fix: use bun:sqlite in production, better-sqlite3 as test-only devDep

Production (Docker): src/lib/db.ts now uses bun:sqlite + drizzle-orm/bun-sqlite.
No native addon compilation needed — bun:sqlite is a Bun built-in. The Dockerfile
drops all native build tools (python3, make, g++) and uses --ignore-scripts.

Tests (Vitest/Node.js): bun:sqlite is unavailable under Node.js, so:
- tests/helpers/db.ts keeps better-sqlite3 + drizzle-orm/better-sqlite3 for
  integration tests that need a real in-memory SQLite
- vitest.config.ts aliases bun:sqlite → a thin better-sqlite3 shim and
  drizzle-orm/bun-sqlite → drizzle-orm/better-sqlite3 for unit tests that
  transitively import src/lib/db.ts without executing any queries
- better-sqlite3 stays as a devDependency (test-only, not built in Docker)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

docker/web/Dockerfile

@@ -4,31 +4,25 @@ FROM oven/bun:1-slim AS base
 WORKDIR /app
 
 FROM base AS deps
-# Install build dependencies for native modules like better-sqlite3
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    python3 \
-    make \
-    g++ \
     openssl \
     ca-certificates \
     && rm -rf /var/lib/apt/lists/*
 COPY package.json bun.lock ./
-RUN bun install --frozen-lockfile
+# --ignore-scripts skips native addon compilation (better-sqlite3 is a test-only devDep;
+# production uses bun's built-in bun:sqlite which needs no compilation)
+RUN bun install --frozen-lockfile --ignore-scripts
 
 FROM base AS builder
 ENV NODE_ENV=production
 ENV NEXT_TELEMETRY_DISABLED=1
-# Set a temporary database path for build
 ENV DATABASE_PATH=/tmp/build.db
 ENV DATABASE_URL=file:/tmp/build.db
 COPY --from=deps /app/node_modules ./node_modules
 COPY . .
-# Build the Next.js application
 RUN bun run build && rm -f /tmp/build.db
 
 FROM base AS runner
-# Accept build args for user/group IDs to support rootless operation
-# Using 10001 as default to avoid conflicts with system users
 ARG PUID=10001
 ARG PGID=10001
 
@@ -36,8 +30,6 @@ ENV NODE_ENV=production
 ENV PORT=3000
 WORKDIR /app
 
-# Create user and group with configurable IDs for rootless operation
-# Remove any existing users/groups with the same UID/GID to avoid conflicts
 RUN (getent group ${PGID} && groupdel $(getent group ${PGID} | cut -d: -f1) || true) && \
     (getent passwd ${PUID} && userdel $(getent passwd ${PUID} | cut -d: -f1) || true) && \
     groupadd -g ${PGID} nodejs && \
@@ -48,23 +40,16 @@ COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
 COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
 COPY --from=builder --chown=nextjs:nodejs /app/package.json ./package.json
 
-# Copy instrumentation file and all required chunks for server startup initialization
 COPY --from=builder --chown=nextjs:nodejs /app/.next/server/instrumentation.js ./.next/server/instrumentation.js
 COPY --from=builder --chown=nextjs:nodejs /app/.next/server/instrumentation ./.next/server/instrumentation
 COPY --from=builder --chown=nextjs:nodejs /app/.next/server/chunks/ ./.next/server/chunks/
-# Copy Drizzle migrations for runtime schema management
 COPY --from=builder --chown=nextjs:nodejs /app/drizzle ./drizzle
 
-# Create data directory for SQLite database with correct ownership
 RUN mkdir -p /app/data && chown -R nextjs:nodejs /app/data
 
-# Copy entrypoint script
 COPY --chown=nextjs:nodejs docker/web/entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 
 EXPOSE 3000
-
-# Run as non-root user (fully rootless)
 USER nextjs
-
 ENTRYPOINT ["/entrypoint.sh"]