From 250319d620df63d10002050ea3f3bda80fc9fd51 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 26 Oct 2024 05:35:36 +0000 Subject: [PATCH] fix: upgrade winston from 3.13.0 to 3.15.0 Snyk has created this PR to upgrade winston from 3.13.0 to 3.15.0. See this package in npm: winston See this project in Snyk: https://app.snyk.io/org/security-labs/project/e52268f1-2785-4cd0-99cb-29e16ecf0e5d?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 10 +++++----- package.json | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 9069b89..c2fca70 100644 --- a/package-lock.json +++ b/package-lock.json @@ -15,7 +15,7 @@ "gunzip-maybe": "^1.4.2", "octokit": "^4.0.2", "tar-stream": "^3.1.7", - "winston": "^3.13.0", + "winston": "^3.15.0", "yaml": "^2.5.1" }, "devDependencies": { @@ -8215,16 +8215,16 @@ } }, "node_modules/winston": { - "version": "3.13.0", - "resolved": "https://registry.npmjs.org/winston/-/winston-3.13.0.tgz", - "integrity": "sha512-rwidmA1w3SE4j0E5MuIufFhyJPBDG7Nu71RkZor1p2+qHvJSZ9GYDA81AyleQcZbh/+V6HjeBdfnTZJm9rSeQQ==", + "version": "3.15.0", + "resolved": "https://registry.npmjs.org/winston/-/winston-3.15.0.tgz", + "integrity": "sha512-RhruH2Cj0bV0WgNL+lOfoUBI4DVfdUNjVnJGVovWZmrcKtrFTTRzgXYK2O9cymSGjrERCtaAeHwMNnUWXlwZow==", "license": "MIT", "dependencies": { "@colors/colors": "^1.6.0", "@dabh/diagnostics": "^2.0.2", "async": "^3.2.3", "is-stream": "^2.0.0", - "logform": "^2.4.0", + "logform": "^2.6.0", "one-time": "^1.0.0", "readable-stream": "^3.4.0", "safe-stable-stringify": "^2.3.1", diff --git a/package.json b/package.json index c49b462..774c469 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ "gunzip-maybe": "^1.4.2", "octokit": "^4.0.2", "tar-stream": "^3.1.7", - "winston": "^3.13.0", + "winston": "^3.15.0", "yaml": "^2.5.1" }, "devDependencies": {