Disable npm lifecycle scripts for security

Add --ignore-scripts flag to yarn install to prevent execution of
potentially malicious scripts during package installation.

Related to PDE-128

Co-authored-by: Ona <no-reply@ona.com>

Author: jespino

.gitpod.yml

@@ -1,5 +1,5 @@
 tasks:
-  - init: yarn && yarn build
+  - init: yarn --ignore-scripts && yarn build
     command: |
       echo "//registry.yarnpkg.com/:_authToken=$NPM_TOKEN" >>~/.npmrc
       yarn watch