DOC-3386: Consolidate dependency security fixes

- Upgrade http-server from ^0.12.3 to ^14.1.1 (v14 drops ecstatic)
- Remove ecstatic devDependency (no longer needed)
- Add liquidjs resolution (>=10.25.7) — the only transitive
  vulnerability not fixable via direct dependency upgrade
  (@tinymce/antora-extension-livedemos pins ^9.37.0)

Supersedes #4028, #4093, #4094, #4102, #4120, #4121, #4122.
yarn audit: 0 vulnerabilities.

Author: kemister85

package.json

@@ -30,16 +30,18 @@
     "delay": "2500ms",
     "ext": "*"
   },
+  "resolutions": {
+    "liquidjs": ">=10.25.7"
+  },
   "devDependencies": {
     "@antora/cli": "^3.1.10",
     "@antora/site-generator-default": "^3.1.10",
     "@tinymce/antora-extension-livedemos": "^0.1.0",
     "@tinymce/moxiedoc": "^0.3.0",
     "dom-to-semantic-markdown": "^1.5.0",
     "dotenv": "^16.5.0",
-    "ecstatic": "^4.1.4",
     "gpt-tokenizer": "^3.4.0",
-    "http-server": "^0.12.3",
+    "http-server": "^14.1.1",
     "jsdom": "^24.1.0",
     "nodemon": "^3.1.10",
     "npm-run-all": "^4.1.5"