@dev-ecosystem/core 0.1.0

package/dist/errors/vaulta.codes.js

@@ -0,0 +1,94 @@
+/**
+ * Vaulta Error Codes
+ *
+ * Structured error codes for the Vaulta secret vault.
+ *
+ * Pattern: VAULTA-<CATEGORY>-<NUMBER>
+ *
+ * Categories:
+ * - VAULT: Vault lifecycle and management
+ * - SEC: Security and authentication
+ * - CRYPTO: Cryptography and encryption
+ * - ACCESS: Access control and permissions
+ *
+ * @category Vaulta
+ * @public
+ */
+export const VaultaErrorCodes = {
+    // =========================================================================
+    // VAULT - Vault lifecycle errors
+    // =========================================================================
+    /** Vault not initialized */
+    VAULT_NOT_INITIALIZED: 'VAULTA-VAULT-001',
+    /** Vault is locked */
+    VAULT_LOCKED: 'VAULTA-VAULT-002',
+    /** Vault already exists */
+    VAULT_ALREADY_EXISTS: 'VAULTA-VAULT-003',
+    /** Vault not found */
+    VAULT_NOT_FOUND: 'VAULTA-VAULT-004',
+    /** Vault corrupted */
+    VAULT_CORRUPTED: 'VAULTA-VAULT-005',
+    /** Vault unlock failed */
+    VAULT_UNLOCK_FAILED: 'VAULTA-VAULT-006',
+    /** Vault initialization failed */
+    VAULT_INIT_FAILED: 'VAULTA-VAULT-007',
+    // =========================================================================
+    // SECURITY (SEC) - Security and authentication
+    // =========================================================================
+    /** Invalid master password */
+    INVALID_MASTER_PASSWORD: 'VAULTA-SEC-001',
+    /** Permission denied */
+    PERMISSION_DENIED: 'VAULTA-SEC-002',
+    /** Authentication failed */
+    AUTH_FAILED: 'VAULTA-SEC-003',
+    /** Invalid credentials */
+    INVALID_CREDENTIALS: 'VAULTA-SEC-004',
+    /** Session expired */
+    SESSION_EXPIRED: 'VAULTA-SEC-005',
+    /** Password policy violation */
+    PASSWORD_POLICY_VIOLATION: 'VAULTA-SEC-006',
+    /** Too many failed attempts */
+    TOO_MANY_FAILED_ATTEMPTS: 'VAULTA-SEC-007',
+    // =========================================================================
+    // CRYPTO (CRYPTO) - Cryptography errors
+    // =========================================================================
+    /** Encryption failed */
+    ENCRYPTION_FAILED: 'VAULTA-CRYPTO-001',
+    /** Decryption failed */
+    DECRYPTION_FAILED: 'VAULTA-CRYPTO-002',
+    /** Invalid encryption key */
+    INVALID_ENCRYPTION_KEY: 'VAULTA-CRYPTO-003',
+    /** Key derivation failed */
+    KEY_DERIVATION_FAILED: 'VAULTA-CRYPTO-004',
+    /** Cryptographic operation failed */
+    CRYPTO_OPERATION_FAILED: 'VAULTA-CRYPTO-005',
+    // =========================================================================
+    // ACCESS (ACCESS) - Access control
+    // =========================================================================
+    /** Secret not found */
+    SECRET_NOT_FOUND: 'VAULTA-ACCESS-001',
+    /** Secret already exists */
+    SECRET_ALREADY_EXISTS: 'VAULTA-ACCESS-002',
+    /** Invalid secret path */
+    INVALID_SECRET_PATH: 'VAULTA-ACCESS-003',
+    /** Secret read failed */
+    SECRET_READ_FAILED: 'VAULTA-ACCESS-004',
+    /** Secret write failed */
+    SECRET_WRITE_FAILED: 'VAULTA-ACCESS-005',
+    /** Secret delete failed */
+    SECRET_DELETE_FAILED: 'VAULTA-ACCESS-006',
+};
+/**
+ * Get category from Vaulta error code
+ */
+export function getVaultaErrorCategory(code) {
+    const match = code.match(/^VAULTA-([A-Z]+)-\d+$/);
+    return match?.[1] ?? 'UNKNOWN';
+}
+/**
+ * Check if code is a Vaulta error code
+ */
+export function isVaultaErrorCode(code) {
+    return Object.values(VaultaErrorCodes).includes(code);
+}
+//# sourceMappingURL=vaulta.codes.js.map

package/dist/errors/vaulta.codes.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vaulta.codes.js","sourceRoot":"","sources":["../../src/errors/vaulta.codes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,4EAA4E;IAC5E,iCAAiC;IACjC,4EAA4E;IAE5E,4BAA4B;IAC5B,qBAAqB,EAAE,kBAAkB;IAEzC,sBAAsB;IACtB,YAAY,EAAE,kBAAkB;IAEhC,2BAA2B;IAC3B,oBAAoB,EAAE,kBAAkB;IAExC,sBAAsB;IACtB,eAAe,EAAE,kBAAkB;IAEnC,sBAAsB;IACtB,eAAe,EAAE,kBAAkB;IAEnC,0BAA0B;IAC1B,mBAAmB,EAAE,kBAAkB;IAEvC,kCAAkC;IAClC,iBAAiB,EAAE,kBAAkB;IAErC,4EAA4E;IAC5E,+CAA+C;IAC/C,4EAA4E;IAE5E,8BAA8B;IAC9B,uBAAuB,EAAE,gBAAgB;IAEzC,wBAAwB;IACxB,iBAAiB,EAAE,gBAAgB;IAEnC,4BAA4B;IAC5B,WAAW,EAAE,gBAAgB;IAE7B,0BAA0B;IAC1B,mBAAmB,EAAE,gBAAgB;IAErC,sBAAsB;IACtB,eAAe,EAAE,gBAAgB;IAEjC,gCAAgC;IAChC,yBAAyB,EAAE,gBAAgB;IAE3C,+BAA+B;IAC/B,wBAAwB,EAAE,gBAAgB;IAE1C,4EAA4E;IAC5E,wCAAwC;IACxC,4EAA4E;IAE5E,wBAAwB;IACxB,iBAAiB,EAAE,mBAAmB;IAEtC,wBAAwB;IACxB,iBAAiB,EAAE,mBAAmB;IAEtC,6BAA6B;IAC7B,sBAAsB,EAAE,mBAAmB;IAE3C,4BAA4B;IAC5B,qBAAqB,EAAE,mBAAmB;IAE1C,qCAAqC;IACrC,uBAAuB,EAAE,mBAAmB;IAE5C,4EAA4E;IAC5E,mCAAmC;IACnC,4EAA4E;IAE5E,uBAAuB;IACvB,gBAAgB,EAAE,mBAAmB;IAErC,4BAA4B;IAC5B,qBAAqB,EAAE,mBAAmB;IAE1C,0BAA0B;IAC1B,mBAAmB,EAAE,mBAAmB;IAExC,yBAAyB;IACzB,kBAAkB,EAAE,mBAAmB;IAEvC,0BAA0B;IAC1B,mBAAmB,EAAE,mBAAmB;IAExC,2BAA2B;IAC3B,oBAAoB,EAAE,mBAAmB;CAEjC,CAAC;AAOX;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,IAAqB;IAC1D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAClD,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,OAAO,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,IAAuB,CAAC,CAAC;AAC3E,CAAC"}

package/dist/errors/vaulta.errors.d.ts

@@ -0,0 +1,135 @@
+/**
+ * Vaulta Error Classes
+ *
+ * Concrete error implementations for the Vaulta secret vault.
+ * All errors extend BaseError and use VaultaErrorCodes.
+ *
+ * @category Vaulta
+ * @public
+ */
+import { BaseError } from './BaseError.js';
+import { ErrorType, ErrorSeverity } from './ErrorTypes.js';
+import { ExitCodes } from '../exit-codes/ExitCodes.js';
+export declare class VaultNotInitializedError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.CONFIG;
+    readonly code: "VAULTA-VAULT-001";
+    readonly exitCode = ExitCodes.MISSING_CONFIG;
+    readonly severity = ErrorSeverity.HIGH;
+}
+export declare class VaultLockedError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.SECURITY;
+    readonly code: "VAULTA-VAULT-002";
+    readonly exitCode = ExitCodes.VAULT_LOCKED;
+    readonly severity = ErrorSeverity.HIGH;
+    toUserMessage(): string;
+}
+export declare class VaultAlreadyExistsError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.USER;
+    readonly code: "VAULTA-VAULT-003";
+    readonly exitCode = ExitCodes.INVALID_INPUT;
+    readonly severity = ErrorSeverity.MEDIUM;
+}
+export declare class VaultNotFoundError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.USER;
+    readonly code: "VAULTA-VAULT-004";
+    readonly exitCode = ExitCodes.INVALID_INPUT;
+    readonly severity = ErrorSeverity.MEDIUM;
+}
+export declare class VaultCorruptedError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.INTERNAL;
+    readonly code: "VAULTA-VAULT-005";
+    readonly exitCode = ExitCodes.STATE_CORRUPTION;
+    readonly severity = ErrorSeverity.CRITICAL;
+}
+export declare class InvalidMasterPasswordError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.SECURITY;
+    readonly code: "VAULTA-SEC-001";
+    readonly exitCode = ExitCodes.INVALID_CREDENTIALS;
+    readonly severity = ErrorSeverity.HIGH;
+    toUserMessage(): string;
+}
+export declare class VaultPermissionDeniedError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.SECURITY;
+    readonly code: "VAULTA-SEC-002";
+    readonly exitCode = ExitCodes.PERMISSION_DENIED;
+    readonly severity = ErrorSeverity.HIGH;
+}
+export declare class VaultAuthenticationError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.SECURITY;
+    readonly code: "VAULTA-SEC-003";
+    readonly exitCode = ExitCodes.AUTH_FAILED;
+    readonly severity = ErrorSeverity.HIGH;
+}
+export declare class VaultSessionExpiredError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.SECURITY;
+    readonly code: "VAULTA-SEC-005";
+    readonly exitCode = ExitCodes.AUTH_FAILED;
+    readonly severity = ErrorSeverity.MEDIUM;
+    toUserMessage(): string;
+}
+export declare class EncryptionError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.INTERNAL;
+    readonly code: "VAULTA-CRYPTO-001";
+    readonly exitCode = ExitCodes.INTERNAL_ERROR;
+    readonly severity = ErrorSeverity.CRITICAL;
+}
+export declare class DecryptionError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.SECURITY;
+    readonly code: "VAULTA-CRYPTO-002";
+    readonly exitCode = ExitCodes.INTERNAL_ERROR;
+    readonly severity = ErrorSeverity.CRITICAL;
+}
+export declare class InvalidEncryptionKeyError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.SECURITY;
+    readonly code: "VAULTA-CRYPTO-003";
+    readonly exitCode = ExitCodes.INVALID_CREDENTIALS;
+    readonly severity = ErrorSeverity.CRITICAL;
+}
+export declare class SecretNotFoundError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.USER;
+    readonly code: "VAULTA-ACCESS-001";
+    readonly exitCode = ExitCodes.MISSING_SECRET;
+    readonly severity = ErrorSeverity.MEDIUM;
+}
+export declare class SecretAlreadyExistsError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.USER;
+    readonly code: "VAULTA-ACCESS-002";
+    readonly exitCode = ExitCodes.INVALID_INPUT;
+    readonly severity = ErrorSeverity.MEDIUM;
+}
+export declare class InvalidSecretPathError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.USER;
+    readonly code: "VAULTA-ACCESS-003";
+    readonly exitCode = ExitCodes.INVALID_INPUT;
+    readonly severity = ErrorSeverity.MEDIUM;
+}
+export declare class SecretReadError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.EXECUTION;
+    readonly code: "VAULTA-ACCESS-004";
+    readonly exitCode = ExitCodes.INTERNAL_ERROR;
+    readonly severity = ErrorSeverity.MEDIUM;
+}
+export declare class SecretWriteError extends BaseError {
+    readonly component = "vaulta";
+    readonly type = ErrorType.EXECUTION;
+    readonly code: "VAULTA-ACCESS-005";
+    readonly exitCode = ExitCodes.INTERNAL_ERROR;
+    readonly severity = ErrorSeverity.MEDIUM;
+}
