[Snyk] Upgrade winston from 2.4.5 to 3.5.0 #140

snyk-bot · 2022-01-29T17:23:31Z

Snyk has created this PR to upgrade winston from 2.4.5 to 3.5.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 19 versions ahead of your current version.
The recommended version was released 2 days ago, on 2022-01-27.

Release notes

Package name: winston

3.5.0 - 2022-01-27
This release includes the following, in sequence by first merge in group:

Feature updates:
- Support batch mode in HTTP Transport (Issue #1970, PR #1998, thanks @ BBE78!)
Patch-level updates:
- Bump dependency versions (thanks @ dependabot & @ DABH!)
  - Bump @ types/node from 16.11.12 to 17.0.8 (PR #2009)
  - Bump @ babel/preset-env from 7.16.7 to 7.16.8 (#2036)
  - Bump @ types/node from 17.0.8 to 17.0.9 (#2035)
  - Bump @ babel/cli from 7.16.7 to 7.16.8 (#2034)
  - Bump @ types/node from 17.0.9 to 17.0.10 (#2042)
  - Bump @ babel/core from 7.16.7 to 7.16.12 (#2041)
  - Bump @ babel/preset-env from 7.16.8 to 7.16.11 (#2040)
- Fixing documentation syntax errors in transports code examples (#1916; thanks @ romanzaycev!)
- Fix missing type declarations, especially for .rejections (#1842, #1929, #2021; thanks @ vanflux, @ svaj, @ glensc, & others!)
- More narrowly typing the “level” string (#1896, thanks @ yonas-g!)
- Using a safer stringify, e.g. to avoid issues from circular structures, in the http transport (#2043, thanks @ karlwir!)
Updates to the repo & project which don’t actually affect the running code:
- Add a channel for reporting security vulnerabilities (#2024, thanks @ JamieSlome!)
- Add coverage tracking in CI & documentation (#2025 and #2028, thanks @ fearphage!)
- Update issue templates (#2030 and #2031, thanks @ Maverick1872!)
- Remove gitter link from README.md (#2027, thanks @ DABH!)
Thanks also to maintainers @ DABH, @ fearphage, @ Maverick1872, and @ wbt for issue/PR shepherding and help across multiple parts of the release!

If somebody got missed in the list of thanks, please forgive the accidental oversight and/or feel free to open a PR on the changelog.
3.4.0 - 2022-01-10
v3.4.0 / 2022-01-10

Yesterday's release was done with a higher sense of urgency than usual due to vandalism in the colors package. This release:
- ties up a loose end by including [#1973] to go with [#1824]
- adds a missing http property in NpmConfigSetColors [#2004] (thanks @ SimDaSong)
- fixes a minor issue in the build/release process [#2014]
- pins the version of the testing framework to avoid an issue with a test incorrectly failing [#2017]
The biggest change in this release, motivating the feature-level update, is [#2006] Make winston more ESM friendly, thanks to @ miguelcobain.

Thanks also to @ DABH, @ wbt, and @ fearphage for contributions and reviews!
3.3.4 - 2022-01-10
Compared to v3.3.3, this version fixes some issues and includes some updates to project infrastructure,
such as replacing Travis with Github CI and dependabot configuration.
There have also been several relatively minor improvements to documentation, and incorporation of some updated dependencies.
Dependency updates include a critical bug fix [#2008] in response to self-vandalism by the author of a dependency.
- [#1964] Added documentation for how to use a new externally maintained Seq transport.
- [#1712] Add default metadata when calling log with string level and message.
- [#1824] Unbind event listeners on close
- [#1961] Handle undefined rejections
- [#1878] Correct boolean evaluation of empty-string value for eol option
- [#1977] Improved consistency of object parameters for better test reliability
3.3.3 - 2020-06-23
- Prepare for 3.3.3 c416e3a
- revert Fix bugs in type (#1807) (#1820) 35b0774
- Fix issue #1817 (#1819) bc6f681
v3.3.2...v3.3.3
3.3.2 - 2020-06-22
- [#1814] Use fork of diagnostics on NPM to avoid making Docker images require git 0752614
v3.3.1...v3.3.2
3.3.1 - 2020-06-22
Read more
3.3.0 - 2020-06-21
Read more
3.2.1 - 2019-01-29
Version 3.2.1
3.2.0 - 2019-01-26
Version 3.2.0
3.1.0 - 2018-09-04
3.0.1 - 2018-09-04
3.0.0 - 2018-06-12
3.0.0-rc6 - 2018-05-30
3.0.0-rc5 - 2018-04-20
3.0.0-rc4 - 2018-04-06
3.0.0-rc3 - 2018-03-16
3.0.0-rc2 - 2018-03-09
3.0.0-rc1 - 2017-10-19
3.0.0-rc0 - 2017-10-02
2.4.5 - 2020-06-22
2.4.5