fix(deps): update dependency winston to v3.17.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
winston	3.1.0 -> 3.17.0

---

Release Notes

winstonjs/winston (winston)

v3.17.0

Compare Source

• Try winston-transport 4.9.0 3e87128
• Revert "Try bumping winston-transport to 4.8.0" 69625fc
• Revert "Try bumping winston-transport to 4.8.0" 876ef7a
• Try bumping winston-transport to 4.8.0 7ef2c1d
• Try bumping winston-transport to 4.8.0 fe4b64e
• Bump logform c9fd9a4
• Revert "Update logform and winston-transport" 14fef0f
• Merge branch 'master' of github.com:winstonjs/winston 545b683
• Update logform and winston-transport cceb265
• Bump mocha from 10.7.3 to 10.8.2 (#​2523) bb529b6
• Bump async from 3.2.5 to 3.2.6 (#​2516) ae847ab

v3.16.0

Compare Source

• Feature - optionally include Error.cause property (#​2447) 201b6f1

v3.15.0

Compare Source

Note: we removed LogCallback from the TS definitions because the underlying library didn't actually support these. If this causes issues in your apps, we recommend you remove references to LogCallbacks, since such code was not being executed anyways. See #​2513 and the issue linked therein.

• remove logcallback (#​2513) 3a54777
• chore(docs): Update README.md w/ usage comments (#​2507) f110f61
• Bump nyc from 15.1.0 to 17.1.0 (#​2511) f5dde86
• Bump @​babel/cli from 7.24.7 to 7.25.6 (#​2512) d1b8dc6
• Bump @​babel/preset-env from 7.24.8 to 7.25.4 (#​2506) 564161a
• Bump mocha from 10.7.0 to 10.7.3 (#​2500) eb7e315
• Unified Handler Tests (#​2020) 22aab6d

v3.14.2

Compare Source

v3.14.1

Compare Source

v3.14.0

Compare Source

v3.13.1

Compare Source

• revert to rimraf 5.0.1, last known version to work with node 18 for now 1b3a500
• Merge branch 'master' of github.com:winstonjs/winston b56117e
• Update dependencies a5853b5
• Bump @​types/node from 20.12.7 to 20.14.10 (#​2483) 93b52ac
• Bump mocha from 10.3.0 to 10.6.0 (#​2484) 33611c9
• Bump @​babel/preset-env from 7.24.0 to 7.24.7 (#​2475) 4aa6550
• Update minimum version logform (#​2472) 7f5f014
• Add Parseable transport (#​2466) debf4fa
• chore(docs): Update w/ MySQL transport (#​2456) d567c57
• fix typo at test/unit/winston/transports/http.test.js (#​2453) 1d5d527
• Bump @​babel/cli from 7.23.9 to 7.24.5 (#​2454) d89a34e
• Bump @​types/node from 20.11.29 to 20.12.7 (#​2448) 947fa79
• Bump @​babel/core from 7.24.0 to 7.24.5 (#​2455) 8c58d0a

v3.13.0

Compare Source

• fix(http): allow passing maximumDepth to prevent big object being stringified (#​2425) a237865

v3.12.1

Compare Source

v3.12.0

Compare Source

• missing timestamp format in ready-to-use-pattern example (#​2421) 9e5b407
• bump deps (#​2422) 4a85e6b
• [chore] Run coveralls CI check on Node 20 not 16 (#​2418) e153c68
• Bump @​types/node from 20.8.6 to 20.11.19 (#​2413) 587f40f
• Update README.md (#​2417) 8e99a00
• docs: fix anchor in transports docs (#​2416) 0bde36b
• add winston-transport-vscode to transports docs (#​2411) 8fb5b41
• Bump @​babel/cli from 7.23.0 to 7.23.9 (#​2406) a326743
• Add winston-newrelic-agent-transport to transport documentation (#​2382) cc731ef
• Remove newrelic-winston transport entry. (#​2405) f077f30
• Bump eslint from 8.55.0 to 8.56.0 (#​2397) 3943c41
• Bump the npm_and_yarn group group with 1 update (#​2391) 8260866
• Fix unhandled rejection handling (#​2390) 333b763
• Fix all rimraf usages to the best of my ability; glob is not true by default in rimraf; file archive test only passed every other time using async rimraf, could use further investigation c3f3b5b
• Fix rimraf usage in new test 8f3c653
• Fix rimraf import in test (why didn't this break in PR CI?) f3836aa
• Added functionality to long broken zippedArchive option (#​2337) 02d4267
• Bump async from 3.2.4 to 3.2.5 (#​2378) 069a40d
• Bump @​babel/preset-env from 7.23.2 to 7.23.7 (#​2384) 79282e1
• Bump winston-transport; fix test issue (#​2386) 05788b9
• Bump eslint from 8.51.0 to 8.55.0 (#​2375) a7c2eec
• Bump std-mocks from 1.0.1 to 2.0.0 (#​2361) 85c336e
• Bump actions/setup-node from 3 to 4 (#​2362) 448d11c
• chore(README.md): adds documentation around coloring json formatted logs 91ec069
• Remove nonexistent Logger methods from types c3c3911
• Update dependencies caf2df6

v3.11.0

Compare Source

• Bump split2 from 4.1.0 to 4.2.0 (#​2336) 37f4282
• Bump actions/checkout from 3 to 4 (#​2346) fdcc893
• Bump @​colors/colors packgae to 1.6.0 (#​2353) dcbec34
• Bump rimraf from 3.0.2 to 5.0.5 (#​2357) aaaa4c0
• feat: add guardrails to the instantiation of a Profiler (#​2226) 914b846
• Bump @​types/node from 20.3.1 to 20.4.2 (#​2329) 23cb80c
• Bug Fix: FileTransportOptions type missing lazy:boolean option (#​2334) 1c43f7b

v3.10.0

Compare Source

• Avoid potential github issues - relax engines node requirement in package.json fc9c83d
• Export Logger class (#​2181) eda40ef
• Added Lazy option to file transport (#​2317) f7e7f2f
• Bump eslint from 8.32.0 to 8.44.0 (#​2321) de2e887
• docs(#​2319): Syntax error on README.md (#​2320) fcc69ec
• fix(types): Allow any object to be passed as meta to logger.profile (#​2314) 9d6001a
• Bump @​types/node from 18.11.18 to 20.3.1 (#​2313) 06e3165
• Update supported Node versions and run npm audit fix (#​2315) 61e2f5b
• Bump @​babel/core from 7.20.12 to 7.22.1 (#​2309) 7643ad6

v3.9.0

Compare Source

Functionality changes

• Handle undefined errors in getAllInfo in exception-handler in https://github.com/winstonjs/winston/pull/2208; thanks to new contributor @​eivindrs
• fix: properly allow passing non-array transport in https://github.com/winstonjs/winston/pull/2256; thanks to new contributor @​Tanuel
• fix #​1732 (Http Transport uses JSON format options as request options) in https://github.com/winstonjs/winston/pull/2272; thanks to new contributor @​MoritzLoewenstein (minor version bump per comment on the issue)
• fix: add guard clause to prevent FD leak in https://github.com/winstonjs/winston/pull/2301; thanks to new contributor @​td-tomasz-joniec

Dependency updates by @​dependabot + CI autotesting

• Bump eslint from 8.23.0 to 8.32.0 by @​dependabot in https://github.com/winstonjs/winston/pull/2209, https://github.com/winstonjs/winston/pull/2236, https://github.com/winstonjs/winston/pull/2258, & https://github.com/winstonjs/winston/pull/2271
• Bump @​babel/core from 7.19.0 to 7.20.12 by @​dependabot in https://github.com/winstonjs/winston/pull/2206, https://github.com/winstonjs/winston/pull/2234, https://github.com/winstonjs/winston/pull/2259, & https://github.com/winstonjs/winston/pull/2275
• Bump @​types/node from 18.0.0 to 18.11.18 by @​dependabot in https://github.com/winstonjs/winston/pull/2215, https://github.com/winstonjs/winston/pull/2235, & https://github.com/winstonjs/winston/pull/2264
• Bump @​babel/preset-env from 7.19.0 to 7.20.2 by @​dependabot in https://github.com/winstonjs/winston/pull/2218 & https://github.com/winstonjs/winston/pull/2244
• Bump safe-stable-stringify from 2.3.1 to 2.4.3 by @​dependabot in https://github.com/winstonjs/winston/pull/2217 & https://github.com/winstonjs/winston/pull/2292
• Bump @​babel/cli from 7.18.10 to 7.19.3 by @​dependabot in https://github.com/winstonjs/winston/pull/2216
• Bump json5 from 2.2.1 to 2.2.3 by @​dependabot in https://github.com/winstonjs/winston/pull/2260

