npm - @cosmicdrift/kumiko-framework - Versions diffs - 0.1.0 - Mend

@cosmicdrift/kumiko-framework 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (388) hide show

package/README.md +159 -0
package/package.json +91 -0
package/src/__tests__/anonymous-access.integration.ts +325 -0
package/src/__tests__/error-contract.integration.ts +435 -0
package/src/__tests__/field-access.integration.ts +269 -0
package/src/__tests__/full-stack.integration.ts +914 -0
package/src/__tests__/ownership.integration.ts +449 -0
package/src/__tests__/reference-data.integration.ts +198 -0
package/src/__tests__/transition-guard.integration.ts +340 -0
package/src/api/__tests__/api.test.ts +337 -0
package/src/api/__tests__/auth-middleware-transport.test.ts +80 -0
package/src/api/__tests__/auth-routes-cookie.test.ts +179 -0
package/src/api/__tests__/batch.integration.ts +404 -0
package/src/api/__tests__/body-limit.test.ts +88 -0
package/src/api/__tests__/csrf-middleware.test.ts +97 -0
package/src/api/__tests__/dispatcher-live.integration.ts +216 -0
package/src/api/__tests__/metrics-endpoint.test.ts +126 -0
package/src/api/__tests__/nested-write.integration.ts +213 -0
package/src/api/__tests__/readiness.test.ts +76 -0
package/src/api/__tests__/request-id-middleware.test.ts +72 -0
package/src/api/__tests__/sse-broker.test.ts +58 -0
package/src/api/__tests__/sse-route.test.ts +112 -0
package/src/api/anonymous-cookie.ts +60 -0
package/src/api/api-constants.ts +64 -0
package/src/api/auth-middleware.ts +418 -0
package/src/api/auth-routes.ts +982 -0
package/src/api/csrf-middleware.ts +77 -0
package/src/api/index.ts +31 -0
package/src/api/jwt.ts +66 -0
package/src/api/observability-middleware.ts +89 -0
package/src/api/readiness.ts +132 -0
package/src/api/request-context.ts +49 -0
package/src/api/request-id-middleware.ts +50 -0
package/src/api/route-registrars.ts +195 -0
package/src/api/routes.ts +135 -0
package/src/api/server.ts +640 -0
package/src/api/sse-broker.ts +71 -0
package/src/api/sse-route.ts +62 -0
package/src/api/tokens.ts +16 -0
package/src/db/__tests__/apply-entity-event-tenant.integration.ts +159 -0
package/src/db/__tests__/compound-types.test.ts +114 -0
package/src/db/__tests__/connection-options.test.ts +68 -0
package/src/db/__tests__/cursor.test.ts +41 -0
package/src/db/__tests__/db-helpers.test.ts +369 -0
package/src/db/__tests__/dialect-instant.test.ts +50 -0
package/src/db/__tests__/drizzle-helpers.integration.ts +186 -0
package/src/db/__tests__/drizzle-table-types.test.ts +162 -0
package/src/db/__tests__/encryption.test.ts +39 -0
package/src/db/__tests__/event-store-executor-list.integration.ts +313 -0
package/src/db/__tests__/event-store-executor.integration.ts +235 -0
package/src/db/__tests__/implicit-projection-equivalence.integration.ts +304 -0
package/src/db/__tests__/located-timestamp.test.ts +184 -0
package/src/db/__tests__/money.test.ts +199 -0
package/src/db/__tests__/multi-row-insert.integration.ts +76 -0
package/src/db/__tests__/parse-auto-verb.test.ts +70 -0
package/src/db/__tests__/required-not-null-migration-safety.integration.ts +105 -0
package/src/db/__tests__/row-helpers.test.ts +59 -0
package/src/db/__tests__/schema-migration.integration.ts +273 -0
package/src/db/__tests__/table-builder-indexes.test.ts +153 -0
package/src/db/__tests__/table-builder-required.test.ts +216 -0
package/src/db/__tests__/tenant-db.integration.ts +606 -0
package/src/db/__tests__/unique-violation-mapping.integration.ts +166 -0
package/src/db/apply-entity-event.ts +188 -0
package/src/db/assert-exists-in.ts +59 -0
package/src/db/compound-types.ts +47 -0
package/src/db/connection.ts +104 -0
package/src/db/cursor.ts +83 -0
package/src/db/dialect.ts +109 -0
package/src/db/eagerload.ts +174 -0
package/src/db/encryption.ts +39 -0
package/src/db/event-store-executor.ts +906 -0
package/src/db/index.ts +55 -0
package/src/db/located-timestamp.ts +114 -0
package/src/db/money.ts +120 -0
package/src/db/pg-error.ts +46 -0
package/src/db/reference-data.ts +77 -0
package/src/db/row-helpers.ts +53 -0
package/src/db/schema-inspection.ts +25 -0
package/src/db/table-builder.ts +475 -0
package/src/db/tenant-db.ts +434 -0
package/src/engine/__tests__/auth-claims-registrar.test.ts +74 -0
package/src/engine/__tests__/boot-validator-located-timestamps.test.ts +108 -0
package/src/engine/__tests__/boot-validator.test.ts +1865 -0
package/src/engine/__tests__/build-app-schema.test.ts +154 -0
package/src/engine/__tests__/claim-keys.test.ts +274 -0
package/src/engine/__tests__/config-helpers.test.ts +236 -0
package/src/engine/__tests__/effective-features.test.ts +86 -0
package/src/engine/__tests__/engine.test.ts +1461 -0
package/src/engine/__tests__/entity-handlers.test.ts +274 -0
package/src/engine/__tests__/event-helpers.test.ts +68 -0
package/src/engine/__tests__/extends-registrar.test.ts +159 -0
package/src/engine/__tests__/factories-long-text.test.ts +84 -0
package/src/engine/__tests__/factories-time.test.ts +158 -0
package/src/engine/__tests__/field-predicates.test.ts +48 -0
package/src/engine/__tests__/hook-phases.test.ts +132 -0
package/src/engine/__tests__/identifiers.test.ts +35 -0
package/src/engine/__tests__/lifecycle-hooks.test.ts +237 -0
package/src/engine/__tests__/nav.test.ts +267 -0
package/src/engine/__tests__/ownership.test.ts +421 -0
package/src/engine/__tests__/parse-ref-target.test.ts +43 -0
package/src/engine/__tests__/projection-helpers.test.ts +62 -0
package/src/engine/__tests__/projection.test.ts +191 -0
package/src/engine/__tests__/qualified-name.test.ts +264 -0
package/src/engine/__tests__/resolve-config-or-param.test.ts +315 -0
package/src/engine/__tests__/run-in.test.ts +38 -0
package/src/engine/__tests__/schema-builder.test.ts +380 -0
package/src/engine/__tests__/screen.test.ts +408 -0
package/src/engine/__tests__/state-machine.test.ts +148 -0
package/src/engine/__tests__/system-user.test.ts +57 -0
package/src/engine/__tests__/validation-hooks.test.ts +71 -0
package/src/engine/access.ts +23 -0
package/src/engine/boot-validator.ts +1528 -0
package/src/engine/build-app-schema.ts +125 -0
package/src/engine/config-helpers.ts +115 -0
package/src/engine/constants.ts +85 -0
package/src/engine/create-app.ts +98 -0
package/src/engine/define-feature.ts +702 -0
package/src/engine/define-handler.ts +78 -0
package/src/engine/define-roles.ts +19 -0
package/src/engine/effective-features.ts +87 -0
package/src/engine/entity-handlers.ts +364 -0
package/src/engine/event-helpers.ts +73 -0
package/src/engine/factories.ts +328 -0
package/src/engine/feature-ast/__tests__/canonical-form.test.ts +416 -0
package/src/engine/feature-ast/__tests__/parse-happy-path.test.ts +197 -0
package/src/engine/feature-ast/__tests__/parse-real-features.test.ts +128 -0
package/src/engine/feature-ast/__tests__/parse.test.ts +888 -0
package/src/engine/feature-ast/__tests__/patch.test.ts +360 -0
package/src/engine/feature-ast/__tests__/patcher.test.ts +469 -0
package/src/engine/feature-ast/__tests__/render-roundtrip.test.ts +287 -0
package/src/engine/feature-ast/extractors.ts +2562 -0
package/src/engine/feature-ast/index.ts +105 -0
package/src/engine/feature-ast/parse.ts +369 -0
package/src/engine/feature-ast/patch.ts +525 -0
package/src/engine/feature-ast/patcher.ts +518 -0
package/src/engine/feature-ast/patterns.ts +434 -0
package/src/engine/feature-ast/render.ts +602 -0
package/src/engine/feature-ast/source-location.ts +45 -0
package/src/engine/field-access.ts +120 -0
package/src/engine/index.ts +254 -0
package/src/engine/ownership.ts +337 -0
package/src/engine/parse-ref-target.ts +22 -0
package/src/engine/pattern-library/__tests__/library.test.ts +351 -0
package/src/engine/pattern-library/index.ts +24 -0
package/src/engine/pattern-library/library.ts +1117 -0
package/src/engine/pattern-library/types.ts +255 -0
package/src/engine/projection-helpers.ts +85 -0
package/src/engine/qualified-name.ts +122 -0
package/src/engine/read-claim.ts +31 -0
package/src/engine/registry.ts +1325 -0
package/src/engine/resolve-config-or-param.ts +153 -0
package/src/engine/run-in.ts +29 -0
package/src/engine/schema-builder.ts +175 -0
package/src/engine/screen-filter-ops.ts +51 -0
package/src/engine/state-machine.ts +70 -0
package/src/engine/system-user.ts +32 -0
package/src/engine/types/config.ts +306 -0
package/src/engine/types/event-type-map.ts +37 -0
package/src/engine/types/feature.ts +574 -0
package/src/engine/types/fields.ts +422 -0
package/src/engine/types/handlers.ts +742 -0
package/src/engine/types/hooks.ts +142 -0
package/src/engine/types/http-route.ts +54 -0
package/src/engine/types/identifiers.ts +47 -0
package/src/engine/types/index.ts +208 -0
package/src/engine/types/nav.ts +46 -0
package/src/engine/types/projection.ts +132 -0
package/src/engine/types/relations.ts +51 -0
package/src/engine/types/screen.ts +452 -0
package/src/engine/types/workspace.ts +42 -0
package/src/engine/validation.ts +33 -0
package/src/entrypoint/__tests__/entrypoint-job-wiring.integration.ts +173 -0
package/src/entrypoint/__tests__/split-deploy.integration.ts +297 -0
package/src/entrypoint/index.ts +442 -0
package/src/errors/__tests__/classes.test.ts +371 -0
package/src/errors/__tests__/write-failures.test.ts +109 -0
package/src/errors/classes.ts +249 -0
package/src/errors/i18n/de.yaml +83 -0
package/src/errors/i18n/en.yaml +80 -0
package/src/errors/index.ts +41 -0
package/src/errors/kumiko-error.ts +67 -0
package/src/errors/reasons.ts +36 -0
package/src/errors/serialize.ts +136 -0
package/src/errors/transition-details.ts +30 -0
package/src/errors/write-error-info.ts +123 -0
package/src/errors/zod-bridge.ts +49 -0
package/src/event-store/__tests__/admin-api.integration.ts +361 -0
package/src/event-store/__tests__/event-store.integration.ts +584 -0
package/src/event-store/__tests__/get-stream-version-perf.integration.ts +83 -0
package/src/event-store/__tests__/perf.integration.ts +255 -0
package/src/event-store/__tests__/snapshot.integration.ts +267 -0
package/src/event-store/__tests__/upcaster-dead-letter.integration.ts +204 -0
package/src/event-store/__tests__/upcaster.integration.ts +460 -0
package/src/event-store/admin-api.ts +257 -0
package/src/event-store/archive.ts +106 -0
package/src/event-store/errors.ts +35 -0
package/src/event-store/event-store.ts +405 -0
package/src/event-store/events-schema.ts +90 -0
package/src/event-store/index.ts +50 -0
package/src/event-store/snapshot.ts +210 -0
package/src/event-store/upcaster-dead-letter.ts +119 -0
package/src/event-store/upcaster.ts +147 -0
package/src/files/__tests__/content-disposition.test.ts +123 -0
package/src/files/__tests__/file-field-column.integration.ts +103 -0
package/src/files/__tests__/file-field-pipeline.integration.ts +211 -0
package/src/files/__tests__/file-handle.test.ts +122 -0
package/src/files/__tests__/files.integration.ts +830 -0
package/src/files/__tests__/storage-tracking.integration.ts +153 -0
package/src/files/content-disposition.ts +55 -0
package/src/files/file-handle.ts +63 -0
package/src/files/file-ref-table.ts +22 -0
package/src/files/file-routes.ts +353 -0
package/src/files/in-memory-provider.ts +62 -0
package/src/files/index.ts +29 -0
package/src/files/local-provider.ts +35 -0
package/src/files/storage-tracking.ts +60 -0
package/src/files/types.ts +118 -0
package/src/i18n/__tests__/i18n.test.ts +72 -0
package/src/i18n/index.ts +29 -0
package/src/jobs/__tests__/job-event-trigger.integration.ts +172 -0
package/src/jobs/__tests__/job-multi-trigger.integration.ts +144 -0
package/src/jobs/__tests__/jobs.integration.ts +566 -0
package/src/jobs/index.ts +2 -0
package/src/jobs/job-runner.ts +574 -0
package/src/lifecycle/__tests__/create-test-lifecycle.ts +19 -0
package/src/lifecycle/__tests__/lifecycle-server.integration.ts +108 -0
package/src/lifecycle/__tests__/lifecycle.test.ts +212 -0
package/src/lifecycle/__tests__/signal-handlers.test.ts +106 -0
package/src/lifecycle/index.ts +13 -0
package/src/lifecycle/lifecycle.ts +160 -0
package/src/lifecycle/signal-handlers.ts +62 -0
package/src/logging/__tests__/pino-trace-bridge.test.ts +50 -0
package/src/logging/index.ts +3 -0
package/src/logging/pino-logger.ts +64 -0
package/src/logging/types.ts +7 -0
package/src/migrations/__tests__/compare-snapshots.test.ts +150 -0
package/src/migrations/__tests__/detect-drift.integration.ts +320 -0
package/src/migrations/__tests__/detect-projections-to-rebuild.integration.ts +134 -0
package/src/migrations/__tests__/rebuild-marker.test.ts +79 -0
package/src/migrations/index.ts +28 -0
package/src/migrations/projection-detection.ts +149 -0
package/src/migrations/rebuild-marker.ts +64 -0
package/src/migrations/schema-drift.ts +395 -0
package/src/observability/__tests__/console-provider.test.ts +67 -0
package/src/observability/__tests__/metric-validator.test.ts +87 -0
package/src/observability/__tests__/noop-provider.test.ts +82 -0
package/src/observability/__tests__/observability.integration.ts +559 -0
package/src/observability/__tests__/prometheus-meter.test.ts +144 -0
package/src/observability/__tests__/recording-meter.test.ts +101 -0
package/src/observability/__tests__/recording-tracer.test.ts +110 -0
package/src/observability/__tests__/sensitive-filter.test.ts +98 -0
package/src/observability/console-provider.ts +130 -0
package/src/observability/context.ts +26 -0
package/src/observability/fallback.ts +34 -0
package/src/observability/ids.ts +25 -0
package/src/observability/index.ts +79 -0
package/src/observability/metric-validator.ts +86 -0
package/src/observability/metrics-handle.ts +56 -0
package/src/observability/noop-provider.ts +146 -0
package/src/observability/prometheus-meter.ts +284 -0
package/src/observability/recording-meter.ts +156 -0
package/src/observability/recording-tracer.ts +198 -0
package/src/observability/redis-wrapper.ts +132 -0
package/src/observability/sensitive-filter.ts +108 -0
package/src/observability/standard-metrics.ts +213 -0
package/src/observability/types/index.ts +29 -0
package/src/observability/types/metric.ts +56 -0
package/src/observability/types/provider.ts +32 -0
package/src/observability/types/span.ts +64 -0
package/src/pipeline/__tests__/archive-stream.integration.ts +220 -0
package/src/pipeline/__tests__/auth-claims-resolver.test.ts +279 -0
package/src/pipeline/__tests__/cascade-handler.integration.ts +419 -0
package/src/pipeline/__tests__/cascade-handler.test.ts +52 -0
package/src/pipeline/__tests__/causation-chain.integration.ts +206 -0
package/src/pipeline/__tests__/ctx-bridge.integration.ts +234 -0
package/src/pipeline/__tests__/dispatcher.test.ts +379 -0
package/src/pipeline/__tests__/distributed-lock.integration.ts +67 -0
package/src/pipeline/__tests__/domain-events-projections.integration.ts +323 -0
package/src/pipeline/__tests__/event-dedup.integration.ts +153 -0
package/src/pipeline/__tests__/event-define-event-strict.integration.ts +202 -0
package/src/pipeline/__tests__/event-dispatcher-lifecycle.integration.ts +220 -0
package/src/pipeline/__tests__/event-dispatcher-multi-instance.integration.ts +423 -0
package/src/pipeline/__tests__/event-dispatcher-pg-listen.integration.ts +123 -0
package/src/pipeline/__tests__/event-dispatcher-recovery.integration.ts +202 -0
package/src/pipeline/__tests__/event-dispatcher-second-audit.integration.ts +290 -0
package/src/pipeline/__tests__/event-dispatcher-strict.test.ts +65 -0
package/src/pipeline/__tests__/event-dispatcher.integration.ts +287 -0
package/src/pipeline/__tests__/event-retention.integration.ts +239 -0
package/src/pipeline/__tests__/fetch-for-writing.integration.ts +281 -0
package/src/pipeline/__tests__/lifecycle-pipeline.test.ts +430 -0
package/src/pipeline/__tests__/load-aggregate-query.integration.ts +266 -0
package/src/pipeline/__tests__/msp-error-mode.integration.ts +149 -0
package/src/pipeline/__tests__/msp-multi-hop.integration.ts +228 -0
package/src/pipeline/__tests__/msp-rebuild.integration.ts +368 -0
package/src/pipeline/__tests__/multi-stream-projection.integration.ts +341 -0
package/src/pipeline/__tests__/perf-rebuild.integration.ts +147 -0
package/src/pipeline/__tests__/projection-rebuild.integration.ts +551 -0
package/src/pipeline/__tests__/query-projection.integration.ts +201 -0
package/src/pipeline/__tests__/redis-pipeline.integration.ts +306 -0
package/src/pipeline/append-event-core.ts +117 -0
package/src/pipeline/auth-claims-resolver.ts +103 -0
package/src/pipeline/cascade-handler.ts +113 -0
package/src/pipeline/dispatcher.ts +1585 -0
package/src/pipeline/distributed-lock.ts +37 -0
package/src/pipeline/entity-cache.ts +113 -0
package/src/pipeline/event-consumer-state.ts +108 -0
package/src/pipeline/event-dedup.ts +23 -0
package/src/pipeline/event-dispatcher.ts +1016 -0
package/src/pipeline/event-retention.ts +154 -0
package/src/pipeline/idempotency.ts +76 -0
package/src/pipeline/index.ts +66 -0
package/src/pipeline/lifecycle-pipeline.ts +409 -0
package/src/pipeline/msp-rebuild.ts +242 -0
package/src/pipeline/multi-stream-apply-context.ts +115 -0
package/src/pipeline/projection-rebuild.ts +334 -0
package/src/pipeline/projection-state.ts +72 -0
package/src/pipeline/projections-runner.ts +56 -0
package/src/pipeline/redis-keys.ts +11 -0
package/src/pipeline/system-hooks.ts +190 -0
package/src/random/__tests__/generate.test.ts +149 -0
package/src/random/generate.ts +141 -0
package/src/random/index.ts +8 -0
package/src/random/words.ts +392 -0
package/src/rate-limit/__tests__/dispatcher-l3.integration.ts +111 -0
package/src/rate-limit/__tests__/middleware.integration.ts +189 -0
package/src/rate-limit/__tests__/resolver.integration.ts +189 -0
package/src/rate-limit/bucket.ts +36 -0
package/src/rate-limit/index.ts +14 -0
package/src/rate-limit/middleware.ts +152 -0
package/src/rate-limit/resolver.ts +267 -0
package/src/redis/__tests__/redis-options.test.ts +54 -0
package/src/redis/index.ts +74 -0
package/src/search/__tests__/meilisearch-adapter.integration.ts +236 -0
package/src/search/__tests__/search-adapter.test.ts +256 -0
package/src/search/in-memory-adapter.ts +123 -0
package/src/search/index.ts +12 -0
package/src/search/meilisearch-adapter.ts +106 -0
package/src/search/types.ts +39 -0
package/src/secrets/__tests__/dek-cache.test.ts +213 -0
package/src/secrets/__tests__/env-master-key-provider.test.ts +119 -0
package/src/secrets/__tests__/envelope.test.ts +74 -0
package/src/secrets/__tests__/leak-guard.test.ts +92 -0
package/src/secrets/__tests__/rotation.test.ts +149 -0
package/src/secrets/dek-cache.ts +116 -0
package/src/secrets/env-master-key-provider.ts +162 -0
package/src/secrets/envelope.ts +55 -0
package/src/secrets/index.ts +19 -0
package/src/secrets/leak-guard.ts +87 -0
package/src/secrets/rotation.ts +34 -0
package/src/secrets/types.ts +107 -0
package/src/stack/db.ts +104 -0
package/src/stack/event-collector.ts +23 -0
package/src/stack/index.ts +32 -0
package/src/stack/redis.ts +44 -0
package/src/stack/request-helper.ts +168 -0
package/src/stack/table-helpers.ts +104 -0
package/src/stack/test-stack.ts +357 -0
package/src/stack/test-users.ts +37 -0
package/src/testing/__tests__/e2e-generator.test.ts +230 -0
package/src/testing/__tests__/ensure-entity-table.integration.ts +54 -0
package/src/testing/access-assertions.ts +15 -0
package/src/testing/assertions.ts +35 -0
package/src/testing/e2e-generator.ts +465 -0
package/src/testing/expect-error.ts +25 -0
package/src/testing/handler-context.ts +125 -0
package/src/testing/http-cookies.ts +52 -0
package/src/testing/index.ts +41 -0
package/src/testing/late-bound.ts +39 -0
package/src/testing/mutable-master-key-provider.ts +31 -0
package/src/testing/observability-recorder.ts +54 -0
package/src/testing/shared-entities.ts +49 -0
package/src/testing/utils.ts +1 -0
package/src/testing/wait-for.ts +31 -0
package/src/time/__tests__/polyfill.test.ts +73 -0
package/src/time/__tests__/tz-context.test.ts +121 -0
package/src/time/index.ts +21 -0
package/src/time/polyfill.ts +70 -0
package/src/time/tz-context.ts +107 -0
package/src/ui-types/app-schema.ts +57 -0
package/src/ui-types/index.ts +65 -0
package/src/utils/__tests__/assert.test.ts +17 -0
package/src/utils/__tests__/env-parse.test.ts +54 -0
package/src/utils/assert.ts +18 -0
package/src/utils/env-parse.ts +16 -0
package/src/utils/ids.ts +16 -0
package/src/utils/index.ts +5 -0
package/src/utils/safe-json.ts +30 -0
package/src/utils/serialization.ts +7 -0

package/src/testing/access-assertions.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { AccessRule } from "../engine/types";
+// Test-only helper: extracts the role list from a role-based AccessRule,
+// narrowing the union safely. Throws when the rule is openToAll or missing —
+// the tests that call this always expect roles, and a clear error beats a
+// cryptic undefined assertion downstream.
+export function rolesOf(access: AccessRule | undefined): readonly string[] {
+  if (!access) {
+    throw new Error("expected role-based access rule, got undefined");
+  }
+  if (!("roles" in access)) {
+    throw new Error("expected role-based access rule, got openToAll");
+  }
+  return access.roles;
+}

package/src/testing/assertions.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import type { WriteResult } from "../engine/types";
+import type { WriteErrorInfo } from "../errors";
+export function expectSuccess<T>(
+  result: WriteResult<T>,
+): asserts result is { isSuccess: true; data: T } {
+  if (!result.isSuccess) {
+    throw new Error(
+      `Expected success but got error: ${result.error.code} (${result.error.message})`,
+    );
+  }
+}
+// `matcher` checks either the error code (e.g. "not_found") or looks for a
+// substring in the message. Both are useful: code matches are stable across
+// i18n changes, substrings catch feature-specific detail text.
+export function expectError(
+  result: WriteResult,
+  matcher?: string,
+): asserts result is { isSuccess: false; error: WriteErrorInfo } {
+  if (result.isSuccess) {
+    throw new Error("Expected error but got success");
+  }
+  if (matcher === undefined) {
+    // skip: caller only asked for the type narrowing; nothing else to check.
+    return;
+  }
+  const err = result.error;
+  const hit = err.code === matcher || err.message.includes(matcher);
+  if (!hit) {
+    throw new Error(
+      `Expected error code or message to match "${matcher}" but got code="${err.code}", message="${err.message}"`,
+    );
+  }
+}

package/src/testing/e2e-generator.ts ADDED Viewed

@@ -0,0 +1,465 @@
+// @runtime tooling
+//
+// E2E-Generator — leitet strukturierte TestSpecs aus der Registry ab.
+//
+// Grundidee: jede r.screen(...) ist eine testbare Oberfläche. Der Generator
+// iteriert getAllScreens() und baut pro Screen einen Satz TestSpecs (vier
+// Kinds, einer pro "was muss mindestens funktionieren"). Die Specs sind
+// JSON-serialisierbar — Consumer (Sample/Package-e2e) schreiben sie via
+// bun-Script als JSON auf Platte, und ein Playwright-globalSetup triggert
+// das vor jedem Run. Der eigentliche Playwright-Runner liest die JSON und
+// iteriert mit kind-spezifischen Handlern gegen den echten Renderer.
+//
+// Vorteil des 2-Prozess-Modells: die framework-runtime (Registry, drizzle,
+// ioredis-types etc.) lädt NIE im Playwright-Worker. Würde sie das, kollidierte
+// sie mit Playwrights Object.prototype-Symbolen ($$jest-matchers-object) und
+// der Worker würde beim spec-import crashen.
+//
+// Zwei Stufen, jede einzeln testbar:
+//   1. generateE2ESpec(registry)   — Registry → TestSpec[]
+//   2. generateZodFixture(schema)  — ZodType  → plausibler Value
+//
+// Stufe 2 ist intentionally minimal (Strategy a aus dem Plan): string/number/
+// boolean/date/enum/uuid + ZodOptional/ZodDefault-Unwrap. Alles andere wirft
+// "not supported yet" — wir füllen nach, wenn ein echter Caller es braucht.
+// Fake-komplexe-Werte würden nur False-Green-Tests produzieren.
+import type { z } from "zod";
+import {
+  type EntityDefinition,
+  type EntityEditScreenDefinition,
+  type EntityListScreenDefinition,
+  type FieldDefinition,
+  normalizeEditField,
+  normalizeListColumn,
+  parseQn,
+  qn,
+  type Registry,
+  toKebab,
+} from "../engine";
+// --- Spec-Shape ---
+// Jeder TestSpec-Variant enthält alles was der Renderer zum Templaten braucht
+// — keine Registry-Referenz, keine Lazy-Lookups. So sind Specs JSON-fähig
+// (debug-dump, Snapshot-Vergleich) und der Renderer bleibt rein Template.
+export type E2ETestSpec =
+  | {
+      readonly kind: "list-renders";
+      readonly screenQn: string;
+      readonly title: string;
+      readonly urlPath: string;
+    }
+  | {
+      readonly kind: "list-has-fixture-row";
+      readonly screenQn: string;
+      readonly title: string;
+      readonly urlPath: string;
+      readonly writeHandlerQn: string;
+      readonly fixture: Readonly<Record<string, unknown>>;
+      readonly identifyingValue: string;
+    }
+  | {
+      readonly kind: "edit-validates-required";
+      readonly screenQn: string;
+      readonly title: string;
+      readonly urlPath: string;
+      readonly requiredFields: readonly string[];
+    }
+  | {
+      readonly kind: "edit-save-persists";
+      readonly screenQn: string;
+      readonly title: string;
+      readonly urlPath: string;
+      readonly listUrlPath?: string;
+      readonly fills: readonly EditFillOp[];
+      readonly identifyingValue: string;
+      readonly identifyingField: string;
+    };
+// Strukturierte Anweisung für den edit-save-persists-Renderer. Der Fixture
+// allein sagt nicht, ob ein String in ein Text-Feld (`.fill`) oder in ein
+// Dropdown (`.selectOption`) gehört — der Generator entscheidet anhand der
+// FieldDefinition, der Renderer templated nur.
+export type EditFillOp =
+  | { readonly kind: "fill"; readonly field: string; readonly value: string }
+  | { readonly kind: "check"; readonly field: string; readonly value: boolean }
+  | { readonly kind: "select"; readonly field: string; readonly value: string };
+export type E2EGeneratorOptions = {
+  // Tenant-Slug/UUID als Template-Placeholder. Default "{tenant}" — der
+  // Test-Runner ersetzt zur Laufzeit. Wer die URL fix tenant-scoped will,
+  // setzt hier den Slug.
+  readonly tenantPlaceholder?: string;
+};
+// --- Stufe 1: Spec-Ableitung aus der Registry ---
+export function generateE2ESpec(
+  registry: Registry,
+  options: E2EGeneratorOptions = {},
+): readonly E2ETestSpec[] {
+  const tenant = options.tenantPlaceholder ?? "{tenant}";
+  const specs: E2ETestSpec[] = [];
+  for (const [screenQn, screen] of registry.getAllScreens()) {
+    if (screen.type === "custom") continue; // keine generische Annahme möglich
+    // actionForm: kein generischer E2E-Spec — Author-defined Handler
+    // braucht Author-defined Test-Daten, die der Generator nicht kennt.
+    if (screen.type === "actionForm") continue;
+    // configEdit: dito — die Werte werden über config:write:set
+    // pro Field geschrieben, ohne CRUD-Zustand zu generieren wäre der
+    // Spec wertlos. Branding/SMTP/etc. sind Author-spezifisch.
