fix: correct set-password docstring (scrypt, not bcrypt)

The set_password_cmd docstring and inline comment claimed bcrypt /
SHA-256, but the implementation actually uses scrypt via
cryptography.hazmat.primitives.kdf.scrypt. Correct the docstring,
drop the misleading comment, and remove the now-unused hashlib import.

No behavior change.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

vigilar/cli/cmd_config.py

@@ -60,12 +60,9 @@ def show_cmd(config_path: str | None) -> None:
 @config_cmd.command("set-password")
 @click.option("--config", "-c", "config_path", default=None, help="Path to vigilar.toml.")
 def set_password_cmd(config_path: str | None) -> None:
-    """Generate a bcrypt hash for the web UI password."""
+    """Generate a scrypt hash for the web UI password."""
     try:
-        import hashlib
-
         password = click.prompt("Enter web UI password", hide_input=True, confirmation_prompt=True)
-        # Use SHA-256 hash (bcrypt requires external dep, but cryptography is available)
         from cryptography.hazmat.primitives.kdf.scrypt import Scrypt
         import os