Sig select: _card-deck.scss extract, WS cursor fixes, own-role indicators, role icon refresh

- New _card-deck.scss: sig select styles moved out of _room.scss + _game-kit.scss
- sig-select.js: 3 WS bug fixes — thumbs-up deferred to window.load (layout settled
  before getBoundingClientRect), hover cursor cleared for all cards on reservation
  (not just the reserved card), applyHover guards against already-reserved roles
- Own-role indicators: gamer now sees their own role-coloured card outline + thumbs-up
- Reservation glow: replaced blurry role+ninUser double-shadow with crisp 2px outline
- Gravity qualifier: Graven text set to --terUser (matches Leavened/--quiUser pattern)
- Role card SVGs refreshed; starter-role-Blank removed
- FTs + Jasmine specs extended for sig select WS behaviour
- setup_sig_session management command for multi-browser manual testing

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

src/apps/lyric/views.py

@@ -1,4 +1,6 @@
+from django.conf import settings
 from django.contrib import auth, messages
+from django.http import Http404
 from django.shortcuts import redirect
 from django.urls import reverse
 
@@ -27,3 +29,13 @@ def login(request):
     else:
         messages.error(request, "Invalid login link!—please request another")
     return redirect("/")
+
+
+def dev_login(request, session_key):
+    """DEBUG-only: set session cookie and redirect. Used by setup_sig_session command."""
+    if not settings.DEBUG:
+        raise Http404
+    next_url = request.GET.get("next", "/")
+    response = redirect(next_url)
+    response.set_cookie(settings.SESSION_COOKIE_NAME, session_key, httponly=True)
+    return response