@blamejs/core 0.13.43 → 0.13.44

package/lib/boot-gates.js

@@ -66,7 +66,7 @@ var DEFAULT_EXIT_CODE = 1;
 async function run(gates, opts) {
   opts = opts || {};
   if (!Array.isArray(gates) || gates.length === 0) {
-    throw new BootGatesError("bootgates/bad-input",
+    throw new BootGatesError("boot-gates/bad-input",
       "b.bootGates.run: gates must be a non-empty array");
   }
   var log = typeof opts.log === "function" ? opts.log : function (msg) {
@@ -82,7 +82,7 @@ async function run(gates, opts) {
   // throw rather than terminating the process — operators that wire
   // bootGates from their daemon main() pass `exit: process.exit.bind(process)`.
   var exit = typeof opts.exit === "function" ? opts.exit : function (code) {
-    var e = new BootGatesError("bootgates/no-exit-wired",
+    var e = new BootGatesError("boot-gates/no-exit-wired",
       "b.bootGates.run: gate failed (exitCode=" + code + ") but no opts.exit handler was supplied; " +
       "operators wire opts.exit to process.exit.bind(process) in their daemon main()");
     e.exitCode = code;
@@ -96,26 +96,26 @@ async function run(gates, opts) {
     var gate = gates[i];
     if (!gate || typeof gate.name !== "string" || gate.name.length === 0 ||
         typeof gate.fn !== "function") {
-      throw new BootGatesError("bootgates/bad-gate",
+      throw new BootGatesError("boot-gates/bad-gate",
         "b.bootGates.run: gates[" + i + "] must be { name: string, fn: function }");
     }
     var timeoutMs = gate.timeoutMs || DEFAULT_GATE_TIMEOUT_MS;
     if (typeof timeoutMs !== "number" || !isFinite(timeoutMs) || timeoutMs < 1) {
-      throw new BootGatesError("bootgates/bad-timeout",
+      throw new BootGatesError("boot-gates/bad-timeout",
         "b.bootGates.run: gates[" + i + "].timeoutMs must be a positive finite number");
     }
     var gateT0 = Date.now();
     var failure = null;
     try {
       await safeAsync.withTimeout(Promise.resolve().then(gate.fn), timeoutMs,
-        new BootGatesError("bootgates/timeout",
+        new BootGatesError("boot-gates/timeout",
           "b.bootGates.run: gate '" + gate.name + "' exceeded " + timeoutMs + "ms"));
     } catch (err) {
       failure = err;
     }
     if (overallTimeoutMs !== undefined &&
         Date.now() - t0 > overallTimeoutMs && failure === null) {
-      failure = new BootGatesError("bootgates/overall-timeout",
+      failure = new BootGatesError("boot-gates/overall-timeout",
         "b.bootGates.run: overall budget " + overallTimeoutMs + "ms exceeded after gate '" +
         gate.name + "'");
     }

package/lib/budr.js

@@ -78,31 +78,31 @@ var declarations = new Map();
  */
 function declare(opts) {
   if (!opts || typeof opts !== "object") {
-    throw BudrError.factory("BAD_OPTS", "budr.declare: opts required");
+    throw BudrError.factory("budr/bad-opts", "budr.declare: opts required");
   }
   if (typeof opts.service !== "string" || opts.service.length === 0 ||
       opts.service.length > SERVICE_MAX || !SERVICE_RE.test(opts.service)) {
-    throw BudrError.factory("BAD_SERVICE",
+    throw BudrError.factory("budr/bad-service",
       "budr.declare: service must match " + SERVICE_RE);
   }
   numericBounds.requirePositiveFiniteIntIfPresent(opts.rtoMs, "budr.declare: rtoMs", BudrError, "BAD_RTO");
   numericBounds.requirePositiveFiniteIntIfPresent(opts.rpoMs, "budr.declare: rpoMs", BudrError, "BAD_RPO");
   if (typeof opts.rtoMs !== "number" || typeof opts.rpoMs !== "number") {
-    throw BudrError.factory("BAD_TARGETS",
+    throw BudrError.factory("budr/bad-targets",
       "budr.declare: rtoMs and rpoMs are required positive integer milliseconds");
   }
   if (opts.tier !== undefined && TIERS.indexOf(opts.tier) === -1) {
-    throw BudrError.factory("BAD_TIER",
+    throw BudrError.factory("budr/bad-tier",
       "budr.declare: tier must be one of " + TIERS.join(", "));
   }
   if (opts.criticality !== undefined && CRITICALITIES.indexOf(opts.criticality) === -1) {
-    throw BudrError.factory("BAD_CRITICALITY",
+    throw BudrError.factory("budr/bad-criticality",
       "budr.declare: criticality must be one of " + CRITICALITIES.join(", "));
   }
   validateOpts.optionalNonEmptyString(opts.owner,
     "budr.declare: owner", BudrError, "BAD_OWNER");
   if (opts.citations !== undefined && !Array.isArray(opts.citations)) {
-    throw BudrError.factory("BAD_CITATIONS",
+    throw BudrError.factory("budr/bad-citations",
       "budr.declare: citations must be an array of strings");
   }
 

