[Snyk] Upgrade winston from 3.3.3 to 3.13.1

[drnachio]

Snyk has created this PR to upgrade winston from 3.3.3 to 3.13.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 17 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-ENGINEIO-1056749	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-ENGINEIO-3136336	482	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	482	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	482	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	482	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	482	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	482	No Known Exploit
	Uncaught Exception SNYK-JS-SOCKETIO-7278048	482	No Known Exploit
	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-1056752	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-5596892	482	No Known Exploit
	Command Injection SNYK-JS-SSH2-1656673	482	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	482	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	482	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	482	No Known Exploit
	Open Redirect SNYK-JS-GOT-2932019	482	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	482	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	482	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	482	Proof of Concept
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	482	No Known Exploit
	Prototype Pollution SNYK-JS-JSON5-3182856	482	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	482	Proof of Concept
	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-JSZIP-3188562	482	No Known Exploit
	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	482	Proof of Concept
	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-JSZIP-3188562	482	No Known Exploit
	Command Injection SNYK-JS-SNYKPYTHONPLUGIN-3039677	482	Proof of Concept
	Command Injection SNYK-JS-SNYKSBTPLUGIN-3038626	482	Proof of Concept
	Command Injection SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625	482	Proof of Concept
	Insecure Defaults SNYK-JS-SOCKETIO-1024859	482	Proof of Concept
	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	482	No Known Exploit
	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	482	No Known Exploit
	Prototype Pollution SNYK-JS-NCONF-2395478	482	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-1089716	482	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-NETMASK-6056519	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	482	No Known Exploit
	Remote Code Execution (RCE) SNYK-JS-PUG-1071616	482	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-PUGCODEGEN-1082232	482	Proof of Concept
	Improper Control of Generation of Code ('Code Injection') SNYK-JS-PUGCODEGEN-7086056	482	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	482	Proof of Concept
	Code Injection SNYK-JS-LODASH-1040724	482	Proof of Concept
	Prototype Pollution SNYK-JS-LODASHSET-1320032	482	Proof of Concept
	Infinite loop SNYK-JS-MARKDOWNIT-6483324	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	482	Proof of Concept
	Arbitrary Code Injection SNYK-JS-XMLHTTPREQUESTSSL-1082936	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	482	No Known Exploit
	Access Restriction Bypass SNYK-JS-XMLHTTPREQUESTSSL-1255647	482	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	482	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	482	Proof of Concept
	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	482	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	482	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	482	No Known Exploit
	Internal Property Tampering SNYK-JS-TAFFYDB-2992450	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	482	Proof of Concept
	Code Injection SNYK-JS-LODASH-1040724	482	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	482	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	482	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-PACRESOLVER-1564857	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PARSELINKHEADER-1582783	482	Proof of Concept
	Command Injection SNYK-JS-SNYK-3037342	482	Proof of Concept
	Command Injection SNYK-JS-SNYK-3038622	482	Proof of Concept
	Code Injection SNYK-JS-SNYK-3111871	482	No Known Exploit
	Command Injection SNYK-JS-SNYKDOCKERPLUGIN-3039679	482	Proof of Concept
	Command Injection SNYK-JS-SNYKGOPLUGIN-3037316	482	Proof of Concept
	Command Injection SNYK-JS-SNYKGRADLEPLUGIN-3038624	482	Proof of Concept
	Command Injection SNYK-JS-SNYKMVNPLUGIN-3038623	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	482	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	482	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKDOWNIT-2331914	482	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	482	Proof of Concept
	Prototype Pollution SNYK-JS-XML2JS-5414874	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	482	No Known Exploit
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	482	Proof of Concept
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	482	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-VUETEMPLATECOMPILER-7554675	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281	482	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	482	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	482	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	482	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	482	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	482	Proof of Concept

Release notes

Package name: winston

• 3.13.1 - 2024-07-10
  
  • revert to rimraf 5.0.1, last known version to work with node 18 for now 1b3a500
  • Merge branch 'master' of github.com:winstonjs/winston b56117e
  • Update dependencies a5853b5
  • Bump @ types/node from 20.12.7 to 20.14.10 (#2483) 93b52ac
  • Bump mocha from 10.3.0 to 10.6.0 (#2484) 33611c9
  • Bump @ babel/preset-env from 7.24.0 to 7.24.7 (#2475) 4aa6550
  • Update minimum version logform (#2472) 7f5f014
  • Add Parseable transport (#2466) debf4fa
  • chore(docs): Update w/ MySQL transport (#2456) d567c57
  • fix typo at test/unit/winston/transports/http.test.js (#2453) 1d5d527
  • Bump @ babel/cli from 7.23.9 to 7.24.5 (#2454) d89a34e
  • Bump @ types/node from 20.11.29 to 20.12.7 (#2448) 947fa79
  • Bump @ babel/core from 7.24.0 to 7.24.5 (#2455) 8c58d0a

