chore(deps): update dependency tough-cookie to v6

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
tough-cookie	4.1.4 → 6.0.0

---

Release Notes

salesforce/tough-cookie (tough-cookie)

v6.0.0

Compare Source

Summary

Breaking Changes

• Localhost connections over http will now be considered secure by default. For more information, see the README documentation and API Docs for how to configure this feature.

Other Notable Changes

• Dual publishing of ESM+CJS

What's Changed

• Bump globals from 15.14.0 to 16.0.0 by @​dependabot[bot] in #​504
• Bump the dev-dependencies group with 10 updates by @​dependabot[bot] in #​503
• Bump tldts from 6.1.76 to 6.1.79 in the production-dependencies group by @​dependabot[bot] in #​502
• Bump tldts from 6.1.83 to 6.1.85 in the production-dependencies group by @​dependabot[bot] in #​507
• Bump the dev-dependencies group with 9 updates by @​dependabot[bot] in #​508
• Bump eslint-import-resolver-typescript from 3.8.3 to 4.3.1 by @​dependabot[bot] in #​509
• feat: Add RFC 6761–compliant localhost loopback checks so secure cookies work on localhost (fixes: #​382) by @​Chriss4123 in #​498
• use ESM instead of CJS by @​wjhsf in #​506
• Switch from jest to vitest by @​wjhsf in #​510
• Bump vite from 6.2.6 to 6.3.4 by @​dependabot[bot] in #​521
• Bump the dev-dependencies group with 9 updates by @​dependabot[bot] in #​522
• Bump tldts from 6.1.85 to 7.0.5 by @​dependabot[bot] in #​523
• Prepare release v6.0.0-rc.0 by @​colincasey in #​519
• Bump the dev-dependencies group with 12 updates by @​dependabot[bot] in #​525
• Bump tldts from 7.0.5 to 7.0.8 in the production-dependencies group by @​dependabot[bot] in #​524
• Create CONTRIBUTING.md by @​wjhsf in #​526
• Bump tldts from 7.0.8 to 7.0.9 in the production-dependencies group by @​dependabot[bot] in #​530
• chore(deps): bump tldts from 7.0.9 to 7.0.10 in the production-dependencies group by @​dependabot[bot] in #​532
• Bump the dev-dependencies group with 12 updates by @​dependabot[bot] in #​531
• Reverts the check on the Secure attribute when setting a cookie by @​colincasey in #​534
• Prepare release v6.0.0-rc.1 by @​colincasey in #​535
• Bump the dev-dependencies group with 8 updates by @​dependabot[bot] in #​537
• Support publishing of both ESM and CJS by @​colincasey in #​536
• Prepare v6 by @​colincasey in #​538

New Contributors

• @​Chriss4123 made their first contribution in #​498

Full Changelog: salesforce/tough-cookie@v5.1.2...v6.0.0

v5.1.2

Compare Source

What's Changed

• Fix regression bug in domainMatch by @​colincasey in #​500
• Prepare v5.1.2 by @​colincasey in #​501

Full Changelog: salesforce/tough-cookie@v5.1.1...v5.1.2

v5.1.1

Compare Source

What's Changed

• chore: avoid nodejs modules by @​wjhsf in #​487
• Bump the dev-dependencies group with 7 updates by @​dependabot in #​490
• Bump tldts from 6.1.71 to 6.1.76 in the production-dependencies group by @​dependabot in #​489
• Bump eslint-config-prettier from 9.1.0 to 10.0.1 by @​dependabot in #​491
• isolated modules and almost isolated declarations by @​wjhsf in #​486
• chore: auto-close spam PRs by @​wjhsf in #​493

