Meteor 2.3 Release Candidate (Node.js major upgrade)

storyteller · June 16, 2021, 8:46am

Meteor 2.3 Release Candidate has been released!

We would like to encourage everyone to test this as this is a big release starting with Node 14, removal of deprecated APIs all the way to HMR improvements and major version upgrades of the accounts packages. This obviously means that there is a potential that something might break. We have tested things during the beta and fixed what we could, but we would really to underscore how important it is to test this release.

Most notably you are probably going to encounter an issue with packages that rely on the accounts packages with version resolution. This is probably the most important part as package maintainers will have to add a new version resolution to match the major version bump. We are tracking the issue, but until the final release you might need to fork those packages locally and add the new version resolution there manually. MCP (and many others) have PRs ready and will publish new versions of the affected packages once the final release comes.

You can upgrade to the RC by running:

meteor update --release 2.3-rc.2

Check out the PR:

github.com/meteor/meteor

Release 2.3

meteor:devel ← meteor:release-2.3

opened 02:16PM - 07 May 21 UTC

filipenevola

+2938 -2678

### :tada: Meteor 2.3-rc.3 is out. Check what is included [here](https://gi…thub.com/meteor/meteor/blob/release-2.3/History.md) and then upgrade: `meteor update --release 2.3-rc.3` or create a new app `meteor create my-app --release 2.3-rc.3` --- Details in the [milestone](https://github.com/meteor/meteor/milestone/80) You can update and test this version by running `meteor update --release 2.3-rc.3`. Tasks (before release) - [x] Document publication `unblock` [#11392](https://github.com/meteor/meteor/pull/11392) - [x] Document [#11224](https://github.com/meteor/meteor/pull/11224) that changes the behavior for a few HTTP verbs. - For example, if a user has added a handler to WebAppInternals.connectHandlers, to handle a POST request body, but then still wants the boilerplate to be sent as a response. - [x] Documentation & history for #11445 @vlasky Tasks (after release) - [x] Merge doc for Cordova new env var [here](https://github.com/meteor/docs/pull/716) - [x] https://github.com/meteor/docs/pull/720 - [x] https://github.com/meteor/docs/pull/722

Here is the full changelog:

Highlights

Node.js update to 14.17.1 from 12.22.1
Typescript update to 4.3.2
Packages had their backward compatibility to before Meteor 1.0 removed. See bellow for more details.
Improved tracking of which files are used by build plugins to know when it should do a full rebuild, a faster client-only rebuild, or can completely skip rebuilding after a file is modified. This should work with any type of file in any directory, and for both files in the app and files in packages. The most noticeable improvement is when modifying a file only used on the client Meteor will only rebuild the client, even if the file is not inside imports or a client folder.

Summary of breaking changes

As Node.js version was upgraded to a new major version we recommend that you review if your npm dependencies are compatible with Node.js 14.
- If we receive reports from breaking changes we are going to list them here but so far we are not aware of any.
- We recommend that you read Node.js release notes though.
Accounts have undergone some major changes including major version bump. See bellow for more details.
All official packages that have been deprecated have now the deprecated flag and will inform you about that if you install or update them.
If you are working with enrollments in user accounts, do note that the enrollment token handling is now separate from reset password token. The token is now under services.password.enroll, so adjust your code accordingly if you use it.

Migration steps

As Node.js version was upgraded we recommend that you remove your node_modules folder (rm -rf node_modules) and run meteor npm i to be sure you compile all the binary dependencies again using the new Node.js version.
- Maybe you also want to recreate your lock file.
- If you get an error try meteor reset which will clear caches, beware that this will also remove your local DB for your app.
If you are maintaining a package that depends on one of the accounts packages which had a major version bump you will either need to set the new version manually or set api.versionsFrom('2.3').
You can also have it reference its current version and 2.3 like this: api.versionsFrom(['1.12', '2.3']), for specific package it can be like this: api.use('accounts-base@1.0.1 || 2.0.0').
Old API for packages definitions has been removed. The old underscore method names (e.g. api.add_files()) will no longer, please use the camel case method names (e.g. api.addFiles()).

