Optimize workflows: use php-ci image for security-scan, fix production-deploy trigger

.gitea/workflows/production-deploy.yml

@@ -22,7 +22,8 @@ jobs:
   test:
     name: Run Tests & Quality Checks
     runs-on: ubuntu-latest
-    if: ${{ !inputs.skip_tests }}
+    # Note: if condition might not work with push events in Gitea
+    # For now, always run tests - we can add skip_tests logic later
     steps:
       - name: Checkout code
         run: |