Full Changelog: salesforce/tough-cookie@v5.1.0...v5.1.1

v5.1.0

Compare Source

What's Changed

• Scheduled integration test with jsdom by @​colincasey in #​450
• Update README.md by @​colincasey in #​454
• fix: remove cookies that expire at epoch time of 0 by @​colincasey in #​457
• Restore missing expiryDate method by @​colincasey in #​459
• Bump tldts from 6.1.41 to 6.1.48 in the production-dependencies group by @​dependabot in #​461
• Bump the dev-dependencies group with 7 updates by @​dependabot in #​462
• fix(path-match): avoid parsing path as regex by @​wjhsf in #​465
• Bump tldts from 6.1.48 to 6.1.57 in the production-dependencies group by @​dependabot in #​466
• Bump the dev-dependencies group with 8 updates by @​dependabot in #​467
• Bump tldts from 6.1.57 to 6.1.65 in the production-dependencies group by @​dependabot in #​468
• Bump the dev-dependencies group across 1 directory with 8 updates by @​dependabot in #​471
• chore: streamline package publishing by @​wjhsf in #​453
• Bump the dev-dependencies group across 1 directory with 8 updates by @​dependabot in #​476
• Bump tldts from 6.1.65 to 6.1.71 in the production-dependencies group across 1 directory by @​dependabot in #​478
• Fix npm token config for publish by @​colincasey in #​482
• Give permissions for provenance generation by @​colincasey in #​483
• revert: use runtime-agnostic domainToASCII by @​wjhsf in #​480
• Prepare release v5.1.0 by @​colincasey in #​484

Full Changelog: salesforce/tough-cookie@v5.0.0...v5.1.0

v5.0.0

Compare Source

Summary

Breaking Changes

• We've migrated the project to TypeScript! First-party types are now available.
• The minimum supported version of node is v18.
• We no longer provide official support for non-node enviroments.

API Changes

• We've standardized most of our exposed interfaces to accept both null and undefined and return only undefined.
• getCookie and getCookies now accept a string or URL as a parameter.
• We've removed the inspect function in favor of node's util.inspect.custom symbol. Cookies may appear different when logged in non-node environments.

Other Changes

• Fixed the expiry time not updating when a cookie is updating.
• Fixed validation errors not getting called in some callbacks.
• New documentation that is always kept up to date!
• Performance improvements.

What's Changed

• Typescript support by @​colincasey in #​264
• [v5] Update config by @​wjhsf in #​269
• Fix prettier in eslint config by @​wjhsf in #​274
• Updated dev tooling by @​colincasey in #​271
• Port 283 fix to v5 by @​colincasey in #​287
• Remove some @​ts-ignore directives. by @​wjhsf in #​288
• Clean up validate function. by @​wjhsf in #​275
• Changes to support full eslint rule configurations by @​colincasey in #​289
• Split giant cookie.ts into multiple files. by @​wjhsf in #​296
• Merge branch 'master' into v5 by @​wjhsf in #​300
• Merge v5 into master by @​colincasey in #​303
• Preparing for release 5.0.0-rc.0 by @​colincasey in #​304
• Bump @​babel/traverse from 7.21.3 to 7.23.2 by @​dependabot in #​305
• Configure dependabot and codeowners by @​colincasey in #​306
• Bump @​typescript-eslint/parser from 5.58.0 to 5.62.0 by @​dependabot in #​310
• Bump eslint-config-prettier from 8.8.0 to 9.0.0 by @​dependabot in #​311
• Bump async from 2.6.4 to 3.2.4 by @​dependabot in #​313
• Avoid using arguments by @​wjhsf in #​316
• Configure dependabot to ignore @​types/node. by @​wjhsf in #​319
• Bump dependencies. by @​wjhsf in #​323
• Bump the dev-dependencies group with 6 updates by @​dependabot in #​342
• Bump the dev-dependencies group with 1 update by @​dependabot in #​344
• Bump the dev-dependencies group with 3 updates by @​dependabot in #​347
• docs: use correct memstore file link by @​alissonsleal in #​349
• Bump the dev-dependencies group with 3 updates by @​dependabot in #​351
• Bump the dev-dependencies group with 2 updates by @​dependabot in #​354
• Fix expiry time not updating when cookie is updated by @​colincasey in #​345
• Change dependabot to monthly by @​wjhsf in #​355
• Bump the dev-dependencies group with 5 updates by @​dependabot in #​358
• Avoid void by @​wjhsf in #​331
• Replace psl with tldts by @​colincasey in #​346
• Bump the production-dependencies group with 1 update by @​dependabot in #​362
• Bump the dev-dependencies group with 4 updates by @​dependabot in #​363
• docs: fix JSON.serialize -> JSON.stringify by @​zavan in #​361
• Remove workarounds for util in non-node environments by @​wjhsf in #​359
• Accept URL parameter in getCookies and setCookie by @​colincasey in #​364
• Remove community cookie store links by @​colincasey in #​367
• Handle unlikely edge case in unimportant util by @​wjhsf in #​366
• Fix allow listed files for what to include in npm package by @​colincasey in #​368
• fix #​256 by @​hrueger in #​297
• Preparing for release 5.0.0-rc.1 by @​colincasey in #​369
• Bump @​typescript-eslint/eslint-plugin from 6.20.0 to 7.0.0 by @​dependabot in #​373
• Bump the production-dependencies group with 1 update by @​dependabot in #​370
• Fixes eslint plugin dev upgrades by @​colincasey in #​375
• restore parse export that was accidentally removed by @​wjhsf in #​376
• Clean up cookie creation by @​wjhsf in #​381
• Enforce explicit function return type by @​wjhsf in #​383
• patch removed util methods for vows by @​wjhsf in #​389
• clean up usage of null/undefined by @​wjhsf in #​380
• Bump the dev-dependencies group with 2 updates by @​dependabot in #​404
• Bump the production-dependencies group with 1 update by @​dependabot in #​403
• Remove @types/psl from dev dependencies by @​colincasey in #​406
• Bump tldts from 6.1.16 to 6.1.18 in the production-dependencies group by @​dependabot in #​411
• Bump the dev-dependencies group with 2 updates by @​dependabot in #​412
• Bump ejs from 3.1.9 to 3.1.10 by @​dependabot in #​413
• Update v5 docs by @​colincasey in #​384
• Enable strict type checked rules by @​wjhsf in #​392
• Preparing for release 5.0.0-rc.2 by @​colincasey in #​414
• Bump the dev-dependencies group with 4 updates by @​dependabot in #​417
• Bump @​eslint/js from 8.57.0 to 9.4.0 by @​dependabot in #​419
• Bump tldts from 6.1.18 to 6.1.24 in the production-dependencies group across 1 directory by @​dependabot in #​420
• chore: update deps by @​wjhsf in #​421
• Use latest TypeScript version by @​wjhsf in #​423
• Update contributors by @​colincasey in #​425
• Bump tldts from 6.1.28 to 6.1.30 in the production-dependencies group by @​dependabot in #​426
• Bump the dev-dependencies group with 4 updates by @​dependabot in #​427
• Fix validation errors not calling callbacks by @​colincasey in #​424
• Preparing for release 5.0.0-rc.3 by @​colincasey in #​430
• Remove url-parse and punycode by @​wjhsf in #​429
• Checks structure instead of instanceof for URL test by @​colincasey in #​431
• pre-release cleanup by @​wjhsf in #​428
• Preparing for release 5.0.0-rc.4 by @​colincasey in #​432
• use domainToASCII(str) instead of new URL(str).hostName by @​wjhsf in #​433
• Bump tldts from 6.1.32 to 6.1.37 in the production-dependencies group by @​dependabot in #​436
• Bump the dev-dependencies group across 1 directory with 6 updates by @​dependabot in #​439
• Bump tldts from 6.1.37 to 6.1.41 in the production-dependencies group by @​dependabot in #​443
• Bump the dev-dependencies group with 6 updates by @​dependabot in #​444
• upgrade typescript-eslint to 8.0.1 by @​wjhsf in #​440
• Bump the dev-dependencies group with 2 updates by @​dependabot in #​448
• Bump eslint from 8.57.0 to 9.9.1 by @​dependabot in #​449
• Prepare v5 by @​colincasey in #​451

New Contributors

• @​alissonsleal made their first contribution in #​349
• @​zavan made their first contribution in #​361
• @​hrueger made their first contribution in #​297

Full Changelog: salesforce/tough-cookie@v4.1.3...v5.0.0

---

Configuration

📅 Schedule: Branch creation - Monday through Friday ( * * * * 1-5 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.