feat(governance): add hash-chained audit logger for predictions

[obielin]

Summary

• Adds src/climatevision/governance/audit_logger.py — append-only JSONL audit trail for every model prediction.
• Each entry records: timestamp, model version, SHA-256 hash of the input payload, output summary stats (mean confidence, positive fraction, threshold), request/user IDs, and a prev_hash linking back through the chain.
• verify_chain() walks the file from genesis and detects any tampered entry by recomputing the hash and checking the link to its predecessor.
• Process-safe via an in-memory lock; ready to be wrapped in a filelock for cross-process safety.

Why

Sprint deliverable: "Build audit_logger.py — immutable audit trail for every model version and prediction." Required input for the model governance / compliance documentation track.

Test plan

• pytest tests/test_audit_logger.py — 6/6 pass
  • first entry chains to genesis hash
  • chain links propagate correctly across multiple entries
  • tampering with any historical row breaks verify_chain()
  • chain resumes correctly across new logger instances pointed at the same file
  • module-level helper writes to the configured default path
  • dict-shaped inputs/outputs (e.g. carbon analytics dicts) are accepted

Notes for reviewers

• Branched off develop.
• Hash-link only, not signed. Cryptographic signatures can be layered on later by signing each entry_hash with a release key.

[femi23]

Hash-chained JSONL is exactly what I need to point auditors at. The verify_chain() walk plus the genesis-hash anchor means we can detect any tampering down to the byte. Process-safe lock is fine for the API; once we deploy with multiple uvicorn workers we'll wrap calls in a filelock or queue, as you note in the docstring.

Approving.