style(#3160): use explicit 0o octal notation for file permissions

[fullsend-ai-coder]

Replace all old-style Go octal literals (e.g., 0644, 0755) with the explicit 0o prefix notation (0o644, 0o755) introduced in Go 1.13. The 0o prefix makes the numeric base unambiguous and prevents visual confusion with decimal numbers.

This is a semantics-preserving change across 42 files covering production code, test files, acceptance tests, and benchmarks. All os.OpenFile, os.WriteFile, os.MkdirAll, os.Chmod, os.Mkdir, afero.WriteFile, and tar.Header Mode calls are updated.

Note: TestWriteReport in internal/validate failed due to sandbox network restrictions (sigstore TUF CDN blocked), not related to this change.

---

Closes #3160

Post-script verification

• Branch is not main/master (agent/3160-explicit-octal-notation)
• Secret scan passed (gitleaks — d5a1551b2ae45d8ae67995bc240d0c3219ddade3..HEAD)
• Pre-commit hooks passed (authoritative run on runner)
• Tests ran inside sandbox

[fullsend-ai-review]

Review

Findings

No findings.

[codecov]

Codecov Report

❌ Patch coverage is 65.00000% with 7 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
benchmark/internal/registry/registry.go	0.00%	3 Missing ⚠️
benchmark/offliner/offliner.go	0.00%	1 Missing ⚠️
cmd/test/test.go	0.00%	1 Missing ⚠️
internal/evaluator/conftest_evaluator.go	66.66%	1 Missing ⚠️
internal/logging/logging.go	0.00%	1 Missing ⚠️

Flag	Coverage Δ
acceptance	55.60% <71.42%> (ø)
generative	17.82% <16.66%> (ø)
integration	26.56% <25.00%> (ø)
unit	69.04% <65.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
cmd/initialize/init_policies.go	92.85% <100.00%> (ø)
cmd/track/track_bundle.go	96.96% <100.00%> (ø)
internal/applicationsnapshot/vsa.go	95.50% <ø> (ø)
internal/documentation/documentation.go	0.00% <ø> (ø)
...ation_snapshot_image/application_snapshot_image.go	84.78% <100.00%> (ø)
...ernal/evaluator/conftest_evaluator_test_helpers.go	78.63% <100.00%> (ø)
internal/policy/source/source.go	93.85% <100.00%> (ø)
internal/validate/vsa/storage_local.go	75.00% <100.00%> (ø)
internal/validate/vsa/vsa.go	63.61% <ø> (ø)
benchmark/offliner/offliner.go	14.08% <0.00%> (ø)
... and 4 more

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.