ci: add mutation testing for validation and redaction helpers (#244)

[aaniya22]

What

Adds mutation testing for the two most security-critical helper modules:

• backend/secuscan/validation.py
• backend/secuscan/redaction.py

How

• mutmut.toml — configures which files to mutate and which tests to run
• .github/workflows/mutation.yml — new targeted CI job that:
  • triggers only when relevant source or test files change (no noise on unrelated PRs)
  • also runs on a weekly schedule (every Monday 03:00 UTC) to catch regressions
  • uploads an HTML report as a downloadable artifact (30-day retention)
  • enforces a hard 80% mutation score threshold — fails CI if too many mutants survive
• backend/requirements-dev.txt — pins mutmut>=3.5.0

What was NOT changed

• No UI changes
• No doc changes
• No lockfile churn
• No formatting changes
• No existing tests modified

Verification

Run locally:

mutmut run
mutmut results
mutmut html

Closes #244

[utksh1]

Requesting changes. mutation-testing, backend-tests, and formatting-hygiene are failing. Please make CI green and avoid bundling unrelated vault/config dependency changes into the mutation testing workflow PR.

[utksh1]

Thanks for following up. Clarifying the change request so it is actionable:

Why this is blocked:
Requesting changes. mutation-testing, backend-tests, and formatting-hygiene are failing. Please make CI green and avoid bundling unrelated vault/config dependency changes into the mutation testing workflow PR.

What to do next:

• Fix the specific issues called out above.
• Push the updated branch and make sure the relevant CI checks pass.
• Reply here when ready for re-review.

[utksh1]

Current status: still blocked. The mutation-testing CI branch is conflicting with current main. Please rebase, make sure the mutation job is advisory or clearly documented if required, and keep runtime reasonable for normal PR CI.