vuln: cookie package

[k725]

before version 0.7.0 cookie package has vuln (GHSA-pxg6-pf52-xh8x).

socket.io/packages/engine.io/package.json

Line 39 in d0fc720

"cookie": "~0.4.1",

[GustavPS]

Anyone looking at this? Our audit fails because of the cookie dependency.

[darrachequesne]

cookie has been bumped to version ~0.7.2 in 88efd44, released in engine.io@6.6.2.