feat: add comprehensive security scanning and EditorConfig integration

- Add govulncheck, Snyk, and Trivy vulnerability scanning
- Create security workflow for automated scanning on push/PR/schedule
- Add gitleaks for secrets detection and prevention
- Implement EditorConfig linting with eclint and editorconfig-checker
- Update Makefile with security and formatting targets
- Create SECURITY.md with vulnerability reporting guidelines
- Configure Dependabot for automated dependency updates
- Fix all EditorConfig violations across codebase
- Update Go version to 1.23.10 to address stdlib vulnerabilities
- Add tests for internal/helpers package (80% coverage)
- Remove deprecated functions and migrate to error-returning patterns
- Fix YAML indentation in test fixtures to resolve test failures

testdata/composite-action/action.yml

@@ -21,19 +21,19 @@ runs:
       with:
         fetch-depth: 0
         token: ${{ github.token }}
-    
+
     - name: Setup Node.js
       uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
       with:
         node-version: ${{ inputs.node-version }}
         cache: 'npm'
-    
+
     - name: Install dependencies
       shell: bash
       run: |
         cd ${{ inputs.working-directory }}
         npm ci
-    
+
     - name: Run tests
       shell: bash
       run: |
@@ -41,7 +41,7 @@ runs:
         echo "Tests completed successfully"
       env:
         NODE_ENV: test
-    
+
     - name: Build project
       uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
       id: build
@@ -50,4 +50,4 @@ runs:
 
 branding:
   icon: package
-  color: blue
+  color: blue