package/lib/content-credentials.js

@@ -48,7 +48,7 @@ var REQUIRED_FIELDS = ["provider", "system", "systemVersion", "contentId"];
 
 function _validateBuildOpts(opts) {
   if (!opts || typeof opts !== "object") {
-    throw ContentCredentialsError.factory("BAD_OPTS",
+    throw ContentCredentialsError.factory("content-credentials/bad-opts",
       "contentCredentials.build: opts required");
   }
   for (var i = 0; i < REQUIRED_FIELDS.length; i += 1) {
@@ -57,32 +57,32 @@ function _validateBuildOpts(opts) {
       "contentCredentials.build: " + f, ContentCredentialsError, "MISSING_" + f.toUpperCase());
   }
   if (opts.provider.length > STR_LEN_MAX) {
-    throw ContentCredentialsError.factory("BAD_PROVIDER",
+    throw ContentCredentialsError.factory("content-credentials/bad-provider",
       "provider exceeds " + STR_LEN_MAX + " chars");
   }
   if (opts.system.length > ID_LEN_MAX || !ID_RE.test(opts.system)) {
-    throw ContentCredentialsError.factory("BAD_SYSTEM",
+    throw ContentCredentialsError.factory("content-credentials/bad-system",
       "system must match " + ID_RE);
   }
   if (opts.systemVersion.length > 64 || !SEMVER_RE.test(opts.systemVersion)) {                // allow:raw-byte-literal — semver length cap, not bytes
-    throw ContentCredentialsError.factory("BAD_VERSION",
+    throw ContentCredentialsError.factory("content-credentials/bad-version",
       "systemVersion must be semver");
   }
   if (opts.contentId.length > ID_LEN_MAX || !ID_RE.test(opts.contentId)) {
-    throw ContentCredentialsError.factory("BAD_CONTENT_ID",
+    throw ContentCredentialsError.factory("content-credentials/bad-content-id",
       "contentId must match " + ID_RE);
   }
   if (opts.contentType !== undefined) {
     if (typeof opts.contentType !== "string" || opts.contentType.length === 0 ||
         opts.contentType.length > ID_LEN_MAX || !/^[a-zA-Z]+\/[A-Za-z0-9._+-]+$/.test(opts.contentType)) {
-      throw ContentCredentialsError.factory("BAD_CONTENT_TYPE",
+      throw ContentCredentialsError.factory("content-credentials/bad-content-type",
         "contentType must be a valid IANA media type");
     }
   }
   if (opts.contentSha3 !== undefined) {
     if (typeof opts.contentSha3 !== "string" || opts.contentSha3.length !== SHA3_HEX_LEN ||
         !/^[a-f0-9]+$/i.test(opts.contentSha3)) {
-      throw ContentCredentialsError.factory("BAD_CONTENT_HASH",
+      throw ContentCredentialsError.factory("content-credentials/bad-content-hash",
         "contentSha3 must be lowercase hex SHA3-512 (" + SHA3_HEX_LEN + " chars)");
     }
   }
@@ -229,7 +229,7 @@ function required(opts) {
 function sign(manifest, opts) {
   opts = opts || {};
   if (!manifest || typeof manifest !== "object") {
-    throw ContentCredentialsError.factory("BAD_MANIFEST",
+    throw ContentCredentialsError.factory("content-credentials/bad-manifest",
       "contentCredentials.sign: manifest required");
   }
   validateOpts.requireNonEmptyString(opts.privateKeyPem,
@@ -368,7 +368,7 @@ function _cborUint(n) {
   if (n < 256)        return Buffer.from([0x18, n]);                                                                                          // allow:raw-byte-literal — CBOR threshold
   if (n < 65536)      return Buffer.from([0x19, (n >> 8) & 0xFF, n & 0xFF]);                                                                  // allow:raw-byte-literal — CBOR threshold
   if (n < 4294967296) return Buffer.from([0x1A, (n >> 24) & 0xFF, (n >> 16) & 0xFF, (n >> 8) & 0xFF, n & 0xFF]);                              // allow:raw-byte-literal — CBOR threshold
-  throw ContentCredentialsError.factory("CBOR_OVERFLOW", "cbor uint too large: " + n);
+  throw ContentCredentialsError.factory("content-credentials/cbor-overflow", "cbor uint too large: " + n);
 }
 
 function _cborNint(n) {
@@ -397,13 +397,13 @@ function _cborArrayHeader(n) {
   if (n < 24)    return Buffer.from([0x80 | n]);                                                                                               // allow:raw-byte-literal — CBOR threshold
   if (n < 256)   return Buffer.from([0x98, n]);                                                                                                // allow:raw-byte-literal — CBOR threshold
   if (n < 65536) return Buffer.from([0x99, (n >> 8) & 0xFF, n & 0xFF]);                                                                        // allow:raw-byte-literal — CBOR threshold
-  throw ContentCredentialsError.factory("CBOR_OVERFLOW", "cbor array too large: " + n);
+  throw ContentCredentialsError.factory("content-credentials/cbor-overflow", "cbor array too large: " + n);
 }
 
 function _cborMapHeader(n) {
   if (n < 24)    return Buffer.from([0xA0 | n]);                                                                                               // allow:raw-byte-literal — CBOR threshold
   if (n < 256)   return Buffer.from([0xB8, n]);                                                                                                // allow:raw-byte-literal — CBOR threshold
-  throw ContentCredentialsError.factory("CBOR_OVERFLOW", "cbor map too large: " + n);
+  throw ContentCredentialsError.factory("content-credentials/cbor-overflow", "cbor map too large: " + n);
 }
 
 function _cborTag(tag) {
@@ -454,14 +454,14 @@ function _cborTag(tag) {
 function signCose(manifest, opts) {
   opts = opts || {};
   if (!manifest || typeof manifest !== "object") {
-    throw ContentCredentialsError.factory("BAD_MANIFEST",
+    throw ContentCredentialsError.factory("content-credentials/bad-manifest",
       "contentCredentials.signCose: manifest required");
   }
   validateOpts.requireNonEmptyString(opts.privateKeyPem,
     "contentCredentials.signCose: privateKeyPem", ContentCredentialsError, "BAD_KEY");
   var algName = (opts.alg || "ml-dsa-87").toLowerCase();
   if (!(algName in COSE_ALGS)) {
-    throw ContentCredentialsError.factory("BAD_ALG",
+    throw ContentCredentialsError.factory("content-credentials/bad-alg",
       "contentCredentials.signCose: alg '" + algName +
       "' not in COSE alg registry. Known: " + Object.keys(COSE_ALGS).join(", "));
   }

