Fixes data loss bug where moderationType and contentWarnings
would be erased if not explicitly provided in update request.

Previously, omitting these fields in an update request would
remove them from the PDS record. Now follows the same pattern
as other optional fields (displayName, description, etc.) by
preserving existing values when not being updated.

Impact: Prevents accidental erasure of moderation configuration
when updating other community properties.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

Implements social.coves.community.update endpoint for updating
community profiles (displayName, description, visibility, etc.).

Changes:
- Add UpdateHandler with XRPC endpoint support
- Register update route in community routes
- Uses community's own PDS credentials (V2 architecture)
- Preserves OAuth TODO for production deployment

Related: Update endpoint was defined in service layer but had
no HTTP handler or route registration.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

V2.0 Communities Architecture: PDS-Managed Keys & Password Encryption

This major refactor simplifies community provisioning by delegating all
cryptographic operations to the PDS, enabling faster shipping and better
atProto compliance.

Key Changes:
- Password encryption (not hashing) for session recovery
- PDS-managed DID and key generation
- Removed Coves-side DID generator
- Local PLC directory for E2E testing
- Comprehensive integration tests

Architecture Benefits:
- Simpler codebase (less cryptography to maintain)
- Faster community creation
- Standard atProto migration support
- Better separation of concerns

Migration Path:
- V2.0 (current): PDS-managed keys, Coves-to-Coves migration
- V2.1 (future): Optional Coves rotation key for external migration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

Update development configuration and project documentation to reflect
V2.0 architecture changes and improve code review guidelines.

Changes:
- .env.dev: Add PLC directory configuration for local development
- CLAUDE.md: Enhance PR review checklist with V2-specific concerns

Documentation Updates:
- Clarify atProto write-forward architecture requirements
- Add federation and DID resolution verification steps
- Improve security review checklist
- Add performance and testing coverage guidelines

Environment Updates:
- Configure PLC_DIRECTORY_URL for local PLC directory
- Update IS_DEV_ENV flag documentation

These changes support better code review practices and local
development workflow for V2.0 communities.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

Remove unused dependencies that were only needed for Coves-side DID
generation and key management, which has been delegated to the PDS
in V2.0 architecture.

Changes:
- Remove unused crypto libraries
- Update go.mod and go.sum after dependency cleanup
- Simplify dependency tree

The PDS now handles all cryptographic operations for community DIDs,
reducing our dependency footprint and maintenance burden.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

Remove Coves-side DID generator in favor of PDS-managed DID generation.

Removed Files:
- internal/atproto/did/generator.go
- internal/atproto/did/generator_test.go

Rationale:
V2.0 architecture delegates all DID and key management to the PDS for:
- Bluesky PDS cannot handle record imports created outside the PDS.
- No complex cryptography
- Standard atProto compliance (PDS owns community identity)

The PDS now handles:
- DID generation (did:plc format)
- Signing key generation and storage
- Rotation key generation and storage
- PLC directory registration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>