fix(auth): guard process.env access for browser/Vite compatibility

[peteroyce]

Summary

HeaderAuthProvider directly accesses process.env without checking whether the global process object exists. In browser environments (Vite, Webpack without a process polyfill, Parcel, Cloudflare Workers, Deno), this throws a ReferenceError at runtime:

ReferenceError: process is not defined

Root Cause

Optional chaining (process.env?.KEY) only guards against env being null/undefined on an existing process object. If process itself is not defined as a global, the expression throws before optional chaining can help.

Fix

Wrap both process.env accesses with typeof process !== "undefined" guards:

- return options?.[PARAM_KEY] != null || process.env?.[ENV_HEADER_KEY] != null;
+ return options?.[PARAM_KEY] != null || (typeof process !== "undefined" && process.env?.[ENV_HEADER_KEY] != null);

- const headerValue = (await core.Supplier.get(this.options[PARAM_KEY])) ?? process.env?.[ENV_HEADER_KEY];
+ const headerValue = (await core.Supplier.get(this.options[PARAM_KEY])) ?? (typeof process !== "undefined" ? process.env?.[ENV_HEADER_KEY] : undefined);

typeof checks never throw regardless of the runtime environment, making this safe in Node.js, browsers, edge runtimes, and any environment that doesn't define process.

Testing

Existing behaviour is unchanged in Node.js. In browser environments the SDK now gracefully falls back to undefined when DEEPGRAM_API_KEY cannot be read from process.env, instead of crashing.

Closes #349