chore: update golangci-lint config and fix lint issues

[moonD4rk]

Summary

• Remove stale V1 exclusion rules from .golangci.yml (browserdata/, extractor/, Phase 8 wiring, etc.)
• Add linters: nilerr, bodyclose, durationcheck, nestif
• Clean up gosec/gocritic disabled checks with documented reasons
• Add cookie-editor JSON fallback for non-cookie categories
• Fix all testifylint issues across 8 test files

.golangci.yml changes

Removed: 6 stale exclusion rules referencing deleted V1 paths
Added linters: nilerr, bodyclose, durationcheck, nestif
Cleaned up: gosec excludes now have inline comments explaining each rule

Cookie-editor fallback

When using -f cookie-editor, non-cookie categories now fall back to standard JSON output instead of being silently skipped.

Test fixes (testifylint)

Pattern	Fix
assert.Equal(t, nil, err)	require.NoError(t, err)
assert.Equal(t, true, ...)	assert.True(t, ...)
assert.Equal(t, "", x)	assert.Empty(t, x)
assert.True(t, len(x) > 0)	assert.NotEmpty(t, x)
assert.NoError after error return	require.NoError (fail fast)

Test plan

• go test ./... — all pass
• golangci-lint run — 0 issues

[codecov-commenter]

Codecov Report

❌ Patch coverage is 66.66667% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 67.86%. Comparing base (e35907d) to head (b057fb6).

Files with missing lines	Patch %	Lines
output/cookie_editor.go	60.00%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@                     Coverage Diff                      @@
##           feat/v2-hbd-architecture     #542      +/-   ##
============================================================
- Coverage                     68.08%   67.86%   -0.22%     
============================================================
  Files                            48       48              
  Lines                          1579     1581       +2     
============================================================
- Hits                           1075     1073       -2     
- Misses                          398      400       +2     
- Partials                        106      108       +2     

Flag	Coverage Δ
unittests	67.86% <66.66%> (-0.22%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

Updates the repository’s golangci-lint configuration and adjusts code/tests to satisfy the newly enabled and existing linters, including a behavior change to cookie-editor output to fall back to JSON for non-cookie categories.

Changes:

• Refresh .golangci.yml: remove stale exclusions, enable additional linters, and document gosec/staticcheck decisions.
• Implement cookie-editor formatter fallback to standard JSON for non-cookie categories.
• Fix testifylint findings across multiple test files by switching to require.* where appropriate and using more specific assertions.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
.golangci.yml	Updates enabled linters/exclusions and documents gosec/staticcheck configuration.
output/formatter.go	Wires cookie-editor formatter with a JSON fallback implementation.
output/cookie_editor.go	Adds fallback-to-JSON behavior for non-cookie categories in cookie-editor format.
output/output_test.go	Updates tests for cookie-editor fallback and improves assertions per testifylint.
utils/sqliteutil/sqlite_test.go	Replaces non-fatal assert.NoError with require.NoError for fail-fast behavior.
utils/fileutil/fileutil_test.go	Switches to require.NoError on setup/critical path assertions.
filemanager/session_test.go	Uses require.NoError for operations that must succeed before further assertions.
crypto/keyretriever/keyretriever_test.go	Uses require.Error where error is required for the test to proceed meaningfully.
crypto/crypto_test.go	Updates error/emptiness assertions to testifylint-preferred forms and adds require import.
crypto/asn1pbe_test.go	Updates error/boolean/emptiness assertions to testifylint-preferred forms and adds require import.
browser/firefox/extract_history_test.go	Uses assert.Empty instead of equality-to-empty-string.
browser/browser_test.go	Uses assert.NotEmpty instead of len(...) > 0.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

gosec is configured to exclude G501 (blocklisted import crypto/md5) even though the comment states md5 is not used. Since the repository currently has no crypto/md5 imports, keeping this exclusion reduces protection against accidental future md5 introduction; consider removing the G501 exclusion (or only excluding it if/where md5 is actually required).

Suggested change

- G501 # blocklisted import crypto/md5 — not used, keep for safety