nexo-microapp-sdk 0.1.17

Reusable runtime helpers for Phase 11 stdio microapps consuming the nexo-rs daemon (JSON-RPC dispatch loop, BindingContext parsing, typed replies).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

use thiserror::Error;

/// Typed error surface for the identity store. Discriminated
/// union so callers `match` on `kind` instead of parsing
/// strings.
#[non_exhaustive]
#[derive(Debug, Error)]
pub enum IdentityError {
    /// Underlying SQLite operation failed.
    #[error("sqlite: {0}")]
    Sqlite(#[from] sqlx::Error),

    /// Caller passed a `tenant_id` that doesn't match the
    /// store's tenant scope. Defense-in-depth: stores already
    /// filter by `tenant_id` in queries; this catches a bug
    /// where a caller accidentally hands a foreign tenant.
    #[error("tenant_unauthorised: caller passed {got:?}, store scoped to {expected:?}")]
    TenantUnauthorised { expected: String, got: String },

    /// Migration failed at first open. Corrupt schema or sqlx
    /// version drift.
    #[error("migration: {0}")]
    Migration(String),

    /// `email` validation failed (empty, doesn't contain `@`,
    /// over 320 chars per RFC 5321). Stores reject these so
    /// downstream lookups never normalise differently.
    #[error("invalid email: {0:?}")]
    InvalidEmail(String),
}