QA Promotion: Inbox Checkbox-Selection Fix and Deployment Pipeline Modernization

This release promotes the latest frontend development work to the QA environment. It includes a user-facing fix that clears Inbox row selections when navigating between pages, alongside a substantial overhaul of the build-and-deploy pipeline (AWS ECR image publishing, environment-specific configuration, and automated deployment notifications). The rest of the change set is dependency and documentation housekeeping.

Two needs are addressed. First, in the Inbox grid, selected-row checkboxes were carried forward after paginating (tracked as DA-36), which could let users act on records they did not intend to select. Second, the deployment workflow needed to target the new QA environment and adopt a more robust, traceable image-publishing process.

Inbox users get more predictable behavior: changing pages now starts each page with a clean selection, reducing the risk of accidental bulk actions on the wrong documents. For the delivery team, QA builds are now published to dedicated, clearly-pathed ECR repositories with date- and build-numbered image tags and automatic deployment webhooks, improving release traceability and rollback. No change to existing application features beyond the selection fix.

• Inbox grid (src/components/inbox/InboxGrid/inbox-data-grid.tsx): added a useEffect that resets rowSelection to empty whenever pageIndex changes; also removed a stray syntax artifact ( ``) from the sorting handler (carried in via feature PR #346).
• CI/CD (.github/workflows/docker-ecr.yml): switched the build trigger from dev to qa; added explicit AWS credentials configuration and Amazon ECR login; updated ECR repository paths (dms/qa/frontend, dms/prod/frontend); replaced short-SHA tagging with YYYY-MM-DD-<run_number> tags; injected NEXT_PUBLIC_API_URL, NEXTAUTH_URL, and NEXT_PUBLIC_SOCKET_URL per environment as Docker build args; added explicit image push and a post-deploy webhook notification.
• Dockerfile: bumped builder base image from node:20-alpine to node:24-alpine and plumbed the new build args/ENV (API URL, NextAuth URL/secret, socket URL, Filestack key).
• Housekeeping: added AGENTS.md contributor guide, added pnpm-store/.pnp ignore rules to .gitignore, and bumped lockfile dependencies (TanStack React Query 5.85.6 → 5.85.9, typescript-eslint 8.41.0 → 8.42.0).

Low application risk: only one small, well-scoped component change ships to QA. The larger risk is operational, in the deployment pipeline (new ECR paths, env-var injection, Node 24 base image, webhook step) which could break QA builds if secrets or repository paths are misconfigured. Mitigation: this is the QA stage by design, so verify a successful build/deploy on the QA branch and confirm the QA app boots with correct API/socket URLs before any promotion to production.

• In the Inbox grid, select one or more rows, move to the next/previous page, and confirm selections are cleared (no checkboxes carried over); confirm bulk actions only apply to currently-visible selections.
• Verify sorting and filtering in the Inbox grid still work after the change.
• Confirm the QA deployment pipeline produces an image under dms/qa/frontend with a date+build-number tag and that the webhook fires.
• Smoke-test the deployed QA app: login (NextAuth), API connectivity, and real-time socket features, since their URLs are now baked in at build time.
• Sanity-check the app under the Node 24 build for any runtime regressions.