build(deps): bump github.com/tdewolff/minify/v2 from 2.6.2 to 2.9.13

[dependabot]

Bumps github.com/tdewolff/minify/v2 from 2.6.2 to 2.9.13.

Release notes

Sourced from github.com/tdewolff/minify/v2's releases.

v2.9.13

• JS: fix bugs related to the 'use strict' directive prologues at the beginning of functions and modules, fixes #376
• JS: export statement's function name must remain for non-default declarations, fixes #375
• CSS: prevent quasi-infinite recursion in background's append, from OSSFuzz

v2.9.12

• JS: write final ) in ()=>({}), fixes #369
• JS: keep debugger statements, fixes #370
• JS: support ellipsis operator anywhere in arguments, fixes #373
• JS: limit recursion in string merges, from OSSFuzz

v2.9.11

• cmd: require --bundle for concatenation when the input is a directory, see #348
• CSS: improve performance on background positions (from OSS-Fuzz)
• HTML: don't trim whitespace on all attribute values (in value and placeholder it's significant), see #351
• HTML: keep value on translate=no, see #352
• HTML: support SSI tags, see #353
• HTML: add option KeepComments to keep all comments, see #366
• JS: fix endless loop in certain if-else combinations; minify more or/and/conditional expressions that start with a group (from OSS-Fuzz)
• JS: fix import/export with one item, fixes #354
• JS: escape </script> in strings, fixes #355
• JS: keep parens in arrow functions for BindingArray and BindingObject, fixes #358
• JS: enclose entire expression in parenthesis if it starts with an object literal, fixes #359
• JS: prevent slowdown for if-else with if in body (from OSS-Fuzz)
• JS: fix errors messages that contain % symbols
• JS: put limits to the number of levels in statements and in expressions (from OSS-Fuzz)
• JS: fix declarations with the same name as in the for initializer, see tdewolff/parse#69
• JS: fix var declarations not adding their usage in all the scopes between its block scope and the function scope
• SVG: keep width and height attributes on <svg>, fixes #367
• XML: keep ampersand and less-than escaped, see #362

v2.9.10

• JS: put variable declarations after "use strict", fixes #343
• JS: don't convert hexadecimal representations in strings from 0x80 upwards unless it's UTF-8, fixes #341
• JS: don't merge var declarations after for statement into for initializer, fixes #346
• JS: add parenthesis when necessary to if condition when converting to conditional expression, fixes #347

v2.9.9

• Improve error contexts when the file contains unicode characters
• HTML: revert change in v2.9.5 that removed spaces between attributes, fixes #342
• JS: fix bug that converted (function(){})() to !function(){}() which modifies the return value, fixes #340

v2.9.8

• Fix 1e-10 which was invalidly converted to .e-9 (this only applied to 1e-10, 1e-100, etc and not to other numbers such as 1e-11 or 1e-9), fixes #339
• JS: remove the use of the nullish operator ?? which is not supported by IE, Android+Firefox, and Android+Opera, fixes #338
• JS: fix bug in merging var declarations, where partial merges resulted in duplicate assignments

v2.9.7

• cmd: add JS options

... (truncated)

Commits

• 8659cb7 Update to tdewolff/parse@2.5.10
• eb145d6 JS: fix bugs related to the 'use strict' directive prologues at the beginning...
• b5f25ca JS: export statement's function name must remain for non-default declarations...
• 2873b21 CSS: prevent quasi-infinite recursion in background's append, from OSSFuzz
• 210427e Update dependencies
• 5715b04 JS: limit recursion in string merges, from OSSFuzz
• 29261c3 JS: support ellipsis operator anywhere in arguments, fixes #373
• 512135e JS: keep debugger statements, fixes #370
• dd03d38 Treat DebuggerStmt as EmptyStmt, fixes #370
• 0df2feb Write final ) in ()=>({}), fixes #369
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #16.