fix(ci): support external and Dependabot PR service test workflows

[vishal-bala]

Motivation

This PR updates the CI flow for external pull requests and Dependabot pull requests without expanding the normal PR path with brittle skip-handling logic.

The first part is making the manual external-PR service-test workflow handle both fork PRs and dependabot[bot] PRs consistently, with clearer check-run messaging and safer checkout behavior. The second part is simplifying the main test workflow after review feedback: instead of having the matrix test job depend on service-tests, both jobs now depend on lint, which preserves normal test coverage for Dependabot PRs without coupling test execution to a skipped service-test job.

Changes

• Update .github/workflows/test-fork-pr.yml to validate both fork PRs and dependabot[bot] PRs, carry the validated pr_number through job outputs, and use it consistently in check-run output.
• Rename the manual workflow and check-run labels from "Fork PR" to "External PR", add richer in-progress/success/failure output with a direct link to the active Actions run, and set persist-credentials: false when checking out external PR code.
• Fold the standalone lint workflow into .github/workflows/test.yml by adding a lint job there and removing .github/workflows/lint.yml.
• Change the main test.yml dependency graph so both service-tests and the matrix test job depend on lint, while service-tests continues to skip Dependabot PRs in the regular workflow.

Note for Reviewers

External PR service tests remain an explicit maintainer-triggered workflow. In the regular test.yml path, lint gates both downstream jobs, service-tests still skips Dependabot PRs, and the main test matrix now runs independently of service-tests rather than trying to infer whether a skipped dependency should unblock it.

---

Note

Medium Risk
Changes are confined to CI configuration but alter workflow/job dependency and skip conditions for PRs (including Dependabot/external runs), which could inadvertently block or skip required checks if misconfigured.

Overview
CI workflows are reworked to better handle external/Dependabot PRs and simplify job gating. The standalone lint.yml workflow is removed and its multi-Python lint matrix is embedded into test.yml, with both service-tests and the main test matrix now depending on lint (and service-tests continuing to skip Dependabot PRs in the regular pull_request path).

The manual external-PR workflow is renamed from “Fork PR” to “External PR”, now accepts both fork PRs and dependabot[bot] PRs, propagates a validated pr_number output, improves check-run messaging with a direct run link, and checks out PR code with persist-credentials: false.

Separately, uv.lock is updated to reflect a redisvl version bump (0.17.1 → 0.18.0).

^{Reviewed by Cursor Bugbot for commit bbb1721. Bugbot is set up for automated code reviews on this repo. Configure here.}

[jit-ci]

🛡️ Jit Security Scan Results

✅ No security findings were detected in this PR

---

^{Security scan by Jit}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: fa184c3103

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 3a968fb. Configure here.}