From ede3254159a1081869933551b33128b4c8684bc8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 23 Jan 2026 13:02:50 +0000
Subject: [PATCH] Bump cors from 2.8.5 to 2.8.6

Bumps [cors](https://github.com/expressjs/cors) from 2.8.5 to 2.8.6.
- [Release notes](https://github.com/expressjs/cors/releases)
- [Changelog](https://github.com/expressjs/cors/blob/master/HISTORY.md)
- [Commits](https://github.com/expressjs/cors/compare/v2.8.5...v2.8.6)

---
updated-dependencies:
- dependency-name: cors
  dependency-version: 2.8.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package.json | 2 +-
 yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index bac5094..3946b5a 100644
--- a/package.json
+++ b/package.json
@@ -17,7 +17,7 @@
     "child_process": "^1.0.2",
     "compression": "^1.7.4",
     "cookie-parser": "^1.4.5",
-    "cors": "^2.8.5",
+    "cors": "^2.8.6",
     "debug": "^4.3.1",
     "dotenv": "^17.2.3",
     "ejs": "^4.0.1",
diff --git a/yarn.lock b/yarn.lock
index 2de04c8..de56300 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -439,10 +439,10 @@ core-util-is@~1.0.0:
   resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85"
   integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==
 
-cors@^2.8.5:
-  version "2.8.5"
-  resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.5.tgz#eac11da51592dd86b9f06f6e7ac293b3df875d29"
-  integrity sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==
+cors@^2.8.6:
+  version "2.8.6"
+  resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.6.tgz#ff5dd69bd95e547503820d29aba4f8faf8dfec96"
+  integrity sha512-tJtZBBHA6vjIAaF6EnIaq6laBBP9aq/Y3ouVJjEfoHbRBcHBAHYcMh/w8LDrk2PvIMMq8gmopa5D4V8RmbrxGw==
   dependencies:
     object-assign "^4"
     vary "^1"