Fix linter issues after golangci-lint bump

[thardeck]

Remove stale nolint directives for gosec codes that no longer trigger at those locations; they were flagged by nolintlint.

Add G122 nolint annotations on os.ReadFile calls inside WalkDir callbacks in loaddirectory.go and filereader.go; the paths are over controlled directories and the TOCTOU risk is negligible.

Replace rw.WriteHeader+rw.Write in logAndReturn with http.Error, which sets Content-Type and X-Content-Type-Options headers and avoids reflecting error details in the HTTP response (G705).

Replace httptest.NewRequest with NewRequestWithContext in the webhook test to satisfy noctx.

[Copilot]

Pull request overview

This PR cleans up and adjusts code to satisfy updated golangci-lint checks after a linter bump, including removing now-stale //nolint directives, adding narrowly scoped suppressions where new gosec findings are expected, and addressing noctx/HTTP-response security findings.

Changes:

• Remove stale //nolint:gosec / //nolint directives that are no longer needed (as flagged by nolintlint).
• Add targeted //nolint:gosec annotations for os.ReadFile usage inside WalkDir callbacks (G122).
• Harden webhook error responses by switching to http.Error, and update a webhook test request to include a context.

Reviewed changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
pkg/webhook/webhook_test.go	Uses a context-aware request constructor to satisfy noctx in tests.
pkg/webhook/webhook.go	Replaces manual WriteHeader/Write with http.Error to avoid reflecting internal errors and set safer headers.
pkg/git/vendor.go	Removes a stale //nolint:gosec on client.Do(req).
internal/ocistorage/ociwrapper.go	Removes a stale //nolint:gosec on an intentional Password field.
internal/config/config.go	Removes a stale //nolint:gosec on Bootstrap.Secret (resource name, not credential).
internal/cmd/controller/imagescan/update/filereader.go	Adds G122 gosec suppression for os.ReadFile within a WalkDir traversal.
internal/cmd/controller/agentmanagement/controllers/cluster/import.go	Removes a stale //nolint:gosec on http.DefaultClient.Do(req).
internal/cmd/cli/dump/dump.go	Removes a stale //nolint:gosec on an HTTP request used for locally forwarded metrics.
internal/cmd/cli/apply/apply.go	Removes a stale //nolint:gosec on an intentional Password field in CLI options.
internal/cmd/cli/apply.go	Removes a stale //nolint:gosec on os.WriteFile to a temp path.
internal/cmd/cli/analyze.go	Removes stale //nolint:gosec annotations on CLI stdout writes.
internal/cmd/agent/register/register.go	Removes a stale //nolint:gosec on http.DefaultClient.Do(req) used for CA-bypass detection.
internal/bundlereader/loaddirectory.go	Adds G122 suppression for os.ReadFile in WalkDir and removes a stale //nolint:gosec on temp-file cleanup.
internal/bundlereader/charturl.go	Removes a stale //nolint:gosec on client.Do(request) fetching helm repo indexes.
internal/bundlereader/auth.go	Removes a stale //nolint:gosec on Auth.Password field.
cmd/docs/generate-cli-docs.go	Removes a stale //nolint:gosec on a stdout usage message.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.