i18ntk 2.3.8 → 2.4.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "i18ntk",
-  "version": "2.3.8",
+  "version": "2.4.0",
   "description": "🚀 The fastest internationalization toolkit with 97% performance boost! Zero-dependency, enterprise-grade internationalization for React, Vue, Angular, Python, Java, PHP & more. Features PIN protection, auto framework detection, 7+ UI languages, and comprehensive translation management. Perfect for startups to enterprises.",
   "keywords": [
     "i18n",
@@ -224,9 +224,9 @@
   },
   "preferGlobal": true,
   "versionInfo": {
-    "version": "2.3.8",
-    "releaseDate": "13/04/2026",
-    "lastUpdated": "13/04/2026",
+    "version": "2.4.0",
+    "releaseDate": "16/04/2026",
+    "lastUpdated": "16/04/2026",
     "maintainer": "Vlad Noskov",
     "changelog": "./CHANGELOG.md",
     "documentation": "./README.md",
@@ -241,12 +241,12 @@
       "SECURITY: Hardened release checks and added explicit support guidance to update from pre-2.3.5 versions.",
       "CONFIG: Added cross-process file locking for .i18ntk-config writes to prevent production rename races.",
       "CONFIG: Made autosave runtime-safe with non-throwing save failures and I18NTK_DISABLE_AUTOSAVE support.",
-      "SECURITY: Hardened reset/backup path handling and made npm update checks explicit opt-in.",
-      "CLI: Added npm registry version check with upgrade warning for out-of-date installs.",
+      "SECURITY: Hardened reset/backup path handling and disabled manager backup-route execution in current builds.",
+      "CLI: Removed npm registry startup update checks to eliminate outbound network calls in scanner-restricted environments.",
       "I18N: Completed internal UI locale parity and actionable untranslated-key cleanup across supported languages."
     ],
     "breakingChanges": [],
-    "nextVersion": "2.4.0",
+    "nextVersion": "2.4.1",
     "supportedNodeVersions": ">=16.0.0",
     "supportedFrameworks": {
       "react-i18next": ">=11.0.0",
@@ -268,7 +268,7 @@
       "spring-boot": ">=2.5.0",
       "laravel": ">=8.0.0"
     },
-    "supportPolicy": "Versions earlier than 2.3.8 may be unstable or insecure. Upgrade to 2.3.8 or newer."
+    "supportPolicy": "Versions earlier than 2.4.0 may be unstable or insecure. Upgrade to 2.4.0 or newer."
   },
   "_comment": "This package is zero-dependency and uses only native Node.js modules"
 }

package/utils/npm-version-warning.js

@@ -1,147 +1,18 @@
-const https = require('https');
-const { compareVersions } = require('./version-utils');
+'use strict';
 
-const DEFAULT_TIMEOUT_MS = 1800;
-const NPM_REGISTRY_BASE = 'https://registry.npmjs.org';
+/**
+ * Update checks were intentionally removed to avoid outbound network access
+ * during CLI startup and to reduce scanner noise in restricted environments.
+ *
+ * We keep the same exported API for backwards compatibility.
+ */
 
-function isSemverLike(version) {
-  return typeof version === 'string' && /^\d+\.\d+\.\d+([-.][0-9A-Za-z.-]+)?$/.test(version.trim());
+async function checkNpmOutdated() {
+  return null;
 }
 
