fix(spy): support private method spy types (fix #10172)

[cyphercodes]

Description

Allows vi.spyOn to infer mock types for known TypeScript private/protected method names, matching the runtime behavior and TypeScript's bracket-access escape hatch while still rejecting unknown method names.

Fixes #10172

Please don't delete this checklist! Before submitting the PR, please make sure you do the following:

• It's really useful if your PR references an issue where it is discussed ahead of time. If the feature is substantial or introduces breaking changes without a discussion, PR might be closed.
• Ideally, include a test that fails without this PR but passes with it.
• Please, don't make changes to pnpm-lock.yaml unless you introduce a new test example.
• Please check Allow edits by maintainers to make review process faster. Note that this option is not available for repositories that are owned by Github organizations.

Tests

• Run the tests with pnpm test:ci.
• pnpm --filter @vitest/spy run build
• CI=true pnpm -C test/typescript run types --typecheck.ignoreSourceErrors test-d/test.test-d.ts
• NODE_OPTIONS=--max-old-space-size=8192 pnpm typecheck
• CI=true pnpm -C test/unit run test test/mocking/vi-spyOn.test.ts

Documentation

• Not needed; this is a type overload fix covered by regression type tests.

Changesets

• Changes in changelog are generated from PR name. Please, make sure that it explains your changes in an understandable manner. Please, prefix changeset messages with feat:, fix:, perf:, docs:, or chore:.

AI-assisted using Hermes Agent/Codex.

[netlify]

✅ Deploy Preview for vitest-dev ready!

Built without sensitive environment variables

Name	Link
🔨 Latest commit	98e4f75
🔍 Latest deploy log	https://app.netlify.com/projects/vitest-dev/deploys/69ef940cf01f330008dd4afa
😎 Deploy Preview	https://deploy-preview-10213--vitest-dev.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[github-actions]

Hello @cyphercodes. Your PR has been labeled maybe automated because it appears to have been fully generated by AI with no human involvement. It will be closed automatically in 3 days unless a real person responds.

If you're a real person behind this contribution, please:

• Confirm you've personally reviewed and stand behind its content
• Make sure it follows our contribution guidelines and uses the correct GitHub template
• Disclose any AI tools you used (e.g. Claude, Copilot, Codex)

If you believe this was flagged by mistake, leave a comment.

These measures help us reduce maintenance burden and keep the team's work efficient. See our AI contributions policy for more context.

[sheremet-va]

Thanks for your tokens