fix: address validation blockers and CI/frontend alignment

[Emart29]

Motivation

• Resolve runtime and validation blockers by adding missing backend dependencies and required environment placeholders to enable providers and encryption features.
• Fix frontend artifacts (JSON, string quoting) and align CI to use npm/package-lock.json for consistent builds.

Description

• Added supabase, sqlglot, and cryptography to backend/pyproject.toml to support Supabase integration, SQL parsing, and encryption.
• Expanded backend/.env.example with ENCRYPTION_KEY, FRONTEND_URL, SUPABASE_SERVICE_KEY, ENVIRONMENT, and GROQ_API_KEY placeholders required at runtime.
• Updated frontend/package.json to ensure valid JSON and added the reactflow dependency, and normalized quoting in frontend/src/app/(dashboard)/page.tsx to fix escaped-quote issues.
• Adjusted .github/workflows/ci.yml frontend jobs to use npm/package-lock.json and npm ci / npm run build / npm run lint instead of pnpm to match the repository setup.

Testing

• Ran backend syntax check with find . -name "*.py" -exec python -m py_compile {} \; which completed successfully and reported all Python files have valid syntax.
• Validated frontend/package.json with python -m json.tool which succeeded and confirmed valid JSON.
• Scanned frontend source for escaped-quote issues with rg which reported no problems after the fix.
• Attempted npm install in frontend which failed in this environment due to an external registry 403 Forbidden error and is marked as a non-code-related failure.
• Attempted npm run build in frontend which failed because NEXT_PUBLIC_API_URL, NEXT_PUBLIC_SUPABASE_URL, and NEXT_PUBLIC_SUPABASE_ANON_KEY are not set in the environment and is expected without real deployment keys.

---

Codex Task