- Remove starter-browser-policy and replace it with
BrowserPolicy.enableContentSecurityPolicy(), which gives you the starter
policy and allows you to use the other BrowserPolicy functions to configure
it. This is motivated by the fact that the API isn't very intuitive without a
well-defined starting policy. ex: if the package starts off without a policy,
and then the user calls allowAllContentSameOrigin(), that will result in
turning off inline scripts, which is probably not what they wanted.
- AllContent functions do more of what you'd expect now;
i.e. BrowserPolicy.disallowAllContent() actually disallows all content,
instead of setting default-src to 'none', which will allow other types of
content that have previously had srcs set for them.
- Add some tests
- Check email for users created with password or any social account's email
- Throw an error with explanation on bad email domain.
- Set `hd` param for Google Accounts authentication url
- Docs description
- Touch History.md
- Possibly should add it into QA process?
This means node's crypto.randomBytes on the server, and
window.crypto.getRandomValues on the client. If node's crypto.randomBytes throws
an exception, we fall back to crypto.pseudoRandomBytes. If
window.crypto.getRandomValues isn't supported by the browser, we fall back to
the alea generator that we had been using previously.
- You can mix incl/excl as long as it is `_id`
- Note unsupported `$` and `$slice` operators of minimongo
- Give an advanced example with reference to mongodb docs.
Package.register_extension API.
It didn't even actually work for producing JavaScript files (eg a
coffeescript-like package): see #1410. Package maintainers should have upgraded
to the more powerful 0.6.5 API by now anyway.
Support for 'fields' option in minimongo. Observe on the fields certain fields
will fire 'change' events only if one of watched fields changed.
Note: in minimongo observe, granularity of diff is one level. Meaning, watching
for changes at 'foo.bar' may fire even if 'foo.bar' didn't change.
Fixes#1287.
- Fix order of ')' and '.' in a bunch of places
- Remove last reference to "smart packages"
- Fix an Atmosphere link
- Linkify a bunch of other things (CoffeeScript, npm, GitHub bug tracker, etc)
- Added a newline after the dot in "`meteor`. `meteor`". It looked way more
like `meteor.meteor` when rendered.
- Name `api.add_files` explicitly.
- Fix capitalization of GitHub
- Explain how weak deps check if the dep is there
- A few other typos
As part of a docs pass we will explain the new way to use coffeescript globals.
(In short: in a package, anything declared with `api.export` becomes
package-level and exported. If you want something package-level and not
exported, or app-level, there's an object `share` and you can assign to fields
on it.)
.meteor/packages in new apps now contains "standard-app-packages", which implies
the standard set of packages like mongo-livedata. There is no special-casing in
initFromAppDir. This line has been added to all the examples, etc.
There's a new concept of "upgraders". "meteor run-upgrader app-packages" will
add standard-app-packages to the app, as well as all of the package in the app's
packages/ directory (an unrelated change since 0.6.4). This will be integrated
soon with "meteor update"; run-upgrader is essentially for testing.
project.add_package no longer adds packages that are already there.
