feat(V2): /health/ready con ping client + middleware request log strutturato + request_id correlation

- /health/ready: ping di tutti i client (exchange, env) cached con
  timeout 2s, status ready|degraded|not_ready, opt-in 503 via
  READY_FAILS_ON_DEGRADED.
- Middleware mcp.request: 1 riga JSON per HTTP request con request_id,
  method, path, status_code, duration_ms, actor, bot_tag, exchange,
  tool, client_ip, user_agent.
- request_id propagato in request.state, audit log e error envelope per
  correlazione cross-cutting.
- Aggiunto async health() come probe minimo a bybit/alpaca/macro/
  sentiment/deribit (hyperliquid lo aveva già).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

src/cerbero_mcp/auth.py

@@ -15,7 +15,14 @@ Environment = Literal["testnet", "mainnet"]
 
 # Path che bypassano sia bearer auth sia bot_tag check.
 PATH_WHITELIST_FULL = frozenset(
-    {"/health", "/apidocs", "/openapi.json", "/docs", "/redoc"}
+    {
+        "/health",
+        "/health/ready",
+        "/apidocs",
+        "/openapi.json",
+        "/docs",
+        "/redoc",
+    }
 )
 # Path che richiedono bearer ma NON il bot_tag (admin endpoint).
 PATH_WHITELIST_BOT_TAG_ONLY = frozenset({"/admin/audit"})