Merge branch 'release-3.0' into feature/solving-meteor-callasync-stubvaluepromise

# Conflicts:
#	packages/accounts-2fa/.npm/package/npm-shrinkwrap.json
#	packages/email/.npm/package/npm-shrinkwrap.json
#	packages/npm-mongo/.npm/package/npm-shrinkwrap.json

.circleci/config.yml

@@ -79,7 +79,7 @@ run_save_node_bin: &run_save_node_bin
 build_machine_environment: &build_machine_environment
   # Specify that we want an actual machine (ala Circle 1.0), not a Docker image.
   docker:
-    - image: meteor/circleci:android-30-node-18
+    - image: meteor/circleci:2023.12.1-android-34-node-18
   resource_class: large
   environment:
     # This multiplier scales the waitSecs for selftests.
@@ -178,7 +178,7 @@ jobs:
           command: |
             eval $PRE_TEST_COMMANDS;
             cd dev_bundle/lib
-            ../../meteor npm install @types/node@18.11.9 --save-dev
+            ../../meteor npm install @types/node@20.9.0 --save-dev
             # Ensure that meteor/tools has no TypeScript errors.
             ../../meteor npm install -g typescript
             cd ../../
@@ -750,7 +750,7 @@ jobs:
   Docs:
     docker:
       # This Node version should match that in the meteor/docs CircleCI config.
-      - image: meteor/circleci:android-28-node-12
+      - image: meteor/circleci:2023.12.1-android-34-node-20
     resource_class: large
     environment:
       CHECKOUT_METEOR_DOCS: /home/circleci/test_docs

CODE_OF_CONDUCT.md

@@ -1,69 +1,101 @@
-# Meteor Project Code of Conduct
+# Meteor Code of Conduct
 
-### Community and Diversity
+Meteor Software and its member projects use [Contributor Covenant v2.0](https://contributor-covenant.org/version/2/0/code_of_conduct) as their code of conduct. The full text is included below in English, and [translations](https://www.contributor-covenant.org/translations) are available on the Contributor Covenant website.
 
-We want to build a productive, happy and agile community that welcomes new ideas, constantly looks for areas to improve, and fosters collaboration. 
+## Commitment
 
-The project gains strength from a diversity of backgrounds and perspectives in our contributor community, and we actively seek participation from those who enhance it. This code of conduct exists to lay some ground rules that ensure we can collaborate and communicate effectively, despite our diversity. The code applies equally to founders, team members and those seeking help and guidance.
+All recipients of reports commit to maintain the confidentiality with regard to the reporter and victim of an incident.
 
-### Using This Code
+## Report an issue
 
-This isn’t an exhaustive list of things that you can’t do. Rather, it’s a guide for participation in the community that outlines how each of us can work to keep Meteor a positive, successful, and growing project. 
+To report an issue in one of the projects listed below, please send an email to code-of-conduct@meteor.com.
 
-This code of conduct applies to all spaces managed by the Meteor project or company. This includes Slack, GitHub issues, and any other forums created by the Meteor team which the community uses for communication. Breaches of this code outside these spaces may affect a person's ability to participate within them. We expect it to be honored by everyone who represents or participates in the project, whether officially or informally.
+* [OSS Meteor Projects](https://github.com/meteor)
+* [Meteor Forum](https://forums.meteor.com/)
 
-If you believe someone is violating the code of conduct, please report it by emailing [community@meteor.com](mailto:community@meteor.com). 
+## Code of Conduct panel
 
-### We Strive To:
+The Code of Conduct panel is a moderation team that handle code of conduct issues. The makeup of this team is as follows:
 
-- **Be open, patient, and welcoming**
+* CEO at Meteor Software - Frederico Maia Arantes
+* DevRel Manager at Meteor Software - Tatiana Barros
+* Software Engineer at Meteor Software - Denilson Silva
+* CEO at High Impact Tech - Alim S. Gafar
 
-    Members of this community are open to collaboration, whether it's on PRs, issues, or problems. We're receptive to constructive comment and criticism, as we value what the experiences and skill sets of contributors bring to the project. We're accepting of all who wish to get involved, and find ways for anyone to participate in a way that best matches their strengths.
-  
-- **Be considerate**
+Members of the CoCP team will be added for a 1-year term and will be re-confirmed on a yearly basis.
 
-    We are considerate of our peers: other Meteor users and contributors. We’re thoughtful when addressing others’ efforts, keeping in mind that work is often undertaken for the benefit of the community. We also value others’ time and appreciate that not every issue or comment will be responded to immediately. We strive to be mindful in our communications, whether in person or online, and we're tactful when approaching views that are different from our own.
-    
-- **Be respectful**
+## Our Pledge
 
-    As a community of professionals, we are professional in our handling of disagreements, and don’t allow frustration to turn into a personal attack. We work together to resolve conflict, assume good intentions and do our best to act in an empathic fashion. 
+We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
 
-    We do not tolerate harassment or exclusionary behavior. This includes, but is not limited to:
-  - Violent threats or language directed against another person.
-  - Discriminatory jokes and language.
-  - Posting sexually explicit or sexualized content.
-  - Posting content depicting or encouraging violence. 
-  - Posting (or threatening to post) other people's personally identifying information ("doxing").
-  - Personal insults, especially those using racist or sexist terms.
-  - Unwelcome sexual attention.
-  - Advocating for, or encouraging, any of the above behavior.
-  - Repeated harassment of others. In general, if someone asks you to stop, then stop.
-  
-- **Take responsibility for our words and our actions**
+We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
 
-    We can all make mistakes; when we do, we take responsibility for them. If someone has been harmed or offended, we listen carefully and respectfully. We are also considerate of others’ attempts to amend their mistakes.
-    
-- **Be collaborative**  
+## Our Standards
 
-    The work we produce is (and is part of) an ecosystem containing several parallel efforts working towards a similar goal. Collaboration between teams and individuals that each have their own goal and vision is essential to reduce redundancy and improve the quality of our work. 
-    
-    Internally and externally, we celebrate good collaboration. Wherever possible, we work closely with upstream projects and others in the free software community to coordinate our efforts. We prefer to work transparently and involve interested parties as early as possible.
-    
-- **Ask for help when in doubt**
+Examples of behavior that contributes to a positive environment for our community include:
 
-    Nobody is expected to be perfect in this community. Asking questions early avoids many problems later, so questions are encouraged, though they may be directed to the appropriate forum. Those who are asked should be responsive and helpful.
-    
-- **Take initiative** 
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility apologizing to those affected by our mistakes, and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall community
 
-    We encourage new participants to feel empowered to lead, to take action, and to experiment when they feel innovation could improve the project. If we have an idea for a new tool, or how an existing tool can be improved, we speak up and take ownership of that work when possible. 
-    
-### Attribution
+Examples of unacceptable behavior include:
 
-Sections of this Code of Conduct were inspired in by the following Codes from other open source projects and resources we admire:  
+* The use of sexualized language or imagery, and sexual attention or advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others’ private information, such as a physical or email address, without their explicit permission
+* Other conduct that could reasonably be considered inappropriate in a professional setting
 
-- [The Contributor Covenant](https://www.contributor-covenant.org/version/1/4/code-of-conduct/)
-- [Python](https://www.python.org/psf/codeofconduct/)
-- [Ubuntu](https://ubuntu.com/community/code-of-conduct)
-- [Django](https://www.djangoproject.com/conduct/)
+## Enforcement Responsibilities
 
-*This Meteor Code of Conduct is licensed under the [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/) license. This Code was last updated on August 28, 2017.* 
+Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned with this Code of Conduct and will communicate reasons for moderation decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at the email addresses listed above in the Reporting section. All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact:** Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community.
+
+**Consequence:** A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact:** A violation through a single incident or series of actions.
+
+**Consequence:** A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period. This includes avoiding interactions in community space and external channels like social media. Violating these terms may lead to a temporary or permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact:** A serious violation of community standards, including sustained inappropriate behavior.
+
+**Consequence:** A temporary ban from anf interaction or public communication with the community for a specified period. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact:** Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from public interaction within the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the Contributor Covenant, version 2.0, available at https://www.contributor-covenant.org/version/2/0/code\_of\_conduct.html.
+
+Community Impact Guidelines were inspired by [OpenJS's code of conduct](https://github.com/openjs-foundation/cross-project-council/blob/main/CODE_OF_CONDUCT.md) enforcement ladder.
+
+For answers to common questions about this code of conduct, see the FAQ at [https://www.contributor-covenant.org/faq](https://www.contributor-covenant.org/faq). Translations are available at [https://www.contributor-covenant.org/translations](https://www.contributor-covenant.org/translations).

README.md

@@ -82,7 +82,7 @@ meteor
 **Building an application with Meteor?**
 
 * Deploy on [Meteor Cloud](https://www.meteor.com/cloud)
-* Discussion [Forums](https://forums.meteor.com/)
+* Discuss on [Forums](https://forums.meteor.com/)
 * Join the Meteor community Slack by clicking this [invite link](https://join.slack.com/t/meteor-community/shared_invite/enQtODA0NTU2Nzk5MTA3LWY5NGMxMWRjZDgzYWMyMTEyYTQ3MTcwZmU2YjM5MTY3MjJkZjQ0NWRjOGZlYmIxZjFlYTA5Mjg4OTk3ODRiOTc).
 * Announcement list. Subscribe in the [footer](https://www.meteor.com/).
 
@@ -94,4 +94,14 @@ Interested in helping or contributing to Meteor?  These resources will help:
 * [Feature requests](https://github.com/meteor/meteor/discussions/)
 * [Issue tracker](https://github.com/meteor/meteor/issues)
 
-To uninstall Meteor [read here](https://docs.meteor.com/install.html#uninstall).
+To uninstall Meteor: 
+  - If installed via npm, run:
+      ```shell
+      meteor-installer uninstall
+      ```
+  - If installed via curl, run:
+    ```shell
+    rm -rf ~/.meteor 
+    sudo rm /usr/local/bin/meteor
+    ```
+To find more information about installation, [read here](https://docs.meteor.com/install.html#uninstall).

docs/_config.yml

@@ -1,6 +1,7 @@
 title: Meteor API Docs
 subtitle: API Docs
 versions:
+  - '2.14'
   - '2.13'
   - '2.12'
   - '2.11'
@@ -89,6 +90,7 @@ sidebar_categories:
     - packages/underscore
     - packages/url
     - packages/webapp
+    - packages/packages-listing
   Command Line:
     - commandline
     - environment-variables

docs/generators/changelog/EXAMPLE.MD

@@ -1,36 +1,50 @@
 ## vX.XX.X, 2023-XX-XX
 
-### Highlights
-
+## Highlights
+List the most important changes to catch people's attention.
+Are there breaking changes? Mention it here and link them.
+Are there exciting new features? Mention it here and link them.
+For example:
 * MongoDB Server 6.x Support
 * Embedded Mongo now uses MongoDB 6.0.3
-* Some pr [GH someone] [PR #number] // this will become -> [someone](https://github.com/someone) [PR](https://github.com/meteor/meteor/pull/number)
-#### Breaking Changes
-
-N/A
-
-####  Internal API changes
-
-N/A
-
-#### Migration Steps
-
-TODO
-
-#### Meteor Version Release
 
 
-* `Command line`:
-    - Corrected typo in XX XX
+## Migration Steps
+Steps to migrate to this version. If it's a long one, we should have a migration guide page.
 
-* `npm mongo @4.13.0`: // You can use @get-version to get the version of the package
+## New Features
+- Feature 1 description. PR Link.
+- Feature 2 description. PR Link.
+- Some feature. pr [GH someone] [PR #number] // this will become -> [someone](https://github.com/someone) [PR](https://github.com/meteor/meteor/pull/number)
+- `Command line`:
+    - Added feature X
+## Patch changes
+- Patch Change 1 description. PR Link.
+- Patch Change 2 description. PR Link.
+- `npm mongo @4.13.0`: // You can use @get-version to get the version of the package
     - Updated MongoDB driver to version 4.13.0
 
-#### Special thanks to
+## Breaking Changes
+- Breaking change 1.
+- Breaking change 1.
 
+* `fetch@get-version`:
+    - X has changed
+
+## Docs
+- Docs change 1.
+- Docs change 2.
+
+## Core dependencies
+Core dependency change 1.
+Core dependency change 2.
+
+## Dependencies
+Dependency change 1.
+Dependency change 2.
+
+## Contributors
+- Contributor 1.
 - [@XXX](https://github.com/XXXX).
 
-
 For making this great framework even better!
-
-

docs/generators/changelog/script.js

@@ -75,7 +75,8 @@ const main = async () => {
 
         // already have the contribuitors thanks in the file
         if (
-          file.includes("#### Special thanks to") ||
+          file.includes('## Contributors') ||
+           file.includes("#### Special thanks to") || // this must stay here for legacy reasons
           file.includes("[//]: # (Do not edit this file by hand.)")
         )
           return file;
@@ -85,7 +86,7 @@ const main = async () => {
           .map((name) => `- [@${name}](https://github.com/${name}).`)
           .join("\n");
 
-        const doneFile = `${file}\n\n#### Special thanks to\n\n${contribuitorsList}\n\n`;
+        const doneFile = `${file}\n\n## Contributors\n\n${contribuitorsList}\n\n`;
 
         //SIDE EFFECTS
         // so that this is not ran every time, we will update the last file.

docs/generators/changelog/versions/0-before-2.10.md

@@ -441,7 +441,7 @@ N/A
 
 * `mongo@1.15.0`
     - New option `Meteor.settings.packages.mongo.reCreateIndexOnOptionMismatch` for case when an index with the same name, but different options exists it will be re-created.
-    - If there is an error on index creation Meteor will output a better message naming the collection and index where the error occured. [PR](https://github.com/meteor/meteor/pull/11995).
+    - If there is an error on index creation Meteor will output a better message naming the collection and index where the error occurred. [PR](https://github.com/meteor/meteor/pull/11995).
 * `modern-browsers@0.1.8`
     - New api `getMinimumBrowserVersions` to access the `minimumBrowserVersions`. [PR](https://github.com/meteor/meteor/pull/11998).
 * `socket-stream-client@0.5.0`
@@ -656,7 +656,7 @@ Read our [Migration Guide](https://guide.meteor.com/2.6-migration.html) for this
     - useUnifiedTopology is not an option anymore, it defaults to true.
     - native parser is not an option anymore, it defaults to false in the mongo connection.
     - poolSize not an option anymore, we are using max/minPoolSize for the same behavior on mongo connection.
-    - fields option is deprecated, we are maintaining a translation layer to "projection" field (now prefered) until the next minor version, where we will start showing alerts.
+    - fields option is deprecated, we are maintaining a translation layer to "projection" field (now preferred) until the next minor version, where we will start showing alerts.
     - _ensureIndex is now showing a deprecation message
     - we are maintaining a translation layer for the new oplog format, so if you read or rely on any behavior of it please read our oplog_v2_converter.js code
     - update/insert/remove behavior is maintained in the Meteor way, documented in our docs, but we are now using replaceOne/updateOne/updateMany internally. This is subject to changes in the API rewrite of MongoDB without Fibers AND if you are using rawCollection directly you have to review your methods otherwise you will see deprecation messages if you are still using the old mongodb style directly.

docs/generators/changelog/versions/2.14.md

@@ -0,0 +1,229 @@
+## v2.14.0, 2023-12-12
+
+### Highlights
+
+Hacktoberfest release! 🎉
+
+* MongoDB driver has been updated to v4.17.2.
+
+* You can now set `DISABLE_SOCKJS_CORS=1` if you want to prevent SockJS from setting CORS headers. Do not set this option if you will have DDP clients from other origins connecting to the DDP server. [PR #12789]
+
+* Added guide on [how to prepare for Meteor 3.0 migration](https://guide.meteor.com/prepare-meteor-3.0).
+
+* New DDP merge strategy `NO_MERGE_MULTI`, which is similar to `NO_MERGE`, but it does track whether a document is used by multiple publications. [PR #12742]
+
+* Appcache has been further deprecated and moved to the deprecated packages folder.
+
+* Added `Accounts.createUserAsync` into the client.
+
+* Many packages had their underscore dependency removed.
+
+* Cordova has been updated to v12.0.1 for Android and v7.0.1 for iOS, being able to build to SDK 33.
+
+* `meteor create` command is now interactive!
+
+* Added `firstRunPromise` property to `Tracker` autorun blocks, that forces autorun blocks to be executed in synchronous-looking order by storing the value autorun promise thus making it awaitable.
+
+#### Migration Steps
+
+##### Android splash screen
+If you have been using `splash-screen` for Cordova, you need to update your code as Android changed their splash screen API,
+the `cordova-plugin-splashscreen` is now on `cordova-android` core, so we have removed the dependency from the `splash-screen`
+package. As a result we are dropping the support for dark mode splash screen on Android.
+
+To create this now you need to create two themes on your `config.xml` file.
+
+>  Note that it's still possible to have it by adding the according themes with App.appendToConfig and App.addResourceFile - but this is not something Meteor will do automatically right now.
+
+For more information you can check our [Migration Guide](https://guide.meteor.com/2.14-migration.html)
+
+## Breaking Changes
+
+* `splash-screen` package has removed the `cordova-plugin-splashscreen` dependency. See migration steps for more info.
+
+## Docs
+
+- Added guide on [how to prepare for Meteor 3.0 migration](https://guide.meteor.com/prepare-meteor-3.0).
+- Added guide on [performance improvements](https://guide.meteor.com/performance-improvement).
+- Added FAQ about [Meteor 3](https://guide.meteor.com/3.0-migration).
+
+##  Internal API changes
+
+* Tool
+  - Rename `EACCESS` to `EACCES` to follow the Windows spelling
+  - Fixed links in skeletons
+  - Fixed build issue in Vue skeleton
+  - Updated `source-map-support`
+  - Fixed bugs in negated “in” and “instanceof” expressions
+  - Updated `semver` to v7.5.4
+  - Updated `@meteorjs/babel` to v7.18.4
+  - Cordova has been updated to v12.0.1 for Android and v7.0.1 for iOS, being able to build to SDK 33.
+  - `meteor create` command was re-made to be more interactive
+
+## Meteor Version Release
+
+* `accounts-base@get-version`
+  - Ensure that `onLogin` callback fires properly
+  - Indexes are now created asynchronously
+
+* `accounts-oauth@get-version`
+  - Indexes are now created asynchronously
+
+* `accounts-password@get-version`
+  - Add `Accounts.createUserAsync` to the client, a promise-based version of `Accounts.createUser`
+  - Indexes are now created asynchronously
+
+* `accounts-passwordless@get-version`
+  - Fix #12401, ensure that user is found with ID
+  - Indexes are now created asynchronously
+
+* `babel-compiler@get-version`
+  - Updated `@meteorjs/babel` to v7.18.4
+
+* `boilerplate-generator@get-version`
+  - Removed Underscore dependency
+
+* `browser-policy-content@get-version`
+  - Removed Underscore dependency
+
+* `constraint-solver@get-version`
+  - Removed Underscore dependency
+
+* `crosswalk@get-version`
+  - Updated `cordova-plugin-crosswalk-webview` to v2.4.0
+  - Deprecated the package
+
+* `ddp-rate-limiter@get-version`
+  - Removed Underscore dependency
+* `ddp-server@get-version`:
+  - Allow setting `DISABLE_SOCKJS_CORS` to prevent SockJS from setting CORS headers
+  - Added new publication strategy `NO_MERGE_MULTI`
+
+* `ecmascript@get-version`:
+  - Bumped to get latest version of `@babel/compiler`
+
+* `facebook-oauth@get-version`:
+  - Updated default version of Facebook GraphAPI to v17
+
+* `launch-screen@get-version`
+  - Removed `cordova-plugin-splashscreen` dependency
+
+* `fetch@get-version`:
+  - Update `node-fetch` to version 1.6.12
+  - Update `whatwg-fetch` to version 3.6.17
+
+* `logging@get-version`:
+  - Added TS types
+  - Updated `chalk` to v4.1.2
+
+* `logic-solver@get-version`
+  - Removed Underscore dependency
+
+* `meteor@get-version`:
+  - Improve TS types
+
+* `mobile-experience@get-version`:
+  - Bumped to get latests version of `cordova` dependencies
+
+* `modern-browsers@get-version`
+  - Added `appleMail` user agent to allow modern bundle on iPads
+
+* `modules@get-version`
+  - Updated version of reify to v0.24.1
+
+* `mongo@get-version`
+  - Added deprecation messages into type definitions
+  - Fix ObjectIDs handling in oplogV2V1Converter
+
+* `npm-mongo@get-version`:
+  - Bumped MongoDB driver to version 4.17.2
+
+* `oauth@get-version`
+  - Indexes are now created asynchronously
+  - `remove` DB calls migrated to `removeAsync`
+
+* `package-version-parser@get-version`
+  - Updated `semver` to v7.5.4
+
+* `react-fast-refresh@get-version`:
+  - Updated `semver` to version 7.5.4
+
+* `service-configuration@get-version`
+  - Indexes are now created asynchronously
+  - Add types for ConfigError
+
+* `socket-stream-client@get-version`
+  - Removed Underscore dependency
+
+* `standard-minifier-css@get-version`
+  - Updated `@babel/runtime` to v7.23.5
+  - Updated `minifier-css` to v1.6.4
+  - Updated `logging` package to v1.3.2
+
+* `test-server-tests-in-console-once@get-version`
+  - Removed Underscore dependency
+
+* `tinytest@get-version`
+  - Removed Underscore dependency
+
+* `tracker@get-version`
+  - Added `firstRunPromise` property, that forces autorun blocks to be executed
+   in synchronous-looking order by storing the value autorun promise
+    thus making it awaitable
+
+* `typescript@get-version`:
+  - Updated to 4.9.5
+
+* `webapp@get-version`
+  - Updated `cordova-plugin-meteor-webapp` to v2.0.3
+  - Updated `cookie-parser` to v1.4.6
+  - Updated `send` to v0.18.0
+  - Updated `stream-to-string` to v1.2.1
+  - Updated `qs` to v6.11.2
+  - Updated `@types/connect` to v3.4.38
+
+
+## Independent releases
+
+* `google-oauth@1.4.4`:
+  - Remove logging request/response in google_server
+
+* NPM `@meteorjs/babel@7.18.4`
+  - Updated `@meteorjs/reify` to v0.24.1
+
+* NPM `@meteorjs/babel-preset-meteor@7.10.1`
+  - Add Facebook in-app browser
+
+* NPM `cordova-plugin-meteor-webapp@2.0.2`
+  - Fixed Android hot code push failing
+
+* NPM `cordova-plugin-meteor-webapp@2.0.3`
+  - Fix pull manifest from correct url if parameter are used in baseurl
+
+* NPM `meteor-node-stubs@1.2.6`
+  - Update dependencies
+  - Deep update dependencies that were highlighted by `npm audit`
+
+## Contributors
+
+- [@StorytellerCZ](https://github.com/sponsors/StorytellerCZ)
+- [@Grubba27](https://github.com/sponsors/Grubba27)
+- [@vit0rr](https://github.com/vit0rr)
+- [@realyze](https://github.com/realyze)
+- [@jamauro](https://github.com/jamauro)
+- [@Torgen](https://github.com/Torgen)
+- [@brucejo75](https://github.com/brucejo75)
+- [@zodern](https://github.com/sponsors/zodern)
+- [@alisnic](https://github.com/alisnic)
+- [@ebroder](https://github.com/ebroder)
+- [@BANSAL-NISHU](https://github.com/BANSAL-NISHU)
+- [@salmanhasni](https://github.com/salmanhasni)
+- [@jdgjsag67251](https://github.com/jdgjsag67251)
+- [@guncebektas](https://github.com/guncebektas)
+- [@harryadel](https://github.com/harryadel)
+- [@dd137](https://github.com/dd137)
+- [@matheusccastroo](https://github.com/matheusccastroo)
+- [@mr-loop-1](https://github.com/mr-loop-1)
+
+For making this great framework even better!
+

docs/generators/packages-listing/README.md

@@ -0,0 +1,18 @@
+# Listing of all meteor core packages
+
+This is a script that will generate a list of all meteor core packages, being ran every build.
+This ensures that we always have a list of core packages up to date with their correct links to GitHub.
+
+
+We can always add packages to the list by adding them to the `script.js` constant `OUTSIDE_OF_CORE_PACKAGES`.
+
+Should follow the following format:
+
+```js
+{
+  name: 'package-name',
+  link: 'https://link-to-github.com/meteor/meteor/tree/devel/packages/package-name'
+}
+```
+
+At the end, this script will update the file located in `docs/source/packages/packages-listing.md` with the new list of packages.

docs/generators/packages-listing/script.js

@@ -0,0 +1,68 @@
+const fs = require('fs').promises;
+const HEADER_TEMPLATE = `
+---
+title: Core Package Listing
+description: list of all Meteor core packages.
+---
+
+[//]: # (Do not edit this file by hand.)
+
+[//]: # (This is a generated file.)
+
+[//]: # (If you want to change something in this file)
+
+[//]: # (go to meteor/docs/generators/packages-listing)
+
+# Core Packages
+
+
+`
+
+const OUTSIDE_OF_CORE_PACKAGES = [
+  {
+    name: 'blaze',
+    link: 'https://github.com/meteor/blaze'
+  },
+  {
+    name: 'react-packages',
+    link: 'https://github.com/meteor/react-packages'
+  }
+];
+
+const IGNORED = [
+  'depracated',
+  'non-core'
+];
+const getPackages = async () => {
+  const packages =
+  (await fs.readdir('../packages', { withFileTypes: true }))
+    .filter(dirent => dirent.isDirectory())
+    .map(dirent => dirent.name)
+    .filter(name => !IGNORED.includes(name))
+    .map(name => {
+      return  {
+        name,
+        link: `https://github.com/meteor/meteor/tree/devel/packages/${name}`
+      }
+    });
+    return [...OUTSIDE_OF_CORE_PACKAGES, ...packages, ];
+}
+
+const generateMarkdown = (packages) =>
+   packages
+    .map(({name, link}) => `- [${name}](${link})`)
+    .join('\n');
+
+
+
+async function main() {
+  console.log("🚂 Started listing 🚂");
+  const packages = await getPackages();
+  const markdown = generateMarkdown(packages);
+  const content = HEADER_TEMPLATE + markdown;
+  console.log("📝 Writing to file 📝");
+  await fs.writeFile('./source/packages/packages-listing.md', content);
+  console.log("🚀 Done 🚀");
+}
+
+main();

docs/history.md

@@ -321,7 +321,7 @@
   - Package was bumped due to a dependency update. No code changes were made.
 
 - `http@`:
-  - Updated handlers to use `handlers` that are now using express.
+  - Updated handlers to use `handlers`
 - `id-map@2.0.0`:
 
   - Added `forEachAsync` method.
@@ -556,7 +556,7 @@
 
 - `spiderable@`:
 
-  - Updated handlers to use `handlers` that are now using express.
+  - Updated handlers to use `handlers` that are now using express
   - removed `fibers` usage if flag is set to `true`
 
 - `standard-minifier-css@2.0.0`:
@@ -645,7 +645,7 @@
     - `WebAppInternals.getBoilerplate`
 
   - Changed engine from connect to express and changed api naming to match express. See below:
-  - `WebApp.connectHandlers.use(middleware)` is now `WebApp.handlers.use(middleware)` using express.
+  - `WebApp.connectHandlers.use(middleware)` is now `WebApp.handlers.use(middleware)`
   - `WebApp.rawConnectHandlers.use(middleware)` is now `WebApp.rawHandlers.use(middleware)`
   - `WebApp.connectApp` is now `WebApp.expressApp`
 
@@ -721,6 +721,237 @@
 - [@StorytellerCZ](https://github.com/sponsors/StorytellerCZ/)
 
 For making this great framework even better!
+
+## v2.14.0, 2023-12-XX
+
+### Highlights
+
+Hacktoberfest release! 🎉
+
+* MongoDB driver has been updated to v4.17.2.
+
+* You can now set `DISABLE_SOCKJS_CORS=1` if you want to prevent SockJS from setting CORS headers. Do not set this option if you will have DDP clients from other origins connecting to the DDP server. [PR](https://github.com/meteor/meteor/pull/12789)
+
+* Added guide on [how to prepare for Meteor 3.0 migration](https://guide.meteor.com/prepare-meteor-3.0).
+
+* New DDP merge strategy `NO_MERGE_MULTI`, which is similar to `NO_MERGE`, but it does track whether a document is used by multiple publications. [PR](https://github.com/meteor/meteor/pull/12742)
+
+* Appcache has been further deprecated and moved to the deprecated packages folder.
+
+* Added `Accounts.createUserAsync` into the client.
+
+* Many packages had their underscore dependency removed.
+
+* Cordova has been updated to v12.0.1 for Android and v7.0.1 for iOS, being able to build to SDK 33.
+
+* `meteor create` command is now interactive!
+
+* Added `firstRunPromise` property to `Tracker` autorun blocks, that forces autorun blocks to be executed in synchronous-looking order by storing the value autorun promise thus making it awaitable.
+
+#### Migration Steps
+
+##### Android splash screen
+If you have been using `splash-screen` for Cordova, you need to update your code as Android changed their splash screen API,
+the `cordova-plugin-splashscreen` is now on `cordova-android` core, so we have removed the dependency from the `splash-screen`
+package. As a result we are dropping the support for dark mode splash screen on Android.
+
+To create this now you need to create two themes on your `config.xml` file.
+
+>  Note that it's still possible to have it by adding the according themes with App.appendToConfig and App.addResourceFile - but this is not something Meteor will do automatically right now.
+
+For more information you can check our [Migration Guide](https://guide.meteor.com/2.14-migration.html)
+
+## Breaking Changes
+
+* `splash-screen` package has removed the `cordova-plugin-splashscreen` dependency. See migration steps for more info.
+
+## Docs
+
+- Added guide on [how to prepare for Meteor 3.0 migration](https://guide.meteor.com/prepare-meteor-3.0).
+- Added guide on [performance improvements](https://guide.meteor.com/performance-improvement).
+- Added FAQ about [Meteor 3](https://guide.meteor.com/3.0-migration).
+
+##  Internal API changes
+
+* Tool
+    - Rename `EACCESS` to `EACCES` to follow the Windows spelling
+    - Fixed links in skeletons
+    - Fixed build issue in Vue skeleton
+    - Updated `source-map-support`
+    - Fixed bugs in negated “in” and “instanceof” expressions
+    - Updated `semver` to v7.5.4
+    - Updated `@meteorjs/babel` to v7.18.4
+    - Cordova has been updated to v12.0.1 for Android and v7.0.1 for iOS, being able to build to SDK 33.
+    - `meteor create` command was re-made to be more interactive
+
+## Meteor Version Release
+
+* `accounts-base@2.2.9`
+    - Ensure that `onLogin` callback fires properly
+    - Indexes are now created asynchronously
+
+* `accounts-oauth@1.4.3`
+    - Indexes are now created asynchronously
+
+* `accounts-password@2.4.0`
+    - Add `Accounts.createUserAsync` to the client, a promise-based version of `Accounts.createUser`
+    - Indexes are now created asynchronously
+
+* `accounts-passwordless@2.1.4`
+    - Fix #12401, ensure that user is found with ID
+    - Indexes are now created asynchronously
+
+* `babel-compiler@7.10.5`
+    - Updated `@meteorjs/babel` to v7.18.4
+
+* `boilerplate-generator@1.7.2`
+    - Removed Underscore dependency
+
+* `browser-policy-content@1.1.3`
+    - Removed Underscore dependency
+
+* `constraint-solver@1.2.1`
+    - Removed Underscore dependency
+
+* `crosswalk@1.7.2`
+    - Updated `cordova-plugin-crosswalk-webview` to v2.4.0
+    - Deprecated the package
+
+* `ddp-rate-limiter@1.2.1`
+    - Removed Underscore dependency
+* `ddp-server@2.7.0`:
+    - Allow setting `DISABLE_SOCKJS_CORS` to prevent SockJS from setting CORS headers
+    - Added new publication strategy `NO_MERGE_MULTI`
+
+* `ecmascript@0.16.8`:
+    - Bumped to get latest version of `@babel/compiler`
+
+* `facebook-oauth@1.11.3`:
+    - Updated default version of Facebook GraphAPI to v17
+
+* `launch-screen@2.0.0`
+    - Removed `cordova-plugin-splashscreen` dependency
+
+* `fetch@0.1.4`:
+    - Update `node-fetch` to version 1.6.12
+    - Update `whatwg-fetch` to version 3.6.17
+
+* `logging@1.3.3`:
+    - Added TS types
+    - Updated `chalk` to v4.1.2
+
+* `logic-solver@2.0.9`
+    - Removed Underscore dependency
+
+* `meteor@1.11.4`:
+    - Improve TS types
+
+* `mobile-experience@1.1.1`:
+    - Bumped to get latests version of `cordova` dependencies
+
+* `modern-browsers@0.1.10`
+    - Added `appleMail` user agent to allow modern bundle on iPads
+
+* `modules@0.20.0`
+    - Updated version of reify to v0.24.1
+
+* `mongo@1.16.8`
+    - Added deprecation messages into type definitions
+    - Fix ObjectIDs handling in oplogV2V1Converter
+
+* `npm-mongo@4.17.2`:
+    - Bumped MongoDB driver to version 4.17.2
+
+* `oauth@2.2.1`
+    - Indexes are now created asynchronously
+    - `remove` DB calls migrated to `removeAsync`
+
+* `package-version-parser@3.2.2`
+    - Updated `semver` to v7.5.4
+
+* `react-fast-refresh@0.2.8`:
+    - Updated `semver` to version 7.5.4
+
+* `service-configuration@1.3.2`
+    - Indexes are now created asynchronously
+    - Add types for ConfigError
+
+* `socket-stream-client@0.5.2`
+    - Removed Underscore dependency
+
+* `standard-minifier-css@1.9.2`
+    - Updated `@babel/runtime` to v7.23.5
+    - Updated `minifier-css` to v1.6.4
+    - Updated `logging` package to v1.3.2
+
+* `test-server-tests-in-console-once@1.0.12`
+    - Removed Underscore dependency
+
+* `tinytest@1.2.3`
+    - Removed Underscore dependency
+
+* `tracker@1.3.3`
+    - Added `firstRunPromise` property, that forces autorun blocks to be executed
+      in synchronous-looking order by storing the value autorun promise
+      thus making it awaitable
+
+* `typescript@4.9.5`:
+    - Updated to 4.9.5
+
+* `webapp@1.13.6`
+    - Updated `cordova-plugin-meteor-webapp` to v2.0.3
+    - Updated `cookie-parser` to v1.4.6
+    - Updated `send` to v0.18.0
+    - Updated `stream-to-string` to v1.2.1
+    - Updated `qs` to v6.11.2
+    - Updated `@types/connect` to v3.4.38
+
+
+## Independent releases
+
+* `google-oauth@1.4.4`:
+    - Remove logging request/response in google_server
+
+* NPM `@meteorjs/babel@7.18.4`
+    - Updated `@meteorjs/reify` to v0.24.1
+
+* NPM `@meteorjs/babel-preset-meteor@7.10.1`
+    - Add Facebook in-app browser
+
+* NPM `cordova-plugin-meteor-webapp@2.0.2`
+    - Fixed Android hot code push failing
+
+* NPM `cordova-plugin-meteor-webapp@2.0.3`
+    - Fix pull manifest from correct url if parameter are used in baseurl
+
+* NPM `meteor-node-stubs@1.2.6`
+    - Update dependencies
+    - Deep update dependencies that were highlighted by `npm audit`
+
+## Contributors
+
+- [@StorytellerCZ](https://github.com/sponsors/StorytellerCZ)
+- [@Grubba27](https://github.com/sponsors/Grubba27)
+- [@vit0rr](https://github.com/vit0rr)
+- [@realyze](https://github.com/realyze)
+- [@jamauro](https://github.com/jamauro)
+- [@Torgen](https://github.com/Torgen)
+- [@brucejo75](https://github.com/brucejo75)
+- [@zodern](https://github.com/sponsors/zodern)
+- [@alisnic](https://github.com/alisnic)
+- [@ebroder](https://github.com/ebroder)
+- [@BANSAL-NISHU](https://github.com/BANSAL-NISHU)
+- [@salmanhasni](https://github.com/salmanhasni)
+- [@jdgjsag67251](https://github.com/jdgjsag67251)
+- [@guncebektas](https://github.com/guncebektas)
+- [@harryadel](https://github.com/harryadel)
+- [@dd137](https://github.com/dd137)
+- [@matheusccastroo](https://github.com/matheusccastroo)
+- [@mr-loop-1](https://github.com/mr-loop-1)
+
+For making this great framework even better!
+
+
 ## v2.13.3, 2023-09-08
 
 ### Highlights
@@ -1691,7 +1922,7 @@ N/A
 
 * `mongo@1.15.0`
     - New option `Meteor.settings.packages.mongo.reCreateIndexOnOptionMismatch` for case when an index with the same name, but different options exists it will be re-created.
-    - If there is an error on index creation Meteor will output a better message naming the collection and index where the error occured. [PR](https://github.com/meteor/meteor/pull/11995).
+    - If there is an error on index creation Meteor will output a better message naming the collection and index where the error occurred. [PR](https://github.com/meteor/meteor/pull/11995).
 * `modern-browsers@0.1.8`
     - New api `getMinimumBrowserVersions` to access the `minimumBrowserVersions`. [PR](https://github.com/meteor/meteor/pull/11998).
 * `socket-stream-client@0.5.0`
@@ -1906,7 +2137,7 @@ Read our [Migration Guide](https://guide.meteor.com/2.6-migration.html) for this
     - useUnifiedTopology is not an option anymore, it defaults to true.
     - native parser is not an option anymore, it defaults to false in the mongo connection.
     - poolSize not an option anymore, we are using max/minPoolSize for the same behavior on mongo connection.
-    - fields option is deprecated, we are maintaining a translation layer to "projection" field (now prefered) until the next minor version, where we will start showing alerts.
+    - fields option is deprecated, we are maintaining a translation layer to "projection" field (now preferred) until the next minor version, where we will start showing alerts.
     - _ensureIndex is now showing a deprecation message
     - we are maintaining a translation layer for the new oplog format, so if you read or rely on any behavior of it please read our oplog_v2_converter.js code
     - update/insert/remove behavior is maintained in the Meteor way, documented in our docs, but we are now using replaceOne/updateOne/updateMany internally. This is subject to changes in the API rewrite of MongoDB without Fibers AND if you are using rawCollection directly you have to review your methods otherwise you will see deprecation messages if you are still using the old mongodb style directly.

docs/long-form/oplog-observe-driver.md

@@ -8,7 +8,7 @@ Most users don't use `observeChanges` directly, but whenever you return a cursor
 
 Previous versions of Meteor only had one strategy for implementing `observeChanges`: the "poll-and-diff" algorithm, implemented by the `PollingObserveDriver` class.  This approach re-runs the query frequently and calculates the difference between each set of results. This code is simple and has historically contained very few bugs. But the cost of the `PollingObserveDriver` is proportional to the poll frequency and to the size of each query result, and the time from database change to callback invocation depends on whether the write originated in the same Meteor server process (very fast) or in another process (up to 10 seconds).
 
-Starting with Meteor 0.7.0, Meteor can use an additional strategy to implemnt `observeChanges`: **oplog tailing**, implemented by the `OplogObserveDriver` class.
+Starting with Meteor 0.7.0, Meteor can use an additional strategy to implement `observeChanges`: **oplog tailing**, implemented by the `OplogObserveDriver` class.
 Meteor now knows how to read the MongoDB "operations log" --- a special collection that records all the write operations as they are applied to your database. This means changes to the database can be instantly noticed and reflected in Meteor, whether they originated from Meteor or from an external database client. Oplog tailing has different performance characteristics than "poll-and-diff" which are superior in many cases.
 
 `OplogObserveDriver` needs to understand the meaning of MongoDB [selectors](http://docs.meteor.com/#selectors), [field specifiers](http://docs.meteor.com/#fieldspecifiers), [modifiers](http://docs.meteor.com/#modifiers), and [sort specifiers](http://docs.meteor.com/#sortspecifiers) at a much deeper level than `PollingObserveDriver`. This is because it actually needs to understand how write operations that it sees in the oplog interact with queries, instead of just relying on the MongoDB server to repeatedly execute the query. To deal with these structures, `OplogObserveDriver` uses Meteor's implementation of the MongoDB query engine, [Minimongo](https://github.com/meteor/meteor/tree/master/packages/minimongo), which Meteor also uses as its client-side local database cache.

docs/package.json

@@ -23,8 +23,9 @@
     "underscore": "1.13.1"
   },
   "scripts": {
+    "list-core-packages": "node ./generators/packages-listing/script.js",
     "generate-history": "node ./generators/changelog/script.js",
-    "build": "npm run generate-history && jsdoc/jsdoc.sh && chexo @meteorjs/meteor-hexo-config -- generate",
+    "build": "npm run list-core-packages && npm run generate-history && jsdoc/jsdoc.sh && chexo @meteorjs/meteor-hexo-config -- generate",
     "clean": "hexo clean; rm data/data.js data/names.json",
     "test": "npm run clean; npm run build",
     "predeploy": "npm run build",

docs/source/api/accounts-multi.md

@@ -297,7 +297,7 @@ The function will be called with a single argument, the info object:
 {% enddtdd %}
 
 {% dtdd name:"options" type:"Exception" %}
-  An optional arugment passed down from the oauth service that may contain
+  An optional argument passed down from the oauth service that may contain
   additional user profile information. As the data in `options` comes from an
   external source, make sure you validate any values you read from it.
 {% enddtdd %}

docs/source/api/check.md

@@ -1,6 +1,6 @@
 ---
 title: Check
-desription: Documentation on how to use check, Meteor's type checking library.
+description: Documentation on how to use check, Meteor's type checking library.
 ---
 
 The `check` package includes pattern checking functions useful for checking the types and structure

docs/source/api/core.md

@@ -3,7 +3,7 @@ title: Core
 description: Documentation of core Meteor functions.
 ---
 
-If you prefer to watch the video, click below. 
+If you prefer to watch the video, click below.
 
 {% youtube 6RRVU0-Vvm8 %}
 
@@ -64,3 +64,5 @@ if (Meteor.isServer) {
 {% apibox "Meteor.isAppTest" %}
 
 {% apibox "Meteor.isPackageTest" %}
+
+{% apibox "Meteor.isFibersDisabled" %}

docs/source/api/mobile-config.md

@@ -54,16 +54,7 @@ App.launchScreens({
     'Default@2x~ipad~comany': 'Default@2xipadcomany.png', // (1278x2732) - iPad Pro 12.9"/11"/10.5"/9.7"/7.9" - portrait mode
     
     // Android
-    'android_mdpi_portrait': 'splash/android_mdpi_portrait.png', // (320x480)
-    'android_mdpi_landscape': { src: 'splash/android_mdpi_landscape.png', srcDarkMode: 'splash/android_mdpi_landscape-night.png' }, // (480x320)
-    'android_hdpi_portrait': 'splash/android_hdpi_portrait.png', // (480x800)
-    'android_hdpi_landscape': 'splash/android_hdpi_landscape.png', // (800x480)
-    'android_xhdpi_portrait': 'splash/android_xhdpi_portrait.png', // (720x1280)
-    'android_xhdpi_landscape': 'splash/android_xhdpi_landscape.png', // (1280x720)
-    'android_xxhdpi_portrait': { src: 'splash/android_xxhdpi_portrait.png', srcDarkMode: 'splash/android_xxhdpi_portrait-night.png'}, // (960x1600)
-    'android_xxhdpi_landscape': 'splash/android_xxhdpi_landscape.png', // (1600x960)
-    'android_xxxhdpi_portrait': 'splash/android_xxxhdpi_portrait.png', // (1280x1920)
-    'android_xxxhdpi_landscape': 'splash/android_xxxhdpi_landscape.png', // (1920x1280)
+    'android_universal': 'splash/android_universal.png', // (320x480)
 });
 
 // Set PhoneGap/Cordova preferences.

docs/source/api/passwords.md

@@ -27,6 +27,10 @@ include a turn-key user interface for password-based sign-in.
 
 {% apibox "Accounts.createUser" %}
 
+Or a promise based version of `Accounts.createUser`:
+
+{% apibox "Accounts.createUserAsync" %}
+
 On the client, this function logs in as the newly created user on
 successful completion. On the server, it returns the newly created user
 id.
@@ -60,7 +64,7 @@ email with a link the user can use to verify their email address.
 {% apibox "Accounts.verifyEmail" %}
 
 If the user trying to verify the email has 2FA enabled, this error will be thrown:
-* "Email verified, but user not logged in because 2FA is enabled [2fa-enabled]": No longer signing in the user automatically if the user has 2FA enabled. 
+* "Email verified, but user not logged in because 2FA is enabled [2fa-enabled]": No longer signing in the user automatically if the user has 2FA enabled.
 
 
 This function accepts tokens passed into the callback registered with

docs/source/api/pubsub.md

@@ -268,7 +268,7 @@ stay subscribed to your private messages.
 > The following features are available from Meteor 2.4 or `ddp-server@2.5.0`
 
 Once you start scaling your application you might want to have more control on how the data from publications is being handled on the client.
-There are three publications strategies:
+There are four publications strategies:
 
 #### SERVER_MERGE
 `SERVER_MERGE` is the default strategy. When using this strategy, the server maintains a copy of all data a connection is subscribed to.
@@ -291,12 +291,17 @@ Specifically:
 * When we receive a change message for a document that is not in the client's collection, it will be added.
 * When we receive a removed message for a document that is not in the client's collection, nothing will happen.
 
+#### NO_MERGE_MULTI
+`NO_MERGE_MULTI` is similar to `NO_MERGE`, but it does track whether a document is used by multiple publications.
+This has some memory overhead, but it still does not do diffing so it's faster and slimmer than
+`SERVER_MERGE`.
+
 You can import the publication strategies from `DDPServer`.
 
 ```js
 import { DDPServer } from 'meteor/ddp-server'
 
-const { SERVER_MERGE, NO_MERGE_NO_HISTORY, NO_MERGE } = DDPServer.publicationStrategies
+const { SERVER_MERGE, NO_MERGE_NO_HISTORY, NO_MERGE, NO_MERGE_MULTI } = DDPServer.publicationStrategies
 ```
 
 You can use the following methods to set or get the publication strategy for publications:

docs/source/api/tracker.md

@@ -80,7 +80,7 @@ If the initial run of an autorun throws an exception, the computation
 is automatically stopped and won't be rerun.
 
 ### Tracker.autorun and async callbacks
-`Tracker.autorun` can accept an `async` callback function.  
+`Tracker.autorun` can accept an `async` callback function.
  To preserve reactivity for the reactive variables inside the async callback function, you must use a `Tracker.withComputation` call as described below:
 
 {% apibox "Tracker.withComputation" %}
@@ -94,7 +94,7 @@ Tracker.autorun(async function example1(computation) {
 
   // Code after the first await looses Tracker.currentComputation: no reactivity.
   reactiveVar2.get(); // This won't trigger a rerun.
- 
+
   // You can bring back reactivity with the Tracker.withCompuation wrapper:
   let users = await Tracker.withComputation(computation, () => Meteor.users.findAsync({}).fetch());
 
@@ -112,7 +112,7 @@ The `react-meteor-data` package uses `Tracker.withComputation` to make the `useT
 More can be seen [here](https://github.com/meteor/react-packages/tree/master/packages/react-meteor-data#maintaining-the-reactive-context)
 
 ### Using async callbacks in versions of Meteor prior to 2.10
-`Tracker.autorun` can accept an `async` callback function.  
+`Tracker.autorun` can accept an `async` callback function.
 However, the async call back function will only be dependent on reactive functions called prior to any called functions that return a promise.
 
 Example 1 - autorun `example1()` **is not** dependent on reactive changes to the `Meteor.users` collection.  Because it is dependent on nothing reactive it will run only once:
@@ -302,6 +302,41 @@ recomputed at flush time.
 This property is a convenience to support the common pattern where a
 computation has logic specific to the first run.
 
+{% apibox "Tracker.Computation#firstRunPromise" %}
+
+`Computation.firstRunPromise` will be set to the result of the call of the autorun function after the initial computation has been completed. If the autorun function is an async function, it'll then contain its promise, thus making the completion of the execution await-able. That allows us to manually synchronize autoruns like this:
+
+```js
+
+await Tracker.autorun(async () => {
+  await Meteor.userAsync();
+  (...more async code...)
+}).firstRunPromise;
+
+await Tracker.autorun(async () => {
+  await asyncSomeOrOther();
+  (...more async code...)
+}).firstRunPromise;
+
+```
+
+For a better developer experience `firstRunPromise` is automatically appended to your async `autorun` calls so you don't have to write them yourself. Meaning this also works:
+
+```js
+
+await Tracker.autorun(async () => {
+  await Meteor.userAsync();
+  (...more async code...)
+});
+
+await Tracker.autorun(async () => {
+  await asyncSomeOrOther();
+  (...more async code...)
+});
+
+```
+
+
 <h2 id="tracker_dependency"><span>Tracker.Dependency</span></h2>
 
 A Dependency represents an atomic unit of reactive data that a

docs/source/commandline.md

@@ -33,7 +33,7 @@ required.
 This is the default command. Simply running `meteor` is the
 same as `meteor run`.
 
-To pass additional options to Node.js use the `SERVER_NODE_OPTIONS` environment variable. E.g. for Windows PowerShell: 
+To pass additional options to Node.js use the `SERVER_NODE_OPTIONS` environment variable. E.g. for Windows PowerShell:
 `$env:SERVER_NODE_OPTIONS = '--inspect' | meteor run`. Or for Linux: `SERVER_NODE_OPTIONS=--inspect-brk meteor run`.
 
 To specify a port to listen on (instead of the default 3000), use `--port [PORT]`.
@@ -43,6 +43,9 @@ For example: `meteor run --port 4000`
 will run the development server on `http://localhost:4000`
 and the development MongoDB instance on `mongodb://localhost:4001`.
 
+To open your default browser you can pass the `--open` flag.
+For example: `meteor run --open`
+
 Run `meteor help run` to see the full list of options.
 
 <h2 id="meteordebug">meteor debug</h2>
@@ -83,21 +86,24 @@ option to other `meteor` tool commands, such as `meteor run` and `meteor test-pa
 
 <h2 id="meteorcreate">meteor create <i>app-name</i></h2>
 
-The command `meteor create app-name` is the default command for creating a new Meteor project. It creates a subdirectory 
-named `app-name` and copies a template app into it. You can pass an absolute or relative path. If you pass a relative 
+The command `meteor create app-name` is the default command for creating a new Meteor project. It creates a subdirectory
+named `app-name` and copies a template app into it. You can pass an absolute or relative path. If you pass a relative
 path, it will be resolved relative to the current working directory. By default, it generates a React project.
 
 See the flags below to learn how you can generate different types of apps.
 
+Using only `meteor create` will create a promt to help you choose the type of app you want to create,
+giving you the options with the flags below.
+
 
 <h3 id="apollo">--apollo</h3>
 
-The command `meteor create --apollo app-name` creates a Meteor app with [React](https://react.dev/), 
-[Apollo](https://www.apollographql.com/) (GraphQL), and [MongoDB](https://www.mongodb.com/). To create a complete app, 
-including testing and deployment, follow the [React tutorial](https://react-tutorial.meteor.com/). To learn how to use 
+The command `meteor create --apollo app-name` creates a Meteor app with [React](https://react.dev/),
+[Apollo](https://www.apollographql.com/) (GraphQL), and [MongoDB](https://www.mongodb.com/). To create a complete app,
+including testing and deployment, follow the [React tutorial](https://react-tutorial.meteor.com/). To learn how to use
 Apollo, refer to the [GraphQL section](https://react-tutorial.meteor.com/simple-todos-graphql/).
 
-Npm packages included: `@apollo/client`, `@apollo/server`, `@babel/runtime`, `body-parser`, `express`, 
+Npm packages included: `@apollo/client`, `@apollo/server`, `@babel/runtime`, `body-parser`, `express`,
 `graphql` `meteor-node-stubs`, `react`, `react-dom`.
 
 Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive-var`, `standard-minifier-css`,
@@ -107,7 +113,7 @@ Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive
 
 <h3 id="bare">--bare</h3>
 
-The command `meteor create --bare app-name` creates an empty Meteor app with [Blaze](https://blazejs.org) and 
+The command `meteor create --bare app-name` creates an empty Meteor app with [Blaze](https://blazejs.org) and
 [MongoDB](https://www.mongodb.com/). To create a complete app, including testing and deployment, follow the
 [Blaze tutorial](https://blaze-tutorial.meteor.com/).
 
@@ -119,22 +125,22 @@ Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive
 
 <h3 id="blaze-app">--blaze</h3>
 
-The command `meteor create --blaze app-name` creates a Meteor app with [Blaze](https://blazejs.org) and 
+The command `meteor create --blaze app-name` creates a Meteor app with [Blaze](https://blazejs.org) and
 [MongoDB](https://www.mongodb.com/). To create a complete app, including testing and deployment, follow the
 [Blaze tutorial](https://blaze-tutorial.meteor.com/).
 
 Npm packages included: `@babel/runtime`, `meteor-node-stubs`, `jquery`.
 
 Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `blaze-html-templates`, `jquery`, `reactive-var`,
-`tracker`, `standard-minifier-css`, `standard-minifier-js`, `es5-shim`, `ecmascript`, `typescript`, `shell-server`, 
+`tracker`, `standard-minifier-css`, `standard-minifier-js`, `es5-shim`, `ecmascript`, `typescript`, `shell-server`,
 `hot-module-replacement`, `blaze-hot`.
 
 
 <h3 id="chakra-ui">--chakra-ui</h3>
 
-The command `meteor create --chakra-ui app-name` creates a Meteor app with [React](https://react.dev/), 
-[Chakra-UI](https://chakra-ui.com/), and [MongoDB](https://www.mongodb.com/). To create a complete app, including 
-testing and deployment, follow the [React tutorial](https://react-tutorial.meteor.com/). To learn how to use Chakra-UI, 
+The command `meteor create --chakra-ui app-name` creates a Meteor app with [React](https://react.dev/),
+[Chakra-UI](https://chakra-ui.com/), and [MongoDB](https://www.mongodb.com/). To create a complete app, including
+testing and deployment, follow the [React tutorial](https://react-tutorial.meteor.com/). To learn how to use Chakra-UI,
 refer to the [Simple Tasks](https://github.com/fredmaiaarantes/simpletasks) example.
 
 Npm packages included: `@babel/runtime`, `meteor-node-stubs`, `react`, `react-dom`, `@chakra-ui/icons`, `@chakra-ui/react`, `@emotion/react`
@@ -147,10 +153,10 @@ Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive
 
 <h3 id="full">--full</h3>
 
-The command `meteor create --full app-name` creates a Meteor app with [Blaze](https://blazejs.org) and 
+The command `meteor create --full app-name` creates a Meteor app with [Blaze](https://blazejs.org) and
 [MongoDB](https://www.mongodb.com/). It creates a more complete, imports-based project that closely matches the
-[file structure](https://guide.meteor.com/structure.html#javascript-structure) recommended by the 
-[Meteor Guide](https://guide.meteor.com/). To create a complete app, including testing and deployment, follow the 
+[file structure](https://guide.meteor.com/structure.html#javascript-structure) recommended by the
+[Meteor Guide](https://guide.meteor.com/). To create a complete app, including testing and deployment, follow the
 [Blaze tutorial](https://blaze-tutorial.meteor.com/).
 
 Npm packages included: `@babel/runtime`, `meteor-node-stubs`, `jquery`, `chai`.
@@ -172,7 +178,7 @@ Meteor packages included: `meteor`, `standard-minifier-css`, `standard-minifier-
 
 <h3 id="package">--package</h3>
 
-The command `meteor create --package package-name` creates a new package. If used in an existing app, it will create a 
+The command `meteor create --package package-name` creates a new package. If used in an existing app, it will create a
 package in the `packages` directory. Check the [Meteor Guide](https://guide.meteor.com/writing-atmosphere-packages.html)
 for more information on how to get started writing packages.
 
@@ -180,7 +186,7 @@ for more information on how to get started writing packages.
 <h3 id="prototype">--prototype</h3>
 
 The command `meteor create --prototype app-name` creates a project with the prototype purpose packages (`autopublish`
-and `insecure`). If you use them, you can change your collections quickly and create prototype apps very quickly. 
+and `insecure`). If you use them, you can change your collections quickly and create prototype apps very quickly.
 However, these packages are not supposed to be used in production.
 
 For more information about security, you can read our [security checklist](https://guide.meteor.com/security.html#checklist).
@@ -189,28 +195,28 @@ It can be used with other flags that create apps, such as `--react`, `blaze`, or
 
 <h3 id="react">--react</h3>
 
-The command `meteor create --react app-name` creates a Meteor app with [React](https://react.dev/) and 
-[MongoDB](https://www.mongodb.com/). It functions in the same way as if you don't use any flags. To create a complete 
+The command `meteor create --react app-name` creates a Meteor app with [React](https://react.dev/) and
+[MongoDB](https://www.mongodb.com/). It functions in the same way as if you don't use any flags. To create a complete
 app, including testing and deployment, follow the [React tutorial](https://react-tutorial.meteor.com/).
 
 Npm packages included: `@babel/runtime`, `meteor-node-stubs`, `react`, `react-dom`.
 
-Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive-var`, `standard-minifier-css`, 
+Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive-var`, `standard-minifier-css`,
 `standard-minifier-js`, `es5-shim`, `ecmascript`, `typescript`, `shell-server`, `hot-module-replacement`, `static-html`,
 `react-meteor-data`.
 
 
 <h3 id="release">--release</h3>
 
-The command `meteor create app-name --release {meteor-version}` creates a Meteor app with the release specified in the 
-command. For instance, you can create a Meteor app with the `2.8` release using `meteor create app-name --release 2.8`. 
-By default, it generates a React app, but you can use it with other flags that create apps such as `--blaze`, 
+The command `meteor create app-name --release {meteor-version}` creates a Meteor app with the release specified in the
+command. For instance, you can create a Meteor app with the `2.8` release using `meteor create app-name --release 2.8`.
+By default, it generates a React app, but you can use it with other flags that create apps such as `--blaze`,
 `--svelte`, `--vue`, or `--typescript`.
 
 
 <h3 id="solid">--solid</h3>
 
-The command `meteor create --solid app-name` creates a Meteor app with [Solid](https://www.solidjs.com/), 
+The command `meteor create --solid app-name` creates a Meteor app with [Solid](https://www.solidjs.com/),
 [Vite](https://vitejs.dev/), and [MongoDB](https://www.mongodb.com/). You can see an example on the
 [meteor-solid-app](https://github.com/fredmaiaarantes/meteor-solid-app/releases/tag/milestone-2.0) repository.
 
@@ -223,7 +229,7 @@ Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive
 
 <h3 id="svelte">--svelte</h3>
 
-The command `meteor create --svelte app-name` creates a Meteor app with [Svelte](https://svelte.dev/) and 
+The command `meteor create --svelte app-name` creates a Meteor app with [Svelte](https://svelte.dev/) and
 [MongoDB](https://www.mongodb.com/). To create a complete app, including testing and deployment, follow the
 [Svelte tutorial](https://svelte-tutorial.meteor.com/).
 
@@ -239,7 +245,7 @@ You can see an example on the [meteor-vite](https://github.com/JorgenVatle/meteo
 
 <h3 id="tailwind">--tailwind</h3>
 
-The command `meteor create --tailwind app-name` creates a Meteor app with [React](https://react.dev/), 
+The command `meteor create --tailwind app-name` creates a Meteor app with [React](https://react.dev/),
 [Tailwind CSS](https://tailwindcss.com), and [MongoDB](https://www.mongodb.com/).
 
 Npm packages included: `@babel/runtime`, `meteor-node-stubs`, `react`, `react-dom`, `autoprefixer`, `postcss`, `postcss-load-config`, `tailwindcss`.
@@ -251,9 +257,9 @@ Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive
 
 <h3 id="typescript">--typescript</h3>
 
-The command `meteor create --typescript app-name` creates a Meteor app with [React](https://react.dev/), 
-[TypeScript](https://www.typescriptlang.org/), and [MongoDB](https://www.mongodb.com/). Check the 
-[Meteor Guide](https://guide.meteor.com/build-tool.html#typescript) for more information about TypeScript and how to 
+The command `meteor create --typescript app-name` creates a Meteor app with [React](https://react.dev/),
+[TypeScript](https://www.typescriptlang.org/), and [MongoDB](https://www.mongodb.com/). Check the
+[Meteor Guide](https://guide.meteor.com/build-tool.html#typescript) for more information about TypeScript and how to
 use it with other UI frameworks.
 
 Npm packages included: `@babel/runtime`, `meteor-node-stubs`, `react`, `react-dom`, `@types/mocha`, `@types/node`, `@types/react`, `@types/react-dom`, `typescript`.
@@ -265,8 +271,8 @@ Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive
 
 <h3 id="vue">--vue</h3>
 
-The command `meteor create --vue app-name` creates a Meteor app with [Vue 3](https://vuejs.org/), 
-[Tailwind CSS](https://tailwindcss.com), [Vite](https://vitejs.dev/), and [MongoDB](https://www.mongodb.com/). To 
+The command `meteor create --vue app-name` creates a Meteor app with [Vue 3](https://vuejs.org/),
+[Tailwind CSS](https://tailwindcss.com), [Vite](https://vitejs.dev/), and [MongoDB](https://www.mongodb.com/). To
 create a complete app, including testing and deployment, follow the [Vue 3 tutorial](https://vue3-tutorial.meteor.com/).
 
 Npm packages included: `@babel/runtime`, `meteor-node-stubs`, `vue`, `vue-meteor-tracker`, `vue-router`, `@types/meteor`, `@vitejs/plugin-vue`, `autoprefixer`, `postcss`, `tailwindcss`, `vite`.
@@ -276,20 +282,20 @@ Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive
 `vite:bundler`.
 
 You can also use Vue 3 with Vite by using the [jorgenvatle:meteor-vite](https://github.com/JorgenVatle/meteor-vite)
-package. You can see an example on the [meteor-vite](https://github.com/JorgenVatle/meteor-vite/tree/release/examples/vue) 
+package. You can see an example on the [meteor-vite](https://github.com/JorgenVatle/meteor-vite/tree/release/examples/vue)
 repository.
 
 
 <h3 id="vue-2">--vue-2</h3>
 
-The command `meteor create --vue-2 app-name` creates a Meteor app with [Vue 2](https://v2.vuejs.org/) and 
+The command `meteor create --vue-2 app-name` creates a Meteor app with [Vue 2](https://v2.vuejs.org/) and
 [MongoDB](https://www.mongodb.com/). To create a complete app, including testing and deployment, follow the
 [Vue 2 tutorial](https://vue-tutorial.meteor.com/).
 
 Npm packages included: `@babel/runtime`, `meteor-node-stubs`, `vue`, `vue-meteor-tracker`.
 
 Meteor packages included: `meteor-base`, `mobile-experience`, `mongo`, `reactive-var`, `standard-minifier-css`,
-`standard-minifier-js`, `es5-shim`, `ecmascript`, `typescript`, `shell-server`, `tracker`, `static-html`, `akryum:vue-component`, 
+`standard-minifier-js`, `es5-shim`, `ecmascript`, `typescript`, `shell-server`, `tracker`, `static-html`, `akryum:vue-component`,
 `meteortesting:mocha`, `johanbrook:publication-collector`.
 
 
@@ -303,7 +309,7 @@ used as a command line only operation as well.
 > By default, the generator will use JavaScript but if it detects that you have a
 ``tsconfig.json`` file in your project, it will use TypeScript instead.
 
-running 
+running
 ```bash
 meteor generate customer
 
@@ -511,7 +517,7 @@ It will prompt the following questions.
 
 
 
---- 
+---
 
 <h3 id="meteorgenerate-templating"> Using your own template </h3>
 
@@ -533,7 +539,7 @@ You can use your own templates for scaffolding your specific workloads. To do th
 Out of the box is provided a few functions such as replacing ``$$name$$``, ``$$PascalName$$`` and ``$$camelName$$``
 
 these replacements come from this function:
- 
+
 _Note that scaffoldName is the name that you have passed as argument_
 
 ```js
@@ -661,7 +667,7 @@ If you want to connect to your free MongoDB shared cluster using your on setting
 ```
 packages: {
   mongo: {
-    options: { 
+    options: {
         tlsAllowInvalidCertificates: true,
     },
   },
@@ -685,7 +691,7 @@ Your project should be a git repository as the commit hash is going to be used t
 The `cache-build` option is available since Meteor 1.11.
 {% endpullquote %}
 
-With the argument `--container-size` you can change your app's container size using the deploy command. The valid arguments are: `tiny`, `compact`, `standard`, `double`, `quad`, `octa`, and `dozen`. One more thing to note here is that the `--container-size` flag can only be used when the `--plan` option is already specified, otherwise using the `--container-size` option will throw an error with the message : `Error deploying application: Internal error`. To see more about the difference and prices of each one you can check [here](https://www.meteor.com/cloud#pricing-section). 
+With the argument `--container-size` you can change your app's container size using the deploy command. The valid arguments are: `tiny`, `compact`, `standard`, `double`, `quad`, `octa`, and `dozen`. One more thing to note here is that the `--container-size` flag can only be used when the `--plan` option is already specified, otherwise using the `--container-size` option will throw an error with the message : `Error deploying application: Internal error`. To see more about the difference and prices of each one you can check [here](https://www.meteor.com/cloud#pricing-section).
 
 {% pullquote warning %}
 The `--container-size` option is available since Meteor 2.4.1.
@@ -912,7 +918,7 @@ upload the build to the architecture that you were using to publish it. You can
 use `publish-for-arch` to upload a build to a different architecture from a
 different machine.
 
-If you have already published a package but need to update it's metadata 
+If you have already published a package but need to update it's metadata
 (the content of `Package.describe`) or the README you can actually achieve this
 via `meteor publish --update`.
 

docs/source/environment-variables.md

@@ -15,7 +15,7 @@ See also: [`PORT`](#PORT).
 > In development, this can be accomplished with `meteor run --port a.b.c.d:port`.
 
 ## DDP_DEFAULT_CONNECTION_URL
-(_develoment, production_)
+(_development, production_)
 
 There are some situations where it is valuable for the meteor client to use a different DDP server than the `ROOT_URL` server.
 
@@ -33,6 +33,11 @@ In the event that your own deployment platform does not support WebSockets, or y
 
 Set `DISABLE_SOCKJS=1` if you want to use the native WebSocket implementation instead of SockJS on the client side, for example, if you want to use a custom WebSocket implementation (e.g. [uWebSockets.js](https://github.com/uNetworking/uWebSockets.js/)) on the server side.
 
+## DISABLE_SOCKJS_CORS
+(_development, production_)
+
+Set `DISABLE_SOCKJS_CORS=1` if you want to prevent SockJS from setting CORS headers. Do not set this option if you will have DDP clients from other origins connecting to the DDP server.
+
 ## HTTP_FORWARDED_COUNT
 (_production_)
 
@@ -72,7 +77,7 @@ When running your bundled application in production mode, pass a string of JSON
 ## METEOR_SQLITE_JOURNAL_MODE
 (_development_)
 
-The Meteor package catalog uses the `WAL` [SQLite Journal Mode](https://www.sqlite.org/pragma.html#pragma_journal_mode) by default.  The Journal mode for the package catalog can be modifed by setting `METEOR_SQLITE_JOURNAL_MODE`.
+The Meteor package catalog uses the `WAL` [SQLite Journal Mode](https://www.sqlite.org/pragma.html#pragma_journal_mode) by default.  The Journal mode for the package catalog can be modified by setting `METEOR_SQLITE_JOURNAL_MODE`.
 
 When running multiple concurrent meteor servers on [Windows Subsystem for Linux (WSL)](https://docs.microsoft.com/en-us/windows/wsl/) some meteor developers have seen issues with the package catalog.  Setting the environment variable `METEOR_SQLITE_JOURNAL_MODE=TRUNCATE` can overcome the issue.
 

docs/source/index.md

@@ -2,6 +2,8 @@
 title: Docs
 ---
 
+> Meteor 2.x runs on a deprecated Node.js version (14). Meteor 3.0 is in progress, and it will run on the latest Node.js version. For more information, please consult our [migration guide](https://guide.meteor.com/3.0-migration.html).
+
 <!--  XXX: note that this content is somewhat duplicated on the guide, and should be updated in parallel -->
 <h2 id="what-is-meteor">What is Meteor?</h2>
 

docs/source/install.md

@@ -8,6 +8,8 @@ You need to install the Meteor command line tool to create, run, and manage your
 
 <h3 id="prereqs-node">Node.js version</h3>
 
+> Meteor 2.x runs on a deprecated Node.js version (14). Meteor 3.0 is in progress, and it will run on the latest Node.js version. For more information, please consult our [migration guide](https://guide.meteor.com/3.0-migration.html).
+
 - Node.js version >= 10 and <= 14 is required.
 - We recommend you using [nvm](https://github.com/nvm-sh/nvm) or [Volta](https://volta.sh/) for managing Node.js versions.
 
@@ -28,7 +30,7 @@ You need to install the Meteor command line tool to create, run, and manage your
 
 Install the latest official version of Meteor.js from your terminal by running one of the commands below. You can check our [changelog](https://docs.meteor.com/changelog.html) for the release notes.
 
-> Run `node -v` to ensure you are using Node.js 14.
+> Run `node -v` to ensure you are using Node.js 14. Meteor 3.0 is in progress, and it will run on the latest Node.js version.
 
 For Windows, Linux and OS X, you can run the following command:
 

docs/source/packages/fetch.md

@@ -3,7 +3,7 @@ title: fetch
 description: Isomorphic modern/legacy/Node polyfill for WHATWG fetch().
 ---
 
-This package replaces the `http` package for HTTP calls. `fetch` package provides polyfill for the [WHATWG fetch specification](https://fetch.spec.whatwg.org/) for legacy browsers or defaults to the global class which is available in modern browsers and Node. It is recomended that you use this package for compatibility with non-modern browsers.
+This package replaces the `http` package for HTTP calls. `fetch` package provides polyfill for the [WHATWG fetch specification](https://fetch.spec.whatwg.org/) for legacy browsers or defaults to the global class which is available in modern browsers and Node. It is recommended that you use this package for compatibility with non-modern browsers.
 
 For more information we recommend [reading the MDN articles](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API) about it as this article covers only basic usage in Meteor.
 

docs/source/packages/logging.md

@@ -3,7 +3,7 @@ title: logging
 description: Documentation of Meteor's logging utility
 ---
 
-The `logging` package provides a standartised way for you to log and display in console various message from your application.
+The `logging` package provides a standardised way for you to log and display in console various message from your application.
 The added benefit is that among other data it will show you the location where the log was fired,
 this is useful during debugging to quickly locate where the message is coming from.
 

docs/source/packages/modules.md

@@ -323,7 +323,7 @@ import { exportedPackageMethod } from "meteor/<package name>";
 ```
 
 > Note: Packages with `lazy` main modules cannot use `api.export` to export global
-symbols to other packages/apps.  Also, prior to Meteor 1.4.4.2 it is neccessary to explicitly name the file containing the module: `import "meteor/<package name>/client.js"`.
+symbols to other packages/apps.  Also, prior to Meteor 1.4.4.2 it is necessary to explicitly name the file containing the module: `import "meteor/<package name>/client.js"`.
 
 
 ## Local `node_modules`

docs/source/packages/packages-listing.md

@@ -0,0 +1,159 @@
+
+---
+title: Core Package Listing
+description: list of all Meteor core packages.
+---
+
+[//]: # (Do not edit this file by hand.)
+
+[//]: # (This is a generated file.)
+
+[//]: # (If you want to change something in this file)
+
+[//]: # (go to meteor/docs/generators/packages-listing)
+
+# Core Packages
+
+
+- [blaze](https://github.com/meteor/blaze)
+- [react-packages](https://github.com/meteor/react-packages)
+- [accounts-2fa](https://github.com/meteor/meteor/tree/devel/packages/accounts-2fa)
+- [accounts-base](https://github.com/meteor/meteor/tree/devel/packages/accounts-base)
+- [accounts-facebook](https://github.com/meteor/meteor/tree/devel/packages/accounts-facebook)
+- [accounts-github](https://github.com/meteor/meteor/tree/devel/packages/accounts-github)
+- [accounts-google](https://github.com/meteor/meteor/tree/devel/packages/accounts-google)
+- [accounts-meetup](https://github.com/meteor/meteor/tree/devel/packages/accounts-meetup)
+- [accounts-meteor-developer](https://github.com/meteor/meteor/tree/devel/packages/accounts-meteor-developer)
+- [accounts-oauth](https://github.com/meteor/meteor/tree/devel/packages/accounts-oauth)
+- [accounts-password](https://github.com/meteor/meteor/tree/devel/packages/accounts-password)
+- [accounts-passwordless](https://github.com/meteor/meteor/tree/devel/packages/accounts-passwordless)
+- [accounts-twitter](https://github.com/meteor/meteor/tree/devel/packages/accounts-twitter)
+- [accounts-ui](https://github.com/meteor/meteor/tree/devel/packages/accounts-ui)
+- [accounts-ui-unstyled](https://github.com/meteor/meteor/tree/devel/packages/accounts-ui-unstyled)
+- [accounts-weibo](https://github.com/meteor/meteor/tree/devel/packages/accounts-weibo)
+- [allow-deny](https://github.com/meteor/meteor/tree/devel/packages/allow-deny)
+- [appcache](https://github.com/meteor/meteor/tree/devel/packages/appcache)
+- [audit-argument-checks](https://github.com/meteor/meteor/tree/devel/packages/audit-argument-checks)
+- [autopublish](https://github.com/meteor/meteor/tree/devel/packages/autopublish)
+- [autoupdate](https://github.com/meteor/meteor/tree/devel/packages/autoupdate)
+- [babel-compiler](https://github.com/meteor/meteor/tree/devel/packages/babel-compiler)
+- [babel-runtime](https://github.com/meteor/meteor/tree/devel/packages/babel-runtime)
+- [base64](https://github.com/meteor/meteor/tree/devel/packages/base64)
+- [binary-heap](https://github.com/meteor/meteor/tree/devel/packages/binary-heap)
+- [boilerplate-generator](https://github.com/meteor/meteor/tree/devel/packages/boilerplate-generator)
+- [boilerplate-generator-tests](https://github.com/meteor/meteor/tree/devel/packages/boilerplate-generator-tests)
+- [browser-policy](https://github.com/meteor/meteor/tree/devel/packages/browser-policy)
+- [browser-policy-common](https://github.com/meteor/meteor/tree/devel/packages/browser-policy-common)
+- [browser-policy-content](https://github.com/meteor/meteor/tree/devel/packages/browser-policy-content)
+- [browser-policy-framing](https://github.com/meteor/meteor/tree/devel/packages/browser-policy-framing)
+- [caching-compiler](https://github.com/meteor/meteor/tree/devel/packages/caching-compiler)
+- [callback-hook](https://github.com/meteor/meteor/tree/devel/packages/callback-hook)
+- [check](https://github.com/meteor/meteor/tree/devel/packages/check)
+- [constraint-solver](https://github.com/meteor/meteor/tree/devel/packages/constraint-solver)
+- [context](https://github.com/meteor/meteor/tree/devel/packages/context)
+- [crosswalk](https://github.com/meteor/meteor/tree/devel/packages/crosswalk)
+- [ddp](https://github.com/meteor/meteor/tree/devel/packages/ddp)
+- [ddp-client](https://github.com/meteor/meteor/tree/devel/packages/ddp-client)
+- [ddp-common](https://github.com/meteor/meteor/tree/devel/packages/ddp-common)
+- [ddp-rate-limiter](https://github.com/meteor/meteor/tree/devel/packages/ddp-rate-limiter)
+- [ddp-server](https://github.com/meteor/meteor/tree/devel/packages/ddp-server)
+- [deprecated](https://github.com/meteor/meteor/tree/devel/packages/deprecated)
+- [dev-error-overlay](https://github.com/meteor/meteor/tree/devel/packages/dev-error-overlay)
+- [diff-sequence](https://github.com/meteor/meteor/tree/devel/packages/diff-sequence)
+- [disable-oplog](https://github.com/meteor/meteor/tree/devel/packages/disable-oplog)
+- [dynamic-import](https://github.com/meteor/meteor/tree/devel/packages/dynamic-import)
+- [ecmascript](https://github.com/meteor/meteor/tree/devel/packages/ecmascript)
+- [ecmascript-runtime](https://github.com/meteor/meteor/tree/devel/packages/ecmascript-runtime)
+- [ecmascript-runtime-client](https://github.com/meteor/meteor/tree/devel/packages/ecmascript-runtime-client)
+- [ecmascript-runtime-server](https://github.com/meteor/meteor/tree/devel/packages/ecmascript-runtime-server)
+- [ejson](https://github.com/meteor/meteor/tree/devel/packages/ejson)
+- [email](https://github.com/meteor/meteor/tree/devel/packages/email)
+- [es5-shim](https://github.com/meteor/meteor/tree/devel/packages/es5-shim)
+- [facebook-config-ui](https://github.com/meteor/meteor/tree/devel/packages/facebook-config-ui)
+- [facebook-oauth](https://github.com/meteor/meteor/tree/devel/packages/facebook-oauth)
+- [facts-base](https://github.com/meteor/meteor/tree/devel/packages/facts-base)
+- [facts-ui](https://github.com/meteor/meteor/tree/devel/packages/facts-ui)
+- [fetch](https://github.com/meteor/meteor/tree/devel/packages/fetch)
+- [force-ssl](https://github.com/meteor/meteor/tree/devel/packages/force-ssl)
+- [force-ssl-common](https://github.com/meteor/meteor/tree/devel/packages/force-ssl-common)
+- [geojson-utils](https://github.com/meteor/meteor/tree/devel/packages/geojson-utils)
+- [github-config-ui](https://github.com/meteor/meteor/tree/devel/packages/github-config-ui)
+- [github-oauth](https://github.com/meteor/meteor/tree/devel/packages/github-oauth)
+- [google-config-ui](https://github.com/meteor/meteor/tree/devel/packages/google-config-ui)
+- [google-oauth](https://github.com/meteor/meteor/tree/devel/packages/google-oauth)
+- [hot-code-push](https://github.com/meteor/meteor/tree/devel/packages/hot-code-push)
+- [hot-module-replacement](https://github.com/meteor/meteor/tree/devel/packages/hot-module-replacement)
+- [id-map](https://github.com/meteor/meteor/tree/devel/packages/id-map)
+- [insecure](https://github.com/meteor/meteor/tree/devel/packages/insecure)
+- [inter-process-messaging](https://github.com/meteor/meteor/tree/devel/packages/inter-process-messaging)
+- [launch-screen](https://github.com/meteor/meteor/tree/devel/packages/launch-screen)
+- [localstorage](https://github.com/meteor/meteor/tree/devel/packages/localstorage)
+- [logging](https://github.com/meteor/meteor/tree/devel/packages/logging)
+- [logic-solver](https://github.com/meteor/meteor/tree/devel/packages/logic-solver)
+- [meetup-config-ui](https://github.com/meteor/meteor/tree/devel/packages/meetup-config-ui)
+- [meetup-oauth](https://github.com/meteor/meteor/tree/devel/packages/meetup-oauth)
+- [meteor](https://github.com/meteor/meteor/tree/devel/packages/meteor)
+- [meteor-base](https://github.com/meteor/meteor/tree/devel/packages/meteor-base)
+- [meteor-developer-config-ui](https://github.com/meteor/meteor/tree/devel/packages/meteor-developer-config-ui)
+- [meteor-developer-oauth](https://github.com/meteor/meteor/tree/devel/packages/meteor-developer-oauth)
+- [meteor-platform](https://github.com/meteor/meteor/tree/devel/packages/meteor-platform)
+- [meteor-tool](https://github.com/meteor/meteor/tree/devel/packages/meteor-tool)
+- [minifier-css](https://github.com/meteor/meteor/tree/devel/packages/minifier-css)
+- [minifier-js](https://github.com/meteor/meteor/tree/devel/packages/minifier-js)
+- [minimongo](https://github.com/meteor/meteor/tree/devel/packages/minimongo)
+- [mobile-experience](https://github.com/meteor/meteor/tree/devel/packages/mobile-experience)
+- [mobile-status-bar](https://github.com/meteor/meteor/tree/devel/packages/mobile-status-bar)
+- [modern-browsers](https://github.com/meteor/meteor/tree/devel/packages/modern-browsers)
+- [modules](https://github.com/meteor/meteor/tree/devel/packages/modules)
+- [modules-runtime](https://github.com/meteor/meteor/tree/devel/packages/modules-runtime)
+- [modules-runtime-hot](https://github.com/meteor/meteor/tree/devel/packages/modules-runtime-hot)
+- [mongo](https://github.com/meteor/meteor/tree/devel/packages/mongo)
+- [mongo-dev-server](https://github.com/meteor/meteor/tree/devel/packages/mongo-dev-server)
+- [mongo-id](https://github.com/meteor/meteor/tree/devel/packages/mongo-id)
+- [mongo-livedata](https://github.com/meteor/meteor/tree/devel/packages/mongo-livedata)
+- [npm-mongo](https://github.com/meteor/meteor/tree/devel/packages/npm-mongo)
+- [oauth](https://github.com/meteor/meteor/tree/devel/packages/oauth)
+- [oauth-encryption](https://github.com/meteor/meteor/tree/devel/packages/oauth-encryption)
+- [oauth1](https://github.com/meteor/meteor/tree/devel/packages/oauth1)
+- [oauth2](https://github.com/meteor/meteor/tree/devel/packages/oauth2)
+- [ordered-dict](https://github.com/meteor/meteor/tree/devel/packages/ordered-dict)
+- [package-stats-opt-out](https://github.com/meteor/meteor/tree/devel/packages/package-stats-opt-out)
+- [package-version-parser](https://github.com/meteor/meteor/tree/devel/packages/package-version-parser)
+- [promise](https://github.com/meteor/meteor/tree/devel/packages/promise)
+- [random](https://github.com/meteor/meteor/tree/devel/packages/random)
+- [rate-limit](https://github.com/meteor/meteor/tree/devel/packages/rate-limit)
+- [react-fast-refresh](https://github.com/meteor/meteor/tree/devel/packages/react-fast-refresh)
+- [reactive-dict](https://github.com/meteor/meteor/tree/devel/packages/reactive-dict)
+- [reactive-var](https://github.com/meteor/meteor/tree/devel/packages/reactive-var)
+- [reload](https://github.com/meteor/meteor/tree/devel/packages/reload)
+- [reload-safetybelt](https://github.com/meteor/meteor/tree/devel/packages/reload-safetybelt)
+- [retry](https://github.com/meteor/meteor/tree/devel/packages/retry)
+- [routepolicy](https://github.com/meteor/meteor/tree/devel/packages/routepolicy)
+- [server-render](https://github.com/meteor/meteor/tree/devel/packages/server-render)
+- [service-configuration](https://github.com/meteor/meteor/tree/devel/packages/service-configuration)
+- [session](https://github.com/meteor/meteor/tree/devel/packages/session)
+- [sha](https://github.com/meteor/meteor/tree/devel/packages/sha)
+- [shell-server](https://github.com/meteor/meteor/tree/devel/packages/shell-server)
+- [socket-stream-client](https://github.com/meteor/meteor/tree/devel/packages/socket-stream-client)
+- [standard-app-packages](https://github.com/meteor/meteor/tree/devel/packages/standard-app-packages)
+- [standard-minifier-css](https://github.com/meteor/meteor/tree/devel/packages/standard-minifier-css)
+- [standard-minifier-js](https://github.com/meteor/meteor/tree/devel/packages/standard-minifier-js)
+- [standard-minifiers](https://github.com/meteor/meteor/tree/devel/packages/standard-minifiers)
+- [static-html](https://github.com/meteor/meteor/tree/devel/packages/static-html)
+- [test-helpers](https://github.com/meteor/meteor/tree/devel/packages/test-helpers)
+- [test-in-browser](https://github.com/meteor/meteor/tree/devel/packages/test-in-browser)
+- [test-in-console](https://github.com/meteor/meteor/tree/devel/packages/test-in-console)
+- [test-server-tests-in-console-once](https://github.com/meteor/meteor/tree/devel/packages/test-server-tests-in-console-once)
+- [tinytest](https://github.com/meteor/meteor/tree/devel/packages/tinytest)
+- [tinytest-harness](https://github.com/meteor/meteor/tree/devel/packages/tinytest-harness)
+- [tracker](https://github.com/meteor/meteor/tree/devel/packages/tracker)
+- [twitter-config-ui](https://github.com/meteor/meteor/tree/devel/packages/twitter-config-ui)
+- [twitter-oauth](https://github.com/meteor/meteor/tree/devel/packages/twitter-oauth)
+- [typescript](https://github.com/meteor/meteor/tree/devel/packages/typescript)
+- [underscore](https://github.com/meteor/meteor/tree/devel/packages/underscore)
+- [underscore-tests](https://github.com/meteor/meteor/tree/devel/packages/underscore-tests)
+- [url](https://github.com/meteor/meteor/tree/devel/packages/url)
+- [webapp](https://github.com/meteor/meteor/tree/devel/packages/webapp)
+- [webapp-hashing](https://github.com/meteor/meteor/tree/devel/packages/webapp-hashing)
+- [weibo-config-ui](https://github.com/meteor/meteor/tree/devel/packages/weibo-config-ui)
+- [weibo-oauth](https://github.com/meteor/meteor/tree/devel/packages/weibo-oauth)

docs/source/packages/url.md

@@ -3,7 +3,7 @@ title: url
 description: Isomorphic modern/legacy/Node polyfill for WHATWG URL/URLSearchParams.
 ---
 
-`url` package provides polyfill for the [WHATWG url specification](https://url.spec.whatwg.org/) for legacy browsers or defaults to the global class which is available in modern browsers and Node. It is recomended that you use this package for compatibility with non-modern browsers.
+`url` package provides polyfill for the [WHATWG url specification](https://url.spec.whatwg.org/) for legacy browsers or defaults to the global class which is available in modern browsers and Node. It is recommended that you use this package for compatibility with non-modern browsers.
 
 For more information we recommend [reading the MDN articles](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API) about it and looking over the [Node API documentation](https://nodejs.org/api/url.html#url_the_whatwg_url_api) for more details as this article covers only basic usage in Meteor.
 

docs/source/windows.md

@@ -16,7 +16,7 @@ Unexpected mongo exit code 3221225781. Restarting.
 Can't start Mongo server.
 ```
 
-You [probably](https://github.com/meteor/meteor/issues/10036#issuecomment-416485306) need to install `Visual C++ Redistributable for Visual Studio`, depending on your Windows and Meteor embbeded version of MongoDB the version of Visual Studio could be different. You can check the version that we are using in our Windows test environment [here](https://github.com/meteor/meteor/blob/devel/appveyor.yml#L10) 
+You [probably](https://github.com/meteor/meteor/issues/10036#issuecomment-416485306) need to install `Visual C++ Redistributable for Visual Studio`, depending on your Windows and Meteor embedded version of MongoDB the version of Visual Studio could be different. You can check the version that we are using in our Windows test environment [here](https://github.com/meteor/meteor/blob/devel/appveyor.yml#L10) 
 
 Starting from MongoDB 4.4.4 we started to use Visual Studio 2019. 
 

guide/_config.yml

@@ -5,6 +5,7 @@ edit_branch: 'devel'
 edit_path: 'guide'
 content_root: 'source'
 versions:
+  - '2.14'
   - '2.13'
   - '2.12'
   - '2.11'
@@ -42,7 +43,8 @@ sidebar_categories:
     - index
     - code-style
     - structure
-    - 2.13-migration
+    - 2.14-migration
+    - 3.0-migration
     - prepare-meteor-3.0
   Data:
     - collections

guide/source/2.13-migration.md

@@ -14,6 +14,8 @@ If you are using [Meteor Cloud](https://www.meteor.com/cloud) default base image
 
 <h3 id="known-issues"> Known Issues in Meteor 2.13 </h3>
 
+> This issue was solved in Meteor 2.13.3.
+
 When migrating to Meteor 2.13, some users might encounter the following error when updating:
 
 ```shell
@@ -28,18 +30,16 @@ Error: incorrect data check
 
 ```
 
-In those cases, the workaround while our developers are working on this issue is as follows:
+<h3 id="solution"> Solution </h3>
 
-Running the following command in your terminal:
+The solution for this issue is running the following command in your terminal:
 
 ```shell
 
-curl https://install.meteor.com/\?release\=2.12 | sh
+curl https://install.meteor.com/\?release\=2.13.3 | sh
 
 ```
 
-For more information, check our [known issues section](https://docs.meteor.com/known-issues).
-
 <h2 id="older-versions">Migrating from a version older than 2.12?</h2>
 
 If you're migrating from a version of Meteor older than Meteor 2.12, there may

guide/source/2.14-migration.md

@@ -0,0 +1,67 @@
+---
+title: Migrating to Meteor 2.14
+description: How to migrate your application to Meteor 2.14.
+---
+
+Most of the new features in Meteor 2.14 are either applied directly behind the
+scenes (in a backwards compatible manner) or are opt-in. For a complete
+breakdown of the changes, please refer to the [changelog](http://docs.meteor.com/changelog.html).
+
+
+<h2 id="changes">Changes in Meteor 2.14</h2>
+
+<h3 id="cordova">Cordova Package</h3>
+
+Cordova has been updated to v12.0.1 for Android and v7.0.1 for iOS. This
+requires a few changes to your Cordova project:
+
+  - The `splash-screen` package has removed the the `cordova-plugin-splashscreen`
+    is now on `cordova-android` core, so we have removed the dependency from the
+    `splash-screen` package.
+    As a result we are dropping the support for dark mode splash screen on Android.
+    To create this now you need to create two themes on your `config.xml` file.
+    You can follow in their [docs](https://cordova.apache.org/docs/en/latest/core/features/splashscreen/index.html) how to update your splash screen
+
+
+Your `.mobile-config.js` file should have the following preferences:
+
+```js
+
+App.setPreference('android-targetSdkVersion', '33')
+App.setPreference('android-minSdkVersion', '28')
+
+```
+
+<h2 id="older-versions">Migrating from a version older than 2.13?</h2>
+
+If you're migrating from a version of Meteor older than Meteor 2.13, there may
+be important considerations not listed in this guide.
+ Please review the older migration guides for details:
+
+* [Migrating to Meteor 2.13](2.13-migration.html) (from 2.12)
+* [Migrating to Meteor 2.12](2.12-migration.html) (from 2.11)
+* [Migrating to Meteor 2.11](2.11-migration.html) (from 2.10)
+* [Migrating to Meteor 2.10](2.10-migration.html) (from 2.9)
+* [Migrating to Meteor 2.9](2.9-migration.html) (from 2.8)
+* [Migrating to Meteor 2.8](2.8-migration.html) (from 2.7)
+* [Migrating to Meteor 2.7](2.7-migration.html) (from 2.6)
+* [Migrating to Meteor 2.6](2.6-migration.html) (from 2.5)
+* [Migrating to Meteor 2.5](2.5-migration.html) (from 2.4)
+* [Migrating to Meteor 2.4](2.4-migration.html) (from 2.3)
+* [Migrating to Meteor 2.3](2.3-migration.html) (from 2.2)
+* [Migrating to Meteor 2.2](2.2-migration.html) (from 2.0)
+* [Migrating to Meteor 2.0](2.0-migration.html) (from 1.12)
+* [Migrating to Meteor 1.12](1.12-migration.html) (from 1.11)
+* [Migrating to Meteor 1.11](1.11-migration.html) (from 1.10.2)
+* [Migrating to Meteor 1.10.2](1.10.2-migration.html) (from 1.10)
+* [Migrating to Meteor 1.10](1.10-migration.html) (from 1.9.3)
+* [Migrating to Meteor 1.9.3](1.9.3-migration.html) (from 1.9)
+* [Migrating to Meteor 1.9](1.9-migration.html) (from 1.8.3)
+* [Migrating to Meteor 1.8.3](1.8.3-migration.html) (from 1.8.2)
+* [Migrating to Meteor 1.8.2](1.8.2-migration.html) (from 1.8)
+* [Migrating to Meteor 1.8](1.8-migration.html) (from 1.7)
+* [Migrating to Meteor 1.7](1.7-migration.html) (from 1.6)
+* [Migrating to Meteor 1.6](1.6-migration.html) (from 1.5)
+* [Migrating to Meteor 1.5](1.5-migration.html) (from 1.4)
+* [Migrating to Meteor 1.4](1.4-migration.html) (from 1.3)
+* [Migrating to Meteor 1.3](1.3-migration.html) (from 1.2)

guide/source/3.0-migration.md

@@ -0,0 +1,258 @@
+---
+title: Migrating to Meteor 3.0
+description: How to migrate your application to Meteor 3.0.
+---
+
+> **This guide will be created as we get closer to the Meteor 3.0 beta release.** We are also evaluating new documentation platforms to improve our users' experience.
+
+## What's the status of version 3.0?
+
+**Latest version:** `3.0-alpha.19` <br/>
+**Node.js version:** `20.9.0 LTS`
+
+Meteor 3.0 is in alpha and not recommended for production. You can check the "[Release 3.0 Pull Request](https://github.com/meteor/meteor/pull/12359)" to see what is being changed.
+
+## How to prepare for version 3.0?
+
+You can follow the guide "[How to migrate to Meteor Async in Meteor 2.x](/prepare-meteor-3.0.html)" to help you prepare your application for the new version by starting to use async methods.
+
+## Frequently Asked Questions
+
+### What is Fibers?
+
+Meteor was designed at a time when callback hell was a development issue, so the team decided it at the time
+to use [fibers](https://en.wikipedia.org/wiki/Fiber_(computer_science)) to make building applications much more straightforward with synchronous-looking code.
+The Meteor fibers implementation is based on [node-fibers](https://github.com/laverdet/node-fibers), which is no longer supported as of NodeJS v16.0.0.
+
+The main reason for this migration is to remove the dependency on fibers and make Meteor
+compatible with the latest versions of Node.js.
+
+For more information about fibers, you can check this [talk](https://www.youtube.com/watch?v=bxaOGDqVPKw)
+from Ben Newman and this Stack Overflow [answer](https://stackoverflow.com/a/40865153/6688795).
+
+
+
+### Will MongoDB Collection Methods be removed from the client?
+
+No, we will not remove any MongoDB collection method from the client.
+
+On the client side, all can remain the same. You can use both sync and async methods.
+All should continue working as they are.
+
+For example:
+
+```js
+
+// 2.x in the client side
+
+const docs = MyCollection.find({ _id: '123' }).fetch();
+
+// v3.0 in the client side
+
+const docs = MyCollection.find({ _id: '123' }).fetch();
+
+```
+No changes are necessary. If you want to use the async methods to maintain isomorphic code, you can do it like this:
+
+```js
+
+// 2.x in the client side
+
+const docs = MyCollection.find({ _id: '123' }).fetch();
+
+// v3.0 in the client side, this will work anywhere
+
+const docs = await MyCollection.find({ _id: '123' }).fetchAsync();
+
+```
+
+### Will MongoDB Collection Methods be removed from the server?
+
+Yes, we will remove those MongoDB collection methods that do not end with `*Async`.
+
+You can only use the methods with the `*Async` suffix on the server side.
+
+For example:
+
+```js
+// 2.x in the server side
+
+Meteor.methods({
+  myMethod() {
+    const doc = MyCollection.findOne({ _id: '123' });
+  }
+});
+
+
+// v3.0 in the server side
+
+Meteor.methods({
+  async myMethod() {
+    const doc = await MyCollection.findOneAsync({ _id: '123' });
+  }
+});
+```
+
+Methods that will be _only_ available in the *client* are:
+  -`findOne`;
+  -`insert`;
+  -`remove`;
+  -`update`;
+  -`upsert`;
+
+If you leave any code using one of these methods in the server side, you will get an error,
+like this one below:
+
+```bash
+findOne is not available on the server. Please use findOneAsync instead.
+```
+
+### How to test Meteor 3.0?
+
+You can create a new Meteor 3.0 project by running the command below:
+
+```bash
+meteor create my-new-project --release 3.0-alpha.19
+```
+
+### How to update from version 2?
+
+You can update your Meteor 2.x project by running the command below inside your project folder:
+
+```bash
+meteor update --release 3.0-alpha.19
+```
+
+### How to follow the progress on version 3?
+
+The best way to follow the progress is by checking the "[What's left until an official Meteor 3.0?](https://github.com/meteor/meteor/discussions/12865)" discussion. We have also been sharing constant updates on [this topic](https://forums.meteor.com/t/fibers-public-roadmap-and-meteor-3-0/59627/84) in our forum.
+
+### When will Meteor 3.0 be ready?
+
+We plan to release the beta version by the end of Q4 2023. An official version will depend a lot on user feedback, but we aim to release it by the end of Q1 2024.
+
+
+### How do I migrate my package to be compatible with Meteor 3.0?
+
+For the packages that are client only
+or that are do not using Meteor packages that will become async
+or are already using `async` & `await` pattern.
+
+The migration will look like this:
+
+```js
+// in you package.js
+Package.onUse((api) => {
+  api.versionsFrom(['1.10', '2.3', '3.0-alpha.19']);
+  //                               ^^^^^^^ for testing your package with meteor 3.0
+
+  api.versionsFrom(['1.10', '2.3', '3.0']);
+  //                              ^^^^^^^ for meteor 3.0
+
+```
+Then you can publish your package and test it with Meteor 3.0.
+
+If in your package you are using Meteor packages that will become async,
+you will need to migrate your package to use `async` & `await` pattern.
+
+For concrete examples you can check a few examples of packages that have been in the works
+of migrating to Meteor 3.0:
+
+-   [`quave:migrations`](https://github.com/quavedev/meteor-migrations/pull/1)
+-   [`percolate:synced-cron`](https://github.com/percolatestudio/meteor-synced-cron/pull/149)
+-   [`react-meteor-accounts`](https://github.com/meteor/react-packages/commit/96313a1afcc41ef9a23c7496470b375e7d357793)
+-   [`mdg:seo`](https://github.com/meteor/galaxy-seo-package/commit/8a30b32688df40e62ce434475dd3ee931dedf2b3)
+
+You can follow a more in depth guide on how to migrate your package to be compatible with Meteor 3.0 [here](/prepare-meteor-3.0#Changes-for-packages).
+
+### When will React packages for Meteor be ready for version 3.0?
+
+We consider React packages to be ready.
+
+It is important to note that migrating your front-end code to async is unnecessary.
+You can still use the sync methods on the client side.
+
+But to maintain isomorphic code, you can use the async methods on the client side.
+
+In those cases, we have implemented `suspense` hooks so that you can use the async methods.
+
+For example:
+
+```js
+
+// you can write like this:
+
+import { useTracker, useSubscribe } from 'meteor/react-meteor-data'
+function Tasks() {
+  const isLoading = useSubscribe("tasks");
+  const { username } = useTracker(() => Meteor.user())
+  const tasksByUser = useTracker(() =>
+          TasksCollection.find({username}, { sort: { createdAt: -1 } }).fetch()
+  );
+
+
+if (isLoading()) {
+  return <Loading />
+}
+
+  // render the tasks
+}
+
+
+// or like this:
+
+import { useTracker, useSubscribe } from 'meteor/react-meteor-data/suspense'
+function Tasks() { // this component will suspend
+  useSubscribe("tasks");
+  const { username } = useTracker("user", () => Meteor.userAsync())
+  const tasksByUser = useTracker("tasksByUser", () =>
+          TasksCollection.find({username}, { sort: { createdAt: -1 } }).fetchAsync()
+  );
+
+
+  // render the tasks
+}
+
+```
+
+`useFind` in the client will remain the same.
+
+You can check the [react-meteor-data docs](https://github.com/meteor/react-packages/tree/master/packages/react-meteor-data) for more information
+and these blog posts [part 1](https://dev.to/grubba/making-promises-suspendable-452f) [part 2](https://dev.to/grubba/new-suspense-hooks-for-meteor-3ddg) for a in-depth look on how we made those changes.
+
+
+### When will Blaze be ready for version 3.0?
+
+The team considered Blaze adjustments to version 3.0 almost done.
+
+It is important to note that migrating your front-end code to async is unnecessary.
+You can still use the sync methods on the client side.
+
+But to maintain isomorphic code, you can use the async methods on the client side.
+
+Since this [PR](https://github.com/meteor/blaze/pull/413) was released with Blaze 2.7. Blaze supports async in their views.
+
+You can check the [Blaze docs](https://www.blazejs.org/api/spacebars#Async-states) for
+more information on how to handle async states.
+
+[@radekmie](https://github.com/radekmie) made two great posts about making Blaze async. Both are worth reading:
+  - [On Asynchronicity in Blaze](https://radekmie.dev/blog/on-asynchronicity-in-blaze/);
+  - [On Asynchronicity in Blaze (again)](https://radekmie.dev/blog/on-asynchronicity-in-blaze-again/);
+
+
+### When will XYZ package be ready for version 3.0?
+
+Meteor core packages are the responsibility of Meteor Software and are all being migrated.
+If you encounter issues with any of them, let us know, please [open an issue](https://github.com/meteor/meteor/issues/new/choose) in our [repo](https://github.com/meteor/meteor).
+
+This is the [list of all core packages](https://docs.meteor.com/packages/packages-listing.html).
+
+We will bring these three new packages to the core and migrate them to Meteor 3.0:
+  - `percolate:migrations` - [GitHub](https://github.com/percolatestudio/meteor-migrations);
+  - `littledata:synced-cron` - [GitHub](https://github.com/percolatestudio/meteor-synced-cron);
+  - `matb33:collection-hooks` - [GitHub](https://github.com/Meteor-Community-Packages/meteor-collection-hooks);
+
+
+For those packages that are not in the core but are maintained by the [community](https://github.com/Meteor-Community-Packages),
+we hope that the community can work on them, but if for some reason that is not possible,
+you can always ping us on [Slack](https://join.slack.com/t/meteor-community/shared_invite/zt-28aru814j-AwswQGt2D1xIXurvmtJvug) or in the [Forums](https://forums.meteor.com/).

guide/source/accounts.md

@@ -280,7 +280,7 @@ For more details about the data stored in the user database, read the section be
 
 Now that you have the access token, you need to actually make a request to the appropriate API. Here you have two options:
 
-1. Use the [`http` package](http://docs.meteor.com/#/full/http) to access the service's API directly. You'll probably need to pass the access token from above in a header. For details you'll need to search the API documentation for the service.
+1. Use the [`fetch` package](https://docs.meteor.com/packages/fetch.html) to access the service's API directly. You'll probably need to pass the access token from above in a header. For details you'll need to search the API documentation for the service.
 2. Use a package from Atmosphere or npm that wraps the API into a nice JavaScript interface. For example, if you're trying to load data from Facebook you could use the [fbgraph](https://www.npmjs.com/package/fbgraph) npm package. Read more about how to use npm with your app in the [Build System article](build-tool.html#npm).
 
 <h2 id="displaying-user-data">Loading and displaying user data</h2>

guide/source/index.md

@@ -3,6 +3,8 @@ title: Introduction
 description: This is the guide for using Meteor, a full-stack JavaScript platform for developing modern web and mobile applications.
 ---
 
+> Meteor 2.x runs on a deprecated Node.js version (14). Meteor 3.0 is in progress, and it will run on the latest Node.js version. For more information, please consult our [migration guide](https://guide.meteor.com/3.0-migration.html).
+
 <!--  XXX: note that this content is somewhat duplicated on the docs, and should be updated in parallel -->
 <h2 id="what-is-meteor">What is Meteor?</h2>
 

guide/source/prepare-meteor-3.0.md

@@ -116,6 +116,79 @@ Note that we're not using the if (loading) anymore. To see a practical project,
 If you use `Tracker.autorun()`, for example, reading about the tracker with the [async callback function](https://blog.meteor.com/new-meteor-js-2-10-and-the-async-tracker-feature-ffdbe817c801) is also recommended.
 
 
+## Changes for packages
+
+### Meteor.isFibersDisabled
+
+You can use the [`Meteor.isFibersDisabled`](https://github.com/meteor/meteor/blob/6ac474627a4d2536090484eb95e7c021370aaefe/packages/meteor/asl-helpers-client.js#L1-L8) property to check if the current Meteor version
+is using Fibers or not. In all releases before Meteor 3.0 this property will be `falsy`(`undefined`).
+In Meteor 3.0 this property will be return `true`.
+
+Which means that you can have a code like this:
+
+```js
+
+if (Meteor.isFibersDisabled) {
+  // Meteor 3.0
+} else {
+  // Meteor 2.x
+}
+
+```
+
+### Changes for packages that are client-only
+
+If your package is client-only, you don't need to worry about the async changes. You can update your package to be compatible with Meteor 3.0 by adding the following line to your `package.js`:
+
+```js
+Package.onUse((api) => {
+  api.versionsFrom(['1.10', '2.3', '3.0-alpha.19']);
+  //                            ^^^^^^^ for testing your package with meteor 3.0
+
+  api.versionsFrom(['1.10', '2.3', '3.0']);
+  //                           ^^^^^^^ for meteor 3.0
+});
+```
+
+If you want an example of this change, you can take a look at this [commit](https://github.com/meteor/react-packages/commit/96313a1afcc41ef9a23c7496470b375e7d357793)
+where it was made possible for a package to be used in Meteor 3.0.
+
+This change makes sure that your package is still compatible with Meteor 2.x
+and also with Meteor 3.0.
+
+
+### Changes for packages that do not use Meteor packages that had breaking change
+
+Similar to what happens with client-only packages,
+if your package is not using Meteor packages that had breaking changes,
+you can update your package to be compatible with Meteor 3.0
+by adding the following line to your `package.js`:
+
+```js
+Package.onUse((api) => {
+  api.versionsFrom(['1.10', '2.3', '3.0-alpha.19']);
+  //                            ^^^^^^^ for testing your package with meteor 3.0
+
+  api.versionsFrom(['1.10', '2.3', '3.0']);
+  //                           ^^^^^^^ for meteor 3.0
+});
+```
+
+For example, we have `mdg:seo` where we just needed to add the line above to make it
+compatible with Meteor 3.0.
+You can see the [commit](https://github.com/meteor/galaxy-seo-package/commit/8a30b32688df40e62ce434475dd3ee931dedf2b3).
+
+
+### Changes for packages that are using Meteor API that will become async
+
+In these packages, it will be necessary to refactor and migrate some of its APIs.
+You can be ready for Meteor 3.0 by migrating its API to be async. You can run your tests
+using Meteor 3.0 and ensure everything works as expected.
+
+A good example can be seen here in this [PR](https://github.com/percolatestudio/meteor-synced-cron/pull/149), where we added support for any Meteor version
+beyond v2.8 and also for Meteor 3.0.
+
+
 -----------
 
 We hope to make your transition easier with these instructions, references, and tools. You may face some challenges, but remember that you can progressively refactor it. For more detailed updates on Meteor 3.0, please check our [Fibers project board](https://github.com/orgs/meteor/projects/10) and the [Meteor 3.0 PR](https://github.com/meteor/meteor/pull/12359).

guide/source/testing.md

@@ -56,7 +56,7 @@ This is similar to test mode, with key differences:
 
 This means that the entirety of your application (including for instance the web server and client side router) is loaded and will run as normal. This enables you to write much more [complex integration tests](#full-app-integration-test) and also load additional files for [acceptance tests](#acceptance-testing).
 
-Note that there is another test command in the Meteor tool; `meteor test-packages` is a way of testing Atmosphere packages, which is discussed in the [Writing Packages article](writing-packages.html#testing).
+Note that there is another test command in the Meteor tool; `meteor test-packages` is a way of testing Atmosphere packages, which is discussed in the [Writing Packages article](https://guide.meteor.com/writing-atmosphere-packages.html).
 
 <h3 id="driver-packages">Driver packages</h3>
 

guide/source/writing-atmosphere-packages.md

@@ -264,14 +264,20 @@ Read more about using Cordova in the [mobile guide](mobile.html).
 
 <h2 id="testing">Testing packages</h2>
 
-Meteor has a test mode for packages called `meteor test-packages`. If you are in a package's directory, you can run
+Meteor has a test mode for packages invoked with the `meteor test-packages` command. Navigate to your package's directory and then use the command to run a special app containing only a "test" version of your package.
+
+If you are using [Tinytest](https://github.com/meteor/meteor/tree/devel/packages/tinytest) for your package's tests, you can run:
+
+```bash
+meteor test-packages ./
+```
+
+If you are using a different testing framework for your package's tests, you'll need to specify a `driver-package`. For example, if you are using Mocha, run the following to start the Mocha [test driver package](testing.html#driver-packages):
 
 ```bash
 meteor test-packages ./ --driver-package meteortesting:mocha
 ```
 
-This will run a special app containing only a "test" version of your package and start a Mocha [test driver package](testing.html#driver-packages).
-
 When your package starts in test mode, rather than loading the `onUse` block, Meteor loads the `onTest` block:
 
 ```js

meteor

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-BUNDLE_VERSION=20.9.0.2
+BUNDLE_VERSION=20.9.0.3
 
 
 # OS Check. Put here because here is where we download the precompiled

npm-packages/babel-preset-meteor/modern.js

@@ -26,5 +26,6 @@ exports.minimumVersions = {
   // https://github.com/Kilian/electron-to-chromium/blob/master/full-versions.js
   electron: [1, 6],
   // https://github.com/meteor/babel-preset-meteor/issues/13
-  samsungInternet: [6, 2]
+  samsungInternet: [6, 2],
+  facebook: 325
 };

npm-packages/babel-preset-meteor/package.json

@@ -1,11 +1,12 @@
 {
   "name": "babel-preset-meteor",
-  "version": "7.10.1",
+  "version": "7.10.2",
   "description": "Babel preset for ES2015+ features supported by Meteor",
   "author": "Ben Newman <ben@meteor.com>",
   "license": "MIT",
   "repository": "https://github.com/meteor/babel-preset-meteor",
   "main": "index.js",
+  "type": "commonjs",
   "scripts": {
     "update-versions": "bash scripts/update-versions"
   },

npm-packages/cordova-plugin-meteor-webapp/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cordova-plugin-meteor-webapp",
-  "version": "2.0.1",
+  "version": "2.0.3",
   "description": "Cordova plugin that serves a Meteor web app through a local server and implements hot code push",
   "cordova": {
     "id": "cordova-plugin-meteor-webapp",
@@ -22,6 +22,7 @@
   ],
   "author": "Meteor Development Group",
   "license": "MIT",
+  "type": "commonjs",
   "scripts": {
     "pretest": "ios-sim start --devicetypeid=iPhone-11-Pro-Max",
     "test": "cordova-paramedic --plugin . --platform ios --target 'iPhone-11-Pro-Max' --args=--buildFlag='-UseModernBuildSystem=0' --verbose"

npm-packages/cordova-plugin-meteor-webapp/src/android/AssetBundleManager.java

@@ -86,7 +86,7 @@ class AssetBundleManager {
     }
 
     public void checkForUpdates(final HttpUrl baseUrl) {
-        HttpUrl manifestUrl = baseUrl.resolve("manifest.json");
+        HttpUrl manifestUrl = baseUrl.newBuilder().addPathSegment("manifest.json").build();
 
         Request request = new Request.Builder().url(manifestUrl).build();
 

npm-packages/cordova-plugin-meteor-webapp/src/android/WebAppLocalServer.java

@@ -270,7 +270,7 @@ public class WebAppLocalServer extends CordovaPlugin implements AssetBundleManag
                     callbackContext.error("checkForUpdates requires a rootURL to be configured");
                     return;
                 }
-                HttpUrl baseUrl = rootUrl.resolve("__cordova/");
+                HttpUrl baseUrl = rootUrl.newBuilder().addPathSegment("__cordova").build();
                 assetBundleManager.checkForUpdates(baseUrl);
                 callbackContext.success();
             }

npm-packages/cordova-plugin-meteor-webapp/tests/fixtures/bundled_www/cordova_plugins.js

@@ -8,14 +8,6 @@ module.exports = [
             "window.StatusBar"
         ]
     },
-    {
-        "file": "plugins/cordova-plugin-splashscreen/www/splashscreen.js",
-        "id": "cordova-plugin-splashscreen.SplashScreen",
-        "pluginId": "cordova-plugin-splashscreen",
-        "clobbers": [
-            "navigator.splashscreen"
-        ]
-    },
     {
         "file": "plugins/cordova-plugin-wkwebview-engine/src/www/ios/ios-wkwebview-exec.js",
         "id": "cordova-plugin-wkwebview-engine.ios-wkwebview-exec",
@@ -33,8 +25,8 @@ module.exports = [
         ]
     }
 ];
-module.exports.metadata = 
+module.exports.metadata =
 // TOP OF METADATA
 {}
 // BOTTOM OF METADATA
-});
+});

npm-packages/eslint-config-meteor/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@meteorjs/eslint-config-meteor",
-  "version": "1.0.4",
+  "version": "1.0.5",
   "description": "Eslint configuration for Meteor",
   "main": "index.js",
   "scripts": {
@@ -16,6 +16,7 @@
     "url": "https://github.com/meteor/meteor/issues"
   },
   "homepage": "https://github.com/meteor/meteor/tree/devel/npm-packages/eslint-config-meteor#readme",
+  "type": "commonjs",
   "peerDependencies": {
     "babel-eslint": ">= 7",
     "eslint": ">= 3",

npm-packages/eslint-plugin-meteor/package.json

@@ -1,9 +1,10 @@
 {
   "name": "eslint-plugin-meteor",
-  "version": "7.4.0",
+  "version": "7.4.1",
   "author": "Dominik Ferber <dominik.ferber+npm@gmail.com>",
   "description": "Meteor specific linting rules for ESLint",
   "main": "lib/index.js",
+  "type": "commonjs",
   "publishConfig": {
     "tag": "next"
   },

npm-packages/eslint-plugin-meteor/scripts/build-dev-bundle-common.sh

@@ -5,10 +5,10 @@ set -u
 
 UNAME=$(uname)
 ARCH=$(uname -m)
-NODE_VERSION=14.17.6
-MONGO_VERSION_64BIT=4.4.4
+NODE_VERSION=14.21.3
+MONGO_VERSION_64BIT=6.0.3
 MONGO_VERSION_32BIT=3.2.22
-NPM_VERSION=6.14.15
+NPM_VERSION=6.14.18
 
 if [ "$UNAME" == "Linux" ] ; then
     if [ "$ARCH" != "i686" -a "$ARCH" != "x86_64" ] ; then

npm-packages/eslint-plugin-meteor/scripts/dev-bundle-server-package.js

@@ -10,19 +10,19 @@ var packageJson = {
   dependencies: {
     promise: "8.1.0",
     "@meteorjs/reify": "0.24.0",
-    "@babel/parser": "7.15.3",
-    "@types/underscore": "1.11.2",
-    underscore: "1.13.1",
+    "@babel/parser": "7.17.0",
+    "@types/underscore": "1.11.4",
+    underscore: "1.13.6",
     "source-map-support": "https://github.com/meteor/node-source-map-support/tarball/1912478769d76e5df4c365e147f25896aee6375e",
-    "@types/semver": "5.4.0",
-    semver: "5.4.1"
+    "@types/semver": "5.5.0",
+    semver: "5.7.1"
   },
   // These are only used in dev mode (by shell.js) so end-users can avoid
   // needing to install them if they use `npm install --production`.
   devDependencies: {
     split2: "3.2.2",
-    multipipe: "1.0.2",
-    chalk: "0.5.1"
+    multipipe: "2.0.1",
+    chalk: "4.1.2"
   }
 };
 

npm-packages/eslint-plugin-meteor/scripts/dev-bundle-tool-package.js

@@ -14,7 +14,7 @@ var packageJson = {
     pacote: "https://github.com/meteor/pacote/tarball/a81b0324686e85d22c7688c47629d4009000e8b8",
     "node-gyp": "9.4.0",
     "@mapbox/node-pre-gyp": "1.0.11",
-    typescript: "4.9.4",
+    typescript: "4.9.5",
     "@meteorjs/babel": "7.19.0-beta.3",
     "@meteorjs/reify": "0.24.0",
     // So that Babel can emit require("@babel/runtime/helpers/...") calls.
@@ -23,10 +23,10 @@ var packageJson = {
     // babel-runtime rather than @babel/runtime.
     "babel-runtime": "7.0.0-beta.3",
     "@types/underscore": "1.11.2",
-    underscore: "1.13.1",
+    underscore: "1.13.6",
     "source-map-support": "https://github.com/meteor/node-source-map-support/tarball/1912478769d76e5df4c365e147f25896aee6375e",
-    "@types/semver": "5.4.0",
-    semver: "5.4.1",
+    "@types/semver": "5.5.0",
+    semver: "5.7.1",
     request: "2.88.2",
     uuid: "3.4.0",
     "graceful-fs": "4.2.6",
@@ -37,7 +37,7 @@ var packageJson = {
     // TODO: We should replace this with: https://github.com/jprichardson/node-kexec/pull/38
     kexec: "https://github.com/meteor/node-kexec/tarball/f29f54037c7db6ad29e1781463b182e5929215a0",
     "source-map": "0.7.3",
-    chalk: "4.1.1",
+    chalk: "4.1.2",
     sqlite3: "5.1.6",
     "http-proxy": "1.18.1",
     "is-reachable": "3.1.0",

npm-packages/meteor-babel/README.md

@@ -1,3 +1,9 @@
 # @meteorjs/babel [![Build Status](https://travis-ci.com/meteor/babel.svg)](https://travis-ci.com/meteor/babel)
 
 [Babel](https://babeljs.io/) wrapper package for use with [Meteor](https://github.com/meteor/meteor).
+
+## Updating:
+
+If while updating this package the CI starts failing due inconsistencies
+in the package-lock.json file, you can run `npm install --package-lock-only`
+to update the package-lock.json file to the latest version of the package.

npm-packages/meteor-babel/package.json

@@ -3,6 +3,7 @@
   "author": "Meteor <dev@meteor.com>",
   "version": "7.19.0-beta.3",
   "license": "MIT",
+  "type": "commonjs",
   "description": "Babel wrapper package for use with Meteor",
   "keywords": [
     "meteor",
@@ -47,7 +48,7 @@
     "convert-source-map": "^1.6.0",
     "lodash": "^4.17.21",
     "meteor-babel-helpers": "0.0.3",
-    "typescript": "~4.9.4"
+    "typescript": "~4.9.5"
   },
   "devDependencies": {
     "@babel/plugin-proposal-decorators": "7.14.5",

npm-packages/meteor-babel/test/decorators.js

@@ -25,12 +25,11 @@ describe("@decorators", function () {
               .includes("decorators-legacy"));
 
     assert.ok(legacyResult.options.plugins.some(function (plugin) {
-      return plugin.key === "regenerator-transform";
+      return plugin.key === "transform-regenerator";
     }));
 
     assert.strictEqual(legacyResult.code.trim(), [
       "var _class;",
-      "",
       "var A = dec(_class = function A() {}) || _class;",
     ].join("\n"));
   });
@@ -57,12 +56,11 @@ describe("@decorators", function () {
               .includes("decorators-legacy"));
 
     assert.ok(legacyResult.options.plugins.every(function (plugin) {
-      return plugin.key !== "regenerator-transform";
+      return plugin.key !== "transform-regenerator";
     }));
 
     assert.strictEqual(legacyResult.code.trim(), [
       "var _class;",
-      "",
       "let A = dec(_class = class A {}) || _class;",
     ].join("\n"));
   });
@@ -89,12 +87,11 @@ describe("@decorators", function () {
               .includes("decorators-legacy"));
 
     assert.ok(legacyResult.options.plugins.every(function (plugin) {
-      return plugin.key !== "regenerator-transform";
+      return plugin.key !== "transform-regenerator";
     }));
 
     assert.strictEqual(legacyResult.code.trim(), [
       "var _class;",
-      "",
       "let A = dec(_class = class A {}) || _class;",
     ].join("\n"));
   });

npm-packages/meteor-babel/test/tests.js

@@ -315,7 +315,6 @@ describe("@meteorjs/babel", () => {
       "  }",
       "});",
       "var Test;",
-      "",
       "(function (Test) {",
       "  Test.enabled = true;",
       "})(Test || module.runSetters(Test = {}, [\"Test\"]));",

npm-packages/meteor-installer/README.md

@@ -14,6 +14,7 @@ npm install -g meteor
 
 | NPM Package | Meteor Official Release |
 |-------------|-------------------------|
+| 2.14.0      | 2.14.0                  |
 | 2.13.3      | 2.13.3                  |
 | 2.13.1      | 2.13.1                  |
 | 2.13.0      | 2.13.0                  |

npm-packages/meteor-installer/config.js

@@ -1,7 +1,7 @@
 const os = require('os');
 const path = require('path');
 
-const METEOR_LATEST_VERSION = '2.13.3';
+const METEOR_LATEST_VERSION = '2.14';
 const sudoUser = process.env.SUDO_USER || '';
 function isRoot() {
   return process.getuid && process.getuid() === 0;

npm-packages/meteor-installer/package-lock.json

@@ -0,0 +1,441 @@
+{
+  "name": "meteor",
+  "version": "2.14.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "meteor",
+      "version": "2.14.0",
+      "hasInstallScript": true,
+      "license": "MIT",
+      "dependencies": {
+        "7zip-bin": "^5.2.0",
+        "cli-progress": "^3.11.1",
+        "https-proxy-agent": "^5.0.1",
+        "node-7z": "^2.1.2",
+        "node-downloader-helper": "^1.0.19",
+        "rimraf": "^3.0.2",
+        "semver": "^7.3.7",
+        "tar": "^6.1.11",
+        "tmp": "^0.2.1"
+      },
+      "bin": {
+        "meteor-installer": "cli.js"
+      },
+      "engines": {
+        "node": "<=14.x",
+        "npm": "<=6.x"
+      }
+    },
+    "node_modules/7zip-bin": {
+      "version": "5.2.0",
+      "license": "MIT"
+    },
+    "node_modules/agent-base": {
+      "version": "6.0.2",
+      "license": "MIT",
+      "dependencies": {
+        "debug": "4"
+      },
+      "engines": {
+        "node": ">= 6.0.0"
+      }
+    },
+    "node_modules/ansi-regex": {
+      "version": "5.0.1",
+      "license": "MIT",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/balanced-match": {
+      "version": "1.0.2",
+      "license": "MIT"
+    },
+    "node_modules/brace-expansion": {
+      "version": "1.1.11",
+      "license": "MIT",
+      "dependencies": {
+        "balanced-match": "^1.0.0",
+        "concat-map": "0.0.1"
+      }
+    },
+    "node_modules/chownr": {
+      "version": "2.0.0",
+      "license": "ISC",
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/cli-progress": {
+      "version": "3.12.0",
+      "license": "MIT",
+      "dependencies": {
+        "string-width": "^4.2.3"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/concat-map": {
+      "version": "0.0.1",
+      "license": "MIT"
+    },
+    "node_modules/cross-spawn": {
+      "version": "7.0.3",
+      "license": "MIT",
+      "dependencies": {
+        "path-key": "^3.1.0",
+        "shebang-command": "^2.0.0",
+        "which": "^2.0.1"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/debug": {
+      "version": "4.3.4",
+      "license": "MIT",
+      "dependencies": {
+        "ms": "2.1.2"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "peerDependenciesMeta": {
+        "supports-color": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/emoji-regex": {
+      "version": "8.0.0",
+      "license": "MIT"
+    },
+    "node_modules/fs-minipass": {
+      "version": "2.1.0",
+      "license": "ISC",
+      "dependencies": {
+        "minipass": "^3.0.0"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/fs-minipass/node_modules/minipass": {
+      "version": "3.3.6",
+      "license": "ISC",
+      "dependencies": {
+        "yallist": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/fs.realpath": {
+      "version": "1.0.0",
+      "license": "ISC"
+    },
+    "node_modules/glob": {
+      "version": "7.2.3",
+      "license": "ISC",
+      "dependencies": {
+        "fs.realpath": "^1.0.0",
+        "inflight": "^1.0.4",
+        "inherits": "2",
+        "minimatch": "^3.1.1",
+        "once": "^1.3.0",
+        "path-is-absolute": "^1.0.0"
+      },
+      "engines": {
+        "node": "*"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/https-proxy-agent": {
+      "version": "5.0.1",
+      "license": "MIT",
+      "dependencies": {
+        "agent-base": "6",
+        "debug": "4"
+      },
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/inflight": {
+      "version": "1.0.6",
+      "license": "ISC",
+      "dependencies": {
+        "once": "^1.3.0",
+        "wrappy": "1"
+      }
+    },
+    "node_modules/inherits": {
+      "version": "2.0.4",
+      "license": "ISC"
+    },
+    "node_modules/is-fullwidth-code-point": {
+      "version": "3.0.0",
+      "license": "MIT",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/isexe": {
+      "version": "2.0.0",
+      "license": "ISC"
+    },
+    "node_modules/lodash.defaultsdeep": {
+      "version": "4.6.1",
+      "license": "MIT"
+    },
+    "node_modules/lodash.defaultto": {
+      "version": "4.14.0",
+      "license": "MIT"
+    },
+    "node_modules/lodash.flattendeep": {
+      "version": "4.4.0",
+      "license": "MIT"
+    },
+    "node_modules/lodash.isempty": {
+      "version": "4.4.0",
+      "license": "MIT"
+    },
+    "node_modules/lodash.negate": {
+      "version": "3.0.2",
+      "license": "MIT"
+    },
+    "node_modules/lru-cache": {
+      "version": "6.0.0",
+      "license": "ISC",
+      "dependencies": {
+        "yallist": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/minimatch": {
+      "version": "3.1.2",
+      "license": "ISC",
+      "dependencies": {
+        "brace-expansion": "^1.1.7"
+      },
+      "engines": {
+        "node": "*"
+      }
+    },
+    "node_modules/minipass": {
+      "version": "5.0.0",
+      "license": "ISC",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/minizlib": {
+      "version": "2.1.2",
+      "license": "MIT",
+      "dependencies": {
+        "minipass": "^3.0.0",
+        "yallist": "^4.0.0"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/minizlib/node_modules/minipass": {
+      "version": "3.3.6",
+      "license": "ISC",
+      "dependencies": {
+        "yallist": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/mkdirp": {
+      "version": "1.0.4",
+      "license": "MIT",
+      "bin": {
+        "mkdirp": "bin/cmd.js"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/ms": {
+      "version": "2.1.2",
+      "license": "MIT"
+    },
+    "node_modules/node-7z": {
+      "version": "2.1.2",
+      "license": "ISC",
+      "dependencies": {
+        "cross-spawn": "^7.0.2",
+        "debug": "^4.1.1",
+        "lodash.defaultsdeep": "^4.6.1",
+        "lodash.defaultto": "^4.14.0",
+        "lodash.flattendeep": "^4.4.0",
+        "lodash.isempty": "^4.4.0",
+        "lodash.negate": "^3.0.2",
+        "normalize-path": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/node-downloader-helper": {
+      "version": "1.0.19",
+      "license": "MIT",
+      "bin": {
+        "ndh": "bin/ndh"
+      },
+      "engines": {
+        "node": ">=6.9"
+      }
+    },
+    "node_modules/normalize-path": {
+      "version": "3.0.0",
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/once": {
+      "version": "1.4.0",
+      "license": "ISC",
+      "dependencies": {
+        "wrappy": "1"
+      }
+    },
+    "node_modules/path-is-absolute": {
+      "version": "1.0.1",
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/path-key": {
+      "version": "3.1.1",
+      "license": "MIT",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/rimraf": {
+      "version": "3.0.2",
+      "license": "ISC",
+      "dependencies": {
+        "glob": "^7.1.3"
+      },
+      "bin": {
+        "rimraf": "bin.js"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/semver": {
+      "version": "7.5.4",
+      "license": "ISC",
+      "dependencies": {
+        "lru-cache": "^6.0.0"
+      },
+      "bin": {
+        "semver": "bin/semver.js"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/shebang-command": {
+      "version": "2.0.0",
+      "license": "MIT",
+      "dependencies": {
+        "shebang-regex": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/shebang-regex": {
+      "version": "3.0.0",
+      "license": "MIT",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/string-width": {
+      "version": "4.2.3",
+      "license": "MIT",
+      "dependencies": {
+        "emoji-regex": "^8.0.0",
+        "is-fullwidth-code-point": "^3.0.0",
+        "strip-ansi": "^6.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/strip-ansi": {
+      "version": "6.0.1",
+      "license": "MIT",
+      "dependencies": {
+        "ansi-regex": "^5.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/tar": {
+      "version": "6.2.0",
+      "license": "ISC",
+      "dependencies": {
+        "chownr": "^2.0.0",
+        "fs-minipass": "^2.0.0",
+        "minipass": "^5.0.0",
+        "minizlib": "^2.1.1",
+        "mkdirp": "^1.0.3",
+        "yallist": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/tmp": {
+      "version": "0.2.1",
+      "license": "MIT",
+      "dependencies": {
+        "rimraf": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=8.17.0"
+      }
+    },
+    "node_modules/which": {
+      "version": "2.0.2",
+      "license": "ISC",
+      "dependencies": {
+        "isexe": "^2.0.0"
+      },
+      "bin": {
+        "node-which": "bin/node-which"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/wrappy": {
+      "version": "1.0.2",
+      "license": "ISC"
+    },
+    "node_modules/yallist": {
+      "version": "4.0.0",
+      "license": "ISC"
+    }
+  }
+}

npm-packages/meteor-installer/package.json

@@ -1,6 +1,6 @@
 {
   "name": "meteor",
-  "version": "2.13.3",
+  "version": "2.14.0",
   "description": "Install Meteor",
   "main": "install.js",
   "scripts": {
@@ -8,6 +8,7 @@
   },
   "author": "zodern",
   "license": "MIT",
+  "type": "commonjs",
   "dependencies": {
     "7zip-bin": "^5.2.0",
     "cli-progress": "^3.11.1",

npm-packages/meteor-node-stubs/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "meteor-node-stubs",
-  "version": "1.2.5",
+  "version": "1.2.7",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -23,20 +23,21 @@
       }
     },
     "assert": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/assert/-/assert-2.0.0.tgz",
-      "integrity": "sha512-se5Cd+js9dXJnu6Ag2JFc00t+HmHOen+8Q+L7O9zI0PqQXr20uk2J0XQqMxZEeo5U50o8Nvmmx7dZrl+Ufr35A==",
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/assert/-/assert-2.1.0.tgz",
+      "integrity": "sha512-eLHpSK/Y4nhMJ07gDaAzoX/XAKS8PSaojml3M0DM4JpV1LAi5JOJ/p6H/XWrl8L+DzVEvVCW1z3vWAaB9oTsQw==",
       "requires": {
-        "es6-object-assign": "^1.1.0",
-        "is-nan": "^1.2.1",
-        "object-is": "^1.0.1",
-        "util": "^0.12.0"
+        "call-bind": "^1.0.2",
+        "is-nan": "^1.3.2",
+        "object-is": "^1.1.5",
+        "object.assign": "^4.1.4",
+        "util": "^0.12.5"
       }
     },
     "available-typed-arrays": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.4.tgz",
-      "integrity": "sha512-SA5mXJWrId1TaQjfxUYghbqQ/hYioKmLJvPJyDuYRtXXenFNMjj4hSSt1Cf1xsuXSXrtxrVC5Ot4eU6cOtBDdA=="
+      "version": "1.0.5",
+      "resolved": "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz",
+      "integrity": "sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw=="
     },
     "balanced-match": {
       "version": "1.0.2",
@@ -113,19 +114,26 @@
       }
     },
     "browserify-sign": {
-      "version": "4.2.1",
-      "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.1.tgz",
-      "integrity": "sha512-/vrA5fguVAKKAVTNJjgSm1tRQDHUU6DbwO9IROu/0WAzC8PKhucDSh18J0RMvVeHAn5puMd+QHC2erPRNf8lmg==",
+      "version": "4.2.2",
+      "resolved": "https://registry.npmjs.org/browserify-sign/-/browserify-sign-4.2.2.tgz",
+      "integrity": "sha512-1rudGyeYY42Dk6texmv7c4VcQ0EsvVbLwZkA+AQB7SxvXxmcD93jcHie8bzecJ+ChDlmAm2Qyu0+Ccg5uhZXCg==",
       "requires": {
-        "bn.js": "^5.1.1",
-        "browserify-rsa": "^4.0.1",
+        "bn.js": "^5.2.1",
+        "browserify-rsa": "^4.1.0",
         "create-hash": "^1.2.0",
         "create-hmac": "^1.1.7",
-        "elliptic": "^6.5.3",
+        "elliptic": "^6.5.4",
         "inherits": "^2.0.4",
-        "parse-asn1": "^5.1.5",
-        "readable-stream": "^3.6.0",
-        "safe-buffer": "^5.2.0"
+        "parse-asn1": "^5.1.6",
+        "readable-stream": "^3.6.2",
+        "safe-buffer": "^5.2.1"
+      },
+      "dependencies": {
+        "bn.js": {
+          "version": "5.2.1",
+          "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-5.2.1.tgz",
+          "integrity": "sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ=="
+        }
       }
     },
     "browserify-zlib": {
@@ -156,12 +164,13 @@
       "integrity": "sha1-hZgoeOIbmOHGZCXgPQF0eI9Wnug="
     },
     "call-bind": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.2.tgz",
-      "integrity": "sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==",
+      "version": "1.0.5",
+      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.5.tgz",
+      "integrity": "sha512-C3nQxfFZxFRVoJoGKKI8y3MOEo129NQ+FgQ08iye+Mk4zNZZGdjfs06bVTr+DBSlA66Q2VEcMki/cUCP4SercQ==",
       "requires": {
-        "function-bind": "^1.1.1",
-        "get-intrinsic": "^1.0.2"
+        "function-bind": "^1.1.2",
+        "get-intrinsic": "^1.2.1",
+        "set-function-length": "^1.1.1"
       }
     },
     "cipher-base": {
@@ -176,7 +185,7 @@
     "concat-map": {
       "version": "0.0.1",
       "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
-      "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=",
+      "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==",
       "dev": true
     },
     "console-browserify": {
@@ -248,12 +257,24 @@
         "randomfill": "^1.0.3"
       }
     },
-    "define-properties": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz",
-      "integrity": "sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==",
+    "define-data-property": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.1.tgz",
+      "integrity": "sha512-E7uGkTzkk1d0ByLeSc6ZsFS79Axg+m1P/VsgYsxHgiuc3tFSj+MjMIwe90FC4lOAZzNBdY7kkO2P2wKdsQ1vgQ==",
       "requires": {
-        "object-keys": "^1.0.12"
+        "get-intrinsic": "^1.2.1",
+        "gopd": "^1.0.1",
+        "has-property-descriptors": "^1.0.0"
+      }
+    },
+    "define-properties": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.2.1.tgz",
+      "integrity": "sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==",
+      "requires": {
+        "define-data-property": "^1.0.1",
+        "has-property-descriptors": "^1.0.0",
+        "object-keys": "^1.1.1"
       }
     },
     "des.js": {
@@ -283,9 +304,9 @@
       }
     },
     "domain-browser": {
-      "version": "4.22.0",
-      "resolved": "https://registry.npmjs.org/domain-browser/-/domain-browser-4.22.0.tgz",
-      "integrity": "sha512-IGBwjF7tNk3cwypFNH/7bfzBcgSCbaMOD3GsaY1AU/JRrnHnYgEM0+9kQt52iZxjNsjBtJYtao146V+f8jFZNw=="
+      "version": "4.23.0",
+      "resolved": "https://registry.npmjs.org/domain-browser/-/domain-browser-4.23.0.tgz",
+      "integrity": "sha512-ArzcM/II1wCCujdCNyQjXrAFwS4mrLh4C7DZWlaI8mdh7h3BfKdNd3bKXITfl2PT9FtfQqaGvhi1vPRQPimjGA=="
     },
     "elliptic": {
       "version": "6.5.4",
@@ -308,44 +329,6 @@
         }
       }
     },
-    "es-abstract": {
-      "version": "1.18.3",
-      "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.18.3.tgz",
-      "integrity": "sha512-nQIr12dxV7SSxE6r6f1l3DtAeEYdsGpps13dR0TwJg1S8gyp4ZPgy3FZcHBgbiQqnoqSTb+oC+kO4UQ0C/J8vw==",
-      "requires": {
-        "call-bind": "^1.0.2",
-        "es-to-primitive": "^1.2.1",
-        "function-bind": "^1.1.1",
-        "get-intrinsic": "^1.1.1",
-        "has": "^1.0.3",
-        "has-symbols": "^1.0.2",
-        "is-callable": "^1.2.3",
-        "is-negative-zero": "^2.0.1",
-        "is-regex": "^1.1.3",
-        "is-string": "^1.0.6",
-        "object-inspect": "^1.10.3",
-        "object-keys": "^1.1.1",
-        "object.assign": "^4.1.2",
-        "string.prototype.trimend": "^1.0.4",
-        "string.prototype.trimstart": "^1.0.4",
-        "unbox-primitive": "^1.0.1"
-      }
-    },
-    "es-to-primitive": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/es-to-primitive/-/es-to-primitive-1.2.1.tgz",
-      "integrity": "sha512-QCOllgZJtaUo9miYBcLChTUaHNjJF3PYs1VidD7AwiEj1kYxKeQTctLAezAOH5ZKRH0g2IgPn6KwB4IT8iRpvA==",
-      "requires": {
-        "is-callable": "^1.1.4",
-        "is-date-object": "^1.0.1",
-        "is-symbol": "^1.0.2"
-      }
-    },
-    "es6-object-assign": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/es6-object-assign/-/es6-object-assign-1.1.0.tgz",
-      "integrity": "sha1-wsNYJlYkfDnqEHyx5mUrb58kUjw="
-    },
     "events": {
       "version": "3.3.0",
       "resolved": "https://registry.npmjs.org/events/-/events-3.3.0.tgz",
@@ -360,10 +343,13 @@
         "safe-buffer": "^5.1.1"
       }
     },
-    "foreach": {
-      "version": "2.0.5",
-      "resolved": "https://registry.npmjs.org/foreach/-/foreach-2.0.5.tgz",
-      "integrity": "sha1-C+4AUBiusmDQo6865ljdATbsG5k="
+    "for-each": {
+      "version": "0.3.3",
+      "resolved": "https://registry.npmjs.org/for-each/-/for-each-0.3.3.tgz",
+      "integrity": "sha512-jqYfLp7mo9vIyQf8ykW2v7A+2N4QjeCeI5+Dz9XraiO1ign81wjiH7Fb9vSOWvQfNtmSa4H2RoQTrrXivdUZmw==",
+      "requires": {
+        "is-callable": "^1.1.3"
+      }
     },
     "fs.realpath": {
       "version": "1.0.0",
@@ -372,18 +358,19 @@
       "dev": true
     },
     "function-bind": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
-      "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
+      "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA=="
     },
     "get-intrinsic": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.1.1.tgz",
-      "integrity": "sha512-kWZrnVM42QCiEA2Ig1bG8zjoIMOgxWwYCEeNdwY6Tv/cOSeGpcoX4pXHfKUxNKVoArnrEr2e9srnAxxGIraS9Q==",
+      "version": "1.2.2",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.2.tgz",
+      "integrity": "sha512-0gSo4ml/0j98Y3lngkFEot/zhiCeWsbYIlZ+uZOVgzLyLaUw7wxUL+nCTP0XJvJg1AXulJRI3UJi8GsbDuxdGA==",
       "requires": {
-        "function-bind": "^1.1.1",
-        "has": "^1.0.3",
-        "has-symbols": "^1.0.1"
+        "function-bind": "^1.1.2",
+        "has-proto": "^1.0.1",
+        "has-symbols": "^1.0.3",
+        "hasown": "^2.0.0"
       }
     },
     "glob": {
@@ -400,23 +387,39 @@
         "path-is-absolute": "^1.0.0"
       }
     },
-    "has": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz",
-      "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==",
+    "gopd": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz",
+      "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==",
       "requires": {
-        "function-bind": "^1.1.1"
+        "get-intrinsic": "^1.1.3"
       }
     },
-    "has-bigints": {
+    "has-property-descriptors": {
       "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/has-bigints/-/has-bigints-1.0.1.tgz",
-      "integrity": "sha512-LSBS2LjbNBTf6287JEbEzvJgftkF5qFkmCo9hDRpAzKhUOlJ+hx8dd4USs00SgsUNwc4617J9ki5YtEClM2ffA=="
+      "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.1.tgz",
+      "integrity": "sha512-VsX8eaIewvas0xnvinAe9bw4WfIeODpGYikiWYLH+dma0Jw6KHYqWiWfhQlgOVK8D6PvjubK5Uc4P0iIhIcNVg==",
+      "requires": {
+        "get-intrinsic": "^1.2.2"
+      }
+    },
+    "has-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
+      "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg=="
     },
     "has-symbols": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.2.tgz",
-      "integrity": "sha512-chXa79rL/UC2KlX17jo3vRGz0azaWEx5tGqZg5pO3NUyEJVB17dMruQlzCCOfUvElghKcm5194+BCRvi2Rv/Gw=="
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
+      "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A=="
+    },
+    "has-tostringtag": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.0.tgz",
+      "integrity": "sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ==",
+      "requires": {
+        "has-symbols": "^1.0.2"
+      }
     },
     "hash-base": {
       "version": "3.1.0",
@@ -437,6 +440,14 @@
         "minimalistic-assert": "^1.0.1"
       }
     },
+    "hasown": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.0.tgz",
+      "integrity": "sha512-vUptKVTpIJhcczKBbgnS+RtcuYMB8+oNzPK2/Hp3hanz8JmpATdmmgLgSaadVREkDm+e2giHwY3ZRkyjSIDDFA==",
+      "requires": {
+        "function-bind": "^1.1.2"
+      }
+    },
     "hmac-drbg": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/hmac-drbg/-/hmac-drbg-1.0.1.tgz",
@@ -473,40 +484,26 @@
       "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
     },
     "is-arguments": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/is-arguments/-/is-arguments-1.1.0.tgz",
-      "integrity": "sha512-1Ij4lOMPl/xB5kBDn7I+b2ttPMKa8szhEIrXDuXQD/oe3HJLTLhqhgGspwgyGd6MOywBUqVvYicF72lkgDnIHg==",
-      "requires": {
-        "call-bind": "^1.0.0"
-      }
-    },
-    "is-bigint": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/is-bigint/-/is-bigint-1.0.2.tgz",
-      "integrity": "sha512-0JV5+SOCQkIdzjBK9buARcV804Ddu7A0Qet6sHi3FimE9ne6m4BGQZfRn+NZiXbBk4F4XmHfDZIipLj9pX8dSA=="
-    },
-    "is-boolean-object": {
       "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/is-boolean-object/-/is-boolean-object-1.1.1.tgz",
-      "integrity": "sha512-bXdQWkECBUIAcCkeH1unwJLIpZYaa5VvuygSyS/c2lf719mTKZDU5UdDRlpd01UjADgmW8RfqaP+mRaVPdr/Ng==",
+      "resolved": "https://registry.npmjs.org/is-arguments/-/is-arguments-1.1.1.tgz",
+      "integrity": "sha512-8Q7EARjzEnKpt/PCD7e1cgUS0a6X8u5tdSiMqXhojOdoV9TsMsiO+9VLC5vAmO8N7/GmXn7yjR8qnA6bVAEzfA==",
       "requires": {
-        "call-bind": "^1.0.2"
+        "call-bind": "^1.0.2",
+        "has-tostringtag": "^1.0.0"
       }
     },
     "is-callable": {
-      "version": "1.2.3",
-      "resolved": "https://registry.npmjs.org/is-callable/-/is-callable-1.2.3.tgz",
-      "integrity": "sha512-J1DcMe8UYTBSrKezuIUTUwjXsho29693unXM2YhJUTR2txK/eG47bvNa/wipPFmZFgr/N6f1GA66dv0mEyTIyQ=="
-    },
-    "is-date-object": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/is-date-object/-/is-date-object-1.0.4.tgz",
-      "integrity": "sha512-/b4ZVsG7Z5XVtIxs/h9W8nvfLgSAyKYdtGWQLbqy6jA1icmgjf8WCoTKgeS4wy5tYaPePouzFMANbnj94c2Z+A=="
+      "version": "1.2.7",
+      "resolved": "https://registry.npmjs.org/is-callable/-/is-callable-1.2.7.tgz",
+      "integrity": "sha512-1BC0BVFhS/p0qtw6enp8e+8OD0UrK0oFLztSjNzhcKA3WDuJxxAPXzPuPtKkjEY9UUoEWlX/8fgKeu2S8i9JTA=="
     },
     "is-generator-function": {
-      "version": "1.0.9",
-      "resolved": "https://registry.npmjs.org/is-generator-function/-/is-generator-function-1.0.9.tgz",
-      "integrity": "sha512-ZJ34p1uvIfptHCN7sFTjGibB9/oBg17sHqzDLfuwhvmN/qLVvIQXRQ8licZQ35WJ8KuEQt/etnnzQFI9C9Ue/A=="
+      "version": "1.0.10",
+      "resolved": "https://registry.npmjs.org/is-generator-function/-/is-generator-function-1.0.10.tgz",
+      "integrity": "sha512-jsEjy9l3yiXEQ+PsXdmBwEPcOxaXWLspKdplFUVI9vq1iZgIekeC0L167qeu86czQaxed3q/Uzuw0swL0irL8A==",
+      "requires": {
+        "has-tostringtag": "^1.0.0"
+      }
     },
     "is-nan": {
       "version": "1.3.2",
@@ -517,48 +514,12 @@
         "define-properties": "^1.1.3"
       }
     },
-    "is-negative-zero": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/is-negative-zero/-/is-negative-zero-2.0.1.tgz",
-      "integrity": "sha512-2z6JzQvZRa9A2Y7xC6dQQm4FSTSTNWjKIYYTt4246eMTJmIo0Q+ZyOsU66X8lxK1AbB92dFeglPLrhwpeRKO6w=="
-    },
-    "is-number-object": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/is-number-object/-/is-number-object-1.0.5.tgz",
-      "integrity": "sha512-RU0lI/n95pMoUKu9v1BZP5MBcZuNSVJkMkAG2dJqC4z2GlkGUNeH68SuHuBKBD/XFe+LHZ+f9BKkLET60Niedw=="
-    },
-    "is-regex": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.1.3.tgz",
-      "integrity": "sha512-qSVXFz28HM7y+IWX6vLCsexdlvzT1PJNFSBuaQLQ5o0IEw8UDYW6/2+eCMVyIsbM8CNLX2a/QWmSpyxYEHY7CQ==",
-      "requires": {
-        "call-bind": "^1.0.2",
-        "has-symbols": "^1.0.2"
-      }
-    },
-    "is-string": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/is-string/-/is-string-1.0.6.tgz",
-      "integrity": "sha512-2gdzbKUuqtQ3lYNrUTQYoClPhm7oQu4UdpSZMp1/DGgkHBT8E2Z1l0yMdb6D4zNAxwDiMv8MdulKROJGNl0Q0w=="
-    },
-    "is-symbol": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/is-symbol/-/is-symbol-1.0.4.tgz",
-      "integrity": "sha512-C/CPBqKWnvdcxqIARxyOh4v1UUEOCHpgDa0WYgpKDFMszcrPcffg5uhwSgPCLD2WWxmq6isisz87tzT01tuGhg==",
-      "requires": {
-        "has-symbols": "^1.0.2"
-      }
-    },
     "is-typed-array": {
-      "version": "1.1.5",
-      "resolved": "https://registry.npmjs.org/is-typed-array/-/is-typed-array-1.1.5.tgz",
-      "integrity": "sha512-S+GRDgJlR3PyEbsX/Fobd9cqpZBuvUS+8asRqYDMLCb2qMzt1oz5m5oxQCxOgUDxiWsOVNi4yaF+/uvdlHlYug==",
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/is-typed-array/-/is-typed-array-1.1.12.tgz",
+      "integrity": "sha512-Z14TF2JNG8Lss5/HMqt0//T9JeHXttXy5pH/DBU4vi98ozO2btxzq9MwYDZYnKwU8nRsz/+GVFVRDq3DkVuSPg==",
       "requires": {
-        "available-typed-arrays": "^1.0.2",
-        "call-bind": "^1.0.2",
-        "es-abstract": "^1.18.0-next.2",
-        "foreach": "^2.0.5",
-        "has-symbols": "^1.0.1"
+        "which-typed-array": "^1.1.11"
       }
     },
     "md5.js": {
@@ -598,18 +559,18 @@
       "integrity": "sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo="
     },
     "minimatch": {
-      "version": "3.0.4",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
-      "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==",
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
+      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
       "dev": true,
       "requires": {
         "brace-expansion": "^1.1.7"
       }
     },
     "object-inspect": {
-      "version": "1.10.3",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.10.3.tgz",
-      "integrity": "sha512-e5mCJlSH7poANfC8z8S9s9S2IN5/4Zb3aZ33f5s8YqoazCFzNLloLU8r5VCG+G7WoqLvAAZoVMcy3tp/3X0Plw=="
+      "version": "1.13.1",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz",
+      "integrity": "sha512-5qoj1RUiKOMsCCNLV1CBiPYE10sziTsnmNxkAI/rZhiD63CF7IqdFGC/XzjWjpSgLf0LxXX3bDFIh0E18f6UhQ=="
     },
     "object-is": {
       "version": "1.1.5",
@@ -626,13 +587,13 @@
       "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA=="
     },
     "object.assign": {
-      "version": "4.1.2",
-      "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.2.tgz",
-      "integrity": "sha512-ixT2L5THXsApyiUPYKmW+2EHpXXe5Ii3M+f4e+aJFAHao5amFRW6J0OO6c/LU8Be47utCx2GL89hxGB6XSmKuQ==",
+      "version": "4.1.4",
+      "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.4.tgz",
+      "integrity": "sha512-1mxKf0e58bvyjSCtKYY4sRe9itRk3PJpquJOjeIkz885CczcI4IvJJDLPS72oowuSh+pBxUFROpX+TU++hxhZQ==",
       "requires": {
-        "call-bind": "^1.0.0",
-        "define-properties": "^1.1.3",
-        "has-symbols": "^1.0.1",
+        "call-bind": "^1.0.2",
+        "define-properties": "^1.1.4",
+        "has-symbols": "^1.0.3",
         "object-keys": "^1.1.1"
       }
     },
@@ -720,10 +681,13 @@
       "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz",
       "integrity": "sha1-wNWmOycYgArY4esPpSachN1BhF4="
     },
-    "querystring": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/querystring/-/querystring-0.2.0.tgz",
-      "integrity": "sha1-sgmEkgO7Jd+CDadW50cAWHhSFiA="
+    "qs": {
+      "version": "6.11.2",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.2.tgz",
+      "integrity": "sha512-tDNIz22aBzCDxLtVH++VnTfzxlfeK5CbqohpSqpJgj1Wg/cQbStNAz3NuqCs5vV+pjBsK4x4pN9HlVh7rcYRiA==",
+      "requires": {
+        "side-channel": "^1.0.4"
+      }
     },
     "querystring-es3": {
       "version": "0.2.1",
@@ -748,9 +712,9 @@
       }
     },
     "readable-stream": {
-      "version": "3.6.0",
-      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz",
-      "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==",
+      "version": "3.6.2",
+      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
+      "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
       "requires": {
         "inherits": "^2.0.3",
         "string_decoder": "^1.1.1",
@@ -785,6 +749,17 @@
       "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
       "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
     },
+    "set-function-length": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.1.1.tgz",
+      "integrity": "sha512-VoaqjbBJKiWtg4yRcKBQ7g7wnGnLV3M8oLvVWwOk2PdYY6PEFegR1vezXR0tw6fZGF9csVakIRjrJiy2veSBFQ==",
+      "requires": {
+        "define-data-property": "^1.1.1",
+        "get-intrinsic": "^1.2.1",
+        "gopd": "^1.0.1",
+        "has-property-descriptors": "^1.0.0"
+      }
+    },
     "setimmediate": {
       "version": "1.0.5",
       "resolved": "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz",
@@ -799,6 +774,16 @@
         "safe-buffer": "^5.0.1"
       }
     },
+    "side-channel": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.4.tgz",
+      "integrity": "sha512-q5XPytqFEIKHkGdiMIrY10mvLRvnQh42/+GoBlFW3b2LXLE2xxJpZFdm94we0BaoV3RwJyGqg5wS7epxTv0Zvw==",
+      "requires": {
+        "call-bind": "^1.0.0",
+        "get-intrinsic": "^1.0.2",
+        "object-inspect": "^1.9.0"
+      }
+    },
     "stream-browserify": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/stream-browserify/-/stream-browserify-3.0.0.tgz",
@@ -819,24 +804,6 @@
         "xtend": "^4.0.2"
       }
     },
-    "string.prototype.trimend": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/string.prototype.trimend/-/string.prototype.trimend-1.0.4.tgz",
-      "integrity": "sha512-y9xCjw1P23Awk8EvTpcyL2NIr1j7wJ39f+k6lvRnSMz+mz9CGz9NYPelDk42kOz6+ql8xjfK8oYzy3jAP5QU5A==",
-      "requires": {
-        "call-bind": "^1.0.2",
-        "define-properties": "^1.1.3"
-      }
-    },
-    "string.prototype.trimstart": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/string.prototype.trimstart/-/string.prototype.trimstart-1.0.4.tgz",
-      "integrity": "sha512-jh6e984OBfvxS50tdY2nRZnoC5/mLFKOREQfw8t5yytkoUsJRNxvI/E39qu1sD0OtWI3OC0XgKSmcWwziwYuZw==",
-      "requires": {
-        "call-bind": "^1.0.2",
-        "define-properties": "^1.1.3"
-      }
-    },
     "string_decoder": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
@@ -858,80 +825,47 @@
       "resolved": "https://registry.npmjs.org/tty-browserify/-/tty-browserify-0.0.1.tgz",
       "integrity": "sha512-C3TaO7K81YvjCgQH9Q1S3R3P3BtN3RIM8n+OvX4il1K1zgE8ZhI0op7kClgkxtutIE8hQrcrHBXvIheqKUUCxw=="
     },
-    "unbox-primitive": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/unbox-primitive/-/unbox-primitive-1.0.1.tgz",
-      "integrity": "sha512-tZU/3NqK3dA5gpE1KtyiJUrEB0lxnGkMFHptJ7q6ewdZ8s12QrODwNbhIJStmJkd1QDXa1NRA8aF2A1zk/Ypyw==",
-      "requires": {
-        "function-bind": "^1.1.1",
-        "has-bigints": "^1.0.1",
-        "has-symbols": "^1.0.2",
-        "which-boxed-primitive": "^1.0.2"
-      }
-    },
     "url": {
-      "version": "0.11.0",
-      "resolved": "https://registry.npmjs.org/url/-/url-0.11.0.tgz",
-      "integrity": "sha1-ODjpfPxgUh63PFJajlW/3Z4uKPE=",
+      "version": "0.11.3",
+      "resolved": "https://registry.npmjs.org/url/-/url-0.11.3.tgz",
+      "integrity": "sha512-6hxOLGfZASQK/cijlZnZJTq8OXAkt/3YGfQX45vvMYXpZoo8NdWZcY73K108Jf759lS1Bv/8wXnHDTSz17dSRw==",
       "requires": {
-        "punycode": "1.3.2",
-        "querystring": "0.2.0"
-      },
-      "dependencies": {
-        "punycode": {
-          "version": "1.3.2",
-          "resolved": "https://registry.npmjs.org/punycode/-/punycode-1.3.2.tgz",
-          "integrity": "sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0="
-        }
+        "punycode": "^1.4.1",
+        "qs": "^6.11.2"
       }
     },
     "util": {
-      "version": "0.12.4",
-      "resolved": "https://registry.npmjs.org/util/-/util-0.12.4.tgz",
-      "integrity": "sha512-bxZ9qtSlGUWSOy9Qa9Xgk11kSslpuZwaxCg4sNIDj6FLucDab2JxnHwyNTCpHMtK1MjoQiWQ6DiUMZYbSrO+Sw==",
+      "version": "0.12.5",
+      "resolved": "https://registry.npmjs.org/util/-/util-0.12.5.tgz",
+      "integrity": "sha512-kZf/K6hEIrWHI6XqOFUiiMa+79wE/D8Q+NCNAWclkyg3b4d2k7s0QGepNjiABc+aR3N1PAyHL7p6UcLY6LmrnA==",
       "requires": {
         "inherits": "^2.0.3",
         "is-arguments": "^1.0.4",
         "is-generator-function": "^1.0.7",
         "is-typed-array": "^1.1.3",
-        "safe-buffer": "^5.1.2",
         "which-typed-array": "^1.1.2"
       }
     },
     "util-deprecate": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
-      "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8="
+      "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw=="
     },
     "vm-browserify": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/vm-browserify/-/vm-browserify-1.1.2.tgz",
       "integrity": "sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ=="
     },
-    "which-boxed-primitive": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/which-boxed-primitive/-/which-boxed-primitive-1.0.2.tgz",
-      "integrity": "sha512-bwZdv0AKLpplFY2KZRX6TvyuN7ojjr7lwkg6ml0roIy9YeuSr7JS372qlNW18UQYzgYK9ziGcerWqZOmEn9VNg==",
-      "requires": {
-        "is-bigint": "^1.0.1",
-        "is-boolean-object": "^1.1.0",
-        "is-number-object": "^1.0.4",
-        "is-string": "^1.0.5",
-        "is-symbol": "^1.0.3"
-      }
-    },
     "which-typed-array": {
-      "version": "1.1.4",
-      "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.4.tgz",
-      "integrity": "sha512-49E0SpUe90cjpoc7BOJwyPHRqSAd12c10Qm2amdEZrJPCY2NDxaW01zHITrem+rnETY3dwrbH3UUrUwagfCYDA==",
+      "version": "1.1.13",
+      "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.13.tgz",
+      "integrity": "sha512-P5Nra0qjSncduVPEAr7xhoF5guty49ArDTwzJ/yNuPIbZppyRxFQsRCWrocxIY+CnMVG+qfbU2FmDKyvSGClow==",
       "requires": {
-        "available-typed-arrays": "^1.0.2",
-        "call-bind": "^1.0.0",
-        "es-abstract": "^1.18.0-next.1",
-        "foreach": "^2.0.5",
-        "function-bind": "^1.1.1",
-        "has-symbols": "^1.0.1",
-        "is-typed-array": "^1.1.3"
+        "available-typed-arrays": "^1.0.5",
+        "call-bind": "^1.0.4",
+        "for-each": "^0.3.3",
+        "gopd": "^1.0.1",
+        "has-tostringtag": "^1.0.0"
       }
     },
     "wrappy": {

