[universal] - Update toolings and vulnerability fix

[Kaniska244]

Changelog: The following files are changed.

• Updated the versions of python and ruby
• Fix for vulnerability issue GHSA-r6ph-v2qm-q3c2 for universal image.
• Tests modified.
• Version bump.
• JSON linter started failing with ESLint error due to update in super-linter@v8 action to ESLint 9.39.2+ where jsonc-eslint-parser dropped its default export, breaking the old import jsoncParser from jsonc-eslint-parser. Using FlatCompat as a workaround then caused a circular structure error. The native flat config avoids both issues. Removed @eslint/eslintrc (FlatCompat) and jsonc-eslint-parser imports as both are no longer needed. Added direct import of eslint-plugin-jsonc, which natively supports ESLint flat config.

Checklist:

• All checks are passed.

[Copilot]

Pull request overview

Updates the Universal dev container image/tooling to newer Python/Ruby versions, applies a security patch for GHSA-r6ph-v2qm-q3c2 (Conda/OpenSSL-related), and aligns tests + documentation with the new image version.

Changes:

• Bump Universal image version to 6.0.1 and update README tag example.
• Update Universal devcontainer feature pins for Python and Ruby.
• Update Conda patching and test expectations for cryptography/pyopenssl versions.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
src/universal/test-project/test.sh	Removes Python 3.11-specific checks; updates Conda package version expectations.
src/universal/manifest.json	Bumps Universal image version from 6.0.0 to 6.0.1.
src/universal/README.md	Updates documented example tag to 6.0.1-noble.
src/universal/.devcontainer/local-features/patch-python/install.sh	Removes Python 3.11-specific patching logic (script now effectively no-ops).
src/universal/.devcontainer/local-features/patch-conda/install.sh	Updates vulnerability reference and bumps cryptography/pyopenssl versions (mixes conda + pip).
src/universal/.devcontainer/devcontainer.json	Updates Python and Ruby feature version pins.

Comments suppressed due to low confidence (1)

src/universal/.devcontainer/local-features/patch-python/install.sh:41

• patch-python/install.sh now only defines update_package and then exits without applying any updates. If this feature is no longer needed (now that Python 3.11 is removed), consider removing the patch-python feature entirely from the universal build/test configuration; otherwise add the intended package update calls so the feature actually patches something.

update_package() {
    PYTHON_PATH=$1
    PACKAGE=$2
    VERSION=$3

    sudo_if "$PYTHON_PATH -m pip uninstall --yes $PACKAGE"
    sudo_if "$PYTHON_PATH -m pip install --upgrade --no-cache-dir $PACKAGE==$VERSION"
    sudo_if "$PYTHON_PATH -m pip show --no-python-version-warning $PACKAGE"
}