chore(deps): bump the production-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the production-dependencies group with 3 updates in the / directory: i18next-browser-languagedetector, i18next-http-backend and protobufjs.

Updates i18next-browser-languagedetector from 8.2.0 to 8.2.1

Changelog

Sourced from i18next-browser-languagedetector's changelog.

8.2.1

• Add missing typescript definition for hash options 33154

Commits

• 7164126 8.2.1
• 6df69c7 release
• 1ffa1cf Add missing typescript definition for hash options (#315)
• 697d89b Bump js-yaml (#313)
• ce82da9 Bump lodash from 4.17.21 to 4.17.23 (#312)
• d05fe5a fix url in readme
• 9d1d7d2 Bump tmp from 0.2.1 to 0.2.5 (#309)
• 32f0429 Bump cipher-base from 1.0.4 to 1.0.6 (#307)
• 9c0db8f Bump sha.js from 2.4.11 to 2.4.12 (#308)
• 3ad9ac5 Bump pbkdf2 from 3.1.2 to 3.1.3 (#306)
• Additional commits viewable in compare view

Updates i18next-http-backend from 3.0.2 to 3.0.4

Changelog

Sourced from i18next-http-backend's changelog.

3.0.4

• use own interpolation function for loadPath and addPath instead of relying on i18next's interpolator i18next#2420 — this means only {{lng}} and {{ns}} placeholders are supported; custom interpolation prefix/suffix from i18next config no longer applies to backend paths

Commits

• 4dbb485 3.0.4
• 5f33a0c use own interpolation function for loadPath and addPath instead of relying on...
• 681c09d update ci actions
• e63ff16 adjust deno test
• a851965 adjust deno test
• 3a17e37 update next.js example
• 5bd5a5d Bump next from 14.2.32 to 14.2.35 in /example/next (#176)
• 8ba9250 readme fix
• 282b76c Bump next from 14.2.30 to 14.2.32 in /example/next (#172)
• 6b3599d Bump next from 14.2.21 to 14.2.30 in /example/next (#171)
• Additional commits viewable in compare view

Updates protobufjs from 8.0.0 to 8.0.1

Release notes

Sourced from protobufjs's releases.

protobufjs: v8.0.1

8.0.1 (2026-03-11)

Bug Fixes

• bump protobufjs dependency version for cli package (#2128) (549b05e)
• correct json syntax in tsconfig.json (#2120) (8065625)
• descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
• do not allow setting proto in Message constructor (#2126) (f05e3c3)
• filter invalid characters from the type name (#2127) (535df44)

Changelog

Sourced from protobufjs's changelog.

8.0.1 (2026-03-11)

Bug Fixes

• bump protobufjs dependency version for cli package (#2128) (549b05e)
• correct json syntax in tsconfig.json (#2120) (8065625)
• descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
• do not allow setting proto in Message constructor (#2126) (f05e3c3)
• filter invalid characters from the type name (#2127) (535df44)

Commits

• 6559b3d chore: release master (#2129)
• 042f81d chore(deps): update dependency tmp to v0.2.4 [security] (#2091)
• 8065625 fix: correct json syntax in tsconfig.json (#2120)
• 1cac5cf fix(descriptor): guard oneof index for non-Type parents (#2122)
• 549b05e fix: bump protobufjs dependency version for cli package (#2128)
• 535df44 fix: filter invalid characters from the type name (#2127)
• f05e3c3 fix: do not allow setting proto in Message constructor (#2126)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by fenster, a new releaser for protobufjs since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

AI Analysis

Technical Summary:

This pull request updates three production dependencies in the root directory:

1. i18next-browser-languagedetector updated from 8.2.0 to 8.2.1

   • Bugfix and enhancement: Adds missing TypeScript definitions for hash options which improves type safety and developer experience.
   • Contains minor dependency bumps (js-yaml, lodash, tmp, cipher-base, sha.js, pbkdf2), which may include security patches or stability improvements.
   • No breaking API changes reported.

2. i18next-http-backend updated from 3.0.2 to 3.0.4

   • Changes how interpolation is handled for loadPath and addPath by using its own interpolation function instead of i18next's, limiting supported placeholders to {{lng}} and {{ns}}.
   • This may require review of backend URL path configurations

---

This summary was automatically generated by AI to help with triage and may not be 100% accurate.

Suggested Labels: enhancement security

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.