Remove dangerous fallback defaults from docker-compose passwords

Replace :-devpassword and :-dev-secret-change-me with :?error to prevent
silent startup with weak credentials.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docker-compose.yml

@@ -6,7 +6,7 @@ services:
     restart: unless-stopped
     environment:
       POSTGRES_USER: swag
-      POSTGRES_PASSWORD: ${DB_PASSWORD:-devpassword}
+      POSTGRES_PASSWORD: ${DB_PASSWORD:?DB_PASSWORD must be set}
       POSTGRES_DB: swag
     volumes:
       - swag-db-data:/var/lib/postgresql/data
@@ -36,14 +36,14 @@ services:
     container_name: swag-backend
     restart: unless-stopped
     environment:
-      - DATABASE_URL=postgresql://swag:${DB_PASSWORD:-devpassword}@db:5432/swag
+      - DATABASE_URL=postgresql://swag:${DB_PASSWORD:?DB_PASSWORD must be set}@db:5432/swag
       - REDIS_URL=redis://redis:6379
       - STRIPE_SECRET_KEY=${STRIPE_SECRET_KEY}
       - STRIPE_WEBHOOK_SECRET=${STRIPE_WEBHOOK_SECRET}
       - PRODIGI_API_KEY=${PRODIGI_API_KEY}
       - PRINTFUL_API_TOKEN=${PRINTFUL_API_TOKEN}
       - POD_SANDBOX_MODE=${POD_SANDBOX_MODE:-true}
-      - JWT_SECRET=${JWT_SECRET:-dev-secret-change-me}
+      - JWT_SECRET=${JWT_SECRET:?JWT_SECRET must be set}
       - CORS_ORIGINS=${CORS_ORIGINS:-http://localhost:3000}
       - DESIGNS_PATH=/app/designs
       - CONFIG_PATH=/app/config