Bump tough-cookie and fuse-box

[dependabot[bot]]

Removes tough-cookie. It's no longer used after updating ancestor dependency fuse-box. These dependencies need to be updated together.

Removes tough-cookie

Updates fuse-box from 2.5.0-beta.1 to 4.0.0

Release notes

Sourced from fuse-box's releases.

4.0.0 is out with a lot of changes and improvements: https://fuse-box.org/docs/getting-started/setup

3.7.1

Addresses a few fixes to the release;

• HOTFIX: automatic path aliases on windows
• fix: Browser fields in package.json with false values now are skipped and replaced with a dummy package that exports undefined

3.7.0

Bug Fixes

• Added target es2018 and set it as a default target if non specified (6c6c562)
• adds stream-browserify as stream polyfill for browser (d6d5bc4)
• dev-imports should contain es5 only. (#1439) (090ed3e)
• Domain polyfill syntax error (#1438) (5456c49)
• Export Babel7Plugin (#1462) (4ee707f)
• get script language level as number always (4ee2a7d)
• Sparky: correct target type of SparkyContext (resolve #1464) (5f31611)
• Hmr does not reload separate css-file changes in a Vue project (#1423) (78339d2)
• Ignored patterns to watcher (1bc00ca)
• Sparky: Exit code should equal to 1 in case of an error (e9ca87d), closes #828
• improve defaults and handling of config files (da8e706)
• Language level check for required modules (b0acc1e)
• move CSS insertion from top of head tag to the bottom (#1482) (1a2656b)
• resolve autoimport when target is server (474e953)
• Restrict file removal on modules containing computed properties (d5f8cdf), closes #1471
• specify languageLevel and forcedLnguageLevel explicitly as number (ee02e59)
• tsconfig baseURL and automatic alias (3d7e228)
• Watcher should ignore dist folder when homeDir points to './' (1cc41f3)

Features

• Add ability to pass optional cli Args to FuseProcess (552df36)
• Add StyledComponentsPlugin #1366 (#1449) (785cd8f)
• Add Terser support for minification (#1428) (1a04c70)
• add tests checking config files loaded correctly (ca96306)
• Babel7Plugin implementation (#1453) (123a516)
• Handle resolve urls including protocol (54f3828)
• improve docs for babel7 plugin with all options and more example (a42055f)
• Quantum Source Maps (134292c)
• report diagnostic errors on compilerOptions - #1457 (#1470) (7c9b7bd)
• resolve injected imports from preset-env on babel7 (7de0ca1)
• $devServer: Use fusebox logger for HTTPServer logging (46b4bfe)
• WebIndexPlugin: cssPath property to customise public paths for CSS (c8239d9), closes #1432

v3.6.0

Bug Fixes

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.