Bump cookie-session from 2.0.0 to 2.1.1 in /api

[dependabot]

Bumps cookie-session from 2.0.0 to 2.1.1.

Release notes

Sourced from cookie-session's releases.

v2.1.1

What's Changed

• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/cookie-session#180
• chore: upgrade scorecard workflow pinned action versions by @​carpasse in expressjs/cookie-session#184
• docs: Fix typo in README.md by @​mkonikov in expressjs/cookie-session#187
• fix: use ubuntu-latest as ci runner by @​UlisesGascon in expressjs/cookie-session#185
• ci: apply OSSF Scorecard security best practices by @​UlisesGascon in expressjs/cookie-session#186
• 💚 fix CI by @​ctcpip in expressjs/cookie-session#198
• deps: on-headers@1.1.0 by @​UlisesGascon in expressjs/cookie-session#201
• Release: 2.1.1 by @​UlisesGascon in expressjs/cookie-session#202

New Contributors

• @​inigomarquinez made their first contribution in expressjs/cookie-session#180
• @​carpasse made their first contribution in expressjs/cookie-session#184
• @​mkonikov made their first contribution in expressjs/cookie-session#187
• @​UlisesGascon made their first contribution in expressjs/cookie-session#185
• @​ctcpip made their first contribution in expressjs/cookie-session#198

Full Changelog: expressjs/cookie-session@v2.1.0...v2.1.1

2.1.0

• Fix loading sessions with special keys
• deps: cookies@0.9.1
  • Add partitioned option for CHIPS support
  • Add priority option for Priority cookie support
  • Fix accidental cookie name/value truncation when given invalid chars
  • Fix maxAge option to reject invalid values
  • Remove quotes from returned quoted cookie value
  • Use req.socket over deprecated req.connection
  • pref: small lookup regexp optimization

Changelog

Sourced from cookie-session's changelog.

2.1.1 / 2025-07-17

• deps: on-headers@~1.1.0
  • Fix CVE-2025-7339 (GHSA-76c9-3jph-rj3q)

2.1.0 / 2024-01-23

• Fix loading sessions with special keys
• deps: cookies@0.9.1
  • Add partitioned option for CHIPS support
  • Add priority option for Priority cookie support
  • Fix accidental cookie name/value truncation when given invalid chars
  • Fix maxAge option to reject invalid values
  • Remove quotes from returned quoted cookie value
  • Use req.socket over deprecated req.connection
  • pref: small lookup regexp optimization

Commits

• beb3ece 2.1.1
• 8c674d0 deps: on-headers@1.1.0 (#201)
• ad77352 💚 fix CI
• 127d899 ci: apply OSSF Scorecard security best practices (#186)
• 78674e1 fix: use ubuntu-latest as ci runner (#185)
• fb96951 fix: typo in documentation (#187)
• aa2ecf4 chore: upgrade scorecard workflow pinned action versions (#184)
• a9466a8 ci: add support for OSSF scorecard reporting (#180)
• ff7c2b2 2.1.0
• 51e7ce4 Fix loading sessions with special keys
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for cookie-session since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)