fix(SaveInterface): add hasOwnProperty checks to prevent object injection

[WillyEverGreen]

PR Description

Overview

This PR addresses security warnings (security/detect-object-injection) identified by ESLint in js/SaveInterface.js. It adds proper property existence checks to prevent potential object injection vulnerabilities.

Related

• Builds upon refactor(SaveInterface): extract duplicated strings to constants #5190 (duplicate string refactoring)
• Part of ongoing code quality improvements to js/SaveInterface.js

Changes Made

Added Object.prototype.hasOwnProperty.call() checks before accessing object/array properties with variable keys:

• MIDI Mapping Lookups: Validates drumMIDI[drum] and instrumentMIDI[instrument] with fallbacks to default values.
• Array Access in saveAbc(): Added property existence validation for notationStaging[t] and notationDrumStaging[t].
• Array Access in saveLilypond(): Implemented consistent validation patterns for Lilypond export staging.

Benefits

• Security: Prevents potential object injection attacks where malicious input could access unexpected object properties.
• Code Quality: Eliminates all 26 ESLint security/detect-object-injection warnings for this file.
• Robustness: Adds defensive checks that gracefully handle edge cases and missing keys.

Verification

• Ran npx eslint js/SaveInterface.js and confirmed 0 errors and 0 warnings (previously had 26 warnings).
• Ran npx prettier --check to ensure all files pass formatting checks.
• Manual testing: Confirmed MIDI generation and notation export still work correctly.

[github-actions]

❌ Some Jest tests failed. Please check the logs and fix the issues before merging.

Failed Tests:

themebox.test.js

[vanshika2720]

@WillyEverGreen Jest cases are failing.Please resolve