fix(deploy): use pnpm 11 allowBuilds key; drop dead package.json pnpm field

pnpm 11 ignores both package.json's pnpm.onlyBuiltDependencies and the
pnpm-workspace.yaml onlyBuiltDependencies key — it reads the build allow-list
from `allowBuilds` (as written by `pnpm approve-builds`). Switch to that so
`pnpm install` compiles better-sqlite3/esbuild/sharp automatically on deploy,
and remove the now-ignored package.json field that emitted a warning.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

package.json

@@ -34,8 +34,5 @@
   },
   "engines": {
     "node": ">=22"
-  },
-  "pnpm": {
-    "onlyBuiltDependencies": ["better-sqlite3", "esbuild", "sharp"]
   }
 }

pnpm-workspace.yaml

@@ -1,9 +1,9 @@
-# pnpm 10+ moved several settings out of package.json's "pnpm" field into
-# this file. `onlyBuiltDependencies` allow-lists packages permitted to run
-# install/build scripts (pnpm now blocks build scripts by default). Without
-# this, better-sqlite3's native binary is never compiled and the server
-# crashes at runtime with ERR_DLOPEN_FAILED / NODE_MODULE_VERSION mismatch.
-onlyBuiltDependencies:
-  - better-sqlite3
-  - esbuild
-  - sharp
+# pnpm 10+ stopped reading build-script settings from package.json's "pnpm"
+# field and blocks dependency build scripts by default. pnpm 11 reads the
+# allow-list from `allowBuilds` here (captured via `pnpm approve-builds`).
+# Without it, better-sqlite3's native binary is never compiled and the SSR
+# server crashes at runtime (ERR_DLOPEN_FAILED / NODE_MODULE_VERSION mismatch).
+allowBuilds:
+  better-sqlite3: true
+  esbuild: true
+  sharp: true