diff --git a/.changesets/11862.md b/.changesets/11862.md
new file mode 100644
index 000000000000..238e5cee5915
--- /dev/null
+++ b/.changesets/11862.md
@@ -0,0 +1,10 @@
+- breaking(deps): cookie v1.0.2 (#11862) by @Tobbe
+
+See https://github.com/jshttp/cookie/releases/tag/v1.0.0 for what's breaking in
+this release.
+
+We expose the `SerializeOptions` type (that used to be named
+`CookieSerializeOptions`), and it has changed.
+It's very unlikely that you're affected by this change. But if you are it'd
+probably be becase you're accessing our cookie jar, and used its `set` method
+you might be affected by this change.
diff --git a/packages/api/package.json b/packages/api/package.json
index 4ad55d753905..b052bb69ed79 100644
--- a/packages/api/package.json
+++ b/packages/api/package.json
@@ -52,7 +52,7 @@
   "dependencies": {
     "@prisma/client": "5.20.0",
     "@whatwg-node/fetch": "0.9.21",
-    "cookie": "0.7.2",
+    "cookie": "1.0.2",
     "humanize-string": "2.1.0",
     "jsonwebtoken": "9.0.2",
     "pascalcase": "1.0.0",
diff --git a/packages/cookie-jar/package.json b/packages/cookie-jar/package.json
index d50ebfd3117d..0578b8309d96 100644
--- a/packages/cookie-jar/package.json
+++ b/packages/cookie-jar/package.json
@@ -23,7 +23,7 @@
     "test": "vitest run"
   },
   "dependencies": {
-    "cookie": "0.7.2",
+    "cookie": "1.0.2",
     "esbuild": "0.24.2",
     "fast-glob": "3.3.2",
     "fs-extra": "11.2.0"
diff --git a/packages/cookie-jar/src/CookieJar.ts b/packages/cookie-jar/src/CookieJar.ts
index 2690c9157cd1..0a7ddfc83363 100644
--- a/packages/cookie-jar/src/CookieJar.ts
+++ b/packages/cookie-jar/src/CookieJar.ts
@@ -1,37 +1,42 @@
-import cookie from 'cookie'
+import * as cookie from 'cookie'
+import type { SerializeOptions } from 'cookie'
 
 export type CookieParams = {
   value: string
-  options?: cookie.CookieSerializeOptions
+  options?: SerializeOptions
 }
 
 /** Specialized cookie map, that lets you set cookies with options */
 export class CookieJar {
   private map = new Map<string, CookieParams>()
 
-  // This allows CookieJar to be used in MWRequest.cookie also
-  // note that options are not available when constructed this way
+  // This allows CookieJar to be used in MiddlewareRequest.cookie
+  // Also note that options are not available when constructed this way
   constructor(cookieString?: string | null) {
-    if (cookieString) {
-      const parsedCookies = cookie.parse(cookieString)
-
-      this.map = new Map(
-        Object.entries(parsedCookies).map(([key, value]) => {
-          return [key, { value }]
-        }),
-      )
+    if (cookieString === null || typeof cookieString === 'undefined') {
+      return
     }
+
+    const parsedCookies = cookie.parse(cookieString)
+
+    this.map = new Map(
+      Object.entries(parsedCookies).map(([key, value]) => {
+        // Since we're not passing any options to cookie.parse above we will
+        // always use their internal `decode` function to decode the cookie
+        // value, and that function will always return a string. So the
+        // `typeof` check here will always be false.
+        if (typeof value === 'undefined') {
+          // This cannot happen. See comment above.
+          throw new Error('Cookie value is undefined')
+        }
+
+        return [key, { value }]
+      }),
+    )
   }
 
-  public set(
-    name: string,
-    value: string,
-    options?: cookie.CookieSerializeOptions,
-  ) {
-    this.map.set(name, {
-      value,
-      options,
-    })
+  public set(name: string, value: string, options?: SerializeOptions) {
+    this.map.set(name, { value, options })
 
     return this
   }
diff --git a/packages/vite/package.json b/packages/vite/package.json
index beef525ced60..550805014d45 100644
--- a/packages/vite/package.json
+++ b/packages/vite/package.json
@@ -73,7 +73,7 @@
     "acorn-loose": "8.4.0",
     "buffer": "6.0.3",
     "busboy": "^1.6.0",
-    "cookie": "0.7.2",
+    "cookie": "1.0.2",
     "core-js": "3.38.1",
     "dotenv-defaults": "5.0.2",
     "execa": "5.1.1",
@@ -95,7 +95,6 @@
     "@arethetypeswrong/cli": "0.16.4",
     "@hyrious/esbuild-plugin-commonjs": "0.2.4",
     "@types/busboy": "^1",
-    "@types/cookie": "^0",
     "@types/express": "4",
     "@types/fs-extra": "11.0.4",
     "@types/react": "^18.2.55",
diff --git a/packages/web/package.json b/packages/web/package.json
index 3444b516f8d7..0323ade1a63d 100644
--- a/packages/web/package.json
+++ b/packages/web/package.json
@@ -147,7 +147,7 @@
     "@redwoodjs/server-store": "workspace:*",
     "@whatwg-node/fetch": "0.9.21",
     "apollo-upload-client": "18.0.1",
-    "cookie": "0.7.2",
+    "cookie": "1.0.2",
     "core-js": "3.38.1",
     "graphql": "16.9.0",
     "graphql-sse": "2.5.3",
@@ -170,7 +170,6 @@
     "@testing-library/jest-dom": "6.5.0",
     "@testing-library/react": "14.3.1",
     "@types/apollo-upload-client": "^18",
-    "@types/cookie": "^0",
     "@types/react": "^18.2.55",
     "@types/react-dom": "^18.2.19",
     "concurrently": "8.2.2",
diff --git a/packages/web/src/server/MiddlewareResponse.ts b/packages/web/src/server/MiddlewareResponse.ts
index 43570999191b..a5c980cab7ea 100644
--- a/packages/web/src/server/MiddlewareResponse.ts
+++ b/packages/web/src/server/MiddlewareResponse.ts
@@ -1,5 +1,5 @@
 import { Response as PonyResponse } from '@whatwg-node/fetch'
-import cookie from 'cookie'
+import * as cookie from 'cookie'
 
 import { CookieJar } from '@redwoodjs/cookie-jar'
 
diff --git a/yarn.lock b/yarn.lock
index f199d6ef0998..8bb076462f56 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -7544,7 +7544,7 @@ __metadata:
     "@types/split2": "npm:4.2.3"
     "@whatwg-node/fetch": "npm:0.9.21"
     concurrently: "npm:8.2.2"
-    cookie: "npm:0.7.2"
+    cookie: "npm:1.0.2"
     humanize-string: "npm:2.1.0"
     jsonwebtoken: "npm:9.0.2"
     memjs: "npm:1.3.2"
@@ -8339,7 +8339,7 @@ __metadata:
   dependencies:
     "@redwoodjs/framework-tools": "workspace:*"
     "@types/fs-extra": "npm:11.0.4"
-    cookie: "npm:0.7.2"
+    cookie: "npm:1.0.2"
     esbuild: "npm:0.24.2"
     fast-glob: "npm:3.3.2"
     fs-extra: "npm:11.2.0"
@@ -9020,7 +9020,6 @@ __metadata:
     "@redwoodjs/web": "workspace:*"
     "@swc/core": "npm:1.7.28"
     "@types/busboy": "npm:^1"
-    "@types/cookie": "npm:^0"
     "@types/express": "npm:4"
     "@types/fs-extra": "npm:11.0.4"
     "@types/react": "npm:^18.2.55"
@@ -9033,7 +9032,7 @@ __metadata:
     buffer: "npm:6.0.3"
     busboy: "npm:^1.6.0"
     concurrently: "npm:8.2.2"
-    cookie: "npm:0.7.2"
+    cookie: "npm:1.0.2"
     core-js: "npm:3.38.1"
     dotenv-defaults: "npm:5.0.2"
     execa: "npm:5.1.1"
@@ -9105,13 +9104,12 @@ __metadata:
     "@testing-library/jest-dom": "npm:6.5.0"
     "@testing-library/react": "npm:14.3.1"
     "@types/apollo-upload-client": "npm:^18"
-    "@types/cookie": "npm:^0"
     "@types/react": "npm:^18.2.55"
     "@types/react-dom": "npm:^18.2.19"
     "@whatwg-node/fetch": "npm:0.9.21"
     apollo-upload-client: "npm:18.0.1"
     concurrently: "npm:8.2.2"
-    cookie: "npm:0.7.2"
+    cookie: "npm:1.0.2"
     core-js: "npm:3.38.1"
     graphql: "npm:16.9.0"
     graphql-sse: "npm:2.5.3"
@@ -10860,13 +10858,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/cookie@npm:^0":
-  version: 0.6.0
-  resolution: "@types/cookie@npm:0.6.0"
-  checksum: 10c0/5b326bd0188120fb32c0be086b141b1481fec9941b76ad537f9110e10d61ee2636beac145463319c71e4be67a17e85b81ca9e13ceb6e3bb63b93d16824d6c149
-  languageName: node
-  linkType: hard
-
 "@types/cookie@npm:^0.4.1":
   version: 0.4.1
   resolution: "@types/cookie@npm:0.4.1"
@@ -14806,10 +14797,10 @@ __metadata:
   languageName: node
   linkType: hard
 
-"cookie@npm:0.7.2":
-  version: 0.7.2
-  resolution: "cookie@npm:0.7.2"
-  checksum: 10c0/9596e8ccdbf1a3a88ae02cf5ee80c1c50959423e1022e4e60b91dd87c622af1da309253d8abdb258fb5e3eacb4f08e579dc58b4897b8087574eee0fd35dfa5d2
+"cookie@npm:1.0.2":
+  version: 1.0.2
+  resolution: "cookie@npm:1.0.2"
+  checksum: 10c0/fd25fe79e8fbcfcaf6aa61cd081c55d144eeeba755206c058682257cb38c4bd6795c6620de3f064c740695bb65b7949ebb1db7a95e4636efb8357a335ad3f54b
   languageName: node
   linkType: hard