Bundle nonnull deref safety

[hymm]

Objective

The bundle modification structs store nonnull pointers to different metadata of the world. This is to bypass lifetimes and use (mutable) references to the metadata while spawning, inserting, and removing components.

There are three safety contracts to keep in mind when dereferencing these pointers.

1. pointer is dereferencable https://doc.rust-lang.org/std/ptr/index.html#safety
2. lifetime of data that is pointed to valid for lifetime of reference
3. don't violate rust's mutability rules. i.e. if there is an exclusive reference no other references can exist. If there is a shared reference no exclusive reference can exist.

In all of these cases

1. The pointer was originally created from an exclusive reference and so is dereferencable. i.e. has correct alignment, provenance, valid bit representation for the type, etc.
2. The metadata is stored in the world and we hold the exclusive reference world lifetime in the Self struct, so the only way to violate the lifetime is if any operation on the struct changes or removes metadata. So we assert that no operations can change the metadata. In the case of hooks we enforce this by only allowing DeferredWorld access.
3. Can be a little tricky at times. There are places where we create and scope references to make sure this isn't violated. There are extra comments in these cases.

I made this a seperate pr from the other bundle safety so the safety comments could be discussed separately. They end up being a bit verbose and feel like they clutter the code. So I'd appreciate any suggestions for improving the readability here.