Upgrade minimist package to ~1.2.3

[liammulh]

Yesterday I pushed to perennial, and I saw this:

remote: GitHub found 1 vulnerability on phetsims/perennial's default branch (1 moderate). To find out more, visit:
remote:      https://github.com/phetsims/perennial/security/dependabot/4

I would do the upgrade myself, but in package.json we have "minimist": "~1.1.1" which I believe means we want minimist to get upgrades up to but not including 1.2.0. The version that has the patch for the vulnerability is 1.2.3. So unless someone says “yeah, it’s okay to upgrade it” I am not going to touch it.

[zepumph]

In https://www.npmjs.com/package/minimist#security I found that there was actually another security problem a bit later on in 1.2.5.

We use this library very sparingly, just for parsing runtime options:

https://github.com/phetsims/perennial/blob/6400e9d1eb4bcd6358ee0ca0aaca5e4e846a54b5/js/build-server/build-server.js#L28-L65

I looked through the changelog and nothing seemed breaking https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md

I then checked out a local copy of it and ensured it looked the same as our current expected usage:

// js.js
console.log( require( 'minimist' )( process.argv.slice( 2 ), { boolean: true } ) );

 mjkauzmann ~/PHET/git/sandbox
 $ node js.js  -h --help fjkdls fdjkl
--> { _: [ 'fjkdls', 'fdjkl' ], h: true, help: true }

This is low stakes and good to do, so I committed. @liammulh can you please spot check.

[liammulh]

Looks good, thanks, @zepumph.