feat(auditlog): thread ExecutionId through S&F for retry-loop cached rows

The store-and-forward retry loop emits the per-attempt and terminal cached
audit rows (ApiCallCached/DbWriteCached Attempted, CachedResolve) via
CachedCallLifecycleBridge from a CachedCallAttemptContext, not from the
script context. ExecutionId (and SourceScript) were not threaded through the
S&F buffer, so those rows had ExecutionId = null and SourceScript = null.

Thread both, additively, from the cached-call enqueue path:

- StoreAndForwardMessage gains ExecutionId (Guid?) / SourceScript (string?).
- StoreAndForwardStorage adds nullable execution_id / source_script columns
  via an idempotent PRAGMA-probed ALTER TABLE migration; rows persisted by
  an older build read back null (back-compat).
- StoreAndForwardService.EnqueueAsync gains optional executionId /
  sourceScript params, stamped onto the buffered message and surfaced on the
  CachedCallAttemptContext built in the retry loop.
- CachedCallAttemptContext gains ExecutionId / SourceScript.
- CachedCallLifecycleBridge.BuildPacket sets AuditEvent.ExecutionId and
  AuditEvent.SourceScript from the context (replacing the hard-coded
  SourceScript = null and its now-stale comment).
- IExternalSystemClient.CachedCallAsync / IDatabaseGateway.CachedWriteAsync
  gain optional executionId / sourceScript params; ScriptRuntimeContext's
  CachedCall / CachedWrite helpers pass _executionId / _sourceScript.

Script-side cached rows (CachedSubmit, immediate Attempted+Resolve) are
unchanged. All threading is additive — old buffered S&F rows still
deserialize and process with the new fields null.

tests/ScadaLink.StoreAndForward.Tests/CachedCallAttemptEmissionTests.cs

@@ -277,6 +277,86 @@ public class CachedCallAttemptEmissionTests : IAsyncLifetime, IDisposable
         Assert.Equal(trackedId, _observer.Notifications[1].TrackedOperationId);
     }
 
+    // ── Audit Log #23 (ExecutionId Task 4): ExecutionId / SourceScript ──
+
+    [Fact]
+    public async Task Attempt_CarriesExecutionIdAndSourceScript_FromBufferedMessage()
+    {
+        // A buffered cached call carries the originating script execution's
+        // ExecutionId + SourceScript. The retry sweep must surface both on the
+        // CachedCallAttemptContext handed to the observer so the audit bridge
+        // can stamp them on the retry-loop cached rows.
+        var executionId = Guid.NewGuid();
+        _service.RegisterDeliveryHandler(StoreAndForwardCategory.ExternalSystem,
+            _ => throw new HttpRequestException("HTTP 503"));
+
+        var trackedId = TrackedOperationId.New();
+        await _service.EnqueueAsync(
+            StoreAndForwardCategory.ExternalSystem,
+            "ERP",
+            """{"payload":"x"}""",
+            originInstanceName: "Plant.Pump42",
+            maxRetries: 5,
+            retryInterval: TimeSpan.Zero,
+            attemptImmediateDelivery: false,
+            messageId: trackedId.ToString(),
+            executionId: executionId,
+            sourceScript: "Plant.Pump42/OnTick");
+
+        await _service.RetryPendingMessagesAsync();
+
+        var notification = Assert.Single(_observer.Notifications);
+        Assert.Equal(executionId, notification.ExecutionId);
+        Assert.Equal("Plant.Pump42/OnTick", notification.SourceScript);
+    }
+
+    [Fact]
+    public async Task Attempt_NullExecutionIdAndSourceScript_SurfaceAsNull()
+    {
+        // Back-compat: a row buffered without ExecutionId / SourceScript (legacy
+        // enqueue path) must surface them as null on the context, not throw.
+        _service.RegisterDeliveryHandler(StoreAndForwardCategory.ExternalSystem,
+            _ => Task.FromResult(true));
+        var trackedId = await EnqueueBufferedAsync(
+            StoreAndForwardCategory.ExternalSystem, "ERP");
+
+        await _service.RetryPendingMessagesAsync();
+
+        var notification = Assert.Single(_observer.Notifications);
+        Assert.Null(notification.ExecutionId);
+        Assert.Null(notification.SourceScript);
+    }
+
+    [Fact]
+    public async Task TerminalResolve_CarriesExecutionIdAndSourceScript()
+    {
+        // The terminal Delivered notification must also carry the threaded
+        // provenance so the CachedResolve audit row is correlated.
+        var executionId = Guid.NewGuid();
+        _service.RegisterDeliveryHandler(StoreAndForwardCategory.CachedDbWrite,
+            _ => Task.FromResult(true));
+
+        var trackedId = TrackedOperationId.New();
+        await _service.EnqueueAsync(
+            StoreAndForwardCategory.CachedDbWrite,
+            "myDb",
+            """{"payload":"x"}""",
+            originInstanceName: "Plant.Tank",
+            maxRetries: 3,
+            retryInterval: TimeSpan.Zero,
+            attemptImmediateDelivery: false,
+            messageId: trackedId.ToString(),
+            executionId: executionId,
+            sourceScript: "Plant.Tank/OnAlarm");
+
+        await _service.RetryPendingMessagesAsync();
+
+        var notification = Assert.Single(_observer.Notifications);
+        Assert.Equal(CachedCallAttemptOutcome.Delivered, notification.Outcome);
+        Assert.Equal(executionId, notification.ExecutionId);
+        Assert.Equal("Plant.Tank/OnAlarm", notification.SourceScript);
+    }
+
     // ── Best-effort contract: observer throws must NOT corrupt retry bookkeeping ──
 
     [Fact]