fix(ci): fix Docker push permissions, macOS disk space, and audit summary overflow

- build-publish-images: replace silent sudo chown failure (2>/dev/null || true)
  with proper error handling and fallback cleanup for all 7 push jobs.
  Root cause: container build jobs create root-owned files, non-container push
  jobs on runner2 couldn't sudo chown without sudoers config.
- tests-misc: add disk cleanup step to cargo-check-all-crate-macos job to free
  space before cargo check (remove Android SDK, old CLT SDKs, etc.)
- security-audit: truncate cargo-audit output to 500 lines before writing to
  GITHUB_STEP_SUMMARY to avoid the 1MB size limit crash.

.github/workflows/tests-misc.yml

@@ -427,6 +427,18 @@ jobs:
     continue-on-error: true
     steps:
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - name: Free disk space
+        run: |
+          echo "Disk space before cleanup:"
+          df -h /
+          # Remove large pre-installed tools to free disk space
+          sudo rm -rf /Library/Developer/CommandLineTools/SDKs 2>/dev/null || true
+          sudo rm -rf /Users/runner/Library/Android 2>/dev/null || true
+          sudo rm -rf /usr/local/share/powershell 2>/dev/null || true
+          sudo rm -rf /usr/local/lib/node_modules 2>/dev/null || true
+          brew cleanup --prune=all 2>/dev/null || true
+          echo "Disk space after cleanup:"
+          df -h /
       - name: Set rust version from env file
         run: |
           RUST_VERSION=$(cat .github/env | sed -E 's/.*ci-unified:([^-]+)-([^-]+).*/\2/')