Skip to main content

auths_cli/errors/
registry.rs

1//! Error code registry — **generated** by `cargo xtask gen-error-docs`.
2//!
3//! Do not edit manually. Re-run the generator after changing any `AuthsErrorInfo` impl:
4//! ```sh
5//! cargo xtask gen-error-docs
6//! ```
7//!
8//! ## Range Allocation
9//!
10//! | Range   | Crate            | Layer |
11//! |---------|------------------|-------|
12//! | E0xxx   | Reserved/meta    | -     |
13//! | E1xxx   | auths-crypto     | 0     |
14//! | E2xxx   | auths-verifier   | 1     |
15//! | E3xxx   | auths-core       | 2     |
16//! | E4xxx   | auths-id         | 3     |
17//! | E5xxx   | auths-sdk        | 3-4   |
18//! | E6xxx   | auths-cli        | 6     |
19
20/// Returns the explanation markdown for a given error code, or `None` if unknown.
21///
22/// Args:
23/// * `code`: An error code string like `"AUTHS-E3001"`.
24pub fn explain(code: &str) -> Option<&'static str> {
25    match code {
26        // --- auths-crypto (CryptoError) ---
27        "AUTHS-E1001" => Some(
28            "# AUTHS-E1001\n\n**Crate:** `auths-crypto`  \n**Type:** `CryptoError::InvalidSignature`\n\n## Message\n\nInvalid signature\n\n## Suggestion\n\nThe signature does not match the data or public key\n",
29        ),
30        "AUTHS-E1003" => Some(
31            "# AUTHS-E1003\n\n**Crate:** `auths-crypto`  \n**Type:** `CryptoError::InvalidPrivateKey`\n\n## Message\n\nInvalid private key: {0}\n",
32        ),
33        "AUTHS-E1004" => Some(
34            "# AUTHS-E1004\n\n**Crate:** `auths-crypto`  \n**Type:** `CryptoError::OperationFailed`\n\n## Message\n\nCrypto operation failed: {0}\n",
35        ),
36        "AUTHS-E1005" => Some(
37            "# AUTHS-E1005\n\n**Crate:** `auths-crypto`  \n**Type:** `CryptoError::UnsupportedTarget`\n\n## Message\n\nOperation not supported on current compilation target\n",
38        ),
39
40        // --- auths-crypto (DidKeyError) ---
41        "AUTHS-E1101" => Some(
42            "# AUTHS-E1101\n\n**Crate:** `auths-crypto`  \n**Type:** `DidKeyError::InvalidPrefix`\n\n## Message\n\nDID must start with 'did:key:z', got: {0}\n\n## Suggestion\n\nDID must start with 'did:key:z'\n",
43        ),
44        "AUTHS-E1102" => Some(
45            "# AUTHS-E1102\n\n**Crate:** `auths-crypto`  \n**Type:** `DidKeyError::Base58DecodeFailed`\n\n## Message\n\nBase58 decoding failed: {0}\n",
46        ),
47        "AUTHS-E1103" => Some(
48            "# AUTHS-E1103\n\n**Crate:** `auths-crypto`  \n**Type:** `DidKeyError::UnsupportedMulticodec`\n\n## Message\n\nUnsupported or malformed multicodec: expected Ed25519 [0xED, 0x01] or P-256 [0x80, 0x24]\n\n## Suggestion\n\nUse a `did:key:` with a supported multicodec prefix (Ed25519: `z6Mk…`, P-256: `zDna…`)\n",
49        ),
50        "AUTHS-E1104" => Some(
51            "# AUTHS-E1104\n\n**Crate:** `auths-crypto`  \n**Type:** `DidKeyError::InvalidKeyLength`\n\n## Message\n\nInvalid public key length: expected 32 bytes (Ed25519) or 33 bytes (P-256 compressed SEC1), got {0}\n",
52        ),
53
54        // --- auths-crypto (KeriDecodeError) ---
55        "AUTHS-E1201" => Some(
56            "# AUTHS-E1201\n\n**Crate:** `auths-crypto`  \n**Type:** `KeriDecodeError::InvalidPrefix`\n\n## Message\n\nUnsupported KERI key prefix: got '{0}', expected 'D' (Ed25519) or '1AAI' (P-256)\n\n## Suggestion\n\nKERI verkeys use CESR derivation codes: `D` for Ed25519 (32 bytes) or `1AAI` for P-256 compressed SEC1 (33 bytes). `1AAJ` is the spec's P-256 *signature* code; do not use as a verkey.\n",
57        ),
58        "AUTHS-E1202" => Some(
59            "# AUTHS-E1202\n\n**Crate:** `auths-crypto`  \n**Type:** `KeriDecodeError::EmptyInput`\n\n## Message\n\nMissing KERI prefix: empty string\n\n## Suggestion\n\nProvide a non-empty KERI-encoded key string\n",
60        ),
61        "AUTHS-E1203" => Some(
62            "# AUTHS-E1203\n\n**Crate:** `auths-crypto`  \n**Type:** `KeriDecodeError::DecodeError`\n\n## Message\n\nBase64url decode failed: {0}\n",
63        ),
64        "AUTHS-E1204" => Some(
65            "# AUTHS-E1204\n\n**Crate:** `auths-crypto`  \n**Type:** `KeriDecodeError::InvalidLength`\n\n## Message\n\nInvalid KERI verkey length: expected 32 bytes (Ed25519, `D` prefix) or 33 bytes (P-256 compressed SEC1, `1AAI` prefix), got {0}\n",
66        ),
67
68        // --- auths-crypto (SshKeyError) ---
69        "AUTHS-E1301" => Some(
70            "# AUTHS-E1301\n\n**Crate:** `auths-crypto`  \n**Type:** `SshKeyError::InvalidFormat`\n\n## Message\n\nMalformed or invalid OpenSSH public key: {0}\n\n## Suggestion\n\nCheck that the public key is a valid OpenSSH format\n",
71        ),
72        "AUTHS-E1302" => Some(
73            "# AUTHS-E1302\n\n**Crate:** `auths-crypto`  \n**Type:** `SshKeyError::UnsupportedKeyType`\n\n## Message\n\nUnsupported key type: expected ssh-ed25519\n\n## Suggestion\n\nOnly ssh-ed25519 keys are supported\n",
74        ),
75
76        // --- auths-verifier (AttestationError) ---
77        "AUTHS-E2001" => Some(
78            "# AUTHS-E2001\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::IssuerSignatureFailed`\n\n## Message\n\nIssuer signature verification failed: {0}\n",
79        ),
80        "AUTHS-E2002" => Some(
81            "# AUTHS-E2002\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::DeviceSignatureFailed`\n\n## Message\n\nDevice signature verification failed: {0}\n\n## Suggestion\n\nVerify the device key matches the attestation\n",
82        ),
83        "AUTHS-E2003" => Some(
84            "# AUTHS-E2003\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::AttestationExpired`\n\n## Message\n\nAttestation expired on {at}\n\n## Suggestion\n\nRequest a new attestation from the issuer\n",
85        ),
86        "AUTHS-E2004" => Some(
87            "# AUTHS-E2004\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::AttestationRevoked`\n\n## Message\n\nAttestation revoked\n",
88        ),
89        "AUTHS-E2005" => Some(
90            "# AUTHS-E2005\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::TimestampInFuture`\n\n## Message\n\nAttestation timestamp {at} is in the future\n\n## Suggestion\n\nCheck system clock synchronization\n",
91        ),
92        "AUTHS-E2006" => Some(
93            "# AUTHS-E2006\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::MissingCapability`\n\n## Message\n\nMissing required capability: required {required:?}, available {available:?}\n",
94        ),
95        "AUTHS-E2007" => Some(
96            "# AUTHS-E2007\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::SigningError`\n\n## Message\n\nSigning failed: {0}\n",
97        ),
98        "AUTHS-E2008" => Some(
99            "# AUTHS-E2008\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::DidResolutionError`\n\n## Message\n\nDID resolution failed: {0}\n\n## Suggestion\n\nCheck that the DID is valid and resolvable\n",
100        ),
101        "AUTHS-E2009" => Some(
102            "# AUTHS-E2009\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::SerializationError`\n\n## Message\n\nSerialization error: {0}\n",
103        ),
104        "AUTHS-E2010" => Some(
105            "# AUTHS-E2010\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::InputTooLarge`\n\n## Message\n\nInput too large: {0}\n",
106        ),
107        "AUTHS-E2011" => Some(
108            "# AUTHS-E2011\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::InvalidInput`\n\n## Message\n\nInvalid input: {0}\n",
109        ),
110        "AUTHS-E2012" => Some(
111            "# AUTHS-E2012\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::CryptoError`\n\n## Message\n\nCrypto error: {0}\n",
112        ),
113        "AUTHS-E2013" => Some(
114            "# AUTHS-E2013\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::InternalError`\n\n## Message\n\nInternal error: {0}\n",
115        ),
116        "AUTHS-E2014" => Some(
117            "# AUTHS-E2014\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::OrgVerificationFailed`\n\n## Message\n\nOrganizational Attestation verification failed: {0}\n",
118        ),
119        "AUTHS-E2015" => Some(
120            "# AUTHS-E2015\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::OrgAttestationExpired`\n\n## Message\n\nOrganizational Attestation expired\n",
121        ),
122        "AUTHS-E2016" => Some(
123            "# AUTHS-E2016\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::OrgDidResolutionFailed`\n\n## Message\n\nOrganizational DID resolution failed: {0}\n",
124        ),
125        "AUTHS-E2017" => Some(
126            "# AUTHS-E2017\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::BundleExpired`\n\n## Message\n\nBundle is {age_secs}s old (max {max_secs}s). Refresh with: auths id export-bundle\n",
127        ),
128        "AUTHS-E2018" => Some(
129            "# AUTHS-E2018\n\n**Crate:** `auths-verifier`  \n**Type:** `AttestationError::AttestationTooOld`\n\n## Message\n\nAttestation is {age_secs}s old (max {max_secs}s)\n",
130        ),
131
132        // --- auths-verifier (CommitVerificationError) ---
133        "AUTHS-E2101" => Some(
134            "# AUTHS-E2101\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::UnsignedCommit`\n\n## Message\n\ncommit is unsigned\n\n## Suggestion\n\nSign commits with: git commit -S\n",
135        ),
136        "AUTHS-E2102" => Some(
137            "# AUTHS-E2102\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::GpgNotSupported`\n\n## Message\n\nGPG signatures not supported, use SSH signing\n\n## Suggestion\n\nConfigure SSH signing: git config gpg.format ssh\n",
138        ),
139        "AUTHS-E2103" => Some(
140            "# AUTHS-E2103\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::SshSigParseFailed`\n\n## Message\n\nSSHSIG parse failed: {0}\n",
141        ),
142        "AUTHS-E2104" => Some(
143            "# AUTHS-E2104\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::UnsupportedKeyType`\n\n## Message\n\nunsupported SSH key type: {found}\n\n## Suggestion\n\nUse `ssh-ed25519` (Ed25519) or `ecdsa-sha2-nistp256` (P-256, RFC 5656) for signing\n",
144        ),
145        "AUTHS-E2105" => Some(
146            "# AUTHS-E2105\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::NamespaceMismatch`\n\n## Message\n\nnamespace mismatch: expected \\\"{expected}\\\", found \\\"{found}\\\"\n",
147        ),
148        "AUTHS-E2106" => Some(
149            "# AUTHS-E2106\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::HashAlgorithmUnsupported`\n\n## Message\n\nunsupported hash algorithm: {0}\n",
150        ),
151        "AUTHS-E2107" => Some(
152            "# AUTHS-E2107\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::SignatureInvalid`\n\n## Message\n\nsignature verification failed\n",
153        ),
154        "AUTHS-E2108" => Some(
155            "# AUTHS-E2108\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::UnknownSigner`\n\n## Message\n\nsigner key not in allowed keys\n\n## Suggestion\n\nAdd the signer's key to the allowed signers list\n",
