feat: add automated fuzzing with Jazzer.js

[biplavbarua]

Add automated fuzzing with Jazzer.js

Description

This PR adds automated fuzzing infrastructure using Jazzer.js, addressing Issue #1999.

Fuzzing helps uncover edge cases and security vulnerabilities (such as ReDoS or crashes) by continuously testing the Handlebars.compile function with random, coverage-guided inputs.

Changes

• Dev Dependency: Added @jazzer.js/core (v2.1.0).
• Fuzz Target: Created fuzz/fuzz_compile.js which targets the compile function.
• Script: Added npm run fuzz command.

Verification

Ran the fuzzer locally:

npm run fuzz -- -- -runs=5000

Result:

#5000   DONE   cov: 20 ft: 20 corp: 1/1b lim: 53 exec/s: 0 rss: 180Mb

The fuzzer runs successfully.

Fixes #1999

[jaylinski]

Thanks for the PR. There is already a very good PR from @manunio that adds jazzer: #2022

I didn't merge this back then because I wanted to make sure that the fuzzing integration actually finds injection bugs (like prototype pollution).

If you can configure the inputs and the fuzzer to find this previously fixed security issue (with the security patch removed), I'll merge it: #1736

[biplavbarua]

I've updated the fuzzer configuration to detect the prototype pollution issue (finding 'function' signatures or 'Object' type leaks in output). I also added a regression seed 'fuzz/corpus/prototype_pollution_seed' which demonstrates the detection (it triggers a finding if the fix is removed, and passes with the fix present). Please verify.

[jaylinski]

I just committed a few security fixes: 68d8df5

Would be interesting to see if the fuzzer could have found any of those with a little bit of help.