feat: add sri integrity hash for redoc

[tatomyr]

What/Why/How?

Added the integrity attribute for Redoc standalone:

<script src="https://cdn.redocly.com/.../redoc.standalone.js" integrity="sha384-..." crossorigin="anonymous"></script>

Reference

Closes #2875

Check yourself

• This PR follows the contributing guide
• All new/updated code is covered by tests
• Core code changed? - Tested with other Redocly products (internal contributions only)
• New package installed? - Tested in different environments (browser/node)
• Documentation update has been considered

Security

• The security impact of the change has been considered
• Code follows company security practices and guidelines

---

Note

Medium Risk
Generated docs depend on a manually maintained SRI hash matching the CDN bundle; a Redoc bump without updating the hash will break pages or fail CI, but the change hardens against CDN tampering.

Overview
build-docs now emits the CDN redoc.standalone.js <script> with integrity (sha384) and crossorigin="anonymous", using a new redocStandaloneSri constant in package.ts that must stay in sync with the pinned Redoc version.

The build-docs option field is renamed from redocCurrentVersion to redocVersion. CONTRIBUTING documents how to recompute the hash when bumping Redoc.

Coverage includes an e2e test that fetches the live CDN bundle and asserts the embedded hash matches, plus updated HTML snapshots and smoke pre-built output.

^{Reviewed by Cursor Bugbot for commit 1cebfd4. Bugbot is set up for automated code reviews on this repo. Configure here.}

[changeset-bot]

🦋 Changeset detected

Latest commit: 1cebfd4

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@redocly/cli	Minor
@redocly/openapi-core	Minor
@redocly/respect-core	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	81.44% (🎯 81%)	7459 / 9158
🔵	Statements	80.8% (🎯 80%)	7753 / 9595
🔵	Functions	84.4% (🎯 84%)	1483 / 1757
🔵	Branches	73.16% (🎯 73%)	5043 / 6893

File Coverage

File	Stmts	Branches	Functions	Lines	Uncovered Lines
Changed Files
packages/cli/src/commands/build-docs/index.ts	93.33%	50%	100%	93.33%	48
packages/cli/src/commands/build-docs/utils.ts	56.66%	35.48%	83.33%	58.62%	47-68, 134
packages/cli/src/utils/package.ts	100%	100%	100%	100%

Generated in workflow #10486 for commit 1cebfd4 by the Vitest Coverage Report Action

[github-actions]

Performance Benchmark (Lower is Faster)

CLI Version	Bundle	Lint	Check Config
cli-latest	▓ 1.00x (Fastest)	▓ 1.00x (Fastest)	▓ 1.00x ± 0.01
cli-next	▓ 1.00x ± 0.01	▓ 1.01x ± 0.01	▓ 1.00x (Fastest)