Fix security vulnerabilities in dependency overrides and resolve merge conflicts

[ConnorQi01]

Summary

Addresses two open Dependabot security alerts by updating dependency overrides and resolves the PR's merge conflicts with the latest master dependency changes.

Proposed Changes

• Bump js-yaml override from ^4.1.1 to ^4.2.0 (Dependabot alert Updating require usages in cordova-plugin-device-motion simulation. #113, medium severity — quadratic-complexity DoS)
• Add @babel/core override ^7.29.7 (Dependabot alert XHR proxying omits static properties #111, low severity — arbitrary file read via sourceMappingURL)
• Preserve the upstream serialize-javascript and tmp security overrides during conflict resolution
• Pin serialize-javascript to 7.0.5 to avoid unintended version drift while keeping the merged lockfile aligned with the upstream secure version

Test Plan

• node_modules/js-yaml resolves to 4.2.0 ✓
• node_modules/@babel/core resolves to 7.29.7 ✓
• node_modules/serialize-javascript resolves to 7.0.5 ✓
• npm test ✓
• npm run eslint ✓ (pre-existing warnings only)

[ConnorQi01]

@copilot resolve the merge conflicts in this pull request

[Copilot]

@copilot resolve the merge conflicts in this pull request

Resolved in 14ff7d3. The branch now merges cleanly with master, and I kept the merged dependency overrides aligned with the upstream security changes.