[Snyk] Upgrade: cookie, next-connect, passport, uuid

[X-oss-byte]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

cookie
from 0.4.1 to 0.6.0 | 3 versions ahead of your current version | 10 months ago
on 2023-11-07
next-connect
from 0.8.1 to 0.13.0 | 11 versions ahead of your current version | 2 years ago
on 2022-07-23
passport
from 0.4.1 to 0.7.0 | 6 versions ahead of your current version | 9 months ago
on 2023-11-27
uuid
from 8.3.1 to 8.3.2 | 2 versions ahead of your current version | 4 years ago
on 2020-12-08

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Session Fixation SNYK-JS-PASSPORT-2840631	454	No Known Exploit

Release notes

Package name: cookie

• 0.6.0 - 2023-11-07
  
  • Add partitioned option
• 0.5.0 - 2022-04-11
  
  • Add priority option
  • Fix expires option to reject invalid dates
  • pref: improve default decode speed
  • pref: remove slow string split in parse
• 0.4.2 - 2022-02-02
  
  • pref: read value only when assigning in parse
  • pref: remove unnecessary regexp in parse
• 0.4.1 - 2020-04-22
  
  • Fix maxAge option to reject invalid values

from cookie GitHub release notes

Package name: next-connect

• 0.13.0 - 2022-07-23
  

  0.13.0

• 0.12.2 - 2022-02-20
  

  0.12.2

• 0.12.1 - 2022-02-07
  
  • breaking: flow change: handle() does not use onError (ad857be)
  • fix: make sure handler is resolvable (#178)
• 0.12.0 - 2022-02-05
• 0.11.1 - 2022-02-03
  

  0.11.1

• 0.11.0 - 2021-10-19
  
  • Allow regular expressions to be used for route. (#157)
• 0.10.2 - 2021-08-04
  
  • Export the options interface (#152)
• 0.10.1 - 2021-03-16
• 0.10.0 - 2021-02-14
• 0.9.1 - 2020-10-22
• 0.9.0 - 2020-09-05
• 0.8.1 - 2020-07-06

from next-connect GitHub release notes

Package name: passport

• 0.7.0 - 2023-11-27
  

  0.7.0

• 0.6.0 - 2022-05-20
  

  0.6.0

• 0.5.3 - 2022-05-16
  

  0.5.3

• 0.5.2 - 2021-12-16
  

  0.5.2

• 0.5.1 - 2021-12-15
  

  0.5.1

• 0.5.0 - 2021-09-23
  

  0.5.0

• 0.4.1 - 2019-12-09
  

  0.4.1

from passport GitHub release notes

Package name: uuid

• 8.3.2 - 2020-12-08
  

  chore(release): 8.3.2

• 8.3.2-beta.0 - 2020-11-21
• 8.3.1 - 2020-10-04
  

  chore(release): 8.3.1

from uuid GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
next-js-next-plugin-storybook	❌ Failed (Inspect)			Sep 7, 2024 3:47pm
next-js-next-plugin-storybook-g5dx	❌ Failed (Inspect)			Sep 7, 2024 3:47pm
next-js-next-plugin-storybook-y5ka	❌ Failed (Inspect)			Sep 7, 2024 3:47pm
next-x-storybook	❌ Failed (Inspect)			Sep 7, 2024 3:47pm

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[vercel]

Deployment failed with the following error:

Could not parse File as JSON: vercel.json

[changeset-bot]

⚠️ No Changeset found

Latest commit: 3243b3f

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.