[Snyk] Upgrade winston from 2.2.0 to 3.8.1

[snyk-bot]

Snyk has created this PR to upgrade winston from 2.2.0 to 3.8.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 34 versions ahead of your current version.
• The recommended version was released 3 months ago, on 2022-06-30.

Release notes

Package name: winston

• 3.8.1 - 2022-06-30
  

  Patch-level changes

  • Update types to match in-code definitions in #2157; thanks to new contributor @ flappyBug

  Dependency updates by @ dependabot + CI autotesting

  • Bump logform from 2.4.0 to 2.4.1 in #2156
  • Bump async from 3.2.3 to 3.2.4 in #2147

  Full Changelog: v3.8.0...v3.8.1

• 3.8.0 - 2022-06-23
  

  Added functionality

  • Add the stringify replacer option to the HTTP transport by @ domiins in #2155

  Dependency updates by @ dependabot + CI autotesting

  • Bump @ babel/core from 7.17.8 to 7.18.5
  • Bump eslint from 8.12.0 to 8.18.0
  • Bump @ types/node from 17.0.23 to 18.0.0
  • Bump @ babel/preset-env from 7.16.11 to 7.18.2
  • Bump @ babel/cli from 7.17.6 to 7.17.10

  Updates facilitating repo maintenance & enhancing documentation

  • Explicitly note that the Contirbuting.md file is out of date
  • Add instructions for publishing updated version by @ wbt (docs/publishing.md)
  • Prettier Config File by @ jeanpierrecarvalho in #2092
  • Readme update to explain origin of errors for handling (#2120)
  • update documentation for #2114 by @ zizifn in #2138
  • enhance message for logs with no transports #2114 by @ zizifn in #2139
  • Added a new Community Transport option to the list: Worker Thread based async Console Transport by @ arpad1337 in #2140

  New Contributors

  • @ zizifn made their first contribution in #2138
  • @ arpad1337 made their first contribution in #2140
  • @ domiins made their first contribution in #2155
  • made their first contribution in #2092

  Full Changelog: v3.7.2...v3.8.0

• 3.7.2 - 2022-04-04
  

  What's Changed

  • Revert for #2103 in #2104

  Full Changelog: v3.7.1...v3.7.2

  The release announcement on GitHub is 24 days behind the NPM release in this case, sorry for the confusion!

• 3.7.1 - 2022-04-04
  

  This change includes some minor updates to package-lock.json resolving npm audit failures: one in ansi-regex and another in minimist.

  Full Changelog: v3.7.0...v3.7.1

• 3.6.0 - 2022-02-12
  
  • Changelog updates for v3.6.0 5e72485
  • Update dependencies, including latest logform (#2071) 93077ef
  • Update to @ colors/colors (#2069) 035f94a
  • Bump @ babel/core from 7.16.12 to 7.17.2 (#2068) 7665d88
  • Bump @ babel/cli from 7.16.8 to 7.17.0 (#2064) e658389
  • chore: add editorconfig (#2058) 30d260d
  • Add search terms field to bug report template (#2067) 40ef309
  • Bump @ types/node from 17.0.13 to 17.0.15 (#2062) c9b7579
  • Chore: Organize and restructure tests (#2049) 2b8cd55
  • Bump to latest winston-transport 2017c50
  • Memory leak fix: do not wait for process.nextTick to clear pending callbacks (#2057) f741383
  • Update linter dependencies and config (#2059) 438cb73
  • Bump @ types/node from 17.0.10 to 17.0.13 (#2051) 7f6a6f2

  v3.5.1...v3.6.0

• 3.5.1 - 2022-01-31
  

  This release reverts the changes made in PR #1896 which added stricter typing to the available log levels,
  and inadvertently broke use of custom levels with TypeScript (Issue #2047). Apologies for that!

• 3.5.0 - 2022-01-27
  Read more
• 3.4.0 - 2022-01-10
• 3.3.4 - 2022-01-10
  

  Version 3.3.4

• 3.3.3 - 2020-06-23
• 3.3.2 - 2020-06-22
• 3.3.1 - 2020-06-22
• 3.3.0 - 2020-06-21
• 3.2.1 - 2019-01-29
• 3.2.0 - 2019-01-26
• 3.1.0 - 2018-09-04
• 3.0.1 - 2018-09-04
• 3.0.0 - 2018-06-12
• 3.0.0-rc6 - 2018-05-30
• 3.0.0-rc5 - 2018-04-20
• 3.0.0-rc4 - 2018-04-06
• 3.0.0-rc3 - 2018-03-16
• 3.0.0-rc2 - 2018-03-09
• 3.0.0-rc1 - 2017-10-19
• 3.0.0-rc0 - 2017-10-02
• 2.4.6 - 2022-04-28
  

  This updates a dependency to address https://security.snyk.io/vuln/SNYK-JS-ASYNC-2441827. See #2112 by @bacali95.

• 2.4.5 - 2020-06-22
• 2.4.4 - 2018-08-21
• 2.4.3 - 2018-06-12
• 2.4.2 - 2018-04-20
• 2.4.1 - 2018-03-09
• 2.4.0 - 2017-10-02
• 2.3.1 - 2017-01-20
• 2.3.0 - 2016-11-02
• 2.2.0 - 2016-02-25

from winston GitHub release notes

Commit messages

Package name: winston

• 3998df0 v3.8.1 docs
• 013799c Bump async from 3.2.3 to 3.2.4
• 6217120 Replace `new` with `constructor`
• afd389a Change interface to class in exported types
• b892de9 Bump logform from 2.4.0 to 2.4.1
• 5658ec3 Note 2nd place for version # update
• 70ffba6 Another update of package #
• 38c1c46 Update changelog & version # 3.8.0
• 7b1917e Update publishing steps for easier drafting
• 6e27faa Prettier Config File
• 063cea2 Bump @ types/node from 17.0.42 to 18.0.0
• 95a6a2f Bump eslint from 8.17.0 to 8.18.0
• 355650e Add the replacer option to the HTTP transport
• 440babc Added a new Community Transport option to the list (#2140)
• f707f33 enhance message for logs with no transports #2114 (#2139)
• d2a1356 Bump @ types/node from 17.0.36 to 17.0.42 (#2148)
• 9c286c0 Bump eslint from 8.14.0 to 8.17.0 (#2145)
• 91fac0a Bump @ babel/core from 7.18.2 to 7.18.5 (#2149)
• e656e70 Bump @ babel/cli from 7.17.6 to 7.17.10 (#2129)
• 22680a7 Bump @ types/node from 17.0.27 to 17.0.36 (#2142)
• 51d90e4 Bump @ babel/preset-env from 7.16.11 to 7.18.2 (#2141)
• 500434b Bump @ babel/core from 7.17.9 to 7.18.2 (#2143)
• 222c863 update documentation for #2114 (#2138)
• 029a202 Bump @ types/node from 17.0.25 to 17.0.27 (#2119)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs