web: Router tidy v1

[GirlBossRush]

Details

This PR preps the client-side router for hash-less routes, partially getting our parameter logic into a more compatible format. This PR also...

• Prepares the router for packaging.
• Moves route related logic into the router package.
• Fixes a UI issue where the sidebar does not scroll the current route into view after accordion expansion.

---

Checklist

• Local tests pass (ak test authentik/)
• The code has been formatted (make lint-fix)

If an API change has been made

• The API schema has been updated (make gen-build)

If changes to the frontend have been made

• The code has been formatted (make web)

If applicable

• The documentation has been updated
• The documentation has been formatted (make website)

[netlify]

✅ Deploy Preview for authentik-storybook ready!

Name	Link
🔨 Latest commit	01ff1e1
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-storybook/deploys/688271858828bf0008acdd47
😎 Deploy Preview	https://deploy-preview-13754--authentik-storybook.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[netlify]

✅ Deploy Preview for authentik-docs canceled.

Name	Link
🔨 Latest commit	01ff1e1
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-docs/deploys/6882718547b2f4000734441b

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.24%. Comparing base (4a933b8) to head (01ff1e1).

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #13754      +/-   ##
==========================================
- Coverage   92.97%   92.24%   -0.74%     
==========================================
  Files         831      831              
  Lines       44226    44226              
==========================================
- Hits        41119    40795     -324     
- Misses       3107     3431     +324     

Flag	Coverage Δ
e2e	?
integration	23.46% <ø> (+<0.01%)	⬆️
unit	91.28% <ø> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[netlify]

✅ Deploy Preview for authentik-integrations canceled.

Name	Link
🔨 Latest commit	01ff1e1
🔍 Latest deploy log	https://app.netlify.com/projects/authentik-integrations/deploys/6882718519e7cc000810dda5

To fix the issue, we will ensure that the untrusted pathname is not directly interpolated into the template literal. Instead, we will use a %s specifier in the format string and pass pathname as a separate argument. This approach ensures that the untrusted input is treated as a string and avoids any unintended behavior.

---

To fix the issue, we will ensure that the untrusted pathname value is not directly interpolated into the format string. Instead, we will use a %s specifier in the format string and pass the pathname as a separate argument. This approach ensures that the pathname is treated as a string and prevents any unintended format specifiers from being processed.

The changes will be made in the matchRoute function in RouteMatch.ts. Specifically, the console.debug statement on line 30 will be updated to use a safe format string.

---