feat: Add Windows disk encryption (BitLocker) check

[dz0ny]

Summary

• Add BitLocker disk encryption check for Windows
• Queries Get-BitLockerVolume via PowerShell, prioritizes OS volume encryption status
• Registered under "System Integrity" claim
• Includes comprehensive tests (9 scenarios)

Ref: https://github.com/teamniteo/pareto/issues/842

Test plan

• Tests pass (go test ./...)
• Manual verification on Windows with BitLocker enabled/disabled

🤖 Generated with Claude Code

[github-actions]

🚀 Dev Builds Available

Development builds for this PR are available in the workflow artifacts.

Available builds:

• Windows (agent, installer, tray)
• Linux (agent)
• macOS (agent)

Download the build artifact to test the latest changes.

[Copilot]

Pull request overview

This PR adds BitLocker disk encryption checking functionality for Windows systems. The implementation queries BitLocker volume status via PowerShell, prioritizes the OS volume's encryption status, and correctly handles various edge cases including single/multiple volumes and JSON parsing scenarios.

Changes:

• Added DiskEncryption check implementation for Windows that queries BitLocker via PowerShell
• Registered the new check under the "System Integrity" claim category
• Added comprehensive test suite covering 9 scenarios including edge cases

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File	Description
checks/windows/disk_encryption.go	New check implementation that queries BitLocker status via PowerShell, with proper JSON parsing and prioritization logic for OS volumes
checks/windows/disk_encryption_test.go	Comprehensive test suite covering all scenarios including encrypted/unencrypted volumes, errors, and edge cases
claims/checks_windows.go	Registered DiskEncryption check under "System Integrity" claim

[github-actions]

Merging this branch will increase overall coverage

Impacted Packages	Coverage Δ	🤖
github.com/ParetoSecurity/agent/checks/windows	79.38% (+1.29%)	👍
github.com/ParetoSecurity/agent/claims	0.00% (ø)
Total	50.86%

---

Coverage by file

Changed files (no unit tests)

Changed File	Coverage Δ	Total	Covered	Missed	🤖
github.com/ParetoSecurity/agent/checks/windows/disk_encryption.go	90.20% (+90.20%)	51 (+51)	46 (+46)	5 (+5)	🌟
github.com/ParetoSecurity/agent/claims/checks_windows.go	0.00% (ø)	0	0	0

Please note that the "Total", "Covered", and "Missed" counts above refer to code statements instead of lines of code. The value in brackets refers to the test coverage of that file in the old version of the code.

Changed unit test files

• github.com/ParetoSecurity/agent/checks/windows/disk_encryption_test.go