Skip to content

chore(deps): update dependency cookie to v2#556

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/major-utils
Open

chore(deps): update dependency cookie to v2#556
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/major-utils

Conversation

@renovate

@renovate renovate Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
cookie ^1.1.1^2.0.0 age confidence

Release Notes

jshttp/cookie (cookie)

v2.0.1

Compare Source

Improved:

  • Small performance improvement by incrementing = index while parsing set-cookie (#​280)

v2.0.0

Compare Source

Important: This release moves the package to ESM only. In node 22+ you can require(esm), and older node versions are not supported.

Changed

  • Switch to ESM (#​273)
  • Remove deprecated code paths (#​272)
    • The old parse and stringify methods have been renamed: parseCookie and stringifySetCookie
    • stringifySetCookie only supports object mode (e.g. { name: "", value: "" })

Improvements

  • Faster stringify cookie (#​262)
  • Optimize encode performance (#​269)
  • Apply encode to empty cookie values (#​277)

Fixed

  • Omit leading semicolon when stringifying cookies with skipped values (#​267)

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies Pull requests that update a dependency file label Jun 25, 2026
@renovate renovate Bot changed the title chore(deps): update utils (major) chore(deps): update dependency cookie to v2 Jun 25, 2026
@renovate renovate Bot force-pushed the renovate/major-utils branch from 3586740 to ff1fc18 Compare July 1, 2026 01:42
@renovate

renovate Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml
? Verifying lockfile against supply-chain policies (1177 entries)...
Progress: resolved 1, reused 0, downloaded 0, added 0
.                                        | [WARN] deprecated conventional-changelog-cli@5.0.0
Progress: resolved 194, reused 0, downloaded 0, added 0
Progress: resolved 387, reused 0, downloaded 1, added 0
Progress: resolved 472, reused 0, downloaded 1, added 0

   ╭─────────────────────────────────────────╮
   │                                         │
   │   Update available! 11.8.0 → 11.9.0.    │
   │   Changelog: https://pnpm.io/v/11.9.0   │
   │    To update, run: pnpm add -g pnpm     │
   │                                         │
   ╰─────────────────────────────────────────╯

Progress: resolved 582, reused 0, downloaded 1, added 0
Progress: resolved 765, reused 0, downloaded 1, added 0
Progress: resolved 1050, reused 0, downloaded 1, added 0
[WARN] 2 deprecated subdependencies found: glob@10.5.0, whatwg-encoding@3.1.1
Progress: resolved 1177, reused 0, downloaded 1, added 0
Progress: resolved 1177, reused 0, downloaded 1, added 0, done
[WARN] Issues with peer dependencies found. Run "pnpm peers check" to list them.
✗ Lockfile failed supply-chain policy check (1177 entries in 8.7s)
[ERR_PNPM_MINIMUM_RELEASE_AGE_VIOLATION] 1 lockfile entries failed verification:
  @vue/language-plugin-pug@3.3.6 was published at 2026-06-30T14:47:15.831Z, within the minimumReleaseAge cutoff (2026-06-30T01:42:20.152Z)

The lockfile contains entries that the active policies reject. This can mean the lockfile is stale, or that someone committed a lockfile that bypassed the policy locally — inspect recent changes to pnpm-lock.yaml before trusting it. If the changes look expected, run "pnpm clean --lockfile" and then "pnpm install" to rebuild from a fresh resolution. Alternatively, relax the policy that flagged them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants