[Sync] Update project files from source repository (b318071)

[mrz1836]

What Changed

• Updated MAGE_X_VERSION from v1.12.2 to v1.13.0 in .github/.env.base
• Replaced CVE exclusion examples in NANCY_EXCLUDES and MAGE_X_CVE_EXCLUDES with fake placeholder values (CVE-9999-12345, CVE-9999-43210) instead of real CVE IDs (CVE-2024-38513, CVE-2023-45142)
• Updated comments for CVE exclusion variables to clarify they are "fake examples"
• Increased GO_BROADCAST_AI_MAX_TOKENS from 2000 to 5000
• Added new commented-out configuration option GO_BROADCAST_DEBUG_DIFF_PATH=/tmp/debug-diff.txt for diff debugging
• Added permissions: contents: read with explanatory comments to three workflow files: dependabot-auto-merge.yml, stale-check.yml, and sync-labels.yml

Why It Was Necessary

• Upgrading Mage-X to v1.13.0 brings in the latest features and fixes from the upstream tool
• Replacing real CVE IDs with fake examples prevents confusion and ensures developers don't blindly copy actual vulnerability exclusions without understanding their security implications
• Increasing the AI token limit allows for generating longer, more comprehensive AI-generated content
• Adding explicit contents: read permissions improves security clarity and follows GitHub Actions best practices for minimal permission scoping

Testing Performed

• Verify that workflows with updated permissions continue to function correctly for their respective operations (dependabot auto-merge, stale issue checking, and label syncing)
• Confirm that Mage-X v1.13.0 is compatible with existing configurations and executes successfully in CI/CD pipelines
• Validate that the increased AI token limit doesn't cause timeouts or exceed API provider limits
• Test that CVE exclusion mechanisms still function correctly with the placeholder format

Impact / Risk

• Low Risk: Version bump to Mage-X v1.13.0 follows standard minor version update patterns and should be backward compatible
• Security Improvement: Explicit permissions declarations and removal of real CVE examples from documentation improve security posture and prevent cargo-cult configuration
• Behavioral Change: Increased AI token limit may result in longer generation times and higher API costs, but provides more comprehensive output
• No Breaking Changes: All changes are to configuration files and workflow permissions that maintain existing functionality

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[mrz1836]

LGTM!