build(deps): bump minimatch and truffle

[dependabot]

Bumps minimatch to 3.1.2 and updates ancestor dependency truffle. These dependencies need to be updated together.

Updates minimatch from 3.0.4 to 3.1.2

Commits

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

Updates truffle from 5.1.58 to 5.6.5

Release notes

Sourced from truffle's releases.

v5.6.5 — Slurping noodles in the woods

If a wild Truffle release runs by unnoticed in the woods 🦌, do its legs make a sound? Er, or I mean if it falls on a tree does it makes sound? 🌳 Or something?

Fall cools things down, turns the leaves brown and red, and makes us a bit quieter and introspective. Just a bit like here in the Truffle camp where we've been directing focus inward, deep into the internals of Truffle to make improvements. It's getting better all the time!

Aside from this mass of improvements, there was a bug fixed with the config command. Some problem with a logger was causing it to crash when fetching a value. "Well", we thought, "crashing is no fun!". And because we love fun so much 👻, we fixed it!

One other thing to mention, is that there are some more sourcify networks that got added to the source-fetcher. I suppose this is now a monthly thing for us to grow this list of networks. It is a well-known fact, of course, that "more networks" = "more fun", and you already know how we feel about fun...👯🏼‍♀️

Welp, as mentioned there are also a bunch of improvements to the internals of Truffle. An unnecessary dependency got removed here and some updates were made to the test suite. Some dead code was removed and a README had some improvements made to it. README improvements are fun, right?

So we hope you add some soy sauce, get a forkful, and slurp it down with some noodles. 🍜 Happy Truffling!

How to upgrade

We recommend upgrading to the latest version of Truffle by running:

npm uninstall -g truffle
npm install -g truffle

Changelog

Enhancement

• add some more sourcify networks (#5689 by @​haltman-at)

Bug fix

• fix Truffle Config's logger (#5685 by @​cds-amal)

Internal improvements

• remove spinners package from compile-solidity and log in events (#5672 by @​eggplantzzz)
• add .prettierignore (#5678 by @​sukanyaparashar)
• improve the readme for fetch-and-compile (#5660 by @​eggplantzzz)
• remove ethpm-v1 concerns (#5665 by @​cds-amal)
• return cleanup callback from sandbox test utility and update tests (#5641 by @​eggplantzzz)
• add two more reminders to PR template (#5666 by @​haltman-at)

Dependency updates

• bump babel-loader to 9.1.0 (#5683 by @​haltman-at)
• bump loader-utils to 1.4.1 (#5682 by @​dependabot[bot])
• bump apollo-server to ^3.11.0 (#5669 by @​haltman-at)

... (truncated)

Commits

• 275115e Publish
• 7066f6f Merge pull request #5665 from trufflesuite/drop/ethpm-v1
• e36fbbe Merge pull request #5641 from trufflesuite/update-sandbox
• 495e923 Publish
• 0a16e15 remove db from dev deps in truffle
• 3a31e15 Remove ethpm-v1 concerns
• 4ab767e update call to sandbox method after rebasing
• c21a610 remove console.log
• 48eaffe correct error in test setup
• bf7d29a correct error in test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.