Bump minimatch, npm and uglifyify

[dependabot]

Bumps minimatch to 3.0.4 and updates ancestor dependencies minimatch, npm and uglifyify. These dependencies need to be updated together.

Updates minimatch from 0.3.0 to 3.0.4

Commits

• e46989a v3.0.4
• ddfacbd update brace-expansion
• 55ed736 update package scripts and deps
• eed8949 v3.0.3
• ecabc57 Do not throw on unfinished !( extglob patterns
• 81edb7c v3.0.2
• 6944abf Handle extremely long and terrible patterns more gracefully
• 8ac560e v3.0.1
• 4f3a8bc update tap
• 9cf2d88 Remove mentions of cache from readme
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for minimatch since your current version.

Updates npm from 3.8.7 to 3.10.10

Changelog

Sourced from npm's changelog.

v3.10.10 (2016-11-04)

See the discussion on #14042 for more context on this release, which is intended to address a serious regression in shrinkwrap behavior in the version of the CLI currently bundled with Node.js 6 LTS "Boron". You should never install this version directly; instead update to npm@4, which has everything in this release and more.

REGRESSION FIX

• 9aebe98 #14117 Fixes a bug where installing a shrinkwrapped package would fail if the platform failed to install an optional dependency included in the shrinkwrap. (@​watilde)

UPDATE SUPPORT MATRIX

With the advent of the second official Node.js LTS release, Node 6.x 'Boron', the Node.js project has now officially dropped versions 0.10 and 0.12 out of the maintenance phase of LTS. (Also, Node 5 was never part of LTS, and will see no further support now that Node 7 has been released.) As a small team with limited resources, the npm CLI team is following suit and dropping those versions of Node from its CI test matrix.

• c82ecfd #14503 Node 6 is LTS; 5.x, 0.10, and 0.12 are unsupported. (@​othiym23)

v3.10.9 (2016-10-06)

Hi everyone! This is the last of our monthly releases. We're going to give an every-two-weeks schedule a try starting with our next release. We'll reevaluate in a quarter, but we suspect that will be what we'll stick with. You might be wondering why we've been fiddling with the release cadence? Well, we've been trying to tune it to to minimize the overhead for our little team.

This is ALSO the ULTIMATE release of npm version 3. That's right, in just two weeks' time (October 20th for you fans of calendar time), our dear npm will be hitting the big 4.0.

DON'T PANIC

This is gonna be a much, MUCH smaller major version than 3.x was. Maybe even smaller than 2.x was. I can't tell you everything that'll be in there just yet, but at the very least it's going to have what's in our 4.x milestone, PLUS, the first steps in

... (truncated)

Commits

• 1284a4f 3.10.10
• 827fb5f doc: update changelog for 3.10.10
• 7dc8b8b test: tweaks for clean build
• 7ac7946 test: adjust shrinkwrap for npm@3
• 9aebe98 shrinkwrap: update isDepOptional in install/deps.js to check the optional prop
• c89a972 scripts: don't rely on latest being checked out
• c82ecfd ci: Node 6 is LTS, 0.10 & 0.12 are unsupported
• cb8ccb7 travis: Fix travis config to run nyc broken tests too
• ca6f346 gen-changelog: change default branch to latest
• 97c4786 travis: Adjust tests to pass with NYC under travis
• Additional commits viewable in compare view

Updates uglifyify from 3.0.1 to 3.0.4

Commits

• d609efe 3.0.4
• 621cfed fix(sourcemaps): Allow utf8 charset (#48)
• 18f5ac3 3.0.3
• e45f51a patch(deps): update minimatch@^3.0.2 (#53)
• 9ee1dc8 3.0.2
• e64e8dc gitignore: add
• f63a7f6 Merge pull request #50 from bpmccurdy/patch-1
• b6a192c use relative source paths in sourcemaps
• 7134eae Merge pull request #39 from jmm/docs-usage
• 0ea2318 Update usage docs.
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by yoshuawuyts, a new releaser for uglifyify since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.