fix(audit): correct findings from review round 1

- client: add raise_for_status() in get_latest_release() for non-404 errors (FINDING-001)
- client: add timeout parameter (default 30s) passed to all session.get() calls (FINDING-004/SEC-002)
- cli: replace return with sys.exit(1) in all except blocks (FINDING-002)
- test_cli: remove duplicate test_exits_when_token_missing, assert GITEA_TOKEN in stderr (FINDING-006)
- test_cli: update connection error tests to expect SystemExit(1) after exit code fix
- test_cli: rework token masking test to inject token into exception message (FINDING-007)
- test_client: add test_raises_on_server_error for HTTP 500 path (FINDING-001)
- test_client: add tests for default and custom timeout values (FINDING-004)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

src/gitea_dashboard/cli.py

@@ -41,18 +41,18 @@ def main() -> None:
         repos = collect_all(client)
     except requests.ConnectionError:
         console.print("[red]Erreur : connexion refusee. Verifiez l'URL et le serveur Gitea.[/red]")
-        return
+        sys.exit(1)
     except requests.Timeout:
         console.print(
             "[red]Erreur : delai d'attente depasse. Le serveur Gitea ne repond pas.[/red]"
         )
-        return
+        sys.exit(1)
     except requests.RequestException as exc:
         # Ne jamais afficher le token dans les messages d'erreur
         msg = str(exc)
         if token in msg:
             msg = msg.replace(token, "***")
         console.print(f"[red]Erreur API : {msg}[/red]")
-        return
+        sys.exit(1)
 
     render_dashboard(repos)