refactor: Cleanup git state - commit all staged changes

Major refactoring cleanup:
- Add new controller architecture (class-controller-*.php)
- Add new settings-v2 UI (views/settings-v2/)
- Add new CSS architecture (agentic-sidebar.css, tokens)
- Add esbuild build pipeline (scripts/build.js, package.json)
- Add composer dependencies (vendor/)
- Add frontend src directory (assets/js/src/index.jsx)
- Add documentation files
- Remove old/obsolete files (class-settings.php, old CSS)

This commits all pending changes from previous refactoring efforts.

vendor/symfony/html-sanitizer/Visitor/AttributeSanitizer/AttributeSanitizerInterface.php

@@ -0,0 +1,41 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HtmlSanitizer\Visitor\AttributeSanitizer;
+
+use Symfony\Component\HtmlSanitizer\HtmlSanitizerConfig;
+
+/**
+ * Implements attribute-specific sanitization logic.
+ *
+ * @author Titouan Galopin <galopintitouan@gmail.com>
+ */
+interface AttributeSanitizerInterface
+{
+    /**
+     * Returns the list of element names supported, or null to support all elements.
+     *
+     * @return list<string>|null
+     */
+    public function getSupportedElements(): ?array;
+
+    /**
+     * Returns the list of attributes names supported, or null to support all attributes.
+     *
+     * @return list<string>|null
+     */
+    public function getSupportedAttributes(): ?array;
+
+    /**
+     * Returns the sanitized value of a given attribute for the given element.
+     */
+    public function sanitizeAttribute(string $element, string $attribute, string $value, HtmlSanitizerConfig $config): ?string;
+}

vendor/symfony/html-sanitizer/Visitor/AttributeSanitizer/MetaRefreshAttributeSanitizer.php

@@ -0,0 +1,56 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HtmlSanitizer\Visitor\AttributeSanitizer;
+
+use Symfony\Component\HtmlSanitizer\HtmlSanitizerConfig;
+use Symfony\Component\HtmlSanitizer\TextSanitizer\UrlSanitizer;
+
+/**
+ * Sanitizes the URL embedded in the content attribute of a <meta http-equiv="refresh">
+ * element, since the http-equiv value is not visible from a per-attribute sanitizer.
+ *
+ * The content attribute carries an unrelated value for other meta types (description,
+ * keywords, generator…), which is passed through unchanged.
+ */
+final class MetaRefreshAttributeSanitizer implements AttributeSanitizerInterface
+{
+    public function getSupportedElements(): ?array
+    {
+        return ['meta'];
+    }
+
+    public function getSupportedAttributes(): ?array
+    {
+        return ['content'];
+    }
+
+    public function sanitizeAttribute(string $element, string $attribute, string $value, HtmlSanitizerConfig $config): ?string
+    {
+        if (!preg_match('/^(\s*\d+\s*[;,]\s*url\s*=\s*)(["\']?)(.+?)\2(\s*)$/i', $value, $m)) {
+            return $value;
+        }
+
+        $sanitized = UrlSanitizer::sanitize(
+            $m[3],
+            $config->getAllowedLinkSchemes(),
+            $config->getForceHttpsUrls(),
+            $config->getAllowedLinkHosts(),
+            $config->getAllowRelativeLinks(),
+        );
+
+        if (null === $sanitized) {
+            return null;
+        }
+
+        return $m[1].$m[2].$sanitized.$m[2].$m[4];
+    }
+}

vendor/symfony/html-sanitizer/Visitor/AttributeSanitizer/UrlAttributeSanitizer.php

@@ -0,0 +1,53 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HtmlSanitizer\Visitor\AttributeSanitizer;
+
+use Symfony\Component\HtmlSanitizer\HtmlSanitizerConfig;
+use Symfony\Component\HtmlSanitizer\TextSanitizer\UrlSanitizer;
+
+/**
+ * @author Titouan Galopin <galopintitouan@gmail.com>
+ */
+final class UrlAttributeSanitizer implements AttributeSanitizerInterface
+{
+    public function getSupportedElements(): ?array
+    {
+        // Check all elements for URL attributes
+        return null;
+    }
+
+    public function getSupportedAttributes(): ?array
+    {
+        return ['src', 'href', 'lowsrc', 'background', 'ping', 'action', 'formaction', 'poster', 'cite', 'data', 'codebase', 'archive', 'longdesc'];
+    }
+
+    public function sanitizeAttribute(string $element, string $attribute, string $value, HtmlSanitizerConfig $config): ?string
+    {
+        if (\in_array($element, ['a', 'area'], true) || \in_array($attribute, ['action', 'formaction', 'cite'], true)) {
+            return UrlSanitizer::sanitize(
+                $value,
+                $config->getAllowedLinkSchemes(),
+                $config->getForceHttpsUrls(),
+                $config->getAllowedLinkHosts(),
+                $config->getAllowRelativeLinks(),
+            );
+        }
+
+        return UrlSanitizer::sanitize(
+            $value,
+            $config->getAllowedMediaSchemes(),
+            $config->getForceHttpsUrls(),
+            $config->getAllowedMediaHosts(),
+            $config->getAllowRelativeMedias(),
+        );
+    }
+}