fix: ci security issues (#9451)

* fix possible code injection errors

* pin n

.devcontainer/Dockerfile

@@ -34,7 +34,7 @@ RUN apt install -y \
    yarn nodejs npm
 
 # Update to the latest stable node version
-RUN npm install -g n --ignore-scripts && n lts
+RUN npm install -g n@10.1.0 --ignore-scripts && n lts
 
 RUN yarn config set network-timeout 600000 -g
 

.github/actions/setup/action.yaml

@@ -64,7 +64,9 @@ runs:
       - name: Install Specific Python Dependencies
         if: ${{ inputs.pip-dependency }}
         shell: bash
-        run: uv pip install ${{ inputs.pip-dependency }}
+        run: uv pip install ${PIP_DEPS}
+        env:
+          PIP_DEPS: ${{ inputs.pip-dependency }}
 
       # NPM installs
       - name: Install node.js ${{ env.node_version }}
@@ -78,8 +80,10 @@ runs:
         shell: bash
         run: |
           sudo apt-get update
-          sudo apt-get install ${{ inputs.apt-dependency }}
+          sudo apt-get install ${APT_DEPS}
-          sudo apt-get install ${{ inputs.apt-dependency }}
+          sudo apt-get install ${APT_DEPS}
+        env:
+          APT_DEPS: ${{ inputs.apt-dependency }}
 
       # Invoke commands
       - name: Install dev requirements

contrib/container/Dockerfile

@@ -108,7 +108,7 @@ RUN ./install_build_packages.sh --no-cache --virtual .build-deps && \
 FROM prebuild AS frontend
 
 RUN apk add --no-cache --update nodejs npm yarn bash
-RUN npm install -g --ignore-scripts n
+RUN npm install -g --ignore-scripts n@10.1.0
 RUN bash -c "n lts"
 RUN yarn config set network-timeout 600000 -g
 COPY src ${INVENTREE_HOME}/src
@@ -152,7 +152,7 @@ RUN pip install --require-hashes -r base_requirements.txt --no-cache
 # Install nodejs / npm / yarn
 
 RUN apk add --no-cache --update nodejs npm yarn bash
-RUN npm install -g --ignore-scripts n
+RUN npm install -g --ignore-scripts n@10.1.0
 RUN bash -c "n lts"
 RUN yarn config set network-timeout 600000 -g