New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade winston from 3.3.3 to 3.3.4 #8

Open

snyk-bot wants to merge 1 commit into main from snyk-upgrade-99e06ea3fed8e38bb0c9124fd45b75cf

snyk-bot commented Jan 31, 2022

Snyk has created this PR to upgrade winston from 3.3.3 to 3.3.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released 21 days ago, on 2022-01-10.

Release notes

Package name: winston

3.3.4 - 2022-01-10
Compared to v3.3.3, this version fixes some issues and includes some updates to project infrastructure,
such as replacing Travis with Github CI and dependabot configuration.
There have also been several relatively minor improvements to documentation, and incorporation of some updated dependencies.
Dependency updates include a critical bug fix [#2008] in response to self-vandalism by the author of a dependency.
- [#1964] Added documentation for how to use a new externally maintained Seq transport.
- [#1712] Add default metadata when calling log with string level and message.
- [#1824] Unbind event listeners on close
- [#1961] Handle undefined rejections
- [#1878] Correct boolean evaluation of empty-string value for eol option
- [#1977] Improved consistency of object parameters for better test reliability
3.3.3 - 2020-06-23
- Prepare for 3.3.3 c416e3a
- revert Fix bugs in type (#1807) (#1820) 35b0774
- Fix issue #1817 (#1819) bc6f681
v3.3.2...v3.3.3

from winston GitHub release notes

Commit messages

Package name: winston

038ae23 fix all high-severity vulnerabilities from npm audit
7467d0a v3.3.4
05bda20 Pin colors package to 1.4.0 due to Security Vuln (Decompile puts storage account containers in wrong storage account Azure/bicep#2008)
65ab472 Update logform in package.json per Completion type-through not working for discriminator field Azure/bicep#1952
36586d3 Bump winston-transport from 4.4.0 to 4.4.1 (Cannot add consumer group to iot hub Azure/bicep#1997)
310de77 Bump @ babel/preset-env from 7.16.4 to 7.16.5 (msbuild task and cli nugets Azure/bicep#1992)
de611c1 Bump is-stream from 2.0.0 to 2.0.1 (Flow dependsOn detection through 'existing' resource definitions Azure/bicep#1991)
b9fbeb2 Bump @ babel/core from 7.16.0 to 7.16.5 (Decompiler should support *.properties.templateLink.relativePath Azure/bicep#1990)
c4f24e9 Bump @ babel/cli from 7.10.3 to 7.16.0
0f8cf59 Bump through2 from 3.0.1 to 4.0.2 (DependsOn detection does not flow through existing resource definitions Azure/bicep#1986)
1a3ff33 Remove AppVeyor (Bump @typescript-eslint/eslint-plugin from 4.18.0 to 4.19.0 in /src/vscode-bicep Azure/bicep#1975)
77ea34c Bump @ babel/preset-env from 7.10.3 to 7.16.4 (Wrong string interpolation syntax in cosmosdb example Azure/bicep#1982)
2a476b0 Bump @ types/node from 14.0.13 to 16.11.12 (Bump copy-webpack-plugin from 8.0.0 to 8.1.0 in /src/playground Azure/bicep#1979)
2b9c32e Bump split2 from 3.1.1 to 4.1.0 (Bump webpack from 5.27.1 to 5.27.2 in /src/playground Azure/bicep#1980)
f18abad Bump assume from 2.2.0 to 2.3.0
7ea4381 fixed inconsistent tests (Bump webpack from 5.27.1 to 5.27.2 in /src/vscode-bicep Azure/bicep#1977)
64cde03 Bump async from 3.2.0 to 3.2.2 (Bump vscode-azureextensionui from 0.39.6 to 0.39.7 in /src/vscode-bicep Azure/bicep#1978)
bf9f335 added dependabot config (Bump @typescript-eslint/parser from 4.18.0 to 4.19.0 in /src/vscode-bicep Azure/bicep#1976)
923e534 Replaced TravisCI with GitHub Actions (Bump semver from 7.3.4 to 7.3.5 in /src/vscode-bicep Azure/bicep#1974)
e9d8018 Added Seq transport (Implemented template generator metadata for modules Azure/bicep#1964)
a584db3 fix(transport): eol='' not work (Add documentation on updating baselines via GH Action Azure/bicep#1878)
2299d19 fix: handle undefined rejections
4572c2a Small documentation fix
39cec7f fix a typo

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs


          fix: upgrade winston from 3.3.3 to 3.3.4

1f2b50a

Snyk has created this PR to upgrade winston from 3.3.3 to 3.3.4.

See this package in npm:
https://www.npmjs.com/package/winston

See this project in Snyk:
https://app.snyk.io/org/manny27nyc/project/2870688f-bbbb-48e0-8fa0-86f109fbb403?utm_source=github&utm_medium=referral&page=upgrade-pr

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet