Add GitHub Actions workflow to auto-fix Dependabot lockfile

[amine7536]

Summary

This PR adds a new GitHub Actions workflow that automatically regenerates and commits the package-lock.json file when Dependabot creates pull requests. This ensures the lockfile stays in sync with package.json changes.

Key Changes

• Added .github/workflows/dependabot-fix-lockfile.yml workflow that:
  • Triggers on pull requests to main and next branches
  • Only runs when the PR author is dependabot[bot]
  • Checks out the PR branch with write permissions
  • Sets up Node.js 22
  • Regenerates the lockfile using npm install --package-lock-only --ignore-scripts
  • Commits and pushes the updated lockfile if changes are detected
  • Uses hardened runner for security auditing

Implementation Details

• The workflow uses a conditional check to only run on Dependabot PRs, preventing unnecessary executions
• It includes a safety check to only commit if the lockfile actually changed
• Uses GitHub Actions bot credentials for commits to maintain proper attribution
• Includes security hardening via step-security/harden-runner with audit-level egress policy

https://claude.ai/code/session_01W2qSm36L1wLHWQZyqn8ywy