feat(javascript): add configurable size guardrails

[ayush00git]

Why?

Untrusted binary/map/list lengths can trigger extremely large, uncontrolled memory allocations during deserialization. Relying on process-level memory limits is late-failing and risks heap exhaustion or OOM crashes from malicious payloads.

What does this PR do?

Adds configurable size guardrails to the Fory JavaScript library, checked immediately after the wire length is read to reject malformed payloads before any heavy allocation happens.

1. type.ts

Added optional maxBinarySize and maxCollectionSize fields to the Config interface

2. fory.ts

Added default limits (1,000,000 for collection, 64 MiB for binary) and added checkCollectionSize and checkBinarySize validation methods.

3. typedArray.ts

Injected guard checks into the codegen and runtime read paths before arrays, maps, and buffers are allocated.

4. sizeLimit.test.ts

Added a new test file validating limit boundaries, default thresholds, fallback typing, and polymorphism across all collection and binary read paths.

Related issues

Closes #3414

AI Contribution Checklist

• [No] Substantial AI assistance was used in this PR: yes / no
• [No] If yes, I included a completed AI Contribution Checklist in this PR description and the required AI Usage Disclosure.

Does this PR introduce any user-facing change?

• Does this PR introduce any public API change? (Yes, adds optional maxBinarySize and maxCollectionSize fields to the configuration.)
• Does this PR introduce any binary protocol compatibility change?

Benchmark

N/A

[ayush00git]

Hii @chaokunyang @theweipeng
a duplicate PR for this issue exists #3426 but had merge conflicts and wasn't actively worked on, so I raised one.
Have a review and let me know the changes.