Update dependency eta to v3

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
eta (source)	^1.12.3 -> ^3.0.0

---

Release Notes

eta-dev/eta (eta)

v3.2.0: Version 3.2.0

Compare Source

Commits

• style: run format tool 9fb7d49
• feat: enable support for default extensions (#​266) 8054ffc

v3.1.1: Version 3.1.1

Compare Source

Commits

• fix: correctly escape string with debug: true 115721d
• docs: add example of Deno import ee6d336

v3.1.0: Version 3.1.0

Compare Source

Commits

• fix: add support for Bun (#​250) acea87c
• Support agile extension of Eta class (#​249) 8b15b6b

v3.0.3: Version 3.0.3

Compare Source

TL;DR

• Fix an issue that made Deno usage not work

Commits

• fix: update import to include extension 4e4a185

v3.0.2: Version 3.0.2

Compare Source

TL;DR

This release mainly includes changes in Eta's CI process, but also fixes the build on deno.land/x/eta (which was broken in 3.0.0 and 3.0.1).

Commits

• ci: update coverage link 25b0f6d
• fix: update GitHub Actions for coverage 9b936eb
• feat: merge branch 'main' 6196295
• ci: migrate CI to GitHub Actions 1a1409d
• support deno (#​240) e975761
• fix: add package-lock.json for CI 5ff4d89
• feat: add GitHub Actions test 9088a19
• feat: fix path in README 03921e3
• feat: include .ts extensions (throws warnings but works) e3ab990

v3.0.1: Version 3.0.1

Compare Source

TL;DR

• eta.module.mjs contained the 2.0.0 code 🤦

Commits

• fix: eta.module.mjs was generated incorrectly 387d677

v3.0.0: Version 3.0.0

Compare Source

TL;DR

After months of work, I'm super excited to release Eta version 3! 🎉 🎉

The philosophy and end goal of Eta remain the same: to be a lightweight, developer-friendly, and very fast template engine. The syntax also remains almost exactly the same. Eta's API, however, has changed in some important ways. Head over to https://eta.js.org/ to learn more about the changes and begin migrating your code!

Commits

• docs: update README.md 376deaf
• fix: remove nonexistent dir from lint 8a9424d
• fix: istanbul ignore empty function coverage 08b5b6c
• test: add better error tests 4332989
• fix: unclosed tag error message 2e51f43
• feat: remove unnecessary promise code aeec694
• feat: begin updating readme for eta v3 4620af9
• chore: add attrib 41f0688
• feat: add pretty runtime errors and functionHeader option df82f2c
• chore: remove unnecessary line a3d4fbf
• test: add and refine tests 33f8bd7
• delete unnecessary templates cfb7aab
• fix: merge body:__eta.res after ...it 83d56ef
• feat: fix filepath caching e715f07
• feat: add ESM browser build 5269d79
• chore: remove examples directory a522489
• chore: update benchmark page, remove non-embedded template engines 8e252a7
• chore: update tests for v3 4fff2b5
• chore: make conditional more clear ea37ebb
• feat: changes to autoEscape and autoFilter e30a863
• chore: update for eta v3 6eeffe9
• chore: update for eta v3 6268397
• chore: update test files for v3 code e7904ec
• chore: remove deno build using denoify e16dca3
• chore: remove denoify and unused eslint plugins d434792
• chore: finish removing typedoc generation dca2680
• build: remove typedoc generation cd31400
• chore: rebuild 53beb48
• feat: initial rewrite for version 3 f722c32

v2.2.0: Version 2.2.0

Compare Source

TL;DR

• fixed issue #​227, which caused slow parsing times with very large files that didn't contain Eta embed tags

Commits

• fix RegExp leading to slow parsing w/out tags f7ed8f6

v2.1.2: Version 2.1.2

Compare Source

TL;DR

• Updated the Deno std version to 0.186.0
• Updated the README

Commits

• rebuild cce5850
• Bump std from 0.97.0 to 0.186.0 (again) (#​229) 34e7179
• docs: add info for integration with webpack (#​219) c328584

v2.1.1: Version 2.1.1

Compare Source

TL;DR

• Added code comment to clarify config.parse, prompted by #​135

Commits

• docs: add note about parser options 023ef4b

v2.1.0: Version 2.1.0

Compare Source

TL;DR

• Updated the versions of the Deno std from 0.97 to 0.186

Commits

• build: rebuild 09b52b1
• Bump deno std from 0.97 to 0.186 (#​228) 1ea9aaf
• Update README.md (#​223) b25689e
• export etaconfig (#​222) de0987e

v2.0.1: Version 2.0.1

Compare Source

TL;DR

• Add package-lock.json to .gitignore
• Fix link to benchmark page

Commits

• Disable package-lock.json (#​220) 6733ae3
• Fix benchmarks link c42a365
• Update benchmark.html, demo.html b8c1823

v2.0.0: Version 2.0.0

Compare Source

TL;DR

This commit includes fixes for several security vulnerabilities. Specifically, in version 1, Eta merged the data parameter of renderFile() into config -- meaning that malicious untrusted user data, passed through in a very specific way, could potentially modify the values of varName, include, includeFile, and useWith, and thus insert arbitrary code into user template functions.

