ci: install netlify-cli via npx, pinned to a major

[GirlBossRush]

Summary

Replaces npm install -g netlify-cli with npx --yes --package=netlify-cli@26 in .github/workflows/ci-docs-source.yml.

Two reasons:

1. -g installs bypass the project .npmrc. npm walks up from the install cwd, not from the global prefix, so ignore-scripts=true and save-exact=true (root .npmrc:1) don't apply to a -g install — lifecycle scripts run and the version is unpinned. npx invoked inside the repo honors the project .npmrc.
2. No version pin → resolves latest every run. That's exactly the resolution behavior the recent npm "Mini Shai-Hulud" incident weaponized. Pinning @26 bounds the major; Dependabot can manage upgrades through the same cooldown window as the rest of the npm deps.

Test plan

• The CI - Source code docs workflow runs successfully on main after merge and publishes to Netlify as before.
• npx --yes --package=netlify-cli@26 -- netlify deploy --dir=source_docs --prod produces a working deploy.

(Workflow triggers only on push: main, so the smoke test is post-merge — happy to gate on a dry run first if preferred.)

[BeryJu]

we could just add it as a dep or dev dep to the root package.json

[netlify]

✅ Deploy Preview for authentik-docs ready!

Name	Link
🔨 Latest commit	72eb609
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-docs/deploys/6a0c49fc4a1e7c0008cb219e
😎 Deploy Preview	https://deploy-preview-22460--authentik-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.22%. Comparing base (bc3c12a) to head (72eb609).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #22460      +/-   ##
==========================================
- Coverage   93.27%   93.22%   -0.05%     
==========================================
  Files        1032     1032              
  Lines       60059    60059              
  Branches      400      400              
==========================================
- Hits        56018    55992      -26     
- Misses       4041     4067      +26     

Flag	Coverage Δ
conformance	36.57% <ø> (ø)
e2e	41.85% <ø> (+<0.01%)	⬆️
integration	32.55% <ø> (-0.50%)	⬇️
rust	0.00% <ø> (ø)
unit	88.34% <ø> (-3.87%)	⬇️
unit-migrate	92.25% <ø> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.