chore: fix update node image

[YOU54F]

Fix up node image, as it's been a while, still not released as part of this change but will be able to close the vulns pr's

If we provide CMD we get in the node repl, but using ENTRYPOINT seems to work fine.

Ran a trivy cli against it

🕙16:30:46 ❯ trivy image pact-cli                          
2023-04-26T16:31:36.235+0100    INFO    Need to update DB
2023-04-26T16:31:36.235+0100    INFO    DB Repository: ghcr.io/aquasecurity/trivy-db
2023-04-26T16:31:36.235+0100    INFO    Downloading DB...
36.47 MiB / 36.47 MiB [--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------] 100.00% 23.64 MiB p/s 1.7s
2023-04-26T16:31:39.566+0100    INFO    Vulnerability scanning is enabled
2023-04-26T16:31:39.566+0100    INFO    Secret scanning is enabled
2023-04-26T16:31:39.566+0100    INFO    If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-04-26T16:31:39.566+0100    INFO    Please see also https://aquasecurity.github.io/trivy/v0.40/docs/secret/scanning/#recommendation for faster secret detection
2023-04-26T16:32:07.121+0100    INFO    Detected OS: alpine
2023-04-26T16:32:07.121+0100    INFO    Detecting Alpine vulnerabilities...
2023-04-26T16:32:07.124+0100    INFO    Number of language-specific files: 4
2023-04-26T16:32:07.124+0100    INFO    Detecting cargo vulnerabilities...
2023-04-26T16:32:07.125+0100    INFO    Detecting node-pkg vulnerabilities...
2023-04-26T16:32:07.131+0100    INFO    Detecting gemspec vulnerabilities...

pact-cli (alpine 3.17.3)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 0, CRITICAL: 0)

┌────────────┬───────────────┬──────────┬───────────────────┬───────────────┬────────────────────────────────────────────────────────────┐
│  Library   │ Vulnerability │ Severity │ Installed Version │ Fixed Version │                           Title                            │
├────────────┼───────────────┼──────────┼───────────────────┼───────────────┼────────────────────────────────────────────────────────────┤
│ libcrypto3 │ CVE-2023-1255 │ MEDIUM   │ 3.0.8-r3          │ 3.0.8-r4      │ Input buffer over-read in AES-XTS implementation on 64 bit │
│            │               │          │                   │               │ ARM                                                        │
│            │               │          │                   │               │ https://avd.aquasec.com/nvd/cve-2023-1255                  │
├────────────┤               │          │                   │               │                                                            │
│ libssl3    │               │          │                   │               │                                                            │
│            │               │          │                   │               │                                                            │
│            │               │          │                   │               │                                                            │
└────────────┴───────────────┴──────────┴───────────────────┴───────────────┴────────────────────────────────────────────────────────────┘
2023-04-26T16:32:07.146+0100    INFO    Table result includes only package filenames. Use '--format json' option to get the full path to the package file.

Node.js (node-pkg)

Total: 5 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 3, CRITICAL: 0)

┌─────────────────────────────────────┬────────────────┬──────────┬───────────────────┬────────────────────────────┬─────────────────────────────────────────────────────────────┐
│               Library               │ Vulnerability  │ Severity │ Installed Version │       Fixed Version        │                            Title                            │
├─────────────────────────────────────┼────────────────┼──────────┼───────────────────┼────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ ansi-regex (package.json)           │ CVE-2021-3807  │ HIGH     │ 3.0.0             │ 3.0.1, 4.1.1, 5.0.1, 6.0.1 │ nodejs-ansi-regex: Regular expression denial of service     │
│                                     │                │          │                   │                            │ (ReDoS) matching ANSI escape codes                          │
│                                     │                │          │                   │                            │ https://avd.aquasec.com/nvd/cve-2021-3807                   │
│                                     │                │          ├───────────────────┤                            │                                                             │
│                                     │                │          │ 4.1.0             │                            │                                                             │
│                                     │                │          │                   │                            │                                                             │
│                                     │                │          │                   │                            │                                                             │
├─────────────────────────────────────┼────────────────┼──────────┼───────────────────┼────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ got (package.json)                  │ CVE-2022-33987 │ MEDIUM   │ 6.7.1             │ 11.8.5, 12.1.0             │ nodejs-got: missing verification of requested URLs allows   │
│                                     │                │          │                   │                            │ redirects to UNIX sockets                                   │
│                                     │                │          │                   │                            │ https://avd.aquasec.com/nvd/cve-2022-33987                  │
├─────────────────────────────────────┼────────────────┼──────────┼───────────────────┼────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ http-cache-semantics (package.json) │ CVE-2022-25881 │ HIGH     │ 3.8.1             │ 4.1.1                      │ Regular Expression Denial of Service (ReDoS) vulnerability  │
│                                     │                │          │                   │                            │ https://avd.aquasec.com/nvd/cve-2022-25881                  │
├─────────────────────────────────────┼────────────────┼──────────┼───────────────────┼────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ request (package.json)              │ CVE-2023-28155 │ MEDIUM   │ 2.88.2            │                            │ ** UNSUPPORTED WHEN ASSIGNED ** The Request package through │
│                                     │                │          │                   │                            │ 2.88.1 for ......                                           │
│                                     │                │          │                   │                            │ https://avd.aquasec.com/nvd/cve-2023-28155                  │
└─────────────────────────────────────┴────────────────┴──────────┴───────────────────┴────────────────────────────┴─────────────────────────────────────────────────────────────┘