Fix tenant event form package selector so it no longer renders empty-value options, handles loading/empty

states, and pulls data from the authenticated /api/v1/tenant/packages endpoint.
    (resources/js/admin/pages/EventFormPage.tsx, resources/js/admin/api.ts)
  - Harden tenant-admin auth flow: prevent PKCE state loss, scope out StrictMode double-processing, add SPA
    routes for /event-admin/login and /event-admin/logout, and tighten token/session clearing semantics (resources/js/admin/auth/{context,tokens}.tsx, resources/js/admin/pages/{AuthCallbackPage,LogoutPage}.tsx,
    resources/js/admin/router.tsx, routes/web.php)

resources/js/components/analytics/MatomoTracker.tsx

@@ -21,6 +21,7 @@ interface MatomoTrackerProps {
 const MatomoTracker: React.FC<MatomoTrackerProps> = ({ config }) => {
   const page = usePage();
   const { hasConsent } = useConsent();
+  const scriptNonce = (page.props.security as { csp?: { scriptNonce?: string } } | undefined)?.csp?.scriptNonce;
   const analyticsConsent = hasConsent('analytics');
 
   useEffect(() => {
@@ -55,6 +56,19 @@ const MatomoTracker: React.FC<MatomoTrackerProps> = ({ config }) => {
         script.async = true;
         script.src = `${base}/matomo.js`;
         script.dataset.matomo = base;
+        if (scriptNonce) {
+          script.setAttribute('nonce', scriptNonce);
+        } else if (typeof window !== 'undefined' && (window as any).__CSP_NONCE) {
+          script.setAttribute('nonce', (window as any).__CSP_NONCE);
+        } else {
+          const metaNonce = document
+            .querySelector('meta[name="csp-nonce"]')
+            ?.getAttribute('content');
+
+          if (metaNonce) {
+            script.setAttribute('nonce', metaNonce);
+          }
+        }
         document.body.appendChild(script);
       }