feat(api): pending-changes + audit routes

Owner-only routes wired with an applyPendingChange dispatch helper
covering page/project/task/ref/resource/source_doc create/update/delete.
Approve and reject emit their own audit_log entries (actions already in
the CHECK vocab) so the audit trail is self-contained.

Documents a latent bug in security-followups.md: pending_changes.action
CHECK constraint blocks 'upsert' / 'add_dependency' / 'remove_dependency'
divertToPending paths in refs/resources routes when an agent at suggest
tier hits them.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

lib/api/routes/audit.js

@@ -0,0 +1,45 @@
+import { Router } from 'express';
+import { z } from 'zod';
+import * as repo from '../../db/repos/audit.js';
+import { parsePagination } from '../pagination.js';
+import { validate } from '../validate.js';
+import { requireOwner } from '../cap.js';
+import { asyncWrap } from '../errors.js';
+
+const ENTITY_TYPES = ['space','project','task','page','ref','resource','source_doc','conversation'];
+const ACTOR_KINDS = ['user','agent','cron','worker','system'];
+
+const entityParams = z.object({
+  type: z.enum(ENTITY_TYPES),
+  id: z.string().uuid()
+});
+
+const actorQuery = z.object({
+  actor_kind: z.enum(ACTOR_KINDS).optional(),
+  actor_id: z.string().uuid().optional(),
+  limit: z.string().optional(),
+  offset: z.string().optional()
+});
+
+export const router = Router();
+router.use(requireOwner);
+
+router.get('/entity/:type/:id',
+  validate({ params: entityParams }),
+  asyncWrap(async (req, res) => {
+    const { limit } = parsePagination(req);
+    res.json(await repo.listForEntity(req.params.type, req.params.id, { limit }));
+  })
+);
+
+router.get('/actor',
+  validate({ query: actorQuery }),
+  asyncWrap(async (req, res) => {
+    const { limit } = parsePagination(req);
+    res.json(await repo.listByActor({
+      actor_kind: req.validatedQuery.actor_kind,
+      actor_id: req.validatedQuery.actor_id,
+      limit
+    }));
+  })
+);