Add Clerk & GitHub webhook handlers and Inngest pipeline stubs

Receive and verify Clerk and GitHub webhooks, sync to DB, and queue background work — The API now accepts signed Clerk and GitHub webhook events, verifies signatures, synchronizes user/org/membership data to the database, and enqueues typed Inngest events for background processing. GitHub webhook payloads are persisted for audit/replay and database errors are handled so senders won't be retried unnecessarily. Two Inngest pipeline functions were added as safe stubs so end-to-end wiring can be validated before full implementation.

Added secure webhook endpoints for Clerk and GitHub under /webhooks that verify signatures before processing.integrations
Added production-ready signature verification utilities (Svix for Clerk and HMAC-SHA256 timing-safe check for GitHub) in a new webhooks package.auth
Added typed Inngest events and two stub pipeline functions to register background workflows for installation sync and push commit processing.backend
Persisted raw GitHub webhook events to an audit table (best-effort) and queued push events for background processing.database

Mounted webhook routes and updated startup to validate required environment variables (Clerk and GitHub webhook secrets) so misconfiguration fails fast.backend

Added Project lookup by GitHub repo to the database layer to map incoming pushes to internal projects.database
Added end-to-end and unit tests (Vitest + Supertest) covering signature verification, bad signatures, handler behavior, and resilience to DB errors.backend
Updated dev tooling and scripts (test commands, Vitest, ngrok port, and global env) to support webhook development and local testing.devops