Docs/ErrorCodes.md

# Error Codes

## Principles

- Use stable machine-readable codes.
- Map each code to a user-facing title, body, and next step.
- Separate recoverable conditions from fatal conditions.

## Registry

- `permission_denied`
- `permission_limited`
- `admin_required`
- `path_protected`
- `path_not_found`
- `action_not_allowed`
- `helper_unavailable`
- `execution_unavailable`
- `worker_crashed`
- `protocol_mismatch`
- `partial_failure`
- `task_cancelled`
- `restore_expired`
- `restore_conflict`
- `idempotency_conflict`

## Mapping Rules

- Use inline presentation for row-level issues.
- Use banners for limited access and incomplete results.
- Use sheets for permission and destructive confirmation flows.
- Use result pages for partial success, cancellation, and recovery outcomes.

## Recovery Semantics

- `restore_expired` — the recovery retention window has closed; the item must no longer be restorable and should disappear from active recovery state on the next refresh.
- `restore_conflict` — the original destination already exists; the restore request must fail closed without moving the trashed source.

## Format

- User-visible format recommendation: `ATLAS-<DOMAIN>-<NUMBER>`
- Example: `ATLAS-EXEC-004`
feat: add Atlas native app UX overhaul 2026-03-10 17:09:35 +08:00			`# Error Codes`

			`## Principles`

			`- Use stable machine-readable codes.`
			`- Map each code to a user-facing title, body, and next step.`
			`- Separate recoverable conditions from fatal conditions.`

			`## Registry`

			- `permission_denied`
			- `permission_limited`
			- `admin_required`
			- `path_protected`
			- `path_not_found`
			- `action_not_allowed`
			- `helper_unavailable`
			- `execution_unavailable`
			- `worker_crashed`
			- `protocol_mismatch`
			- `partial_failure`
			- `task_cancelled`
			- `restore_expired`
			- `restore_conflict`
			- `idempotency_conflict`

			`## Mapping Rules`

			`- Use inline presentation for row-level issues.`
			`- Use banners for limited access and incomplete results.`
			`- Use sheets for permission and destructive confirmation flows.`
			`- Use result pages for partial success, cancellation, and recovery outcomes.`

fix: enforce recovery retention and fail-closed restore semantics - prune expired recovery items on load/save and reject expired restores at worker boundary - add restoreExpired and restoreConflict protocol/application error mapping - disable expired restore actions in History and reload persisted state after restore failures - add recovery expiry/conflict coverage plus sync protocol, architecture, state-machine, and recovery contract docs - wire AtlasAppTests into the shared Xcode scheme and add app-layer regression coverage for expired restore reload behavior Refs: ATL-221 ATL-222 ATL-223 ATL-224 ATL-225, vibe-kanban SID-9 2026-03-13 10:35:15 +08:00			`## Recovery Semantics`

			- `restore_expired` — the recovery retention window has closed; the item must no longer be restorable and should disappear from active recovery state on the next refresh.
			- `restore_conflict` — the original destination already exists; the restore request must fail closed without moving the trashed source.

feat: add Atlas native app UX overhaul 2026-03-10 17:09:35 +08:00			`## Format`

			- User-visible format recommendation: `ATLAS-<DOMAIN>-<NUMBER>`
			- Example: `ATLAS-EXEC-004`