+    if (screen.type === "configEdit") continue;
+    const { scope: feature, name: short } = parseQn(screenQn);
+    const urlPath = `/t/${tenant}/${feature}/${short}`;
+    const title = `${feature}/${short}`;
+    if (screen.type === "entityList") {
+      specs.push(...buildListSpecs(screen, screenQn, title, urlPath, registry));
+    } else {
+      specs.push(...buildEditSpecs(screen, screenQn, title, urlPath, registry, tenant));
+    }
+  }
+  return specs;
+}
+function buildListSpecs(
+  screen: EntityListScreenDefinition,
+  screenQn: string,
+  title: string,
+  urlPath: string,
+  registry: Registry,
+): E2ETestSpec[] {
+  const out: E2ETestSpec[] = [{ kind: "list-renders", screenQn, title, urlPath }];
+  const entity = registry.getEntity(screen.entity);
+  if (!entity) return out;
+  const writeHandlerQn = findCreateHandlerQn(registry, screen.entity);
+  if (!writeHandlerQn) return out;
+  const fixture = buildEntityFixture(entity);
+  const identifyingValue = pickIdentifyingValue(fixture, screen, entity);
+  if (identifyingValue === undefined) return out;
+  out.push({
+    kind: "list-has-fixture-row",
+    screenQn,
+    title,
+    urlPath,
+    writeHandlerQn,
+    fixture,
+    identifyingValue,
+  });
+  return out;
+}
+function buildEditSpecs(
+  screen: EntityEditScreenDefinition,
+  screenQn: string,
+  title: string,
+  urlPath: string,
+  registry: Registry,
+  tenant: string,
+): E2ETestSpec[] {
+  const out: E2ETestSpec[] = [];
+  const entity = registry.getEntity(screen.entity);
+  if (!entity) return out;
+  const requiredFields = collectRequiredEditFields(screen, entity);
+  if (requiredFields.length > 0) {
+    out.push({ kind: "edit-validates-required", screenQn, title, urlPath, requiredFields });
+  }
+  const fixture = buildEntityFixture(entity);
+  const listScreen = findListScreenForEntity(registry, screen.entity);
+  const listUrlPath = listScreen ? buildScreenUrlPath(listScreen.qn, tenant) : undefined;
+  const identifying = pickIdentifyingForEdit(fixture, screen, entity, listScreen?.def);
+  if (identifying) {
+    const fills = buildEditFillOps(screen, entity, fixture);
+    out.push({
+      kind: "edit-save-persists",
+      screenQn,
+      title,
+      urlPath,
+      listUrlPath,
+      fills,
+      identifyingValue: identifying.value,
+      identifyingField: identifying.field,
+    });
+  }
+  return out;
+}
+function buildScreenUrlPath(qn: string, tenant: string): string {
+  const { scope, name } = parseQn(qn);
+  return `/t/${tenant}/${scope}/${name}`;
+}
+function findCreateHandlerQn(registry: Registry, entityName: string): string | undefined {
+  // feature.writeHandlers ist mit Short-Names gekeyt ("task:create"), der
+  // Registry-Lookup braucht die qualified Form ("tasks:write:task:create").
+  // Wir qualifizieren via qn() + toKebab wie die Registry selbst — das ist
+  // der Vertrag aus qualified-name.ts.
+  for (const feature of registry.features.values()) {
+    for (const shortName of Object.keys(feature.writeHandlers ?? {})) {
+      if (!shortName.endsWith(":create")) continue;
+      const qualified = qn(toKebab(feature.name), "write", toKebab(shortName));
+      if (registry.getHandlerEntity(qualified) === entityName) return qualified;
+    }
+  }
+  return undefined;
+}
+function findListScreenForEntity(
+  registry: Registry,
+  entityName: string,
+): { qn: string; def: EntityListScreenDefinition } | undefined {
+  for (const [qn, screen] of registry.getAllScreens()) {
+    if (screen.type === "entityList" && screen.entity === entityName) {
+      return { qn, def: screen };
+    }
+  }
+  return undefined;
+}
+function collectRequiredEditFields(
+  screen: EntityEditScreenDefinition,
+  entity: EntityDefinition,
+): string[] {
+  const out: string[] = [];
+  for (const section of screen.layout.sections) {
+    for (const rawField of section.fields) {
+      const { field } = normalizeEditField(rawField);
+      const def = entity.fields[field];
+      if (def && "required" in def && def.required === true) {
+        out.push(field);
+      }
+    }
+  }
+  return out;
+}
+function pickIdentifyingValue(
+  fixture: Readonly<Record<string, unknown>>,
+  screen: EntityListScreenDefinition,
+  entity: EntityDefinition,
+): string | undefined {
+  // Erste Text-Spalte mit Fixture-Wert — das ist die visuell zuverlässigste
+  // Identifikation in einer generischen Tabelle.
+  for (const raw of screen.columns) {
+    const { field } = normalizeListColumn(raw);
+    if (entity.fields[field]?.type !== "text") continue;
+    const v = fixture[field];
+    if (typeof v === "string" && v.length > 0) return v;
+  }
+  return undefined;
+}
+function buildEditFillOps(
+  screen: EntityEditScreenDefinition,
+  entity: EntityDefinition,
+  fixture: Readonly<Record<string, unknown>>,
+): EditFillOp[] {
+  // Laufe die Layout-Reihenfolge — das Resultat spiegelt, was ein User
+  // tatsächlich ausfüllt. Per Field-Typ entscheiden wir die Interaktions-
+  // form; Felder ohne Fixture-Wert (file/image/…) werden übersprungen.
+  const ops: EditFillOp[] = [];
+  for (const section of screen.layout.sections) {
+    for (const raw of section.fields) {
+      const { field } = normalizeEditField(raw);
+      const def = entity.fields[field];
+      if (!def) continue;
+      const v = fixture[field];
+      if (v === undefined) continue;
+      switch (def.type) {
+        case "boolean":
+          if (typeof v === "boolean") ops.push({ kind: "check", field, value: v });
+          break;
+        case "select":
+          if (typeof v === "string") ops.push({ kind: "select", field, value: v });
+          break;
+        case "text":
+        case "longText":
+        case "number":
+        case "date":
+        case "timestamp":
+        case "tz":
+          ops.push({ kind: "fill", field, value: String(v) });
+          break;
+        // embedded/money/locatedTimestamp/file/image/files/images: keine
+        // generische Interaktion — der Test-Autor liefert später einen
+        // Hand-Override oder überspringt das Feld.
+        default:
+          break;
+      }
+    }
+  }
+  return ops;
+}
+function pickIdentifyingForEdit(
+  fixture: Readonly<Record<string, unknown>>,
+  editScreen: EntityEditScreenDefinition,
+  entity: EntityDefinition,
+  listScreen: EntityListScreenDefinition | undefined,
+): { field: string; value: string } | undefined {
+  // Bevorzugt ein Feld das im List-Screen als Column auftaucht — sonst ist
+  // die "taucht in Liste auf"-Assertion nicht durchführbar.