Documentation changes

• Fix readme typo in https://github.com/winstonjs/winston/pull/2230; thanks to new contributor @​aretecode
• create new example for ready to use in https://github.com/winstonjs/winston/pull/2240; thanks to new contributor @​myagizmaktav
• minor fixes to publishing.md

Build Infrastructure changes

• GitHub Workflows security hardening in https://github.com/winstonjs/winston/pull/2252; thanks to new contributor @​sashashura

v3.8.2

Compare Source

Patch-level changes

• Add .js to main entry point in package.json in https://github.com/winstonjs/winston/pull/2177; thanks to new contributor @​rumanbsl
• Small grammatical fixes in README.md in https://github.com/winstonjs/winston/pull/2183; thanks to new contributor @​mikebarr24
• Move colors to non-dev dependencies by @​wbt in https://github.com/winstonjs/winston/pull/2190

Dependency updates by @​dependabot + CI autotesting

• Bump @​babel/preset-env from 7.18.2 to 7.19.0 in https://github.com/winstonjs/winston/pull/2189
• Bump @​babel/cli from 7.17.10 to 7.18.10 in https://github.com/winstonjs/winston/pull/2173
• Bump eslint from 8.18.0 to 8.23.0 in https://github.com/winstonjs/winston/pull/2184
• Bump @​babel/core from 7.18.5 to 7.19.0 in https://github.com/winstonjs/winston/pull/2192
• Bump logform from 2.4.1 to 2.4.2 in https://github.com/winstonjs/winston/pull/2191

v3.8.1

Compare Source

Patch-level changes

• Update types to match in-code definitions in https://github.com/winstonjs/winston/pull/2157; thanks to new contributor @​flappyBug

Dependency updates by @​dependabot + CI autotesting

• Bump logform from 2.4.0 to 2.4.1 in https://github.com/winstonjs/winston/pull/2156
• Bump async from 3.2.3 to 3.2.4 in https://github.com/winstonjs/winston/pull/2147

v3.8.0

Compare Source

Added functionality

• Add the stringify replacer option to the HTTP transport by @​domiins in https://github.com/winstonjs/winston/pull/2155

Dependency updates by @​dependabot + CI autotesting

• Bump @​babel/core from 7.17.8 to 7.18.5
• Bump eslint from 8.12.0 to 8.18.0
• Bump @​types/node from 17.0.23 to 18.0.0
• Bump @​babel/preset-env from 7.16.11 to 7.18.2
• Bump @​babel/cli from 7.17.6 to 7.17.10

Updates facilitating repo maintenance & enhancing documentation

• Explicitly note that the Contributing.md file is out of date
• Add instructions for publishing updated version by @​wbt (docs/publishing.md)
• Prettier Config File by @​jeanpierrecarvalho in https://github.com/winstonjs/winston/pull/2092
• Readme update to explain origin of errors for handling (#​2120)
• update documentation for #​2114 by @​zizifn in https://github.com/winstonjs/winston/pull/2138
• enhance message for logs with no transports #​2114 by @​zizifn in https://github.com/winstonjs/winston/pull/2139
• Added a new Community Transport option to the list: Worker Thread based async Console Transport by @​arpad1337 in https://github.com/winstonjs/winston/pull/2140

Thanks especially to new contributors @​zizifn, @​arpad1337, @​domiins, & @​jeanpierrecarvalho!

v3.7.2

Compare Source

This change reverts what should have been the feature-level update in 3.7.0 due to issue #​2103 showing this to be breaking, unintentionally.

v3.7.1

Compare Source

This change includes some minor updates to package-lock.json resolving npm audit failures: one in ansi-regex and another in minimist.

v3.6.0

Compare Source

• [#​2057] Fix potential memory leak by not waiting for process.nextTick before clearing pending callbacks (thanks @​smashah!)
• [#​2071] Update to logform 2.4.0, which includes changes such as new options for JsonOptions and some typo fixes regarding levels
• Various other dependencies are updated, tests are reorganized and cleaned up, etc. (thanks @​wbt, @​Maverick1872, @​fearphage!)

v3.5.1

Compare Source

This release reverts the changes made in PR #​1896 which added stricter typing to the available log levels,
and inadvertently broke use of custom levels with TypeScript (Issue #​2047). Apologies for that!

v3.5.0

Compare Source

This release includes the following, in sequence by first merge in group:

Feature updates:

• Support batch mode in HTTP Transport (Issue #​1970, PR #​1998, thanks @​BBE78!)

