chore: bump Ketesa to 1.3.0; 1.155.0:0 → 1.155.0:1

[helix-nine]

Summary

Bumps the bundled Admin Dashboard (Ketesa) from v1.2.1 → v1.3.0. Synapse itself is unchanged at 1.155.0, so the StartOS version goes 1.155.0:0 → 1.155.0:1.

Ketesa is downloaded as a release tarball at build time and served by the package's own nginx sidecar — not run as a container — so this is a Makefile SYNAPSE_ADMIN_VERSION + SYNAPSE_ADMIN_CHECKSUM change.

Changes

• Makefile: SYNAPSE_ADMIN_VERSION → v1.3.0, SYNAPSE_ADMIN_CHECKSUM → SHA-256 of the new ketesa.tar.gz (ad241735…801c3).
• startos/versions/current.ts: version → 1.155.0:1, release notes rewritten (all locales) to describe the Ketesa bump. In-place edit — no new migration, existing create-admin-user clear-task migration carried forward.
• package-lock.json: npm update (no start-sdk bump — already at latest 1.5.3).

Ketesa 1.3.0 highlights

• Security: fixed an XSS hole when opening media — only real image types open in a tab; everything else (SVG included) downloads instead.
• Bugfix: editing a non-MAS user could trigger an accidental GDPR erase.
• Safety: deactivate / delete / erase user actions now confirm first.
• New "Reported users" queue in the sidebar; better Matrix Authentication Service (MAS) user management.

Full upstream notes: https://github.com/etkecc/ketesa/releases/tag/v1.3.0

Test plan

• npm run check (tsc) green.
• make build verification (PR review).