♻️ Harden CLI architecture and test coverage

[Robdel12]

Why

This branch is a deep production-readiness pass over the CLI codebase. The goal was to turn the earlier audit into a cohesive cleanup: remove stale compatibility layers, make the runtime boundaries easier to reason about, and add tests around the behaviors users actually rely on instead of preserving implementation details.

A few things stood out in the review:

• Several service modules had become legacy pass-throughs after the newer uploader/server boundaries landed.
• Command tests were uneven, which made broad cleanup riskier than it needed to be.
• Some client package tests depended on real browser installs when they only needed to verify launch behavior.
• Static-site package metadata and the lockfile had drifted from the package itself.

What changed

• Consolidated old service entrypoints into the current uploader, server-manager, screenshot-server, project, and config boundaries.
• Removed dead modules and stale region/build-history helpers that were no longer part of the active runtime path.
• Hardened CLI command behavior for API, baselines, doctor, init, login/logout, review, status, TDD daemon, and whoami flows.
• Tightened SDK behavior so config updates are honored by newly created uploader and TDD services.
• Reworked static-site browser tests to inject the browser registry instead of launching real Playwright browsers just to test options and error messages.
• Refreshed static-site dependencies, upgraded fast-xml-parser, and cleared production audit findings.
• Expanded outcome-oriented tests across commands, server routers, project/uploader services, SDK entrypoints, utility helpers, and package-local Storybook/static-site behavior.

Verification

• npm run lint
• npm run format:check
• npm run test:types
• npm test (2146 pass, 6 skipped; skipped visual tests require X11 in this environment)
• npm run build
• git diff --check
• npm test in clients/storybook
• npm test in clients/static-site
• node --test --test-reporter=spec tests/utils/sitemap.test.js in clients/static-site
• npm audit --omit=dev in clients/static-site (0 vulnerabilities)

[vizzly-testing]

Vizzly - Visual Test Results

CLI Reporter - 3 changes need review

Status	Count
Passed	16
Changed	3
Auto-approved	16

Changes needing review (3)

dashboard-mixed-state · Firefox · 1920×1080 · 2.7% diff

dashboard-mixed-state · Firefox · 375×892 · 16.9% diff

fullscreen-viewer · Firefox · 375×667 · 78.5% diff

Review changes

CLI TUI - 1 change needs review

Status	Count
Passed	4
Changed	1
Auto-approved	4

Changes needing review (1)

vizzly-run-help · 1202×722 · 468.2% diff

Review changes

---

_{rd/cli-tech-debt-audit · 9b44eb92}

[Robdel12]

Superseded by stacked PRs #256-#265.