From 0824e8a40e3fcfa660f0f7eded7cbf53d0c38e2e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 26 Sep 2024 09:41:07 +0000 Subject: [PATCH] fix: upgrade winston from 3.13.0 to 3.14.2 Snyk has created this PR to upgrade winston from 3.13.0 to 3.14.2. See this package in npm: winston See this project in Snyk: https://app.snyk.io/org/security-labs/project/e52268f1-2785-4cd0-99cb-29e16ecf0e5d?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 10 +++++----- package.json | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9069b89..83d9b5c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "gunzip-maybe": "^1.4.2", "octokit": "^4.0.2", "tar-stream": "^3.1.7", - "winston": "^3.13.0", + "winston": "^3.14.2", "yaml": "^2.5.1" }, "devDependencies": { @@ -8215,16 +8215,16 @@ } }, "node_modules/winston": { - "version": "3.13.0", - "resolved": "https://registry.npmjs.org/winston/-/winston-3.13.0.tgz", - "integrity": "sha512-rwidmA1w3SE4j0E5MuIufFhyJPBDG7Nu71RkZor1p2+qHvJSZ9GYDA81AyleQcZbh/+V6HjeBdfnTZJm9rSeQQ==", + "version": "3.14.2", + "resolved": "https://registry.npmjs.org/winston/-/winston-3.14.2.tgz", + "integrity": "sha512-CO8cdpBB2yqzEf8v895L+GNKYJiEq8eKlHU38af3snQBQ+sdAIUepjMSguOIJC7ICbzm0ZI+Af2If4vIJrtmOg==", "license": "MIT", "dependencies": { "@colors/colors": "^1.6.0", "@dabh/diagnostics": "^2.0.2", "async": "^3.2.3", "is-stream": "^2.0.0", - "logform": "^2.4.0", + "logform": "^2.6.0", "one-time": "^1.0.0", "readable-stream": "^3.4.0", "safe-stable-stringify": "^2.3.1", diff --git a/package.json b/package.json index c49b462..bf990a6 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ "gunzip-maybe": "^1.4.2", "octokit": "^4.0.2", "tar-stream": "^3.1.7", - "winston": "^3.13.0", + "winston": "^3.14.2", "yaml": "^2.5.1" }, "devDependencies": {