feat: polymorphic dataflow IR and top-level logic operators (PR-04)

[shivasurya]

Summary

• Fix DataflowMatcher to accept any matcher type via _normalize_matchers() duck-typing helper — previously calls_on() as a single sink crashed with 'TypeConstrainedCallMatcher' object is not iterable
• Implement executeLogic() in Go loader.go for top-level Or/And/Not operators with recursive ExecuteRule() dispatch and deduplication
• Update MatcherType union in logic.py with TypeConstrainedCallMatcher and ReturnTypeCallMatcher
• End-to-end: flows(to_sinks=calls_on("Cursor", "execute")) now works Python → JSON IR → Go execution

Test plan

• 23 new Python tests (normalize_matchers, flows+calls_on, flows+Or/And, JSON round-trip)
• 6 new Go tests (logic_or union/dedup/mixed, logic_and intersection, logic_not exclusion, error handling)
• 362 total Python tests passing, 98% coverage
• All Go DSL tests passing, 0 lint issues

🤖 Generated with Claude Code

[safedep]

SafeDep Report Summary

No dependency changes detected. Nothing to scan.

_{This report is generated by SafeDep Github App}

[codecov]

Codecov Report

❌ Patch coverage is 65.78947% with 26 lines in your changes missing coverage. Please review.
✅ Project coverage is 83.17%. Comparing base (f49ddf2) to head (5319695).

Files with missing lines	Patch %	Lines
sast-engine/dsl/loader.go	65.78%	15 Missing and 11 partials ⚠️

Additional details and impacted files

@@                        Coverage Diff                        @@
##           feat/python-sdk-calls-on-pr03     #566      +/-   ##
=================================================================
- Coverage                          83.26%   83.17%   -0.09%     
=================================================================
  Files                                144      144              
  Lines                              18002    18077      +75     
=================================================================
+ Hits                               14989    15036      +47     
- Misses                              2461     2477      +16     
- Partials                             552      564      +12     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.