New signed streams

[palkan]

What is the purpose of this pull request?

Revisit signed streams implementation and introduce a standalone mode—an upgraded version of RPC-less setup suitable for any application (not only Hotwire).

What changes did you make? (overview)

• Added a reserved "$pubsub" channel for direct pub/sub support

• Unifed signed stream controllers implementations

  • Deprecated older sign key options in favor of a single --streams_secret
  • Deprecated cleartext modes for Turbo and CableReady ($pubsub with --public_streams must be used instead)

• Renamed JWT params and simplified terminology (switch focus from identification to authentication for the standalone mode)

• Add no auth mode (--noauth)

• Introduce shortcut configuration options (--secret, --public)

• Introduce --broadcast_key option (instead of older --http_broadcast_secret, but can be used with other broadcasters)

• Auto-generate broadcast key and RPC secret from the application secret (if not set explicitly)

• Added new broadcasting docs (AnyCable server oriented)

• Added new RPC docs

• HTTP broadcaster is enabled by default

Changes in other libraries

• anycable: AnyCable.signed_stream(val) and config.streams_secret and config.secret
• anycable: upgrade HTTP adapter and RPC HTTP to auto-generate auth secrets from the application secret
• anycable: added JWT
• anycable-rails: #signed_stream_name helper
• anycable-rails: JWT integration
• @anycable/core: cable.streamFrom(...) and cable.streamFromSigned(...).
• @anycable/serverless: signStream(name: string): string
• @anycable/serverless: upgrade broadcaster to sign requests

Is there anything you'd like reviewers to focus on?

Check out the docs:

• Getting started (updated)
• RPC
• Signed streams.
• Broadcasting.

Checklist

• I've added tests for this change
• I've added a Changelog entry
• I've updated documentation