chore: add pre-commit hooks, tighten ESLint, activate Sentry DSN, publish CI coverage (Phase 1)

- Install husky v9 + lint-staged: pre-commit runs eslint --fix and prettier on staged files
- Tighten ESLint base config: no-console→error, ban-ts-comment (ts-ignore banned, ts-expect-error with description allowed), reportUnusedDisableDirectives→error
- Migrate web app from deprecated `next lint` to `eslint src/` with flat config and react-hooks plugin
- Convert all 5 @ts-ignore to @ts-expect-error with descriptions, remove stale disable comments
- Add NEXT_PUBLIC_SENTRY_DSN to docker-compose.prod.yml and .env.example
- Add coverage artifact upload step to CI test job
- Pre-existing violations (102 warnings) downgraded to warn in web config for Phase 2 cleanup

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

apps/web/src/app/api/cron/health-check/route.ts

@@ -73,10 +73,7 @@ export async function GET(request: Request) {
   if (deny) return deny;
 
   try {
-    const [postgres, redis] = await Promise.all([
-      checkPostgres(),
-      checkRedis(),
-    ]);
+    const [postgres, redis] = await Promise.all([checkPostgres(), checkRedis()]);
 
     const allHealthy = postgres.status === "ok" && redis.status === "ok";
 
@@ -92,7 +89,6 @@ export async function GET(request: Request) {
       });
 
       if (adminUsers.length > 0) {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
         await createNotificationsForUsers({
           db: prisma as any,
           userIds: adminUsers.map((u) => u.id),
@@ -121,9 +117,6 @@ export async function GET(request: Request) {
     );
   } catch (error) {
     logger.error({ error, route: "/api/cron/health-check" }, "Health check cron failed");
-    return NextResponse.json(
-      { ok: false, error: "Internal error" },
-      { status: 500 },
-    );
+    return NextResponse.json({ ok: false, error: "Internal error" }, { status: 500 });
   }
 }