156        ),
157        "AUTHS-E2109" => Some(
158            "# AUTHS-E2109\n\n**Crate:** `auths-verifier`  \n**Type:** `CommitVerificationError::CommitParseFailed`\n\n## Message\n\ncommit parse failed: {0}\n",
159        ),
160
161        // --- auths-core (AgentError) ---
162        "AUTHS-E3001" => Some(
163            "# AUTHS-E3001\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::KeyNotFound`\n\n## Message\n\nKey not found\n\n## Suggestion\n\nRun `auths key list` to see available keys\n",
164        ),
165        "AUTHS-E3002" => Some(
166            "# AUTHS-E3002\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::IncorrectPassphrase`\n\n## Message\n\nIncorrect passphrase\n",
167        ),
168        "AUTHS-E3003" => Some(
169            "# AUTHS-E3003\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::MissingPassphrase`\n\n## Message\n\nMissing Passphrase\n",
170        ),
171        "AUTHS-E3004" => Some(
172            "# AUTHS-E3004\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::SecurityError`\n\n## Message\n\nSecurity error: {0}\n",
173        ),
174        "AUTHS-E3005" => Some(
175            "# AUTHS-E3005\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::CryptoError`\n\n## Message\n\nCrypto error: {0}\n",
176        ),
177        "AUTHS-E3006" => Some(
178            "# AUTHS-E3006\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::KeyDeserializationError`\n\n## Message\n\nKey deserialization error: {0}\n",
179        ),
180        "AUTHS-E3007" => Some(
181            "# AUTHS-E3007\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::SigningFailed`\n\n## Message\n\nSigning failed: {0}\n",
182        ),
183        "AUTHS-E3008" => Some(
184            "# AUTHS-E3008\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::Proto`\n\n## Message\n\nProtocol error: {0}\n",
185        ),
186        "AUTHS-E3009" => Some(
187            "# AUTHS-E3009\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::IO`\n\n## Message\n\nIO error: {0}\n\n## Suggestion\n\nCheck file permissions and that the filesystem is not read-only\n",
188        ),
189        "AUTHS-E3010" => Some(
190            "# AUTHS-E3010\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::GitError`\n\n## Message\n\ngit error: {0}\n\n## Suggestion\n\nEnsure you're in a Git repository\n",
191        ),
192        "AUTHS-E3011" => Some(
193            "# AUTHS-E3011\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::InvalidInput`\n\n## Message\n\nInvalid input: {0}\n\n## Suggestion\n\nCheck the command arguments and try again\n",
194        ),
195        "AUTHS-E3012" => Some(
196            "# AUTHS-E3012\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::MutexError`\n\n## Message\n\nMutex lock poisoned: {0}\n\n## Suggestion\n\nA concurrency error occurred; restart the operation\n",
197        ),
198        "AUTHS-E3013" => Some(
199            "# AUTHS-E3013\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::StorageError`\n\n## Message\n\nStorage error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n",
200        ),
201        "AUTHS-E3014" => Some(
202            "# AUTHS-E3014\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::UserInputCancelled`\n\n## Message\n\nUser input cancelled\n",
203        ),
204        "AUTHS-E3015" => Some(
205            "# AUTHS-E3015\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::BackendUnavailable`\n\n## Message\n\nKeychain backend unavailable: {backend} - {reason}\n",
206        ),
207        "AUTHS-E3016" => Some(
208            "# AUTHS-E3016\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::StorageLocked`\n\n## Message\n\nStorage is locked, authentication required\n\n## Suggestion\n\nAuthenticate with your platform keychain\n",
209        ),
210        "AUTHS-E3017" => Some(
211            "# AUTHS-E3017\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::BackendInitFailed`\n\n## Message\n\nFailed to initialize keychain backend: {backend} - {error}\n",
212        ),
213        "AUTHS-E3018" => Some(
214            "# AUTHS-E3018\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::CredentialTooLarge`\n\n## Message\n\nCredential too large for backend (max {max_bytes} bytes, got {actual_bytes})\n",
215        ),
216        "AUTHS-E3019" => Some(
217            "# AUTHS-E3019\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::AgentLocked`\n\n## Message\n\nAgent is locked. Unlock with 'auths agent unlock' or restart the agent.\n",
218        ),
219        "AUTHS-E3020" => Some(
220            "# AUTHS-E3020\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::WeakPassphrase`\n\n## Message\n\nPassphrase too weak: {0}\n",
221        ),
222        "AUTHS-E3021" => Some(
223            "# AUTHS-E3021\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::HsmPinLocked`\n\n## Message\n\nHSM PIN is locked — reset required\n\n## Suggestion\n\nReset the HSM PIN using your HSM vendor's admin tools\n",
224        ),
225        "AUTHS-E3022" => Some(
226            "# AUTHS-E3022\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::HsmDeviceRemoved`\n\n## Message\n\nHSM device removed\n\n## Suggestion\n\nReconnect the HSM device and try again\n",
227        ),
228        "AUTHS-E3023" => Some(
229            "# AUTHS-E3023\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::HsmSessionExpired`\n\n## Message\n\nHSM session expired\n\n## Suggestion\n\nRetry the operation — a new session will be opened\n",
230        ),
231        "AUTHS-E3024" => Some(
232            "# AUTHS-E3024\n\n**Crate:** `auths-core`  \n**Type:** `AgentError::HsmUnsupportedMechanism`\n\n## Message\n\nHSM does not support mechanism: {0}\n",
233        ),
234
235        // --- auths-core (TrustError) ---
236        "AUTHS-E3101" => Some(
237            "# AUTHS-E3101\n\n**Crate:** `auths-core`  \n**Type:** `TrustError::Io`\n\n## Message\n\nI/O error: {0}\n\n## Suggestion\n\nCheck disk space and file permissions\n",
238        ),
239        "AUTHS-E3102" => Some(
240            "# AUTHS-E3102\n\n**Crate:** `auths-core`  \n**Type:** `TrustError::InvalidData`\n\n## Message\n\n{0}\n",
241        ),
242        "AUTHS-E3103" => Some(
243            "# AUTHS-E3103\n\n**Crate:** `auths-core`  \n**Type:** `TrustError::NotFound`\n\n## Message\n\nnot found: {0}\n\n## Suggestion\n\nRun `auths trust list` to see pinned identities\n",
244        ),
245        "AUTHS-E3104" => Some(
246            "# AUTHS-E3104\n\n**Crate:** `auths-core`  \n**Type:** `TrustError::Serialization`\n\n## Message\n\nserialization error: {0}\n",
247        ),
248        "AUTHS-E3105" => Some(
249            "# AUTHS-E3105\n\n**Crate:** `auths-core`  \n**Type:** `TrustError::AlreadyExists`\n\n## Message\n\nalready exists: {0}\n\n## Suggestion\n\nRun `auths trust list` to see existing entries\n",
250        ),
251        "AUTHS-E3106" => Some(
252            "# AUTHS-E3106\n\n**Crate:** `auths-core`  \n**Type:** `TrustError::Lock`\n\n## Message\n\nlock acquisition failed: {0}\n\n## Suggestion\n\nCheck file permissions and try again\n",
253        ),
254        "AUTHS-E3107" => Some(
255            "# AUTHS-E3107\n\n**Crate:** `auths-core`  \n**Type:** `TrustError::PolicyRejected`\n\n## Message\n\npolicy rejected: {0}\n\n## Suggestion\n\nRun `auths trust pin` to pin this identity\n",
256        ),
257
258        // --- auths-core (PairingError) ---
259        "AUTHS-E3201" => Some(
260            "# AUTHS-E3201\n\n**Crate:** `auths-core`  \n**Type:** `PairingError::Protocol`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nEnsure both devices are running compatible auths versions\n",
261        ),
262        "AUTHS-E3202" => Some(
263            "# AUTHS-E3202\n\n**Crate:** `auths-core`  \n**Type:** `PairingError::QrCodeFailed`\n\n## Message\n\nQR code generation failed: {0}\n",
264        ),
265        "AUTHS-E3203" => Some(
266            "# AUTHS-E3203\n\n**Crate:** `auths-core`  \n**Type:** `PairingError::RelayError`\n\n## Message\n\nRelay error: {0}\n\n## Suggestion\n\nCheck your internet connection\n",
267        ),
268        "AUTHS-E3204" => Some(
269            "# AUTHS-E3204\n\n**Crate:** `auths-core`  \n**Type:** `PairingError::LocalServerError`\n\n## Message\n\nLocal server error: {0}\n",
270        ),
271        "AUTHS-E3205" => Some(
272            "# AUTHS-E3205\n\n**Crate:** `auths-core`  \n**Type:** `PairingError::MdnsError`\n\n## Message\n\nmDNS error: {0}\n",
273        ),
274        "AUTHS-E3206" => Some(
275            "# AUTHS-E3206\n\n**Crate:** `auths-core`  \n**Type:** `PairingError::NoPeerFound`\n\n## Message\n\nNo peer found on local network\n\n## Suggestion\n\nEnsure both devices are on the same network\n",
276        ),
277        "AUTHS-E3207" => Some(
278            "# AUTHS-E3207\n\n**Crate:** `auths-core`  \n**Type:** `PairingError::LanTimeout`\n\n## Message\n\nLAN pairing timed out\n\n## Suggestion\n\nCheck your network and try again\n",
279        ),
280
281        // --- auths-core (CryptoError) ---
282        "AUTHS-E3301" => Some(
283            "# AUTHS-E3301\n\n**Crate:** `auths-core`  \n**Type:** `CryptoError::SshKeyConstruction`\n\n## Message\n\nSSH key construction failed: {0}\n",
284        ),
285        "AUTHS-E3302" => Some(
286            "# AUTHS-E3302\n\n**Crate:** `auths-core`  \n**Type:** `CryptoError::SigningFailed`\n\n## Message\n\nsigning failed: {0}\n",
287        ),
288        "AUTHS-E3303" => Some(
289            "# AUTHS-E3303\n\n**Crate:** `auths-core`  \n**Type:** `CryptoError::PemEncoding`\n\n## Message\n\nPEM encoding failed: {0}\n",
290        ),
291        "AUTHS-E3304" => Some(
292            "# AUTHS-E3304\n\n**Crate:** `auths-core`  \n**Type:** `CryptoError::InvalidSeedLength`\n\n## Message\n\ninvalid seed length: expected 32, got {0}\n\n## Suggestion\n\nEnsure the seed is exactly 32 bytes\n",
293        ),
294        "AUTHS-E3305" => Some(
295            "# AUTHS-E3305\n\n**Crate:** `auths-core`  \n**Type:** `CryptoError::InvalidKeyFormat`\n\n## Message\n\ninvalid key format: {0}\n\n## Suggestion\n\nCheck that the key file is a valid PKCS#8 v1/v2 key (Ed25519 or P-256) or a raw 32-byte seed\n",
296        ),
297
298        // --- auths-core (WitnessError) ---
299        "AUTHS-E3401" => Some(
300            "# AUTHS-E3401\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::Network`\n\n## Message\n\nnetwork error: {0}\n\n## Suggestion\n\nCheck your internet connection\n",
301        ),
302        "AUTHS-E3402" => Some(
303            "# AUTHS-E3402\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::Duplicity`\n\n## Message\n\nduplicity detected: {0}\n",
304        ),
305        "AUTHS-E3403" => Some(
306            "# AUTHS-E3403\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::Rejected`\n\n## Message\n\nevent rejected: {reason}\n",
307        ),
308        "AUTHS-E3404" => Some(
309            "# AUTHS-E3404\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::Timeout`\n\n## Message\n\ntimeout after {0}ms\n\n## Suggestion\n\nCheck witness endpoint availability and retry\n",
310        ),
311        "AUTHS-E3405" => Some(
312            "# AUTHS-E3405\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::InvalidSignature`\n\n## Message\n\ninvalid receipt signature from witness {witness_id}\n",
313        ),
314        "AUTHS-E3406" => Some(
315            "# AUTHS-E3406\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::InsufficientReceipts`\n\n## Message\n\ninsufficient receipts: got {got}, need {required}\n\n## Suggestion\n\nEnsure enough witnesses are online\n",
316        ),
317        "AUTHS-E3407" => Some(
318            "# AUTHS-E3407\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::SaidMismatch`\n\n## Message\n\nreceipt SAID mismatch: expected {expected}, got {got}\n",
319        ),
320        "AUTHS-E3408" => Some(
321            "# AUTHS-E3408\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::Storage`\n\n## Message\n\nstorage error: {0}\n",
322        ),
323        "AUTHS-E3409" => Some(
324            "# AUTHS-E3409\n\n**Crate:** `auths-core`  \n**Type:** `WitnessError::Serialization`\n\n## Message\n\nserialization error: {0}\n",
325        ),
326
327        // --- auths-core (StorageError) ---
328        "AUTHS-E3501" => Some(
329            "# AUTHS-E3501\n\n**Crate:** `auths-core`  \n**Type:** `StorageError::NotFound`\n\n## Message\n\nnot found: {path}\n",
330        ),
331        "AUTHS-E3502" => Some(
332            "# AUTHS-E3502\n\n**Crate:** `auths-core`  \n**Type:** `StorageError::AlreadyExists`\n\n## Message\n\nalready exists: {path}\n",
333        ),
334        "AUTHS-E3503" => Some(
335            "# AUTHS-E3503\n\n**Crate:** `auths-core`  \n**Type:** `StorageError::CasConflict`\n\n## Message\n\ncompare-and-swap conflict\n",
336        ),
337        "AUTHS-E3504" => Some(
338            "# AUTHS-E3504\n\n**Crate:** `auths-core`  \n**Type:** `StorageError::Io`\n\n## Message\n\nstorage I/O error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n",
339        ),
340        "AUTHS-E3505" => Some(
341            "# AUTHS-E3505\n\n**Crate:** `auths-core`  \n**Type:** `StorageError::Internal`\n\n## Message\n\ninternal storage error: {0}\n",
342        ),
343
344        // --- auths-core (NetworkError) ---
345        "AUTHS-E3601" => Some(
346            "# AUTHS-E3601\n\n**Crate:** `auths-core`  \n**Type:** `NetworkError::Unreachable`\n\n## Message\n\nendpoint unreachable: {endpoint}\n\n## Suggestion\n\nCheck your internet connection\n",
347        ),
348        "AUTHS-E3602" => Some(
349            "# AUTHS-E3602\n\n**Crate:** `auths-core`  \n**Type:** `NetworkError::Timeout`\n\n## Message\n\nrequest timed out: {endpoint}\n\n## Suggestion\n\nThe server may be overloaded — retry later\n",
350        ),
351        "AUTHS-E3603" => Some(
352            "# AUTHS-E3603\n\n**Crate:** `auths-core`  \n**Type:** `NetworkError::NotFound`\n\n## Message\n\nresource not found: {resource}\n",
353        ),
354        "AUTHS-E3604" => Some(
355            "# AUTHS-E3604\n\n**Crate:** `auths-core`  \n**Type:** `NetworkError::Unauthorized`\n\n## Message\n\nunauthorized\n\n## Suggestion\n\nCheck your authentication credentials\n",
356        ),
357        "AUTHS-E3605" => Some(
358            "# AUTHS-E3605\n\n**Crate:** `auths-core`  \n**Type:** `NetworkError::InvalidResponse`\n\n## Message\n\ninvalid response: {detail}\n",
359        ),
360        "AUTHS-E3606" => Some(
361            "# AUTHS-E3606\n\n**Crate:** `auths-core`  \n**Type:** `NetworkError::Internal`\n\n## Message\n\ninternal network error: {0}\n",
362        ),
363
364        // --- auths-core (ResolutionError) ---
365        "AUTHS-E3701" => Some(
366            "# AUTHS-E3701\n\n**Crate:** `auths-core`  \n**Type:** `ResolutionError::DidNotFound`\n\n## Message\n\nDID not found: {did}\n\n## Suggestion\n\nVerify the DID is correct and the identity exists\n",
367        ),
368        "AUTHS-E3702" => Some(
369            "# AUTHS-E3702\n\n**Crate:** `auths-core`  \n**Type:** `ResolutionError::InvalidDid`\n\n## Message\n\ninvalid DID {did}: {reason}\n",
370        ),
371        "AUTHS-E3703" => Some(
372            "# AUTHS-E3703\n\n**Crate:** `auths-core`  \n**Type:** `ResolutionError::KeyRevoked`\n\n## Message\n\nkey revoked for DID: {did}\n",
373        ),
374        "AUTHS-E3704" => Some(
375            "# AUTHS-E3704\n\n**Crate:** `auths-core`  \n**Type:** `ResolutionError::Network`\n\n## Message\n\nnetwork error: {0}\n\n## Suggestion\n\nCheck your internet connection\n",
376        ),
377
378        // --- auths-core (PlatformError) ---
379        "AUTHS-E3801" => Some(
380            "# AUTHS-E3801\n\n**Crate:** `auths-core`  \n**Type:** `PlatformError::AuthorizationPending`\n\n## Message\n\nOAuth authorization pending\n",
381        ),
382        "AUTHS-E3802" => Some(
383            "# AUTHS-E3802\n\n**Crate:** `auths-core`  \n**Type:** `PlatformError::SlowDown`\n\n## Message\n\nOAuth slow down\n",
384        ),
385        "AUTHS-E3803" => Some(
386            "# AUTHS-E3803\n\n**Crate:** `auths-core`  \n**Type:** `PlatformError::AccessDenied`\n\n## Message\n\nOAuth access denied\n\n## Suggestion\n\nRe-run the command and approve the authorization request\n",
387        ),
388        "AUTHS-E3804" => Some(
389            "# AUTHS-E3804\n\n**Crate:** `auths-core`  \n**Type:** `PlatformError::ExpiredToken`\n\n## Message\n\ndevice code expired\n\n## Suggestion\n\nThe device code expired — restart the flow\n",
390        ),
391        "AUTHS-E3805" => Some(
392            "# AUTHS-E3805\n\n**Crate:** `auths-core`  \n**Type:** `PlatformError::Network`\n\n## Message\n\nnetwork error: {0}\n\n## Suggestion\n\nCheck your internet connection\n",
393        ),
394        "AUTHS-E3806" => Some(
395            "# AUTHS-E3806\n\n**Crate:** `auths-core`  \n**Type:** `PlatformError::Platform`\n\n## Message\n\nplatform error: {message}\n",
396        ),
397
398        // --- auths-core (SshAgentError) ---
399        "AUTHS-E3901" => Some(
400            "# AUTHS-E3901\n\n**Crate:** `auths-core`  \n**Type:** `SshAgentError::CommandFailed`\n\n## Message\n\nssh-add command failed: {0}\n",
401        ),
402        "AUTHS-E3902" => Some(
403            "# AUTHS-E3902\n\n**Crate:** `auths-core`  \n**Type:** `SshAgentError::NotAvailable`\n\n## Message\n\nSSH agent not available: {0}\n\n## Suggestion\n\nStart the SSH agent: eval $(ssh-agent -s)\n",
404        ),
405        "AUTHS-E3903" => Some(
406            "# AUTHS-E3903\n\n**Crate:** `auths-core`  \n**Type:** `SshAgentError::IoError`\n\n## Message\n\nI/O error: {0}\n\n## Suggestion\n\nCheck file permissions\n",
407        ),
408
409        // --- auths-core (ConfigStoreError) ---
410        "AUTHS-E3951" => Some(
411            "# AUTHS-E3951\n\n**Crate:** `auths-core`  \n**Type:** `ConfigStoreError::Read`\n\n## Message\n\nfailed to read config from {path}\n\n## Suggestion\n\nCheck that ~/.auths/config.toml exists and is readable\n",
412        ),
413        "AUTHS-E3952" => Some(
414            "# AUTHS-E3952\n\n**Crate:** `auths-core`  \n**Type:** `ConfigStoreError::Write`\n\n## Message\n\nfailed to write config to {path}\n\n## Suggestion\n\nCheck file permissions for ~/.auths/config.toml\n",
415        ),
416
417        // --- auths-core (NamespaceVerifyError) ---
418        "AUTHS-E3961" => Some(
419            "# AUTHS-E3961\n\n**Crate:** `auths-core`  \n**Type:** `NamespaceVerifyError::UnsupportedEcosystem`\n\n## Message\n\nunsupported ecosystem: {ecosystem}\n",
420        ),
421        "AUTHS-E3962" => Some(
422            "# AUTHS-E3962\n\n**Crate:** `auths-core`  \n**Type:** `NamespaceVerifyError::PackageNotFound`\n\n## Message\n\npackage '{package_name}' not found in {ecosystem}\n",
423        ),
424        "AUTHS-E3963" => Some(
425            "# AUTHS-E3963\n\n**Crate:** `auths-core`  \n**Type:** `NamespaceVerifyError::OwnershipNotConfirmed`\n\n## Message\n\nownership of '{package_name}' on {ecosystem} not confirmed for the given identity\n",
426        ),
427        "AUTHS-E3964" => Some(
428            "# AUTHS-E3964\n\n**Crate:** `auths-core`  \n**Type:** `NamespaceVerifyError::ChallengeExpired`\n\n## Message\n\nverification challenge expired\n\n## Suggestion\n\nStart a new verification challenge\n",
429        ),
430        "AUTHS-E3965" => Some(
431            "# AUTHS-E3965\n\n**Crate:** `auths-core`  \n**Type:** `NamespaceVerifyError::InvalidToken`\n\n## Message\n\ninvalid verification token: {reason}\n",
432        ),
433        "AUTHS-E3966" => Some(
434            "# AUTHS-E3966\n\n**Crate:** `auths-core`  \n**Type:** `NamespaceVerifyError::InvalidPackageName`\n\n## Message\n\ninvalid package name '{name}': {reason}\n",
435        ),
436        "AUTHS-E3967" => Some(
437            "# AUTHS-E3967\n\n**Crate:** `auths-core`  \n**Type:** `NamespaceVerifyError::NetworkError`\n\n## Message\n\nverification network error: {message}\n\n## Suggestion\n\nCheck your internet connection and try again\n",
438        ),
439        "AUTHS-E3968" => Some(
440            "# AUTHS-E3968\n\n**Crate:** `auths-core`  \n**Type:** `NamespaceVerifyError::RateLimited`\n\n## Message\n\nrate limited by {ecosystem} registry\n\n## Suggestion\n\nWait a moment and retry the verification\n",
441        ),
442
443        // --- auths-id (FreezeError) ---
444        "AUTHS-E4001" => Some(
445            "# AUTHS-E4001\n\n**Crate:** `auths-id`  \n**Type:** `FreezeError::Io`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nCheck file permissions and disk space\n",
446        ),
447        "AUTHS-E4002" => Some(
448            "# AUTHS-E4002\n\n**Crate:** `auths-id`  \n**Type:** `FreezeError::Deserialization`\n\n## Message\n\nfailed to parse freeze state: {0}\n",
449        ),
450        "AUTHS-E4003" => Some(
451            "# AUTHS-E4003\n\n**Crate:** `auths-id`  \n**Type:** `FreezeError::InvalidDuration`\n\n## Message\n\ninvalid duration format: {0}\n",
452        ),
453        "AUTHS-E4004" => Some(
454            "# AUTHS-E4004\n\n**Crate:** `auths-id`  \n**Type:** `FreezeError::ZeroDuration`\n\n## Message\n\nduration must be greater than zero\n\n## Suggestion\n\nSpecify a positive duration\n",
455        ),
456
457        // --- auths-id (StorageError) ---
458        "AUTHS-E4101" => Some(
459            "# AUTHS-E4101\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::Git`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nCheck that the Git repository is not corrupted\n",
460        ),
461        "AUTHS-E4102" => Some(
462            "# AUTHS-E4102\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::Serialization`\n\n## Message\n\nserialization error: {0}\n",
