cookie-es 1.2.1 → 2.0.0

package/README.md

@@ -1,47 +1,29 @@
-
 # 🍪 cookie-es
 
-<!-- automd:badges bundlejs -->
+<!-- automd:badges bundlejs packagephobia codecov -->
 
 [![npm version](https://img.shields.io/npm/v/cookie-es)](https://npmjs.com/package/cookie-es)
-[![npm downloads](https://img.shields.io/npm/dm/cookie-es)](https://npmjs.com/package/cookie-es)
+[![npm downloads](https://img.shields.io/npm/dm/cookie-es)](https://npm.chart.dev/cookie-es)
 [![bundle size](https://img.shields.io/bundlejs/size/cookie-es)](https://bundlejs.com/?q=cookie-es)
+[![install size](https://badgen.net/packagephobia/install/cookie-es)](https://packagephobia.com/result?p=cookie-es)
+[![codecov](https://img.shields.io/codecov/c/gh/unjs/cookie-es)](https://codecov.io/gh/unjs/cookie-es)
 
 <!-- /automd -->
 
-🍪 [`Cookie`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cookie) and [`Set-Cookie`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie) parser and serializer based on [cookie](https://github.com/jshttp/cookiee) and [set-cookie-parser](https://github.com/nfriedly/set-cookie-parser) with dual ESM/CJS exports and bundled types. 🎁
+ESM ready [`Cookie`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cookie) and [`Set-Cookie`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie) parser and serializer based on [cookie](https://github.com/jshttp/cookie) and [set-cookie-parser](https://github.com/nfriedly/set-cookie-parser) with built-in types.
 
 ## Usage
 
 Install:
 
-<!-- automd:pm-install -->
-
 ```sh
-# ✨ Auto-detect
+# ✨ Auto-detect (npm, yarn, pnpm, bun, deno)
 npx nypm install cookie-es
-
-# npm
-npm install cookie-es
-
-# yarn
-yarn add cookie-es
-
-# pnpm
-pnpm install cookie-es
-
-# bun
-bun install cookie-es
 ```
 
-<!-- /automd-->
-
 Import:
 
-
-<!-- automd:jsimport cdn cjs src=./src/index.ts -->
-
-**ESM** (Node.js, Bun)
+**ESM** (Node.js, Bun, Deno)
 
 ```js
 import {
@@ -52,17 +34,6 @@ import {
 } from "cookie-es";
 ```
 
-**CommonJS** (Legacy Node.js)
-
-```js
-const {
-  parse,
-  serialize,
-  parseSetCookie,
-  splitSetCookieString,
-} = require("cookie-es");
-```
-
 **CDN** (Deno, Bun and Browsers)
 
 ```js
@@ -74,9 +45,8 @@ import {
 } from "https://esm.sh/cookie-es";
 ```
 
-<!-- /automd -->
-
-
 ## License
 
 [MIT](./LICENSE)
+
+Based on [jshttp/cookie](https://github.com/jshttp/cookie) (Roman Shtylman and hristopher Wilson) and [nfriedly/set-cookie-parser](https://github.com/nfriedly/set-cookie-parser) (Nathan Friedly).

package/dist/index.mjs

@@ -19,6 +19,10 @@ function parse(str, options) {
       continue;
     }
     const key = str.slice(index, eqIdx).trim();
+    if (opt?.filter && !opt?.filter(key)) {
+      index = endIdx + 1;
+      continue;
+    }
     if (void 0 === obj[key]) {
       let val = str.slice(eqIdx + 1, endIdx).trim();
       if (val.codePointAt(0) === 34) {
@@ -249,7 +253,7 @@ function splitSetCookieString(cookiesString) {
       }
     }
     if (!cookiesSeparatorFound || pos >= cookiesString.length) {
-      cookiesStrings.push(cookiesString.slice(start, cookiesString.length));
+      cookiesStrings.push(cookiesString.slice(start));
     }
   }
   return cookiesStrings;

package/package.json

@@ -1,25 +1,15 @@
 {
   "name": "cookie-es",
-  "version": "1.2.1",
+  "version": "2.0.0",
   "repository": "unjs/cookie-es",
   "license": "MIT",
   "sideEffects": false,
   "type": "module",
   "exports": {
-    ".": {
-      "import": {
-        "types": "./dist/index.d.mts",
-        "default": "./dist/index.mjs"
-      },
-      "require": {
-        "types": "./dist/index.d.cts",
-        "default": "./dist/index.cjs"
-      }
-    }
+    "types": "./dist/index.d.mts",
+    "default": "./dist/index.mjs"
   },
-  "main": "./dist/index.cjs",
-  "module": "./dist/index.mjs",
-  "types": "./dist/index.d.cts",
+  "types": "./dist/index.d.mts",
   "files": [
     "dist"
   ],
@@ -32,15 +22,16 @@
     "test": "pnpm lint && vitest run --coverage"
   },
   "devDependencies": {
-    "@vitest/coverage-v8": "^2.0.3",
-    "automd": "^0.3.8",
-    "changelogen": "^0.5.5",
-    "eslint": "^9.7.0",
-    "eslint-config-unjs": "^0.3.2",
-    "prettier": "^3.3.3",
-    "typescript": "^5.5.3",
-    "unbuild": "^2.0.0",
-    "vitest": "^2.0.3"
+    "@types/node": "^22.13.5",
+    "@vitest/coverage-v8": "^3.0.7",
+    "automd": "^0.4.0",
+    "changelogen": "^0.6.0",
+    "eslint": "^9.21.0",
+    "eslint-config-unjs": "^0.4.2",
+    "prettier": "^3.5.2",
+    "typescript": "^5.7.3",
+    "unbuild": "^3.5.0",
+    "vitest": "^3.0.7"
   },
-  "packageManager": "pnpm@9.5.0"
+  "packageManager": "pnpm@10.5.2"
 }

package/dist/index.cjs

@@ -1,263 +0,0 @@
-'use strict';
-
-function parse(str, options) {
-  if (typeof str !== "string") {
-    throw new TypeError("argument str must be a string");
-  }
-  const obj = {};
-  const opt = options || {};
-  const dec = opt.decode || decode;
-  let index = 0;
-  while (index < str.length) {
-    const eqIdx = str.indexOf("=", index);
-    if (eqIdx === -1) {
-      break;
-    }
-    let endIdx = str.indexOf(";", index);
-    if (endIdx === -1) {
-      endIdx = str.length;
-    } else if (endIdx < eqIdx) {
-      index = str.lastIndexOf(";", eqIdx - 1) + 1;
-      continue;
-    }
-    const key = str.slice(index, eqIdx).trim();
-    if (void 0 === obj[key]) {
-      let val = str.slice(eqIdx + 1, endIdx).trim();
-      if (val.codePointAt(0) === 34) {
-        val = val.slice(1, -1);
-      }
-      obj[key] = tryDecode(val, dec);
-    }
-    index = endIdx + 1;
-  }
-  return obj;
-}
-function decode(str) {
-  return str.includes("%") ? decodeURIComponent(str) : str;
-}
-function tryDecode(str, decode2) {
-  try {
-    return decode2(str);
-  } catch {
-    return str;
-  }
-}
-
-const fieldContentRegExp = /^[\u0009\u0020-\u007E\u0080-\u00FF]+$/;
-function serialize(name, value, options) {
-  const opt = options || {};
-  const enc = opt.encode || encodeURIComponent;
-  if (typeof enc !== "function") {
-    throw new TypeError("option encode is invalid");
-  }
-  if (!fieldContentRegExp.test(name)) {
-    throw new TypeError("argument name is invalid");
-  }
-  const encodedValue = enc(value);
-  if (encodedValue && !fieldContentRegExp.test(encodedValue)) {
-    throw new TypeError("argument val is invalid");
-  }
-  let str = name + "=" + encodedValue;
-  if (void 0 !== opt.maxAge && opt.maxAge !== null) {
-    const maxAge = opt.maxAge - 0;
-    if (Number.isNaN(maxAge) || !Number.isFinite(maxAge)) {
-      throw new TypeError("option maxAge is invalid");
-    }
-    str += "; Max-Age=" + Math.floor(maxAge);
-  }
-  if (opt.domain) {
-    if (!fieldContentRegExp.test(opt.domain)) {
-      throw new TypeError("option domain is invalid");
-    }
-    str += "; Domain=" + opt.domain;
-  }
-  if (opt.path) {
-    if (!fieldContentRegExp.test(opt.path)) {
-      throw new TypeError("option path is invalid");
-    }
-    str += "; Path=" + opt.path;
-  }
-  if (opt.expires) {
-    if (!isDate(opt.expires) || Number.isNaN(opt.expires.valueOf())) {
-      throw new TypeError("option expires is invalid");
-    }
-    str += "; Expires=" + opt.expires.toUTCString();
-  }
-  if (opt.httpOnly) {
-    str += "; HttpOnly";
-  }
-  if (opt.secure) {
-    str += "; Secure";
-  }
-  if (opt.priority) {
-    const priority = typeof opt.priority === "string" ? opt.priority.toLowerCase() : opt.priority;
-    switch (priority) {
-      case "low": {
-        str += "; Priority=Low";
-        break;
-      }
-      case "medium": {
-        str += "; Priority=Medium";
-        break;
-      }
-      case "high": {
-        str += "; Priority=High";
-        break;
-      }
-      default: {
-        throw new TypeError("option priority is invalid");
-      }
-    }
-  }
-  if (opt.sameSite) {
-    const sameSite = typeof opt.sameSite === "string" ? opt.sameSite.toLowerCase() : opt.sameSite;
-    switch (sameSite) {
-      case true: {
-        str += "; SameSite=Strict";
-        break;
-      }
-      case "lax": {
-        str += "; SameSite=Lax";
-        break;
-      }
-      case "strict": {
-        str += "; SameSite=Strict";
-        break;
-      }
-      case "none": {
-        str += "; SameSite=None";
-        break;
-      }
