upgrade the cookie dependency

Question

upgrade the cookie dependency

Closed this issue a month ago · 2 comments

npm audit report

cookie <0.7.0
cookie accepts cookie name, path, and domain with out of bounds characters - GHSA-pxg6-pf52-xh8x
No fix available
node_modules/cookie
iron-session *
Depends on vulnerable versions of cookie
node_modules/iron-session

Answer 1 · 2024-11-11T22:41:01.000Z

Can we get an updated ETA on when to expect the cookie dep to be updated? @vvo

Answer 2 · 2024-11-12T08:39:40.000Z

Upgraded and released as 8.0.4 👍