[autodev] Update configuration and documentation for cycle-1

- Enhanced `.env.example` with detailed CMake build flags and replay-mode strategy flags for development and CI environments.
- Updated `.gitignore` to include a new deploy rollback bookmark.
- Revised `_docs/_autodev_state.md` to reflect the current task status and steps.
- Added new lessons to `_docs/LESSONS.md` regarding testing and architectural improvements.
- Documented changes in `_docs/02_document/deployment/ci_cd_pipeline.md` to reflect the relaxed OpenCV version pin.
- Updated test data documentation in `_docs/02_document/tests/test-data.md` to clarify fixture usage and paths.

This commit continues the cycle-1 documentation sync and addresses various configuration updates for improved clarity and functionality.

_docs/02_document/deployment/ci_cd_pipeline.md

@@ -98,7 +98,7 @@ The Dockerfile receives the args; `cmake -DBUILD_VINS_MONO=$BUILD_VINS_MONO -DBU
 | .NET dependency CVEs | `dotnet list package --vulnerable --include-transitive` | Critical / High severity |
 | C++ dependency CVEs | Manual audit via SBOM matched against NVD; `osv-scanner` for known submodule pins | Critical / High severity |
 | Image scan | Trivy on all CI-built images | Critical / High severity |
-| OpenCV pin gate | CI step asserts the resolved OpenCV version is `≥ 4.12.0` (D-CROSS-CVE-1) | Any version `< 4.12.0` |
+| OpenCV pin gate | CI step asserts the resolved OpenCV version is within the cycle-1 relaxed band `>=4.11.0.86,<4.12` (D-CROSS-CVE-1 — see `_docs/_process_leftovers/2026-05-11_d_cross_cve_1_opencv_pin_deferred.md`; original target `>=4.12.0` replays once gtsam ships numpy-2 wheels) | Any version `< 4.11.0.86` OR `>= 4.12` while leftover is open |
 | GTSAM CVE re-scan | Monthly scheduled workflow against the GTSAM commit pinned in `cmake/dependencies.cmake` | Any new published CVE |
 
 ### Push images (Tier-1)