Update dependency ejs to v3 #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

mend-for-gitproxy.zycloud.tk wants to merge 1 commit into master from whitesource-remediate/ejs-3.x

mend-for-gitproxy.zycloud.tk bot commented Jul 5, 2022 •

edited

Loading

This PR contains the following updates:

Package	Type	Update	Change
ejs	dependencies	major	`^2.5.1` -> `^3.1.10`

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity	CVSS Score	Vulnerability
Critical	9.8	CVE-2022-29078
Critical	9.8	WS-2021-0153
High	8.8	CVE-2024-33883

Release Notes

mde/ejs (ejs)

`v3.1.10`

Version 3.1.10

`v3.1.9`

Version 3.1.9

`v3.1.8`

Version 3.1.8

`v3.1.7`

Version 3.1.7

`v3.1.6`

Version 3.1.6

`v3.1.5`

Version 3.1.5

`v3.1.3`

`v3.1.2`

`v3.0.2`

`v3.0.1`

`v2.7.4`

Bug fixes

Fixed Node 4 support, which broke in v2.7.3 (5e42d6c, @mde)

`v2.7.3`

Bug fixes

Made the post-install message more discreet by following the example of opencollective-postinstall (228d8e4, @mde)

`v2.7.2`

Features

Added support for destructuring locals (#452, @ExE-Boss)
Added support for disabling legacy include directives (#458, #459, @ExE-Boss)
Compiled functions are now shown in the debugger (#456, @S2-)
function.name is now set to the file base name in environments that support this (#466, @ExE-Boss)

Bug Fixes

The error message when async != true now correctly mention the existence of the async option (#460, @ExE-Boss)
Improved performance of HTML output generation (#470, @nwoltman)

`v2.7.1`

Deprecated:

Added deprecation notice for use of require.extensions (@mde)

`v2.6.2`

Correctly pass custom escape function to includes (@alecgibson)
- Fixes for rmWhitespace (@nwoltman)
- Examples for client-side EJS compiled with Express middleware (@mjgs)
- Make Template constructor public (@ThisNameWasTaken)
- Added remove function to cache (@S2-)
- Recognize both 'Nix and Windows absolute paths (@mde)

`v2.6.1`

`v2.5.9`

`v2.5.8`

Add filename to error when include file cannot be found (@Leon)
Node v9 in CI (@Thomas)

Fixed special case for Express caching (@mde)

Added Promise/async-await support to renderFile (@mde)
Added notes on IDE support to README (@Betanu701)

`v2.5.7`

Pass configured escape function to rethrow (@straker)

Added vulnerabilities info into README (@mde)

Avoid creating function object in hot execution path (@User4martin)

Added benchmark (@User4martin)
Tests for looped includes (@User4martin)

`v2.5.6`

Use configured escape function for filenames in errors (@mde)
Make file-loader configurable to allow template pre-processing (@hacke2)
Improved renderFile performance (@nwoltman)

If you want to rebase/retry this PR, check this box

mend-for-gitproxy.zycloud.tk bot added the security fix label

mend-for-gitproxy.zycloud.tk bot force-pushed the whitesource-remediate/ejs-3.x branch from 808b3d6 to 5772e2f Compare

November 20, 2022 20:37

mend-for-gitproxy.zycloud.tk bot force-pushed the whitesource-remediate/ejs-3.x branch from 5772e2f to 04a6b81 Compare

March 26, 2023 18:04

mend-for-gitproxy.zycloud.tk bot force-pushed the whitesource-remediate/ejs-3.x branch from 04a6b81 to 52bba44 Compare

May 21, 2024 22:08

mend-for-gitproxy.zycloud.tk bot force-pushed the whitesource-remediate/ejs-3.x branch from 52bba44 to 905bfe2 Compare

February 22, 2025 08:16


          Update dependency ejs to v3

8a40bf8

mend-for-gitproxy.zycloud.tk bot force-pushed the whitesource-remediate/ejs-3.x branch from 905bfe2 to 8a40bf8 Compare

February 26, 2025 07:53

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels