fix: drop package-lock.json + node_modules before npm install in Dockerfile

Previous attempt (c1318964) used npm ci + npm install --include=optional
--no-save, which still missed rolldown's platform-specific native
binding (@rolldown/binding-linux-arm64-gnu) — the runtime build still
fails with `Cannot find native binding`.

Wipe both the lockfile and node_modules so npm install resolves the
dependency tree fresh for the build platform.  The lockfile mutation
stays inside the container image.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

docker/Dockerfile

@@ -47,13 +47,16 @@ WORKDIR /app
 COPY . .
 
 # Build frontend deps first (better layer caching).
-# `npm ci` alone hits npm's optional-dependencies bug (npm/cli#4828):
-# platform-specific bindings (e.g. @rolldown/binding-linux-arm64-gnu)
-# listed in package-lock.json for the lockfile author's platform are
-# not installed for the build platform.  Follow `npm ci` with a
-# `--no-save --include=optional` install so the build platform's
-# native binding is fetched without mutating the lockfile.
-RUN cd frontend && npm ci && npm install --include=optional --no-save
+# Cannot use `npm ci` because of npm's optional-dependencies bug
+# (npm/cli#4828): platform-specific bindings (e.g. rolldown's
+# linux-arm64-gnu native binary, introduced by 1119's vite 5→8 upgrade)
+# get listed in package-lock.json for the lockfile author's platform
+# only, so `npm ci` skips them on every other platform — the build
+# then fails at runtime with `Cannot find native binding`.  Wipe the
+# lockfile + node_modules and let `npm install` resolve fresh for the
+# build platform.  The lockfile mutation stays inside the container
+# image and never reaches the host repo.
+RUN cd frontend && rm -rf node_modules package-lock.json && npm install
 
 # Build the release binary (build.rs runs npm run build for the frontend)
 RUN cargo build --release \