diff --git a/.env.example b/.env.example
index 750be2c4..931436a3 100644
--- a/.env.example
+++ b/.env.example
@@ -22,3 +22,14 @@ SUPER_ADMIN_NAME=Administrator
 
 # Cron
 CRON_SECRET=
+
+# Axiom — Log Storage (https://axiom.co/docs/guides/pino)
+AXIOM_TOKEN=AXIOM_TOKEN
+AXIOM_DATASET=DATA_SET
+
+# Cloudflare R2 — Object Storage
+R2_ACCOUNT_ID=
+R2_ACCESS_KEY_ID=
+R2_SECRET_ACCESS_KEY=
+R2_BUCKET_NAME=
+R2_PUBLIC_URL=
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ffc36ae8..c0315684 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -11,7 +11,28 @@ env:
   ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
   TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
   TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
-  
+  GDRIVE_SERVICE_ACCOUNT_KEY: ${{secrets.GDRIVE_SERVICE_ACCOUNT_KEY}}
+  R2_ACCOUNT_ID: ${{secrets.R2_ACCOUNT_ID}}
+  R2_ACCESS_KEY_ID: ${{secrets.R2_ACCESS_KEY_ID}}
+  R2_SECRET_ACCESS_KEY: ${{secrets.R2_SECRET_ACCESS_KEY}}
+  R2_BUCKET_NAME: ${{secrets.R2_BUCKET_NAME}}
+  R2_PUBLIC_URL: ${{secrets.R2_PUBLIC_URL}}
+  AXIOM_TOKEN: ${{secrets.AXIOM_TOKEN}}
+  AXIOM_DATASET: ${{secrets.AXIOM_DATASET}}
+  CRON_SECRET: ${{secrets.CRON_SECRET}}
+  BETTER_AUTH_SECRET: ${{secrets.BETTER_AUTH_SECRET}}
+  BETTER_AUTH_URL: http://localhost:3000
+  BETTER_AUTH_COOKIE_PREFIX: domus_auth_test
+  GOOGLE_CLIENT_ID: ${{secrets.GOOGLE_CLIENT_ID}}
+  GOOGLE_CLIENT_SECRET: ${{secrets.GOOGLE_CLIENT_SECRET}}
+  SUPER_ADMIN_EMAIL: superadmin@test.com
+  SUPER_ADMIN_PASSWORD: testing123
+  SUPER_ADMIN_NAME: Super Admin
+  NEXT_PUBLIC_DOMUS_VERSION: 0.0.0-dev
+  CF_API_TOKEN: ${{secrets.CF_API_TOKEN}}
+  CF_ACCOUNT_ID: ${{secrets.CF_ACCOUNT_ID}}
+  WHATSAPP_TOKEN: ${{secrets.WHATSAPP_TOKEN}}
+
 jobs:
   check:
     name: Lint & Type Check
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index a8aebafe..0ec5e82a 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -16,8 +16,8 @@ env:
   TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
 
 jobs:
-  deploy:
-    name: Vercel Deploy
+  dash:
+    name: Dashboard
     runs-on: ubuntu-latest
     env:
       VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}
@@ -55,4 +55,4 @@ jobs:
           NEXT_PUBLIC_DOMUS_VERSION: ${{ github.ref_name }}
 
       - name: Deploy Project Artifacts to Vercel
-        run: vercel deploy --prebuilt --prod --token=${{ secrets.VERCEL_TOKEN }}
\ No newline at end of file
+        run: vercel deploy --prebuilt --prod --token=${{ secrets.VERCEL_TOKEN }}
diff --git a/AGENTS.md b/AGENTS.md
index 071880d7..3ab70306 100644
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -307,4 +307,4 @@ See → [docs/tdd.md — Deployment & Infrastructure](docs/tdd.md#9-deployment--
 
 ## License
 
-MIT — see → [docs/tdd.md — License](docs/tdd.md#11-license)
+MIT — see → [docs/tdd.md — License](docs/tdd.md#12-license)
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 861637fb..d2c7d644 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -58,7 +58,7 @@ pnpm dev
 ```
 domus/
 ├── apps/
-│   ├── dash/          # Next.js 15 — main application (dash.pkrbt.id)
+│   ├── dash/          # Next.js 15 — main application (pkrbt.id)
 │   └── cron/          # Cloudflare Workers — scheduled tasks
 ├── packages/
 │   ├── core/          # Framework-agnostic business logic (Clean Architecture)
diff --git a/apps/cron/.gitignore b/apps/cron/.gitignore
new file mode 100644
index 00000000..7310e736
--- /dev/null
+++ b/apps/cron/.gitignore
@@ -0,0 +1 @@
+.wrangler
\ No newline at end of file
diff --git a/apps/cron/package.json b/apps/cron/package.json
index edfe127a..de9a0ce6 100644
--- a/apps/cron/package.json
+++ b/apps/cron/package.json
@@ -2,9 +2,11 @@
   "name": "@domus/cron",
   "version": "0.0.1",
   "private": true,
+  "type": "module",
   "scripts": {
-    "dev": "wrangler dev",
-    "deploy": "wrangler deploy",
+    "build": "tsdown",
+    "dev": "tsdown --watch",
+    "deploy": "pnpm run build && wrangler deploy dist/index.mjs",
     "typecheck": "tsc --noEmit"
   },
   "dependencies": {
@@ -12,7 +14,8 @@
   },
   "devDependencies": {
     "@cloudflare/workers-types": "^4.20250224.0",
+    "tsdown": "^0.21.7",
     "typescript": "^5.7.3",
-    "wrangler": "^3.111.0"
+    "wrangler": "^4.79.0"
   }
 }
diff --git a/apps/cron/tsdown.config.ts b/apps/cron/tsdown.config.ts
new file mode 100644
index 00000000..e1c1a278
--- /dev/null
+++ b/apps/cron/tsdown.config.ts
@@ -0,0 +1,16 @@
+import { defineConfig } from 'tsdown';
+
+export default defineConfig({
+  entry: ['src/index.ts'],
+  format: ['esm'],
+  target: 'node20',
+  outDir: 'dist',
+  clean: true,
+  // Equivalent to previous bundle: true
+  unbundle: false,
+  deps: {
+    // Equivalent to previous external: [/^cloudflare:/]
+    neverBundle: [/^cloudflare:/],
+  },
+  minify: true,
+});
diff --git a/apps/cron/wrangler.toml b/apps/cron/wrangler.toml
index cfae0a50..d584ff1e 100644
--- a/apps/cron/wrangler.toml
+++ b/apps/cron/wrangler.toml
@@ -1,11 +1,11 @@
 name = "domus-cron"
-main = "src/index.ts"
+main = "dist/index.mjs"
 compatibility_date = "2026-04-01"
 
 [triggers]
-crons = ["0 0 * * 0"]
+crons = ["0 0 * * 7"]
 
 [vars]
-DASH_API_URL = "https://dash.pkrbt.id"
+DASH_API_URL = "https://pkrbt.id"
 
 # CRON_SECRET must be set via: wrangler secret put CRON_SECRET
diff --git a/apps/dash/app/api/cron/rotate-join-id/route.ts b/apps/dash/app/api/cron/rotate-join-id/route.ts
index e4a11c66..c32b4d0f 100644
--- a/apps/dash/app/api/cron/rotate-join-id/route.ts
+++ b/apps/dash/app/api/cron/rotate-join-id/route.ts
@@ -1,2 +1,2 @@
 // Thin export only — no logic here.
-export { POST } from "@/app/api-routes/cron/rotate-join-id";
+export { POST } from "@/src/api-routes/cron/rotate-join-id";
diff --git a/apps/dash/app/api/upload/route.ts b/apps/dash/app/api/upload/route.ts
new file mode 100644
index 00000000..60018556
--- /dev/null
+++ b/apps/dash/app/api/upload/route.ts
@@ -0,0 +1,40 @@
+import { type NextRequest, NextResponse } from "next/server";
+import { logger } from "@/shared/core/logger";
+
+/**
+ * Mock upload API for E2E testing and development.
+ * This should be replaced with a real storage implementation (e.g. R2, GDrive) in production.
+ */
+export async function POST(req: NextRequest) {
+  try {
+    const formData = await req.formData();
+    const file = formData.get("file") as File;
+    const type = formData.get("type") as string;
+    const id = formData.get("id") as string;
+
+    logger.info("Mock Upload API received file", {
+      name: file?.name,
+      size: file?.size,
+      type,
+      id,
+    });
+
+    // Dummy delay to simulate network latency for the test progress bar
+    await new Promise((resolve) => setTimeout(resolve, 500));
+
+    // Return a dummy URL (pointing back to a placeholder or something valid)
+    // In a real implementation, this would be the URL from the storage provider.
+    const dummyUrl = `https://images.unsplash.com/photo-1518173946687-a4c8a9833d8e?q=80&w=1000&auto=format&fit=crop`;
+
+    return NextResponse.json({
+      success: true,
+      url: dummyUrl,
+    });
+  } catch (error) {
+    logger.error("Mock Upload API error", { error });
+    return NextResponse.json(
+      { success: false, message: "Upload failed" },
+      { status: 500 },
+    );
+  }
+}
diff --git a/apps/dash/app/globals.css b/apps/dash/app/globals.css
index 40a18533..3ef0492c 100644
--- a/apps/dash/app/globals.css
+++ b/apps/dash/app/globals.css
@@ -206,6 +206,17 @@
   --font-heading: "Plus Jakarta Sans", sans-serif;
   --font-body: "Inter", sans-serif;
   --font-sans: "Inter", sans-serif;
+
+  /* Animations */
+  @keyframes shimmer {
+    from {
+      background-position: 200% 0;
+    }
+    to {
+      background-position: -200% 0;
+    }
+  }
+  --animate-shimmer: shimmer 2s infinite linear;
 }
 
 /* -------------------------------------------------------------
diff --git a/apps/dash/e2e/features/org/join.spec.ts b/apps/dash/e2e/features/org/join.spec.ts
index b9f9f65c..63a864d9 100644
--- a/apps/dash/e2e/features/org/join.spec.ts
+++ b/apps/dash/e2e/features/org/join.spec.ts
@@ -51,7 +51,9 @@ test.describe("Organization Join Page", () => {
     await expect(page).toHaveURL(new RegExp(`/join/${TEST_JOIN_ID}/success`), {
       timeout: 10000,
     });
-    await expect(page.getByText(/Pendaftaran Berhasil!/i)).toBeVisible();
+    await expect(
+      page.getByRole("heading", { name: /Pendaftaran Berhasil!/i }),
+    ).toBeVisible();
   });
 
   test("should show already registered message when joining twice", async ({
@@ -76,7 +78,12 @@ test.describe("Organization Join Page", () => {
     await page.getByRole("button", { name: /Bergabung Sekarang/i }).click();
 
     // Verify first one is "Success"
-    await expect(page.getByText(/Pendaftaran Berhasil!/i)).toBeVisible();
+    await expect(page).toHaveURL(new RegExp(`/join/${TEST_JOIN_ID}/success`), {
+      timeout: 20000,
+    });
+    await expect(
+      page.getByRole("heading", { name: /Pendaftaran Berhasil!/i }),
+    ).toBeVisible({ timeout: 10000 });
 
     // 3. Perform second registration (same user, same org)
     await page.goto(`/join/${TEST_JOIN_ID}`);
@@ -91,7 +98,9 @@ test.describe("Organization Join Page", () => {
       new RegExp(`/join/${TEST_JOIN_ID}/success\\?exists=true`),
       { timeout: 10000 },
     );
-    await expect(page.getByText(/Pendaftaran Sudah Ada/i)).toBeVisible();
+    await expect(
+      page.getByRole("heading", { name: /Pendaftaran Sudah Ada/i }),
+    ).toBeVisible({ timeout: 15000 });
     await expect(page.getByText(/Anda sudah terdaftar/i)).toBeVisible();
   });
 
@@ -102,6 +111,8 @@ test.describe("Organization Join Page", () => {
       accountStatus: AccountStatus.Pending,
     });
     await page.goto("/join/invalid-id-999");
-    await expect(page.getByText(/Link Tidak Valid/i)).toBeVisible();
+    await expect(
+      page.getByRole("heading", { name: /Link Tidak Valid/i }),
+    ).toBeVisible();
   });
 });
diff --git a/apps/dash/e2e/features/org/manage.spec.ts b/apps/dash/e2e/features/org/manage.spec.ts
index 0041dafd..d0369ee3 100644
--- a/apps/dash/e2e/features/org/manage.spec.ts
+++ b/apps/dash/e2e/features/org/manage.spec.ts
@@ -51,8 +51,10 @@ test.describe("Organization Update & Remove Page", () => {
 
   test("should soft remove an existing organization", async ({ page }) => {
     // 1. Create a dummy organization to test removal
+    const randomSuffix = Math.random().toString(36).substring(7);
+    const orgName = `Organisasi Untuk Dihapus ${randomSuffix}`;
     await page.goto("/org/new");
-    await page.locator("#name").fill("Organisasi Untuk Dihapus");
+    await page.locator("#name").fill(orgName);
     await page.getByRole("button", { name: /Simpan/i }).click();
 
     // 2. Wait for redirect to details page
@@ -74,7 +76,87 @@ test.describe("Organization Update & Remove Page", () => {
       page
         .getByTestId("org-grid")
         .locator("> div")
-        .filter({ hasText: "Organisasi Untuk Dihapus" }),
+        .filter({ hasText: orgName }),
     ).toHaveCount(0);
   });
+
+  test("should inline edit organization name, description, cover, and logo", async ({
+    page,
+  }) => {
+    // 1. Navigate to /org and click on the first organization to edit
+    await page.goto("/org");
+    const firstCardLink = page.getByTestId("org-grid").locator("a").first();
+    const orgUrlPath = await firstCardLink.getAttribute("href");
+    if (!orgUrlPath) throw new Error("No URL found");
+
+    await page.goto(orgUrlPath);
+
+    // 2. Edit Name
+    const nameGroup = page.locator(".group\\/name");
+    await nameGroup.hover();
+    await page.getByRole("button", { name: "Ubah Nama" }).click();
+
+    const nameInput = page.locator("input.font-heading");
+    await expect(nameInput).toBeVisible();
+    await nameInput.fill("Nama Inline Baru");
+    await page.keyboard.press("Enter");
+
+    await expect(
+      page.getByRole("heading", { name: "Nama Inline Baru" }),
+    ).toBeVisible();
+
+    // 3. Edit Description
+    const descGroup = page.locator(".group\\/desc");
+    await descGroup.hover();
+    await page.getByRole("button", { name: "Ubah Deskripsi" }).click();
+
+    const descTextarea = page.locator("textarea.font-body");
+    await expect(descTextarea).toBeVisible();
+    await descTextarea.fill("Deskripsi Inline Baru");
+    // Click the check button
+    await page.locator("textarea.font-body + div > button:first-child").click();
+
+    await expect(page.getByText("Deskripsi Inline Baru")).toBeVisible();
+
+    // 4. Edit Cover
+    const headerGroup = page.locator(".group\\/header");
+    await headerGroup.hover();
+    const ubahCoverBtn = page.getByRole("button", { name: "Ubah Cover" });
+    await expect(ubahCoverBtn).toBeVisible();
+
+    // In Playwright, we can handle the file chooser before clicking
+    const fileChooserPromise = page.waitForEvent("filechooser");
+    await ubahCoverBtn.click();
+    const fileChooser = await fileChooserPromise;
+    await fileChooser.setFiles({
+      name: "cover.jpg",
+      mimeType: "image/jpeg",
+      buffer: Buffer.from("fake image content"),
+    });
+
+    // We expect the progress overlay to appear and then disappear (upload completes)
+    await expect(page.getByText(/Uploading/i)).toBeVisible();
+    await expect(page.getByText(/Uploading/i)).toBeHidden();
+
+    // 5. Edit Logo
+    const logoGroup = page
+      .locator("div.w-24.h-24.group, div.w-28.h-28.group")
+      .first();
+    await logoGroup.hover();
+    const ubahLogoBtn = page.getByRole("button", { name: "Ubah Logo" });
+    await expect(ubahLogoBtn).toBeVisible();
+
+    const logoChooserPromise = page.waitForEvent("filechooser");
+    await ubahLogoBtn.click();
+    const logoChooser = await logoChooserPromise;
+    await logoChooser.setFiles({
+      name: "logo.jpg",
+      mimeType: "image/jpeg",
+      buffer: Buffer.from("fake image content"),
+    });
+
+    // Wait for upload progress to finish
+    await expect(page.getByText(/Uploading/i)).toBeVisible();
+    await expect(page.getByText(/Uploading/i)).toBeHidden();
+  });
 });
diff --git a/apps/dash/next.config.ts b/apps/dash/next.config.ts
index 84963ca8..05f4de90 100644
--- a/apps/dash/next.config.ts
+++ b/apps/dash/next.config.ts
@@ -19,8 +19,18 @@ const nextConfig: NextConfig = {
         protocol: "https",
         hostname: "placehold.co",
       },
+      {
+        protocol: "https",
+        hostname: "**.pkrbt.id",
+      },
     ],
   },
+  serverExternalPackages: [
+    "@axiomhq/pino",
+    "pino",
+    "thread-stream",
+    "pino-pretty",
+  ],
 };
 
 export default withNextIntl(nextConfig);
diff --git a/apps/dash/package.json b/apps/dash/package.json
index c743442e..822fbd80 100644
--- a/apps/dash/package.json
+++ b/apps/dash/package.json
@@ -4,7 +4,7 @@
   "private": true,
   "scripts": {
     "dev": "next dev",
-    "build": "next build",
+    "build": "next build --webpack",
     "start": "next start",
     "lint": "biome check",
     "format": "biome format --write",
@@ -16,14 +16,17 @@
     "e2e": "playwright test",
     "e2e:ui": "playwright test --ui",
     "auth:gen": "npx auth@latest generate --config src/shared/auth/server.ts --output=../../packages/db/src/schema/better-auth.ts",
+    "auth:patch": "tsx ./seed/patch-schema.ts",
     "db:seed": "tsx ./seed/index.ts"
   },
   "dependencies": {
+    "@axiomhq/pino": "^1.6.0",
     "@base-ui/react": "^1.3.0",
     "@domus/auth": "workspace:*",
     "@domus/config": "workspace:*",
     "@domus/core": "workspace:*",
     "@domus/db": "workspace:*",
+    "@domus/storage": "workspace:*",
     "@fontsource/inter": "^5.2.8",
     "@fontsource/plus-jakarta-sans": "^5.2.8",
     "@hello-pangea/dnd": "^18.0.1",
@@ -31,6 +34,7 @@
     "@tanstack/react-form": "^1.28.6",
     "@types/uuid": "^11.0.0",
     "better-auth": "1.5.6",
+    "browser-image-compression": "^2.0.2",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
     "date-fns": "^4.1.0",
@@ -40,6 +44,7 @@
     "next": "16.2.1",
     "next-intl": "^4.8.3",
     "next-themes": "^0.4.6",
+    "pino": "^10.3.1",
     "react": "19.2.4",
     "react-day-picker": "^9.14.0",
     "react-dom": "19.2.4",
@@ -56,9 +61,11 @@
     "@playwright/test": "^1.58.2",
     "@tailwindcss/postcss": "^4",
     "@types/node": "^24.0.0",
+    "@types/pino": "^7.0.5",
     "@types/react": "^19",
     "@types/react-dom": "^19",
     "@vitest/coverage-istanbul": "^4.1.0",
+    "pino-pretty": "^13.1.3",
     "tailwindcss": "^4",
     "typescript": "^5",
     "vitest": "^4.1.0",
diff --git a/apps/dash/proxy.ts b/apps/dash/proxy.ts
index 9cdd95e7..709f3c3f 100644
--- a/apps/dash/proxy.ts
+++ b/apps/dash/proxy.ts
@@ -2,6 +2,7 @@ import c from "@domus/config";
 import { headers } from "next/headers";
 import { type NextRequest, NextResponse } from "next/server";
 import auth from "@/shared/auth/server";
+import { logger } from "@/shared/core/logger";
 import { routing } from "@/shared/i18n/routing";
 
 /**
@@ -12,70 +13,94 @@ import { routing } from "@/shared/i18n/routing";
  */
 export default async function proxy(request: NextRequest) {
   const { pathname } = request.nextUrl;
-
-  // 1. Get session
-  const session: typeof auth.$Infer.Session | null = await auth.api.getSession({
-    headers: await headers(),
+  logger.info("proxy: start", {
+    method: request.method,
+    pathname,
   });
 
-  // 2. Auth Redirection Logic
-  const isPublicPage = pathname.startsWith("/login");
-  const isStatusPage =
-    pathname.startsWith("/pending") || pathname.startsWith("/rejected");
+  try {
+    // 1. Get session
+    const session: typeof auth.$Infer.Session | null =
+      await auth.api.getSession({
+        headers: await headers(),
+      });
 
-  if (!session) {
-    // Unauthenticated user
-    if (!isPublicPage && !isStatusPage) {
-      const url = new URL("/login", request.url);
-      url.searchParams.set("callbackUrl", pathname);
-      return NextResponse.redirect(url);
-    }
-  } else {
-    if (!pathname.startsWith("/join")) {
-      // Authenticated user
-      const status = session.context.accountStatus;
+    // 2. Auth Redirection Logic
+    const isPublicPage = pathname.startsWith("/login");
+    const isStatusPage =
+      pathname.startsWith("/pending") || pathname.startsWith("/rejected");
 
-      if (status === "pending" && pathname !== "/pending") {
-        return NextResponse.redirect(new URL("/pending", request.url));
+    if (!session) {
+      // Unauthenticated user
+      if (!isPublicPage && !isStatusPage) {
+        const url = new URL("/login", request.url);
+        url.searchParams.set("callbackUrl", pathname);
+        logger.warn("proxy: unauthenticated_redirect", { pathname });
+        return NextResponse.redirect(url);
       }
+    } else {
+      logger.info("proxy: session_found", {
+        userId: session.user.id,
+        accountStatus: session.context.accountStatus,
+      });
 
-      if (status === "rejected" && pathname !== "/rejected") {
-        return NextResponse.redirect(new URL("/rejected", request.url));
-      }
+      if (!pathname.startsWith("/join")) {
+        // Authenticated user
+        const status = session.context.accountStatus;
 
-      if (status === "approved" && (isPublicPage || isStatusPage)) {
-        return NextResponse.redirect(new URL("/", request.url));
+        if (status === "pending" && pathname !== "/pending") {
+          logger.warn("proxy: status_redirect", { status, pathname });
+          return NextResponse.redirect(new URL("/pending", request.url));
+        }
+
+        if (status === "rejected" && pathname !== "/rejected") {
+          logger.warn("proxy: status_redirect", { status, pathname });
+          return NextResponse.redirect(new URL("/rejected", request.url));
+        }
+
+        if (status === "approved" && (isPublicPage || isStatusPage)) {
+          logger.info("proxy: status_redirect", { status, pathname });
+          return NextResponse.redirect(new URL("/", request.url));
+        }
       }
     }
-  }
 
-  // 3. i18n Locale Handling (from original proxy.ts) foobar
-  const cookieName = c.app.locale.cookieName;
-  const cookieLocale = request.cookies.get(cookieName)?.value;
+    // 3. i18n Locale Handling (from original proxy.ts) foobar
+    const cookieName = c.app.locale.cookieName;
+    const cookieLocale = request.cookies.get(cookieName)?.value;
 
-  // Use cookie if available, otherwise default
-  const finalLocale = cookieLocale || routing.defaultLocale;
+    // Use cookie if available, otherwise default
+    const finalLocale = cookieLocale || routing.defaultLocale;
 
-  // 4. Create the response and set local headers
-  const requestHeaders = new Headers(request.headers);
-  requestHeaders.set("X-NEXT-INTL-LOCALE", finalLocale);
+    // 4. Create the response and set local headers
+    const requestHeaders = new Headers(request.headers);
+    requestHeaders.set("X-NEXT-INTL-LOCALE", finalLocale);
 
-  const response = NextResponse.next({
-    request: {
-      headers: requestHeaders,
-    },
-  });
-
-  // 5. Persist the locale in our custom cookie if it's missing or changed
-  if (cookieLocale !== finalLocale) {
-    response.cookies.set(cookieName, finalLocale, {
-      path: "/",
-      maxAge: 60 * 60 * 24 * 365, // 1 year
-      sameSite: "lax",
+    const response = NextResponse.next({
+      request: {
+        headers: requestHeaders,
+      },
     });
-  }
 
-  return response;
+    // 5. Persist the locale in our custom cookie if it's missing or changed
+    if (cookieLocale !== finalLocale) {
+      logger.info("proxy: locale_persistence", {
+        old: cookieLocale,
+        final: finalLocale,
+      });
+      response.cookies.set(cookieName, finalLocale, {
+        path: "/",
+        maxAge: 60 * 60 * 24 * 365, // 1 year
+        sameSite: "lax",
+      });
+    }
+
+    return response;
+  } catch (error) {
+    const message = error instanceof Error ? error.message : "Internal Error";
+    logger.error("proxy: error", { message, pathname });
+    throw error;
+  }
 }
 
 export const config = {
diff --git a/apps/dash/seed/index.ts b/apps/dash/seed/index.ts
index 45ebb605..950ee175 100644
--- a/apps/dash/seed/index.ts
+++ b/apps/dash/seed/index.ts
@@ -1,5 +1,5 @@
 import c from "@domus/config";
-import { UserRole } from "@domus/core";
+import { AccountStatus, UserRole } from "@domus/core";
 import { ensureUser } from "./helper/user";
 import { seedOrganization } from "./org";
 
@@ -12,6 +12,7 @@ async function initSuperAdmin(_isDryRun: boolean) {
     email: c.initial.adminEmail,
     password: c.initial.adminPassword,
     role: [UserRole.SuperAdmin],
+    accountStatus: AccountStatus.Approved,
   });
 }
 
diff --git a/apps/dash/seed/patch-schema.ts b/apps/dash/seed/patch-schema.ts
new file mode 100644
index 00000000..f9114210
--- /dev/null
+++ b/apps/dash/seed/patch-schema.ts
@@ -0,0 +1,136 @@
+import * as fs from "node:fs";
+import * as path from "node:path";
+import { fileURLToPath } from "node:url";
+
+/**
+ * Patch script to convert all schema IDs in packages/db/src/schema from text to uuid.
+ *
+ * Usage: tsx apps/dash/seed/patch-schema.ts
+ */
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+const SCHEMA_DIR = path.resolve(__dirname, "../../../packages/db/src/schema");
+
+function patchFile(filePath: string) {
+  let content = fs.readFileSync(filePath, "utf8");
+  let modified = false;
+
+  // 1. Patch primary keys and remove $defaultFn
+  // Pattern 1: uuid('id').primaryKey().$defaultFn(() => uuidv7())
+  const pkUuidDefaultRegex =
+    /id:\s*uuid\(['"]id['"]\)\s*\.primaryKey\(\)\s*\.\$defaultFn\([^)]*\)/g;
+  if (pkUuidDefaultRegex.test(content)) {
+    content = content.replace(
+      pkUuidDefaultRegex,
+      'id: uuid("id").primaryKey()',
+    );
+    modified = true;
+  }
+
+  // Pattern 2: text('id').primaryKey()
+  const pkTextRegex = /id:\s*text\(['"]id['"]\)\.primaryKey\(\)/g;
+  if (pkTextRegex.test(content)) {
+    content = content.replace(pkTextRegex, 'id: uuid("id").primaryKey()');
+    modified = true;
+  }
+
+  // 2. Patch foreign keys and related columns
+  const fkPatterns = [
+    {
+      regex: /userId:\s*text\(['"]user_id['"]\)/g,
+      replacement: 'userId: uuid("user_id")',
+    },
+    {
+      regex: /organizationId:\s*text\(['"]organization_id['"]\)/g,
+      replacement: 'organizationId: uuid("organization_id")',
+    },
+    {
+      regex: /inviterId:\s*text\(['"]inviter_id['"]\)/g,
+      replacement: 'inviterId: uuid("inviter_id")',
+    },
+    {
+      regex: /parentId:\s*text\(['"]parent_id['"]\)/g,
+      replacement: 'parentId: uuid("parent_id")',
+    },
+    {
+      regex: /impersonatedBy:\s*text\(['"]impersonated_by['"]\)/g,
+      replacement: 'impersonatedBy: uuid("impersonated_by")',
+    },
+    {
+      regex: /activeOrganizationId:\s*text\(['"]active_organization_id['"]\)/g,
+      replacement: 'activeOrganizationId: uuid("active_organization_id")',
+    },
+    {
+      regex: /createdBy:\s*text\(['"]created_by['"]\)/g,
+      replacement: 'createdBy: uuid("created_by")',
+    },
+    {
+      regex: /updatedBy:\s*text\(['"]updated_by['"]\)/g,
+      replacement: 'updatedBy: uuid("updated_by")',
+    },
+    {
+      regex: /verifiedBy:\s*text\(['"]verified_by['"]\)/g,
+      replacement: 'verifiedBy: uuid("verified_by")',
+    },
+    {
+      regex: /lockedBy:\s*text\(['"]locked_by['"]\)/g,
+      replacement: 'lockedBy: uuid("locked_by")',
+    },
+  ];
+
+  for (const pattern of fkPatterns) {
+    if (pattern.regex.test(content)) {
+      content = content.replace(pattern.regex, pattern.replacement);
+      modified = true;
+    }
+  }
+
+  if (modified) {
+    // 3. Update imports
+    // Ensure uuid is imported from drizzle-orm/pg-core
+    const pgCoreImportRegex =
+      /import\s*{\s*([^}]*)\s*}\s*from\s*['"]drizzle-orm\/pg-core['"];/;
+    const match = content.match(pgCoreImportRegex);
+
+    if (match) {
+      const imports = match[1];
+      const importList = imports
+        .split(",")
+        .map((i) => i.trim())
+        .filter(Boolean);
+
+      if (!importList.includes("uuid")) {
+        importList.push("uuid");
+        importList.sort();
+        const newImports = `import {\n  ${importList.join(",\n  ")},\n} from "drizzle-orm/pg-core";`;
+        content = content.replace(pgCoreImportRegex, newImports);
+      }
+    }
+
+    // 4. Remove unused uuid package imports
+    content = content.replace(
+      /import\s*{\s*v7\s*as\s*uuidv7\s*}\s*from\s*['"]uuid['"];?\n?/g,
+      "",
+    );
+    content = content.replace(
+      /import\s*{\s*v7\s*}\s*from\s*['"]uuid['"];?\n?/g,
+      "",
+    );
+
+    fs.writeFileSync(filePath, content, "utf8");
+    console.log(`Patched: ${filePath}`);
+  }
+}
+
+function run() {
+  const betterAuthSchema = path.join(SCHEMA_DIR, "better-auth.ts");
+  if (fs.existsSync(betterAuthSchema)) {
+    patchFile(betterAuthSchema);
+  } else {
+    console.error(`Could not find better-auth schema at: ${betterAuthSchema}`);
+  }
+}
+
+run();
diff --git a/apps/dash/src/app/api-routes/cron/rotate-join-id.ts b/apps/dash/src/api-routes/cron/rotate-join-id.ts
similarity index 100%
rename from apps/dash/src/app/api-routes/cron/rotate-join-id.ts
rename to apps/dash/src/api-routes/cron/rotate-join-id.ts
diff --git a/apps/dash/src/pages/auth/ui/LoginPage.tsx b/apps/dash/src/pages/auth/ui/LoginPage.tsx
index 7210bd5f..8bece980 100644
--- a/apps/dash/src/pages/auth/ui/LoginPage.tsx
+++ b/apps/dash/src/pages/auth/ui/LoginPage.tsx
@@ -2,6 +2,7 @@ import c, { Environment } from "@domus/config";
 import type { Metadata } from "next";
 import { useTranslations } from "next-intl";
 import { Card, CardContent } from "@/shared/ui/shadcn/card";
+import { Brand } from "@/widgets/layout/ui/components/Brand";
 import { LoginForm } from "./components/LoginForm";
 
 export const LoginMetadata: Metadata = {
@@ -11,7 +12,7 @@ export const LoginMetadata: Metadata = {
 /**
  * Login page UI component.
  *
- * Renders the "Sacred Dusk" branded login page template.
+ * Renders a warm, casual login page with glassmorphism effects.
  * Delegating authentication form logic to the LoginForm feature.
  *
  * @returns The LoginPage component.
@@ -21,29 +22,33 @@ export function LoginPage() {
   const emailPasswordForm = c.app.env !== Environment.Production;
 
   return (
-    <>
-      {/* LoginPage Start */}
-      <div className="flex flex-col items-center justify-center w-full">
-        <Card className="w-full bg-surface-container-lowest border border-[#D4D8E0] rounded-xl p-8 shadow-lg max-w-md mx-auto">
-          <CardContent className="p-0 space-y-8">
-            {/* Branding Header */}
-            <div className="flex flex-col items-center text-center space-y-4 mb-2">
-              <div className="space-y-1">
-                <h1 className="text-2xl font-bold text-[#233345] tracking-tight">
-                  {t("heading")}
-                </h1>
-                <p className="text-on-surface-variant text-sm font-medium">
-                  {t("subheading")}
-                </p>
-              </div>
+    <div className="relative min-h-screen w-full flex items-center justify-center p-4 overflow-hidden bg-background">
+      {/* Warm Soft Background Gradient */}
+      <div className="absolute inset-0 z-0">
+        <div className="absolute top-[-10%] left-[-10%] w-[40%] h-[40%] rounded-full bg-accent/10 blur-[120px] animate-pulse" />
+        <div className="absolute bottom-[-10%] right-[-10%] w-[40%] h-[40%] rounded-full bg-primary/10 blur-[120px] animate-pulse" />
+      </div>
+
+      {/* Glassmorphism Card */}
+      <Card className="relative z-10 w-full max-w-[340px] bg-white/40 dark:bg-card/40 backdrop-blur-xl border-white/20 shadow-2xl rounded-[32px] overflow-hidden animate-in fade-in zoom-in duration-700">
+        <CardContent className="px-6 py-8 space-y-6">
+          {/* Branding Header */}
+          <div className="flex flex-col items-center text-center space-y-3">
+            <Brand size="sm" className="scale-110 mb-1" />
+            <div className="space-y-0.5">
+              <h1 className="text-base font-bold text-foreground tracking-tight">
+                {t("heading")}
+              </h1>
+              <p className="text-muted-foreground text-[10px] font-medium max-w-[220px] leading-snug opacity-70">
+                {t("subheading")}
+              </p>
             </div>
+          </div>
 
-            {/* Main Form Area */}
-            <LoginForm emailPasswordForm={emailPasswordForm} />
-          </CardContent>
-        </Card>
-      </div>
-      {/* LoginPage End */}
-    </>
+          {/* Main Form Area */}
+          <LoginForm emailPasswordForm={emailPasswordForm} />
+        </CardContent>
+      </Card>
+    </div>
   );
 }
diff --git a/apps/dash/src/pages/auth/ui/components/LoginForm.tsx b/apps/dash/src/pages/auth/ui/components/LoginForm.tsx
index ad20e79d..69d8911e 100644
--- a/apps/dash/src/pages/auth/ui/components/LoginForm.tsx
+++ b/apps/dash/src/pages/auth/ui/components/LoginForm.tsx
@@ -76,10 +76,10 @@ export function LoginForm({
   };
 
   return (
-    <div className="space-y-6">
+    <div className="space-y-3">
       {/* Error Message */}
       {error && (
-        <div className="rounded-lg border border-error/20 bg-error-container/10 p-3 text-center text-xs font-semibold text-error">
+        <div className="rounded-xl border border-destructive/30 bg-destructive/10 p-2.5 text-center text-[11px] font-bold text-destructive animate-in fade-in slide-in-from-top-1">
           {error}
         </div>
       )}
@@ -91,12 +91,12 @@ export function LoginForm({
         disabled={isLoading}
         suppressHydrationWarning
         className={cn(
-          "w-full flex items-center justify-center gap-3 py-6 px-4 bg-white border border-[#D4D8E0] rounded-lg hover:bg-surface-container-low transition-all duration-200 group active:scale-[0.98]",
-          "cursor-pointer shadow-sm",
+          "w-full flex items-center justify-center gap-2.5 py-5 bg-white/60 dark:bg-card/20 border-white/20 rounded-xl hover:bg-white/80 transition-all duration-300 group active:scale-[0.98]",
+          "cursor-pointer shadow-sm backdrop-blur-sm",
         )}
       >
         <GoogleIcon />
-        <span className="text-sm font-semibold text-[#233345]">
+        <span className="text-[13px] font-bold text-foreground opacity-90">
           {t("googleButton")}
         </span>
       </Button>
@@ -105,19 +105,19 @@ export function LoginForm({
       {emailPasswordForm && (
         <>
           {/* Separator */}
-          <div className="relative flex items-center justify-center">
+          <div className="relative flex items-center justify-center py-1">
             <div className="absolute inset-0 flex items-center">
-              <Separator className="w-full border-outline-variant/20" />
+              <Separator className="w-full bg-border/20" />
             </div>
-            <span className="relative px-4 bg-surface-container-lowest text-[10px] uppercase tracking-widest text-on-surface-variant font-bold">
+            <span className="relative px-2 bg-transparent text-[8px] uppercase tracking-[0.2em] text-muted-foreground/60 font-black">
               {t("orSeparator")}
             </span>
           </div>
-          <form className="space-y-4" onSubmit={handleEmailLogin}>
-            <div className="space-y-1.5">
+          <form className="space-y-2.5" onSubmit={handleEmailLogin}>
+            <div className="space-y-1">
               <Label
                 htmlFor="login-email"
-                className="text-xs font-bold text-on-surface-variant tracking-wide uppercase"
+                className="text-[9px] font-black text-muted-foreground/70 tracking-widest uppercase px-1"
               >
                 {t("emailLabel")}
               </Label>
@@ -129,21 +129,21 @@ export function LoginForm({
                 required
                 disabled={isLoading}
                 suppressHydrationWarning
-                className="w-full px-4 py-2.5 bg-surface-container-low border-0 rounded-lg text-sm text-on-surface focus-visible:ring-1 focus-visible:ring-[#a33c29]/30 focus-visible:bg-surface-container-lowest transition-all duration-200 outline-none placeholder:text-outline/50"
+                className="w-full px-3.5 py-2 bg-white/20 dark:bg-card/20 border-transparent rounded-xl text-[13px] text-foreground focus-visible:ring-1 focus-visible:ring-accent/40 focus-visible:bg-white/30 transition-all duration-300 outline-none placeholder:text-muted-foreground/30"
               />
             </div>
 
-            <div className="space-y-1.5">
-              <div className="flex items-center justify-between">
+            <div className="space-y-1">
+              <div className="flex items-center justify-between px-1">
                 <Label
                   htmlFor="login-password"
-                  className="text-xs font-bold text-on-surface-variant tracking-wide uppercase"
+                  className="text-[9px] font-black text-muted-foreground/70 tracking-widest uppercase"
                 >
                   {t("passwordLabel")}
                 </Label>
                 <Link
                   href={"/login"}
-                  className="p-0 h-auto text-[11px] font-bold text-[#a33c29] hover:text-[#a33c29]/80 transition-colors"
+                  className="p-0 h-auto text-[9px] font-black text-accent hover:text-accent/80 transition-colors uppercase tracking-wider"
                 >
                   {t("forgotPassword")}
                 </Link>
@@ -156,7 +156,7 @@ export function LoginForm({
                 required
                 disabled={isLoading}
                 suppressHydrationWarning
-                className="w-full px-4 py-2.5 bg-surface-container-low border-0 rounded-lg text-sm text-on-surface focus-visible:ring-1 focus-visible:ring-[#a33c29]/30 focus-visible:bg-surface-container-lowest transition-all duration-200 outline-none placeholder:text-outline/50"
+                className="w-full px-3.5 py-2 bg-white/20 dark:bg-card/20 border-transparent rounded-xl text-[13px] text-foreground focus-visible:ring-1 focus-visible:ring-accent/40 focus-visible:bg-white/30 transition-all duration-300 outline-none placeholder:text-muted-foreground/30"
               />
             </div>
 
@@ -164,7 +164,7 @@ export function LoginForm({
               type="submit"
               disabled={isLoading}
               suppressHydrationWarning
-              className="w-full mt-4 py-6 bg-[#233345] hover:bg-[#233345]/90 text-white text-sm font-bold rounded-lg shadow-md active:scale-[0.98] transition-all duration-200"
+              className="w-full mt-1.5 py-5 bg-accent hover:bg-accent/90 text-accent-foreground text-[13px] font-black rounded-xl shadow-lg active:scale-[0.98] transition-all duration-300 uppercase tracking-widest"
             >
               {isLoading ? t("loading") : t("submitButton")}
             </Button>
diff --git a/apps/dash/src/pages/home/actions/home.ts b/apps/dash/src/pages/home/actions/home.ts
index 9bf18e49..4b037fd1 100644
--- a/apps/dash/src/pages/home/actions/home.ts
+++ b/apps/dash/src/pages/home/actions/home.ts
@@ -3,6 +3,7 @@ import type {
   RsvpStatus as CoreRsvpStatus,
   EventStatus,
 } from "@domus/core";
+import { logger } from "@/shared/core/logger";
 import {
   event as eventService,
   parishioner as parishionerService,
@@ -36,7 +37,6 @@ export interface ParishionerRequest {
 }
 
 import type { LucideIcon } from "lucide-react";
-import { DASHBOARD_ACTIONS } from "@/shared/config/actions";
 
 /** A parish service shortcut card. */
 export interface LayananItem {
@@ -62,7 +62,9 @@ export async function getEvents(ctx?: AuthContext): Promise<{
   success: boolean;
   data: AgendaItem[];
 }> {
+  logger.info("getEvents: start", { userId: ctx?.userId });
   if (!ctx) {
+    logger.warn("getEvents: unauthorized");
     return { success: false, data: [] };
   }
 
@@ -77,6 +79,10 @@ export async function getEvents(ctx?: AuthContext): Promise<{
   );
 
   if (error) {
+    logger.error("getEvents: failed", {
+      code: error.code,
+      message: error.message,
+    });
     return { success: false, data: [] };
   }
 
@@ -94,6 +100,7 @@ export async function getEvents(ctx?: AuthContext): Promise<{
     eventPhoto: e.eventPhoto ?? FALLBACK_EVENT_PHOTO,
   }));
 
+  logger.info("getEvents: succeeded", { count: data.length });
   return { success: true, data };
 }
 
@@ -102,7 +109,9 @@ export async function getPendingParishioners(ctx?: AuthContext): Promise<{
   success: boolean;
   data: ParishionerRequest[];
 }> {
+  logger.info("getPendingParishioners: start", { userId: ctx?.userId });
   if (!ctx) {
+    logger.warn("getPendingParishioners: unauthorized");
     return { success: true, data: [] };
   }
 
@@ -110,6 +119,10 @@ export async function getPendingParishioners(ctx?: AuthContext): Promise<{
     await parishionerService.getPendingVerificationRequests(ctx, 10);
 
   if (error) {
+    logger.error("getPendingParishioners: failed", {
+      code: error.code,
+      message: error.message,
+    });
     return { success: false, data: [] };
   }
 
@@ -121,5 +134,6 @@ export async function getPendingParishioners(ctx?: AuthContext): Promise<{
     avatarUrl: r.avatarUrl ?? FALLBACK_AVATAR,
   }));
 
+  logger.info("getPendingParishioners: succeeded", { count: data.length });
   return { success: true, data };
 }
diff --git a/apps/dash/src/pages/home/ui/components/HomeContent.tsx b/apps/dash/src/pages/home/ui/components/HomeContent.tsx
index ed131c54..b4dd7bef 100644
--- a/apps/dash/src/pages/home/ui/components/HomeContent.tsx
+++ b/apps/dash/src/pages/home/ui/components/HomeContent.tsx
@@ -23,7 +23,7 @@ export function HomeContent({
   parishionerRequests,
 }: HomeContentProps): ReactNode {
   const t = useTranslations("HomePage");
-  const [activeTab, setActiveTab] = useState<TabId>("agenda");
+  const [activeTab, setActiveTab] = useState<TabId>("layanan");
 
   const HOME_NAV_ITEMS = [
     { id: "agenda" as TabId, label: t("agendaTab"), icon: Calendar, badge: 10 },
@@ -42,7 +42,7 @@ export function HomeContent({
         {activeTab === "agenda" && <AgendaSection items={agendaItems} />}
         {activeTab === "tugas" && <TugasSection items={parishionerRequests} />}
         {activeTab === "layanan" && (
-          <LayananSection items={DASHBOARD_ACTIONS as any} />
+          <LayananSection items={DASHBOARD_ACTIONS} />
         )}
       </div>
 
diff --git a/apps/dash/src/pages/org/actions/create.ts b/apps/dash/src/pages/org/actions/create.ts
index 5374bf3c..86c8f3e6 100644
--- a/apps/dash/src/pages/org/actions/create.ts
+++ b/apps/dash/src/pages/org/actions/create.ts
@@ -4,6 +4,7 @@ import { OrgType, UserRole } from "@domus/core";
 import { headers } from "next/headers";
 import auth, { getSession } from "@/shared/auth/server";
 import { organization as organizationService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 import { actionFail, actionOk } from "@/shared/types";
 
@@ -18,9 +19,14 @@ export async function createAction(
   data: CreateOrganization,
 ): Promise<ActionResult<Organization>> {
   const session = await getSession(await headers());
+  logger.info("createAction: start", {
+    name: data.name,
+    type: data.type,
+    userId: session?.user?.id,
+  });
 
   if (!session?.context) {
-    console.error("[createOrganizationAction] No session context found");
+    logger.warn("createAction: unauthorized");
     return actionFail(
       "Anda harus login untuk melakukan aksi ini.",
       "UNAUTHORIZED",
@@ -33,6 +39,7 @@ export async function createAction(
     !userRoles.includes(UserRole.ParishAdmin) &&
     !userRoles.includes(UserRole.SuperAdmin)
   ) {
+    logger.warn("createAction: forbidden", { userId: session.user.id });
     return actionFail(
       "Anda tidak memiliki izin untuk membuat organisasi.",
       "FORBIDDEN",
@@ -44,6 +51,10 @@ export async function createAction(
     const [_parentValid, parentError] =
       await organizationService.validateParent(data.type, data.parentId);
     if (parentError) {
+      logger.warn("createAction: validation_failed", {
+        reason: "parent_invalid",
+        parentId: data.parentId,
+      });
       return actionFail(
         parentError.message || "Validasi parent gagal.",
         "BAD_REQUEST",
@@ -54,6 +65,10 @@ export async function createAction(
       const [_depthValid, depthError] =
         await organizationService.validateCategoricalDepth(data.parentId);
       if (depthError) {
+        logger.warn("createAction: validation_failed", {
+          reason: "depth_exceeded",
+          parentId: data.parentId,
+        });
         return actionFail(
           depthError.message || "Batas kedalaman Kategorial terlampaui.",
           "BAD_REQUEST",
@@ -77,31 +92,27 @@ export async function createAction(
               "",
             )}-${Math.random().toString(36).substring(2, 7)}`,
         logo: data.logo || undefined,
-        // Additional fields sanitized for Zod validation
         type: data.type,
         parentId: data.parentId ?? undefined,
         cover: data.cover ?? undefined,
         description: data.description ?? undefined,
       },
     });
-
-    console.log(
-      "[createOrganizationAction] Better Auth response:",
-      JSON.stringify(org, null, 2),
-    );
-
     if (!org) {
+      logger.error("createAction: failed", {
+        message: "Better Auth returned null",
+      });
       return actionFail(
         "Gagal membuat organisasi melalui Better Auth.",
         "INTERNAL_ERROR",
       );
     }
-
+    logger.info("createAction: succeeded", { id: org.id });
     return actionOk(org as unknown as Organization);
   } catch (error: unknown) {
-    console.error("[createOrganizationAction] Error:", error);
     const message =
       error instanceof Error ? error.message : "Terjadi kesalahan.";
+    logger.error("createAction: error", { message });
     return actionFail(message, "ERROR");
   }
 }
diff --git a/apps/dash/src/pages/org/actions/delete.ts b/apps/dash/src/pages/org/actions/delete.ts
index 2dea68a8..e25d2724 100644
--- a/apps/dash/src/pages/org/actions/delete.ts
+++ b/apps/dash/src/pages/org/actions/delete.ts
@@ -3,6 +3,7 @@ import { revalidatePath } from "next/cache";
 import { headers } from "next/headers";
 import { getSession } from "@/shared/auth/server";
 import { organization as organizationService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 import { actionFail, actionOk } from "@/shared/types";
 
@@ -15,9 +16,10 @@ import { actionFail, actionOk } from "@/shared/types";
  */
 export async function removeAction(id: string): Promise<ActionResult<void>> {
   const session = await getSession(await headers());
+  logger.info("removeAction: start", { id, userId: session?.user?.id });
 
   if (!session?.context) {
-    console.error("[deleteOrganizationAction] No session context found");
+    logger.warn("removeAction: unauthorized");
     return actionFail(
       "Anda harus login untuk melakukan aksi ini.",
       "UNAUTHORIZED",
@@ -28,7 +30,11 @@ export async function removeAction(id: string): Promise<ActionResult<void>> {
     const [, error] = await organizationService.delete(id, session.context);
 
     if (error) {
-      console.error("[deleteOrganizationAction] Service Error:", error);
+      logger.error("removeAction: failed", {
+        id,
+        code: error.code,
+        message: error.message,
+      });
       return actionFail(
         error.message ||
           "Anda tidak memiliki izin untuk menghapus organisasi ini.",
@@ -37,12 +43,14 @@ export async function removeAction(id: string): Promise<ActionResult<void>> {
     }
 
     revalidatePath("/org");
+    revalidatePath("/", "layout");
+    logger.info("removeAction: succeeded", { id });
 
     return actionOk(undefined);
   } catch (error: unknown) {
-    console.error("[deleteOrganizationAction] Error:", error);
     const message =
       error instanceof Error ? error.message : "Terjadi kesalahan.";
+    logger.error("removeAction: error", { id, message });
     return actionFail(message, "ERROR");
   }
 }
diff --git a/apps/dash/src/pages/org/actions/join-data.ts b/apps/dash/src/pages/org/actions/join-data.ts
index a2964018..3159c064 100644
--- a/apps/dash/src/pages/org/actions/join-data.ts
+++ b/apps/dash/src/pages/org/actions/join-data.ts
@@ -2,6 +2,7 @@
 
 import type { Organization, Result, Unit } from "@domus/core";
 import { CoreError, fail, NotFoundError, ok } from "@domus/core";
+import { logger } from "@/shared/core/logger";
 import {
   organization as orgService,
   unit as unitService,
@@ -16,13 +17,19 @@ export async function getJoinDataAction(joinId: string): Promise<
     units: Unit[];
   }>
 > {
+  logger.info("getJoinDataAction: start", { joinId });
   try {
     // 1. Find organization by joinId
     const [orgData, orgError] = await orgService.findByJoinId(joinId);
     if (orgError) {
       if (orgError instanceof NotFoundError) {
+        logger.warn("getJoinDataAction: organization_not_found", { joinId });
         return fail(new NotFoundError("Organisasi"));
       }
+      logger.error("getJoinDataAction: org_error", {
+        joinId,
+        code: orgError.code,
+      });
       return fail(orgError);
     }
 
@@ -31,15 +38,21 @@ export async function getJoinDataAction(joinId: string): Promise<
       orgData.id,
     );
     if (unitError) {
+      logger.error("getJoinDataAction: unit_error", {
+        orgId: orgData.id,
+        code: unitError.code,
+      });
       return fail(unitError);
     }
 
+    logger.info("getJoinDataAction: succeeded", { orgId: orgData.id });
     return ok({
       organization: orgData,
       units: units || [],
     });
   } catch (error) {
-    console.error("[getJoinDataAction]", error);
+    const message = error instanceof Error ? error.message : "Internal Error";
+    logger.error("getJoinDataAction: error", { message });
     return fail(
       new CoreError(
         "INTERNAL_ERROR",
diff --git a/apps/dash/src/pages/org/actions/join-mock.ts b/apps/dash/src/pages/org/actions/join-mock.ts
index 5debc424..d55d291f 100644
--- a/apps/dash/src/pages/org/actions/join-mock.ts
+++ b/apps/dash/src/pages/org/actions/join-mock.ts
@@ -1,6 +1,7 @@
 "use server";
 
 import type { JoinForm } from "@domus/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 import { actionOk } from "@/shared/types";
 
@@ -14,15 +15,13 @@ import { actionOk } from "@/shared/types";
  */
 export async function joinMockAction(
   joinId: string,
-  data: JoinForm,
+  _data: JoinForm,
 ): Promise<ActionResult<void>> {
+  logger.info("joinMockAction: start", { joinId });
   // Simulate network delay
   await new Promise((resolve) => setTimeout(resolve, 1200));
 
-  console.log(
-    `[Mock Action] Join request received for joinId: ${joinId}`,
-    data,
-  );
+  logger.info("joinMockAction: succeeded", { joinId });
 
   // Return success result
   return actionOk(undefined);
diff --git a/apps/dash/src/pages/org/actions/join.ts b/apps/dash/src/pages/org/actions/join.ts
index b4c25837..136f0236 100644
--- a/apps/dash/src/pages/org/actions/join.ts
+++ b/apps/dash/src/pages/org/actions/join.ts
@@ -4,6 +4,7 @@ import type { JoinForm } from "@domus/core";
 import { headers } from "next/headers";
 import { getSession } from "@/shared/auth/server";
 import { enrollment } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import { type ActionResult, actionFail, actionOk } from "@/shared/types";
 
 /**
@@ -18,8 +19,10 @@ export async function joinAction(
   data: JoinForm,
 ): Promise<ActionResult<{ isNew: boolean }>> {
   const session = await getSession(await headers());
+  logger.info("joinAction: start", { joinId, userId: session?.user?.id });
 
   if (!session) {
+    logger.warn("joinAction: unauthorized");
     return actionFail("Anda harus masuk terlebih dahulu.", "UNAUTHORIZED");
   }
 
@@ -30,8 +33,14 @@ export async function joinAction(
   );
 
   if (error) {
+    logger.error("joinAction: failed", {
+      joinId,
+      code: error.code,
+      message: error.message,
+    });
     return actionFail(error.message, error.code);
   }
 
+  logger.info("joinAction: succeeded", { joinId, isNew: result?.isNew });
   return actionOk({ isNew: result?.isNew });
 }
diff --git a/apps/dash/src/pages/org/actions/list-parent.ts b/apps/dash/src/pages/org/actions/list-parent.ts
index a72b1870..0c259f99 100644
--- a/apps/dash/src/pages/org/actions/list-parent.ts
+++ b/apps/dash/src/pages/org/actions/list-parent.ts
@@ -2,6 +2,7 @@
 
 import type { Organization, OrgType } from "@domus/core";
 import { organization as organizationService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 
 /**
@@ -12,6 +13,7 @@ export async function listParentAction(
   type: OrgType,
   currentId?: string | null,
 ): Promise<ActionResult<Organization[]>> {
+  logger.info("listParentAction: start", { type, currentId });
   try {
     const [result, error] = await organizationService.listForType(
       type,
@@ -19,6 +21,10 @@ export async function listParentAction(
     );
 
     if (error) {
+      logger.error("listParentAction: failed", {
+        type,
+        message: error.message,
+      });
       return {
         success: false,
         code: "INTERNAL_SERVER_ERROR",
@@ -26,16 +32,19 @@ export async function listParentAction(
       };
     }
 
+    logger.info("listParentAction: succeeded", { count: result?.length ?? 0 });
     return {
       success: true,
       data: result ?? [],
     };
   } catch (error) {
-    console.error("Failed to get parent organizations:", error);
+    const message =
+      error instanceof Error ? error.message : "Internal Server Error";
+    logger.error("listParentAction: error", { type, message });
     return {
       success: false,
       code: "INTERNAL_SERVER_ERROR",
-      message: error instanceof Error ? error.message : "Internal Server Error",
+      message,
     };
   }
 }
diff --git a/apps/dash/src/pages/org/actions/list.ts b/apps/dash/src/pages/org/actions/list.ts
index 73b6f5c2..431a4df3 100644
--- a/apps/dash/src/pages/org/actions/list.ts
+++ b/apps/dash/src/pages/org/actions/list.ts
@@ -1,5 +1,6 @@
 import type { AuthContext, Organization } from "@domus/core";
 import { organization as organizationService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 
 /** Organization with virtual member count and location for the UI. */
@@ -16,8 +17,10 @@ export interface OrganizationWithCount extends Organization {
 export async function listAction(
   ctx: AuthContext,
 ): Promise<ActionResult<OrganizationWithCount[]>> {
+  logger.info("listAction: start", { userId: ctx?.userId });
   try {
     if (!ctx) {
+      logger.warn("listAction: unauthorized");
       return {
         success: false,
         code: "UNAUTHORIZED",
@@ -28,6 +31,10 @@ export async function listAction(
     const [result, error] = await organizationService.getUserOrganizations(ctx);
 
     if (error) {
+      logger.error("listAction: failed", {
+        code: "INTERNAL_SERVER_ERROR",
+        message: error.message,
+      });
       return {
         success: false,
         code: "INTERNAL_SERVER_ERROR",
@@ -35,16 +42,19 @@ export async function listAction(
       };
     }
 
+    logger.info("listAction: succeeded", { count: result?.length ?? 0 });
     return {
       success: true,
       data: (result ?? []) as OrganizationWithCount[],
     };
   } catch (error) {
-    console.error("Failed to get organizations:", error);
+    const message =
+      error instanceof Error ? error.message : "Internal Server Error";
+    logger.error("listAction: error", { message });
     return {
       success: false,
       code: "INTERNAL_SERVER_ERROR",
-      message: error instanceof Error ? error.message : "Internal Server Error",
+      message,
     };
   }
 }
diff --git a/apps/dash/src/pages/org/actions/unit-create.ts b/apps/dash/src/pages/org/actions/unit-create.ts
index e4e65668..4f7071d6 100644
--- a/apps/dash/src/pages/org/actions/unit-create.ts
+++ b/apps/dash/src/pages/org/actions/unit-create.ts
@@ -4,6 +4,7 @@ import type { CreateUnit, Unit } from "@domus/core";
 import { headers } from "next/headers";
 import { getSession } from "@/shared/auth/server";
 import { unit as unitService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 import { actionFail, actionOk } from "@/shared/types";
 
@@ -17,8 +18,14 @@ export async function createUnitAction(
   data: CreateUnit,
 ): Promise<ActionResult<Unit>> {
   const session = await getSession(await headers());
+  logger.info("createUnitAction: start", {
+    organizationId: data.organizationId,
+    name: data.name,
+    userId: session?.user?.id,
+  });
 
   if (!session?.context) {
+    logger.warn("createUnitAction: unauthorized");
     return actionFail(
       "Anda harus login untuk melakukan aksi ini.",
       "UNAUTHORIZED",
@@ -28,11 +35,17 @@ export async function createUnitAction(
   const [res, error] = await unitService.create(data, session.context);
 
   if (error) {
+    logger.error("createUnitAction: failed", {
+      organizationId: data.organizationId,
+      code: error.code,
+      message: error.message,
+    });
     return actionFail(
       error.message || "Gagal membuat unit.",
       error.code || "ERROR",
     );
   }
 
+  logger.info("createUnitAction: succeeded", { id: res.id });
   return actionOk(res);
 }
diff --git a/apps/dash/src/pages/org/actions/unit-delete.ts b/apps/dash/src/pages/org/actions/unit-delete.ts
index 46672ce9..5b6c3314 100644
--- a/apps/dash/src/pages/org/actions/unit-delete.ts
+++ b/apps/dash/src/pages/org/actions/unit-delete.ts
@@ -3,6 +3,7 @@
 import { headers } from "next/headers";
 import { getSession } from "@/shared/auth/server";
 import { unit as unitService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 import { actionFail, actionOk } from "@/shared/types";
 
@@ -16,8 +17,10 @@ export async function deleteUnitAction(
   id: string,
 ): Promise<ActionResult<void>> {
   const session = await getSession(await headers());
+  logger.info("deleteUnitAction: start", { id, userId: session?.user?.id });
 
   if (!session?.context) {
+    logger.warn("deleteUnitAction: unauthorized");
     return actionFail(
       "Anda harus login untuk melakukan aksi ini.",
       "UNAUTHORIZED",
@@ -27,11 +30,17 @@ export async function deleteUnitAction(
   const [_, error] = await unitService.delete(id, session.context);
 
   if (error) {
+    logger.error("deleteUnitAction: failed", {
+      id,
+      code: error.code,
+      message: error.message,
+    });
     return actionFail(
       error.message || "Gagal menghapus unit.",
       error.code || "ERROR",
     );
   }
 
+  logger.info("deleteUnitAction: succeeded", { id });
   return actionOk(undefined);
 }
diff --git a/apps/dash/src/pages/org/actions/unit-reorder.ts b/apps/dash/src/pages/org/actions/unit-reorder.ts
index b993ff6c..9a477e7b 100644
--- a/apps/dash/src/pages/org/actions/unit-reorder.ts
+++ b/apps/dash/src/pages/org/actions/unit-reorder.ts
@@ -4,6 +4,7 @@ import type { ReorderUnits } from "@domus/core";
 import { headers } from "next/headers";
 import { getSession } from "@/shared/auth/server";
 import { unit as unitService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 import { actionFail, actionOk } from "@/shared/types";
 
@@ -19,8 +20,13 @@ export async function reorderUnitsAction(
   data: ReorderUnits,
 ): Promise<ActionResult<void>> {
   const session = await getSession(await headers());
+  logger.info("reorderUnitsAction: start", {
+    organizationId,
+    userId: session?.user?.id,
+  });
 
   if (!session?.context) {
+    logger.warn("reorderUnitsAction: unauthorized");
     return actionFail(
       "Anda harus login untuk melakukan aksi ini.",
       "UNAUTHORIZED",
@@ -34,11 +40,17 @@ export async function reorderUnitsAction(
   );
 
   if (error) {
+    logger.error("reorderUnitsAction: failed", {
+      organizationId,
+      code: error.code,
+      message: error.message,
+    });
     return actionFail(
       error.message || "Gagal mengatur ulang urutan unit.",
       error.code || "ERROR",
     );
   }
 
+  logger.info("reorderUnitsAction: succeeded", { organizationId });
   return actionOk(undefined);
 }
diff --git a/apps/dash/src/pages/org/actions/unit-update.ts b/apps/dash/src/pages/org/actions/unit-update.ts
index bf6390d1..62443193 100644
--- a/apps/dash/src/pages/org/actions/unit-update.ts
+++ b/apps/dash/src/pages/org/actions/unit-update.ts
@@ -4,6 +4,7 @@ import type { Unit, UpdateUnit } from "@domus/core";
 import { headers } from "next/headers";
 import { getSession } from "@/shared/auth/server";
 import { unit as unitService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 import { actionFail, actionOk } from "@/shared/types";
 
@@ -19,8 +20,10 @@ export async function updateUnitAction(
   data: UpdateUnit,
 ): Promise<ActionResult<Unit>> {
   const session = await getSession(await headers());
+  logger.info("updateUnitAction: start", { id, userId: session?.user?.id });
 
   if (!session?.context) {
+    logger.warn("updateUnitAction: unauthorized");
     return actionFail(
       "Anda harus login untuk melakukan aksi ini.",
       "UNAUTHORIZED",
@@ -30,11 +33,17 @@ export async function updateUnitAction(
   const [res, error] = await unitService.update(id, data, session.context);
 
   if (error) {
+    logger.error("updateUnitAction: failed", {
+      id,
+      code: error.code,
+      message: error.message,
+    });
     return actionFail(
       error.message || "Gagal memperbarui unit.",
       error.code || "ERROR",
     );
   }
 
+  logger.info("updateUnitAction: succeeded", { id });
   return actionOk(res);
 }
diff --git a/apps/dash/src/pages/org/actions/update-organization.ts b/apps/dash/src/pages/org/actions/update-organization.ts
index ddd66b4d..ade0554a 100644
--- a/apps/dash/src/pages/org/actions/update-organization.ts
+++ b/apps/dash/src/pages/org/actions/update-organization.ts
@@ -4,6 +4,7 @@ import { revalidatePath } from "next/cache";
 import { headers } from "next/headers";
 import { getSession } from "@/shared/auth/server";
 import { organization as organizationService } from "@/shared/core";
+import { logger } from "@/shared/core/logger";
 import type { ActionResult } from "@/shared/types";
 import { actionFail, actionOk } from "@/shared/types";
 
@@ -20,9 +21,13 @@ export async function updateOrganizationAction(
   data: UpdateOrganization,
 ): Promise<ActionResult<Organization>> {
   const session = await getSession(await headers());
+  logger.info("updateOrganizationAction: start", {
+    id,
+    userId: session?.user?.id,
+  });
 
   if (!session?.context) {
-    console.error("[updateOrganizationAction] No session context found");
+    logger.warn("updateOrganizationAction: unauthorized");
     return actionFail(
       "Anda harus login untuk melakukan aksi ini.",
       "UNAUTHORIZED",
@@ -37,7 +42,11 @@ export async function updateOrganizationAction(
     );
 
     if (error) {
-      console.error("[updateOrganizationAction] Service Error:", error);
+      logger.error("updateOrganizationAction: failed", {
+        id,
+        code: error.name === "ValidationError" ? "BAD_REQUEST" : "FORBIDDEN",
+        message: error.message,
+      });
       return actionFail(
         error.message || "Gagal mengupdate organisasi.",
         error.name === "ValidationError" ? "BAD_REQUEST" : "FORBIDDEN",
@@ -45,6 +54,10 @@ export async function updateOrganizationAction(
     }
 
     if (!org) {
+      logger.error("updateOrganizationAction: failed", {
+        id,
+        message: "Service returned null",
+      });
       return actionFail("Gagal mengupdate organisasi.", "INTERNAL_ERROR");
     }
 
@@ -53,11 +66,12 @@ export async function updateOrganizationAction(
     revalidatePath(`/org/${id}/update`);
     revalidatePath("/org");
 
+    logger.info("updateOrganizationAction: succeeded", { id });
     return actionOk(org);
   } catch (error: unknown) {
-    console.error("[updateOrganizationAction] Error:", error);
     const message =
       error instanceof Error ? error.message : "Terjadi kesalahan.";
+    logger.error("updateOrganizationAction: error", { id, message });
     return actionFail(message, "ERROR");
   }
 }
diff --git a/apps/dash/src/pages/org/actions/upload-org-image.ts b/apps/dash/src/pages/org/actions/upload-org-image.ts
new file mode 100644
index 00000000..8a2165c0
--- /dev/null
+++ b/apps/dash/src/pages/org/actions/upload-org-image.ts
@@ -0,0 +1,78 @@
+"use server";
+
+import { headers } from "next/headers";
+import { getSession } from "@/shared/auth/server";
+import { logger } from "@/shared/core/logger";
+import { publicStorage } from "@/shared/core/storage";
+import type { ActionResult } from "@/shared/types";
+import { actionFail, actionOk } from "@/shared/types";
+
+/**
+ * Uploads an organization image (logo or cover) to public storage.
+ * Only authenticated users can perform this.
+ *
+ * @param orgId - The ID of the organization.
+ * @param type - Whether this is a "cover" or "logo".
+ * @param formData - The FormData containing the `file`.
+ * @returns `ActionResult<string>` with the public URL.
+ */
+export async function uploadOrgImageAction(
+  orgId: string,
+  type: "cover" | "logo",
+  formData: FormData,
+): Promise<ActionResult<string>> {
+  const session = await getSession(await headers());
+  logger.info("uploadOrgImageAction: start", {
+    userId: session?.user?.id,
+    orgId,
+    type,
+  });
+
+  if (!session?.context) {
+    logger.warn("uploadOrgImageAction: unauthorized");
+    return actionFail(
+      "Anda harus login untuk melakukan aksi ini.",
+      "UNAUTHORIZED",
+    );
+  }
+
+  const file = formData.get("file") as File | null;
+  if (!file) {
+    return actionFail("File tidak ditemukan", "BAD_REQUEST");
+  }
+
+  if (file.size > 5 * 1024 * 1024) {
+    return actionFail(
+      "Ukuran file terlalu besar (maksimal 5MB)",
+      "BAD_REQUEST",
+    );
+  }
+
+  const allowedTypes = ["image/jpeg", "image/png", "image/webp"];
+  if (!allowedTypes.includes(file.type)) {
+    return actionFail(
+      "Format file tidak didukung (hanya JPG, PNG, WEBP)",
+      "BAD_REQUEST",
+    );
+  }
+
+  try {
+    const buffer = Buffer.from(await file.arrayBuffer());
+    const ext = file.name.split(".").pop()?.toLowerCase() || "jpg";
+    const fileName = `${type}.${ext}`;
+    const path = `organizations/${orgId}/${fileName}`;
+
+    let url = await publicStorage.upload(buffer, path);
+
+    // Add cache buster to force browser refresh if replacing existing image
+    url = `${url}?v=${Date.now()}`;
+
+    logger.info("uploadOrgImageAction: succeeded", { url });
+    return actionOk(url);
+  } catch (error: unknown) {
+    const message =
+      error instanceof Error ? error.message : "Terjadi kesalahan";
+    logger.error("uploadOrgImageAction: error", { message });
+    return actionFail("Gagal mengunggah gambar", "INTERNAL_ERROR");
+  }
+}
diff --git a/apps/dash/src/pages/org/ui/OrgDetailPage.tsx b/apps/dash/src/pages/org/ui/OrgDetailPage.tsx
index 580a3f04..89d02af6 100644
--- a/apps/dash/src/pages/org/ui/OrgDetailPage.tsx
+++ b/apps/dash/src/pages/org/ui/OrgDetailPage.tsx
@@ -1,12 +1,15 @@
-import { Settings } from "lucide-react";
+import { UserRole } from "@domus/core";
+import { headers } from "next/headers";
 import Link from "next/link";
 import { notFound, redirect } from "next/navigation";
+import { getSession } from "@/shared/auth/server";
 import {
   organization as organizationService,
   unit as unitService,
 } from "@/shared/core";
 import { Button } from "@/shared/ui/shadcn/button";
 import { Card, CardContent } from "@/shared/ui/shadcn/card";
+import { OrgHeader } from "./components/OrgHeader";
 import { UnitList } from "./components/UnitList";
 
 interface OrgDetailPageProps {
@@ -32,6 +35,11 @@ export async function OrgDetailPage({ params }: OrgDetailPageProps) {
     notFound();
   }
 
+  const session = await getSession(await headers());
+  const canRemove =
+    session?.context?.roles.includes(UserRole.SuperAdmin) ||
+    session?.context?.roles.includes(UserRole.ParishAdmin);
+
   // Server action to remove the organization
   const handleRemove = async () => {
     "use server";
@@ -56,30 +64,7 @@ export async function OrgDetailPage({ params }: OrgDetailPageProps) {
           <span className="text-[#233345] truncate">{org.name}</span>
         </div>
 
-        {/* Header Section */}
-        <header className="flex flex-col md:flex-row md:items-end justify-between gap-6">
-          <div className="space-y-2">
-            <h1 className="font-heading text-4xl font-black text-[#233345] tracking-tight sm:text-5xl">
-              {org.name}
-            </h1>
-            <p className="text-muted-foreground font-body text-lg max-w-2xl">
-              {org.description || "Tidak ada deskripsi untuk organisasi ini."}
-            </p>
-          </div>
-
-          <div className="flex items-center gap-3">
-            <Link href={`/org/${id}/update`}>
-              <Button
-                variant="outline"
-                size="sm"
-                className="gap-2 border-[#e1e2e4] hover:border-[#a23c29]/30 text-[#44474c] hover:text-[#a23c29] h-9"
-              >
-                <Settings className="w-4 h-4" />
-                Pengaturan
-              </Button>
-            </Link>
-          </div>
-        </header>
+        <OrgHeader org={org} />
 
         <div className="grid grid-cols-1 lg:grid-cols-3 gap-8">
           {/* Main Content: Unit Management */}
@@ -133,22 +118,24 @@ export async function OrgDetailPage({ params }: OrgDetailPageProps) {
                   </div>
                 </div>
 
-                <div className="pt-6 border-t border-[#f3f4f6]">
-                  <h4 className="text-xs font-bold uppercase tracking-wider text-[#74777d] mb-4 font-headline">
-                    Tindakan Berbahaya
-                  </h4>
-                  <form action={handleRemove}>
-                    <Button
-                      variant="ghost"
-                      type="submit"
-                      size="sm"
-                      className="w-full text-[#a23c29] hover:bg-[#a23c29]/10 hover:text-[#a23c29] justify-start gap-2 h-9"
-                    >
-                      <Trash2 className="w-4 h-4" />
-                      Hapus Organisasi
-                    </Button>
-                  </form>
-                </div>
+                {canRemove && (
+                  <div className="pt-6 border-t border-[#f3f4f6]">
+                    <h4 className="text-xs font-bold uppercase tracking-wider text-[#74777d] mb-4 font-headline">
+                      Tindakan Berbahaya
+                    </h4>
+                    <form action={handleRemove}>
+                      <Button
+                        variant="ghost"
+                        type="submit"
+                        size="sm"
+                        className="w-full text-[#a23c29] hover:bg-[#a23c29]/10 hover:text-[#a23c29] justify-start gap-2 h-9"
+                      >
+                        <Trash2 className="w-4 h-4" />
+                        Hapus Organisasi
+                      </Button>
+                    </form>
+                  </div>
+                )}
               </CardContent>
             </Card>
           </div>
diff --git a/apps/dash/src/pages/org/ui/components/JoinForm.tsx b/apps/dash/src/pages/org/ui/components/JoinForm.tsx
index 69714334..76ba09fa 100644
--- a/apps/dash/src/pages/org/ui/components/JoinForm.tsx
+++ b/apps/dash/src/pages/org/ui/components/JoinForm.tsx
@@ -49,13 +49,13 @@ import {
  * Labels for Indonesian UI translation.
  */
 const EducationLevelLabels: Record<EducationLevel, string> = {
-  sd: "SD / Sederajat",
-  smp: "SMP / Sederajat",
-  sma: "SMA / SMK / Sederajat",
-  d3: "Diploma (D3)",
-  s1: "Sarjana (S1)",
-  s2: "Magister (S2)",
-  s3: "Doktor (S3)",
+  primary: "SD / Sederajat",
+  junior: "SMP / Sederajat",
+  senior: "SMA / SMK / Sederajat",
+  diploma: "Diploma (D3)",
+  bachelor: "Sarjana (S1)",
+  master: "Magister (S2)",
+  doctorate: "Doktor (S3)",
 };
 
 const GenderLabels: Record<Gender, string> = {
@@ -66,7 +66,7 @@ const GenderLabels: Record<Gender, string> = {
 /**
  * Honorific suggestions for registration.
  */
-const HONORIFIC_SUGGESTIONS = ["Dr.", "Prof.", "dr.", "Sr.", "RD", "RP"];
+const HONORIFIC_SUGGESTIONS = ["Dr", "Prof", "dr", "Sr", "RD", "RP"];
 
 interface JoinFormProps {
   /**
diff --git a/apps/dash/src/pages/org/ui/components/OrgHeader.tsx b/apps/dash/src/pages/org/ui/components/OrgHeader.tsx
new file mode 100644
index 00000000..c305ebf7
--- /dev/null
+++ b/apps/dash/src/pages/org/ui/components/OrgHeader.tsx
@@ -0,0 +1,536 @@
+"use client";
+
+import type { Organization } from "@domus/core";
+import { Check, Edit2, ImageIcon, Settings, X } from "lucide-react";
+import Image from "next/image";
+import Link from "next/link";
+import { useRef, useState } from "react";
+import { toast } from "sonner";
+import { useHasOrgPermission } from "@/shared/auth/client";
+import { Button } from "@/shared/ui/shadcn/button";
+import { Input } from "@/shared/ui/shadcn/input";
+import { Textarea } from "@/shared/ui/shadcn/textarea";
+import { compressImage } from "@/shared/utils/image-compression";
+import { updateOrganizationAction } from "../../actions/update-organization";
+import { uploadOrgImageAction } from "../../actions/upload-org-image";
+
+export function OrgHeader({ org }: { org: Organization }) {
+  const [isEditingName, setIsEditingName] = useState(false);
+  const [name, setName] = useState(org.name);
+  const [isSavingName, setIsSavingName] = useState(false);
+
+  const [isEditingDesc, setIsEditingDesc] = useState(false);
+  const [desc, setDesc] = useState(org.description || "");
+  const [isSavingDesc, setIsSavingDesc] = useState(false);
+
+  const [_isEditingCover, setIsEditingCover] = useState(false);
+  const [cover, setCover] = useState(org.cover || "");
+  const [isSavingCover, setIsSavingCover] = useState(false);
+
+  const [_isEditingLogo, setIsEditingLogo] = useState(false);
+  const [logo, setLogo] = useState(org.logo || "");
+  const [isSavingLogo, setIsSavingLogo] = useState(false);
+
+  const canEdit = useHasOrgPermission("organization", "update");
+
+  // Upload progress states
+  const [isUploading, setIsUploading] = useState(false);
+  const [uploadProgress, setUploadProgress] = useState(0);
+  const [uploadType, setUploadType] = useState<"cover" | "logo" | null>(null);
+
+  const coverInputRef = useRef<HTMLInputElement>(null);
+  const logoInputRef = useRef<HTMLInputElement>(null);
+
+  /**
+   * Simulates a realistic upload progress.
+   * Faster at first, then slows down as it approaches 90%.
+   */
+  const simulateProgress = (onFinish: () => void) => {
+    setUploadProgress(0);
+    setIsUploading(true);
+
+    const interval = setInterval(() => {
+      setUploadProgress((prev) => {
+        if (prev >= 90) {
+          clearInterval(interval);
+          return 90;
+        }
+        // Diminishing returns: the higher the progress, the smaller the jump
+        const jump = Math.max(0.5, (95 - prev) / 10);
+        return prev + jump;
+      });
+    }, 200);
+
+    return () => {
+      clearInterval(interval);
+      setUploadProgress(100);
+      setTimeout(() => {
+        setIsUploading(false);
+        setUploadProgress(0);
+        onFinish();
+      }, 400); // Wait for transition
+    };
+  };
+
+  const handleSaveName = async () => {
+    if (name.trim() === org.name) {
+      setIsEditingName(false);
+      return;
+    }
+    setIsSavingName(true);
+    const result = await updateOrganizationAction(org.id, {
+      name: name.trim(),
+    });
+    setIsSavingName(false);
+    if (result.success) {
+      toast.success("Nama organisasi diperbarui");
+      setIsEditingName(false);
+    } else {
+      toast.error(result.message || "Gagal memperbarui");
+      setName(org.name);
+    }
+  };
+
+  const handleSaveDesc = async () => {
+    const trimmed = desc.trim();
+    if (trimmed === (org.description || "")) {
+      setIsEditingDesc(false);
+      return;
+    }
+    setIsSavingDesc(true);
+    const result = await updateOrganizationAction(org.id, {
+      description: trimmed || null,
+    });
+    setIsSavingDesc(false);
+    if (result.success) {
+      toast.success("Deskripsi organisasi diperbarui");
+      setIsEditingDesc(false);
+    } else {
+      toast.error(result.message || "Gagal memperbarui");
+      setDesc(org.description || "");
+    }
+  };
+
+  const _handleSaveCover = async () => {
+    const trimmed = cover.trim();
+    if (trimmed === (org.cover || "")) {
+      setIsEditingCover(false);
+      return;
+    }
+    setIsSavingCover(true);
+    const result = await updateOrganizationAction(org.id, {
+      cover: trimmed || null,
+    });
+    setIsSavingCover(false);
+    if (result.success) {
+      toast.success("Cover organisasi diperbarui");
+      setIsEditingCover(false);
+    } else {
+      toast.error(result.message || "Gagal memperbarui");
+      setCover(org.cover || "");
+    }
+  };
+
+  const _handleSaveLogo = async () => {
+    const trimmed = logo.trim();
+    if (trimmed === (org.logo || "")) {
+      setIsEditingLogo(false);
+      return;
+    }
+    setIsSavingLogo(true);
+    const result = await updateOrganizationAction(org.id, {
+      logo: trimmed || null,
+    });
+    setIsSavingLogo(false);
+    if (result.success) {
+      toast.success("Logo organisasi diperbarui");
+      setIsEditingLogo(false);
+    } else {
+      toast.error(result.message || "Gagal memperbarui");
+      setLogo(org.logo || "");
+    }
+  };
+
+  const handleUploadCover = async (e: React.ChangeEvent<HTMLInputElement>) => {
+    const file = e.target.files?.[0];
+    if (!file) return;
+
+    setIsSavingCover(true);
+    setUploadType("cover");
+    const finishProgress = simulateProgress(() => {
+      setIsSavingCover(false);
+      setUploadType(null);
+    });
+
+    try {
+      // Compress image using shared utility
+      const compressedFile = await compressImage(file, { preset: "org-cover" });
+
+      const formData = new FormData();
+      formData.append("file", compressedFile);
+
+      const uploadResult = await uploadOrgImageAction(
+        org.id,
+        "cover",
+        formData,
+      );
+      if (!uploadResult.success) {
+        toast.error(uploadResult.message || "Gagal mengunggah cover");
+        finishProgress();
+        return;
+      }
+
+      const newUrl = uploadResult.data;
+      if (!newUrl) {
+        finishProgress();
+        return;
+      }
+
+      const updateResult = await updateOrganizationAction(org.id, {
+        cover: newUrl,
+      });
+      finishProgress();
+      if (updateResult.success) {
+        toast.success("Cover organisasi diperbarui");
+        setCover(newUrl);
+        setIsEditingCover(false);
+      } else {
+        toast.error(updateResult.message || "Gagal menyimpan cover");
+      }
+    } catch (error) {
+      console.error("Compression error:", error);
+      toast.error("Gagal mengompres gambar");
+      finishProgress();
+    }
+  };
+
+  const handleUploadLogo = async (e: React.ChangeEvent<HTMLInputElement>) => {
+    const file = e.target.files?.[0];
+    if (!file) return;
+
+    setIsSavingLogo(true);
+    setUploadType("logo");
+    const finishProgress = simulateProgress(() => {
+      setIsSavingLogo(false);
+      setUploadType(null);
+    });
+
+    try {
+      // Compress image using shared utility
+      const compressedFile = await compressImage(file, { preset: "org-logo" });
+
+      const formData = new FormData();
+      formData.append("file", compressedFile);
+
+      const uploadResult = await uploadOrgImageAction(org.id, "logo", formData);
+      if (!uploadResult.success) {
+        toast.error(uploadResult.message || "Gagal mengunggah logo");
+        finishProgress();
+        return;
+      }
+
+      const newUrl = uploadResult.data;
+      if (!newUrl) {
+        finishProgress();
+        return;
+      }
+
+      const updateResult = await updateOrganizationAction(org.id, {
+        logo: newUrl,
+      });
+      finishProgress();
+      if (updateResult.success) {
+        toast.success("Logo organisasi diperbarui");
+        setLogo(newUrl);
+        setIsEditingLogo(false);
+      } else {
+        toast.error(updateResult.message || "Gagal menyimpan logo");
+      }
+    } catch (error) {
+      console.error("Compression error:", error);
+      toast.error("Gagal mengompres logo");
+      finishProgress();
+    }
+  };
+
+  return (
+    <div className="relative rounded-3xl overflow-hidden shadow-xl shadow-[#233345]/10 mb-8 group/header bg-[#233345]">
+      {/* Cover Background */}
+      <div className="absolute inset-0 z-0">
+        {org.cover ? (
+          <Image
+            src={org.cover}
+            alt="Cover"
+            className="w-full h-full object-cover opacity-50"
+            width={0}
+            height={0}
+            sizes="100vw"
+          />
+        ) : (
+          <div className="w-full h-full bg-gradient-to-br from-[#1e293b] via-[#334155] to-[#0f172a] opacity-90" />
+        )}
+        <div className="absolute inset-0 bg-gradient-to-t from-[#0f172a] via-[#0f172a]/60 to-transparent flex" />
+      </div>
+
+      {/* Cover Progress Bar */}
+      {isUploading && uploadType === "cover" && (
+        <div className="absolute inset-x-0 top-0 z-30 pointer-events-none">
+          <div className="h-1.5 w-full bg-white/10 backdrop-blur-sm overflow-hidden">
+            <div
+              className="h-full bg-gradient-to-r from-blue-500 via-emerald-400 to-blue-500 bg-[length:200%_100%] animate-shimmer transition-all duration-300 ease-out shadow-[0_0_15px_rgba(52,211,153,0.5)]"
+              style={{ width: `${uploadProgress}%` }}
+            />
+          </div>
+          <div className="absolute top-3 left-1/2 -translate-x-1/2 px-4 py-1.5 bg-black/40 backdrop-blur-xl border border-white/10 rounded-full flex items-center gap-3 shadow-2xl">
+            <div className="w-2 h-2 rounded-full bg-emerald-400 animate-pulse" />
+            <span className="text-[10px] font-black uppercase tracking-[0.2em] text-white whitespace-nowrap">
+              Uploading Cover {Math.round(uploadProgress)}%
+            </span>
+          </div>
+        </div>
+      )}
+
+      {/* Edit Cover Overlay */}
+      <input
+        type="file"
+        ref={coverInputRef}
+        className="hidden"
+        accept="image/jpeg,image/png,image/webp"
+        onChange={handleUploadCover}
+      />
+      {canEdit && (
+        <Button
+          variant="ghost"
+          size="icon"
+          className="absolute top-4 right-4 z-20 bg-black/20 hover:bg-black/40 text-white border border-white/20 backdrop-blur-md transition-all rounded-full h-10 w-10 shadow-lg"
+          onClick={() => coverInputRef.current?.click()}
+          disabled={isSavingCover}
+          title="Ubah Cover"
+          aria-label="Ubah Cover"
+        >
+          <Edit2 className="w-4 h-4" />
+        </Button>
+      )}
+
+      <header className="relative z-10 flex flex-col md:flex-row md:items-end justify-between gap-6 p-6 sm:p-10">
+        <div className="flex gap-6 items-center md:items-start flex-col md:flex-row w-full mt-8 md:mt-16">
+          {/* Logo */}
+          <div className="w-24 h-24 sm:w-28 sm:h-28 shrink-0 rounded-2xl bg-white shadow-2xl overflow-hidden border-[3px] border-white/10 flex items-center justify-center relative group backdrop-blur-sm">
+            {org.logo ? (
+              <Image
+                src={org.logo}
+                alt="Logo"
+                className="w-full h-full object-cover"
+                width={0}
+                height={0}
+                sizes="100vw"
+              />
+            ) : (
+              <div className="w-full h-full flex flex-col items-center justify-center bg-[#f8fafc] text-[#94a3b8]">
+                <ImageIcon className="w-8 h-8 mb-1 opacity-70" />
+                <span className="text-[9px] font-bold uppercase tracking-wider text-[#64748b]">
+                  Tanpa Logo
+                </span>
+              </div>
+            )}
+            {canEdit && (
+              <button
+                type="button"
+                className="absolute top-2 right-2 w-8 h-8 bg-white/90 hover:bg-white text-[#334155] rounded-full shadow-lg transition-all flex items-center justify-center backdrop-blur-md cursor-pointer border-none z-10 scale-90 lg:scale-100 hover:scale-110"
+                onClick={() => logoInputRef.current?.click()}
+                disabled={isSavingLogo}
+                title="Ubah Logo"
+                aria-label="Ubah Logo"
+              >
+                <Edit2 className="w-3.5 h-3.5" />
+              </button>
+            )}
+            <input
+              type="file"
+              ref={logoInputRef}
+              className="hidden"
+              accept="image/jpeg,image/png,image/webp"
+              onChange={handleUploadLogo}
+            />
+
+            {/* Logo Progress Overlay */}
+            {isUploading && uploadType === "logo" && (
+              <div className="absolute inset-0 z-30 flex flex-col items-center justify-center bg-[#0f172a]/80 backdrop-blur-md p-2">
+                <div className="relative w-12 h-12 flex items-center justify-center">
+                  <svg
+                    className="w-full h-full transform -rotate-90"
+                    role="img"
+                    aria-label="Upload progress"
+                  >
+                    <title>Upload progress</title>
+                    <circle
+                      cx="24"
+                      cy="24"
+                      r="20"
+                      stroke="currentColor"
+                      strokeWidth="3"
+                      fill="transparent"
+                      className="text-white/10"
+                    />
+                    <circle
+                      cx="24"
+                      cy="24"
+                      r="20"
+                      stroke="currentColor"
+                      strokeWidth="3"
+                      fill="transparent"
+                      strokeDasharray={125.6}
+                      strokeDashoffset={125.6 - (125.6 * uploadProgress) / 100}
+                      className="text-emerald-400 transition-all duration-300 ease-out"
+                    />
+                  </svg>
+                  <span className="absolute text-[8px] font-bold text-white">
+                    {Math.round(uploadProgress)}%
+                  </span>
+                </div>
+                <span className="text-[7px] font-black uppercase tracking-widest text-emerald-400 mt-2 animate-pulse">
+                  Uploading
+                </span>
+              </div>
+            )}
+          </div>
+
+          <div className="space-y-1 flex-1 min-w-0 text-center md:text-left flex flex-col items-center md:items-start justify-center">
+            {/* Inline edit Name */}
+            {isEditingName ? (
+              <div className="flex items-center gap-2 w-full">
+                <Input
+                  value={name}
+                  onChange={(e) => setName(e.target.value)}
+                  className="font-heading text-2xl sm:text-4xl font-black h-auto py-2 px-3 bg-white/10 text-white border-white/20 focus-visible:ring-2 focus-visible:ring-emerald-400/50 shadow-inner rounded-xl w-full"
+                  autoFocus
+                  onKeyDown={(e) => {
+                    if (e.key === "Enter") handleSaveName();
+                    if (e.key === "Escape") {
+                      setName(org.name);
+                      setIsEditingName(false);
+                    }
+                  }}
+                  disabled={isSavingName}
+                />
+                <Button
+                  size="icon"
+                  onClick={handleSaveName}
+                  disabled={isSavingName}
+                  className="text-emerald-500 hover:text-emerald-400 bg-white/10 hover:bg-white/20 h-10 w-10 shrink-0 rounded-xl"
+                >
+                  <Check className="w-5 h-5" />
+                </Button>
+                <Button
+                  size="icon"
+                  onClick={() => {
+                    setName(org.name);
+                    setIsEditingName(false);
+                  }}
+                  disabled={isSavingName}
+                  className="text-rose-400 hover:text-rose-300 bg-white/10 hover:bg-white/20 h-10 w-10 shrink-0 rounded-xl"
+                >
+                  <X className="w-5 h-5" />
+                </Button>
+              </div>
+            ) : (
+              <div className="group/name relative inline-block text-center md:text-left min-w-[200px]">
+                <h1 className="font-heading text-3xl font-black text-white tracking-tight sm:text-5xl pr-10 py-1">
+                  {org.name}
+                </h1>
+                {canEdit && (
+                  <Button
+                    size="icon"
+                    variant="ghost"
+                    className="absolute top-0 right-0 transition-all text-white/50 hover:text-white hover:bg-white/10 rounded-full h-8 w-8 scale-100"
+                    onClick={() => setIsEditingName(true)}
+                    title="Ubah Nama"
+                    aria-label="Ubah Nama"
+                  >
+                    <Edit2 className="w-4 h-4" />
+                  </Button>
+                )}
+              </div>
+            )}
+
+            {/* Inline edit Description */}
+            {isEditingDesc ? (
+              <div className="flex items-start gap-2 w-full mt-2">
+                <Textarea
+                  value={desc}
+                  onChange={(e) => setDesc(e.target.value)}
+                  className="font-body text-sm sm:text-base min-h-[80px] bg-white/10 text-white border-white/20 focus-visible:ring-2 focus-visible:ring-emerald-400/50 resize-none shadow-inner rounded-xl leading-relaxed w-full"
+                  autoFocus
+                  onKeyDown={(e) => {
+                    if (e.key === "Escape") {
+                      setDesc(org.description || "");
+                      setIsEditingDesc(false);
+                    }
+                  }}
+                  disabled={isSavingDesc}
+                />
+                <div className="flex flex-col gap-2 shrink-0">
+                  <Button
+                    size="icon"
+                    onClick={handleSaveDesc}
+                    disabled={isSavingDesc}
+                    className="text-emerald-500 hover:text-emerald-400 bg-white/10 hover:bg-white/20 h-9 w-9 rounded-lg"
+                  >
+                    <Check className="w-4 h-4" />
+                  </Button>
+                  <Button
+                    size="icon"
+                    onClick={() => {
+                      setDesc(org.description || "");
+                      setIsEditingDesc(false);
+                    }}
+                    disabled={isSavingDesc}
+                    className="text-rose-400 hover:text-rose-300 bg-white/10 hover:bg-white/20 h-9 w-9 rounded-lg"
+                  >
+                    <X className="w-4 h-4" />
+                  </Button>
+                </div>
+              </div>
+            ) : (
+              <div className="group/desc relative inline-block mt-2 min-w-[200px] max-w-2xl text-center md:text-left">
+                <p
+                  className={`font-body text-sm sm:text-base leading-relaxed pr-10 ${org.description ? "text-slate-300" : "text-slate-400 italic"} line-clamp-3`}
+                >
+                  {org.description ||
+                    "Tidak ada deskripsi untuk organisasi ini."}
+                </p>
+                {canEdit && (
+                  <Button
+                    size="icon"
+                    variant="ghost"
+                    className="absolute top-0 right-0 transition-all text-white/30 hover:text-white hover:bg-white/10 h-8 w-8 rounded-full scale-100"
+                    onClick={() => setIsEditingDesc(true)}
+                    title="Ubah Deskripsi"
+                    aria-label="Ubah Deskripsi"
+                  >
+                    <Edit2 className="w-3.5 h-3.5" />
+                  </Button>
+                )}
+              </div>
+            )}
+          </div>
+        </div>
+
+        <div className="flex items-center justify-center md:items-end md:justify-end shrink-0 w-full md:w-auto mt-4 md:mt-0">
+          {canEdit && (
+            <Link href={`/org/${org.id}/update`}>
+              <Button
+                variant="outline"
+                size="sm"
+                className="gap-2 border-white/20 bg-white/10 backdrop-blur-md hover:bg-white/20 hover:border-white/30 text-white h-10 px-5 rounded-xl font-bold shadow-xl transition-all hover:scale-105"
+              >
+                <Settings className="w-4 h-4" />
+                Pengaturan
+              </Button>
+            </Link>
+          )}
+        </div>
+      </header>
+    </div>
+  );
+}
diff --git a/apps/dash/src/pages/org/ui/components/UnitList.tsx b/apps/dash/src/pages/org/ui/components/UnitList.tsx
index db95cce3..a0eca11c 100644
--- a/apps/dash/src/pages/org/ui/components/UnitList.tsx
+++ b/apps/dash/src/pages/org/ui/components/UnitList.tsx
@@ -174,22 +174,22 @@ export function UnitList({
                         ref={provided.innerRef}
                         {...provided.draggableProps}
                         data-testid={`unit-item-${unit.id}`}
-                        className="border-[#e1e2e4] hover:border-[#a23c29]/30 transition-all shadow-none group"
+                        className="border-[#e1e2e4] hover:border-[#a23c29]/30 transition-all shadow-sm shadow-[#233345]/5 group"
                       >
-                        <CardContent className="p-4 flex items-center gap-4">
+                        <CardContent className="p-2 pl-2 pr-3 flex items-center gap-3">
                           <div
                             {...provided.dragHandleProps}
                             data-testid={`unit-drag-handle-${unit.id}`}
-                            className="text-[#c4c6cc] group-hover:text-[#a23c29] cursor-grab active:cursor-grabbing"
+                            className="text-[#c4c6cc] group-hover:text-[#a23c29] cursor-grab active:cursor-grabbing p-1"
                           >
-                            <GripVertical className="w-5 h-5" />
+                            <GripVertical className="w-4 h-4" />
                           </div>
                           <div className="flex-1 min-w-0">
-                            <h4 className="text-sm font-bold text-[#233345] truncate">
+                            <h4 className="text-sm font-bold text-[#233345] truncate leading-tight">
                               {unit.name}
                             </h4>
                             {unit.description && (
-                              <p className="text-xs text-[#74777d] line-clamp-1">
+                              <p className="text-[11px] text-[#74777d] line-clamp-1 leading-tight mt-0.5">
                                 {unit.description}
                               </p>
                             )}
@@ -199,19 +199,19 @@ export function UnitList({
                               variant="ghost"
                               size="icon"
                               data-testid={`edit-unit-button-${unit.id}`}
-                              className="w-8 h-8 text-[#44474c] hover:bg-[#f3f4f6]"
+                              className="w-7 h-7 text-[#44474c] hover:bg-[#f3f4f6]"
                               onClick={() => handleEdit(unit)}
                             >
-                              <Pencil className="w-4 h-4" />
+                              <Pencil className="w-3.5 h-3.5" />
                             </Button>
                             <Button
                               variant="ghost"
                               size="icon"
                               data-testid={`delete-unit-button-${unit.id}`}
-                              className="w-8 h-8 text-[#a23c29] hover:bg-[#a23c29]/10"
+                              className="w-7 h-7 text-[#a23c29] hover:bg-[#a23c29]/10"
                               onClick={() => handleDelete(unit.id)}
                             >
-                              <Trash2 className="w-4 h-4" />
+                              <Trash2 className="w-3.5 h-3.5" />
                             </Button>
                           </div>
                         </CardContent>
diff --git a/apps/dash/src/shared/auth/client.ts b/apps/dash/src/shared/auth/client.ts
index a828bfdf..540160d3 100644
--- a/apps/dash/src/shared/auth/client.ts
+++ b/apps/dash/src/shared/auth/client.ts
@@ -1,4 +1,6 @@
 import { createAuthClient } from "@domus/auth/client";
+import { UserRole } from "@domus/core";
+import { useEffect, useState } from "react";
 
 export const authClient = createAuthClient();
 
@@ -33,6 +35,11 @@ export async function hasOrgPermission(
   resource: string,
   action: string,
 ): Promise<boolean> {
+  const { data: session } = await authClient.getSession();
+  if (session?.user.role === UserRole.SuperAdmin) {
+    return true;
+  }
+
   const { data } = await authClient.organization.hasPermission({
     permissions: { [resource]: [action] } as never,
   });
@@ -46,3 +53,21 @@ export async function getContext() {
   }
   return data.context;
 }
+
+/**
+ * React hook to check for organization permissions.
+ *
+ * @example
+ * const isAllowed = useHasOrgPermission('organization', 'update')
+ */
+export function useHasOrgPermission(resource: string, action: string) {
+  const [hasPermission, setHasPermission] = useState<boolean | null>(null);
+
+  useEffect(() => {
+    hasOrgPermission(resource, action)
+      .then(setHasPermission)
+      .catch(() => setHasPermission(false));
+  }, [resource, action]);
+
+  return hasPermission;
+}
diff --git a/apps/dash/src/shared/config/actions.ts b/apps/dash/src/shared/config/actions.ts
index 931064d6..28dac30d 100644
--- a/apps/dash/src/shared/config/actions.ts
+++ b/apps/dash/src/shared/config/actions.ts
@@ -7,6 +7,7 @@ import {
   Users,
   Wallet,
 } from "lucide-react";
+import type { LayananItem } from "@/pages/home/actions";
 
 /**
  * Interface for dashboard action configuration.
@@ -33,7 +34,7 @@ export interface DashboardAction {
 /**
  * List of dashboard actions.
  */
-export const DASHBOARD_ACTIONS: DashboardAction[] = [
+export const DASHBOARD_ACTIONS: LayananItem[] = [
   {
     id: "selfAttendance",
     icon: QrCode,
diff --git a/apps/dash/src/shared/core/logger.ts b/apps/dash/src/shared/core/logger.ts
new file mode 100644
index 00000000..3107ff81
--- /dev/null
+++ b/apps/dash/src/shared/core/logger.ts
@@ -0,0 +1,33 @@
+import c, { Environment, singleton } from "@domus/config";
+import type { ILogger } from "@domus/core";
+import pino from "pino";
+import "@axiomhq/pino";
+
+const isDev = c.app.env === Environment.Development;
+
+function buildLogger() {
+  return isDev
+    ? pino({
+        level: "debug",
+        transport: {
+          target: "pino-pretty",
+        },
+      })
+    : pino(
+        { level: "info" },
+        pino.transport({
+          target: "@axiomhq/pino",
+          options: {
+            dataset: c.axiom.dataset,
+            token: c.axiom.token,
+            worker: false,
+          },
+        }),
+      );
+}
+
+/**
+ * Shared Pino logger instance for apps/dash, implementing the ILogger contract.
+ * Uses pino-pretty in development and Axiom transport in production.
+ */
+export const logger: ILogger = singleton("logger", buildLogger);
diff --git a/apps/dash/src/shared/core/service.ts b/apps/dash/src/shared/core/service.ts
index 0f06da00..4f5e3549 100644
--- a/apps/dash/src/shared/core/service.ts
+++ b/apps/dash/src/shared/core/service.ts
@@ -14,59 +14,101 @@ import {
   UnitService,
   UserService,
 } from "@domus/core";
-import {
-  AttendanceRepository,
-  EnrollmentRepository,
-  EventRepository,
-  FinancialPeriodRepository,
-  MemberRepository,
-  NotificationRepository,
-  OrganizationRepository,
-  ParishionerRepository,
-  PlacementRepository,
-  RsvpRepository,
-  TermRepository,
-  TransactionRepository,
-  UnitRepository,
-  UserRepository,
-} from "@domus/db";
+import { createRepositories, db } from "@domus/db";
+import { logger } from "./logger";
+import { privateStorage, publicStorage } from "./storage";
 
-// Repositories
-const attendanceRepo = new AttendanceRepository();
-const eventRepo = new EventRepository();
-const financialPeriodRepo = new FinancialPeriodRepository();
-const memberRepo = new MemberRepository();
-const notificationRepo = new NotificationRepository();
-const enrollmentRepo = new EnrollmentRepository();
-const unitRepo = new UnitRepository();
-const termRepo = new TermRepository();
-const placementRepo = new PlacementRepository();
-const organizationRepo = new OrganizationRepository();
-const parishionerRepo = new ParishionerRepository();
-const rsvpRepo = new RsvpRepository();
-const transactionRepo = new TransactionRepository();
-const userRepo = new UserRepository();
+// Repositories (Batched via factory)
+const repo = createRepositories(db, logger);
 
 // Services
-export const attendance = new AttendanceService(attendanceRepo, eventRepo);
-export const event = new EventService(eventRepo);
-export const financialPeriod = new FinancialPeriodService(financialPeriodRepo);
-export const member = new MemberService(memberRepo);
-export const notification = new NotificationService(notificationRepo);
+export const attendance = new AttendanceService(
+  repo.attendance,
+  repo.event,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const event = new EventService(
+  repo.event,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const financialPeriod = new FinancialPeriodService(
+  repo.financialPeriod,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const member = new MemberService(
+  repo.member,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const notification = new NotificationService(
+  repo.notification,
+  publicStorage,
+  privateStorage,
+  logger,
+);
 export const enrollment = new EnrollmentService(
-  enrollmentRepo,
-  parishionerRepo,
-  userRepo,
-  organizationRepo,
+  repo.enrollment,
+  repo.parishioner,
+  repo.user,
+  repo.organization,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const unit = new UnitService(
+  repo.unit,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const term = new TermService(
+  repo.term,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const placement = new PlacementService(
+  repo.placement,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const organization = new OrganizationService(
+  repo.organization,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const parishioner = new ParishionerService(
+  repo.parishioner,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const rsvp = new RsvpService(
+  repo.rsvp,
+  repo.event,
+  publicStorage,
+  privateStorage,
+  logger,
 );
-export const unit = new UnitService(unitRepo);
-export const term = new TermService(termRepo);
-export const placement = new PlacementService(placementRepo);
-export const organization = new OrganizationService(organizationRepo);
-export const parishioner = new ParishionerService(parishionerRepo);
-export const rsvp = new RsvpService(rsvpRepo, eventRepo);
 export const transaction = new TransactionService(
-  transactionRepo,
-  financialPeriodRepo,
+  repo.transaction,
+  repo.financialPeriod,
+  publicStorage,
+  privateStorage,
+  logger,
+);
+export const user = new UserService(
+  repo.user,
+  publicStorage,
+  privateStorage,
+  logger,
 );
-export const user = new UserService(userRepo);
diff --git a/apps/dash/src/shared/core/storage.ts b/apps/dash/src/shared/core/storage.ts
new file mode 100644
index 00000000..9a341439
--- /dev/null
+++ b/apps/dash/src/shared/core/storage.ts
@@ -0,0 +1,21 @@
+import { GDriveStorage, R2Storage } from "@domus/storage";
+
+/**
+ * Public storage instance (Cloudflare R2).
+ * Configured via environment variables.
+ */
+export const publicStorage = new R2Storage({
+  accountId: process.env.R2_ACCOUNT_ID ?? "",
+  accessKeyId: process.env.R2_ACCESS_KEY_ID ?? "",
+  secretAccessKey: process.env.R2_SECRET_ACCESS_KEY ?? "",
+  bucketName: process.env.R2_BUCKET_NAME ?? "",
+  publicUrl: process.env.R2_PUBLIC_URL ?? "",
+});
+
+/**
+ * Private storage instance (Google Drive).
+ * Configured via environment variables.
+ */
+export const privateStorage = new GDriveStorage({
+  serviceAccountKeyBase64: process.env.GDRIVE_SERVICE_ACCOUNT_KEY ?? "",
+});
diff --git a/apps/dash/src/shared/i18n/messages/en.json b/apps/dash/src/shared/i18n/messages/en.json
index 5167f8ec..b1dea975 100644
--- a/apps/dash/src/shared/i18n/messages/en.json
+++ b/apps/dash/src/shared/i18n/messages/en.json
@@ -16,12 +16,12 @@
   },
   "PendingPage": {
     "title": "Account Under Review",
-    "description": "Thank you for registering. Your account is currently being reviewed by the secretariat."
+    "description": "Thank you for registering. Your account is currently being reviewed by the organization administrator."
   },
   "RejectedPage": {
     "title": "Access Denied",
-    "description": "We're sorry, but your account registration has been rejected. Please contact the secretariat for more information.",
-    "actionLabel": "Contact Secretariat"
+    "description": "We're sorry, but your account registration has been rejected. Please contact the organization administrator for more information.",
+    "actionLabel": "Contact Organization Administrator"
   },
   "UnderConstruction": {
     "title": "Feature Under Development",
diff --git a/apps/dash/src/shared/i18n/messages/id.json b/apps/dash/src/shared/i18n/messages/id.json
index 6ffd440d..0bff38e0 100644
--- a/apps/dash/src/shared/i18n/messages/id.json
+++ b/apps/dash/src/shared/i18n/messages/id.json
@@ -16,12 +16,12 @@
   },
   "PendingPage": {
     "title": "Akun Sedang Ditinjau",
-    "description": "Terima kasih telah mendaftar. Akun Anda sedang ditinjau oleh sekretariat."
+    "description": "Terima kasih telah mendaftar. Akun Anda sedang ditinjau oleh administrator organisasi."
   },
   "RejectedPage": {
     "title": "Akses Ditolak",
-    "description": "Mohon maaf, pendaftaran akun Anda telah ditolak. Silakan hubungi sekretariat untuk informasi lebih lanjut.",
-    "actionLabel": "Hubungi Sekretariat"
+    "description": "Mohon maaf, pendaftaran akun Anda telah ditolak. Silakan hubungi administrator organisasi untuk informasi lebih lanjut.",
+    "actionLabel": "Hubungi Administrator Organisasi"
   },
   "UnderConstruction": {
     "title": "Fitur Sedang Dikembangkan",
diff --git a/apps/dash/src/shared/utils/image-compression.ts b/apps/dash/src/shared/utils/image-compression.ts
new file mode 100644
index 00000000..1e5eb7a7
--- /dev/null
+++ b/apps/dash/src/shared/utils/image-compression.ts
@@ -0,0 +1,68 @@
+import imageCompression from "browser-image-compression";
+
+/**
+ * Options for the {@link compressImage} helper.
+ */
+export type CompressImageOptions = {
+  /** Compression preset. Defaults to `'default'`. */
+  preset?: "id-card" | "org-logo" | "org-cover" | "default";
+};
+
+type CompressionConfig = {
+  maxSizeMB: number;
+  maxWidthOrHeight: number;
+  useWebWorker: boolean;
+};
+
+const PRESETS: Record<
+  NonNullable<CompressImageOptions["preset"]>,
+  CompressionConfig
+> = {
+  /** ID card photo — kept at higher quality for admin verification. */
+  "id-card": {
+    maxSizeMB: 1,
+    maxWidthOrHeight: 1920,
+    useWebWorker: true,
+  },
+  /** Organization logo — square, small footprint. */
+  "org-logo": {
+    maxSizeMB: 0.5,
+    maxWidthOrHeight: 800,
+    useWebWorker: true,
+  },
+  /** Organization cover photo — wider aspect ratio allowed. */
+  "org-cover": {
+    maxSizeMB: 0.5,
+    maxWidthOrHeight: 1280,
+    useWebWorker: true,
+  },
+  /** Generic fallback preset. */
+  default: {
+    maxSizeMB: 1,
+    maxWidthOrHeight: 1024,
+    useWebWorker: true,
+  },
+};
+
+/**
+ * Compresses an image file on the client side before upload.
+ *
+ * Uses Web Workers internally to avoid blocking the UI thread.
+ * Compatible with any browser-based environment including Next.js and PWAs.
+ *
+ * @param file - The original image `File` selected by the user.
+ * @param options - Compression options. Use `preset` to apply a predefined config.
+ * @returns A compressed `File` ready for upload.
+ *
+ * @example
+ * // In a React change handler
+ * const compressed = await compressImage(file, { preset: 'id-card' })
+ */
+export async function compressImage(
+  file: File,
+  options: CompressImageOptions = {},
+): Promise<File> {
+  const { preset = "default" } = options;
+  const config = PRESETS[preset];
+  return imageCompression(file, config);
+}
diff --git a/docs/erd.md b/docs/erd.md
index 3942a4f2..bf1c283c 100644
--- a/docs/erd.md
+++ b/docs/erd.md
@@ -4,9 +4,9 @@
 
 ---
 
-**Document Version:** 1.0.6
+**Document Version:** 1.0.9
 **Status:** In Progress
-**Last Updated:** 29 March 2026
+**Last Updated:** 02 April 2026
 
 ---
 
@@ -126,17 +126,30 @@ export const NotificationStatus = {
 
 ## 2. Entities & Table Schemas
 
+### Storage Legend
+
+Fields that store file references use one of two storage backends:
+
+| Tag | Storage | Value Stored | Access |
+|---|---|---|---|
+| `[R2]` | Cloudflare R2 | Public URL | Direct `<img src>` |
+| `[GDrive]` | Google Drive | Drive Viewer URL | Google Drive Viewer |
+
+> **PII Note:** Fields tagged `[GDrive — PII]` are permanently deleted from Google Drive upon enrollment approval or rejection. The field is then set to `null` in the database.
+
+---
+
 ### 2.1 Users & Parishioners
 
 #### `users` *(Better Auth — auto-generated + additional fields)*
 
 | Field | Type | Description |
 |---|---|---|
-| `id` | text | Primary key (managed by Better Auth) |
+| `id` | uuid v7 | Primary key (managed by Better Auth) |
 | `name` | string | Name from Google OAuth |
 | `email` | string | Email from Google OAuth, unique |
 | `emailVerified` | boolean | Email verification status |
-| `image` | string? | Profile photo URL directly from Google OAuth, not stored in R2 |
+| `image` | string? | `[R2]` Custom profile photo URL. Defaults to Google OAuth photo URL if no custom upload. |
 | `accountStatus` | AccountStatus | `pending` \| `approved` \| `rejected`. Default: `pending` |
 | `createdAt` | datetime | |
 | `updatedAt` | datetime | |
@@ -151,7 +164,7 @@ Parish member demographic data. Can exist without a Domus account (for parishion
 | Field | Type | Description |
 |---|---|---|
 | `id` | uuid v7 | Primary key |
-| `userId` | text? | FK → `users.id`. Nullable if they don't have an account yet |
+| `userId` | uuid v7? | FK → `users.id`. Nullable if they don't have an account yet |
 | `fullName` | string | Required |
 | `honorific` | string? | Title prefix. Free text, autocomplete from existing values |
 | `suffix` | string? | Title suffix. Free text, autocomplete from existing values |
@@ -159,7 +172,8 @@ Parish member demographic data. Can exist without a Domus account (for parishion
 | `birthDate` | date? | |
 | `gender` | Gender? | |
 | `educationLevel` | EducationLevel? | `primary` \| `junior` \| `senior` \| `diploma` \| `bachelor` \| `master` \| `doctorate` |
-| `idCardPhoto` | string? | Google Drive URL. Deleted after verification is complete (approved/rejected) |
+| `idCardNumber` | string? | |
+| `idCardPhoto` | string? | `[GDrive — PII]` Google Drive Viewer URL. Permanently deleted after verification (approved/rejected). |
 | `createdAt` | datetime | |
 | `updatedAt` | datetime | |
 | `deletedAt` | datetime? | Soft delete |
@@ -177,7 +191,7 @@ Parish member demographic data. Can exist without a Domus account (for parishion
 | `address` | string? | |
 | `phone` | string? | |
 | `email` | string? | |
-| `logo` | string? | Cloudflare R2 URL |
+| `logo` | string? | `[R2]` Cloudflare R2 public URL |
 | `website` | string? | |
 | `description` | string? | |
 | `createdAt` | datetime | |
@@ -194,7 +208,7 @@ Parish member demographic data. Can exist without a Domus account (for parishion
 | `address` | string? | |
 | `phone` | string? | |
 | `email` | string? | |
-| `logo` | string? | Cloudflare R2 URL |
+| `logo` | string? | `[R2]` Cloudflare R2 public URL |
 | `website` | string? | |
 | `description` | string? | |
 | `createdAt` | datetime | |
@@ -209,14 +223,14 @@ Parish member demographic data. Can exist without a Domus account (for parishion
 
 | Field | Type | Description |
 |---|---|---|
-| `id` | text | Primary key (managed by Better Auth) |
+| `id` | uuid v7 | Primary key (managed by Better Auth) |
 | `parishId` | uuid v7 | FK → `parishes.id` |
 | `name` | string | Required |
 | `slug` | string | Unique. Auto-generated from name, can be manually changed by admin |
-| `logo` | string? | Cloudflare R2 URL |
-| `cover` | string? | Cloudflare R2 URL |
+| `logo` | string? | `[R2]` Cloudflare R2 public URL |
+| `cover` | string? | `[R2]` Cloudflare R2 public URL |
 | `type` | OrgType | `region` \| `station` \| `bec` \| `categorical` |
-| `parentId` | text? | FK → `organizations.id`. Self-referencing for nested orgs |
+| `parentId` | uuid v7? | FK → `organizations.id`. Self-referencing for nested orgs |
 | `joinId` | string? | Nano ID for member registration link. `null` = org is not accepting new members |
 | `createdAt` | datetime | |
 | `updatedAt` | datetime | |
@@ -243,7 +257,7 @@ Organizational unit within an organization (e.g., Consumption Committee, Spiritu
 | Field | Type | Description |
 |---|---|---|
 | `id` | uuid v7 | Primary key |
-| `organizationId` | text | FK → `organizations.id` |
+| `organizationId` | uuid v7 | FK → `organizations.id` |
 | `name` | string | Required |
 | `description` | string? | |
 | `position` | integer | Sort order for display. Default: `0` |
@@ -257,9 +271,9 @@ Manages user access rights to an organization. Managed by the Better Auth organi
 
 | Field | Type | Description |
 |---|---|---|
-| `id` | text | Primary key (managed by Better Auth) |
-| `organizationId` | text | FK → `organizations.id` |
-| `userId` | text | FK → `users.id` |
+| `id` | uuid v7 | Primary key (managed by Better Auth) |
+| `organizationId` | uuid v7 | FK → `organizations.id` |
+| `userId` | uuid v7 | FK → `users.id` |
 | `role` | string | `owner` \| `admin` \| `member` |
 | `createdAt` | datetime | |
 
@@ -271,7 +285,7 @@ Parishioner enrollment data within an organization. Separate from `members` —
 |---|---|---|
 | `id` | uuid v7 | Primary key |
 | `parishionerId` | uuid v7 | FK → `parishioners.id` |
-| `organizationId` | text | FK → `organizations.id` |
+| `organizationId` | uuid v7 | FK → `organizations.id` |
 | `status` | EnrollmentStatus | `pending` \| `active` \| `inactive` |
 | `joinedAt` | date? | Official join date, can be filled in manually |
 | `createdAt` | datetime | |
@@ -287,13 +301,13 @@ Kepengurusan period per organization. Used to track placement history and store
 | Field | Type | Description |
 |---|---|---|
 | `id` | uuid v7 | Primary key |
-| `organizationId` | text | FK → `organizations.id` |
+| `organizationId` | uuid v7 | FK → `organizations.id` |
 | `name` | string | Required. e.g. "Kepengurusan 2024-2027" |
 | `startDate` | date? | Nullable |
 | `endDate` | date? | Nullable |
 | `skNumber` | string? | Nullable |
 | `skDate` | date? | Nullable |
-| `skDocument` | string? | Google Drive URL. Nullable |
+| `skDocument` | string? | `[GDrive]` Google Drive Viewer URL. Nullable |
 | `description` | string? | Nullable |
 | `createdAt` | datetime | |
 | `updatedAt` | datetime | |
@@ -326,23 +340,21 @@ Tracks a parishioner's position/role within an organization during a specific te
 | Field | Type | Description |
 |---|---|---|
 | `id` | uuid v7 | Primary key |
-| `organizationId` | text? | FK → `organizations.id`. Nullable for public events |
+| `organizationId` | uuid v7? | FK → `organizations.id`. Nullable for public events |
 | `name` | string | Required |
 | `description` | string? | |
 | `location` | string | Required |
 | `latitude` | decimal? | For GPS validation |
 | `longitude` | decimal? | For GPS validation |
 | `radiusMeters` | integer | Default: `100` |
-| `startDate` | date | Required |
-| `endDate` | date? | |
-| `startTime` | time | Required |
-| `endTime` | time | Required |
-| `eventPhoto` | string? | Google Drive URL |
+| `startDateTime` | datetime | Required |
+| `endDateTime` | datetime? | |
+| `eventPhoto` | string? | `[GDrive]` Google Drive Viewer URL |
 | `qrCode` | string | Auto-generated when the event is created |
 | `visibility` | EventVisibility | `public` \| `private`. Default: `private` |
 | `isRsvpEnabled` | boolean | Default: `false` |
 | `status` | EventStatus | `published` \| `completed`. Auto `completed` when `endTime` is reached |
-| `createdBy` | text | FK → `users.id` |
+| `createdBy` | uuid v7 | FK → `users.id` |
 | `createdAt` | datetime | |
 | `updatedAt` | datetime | |
 | `deletedAt` | datetime? | Soft delete |
@@ -374,7 +386,7 @@ Tracks a parishioner's position/role within an organization during a specific te
 | `parishionerId` | uuid v7 | FK → `parishioners.id` |
 | `method` | AttendanceMethod | `qrCode` \| `gps` \| `manual` |
 | `status` | AttendanceStatus | `present` \| `pending` \| `absent` |
-| `verifiedBy` | text? | FK → `users.id`. Nullable, filled upon manual approval |
+| `verifiedBy` | uuid v7? | FK → `users.id`. Nullable, filled upon manual approval |
 | `verifiedAt` | datetime? | Nullable |
 | `createdAt` | datetime | |
 | `updatedAt` | datetime | |
@@ -399,7 +411,7 @@ Tracks a parishioner's position/role within an organization during a specific te
 | `month` | integer | 1–12 |
 | `year` | integer | |
 | `status` | PeriodStatus | `open` \| `locked` |
-| `lockedBy` | text? | FK → `users.id`. Treasurer only |
+| `lockedBy` | uuid v7? | FK → `users.id`. Treasurer only |
 | `lockedAt` | datetime? | |
 | `createdAt` | datetime | |
 | `updatedAt` | datetime | |
@@ -433,9 +445,9 @@ Tracks a parishioner's position/role within an organization during a specific te
 | `amount` | decimal | Required |
 | `description` | string | Required |
 | `date` | date | Required |
-| `receiptPhoto` | string? | Google Drive URL. Optional |
-| `createdBy` | text | FK → `users.id` |
-| `updatedBy` | text? | FK → `users.id`. Nullable |
+| `receiptPhoto` | string? | `[GDrive]` Google Drive Viewer URL. Optional |
+| `createdBy` | uuid v7 | FK → `users.id` |
+| `updatedBy` | uuid v7? | FK → `users.id`. Nullable |
 | `createdAt` | datetime | |
 | `updatedAt` | datetime | |
 | `deletedAt` | datetime? | Soft delete |
@@ -451,7 +463,7 @@ One record per delivery per channel. A single notification sent to two channels
 | Field | Type | Description |
 |---|---|---|
 | `id` | uuid v7 | Primary key |
-| `userId` | text | FK → `users.id` |
+| `userId` | uuid v7 | FK → `users.id` |
 | `title` | string | Required |
 | `body` | string | Required |
 | `type` | string | Free text (e.g., `approval`, `rejection`, `event`) |
@@ -520,8 +532,9 @@ flowchart TD
     F --> G[Show organization info\n+ org_units options]
     G --> H[User fills form:\n- unitId optional\n- position default: anggota\n- fullName required\n- idCardPhoto required]
     H --> I[User clicks Register]
-    I --> J[Create parishioners record]
-    J --> K[Create org_enrollments record\nstatus: pending]
+    I --> J[Upload idCardPhoto to Google Drive\nStore fileId + viewerUrl]
+    J --> K[Create parishioners record]
+    K --> L[Create org_enrollments record\nstatus: pending]
 ```
 
 ### 4.2 Approval / Rejection by Admin
@@ -536,15 +549,17 @@ flowchart TD
     E -- Yes --> F[users.accountStatus → approved]
     E -- No --> G[Continue]
     F --> G
-    G --> H[Delete idCardPhoto from Google Drive]
-    H --> I[Send notification: inApp + email]
-
-    B -- Reject --> J[Capture email & name data for notification]
-    J --> K[Delete idCardPhoto from Google Drive]
-    K --> L[users.accountStatus → rejected]
-    L --> M[Delete org_enrollments record]
-    M --> N[Delete parishioners record]
-    N --> O[Send notification: email]
+    G --> H[IPrivateStorage.delete idCardPhoto fileId]
+    H --> I[parishioners.idCardPhoto → null]
+    I --> J[Send notification: inApp + email]
+
+    B -- Reject --> K[Capture email & name data for notification]
+    K --> L[IPrivateStorage.delete idCardPhoto fileId]
+    L --> M[parishioners.idCardPhoto → null]
+    M --> N[users.accountStatus → rejected]
+    N --> O[Delete org_enrollments record]
+    O --> P[Delete parishioners record]
+    P --> Q[Send notification: email]
 ```
 
 ### 4.3 Attendance Flow
@@ -589,7 +604,7 @@ All tables use soft delete via the `deletedAt` field:
 - A `null` value means the record is active.
