merge: integrate origin dev into dev

Includes Worksmobile SSOT sync comparison updates, UUID import conflict resolution, and Playwright route mock stabilization.

backend/cmd/server/headless_login_e2e_test.go

@@ -110,7 +110,7 @@ func (m *e2eMockKratosAdminService) ListIdentities(ctx context.Context) ([]servi
 	return nil, nil
 }
 
-func (m *e2eMockKratosAdminService) UpdateIdentity(ctx context.Context, identityID string, traits map[string]interface{}, state string) (*service.KratosIdentity, error) {
+func (m *e2eMockKratosAdminService) UpdateIdentity(ctx context.Context, identityID string, traits map[string]any, state string) (*service.KratosIdentity, error) {
 	return nil, nil
 }
 
@@ -325,7 +325,7 @@ func runHeadlessPasswordLoginE2ERequest(
 				Client: domain.HydraClient{
 					ClientID:                "headless-login-client",
 					TokenEndpointAuthMethod: "none",
-					Metadata: map[string]interface{}{
+					Metadata: map[string]any{
 						"status":                              "active",
 						"headless_login_enabled":              true,
 						"headless_token_endpoint_auth_method": "private_key_jwt",

backend/cmd/server/main.go

@@ -459,7 +459,7 @@ func main() {
 	app.Use(cors.New(cors.Config{
 		AllowOriginsFunc: func(origin string) bool {
 			// 1. Check static allowed list
-			for _, allowed := range strings.Split(allowedOrigins, ",") {
+			for allowed := range strings.SplitSeq(allowedOrigins, ",") {
 				if origin == strings.TrimSpace(allowed) {
 					return true
 				}
@@ -860,9 +860,9 @@ func main() {
 	// Client Logging Route (Standardized & Flattened)
 	api.Post("/client-log", func(c *fiber.Ctx) error {
 		type LogReq struct {
-			Level   string                 `json:"level"`
-			Message string                 `json:"message"`
-			Data    map[string]interface{} `json:"data,omitempty"`
+			Level   string         `json:"level"`
+			Message string         `json:"message"`
+			Data    map[string]any `json:"data,omitempty"`
 		}
 		var req LogReq
 		if err := c.BodyParser(&req); err != nil {