Bump winston from 2.4.5 to 3.5.1 in /api

[dependabot[bot]]

Bumps winston from 2.4.5 to 3.5.1.

Release notes

Sourced from winston's releases.

3.5.1

This release reverts the changes made in PR #1896 which added stricter typing to the available log levels, and inadvertently broke use of custom levels with TypeScript (Issue #2047). Apologies for that!

3.5.0

This release includes the following, in sequence by first merge in group:

Feature updates:

• Support batch mode in HTTP Transport (Issue #1970, PR #1998, thanks @​BBE78!)

Patch-level updates:

• Bump dependency versions (thanks @​dependabot & @​DABH!) - Bump @​types/node from 16.11.12 to 17.0.8 (PR #2009) - Bump @​babel/preset-env from 7.16.7 to 7.16.8 (#2036) - Bump @​types/node from 17.0.8 to 17.0.9 (#2035) - Bump @​babel/cli from 7.16.7 to 7.16.8 (#2034) - Bump @​types/node from 17.0.9 to 17.0.10 (#2042) - Bump @​babel/core from 7.16.7 to 7.16.12 (#2041) - Bump @​babel/preset-env from 7.16.8 to 7.16.11 (#2040)
• Fixing documentation syntax errors in transports code examples (#1916; thanks @​romanzaycev!)
• Fix missing type declarations, especially for .rejections (#1842, #1929, #2021; thanks @​vanflux, @​svaj, @​glensc, & others!)
• More narrowly typing the “level” string (#1896, thanks @​yonas-g!)
• Using a safer stringify, e.g. to avoid issues from circular structures, in the http transport (#2043, thanks @​karlwir!)

Updates to the repo & project which don’t actually affect the running code:

• Add a channel for reporting security vulnerabilities (#2024, thanks @​JamieSlome!)
• Add coverage tracking in CI & documentation (#2025 and #2028, thanks @​fearphage!)
• Update issue templates (#2030 and #2031, thanks @​Maverick1872!)
• Remove gitter link from README.md (#2027, thanks @​DABH!)

Thanks also to maintainers @​DABH, @​fearphage, @​Maverick1872, and @​wbt for issue/PR shepherding and help across multiple parts of the release!

If somebody got missed in the list of thanks, please forgive the accidental oversight and/or feel free to open a PR on the changelog.

v3.4.0 / 2022-01-10

Yesterday's release was done with a higher sense of urgency than usual due to vandalism in the colors package. This release:

• ties up a loose end by including #1973 to go with #1824
• adds a missing http property in NpmConfigSetColors #2004 (thanks @​SimDaSong)
• fixes a minor issue in the build/release process #2014
• pins the version of the testing framework to avoid an issue with a test incorrectly failing #2017

The biggest change in this release, motivating the feature-level update, is #2006 Make winston more ESM friendly, thanks to @​miguelcobain.

Thanks also to @​DABH, @​wbt, and @​fearphage for contributions and reviews!

v3.3.4

Compared to v3.3.3, this version fixes some issues and includes some updates to project infrastructure, such as replacing Travis with Github CI and dependabot configuration.

... (truncated)

Changelog

Sourced from winston's changelog.

v3.5.1 / 2022-01-31

This release reverts the changes made in PR #1896 which added stricter typing to the available log levels, and inadvertently broke use of custom levels with TypeScript (Issue #2047). Apologies for that!

v3.5.0 / 2022-01-27

This release includes the following, in sequence by first merge in group:

Feature updates:

• Support batch mode in HTTP Transport (Issue #1970, PR #1998, thanks @​BBE78!)

Patch-level updates:

• Bump dependency versions (thanks @​dependabot & @​DABH!) - Bump @​types/node from 16.11.12 to 17.0.8 (PR #2009) - Bump @​babel/preset-env from 7.16.7 to 7.16.8 (#2036) - Bump @​types/node from 17.0.8 to 17.0.9 (#2035) - Bump @​babel/cli from 7.16.7 to 7.16.8 (#2034) - Bump @​types/node from 17.0.9 to 17.0.10 (#2042) - Bump @​babel/core from 7.16.7 to 7.16.12 (#2041) - Bump @​babel/preset-env from 7.16.8 to 7.16.11 (#2040)
• Fixing documentation syntax errors in transports code examples (#1916; thanks @​romanzaycev!)
• Fix missing type declarations, especially for .rejections (#1842, #1929, #2021; thanks @​vanflux, @​svaj, @​glensc, & others!)
• More narrowly typing the “level” string (#1896, thanks @​yonas-g!)
• Using a safer stringify, e.g. to avoid issues from circular structures, in the http transport (#2043, thanks @​karlwir!)

Updates to the repo & project which don’t actually affect the running code:

• Add a channel for reporting security vulnerabilities (#2024, thanks @​JamieSlome!)
• Add coverage tracking in CI & documentation (#2025 and #2028, thanks @​fearphage!)
• Update issue templates (#2030 and #2031, thanks @​Maverick1872!)
• Remove gitter link from README.md (#2027, thanks @​DABH!)

Thanks also to maintainers @​DABH, @​fearphage, @​Maverick1872, and @​wbt for issue/PR shepherding and help across multiple parts of the release! If somebody got missed in the list of thanks, please forgive the accidental oversight and/or feel free to open a PR on this changelog.

v3.4.0 / 2022-01-10

Yesterday's release was done with a higher sense of urgency than usual due to vandalism in the colors package. This release:

• ties up a loose end by including #1973 to go with #1824
• adds a missing http property in NpmConfigSetColors #2004 (thanks @​SimDaSong)
• fixes a minor issue in the build/release process #2014
• pins the version of the testing framework to avoid an issue with a test incorrectly failing #2017

... (truncated)

Commits

• 22bb31a Revert pr 1896 (#2052) for rerelease
• a320b0c Revert "typed level type" (#2050)
• 237534a Release 3.5.0 (#2045)
• d18198d chore: use safe stringify in http transport (#2043)
• 8a1735b Update README.md (#2027)
• 278c492 Bump @​babel/preset-env from 7.16.8 to 7.16.11 (#2040)
• 609a84b Bump @​babel/core from 7.16.7 to 7.16.12 (#2041)
• f2d7e06 Bump @​types/node from 17.0.9 to 17.0.10 (#2042)
• 3b48008 Bump @​babel/cli from 7.16.7 to 7.16.8 (#2034)
• 4a0ed4f Bump @​types/node from 17.0.8 to 17.0.9 (#2035)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by w-b-t, a new releaser for winston since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.