[CI]: Fix failing email integration test for unauthenticated sends

[Fermionic-Lyu]

Summary

SDK CI is currently red because the integration test suite consistently fails on the email module test should reject unauthenticated email send.

The failing assertion expects an anonymous SDK client to receive an auth error when calling client.emails.send(...), but the latest CI logs show { error: null } instead. This means either the backend behavior changed to allow anon-key email sending, or the integration test no longer matches the intended email auth policy.

Validation

Valid. GitHub Actions on main is failing in the Integration Tests job while typecheck, build, and unit tests pass.

Recent evidence:

• CI run 26549000818 on 2026-05-28 failed only in Integration Tests: https://github.com/InsForge/InsForge-sdk-js/actions/runs/26549000818
• Scheduled integration run 26624558119 on 2026-05-29 failed in the same test: https://github.com/InsForge/InsForge-sdk-js/actions/runs/26624558119
• The latest 20 integration.yml runs on main are failures.

Failure snippet from the latest scheduled run:

FAIL integration-tests/email.test.ts > Email Module > send() > should reject unauthenticated email send
AssertionError: expected null not to be null
❯ integration-tests/email.test.ts:66:25

Relevant Code

• integration-tests/email.test.ts:58 through integration-tests/email.test.ts:68 - creates anonClient, calls emails.send, and asserts error is not null.
• src/modules/email.ts:46 through src/modules/email.ts:55 - Emails.send returns { data, error: null } when the backend responds successfully.
• .github/workflows/ci.yml:103 through .github/workflows/ci.yml:122 - main push CI runs npm run test:integration:ci after typecheck/build/unit tests.
• .github/workflows/integration.yml:18 through .github/workflows/integration.yml:41 - scheduled/manual integration workflow runs the same integration suite.

Steps to Reproduce

1. Run the SDK integration workflow against the configured test backend.
2. Observe integration-tests/email.test.ts > Email Module > send() > should reject unauthenticated email send.
3. The test receives error === null, so the assertion fails.

Expected Behavior

One of these should be true, depending on the intended product policy:

• If custom email sends require an authenticated user, the backend should reject anon-key calls and the SDK should return a structured error.
• If anon-key email sends are intentionally allowed for the configured test project, the integration test should be updated to assert the current supported behavior instead of forcing a 4xx.

Actual Behavior

The backend returns success for the anonymous email send in CI, so the SDK returns { error: null } and the integration suite fails.

Proposed Solution

First confirm the intended email auth policy with backend/product:

• If unauthenticated sends should be blocked, fix backend auth/RLS/config for /api/email/send-raw and keep the test.
• If anonymous sends are allowed under anon key, update or remove this negative integration test and add coverage for the intended policy boundary.

After the policy decision, rerun the scheduled/manual integration workflow and main CI.

Acceptance Criteria

• Main SDK CI is green after typecheck/build/unit/integration jobs.
• Scheduled Integration Tests (Manual) workflow is green.
• emails.send integration coverage matches the intended auth policy.
• If the backend behavior is changed, the test backend configuration is updated so CI exercises the intended production-like policy.