fix(security): override minimatch to >=10.2.3 to address GHSA-23c5-xmqv-rm74 and GHSA-7r86-cg39-jmmj

[cswkim]

Description

This PR updates the pnpm override for minimatch to >=10.2.3, ensuring the project resolves to a patched version that fixes the ReDoS vulnerabilities in extglob and GLOBSTAR handling described in GHSA-23c5-xmqv-rm74 and GHSA-7r86-cg39-jmmj. This is needed to prevent attacker-controlled glob patterns from causing catastrophic backtracking and stalling the Node.js event loop.

Checklist

• It's useful if your PR references an issue where it is discussed ahead of time
• Adhere to semantic messaging and prefix your PR title with feat:, fix:, chore:, docs:, etc.
• I’ve added tests if needed
• I’ve updated documentation if applicable
• I’ve tested this locally
• Add a changeset (pnpm changeset) if necessary

Tests and linting

• Run the tests with pnpm test.
• Run the lint check with pnpm lint.
• Run the code formatting (prettier) check with pnpm format.

[changeset-bot]

🦋 Changeset detected

Latest commit: bb58579

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
discogs-mcp-server	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR