fix: ensure we're not persisting credentials after checkouts

[jmeridth]

This PR adds security configuration to GitHub Actions workflows by setting persist-credentials: false for checkout actions. This prevents GitHub credentials from being persisted in the Git configuration after repository checkout, reducing potential security risks from credential exposure.

• Added persist-credentials: false to all actions/checkout@v5 steps across multiple workflow files
• Ensures credentials are not available to subsequent steps that don't explicitly need them
• Maintains existing workflow functionality while improving security posture

[Copilot]

Pull Request Overview

This PR adds security hardening to GitHub Actions workflows by preventing credential persistence after checkout operations. The change ensures that Git credentials are not left accessible in the workspace after the initial checkout, reducing potential security risks.

• Adds persist-credentials: false to all actions/checkout steps across workflow files
• Applies this security measure consistently to CI, linting, release, site deployment, and post-merge workflows

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
.github/workflows/site.yml	Adds credential non-persistence to site deployment workflow checkout
.github/workflows/release.yml	Adds credential non-persistence to release workflow checkout
.github/workflows/post-merge.yml	Adds credential non-persistence to post-merge workflow checkout
.github/workflows/lint.yml	Adds credential non-persistence to lint workflow checkout
.github/workflows/ci.yml	Adds credential non-persistence to both CI and acceptance test job checkouts

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}