🔥(y-provider) remove npm in docker image

We use yarn and not npm, we remove npm because it has a dependencie with
cross-spawn which has a CVE.

Author: lunika

src/frontend/servers/y-provider/Dockerfile

@@ -31,6 +31,9 @@ COPY --from=y-provider-builder \
 
 RUN NODE_ENV=production yarn install --frozen-lockfile
 
+# Remove npm, contains CVE related to cross-spawn and we don't use it.
+RUN rm -rf /usr/local/bin/npm /usr/local/lib/node_modules/npm
+
 # Un-privileged user running the application
 ARG DOCKER_USER
 USER ${DOCKER_USER}