create-forgeon 0.3.15 → 0.3.16

package/templates/module-presets/files-quotas/packages/files-quotas/src/forgeon-files-quotas.module.ts

@@ -1,11 +1,19 @@
-import { Module } from '@nestjs/common';
+import { Module } from '@nestjs/common';
 import { ForgeonFilesModule } from '@forgeon/files';
 import { FilesQuotasConfigModule } from './files-quotas-config.module';
 import { FilesQuotasService } from './files-quotas.service';
 
+const FORGEON_FILES_UPLOAD_QUOTA_SERVICE = 'FORGEON_FILES_UPLOAD_QUOTA_SERVICE';
+
 @Module({
   imports: [ForgeonFilesModule, FilesQuotasConfigModule],
-  providers: [FilesQuotasService],
-  exports: [FilesQuotasConfigModule, FilesQuotasService],
+  providers: [
+    FilesQuotasService,
+    {
+      provide: FORGEON_FILES_UPLOAD_QUOTA_SERVICE,
+      useExisting: FilesQuotasService,
+    },
+  ],
+  exports: [FilesQuotasConfigModule, FilesQuotasService, FORGEON_FILES_UPLOAD_QUOTA_SERVICE],
 })
-export class ForgeonFilesQuotasModule {}
+export class ForgeonFilesQuotasModule {}

package/templates/module-presets/i18n/apps/web/src/App.tsx

@@ -1,23 +1,28 @@
-import { useState } from 'react';
+import { useState } from 'react';
 import { useTranslation } from 'react-i18next';
 import i18n from './i18n';
 import * as i18nWeb from '@forgeon/i18n-web';
 import type { I18nLocale } from '@forgeon/i18n-web';
+import { probeDefinitions, type ProbeDefinition, type ProbeResult } from './probes';
 import './styles.css';
 
-type ProbeResult = {
-  statusCode: number;
-  body: unknown;
+type ProbeState = {
+  result: ProbeResult | null;
+  error: string | null;
+  loading: boolean;
+};
+
+const emptyProbeState: ProbeState = {
+  result: null,
+  error: null,
+  loading: false,
 };
 
 export default function App() {
   const { t } = useTranslation(['ui']);
   const { I18N_LOCALES, getInitialLocale, persistLocale, toLangQuery } = i18nWeb;
   const [locale, setLocale] = useState<I18nLocale>(getInitialLocale);
-  const [healthResult, setHealthResult] = useState<ProbeResult | null>(null);
-  const [errorProbeResult, setErrorProbeResult] = useState<ProbeResult | null>(null);
-  const [validationProbeResult, setValidationProbeResult] = useState<ProbeResult | null>(null);
-  const [networkError, setNetworkError] = useState<string | null>(null);
+  const [probeState, setProbeState] = useState<Record<string, ProbeState>>({});
 
   const changeLocale = (nextLocale: I18nLocale) => {
     setLocale(nextLocale);
@@ -25,12 +30,12 @@ export default function App() {
     void i18n.changeLanguage(nextLocale);
   };
 
-  const requestProbe = async (path: string, init?: RequestInit): Promise<ProbeResult> => {
-    const response = await fetch(`/api${path}${toLangQuery(locale)}`, {
-      ...(init ?? {}),
+  const requestProbe = async (probe: ProbeDefinition): Promise<ProbeResult> => {
+    const response = await fetch(`/api${probe.path}${toLangQuery(locale)}`, {
+      ...(probe.request ?? {}),
       cache: 'no-store',
       headers: {
-        ...(init?.headers ?? {}),
+        ...(probe.request?.headers ?? {}),
         'Accept-Language': locale,
       },
     });
@@ -48,27 +53,38 @@ export default function App() {
     };
   };
 
-  const runProbe = async (
-    setter: (value: ProbeResult | null) => void,
-    path: string,
-    init?: RequestInit,
-  ) => {
-    setNetworkError(null);
+  const runProbe = async (probe: ProbeDefinition) => {
+    setProbeState((current) => ({
+      ...current,
+      [probe.id]: {
+        ...(current[probe.id] ?? emptyProbeState),
+        error: null,
+        loading: true,
+      },
+    }));
+
     try {
-      const result = await requestProbe(path, init);
-      setter(result);
+      const result = await requestProbe(probe);
+      setProbeState((current) => ({
+        ...current,
+        [probe.id]: {
+          result,
+          error: null,
+          loading: false,
+        },
+      }));
     } catch (err) {
-      setNetworkError(err instanceof Error ? err.message : 'Unknown error');
+      setProbeState((current) => ({
+        ...current,
+        [probe.id]: {
+          result: current[probe.id]?.result ?? null,
+          error: err instanceof Error ? err.message : 'Unknown error',
+          loading: false,
+        },
+      }));
     }
   };
 
-  const renderResult = (title: string, result: ProbeResult | null) => (
-    <section>
-      <h3>{title}</h3>
-      {result ? <pre>{JSON.stringify(result, null, 2)}</pre> : null}
-    </section>
-  );
-
   return (
     <main className="page">
       <h1>Forgeon Fullstack Scaffold</h1>
@@ -85,19 +101,30 @@ export default function App() {
           </option>
         ))}
       </select>
-      <div className="actions">
-        <button onClick={() => runProbe(setHealthResult, '/health')}>Check API health</button>
-        <button onClick={() => runProbe(setErrorProbeResult, '/health/error')}>
-          Check error envelope
-        </button>
-        <button onClick={() => runProbe(setValidationProbeResult, '/health/validation')}>
-          Check validation (expect 400)
-        </button>
+      <div id="probes" className="probes">
+        {probeDefinitions.map((probe) => {
+          const current = probeState[probe.id] ?? emptyProbeState;
+
+          return (
+            <section key={probe.id} className="probe">
+              <div className="probe-header">
+                <h2>{probe.title}</h2>
+                <button type="button" onClick={() => runProbe(probe)} disabled={current.loading}>
+                  {current.loading ? 'Running...' : probe.buttonLabel}
+                </button>
+              </div>
+              <div className="probe-output">
+                <h3>{probe.resultTitle}</h3>
+                {current.error ? <p className="error">{current.error}</p> : null}
+                {current.result ? <pre>{JSON.stringify(current.result, null, 2)}</pre> : null}
+                {!current.error && !current.result ? (
+                  <p className="placeholder">No probe result yet.</p>
+                ) : null}
+              </div>
+            </section>
+          );
+        })}
       </div>
-      {renderResult('Health response', healthResult)}
-      {renderResult('Error probe response', errorProbeResult)}
-      {renderResult('Validation probe response', validationProbeResult)}
-      {networkError ? <p className="error">{networkError}</p> : null}
     </main>
   );
-}
+}

package/templates/module-presets/logger/packages/logger/src/index.ts

@@ -4,6 +4,5 @@ export * from './logger-config.service';
 export * from './logger-config.module';
 export * from './forgeon-logger.service';
 export * from './http-logging.middleware';
-export * from './http-logging.interceptor';
 export * from './request-id.middleware';
 export * from './forgeon-logger.module';

