From 3b1c564a5abbf1d1fca6ecab46e173c8f6938130 Mon Sep 17 00:00:00 2001
From: "homarr-renovate[bot]"
 <158783068+homarr-renovate[bot]@users.noreply.github.com>
Date: Fri, 12 Dec 2025 08:39:42 +0000
Subject: [PATCH] fix(deps): update dependency winston to v3.19.0 (#4632)

Co-authored-by: homarr-renovate[bot] <158783068+homarr-renovate[bot]@users.noreply.github.com>
---
 packages/log/package.json |  2 +-
 pnpm-lock.yaml            | 11 ++++++-----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/packages/log/package.json b/packages/log/package.json
index 98e91a949..8cc811cac 100644
--- a/packages/log/package.json
+++ b/packages/log/package.json
@@ -26,7 +26,7 @@
   "dependencies": {
     "@homarr/core": "workspace:^0.1.0",
     "superjson": "2.2.6",
-    "winston": "3.18.3",
+    "winston": "3.19.0",
     "zod": "^4.1.13"
   },
   "devDependencies": {
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 3cd257f7c..e642a7212 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -1552,8 +1552,8 @@ importers:
         specifier: 2.2.6
         version: 2.2.6
       winston:
-        specifier: 3.18.3
-        version: 3.18.3
+        specifier: 3.19.0
+        version: 3.19.0
       zod:
         specifier: ^4.1.13
         version: 4.1.13
@@ -8455,6 +8455,7 @@ packages:
   next@16.0.7:
     resolution: {integrity: sha512-3mBRJyPxT4LOxAJI6IsXeFtKfiJUbjCLgvXO02fV8Wy/lIhPvP94Fe7dGhUgHXcQy4sSuYwQNcOLhIfOm0rL0A==}
     engines: {node: '>=20.9.0'}
+    deprecated: This version has a security vulnerability. Please upgrade to a patched version. See https://nextjs.org/blog/security-update-2025-12-11 for more details.
     hasBin: true
     peerDependencies:
       '@opentelemetry/api': ^1.1.0
@@ -11018,8 +11019,8 @@ packages:
     resolution: {integrity: sha512-8drMJ4rkgaPo1Me4zD/3WLfI/zPdA9o2IipKODunnGDcuqbHwjsbB79ylv04LCGGzU0xQ6vTznOMpQGaLhhm6A==}
     engines: {node: '>= 12.0.0'}
 
-  winston@3.18.3:
-    resolution: {integrity: sha512-NoBZauFNNWENgsnC9YpgyYwOVrl2m58PpQ8lNHjV3kosGs7KJ7Npk9pCUE+WJlawVSe8mykWDKWFSVfs3QO9ww==}
+  winston@3.19.0:
+    resolution: {integrity: sha512-LZNJgPzfKR+/J3cHkxcpHKpKKvGfDZVPS4hfJCc4cCG0CgYzvlD6yE/S3CIL/Yt91ak327YCpiF/0MyeZHEHKA==}
     engines: {node: '>= 12.0.0'}
 
   word-wrap@1.2.5:
@@ -21008,7 +21009,7 @@ snapshots:
       readable-stream: 3.6.2
       triple-beam: 1.4.1
 
-  winston@3.18.3:
+  winston@3.19.0:
     dependencies:
       '@colors/colors': 1.6.0
       '@dabh/diagnostics': 2.0.8