fix(timeline): cancel blank-title event save instead of posting

The EventForm onsubmit guard called e.preventDefault() on a blank title,
but use:enhance ignores defaultPrevented (forms.js only bails on cancel()),
so a blank-title Save still fired a network POST. In a component unit test
the resulting update() -> applyAction() dereferenced an undefined root
($set on undefined), surfacing as an unhandled rejection.

Move the guard into the enhance submit phase and call cancel() so the POST
is actually stopped; the server still owns the authoritative fail(400).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

frontend/src/lib/timeline/EventForm.svelte

@@ -110,15 +110,6 @@ function markDirty() {
 	dirty = true;
 }
 
-// Guards a submit with a blank title client-side. The server re-validates and
-// owns the authoritative fail(400) with per-field flags.
-function handleSubmit(e: SubmitEvent) {
-	titleTouched = true;
-	if (titleEmpty) {
-		e.preventDefault();
-	}
-}
-
 async function confirmDelete(e: SubmitEvent) {
 	e.preventDefault();
 	const { confirm } = getConfirmService();
@@ -153,8 +144,15 @@ async function confirmDelete(e: SubmitEvent) {
 	<form
 		method="POST"
 		action="?/save"
-		onsubmit={handleSubmit}
-		use:enhance={() => {
+		use:enhance={({ cancel }) => {
+			// Client-side guard against a blank title. enhance ignores onsubmit
+			// preventDefault(), so cancel() is the only thing that actually stops the
+			// POST; the server still re-validates and owns the authoritative fail(400).
+			titleTouched = true;
+			if (titleEmpty) {
+				cancel();
+				return;
+			}
 			submitting = true;
 			return async ({ update }) => {
 				submitting = false;