[Snyk] Upgrade tough-cookie from 2.2.2 to 2.5.0

[snyk-bot]

Snyk has created this PR to upgrade tough-cookie from 2.2.2 to 2.5.0.

✨What is Merge Advice?

We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 8 versions ahead of your current version.
• The recommended version was released a year ago, on 2018-11-26.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20160722	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20170905	No Known Exploit

Release notes

Package name: tough-cookie

• 2.5.0 - 2018-11-26
  

  2.5.0

• 2.4.3 - 2018-06-25
  

  2.4.3

• 2.4.2 - 2018-06-04
  

  2.4.2

• 2.3.4 - 2018-02-26
  

  2.3.4

• 2.3.3 - 2017-09-21
  

  2.3.3

• 2.3.2 - 2016-10-25
  

  2.3.2

• 2.3.1 - 2016-07-26
  

  2.3.1

• 2.3.0 - 2016-07-21
  

  2.3.0

• 2.2.2 - 2016-03-09

from tough-cookie GitHub release notes

Commit messages

Package name: tough-cookie

• 7c1fdf1 2.5.0
• 9ff4ba5 Qualify the store.removeAllCookies documentation
• 1855bf3 Additional documentation for removeAllCookies
• 5cc9bd2 Extract tests, cover multiple error path
• 28f0808 Only call removeAllCookies if actually implemented
• 62802ef remove all cookies from cookie jar at once (Cookie handling kills hand-rolled cookie headers request/request#115)
• 8783d46 Remove left-over mention of MPL from README
• 8302ebc Merge pull request Another patch for cookie handling regression request/request#121 from salesforce/punycode-2.1
• d6ea115 Merge pull request npm WARN request@2.1.1 ... should probably be bugs['url'] request/request#120 from salesforce/no-package-lock
• b897b49 Merge pull request auto forwarding DELETE redirects request/request#119 from salesforce/inline-version
• 31ad267 Upgrade to punycode 2.1
• 550f951 Purposefully don't lock dependencies
• 3d8570c 2.4.4-1
• 4cbd182 Merge pull request accented characters? � � � request/request#118 from salesforce/deps-2018jul30
• 55a41c1 inline package version using genversion
• 901d898 Update packages & npm audit fix
• 6300174 Merge pull request package.json says 2.2.0 request/request#116 from salesforce/fix-clone
• 671ad41 2.4.3
• 4fda906 Merge pull request Remove the global i request/request#117 from salesforce/travis-lts-verions
• 6b91d1a Update tested version matrix
• e083fc8 Fix jar clone and cloneSync methods
• 8e395d8 Docs: Fix spelling of "parameter"
• c761c55 Merge pull request proxy pipe example doesn't work request/request#114 from BridgeAR/fix-custom-inspection
• a662bbb Fix custom inspection

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs