Use exact version for modclean-patterns-default

[jehy]

If someone is using modclean in production without package-lock, then updating transitive dependency modclean-patterns-default may cause sudden harm with no obvious reasons.

I think that version of modclean-patterns-default should only be updated with updating modclean version and should be exact.

[KyleRoss]

For version 3, I'm thinking about changing the way the patterns are loaded in. It will continue to use a separate patterns module, but may have it as a requirement to install by the end user. In this case, there would be no need to lock the patterns module to a specific version in modclean and will give the end user the ability to lock to a specific version.

I will provide more information once I have it!

[KyleRoss]

After thinking this through a bit more, it doesn't make sense to make the end user have to install the default patterns alongside modclean. It makes one more dependency that needs to be maintained. For now, I think I'm going to leave it in there as it is and put a note in the readme.

If people need to lock down to a specific version, this is where creating and submitting a custom patterns module would make the most sense. The real issue here is that the default patterns module may need to be revisited to ensure that the patterns are relevant and less dangerous.

I will mention that I have added in additional functionality in version 3 that can determine is a matched path is a module or not which will prevent issues like #19.

[KyleRoss]

I'm going to leave it as is for now. I'll be looking into the patterns module once version 3 hits beta.