Hi all,
I’ve published a utility called lockfile-shaker and a corresponding configuration for Strapi lockfile-shaker-strapi.
Basically what it does is edit your package-lock.json to safely make all of the dependencies that are only needed for the Strapi Admin front-end into dev-only dependencies. Then when you run npm ci --only production in your Docker build, it will only install the dependencies that are required for the backend server to run (not React, Webpack and all of those only require for the front-end) .
I use this in production and it reduces the number of dependencies in my server Docker image by 1350 packages, saving image build time, and reducing the image size by several hundred MB.