Fix audit errors + split out audit to a separate workflow

[zastrowm]

Description

Ran npm audit fix to update dependencies and then split out auditing to a separate workflow

NPM audit is blocking PRs & test statuses because it's done as part of running the tests. Instead do it as a separate workflow, which also cuts down on redundant checks since it's only done once instead of per OS/node-version (which don't matter because npm run audit is OS-independent

Also needed to add an as cast to fix an MCP issue - this is now issue #398

Type of Change

Bug fix

Testing

How have you tested the change?

• I ran npm run check

Checklist

• I have read the CONTRIBUTING document
• I have added any necessary tests that prove my fix is effective or my feature works
• I have updated the documentation accordingly
• I have added an appropriate example to the documentation to outline the feature, or no new docs are needed
• My changes generate no new warnings
• Any dependent changes have been merged and published

---

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[Unshure]

Thanks for fixing this! Something I have been thinking about - Should we block prs if the audit check fails? I guess we should because if the pr brings in new dependencies, we should check if they pass our audit check.

[zastrowm]

Should we block prs if the audit check fails? I guess we should because if the pr brings in new dependencies, we should check if they pass our audit check.

I'd rather keep it optional as I don't want all PRs to start failing because main has a dependency failing npm audit and I'd rather avoid the "override"s becoming a normal response to that

For new dependencies, I think we can use the npm run audit as a signal IMHO