[codex] add user-scoped Tolgee credentials

[WendellXY]

Summary

Adds user-scoped Tolgee credential configuration so shared project configs can omit committed API keys while still allowing individual developers to provide credentials locally.

Problem

Tolgee project settings could already carry an api_key, and inline langcodec.toml settings materialize into a temporary Tolgee JSON overlay. That made the project config the only first-class place for a reusable API key. In shared repositories, this pushes teams toward either committing secrets or relying only on the ambient TOLGEE_API_KEY environment fallback.

Root Cause

The Tolgee project loader had no separate user configuration layer. It built the effective Tolgee runtime config solely from .tolgeerc.json or project langcodec.toml, then passed that JSON to the Tolgee CLI. Any key modeled in project config naturally traveled through the JSON config path.

Fix

This change adds discovery for $XDG_CONFIG_HOME/langcodec/config.toml, falling back to ~/.config/langcodec/config.toml, with a small [tolgee] schema for a global API key and optional [tolgee.projects.<project_id>] overrides. Credential precedence is now project apiKey, then user project key, then user global key, with the existing inherited TOLGEE_API_KEY behavior left as the final fallback. User-scope keys are stored on the loaded Tolgee project and injected into the child process environment, so generated overlay JSON does not contain user secrets.

Validation

• cargo test -p langcodec-cli --lib user_config_parses_tolgee
• cargo test -p langcodec-cli --lib resolves_tolgee_credentials_by_precedence
• cargo test -p langcodec-cli --test tolgee_cli_tests
• git diff --check

[Copilot]

Pull request overview

Adds a user-scoped Tolgee credential layer so shared langcodec.toml/.tolgeerc.json files no longer need to embed API keys. The CLI now reads $XDG_CONFIG_HOME/langcodec/config.toml (or ~/.config/langcodec/config.toml), supporting a global [tolgee] api_key and per-project overrides under [tolgee.projects.<project_id>]. The resolved user key is injected into the Tolgee child process via TOLGEE_API_KEY rather than written into the generated overlay JSON, preserving the precedence: project apiKey > user project key > user global key > inherited env.

Changes:

• Introduce UserConfig/UserTolgeeConfig types and load_user_config discovery (with XDG/HOME fallback) in config.rs.
• Resolve the user API key in tolgee.rs, store it on TolgeeProject, and pass it via the child process env in invoke_tolgee; cover precedence with unit and CLI-level tests.
• Unrelated refactors: simplify detect_custom_format with match guards/helpers, tighten an annotate match arm, and drop a redundant into_iter() in normalize.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
langcodec-cli/src/config.rs	Adds user config schema, load_user_config, XDG-aware path discovery, and parse tests.
langcodec-cli/src/tolgee.rs	Resolves user API key with precedence, threads it through TolgeeProject, and sets TOLGEE_API_KEY env on the Tolgee child command.
langcodec-cli/tests/tolgee_cli_tests.rs	Adds end-to-end tests verifying credential precedence and that user keys are never written into the overlay JSON.
langcodec-cli/src/formats.rs	Refactors detect_custom_format into match guards plus helper predicates.
langcodec-cli/src/annotate.rs	Restructures the match arm to use a guard and an explicit no-op branch.
langcodec/src/normalize.rs	Drops redundant .into_iter() in a zip call.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.