build(deps): bump winston from 3.3.3 to 3.3.4

[dependabot]

Bumps winston from 3.3.3 to 3.3.4.

Release notes

Sourced from winston's releases.

v3.3.4

Compared to v3.3.3, this version fixes some issues and includes some updates to project infrastructure, such as replacing Travis with Github CI and dependabot configuration. There have also been several relatively minor improvements to documentation, and incorporation of some updated dependencies.
Dependency updates include a critical bug fix #2008 in response to self-vandalism by the author of a dependency.

• #1964 Added documentation for how to use a new externally maintained Seq transport.
• #1712 Add default metadata when calling log with string level and message.
• #1824 Unbind event listeners on close
• #1961 Handle undefined rejections
• #1878 Correct boolean evaluation of empty-string value for eol option
• #1977 Improved consistency of object parameters for better test reliability

Changelog

Sourced from winston's changelog.

v3.3.4 / 2022-01-09

Compared to v3.3.3, this version fixes some issues and includes some updates to project infrastructure, such as replacing Travis with Github CI and dependabot configuration. There have also been several relatively minor improvements to documentation, and incorporation of some updated dependencies.
Dependency updates include a critical bug fix #2008 in response to self-vandalism by the author of a dependency.

• #1964 Added documentation for how to use a new externally maintained Seq transport.
• #1712 Add default metadata when calling log with string level and message.
• #1824 Unbind event listeners on close
• #1961 Handle undefined rejections
• #1878 Correct boolean evaluation of empty-string value for eol option
• #1977 Improved consistency of object parameters for better test reliability

Commits

• 473d391 Fix release notes from yesterday
• 038ae23 fix all high-severity vulnerabilities from npm audit
• 7467d0a v3.3.4
• 05bda20 Pin colors package to 1.4.0 due to Security Vuln (#2008)
• 65ab472 Update logform in package.json per #1952
• 36586d3 Bump winston-transport from 4.4.0 to 4.4.1 (#1997)
• 310de77 Bump @​babel/preset-env from 7.16.4 to 7.16.5 (#1992)
• de611c1 Bump is-stream from 2.0.0 to 2.0.1 (#1991)
• b9fbeb2 Bump @​babel/core from 7.16.0 to 7.16.5 (#1990)
• c4f24e9 Bump @​babel/cli from 7.10.3 to 7.16.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #24.