security: harden npm install against supply chain attacks

- Add npm cache clean --force before install to prevent stale/malicious cached tarballs
- Add --ignore-scripts to block malicious postinstall hooks (e.g. axios CVE)
- Remove --silent to make installed versions visible in logs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: Linearb CI

action.yml

@@ -117,10 +117,14 @@ runs:
       shell: bash
       run: mv gitstream code
 
+    - name: Clear npm cache
+      shell: bash
+      run: npm cache clean --force
+
     - name: Install Dependencies for plugins
       shell: bash
       continue-on-error: true
-      run: npm i --silent moment@2.30.1 lodash@4.18.1 axios@1.14.0 @octokit/rest@20.1.1
+      run: npm i --ignore-scripts moment@2.30.1 lodash@4.18.1 axios@1.14.0 @octokit/rest@20.1.1
 
     - name: Run RulesEngine
       shell: bash