@blamejs/core 0.13.43 → 0.13.45

package/CHANGELOG.md

@@ -8,6 +8,10 @@ upgrading across more than a few patches at a time.
 
 ## v0.13.x
 
+- v0.13.45 (2026-05-29) — **`b.cert` now fetches and staples a validated OCSP response per certificate, and validates declared compliance postures at create().** Two capabilities that b.cert documented but did not act on are now wired through. OCSP stapling: the cert manager fetches the leaf's OCSP response from the responder named in its Authority Information Access extension, validates it against the issuer (status, nonce, serial) via b.network.tls.ocsp, caches the DER, and exposes it on getContext().ocspResponse so a TLS server's OCSPRequest handler can staple it. The fetch runs in the background on a refresh timer and never blocks cert.start() — a slow or unreachable responder produces an audited per-certificate failure, not a stalled boot. Compliance postures: opts.compliance names are now validated against b.compliance.KNOWN_POSTURES at create() (an unknown name throws cert/unknown-compliance-posture instead of being silently recorded) and are surfaced on getContext().compliance for an auditor. Storage-confidentiality postures hold by construction because cert keys and certificates are always sealed at rest. The supporting composition primitive b.network.tls.ocsp.fetch (build request, POST to the responder through b.httpClient, validate the response) is now part of the public OCSP surface. **Added:** *b.network.tls.ocsp.fetch — fetch and validate an OCSP response* — The OCSP helper set previously built requests and evaluated responses but had no way to actually retrieve one. b.network.tls.ocsp.fetch({ leafPem, issuerPem, nonce?, timeoutMs? }) reads the responder URL from the leaf certificate's Authority Information Access extension, builds the request, POSTs it through b.httpClient (so the SSRF guard and pinned DNS apply), and validates the response against the issuer — returning the validated DER plus the parsed evaluation. It rejects when the leaf carries no OCSP responder URL or the response fails validation. · *b.cert staples a validated OCSP response per certificate* — With ocsp.stapling enabled (the default), the cert manager refreshes each certificate's OCSP response on a timer (ocsp.refreshMs, default 12h) and caches the validated DER. getContext(serverName).ocspResponse returns that DER for a TLS server to hand back from its OCSPRequest handler. The refresh runs in the background and is never on the path of cert.start(): an unreachable or slow responder is recorded as an audited cert.ocsp.refresh failure for that certificate and leaves the rest of the manager running. **Changed:** *opts.compliance posture names are validated at create()* — b.cert.create now checks each name in opts.compliance against b.compliance.KNOWN_POSTURES and throws cert/unknown-compliance-posture on an unrecognized name, so a typo is caught at construction rather than being silently recorded. The declared postures are surfaced on getContext().compliance. Cert keys and certificates are always sealed at rest, so storage-confidentiality postures are satisfied by construction.
+
+- v0.13.44 (2026-05-29) — **Error codes on the consent, compliance, and protocol namespaces now follow the namespace/kebab-case contract.** The framework's error contract is `err.code = "namespace/kebab-case"`, and the vast majority of namespaces already followed it. This release normalizes the holdouts: fifteen namespaces that threw bare UPPER_SNAKE codes with no namespace, and nine that used a camelCase namespace prefix. After this release every error these namespaces throw carries a `namespace/kebab-case` code, so an operator switching on `err.code` no longer has to special-case them. This is a breaking change for code that matches the old strings — pre-1.0, there is no compatibility shim, so update any `err.code` comparisons against the listed namespaces. A codebase check now enforces the convention so it cannot regress. A small set of older codes (the cluster, scheduler, circuit-breaker, object-store, and upload subsystems) is intentionally left for the 1.0 release, where it will carry a deprecation cycle. **Changed:** *Bare UPPER_SNAKE error codes are now namespaced (breaking)* — Fifteen namespaces threw bare UPPER_SNAKE error codes with no namespace prefix (for example `mcp` threw `BAD_JSON`, `BAD_ENVELOPE`, `BAD_METHOD`). Their `err.code` values are now `namespace/kebab-case` — `mcp/bad-json`, `mcp/bad-envelope`, and so on. The affected namespaces are `b.a2a`, `b.aiInput`, `b.aiPref`, `b.budr`, `b.contentCredentials`, `b.darkPatterns`, `b.fapi2`, `b.fdx`, `b.graphqlFederation`, `b.iabTcf`, `b.iabMspa`, `b.mcp`, `b.secCyber`, `b.sse`, and `b.tcpa10dlc`. Operators matching the old bare codes on `err.code` must update those comparisons; the error message text is unchanged. · *camelCase error-code namespaces are now kebab-case (breaking)* — Nine namespaces emitted error codes whose namespace segment was camelCase (for example `aiDp/bad-bound`, `argParser/flag-duplicate`). The namespace segment is now kebab-case to match every other code: `ai-dp/`, `ai-capability/`, `ai-quota/`, `arg-parser/`, `audit-sign/`, `auth-step-up/`, `ddl-change-control/`, `dr-runbook/`, `tenant-quota/`, and `boot-gates/`. The `b.*` API namespace keys themselves are unchanged (those remain camelCase, e.g. `b.argParser`); only the `err.code` string changed. Operators matching these `err.code` strings must update them. **Detectors:** *Error-code shape is enforced* — A codebase check now flags any error code constructed via `new XError(...)` or the per-class `factory(...)` whose value is a bare UPPER_SNAKE string or carries a camelCase namespace segment, so the `namespace/kebab-case` contract cannot silently regress. It correctly ignores native error constructors (whose first argument is the message, not a code).
+
 - v0.13.43 (2026-05-29) — **LTS window stated consistently as 24 months, experimental primitives declared semver-exempt, and stale version references cleaned up.** Documentation and operator-facing string hygiene ahead of the 1.0 stability contract. The LTS support window is now stated as 24 months everywhere (GOVERNANCE.md and the LTS calendar previously disagreed — 24 vs 18). The LTS calendar gains an explicit clause that primitives marked experimental are exempt from the stability/LTS contract, so operators can tell at a glance which surfaces may change between minors. Several error messages and doc blocks that pinned to long-past version numbers ("lands in v0.10.9", "not supported in v0.12.7", "ships in v0.6.45+") are restated version-agnostically with their escape hatch, and the S/MIME module now points operators at the live PGP encrypt/decrypt path for confidentiality today. No API or behavior changes. **Changed:** *LTS support window is consistently 24 months* — `GOVERNANCE.md` promised a 24-month LTS window while `LTS-CALENDAR.md` and `SECURITY.md` stated 18 — a six-month contradiction in the single most load-bearing number of the support contract. All three now state 24 months of security-only patches per major. The calendar table and the supported-versions prose are aligned. · *Experimental primitives are declared exempt from the stability contract* — `LTS-CALENDAR.md` now states explicitly that primitives documented as experimental (shown as "experimental" on their wiki page, and via the `experimental` segment in namespaces like `b.jose.jwe.experimental`) are not covered by the stability contract or the LTS window — they may change signature, behavior, or wire format, or be removed, in any minor without a deprecation cycle. This lets the framework ship primitives that track in-flight standards without freezing an unsettled format, and tells operators precisely which surfaces are not yet frozen. **Fixed:** *Stale version references removed from operator-facing errors and docs* — Error messages and documentation that pinned to long-past versions are restated version-agnostically with the relevant escape hatch: ZIP64 and unsupported-compression errors in archive reading, the CMS AuthEnvelopedData / fielded-decoder notes, the mTLS CRL-engine error, the safe-archive format-detection summary (which also now correctly lists the supported zip / tar / tar.gz set rather than claiming only zip), and the AI-content IPTC-reader note. None changed behavior; they no longer read as broken promises against the published version history. · *S/MIME confidentiality deferral points to the working PGP path* — `b.mail.crypto.smime` ships sign + verify; encrypt/decrypt is deferred. The deferral note previously cited an open-ended internal condition; it now names the escape hatch directly — use `b.mail.crypto.pgp.encrypt` / `decrypt` for mail confidentiality today — and states the concrete trigger that would re-open S/MIME-specific (X.509-recipient) encryption. · *Governance doc no longer references an internal file operators cannot see* — `GOVERNANCE.md` cited a rule number in a contributor-only file that does not ship in the repository. The deprecation-policy statement is now self-contained.
 
