Add depth limit to template AST validation walkers

[lanycrost]

Problem statement

The template evaluation layer enforces maxResolveDepth = 128 during value resolution, but the validation AST walkers (walkTemplateNode, walkStepRefs, walkJSONTemplates) have no depth guard. A deeply nested template (thousands of {{if}}/{{with}}/{{range}} blocks) could exhaust the goroutine stack during admission validation before the evaluator's depth limit ever applies.

Proposed change

Add a depth int parameter (or a shared constant like maxASTDepth = 256) to the recursive walkers in validation.go and step_refs.go. When depth is exceeded, append an error and return instead of recursing further.

const maxASTDepth = 256

func walkTemplateNode(node parse.Node, scope ExpressionScope, errs *[]string, depth int) {
    if depth > maxASTDepth {
        *errs = append(*errs, "template exceeds maximum nesting depth")
        return
    }
    // ... existing switch with depth+1 passed to recursive calls
}

Apply the same pattern to:

• walkStepRefs in step_refs.go
• walkJSONTemplates in validation.go
• rootNameFromNode / rootNameFromCommand / rootNameFromPipe mutual recursion in validation.go

Affected area

• templating

Compatibility / migration

No API change. Internal safety hardening only. All existing tests should continue to pass.

Alternatives considered

• Relying on the Go template parser's implicit depth limits — but the parser doesn't guarantee a specific bound, and defense-in-depth is warranted for a shared library.

Additional context

The evaluator already has maxResolveDepth = 128 (in evaluator.go). This issue brings validation walkers to the same standard. Identified during code review of the core transport and templating changes.