With this release, such behavior is removed. Configuration cannot be passed through the data parameter to eta.renderFile().

Most users will be able to update from version 1 to version 2 without changing any code. All users are encouraged to update as soon as possible.

Practical Implications

• Configuration must be passed to renderFile explicitly, rather than merged with the data parameter
• Using Express.js app.set() to modify views and view cache will no longer change Eta's configuration of views and cache.
  • However, since Express still uses its own views and view cache options under the hood, users should configure both Eta and Express with desired values (example below)
• Eta no longer recognizes the legacy Express.js settings["view options"] property

Example Code Changes

// Change THIS:
renderFile(filePath, { cache: true }) // This worked in v1 but does not work in v2
// To THIS:
renderFile(filePath, {}, { cache: true }) // This works in v1 and v2

// Change THIS:
var eta = require("eta")
app.set("view engine", "eta")
app.set("views", "./views")
app.set("view cache", true)
// To THIS:
var eta = require("eta")
app.engine("eta", eta.renderFile)
eta.configure({  views: "./views", cache: true }) // configure eta
app.set("views", "./views") // configure Express
app.set("view cache", true) // configure Express
app.set("view engine", "eta")

Commits

• Don't use data object for Eta configuration (#​214) 5651392

v1.14.2: Version 1.14.2

Compare Source

TL;DR

• Fixed "types" field in package.json

Commits

• fix type declaration (#​213) f9994ad

v1.14.1: Version 1.14.1

Compare Source

TL;DR

• Fixed package.json exports and type fields

Commits

• Rebuild README.md 403121c
• docs: add gurgunday as a contributor for code (#​212) 308bfb4
• Fix outputs (#​211) d7c68b3

v1.14.0: Version 1.14.0

Compare Source

TL;DR

• Refactored Eta's build process to make it more maintainable
• Improved NodeNext support

Commits

• Switch build process to use microbundle (#​209) 3442ceb

v1.13.0: Version 1.13.0

Compare Source

TL;DR

• Improved return types through TS function overloading
• Fixed the "types" field in package.json

Commits

• Rebuild 197eb04
• docs: add nhaef as a contributor for code (#​206) c954bfe
• Rebuild and format 1cae832
• Improve return types for render, renderAsync, renderFile and renderFileAsync (#​199) 242e9fc
• Fix types specification in package.json (#​193) 7190909
• Fix types specification in package.json (#​193) fe26ba1
• Fix types specification in package.json (#​193) 812825d
• Nit: change eslint file type (#​204) 8c82f3c
• chore(deps): bump dot-prop and @​commitlint/config-conventional (#​203) 9e22984
• Update dependencies (#​202) 749b197
• Merge pull request #​188 from gitBaiano/patch-1 2eb2d9f
• Update Benchmark modules 35a7d8d
• Merge pull request #​179 from eta-dev/dependabot/npm_and_yarn/terser-4.8.1 4c23380
• chore(deps): bump terser from 4.8.0 to 4.8.1 15fd2b9
• Merge pull request #​160 from eta-dev/dependabot/npm_and_yarn/node-fetch-2.6.7 064f776
• chore(deps): bump node-fetch from 2.6.1 to 2.6.7 60263b0
• Merge pull request #​174 from eta-dev/dependabot/npm_and_yarn/jsdom-16.7.0 ff801ea
• chore(deps): bump jsdom from 16.4.0 to 16.7.0 14aedfb
• Merge pull request #​170 from Tobbe/patch-1 9c8e426
• README.ms: Fix rawgit links 12005a5
• Merge pull request #​167 from ralphwetzel/patch-1 912c2e3
• Update README.md 5512169
• Merge pull request #​156 from eta-dev/dependabot/npm_and_yarn/shelljs-0.8.5 663556c
• Merge pull request #​158 from benasher44/patch-1 1f1f321
• Merge pull request #​157 from eta-dev/dependabot/npm_and_yarn/nanoid-3.2.0 b1026d3
• Merge pull request #​154 from shadowtime2000/issue-146 aedaab7
• Update README.md 34628da
• Update benchmarks link d5e25ab
• Merge pull request #​155 from benasher44/master 694976f
• chore(deps): bump nanoid from 3.1.12 to 3.2.0 21234a1
• chore(deps-dev): bump shelljs from 0.8.4 to 0.8.5 f28b718
• Compile templates before render for benchmarks d469b4c
• fix(146): add browser es versions 408d59c
• Merge pull request #​145 from eta-dev/dependabot/npm_and_yarn/tmpl-1.0.5 0bdf07e
• chore(deps): bump tmpl from 1.0.4 to 1.0.5 e1101a9
• Merge pull request #​133 from eta-dev/dependabot/npm_and_yarn/path-parse-1.0.7 a0072e8
• chore(deps): bump path-parse from 1.0.6 to 1.0.7 48d9857
• v1.12.3 304b9e2

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.