fix(core): fix secrets scan upserts, connection health checks, and frontend improvements

- Add upsert pattern to SecretsScanService to prevent duplicate key errors on repeated scans
- Auto-test connection health on startup so status reflects reality
- Fix Actions view to read identity from appstate instead of broken localStorage hack
- Fetch both project and group secrets in parallel, add "All Scopes" filter to Secrets view
- Enable noCache on UtilityWebsiteServer to prevent stale browser cache

ts/classes/connectionmanager.ts

@@ -17,6 +17,8 @@ export class ConnectionManager {
   private connections: interfaces.data.IProviderConnection[] = [];
   private storageManager: StorageManager;
   private smartSecret: plugins.smartsecret.SmartSecret;
+  /** Resolves when background connection health checks complete */
+  public healthCheckDone: Promise<void> = Promise.resolve();
 
   constructor(storageManager: StorageManager, smartSecret: plugins.smartsecret.SmartSecret) {
     this.storageManager = storageManager;
@@ -26,6 +28,25 @@ export class ConnectionManager {
   async init(): Promise<void> {
     await this.migrateLegacyFile();
     await this.loadConnections();
+    // Auto-test all connections in the background
+    this.healthCheckDone = this.testAllConnections();
+  }
+
+  /**
+   * Tests all loaded connections in the background and updates their status.
+   * Fire-and-forget — does not block startup.
+   */
+  private async testAllConnections(): Promise<void> {
+    for (const conn of this.connections) {
+      try {
+        const provider = this.getProvider(conn.id);
+        const result = await provider.testConnection();
+        conn.status = result.ok ? 'connected' : 'error';
+        await this.persistConnection(conn);
+      } catch {
+        conn.status = 'error';
+      }
+    }
   }
 
   /**