fix(config): load .env from config dir for {env:VAR} substitution

[codedeep]

substitute() only checked process.env for {env:VAR} tokens. If opencode is installed globally it never sees the project .env.

Issue for this PR

Closes #21187
Related: #10458

Type of change

• Bug fix
• New feature
• Refactor / code improvement
• Documentation

What does this PR do?

Without this fix the only way to provide tokens for MCP servers configured
via {env:VAR} in opencode.json is to export them globally in the shell
or hardcode them directly in the config file. Hardcoding secrets in a
git-tracked config is a security risk — accidental commits leak credentials.

This change makes substitute() in config/paths.ts read a .env file
from the same directory as the config file being parsed. Variables found
there act as a fallback: shell/system env always takes priority so existing
workflows are not affected.

Also switches from raw process.env to Env.get() to respect the existing
per-instance environment isolation.

How did you verify your code works?

Defined a test variable only in the project .env (not exported to shell).
Confirmed {env:VAR} in opencode.json resolved correctly at startup.
Also verified projects with no .env file work the same as before.

Screenshots / recordings

N/A — no UI changes.

Checklist

• I have tested my changes locally
• I have not included unrelated changes in this PR

[codedeep]

CI failure on Windows e2e is unrelated — flaky openStatusPopover selector and terminal-reconnect timeout. My change only touches config/paths.ts.