463        ),
464        "AUTHS-E4103" => Some(
465            "# AUTHS-E4103\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::Io`\n\n## Message\n\nI/O error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n",
466        ),
467        "AUTHS-E4104" => Some(
468            "# AUTHS-E4104\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::NotFound`\n\n## Message\n\nnot found: {0}\n\n## Suggestion\n\nVerify the identity or resource exists\n",
469        ),
470        "AUTHS-E4105" => Some(
471            "# AUTHS-E4105\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::InvalidData`\n\n## Message\n\n{0}\n\n## Suggestion\n\nThe stored data may be corrupted; try re-initializing\n",
472        ),
473        "AUTHS-E4106" => Some(
474            "# AUTHS-E4106\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::SchemaValidation`\n\n## Message\n\nschema validation failed: {0}\n\n## Suggestion\n\nEnsure data matches the expected schema version\n",
475        ),
476        "AUTHS-E4107" => Some(
477            "# AUTHS-E4107\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::Index`\n\n## Message\n\nindex error: {0}\n\n## Suggestion\n\nTry rebuilding the index\n",
478        ),
479
480        // --- auths-id (InitError) ---
481        "AUTHS-E4201" => Some(
482            "# AUTHS-E4201\n\n**Crate:** `auths-id`  \n**Type:** `InitError::Git`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nCheck that the Git repository is accessible\n",
483        ),
484        "AUTHS-E4202" => Some(
485            "# AUTHS-E4202\n\n**Crate:** `auths-id`  \n**Type:** `InitError::Keri`\n\n## Message\n\nKERI operation failed: {0}\n\n## Suggestion\n\nKERI event processing failed; check identity state\n",
486        ),
487        "AUTHS-E4203" => Some(
488            "# AUTHS-E4203\n\n**Crate:** `auths-id`  \n**Type:** `InitError::Key`\n\n## Message\n\nkey operation failed: {0}\n\n## Suggestion\n\nCheck keychain access and passphrase\n",
489        ),
490        "AUTHS-E4204" => Some(
491            "# AUTHS-E4204\n\n**Crate:** `auths-id`  \n**Type:** `InitError::InvalidData`\n\n## Message\n\n{0}\n",
492        ),
493        "AUTHS-E4205" => Some(
494            "# AUTHS-E4205\n\n**Crate:** `auths-id`  \n**Type:** `InitError::Storage`\n\n## Message\n\nstorage operation failed: {0}\n\n## Suggestion\n\nCheck storage backend connectivity\n",
495        ),
496        "AUTHS-E4206" => Some(
497            "# AUTHS-E4206\n\n**Crate:** `auths-id`  \n**Type:** `InitError::Registry`\n\n## Message\n\nregistry error: {0}\n\n## Suggestion\n\nCheck registry backend configuration\n",
498        ),
499        "AUTHS-E4207" => Some(
500            "# AUTHS-E4207\n\n**Crate:** `auths-id`  \n**Type:** `InitError::Crypto`\n\n## Message\n\ncrypto operation failed: {0}\n",
501        ),
502        "AUTHS-E4208" => Some(
503            "# AUTHS-E4208\n\n**Crate:** `auths-id`  \n**Type:** `InitError::Identity`\n\n## Message\n\nidentity error: {0}\n",
504        ),
505
506        // --- auths-id (AgentProvisioningError) ---
507        "AUTHS-E4301" => Some(
508            "# AUTHS-E4301\n\n**Crate:** `auths-id`  \n**Type:** `AgentProvisioningError::RepoCreation`\n\n## Message\n\nrepository creation failed: {0}\n\n## Suggestion\n\nCheck that the agent repo path is writable\n",
509        ),
510        "AUTHS-E4302" => Some(
511            "# AUTHS-E4302\n\n**Crate:** `auths-id`  \n**Type:** `AgentProvisioningError::IdentityCreation`\n\n## Message\n\nidentity creation failed: {0}\n",
512        ),
513        "AUTHS-E4303" => Some(
514            "# AUTHS-E4303\n\n**Crate:** `auths-id`  \n**Type:** `AgentProvisioningError::AttestationCreation`\n\n## Message\n\nattestation creation failed: {0}\n\n## Suggestion\n\nAttestation signing failed; verify key access\n",
515        ),
516        "AUTHS-E4304" => Some(
517            "# AUTHS-E4304\n\n**Crate:** `auths-id`  \n**Type:** `AgentProvisioningError::KeychainAccess`\n\n## Message\n\nkeychain access failed: {0}\n\n## Suggestion\n\nCheck keychain permissions and passphrase\n",
518        ),
519        "AUTHS-E4305" => Some(
520            "# AUTHS-E4305\n\n**Crate:** `auths-id`  \n**Type:** `AgentProvisioningError::ConfigWrite`\n\n## Message\n\nconfig write failed: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n",
521        ),
522
523        // --- auths-id (IdentityError) ---
524        "AUTHS-E4401" => Some(
525            "# AUTHS-E4401\n\n**Crate:** `auths-id`  \n**Type:** `IdentityError::Keri`\n\n## Message\n\nKERI error: {0}\n\n## Suggestion\n\nKERI operation failed; check identity state\n",
526        ),
527        "AUTHS-E4402" => Some(
528            "# AUTHS-E4402\n\n**Crate:** `auths-id`  \n**Type:** `IdentityError::Pkcs8EncodeError`\n\n## Message\n\nPKCS#8 encoding error: {0}\n",
529        ),
530        "AUTHS-E4403" => Some(
531            "# AUTHS-E4403\n\n**Crate:** `auths-id`  \n**Type:** `IdentityError::Pkcs8DecodeError`\n\n## Message\n\nPKCS#8 decoding error: {0}\n\n## Suggestion\n\nThe key may be in an unsupported format\n",
532        ),
533        "AUTHS-E4404" => Some(
534            "# AUTHS-E4404\n\n**Crate:** `auths-id`  \n**Type:** `IdentityError::EmptyPassphrase`\n\n## Message\n\nPassphrase required\n\n## Suggestion\n\nProvide a non-empty passphrase\n",
535        ),
536        "AUTHS-E4405" => Some(
537            "# AUTHS-E4405\n\n**Crate:** `auths-id`  \n**Type:** `IdentityError::InvalidKeyLength`\n\n## Message\n\nInvalid key length: expected 32 bytes (Ed25519) or 33 bytes (P-256 compressed SEC1), got {0}\n\n## Suggestion\n\nKey length must match the declared curve. See `docs/architecture/cryptography.md`.\n",
538        ),
539        "AUTHS-E4406" => Some(
540            "# AUTHS-E4406\n\n**Crate:** `auths-id`  \n**Type:** `IdentityError::KeyStorage`\n\n## Message\n\nKey storage error: {0}\n\n## Suggestion\n\nCheck keychain permissions\n",
541        ),
542        "AUTHS-E4407" => Some(
543            "# AUTHS-E4407\n\n**Crate:** `auths-id`  \n**Type:** `IdentityError::KeyRetrieval`\n\n## Message\n\nKey retrieval error: {0}\n\n## Suggestion\n\nCheck that the key alias exists in the keychain\n",
544        ),
545        "AUTHS-E4408" => Some(
546            "# AUTHS-E4408\n\n**Crate:** `auths-id`  \n**Type:** `IdentityError::RingError`\n\n## Message\n\nRing crypto error: {0}\n",
547        ),
548
549        // --- auths-id (StorageError) ---
550        "AUTHS-E4409" => Some(
551            "# AUTHS-E4409\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::NotFound`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nVerify the storage path exists and is initialized\n",
552        ),
553        "AUTHS-E4410" => Some(
554            "# AUTHS-E4410\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::CasConflict`\n\n## Message\n\n_(transparent — see inner error)_\n",
555        ),
556        "AUTHS-E4411" => Some(
557            "# AUTHS-E4411\n\n**Crate:** `auths-id`  \n**Type:** `StorageError::Io`\n\n## Message\n\n_(transparent — see inner error)_\n",
558        ),
559
560        // --- auths-id (ValidationError) ---
561        "AUTHS-E4501" => Some(
562            "# AUTHS-E4501\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::InvalidSaid`\n\n## Message\n\nInvalid SAID: expected {expected}, got {actual}\n",
563        ),
564        "AUTHS-E4502" => Some(
565            "# AUTHS-E4502\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::BrokenChain`\n\n## Message\n\nBroken chain: event {sequence} references {referenced}, but previous was {actual}\n",
566        ),
567        "AUTHS-E4503" => Some(
568            "# AUTHS-E4503\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::InvalidSequence`\n\n## Message\n\nInvalid sequence: expected {expected}, got {actual}\n",
569        ),
570        "AUTHS-E4504" => Some(
571            "# AUTHS-E4504\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::CommitmentMismatch`\n\n## Message\n\nPre-rotation commitment mismatch at sequence {sequence}\n",
572        ),
573        "AUTHS-E4505" => Some(
574            "# AUTHS-E4505\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::SignatureFailed`\n\n## Message\n\nSignature verification failed at sequence {sequence}\n",
575        ),
576        "AUTHS-E4506" => Some(
577            "# AUTHS-E4506\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::NotInception`\n\n## Message\n\nFirst event must be inception\n\n## Suggestion\n\nThe first event in a KEL must be an inception event\n",
578        ),
579        "AUTHS-E4507" => Some(
580            "# AUTHS-E4507\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::EmptyKel`\n\n## Message\n\nEmpty KEL\n\n## Suggestion\n\nNo events found; initialize the identity first\n",
581        ),
582        "AUTHS-E4508" => Some(
583            "# AUTHS-E4508\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::MultipleInceptions`\n\n## Message\n\nMultiple inception events in KEL\n\n## Suggestion\n\nA KEL must contain exactly one inception event\n",
584        ),
585        "AUTHS-E4509" => Some(
586            "# AUTHS-E4509\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::Serialization`\n\n## Message\n\nSerialization error: {0}\n",
587        ),
588        "AUTHS-E4510" => Some(
589            "# AUTHS-E4510\n\n**Crate:** `auths-id`  \n**Type:** `ValidationError::MalformedSequence`\n\n## Message\n\nMalformed sequence number: {raw:?}\n",
590        ),
591
592        // --- auths-id (KelError) ---
593        "AUTHS-E4601" => Some(
594            "# AUTHS-E4601\n\n**Crate:** `auths-id`  \n**Type:** `KelError::Git`\n\n## Message\n\nGit error: {0}\n\n## Suggestion\n\nCheck that the Git repository is accessible and not corrupted\n",
595        ),
596        "AUTHS-E4602" => Some(
597            "# AUTHS-E4602\n\n**Crate:** `auths-id`  \n**Type:** `KelError::Serialization`\n\n## Message\n\nSerialization error: {0}\n",
598        ),
599        "AUTHS-E4603" => Some(
600            "# AUTHS-E4603\n\n**Crate:** `auths-id`  \n**Type:** `KelError::NotFound`\n\n## Message\n\nKEL not found for prefix: {0}\n\n## Suggestion\n\nInitialize the identity first with 'auths init'\n",
601        ),
602        "AUTHS-E4604" => Some(
603            "# AUTHS-E4604\n\n**Crate:** `auths-id`  \n**Type:** `KelError::InvalidOperation`\n\n## Message\n\nInvalid operation: {0}\n",
604        ),
605        "AUTHS-E4605" => Some(
606            "# AUTHS-E4605\n\n**Crate:** `auths-id`  \n**Type:** `KelError::InvalidData`\n\n## Message\n\nInvalid data: {0}\n\n## Suggestion\n\nThe KEL data may be corrupted; try re-syncing\n",
607        ),
608        "AUTHS-E4606" => Some(
609            "# AUTHS-E4606\n\n**Crate:** `auths-id`  \n**Type:** `KelError::ChainIntegrity`\n\n## Message\n\nChain integrity error: {0}\n",
610        ),
611        "AUTHS-E4607" => Some(
612            "# AUTHS-E4607\n\n**Crate:** `auths-id`  \n**Type:** `KelError::ValidationFailed`\n\n## Message\n\nValidation failed: {0}\n",
613        ),
614
615        // --- auths-id (RotationError) ---
616        "AUTHS-E4701" => Some(
617            "# AUTHS-E4701\n\n**Crate:** `auths-id`  \n**Type:** `RotationError::KeyGeneration`\n\n## Message\n\nKey generation failed: {0}\n",
618        ),
619        "AUTHS-E4702" => Some(
620            "# AUTHS-E4702\n\n**Crate:** `auths-id`  \n**Type:** `RotationError::Kel`\n\n## Message\n\nKEL error: {0}\n\n## Suggestion\n\nCheck the KEL state for the identity\n",
621        ),
622        "AUTHS-E4703" => Some(
623            "# AUTHS-E4703\n\n**Crate:** `auths-id`  \n**Type:** `RotationError::Storage`\n\n## Message\n\nStorage error: {0}\n\n## Suggestion\n\nCheck storage backend connectivity\n",
624        ),
625        "AUTHS-E4704" => Some(
626            "# AUTHS-E4704\n\n**Crate:** `auths-id`  \n**Type:** `RotationError::Validation`\n\n## Message\n\nValidation error: {0}\n",
627        ),
628        "AUTHS-E4705" => Some(
629            "# AUTHS-E4705\n\n**Crate:** `auths-id`  \n**Type:** `RotationError::IdentityAbandoned`\n\n## Message\n\nIdentity is abandoned (cannot rotate)\n",
630        ),
631        "AUTHS-E4706" => Some(
632            "# AUTHS-E4706\n\n**Crate:** `auths-id`  \n**Type:** `RotationError::CommitmentMismatch`\n\n## Message\n\nCommitment mismatch: next key does not match previous commitment\n",
633        ),
634        "AUTHS-E4707" => Some(
635            "# AUTHS-E4707\n\n**Crate:** `auths-id`  \n**Type:** `RotationError::Serialization`\n\n## Message\n\nSerialization error: {0}\n",
636        ),
637        "AUTHS-E4708" => Some(
638            "# AUTHS-E4708\n\n**Crate:** `auths-id`  \n**Type:** `RotationError::InvalidKey`\n\n## Message\n\nInvalid key: {0}\n\n## Suggestion\n\nProvide a valid Ed25519 or P-256 key in PKCS#8 v1/v2 format\n",
639        ),
640
641        // --- auths-id (ResolveError) ---
642        "AUTHS-E4801" => Some(
643            "# AUTHS-E4801\n\n**Crate:** `auths-id`  \n**Type:** `ResolveError::InvalidFormat`\n\n## Message\n\nInvalid DID format: {0}\n\n## Suggestion\n\nUse the format 'did:keri:E<prefix>'\n",
644        ),
645        "AUTHS-E4802" => Some(
646            "# AUTHS-E4802\n\n**Crate:** `auths-id`  \n**Type:** `ResolveError::NotFound`\n\n## Message\n\nKEL not found for prefix: {0}\n\n## Suggestion\n\nThe identity does not exist; check the DID prefix\n",
647        ),
648        "AUTHS-E4803" => Some(
649            "# AUTHS-E4803\n\n**Crate:** `auths-id`  \n**Type:** `ResolveError::Kel`\n\n## Message\n\nKEL error: {0}\n",
650        ),
651        "AUTHS-E4804" => Some(
652            "# AUTHS-E4804\n\n**Crate:** `auths-id`  \n**Type:** `ResolveError::Validation`\n\n## Message\n\nValidation error: {0}\n",
653        ),
654        "AUTHS-E4805" => Some(
655            "# AUTHS-E4805\n\n**Crate:** `auths-id`  \n**Type:** `ResolveError::InvalidKeyEncoding`\n\n## Message\n\nInvalid key encoding: {0}\n",
656        ),
657        "AUTHS-E4806" => Some(
658            "# AUTHS-E4806\n\n**Crate:** `auths-id`  \n**Type:** `ResolveError::NoCurrentKey`\n\n## Message\n\nNo current key in identity\n\n## Suggestion\n\nThe identity has no active key; it may be abandoned\n",
659        ),
660        "AUTHS-E4807" => Some(
661            "# AUTHS-E4807\n\n**Crate:** `auths-id`  \n**Type:** `ResolveError::UnknownKeyType`\n\n## Message\n\nUnknown key type: {0}\n\n## Suggestion\n\nKERI supports Ed25519 (`D` prefix) and P-256 (`1AAI` prefix). Other curves are not yet supported.\n",
662        ),
663
664        // --- auths-id (TenantIdError) ---
665        "AUTHS-E4851" => Some(
666            "# AUTHS-E4851\n\n**Crate:** `auths-id`  \n**Type:** `TenantIdError::InvalidLength`\n\n## Message\n\nmust be 1–64 characters (got {0})\n\n## Suggestion\n\nTenant ID must be between 1 and 64 characters\n",
667        ),
668        "AUTHS-E4852" => Some(
669            "# AUTHS-E4852\n\n**Crate:** `auths-id`  \n**Type:** `TenantIdError::InvalidCharacter`\n\n## Message\n\ncontains disallowed character {0:?} (only [a-z0-9_-] allowed)\n",
670        ),
671        "AUTHS-E4853" => Some(
672            "# AUTHS-E4853\n\n**Crate:** `auths-id`  \n**Type:** `TenantIdError::Reserved`\n\n## Message\n\n'{0}' is reserved\n\n## Suggestion\n\nChoose a different tenant ID; this name is reserved\n",
673        ),
674
675        // --- auths-id (RegistryError) ---
676        "AUTHS-E4861" => Some(
677            "# AUTHS-E4861\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::Storage`\n\n## Message\n\nStorage error: {0}\n\n## Suggestion\n\nCheck storage backend connectivity\n",
678        ),
679        "AUTHS-E4862" => Some(
680            "# AUTHS-E4862\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::InvalidPrefix`\n\n## Message\n\nInvalid prefix '{prefix}': {reason}\n\n## Suggestion\n\nKERI prefixes must start with 'E' (Blake3 SAID)\n",
681        ),
682        "AUTHS-E4863" => Some(
683            "# AUTHS-E4863\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::InvalidDeviceDid`\n\n## Message\n\nInvalid device DID '{did}': {reason}\n\n## Suggestion\n\nDevice DIDs must be in 'did:key:z...' format\n",
684        ),
685        "AUTHS-E4864" => Some(
686            "# AUTHS-E4864\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::EventExists`\n\n## Message\n\nEvent already exists: {prefix} seq {seq}\n\n## Suggestion\n\nThis event has already been appended to the KEL\n",
687        ),
688        "AUTHS-E4865" => Some(
689            "# AUTHS-E4865\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::SequenceGap`\n\n## Message\n\nSequence gap for {prefix}: expected {expected}, got {got}\n\n## Suggestion\n\nEvents must be appended in strict sequence order\n",
690        ),
691        "AUTHS-E4866" => Some(
692            "# AUTHS-E4866\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::NotFound`\n\n## Message\n\nNot found: {entity_type} '{id}'\n",
693        ),
694        "AUTHS-E4867" => Some(
695            "# AUTHS-E4867\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::Serialization`\n\n## Message\n\nSerialization error: {0}\n",
696        ),
697        "AUTHS-E4868" => Some(
698            "# AUTHS-E4868\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::ConcurrentModification`\n\n## Message\n\nConcurrent modification: {0}\n",
699        ),
700        "AUTHS-E4869" => Some(
701            "# AUTHS-E4869\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::SaidMismatch`\n\n## Message\n\nSAID mismatch: expected {expected}, got {actual}\n\n## Suggestion\n\nThe event content does not match its declared SAID\n",
702        ),
703        "AUTHS-E4870" => Some(
704            "# AUTHS-E4870\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::InvalidEvent`\n\n## Message\n\nInvalid event: {reason}\n",
705        ),
706        "AUTHS-E4871" => Some(
707            "# AUTHS-E4871\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::Io`\n\n## Message\n\nI/O error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n",
708        ),
709        "AUTHS-E4872" => Some(
710            "# AUTHS-E4872\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::Internal`\n\n## Message\n\nInternal error: {0}\n",
711        ),
712        "AUTHS-E4873" => Some(
713            "# AUTHS-E4873\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::InvalidTenantId`\n\n## Message\n\ninvalid tenant ID '{tenant_id}': {kind}\n",
714        ),
715        "AUTHS-E4874" => Some(
716            "# AUTHS-E4874\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::Attestation`\n\n## Message\n\nAttestation error: {0}\n",
717        ),
718        "AUTHS-E4875" => Some(
719            "# AUTHS-E4875\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::StaleAttestation`\n\n## Message\n\nStale attestation: {0}\n",
720        ),
721        "AUTHS-E4876" => Some(
722            "# AUTHS-E4876\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::NotImplemented`\n\n## Message\n\nNot implemented: {method}\n",
723        ),
724        "AUTHS-E4877" => Some(
725            "# AUTHS-E4877\n\n**Crate:** `auths-id`  \n**Type:** `RegistryError::BatchValidationFailed`\n\n## Message\n\nBatch validation failed at index {index}: {source}\n",
726        ),
727
728        // --- auths-id (InceptionError) ---
729        "AUTHS-E4901" => Some(
730            "# AUTHS-E4901\n\n**Crate:** `auths-id`  \n**Type:** `InceptionError::KeyGeneration`\n\n## Message\n\nKey generation failed: {0}\n",
731        ),
732        "AUTHS-E4902" => Some(
733            "# AUTHS-E4902\n\n**Crate:** `auths-id`  \n**Type:** `InceptionError::Kel`\n\n## Message\n\nKEL error: {0}\n\n## Suggestion\n\nCheck the KEL state; a KEL may already exist for this prefix\n",
734        ),
735        "AUTHS-E4903" => Some(
736            "# AUTHS-E4903\n\n**Crate:** `auths-id`  \n**Type:** `InceptionError::Storage`\n\n## Message\n\nStorage error: {0}\n\n## Suggestion\n\nCheck storage backend connectivity\n",
737        ),
738        "AUTHS-E4904" => Some(
739            "# AUTHS-E4904\n\n**Crate:** `auths-id`  \n**Type:** `InceptionError::Validation`\n\n## Message\n\nValidation error: {0}\n",
740        ),
741        "AUTHS-E4905" => Some(
742            "# AUTHS-E4905\n\n**Crate:** `auths-id`  \n**Type:** `InceptionError::Serialization`\n\n## Message\n\nSerialization error: {0}\n",
743        ),
744
745        // --- auths-id (IncrementalError) ---
746        "AUTHS-E4951" => Some(
747            "# AUTHS-E4951\n\n**Crate:** `auths-id`  \n**Type:** `IncrementalError::Kel`\n\n## Message\n\nKEL error: {0}\n",
748        ),
749        "AUTHS-E4952" => Some(
750            "# AUTHS-E4952\n\n**Crate:** `auths-id`  \n**Type:** `IncrementalError::ChainContinuity`\n\n## Message\n\nChain continuity error: expected previous SAID {expected}, got {actual}\n",
751        ),
752        "AUTHS-E4953" => Some(
753            "# AUTHS-E4953\n\n**Crate:** `auths-id`  \n**Type:** `IncrementalError::SequenceError`\n\n## Message\n\nSequence error: expected {expected}, got {actual}\n",
754        ),
755        "AUTHS-E4954" => Some(
756            "# AUTHS-E4954\n\n**Crate:** `auths-id`  \n**Type:** `IncrementalError::MalformedSequence`\n\n## Message\n\nMalformed sequence number: {raw:?}\n",
757        ),
758        "AUTHS-E4955" => Some(
759            "# AUTHS-E4955\n\n**Crate:** `auths-id`  \n**Type:** `IncrementalError::InvalidEventType`\n\n## Message\n\nInvalid event type in KEL: {0}\n",
760        ),
761        "AUTHS-E4956" => Some(
762            "# AUTHS-E4956\n\n**Crate:** `auths-id`  \n**Type:** `IncrementalError::NonLinearHistory`\n\n## Message\n\nKEL history is non-linear: commit {commit} has {parent_count} parents (expected 1)\n",
763        ),
764        "AUTHS-E4957" => Some(
