feat(passkeys): Add passkey manager functions

Because:
- The passkey routes needs to enforce business rules before touching the database

This commit:
- Implements PasskeyManager with the full passkey lifecycle: register, post-auth update, list, rename, delete, and bulk delete
- Guards maxPasskeysPerUser config with @min(1) to prevent accidentally disabling registration
- Adds unit and integration tests for the manager

Closes #FXA-13064

Author: vpomerleau

libs/accounts/passkey/src/lib/passkey.config.ts

@@ -52,7 +52,7 @@ export class PasskeyConfig {
    * Maximum number of passkeys a user can register.
    */
   @IsNumber()
-  public maxPasskeysPerUser?: number;
+  public maxPasskeysPerUser!: number;
 
   /**
    * Challenge expiration timeout in milliseconds.

libs/accounts/passkey/src/lib/passkey.errors.ts

@@ -24,7 +24,7 @@ export class PasskeyError extends BaseError {
   /** WebAuthn credential ID (when applicable) */
   readonly credentialId?: string;
   /** Additional structured context */
-  readonly context: Record<string, any>;
+  readonly context: Record<string, unknown>;
 
   /**
    * Creates a PasskeyError.
@@ -42,7 +42,7 @@ export class PasskeyError extends BaseError {
     message: string,
     info: { errno?: number; uid?: string; credentialId?: string } & Record<
       string,
-      any
+      unknown
     >,
     cause?: Error
   ) {