feat(P8): IHF Phase 8 complete — Federated Hub Maturity

Implements the final phase of the IHF v0.1 specification:

- WidgetOwnership: delegated ownership registry (local/delegated/global),
  append-only audit artefacts, ownership badge on widget show page
- HubRoutingRule + RoutingEngine: priority-ordered inter-hub routing engine;
  null-inclusive category/widget-type matching; RouteNowAction for manual
  re-evaluation; RoutedCandidates view per hub
- FederatedPolicyOverlay: draft → active → retired lifecycle; activated
  overlays are immutable (same pattern as Phase 6 contracts); policy
  compliance dashboard with decision coverage metrics
- StewardshipRole: named governance roles per hub; point-in-time revocation
  pattern; hub and ops-board integration
- ArchiveRecord + is_archived: soft-delete on widgets; lineage inspector
  traces full traceability chain (Widget → Events → Annotations → Candidates
  → Requirements → Decisions → Deployments → Signals + ArchiveRecord)
- FederatedGovernanceDashboard: 5-panel autoRefresh org-wide governance view
  (ownership coverage, routing activity, policy compliance, stewardship
  coverage, archive activity)

Schema: widget_ownerships, hub_routing_rules, federated_policy_overlays,
stewardship_roles, archive_records; ALTER widgets ADD is_archived;
ALTER requirement_candidates ADD routed_to_hub_id

Migration: 1743638400-ihf-phase8-federated-hub-maturity.sql
Tests: Phase 8 integration tests appended to Test/Integration.hs
Docs: docs/phase8-summary.md; SCOPE.md updated to Phase 8 complete

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Web/Controller/FederatedPolicyOverlays.hs

@@ -0,0 +1,91 @@
+module Web.Controller.FederatedPolicyOverlays where
+
+import Web.Types
+import Web.View.FederatedPolicyOverlays.Index
+import Web.View.FederatedPolicyOverlays.Show
+import Web.View.FederatedPolicyOverlays.New
+import Web.View.FederatedPolicyOverlays.Edit
+import Web.View.FederatedPolicyOverlays.PolicyComplianceDashboard
+import Generated.Types
+import IHP.Prelude
+import IHP.ControllerPrelude
+
+instance Controller FederatedPolicyOverlaysController where
+    beforeAction = ensureIsUser
+
+    action FederatedPolicyOverlaysAction = autoRefresh do
+        overlays <- query @FederatedPolicyOverlay |> orderByDesc #createdAt |> fetch
+        hubs     <- query @Hub |> fetch
+        render IndexView { overlays, hubs }
+
+    action ShowFederatedPolicyOverlayAction { federatedPolicyOverlayId } = do
+        overlay <- fetch federatedPolicyOverlayId
+        hubs    <- query @Hub |> fetch
+        render ShowView { overlay, hubs }
+
+    action NewFederatedPolicyOverlayAction = do
+        let overlay = newRecord @FederatedPolicyOverlay
+        hubs <- query @Hub |> orderByAsc #name |> fetch
+        render NewView { overlay, hubs }
+
+    action CreateFederatedPolicyOverlayAction = do
+        let overlay = newRecord @FederatedPolicyOverlay
+        hubs <- query @Hub |> orderByAsc #name |> fetch
+        overlay
+            |> fill @'["title","policyText","appliesToHubs","notes"]
+            |> validateField #title nonEmpty
+            |> validateField #policyText nonEmpty
+            |> ifValid \case
+                Left o  -> render NewView { overlay = o, hubs }
+                Right o -> do
+                    o <- createRecord o
+                    setSuccessMessage "Policy overlay created"
+                    redirectTo ShowFederatedPolicyOverlayAction { federatedPolicyOverlayId = o.id }
+
+    action EditFederatedPolicyOverlayAction { federatedPolicyOverlayId } = do
+        overlay <- fetch federatedPolicyOverlayId
+        when (overlay.status /= "draft") do
+            setErrorMessage "Activated overlays cannot be edited"
+            redirectTo ShowFederatedPolicyOverlayAction { federatedPolicyOverlayId }
+        hubs <- query @Hub |> orderByAsc #name |> fetch
+        render EditView { overlay, hubs }
+
+    action UpdateFederatedPolicyOverlayAction { federatedPolicyOverlayId } = do
+        overlay <- fetch federatedPolicyOverlayId
+        hubs <- query @Hub |> orderByAsc #name |> fetch
+        when (overlay.status /= "draft") do
+            setErrorMessage "Activated overlays cannot be edited"
+            redirectTo ShowFederatedPolicyOverlayAction { federatedPolicyOverlayId }
+        overlay
+            |> fill @'["title","policyText","appliesToHubs","notes"]
+            |> validateField #title nonEmpty
+            |> validateField #policyText nonEmpty
+            |> ifValid \case
+                Left o  -> render EditView { overlay = o, hubs }
+                Right o -> do
+                    updateRecord o
+                    setSuccessMessage "Policy overlay updated"
+                    redirectTo ShowFederatedPolicyOverlayAction { federatedPolicyOverlayId = o.id }
+
+    action ActivateFederatedPolicyAction { federatedPolicyOverlayId } = do
+        overlay <- fetch federatedPolicyOverlayId
+        now <- getCurrentTime
+        overlay
+            |> set #status "active"
+            |> set #enforcedFrom (Just now)
+            |> updateRecord
+        setSuccessMessage "Policy overlay activated"
+        redirectTo ShowFederatedPolicyOverlayAction { federatedPolicyOverlayId }
+
+    action RetireFederatedPolicyAction { federatedPolicyOverlayId } = do
+        overlay <- fetch federatedPolicyOverlayId
+        overlay |> set #status "retired" |> updateRecord
+        setSuccessMessage "Policy overlay retired"
+        redirectTo FederatedPolicyOverlaysAction
+
+    action PolicyComplianceDashboardAction = autoRefresh do
+        overlays   <- query @FederatedPolicyOverlay |> filterWhere (#status, "active") |> fetch
+        hubs       <- query @Hub |> fetch
+        decisions  <- query @DecisionRecord |> fetch
+        policies   <- query @PolicyReference |> fetch
+        render PolicyComplianceDashboardView { overlays, hubs, decisions, policies }