fix: add background task to onboarding order sync + migrate to GitLab

Onboarding fixes:
- Add missing background task trigger for order sync (step 4)
- Import process_historical_import task in onboarding API

GitLab migration:
- Update audit rules to support both GitHub and GitLab paths
- Add .gitlab-ci.yml with lint, test, security, build stages
- Add merge request template (.gitlab/merge_request_templates/default.md)
- Update validate_audit.py to check for GitLab equivalents

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

.audit-rules/third_party.yaml

@@ -57,6 +57,7 @@ rules:
       type: file_exists
       paths:
         - ".github/workflows/*.yml"
+        - ".gitlab-ci.yml"
       patterns:
         - "safety|pip-audit|snyk|dependabot"
       message: "Dependency vulnerability scanning required"
@@ -69,6 +70,7 @@ rules:
       type: file_exists
       paths:
         - ".github/dependabot.yml"
+        - ".gitlab-ci.yml"  # GitLab uses built-in dependency scanning
       message: "Consider enabling Dependabot for security updates"
 
   - id: THIRD-VULN-003
@@ -79,6 +81,7 @@ rules:
       type: pattern_recommended
       paths:
         - ".github/workflows/*.yml"
+        - ".gitlab-ci.yml"
       patterns:
         - "trivy|grype|snyk.*container"
       message: "Consider container image vulnerability scanning"