 - A timestamp value means the record has been deleted.
 - All default queries must include the filter `WHERE deletedAt IS NULL`.
-- Hard delete is only performed for sensitive data that must be permanently removed (e.g., `idCardPhoto` after verification).
+- Hard delete is only performed for sensitive data that must be permanently removed (e.g., `idCardPhoto` after verification via `IPrivateStorage.delete(fileId)`).
 
 ---
 
diff --git a/docs/prd.md b/docs/prd.md
index d87159cd..1778d3dc 100644
--- a/docs/prd.md
+++ b/docs/prd.md
@@ -4,9 +4,9 @@
 
 ---
 
-**Document Version:** 1.0.6
+**Document Version:** 1.0.9
 **Status:** In Progress
-**Last Updated:** 29 March 2026
+**Last Updated:** 02 April 2026
 
 ---
 
@@ -166,8 +166,8 @@ Organization Admins (territorial and categorical) can approve or reject registra
 
 | Action | Impact |
 |---|---|
-| **Approve** | Enrollment status → active. If account is still `pending` → changed to `approved`. ID card photo deleted from Google Drive. Notification sent via in-app and email. |
-| **Reject** | Capture email & name data for notification first. ID card photo deleted from Google Drive (privacy priority). Account status → `rejected`. Parishioner data and enrollment records deleted. Notification sent via email. |
+| **Approve** | Enrollment status → active. If account is still `pending` → changed to `approved`. ID card photo permanently deleted from Google Drive. Notification sent via in-app and email. |
+| **Reject** | Capture email & name data for notification first. ID card photo permanently deleted from Google Drive (privacy priority). Account status → `rejected`. Parishioner data and enrollment records deleted. Notification sent via email. |
 
 #### Manual Input by Admin
 
@@ -316,10 +316,23 @@ flowchart TD
 | Service | Usage |
 |---|---|
 | **Google OAuth** | User authentication |
-| **Google Drive** | Storage for ID card photos (verification), event photos, transaction receipts |
-| **Cloudflare R2** | Storage for public media assets (profile photos, org logos, org covers) |
+| **Google Drive** | Private file storage: ID card photos (verification), transaction receipts, event photos, SK documents. Accessed via Google Drive Viewer URL. |
+| **Cloudflare R2** | Public asset storage: org logos, org covers, user profile photos (custom uploads). Served via direct public URL. |
 | **Cloudflare Workers** | Cron job for `joinId` rotation |
 
+### 10.1 Storage Responsibility
+
+| File Type | Storage | Rationale |
+|---|---|---|
+| Org logos, org covers | Cloudflare R2 | Public, web-renderable — needs direct URL access |
+| User profile photos (custom) | Cloudflare R2 | Public, web-renderable — needs direct URL access |
+| ID card photos | Google Drive | Sensitive PII — permanently deleted after verification |
+| Transaction receipts | Google Drive | Financial document — private, audit trail |
+| Event photos | Google Drive | Attachment — not rendered directly in web UI |
+| SK documents | Google Drive | Organizational document — private, archival |
+
+> **Note:** `users.image` defaults to the Google OAuth profile photo URL. Custom uploads are stored in Cloudflare R2.
+
 ---
 
 ## 11. Out of MVP Scope
diff --git a/docs/tasks-mvp.md b/docs/tasks-mvp.md
index bfc4814c..0b53fc6e 100644
--- a/docs/tasks-mvp.md
+++ b/docs/tasks-mvp.md
@@ -221,7 +221,7 @@ Add TSDoc comments to all exported symbols in `@domus/core` and `@domus/db` as p
 
 ### Technical Notes
 
-- Docs: [AGENTS.md#documentation](AGENTS.md#documentation)
+- Docs: [AGENTS.md#documentation](../AGENTS.md#documentation)
 
 ---
 
@@ -502,7 +502,7 @@ Implement Drizzle ORM schema definitions for all database tables as specified in
 
 ### Technical Notes
 
-- Docs: [ERD#2-entities--table-schemas](erd.md#2-entities--table-schemas) · [TDD#6-naming-conventions](tdd.md#6-naming-conventions) · [TDD#10-primary-key--foreign-key-convention](tdd.md#10-primary-key--foreign-key-convention)
+- Docs: [ERD#2-entities--table-schemas](erd.md#2-entities--table-schemas) · [TDD#6-naming-conventions](tdd.md#6-naming-conventions) · [TDD#10-primary-key--foreign-key-conventions](tdd.md#10-primary-key--foreign-key-conventions)
 - Relevant files: `packages/db/src/schema/`
 
 ---
@@ -597,7 +597,7 @@ Write unit tests for all repository classes and data mappers with a minimum of 8
 
 ### Technical Notes
 
-- Docs: [AGENTS.md#testing](AGENTS.md#testing)
+- Docs: [AGENTS.md#testing](../AGENTS.md#testing)
 - Relevant files: `packages/db/src/repository/*.spec.ts`
 
 ---
@@ -624,7 +624,7 @@ Audit and remove all explicit `any` usage across `packages/db`. Replace with pro
 
 ### Technical Notes
 
-- Docs: [AGENTS.md#no-explicit-any](AGENTS.md#no-explicit-any)
+- Docs: [AGENTS.md#no-explicit-any](../AGENTS.md#no-explicit-any)
 
 ---
 
@@ -1157,7 +1157,7 @@ Implement monthly financial period creation and lock/unlock functionality.
 
 ### Technical Notes
 
-- Docs: [PRD#63-parish-financial-recording](prd.md#63-parish-financial-recording) · [ERD#24-finance](erd.md#24-finance)
+- Docs: [PRD#63-parish-financial-recording](prd.md#63-parish-financial-recording) · [ERD#25-finance](erd.md#25-finance)
 - Screen spec: `docs/screen.md` → Monthly Period Detail
 
 ---
@@ -1185,7 +1185,7 @@ Implement CRUD for transaction categories (income and expense types).
 
 ### Technical Notes
 
-- Docs: [PRD#63-parish-financial-recording](prd.md#63-parish-financial-recording) · [ERD#24-finance](erd.md#24-finance)
+- Docs: [PRD#63-parish-financial-recording](prd.md#63-parish-financial-recording) · [ERD#25-finance](erd.md#25-finance)
 - Screen spec: `docs/screen.md` → Transaction Category Management
 
 ---
@@ -1276,7 +1276,7 @@ Implement in-app notifications: create, list, and mark as read.
 
 ### Technical Notes
 
-- Docs: [ERD#25-notifications](erd.md#25-notifications)
+- Docs: [ERD#26-notifications](erd.md#26-notifications)
 
 ---
 
@@ -1305,14 +1305,14 @@ Implement email notifications for enrollment approval and rejection events.
 
 ### Technical Notes
 
-- Docs: [ERD#25-notifications](erd.md#25-notifications) · [PRD#61-registration--enrollment-management](prd.md#61-registration--enrollment-management)
+- Docs: [ERD#26-notifications](erd.md#26-notifications) · [PRD#61-registration--enrollment-management](prd.md#61-registration--enrollment-management)
 
 ---
 
 # 🚀 Phase 5 — Production
 
 **Milestone:** `Phase 5 — Production`
-**Gate:** Application live at `dash.pkrbt.id`, all infra configured, KPI tracking active.
+**Gate:** Application live at `pkrbt.id`, all infra configured, KPI tracking active.
 
 ---
 
@@ -1323,18 +1323,18 @@ Implement email notifications for enrollment approval and rejection events.
 
 ### Description
 
-Configure the Vercel project with all required environment variables and set up the production domain `dash.pkrbt.id`.
+Configure the Vercel project with all required environment variables and set up the production domain `pkrbt.id`.
 
 ### Subtasks
 
 - [x] DEPLOY-01-ST-01 Create Vercel project and link to GitHub repository
 - [x] DEPLOY-01-ST-02 Configure all production environment variables
-- [x] DEPLOY-01-ST-03 Set up custom domain `dash.pkrbt.id`
+- [x] DEPLOY-01-ST-03 Set up custom domain `pkrbt.id`
 - [x] DEPLOY-01-ST-04 Verify Vercel deploy workflow in `deploy.yml`
 
 ### Acceptance Criteria
 
-- [x] DEPLOY-01-AC-01 Production deployment accessible at `dash.pkrbt.id`
+- [x] DEPLOY-01-AC-01 Production deployment accessible at `pkrbt.id`
 - [x] DEPLOY-01-AC-02 All env vars configured without hardcoding secrets
 - [x] DEPLOY-01-AC-03 Preview deployments work for PRs
 
diff --git a/docs/tdd.md b/docs/tdd.md
index f71e6926..57707be6 100644
--- a/docs/tdd.md
+++ b/docs/tdd.md
@@ -4,9 +4,9 @@
 
 ---
 
-**Document Version:** 1.0.7
+**Document Version:** 1.0.9
 **Status:** In Progress
-**Last Updated:** 30 March 2026
+**Last Updated:** 02 April 2026
 
 ---
 
@@ -56,10 +56,16 @@ All business logic is managed within a single Next.js application with clear sep
 
 ### Storage Division
 
-| File Type | Storage | Access Method |
-|---|---|---|
-| Profile photos, org logos, org covers | Cloudflare R2 | Direct URL (`<img src>`) |
-| Transaction receipts, event photos, etc. | Google Drive | Google Drive Viewer |
+| File Type | Storage | Access Method | Entity Field |
+|---|---|---|---|
+| Org logos, org covers | Cloudflare R2 | Direct URL (`<img src>`) | `organizations.logo`, `organizations.cover` |
+| User profile photos (custom) | Cloudflare R2 | Direct URL (`<img src>`) | `users.image` |
+| ID card photos | Google Drive | Google Drive Viewer URL | `parishioners.idCardPhoto` |
+| Transaction receipts | Google Drive | Google Drive Viewer URL | `transactions.receiptPhoto` |
+| Event photos | Google Drive | Google Drive Viewer URL | `events.eventPhoto` |
+| SK documents | Google Drive | Google Drive Viewer URL | `org_terms.skDocument` |
+
+> **Note:** `users.image` defaults to the Google OAuth profile photo URL. If the user uploads a custom photo, it is stored in Cloudflare R2 and the field is updated to the R2 public URL.
 
 ---
 
@@ -75,7 +81,10 @@ apps/
 packages/
 ├── core/                         # Framework-agnostic, Clean Architecture
 │   ├── contract/
-│   │   └── parishioner.ts        # IParishionerRepository (flat, no subdir)
+│   │   ├── parishioner.ts        # IParishionerRepository (flat, no subdir)
+│   │   ├── storage-public.ts     # IPublicStorage
+│   │   ├── storage-private.ts    # IPrivateStorage
+│   │   └── logger.ts             # ILogger interface
 │   ├── entity/                   # Zod schemas as value objects + inferred types
 │   │   ├── auth-context.ts       # AuthContext interface
 │   │   └── enums.ts
@@ -83,7 +92,8 @@ packages/
 │   ├── service/                  # Business logic, class-based, returns Result<T>
 │   └── utils/                    # ok(), fail(), and helper functions
 ├── db/                           # Drizzle schema, migrations, db client, repository implementations
-└── auth/                         # Better Auth config
+├── auth/                         # Better Auth config
+└── storage/                      # Cloudflare R2 and Google Drive adapter implementations
 ```
 
 ### 3.1 `apps/dash` Structure
@@ -148,6 +158,7 @@ All internal packages use the `@domus/*` namespace:
 @domus/core
 @domus/db
 @domus/auth
+@domus/storage
 ```
 
 Example `package.json` for a JIT package:
@@ -364,7 +375,9 @@ export interface IEventRepository {
 }
 ```
 
-Concrete implementations live in `packages/db/`.
+Storage contracts also live in `packages/core/src/contract/` — see [Section 13 — Storage Architecture](#13-storage-architecture).
+
+Concrete implementations live in `packages/db/` (repositories) and `packages/storage/` (storage adapters).
 
 ### 4.6 Enum Conventions
 
@@ -503,9 +516,9 @@ sequenceDiagram
     participant DB as Database
 
     Admin->>Service: approve/reject(enrollmentId)
-    Service->>DB: Get idCardPhoto (path) + capture email & name
-    Service->>GD: Delete(fileId)
-    Service->>DB: Update enrollmentStatus & Nullable idCardPhoto
+    Service->>DB: Get idCardPhoto (fileId) + capture email & name
+    Service->>GD: IPrivateStorage.delete(fileId)
+    Service->>DB: Update enrollmentStatus & set idCardPhoto to null
     Service->>Admin: Return Result<OK>
 ```
 
@@ -534,14 +547,14 @@ Consistent naming is critical for maintainability and code readability, especial
 | Enum string values (single-word) | lowercase | `'pending'`, `'primary'` |
 | Enum string values (multi-word) | kebab-case | `'junior-high'`, `'not-attending'`, `'super-admin'` |
 | Repository interface names | `PascalCase` + `I` prefix | `IParishionerRepository` |
+| Storage interface names | `PascalCase` + `I` prefix | `IPublicStorage`, `IPrivateStorage` |
 | Service class names | `PascalCase` + `Service` suffix | `ParishionerService`, `EnrollmentService` |
 | Service instance variable names | `camelCase` + `Service` suffix | `parishionerService` |
 | DTO names | `PascalCase` + `Dto` suffix | `CreateParishionerDto`, `UpdateParishionerDto` |
 | Server Action names | `camelCase` + `Action` suffix | `updateParishionerAction` |
-| File names (React components) | `PascalCase` | `ParishionerCard.tsx`, `EventList.tsx` |
-| File names (other) | `kebab-case` | `parishioner.ts`, `get-parishioner.ts` |
+| File names | `kebab-case` | `parishioner.ts`, `get-parishioner.ts` |
 | Folder names | `kebab-case` | `org-enrollments/`, `financial-periods/` |
-| Internal package names | `@domus/` + `kebab-case` | `@domus/core`, `@domus/db` |
+| Internal package names | `@domus/` + `kebab-case` | `@domus/core`, `@domus/db`, `@domus/storage` |
 | Variables & functions | `camelCase` | `getParishioner`, `userId` |
 | Global constants | `SCREAMING_SNAKE_CASE` | `MAX_UPLOAD_SIZE` |
 | React components | `PascalCase` | `ParishionerCard`, `EventList` |
@@ -704,38 +717,105 @@ This mixed type is **by design** — Better Auth manages its own ID generation a
 
 ## 11. Logging
 
-Domus menggunakan **Pino** sebagai logger dan **Axiom** sebagai log sink. Keduanya bekerja secara terpisah dari Sentry — tidak ada konflik jika Sentry ditambahkan di kemudian hari.
+Domus uses **Pino** as the logger and **Axiom** as the log sink. Both operate independently from Sentry — there is no conflict if Sentry is added later.
 
 ### 11.1 Stack Overview
 
-| Komponen | Pilihan | Keterangan |
+| Component | Choice | Description |
 |---|---|---|
-| **Logger** | Pino | Structured JSON logger, performa tinggi, zero-dependency |
-| **Log Sink** | Axiom | SaaS log storage. Free tier: 500 GB ingest/bulan, retensi 30 hari |
-| **Error Tracking** *(opsional, future)* | Sentry | Ditambahkan via Vercel integration bila diperlukan. Tidak conflict dengan Pino + Axiom. |
+| **Logger** | Pino | Structured JSON logger, high performance, zero-dependency |
+| **Log Sink** | Axiom | SaaS log storage. Free tier: 500 GB ingest/month, 30-day retention |
+| **Error Tracking** *(optional, future)* | Sentry | Added via Vercel integration when needed. No conflict with Pino + Axiom. |
+
+### 11.2 `ILogger` Contract
+
+`ILogger` is the interface that defines the logging contract across the entire Domus codebase. Defined in `packages/core/src/contract/logger.ts` so that all layers (service, repository, cron) share the same type without depending on a concrete implementation (Pino).
+
+```typescript
+// packages/core/src/contract/logger.ts
+
+/**
+ * Structured log entry with optional contextual metadata.
+ * Do NOT include PII fields such as email, fullName, or idCardPhoto.
+ */
+export interface LogContext {
+  [key: string]: unknown
+}
+
+/**
+ * Logger contract for Domus services.
+ * Implementations must use structured JSON output — no plain string logs in production.
+ *
+ * Concrete implementations:
+ * - `apps/dash`: Pino via `next-axiom`
+ * - `packages/db`: Pino instance passed via constructor injection
+ * - `apps/cron`: Pino with HTTP transport → Axiom REST API
+ */
+export interface ILogger {
+  /** Routine operational events — request received, operation succeeded. */
+  info(message: string, context?: LogContext): void
+
+  /** Abnormal but non-fatal conditions — GPS validation failed, joinId expired. */
+  warn(message: string, context?: LogContext): void
+
+  /** Caught exceptions or failed operations — use when a Result<T> returns a CoreError. */
+  error(message: string, context?: LogContext): void
+
+  /** Verbose diagnostic information — for development only, never in production. */
+  debug(message: string, context?: LogContext): void
+
+  /** Unrecoverable errors that require immediate attention — process should exit. */
+  fatal(message: string, context?: LogContext): void
+}
+```
 
-### 11.2 Coverage per Area
+`ILogger` is exported via JIT package exports:
 
-| Area | Implementasi |
+```json
+"./contract/logger": "./src/contract/logger.ts"
+```
+
+Usage in the repository layer (`packages/db`) — logger injected via constructor:
+
+```typescript
+// packages/db/src/repository/enrollment.ts
+import type { ILogger } from '@domus/core/contract/logger'
+
+export class EnrollmentRepository implements IEnrollmentRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
+  async findById(id: string) {
+    this.logger.info('EnrollmentRepository.findById', { enrollmentId: id })
+    // ...
+  }
+}
+```
+
+### 11.3 Coverage per Area
+
+| Area | Implementation |
 |---|---|
-| Next.js / Server Actions | `next-axiom` — wrapper resmi Axiom untuk Next.js |
-| Drizzle ORM queries | Custom Pino logger di repository layer (`packages/db`) |
-| Cloudflare Workers (`apps/cron`) | Pino dengan HTTP transport → Axiom REST API |
+| Next.js / Server Actions | `next-axiom` — official Axiom wrapper for Next.js |
+| Drizzle ORM queries | Custom Pino logger in the repository layer (`packages/db`) |
+| Cloudflare Workers (`apps/cron`) | Pino with HTTP transport → Axiom REST API |
 
-### 11.3 Prinsip Logging
+### 11.4 Logging Principles
 
-- **Structured JSON only** — tidak ada `console.log` di production code.
+- **Structured JSON only** — no `console.log` in production code.
 - **Level convention:**
-  - `info` — request masuk, operasi berhasil
-  - `warn` — kondisi tidak normal tapi tidak fatal (e.g., GPS gagal, `joinId` expired)
-  - `error` — exception tertangkap, operasi gagal
-- **No PII in logs** — field sensitif seperti `idCardPhoto`, `email`, dan `fullName` **tidak boleh** dimasukkan ke dalam log.
-- Di environment `development`, gunakan `pino-pretty` untuk output yang mudah dibaca.
-- Di environment `production`, output adalah raw JSON yang dikirim ke Axiom.
+  - `info` — incoming request, successful operation
+  - `warn` — abnormal but non-fatal condition (e.g., GPS failed, `joinId` expired)
+  - `error` — caught exception, failed operation
+- **No PII in logs** — sensitive fields such as `idCardPhoto`, `email`, and `fullName` **must not** be included in logs.
+- In `development`, use `pino-pretty` for human-readable output.
+- In `production`, output is raw JSON sent to Axiom.
 
-### 11.4 Cloudflare Workers — HTTP Transport
+### 11.5 Cloudflare Workers — HTTP Transport
 
-Cloudflare Workers tidak memiliki akses filesystem, sehingga Pino dikonfigurasi menggunakan **HTTP transport** untuk mengirim log langsung ke Axiom via REST API:
+Cloudflare Workers do not have filesystem access, so Pino is configured using an **HTTP transport** to send logs directly to Axiom via REST API:
 
 ```typescript
 // apps/cron/src/logger.ts
@@ -754,28 +834,142 @@ export const logger = pino({
 })
 ```
 
-### 11.5 Environment Variables
+### 11.6 Environment Variables
+
+Add the following variables to all environments (development, preview, production):
+
+| Variable | Description |
+|---|---|
+| `AXIOM_TOKEN` | API token from the Axiom dashboard |
+| `AXIOM_ORG_ID` | Axiom Organization ID |
+| `AXIOM_DATASET` | Dataset name in Axiom (e.g., `domus-prod`, `domus-preview`) |
+
+### 11.7 Sentry — Optional Integration (Future)
+
+Sentry can be added later via Vercel Marketplace without disrupting the Pino + Axiom stack:
+
+- **Pino + Axiom** → general observability (all log levels, request tracing)
+- **Sentry** → actionable error alerting (exception + stack trace + user context)
+
+Both systems run in parallel and complement each other.
+
+---
+
+## 12. Storage Architecture
+
+Domus uses two separate storage providers, each with a dedicated contract interface in `packages/core/src/contract/`.
+
+### 12.1 Storage Division
+
+| Provider | Type | Used For |
+|---|---|---|
+| **Cloudflare R2** | Public | Web-renderable assets served directly via URL |
+| **Google Drive** | Private | Sensitive documents and attachments accessed via Drive Viewer |
+
+### 12.2 `IPublicStorage` Contract
+
+Implemented by the Cloudflare R2 adapter in `packages/storage`.
+
+```typescript
+// packages/core/src/contract/storage-public.ts
+
+/**
+ * Contract for public asset storage (Cloudflare R2).
+ * Used for web-accessible assets: org logos, org covers, user profile photos.
+ */
+export interface IPublicStorage {
+  /**
+   * Uploads a file to public storage.
+   * @param file - The file buffer to upload.
+   * @param path - The destination path within the bucket (e.g., `orgs/{id}/logo.webp`).
+   * @returns The public URL of the uploaded file.
+   */
+  upload(file: Buffer, path: string): Promise<string>
+
+  /**
+   * Deletes a file from public storage.
+   * @param path - The path of the file to delete (same path used during upload).
+   */
+  delete(path: string): Promise<void>
+}
+```
+
+### 12.3 `IPrivateStorage` Contract
+
+Implemented by the Google Drive adapter in `packages/storage`.
+
+```typescript
+// packages/core/src/contract/storage-private.ts
+
+/**
+ * Contract for private document storage (Google Drive via Service Account).
+ * Used for sensitive or non-public files: ID card photos, receipt photos,
+ * event photos, SK documents.
+ */
+export interface IPrivateStorage {
+  /**
+   * Uploads a file to a specified Google Drive folder.
+   * @param file - The file buffer to upload.
+   * @param folderId - The Google Drive folder ID to upload into.
+   * @param fileName - The name of the file in Google Drive.
+   * @returns An object containing the Drive file ID and a viewer URL.
+   */
+  upload(
+    file: Buffer,
+    folderId: string,
+    fileName: string,
+  ): Promise<{ fileId: string; viewerUrl: string }>
+
+  /**
+   * Permanently deletes a file from Google Drive.
+   * Used for PII purge (e.g., ID card photos after enrollment approval/rejection).
+   * @param fileId - The Google Drive file ID to delete.
+   */
+  delete(fileId: string): Promise<void>
+}
+```
+
+### 12.4 Path Conventions (Cloudflare R2)
+
+| Asset Type | Path Pattern | Example |
+|---|---|---|
+| Org logo | `orgs/{orgId}/logo.{ext}` | `orgs/abc123/logo.webp` |
+| Org cover | `orgs/{orgId}/cover.{ext}` | `orgs/abc123/cover.webp` |
+| User profile photo | `users/{userId}/avatar.{ext}` | `users/xyz789/avatar.webp` |
 
-Tambahkan variabel berikut ke semua environment (development, preview, production):
+### 12.5 Folder Conventions (Google Drive)
 
-| Variable | Keterangan |
+Each file type is stored in a dedicated Google Drive folder, configured via environment variables:
+
+| Asset Type | Env Var |
 |---|---|
-| `AXIOM_TOKEN` | API token dari Axiom dashboard |
-| `AXIOM_ORG_ID` | Organization ID Axiom |
-| `AXIOM_DATASET` | Nama dataset di Axiom (e.g., `domus-prod`, `domus-preview`) |
+| ID card photos | `GDRIVE_FOLDER_ID_CARD` |
+| Transaction receipts | `GDRIVE_FOLDER_RECEIPT` |
+| Event photos | `GDRIVE_FOLDER_EVENT` |
+| SK documents | `GDRIVE_FOLDER_SK_DOC` |
 
-### 11.6 Sentry — Integrasi Opsional (Future)
+### 12.6 PII Purge
 
-Sentry dapat ditambahkan di kemudian hari via Vercel Marketplace tanpa mengganggu stack Pino + Axiom:
+ID card photos (`parishioners.idCardPhoto`) are permanently deleted from Google Drive upon enrollment approval or rejection — whichever comes first. The purge is performed via `IPrivateStorage.delete(fileId)` at the service layer (`EnrollmentService`) before any status update is committed. See [Section 5.1 — PII Purge Logic](#51-pii-purge-logic-google-drive) for the full flow.
 
-- **Pino + Axiom** → general observability (semua log levels, request tracing)
-- **Sentry** → error alerting yang actionable (exception + stack trace + user context)
+### 12.7 Environment Variables
 
-Kedua sistem berjalan paralel dan saling melengkapi.
+| Variable | Description |
+|---|---|
+| `R2_ACCOUNT_ID` | Cloudflare account ID |
+| `R2_ACCESS_KEY_ID` | R2 access key |
+| `R2_SECRET_ACCESS_KEY` | R2 secret key |
+| `R2_BUCKET_NAME` | R2 bucket name |
+| `R2_PUBLIC_URL` | Base public URL for R2 assets |
+| `GDRIVE_SERVICE_ACCOUNT_KEY` | Google Service Account JSON key (base64 encoded) |
+| `GDRIVE_FOLDER_ID_CARD` | Google Drive folder ID for ID card photos |
+| `GDRIVE_FOLDER_RECEIPT` | Google Drive folder ID for transaction receipts |
+| `GDRIVE_FOLDER_EVENT` | Google Drive folder ID for event photos |
+| `GDRIVE_FOLDER_SK_DOC` | Google Drive folder ID for SK documents |
 
 ---
 
-## 12. License
+## 13. License
 
 Domus is released under the **MIT** license. All code and documentation are open source and can be freely used, modified, and distributed in accordance with the license terms.
 
diff --git a/package.json b/package.json
index f32e431b..540a9825 100644
--- a/package.json
+++ b/package.json
@@ -26,7 +26,7 @@
     "@commitlint/config-conventional": "^20.5.0",
     "husky": "^9.1.7",
     "lint-staged": "^16.4.0",
-    "turbo": "^2.8.21",
+    "turbo": "^2.9.4",
     "typescript": "5.9.3"
   },
   "packageManager": "pnpm@10.33.0",
diff --git a/packages/auth/src/client.ts b/packages/auth/src/client.ts
index 3b7557c8..e5863f6d 100644
--- a/packages/auth/src/client.ts
+++ b/packages/auth/src/client.ts
@@ -25,8 +25,6 @@ import { globalAc, globalRoles, orgAc, orgRoles } from './permissions';
 
 export function createAuthClient() {
   return baseCreateClient({
-    baseURL: process.env.NEXT_PUBLIC_APP_URL ?? 'http://localhost:3000',
-
     plugins: [
       /**
        * adminClient — exposes authClient.admin.*
diff --git a/packages/auth/src/permissions.ts b/packages/auth/src/permissions.ts
index 6c726b86..471c7b8b 100644
--- a/packages/auth/src/permissions.ts
+++ b/packages/auth/src/permissions.ts
@@ -137,6 +137,7 @@ export const orgOwner = orgAc.newRole({
 
 /** Manages events, attendance, and membership approvals. */
 export const orgAdmin = orgAc.newRole({
+  organization: ['update'],
   member: ['create', 'update', 'delete'],
   invitation: ['create', 'cancel'],
   event: ['create', 'update', 'delete', 'list', 'view'],
diff --git a/packages/config/src/index.ts b/packages/config/src/index.ts
index b9891fd7..77dfe7fc 100644
--- a/packages/config/src/index.ts
+++ b/packages/config/src/index.ts
@@ -26,6 +26,8 @@ const envSchema = z.object({
   SUPER_ADMIN_EMAIL: z.email(),
   SUPER_ADMIN_PASSWORD: z.string().min(1),
   SUPER_ADMIN_NAME: z.string().min(1),
+  AXIOM_TOKEN: z.string().min(1),
+  AXIOM_DATASET: z.string().min(1),
 });
 
 function getEnv() {
@@ -65,6 +67,10 @@ const configSchema = z.object({
     adminPassword: z.string(),
     adminName: z.string(),
   }),
+  axiom: z.object({
+    token: z.string(),
+    dataset: z.string(),
+  }),
 });
 /**
  * The unified configuration object for the Domus application.
@@ -101,6 +107,10 @@ function getConfig() {
       adminPassword: env.SUPER_ADMIN_PASSWORD,
       adminName: env.SUPER_ADMIN_NAME,
     },
+    axiom: {
+      token: env.AXIOM_TOKEN,
+      dataset: env.AXIOM_DATASET,
+    },
   };
   return configSchema.parse(config);
 }
diff --git a/packages/core/package.json b/packages/core/package.json
index a6595622..d373034f 100644
--- a/packages/core/package.json
+++ b/packages/core/package.json
@@ -4,7 +4,9 @@
   "private": true,
   "type": "module",
   "exports": {
-    ".": "./src/index.ts"
+    ".": "./src/index.ts",
+    "./contract/storage-public": "./src/contract/storage-public.ts",
+    "./contract/storage-private": "./src/contract/storage-private.ts"
   },
   "scripts": {
     "typecheck": "tsc --noEmit",
@@ -13,6 +15,7 @@
   },
   "devDependencies": {
     "@domus/tsconfig": "workspace:*",
+    "@types/node": "^24.0.0",
     "@vitest/coverage-istanbul": "^4.1.0",
     "vitest": "^4.1.0",
     "vitest-mock-extended": "^3.1.0"
diff --git a/packages/core/src/contract/index.ts b/packages/core/src/contract/index.ts
index 3d2c966b..9461e555 100644
--- a/packages/core/src/contract/index.ts
+++ b/packages/core/src/contract/index.ts
@@ -2,6 +2,7 @@ export * from './attendance';
 export * from './enrollment';
 export * from './event';
 export * from './financial-period';
+export * from './logger';
 export * from './member';
 export * from './notification';
 export * from './organization';
diff --git a/packages/core/src/contract/logger.ts b/packages/core/src/contract/logger.ts
new file mode 100644
index 00000000..dc4b183b
--- /dev/null
+++ b/packages/core/src/contract/logger.ts
@@ -0,0 +1,43 @@
+/**
+ * Structured log entry with optional contextual metadata.
+ * Do NOT include PII fields such as email, fullName, or idCardPhoto.
+ */
+export interface LogContext {
+  [key: string]: unknown;
+}
+
+/**
+ * Logger contract for Domus services.
+ * Implementations must use structured JSON output — no plain string logs in production.
+ *
+ * Concrete implementations:
+ * - `apps/dash`: Pino via `next-axiom`
+ * - `packages/db`: Pino instance passed via constructor injection
+ * - `apps/cron`: Pino with HTTP transport → Axiom REST API
+ */
+export interface ILogger {
+  /**
+   * Routine operational events — request received, operation succeeded.
+   */
+  info(message: string, context?: LogContext): void;
+
+  /**
+   * Abnormal but non-fatal conditions — GPS validation failed, joinId expired.
+   */
+  warn(message: string, context?: LogContext): void;
+
+  /**
+   * Caught exceptions or failed operations — use when a Result<T> returns a CoreError.
+   */
+  error(message: string, context?: LogContext): void;
+
+  /**
+   * Verbose diagnostic information — for development only, never in production.
+   */
+  debug(message: string, context?: LogContext): void;
+
+  /**
+   * Unrecoverable errors that require immediate attention — process should exit.
+   */
+  fatal(message: string, context?: LogContext): void;
+}
diff --git a/packages/core/src/contract/storage-private.ts b/packages/core/src/contract/storage-private.ts
new file mode 100644
index 00000000..acbb5328
--- /dev/null
+++ b/packages/core/src/contract/storage-private.ts
@@ -0,0 +1,28 @@
+/**
+ * Contract for private document storage (Google Drive via Service Account).
+ * Used for sensitive or non-public files: ID card photos, receipt photos,
+ * event photos, SK documents.
+ */
+export interface IPrivateStorage {
+  /**
+   * Uploads a file to a specified Google Drive folder.
+   *
+   * @param file - The file buffer to upload.
+   * @param folderId - The Google Drive folder ID to upload into.
+   * @param fileName - The name of the file in Google Drive.
+   * @returns An object containing the Drive file ID and a viewer URL.
+   */
+  upload(
+    file: Buffer,
+    folderId: string,
+    fileName: string,
+  ): Promise<{ fileId: string; viewerUrl: string }>;
+
+  /**
+   * Permanently deletes a file from Google Drive.
+   * Used for PII purge (e.g., ID card photos after enrollment approval/rejection).
+   *
+   * @param fileId - The Google Drive file ID to delete.
+   */
+  delete(fileId: string): Promise<void>;
+}
diff --git a/packages/core/src/contract/storage-public.ts b/packages/core/src/contract/storage-public.ts
new file mode 100644
index 00000000..698f95c8
--- /dev/null
+++ b/packages/core/src/contract/storage-public.ts
@@ -0,0 +1,21 @@
+/**
+ * Contract for public asset storage (Cloudflare R2).
+ * Used for web-accessible assets: org logos, org covers, user profile photos.
+ */
+export interface IPublicStorage {
+  /**
+   * Uploads a file to public storage.
+   *
+   * @param file - The file buffer to upload.
+   * @param path - The destination path within the bucket (e.g., `orgs/{id}/logo.webp`).
+   * @returns The public URL of the uploaded file.
+   */
+  upload(file: Buffer, path: string): Promise<string>;
+
+  /**
+   * Deletes a file from public storage.
+   *
+   * @param path - The path of the file to delete (same path used during upload).