npm-packages/meteor-node-stubs/package.json

@@ -2,37 +2,38 @@
   "name": "meteor-node-stubs",
   "author": "Ben Newman <ben@meteor.com>",
   "description": "Stub implementations of Node built-in modules, a la Browserify",
-  "version": "1.2.5",
+  "version": "1.2.7",
   "main": "index.js",
   "license": "MIT",
   "homepage": "https://github.com/meteor/meteor/blob/devel/npm-packages/meteor-node-stubs/README.md",
+  "type": "commonjs",
   "scripts": {
     "prepare": "node scripts/build-deps.js"
   },
   "dependencies": {
-    "assert": "^2.0.0",
+    "assert": "^2.1.0",
     "browserify-zlib": "^0.2.0",
     "buffer": "^5.7.1",
     "console-browserify": "^1.2.0",
     "constants-browserify": "^1.0.0",
     "crypto-browserify": "^3.12.0",
-    "domain-browser": "^4.22.0",
+    "domain-browser": "^4.23.0",
     "elliptic": "^6.5.4",
     "events": "^3.3.0",
     "https-browserify": "^1.0.0",
     "os-browserify": "^0.3.0",
-    "path-browserify": "^1.0.0",
+    "path-browserify": "^1.0.1",
     "process": "^0.11.10",
     "punycode": "^1.4.1",
     "querystring-es3": "^0.2.1",
-    "readable-stream": "^3.6.0",
+    "readable-stream": "^3.6.2",
     "stream-browserify": "^3.0.0",
     "stream-http": "^3.2.0",
     "string_decoder": "^1.3.0",
     "timers-browserify": "^2.0.12",
     "tty-browserify": "0.0.1",
-    "url": "^0.11.0",
-    "util": "^0.12.4",
+    "url": "^0.11.3",
+    "util": "^0.12.5",
     "vm-browserify": "^1.1.2"
   },
   "bundledDependencies": [
@@ -61,7 +62,7 @@
     "vm-browserify"
   ],
   "devDependencies": {
-    "rimraf": "^2.5.2"
+    "rimraf": "^2.7.1"
   },
   "repository": {
     "type": "git",

npm-packages/meteor-promise/package.json

@@ -1,8 +1,9 @@
 {
   "name": "meteor-promise",
   "author": "Ben Newman <ben@meteor.com>",
-  "version": "0.9.1",
+  "version": "0.9.2",
   "description": "ES6 Promise polyfill with Fiber support",
+  "type": "commonjs",
   "keywords": [
     "meteor",
     "promise",

packages/accounts-2fa/.npm/package/npm-shrinkwrap.json

@@ -2,9 +2,9 @@
   "lockfileVersion": 4,
   "dependencies": {
     "@types/node": {
-      "version": "20.10.4",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.4.tgz",
-      "integrity": "sha512-D08YG6rr8X90YB56tSIuBaddy/UXAA9RKJoFvrsnogAum/0pmjkgi4+2nx96A330FmioegBWmEYQ+syqCFaveg=="
+      "version": "20.10.5",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.5.tgz",
+      "integrity": "sha512-nNPsNE65wjMxEKI93yOP+NPGGBJz/PoN3kZsVLee0XMiJolxSekEVD8wRwBUBqkwc7UWop0edW50yrCQW4CyRw=="
     },
     "@types/notp": {
       "version": "2.0.5",

packages/accounts-base/accounts_client.js

@@ -229,13 +229,14 @@ export class AccountsClient extends AccountsCommon {
     const loginCallbacks = ({ error, loginDetails }) => {
       if (!called) {
         called = true;
-        this._loginCallbacksCalled = true;
         if (!error) {
           this._onLoginHook.forEach(callback => {
             callback(loginDetails);
             return true;
           });
+          this._loginCallbacksCalled = true;
         } else {
+          this._loginCallbacksCalled = false;
           this._onLoginFailureHook.forEach(callback => {
             callback({ error });
             return true;

packages/accounts-oauth/oauth_common.js

@@ -36,7 +36,7 @@ Accounts.oauth.registerService = name => {
     // so this should be a unique index. You might want to add indexes for other
     // fields returned by your service (eg services.github.login) but you can do
     // that in your app.
-    Meteor.users.createIndex(`services.${name}.id`, {unique: true, sparse: true});
+    Meteor.users.createIndexAsync(`services.${name}.id`, {unique: true, sparse: true});
   }
 };
 

packages/accounts-passwordless/passwordless_server.js

@@ -12,9 +12,13 @@ const findUserWithOptions = async ({ selector }) => {
   if (!selector) {
     Accounts._handleError('A selector is necessary');
   }
-  const { email, ...rest } = selector;
+  const { email, id, ...rest } = selector;
   return Meteor.users.findOneAsync(
-    { ...rest, ...(email ? { 'emails.address': selector.email } : {}) },
+    {
+      ...rest,
+      ...(id && { _id: id }),
+      ...(email && { 'emails.address': email })
+    },
     {
       fields: {
         services: 1,
@@ -232,11 +236,11 @@ Accounts.sendLoginTokenEmail = async ({ userId, sequence, email, extra = {} }) =
 };
 
 const setupUsersCollection = () => {
-  Meteor.users.createIndex('services.passwordless.tokens.token', {
+  Meteor.users.createIndexAsync('services.passwordless.tokens.token', {
     unique: true,
     sparse: true,
   });
-  Meteor.users.createIndex('services.passwordless.token', {
+  Meteor.users.createIndexAsync('services.passwordless.token', {
     unique: true,
     sparse: true,
   });

packages/boilerplate-generator/.npm/package/npm-shrinkwrap.json

@@ -16,6 +16,21 @@
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
       "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA=="
     },
+    "lodash._reinterpolate": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz",
+      "integrity": "sha512-xYHt68QRoYGjeeM/XOE1uJtvXQAgvszfBhjV4yvsQH0u2i9I6cI6c6/eG4Hh3UAOVn0y/xAXwmTzEay49Q//HA=="
+    },
+    "lodash.template": {
+      "version": "4.5.0",
+      "resolved": "https://registry.npmjs.org/lodash.template/-/lodash.template-4.5.0.tgz",
+      "integrity": "sha512-84vYFxIkmidUiFxidA/KjjH9pAycqW+h980j7Fuz5qxRtO9pgB7MDFTdys1N7A5mcucRiDyEq4fusljItR1T/A=="
+    },
+    "lodash.templatesettings": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/lodash.templatesettings/-/lodash.templatesettings-4.2.0.tgz",
+      "integrity": "sha512-stgLz+i3Aa9mZgnjr/O+v9ruKZsPsndy7qPZOchbqk2cnTU1ZaldKK+v7m54WoKIyxiuMZTKT2H81F8BeAc3ZQ=="
+    },
     "ms": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",

packages/boilerplate-generator/package.js

@@ -4,12 +4,12 @@ Package.describe({
 });
 
 Npm.depends({
-  "combined-stream2": "1.1.2"
+  "combined-stream2": "1.1.2",
+  "lodash.template": "4.5.0"
 });
 
 Package.onUse(api => {
   api.use('ecmascript');
-  api.use('underscore', 'server');
   api.mainModule('generator.js', 'server');
   api.export('Boilerplate', 'server');
 });

packages/boilerplate-generator/template.js

@@ -1,4 +1,4 @@
-import { _ } from 'meteor/underscore';
+import lodashTemplate from 'lodash.template';
 
 // As identified in issue #9149, when an application overrides the default
 // _.template settings using _.templateSettings, those new settings are
@@ -6,9 +6,9 @@ import { _ } from 'meteor/underscore';
 // boilerplate-generator. To handle this, _.template settings that have
 // been verified to work are overridden here on each _.template call.
 export default function template(text) {
-  return _.template(text, null, {
+  return lodashTemplate(text, null, {
     evaluate    : /<%([\s\S]+?)%>/g,
     interpolate : /<%=([\s\S]+?)%>/g,
     escape      : /<%-([\s\S]+?)%>/g,
   });
-};
+};

packages/browser-policy-content/browser-policy-content.js

@@ -53,15 +53,19 @@ var contentSniffingAllowed = false;
 var BrowserPolicy = require("meteor/browser-policy-common").BrowserPolicy;
 BrowserPolicy.content = {};
 
+var mergeUnique = function (firstArray, secondArray) {
+  return firstArray.concat(secondArray.filter(function (item) {return firstArray.indexOf(item) < 0}));
+}
+
 var parseCsp = function (csp) {
   var policies = csp.split("; ");
   cspSrcs = {};
-  _.each(policies, function (policy) {
+  policies.forEach(function (policy) {
     if (policy[policy.length - 1] === ";")
       policy = policy.substring(0, policy.length - 1);
     var srcs = policy.split(" ");
     var directive = srcs[0];
-    if (_.indexOf(srcs, keywords.none) !== -1)
+    if (srcs.indexOf(keywords.none) !== -1)
       cspSrcs[directive] = null;
     else
       cspSrcs[directive] = srcs.slice(1);
@@ -72,13 +76,17 @@ var parseCsp = function (csp) {
                     "browser-policy must specify a default-src.");
 
   // Copy default-src sources to other directives.
-  _.each(cspSrcs, function (sources, directive) {
-    cspSrcs[directive] = _.union(sources || [], cspSrcs["default-src"] || []);
+  Object.entries(cspSrcs).forEach(function (entry) {
+    var directive = entry[0];
+    var sources = entry[1];
+    cspSrcs[directive] = mergeUnique(sources || [], cspSrcs["default-src"] || []);
   });
 };
 
 var removeCspSrc = function (directive, src) {
-  cspSrcs[directive] = _.without(cspSrcs[directive] || [], src);
+  cspSrcs[directive] = (cspSrcs[directive] || []).filter(function(value) {
+    return value !== src;
+  });
 };
 
 // Prepare for a change to cspSrcs. Ensure that we have a key in the dictionary
@@ -86,8 +94,8 @@ var removeCspSrc = function (directive, src) {
 var prepareForCspDirective = function (directive) {
   cspSrcs = cspSrcs || {};
   cachedCsp = null;
-  if (! _.has(cspSrcs, directive))
-    cspSrcs[directive] = _.clone(cspSrcs["default-src"]);
+  if (!(directive in cspSrcs))
+    cspSrcs[directive] = [].concat(cspSrcs["default-src"]);
 };
 
 // Add `src` to the list of allowed sources for `directive`, with the
@@ -100,7 +108,7 @@ var prepareForCspDirective = function (directive) {
 // - Trim trailing slashes from `src`, since some browsers interpret
 //   "foo.com/" as "foo.com" and some don't.
 var addSourceForDirective = function (directive, src) {
-  if (_.contains(_.values(keywords), src)) {
+  if (Object.values(keywords).includes(src)) {
     cspSrcs[directive].push(src);
   } else {
     var toAdd = [];
@@ -123,7 +131,7 @@ var addSourceForDirective = function (directive, src) {
       }
     }
 
-    _.each(toAdd, function (s) {
+    toAdd.forEach(function (s) {
       cspSrcs[directive].push(s);
     });
   }
@@ -148,25 +156,27 @@ var setWebAppInlineScripts = async function (value) {
     await WebAppInternals.setInlineScriptsAllowed(value);
 };
 
-_.extend(BrowserPolicy.content, {
+Object.assign(BrowserPolicy.content, {
   allowContentTypeSniffing: function () {
     contentSniffingAllowed = true;
   },
   // Exported for tests and browser-policy-common.
   _constructCsp: function () {
-    if (! cspSrcs || _.isEmpty(cspSrcs))
+    if (! cspSrcs || (Object.keys(cspSrcs).length === 0 && cspSrcs.constructor === Object))
       return null;
 
     if (cachedCsp)
       return cachedCsp;
 
-    var header = _.map(cspSrcs, function (srcs, directive) {
-      srcs = srcs || [];
-      if (_.isEmpty(srcs))
-        srcs = [keywords.none];
-      var directiveCsp = _.uniq(srcs).join(" ");
-      return directive + " " + directiveCsp + ";";
-    });
+      var header = Object.entries(cspSrcs).map(function (entry) {
+        var directive = entry[0];
+        var srcs = entry[1];
+        srcs = srcs || [];
+        if ((!Array.isArray(srcs) || !srcs.length))
+          srcs = [keywords.none];
+        var directiveCsp = srcs.filter(function(value, index, array) {return array.indexOf(value) === index}).join(" ");
+        return directive + " " + directiveCsp + ";";
+      });
 
     header = header.join(" ");
     cachedCsp = header;
@@ -187,7 +197,7 @@ _.extend(BrowserPolicy.content, {
 
   _keywordAllowed: function (directive, keyword) {
     return (cspSrcs[directive] &&
-            _.indexOf(cspSrcs[directive], keyword) !== -1);
+      cspSrcs[directive].indexOf(keyword) !== -1)
   },
 
   // Helpers for creating content security policies
@@ -228,7 +238,7 @@ _.extend(BrowserPolicy.content, {
   },
   allowOriginForAll: function (origin) {
     prepareForCspDirective("default-src");
-    _.each(_.keys(cspSrcs), function (directive) {
+    Object.keys(cspSrcs).forEach(function (directive) {
       addSourceForDirective(directive, origin);
     });
   },
@@ -260,7 +270,7 @@ var resources = [
   { methodResource: "Frame", directive: "frame-src" },
   { methodResource: "FrameAncestors", directive: "frame-ancestors" }
 ];
-_.each(resources, function (resource) {
+resources.forEach(function (resource) {
   var directive = resource.directive;
   var methodResource = resource.methodResource;
   var allowMethodName = "allow" + methodResource + "Origin";
@@ -302,4 +312,4 @@ _.each(resources, function (resource) {
 
 await setDefaultPolicy();
 
-exports.BrowserPolicy = BrowserPolicy;
+exports.BrowserPolicy = BrowserPolicy;

packages/browser-policy-content/package.js

@@ -5,8 +5,8 @@ Package.describe({
 
 Package.onUse(function (api) {
   api.use("ecmascript");
-  api.use("modules");
-  api.use(["underscore", "browser-policy-common", "webapp"], "server");
+  api.use("ecmascript");
+  api.use(["browser-policy-common", "webapp"], "server");
   api.imply(["browser-policy-common"], "server");
   api.mainModule("browser-policy-content.js", "server");
 });

packages/constraint-solver/.npm/package/.gitignore

@@ -0,0 +1 @@
+node_modules

packages/constraint-solver/.npm/package/README

@@ -0,0 +1,7 @@
+This directory and the files immediately inside it are automatically generated
+when you change this package's NPM dependencies. Commit the files in this
+directory (npm-shrinkwrap.json, .gitignore, and this README) to source control
+so that others run the same versions of sub-dependencies.
+
+You should NOT check in the node_modules directory that Meteor automatically
+creates; if you are using git, the .gitignore file tells git to ignore it.

packages/constraint-solver/.npm/package/npm-shrinkwrap.json

@@ -0,0 +1,45 @@
+{
+  "lockfileVersion": 4,
+  "dependencies": {
+    "lodash.groupby": {
+      "version": "4.6.0",
+      "resolved": "https://registry.npmjs.org/lodash.groupby/-/lodash.groupby-4.6.0.tgz",
+      "integrity": "sha512-5dcWxm23+VAoz+awKmBaiBvzox8+RqMgFhi7UvX9DHZr2HdxHXM/Wrf8cfKpsW37RNrvtPn6hSwNqurSILbmJw=="
+    },
+    "lodash.has": {
+      "version": "4.5.2",
+      "resolved": "https://registry.npmjs.org/lodash.has/-/lodash.has-4.5.2.tgz",
+      "integrity": "sha512-rnYUdIo6xRCJnQmbVFEwcxF144erlD+M3YcJUVesflU9paQaE8p+fJDcIQrlMYbxoANFL+AB9hZrzSBBk5PL+g=="
+    },
+    "lodash.isempty": {
+      "version": "4.4.0",
+      "resolved": "https://registry.npmjs.org/lodash.isempty/-/lodash.isempty-4.4.0.tgz",
+      "integrity": "sha512-oKMuF3xEeqDltrGMfDxAPGIVMSSRv8tbRSODbrs4KGsRRLEhrW8N8Rd4DRgB2+621hY8A8XwwrTVhXWpxFvMzg=="
+    },
+    "lodash.isequal": {
+      "version": "4.5.0",
+      "resolved": "https://registry.npmjs.org/lodash.isequal/-/lodash.isequal-4.5.0.tgz",
+      "integrity": "sha512-pDo3lu8Jhfjqls6GkMgpahsF9kCyayhgykjyLMNFTKWrpVdAQtYyB4muAMWozBB4ig/dtWAmsMxLEI8wuz+DYQ=="
+    },
+    "lodash.isobject": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/lodash.isobject/-/lodash.isobject-3.0.2.tgz",
+      "integrity": "sha512-3/Qptq2vr7WeJbB4KHUSKlq8Pl7ASXi3UG6CMbBm8WRtXi8+GHm7mKaU3urfpSEzWe2wCIChs6/sdocUsTKJiA=="
+    },
+    "lodash.isstring": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
+      "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw=="
+    },
+    "lodash.memoize": {
+      "version": "4.1.2",
+      "resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz",
+      "integrity": "sha512-t7j+NzmgnQzTAYXcsHYLgimltOV1MXHtlOWf6GjL9Kj8GK5FInw5JotxvbOs+IvV1/Dzo04/fCGfLVs7aXb4Ag=="
+    },
+    "lodash.zip": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/lodash.zip/-/lodash.zip-4.2.0.tgz",
+      "integrity": "sha512-C7IOaBBK/0gMORRBd8OETNx3kmOkgIWIPvyDpZSCTwUrpYmgZwJkjZeOD8ww4xbOUOs4/attY+pciKvadNfFbg=="
+    }
+  }
+}

packages/constraint-solver/benchmark-tests.js

@@ -274,7 +274,7 @@ runBenchmarks && Tinytest.addAsync("constraint solver - benchmark on gems - rail
   var solution = resolved.answer;
 
   // check that root deps are the same
-  _.each(args.dependencies, function (dep) {
+  args.dependencies.forEach(function (dep) {
     if (previousSolution[dep])
       test.equal(solution[dep], previousSolution[dep], dep);
   });
@@ -285,17 +285,17 @@ runBenchmarks && Tinytest.addAsync("constraint solver - benchmark on gems - rail
 function getCatalogStub (gems) {
   return {
     getSortedVersionRecords(name) {
-      var versions = _.chain(gems)
-        .filter(function (pv) { return pv.name === name; })
-        .pluck('number')
+      var versions = Object.values(gems.filter(function (pv) { return pv.name === name; })
+        .map(function(gem) {
+          return gem.number
+        })
         .filter(function (v) {
           return PackageVersion.getValidServerVersion(v);
         })
-        .sort(PackageVersion.compare)
-        .uniq(true)
-        .value();
-      return _.map(versions, function (version) {
-        var gem = _.find(gems, function (pv) {
+        .sort(PackageVersion.compare));
+        
+      return versions.map(function (version) {
+        var gem = gems.find(function (pv) {
           return pv.name === name && pv.number === version;
         });
 
@@ -305,7 +305,7 @@ function getCatalogStub (gems) {
           dependencies: {}
         };
 
-        _.each(gem.dependencies, function (dep) {
+        gem.dependencies.forEach(function (dep) {
           var name = dep[0];
           var constraint = dep[1];
 
@@ -333,4 +333,4 @@ function getCatalogStub (gems) {
       return result;
     }
   };
-}
+}

packages/constraint-solver/catalog-cache-tests.js

@@ -38,8 +38,8 @@ Tinytest.add("constraint solver - CatalogCache", function (test) {
   var pvs = {};
   cache.eachPackageVersion(function (pv, deps) {
     check(pv, CS.PackageAndVersion);
-    check(_.values(deps), [CS.Dependency]);
-    pvs[pv.package+' '+pv.version] = _.keys(deps).sort();
+    check(Object.values(deps), [CS.Dependency]);
+    pvs[`${pv.package} ${pv.version}`] = Object.keys(deps).sort();
   });
   test.equal(pvs, {'foo 1.0.0': ['bar'],
                    'foo 1.0.1': ['bar', 'bzzz', 'weakly1', 'weakly2']});
@@ -52,9 +52,9 @@ Tinytest.add("constraint solver - CatalogCache", function (test) {
   test.equal(oneVersion.length, 1); // don't know which it is
 
   var foos = [];
-  _.each(cache.getPackageVersions('foo'), function (v) {
+  cache.getPackageVersions('foo').forEach(function (v) {
     var depMap = cache.getDependencyMap('foo', v);
-    foos.push([v, _.map(depMap, String).sort()]);
+    foos.push([v, Object.values(depMap).map(String).sort()]);
   });
   // versions should come out sorted, just like this.
   test.equal(foos,
@@ -81,4 +81,4 @@ Tinytest.add("constraint solver - CatalogCache", function (test) {
     return true;
   });
   test.equal(onePackage.length, 1); // don't know which package it is
-});
+});

packages/constraint-solver/catalog-cache.js

@@ -1,3 +1,6 @@
+const has = require('lodash.has');
+const memoize = require('lodash.memoize');
+
 var CS = ConstraintSolver;
 var PV = PackageVersion;
 
@@ -18,7 +21,7 @@ CS.CatalogCache = function () {
 };
 
 CS.CatalogCache.prototype.hasPackageVersion = function (pkg, version) {
-  return _.has(this._dependencies, pvkey(pkg, version));
+  return has(this._dependencies, pvkey(pkg, version));
 };
 
 CS.CatalogCache.prototype.addPackageVersion = function (p, v, deps) {
@@ -28,11 +31,11 @@ CS.CatalogCache.prototype.addPackageVersion = function (p, v, deps) {
   check(deps, [CS.Dependency]);
 
   var key = pvkey(p, v);
-  if (_.has(this._dependencies, key)) {
+  if (has(this._dependencies, key)) {
     throw new Error("Already have an entry for " + key);
   }
 
