[CVE-2023-26136] [1.3] Resolve tough-cookie to 4.1.3

[joshuarrrr]

Description

Fixes CVE-2023-26136.

Because tough-cookie is only a nested dependency, added a resolution.

Subsequently added it as a direct dev dependency so we could update the session cookie tests.

Issues Resolved

Screenshot

Testing the changes

Check List

• All tests pass
  • yarn test:jest
  • yarn test:jest_integration
  • yarn test:ftr
• New functionality includes testing.
• New functionality has been documented.
• Update CHANGELOG.md
• Commits are signed per the DCO using --signoff

[codecov]

Codecov Report

Merging #4682 (3e8c411) into 1.3 (b0b8fc8) will decrease coverage by 0.01%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##              1.3    #4682      +/-   ##
==========================================
- Coverage   67.50%   67.50%   -0.01%     
==========================================
  Files        3044     3044              
  Lines       58692    58692              
  Branches     8902     8902              
==========================================
- Hits        39621    39619       -2     
- Misses      16923    16925       +2     
  Partials     2148     2148              

Flag	Coverage Δ
Linux	67.45% <ø> (-0.01%)	⬇️
Windows	67.45% <ø> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 1 file with indirect coverage changes

[joshuarrrr]

For reference, the test updates were lifted from #1113