+   */
+  delete(path: string): Promise<void>;
+}
diff --git a/packages/core/src/entity/attendance.ts b/packages/core/src/entity/attendance.ts
index bbc6b561..2783f6d2 100644
--- a/packages/core/src/entity/attendance.ts
+++ b/packages/core/src/entity/attendance.ts
@@ -4,12 +4,12 @@ import { AttendanceMethod, AttendanceStatus } from './enums';
 export { AttendanceMethod, AttendanceStatus };
 
 export const AttendanceEntity = z.object({
-  id: z.string(),
-  eventId: z.string(),
-  parishionerId: z.string(),
+  id: z.uuidv7(),
+  eventId: z.uuidv7(),
+  parishionerId: z.uuidv7(),
   method: z.enum(Object.values(AttendanceMethod) as [string, ...string[]]),
   status: z.enum(Object.values(AttendanceStatus) as [string, ...string[]]),
-  verifiedBy: z.string().nullable(),
+  verifiedBy: z.uuidv7().nullable(),
   verifiedAt: z.date().nullable(),
   createdAt: z.date(),
   updatedAt: z.date(),
@@ -27,7 +27,7 @@ export const RecordAttendanceSchema = AttendanceEntity.omit({
   updatedAt: true,
   deletedAt: true,
 }).extend({
-  id: z.string().uuid().optional(),
+  id: z.uuidv7().optional(),
 });
 
 /**
diff --git a/packages/core/src/entity/enrollment.ts b/packages/core/src/entity/enrollment.ts
index d68b4a2b..dce6c4b2 100644
--- a/packages/core/src/entity/enrollment.ts
+++ b/packages/core/src/entity/enrollment.ts
@@ -6,10 +6,10 @@ import { EnrollmentStatus } from './enums';
  * An enrollment represents a parishioner's registration in an organization.
  */
 export const EnrollmentEntity = z.object({
-  id: z.string().uuid(),
-  parishionerId: z.string().uuid(),
-  organizationId: z.string(),
-  unitId: z.string().uuid().optional().nullable(),
+  id: z.uuidv7(),
+  parishionerId: z.uuidv7(),
+  organizationId: z.uuidv7(),
+  unitId: z.uuidv7().optional().nullable(),
   status: z.nativeEnum(EnrollmentStatus),
   joinedAt: z.date().nullable(),
   createdAt: z.date(),
diff --git a/packages/core/src/entity/enums.ts b/packages/core/src/entity/enums.ts
index 80f14bd6..3fdade83 100644
--- a/packages/core/src/entity/enums.ts
+++ b/packages/core/src/entity/enums.ts
@@ -32,13 +32,13 @@ export type Gender = (typeof Gender)[keyof typeof Gender];
  * Enums and types for education level.
  */
 export const EducationLevel = {
-  SD: 'sd',
-  SMP: 'smp',
-  SMA: 'sma',
-  D3: 'd3',
-  S1: 's1',
-  S2: 's2',
-  S3: 's3',
+  Primary: 'primary',
+  Junior: 'junior',
+  Senior: 'senior',
+  Diploma: 'diploma',
+  Bachelor: 'bachelor',
+  Master: 'master',
+  Doctorate: 'doctorate',
 } as const;
 
 /**
diff --git a/packages/core/src/entity/event.ts b/packages/core/src/entity/event.ts
index 6a06ef4c..53089d74 100644
--- a/packages/core/src/entity/event.ts
+++ b/packages/core/src/entity/event.ts
@@ -7,8 +7,8 @@ export { EventStatus, EventVisibility };
  * Zod schema for an event entity.
  */
 export const EventEntity = z.object({
-  id: z.string(),
-  organizationId: z.string().nullable(),
+  id: z.uuidv7(),
+  organizationId: z.uuidv7().nullable(),
   name: z.string().min(1),
   description: z.string().nullable(),
   location: z.string().min(1),
@@ -22,7 +22,7 @@ export const EventEntity = z.object({
   visibility: z.enum(Object.values(EventVisibility) as [string, ...string[]]),
   isRsvpEnabled: z.boolean().default(false),
   status: z.enum(Object.values(EventStatus) as [string, ...string[]]),
-  createdBy: z.string(),
+  createdBy: z.uuidv7(),
   createdAt: z.date(),
   updatedAt: z.date(),
   deletedAt: z.date().nullable(),
@@ -42,12 +42,12 @@ export const CreateEventSchema = EventEntity.omit({
   updatedAt: true,
   deletedAt: true,
 }).extend({
-  id: z.string().uuid().optional(),
+  id: z.uuidv7().optional(),
   qrCode: z.string().optional(),
   status: z
     .enum(Object.values(EventStatus) as [string, ...string[]])
     .optional(),
-  createdBy: z.string().optional(),
+  createdBy: z.uuidv7().optional(),
 });
 
 /**
diff --git a/packages/core/src/entity/financial-period.ts b/packages/core/src/entity/financial-period.ts
index 59b46940..8233f565 100644
--- a/packages/core/src/entity/financial-period.ts
+++ b/packages/core/src/entity/financial-period.ts
@@ -7,11 +7,11 @@ export { PeriodStatus };
  * Zod schema for a financial period entity.
  */
 export const FinancialPeriodEntity = z.object({
-  id: z.string(),
+  id: z.uuidv7(),
   month: z.number().min(1).max(12),
   year: z.number(),
   status: z.enum(Object.values(PeriodStatus) as [string, ...string[]]),
-  lockedBy: z.string().nullable(),
+  lockedBy: z.uuidv7().nullable(),
   lockedAt: z.date().nullable(),
   createdAt: z.date(),
   updatedAt: z.date(),
@@ -32,11 +32,11 @@ export const CreateFinancialPeriodSchema = FinancialPeriodEntity.omit({
   updatedAt: true,
   deletedAt: true,
 }).extend({
-  id: z.string().uuid().optional(),
+  id: z.uuidv7().optional(),
   status: z
     .enum(Object.values(PeriodStatus) as [string, ...string[]])
     .optional(),
-  lockedBy: z.string().nullable().optional(),
+  lockedBy: z.uuidv7().nullable().optional(),
   lockedAt: z.date().nullable().optional(),
 });
 
diff --git a/packages/core/src/entity/notification.ts b/packages/core/src/entity/notification.ts
index 53406ed7..9e8336a9 100644
--- a/packages/core/src/entity/notification.ts
+++ b/packages/core/src/entity/notification.ts
@@ -7,15 +7,15 @@ export { NotificationChannel, NotificationStatus };
  * Zod schema for a notification entity.
  */
 export const NotificationEntity = z.object({
-  id: z.string(),
-  userId: z.string(),
+  id: z.uuidv7(),
+  userId: z.uuidv7(),
   title: z.string().min(1),
   body: z.string().min(1),
   type: z.string(),
   channel: z.enum(Object.values(NotificationChannel) as [string, ...string[]]),
   isRead: z.boolean().default(false),
   status: z.enum(Object.values(NotificationStatus) as [string, ...string[]]),
-  referenceId: z.string().nullable(),
+  referenceId: z.uuidv7().nullable(),
   referenceType: z.string().nullable(),
   sentAt: z.date().nullable(),
   createdAt: z.date(),
diff --git a/packages/core/src/entity/organization.ts b/packages/core/src/entity/organization.ts
index cbfac551..635cda33 100644
--- a/packages/core/src/entity/organization.ts
+++ b/packages/core/src/entity/organization.ts
@@ -7,17 +7,17 @@ export { OrgType };
  * Zod schema for an organization entity.
  */
 export const OrganizationEntity = z.object({
-  id: z.string(),
+  id: z.uuidv7(),
   name: z.string().min(1),
   slug: z.string().min(1),
   logo: z.string().nullish(),
   cover: z.string().nullish(),
   type: z.enum(OrgType),
-  parentId: z.string().nullish(),
+  parentId: z.uuidv7().nullish(),
   joinId: z.string().nullish(),
   description: z.string().nullish(),
   createdAt: z.date(),
-  updatedAt: z.date(),
+  updatedAt: z.date().nullable(),
   deletedAt: z.date().nullish(),
 });
 
@@ -35,7 +35,7 @@ export const CreateOrganizationSchema = OrganizationEntity.omit({
   updatedAt: true,
   deletedAt: true,
 }).extend({
-  id: z.string().optional(),
+  id: z.uuidv7().optional(),
   slug: z.string().optional(), // Allow backend to generate slug if not provided
 });
 
diff --git a/packages/core/src/entity/parishioner.ts b/packages/core/src/entity/parishioner.ts
index d23257f9..2763f76e 100644
--- a/packages/core/src/entity/parishioner.ts
+++ b/packages/core/src/entity/parishioner.ts
@@ -4,23 +4,22 @@ import { EducationLevel, Gender } from './enums';
 export { EducationLevel, Gender };
 
 export const ParishionerEntity = z.object({
-  id: z.string(),
-  userId: z.string().nullable(),
-  email: z.string().email().nullable(),
-  avatarUrl: z.string().url().nullable(),
+  id: z.uuidv7(),
+  userId: z.uuidv7().nullish(),
+  email: z.email().nullish(),
+  avatarUrl: z.url().nullable(),
   fullName: z.string().min(1),
-  honorific: z.string().nullable(),
-  suffix: z.string().nullable(),
-  birthPlace: z.string().nullable(),
-  birthDate: z.date().nullable(),
-  gender: z.enum(Object.values(Gender) as [string, ...string[]]).nullable(),
-  educationLevel: z
-    .enum(Object.values(EducationLevel) as [string, ...string[]])
-    .nullable(),
-  idCardPhoto: z.string().nullable(),
+  honorific: z.string().nullish(),
+  suffix: z.string().nullish(),
+  birthPlace: z.string().nullish(),
+  birthDate: z.date().nullish(),
+  gender: z.enum(Gender).nullish(),
+  educationLevel: z.enum(EducationLevel).nullish(),
+  idCardNumber: z.string().nullish(),
+  idCardPhoto: z.string().nullish(),
   createdAt: z.date(),
   updatedAt: z.date(),
-  deletedAt: z.date().nullable(),
+  deletedAt: z.date().nullish(),
 });
 
 export type Parishioner = z.infer<typeof ParishionerEntity>;
diff --git a/packages/core/src/entity/placement.ts b/packages/core/src/entity/placement.ts
index dc8c71bd..a4fc9843 100644
--- a/packages/core/src/entity/placement.ts
+++ b/packages/core/src/entity/placement.ts
@@ -5,10 +5,10 @@ import { z } from 'zod';
  * A placement tracks a parishioner's position within a unit during a term.
  */
 export const PlacementEntity = z.object({
-  id: z.string().uuid(),
-  enrollmentId: z.string().uuid(),
-  termId: z.string().uuid().nullable(),
-  unitId: z.string().uuid().nullable(),
+  id: z.uuidv7(),
+  enrollmentId: z.uuidv7(),
+  termId: z.uuidv7().nullable(),
+  unitId: z.uuidv7().nullable(),
   position: z.string().default('anggota'),
   order: z.number().int().default(0),
   startDate: z.date().nullable(),
diff --git a/packages/core/src/entity/rsvp.ts b/packages/core/src/entity/rsvp.ts
index 592a1531..10840b6b 100644
--- a/packages/core/src/entity/rsvp.ts
+++ b/packages/core/src/entity/rsvp.ts
@@ -7,9 +7,9 @@ export { RsvpStatus };
  * Zod schema for an RSVP entity.
  */
 export const RsvpEntity = z.object({
-  id: z.string(),
-  eventId: z.string(),
-  parishionerId: z.string(),
+  id: z.uuidv7(),
+  eventId: z.uuidv7(),
+  parishionerId: z.uuidv7(),
   status: z.enum(Object.values(RsvpStatus) as [string, ...string[]]),
   createdAt: z.date(),
   updatedAt: z.date(),
@@ -30,7 +30,7 @@ export const SubmitRsvpSchema = RsvpEntity.omit({
   updatedAt: true,
   deletedAt: true,
 }).extend({
-  id: z.string().uuid().optional(),
+  id: z.uuidv7().optional(),
 });
 
 /**
diff --git a/packages/core/src/entity/term.ts b/packages/core/src/entity/term.ts
index f06228ff..12da3a64 100644
--- a/packages/core/src/entity/term.ts
+++ b/packages/core/src/entity/term.ts
@@ -5,8 +5,8 @@ import { z } from 'zod';
  * A term represents an organizational kepengurusan period.
  */
 export const TermEntity = z.object({
-  id: z.string().uuid(),
-  organizationId: z.string(),
+  id: z.uuidv7(),
+  organizationId: z.uuidv7(),
   name: z.string().min(1),
   startDate: z.date().nullable(),
   endDate: z.date().nullable(),
diff --git a/packages/core/src/entity/transaction-category.ts b/packages/core/src/entity/transaction-category.ts
index 844f12b0..b872f26e 100644
--- a/packages/core/src/entity/transaction-category.ts
+++ b/packages/core/src/entity/transaction-category.ts
@@ -5,7 +5,7 @@ import { TransactionType } from './enums';
  * Zod schema for a financial transaction category entity.
  */
 export const TransactionCategoryEntity = z.object({
-  id: z.string(),
+  id: z.uuidv7(),
   name: z.string().min(1),
   type: z.enum(Object.values(TransactionType) as [string, ...string[]]),
   createdAt: z.date(),
diff --git a/packages/core/src/entity/transaction.ts b/packages/core/src/entity/transaction.ts
index 2d7276ab..0c2a461a 100644
--- a/packages/core/src/entity/transaction.ts
+++ b/packages/core/src/entity/transaction.ts
@@ -7,16 +7,16 @@ export { TransactionType };
  * Zod schema for a financial transaction entity.
  */
 export const TransactionEntity = z.object({
-  id: z.string(),
-  periodId: z.string(),
-  categoryId: z.string(),
+  id: z.uuidv7(),
+  periodId: z.uuidv7(),
+  categoryId: z.uuidv7(),
   type: z.enum(Object.values(TransactionType) as [string, ...string[]]),
   amount: z.number().positive(),
   description: z.string().min(1),
   date: z.date(),
   receiptPhoto: z.string().nullish(),
-  createdBy: z.string(),
-  updatedBy: z.string().nullish(),
+  createdBy: z.uuidv7(),
+  updatedBy: z.uuidv7().nullish(),
   createdAt: z.date(),
   updatedAt: z.date(),
   deletedAt: z.date().nullable(),
@@ -37,8 +37,8 @@ export const CreateTransactionSchema = TransactionEntity.omit({
   updatedAt: true,
   deletedAt: true,
 }).extend({
-  id: z.string().uuid().optional(),
-  createdBy: z.string().optional(),
+  id: z.uuidv7().optional(),
+  createdBy: z.uuidv7().optional(),
 });
 
 /**
diff --git a/packages/core/src/entity/unit.ts b/packages/core/src/entity/unit.ts
index 7e7f291f..0d21fb5b 100644
--- a/packages/core/src/entity/unit.ts
+++ b/packages/core/src/entity/unit.ts
@@ -5,8 +5,8 @@ import { z } from 'zod';
  * A unit represents an organizational unit within an organization (e.g., committee).
  */
 export const UnitEntity = z.object({
-  id: z.string().uuid(),
-  organizationId: z.string(),
+  id: z.uuidv7(),
+  organizationId: z.uuidv7(),
   name: z.string().min(1, 'Nama unit harus diisi.'),
   description: z.string().nullable(),
   position: z.number().int().default(0),
@@ -55,7 +55,7 @@ export type UpdateUnit = z.infer<typeof UpdateUnitSchema>;
 export const ReorderUnitsSchema = z.object({
   units: z.array(
     z.object({
-      id: z.string().uuid(),
+      id: z.uuidv7(),
       position: z.number().int(),
     }),
   ),
diff --git a/packages/core/src/entity/user.ts b/packages/core/src/entity/user.ts
index 3905111b..f46c9cec 100644
--- a/packages/core/src/entity/user.ts
+++ b/packages/core/src/entity/user.ts
@@ -7,10 +7,10 @@ export { AccountStatus, UserRole };
  * Zod schema for a user entity.
  */
 export const UserEntity = z.object({
-  id: z.string(),
+  id: z.uuidv7(),
   name: z.string(),
-  email: z.email(),
-  emailVerified: z.boolean().nullable(),
+  email: z.string().email(),
+  emailVerified: z.boolean(),
   image: z.string().nullable(),
   accountStatus: z.enum(AccountStatus),
   createdAt: z.date(),
diff --git a/packages/core/src/error/core-error.ts b/packages/core/src/error/core-error.ts
deleted file mode 100644
index 35d6a137..00000000
--- a/packages/core/src/error/core-error.ts
+++ /dev/null
@@ -1,13 +0,0 @@
-/**
- * Base class for all core errors in the application.
- */
-export class CoreError extends Error {
-  constructor(
-    public readonly code: string,
-    public readonly status: number,
-    message: string,
-  ) {
-    super(message);
-    this.name = this.constructor.name;
-  }
-}
diff --git a/packages/core/src/error/error.spec.ts b/packages/core/src/error/error.spec.ts
index 817dc288..d4ec9487 100644
--- a/packages/core/src/error/error.spec.ts
+++ b/packages/core/src/error/error.spec.ts
@@ -1,8 +1,10 @@
 import { describe, expect, it } from 'vitest';
-import { CoreError } from './core-error';
-import { ForbiddenError } from './forbidden-error';
-import { NotFoundError } from './not-found-error';
-import { UnauthorizedError } from './unauthorized-error';
+import {
+  CoreError,
+  ForbiddenError,
+  NotFoundError,
+  UnauthorizedError,
+} from './error';
 
 describe('Core Errors', () => {
   describe('CoreError', () => {
diff --git a/packages/core/src/error/error.ts b/packages/core/src/error/error.ts
new file mode 100644
index 00000000..a764bfbe
--- /dev/null
+++ b/packages/core/src/error/error.ts
@@ -0,0 +1,75 @@
+/**
+ * Base class for all core errors in the application.
+ */
+export class CoreError extends Error {
+  public readonly logLevel: 'info' | 'warn' | 'error' = 'error';
+  public readonly cause?: unknown;
+
+  constructor(
+    public readonly code: string,
+    public readonly status: number,
+    message: string,
+    cause?: unknown,
+  ) {
+    super(message);
+    this.name = this.constructor.name;
+    this.cause = cause;
+  }
+}
+
+/**
+ * Error thrown when a requested resource is not found.
+ */
+export class NotFoundError extends CoreError {
+  public override readonly logLevel = 'info';
+
+  constructor(resource?: string) {
+    super(
+      'NOT_FOUND',
+      404,
+      resource ? `${resource} tidak ditemukan` : 'Tidak ditemukan',
+    );
+  }
+}
+
+/**
+ * Error thrown when a user is not authenticated.
+ */
+export class UnauthorizedError extends CoreError {
+  public override readonly logLevel = 'info';
+
+  constructor() {
+    super('UNAUTHORIZED', 401, 'Tidak terautentikasi');
+  }
+}
+
+/**
+ * Error thrown when a user is not authorized to perform an action.
+ */
+export class ForbiddenError extends CoreError {
+  public override readonly logLevel = 'info';
+
+  constructor(message?: string) {
+    super('FORBIDDEN', 403, message ?? 'Akses ditolak');
+  }
+}
+
+/**
+ * Error thrown when an internal server error occurs.
+ */
+export class InternalError extends CoreError {
+  constructor(cause: unknown) {
+    super('INTERNAL', 500, 'Internal Server Error', cause);
+  }
+}
+
+/**
+ * Error thrown when a validation fails (e.g. business logic constraints).
+ */
+export class ValidationError extends CoreError {
+  public override readonly logLevel = 'info';
+
+  constructor(message: string) {
+    super('VALIDATION_ERROR', 400, message);
+  }
+}
diff --git a/packages/core/src/error/forbidden-error.ts b/packages/core/src/error/forbidden-error.ts
deleted file mode 100644
index 6cfd4f77..00000000
--- a/packages/core/src/error/forbidden-error.ts
+++ /dev/null
@@ -1,10 +0,0 @@
-import { CoreError } from './core-error';
-
-/**
- * Error thrown when a user is not authorized to perform an action.
- */
-export class ForbiddenError extends CoreError {
-  constructor(message?: string) {
-    super('FORBIDDEN', 403, message ?? 'Akses ditolak');
-  }
-}
diff --git a/packages/core/src/error/index.ts b/packages/core/src/error/index.ts
index f47fc6fb..93ae819e 100644
--- a/packages/core/src/error/index.ts
+++ b/packages/core/src/error/index.ts
@@ -1,6 +1 @@
-export * from './core-error';
-export * from './forbidden-error';
-export * from './not-found-error';
-export * from './unauthorized-error';
-export * from './update';
-export * from './validation-error';
+export * from './error';
diff --git a/packages/core/src/error/not-found-error.ts b/packages/core/src/error/not-found-error.ts
deleted file mode 100644
index 83ee7aed..00000000
--- a/packages/core/src/error/not-found-error.ts
+++ /dev/null
@@ -1,14 +0,0 @@
-import { CoreError } from './core-error';
-
-/**
- * Error thrown when a requested resource is not found.
- */
-export class NotFoundError extends CoreError {
-  constructor(resource?: string) {
-    super(
-      'NOT_FOUND',
-      404,
-      resource ? `${resource} tidak ditemukan` : 'Tidak ditemukan',
-    );
-  }
-}
diff --git a/packages/core/src/error/unauthorized-error.ts b/packages/core/src/error/unauthorized-error.ts
deleted file mode 100644
index 94526b7b..00000000
--- a/packages/core/src/error/unauthorized-error.ts
+++ /dev/null
@@ -1,10 +0,0 @@
-import { CoreError } from './core-error';
-
-/**
- * Error thrown when a user is not authenticated.
- */
-export class UnauthorizedError extends CoreError {
-  constructor() {
-    super('UNAUTHORIZED', 401, 'Tidak terautentikasi');
-  }
-}
diff --git a/packages/core/src/error/update.ts b/packages/core/src/error/update.ts
deleted file mode 100644
index 7ea3b299..00000000
--- a/packages/core/src/error/update.ts
+++ /dev/null
@@ -1,11 +0,0 @@
-import { CoreError } from './core-error';
-
-/**
- * Error thrown when an internal server error occurs.
- */
-export class InternalError extends CoreError {
-  constructor(cause: unknown) {
-    super('INTERNAL', 500, 'Internal Server Error');
-    this.cause = cause;
-  }
-}
diff --git a/packages/core/src/error/validation-error.ts b/packages/core/src/error/validation-error.ts
deleted file mode 100644
index 3a25861e..00000000
--- a/packages/core/src/error/validation-error.ts
+++ /dev/null
@@ -1,10 +0,0 @@
-import { CoreError } from './core-error';
-
-/**
- * Error thrown when a validation fails (e.g. business logic constraints).
- */
-export class ValidationError extends CoreError {
-  constructor(message: string) {
-    super('VALIDATION_ERROR', 400, message);
-  }
-}
diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts
index 8f53323e..3a5f188a 100644
--- a/packages/core/src/index.ts
+++ b/packages/core/src/index.ts
@@ -1,4 +1,6 @@
 export * from './contract';
+export * from './contract/storage-private';
+export * from './contract/storage-public';
 export * from './entity';
 export * from './error';
 export * from './event';
diff --git a/packages/core/src/service/attendance.spec.ts b/packages/core/src/service/attendance.spec.ts
index f6946623..c6061913 100644
--- a/packages/core/src/service/attendance.spec.ts
+++ b/packages/core/src/service/attendance.spec.ts
@@ -1,7 +1,11 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
 import type { IAttendanceRepository } from '../contract/attendance';
 import type { IEventRepository } from '../contract/event';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { Attendance } from '../entity/attendance';
 import type { AuthContext } from '../entity/auth-context';
 import {
@@ -19,35 +23,51 @@ import { AttendanceService } from './attendance';
 describe('AttendanceService', () => {
   const repo = mock<IAttendanceRepository>();
   const eventRepo = mock<IEventRepository>();
-  const service = new AttendanceService(repo, eventRepo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new AttendanceService(
+    repo,
+    eventRepo,
+    publicStorage,
+    privateStorage,
+    logger,
+  );
+
+  const eventId = v7();
+  const orgId = v7();
+  const attId = v7();
+  const parishionerId = v7();
+  const adminId = v7();
+  const userId = v7();
 
   const mockEvent = {
-    id: 'event-1',
-    organizationId: 'org-1',
+    id: eventId,
+    organizationId: orgId,
     visibility: EventVisibility.Private,
   };
 
   const mockAttendance = {
-    id: 'att-1',
-    eventId: 'event-1',
-    parishionerId: 'p-1',
+    id: attId,
+    eventId: eventId,
+    parishionerId: parishionerId,
     method: AttendanceMethod.QrCode,
     status: AttendanceStatus.Present,
   };
 
   const _adminCtx: AuthContext = {
-    userId: 'admin-1',
+    userId: adminId,
     roles: [UserRole.ParishAdmin],
     accountStatus: AccountStatus.Approved,
   };
   const orgAdminCtx: AuthContext = {
-    userId: 'admin-1',
+    userId: adminId,
     roles: [UserRole.Parishioner],
-    orgRoles: { 'org-1': OrgRole.Admin },
+    orgRoles: { [orgId]: OrgRole.Admin },
     accountStatus: AccountStatus.Approved,
   };
   const userCtx: AuthContext = {
-    userId: 'user-1',
+    userId: userId,
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
@@ -59,8 +79,8 @@ describe('AttendanceService', () => {
 
       const [_result, error] = await service.record(
         {
-          eventId: 'event-1',
-          parishionerId: 'p-1',
+          eventId: eventId,
+          parishionerId: parishionerId,
           method: AttendanceMethod.QrCode,
         } as unknown as Attendance,
         userCtx,
@@ -85,17 +105,17 @@ describe('AttendanceService', () => {
       eventRepo.findById.mockResolvedValue(mockEvent as unknown as Event);
 
       const [_result, error] = await service.reviewManual(
-        'att-1',
+        attId,
         AttendanceStatus.Present,
         orgAdminCtx,
       );
 
       expect(error).toBeNull();
       expect(repo.update).toHaveBeenCalledWith(
-        'att-1',
+        attId,
         expect.objectContaining({
           status: AttendanceStatus.Present,
-          verifiedBy: 'admin-1',
+          verifiedBy: adminId,
         }),
       );
     });
@@ -109,7 +129,7 @@ describe('AttendanceService', () => {
       eventRepo.findById.mockResolvedValue(mockEvent as unknown as Event);
 
       const [_result, error] = await service.reviewManual(
-        'att-1',
+        attId,
         AttendanceStatus.Present,
         userCtx,
       );
diff --git a/packages/core/src/service/attendance.ts b/packages/core/src/service/attendance.ts
index 3faa99d7..4f437131 100644
--- a/packages/core/src/service/attendance.ts
+++ b/packages/core/src/service/attendance.ts
@@ -1,5 +1,8 @@
 import type { IAttendanceRepository } from '../contract/attendance';
 import type { IEventRepository } from '../contract/event';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { Attendance, RecordAttendance } from '../entity/attendance';
 import type { AuthContext } from '../entity/auth-context';
 import {
@@ -8,7 +11,7 @@ import {
   OrgRole,
   UserRole,
 } from '../entity/enums';
-import { ForbiddenError, NotFoundError } from '../error';
+import { ForbiddenError, InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
@@ -18,23 +21,42 @@ export class AttendanceService {
   constructor(
     private readonly repo: IAttendanceRepository,
     private readonly eventRepo: IEventRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
   ) {}
 
   /**
    * Retrieves an attendance record by its ID.
    */
   async findById(id: string): Promise<Result<Attendance>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('Attendance'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('Attendance record not found', { id });
+        return fail(new NotFoundError('Attendance'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find attendance record', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Retrieves attendance records for a specific event.
    */
   async findByEventId(eventId: string): Promise<Result<Attendance[]>> {
-    const data = await this.repo.findByEventId(eventId);
-    return ok(data);
+    try {
+      const data = await this.repo.findByEventId(eventId);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find attendance records by event', {
+        eventId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -43,21 +65,40 @@ export class AttendanceService {
    */
   async record(
     data: RecordAttendance,
-    _ctx: AuthContext,
+    ctx: AuthContext,
   ): Promise<Result<Attendance>> {
-    const event = await this.eventRepo.findById(data.eventId);
-    if (!event) return fail(new NotFoundError('Event'));
-
-    // Basic check: user recording for themselves
-    // In a real app, we'd verify the parishionerId matches the user's linked parishioner.
-
-    const attendance = await this.repo.create({
-      ...data,
-      status: AttendanceStatus.Present,
-      verifiedBy: null,
-      verifiedAt: null,
-    });
-    return ok(attendance);
+    try {
+      const event = await this.eventRepo.findById(data.eventId);
+      if (!event) {
+        this.logger.info('Event not found for attendance record', {
+          eventId: data.eventId,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Event'));
+      }
+
+      const attendance = await this.repo.create({
+        ...data,
+        status: AttendanceStatus.Present,
+        verifiedBy: null,
+        verifiedAt: null,
+      });
+
+      this.logger.info('Attendance recorded', {
+        attendanceId: attendance.id,
+        eventId: data.eventId,
+        userId: ctx.userId,
+      });
+
+      return ok(attendance);
+    } catch (error) {
+      this.logger.error('Failed to record attendance', {
+        eventId: data.eventId,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -66,19 +107,41 @@ export class AttendanceService {
    */
   async submitManual(
     data: RecordAttendance,
-    _ctx: AuthContext,
+    ctx: AuthContext,
   ): Promise<Result<Attendance>> {
-    const event = await this.eventRepo.findById(data.eventId);
-    if (!event) return fail(new NotFoundError('Event'));
-
-    const attendance = await this.repo.create({
-      ...data,
-      method: AttendanceMethod.Manual,
-      status: AttendanceStatus.Pending,
-      verifiedBy: null,
-      verifiedAt: null,
-    });
-    return ok(attendance);
+    try {
+      const event = await this.eventRepo.findById(data.eventId);
+      if (!event) {
+        this.logger.info('Event not found for manual attendance submission', {
+          eventId: data.eventId,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Event'));
+      }
+
+      const attendance = await this.repo.create({
+        ...data,
+        method: AttendanceMethod.Manual,
+        status: AttendanceStatus.Pending,
+        verifiedBy: null,
+        verifiedAt: null,
+      });
+
+      this.logger.info('Manual attendance submitted', {
+        attendanceId: attendance.id,
+        eventId: data.eventId,
+        userId: ctx.userId,
+      });
+
+      return ok(attendance);
+    } catch (error) {
+      this.logger.error('Failed to submit manual attendance', {
+        eventId: data.eventId,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -93,56 +156,114 @@ export class AttendanceService {
     status: AttendanceStatus,
     ctx: AuthContext,
   ): Promise<Result<void>> {
-    const attendance = await this.repo.findById(id);
-    if (!attendance) return fail(new NotFoundError('Attendance'));
-
-    const event = await this.eventRepo.findById(attendance.eventId);
-    if (!event) return fail(new NotFoundError('Event'));
-
-    // Permission check: Event organizer (admin/owner) or paroki admin/superadmin
-    const isOrgAdmin =
-      event.organizationId &&
-      (ctx.orgRoles?.[event.organizationId] === OrgRole.Admin ||
-        ctx.orgRoles?.[event.organizationId] === OrgRole.Owner);
-    if (
-      !isOrgAdmin &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const attendance = await this.repo.findById(id);
+      if (!attendance) {
+        this.logger.info('Attendance record not found for review', {
+          id,
+          reviewerId: ctx.userId,
+        });
+        return fail(new NotFoundError('Attendance'));
+      }
+
+      const event = await this.eventRepo.findById(attendance.eventId);
+      if (!event) {
+        // This shouldn't happen if data integrity is maintained
+        this.logger.error('Event not found for attendance review', {
+          attendanceId: id,
+          eventId: attendance.eventId,
+          reviewerId: ctx.userId,
+        });
+        return fail(new NotFoundError('Event'));
+      }
 
-    await this.repo.update(id, {
-      status,
-      verifiedBy: ctx.userId,
-      verifiedAt: new Date(),
-    });
+      // Permission check: Event organizer (admin/owner) or paroki admin/superadmin
+      const isOrgAdmin =
+        event.organizationId &&
+        (ctx.orgRoles?.[event.organizationId] === OrgRole.Admin ||
+          ctx.orgRoles?.[event.organizationId] === OrgRole.Owner);
+      if (
+        !isOrgAdmin &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized attendance review attempt', {
+          attendanceId: id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    return ok(undefined);
+      await this.repo.update(id, {
+        status,
+        verifiedBy: ctx.userId,
+        verifiedAt: new Date(),
+      });
+
+      this.logger.info('Attendance reviewed', {
+        attendanceId: id,
+        status,
+        reviewerId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to review attendance', {
+        id,
+        reviewerId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Soft deletes an attendance record.
    */
   async delete(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const attendance = await this.repo.findById(id);
-    if (!attendance) return fail(new NotFoundError('Attendance'));
-
-    // Permission check (same as reviewManual)
-    const event = await this.eventRepo.findById(attendance.eventId);
-    const isOrgAdmin =
-      event?.organizationId &&
-      (ctx.orgRoles?.[event.organizationId] === OrgRole.Admin ||
-        ctx.orgRoles?.[event.organizationId] === OrgRole.Owner);
-    if (
-      !isOrgAdmin &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const attendance = await this.repo.findById(id);
+      if (!attendance) {
+        this.logger.info('Attendance record not found for deletion', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Attendance'));
+      }
+
+      // Permission check (same as reviewManual)
+      const event = await this.eventRepo.findById(attendance.eventId);
+      const isOrgAdmin =
+        event?.organizationId &&
+        (ctx.orgRoles?.[event.organizationId] === OrgRole.Admin ||
+          ctx.orgRoles?.[event.organizationId] === OrgRole.Owner);
+      if (
+        !isOrgAdmin &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized attendance deletion attempt', {
+          attendanceId: id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.delete(id);
 
-    await this.repo.delete(id);
-    return ok(undefined);
+      this.logger.info('Attendance deleted', {
+        attendanceId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete attendance', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/enrollment.spec.ts b/packages/core/src/service/enrollment.spec.ts
index 680d67ad..97366d7a 100644
--- a/packages/core/src/service/enrollment.spec.ts
+++ b/packages/core/src/service/enrollment.spec.ts
@@ -1,8 +1,12 @@
+import { v7 } from 'uuid';
 import { beforeEach, describe, expect, it } from 'vitest';
 import { type MockProxy, mock } from 'vitest-mock-extended';
 import type { IEnrollmentRepository } from '../contract/enrollment';
+import type { ILogger } from '../contract/logger';
 import type { IOrganizationRepository } from '../contract/organization';
 import type { IParishionerRepository } from '../contract/parishioner';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { IUserRepository } from '../contract/user';
 import type { Enrollment } from '../entity/enrollment';
 import {
@@ -23,6 +27,9 @@ describe('EnrollmentService', () => {
   let parishionerRepo: MockProxy<IParishionerRepository>;
   let userRepo: MockProxy<IUserRepository>;
   let orgRepo: MockProxy<IOrganizationRepository>;
+  let publicStorage: MockProxy<IPublicStorage>;
+  let privateStorage: MockProxy<IPrivateStorage>;
+  let logger: MockProxy<ILogger>;
   let service: EnrollmentService;
 
   beforeEach(() => {
@@ -30,22 +37,31 @@ describe('EnrollmentService', () => {
     parishionerRepo = mock<IParishionerRepository>();
     userRepo = mock<IUserRepository>();
     orgRepo = mock<IOrganizationRepository>();
-    // We'll need to inject orgRepo into EnrollmentService or pass it to the method
-    // Based on the plan, let's update EnrollmentService to accept orgRepo in constructor or method
-    service = new EnrollmentService(repo, parishionerRepo, userRepo, orgRepo);
+    publicStorage = mock<IPublicStorage>();
+    privateStorage = mock<IPrivateStorage>();
+    logger = mock<ILogger>();
+    service = new EnrollmentService(
+      repo,
+      parishionerRepo,
+      userRepo,
+      orgRepo,
+      publicStorage,
+      privateStorage,
+      logger,
+    );
   });
 
   describe('joinByLink', () => {
     const joinId = 'valid-link';
-    const userId = 'user-1';
+    const userId = v7();
     const joinData = {
       fullName: 'Toni Tester',
       gender: Gender.Male,
       birthPlace: 'Barong Tongkok',
       birthDate: new Date('1990-01-01'),
-      educationLevel: EducationLevel.S1,
+      educationLevel: EducationLevel.Bachelor,
       idCardPhoto: 'mock://photo',
-      unitId: 'unit-1',
+      unitId: v7(),
       position: 'anggota',
     };
 
@@ -65,7 +81,7 @@ describe('EnrollmentService', () => {
 
     it('should fail if user is not found by id', async () => {
       orgRepo.findByJoinId.mockResolvedValue({
-        id: 'org-1',
+        id: v7(),
       } as unknown as Organization);
       userRepo.findById.mockResolvedValue(null);
 
@@ -82,7 +98,7 @@ describe('EnrollmentService', () => {
 
     it('should create enrollment and update parishioner/user status', async () => {
       const org = OrganizationEntity.parse({
-        id: 'org-1',
+        id: v7(),
         name: 'Test Org',
         slug: 'test-org',
         type: OrgType.BEC,
@@ -95,7 +111,7 @@ describe('EnrollmentService', () => {
       parishionerRepo.findByUserId.mockResolvedValue(null); // New parishioner record
       parishionerRepo.create.mockResolvedValue(
         ParishionerEntity.parse({
-          id: 'p-1',
+          id: v7(),
           ...joinData,
           userId,
           email: 'toni@tester.org',
@@ -116,9 +132,9 @@ describe('EnrollmentService', () => {
       } as unknown as User);
 
       repo.create.mockResolvedValue({
-        id: 'e-1',
+        id: v7(),
         organizationId: org.id,
-        parishionerId: 'p-1',
+        parishionerId: v7(),
         status: EnrollmentStatus.Pending,
       } as unknown as Enrollment);
 
@@ -140,7 +156,7 @@ describe('EnrollmentService', () => {
 
     it('should return existing enrollment with isNew: false if user already registered', async () => {
       const org = OrganizationEntity.parse({
-        id: 'org-1',
+        id: v7(),
         name: 'Test Org',
         slug: 'test-org',
         type: OrgType.BEC,
@@ -151,13 +167,13 @@ describe('EnrollmentService', () => {
       orgRepo.findByJoinId.mockResolvedValue(org);
 
       const parishioner = ParishionerEntity.parse({
-        id: 'p-1',
+        id: v7(),
         ...joinData,
         userId,
         email: 'toni@tester.org',
         avatarUrl: null,
-        honorific: null,
         suffix: null,
+        honorific: null,
         createdAt: new Date(),
         updatedAt: new Date(),
         deletedAt: null,
@@ -165,9 +181,9 @@ describe('EnrollmentService', () => {
       parishionerRepo.findByUserId.mockResolvedValue(parishioner);
 
       const existingEnrollment = {
-        id: 'e-1',
+        id: v7(),
         organizationId: org.id,
-        parishionerId: 'p-1',
+        parishionerId: v7(),
         status: EnrollmentStatus.Pending,
       } as unknown as Enrollment;
       repo.findByParishionerAndOrg.mockResolvedValue(existingEnrollment);
@@ -184,7 +200,7 @@ describe('EnrollmentService', () => {
       );
 
       expect(error).toBeNull();
-      expect(result?.enrollment.id).toBe('e-1');
+      expect(result?.enrollment.id).toBe(existingEnrollment.id);
       expect(result?.isNew).toBe(false);
       expect(repo.create).not.toHaveBeenCalled();
     });
@@ -199,8 +215,8 @@ describe('EnrollmentService', () => {
       );
 
       expect(result).toBeNull();
-      expect(error).toBeInstanceOf(Error);
-      expect(error?.message).toBe('Database explosion');
+      expect(error?.code).toBe('INTERNAL');
+      expect(error?.message).toBe('Internal Server Error');
     });
   });
 });
diff --git a/packages/core/src/service/enrollment.ts b/packages/core/src/service/enrollment.ts
index 8b59a2f3..1601fcd2 100644
--- a/packages/core/src/service/enrollment.ts
+++ b/packages/core/src/service/enrollment.ts
@@ -1,6 +1,9 @@
 import type { IEnrollmentRepository } from '../contract/enrollment';
+import type { ILogger } from '../contract/logger';
 import type { IOrganizationRepository } from '../contract/organization';
 import type { IParishionerRepository } from '../contract/parishioner';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { IUserRepository } from '../contract/user';
 import type { AuthContext } from '../entity/auth-context';
 import type { Enrollment, RegisterEnrollment } from '../entity/enrollment';
@@ -12,7 +15,12 @@ import {
 } from '../entity/enums';
 import type { JoinForm } from '../entity/join';
 import { CreateParishionerSchema } from '../entity/parishioner';
-import { CoreError, ForbiddenError, NotFoundError } from '../error';
+import {
+  CoreError,
+  ForbiddenError,
+  InternalError,
+  NotFoundError,
+} from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
@@ -24,6 +32,9 @@ export class EnrollmentService {
     private readonly parishionerRepo: IParishionerRepository,
     private readonly userRepo: IUserRepository,
     private readonly orgRepo: IOrganizationRepository,
+    readonly _publicStorage: IPublicStorage,
+    private readonly privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
   ) {}
 
   /**
@@ -41,11 +52,20 @@ export class EnrollmentService {
   ): Promise<Result<{ enrollment: Enrollment; isNew: boolean }>> {
     try {
       const org = await this.orgRepo.findByJoinId(joinId);
-      if (!org) return fail(new NotFoundError('Organization'));
+      if (!org) {
+        this.logger.info('Organization not found for join link', {
+          joinId,
+          userId,
+        });
+        return fail(new NotFoundError('Organization'));
+      }
 
       // 1. Fetch User and Sync Parishioner record
       const user = await this.userRepo.findById(userId);
-      if (!user) return fail(new NotFoundError('User'));
+      if (!user) {
+        this.logger.info('User not found for registration', { userId });
+        return fail(new NotFoundError('User'));
+      }
 
       let parishioner = await this.parishionerRepo.findByUserId(userId);
 
@@ -56,6 +76,11 @@ export class EnrollmentService {
           org.id,
         );
         if (existing) {
+          this.logger.info('Duplicate join request handled', {
+            enrollmentId: existing.id,
+            userId,
+            orgId: org.id,
+          });
           return ok({ enrollment: existing, isNew: false });
         }
       }
@@ -97,16 +122,21 @@ export class EnrollmentService {
         await this.userRepo.updateStatus(userId, AccountStatus.Pending);
       }
 
+      this.logger.info('User joined organization via link', {
+        enrollmentId: enrollment.id,
+        userId,
+        orgId: org.id,
+      });
+
       return ok({ enrollment, isNew: true });
     } catch (error) {
+      this.logger.error('Registration failed during join-by-link', {
+        userId,
+        joinId,
+        error,
+      });
       if (error instanceof CoreError) return fail(error);
-      return fail(
-        new CoreError(
-          'REGISTRATION_FAILED',
-          500,
-          error instanceof Error ? error.message : 'Registration failed',
-        ),
-      );
+      return fail(new InternalError(error));
     }
   }
 
@@ -117,9 +147,17 @@ export class EnrollmentService {
    * @returns `ok(enrollment)` if found, `fail(NotFoundError)` if not.
    */
   async findById(id: string): Promise<Result<Enrollment>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('Enrollment'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('Enrollment not found', { id });
+        return fail(new NotFoundError('Enrollment'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find enrollment', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -133,11 +171,20 @@ export class EnrollmentService {
     parishionerId: string,
     organizationId: string,
   ): Promise<Result<Enrollment | null>> {
-    const data = await this.repo.findByParishionerAndOrg(
-      parishionerId,
-      organizationId,
-    );
-    return ok(data);
+    try {
+      const data = await this.repo.findByParishionerAndOrg(
+        parishionerId,
+        organizationId,
+      );
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find enrollment by parishioner and org', {
+        parishionerId,
+        organizationId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -147,8 +194,16 @@ export class EnrollmentService {
    * @returns `ok(enrollments)`.
    */
   async findByOrg(organizationId: string): Promise<Result<Enrollment[]>> {
-    const data = await this.repo.findByOrg(organizationId);
-    return ok(data);
+    try {
+      const data = await this.repo.findByOrg(organizationId);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find enrollments by org', {
+        organizationId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -161,13 +216,31 @@ export class EnrollmentService {
    */
   async register(
     data: RegisterEnrollment,
-    _ctx: AuthContext,
+    ctx: AuthContext,
   ): Promise<Result<Enrollment>> {
-    const enrollment = await this.repo.create({
-      ...data,
-      status: EnrollmentStatus.Pending,
-    });
-    return ok(enrollment);
+    try {
+      const enrollment = await this.repo.create({
+        ...data,
+        status: EnrollmentStatus.Pending,
+      });
+
+      this.logger.info('Enrollment registered', {
+        enrollmentId: enrollment.id,
+        parishionerId: data.parishionerId,
+        orgId: data.organizationId,
+        userId: ctx.userId,
+      });
+
+      return ok(enrollment);
+    } catch (error) {
+      this.logger.error('Failed to register enrollment', {
+        parishionerId: data.parishionerId,
+        orgId: data.organizationId,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -179,35 +252,87 @@ export class EnrollmentService {
    * @returns `ok(undefined)` on success, `fail` on error.
    */
   async approve(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const enrollment = await this.repo.findById(id);
-    if (!enrollment) return fail(new NotFoundError('Enrollment'));
-
-    const isOrgAdmin =
-      ctx.orgRoles?.[enrollment.organizationId] === OrgRole.Admin ||
-      ctx.orgRoles?.[enrollment.organizationId] === OrgRole.Owner;
-    if (
-      !isOrgAdmin &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const enrollment = await this.repo.findById(id);
+      if (!enrollment) {
+        this.logger.info('Enrollment not found for approval', {
+          id,
+          adminId: ctx.userId,
+        });
+        return fail(new NotFoundError('Enrollment'));
+      }
 
-    // Update enrollment status
-    await this.repo.update(id, { status: EnrollmentStatus.Active });
-
-    // Update user status if it's pending
-    const parishioner = await this.parishionerRepo.findById(
-      enrollment.parishionerId,
-    );
-    if (parishioner?.userId) {
-      const user = await this.userRepo.findById(parishioner.userId);
-      if (user && user.accountStatus === AccountStatus.Pending) {
-        await this.userRepo.updateStatus(user.id, AccountStatus.Approved);
+      const isOrgAdmin =
+        ctx.orgRoles?.[enrollment.organizationId] === OrgRole.Admin ||
+        ctx.orgRoles?.[enrollment.organizationId] === OrgRole.Owner;
+      if (
+        !isOrgAdmin &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized enrollment approval attempt', {
+          enrollmentId: id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
       }
-    }
 
-    return ok(undefined);
+      // Update enrollment status
+      await this.repo.update(id, { status: EnrollmentStatus.Active });
+
+      // PII Purge: Delete ID card photo from Google Drive after approval
+      const parishioner = await this.parishionerRepo.findById(
+        enrollment.parishionerId,
+      );
+      if (parishioner?.idCardPhoto) {
+        try {
+          await this.privateStorage.delete(parishioner.idCardPhoto);
+          await this.parishionerRepo.update(parishioner.id, {
+            idCardPhoto: null,
+          });
+          this.logger.info('PII purge successful after enrollment approval', {
+            parishionerId: parishioner.id,
+            enrollmentId: id,
+          });
+        } catch (error) {
+          this.logger.warn('PII purge failed after enrollment approval', {
+            parishionerId: parishioner.id,
+            error,
+          });
+        }
+      }
+
+      // Update user status if it's pending
+      if (parishioner?.userId) {
+        const user = await this.userRepo.findById(parishioner.userId);
+        if (user && user.accountStatus === AccountStatus.Pending) {
+          await this.userRepo.updateStatus(user.id, AccountStatus.Approved);
+          this.logger.info(
+            'User account approved as part of enrollment approval',
+            {
+              userId: user.id,
+              enrollmentId: id,
+              adminId: ctx.userId,
+            },
+          );
+        }
+      }
+
+      this.logger.info('Enrollment approved', {
+        enrollmentId: id,
+        orgId: enrollment.organizationId,
+        adminId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to approve enrollment', {
+        enrollmentId: id,
+        adminId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -219,38 +344,90 @@ export class EnrollmentService {
    * @returns `ok(undefined)` on success, `fail` on error.
    */
   async reject(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const enrollment = await this.repo.findById(id);
-    if (!enrollment) return fail(new NotFoundError('Enrollment'));
-
-    const isOrgAdmin =
-      ctx.orgRoles?.[enrollment.organizationId] === OrgRole.Admin ||
-      ctx.orgRoles?.[enrollment.organizationId] === OrgRole.Owner;
-    if (
-      !isOrgAdmin &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const enrollment = await this.repo.findById(id);
+      if (!enrollment) {
+        this.logger.info('Enrollment not found for rejection', {
+          id,
+          adminId: ctx.userId,
+        });
+        return fail(new NotFoundError('Enrollment'));
+      }
+
+      const isOrgAdmin =
+        ctx.orgRoles?.[enrollment.organizationId] === OrgRole.Admin ||
+        ctx.orgRoles?.[enrollment.organizationId] === OrgRole.Owner;
+      if (
+        !isOrgAdmin &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized enrollment rejection attempt', {
+          enrollmentId: id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    const parishioner = await this.parishionerRepo.findById(
-      enrollment.parishionerId,
-    );
+      const parishioner = await this.parishionerRepo.findById(
+        enrollment.parishionerId,
+      );
 
-    // Delete enrollment
-    await this.repo.delete(id);
+      // Delete enrollment
+      await this.repo.delete(id);
 
-    // Delete parishioner and update user status
-    if (parishioner) {
-      if (parishioner.userId) {
-        await this.userRepo.updateStatus(
-          parishioner.userId,
-          AccountStatus.Rejected,
-        );
+      // Delete parishioner and update user status
+      if (parishioner) {
+        // PII Purge: Delete ID card photo from Google Drive before deleting record
+        if (parishioner.idCardPhoto) {
+          try {
+            await this.privateStorage.delete(parishioner.idCardPhoto);
+            this.logger.info(
+              'PII purge successful during enrollment rejection',
+              {
+                parishionerId: parishioner.id,
+                enrollmentId: id,
+              },
+            );
+          } catch (error) {
+            this.logger.warn('PII purge failed during enrollment rejection', {
+              parishionerId: parishioner.id,
+              error,
+            });
+          }
+        }
+
+        if (parishioner.userId) {
+          await this.userRepo.updateStatus(
+            parishioner.userId,
+            AccountStatus.Rejected,
+          );
+          this.logger.info(
+            'User account rejected as part of enrollment rejection',
+            {
+              userId: parishioner.userId,
+              enrollmentId: id,
+              adminId: ctx.userId,
+            },
+          );
+        }
+        await this.parishionerRepo.delete(parishioner.id);
       }
-      await this.parishionerRepo.delete(parishioner.id);
-    }
 
-    return ok(undefined);
+      this.logger.info('Enrollment rejected', {
+        enrollmentId: id,
+        orgId: enrollment.organizationId,
+        adminId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to reject enrollment', {
+        enrollmentId: id,
+        adminId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/event.spec.ts b/packages/core/src/service/event.spec.ts
index 53cc1a08..7304a785 100644
--- a/packages/core/src/service/event.spec.ts
+++ b/packages/core/src/service/event.spec.ts
@@ -1,6 +1,10 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
 import type { IEventRepository } from '../contract/event';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import {
   AccountStatus,
@@ -15,11 +19,19 @@ import { EventService } from './event';
 
 describe('EventService', () => {
   const repo = mock<IEventRepository>();
-  const service = new EventService(repo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new EventService(repo, publicStorage, privateStorage, logger);
+
+  const eventId = v7();
+  const orgId = v7();
+  const adminId = v7();
+  const userId = v7();
 
   const mockEvent: Event = {
-    id: 'event-1',
-    organizationId: 'org-1',
+    id: eventId,
+    organizationId: orgId,
     name: 'Region Meeting',
     description: null,
     location: 'Gereja',
@@ -33,25 +45,25 @@ describe('EventService', () => {
     visibility: EventVisibility.Private,
     isRsvpEnabled: false,
     status: EventStatus.Published,
-    createdBy: 'admin-1',
+    createdBy: adminId,
     createdAt: new Date(),
     updatedAt: new Date(),
     deletedAt: null,
   };
 
   const adminCtx: AuthContext = {
-    userId: 'admin-1',
+    userId: adminId,
     roles: [UserRole.ParishAdmin],
     accountStatus: AccountStatus.Approved,
   };
   const orgAdminCtx: AuthContext = {
-    userId: 'admin-1',
+    userId: adminId,
     roles: [UserRole.Parishioner],
-    orgRoles: { 'org-1': OrgRole.Admin },
+    orgRoles: { [orgId]: OrgRole.Admin },
     accountStatus: AccountStatus.Approved,
   };
   const userCtx: AuthContext = {
-    userId: 'user-1',
+    userId: userId,
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
@@ -63,7 +75,7 @@ describe('EventService', () => {
         {
           name: 'Rapat',
           visibility: EventVisibility.Private,
-          organizationId: 'org-1',
+          organizationId: orgId,
           location: 'Aula',
           startDateTime: new Date(),
         } as unknown as CreateEvent,
@@ -79,7 +91,7 @@ describe('EventService', () => {
         {
           name: 'Rapat',
           visibility: EventVisibility.Private,
-          organizationId: 'org-1',
+          organizationId: orgId,
           location: 'Aula',
           startDateTime: new Date(),
         } as unknown as CreateEvent,
@@ -94,7 +106,7 @@ describe('EventService', () => {
       repo.findById.mockResolvedValue(mockEvent as unknown as Event);
       repo.update.mockResolvedValue({ ...mockEvent, name: 'Sensus' });
       const [result, error] = await service.update(
-        'event-1',
+        eventId,
         { name: 'Sensus' },
         adminCtx,
       );
@@ -116,7 +128,7 @@ describe('EventService', () => {
       repo.findUpcomingForParishioner.mockResolvedValue(mockDetails);
 
       const [result, error] = await service.findUpcomingForParishioner(
-        'user-1',
+        userId,
         10,
       );
 
diff --git a/packages/core/src/service/event.ts b/packages/core/src/service/event.ts
index f2b01647..9de20f35 100644
--- a/packages/core/src/service/event.ts
+++ b/packages/core/src/service/event.ts
@@ -1,4 +1,7 @@
 import type { IEventRepository } from '../contract/event';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import {
   EventStatus,
@@ -12,30 +15,51 @@ import type {
   EventWithDetails,
   UpdateEvent,
 } from '../entity/event';
-import { ForbiddenError, NotFoundError } from '../error';
+import { ForbiddenError, InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing event data.
  */
 export class EventService {
-  constructor(private readonly repo: IEventRepository) {}
+  constructor(
+    private readonly repo: IEventRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   /**
    * Retrieves an event by its ID.
    */
   async findById(id: string): Promise<Result<Event>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('Event'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('Event not found', { id });
+        return fail(new NotFoundError('Event'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find event', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Retrieves all events for an organization.
    */
   async findByOrganizationId(organizationId: string): Promise<Result<Event[]>> {
-    const data = await this.repo.findByOrganizationId(organizationId);
-    return ok(data);
+    try {
+      const data = await this.repo.findByOrganizationId(organizationId);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find events by organization', {
+        organizationId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -45,53 +69,90 @@ export class EventService {
     name: string,
     organizationId: string | null,
   ): Promise<Result<Event | null>> {
-    const data = await this.repo.findByName(name, organizationId);
-    return ok(data);
+    try {
+      const data = await this.repo.findByName(name, organizationId);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find event by name', {
+        name,
+        organizationId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Retrieves all public events.
    */
   async findPublicEvents(): Promise<Result<Event[]>> {
-    const data = await this.repo.findPublicEvents();
-    return ok(data);
+    try {
+      const data = await this.repo.findPublicEvents();
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find public events', { error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Creates a new event.
    */
   async create(data: CreateEvent, ctx: AuthContext): Promise<Result<Event>> {
-    // Permission check: adminParoki or superAdmin for public events.
-    // Org admin for private events.
-    if (
-      data.visibility === EventVisibility.Public &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
-
-    if (data.visibility === EventVisibility.Private && data.organizationId) {
-      const isOrgAdmin =
-        ctx.orgRoles?.[data.organizationId] === OrgRole.Admin ||
-        ctx.orgRoles?.[data.organizationId] === OrgRole.Owner;
+    try {
+      // Permission check: adminParoki or superAdmin for public events.
+      // Org admin for private events.
       if (
-        !isOrgAdmin &&
+        data.visibility === EventVisibility.Public &&
         !ctx.roles.includes(UserRole.ParishAdmin) &&
         !ctx.roles.includes(UserRole.SuperAdmin)
       ) {
+        this.logger.info('Unauthorized public event creation attempt', {
+          userId: ctx.userId,
+        });
         return fail(new ForbiddenError());
       }
-    }
 
-    // Auto-generate QR code would happen here or in repository
-    const event = await this.repo.create({
-      ...data,
-      qrCode: `event-${Date.now()}`, // Placeholder for real QR generation
-      status: EventStatus.Published,
-      createdBy: ctx.userId,
-    });
-    return ok(event);
+      if (data.visibility === EventVisibility.Private && data.organizationId) {
+        const isOrgAdmin =
+          ctx.orgRoles?.[data.organizationId] === OrgRole.Admin ||
+          ctx.orgRoles?.[data.organizationId] === OrgRole.Owner;
+        if (
+          !isOrgAdmin &&
+          !ctx.roles.includes(UserRole.ParishAdmin) &&
+          !ctx.roles.includes(UserRole.SuperAdmin)
+        ) {
+          this.logger.info('Unauthorized private event creation attempt', {
+            userId: ctx.userId,
+            orgId: data.organizationId,
+          });
+          return fail(new ForbiddenError());
+        }
+      }
+
+      // Auto-generate QR code would happen here or in repository
+      const event = await this.repo.create({
+        ...data,
+        qrCode: `event-${Date.now()}`, // Placeholder for real QR generation
+        status: EventStatus.Published,
+        createdBy: ctx.userId,
+      });
+
+      this.logger.info('Event created', {
+        eventId: event.id,
+        orgId: event.organizationId,
+        visibility: event.visibility,
+        userId: ctx.userId,
+      });
+
+      return ok(event);
+    } catch (error) {
+      this.logger.error('Failed to create event', {
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -102,72 +163,132 @@ export class EventService {
     data: UpdateEvent,
     ctx: AuthContext,
   ): Promise<Result<Event>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Event'));
-
-    // Permission check
-    if (
-      existing.visibility === EventVisibility.Public &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Event not found for update', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Event'));
+      }
 
-    if (
-      existing.visibility === EventVisibility.Private &&
-      existing.organizationId
-    ) {
-      const isOrgAdmin =
-        ctx.orgRoles?.[existing.organizationId] === OrgRole.Admin ||
-        ctx.orgRoles?.[existing.organizationId] === OrgRole.Owner;
+      // Permission check
       if (
-        !isOrgAdmin &&
+        existing.visibility === EventVisibility.Public &&
         !ctx.roles.includes(UserRole.ParishAdmin) &&
         !ctx.roles.includes(UserRole.SuperAdmin)
       ) {
+        this.logger.info('Unauthorized public event update attempt', {
+          id,
+          userId: ctx.userId,
+        });
         return fail(new ForbiddenError());
       }
-    }
 
-    const updated = await this.repo.update(id, data);
-    return ok(updated);
+      if (
+        existing.visibility === EventVisibility.Private &&
+        existing.organizationId
+      ) {
+        const isOrgAdmin =
+          ctx.orgRoles?.[existing.organizationId] === OrgRole.Admin ||
+          ctx.orgRoles?.[existing.organizationId] === OrgRole.Owner;
+        if (
+          !isOrgAdmin &&
+          !ctx.roles.includes(UserRole.ParishAdmin) &&
+          !ctx.roles.includes(UserRole.SuperAdmin)
+        ) {
+          this.logger.info('Unauthorized private event update attempt', {
+            id,
+            userId: ctx.userId,
+            orgId: existing.organizationId,
+          });
+          return fail(new ForbiddenError());
+        }
+      }
+
+      const updated = await this.repo.update(id, data);
+
+      this.logger.info('Event updated', {
+        eventId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(updated);
+    } catch (error) {
+      this.logger.error('Failed to update event', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Soft deletes an event.
    */
   async delete(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Event'));
-
-    // Permission check (same as update)
-    if (
-      existing.visibility === EventVisibility.Public &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Event not found for deletion', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Event'));
+      }
 
-    if (
-      existing.visibility === EventVisibility.Private &&
-      existing.organizationId
-    ) {
-      const isOrgAdmin =
-        ctx.orgRoles?.[existing.organizationId] === OrgRole.Admin ||
-        ctx.orgRoles?.[existing.organizationId] === OrgRole.Owner;
+      // Permission check (same as update)
       if (
-        !isOrgAdmin &&
+        existing.visibility === EventVisibility.Public &&
         !ctx.roles.includes(UserRole.ParishAdmin) &&
         !ctx.roles.includes(UserRole.SuperAdmin)
       ) {
+        this.logger.info('Unauthorized public event deletion attempt', {
+          id,
+          userId: ctx.userId,
+        });
         return fail(new ForbiddenError());
       }
-    }
 
-    await this.repo.delete(id);
-    return ok(undefined);
+      if (
+        existing.visibility === EventVisibility.Private &&
+        existing.organizationId
+      ) {
+        const isOrgAdmin =
+          ctx.orgRoles?.[existing.organizationId] === OrgRole.Admin ||
+          ctx.orgRoles?.[existing.organizationId] === OrgRole.Owner;
+        if (
+          !isOrgAdmin &&
+          !ctx.roles.includes(UserRole.ParishAdmin) &&
+          !ctx.roles.includes(UserRole.SuperAdmin)
+        ) {
+          this.logger.info('Unauthorized private event deletion attempt', {
+            id,
+            userId: ctx.userId,
+            orgId: existing.organizationId,
+          });
+          return fail(new ForbiddenError());
+        }
+      }
+
+      await this.repo.delete(id);
+
+      this.logger.info('Event deleted', {
+        eventId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete event', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -177,10 +298,19 @@ export class EventService {
     parishionerId: string | null,
     limit: number,
   ): Promise<Result<EventWithDetails[]>> {
-    const data = await this.repo.findUpcomingForParishioner(
-      parishionerId,
-      limit,
-    );
-    return ok(data);
+    try {
+      const data = await this.repo.findUpcomingForParishioner(
+        parishionerId,
+        limit,
+      );
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find upcoming events for parishioner', {
+        parishionerId,
+        limit,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/financial-period.spec.ts b/packages/core/src/service/financial-period.spec.ts
index cd8e09e1..0e95a2d6 100644
--- a/packages/core/src/service/financial-period.spec.ts
+++ b/packages/core/src/service/financial-period.spec.ts
@@ -1,6 +1,10 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
 import type { IFinancialPeriodRepository } from '../contract/financial-period';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { AccountStatus, PeriodStatus, UserRole } from '../entity/enums';
 import type { FinancialPeriod } from '../entity/financial-period';
@@ -9,10 +13,22 @@ import { FinancialPeriodService } from './financial-period';
 
 describe('FinancialPeriodService', () => {
   const repo = mock<IFinancialPeriodRepository>();
-  const service = new FinancialPeriodService(repo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new FinancialPeriodService(
+    repo,
+    publicStorage,
+    privateStorage,
+    logger,
+  );
+
+  const periodId = v7();
+  const bendaharaId = v7();
+  const userId = v7();
 
   const mockPeriod = {
-    id: 'p-1',
+    id: periodId,
     month: 1,
     year: 2026,
     status: PeriodStatus.Open,
@@ -21,12 +37,12 @@ describe('FinancialPeriodService', () => {
   };
 
   const bendaharaCtx: AuthContext = {
-    userId: 'ben-1',
+    userId: bendaharaId,
     roles: [UserRole.Treasurer],
     accountStatus: AccountStatus.Approved,
   };
   const userCtx: AuthContext = {
-    userId: 'user-1',
+    userId: userId,
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
@@ -39,21 +55,21 @@ describe('FinancialPeriodService', () => {
         status: PeriodStatus.Locked,
       } as unknown as FinancialPeriod);
 
-      const [_result, error] = await service.lock('p-1', bendaharaCtx);
+      const [_result, error] = await service.lock(periodId, bendaharaCtx);
 
       expect(error).toBeNull();
       expect(repo.update).toHaveBeenCalledWith(
-        'p-1',
+        periodId,
         expect.objectContaining({
           status: PeriodStatus.Locked,
-          lockedBy: 'ben-1',
+          lockedBy: bendaharaId,
         }),
       );
     });
 
     it('should forbid regular user to lock', async () => {
       repo.findById.mockResolvedValue(mockPeriod as unknown as FinancialPeriod);
-      const [_result, error] = await service.lock('p-1', userCtx);
+      const [_result, error] = await service.lock(periodId, userCtx);
       expect(error).toBeInstanceOf(ForbiddenError);
     });
   });
diff --git a/packages/core/src/service/financial-period.ts b/packages/core/src/service/financial-period.ts
index 907841f0..fd6a8ed8 100644
--- a/packages/core/src/service/financial-period.ts
+++ b/packages/core/src/service/financial-period.ts
@@ -1,26 +1,42 @@
 import type { IFinancialPeriodRepository } from '../contract/financial-period';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { PeriodStatus, UserRole } from '../entity/enums';
 import type {
   CreateFinancialPeriod,
   FinancialPeriod,
 } from '../entity/financial-period';
-import { ForbiddenError, NotFoundError } from '../error';
+import { ForbiddenError, InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing financial periods.
  */
 export class FinancialPeriodService {
-  constructor(private readonly repo: IFinancialPeriodRepository) {}
+  constructor(
+    private readonly repo: IFinancialPeriodRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   /**
    * Retrieves a financial period by its ID.
    */
   async findById(id: string): Promise<Result<FinancialPeriod>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('Financial Period'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('Financial period not found', { id });
+        return fail(new NotFoundError('Financial Period'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find financial period', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -30,17 +46,37 @@ export class FinancialPeriodService {
     month: number,
     year: number,
   ): Promise<Result<FinancialPeriod>> {
-    const data = await this.repo.findByMonthAndYear(month, year);
-    if (!data) return fail(new NotFoundError('Financial Period'));
-    return ok(data);
+    try {
+      const data = await this.repo.findByMonthAndYear(month, year);
+      if (!data) {
+        this.logger.info('Financial period not found for month/year', {
+          month,
+          year,
+        });
+        return fail(new NotFoundError('Financial Period'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find financial period by date', {
+        month,
+        year,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Retrieves all financial periods.
    */
   async findAll(): Promise<Result<FinancialPeriod[]>> {
-    const data = await this.repo.findAll();
-    return ok(data);
+    try {
+      const data = await this.repo.findAll();
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find all financial periods', { error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -51,22 +87,41 @@ export class FinancialPeriodService {
     data: CreateFinancialPeriod,
     ctx: AuthContext,
   ): Promise<Result<FinancialPeriod>> {
-    // Permission check: Bendahara, superAdmin, or adminParoki
-    if (
-      !ctx.roles.includes(UserRole.Treasurer) &&
-      !ctx.roles.includes(UserRole.SuperAdmin) &&
-      !ctx.roles.includes(UserRole.ParishAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      // Permission check: Bendahara, superAdmin, or adminParoki
+      if (
+        !ctx.roles.includes(UserRole.Treasurer) &&
+        !ctx.roles.includes(UserRole.SuperAdmin) &&
+        !ctx.roles.includes(UserRole.ParishAdmin)
+      ) {
+        this.logger.info('Unauthorized financial period creation attempt', {
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      const period = await this.repo.create({
+        ...data,
+        status: PeriodStatus.Open,
+        lockedBy: null,
+        lockedAt: null,
+      });
 
-    const period = await this.repo.create({
-      ...data,
-      status: PeriodStatus.Open,
-      lockedBy: null,
-      lockedAt: null,
-    });
-    return ok(period);
+      this.logger.info('Financial period created', {
+        periodId: period.id,
+        month: period.month,
+        year: period.year,
+        userId: ctx.userId,
+      });
+
+      return ok(period);
+    } catch (error) {
+      this.logger.error('Failed to create financial period', {
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -74,23 +129,47 @@ export class FinancialPeriodService {
    * Only Bendahara can lock.
    */
   async lock(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Financial Period'));
-
-    if (
-      !ctx.roles.includes(UserRole.Treasurer) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Financial period not found for lock', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Financial Period'));
+      }
+
+      if (
+        !ctx.roles.includes(UserRole.Treasurer) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized financial period lock attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.update(id, {
+        status: PeriodStatus.Locked,
+        lockedBy: ctx.userId,
+        lockedAt: new Date(),
+      });
 
-    await this.repo.update(id, {
-      status: PeriodStatus.Locked,
-      lockedBy: ctx.userId,
-      lockedAt: new Date(),
-    });
+      this.logger.info('Financial period locked', {
+        periodId: id,
+        userId: ctx.userId,
+      });
 
-    return ok(undefined);
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to lock financial period', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -98,40 +177,89 @@ export class FinancialPeriodService {
    * Only Bendahara can unlock.
    */
   async unlock(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Financial Period'));
-
-    if (
-      !ctx.roles.includes(UserRole.Treasurer) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Financial period not found for unlock', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Financial Period'));
+      }
+
+      if (
+        !ctx.roles.includes(UserRole.Treasurer) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized financial period unlock attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    await this.repo.update(id, {
-      status: PeriodStatus.Open,
-      lockedBy: null,
-      lockedAt: null,
-    });
+      await this.repo.update(id, {
+        status: PeriodStatus.Open,
+        lockedBy: null,
+        lockedAt: null,
+      });
 
-    return ok(undefined);
+      this.logger.info('Financial period unlocked', {
+        periodId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to unlock financial period', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Soft deletes a financial period.
    */
   async delete(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Financial Period'));
-
-    if (
-      !ctx.roles.includes(UserRole.Treasurer) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Financial period not found for deletion', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Financial Period'));
+      }
+
+      if (
+        !ctx.roles.includes(UserRole.Treasurer) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized financial period deletion attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.delete(id);
 
-    await this.repo.delete(id);
-    return ok(undefined);
+      this.logger.info('Financial period deleted', {
+        periodId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete financial period', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/member.spec.ts b/packages/core/src/service/member.spec.ts
index ff72f0e1..3e2137f2 100644
--- a/packages/core/src/service/member.spec.ts
+++ b/packages/core/src/service/member.spec.ts
@@ -1,36 +1,52 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
+import type { ILogger } from '../contract/logger';
 import type { IMemberRepository } from '../contract/member';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { OrgRole, UserRole } from '../entity/enums';
 import { MemberService } from './member';
 
 describe('MemberService', () => {
   const repo = mock<IMemberRepository>();
-  const service = new MemberService(repo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new MemberService(
+    repo,
+    publicStorage,
+    privateStorage,
+    logger,
+  );
 
   describe('getOrgRoles', () => {
+    const userId = v7();
+    const org1Id = v7();
+    const org2Id = v7();
+
     it('should return a record of organization roles for a user', async () => {
       const mockMemberships = [
-        { organizationId: 'org-1', role: OrgRole.Admin },
-        { organizationId: 'org-2', role: OrgRole.Member },
+        { organizationId: org1Id, role: OrgRole.Admin },
+        { organizationId: org2Id, role: OrgRole.Member },
       ];
       repo.findByUserId.mockResolvedValue(mockMemberships);
 
-      const [result, error] = await service.getOrgRoles('user-1');
+      const [result, error] = await service.getOrgRoles(userId);
 
       expect(error).toBeNull();
       expect(result).toEqual({
-        'org-1': OrgRole.Admin,
-        'org-2': OrgRole.Member,
+        [org1Id]: OrgRole.Admin,
+        [org2Id]: OrgRole.Member,
       });
-      expect(repo.findByUserId).toHaveBeenCalledWith('user-1');
+      expect(repo.findByUserId).toHaveBeenCalledWith(userId);
     });
 
     it('should return an empty record if user has no organization memberships', async () => {
       repo.findByUserId.mockResolvedValue([]);
 
-      const [result, error] = await service.getOrgRoles('user-1');
+      const [result, error] = await service.getOrgRoles(userId);
 
       expect(error).toBeNull();
       expect(result).toEqual({});
@@ -38,11 +54,15 @@ describe('MemberService', () => {
   });
 
   describe('findMember', () => {
+    const orgId = v7();
+    const userId = v7();
+    const userId2 = v7();
+
     it('should return member info when found', async () => {
-      const mockMember = { id: 'mem-1', role: 'admin' };
+      const mockMember = { id: v7(), role: 'admin' };
       repo.findMember.mockResolvedValue(mockMember);
 
-      const [result, error] = await service.findMember('org-1', 'user-1');
+      const [result, error] = await service.findMember(orgId, userId);
 
       expect(error).toBeNull();
       expect(result).toEqual(mockMember);
@@ -51,7 +71,7 @@ describe('MemberService', () => {
     it('should return null when member not found', async () => {
       repo.findMember.mockResolvedValue(null);
 
-      const [result, error] = await service.findMember('org-1', 'user-2');
+      const [result, error] = await service.findMember(orgId, userId2);
 
       expect(error).toBeNull();
       expect(result).toBeNull();
@@ -61,13 +81,17 @@ describe('MemberService', () => {
   describe('ensureRole', () => {
     const ctx = mock<AuthContext>();
 
+    const orgId = v7();
+    const userId = v7();
+    const memId = v7();
+
     it('should fail with ForbiddenError if requester has no permission', async () => {
       ctx.roles = [UserRole.Parishioner];
       ctx.orgRoles = {};
 
       const [result, error] = await service.ensureRole(
-        'org-1',
-        'user-1',
+        orgId,
+        userId,
         OrgRole.Admin,
         ctx,
       );
@@ -78,17 +102,17 @@ describe('MemberService', () => {
 
     it('should update role if member already exists with different role', async () => {
       ctx.roles = [UserRole.ParishAdmin];
-      repo.findMember.mockResolvedValue({ id: 'mem-1', role: OrgRole.Member });
+      repo.findMember.mockResolvedValue({ id: memId, role: OrgRole.Member });
 
       const [_result, error] = await service.ensureRole(
-        'org-1',
-        'user-1',
+        orgId,
+        userId,
         OrgRole.Admin,
         ctx,
       );
 
       expect(error).toBeNull();
-      expect(repo.updateRole).toHaveBeenCalledWith('mem-1', OrgRole.Admin);
+      expect(repo.updateRole).toHaveBeenCalledWith(memId, OrgRole.Admin);
     });
 
     it('should create new member if not exists', async () => {
@@ -96,16 +120,16 @@ describe('MemberService', () => {
       repo.findMember.mockResolvedValue(null);
 
       const [_result, error] = await service.ensureRole(
-        'org-1',
-        'user-1',
+        orgId,
+        userId,
         OrgRole.Admin,
         ctx,
       );
 
       expect(error).toBeNull();
       expect(repo.create).toHaveBeenCalledWith({
-        organizationId: 'org-1',
-        userId: 'user-1',
+        organizationId: orgId,
+        userId: userId,
         role: OrgRole.Admin,
       });
     });
diff --git a/packages/core/src/service/member.ts b/packages/core/src/service/member.ts
index 5e0bba45..5de062ff 100644
--- a/packages/core/src/service/member.ts
+++ b/packages/core/src/service/member.ts
@@ -1,14 +1,22 @@
+import type { ILogger } from '../contract/logger';
 import type { IMemberRepository } from '../contract/member';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { OrgRole, UserRole } from '../entity/enums';
-import { ForbiddenError } from '../error';
+import { ForbiddenError, InternalError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing Better Auth organization roles.
  */
 export class MemberService {
-  constructor(private readonly repo: IMemberRepository) {}
+  constructor(
+    private readonly repo: IMemberRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   /**
    * Finds a member by organization and user ID.
@@ -17,8 +25,17 @@ export class MemberService {
     organizationId: string,
     userId: string,
   ): Promise<Result<{ id: string; role: string } | null>> {
-    const member = await this.repo.findMember(organizationId, userId);
-    return ok(member);
+    try {
+      const member = await this.repo.findMember(organizationId, userId);
+      return ok(member);
+    } catch (error) {
+      this.logger.error('Failed to find organization member', {
+        organizationId,
+        userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -32,27 +49,57 @@ export class MemberService {
     role: OrgRole,
     ctx: AuthContext,
   ): Promise<Result<void>> {
-    // Permission check: adminParoki or superAdmin.
-    // Or owner of the organization.
-    const isOwner = ctx.orgRoles?.[organizationId] === OrgRole.Owner;
-    if (
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin) &&
-      !isOwner
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      // Permission check: adminParoki or superAdmin.
+      // Or owner of the organization.
+      const isOwner = ctx.orgRoles?.[organizationId] === OrgRole.Owner;
+      if (
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin) &&
+        !isOwner
+      ) {
+        this.logger.info('Unauthorized organization role assignment attempt', {
+          organizationId,
+          targetUserId: userId,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    const existing = await this.repo.findMember(organizationId, userId);
-    if (existing) {
-      if (existing.role !== role) {
-        await this.repo.updateRole(existing.id, role);
+      const existing = await this.repo.findMember(organizationId, userId);
+      if (existing) {
+        if (existing.role !== role) {
+          await this.repo.updateRole(existing.id, role);
+          this.logger.info('Organization member role updated', {
+            memberId: existing.id,
+            organizationId,
+            userId,
+            newRole: role,
+            adminId: ctx.userId,
+          });
+        }
+        return ok(undefined);
       }
+
+      await this.repo.create({ organizationId, userId, role });
+
+      this.logger.info('Organization member created', {
+        organizationId,
+        userId,
+        role,
+        adminId: ctx.userId,
+      });
+
       return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to ensure organization role', {
+        organizationId,
+        targetUserId: userId,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
     }
-
-    await this.repo.create({ organizationId, userId, role });
-    return ok(undefined);
   }
 
   /**
@@ -62,16 +109,24 @@ export class MemberService {
    * @returns `ok(Record<organizationId, OrgRole>)` on success.
