Upgrade golangci lint to 2.10.1

[anthony-gomez-fastly]

Change summary

Upgrades to 2.10.1 golang-ci-lint, and adds comments for the false positives detected

All Submissions:

• Have you followed the guidelines in our Contributing document?
• Have you checked to ensure there aren't other open Pull Requests for the same update/change?

New Feature Submissions:

• Does your submission pass tests?

[philippschulte]

I’m fine with the golangci-lint upgrade itself, but I think the new suppression comments should be more specific and consistent.

For the G117 suppressions, “this is a false positive” is too vague. Please document why each finding is safe to ignore (e.g., the field/tag mirrors the external Fastly API schema or required request payload, and this is not a hardcoded secret or an accidental serialization/leak).

For the G704 suppressions, some justifications are still weak. In particular, “URL is parsed and validated” / “properly formatted URL” doesn’t establish SSRF safety. If we’re going to suppress, the comment should state the invariant clearly (e.g., requests are constructed from the configured Fastly API endpoint plus validated/escaped path components, so caller input cannot change the outbound host/scheme).

Happy to keep the lint upgrade, but I’d like the suppressions updated with clearer rationale before merging.

[kpfleming]

Somewhat random question: were there any cases where G117 reported an issue and we didn't suppress it? If the answer is no, then maybe we should just consider disabling G117 globally for the codebase instead of at each location where it would emit a warning.

[anthony-gomez-fastly]

@kpfleming nope, all were suppressed. Will disable if @philippschulte agrees

[philippschulte]

I haven't even thought about disabling it globally. I think that is much better and I support that. Thanks!