fix(deps): update dependency cookie to v1.1.1#519

Open

cwillisf wants to merge 1 commit intodevelopfrom

chore/update-cookie-to-v1

Contributor

cwillisf commented Apr 8, 2026

Resolves

Closes fix(deps): update dependency cookie to v0.7.0 [security] #293

Proposed Changes

Bump dependency cookie to v1.1.1

Reason for Changes

Version 0.6.0 has a security issue, and #293 conservatively bumps it to a version that doesn't have that issue. However, that version is still very old. This PR bumps to the latest version, which only required minor adjustments. (The security issue doesn't affect the way we use the package, but it's still best to keep up to date.)

Test Coverage

Unchanged


          fix(deps): update dependency cookie to v1.1.1

1e0a55c

cwillisf requested review from KManolov3 and Copilot

April 8, 2026 19:24

cwillisf requested a review from a team as a code owner

April 8, 2026 19:24

Copilot started reviewing on behalf of cwillisf

April 8, 2026 19:25

Copilot AI reviewed

View reviewed changes

Contributor

Copilot AI left a comment

Pull request overview

This PR updates the cookie dependency used by scratch-gui from 0.6.0 to 1.1.1, and adjusts the two call sites that parse document.cookie to align with the updated package’s export shape.

Changes:

Bump cookie dependency in packages/scratch-gui to ^1.1.1 and update package-lock.json accordingly.
Update theme and color-mode persistence helpers to import and use parse directly from cookie.

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated no comments.

File	Description
packages/scratch-gui/src/lib/settings/theme/persistence.js	Switch cookie parsing to `import {parse} from 'cookie'` and use `parse(document.cookie)`
packages/scratch-gui/src/lib/settings/color-mode/persistence.js	Same import/update for color-mode cookie parsing
packages/scratch-gui/package.json	Update `cookie` dependency version to `^1.1.1`
package-lock.json	Lockfile update to `cookie@1.1.1` with updated metadata

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Contributor

github-actions Bot commented Apr 8, 2026

Test report for scratch-media-lib-scripts

20 tests ±0 20 ✅ ±0 0s ⏱️ ±0s
1 suites ±0 0 💤 ±0
1 files ±0 0 ❌ ±0

Results for commit 1e0a55c. ± Comparison against base commit 8152f79.

Contributor

github-actions Bot commented Apr 8, 2026

Test report for task-herder

28 tests ±0 28 ✅ ±0 0s ⏱️ ±0s
7 suites ±0 0 💤 ±0
1 files ±0 0 ❌ ±0

Results for commit 1e0a55c. ± Comparison against base commit 8152f79.

Contributor

github-actions Bot commented Apr 8, 2026

Test report for scratch-svg-renderer

1 files ±0 60 suites ±0 0s ⏱️ ±0s
129 tests ±0 129 ✅ ±0 0 💤 ±0 0 ❌ ±0
281 runs ±0 280 ✅ ±0 1 💤 ±0 0 ❌ ±0

Results for commit 1e0a55c. ± Comparison against base commit 8152f79.

Contributor

github-actions Bot commented Apr 8, 2026

Test report for scratch-render

1 files ±0 55 suites ±0 3s ⏱️ -1s
209 tests ±0 209 ✅ ±0 0 💤 ±0 0 ❌ ±0
279 runs ±0 279 ✅ ±0 0 💤 ±0 0 ❌ ±0

Results for commit 1e0a55c. ± Comparison against base commit 8152f79.

Contributor

github-actions Bot commented Apr 8, 2026

Test report for scratch-gui

2 files ±0 63 suites ±0 9m 57s ⏱️ +26s
399 tests ±0 391 ✅ ±0 8 💤 ±0 0 ❌ ±0
417 runs ±0 409 ✅ ±0 8 💤 ±0 0 ❌ ±0

Results for commit 1e0a55c. ± Comparison against base commit 8152f79.

Contributor

github-actions Bot commented Apr 8, 2026

Test report for scratch-vm

1 files ±0 886 suites ±0 1m 58s ⏱️ -5s
1 916 tests ±0 1 916 ✅ ±0 0 💤 ±0 0 ❌ ±0
5 218 runs ±0 5 188 ✅ ±0 30 💤 ±0 0 ❌ ±0

Results for commit 1e0a55c. ± Comparison against base commit 8152f79.

KManolov3 approved these changes

View reviewed changes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet