fix: remove findOwnReviewStrict, use findOwnReview directly

The strict authorship check compared reviewer-name to User.Login which
could mismatch. The sentinel is already role-specific (e.g.
<!-- review-bot:sonnet -->) and Gitea's API blocks editing others'
comments (403). Defense-in-depth via login comparison is unnecessary
complexity that introduced a bug. Removed.

cmd/review-bot/main.go

@@ -327,7 +327,7 @@ func main() {
 			// In shared-token mode, skip superseding to avoid clobbering sibling reviews.
 			sharedToken := hasSharedToken(existingReviews, sentinel)
 			if !sharedToken {
-				existing := findOwnReviewStrict(existingReviews, sentinel, *reviewerName)
+				existing := findOwnReview(existingReviews, sentinel)
 				if existing != nil {
 					commentID, err := giteaClient.GetTimelineReviewCommentID(ctx, owner, repoName, prNumber, sentinel)
 					if err != nil {
@@ -594,24 +594,3 @@ func findOwnReview(reviews []gitea.Review, sentinel string) *gitea.Review {
 	}
 	return best
 }
-
-// findOwnReviewStrict is like findOwnReview but also verifies the review
-// was posted by the expected user (defense-in-depth against sentinel injection).
-func findOwnReviewStrict(reviews []gitea.Review, sentinel, expectedLogin string) *gitea.Review {
-	var best *gitea.Review
-	for i := range reviews {
-		if !strings.Contains(reviews[i].Body, sentinel) {
-			continue
-		}
-		if strings.Contains(reviews[i].Body, "~~Original review~~") {
-			continue
-		}
-		if expectedLogin != "" && reviews[i].User.Login != expectedLogin {
-			continue
-		}
-		if best == nil || reviews[i].ID > best.ID {
-			best = &reviews[i]
-		}
-	}
-	return best
-}