Add multi-account token support for Codex and API-key providers

[Minoo7]

Summary

• extend token-account support catalog for Codex plus API-key providers (Copilot, Kimi K2, Synthetic, Warp, OpenRouter)
• enable Codex token-account settings visibility when cookie source is manual so users can add accounts before any token exists
• add Codex manual-cookie actions in Preferences: Test cookie (validates immediately) and Save as account (appends token accounts)
• surface Codex cookie import/test status directly in the Codex settings pane subtitle
• keep token-account injection consistent so selected accounts override configured API keys in app and CLI environments
• add regression tests for Codex catalog support, Codex manual cookie actions, >2 account appends, Codex CLI snapshot cookie-source forcing, Codex settings visibility, and API-provider precedence

Verification

• swift test --filter ProviderSettingsDescriptorTests/codexManualCookieFieldExposesTestAndSaveActions
• swift test --filter ProviderSettingsDescriptorTests/codexSaveCookieActionAppendsAccountsBeyondTwo
• swift test --filter TokenAccountEnvironmentPrecedenceTests
• swift test --filter ProviderSettingsDescriptorTests/codex
• swiftformat Sources Tests && swiftlint --strict
• pnpm check
• ./Scripts/compile_and_run.sh

[ratulsarna]

Could this targetEmail becoming nil in manual token-account mode interact with the account-switch path in a way that keeps stale dashboard state after switching accounts?

[ratulsarna]

Should transitions like previous email -> nil or previous tokenAccountID nil -> non-nil be treated as account changes here, or is there a reason we want to keep existing dashboard state in that first switch case?

[ratulsarna]

Are we intentionally requiring whitespace after -H now, or should compact forms like -H'Cookie: ...' still be accepted?

[ratulsarna]

For --cookie / -b, do we still want to accept compact input like -b'...', or should it only match when there is whitespace?