feat(api): add SSE subscriber isolation, token pruning and E2E rate-limit guard

- event-bus: wrap each subscriber.fn call in try/catch so one throwing subscriber cannot kill delivery to all others
- event-bus: log Redis parse errors instead of swallowing them silently; add .catch() on Redis publish promise for async fallback to local delivery
- pruning.ts: new runPruning() deletes expired invite tokens, expired password-reset tokens, and read notifications older than 90 days
- settings.runPruning: expose pruning as adminProcedure mutation
- trpc.ts: E2E_TEST_MODE rate-limit bypass is now a no-op in production (NODE_ENV=production); logs a startup warning if misconfigured

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

packages/api/src/router/settings.ts

@@ -1,4 +1,5 @@
 import { adminProcedure, createTRPCRouter } from "../trpc.js";
+import { runPruning } from "../lib/pruning.js";
 import {
   clearStoredRuntimeSecrets,
   getAiConfiguredStatus,
@@ -26,4 +27,6 @@ export const settingsRouter = createTRPCRouter({
   testGeminiConnection: adminProcedure.mutation(({ ctx }) => testSettingsGeminiConnection(ctx)),
 
   getAiConfigured: adminProcedure.query(({ ctx }) => getAiConfiguredStatus(ctx)),
+
+  runPruning: adminProcedure.mutation(({ ctx }) => runPruning(ctx.db)),
 });