Upgrade website dependency graph to remove vulnerable transitive packages

[Copilot]

The website lockfile was carrying a cluster of vulnerable transitive packages through Docusaurus, webpack-dev-server, and release tooling. This update refreshes the dependency graph so the affected packages resolve to patched versions without changing the site’s intended behavior.

• Dependency graph refresh

  • Bumps the Docusaurus packages to 3.10.1
  • Bumps semantic-release to 25.0.3
  • Refreshes ESLint / TypeScript-ESLint packages to newer compatible versions
  • Regenerates yarn.lock so vulnerable Express / webpack-dev-server / npm-related transitive dependencies resolve to patched releases

• Targeted lockfile overrides

  • Adds Yarn resolutions for packages that remained vulnerable in the transitive graph:
    • serialize-javascript
    • uuid
  • This narrows the remaining exposure without adding unrelated dependency churn

• Docusaurus compatibility adjustment

  • Replaces imports of the old theme copy button entrypoint with a local copy button component used by the tutorial code blocks/editors
  • Keeps the custom tutorial UI working after the Docusaurus upgrade, where the upstream theme path changed

Example of the compatibility change:

-import CopyButton from "@theme/CodeBlock/CopyButton";
+import CopyButton from "./CopyButton";

[NikolajBjorner]

@pelikhan - pretty please... seems legit?