HTML Tool PoC spike for fragment defined in type index

[jg10-mastodon-social]

Closes #146

• New term is hosted and documented in RDFS at https://browser.pod-os.org/terms#htmlToolFragment
• ADR to self-host core browser vocabulary
• When a resource is loaded, a matching pane is identified in the type index
  • A tool is added for each matching pane
  • New TypeIndex class in PodOS core
• DOMPurify is applied to the HTML, and pos-label is whitelisted (which has no attributes)
• The HTML is inserted into the page
• The resource event is respected (init is not yet tested) and pos-label renders.

---

• Tests have been written
  • all new code is covered by unit tests
  • the happy path of a new feature is covered by an end-to-end test
  • manual explorative tests have been performed
• all dependencies are updated to the latest patch version at minimum
• the CI pipeline passes
• documentation is up-to-date
  • TSDoc style comments on important functions, properties and events
  • stories for new PodOS elements have been added to storybook
  • Readme.md files of PodOS elements have been re-generated
  • architectural decisions are documented as an ADR
  • Changelogs are updated according to
    Keep a Changelog

[jg10-mastodon-social]

As noted in #126 (comment), my intention here is that each white-listed component would manage its own set of tests to ensure that the HTML sanitization whitelists the right attributes etc. So when other changes are made, then these HTML sanitization tests are also updated.
(This is obviously dependent on getting DOMPurify to run correctly in the tests.)

[jg10-mastodon-social]

This will need to be loaded from type index with defaults for missing values. New PodOS core methods will be needed.

[jg10-mastodon-social]

This is not quite the right solution to support more than one HTML tool (if several types match). It doesn't allow them to be addressed separately through URL params.

[jg10-mastodon-social]

I'm considering instead allowing tools to be registered with a unique name. This would be user friendly but require an additional predicate to be present in the registration.
Another alternative would be a hash of their content. This would more opaque.

[jg10-mastodon-social]

The current implementation works - navigating to http://localhost:3333/?uri=https%3A%2F%2Fjg10.solidcommunity.net%2Fpantry%2Fblog%2F01%2Frosti.ttl%23it&tool=pos-html-tool displays the recipe label, but see comments above for remaining (major) issues.