#8988: fix: resolve security vulnerabilities in dependencies

This PR addresses multiple security vulnerabilities identified in both the Node.js and Go dependency trees. Key Security Fixes * Node.js (High Severity): Forced an override for @isaacs/brace-expansion to ^5.0.1 to resolve an Uncontrolled Resource Consumption vulnerability (GHSA-7h2j-956f-4vf2 (https://github.com/advisories/GHSA-7h2j-956f-4vf2)). * Go (Multiple CVEs): Updated scripts/docs-i18n to Go 1.23.0 and bumped golang.org/x/net to v0.38.0. This resolves over 20 known vulnerabilities in the Go networking stack, including potential request smuggling and memory exhaustion issues. * Core Dependencies: Updated @mariozechner/pi-* packages, @agentclientprotocol/sdk, and @aws-sdk/client-bedrock to their latest stable releases. Other Changes * Updated .gitignore to ensure local runtime directories (config/ and workspace/) are not accidentally committed. --- Verification: Verified via pnpm audit that the high-severity Node.js vulnerability is resolved. The Go dependency tree was verified against current OSV security databases. <!-- greptile_comment --> <h2>Greptile Overview</h2> <h3>Greptile Summary</h3> This PR updates dependency versions in the Node.js (pnpm) and Go (`scripts/docs-i18n`) trees to address known security advisories, including adding a pnpm override for `@isaacs/brace-expansion` and bumping several core JS deps plus `golang.org/x/net`. It also attempts to extend `.gitignore` to exclude local runtime directories. The dependency changes are localized to root `package.json`/`pnpm-lock.yaml` and the docs-i18n module’s `go.mod`, aligning with the repo’s dependency management patterns (pnpm overrides and Go module pinning) while reducing exposure to vulnerable transitive packages. <h3>Confidence Score: 4/5</h3> - Mostly safe to merge once the .gitignore corruption is fixed. - Changes are primarily dependency bumps/lockfile updates plus a Go module bump; the only clear functional issue is the `.gitignore` file being committed with binary/NUL bytes at the end, which will break those ignore patterns and can cause tooling issues. - .gitignore (fix encoding/NUL bytes); otherwise review dependency bumps as usual for compatibility. <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->