fix: use Bun.env instead of $env/dynamic/private to avoid build-time errors

$env/dynamic/private requires env vars to be present at build time.
Bun.env reads them at runtime, which is correct for runtime secrets.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

src/routes/api/send-daily-verse/+server.ts

@@ -1,11 +1,13 @@
 import { json } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
 import { getVerseForDate } from '$lib/server/daily-verse';
-import { CRON_SECRET, DISCORD_DAILY_WEBHOOK } from '$env/dynamic/private';
 
 export const POST: RequestHandler = async ({ request }) => {
+	const cronSecret = Bun.env.CRON_SECRET;
+	const discordWebhook = Bun.env.DISCORD_DAILY_WEBHOOK;
+
 	const authHeader = request.headers.get('Authorization');
-	if (!authHeader || authHeader !== `Bearer ${CRON_SECRET}`) {
+	if (!authHeader || !cronSecret || authHeader !== `Bearer ${cronSecret}`) {
 		return json({ error: 'Unauthorized' }, { status: 401 });
 	}
 
@@ -22,7 +24,11 @@ export const POST: RequestHandler = async ({ request }) => {
 
 	const message = `Today's BIBDLE Verse (${fullDate}): "${verse.verseText}" — ${verse.reference}`;
 
-	const discordResponse = await fetch(DISCORD_DAILY_WEBHOOK, {
+	if (!discordWebhook) {
+		return json({ error: 'Discord webhook not configured' }, { status: 500 });
+	}
+
+	const discordResponse = await fetch(discordWebhook, {
 		method: 'POST',
 		headers: { 'Content-Type': 'application/json' },
 		body: JSON.stringify({ content: message }),