CI: pull_request_target lint/test checks out base branch instead of PR head

## Summary
`codetests.yml` runs on `pull_request_target`, but each job uses `actions/checkout` without an explicit PR ref/repository.

On fork-based PRs, this checks out upstream `main` instead of the PR head commit, so lint/test output can report unrelated failures from `main`.

## Reproduction
1. Open a PR from a fork.
2. Trigger `test-and-lint` (`pull_request_target`).
3. In logs, observe checkout resolving to `origin/main` (base branch), not the PR head SHA.

Observed in: https://github.com/Unpackerr/unpackerr/pull/618

## Expected
For `pull_request_target`, checkout should target the PR head repository + SHA so CI validates the actual PR changes.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CI: pull_request_target lint/test checks out base branch instead of PR head #619

Summary

Reproduction

Expected

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CI: pull_request_target lint/test checks out base branch instead of PR head #619

Description

Summary

Reproduction

Expected

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions