chore: prevent unintended changes to lock files

[d-gubert]

Proposed changes (including videos or screenshots)

We're changing CI scripts and Dockerfiles to break if there is a change to the monorepo's lock file. This prevents us from adding dependencies manually without committing yarn.lock itself.

Issue(s)

Steps to test or reproduce

Further comments

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f6393109-a96e-4826-a520-fccde9f6ec65

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[changeset-bot]

⚠️ No Changeset found

Latest commit: 93256df

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the 'stat: QA assured' label
• This PR is missing the required milestone or project

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[d-gubert]

The build is breaking on CI because it uses YARN_ENABLE_HARDENED_MODE on the action, but locally we don't, and neither do the Dockerfiles.

However, this mismatch seems to indicate we might not be shipping the intended versions of the packages? Needs further investigation

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.50%. Comparing base (44938fd) to head (93256df).

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #40037      +/-   ##
===========================================
- Coverage    70.55%   70.50%   -0.05%     
===========================================
  Files         3271     3271              
  Lines       116782   116782              
  Branches     21090    21104      +14     
===========================================
- Hits         82393    82338      -55     
- Misses       32338    32375      +37     
- Partials      2051     2069      +18     

Flag	Coverage Δ
e2e	60.42% <ø> (-0.10%)	⬇️
e2e-api	48.06% <ø> (-0.07%)	⬇️
unit	70.96% <ø> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.