package/lib/dark-patterns.js

@@ -64,47 +64,47 @@ var POSTURES = {
 
 function _validateFlowOpts(opts, label, errorClass) {
   if (!opts || typeof opts !== "object") {
-    throw errorClass.factory("BAD_OPTS",
+    throw errorClass.factory("dark-patterns/bad-opts",
       "darkPatterns.record" + label + ": opts required");
   }
   if (CHANNELS.indexOf(opts.channel) === -1) {
-    throw errorClass.factory("BAD_CHANNEL",
+    throw errorClass.factory("dark-patterns/bad-channel",
       "darkPatterns: channel must be one of " + CHANNELS.join(","));
   }
   if (typeof opts.clickCount !== "number" || !isFinite(opts.clickCount) ||
       opts.clickCount < 1 || opts.clickCount > 50 ||
       Math.floor(opts.clickCount) !== opts.clickCount) {
-    throw errorClass.factory("BAD_CLICKS",
+    throw errorClass.factory("dark-patterns/bad-clicks",
       "darkPatterns: clickCount must be integer 1..50");
   }
   if (!opts.cta || typeof opts.cta !== "object") {
-    throw errorClass.factory("BAD_CTA",
+    throw errorClass.factory("dark-patterns/bad-cta",
       "darkPatterns: cta object required (text, fontWeight, contrastRatio)");
   }
   if (typeof opts.cta.text !== "string" || opts.cta.text.length === 0 ||
       opts.cta.text.length > STR_LEN_MAX) {
-    throw errorClass.factory("BAD_CTA_TEXT",
+    throw errorClass.factory("dark-patterns/bad-cta-text",
       "darkPatterns: cta.text must be 1-256 char string");
   }
   if (typeof opts.cta.fontWeight !== "number" || opts.cta.fontWeight < 100 ||
       opts.cta.fontWeight > FONT_WEIGHT_MAX) {
-    throw errorClass.factory("BAD_FONT_WEIGHT",
+    throw errorClass.factory("dark-patterns/bad-font-weight",
       "darkPatterns: cta.fontWeight must be 100..1000");
   }
   if (typeof opts.cta.contrastRatio !== "number" ||
       opts.cta.contrastRatio < 1 || opts.cta.contrastRatio > 21) {
-    throw errorClass.factory("BAD_CONTRAST",
+    throw errorClass.factory("dark-patterns/bad-contrast",
       "darkPatterns: cta.contrastRatio must be 1..21");
   }
   if (typeof opts.confirmations !== "number" ||
       opts.confirmations < 0 || opts.confirmations > 10 ||
       Math.floor(opts.confirmations) !== opts.confirmations) {
-    throw errorClass.factory("BAD_CONFIRMATIONS",
+    throw errorClass.factory("dark-patterns/bad-confirmations",
       "darkPatterns: confirmations must be integer 0..10");
   }
   if (typeof opts.resourceId !== "string" || opts.resourceId.length === 0 ||
       opts.resourceId.length > STR_LEN_MAX) {
-    throw errorClass.factory("BAD_RESOURCE_ID",
+    throw errorClass.factory("dark-patterns/bad-resource-id",
       "darkPatterns: resourceId must be 1-256 char string");
   }
 }
@@ -252,21 +252,21 @@ function assertParity(signup, cancel, opts) {
   opts = opts || {};
   var errorClass = opts.errorClass || DarkPatternsError;
   if (!signup || signup.kind !== "signup") {
-    throw errorClass.factory("BAD_SIGNUP_FLOW",
+    throw errorClass.factory("dark-patterns/bad-signup-flow",
       "darkPatterns.assertParity: signup must be a recorded signup flow");
   }
   if (!cancel || cancel.kind !== "cancel") {
-    throw errorClass.factory("BAD_CANCEL_FLOW",
+    throw errorClass.factory("dark-patterns/bad-cancel-flow",
       "darkPatterns.assertParity: cancel must be a recorded cancel flow");
   }
   if (signup.resourceId !== cancel.resourceId) {
-    throw errorClass.factory("RESOURCE_MISMATCH",
+    throw errorClass.factory("dark-patterns/resource-mismatch",
       "darkPatterns.assertParity: resourceId differs between flows");
   }
   var postureName = opts.posture || "ftc-2024";
   var posture = POSTURES[postureName];
   if (!posture) {
-    throw errorClass.factory("BAD_POSTURE",
+    throw errorClass.factory("dark-patterns/bad-posture",
       "darkPatterns.assertParity: unknown posture " + postureName);
   }
 
@@ -427,11 +427,11 @@ function middleware(opts) {
   opts = opts || {};
   var errorClass = opts.errorClass || DarkPatternsError;
   if (typeof opts.lookupAttestation !== "function") {
-    throw errorClass.factory("BAD_OPTS",
+    throw errorClass.factory("dark-patterns/bad-opts",
       "darkPatterns.middleware: lookupAttestation function required");
   }
   if (typeof opts.resourceIdFromReq !== "function") {
-    throw errorClass.factory("BAD_OPTS",
+    throw errorClass.factory("dark-patterns/bad-opts",
       "darkPatterns.middleware: resourceIdFromReq function required");
   }
 

package/lib/ddl-change-control.js

@@ -59,7 +59,7 @@ var DAY_NAMES = ["sun", "mon", "tue", "wed", "thu", "fri", "sat"];
 
