chore(npm): add allowScripts for npm v12 migration

[joshblack]

With our move to Node.js v26, npm is updated to 11.16.0. This introduces a new behavior, allowScripts, that will default to off in v12 of npm. As a result, this PR opts us into package scripts that we would like to run to support the project.

[changeset-bot]

⚠️ No Changeset found

Latest commit: a6b4892

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[Copilot]

Pull request overview

Adds an npm allowScripts allowlist to prepare the repo for npm v12’s install-script restrictions, ensuring required dependency install scripts remain permitted under stricter defaults.

Changes:

• Added a top-level allowScripts allowlist in package.json for selected dependencies with install scripts.
• Updated package-lock.json entries (e.g., core-js, esbuild) to include resolved and integrity metadata.

Show a summary per file

File	Description
package.json	Adds allowScripts allowlist alongside the existing packageManager pin.
package-lock.json	Adds resolved/integrity fields for specific packages with install scripts.

Review details

• Files reviewed: 1/2 changed files
• Comments generated: 1
• Review effort level: Low