[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	758/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-LODASH-608086	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: express-winston

The new version differs by 10 commits.

• aed072e Version bump 2.5.0
• fff53cd Added Kévin Maschtaler to Authors
• 83514c6 Merge pull request #166 from bithavoc/feature/165
• a861a56 Merge pull request #164 from Kmaschta/master
• 1c39ece bump version of lodash due security vuln
• 768248a Fix memory usage of expressWinston.logger under heavy load
• c4e1a5d Merge pull request #162 from RichardMisiak/readme-typo
• 674ffee Fix typo
• 245d977 Ignore custom vimrc files.
• 320cc49 Show default colorize value in readme.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic