48 source-checked capability rows

Every row links to a specific file at reviewed revision 01911d0. State describes a shipped primitive and remaining work, not ERP completeness. No general-ledger module is claimed.

48 / 48

SelectCapabilityStateScope and editionPrerequisite and limitationEvidence
Customers and companiesCRMavailableCore customer recordsCoreEnable the customers module and define organization access.The entities provide a CRM foundation, not a preconfigured sales process.Customer entitieshigh confidence · 2026-07-14
Contacts and addressesCRMavailableCore customer recordsCoreModel the required contact roles and privacy rules.Data quality and consent processes remain implementation responsibilities.Person and address entitieshigh confidence · 2026-07-14
Deals and pipelinesCRMconfigurableCore entities plus project policyCoreConfigure stages, ownership and acceptance rules.A shipped pipeline model does not define the organization sales method.Deal and pipeline entitieshigh confidence · 2026-07-14
Sales quotesSalesavailableCore sales documentsCoreConfigure numbering, currencies, taxes and permissions.Legal and tax correctness depends on project configuration and integrations.Sales quote entitieshigh confidence · 2026-07-14
Sales ordersSalesavailableCore sales documentsCoreConfigure document policy, numbering and access.Order entities do not provide inventory reservation or manufacturing.Sales order entitieshigh confidence · 2026-07-14
Sales document actions and lifecycleSalesconfigurableCore commands and project rulesCoreChoose allowed transitions, side effects and approvals.The project must validate the lifecycle against its business controls.Sales command handlershigh confidence · 2026-07-14
Products and variantsCatalogavailableCore catalog recordsCoreDefine product structure, identifiers and access.This is product master data, not a warehouse or manufacturing module.Catalog entitieshigh confidence · 2026-07-14
Price kinds and attributesCatalogconfigurableCore catalog configurationCoreConfigure price semantics, currencies and attribute vocabulary.Project rules must define pricing calculations and publication behavior.Price and attribute entitieshigh confidence · 2026-07-14
B2B catalog, cart and ordering storefrontCommercecustom buildProject UI and workflowsProject or providerDesign buyer journeys, catalog visibility, cart rules and order submission.The shipped portal is an extension shell; it does not include a complete B2B storefront.Portal shell modulehigh confidence · 2026-07-14
Tenant-specific workflowsWorkflowconfigurableCore workflow definitionsCoreModel states, transitions, permissions and failure paths.Workflow infrastructure does not supply organization-specific process design.Workflow entitieshigh confidence · 2026-07-14
Business-rule automationWorkflowconfigurableCore rule engineCoreDefine triggers, actions, permissions and observability.Rules require project review to avoid unsafe or conflicting side effects.Business-rule entitieshigh confidence · 2026-07-14
Customer portal authentication and extension shellCustomer portalavailableCore portal foundationCoreEnable customer accounts and inject the required portal pages.Order, invoice and service self-service pages are not implied by the shell.Customer account modulehigh confidence · 2026-07-14
Communication channel registryCommunicationconfigurableCore hub plus provider packageCoreSelect and configure a concrete provider package.The registry alone does not send or receive messages.Communication channels modulehigh confidence · 2026-07-14
Backoffice authentication and sessionsIdentityavailableCore authentication moduleCoreConfigure secrets, session policy and deployment controls.Secure production operation depends on environment and policy configuration.Authentication modulehigh confidence · 2026-07-14
Feature-based RBACIdentityconfigurableCore authorization modelCoreMap roles to least-privilege feature grants.Default grants must be reviewed for each organization and custom module.Authentication ACL declarationshigh confidence · 2026-07-14
SAML/OIDC SSO and SCIMIdentityavailableSeparately licensed Enterprise moduleEnterpriseLicense and enable Enterprise modules, then configure the identity provider.SSO is not part of the MIT-licensed Core and still requires identity-provider setup.Enterprise SSO modulehigh confidence · 2026-07-14
Custom fieldsData modelconfigurableCore metadata and UI surfacesCoreDefine field semantics, permissions, validation and migration behavior.Custom fields do not replace domain modeling when behavior is required.Current extensibility surfaceshigh confidence · 2026-07-14
Runtime custom entitiesData modelconfigurableCore entity-management moduleCoreDesign definitions, fields, access and lifecycle.Complex domain behavior can still require a typed custom module.Custom entity definitionshigh confidence · 2026-07-14
Cross-module entity extensionsData modelcustom buildProject module codeProject or providerImplement an extension through the documented surface and test module absence.The platform provides the extension seam, not the project-specific fields or behavior.Entity extension contracthigh confidence · 2026-07-14
Full-text searchSearchconfigurableSearch package with MeilisearchCoreRun and configure Meilisearch, then declare searchable entities.Full-text mode is not active without its backend and indexing operations.Full-text strategyhigh confidence · 2026-07-14
Vector and semantic searchSearchconfigurableSearch package plus vector and embedding providersCoreConfigure a vector driver, embedding provider and indexing policy.Semantic search is not available without configured external or local model infrastructure.Embedding provider servicehigh confidence · 2026-07-14
Contextual AI assistantsAIconfigurableAI Assistant package plus model providerCoreChoose models, agent definitions, tools, access and budgets.Model quality, cost and safe task design remain deployment responsibilities.AI Assistant modulehigh confidence · 2026-07-14
AI mutation approval recordsAIconfigurableAI Assistant policy and pending-action recordsCoreDefine which tools mutate data and who may approve them.Approval records do not make an unsafe tool or prompt safe by themselves.AI pending action entityhigh confidence · 2026-07-14
Typed module API route contractsIntegrationavailableShared route registry contractsCoreEnable the relevant module and enforce its auth and scope contract.A typed route contract does not define an external-system integration or SLA.Typed module API route registry contractshigh confidence · 2026-07-14
Typed domain eventsIntegrationavailableShared event contractsCoreDeclare event payloads and choose delivery semantics per subscriber.Consumers must still handle retries, idempotency and scope correctly.Event definition factoryhigh confidence · 2026-07-14
Outbound webhook deliveryIntegrationconfigurableWebhooks packageCoreConfigure endpoints, signing, retry policy and delivery ownership.A webhook framework is not a prebuilt connector to a named system.Webhooks modulehigh confidence · 2026-07-14
Scheduled data synchronizationIntegrationconfigurableCore data-sync hub plus adapterCoreImplement or select an adapter, mappings, checkpointing and reconciliation.The hub does not provide a connector for every source system.Data synchronization modulehigh confidence · 2026-07-14
Named accounting-system connectorIntegrationintegration requiredProvider or project integrationProject or providerVerify or build a connector for the named accounting product and version.The Core registry is an integration hub, not a shipped named accounting connector.Integration registry hubhigh confidence · 2026-07-14
Public pay links with a payment-provider adapterPaymentsconfigurableCheckout package plus configured providerCoreConfigure a concrete gateway, webhook delivery, pay-link templates and consent text.Checkout covers pay links and payment pages, not a general cart or storefront; legal and reconciliation review remains project work.Checkout modulehigh confidence · 2026-07-14
Concrete shipping-carrier connectorShippingintegration requiredProvider or project integrationProject or providerVerify or build a carrier adapter, credentials and label workflow.The Core module is a carrier registry; no concrete carrier package is evidenced here.Shipping-carrier hubhigh confidence · 2026-07-14
Tenant and organization request scopeSecurityavailableShared scoped API helpersCoreUse scoped helpers and test every custom query and mutation.Custom code can still introduce isolation defects if it bypasses the contract.Scoped API helpershigh confidence · 2026-07-14
Field-level encryption helpersSecurityconfigurableShared encryption servicesCoreSelect fields, keys, KMS policy, rotation and recovery procedures.Helpers do not establish a complete encryption or key-management program.Tenant data encryption servicehigh confidence · 2026-07-14
Optimistic concurrency controlData integrityavailableShared CRUD and command guardsCoreExpose record versions and use the guard on custom writes.Coverage must be verified for custom endpoints and aggregate commands.Optimistic locking helperhigh confidence · 2026-07-14
Deployment security assuranceSecuritycustom buildProject controls and independent reviewProject or providerThreat-model the deployment and collect evidence for code, infrastructure and operations.Repository controls do not certify a deployment or guarantee compliance.Project security policyhigh confidence · 2026-07-14
