From fa21bafff405c9a54740e31a521f6cac798b0252 Mon Sep 17 00:00:00 2001
From: "securityeng-bot[bot]"
 <219863240+securityeng-bot[bot]@users.noreply.github.com>
Date: Mon, 15 Jun 2026 14:25:03 +0000
Subject: [PATCH 1/2] fix: use lockfile-aware install commands

---
 .github/workflows/ci.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8a98bc2..76313b0 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -35,7 +35,7 @@ jobs:
 
             - name: Install
               run: |
-                  npm install
+                  npm ci
 
             - name: Format Check
               run: |
@@ -71,7 +71,7 @@ jobs:
 
             - name: Install
               run: |
-                  npm install
+                  npm ci
 
             - name: Build
               run: |
@@ -118,7 +118,7 @@ jobs:
             - name: Integration tests ESM
               working-directory: ./test-integration/esm-project
               run: |
-                  npm install --install-links
+                  npm ci --install-links
                   npm run test
               env:
                   DOCKER_HOST: ${{ steps.engine.outputs.sock }}
@@ -126,7 +126,7 @@ jobs:
             - name: Integration tests CJS
               working-directory: ./test-integration/cjs-project
               run: |
-                  npm install --install-links
+                  npm ci --install-links
                   npm run test
               env:
                   DOCKER_HOST: ${{ steps.engine.outputs.sock }}

From 8f13af9107d08e2428227e39c41663f4593e5b07 Mon Sep 17 00:00:00 2001
From: "securityeng-bot[bot]"
 <219863240+securityeng-bot[bot]@users.noreply.github.com>
Date: Mon, 15 Jun 2026 14:25:04 +0000
Subject: [PATCH 2/2] fix: use lockfile-aware install commands

---
 Dockerfile | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9e04666..d4c6fb7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,7 +12,7 @@ FROM base AS install-base
 WORKDIR /project
 COPY . .
 RUN --mount=type=cache,target=/root/.npm \
-    npm install
+    npm ci
 
 FROM install-base AS build
 RUN npm run build
@@ -33,12 +33,12 @@ COPY --link --from=build /project/test-integration/esm-project  esm-project
 RUN --mount=type=cache,target=/root/.npm \
     cd cjs-project && \
     npm install ../node-sdk && \
-    npm install && \
+    npm ci && \
     npm test
 RUN --mount=type=cache,target=/root/.npm \
     cd esm-project && \
     npm install ../node-sdk && \
-    npm install && \
+    npm ci && \
     npm test
 
 FROM scratch AS dist