Exclude retraction presentations from Discovery Service search

[reinkrul]

Summary

• Retraction VPs (type RetractedVerifiablePresentation) were leaking through GET /internal/discovery/v1/{serviceID} when the query was empty, because sqlStore.search only joins discovery_credential for non-empty queries.
• Added a post-query IsType(retractionPresentationType) skip in the result-assembly loop. SQL-level filtering would require a schema migration (no retraction column exists on presentationRecord).
• Server-side Get() timeline still returns retraction markers (required for replication).

Fixes #4192

Test plan

• New test TestModule_Search/retracted_presentations_are_not_returned fails before the fix and passes after.
• go test ./discovery/... passes.
• Verify the other search() caller (subject-scoped query in store.go:585) is unaffected — retraction VPs have no credentials so they never matched its credentialSubject.id filter.

🤖 Generated with Claude Code

[qltysh]

Coverage Impact

This PR will not change total coverage.

Modified Files with Diff Coverage (1)

Rating	File	% Diff	Uncovered Line #s
	discovery/store.go	100.0%
	Total	100.0%

🚦 See full report on Qlty Cloud »

🛟 Help

• Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

• Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

• File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

  • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.