+//# sourceMappingURL=vaulta.errors.d.ts.map

package/dist/errors/vaulta.errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vaulta.errors.d.ts","sourceRoot":"","sources":["../../src/errors/vaulta.errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAOvD,qBAAa,wBAAyB,SAAQ,SAAS;IACrD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,oBAAoB;IACjC,QAAQ,CAAC,IAAI,qBAA0C;IACvD,QAAQ,CAAC,QAAQ,4BAA4B;IAC7C,SAAkB,QAAQ,sBAAsB;CACjD;AAED,qBAAa,gBAAiB,SAAQ,SAAS;IAC7C,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,qBAAiC;IAC9C,QAAQ,CAAC,QAAQ,0BAA0B;IAC3C,SAAkB,QAAQ,sBAAsB;IAEvC,aAAa,IAAI,MAAM;CAGjC;AAED,qBAAa,uBAAwB,SAAQ,SAAS;IACpD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,kBAAkB;IAC/B,QAAQ,CAAC,IAAI,qBAAyC;IACtD,QAAQ,CAAC,QAAQ,2BAA2B;IAC5C,SAAkB,QAAQ,wBAAwB;CACnD;AAED,qBAAa,kBAAmB,SAAQ,SAAS;IAC/C,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,kBAAkB;IAC/B,QAAQ,CAAC,IAAI,qBAAoC;IACjD,QAAQ,CAAC,QAAQ,2BAA2B;IAC5C,SAAkB,QAAQ,wBAAwB;CACnD;AAED,qBAAa,mBAAoB,SAAQ,SAAS;IAChD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,qBAAoC;IACjD,QAAQ,CAAC,QAAQ,8BAA8B;IAC/C,SAAkB,QAAQ,0BAA0B;CACrD;AAMD,qBAAa,0BAA2B,SAAQ,SAAS;IACvD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,mBAA4C;IACzD,QAAQ,CAAC,QAAQ,iCAAiC;IAClD,SAAkB,QAAQ,sBAAsB;IAEvC,aAAa,IAAI,MAAM;CAGjC;AAED,qBAAa,0BAA2B,SAAQ,SAAS;IACvD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,mBAAsC;IACnD,QAAQ,CAAC,QAAQ,+BAA+B;IAChD,SAAkB,QAAQ,sBAAsB;CACjD;AAED,qBAAa,wBAAyB,SAAQ,SAAS;IACrD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,mBAAgC;IAC7C,QAAQ,CAAC,QAAQ,yBAAyB;IAC1C,SAAkB,QAAQ,sBAAsB;CACjD;AAED,qBAAa,wBAAyB,SAAQ,SAAS;IACrD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,mBAAoC;IACjD,QAAQ,CAAC,QAAQ,yBAAyB;IAC1C,SAAkB,QAAQ,wBAAwB;IAEzC,aAAa,IAAI,MAAM;CAGjC;AAMD,qBAAa,eAAgB,SAAQ,SAAS;IAC5C,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,sBAAsC;IACnD,QAAQ,CAAC,QAAQ,4BAA4B;IAC7C,SAAkB,QAAQ,0BAA0B;CACrD;AAED,qBAAa,eAAgB,SAAQ,SAAS;IAC5C,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,sBAAsC;IACnD,QAAQ,CAAC,QAAQ,4BAA4B;IAC7C,SAAkB,QAAQ,0BAA0B;CACrD;AAED,qBAAa,yBAA0B,SAAQ,SAAS;IACtD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,IAAI,sBAA2C;IACxD,QAAQ,CAAC,QAAQ,iCAAiC;IAClD,SAAkB,QAAQ,0BAA0B;CACrD;AAMD,qBAAa,mBAAoB,SAAQ,SAAS;IAChD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,kBAAkB;IAC/B,QAAQ,CAAC,IAAI,sBAAqC;IAClD,QAAQ,CAAC,QAAQ,4BAA4B;IAC7C,SAAkB,QAAQ,wBAAwB;CACnD;AAED,qBAAa,wBAAyB,SAAQ,SAAS;IACrD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,kBAAkB;IAC/B,QAAQ,CAAC,IAAI,sBAA0C;IACvD,QAAQ,CAAC,QAAQ,2BAA2B;IAC5C,SAAkB,QAAQ,wBAAwB;CACnD;AAED,qBAAa,sBAAuB,SAAQ,SAAS;IACnD,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,kBAAkB;IAC/B,QAAQ,CAAC,IAAI,sBAAwC;IACrD,QAAQ,CAAC,QAAQ,2BAA2B;IAC5C,SAAkB,QAAQ,wBAAwB;CACnD;AAED,qBAAa,eAAgB,SAAQ,SAAS;IAC5C,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,uBAAuB;IACpC,QAAQ,CAAC,IAAI,sBAAuC;IACpD,QAAQ,CAAC,QAAQ,4BAA4B;IAC7C,SAAkB,QAAQ,wBAAwB;CACnD;AAED,qBAAa,gBAAiB,SAAQ,SAAS;IAC7C,QAAQ,CAAC,SAAS,YAAY;IAC9B,QAAQ,CAAC,IAAI,uBAAuB;IACpC,QAAQ,CAAC,IAAI,sBAAwC;IACrD,QAAQ,CAAC,QAAQ,4BAA4B;IAC7C,SAAkB,QAAQ,wBAAwB;CACnD"}

package/dist/errors/vaulta.errors.js

@@ -0,0 +1,154 @@
+/**
+ * Vaulta Error Classes
+ *
+ * Concrete error implementations for the Vaulta secret vault.
+ * All errors extend BaseError and use VaultaErrorCodes.
+ *
+ * @category Vaulta
+ * @public
+ */
+import { BaseError } from './BaseError.js';
+import { ErrorType, ErrorSeverity } from './ErrorTypes.js';
+import { ExitCodes } from '../exit-codes/ExitCodes.js';
+import { VaultaErrorCodes } from './vaulta.codes.js';
+// ============================================================================
+// VAULT LIFECYCLE ERRORS
+// ============================================================================
+export class VaultNotInitializedError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.CONFIG;
+    code = VaultaErrorCodes.VAULT_NOT_INITIALIZED;
+    exitCode = ExitCodes.MISSING_CONFIG;
+    severity = ErrorSeverity.HIGH;
+}
+export class VaultLockedError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.SECURITY;
+    code = VaultaErrorCodes.VAULT_LOCKED;
+    exitCode = ExitCodes.VAULT_LOCKED;
+    severity = ErrorSeverity.HIGH;
+    toUserMessage() {
+        return 'Vault is locked. Please unlock it with: vaulta unlock';
+    }
+}
+export class VaultAlreadyExistsError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.USER;
+    code = VaultaErrorCodes.VAULT_ALREADY_EXISTS;
+    exitCode = ExitCodes.INVALID_INPUT;
+    severity = ErrorSeverity.MEDIUM;
+}
+export class VaultNotFoundError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.USER;
+    code = VaultaErrorCodes.VAULT_NOT_FOUND;
+    exitCode = ExitCodes.INVALID_INPUT;
+    severity = ErrorSeverity.MEDIUM;
+}
+export class VaultCorruptedError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.INTERNAL;
+    code = VaultaErrorCodes.VAULT_CORRUPTED;
+    exitCode = ExitCodes.STATE_CORRUPTION;
+    severity = ErrorSeverity.CRITICAL;
+}
+// ============================================================================
+// SECURITY ERRORS
+// ============================================================================
+export class InvalidMasterPasswordError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.SECURITY;
+    code = VaultaErrorCodes.INVALID_MASTER_PASSWORD;
+    exitCode = ExitCodes.INVALID_CREDENTIALS;
+    severity = ErrorSeverity.HIGH;
+    toUserMessage() {
+        return 'Invalid master password. Please try again.';
+    }
+}
+export class VaultPermissionDeniedError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.SECURITY;
+    code = VaultaErrorCodes.PERMISSION_DENIED;
+    exitCode = ExitCodes.PERMISSION_DENIED;
+    severity = ErrorSeverity.HIGH;
+}
+export class VaultAuthenticationError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.SECURITY;
+    code = VaultaErrorCodes.AUTH_FAILED;
+    exitCode = ExitCodes.AUTH_FAILED;
+    severity = ErrorSeverity.HIGH;
+}
+export class VaultSessionExpiredError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.SECURITY;
+    code = VaultaErrorCodes.SESSION_EXPIRED;
+    exitCode = ExitCodes.AUTH_FAILED;
+    severity = ErrorSeverity.MEDIUM;
+    toUserMessage() {
+        return 'Session expired. Please unlock the vault again.';
+    }
+}
+// ============================================================================
+// CRYPTOGRAPHY ERRORS
+// ============================================================================
+export class EncryptionError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.INTERNAL;
+    code = VaultaErrorCodes.ENCRYPTION_FAILED;
+    exitCode = ExitCodes.INTERNAL_ERROR;
+    severity = ErrorSeverity.CRITICAL;
+}
+export class DecryptionError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.SECURITY;
+    code = VaultaErrorCodes.DECRYPTION_FAILED;
+    exitCode = ExitCodes.INTERNAL_ERROR;
+    severity = ErrorSeverity.CRITICAL;
+}
+export class InvalidEncryptionKeyError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.SECURITY;
+    code = VaultaErrorCodes.INVALID_ENCRYPTION_KEY;
+    exitCode = ExitCodes.INVALID_CREDENTIALS;
+    severity = ErrorSeverity.CRITICAL;
+}
+// ============================================================================
+// ACCESS CONTROL ERRORS
+// ============================================================================
+export class SecretNotFoundError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.USER;
+    code = VaultaErrorCodes.SECRET_NOT_FOUND;
+    exitCode = ExitCodes.MISSING_SECRET;
+    severity = ErrorSeverity.MEDIUM;
+}
+export class SecretAlreadyExistsError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.USER;
+    code = VaultaErrorCodes.SECRET_ALREADY_EXISTS;
+    exitCode = ExitCodes.INVALID_INPUT;
+    severity = ErrorSeverity.MEDIUM;
+}
+export class InvalidSecretPathError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.USER;
+    code = VaultaErrorCodes.INVALID_SECRET_PATH;
+    exitCode = ExitCodes.INVALID_INPUT;
+    severity = ErrorSeverity.MEDIUM;
+}
+export class SecretReadError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.EXECUTION;
+    code = VaultaErrorCodes.SECRET_READ_FAILED;
+    exitCode = ExitCodes.INTERNAL_ERROR;
+    severity = ErrorSeverity.MEDIUM;
+}
+export class SecretWriteError extends BaseError {
+    component = 'vaulta';
+    type = ErrorType.EXECUTION;
+    code = VaultaErrorCodes.SECRET_WRITE_FAILED;
+    exitCode = ExitCodes.INTERNAL_ERROR;
+    severity = ErrorSeverity.MEDIUM;
+}
+//# sourceMappingURL=vaulta.errors.js.map

package/dist/errors/vaulta.errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vaulta.errors.js","sourceRoot":"","sources":["../../src/errors/vaulta.errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAErD,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E,MAAM,OAAO,wBAAyB,SAAQ,SAAS;IAC5C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,MAAM,CAAC;IACxB,IAAI,GAAG,gBAAgB,CAAC,qBAAqB,CAAC;IAC9C,QAAQ,GAAG,SAAS,CAAC,cAAc,CAAC;IAC3B,QAAQ,GAAG,aAAa,CAAC,IAAI,CAAC;CACjD;AAED,MAAM,OAAO,gBAAiB,SAAQ,SAAS;IACpC,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,YAAY,CAAC;IACrC,QAAQ,GAAG,SAAS,CAAC,YAAY,CAAC;IACzB,QAAQ,GAAG,aAAa,CAAC,IAAI,CAAC;IAEvC,aAAa;QACpB,OAAO,uDAAuD,CAAC;IACjE,CAAC;CACF;AAED,MAAM,OAAO,uBAAwB,SAAQ,SAAS;IAC3C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC;IACtB,IAAI,GAAG,gBAAgB,CAAC,oBAAoB,CAAC;IAC7C,QAAQ,GAAG,SAAS,CAAC,aAAa,CAAC;IAC1B,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC;CACnD;AAED,MAAM,OAAO,kBAAmB,SAAQ,SAAS;IACtC,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC;IACtB,IAAI,GAAG,gBAAgB,CAAC,eAAe,CAAC;IACxC,QAAQ,GAAG,SAAS,CAAC,aAAa,CAAC;IAC1B,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC;CACnD;AAED,MAAM,OAAO,mBAAoB,SAAQ,SAAS;IACvC,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,eAAe,CAAC;IACxC,QAAQ,GAAG,SAAS,CAAC,gBAAgB,CAAC;IAC7B,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;CACrD;AAED,+EAA+E;AAC/E,kBAAkB;AAClB,+EAA+E;AAE/E,MAAM,OAAO,0BAA2B,SAAQ,SAAS;IAC9C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,uBAAuB,CAAC;IAChD,QAAQ,GAAG,SAAS,CAAC,mBAAmB,CAAC;IAChC,QAAQ,GAAG,aAAa,CAAC,IAAI,CAAC;IAEvC,aAAa;QACpB,OAAO,4CAA4C,CAAC;IACtD,CAAC;CACF;AAED,MAAM,OAAO,0BAA2B,SAAQ,SAAS;IAC9C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,iBAAiB,CAAC;IAC1C,QAAQ,GAAG,SAAS,CAAC,iBAAiB,CAAC;IAC9B,QAAQ,GAAG,aAAa,CAAC,IAAI,CAAC;CACjD;AAED,MAAM,OAAO,wBAAyB,SAAQ,SAAS;IAC5C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,WAAW,CAAC;IACpC,QAAQ,GAAG,SAAS,CAAC,WAAW,CAAC;IACxB,QAAQ,GAAG,aAAa,CAAC,IAAI,CAAC;CACjD;AAED,MAAM,OAAO,wBAAyB,SAAQ,SAAS;IAC5C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,eAAe,CAAC;IACxC,QAAQ,GAAG,SAAS,CAAC,WAAW,CAAC;IACxB,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC;IAEzC,aAAa;QACpB,OAAO,iDAAiD,CAAC;IAC3D,CAAC;CACF;AAED,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E,MAAM,OAAO,eAAgB,SAAQ,SAAS;IACnC,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,iBAAiB,CAAC;IAC1C,QAAQ,GAAG,SAAS,CAAC,cAAc,CAAC;IAC3B,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;CACrD;AAED,MAAM,OAAO,eAAgB,SAAQ,SAAS;IACnC,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,iBAAiB,CAAC;IAC1C,QAAQ,GAAG,SAAS,CAAC,cAAc,CAAC;IAC3B,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;CACrD;AAED,MAAM,OAAO,yBAA0B,SAAQ,SAAS;IAC7C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC;IAC1B,IAAI,GAAG,gBAAgB,CAAC,sBAAsB,CAAC;IAC/C,QAAQ,GAAG,SAAS,CAAC,mBAAmB,CAAC;IAChC,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;CACrD;AAED,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAE/E,MAAM,OAAO,mBAAoB,SAAQ,SAAS;IACvC,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC;IACtB,IAAI,GAAG,gBAAgB,CAAC,gBAAgB,CAAC;IACzC,QAAQ,GAAG,SAAS,CAAC,cAAc,CAAC;IAC3B,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC;CACnD;AAED,MAAM,OAAO,wBAAyB,SAAQ,SAAS;IAC5C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC;IACtB,IAAI,GAAG,gBAAgB,CAAC,qBAAqB,CAAC;IAC9C,QAAQ,GAAG,SAAS,CAAC,aAAa,CAAC;IAC1B,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC;CACnD;AAED,MAAM,OAAO,sBAAuB,SAAQ,SAAS;IAC1C,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC;IACtB,IAAI,GAAG,gBAAgB,CAAC,mBAAmB,CAAC;IAC5C,QAAQ,GAAG,SAAS,CAAC,aAAa,CAAC;IAC1B,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC;CACnD;AAED,MAAM,OAAO,eAAgB,SAAQ,SAAS;IACnC,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,SAAS,CAAC;IAC3B,IAAI,GAAG,gBAAgB,CAAC,kBAAkB,CAAC;IAC3C,QAAQ,GAAG,SAAS,CAAC,cAAc,CAAC;IAC3B,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC;CACnD;AAED,MAAM,OAAO,gBAAiB,SAAQ,SAAS;IACpC,SAAS,GAAG,QAAQ,CAAC;IACrB,IAAI,GAAG,SAAS,CAAC,SAAS,CAAC;IAC3B,IAAI,GAAG,gBAAgB,CAAC,mBAAmB,CAAC;IAC5C,QAAQ,GAAG,SAAS,CAAC,cAAc,CAAC;IAC3B,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC;CACnD"}

package/dist/exit-codes/ExitCodes.d.ts

@@ -0,0 +1,136 @@
+/**
+ * Ecosystem Exit Codes
+ *
+ * Process-level exit codes used across ALL ecosystem components.
+ * These are numeric, stable, and cross-language compatible.
+ *
+ * Pattern:
+ * - 0      → Success
+ * - 1xx    → User / Input errors
+ * - 2xx    → Configuration / Environment errors
+ * - 3xx    → Execution failures
+ * - 4xx    → Security / Permission issues
+ * - 5xx    → Internal / System errors
+ *
+ * Rules:
+ * - NEVER remove or change an exit code once published
+ * - Use these in CLI, Engine, Services, all products
+ * - Keep them component-agnostic at this level
+ * - Specific errors use error codes, these are just outcomes
+ *
+ * @category Core
+ * @public
+ */
+export declare enum ExitCodes {
+    /** Operation completed successfully */
+    SUCCESS = 0,
+    /** Invalid command-line arguments or input parameters */
+    INVALID_INPUT = 100,
+    /** Invalid schema or workflow definition */
+    INVALID_SCHEMA = 101,
+    /** Required input file not found or invalid */
+    INVALID_FILE = 102,
+    /** Invalid format or malformed data */
+    INVALID_FORMAT = 103,
+    /** Missing required input or parameter */
+    MISSING_REQUIRED_INPUT = 104,
+    /** Validation failed */
+    VALIDATION_FAILED = 105,
+    /** Missing or invalid configuration file */
+    MISSING_CONFIG = 200,
+    /** Secret not found or unavailable */
+    MISSING_SECRET = 201,
+    /** Required dependency not found */
+    MISSING_DEPENDENCY = 202,
+    /** Environment not properly set up */
+    ENVIRONMENT_ERROR = 203,
+    /** Invalid configuration values */
+    INVALID_CONFIG = 204,
+    /** Required service unavailable */
+    SERVICE_UNAVAILABLE = 205,
+    /** Workflow execution failed */
+    WORKFLOW_FAILED = 300,
+    /** Individual step failed */
+    STEP_FAILED = 301,
+    /** Adapter execution failed */
+    ADAPTER_FAILED = 302,
+    /** Plugin execution failed */
+    PLUGIN_FAILED = 303,
+    /** Operation timeout */
+    TIMEOUT = 304,
+    /** Circular dependency detected */
+    CIRCULAR_DEPENDENCY = 305,
+    /** Dependency failure */
+    DEPENDENCY_FAILED = 306,
+    /** Resource allocation failed */
+    RESOURCE_ERROR = 307,
+    /** Permission denied */
+    PERMISSION_DENIED = 400,
+    /** Vault is locked, requires unlock */
+    VAULT_LOCKED = 401,
+    /** Authentication failed */
+    AUTH_FAILED = 402,
+    /** Invalid credentials */
+    INVALID_CREDENTIALS = 403,
+    /** Access forbidden */
+    FORBIDDEN = 404,
+    /** Secret resolution failed */
+    SECRET_RESOLUTION_FAILED = 405,
+    /** Security policy violation */
+    SECURITY_VIOLATION = 406,
+    /** Internal system error */
+    INTERNAL_ERROR = 500,
+    /** Unhandled exception */
+    UNHANDLED_EXCEPTION = 501,
+    /** Engine initialization failed */
+    INITIALIZATION_FAILED = 502,
+    /** State corruption detected */
+    STATE_CORRUPTION = 503,
+    /** Critical system failure */
+    CRITICAL_FAILURE = 504,
+    /** Database error */
+    DATABASE_ERROR = 505,
+    /** File system error */
+    FILESYSTEM_ERROR = 506,
