Build(deps): Bump minimatch and npm

[dependabot]

Removes minimatch. It's no longer used after updating ancestor dependency npm. These dependencies need to be updated together.

Removes minimatch

Updates npm from 11.7.0 to 11.10.1

Release notes

Sourced from npm's releases.

v11.10.1

11.10.1 (2026-02-19)

Bug Fixes

• 9fac412 #8995 improve unknown config warning with .npmrc section hint (#8995) (@​umeshmore45)
• bb135cc #8981 arborist: fix peerOptional dependency resolution in buildIdealTree (#8981) (@​Saibamen, @​cursoragent)
• 5c03826 #8993 remove tabular output from "npm view" (@​wraithgar)
• 4648f26 #8993 remove tabular output from "npm team" (@​wraithgar)

Documentation

• 0a5756d #8998 clarify unsupported custom .npmrc keys and recommend alternatives (#8998) (@​maitrawebtech)
• 22c9153 #8985 fix typo and grammar in README (#8985) (@​csmit195, Chris)

Dependencies

• aa8ffbf #9002 init-package-json@8.2.5 (#9002)
• 67a0f09 #9001 glob@13.0.6
• 56b8fd4 #9001 minimatch@10.2.2
• aa7fef5 #9001 minipass@7.1.3
• d3a4161 #9000 @npmcli/package-json@7.0.5 (#9000)
• 7aa9338 #8993 remove cli-columns
• f7f7c53 #8991 hoist balanced-match
• 10cb575 #8991 hoist latest yallist
• 1b3dc9a #8991 cidr-regex@5.0.3
• 4307af6 #8991 glob@13.0.5
• 13b4d6a #8991 minimatch@10.2.1
• 45d4000 #8991 tar@7.5.9

Chores

• 40fcab4 #8991 @npmcli/template-oss@4.29.0 (@​wraithgar)
• 1598adb #8991 dev dependency updates (@​wraithgar)
• workspace: @npmcli/arborist@9.3.1
• workspace: @npmcli/config@10.7.1
• workspace: libnpmdiff@8.1.2
• workspace: libnpmexec@10.2.2
• workspace: libnpmfund@7.0.16
• workspace: libnpmpack@9.1.2

v11.10.0

11.10.0 (2026-02-11)

Features

• cf56a1e #8899 npm trust, per-command config (@​reggi)
• cf56a1e #8899 npm trust (@​reggi)
• 66d6e11 #8965 add min-release-age (#8965) (@​wraithgar)

Dependencies

• aae84bf #8973 pacote@21.3.1
• 8bcb675 #8973 cidr-regex@5.0.2
• f87aaab #8973 lru-cache@11.2.6
• acec871 #8973 ssri@13.0.1
• 1e42a86 #8973 glob@13.0.2
• e1c08a4 #8973 is-cidr@6.0.3
• dfb0e34 #8973 semver@7.7.4
• 0ee7776 #8973 which@6.0.1

Chores

• eb81df8 #8973 dev dependency updates (@​wraithgar)

... (truncated)

Changelog

Sourced from npm's changelog.

11.10.1 (2026-02-19)

Bug Fixes

• 9fac412 #8995 improve unknown config warning with .npmrc section hint (#8995) (@​umeshmore45)
• bb135cc #8981 arborist: fix peerOptional dependency resolution in buildIdealTree (#8981) (@​Saibamen, @​cursoragent)
• 5c03826 #8993 remove tabular output from "npm view" (@​wraithgar)
• 4648f26 #8993 remove tabular output from "npm team" (@​wraithgar)

Documentation

• 0a5756d #8998 clarify unsupported custom .npmrc keys and recommend alternatives (#8998) (@​maitrawebtech)
• 22c9153 #8985 fix typo and grammar in README (#8985) (@​csmit195, Chris)

Dependencies

• aa8ffbf #9002 init-package-json@8.2.5 (#9002)
• 67a0f09 #9001 glob@13.0.6
• 56b8fd4 #9001 minimatch@10.2.2
• aa7fef5 #9001 minipass@7.1.3
• d3a4161 #9000 @npmcli/package-json@7.0.5 (#9000)
• 7aa9338 #8993 remove cli-columns
• f7f7c53 #8991 hoist balanced-match
• 10cb575 #8991 hoist latest yallist
• 1b3dc9a #8991 cidr-regex@5.0.3
• 4307af6 #8991 glob@13.0.5
• 13b4d6a #8991 minimatch@10.2.1
• 45d4000 #8991 tar@7.5.9

Chores

• 40fcab4 #8991 @npmcli/template-oss@4.29.0 (@​wraithgar)
• 1598adb #8991 dev dependency updates (@​wraithgar)
• workspace: @npmcli/arborist@9.3.1
• workspace: @npmcli/config@10.7.1
• workspace: libnpmdiff@8.1.2
• workspace: libnpmexec@10.2.2
• workspace: libnpmfund@7.0.16
• workspace: libnpmpack@9.1.2

11.10.0 (2026-02-11)

Features

• cf56a1e #8899 npm trust, per-command config (@​reggi)
• cf56a1e #8899 npm trust (@​reggi)
• 66d6e11 #8965 add min-release-age (#8965) (@​wraithgar)

Dependencies

• aae84bf #8973 pacote@21.3.1
• 8bcb675 #8973 cidr-regex@5.0.2
• f87aaab #8973 lru-cache@11.2.6
• acec871 #8973 ssri@13.0.1
• 1e42a86 #8973 glob@13.0.2
• e1c08a4 #8973 is-cidr@6.0.3
• dfb0e34 #8973 semver@7.7.4
• 0ee7776 #8973 which@6.0.1

Chores

• eb81df8 #8973 dev dependency updates (@​wraithgar)
• 995e757 #8966 Clean up some todos, add tests for previously skipped blocks (@​owlstronaut)
• workspace: @npmcli/arborist@9.3.0

... (truncated)

Commits

• c029cb2 chore: release 11.10.1
• 9fac412 fix: improve unknown config warning with .npmrc section hint (#8995)
• aa8ffbf deps: init-package-json@8.2.5 (#9002)
• 67a0f09 deps: glob@13.0.6
• 56b8fd4 deps: minimatch@10.2.2
• aa7fef5 deps: minipass@7.1.3
• d3a4161 deps: @​npmcli/package-json@​7.0.5 (#9000)
• 0a5756d docs: clarify unsupported custom .npmrc keys and recommend alternatives (#8998)
• bb135cc fix(arborist): fix peerOptional dependency resolution in buildIdealTree (...
• 7aa9338 deps: remove cli-columns
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.