lint: add fetch-templating rule to validate version templates

[AbduAzim424]

This PR introduces a new linter rule, fetch-templating, which validates that package fetch sources and git-checkouts use proper version templating to prevent version drift and ensure reproducible builds. This addresses the class of issues that previously allowed outdated package sources to go unnoticed, such as hardcoded URLs that don't update when package versions change.

Details:

• Rule Name: fetch-templating
• Severity: Warning level

Validation Logic:

• The linter operates directly on raw YAML (pre-template expansion) to validate the actual uri, tag and ref
• For single version-bearing source: Must use any template variable
• For multiple version-bearing sources: At least one must use version-aware templates
• Detects hardcoded package versions in non-templated sources when templates exist elsewhere
• Only validates version-bearing sources (fetch URLs and git tags, not branches/refs)

Example:

fetch-templating): py3-jeepney.yaml
2026/01/20 17:34:30 ERRO Package: py3-jeepney: [fetch-templating]: source lacks templated variables: (git tag) 0.8 (WARNING)

(fetch-templating): tinyxml.yaml
2026/01/20 17:35:28 ERRO Package: tinyxml: [fetch-templating]: source lacks templated variables: (fetch URL) https://downloads.sourceforge.net/tinyxml/tinyxml_2_6_2.tar.gz (WARNING)