Phase 5 cleanup: remove legacy HTML components, fix nav-tree fragment

- Remove old raw! layout components (~app-head, ~app-layout, ~oob-response,
  ~header-row, ~menu-row, ~oob-header, ~header-child) from layout.sexp
- Convert nav-tree fragment from Jinja HTML to sexp source, fixing the
  "Unexpected character: ." parse error caused by HTML leaking into sexp
- Add _as_sexp() helper to safely coerce HTML fragments to ~rich-text
- Fix federation/sexp/search.sexpr extra closing paren
- Remove dead _html() wrappers from blog and account sexp_components
- Remove stale render import from cart sexp_components
- Add dev_watcher.py to auto-reload on .sexp/.sexpr/.js/.css changes
- Add test_parse_all.py to parse-check all 59 sexpr/sexp files
- Fix test assertions for sx- attribute prefix (was hx-)
- Add sexp.js version logging for cache debugging

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

federation/entrypoint.sh

@@ -54,6 +54,7 @@ fi
 RELOAD_FLAG=""
 if [[ "${RELOAD:-}" == "true" ]]; then
   RELOAD_FLAG="--reload"
+  python3 -m shared.dev_watcher &
   echo "Starting Hypercorn (${APP_MODULE:-app:app}) with auto-reload..."
 else
   echo "Starting Hypercorn (${APP_MODULE:-app:app})..."

federation/sexp/search.sexpr

@@ -28,7 +28,7 @@
     (form :method "post" :action action :sx-post action :sx-target "closest article" :sx-swap "outerHTML"
       (input :type "hidden" :name "csrf_token" :value csrf)
       (input :type "hidden" :name "actor_url" :value actor-url)
-      (button :type "submit" :class "text-sm bg-stone-800 text-white rounded px-3 py-1 hover:bg-stone-700" label)))))
+      (button :type "submit" :class "text-sm bg-stone-800 text-white rounded px-3 py-1 hover:bg-stone-700" label))))
 
 (defcomp ~federation-actor-card (&key cls id avatar name username domain summary button)
   (article :class cls :id id