 - v0.13.42 (2026-05-29) — **S/MIME trust-chain validation binds the leaf to the key that verified the signature.** When b.mail.crypto.smime.verify is given trust anchors, it validates the supplied certificate chain — but it picked the chain leaf unconditionally (the first cert) and never tied it to signerPublicKey, the key that actually verified the signature. A SignedData blob could therefore carry a validly-chained certificate for one identity while the signature was verified under an unrelated key, and the chain-validated result would imply a cert↔signer binding the code never made. Chain validation now selects the leaf as the certificate whose public key matches signerPublicKey, and refuses (signer-not-in-chain) when no certificate in the chain carries that key — so a chain-validated signature is bound to the cert it claims. **Security:** *Trust-chain leaf is bound to the verified signer key* — `smime.verify({ trustAnchorCertsPem })` validated the supplied chain starting from `chain[0]` without checking that the leaf's public key was the one that verified the signature (the operator-supplied `signerPublicKey`). A crafted `SignedData` could pair a validly-chained certificate for identity A with a signature verified under an unrelated key, and the chain-valid result would assert a binding that didn't hold. The chain walk now selects the leaf as the certificate whose public key equals `signerPublicKey` (matched against the certificate's SPKI, raw key or full-encoding form), and throws `mail-crypto/smime/signer-not-in-chain` when no certificate in `SignedData.certificates` carries that key. A certificate whose key cannot be extracted is treated as a non-match, so validation fails closed rather than trusting an unverifiable binding.

