[Sync] Update project files from source repository (eec0e19)

[mrz1836]

What Changed

• Updated .dockerignore to exclude dist/ but explicitly include !dist/linux/ subdirectory
• Upgraded actions/setup-go from v6.3.0 (commit 4b73464) to v6.4.0 (commit 4a36011) in .github/actions/setup-go-with-cache/action.yml
• Added clarifying comments indicating that actions/cache handles both restore and save operations for Go module cache and Go build cache
• Updated GITLEAKS_VERSION from 8.30.0 to 8.30.1 in .github/env/10-security.env
• Added permissions: contents: read to the pre-commit job in .github/workflows/fortress-pre-commit.yml

Why It Was Necessary

• The Docker build process needs access to Linux-specific binaries in dist/linux/ while excluding other distribution artifacts
• Upgrading security and build tooling ensures latest bug fixes and security patches are applied
• Explicit permission declarations in GitHub workflows follow security best practices by adhering to the principle of least privilege
• Comments improve maintainability by clarifying caching behavior for future contributors

Testing Performed

• Verify Docker builds correctly include dist/linux/ contents while excluding other dist/ subdirectories
• Confirm GitHub Actions workflows execute successfully with the updated setup-go action version
• Validate pre-commit workflow runs with the explicit contents: read permission
• Ensure gitleaks security scanning completes with version 8.30.1

Impact / Risk

• Low Risk: Changes are primarily dependency version bumps and clarifying comments
• Docker Build: Potential impact if dist/linux/ contents are required for container images; previously these may have been excluded
• CI/CD: Adding explicit permissions is a security hardening measure with no functional impact on existing workflows

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[mrz1836]

LGTM!