bug: use include instead of select in bookings query

[devin-ai-integration]

What does this PR do?

This PR modifies the bookings query handler to use selectAll() instead of selecting specific user fields when fetching user data associated with bookings.

Change: In packages/trpc/server/routers/viewer/bookings/get.handler.ts, the Kysely query that fetches user data now uses .selectAll() instead of explicitly selecting id, name, email, avatarUrl, username, and timeZone.

⚠️ Important Review Notes

This change exposes ALL user fields in the API response, including potentially sensitive fields that were previously filtered out. The original code intentionally selected only safe fields to return.

Reviewers should verify:

• Whether exposing all user columns is the intended behavior
• What additional fields from the users table will now be included in responses
• Whether any sensitive data (password hashes, 2FA secrets, etc.) could be exposed

Mandatory Tasks (DO NOT REMOVE)

• I have self-reviewed the code (A decent size PR without self-review might be rejected).
• I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. N/A - no documentation changes needed.
• I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

1. Make a booking query through the tRPC endpoint
2. Inspect the response to see what user fields are now included
3. Verify whether any sensitive user data is being exposed in the response

Checklist

• I have read the contributing guide
• My code follows the style guidelines of this project

---

Link to Devin run: https://partner-workshops.devinenterprise.com/sessions/7ea2b981b4d44c14bead9e1d51446a35
Smitches ()

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[github-actions]

Hey there and thank you for opening this pull request! 👋🏼

We require pull request titles to follow the Conventional Commits specification and it looks like your proposed title needs to be adjusted.

Details:

Unknown release type "bug" found in pull request title "bug: use include instead of select in bookings query". 

Available types:
 - feat: A new feature
 - fix: A bug fix
 - docs: Documentation only changes
 - style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
 - refactor: A code change that neither fixes a bug nor adds a feature
 - perf: A code change that improves performance
 - test: Adding missing tests or correcting existing tests
 - build: Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)
 - ci: Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)
 - chore: Other changes that don't modify src or test files
 - revert: Reverts a previous commit