Add security scan

[selugr]

This pull request relates to https://github.com/weekendesk/tech-management/issues/1603.

Scope
Lately there has been many supply-chain attacks to NPM libraries:
https://www.reddit.com/r/programming/comments/1nbqt4d/largest_npm_compromise_in_history_supply_chain/
https://x.com/feross/status/1967732902256579014
https://x.com/feross/status/1967942264182935811

Solution
CI/CD
Add the --ignore-scripts command during the dependency installation process
Enforce the use of modern engines setting up minor versions for npm and node through package.json

LOCAL
Add an .npmrc file per project with the following configuration:

ignore-scripts=true: Prevents npm from executing lifecycle scripts (preinstall, postinstall, etc.), protecting against supply chain attacks that inject malicious code during package installation.
package-lock=true: Forces npm to generate and use package-lock.json, ensuring reproducible builds and enabling precise auditing of dependency versions.
save-exact=false: Saves dependencies with semver ranges instead of exact versions, allowing automatic patch updates while maintaining compatibility.

Since this security breach has been causing vulnerabilities since September and still persists, a script can be added to download the list of exposed packages and verify that none of the affected versions are part of the installed dependencies, alerting and stopping the current build.