[1.3][CVE-2024-33883] Bump ejs from 3.1.7 to 3.1.10

Issue Resolve: CVE-2024-33883 Signed-off-by: Anan Zhuang <[email protected]>
ananzh · Aug 16, 2024 · 8ba6de4 · 8ba6de4
1 parent 26d95c2
commit 8ba6de4
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/package.json b/package.json
@@ -92,7 +92,7 @@
     "!chromedriver/**/axios": "^0.21.4",
     "chromedriver/**/axios": "^0.27.2",
     "chromedriver/**/debug": "^4.3.1",
-    "**/ejs": "^3.1.6",
+    "**/ejs": "^3.1.10",
     "**/express": "^4.18.0",
     "**/flat": "^5.0.2",
     "**/follow-redirects": "^1.15.2",

diff --git a/packages/osd-plugin-generator/package.json b/packages/osd-plugin-generator/package.json
@@ -11,7 +11,7 @@
   "dependencies": {
     "@osd/cross-platform": "1.0.0",
     "@osd/dev-utils": "1.0.0",
-    "ejs": "^3.1.7",
+    "ejs": "^3.1.10",
     "execa": "^4.0.2",
     "inquirer": "^7.3.3",
     "normalize-path": "^3.0.0",

diff --git a/yarn.lock b/yarn.lock
@@ -8180,10 +8180,10 @@ [email protected]:
   resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
   integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=
 
-ejs@^2.6.1, ejs@^3.1.5, ejs@^3.1.6, ejs@^3.1.7:
-  version "3.1.7"
-  resolved "https://registry.yarnpkg.com/ejs/-/ejs-3.1.7.tgz#c544d9c7f715783dd92f0bddcf73a59e6962d006"
-  integrity sha512-BIar7R6abbUxDA3bfXrO4DSgwo8I+fB5/1zgujl3HLLjwd6+9iOnrT+t3grn2qbk9vOgBubXOFwX2m9axoFaGw==
+ejs@^2.6.1, ejs@^3.1.10, ejs@^3.1.5:
+  version "3.1.10"
+  resolved "https://registry.yarnpkg.com/ejs/-/ejs-3.1.10.tgz#69ab8358b14e896f80cc39e62087b88500c3ac3b"
+  integrity sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==
   dependencies:
     jake "^10.8.5"