__mf incorrectly re-parses output as Mustache #544
Description
One would expect this call to be safe, even if name is user-provided:
i18n.__mf('Hello, {name}!', {name})But instead, __mf unexpectedly reinterprets the value of name as Mustache template code. This means, for example, the user can crash it by providing a weird name:
> i18n = require('i18n'); i18n.configure({directory: 'locales'})
undefined
> name = '{{{}}'
'{{{}}'
> i18n.__mf('Hello, {name}!', {name})
Uncaught Error: Unclosed tag at 13
at parseTemplate (/tmp/node_modules/.pnpm/mustache@4.2.0/node_modules/mustache/mustache.js:217:15)
at Writer.parse (/tmp/node_modules/.pnpm/mustache@4.2.0/node_modules/mustache/mustache.js:523:16)
at Writer.render (/tmp/node_modules/.pnpm/mustache@4.2.0/node_modules/mustache/mustache.js:554:23)
at Object.render (/tmp/node_modules/.pnpm/mustache@4.2.0/node_modules/mustache/mustache.js:758:26)
at postProcess (/tmp/node_modules/.pnpm/i18n@0.15.3/node_modules/i18n/i18n.js:630:22)
at Object.i18nMessageformat [as __mf] (/tmp/node_modules/.pnpm/i18n@0.15.3/node_modules/i18n/i18n.js:348:12)