As discovered in #8947, creating an app with
meteor create --release 1.4.4.1 new-app
does not actually constrain core packages to have the same minor versions
they had when Meteor 1.4.4.1 was published. Rather (as of Meteor 1.4.3),
the Meteor release only constrains core packages to have versions at least
as recent as the versions they had when the release was published, and to
have the same major version. Any later minor version is fair game.
What we need is a new kind of package version constraint, more like
semver's ~ range operator:
https://www.npmjs.com/package/semver#tilde-ranges-123-12-1
This commit implements that functionality, though it stops short of
supporting all possible semver range syntax.
Backports: b7645a4d1f
This reverts commit 4e4e204ab0.
This commit caused a strange regression in reliability of the Windows
dynamic-import self-test, which may be an indication of a deeper problem,
so it seems safest to revert this change for now.
In case empty .meteor-portable-2.json files are written, I've added an
additional check that the cached JSON value is a boolean.
As illustrated by #9554, if a custom .babelrc plugin such as
@babel/plugin-proposal-optional-chaining imports a missing dependency such
as @babel/core, that failure causes inputFile.require to throw an
exception that looks a lot like @babel/plugin-proposal-optional-chaining
itself is missing, which can be confusing.
This change does not fix the underlying problem (the @babel/core package
still needs to be installed), but it does expose the exception so that the
developer can do something about it, rather than merely leaving the ?.
syntax uncompiled.
Here's the offending line of code:
47ce7e71c9/packages/babel-plugin-proposal-optional-chaining/src/index.js (L2)
Unfortunately, depending directly on @babel/core seems to be the policy
for Babel plugins, per this PR: https://github.com/babel/babel/pull/6778
Previously these files were written asynchronously in an attempt to
improve performance, since the success of the write is not critical.
While I stand by my claim that it's acceptable for these writes to fail, I
noticed recently that the async write was failing very often (resulting in
an empty .meteor-portable-2.json file). Switching to sync semantics
eliminated that problem with no noticeable loss of performance. In fact,
overall performance is likely better because of the future work saved by a
successful write.
In an attempt to fix#9552, recursively scan child directories of
directories that start with '@' characters, rather than treating the
parent directory as a potential npm package.
Also, ignore directories that start with a '.' character, such as the
common node_modules/.bin directory.
