fix: update minimatch to 3.1.5

[MikeMcC399]

Situation

npm audit and Dependabot report vulnerabilities:

• GHSA-5rq4-664w-9x2c CVE-2026-27699
• GHSA-3ppc-4f35-3m26 CVE-2026-26996

$ npm audit
# npm audit report

basic-ftp  <5.2.0
Severity: critical
Basic FTP has Path Traversal Vulnerability in its downloadToDir() method - https://github.com/advisories/GHSA-5rq4-664w-9x2c
fix available via `npm audit fix`
node_modules/basic-ftp

minimatch  <3.1.3
Severity: high
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern - https://github.com/advisories/GHSA-3ppc-4f35-3m26
fix available via `npm audit fix`
node_modules/minimatch

2 vulnerabilities (1 high, 1 critical)

To address all issues, run:
  npm audit fix

Change

• Use npm audit to update package-lock.json to non-vulnerable versions
• Rebuild action

[cypress-app-bot]

• Create a Draft Pull Request if your PR is not ready for review. Mark the PR as Ready for Review when you're ready for a Cypress team member to review the PR.

[github-actions]

🎉 This PR is included in version 7.1.4 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