-  if (! _.has(this._versions, p)) {
+  if (!has(this._versions, p)) {
     this._versions[p] = [];
   }
   this._versions[p].push(v);
@@ -40,9 +43,9 @@ CS.CatalogCache.prototype.addPackageVersion = function (p, v, deps) {
 
   var depsByPackage = {};
   this._dependencies[key] = depsByPackage;
-  _.each(deps, function (d) {
+  deps.forEach(function (d) {
     var p2 = d.packageConstraint.package;
-    if (_.has(depsByPackage, p2)) {
+    if (has(depsByPackage, p2)) {
       throw new Error("Can't have two dependencies on " + p2 +
                       " in " + key);
     }
@@ -55,7 +58,7 @@ CS.CatalogCache.prototype.addPackageVersion = function (p, v, deps) {
 // `d.packageConstraint.package`.  (Don't mutate the map.)
 CS.CatalogCache.prototype.getDependencyMap = function (p, v) {
   var key = pvkey(p, v);
-  if (! _.has(this._dependencies, key)) {
+  if (!has(this._dependencies, key)) {
     throw new Error("No entry for " + key);
   }
   return this._dependencies[key];
@@ -64,14 +67,14 @@ CS.CatalogCache.prototype.getDependencyMap = function (p, v) {
 // Returns an array of version strings, sorted, possibly empty.
 // (Don't mutate the result.)
 CS.CatalogCache.prototype.getPackageVersions = function (pkg) {
-  var result = (_.has(this._versions, pkg) ?
+  var result = (has(this._versions, pkg) ?
                 this._versions[pkg] : []);
   if ((!result.length) || result.sorted) {
     return result;
   } else {
     // sort in place, and record so that we don't sort redundantly
     // (we'll sort again if more versions are pushed onto the array)
-    var pvParse = _.memoize(PV.parse);
+    var pvParse = memoize(PV.parse);
     result.sort(function (a, b) {
       return PV.compare(pvParse(a), pvParse(b));
     });
@@ -81,16 +84,16 @@ CS.CatalogCache.prototype.getPackageVersions = function (pkg) {
 };
 
 CS.CatalogCache.prototype.hasPackage = function (pkg) {
-  return _.has(this._versions, pkg);
+  return has(this._versions, pkg);
 };
 
 CS.CatalogCache.prototype.toJSONable = function () {
   var self = this;
   var data = {};
-  _.each(self._dependencies, function (depsByPackage, key) {
+  Object.entries(self._dependencies).forEach(function ([key, depsByPackage]) {
     // depsByPackage is a map of String -> Dependency.
     // Map over the values to get an array of String.
-    data[key] = _.map(depsByPackage, function (dep) {
+    data[key] = Object.values(depsByPackage).map(function (dep) {
       return dep.toString();
     });
   });
@@ -101,12 +104,12 @@ CS.CatalogCache.fromJSONable = function (obj) {
   check(obj, { data: Object });
 
   var cache = new CS.CatalogCache();
-  _.each(obj.data, function (depsArray, pv) {
+  Object.entries(obj.data).forEach(function ([pv, depsArray]) {
     check(depsArray, [String]);
     pv = CS.PackageAndVersion.fromString(pv);
     cache.addPackageVersion(
       pv.package, pv.version,
-      _.map(depsArray, function (str) {
+      depsArray.map(function (str) {
         return CS.Dependency.fromString(str);
       }));
   });
@@ -118,8 +121,8 @@ CS.CatalogCache.fromJSONable = function (obj) {
 // iteration is stopped.  There's no particular order to the iteration.
 CS.CatalogCache.prototype.eachPackageVersion = function (iter) {
   var self = this;
-  _.find(self._dependencies, function (value, key) {
-    var stop = iter(CS.PackageAndVersion.fromString(key), value);
+  Object.keys(self._dependencies).find(function (key) {
+    var stop = iter(CS.PackageAndVersion.fromString(key), self._dependencies[key]);
     return stop;
   });
 };
@@ -129,7 +132,7 @@ CS.CatalogCache.prototype.eachPackageVersion = function (iter) {
 // If `iter` returns true, iteration is stopped.
 ConstraintSolver.CatalogCache.prototype.eachPackage = function (iter) {
   var self = this;
-  _.find(_.keys(self._versions), function (key) {
+  Object.keys(self._versions).find(function (key) {
     var stop = iter(key, self.getPackageVersions(key));
     return stop;
   });

packages/constraint-solver/catalog-loader.js

@@ -1,3 +1,5 @@
+const has = require('lodash.has');
+
 var PV = PackageVersion;
 var CS = ConstraintSolver;
 
@@ -35,10 +37,10 @@ CS.CatalogLoader = function (fromCatalog, toCatalogCache) {
 };
 
 var convertDeps = function (catalogDeps) {
-  return _.map(catalogDeps, function (dep, pkg) {
+  return Object.entries(catalogDeps).map(function ([pkg, dep], ) {
     // The dependency is strong if any of its "references"
     // (for different architectures) are strong.
-    var isStrong = _.any(dep.references, function (ref) {
+    var isStrong = dep.references.some(function (ref) {
       return !ref.weak;
     });
 
@@ -52,7 +54,7 @@ var convertDeps = function (catalogDeps) {
 // Since we don't fetch different versions of a package independently
 // at the moment, this helper is where we get our data.
 CS.CatalogLoader.prototype._getSortedVersionRecords = async function (pkg) {
-  if (! _.has(this._sortedVersionRecordsCache, pkg)) {
+  if (!has(this._sortedVersionRecordsCache, pkg)) {
     this._sortedVersionRecordsCache[pkg] =
       await this.catalog.getSortedVersionRecords(pkg);
   }
@@ -65,8 +67,8 @@ CS.CatalogLoader.prototype.loadSingleVersion = async function (pkg, version) {
   var cache = self.catalogCache;
   if (! cache.hasPackageVersion(pkg, version)) {
     var rec;
-    if (_.has(self._sortedVersionRecordsCache, pkg)) {
-      rec = _.find(self._sortedVersionRecordsCache[pkg],
+    if (has(self._sortedVersionRecordsCache, pkg)) {
+      rec = self._sortedVersionRecordsCache[pkg].find(
                    function (r) {
                      return r.version === version;
                    });
@@ -84,7 +86,7 @@ CS.CatalogLoader.prototype.loadAllVersions = async function (pkg) {
   var self = this;
   var cache = self.catalogCache;
   var versionRecs = await self._getSortedVersionRecords(pkg);
-  _.each(versionRecs, function (rec) {
+  versionRecs.forEach(function (rec) {
     var version = rec.version;
     if (! cache.hasPackageVersion(pkg, version)) {
       var deps = convertDeps(rec.dependencies);
@@ -106,20 +108,20 @@ CS.CatalogLoader.prototype.loadAllVersionsRecursive = async function (packageLis
   var packagesEverEnqueued = {};
 
   var enqueue = function (pkg) {
-    if (! _.has(packagesEverEnqueued, pkg)) {
+    if (!has(packagesEverEnqueued, pkg)) {
       packagesEverEnqueued[pkg] = true;
       loadQueue.push(pkg);
     }
   };
 
-  _.each(packageList, enqueue);
+  packageList.forEach(enqueue);
 
   while (loadQueue.length) {
     var pkg = loadQueue.pop();
     await self.loadAllVersions(pkg);
-    _.each(self.catalogCache.getPackageVersions(pkg), function (v) {
+    self.catalogCache.getPackageVersions(pkg).forEach(function (v) {
       var depMap = self.catalogCache.getDependencyMap(pkg, v);
-      _.each(depMap, function (dep, package2) {
+      Object.entries(depMap).forEach(function ([package2, dep]) {
         enqueue(package2);
       });
     });

packages/constraint-solver/constraint-solver-input.js

@@ -1,3 +1,7 @@
+const has = require('lodash.has');
+const isEmpty = require('lodash.isempty');
+const isEqual = require('lodash.isequal');
+
 var PV = PackageVersion;
 var CS = ConstraintSolver;
 
@@ -18,7 +22,7 @@ CS.Input = function (dependencies, constraints, catalogCache, options) {
   // Convert them to our PackageConstraint class if necessary.  (This is
   // just top-level constraints from .meteor/packages or running from
   // checkout, so it's not a lot of data.)
-  constraints = _.map(constraints, function (c) {
+  constraints = constraints.map(function (c) {
     if (c instanceof PV.PackageConstraint) {
       return c;
     } else {
@@ -62,27 +66,27 @@ CS.Input = function (dependencies, constraints, catalogCache, options) {
     validatePackageName(packageName);
   });
   self.catalogCache.eachPackageVersion(function (packageName, depsMap) {
-    _.each(depsMap, function (deps, depPackageName) {
+    Object.entries(depsMap).forEach(function ([depPackageName, deps]) {
       validatePackageName(depPackageName);
     });
   });
 
-  _.each(self.dependencies, validatePackageName);
-  _.each(self.upgrade, validatePackageName);
-  _.each(self.constraints, function (c) {
+  self.dependencies.forEach(validatePackageName);
+  self.upgrade.forEach(validatePackageName);
+  self.constraints.forEach(function (c) {
     validatePackageName(c.package);
   });
   if (self.previousSolution) {
-    _.each(_.keys(self.previousSolution),
+    Object.keys(self.previousSolution).forEach(
            validatePackageName);
   }
 
   self._dependencySet = {}; // package name -> true
-  _.each(self.dependencies, function (d) {
+  self.dependencies.forEach(function (d) {
     self._dependencySet[d] = true;
   });
   self._upgradeSet = {};
-  _.each(self.upgrade, function (u) {
+  self.upgrade.forEach(function (u) {
     self._upgradeSet[u] = true;
   });
 };
@@ -107,33 +111,33 @@ CS.Input.prototype.isKnownPackage = function (p) {
 };
 
 CS.Input.prototype.isRootDependency = function (p) {
-  return _.has(this._dependencySet, p);
+  return has(this._dependencySet, p);
 };
 
 CS.Input.prototype.isUpgrading = function (p) {
-  return _.has(this._upgradeSet, p);
+  return has(this._upgradeSet, p);
 };
 
 CS.Input.prototype.isInPreviousSolution = function (p) {
-  return !! (this.previousSolution && _.has(this.previousSolution, p));
+  return !! (this.previousSolution && has(this.previousSolution, p));
 };
 
 function getMentionedPackages(input) {
   var packages = {}; // package -> true
 
-  _.each(input.dependencies, function (pkg) {
+  input.dependencies.forEach(function (pkg) {
     packages[pkg] = true;
   });
-  _.each(input.constraints, function (constraint) {
+  input.constraints.forEach(function (constraint) {
     packages[constraint.package] = true;
   });
   if (input.previousSolution) {
-    _.each(input.previousSolution, function (version, pkg) {
+    Object.entries(input.previousSolution).forEach(function ([pkg, version]) {
       packages[pkg] = true;
     });
   }
 
-  return _.keys(packages);
+  return Object.keys(packages);
 }
 
 CS.Input.prototype.loadFromCatalog = async function (catalogLoader) {
@@ -170,7 +174,7 @@ CS.Input.prototype.isEqual = function (otherInput) {
   // the same input. So by omitting `catalogCache` we no longer need
   // to reload the entire relevant part of the catalog from SQLite on
   // every rebuild!
-  return _.isEqual(
+  return isEqual(
     a.toJSONable(true),
     b.toJSONable(true)
   );
@@ -180,7 +184,7 @@ CS.Input.prototype.toJSONable = function (omitCatalogCache) {
   var self = this;
   var obj = {
     dependencies: self.dependencies,
-    constraints: _.map(self.constraints, function (c) {
+    constraints: self.constraints.map(function (c) {
       return c.toString();
     })
   };
@@ -194,7 +198,7 @@ CS.Input.prototype.toJSONable = function (omitCatalogCache) {
   if (self.upgrade.length) {
     obj.upgrade = self.upgrade;
   }
-  if (! _.isEmpty(self.anticipatedPrereleases)) {
+  if (!isEmpty(self.anticipatedPrereleases)) {
     obj.anticipatedPrereleases = self.anticipatedPrereleases;
   }
   if (self.previousSolution !== null) {
@@ -225,7 +229,7 @@ CS.Input.fromJSONable = function (obj) {
 
   return new CS.Input(
     obj.dependencies,
-    _.map(obj.constraints, function (cstr) {
+    obj.constraints.map(function (cstr) {
       return PV.parsePackageConstraint(cstr);
     }),
     CS.CatalogCache.fromJSONable(obj.catalogCache),

packages/constraint-solver/constraint-solver-tests.js

@@ -1,16 +1,20 @@
+const has = Npm.require('lodash.has');
+const isString = Npm.require('lodash.isstring');
+const isEmpty = Npm.require('lodash.isempty');
+
 var PV = PackageVersion;
 var CS = ConstraintSolver;
 
 var makeResolver = function (data) {
   var Versions = new LocalCollection;
 
-  _.each(data, function (versionDescription) {
+  data.forEach(function (versionDescription) {
     var packageName = versionDescription.shift();
     var version = versionDescription.shift();
     var deps = versionDescription.shift();
-
     var constructedDeps = {};
-    _.each(deps, function (constraint, name) {
+    if (!isEmpty(deps)) {
+    Object.entries(deps).forEach(function ([name, constraint]) {
       constructedDeps[name] = {
         constraint: constraint,
         references: [
@@ -20,6 +24,7 @@ var makeResolver = function (data) {
         ]
       };
     });
+  }
     Versions.insert({ packageName: packageName, version: version,
                       dependencies: constructedDeps });
   });
@@ -73,8 +78,7 @@ var defaultResolver = makeResolver([
 // in the returned arrays.
 splitArgs = function (deps) {
   var dependencies = [], constraints = [];
-
-  _.each(deps, function (constr, dep) {
+  Object.entries(deps).forEach(function ([dep, constr]) {
     if (constr && constr.charAt(0) === 'w') {
       constr = constr.slice(1);
     } else {
@@ -89,7 +93,7 @@ splitArgs = function (deps) {
 
 var testWithResolver = async function (test, resolver, f) {
   var answerToString = function (answer) {
-    var pvs = _.map(answer, function (v, p) { return p + ' ' + v; });
+    var pvs = Object.keys(answer).map(function (p) { return p + ' ' + answer[p]; });
     return pvs.sort().join('\n');
   };
   var t = async function (deps, expected, options) {
@@ -306,7 +310,7 @@ Tinytest.addAsync("constraint solver - previousSolution", async function (test)
 
 Tinytest.addAsync("constraint solver - no constraint dependency - anything", async function (test) {
   var versions = (await defaultResolver.resolve(["sparkle"], [])).answer;
-  test.isTrue(_.isString(versions.sparkle));
+  test.isTrue(isString(versions.sparkle));
 });
 
 
@@ -333,9 +337,9 @@ Tinytest.add("constraint solver - input serialization", function (test) {
   test.equal(input1.upgradeIndirectDepPatchVersions, false);
 
   var obj1 = input1.toJSONable();
-  test.isFalse(_.has(obj1, 'upgrade'));
-  test.isFalse(_.has(obj1, 'anticipatedPrereleases'));
-  test.isFalse(_.has(obj1, 'previousSolution'));
+  test.isFalse(has(obj1, 'upgrade'));
+  test.isFalse(has(obj1, 'anticipatedPrereleases'));
+  test.isFalse(has(obj1, 'previousSolution'));
   var input2 = CS.Input.fromJSONable(obj1);
   var obj2 = input2.toJSONable();
 

packages/constraint-solver/constraint-solver.js

@@ -1,3 +1,5 @@
+const isEqual = require('lodash.isequal');
+
 var PV = PackageVersion;
 var CS = ConstraintSolver;
 
@@ -50,13 +52,17 @@ CS.PackagesResolver.prototype.resolve = async function (dependencies, constraint
   var Profile = (self._options.Profile || CS.DummyProfile);
 
   var input = await Profile.time("new CS.Input", function () {
+    const { upgrade,
+    anticipatedPrereleases,
+    previousSolution,
+    allowIncompatibleUpdate,
+    upgradeIndirectDepPatchVersions } = options;
     return new CS.Input(dependencies, constraints, self.catalogCache,
-                         _.pick(options,
-                                'upgrade',
-                                'anticipatedPrereleases',
-                                'previousSolution',
-                                'allowIncompatibleUpdate',
-                                'upgradeIndirectDepPatchVersions'));
+      { upgrade,
+        anticipatedPrereleases,
+        previousSolution,
+        allowIncompatibleUpdate,
+        upgradeIndirectDepPatchVersions });
   });
 
   // The constraint solver avoids re-solving everything from scratch on
@@ -78,14 +84,14 @@ CS.PackagesResolver.prototype.resolve = async function (dependencies, constraint
     resultCache = null;
   } else if (resultCache &&
              resultCache.lastInput &&
-             _.isEqual(resultCache.lastInput,
+             isEqual(resultCache.lastInput,
                        input.toJSONable(true))) {
     return resultCache.lastOutput;
   }
 
   if (options.supportedIsobuildFeaturePackages) {
-    _.each(options.supportedIsobuildFeaturePackages, function (versions, pkg) {
-      _.each(versions, function (version) {
+    Object.entries(options.supportedIsobuildFeaturePackages).forEach(function ([pkg, versions]) {
+      versions.forEach(function (version) {
         input.catalogCache.addPackageVersion(pkg, version, []);
       });
     });
@@ -100,7 +106,7 @@ CS.PackagesResolver.prototype.resolve = async function (dependencies, constraint
   if (options.previousSolution && options.missingPreviousVersionIsError) {
     // see comment where missingPreviousVersionIsError is passed in
     await Profile.time("check for previous versions in catalog", function () {
-      _.each(options.previousSolution, function (version, pkg) {
+      Object.entries(options.previousSolution).forEach(function ([pkg, version]) {
         if (! input.catalogCache.hasPackageVersion(pkg, version)) {
           CS.throwConstraintSolverError(
             "Package version not in catalog: " + pkg + " " + version);
@@ -196,7 +202,7 @@ CS.PackagesResolver._resolveWithInput = async function (input, options) {
 //   with an `alternatives` property lifted from one.
 // - version: version String
 CS.isConstraintSatisfied = function (pkg, vConstraint, version) {
-  return _.some(vConstraint.alternatives, function (simpleConstraint) {
+  return vConstraint.alternatives.some(function (simpleConstraint) {
     var type = simpleConstraint.type;
 
     if (type === "any-reasonable") {

packages/constraint-solver/datatypes-tests.js

@@ -2,7 +2,7 @@ var PV = PackageVersion;
 var CS = ConstraintSolver;
 
 Tinytest.add("constraint solver - datatypes - Dependency", function (test) {
-  _.each(["foo", "foo@1.0.0"], function (foo) {
+  ["foo", "foo@1.0.0"].forEach(function (foo) {
     var d1 = new CS.Dependency(PV.parsePackageConstraint(foo));
     test.equal(d1.packageConstraint.toString(), foo);
     test.equal(d1.isWeak, false);

packages/constraint-solver/input-tests.js

@@ -12,7 +12,7 @@ var CS = ConstraintSolver;
 // in that order.  If that's not true, these tests will break.
 var sortKeys = function (obj) {
   var result = {};
-  _.each(_.keys(obj).sort(), function (k) {
+  Object.keys(obj).sort().forEach(function (k) {
     result[k] = obj[k];
   });
   return result;
@@ -22,7 +22,7 @@ var formatSolution = function (obj) {
   // results into tests.
   return JSON.stringify({
     answer: sortKeys(obj.answer),
-    allAnswers: obj.allAnswers && _.map(obj.allAnswers, sortKeys),
+    allAnswers: obj.allAnswers && obj.allAnswers.map(sortKeys),
     neededToUseUnanticipatedPrereleases: obj.neededToUseUnanticipatedPrereleases
   }, null, 2);
 };
@@ -36,7 +36,7 @@ var doTest = async function (test, inputJSONable, outputJSONable, options) {
   }
 
   if (typeof outputJSONable.neededToUseUnanticipatedPrereleases !== 'boolean') {
-    outputJSONable = _.extend(outputJSONable, {
+    outputJSONable = Object.assign(outputJSONable, {
       neededToUseUnanticipatedPrereleases: (
         !! outputJSONable.neededToUseUnanticipatedPrereleases)
     });

packages/constraint-solver/package.js

@@ -3,10 +3,21 @@ Package.describe({
   version: '2.0.0-alpha300.19',
 });
 
+Npm.depends({
+  'lodash.has': '4.5.2',
+  'lodash.memoize': '4.1.2',
+  'lodash.isequal': '4.5.0',
+  'lodash.isempty': '4.4.0',
+  'lodash.zip': '4.2.0',
+  'lodash.groupby': '4.6.0',
+  'lodash.isstring': '4.0.1',
+  'lodash.isobject': '3.0.2'
+});
+
 Package.onUse(function (api) {
   api.export('ConstraintSolver');
   api.use([
-    'underscore',
+    'ecmascript',
     'check',
     'package-version-parser',
     'logic-solver'
@@ -27,7 +38,6 @@ Package.onTest(function (api) {
     'tinytest',
     'minimongo',
     'package-version-parser',
-    'underscore',
     'check'
   ]);
 

packages/constraint-solver/solver.js

@@ -1,3 +1,8 @@
+const groupBy = require('lodash.groupby');
+const has = require('lodash.has');
+const memoize = require('lodash.memoize');
+const zip = require('lodash.zip');
+
 var CS = ConstraintSolver;
 var PV = PackageVersion;
 
@@ -16,10 +21,10 @@ CS.Solver = function (input, options) {
   self.errors = []; // [String]
 
   self.pricer = new CS.VersionPricer();
-  self.getConstraintFormula = _.memoize(_getConstraintFormula,
-                                         function (p, vConstraint) {
-                                           return p + "@" + vConstraint.raw;
-                                         });
+  self.getConstraintFormula = memoize(_getConstraintFormula,
+    function (p, vConstraint) {
+      return p + "@" + vConstraint.raw;
+    });
 
   self.options = options || {};
   self.Profile = (self.options.Profile || CS.DummyProfile);
@@ -41,7 +46,7 @@ CS.Solver.prototype.init = async function() {
 
 CS.Solver.prototype.throwAnyErrors = function () {
   if (this.errors.length) {
-    var multiline = _.any(this.errors, function (e) {
+    var multiline = this.errors.some(function (e) {
       return /\n/.test(e);
     });
     CS.throwConstraintSolverError(this.errors.join(
@@ -51,7 +56,7 @@ CS.Solver.prototype.throwAnyErrors = function () {
 
 CS.Solver.prototype.getVersions = function (pkg) {
   var self = this;
-  if (_.has(self.analysis.allowedVersions, pkg)) {
+  if (has(self.analysis.allowedVersions, pkg)) {
     return self.analysis.allowedVersions[pkg];
   } else {
     return self.input.catalogCache.getPackageVersions(pkg);
@@ -94,20 +99,20 @@ CS.Solver.prototype.analyze = async function () {
   // track such packages in packagesWithNoAllowedVersions so that we
   // throw a good error later.
   await Profile.time("analyze allowed versions", function () {
-    _.each(_.groupBy(input.constraints, 'package'), function (cs, p) {
+    Object.entries(groupBy(input.constraints, 'package')).forEach(function ([p, cs]) {
       var versions = cache.getPackageVersions(p);
-      if (! versions.length) {
+      if (!versions.length) {
         // deal with wholly unknown packages later
         return;
       }
-      _.each(cs, function (constr) {
-        versions = _.filter(versions, function (v) {
+      cs.forEach(function (constr) {
+        versions = versions.filter(function (v) {
           return CS.isConstraintSatisfied(p, constr.versionConstraint, v);
         });
       });
-      if (! versions.length) {
-        analysis.packagesWithNoAllowedVersions[p] = _.filter(cs, function (c) {
-          return !! c.constraintString;
+      if (!versions.length) {
+        analysis.packagesWithNoAllowedVersions[p] = cs.filter(function (c) {
+          return !!c.constraintString;
         });
       }
       analysis.allowedVersions[p] = versions;
@@ -122,11 +127,11 @@ CS.Solver.prototype.analyze = async function () {
   analysis.previousRootDepVersions = [];
 
   await Profile.time("analyze root dependencies", function () {
-    _.each(input.dependencies, function (p) {
-      if (! input.isKnownPackage(p)) {
+    input.dependencies.forEach(function (p) {
+      if (!input.isKnownPackage(p)) {
         analysis.unknownRootDeps.push(p);
       } else if (input.isInPreviousSolution(p) &&
-                 ! input.isUpgrading(p)) {
+        !input.isUpgrading(p)) {
         analysis.previousRootDepVersions.push(new CS.PackageAndVersion(
           p, input.previousSolution[p]));
       }
@@ -134,7 +139,7 @@ CS.Solver.prototype.analyze = async function () {
 
     // throw if there are unknown packages in root deps
     if (analysis.unknownRootDeps.length) {
-      _.each(analysis.unknownRootDeps, function (p) {
+      analysis.unknownRootDeps.forEach(function (p) {
         if (CS.isIsobuildFeaturePackage(p)) {
           self.errors.push(
             'unsupported Isobuild feature "' + p +
@@ -175,21 +180,21 @@ CS.Solver.prototype.analyze = async function () {
   var markReachable = function (p) {
     analysis.reachablePackages[p] = true;
 
-    _.each(self.getVersions(p), function (v) {
-      _.each(cache.getDependencyMap(p, v), function (dep) {
+    self.getVersions(p).forEach(function (v) {
+      Object.values(cache.getDependencyMap(p, v)).forEach(function (dep) {
         // `dep` is a CS.Dependency
         var p2 = dep.packageConstraint.package;
-        if (! input.isKnownPackage(p2)) {
+        if (!input.isKnownPackage(p2)) {
           // record this package so we will generate a variable
           // for it.  we'll try not to select it, and ultimately
           // throw an error if we are forced to.
-          if (! _.has(analysis.unknownPackages, p2)) {
+          if (!has(analysis.unknownPackages, p2)) {
             analysis.unknownPackages[p2] = [];
           }
           analysis.unknownPackages[p2].push(pvVar(p, v));
         } else {
-          if (! dep.isWeak) {
-            if (! _.has(analysis.reachablePackages, p2)) {
+          if (!dep.isWeak) {
+            if (!has(analysis.reachablePackages, p2)) {
               markReachable(p2);
             }
           }
@@ -199,7 +204,7 @@ CS.Solver.prototype.analyze = async function () {
   };
 
   await Profile.time("analyze reachability", function () {
-    _.each(input.dependencies, markReachable);
+    input.dependencies.forEach(markReachable);
   });
 
   ////////// ANALYZE CONSTRAINTS
@@ -221,9 +226,9 @@ CS.Solver.prototype.analyze = async function () {
     // version constraints is a power-tool that should be used sparingly
     // by application developers, and never abused by package authors.
     var overrides = new Set;
-    _.each(input.constraints, function (c) {
+    input.constraints.forEach(function (c) {
       if (c.constraintString &&
-          c.versionConstraint.override) {
+        c.versionConstraint.override) {
         overrides.add(c.package);
       }
     });
@@ -264,28 +269,28 @@ CS.Solver.prototype.analyze = async function () {
     }
 
     // top-level constraints
-    _.each(input.constraints, function (c) {
+    input.constraints.forEach(function (c) {
       if (c.constraintString) {
         analysis.constraints.push(new CS.Solver.Constraint(
           null, c.package, getVersionConstraint(c),
           "constraint#" + analysis.constraints.length));
 
         if (c.versionConstraint.alternatives.length === 1 &&
-            c.versionConstraint.alternatives[0].type === 'exactly') {
+          c.versionConstraint.alternatives[0].type === 'exactly') {
           analysis.topLevelEqualityConstrainedPackages[c.package] = true;
         }
       }
     });
 
     // constraints specified in package dependencies
-    _.each(_.keys(analysis.reachablePackages), function (p) {
-      _.each(self.getVersions(p), function (v) {
+    Object.keys(analysis.reachablePackages).forEach(function (p) {
+      self.getVersions(p).forEach(function (v) {
         var pv = pvVar(p, v);
-        _.each(cache.getDependencyMap(p, v), function (dep) {
+        Object.values(cache.getDependencyMap(p, v)).forEach(function (dep) {
           // `dep` is a CS.Dependency
           var p2 = dep.packageConstraint.package;
           if (input.isKnownPackage(p2) &&
-              dep.packageConstraint.constraintString) {
+            dep.packageConstraint.constraintString) {
             analysis.constraints.push(new CS.Solver.Constraint(
               pv, p2, getVersionConstraint(dep.packageConstraint),
               "constraint#" + analysis.constraints.length));
@@ -299,11 +304,11 @@ CS.Solver.prototype.analyze = async function () {
 
   await Profile.time("analyze pre-releases", function () {
     var unanticipatedPrereleases = [];
-    _.each(_.keys(analysis.reachablePackages), function (p) {
+    Object.keys(analysis.reachablePackages).forEach(function (p) {
       var anticipatedPrereleases = input.anticipatedPrereleases[p];
-      _.each(self.getVersions(p), function (v) {
-        if (/-/.test(v) && ! (anticipatedPrereleases &&
-                              _.has(anticipatedPrereleases, v))) {
+      self.getVersions(p).forEach(function (v) {
+        if (/-/.test(v) && !(anticipatedPrereleases &&
+          has(anticipatedPrereleases, v))) {
           unanticipatedPrereleases.push(pvVar(p, v));
         }
       });
@@ -361,7 +366,7 @@ CS.Solver.Step.prototype.addTerm = function (term, weight) {
     if (typeof this.weights === 'number') {
       if (weight !== this.weights) {
         throw new Error("Can't specify a different weight now: " +
-                        weight + " != " + this.weights);
+          weight + " != " + this.weights);
       }
     } else {
       this.weights.push(weight);
@@ -378,7 +383,7 @@ var DEBUG = false;
 CS.Solver.prototype.minimize = async function (step, options) {
   var self = this;
 
-  if (_.isArray(step)) {
+  if (Array.isArray(step)) {
     // minimize([steps...], options)
     for (const st of step) {
       await self.minimize(st, options)
@@ -393,7 +398,7 @@ CS.Solver.prototype.minimize = async function (step, options) {
     var costWeights_ = arguments[2];
     var options_ = arguments[3];
     if (costWeights_ && typeof costWeights_ === 'object' &&
-        ! _.isArray(costWeights_)) {
+      !Array.isArray(costWeights_)) {
       options_ = costWeights_;
       costWeights_ = null;
     }
@@ -423,29 +428,29 @@ CS.Solver.prototype.minimize = async function (step, options) {
 
     self.setSolution(await logic.minimizeWeightedSum(
       self.solution, optimized.costTerms, optimized.costWeights, {
-        progress: async function (status, cost) {
+      progress: async function (status, cost) {
           if (self.options.yield) {
-            await self.options.yield();
+          await self.options.yield();
+        }
+        if (DEBUG) {
+          if (status === 'improving') {
+            console.log(cost + " ... trying to improve ...");
+          } else if (status === 'trying') {
+            console.log("... trying " + cost + " ... ");
           }
-          if (DEBUG) {
-            if (status === 'improving') {
-              console.log(cost + " ... trying to improve ...");
-            } else if (status === 'trying') {
-              console.log("... trying " + cost + " ... ");
-            }
-          }
-        },
-        strategy: (options && options.strategy)
-      }));
+        }
+      },
+      strategy: (options && options.strategy)
+    }));
 
     step.optimum = self.solution.getWeightedSum(costTerms, costWeights);
     if (DEBUG) {
       console.log(step.optimum + " is optimal");
 
       if (step.optimum) {
-        _.each(costTerms, function (t, i) {
+        costTerms.forEach(function (t, i) {
           var w = (typeof costWeights === 'number' ? costWeights :
-                   costWeights[i]);
+            costWeights[i]);
           if (w && self.solution.evaluate(t)) {
             console.log("    " + w + ": " + t);
           }
@@ -478,32 +483,38 @@ var groupMutuallyExclusiveTerms = function (costTerms, costWeights) {
   // first space.  So "foo 1.0.0" becomes "foo " and "foo" stays "foo".
   var getTermKey = function (t) {
     var firstSpace = t.indexOf(' ');
-    return firstSpace < 0 ? t : t.slice(0, firstSpace+1);
+    return firstSpace < 0 ? t : t.slice(0, firstSpace + 1);
   };
 