+    /** Network error */
+    NETWORK_ERROR = 507,
+    /** Out of memory */
+    OUT_OF_MEMORY = 508,
+    /** Bug detected (should never happen) */
+    BUG_DETECTED = 509
+}
+/**
+ * Get human-readable description of an exit code
+ *
+ * @param code - Exit code to describe
+ * @returns Human-readable description
+ *
+ * @example
+ * ```typescript
+ * const desc = getExitCodeDescription(ExitCodes.VAULT_LOCKED);
+ * // Returns: "Vault is locked, requires unlock"
+ * ```
+ */
+export declare function getExitCodeDescription(code: ExitCodes): string;
+/**
+ * Get exit code category
+ *
+ * @param code - Exit code
+ * @returns Category name
+ */
+export declare function getExitCodeCategory(code: ExitCodes): string;
+/**
+ * Check if exit code represents success
+ */
+export declare function isSuccess(code: ExitCodes): boolean;
+/**
+ * Check if exit code represents a user error
+ */
+export declare function isUserError(code: ExitCodes): boolean;
+/**
+ * Check if exit code represents a retryable error
+ * Retryable: timeouts, network errors, service unavailable
+ * Not retryable: validation, permission, bad input
+ */
+export declare function isRetryable(code: ExitCodes): boolean;
+//# sourceMappingURL=ExitCodes.d.ts.map

package/dist/exit-codes/ExitCodes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ExitCodes.d.ts","sourceRoot":"","sources":["../../src/exit-codes/ExitCodes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,oBAAY,SAAS;IAKnB,uCAAuC;IACvC,OAAO,IAAI;IAMX,yDAAyD;IACzD,aAAa,MAAM;IAEnB,4CAA4C;IAC5C,cAAc,MAAM;IAEpB,+CAA+C;IAC/C,YAAY,MAAM;IAElB,uCAAuC;IACvC,cAAc,MAAM;IAEpB,0CAA0C;IAC1C,sBAAsB,MAAM;IAE5B,wBAAwB;IACxB,iBAAiB,MAAM;IAMvB,4CAA4C;IAC5C,cAAc,MAAM;IAEpB,sCAAsC;IACtC,cAAc,MAAM;IAEpB,oCAAoC;IACpC,kBAAkB,MAAM;IAExB,sCAAsC;IACtC,iBAAiB,MAAM;IAEvB,mCAAmC;IACnC,cAAc,MAAM;IAEpB,mCAAmC;IACnC,mBAAmB,MAAM;IAMzB,gCAAgC;IAChC,eAAe,MAAM;IAErB,6BAA6B;IAC7B,WAAW,MAAM;IAEjB,+BAA+B;IAC/B,cAAc,MAAM;IAEpB,8BAA8B;IAC9B,aAAa,MAAM;IAEnB,wBAAwB;IACxB,OAAO,MAAM;IAEb,mCAAmC;IACnC,mBAAmB,MAAM;IAEzB,yBAAyB;IACzB,iBAAiB,MAAM;IAEvB,iCAAiC;IACjC,cAAc,MAAM;IAMpB,wBAAwB;IACxB,iBAAiB,MAAM;IAEvB,uCAAuC;IACvC,YAAY,MAAM;IAElB,4BAA4B;IAC5B,WAAW,MAAM;IAEjB,0BAA0B;IAC1B,mBAAmB,MAAM;IAEzB,uBAAuB;IACvB,SAAS,MAAM;IAEf,+BAA+B;IAC/B,wBAAwB,MAAM;IAE9B,gCAAgC;IAChC,kBAAkB,MAAM;IAMxB,4BAA4B;IAC5B,cAAc,MAAM;IAEpB,0BAA0B;IAC1B,mBAAmB,MAAM;IAEzB,mCAAmC;IACnC,qBAAqB,MAAM;IAE3B,gCAAgC;IAChC,gBAAgB,MAAM;IAEtB,8BAA8B;IAC9B,gBAAgB,MAAM;IAEtB,qBAAqB;IACrB,cAAc,MAAM;IAEpB,wBAAwB;IACxB,gBAAgB,MAAM;IAEtB,oBAAoB;IACpB,aAAa,MAAM;IAEnB,oBAAoB;IACpB,aAAa,MAAM;IAEnB,yCAAyC;IACzC,YAAY,MAAM;CACnB;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,SAAS,GAAG,MAAM,CAqD9D;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,SAAS,GAAG,MAAM,CAQ3D;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,SAAS,GAAG,OAAO,CAElD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,SAAS,GAAG,OAAO,CAEpD;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,SAAS,GAAG,OAAO,CASpD"}