chore(deps): bump the production-dependencies group with 2 updates

[dependabot[bot]]

Bumps the production-dependencies group with 2 updates: express and winston.

Updates express from 4.18.2 to 4.18.3

Release notes

Sourced from express's releases.

4.18.3

Main Changes

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add Node.js@19.7 by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137
• use random port in test so it won't fail on already listening by @​rluvaton in expressjs/express#5162
• tests: use cb() instead of done() by @​kristof-low in expressjs/express#5233
• examples: remove multipart example by @​riddlew in expressjs/express#5195
• Update support Node.js@18 in the CI by @​UlisesGascon in expressjs/express#5490
• Fix favicon-related bug in cookie-sessions example by @​DmytroKondrashov in expressjs/express#5414
• Release 4.18.3 by @​UlisesGascon in expressjs/express#5505

New Contributors

• @​vcsjones made their first contribution in expressjs/express#5032
• @​abenhamdine made their first contribution in expressjs/express#5034
• @​armujahid made their first contribution in expressjs/express#5027
• @​raksbisht made their first contribution in expressjs/express#5124
• @​rluvaton made their first contribution in expressjs/express#5162
• @​kristof-low made their first contribution in expressjs/express#5233
• @​riddlew made their first contribution in expressjs/express#5195
• @​DmytroKondrashov made their first contribution in expressjs/express#5414

Full Changelog: https://github.com/expressjs/express/compare/4.18.2...4.18.3

Changelog

Sourced from express's changelog.

4.18.3 / 2024-02-26

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Commits

• 1b51eda 4.18.3
• b625132 build: pin Node 21.x to minor
• e3eca80 build: pin Node 21.x to minor
• 23b44b3 build: support Node.js 21.6.2
• b9fea12 build: support Node.js 21.x in appveyor
• c259c34 build: support Node.js 21.x
• fdeb1d3 build: support Node.js 20.x in appveyor
• 734b281 build: support Node.js 20.x
• 0e3ab6e examples: improve view count in cookie-sessions
• 59af63a build: Node.js@18.19
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates winston from 3.11.0 to 3.12.0

Release notes

Sourced from winston's releases.

v3.12.0

• missing timestamp format in ready-to-use-pattern example (#2421) 9e5b407
• bump deps (#2422) 4a85e6b
• [chore] Run coveralls CI check on Node 20 not 16 (#2418) e153c68
• Bump @​types/node from 20.8.6 to 20.11.19 (#2413) 587f40f
• Update README.md (#2417) 8e99a00
• docs: fix anchor in transports docs (#2416) 0bde36b
• add winston-transport-vscode to transports docs (#2411) 8fb5b41
• Bump @​babel/cli from 7.23.0 to 7.23.9 (#2406) a326743
• Add winston-newrelic-agent-transport to transport documentation (#2382) cc731ef
• Remove newrelic-winston transport entry. (#2405) f077f30
• Bump eslint from 8.55.0 to 8.56.0 (#2397) 3943c41
• Bump the npm_and_yarn group group with 1 update (#2391) 8260866
• Fix unhandled rejection handling (#2390) 333b763
• Fix all rimraf usages to the best of my ability; glob is not true by default in rimraf; file archive test only passed every other time using async rimraf, could use further investigation c3f3b5b
• Fix rimraf usage in new test 8f3c653
• Fix rimraf import in test (why didn't this break in PR CI?) f3836aa
• Added functionality to long broken zippedArchive option (#2337) 02d4267
• Bump async from 3.2.4 to 3.2.5 (#2378) 069a40d
• Bump @​babel/preset-env from 7.23.2 to 7.23.7 (#2384) 79282e1
• Bump winston-transport; fix test issue (#2386) 05788b9
• Bump eslint from 8.51.0 to 8.55.0 (#2375) a7c2eec
• Bump std-mocks from 1.0.1 to 2.0.0 (#2361) 85c336e
• Bump actions/setup-node from 3 to 4 (#2362) 448d11c
• chore(README.md): adds documentation around coloring json formatted logs 91ec069
• Remove nonexistent Logger methods from types c3c3911
• Update dependencies caf2df6

https://github.com/winstonjs/winston/compare/v3.11.0...v3.12.0

Commits

• 7816869 3.12.0
• 9e5b407 missing timestamp format in ready-to-use-pattern example (#2421)
• 4a85e6b bump deps (#2422)
• e153c68 [chore] Run coveralls CI check on Node 20 not 16 (#2418)
• 587f40f Bump @​types/node from 20.8.6 to 20.11.19 (#2413)
• 8e99a00 Update README.md (#2417)
• 0bde36b docs: fix anchor in transports docs (#2416)
• 8fb5b41 add winston-transport-vscode to transports docs (#2411)
• a326743 Bump @​babel/cli from 7.23.0 to 7.23.9 (#2406)
• cc731ef Add winston-newrelic-agent-transport to transport documentation (#2382)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot[bot]]

⚠️ No Changeset found

Latest commit: 14fb203d17f8fcf53f282348449eff97a5d1349c

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR