ci: add license-checker-rseidelsohn as pinned devDependency for npm license check

- Add license-checker-rseidelsohn ^4.2.2 to frontend devDependencies so the
  version is pinned in package-lock.json rather than resolved at npx runtime
- Add license-check npm script with FINOS A/B allowlist, --production flag
  to audit runtime deps only, --excludePrivatePackages for the app itself
- Update license.yml npm job to run `npm run license-check`
- Local check passes: 13 production deps, all MIT/BSD-3-Clause/Apache-2.0/ISC

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: coopernetes

.github/workflows/license.yml

@@ -50,11 +50,5 @@ jobs:
         working-directory: git-proxy-java-dashboard/frontend
 
       - name: Check licenses
-        run: >
-          npx --yes license-checker-rseidelsohn
-          --production
-          --excludePrivatePackages
-          --summary
-          --onlyAllow
-          "MIT;Apache-2.0;BSD-2-Clause;BSD-3-Clause;ISC;0BSD;Unlicense;CC0-1.0;MPL-2.0;EPL-1.0;EPL-2.0;WTFPL;BlueOak-1.0.0;Python-2.0;Artistic-2.0;Zlib;W3C;Unicode-DFS-2017;OFL-1.1"
+        run: npm run license-check
         working-directory: git-proxy-java-dashboard/frontend