 function _parseWindowSpec(spec) {
   if (typeof spec !== "string" || spec.length === 0) {
-    throw new DdlChangeControlError("ddlChangeControl/bad-window",
+    throw new DdlChangeControlError("ddl-change-control/bad-window",
       "windowSpec must be a non-empty string");
   }
   var trimmed = spec.trim();
@@ -68,11 +68,11 @@ function _parseWindowSpec(spec) {
   }
   var parts = trimmed.split(/\s+/);
   if (parts.length !== 3) {
-    throw new DdlChangeControlError("ddlChangeControl/bad-window",
+    throw new DdlChangeControlError("ddl-change-control/bad-window",
       "windowSpec must be 'always' or '<days> <HH:MM-HH:MM> UTC' - got " + JSON.stringify(spec));
   }
   if (parts[2].toUpperCase() !== "UTC") {
-    throw new DdlChangeControlError("ddlChangeControl/bad-window",
+    throw new DdlChangeControlError("ddl-change-control/bad-window",
       "windowSpec timezone must be UTC - got " + parts[2]);
   }
   var days = new Set();
@@ -82,13 +82,13 @@ function _parseWindowSpec(spec) {
     if (dp.indexOf("-") !== -1) {
       var range = dp.split("-");
       if (range.length !== 2) {
-        throw new DdlChangeControlError("ddlChangeControl/bad-window",
+        throw new DdlChangeControlError("ddl-change-control/bad-window",
           "windowSpec day-range must be 'A-B' - got " + dp);
       }
       var lo = DAY_NAMES.indexOf(range[0]);
       var hi = DAY_NAMES.indexOf(range[1]);
       if (lo === -1 || hi === -1) {
-        throw new DdlChangeControlError("ddlChangeControl/bad-window",
+        throw new DdlChangeControlError("ddl-change-control/bad-window",
           "windowSpec unknown day in range " + dp);
       }
       if (lo <= hi) {
@@ -100,7 +100,7 @@ function _parseWindowSpec(spec) {
     } else {
       var idx = DAY_NAMES.indexOf(dp);
       if (idx === -1) {
-        throw new DdlChangeControlError("ddlChangeControl/bad-window",
+        throw new DdlChangeControlError("ddl-change-control/bad-window",
           "windowSpec unknown day '" + dp + "'");
       }
       days.add(idx);
@@ -108,13 +108,13 @@ function _parseWindowSpec(spec) {
   }
   var hourParts = parts[1].split("-");
   if (hourParts.length !== 2) {
-    throw new DdlChangeControlError("ddlChangeControl/bad-window",
+    throw new DdlChangeControlError("ddl-change-control/bad-window",
       "windowSpec hour-range must be 'HH:MM-HH:MM' - got " + parts[1]);
   }
   var startMin = _parseHHMM(hourParts[0]);
   var endMin   = _parseHHMM(hourParts[1]);
   if (startMin >= endMin) {
-    throw new DdlChangeControlError("ddlChangeControl/bad-window",
+    throw new DdlChangeControlError("ddl-change-control/bad-window",
       "windowSpec start must be < end - got " + parts[1]);
   }
   return { always: false, days: days, startMin: startMin, endMin: endMin };
@@ -123,13 +123,13 @@ function _parseWindowSpec(spec) {
 function _parseHHMM(s) {
   var m = /^(\d{2}):(\d{2})$/.exec(s);
   if (!m) {
-    throw new DdlChangeControlError("ddlChangeControl/bad-window",
+    throw new DdlChangeControlError("ddl-change-control/bad-window",
       "windowSpec time must be HH:MM - got " + s);
   }
   var hh = parseInt(m[1], 10);
   var mm = parseInt(m[2], 10);
   if (hh < 0 || hh > 23 || mm < 0 || mm > 59) {
-    throw new DdlChangeControlError("ddlChangeControl/bad-window",
+    throw new DdlChangeControlError("ddl-change-control/bad-window",
       "windowSpec time out of range - got " + s);
   }
   return hh * 60 + mm; // allow:raw-time-literal — converting HH:MM to minute-of-day, not "60 seconds"
@@ -212,28 +212,28 @@ function create(opts) {
     "verifyWith", "store", "now", "selfApproval",
   ], "ddlChangeControl.create");
   validateOpts.auditShape(opts.audit, "ddlChangeControl",
-    DdlChangeControlError, "ddlChangeControl/bad-audit");
+    DdlChangeControlError, "ddl-change-control/bad-audit");
   validateOpts.optionalFunction(opts.signWith,
-    "ddlChangeControl: signWith", DdlChangeControlError, "ddlChangeControl/bad-signer");
+    "ddlChangeControl: signWith", DdlChangeControlError, "ddl-change-control/bad-signer");
   validateOpts.optionalFunction(opts.verifyWith,
-    "ddlChangeControl: verifyWith", DdlChangeControlError, "ddlChangeControl/bad-verifier");
+    "ddlChangeControl: verifyWith", DdlChangeControlError, "ddl-change-control/bad-verifier");
   validateOpts.optionalFunction(opts.now,
-    "ddlChangeControl: now", DdlChangeControlError, "ddlChangeControl/bad-now");
+    "ddlChangeControl: now", DdlChangeControlError, "ddl-change-control/bad-now");
   validateOpts.optionalNonEmptyString(opts.posture,
-    "ddlChangeControl: posture", DdlChangeControlError, "ddlChangeControl/bad-posture");
+    "ddlChangeControl: posture", DdlChangeControlError, "ddl-change-control/bad-posture");
 
   var approvers = 2;
   if (opts.approvers !== undefined) {
     if (typeof opts.approvers !== "number" || !isFinite(opts.approvers) ||
         opts.approvers < 1) {
-      throw new DdlChangeControlError("ddlChangeControl/bad-approvers",
+      throw new DdlChangeControlError("ddl-change-control/bad-approvers",
         "approvers must be a positive integer");
     }
     approvers = Math.floor(opts.approvers);
   }
   var posture = opts.posture || null;
   if (posture && POSTURES_REQUIRING_CHANGE_CONTROL.indexOf(posture) !== -1 && approvers < 2) {
-    throw new DdlChangeControlError("ddlChangeControl/insufficient-approvers",
+    throw new DdlChangeControlError("ddl-change-control/insufficient-approvers",
       "posture '" + posture + "' requires approvers >= 2 (SOX 404 / PCI-DSS 6.5)");
   }
 
@@ -267,11 +267,11 @@ function create(opts) {
   async function propose(sql, options) {
     options = options || {};
     if (typeof sql !== "string" || sql.length === 0) {
-      throw new DdlChangeControlError("ddlChangeControl/bad-sql",
+      throw new DdlChangeControlError("ddl-change-control/bad-sql",
         "propose: sql must be a non-empty string");
     }
     if (typeof options.proposer !== "string" || options.proposer.length === 0) {
-      throw new DdlChangeControlError("ddlChangeControl/missing-proposer",
+      throw new DdlChangeControlError("ddl-change-control/missing-proposer",
         "propose: opts.proposer is required (non-empty string)");
     }
     var changeId = generateToken(C.BYTES.bytes(16));
@@ -311,37 +311,37 @@ function create(opts) {
   async function approve(changeId, approver, options) {
     options = options || {};
     if (typeof changeId !== "string" || changeId.length === 0) {
-      throw new DdlChangeControlError("ddlChangeControl/bad-id",
+      throw new DdlChangeControlError("ddl-change-control/bad-id",
         "approve: changeId must be a non-empty string");
     }
     if (typeof approver !== "string" || approver.length === 0) {
-      throw new DdlChangeControlError("ddlChangeControl/missing-approver",
+      throw new DdlChangeControlError("ddl-change-control/missing-approver",
         "approve: approver must be a non-empty string");
     }
     var change = store.get(changeId);
     if (!change) {
-      throw new DdlChangeControlError("ddlChangeControl/unknown-change",
+      throw new DdlChangeControlError("ddl-change-control/unknown-change",
         "approve: unknown changeId '" + changeId + "'");
     }
     if (change.state === STATE_REJECTED) {
-      throw new DdlChangeControlError("ddlChangeControl/already-rejected",
+      throw new DdlChangeControlError("ddl-change-control/already-rejected",
         "approve: change '" + changeId + "' is already rejected");
     }
     if (change.state === STATE_APPLIED) {
-      throw new DdlChangeControlError("ddlChangeControl/already-applied",
+      throw new DdlChangeControlError("ddl-change-control/already-applied",
         "approve: change '" + changeId + "' is already applied");
     }
     if (!selfApprovalAllowed && approver === change.proposer) {
       _emit("ddl.change.apply_refused", {
         changeId: changeId, reason: "self-approval-denied", actor: approver,
       }, "denied");
-      throw new DdlChangeControlError("ddlChangeControl/self-approval-denied",
+      throw new DdlChangeControlError("ddl-change-control/self-approval-denied",
         "approve: proposer '" + approver + "' cannot approve their own change under posture '" +
         (posture || "default") + "'");
     }
     for (var i = 0; i < change.approvals.length; i++) {
       if (change.approvals[i].approver === approver) {
-        throw new DdlChangeControlError("ddlChangeControl/duplicate-approval",
+        throw new DdlChangeControlError("ddl-change-control/duplicate-approval",
           "approve: '" + approver + "' has already approved this change");
       }
     }
@@ -373,20 +373,20 @@ function create(opts) {
 
   async function reject(changeId, reviewer, reason) {
     if (typeof changeId !== "string" || changeId.length === 0) {
-      throw new DdlChangeControlError("ddlChangeControl/bad-id",
+      throw new DdlChangeControlError("ddl-change-control/bad-id",
         "reject: changeId must be a non-empty string");
     }
     if (typeof reviewer !== "string" || reviewer.length === 0) {
-      throw new DdlChangeControlError("ddlChangeControl/missing-reviewer",
+      throw new DdlChangeControlError("ddl-change-control/missing-reviewer",
         "reject: reviewer must be a non-empty string");
     }
     var change = store.get(changeId);
     if (!change) {
-      throw new DdlChangeControlError("ddlChangeControl/unknown-change",
+      throw new DdlChangeControlError("ddl-change-control/unknown-change",
         "reject: unknown changeId '" + changeId + "'");
     }
     if (change.state === STATE_APPLIED) {
-      throw new DdlChangeControlError("ddlChangeControl/already-applied",
+      throw new DdlChangeControlError("ddl-change-control/already-applied",
         "reject: change '" + changeId + "' is already applied");
     }
     change.state = STATE_REJECTED;
@@ -422,20 +422,20 @@ function create(opts) {
 
   async function applyApproved(changeId, runner) {
     if (typeof runner !== "function") {
-      throw new DdlChangeControlError("ddlChangeControl/bad-runner",
+      throw new DdlChangeControlError("ddl-change-control/bad-runner",
         "applyApproved: runner must be an async function (sql) => result");
     }
     var change = store.get(changeId);
     if (!change) {
-      throw new DdlChangeControlError("ddlChangeControl/unknown-change",
+      throw new DdlChangeControlError("ddl-change-control/unknown-change",
         "applyApproved: unknown changeId '" + changeId + "'");
     }
     if (change.state === STATE_APPLIED) {
-      throw new DdlChangeControlError("ddlChangeControl/already-applied",
+      throw new DdlChangeControlError("ddl-change-control/already-applied",
         "applyApproved: change '" + changeId + "' is already applied");
     }
     if (change.state === STATE_REJECTED) {
-      throw new DdlChangeControlError("ddlChangeControl/already-rejected",
+      throw new DdlChangeControlError("ddl-change-control/already-rejected",
         "applyApproved: change '" + changeId + "' is rejected");
     }
     if (change.approvals.length < approvers) {
@@ -443,7 +443,7 @@ function create(opts) {
         changeId: changeId,
         reason: "insufficient-approvals: " + change.approvals.length + "/" + approvers,
       }, "denied");
-      throw new DdlChangeControlError("ddlChangeControl/insufficient-approvals",
+      throw new DdlChangeControlError("ddl-change-control/insufficient-approvals",
         "applyApproved: change '" + changeId + "' has " + change.approvals.length +
         " approvals; threshold is " + approvers);
     }
@@ -451,7 +451,7 @@ function create(opts) {
       _emit("ddl.change.apply_refused", {
         changeId: changeId, reason: "window-closed",
       }, "denied");
-      throw new DdlChangeControlError("ddlChangeControl/window-closed",
+      throw new DdlChangeControlError("ddl-change-control/window-closed",
         "applyApproved: change '" + changeId + "' refused - outside allowed window");
     }
     var currentHash = _hashSql(change.sql);
@@ -459,7 +459,7 @@ function create(opts) {
       _emit("ddl.change.apply_refused", {
         changeId: changeId, reason: "sql-tampered",
       }, "denied");
-      throw new DdlChangeControlError("ddlChangeControl/sql-tampered",
+      throw new DdlChangeControlError("ddl-change-control/sql-tampered",
         "applyApproved: stored SQL no longer matches its hash - refusing to apply");
     }
     var startedAt = now();

package/lib/dr-runbook.js

@@ -232,7 +232,7 @@ function _renderTest(posture) {
  * placeholder otherwise so the runbook never silently drops a
  * required section.
  *
- * Throws `DrRunbookError("drRunbook/unknown-posture")` when `posture`
+ * Throws `DrRunbookError("dr-runbook/unknown-posture")` when `posture`
  * is not in the supported list.
  *
  * @opts
@@ -272,22 +272,22 @@ async function emit(opts) {
   ], "drRunbook.emit");
 
   validateOpts.requireNonEmptyString(opts.outDir,
-    "drRunbook.emit: outDir", DrRunbookError, "drRunbook/no-outdir");
+    "drRunbook.emit: outDir", DrRunbookError, "dr-runbook/no-outdir");
   validateOpts.requireNonEmptyString(opts.posture,
-    "drRunbook.emit: posture", DrRunbookError, "drRunbook/no-posture");
+    "drRunbook.emit: posture", DrRunbookError, "dr-runbook/no-posture");
   if (!POSTURE_BLOCKS[opts.posture]) {
-    throw new DrRunbookError("drRunbook/unknown-posture",
+    throw new DrRunbookError("dr-runbook/unknown-posture",
       "drRunbook.emit: posture '" + opts.posture + "' not in supported list (" +
       Object.keys(POSTURE_BLOCKS).join(", ") + ")");
   }
   if (opts.services !== undefined && !Array.isArray(opts.services)) {
-    throw new DrRunbookError("drRunbook/bad-services",
+    throw new DrRunbookError("dr-runbook/bad-services",
       "drRunbook.emit: services must be an array of {name, rtoMs, rpoMs}");
   }
   validateOpts.optionalPositiveFinite(opts.rtoMs,
-    "drRunbook.emit: rtoMs", DrRunbookError, "drRunbook/bad-rto");
+    "drRunbook.emit: rtoMs", DrRunbookError, "dr-runbook/bad-rto");
   validateOpts.optionalPositiveFinite(opts.rpoMs,
-    "drRunbook.emit: rpoMs", DrRunbookError, "drRunbook/bad-rpo");
+    "drRunbook.emit: rpoMs", DrRunbookError, "dr-runbook/bad-rpo");
 
