refactor: add i18n governance report

[limityan]

Summary

• Add i18n:audit -- --report-json <path> support for a machine-readable governance snapshot covering confirmed unused keys, dynamic-key candidates, shared-term duplicates, and l10n quality candidates.
• Add scripts/i18n-dynamic-key-allowlist.json for documented dynamic key contracts such as installer error-code mapping, metadata labelKey/descriptionKey usage, and template-generated keys.
• Document the report and allowlist workflow in the durable i18n architecture/development docs.
• Remove a literal defaultValue fallback from ModelRoundItem where flow-chat:modelRound.loadingMoreHistory already exists in all locale resources.

Quality protection

• pnpm run i18n:audit
• pnpm run i18n:contract:test
• pnpm run type-check:web
• git diff --check
• Pre-submit adversarial review performed after implementation; the initially broad Deep Review allowlist prefix was narrowed to exact dynamic keys, and report write failures now surface as audit errors.

Risks and behavior notes

• Normal i18n:audit remains a no-build check. It validates dynamic allowlist staleness, while shared-term and l10n candidate collection runs only when --report-json is requested.
• The report is advisory and must not be used for automatic deletion. Confirmed-unused detection is intentionally conservative in this PR.
• Dynamic-key allowlist entries must stay scoped to real owner paths and exact keys or narrow prefixes; stale entries now fail the audit.

Related #959