Meteor update, general beginner advice sought

jrh · 2019-09-18T22:30:28.103Z

I have no doubt a thread here or elsewhere already covers my question but my searches haven’t satisfied me. I’m not trying to mend anything, just looking for best practice.

I’ve seen the material on Coursera from Goldsmiths, University of London, and edited and tested their meteor samples. I’ve also tried meteor create --examples. They generally require meteor npm install and then they run, which is nice. They all say patches are recommended, that newer versions of meteor are available and that the meteor npm audit is packed with High Severity vulnerabilities. My general impression is that in a production environment they ought to be updated.

My problem: every time I try --patch or update on meteor I hit a spiral of runaway dependency clashes, on all of these small demonstration systems. I’ve come back to the various bits of code several times to try to work out a stable process and I haven’t yet found the right path.

My question: is there a guide to updating code from, say, the last three years in a way that removes the audit warnings? Mostly because I’d quite like to use the examples as skeletons to learn on and they do seem to be intended for use that way. This strikes me as a beginner issue but I’m several turns round this cycle and I’m not making progress.

copleykj · 2019-09-19T01:51:04.510Z

Keeping a codebase up to date with the latest releases of it’s dependencies is unfortunately nearly a full time job. This means that if you’re looking at a project that hasn’t been update in multiple years, the dependencies could have multitudes of breaking changes (major API redesigns even) that will need sorted out to bring them all up to current releases. Generally speaking it’s probably best to take it one dependency at a time if possible, but of course that’s not always the case and things can get pretty complicated and frustrating.

If you have specific issues or questions, please feel free post them here so that I and everyone else can try to answer and help you work through them.

coagmano · 2019-09-19T04:38:42.635Z

Welcome to the forums!

The difficulty of updating depends heavily on your dependencies. Meteor itself has done an excellent job of being mostly backwards compatible. Packages… not so much.

A big issue in the last couple of years was packages depending on coffeescript as the update from 1.x to 2.x was major, and many common packages used coffeescript. When one package updates to use 2.x while another used 1.x, you have an unsolvable conflict

The infrequent times that I do update older apps, I just hit update on everything and work through the resulting errors one by one.
For things like coffeescript issues, I’ll often create a fork or local copy, compile the coffeescript to JS manually and remove the coffeescript dependency.

If you’re thinking of updating examples, I’d say it’s easier to start fresh

jrh · 2019-09-20T13:48:15.467Z

Thank you both, I’m making progress. I have now found with the todos example I can run cleanly with meteor 1.8.1 so I’m clearly getting more exposure to the update process - I think I was messing up by including the --patch early on, it felt like it was updating modules beyond necessary limits. If anyone else is looking in this direction my working update involved:

git clone https://github.com/meteor/todos
cd todos/
meteor npm install
meteor update
meteor npm install --save @babel/runtime@latest
meteor npm install eslint --save-dev
meteor npm audit fix
meteor

and there it is running. As far as starting from scratch goes, the learning curve of what to adopt from atmosphere.js is still quite a climb. The example has words like login, private, shared, group and item which is a helpful skeleton to put my own attributes to, and I’m sure another go at the tutorials will push me ahead.

One day I may even know how --save and --save-dev differ.

brianmulhall · 2019-09-20T14:38:44.022Z

I found Meteor in Action to be a great place to start, or Discover Meteor which is now free is also pretty awesome. Meteor Chef is also a great blog that has alot of good information. Hope that helps.

When i was new to Meteor it took me a couple Months of playing around with it on the weekends before it all kind of clicked, now I have the mental model in place to be productive using it and its my favorite framework by far.

And of course, welcome to the forum … it means alot to have new people joining