Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump winston from 3.3.3 to 3.5.0 #31

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 27, 2022

Bumps winston from 3.3.3 to 3.5.0.

Release notes

Sourced from winston's releases.

3.5.0

This release includes the following, in sequence by first merge in group:

Feature updates:

Patch-level updates:

  • Bump dependency versions (thanks @​dependabot & @​DABH!) - Bump @​types/node from 16.11.12 to 17.0.8 (PR #2009) - Bump @​babel/preset-env from 7.16.7 to 7.16.8 (#2036) - Bump @​types/node from 17.0.8 to 17.0.9 (#2035) - Bump @​babel/cli from 7.16.7 to 7.16.8 (#2034) - Bump @​types/node from 17.0.9 to 17.0.10 (#2042) - Bump @​babel/core from 7.16.7 to 7.16.12 (#2041) - Bump @​babel/preset-env from 7.16.8 to 7.16.11 (#2040)
  • Fixing documentation syntax errors in transports code examples (#1916; thanks @​romanzaycev!)
  • Fix missing type declarations, especially for .rejections (#1842, #1929, #2021; thanks @​vanflux, @​svaj, @​glensc, & others!)
  • More narrowly typing the “level” string (#1896, thanks @​yonas-g!)
  • Using a safer stringify, e.g. to avoid issues from circular structures, in the http transport (#2043, thanks @​karlwir!)

Updates to the repo & project which don’t actually affect the running code:

Thanks also to maintainers @​DABH, @​fearphage, @​Maverick1872, and @​wbt for issue/PR shepherding and help across multiple parts of the release!

If somebody got missed in the list of thanks, please forgive the accidental oversight and/or feel free to open a PR on the changelog.

v3.4.0 / 2022-01-10

Yesterday's release was done with a higher sense of urgency than usual due to vandalism in the colors package. This release:

  • ties up a loose end by including #1973 to go with #1824
  • adds a missing http property in NpmConfigSetColors #2004 (thanks @​SimDaSong)
  • fixes a minor issue in the build/release process #2014
  • pins the version of the testing framework to avoid an issue with a test incorrectly failing #2017

The biggest change in this release, motivating the feature-level update, is #2006 Make winston more ESM friendly, thanks to @​miguelcobain.

Thanks also to @​DABH, @​wbt, and @​fearphage for contributions and reviews!

v3.3.4

Compared to v3.3.3, this version fixes some issues and includes some updates to project infrastructure, such as replacing Travis with Github CI and dependabot configuration. There have also been several relatively minor improvements to documentation, and incorporation of some updated dependencies.
Dependency updates include a critical bug fix #2008 in response to self-vandalism by the author of a dependency.

  • #1964 Added documentation for how to use a new externally maintained Seq transport.

... (truncated)

Changelog

Sourced from winston's changelog.

v3.5.0 / 2022-01-27

This release includes the following, in sequence by first merge in group:

Feature updates:

Patch-level updates:

  • Bump dependency versions (thanks @​dependabot & @​DABH!) - Bump @​types/node from 16.11.12 to 17.0.8 (PR #2009) - Bump @​babel/preset-env from 7.16.7 to 7.16.8 (#2036) - Bump @​types/node from 17.0.8 to 17.0.9 (#2035) - Bump @​babel/cli from 7.16.7 to 7.16.8 (#2034) - Bump @​types/node from 17.0.9 to 17.0.10 (#2042) - Bump @​babel/core from 7.16.7 to 7.16.12 (#2041) - Bump @​babel/preset-env from 7.16.8 to 7.16.11 (#2040)
  • Fixing documentation syntax errors in transports code examples (#1916; thanks @​romanzaycev!)
  • Fix missing type declarations, especially for .rejections (#1842, #1929, #2021; thanks @​vanflux, @​svaj, @​glensc, & others!)
  • More narrowly typing the “level” string (#1896, thanks @​yonas-g!)
  • Using a safer stringify, e.g. to avoid issues from circular structures, in the http transport (#2043, thanks @​karlwir!)

Updates to the repo & project which don’t actually affect the running code:

Thanks also to maintainers @​DABH, @​fearphage, @​Maverick1872, and @​wbt for issue/PR shepherding and help across multiple parts of the release! If somebody got missed in the list of thanks, please forgive the accidental oversight and/or feel free to open a PR on this changelog.

v3.4.0 / 2022-01-10

Yesterday's release was done with a higher sense of urgency than usual due to vandalism in the colors package. This release:

  • ties up a loose end by including #1973 to go with #1824
  • adds a missing http property in NpmConfigSetColors #2004 (thanks @​SimDaSong)
  • fixes a minor issue in the build/release process #2014
  • pins the version of the testing framework to avoid an issue with a test incorrectly failing #2017

The biggest change in this release, motivating the feature-level update, is #2006 Make winston more ESM friendly, thanks to @​miguelcobain.

Thanks also to @​DABH, @​wbt, and @​fearphage for contributions and reviews!

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by w-b-t, a new releaser for winston since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [winston](https://github.com/winstonjs/winston) from 3.3.3 to 3.5.0.
- [Release notes](https://github.com/winstonjs/winston/releases)
- [Changelog](https://github.com/winstonjs/winston/blob/master/CHANGELOG.md)
- [Commits](winstonjs/winston@v3.3.3...v3.5.0)

---
updated-dependencies:
- dependency-name: winston
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 27, 2022
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 1, 2022

Superseded by #33.

@dependabot dependabot bot closed this Feb 1, 2022
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/winston-3.5.0 branch February 1, 2022 19:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants