Bump winston from 2.4.0 to 3.0.0 in /back-end

[dependabot-preview]

Bumps winston from 2.4.0 to 3.0.0.

Changelog

Sourced from winston's changelog.

v3.0.0 / 2018-06-12

GET IN THE CHOPPA EDITION

• [#1332], (DABH): logger.debug is sent to stderr (Fixed [#1024])
• [#1328], (ChrisAlderson): Logger level doesn't update transports level (Fixes [#1191]).
• [#1356], (indexzero) Move splat functionality into logform. (Fixes [#1298]).
• [#1340], (indexzero): Check log.length when evaluating "legacyness" of transports (Fixes [#1280]).
• [#1346], (indexzero): Implement _final from Node.js streams. (Related to winston-transport#24, Fixes [#1250]).
• [#1347], (indexzero): Wrap calls to format.transform with try / catch (Fixes [#1261]).
• [#1357], (indexzero): Remove paddings as we have no use for it in the current API.
• [TODO]: REMAINS OPEN, NO PR (Fixes [#1289])
• Documentation
  • [#1301], (westonpace) Cleaned up some of the documentation on colorize
    to address concerns in [#1095].
  • First pass at a heavy refactor of docs/transports.md.
• Dependency management
  • Regenerate package-lock.json.
  • Upgrade to logform@^1.9.0.

v3.0.0-rc6 / 2018-05-30

T-MINUS 6-DAY TO WINSTON@3 EDITION

• Document that we are pushing for a June 5th, 2018 release of winston@3.0.0
• [#1287], (DABH) Added types for Typescript.
  • [#1335] Typescript: silent is boolean.
  • [#1323] Add level method to default logger.
• [#1286], (ChrisAlderson) Migrate codebase to ES6
  • [#1324], (ChrisAlderson) Fix regression introduced by ES6 migration for
    exception handling.
  • [#1333], (ChrisAlderson) Fix removing all loggers from a container.
• [#1291], [#1294], [#1318], (indexzero, ChrisAlderson, mempf) Improvements
  to File transport core functionality. Fixes [#1194].
• [#1311], (ChrisAlderson) Add eol option to Stream transport.
• [#1297], (ChrisAlderson) Move winston.config to triple-beam. Expose
  for backwards compatibility.
• [#1320], (ChrisAlderson) Enhance tests to run on Windows.
• Internal project maintenance
  • Bump to winston-transport@4.0.0 which may cause incompatibilities if
    your custom transport does not explicitly require winston-transport
    itself.
  • [#1292], (ChrisAlderson) Add node v10 to TravisCI build matrix.
  • [#1296], (indexzero) Improve UPGRADE-3.0.md. Add Github Issue Template.
  • Remove "npm run report" in favor of reports being automatically generate.
  • Update logform, triple-beam, and winston-transport to latest.

Special thanks to our newest winston core team member – ChrisAlderson for
helping make winston@3.0.0 a reality next week!

v3.0.0-rc5 / 2018-04-20

UNOFFICIAL NATIONAL HOLIDAY EDITION

... (truncated)

Commits

• 8be746b [dist] Version bump. 3.0.0
• ce2c0dc 3.0.0 pre-release (#1342)
• 133d0c2 [doc] Cleaned up some of the documentation on colorize to address c… (#1301)
• d701505 Remove paddings as we have no use for it in the current API. (#1357)
• 11283a0 Move splat functionality into logform. Fixes #1298 (#1356)
• 109031f [fix] Update level property to change transport level #1191 (#1328)
• 4c301eb [dist] Update package-lock.json
• 5fdfad8 Wrap calls to format.transform with try / catch. (#1347)
• 0c84f4f Implement _final from Node.js streams; misc. clean-up (#1346)
• 4089b59 [doc fix] Formatting fixes to docs.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.