New Environment VariablesDEBUG_ACCOUNTS - For debugging the Accounts and Authentication subsystems.
DEBUG_CRYPTO - For debugging public/private key infrastructure, UDAP, JWT, and other cryptography.
Security Enhancements
NoSQL Injection Prevention: sanitize() coding pattern introduced for .find() and .findOne() calls.
Meteor Settings
Meteor.settings.private.invitationExpiry - Invitation code expiration date. Expected format is YYYY-MM-DD
Meteor.settings.private.enablePublicUnrestrictedData - Enables public registry data. Data that has a security label of unrestricted will be published to anonymous users not logged in.
Meteor.settings.public.defaults.defaultUserRole - The default user role that new accounts get created as.
Meteor.settings.public.fhirAutoSubscribe - Automatically subscribe to all available default subscriptions.
Meteor.settings.public.fhirSubscribeToSubscriptions - Look in the Subscriptions collection, and subscribe to all collections listed therein.
Breaking Changes
eslint removed from project. Migrated to GitHub workflows and post-commit hooks.
New Environment Variables
DEBUG_ACCOUNTS
- For debugging the Accounts and Authentication subsystems.DEBUG_CRYPTO
- For debugging public/private key infrastructure, UDAP, JWT, and other cryptography.Security Enhancements
sanitize()
coding pattern introduced for.find()
and.findOne()
calls.Meteor Settings
Meteor.settings.private.invitationExpiry
- Invitation code expiration date. Expected format isYYYY-MM-DD
Meteor.settings.private.enablePublicUnrestrictedData
- Enables public registry data. Data that has a security label ofunrestricted
will be published to anonymous users not logged in.Meteor.settings.public.defaults.defaultUserRole
- The default user role that new accounts get created as.Meteor.settings.public.fhirAutoSubscribe
- Automatically subscribe to all available default subscriptions.Meteor.settings.public.fhirSubscribeToSubscriptions
- Look in the Subscriptions collection, and subscribe to all collections listed therein.Breaking Changes
eslint
removed from project. Migrated to GitHub workflows and post-commit hooks.