This repository has been archived by the owner on Jan 18, 2023. It is now read-only.

Update dependency ejs to v3 #6

Open

mend-for-github-com wants to merge 1 commit into main from whitesource-remediate/ejs-3.x

mend-for-github-com bot commented Jun 7, 2022 •

edited

Loading

This PR contains the following updates:

Package	Type	Update	Change
ejs	dependencies	major	`^2.5.6` -> `^3.0.0`

By merging this PR, the issue #8 will be automatically resolved and closed:

Severity	CVSS Score	CVE
High	9.8	CVE-2022-29078
High	9.8	WS-2021-0153

Release Notes

mde/ejs

`v3.1.6`

Version 3.1.6

`v3.1.5`

Version 3.1.5

`v3.1.3`

`v3.1.2`

`v3.0.2`

`v3.0.1`

Removed require.extensions (@mde)
- Removed legacy preprocessor include (@mde)
- Removed support for EOL Nodes 4 and 6 (@mde)

`v2.7.4`

Bug fixes

Fixed Node 4 support, which broke in v2.7.3 (5e42d6c, @mde)

`v2.7.3`

Bug fixes

Made the post-install message more discreet by following the example of opencollective-postinstall (228d8e4, @mde)

`v2.7.2`

Features

Added support for destructuring locals (#452, @ExE-Boss)
Added support for disabling legacy include directives (#458, #459, @ExE-Boss)
Compiled functions are now shown in the debugger (#456, @S2-)
function.name is now set to the file base name in environments that support this (#466, @ExE-Boss)

Bug Fixes

The error message when async != true now correctly mention the existence of the async option (#460, @ExE-Boss)
Improved performance of HTML output generation (#470, @nwoltman)

`v2.7.1`

Added deprecation notice for use of require.extensions (@mde)

`v2.6.2`

Correctly pass custom escape function to includes (@alecgibson)
- Fixes for rmWhitespace (@nwoltman)
- Examples for client-side EJS compiled with Express middleware (@mjgs)
- Make Template constructor public (@ThisNameWasTaken)
- Added remove function to cache (@S2-)
- Recognize both 'Nix and Windows absolute paths (@mde)

`v2.6.1`

Async rendering (@Viko)

`v2.5.9`

Fixed options-passing for Express (@mde)
- Re-enabled performance tests (@mde)

`v2.5.8`

Add filename to error when include file cannot be found (@Leon)
Node v9 in CI (@Thomas)

Fixed special case for Express caching (@mde)

Added Promise/async-await support to renderFile (@mde)
Added notes on IDE support to README (@Betanu701)

If you want to rebase/retry this PR, click this checkbox.


          Update dependency ejs to v3

4d3eb0b

mend-for-github-com bot added the security fix label

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels