build(deps): bump js-cookie from 3.0.5 to 3.0.7

[dependabot]

Bumps js-cookie from 3.0.5 to 3.0.7.

Release notes

Sourced from js-cookie's releases.

v3.0.7

• Prevent cookie attribute injection: CVE-2026-46625 (eb3c40e)
• Add Partitioned attribute to readme (b994768)
• Publish to npm registry via trusted publisher exclusively (4dc71be)
• Ensure consistent behaviour for get('name') + get() (1953d30)

Commits

• 17bacba Craft v3.0.7 release
• adb823c Fix release workflow halting at git tag
• 5f9e759 May remove Git user config from release workflow
• 6ac9211 Fix release workflow not able to push commit + tag
• 2278bc5 Fix missing package version bump
• eb3c40e Prevent cookie attribute injection
• f6f157f Bump globals from 17.5.0 to 17.6.0
• f409d02 Bump eslint from 10.2.0 to 10.3.0
• a686883 Bump protobufjs in the npm_and_yarn group across 1 directory
• c6112d2 Bump @​protobufjs/utf8 in the npm_and_yarn group across 1 directory
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for js-cookie since your current version.

[coveralls]

Coverage is 94.901% — dependabot/npm_and_yarn/js-cookie-3.0.7 into dependency-updates. No base build found for dependency-updates.

[MyPyDavid]

@dependabot recreate

[MyPyDavid]

part of #1613

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.