feat: add new scanners, enhanced triage, findings refinement, and deployment tooling

- Add gitleaks secret detection, lint scanning (clippy/eslint/ruff), and LLM code review scanners
- Enhance LLM triage with multi-action support (confirm/downgrade/upgrade/dismiss),
  surrounding code context, and file-path classification confidence adjustment
- Add text search, column sorting, and bulk status update to findings dashboard
- Fix finding detail page status refresh and add developer feedback field
- Fix BSON DateTime deserialization across all models with shared serde helpers
- Add scan progress spinner with polling to repositories page
- Batch OSV.dev queries to avoid "Too many queries" errors
- Add gitleaks, semgrep, and ruff to Dockerfile.agent for deployment

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

compliance-core/src/models/finding.rs

@@ -71,7 +71,14 @@ pub struct Finding {
     pub status: FindingStatus,
     pub tracker_issue_url: Option<String>,
     pub scan_run_id: Option<String>,
+    /// LLM triage action and reasoning
+    pub triage_action: Option<String>,
+    pub triage_rationale: Option<String>,
+    /// Developer feedback on finding quality
+    pub developer_feedback: Option<String>,
+    #[serde(with = "super::serde_helpers::bson_datetime")]
     pub created_at: DateTime<Utc>,
+    #[serde(with = "super::serde_helpers::bson_datetime")]
     pub updated_at: DateTime<Utc>,
 }
 
@@ -108,6 +115,9 @@ impl Finding {
             status: FindingStatus::Open,
             tracker_issue_url: None,
             scan_run_id: None,
+            triage_action: None,
+            triage_rationale: None,
+            developer_feedback: None,
             created_at: now,
             updated_at: now,
         }