fix(server): correct VSR client session routing and lifecycle

[numinnex]

• Drop replicated sessions cluster-wide on disconnect. A lost connection now routes a synthetic Logout to the metadata owner, so the replicated session slot is released everywhere instead of lingering until peer
  eviction.

• Mutate the SessionManager only after the register commits. Login/register no longer flips the connection to Authenticated before submit (with rollback on failure); it submits, awaits the commit (post-quorum),
  then transitions Connected → Bound in one step. A transient submit failure leaves the connection untouched and the SDK replays.

• Split thebootstrap.rs into focused modules — wire, pat, responses, auth, dispatch — leaving bootstrap.rs with cluster boot/recovery/startup only. The request handlers, owner-forwarders
  (submit_*_on_owner), wire-response builders, and credential verification now live next to each other.

[codecov]

Codecov Report

❌ Patch coverage is 3.07477% with 1387 lines in your changes missing coverage. Please review.
✅ Project coverage is 50.23%. Comparing base (8ea5fee) to head (c4951fe).

Files with missing lines	Patch %	Lines
core/server-ng/src/dispatch.rs	0.00%	560 Missing ⚠️
core/server-ng/src/responses.rs	0.00%	531 Missing ⚠️
core/server-ng/src/auth.rs	0.00%	112 Missing ⚠️
core/server-ng/src/pat.rs	0.00%	61 Missing ⚠️
core/shard/src/lib.rs	0.00%	30 Missing and 1 partial ⚠️
core/server-ng/src/session_manager.rs	28.57%	25 Missing ⚠️
core/consensus/src/metadata_helpers.rs	60.41%	19 Missing ⚠️
core/metadata/src/impls/metadata.rs	21.73%	18 Missing ⚠️
core/server-ng/src/wire.rs	0.00%	12 Missing ⚠️
core/server-ng/src/bootstrap.rs	0.00%	8 Missing ⚠️
... and 2 more

❌ Your patch check has failed because the patch coverage (3.07%) is below the target coverage (50.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@              Coverage Diff              @@
##             master    #3407       +/-   ##
=============================================
- Coverage     74.42%   50.23%   -24.20%     
  Complexity      943      943               
=============================================
  Files          1231     1234        +3     
  Lines        120911   107430    -13481     
  Branches      97645    84194    -13451     
=============================================
- Hits          89994    53971    -36023     
- Misses        27958    50764    +22806     
+ Partials       2959     2695      -264     

Components	Coverage Δ
Rust Core	44.56% <3.07%> (-31.02%)	⬇️
Java SDK	58.44% <ø> (ø)
C# SDK	69.41% <ø> (-0.55%)	⬇️
Python SDK	81.06% <ø> (ø)
Node SDK	91.32% <ø> (ø)
Go SDK	40.20% <ø> (ø)

Files with missing lines	Coverage Δ
core/server-ng/src/login_register.rs	74.64% <ø> (+31.04%)	⬆️
core/shard/src/builder.rs	0.00% <0.00%> (ø)
core/shard/src/router.rs	0.00% <0.00%> (ø)
core/server-ng/src/bootstrap.rs	1.65% <0.00%> (-2.68%)	⬇️
core/server-ng/src/wire.rs	0.00% <0.00%> (ø)
core/metadata/src/impls/metadata.rs	33.53% <21.73%> (-1.90%)	⬇️
core/consensus/src/metadata_helpers.rs	56.32% <60.41%> (-35.47%)	⬇️
core/server-ng/src/session_manager.rs	49.04% <28.57%> (-38.64%)	⬇️
core/shard/src/lib.rs	77.86% <0.00%> (-4.83%)	⬇️
core/server-ng/src/pat.rs	0.00% <0.00%> (ø)
... and 3 more

... and 393 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[hubcio]

a few findings landed on unchanged context lines, so they couldn't be attached inline - noting them here:

• login_register.rs:47 - InvalidClientId is never constructed in production (only the enum def, the TryFrom arm and a test). the client_id==0 path it documents is rejected upstream by the header validation and would hit the assert!(client_id != 0) first. reads like deliberate non_exhaustive scaffolding, but if it isn't pinning a future contract it can go.

• login_register.rs:104 - the doc on TryFrom<&LoginRegisterError> for EvictionReason says 'no production caller yet', but surface_login_failure calls it via .is_ok() on the live login/register branches. just drop the stale claim.

• login_register.rs:97 - that TryFrom mapping is only consumed via .is_ok() today; a fn is_terminal(&LoginRegisterError) -> bool would do the same and save the mapping plus the NotEvictable type. documented as scaffolding for the eviction-frame dispatcher though, so fine to keep if that's landing soon.

• session_manager.rs:250 - get_connection / connection_for_client / bound_count / connection_count have no production callers (tests only), and connection_for_client's 'for routing consensus replies' doc is obsolete now that the home shard routes by transport id. safe to delete - keep the client_to_connection map itself, bind_session still needs it. pre-existing, not introduced here.

[numinnex]

/ready