  v3.13.0...v3.13.1

• 3.13.0 - 2024-03-24
  
  • fix(http): allow passing maximumDepth to prevent big object being stringified (#2425) a237865

  v3.12.1...v3.13.0

• 3.12.1 - 2024-03-24
  
  • Bump @ types/node from 20.11.24 to 20.11.29 (#2431) b10b98f
  • Revert "Remove nonexistent Logger methods from types" (#2434) 0277035
  • fixed flaky test case (#2412) d95c948

  v3.12.0...v3.12.1

• 3.12.0 - 2024-03-04
  
  • missing timestamp format in ready-to-use-pattern example (#2421) 9e5b407
  • bump deps (#2422) 4a85e6b
  • [chore] Run coveralls CI check on Node 20 not 16 (#2418) e153c68
  • Bump @ types/node from 20.8.6 to 20.11.19 (#2413) 587f40f
  • Update README.md (#2417) 8e99a00
  • docs: fix anchor in transports docs (#2416) 0bde36b
  • add winston-transport-vscode to transports docs (#2411) 8fb5b41
  • Bump @ babel/cli from 7.23.0 to 7.23.9 (#2406) a326743
  • Add winston-newrelic-agent-transport to transport documentation (#2382) cc731ef
  • Remove newrelic-winston transport entry. (#2405) f077f30
  • Bump eslint from 8.55.0 to 8.56.0 (#2397) 3943c41
  • Bump the npm_and_yarn group group with 1 update (#2391) 8260866
  • Fix unhandled rejection handling (#2390) 333b763
  • Fix all rimraf usages to the best of my ability; glob is not true by default in rimraf; file archive test only passed every other time using async rimraf, could use further investigation c3f3b5b
  • Fix rimraf usage in new test 8f3c653
  • Fix rimraf import in test (why didn't this break in PR CI?) f3836aa
  • Added functionality to long broken zippedArchive option (#2337) 02d4267
  • Bump async from 3.2.4 to 3.2.5 (#2378) 069a40d
  • Bump @ babel/preset-env from 7.23.2 to 7.23.7 (#2384) 79282e1
  • Bump winston-transport; fix test issue (#2386) 05788b9
  • Bump eslint from 8.51.0 to 8.55.0 (#2375) a7c2eec
  • Bump std-mocks from 1.0.1 to 2.0.0 (#2361) 85c336e
  • Bump actions/setup-node from 3 to 4 (#2362) 448d11c
  • chore(README.md): adds documentation around coloring json formatted logs 91ec069
  • Remove nonexistent Logger methods from types c3c3911
  • Update dependencies caf2df6

  v3.11.0...v3.12.0

• 3.11.0 - 2023-10-07
  
  • Bump split2 from 4.1.0 to 4.2.0 (#2336) 37f4282
  • Bump actions/checkout from 3 to 4 (#2346) fdcc893
  • Bump @ colors/colors packgae to 1.6.0 (#2353) dcbec34
  • Bump rimraf from 3.0.2 to 5.0.5 (#2357) aaaa4c0
  • feat: add guardrails to the instantiation of a Profiler (#2226) 914b846
  • Bump @ types/node from 20.3.1 to 20.4.2 (#2329) 23cb80c
  • Bug Fix: FileTransportOptions type missing lazy:boolean option (#2334) 1c43f7b

  v3.10.0...v3.11.0

• 3.10.0 - 2023-07-10
  
  • Avoid potential github issues - relax engines node requirement in package.json fc9c83d
  • Export Logger class (#2181) eda40ef
  • Added Lazy option to file transport (#2317) f7e7f2f
  • Bump eslint from 8.32.0 to 8.44.0 (#2321) de2e887
  • docs(#2319): Syntax error on README.md (#2320) fcc69ec
  • fix(types): Allow any object to be passed as meta to logger.profile (#2314) 9d6001a
  • Bump @ types/node from 18.11.18 to 20.3.1 (#2313) 06e3165
  • Update supported Node versions and run npm audit fix (#2315) 61e2f5b
  • Bump @ babel/core from 7.20.12 to 7.22.1 (#2309) 7643ad6

  v3.9.0...v3.10.0

• 3.9.0 - 2023-05-26
  

  Functionality changes

  • Handle undefined errors in getAllInfo in exception-handler in #2208; thanks to new contributor