Merge pull request #13098 from meteor/3.0-impact-2.16-quick-gains

[3.0] Impact 2.16 changes on Meteor 3.x

.github/workflows/npm-meteor-promise.yml

@@ -18,7 +18,7 @@ jobs:
  working-directory: npm-packages/meteor-promise
  strategy:
  matrix:
- node-version: [12.x, 14.x]
+ node-version: [14.x]
  steps:
  - uses: actions/checkout@v4
  - name: Use Node.js ${{ matrix.node-version }}

docs/generators/changelog/versions/2.16.md

@@ -0,0 +1,76 @@
+## v2.16.0, 2024-03-26
+
+### Highlights
+
+
+#### Migration Steps
+
+## Breaking Changes
+
+## Docs
+
+## Internal API changes
+
+* Add method name to MethodInvocation in DDP messages
+
+## Meteor Version Release
+
+* Meteor tool
+ - Updated Svelte skeleton
+ - Update tsconfig.json for Svelte skeleton
+ - Updated Solid skeleton NPM dependencies
+
+* `accounts-base@get-version`
+ - Update config checking
+
+* `accounts-oauth@get-version`
+ - Remove config checking as it is done in `accounts-base`
+
+* `accounts-ui-unstyled@get-version`
+ - `Connect with Twitter` is now `Connect with X/Twitter`
+
+* `twitter-config-ui@get-version`
+ - Update setup instructions
+
+* `ddp-common@get-versio`
+ - Add method name to MethodInvocation
+
+* `ddp-client@get-version`
+ - Add method name to MethodInvocation
+
+* `ddp-server@get-version`
+ - Add method name to MethodInvocation
+
+* `email@get-version`
+ - Nodemailer update to v6.9.10
+ - `@types/nodemailer` updated to v6.4.14
+
+* `minimongo@get-version`
+ - Support observeChangesAsync and observeAsync
+ - Report and extend test cases for the old async behaviors
+
+* `logging@get-version`
+ - Type update
+
+* `service-configuration@get-version`
+ - Type update
+
+* `reload-safetybelt@get-version`
+ - Remove underscore dependency
+
+## Independent releases
+
+* `[email protected]`:
+ - Set `minPoolSize` for oplog
+
+* `[email protected]`
+ - Fix bug in `_.intersection`
+
+## Contributors
+
+- [@nachocodoner](https://github.com/nachocodoner)
+- [@StorytellerCZ](https://github.com/sponsors/StorytellerCZ)
+- [@jamauro](https://github.com/jamauro)
+
+For making this great framework even better!
+

docs/source/api/accounts.md

@@ -338,3 +338,41 @@ Accounts.ui.config({
 
 
 Since Meteor 2.7 you can configure these in your Meteor settings under `Meteor.settings.public.packages.accounts-ui-unstyled`.
+
+<h3 id="initialize-with-custom-settings">Initialize with custom settings</h3>
+
+This feature allows users to specify custom configuration parameters for both client-side and server-side initialization.
+
+* Client
+
+{% apibox "AccountsClient" %}
+
+On the client-side, AccountsClient can be initialized with custom parameters provided through Meteor settings configuration. Below is an example of how to use this functionality:
+
+```json
+{
+ "public": {
+ "packages": {
+ "accounts": {
+ ...configParams
+ }
+ }
+ }
+}
+```
+
+* Server
+
+{% apibox "AccountsServer" %}
+
+On the server-side, AccountsServer can also be initialized with custom parameters. Server-specific configuration may differ from the client and can also be specified through Meteor settings. Below is an example of how to do it:
+
+```json
+{
+ "packages": {
+ "accounts": {
+ ...configParams
+ }
+ }
+}
+```

docs/source/api/check.md

@@ -46,6 +46,11 @@ this error gets sent over the wire to the client, it will appear only as
 `Meteor.Error(400, 'Match Failed')`. The failure details will be written to the
 server logs but not revealed to the client.
 
+By default, `check` will throw immediately at the first error encountered. Pass in `{ throwAllErrors: true }` to throw an array of all errors. For example:
+```js
+check(message, {/* ... */}, {throwAllErrors: true})
+```
+
 {% apibox "Match.test" %}
 
 `Match.test` can be used to identify if a variable has a certain structure.

docs/source/api/collections.md

@@ -1082,6 +1082,38 @@ option:
 You can pass any MongoDB valid option, these are just examples using
 certificates configurations.
 
+<h3 id="mongo_oplog_options">Mongo Oplog Options</h3>
+
+> Oplog options were introduced in Meteor 2.15.1
+
+If you set the [`MONGO_OPLOG_URL`](https://docs.meteor.com/environment-variables.html#MONGO-OPLOG-URL) env var, Meteor will use MongoDB's Oplog to show efficient, real time updates to your users via your subscriptions.
+
+Due to how Meteor's Oplog implementation is built behind the scenes, if you have certain collections where you expect **big amounts of write operations**, this might lead to **big CPU spikes on your meteor app server, even if you have no publications/subscriptions on any data/documents of these collections**. For more information on this, please have a look into [this blog post from 2016](https://blog.meteor.com/tuning-meteor-mongo-livedata-for-scalability-13fe9deb8908), [this github discussion from 2022](https://github.com/meteor/meteor/discussions/11842) or [this meteor forums post from 2023](https://forums.meteor.com/t/cpu-spikes-due-to-oplog-updates-without-subscriptions/60028).
+
+To solve this, **2 Oplog settings** have been introduced **to tweak, which collections are *watched* or *ignored* in the oplog**.
+
+**Exclusion**: To *exclude* for example all updates/inserts of documents in the 2 collections called `products` and `prices`, you would need to set the following setting in your Meteor settings file:
+
+```json
+ "packages": {
+ "mongo": {
+ "oplogExcludeCollections": ["products", "prices"]
+ }
+ }
+```
+
+**Inclusion**: vice versa, if you only want to watch/*include* the oplog for changes on documents in the 2 collections `chats` and `messages`, you would use:
+
+```json
+ "packages": {
+ "mongo": {
+ "oplogIncludeCollections": ["chats", "messages"]
+ }
+ }
+```
+
+For obvious reasons, using both `oplogExcludeCollections` and `oplogIncludeCollections` at the same time is not possible and will result in an error.
+
 <h3 id="mongo_connection_options_settings">Mongo.setConnectionOptions</h3>
 
 You can also call `Mongo.setConnectionOptions` to set the connection options but

docs/source/packages/oauth-encryption.md

@@ -31,10 +31,16 @@ the top level of your source file), not called from inside of a
 `Meteor.startup` block.
 
 To avoid storing the secret key in your application's source code, you
-can use [`Meteor.settings`](http://docs.meteor.com/#meteor_settings):
+can provide the same value under [`Meteor.settings.packages.accounts-base.oauthSecretKey`](http://docs.meteor.com/#meteor_settings):
 
-```js
-Accounts.config({ oauthSecretKey: Meteor.settings.oauthSecretKey });
+```json
+{
+ "packages": {
+ "accounts-base": {
+ "oauthSecretKey": "onsqJ+1e4iGFlV0nhZYobg=="
+ }
+ }
+}
 ```
 
 

guide/source/2.14-migration.md

@@ -15,7 +15,7 @@ breakdown of the changes, please refer to the [changelog](http://docs.meteor.com
 Cordova has been updated to v12.0.1 for Android and v7.0.1 for iOS. This
 requires a few changes to your Cordova project:
 
- - The `splash-screen` package has removed the the `cordova-plugin-splashscreen`
+ - The `splash-screen` package has removed the `cordova-plugin-splashscreen`
  is now on `cordova-android` core, so we have removed the dependency from the
  `splash-screen` package.
  As a result we are dropping the support for dark mode splash screen on Android.

guide/source/data-loading.md

@@ -589,31 +589,35 @@ A pattern for turning a polled REST endpoint looks something like this:
 ```js
 const POLL_INTERVAL = 5000;
 
