feat(auth): add 'none' auth type for reverse-proxy injected credentials

[NathanRignall]

Summary

• Add none as a new value for --auth-type / CONFLUENCE_AUTH_TYPE.
• When authType === 'none', the client builds requests with no Authorization or Cookie header. Designed for setups where a local reverse proxy injects credentials on the wire (SPNEGO/Kerberos, mTLS-at-edge, header injection).
• validateAuthConfig short-circuits for none, so token / email / cookie / mTLS fields are not required at any layer (CLI flags, env vars, profile file, interactive prompts).
• hasEnvAuth in getConfig accepts CONFLUENCE_AUTH_TYPE=none alone — CONFLUENCE_DOMAIN + CONFLUENCE_AUTH_TYPE=none is enough to drive the env path.
• README: add profile-init example, env-var example, and an explanatory paragraph matching the existing mtls / cookie sections; update the --auth-type flag listing.

Why

Behind a reverse proxy that auto-injects auth headers, users had to invent a placeholder token to satisfy the existing required-credentials checks. A first-class none mode makes the intent explicit and removes the workaround.

Behavior preservation

• All existing auth types (basic, bearer, mtls, cookie) are unchanged.
• none is only selected explicitly — normalizeAuthType still defaults to basic / bearer based on email presence.
• The 401 interceptor gains a none-specific hint pointing at the proxy; other hints are untouched.

Test plan

• npm test — 689/689 pass (+4 new: 2 in tests/config.test.js, 2 in tests/confluence-client.test.js)
• npm run lint — clean
• Manual: node bin/confluence.js init --auth-type none --domain confluence.example.com --protocol https succeeds without prompting
• Manual: pointed CLI at a local Node HTTP inspector with CONFLUENCE_AUTH_TYPE=none — confirmed no authorization / cookie on the outgoing request
• Manual: real round-trip through a reverse-proxy setup works