feat(audit): annotate endpoints in EvidenceLocker + Integrations + Scanner (Batch 1)
- Add AuditedRouteGroupExtensions with WithAuditFilter() and Audited() helpers
- EvidenceLocker: 7 endpoints (store, snapshot, verify, hold, store_verdict,
verify_verdict, export)
- Integrations: 6 endpoints (create, update, delete, test, discover,
run_code_guard)
- Scanner: ~55 annotations across 25 endpoint files covering sources CRUD,
scan submission, scan policies, approvals, triage, webhooks, reports,
reachability, secret detection, offline kit, runtime, and more
- Skipped read-only POSTs per convention (delta compare, counterfactual,
EPSS batch, slice query, policy diagnostics/preview/runtime/overlay)
- All 3 services build clean with 0 errors/warnings
- Sprint 005: FILTER-001, FILTER-002, FILTER-003 marked DONE
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
7c7525f353