fix: inline client config into app shell

[OXeu]

Summary

• inline client config into the SPA HTML returned by the worker so the first page load does not need a separate config request
• make the client bootstrap consume the injected config and stop re-fetching client config after startup
• mirror the same injection behavior in Vite dev and add tests for HTML/config bootstrap handling

Testing

• cd server && bun test ./src/runtime/tests/html-config.test.ts ./src/services/tests/config-helpers.test.ts
• cd client && bun run test src/app/tests/bootstrap-config.test.ts
• cd server && bun run check
• cd client && bun run check

[github-actions]

🚀 Preview deployed!

🔗 https://rin-server-pr-477.88799f0e5e3819fb745c9f69b086565a.workers.dev

[github-actions]

🧹 Preview deployment has been cleaned up.

The temporary preview environment for this PR has been deleted.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: bf7bf6fff1

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Await HTML config injection inside SPA fallback

Returning injectClientConfigIntoHtml(...) directly from the try block means any async failure while building client config (DB/S3/cache read) bypasses this catch, because rejected promises are not caught unless awaited. In that failure mode the SPA shell request rejects instead of falling back to the static indexResponse, so transient config-store issues can turn normal page loads into worker errors.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Drop stale cache validators after mutating HTML body

This clones all original asset headers (including validators like ETag/Last-Modified) even though the response body is rewritten with runtime config. Because config can change independently of the static asset, clients may revalidate against an unchanged asset tag and keep using cached HTML with old inline config (or receive 304), so admin config updates are not reliably reflected on reload.

Useful? React with 👍 / 👎.