chore: bump dependencies

[Nicholas Wiersma (nrwiersma)]

Goal of this PR

This bumps the supported Go versions, updates the linter and linter issues.

How did I test it?

[Copilot]

Pull request overview

This PR bumps the supported Go versions (from 1.24/1.25 to 1.25/1.26), updates the golangci-lint version to v2.11.2, and addresses linter issues. It also adds a new vulnerability check workflow, changes Dependabot update frequency from weekly to monthly, and refactors the parseDir logic to use manual file parsing instead of the deprecated parser.ParseDir.

Changes:

• Bumped Go minimum version to 1.25.8 in go.mod and test matrix to 1.25/1.26; updated golangci-lint to v2.11.2
• Replaced parser.ParseDir with a custom parseDir function in cmd/oapi-gen/gen.go, and pre-allocated a slice in gen.go to fix a linter warning
• Added a new vulncheck.yaml workflow and changed Dependabot intervals from weekly to monthly

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
go.mod	Bumped Go version from 1.24.0 to 1.25.8
gen.go	Pre-allocated SchemaRefs slice to fix linter issue
cmd/oapi-gen/gen.go	Replaced deprecated parser.ParseDir with custom parseDir; refactored gatherInfo to handle package validation inline
.github/workflows/vulncheck.yaml	Added new vulnerability scanning workflow
.github/workflows/test.yml	Updated Go test matrix to 1.25/1.26 and golangci-lint to v2.11.2
.github/dependabot.yml	Changed update interval from weekly to monthly

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

[Christian R (antiphp)]

go fix ./... has one issue with reflect.Pointer -> .Ptr