Breaking changes

Removed deprecated mobile-port flag
Removed deprecated raw name from isobuild
Removed deprecated package API method names Package.on_use, Package.on_test, Package._transitional_registerBuildPlugin and api.add_files, if you haven’t till now, please use the current camel case versions
accounts-base@2.0.0
- Deprecated backward compatibility function logoutOtherClients has been removed.
accounts-password@2.0.0
- Deprecated backward compatibility functionality for SRP passwords from pre-Meteor 1.0 days has been removed.
- Enroll account workflow has been separated from reset password workflow (the enrollment token records are now stored in a separate db field services.password.enroll).
ddp-client@2.5.0
- Removed deprecated backward compatibility method names for Meteor before 1.0
ddp-server@2.4.0
- Removed deprecated backward compatibility method names for Meteor before 1.0
meteor-base@1.5.0
- Removed livedata dependency which was there for packages build for 0.9.0
minimongo@1.7.0
- Removed the rewind method that was noop for compatibility with Meteor 0.8.1
mongo@1.12.0
- Removed the rewind method that was noop for compatibility with Meteor 0.8.1
oauth@2.0.0
- Removed deprecated OAuth.initiateLogin and other functionality like the addition of ?close in return URI for deprecated OAuth flow pre Meteor 1.0
markdown@2.0.0
- Use lazy imports to prevent it from being added to the initial bundle
- This package is now deprecated
http@2.0.0
- Internally http has been replaced by fetch, should still work as previous version, but edge cases might be different. This is to aid you in transition to fetch.
socket-stream-client@0.4.0
- Remove IE8 checks

Meteor Version Release

meteor-tool@2.3
- Node.js update to 14.17.1 from 12.22.1
  - This is a major upgrade in Node.js. See the release notes for more details.
- npm update to 6.14.13.
- fibers has been updated to v5.0.0.
- promise has been updated to v8.1.0.
- node-gyp has been updated to v8.0.0.
- node-pre-gyp has been updated to v0.15.0.
- @babel/runtime has been updated to v7.14.0.
- request has been updated to v2.88.2.
- uuid has been updated to v3.4.0.
- graceful-fs has been updated to v4.2.6.
- tar has been updated to v2.2.2.
- sqlite3 has been updated to v5.0.2.
- http-proxy has been updated to v1.18.1.
- wordwrap has been updated to v1.0.0.
- moment has been updated to v2.29.1.
- glob has been updated to v7.1.6.
- split2 has been updated to v3.2.2.
- optimism has been updated to v0.12.2.
- @wry/context has been updated to v0.5.2.
- lru-cache has been updated to v4.1.5.
- anser has been updated to v2.0.1.
- xmlbuilder2 has been updated to v1.8.1.
- ws has been updated to v7.4.5.
- underscore has been updated to v1.13.1
- Reduced time spent by server (re)start in development by adding a cache for Reify. This optimization can be enabled in production by setting the METEOR_REIFY_CACHE_DIR environment variable PR.
- New flag --platforms has been added to the build command to specify the platform you want to build for. meteor build . --platforms=android. This is useful for example when you are not using a MacOS and you want to build your app only for Android. Also to save time on CI not building all the platforms all the time. See PR for details.
- The undocumented environment variable DDP_DEFAULT_CONNECTION_URL behavior has changed. Setting DDP_DEFAULT_CONNECTION_URL when running the server (development: meteor run or production: node main.js) sets the default DDP server value for meteor. But this did not work for cordova apps. Now you can define the cordova app default DDP server value by setting DDP_DEFAULT_CONNECTION_URL when building (meteor build).
- New env variable METEOR_TOOL_ENABLE_REIFY_RUNTIME_CACHE to improve runtime performance on restarts.
- Skeletons dependencies updated to latest version
- New deploy option: --build-only. Helpful if you want to build first and after some validations proceeding with the upload and deploy. Read more
- Improved watched system to properly rebuild client even when a file is outside of client or imports folders. See PR for details.
launch-screen@1.3.0
- Removes LaunchScreen from web clients.
meteor-babel@7.11.0 (@meteorjs/babel)
- Fixes for Samsung Internet v6.2+ to be considered modern browser and addition of logical assignment operators via babel-presets-meteor.
- This package was renamed to @meteorjs/babel.
hot-module-replacement@0.3.0
- Fixes various HMR bugs and edge cases see PR for more.
email@2.1.0
- Updates nodemailer to 6.6.0 and it now adds charset=utf-8 to text/plain messages by default.
server-render@0.4.0
- Updated npm dependencies
accounts-base@2.0.0
- New hook setAdditionalFindUserOnExternalLogin has been added which allows you to customize user selection on external logins if you want to, for example, login a user who has the same e-mail as the external account.
ddp-server@2.4.0
- Added support for this.unblock() in Meteor.publish() context. See PR for more details.
- Add support in Meteor.publish() for async functions
webapp@1.11.0
- Webapp will respond appropriately to unsupported requests instead of sending content, including handling for new HTTP verbs. See PR for more details.