    */
   async getOrgRoles(userId: string): Promise<Result<Record<string, OrgRole>>> {
-    const memberships = await this.repo.findByUserId(userId);
+    try {
+      const memberships = await this.repo.findByUserId(userId);
 
-    const orgRole = memberships.reduce(
-      (acc, current) => {
-        acc[current.organizationId] = current.role as OrgRole;
-        return acc;
-      },
-      {} as Record<string, OrgRole>,
-    );
+      const orgRole = memberships.reduce(
+        (acc, current) => {
+          acc[current.organizationId] = current.role as OrgRole;
+          return acc;
+        },
+        {} as Record<string, OrgRole>,
+      );
 
-    return ok(orgRole);
+      return ok(orgRole);
+    } catch (error) {
+      this.logger.error('Failed to get organization roles for user', {
+        userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/notification.spec.ts b/packages/core/src/service/notification.spec.ts
index 3496aef4..2e0aee83 100644
--- a/packages/core/src/service/notification.spec.ts
+++ b/packages/core/src/service/notification.spec.ts
@@ -1,6 +1,10 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
+import type { ILogger } from '../contract/logger';
 import type { INotificationRepository } from '../contract/notification';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import {
   AccountStatus,
@@ -14,11 +18,24 @@ import { NotificationService } from './notification';
 
 describe('NotificationService', () => {
   const repo = mock<INotificationRepository>();
-  const service = new NotificationService(repo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new NotificationService(
+    repo,
+    publicStorage,
+    privateStorage,
+    logger,
+  );
+
+  const notifId = v7();
+  const userId = v7();
+  const adminId = v7();
+  const otherUserId = v7();
 
   const mockNotification = {
-    id: 'notif-1',
-    userId: 'user-1',
+    id: notifId,
+    userId: userId,
     title: 'Pesan Baru',
     body: 'Anda memiliki pesan baru',
     channel: NotificationChannel.InApp,
@@ -27,17 +44,17 @@ describe('NotificationService', () => {
   };
 
   const _adminCtx: AuthContext = {
-    userId: 'admin-1',
+    userId: adminId,
     roles: [UserRole.ParishAdmin],
     accountStatus: AccountStatus.Approved,
   };
   const userCtx: AuthContext = {
-    userId: 'user-1',
+    userId: userId,
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
   const otherUserCtx: AuthContext = {
-    userId: 'user-2',
+    userId: otherUserId,
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
@@ -47,16 +64,13 @@ describe('NotificationService', () => {
       repo.findByUserId.mockResolvedValue([
         mockNotification,
       ] as unknown as Notification[]);
-      const [result, error] = await service.findByUserId('user-1', userCtx);
+      const [result, error] = await service.findByUserId(userId, userCtx);
       expect(error).toBeNull();
       expect(result).toEqual([mockNotification]);
     });
 
     it('should forbid user from seeing others notifications', async () => {
-      const [_result, error] = await service.findByUserId(
-        'user-1',
-        otherUserCtx,
-      );
+      const [_result, error] = await service.findByUserId(userId, otherUserCtx);
       expect(error).toBeInstanceOf(ForbiddenError);
     });
   });
@@ -66,9 +80,9 @@ describe('NotificationService', () => {
       repo.findById.mockResolvedValue(
         mockNotification as unknown as Notification,
       );
-      const [_result, error] = await service.markAsRead('notif-1', userCtx);
+      const [_result, error] = await service.markAsRead(notifId, userCtx);
       expect(error).toBeNull();
-      expect(repo.update).toHaveBeenCalledWith('notif-1', { isRead: true });
+      expect(repo.update).toHaveBeenCalledWith(notifId, { isRead: true });
     });
   });
 });
diff --git a/packages/core/src/service/notification.ts b/packages/core/src/service/notification.ts
index c7d30a71..26c34efd 100644
--- a/packages/core/src/service/notification.ts
+++ b/packages/core/src/service/notification.ts
@@ -1,23 +1,39 @@
+import type { ILogger } from '../contract/logger';
 import type { INotificationRepository } from '../contract/notification';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { NotificationStatus, UserRole } from '../entity/enums';
 import type { CreateNotification, Notification } from '../entity/notification';
-import { ForbiddenError, NotFoundError } from '../error';
+import { ForbiddenError, InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing user notifications.
  */
 export class NotificationService {
-  constructor(private readonly repo: INotificationRepository) {}
+  constructor(
+    private readonly repo: INotificationRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   /**
    * Retrieves a notification by its ID.
    */
   async findById(id: string): Promise<Result<Notification>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('Notification'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('Notification not found', { id });
+        return fail(new NotFoundError('Notification'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find notification', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -27,84 +43,180 @@ export class NotificationService {
     userId: string,
     ctx: AuthContext,
   ): Promise<Result<Notification[]>> {
-    // Permission check: User can only see their own notifications, or adminParoki/superAdmin
-    if (
-      ctx.userId !== userId &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      // Permission check: User can only see their own notifications, or adminParoki/superAdmin
+      if (
+        ctx.userId !== userId &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized notification retrieval attempt', {
+          targetUserId: userId,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    const data = await this.repo.findByUserId(userId);
-    return ok(data);
+      const data = await this.repo.findByUserId(userId);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find notifications by user', {
+        userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Creates a new notification.
    */
   async create(data: CreateNotification): Promise<Result<Notification>> {
-    // Usually called by other services, no ctx check here or internal check
-    const notification = await this.repo.create({
-      ...data,
-      isRead: false,
-      status: NotificationStatus.Sent,
-      sentAt: new Date(),
-    });
-    return ok(notification);
+    try {
+      // Usually called by other services, no ctx check here or internal check
+      const notification = await this.repo.create({
+        ...data,
+        isRead: false,
+        status: NotificationStatus.Sent,
+        sentAt: new Date(),
+      });
+
+      this.logger.info('Notification created', {
+        notificationId: notification.id,
+        targetUserId: data.userId,
+        type: data.type,
+      });
+
+      return ok(notification);
+    } catch (error) {
+      this.logger.error('Failed to create notification', {
+        targetUserId: data.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Marks a notification as read.
    */
   async markAsRead(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Notification'));
-
-    if (
-      existing.userId !== ctx.userId &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Notification not found for update', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Notification'));
+      }
+
+      if (
+        existing.userId !== ctx.userId &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized notification update attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.update(id, { isRead: true });
+
+      this.logger.info('Notification marked as read', {
+        notificationId: id,
+        userId: ctx.userId,
+      });
 
-    await this.repo.update(id, { isRead: true });
-    return ok(undefined);
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to mark notification as read', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Marks all notifications of a user as read.
    */
   async markAllAsRead(userId: string, ctx: AuthContext): Promise<Result<void>> {
-    if (
-      ctx.userId !== userId &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      if (
+        ctx.userId !== userId &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized notification bulk update attempt', {
+          targetUserId: userId,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.markAllAsRead(userId);
 
-    await this.repo.markAllAsRead(userId);
-    return ok(undefined);
+      this.logger.info('All notifications marked as read', {
+        targetUserId: userId,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to mark all notifications as read', {
+        targetUserId: userId,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Soft deletes a notification.
    */
   async delete(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Notification'));
-
-    if (
-      existing.userId !== ctx.userId &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Notification not found for deletion', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Notification'));
+      }
+
+      if (
+        existing.userId !== ctx.userId &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized notification deletion attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.delete(id);
 
-    await this.repo.delete(id);
-    return ok(undefined);
+      this.logger.info('Notification deleted', {
+        notificationId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete notification', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/organization.spec.ts b/packages/core/src/service/organization.spec.ts
index 01edaf3f..91e8757e 100644
--- a/packages/core/src/service/organization.spec.ts
+++ b/packages/core/src/service/organization.spec.ts
@@ -1,6 +1,10 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
+import type { ILogger } from '../contract/logger';
 import type { IOrganizationRepository } from '../contract/organization';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { AccountStatus, OrgRole, OrgType, UserRole } from '../entity/enums';
 import type { Organization } from '../entity/organization';
@@ -9,10 +13,28 @@ import { OrganizationService } from './organization';
 
 describe('OrganizationService', () => {
   const repo = mock<IOrganizationRepository>();
-  const service = new OrganizationService(repo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new OrganizationService(
+    repo,
+    publicStorage,
+    privateStorage,
+    logger,
+  );
+
+  const org1Id = v7();
+  const adminId = v7();
+  const userId = v7();
+  const cat1Id = v7();
+  const cat2Id = v7();
+  const cat3Id = v7();
+  const regionId = v7();
+  const stationId = v7();
+  const becId = v7();
 
   const mockOrg: Organization = {
-    id: 'org-1',
+    id: org1Id,
     name: 'Region 1',
     slug: 'region-1',
     logo: null,
@@ -27,26 +49,26 @@ describe('OrganizationService', () => {
   };
 
   const adminCtx: AuthContext = {
-    userId: 'admin-1',
+    userId: adminId,
     roles: [UserRole.ParishAdmin],
     accountStatus: AccountStatus.Approved,
   };
   const userCtx: AuthContext = {
-    userId: 'user-1',
+    userId: userId,
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
   const ownerCtx: AuthContext = {
-    userId: 'user-1',
+    userId: userId,
     roles: [UserRole.Parishioner],
-    orgRoles: { 'org-1': OrgRole.Owner },
+    orgRoles: { [org1Id]: OrgRole.Owner },
     accountStatus: AccountStatus.Approved,
   };
 
   describe('findById', () => {
     it('should return org when found', async () => {
       repo.findById.mockResolvedValue(mockOrg);
-      const [result, error] = await service.findById('org-1');
+      const [result, error] = await service.findById(org1Id);
       expect(error).toBeNull();
       expect(result).toEqual(mockOrg);
     });
@@ -95,7 +117,7 @@ describe('OrganizationService', () => {
 
     it('should reject creating Station with Categorical parent', async () => {
       repo.findById.mockResolvedValue({
-        id: 'cat-1',
+        id: cat1Id,
         type: OrgType.Categorical,
       } as unknown as Organization);
 
@@ -103,7 +125,7 @@ describe('OrganizationService', () => {
         {
           name: 'Stasi 1',
           type: OrgType.Station,
-          parentId: 'cat-1',
+          parentId: cat1Id,
         } as unknown as Organization,
         adminCtx,
       );
@@ -114,7 +136,7 @@ describe('OrganizationService', () => {
 
     it('should reject creating BEC with Categorical parent', async () => {
       repo.findById.mockResolvedValue({
-        id: 'cat-1',
+        id: cat1Id,
         type: OrgType.Categorical,
       } as unknown as Organization);
 
@@ -122,7 +144,7 @@ describe('OrganizationService', () => {
         {
           name: 'BEC 1',
           type: OrgType.BEC,
-          parentId: 'cat-1',
+          parentId: cat1Id,
         } as unknown as Organization,
         adminCtx,
       );
@@ -134,25 +156,25 @@ describe('OrganizationService', () => {
     });
 
     it('should reject creating Categorical with depth > 3', async () => {
-      // cat-1 (lv1) -> cat-2 (lv2) -> cat-3 (lv3)
+      // cat1Id (lv1) -> cat2Id (lv2) -> cat3Id (lv3)
       repo.findById.mockImplementation((id) => {
-        if (id === 'cat-1')
+        if (id === cat1Id)
           return Promise.resolve({
-            id: 'cat-1',
+            id: cat1Id,
             type: OrgType.Categorical,
             parentId: null,
           } as unknown as Organization);
-        if (id === 'cat-2')
+        if (id === cat2Id)
           return Promise.resolve({
-            id: 'cat-2',
+            id: cat2Id,
             type: OrgType.Categorical,
-            parentId: 'cat-1',
+            parentId: cat1Id,
           } as unknown as Organization);
-        if (id === 'cat-3')
+        if (id === cat3Id)
           return Promise.resolve({
-            id: 'cat-3',
+            id: cat3Id,
             type: OrgType.Categorical,
-            parentId: 'cat-2',
+            parentId: cat2Id,
           } as unknown as Organization);
         return Promise.resolve(null);
       });
@@ -161,7 +183,7 @@ describe('OrganizationService', () => {
         {
           name: 'Cat 4',
           type: OrgType.Categorical,
-          parentId: 'cat-3',
+          parentId: cat3Id,
         } as unknown as Organization,
         adminCtx,
       );
@@ -176,7 +198,7 @@ describe('OrganizationService', () => {
       repo.findById.mockResolvedValue(mockOrg as unknown as Organization);
       repo.update.mockResolvedValue({ ...mockOrg, name: 'Region 1 Updated' });
       const [result, error] = await service.update(
-        'org-1',
+        org1Id,
         { name: 'Region 1 Updated' },
         ownerCtx,
       );
@@ -187,7 +209,7 @@ describe('OrganizationService', () => {
     it('should forbid non-owner to update', async () => {
       repo.findById.mockResolvedValue(mockOrg);
       const [result, error] = await service.update(
-        'org-1',
+        org1Id,
         { name: 'Region 1 Updated' },
         userCtx,
       );
@@ -200,14 +222,14 @@ describe('OrganizationService', () => {
     it('should allow admin to delete', async () => {
       repo.findById.mockResolvedValue(mockOrg);
       repo.delete.mockResolvedValue(undefined);
-      const [_result, error] = await service.delete('org-1', adminCtx);
+      const [_result, error] = await service.delete(org1Id, adminCtx);
       expect(error).toBeNull();
-      expect(repo.delete).toHaveBeenCalledWith('org-1');
+      expect(repo.delete).toHaveBeenCalledWith(org1Id);
     });
 
     it('should forbid non-admin to delete', async () => {
       repo.findById.mockResolvedValue(mockOrg);
-      const [result, error] = await service.delete('org-1', ownerCtx);
+      const [result, error] = await service.delete(org1Id, ownerCtx);
       expect(result).toBeNull();
       expect(error).toBeInstanceOf(ForbiddenError);
     });
@@ -216,18 +238,18 @@ describe('OrganizationService', () => {
   describe('validateParent', () => {
     const region: Organization = {
       ...mockOrg,
-      id: 'region-1',
+      id: regionId,
       type: OrgType.Region,
     };
     const station: Organization = {
       ...mockOrg,
-      id: 'station-1',
+      id: stationId,
       type: OrgType.Station,
     };
-    const bec: Organization = { ...mockOrg, id: 'bec-1', type: OrgType.BEC };
+    const bec: Organization = { ...mockOrg, id: becId, type: OrgType.BEC };
     const categorical: Organization = {
       ...mockOrg,
-      id: 'cat-1',
+      id: cat1Id,
       type: OrgType.Categorical,
     };
 
@@ -298,28 +320,29 @@ describe('OrganizationService', () => {
       // Self assignment
       let [_result, error] = await service.validateParent(
         OrgType.Station,
-        'station-1',
-        'station-1',
+        stationId,
+        stationId,
       );
       expect(error).toBeInstanceOf(ValidationError);
 
       // Cycle detection: station-1 wants to be parent of station-2, but station-1's parent is station-2
+      const station2Id = v7();
       const station2: Organization = {
         ...mockOrg,
-        id: 'station-2',
+        id: station2Id,
         type: OrgType.Station,
-        parentId: 'station-1',
+        parentId: stationId,
       };
       repo.findById.mockImplementation(async (id) => {
-        if (id === 'station-2') return station2;
-        if (id === 'station-1') return station;
+        if (id === station2Id) return station2;
+        if (id === stationId) return station;
         return null;
       });
       // trying to update station-1's parentId to 'station-2'
       [_result, error] = await service.validateParent(
         OrgType.Station,
-        'station-2',
-        'station-1',
+        station2Id,
+        stationId,
       );
       expect(error).toBeInstanceOf(ValidationError);
     });
@@ -328,49 +351,49 @@ describe('OrganizationService', () => {
   describe('validateCategoricalDepth', () => {
     const catRoot: Organization = {
       ...mockOrg,
-      id: 'root',
+      id: cat1Id,
       type: OrgType.Categorical,
       parentId: null,
     };
     const catLvl2: Organization = {
       ...mockOrg,
-      id: 'lvl2',
+      id: cat2Id,
       type: OrgType.Categorical,
-      parentId: 'root',
+      parentId: cat1Id,
     };
     const catLvl3: Organization = {
       ...mockOrg,
-      id: 'lvl3',
+      id: cat3Id,
       type: OrgType.Categorical,
-      parentId: 'lvl2',
+      parentId: cat2Id,
     };
 
     it('should allow depth 1 to 3', async () => {
       repo.findById.mockImplementation(async (id) => {
-        if (id === 'root') return catRoot;
-        if (id === 'lvl2') return catLvl2;
-        if (id === 'lvl3') return catLvl3;
+        if (id === cat1Id) return catRoot;
+        if (id === cat2Id) return catLvl2;
+        if (id === cat3Id) return catLvl3;
         return null;
       });
 
       // New item at lvl 2
-      let [_result, error] = await service.validateCategoricalDepth('root');
+      let [_result, error] = await service.validateCategoricalDepth(cat1Id);
       expect(error).toBeNull();
 
       // New item at lvl 3
-      [_result, error] = await service.validateCategoricalDepth('lvl2');
+      [_result, error] = await service.validateCategoricalDepth(cat2Id);
       expect(error).toBeNull();
     });
 
     it('should forbid depth greater than 3', async () => {
       repo.findById.mockImplementation(async (id) => {
-        if (id === 'root') return catRoot;
-        if (id === 'lvl2') return catLvl2;
-        if (id === 'lvl3') return catLvl3;
+        if (id === cat1Id) return catRoot;
+        if (id === cat2Id) return catLvl2;
+        if (id === cat3Id) return catLvl3;
         return null;
       });
       // New item at lvl 4 would have lvl3 as parent
-      const [_result, error] = await service.validateCategoricalDepth('lvl3');
+      const [_result, error] = await service.validateCategoricalDepth(cat3Id);
       expect(error).toBeInstanceOf(ValidationError);
     });
   });
@@ -378,38 +401,38 @@ describe('OrganizationService', () => {
   describe('listForType', () => {
     const region: Organization = {
       ...mockOrg,
-      id: 'reg-1',
+      id: regionId,
       type: OrgType.Region,
     };
     const station: Organization = {
       ...mockOrg,
-      id: 'sta-1',
+      id: stationId,
       type: OrgType.Station,
-      parentId: 'reg-1',
+      parentId: regionId,
     };
     const cat1: Organization = {
       ...mockOrg,
-      id: 'cat-1',
+      id: cat1Id,
       type: OrgType.Categorical,
     };
     const cat2: Organization = {
       ...mockOrg,
-      id: 'cat-2',
+      id: cat2Id,
       type: OrgType.Categorical,
-      parentId: 'cat-1',
+      parentId: cat1Id,
     };
     const cat3: Organization = {
       ...mockOrg,
-      id: 'cat-3',
+      id: cat3Id,
       type: OrgType.Categorical,
-      parentId: 'cat-2',
+      parentId: cat2Id,
     };
 
     it('should list valid parents for Station (must be Region)', async () => {
       repo.listForTerritorial.mockResolvedValue([region, station]);
       repo.findById.mockImplementation(async (id) => {
-        if (id === 'reg-1') return region;
-        if (id === 'sta-1') return station;
+        if (id === regionId) return region;
+        if (id === stationId) return station;
         return null;
       });
 
@@ -418,14 +441,14 @@ describe('OrganizationService', () => {
       expect(error).toBeNull();
       // Only region is valid for station
       expect(result).toHaveLength(1);
-      expect(result?.[0]?.id).toBe('reg-1');
+      expect(result?.[0]?.id).toBe(regionId);
     });
 
     it('should list valid parents for BEC (Region or Station)', async () => {
       repo.listForTerritorial.mockResolvedValue([region, station]);
       repo.findById.mockImplementation(async (id) => {
-        if (id === 'reg-1') return region;
-        if (id === 'sta-1') return station;
+        if (id === regionId) return region;
+        if (id === stationId) return station;
         return null;
       });
 
@@ -438,9 +461,9 @@ describe('OrganizationService', () => {
     it('should list categorical and enforce max depth 3', async () => {
       repo.listForCategorical.mockResolvedValue([cat1, cat2, cat3]);
       repo.findById.mockImplementation(async (id) => {
-        if (id === 'cat-1') return cat1;
-        if (id === 'cat-2') return cat2;
-        if (id === 'cat-3') return cat3;
+        if (id === cat1Id) return cat1;
+        if (id === cat2Id) return cat2;
+        if (id === cat3Id) return cat3;
         return null;
       });
 
@@ -450,15 +473,15 @@ describe('OrganizationService', () => {
       // cat1 (lvl 1) and cat2 (lvl 2) are valid parents.
       // cat3 (lvl 3) is NOT valid because its child would be lvl 4.
       expect(result).toHaveLength(2);
-      expect(result?.map((o) => o?.id)).toContain('cat-1');
-      expect(result?.map((o) => o?.id)).toContain('cat-2');
+      expect(result?.map((o) => o?.id)).toContain(cat1Id);
+      expect(result?.map((o) => o?.id)).toContain(cat2Id);
     });
 
     it('should prevent recursive nesting for categorical', async () => {
       repo.listForCategorical.mockResolvedValue([cat1, cat2]);
       repo.findById.mockImplementation(async (id) => {
-        if (id === 'cat-1') return cat1;
-        if (id === 'cat-2') return cat2;
+        if (id === cat1Id) return cat1;
+        if (id === cat2Id) return cat2;
         return null;
       });
 
@@ -466,7 +489,7 @@ describe('OrganizationService', () => {
       // If we are updating cat1, cat2 is invalid because it's a descendant.
       const [result, error] = await service.listForType(
         OrgType.Categorical,
-        'cat-1',
+        cat1Id,
       );
 
       expect(error).toBeNull();
diff --git a/packages/core/src/service/organization.ts b/packages/core/src/service/organization.ts
index fcdf88a1..2e2b1adb 100644
--- a/packages/core/src/service/organization.ts
+++ b/packages/core/src/service/organization.ts
@@ -1,4 +1,7 @@
+import type { ILogger } from '../contract/logger';
 import type { IOrganizationRepository } from '../contract/organization';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { OrgRole, OrgType, UserRole } from '../entity/enums';
 import type {
@@ -7,14 +10,24 @@ import type {
   UpdateOrganization,
 } from '../entity/organization';
 import { IsCategorical, IsTerritorial } from '../entity/organization';
-import { ForbiddenError, NotFoundError, ValidationError } from '../error';
+import {
+  ForbiddenError,
+  InternalError,
+  NotFoundError,
+  ValidationError,
+} from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing organization data.
  */
 export class OrganizationService {
-  constructor(private readonly repo: IOrganizationRepository) {}
+  constructor(
+    private readonly repo: IOrganizationRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   /**
    * Retrieves an organization by its ID.
@@ -23,9 +36,17 @@ export class OrganizationService {
    * @returns `ok(organization)` if found, `fail(NotFoundError)` if not.
    */
   async findById(id: string): Promise<Result<Organization>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('Organization'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('Organization not found', { id });
+        return fail(new NotFoundError('Organization'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find organization', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -35,9 +56,17 @@ export class OrganizationService {
    * @returns `ok(organization)` if found, `fail(NotFoundError)` if not.
    */
   async findBySlug(slug: string): Promise<Result<Organization>> {
-    const data = await this.repo.findBySlug(slug);
-    if (!data) return fail(new NotFoundError('Organization'));
-    return ok(data);
+    try {
+      const data = await this.repo.findBySlug(slug);
+      if (!data) {
+        this.logger.info('Organization not found for slug', { slug });
+        return fail(new NotFoundError('Organization'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find organization by slug', { slug, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -47,9 +76,20 @@ export class OrganizationService {
    * @returns `ok(organization)` if found, `fail(NotFoundError)` if not.
    */
   async findByJoinId(joinId: string): Promise<Result<Organization>> {
-    const data = await this.repo.findByJoinId(joinId);
-    if (!data) return fail(new NotFoundError('Organization'));
-    return ok(data);
+    try {
+      const data = await this.repo.findByJoinId(joinId);
+      if (!data) {
+        this.logger.info('Organization not found for joinId', { joinId });
+        return fail(new NotFoundError('Organization'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find organization by joinId', {
+        joinId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -58,8 +98,13 @@ export class OrganizationService {
    * @returns `ok(organizations)` on success.
    */
   async findAll(): Promise<Result<Organization[]>> {
-    const data = await this.repo.findAll();
-    return ok(data);
+    try {
+      const data = await this.repo.findAll();
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find all organizations', { error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -71,8 +116,16 @@ export class OrganizationService {
   async getUserOrganizations(
     ctx: AuthContext,
   ): Promise<Result<(Organization & { memberCount: number })[]>> {
-    const data = await this.repo.findManyByUserId(ctx.userId);
-    return ok(data);
+    try {
+      const data = await this.repo.findManyByUserId(ctx.userId);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to get organizations for user', {
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -86,35 +139,53 @@ export class OrganizationService {
     data: CreateOrganization,
     ctx: AuthContext,
   ): Promise<Result<Organization>> {
-    // Permission check: adminParoki or superAdmin
-    if (
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
-
-    // Validate the hierarchical constraints
-    const parentValidation = await this.validateParent(
-      data.type,
-      data.parentId,
-    );
-    if (parentValidation[1]) {
-      return fail(parentValidation[1]);
-    }
+    try {
+      // Permission check: adminParoki or superAdmin
+      if (
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized organization creation attempt', {
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    // Validating categorical depth constraints
-    if (data.type === OrgType.Categorical) {
-      const depthValidation = await this.validateCategoricalDepth(
+      // Validate the hierarchical constraints
+      const parentValidation = await this.validateParent(
+        data.type,
         data.parentId,
       );
-      if (depthValidation[1]) {
-        return fail(depthValidation[1]);
+      if (parentValidation[1]) {
+        return fail(parentValidation[1]);
       }
-    }
 
-    const organization = await this.repo.create(data);
-    return ok(organization);
+      // Validating categorical depth constraints
+      if (data.type === OrgType.Categorical) {
+        const depthValidation = await this.validateCategoricalDepth(
+          data.parentId,
+        );
+        if (depthValidation[1]) {
+          return fail(depthValidation[1]);
+        }
+      }
+
+      const organization = await this.repo.create(data);
+
+      this.logger.info('Organization created', {
+        orgId: organization.id,
+        type: organization.type,
+        userId: ctx.userId,
+      });
+
+      return ok(organization);
+    } catch (error) {
+      this.logger.error('Failed to create organization', {
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -130,47 +201,72 @@ export class OrganizationService {
     data: UpdateOrganization,
     ctx: AuthContext,
   ): Promise<Result<Organization>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Organization'));
-
-    // Permission check: adminParoki, superAdmin, or owner of the organization
-    const isOwner =
-      ctx.orgRoles?.[id] === OrgRole.Owner ||
-      ctx.orgRoles?.[id] === OrgRole.Admin;
-    if (
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin) &&
-      !isOwner
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Organization not found for update', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Organization'));
+      }
 
-    // Determine the type and parent ID after applying updates
-    const currentType = data.type !== undefined ? data.type : existing.type;
-    const currentParentId =
-      data.parentId !== undefined ? data.parentId : existing.parentId;
-
-    // Validate the hierarchical constraints, preventing cycles
-    const parentValidation = await this.validateParent(
-      currentType,
-      currentParentId,
-      id,
-    );
-    if (parentValidation[1]) {
-      return fail(parentValidation[1]);
-    }
+      // Permission check: adminParoki, superAdmin, or owner of the organization
+      const isOwner =
+        ctx.orgRoles?.[id] === OrgRole.Owner ||
+        ctx.orgRoles?.[id] === OrgRole.Admin;
+      if (
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin) &&
+        !isOwner
+      ) {
+        this.logger.info('Unauthorized organization update attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    // Validating categorical depth constraints
-    if (currentType === OrgType.Categorical) {
-      const depthValidation =
-        await this.validateCategoricalDepth(currentParentId);
-      if (depthValidation[1]) {
-        return fail(depthValidation[1]);
+      // Determine the type and parent ID after applying updates
+      const currentType = data.type !== undefined ? data.type : existing.type;
+      const currentParentId =
+        data.parentId !== undefined ? data.parentId : existing.parentId;
+
+      // Validate the hierarchical constraints, preventing cycles
+      const parentValidation = await this.validateParent(
+        currentType,
+        currentParentId,
+        id,
+      );
+      if (parentValidation[1]) {
+        return fail(parentValidation[1]);
+      }
+
+      // Validating categorical depth constraints
+      if (currentType === OrgType.Categorical) {
+        const depthValidation =
+          await this.validateCategoricalDepth(currentParentId);
+        if (depthValidation[1]) {
+          return fail(depthValidation[1]);
+        }
       }
-    }
 
-    const updated = await this.repo.update(id, data);
-    return ok(updated);
+      const updated = await this.repo.update(id, data);
+
+      this.logger.info('Organization updated', {
+        orgId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(updated);
+    } catch (error) {
+      this.logger.error('Failed to update organization', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -181,19 +277,44 @@ export class OrganizationService {
    * @returns `ok(void)` on success, `fail(CoreError)` on failure.
    */
   async delete(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Organization'));
-
-    // Permission check: Only adminParoki or superAdmin can delete
-    if (
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Organization not found for deletion', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Organization'));
+      }
+
+      // Permission check: Only adminParoki or superAdmin can delete
+      if (
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized organization deletion attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    await this.repo.delete(id);
-    return ok(undefined);
+      await this.repo.delete(id);
+
+      this.logger.info('Organization deleted', {
+        orgId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete organization', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -209,56 +330,91 @@ export class OrganizationService {
     parentId?: string | null,
     currentId?: string | null,
   ): Promise<Result<void>> {
-    if (type === OrgType.Region && parentId) {
-      return fail(
-        new ValidationError('Region cannot have a parent organization.'),
-      );
-    }
+    try {
+      if (type === OrgType.Region && parentId) {
+        this.logger.info('Hierarchical validation failed: Region with parent', {
+          type,
+          parentId,
+        });
+        return fail(
+          new ValidationError('Region cannot have a parent organization.'),
+        );
+      }
 
-    if (!parentId) return ok(undefined);
+      if (!parentId) return ok(undefined);
 
-    if (currentId && parentId === currentId) {
-      return fail(
-        new ValidationError('Organization cannot be its own parent.'),
-      );
-    }
+      if (currentId && parentId === currentId) {
+        return fail(
+          new ValidationError('Organization cannot be its own parent.'),
+        );
+      }
 
-    const parent = await this.repo.findById(parentId);
-    if (!parent)
-      return fail(new ValidationError('Parent organization not found.'));
+      const parent = await this.repo.findById(parentId);
+      if (!parent) {
+        this.logger.info('Hierarchical validation failed: Parent not found', {
+          parentId,
+        });
+        return fail(new ValidationError('Parent organization not found.'));
+      }
 
-    if (type === OrgType.Station && parent.type !== OrgType.Region) {
-      return fail(new ValidationError('Station parent must be a Region.'));
-    }
+      if (type === OrgType.Station && parent.type !== OrgType.Region) {
+        this.logger.info(
+          'Hierarchical validation failed: Station parent must be Region',
+          {
+            type,
+            parentType: parent.type,
+          },
+        );
+        return fail(new ValidationError('Station parent must be a Region.'));
+      }
 
-    if (
-      type === OrgType.BEC &&
-      parent.type !== OrgType.Region &&
-      parent.type !== OrgType.Station
-    ) {
-      return fail(
-        new ValidationError('BEC parent must be a Region or Station.'),
-      );
-    }
+      if (
+        type === OrgType.BEC &&
+        parent.type !== OrgType.Region &&
+        parent.type !== OrgType.Station
+      ) {
+        this.logger.info(
+          'Hierarchical validation failed: BEC parent must be Region or Station',
+          {
+            type,
+            parentType: parent.type,
+          },
+        );
+        return fail(
+          new ValidationError('BEC parent must be a Region or Station.'),
+        );
+      }
 
-    // Cycle detection
-    if (currentId) {
-      let currentParentId = parent.parentId;
-      while (currentParentId) {
-        if (currentParentId === currentId) {
-          return fail(
-            new ValidationError(
-              'Cycle detected: organization cannot be a descendant of itself.',
-            ),
-          );
+      // Cycle detection
+      if (currentId) {
+        let currentParentId = parent.parentId;
+        while (currentParentId) {
+          if (currentParentId === currentId) {
+            this.logger.info('Hierarchical validation failed: Cycle detected', {
+              currentId,
+              parentId,
+            });
+            return fail(
+              new ValidationError(
+                'Cycle detected: organization cannot be a descendant of itself.',
+              ),
+            );
+          }
+          const ancestor = await this.repo.findById(currentParentId);
+          if (!ancestor) break;
+          currentParentId = ancestor.parentId;
         }
-        const ancestor = await this.repo.findById(currentParentId);
-        if (!ancestor) break;
-        currentParentId = ancestor.parentId;
       }
-    }
 
-    return ok(undefined);
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Hierarchical validation failed', {
+        currentId,
+        parentId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -272,31 +428,43 @@ export class OrganizationService {
     parentId?: string | null,
     maxDepth = 3,
   ): Promise<Result<void>> {
-    if (!parentId) return ok(undefined);
-
-    let currentDepth = 2; // self is 1, parent is 2
-    let currentParentId: string | null = parentId;
-
-    while (currentParentId) {
-      const parent = await this.repo.findById(currentParentId);
-      if (!parent) break;
-
-      if (parent.parentId) {
-        currentDepth++;
-        if (currentDepth > maxDepth) {
-          return fail(
-            new ValidationError(
-              `Categorical hierarchy goes deeper than ${maxDepth} levels.`,
-            ),
-          );
+    try {
+      if (!parentId) return ok(undefined);
+
+      let currentDepth = 2; // self is 1, parent is 2
+      let currentParentId: string | null = parentId;
+
+      while (currentParentId) {
+        const parent = await this.repo.findById(currentParentId);
+        if (!parent) break;
+
+        if (parent.parentId) {
+          currentDepth++;
+          if (currentDepth > maxDepth) {
+            this.logger.info('Categorical depth limit exceeded', {
+              parentId,
+              currentDepth,
+            });
+            return fail(
+              new ValidationError(
+                `Categorical hierarchy goes deeper than ${maxDepth} levels.`,
+              ),
+            );
+          }
+          currentParentId = parent.parentId;
+        } else {
+          break;
         }
-        currentParentId = parent.parentId;
-      } else {
-        break;
       }
-    }
 
-    return ok(undefined);
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Categorical depth validation failed', {
+        parentId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -311,41 +479,50 @@ export class OrganizationService {
     type: OrgType,
     currentId?: string | null,
   ): Promise<Result<Organization[]>> {
-    let allOrgs: Organization[] = [];
-
-    if (IsCategorical(type)) {
-      allOrgs = await this.repo.listForCategorical();
-    } else if (IsTerritorial(type)) {
-      allOrgs = await this.repo.listForTerritorial();
-    } else {
-      // Fallback or other types if any
-      allOrgs = await this.repo.findAll();
-    }
+    try {
+      let allOrgs: Organization[] = [];
 
-    const validParents: Organization[] = [];
+      if (IsCategorical(type)) {
+        allOrgs = await this.repo.listForCategorical();
+      } else if (IsTerritorial(type)) {
+        allOrgs = await this.repo.listForTerritorial();
+      } else {
+        // Fallback or other types if any
+        allOrgs = await this.repo.findAll();
+      }
 
-    for (const org of allOrgs) {
-      // 1. Cannot be self
-      if (currentId && org.id === currentId) continue;
+      const validParents: Organization[] = [];
 
-      // 2. Validate hierarchy rules
-      const [_, parentError] = await this.validateParent(
-        type,
-        org.id,
-        currentId,
-      );
-      if (parentError) continue;
+      for (const org of allOrgs) {
+        // 1. Cannot be self
+        if (currentId && org.id === currentId) continue;
 
-      // 3. For categorical, check depth
-      if (IsCategorical(type)) {
-        const [__, depthError] = await this.validateCategoricalDepth(org.id);
-        if (depthError) continue;
+        // 2. Validate hierarchy rules
+        const [_, parentError] = await this.validateParent(
+          type,
+          org.id,
+          currentId,
+        );
+        if (parentError) continue;
+
+        // 3. For categorical, check depth
+        if (IsCategorical(type)) {
+          const [__, depthError] = await this.validateCategoricalDepth(org.id);
+          if (depthError) continue;
+        }
+
+        validParents.push(org);
       }
 
-      validParents.push(org);
+      return ok(validParents);
+    } catch (error) {
+      this.logger.error('Failed to list organizations for type', {
+        type,
+        currentId,
+        error,
+      });
+      return fail(new InternalError(error));
     }
-
-    return ok(validParents);
   }
 
   /**
@@ -355,7 +532,15 @@ export class OrganizationService {
    * @returns `ok(rotatedCount)` on success.
    */
   async rotateJoinIds(generateId: () => string): Promise<Result<number>> {
-    const rotated = await this.repo.rotateJoinIds(generateId);
-    return ok(rotated);
+    try {
+      const rotated = await this.repo.rotateJoinIds(generateId);
+
+      this.logger.info('Organization join IDs rotated', { count: rotated });
+
+      return ok(rotated);
+    } catch (error) {
+      this.logger.error('Failed to rotate organization join IDs', { error });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/parishioner.spec.ts b/packages/core/src/service/parishioner.spec.ts
index 2d101517..e7095506 100644
--- a/packages/core/src/service/parishioner.spec.ts
+++ b/packages/core/src/service/parishioner.spec.ts
@@ -1,26 +1,39 @@
+import { v7 } from 'uuid';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
 import { mock } from 'vitest-mock-extended';
+import type { ILogger } from '../contract/logger';
 import type { IParishionerRepository } from '../contract/parishioner';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { AccountStatus, OrgRole, UserRole } from '../entity/enums';
-import type {
-  Parishioner,
-  ParishionerMembershipRequest,
+import {
+  type Parishioner,
+  ParishionerEntity,
+  type ParishionerMembershipRequest,
 } from '../entity/parishioner';
 import { ForbiddenError, NotFoundError } from '../error';
-import { ParishionerService } from './parishioner';
+import { createParishionerService } from './parishioner';
 
 describe('ParishionerService', () => {
   const repo = mock<IParishionerRepository>();
-  const service = new ParishionerService(repo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = createParishionerService(
+    repo,
+    publicStorage,
+    privateStorage,
+    logger,
+  );
 
   beforeEach(() => {
     vi.clearAllMocks();
   });
 
-  const mockParishioner: Parishioner = {
-    id: '1',
-    userId: 'user-1',
+  const mockParishioner: Parishioner = ParishionerEntity.parse({
+    id: v7(),
+    userId: v7(),
     email: null,
     avatarUrl: null,
     fullName: 'Budi Santoso',
@@ -29,25 +42,26 @@ describe('ParishionerService', () => {
     birthPlace: null,
     birthDate: null,
     gender: 'male',
-    educationLevel: 's1',
+    educationLevel: 'bachelor',
+    idCardNumber: null,
     idCardPhoto: null,
     createdAt: new Date(),
     updatedAt: new Date(),
     deletedAt: null,
-  };
+  });
 
   const adminCtx: AuthContext = {
-    userId: 'admin-1',
+    userId: v7(),
     roles: [UserRole.ParishAdmin],
     accountStatus: AccountStatus.Approved,
   };
   const userCtx: AuthContext = {
-    userId: 'user-1',
+    userId: v7(),
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
   const otherUserCtx: AuthContext = {
-    userId: 'user-2',
+    userId: v7(),
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
@@ -91,9 +105,10 @@ describe('ParishionerService', () => {
 
   describe('createForUser', () => {
     it('should create parishioner without AuthContext', async () => {
+      const userId = v7();
       repo.create.mockResolvedValue(mockParishioner);
       const [result, error] = await service.createForUser({
-        id: 'user-1',
+        id: userId,
         name: 'Budi Santoso',
         email: 'budi@example.com',
         image: 'https://example.com/avatar.png',
@@ -103,7 +118,7 @@ describe('ParishionerService', () => {
       expect(result).toEqual(mockParishioner);
       expect(repo.create).toHaveBeenCalledWith(
         expect.objectContaining({
-          userId: 'user-1',
+          userId: userId,
           fullName: 'Budi Santoso',
           email: 'budi@example.com',
           avatarUrl: 'https://example.com/avatar.png',
@@ -114,13 +129,14 @@ describe('ParishionerService', () => {
 
   describe('update', () => {
     it('should allow owner to update', async () => {
-      repo.findById.mockResolvedValue(mockParishioner);
+      const ownerParishioner = { ...mockParishioner, userId: userCtx.userId };
+      repo.findById.mockResolvedValue(ownerParishioner);
       repo.update.mockResolvedValue({
-        ...mockParishioner,
+        ...ownerParishioner,
         fullName: 'Budi Updated',
       });
       const [result, error] = await service.update(
-        '1',
+        ownerParishioner.id,
         { fullName: 'Budi Updated' },
         userCtx,
       );
diff --git a/packages/core/src/service/parishioner.ts b/packages/core/src/service/parishioner.ts
index 40b175d9..38a408d2 100644
--- a/packages/core/src/service/parishioner.ts
+++ b/packages/core/src/service/parishioner.ts
@@ -1,4 +1,7 @@
+import type { ILogger } from '../contract/logger';
 import type { IParishionerRepository } from '../contract/parishioner';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { OrgRole, UserRole } from '../entity/enums';
 import {
@@ -8,14 +11,19 @@ import {
   type ParishionerMembershipRequest,
   type UpdateParishioner,
 } from '../entity/parishioner';
-import { ForbiddenError, NotFoundError } from '../error';
+import { ForbiddenError, InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing parishioner data.
