fix(security): store salted hash of deviceId instead of plaintext UUID

[danieloche635-bit]

Summary

\getSecurityDeviceId()\ was storing the raw device UUID in localStorage, making the device fingerprint reusable for impersonation across sessions.

Changes

• Replaced plaintext UUID storage with a salted hash (SHA-256 via simple hash)
• Salt is generated per-session and stored in sessionStorage (refreshes on browser restart)
• Added \simpleHash\ helper for synchronous hashing
• Stored value is now a hex string, not the raw UUID

Tests

• Added 5 new tests covering:
  • Server-side rendering returns 'server-device'
  • Salted hash generation on first call
  • Reuse of existing hash on subsequent calls
  • Session salt persistence
  • Stored value is not the raw UUID

Closes #448
closes #431
closes #442
closes #439

[drips-wave]

@danieloche635-bit Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

[nanaf6203-bit]

Subsumed by #560 — same files, same lines resolved there. Closing this duplicate.