ci: fix required status check context in main ruleset

[santoshkumarradha]

Problem

The main branch ruleset's required status check context was stored as `"Coverage Summary / coverage-summary"` — the "workflow / job" display format that GitHub's UI uses, not the actual check-run name. GitHub's check-runs API only reports the job name (`"coverage-summary"`), so the matcher could never find a satisfying run on any PR head commit.

Symptom: every open PR (#375, #376, etc.) showed:
```
Coverage Summary / coverage-summary — Expected: Waiting for status to be reported [Required]
```
…even though the workflow was green on the same commit. The successful check and the ghost "Expected" entry sat side-by-side in the GitHub checks UI, and the "Expected" one blocked merge via the ruleset's required-check rule.

Discovered while debugging why #375 and #376 were stuck with seemingly-passing CI. Verified against the raw API:

• Ruleset required context: `"Coverage Summary / coverage-summary"`
• Actual check-run name on head commit: `"coverage-summary"` (app: `github-actions`, app_id: 15368)

Fix

Change the context to `"coverage-summary"` (matches the actual check-run name from the aggregator job in `.github/workflows/coverage.yml`) and pin it to the `github-actions` app (`integration_id: 15368`) so no third-party app can satisfy the required check by posting a status with the same name.

Everything else in the ruleset — merge queue (squash + ALLGREEN), PR review requirements, code-owner review, thread resolution, bypass actors, strict mode — is unchanged.

Notes

• This JSON file is the source of truth. `.github/workflows/sync-rulesets.yml` applies it to the live repo on push to main, so this commit restores consistency between the checked-in config and the running ruleset.
• The live ruleset has already been patched via the API (to unblock fix(security): block serverless re-register bypass of admin revocation (#374) #375 and chore(deps): bump axios from 1.13.5 to 1.15.0 in /sdk/typescript in the npm_and_yarn group across 1 directory #376 immediately). This PR is the durable fix — once merged, Sync Rulesets will re-PUT the same config, so the manual API patch and the checked-in JSON agree.
• The coverage workflow path filter doesn't match `.github/rulesets/**`, so this PR will not itself produce a `coverage-summary` status. It must be merged with admin bypass (same pattern used for ci: parallelize coverage, stop running tests twice per PR #377).

Test plan

• After merge, verify `Sync Rulesets` workflow runs successfully on main
• Open fix(security): block serverless re-register bypass of admin revocation (#374) #375 and chore(deps): bump axios from 1.13.5 to 1.15.0 in /sdk/typescript in the npm_and_yarn group across 1 directory #376 and confirm the "Expected — Waiting for status to be reported" placeholder is gone
• Confirm a new PR against main can satisfy the required check via the normal coverage workflow run