fix(deny): use cargo-deny-action for cleaner output

[gakonst]

Problem

The raw cargo deny output can be extremely long when there are many advisories, making CI logs undownloadable. See: https://github.com/paradigmxyz/reth/actions/runs/21636859906/job/62367458011?pr=21648

Solution

Use EmbarkStudios/cargo-deny-action instead of running cargo deny directly. This action:

• Parses JSON output and creates GitHub annotations
• Keeps logs clean and concise
• Makes issues clickable in PRs

Proposed change to .github/workflows/deny.yml

jobs:
  cargo-deny:
    name: cargo deny check
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: dtolnay/rust-toolchain@master
        with:
          toolchain: ${{ inputs.rust-toolchain }}
      - uses: EmbarkStudios/cargo-deny-action@v2
        with:
          command: check all
          arguments: ${{ inputs.deny-flags }}

cc @DaniPopes