From c4ec10efaac67dd028ac54b17be60a20569a7aae Mon Sep 17 00:00:00 2001
From: Wojciech Maj <kontakt@wojtekmaj.pl>
Date: Sun, 28 Jun 2026 23:27:11 +0200
Subject: [PATCH] Bump cookie from 0.7.2 to 1.1.1

---
 index.js          |  4 ++--
 package.json      |  2 +-
 session/cookie.js |  2 +-
 test/session.js   | 10 +++++-----
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/index.js b/index.js
index 408d9cf7..7f740d68 100644
--- a/index.js
+++ b/index.js
@@ -521,7 +521,7 @@ function getcookie(req, name, secrets) {
 
   // read from cookie header
   if (header) {
-    var cookies = cookie.parse(header);
+    var cookies = cookie.parseCookie(header);
 
     raw = cookies[name];
 
@@ -611,7 +611,7 @@ function issecure(req, trustProxy) {
 
 function setcookie(res, name, val, secret, options) {
   var signed = 's:' + signature.sign(val, secret);
-  var data = cookie.serialize(name, signed, options);
+  var data = cookie.stringifySetCookie(name, signed, options);
 
   debug('set-cookie %s', data);
 
diff --git a/package.json b/package.json
index 0a8b9421..95fda4e7 100644
--- a/package.json
+++ b/package.json
@@ -10,7 +10,7 @@
   "repository": "expressjs/session",
   "license": "MIT",
   "dependencies": {
-    "cookie": "0.7.2",
+    "cookie": "1.1.1",
     "cookie-signature": "1.0.7",
     "debug": "2.6.9",
     "depd": "~2.0.0",
diff --git a/session/cookie.js b/session/cookie.js
index 8bb5907b..a178083f 100644
--- a/session/cookie.js
+++ b/session/cookie.js
@@ -136,7 +136,7 @@ Cookie.prototype = {
    */
 
   serialize: function(name, val){
-    return cookie.serialize(name, val, this.data);
+    return cookie.stringifySetCookie(name, val, this.data);
   },
 
   /**
diff --git a/test/session.js b/test/session.js
index 085eaff3..1e851dcd 100644
--- a/test/session.js
+++ b/test/session.js
@@ -1944,7 +1944,7 @@ describe('session()', function(){
 
           server.on('error', function onerror (err) {
             assert.ok(err)
-            assert.strictEqual(err.message, 'option expires is invalid')
+            assert.strictEqual(err.message, 'option expires is invalid: Invalid Date')
             cb()
           })
 
@@ -1955,8 +1955,8 @@ describe('session()', function(){
 
         it('should preserve cookies set before writeHead is called', function(done){
           var server = createServer(null, function (req, res) {
-            var cookie = new Cookie()
-            res.setHeader('Set-Cookie', cookie.serialize('previous', 'cookieValue'))
+            var sessionCookie = new Cookie()
+            res.setHeader('Set-Cookie', sessionCookie.serialize('previous', 'cookieValue'))
             res.end()
           })
 
@@ -1968,9 +1968,9 @@ describe('session()', function(){
 
         it('should preserve cookies set in writeHead', function (done) {
           var server = createServer(null, function (req, res) {
-            var cookie = new Cookie()
+            var sessionCookie = new Cookie()
             res.writeHead(200, {
-              'Set-Cookie': cookie.serialize('previous', 'cookieValue')
+              'Set-Cookie': sessionCookie.serialize('previous', 'cookieValue')
             })
             res.end()
           })