Add hardware-ingest-json and submodule-integration contracts; expand go-database cursor safety

Synthesized from bible-local reviews across bee, logpile, core, chart, PriceForge:
- rules/patterns/hardware-ingest-json/contract.md — Reanimator JSON ingest schema v2.10
- rules/patterns/submodule-integration/contract.md — read-only submodule principle
- go-database: add driver-level violation symptoms for cursor safety rule

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

rules/patterns/go-database/contract.md

@@ -8,6 +8,8 @@ See `README.md` for examples, migration snippets, and Docker test commands.
 
 - Never execute SQL on the same transaction while iterating an open result cursor. Use a two-phase flow: read all rows, close the cursor, then execute writes.
 - This rule applies to `database/sql`, GORM transactions, and any repository call made while another cursor in the same transaction is still open.
+- Violation symptoms: `[mysql] invalid connection`, `unexpected EOF`, `driver: bad connection` in Go logs; `Got an error reading communication packets` in MariaDB/MySQL error log. These are driver-level failures, not application errors — the root cause is always a nested SQL call on an open cursor.
+- Recompute/rebuild/repair flows are the most common violation sites: audit them explicitly.
 - User-visible records use soft delete or archive flags. Do not hard-delete records with history or foreign-key references.
 - Archive operations must be reversible from the UI.
 - Use `gorm:"-"` only for fields that must be ignored entirely. Use `gorm:"-:migration"` for fields populated by queries but excluded from migrations.