feat(phase-b): ship analytics dashboard, alerts, scanner PWA, dedup, audit view

Phase B (Insights & Alerts) PR4-11 in one drop. Builds on the schema +
service skeletons committed in PRs 1-3.

PR4  Analytics dashboard — 4 chart types (funnel/timeline/breakdown/source),
     date-range picker (today/7d/30d/90d), CSV+PNG export per card.
PR5  Alert rail UI + /alerts page — topbar bell w/ live count, dashboard
     right-rail, three-tab page (active/dismissed/resolved), socket-driven
     invalidation. Bell lazy-loads list on popover open to keep cold pages
     fast in non-dashboard routes.
PR6  EOI queue tab on documents hub — filters to in-flight EOIs, count
     surfaces in tab label.
PR7  Interests-by-berth tab on berth detail — replaces the stub.
PR8  Expense duplicate detection — BullMQ job runs scan on create, yellow
     banner on detail w/ Merge / Not-a-duplicate, transactional merge
     consolidates receipts and archives the source.
PR9  Receipt scanner PWA + multi-provider AI — port-scoped /scan route in
     its own (scanner) group with no dashboard chrome, dynamic per-port
     manifest, OpenAI + Claude provider abstraction, admin OCR settings
     page (port-level + super-admin global default w/ opt-in fallback),
     test-connection endpoint, manual-entry fallback when no key is
     configured. Verify form always shown before save — no ghost rows.
PR10 Audit log read view — swap to tsvector full-text search on the
     existing GIN index, cursor pagination, filters for entity/action/user
     /date range, batched actor-email resolution.
PR11 Real-API tests — opt-in receipt-ocr.spec (admin save+test, optional
     real-receipt parse via REALAPI_RECEIPT_FIXTURE) and alert-engine
     socket-fanout spec gated behind RUN_ALERT_ENGINE_REALAPI. Both skip
     cleanly without their gate envs so CI stays green.

Test totals: vitest 690 -> 713, smoke 130 -> 138, realapi +2 opt-in.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

src/lib/services/expense-dedup.service.ts

@@ -69,3 +69,59 @@ export async function markBestDuplicate(expenseId: string): Promise<string | nul
     .where(eq(expenses.id, expenseId));
   return best.candidateId;
 }
+
+/**
+ * Clear the duplicate flag — operator confirmed this is a real expense.
+ * Leaves `dedupScannedAt` populated so the engine doesn't re-flag it.
+ */
+export async function clearDuplicate(expenseId: string, portId: string): Promise<void> {
+  await db
+    .update(expenses)
+    .set({ duplicateOf: null, dedupScannedAt: sql`now()` })
+    .where(and(eq(expenses.id, expenseId), eq(expenses.portId, portId)));
+}
+
+/**
+ * Merge `sourceId` into `targetId`: combine receipt files, archive the
+ * source, and clear the duplicate-of pointer. Both rows must belong to
+ * the same port; runs inside a single transaction so a partial failure
+ * leaves both rows untouched.
+ */
+export async function mergeDuplicate(
+  sourceId: string,
+  targetId: string,
+  portId: string,
+): Promise<void> {
+  if (sourceId === targetId) {
+    throw new Error('Cannot merge an expense into itself');
+  }
+
+  await db.transaction(async (tx) => {
+    const [source] = await tx
+      .select()
+      .from(expenses)
+      .where(and(eq(expenses.id, sourceId), eq(expenses.portId, portId)));
+    const [target] = await tx
+      .select()
+      .from(expenses)
+      .where(and(eq(expenses.id, targetId), eq(expenses.portId, portId)));
+    if (!source || !target) {
+      throw new Error('Source or target expense not found in this port');
+    }
+
+    const mergedReceipts = Array.from(
+      new Set([...(target.receiptFileIds ?? []), ...(source.receiptFileIds ?? [])]),
+    );
+
+    await tx
+      .update(expenses)
+      .set({ receiptFileIds: mergedReceipts })
+      .where(eq(expenses.id, targetId));
+
+    // Archive the source — preserves audit history, keeps any FKs alive.
+    await tx
+      .update(expenses)
+      .set({ archivedAt: sql`now()`, duplicateOf: null })
+      .where(eq(expenses.id, sourceId));
+  });
+}