fix(node): harden vanillaFallback compatibility fallback for native transport bootstrap failures

[jippylong12]

Summary

This PR improves the Node wrapper's vanillaFallback behavior for a narrow class of native transport bootstrap failures.

Important: this PR does not fix the underlying native browser-mode transport incompatibility. It adds a safer wrapper-level recovery path when the native transport fails before a usable response is received.

Refs #439
Related: #205

What this PR is

• a Node-wrapper compatibility fallback
• a safer implementation of vanillaFallback
• a workaround for specific pre-response native transport failures

What this PR is not

• not a fix to the Rust/native browser-mode transport
• not a claim that browser impersonation now succeeds natively for this target
• not a replacement for investigating the root transport incompatibility

Problem

The native browser-mode transport can fail immediately against a legacy HTTPS target during initial request bootstrap.

A first wrapper fallback patch proved the compatibility idea, but it was too broad and had correctness issues around retries, cookies, abort handling, and fallback boundaries.

Changes

Structural cleanup

• extract the compatibility transport into impit-node/vanilla-fallback.js
• move vanilla-fallback test helpers and TLS fixtures into impit-node/test/vanilla-fallback.helpers.ts

Safer retry scope

• only retry on narrow pre-response / handshake-style failures
• do not retry generic post-send read/write/close failures

Correctness fixes

• preserve multi-value Set-Cookie
• stop advertising zstd from the compatibility transport
• keep compatibility request shaping scoped to the supported browser profile

Abort and cleanup

• wire abort handling through request creation, proxy tunnel creation, and TLS socket creation
• destroy per-request direct HTTPS agent state on abort / error / stream close

Fallback boundaries

• only use the custom compatibility transport when semantics can be preserved:
  • supported browser profile
  • HTTPS target
  • no HTTP/3
  • direct or HTTP(S) proxy only
• delegate unsupported fallback cases to the native vanilla client

Validation

Ran:

• pnpm exec vitest run test/basics.test.ts

Result:

• 276 passed | 3 skipped

Added / updated coverage for:

• compatibility fallback success
• HTTP proxy compatibility fallback
• abort cleanup
• native vanilla delegation for unsupported proxy semantics
• no retry for post-send transport failures

Also manually rechecked the target behavior:

• homepage bootstrap GET succeeded through the compatibility path
• follow-up search POST succeeded through the compatibility path

Follow-up

The native transport incompatibility should still be tracked and fixed separately.