fix(docker): pin base image to node:22.22.3-slim (#1346)

The floating node:22-slim tag shipped Node 22.23.0, whose http.Agent
regression (nodejs/node#63989) breaks
node-fetch@2 / gaxios@6 with 'Premature close' on reused keep-alive
sockets. This broke C2C ID-token generation (google-auth-library 9.x)
and the app to integrated-backend auth flow in production, with no code
change. Pin to the last known-good patch (22.22.3) until the upstream
issue is fixed or we move off node-fetch@2.

Author: zapolsky

Dockerfile

@@ -1,4 +1,7 @@
-FROM node:22-slim
+# Pinned to a specific patch: the floating `node:22-slim` tag shipped Node 22.23.0,
+# whose http.Agent regression (https://github.com/nodejs/node/issues/63989) breaks node-fetch@2/gaxios@6 with
+# "Premature close", taking down C2C auth. Bump deliberately after verifying the fix.
+FROM node:22.22.3-slim
 ARG version=latest
 RUN npm install -g owox@${version} && npm cache clean --force
 ENV NODE_OPTIONS="--no-deprecation"