package/templates/base/docs/AI/ARCHITECTURE.md

@@ -1,85 +0,0 @@
-# ARCHITECTURE
-
-## Monorepo Layout
-
-- `apps/*` - deployable apps
-- `packages/*` - reusable modules/presets
-- `infra/*` - runtime infrastructure
-- `resources/*` - static assets (translations)
-
-Canonical stack is fixed in this stage:
-- NestJS + React + Prisma/Postgres + Docker
-- Proxy preset can be `caddy`, `nginx`, or `none`
-
-## Environment Flags
-
-- `PORT` - API port (default 3000)
-- `API_PREFIX` - global API prefix (default `api`)
-- `DATABASE_URL` - Prisma Postgres connection
-- `I18N_DEFAULT_LANG` - default language
-- `I18N_FALLBACK_LANG` - fallback language
-
-## Config Strategy
-
-- `@forgeon/core` owns base runtime config, global error envelope/filter, and validation pipe defaults.
-- Core config is validated with Zod and exposed through typed accessors.
-- Add-modules own and validate only their module-specific env keys.
-- i18n is an add-module; when installed, it uses its own env keys.
-
-## Default DB Stack
-
-Current default is Prisma + Postgres.
-
-- Prisma schema and migrations live in `apps/api/prisma`
-- DB access is encapsulated via `DbPrismaModule` in `@forgeon/db-prisma`
-- `db-prisma` is treated as default-applied behavior in scaffold generation.
-- Future direction: this default DB layer may be extracted to an explicit add-module/preset and optionally controlled by a CLI flag.
-- Additional DB presets are out of scope for the current milestone.
-
-## Module Strategy
-
-Reusable features should be added as fullstack add-modules:
-
-- `contracts` package (shared DTO/routes/errors)
-- `api` package (NestJS integration)
-- `web` package (React integration)
-
-Reference: `docs/AI/MODULE_SPEC.md`.
-
-## Integration Sync Strategy
-
-- Integration orchestration is a default project toolchain command:
-  - `pnpm forgeon:sync-integrations`
-- Purpose:
-  - keep add-modules composable when installed in arbitrary order;
-  - apply module-to-module integration patches idempotently.
-- Rule:
-  - each add-module patches only itself;
-  - cross-module changes are allowed only in integration sync rules.
-- Current integration:
-  - `jwt-auth + db-adapter` (current provider: `db-prisma`; persistent refresh-token store wiring + schema/migration sync).
-- Pair sync is explicit (opt-in), not automatic after `add`.
-- Run `pnpm forgeon:sync-integrations` when you want to apply module-pair integrations.
-- Swagger auth decorators are intentionally not auto-patched.
-- Future option: this may return as an explicit optional command (not default automatic behavior).
-
-## TypeScript Module Format Policy
-
-- `apps/api`, `packages/core`, and backend runtime packages use Node-oriented config:
-  - `tsconfig.base.node.json`
-- Frontend-consumed shared packages (especially contracts/web helpers) use ESM config:
-  - `tsconfig.base.esm.json`
-- Contracts packages are ESM-first and imported via package entrypoints only.
-- Cross-package imports from `/src/*` are disallowed.
-
-## Error Handling Strategy
-
-- `@forgeon/core` owns the global HTTP error envelope and filter.
-- API apps import `CoreErrorsModule` and register `CoreExceptionFilter` globally.
-- Envelope fields:
-  - `error.code`
-  - `error.message`
-  - `error.status`
-  - `error.details` (optional)
-  - `error.requestId` (optional)
-  - `error.timestamp`

package/templates/base/docs/AI/MODULE_CHECKS.md

@@ -1,28 +0,0 @@
-# MODULE CHECKS
-
-## Purpose
-
-Define mandatory runtime verification hooks for Forgeon modules.
-
-If a module can be validated through a safe API call, it must provide:
-
-1. A probe endpoint in API (`/api/health/*`).
-2. A probe trigger on default web page (`apps/web/src/App.tsx`).
-3. A visible result block in UI with HTTP status and JSON body.
-
-## Current Baseline Probes
-
-- `core-errors`: `GET /api/health/error` (returns error envelope, expected `409`)
-- `core-validation`: `GET /api/health/validation` without `value` (expected `400`)
-- `db-prisma` (when installed): `POST /api/health/db` (creates probe user and returns it, expected `201`)
-
-## Rules For Future Modules
-
-- Probe path should be explicit and feature-scoped (`/api/health/<feature>`).
-- Probe must be deterministic and documented (expected status + payload shape).
-- If probe writes data, it must use clearly marked probe/test records.
-- Probe should not require hidden setup beyond documented env/dependencies.
-- `create-forgeon add <module>` must wire both API probe and web probe UI when feasible.
-- Web probes should be appended to the existing probe UI structure in `apps/web/src/App.tsx`:
-  - add new action button at the end of `<div className="actions">`
-  - add new result block before the `networkError` render block