package/README.md

@@ -114,7 +114,7 @@ The framework bundles the surface a typical Node app reaches for. Every primitiv
 - **CMS codec** — RFC 5652 Cryptographic Message Syntax encoder + decoder with PQC signers (ML-DSA-65 / ML-DSA-87 / SLH-DSA-SHAKE-256f; RFC 9909 + 9881) and KEMRecipientInfo recipients (ML-KEM-1024; RFC 9629 + 9936); ChaCha20-Poly1305 content encryption (RFC 8103) so Efail-class malleability cannot apply (`b.cms`)
 - **Stream throttle** — shared token-bucket bandwidth limiter (RFC 2697 srTCM shape); N concurrent `node:stream` pipelines draw from one operator-configured `bytesPerSec` budget (`b.streamThrottle`)
 - **TLS-RPT receiver** — RFC 8460 inbound aggregate-report ingest; HTTPS POST handler + §4.4 schema parser with gzip-bomb / ratio-bomb / depth-bomb defenses (`b.mail.deploy.parseTlsRptReport` / `b.mail.deploy.tlsRptIngestHttp`)
-- **TLS / channel binding** — RFC 9266 TLS-Exporter token-to-session pinning (`b.tlsExporter`); RFC 9162 CT v2 inclusion-proof verification (`b.network.tls.ct.verifyInclusion`); RFC 8555 ACME + RFC 9773 ARI for 47-day certs with `{ jitter: true }` fleet-scheduling (`b.acme.renewIfDue`); draft-aaron-acme-profiles (`acme.listProfiles()` + `newOrder({ profile })`); draft-ietf-acme-dns-account-label (`acme.dnsAccount01ChallengeRecord(token, { identifier })`); RFC 8470 0-RTT inbound posture refuse / replay-cache (`b.router.create({tls0Rtt})`); RFC 9794 SecP256r1MLKEM768 in preferred-group order (`b.network.tls.preferredGroups`)
+- **TLS / channel binding** — RFC 9266 TLS-Exporter token-to-session pinning (`b.tlsExporter`); RFC 9162 CT v2 inclusion-proof verification (`b.network.tls.ct.verifyInclusion`); RFC 8555 ACME + RFC 9773 ARI for 47-day certs with `{ jitter: true }` fleet-scheduling (`b.acme.renewIfDue`); draft-aaron-acme-profiles (`acme.listProfiles()` + `newOrder({ profile })`); draft-ietf-acme-dns-account-label (`acme.dnsAccount01ChallengeRecord(token, { identifier })`); RFC 8470 0-RTT inbound posture refuse / replay-cache (`b.router.create({tls0Rtt})`); RFC 9794 SecP256r1MLKEM768 in preferred-group order (`b.network.tls.preferredGroups`); RFC 6960 OCSP stapling — the cert manager (`b.cert`) fetches + validates each managed certificate's OCSP response (`b.network.tls.ocsp.fetch`) on a refresh cadence and exposes it on the served context for a TLS server's `OCSPRequest` handler to staple
 - **mTLS CA** — pure-JS, issues clientAuth / serverAuth / dual-EKU certs with SAN; auto-detects highest-PQC signature alg (today ECDSA-P384-SHA384; self-upgrades to SLH-DSA / ML-DSA when X.509 ecosystem catches up); PQC TLS gates inbound + outbound (`b.mtlsCa`, `b.pqcGate`, `b.pqcAgent`)
 ### HTTP
 

package/lib/a2a.js

@@ -48,52 +48,52 @@ var SEMVER_RE = /^[0-9]+\.[0-9]+(?:\.[0-9]+)?(?:-[A-Za-z0-9.-]+)?$/;
 
 function _validateCardShape(card, errorClass) {
   if (!card || typeof card !== "object" || Array.isArray(card)) {
-    throw errorClass.factory("BAD_CARD",
+    throw errorClass.factory("a2a/bad-card",
       "a2a: card must be an object");
   }
   for (var i = 0; i < REQUIRED_CARD_FIELDS.length; i += 1) {
     var f = REQUIRED_CARD_FIELDS[i];
     if (typeof card[f] === "undefined" || card[f] === null) {
-      throw errorClass.factory("MISSING_FIELD",
+      throw errorClass.factory("a2a/missing-field",
         "a2a: card." + f + " is required");
     }
   }
   if (typeof card.issuer !== "string" || card.issuer.length > ID_MAX || !ID_RE.test(card.issuer)) {
-    throw errorClass.factory("BAD_FIELD",
+    throw errorClass.factory("a2a/bad-field",
       "a2a: card.issuer shape (must match " + ID_RE + ")");
   }
   if (typeof card.agentId !== "string" || card.agentId.length > ID_MAX || !ID_RE.test(card.agentId)) {
-    throw errorClass.factory("BAD_FIELD",
+    throw errorClass.factory("a2a/bad-field",
       "a2a: card.agentId shape");
   }
   if (typeof card.version !== "string" || card.version.length > SEMVER_MAX || !SEMVER_RE.test(card.version)) {
-    throw errorClass.factory("BAD_FIELD",
+    throw errorClass.factory("a2a/bad-field",
       "a2a: card.version must be semver");
   }
   if (!Array.isArray(card.capabilities)) {
-    throw errorClass.factory("BAD_FIELD",
+    throw errorClass.factory("a2a/bad-field",
       "a2a: card.capabilities must be an array");
   }
   for (var c = 0; c < card.capabilities.length; c += 1) {
     var cap = card.capabilities[c];
     if (typeof cap !== "string" || cap.length === 0 || cap.length > CAP_NAME_MAX) {
-      throw errorClass.factory("BAD_FIELD",
+      throw errorClass.factory("a2a/bad-field",
         "a2a: card.capabilities[" + c + "] must be 1-128 char string");
     }
   }
   if (card.endpoints !== undefined) {
     if (!Array.isArray(card.endpoints)) {
-      throw errorClass.factory("BAD_FIELD",
+      throw errorClass.factory("a2a/bad-field",
         "a2a: card.endpoints must be an array");
     }
     for (var e = 0; e < card.endpoints.length; e += 1) {
       var ep = card.endpoints[e];
       if (!ep || typeof ep !== "object" || typeof ep.url !== "string") {
-        throw errorClass.factory("BAD_FIELD",
+        throw errorClass.factory("a2a/bad-field",
           "a2a: card.endpoints[" + e + "] must have a string url");
       }
       if (!/^https:\/\//.test(ep.url) && !/^http:\/\/(localhost|127\.0\.0\.1|\[::1\])/.test(ep.url)) {
-        throw errorClass.factory("INSECURE_ENDPOINT",
+        throw errorClass.factory("a2a/insecure-endpoint",
           "a2a: card.endpoints[" + e + "].url must be HTTPS (or localhost)");
       }
     }
@@ -226,7 +226,7 @@ function signCard(card, privateKeyPem, opts) {
   _validateCardShape(card, errorClass);
 
   if (typeof privateKeyPem !== "string" || privateKeyPem.length === 0) {
-    throw errorClass.factory("BAD_KEY",
+    throw errorClass.factory("a2a/bad-key",
       "a2a.signCard: privateKeyPem required");
   }
 

package/lib/agent-snapshot.js

@@ -170,7 +170,7 @@ function _resolveSigner(ctx) {
   var as;
   try { as = auditSign(); } catch (_e) { as = null; }
   if (as && typeof as.sign === "function" && typeof as.verify === "function") {
-    // b.auditSign.sign throws "auditSign/not-initialized" when called
+    // b.auditSign.sign throws "audit-sign/not-initialized" when called
     // pre-init — surface that here as the snapshot's signer-not-wired
     // error so the caller's message is consistent regardless of which
     // dependency landed unwired.

