48 source-checked capability rows
Every row links to a specific file at reviewed revision 01911d0. State describes a shipped primitive and remaining work, not ERP completeness. No general-ledger module is claimed.
48 / 48
| Select | Capability | State | Scope and edition | Prerequisite and limitation | Evidence |
|---|---|---|---|---|---|
| Customers and companiesCRM | available | Core customer recordsCore | Enable the customers module and define organization access.The entities provide a CRM foundation, not a preconfigured sales process. | Customer entitieshigh confidence · 2026-07-14 | |
| Contacts and addressesCRM | available | Core customer recordsCore | Model the required contact roles and privacy rules.Data quality and consent processes remain implementation responsibilities. | Person and address entitieshigh confidence · 2026-07-14 | |
| Deals and pipelinesCRM | configurable | Core entities plus project policyCore | Configure stages, ownership and acceptance rules.A shipped pipeline model does not define the organization sales method. | Deal and pipeline entitieshigh confidence · 2026-07-14 | |
| Sales quotesSales | available | Core sales documentsCore | Configure numbering, currencies, taxes and permissions.Legal and tax correctness depends on project configuration and integrations. | Sales quote entitieshigh confidence · 2026-07-14 | |
| Sales ordersSales | available | Core sales documentsCore | Configure document policy, numbering and access.Order entities do not provide inventory reservation or manufacturing. | Sales order entitieshigh confidence · 2026-07-14 | |
| Sales document actions and lifecycleSales | configurable | Core commands and project rulesCore | Choose allowed transitions, side effects and approvals.The project must validate the lifecycle against its business controls. | Sales command handlershigh confidence · 2026-07-14 | |
| Products and variantsCatalog | available | Core catalog recordsCore | Define product structure, identifiers and access.This is product master data, not a warehouse or manufacturing module. | Catalog entitieshigh confidence · 2026-07-14 | |
| Price kinds and attributesCatalog | configurable | Core catalog configurationCore | Configure price semantics, currencies and attribute vocabulary.Project rules must define pricing calculations and publication behavior. | Price and attribute entitieshigh confidence · 2026-07-14 | |
| B2B catalog, cart and ordering storefrontCommerce | custom build | Project UI and workflowsProject or provider | Design buyer journeys, catalog visibility, cart rules and order submission.The shipped portal is an extension shell; it does not include a complete B2B storefront. | Portal shell modulehigh confidence · 2026-07-14 | |
| Tenant-specific workflowsWorkflow | configurable | Core workflow definitionsCore | Model states, transitions, permissions and failure paths.Workflow infrastructure does not supply organization-specific process design. | Workflow entitieshigh confidence · 2026-07-14 | |
| Business-rule automationWorkflow | configurable | Core rule engineCore | Define triggers, actions, permissions and observability.Rules require project review to avoid unsafe or conflicting side effects. | Business-rule entitieshigh confidence · 2026-07-14 | |
| Customer portal authentication and extension shellCustomer portal | available | Core portal foundationCore | Enable customer accounts and inject the required portal pages.Order, invoice and service self-service pages are not implied by the shell. | Customer account modulehigh confidence · 2026-07-14 | |
| Communication channel registryCommunication | configurable | Core hub plus provider packageCore | Select and configure a concrete provider package.The registry alone does not send or receive messages. | Communication channels modulehigh confidence · 2026-07-14 | |
| Backoffice authentication and sessionsIdentity | available | Core authentication moduleCore | Configure secrets, session policy and deployment controls.Secure production operation depends on environment and policy configuration. | Authentication modulehigh confidence · 2026-07-14 | |
| Feature-based RBACIdentity | configurable | Core authorization modelCore | Map roles to least-privilege feature grants.Default grants must be reviewed for each organization and custom module. | Authentication ACL declarationshigh confidence · 2026-07-14 | |
| SAML/OIDC SSO and SCIMIdentity | available | Separately licensed Enterprise moduleEnterprise | License and enable Enterprise modules, then configure the identity provider.SSO is not part of the MIT-licensed Core and still requires identity-provider setup. | Enterprise SSO modulehigh confidence · 2026-07-14 | |
| Custom fieldsData model | configurable | Core metadata and UI surfacesCore | Define field semantics, permissions, validation and migration behavior.Custom fields do not replace domain modeling when behavior is required. | Current extensibility surfaceshigh confidence · 2026-07-14 | |
| Runtime custom entitiesData model | configurable | Core entity-management moduleCore | Design definitions, fields, access and lifecycle.Complex domain behavior can still require a typed custom module. | Custom entity definitionshigh confidence · 2026-07-14 | |
| Cross-module entity extensionsData model | custom build | Project module codeProject or provider | Implement an extension through the documented surface and test module absence.The platform provides the extension seam, not the project-specific fields or behavior. | Entity extension contracthigh confidence · 2026-07-14 | |
| Full-text searchSearch | configurable | Search package with MeilisearchCore | Run and configure Meilisearch, then declare searchable entities.Full-text mode is not active without its backend and indexing operations. | Full-text strategyhigh confidence · 2026-07-14 | |
| Vector and semantic searchSearch | configurable | Search package plus vector and embedding providersCore | Configure a vector driver, embedding provider and indexing policy.Semantic search is not available without configured external or local model infrastructure. | Embedding provider servicehigh confidence · 2026-07-14 | |
| Contextual AI assistantsAI | configurable | AI Assistant package plus model providerCore | Choose models, agent definitions, tools, access and budgets.Model quality, cost and safe task design remain deployment responsibilities. | AI Assistant modulehigh confidence · 2026-07-14 | |
| AI mutation approval recordsAI | configurable | AI Assistant policy and pending-action recordsCore | Define which tools mutate data and who may approve them.Approval records do not make an unsafe tool or prompt safe by themselves. | AI pending action entityhigh confidence · 2026-07-14 | |
| Typed module API route contractsIntegration | available | Shared route registry contractsCore | Enable the relevant module and enforce its auth and scope contract.A typed route contract does not define an external-system integration or SLA. | Typed module API route registry contractshigh confidence · 2026-07-14 | |
| Typed domain eventsIntegration | available | Shared event contractsCore | Declare event payloads and choose delivery semantics per subscriber.Consumers must still handle retries, idempotency and scope correctly. | Event definition factoryhigh confidence · 2026-07-14 | |
| Outbound webhook deliveryIntegration | configurable | Webhooks packageCore | Configure endpoints, signing, retry policy and delivery ownership.A webhook framework is not a prebuilt connector to a named system. | Webhooks modulehigh confidence · 2026-07-14 | |
| Scheduled data synchronizationIntegration | configurable | Core data-sync hub plus adapterCore | Implement or select an adapter, mappings, checkpointing and reconciliation.The hub does not provide a connector for every source system. | Data synchronization modulehigh confidence · 2026-07-14 | |
| Named accounting-system connectorIntegration | integration required | Provider or project integrationProject or provider | Verify or build a connector for the named accounting product and version.The Core registry is an integration hub, not a shipped named accounting connector. | Integration registry hubhigh confidence · 2026-07-14 | |
| Public pay links with a payment-provider adapterPayments | configurable | Checkout package plus configured providerCore | Configure a concrete gateway, webhook delivery, pay-link templates and consent text.Checkout covers pay links and payment pages, not a general cart or storefront; legal and reconciliation review remains project work. | Checkout modulehigh confidence · 2026-07-14 | |
| Concrete shipping-carrier connectorShipping | integration required | Provider or project integrationProject or provider | Verify or build a carrier adapter, credentials and label workflow.The Core module is a carrier registry; no concrete carrier package is evidenced here. | Shipping-carrier hubhigh confidence · 2026-07-14 | |
| Tenant and organization request scopeSecurity | available | Shared scoped API helpersCore | Use scoped helpers and test every custom query and mutation.Custom code can still introduce isolation defects if it bypasses the contract. | Scoped API helpershigh confidence · 2026-07-14 | |
| Field-level encryption helpersSecurity | configurable | Shared encryption servicesCore | Select fields, keys, KMS policy, rotation and recovery procedures.Helpers do not establish a complete encryption or key-management program. | Tenant data encryption servicehigh confidence · 2026-07-14 | |
| Optimistic concurrency controlData integrity | available | Shared CRUD and command guardsCore | Expose record versions and use the guard on custom writes.Coverage must be verified for custom endpoints and aggregate commands. | Optimistic locking helperhigh confidence · 2026-07-14 | |
| Deployment security assuranceSecurity | custom build | Project controls and independent reviewProject or provider | Threat-model the deployment and collect evidence for code, infrastructure and operations.Repository controls do not certify a deployment or guarantee compliance. | Project security policyhigh confidence · 2026-07-14 | |
| Queues and background workersOperations | configurable | Queue package and worker processesCore | Choose a strategy; production async processing requires BullMQ and Redis.Workers require deployment, idempotency, monitoring and recovery design. | Queue packagehigh confidence · 2026-07-14 | |
| Pluggable cachingOperations | configurable | Cache packageCore | Select memory, SQLite or Redis and design tenant-scoped invalidation.A cache strategy does not remove consistency and capacity planning. | Cache packagehigh confidence · 2026-07-14 | |
| Scheduled jobsOperations | configurable | Scheduler packageCore | Deploy the scheduler process and define concurrency, retries and ownership.Scheduled jobs need project-specific idempotency and failure handling. | Scheduler modulehigh confidence · 2026-07-14 | |
| Production monitoring and alertingOperations | integration required | Deployment tooling and operating processProject or provider | Select telemetry, dashboards, alert routes and accountable responders.The logging facade is not a supplied or operated monitoring and alerting service. | Structured logging facadehigh confidence · 2026-07-14 | |
| Backup and disaster recoveryOperations | integration required | Hosting and operating processProject or provider | Define backup scope, retention, restore tests, RPO and RTO for the deployment.A reference composition is not a managed backup or disaster-recovery service. | Reference deployment compositionhigh confidence · 2026-07-14 | |
| Currencies and exchange-rate recordsLocalization | available | Core currencies moduleCore | Configure active currencies and a trusted rate source or process.Currency records do not provide accounting, tax or treasury functions. | Currency entitieshigh confidence · 2026-07-14 | |
| Localized UI dictionariesLocalization | configurable | Core translation module and module dictionariesCore | Provide and review dictionaries for enabled modules and project copy.Translation infrastructure does not prove complete or legally reviewed localization. | Translations modulehigh confidence · 2026-07-14 | |
| Polish general ledger and statutory accountingLocalization | integration required | External accounting system or custom moduleProject or provider | Integrate a verified accounting system or implement and legally validate the required scope.No complete Polish general-ledger or KSeF accounting module is evidenced in Core. | Integration registry hubhigh confidence · 2026-07-14 | |
| Module file auto-discovery and generationPlatform | available | CLI generator and app registryCore | Register the module in modules.ts and run the generator after discovery-file changes.Discovery removes route boilerplate; it does not eliminate the enabled-module registry. | Module facts generatorhigh confidence · 2026-07-14 | |
| Dependency-injection overridesPlatform | custom build | Project composition rootProject or provider | Define a stable service contract and register the override in the app.The container provides the seam; project code supplies and maintains the override. | Dependency-injection containerhigh confidence · 2026-07-14 | |
| UI widget injectionPlatform | custom build | Project or provider widgetsProject or provider | Implement a registered widget for a documented stable spot.Injection surfaces do not supply the project-specific widget or its data contract. | UI injection spothigh confidence · 2026-07-14 | |
| Backward-compatibility contract policyPlatform | available | Repository contract policyCore | Use public seams and follow deprecation and migration guidance.A policy reduces avoidable breakage; it does not guarantee zero upgrade work. | Backward compatibility policyhigh confidence · 2026-07-14 | |
| Standalone application scaffoldingDeployment | available | create-mercato-app packageCore | Select a starter, install dependencies and complete project setup.A scaffold is a starting point, not a production-ready deployment. | Application scaffolderhigh confidence · 2026-07-14 | |
| Production deployment and operating designDeployment | custom build | Project architecture and operationsProject or provider | Design hosting, secrets, scaling, workers, backups, observability and rollback.Reference deployment files are not a managed service or production-readiness verdict. | Reference full-app compositionhigh confidence · 2026-07-14 |
Method, assumptions and limitations
Reviewed 14 July 2026. Product facts were checked against both the public code at the cited repository revision and official documentation. Where documentation and code differ, this guide describes behavior supported by code. Interpretations and recommendations concern implementation work, not product guarantees.
This material is not a quote, audit, certification, or legal, tax, or accounting advice. Edition, enabled modules, configuration, custom code, infrastructure, data, third-party providers, and operating practices affect the outcome.
Primary source collections: code repository, documentation, public releases.
Submit a correction with the public source and the date checked.