Merge branch 'packaging-dev-bundle' into packaging

meteor

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-BUNDLE_VERSION=0.3.38
+BUNDLE_VERSION=0.3.40
 
 # OS Check. Put here because here is where we download the precompiled
 # bundles that are arch specific.

packages/accounts-password/package.js

@@ -6,6 +6,8 @@ Package.describe({
 });
 
 Package.on_use(function(api) {
+  api.use('npm-bcrypt@=0.7.7', 'server');
+
   api.use('accounts-base', ['client', 'server']);
   // Export Accounts (etc) to packages using this one.
   api.imply('accounts-base', ['client', 'server']);

packages/accounts-password/password_server.js

@@ -1,6 +1,6 @@
 /// BCRYPT
 
-var bcrypt = Npm.require('bcrypt');
+var bcrypt = NpmModuleBcrypt;
 var bcryptHash = Meteor._wrapAsync(bcrypt.hash);
 var bcryptCompare = Meteor._wrapAsync(bcrypt.compare);
 

packages/constraint-solver/resolver.js

@@ -437,7 +437,9 @@ ConstraintSolver.UnitVersion = function (name, unitVersion, ecv) {
   check(self, ConstraintSolver.UnitVersion);
 
   self.name = name;
-  self.version = unitVersion;
+  // Things with different build IDs should represent the same code, so ignore
+  // them. (Notably: depending on @=1.3.1 should allow 1.3.1+local!)
+  self.version = unitVersion.replace(/\+.*$/, '');
   self.dependencies = new ConstraintSolver.DependenciesList();
   self.constraints = new ConstraintSolver.ConstraintsList();
   // a string in a form of "1.2.0"
@@ -552,6 +554,8 @@ ConstraintSolver.Constraint = function (name, versionString) {
     // - version - String - semver string
     _.extend(self, PackageVersion.parseConstraint(name));
   }
+  // See comment in UnitVersion constructor.
+  self.version = self.version.replace(/\+.*$/, '');
 };
 
 ConstraintSolver.Constraint.prototype.toString = function () {

packages/mongo-livedata/.npm/package/npm-shrinkwrap.json

@@ -1,18 +1,15 @@
 {
   "dependencies": {
     "mongodb": {
-      "version": "1.4.1",
+      "version": "https://github.com/meteor/node-mongodb-native/tarball/a9bbf71327e73ada877d25ac0fb4fe8dfff31e4e",
       "dependencies": {
         "bson": {
-          "version": "0.2.7",
+          "version": "git+ssh://git@github.com:meteor/js-bson#574c0eec7428275b679eb118bf131907730f8782",
           "dependencies": {
             "nan": {
               "version": "0.8.0"
             }
           }
-        },
-        "kerberos": {
-          "version": "0.0.3"
         }
       }
     }

packages/mongo-livedata/package.js

@@ -16,7 +16,7 @@ Package.describe({
 });
 
 Npm.depends({
-  mongodb: "1.4.1"
+  mongodb: "https://github.com/meteor/node-mongodb-native/tarball/a9bbf71327e73ada877d25ac0fb4fe8dfff31e4e"
 });
 
 Package.on_use(function (api) {

packages/non-core/README

@@ -0,0 +1,16 @@
+As of Meteor 0.9.0, Meteor supports packages with OS-specific builds (such as
+packages that use binary npm modules). This allows you to deploy apps from one
+platform to another, as long as the package has already published to the package
+server in the appropriate target architecture.
+
+However, this only works if the package can be loaded from the server at all; it
+does not work if the package is only available as local source code in your app,
+or in the main meteor tree if you're running meteor from a git checkout.
+
+Specifically, this means that packages *in the Meteor core* which have
+OS-specific dependencies will prevent apps from being deployed, if meteor is
+being run from the git checkout. To simplify this, we're taking the OS-specific
+dependencies of core packages and moving them to these packages, which are *NOT*
+in "the core". In order to run meteor from a checkout, these packages must be
+already published to the server.  Fortunately, they won't change very
+frequently.

