search

scm-automation-project / npm-simple-project

0 stars 3 forks source link

Update dependency ejs to v3 - autoclosed #12

Closed dev-mend-for-github-com[bot] closed 1 year ago

dev-mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
ejs dependencies major ^2.4.2 -> ^3.1.6

By merging this PR, the issue #7 will be automatically resolved and closed:

Severity CVSS Score CVE
Critical Critical 9.8 WS-2021-0153

Release Notes

mde/ejs ### [`v3.1.6`](https://togithub.com/mde/ejs/releases/tag/v3.1.6) [Compare Source](https://togithub.com/mde/ejs/compare/v3.1.5...v3.1.6) Version 3.1.6 ### [`v3.1.5`](https://togithub.com/mde/ejs/releases/tag/v3.1.5) Version 3.1.5 ### [`v3.1.3`](https://togithub.com/mde/ejs/compare/v3.1.2...v3.1.3) [Compare Source](https://togithub.com/mde/ejs/compare/v3.1.2...v3.1.3) ### [`v3.1.2`](https://togithub.com/mde/ejs/compare/v3.0.2...v3.1.2) [Compare Source](https://togithub.com/mde/ejs/compare/v3.0.2...v3.1.2) ### [`v3.0.2`](https://togithub.com/mde/ejs/compare/v3.0.1...v3.0.2) [Compare Source](https://togithub.com/mde/ejs/compare/v3.0.1...v3.0.2) ### [`v3.0.1`](https://togithub.com/mde/ejs/compare/v2.7.4...v3.0.1) [Compare Source](https://togithub.com/mde/ejs/compare/v2.7.4...v3.0.1) ### [`v2.7.4`](https://togithub.com/mde/ejs/releases/tag/v2.7.4) [Compare Source](https://togithub.com/mde/ejs/compare/v2.7.3...v2.7.4) ##### Bug fixes - Fixed Node 4 support, which broke in v2.7.3 (https://github.com/mde/ejs/commit/5e42d6cef15ae6f2c7d29ef55a455e8e49b5e76e, [@​mde](https://togithub.com/mde)) ### [`v2.7.3`](https://togithub.com/mde/ejs/releases/tag/v2.7.3) [Compare Source](https://togithub.com/mde/ejs/compare/v2.7.2...v2.7.3) ##### Bug fixes - Made the post-install message more discreet by following the example of [opencollective-postinstall](https://togithub.com/opencollective/opencollective-postinstall) (https://github.com/mde/ejs/commit/228d8e45b7ced2afd3e596c13d44aed464e57e43, [@​mde](https://togithub.com/mde)) ### [`v2.7.2`](https://togithub.com/mde/ejs/releases/tag/v2.7.2) [Compare Source](https://togithub.com/mde/ejs/compare/v2.7.1...v2.7.2) ##### Features - Added support for destructuring locals ([#​452](https://togithub.com/mde/ejs/issues/452), [@​ExE-Boss](https://togithub.com/ExE-Boss)) - Added support for disabling legacy `include` directives ([#​458](https://togithub.com/mde/ejs/issues/458), [#​459](https://togithub.com/mde/ejs/issues/459), [@​ExE-Boss](https://togithub.com/ExE-Boss)) - Compiled functions are now shown in the debugger ([#​456](https://togithub.com/mde/ejs/issues/456), [@​S2-](https://togithub.com/S2-)) - `function.name` is now set to the file base name in environments that support this ([#​466](https://togithub.com/mde/ejs/issues/466), [@​ExE-Boss](https://togithub.com/ExE-Boss)) ##### Bug Fixes - The error message when `async != true` now correctly mention the existence of the `async` option ([#​460](https://togithub.com/mde/ejs/issues/460), [@​ExE-Boss](https://togithub.com/ExE-Boss)) - Improved performance of HTML output generation ([#​470](https://togithub.com/mde/ejs/issues/470), [@​nwoltman](https://togithub.com/nwoltman)) ### [`v2.7.1`](https://togithub.com/mde/ejs/releases/tag/v2.7.1) [Compare Source](https://togithub.com/mde/ejs/compare/v2.6.2...v2.7.1) ##### Deprecated: - Added deprecation notice for use of `require.extensions` ([@​mde](https://togithub.com/mde)) ### [`v2.6.2`](https://togithub.com/mde/ejs/releases/tag/v2.6.2) [Compare Source](https://togithub.com/mde/ejs/compare/v2.6.1...v2.6.2) - Correctly pass custom escape function to includes ([@​alecgibson](https://togithub.com/alecgibson)) - Fixes for rmWhitespace ([@​nwoltman](https://togithub.com/nwoltman)) - Examples for client-side EJS compiled with Express middleware ([@​mjgs](https://togithub.com/mjgs)) - Make Template constructor public ([@​ThisNameWasTaken](https://togithub.com/ThisNameWasTaken)) - Added `remove` function to cache ([@​S2-](https://togithub.com/S2-)) - Recognize both 'Nix and Windows absolute paths ([@​mde](https://togithub.com/mde)) ### [`v2.6.1`](https://togithub.com/mde/ejs/compare/v2.5.9...v2.6.1) [Compare Source](https://togithub.com/mde/ejs/compare/v2.5.9...v2.6.1) ### [`v2.5.9`](https://togithub.com/mde/ejs/compare/v2.5.8...v2.5.9) [Compare Source](https://togithub.com/mde/ejs/compare/v2.5.8...v2.5.9) ### [`v2.5.8`](https://togithub.com/mde/ejs/releases/tag/v2.5.8) [Compare Source](https://togithub.com/mde/ejs/compare/v2.5.7...v2.5.8) - Add filename to error when include file cannot be found ([@​Leon](https://togithub.com/Leon)) - Node v9 in CI ([@​Thomas](https://togithub.com/Thomas)) - Fixed special case for Express caching ([@​mde](https://togithub.com/mde)) - Added Promise/async-await support to `renderFile` ([@​mde](https://togithub.com/mde)) - Added notes on IDE support to README ([@​Betanu701](https://togithub.com/Betanu701)) ### [`v2.5.7`](https://togithub.com/mde/ejs/releases/tag/v2.5.7) [Compare Source](https://togithub.com/mde/ejs/compare/v2.5.6...v2.5.7) - Pass configured escape function to `rethrow` ([@​straker](https://togithub.com/straker)) - Added vulnerabilities info into README ([@​mde](https://togithub.com/mde)) - Avoid creating function object in hot execution path ([@​User4martin](https://togithub.com/User4martin)) - Added benchmark ([@​User4martin](https://togithub.com/User4martin)) - Tests for looped includes ([@​User4martin](https://togithub.com/User4martin)) ### [`v2.5.6`](https://togithub.com/mde/ejs/releases/tag/v2.5.6) [Compare Source](https://togithub.com/mde/ejs/compare/v2.5.5...v2.5.6) - Use configured escape function for filenames in errors ([@​mde](https://togithub.com/mde)) - Make file-loader configurable to allow template pre-processing ([@​hacke2](https://togithub.com/hacke2)) - Improved `renderFile` performance ([@​nwoltman](https://togithub.com/nwoltman))