Bump minimatch and grunt

[dependabot]

Bumps minimatch to 3.1.5 and updates ancestor dependency grunt. These dependencies need to be updated together.

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 7bba978 3.1.5
• bd25942 docs: add warning about ReDoS
• 1a9c27c fix partial matching of globstar patterns
• 1a2e084 3.1.4
• ae24656 update lockfile
• b100374 limit recursion for **, improve perf considerably
• 26ffeaa lockfile update
• 9eca892 lock node version to 14
• 00c323b 3.1.3
• 30486b2 update CI matrix and actions
• Additional commits viewable in compare view

Updates grunt from 1.5.3 to 1.6.2

Release notes

Sourced from grunt's releases.

v1.6.1

• Changelog updates 72f6f03
• Merge pull request #1755 from gruntjs/rm-dep 8d4c183
• Add recursive 1c7d483
• Merge pull request #1756 from gruntjs/downgrade-glob 2d4fd38
• Downgrade glob 902db7c
• Fix syntax 494f243
• remove mkdirp b01389e
• remove dep on rimraf and mkdirp 0072510

gruntjs/grunt@v1.6.0...v1.6.1

v1.6.0

• Merge pull request #1750 from gruntjs/dep-update-jan28 2805dc3
• README updates 3f1e423
• Bump to 16 8fd096d
• Update more deps 42c5f95
• Bump eslint and node version 1d88050

gruntjs/grunt@v1.5.3...v1.6.0

Changelog

Sourced from grunt's changelog.

v1.6.2 date: 2026-04-14 changes: - Update minimatch to 3.1.5. (PR: gruntjs/grunt#1796) - Update nopt to 5.0.0. (PR: gruntjs/grunt#1778) v1.6.1 date: 2023-01-31 changes: - Downgrades to glob 7 for Windows compatability - Removes mkdirp and rimraf in favour of node.js APIs. v1.6.0 date: 2023-01-28 changes: - Requires node.js 16+. - template.date now uses dateformat ~4.6.2. - other dependency updates such as glob, rimraf, etc.

Commits

• f49016e 1.6.2
• 662e097 Update minimatch to 3.1.5 to fix CVEs
• a29fd18 CI: add Node.js 24 to version matrix
• f757c4f Update links
• b5aa834 Merge pull request #1792 from UlisesGascon/security-md
• 8d2dea2 docs: refresh security policy
• aa15bdc Merge pull request #1786 from stscoundrel/ci-node-22
• ee5b2a3 Merge pull request #1787 from gruntjs/add-commercial-support
• c0e2b42 Readme updates re: support
• c4f037d CI: update GH actions V3 -> V4
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by krinkle, a new releaser for grunt since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.