Patch-level updates:

• Bump dependency versions (thanks @​dependabot & @​DABH!)
  • Bump @​types/node from 16.11.12 to 17.0.8 (PR #​2009)
  • Bump @​babel/preset-env from 7.16.7 to 7.16.8 (#​2036)
  • Bump @​types/node from 17.0.8 to 17.0.9 (#​2035)
  • Bump @​babel/cli from 7.16.7 to 7.16.8 (#​2034)
  • Bump @​types/node from 17.0.9 to 17.0.10 (#​2042)
  • Bump @​babel/core from 7.16.7 to 7.16.12 (#​2041)
  • Bump @​babel/preset-env from 7.16.8 to 7.16.11 (#​2040)
• Fixing documentation syntax errors in transports code examples (#​1916; thanks @​romanzaycev!)
• Fix missing type declarations, especially for .rejections
  (#​1842, #​1929, #​2021; thanks @​vanflux, @​svaj, @​glensc, & others!)
• More narrowly typing the “level” string (#​1896, thanks @​yonas-g!)
• Using a safer stringify, e.g. to avoid issues from circular structures, in the http transport
  (#​2043, thanks @​karlwir!)

Updates to the repo & project which don’t actually affect the running code:

• Add a channel for reporting security vulnerabilities (#​2024, thanks @​JamieSlome!)
• Add coverage tracking in CI & documentation (#​2025 and #​2028, thanks @​fearphage!)
• Update issue templates (#​2030 and #​2031, thanks @​Maverick1872!)
• Remove gitter link from README.md (#​2027, thanks @​DABH!)

Thanks also to maintainers @​DABH, @​fearphage, @​Maverick1872, and @​wbt for issue/PR shepherding
and help across multiple parts of the release!
If somebody got missed in the list of thanks, please forgive the accidental oversight
and/or feel free to open a PR on this changelog.

v3.4.0

Compare Source

Yesterday's release was done with a higher sense of urgency than usual
due to vandalism in the colors package.
This release:

• ties up a loose end by including [#​1973] to go with [#​1824]
• adds a missing http property in NpmConfigSetColors [#​2004] (thanks @​SimDaSong)
• fixes a minor issue in the build/release process [#​2014]
• pins the version of the testing framework to avoid an issue with a test incorrectly failing [#​2017]

The biggest change in this release, motivating the feature-level update, is
[#​2006] Make winston more ESM friendly, thanks to @​miguelcobain.

Thanks also to @​DABH, @​wbt, and @​fearphage for contributions and reviews!

v3.3.4

Compare Source

Compared to v3.3.3, this version fixes some issues and includes some updates to project infrastructure,
such as replacing Travis with Github CI and dependabot configuration.
There have also been several relatively minor improvements to documentation, and incorporation of some updated dependencies.
Dependency updates include a critical bug fix [#​2008] in response to self-vandalism by the author of a dependency.

• [#​1964] Added documentation for how to use a new externally maintained Seq transport.
• [#​1712] Add default metadata when calling log with string level and message.
• [#​1824] Unbind event listeners on close
• [#​1961] Handle undefined rejections
• [#​1878] Correct boolean evaluation of empty-string value for eol option
• [#​1977] Improved consistency of object parameters for better test reliability

v3.3.3

Compare Source

• [#​1820] Revert [#​1807] to resolve breaking changes for Typescript users.

v3.3.2

Compare Source

• [#​1814] Use a fork of diagnostics published to NPM to avoid git dependency.

v3.3.1

Compare Source

• [#​1803], [#​1807] Fix TypeScript bugs.
• [#​1740] Add space between info.message and meta.message.
• [#​1813] Avoid indirect storage-engine dependency.
• [#​1810] README updates.

v3.3.0

Compare Source

• [#​1779] Fix property name in rejection handler.
• [#​1768] Exclude extraneous files from NPM package.
• [#​1364], [#​1714] Don't remove transport from logger when transport error
  occurs.
• [#​1603] Expose child property on default logger.
• [#​1777] Allow HTTP transport to pass options to request.
• [#​1662] Add bearer auth capabilities to HTTP transport.
• [#​1612] Remove no-op in file transport.
• [#​1622], [#​1623], [#​1625] Typescript fixes.
• (Minor) [#​1647], [#​1793] Update CI settings.
• (Minor) [#​1600], [#​1605], [#​1593], [#​1610], [#​1654], [#​1656], [#​1661],
  [#​1651], [#​1652], [#​1677], [#​1683], [#​1684], [#​1700], [#​1697], [#​1650],
  [#​1705], [#​1723], [#​1737], [#​1733], [#​1743], [#​1750], [#​1754], [#​1780],
  [#​1778] README, Transports.md, other docs changes.
• [#​1672], [#​1686], [#​1772] Update dependencies.

v3.2.1

Compare Source

UNBOUND PROTOTYPE AD INFINITUM EDITION

• #[1579], (@​indexzero) Fallback to the "root" instance always created by
  createLogger for level convenience methods (e.g. .info(), .silly()).
  (Fixes [#​1577]).
• [#​1539], (@​indexzero) Assume message is the empty string when level-helper
  methods are invoked with no arguments (Fixed [#​1501]).
• [#​1583], (@​kibertoad) Add typings for defaultMeta (Fixes [#​1582])
• [#​1586], (@​kibertoad) Update dependencies.

v3.2.0

Compare Source

SORRY IT TOO SO LONG EDITION

NOTE: this was our first release using Github Projects. See the
3.2.0 Release Project.

New Features!

• [#​1471], (@​kibertoad) Implement child loggers.
• [#​1462], (@​drazisil) Add handleRejection support.
  • [#​1555], (@​DABH) Add fixes from [#​1355] to unhandled rejection handler.
• [#​1418], (@​mfrisbey) Precompile ES6 syntax before publishing to npm.
  • [#​1533], (@​kibertoad) Update to Babel 7.
• [#​1562], (@​indexzero) [fix] Better handling of new Error(string)
  throughout the pipeline(s). (Fixes [#​1338], [#​1486]).

Bug Fixes

• [#​1355], (@​DABH) Fix issues with ExceptionHandler (Fixes [#​1289]).
• [#​1463], (@​SerayaEryn) Bubble transport warn events up to logger in
  addition to errors.
• [#​1480], [#​1503], (@​SerayaEryn) File tailrolling fix.
• [#​1483], (@​soldair) Assign log levels to un-bound functions.
• [#​1513], (@​TilaTheHun0) Set maxListeners for Console transport.
• [#​1521], (@​jamesbechet) Fix Transform from readable-stream using CRA.
• [#​1434], (@​Kouzukii) Fixes logger.query function (regression from 3.0.0)
• [#​1526], (@​pixtron) Log file without .gz for tailable (Fixes [#​1525]).
• [#​1559], (@​eubnara) Fix typo related to exitOnError.
• [#​1556], (@​adoyle-h) Support to create log directory if it doesn't exist
  for FileTransport.

New splat behavior

• [#​1552], (@​indexzero) Consistent handling of meta with (and without)
  interpolation in winston and logform.
• [#​1499], (@​DABH) Provide all of SPLAT to formats (Fixes [#​1485]).
• [#​1485], (@​mpabst) Fixing off-by-one when using both meta and splat.

Previously splat would have added a meta property for any additional
info[SPLAT] beyond the expected number of tokens.

As of [email protected], format.splat assumes additional splat paramters
(aka "metas") are objects and merges enumerable properties into the info.
e.g. BE ADVISED previous "metas" that were not objects will very likely
lead to odd behavior. e.g.

const { createLogger, format, transports } = require('winston');
const { splat } = format;
const { MESSAGE, LEVEL, SPLAT } = require('triple-beam');

const logger = createLogger({
  format: format.combine(
    format.splat(),
    format.json()
  ),
  transports: [new transports.Console()]
});

// Expects two tokens, but four splat parameters provided.
logger.info(
  'Let us %s for %j',   // message
  'objects',           // used for %s
  { label: 'sure' },   // used for %j
  'lol', ['ok', 'why'] // Multiple additional meta values
);

// winston < 3.2.0 && [email protected] behavior:
// Added "meta" property.
//
// { level: 'info',
//   message: 'Let us objects for {"label":"sure"}',
//   meta: ['lol', ['ok', 'why']],
//   [Symbol(level)]: 'info',
//   [Symbol(message)]: 'Let us %s for %j',
//   [Symbol(splat)]: [ 'objects', { label: 'sure' } ] }

// winston >= 3.2.0 && [email protected] behavior: Enumerable properties
// assigned into `info`. Since **strings and Arrays only have NUMERIC
// enumerable properties we get this behavior!**
//
// { '0': 'ok',
//   '1': 'why',
//   '2': 'l',
//   level: 'info',
//   message: 'Let us objects for {"label":"sure"}',
//   [Symbol(level)]: 'info',
//   [Symbol(message)]: 'Let us %s for %j',
//   [Symbol(splat)]: [ 'objects', { label: 'sure' } ] }

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.