build(deps): bump minimatch and markuplint

[dependabot]

Bumps minimatch to 3.1.5 and updates ancestor dependencies minimatch and markuplint. These dependencies need to be updated together.

Updates minimatch from 3.1.2 to 3.1.5

Commits

• 7bba978 3.1.5
• bd25942 docs: add warning about ReDoS
• 1a9c27c fix partial matching of globstar patterns
• 1a2e084 3.1.4
• ae24656 update lockfile
• b100374 limit recursion for **, improve perf considerably
• 26ffeaa lockfile update
• 9eca892 lock node version to 14
• 00c323b 3.1.3
• 30486b2 update CI matrix and actions
• Additional commits viewable in compare view

Updates minimatch from 9.0.5 to 9.0.9

Commits

• 7bba978 3.1.5
• bd25942 docs: add warning about ReDoS
• 1a9c27c fix partial matching of globstar patterns
• 1a2e084 3.1.4
• ae24656 update lockfile
• b100374 limit recursion for **, improve perf considerably
• 26ffeaa lockfile update
• 9eca892 lock node version to 14
• 00c323b 3.1.3
• 30486b2 update CI matrix and actions
• Additional commits viewable in compare view

Updates markuplint from 4.14.1 to 4.18.0

Changelog

Sourced from markuplint's changelog.

4.18.0 (2026-04-22)

Bug Fixes

• deps: adapt code to breaking changes from upgrade (ced7fab)
• disable unicorn/no-array-sort rule and fix no-immediate-mutation (bf76be2)
• resolve additional eslint-plugin-unicorn v63 errors (e58a72c)
• support TypeScript 6.0 (0dcf708), closes #3759 #3759
• test: force local file: resolution in isolated-env sandbox tests (d8cfa32), closes #ts6
• update glob import to use named export (c78c98f)

Reverts

• keep vitest 3 and plain markuplint ref for CI compat (82ba2f9)
• pin jsdom to 26 for Node 18 support (a82d280)
• pin meow and os-locale for Node 18 support (ed61c88)
• pin uuid to 13 for Node 18 support (b2bae14)

Commits

• 1885af6 chore(release): publish
• b56985a ci: add npm OIDC publish workflow to v4
• c86fa46 Merge pull request #3781 from markuplint/chore/v4-fixed-versioning
• a464533 chore(deps): update dependency dotenv to v17.4.2 (#3779)
• 134b141 chore(release): switch v4 to fixed versioning at 4.18.0-alpha.0
• 6fe0b76 chore: bump packageManager to yarn@4.14.1
• 2874216 chore(deps): update react monorepo to v19.2.5 (#3778)
• 9e6f9bd chore(deps): update node.js to v22.22.2 (#3776)
• 53e6e0b chore(release): publish
• 13bf329 chore(release): update release scripts
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for markuplint since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.