[Snyk] Upgrade i18n from 0.11.1 to 0.15.3

[Sameer515]

Snyk has created this PR to upgrade i18n from 0.11.1 to 0.15.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 13 versions ahead of your current version.

• The recommended version was released 22 days ago.

---

This upgrade of the i18n (i18n-node) package introduces a significant architectural change starting from version 0.12.0. The library now supports both instance-based and singleton usage patterns, with instances being the new recommended best practice.

Previously, the module was only available as a singleton. The new recommended usage requires a change in how the module is imported and initialized: const { I18n } = require('i18n'). [1]

Recommendation: Review your project's i18n initialization. While the old singleton pattern may still work, it is advisable to adopt the new instance-based setup to align with modern best practices and gain more intuitive control.

Notice 🤖: This content was generated using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

---

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-MESSAGEFORMAT-13109646	146	Proof of Concept

Release notes

Package name: i18n

• 0.15.3 - 2025-10-30
  

  Changed

  • bump @ messageformat/runtime to 3.0.2 which fixes CVE-2025-57353
• 0.15.2 - 2025-09-26
  

  Changed

  • package updates
  • replaces zombie with supertest
  • replaces npm with pnpm
  • local dev defaults to node 24
  • drops node support in CI <18
  • use codecov.io for coverage reporting
• 0.15.1 - 2022-09-22
• 0.15.0 - 2022-05-19
  

  add YAML support by parser config

• 0.14.2 - 2022-03-05
  

  Fixed

  Fixes #493 - using i18n with a combination of retry and sync settings lead to a 'Maximum call stack size exceeded' exception due to an infinite loop while writing phrases to all locale files.

  const i18n = new I18n({
      // [...]
      retryInDefaultLocale: true,
      syncFiles: true,
  })

• 0.14.1 - 2022-01-30
  

  Fixed

  • upgrade all dev dependencies without breaking changes
  • upgrade all dependencies without breaking changes

  This also updates to mocha 9.2.0 (mochajs/mocha#4814) which fixes GHSA-qrpm-p2h7-hrv2

• 0.14.0 - 2022-01-23
  

  Changed

  • replaces sprintf-js with fast-printf #453
  • replaces deprecated messageformat with @ messageformat/core #472
  • drops node support <10
  • local dev defaults to node 16
• 0.13.4 - 2021-12-29
  

  Fixed

  • upgrade all dev dependencies without breaking changes
  • upgrade all dependencies without breaking changes

  see aa60ac7, 3139881 and 4e6963f for details

  Added

  • test directory traversal (#486)
• 0.13.3 - 2021-05-08
  

  Fixed

  • upgrade transitive dev dependency of eslint, mocha, zombie to [email protected]
  • upgrade transitive dev dependency of zombie to [email protected]
  • upgrade transitive dev dependency of eslint-plugin-import to [email protected]
• 0.13.2 - 2020-08-21
  

  Fixed

  • moved devDeps from dependencies to devDependencies #446
  • removed unused packages from all dependencies
• 0.13.1 - 2020-08-20
• 0.13.0 - 2020-08-20
• 0.12.0 - 2020-08-16
• 0.11.1 - 2020-08-04

from i18n GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs