Trim renderer_password initializer comment

The previous comment restated in English what the code below already
expressed. Cut to the one non-obvious WHY (why the prod branch exists
despite Pro's own JS-side guard). Method names + the raise message
cover the rest.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: ihabadham

config/initializers/react_on_rails_pro.rb

@@ -12,17 +12,9 @@
 
   config.renderer_url = ENV.fetch("RENDERER_URL", "http://localhost:3800")
 
-  # Must match the password in renderer/node-renderer.js.
-  #
-  # Dev/test: blank or unset falls back to the dev default, so .env.example's
-  # literal `RENDERER_PASSWORD=` still works. `.presence` matches the JS
-  # side's `||` fallback (which treats "" as falsy).
-  #
-  # Production: raise loudly if blank, unset, or still the dev default. The
-  # Pro renderer's JS side guards against unset in production but accepts
-  # the literal dev-default value. If someone set the CP secret to the
-  # well-known dev password, both sides would "match" but renderer auth
-  # would be effectively disabled. This closes that gap.
+  # Must match the password in renderer/node-renderer.js. The JS side
+  # guards against unset in production but accepts the literal dev
+  # default; the prod branch here closes that gap.
   config.renderer_password =
     if Rails.env.local?
       ENV["RENDERER_PASSWORD"].presence || "local-dev-renderer-password"