From 28abd9cc49101b59c299e47296bdcd50daa51b8d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 1 Aug 2024 07:39:41 +0000 Subject: [PATCH 1/2] fix: upgrade winston from 3.13.0 to 3.13.1 Snyk has created this PR to upgrade winston from 3.13.0 to 3.13.1. See this package in yarn: winston See this project in Snyk: https://app.snyk.io/org/rlaiola/project/c78ca746-8b30-4d07-9ec9-6ecb7ee38cd1?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 24 ++++++++++++++++++------ 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index 94e808d..c7532ad 100644 --- a/package.json +++ b/package.json @@ -19,6 +19,6 @@ "express-rate-limit": "^7.2.0", "puppeteer": "^22.6.3", "puppeteer-cluster": "^0.24.0", - "winston": "^3.12.0" + "winston": "^3.13.1" } } diff --git a/yarn.lock b/yarn.lock index e5ed6a0..2babc91 100644 --- a/yarn.lock +++ b/yarn.lock @@ -795,7 +795,7 @@ lines-and-columns@^1.1.6: resolved "https://registry.yarnpkg.com/lines-and-columns/-/lines-and-columns-1.2.4.tgz#eca284f75d2965079309dc0ad9255abb2ebc1632" integrity sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg== -logform@^2.3.2, logform@^2.4.0: +logform@^2.3.2: version "2.6.0" resolved "https://registry.yarnpkg.com/logform/-/logform-2.6.0.tgz#8c82a983f05d6eaeb2d75e3decae7a768b2bf9b5" integrity sha512-1ulHeNPp6k/LD8H91o7VYFBng5i1BDE7HoKxVbZiGFidS1Rj65qcywLxX+pVfAPoQJEjRdvKcusKwOupHCVOVQ== @@ -807,6 +807,18 @@ logform@^2.3.2, logform@^2.4.0: safe-stable-stringify "^2.3.1" triple-beam "^1.3.0" +logform@^2.6.0: + version "2.6.1" + resolved "https://registry.yarnpkg.com/logform/-/logform-2.6.1.tgz#71403a7d8cae04b2b734147963236205db9b3df0" + integrity sha512-CdaO738xRapbKIMVn2m4F6KTj4j7ooJ8POVnebSgKo3KBz5axNXRAL7ZdRjIV6NOr2Uf4vjtRkxrFETOioCqSA== + dependencies: + "@colors/colors" "1.6.0" + "@types/triple-beam" "^1.3.2" + fecha "^4.2.0" + ms "^2.1.1" + safe-stable-stringify "^2.3.1" + triple-beam "^1.3.0" + lru-cache@^6.0.0: version "6.0.0" resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-6.0.0.tgz#6d6fe6570ebd96aaf90fcad1dafa3b2566db3a94" @@ -1352,16 +1364,16 @@ winston-transport@^4.7.0: readable-stream "^3.6.0" triple-beam "^1.3.0" -winston@^3.12.0: - version "3.13.0" - resolved "https://registry.yarnpkg.com/winston/-/winston-3.13.0.tgz#e76c0d722f78e04838158c61adc1287201de7ce3" - integrity sha512-rwidmA1w3SE4j0E5MuIufFhyJPBDG7Nu71RkZor1p2+qHvJSZ9GYDA81AyleQcZbh/+V6HjeBdfnTZJm9rSeQQ== +winston@^3.13.1: + version "3.13.1" + resolved "https://registry.yarnpkg.com/winston/-/winston-3.13.1.tgz#53ddadb9c2332eb12cff8306413b3480dc82b6c3" + integrity sha512-SvZit7VFNvXRzbqGHsv5KSmgbEYR5EiQfDAL9gxYkRqa934Hnk++zze0wANKtMHcy/gI4W/3xmSDwlhf865WGw== dependencies: "@colors/colors" "^1.6.0" "@dabh/diagnostics" "^2.0.2" async "^3.2.3" is-stream "^2.0.0" - logform "^2.4.0" + logform "^2.6.0" one-time "^1.0.0" readable-stream "^3.4.0" safe-stable-stringify "^2.3.1" From aa6f4673b45bd333abdb55df5e276a99044be83b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 22 Jun 2024 02:20:31 +0000 Subject: [PATCH 2/2] fix: upgrade express-rate-limit from 7.2.0 to 7.3.0 Snyk has created this PR to upgrade express-rate-limit from 7.2.0 to 7.3.0. See this package in yarn: express-rate-limit See this project in Snyk: https://app.snyk.io/org/rlaiola/project/c78ca746-8b30-4d07-9ec9-6ecb7ee38cd1?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index c7532ad..49038e7 100644 --- a/package.json +++ b/package.json @@ -16,7 +16,7 @@ "license": "GPL-3.0", "dependencies": { "express": "^4.19.2", - "express-rate-limit": "^7.2.0", + "express-rate-limit": "^7.3.0", "puppeteer": "^22.6.3", "puppeteer-cluster": "^0.24.0", "winston": "^3.13.1" diff --git a/yarn.lock b/yarn.lock index 2babc91..9683d67 100644 --- a/yarn.lock +++ b/yarn.lock @@ -483,10 +483,10 @@ etag@~1.8.1: resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887" integrity sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg== -express-rate-limit@^7.2.0: - version "7.2.0" - resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-7.2.0.tgz#06ce387dd5388f429cab8263c514fc07bf90a445" - integrity sha512-T7nul1t4TNyfZMJ7pKRKkdeVJWa2CqB8NA1P8BwYaoDI5QSBZARv5oMS43J7b7I5P+4asjVXjb7ONuwDKucahg== +express-rate-limit@^7.3.0: + version "7.3.1" + resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-7.3.1.tgz#c0887ba746cdd358d17b8ab63d6eba1bae0f670b" + integrity sha512-BbaryvkY4wEgDqLgD18/NSy2lDO2jTuT9Y8c1Mpx0X63Yz0sYd5zN6KPe7UvpuSVvV33T6RaE1o1IVZQjHMYgw== express@^4.19.2: version "4.19.2"