diff --git a/README.md b/README.md index 6daf40c9..ffe1927b 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,18 @@ +# `@cryptkeeperzk/ejs`: + +``` +NOTE: Since ejs.js is being used through Snark.js, which is used inside CryptKeeper ZK Browser Extension. +We faced this error: +` +Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' +is not an allowed source of script in the following Content Security Policy directive: +"script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules' http://localhost:* http://127.0.0.1:*". +` +Therefore, according to this issue: https://github.com/mde/ejs/issues/468 +We forked the main ejs to adjust this line with this suggested solution: https://github.com/facebook/regenerator/issues/336#issuecomment-355832435 + +``` + Embedded JavaScript templates
[![Known Vulnerabilities](https://snyk.io/test/npm/ejs/badge.svg?style=flat)](https://snyk.io/test/npm/ejs) ============================= diff --git a/lib/ejs.js b/lib/ejs.js index 65590eae..b314e68e 100755 --- a/lib/ejs.js +++ b/lib/ejs.js @@ -102,11 +102,20 @@ exports.localsName = _DEFAULT_LOCALS_NAME; * Promise implementation -- defaults to the native implementation if available * This is mostly just for testability * + * NOTE: Since we ejs.js is being used through Snark.js, which is used inside CryptKeeper ZK Browser Extension. + * We faced this error: + * ``` + * Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' + * is not an allowed source of script in the following Content Security Policy directive: + * "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules' http://localhost:* http://127.0.0.1:*". + * ``` + * Therefore, according to this issue: https://github.com/mde/ejs/issues/468 + * We forked the main ejs to adjust this line with this suggested solution: https://github.com/facebook/regenerator/issues/336#issuecomment-355832435 + * * @type {PromiseConstructorLike} * @public */ - -exports.promiseImpl = (new Function('return this;'))().Promise; +var g = (function() { return this ? this : typeof self !== 'undefined' ? self : undefined})() || Function("return this")(); /** * Get the path to the included file from the parent file path and the diff --git a/package-lock.json b/package-lock.json index a953e279..b633fd61 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "ejs", - "version": "3.1.8", + "version": "3.1.9", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "ejs", - "version": "3.1.8", + "version": "3.1.9", "license": "Apache-2.0", "dependencies": { "jake": "^10.8.5" diff --git a/package.json b/package.json index a02fc089..68f6d945 100644 --- a/package.json +++ b/package.json @@ -1,5 +1,5 @@ { - "name": "ejs", + "name": "@cryptkeeperzk/ejs", "description": "Embedded JavaScript templates", "keywords": [ "template",