What kind of change does this PR introduce?

Bug fix (security)

What is the current behavior?

1. The fast-forward workflow (triggered on pull_request_review approval) fast-forwards main to the PR head SHA without checking if the head repository matches the base repository, then calls the release workflow with secrets: inherit.
   → An approved PR from a fork could execute attacker-controlled code with release tokens (GitHub App, Slack, etc.).

2. viper.ExperimentalBindStruct() + AutomaticEnv() in loadFromEnv() binds all struct fields (including internal toml:"-" fields like Db.Image, Hostname) to SUPABASE_* environment variables.
   → A malicious .env file in a repository could override internal Docker image/host settings, leading to arbitrary container execution when running supabase start.

What is the new behavior?

1. Added explicit check github.event.pull_request.head.repo.full_name == github.repository in release.yml → release workflow only runs for same-repo PRs.

2. Replaced ExperimentalBindStruct() with a custom bindUserConfigEnv() that:

   • Skips fields tagged toml:"-" or json:"-"
   • Only binds user-configurable fields
   • Added test TestEnvOverridesSkipInternalFields

Additional context

This PR fixes two High-severity issues discovered during a security review:

• Workflow secret exposure via fast-forward on PR review
• Internal config override via repo-controlled .env files

Both changes are minimal, backward-compatible, and include tests.

Closes the corresponding internal security findings.