chore(deps): update dependency express-session to ^1.18.2

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
express-session	^1.18.0 -> ^1.18.2

---

Release Notes

expressjs/session (express-session)

v1.18.2

Compare Source

==========

• deps: mocha@​10.8.2
• deps: on-headers@~1.1.0
  • Fix CVE-2025-7339 (GHSA-76c9-3jph-rj3q)

v1.18.1

Compare Source

==========

• deps: cookie@​0.7.2
  • Fix object assignment of hasOwnProperty
• deps: cookie@​0.7.1
  • Allow leading dot for domain
    • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
  • Add fast path for serialize without options, use obj.hasOwnProperty when parsing
• deps: cookie@​0.7.0
  • perf: parse cookies ~10% faster
  • fix: narrow the validation of cookies to match RFC6265
  • fix: add main to package.json for rspack

---

Configuration

📅 Schedule: Branch creation - Between 05:00 AM and 05:59 AM, every 14 days ( * 5 */14 * * ) in timezone Europe/Stockholm, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.