+  const columns = listScreen
+    ? new Set(listScreen.columns.map((c) => normalizeListColumn(c).field))
+    : undefined;
+  for (const section of editScreen.layout.sections) {
+    for (const rawField of section.fields) {
+      const { field } = normalizeEditField(rawField);
+      if (entity.fields[field]?.type !== "text") continue;
+      if (columns && !columns.has(field)) continue;
+      const v = fixture[field];
+      if (typeof v === "string" && v.length > 0) return { field, value: v };
+    }
+  }
+  return undefined;
+}
+// --- Stufe 2: Zod-Fixture (Strategy a) ---
+// Zod 4 stabilisiert die Introspection auf `._def.type` (lowercase Discriminator)
+// + `._def.format` für String-Formate (email/url/uuid/datetime) + `._def.entries`
+// für Enums + `._def.innerType` für optional/default/nullable. Wir greifen
+// gezielt auf diese Felder zu — genau die Form die unser buildInsertSchema
+// emittiert. Andere Typen werfen "not supported yet", bis ein Sample den Fall
+// konkret braucht.
+type ZodInternals = {
+  readonly type?: string;
+  readonly format?: string;
+  readonly innerType?: z.ZodTypeAny;
+  readonly entries?: Record<string, string>;
+};
+function readZodInternals(schema: z.ZodTypeAny): ZodInternals | undefined {
+  return (schema as unknown as { _def?: ZodInternals })._def;
+}
+export function generateZodFixture(schema: z.ZodTypeAny): unknown {
+  const def = readZodInternals(schema);
+  const typeName = def?.type;
+  switch (typeName) {
+    case "optional":
+    case "nullable":
+    case "default": {
+      if (!def?.innerType) throw new Error(`zod ${typeName} without innerType`);
+      return generateZodFixture(def.innerType);
+    }
+    case "string":
+      return fixtureString(def?.format);
+    case "number":
+      return 1;
+    case "boolean":
+      return true;
+    case "enum": {
+      const first = def?.entries ? Object.values(def.entries)[0] : undefined;
+      return first ?? "";
+    }
+    case "date":
+      return new Date("2026-01-01T00:00:00Z");
+    default:
+      throw new Error(`generateZodFixture: not supported yet: ${typeName ?? "<unknown>"}`);
+  }
+}
+function fixtureString(format: string | undefined): string {
+  if (format === "email") return "e2e@example.com";
+  if (format === "url") return "https://example.com";
+  if (format === "uuid" || format === "guid") return "00000000-0000-4000-8000-000000000000";
+  if (format === "datetime" || format === "date") return "2026-01-01T00:00:00Z";
+  return "e2e-fixture";
+}
+// --- Fixture aus FieldDefinition (für Stufe 1 statt Zod-Schema) ---
+//
+// Bewusstes Duplicate zu generateZodFixture. Die beiden haben unterschiedliche
+// Aufgaben:
+//   generateZodFixture   — public, generisch, weiß nur Zod-Primitives
+//   buildEntityFixture   — intern, Kumiko-Domain, weiß über file-skip,
+//                          embedded-Shape, money/tz-Objekte und nutzt den
+//                          Feldnamen für lesbare Prefixes ("e2e-email@...")
+//
+// Ein Zusammenziehen über buildInsertSchema + generateZodFixture würde entweder
+// den Feldnamen-Hint verlieren (alle email-Fixtures bekämen denselben Wert —
+// Unique-Constraints wären inkonsistent) oder einen hint-Parameter in die
+// public API von generateZodFixture drücken, den externe Caller nie brauchen.
+function buildEntityFixture(entity: EntityDefinition): Record<string, unknown> {
+  const out: Record<string, unknown> = {};
+  for (const [name, field] of Object.entries(entity.fields)) {
+    const value = fieldToFixture(name, field);
+    if (value !== undefined) out[name] = value;
+  }
+  return out;
+}
+function fieldToFixture(name: string, field: FieldDefinition): unknown {
+  switch (field.type) {
+    case "text": {
+      if (field.format === "email") return `e2e-${name}@example.com`;
+      if (field.format === "url") return "https://example.com";
+      return `e2e ${name}`;
+    }
+    case "longText":
+      // longText hat keine format-Optionen — generic placeholder reicht.
+      return `e2e ${name} (long-form content)`;
+    case "boolean":
+      return true;
+    case "select":
+      return field.options[0] ?? "";
+    case "multiSelect": {
+      const first = field.options[0];
+      return first ? [first] : [];
+    }
+    case "number":
+      return 1;
+    case "money":
+      return { amount: 1, currency: "EUR" };
+    case "date":
+      return "2026-01-01";
+    case "timestamp":
+      return field.locatedBy !== undefined ? "2026-01-01T00:00:00" : "2026-01-01T00:00:00Z";
+    case "tz":
+      return "Europe/Berlin";
+    case "locatedTimestamp":
+      return { at: "2026-01-01T00:00:00", tz: "Europe/Berlin" };
+    case "embedded": {
+      const sub: Record<string, unknown> = {};
+      for (const [subName, subDef] of Object.entries(field.schema)) {
+        sub[subName] =
+          subDef.type === "text"
+            ? `e2e ${subName}`
+            : subDef.type === "number"
+              ? 1
+              : subDef.type === "boolean"
+                ? true
+                : "2026-01-01";
+      }
+      return sub;
+    }
+    case "file":
+    case "image":
+    case "files":
+    case "images":
+      // File-Upload-Fixture ist noch nicht generisch: Playwright müsste
+      // Dateiinhalte mitliefern, und die Write-API verlangt bereits ge-
+      // uploadete fileRef-UUIDs. Lässt sich nachziehen, sobald Sample die
+      // Pfade klärt (M4).
+      return undefined;
+    default:
+      return undefined;
+  }
+}

package/src/testing/expect-error.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import { expect } from "vitest";
+import type { WriteErrorInfo } from "../errors";
+// Vitest's toContain doesn't operate on plain objects, so after the move from
+// string errors to typed WriteErrorInfo the legacy `expect(error).toContain(x)`
+// assertions break. This helper concatenates code, message, and serialized
+// details so existing substring checks against short reason strings keep
+// working without each call site needing to know the new shape.
+//
+// Accepts `string | null` too, so call sites that still get raw strings
+// (e.g. helpers that haven't moved to typed errors yet) keep working.
+export function expectErrorIncludes(
+  err: WriteErrorInfo | string | null | undefined,
+  substring: string,
+): void {
+  let haystack: string;
+  if (err === null || err === undefined) {
+    haystack = String(err);
+  } else if (typeof err === "string") {
+    haystack = err;
+  } else {
+    haystack = `${err.code} ${err.message} ${JSON.stringify(err.details ?? {})}`;
+  }
+  expect(haystack).toContain(substring);
+}

package/src/testing/handler-context.ts ADDED Viewed

@@ -0,0 +1,125 @@
+// @runtime runtime
+//
+// bridgeStub liefert eine HandlerContext-Shape mit throw-on-use Bridge-Methods
+// (ctx.query/write/loadAggregate/...). Wird von Test-Code UND Production-
+// Services genutzt (delivery-service nutzt es um cross-feature notify-Calls
+// ohne echten Dispatcher zu fahren). Daher runtime-Klassifizierung trotz
+// Wohnsitz unter `testing/` — keine vitest-Imports, keine Test-Side-Effects.
+import type {
+  AppendEventArgs,
+  FetchForWritingArgs,
+  HandlerContext,
+  SessionUser,
+  WriteResult,
+} from "../engine/types";
+import { createNoopMetricsHandle, getFallbackTracer } from "../observability";
+import { createTzContext } from "../time";
+// Test/service helper: cross-feature bridge methods that throw on use.
+//
+// Production code always receives a full HandlerContext from the Dispatcher's
+// buildHandlerContext (with real query/write closures). Some internal services
+// and tests construct a mini-context manually (typically just `{ db, registry }`)
+// to invoke a single handler. Those call sites don't use ctx.query/write —
+// the stubs make the TypeScript shape match while still failing loudly if
+// anything downstream accidentally reaches for them.
+//
+// Use: `{ db, registry, ...bridgeStub() }`
+const notAvailable = (what: string) => async (): Promise<never> => {
+  throw new Error(
+    `ctx.${what} not available in this context — use the dispatcher, not a stubbed handler context`,
+  );
+};
+// Noop observability — hand back the shared fallback tracer so ctx.tracer has
+// a valid Tracer shape. No allocations per call.
+const noopTracer = getFallbackTracer();
+export function bridgeStub(opts?: {
+  readonly user?: SessionUser;
+}): Pick<
+  HandlerContext,
+  | "query"
+  | "queryAs"
+  | "write"
+  | "writeAs"
+  | "appendEvent"
+  | "appendEventUnsafe"
+  | "fetchForWriting"
+  | "loadAggregate"
+  | "archiveStream"
+  | "restoreStream"
+  | "isStreamArchived"
+  | "snapshotAggregate"
+  | "loadAggregateWithSnapshot"
+  | "queryProjection"
+  | "resolveAuthClaims"
+  | "hasFeature"
+  | "metrics"
+  | "tracer"
+  | "tz"
+  | "user"
+> {
+  // ctx.user ist Convenience-Alias zu event.user (siehe HandlerContext-
+  // Doku). Caller-Code erwartet das Feld; bridgeStub liefert es als
+  // Stub mit den Anonymous-Default-Werten wenn kein User explizit
+  // übergeben wird. Test-Code mit Identity-Bezug übergibt seinen
+  // SessionUser hier und bekommt ihn am ctx zurück.
+  const stubUser: SessionUser = opts?.user ?? {
+    id: "00000000-0000-0000-0000-000000000000",
+    tenantId: "00000000-0000-0000-0000-000000000000" as SessionUser["tenantId"],
+    roles: ["all"],
+  };
+  return {
+    user: stubUser,
+    query: notAvailable("query") as HandlerContext["query"],
+    queryAs: notAvailable("queryAs") as unknown as (
+      user: SessionUser,
+      qn: string,
+      payload: unknown,
+    ) => Promise<unknown>,
+    write: notAvailable("write") as unknown as (
+      qn: string,
+      payload: unknown,
+    ) => Promise<WriteResult>,
+    writeAs: notAvailable("writeAs") as unknown as (
+      user: SessionUser,
+      qn: string,
+      payload: unknown,
+    ) => Promise<WriteResult>,
+    appendEvent: notAvailable("appendEvent") as unknown as (args: AppendEventArgs) => Promise<void>,
+    appendEventUnsafe: notAvailable("appendEventUnsafe") as unknown as (
+      args: AppendEventArgs,
+    ) => Promise<void>,
+    fetchForWriting: notAvailable("fetchForWriting") as unknown as (
+      args: FetchForWritingArgs,
+    ) => ReturnType<HandlerContext["fetchForWriting"]>,
+    loadAggregate: notAvailable("loadAggregate") as unknown as HandlerContext["loadAggregate"],
+    archiveStream: notAvailable("archiveStream") as unknown as HandlerContext["archiveStream"],
+    restoreStream: notAvailable("restoreStream") as unknown as HandlerContext["restoreStream"],
+    isStreamArchived: notAvailable(
+      "isStreamArchived",
+    ) as unknown as HandlerContext["isStreamArchived"],
+    snapshotAggregate: notAvailable(
+      "snapshotAggregate",
+    ) as unknown as HandlerContext["snapshotAggregate"],
+    loadAggregateWithSnapshot: notAvailable(
+      "loadAggregateWithSnapshot",
+    ) as unknown as HandlerContext["loadAggregateWithSnapshot"],
+    queryProjection: notAvailable(
+      "queryProjection",
+    ) as unknown as HandlerContext["queryProjection"],
+    resolveAuthClaims: notAvailable(
+      "resolveAuthClaims",
+    ) as unknown as HandlerContext["resolveAuthClaims"],
+    // Stub defaults to always-enabled — matches the dispatcher's behaviour
+    // when no effectiveFeatures resolver is wired (tests without toggles).
+    hasFeature: () => true,
+    metrics: createNoopMetricsHandle(),
+    tracer: noopTracer,
+    // Echter TzContext, kein notAvailable — Test-Code nutzt ctx.tz häufig
+    // ohne dass es ein "Bridge"-Konzept ist. Default UTC.
+    tz: createTzContext(),
+  };
+}