package/templates/base/docs/AI/MODULE_SPEC.md

@@ -1,77 +0,0 @@
-# MODULE SPEC
-
-## Goal
-
-Define one repeatable fullstack pattern for Forgeon add-modules.
-
-Most feature modules should be split into:
-
-1. `@forgeon/<feature>-contracts`
-2. `@forgeon/<feature>-api`
-3. `@forgeon/<feature>-web`
-
-Exception:
-
-- backend-only infrastructure or security modules may use a single runtime package (`@forgeon/<feature>`) when shared contracts and a dedicated web package add no real value.
-
-## 1) Contracts Package
-
-Single source of truth shared by backend and frontend.
-
-Must contain:
-
-- DTO/request/response types
-- route constants (`API.<feature>.*`)
-- error codes (`<FEATURE>_*`)
-- shared constants (header/cookie names)
-- package entrypoint exports only (`@forgeon/<feature>-contracts`)
-
-Should contain:
-
-- zod schemas + inferred TS types
-
-Build/runtime rules:
-
-- ESM-first package (`"type": "module"`, `module: "ESNext"`)
-- extends `tsconfig.base.esm.json`
-- no NestJS or browser-only runtime dependencies
-- no imports from sibling package `/src/*` paths
-
-## 2) API Package
-
-NestJS module integrating contracts into backend runtime.
-
-Must contain:
-
-- module/service/controller
-- guards/strategies (if auth/security related)
-- config keys
-- minimal e2e test path
-- integration with `@forgeon/core` errors/logging
-
-## 3) Web Package
-
-React integration layer for the same feature.
-
-Must contain:
-
-- provider/hooks/store
-- route guard (if feature requires auth/access)
-- API client helpers using contracts route constants/types
-- token/header/cookie wiring where relevant
-
-## Acceptance Criteria
-
-- No duplicate route strings across api/web.
-- No duplicate error-code enums across api/web.
-- Contracts package can be imported from both sides without circular dependencies.
-- Contracts package exports are stable from `dist/index` entrypoint.
-- Module has docs under `docs/AI/MODULES/<module-id>.md`.
-- Module docs must explain: why it exists, what it adds, how it works, how to use it, how to configure it, and current operational limits.
-- If module behavior can be runtime-checked, it also includes API+Web probe hooks (see `docs/AI/MODULE_CHECKS.md`).
-- If i18n is enabled, module-specific namespaces must be created and wired for both API and web.
-- If module is added before i18n, namespace templates must still be prepared and applied when i18n is installed later.
-- Module integration with other modules must be represented as idempotent sync rules and runnable via `pnpm forgeon:sync-integrations`.
-- `create-forgeon add <module-id>` does not auto-apply pair integrations.
-- Pair integrations are applied explicitly via `pnpm forgeon:sync-integrations`.
-- Modules must not assume `db-prisma` is present unless they explicitly require it; DB integrations should be optional and synced when DB is added later.

package/templates/base/docs/AI/PROJECT.md

@@ -1,43 +0,0 @@
-# PROJECT
-
-## What This Repository Is
-
-A canonical fullstack monorepo scaffold intended to be reused as a project starter.
-
-## Structure
-
-- `apps/api` - NestJS backend
-- `apps/web` - React frontend (fixed stack)
-- `packages/core` - shared backend core package (`core-config`, `core-errors`, `core-validation`)
-- `packages/db-prisma` - reusable Prisma/Postgres module (`DbPrismaModule`, `PrismaService`, config)
-- `packages/i18n` - reusable nestjs-i18n integration package
-- `infra` - Docker Compose + proxy preset (`caddy|nginx|none`)
-- `resources/i18n` - translation dictionaries
-- `docs` - documentation, AI prompts, and module contracts
-
-## Run Modes
-
-### Dev mode
-
-```bash
-pnpm install
-pnpm dev
-```
-
-### Docker mode
-
-```bash
-docker compose --env-file infra/docker/.env.example -f infra/docker/compose.yml up --build
-```
-
-The API uses Prisma and expects `DATABASE_URL` from env.
-
-If proxy preset is `none`, API is directly available on `localhost:3000`.
-
-## Error Handling
-
-`core-errors` is enabled by default.
-
-- `CoreErrorsModule` is imported in `apps/api/src/app.module.ts`.
-- `CoreExceptionFilter` is registered globally in `apps/api/src/main.ts`.
-- Throw standard Nest exceptions from controllers/services; the filter converts them to a stable envelope.

package/templates/base/docs/AI/ROADMAP.md

@@ -1,171 +0,0 @@
-# ROADMAP
-
-This is a living plan. Scope and priorities may change.
-
-## Current Foundation (Implemented)
-
-- [x] Canonical scaffold: NestJS API + React web + Docker (+ default-on `db-prisma` module)
-- [x] Proxy preset selection: `caddy | nginx | none`
-- [x] `@forgeon/core`:
-  - [x] `core-config` (typed env config + validation)
-  - [x] `core-errors` (global envelope + exception filter)
-  - [x] `core-validation` (global validation pipe)
-- [x] `@forgeon/db-prisma` as default-applied DB module
-- [x] i18n add-module baseline:
-  - [x] `@forgeon/i18n`, `@forgeon/i18n-contracts`, `@forgeon/i18n-web`
-  - [x] shared dictionaries in `resources/i18n/*`
-  - [x] tooling: `i18n:sync`, `i18n:check`, `i18n:types`, `i18n:add`
-- [x] module diagnostics probes pattern (`/api/health/*` + web test buttons)
-
-## Standards (Accepted)
-
-- [x] `*-contracts` and `*-web` packages are ESM-first
-- [x] API runtime modules use Node-oriented TS config
-- [x] no cross-package imports via `/src/*`; only package entrypoints
-
-## Updated Priority Backlog
-
-### P0 (Immediate Must-Have)
-
-- [ ] `logger`
-  - [ ] canonical logger module
-  - [ ] requestId / correlationId propagation
-  - [ ] structured log conventions
-
-- [ ] `openapi / swagger`
-  - [ ] env toggle: `SWAGGER_ENABLED`
-  - [ ] standard setup
-  - [ ] bearer integration hook for jwt-auth
-  - [ ] `/docs` route
-
-- [ ] `jwt-auth`
-  - [ ] module split: contracts/api/web
-  - [ ] access + refresh baseline
-  - [ ] guards/strategy integration
-
-- [ ] `rbac / permissions`
-  - [ ] decorators: `@Roles()`, `@Permissions()`
-  - [ ] guard + policy helper
-  - [ ] contracts: `Role`, `Permission`
-  - [ ] integration with jwt-auth claims
-
-- [ ] `redis/queue foundation`
-  - [ ] base Redis config/service
-  - [ ] queue baseline (BullMQ or equivalent)
-  - [ ] retry and dead-letter conventions
-
-- [ ] `rate-limit`
-  - [ ] Nest Throttler add-module
-  - [ ] policies: route / user / ip
-  - [ ] error code: `TOO_MANY_REQUESTS`
-  - [ ] reverse-proxy-aware mode (`trust proxy`)
-
-- [ ] `files` (upload + storage)
-  - [ ] upload endpoints + DTO + guards
-  - [ ] storage presets: local + S3-compatible (MinIO/R2)
-  - [ ] MIME/size validation
-  - [ ] optional image processing subpackage (`sharp`)
-  - [ ] error codes: `UPLOAD_INVALID_TYPE`, `UPLOAD_TOO_LARGE`, `UPLOAD_QUOTA`
-
-### P1 (Strongly Recommended)
-
-- [ ] `testing baseline`
-  - [ ] unit + e2e presets
-  - [ ] test helpers for add-modules
-  - [ ] smoke test template for generated project
-
-- [ ] `CI quality gates`
-  - [ ] `typecheck`, `lint`, `test`, docker build smoke
-  - [ ] release gate checklist
-
-- [ ] `cache` (Redis)
-  - [ ] CacheModule preset
-  - [ ] key naming conventions
-  - [ ] shared wrapper/service
-
-- [ ] `scheduler`
-  - [ ] `@nestjs/schedule` integration
-  - [ ] task template
-  - [ ] optional distributed lock (Redis)
-
-- [ ] `mail`
-  - [ ] at least one provider preset (SMTP/Resend/SendGrid)
-  - [ ] templates: verify email, reset password
-  - [ ] optional outbox with queue
-
-- [ ] workspace `eslint/prettier` config package
-
-### P2 (Later)
-
-- [ ] frontend `http-client` module
-- [ ] frontend UI kit package
-  - [ ] migrate reusable parts from `eso-dt` (when available)
-  - [ ] extend missing primitives
-- [ ] `realtime` (ws)
-  - [ ] gateway baseline
-  - [ ] jwt auth for ws
-  - [ ] rooms + basic events
-- [ ] `webhooks` module (subject to scope validation)
-  - [ ] signed inbound verify (HMAC)
-  - [ ] signed outbound sender
-  - [ ] replay protection (timestamp/nonce)
-
-## Execution Plan (3 Sprints)
-
-### Sprint 1: Platform Baseline and Security Start
-
-Scope:
-- `logger`
-- `openapi/swagger`
-- `jwt-auth`
-- `testing baseline`
-- `CI quality gates`
-
-Definition of Done:
-- add-modules install cleanly via `create-forgeon add <module>`
-- local dev (`pnpm dev`) and docker build both pass on fresh generated project
-- each module has probe endpoint and web probe UI hook when applicable
-- docs updated in both root and template docs
-
-### Sprint 2: Authorization and Traffic Control
-
-Scope:
-- `rbac/permissions`
-- `redis/queue foundation`
-- `rate-limit`
-- `files`
-- `cache`
-
-Definition of Done:
-- claims/roles/permissions flow validated end-to-end (api + web contracts)
-- rate-limit and files include standardized error codes and envelope mapping
-- Redis-backed modules run in docker profile with documented env keys
-- at least one e2e happy-path per module
-
-### Sprint 3: Async Integrations and Frontend Foundation
-
-Scope:
-- `scheduler`
-- `mail`
-- workspace `eslint/prettier` config package
-- frontend `http-client`
-
-Definition of Done:
-- queue/scheduler/mail basic scenarios work in local + docker
-- frontend http-client consumes api contracts with typed errors
-- lint/typecheck/test/build pass through CI gate preset
-- docs include migration notes and extension points
-
-## Explicit Dependencies and Order Constraints
-
-- `rbac` depends on `jwt-auth`
-- `rate-limit` should follow Redis/queue foundation for scalable mode
-- `mail` should reuse queue foundation where possible
-- `openapi` is most useful before/with `jwt-auth` and `http-client`
-- `realtime` and `webhooks` stay post-MVP unless a concrete use-case appears
-
-## i18n Policy For Add-Modules
-
-- [ ] each add-module that introduces user-facing text defines its own namespace templates
-- [ ] if i18n is already enabled, namespace files are added during module installation
-- [ ] if module is installed first and i18n later, namespaces are merged during i18n installation

package/templates/base/docs/AI/TASKS.md

@@ -1,60 +0,0 @@
-# TASKS
-
-## Feature Discovery Matrix
-
-```text
-Scan this monorepo and build a backend feature matrix by app/package.
-Use only evidence from code and dependencies.
-Output:
-1) taxonomy by category
-2) feature comparison table
-3) common core
-4) unique features
-5) architectural inconsistencies
-Include file references for every feature.
-```
-
-## Add Module Package
-
-```text
-Create a new reusable package under packages/ for <feature-name>.
-Requirements:
-- minimal API
-- NestJS-compatible module
-- docs in package README
-- wire into apps/api conditionally via env flag
-- keep backward compatibility
-```
-
-## Refactor Core
-
-```text
-Move shared backend logic from apps/api into packages/core.
-Do not change behavior.
-Update imports, package dependencies, and docs.
-Run build checks and show changed files.
-```
-
-## Generate Preset
-
-```text
-Create or update create-forgeon preset flow:
-- keep canonical stack fixed: NestJS + React + Prisma/Postgres + Docker
-- allow only runtime proxy choice: caddy/nginx/none
-- update generated docs fragments
-- update docs/AI/ARCHITECTURE.md and docs/AI/MODULE_SPEC.md when scope changes
-```
-
-## Add Fullstack Module
-
-```text
-Implement `create-forgeon add <module-id>` for a fullstack feature.
-Requirements:
-- split module into contracts/api/web packages
-- contracts is source of truth for routes, DTOs, errors
-- if feasible, add module probe hooks in API (`/api/health/*`) and web diagnostics UI
-- if i18n is enabled, add module namespace files and wire them for both API and web
-- add docs note under docs/AI/MODULES/<module-id>.md
-- keep backward compatibility
-```
-

package/templates/base/docs/AI/VALIDATION.md

@@ -1,31 +0,0 @@
-# VALIDATION
-
-## Backend DTO Validation Standard
-
-- Use `class-validator` decorators on DTO classes.
-- Global validation is centralized in `@forgeon/core` via `createValidationPipe()`.
-- Current defaults:
-  - `whitelist: true`
-  - `transform: true`
-  - `validationError.target: false`
-  - `validationError.value: false`
-- Keep DTO validation messages stable and explicit.
-- For required values, use a consistent key or message pattern.
-
-## Config Validation Standard
-
-- Use Zod for env/config validation.
-- Core env is validated by `@forgeon/core` (`core-config`).
-- Each add-module validates only its own env keys with its own Zod schema.
-- Avoid one global env schema for all modules; keep schemas modular.
-
-## Error Details for Validation
-
-- Error envelope stays consistent:
-  - `error.code`
-  - `error.message`
-  - `error.status`
-  - optional `error.details`
-- Validation details should be structured (not `any`).
-- `core-validation` formats validation details as:
-  - `{ field?: string, message: string }[]`