feat(convergence): first Regulatory Convergence Pattern (ISO27001 -> CRA + MaschinenVO)

The first multi-regulation pattern: each capability declares `covers_targets`, so we
can answer the convergence USP — "which capability satisfies CRA AND MaschinenVO at once?"

- knowledge: transition_pattern_iso27001_to_cra_maschinenvo_v1.yaml (pattern_type:
  regulatory_convergence, status draft). The cyber-safety bridge = MaschinenVO Annex III
  1.1.9 "protection against corruption" overlapping CRA integrity. 4 convergence
  capabilities cover BOTH; 5 CRA-only; 3 MaschinenVO-only.
- product: compliance/transition_reasoning/convergence.py — regulatory_convergence()
  pure/deterministic/computed-not-stored, no new graph/class (freeze v1.0 untouched).
  No app caller yet -> non-runtime, no deploy (ADR-001).
- reference suite: Cross-Regulation Capability Mapping section renders the customer
  sentence "von N neuen Massnahmen erfuellen M gleichzeitig CRA und MaschinenVO".
- README: term -> Regulatory Transition / Convergence Pattern; covers_targets documented.
- tests: test_regulatory_convergence (18 transition+company pass), mypy --strict clean.

Curated expert knowledge, AI first draft (L1/draft) — Annex/Article refs indicative,
review_required by a machinery-safety expert.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

backend-compliance/compliance/transition_reasoning/__init__.py

@@ -10,6 +10,7 @@ Consumes the Company Capability Profile (2A) as „have" + injected `TargetRequi
 
 from __future__ import annotations
 
+from .convergence import RegulatoryConvergence, regulatory_convergence
 from .engine import EMPTY_REQUIREMENTS, assess_transition
 from .schemas import (
     CapabilityCoverage,
@@ -39,4 +40,6 @@ __all__ = [
     "InformationGain",
     "TransitionSummary",
     "TransitionAssessment",
+    "regulatory_convergence",
+    "RegulatoryConvergence",
 ]