This PR fixes a WebSocket compatibility regression introduced during the recent mission-control API cleanup.

The immediate user-facing problem was that the server started requiring key in request payloads and only accepted the renamed sessions.* method names, but the protocol version was not bumped and older clients were still sending sessionKey together with legacy method names such as session_setLabel, sessions_send, and session_delete. In practice that meant previously working clients could suddenly fail with INVALID_REQUEST or METHOD_NOT_FOUND without any negotiated protocol change.

The root cause was that the refactor normalized the new request and response shape, but removed backward-compatible aliases at the deserialization and request-dispatch layers. At the same time, sessions.list still returned session_key, so the response format was only partially migrated to the new key terminology. Its filtering was also too narrow because search only matched the raw session key and ignored the visible label and preview text.

This change restores compatibility by accepting key, sessionKey, and session_key for the relevant WebSocket request payloads, and by recognizing both the new sessions.* method names and the legacy method names. Responses are normalized around key while still including legacy aliases where needed so older clients continue to work. sessions.list now returns key, sessionKey, and session_key, and its search matches session key, label, and last message preview.

I also cleaned up the formatting drift that was causing cargo fmt --check to fail on the branch.

Validation:

• cargo fmt --all --check
• cargo clippy --all-targets -- -D warnings
• cargo test
• node scripts/generate_docs_artifacts.mjs --check --no-website
• npm --prefix web run build