-      default: {
-        throw new TypeError("option sameSite is invalid");
-      }
-    }
-  }
-  if (opt.partitioned) {
-    str += "; Partitioned";
-  }
-  return str;
-}
-function isDate(val) {
-  return Object.prototype.toString.call(val) === "[object Date]" || val instanceof Date;
-}
-
-function parseSetCookie(setCookieValue, options) {
-  const parts = (setCookieValue || "").split(";").filter((str) => typeof str === "string" && !!str.trim());
-  const nameValuePairStr = parts.shift() || "";
-  const parsed = _parseNameValuePair(nameValuePairStr);
-  const name = parsed.name;
-  let value = parsed.value;
-  try {
-    value = options?.decode === false ? value : (options?.decode || decodeURIComponent)(value);
-  } catch {
-  }
-  const cookie = {
-    name,
-    value
-  };
-  for (const part of parts) {
-    const sides = part.split("=");
-    const partKey = (sides.shift() || "").trimStart().toLowerCase();
-    const partValue = sides.join("=");
-    switch (partKey) {
-      case "expires": {
-        cookie.expires = new Date(partValue);
-        break;
-      }
-      case "max-age": {
-        cookie.maxAge = Number.parseInt(partValue, 10);
-        break;
-      }
-      case "secure": {
-        cookie.secure = true;
-        break;
-      }
-      case "httponly": {
-        cookie.httpOnly = true;
-        break;
-      }
-      case "samesite": {
-        cookie.sameSite = partValue;
-        break;
-      }
-      default: {
-        cookie[partKey] = partValue;
-      }
-    }
-  }
-  return cookie;
-}
-function _parseNameValuePair(nameValuePairStr) {
-  let name = "";
-  let value = "";
-  const nameValueArr = nameValuePairStr.split("=");
-  if (nameValueArr.length > 1) {
-    name = nameValueArr.shift();
-    value = nameValueArr.join("=");
-  } else {
-    value = nameValuePairStr;
-  }
-  return { name, value };
-}
-
-function splitSetCookieString(cookiesString) {
-  if (Array.isArray(cookiesString)) {
-    return cookiesString.flatMap((c) => splitSetCookieString(c));
-  }
-  if (typeof cookiesString !== "string") {
-    return [];
-  }
-  const cookiesStrings = [];
-  let pos = 0;
-  let start;
-  let ch;
-  let lastComma;
-  let nextStart;
-  let cookiesSeparatorFound;
-  const skipWhitespace = () => {
-    while (pos < cookiesString.length && /\s/.test(cookiesString.charAt(pos))) {
-      pos += 1;
-    }
-    return pos < cookiesString.length;
-  };
-  const notSpecialChar = () => {
-    ch = cookiesString.charAt(pos);
-    return ch !== "=" && ch !== ";" && ch !== ",";
-  };
-  while (pos < cookiesString.length) {
-    start = pos;
-    cookiesSeparatorFound = false;
-    while (skipWhitespace()) {
-      ch = cookiesString.charAt(pos);
-      if (ch === ",") {
-        lastComma = pos;
-        pos += 1;
-        skipWhitespace();
-        nextStart = pos;
-        while (pos < cookiesString.length && notSpecialChar()) {
-          pos += 1;
-        }
-        if (pos < cookiesString.length && cookiesString.charAt(pos) === "=") {
-          cookiesSeparatorFound = true;
-          pos = nextStart;
-          cookiesStrings.push(cookiesString.slice(start, lastComma));
-          start = pos;
-        } else {
-          pos = lastComma + 1;
-        }
-      } else {
-        pos += 1;
-      }
-    }
-    if (!cookiesSeparatorFound || pos >= cookiesString.length) {
-      cookiesStrings.push(cookiesString.slice(start, cookiesString.length));
-    }
-  }
-  return cookiesStrings;
-}
-
-exports.parse = parse;
-exports.parseSetCookie = parseSetCookie;
-exports.serialize = serialize;
-exports.splitSetCookieString = splitSetCookieString;

package/dist/index.d.cts

@@ -1,222 +0,0 @@
-/**
- * Basic HTTP cookie parser and serializer for HTTP servers.
- */
-/**
- * Additional serialization options
- */
-interface CookieSerializeOptions {
-    /**
-     * Specifies the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.3|Domain Set-Cookie attribute}. By default, no
-     * domain is set, and most clients will consider the cookie to apply to only
-     * the current domain.
-     */
-    domain?: string | undefined;
-    /**
-     * Specifies a function that will be used to encode a cookie's value. Since
-     * value of a cookie has a limited character set (and must be a simple
-     * string), this function can be used to encode a value into a string suited
-     * for a cookie's value.
-     *
-     * The default function is the global `encodeURIComponent`, which will
-     * encode a JavaScript string into UTF-8 byte sequences and then URL-encode
-     * any that fall outside of the cookie range.
-     */
-    encode?(value: string): string;
-    /**
-     * Specifies the `Date` object to be the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.1|`Expires` `Set-Cookie` attribute}. By default,
-     * no expiration is set, and most clients will consider this a "non-persistent cookie" and will delete
-     * it on a condition like exiting a web browser application.
-     *
-     * *Note* the {@link https://tools.ietf.org/html/rfc6265#section-5.3|cookie storage model specification}
-     * states that if both `expires` and `maxAge` are set, then `maxAge` takes precedence, but it is
-     * possible not all clients by obey this, so if both are set, they should
-     * point to the same date and time.
-     */
-    expires?: Date | undefined;
-    /**
-     * Specifies the boolean value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.6|`HttpOnly` `Set-Cookie` attribute}.
-     * When truthy, the `HttpOnly` attribute is set, otherwise it is not. By
-     * default, the `HttpOnly` attribute is not set.
-     *
-     * *Note* be careful when setting this to true, as compliant clients will
-     * not allow client-side JavaScript to see the cookie in `document.cookie`.
-     */
-    httpOnly?: boolean | undefined;
-    /**
-     * Specifies the number (in seconds) to be the value for the `Max-Age`
-     * `Set-Cookie` attribute. The given number will be converted to an integer
-     * by rounding down. By default, no maximum age is set.
-     *
-     * *Note* the {@link https://tools.ietf.org/html/rfc6265#section-5.3|cookie storage model specification}
-     * states that if both `expires` and `maxAge` are set, then `maxAge` takes precedence, but it is
-     * possible not all clients by obey this, so if both are set, they should
-     * point to the same date and time.
-     */
-    maxAge?: number | undefined;
-    /**
-     * Specifies the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.4|`Path` `Set-Cookie` attribute}.
-     * By default, the path is considered the "default path".
-     */
-    path?: string | undefined;
-    /**
-     * Specifies the `string` to be the value for the [`Priority` `Set-Cookie` attribute][rfc-west-cookie-priority-00-4.1].
-     *
-     * - `'low'` will set the `Priority` attribute to `Low`.
-     * - `'medium'` will set the `Priority` attribute to `Medium`, the default priority when not set.
-     * - `'high'` will set the `Priority` attribute to `High`.
-     *
-     * More information about the different priority levels can be found in
-     * [the specification][rfc-west-cookie-priority-00-4.1].
-     *
-     * **note** This is an attribute that has not yet been fully standardized, and may change in the future.
-     * This also means many clients may ignore this attribute until they understand it.
-     */
-    priority?: "low" | "medium" | "high" | undefined;
-    /**
-     * Specifies the boolean or string to be the value for the {@link https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7|`SameSite` `Set-Cookie` attribute}.
-     *
-     * - `true` will set the `SameSite` attribute to `Strict` for strict same
-     * site enforcement.
-     * - `false` will not set the `SameSite` attribute.
-     * - `'lax'` will set the `SameSite` attribute to Lax for lax same site
-     * enforcement.
-     * - `'strict'` will set the `SameSite` attribute to Strict for strict same
-     * site enforcement.
-     *  - `'none'` will set the SameSite attribute to None for an explicit
-     *  cross-site cookie.
-     *
-     * More information about the different enforcement levels can be found in {@link https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7|the specification}.
-     *
-     * *note* This is an attribute that has not yet been fully standardized, and may change in the future. This also means many clients may ignore this attribute until they understand it.
-     */
-    sameSite?: true | false | "lax" | "strict" | "none" | undefined;
-    /**
