Bump ejs and preact-cli

[dependabot[bot]]

Bumps ejs to 3.1.8 and updates ancestor dependency preact-cli. These dependencies need to be updated together.

Updates ejs from 2.7.4 to 3.1.8

Release notes

Sourced from ejs's releases.

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

v3.1.6

Version 3.1.6

v3.1.5

Version 3.1.5

v3.0.2

No release notes provided.

Changelog

Sourced from ejs's changelog.

v3.0.1: 2019-11-23

• Removed require.extensions (@​mde)
• Removed legacy preprocessor include (@​mde)
• Removed support for EOL Nodes 4 and 6 (@​mde)

Commits

• 5126ff5 Version 3.1.8
• 7d5a1c6 Merge branch 'main' of github.com:mde/ejs into main
• 551949d Minor mitigation
• 66f7471 Merge pull request #664 from netcode/patch-1
• 820855a Version 3.1.7
• 076dcb6 Don't use template literal
• faf8b84 Skip test -- error message vary depending on JS runtime
• c028c34 Update packages
• 839ad20 Update SECURITY.md
• c040180 Update README.md
• Additional commits viewable in compare view

Updates preact-cli from 3.0.0-rc.6 to 3.4.1

Release notes

Sourced from preact-cli's releases.

preact-cli@3.4.1

Patch Changes

• #1711 5eb5d00 Thanks @​rschristian! - Fix ensures that the load-manifest is only attempted to be built in prod. It serves no use in dev (as preloading is limited to prod) and can create a race condition when used alongside HMR.

preact-cli@3.4.0

Minor Changes

• #1674 0346549 Thanks @​rschristian! - Supports consuming "proxy" from package.json to proxy API requests in watch mode

• #1671 8d3bd42 Thanks @​rschristian! - Any environment variables prefixed with 'PREACT_APP_' will automatically be available for reference and use in your application without having to configure DefinePlugin any more. Furthermore, if a .env file exists in the root of your application, any variables it defines will automatically be available for use.

  Huge shout out to robinvdvleuten who provided this functionality through the preact-cli-plugin-env-vars package in the past.

Patch Changes

• #1667 a56d904 Thanks @​rschristian! - Allows users to author prerender-urls.js as ESM once again

• #1693 6385ec1 Thanks @​rschristian! - Bumps dependencies to latest versions where possible and applicable.

• #1680 fcd0375 Thanks @​rschristian! - Fixed bug in push-manifest that would result in undefined entries

• #1670 7afd8bb Thanks @​rschristian! - Corrects 'build --json' ouput location and 'apple-touch-icon' will respect the publicPath automatically

• #1700 a60f8df Thanks @​rschristian! - Removes the archived & non-recommended 'material' template from 'preact list' output

• #1426 7d33cd1 Thanks @​VanTanev! - Improves prerender error message when offending use of browser globals cannot be found

• #1705 f9ef9b1 Thanks @​rschristian! - Fixes HMR / --refresh flag in watch mode

preact-cli@3.3.5

Patch Changes

• #1659 d452863 Thanks @​rschristian! - Corrects push-manifest.json generation in non-ESM builds

• #1658 6af4e9d Thanks @​rschristian! - Clarifies when the --template flag is necessary in the CLI help information.

preact-cli@3.3.4

Patch Changes

• #1646 e98994a Thanks @​rschristian! - Bumping webpack-dev-server

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by preactjs, a new releaser for preact-cli since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/torch2424/made-with-webassembly/network/alerts).

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.