feat: add privacy-safe request fingerprinting with deduplication and analytics integration

[AlienScroll78]

feat: Request Fingerprinting for Analysis

Adds privacy-safe request fingerprinting to identify and deduplicate unique request patterns
for analytics.

What's changed

• FingerprintService — generates a deterministic SHA-256 hash per request using method, path,
  IP subnet, user-agent, and accept-language. Exposes a windowedKey() helper for time-bucketed
  deduplication.
• FingerprintInterceptor — registered globally via APP_INTERCEPTOR. Deduplicates within a
  1-minute window using an in-memory TTL map, fires AnalyticsService.recordEvent('request',
  'fingerprint', path) on first occurrence, and attaches req.fingerprintHash for downstream use.
• FingerprintModule — wired into AnalyticsModule; AnalyticsModule added to AppModule.

Privacy guarantees

• Full IP is never stored — IPv4 truncated to /24 subnet, IPv6 to /48
• x-forwarded-for is handled but also subnet-truncated
• The fingerprint hash is one-way (SHA-256) and cannot be reversed
• No PII fields are included in the hash input

Testing

18 unit tests covering: hash determinism, subnet truncation, IPv4/IPv6/forwarded-IP handling,
missing header edge cases, deduplication within a window, and separate event recording for
distinct fingerprints.

Also fixes a pre-existing issue where @types/jest was missing from tsconfig.json, causing all
spec files to fail type-checking.

close #654

[drips-wave]

@AlienScroll78 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits