OTP Application entry point for Accrue (FND-05, D-05).
Empty-supervisor pattern: Accrue is a library, not a service. It does NOT start host-owned components (host Repo, Oban, host ChromicPDF pool, host Finch pool) — the host application's supervision tree owns those (D-33, D-42, Pitfall #4).
Before the supervisor starts we run three boot-time validations:
Accrue.Config.validate_at_boot!/0— validates the current:accrueapplication env against the NimbleOptions schema. Misconfig fails loud, before any state is touched.Accrue.Auth.Default.boot_check!/0— refuses to boot in:prodwhen:auth_adapterstill points at the dev-permissive default (D-40, T-FND-07 mitigation).warn_on_secret_collision/0— emits aLogger.warning/1(not fatal) when the configured Connect webhook endpoint secret is byte-identical to the platform endpoint secret. Stripe issues a SEPARATE signing secret per Connect endpoint in the Stripe Dashboard; mixing them causes silent signature verification failures (Phase 5 Pitfall 5;guides/connect.md).