EJS (Embedded JavaScript Templates) version 3.1.8 is a minor release following version 3.1.7, both iterations of a popular templating engine enabling developers to generate dynamic HTML content on the server-side or within the browser. Both versions share the same core dependencies, including jake for build automation, and development dependencies such as jsdoc for documentation generation, mocha for testing, eslint for code linting, lru-cache for caching, uglify-js for minification, browserify for bundling, and git-directory-deploy for deployment. The author and licensing (Apache-2.0) remain consistent.
The key difference lies in the updated dist metadata. Version 3.1.8 boasts a slightly larger unpacked size of 139905 bytes compared to 3.1.7's 138642 bytes, a slight increase of 1263 bytes. Also a later release date, May 11, 2022, compared to April 20, 2022. This indicates that version 3.1.8 likely includes bug fixes, minor feature enhancements, or performance improvements implemented since the previous release. While the fileCount remains the same at 13, the increased size suggests modifications within those files. Developers should ideally consult the changelog or release notes (typically found on the EJS GitHub repository) to pinpoint the exact nature of these changes before upgrading. Staying current allows developers to benefit from the latest refinements and potentially resolve any compatibility issues or security vulnerabilities addressed in the newer version. EJS remains a lightweight and versatile choice for dynamic content generation.
All the vulnerabilities related to the version 3.1.8 of the package
ejs lacks certain pollution protection
The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.
