Skip to content

chore(deps): bump vue3-gettext from 2.4.0 to 4.0.1#488

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/vue3-gettext-4.0.1
Open

chore(deps): bump vue3-gettext from 2.4.0 to 4.0.1#488
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/vue3-gettext-4.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown
Contributor

Bumps vue3-gettext from 2.4.0 to 4.0.1.

Release notes

Sourced from vue3-gettext's releases.

v4.0.1

Fixes

v4.0.0

What's Changed

Fixes

Chore

v4.0.0-beta.1

BREAKING CHANGES 💣

  • Message-IDs are not trimmed anymore, line endings are normalized from CRLF to LF. Rel: #60
    • This was a remnant of older versions, it's unnecessary now that we don't extract messages from HTML tags anymore.

Enhancements ✨

  • Add locations output option to not output source locations in pot/po files by @​remhentiebra in #67

Fixes

v4.0.0-alpha.8

Fixes

  • Augment global types in @vue/runtime-core as well as vue
    • One works in some project while the other works in others, despite using the same vue/typescript/vue-tsc versions, I do not know why.

v4.0.0-alpha.7

What's Changed

Fixes

  • Replace backslashes in paths to fix extraction on Windows (see Windows section in glob)
  • Make tokenizer more robust when dealing with random string delimiters

v4.0.0-alpha.6

What's Changed

Breaking Changes

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 28, 2026
@kw-security

kw-security commented Jun 28, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@LukasHirt LukasHirt left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

First needs to be updated in web

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/vue3-gettext-4.0.1 branch 2 times, most recently from 2d0d665 to c65e767 Compare June 29, 2026 17:50
Bumps [vue3-gettext](https://github.com/jshmrtn/vue3-gettext) from 2.4.0 to 4.0.1.
- [Release notes](https://github.com/jshmrtn/vue3-gettext/releases)
- [Commits](jshmrtn/vue3-gettext@v2.4.0...v4.0.1)

---
updated-dependencies:
- dependency-name: vue3-gettext
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/vue3-gettext-4.0.1 branch from c65e767 to 35f5695 Compare July 7, 2026 13:39
@dependabot dependabot Bot requested a review from a team as a code owner July 7, 2026 13:39

@dj4oC dj4oC left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bumps vue3-gettext ^2.4.0^4.0.1 (skipping v3) across the whole workspace — a real runtime dependency (i18n), not dev tooling.

Findings

Stability (blocking, verified by actually running the suite) — corroborates @LukasHirt's existing review ("First needs to be updated in web"). Checked out this branch, ran pnpm install --frozen-lockfile (clean) and pnpm check:types (clean, all 20 packages), then pnpm -r --no-bail test:unit across the whole workspace. Result: 9 of 20 packages fail, all with the same root cause —

Error: Failed to inject gettext. Make sure vue3-gettext is set up properly.

Affected: web-app-ai-doc-summary, web-app-ai-folder-brief-sidebar, web-app-ai-image-alt-text-sidebar, web-app-ai-sensitive-data-scanner, web-app-cast, web-app-draw-io, web-app-importer, web-app-json-viewer, web-app-unzip (dozens of individual test cases each). This matches the human review's note: the test-mount helper (@ownclouders/web-test-helpers's defaultPlugins(), which lives in the sibling owncloud/web repo) still registers vue3-gettext the v2 way, and v4's plugin registration/injection-key contract has changed enough that useGettext() can no longer find its injection in these components' test mounts. check:types and build both pass because the breakage is purely at plugin-registration/runtime-injection time, not type-level.

Security / Performance. No concerns beyond the above — nothing in the bump itself looks unsafe.

Test coverage. N/A (dependency bump); the existing suite is exactly what caught this.

Deployment topology check

N/A — client-side web extension bundle only.

Verdict

Changes requested — same conclusion as the existing human review, now with concrete failure data: this needs the web-pkg/web-test-helpers side (in owncloud/web) updated for vue3-gettext v4's plugin API before this bump can land here; today it breaks runtime useGettext() injection in 9 of 20 packages.

🤖 Automated review by Claude Code (security · stability · performance · coverage)


Generated by Claude Code

@dj4oC dj4oC left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Investigated the red check-tests-passed job (failing since 2026-07-07, not yet reviewed by this bot).

Findings

  • Stability (blocking, wide-reaching): vue3-gettext 2.4.0→4.0.1 is a major bump with a breaking plugin-injection API change. Confirmed failure in web-app-draw-io:
    Error: Failed to inject gettext. Make sure vue3-gettext is set up properly.
    ❯ useGettext .../vue3-gettext@4.0.1/dist/index.js:141:22
    
    The check_runs for this PR show the same test (...) job failing across at least 10 of the 21 workspace packages (draw-io, ai-data-insights-sidebar, ai-sensitive-data-scanner, ai-doc-summary, ai-folder-brief-sidebar, ai-image-alt-text-sidebar, unzip, importer, json-viewer, cast), all sharing the same "vue3-gettext not set up" symptom — this is a systemic test-harness break, not an isolated bug.
    Root cause: v4 changed how the gettext plugin registers itself on the Vue app instance; @ownclouders/web-test-helpers' shared mount/plugin setup (used across these packages' unit tests) still targets v2's injection contract.
  • This is not a one-line fix — it requires updating the shared test-helper's gettext plugin wiring for v4's API and verifying it across every affected package.

Test coverage

n/a — dependency bump; blocked from validating anything until the harness is fixed.

Verdict

Changes requested (blocked on CI) — recommend this major bump be pulled out of Dependabot's default flow into a tracked migration PR that updates @ownclouders/web-test-helpers' vue3-gettext wiring, rather than merged as a routine dependency bump.

🤖 Automated review by Claude Code (security · stability · performance · coverage)


Generated by Claude Code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants