Bump ejs and webpack-bundle-analyzer

[dependabot[bot]]

Bumps ejs to 3.1.8 and updates ancestor dependency webpack-bundle-analyzer. These dependencies need to be updated together.

Updates ejs from 3.1.6 to 3.1.8

Release notes

Sourced from ejs's releases.

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

Commits

• 5126ff5 Version 3.1.8
• 7d5a1c6 Merge branch 'main' of github.com:mde/ejs into main
• 551949d Minor mitigation
• 66f7471 Merge pull request #664 from netcode/patch-1
• 820855a Version 3.1.7
• 076dcb6 Don't use template literal
• faf8b84 Skip test -- error message vary depending on JS runtime
• c028c34 Update packages
• 839ad20 Update SECURITY.md
• c040180 Update README.md
• Additional commits viewable in compare view

Updates webpack-bundle-analyzer from 3.8.0 to 4.7.0

Changelog

Sourced from webpack-bundle-analyzer's changelog.

4.7.0

• New Feature
  • Add the ability to filter to displaying only initial chunks per entrypoint (#519 by @​pas-trop-de-zele)

4.6.1

• Bug Fix
  • fix outputting different URL in cli mode (#524 by @​southorange1228)

4.6.0

• New Feature
  • Support outputting different URL in server mode (#520 by @​southorange1228)
  • Use deterministic chunk colors (#501 by @​CreativeTechGuy)

4.5.0

• Improvement

  • Stop publishing src folder to npm (#478 by @​wood1986)

• Internal

  • Update some dependencies (#448)
  • Replace nightmare with Puppeteer (#469 by @​valscion)
  • Replace Mocha with Jest (#470 by @​valscion)

4.4.2

• Bug Fix
  • Fix failure with compiler.outputFileSystem.constructor being undefined (#447 by @​kedarv and @​alexander-akait)
    • NOTE: This fix doesn't have added test coverage so the fix might break in future versions unless test coverage is added later.

4.4.1

• Bug Fix

  • Fix missing module chunks (#433 by @​deanshub)

• Internal

  • Fix tests timing out in CI (#435 by @​deanshub)
  • Fix command in issue template (#428 by @​cncolder)

4.4.0

• Improvement

  • Keep treemap labels visible during zooming animations for better user experience (#414 by @​stanislawosinski)

• Bug Fix

  • Don't show an empty tooltip when hovering over the FoamTree attribution group or between top-level groups (#413 by @​stanislawosinski)

• Internal

... (truncated)

Commits

• c26eccb v4.7.0
• 8a3d3f0 Add ability to filter to only initial JS by entrypoint (#519)
• 524dc41 Remove david-dm from README (#526)
• c6936d1 Bump terser from 5.3.8 to 5.14.2 in /test/webpack-versions/5.4.0 (#514)
• 5fa5ddc Bump terser from 4.8.0 to 4.8.1 in /test/webpack-versions/4.44.2 (#515)
• 56cf803 Bump terser from 5.7.0 to 5.14.2 (#513)
• f902f10 v4.6.1
• 50a0eca fix: can't setup with cli mode (#524)
• fe7e9e4 v4.6.0
• 7f9972c Update package-lock.json integrity fields
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.