Queues and background workersOperationsconfigurableQueue package and worker processesCoreChoose a strategy; production async processing requires BullMQ and Redis.Workers require deployment, idempotency, monitoring and recovery design.Queue packagehigh confidence · 2026-07-14
Pluggable cachingOperationsconfigurableCache packageCoreSelect memory, SQLite or Redis and design tenant-scoped invalidation.A cache strategy does not remove consistency and capacity planning.Cache packagehigh confidence · 2026-07-14
Scheduled jobsOperationsconfigurableScheduler packageCoreDeploy the scheduler process and define concurrency, retries and ownership.Scheduled jobs need project-specific idempotency and failure handling.Scheduler modulehigh confidence · 2026-07-14
Production monitoring and alertingOperationsintegration requiredDeployment tooling and operating processProject or providerSelect telemetry, dashboards, alert routes and accountable responders.The logging facade is not a supplied or operated monitoring and alerting service.Structured logging facadehigh confidence · 2026-07-14
Backup and disaster recoveryOperationsintegration requiredHosting and operating processProject or providerDefine backup scope, retention, restore tests, RPO and RTO for the deployment.A reference composition is not a managed backup or disaster-recovery service.Reference deployment compositionhigh confidence · 2026-07-14
Currencies and exchange-rate recordsLocalizationavailableCore currencies moduleCoreConfigure active currencies and a trusted rate source or process.Currency records do not provide accounting, tax or treasury functions.Currency entitieshigh confidence · 2026-07-14
Localized UI dictionariesLocalizationconfigurableCore translation module and module dictionariesCoreProvide and review dictionaries for enabled modules and project copy.Translation infrastructure does not prove complete or legally reviewed localization.Translations modulehigh confidence · 2026-07-14
Polish general ledger and statutory accountingLocalizationintegration requiredExternal accounting system or custom moduleProject or providerIntegrate a verified accounting system or implement and legally validate the required scope.No complete Polish general-ledger or KSeF accounting module is evidenced in Core.Integration registry hubhigh confidence · 2026-07-14
Module file auto-discovery and generationPlatformavailableCLI generator and app registryCoreRegister the module in modules.ts and run the generator after discovery-file changes.Discovery removes route boilerplate; it does not eliminate the enabled-module registry.Module facts generatorhigh confidence · 2026-07-14
Dependency-injection overridesPlatformcustom buildProject composition rootProject or providerDefine a stable service contract and register the override in the app.The container provides the seam; project code supplies and maintains the override.Dependency-injection containerhigh confidence · 2026-07-14
UI widget injectionPlatformcustom buildProject or provider widgetsProject or providerImplement a registered widget for a documented stable spot.Injection surfaces do not supply the project-specific widget or its data contract.UI injection spothigh confidence · 2026-07-14
Backward-compatibility contract policyPlatformavailableRepository contract policyCoreUse public seams and follow deprecation and migration guidance.A policy reduces avoidable breakage; it does not guarantee zero upgrade work.Backward compatibility policyhigh confidence · 2026-07-14
Standalone application scaffoldingDeploymentavailablecreate-mercato-app packageCoreSelect a starter, install dependencies and complete project setup.A scaffold is a starting point, not a production-ready deployment.Application scaffolderhigh confidence · 2026-07-14
Production deployment and operating designDeploymentcustom buildProject architecture and operationsProject or providerDesign hosting, secrets, scaling, workers, backups, observability and rollback.Reference deployment files are not a managed service or production-readiness verdict.Reference full-app compositionhigh confidence · 2026-07-14

Method, assumptions and limitations

Reviewed 14 July 2026. Product facts were checked against both the public code at the cited repository revision and official documentation. Where documentation and code differ, this guide describes behavior supported by code. Interpretations and recommendations concern implementation work, not product guarantees.

This material is not a quote, audit, certification, or legal, tax, or accounting advice. Edition, enabled modules, configuration, custom code, infrastructure, data, third-party providers, and operating practices affect the outcome.

Submit a correction with the public source and the date checked.