Testing flow includes a DeepSource secret

The testing workflow (https://github.com/WeblateOrg/wlc/blob/main/.github/workflows/test.yml) has a DeepSource secret included which would allow a malicious actor to use the DeepSource cli and access parts of the repo (https://deepsource.io/docs/cli/usage). Recommended usage would be to create a GitHub action environment secret and call this at runtime. https://deepsource.io/docs/analyzer/test-coverage#with-github-actions ## Impact Access to the DeepSource environment is gained through the token with the malicious actor able to report artifacts to DeepSource.