[stdlib/pg] add scram-sha-256 auth support

[cs01]

Before

Client.connect() rejected AuthenticationSASL (code 10) with
SCRAM-SHA-256 not yet supported — use password_encryption=md5 or trust on the server,
blocking any pg 14+ setup whose default (password_encryption=scram-sha-256) was not overridden.

After

Client.connect() completes the full SCRAM-SHA-256 handshake
(SASLInitialResponse → AuthenticationSASLContinue → SASLResponse →
AuthenticationSASLFinal → AuthenticationOK), including server-signature
verification. md5 / cleartext / trust paths are unchanged.

Description

• New c_bridges/scram-bridge.c exposes four FFI entry points built on
  OpenSSL (HMAC, SHA256, PKCS5_PBKDF2_HMAC with EVP_sha256, RAND_bytes):
  cs_scram_random_nonce_b64, cs_scram_client_first_bare,
  cs_scram_client_final, cs_scram_verify_server_final.
  cs_scram_client_final packs <client-final-message>\x01<server-signature-b64>
  so the ChadScript side gets both values through a single declare function
  return slot (no Uint8Array marshalling needed).
• lib/pg.ts gets a _doScram() method that consumes the SASL frame,
  validates the mechanism list, and drives the three-step exchange using
  direct byte-buffer framing (same style as the existing md5 path).
• Wired into build-vendor.sh, build-target-sdk.sh, compiler.ts,
  native-compiler-lib.ts, and ci.yml (linux + macos release copies and
  verify loops) per CLAUDE.md's 6-step C-bridge checklist.
• New fixture tests/fixtures/stdlib/pg-scram.ts gated on
  PG_SCRAM_TESTS_ENABLED. CI provisions a second user scramuser
  (scram-sha-256-hashed) alongside the md5-hashed postgres user, so both
  auth paths are exercised in the same pg service.
• Verified locally against a POSTGRES_HOST_AUTH_METHOD=scram-sha-256
  postgres:16 container: fixture prints TEST_PASSED. verify:quick green.

LOC: ~270 in scram-bridge.c, ~190 added in lib/pg.ts, ~36 in fixture,
~45 in build/CI wiring.

[github-actions]

Benchmark Results (Linux x86-64)

Benchmark	C	ChadScript	Go	Node	Place
Cold Start	0.8ms	0.8ms	1.2ms	28.6ms	🥇
Fibonacci	0.815s	0.767s	1.574s	3.156s	🥇
Hash Map Lookup	0.091s	0.063s	0.091s	0.112s	🥇
Binary Trees	1.342s	1.248s	2.736s	1.166s	🥈
File I/O	0.120s	0.093s	0.090s	0.207s	🥈
JSON Parse/Stringify	0.035s	0.051s	0.181s	0.136s	🥈
N-Body Simulation	1.668s	2.120s	2.198s	2.379s	🥈
Regex Match	0.016s	0.005s	0.023s	0.005s	🥈
SQLite	0.051s	0.371s	0.498s	0.423s	🥈
Monte Carlo Pi	0.389s	0.410s	0.404s	2.248s	🥉
Quicksort	0.215s	0.246s	0.213s	0.263s	🥉
Sieve of Eratosthenes	0.015s	0.026s	0.018s	0.038s	🥉
String Manipulation	0.008s	0.019s	0.016s	0.036s	🥉
Matrix Multiply	0.444s	0.677s	0.610s	0.367s	#4

CLI Tool Benchmarks

Benchmark	ChadScript	grep	node	xxd	Place
Hex Dump	0.558s	—	1.055s	0.128s	🥈
Recursive Grep	0.020s	0.010s	0.104s	—	🥈