This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade i18n from 0.11.1 to 0.14.2.

![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=i18n&from_version=0.11.1&to_version=0.14.2&pr_id=cb771964-43f9-4755-96b2-e93d22d84134&visibility=true&has_feature_flag=false) :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

- The recommended version is **9 versions** ahead of your current version. - The recommended version was released **2 months ago**, on 2022-03-05.

Release notes

Package name: i18n

0.14.2 - 2022-03-05
Fixed

Fixes #493 - using i18n with a combination of retry and sync settings lead to a 'Maximum call stack size exceeded' exception due to an infinite loop while writing phrases to all locale files.
```
const i18n = new I18n({
    // [...]
    retryInDefaultLocale: true,
    syncFiles: true,
})
```
0.14.1 - 2022-01-30
Fixed
- upgrade all dev dependencies without breaking changes
- upgrade all dependencies without breaking changes
This also updates to mocha 9.2.0 (mochajs/mocha#4814) which fixes GHSA-qrpm-p2h7-hrv2
0.14.0 - 2022-01-23
Changed
- replaces sprintf-js with fast-printf #453
- replaces deprecated messageformat with @ messageformat/core #472
- drops node support <10
- local dev defaults to node 16
0.13.4 - 2021-12-29
Fixed
- upgrade all dev dependencies without breaking changes
- upgrade all dependencies without breaking changes
see aa60ac7, 3139881 and 4e6963f for details

Added
- test directory traversal (#486)
0.13.3 - 2021-05-08
Fixed
- upgrade transitive dev dependency of eslint, mocha, zombie to lodash@4.17.21
- upgrade transitive dev dependency of zombie to url-parse@1.5.1
- upgrade transitive dev dependency of eslint-plugin-import to hosted-git-info@2.8.9
0.13.2 - 2020-08-21
Fixed
- moved devDeps from dependencies to devDependencies #446
- removed unused packages from all dependencies
0.13.1 - 2020-08-20
Fixed
- npx npm-force-resolutions failed #445
Details

A preinstall script was added to force resolving specific versions of lodash and ajv. Those are sub-dependencies of zombie and its packages. Zombie is devDependency of i18n. But zombie still refers to older versions reported to vulnerable - so I decided to force fixed versions.

Of course that preinstall should count on any npm install i18n, it's renamed to force-resolutions so I can still resolve audit issues in dev while also supporting clean installs.
```
"scripts": {
  "preinstall": "npx npm-force-resolutions"
}
```
now reads as
```
"scripts": {
  "force-resolutions": "npx npm-force-resolutions"
}
```
And doesn't get triggered by npm install.
0.13.0 - 2020-08-20
Added
- new option retryInDefaultLocale as proposed by PR #206
- new option header as proposed by PRs #390 and #407
- pre-commit hooks to ensure code-style (even on contributions)
Fixed
- typos in README
Changed
- tooling: eslint with standard.js & prettier presets replaces jshint

0.12.0 - 2020-08-16

Added

backward compatible default to singleton with const i18n = require('i18n')
create an instance of i18n by const i18n = new I18n()

Example:

/**
 * require I18n with capital I as constructor
 */
const { I18n } = require("i18n");

/**
 * create a new instance with it's configuration
 */
const i18n = new I18n({
    locales:['en', 'de'],
    directory: __dirname + '/locales'
});

0.11.1 - 2020-08-04

Fixed

dependabot bumbed minimist

Minimist is a sub-dependency of mocha and messageformat:

$ npm ls minimist
i18n@0.11.0 
├─┬ messageformat@2.3.0
│ └─┬ make-plural@4.3.0
│   └── minimist@1.2.5
└─┬ mocha@7.1.2
  └─┬ mkdirp@0.5.5
    └── minimist@1.2.5  deduped

from i18n GitHub release notes

Commit messages

Package name: i18n

1d956f3 fix #493 (call stack bug) & tests
388642f Merge pull request #492 from mashpie/dependabot/npm_and_yarn/url-parse-1.5.10
bf5525f Bump url-parse from 1.5.7 to 1.5.10
ce26074 Merge pull request #491 from mashpie/dependabot/npm_and_yarn/url-parse-1.5.7
c9e4742 Bump url-parse from 1.5.3 to 1.5.7
769b804 Merge tag '0.14.1'
3dcc53b Merge branch 'release/0.14.1' into npm
2c90fc4 pkg updates
995392d version bump
02dd49d tests: use arrow function
fa50268 eslint refactor var -> const,let
abb05ec refactor to arrow functions
5855724 drop node support < 10
9e6559a Merge branch 'gajus-master'
234b94b (re-)added tests fast-printf #453
ef5675c Merge branch 'master' of git://github.com/gajus/i18n-node into gajus-master
2461a97 typo
737b67d refactored test to cover mf plurals
42f12d3 Merge branch 'calmonr-fix-messageformat'
0faeee0 Merge branch 'fix-messageformat' of https://github.com/calmonr/i18n-node into calmonr-fix-messageformat
6018b9f Merge tag '0.13.4'
9683cc6 Merge branch 'release/0.13.4' into npm
bdce606 v0.13.4
4e6963f upgrade tested

Compare

**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/mmboldori/project/cdf6dd02-46f7-4805-9b0f-f8f6aa5f2dfd?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/mmboldori/project/cdf6dd02-46f7-4805-9b0f-f8f6aa5f2dfd/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/mmboldori/project/cdf6dd02-46f7-4805-9b0f-f8f6aa5f2dfd/settings/integration?pkg=i18n&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)