packages/non-core/npm-bcrypt/.gitignore

@@ -0,0 +1 @@
+.build*

packages/non-core/npm-bcrypt/.npm/package/.gitignore

@@ -0,0 +1 @@
+node_modules

packages/non-core/npm-bcrypt/.npm/package/README

@@ -0,0 +1,7 @@
+This directory and the files immediately inside it are automatically generated
+when you change this package's NPM dependencies. Commit the files in this
+directory (npm-shrinkwrap.json, .gitignore, and this README) to source control
+so that others run the same versions of sub-dependencies.
+
+You should NOT check in the node_modules directory that Meteor automatically
+creates; if you are using git, the .gitignore file tells git to ignore it.

packages/non-core/npm-bcrypt/.npm/package/npm-shrinkwrap.json

@@ -0,0 +1,12 @@
+{
+  "dependencies": {
+    "bcrypt": {
+      "version": "0.7.7",
+      "dependencies": {
+        "bindings": {
+          "version": "1.0.0"
+        }
+      }
+    }
+  }
+}

packages/non-core/npm-bcrypt/package.js

@@ -0,0 +1,15 @@
+Package.describe({
+  name: "npm-bcrypt",
+  summary: "Wrapper around the bcrypt npm package",
+  version: '0.7.7',
+  internal: true
+});
+
+Npm.depends({
+  bcrypt: '0.7.7'
+});
+
+Package.on_use(function (api) {
+  api.export('NpmModuleBcrypt', 'server');
+  api.addFiles('wrapper.js', 'server');
+});

packages/non-core/npm-bcrypt/wrapper.js

@@ -0,0 +1 @@
+NpmModuleBcrypt = Npm.require('bcrypt');

packages/non-core/npm-node-aes-gcm/.gitignore

@@ -0,0 +1 @@
+.build*

packages/non-core/npm-node-aes-gcm/.npm/package/.gitignore

@@ -0,0 +1 @@
+node_modules

packages/non-core/npm-node-aes-gcm/.npm/package/README

@@ -0,0 +1,7 @@
+This directory and the files immediately inside it are automatically generated
+when you change this package's NPM dependencies. Commit the files in this
+directory (npm-shrinkwrap.json, .gitignore, and this README) to source control
+so that others run the same versions of sub-dependencies.
+
+You should NOT check in the node_modules directory that Meteor automatically
+creates; if you are using git, the .gitignore file tells git to ignore it.

packages/non-core/npm-node-aes-gcm/.npm/package/npm-shrinkwrap.json

@@ -0,0 +1,7 @@
+{
+  "dependencies": {
+    "node-aes-gcm": {
+      "version": "0.1.3"
+    }
+  }
+}

packages/non-core/npm-node-aes-gcm/package.js

@@ -0,0 +1,15 @@
+Package.describe({
+  name: "npm-node-aes-gcm",
+  summary: "Wrapper around the node-aes-gcm npm package",
+  version: '0.1.3',
+  internal: true
+});
+
+Npm.depends({
+  'node-aes-gcm': '0.1.3'
+});
+
+Package.on_use(function (api) {
+  api.export('NpmModuleNodeAesGcm', 'server');
+  api.addFiles('wrapper.js', 'server');
+});

packages/non-core/npm-node-aes-gcm/wrapper.js

@@ -0,0 +1 @@
+NpmModuleNodeAesGcm = Npm.require('node-aes-gcm');

packages/oauth-encryption/encrypt.js

@@ -1,7 +1,7 @@
 var crypto = Npm.require("crypto");
 // XXX We hope to be able to use the `crypto` module exclusively when
 // Node supports GCM in version 0.11.
-var gcm = Npm.require("node-aes-gcm");
+var gcm = NpmModuleNodeAesGcm;
 