Independent Releases

ddp-server@2.3.3
- Updates dependencies which removes Node’s HTTP deprecation warning.
socket-stream-client@0.3.2
- Updates dependencies which removes Node’s HTTP deprecation warning.
ddp-client@2.4.1
- Re-ordering fields in DDP message for better client readability.
mongo@1.11.1
- Fixes a Timestamp.ONE is undefined bug.
mongo-id@1.0.8
- Removes unused dependency id-map.
accounts-server@1.7.1
- To better test password format & limit password to 256 characters, you can change this limit by setting Meteor.settings.packages.accounts.passwordMaxLength.
static-html@1.3.1
- Removes underscore dependency.
dev-error-overlay@0.1.1
- Fixes sometimes page content being on top of error overlay.
id-map@1.1.1
- Removes unused dependencies and modernizing the code.
http@1.4.4
- Used the new deprecation package flag instead of loud console warning.
logic-solver@2.0.8
- Fixed package.js to use current api method calls.
socket-stream-client@0.3.3
- Update faye-websocket dependency to v0.11.4.
jshint@1.1.8
- The package has been deprecated.
npm-bcrypt@0.9.4
- The package has been deprecated.
ecmascript-runtime-client@0.11.1
- Updated core-js to v3.14.0
ecmascript-runtime-server@0.11.1
- Updated core-js to v3.14.0
url@1.3.2
- Updated core-js to v3.14.0
hot-module-replacement@0.2.1
- Add missing dependency.
observe-sequence@1.0.17
- Updated dependencies
observe-sequence@1.0.18
- When #each argument is unsupported it will be shown
- Moving package under Blaze repository

kevintayong · June 16, 2021, 3:48pm

filipenevola · June 16, 2021, 7:05pm

filipenevola · June 16, 2021, 7:05pm

rjdavid · June 17, 2021, 5:56am

Wonderful work to @storyteller, @filipenevola, and the entire meteor team. The first complete run of our tests passed without issue. Just need to dig deeper on the changes for accounts and webapp since we forked and extended these packages. But so far, everything seems ok. Thanks

sarojmoh1 · June 17, 2021, 2:27pm

How do you resolve the

“error: Conflict: Constraint accounts-base@1.1.3 is not satisfied by accounts-base 2.0.0-rc230.2.
Constraints on package “accounts-base”:” errors.

I’ve tried remove node_modules, running meteor reset. I do not have a Package.js file

storyteller · June 17, 2021, 2:42pm

We are tracking this issue here: [2.3 beta 3] Packages incompatibles with beta 3 · Issue #11453 · meteor/meteor · GitHub
This is an issue with one of your dependencies as described in the breaking changes and upgrade instructions.

dokithonon · June 19, 2021, 8:40pm

Hello,
There is a mismatch in the text
underscore has been updated to v1.11.0
and a bit below :
underscore has been updated to v1.13.1

storyteller · June 21, 2021, 8:48am

Thanks a lot! Fixed!

flean · June 24, 2021, 4:13pm

I’m trying to test 2.3 rc 3 and still having issues with some packages. Just wondering which packages I should manually patch and which ones the community will take care of. Thanks

While selecting package versions:
   error: Conflict: Constraint accounts-base@1.1.1 is not satisfied by accounts-base 2.0.0.
   Constraints on package "accounts-base":
   * accounts-base@~2.0.0-rc230.3 <- top level
   * accounts-base@1.7.1 || 2.0.0 <- matb33:collection-hooks 1.1.0
   * accounts-base@1.1.1 <- lai:collection-extensions 0.2.1_1 <- dburles:mongo-collection-instances 0.3.5 <- cultofcoders:grapher 1.3.19
   * accounts-base@2.0.0 <- accounts-password 2.0.0
   * accounts-base@2.0.0 <- service-configuration 1.1.0
   * accounts-base@1.7.1 || 2.0.0 <- alanning:roles 3.3.0
   * accounts-base@1.4.2 || 2.0.0 <- communitypackages:fast-render 4.0.2
   * accounts-base@1.7.1 || 2.0.0 <- apollo 4.1.0

storyteller · June 24, 2021, 4:32pm

From you list it should only be lai:collection-extensions.
By the way you can now upgrade to 2.3 as it has been released, but not recommended.

flean · June 24, 2021, 4:34pm

thanks, I’ll do that

aureooms · August 14, 2021, 2:49pm

I am having a production build error during the babel minify step when upgrading from 2.2.3 to 2.3.5: Error at production build step with bundle-visualizer: unknown: Cannot read property 'add' of undefined while minifying