   // costWeights, as usual, may be a number or an array
   if (typeof costWeights === 'number') {
     return {
-      costTerms: _.map(_.groupBy(costTerms, getTermKey), function (group) {
+      costTerms: Object.values(groupBy(costTerms, getTermKey)).map(function (group) {
         return Logic.or(group);
       }),
       costWeights: costWeights
     };
-  } else if (! costTerms.length) {
+  } else if (!costTerms.length) {
     return { costTerms: costTerms, costWeights: costWeights };
   } else {
-    var weightedTerms = _.zip(costWeights, costTerms);
-    var newWeightedTerms = _.map(_.groupBy(weightedTerms, function (wt) {
+    var weightedTerms = zip(costWeights, costTerms);
+    var newWeightedTerms = Object.values(groupBy(weightedTerms, function (wt) {
       // construct a string from the weight and term key, for grouping
       // purposes.  since the weight comes first, there's no ambiguity
       // and the separator char could be pretty much anything.
       return wt[0] + ' ' + getTermKey(wt[1]);
-    }), function (wts) {
-      return [wts[0][0], Logic.or(_.pluck(wts, 1))];
+    })).map(function (wts) {
+      return [wts[0][0], Logic.or(wts.map(function(x){
+        return x[1]
+      }))];
     });
     return {
-      costTerms: _.pluck(newWeightedTerms, 1),
-      costWeights: _.pluck(newWeightedTerms, 0)
+      costTerms: newWeightedTerms.map(function(x){
+        return x[1]
+      }),
+      costWeights: newWeightedTerms.map(function(x){
+        return x[0]
+      })
     };
   }
 
@@ -517,7 +528,7 @@ CS.Solver.prototype.getStepContributions = function (step) {
   var solution = self.solution;
   var contributions = {};
   var weights = step.weights;
-  _.each(step.terms, function (t, i) {
+  step.terms.forEach(function (t, i) {
     var w = (typeof weights === 'number' ? weights : weights[i]);
     if (w && self.solution.evaluate(t)) {
       contributions[t] = w;
@@ -527,7 +538,7 @@ CS.Solver.prototype.getStepContributions = function (step) {
 };
 
 var addCostsToSteps = function (pkg, versions, costs, steps) {
-  var pvs = _.map(versions, function (v) {
+  var pvs = versions.map(function (v) {
     return pvVar(pkg, v);
   });
   for (var j = 0; j < steps.length; j++) {
@@ -550,7 +561,7 @@ var addCostsToSteps = function (pkg, versions, costs, steps) {
 // the cost of every version of every package.  This function iterates
 // over `packages` and puts the result into `Step` objects.
 CS.Solver.prototype.getVersionCostSteps = async function (stepBaseName, packages,
-                                                    pricerMode) {
+  pricerMode) {
   var self = this;
   var major = new CS.Solver.Step(stepBaseName + '_major');
   var minor = new CS.Solver.Step(stepBaseName + '_minor');
@@ -560,7 +571,7 @@ CS.Solver.prototype.getVersionCostSteps = async function (stepBaseName, packages
   await self.Profile.time(
     "calculate " + stepBaseName + " version costs",
     function () {
-      _.each(packages, function (p) {
+      packages.forEach(function (p) {
         var versions = self.getVersions(p);
         if (versions.length >= 2) {
           var costs = self.pricer.priceVersions(versions, pricerMode);
@@ -578,8 +589,8 @@ CS.Solver.prototype.getVersionCostSteps = async function (stepBaseName, packages
 // as `packageAndVersion`.  (Actually it's a complicated function of the
 // previous and new version.)
 CS.Solver.prototype.getVersionDistanceSteps = async function (stepBaseName,
-                                                        packageAndVersions,
-                                                        takePatches) {
+  packageAndVersions,
+  takePatches) {
   var self = this;
 
   var incompat = new CS.Solver.Step(stepBaseName + '_incompat');
@@ -591,7 +602,7 @@ CS.Solver.prototype.getVersionDistanceSteps = async function (stepBaseName,
   await self.Profile.time(
     "calculate " + stepBaseName + " distance costs",
     function () {
-      _.each(packageAndVersions, function (pvArg) {
+      packageAndVersions.forEach(function (pvArg) {
         var pkg = pvArg.package;
         var previousVersion = pvArg.version;
         var versions = self.getVersions(pkg);
@@ -599,7 +610,7 @@ CS.Solver.prototype.getVersionDistanceSteps = async function (stepBaseName,
           var costs = self.pricer.priceVersionsWithPrevious(
             versions, previousVersion, takePatches);
           addCostsToSteps(pkg, versions, costs,
-                          [incompat, major, minor, patch, rest]);
+            [incompat, major, minor, patch, rest]);
         }
       });
     });
@@ -610,7 +621,7 @@ CS.Solver.prototype.getVersionDistanceSteps = async function (stepBaseName,
 CS.Solver.prototype.currentVersionMap = function () {
   var self = this;
   var pvs = [];
-  _.each(self.solution.getTrueVars(), function (x) {
+  self.solution.getTrueVars().forEach(function (x) {
     if (x.indexOf(' ') >= 0) {
       // all variables with spaces in them are PackageAndVersions
       var pv = CS.PackageAndVersion.fromString(x);
@@ -619,11 +630,11 @@ CS.Solver.prototype.currentVersionMap = function () {
   });
 
   var versionMap = {};
-  _.each(pvs, function (pv) {
-    if (_.has(versionMap, pv.package)) {
+  pvs.forEach(function (pv) {
+    if (has(versionMap, pv.package)) {
       throw new Error("Assertion failure: Selected two versions of " +
-                      pv.package + ", " +versionMap[pv.package] +
-                      " and " + pv.version);
+        pv.package + ", " + versionMap[pv.package] +
+        " and " + pv.version);
     }
     versionMap[pv.package] = pv.version;
   });
@@ -636,7 +647,7 @@ CS.Solver.prototype.currentVersionMap = function () {
 CS.Solver.prototype.setSolution = function (solution) {
   var self = this;
   self.solution = solution;
-  if (! self.solution) {
+  if (!self.solution) {
     throw new Error("Unexpected unsatisfiability");
   }
   // When we query a Solution, we always want to treat unknown variables
@@ -676,19 +687,19 @@ CS.Solver.prototype._getAnswer = async function (options) {
 
   // require root dependencies
   await Profile.time("require root dependencies", function () {
-    _.each(input.dependencies, function (p) {
+    input.dependencies.forEach(function (p) {
       logic.require(p);
     });
   });
 
   // generate package version variables for known, reachable packages
   await Profile.time("generate package variables", function () {
-    _.each(_.keys(analysis.reachablePackages), function (p) {
-      if (! _.has(analysis.packagesWithNoAllowedVersions, p)) {
-        var versionVars = _.map(self.getVersions(p),
-                                function (v) {
-                                  return pvVar(p, v);
-                                });
+    Object.keys(analysis.reachablePackages).forEach(function (p) {
+      if (!has(analysis.packagesWithNoAllowedVersions, p)) {
+        var versionVars = self.getVersions(p).map(
+          function (v) {
+            return pvVar(p, v);
+          });
         // At most one of ["foo 1.0.0", "foo 1.0.1", ...] is true.
         logic.require(Logic.atMostOne(versionVars));
         // The variable "foo" is true if and only if at least one of the
@@ -700,11 +711,11 @@ CS.Solver.prototype._getAnswer = async function (options) {
 
   // generate strong dependency requirements
   await Profile.time("generate dependency requirements", function () {
-    _.each(_.keys(analysis.reachablePackages), function (p) {
-      _.each(self.getVersions(p), function (v) {
-        _.each(cache.getDependencyMap(p, v), function (dep) {
+    Object.keys(analysis.reachablePackages).forEach(function (p) {
+      self.getVersions(p).forEach(function (v) {
+        Object.values(cache.getDependencyMap(p, v)).forEach(function (dep) {
           // `dep` is a CS.Dependency
-          if (! dep.isWeak) {
+          if (!dep.isWeak) {
             var p2 = dep.packageConstraint.package;
             logic.require(Logic.implies(pvVar(p, v), p2));
           }
@@ -716,7 +727,7 @@ CS.Solver.prototype._getAnswer = async function (options) {
   // generate constraints -- but technically don't enforce them, because
   // we haven't forced the conflictVars to be false
   await Profile.time("generate constraints", function () {
-    _.each(analysis.constraints, function (c) {
+    analysis.constraints.forEach(function (c) {
       // We logically require that EITHER a constraint is marked as a
       // conflict OR it comes from a package version that is not selected
       // OR its constraint formula must be true.
@@ -724,8 +735,8 @@ CS.Solver.prototype._getAnswer = async function (options) {
       // then a version of it that satisfies our constraint must be true.)
       logic.require(
         Logic.or(c.conflictVar,
-                 c.fromVar ? Logic.not(c.fromVar) : [],
-                 self.getConstraintFormula(c.toPackage, c.vConstraint)));
+          c.fromVar ? Logic.not(c.fromVar) : [],
+          self.getConstraintFormula(c.toPackage, c.vConstraint)));
     });
   });
 
@@ -767,9 +778,9 @@ CS.Solver.prototype._getAnswer = async function (options) {
       } else {
         var error =
           'No version of ' + p + ' satisfies all constraints: ' +
-            _.map(constrs, function (constr) {
-              return '@' + constr.constraintString;
-            }).join(', ');
+          constrs.map(function (constr) {
+            return '@' + constr.constraintString;
+          }).join(', ');
         error += '\n' + self.listConstraintsOnPackage(p);
         self.errors.push(error);
       }
@@ -781,7 +792,7 @@ CS.Solver.prototype._getAnswer = async function (options) {
   // than 0, we'll throw an error later, after we apply the constraints
   // and the cost function, so that we can explain the problem to the
   // user in a convincing way.
-  await self.minimize('unknown_packages', _.keys(analysis.unknownPackages));
+  await self.minimize('unknown_packages', Object.keys(analysis.unknownPackages));
 
   // try not to set the conflictVar on any constraint.  If the minimum
   // is greater than 0, we'll throw an error later, after we've run the
@@ -789,12 +800,14 @@ CS.Solver.prototype._getAnswer = async function (options) {
   // If there are conflicts, this minimization can be time-consuming
   // (several seconds or more).  The strategy 'bottom-up' helps by
   // looking for solutions with few conflicts first.
-  await self.minimize('conflicts', _.pluck(analysis.constraints, 'conflictVar'),
-                { strategy: 'bottom-up' });
+  await self.minimize('conflicts', analysis.constraints.map(function (constraint) {
+    return constraint.conflictVar
+  }),
+    { strategy: 'bottom-up' });
 
   // Try not to use "unanticipated" prerelease versions
   await self.minimize('unanticipated_prereleases',
-                analysis.unanticipatedPrereleases);
+    analysis.unanticipatedPrereleases);
 
   var previousRootSteps = await self.getVersionDistanceSteps(
     'previous_root', analysis.previousRootDepVersions);
@@ -803,25 +816,25 @@ CS.Solver.prototype._getAnswer = async function (options) {
   // the "previous_root_major", "previous_root_minor", etc. steps
   var previousRootVersionParts = previousRootSteps.slice(1);
 
-  var toUpdate = _.filter(input.upgrade, function (p) {
+  var toUpdate = input.upgrade.filter(function (p) {
     return analysis.reachablePackages[p] === true;
   });
 
   // make sure packages that are being updated can still count as
   // a previous_root for the purposes of previous_root_incompat
   await Profile.time("add terms to previous_root_incompat", function () {
-    _.each(toUpdate, function (p) {
+    toUpdate.forEach(function (p) {
       if (input.isRootDependency(p) && input.isInPreviousSolution(p)) {
         var parts = self.pricer.partitionVersions(
           self.getVersions(p), input.previousSolution[p]);
-        _.each(parts.older.concat(parts.higherMajor), function (v) {
+        parts.older.concat(parts.higherMajor).forEach(function (v) {
           previousRootIncompat.addTerm(pvVar(p, v), 1);
         });
       }
     });
   });
 
-  if (! input.allowIncompatibleUpdate) {
+  if (!input.allowIncompatibleUpdate) {
     // Enforce that we don't make breaking changes to your root dependencies,
     // unless you pass --allow-incompatible-update.  It will actually be enforced
     // farther down, but for now, we want to apply this constraint before handling
@@ -841,20 +854,20 @@ CS.Solver.prototype._getAnswer = async function (options) {
 
   await self.minimize(previousRootVersionParts);
 
-  var otherPrevious = _.filter(_.map(input.previousSolution, function (v, p) {
+  var otherPrevious = Object.entries(input.previousSolution || []).map(function ([p, v]) {
     return new CS.PackageAndVersion(p, v);
-  }), function (pv) {
+  }).filter(function (pv) {
     var p = pv.package;
     return analysis.reachablePackages[p] === true &&
-      ! input.isRootDependency(p);
+      !input.isRootDependency(p);
   });
 
   await self.minimize(await self.getVersionDistanceSteps(
     'previous_indirect', otherPrevious,
     input.upgradeIndirectDepPatchVersions));
 
-  var newRootDeps = _.filter(input.dependencies, function (p) {
-    return ! input.isInPreviousSolution(p);
+  var newRootDeps = input.dependencies.filter(function (p) {
+    return !input.isInPreviousSolution(p);
   });
 
   await self.minimize(await self.getVersionCostSteps(
@@ -881,10 +894,10 @@ CS.Solver.prototype._getAnswer = async function (options) {
   // signal.  In other words, the user might be better off with some tie-breaker
   // that looks only at the important packages anyway.
   await Profile.time("lock down important versions", function () {
-    _.each(self.currentVersionMap(), function (v, pkg) {
+    Object.entries(self.currentVersionMap()).forEach(function ([pkg, v]) {
       if (input.isRootDependency(pkg) ||
-          input.isInPreviousSolution(pkg) ||
-          input.isUpgrading(pkg)) {
+        input.isInPreviousSolution(pkg) ||
+        input.isUpgrading(pkg)) {
         logic.require(Logic.implies(pkg, pvVar(pkg, v)));
       }
     });
@@ -892,10 +905,10 @@ CS.Solver.prototype._getAnswer = async function (options) {
 
   // new, indirect packages are the lowest priority
   var otherPackages = [];
-  _.each(_.keys(analysis.reachablePackages), function (p) {
-    if (! (input.isRootDependency(p) ||
-           input.isInPreviousSolution(p) ||
-           input.isUpgrading(p))) {
+  Object.keys(analysis.reachablePackages).forEach(function (p) {
+    if (!(input.isRootDependency(p) ||
+      input.isInPreviousSolution(p) ||
+      input.isUpgrading(p))) {
       otherPackages.push(p);
     }
   });
@@ -904,17 +917,17 @@ CS.Solver.prototype._getAnswer = async function (options) {
     'new_indirect', otherPackages,
     CS.VersionPricer.MODE_GRAVITY_WITH_PATCHES));
 
-  await self.minimize('total_packages', _.keys(analysis.reachablePackages));
+  await self.minimize('total_packages', Object.keys(analysis.reachablePackages));
 
   // throw errors about unknown packages
   if (self.stepsByName['unknown_packages'].optimum > 0) {
     await Profile.time("generate error for unknown packages", function () {
-      var unknownPackages = _.keys(analysis.unknownPackages);
-      var unknownPackagesNeeded = _.filter(unknownPackages, function (p) {
+      var unknownPackages = Object.keys(analysis.unknownPackages);
+      var unknownPackagesNeeded = unknownPackages.filter(function (p) {
         return self.solution.evaluate(p);
       });
-      _.each(unknownPackagesNeeded, function (p) {
-        var requirers = _.filter(analysis.unknownPackages[p], function (pv) {
+      unknownPackagesNeeded.forEach(function (p) {
+        var requirers = analysis.unknownPackages[p].filter(function (pv) {
           return self.solution.evaluate(pv);
         });
         var errorStr;
@@ -925,7 +938,7 @@ CS.Solver.prototype._getAnswer = async function (options) {
         } else {
           errorStr = 'unknown package: ' + p;
         }
-        _.each(requirers, function (pv) {
+        requirers.forEach(function (pv) {
           errorStr += '\nRequired by: ' + pv;
         });
         self.errors.push(errorStr);
@@ -939,36 +952,36 @@ CS.Solver.prototype._getAnswer = async function (options) {
     await self.throwConflicts();
   }
 
-  if ((! input.allowIncompatibleUpdate) &&
-      self.stepsByName['previous_root_incompat'].optimum > 0) {
+  if ((!input.allowIncompatibleUpdate) &&
+    self.stepsByName['previous_root_incompat'].optimum > 0) {
     // we have some "incompatible root changes", where we needed to change a
     // version of a root dependency to a new version incompatible with the
     // original, but --allow-incompatible-update hasn't been passed in.
     // these are in the form of PackageAndVersion strings that we need.
-    var incompatRootChanges = _.keys(self.getStepContributions(
+    var incompatRootChanges = Object.keys(self.getStepContributions(
       self.stepsByName['previous_root_incompat']));
 
     await Profile.time("generate errors for incompatible root change", function () {
       var numActualErrors = 0;
-      _.each(incompatRootChanges, function (pvStr) {
+      incompatRootChanges.forEach(function (pvStr) {
         var pv = CS.PackageAndVersion.fromString(pvStr);
         // exclude packages with top-level equality constraints (added by user
         // or by the tool pinning a version)
-        if (! _.has(analysis.topLevelEqualityConstrainedPackages, pv.package)) {
+        if (!has(analysis.topLevelEqualityConstrainedPackages, pv.package)) {
           var prevVersion = input.previousSolution[pv.package];
           self.errors.push(
             'Potentially incompatible change required to ' +
-              'top-level dependency: ' +
-              pvStr + ', was ' + prevVersion + '.\n' +
-              self.listConstraintsOnPackage(pv.package));
+            'top-level dependency: ' +
+            pvStr + ', was ' + prevVersion + '.\n' +
+            self.listConstraintsOnPackage(pv.package));
           numActualErrors++;
         }
       });
       if (numActualErrors) {
         self.errors.push(
           'To allow potentially incompatible changes to top-level ' +
-            'dependencies, you must pass --allow-incompatible-update ' +
-            'on the command line.');
+          'dependencies, you must pass --allow-incompatible-update ' +
+          'on the command line.');
       }
     });
     self.throwAnyErrors();
@@ -1006,13 +1019,13 @@ CS.Solver.prototype._getAnswer = async function (options) {
 
 // Get a list of package-version variables that satisfy a given constraint.
 var getOkVersions = function (toPackage, vConstraint, targetVersions) {
-  return _.compact(_.map(targetVersions, function (v) {
+  return (targetVersions.map(function (v) {
     if (CS.isConstraintSatisfied(toPackage, vConstraint, v)) {
       return pvVar(toPackage, v);
     } else {
       return null;
     }
-  }));
+  })).filter(Boolean);
 };
 
 // The CS.Solver constructor turns this into a memoized method.
@@ -1036,7 +1049,7 @@ CS.Solver.prototype.listConstraintsOnPackage = function (pkg) {
 
   var result = 'Constraints on package "' + pkg + '":';
 
-  _.each(constraints, function (c) {
+  constraints.forEach(function (c) {
     if (c.toPackage === pkg) {
       var paths;
       if (c.fromVar) {
@@ -1045,7 +1058,7 @@ CS.Solver.prototype.listConstraintsOnPackage = function (pkg) {
       } else {
         paths = [['top level']];
       }
-      _.each(paths, function (path) {
+      paths.forEach(function (path) {
         result += '\n* ' + (new PV.PackageConstraint(
           pkg, c.vConstraint.raw)) + ' <- ' + path.join(' <- ');
       });
@@ -1062,15 +1075,15 @@ CS.Solver.prototype.throwConflicts = async function () {
   var constraints = self.analysis.constraints;
 
   await self.Profile.time("generate error about conflicts", function () {
-    _.each(constraints, function (c) {
+    constraints.forEach(function (c) {
       // c is a CS.Solver.Constraint
       if (solution.evaluate(c.conflictVar)) {
         // skipped this constraint
         var possibleVersions = self.getVersions(c.toPackage);
-        var chosenVersion = _.find(possibleVersions, function (v) {
+        var chosenVersion = possibleVersions.find(function (v) {
           return solution.evaluate(pvVar(c.toPackage, v));
         });
-        if (! chosenVersion) {
+        if (!chosenVersion) {
           // this can't happen, because for a constraint to be a problem,
           // we must have chosen some version of the package it applies to!
           throw new Error("Internal error: Version not found");
@@ -1078,7 +1091,7 @@ CS.Solver.prototype.throwConflicts = async function () {
         var error = (
           'Conflict: Constraint ' + (new PV.PackageConstraint(
             c.toPackage, c.vConstraint)) +
-            ' is not satisfied by ' + c.toPackage + ' ' + chosenVersion + '.');
+          ' is not satisfied by ' + c.toPackage + ' ' + chosenVersion + '.');
 
         error += '\n' + self.listConstraintsOnPackage(c.toPackage);
 
@@ -1117,12 +1130,12 @@ CS.Solver.prototype.getPathsToPackageVersion = function (packageAndVersion) {
   var versionMap = self.currentVersionMap();
   var hasDep = function (p1, p2) {
     // Include weak dependencies, because their constraints matter.
-    return _.has(cache.getDependencyMap(p1, versionMap[p1]), p2);
+    return has(cache.getDependencyMap(p1, versionMap[p1]), p2);
   };
-  var allPackages = _.keys(versionMap);
+  var allPackages = Object.keys(versionMap);
 
   var getPaths = function (pv, _ignorePackageSet) {
-    if (! solution.evaluate(pv.toString())) {
+    if (!solution.evaluate(pv.toString())) {
       return [];
     }
     var pkg = pv.package;
@@ -1131,20 +1144,20 @@ CS.Solver.prototype.getPathsToPackageVersion = function (packageAndVersion) {
       return [[pv]];
     }
 
-    var newIgnorePackageSet = _.clone(_ignorePackageSet);
+    var newIgnorePackageSet = Object.assign({}, _ignorePackageSet);
     newIgnorePackageSet[pkg] = true;
 
     var paths = [];
     var shortestLength = null;
 
-    _.each(allPackages, function (p) {
-      if ((! _.has(newIgnorePackageSet, p)) &&
-          solution.evaluate(p) &&
-          hasDep(p, pkg)) {
+    allPackages.forEach(function (p) {
+      if ((!has(newIgnorePackageSet, p)) &&
+        solution.evaluate(p) &&
+        hasDep(p, pkg)) {
         var newPV = new CS.PackageAndVersion(p, versionMap[p]);
-        _.each(getPaths(newPV, newIgnorePackageSet), function (path) {
+        getPaths(newPV, newIgnorePackageSet).forEach(function (path) {
           var newPath = [pv].concat(path);
-          if ((! paths.length) || newPath.length < shortestLength) {
+          if ((!paths.length) || newPath.length < shortestLength) {
             paths.push(newPath);
             shortestLength = newPath.length;
           }

packages/constraint-solver/version-pricer-tests.js

@@ -1,3 +1,6 @@
+const zip = Npm.require('lodash.zip');
+const isObject = Npm.require('lodash.isobject');
+
 var CS = ConstraintSolver;
 var PV = PackageVersion;
 
@@ -7,24 +10,26 @@ Tinytest.add("constraint solver - version pricer", function (test) {
   var pricer = new CS.VersionPricer();
 
   var testScanVersions = function (versions, mode, options, expected) {
-    if (options && _.isArray(options)) {
+    if (options && Array.isArray(options)) {
       expected = options;
       options = null;
     }
     var result, tuples;
     // Accepts either a mode like CS.VersionPricer.MODE_UPDATE or
     // an object that looks like `{ previous: version }`
-    if (_.isObject(mode) && mode.previous) {
+    if (isObject(mode) && mode.previous) {
       result = pricer.priceVersionsWithPrevious(versions, mode.previous);
-      tuples = _.zip(versions, result[0], result[1], result[2], result[3],
+      tuples = zip(versions, result[0], result[1], result[2], result[3],
                      result[4]);
     } else {
       result = pricer.priceVersions(versions, mode, options);
-      tuples = _.zip(versions, result[0], result[1], result[2], result[3]);
+      tuples = zip(versions, result[0], result[1], result[2], result[3]);
     }
     test.equal(tuples.length, expected.length);
-    test.equal(_.pluck(tuples, 0), versions);
-    _.each(_.zip(tuples, expected), function (x) {
+    test.equal(tuples.map(function(x){
+      return x[0]
+    }), versions);
+    zip(tuples, expected).forEach(function (x) {
       var tuple = x[0];
       var expectedTuple = x[1];
       if (typeof expectedTuple[0] !== 'string') {
@@ -200,4 +205,4 @@ Tinytest.add("constraint solver - version pricer", function (test) {
                     ["4.0.0", 1, 3, 0, 0, 1],
                     ["4.0.0_1", 1, 3, 0, 0, 0]]);
 
-});
+});

packages/constraint-solver/version-pricer.js

@@ -1,3 +1,5 @@
+const memoize = require('lodash.memoize');
+
 var CS = ConstraintSolver;
 var PV = PackageVersion;
 
@@ -9,7 +11,7 @@ CS.VersionPricer = function () {
   //
   // The VersionPricer instance stores a memoization table for
   // efficiency.
-  self.getVersionInfo = _.memoize(PV.parse);
+  self.getVersionInfo = memoize(PV.parse);
 };
 
 CS.VersionPricer.MODE_UPDATE = 1;

packages/crosswalk/package.js

@@ -6,5 +6,5 @@ instead of the System WebView on Android",
 });
 
 Cordova.depends({
-  'cordova-plugin-crosswalk-webview': '2.3.0'
+  'cordova-plugin-crosswalk-webview': '2.4.0'
 });

packages/ddp-rate-limiter/package.js

@@ -20,9 +20,8 @@ Package.onUse(function(api) {
 });
 
 Package.onTest(function(api) {
-  api.use('underscore');
   api.use(['accounts-password', 'tinytest', 'test-helpers', 'tracker',
-           'accounts-base', 'random', 'email', 'underscore', 'check',
+           'accounts-base', 'random', 'email', 'check',
            'ddp', 'ecmascript', 'es5-shim']);
   api.use('ddp-rate-limiter');
 

packages/ddp-server/livedata_server.js

@@ -9,6 +9,7 @@ const publicationStrategies = {
   // When using this strategy, the server maintains a copy of all data a connection is subscribed to.
   // This allows us to only send deltas over multiple publications.
   SERVER_MERGE: {
+    useDummyDocumentView: false,
     useCollectionView: true,
     doAccountingForCollection: true,
   },
@@ -17,6 +18,7 @@ const publicationStrategies = {
   // to it will not trigger removed messages when a subscription is stopped.
   // This should only be chosen for special use cases like send-and-forget queues.
   NO_MERGE_NO_HISTORY: {
+    useDummyDocumentView: false,
     useCollectionView: false,
     doAccountingForCollection: false,
   },
@@ -24,8 +26,17 @@ const publicationStrategies = {
   // sent to the client so it can remove them when a subscription is stopped.
   // This strategy can be used when a collection is only used in a single publication.
   NO_MERGE: {
+    useDummyDocumentView: false,
     useCollectionView: false,
     doAccountingForCollection: true,
+  },
+  // NO_MERGE_MULTI is similar to `NO_MERGE`, but it does track whether a document is
+  // used by multiple publications. This has some memory overhead, but it still does not do
+  // diffing so it's faster and slimmer than SERVER_MERGE.
+  NO_MERGE_MULTI: {
+    useDummyDocumentView: true,
+    useCollectionView: true,
+    doAccountingForCollection: true
   }
 };
 
@@ -39,6 +50,26 @@ DDPServer.publicationStrategies = publicationStrategies;
 // Session and Subscription are file scope. For now, until we freeze
 // the interface, Server is package scope (in the future it should be
 // exported).
+var DummyDocumentView = function () {
+  var self = this;
+  self.existsIn = new Set(); // set of subscriptionHandle
+  self.dataByKey = new Map(); // key-> [ {subscriptionHandle, value} by precedence]
+};
+
+Object.assign(DummyDocumentView.prototype, {
+  getFields: function () {
+    return {}
+  },
+
+  clearField: function (subscriptionHandle, key, changeCollector) {
+    changeCollector[key] = undefined
+  },
+
+  changeField: function (subscriptionHandle, key, value,
+                         changeCollector, isAdd) {
+    changeCollector[key] = value
+  }
+});
 
 // Represents a single document in a SessionCollectionView
 var SessionDocumentView = function () {
@@ -202,7 +233,12 @@ Object.assign(SessionCollectionView.prototype, {
     var added = false;
     if (!docView) {
       added = true;
-      docView = new SessionDocumentView();
+      if (Meteor.server.getPublicationStrategy(this.collectionName).useDummyDocumentView) {
+        docView = new DummyDocumentView();
+      } else {
+        docView = new SessionDocumentView();
+      }
+
       self.documents.set(id, docView);
     }
     docView.existsIn.add(subscriptionHandle);

packages/ddp-server/stream_server.js

@@ -50,6 +50,9 @@ StreamServer = function () {
     // combining CPU-heavy processing with SockJS termination (eg a proxy which
     // converts to Unix sockets) but for now, raise the delay.
     disconnect_delay: 60 * 1000,
+    // Allow disabling of CORS requests to address
+    // https://github.com/meteor/meteor/issues/8317.
+    disable_cors: !!process.env.DISABLE_SOCKJS_CORS,
     // Set the USE_JSESSIONID environment variable to enable setting the
     // JSESSIONID cookie. This is useful for setting up proxies with
     // session affinity.