Release CQ: stage-batch1 — 3-PR low-risk batch (v0.51.119) — tool cards / 404 recovery / Hepburn skin

[nesquena-hermes]

Release CQ — v0.51.119 — stage-batch1 — 3-PR low-risk batch

First "no-intervention" tier batch from the May 24 sweep. Three small contributor PRs that are mechanical, narrowly-scoped, and pre-cleared by Opus advisor:

PR	Author	LOC	Surface	Risk
#2801	@ai-ag2026	+24/-2	static/messages.js (done handler)	very low — mirrors existing block, adds regression test
#2808	@chouzz	+5/-4	static/sessions.js (boot 404 handler)	very low — narrows a stuck-empty-state edge case
#2799	@gavinssr	+49/-2	new "Hepburn" skin (CSS+registry)	very low — pure additive theme

Cherry-picks

1e5f20f5 fix: preserve settled tool cards after stream completion           (#2801)
21481e85 fix(ui): recover from stale /session/{id} on boot-time 404         (#2808)
75fdadd4 feat: add Hepburn skin (magenta-rose palette)                      (#2799)
1ffac74a Stamp CHANGELOG for v0.51.119 + test fix-ups for skin & 2808

Pre-Opus gate

Check	Result
node -c on all touched JS	PASS
Python ast.parse (no .py files in PRs)	N/A
Merge-marker grep	clean
CHANGELOG placeholder grep	clean
String-assertion sweep (Shape-A/B/C)	found 3 traps, all auto-fixed in stamp commit
New regression test from #2801	passes
Full pytest (6259 passed, 7 skipped)	green

Test fix-ups in stamp commit (mechanical, no behavior change)

Three pre-existing tests asserted against literal strings that PRs #2799 and #2808 changed. Per references/skin-scoped-css-test-trap.md and references/string-assertion-stage-traps.md, auto-fix in the stage commit (not push back to contributors):

1. tests/test_sprint20b.py — 5 send-btn tests used css.find('.send-btn{') which now matches Hepburn's :root[data-skin="hepburn"] .send-btn{ first. Added _find_global_selector() helper that skips skin-scoped lines. Will protect future skin PRs.
2. tests/test_batch_fixes.py — test_panels_hydrates_appearance_before_models_fetch updated to match the new const skinVal=(localStorage.getItem('hermes-skin')||settings.skin||'default').toLowerCase(); literal from feat: add Hepburn skin (magenta-rose palette) #2799.
3. tests/test_stale_empty_session_restore.py — test_load_session_clears_saved_stale_404_and_rethrows_to_boot updated to reflect PR fix(ui): recover from stale /session/{id} on boot-time 404 #2808's new contract (no longer requires localStorage.getItem('hermes-webui-session')===sid equality, but adds history.replaceState assertion).

Opus advisor verdict

Verdict: SHIP all three (severity: none/low). The PR #2808 edge case is worth a one-line followup mention in the release notes if Nathan wants to call it out, but it's not a blocker — the previous behavior was arguably the bug, since /session/{id} URL is the user's explicit intent. Pre-existing test-isolation cascade is unrelated and reproducing on master baseline confirms it's not introduced here.

PR #2808 edge case (Opus-flagged): if user lands on a stale /session/{bad_id} URL while localStorage held a different valid session id, the new code clears localStorage and replaceStates to /. After this they get empty-state instead of recovering to the valid localStorage session on next refresh. The author explicitly framed this as "Option A" (URL = source of truth at boot); defensible.

What's NOT in this batch

Deferred to later batches (each needs more eyes):

• fix: add do_OPTIONS handler for CORS preflight requests #2790 (CORS preflight) — touches server.py network entry, resubmit of closed fix: add do_OPTIONS handler for CORS preflight requests #2750
• fix: prevent state.db messages being silently dropped during sidecar merge #2788 (state.db merge fix) — touches DB merge contract, data-loss bug class
• fix: align messaging session display counts #2797 (display counts) — touches api/routes.py, needs Opus deep look
• fix(compression): ignore tool output for compaction cards #2803 (compression marker consolidation) — touches api/streaming.py