Disable noisy security lints in client code

[edg2s]

Most of our unresolved warnings and inline disables come from security warnings around regular expressions. AFAICT this represent a possible sources of very slow code, but not big security concerns as they may do in server side code.

[edg2s]

These rules produced dozens of warnings in VE, for example.

cc @sbassett29 @MatmaRex

[sbassett29]

Fine with me to disable if they're proving to be more of a hindrance than helpful. Most true ReDoSes are going to be fairly difficult to exploit within much of our JS code.