bump tough-cookie dependency to 4.1.3 due to vulnerability

[meddulla]

vulnerability GHSA-72xf-g2v4-qvf3

[meddulla]

See now that there's already an open PR #107