fix: null/empty session model must not trigger index rebuild — v0.50.101 (#753)

## Summary

Follow-up to #751/#752. Code review identified a case where `_normalize_session_model_in_place` could call `session.save()` (which triggers a full session index rebuild) for sessions with `model: null` or missing model field.

Root cause: `_resolve_compatible_session_model(None)` returns `(default_model, True)` when a default exists — which was interpreted as "changed, needs save." But there's nothing to correct for a session with no model; the default is just a fallback for display purposes, not a cross-provider correction worth persisting.

Fix: capture `original_model` before calling `_resolve_compatible_session_model`. Only call `session.save()` if `original_model` was non-empty and actually changed.

Adds a test asserting `save_calls == []` when `session.model is None`.

No behavior change for sessions with a real model (the primary use case of #751 is unaffected).

api/routes.py

@@ -227,8 +227,12 @@ def _resolve_compatible_session_model(model_id: str | None) -> tuple[str, bool]:
 
 
 def _normalize_session_model_in_place(session) -> str:
-    effective_model, changed = _resolve_compatible_session_model(getattr(session, "model", None))
-    if changed and effective_model and getattr(session, "model", None) != effective_model:
+    original_model = getattr(session, "model", None) or ""
+    effective_model, changed = _resolve_compatible_session_model(original_model or None)
+    # Only persist the correction if the session had an explicit model that needed changing.
+    # Sessions with no model stored (empty/None) get the effective default returned without
+    # a disk write — no need to rebuild the index for a fill-in-blank operation.
+    if changed and effective_model and original_model and original_model != effective_model:
         session.model = effective_model
         session.save(touch_updated_at=False)
     return effective_model