chore: update deps (with sensible dependabot)

[justlevine]

What

This PR updates the Composer / NPM deps to their latest compatible versions, along with a sensible config for dependabot.yml

It also backports the latest encryptor class.

Why

Related Issue(s):

How

Testing Instructions

Screenshots

Additional Info

Checklist

• I have read the Contribution Guidelines.
• I have read the Development Guidelines.
• My code is tested to the best of my abilities.
• My code passes all lints (ESLint etc.).
• My code has detailed inline documentation.
• I have updated the project documentation as needed.

[justlevine]

(The failing tests are preexisting)

[Copilot]

Pull request overview

Updates project dependencies and automation for keeping them current, and replaces the existing encryption utility with a newer implementation.

Changes:

• Bumps NPM dependencies (WordPress packages, tooling) to newer compatible versions.
• Updates Composer dev tooling dependencies and refreshes composer.lock.
• Reworks .github/dependabot.yml to reduce update noise via scheduling and grouping, and updates inc/Encryptor.php.

Reviewed changes

Copilot reviewed 4 out of 6 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
package.json	Updates JS runtime/tooling dependencies (WordPress packages, lint/build deps).
composer.json	Updates PHP dev dependencies (PHPCompatibility, plugin-check version constraint).
composer.lock	Refreshes locked PHP toolchain versions to match updated constraints.
inc/Encryptor.php	Replaces encryption/decryption implementation and key/salt sourcing strategy.
.github/dependabot.yml	Reconfigures Dependabot schedules and grouping to reduce PR noise.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.