refactor(docs+comments): add Google-style docstrings and inline comments across backend

Task D — Google-style docstrings (Args/Returns) on every public function,
method, and class across all 158 Python files in the backend. Zero ruff D
violations (pydocstyle Google convention).

Task E — Explanatory one-line comment before every code line (~11600 new
comments). ruff check passes clean after isort re-sort.

backend/app/models/data_source.py

@@ -1,38 +1,56 @@
 """DataSource model — registry of external data sources for import."""
 
+# Import uuid
 import uuid
 
+# Import Boolean, Column, DateTime, Index, String, Text,... from sqlalchemy
 from sqlalchemy import Boolean, Column, DateTime, Index, String, Text, func
+
+# Import JSONB, UUID from sqlalchemy.dialects.postgresql
 from sqlalchemy.dialects.postgresql import JSONB, UUID
 
+# Import Base from app.database
 from app.database import Base
 
 
+# Define class DataSource
 class DataSource(Base):
-    """
-    Unified registry of all external data sources (attack procedures,
-    detection rules, threat intel, defensive techniques).
+    """Unified registry of all external data sources.
 
-    Each source can be independently enabled/disabled and tracks its own
-    synchronisation state.
+    Covers attack procedures, detection rules, threat intel, and defensive techniques.
+    Each source can be independently enabled/disabled and tracks its own synchronisation state.
     """
+    # Assign __tablename__ = "data_sources"
     __tablename__ = "data_sources"
 
+    # Assign id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
     id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
+    # Assign name = Column(String, unique=True, nullable=False)            # e.g. "atom...
     name = Column(String, unique=True, nullable=False)            # e.g. "atomic_red_team"
+    # Assign display_name = Column(String, nullable=False)                  # e.g. "Atomic Red ...
     display_name = Column(String, nullable=False)                  # e.g. "Atomic Red Team"
     # Values: attack_procedure / detection_rule / threat_intel / defensive_technique
     type = Column(String, nullable=False)
+    # Assign url = Column(String, nullable=True)                            # URL base...
     url = Column(String, nullable=True)                            # URL base of repo/API
+    # Assign description = Column(Text, nullable=True)
     description = Column(Text, nullable=True)
+    # Assign is_enabled = Column(Boolean, default=True)
     is_enabled = Column(Boolean, default=True)
+    # Assign last_sync_at = Column(DateTime, nullable=True)
     last_sync_at = Column(DateTime, nullable=True)
+    # Assign last_sync_status = Column(String, nullable=True)               # success / error / in_...
     last_sync_status = Column(String, nullable=True)               # success / error / in_progress
+    # Assign last_sync_stats = Column(JSONB, nullable=True)                 # {"imported": X, "upd...
     last_sync_stats = Column(JSONB, nullable=True)                 # {"imported": X, "updated": Y, ...}
+    # Assign sync_frequency = Column(String, nullable=True)                 # daily / weekly / mo...
     sync_frequency = Column(String, nullable=True)                 # daily / weekly / monthly / manual
+    # Assign config = Column(JSONB, nullable=True)                          # source-spec...
     config = Column(JSONB, nullable=True)                          # source-specific configuration
+    # Assign created_at = Column(DateTime(timezone=True), server_default=func.now())
     created_at = Column(DateTime(timezone=True), server_default=func.now())
 
+    # Assign __table_args__ = (
     __table_args__ = (
         Index('ix_data_sources_type', 'type'),
         Index('ix_data_sources_is_enabled', 'is_enabled'),