feat: add SOCKS5 proxy support for desktop traffic

[scrense-hash]

Summary

This PR adds SOCKS5 proxy support for supported Session Desktop traffic.

Included in this patch:

• SOCKS5 proxy settings in Session Network
• routing of supported desktop traffic through SOCKS5
• SOCKS5 support for updater traffic

Notes

• this PR intentionally keeps the diff minimal relative to current dev
• bootstrap-only mode is deprecated and is not included here
• in practice, partial proxying during bootstrap does not provide meaningful benefit on modern DPI-filtered networks
• it can also make traffic behavior more distinguishable, which is undesirable
• no localization changes are included in this PR because translations are maintained in a separate repository
• the new proxy settings UI is English-only in this patch for that reason

Testing

Manual testing:

• built and launched a Linux AppImage
• configured a SOCKS5 proxy in Session Network
• verified successful client connection through SOCKS5
• verified updater traffic remains enabled with proxy configuration

Automated checks:

• tsc --noEmit
• pnpm run build

Fork CI run results on this branch:

• Linux targets passed: deb, rpm, AppImage, freebsd
• macOS arm64 passed
• macOS x64 initially failed in Enforce static builds for libsession-util-nodejs
• root cause identified: libsession_util_nodejs v0.6.17 added Rangeproof to ProOriginatingPlatform — TypeScript exhaustive checks in types.ts and ProNonOriginatingPage.tsx did not handle the new variant
• fixed in subsequent commits — all platforms now pass including macOS x64

Additional coverage:

• added focused test coverage for proxy settings normalization

Test environment:

• Desktop: Linux
• packaging tested with AppImage

[scrense-hash]

CI update from a fork run on this branch

• Linux targets passed: deb, rpm, AppImage, freebsd
• macOS arm64 passed
• macOS x64 failed in Enforce static builds for libsession-util-nodejs

The macOS x64 failure appears to be in native dependency validation rather than in the SOCKS5 patch itself. The failing check reports an unexpected linked library in libsession_util_nodejs.node:

• /usr/local/opt/llvm@18/lib/libunwind.1.dylib

This happens before the relevant SOCKS5 application codepath is exercised.

[scrense-hash]

Updated this PR with the latest fix.

Current head is 475923cedf4c6cd330f08838b4c516a220f7d526.

This update keeps the proxy auth fix, reverts libsession_util_nodejs to v0.6.16, and updates the pnpm-lock.yaml tarball checksum for the current upstream asset. A fork run with this patch now gets past the previous install/integrity issue.

Upstream checks have not started yet for the current head (check_runs=0 on my side). Could someone please approve/re-run the PR checks for this branch?