Skip to content

Bump ejs from 3.1.10 to 5.0.1#1241

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/ejs-5.0.1
Open

Bump ejs from 3.1.10 to 5.0.1#1241
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/ejs-5.0.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 10, 2026
edited
Loading

Bumps ejs from 3.1.10 to 5.0.1.

Release notes

Sourced from ejs's releases.

v5.0.1

Version 5.0.1

v4.0.1

Version 4.0.1

Changelog

Sourced from ejs's changelog.

EJS Version 5.0.1 Release Notes

Overview

EJS version 5.0.1 is a major release that removes deprecated options, fixes template behavior with custom delimiters, improves the CLI and build pipeline, and simplifies the package by moving Jake to a dev-only dependency.

Major Changes

Deprecated Option Removed

  • Removed client option (Fixes #746): The legacy client flag and related code have been removed. This option produced browser-oriented template functions by inlining escape and rethrow helpers; it was unmaintained and broken. Use the standard browser bundle (ejs.min.js) or compile templates for the client using your own build setup.

Bug Fixes

  • Custom delimiters and whitespace-slurp tags (Fixed #780): Whitespace-slurp tags (<%_ and _%> by default) now respect custom openDelimiter, delimiter, and closeDelimiter. Previously, the slurp regex was hardcoded to <%/%>, so custom delimiters did not work correctly with <%_/_%>-style tags.

CLI & Build

  • CLI no longer depends on Jake: The ejs CLI now uses a bundled argument parser (lib/esm/parseargs.js / lib/cjs/parseargs.js) instead of the Jake program module. Jake remains a devDependency for the build (lint, compile, browserify, minify, test).
  • Jake moved to devDependencies: Jake was moved from dependencies to devDependencies, so installing ejs as a dependency no longer pulls in Jake.
  • Minification fix: The minify task now minifies the browserified ejs.js bundle (output of the browserify task) instead of lib/cjs/ejs.js, so the browser bundle is correctly minified.

Documentation & Examples

  • JSDoc updates: Removed references to the client option and ClientFunction from options and template-function documentation.
  • Examples: examples/client-compilation.html and examples/express/app.js updated to remove use of the client option; Express example no longer passes client: true.
  • README: Removed broken link to the third-party EJS playground.

Code Quality

  • Tests: Removed tests that targeted the removed client option behavior.
  • Utils: Removed unused client-related code from lib/esm/utils.js.

Breaking Changes

Removed client Option

  • Option removed: The client option is no longer supported. Passing client: true (or any value) is ignored; no error is thrown, but no

... (truncated)

Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 10, 2026
@dependabot dependabot bot mentioned this pull request Mar 10, 2026
Closed
@dependabot
Bump ejs from 3.1.10 to 5.0.1
efe7431 
Bumps [ejs](https://github.com/mde/ejs) from 3.1.10 to 5.0.1.
- [Release notes](https://github.com/mde/ejs/releases)
- [Changelog](https://github.com/mde/ejs/blob/main/RELEASE_NOTES_v4.md)
- [Commits](mde/ejs@v3.1.10...v5.0.1)

---
updated-dependencies:
- dependency-name: ejs
  dependency-version: 5.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ejs-5.0.1 branch from 04333f5 to efe7431 Compare March 31, 2026 18:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants