build(deps): bump on-headers and express-session (#134)

Bumps [on-headers](https://github.com/jshttp/on-headers) to 1.1.0 and updates ancestor dependency [express-session](https://github.com/expressjs/session). These dependencies need to be updated together.


Updates `on-headers` from 1.0.2 to 1.1.0
- [Release notes](https://github.com/jshttp/on-headers/releases)
- [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md)
- [Commits](jshttp/on-headers@v1.0.2...v1.1.0)

Updates `express-session` from 1.18.1 to 1.18.2
- [Release notes](https://github.com/expressjs/session/releases)
- [Changelog](https://github.com/expressjs/session/blob/master/HISTORY.md)
- [Commits](expressjs/session@v1.18.1...v1.18.2)

---
updated-dependencies:
- dependency-name: on-headers
  dependency-version: 1.1.0
  dependency-type: indirect
- dependency-name: express-session
  dependency-version: 1.18.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

package-lock.json

@@ -21,7 +21,7 @@
     "cookie-parser": "^1.4.7",
     "dotenv": "^4.0.0",
     "express": "^4.21.2",
-    "express-session": "^1.18.1",
+    "express-session": "^1.18.2",
     "express-validator": "^6.14.2",
     "graphql": "^0.11.7",
     "graphql-tag": "^2.6.0",