Force Web Editor recipe to overwrite Standard profile text formats + editors, add token_filter dependency, and ship webship-js (Playwright + Cucumber-js) functional test coverage

Problem/Motivation

The Web Editor module ships a webeditor/default recipe that installs and pre-configures CKEditor 5, Filter,
Editor, Media, Linkit, External Links, Editor Advanced Link, and Token Filter. Two issues block the recipe from doing its job, and
the module has zero functional test coverage to catch regressions:

1. Drupal recipes use import semantics — config.import (and recipe-bundled
   config/*.yml) only create configuration that does not already exist. They will not
   overwrite a config object the Standard install profile already shipped. As a result, enabling webeditor on a fresh
   Standard site leaves the bundled filter.format.basic_html, filter.format.full_html,
   filter.format.restricted_html, editor.editor.basic_html and editor.editor.full_html
   untouched — authors keep core's stock CKEditor 5 toolbar, the Linkit filter is never wired into Basic/Full HTML, and the
   Token Filter never runs.
2. composer.json is missing drupal/token_filter ~2.0, even though the recipe's install:
   list and config.import reference it. On a fresh composer require drupal/webeditor, the install fails
   with: "token_filter" is not a known module or theme.
3. There are no functional tests, so neither of the two regressions above is caught in CI.

Proposed resolution

1. Make the recipe authoritative for the bundled text formats and editors. Extend
webeditor_install() so that after RecipeRunner::processRecipe() runs, it loads each of the five YAML
files from recipes/default/config/ and force-applies them on top of any pre-existing config, preserving the existing
uuid and _core.default_config_hash so dependents (e.g.

editor.editor.* →
  filter.format.*

) keep working:

• filter.format.basic_html
• filter.format.full_html
• filter.format.restricted_html
• editor.editor.basic_html
• editor.editor.full_html

2. Add the missing dependency. Add "drupal/token_filter": "~2.0" to composer.json's
require block so the recipe can install cleanly on a fresh project.

3. Add functional acceptance testing with webship-js (Playwright + Cucumber-js). Mirror the layout already
used by Web SEO / Web Page / Web Blog so all Webship.co contrib modules share one CI shape. Deliverables:

• package.json dev-dep webship-js: ~2.0 and engines.node >= 20.
• cucumber.js with worldParameters.users for Webmaster (site-install super-admin), Content editor,
  and Authenticated user — password dD.123123ddd for all three.
• playwright.config.ts with chromium args suitable for DDEV / CI (--no-sandbox,
  --ignore-certificate-errors, etc.).
• .gitlab-ci.yml with drupalci composer + custom .drupal-node-base that installs
  Standard, enables webeditor, then runs cucumber-js --tags "not @wip"; uploads
  tests/reports/, tests/screenshots/, tests/videos/ as artifacts.
• .gitlab-ci-local.yml for local reproduction of the validate jobs with gitlab-ci-local.
• Feature files (tests/features/*.feature) — 14 files, 28 scenarios, 143
  steps:
  • 01-01-01-users-login.feature — Webmaster / Content editor / Authenticated user login, plus webmaster
    provisioning the other two via the admin UI.
  • 02-01-01-webeditor-modules-enabled.feature — recipe enabled every bundled module.
  • 02-02-01-text-formats-list.feature — Full HTML / Basic HTML / Restricted HTML / Plain text all
    listed.
  • 02-02-02-basic-html-format.feature — Basic HTML wired to CKEditor 5 with Linkit + filter_html
    on.
  • 02-02-03-full-html-format.feature — Full HTML wired to CKEditor 5 with Linkit + Token Filter on.
  • 02-02-04-restricted-html-format.feature — Restricted HTML keeps filter_html on.
  • 02-03-01-linkit-profile-admin.feature — Default profile, matchers (User / File / Media / Email /
    External / Front page), Update-profile button.
  • 02-04-01-extlink-admin.feature — External Links settings page reachable.
  • 03-01-01-ckeditor5-basic-html-toolbar.feature — Bold / Italic / Underline / Bulleted list / Numbered
    list / Block quote in active toolbar.
  • 03-01-02-ckeditor5-full-html-toolbar.feature — Bold / Italic / Heading / Link / Image / Drupal media
    / table / Source in active toolbar.
  • 04-01-01-create-page-with-editor.feature — CKEditor 5 renders on Body, author types and saves a Basic
    page end-to-end.
  • 04-02-01-format-selector-on-body.feature — format selector exposes Full / Basic / Restricted
    HTML.
  • 05-01-01-access-control.feature — anonymous + authenticated users hit "Access denied" on every
    webeditor admin route.
  • 06-01-01-frontend-anonymous-pages.feature — enabling Web Editor never regresses anonymous front-page
    / login.
• Step definitions (tests/step-definitions/webeditor.steps.js) extending webship-js: per-user
  login through /user/login, admin-UI user provisioning, label / button / checkbox-checked assertions, HTTP-status
  assertions, and a CKEditor 5 active-toolbar assertion that reads the hidden #ckeditor5-toolbar-buttons-selected
  textarea JSON and maps human button names (e.g. "Drupal media") to machine IDs (e.g. drupalMedia) — the
  draggable toolbar UI is unreliable in headless runs, the textarea is not.
• Selectors (tests/selectors/cms-drupal-core-claro.json, cms-drupal-cms-gin.json)
  shared with Web SEO / Web Page / Web Blog.

Remaining tasks

• ✅ File an issue
• ✅ Addition/Change/Update/Fix
• ✅ Merge request, Patch, or Commit
• ✅ Testing to ensure no regression
• ✅ Automated unit testing coverage
• ✅ Automated functional testing coverage
• ➖ UX/UI designer responsibilities
• ➖ Readability
• ➖ Accessibility
• ➖ Performance
• ➖ Security
• ➖ Documentation
• ✅ Code review by maintainers
• ✅ Full testing and approval
• ✅ Credit contributors
• ✅ Review with the product owner
• ✅ Release notes snippet
• ✅ Release webeditor-11.0.1

User interface changes

• N/A

API changes

• N/A

Data model changes

• N/A

Release notes snippet

• ci: #3591710 Force Web Editor recipe to overwrite Standard profile text formats + editors, add token_filter dependency, and ship webship-js (Playwright + Cucumber-js) functional test coverage