[TTAHUB-5460] Update quality_check workflows to use correct permissions

[thewatermethod]

Description of change

Fix PR Quality Checks workflow failures caused by pull_request events from forked repositories running with a restricted GITHUB_TOKEN.

GitHub intentionally limits the GITHUB_TOKEN to read-only for pull_request events originating from forks, regardless of the permissions: block declared in the workflow. This caused both the diff size advisory and review count advisory steps to fail with:

Resource not accessible by integration

Fix: Replace pull_request with pull_request_target as the workflow trigger. pull_request_target fires in the context of the base branch, giving the token the write permissions it needs to create and update PR comments.

This is safe because the workflow never checks out or executes any code from the PR — it only reads PR metadata via the GitHub API and posts informational comments.

The if: condition on diff_size_check was also updated from github.event_name == 'pull_request' to github.event_name == 'pull_request_target' to match.

Note: Due to how GitHub evaluates workflow triggers (pull_request reads from the head branch; pull_request_target reads from the base branch), this PR cannot trigger the workflow it modifies. The fix takes effect for all subsequent PRs after this is merged to main.

How to test

1. Merge this PR to main
2. Open a new PR (or re-open an existing one) targeting main
3. Confirm that the diff_size_check and review_count_check jobs run and post comments successfully — including from fork PRs

Jira Issue(s)

• https://jira.acf.gov/browse/TTAHUB-5460

Checklists

Every PR

• Linked Jira issue
• JIRA issue status updated
• Code is meaningfully tested
• Meets accessibility standards (WCAG 2.1 Levels A, AA)
• API Documentation updated
• Boundary diagram updated
• Logical Data Model updated
• Architectural Decision Records written
• UI review complete
• QA review complete

[Copilot]

Pull request overview

This PR updates the GitHub Actions “PR Quality Checks” workflow trigger to avoid failures on fork-based PRs caused by the restricted GITHUB_TOKEN permissions when using pull_request.

Changes:

• Switch workflow trigger from pull_request to pull_request_target so the workflow runs in the base-branch context (restoring the ability to create/update PR comments).
• Update the diff_size_check job guard to match the new event name.

Impact assessment: Benefits medium (restores workflow functionality for forks); Risks low (workflow uses actions/github-script only and does not check out or execute PR code).