Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade i18n from 0.11.1 to 0.13.3 #5

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade i18n from 0.11.1 to 0.13.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 5 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2021-05-08.
Release notes
Package name: i18n
  • 0.13.3 - 2021-05-08

    Fixed

    • upgrade transitive dev dependency of eslint, mocha, zombie to lodash@4.17.21
    • upgrade transitive dev dependency of zombie to url-parse@1.5.1
    • upgrade transitive dev dependency of eslint-plugin-import to hosted-git-info@2.8.9
  • 0.13.2 - 2020-08-21

    Fixed

    • moved devDeps from dependencies to devDependencies #446
    • removed unused packages from all dependencies
  • 0.13.1 - 2020-08-20

    Fixed

    • npx npm-force-resolutions failed #445

    Details

    A preinstall script was added to force resolving specific versions of lodash and ajv. Those are sub-dependencies of zombie and its packages. Zombie is devDependency of i18n. But zombie still refers to older versions reported to vulnerable - so I decided to force fixed versions.

    Of course that preinstall should count on any npm install i18n, it's renamed to force-resolutions so I can still resolve audit issues in dev while also supporting clean installs.

    "scripts": {
      "preinstall": "npx npm-force-resolutions"
    }

    now reads as

    "scripts": {
      "force-resolutions": "npx npm-force-resolutions"
    }

    And doesn't get triggered by npm install.

  • 0.13.0 - 2020-08-20

    Added

    • new option retryInDefaultLocale as proposed by PR #206
    • new option header as proposed by PRs #390 and #407
    • pre-commit hooks to ensure code-style (even on contributions)

    Fixed

    • typos in README

    Changed

    • tooling: eslint with standard.js & prettier presets replaces jshint
  • 0.12.0 - 2020-08-16

    Added

    • backward compatible default to singleton with const i18n = require('i18n')
    • create an instance of i18n by const i18n = new I18n()

    Example:

    /**
    * require I18n with capital I as constructor
    */
    const { I18n } = require("i18n");

/**
* create a new instance with it's configuration
*/
const i18n = new I18n({
locales:['en', 'de'],
directory: __dirname + '/locales'
});


  • 0.11.1 - 2020-08-04

    Fixed

    • dependabot bumbed minimist

    Minimist is a sub-dependency of mocha and messageformat:

    $ npm ls minimist
    i18n@0.11.0 
    ├─┬ messageformat@2.3.0
    │ └─┬ make-plural@4.3.0
    │   └── minimist@1.2.5
    └─┬ mocha@7.1.2
      └─┬ mkdirp@0.5.5
        └── minimist@1.2.5  deduped
  • from i18n GitHub release notes
    Commit messages
    Package name: i18n

    Compare


    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

    For more information:

    🧐 View latest project report

    🛠 Adjust upgrade PR settings

    🔕 Ignore this dependency or unsubscribe from future upgrade PRs

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Labels
    None yet
    Projects
    None yet
    Development

    Successfully merging this pull request may close these issues.

    1 participant