-     * Specifies the boolean value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.5|`Secure` `Set-Cookie` attribute}. When truthy, the
-     * `Secure` attribute is set, otherwise it is not. By default, the `Secure` attribute is not set.
-     *
-     * *Note* be careful when setting this to `true`, as compliant clients will
-     * not send the cookie back to the server in the future if the browser does
-     * not have an HTTPS connection.
-     */
-    secure?: boolean | undefined;
-    /**
-     * Specifies the `boolean` value for the [`Partitioned` `Set-Cookie`](https://datatracker.ietf.org/doc/html/draft-cutler-httpbis-partitioned-cookies#section-2.1)
-     * attribute. When truthy, the `Partitioned` attribute is set, otherwise it is not. By default, the
-     * `Partitioned` attribute is not set.
-     *
-     * **note** This is an attribute that has not yet been fully standardized, and may change in the future.
-     * This also means many clients may ignore this attribute until they understand it.
-     *
-     * More information can be found in the [proposal](https://github.com/privacycg/CHIPS).
-     */
-    partitioned?: boolean;
-}
-/**
- * Additional parsing options
- */
-interface CookieParseOptions {
-    /**
-     * Specifies a function that will be used to decode a cookie's value. Since
-     * the value of a cookie has a limited character set (and must be a simple
-     * string), this function can be used to decode a previously-encoded cookie
-     * value into a JavaScript string or other object.
-     *
-     * The default function is the global `decodeURIComponent`, which will decode
-     * any URL-encoded sequences into their byte representations.
-     *
-     * *Note* if an error is thrown from this function, the original, non-decoded
-     * cookie value will be returned as the cookie's value.
-     */
-    decode?(value: string): string;
-    /**
-     * Custom function to filter parsing specific keys.
-     */
-    filter?(key: string): boolean;
-}
-
-/**
- * Parse an HTTP Cookie header string and returning an object of all cookie
- * name-value pairs.
- *
- * @param str the string representing a `Cookie` header value
- * @param [options] object containing parsing options
- */
-declare function parse(str: string, options?: CookieParseOptions): Record<string, string>;
-
-/**
- * Serialize a cookie name-value pair into a `Set-Cookie` header string.
- *
- * @param name the name for the cookie
- * @param value value to set the cookie to
- * @param [options] object containing serialization options
- * @throws {TypeError} when `maxAge` options is invalid
- */
-declare function serialize(name: string, value: string, options?: CookieSerializeOptions): string;
-
-interface SetCookieParseOptions {
-    /**
-     * Custom decode function to use on cookie values.
-     *
-     * By default, `decodeURIComponent` is used.
-     *
-     * **Note:** If decoding fails, the original (undecoded) value will be used
-     */
-    decode?: false | ((value: string) => string);
-}
-interface SetCookie {
-    /**
-     * Cookie name
-     */
-    name: string;
-    /**
-     * Cookie value
-     */
-    value: string;
-    /**
-     * Cookie path
-     */
-    path?: string | undefined;
-    /**
-     * Absolute expiration date for the cookie
-     */
-    expires?: Date | undefined;
-    /**
-     * Relative max age of the cookie in seconds from when the client receives it (integer or undefined)
-     *
-     * Note: when using with express's res.cookie() method, multiply maxAge by 1000 to convert to milliseconds
-     */
-    maxAge?: number | undefined;
-    /**
-     * Domain for the cookie,
-     * May begin with "." to indicate the named domain or any subdomain of it
-     */
-    domain?: string | undefined;
-    /**
-     * Indicates that this cookie should only be sent over HTTPs
-     */
-    secure?: boolean | undefined;
-    /**
-     * Indicates that this cookie should not be accessible to client-side JavaScript
-     */
-    httpOnly?: boolean | undefined;
-    /**
-     * Indicates a cookie ought not to be sent along with cross-site requests
-     */
-    sameSite?: true | false | "lax" | "strict" | "none" | undefined;
-    [key: string]: unknown;
-}
-
-/**
- * Parse a [Set-Cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie) header string into an object.
- */
-declare function parseSetCookie(setCookieValue: string, options?: SetCookieParseOptions): SetCookie;
-
-/**
- * Set-Cookie header field-values are sometimes comma joined in one string. This splits them without choking on commas
- * that are within a single set-cookie field-value, such as in the Expires portion.
- *
- * See https://tools.ietf.org/html/rfc2616#section-4.2
- */
-declare function splitSetCookieString(cookiesString: string | string[]): string[];
-
-export { type CookieParseOptions, type CookieSerializeOptions, type SetCookie, type SetCookieParseOptions, parse, parseSetCookie, serialize, splitSetCookieString };