package/lib/ai-capability.js

@@ -108,31 +108,31 @@ function _isStringArray(a) {
 // surfaces at config time rather than as a silent mis-route.
 function _normalizeDescriptor(modelId, d) {
   if (!d || typeof d !== "object" || Array.isArray(d)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: descriptor for '" + modelId + "' must be a plain object");
   }
   validateOpts(d, DESCRIPTOR_KEYS, "ai.capability descriptor['" + modelId + "']");
 
   if (!_isPositiveInt(d.maxContextTokens)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.maxContextTokens must be a positive integer");
   }
   var maxOut = (d.maxOutputTokens == null) ? d.maxContextTokens : d.maxOutputTokens;
   if (!_isPositiveInt(maxOut)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.maxOutputTokens must be a positive integer");
   }
 
   var modIn = (d.modalitiesIn == null) ? ["text"] : d.modalitiesIn;
   var modOut = (d.modalitiesOut == null) ? ["text"] : d.modalitiesOut;
   if (!_isStringArray(modIn) || !_isStringArray(modOut)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.modalitiesIn / modalitiesOut must be arrays of non-empty strings");
   }
 
   var tier = (d.reasoningTier == null) ? "standard" : d.reasoningTier;
   if (REASONING_TIERS.indexOf(tier) === -1) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.reasoningTier must be one of " + REASONING_TIERS.join(" / "));
   }
 
@@ -140,7 +140,7 @@ function _normalizeDescriptor(modelId, d) {
   var costIn = (d.costPer1kInputTokens == null) ? 0 : d.costPer1kInputTokens;
   var costOut = (d.costPer1kOutputTokens == null) ? 0 : d.costPer1kOutputTokens;
   if (!_isNonNegFinite(cachingMax) || !_isNonNegFinite(costIn) || !_isNonNegFinite(costOut)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.promptCachingMaxTokens / costPer1kInputTokens / " +
       "costPer1kOutputTokens must be non-negative finite numbers");
   }
@@ -224,12 +224,12 @@ function create(opts) {
   validateOpts(opts, ["models", "audit"], "ai.capability.create");
 
   if (!opts.models || typeof opts.models !== "object" || Array.isArray(opts.models)) {
-    throw new AiCapabilityError("aiCapability/bad-models",
+    throw new AiCapabilityError("ai-capability/bad-models",
       "ai.capability.create: models must be a plain object { modelId: descriptor }");
   }
   var ids = Object.keys(opts.models);
   if (ids.length === 0) {
-    throw new AiCapabilityError("aiCapability/bad-models",
+    throw new AiCapabilityError("ai-capability/bad-models",
       "ai.capability.create: models must declare at least one model");
   }
 
@@ -249,7 +249,7 @@ function create(opts) {
   function describe(modelId) {
     var d = registry.get(modelId);
     if (!d) {
-      throw new AiCapabilityError("aiCapability/unknown-model",
+      throw new AiCapabilityError("ai-capability/unknown-model",
         "ai.capability.describe: unknown model '" + modelId + "'");
     }
     return d;
@@ -261,7 +261,7 @@ function create(opts) {
 
