Add `lockfile-lint` to `npm/yarn` projects to validate the package-lock files

[yeikel]

Read more : https://www.npmjs.com/package/lockfile-lint

Example

jobs:
  check-dist:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v3

      - name: Set Node.js 16.x
        uses: actions/setup-node@v2.4.1
        with:
          node-version: 16.x
      - name: Validate package-lock
        run: npx lockfile-lint --path package-lock.json --allowed-hosts npm yarn --validate-https