Bump tough-cookie and @google-cloud/storage in /firebase-functions/paddle-webhook/functions

[dependabot]

Removes tough-cookie. It's no longer used after updating ancestor dependency @google-cloud/storage. These dependencies need to be updated together.

Removes tough-cookie

Updates @google-cloud/storage from 2.4.1 to 2.5.0

Changelog

Sourced from @​google-cloud/storage's changelog.

v2.5.0

04-04-2019 12:27 PDT

This release brings an option to file#getSignedURL to create a version 4 Signed URL.

file.getSignedUrl({
  version: 'v4', // optional, defaults to v2 (existing version)
  action: 'read',
  expires: FUTURE_DATE,
})

New Features

• feat: introduce v4 signed url (#637)

Dependencies

• chore(deps): update dependency @​types/node to v11.13.0 (#662)
• chore(deps): update dependency @​types/tmp to v0.1.0
• chore(deps): upgrade to newest version of @​google-cloud/common (#657)
• chore(deps): update dependency typescript to ~3.4.0
• chore(deps): update dependency tmp to ^0.1.0 (#641)

Documentation

• docs: regenerate the samples/README.md (#649)
• docs: slight difference in how nightly synthtool run generated README (#650)
• docs: new synthtool generated README (#645)
• docs(samples): refactor the quickstart to match the new rubric (#647)
• docs: update README format
• docs: add requires_billing, retire .cloud-repo-tools.json (#644)
• docs: add additional api_id field (#640)
• docs: document destination option (#633)
• docs: clarify in docs, the meaning of ASIA and coldline (#632)
• docs: add a .repo-metadata.json (#639)

Internal / Testing Changes

• test(v2-sign): add multi-valued headers system-test (#646)
• refactor: replace once with onetime (#660)
• fix: do not download cached files (#643)
• chore: publish to npm using wombat (#634)
• build: use per-repo npm publish token (#630)

v2.4.3

03-13-2019 17:10 PDT

Bug Fixes / Implementation Changes

• fix: getSigned(Policy|Url) throws if expiration is invalid Date (#614)
• fix: handle errors from file#createReadStream (#615)

... (truncated)

Commits

• c2ad574 Release @​google-cloud/storage v2.5.0 (#665)
• 521eafd feat: introduce v4 signed url (#637)
• 00d61bc docs: regenerate the samples/README.md (#649)
• c0db858 chore(deps): update dependency @​types/node to v11.13.0 (#662)
• 079f246 refactor: replace once with onetime (#660)
• 3041d15 chore(deps): update dependency @​types/tmp to v0.1.0
• c44f70d chore(deps): upgrade to newest version of @​google-cloud/common (#657)
• 92332dd chore(deps): update dependency typescript to ~3.4.0
• ba349ae docs: slight difference in how nightly synthtool run generated README (#650)
• 53e290e docs: new synthtool generated README (#645)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for @​google-cloud/storage since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.