Hide vaadin push version

[p-engl]

Describe your motivation

Our customers regularly perform penetration tests on our web application. Right now, a malicious actor can find the Vaadin version that we use by inspecting the following element: <script src="./VAADIN/static/push/vaadinPush-min.js?v=23.1.3"></script> I am aware that you can determine the version in use through other means, however that would require more effort. Such a version information in plain sight will probably lead to findings in future penetration tests.

Describe the solution you'd like

We would prefer a solution that could remove this information via some configuration option or a way to supply a custom value for the query parameter (in case that the query parameter is only used for browser caching).

Additional context

We already asked about this topic in the expert chat. The expert recommended to open an issue about this so that the information could be removed or moved into some other place than a clear query string.