Migrate eagle-api to Yarn 4.12.0 and update dependencies

- Migrate from npm to yarn@4.12.0 for consistency with eagle-public and eagle-admin
- Add .yarnrc.yml and .yarn/ directory with Yarn binary
- Generate yarn.lock (361KB, 9930 lines)
- Remove package-lock.json
- Update Dockerfile to use yarn with corepack
- Update GitHub workflows (deploy-to-dev, pr.yaml) to use yarn
- Remove deprecated run-test-suite.yml workflow
- Update vulnerable dependencies:
  - axios: 0.19.0 → 0.28.0 (fixes CVE-2021-3749, CVE-2025-27152, CVE-2026-25639)
  - body-parser: 1.18.3 → 1.20.3 (fixes CVE-2024-45590)
  - jsonwebtoken: 8.4.0 → 9.0.2 (fixes CVE-2022-23539)
- All three Eagle repos now use consistent yarn@4.12.0

Author: danieltruong

.github/workflows/deploy-to-dev.yaml

@@ -54,12 +54,15 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Enable Corepack
+        run: corepack enable
+
       - name: Setup node
         uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
-          cache: "npm"
-      - run: npm ci
+          cache: "yarn"
+      - run: yarn install --immutable
       - name: Lint (stubbed)
         run: |
           echo "Linting skipped - not configured for eagle-api"
@@ -76,13 +79,16 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
 
+      - name: Enable Corepack
+        run: corepack enable
+
       - name: Setup node
         uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
-          cache: "npm"
-      - run: npm ci
-      - run: npm test
+          cache: "yarn"
+      - run: yarn install --immutable
+      - run: yarn test
 
   build:
     name: Build

.github/workflows/pr.yaml

@@ -0,0 +1,94 @@
+name: PR Checks
+
+on: [pull_request]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  install:
+    name: Install
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [16.x]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Enable Corepack
+        run: corepack enable
+
+      - name: Setup node
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: "yarn"
+      - run: yarn install --immutable
+
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    needs: install
+    strategy:
+      matrix:
+        node-version: [16.x]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Enable Corepack
+        run: corepack enable
+
+      - name: Setup node
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: "yarn"
+      - run: yarn install --immutable
+      - run: echo "Linting step - configure linter when ready"
+
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    needs: install
+    strategy:
+      matrix:
+        node-version: [16.x]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Enable Corepack
+        run: corepack enable
+
+      - name: Setup node
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: "yarn"
+      - run: yarn install --immutable
+      - run: yarn test
+
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    needs: install
+    strategy:
+      matrix:
+        node-version: [16.x]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Enable Corepack
+        run: corepack enable
+
+      - name: Setup node
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: "yarn"
+      - run: yarn install --immutable
+      - run: echo "Build step - API doesn't require compilation, dependencies installed successfully"

.github/workflows/run-test-suite.yml

@@ -0,0 +1 @@
+nodeLinker: node-modules

.yarn/install-state.gz

@@ -14,11 +14,14 @@ FROM node:16-alpine AS base
 
 WORKDIR /app
 
+# Enable Corepack for Yarn
+RUN corepack enable
+
 # Copy package files
-COPY package*.json ./
+COPY package.json yarn.lock .yarnrc.yml ./
 
 # Install production dependencies only
-RUN npm ci --only=production
+RUN yarn install --immutable --immutable-cache
 
 # -----------------------------------------------------------------------------
 # Stage 2: Production Runtime