   function register(modelId, descriptor) {
     validateOpts.requireNonEmptyString(modelId,
-      "ai.capability.register: modelId", AiCapabilityError, "aiCapability/bad-model");
+      "ai.capability.register: modelId", AiCapabilityError, "ai-capability/bad-model");
     registry.set(modelId, _normalizeDescriptor(modelId, descriptor));
     return registry.get(modelId);
   }
@@ -323,21 +323,21 @@ function create(opts) {
   function _validateRequirements(requirements) {
     if (requirements == null) return {};
     if (typeof requirements !== "object" || Array.isArray(requirements)) {
-      throw new AiCapabilityError("aiCapability/bad-requirements",
+      throw new AiCapabilityError("ai-capability/bad-requirements",
         "ai.capability: requirements must be a plain object");
     }
     validateOpts(requirements, REQUIREMENT_KEYS, "ai.capability requirements");
     if (requirements.minReasoningTier != null &&
         REASONING_TIERS.indexOf(requirements.minReasoningTier) === -1) {
-      throw new AiCapabilityError("aiCapability/bad-requirements",
+      throw new AiCapabilityError("ai-capability/bad-requirements",
         "ai.capability: minReasoningTier must be one of " + REASONING_TIERS.join(" / "));
     }
     if (requirements.modalitiesIn != null && !_isStringArray(requirements.modalitiesIn)) {
-      throw new AiCapabilityError("aiCapability/bad-requirements",
+      throw new AiCapabilityError("ai-capability/bad-requirements",
         "ai.capability: requirements.modalitiesIn must be an array of non-empty strings");
     }
     if (requirements.modalitiesOut != null && !_isStringArray(requirements.modalitiesOut)) {
-      throw new AiCapabilityError("aiCapability/bad-requirements",
+      throw new AiCapabilityError("ai-capability/bad-requirements",
         "ai.capability: requirements.modalitiesOut must be an array of non-empty strings");
     }
     // Numeric minimums are compared with `<` against the descriptor; a
@@ -349,7 +349,7 @@ function create(opts) {
     for (var ni = 0; ni < numericMins.length; ni++) {
       var nk = numericMins[ni];
       if (requirements[nk] != null && !_isNonNegFinite(requirements[nk])) {
-        throw new AiCapabilityError("aiCapability/bad-requirements",
+        throw new AiCapabilityError("ai-capability/bad-requirements",
           "ai.capability: requirements." + nk + " must be a non-negative finite number");
       }
     }
@@ -360,7 +360,7 @@ function create(opts) {
     for (var bi = 0; bi < booleanReqs.length; bi++) {
       var bk = booleanReqs[bi];
       if (requirements[bk] != null && typeof requirements[bk] !== "boolean") {
-        throw new AiCapabilityError("aiCapability/bad-requirements",
+        throw new AiCapabilityError("ai-capability/bad-requirements",
           "ai.capability: requirements." + bk + " must be a boolean");
       }
     }
@@ -392,7 +392,7 @@ function create(opts) {
     var costBasis = null;
     if (routeOpts.costBasis != null) {
       if (typeof routeOpts.costBasis !== "object" || Array.isArray(routeOpts.costBasis)) {
-        throw new AiCapabilityError("aiCapability/bad-requirements",
+        throw new AiCapabilityError("ai-capability/bad-requirements",
           "ai.capability.route: costBasis must be a plain object { inputTokens, outputTokens }");
       }
       validateOpts(routeOpts.costBasis, ["inputTokens", "outputTokens"],
@@ -405,7 +405,7 @@ function create(opts) {
       for (var ci = 0; ci < cbFields.length; ci++) {
         var ck = cbFields[ci];
         if (routeOpts.costBasis[ck] != null && !_isNonNegFinite(routeOpts.costBasis[ck])) {
-          throw new AiCapabilityError("aiCapability/bad-requirements",
+          throw new AiCapabilityError("ai-capability/bad-requirements",
             "ai.capability.route: costBasis." + ck + " must be a non-negative finite number");
         }
       }
@@ -446,7 +446,7 @@ function create(opts) {
     if (routeOpts.fallback != null) {
       var fb = registry.get(routeOpts.fallback);
       if (!fb) {
-        throw new AiCapabilityError("aiCapability/unknown-model",
+        throw new AiCapabilityError("ai-capability/unknown-model",
           "ai.capability.route: fallback '" + routeOpts.fallback + "' is not a registered model");
       }
       _emitAudit("ai/capability-fallback", "allowed", {
@@ -461,7 +461,7 @@ function create(opts) {
     }
 
     _emitAudit("ai/capability-no-candidate", "denied", { requirements: requirements });
-    throw new AiCapabilityError("aiCapability/no-candidate",
+    throw new AiCapabilityError("ai-capability/no-candidate",
       "ai.capability.route: no registered model satisfies the requirements " +
       "and no fallback was supplied");
   }

package/lib/ai-dp.js

@@ -102,7 +102,7 @@ function _frGt(a, b)  { return a.num * b.den >  b.num * a.den; }       // a >  b
 // Uniform BigInt in [0, m) via rejection sampling on CSPRNG bytes —
 // no modulo bias.
 function _uniformBelow(m) {
-  if (m <= 0n) throw new AiDpError("aiDp/internal", "ai.dp: _uniformBelow needs m > 0");
+  if (m <= 0n) throw new AiDpError("ai-dp/internal", "ai.dp: _uniformBelow needs m > 0");
   if (m === 1n) return 0n;
   var bits = m.toString(2).length;
   var bytes = Math.ceil(bits / 8);                        // allow:raw-byte-literal — bits-per-byte divisor, not a size
@@ -296,23 +296,23 @@ function mechanism(opts) {
   validateOpts(opts, ["type", "sensitivity", "epsilon", "delta", "bound"], "ai.dp.mechanism");
 
   if (MECHANISMS.indexOf(opts.type) === -1) {
-    throw new AiDpError("aiDp/bad-mechanism",
+    throw new AiDpError("ai-dp/bad-mechanism",
       "ai.dp.mechanism: type must be one of " + MECHANISMS.join(" / ") +
       " (exponential / sparse-vector are deferred — their float-safe constructions " +
       "re-open on demand)");
   }
   if (typeof opts.sensitivity !== "number" || !isFinite(opts.sensitivity) || opts.sensitivity <= 0) {
-    throw new AiDpError("aiDp/bad-sensitivity",
+    throw new AiDpError("ai-dp/bad-sensitivity",
       "ai.dp.mechanism: sensitivity must be a positive finite number");
   }
   if (typeof opts.epsilon !== "number" || !isFinite(opts.epsilon) || opts.epsilon <= 0) {
-    throw new AiDpError("aiDp/bad-epsilon",
+    throw new AiDpError("ai-dp/bad-epsilon",
       "ai.dp.mechanism: epsilon must be a positive finite number");
   }
 
   if (opts.type === "laplace") {
     if (typeof opts.bound !== "number" || !isFinite(opts.bound) || opts.bound <= 0) {
-      throw new AiDpError("aiDp/bad-bound",
+      throw new AiDpError("ai-dp/bad-bound",
         "ai.dp.mechanism: laplace requires bound > 0 (the snapping clamp; the " +
         "privacy guarantee depends on it)");
     }
@@ -325,11 +325,11 @@ function mechanism(opts) {
 
   // gaussian
   if (typeof opts.delta !== "number" || !isFinite(opts.delta) || opts.delta <= 0 || opts.delta >= 1) {
-    throw new AiDpError("aiDp/bad-delta",
+    throw new AiDpError("ai-dp/bad-delta",
       "ai.dp.mechanism: gaussian requires 0 < delta < 1");
   }
   if (opts.epsilon > 1) {
-    throw new AiDpError("aiDp/epsilon-too-large",
+    throw new AiDpError("ai-dp/epsilon-too-large",
       "ai.dp.mechanism: the classic Gaussian calibration is proven for epsilon <= 1; " +
       "split into multiple releases under an rdp budget, or the analytic Gaussian " +
       "mechanism (Balle-Wang 2018) re-opens this path on demand");
@@ -346,7 +346,7 @@ function mechanism(opts) {
 // budget wraps this).
 function _applyMechanism(m, value) {
   if (typeof value !== "number" || !isFinite(value)) {
-    throw new AiDpError("aiDp/bad-value", "ai.dp: value must be a finite number");
+    throw new AiDpError("ai-dp/bad-value", "ai.dp: value must be a finite number");
   }
   if (m.type === "laplace") {
     return _snappingLaplace(value, m.scale, m.bound);
@@ -403,22 +403,22 @@ function budget(opts) {
   validateOpts(opts, ["scope", "epsilon", "delta", "accounting", "audit"], "ai.dp.budget");
 
   validateOpts.requireNonEmptyString(opts.scope,
-    "ai.dp.budget: scope", AiDpError, "aiDp/bad-scope");
+    "ai.dp.budget: scope", AiDpError, "ai-dp/bad-scope");
   if (typeof opts.epsilon !== "number" || !isFinite(opts.epsilon) || opts.epsilon <= 0) {
-    throw new AiDpError("aiDp/bad-epsilon", "ai.dp.budget: epsilon must be a positive finite number");
+    throw new AiDpError("ai-dp/bad-epsilon", "ai.dp.budget: epsilon must be a positive finite number");
   }
   var totalEpsilon = opts.epsilon;
   var totalDelta = (opts.delta == null) ? 0 : opts.delta;
   if (typeof totalDelta !== "number" || !isFinite(totalDelta) || totalDelta < 0 || totalDelta >= 1) {
-    throw new AiDpError("aiDp/bad-delta", "ai.dp.budget: delta must be in [0, 1)");
+    throw new AiDpError("ai-dp/bad-delta", "ai.dp.budget: delta must be in [0, 1)");
   }
   var accounting = (opts.accounting == null) ? "basic" : opts.accounting;
   if (ACCOUNTINGS.indexOf(accounting) === -1) {
-    throw new AiDpError("aiDp/bad-accounting",
+    throw new AiDpError("ai-dp/bad-accounting",
       "ai.dp.budget: accounting must be one of " + ACCOUNTINGS.join(" / "));
   }
   if (accounting === "rdp" && totalDelta <= 0) {
-    throw new AiDpError("aiDp/bad-accounting",
+    throw new AiDpError("ai-dp/bad-accounting",
       "ai.dp.budget: rdp accounting requires delta > 0 (the RDP→(ε,δ) conversion is " +
       "undefined at delta = 0; use basic accounting for pure-ε budgets)");
   }
@@ -457,11 +457,11 @@ function budget(opts) {
 
   function consume(m, value) {
     if (!m || typeof m !== "object" || MECHANISMS.indexOf(m.type) === -1) {
-      throw new AiDpError("aiDp/bad-mechanism",
+      throw new AiDpError("ai-dp/bad-mechanism",
         "ai.dp.budget.consume: first argument must be a b.ai.dp.mechanism");
     }
     if (m.type === "gaussian" && totalDelta <= 0) {
-      throw new AiDpError("aiDp/bad-delta",
+      throw new AiDpError("ai-dp/bad-delta",
         "ai.dp.budget.consume: a gaussian mechanism needs a scope delta > 0");
     }
 
@@ -475,7 +475,7 @@ function budget(opts) {
           requestEpsilon: m.epsilon, requestDelta: m.delta,
           spentEpsilon: spentEpsilon, totalEpsilon: totalEpsilon,
         });
-        throw new AiDpError("aiDp/budget-exhausted",
+        throw new AiDpError("ai-dp/budget-exhausted",
           "ai.dp.budget.consume: scope '" + scope + "' would spend ε=" +
           (spentEpsilon + m.epsilon) + "/" + totalEpsilon + ", δ=" +
           (spentDelta + m.delta) + "/" + totalDelta + "; refused");
@@ -489,7 +489,7 @@ function budget(opts) {
           scope: scope, accounting: accounting, mechanism: m.type,
           projectedEpsilon: trialEps, totalEpsilon: totalEpsilon,
         });
-        throw new AiDpError("aiDp/budget-exhausted",
+        throw new AiDpError("ai-dp/budget-exhausted",
           "ai.dp.budget.consume: scope '" + scope + "' would reach ε=" +
           trialEps.toFixed(4) + " of " + totalEpsilon + " at δ=" + totalDelta + "; refused");
       }

package/lib/ai-input.js

@@ -104,12 +104,12 @@ function classify(input, opts) {
   var auditOn = opts.audit !== false;
 
   if (typeof input !== "string") {
-    throw errorClass.factory("BAD_INPUT",
+    throw errorClass.factory("ai-input/bad-input",
       "aiInput.classify: input must be a string");
   }
   var byteLen = Buffer.byteLength(input, "utf8");
   if (byteLen > maxBytes) {
-    throw errorClass.factory("INPUT_TOO_LARGE",
+    throw errorClass.factory("ai-input/input-too-large",
       "aiInput.classify: input exceeds " + maxBytes + " bytes (got " + byteLen + ")");
   }
 
