chore: bump azure/setup-helm from 4.3.1 to 5.0.0

Bumps [azure/setup-helm](https://github.com/azure/setup-helm) from 4.3.1 to 5.0.0.
- [Release notes](https://github.com/azure/setup-helm/releases)
- [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md)
- [Commits](1a275c3b69...dda3372f75)

---
updated-dependencies:
- dependency-name: azure/setup-helm
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/build.yaml

@@ -90,7 +90,7 @@ jobs:
     if: needs.changes.outputs.helm == 'true'
     steps:
       - uses: actions/checkout@v6
-      - uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4
+      - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
       - run: helm plugin install https://github.com/instrumenta/helm-kubeval

ci/build/build-release.sh

@@ -85,11 +85,15 @@ EOF
   ) > "$RELEASE_PATH/package.json"
   mv npm-shrinkwrap.json "$RELEASE_PATH"
 
-  rsync ci/build/npm-postinstall.sh "$RELEASE_PATH/postinstall.sh"
-
   if [ "$KEEP_MODULES" = 1 ]; then
     rsync node_modules/ "$RELEASE_PATH/node_modules"
+    # Remove dev dependencies.
+    pushd "$RELEASE_PATH"
+    npm prune --production
+    popd
   fi
+
+  rsync ci/build/npm-postinstall.sh "$RELEASE_PATH/postinstall.sh"
 }
 
 bundle_vscode() {
@@ -108,7 +112,9 @@ bundle_vscode() {
   # need it for the npm package.
   rsync_opts+=(--exclude /node)
 
-  # Exclude Node modules.
+  # Exclude Node modules.  Note that these will already only include production
+  # dependencies, so if we do keep them there is no need to do any
+  # post-processing to remove dev dependencies.
   if [[ $KEEP_MODULES = 0 ]]; then
     rsync_opts+=(--exclude node_modules)
   fi