fix(mp): 安全 P0 修复 + 架构 Hook 层补充 + 五专家组分析报告

安全修复:
- 提取 sanitizeHtml 共享工具，修复 article/detail RichText XSS 风险
- request.ts 生产环境强制 HTTPS，消除 HTTP 回退风险
- 错误信息净化：后端错误码映射为用户友好消息，不再透传原始内容
- Token 生命周期管理：利用 expires_in 记录过期时间，请求前主动刷新

工程修复:
- Babel 依赖从 dependencies 移至 devDependencies（包体积优化）

架构改进:
- 新增 usePagination hook（分页加载 + hasMore + refresh，10+ 页面可复用）
- 新增 useAuthRequired hook（登录态 + 患者档案 + 角色判断统一入口）
- 新增 usePageRefresh hook（下拉刷新统一封装，17 页面可复用）

文档:
- 五专家组深度分析+头脑风暴报告（架构7.2/安全5.5/UX6.0/工程5.5/产品7.2）

apps/miniprogram/package.json

@@ -14,9 +14,6 @@
     "ios >= 8"
   ],
   "dependencies": {
-    "@babel/preset-env": "^7.29.2",
-    "@babel/preset-react": "^7.28.5",
-    "@babel/preset-typescript": "^7.28.5",
     "@tarojs/components": "4.2.0",
     "@tarojs/helper": "4.2.0",
     "@tarojs/plugin-framework-react": "4.2.0",
@@ -25,20 +22,18 @@
     "@tarojs/runtime": "4.2.0",
     "@tarojs/shared": "4.2.0",
     "@tarojs/taro": "4.2.0",
-    "babel-preset-taro": "^4.2.0",
-    "crypto-js": "^4.2.0",
-    "echarts": "^6.0.0",
     "react": "^18.3.0",
-    "react-dom": "^18.3.0",
-    "zod": "^4.3.6",
     "zustand": "^5.0.0"
   },
   "devDependencies": {
+    "@babel/preset-env": "^7.29.2",
+    "@babel/preset-react": "^7.28.5",
+    "@babel/preset-typescript": "^7.28.5",
     "@babel/runtime": "^7.27.0",
     "@tarojs/cli": "4.2.0",
     "@tarojs/webpack5-runner": "4.2.0",
-    "@types/crypto-js": "^4.2.2",
     "@types/react": "^18.3.0",
+    "babel-preset-taro": "^4.2.0",
     "miniprogram-automator": "^0.12.1",
     "sass": "^1.87.0",
     "typescript": "^5.8.0",