@@ -187,7 +187,7 @@ function refuseIfMalicious(input, opts) {
   var errorClass = opts.errorClass || AiInputError;
   var result = classify(input, opts);
   if (result.verdict === "malicious") {
-    throw errorClass.factory("MALICIOUS_INPUT",
+    throw errorClass.factory("ai-input/malicious-input",
       "aiInput: input flagged as malicious (signals: " +
       result.signals.map(function (s) { return s.id; }).join(", ") + ")");
   }

package/lib/ai-pref.js

@@ -38,25 +38,25 @@ var SNIPPET_VALUES = ["allow", "deny"];
 
 function _validate(opts) {
   if (!opts || typeof opts !== "object") {
-    throw AiPrefError.factory("BAD_OPTS",
+    throw AiPrefError.factory("ai-pref/bad-opts",
       "aiPref: opts required");
   }
   var train   = opts.train   || "deny";
   var infer   = opts.infer   || "allow";
   var snippet = opts.snippet || "allow";
   if (TRAIN_VALUES.indexOf(train) === -1) {
-    throw AiPrefError.factory("BAD_TRAIN", "aiPref: train must be one of " + TRAIN_VALUES.join(", "));
+    throw AiPrefError.factory("ai-pref/bad-train", "aiPref: train must be one of " + TRAIN_VALUES.join(", "));
   }
   if (INFER_VALUES.indexOf(infer) === -1) {
-    throw AiPrefError.factory("BAD_INFER", "aiPref: infer must be one of " + INFER_VALUES.join(", "));
+    throw AiPrefError.factory("ai-pref/bad-infer", "aiPref: infer must be one of " + INFER_VALUES.join(", "));
   }
   if (SNIPPET_VALUES.indexOf(snippet) === -1) {
-    throw AiPrefError.factory("BAD_SNIPPET", "aiPref: snippet must be one of " + SNIPPET_VALUES.join(", "));
+    throw AiPrefError.factory("ai-pref/bad-snippet", "aiPref: snippet must be one of " + SNIPPET_VALUES.join(", "));
   }
   if ((train === "paid" || infer === "paid") &&
       (!opts.price || typeof opts.price.amountUsd !== "number" ||
        !isFinite(opts.price.amountUsd) || opts.price.amountUsd <= 0)) {
-    throw AiPrefError.factory("BAD_PRICE",
+    throw AiPrefError.factory("ai-pref/bad-price",
       "aiPref: price.amountUsd (positive finite number) required when train or infer is 'paid'");
   }
   return { train: train, infer: infer, snippet: snippet, price: opts.price || null };
@@ -140,10 +140,10 @@ function serializeHeader(opts) {
  */
 function parseHeader(value) {
   if (typeof value !== "string" || value.length === 0) {
-    throw AiPrefError.factory("BAD_HEADER", "aiPref.parseHeader: value required");
+    throw AiPrefError.factory("ai-pref/bad-header", "aiPref.parseHeader: value required");
   }
   if (value.length > 1024) {                                                                   // allow:raw-byte-literal — header value cap, not bytes
-    throw AiPrefError.factory("HEADER_TOO_LARGE",
+    throw AiPrefError.factory("ai-pref/header-too-large",
       "aiPref.parseHeader: value exceeds 1024 chars");
   }
   structuredFields.refuseControlBytes(value, {
@@ -206,7 +206,7 @@ function robotsBlock(opts) {
   var v = _validate(opts);
   var ua = opts.userAgent || "*";
   if (typeof ua !== "string" || ua.length === 0 || ua.length > 256) {                          // allow:raw-byte-literal — UA-string cap, not bytes
-    throw AiPrefError.factory("BAD_USER_AGENT",
+    throw AiPrefError.factory("ai-pref/bad-user-agent",
       "aiPref.robotsBlock: userAgent must be 1-256 char string (or omit for *)");
   }
   return "User-agent: " + ua + "\n" +
@@ -298,7 +298,7 @@ function middleware(opts) {
  */
 function refusePaidCrawl(req, res, opts) {
   if (!opts || !opts.price || typeof opts.price.amountUsd !== "number") {
-    throw AiPrefError.factory("BAD_PRICE",
+    throw AiPrefError.factory("ai-pref/bad-price",
       "aiPref.refusePaidCrawl: opts.price.amountUsd required");
   }
   var body = JSON.stringify({

package/lib/ai-quota.js

@@ -257,20 +257,20 @@ function create(opts) {
 
   var dimension = opts.dimension;
   if (DIMENSIONS.indexOf(dimension) === -1) {
-    throw new AiQuotaError("aiQuota/bad-dimension",
+    throw new AiQuotaError("ai-quota/bad-dimension",
       "ai.quota.create: dimension must be one of " + DIMENSIONS.join(" / ") +
       " (got " + JSON.stringify(dimension) + ")");
   }
 
   var period = opts.period;
   if (PERIODS.indexOf(period) === -1) {
-    throw new AiQuotaError("aiQuota/bad-period",
+    throw new AiQuotaError("ai-quota/bad-period",
       "ai.quota.create: period must be one of " + PERIODS.join(" / ") +
       " (got " + JSON.stringify(period) + ")");
   }
 
   if (typeof opts.limit !== "number" || !isFinite(opts.limit) || opts.limit <= 0) {
-    throw new AiQuotaError("aiQuota/bad-limit",
+    throw new AiQuotaError("ai-quota/bad-limit",
       "ai.quota.create: limit must be a positive finite number");
   }
   var defaultLimit = opts.limit;
@@ -281,7 +281,7 @@ function create(opts) {
 
