Add `bitsocial community export` command (pkc-js 0.0.41 export API)

[Rinse12]

Summary

Upgrade @pkcprotocol/pkc-js from 0.0.40 to 0.0.41 and expose the new community export API (pkcprotocol/pkc-js#100) in the CLI.

Plan

1. Upgrade pkc-js

• npm install --save-exact @pkcprotocol/pkc-js@0.0.41

2. New command: bitsocial community export [ADDRESS]

Triggers an export on the RPC server, streams progress, downloads the finished SQLite snapshot via GET /exports/<exportId>, and verifies its sha256 against the export record.

Flags:

• ADDRESS arg + --name / --publicKey — community lookup (same trio as community get)
• -o, --path — local destination file (default: ./<address>.sqlite)
• --includePrivateKey — ask the RPC server to include the community signer's private key in the export
• --force — overwrite an existing file at the destination
• --quiet — suppress progress output (only print the final file path)
• Ctrl+C cancels the in-flight export via cancelExport()

3. New daemon flag: --allowPrivateKeyExport

Server-side policy passed to the pkc-js WS server options, controlling whether RPC clients may request includePrivateKey exports.

4. Tests

• Export command: happy path, lookup variants, --includePrivateKey, overwrite protection / --force, sha256 mismatch failure
• Daemon flag plumbing

Progress

• Upgrade pkc-js to 0.0.41
• community export command
• daemon --allowPrivateKeyExport flag
• Tests
• Build + full test suite pass

[Rinse12]

Progress update (branch feat/community-export):

• Upgraded @pkcprotocol/pkc-js 0.0.40 → 0.0.41 (exact)
• bitsocial community export [ADDRESS] implemented (src/cli/commands/community/export.ts)
  • Lookup trio (ADDRESS / --name / --publicKey), -o/--path, --includePrivateKey, --force, --quiet
  • Progress percentage streamed to stderr via the exportschange subscription
  • Snapshot downloaded to <dest>.partial, sha256-verified against the export record, then renamed — a corrupted download never clobbers the destination
  • Ctrl+C aborts via AbortSignal → cancelExport() on the server; second Ctrl+C force-exits
• bitsocial daemon --allowPrivateKeyExport (negatable, default true, matching pkc-js) plumbed through startDaemonServer → PKCWsServer
• 11 tests in test/cli/export.community.test.ts (happy path with real HTTP download + sha256 verify, lookup variants, --includePrivateKey, overwrite protection / --force, sha256 mismatch, export error record, non-local community, daemon flag definition) — all passing
• Full npm run test:cli suite running now