Add check whether yarn.lock needs to be updated

Under certain circumstances (bad merges?) the yarn.lock file might
contain extranous root dependencies. This is not a security risk because
the dependencies are simply not downloaded. However, it can be confusing
because a `yarn install` updates `yarn.lock` locally, while a `yarn
install --frozen-lockfile` does not fail in CI.

The last time this happened was after
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55062
was merged.

Interestingly a `yarn check --integrity` would fail. We already utilize
this locally when running `yarn run jest`. This is also not executed in
CI, because we run `yarn run jest:ci` there. Simply adding the same
check to our `static-analysis` will solve the problem in the future.

scripts/static-analysis

@@ -55,6 +55,7 @@ class StaticAnalysis
     Task.new(%w[yarn run internal:stylelint], 8),
     Task.new(%w[scripts/lint-conflicts.sh], 1),
     Task.new(%w[yarn run block-dependencies], 1),
+    Task.new(%w[yarn run check-dependencies], 1),
     Task.new(%w[scripts/lint-rugged], 1),
     Task.new(%w[scripts/gemfile_lock_changed.sh], 1)
   ].compact.freeze