feat(smart-proxy): calculate when SNI is required for TLS routing and allow session tickets for single-target passthrough routes; add tests, docs, and npm metadata updates

readme.hints.md

@@ -493,11 +493,28 @@ const lbRoute = createLoadBalancerRoute(
 );
 ```
 
+### Smart SNI Requirement (v22.3+)
+
+SmartProxy automatically determines when SNI is required for routing. Session tickets (TLS resumption without SNI) are now allowed in more scenarios:
+
+**SNI NOT required (session tickets allowed):**
+- Single passthrough route with static target(s) and no domain restriction
+- Single passthrough route with wildcard-only domain (`*` or `['*']`)
+- TLS termination routes (`terminate` or `terminate-and-reencrypt`)
+- Mixed terminate + passthrough routes (termination takes precedence)
+
+**SNI IS required (session tickets blocked):**
+- Multiple passthrough routes on the same port (need SNI to pick correct route)
+- Route has dynamic host function (e.g., `host: (ctx) => ctx.domain === 'api.example.com' ? 'api-backend' : 'web-backend'`)
+- Route has specific domain restriction (e.g., `domains: 'api.example.com'` or `domains: '*.example.com'`)
+
+This allows simple single-target passthrough setups to work with TLS session resumption, improving performance for clients that reuse connections.
+
 ### Troubleshooting
 
 **"No SNI detected" errors**:
 - Client is using TLS session resumption without SNI
-- Solution: Configure route for TLS termination (allows session resumption)
+- Solution: Configure route for TLS termination (allows session resumption), or ensure you have a single-target passthrough route with no domain restrictions
 
 **"HttpProxy not available" errors**:
 - `useHttpProxy` not configured for the port