chore: release v2.1.13-beta.2 (#496) (#497) (#498)

Prerelease that ships the cascade OAuth token-invalidation fix from issue
#495 to npm under the `beta` dist-tag: the 401 handler now detects explicit
token-invalidation responses and returns them to the client instead of
rotating through every account (the rotation itself was tripping OpenAI's
anti-abuse detection and invalidating accounts in sequence). Invalidated
accounts get a monotonic 5-minute cooldown, session affinity is cleared, and
both invalidation exit paths emit a consistent token_invalidated error body.
Also adds a configurable minRotationIntervalMs sticky window.

Carries forward multi-workspace support (beta.1) and the pinned-account 503
diagnostic (beta.0). Stable v2.1.13 will land once the issue #486 root cause
is identified and patched.

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>