Skip to main content

auths_cli/errors/
registry.rs

1//! Error code registry — **generated** by `cargo xtask gen-error-docs`.
2//!
3//! Do not edit manually. Re-run the generator after changing any `AuthsErrorInfo` impl:
4//! ```sh
5//! cargo xtask gen-error-docs
6//! ```
7//!
8//! ## Range Allocation
9//!
10//! | Range   | Crate            | Layer |
11//! |---------|------------------|-------|
12//! | E0xxx   | Reserved/meta    | -     |
13//! | E1xxx   | auths-crypto     | 0     |
14//! | E2xxx   | auths-verifier   | 1     |
15//! | E3xxx   | auths-core       | 2     |
16//! | E4xxx   | auths-id         | 3     |
17//! | E5xxx   | auths-sdk        | 3-4   |
18//! | E6xxx   | auths-cli        | 6     |
19
20/// Returns the explanation markdown for a given error code, or `None` if unknown.
21///
22/// Args:
23/// * `code`: An error code string like `"AUTHS-E3001"`.
24#[rustfmt::skip]
25pub fn explain(code: &str) -> Option<&'static str> {
26    match code {
27        // --- auths-crypto (CryptoError) ---
28        "AUTHS-E1001" => Some("# AUTHS-E1001\n\n**Crate:** `auths-crypto`\n\n**Type:** `CryptoError::InvalidSignature`\n\n## Message\n\nInvalid signature\n\n## Suggestion\n\nThe signature does not match the data or public key\n"),
29        "AUTHS-E1002" => Some("# AUTHS-E1002\n\n**Crate:** `auths-crypto`\n\n**Type:** `CryptoError::InvalidKeyLength`\n\n## Message\n\nInvalid public key length: expected {expected}, got {actual}\n"),
30        "AUTHS-E1003" => Some("# AUTHS-E1003\n\n**Crate:** `auths-crypto`\n\n**Type:** `CryptoError::InvalidPrivateKey`\n\n## Message\n\nInvalid private key: {0}\n"),
31        "AUTHS-E1004" => Some("# AUTHS-E1004\n\n**Crate:** `auths-crypto`\n\n**Type:** `CryptoError::OperationFailed`\n\n## Message\n\nCrypto operation failed: {0}\n"),
32        "AUTHS-E1005" => Some("# AUTHS-E1005\n\n**Crate:** `auths-crypto`\n\n**Type:** `CryptoError::UnsupportedTarget`\n\n## Message\n\nOperation not supported on current compilation target\n"),
33
34        // --- auths-crypto (DidKeyError) ---
35        "AUTHS-E1101" => Some("# AUTHS-E1101\n\n**Crate:** `auths-crypto`\n\n**Type:** `DidKeyError::InvalidPrefix`\n\n## Message\n\nDID must start with 'did:key:z', got: {0}\n\n## Suggestion\n\nDID must start with 'did:key:z'\n"),
36        "AUTHS-E1102" => Some("# AUTHS-E1102\n\n**Crate:** `auths-crypto`\n\n**Type:** `DidKeyError::Base58DecodeFailed`\n\n## Message\n\nBase58 decoding failed: {0}\n"),
37        "AUTHS-E1103" => Some("# AUTHS-E1103\n\n**Crate:** `auths-crypto`\n\n**Type:** `DidKeyError::UnsupportedMulticodec`\n\n## Message\n\nUnsupported multicodec: expected Ed25519 [0xED, 0x01] or P-256 [0x80, 0x24]\n\n## Suggestion\n\nSupported key types: Ed25519, P-256 (secp256r1)\n"),
38        "AUTHS-E1104" => Some("# AUTHS-E1104\n\n**Crate:** `auths-crypto`\n\n**Type:** `DidKeyError::InvalidKeyLength`\n\n## Message\n\nInvalid key length: got {0} bytes\n"),
39
40        // --- auths-keri (KeriDecodeError) ---
41        "AUTHS-E1201" => Some("# AUTHS-E1201\n\n**Crate:** `auths-keri`\n\n**Type:** `KeriDecodeError::UnsupportedKeyType`\n\n## Message\n\nUnsupported KERI key type: prefix '{0}'\n"),
42        "AUTHS-E1202" => Some("# AUTHS-E1202\n\n**Crate:** `auths-keri`\n\n**Type:** `KeriDecodeError::EmptyInput`\n\n## Message\n\nMissing KERI prefix: empty string\n\n## Suggestion\n\nProvide a non-empty KERI-encoded key string\n"),
43        "AUTHS-E1203" => Some("# AUTHS-E1203\n\n**Crate:** `auths-keri`\n\n**Type:** `KeriDecodeError::DecodeError`\n\n## Message\n\nBase64url decode failed: {0}\n"),
44        "AUTHS-E1204" => Some("# AUTHS-E1204\n\n**Crate:** `auths-keri`\n\n**Type:** `KeriDecodeError::InvalidLength`\n\n## Message\n\nInvalid key length: expected {expected} bytes, got {actual}\n"),
45
46        // --- auths-crypto (SshKeyError) ---
47        "AUTHS-E1301" => Some("# AUTHS-E1301\n\n**Crate:** `auths-crypto`\n\n**Type:** `SshKeyError::InvalidFormat`\n\n## Message\n\nMalformed or invalid OpenSSH public key: {0}\n\n## Suggestion\n\nCheck that the public key is a valid OpenSSH format\n"),
48        "AUTHS-E1302" => Some("# AUTHS-E1302\n\n**Crate:** `auths-crypto`\n\n**Type:** `SshKeyError::UnsupportedKeyType`\n\n## Message\n\nUnsupported key type: expected ssh-ed25519 or ecdsa-sha2-nistp256\n"),
49
50        // --- auths-verifier (AttestationError) ---
51        "AUTHS-E2001" => Some("# AUTHS-E2001\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::IssuerSignatureFailed`\n\n## Message\n\nIssuer signature verification failed: {0}\n"),
52        "AUTHS-E2002" => Some("# AUTHS-E2002\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::DeviceSignatureFailed`\n\n## Message\n\nDevice signature verification failed: {0}\n\n## Suggestion\n\nVerify the device key matches the attestation\n"),
53        "AUTHS-E2003" => Some("# AUTHS-E2003\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::AttestationExpired`\n\n## Message\n\nAttestation expired on {at}\n\n## Suggestion\n\nRequest a new attestation from the issuer\n"),
54        "AUTHS-E2004" => Some("# AUTHS-E2004\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::AttestationRevoked`\n\n## Message\n\nAttestation revoked\n"),
55        "AUTHS-E2005" => Some("# AUTHS-E2005\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::TimestampInFuture`\n\n## Message\n\nAttestation timestamp {at} is in the future\n\n## Suggestion\n\nCheck system clock synchronization\n"),
56        "AUTHS-E2006" => Some("# AUTHS-E2006\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::MissingCapability`\n\n## Message\n\nMissing required capability: required {required:?}, available {available:?}\n"),
57        "AUTHS-E2007" => Some("# AUTHS-E2007\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::SigningError`\n\n## Message\n\nSigning failed: {0}\n"),
58        "AUTHS-E2008" => Some("# AUTHS-E2008\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::DidResolutionError`\n\n## Message\n\nDID resolution failed: {0}\n\n## Suggestion\n\nCheck that the DID is valid and resolvable\n"),
59        "AUTHS-E2009" => Some("# AUTHS-E2009\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::SerializationError`\n\n## Message\n\nSerialization error: {0}\n"),
60        "AUTHS-E2010" => Some("# AUTHS-E2010\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::InputTooLarge`\n\n## Message\n\nInput too large: {0}\n"),
61        "AUTHS-E2011" => Some("# AUTHS-E2011\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::InvalidInput`\n\n## Message\n\nInvalid input: {0}\n"),
62        "AUTHS-E2012" => Some("# AUTHS-E2012\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::CryptoError`\n\n## Message\n\nCrypto error: {0}\n"),
63        "AUTHS-E2013" => Some("# AUTHS-E2013\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::InternalError`\n\n## Message\n\nInternal error: {0}\n"),
64        "AUTHS-E2014" => Some("# AUTHS-E2014\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::OrgVerificationFailed`\n\n## Message\n\nOrganizational Attestation verification failed: {0}\n"),
65        "AUTHS-E2015" => Some("# AUTHS-E2015\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::OrgAttestationExpired`\n\n## Message\n\nOrganizational Attestation expired\n"),
66        "AUTHS-E2016" => Some("# AUTHS-E2016\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::OrgDidResolutionFailed`\n\n## Message\n\nOrganizational DID resolution failed: {0}\n"),
67        "AUTHS-E2017" => Some("# AUTHS-E2017\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::BundleExpired`\n\n## Message\n\nBundle is {age_secs}s old (max {max_secs}s). Refresh with: auths id export-bundle\n"),
68        "AUTHS-E2018" => Some("# AUTHS-E2018\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::AttestationTooOld`\n\n## Message\n\nAttestation is {age_secs}s old (max {max_secs}s)\n"),
69        "AUTHS-E2019" => Some("# AUTHS-E2019\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::CapabilityEscalation`\n\n## Message\n\nDelegated attestation escalates capability beyond its delegator\n"),
70        "AUTHS-E2020" => Some("# AUTHS-E2020\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::DelegationOutlivesParent`\n\n## Message\n\nDelegated attestation outlives its delegator\n"),
71        "AUTHS-E2021" => Some("# AUTHS-E2021\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::DelegatorRevoked`\n\n## Message\n\nDelegator attestation is revoked\n"),
72        "AUTHS-E2022" => Some("# AUTHS-E2022\n\n**Crate:** `auths-verifier`\n\n**Type:** `AttestationError::DelegatorUnresolved`\n\n## Message\n\nDelegator attestation could not be resolved\n"),
73
74        // --- auths-verifier (CommitVerificationError) ---
75        "AUTHS-E2101" => Some("# AUTHS-E2101\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::UnsignedCommit`\n\n## Message\n\ncommit is unsigned\n\n## Suggestion\n\nSign commits with: git commit -S\n"),
76        "AUTHS-E2102" => Some("# AUTHS-E2102\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::GpgNotSupported`\n\n## Message\n\nGPG signatures not supported, use SSH signing\n\n## Suggestion\n\nConfigure SSH signing: git config gpg.format ssh\n"),
77        "AUTHS-E2103" => Some("# AUTHS-E2103\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::SshSigParseFailed`\n\n## Message\n\nSSHSIG parse failed: {0}\n"),
78        "AUTHS-E2104" => Some("# AUTHS-E2104\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::UnsupportedKeyType`\n\n## Message\n\nunsupported SSH key type: {found}\n"),
79        "AUTHS-E2105" => Some("# AUTHS-E2105\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::NamespaceMismatch`\n\n## Message\n\nnamespace mismatch: expected \\\"{expected}\\\", found \\\"{found}\\\"\n"),
80        "AUTHS-E2106" => Some("# AUTHS-E2106\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::HashAlgorithmUnsupported`\n\n## Message\n\nunsupported hash algorithm: {0}\n"),
81        "AUTHS-E2107" => Some("# AUTHS-E2107\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::SignatureInvalid`\n\n## Message\n\nsignature verification failed\n"),
82        "AUTHS-E2108" => Some("# AUTHS-E2108\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::UnknownSigner`\n\n## Message\n\nsigner key not in allowed keys\n\n## Suggestion\n\nAdd the signer's key to the allowed signers list\n"),
83        "AUTHS-E2109" => Some("# AUTHS-E2109\n\n**Crate:** `auths-verifier`\n\n**Type:** `CommitVerificationError::CommitParseFailed`\n\n## Message\n\ncommit parse failed: {0}\n"),
84
85        // --- auths-core (AgentError) ---
