fix: pin golangci-lint version to v2.9.0-alpine

[adityashekhawat1999]

fixes #711

Overview
The Dagger lint pipeline currently uses golangci/golangci-lint:latest-alpine.
Using the latest tag can lead to unexpected CI failures when a new version of golangci-lint is released.

Changes
Pinned golangci-lint image to v2.9.0-alpine, which is the previously working version observed in CI logs.

Reason
Pinning the version ensures consistent and stable lint behaviour across CI runs and prevents breaking changes introduced by newer releases.

No functional code changes were made.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 7.24%. Comparing base (60ad0bd) to head (5f96fa9).
⚠️ Report is 99 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##             main    #713      +/-   ##
=========================================
- Coverage   10.99%   7.24%   -3.75%     
=========================================
  Files         173     260      +87     
  Lines        8671   12913    +4242     
=========================================
- Hits          953     935      -18     
- Misses       7612   11870    +4258     
- Partials      106     108       +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[vg006]

I have few considerations to share.

First of all, the lint job fails only because of gosec linter, which updated its policies and checks strictly in the latest release last week.

So it arises multiple issues, notably G101, G117 in the project. So it is good to update gosec linter rules, rather than rolling back to or pinning to specific version of golangci-lint.

Also it is important to note that the golangci-lint latest version v2.10 (changelog) is packaged with the latest versions of multiple linters & formatters, including a gosec and doesn't provide a way to pin particular version of a specific linter.

So obviously, with the golangci-lint of version v2.10 and above will continue to fail. I have tested the lint job with multiple versions of golangci-lint using dagger locally and here are the reports.

So it is good to update the gosec rules, instead of pinning golangci-lint to a particular version as suggested in #715.

[qcserestipy]

I also wanted to add that I reviewed PR #715 and I think it is a good solution to deal with the rule sets instead of pinning the version of golangci-lint. It would keep us from using security fixes or improved functionality in this package if we pin it.

[bupd]

closing in favor of #715