ci: remove duplicate allow-unsafe-pr-checkout key in tend-review

[prql-bot]

Problem

The lint-megalinter job has been failing on main since #6033 merged, blocking check-ok-to-merge. The blocking error is from actionlint:

.github/workflows/tend-review.yaml:56:11: key "allow-unsafe-pr-checkout" is duplicated in "with" section. previously defined at line:47,col:11. note that this key is case insensitive [syntax-check]

The with: section of the actions/checkout@v7 step contained allow-unsafe-pr-checkout: true twice:

• Line 47 — added by the 0.1.7 workflow regen (#6033), the canonical generated form.
• Line 56 — a manual stopgap added in #6038, whose own comment noted it "will be superseded by the next tend 0.1.7 workflow regen."

Both commits merged the same day (#6038 at 13:22, #6033 at 21:53). The regen superseded the stopgap exactly as predicted, but the stopgap block survived into the merged file, leaving the duplicate key.

Solution

Remove the now-redundant manual stopgap block (the comment and duplicate key), keeping the canonical allow-unsafe-pr-checkout: true from the 0.1.7 regen. This restores tend-review.yaml to its generated form — appropriate since the file header says "Do not edit this file directly — it will be overwritten on regeneration." Fork-PR checkout behavior is unchanged; the surviving key still opts in.

Testing

• actionlint flagged only the duplicate key as a blocking error; all other MegaLinter findings in the run were non-blocking.
• Validated the edited file parses as YAML with no duplicate keys (strict loader).
• Confirmed allow-unsafe-pr-checkout now appears exactly once across .github/workflows/.

---

Automated fix for failed run