86        "AUTHS-E3001" => Some("# AUTHS-E3001\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::KeyNotFound`\n\n## Message\n\nKey not found\n\n## Suggestion\n\nRun `auths key list` to see available keys\n"),
87        "AUTHS-E3002" => Some("# AUTHS-E3002\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::IncorrectPassphrase`\n\n## Message\n\nIncorrect passphrase\n"),
88        "AUTHS-E3003" => Some("# AUTHS-E3003\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::MissingPassphrase`\n\n## Message\n\nMissing Passphrase\n"),
89        "AUTHS-E3004" => Some("# AUTHS-E3004\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::SecurityError`\n\n## Message\n\nSecurity error: {0}\n"),
90        "AUTHS-E3005" => Some("# AUTHS-E3005\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::CryptoError`\n\n## Message\n\nCrypto error: {0}\n"),
91        "AUTHS-E3006" => Some("# AUTHS-E3006\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::KeyDeserializationError`\n\n## Message\n\nKey deserialization error: {0}\n"),
92        "AUTHS-E3007" => Some("# AUTHS-E3007\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::SigningFailed`\n\n## Message\n\nSigning failed: {0}\n"),
93        "AUTHS-E3008" => Some("# AUTHS-E3008\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::Proto`\n\n## Message\n\nProtocol error: {0}\n"),
94        "AUTHS-E3009" => Some("# AUTHS-E3009\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::IO`\n\n## Message\n\nIO error: {0}\n\n## Suggestion\n\nCheck file permissions and that the filesystem is not read-only\n"),
95        "AUTHS-E3010" => Some("# AUTHS-E3010\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::GitError`\n\n## Message\n\ngit error: {0}\n\n## Suggestion\n\nEnsure you're in a Git repository\n"),
96        "AUTHS-E3011" => Some("# AUTHS-E3011\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::InvalidInput`\n\n## Message\n\nInvalid input: {0}\n\n## Suggestion\n\nCheck the command arguments and try again\n"),
97        "AUTHS-E3012" => Some("# AUTHS-E3012\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::MutexError`\n\n## Message\n\nMutex lock poisoned: {0}\n\n## Suggestion\n\nA concurrency error occurred; restart the operation\n"),
98        "AUTHS-E3013" => Some("# AUTHS-E3013\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::StorageError`\n\n## Message\n\nStorage error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n"),
99        "AUTHS-E3014" => Some("# AUTHS-E3014\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::UserInputCancelled`\n\n## Message\n\nUser input cancelled\n"),
100        "AUTHS-E3015" => Some("# AUTHS-E3015\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::BackendUnavailable`\n\n## Message\n\nKeychain backend unavailable: {backend} - {reason}\n"),
101        "AUTHS-E3016" => Some("# AUTHS-E3016\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::StorageLocked`\n\n## Message\n\nStorage is locked, authentication required\n\n## Suggestion\n\nAuthenticate with your platform keychain\n"),
102        "AUTHS-E3017" => Some("# AUTHS-E3017\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::BackendInitFailed`\n\n## Message\n\nFailed to initialize keychain backend: {backend} - {error}\n"),
103        "AUTHS-E3018" => Some("# AUTHS-E3018\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::CredentialTooLarge`\n\n## Message\n\nCredential too large for backend (max {max_bytes} bytes, got {actual_bytes})\n"),
104        "AUTHS-E3019" => Some("# AUTHS-E3019\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::AgentLocked`\n\n## Message\n\nAgent is locked. Unlock with 'auths agent unlock' or restart the agent.\n"),
105        "AUTHS-E3020" => Some("# AUTHS-E3020\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::WeakPassphrase`\n\n## Message\n\nPassphrase too weak: {0}\n"),
106        "AUTHS-E3021" => Some("# AUTHS-E3021\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::HsmPinLocked`\n\n## Message\n\nHSM PIN is locked — reset required\n\n## Suggestion\n\nReset the HSM PIN using your HSM vendor's admin tools\n"),
107        "AUTHS-E3022" => Some("# AUTHS-E3022\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::HsmDeviceRemoved`\n\n## Message\n\nHSM device removed\n\n## Suggestion\n\nReconnect the HSM device and try again\n"),
108        "AUTHS-E3023" => Some("# AUTHS-E3023\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::HsmSessionExpired`\n\n## Message\n\nHSM session expired\n\n## Suggestion\n\nRetry the operation — a new session will be opened\n"),
109        "AUTHS-E3024" => Some("# AUTHS-E3024\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::HsmUnsupportedMechanism`\n\n## Message\n\nHSM does not support mechanism: {0}\n"),
110        "AUTHS-E3025" => Some("# AUTHS-E3025\n\n**Crate:** `auths-core`\n\n**Type:** `AgentError::HardwareKeyNotExportable`\n\n## Message\n\nOperation '{operation}' requires a software-backed key; hardware-backed keys (e.g. Secure Enclave) cannot export raw material\n"),
111
112        // --- auths-core (TrustError) ---
113        "AUTHS-E3101" => Some("# AUTHS-E3101\n\n**Crate:** `auths-core`\n\n**Type:** `TrustError::Io`\n\n## Message\n\nI/O error: {0}\n\n## Suggestion\n\nCheck disk space and file permissions\n"),
114        "AUTHS-E3102" => Some("# AUTHS-E3102\n\n**Crate:** `auths-core`\n\n**Type:** `TrustError::InvalidData`\n\n## Message\n\n{0}\n"),
115        "AUTHS-E3103" => Some("# AUTHS-E3103\n\n**Crate:** `auths-core`\n\n**Type:** `TrustError::NotFound`\n\n## Message\n\nnot found: {0}\n\n## Suggestion\n\nRun `auths trust list` to see pinned identities\n"),
116        "AUTHS-E3104" => Some("# AUTHS-E3104\n\n**Crate:** `auths-core`\n\n**Type:** `TrustError::Serialization`\n\n## Message\n\nserialization error: {0}\n"),
117        "AUTHS-E3105" => Some("# AUTHS-E3105\n\n**Crate:** `auths-core`\n\n**Type:** `TrustError::AlreadyExists`\n\n## Message\n\nalready exists: {0}\n\n## Suggestion\n\nRun `auths trust list` to see existing entries\n"),
118        "AUTHS-E3106" => Some("# AUTHS-E3106\n\n**Crate:** `auths-core`\n\n**Type:** `TrustError::Lock`\n\n## Message\n\nlock acquisition failed: {0}\n\n## Suggestion\n\nCheck file permissions and try again\n"),
119        "AUTHS-E3107" => Some("# AUTHS-E3107\n\n**Crate:** `auths-core`\n\n**Type:** `TrustError::PolicyRejected`\n\n## Message\n\npolicy rejected: {0}\n\n## Suggestion\n\nRun `auths trust pin` to pin this identity\n"),
120
121        // --- auths-core (PairingError) ---
122        "AUTHS-E3201" => Some("# AUTHS-E3201\n\n**Crate:** `auths-core`\n\n**Type:** `PairingError::Protocol`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nEnsure both devices are running compatible auths versions\n"),
123        "AUTHS-E3202" => Some("# AUTHS-E3202\n\n**Crate:** `auths-core`\n\n**Type:** `PairingError::QrCodeFailed`\n\n## Message\n\nQR code generation failed: {0}\n"),
124        "AUTHS-E3203" => Some("# AUTHS-E3203\n\n**Crate:** `auths-core`\n\n**Type:** `PairingError::RelayError`\n\n## Message\n\nRelay error: {0}\n\n## Suggestion\n\nCheck your internet connection\n"),
125        "AUTHS-E3204" => Some("# AUTHS-E3204\n\n**Crate:** `auths-core`\n\n**Type:** `PairingError::LocalServerError`\n\n## Message\n\nLocal server error: {0}\n"),
126        "AUTHS-E3205" => Some("# AUTHS-E3205\n\n**Crate:** `auths-core`\n\n**Type:** `PairingError::MdnsError`\n\n## Message\n\nmDNS error: {0}\n"),
127        "AUTHS-E3206" => Some("# AUTHS-E3206\n\n**Crate:** `auths-core`\n\n**Type:** `PairingError::NoPeerFound`\n\n## Message\n\nNo peer found on local network\n\n## Suggestion\n\nEnsure both devices are on the same network\n"),
128        "AUTHS-E3207" => Some("# AUTHS-E3207\n\n**Crate:** `auths-core`\n\n**Type:** `PairingError::LanTimeout`\n\n## Message\n\nLAN pairing timed out\n\n## Suggestion\n\nCheck your network and try again\n"),
129
130        // --- auths-core (CryptoError) ---
131        "AUTHS-E3301" => Some("# AUTHS-E3301\n\n**Crate:** `auths-core`\n\n**Type:** `CryptoError::SshKeyConstruction`\n\n## Message\n\nSSH key construction failed: {0}\n"),
132        "AUTHS-E3302" => Some("# AUTHS-E3302\n\n**Crate:** `auths-core`\n\n**Type:** `CryptoError::SigningFailed`\n\n## Message\n\nsigning failed: {0}\n"),
133        "AUTHS-E3303" => Some("# AUTHS-E3303\n\n**Crate:** `auths-core`\n\n**Type:** `CryptoError::PemEncoding`\n\n## Message\n\nPEM encoding failed: {0}\n"),
134        "AUTHS-E3304" => Some("# AUTHS-E3304\n\n**Crate:** `auths-core`\n\n**Type:** `CryptoError::InvalidSeedLength`\n\n## Message\n\ninvalid seed length: expected 32, got {0}\n\n## Suggestion\n\nEnsure the seed is exactly 32 bytes\n"),
135        "AUTHS-E3305" => Some("# AUTHS-E3305\n\n**Crate:** `auths-core`\n\n**Type:** `CryptoError::InvalidKeyFormat`\n\n## Message\n\ninvalid key format: {0}\n\n## Suggestion\n\nCheck that the key file is a valid Ed25519 key\n"),
136
137        // --- auths-keri (WitnessError) ---
138        "AUTHS-E3401" => Some("# AUTHS-E3401\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::Network`\n\n## Message\n\nnetwork error: {0}\n\n## Suggestion\n\nCheck your internet connection\n"),
139        "AUTHS-E3402" => Some("# AUTHS-E3402\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::Duplicity`\n\n## Message\n\nduplicity detected: {0}\n"),
140        "AUTHS-E3403" => Some("# AUTHS-E3403\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::Rejected`\n\n## Message\n\nevent rejected: {reason}\n"),
141        "AUTHS-E3404" => Some("# AUTHS-E3404\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::Timeout`\n\n## Message\n\ntimeout after {0}ms\n\n## Suggestion\n\nCheck witness endpoint availability and retry\n"),
142        "AUTHS-E3405" => Some("# AUTHS-E3405\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::InvalidSignature`\n\n## Message\n\ninvalid receipt signature from witness {witness_id}\n"),
143        "AUTHS-E3406" => Some("# AUTHS-E3406\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::InsufficientReceipts`\n\n## Message\n\ninsufficient receipts: got {got}, need {required}\n\n## Suggestion\n\nEnsure enough witnesses are online\n"),
144        "AUTHS-E3407" => Some("# AUTHS-E3407\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::SaidMismatch`\n\n## Message\n\nreceipt SAID mismatch: expected {expected}, got {got}\n"),
145        "AUTHS-E3408" => Some("# AUTHS-E3408\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::Storage`\n\n## Message\n\nstorage error: {0}\n"),
146        "AUTHS-E3409" => Some("# AUTHS-E3409\n\n**Crate:** `auths-keri`\n\n**Type:** `WitnessError::Serialization`\n\n## Message\n\nserialization error: {0}\n"),
147
148        // --- auths-core (StorageError) ---
149        "AUTHS-E3501" => Some("# AUTHS-E3501\n\n**Crate:** `auths-core`\n\n**Type:** `StorageError::NotFound`\n\n## Message\n\nnot found: {path}\n"),
150        "AUTHS-E3502" => Some("# AUTHS-E3502\n\n**Crate:** `auths-core`\n\n**Type:** `StorageError::AlreadyExists`\n\n## Message\n\nalready exists: {path}\n"),
151        "AUTHS-E3503" => Some("# AUTHS-E3503\n\n**Crate:** `auths-core`\n\n**Type:** `StorageError::CasConflict`\n\n## Message\n\ncompare-and-swap conflict\n"),
152        "AUTHS-E3504" => Some("# AUTHS-E3504\n\n**Crate:** `auths-core`\n\n**Type:** `StorageError::Io`\n\n## Message\n\nstorage I/O error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n"),
153        "AUTHS-E3505" => Some("# AUTHS-E3505\n\n**Crate:** `auths-core`\n\n**Type:** `StorageError::Internal`\n\n## Message\n\ninternal storage error: {0}\n"),
154
155        // --- auths-core (NetworkError) ---
156        "AUTHS-E3601" => Some("# AUTHS-E3601\n\n**Crate:** `auths-core`\n\n**Type:** `NetworkError::Unreachable`\n\n## Message\n\nendpoint unreachable: {endpoint}\n\n## Suggestion\n\nCheck your internet connection\n"),
157        "AUTHS-E3602" => Some("# AUTHS-E3602\n\n**Crate:** `auths-core`\n\n**Type:** `NetworkError::Timeout`\n\n## Message\n\nrequest timed out: {endpoint}\n\n## Suggestion\n\nThe server may be overloaded — retry later\n"),
158        "AUTHS-E3603" => Some("# AUTHS-E3603\n\n**Crate:** `auths-core`\n\n**Type:** `NetworkError::NotFound`\n\n## Message\n\nresource not found: {resource}\n"),
159        "AUTHS-E3604" => Some("# AUTHS-E3604\n\n**Crate:** `auths-core`\n\n**Type:** `NetworkError::Unauthorized`\n\n## Message\n\nunauthorized\n\n## Suggestion\n\nCheck your authentication credentials\n"),
160        "AUTHS-E3605" => Some("# AUTHS-E3605\n\n**Crate:** `auths-core`\n\n**Type:** `NetworkError::InvalidResponse`\n\n## Message\n\ninvalid response: {detail}\n"),
161        "AUTHS-E3606" => Some("# AUTHS-E3606\n\n**Crate:** `auths-core`\n\n**Type:** `NetworkError::Internal`\n\n## Message\n\ninternal network error: {0}\n"),
162
163        // --- auths-core (ResolutionError) ---
164        "AUTHS-E3701" => Some("# AUTHS-E3701\n\n**Crate:** `auths-core`\n\n**Type:** `ResolutionError::DidNotFound`\n\n## Message\n\nDID not found: {did}\n\n## Suggestion\n\nVerify the DID is correct and the identity exists\n"),
165        "AUTHS-E3702" => Some("# AUTHS-E3702\n\n**Crate:** `auths-core`\n\n**Type:** `ResolutionError::InvalidDid`\n\n## Message\n\ninvalid DID {did}: {reason}\n"),
166        "AUTHS-E3703" => Some("# AUTHS-E3703\n\n**Crate:** `auths-core`\n\n**Type:** `ResolutionError::KeyRevoked`\n\n## Message\n\nkey revoked for DID: {did}\n"),
167        "AUTHS-E3704" => Some("# AUTHS-E3704\n\n**Crate:** `auths-core`\n\n**Type:** `ResolutionError::Network`\n\n## Message\n\nnetwork error: {0}\n\n## Suggestion\n\nCheck your internet connection\n"),
168
169        // --- auths-core (PlatformError) ---
170        "AUTHS-E3801" => Some("# AUTHS-E3801\n\n**Crate:** `auths-core`\n\n**Type:** `PlatformError::AuthorizationPending`\n\n## Message\n\nOAuth authorization pending\n"),
171        "AUTHS-E3802" => Some("# AUTHS-E3802\n\n**Crate:** `auths-core`\n\n**Type:** `PlatformError::SlowDown`\n\n## Message\n\nOAuth slow down\n"),
172        "AUTHS-E3803" => Some("# AUTHS-E3803\n\n**Crate:** `auths-core`\n\n**Type:** `PlatformError::AccessDenied`\n\n## Message\n\nOAuth access denied\n\n## Suggestion\n\nRe-run the command and approve the authorization request\n"),
173        "AUTHS-E3804" => Some("# AUTHS-E3804\n\n**Crate:** `auths-core`\n\n**Type:** `PlatformError::ExpiredToken`\n\n## Message\n\ndevice code expired\n\n## Suggestion\n\nThe device code expired — restart the flow\n"),
174        "AUTHS-E3805" => Some("# AUTHS-E3805\n\n**Crate:** `auths-core`\n\n**Type:** `PlatformError::Network`\n\n## Message\n\nnetwork error: {0}\n\n## Suggestion\n\nCheck your internet connection\n"),
175        "AUTHS-E3806" => Some("# AUTHS-E3806\n\n**Crate:** `auths-core`\n\n**Type:** `PlatformError::Platform`\n\n## Message\n\nplatform error: {message}\n"),
176
177        // --- auths-core (SshAgentError) ---
178        "AUTHS-E3901" => Some("# AUTHS-E3901\n\n**Crate:** `auths-core`\n\n**Type:** `SshAgentError::CommandFailed`\n\n## Message\n\nssh-add command failed: {0}\n"),
179        "AUTHS-E3902" => Some("# AUTHS-E3902\n\n**Crate:** `auths-core`\n\n**Type:** `SshAgentError::NotAvailable`\n\n## Message\n\nSSH agent not available: {0}\n\n## Suggestion\n\nStart the SSH agent: eval $(ssh-agent -s)\n"),
180        "AUTHS-E3903" => Some("# AUTHS-E3903\n\n**Crate:** `auths-core`\n\n**Type:** `SshAgentError::IoError`\n\n## Message\n\nI/O error: {0}\n\n## Suggestion\n\nCheck file permissions\n"),
181
182        // --- auths-core (ConfigStoreError) ---
183        "AUTHS-E3951" => Some("# AUTHS-E3951\n\n**Crate:** `auths-core`\n\n**Type:** `ConfigStoreError::Read`\n\n## Message\n\nfailed to read config from {path}\n\n## Suggestion\n\nCheck that ~/.auths/config.toml exists and is readable\n"),
184        "AUTHS-E3952" => Some("# AUTHS-E3952\n\n**Crate:** `auths-core`\n\n**Type:** `ConfigStoreError::Write`\n\n## Message\n\nfailed to write config to {path}\n\n## Suggestion\n\nCheck file permissions for ~/.auths/config.toml\n"),
185
186        // --- auths-core (NamespaceVerifyError) ---
187        "AUTHS-E3961" => Some("# AUTHS-E3961\n\n**Crate:** `auths-core`\n\n**Type:** `NamespaceVerifyError::UnsupportedEcosystem`\n\n## Message\n\nunsupported ecosystem: {ecosystem}\n"),
188        "AUTHS-E3962" => Some("# AUTHS-E3962\n\n**Crate:** `auths-core`\n\n**Type:** `NamespaceVerifyError::PackageNotFound`\n\n## Message\n\npackage '{package_name}' not found in {ecosystem}\n"),
189        "AUTHS-E3963" => Some("# AUTHS-E3963\n\n**Crate:** `auths-core`\n\n**Type:** `NamespaceVerifyError::OwnershipNotConfirmed`\n\n## Message\n\nownership of '{package_name}' on {ecosystem} not confirmed for the given identity\n"),
190        "AUTHS-E3964" => Some("# AUTHS-E3964\n\n**Crate:** `auths-core`\n\n**Type:** `NamespaceVerifyError::ChallengeExpired`\n\n## Message\n\nverification challenge expired\n\n## Suggestion\n\nStart a new verification challenge\n"),
191        "AUTHS-E3965" => Some("# AUTHS-E3965\n\n**Crate:** `auths-core`\n\n**Type:** `NamespaceVerifyError::InvalidToken`\n\n## Message\n\ninvalid verification token: {reason}\n"),
192        "AUTHS-E3966" => Some("# AUTHS-E3966\n\n**Crate:** `auths-core`\n\n**Type:** `NamespaceVerifyError::InvalidPackageName`\n\n## Message\n\ninvalid package name '{name}': {reason}\n"),
193        "AUTHS-E3967" => Some("# AUTHS-E3967\n\n**Crate:** `auths-core`\n\n**Type:** `NamespaceVerifyError::NetworkError`\n\n## Message\n\nverification network error: {message}\n\n## Suggestion\n\nCheck your internet connection and try again\n"),
194        "AUTHS-E3968" => Some("# AUTHS-E3968\n\n**Crate:** `auths-core`\n\n**Type:** `NamespaceVerifyError::RateLimited`\n\n## Message\n\nrate limited by {ecosystem} registry\n\n## Suggestion\n\nWait a moment and retry the verification\n"),
195
196        // --- auths-id (FreezeError) ---
197        "AUTHS-E4001" => Some("# AUTHS-E4001\n\n**Crate:** `auths-id`\n\n**Type:** `FreezeError::Io`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nCheck file permissions and disk space\n"),
198        "AUTHS-E4002" => Some("# AUTHS-E4002\n\n**Crate:** `auths-id`\n\n**Type:** `FreezeError::Deserialization`\n\n## Message\n\nfailed to parse freeze state: {0}\n"),
199        "AUTHS-E4003" => Some("# AUTHS-E4003\n\n**Crate:** `auths-id`\n\n**Type:** `FreezeError::InvalidDuration`\n\n## Message\n\ninvalid duration format: {0}\n"),
200        "AUTHS-E4004" => Some("# AUTHS-E4004\n\n**Crate:** `auths-id`\n\n**Type:** `FreezeError::ZeroDuration`\n\n## Message\n\nduration must be greater than zero\n\n## Suggestion\n\nSpecify a positive duration\n"),
201
202        // --- auths-id (StorageError) ---
203        "AUTHS-E4101" => Some("# AUTHS-E4101\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::Git`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nCheck that the Git repository is not corrupted\n"),
204        "AUTHS-E4102" => Some("# AUTHS-E4102\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::Serialization`\n\n## Message\n\nserialization error: {0}\n"),
205        "AUTHS-E4103" => Some("# AUTHS-E4103\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::Io`\n\n## Message\n\nI/O error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n"),
206        "AUTHS-E4104" => Some("# AUTHS-E4104\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::NotFound`\n\n## Message\n\nnot found: {0}\n\n## Suggestion\n\nVerify the identity or resource exists\n"),
207        "AUTHS-E4105" => Some("# AUTHS-E4105\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::InvalidData`\n\n## Message\n\n{0}\n\n## Suggestion\n\nThe stored data may be corrupted; try re-initializing\n"),
208        "AUTHS-E4106" => Some("# AUTHS-E4106\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::SchemaValidation`\n\n## Message\n\nschema validation failed: {0}\n\n## Suggestion\n\nEnsure data matches the expected schema version\n"),
209        "AUTHS-E4107" => Some("# AUTHS-E4107\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::Index`\n\n## Message\n\nindex error: {0}\n\n## Suggestion\n\nTry rebuilding the index\n"),
210
211        // --- auths-id (InitError) ---
212        "AUTHS-E4201" => Some("# AUTHS-E4201\n\n**Crate:** `auths-id`\n\n**Type:** `InitError::Git`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nCheck that the Git repository is accessible\n"),
213        "AUTHS-E4202" => Some("# AUTHS-E4202\n\n**Crate:** `auths-id`\n\n**Type:** `InitError::Keri`\n\n## Message\n\nKERI operation failed: {0}\n\n## Suggestion\n\nKERI event processing failed; check identity state\n"),
214        "AUTHS-E4203" => Some("# AUTHS-E4203\n\n**Crate:** `auths-id`\n\n**Type:** `InitError::Key`\n\n## Message\n\nkey operation failed: {0}\n\n## Suggestion\n\nCheck keychain access and passphrase\n"),
215        "AUTHS-E4204" => Some("# AUTHS-E4204\n\n**Crate:** `auths-id`\n\n**Type:** `InitError::InvalidData`\n\n## Message\n\n{0}\n"),
216        "AUTHS-E4205" => Some("# AUTHS-E4205\n\n**Crate:** `auths-id`\n\n**Type:** `InitError::Storage`\n\n## Message\n\nstorage operation failed: {0}\n\n## Suggestion\n\nCheck storage backend connectivity\n"),
217        "AUTHS-E4206" => Some("# AUTHS-E4206\n\n**Crate:** `auths-id`\n\n**Type:** `InitError::Registry`\n\n## Message\n\nregistry error: {0}\n\n## Suggestion\n\nCheck registry backend configuration\n"),
218        "AUTHS-E4207" => Some("# AUTHS-E4207\n\n**Crate:** `auths-id`\n\n**Type:** `InitError::Crypto`\n\n## Message\n\ncrypto operation failed: {0}\n"),
219        "AUTHS-E4208" => Some("# AUTHS-E4208\n\n**Crate:** `auths-id`\n\n**Type:** `InitError::Identity`\n\n## Message\n\nidentity error: {0}\n"),
220
221        // --- auths-id (IdentityError) ---
222        "AUTHS-E4401" => Some("# AUTHS-E4401\n\n**Crate:** `auths-id`\n\n**Type:** `IdentityError::Keri`\n\n## Message\n\nKERI error: {0}\n\n## Suggestion\n\nKERI operation failed; check identity state\n"),
223        "AUTHS-E4402" => Some("# AUTHS-E4402\n\n**Crate:** `auths-id`\n\n**Type:** `IdentityError::Pkcs8EncodeError`\n\n## Message\n\nPKCS#8 encoding error: {0}\n"),
224        "AUTHS-E4403" => Some("# AUTHS-E4403\n\n**Crate:** `auths-id`\n\n**Type:** `IdentityError::Pkcs8DecodeError`\n\n## Message\n\nPKCS#8 decoding error: {0}\n\n## Suggestion\n\nThe key may be in an unsupported format\n"),
225        "AUTHS-E4404" => Some("# AUTHS-E4404\n\n**Crate:** `auths-id`\n\n**Type:** `IdentityError::EmptyPassphrase`\n\n## Message\n\nPassphrase required\n\n## Suggestion\n\nProvide a non-empty passphrase\n"),
226        "AUTHS-E4405" => Some("# AUTHS-E4405\n\n**Crate:** `auths-id`\n\n**Type:** `IdentityError::InvalidKeyLength`\n\n## Message\n\nInvalid key length: expected 32, got {0}\n\n## Suggestion\n\nExpected a 32-byte Ed25519 key\n"),
227        "AUTHS-E4406" => Some("# AUTHS-E4406\n\n**Crate:** `auths-id`\n\n**Type:** `IdentityError::KeyStorage`\n\n## Message\n\nKey storage error: {0}\n\n## Suggestion\n\nCheck keychain permissions\n"),
228        "AUTHS-E4407" => Some("# AUTHS-E4407\n\n**Crate:** `auths-id`\n\n**Type:** `IdentityError::KeyRetrieval`\n\n## Message\n\nKey retrieval error: {0}\n\n## Suggestion\n\nCheck that the key alias exists in the keychain\n"),
229        "AUTHS-E4408" => Some("# AUTHS-E4408\n\n**Crate:** `auths-id`\n\n**Type:** `IdentityError::RingError`\n\n## Message\n\nRing crypto error: {0}\n"),
230
231        // --- auths-id (StorageError) ---
232        "AUTHS-E4409" => Some("# AUTHS-E4409\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::NotFound`\n\n## Message\n\n_(transparent — see inner error)_\n\n## Suggestion\n\nVerify the storage path exists and is initialized\n"),
233        "AUTHS-E4410" => Some("# AUTHS-E4410\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::CasConflict`\n\n## Message\n\n_(transparent — see inner error)_\n"),
234        "AUTHS-E4411" => Some("# AUTHS-E4411\n\n**Crate:** `auths-id`\n\n**Type:** `StorageError::Io`\n\n## Message\n\n_(transparent — see inner error)_\n"),
235
236        // --- auths-id (KelError) ---
237        "AUTHS-E4601" => Some("# AUTHS-E4601\n\n**Crate:** `auths-id`\n\n**Type:** `KelError::Git`\n\n## Message\n\nGit error: {0}\n\n## Suggestion\n\nCheck that the Git repository is accessible and not corrupted\n"),
238        "AUTHS-E4602" => Some("# AUTHS-E4602\n\n**Crate:** `auths-id`\n\n**Type:** `KelError::Serialization`\n\n## Message\n\nSerialization error: {0}\n"),
239        "AUTHS-E4603" => Some("# AUTHS-E4603\n\n**Crate:** `auths-id`\n\n**Type:** `KelError::NotFound`\n\n## Message\n\nKEL not found for prefix: {0}\n\n## Suggestion\n\nInitialize the identity first with 'auths init'\n"),
240        "AUTHS-E4604" => Some("# AUTHS-E4604\n\n**Crate:** `auths-id`\n\n**Type:** `KelError::InvalidOperation`\n\n## Message\n\nInvalid operation: {0}\n"),
241        "AUTHS-E4605" => Some("# AUTHS-E4605\n\n**Crate:** `auths-id`\n\n**Type:** `KelError::InvalidData`\n\n## Message\n\nInvalid data: {0}\n\n## Suggestion\n\nThe KEL data may be corrupted; try re-syncing\n"),
242        "AUTHS-E4606" => Some("# AUTHS-E4606\n\n**Crate:** `auths-id`\n\n**Type:** `KelError::ChainIntegrity`\n\n## Message\n\nChain integrity error: {0}\n"),
243        "AUTHS-E4607" => Some("# AUTHS-E4607\n\n**Crate:** `auths-id`\n\n**Type:** `KelError::ValidationFailed`\n\n## Message\n\nValidation failed: {0}\n"),
244
245        // --- auths-id (ResolveError) ---
246        "AUTHS-E4801" => Some("# AUTHS-E4801\n\n**Crate:** `auths-id`\n\n**Type:** `ResolveError::InvalidFormat`\n\n## Message\n\nInvalid DID format: {0}\n\n## Suggestion\n\nUse the format 'did:keri:E<prefix>'\n"),
247        "AUTHS-E4802" => Some("# AUTHS-E4802\n\n**Crate:** `auths-id`\n\n**Type:** `ResolveError::NotFound`\n\n## Message\n\nKEL not found for prefix: {0}\n\n## Suggestion\n\nThe identity does not exist; check the DID prefix\n"),
248        "AUTHS-E4803" => Some("# AUTHS-E4803\n\n**Crate:** `auths-id`\n\n**Type:** `ResolveError::Kel`\n\n## Message\n\nKEL error: {0}\n"),
249        "AUTHS-E4804" => Some("# AUTHS-E4804\n\n**Crate:** `auths-id`\n\n**Type:** `ResolveError::Validation`\n\n## Message\n\nValidation error: {0}\n"),
250        "AUTHS-E4805" => Some("# AUTHS-E4805\n\n**Crate:** `auths-id`\n\n**Type:** `ResolveError::InvalidKeyEncoding`\n\n## Message\n\nInvalid key encoding: {0}\n"),
251        "AUTHS-E4806" => Some("# AUTHS-E4806\n\n**Crate:** `auths-id`\n\n**Type:** `ResolveError::NoCurrentKey`\n\n## Message\n\nNo current key in identity\n\n## Suggestion\n\nThe identity has no active key; it may be abandoned\n"),
252        "AUTHS-E4807" => Some("# AUTHS-E4807\n\n**Crate:** `auths-id`\n\n**Type:** `ResolveError::UnknownKeyType`\n\n## Message\n\nUnknown key type: {0}\n\n## Suggestion\n\nOnly Ed25519 keys (D prefix) are currently supported\n"),
253
254        // --- auths-id (RotationError) ---
255        "AUTHS-E4821" => Some("# AUTHS-E4821\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::Kel`\n\n## Message\n\nKEL error: {0}\n"),
256        "AUTHS-E4822" => Some("# AUTHS-E4822\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::Validation`\n\n## Message\n\nValidation error: {0}\n"),
257        "AUTHS-E4823" => Some("# AUTHS-E4823\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::KeyGeneration`\n\n## Message\n\nKey generation failed: {0}\n"),
258        "AUTHS-E4824" => Some("# AUTHS-E4824\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::InvalidKey`\n\n## Message\n\nInvalid key: {0}\n"),
259        "AUTHS-E4825" => Some("# AUTHS-E4825\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::CommitmentMismatch`\n\n## Message\n\nKey commitment mismatch\n"),
260        "AUTHS-E4826" => Some("# AUTHS-E4826\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::IdentityAbandoned`\n\n## Message\n\nIdentity is abandoned (empty next commitment)\n"),
261        "AUTHS-E4827" => Some("# AUTHS-E4827\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::Serialization`\n\n## Message\n\nSerialization error: {0}\n"),
262        "AUTHS-E4828" => Some("# AUTHS-E4828\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::Storage`\n\n## Message\n\nStorage error: {0}\n"),
263        "AUTHS-E4829" => Some("# AUTHS-E4829\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::RotationFailed`\n\n## Message\n\nRotation failed: {0}\n"),
264        "AUTHS-E4830" => Some("# AUTHS-E4830\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::KeyNotFound`\n\n## Message\n\nKey not found: {0}\n"),
265        "AUTHS-E4831" => Some("# AUTHS-E4831\n\n**Crate:** `auths-id`\n\n**Type:** `RotationError::KeyDecryptionFailed`\n\n## Message\n\nKey decryption failed: {0}\n"),
266
267        // --- auths-id (TenantIdError) ---
268        "AUTHS-E4851" => Some("# AUTHS-E4851\n\n**Crate:** `auths-id`\n\n**Type:** `TenantIdError::InvalidLength`\n\n## Message\n\nmust be 1–64 characters (got {0})\n\n## Suggestion\n\nTenant ID must be between 1 and 64 characters\n"),
269        "AUTHS-E4852" => Some("# AUTHS-E4852\n\n**Crate:** `auths-id`\n\n**Type:** `TenantIdError::InvalidCharacter`\n\n## Message\n\ncontains disallowed character {0:?} (only [a-z0-9_-] allowed)\n"),
270        "AUTHS-E4853" => Some("# AUTHS-E4853\n\n**Crate:** `auths-id`\n\n**Type:** `TenantIdError::Reserved`\n\n## Message\n\n'{0}' is reserved\n\n## Suggestion\n\nChoose a different tenant ID; this name is reserved\n"),
271
272        // --- auths-id (RegistryError) ---
273        "AUTHS-E4861" => Some("# AUTHS-E4861\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::Storage`\n\n## Message\n\nStorage error: {0}\n\n## Suggestion\n\nCheck storage backend connectivity\n"),
274        "AUTHS-E4862" => Some("# AUTHS-E4862\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::InvalidPrefix`\n\n## Message\n\nInvalid prefix '{prefix}': {reason}\n\n## Suggestion\n\nKERI prefixes must start with 'E' (Blake3 SAID)\n"),
275        "AUTHS-E4863" => Some("# AUTHS-E4863\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::InvalidDeviceDid`\n\n## Message\n\nInvalid device DID '{did}': {reason}\n\n## Suggestion\n\nDevice DIDs must be in 'did:key:z...' format\n"),
276        "AUTHS-E4864" => Some("# AUTHS-E4864\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::EventExists`\n\n## Message\n\nEvent already exists: {prefix} seq {seq}\n\n## Suggestion\n\nThis event has already been appended to the KEL\n"),
277        "AUTHS-E4865" => Some("# AUTHS-E4865\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::SequenceGap`\n\n## Message\n\nSequence gap for {prefix}: expected {expected}, got {got}\n\n## Suggestion\n\nEvents must be appended in strict sequence order\n"),
278        "AUTHS-E4866" => Some("# AUTHS-E4866\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::NotFound`\n\n## Message\n\nNot found: {entity_type} '{id}'\n"),
279        "AUTHS-E4867" => Some("# AUTHS-E4867\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::Serialization`\n\n## Message\n\nSerialization error: {0}\n"),
280        "AUTHS-E4868" => Some("# AUTHS-E4868\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::ConcurrentModification`\n\n## Message\n\nConcurrent modification: {0}\n"),
281        "AUTHS-E4869" => Some("# AUTHS-E4869\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::SaidMismatch`\n\n## Message\n\nSAID mismatch: expected {expected}, got {actual}\n\n## Suggestion\n\nThe event content does not match its declared SAID\n"),
282        "AUTHS-E4870" => Some("# AUTHS-E4870\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::InvalidEvent`\n\n## Message\n\nInvalid event: {reason}\n"),
283        "AUTHS-E4871" => Some("# AUTHS-E4871\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::Io`\n\n## Message\n\nI/O error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n"),
284        "AUTHS-E4872" => Some("# AUTHS-E4872\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::Internal`\n\n## Message\n\nInternal error: {0}\n"),
285        "AUTHS-E4873" => Some("# AUTHS-E4873\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::InvalidTenantId`\n\n## Message\n\ninvalid tenant ID '{tenant_id}': {kind}\n"),
286        "AUTHS-E4874" => Some("# AUTHS-E4874\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::Attestation`\n\n## Message\n\nAttestation error: {0}\n"),
287        "AUTHS-E4875" => Some("# AUTHS-E4875\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::StaleAttestation`\n\n## Message\n\nStale attestation: {0}\n"),
288        "AUTHS-E4876" => Some("# AUTHS-E4876\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::NotImplemented`\n\n## Message\n\nNot implemented: {method}\n"),
289        "AUTHS-E4877" => Some("# AUTHS-E4877\n\n**Crate:** `auths-id`\n\n**Type:** `RegistryError::BatchValidationFailed`\n\n## Message\n\nBatch validation failed at index {index}: {source}\n"),
290
291        // --- auths-id (InceptionError) ---
292        "AUTHS-E4901" => Some("# AUTHS-E4901\n\n**Crate:** `auths-id`\n\n**Type:** `InceptionError::KeyGeneration`\n\n## Message\n\nKey generation failed: {0}\n"),
293        "AUTHS-E4902" => Some("# AUTHS-E4902\n\n**Crate:** `auths-id`\n\n**Type:** `InceptionError::Kel`\n\n## Message\n\nKEL error: {0}\n\n## Suggestion\n\nCheck the KEL state; a KEL may already exist for this prefix\n"),
294        "AUTHS-E4903" => Some("# AUTHS-E4903\n\n**Crate:** `auths-id`\n\n**Type:** `InceptionError::Storage`\n\n## Message\n\nStorage error: {0}\n\n## Suggestion\n\nCheck storage backend connectivity\n"),
295        "AUTHS-E4904" => Some("# AUTHS-E4904\n\n**Crate:** `auths-id`\n\n**Type:** `InceptionError::Validation`\n\n## Message\n\nValidation error: {0}\n"),
296        "AUTHS-E4905" => Some("# AUTHS-E4905\n\n**Crate:** `auths-id`\n\n**Type:** `InceptionError::Serialization`\n\n## Message\n\nSerialization error: {0}\n"),
297        "AUTHS-E4906" => Some("# AUTHS-E4906\n\n**Crate:** `auths-id`\n\n**Type:** `InceptionError::InvalidThreshold`\n\n## Message\n\nInvalid threshold {threshold} for key_count={key_count}: {reason}\n"),
298
299        // --- auths-id (IncrementalError) ---
300        "AUTHS-E4951" => Some("# AUTHS-E4951\n\n**Crate:** `auths-id`\n\n**Type:** `IncrementalError::Kel`\n\n## Message\n\nKEL error: {0}\n"),
301        "AUTHS-E4952" => Some("# AUTHS-E4952\n\n**Crate:** `auths-id`\n\n**Type:** `IncrementalError::ChainContinuity`\n\n## Message\n\nChain continuity error: expected previous SAID {expected}, got {actual}\n"),
302        "AUTHS-E4953" => Some("# AUTHS-E4953\n\n**Crate:** `auths-id`\n\n**Type:** `IncrementalError::SequenceError`\n\n## Message\n\nSequence error: expected {expected}, got {actual}\n"),
303        "AUTHS-E4954" => Some("# AUTHS-E4954\n\n**Crate:** `auths-id`\n\n**Type:** `IncrementalError::MalformedSequence`\n\n## Message\n\nMalformed sequence number: {raw:?}\n"),
304        "AUTHS-E4955" => Some("# AUTHS-E4955\n\n**Crate:** `auths-id`\n\n**Type:** `IncrementalError::InvalidEventType`\n\n## Message\n\nInvalid event type in KEL: {0}\n"),
305        "AUTHS-E4956" => Some("# AUTHS-E4956\n\n**Crate:** `auths-id`\n\n**Type:** `IncrementalError::NonLinearHistory`\n\n## Message\n\nKEL history is non-linear: commit {commit} has {parent_count} parents (expected 1)\n"),
306        "AUTHS-E4957" => Some("# AUTHS-E4957\n\n**Crate:** `auths-id`\n\n**Type:** `IncrementalError::MissingParent`\n\n## Message\n\nKEL history is corrupted: commit {commit} has no parent but is not inception\n\n## Suggestion\n\nThe KEL commit history is corrupted\n"),
307
308        // --- auths-id (AnchorError) ---
309        "AUTHS-E4961" => Some("# AUTHS-E4961\n\n**Crate:** `auths-id`\n\n**Type:** `AnchorError::Kel`\n\n## Message\n\nKEL error: {0}\n"),
310        "AUTHS-E4962" => Some("# AUTHS-E4962\n\n**Crate:** `auths-id`\n\n**Type:** `AnchorError::Validation`\n\n## Message\n\nValidation error: {0}\n"),
311        "AUTHS-E4963" => Some("# AUTHS-E4963\n\n**Crate:** `auths-id`\n\n**Type:** `AnchorError::Serialization`\n\n## Message\n\nSerialization error: {0}\n"),
312        "AUTHS-E4964" => Some("# AUTHS-E4964\n\n**Crate:** `auths-id`\n\n**Type:** `AnchorError::InvalidDid`\n\n## Message\n\nInvalid DID format: {0}\n\n## Suggestion\n\nUse the format 'did:keri:E<prefix>'\n"),
313        "AUTHS-E4965" => Some("# AUTHS-E4965\n\n**Crate:** `auths-id`\n\n**Type:** `AnchorError::NotFound`\n\n## Message\n\nKEL not found for prefix: {0}\n\n## Suggestion\n\nInitialize the identity first with 'auths init'\n"),
314        "AUTHS-E4966" => Some("# AUTHS-E4966\n\n**Crate:** `auths-id`\n\n**Type:** `AnchorError::Signing`\n\n## Message\n\nSigning error: {0}\n"),
315        "AUTHS-E4967" => Some("# AUTHS-E4967\n\n**Crate:** `auths-id`\n\n**Type:** `AnchorError::IxnForbidden`\n\n## Message\n\nIdentity cannot emit interaction events: {0}\n"),
316        "AUTHS-E4968" => Some("# AUTHS-E4968\n\n**Crate:** `auths-id`\n\n**Type:** `AnchorError::WitnessQuorumNotMet`\n\n## Message\n\nWitness quorum not met: {0}\n"),
317
318        // --- auths-id (WitnessIntegrationError) ---
319        "AUTHS-E4971" => Some("# AUTHS-E4971\n\n**Crate:** `auths-id`\n\n**Type:** `WitnessIntegrationError::Collection`\n\n## Message\n\nReceipt collection failed: {0}\n"),
320        "AUTHS-E4972" => Some("# AUTHS-E4972\n\n**Crate:** `auths-id`\n\n**Type:** `WitnessIntegrationError::Storage`\n\n## Message\n\nReceipt storage failed: {0}\n\n## Suggestion\n\nCheck storage backend permissions\n"),
321        "AUTHS-E4973" => Some("# AUTHS-E4973\n\n**Crate:** `auths-id`\n\n**Type:** `WitnessIntegrationError::Runtime`\n\n## Message\n\nTokio runtime error: {0}\n"),
322        "AUTHS-E4974" => Some("# AUTHS-E4974\n\n**Crate:** `auths-id`\n\n**Type:** `WitnessIntegrationError::QuorumNotMet`\n\n## Message\n\nwitness quorum not met: {valid} valid receipt(s), need {required}\n"),
323
324        // --- auths-id (CredentialRegistryError) ---
325        "AUTHS-E4981" => Some("# AUTHS-E4981\n\n**Crate:** `auths-id`\n\n**Type:** `CredentialRegistryError::ThresholdUnsupported`\n\n## Message\n\nissuer '{issuer}' is multi-signature (kt≥2); credential registry anchoring is single-author only\n"),
326        "AUTHS-E4982" => Some("# AUTHS-E4982\n\n**Crate:** `auths-id`\n\n**Type:** `CredentialRegistryError::Tel`\n\n## Message\n\nTEL event error: {0}\n"),
327        "AUTHS-E4983" => Some("# AUTHS-E4983\n\n**Crate:** `auths-id`\n\n**Type:** `CredentialRegistryError::Anchor`\n\n## Message\n\nKEL anchoring failed: {0}\n"),
328        "AUTHS-E4984" => Some("# AUTHS-E4984\n\n**Crate:** `auths-id`\n\n**Type:** `CredentialRegistryError::Storage`\n\n## Message\n\nregistry storage error: {0}\n"),
329
330        // --- auths-id (CacheError) ---
331        "AUTHS-E4986" => Some("# AUTHS-E4986\n\n**Crate:** `auths-id`\n\n**Type:** `CacheError::Io`\n\n## Message\n\nI/O error: {0}\n"),
332        "AUTHS-E4987" => Some("# AUTHS-E4987\n\n**Crate:** `auths-id`\n\n**Type:** `CacheError::Json`\n\n## Message\n\nJSON serialization error: {0}\n"),
333
334        // --- auths-id (HookError) ---
335        "AUTHS-E4991" => Some("# AUTHS-E4991\n\n**Crate:** `auths-id`\n\n**Type:** `HookError::Io`\n\n## Message\n\nIO error: {0}\n\n## Suggestion\n\nCheck file permissions on the Git hooks directory\n"),
336        "AUTHS-E4992" => Some("# AUTHS-E4992\n\n**Crate:** `auths-id`\n\n**Type:** `HookError::NotGitRepo`\n\n## Message\n\nNot a Git repository: {0}\n\n## Suggestion\n\nEnsure the path points to a valid Git repository\n"),
337
338        // --- auths-sdk (SetupError) ---
339        "AUTHS-E5001" => Some("# AUTHS-E5001\n\n**Crate:** `auths-sdk`\n\n**Type:** `SetupError::IdentityAlreadyExists`\n\n## Message\n\nidentity already exists: {did}\n"),
340        "AUTHS-E5002" => Some("# AUTHS-E5002\n\n**Crate:** `auths-sdk`\n\n**Type:** `SetupError::KeychainUnavailable`\n\n## Message\n\nkeychain unavailable ({backend}): {reason}\n"),
341        "AUTHS-E5004" => Some("# AUTHS-E5004\n\n**Crate:** `auths-sdk`\n\n**Type:** `SetupError::GitConfigError`\n\n## Message\n\ngit config error: {0}\n"),
342        "AUTHS-E5006" => Some("# AUTHS-E5006\n\n**Crate:** `auths-sdk`\n\n**Type:** `SetupError::PlatformVerificationFailed`\n\n## Message\n\nplatform verification failed: {0}\n"),
343        "AUTHS-E5007" => Some("# AUTHS-E5007\n\n**Crate:** `auths-sdk`\n\n**Type:** `SetupError::InvalidSetupConfig`\n\n## Message\n\ninvalid setup config: {0}\n"),
344        "AUTHS-E5008" => Some("# AUTHS-E5008\n\n**Crate:** `auths-sdk`\n\n**Type:** `SetupError::WeakPassphrase`\n\n## Message\n\npassphrase from {source_name} is too weak: {reason}\n"),
345
346        // --- auths-sdk (DeviceError) ---
347        "AUTHS-E5101" => Some("# AUTHS-E5101\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceError::IdentityNotFound`\n\n## Message\n\nidentity not found: {did}\n\n## Suggestion\n\nRun `auths init` to create an identity first\n"),
348        "AUTHS-E5102" => Some("# AUTHS-E5102\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceError::DeviceNotFound`\n\n## Message\n\ndevice not found: {did}\n\n## Suggestion\n\nRun `auths device list` to see linked devices\n"),
349        "AUTHS-E5103" => Some("# AUTHS-E5103\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceError::AttestationError`\n\n## Message\n\nattestation error: {0}\n"),
350        "AUTHS-E5105" => Some("# AUTHS-E5105\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceError::DeviceDidMismatch`\n\n## Message\n\ndevice DID mismatch: expected {expected}, got {actual}\n\n## Suggestion\n\nCheck that --device matches the key name\n"),
351        "AUTHS-E5106" => Some("# AUTHS-E5106\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceError::DelegationError`\n\n## Message\n\ndevice delegation failed: {0}\n"),
352
353        // --- auths-sdk (DeviceExtensionError) ---
354        "AUTHS-E5201" => Some("# AUTHS-E5201\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceExtensionError::IdentityNotFound`\n\n## Message\n\nidentity not found\n\n## Suggestion\n\nRun `auths init` to create an identity first\n"),
355        "AUTHS-E5202" => Some("# AUTHS-E5202\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceExtensionError::NoAttestationFound`\n\n## Message\n\nno attestation found for device {device_did}\n"),
356        "AUTHS-E5203" => Some("# AUTHS-E5203\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceExtensionError::AlreadyRevoked`\n\n## Message\n\ndevice {device_did} is already revoked\n"),
357        "AUTHS-E5204" => Some("# AUTHS-E5204\n\n**Crate:** `auths-sdk`\n\n**Type:** `DeviceExtensionError::AttestationFailed`\n\n## Message\n\nattestation creation failed: {0}\n"),
358
359        // --- auths-sdk (RotationError) ---
360        "AUTHS-E5301" => Some("# AUTHS-E5301\n\n**Crate:** `auths-sdk`\n\n**Type:** `RotationError::IdentityNotFound`\n\n## Message\n\nidentity not found at {path}\n\n## Suggestion\n\nRun `auths init` to create an identity first\n"),
361        "AUTHS-E5302" => Some("# AUTHS-E5302\n\n**Crate:** `auths-sdk`\n\n**Type:** `RotationError::KeyNotFound`\n\n## Message\n\nkey not found: {0}\n\n## Suggestion\n\nRun `auths key list` to see available keys\n"),
362        "AUTHS-E5303" => Some("# AUTHS-E5303\n\n**Crate:** `auths-sdk`\n\n**Type:** `RotationError::KeyDecryptionFailed`\n\n## Message\n\nkey decryption failed: {0}\n\n## Suggestion\n\nCheck your passphrase and try again\n"),
363        "AUTHS-E5304" => Some("# AUTHS-E5304\n\n**Crate:** `auths-sdk`\n\n**Type:** `RotationError::KelHistoryFailed`\n\n## Message\n\nKEL history error: {0}\n\n## Suggestion\n\nRun `auths doctor` to check KEL integrity\n"),
364        "AUTHS-E5305" => Some("# AUTHS-E5305\n\n**Crate:** `auths-sdk`\n\n**Type:** `RotationError::RotationFailed`\n\n## Message\n\nrotation failed: {0}\n"),
365        "AUTHS-E5306" => Some("# AUTHS-E5306\n\n**Crate:** `auths-sdk`\n\n**Type:** `RotationError::PartialRotation`\n\n## Message\n\nrotation event committed to KEL but keychain write failed — manual recovery required: {0}\n"),
366        "AUTHS-E5307" => Some("# AUTHS-E5307\n\n**Crate:** `auths-sdk`\n\n**Type:** `RotationError::HardwareKeyNotRotatable`\n\n## Message\n\nrotation requires a software-backed key; alias '{alias}' is hardware-backed (Secure Enclave) and cannot export the raw key material rotation needs\n"),
367
368        // --- auths-sdk (AgentError) ---
369        "AUTHS-E5311" => Some("# AUTHS-E5311\n\n**Crate:** `auths-sdk`\n\n**Type:** `AgentError::IdentityNotFound`\n\n## Message\n\nidentity not found: {did}\n"),
370        "AUTHS-E5312" => Some("# AUTHS-E5312\n\n**Crate:** `auths-sdk`\n\n**Type:** `AgentError::AlreadyDelegated`\n\n## Message\n\nan agent key already exists under alias '{alias}'\n"),
371        "AUTHS-E5313" => Some("# AUTHS-E5313\n\n**Crate:** `auths-sdk`\n\n**Type:** `AgentError::DelegationError`\n\n## Message\n\nagent delegation failed: {0}\n"),
372        "AUTHS-E5314" => Some("# AUTHS-E5314\n\n**Crate:** `auths-sdk`\n\n**Type:** `AgentError::AgentNotFound`\n\n## Message\n\nagent not found: {did}\n"),
373        "AUTHS-E5315" => Some("# AUTHS-E5315\n\n**Crate:** `auths-sdk`\n\n**Type:** `AgentError::Revoked`\n\n## Message\n\nagent {did} is revoked\n"),
374        "AUTHS-E5316" => Some("# AUTHS-E5316\n\n**Crate:** `auths-sdk`\n\n**Type:** `AgentError::OutsideDelegatorScope`\n\n## Message\n\nrequested capability '{capability}' exceeds the delegator's scope\n"),
375
376        // --- auths-sdk (RegistrationError) ---
377        "AUTHS-E5401" => Some("# AUTHS-E5401\n\n**Crate:** `auths-sdk`\n\n**Type:** `RegistrationError::AlreadyRegistered`\n\n## Message\n\nidentity already registered at this registry\n"),
378        "AUTHS-E5402" => Some("# AUTHS-E5402\n\n**Crate:** `auths-sdk`\n\n**Type:** `RegistrationError::QuotaExceeded`\n\n## Message\n\nregistration quota exceeded — try again later\n\n## Suggestion\n\nWait a few minutes and try again\n"),
379        "AUTHS-E5403" => Some("# AUTHS-E5403\n\n**Crate:** `auths-sdk`\n\n**Type:** `RegistrationError::InvalidDidFormat`\n\n## Message\n\ninvalid DID format: {did}\n"),
380        "AUTHS-E5404" => Some("# AUTHS-E5404\n\n**Crate:** `auths-sdk`\n\n**Type:** `RegistrationError::IdentityLoadError`\n\n## Message\n\nidentity load error: {0}\n\n## Suggestion\n\nRun `auths doctor` to check local identity data\n"),
381        "AUTHS-E5405" => Some("# AUTHS-E5405\n\n**Crate:** `auths-sdk`\n\n**Type:** `RegistrationError::RegistryReadError`\n\n## Message\n\nregistry read error: {0}\n\n## Suggestion\n\nRun `auths doctor` to check local identity data\n"),
382        "AUTHS-E5406" => Some("# AUTHS-E5406\n\n**Crate:** `auths-sdk`\n\n**Type:** `RegistrationError::SerializationError`\n\n## Message\n\nserialization error: {0}\n\n## Suggestion\n\nRun `auths doctor` to check local identity data\n"),
383
384        // --- auths-sdk (McpAuthError) ---
385        "AUTHS-E5501" => Some("# AUTHS-E5501\n\n**Crate:** `auths-sdk`\n\n**Type:** `McpAuthError::BridgeUnreachable`\n\n## Message\n\nbridge unreachable: {0}\n\n## Suggestion\n\nCheck network connectivity to the OIDC bridge\n"),
386        "AUTHS-E5502" => Some("# AUTHS-E5502\n\n**Crate:** `auths-sdk`\n\n**Type:** `McpAuthError::TokenExchangeFailed`\n\n## Message\n\ntoken exchange failed (HTTP {status}): {body}\n\n## Suggestion\n\nVerify your credentials and try again\n"),
387        "AUTHS-E5503" => Some("# AUTHS-E5503\n\n**Crate:** `auths-sdk`\n\n**Type:** `McpAuthError::InvalidResponse`\n\n## Message\n\ninvalid response: {0}\n"),
388        "AUTHS-E5504" => Some("# AUTHS-E5504\n\n**Crate:** `auths-sdk`\n\n**Type:** `McpAuthError::InsufficientCapabilities`\n\n## Message\n\ninsufficient capabilities: requested {requested:?}\n"),
389
390        // --- auths-sdk (TrustError) ---
391        "AUTHS-E5551" => Some("# AUTHS-E5551\n\n**Crate:** `auths-sdk`\n\n**Type:** `TrustError::UnknownIdentity`\n\n## Message\n\nUnknown identity '{did}' and trust policy is '{policy}'\n"),
392        "AUTHS-E5552" => Some("# AUTHS-E5552\n\n**Crate:** `auths-sdk`\n\n**Type:** `TrustError::KeyResolutionFailed`\n\n## Message\n\nFailed to resolve public key for identity {did}\n"),
393        "AUTHS-E5553" => Some("# AUTHS-E5553\n\n**Crate:** `auths-sdk`\n\n**Type:** `TrustError::InvalidTrustStore`\n\n## Message\n\nInvalid trust store: {0}\n"),
394        "AUTHS-E5554" => Some("# AUTHS-E5554\n\n**Crate:** `auths-sdk`\n\n**Type:** `TrustError::TofuRequiresInteraction`\n\n## Message\n\nTOFU trust decision required but running in non-interactive mode\n"),
395
396        // --- auths-sdk (OrgError) ---
397        "AUTHS-E5601" => Some("# AUTHS-E5601\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::AdminNotFound`\n\n## Message\n\nno admin with the given public key found in organization '{org}'\n"),
398        "AUTHS-E5602" => Some("# AUTHS-E5602\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::MemberNotFound`\n\n## Message\n\nmember '{did}' not found in organization '{org}'\n"),
399        "AUTHS-E5603" => Some("# AUTHS-E5603\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::AlreadyRevoked`\n\n## Message\n\nmember '{did}' is already revoked\n"),
400        "AUTHS-E5604" => Some("# AUTHS-E5604\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::InvalidCapability`\n\n## Message\n\ninvalid capability '{cap}': {reason}\n"),
401        "AUTHS-E5605" => Some("# AUTHS-E5605\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::InvalidDid`\n\n## Message\n\ninvalid organization DID: {0}\n\n## Suggestion\n\nOrganization DIDs must be valid did:keri identifiers\n"),
402        "AUTHS-E5606" => Some("# AUTHS-E5606\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::InvalidPublicKey`\n\n## Message\n\ninvalid public key: {0}\n\n## Suggestion\n\nPublic keys must be hex-encoded Ed25519 keys\n"),
403        "AUTHS-E5607" => Some("# AUTHS-E5607\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::Signing`\n\n## Message\n\nsigning error: {0}\n"),
404        "AUTHS-E5608" => Some("# AUTHS-E5608\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::Identity`\n\n## Message\n\nidentity error: {0}\n"),
405        "AUTHS-E5609" => Some("# AUTHS-E5609\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::KeyStorage`\n\n## Message\n\nkey storage error: {0}\n"),
406        "AUTHS-E5610" => Some("# AUTHS-E5610\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::Storage`\n\n## Message\n\nstorage error: {0}\n"),
407        "AUTHS-E5611" => Some("# AUTHS-E5611\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::Anchor`\n\n## Message\n\nanchor error: {0}\n\n## Suggestion\n\nKEL anchoring failed; check identity and registry state\n"),
408        "AUTHS-E5612" => Some("# AUTHS-E5612\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::OrgThresholdDelegationUnsupported`\n\n## Message\n\norganization '{org}' uses a multi-signature controller (kt≥2); KERI-native member delegation requires a single-signature (kt=1) org\n"),
409        "AUTHS-E5613" => Some("# AUTHS-E5613\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::MemberKeyExists`\n\n## Message\n\na member key already exists under alias '{alias}'\n"),
410        "AUTHS-E5614" => Some("# AUTHS-E5614\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::Delegation`\n\n## Message\n\nmember delegation failed: {0}\n"),
411        "AUTHS-E5615" => Some("# AUTHS-E5615\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::IdentityExists`\n\n## Message\n\nan identity already exists at {location}; refusing to create an organization over it\n"),
412        "AUTHS-E5616" => Some("# AUTHS-E5616\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::IdentityInit`\n\n## Message\n\nfailed to initialize organization identity: {0}\n"),
413        "AUTHS-E5617" => Some("# AUTHS-E5617\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::Attestation`\n\n## Message\n\nfailed to create admin attestation: {0}\n"),
414        "AUTHS-E5618" => Some("# AUTHS-E5618\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::MemberNotDelegable`\n\n## Message\n\nmember '{did}' is not a delegated identifier of organization '{org}'\n"),
415        "AUTHS-E5619" => Some("# AUTHS-E5619\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::BundleIntegrity`\n\n## Message\n\nbundle integrity failure for '{id}': {reason}\n"),
416        "AUTHS-E5620" => Some("# AUTHS-E5620\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::BundleMissingMemberKel`\n\n## Message\n\nbundle is missing the KEL for delegated member '{member}'\n"),
417        "AUTHS-E5621" => Some("# AUTHS-E5621\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::BundleMissingDelegatorSeal`\n\n## Message\n\nmember '{member}' has no delegation seal in the org KEL\n"),
418        "AUTHS-E5622" => Some("# AUTHS-E5622\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::PolicyCompile`\n\n## Message\n\ninvalid org policy: {reason}\n"),
419        "AUTHS-E5623" => Some("# AUTHS-E5623\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::PolicyBlobMissing`\n\n## Message\n\norg policy blob for hash '{hash}' is missing from storage\n"),
420        "AUTHS-E5624" => Some("# AUTHS-E5624\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::PolicyIntegrity`\n\n## Message\n\norg policy integrity failure: KEL committed hash '{expected}' but the stored blob hashes to '{actual}'\n"),
421        "AUTHS-E5625" => Some("# AUTHS-E5625\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::ChainCycle`\n\n## Message\n\ndelegation chain cycle detected at '{did}'\n"),
422        "AUTHS-E5626" => Some("# AUTHS-E5626\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::ChainTooDeep`\n\n## Message\n\ndelegation chain exceeds the maximum depth of {max} hops\n"),
423        "AUTHS-E5627" => Some("# AUTHS-E5627\n\n**Crate:** `auths-sdk`\n\n**Type:** `OrgError::ChainBrokenHop`\n\n## Message\n\ndelegation chain is broken: no KEL found for '{did}'\n"),
424
425        // --- auths-sdk (ApprovalError) ---
426        "AUTHS-E5701" => Some("# AUTHS-E5701\n\n**Crate:** `auths-sdk`\n\n**Type:** `ApprovalError::NotApprovalRequired`\n\n## Message\n\ndecision is not RequiresApproval\n"),
427        "AUTHS-E5702" => Some("# AUTHS-E5702\n\n**Crate:** `auths-sdk`\n\n**Type:** `ApprovalError::RequestNotFound`\n\n## Message\n\napproval request not found: {hash}\n"),
428        "AUTHS-E5703" => Some("# AUTHS-E5703\n\n**Crate:** `auths-sdk`\n\n**Type:** `ApprovalError::RequestExpired`\n\n## Message\n\napproval request expired at {expires_at}\n\n## Suggestion\n\nSubmit a new approval request\n"),
429        "AUTHS-E5704" => Some("# AUTHS-E5704\n\n**Crate:** `auths-sdk`\n\n**Type:** `ApprovalError::ApprovalAlreadyUsed`\n\n## Message\n\napproval already used (JTI: {jti})\n\n## Suggestion\n\nSubmit a new approval request\n"),
430        "AUTHS-E5705" => Some("# AUTHS-E5705\n\n**Crate:** `auths-sdk`\n\n**Type:** `ApprovalError::PartialApproval`\n\n## Message\n\napproval partially applied — attestation stored but nonce/cleanup failed: {0}\n\n## Suggestion\n\nCheck approval status and retry if needed\n"),
431        "AUTHS-E5706" => Some("# AUTHS-E5706\n\n**Crate:** `auths-sdk`\n\n**Type:** `ApprovalError::ApprovalStorage`\n\n## Message\n\nstorage error: {0}\n\n## Suggestion\n\nCheck file permissions and disk space\n"),
432
433        // --- auths-sdk (ArtifactSigningError) ---
434        "AUTHS-E5850" => Some("# AUTHS-E5850\n\n**Crate:** `auths-sdk`\n\n**Type:** `ArtifactSigningError::IdentityNotFound`\n\n## Message\n\nidentity not found in configured identity storage\n"),
435        "AUTHS-E5851" => Some("# AUTHS-E5851\n\n**Crate:** `auths-sdk`\n\n**Type:** `ArtifactSigningError::KeyResolutionFailed`\n\n## Message\n\nkey resolution failed: {0}\n"),
436        "AUTHS-E5852" => Some("# AUTHS-E5852\n\n**Crate:** `auths-sdk`\n\n**Type:** `ArtifactSigningError::KeyDecryptionFailed`\n\n## Message\n\nkey decryption failed: {0}\n\n## Suggestion\n\nCheck your passphrase and try again\n"),
437        "AUTHS-E5853" => Some("# AUTHS-E5853\n\n**Crate:** `auths-sdk`\n\n**Type:** `ArtifactSigningError::DigestFailed`\n\n## Message\n\ndigest computation failed: {0}\n\n## Suggestion\n\nVerify the file exists and is readable\n"),
438        "AUTHS-E5854" => Some("# AUTHS-E5854\n\n**Crate:** `auths-sdk`\n\n**Type:** `ArtifactSigningError::AttestationFailed`\n\n## Message\n\nattestation creation failed: {0}\n\n## Suggestion\n\nCheck identity storage with `auths status`\n"),
439        "AUTHS-E5855" => Some("# AUTHS-E5855\n\n**Crate:** `auths-sdk`\n\n**Type:** `ArtifactSigningError::ResignFailed`\n\n## Message\n\nattestation re-signing failed: {0}\n"),
440        "AUTHS-E5856" => Some("# AUTHS-E5856\n\n**Crate:** `auths-sdk`\n\n**Type:** `ArtifactSigningError::InvalidCommitSha`\n\n## Message\n\ninvalid commit SHA: {0} (expected 40 or 64 hex characters)\n"),
441
442        // --- auths-sdk (SigningError) ---
443        "AUTHS-E5901" => Some("# AUTHS-E5901\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::IdentityFrozen`\n\n## Message\n\nidentity is frozen: {0}\n\n## Suggestion\n\nTo unfreeze: auths emergency unfreeze\n"),
444        "AUTHS-E5902" => Some("# AUTHS-E5902\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::KeyResolution`\n\n## Message\n\nkey resolution failed: {0}\n\n## Suggestion\n\nRun `auths key list` to check available keys\n"),
445        "AUTHS-E5903" => Some("# AUTHS-E5903\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::SigningFailed`\n\n## Message\n\nsigning operation failed: {0}\n"),
446        "AUTHS-E5904" => Some("# AUTHS-E5904\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::InvalidPassphrase`\n\n## Message\n\ninvalid passphrase\n\n## Suggestion\n\nCheck your passphrase and try again\n"),
447        "AUTHS-E5905" => Some("# AUTHS-E5905\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::PemEncoding`\n\n## Message\n\nPEM encoding failed: {0}\n"),
448        "AUTHS-E5906" => Some("# AUTHS-E5906\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::AgentUnavailable`\n\n## Message\n\nagent unavailable: {0}\n\n## Suggestion\n\nStart the agent with `auths agent start`\n"),
449        "AUTHS-E5907" => Some("# AUTHS-E5907\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::AgentSigningFailed`\n\n## Message\n\nagent signing failed\n\n## Suggestion\n\nCheck agent logs with `auths agent status`\n"),
450        "AUTHS-E5908" => Some("# AUTHS-E5908\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::PassphraseExhausted`\n\n## Message\n\npassphrase exhausted after {attempts} attempt(s)\n"),
451        "AUTHS-E5909" => Some("# AUTHS-E5909\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::KeychainUnavailable`\n\n## Message\n\nkeychain unavailable: {0}\n\n## Suggestion\n\nRun `auths doctor` to diagnose keychain issues\n"),
452        "AUTHS-E5910" => Some("# AUTHS-E5910\n\n**Crate:** `auths-sdk`\n\n**Type:** `SigningError::KeyDecryptionFailed`\n\n## Message\n\nkey decryption failed: {0}\n\n## Suggestion\n\nCheck your passphrase and try again\n"),
453
454        // --- auths-sdk (AuthChallengeError) ---
455        "AUTHS-E6001" => Some("# AUTHS-E6001\n\n**Crate:** `auths-sdk`\n\n**Type:** `AuthChallengeError::EmptyNonce`\n\n## Message\n\nnonce must not be empty\n\n## Suggestion\n\nProvide the nonce from the authentication challenge\n"),
456        "AUTHS-E6002" => Some("# AUTHS-E6002\n\n**Crate:** `auths-sdk`\n\n**Type:** `AuthChallengeError::EmptyDomain`\n\n## Message\n\ndomain must not be empty\n\n## Suggestion\n\nProvide the domain (e.g. auths.dev)\n"),
457        "AUTHS-E6003" => Some("# AUTHS-E6003\n\n**Crate:** `auths-sdk`\n\n**Type:** `AuthChallengeError::Canonicalization`\n\n## Message\n\ncanonical JSON serialization failed: {0}\n"),
458
459        // --- auths-sdk (CredentialError) ---
460        "AUTHS-E6101" => Some("# AUTHS-E6101\n\n**Crate:** `auths-sdk`\n\n**Type:** `CredentialError::IssueeNotFound`\n\n## Message\n\nissuee identity not found (no KEL): {did}\n"),
461        "AUTHS-E6102" => Some("# AUTHS-E6102\n\n**Crate:** `auths-sdk`\n\n**Type:** `CredentialError::RegistryError`\n\n## Message\n\ncredential registry error: {0}\n"),
462        "AUTHS-E6103" => Some("# AUTHS-E6103\n\n**Crate:** `auths-sdk`\n\n**Type:** `CredentialError::AlreadyRevoked`\n\n## Message\n\ncredential already revoked: {said}\n"),
463        "AUTHS-E6104" => Some("# AUTHS-E6104\n\n**Crate:** `auths-sdk`\n\n**Type:** `CredentialError::KtThresholdUnsupported`\n\n## Message\n\nissuer is multi-signature (kt≥2); credential anchoring is single-author only\n"),
464        "AUTHS-E6105" => Some("# AUTHS-E6105\n\n**Crate:** `auths-sdk`\n\n**Type:** `CredentialError::SchemaUnknown`\n\n## Message\n\ncapability schema unknown or uncomputable\n"),
465        "AUTHS-E6106" => Some("# AUTHS-E6106\n\n**Crate:** `auths-sdk`\n\n**Type:** `CredentialError::StaleOrUnresolvable`\n\n## Message\n\ncredential status is stale or unresolvable: {reason}\n"),
466
467        // --- auths-oidc-port (OidcError) ---
468        "AUTHS-E8001" => Some("# AUTHS-E8001\n\n**Crate:** `auths-oidc-port`\n\n**Type:** `OidcError::JwtDecode`\n\n## Message\n\nJWT decode failed: {0}\n"),
469        "AUTHS-E8002" => Some("# AUTHS-E8002\n\n**Crate:** `auths-oidc-port`\n\n**Type:** `OidcError::SignatureVerificationFailed`\n\n## Message\n\nsignature verification failed\n"),
470        "AUTHS-E8003" => Some("# AUTHS-E8003\n\n**Crate:** `auths-oidc-port`\n\n**Type:** `OidcError::ClaimsValidationFailed`\n\n## Message\n\nclaim validation failed - {claim}: {reason}\n"),
471        "AUTHS-E8004" => Some("# AUTHS-E8004\n\n**Crate:** `auths-oidc-port`\n\n**Type:** `OidcError::UnknownKeyId`\n\n## Message\n\nunknown key ID: {0}\n"),
472        "AUTHS-E8005" => Some("# AUTHS-E8005\n\n**Crate:** `auths-oidc-port`\n\n**Type:** `OidcError::JwksResolutionFailed`\n\n## Message\n\nJWKS resolution failed: {0}\n"),
473        "AUTHS-E8006" => Some("# AUTHS-E8006\n\n**Crate:** `auths-oidc-port`\n\n**Type:** `OidcError::AlgorithmMismatch`\n\n## Message\n\nalgorithm mismatch: expected {expected}, got {got}\n"),
474        "AUTHS-E8007" => Some("# AUTHS-E8007\n\n**Crate:** `auths-oidc-port`\n\n**Type:** `OidcError::ClockSkewExceeded`\n\n## Message\n\ntoken expired (exp: {token_exp}, now: {current_time}, leeway: {leeway}s)\n"),
475        "AUTHS-E8008" => Some("# AUTHS-E8008\n\n**Crate:** `auths-oidc-port`\n\n**Type:** `OidcError::TokenReplayDetected`\n\n## Message\n\ntoken replay detected (jti: {0})\n"),
476
477        // --- auths-core (LogError) ---
478        "AUTHS-E9001" => Some("# AUTHS-E9001\n\n**Crate:** `auths-core`\n\n**Type:** `LogError::SubmissionRejected`\n\n## Message\n\nsubmission rejected: {reason}\n"),
479        "AUTHS-E9002" => Some("# AUTHS-E9002\n\n**Crate:** `auths-core`\n\n**Type:** `LogError::NetworkError`\n\n## Message\n\nnetwork error: {0}\n\n## Suggestion\n\nCheck your internet connection and the log's API URL\n"),
480        "AUTHS-E9003" => Some("# AUTHS-E9003\n\n**Crate:** `auths-core`\n\n**Type:** `LogError::RateLimited`\n\n## Message\n\nrate limited, retry after {retry_after_secs}s\n\n## Suggestion\n\nWait and retry; the log is rate-limiting requests\n"),
481        "AUTHS-E9004" => Some("# AUTHS-E9004\n\n**Crate:** `auths-core`\n\n**Type:** `LogError::InvalidResponse`\n\n## Message\n\ninvalid response: {0}\n"),
482        "AUTHS-E9005" => Some("# AUTHS-E9005\n\n**Crate:** `auths-core`\n\n**Type:** `LogError::EntryNotFound`\n\n## Message\n\nentry not found\n\n## Suggestion\n\nThe entry may not be sequenced yet; retry after a moment\n"),
483        "AUTHS-E9006" => Some("# AUTHS-E9006\n\n**Crate:** `auths-core`\n\n**Type:** `LogError::ConsistencyViolation`\n\n## Message\n\nconsistency violation: {0}\n"),
484        "AUTHS-E9007" => Some("# AUTHS-E9007\n\n**Crate:** `auths-core`\n\n**Type:** `LogError::Unavailable`\n\n## Message\n\nlog unavailable: {0}\n"),
485
486        _ => None,
487    }
488}
489
490/// Returns a sorted slice of all registered error codes.
491#[rustfmt::skip]
492pub fn all_codes() -> &'static [&'static str] {
493    static CODES: &[&str] = &[
494        "AUTHS-E1001",
495        "AUTHS-E1002",
496        "AUTHS-E1003",
497        "AUTHS-E1004",
498        "AUTHS-E1005",
499        "AUTHS-E1101",
500        "AUTHS-E1102",
501        "AUTHS-E1103",
502        "AUTHS-E1104",
503        "AUTHS-E1201",
504        "AUTHS-E1202",
505        "AUTHS-E1203",
506        "AUTHS-E1204",
507        "AUTHS-E1301",
508        "AUTHS-E1302",
509        "AUTHS-E2001",
510        "AUTHS-E2002",
511        "AUTHS-E2003",
512        "AUTHS-E2004",
513        "AUTHS-E2005",
514        "AUTHS-E2006",
515        "AUTHS-E2007",
516        "AUTHS-E2008",
517        "AUTHS-E2009",
518        "AUTHS-E2010",
519        "AUTHS-E2011",
520        "AUTHS-E2012",
521        "AUTHS-E2013",
522        "AUTHS-E2014",
523        "AUTHS-E2015",
524        "AUTHS-E2016",
525        "AUTHS-E2017",
526        "AUTHS-E2018",
527        "AUTHS-E2019",
528        "AUTHS-E2020",
529        "AUTHS-E2021",
530        "AUTHS-E2022",
531        "AUTHS-E2101",
532        "AUTHS-E2102",
533        "AUTHS-E2103",
534        "AUTHS-E2104",
535        "AUTHS-E2105",
536        "AUTHS-E2106",
537        "AUTHS-E2107",
538        "AUTHS-E2108",
539        "AUTHS-E2109",
540        "AUTHS-E3001",
541        "AUTHS-E3002",
542        "AUTHS-E3003",
543        "AUTHS-E3004",
544        "AUTHS-E3005",
545        "AUTHS-E3006",
546        "AUTHS-E3007",
547        "AUTHS-E3008",
548        "AUTHS-E3009",
549        "AUTHS-E3010",
550        "AUTHS-E3011",
551        "AUTHS-E3012",
552        "AUTHS-E3013",
553        "AUTHS-E3014",
554        "AUTHS-E3015",
555        "AUTHS-E3016",
556        "AUTHS-E3017",
557        "AUTHS-E3018",
558        "AUTHS-E3019",
559        "AUTHS-E3020",
560        "AUTHS-E3021",
561        "AUTHS-E3022",
562        "AUTHS-E3023",
563        "AUTHS-E3024",
564        "AUTHS-E3025",
565        "AUTHS-E3101",
566        "AUTHS-E3102",
567        "AUTHS-E3103",
568        "AUTHS-E3104",
569        "AUTHS-E3105",
570        "AUTHS-E3106",
571        "AUTHS-E3107",
572        "AUTHS-E3201",
573        "AUTHS-E3202",
574        "AUTHS-E3203",
575        "AUTHS-E3204",
576        "AUTHS-E3205",
577        "AUTHS-E3206",
578        "AUTHS-E3207",
579        "AUTHS-E3301",
580        "AUTHS-E3302",
581        "AUTHS-E3303",
582        "AUTHS-E3304",
583        "AUTHS-E3305",
584        "AUTHS-E3401",
585        "AUTHS-E3402",
586        "AUTHS-E3403",
587        "AUTHS-E3404",
588        "AUTHS-E3405",
589        "AUTHS-E3406",
590        "AUTHS-E3407",
591        "AUTHS-E3408",
592        "AUTHS-E3409",
593        "AUTHS-E3501",
594        "AUTHS-E3502",
595        "AUTHS-E3503",
596        "AUTHS-E3504",
597        "AUTHS-E3505",
598        "AUTHS-E3601",
599        "AUTHS-E3602",
600        "AUTHS-E3603",
601        "AUTHS-E3604",
602        "AUTHS-E3605",
603        "AUTHS-E3606",
604        "AUTHS-E3701",
605        "AUTHS-E3702",
606        "AUTHS-E3703",
607        "AUTHS-E3704",
608        "AUTHS-E3801",
609        "AUTHS-E3802",
610        "AUTHS-E3803",
611        "AUTHS-E3804",
612        "AUTHS-E3805",
613        "AUTHS-E3806",
614        "AUTHS-E3901",
615        "AUTHS-E3902",
616        "AUTHS-E3903",
617        "AUTHS-E3951",
618        "AUTHS-E3952",
619        "AUTHS-E3961",
620        "AUTHS-E3962",
621        "AUTHS-E3963",
622        "AUTHS-E3964",
623        "AUTHS-E3965",
624        "AUTHS-E3966",
625        "AUTHS-E3967",
626        "AUTHS-E3968",
627        "AUTHS-E4001",
628        "AUTHS-E4002",
629        "AUTHS-E4003",
630        "AUTHS-E4004",
631        "AUTHS-E4101",
632        "AUTHS-E4102",
633        "AUTHS-E4103",
634        "AUTHS-E4104",
635        "AUTHS-E4105",
636        "AUTHS-E4106",
637        "AUTHS-E4107",
638        "AUTHS-E4201",
639        "AUTHS-E4202",
640        "AUTHS-E4203",
641        "AUTHS-E4204",
642        "AUTHS-E4205",
643        "AUTHS-E4206",
644        "AUTHS-E4207",
645        "AUTHS-E4208",
646        "AUTHS-E4401",
647        "AUTHS-E4402",
648        "AUTHS-E4403",
649        "AUTHS-E4404",
650        "AUTHS-E4405",
651        "AUTHS-E4406",
652        "AUTHS-E4407",
653        "AUTHS-E4408",
654        "AUTHS-E4409",
655        "AUTHS-E4410",
656        "AUTHS-E4411",
657        "AUTHS-E4601",
658        "AUTHS-E4602",
659        "AUTHS-E4603",
660        "AUTHS-E4604",
661        "AUTHS-E4605",
662        "AUTHS-E4606",
663        "AUTHS-E4607",
664        "AUTHS-E4801",
665        "AUTHS-E4802",
666        "AUTHS-E4803",
667        "AUTHS-E4804",
668        "AUTHS-E4805",
669        "AUTHS-E4806",
670        "AUTHS-E4807",
671        "AUTHS-E4821",
672        "AUTHS-E4822",
673        "AUTHS-E4823",
674        "AUTHS-E4824",
675        "AUTHS-E4825",
676        "AUTHS-E4826",
677        "AUTHS-E4827",
678        "AUTHS-E4828",
679        "AUTHS-E4829",
680        "AUTHS-E4830",
681        "AUTHS-E4831",
682        "AUTHS-E4851",
683        "AUTHS-E4852",
684        "AUTHS-E4853",
685        "AUTHS-E4861",
686        "AUTHS-E4862",
687        "AUTHS-E4863",
688        "AUTHS-E4864",
689        "AUTHS-E4865",
690        "AUTHS-E4866",
691        "AUTHS-E4867",
692        "AUTHS-E4868",
693        "AUTHS-E4869",
694        "AUTHS-E4870",
695        "AUTHS-E4871",
696        "AUTHS-E4872",
697        "AUTHS-E4873",
698        "AUTHS-E4874",
699        "AUTHS-E4875",
700        "AUTHS-E4876",
701        "AUTHS-E4877",
702        "AUTHS-E4901",
703        "AUTHS-E4902",
704        "AUTHS-E4903",
705        "AUTHS-E4904",
706        "AUTHS-E4905",
707        "AUTHS-E4906",
708        "AUTHS-E4951",
709        "AUTHS-E4952",
710        "AUTHS-E4953",
711        "AUTHS-E4954",
712        "AUTHS-E4955",
713        "AUTHS-E4956",
714        "AUTHS-E4957",
715        "AUTHS-E4961",
716        "AUTHS-E4962",
717        "AUTHS-E4963",
718        "AUTHS-E4964",
719        "AUTHS-E4965",
720        "AUTHS-E4966",
721        "AUTHS-E4967",
722        "AUTHS-E4968",
723        "AUTHS-E4971",
724        "AUTHS-E4972",
725        "AUTHS-E4973",
726        "AUTHS-E4974",
727        "AUTHS-E4981",
728        "AUTHS-E4982",
729        "AUTHS-E4983",
730        "AUTHS-E4984",
731        "AUTHS-E4986",
732        "AUTHS-E4987",
733        "AUTHS-E4991",
734        "AUTHS-E4992",
735        "AUTHS-E5001",
736        "AUTHS-E5002",
737        "AUTHS-E5004",
738        "AUTHS-E5006",
739        "AUTHS-E5007",
740        "AUTHS-E5008",
741        "AUTHS-E5101",
742        "AUTHS-E5102",
743        "AUTHS-E5103",
744        "AUTHS-E5105",
745        "AUTHS-E5106",
746        "AUTHS-E5201",
747        "AUTHS-E5202",
748        "AUTHS-E5203",
749        "AUTHS-E5204",
750        "AUTHS-E5301",
751        "AUTHS-E5302",
752        "AUTHS-E5303",
753        "AUTHS-E5304",
754        "AUTHS-E5305",
755        "AUTHS-E5306",
756        "AUTHS-E5307",
757        "AUTHS-E5311",
758        "AUTHS-E5312",
759        "AUTHS-E5313",
760        "AUTHS-E5314",
761        "AUTHS-E5315",
762        "AUTHS-E5316",
763        "AUTHS-E5401",
764        "AUTHS-E5402",
765        "AUTHS-E5403",
766        "AUTHS-E5404",
767        "AUTHS-E5405",
768        "AUTHS-E5406",
769        "AUTHS-E5501",
770        "AUTHS-E5502",
771        "AUTHS-E5503",
772        "AUTHS-E5504",
773        "AUTHS-E5551",
774        "AUTHS-E5552",
775        "AUTHS-E5553",
776        "AUTHS-E5554",
777        "AUTHS-E5601",
778        "AUTHS-E5602",
779        "AUTHS-E5603",
780        "AUTHS-E5604",
781        "AUTHS-E5605",
782        "AUTHS-E5606",
783        "AUTHS-E5607",
784        "AUTHS-E5608",
785        "AUTHS-E5609",
786        "AUTHS-E5610",
787        "AUTHS-E5611",
788        "AUTHS-E5612",
789        "AUTHS-E5613",
790        "AUTHS-E5614",
791        "AUTHS-E5615",
792        "AUTHS-E5616",
793        "AUTHS-E5617",
794        "AUTHS-E5618",
795        "AUTHS-E5619",
796        "AUTHS-E5620",
797        "AUTHS-E5621",
798        "AUTHS-E5622",
799        "AUTHS-E5623",
800        "AUTHS-E5624",
801        "AUTHS-E5625",
802        "AUTHS-E5626",
803        "AUTHS-E5627",
804        "AUTHS-E5701",
805        "AUTHS-E5702",
806        "AUTHS-E5703",
807        "AUTHS-E5704",
808        "AUTHS-E5705",
809        "AUTHS-E5706",
810        "AUTHS-E5850",
811        "AUTHS-E5851",
812        "AUTHS-E5852",
813        "AUTHS-E5853",
814        "AUTHS-E5854",
815        "AUTHS-E5855",
816        "AUTHS-E5856",
817        "AUTHS-E5901",
818        "AUTHS-E5902",
819        "AUTHS-E5903",
820        "AUTHS-E5904",
821        "AUTHS-E5905",
822        "AUTHS-E5906",
823        "AUTHS-E5907",
824        "AUTHS-E5908",
825        "AUTHS-E5909",
826        "AUTHS-E5910",
827        "AUTHS-E6001",
828        "AUTHS-E6002",
829        "AUTHS-E6003",
830        "AUTHS-E6101",
831        "AUTHS-E6102",
832        "AUTHS-E6103",
833        "AUTHS-E6104",
834        "AUTHS-E6105",
835        "AUTHS-E6106",
836        "AUTHS-E8001",
837        "AUTHS-E8002",
838        "AUTHS-E8003",
839        "AUTHS-E8004",
840        "AUTHS-E8005",
841        "AUTHS-E8006",
842        "AUTHS-E8007",
843        "AUTHS-E8008",
844        "AUTHS-E9001",
845        "AUTHS-E9002",
846        "AUTHS-E9003",
847        "AUTHS-E9004",
848        "AUTHS-E9005",
849        "AUTHS-E9006",
850        "AUTHS-E9007",
851    ];
852    CODES
853}
854
855#[cfg(test)]
856mod tests {
857    use super::*;
858
859    #[test]
860    fn explain_returns_content_for_known_code() {
861        assert!(explain("AUTHS-E1001").is_some());
862    }
863
864    #[test]
865    fn explain_returns_none_for_unknown_code() {
866        assert!(explain("AUTHS-E9999").is_none());
867    }
868
869    #[test]
870    fn all_codes_is_sorted() {
871        let codes = all_codes();
872        assert!(!codes.is_empty());
873        for window in codes.windows(2) {
874            assert!(
875                window[0] < window[1],
876                "codes not sorted: {} >= {}",
877                window[0],
878                window[1]
879            );
880        }
881    }
882
883    #[test]
884    fn all_codes_count_matches_registry() {
885        assert_eq!(all_codes().len(), 357);
886    }
887}