Fix: merge consecutive RUN instructions in frontend Dockerfile

[Shubb07]

Proposed change

Resolves #3427

This PR fixes a SonarCloud maintainability issue (docker:S7031) in
docker/frontend/Dockerfile, where consecutive RUN instructions were
used.

The instructions were merged into a single RUN layer to reduce the
number of Docker image layers and improve maintainability, following
Docker best practices. This change does not alter any functional
behavior.

Checklist

• I followed the contributing workflow
• I verified that my code works as intended and resolves the issue as described
• The change is limited in scope and does not introduce functional behavior changes
• I ran make check-test locally: all warnings addressed, tests passed
• I used AI for code, documentation, tests, or communication related to this PR

[coderabbitai]

Summary by CodeRabbit

• Chores

  • Updated npm version in build environment.

• Bug Fixes

  • Improved safety of issue list rendering to handle edge cases where data may be unavailable.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

Walkthrough

This PR addresses SonarQube warnings by consolidating consecutive RUN instructions in the Docker frontend configuration and bumping npm to 7.5.4. It also updates JSX rendering in the contribute page to use optional chaining with explicit index forwarding.

Changes

Cohort / File(s)	Summary
Docker Configuration docker/frontend/Dockerfile	Bumped npm tarball from 7.5.3 to 7.5.4. Consolidated consecutive RUN instructions (grep check and addgroup creation) into a single chained RUN command using && to reduce image layers.
Frontend React Component frontend/src/app/contribute/page.tsx	Replaced guarded map pattern (issues && issues.map(...)) with optional chaining (issues?.map(...)). Explicitly forwards index parameter to renderContributeCard function.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~4 minutes

Possibly related PRs

• Update docker files location #3112: Modifies docker/frontend/Dockerfile with changes to Dockerfile instructions and build stages.
• fix: prefer optional chaining over logical AND guard (S6582) #3629: Modifies the same JSX expression in contribute/page.tsx to replace logical AND guard with optional chaining.
• Optimize frontend docker image  #1323: Updates frontend Dockerfile runner/build stages including npm and tar handling.

Suggested labels

frontend, docker

Suggested reviewers

• kasya
• arkid15r

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	⚠️ Warning	The PR includes changes to both docker/frontend/Dockerfile and frontend/src/app/contribute/page.tsx; the TypeScript file change appears unrelated to the linked issue about Docker RUN instructions.	Remove or justify the changes to frontend/src/app/contribute/page.tsx, as they are not related to resolving issue #3427 about merging RUN instructions in Dockerfiles.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: merging consecutive RUN instructions in the frontend Dockerfile to address a SonarCloud issue.
Description check	✅ Passed	The description is directly related to the changeset, clearly explaining the SonarCloud issue resolution and Docker best practices being applied.
Linked Issues check	✅ Passed	The PR addresses issue #3427 by consolidating consecutive RUN instructions in the Dockerfile, aligning with the objective to merge RUN commands using && to reduce image layers.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud