Use Effect schema decoders for JSON parsing

[cursor]

What Changed

• Refactored VCS project config loading to decode .t3code/vcs.json with a hoisted Schema.fromJsonString decoder and use Option instead of null sentinels for parse/config-path absence.
• Refactored shared DPoP JWT header/payload parsing to use hoisted Schema.fromJsonString decoders instead of JSON.parse plus ad-hoc record traversal.
• Updated DPoP tests to use assert with explicit union narrowing, and added malformed VCS config coverage.

Why

These are small idiomatic Effect improvements that keep parsing behavior schema-driven, make invalid data handling explicit, and preserve the existing fallback/rejection behavior with focused tests.

UI Changes

None.

Checklist

• This PR is small and focused
• I explained what changed and why
• No UI changes; screenshots are not applicable
• No animation/interaction changes; video is not applicable

Validation:

• vp test run packages/shared/src/dpop.test.ts apps/server/src/vcs/VcsProjectConfig.test.ts -> 2 files / 9 tests passed
• vp check -> passed (printed unrelated existing warnings in apps/web/src/components/ChatMarkdown.tsx)
• vp run typecheck -> passed

  

Note

Use Effect Schema decoders for JSON parsing in DPoP verification and VCS config

• Replaces ad-hoc JSON.parse and manual type guards with Effect Schema-based decoders in dpop.ts and VcsProjectConfig.ts
• Adds DpopJwtHeaderPublicJwk schema that forbids private key material and enforces JWK shape, plus strict literal checks for typ and alg fields
• verifyDpopProof now returns 'Invalid DPoP JWT header.' or 'Invalid DPoP JWT payload.' instead of a generic 'Invalid DPoP proof.' when schema validation fails
• VCS config parsing adopts Option-based decoding; invalid or malformed config JSON falls back to 'auto' with a warning log instead of throwing
• Behavioral Change: callers inspecting verifyDpopProof failure reason strings will see more specific messages for malformed inputs

^{Macroscope summarized be97795.}

[github-actions]

🚀 Expo continuous deployment is ready!

• Project → t3-code
• Platforms → android, ios
• Scheme → t3code-preview

	🤖 Android	🍎 iOS
Fingerprint	ae17d94b35f91f9c608a63dadbc3ddd9f4ba056e	313e506a7f15a9c3f15b01d787d68a12382432bf
Build Details	Build Permalink Details Distribution: INTERNAL Build profile: preview:dev Runtime version: ae17d94b35f91f9c608a63dadbc3ddd9f4ba056e App version: 0.1.0 Git commit: 37650d3e0b6702d0ad6560b2d34b3a562821c893	Build Permalink Details Distribution: INTERNAL Build profile: preview:dev Runtime version: 313e506a7f15a9c3f15b01d787d68a12382432bf App version: 0.1.0 Git commit: 37650d3e0b6702d0ad6560b2d34b3a562821c893
Update Details	Update Permalink Details Branch: pr-3060 Runtime version: ae17d94b35f91f9c608a63dadbc3ddd9f4ba056e Git commit: 37650d3e0b6702d0ad6560b2d34b3a562821c893	Update Permalink Details Branch: pr-3060 Runtime version: 313e506a7f15a9c3f15b01d787d68a12382432bf Git commit: 37650d3e0b6702d0ad6560b2d34b3a562821c893
Update QR