Meteor 3.2 release is live!
This release includes a new Meteor command to profile both bundler times and bundle size. To support this, we updated the Meteor 3 profiler to handle async flows while keeping the output aligned with Meteor 2 expectations.
This release also brings major community contributions, including argon2 support for password encryption, fixes for oplog and the build system, and various improvements.
Tasks and fixes for Meteor 3.2:
- Upgrade to Node 22.14.0 & Mongo 7.0.16.
- Add
meteor profilecommand to display performance metrics. PR #13636 - Fix Meteor profiler to support promises and display metrics correctly. PR #13615 PR #13628
- Add argon2 support for improved password security. PR #13554
- Improve package resolution logic. PR #13604
- Fix rare oplog issue that could cause data loss. PR #13603
Check out all merged PRs here: GitHub PRs
Hands on
To use it, please do:
meteor update --release 3.2
or create a new app:
meteor create --release 3.2
New meteor profile command
meteor profile helps you to track bundler performance and core size across changes automatically. You can learn more about this command on the article: “Unlocking Meteor 3.2: New Profiling Tool to Track Bundler Performance and Size”.
Want to try it? Run meteor profile --help to explore its features.
Argon2 as an alternative to bcrypt
vparpoil has made a key contribution in this release, the addition of argon2 for password encryption, providing a modern and more secure alternative to bcrypt and available as an opt-in feature.
Find instructions on how to enable it in the updated docs.
Huge thanks to our contributors
Shoutout to everyone who helped shape this release:
- @vparpoil
- @cunneen
- @gbuerk
- @julio-rocketchat
- @StorytellerCZ
- @dr-dimitru
- @Seb-Dion
- @Grubba27
- @nachocodoner
What’s Next?
Our next releases are going to be focused into delivering new improvements for the bundler, while we review and release contributions from the community.
Specifically, the Meteor bundler improvements coming in next releases are:
- SWC Support: We’re working on integrating SWC for enhanced compilation and analysis capabilities.
- CPU Profiling and Memory Snapshots: This will allow for deeper performance tuning across all phases of app building.
- Modern Bundler Integration: Expect improved bundler features and faster speeds with the adoption of modern bundlers.
- Default Modern Architecture: Soon, Meteor will build only for modern architecture by default, skipping legacy and Cordova builds unless you specify otherwise.
We will provide updates on dates in the next weekly posts.
The video version can be seen here:
Get Involved with Meteor: Good First Issue
Contributing to Meteor is a great way to support the open-source community and help improve the framework. Whether you’re an experienced developer or just starting out, there are always ways to make a difference.
To help new contributors, we’ve selected a few issues that are ideal for first-time contributions. If you’re looking for a place to start, check out these tasks:
- Missing Docs - Issue #13641
This issue covers missing documentation forloginWithTokenandMongo.getCollectionin the Meteor repository. Help us improve the docs by adding the missing details! Clear guidelines are provided to get you started. - Email Selector Not Always Lowercased - Issue #12412
In theaccounts-passwordlesspackage (likely affecting Meteor 3), the email selector isn’t always converted to lowercase, leading to a frustrating “User not found [403]” error. Help fix this to improve the passwordless login experience. - Aligning Meteor.loginWithPassword with Accounts.createUser - Issue #13069
This proposal updatesMeteor.loginWithPasswordto accept an object ({ email, password }), aligning it withAccounts.createUserfor consistency. The update keeps backward compatibility while making the API more intuitive. - OAuth Flow Not Reporting Errors to Client - Issue #13627
OAuth errors aren’t being relayed to the client after the redirect flow, preventing useful error messages from appearing in the UI. Help resolve this to improve OAuth error reporting and the user experience.
