ci(async-audit): enable Phase 2 — soft-fail visibility for async-route audit

.github/workflows/ci.yml

@@ -121,6 +121,42 @@ jobs:
           echo "╚════════════════════════════════════════════════════════════╝"
           python scripts/check_doc_links.py --exclude templates --exclude history --cross-repo skip
 
+  # ═══════════════════════════════════════════════════════════════════════════════════════════════
+  # Async-route audit (Phase 2 — soft-fail visibility).
+  # Catches the BUG-JD-10 bug class (sync-blocking calls inside async def
+  # route handlers). `continue-on-error: true` so violations surface as
+  # PR annotations without blocking merge. Phase 4 will flip this off.
+  # See juniper-ml notes/ASYNC_ROUTE_AUDIT_HOOK_MIGRATION_PLAN.md §4.
+  # ═══════════════════════════════════════════════════════════════════════════════════════════════
+  async-route-audit:
+    name: Async-route audit (BUG-JD-10 class, soft-fail)
+    runs-on: ubuntu-latest
+    continue-on-error: true
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd  # v6.0.2
+
+      - name: Set up Python
+        uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405  # v6.2.0
+        with:
+          python-version: "3.12"
+
+      - name: Install ruff
+        run: pip install "ruff==0.15.6"
+
+      - name: Run async-route audit
+        run: |
+          echo "╔════════════════════════════════════════════════════════════╗"
+          echo "║       JuniperData - Async-route audit (BUG-JD-10)         ║"
+          echo "╚════════════════════════════════════════════════════════════╝"
+          # --exit-zero: same soft-fail contract as the pre-commit hook
+          # (Phase 2 "violations as warnings, not blockers"). Annotations
+          # still render via --output-format=github so reviewers see them
+          # in the PR; the step itself doesn't fail. Phase 4 will drop
+          # this flag along with `continue-on-error: true` on the job.
+          ruff check --select ASYNC --exit-zero --output-format=github juniper_data/
+
   # ═══════════════════════════════════════════════════════════════════════════════════════════════
   # Unit Tests: Run unit tests with coverage enforcement
   # ═══════════════════════════════════════════════════════════════════════════════════════════════

.pre-commit-config.yaml

@@ -97,19 +97,18 @@ repos:
         name: Format with Ruff
         files: ^juniper_data/.*\.py$
       # ─────────────────────────────────────────────────────────────────────
-      # Async-route audit (Phase 1 wiring — disabled state).
+      # Async-route audit (Phase 2 — soft-fail visibility).
       # See juniper-ml notes/ASYNC_ROUTE_AUDIT_HOOK_MIGRATION_PLAN.md.
-      # `stages: [manual]` keeps this from firing on regular commits.
-      # Run on demand via:  pre-commit run --hook-stage manual ruff-async-audit
-      # Phase 2 flips this to `stages: [pre-commit, manual]` and adds a
-      # CI lane (continue-on-error: true) so PRs see violations as
-      # annotations without blocking merge. Phase 4 is hard-fail.
+      # `--exit-zero` keeps violations as warnings (won't block commits).
+      # CI lane in .github/workflows/ci.yml runs the same check with
+      # `continue-on-error: true` so PRs see annotations without blocking
+      # merge. Phase 4 will drop both `--exit-zero` and `continue-on-error`.
       - id: ruff
         alias: ruff-async-audit
         name: Async-route audit (BUG-JD-10 class)
         args: [--select, ASYNC, --exit-zero]
         files: ^juniper_data/.*\.py$
-        stages: [manual]
+        stages: [pre-commit, manual]
 
   # ═══════════════════════════════════════════════════════════════════════════
   # Python Type Checking - MyPy