fix!: centralize env credentials and remove inline tokens

[ReenigneArcher]

Description

Introduce src/configs/credentials.ts to load credentials from environment (dotenv) and expose getCredentials(). Modify loadEnv() to return both parsed config and credentials, and propagate credentials into loadConfig(). Update providers to read tokens via getCredentials() and accept optional tokens, removing direct token fallbacks. Adjust ProvidersMap.guessProviders to check credentials. Clean up types: remove deprecated token fields from provider configs to encourage using env/credentials. Update README to mention CONTRIBKIT_* environment variables. Note: this is a breaking change for code that previously set provider tokens directly in the config; tokens should now be provided via env vars or the new credentials API.

Screenshot

Issues Fixed or Closed

Roadmap Issues

Type of Change

• feat: New feature (non-breaking change which adds functionality)
• fix: Bug fix (non-breaking change which fixes an issue)
• docs: Documentation only changes
• style: Changes that do not affect the meaning of the code (white-space, formatting, missing semicolons, etc.)
• refactor: Code change that neither fixes a bug nor adds a feature
• perf: Code change that improves performance
• test: Adding missing tests or correcting existing tests
• build: Changes that affect the build system or external dependencies
• ci: Changes to CI configuration files and scripts
• chore: Other changes that don't modify src or test files
• revert: Reverts a previous commit
• BREAKING CHANGE: Introduces a breaking change (can be combined with any type above)

Checklist

• Code follows the style guidelines of this project
• Code has been self-reviewed
• Code has been commented, particularly in hard-to-understand areas
• Code docstring/documentation-blocks for new or existing methods/components have been added or updated
• Unit tests have been added or updated for any new or modified functionality

AI Usage

• None: No AI tools were used in creating this PR
• Light: AI provided minor assistance (formatting, simple suggestions)
• Moderate: AI helped with code generation or debugging specific parts
• Heavy: AI generated most or all of the code changes

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0.00%. Comparing base (cc193a6) to head (db57c1b).
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@     Coverage Diff      @@
##   master   #77   +/-   ##
============================
============================

---

Continue to review full report in Codecov by Harness.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cc193a6...db57c1b. Read the comment docs.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud