Fix dependency on vulnerable cookie<0.7.0

[spolu]

Checklist

• The issue can be reproduced in the nextjs-auth0 sample app (or N/A).
• I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
• I have looked into the API documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

Current version 3.5.0 depends on cookie 0.6.0 which is has a low severity vulnerability.

This is triggers Github Dependabot as well as any node library vulnerability scanning tooling. It should be an easy step

Reproduction

mkdir test && cd test
npm i @auth0/nextjs-auth0
npm audit fix

Additional context

No response

nextjs-auth0 version

3.5.0

Next.js version

N/A

Node.js version

v20.13.0

[dvdokkum]

We have an SLA coming up on this... any input from the Auth0 team?

[aelithron]

This is also appearing for us. Auth0 team, please fix this ASAP.

[zachelrath]

Looks like this was addressed in this commit last week: 8fe35b4

Could the Auth0 team do a 3.x patch release to get this out ahead of the 4.x releases?

[dvdokkum]

@tusharpandey13 any update on the minor release referenced in this PR: #1778 (comment)

[keyserj]

@tusharpandey13 Is the goal still to fit this in a minor v3 release?

[gigz]

hey @tusharpandey13, Vanta SOC2 compliance checks require update for cookie which is out of SLA as of today. Is it possible to get this released sometimes soon?

[Tanveeshs]

Can we please create a minor v3 release for this? @tusharpandey13