-Meteor.publish('polled-publication', function() {
- const publishedKeys = {};
-
- const poll = () => {
- // Let's assume the data comes back as an array of JSON documents, with an _id field
- const data = HTTP.get(REST_URL, REST_OPTIONS);
-
- data.forEach((doc) => {
- if (publishedKeys[doc._id]) {
- this.changed(COLLECTION_NAME, doc._id, doc);
- } else {
- publishedKeys[doc._id] = true;
- this.added(COLLECTION_NAME, doc._id, doc);
- }
+Meteor.publish('polled-publication', async function() {
+ const publishedKeys = {};
+
+ const poll = async () => {
+ // Let's assume the data comes back as an array of JSON documents, with an _id field
+ const response = await fetch(REST_URL, REST_OPTIONS);
+ if (!response.ok) {
+ throw new Error(`HTTP error! status: ${response.status}`);
+ } else {
+ data = await response.json();
+ data.forEach((doc) => {
+ if (publishedKeys[doc._id]) {
+ this.changed(COLLECTION_NAME, doc._id, doc);
+ } else {
+ publishedKeys[doc._id] = true;
+ this.added(COLLECTION_NAME, doc._id, doc);
+ }
+ });
+ }
+ };
+
+ await poll();
+ this.ready();
+
+ const interval = Meteor.setInterval(poll, POLL_INTERVAL);
+
+ this.onStop(() => {
+ Meteor.clearInterval(interval);
  });
- };
-
- poll();
- this.ready();
-
- const interval = Meteor.setInterval(poll, POLL_INTERVAL);
-
- this.onStop(() => {
- Meteor.clearInterval(interval);
- });
 });
 ```
 

guide/source/security.md

@@ -470,7 +470,7 @@ Generally speaking, all production HTTP requests should go over HTTPS, and all W
 It's best to handle the redirection from HTTP to HTTPS on the platform which handles the SSL certificates and termination.
 
 * On [Galaxy](deployment.html#galaxy), enable the "Force HTTPS" setting on a specific domain in the "Domains & Encryption" section of the application's "Settings" tab.
-* Other deployments *may* have control panel options or may need to be manually configured on the the proxy server (e.g. HAProxy, nginx, etc.). The articles linked above provide some assistance on this.
+* Other deployments *may* have control panel options or may need to be manually configured on the proxy server (e.g. HAProxy, nginx, etc.). The articles linked above provide some assistance on this.
 
 In the event that a platform does not offer the ability to configure this, the `force-ssl` package can be added to the project and Meteor will attempt to intelligently redirect based on the presence of the `x-forwarded-for` header.
 

guide/source/vue.md

@@ -41,6 +41,12 @@ Meteor's build tool and Pub/Sub API (or Apollo) provides Vue with this API that
 
 <h3 id="integrating-vue-with-meteor">Integrating Vue With Meteor</h3>
 
+Creating vue3 app
+
+```
+meteor create --vue
+```
+
 To start a new project: 
 
 ```sh
@@ -424,7 +430,7 @@ VueSSR.createApp = function (context) {
 
 <h3 id="async-data-and-hydration">Async data and Hydration</h3>
 
-Hydration is the the word for loading state into components on the serverside and then reusing that data on the clientside.
+Hydration is the word for loading state into components on the serverside and then reusing that data on the clientside.
 This allows components to fully render their markup on the server and prevents a 're-render' on the clientside when the bundle is loaded.
 
 [Nuxt](https://nuxtjs.org/) solves this gracefully with a feature called [asyncData](https://nuxtjs.org/guide/async-data).

npm-packages/eslint-config-meteor/README.md

@@ -24,7 +24,7 @@ The peer dependencies can be installed manually by following the `package.json`
 $ # Install `install-peerdeps` within the current Meteor tool version.
 $ meteor npm install --global install-peerdeps
 $ # Run the newly installed `install-peerdeps` to install this package and its dependencies.
-$ meteor install-peerdeps --dev @meteorjs/eslint-config-meteor
+$ meteor npx install-peerdeps --dev @meteorjs/eslint-config-meteor
 ```
 
 ## Configure

packages/accounts-base/accounts-base.d.ts

@@ -62,12 +62,20 @@ export namespace Accounts {
  sendVerificationEmail?: boolean | undefined;
  forbidClientAccountCreation?: boolean | undefined;
  restrictCreationByEmailDomain?: string | Function | undefined;
+ loginExpiration?: number | undefined;
  loginExpirationInDays?: number | undefined;
  oauthSecretKey?: string | undefined;
+ passwordResetTokenExpiration?: number | undefined;
  passwordResetTokenExpirationInDays?: number | undefined;
+ passwordEnrollTokenExpiration?: number | undefined;
  passwordEnrollTokenExpirationInDays?: number | undefined;
  ambiguousErrorMessages?: boolean | undefined;
+ bcryptRounds?: number | undefined;
  defaultFieldSelector?: { [key: string]: 0 | 1 } | undefined;
+ collection?: string | undefined;
+ loginTokenExpirationHours?: number | undefined;
+ tokenSequenceLength?: number | undefined;
+ clientStorage?: 'session' | 'local';
  }): void;
 
  function onLogin(