feat: WeCom Stream Mode (WebSocket long-connection)

[felix307253927]

Summary

Add WeCom Stream Mode (WebSocket long-connection)

Changes

Testing

• cargo clippy --workspace --all-targets -- -D warnings passes
• cargo test --workspace passes
• Live integration tested (if applicable)

Security

• No new unsafe code
• No secrets or API keys in diff
• User input validated at boundaries

[jaberjaber23]

LGTM. Legitimate WeCom Stream Mode channel adapter. Clean 822-line implementation with proper WebSocket protocol handling (subscribe, ping heartbeat, msg/event callbacks), message deduplication via ring-buffer cache, Zeroizing for secret, outbound message queue, and correct ChannelAdapter trait implementation. Config integration is clean. Please rebase on main.

[jaberjaber23]

This PR has merge conflicts. Please rebase onto the latest main branch and resolve conflicts so we can merge.

[jaberjaber23]

Thanks @felix307253927 — WeCom stream mode via the official WebSocket endpoint (wss://openws.work.weixin.qq.com) is a real feature request. Branch is currently CONFLICTING / DIRTY against main after #1041 landed.

Before re-review:

1. Rebase on current main and resolve the Cargo.lock / channel-module conflicts.
2. Verify token/secret handling across reconnects. The WebSocket client is long-lived — confirm no secrets are logged on reconnect attempts, auth failures, or frame decode errors. Zeroizing on the secret is good; please also audit any tracing::info! / error! calls in the reconnect loop for accidental inclusion.
3. Add tests for: initial auth failure (bad secret), mid-stream disconnect + reconnect, and backpressure when the channel buffer fills.
4. Security Audit was red on the previous run — rebase should help; must be green for merge.

Happy to re-review once rebased.