Bump js-cookie from 2.2.1 to 3.0.0

[dependabot-preview]

Bumps js-cookie from 2.2.1 to 3.0.0.

Release notes

Sourced from js-cookie's releases.

v3.0.0-rc.4

Reverted changes introduced in rc2, which caused a mayor breaking change in the case of requesting the library via jsdelivr CDN with a particular file name. This breaking change was not intentional.

The problem was that we've been advertising the following link in the readme on the master branch:

https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js

while the respective change had changed that file name in the distribution to js.cookie.umd.min.js.

Nonetheless, we advise to always use the latest stable version in production environments.

v3.0.0-rc.3

• Fixed paths in exports field in package.json - #695

v3.0.0-rc.2

• Improved module setup in package.json to account for older Node.js versions - #666
• Reverted using browser field instead of main in package.json (for the UMD variant of the library): bundlers by default prefer it over module and will end up with a UMD module where ES may be preferred - #666

v3.0.0-rc.1

• Fixed regression where in Safari cookie values containing non-ASCII characters were no longer written correctly - #623

v3.0.0-rc.0

No release notes provided.

v3.0.0-beta.4

• Revisited encoding/decoding implementation: we start to only encode characters in the cookie name and value that are strictly necessary (";" and "=" in the cookie name, and ";" in the cookie value; using percent-encoding). The stricter implementation so far was based on the requirements for server implementations in the RFC 6265 spec (section 4), but for user agents more liberal rules apply (section 5.2) - #595, #590

v3.0.0-beta.3

• Fixed importing ES module when not using a bundler - #583
• Made attributes + converter properties on api instance immutable again

v3.0.0-beta.2

• Fixed noConflict() no longer being present; as a result the api instance is no longer immutable again - #580

v3.0.0-beta.1

• Removed defaults in favor of a builder: now to supply an api instance with particular predefined (cookie) attributes there's Cookies.withAttributes(), e.g.:

const api = Cookies.withAttributes({
  path: '/',
  secure: true
})
api.set('key', 'value') // writes cookie with path: '/' and secure: true...

• The attributes that an api instance is configured with are exposed as attributes property; it's an immutable object and unlike defaults cannot be changed to configure the api.
• The mechanism to fall back to the standard, internal converter by returning a falsy value in a custom read converter has been removed. Instead the default converters are now exposed as Cookies.converter, which allows for implementing self-contained custom converters providing the same behavior:

const customReadConverter = (value, name) => {
  if (name === 'special') {
    return unescape(value)
  }
</tr></table> 

... (truncated)

Commits

• ea3239a Craft v3.0.0 release
• 1711eb2 Bump eslint-plugin-promise from 4.3.1 to 5.1.0
• 7e1d613 Bump eslint-config-standard from 14.1.1 to 16.0.3
• 2643786 Bump eslint-plugin-markdown from 1.0.2 to 2.2.0
• 309a4eb Bump standard from 14.3.4 to 16.0.3
• 74c56ef Bump eslint from 6.8.0 to 7.31.0
• 2fe225a Bump grunt-contrib-nodeunit from 2.1.0 to 3.0.0
• 6105fb3 Bump grunt-contrib-connect from 2.1.0 to 3.0.0
• cc25e50 Reformat with up-to-date prettier
• f423ced Bump prettier from 1.19.1 to 2.3.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will not automatically merge this PR because it includes an out-of-range update to a production dependency.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)