#17896: fix(config): warn instead of silently swallowing chmod failure on config write

## Summary Change silent `catch {}` to `deps.logger.warn()` when `chmod 0o600` fails on config file write, making permission issues visible for debugging. **Issue:** #17440 ## Change Type - [x] Bug fix (non-breaking change which fixes an issue) ## Scope - **Files changed:** `src/config/io.ts` - **Risk:** Very low — only adds a warning log, no behavior change ## Security Impact - Improves security visibility — failed permission restrictions are now logged ## Steps to Reproduce 1. Config file is written on a filesystem that doesn't support chmod (e.g., some Docker volumes, Windows via WSL) 2. **Before fix:** chmod failure silently swallowed — no indication permissions weren't set 3. **After fix:** Warning logged with error details ## Evidence - `pnpm build` ✅ - `pnpm check` (lint+format) ✅ - Targeted tests: 410 tests passed (47 files, config, IO) on Windows host ✅ - Full baseline: 542 tests passed ✅ ## Human Verification - [x] Code reviewed by human contributor ## Compatibility - Fully backward compatible — only changes logging behavior - No config changes, no API changes ## Failure & Recovery - N/A — this IS the failure recovery improvement ## Risks - None — purely observational change --- 🤖 AI-assisted (Opus 4.6 implementation, reviewed by Opus 4.6 + GPT 5.3 Codex with thinking high) <!-- greptile_comment --> <h3>Greptile Summary</h3> Replaces silent error swallowing with a warning log when `chmod 0o600` fails during config file write, improving security visibility by making permission failures observable. - Improved observability: chmod failures now logged with error details - Minor style inconsistency: uses optional chaining where `deps.logger` is guaranteed to exist <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk - The change only adds observability by logging a warning when chmod fails - no behavioral changes, no new error paths introduced. The minor style inconsistency (unnecessary optional chaining) doesn't affect functionality. - No files require special attention _{Last reviewed commit: 1e7998f} <!-- greptile_other_comments_section --> _{(5/5) You can turn off certain types of comments like style [here](https://app.greptile.com/review/github)!} <!-- /greptile_comment -->