Bump tough-cookie from 4.1.2 to 4.1.3 (!6) · Merge requests · tools / whereigo

Dependabot requested to merge dependabot-npm_and_yarn-tough-cookie-4.1.3 into master Jun 06, 2023

Bumps tough-cookie from 4.1.2 to 4.1.3.

Release notes

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

Commits

4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
12d4747 Prevent prototype pollution in cookie memstore (#283)
f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
See full diff in compare view

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

$dependabot rebase will rebase this MR
$dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Bump tough-cookie from 4.1.2 to 4.1.3

4.1.3

Merge request reports