Fix all npm audit vulnerabilities by upgrading dependencies (#80)

@typescript-eslint/* ^6 → ^8
- Fixes minimatch ReDoS vulnerabilities

copy-webpack-plugin ^12 → ^14
- Fixes serialize-javascript RCE vulnerability

eslint-config-erb removed
- Source of the peer dep conflicts; replaced by direct configs

eslint-config-airbnb-base removed
- Redundant — eslint-config-airbnb already depends on it

eslint-config-airbnb added
- Previously pulled in by erb

eslint-config-prettier added
- Previously pulled in by erb

eslint-plugin-prettier added
- Previously pulled in by erb

@stylistic/eslint-plugin-ts ^2.13.0 added
- Provides lines-between-class-members rule with exceptAfterOverload
  support, which was removed from @typescript-eslint v8

ESLint behavioral parity:
- All rules erb explicitly set are preserved.
- lines-between-class-members now uses
  @stylistic/ts/lines-between-class-members to preserve the original
  exceptAfterOverload: true option.

tsconfig.lint.json change: allowJs: true only affects the lint-specific
tsconfig (not builds), and is the official replacement for the removed
createDefaultProgram.

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: lyonsil

.eslintrc.cjs

@@ -2,16 +2,22 @@
 
 module.exports = {
   extends: [
-    // https://github.com/electron-react-boilerplate/eslint-config-erb/blob/main/index.js
-    // airbnb rules are embedded in erb https://github.com/airbnb/javascript/tree/master/packages/eslint-config-airbnb
-    'erb',
+    // https://github.com/airbnb/javascript/tree/master/packages/eslint-config-airbnb
+    'airbnb',
+    'airbnb/hooks',
+    'plugin:promise/recommended',
+    'plugin:compat/recommended',
     // https://github.com/import-js/eslint-plugin-import?tab=readme-ov-file#typescript
     'plugin:import/recommended',
     'plugin:import/typescript',
     // Make sure this is last so it gets the chance to override other configs.
     // See https://github.com/prettier/eslint-config-prettier and https://github.com/prettier/eslint-plugin-prettier
     'plugin:prettier/recommended',
   ],
+  env: {
+    browser: true,
+    node: true,
+  },
 
   rules: {
     // Some rules in this following shared region are not applied since they are overridden in subsequent regions
@@ -21,6 +27,7 @@ module.exports = {
 
     // Use `noImplicitReturns` instead. See https://typescript-eslint.io/rules/consistent-return/.
     'consistent-return': 'off',
+    'no-param-reassign': ['error', { props: false }],
     'import/default': 'off',
     'import/extensions': 'off',
     // A temporary hack related to IDE not resolving correct package.json
@@ -45,7 +52,7 @@ module.exports = {
     ],
     '@typescript-eslint/explicit-member-accessibility': ['error', { accessibility: 'no-public' }],
     'lines-between-class-members': 'off',
-    '@typescript-eslint/lines-between-class-members': [
+    '@stylistic/ts/lines-between-class-members': [
       'error',
       'always',
       { exceptAfterSingleLine: true, exceptAfterOverload: true },
@@ -156,14 +163,14 @@ module.exports = {
       },
     },
   ],
+  parser: '@typescript-eslint/parser',
   parserOptions: {
     ecmaVersion: 2022,
     sourceType: 'module',
     project: './tsconfig.lint.json',
     tsconfigRootDir: __dirname,
-    createDefaultProgram: true,
   },
-  plugins: ['@typescript-eslint', 'no-type-assertion', 'no-null'],
+  plugins: ['@typescript-eslint', '@stylistic/ts', 'no-type-assertion', 'no-null'],
   settings: {
     'import/resolver': {
       typescript: {

lib/git.util.ts

@@ -91,7 +91,10 @@ export async function execCommand(
     });
     if (!quiet && result.stdout) console.log(result.stdout);
     if (!quiet && result.stderr) console.log(result.stderr);
-    return result;
+    return {
+      stdout: result.stdout.toString(),
+      stderr: result.stderr.toString(),
+    };
   } catch (error: unknown) {
     if (error instanceof Error) {
       // Use the more specific type for `exec`.
@@ -265,7 +268,7 @@ export async function formatExtensionFolder(extensionFolderPath: string) {
       await fs.rename(oldTypesFilePath, newTypesFilePath);
       console.log(`Renamed types file to ${extensionName}.d.ts`);
     }
-  } catch (error) {
+  } catch {
     // Old file doesn't exist, so no need to rename
     console.log(`Types file paranext-extension-template.d.ts not found, skipping rename operation`);
   }

lib/update-from-templates.ts

@@ -62,6 +62,7 @@ import { ExtensionInfo, getExtensions } from '../webpack/webpack.util';
       extensionsBasedOnTemplate.push(ext);
     } catch (e) {
       if (
+        e instanceof Error &&
         e
           .toString()
           .toLowerCase()