765            "# AUTHS-E4957\n\n**Crate:** `auths-id`  \n**Type:** `IncrementalError::MissingParent`\n\n## Message\n\nKEL history is corrupted: commit {commit} has no parent but is not inception\n\n## Suggestion\n\nThe KEL commit history is corrupted\n",
766        ),
767
768        // --- auths-id (AnchorError) ---
769        "AUTHS-E4961" => Some(
770            "# AUTHS-E4961\n\n**Crate:** `auths-id`  \n**Type:** `AnchorError::Kel`\n\n## Message\n\nKEL error: {0}\n",
771        ),
772        "AUTHS-E4962" => Some(
773            "# AUTHS-E4962\n\n**Crate:** `auths-id`  \n**Type:** `AnchorError::Validation`\n\n## Message\n\nValidation error: {0}\n",
774        ),
775        "AUTHS-E4963" => Some(
776            "# AUTHS-E4963\n\n**Crate:** `auths-id`  \n**Type:** `AnchorError::Serialization`\n\n## Message\n\nSerialization error: {0}\n",
777        ),
778        "AUTHS-E4964" => Some(
779            "# AUTHS-E4964\n\n**Crate:** `auths-id`  \n**Type:** `AnchorError::InvalidDid`\n\n## Message\n\nInvalid DID format: {0}\n\n## Suggestion\n\nUse the format 'did:keri:E<prefix>'\n",
780        ),
781        "AUTHS-E4965" => Some(
782            "# AUTHS-E4965\n\n**Crate:** `auths-id`  \n**Type:** `AnchorError::NotFound`\n\n## Message\n\nKEL not found for prefix: {0}\n\n## Suggestion\n\nInitialize the identity first with 'auths init'\n",
783        ),
784
785        // --- auths-id (WitnessIntegrationError) ---
786        "AUTHS-E4971" => Some(
787            "# AUTHS-E4971\n\n**Crate:** `auths-id`  \n**Type:** `WitnessIntegrationError::Collection`\n\n## Message\n\nReceipt collection failed: {0}\n",
788        ),
789        "AUTHS-E4972" => Some(
790            "# AUTHS-E4972\n\n**Crate:** `auths-id`  \n**Type:** `WitnessIntegrationError::Storage`\n\n## Message\n\nReceipt storage failed: {0}\n\n## Suggestion\n\nCheck storage backend permissions\n",
791        ),
792        "AUTHS-E4973" => Some(
793            "# AUTHS-E4973\n\n**Crate:** `auths-id`  \n**Type:** `WitnessIntegrationError::Runtime`\n\n## Message\n\nTokio runtime error: {0}\n",
794        ),
795
796        // --- auths-id (CacheError) ---
797        "AUTHS-E4981" => Some(
798            "# AUTHS-E4981\n\n**Crate:** `auths-id`  \n**Type:** `CacheError::Io`\n\n## Message\n\nI/O error: {0}\n",
799        ),
800        "AUTHS-E4982" => Some(
801            "# AUTHS-E4982\n\n**Crate:** `auths-id`  \n**Type:** `CacheError::Json`\n\n## Message\n\nJSON serialization error: {0}\n",
802        ),
803
804        // --- auths-id (HookError) ---
805        "AUTHS-E4991" => Some(
806            "# AUTHS-E4991\n\n**Crate:** `auths-id`  \n**Type:** `HookError::Io`\n\n## Message\n\nIO error: {0}\n\n## Suggestion\n\nCheck file permissions on the Git hooks directory\n",
807        ),
808        "AUTHS-E4992" => Some(
809            "# AUTHS-E4992\n\n**Crate:** `auths-id`  \n**Type:** `HookError::NotGitRepo`\n\n## Message\n\nNot a Git repository: {0}\n\n## Suggestion\n\nEnsure the path points to a valid Git repository\n",
810        ),
811
812        // --- auths-sdk (SetupError) ---
813        "AUTHS-E5001" => Some(
814            "# AUTHS-E5001\n\n**Crate:** `auths-sdk`  \n**Type:** `SetupError::IdentityAlreadyExists`\n\n## Message\n\nidentity already exists: {did}\n",
815        ),
816        "AUTHS-E5002" => Some(
817            "# AUTHS-E5002\n\n**Crate:** `auths-sdk`  \n**Type:** `SetupError::KeychainUnavailable`\n\n## Message\n\nkeychain unavailable ({backend}): {reason}\n",
818        ),
819        "AUTHS-E5004" => Some(
820            "# AUTHS-E5004\n\n**Crate:** `auths-sdk`  \n**Type:** `SetupError::GitConfigError`\n\n## Message\n\ngit config error: {0}\n",
821        ),
822        "AUTHS-E5006" => Some(
823            "# AUTHS-E5006\n\n**Crate:** `auths-sdk`  \n**Type:** `SetupError::PlatformVerificationFailed`\n\n## Message\n\nplatform verification failed: {0}\n",
824        ),
825        "AUTHS-E5007" => Some(
826            "# AUTHS-E5007\n\n**Crate:** `auths-sdk`  \n**Type:** `SetupError::InvalidSetupConfig`\n\n## Message\n\ninvalid setup config: {0}\n\n## Suggestion\n\nCheck identity setup configuration parameters\n",
827        ),
828
829        // --- auths-sdk (DeviceError) ---
830        "AUTHS-E5101" => Some(
831            "# AUTHS-E5101\n\n**Crate:** `auths-sdk`  \n**Type:** `DeviceError::IdentityNotFound`\n\n## Message\n\nidentity not found: {did}\n\n## Suggestion\n\nRun `auths init` to create an identity first\n",
832        ),
833        "AUTHS-E5102" => Some(
834            "# AUTHS-E5102\n\n**Crate:** `auths-sdk`  \n**Type:** `DeviceError::DeviceNotFound`\n\n## Message\n\ndevice not found: {did}\n\n## Suggestion\n\nRun `auths device list` to see linked devices\n",
835        ),
836        "AUTHS-E5103" => Some(
837            "# AUTHS-E5103\n\n**Crate:** `auths-sdk`  \n**Type:** `DeviceError::AttestationError`\n\n## Message\n\nattestation error: {0}\n",
838        ),
839        "AUTHS-E5105" => Some(
840            "# AUTHS-E5105\n\n**Crate:** `auths-sdk`  \n**Type:** `DeviceError::DeviceDidMismatch`\n\n## Message\n\ndevice DID mismatch: expected {expected}, got {actual}\n\n## Suggestion\n\nCheck that --device matches the key name\n",
841        ),
842
843        // --- auths-sdk (DeviceExtensionError) ---
844        "AUTHS-E5201" => Some(
845            "# AUTHS-E5201\n\n**Crate:** `auths-sdk`  \n**Type:** `DeviceExtensionError::IdentityNotFound`\n\n## Message\n\nidentity not found\n\n## Suggestion\n\nRun `auths init` to create an identity first\n",
846        ),
847        "AUTHS-E5202" => Some(
848            "# AUTHS-E5202\n\n**Crate:** `auths-sdk`  \n**Type:** `DeviceExtensionError::NoAttestationFound`\n\n## Message\n\nno attestation found for device {device_did}\n",
849        ),
850        "AUTHS-E5203" => Some(
851            "# AUTHS-E5203\n\n**Crate:** `auths-sdk`  \n**Type:** `DeviceExtensionError::AlreadyRevoked`\n\n## Message\n\ndevice {device_did} is already revoked\n",
852        ),
853        "AUTHS-E5204" => Some(
854            "# AUTHS-E5204\n\n**Crate:** `auths-sdk`  \n**Type:** `DeviceExtensionError::AttestationFailed`\n\n## Message\n\nattestation creation failed: {0}\n",
855        ),
856
857        // --- auths-sdk (RotationError) ---
858        "AUTHS-E5301" => Some(
859            "# AUTHS-E5301\n\n**Crate:** `auths-sdk`  \n**Type:** `RotationError::IdentityNotFound`\n\n## Message\n\nidentity not found at {path}\n\n## Suggestion\n\nRun `auths init` to create an identity first\n",
860        ),
861        "AUTHS-E5302" => Some(
862            "# AUTHS-E5302\n\n**Crate:** `auths-sdk`  \n**Type:** `RotationError::KeyNotFound`\n\n## Message\n\nkey not found: {0}\n\n## Suggestion\n\nRun `auths key list` to see available keys\n",
863        ),
864        "AUTHS-E5303" => Some(
865            "# AUTHS-E5303\n\n**Crate:** `auths-sdk`  \n**Type:** `RotationError::KeyDecryptionFailed`\n\n## Message\n\nkey decryption failed: {0}\n\n## Suggestion\n\nCheck your passphrase and try again\n",
866        ),
867        "AUTHS-E5304" => Some(
868            "# AUTHS-E5304\n\n**Crate:** `auths-sdk`  \n**Type:** `RotationError::KelHistoryFailed`\n\n## Message\n\nKEL history error: {0}\n\n## Suggestion\n\nRun `auths doctor` to check KEL integrity\n",
869        ),
870        "AUTHS-E5305" => Some(
871            "# AUTHS-E5305\n\n**Crate:** `auths-sdk`  \n**Type:** `RotationError::RotationFailed`\n\n## Message\n\nrotation failed: {0}\n",
872        ),
873        "AUTHS-E5306" => Some(
874            "# AUTHS-E5306\n\n**Crate:** `auths-sdk`  \n**Type:** `RotationError::PartialRotation`\n\n## Message\n\nrotation event committed to KEL but keychain write failed — manual recovery required: {0}\n",
875        ),
876
877        // --- auths-sdk (RegistrationError) ---
878        "AUTHS-E5401" => Some(
879            "# AUTHS-E5401\n\n**Crate:** `auths-sdk`  \n**Type:** `RegistrationError::AlreadyRegistered`\n\n## Message\n\nidentity already registered at this registry\n",
880        ),
881        "AUTHS-E5402" => Some(
882            "# AUTHS-E5402\n\n**Crate:** `auths-sdk`  \n**Type:** `RegistrationError::QuotaExceeded`\n\n## Message\n\nregistration quota exceeded — try again later\n\n## Suggestion\n\nWait a few minutes and try again\n",
883        ),
884        "AUTHS-E5403" => Some(
885            "# AUTHS-E5403\n\n**Crate:** `auths-sdk`  \n**Type:** `RegistrationError::InvalidDidFormat`\n\n## Message\n\ninvalid DID format: {did}\n",
886        ),
887        "AUTHS-E5404" => Some(
888            "# AUTHS-E5404\n\n**Crate:** `auths-sdk`  \n**Type:** `RegistrationError::IdentityLoadError`\n\n## Message\n\nidentity load error: {0}\n\n## Suggestion\n\nRun `auths doctor` to check local identity data\n",
889        ),
890        "AUTHS-E5405" => Some(
891            "# AUTHS-E5405\n\n**Crate:** `auths-sdk`  \n**Type:** `RegistrationError::RegistryReadError`\n\n## Message\n\nregistry read error: {0}\n\n## Suggestion\n\nRun `auths doctor` to check local identity data\n",
892        ),
893        "AUTHS-E5406" => Some(
894            "# AUTHS-E5406\n\n**Crate:** `auths-sdk`  \n**Type:** `RegistrationError::SerializationError`\n\n## Message\n\nserialization error: {0}\n\n## Suggestion\n\nRun `auths doctor` to check local identity data\n",
895        ),
896
897        // --- auths-sdk (McpAuthError) ---
898        "AUTHS-E5501" => Some(
899            "# AUTHS-E5501\n\n**Crate:** `auths-sdk`  \n**Type:** `McpAuthError::BridgeUnreachable`\n\n## Message\n\nbridge unreachable: {0}\n\n## Suggestion\n\nCheck network connectivity to the OIDC bridge\n",
900        ),
901        "AUTHS-E5502" => Some(
902            "# AUTHS-E5502\n\n**Crate:** `auths-sdk`  \n**Type:** `McpAuthError::TokenExchangeFailed`\n\n## Message\n\ntoken exchange failed (HTTP {status}): {body}\n\n## Suggestion\n\nVerify your credentials and try again\n",
903        ),
904        "AUTHS-E5503" => Some(
905            "# AUTHS-E5503\n\n**Crate:** `auths-sdk`  \n**Type:** `McpAuthError::InvalidResponse`\n\n## Message\n\ninvalid response: {0}\n",
906        ),
907        "AUTHS-E5504" => Some(
908            "# AUTHS-E5504\n\n**Crate:** `auths-sdk`  \n**Type:** `McpAuthError::InsufficientCapabilities`\n\n## Message\n\ninsufficient capabilities: requested {requested:?}\n",
909        ),
910
911        // --- auths-sdk (TrustError) ---
912        "AUTHS-E5551" => Some(
913            "# AUTHS-E5551\n\n**Crate:** `auths-sdk`  \n**Type:** `TrustError::UnknownIdentity`\n\n## Message\n\nUnknown identity '{did}' and trust policy is '{policy}'\n",
914        ),
915        "AUTHS-E5552" => Some(
916            "# AUTHS-E5552\n\n**Crate:** `auths-sdk`  \n**Type:** `TrustError::KeyResolutionFailed`\n\n## Message\n\nFailed to resolve public key for identity {did}\n",
917        ),
918        "AUTHS-E5553" => Some(
919            "# AUTHS-E5553\n\n**Crate:** `auths-sdk`  \n**Type:** `TrustError::InvalidTrustStore`\n\n## Message\n\nInvalid trust store: {0}\n",
920        ),
921        "AUTHS-E5554" => Some(
922            "# AUTHS-E5554\n\n**Crate:** `auths-sdk`  \n**Type:** `TrustError::TofuRequiresInteraction`\n\n## Message\n\nTOFU trust decision required but running in non-interactive mode\n",
923        ),
924
925        // --- auths-sdk (OrgError) ---
926        "AUTHS-E5601" => Some(
927            "# AUTHS-E5601\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::AdminNotFound`\n\n## Message\n\nno admin with the given public key found in organization '{org}'\n",
928        ),
929        "AUTHS-E5602" => Some(
930            "# AUTHS-E5602\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::MemberNotFound`\n\n## Message\n\nmember '{did}' not found in organization '{org}'\n",
931        ),
932        "AUTHS-E5603" => Some(
933            "# AUTHS-E5603\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::AlreadyRevoked`\n\n## Message\n\nmember '{did}' is already revoked\n",
934        ),
935        "AUTHS-E5604" => Some(
936            "# AUTHS-E5604\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::InvalidCapability`\n\n## Message\n\ninvalid capability '{cap}': {reason}\n",
937        ),
938        "AUTHS-E5605" => Some(
939            "# AUTHS-E5605\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::InvalidDid`\n\n## Message\n\ninvalid organization DID: {0}\n\n## Suggestion\n\nOrganization DIDs must be valid did:keri identifiers\n",
940        ),
941        "AUTHS-E5606" => Some(
942            "# AUTHS-E5606\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::InvalidPublicKey`\n\n## Message\n\ninvalid public key: {0}\n\n## Suggestion\n\nPublic keys must be hex-encoded: 64 chars Ed25519 or 66 chars P-256 compressed SEC1\n",
943        ),
944        "AUTHS-E5607" => Some(
945            "# AUTHS-E5607\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::Signing`\n\n## Message\n\nsigning error: {0}\n",
946        ),
947        "AUTHS-E5608" => Some(
948            "# AUTHS-E5608\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::Identity`\n\n## Message\n\nidentity error: {0}\n",
949        ),
950        "AUTHS-E5609" => Some(
951            "# AUTHS-E5609\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::KeyStorage`\n\n## Message\n\nkey storage error: {0}\n",
952        ),
953        "AUTHS-E5610" => Some(
954            "# AUTHS-E5610\n\n**Crate:** `auths-sdk`  \n**Type:** `OrgError::Storage`\n\n## Message\n\nstorage error: {0}\n",
955        ),
956
957        // --- auths-sdk (ApprovalError) ---
958        "AUTHS-E5701" => Some(
959            "# AUTHS-E5701\n\n**Crate:** `auths-sdk`  \n**Type:** `ApprovalError::NotApprovalRequired`\n\n## Message\n\ndecision is not RequiresApproval\n",
960        ),
961        "AUTHS-E5702" => Some(
962            "# AUTHS-E5702\n\n**Crate:** `auths-sdk`  \n**Type:** `ApprovalError::RequestNotFound`\n\n## Message\n\napproval request not found: {hash}\n",
963        ),
964        "AUTHS-E5703" => Some(
965            "# AUTHS-E5703\n\n**Crate:** `auths-sdk`  \n**Type:** `ApprovalError::RequestExpired`\n\n## Message\n\napproval request expired at {expires_at}\n\n## Suggestion\n\nSubmit a new approval request\n",
966        ),
967        "AUTHS-E5704" => Some(
968            "# AUTHS-E5704\n\n**Crate:** `auths-sdk`  \n**Type:** `ApprovalError::ApprovalAlreadyUsed`\n\n## Message\n\napproval already used (JTI: {jti})\n\n## Suggestion\n\nSubmit a new approval request\n",
969        ),
970        "AUTHS-E5705" => Some(
971            "# AUTHS-E5705\n\n**Crate:** `auths-sdk`  \n**Type:** `ApprovalError::PartialApproval`\n\n## Message\n\napproval partially applied — attestation stored but nonce/cleanup failed: {0}\n\n## Suggestion\n\nCheck approval status and retry if needed\n",
972        ),
973        "AUTHS-E5706" => Some(
974            "# AUTHS-E5706\n\n**Crate:** `auths-sdk`  \n**Type:** `ApprovalError::ApprovalStorage`\n\n## Message\n\nstorage error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n",
975        ),
976
977        // --- auths-sdk (ArtifactSigningError) ---
978        "AUTHS-E5850" => Some(
979            "# AUTHS-E5850\n\n**Crate:** `auths-sdk`  \n**Type:** `ArtifactSigningError::IdentityNotFound`\n\n## Message\n\nidentity not found in configured identity storage\n",
980        ),
981        "AUTHS-E5851" => Some(
982            "# AUTHS-E5851\n\n**Crate:** `auths-sdk`  \n**Type:** `ArtifactSigningError::KeyResolutionFailed`\n\n## Message\n\nkey resolution failed: {0}\n",
983        ),
984        "AUTHS-E5852" => Some(
985            "# AUTHS-E5852\n\n**Crate:** `auths-sdk`  \n**Type:** `ArtifactSigningError::KeyDecryptionFailed`\n\n## Message\n\nkey decryption failed: {0}\n\n## Suggestion\n\nCheck your passphrase and try again\n",
986        ),
987        "AUTHS-E5853" => Some(
988            "# AUTHS-E5853\n\n**Crate:** `auths-sdk`  \n**Type:** `ArtifactSigningError::DigestFailed`\n\n## Message\n\ndigest computation failed: {0}\n\n## Suggestion\n\nVerify the file exists and is readable\n",
989        ),
990        "AUTHS-E5854" => Some(
991            "# AUTHS-E5854\n\n**Crate:** `auths-sdk`  \n**Type:** `ArtifactSigningError::AttestationFailed`\n\n## Message\n\nattestation creation failed: {0}\n\n## Suggestion\n\nCheck identity storage with `auths status`\n",
992        ),
993        "AUTHS-E5855" => Some(
994            "# AUTHS-E5855\n\n**Crate:** `auths-sdk`  \n**Type:** `ArtifactSigningError::ResignFailed`\n\n## Message\n\nattestation re-signing failed: {0}\n",
995        ),
996
997        // --- auths-sdk (SigningError) ---
998        "AUTHS-E5901" => Some(
999            "# AUTHS-E5901\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::IdentityFrozen`\n\n## Message\n\nidentity is frozen: {0}\n\n## Suggestion\n\nTo unfreeze: auths emergency unfreeze\n",
1000        ),
1001        "AUTHS-E5902" => Some(
1002            "# AUTHS-E5902\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::KeyResolution`\n\n## Message\n\nkey resolution failed: {0}\n\n## Suggestion\n\nRun `auths key list` to check available keys\n",
1003        ),
1004        "AUTHS-E5903" => Some(
1005            "# AUTHS-E5903\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::SigningFailed`\n\n## Message\n\nsigning operation failed: {0}\n",
1006        ),
1007        "AUTHS-E5904" => Some(
1008            "# AUTHS-E5904\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::InvalidPassphrase`\n\n## Message\n\ninvalid passphrase\n\n## Suggestion\n\nCheck your passphrase and try again\n",
1009        ),
1010        "AUTHS-E5905" => Some(
1011            "# AUTHS-E5905\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::PemEncoding`\n\n## Message\n\nPEM encoding failed: {0}\n",
1012        ),
1013        "AUTHS-E5906" => Some(
1014            "# AUTHS-E5906\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::AgentUnavailable`\n\n## Message\n\nagent unavailable: {0}\n\n## Suggestion\n\nStart the agent with `auths agent start`\n",
1015        ),
1016        "AUTHS-E5907" => Some(
1017            "# AUTHS-E5907\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::AgentSigningFailed`\n\n## Message\n\nagent signing failed\n\n## Suggestion\n\nCheck agent logs with `auths agent status`\n",
1018        ),
1019        "AUTHS-E5908" => Some(
1020            "# AUTHS-E5908\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::PassphraseExhausted`\n\n## Message\n\npassphrase exhausted after {attempts} attempt(s)\n",
1021        ),
1022        "AUTHS-E5909" => Some(
1023            "# AUTHS-E5909\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::KeychainUnavailable`\n\n## Message\n\nkeychain unavailable: {0}\n\n## Suggestion\n\nRun `auths doctor` to diagnose keychain issues\n",
1024        ),
1025        "AUTHS-E5910" => Some(
1026            "# AUTHS-E5910\n\n**Crate:** `auths-sdk`  \n**Type:** `SigningError::KeyDecryptionFailed`\n\n## Message\n\nkey decryption failed: {0}\n\n## Suggestion\n\nCheck your passphrase and try again\n",
1027        ),
1028
1029        // --- auths-sdk (AuthChallengeError) ---
1030        "AUTHS-E6001" => Some(
1031            "# AUTHS-E6001\n\n**Crate:** `auths-sdk`  \n**Type:** `AuthChallengeError::EmptyNonce`\n\n## Message\n\nnonce must not be empty\n\n## Suggestion\n\nProvide the nonce from the authentication challenge\n",
1032        ),
1033        "AUTHS-E6002" => Some(
1034            "# AUTHS-E6002\n\n**Crate:** `auths-sdk`  \n**Type:** `AuthChallengeError::EmptyDomain`\n\n## Message\n\ndomain must not be empty\n\n## Suggestion\n\nProvide the domain (e.g. auths.dev)\n",
1035        ),
1036        "AUTHS-E6003" => Some(
1037            "# AUTHS-E6003\n\n**Crate:** `auths-sdk`  \n**Type:** `AuthChallengeError::Canonicalization`\n\n## Message\n\ncanonical JSON serialization failed: {0}\n",
1038        ),
1039        "AUTHS-E6004" => Some(
1040            "# AUTHS-E6004\n\n**Crate:** `auths-sdk`  \n**Type:** `AuthChallengeError::SigningFailed`\n\n## Message\n\nsigning failed: {0}\n",
1041        ),
1042
1043        // --- auths-oidc-port (OidcError) ---
1044        "AUTHS-E8001" => Some(
1045            "# AUTHS-E8001\n\n**Crate:** `auths-oidc-port`  \n**Type:** `OidcError::JwtDecode`\n\n## Message\n\nJWT decode failed: {0}\n",
1046        ),
1047        "AUTHS-E8002" => Some(
1048            "# AUTHS-E8002\n\n**Crate:** `auths-oidc-port`  \n**Type:** `OidcError::SignatureVerificationFailed`\n\n## Message\n\nsignature verification failed\n",
1049        ),
1050        "AUTHS-E8003" => Some(
1051            "# AUTHS-E8003\n\n**Crate:** `auths-oidc-port`  \n**Type:** `OidcError::ClaimsValidationFailed`\n\n## Message\n\nclaim validation failed - {claim}: {reason}\n",
1052        ),
1053        "AUTHS-E8004" => Some(
1054            "# AUTHS-E8004\n\n**Crate:** `auths-oidc-port`  \n**Type:** `OidcError::UnknownKeyId`\n\n## Message\n\nunknown key ID: {0}\n",
1055        ),
1056        "AUTHS-E8005" => Some(
1057            "# AUTHS-E8005\n\n**Crate:** `auths-oidc-port`  \n**Type:** `OidcError::JwksResolutionFailed`\n\n## Message\n\nJWKS resolution failed: {0}\n",
1058        ),
1059        "AUTHS-E8006" => Some(
1060            "# AUTHS-E8006\n\n**Crate:** `auths-oidc-port`  \n**Type:** `OidcError::AlgorithmMismatch`\n\n## Message\n\nalgorithm mismatch: expected {expected}, got {got}\n",
1061        ),
1062        "AUTHS-E8007" => Some(
1063            "# AUTHS-E8007\n\n**Crate:** `auths-oidc-port`  \n**Type:** `OidcError::ClockSkewExceeded`\n\n## Message\n\ntoken expired (exp: {token_exp}, now: {current_time}, leeway: {leeway}s)\n",
1064        ),
1065        "AUTHS-E8008" => Some(
1066            "# AUTHS-E8008\n\n**Crate:** `auths-oidc-port`  \n**Type:** `OidcError::TokenReplayDetected`\n\n## Message\n\ntoken replay detected (jti: {0})\n",
1067        ),
1068
1069        _ => None,
1070    }
1071}
1072
1073/// Returns a sorted slice of all registered error codes.
1074pub fn all_codes() -> &'static [&'static str] {
1075    static CODES: &[&str] = &[
1076        "AUTHS-E1001",
1077        "AUTHS-E1003",
1078        "AUTHS-E1004",
1079        "AUTHS-E1005",
1080        "AUTHS-E1101",
1081        "AUTHS-E1102",
1082        "AUTHS-E1103",
1083        "AUTHS-E1104",
1084        "AUTHS-E1201",
1085        "AUTHS-E1202",
1086        "AUTHS-E1203",
1087        "AUTHS-E1204",
1088        "AUTHS-E1301",
1089        "AUTHS-E1302",
1090        "AUTHS-E2001",
1091        "AUTHS-E2002",
1092        "AUTHS-E2003",
1093        "AUTHS-E2004",
1094        "AUTHS-E2005",
1095        "AUTHS-E2006",
1096        "AUTHS-E2007",
1097        "AUTHS-E2008",
1098        "AUTHS-E2009",
1099        "AUTHS-E2010",
1100        "AUTHS-E2011",
1101        "AUTHS-E2012",
1102        "AUTHS-E2013",
1103        "AUTHS-E2014",
1104        "AUTHS-E2015",
1105        "AUTHS-E2016",
1106        "AUTHS-E2017",
1107        "AUTHS-E2018",
1108        "AUTHS-E2101",
1109        "AUTHS-E2102",
1110        "AUTHS-E2103",
1111        "AUTHS-E2104",
1112        "AUTHS-E2105",
1113        "AUTHS-E2106",
1114        "AUTHS-E2107",
1115        "AUTHS-E2108",
1116        "AUTHS-E2109",
1117        "AUTHS-E3001",
1118        "AUTHS-E3002",
1119        "AUTHS-E3003",
1120        "AUTHS-E3004",
1121        "AUTHS-E3005",
1122        "AUTHS-E3006",
1123        "AUTHS-E3007",
1124        "AUTHS-E3008",
1125        "AUTHS-E3009",
1126        "AUTHS-E3010",
1127        "AUTHS-E3011",
1128        "AUTHS-E3012",
1129        "AUTHS-E3013",
1130        "AUTHS-E3014",
1131        "AUTHS-E3015",
1132        "AUTHS-E3016",
1133        "AUTHS-E3017",
1134        "AUTHS-E3018",
1135        "AUTHS-E3019",
1136        "AUTHS-E3020",
1137        "AUTHS-E3021",
1138        "AUTHS-E3022",
1139        "AUTHS-E3023",
1140        "AUTHS-E3024",
1141        "AUTHS-E3101",
1142        "AUTHS-E3102",
1143        "AUTHS-E3103",
1144        "AUTHS-E3104",
1145        "AUTHS-E3105",
1146        "AUTHS-E3106",
1147        "AUTHS-E3107",
1148        "AUTHS-E3201",
1149        "AUTHS-E3202",
1150        "AUTHS-E3203",
1151        "AUTHS-E3204",
1152        "AUTHS-E3205",
1153        "AUTHS-E3206",
1154        "AUTHS-E3207",
1155        "AUTHS-E3301",
1156        "AUTHS-E3302",
1157        "AUTHS-E3303",
1158        "AUTHS-E3304",
1159        "AUTHS-E3305",
1160        "AUTHS-E3401",
1161        "AUTHS-E3402",
1162        "AUTHS-E3403",
1163        "AUTHS-E3404",
1164        "AUTHS-E3405",
1165        "AUTHS-E3406",
1166        "AUTHS-E3407",
1167        "AUTHS-E3408",
1168        "AUTHS-E3409",
1169        "AUTHS-E3501",
1170        "AUTHS-E3502",
1171        "AUTHS-E3503",
1172        "AUTHS-E3504",
1173        "AUTHS-E3505",
1174        "AUTHS-E3601",
1175        "AUTHS-E3602",
1176        "AUTHS-E3603",
1177        "AUTHS-E3604",
1178        "AUTHS-E3605",
1179        "AUTHS-E3606",
1180        "AUTHS-E3701",
1181        "AUTHS-E3702",
1182        "AUTHS-E3703",
1183        "AUTHS-E3704",
1184        "AUTHS-E3801",
1185        "AUTHS-E3802",
1186        "AUTHS-E3803",
1187        "AUTHS-E3804",
1188        "AUTHS-E3805",
1189        "AUTHS-E3806",
1190        "AUTHS-E3901",
1191        "AUTHS-E3902",
1192        "AUTHS-E3903",
1193        "AUTHS-E3951",
1194        "AUTHS-E3952",
1195        "AUTHS-E3961",
1196        "AUTHS-E3962",
1197        "AUTHS-E3963",
1198        "AUTHS-E3964",
1199        "AUTHS-E3965",
1200        "AUTHS-E3966",
1201        "AUTHS-E3967",
1202        "AUTHS-E3968",
1203        "AUTHS-E4001",
1204        "AUTHS-E4002",
1205        "AUTHS-E4003",
1206        "AUTHS-E4004",
1207        "AUTHS-E4101",
1208        "AUTHS-E4102",
1209        "AUTHS-E4103",
1210        "AUTHS-E4104",
1211        "AUTHS-E4105",
1212        "AUTHS-E4106",
1213        "AUTHS-E4107",
1214        "AUTHS-E4201",
1215        "AUTHS-E4202",
1216        "AUTHS-E4203",
1217        "AUTHS-E4204",
1218        "AUTHS-E4205",
1219        "AUTHS-E4206",
1220        "AUTHS-E4207",
1221        "AUTHS-E4208",
1222        "AUTHS-E4301",
1223        "AUTHS-E4302",
1224        "AUTHS-E4303",
1225        "AUTHS-E4304",
1226        "AUTHS-E4305",
1227        "AUTHS-E4401",
1228        "AUTHS-E4402",
1229        "AUTHS-E4403",
1230        "AUTHS-E4404",
1231        "AUTHS-E4405",
1232        "AUTHS-E4406",
1233        "AUTHS-E4407",
1234        "AUTHS-E4408",
1235        "AUTHS-E4409",
1236        "AUTHS-E4410",
1237        "AUTHS-E4411",
1238        "AUTHS-E4501",
1239        "AUTHS-E4502",
1240        "AUTHS-E4503",
1241        "AUTHS-E4504",
1242        "AUTHS-E4505",
1243        "AUTHS-E4506",
1244        "AUTHS-E4507",
1245        "AUTHS-E4508",
1246        "AUTHS-E4509",
1247        "AUTHS-E4510",
1248        "AUTHS-E4601",
1249        "AUTHS-E4602",
1250        "AUTHS-E4603",
1251        "AUTHS-E4604",
1252        "AUTHS-E4605",
1253        "AUTHS-E4606",
1254        "AUTHS-E4607",
1255        "AUTHS-E4701",
1256        "AUTHS-E4702",
1257        "AUTHS-E4703",
1258        "AUTHS-E4704",
1259        "AUTHS-E4705",
1260        "AUTHS-E4706",
1261        "AUTHS-E4707",
1262        "AUTHS-E4708",
1263        "AUTHS-E4801",
1264        "AUTHS-E4802",
1265        "AUTHS-E4803",
1266        "AUTHS-E4804",
1267        "AUTHS-E4805",
1268        "AUTHS-E4806",
1269        "AUTHS-E4807",
1270        "AUTHS-E4851",
1271        "AUTHS-E4852",
1272        "AUTHS-E4853",
1273        "AUTHS-E4861",
1274        "AUTHS-E4862",
1275        "AUTHS-E4863",
1276        "AUTHS-E4864",
1277        "AUTHS-E4865",
1278        "AUTHS-E4866",
1279        "AUTHS-E4867",
1280        "AUTHS-E4868",
1281        "AUTHS-E4869",
1282        "AUTHS-E4870",
1283        "AUTHS-E4871",
1284        "AUTHS-E4872",
1285        "AUTHS-E4873",
1286        "AUTHS-E4874",
1287        "AUTHS-E4875",
1288        "AUTHS-E4876",
1289        "AUTHS-E4877",
1290        "AUTHS-E4901",
1291        "AUTHS-E4902",
1292        "AUTHS-E4903",
1293        "AUTHS-E4904",
1294        "AUTHS-E4905",
1295        "AUTHS-E4951",
1296        "AUTHS-E4952",
1297        "AUTHS-E4953",
1298        "AUTHS-E4954",
1299        "AUTHS-E4955",
1300        "AUTHS-E4956",
1301        "AUTHS-E4957",
1302        "AUTHS-E4961",
1303        "AUTHS-E4962",
1304        "AUTHS-E4963",
1305        "AUTHS-E4964",
1306        "AUTHS-E4965",
1307        "AUTHS-E4971",
1308        "AUTHS-E4972",
1309        "AUTHS-E4973",
1310        "AUTHS-E4981",
1311        "AUTHS-E4982",
1312        "AUTHS-E4991",
1313        "AUTHS-E4992",
1314        "AUTHS-E5001",
1315        "AUTHS-E5002",
1316        "AUTHS-E5004",
1317        "AUTHS-E5006",
1318        "AUTHS-E5007",
1319        "AUTHS-E5101",
1320        "AUTHS-E5102",
1321        "AUTHS-E5103",
1322        "AUTHS-E5105",
1323        "AUTHS-E5201",
1324        "AUTHS-E5202",
1325        "AUTHS-E5203",
1326        "AUTHS-E5204",
1327        "AUTHS-E5301",
1328        "AUTHS-E5302",
1329        "AUTHS-E5303",
1330        "AUTHS-E5304",
1331        "AUTHS-E5305",
1332        "AUTHS-E5306",
1333        "AUTHS-E5401",
1334        "AUTHS-E5402",
1335        "AUTHS-E5403",
1336        "AUTHS-E5404",
1337        "AUTHS-E5405",
1338        "AUTHS-E5406",
1339        "AUTHS-E5501",
1340        "AUTHS-E5502",
1341        "AUTHS-E5503",
1342        "AUTHS-E5504",
1343        "AUTHS-E5551",
1344        "AUTHS-E5552",
1345        "AUTHS-E5553",
1346        "AUTHS-E5554",
1347        "AUTHS-E5601",
1348        "AUTHS-E5602",
1349        "AUTHS-E5603",
1350        "AUTHS-E5604",
1351        "AUTHS-E5605",
1352        "AUTHS-E5606",
1353        "AUTHS-E5607",
1354        "AUTHS-E5608",
1355        "AUTHS-E5609",
1356        "AUTHS-E5610",
1357        "AUTHS-E5701",
1358        "AUTHS-E5702",
1359        "AUTHS-E5703",
1360        "AUTHS-E5704",
1361        "AUTHS-E5705",
1362        "AUTHS-E5706",
1363        "AUTHS-E5850",
1364        "AUTHS-E5851",
1365        "AUTHS-E5852",
1366        "AUTHS-E5853",
1367        "AUTHS-E5854",
1368        "AUTHS-E5855",
1369        "AUTHS-E5901",
1370        "AUTHS-E5902",
1371        "AUTHS-E5903",
1372        "AUTHS-E5904",
1373        "AUTHS-E5905",
1374        "AUTHS-E5906",
1375        "AUTHS-E5907",
1376        "AUTHS-E5908",
1377        "AUTHS-E5909",
1378        "AUTHS-E5910",
1379        "AUTHS-E6001",
1380        "AUTHS-E6002",
1381        "AUTHS-E6003",
1382        "AUTHS-E6004",
1383        "AUTHS-E8001",
1384        "AUTHS-E8002",
1385        "AUTHS-E8003",
1386        "AUTHS-E8004",
1387        "AUTHS-E8005",
1388        "AUTHS-E8006",
1389        "AUTHS-E8007",
1390        "AUTHS-E8008",
1391    ];
1392    CODES
1393}
1394
1395#[cfg(test)]
1396mod tests {
1397    use super::*;
1398
1399    #[test]
1400    fn explain_returns_content_for_known_code() {
1401        assert!(explain("AUTHS-E1001").is_some());
1402    }
1403
1404    #[test]
1405    fn explain_returns_none_for_unknown_code() {
1406        assert!(explain("AUTHS-E9999").is_none());
1407    }
1408
1409    #[test]
1410    fn all_codes_is_sorted() {
1411        let codes = all_codes();
1412        assert!(!codes.is_empty());
1413        for window in codes.windows(2) {
1414            assert!(
1415                window[0] < window[1],
1416                "codes not sorted: {} >= {}",
1417                window[0],
1418                window[1]
1419            );
1420        }
1421    }
1422
1423    #[test]
1424    fn all_codes_count_matches_registry() {
1425        assert_eq!(all_codes().len(), 315);
1426    }
1427}