOVA_COMPAT_VERSION_ANDROID environment variables. PR #8581

    • Modules in node_modules directories will no longer automatically have access to the Buffer polyfill on the client, since that polyfill contributed more than 22KB of minified JavaScript to the client bundle, and was rarely used. If you really need the Buffer API on the client, you should now obtain it explicitly with require("buffer").Buffer. Issue #8645.

    • 📦 Packages in node_modules directories are now considered non-portable (and thus may be automatically rebuilt for the current architecture), if their package.json files contain any of the following install hooks: install, preinstall, or postinstall. Previously, a package was considered non-portable only if it contained any .node binary modules. Issue #8225

  • v1.4.4 Changes

    April 07, 2017
    • ⬆️ Node has been upgraded to version 4.8.1.

    • ⬆️ The npm npm package has been upgraded to version 4.4.4. It should be noted that this version reduces extra noise previously included in some npm errors.

    • ⬆️ The node-gyp npm package has been upgraded to 3.6.0 which adds support for VS2017 on Windows.

    • ⚡️ The node-pre-gyp npm package has been updated to 0.6.34.

    • Thanks to the outstanding efforts of @sethmurphy18, the minifier-js package now uses Babili instead of UglifyJS, resolving numerous long-standing bugs due to UglifyJS's poor support for ES2015+ syntax. Issue #8378 PR #8397

    • ⬆️ The meteor-babel npm package has been upgraded to version 0.19.1, and reify has been upgraded to version 0.6.6, fixing several subtle bugs introduced by Meteor 1.4.3 (see below), including issue #8461.

    • 🔌 The Reify module compiler is now a Babel plugin, making it possible for other custom Babel plugins configured in .babelrc or package.json files to run before Reify, fixing bugs that resulted from running Reify before other plugins in Meteor 1.4.3. Issue #8399 Issue #8422 meteor-babel issue #13

    • 👍 Two new export ... from ... syntax extensions are now supported:

      export * as namespace from "./module"
      export def from "./module"

      Read the ECMA262 proposals here:

    • When is used on the server to invoke a method that returns a Promise object, the result will no longer be the Promise object, but the resolved value of the Promise. Issue #8367

    Note: if you actually want a Promise when calling or Meteor.apply on the server, use Meteor.callAsync and/or Meteor.applyAsync instead. Issue #8367,

    • ⚡️ The mailcomposer and smtp-connection npms have been updated to resolve an issue with the encoding of long header lines. Issue #8425 PR #8495

    • 👍 Accounts.config now supports an ambiguousErrorMessages option which enabled generalization of messages produced by the accounts-* packages. PR #8520

    • 🛠 A bug which caused account enrollment tokens to be deleted too soon was fixed. Issue #8218 PR #8474

    • 🚀 On Windows, bundles built during meteor build or meteor deploy will maintain the executable bit for commands installed in the node_modules\.bin directory. PR #8503

    • ⬆️ On Windows, the upgrades to Node.js, npm and mongodb are now in-sync with other archs again after being mistakenly overlooked in An admin script enhancement has been applied to prevent this from happening again. PR #8505

  • v1.4.4.6 Changes

    April 02, 2018
    • ⬆️ Node has been upgraded to version 4.9.0, an important security release. The Node v4.x release line will exit the Node.js Foundation's long-term support (LTS) status on April 30,

      1. We strongly advise updating to a version of Meteor using a newer version of Node which is still under LTS status, such as Meteor 1.6.x which uses Node 8.x.
    • ⬆️ The npm package has been upgraded to version 4.6.1.

  • v1.4.4.5 Changes

    December 08, 2017
  • v1.4.4.4 Changes

    September 26, 2017
    • ⚡️ Updating to Meteor will automatically patch a security vulnerability in the allow-deny package, since [email protected]_4 requires [email protected] or later. If for any reason you are not ready or able to update to Meteor by running meteor update, please at least run sh meteor update allow-deny instead. More details about the security vulnerability can be found on the Meteor forums.
  • v1.4.4.3 Changes

    May 22, 2017
    • ⬆️ Node has been upgraded to version 4.8.3.

    • A bug in checking body lengths of HTTP responses that was affecting Galaxy deploys has been fixed. PR #8709.

  • v1.4.4.2 Changes

    May 02, 2017
    • ⬆️ Node has been upgraded to version 4.8.2.

    • ⬆️ The npm npm package has been upgraded to version 4.5.0. Note that when using npm scripts there has been a change regarding what happens when SIGINT (Ctrl-C) is received. Read more here.

    • 🛠 Fix a regression which prevented us from displaying a helpful banner when running meteor debug because of a change in Node.js.

    • ⚡️ Update node-inspector npm to 1.1.1, fixing a problem encountered when trying to press "Enter" in the inspector console. Issue #8469

    • 📦 The email package has had its mailcomposer npm package swapped with a Node 4 fork of nodemailer due to its ability to support connection pooling in a similar fashion as the original mailcomposer. Issue #8591 PR #8605

      Note: The MAIL_URL should be configured with a scheme which matches the protocol desired by your e-mail vendor/mail-transport agent. For encrypted connections (typically listening on port 465), this means using smtps://. Unencrypted connections or those secured through a STARTTLS connection upgrade (typically using port 587 and sometimes port 25) should continue to use smtp://. TLS/SSL will be automatically enabled if the mail provider supports it.

    • A new Tracker.inFlush() has been added to provide a global Tracker "flushing" state. PR #8565.

    • ⬆️ The meteor-babel npm package has been upgraded to version 0.20.1, and the reify npm package has been upgraded to version 0.7.4, fixing issue #8595. (This was fixed between full Meteor releases, but is being mentioned here.)

  • v1.4.4.1 Changes

    April 07, 2017
    • 🚚 A change in Meteor 1.4.4 to remove "garbage" directories asynchronously in files.renameDirAlmostAtomically had unintended consequences for rebuilding some npm packages, so that change was reverted, and those directories are now removed before files.renameDirAlmostAtomically returns. PR #8574