   var auditOn = opts.audit !== false;
   var postureBlock = POSTURE_BLOCKS[opts.posture];

package/lib/fapi2.js

@@ -135,17 +135,17 @@ var SENDER_CONSTRAINTS = ["dpop", "mtls"];
  */
 function assertConformance(opts) {
   if (!opts || typeof opts !== "object") {
-    throw Fapi2Error.factory("BAD_OPTS",
+    throw Fapi2Error.factory("fapi2/bad-opts",
       "fapi2.assertConformance: opts required");
   }
   if (SENDER_CONSTRAINTS.indexOf(opts.senderConstraint) === -1) {
-    throw Fapi2Error.factory("BAD_SENDER_CONSTRAINT",
+    throw Fapi2Error.factory("fapi2/bad-sender-constraint",
       "fapi2.assertConformance: senderConstraint must be 'dpop' or 'mtls'");
   }
   var parRequired = opts.parRequired !== false;
   var pkceMethod = opts.pkceMethod || "S256";
   if (pkceMethod !== "S256") {
-    throw Fapi2Error.factory("BAD_PKCE",
+    throw Fapi2Error.factory("fapi2/bad-pkce",
       "fapi2.assertConformance: PKCE method must be S256 (FAPI 2.0 §5.3.1.1) — got '" +
       pkceMethod + "'");
   }
@@ -224,17 +224,17 @@ function assertConformance(opts) {
  */
 function assertOAuthConfig(oauthOpts) {
   if (!oauthOpts || typeof oauthOpts !== "object") {
-    throw Fapi2Error.factory("BAD_OAUTH_OPTS",
+    throw Fapi2Error.factory("fapi2/bad-oauth-opts",
       "fapi2.assertOAuthConfig: oauth opts required");
   }
   // PKCE — refuse pkce: false (b.auth.oauth.create already does this,
   // but check explicitly for FAPI clarity).
   if (oauthOpts.pkce === false) {
-    throw Fapi2Error.factory("PKCE_DISABLED",
+    throw Fapi2Error.factory("fapi2/pkce-disabled",
       "fapi2.assertOAuthConfig: PKCE is disabled — FAPI 2.0 §5.3.1.1 mandates S256");
   }
   if (oauthOpts.pkceMethod && oauthOpts.pkceMethod !== "S256") {
-    throw Fapi2Error.factory("PKCE_NOT_S256",
+    throw Fapi2Error.factory("fapi2/pkce-not-s256",
       "fapi2.assertOAuthConfig: PKCE method '" + oauthOpts.pkceMethod +
       "' is not S256 (FAPI 2.0 §5.3.1.1)");
   }
@@ -242,16 +242,16 @@ function assertOAuthConfig(oauthOpts) {
   var hasDpop = oauthOpts.dpop === true || oauthOpts.senderConstraint === "dpop";
   var hasMtls = oauthOpts.mtls === true || oauthOpts.senderConstraint === "mtls";
   if (!hasDpop && !hasMtls) {
-    throw Fapi2Error.factory("NO_SENDER_CONSTRAINT",
+    throw Fapi2Error.factory("fapi2/no-sender-constraint",
       "fapi2.assertOAuthConfig: FAPI 2.0 §5.3.2.5 requires sender-constrained tokens via DPoP OR mTLS — neither declared");
   }
   if (hasDpop && hasMtls) {
-    throw Fapi2Error.factory("BOTH_SENDER_CONSTRAINTS",
+    throw Fapi2Error.factory("fapi2/both-sender-constraints",
       "fapi2.assertOAuthConfig: declare exactly one of DPoP / mTLS — both creates over-binding ambiguity");
   }
   // PAR
   if (oauthOpts.par === false) {
-    throw Fapi2Error.factory("PAR_DISABLED",
+    throw Fapi2Error.factory("fapi2/par-disabled",
       "fapi2.assertOAuthConfig: PAR is disabled — FAPI 2.0 §5.3.2.2 mandates Pushed Authorization Requests");
   }
 }