[Snyk] Upgrade js-cookie from 2.2.1 to 3.0.5

[Mastermindzh]

Snyk has created this PR to upgrade js-cookie from 2.2.1 to 3.0.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 16 versions ahead of your current version.

• The recommended version was released 2 years ago.

Release notes

Package name: js-cookie

• 3.0.5 - 2023-04-24
  
  • Remove npm version restriction in package.json - #818
• 3.0.4 - 2023-04-21
  
  • Publish to npmjs.com with package provenance
• 3.0.3 - 2023-04-21
• 3.0.2 - 2023-04-21
• 3.0.1 - 2021-09-01
  
  • Make package.json accessible in export - #727
• 3.0.0 - 2021-07-26
  
  • Removed defaults in favor of a builder: now to supply an api instance with particular predefined (cookie) attributes there's Cookies.withAttributes(), e.g.:

  const api = Cookies.withAttributes({
    path: '/',
    secure: true
  })
  api.set('key', 'value') // writes cookie with path: '/' and secure: true...

  • The attributes that an api instance is configured with are exposed as attributes property; it's an immutable object and unlike defaults cannot be changed to configure the api.
  • The mechanism to fall back to the standard, internal converter by returning a falsy value in a custom read converter has been removed. Instead the default converters are now exposed as Cookies.converter, which allows for implementing self-contained custom converters providing the same behavior:

  const customReadConverter = (value, name) => {
    if (name === 'special') {
      return unescape(value)
    }
    return Cookies.converter.read(value)
  }

  • withConverter() no longer accepts a function as argument to be turned into a read converter. It is now required to always pass an object with the explicit type(s) of converter(s):

  const api = Cookies.withConverter({
    read: (value, name) => unescape(value)
  })

  • The converter(s) that an api instance is configured with are exposed as converter property; it's an immutable object and cannot be changed to configure the api.
  • Started providing library as ES module, in addition to UMD module. The module field in package.json points to an ES module variant of the library.
  • Started using browser field instead of main in package.json (for the UMD variant of the library).
  • Dropped support for IE < 10.
  • Removed built-in JSON support, i.e. getJSON() and automatic stringifying in set(): use Cookies.set('foo', JSON.stringify({ ... })) and JSON.parse(Cookies.get('foo')) instead.
  • Removed support for Bower.
  • Added minified versions to package - #501
  • Improved support for url encoded cookie values (support case insensitive encoding) - #466, #530
  • Expose default path via API - #541
  • Handle falsy arguments passed to getters - #399
  • No longer support Node < 12 when building (LTS versions only)
• 3.0.0-rc.4 - 2021-07-16
  

  Reverted changes introduced in rc2, which caused a mayor breaking change in the case of requesting the library via jsdelivr CDN with a particular file name. This breaking change was not intentional.

  The problem was that we've been advertising the following link in the readme on the master branch:

  https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js

  while the respective change had changed that file name in the distribution to js.cookie.umd.min.js.

  Nonetheless, we advise to always use the latest stable version in production environments.

• 3.0.0-rc.3 - 2021-07-15
  
  • Fixed paths in exports field in package.json - #695
• 3.0.0-rc.2 - 2021-07-14
  
  • Improved module setup in package.json to account for older Node.js versions - #666
  • Reverted using browser field instead of main in package.json (for the UMD variant of the library): bundlers by default prefer it over module and will end up with a UMD module where ES may be preferred - #666
• 3.0.0-rc.1 - 2020-09-08
  
  • Fixed regression where in Safari cookie values containing non-ASCII characters were no longer written correctly - #623
• 3.0.0-rc.0 - 2020-03-11
  No content.
• 3.0.0-beta.4 - 2020-03-05
• 3.0.0-beta.3 - 2019-12-20
• 3.0.0-beta.2 - 2019-12-12
• 3.0.0-beta.1 - 2019-12-11
• 3.0.0-beta.0 - 2019-10-05
• 2.2.1 - 2019-08-06

from js-cookie GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

size-limit report 📦

Path	Size
dist/react-cookie-consent.cjs.production.min.js	3.36 KB (-2.83% 🔽)
dist/react-cookie-consent.esm.js	3.24 KB (-8.26% 🔽)

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.