Update npm packages

Add --dump-dimensions option to rsx:debug for layout debugging
Mark framework publish

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

node_modules/cookie-signature/index.js

@@ -8,14 +8,14 @@ var crypto = require('crypto');
  * Sign the given `val` with `secret`.
  *
  * @param {String} val
- * @param {String} secret
+ * @param {String|NodeJS.ArrayBufferView|crypto.KeyObject} secret
  * @return {String}
  * @api private
  */
 
 exports.sign = function(val, secret){
-  if ('string' != typeof val) throw new TypeError("Cookie value must be provided as a string.");
-  if ('string' != typeof secret) throw new TypeError("Secret string must be provided.");
+  if ('string' !== typeof val) throw new TypeError("Cookie value must be provided as a string.");
+  if (null == secret) throw new TypeError("Secret key must be provided.");
   return val + '.' + crypto
     .createHmac('sha256', secret)
     .update(val)
@@ -28,14 +28,14 @@ exports.sign = function(val, secret){
  * returning `false` if the signature is invalid.
  *
  * @param {String} val
- * @param {String} secret
+ * @param {String|NodeJS.ArrayBufferView|crypto.KeyObject} secret
  * @return {String|Boolean}
  * @api private
  */
 
 exports.unsign = function(val, secret){
-  if ('string' != typeof val) throw new TypeError("Signed cookie string must be provided.");
-  if ('string' != typeof secret) throw new TypeError("Secret string must be provided.");
+  if ('string' !== typeof val) throw new TypeError("Signed cookie string must be provided.");
+  if (null == secret) throw new TypeError("Secret key must be provided.");
   var str = val.slice(0, val.lastIndexOf('.'))
     , mac = exports.sign(str, secret);