[Snyk] Upgrade pino from 6.3.2 to 6.11.0

[mattlehrer]

Snyk has created this PR to upgrade pino from 6.3.2 to 6.11.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 11 versions ahead of your current version.
• The recommended version was released a month ago, on 2021-01-16.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Arbitrary Code Execution SNYK-JS-THENIFY-571690	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept
	Prototype Pollution SNYK-JS-HIGHLIGHTJS-1045326	537/1000 Why? Proof of Concept exploit, CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-CLASSTRANSFORMER-564431	537/1000 Why? Proof of Concept exploit, CVSS 8.6	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: pino

• 6.11.0 - 2021-01-16
  • Update errors documentation #948 #949
  • Update mixin documentation #951 #952
  • Replace var with let and const #947 #950
• 6.10.0 - 2021-01-08

  📚 PR:

  • Bump up pino-std-serializers dependency (#946)
• 6.9.0 - 2020-12-31

  📚 PR:

  • docs: upgrade all available http links to https
  • Merge pull request #941 from xom9ikk/upgrate-to-https
  • Add pino-dev as an ecosystem package in the docs
  • Merge pull request #943 from dnjstrom/docs/pino-dev
  • docs: Fix a tiny typo (#939)
  • Fix typos (#940)
  • access log level in hook #909 (#944)
• 6.8.0 - 2020-12-11

  📚 PR:

  • #915 Adding path case sensitivity to docs (#916)
  • Fix link on pretty document (#927)
  • pass merging object to mixins (#926)
  • address destructuring mergeObject in docs (#928)
  • doc: fix wrong link to logger.level (#929)
  • docs/transport: add pino-gelf (#934)
  • Support Babel/Typescript "faux modules" as well as native ESM (#936)
• 6.7.0 - 2020-10-05
  • integrate fast-redact v3 #917
• 6.6.1 - 2020-09-13
  • Fix time quoting in prettification #905 #907
• 6.6.0 - 2020-09-06

  📚 PR:

  • Add timestamp option to browser env, closes #903 (#904)
• 6.5.1 - 2020-08-13

  📚 PR:

  • Clear cached parsed chindings when they're changed with .setBindings (fixes #890) (#893)
  • Update deps (#894)
• 6.5.0 - 2020-08-01
  • Revert originalMsg feature #882
• 6.4.1 - 2020-07-21
  • Remove unused communication channels from README #880
• 6.4.0 - 2020-07-15
• 6.3.2 - 2020-06-02

from pino GitHub release notes

Commit messages

Package name: pino

• 3a31f3a v6.11.0
• c2de8e1 Merge pull request #950 from salesh/947-var-let-const-replacing
• 1442626 Change eslintrc and change command in package.json
• dfe518b Fix linter
• 44b698e Fix nested ternaries
• 58d9b6d Fix nested ternaries
• 6768d4e docs: fix mixin docs (#952)
• 98e31c0 Fix for...in
• 8f637d7 accidently replace var with const in css
• 2fd82b7 Replacing var with let/const, somewhere left var because scope, somewhere left var because for + resolved all standard issues
• 40fa7f6 Mention passing errors in the docs (#949)
• ce9b712 Bumped v6.10.0
• d2df737 Bump up pino-std-serializers dependency (#946)
• 7320f99 bumped v6.9.0
• 24c493b access log level in hook #909 (#944)
• 541ff5a Merge pull request #943 from dnjstrom/docs/pino-dev
• 03808d3 Add pino-dev as an ecosystem package in the docs
• 4c15cf8 Merge pull request #941 from xom9ikk/upgrate-to-https
• fde3979 docs: upgrade all available http links to https
• 607f11c Fix typos (#940)
• e19137f docs: Fix a tiny typo (#939)
• 06d8abc Bumped v6.8.0
• 98af5e7 Support Babel/Typescript "faux modules" as well as native ESM (#936)
• 00dc5f0 docs/transport: add pino-gelf (#934)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs