feat: add RAG corpus versioning and source policy backend

Part 1 — RAG Corpus Versioning:
- New DB table compliance_corpus_versions (migration 017)
- Go CorpusVersionStore with CRUD operations
- Assessment struct extended with corpus_version_id
- API endpoints: GET /rag/corpus-status, /rag/corpus-versions/:collection
- RAG routes (search, regulations) now registered in main.go
- Ingestion script registers corpus versions after each run
- Frontend staleness badge in SDK sidebar

Part 3 — Source Policy Backend:
- New FastAPI router with CRUD for allowed sources, PII rules,
  operations matrix, audit trail, stats, and compliance report
- SQLAlchemy models for all source policy tables (migration 001)
- Frontend API base corrected from edu-search:8088/8089 to
  backend-compliance:8002/api

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

ai-compliance-sdk/internal/ucca/store.go

@@ -52,6 +52,7 @@ func (s *Store) CreateAssessment(ctx context.Context, a *Assessment) error {
 			triggered_rules, required_controls, recommended_architecture,
 			forbidden_patterns, example_matches,
 			dsfa_recommended, art22_risk, training_allowed,
+			corpus_version_id, corpus_version,
 			explanation_text, explanation_generated_at, explanation_model,
 			domain, created_at, updated_at, created_by
 		) VALUES (
@@ -61,8 +62,9 @@ func (s *Store) CreateAssessment(ctx context.Context, a *Assessment) error {
 			$14, $15, $16,
 			$17, $18,
 			$19, $20, $21,
-			$22, $23, $24,
-			$25, $26, $27, $28
+			$22, $23,
+			$24, $25, $26,
+			$27, $28, $29, $30
 		)
 	`,
 		a.ID, a.TenantID, a.NamespaceID, a.Title, a.PolicyVersion, a.Status,
@@ -71,6 +73,7 @@ func (s *Store) CreateAssessment(ctx context.Context, a *Assessment) error {
 		triggeredRules, requiredControls, recommendedArchitecture,
 		forbiddenPatterns, exampleMatches,
 		a.DSFARecommended, a.Art22Risk, string(a.TrainingAllowed),
+		a.CorpusVersionID, a.CorpusVersion,
 		a.ExplanationText, a.ExplanationGeneratedAt, a.ExplanationModel,
 		string(a.Domain), a.CreatedAt, a.UpdatedAt, a.CreatedBy,
 	)
@@ -92,6 +95,7 @@ func (s *Store) GetAssessment(ctx context.Context, id uuid.UUID) (*Assessment, e
 			triggered_rules, required_controls, recommended_architecture,
 			forbidden_patterns, example_matches,
 			dsfa_recommended, art22_risk, training_allowed,
+			corpus_version_id, corpus_version,
 			explanation_text, explanation_generated_at, explanation_model,
 			domain, created_at, updated_at, created_by
 		FROM ucca_assessments WHERE id = $1
@@ -102,6 +106,7 @@ func (s *Store) GetAssessment(ctx context.Context, id uuid.UUID) (*Assessment, e
 		&triggeredRules, &requiredControls, &recommendedArchitecture,
 		&forbiddenPatterns, &exampleMatches,
 		&a.DSFARecommended, &a.Art22Risk, &trainingAllowed,
+		&a.CorpusVersionID, &a.CorpusVersion,
 		&a.ExplanationText, &a.ExplanationGeneratedAt, &a.ExplanationModel,
 		&domain, &a.CreatedAt, &a.UpdatedAt, &a.CreatedBy,
 	)
@@ -141,6 +146,7 @@ func (s *Store) ListAssessments(ctx context.Context, tenantID uuid.UUID, filters
 			triggered_rules, required_controls, recommended_architecture,
 			forbidden_patterns, example_matches,
 			dsfa_recommended, art22_risk, training_allowed,
+			corpus_version_id, corpus_version,
 			explanation_text, explanation_generated_at, explanation_model,
 			domain, created_at, updated_at, created_by
 		FROM ucca_assessments WHERE tenant_id = $1`
@@ -194,6 +200,7 @@ func (s *Store) ListAssessments(ctx context.Context, tenantID uuid.UUID, filters
 			&triggeredRules, &requiredControls, &recommendedArchitecture,
 			&forbiddenPatterns, &exampleMatches,
 			&a.DSFARecommended, &a.Art22Risk, &trainingAllowed,
+			&a.CorpusVersionID, &a.CorpusVersion,
 			&a.ExplanationText, &a.ExplanationGeneratedAt, &a.ExplanationModel,
 			&domain, &a.CreatedAt, &a.UpdatedAt, &a.CreatedBy,
 		)