[Change] Publisher and Module Revocation Infrastructure

[djm81]

Why

marketplace-03 introduces publisher attestation and trust tiers but provides no mechanism to revoke a compromised publisher or a vulnerable module. Revocation infrastructure must exist before any external publisher is onboarded — otherwise a compromised key or malicious module cannot be removed from circulation once installed.

What Changes

• NEW: src/specfact_cli/trust/revocation.py — revocation checker: fetch and cache publishers/revoked.json and module revocation records; enforce grace window policy by reason type
• MODIFY: src/specfact_cli/modules/module_registry/src/ — pre-install revocation check; post-install revocation warning on module invocation
• NEW: .github/workflows/scan-bundles.yml — CI AST scan for obfuscated code, shell=True + URL patterns, network-on-import, eval/exec on remote data
• NEW: scripts/revoke-publisher.py, scripts/revoke-module.py — NOLD AI signing scripts for revocation entries
• NEW: docs/trust/grace-window-policy.md — user-facing grace window policy document

Acceptance Criteria

• A revoked publisher with security_incident is hard-blocked on install with no flag override
• policy_violation revocations show warning + prompt during 30-day grace window, then hard-block
• Installed revoked modules surface a prominent warning on next CLI invocation (warn-only, not blocking)
• Weekly periodic re-check for installed modules (configurable via revocation_check_interval)
• CI AST scan blocks publication of bundles with obfuscated code or eval/exec on remote data
• All public revocation APIs have @icontract and @beartype decorators

OpenSpec Change Proposal: marketplace-04-revocation