   var enforcement = (opts.enforcement == null) ? "hard" : opts.enforcement;
   if (ENFORCEMENTS.indexOf(enforcement) === -1) {
-    throw new AiQuotaError("aiQuota/bad-enforcement",
+    throw new AiQuotaError("ai-quota/bad-enforcement",
       "ai.quota.create: enforcement must be one of " + ENFORCEMENTS.join(" / ") +
       " (got " + JSON.stringify(enforcement) + ")");
   }
@@ -353,11 +353,11 @@ function create(opts) {
 
   function consume(tenantId, model, amount, consumeOpts) {
     validateOpts.requireNonEmptyString(tenantId,
-      "ai.quota.consume: tenantId", AiQuotaError, "aiQuota/bad-tenant");
+      "ai.quota.consume: tenantId", AiQuotaError, "ai-quota/bad-tenant");
     validateOpts.requireNonEmptyString(model,
-      "ai.quota.consume: model", AiQuotaError, "aiQuota/bad-model");
+      "ai.quota.consume: model", AiQuotaError, "ai-quota/bad-model");
     if (typeof amount !== "number" || !isFinite(amount) || amount < 0) {
-      throw new AiQuotaError("aiQuota/bad-amount",
+      throw new AiQuotaError("ai-quota/bad-amount",
         "ai.quota.consume: amount must be a non-negative finite number");
     }
     consumeOpts = consumeOpts || {};
@@ -366,7 +366,7 @@ function create(opts) {
     // enforcer; still validated against the allowlist.
     var mode = (consumeOpts.enforcement == null) ? enforcement : consumeOpts.enforcement;
     if (ENFORCEMENTS.indexOf(mode) === -1) {
-      throw new AiQuotaError("aiQuota/bad-enforcement",
+      throw new AiQuotaError("ai-quota/bad-enforcement",
         "ai.quota.consume: enforcement override must be one of " + ENFORCEMENTS.join(" / "));
     }
 
@@ -401,7 +401,7 @@ function create(opts) {
         enforcement: mode, nodeId: _nodeId(),
       });
       _emitMetric("ai.quota.exceeded", 1);
-      throw new AiQuotaError("aiQuota/exceeded",
+      throw new AiQuotaError("ai-quota/exceeded",
         "ai.quota.consume: tenant '" + tenantId + "' model '" + model +
         "' is at " + rv.used + " of " + limit + " " + dimension +
         " this " + period + "; consuming " + amount + " would exceed the budget — call refused");
@@ -432,9 +432,9 @@ function create(opts) {
 
   function check(tenantId, model) {
     validateOpts.requireNonEmptyString(tenantId,
-      "ai.quota.check: tenantId", AiQuotaError, "aiQuota/bad-tenant");
+      "ai.quota.check: tenantId", AiQuotaError, "ai-quota/bad-tenant");
     validateOpts.requireNonEmptyString(model,
-      "ai.quota.check: model", AiQuotaError, "aiQuota/bad-model");
+      "ai.quota.check: model", AiQuotaError, "ai-quota/bad-model");
     var now = Date.now();
     var windowStart = _windowStartFor(period, now);
     var resetsAt = _resetsAtFor(period, windowStart);
@@ -454,10 +454,10 @@ function create(opts) {
       return;
     }
     validateOpts.requireNonEmptyString(tenantId,
-      "ai.quota.reset: tenantId", AiQuotaError, "aiQuota/bad-tenant");
+      "ai.quota.reset: tenantId", AiQuotaError, "ai-quota/bad-tenant");
     if (model !== undefined) {
       validateOpts.requireNonEmptyString(model,
-        "ai.quota.reset: model", AiQuotaError, "aiQuota/bad-model");
+        "ai.quota.reset: model", AiQuotaError, "ai-quota/bad-model");
       store.reset(_keyFor(tenantId, model, windowStart));
       return;
     }
@@ -470,7 +470,7 @@ function create(opts) {
       for (var i = 0; i < keys.length; i++) store.reset(keys[i]);
       return;
     }
-    throw new AiQuotaError("aiQuota/reset-unsupported",
+    throw new AiQuotaError("ai-quota/reset-unsupported",
       "ai.quota.reset: tenant-wide reset with an external store requires " +
       "an explicit model argument (per-key) or a store-side prefix delete");
   }
@@ -491,14 +491,14 @@ function create(opts) {
 function _validateLimitMap(map, label) {
   if (map == null) return {};
   if (typeof map !== "object" || Array.isArray(map)) {
-    throw new AiQuotaError("aiQuota/bad-override",
+    throw new AiQuotaError("ai-quota/bad-override",
       "ai.quota.create: " + label + " must be a plain object { key: limit }");
   }
   var keys = Object.keys(map);
   for (var i = 0; i < keys.length; i++) {
     var v = map[keys[i]];
     if (typeof v !== "number" || !isFinite(v) || v <= 0) {
-      throw new AiQuotaError("aiQuota/bad-override",
+      throw new AiQuotaError("ai-quota/bad-override",
         "ai.quota.create: " + label + "['" + keys[i] +
         "'] must be a positive finite number");
     }
@@ -512,7 +512,7 @@ function _validateStore(store) {
       typeof store.add !== "function" ||
       typeof store.get !== "function" ||
       typeof store.reset !== "function") {
-    throw new AiQuotaError("aiQuota/bad-store",
+    throw new AiQuotaError("ai-quota/bad-store",
       "ai.quota.create: store must expose reserve / add / get / reset functions");
   }
 }