fix(vscode): switch diff override to mocha-nested form for npm 10 compat

The version-scoped `diff@>=6.0.0 <8.0.3 -> ^8.0.3` override caused
`npm ci` to fail under npm 10.8.2 (used by CI) with:

  npm error EUSAGE
  npm error `npm ci` can only install packages when your package.json
  npm error and package-lock.json or npm-shrinkwrap.json are in sync.
  npm error Missing: diff@7.0.0 from lock file

This is an npm 10 limitation: its `npm ci` lockfile validator does not
fully consult version-scoped overrides when determining whether the
lockfile satisfies a consumer's declared range (mocha 11.7.5 declares
`diff: ^7.0.0` but the override redirects to 8.0.4).

Switching to a nested override under mocha — matching upstream PR
microsoft/PSDocs-vscode#539 — is npm-10-compatible AND even more
narrowly scoped than the version-range form (only mocha's diff
consumer is affected). The v5 diff CVE range is no longer in the
tree (mocha now uses ^7.0.0, not ^5.0.0), so a separate v5 patch is
unnecessary.

Also regenerated the lockfile with npm 10.8.2 to ensure parity with
the CI runtime.

Validation:
- npm install (npm 10.8.2) -> 0 vulnerabilities
- npm ci (npm 10.8.2) -> succeeds, 0 vulnerabilities
- npm run compile, lint, pack all clean
- diff still resolves to 8.0.4 (patched)
- All 14 originally-flagged alerts remain resolved

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: vicperdana

packages/vscode-extension/package.json

@@ -97,14 +97,15 @@
     "markdown-it@<14.1.1": "^14.1.1",
     "qs@<6.14.2": "^6.14.2",
     "underscore@<1.13.8": "^1.13.8",
-    "diff@>=5.0.0 <5.2.2": "^5.2.2",
-    "diff@>=6.0.0 <8.0.3": "^8.0.3",
     "ajv@<6.14.0": "^6.14.0",
     "picomatch@<2.3.2": "^2.3.2",
     "brace-expansion@<1.1.14": "^1.1.14",
     "brace-expansion@>=2.0.0 <2.0.3": "^2.0.3",
     "minimatch@<3.1.5": "^3.1.5",
     "minimatch@>=5.0.0 <5.1.8": "^5.1.8",
-    "minimatch@>=9.0.0 <9.0.7": "^9.0.7"
+    "minimatch@>=9.0.0 <9.0.7": "^9.0.7",
+    "mocha": {
+      "diff": "^8.0.3"
+    }
   }
 }