Disallow HTML in translatable strings with linter

⚠ This MR was reviewed on the security repo to keep it confidential during development. Discussion can be viewed there: https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/646

Disallow HTML in translatable strings with linter

Update the gettext linter to disallow HTML in strings that are submitted to Crowdin for translation. Currently this is an XSS attack vector for us and we have to manually verify that the strings coming in from Crowdin contain correctly formatted HTML. Removing all HTML from these strings gets us a step closer to being able to fully automate our translation process as a human no longer needs to verify these strings.

Strings that have angle brackets (</>) in them that are not for HTML can still be translated by using the HTML entities < or >. Please see https://docs.gitlab.com/ee/development/i18n/externalization.html#html for details on how to properly use these symbols.

This is going to be followed up by:

1. A clean up of the existing strings that have HTML in them: #228846 (closed)
2. The addition of a helper to make it easier for developers to work with translatable strings that do need to have formatted content in them: #217935 (closed)

Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/217933