Address some CodeQL security concerns (#35572)

Although there is no real security problem

modules/auth/password/pwn/pwn.go

@@ -72,7 +72,7 @@ func newRequest(ctx context.Context, method, url string, body io.ReadCloser) (*h
 // Adding padding will make requests more secure, however is also slower
 // because artificial responses will be added to the response
 // For more information, see https://www.troyhunt.com/enhancing-pwned-passwords-privacy-with-padding/
-func (c *Client) CheckPassword(pw string, padding bool) (int, error) {
+func (c *Client) CheckPassword(pw string, padding bool) (int64, error) {
 	if pw == "" {
 		return -1, ErrEmptyPassword
 	}
@@ -111,7 +111,7 @@ func (c *Client) CheckPassword(pw string, padding bool) (int, error) {
 			if err != nil {
 				return -1, err
 			}
-			return int(count), nil
+			return count, nil
 		}
 	}
 	return 0, nil

modules/auth/password/pwn/pwn_test.go

@@ -37,25 +37,25 @@ func TestPassword(t *testing.T) {
 
 	count, err := client.CheckPassword("", false)
 	assert.ErrorIs(t, err, ErrEmptyPassword, "blank input should return ErrEmptyPassword")
-	assert.Equal(t, -1, count)
+	assert.EqualValues(t, -1, count)
 
 	count, err = client.CheckPassword("pwned", false)
 	assert.NoError(t, err)
-	assert.Equal(t, 1, count)
+	assert.EqualValues(t, 1, count)
 
 	count, err = client.CheckPassword("notpwned", false)
 	assert.NoError(t, err)
-	assert.Equal(t, 0, count)
+	assert.EqualValues(t, 0, count)
 
 	count, err = client.CheckPassword("paddedpwned", true)
 	assert.NoError(t, err)
-	assert.Equal(t, 1, count)
+	assert.EqualValues(t, 1, count)
 
 	count, err = client.CheckPassword("paddednotpwned", true)
 	assert.NoError(t, err)
-	assert.Equal(t, 0, count)
+	assert.EqualValues(t, 0, count)
 
 	count, err = client.CheckPassword("paddednotpwnedzero", true)
 	assert.NoError(t, err)
-	assert.Equal(t, 0, count)
+	assert.EqualValues(t, 0, count)
 }