chore(autonomous-session): consolidate uncommitted work from prior session

Bundles the prior autonomous-session output that was sitting unstaged:

- Em-dash sweep across src/ + tests/ (en-dash/em-dash to hyphen, ~2280 instances)
- country-flag-icons rollout (CountryFlag component, replaces emoji glyphs that
  never rendered on Windows; lazy-loads the 3x2 SVG index as a single chunk
  after the per-subpath dynamic-import approach silently failed in webpack)
- Admin IA Phase 1+2: 7-domain regroup, 41 to 38 pages, /admin/berths index,
  redirects (ocr to ai, reports to dashboard, invitations to users),
  docs/admin-ia-proposal.md
- Per-template email tester (registry + endpoint + UI on Email admin page)
- Cancel-document mode picker (delete-from-Documenso vs keep-for-audit)
- Dashboard PDF report: 25 widgets, SVG charts, date-range picker, 11 resolvers
- Customize-widgets per-region sortables at xl+ (charts/rails/feed); single
  flat sortable below xl when the layout stacks; per-viewport saved orders
- Audit doc updates capturing each shipped item
- Lint fixes: react-compiler immutability in DonutChart (reduce instead of
  let-reassign), set-state-in-effect disables in CountryFlag and
  UploadForSigning preview-bytes effect, unused 'confirm' destructures in
  interest contract + reservation tabs, unescaped apostrophe in test-template
  card copy

src/lib/email/shell.ts

@@ -4,9 +4,9 @@
  * don't each inline a different copy of the boilerplate.
  *
  * Per-port branding (R2-H15):
- *   - logoUrl       — replaces the default Port Nimara logo image
- *   - primaryColor  — used for the page-title accent color
- *   - emailHeaderHtml / emailFooterHtml — admin-authored HTML that
+ *   - logoUrl       - replaces the default Port Nimara logo image
+ *   - primaryColor  - used for the page-title accent color
+ *   - emailHeaderHtml / emailFooterHtml - admin-authored HTML that
  *     appears above / below the body content (e.g. legal footer,
  *     custom marketing strip). When unset, the existing minimal
  *     "Thank you, {{portName}} CRM" sign-off is rendered by callers.
@@ -18,7 +18,7 @@
 
 import { absolutizeBrandingUrl } from '@/lib/branding/url';
 
-// Neutral defaults — no tenant-specific imagery leaks across ports.
+// Neutral defaults - no tenant-specific imagery leaks across ports.
 // When branding hasn't been configured the email renders without a logo
 // and on a plain off-white background. Admins upload their own assets via
 // /admin/branding which then flow through via getPortBrandingConfig().
@@ -100,12 +100,12 @@ export function brandingPrimaryColor(branding?: BrandingShell | null): string {
  * URL-safe escaper for `href="..."` interpolations inside email
  * templates. The email-deliverability audit flagged that every template
  * inlined `${data.link}` directly into href + visible text without
- * escaping — a `"` (or worse, a `javascript:` scheme) would break out
+ * escaping - a `"` (or worse, a `javascript:` scheme) would break out
  * of the attribute or trigger an XSS when the recipient opens the email
  * in a webmail client that runs scripts.
  *
  * Two-step defense:
- *  1. Scheme allow-list — only http(s), mailto, tel survive; everything
+ *  1. Scheme allow-list - only http(s), mailto, tel survive; everything
  *     else (javascript:, data:, vbscript:, file:, …) is rewritten to
  *     `about:blank`.
  *  2. HTML-attribute escape on `"`, `<`, `>`, `&`, `'`, backtick.
@@ -120,7 +120,7 @@ export function safeUrl(url: string | null | undefined): string {
     lower.startsWith('https://') ||
     lower.startsWith('mailto:') ||
     lower.startsWith('tel:') ||
-    // Relative or root-relative paths are also acceptable — they
+    // Relative or root-relative paths are also acceptable - they
     // resolve against the host the email links to (rare in transactional
     // mail but used by tracking pixels and unsubscribe headers).
     lower.startsWith('/') ||