Build(deps): Bump minimatch from 3.0.4 to 6.1.5

[dependabot[bot]]

Bumps minimatch from 3.0.4 to 6.1.5.

Changelog

Sourced from minimatch's changelog.

change log

6.1

• Handle UNC paths on Windows

  This adds some slightly modified behavior when a pattern or path starts with // on Windows.

  • In the case of //?/<drive letter>:/..., the ? is treated as a literal character, rather than a wildcard. That is, //?/c: will not match //x/c:.
  • UNC patterns starting with //?/<drive letter>:/ will match file paths starting with <drive letter>: if the drive letters match case-insensitively.
  • File paths starting with //?/<drive letter>:/ will match file patterns starting with <drive letter>: if the drive letters match case-insensitively.

• Add {preserveMultipleSlashes:true} option to suppress the behavior where multiple consecutive / characters would be effectively coerced into a single path portion separator.

6.0

• hybrid module supporting both require() and import
• exported types

5.1

• use windowsPathNoEscape/allowWindowsEscape opts
• make character classes more faithful to bash glob behavior
  • fix handling of escapes
  • treat invalid character classes as non-matching pattern rather than escaped literals

5.0

• brace-expansion: ignore only blocks that begins with $
• Expect exclusively forward slash as path sep, same as node-glob

4.2

• makeRe: globstar should match zero+ path portions
• Fix bug with escaped '@' in patterns

4.1

• treat nocase:true as always having magic
• expose GLOBSTAR marker

... (truncated)

Commits

• 04ab899 6.1.5
• 9f72189 fix: bundling library using webpack
• bcca580 add todo comment test re need for extglob recursive descent
• 040cd41 6.1.4
• 35b00ba fix case where ) appears in a class in an extglob
• 9ddf1df 6.1.3
• 312360f formatting
• f35d0b8 Detect leading dots in extglob subpatterns
• 1029391 test verifying that accented chars work in nocase:true
• 58c6735 6.1.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[guardrails[bot]]

:warning: We detected 1 security issue in this pull request:

Mode: paranoid | Total findings: 1 | Considered vulnerability: 1

Vulnerable Libraries (1)

Severity | Details ----- | -------- High | [pkg:npm/minimatch@3.0.4@3.0.4](https://github.com/turkdevops/prettier/blob/f1c529835613832eb5e80355ed4004d6a3464e3f/yarn.lock#L5915) (t) upgrade to: *3.0.5* More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr#).

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

[dependabot[bot]]

Superseded by #951.