package/dist/index.d.ts

@@ -1,222 +0,0 @@
-/**
- * Basic HTTP cookie parser and serializer for HTTP servers.
- */
-/**
- * Additional serialization options
- */
-interface CookieSerializeOptions {
-    /**
-     * Specifies the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.3|Domain Set-Cookie attribute}. By default, no
-     * domain is set, and most clients will consider the cookie to apply to only
-     * the current domain.
-     */
-    domain?: string | undefined;
-    /**
-     * Specifies a function that will be used to encode a cookie's value. Since
-     * value of a cookie has a limited character set (and must be a simple
-     * string), this function can be used to encode a value into a string suited
-     * for a cookie's value.
-     *
-     * The default function is the global `encodeURIComponent`, which will
-     * encode a JavaScript string into UTF-8 byte sequences and then URL-encode
-     * any that fall outside of the cookie range.
-     */
-    encode?(value: string): string;
-    /**
-     * Specifies the `Date` object to be the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.1|`Expires` `Set-Cookie` attribute}. By default,
-     * no expiration is set, and most clients will consider this a "non-persistent cookie" and will delete
-     * it on a condition like exiting a web browser application.
-     *
-     * *Note* the {@link https://tools.ietf.org/html/rfc6265#section-5.3|cookie storage model specification}
-     * states that if both `expires` and `maxAge` are set, then `maxAge` takes precedence, but it is
-     * possible not all clients by obey this, so if both are set, they should
-     * point to the same date and time.
-     */
-    expires?: Date | undefined;
-    /**
-     * Specifies the boolean value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.6|`HttpOnly` `Set-Cookie` attribute}.
-     * When truthy, the `HttpOnly` attribute is set, otherwise it is not. By
-     * default, the `HttpOnly` attribute is not set.
-     *
-     * *Note* be careful when setting this to true, as compliant clients will
-     * not allow client-side JavaScript to see the cookie in `document.cookie`.
-     */
-    httpOnly?: boolean | undefined;
-    /**
-     * Specifies the number (in seconds) to be the value for the `Max-Age`
-     * `Set-Cookie` attribute. The given number will be converted to an integer
-     * by rounding down. By default, no maximum age is set.
-     *
-     * *Note* the {@link https://tools.ietf.org/html/rfc6265#section-5.3|cookie storage model specification}
-     * states that if both `expires` and `maxAge` are set, then `maxAge` takes precedence, but it is
-     * possible not all clients by obey this, so if both are set, they should
-     * point to the same date and time.
-     */
-    maxAge?: number | undefined;
-    /**
-     * Specifies the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.4|`Path` `Set-Cookie` attribute}.
-     * By default, the path is considered the "default path".
-     */
-    path?: string | undefined;
-    /**
-     * Specifies the `string` to be the value for the [`Priority` `Set-Cookie` attribute][rfc-west-cookie-priority-00-4.1].
-     *
-     * - `'low'` will set the `Priority` attribute to `Low`.
-     * - `'medium'` will set the `Priority` attribute to `Medium`, the default priority when not set.
-     * - `'high'` will set the `Priority` attribute to `High`.
-     *
-     * More information about the different priority levels can be found in
-     * [the specification][rfc-west-cookie-priority-00-4.1].
-     *
-     * **note** This is an attribute that has not yet been fully standardized, and may change in the future.
-     * This also means many clients may ignore this attribute until they understand it.
-     */
-    priority?: "low" | "medium" | "high" | undefined;
-    /**
-     * Specifies the boolean or string to be the value for the {@link https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7|`SameSite` `Set-Cookie` attribute}.
-     *
-     * - `true` will set the `SameSite` attribute to `Strict` for strict same
-     * site enforcement.
-     * - `false` will not set the `SameSite` attribute.
-     * - `'lax'` will set the `SameSite` attribute to Lax for lax same site
-     * enforcement.
-     * - `'strict'` will set the `SameSite` attribute to Strict for strict same
-     * site enforcement.
-     *  - `'none'` will set the SameSite attribute to None for an explicit
-     *  cross-site cookie.
-     *
-     * More information about the different enforcement levels can be found in {@link https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7|the specification}.
-     *
-     * *note* This is an attribute that has not yet been fully standardized, and may change in the future. This also means many clients may ignore this attribute until they understand it.
-     */
-    sameSite?: true | false | "lax" | "strict" | "none" | undefined;
-    /**
-     * Specifies the boolean value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.5|`Secure` `Set-Cookie` attribute}. When truthy, the
-     * `Secure` attribute is set, otherwise it is not. By default, the `Secure` attribute is not set.
-     *
-     * *Note* be careful when setting this to `true`, as compliant clients will
-     * not send the cookie back to the server in the future if the browser does
-     * not have an HTTPS connection.
-     */
-    secure?: boolean | undefined;
-    /**
-     * Specifies the `boolean` value for the [`Partitioned` `Set-Cookie`](https://datatracker.ietf.org/doc/html/draft-cutler-httpbis-partitioned-cookies#section-2.1)
-     * attribute. When truthy, the `Partitioned` attribute is set, otherwise it is not. By default, the
-     * `Partitioned` attribute is not set.
-     *
-     * **note** This is an attribute that has not yet been fully standardized, and may change in the future.
-     * This also means many clients may ignore this attribute until they understand it.
-     *
-     * More information can be found in the [proposal](https://github.com/privacycg/CHIPS).
-     */
-    partitioned?: boolean;
-}
-/**
- * Additional parsing options
- */
-interface CookieParseOptions {
-    /**
-     * Specifies a function that will be used to decode a cookie's value. Since
-     * the value of a cookie has a limited character set (and must be a simple
-     * string), this function can be used to decode a previously-encoded cookie
-     * value into a JavaScript string or other object.
-     *
-     * The default function is the global `decodeURIComponent`, which will decode
-     * any URL-encoded sequences into their byte representations.
-     *
-     * *Note* if an error is thrown from this function, the original, non-decoded
-     * cookie value will be returned as the cookie's value.
-     */
-    decode?(value: string): string;
-    /**
-     * Custom function to filter parsing specific keys.
-     */
-    filter?(key: string): boolean;
-}
-
-/**
- * Parse an HTTP Cookie header string and returning an object of all cookie
- * name-value pairs.
- *
- * @param str the string representing a `Cookie` header value
- * @param [options] object containing parsing options
- */
-declare function parse(str: string, options?: CookieParseOptions): Record<string, string>;
-
-/**
- * Serialize a cookie name-value pair into a `Set-Cookie` header string.
- *
- * @param name the name for the cookie
- * @param value value to set the cookie to
- * @param [options] object containing serialization options
- * @throws {TypeError} when `maxAge` options is invalid
- */
-declare function serialize(name: string, value: string, options?: CookieSerializeOptions): string;
-
-interface SetCookieParseOptions {
-    /**
-     * Custom decode function to use on cookie values.
-     *
-     * By default, `decodeURIComponent` is used.
-     *
-     * **Note:** If decoding fails, the original (undecoded) value will be used
-     */
-    decode?: false | ((value: string) => string);
-}
-interface SetCookie {
-    /**
-     * Cookie name
-     */
-    name: string;
-    /**
-     * Cookie value
-     */
-    value: string;
-    /**
-     * Cookie path
-     */
-    path?: string | undefined;
-    /**
-     * Absolute expiration date for the cookie
-     */
-    expires?: Date | undefined;
-    /**
-     * Relative max age of the cookie in seconds from when the client receives it (integer or undefined)
-     *
-     * Note: when using with express's res.cookie() method, multiply maxAge by 1000 to convert to milliseconds
-     */
-    maxAge?: number | undefined;
-    /**
-     * Domain for the cookie,
-     * May begin with "." to indicate the named domain or any subdomain of it
-     */
-    domain?: string | undefined;
-    /**
-     * Indicates that this cookie should only be sent over HTTPs
-     */
-    secure?: boolean | undefined;
-    /**
-     * Indicates that this cookie should not be accessible to client-side JavaScript
-     */
-    httpOnly?: boolean | undefined;
-    /**
-     * Indicates a cookie ought not to be sent along with cross-site requests
-     */
-    sameSite?: true | false | "lax" | "strict" | "none" | undefined;
-    [key: string]: unknown;
-}
-
-/**
- * Parse a [Set-Cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie) header string into an object.
- */
-declare function parseSetCookie(setCookieValue: string, options?: SetCookieParseOptions): SetCookie;
-
-/**
- * Set-Cookie header field-values are sometimes comma joined in one string. This splits them without choking on commas
- * that are within a single set-cookie field-value, such as in the Expires portion.
- *
- * See https://tools.ietf.org/html/rfc2616#section-4.2
- */
-declare function splitSetCookieString(cookiesString: string | string[]): string[];
-
-export { type CookieParseOptions, type CookieSerializeOptions, type SetCookie, type SetCookieParseOptions, parse, parseSetCookie, serialize, splitSetCookieString };