chore: fix ESLint suppressions and improve type safety

[dionmcm]

Summary

Removes the blanket no-unsafe-* ESLint rule suppressions for 8 source files and fixes the underlying type safety issues:

• semantic-tokens.ts: Replaced any-typed AST visitor with a proper VisitableNode union type and typed AttributeNameNode parameter, removing both no-explicit-any suppressions and the redundant NT constant (now uses the NodeType enum directly)
• server.ts: Typed getConfiguration() results as unknown before narrowing via as Record<string, unknown>
• formatter.ts: Added explicit string types to regex replace callback parameters
• parser/index.ts: Cast visitor.visit() return to ExpressionNode | null
• extension.ts: Removed redundant <string>/<number> type arguments from .get() calls, widened literal type for snomedVersion setting, added targeted no-unsafe-return suppression at LSP middleware boundary
• embedded-core.ts: Replaced ! non-null assertions with optional chaining (?.)
• eslint.config.mjs: Removed the entire suppression block for the 8 files (25 lines)

Net result: -15 lines, 2 remaining inline suppressions (both justified: LSP middleware any return, runtime null on typed AST nodes).

Closes #15

Test plan

• npm run compile passes
• npm run lint passes (0 errors, 0 warnings)
• npm run format:check passes
• npm test passes (1867 tests across all packages)
• Pre-commit hooks pass (lint + format + secret scan)

🤖 Generated with Claude Code

[Copilot]

Pull request overview

This PR removes broad ESLint suppressions around no-unsafe-* rules by tightening types and adding safer narrowing/casts at key boundaries (LSP config reads, AST traversal, and formatting callbacks), improving overall type safety without changing the underlying feature set.

Changes:

• Replace any-heavy AST visitor usage in semantic token collection with explicit AST node union types and NodeType enum usage.
• Treat workspace.getConfiguration() results as unknown in server/client layers, then narrow/cast at explicit boundaries.
• Remove the ESLint config override block that disabled unsafe rules for a list of files, keeping only targeted inline suppressions where appropriate.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
packages/ecl-lsp-server/src/server.ts	Narrows getConfiguration() results from unknown before use, reducing unsafe member access/assignment.
packages/ecl-core/src/semantic-tokens.ts	Replaces any visitor with a typed VisitableNode union and uses NodeType directly; tightens attribute-name node typing.
packages/ecl-core/src/parser/index.ts	Casts visitor.visit() to the expected ExpressionNode | null at the parse boundary.
packages/ecl-core/src/formatter/formatter.ts	Adds explicit string types to regex replace callback params to satisfy unsafe rule checks.
eslint.config.mjs	Removes the file-specific suppression block for unsafe TypeScript ESLint rules.
clients/vscode/src/extension.ts	Simplifies .get() calls via inference, adds a targeted no-unsafe-return suppression for LSP middleware boundary.
clients/vscode/src/embedded-core.ts	Replaces non-null assertions with optional chaining / nullish coalescing.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.