feat: replace is_pro boolean with entitlements array in JWT claims

[devin-ai-integration]

Summary

Replaces the is_pro boolean JWT claim with a more flexible entitlements array containing all of the user's active Stripe Entitlements. This is more future-proof: adding new Stripe Features requires no code changes.

Before: { "is_pro": true } based on any active/trialing subscription
After: { "entitlements": ["hyprnote_pro", "other_feature", ...] } based on Stripe active_entitlements

The frontend (billing.tsx) now:

• Exposes entitlements: string[] for future feature gating
• Derives isPro from entitlements.includes("hyprnote_pro")

Review & Testing Checklist for Human

• CRITICAL: Create Feature in Stripe Dashboard with lookup_key = 'hyprnote_pro' and attach it to your Pro product BEFORE deploying. Without this, all Pro users will lose access.
• Verify stripe.active_entitlements table is being populated by stripe-sync-engine webhooks in your environment
• Confirm no other services/code consume the JWT expecting is_pro boolean (this is a breaking change to JWT structure)
• Test with a real Pro subscriber to confirm they get entitlements: ["hyprnote_pro"] in their JWT after migration
• Run the SQL tests locally with supabase test db to verify the test cases pass

Recommended test plan:

1. In Stripe Dashboard (test mode), go to Product catalog → Features → Create feature with lookup_key hyprnote_pro
2. Attach the feature to your Pro product
3. Run supabase migration up --local to apply the migration
4. Run supabase test db to verify tests pass
5. Create a test subscription and verify the entitlement syncs to stripe.active_entitlements
6. Verify the JWT contains entitlements: ["hyprnote_pro"] for the subscribed user
7. Verify the desktop app correctly shows Pro status

Notes

• The lookup_key = 'hyprnote_pro' is hardcoded in billing.tsx. If you want a different key, update both the Stripe Feature and the frontend code.
• This depends on Stripe's Entitlements feature being available on your Stripe plan.
• The entitlements array is sorted alphabetically and will contain all active entitlements for the user.

Link to Devin run: https://app.devin.ai/sessions/e407499d03e44a6881ccea898edda98d
Requested by: yujonglee (@yujonglee)

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR that start with 'DevinAI' or '@devin'.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[netlify]

✅ Deploy Preview for hyprnote-storybook ready!

Name	Link
🔨 Latest commit	711c8fb
🔍 Latest deploy log	https://app.netlify.com/projects/hyprnote-storybook/deploys/6937a9c4c926270008a0a94b
😎 Deploy Preview	https://deploy-preview-2179--hyprnote-storybook.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for hyprnote ready!

Name	Link
🔨 Latest commit	711c8fb
🔍 Latest deploy log	https://app.netlify.com/projects/hyprnote/deploys/6937a9c4b6df350008636eb4
😎 Deploy Preview	https://deploy-preview-2179--hyprnote.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}