Make library more GraalVM native-image friendly

[borkdude]

No description provided.

[cmangun]

Code review

Found 2 issues:

1. Security regression: dev auth bypass reintroduced. The branch carries a mock-user injection block (lines 88-96 of hooks.server.ts) that grants is_admin: true to all requests when NODE_ENV !== "production". This block was already removed on master (commits 999038606, 4fb65f49). Because env-schema.ts defaults NODE_ENV to "development" (line 56), any deployment that omits the variable runs fully unauthenticated. The merge-tree shows this file auto-merges without conflict, so the bypass silently re-enters master on merge. (Score: 100 -- confirmed security regression)

https://github.com/cmangun/myverse/blob/5af97610cfb164f7e9e876cd2097b5dedac09b8e/apps/shell/src/hooks.server.ts#L87-L97

https://github.com/cmangun/myverse/blob/5af97610cfb164f7e9e876cd2097b5dedac09b8e/apps/shell/src/lib/security/env-schema.ts#L55-L57

2. 726 merge conflicts. The branch has diverged significantly from master. merge-tree reports 726 conflicts across CI workflows, agent-runtime core files (adapter.ts, run.ts, package.json, Dockerfile), Cargo.lock, and dozens of rename/delete conflicts from the homebase → desktop rename. MarkdownBlock.svelte has an add/add conflict. This PR cannot merge cleanly and will require a rebase or manual conflict resolution. (Score: 85 -- verified via merge-tree)

🤖 Generated with Claude Code

_{- If this code review was useful, please react with 👍. Otherwise, react with 👎.}