 OAuthEncryption = {};
 

packages/oauth-encryption/package.js

@@ -1,6 +1,3 @@
-// Uses the node-aes-gcm NPM module from the dev bundle (because
-// binary modules aren't working yet).
-
 Package.describe({
   name: "oauth-encryption",
   test: "oauth-encryption-test",
@@ -9,6 +6,7 @@ Package.describe({
 });
 
 Package.on_use(function (api) {
+  api.use('npm-node-aes-gcm@=0.1.3');
   api.export("OAuthEncryption", ["server"]);
   api.use("underscore");
   api.add_files("encrypt.js", ["server"]);

scripts/generate-dev-bundle.sh

@@ -99,22 +99,19 @@ which npm
 cd "$DIR/lib/node_modules"
 npm install semver@2.2.1
 npm install request@2.33.0
-npm install keypress@0.2.1
 npm install underscore@1.5.2
 npm install fstream@0.1.25
 npm install tar@0.1.19
 npm install kexec@0.2.0
 npm install source-map@0.1.32
 npm install source-map-support@0.2.5
-npm install bcrypt@0.7.7
-npm install node-aes-gcm@0.1.3
-npm install heapdump@0.2.5
 
 # Fork of 1.0.2 with https://github.com/nodejitsu/node-http-proxy/pull/592
 npm install https://github.com/meteor/node-http-proxy/tarball/99f757251b42aeb5d26535a7363c96804ee057f0
 
-# Using the unreleased 1.1 branch. We can probably switch to a built NPM version
-# when it gets released.
+# Using the formerly-unreleased 1.1 branch. We can probably switch to a built
+# NPM version now. (For that matter, we ought to be able to get this from
+# the copy in js-analyze rather than in the dev bundle.)
 npm install https://github.com/ariya/esprima/tarball/5044b87f94fb802d9609f1426c838874ec2007b3
 
 # 2.4.0 (more or less, the package.json change isn't committed) plus our PR
@@ -130,6 +127,8 @@ npm install fibers@1.0.1
 # thinking that the packages need to depend on both 32- and 64-bit versions of
 # libstd++. Remove all the ones other than our architecture. (Expression based
 # on build.js in fibers source.)
+# XXX We haven't used dpkg-buildpackge or rpmbuild in ages. If we remove this,
+#     will it let you skip the "npm install fibers" step for running bundles?
 FIBERS_ARCH=$(node -p -e 'process.platform + "-" + process.arch + "-v8-" + /[0-9]+\.[0-9]+/.exec(process.versions.v8)[0]')
 cd fibers/bin
 mv $FIBERS_ARCH ..

tools/package-client.js

@@ -177,7 +177,7 @@ exports.updateServerPackageData = function (cachedServerData) {
   writePackageDataToDisk(remoteData.syncToken, data);
 
   // If we are not done, keep trying!
-  if (remoteData.upToDate) {
+  if (!remoteData.upToDate) {
     this.updateServerPackageData(data);
   }
 

tools/package-source.js

@@ -399,8 +399,7 @@ _.extend(PackageSource.prototype, {
     // we are, let's remember this for things like not recording version files.
     if (files.inCheckout()) {
       var packDir = path.join(files.getCurrentToolsDir(), 'packages');
-      var myDir = self.sourceRoot.slice(0, packDir.length);
-      if (myDir === packDir) {
+      if (path.dirname(self.sourceRoot) === packDir) {
         self.isCore = true;
       }
     }
@@ -1271,7 +1270,10 @@ _.extend(PackageSource.prototype, {
     // If something has changed, and this is an immutable package source, then
     // we have done something terribly, terribly wrong. Throw.
     if (self.immutable) {
-      throw new Error("Version lock for " + self.name + " should never change.");
+      throw new Error(
+        "Version lock for " + self.name + " should never change. Recorded as "
+          + JSON.stringify(self.dependencyVersions) + ", calculated as "
+          + JSON.stringify(versions));
     };
 
     // In case we need to rebuild from this package Source, it will be