Bump the npm_and_yarn group across 1 directory with 3 updates

[dependabot]

Bumps the npm_and_yarn group with 3 updates in the / directory: nanoid, next and cookie.

Updates nanoid from 3.3.8 to 5.0.9

Release notes

Sourced from nanoid's releases.

5.0.9

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

5.0.8

• Reduced customAlphabet size (by @​kirillgroshkov).

5.0.7

• Fixed Parcel support (by @​WilhelmYakunin).

5.0.6

• Fixed React Native support.

Changelog

Sourced from nanoid's changelog.

5.0.9

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

5.0.8

• Reduced customAlphabet size (by @​kirillgroshkov).

5.0.7

• Fixed Parcel support (by @​WilhelmYakunin).

5.0.6

• Fixed React Native support.

5.0.5

• Make browser’s version faster by increasing size a little (by Samuel Elgozi).

5.0.4

• Fixed CLI docs (by @​ilyaboka).

5.0.3

• Fixed CLI docs (by Chris Schmich).

5.0.2

• Fixed webcrypto import (by Divyansh Singh).

5.0.1

• Fixed Node.js 18 support.

5.0

• Moved Node.js version to Web Crypto API.
• Removed async API since Web Crypto API has only sync version.
• Removed Node.js 14 and 16 support.

4.0.2

• Added link to Github Sponsors.

4.0.1

• Reduced npm package size (by @​HiChen404).

4.0

• Removed CommonJS support. Nano ID 4 will work only with ESM applications. We will support 3.x branch with CommonJS for users who can’t migrate to ESM.
• Removed Node.js 10 and Node.js 12 support.
• Reduced npm package size.

Commits

• 65a38ac Release 5.0.9 version
• b00d120 Merge after 3.3.8 release
• cdc3edc Update size limit
• 0daa00f Additional fixes and tests for #508 (#509)
• 313a14e Update dependencies
• eb2db95 Fix size limit and linting
• 9da8f60 Fix pool pollution, infinite loop (#508)
• 009b5f4 Bump cross-spawn from 7.0.3 to 7.0.6 (#506)
• 6f5b507 Bump @​eslint/plugin-kit from 0.2.1 to 0.2.3 (#505)
• 55cd90d Release 5.0.8 version
• Additional commits viewable in compare view

Updates next from 14.2.23 to 15.1.6

Release notes

Sourced from next's releases.

v15.1.6

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: don't memory-leak promises passed to waitUntil (#75041)
• backport: fix prerender issue with intercepting routes + generateStaticParams (#75170)

Credits

Huge thanks to @​lubieowoce and @​ztanner for helping!

v15.1.5

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix missing revalidate with notFound() (#75009)
• fix: when metadatabase is set we should not warn (#74840)
• Fix @​vercel/og license SPDX expression (#74745)
• fix: ts language server rule metadata should allow null (#74704)
• fix: eslint rule of using img in metadata routes (#74864)
• Fix presentation when onerror receives an event without error (#74643)
• fix fetch lock not being consistently released #74623 (#75028)

Credits

Huge thanks to @​ijjk, @​huozhi, @​matmannion and @​ztanner for helping!

v15.1.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: force module format for virtual client-proxy (#74608)
• Fix prerender tags when notFound is called (#74607)
• Use provided waitUntil for pending revalidates (#74604)
• Feature: next/image: add support for images.qualities in next.config (#74588)
• Chore: docs: add missing search: '' on remotePatterns (#74587)
• Chore: docs: update version history of next/image (#73923) (#74570)
• Chore: next/image: improve imgopt api bypass detection for unsupported images (#74569)

Credits

Huge thanks to @ and @ for helping!

... (truncated)

Commits

• 38a6d01 v15.1.6
• 7099753 backport: fix prerender issue with intercepting routes + generateStaticParams...
• 819d575 [E2E] Fix config file conflict (#73818)
• 20f5a79 fix: don't memory-leak promises passed to waitUntil (#75041)
• 47102ca v15.1.5
• 9431336 fix fetch lock not being consistently released (#75028)
• 25e8443 test: fix testing snapshot
• 30b9c8f test: add feature of overriding files (#74716)
• 79bdd86 Fix presentation when onerror receives an event without error (#74643)
• 1882acb fix: eslint rule of using img in metadata routes (#74864)
• Additional commits viewable in compare view

Updates cookie from 0.7.2 to 1.0.0

Release notes

Sourced from cookie's releases.

v1.0.0

Breaking changes

• Use modern JS features, ship TypeScript definition (#175) 1cc64ff
  • Adds __esModule marker, imports need to use import { parse, serialize } or import * as cookie
• Minimum node.js v18
• Uses null prototype object for parse return value
• Changes strict and priority to match the lower case strings (i.e. low, not LOW or Low)
• Require maxAge to be an integer using Number.isInteger check
• Delegates decode implementation details to decode option (i.e. error handling and quote parsing is defined by decode)
  • Delegate quote parsing to decode (#180) c4a2597
  • Shift try/catch to decode (#179) 93a5b97
• Improve arg/option error messages (#162) e206fd5 @​MaoShizhong

Other

• Remove hasOwnProperty, use undefined check for performance (#183) 8f3ee9e @​gurgunday

jshttp/cookie@v0.7.2...v1.0.0

Commits

• c69cef6 1.0.0
• 42025f7 Use workflow status for badge
• ad9c960 Update option documentation (#186)
• c4a2597 Delegate quote parsing to decode (#180)
• 88704d6 Use shields for badges (#185)
• 8f3ee9e Remove hasOwnProperty, use undefined (#183)
• 93a5b97 Shift try/catch to decode (#179)
• 0f56c6e Update top sites cookies (#182)
• 0ecf9bd Enable codecov (#178)
• 1cc64ff Use modern JS features, ship TS defs (#175)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml