Remove low-value JavaScript semgrep rules
Remove
- javascript/csrf/rule-no_csrf_before_method_override.yml connect isn't even a thing any more, this is extremely old http://blog.nibblesec.org/2014/05/nodejs-connect-csrf-bypass-abusing.html and there's no way to test it
- javascript/generic/rule-generic_error_disclosure.yml it is perfectly fine to log errors from the console. The real risk would be if it logs the stack trace to an http response
- javascript/react/rule-missing_noopener.yml - browsers no longer allow this by default