Update minimatch to ^10.2.1 to fix ReDoS vulnerability

[Kashkovsky]

Summary

• Update minimatch from ^3.0.4 to ^10.2.1 to address a Regular Expression
  Denial of Service (ReDoS) vulnerability: CVE-2026-26996
• Update the import in src/licenseUtils.js to use the named export ({ minimatch }) since v10 no longer provides a default export.

[Kashkovsky]

@Kashkovsky please read the following Contributor License Agreement(CLA). If you agree with the CLA, please reply with the following information.

@microsoft-github-policy-service agree [company="{your company}"]

Options:

• (default - no company specified) I have sole ownership of intellectual property rights to my Submissions and I am not making Submissions in the course of work for my employer.

@microsoft-github-policy-service agree

• (when company given) I am making Submissions in the course of work for my employer (or my employer has intellectual property rights in my Submissions by contract or applicable law). I have permission from my employer to make Submissions and enter into this Agreement on behalf of my employer. By signing below, the defined term “You” includes me and my employer.

@microsoft-github-policy-service agree company="Microsoft"

Contributor License Agreement

@microsoft-github-policy-service agree