fix: harden npm shell commands

[damacus]

Summary

• Build npm install and uninstall commands with Shellwords
• Escape npm list package arguments in helper checks
• Update unit expectations for normalized command strings

Verification

• cookstyle libraries/nodejs_helper.rb resources/npm_package.rb spec/unit/resources/npm_package_spec.rb
• /opt/chef-workstation/embedded/bin/rspec spec/unit/resources/npm_package_spec.rb spec/unit/library/helper_spec.rb --format progress

[github-actions]

Slowest examples

Top 10 slowest examples (2.01 seconds, 47.02% of total time)

Example	Description	Time in seconds
spec/unit/library/helper_spec.rb:18	helper methods npm_dist should return a url based on the version	0.85546
spec/unit/resources/npm_package_spec.rb:14	npm_package install a global package is expected to run execute "install NPM package express"	0.26258
spec/unit/resources/nodejs_install_spec.rb:89	nodejs_install source install is expected to create link "/usr/local/bin/python"	0.22651
spec/unit/resources/nodejs_install_spec.rb:15	nodejs_install package install on ubuntu is expected to create nodejs_repository "nodesource"	0.10664
spec/unit/resources/nodejs_install_spec.rb:113	nodejs_install source install on rocky linux is expected to run execute "install python3 build package"	0.09865
spec/unit/resources/nodejs_npm_install_spec.rb:14	nodejs_npm_install embedded npm is expected to install nodejs_install "nodejs for npm"	0.09328
spec/unit/resources/nodejs_repository_spec.rb:16	nodejs_repository on ubuntu is expected to create directory "/etc/apt/keyrings"	0.09318
spec/unit/resources/nodejs_install_spec.rb:16	nodejs_install package install on ubuntu is expected to install package "nodejs"	0.09287
spec/unit/resources/nodejs_npm_install_spec.rb:29	nodejs_npm_install source npm is expected to install_with_make ark "npm"	0.09116
spec/unit/resources/nodejs_repository_spec.rb:18	nodejs_repository on ubuntu is expected to add apt_preference "nodesource"	0.09075