[Snyk] Security upgrade minimatch from 3.1.5 to 9.0.6

[randi274]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• packages/aura-language-server/src/tern/package.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Infinite loop SNYK-JS-BRACEEXPANSION-15789759	641

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[randi274]

This is a major version upgrade from v3 to v9, which includes multiple significant breaking changes requiring code and environment updates.

Key Breaking Changes:

• Named Exports (v9.0.0): The package no longer has a default export. You must change your import statements from import minimatch from 'minimatch' to use named imports like import { minimatch } from 'minimatch'. This is a mandatory code change. [1]
• Node.js Version (v8.0.0, v9.0.6): Support for older Node.js versions has been dropped. Version 9.0.6 and its dependencies require Node.js 18 or later. [1, 8]
• Path Separators (v5.0.0): The library now exclusively uses forward slashes (/) as path separators in patterns. Backslashes (\) are treated as escape characters, which may affect patterns on Windows. [1]
• Pattern Matching Behavior (v7.0.0): A change was introduced to simplify patterns containing ... For example, a/b/../* is now treated as a/* and will not match the literal path a/b/../c. While this optimization can be controlled with options, the default behavior may have changed. [1]

Recommendation:
Due to the mandatory code change for imports and the significant jump in required Node.js version, this upgrade should be handled with care. It is critical to update all import/require statements and verify that your environment meets the new Node.js version requirements. Thorough testing of existing glob patterns is highly recommended to check for behavioral changes.

Source: Changelog

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.