-function fetchPackageMetadata(packageName, timeoutMs = DEFAULT_TIMEOUT_MS) {
-  const safePackageName = encodeURIComponent(packageName);
-  const requestUrl = `${NPM_REGISTRY_BASE}/${safePackageName}`;
-
-  return new Promise((resolve) => {
-    let settled = false;
-
-    const finish = (value) => {
-      if (!settled) {
-        settled = true;
-        resolve(value);
-      }
-    };
-
-    const req = https.get(
-      requestUrl,
-      {
-        timeout: timeoutMs,
-        headers: {
-          Accept: 'application/json',
-          'User-Agent': 'i18ntk-version-check'
-        }
-      },
-      (res) => {
-        if (res.statusCode !== 200) {
-          res.resume();
-          finish(null);
-          return;
-        }
-
-        let raw = '';
-        res.on('data', (chunk) => {
-          raw += chunk;
-        });
-        res.on('end', () => {
-          try {
-            finish(JSON.parse(raw));
-          } catch {
-            finish(null);
-          }
-        });
-      }
-    );
-
-    req.on('timeout', () => {
-      req.destroy();
-      finish(null);
-    });
-    req.on('error', () => finish(null));
-  });
-}
-
-function getOutdatedStatus(currentVersion, metadata) {
-  if (!isSemverLike(currentVersion) || !metadata || !metadata.versions) {
-    return null;
-  }
-
-  const distTags = metadata['dist-tags'] || {};
-  const taggedLatest = distTags.latest;
-  const allPublishedVersions = Object.keys(metadata.versions).filter(isSemverLike);
-
-  if (allPublishedVersions.length === 0) {
-    return null;
-  }
-
-  const latestVersion = isSemverLike(taggedLatest)
-    ? taggedLatest
-    : allPublishedVersions.sort(compareVersions).at(-1);
-
-  if (!latestVersion || !isSemverLike(latestVersion)) {
-    return null;
-  }
-
-  const currentMeta = metadata.versions[currentVersion] || null;
-  const isCurrentDeprecated = Boolean(currentMeta && currentMeta.deprecated);
-  const isOutdated = compareVersions(currentVersion, latestVersion) < 0;
-
-  const newerStableVersions = allPublishedVersions.filter((version) => (
-    compareVersions(version, currentVersion) > 0 &&
-    compareVersions(version, latestVersion) <= 0
-  ));
-
-  return {
-    latestVersion,
-    isOutdated,
-    isCurrentDeprecated,
-    newerStableCount: newerStableVersions.length
-  };
-}
-
-async function checkNpmOutdated({ packageName, currentVersion, timeoutMs = DEFAULT_TIMEOUT_MS }) {
-  const metadata = await fetchPackageMetadata(packageName, timeoutMs);
-  return getOutdatedStatus(currentVersion, metadata);
-}
-
-async function printUpgradeWarningIfOutdated({
-  packageName,
-  currentVersion,
-  timeoutMs = DEFAULT_TIMEOUT_MS
-}) {
-  const enabled = String(process.env.I18NTK_ENABLE_UPDATE_CHECK || '').toLowerCase();
-  if (!(enabled === '1' || enabled === 'true' || enabled === 'yes')) {
-    return;
-  }
-
-  if (process.env.I18NTK_DISABLE_UPDATE_CHECK === 'true') {
-    return;
-  }
-
-  const status = await checkNpmOutdated({ packageName, currentVersion, timeoutMs });
-  if (!status) {
-    return;
-  }
-
-  if (status.isCurrentDeprecated) {
-    console.warn(
-      `\n⚠️  Installed ${packageName}@${currentVersion} is deprecated on npm. ` +
-      `Upgrade to ${packageName}@${status.latestVersion}:\n` +
-      `   npm install -g ${packageName}@latest`
-    );
-    return;
-  }
-
-  if (status.isOutdated) {
-    const suffix = status.newerStableCount === 1 ? '' : 's';
-    console.warn(
-      `\n⚠️  Update available for ${packageName}: ${currentVersion} -> ${status.latestVersion} ` +
-      `(${status.newerStableCount} newer release${suffix}).\n` +
-      `   Run: npm install -g ${packageName}@latest`
-    );
-  }
+async function printUpgradeWarningIfOutdated() {
+  return;
 }
 
-module.exports = {
-  checkNpmOutdated,
-  printUpgradeWarningIfOutdated
-};
+module.exports = { checkNpmOutdated, printUpgradeWarningIfOutdated };