[Snyk] Upgrade cors from 2.8.5 to 2.8.6

[l0rd]

Snyk has created this PR to upgrade cors from 2.8.5 to 2.8.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released 23 days ago.

Release notes

Package name: cors

• 2.8.6 - 2026-01-22
  

  What's Changed

  • Build: Node.js@12.16 and Node.js.13.12 by @ smondal in #189
  • Update README.md for origin function callback parameters by @ dstudzinski in #180
  • Suggest passing false for disallowed domains, not erroring by @ shackpank in #175
  • Changed the term whitelist to allowlist in Documentation by @ jkasun in #200
  • Fix typo in README by @ alex-grover in #207
  • Added new link & website in the README by @ manjunath00 in #269
  • Fix functions call with extra parameter by @ LuisEGR in #245
  • 🐛 Fix readme status badge by @ homersimpsons in #306
  • chore: add support for OSSF scorecard reporting by @ inigomarquinez in #321
  • ci: fix errors in ci github action for node 8 by @ inigomarquinez in #322
  • test: improved test robustness by @ Alex-GF in #320
  • chore: upgrade scorecard workflow pinned action versions by @ carpasse in #341
  • ci: add CodeQL (SAST) by @ bjohansebas in #340
  • docs: remove broken link to demo site by @ dpopp07 in #344
  • OSSF Scorecard recommendations by @ UlisesGascon in #350
  • build(deps): bump github/codeql-action from 3.24.7 to 3.28.19 by @ dependabot[bot] in #351
  • build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by @ dependabot[bot] in #353
  • build(deps): bump actions/checkout from 4.1.1 to 4.2.2 by @ dependabot[bot] in #354
  • build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 by @ dependabot[bot] in #355
  • build(deps-dev): bump express from 4.17.1 to 4.21.2 by @ dependabot[bot] in #356
  • build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.2 by @ dependabot[bot] in #352
  • build(deps-dev): bump mocha from 9.1.1 to 9.2.2 by @ dependabot[bot] in #358
  • update the docs for per request config by @ jonchurch in #338
  • (fix): readme updated for #271 origin option for * by @ dhananjaysa92 in #289
  • ci: upgrade Node versions by @ UlisesGascon in #359
  • chore: add funding to package.json by @ bjohansebas in #363
  • build(deps): bump github/codeql-action from 3.28.19 to 4.31.2 by @ dependabot[bot] in #371
  • build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @ dependabot[bot] in #370
  • docs: Cleanup README by @ efekrskl in #374
  • chore: add node v25 by @ imangas in #375
  • Extend CI test matrix by @ imangas in #376
  • docs: simplify code examples with header comments by @ jonchurch in #386
  • docs: tweak intro, add note w/ browser enforcement, FAQ by @ jonchurch in #385
  • chore: remove HISTORY.md and nonexistent CONTRIBUTING.md from tarball by @ Phillip9587 in #388
  • Release: 2.8.6 by @ UlisesGascon in #390

  New Contributors

  • @ smondal made their first contribution in #189
  • @ dstudzinski made their first contribution in #180
  • @ shackpank made their first contribution in #175
  • @ jkasun made their first contribution in #200
  • @ alex-grover made their first contribution in #207
  • @ manjunath00 made their first contribution in #269
  • @ LuisEGR made their first contribution in #245
  • @ homersimpsons made their first contribution in #306
  • @ inigomarquinez made their first contribution in #321
  • @ Alex-GF made their first contribution in #320
  • @ carpasse made their first contribution in #341
  • @ bjohansebas made their first contribution in #340
  • @ dpopp07 made their first contribution in #344
  • @ UlisesGascon made their first contribution in #350
  • @ dependabot[bot] made their first contribution in #351
  • @ jonchurch made their first contribution in #338
  • @ dhananjaysa92 made their first contribution in #289
  • @ efekrskl made their first contribution in #374
  • @ imangas made their first contribution in #375
  • @ Phillip9587 made their first contribution in #388

  Full Changelog: v2.8.5...v2.8.6

• 2.8.5 - 2018-11-04
  

  2.8.5

from cors GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: l0rd
Once this PR has been reviewed and has the lgtm label, please assign jdubrick for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[thepetk]

code is only used for testing