ci: modernise CI pipeline with improved tooling and workflow structure

Pipeline Modernisation:
- Updated to prek (prefligit renamed to avoid typosquatting)
- Adopted uvx for tool invocation (prek, rustup) without install scripts
- Consolidated workflow steps to run in parallel where possible
- Removed redundant custom actions in favour of direct uvx commands
- Made sccache optional (based on secrets availability) for fork compatibility

Workflow Restructuring:
- Renamed workflows for clarity and consistency:
  * rust-checks.yml → ci-checks.yml (now includes prek linting)
  * clients-element.yml → deploy-element.yml
  * documentation.yml → deploy-docs.yml
  * release-image.yml → release-builds.yml (builds images AND binaries)
  * mirror-images.yml → docker-mirror.yml
- Simplified job and step naming throughout for better readability

Performance Improvements:
- Parallel execution of independent steps (formatting and prek checks)
- Optimised caching strategy for uv and Rust dependencies
- Reduced CI execution time through better parallelisation

Dependency Management:
- Added Renovate configuration for automated dependency updates
- Configured to monitor both .forgejo/ and .github/ workflows
- Set up automatic PR creation for non-major GitHub Actions updates

renovate.json

@@ -22,5 +22,24 @@
     "tikv-jemalloc-ctl",
     "opentelemetry-rust",
     "tracing-opentelemetry"
-  ]
+  ],
+  "github-actions": {
+    "enabled": true,
+    "fileMatch": [
+      "(^|/)\\.forgejo/workflows/[^/]+\\.ya?ml$",
+      "(^|/)\\.forgejo/actions/[^/]+/action\\.ya?ml$",
+      "(^|/)\\.github/workflows/[^/]+\\.ya?ml$",
+      "(^|/)\\.github/actions/[^/]+/action\\.ya?ml$"
+    ]
+  },
+  "packageRules": [
+    {
+      "description": "Group all non-major GitHub Actions updates",
+      "matchManagers": ["github-actions"],
+      "matchUpdateTypes": ["minor", "patch"],
+      "groupName": "github-actions-non-major"
+    }
+  ],
+  "prConcurrentLimit": 3,
+  "prHourlyLimit": 2
 }