snowdensb / vets-website

Frontend for VA.gov
Creative Commons Zero v1.0 Universal
0 stars 0 forks source link

Update dependency winston to v3.3.4 #244

Open mend-for-github-com[bot] opened 11 months ago

mend-for-github-com[bot] commented 11 months ago

This PR contains the following updates:

Package Type Update Change
winston devDependencies patch 3.3.3 -> 3.3.4

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
High 7.8 CVE-2021-43138 #138

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
High 7.5 WS-2021-0152 #92
Medium 5.3 CVE-2021-29060 #93

Release Notes

winstonjs/winston (winston) ### [`v3.3.4`](https://togithub.com/winstonjs/winston/blob/HEAD/CHANGELOG.md#v334--2022-01-09) [Compare Source](https://togithub.com/winstonjs/winston/compare/v3.3.3...3.3.4) Compared to v3.3.3, this version fixes some issues and includes some updates to project infrastructure, such as replacing Travis with Github CI and dependabot configuration. There have also been several relatively minor improvements to documentation, and incorporation of some updated dependencies. Dependency updates include a critical bug fix \[[#​2008](https://togithub.com/winstonjs/winston/issues/2008)] in response to self-vandalism by the author of a dependency. - \[[#​1964](https://togithub.com/winstonjs/winston/issues/1964)] Added documentation for how to use a new externally maintained [Seq](https://datalust.co/seq) transport. - \[[#​1712](https://togithub.com/winstonjs/winston/issues/1712)] Add default metadata when calling log with string level and message. - \[[#​1824](https://togithub.com/winstonjs/winston/issues/1824)] Unbind event listeners on close - \[[#​1961](https://togithub.com/winstonjs/winston/issues/1961)] Handle undefined rejections - \[[#​1878](https://togithub.com/winstonjs/winston/issues/1878)] Correct boolean evaluation of empty-string value for eol option - \[[#​1977](https://togithub.com/winstonjs/winston/issues/1977)] Improved consistency of object parameters for better test reliability