Windows compatible

[gagradebnath]

Windows compatibility hardening + validation pass (tests green, vuln scan clean)

Summary

This improve Windows compatibility across runtime behavior, integration-test ergonomics, and documentation, then validates the result with a full Windows test run and vulnerability scan.

Why

Windows users previously hit a few rough edges:

1. Tilde path expansion did not handle Windows-style home paths.
2. Live integration script execution depended on POSIX shell invocation patterns.
3. Documentation mostly assumed Unix-style workflows.
4. Final Windows validation and security scan status was not fully captured in docs.

What Changed

1. Runtime/path behavior

2. Expanded home-path handling to support both forward-slash and backslash tilde patterns on Windows.

3. Integration/live testing

4. Added a PowerShell wrapper for live tests so Windows users can launch the live script flow directly from PowerShell.

5. Updated integration live test execution path to use the Windows wrapper on Windows hosts.

6. Test reliability on Windows

7. Stabilized home-directory test setup on Windows by aligning environment variables used by UserHomeDir behavior.

8. Documentation updates

9. Added Windows-native quickstart and auth examples (PowerShell build/auth/test usage).

10. Added Windows guidance for live test execution.

11. Updated refactor notes and compatibility tracking docs with completed work, residual risks, and validation outcomes.

Security Notes

1. Static review did not find new obvious command-injection risks in touched paths.
2. Localhost OAuth callback usage remains intentional for loopback auth flows.
3. Non-loopback webhook serving still requires token or OIDC safeguards.
4. Vulnerability scan result: no known vulnerabilities found.

Validation Performed

1. Build sanity check on Windows

2. gog binary built and help output verified.

3. Full test suite on Windows

4. go test ./... passed.

5. Live API sanity check (manual)

6. OAuth credential import and account authorization succeeded.

7. Gmail unread search command returned expected results.

Residual/Out of Scope

1. Makefile remains POSIX-shell oriented for some developer workflows.
2. Live scripts still require a POSIX shell runtime under the hood (wrapper helps launch from PowerShell).

Reviewer Focus

1. Confirm path-expansion behavior is correct and low-risk across platforms.
2. Confirm integration test behavior change on Windows is appropriate.
3. Confirm documentation updates are accurate and complete for Windows users.