fix: revert investigative changes, keep root cause fixes only

Reverts diagnostic instrumentation and defensive hardening added during
memory leak investigation. Only root cause fixes survive.

Root causes fixed:
- SQLite driver: auto-finalize wrapper + PRAGMAs
- WS routers: delete clientConfigVersions on disconnect (unbounded Map leak)
- WS private router: same + Redis key cleanup

Reverted:
- Memory monitor, rate limiting, request timeouts (diagnostic/hardening)
- shutdownAuditLogger wiring, audit re-queue change, debug logs (cleanup/secondary)
- package-lock.json drift

server/internalServer.ts

@@ -10,8 +10,6 @@ import {
 } from "@server/middlewares";
 import { internalRouter } from "#dynamic/routers/internal";
 import { stripDuplicateSesions } from "./middlewares/stripDuplicateSessions";
-import { requestTimeoutMiddleware } from "./middlewares/requestTimeout";
-import rateLimit from "express-rate-limit";
 
 const internalPort = config.getRawConfig().server.internal_port;
 
@@ -29,25 +27,6 @@ export function createInternalServer() {
     internalServer.use(cookieParser());
     internalServer.use(express.json());
 
-    // Prevent requests from hanging indefinitely. Without this, if a
-    // database query blocks (especially on SQLite), pending requests
-    // accumulate in memory with no upper bound on lifetime.
-    internalServer.use(requestTimeoutMiddleware(30000)); // 30 second timeout
-
-    // Rate-limit the internal verify-session endpoint. This server
-    // handles forward-auth requests from Traefik/Badger. Under heavy
-    // monitoring (e.g. Uptime Kuma), requests can arrive faster than
-    // SQLite can serve them, causing unbounded request queuing and
-    // memory growth.
-    internalServer.use(
-        rateLimit({
-            windowMs: 60 * 1000, // 1 minute window
-            max: 1000, // generous limit: ~17 req/s
-            standardHeaders: true,
-            legacyHeaders: false
-        })
-    );
-
     const prefix = `/api/v1`;
     internalServer.use(prefix, internalRouter);