  */
 export class ParishionerService {
-  constructor(private readonly repo: IParishionerRepository) {}
+  constructor(
+    private readonly repo: IParishionerRepository,
+    private readonly publicStorage: IPublicStorage,
+    private readonly privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   /**
    * Retrieves a parishioner by their ID.
@@ -24,9 +32,17 @@ export class ParishionerService {
    * @returns `ok(parishioner)` if found, `fail(NotFoundError)` if not.
    */
   async findById(id: string): Promise<Result<Parishioner>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('Parishioner'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('Parishioner not found', { id });
+        return fail(new NotFoundError('Parishioner'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find parishioner', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -36,9 +52,20 @@ export class ParishionerService {
    * @returns `ok(parishioner)` if found, `fail(NotFoundError)` if not.
    */
   async findByUserId(userId: string): Promise<Result<Parishioner>> {
-    const data = await this.repo.findByUserId(userId);
-    if (!data) return fail(new NotFoundError('Parishioner'));
-    return ok(data);
+    try {
+      const data = await this.repo.findByUserId(userId);
+      if (!data) {
+        this.logger.info('Parishioner not found for user', { userId });
+        return fail(new NotFoundError('Parishioner'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find parishioner by user', {
+        userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -48,8 +75,16 @@ export class ParishionerService {
    * @returns `ok(parishioner)` if found, `ok(null)` if not.
    */
   async findByFullName(fullName: string): Promise<Result<Parishioner | null>> {
-    const data = await this.repo.findByFullName(fullName);
-    return ok(data);
+    try {
+      const data = await this.repo.findByFullName(fullName);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find parishioner by name', {
+        fullName,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -63,17 +98,34 @@ export class ParishionerService {
     data: CreateParishioner,
     ctx: AuthContext,
   ): Promise<Result<Parishioner>> {
-    // Permission check: adminParoki or higher can create parishioner
-    // Territorial admin can also create. For now, simple check.
-    if (
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      // Permission check: adminParoki or higher can create parishioner
+      // Territorial admin can also create. For now, simple check.
+      if (
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized parishioner creation attempt', {
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    const parishioner = await this.repo.create(data);
-    return ok(parishioner);
+      const parishioner = await this.repo.create(data);
+
+      this.logger.info('Parishioner record created', {
+        parishionerId: parishioner.id,
+        userId: ctx.userId,
+      });
+
+      return ok(parishioner);
+    } catch (error) {
+      this.logger.error('Failed to create parishioner', {
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -89,22 +141,29 @@ export class ParishionerService {
     email: string;
     image?: string | null;
   }): Promise<Result<Parishioner>> {
-    const data = CreateParishionerSchema.parse({
-      userId: user.id,
-      fullName: user.name,
-      email: user.email,
-      avatarUrl: user.image ?? null,
-      honorific: null,
-      suffix: null,
-      birthPlace: null,
-      birthDate: null,
-      gender: null,
-      educationLevel: null,
-      idCardPhoto: null,
-    });
-
-    const parishioner = await this.repo.create(data);
-    return ok(parishioner);
+    try {
+      const data: CreateParishioner = CreateParishionerSchema.parse({
+        userId: user.id,
+        fullName: user.name,
+        email: user.email,
+        avatarUrl: user.image,
+      });
+
+      const parishioner = await this.repo.create(data);
+
+      this.logger.info('Parishioner automatically created for user', {
+        parishionerId: parishioner.id,
+        userId: user.id,
+      });
+
+      return ok(parishioner);
+    } catch (error) {
+      this.logger.error('Failed to automatically create parishioner', {
+        userId: user.id,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -120,20 +179,45 @@ export class ParishionerService {
     data: UpdateParishioner,
     ctx: AuthContext,
   ): Promise<Result<Parishioner>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Parishioner'));
-
-    // Permission check: Owner of the record, or adminParoki/superAdmin
-    if (
-      ctx.userId !== existing.userId &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Parishioner not found for update', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Parishioner'));
+      }
+
+      // Permission check: Owner of the record, or adminParoki/superAdmin
+      if (
+        ctx.userId !== existing.userId &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized parishioner update attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      const updated = await this.repo.update(id, data);
+
+      this.logger.info('Parishioner updated', {
+        parishionerId: id,
+        userId: ctx.userId,
+      });
 
-    const updated = await this.repo.update(id, data);
-    return ok(updated);
+      return ok(updated);
+    } catch (error) {
+      this.logger.error('Failed to update parishioner', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -144,19 +228,74 @@ export class ParishionerService {
    * @returns `ok(void)` on success, `fail(CoreError)` on failure.
    */
   async delete(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Parishioner'));
-
-    // Permission check: Only adminParoki or superAdmin can delete
-    if (
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Parishioner not found for deletion', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Parishioner'));
+      }
+
+      // Permission check: Only adminParoki or superAdmin can delete
+      if (
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized parishioner deletion attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.delete(id);
 
-    await this.repo.delete(id);
-    return ok(undefined);
+      // File Purge: Delete associated photos
+      if (existing.idCardPhoto) {
+        try {
+          await this.privateStorage.delete(existing.idCardPhoto);
+        } catch (error) {
+          this.logger.warn(
+            'Failed to delete idCardPhoto during parishioner deletion',
+            {
+              id,
+              error,
+            },
+          );
+        }
+      }
+
+      if (existing.avatarUrl && !existing.avatarUrl.startsWith('http')) {
+        // Only delete if it's an internal path, not a public external URL
+        try {
+          await this.publicStorage.delete(existing.avatarUrl);
+        } catch (error) {
+          this.logger.warn(
+            'Failed to delete avatar during parishioner deletion',
+            {
+              id,
+              error,
+            },
+          );
+        }
+      }
+
+      this.logger.info('Parishioner deleted', {
+        parishionerId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete parishioner', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -170,26 +309,46 @@ export class ParishionerService {
     ctx: AuthContext,
     limit: number,
   ): Promise<Result<ParishionerMembershipRequest[]>> {
-    // If SuperAdmin, we might want to see all.
-    // For now, follow the requirement to filter by organizations where user has admin/owner role.
-    const managedOrgIds = Object.entries(ctx.orgRoles || {})
-      .filter(([_, role]) => role === OrgRole.Admin || role === OrgRole.Owner)
-      .map(([id]) => id);
-
-    // If SuperAdmin, they should see all even if not explicitly in orgRole?
-    // In this system, permissions are often scoped.
-    // Let's stick to managedOrgIds for now as requested.
-
-    if (
-      managedOrgIds.length === 0 &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return ok([]);
-    }
+    try {
+      // If SuperAdmin, we might want to see all.
+      // For now, follow the requirement to filter by organizations where user has admin/owner role.
+      const managedOrgIds = Object.entries(ctx.orgRoles || {})
+        .filter(([_, role]) => role === OrgRole.Admin || role === OrgRole.Owner)
+        .map(([id]) => id);
+
+      if (
+        managedOrgIds.length === 0 &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        return ok([]);
+      }
 
-    // Note: If SuperAdmin and managedOrgIds is empty, we still need a way to fetch "all".
-    // For the sake of this task, we assume the repository method will be called with available IDs.
-    const requests = await this.repo.findPendingRequests(managedOrgIds, limit);
-    return ok(requests);
+      const requests = await this.repo.findPendingRequests(
+        managedOrgIds,
+        limit,
+      );
+      return ok(requests);
+    } catch (error) {
+      this.logger.error('Failed to get pending verification requests', {
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
+
+/**
+ * Factory function to create a new instance of ParishionerService.
+ *
+ * @param repo - The parishioner repository implementation.
+ * @returns A new ParishionerService instance.
+ */
+export function createParishionerService(
+  repo: IParishionerRepository,
+  publicStorage: IPublicStorage,
+  privateStorage: IPrivateStorage,
+  logger: ILogger,
+): ParishionerService {
+  return new ParishionerService(repo, publicStorage, privateStorage, logger);
+}
diff --git a/packages/core/src/service/placement.ts b/packages/core/src/service/placement.ts
index 903ade93..9884ef80 100644
--- a/packages/core/src/service/placement.ts
+++ b/packages/core/src/service/placement.ts
@@ -1,40 +1,88 @@
+import type { ILogger } from '../contract/logger';
 import type { IPlacementRepository } from '../contract/placement';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { Placement } from '../entity/placement';
-import { NotFoundError } from '../error';
+import { InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing parishioner placements.
  */
 export class PlacementService {
-  constructor(private readonly repo: IPlacementRepository) {}
+  constructor(
+    private readonly repo: IPlacementRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   async findById(id: string): Promise<Result<Placement>> {
-    const placement = await this.repo.findById(id);
-    if (!placement) return fail(new NotFoundError('Placement'));
-    return ok(placement);
+    try {
+      const placement = await this.repo.findById(id);
+      if (!placement) {
+        this.logger.info('Placement not found', { id });
+        return fail(new NotFoundError('Placement'));
+      }
+      return ok(placement);
+    } catch (error) {
+      this.logger.error('Failed to find placement by id', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   async findByEnrollmentId(enrollmentId: string): Promise<Result<Placement[]>> {
-    const placements = await this.repo.findByEnrollmentId(enrollmentId);
-    return ok(placements);
+    try {
+      const placements = await this.repo.findByEnrollmentId(enrollmentId);
+      return ok(placements);
+    } catch (error) {
+      this.logger.error('Failed to find placements by enrollment', {
+        enrollmentId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   async findByTermId(termId: string): Promise<Result<Placement[]>> {
-    const placements = await this.repo.findByTermId(termId);
-    return ok(placements);
+    try {
+      const placements = await this.repo.findByTermId(termId);
+      return ok(placements);
+    } catch (error) {
+      this.logger.error('Failed to find placements by term', { termId, error });
+      return fail(new InternalError(error));
+    }
   }
 
   async findByUnitId(unitId: string): Promise<Result<Placement[]>> {
-    const placements = await this.repo.findByUnitId(unitId);
-    return ok(placements);
+    try {
+      const placements = await this.repo.findByUnitId(unitId);
+      return ok(placements);
+    } catch (error) {
+      this.logger.error('Failed to find placements by unit', { unitId, error });
+      return fail(new InternalError(error));
+    }
   }
 
   async create(
     placement: Omit<Placement, 'id' | 'createdAt' | 'updatedAt' | 'deletedAt'>,
   ): Promise<Result<Placement>> {
-    const result = await this.repo.create(placement);
-    return ok(result);
+    try {
+      const result = await this.repo.create(placement);
+      this.logger.info('Placement created', {
+        placementId: result.id,
+        enrollmentId: result.enrollmentId,
+        unitId: result.unitId,
+      });
+      return ok(result);
+    } catch (error) {
+      this.logger.error('Failed to create placement', {
+        enrollmentId: placement.enrollmentId,
+        unitId: placement.unitId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   async update(
@@ -46,12 +94,30 @@ export class PlacementService {
       >
     >,
   ): Promise<Result<Placement>> {
-    const result = await this.repo.update(id, placement);
-    return ok(result);
+    try {
+      const result = await this.repo.update(id, placement);
+      this.logger.info('Placement updated', { placementId: id });
+      return ok(result);
+    } catch (error) {
+      this.logger.error('Failed to update placement', {
+        placementId: id,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   async delete(id: string): Promise<Result<void>> {
-    await this.repo.delete(id);
-    return ok(undefined);
+    try {
+      await this.repo.delete(id);
+      this.logger.info('Placement deleted', { placementId: id });
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete placement', {
+        placementId: id,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/rsvp.spec.ts b/packages/core/src/service/rsvp.spec.ts
index d24c602e..c1aaa752 100644
--- a/packages/core/src/service/rsvp.spec.ts
+++ b/packages/core/src/service/rsvp.spec.ts
@@ -1,7 +1,11 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
 import type { IEventRepository } from '../contract/event';
+import type { ILogger } from '../contract/logger';
 import type { IRsvpRepository } from '../contract/rsvp';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import { AccountStatus, RsvpStatus, UserRole } from '../entity/enums';
 import type { Event } from '../entity/event';
@@ -12,22 +16,36 @@ import { RsvpService } from './rsvp';
 describe('RsvpService', () => {
   const repo = mock<IRsvpRepository>();
   const eventRepo = mock<IEventRepository>();
-  const service = new RsvpService(repo, eventRepo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new RsvpService(
+    repo,
+    eventRepo,
+    publicStorage,
+    privateStorage,
+    logger,
+  );
+
+  const eventId = v7();
+  const rsvpId = v7();
+  const parishionerId = v7();
+  const userId = v7();
 
   const mockEvent = {
-    id: 'event-1',
+    id: eventId,
     isRsvpEnabled: true,
   };
 
   const mockRsvp = {
-    id: 'rsvp-1',
-    eventId: 'event-1',
-    parishionerId: 'p-1',
+    id: rsvpId,
+    eventId: eventId,
+    parishionerId: parishionerId,
     status: RsvpStatus.Attending,
   };
 
   const ctx: AuthContext = {
-    userId: 'user-1',
+    userId: userId,
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
   };
@@ -40,8 +58,8 @@ describe('RsvpService', () => {
 
       const [_result, error] = await service.submit(
         {
-          eventId: 'event-1',
-          parishionerId: 'p-1',
+          eventId: eventId,
+          parishionerId: parishionerId,
           status: RsvpStatus.Attending,
         },
         ctx,
@@ -63,8 +81,8 @@ describe('RsvpService', () => {
 
       const [_result, error] = await service.submit(
         {
-          eventId: 'event-1',
-          parishionerId: 'p-1',
+          eventId: eventId,
+          parishionerId: parishionerId,
           status: RsvpStatus.Maybe,
         },
         ctx,
@@ -81,8 +99,8 @@ describe('RsvpService', () => {
       } as unknown as Event);
       const [_result, error] = await service.submit(
         {
-          eventId: 'event-1',
-          parishionerId: 'p-1',
+          eventId: eventId,
+          parishionerId: parishionerId,
           status: RsvpStatus.Attending,
         },
         ctx,
diff --git a/packages/core/src/service/rsvp.ts b/packages/core/src/service/rsvp.ts
index 82a25fcb..c7818092 100644
--- a/packages/core/src/service/rsvp.ts
+++ b/packages/core/src/service/rsvp.ts
@@ -1,8 +1,11 @@
 import type { IEventRepository } from '../contract/event';
+import type { ILogger } from '../contract/logger';
 import type { IRsvpRepository } from '../contract/rsvp';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { AuthContext } from '../entity/auth-context';
 import type { CreateRsvp, Rsvp } from '../entity/rsvp';
-import { ForbiddenError, NotFoundError } from '../error';
+import { ForbiddenError, InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
@@ -12,23 +15,39 @@ export class RsvpService {
   constructor(
     private readonly repo: IRsvpRepository,
     private readonly eventRepo: IEventRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
   ) {}
 
   /**
    * Retrieves an RSVP record by its ID.
    */
   async findById(id: string): Promise<Result<Rsvp>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('RSVP'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('RSVP not found', { id });
+        return fail(new NotFoundError('RSVP'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find RSVP', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Retrieves all RSVP records for a specific event.
    */
   async findByEventId(eventId: string): Promise<Result<Rsvp[]>> {
-    const data = await this.repo.findByEventId(eventId);
-    return ok(data);
+    try {
+      const data = await this.repo.findByEventId(eventId);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find RSVPs for event', { eventId, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -38,53 +57,116 @@ export class RsvpService {
     eventId: string,
     parishionerId: string,
   ): Promise<Result<Rsvp>> {
-    const data = await this.repo.findByEventAndParishioner(
-      eventId,
-      parishionerId,
-    );
-    if (!data) return fail(new NotFoundError('RSVP'));
-    return ok(data);
+    try {
+      const data = await this.repo.findByEventAndParishioner(
+        eventId,
+        parishionerId,
+      );
+      if (!data) {
+        this.logger.info('RSVP not found for event and parishioner', {
+          eventId,
+          parishionerId,
+        });
+        return fail(new NotFoundError('RSVP'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find RSVP for event and parishioner', {
+        eventId,
+        parishionerId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Submits an RSVP for an event.
    */
   async submit(data: CreateRsvp, _ctx: AuthContext): Promise<Result<Rsvp>> {
-    const event = await this.eventRepo.findById(data.eventId);
-    if (!event) return fail(new NotFoundError('Event'));
+    try {
+      const event = await this.eventRepo.findById(data.eventId);
+      if (!event) {
+        this.logger.info('RSVP submission failed: Event not found', {
+          eventId: data.eventId,
+          parishionerId: data.parishionerId,
+        });
+        return fail(new NotFoundError('Event'));
+      }
+
+      if (!event.isRsvpEnabled) {
+        this.logger.info('RSVP submission failed: RSVP disabled for event', {
+          eventId: data.eventId,
+          parishionerId: data.parishionerId,
+        });
+        return fail(
+          new ForbiddenError('RSVP belum diaktifkan untuk kegiatan ini'),
+        );
+      }
 
-    if (!event.isRsvpEnabled) {
-      return fail(
-        new ForbiddenError('RSVP belum diaktifkan untuk kegiatan ini'),
+      const existing = await this.repo.findByEventAndParishioner(
+        data.eventId,
+        data.parishionerId,
       );
-    }
+      if (existing) {
+        const updated = await this.repo.update(existing.id, {
+          status: data.status,
+        });
+        this.logger.info('RSVP updated', {
+          rsvpId: existing.id,
+          eventId: data.eventId,
+          parishionerId: data.parishionerId,
+          status: data.status,
+        });
+        return ok(updated);
+      }
+
+      const rsvp = await this.repo.create(data);
 
-    const existing = await this.repo.findByEventAndParishioner(
-      data.eventId,
-      data.parishionerId,
-    );
-    if (existing) {
-      const updated = await this.repo.update(existing.id, {
+      this.logger.info('RSVP submitted', {
+        rsvpId: rsvp.id,
+        eventId: data.eventId,
+        parishionerId: data.parishionerId,
         status: data.status,
       });
-      return ok(updated);
-    }
 
-    const rsvp = await this.repo.create(data);
-    return ok(rsvp);
+      return ok(rsvp);
+    } catch (error) {
+      this.logger.error('Failed to submit RSVP', {
+        eventId: data.eventId,
+        parishionerId: data.parishionerId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Soft deletes an RSVP record.
    */
   async delete(id: string, _ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('RSVP'));
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('RSVP not found for deletion', { id });
+        return fail(new NotFoundError('RSVP'));
+      }
+
+      // Basic permission check: User can delete their own RSVP
+      // (In real app, verify parishionerId correlates to ctx.userId)
 
-    // Basic permission check: User can delete their own RSVP
-    // (In real app, verify parishionerId correlates to ctx.userId)
+      await this.repo.delete(id);
 
-    await this.repo.delete(id);
-    return ok(undefined);
+      this.logger.info('RSVP deleted', {
+        rsvpId: id,
+        eventId: existing.eventId,
+        parishionerId: existing.parishionerId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete RSVP', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/term.ts b/packages/core/src/service/term.ts
index 0a49b7a5..17866cbd 100644
--- a/packages/core/src/service/term.ts
+++ b/packages/core/src/service/term.ts
@@ -1,30 +1,66 @@
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { ITermRepository } from '../contract/term';
 import type { Term } from '../entity/term';
-import { NotFoundError } from '../error';
+import { InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing organizational terms.
  */
 export class TermService {
-  constructor(private readonly repo: ITermRepository) {}
+  constructor(
+    private readonly repo: ITermRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   async findById(id: string): Promise<Result<Term>> {
-    const term = await this.repo.findById(id);
-    if (!term) return fail(new NotFoundError('Term'));
-    return ok(term);
+    try {
+      const term = await this.repo.findById(id);
+      if (!term) {
+        this.logger.info('Term not found', { id });
+        return fail(new NotFoundError('Term'));
+      }
+      return ok(term);
+    } catch (error) {
+      this.logger.error('Failed to find term by id', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   async findByOrganizationId(organizationId: string): Promise<Result<Term[]>> {
-    const terms = await this.repo.findByOrganizationId(organizationId);
-    return ok(terms);
+    try {
+      const terms = await this.repo.findByOrganizationId(organizationId);
+      return ok(terms);
+    } catch (error) {
+      this.logger.error('Failed to find terms by organization', {
+        organizationId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   async create(
     term: Omit<Term, 'id' | 'createdAt' | 'updatedAt' | 'deletedAt'>,
   ): Promise<Result<Term>> {
-    const result = await this.repo.create(term);
-    return ok(result);
+    try {
+      const result = await this.repo.create(term);
+      this.logger.info('Term created', {
+        termId: result.id,
+        organizationId: result.organizationId,
+      });
+      return ok(result);
+    } catch (error) {
+      this.logger.error('Failed to create term', {
+        organizationId: term.organizationId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   async update(
@@ -36,12 +72,24 @@ export class TermService {
       >
     >,
   ): Promise<Result<Term>> {
-    const result = await this.repo.update(id, term);
-    return ok(result);
+    try {
+      const result = await this.repo.update(id, term);
+      this.logger.info('Term updated', { termId: id });
+      return ok(result);
+    } catch (error) {
+      this.logger.error('Failed to update term', { termId: id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   async delete(id: string): Promise<Result<void>> {
-    await this.repo.delete(id);
-    return ok(undefined);
+    try {
+      await this.repo.delete(id);
+      this.logger.info('Term deleted', { termId: id });
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete term', { termId: id, error });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/transaction.spec.ts b/packages/core/src/service/transaction.spec.ts
index ecc0ce76..0bdc54b3 100644
--- a/packages/core/src/service/transaction.spec.ts
+++ b/packages/core/src/service/transaction.spec.ts
@@ -1,6 +1,10 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
 import type { IFinancialPeriodRepository } from '../contract/financial-period';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { ITransactionRepository } from '../contract/transaction';
 import type { AuthContext } from '../entity/auth-context';
 import {
@@ -17,10 +21,25 @@ import { TransactionService } from './transaction';
 describe('TransactionService', () => {
   const repo = mock<ITransactionRepository>();
   const periodRepo = mock<IFinancialPeriodRepository>();
-  const service = new TransactionService(repo, periodRepo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new TransactionService(
+    repo,
+    periodRepo,
+    publicStorage,
+    privateStorage,
+    logger,
+  );
+
+  const periodId = v7();
+  const catId = v7();
+  const transId = v7();
+  const bendaharaId = v7();
+  const userId = v7();
 
   const mockPeriod = {
-    id: 'p-1',
+    id: periodId,
     month: 1,
     year: 2026,
     status: PeriodStatus.Open,
@@ -36,24 +55,24 @@ describe('TransactionService', () => {
   };
 
   const mockTransaction = {
-    id: 't-1',
-    periodId: 'p-1',
-    categoryId: 'cat-1',
+    id: transId,
+    periodId: periodId,
+    categoryId: catId,
     type: TransactionType.Income,
     amount: 100000,
     description: 'Donasi',
     date: new Date(),
-    createdBy: 'ben-1',
+    createdBy: bendaharaId,
   };
 
   const bendaharaCtx: AuthContext = {
-    userId: 'ben-1',
+    userId: bendaharaId,
     accountStatus: AccountStatus.Approved,
     orgRoles: {},
     roles: [UserRole.Treasurer],
   };
   const _userCtx: AuthContext = {
-    userId: 'user-1',
+    userId: userId,
     roles: [UserRole.Parishioner],
     accountStatus: AccountStatus.Approved,
     orgRoles: {},
@@ -68,8 +87,8 @@ describe('TransactionService', () => {
 
       const [, error] = await service.create(
         {
-          periodId: 'p-1',
-          categoryId: 'cat-1',
+          periodId: periodId,
+          categoryId: catId,
           type: TransactionType.Income,
           amount: 100000,
           description: 'Donasi',
@@ -86,8 +105,8 @@ describe('TransactionService', () => {
       periodRepo.findById.mockResolvedValue(mockLockedPeriod);
       const [, error] = await service.create(
         {
-          periodId: 'p-1',
-          categoryId: 'cat-1',
+          periodId: periodId,
+          categoryId: catId,
           type: TransactionType.Income,
           amount: 1000,
           description: 'Donasi',
diff --git a/packages/core/src/service/transaction.ts b/packages/core/src/service/transaction.ts
index a92aad39..5f4a6acc 100644
--- a/packages/core/src/service/transaction.ts
+++ b/packages/core/src/service/transaction.ts
@@ -1,4 +1,7 @@
 import type { IFinancialPeriodRepository } from '../contract/financial-period';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { ITransactionRepository } from '../contract/transaction';
 import type { AuthContext } from '../entity/auth-context';
 import { PeriodStatus, UserRole } from '../entity/enums';
@@ -7,7 +10,12 @@ import type {
   Transaction,
   UpdateTransaction,
 } from '../entity/transaction';
-import { ForbiddenError, NotFoundError, ValidationError } from '../error';
+import {
+  ForbiddenError,
+  InternalError,
+  NotFoundError,
+  ValidationError,
+} from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
@@ -17,23 +25,42 @@ export class TransactionService {
   constructor(
     private readonly repo: ITransactionRepository,
     private readonly periodRepo: IFinancialPeriodRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
   ) {}
 
   /**
    * Retrieves a transaction by its ID.
    */
   async findById(id: string): Promise<Result<Transaction>> {
-    const data = await this.repo.findById(id);
-    if (!data) return fail(new NotFoundError('Transaction'));
-    return ok(data);
+    try {
+      const data = await this.repo.findById(id);
+      if (!data) {
+        this.logger.info('Transaction not found', { id });
+        return fail(new NotFoundError('Transaction'));
+      }
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find transaction by id', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
    * Retrieves transactions for a specific financial period.
    */
   async findByPeriodId(periodId: string): Promise<Result<Transaction[]>> {
-    const data = await this.repo.findByPeriodId(periodId);
-    return ok(data);
+    try {
+      const data = await this.repo.findByPeriodId(periodId);
+      return ok(data);
+    } catch (error) {
+      this.logger.error('Failed to find transactions by period', {
+        periodId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -44,29 +71,57 @@ export class TransactionService {
     data: CreateTransaction,
     ctx: AuthContext,
   ): Promise<Result<Transaction>> {
-    const period = await this.periodRepo.findById(data.periodId);
-    if (!period) return fail(new NotFoundError('Financial Period'));
+    try {
+      const period = await this.periodRepo.findById(data.periodId);
+      if (!period) {
+        this.logger.info('Transaction creation failed: Period not found', {
+          periodId: data.periodId,
+        });
+        return fail(new NotFoundError('Financial Period'));
+      }
 
-    if (period.status === PeriodStatus.Locked) {
-      return fail(
-        new ValidationError('Cannot add transaction to a locked period'),
-      );
-    }
+      if (period.status === PeriodStatus.Locked) {
+        this.logger.info('Transaction creation failed: Period locked', {
+          periodId: data.periodId,
+        });
+        return fail(
+          new ValidationError('Cannot add transaction to a locked period'),
+        );
+      }
 
-    // Permission check: Bendahara, adminParoki, superAdmin
-    if (
-      !ctx.roles.includes(UserRole.Treasurer) &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+      // Permission check: Bendahara, adminParoki, superAdmin
+      if (
+        !ctx.roles.includes(UserRole.Treasurer) &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized transaction creation attempt', {
+          userId: ctx.userId,
+          periodId: data.periodId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      const transaction = await this.repo.create({
+        ...data,
+        createdBy: ctx.userId,
+      });
 
-    const transaction = await this.repo.create({
-      ...data,
-      createdBy: ctx.userId,
-    });
-    return ok(transaction);
+      this.logger.info('Transaction created', {
+        transactionId: transaction.id,
+        periodId: data.periodId,
+        userId: ctx.userId,
+      });
+
+      return ok(transaction);
+    } catch (error) {
+      this.logger.error('Failed to create transaction', {
+        periodId: data.periodId,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -78,30 +133,60 @@ export class TransactionService {
     data: UpdateTransaction,
     ctx: AuthContext,
   ): Promise<Result<Transaction>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Transaction'));
-
-    const period = await this.periodRepo.findById(existing.periodId);
-    if (period?.status === PeriodStatus.Locked) {
-      return fail(
-        new ValidationError('Cannot update transaction in a locked period'),
-      );
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Transaction not found for update', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Transaction'));
+      }
 
-    // Permission check: Bendahara, adminParoki, superAdmin
-    if (
-      !ctx.roles.includes(UserRole.Treasurer) &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+      const period = await this.periodRepo.findById(existing.periodId);
+      if (period?.status === PeriodStatus.Locked) {
+        this.logger.info('Transaction update failed: Period locked', {
+          id,
+          periodId: existing.periodId,
+          userId: ctx.userId,
+        });
+        return fail(
+          new ValidationError('Cannot update transaction in a locked period'),
+        );
+      }
+
+      // Permission check: Bendahara, adminParoki, superAdmin
+      if (
+        !ctx.roles.includes(UserRole.Treasurer) &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized transaction update attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
 
-    const updated = await this.repo.update(id, {
-      ...data,
-      updatedBy: ctx.userId,
-    });
-    return ok(updated);
+      const updated = await this.repo.update(id, {
+        ...data,
+        updatedBy: ctx.userId,
+      });
+
+      this.logger.info('Transaction updated', {
+        transactionId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(updated);
+    } catch (error) {
+      this.logger.error('Failed to update transaction', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -109,25 +194,55 @@ export class TransactionService {
    * Fails if the period is locked.
    */
   async delete(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Transaction'));
-
-    const period = await this.periodRepo.findById(existing.periodId);
-    if (period?.status === PeriodStatus.Locked) {
-      return fail(
-        new ValidationError('Cannot delete transaction in a locked period'),
-      );
-    }
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Transaction not found for deletion', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Transaction'));
+      }
 
-    if (
-      !ctx.roles.includes(UserRole.Treasurer) &&
-      !ctx.roles.includes(UserRole.ParishAdmin) &&
-      !ctx.roles.includes(UserRole.SuperAdmin)
-    ) {
-      return fail(new ForbiddenError());
-    }
+      const period = await this.periodRepo.findById(existing.periodId);
+      if (period?.status === PeriodStatus.Locked) {
+        this.logger.info('Transaction deletion failed: Period locked', {
+          id,
+          periodId: existing.periodId,
+          userId: ctx.userId,
+        });
+        return fail(
+          new ValidationError('Cannot delete transaction in a locked period'),
+        );
+      }
 
-    await this.repo.delete(id);
-    return ok(undefined);
+      if (
+        !ctx.roles.includes(UserRole.Treasurer) &&
+        !ctx.roles.includes(UserRole.ParishAdmin) &&
+        !ctx.roles.includes(UserRole.SuperAdmin)
+      ) {
+        this.logger.info('Unauthorized transaction deletion attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.delete(id);
+
+      this.logger.info('Transaction deleted', {
+        transactionId: id,
+        userId: ctx.userId,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete transaction', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 }
diff --git a/packages/core/src/service/unit.spec.ts b/packages/core/src/service/unit.spec.ts
index d3c40100..5a3b8986 100644
--- a/packages/core/src/service/unit.spec.ts
+++ b/packages/core/src/service/unit.spec.ts
@@ -1,5 +1,9 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { IUnitRepository } from '../contract/unit';
 import { OrgRole, UserRole } from '../entity/enums';
 import { ForbiddenError, NotFoundError } from '../error';
@@ -7,18 +11,25 @@ import { UnitService } from './unit';
 
 describe('UnitService', () => {
   const repo = mock<IUnitRepository>();
-  const service = new UnitService(repo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new UnitService(repo, publicStorage, privateStorage, logger);
+
+  const unitId = v7();
+  const orgId = v7();
+  const userId = v7();
 
   const mockCtx = {
-    userId: 'user-1',
+    userId: userId,
     accountStatus: 'approved' as const,
     roles: [UserRole.Parishioner],
-    orgRoles: { 'org-1': OrgRole.Admin },
+    orgRoles: { [orgId]: OrgRole.Admin },
   };
 
   const mockUnit = {
-    id: 'unit-1',
-    organizationId: 'org-1',
+    id: unitId,
+    organizationId: orgId,
     name: 'Unit 1',
     description: 'Description 1',
     position: 0,
@@ -30,14 +41,14 @@ describe('UnitService', () => {
   describe('findById', () => {
     it('should return unit when found', async () => {
       repo.findById.mockResolvedValue(mockUnit);
-      const [result, error] = await service.findById('unit-1');
+      const [result, error] = await service.findById(unitId);
       expect(error).toBeNull();
       expect(result).toEqual(mockUnit);
     });
 
     it('should return NotFoundError when not found', async () => {
       repo.findById.mockResolvedValue(null);
-      const [result, error] = await service.findById('999');
+      const [result, error] = await service.findById(v7());
       expect(result).toBeNull();
       expect(error).toBeInstanceOf(NotFoundError);
     });
@@ -48,7 +59,7 @@ describe('UnitService', () => {
       repo.create.mockResolvedValue(mockUnit);
       const [result, error] = await service.create(
         {
-          organizationId: 'org-1',
+          organizationId: orgId,
           name: 'New Unit',
           description: null,
           position: 0,
@@ -62,7 +73,7 @@ describe('UnitService', () => {
     it('should fail when user has no permission', async () => {
       const [result, error] = await service.create(
         {
-          organizationId: 'other-org',
+          organizationId: v7(),
           name: 'New Unit',
           description: null,
           position: 0,
@@ -78,7 +89,7 @@ describe('UnitService', () => {
       repo.create.mockResolvedValue(mockUnit);
       const [result, error] = await service.create(
         {
-          organizationId: 'other-org',
+          organizationId: v7(),
           name: 'New Unit',
           description: null,
           position: 0,
@@ -92,12 +103,12 @@ describe('UnitService', () => {
 
   describe('update', () => {
     it('should update unit when user is org owner', async () => {
-      const ownerCtx = { ...mockCtx, orgRoles: { 'org-1': OrgRole.Owner } };
+      const ownerCtx = { ...mockCtx, orgRoles: { [orgId]: OrgRole.Owner } };
       repo.findById.mockResolvedValue(mockUnit);
       repo.update.mockResolvedValue({ ...mockUnit, name: 'Updated' });
 
       const [result, error] = await service.update(
-        'unit-1',
+        unitId,
         { name: 'Updated' },
         ownerCtx,
       );
@@ -106,9 +117,9 @@ describe('UnitService', () => {
     });
 
     it('should fail update when user has no permission', async () => {
-      repo.findById.mockResolvedValue({ ...mockUnit, organizationId: 'org-2' });
+      repo.findById.mockResolvedValue({ ...mockUnit, organizationId: v7() });
       const [result, error] = await service.update(
-        'unit-1',
+        unitId,
         { name: 'Updated' },
         mockCtx,
       );
@@ -119,12 +130,14 @@ describe('UnitService', () => {
 
   describe('reorder', () => {
     it('should reorder units successfully', async () => {
+      const u1Id = v7();
+      const u2Id = v7();
       const [_result, error] = await service.reorder(
-        'org-1',
+        orgId,
         {
           units: [
-            { id: 'u1', position: 1 },
-            { id: 'u2', position: 2 },
+            { id: u1Id, position: 1 },
+            { id: u2Id, position: 2 },
           ],
         },
         mockCtx,
@@ -137,9 +150,9 @@ describe('UnitService', () => {
   describe('delete', () => {
     it('should soft delete unit', async () => {
       repo.findById.mockResolvedValue(mockUnit);
-      const [_result, error] = await service.delete('unit-1', mockCtx);
+      const [_result, error] = await service.delete(unitId, mockCtx);
       expect(error).toBeNull();
-      expect(repo.delete).toHaveBeenCalledWith('unit-1');
+      expect(repo.delete).toHaveBeenCalledWith(unitId);
     });
   });
 });
diff --git a/packages/core/src/service/unit.ts b/packages/core/src/service/unit.ts
index 5c73aec4..29955ad2 100644
--- a/packages/core/src/service/unit.ts
+++ b/packages/core/src/service/unit.ts
@@ -1,3 +1,6 @@
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { IUnitRepository } from '../contract/unit';
 import type { AuthContext } from '../entity/auth-context';
 import { OrgRole, UserRole } from '../entity/enums';
@@ -7,14 +10,19 @@ import type {
   Unit,
   UpdateUnit,
 } from '../entity/unit';
-import { ForbiddenError, NotFoundError } from '../error';
+import { ForbiddenError, InternalError, NotFoundError } from '../error';
 import { fail, ok, type Result } from '../utils/result';
 
 /**
  * Service for managing organizational units.
  */
 export class UnitService {
-  constructor(private readonly repo: IUnitRepository) {}
+  constructor(
+    private readonly repo: IUnitRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   /**
    * Retrieves a unit by its unique identifier.
@@ -23,9 +31,17 @@ export class UnitService {
    * @returns `ok(unit)` if found, `fail(NotFoundError)` if not.
    */
   async findById(id: string): Promise<Result<Unit>> {
-    const unit = await this.repo.findById(id);
-    if (!unit) return fail(new NotFoundError('Unit'));
-    return ok(unit);
+    try {
+      const unit = await this.repo.findById(id);
+      if (!unit) {
+        this.logger.info('Unit not found', { id });
+        return fail(new NotFoundError('Unit'));
+      }
+      return ok(unit);
+    } catch (error) {
+      this.logger.error('Failed to find unit by id', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -35,8 +51,16 @@ export class UnitService {
    * @returns `ok(units)` sorted by position.
    */
   async findByOrganizationId(organizationId: string): Promise<Result<Unit[]>> {
-    const units = await this.repo.findByOrganizationId(organizationId);
-    return ok(units);
+    try {
+      const units = await this.repo.findByOrganizationId(organizationId);
+      return ok(units);
+    } catch (error) {
+      this.logger.error('Failed to find units by organization', {
+        organizationId,
+        error,
+      });
+      return fail(new InternalError(error));
+    }
   }
 
   /**
@@ -47,13 +71,33 @@ export class UnitService {
    * @returns `ok(unit)` on success, `fail(CoreError)` on failure.
    */
   async create(data: CreateUnit, ctx: AuthContext): Promise<Result<Unit>> {
-    // Permission check: Global Admin or Org Admin/Owner
-    if (!this.canManage(data.organizationId, ctx)) {
-      return fail(new ForbiddenError());
+    try {
+      // Permission check: Global Admin or Org Admin/Owner
+      if (!this.canManage(data.organizationId, ctx)) {
+        this.logger.info('Unauthorized unit creation attempt', {
+          userId: ctx.userId,
+          organizationId: data.organizationId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      const unit = await this.repo.create(data);
+
+      this.logger.info('Unit created', {
+        unitId: unit.id,
+        organizationId: data.organizationId,
+        userId: ctx.userId,
+      });
+
+      return ok(unit);
+    } catch (error) {
+      this.logger.error('Failed to create unit', {
+        organizationId: data.organizationId,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
     }
-
-    const unit = await this.repo.create(data);
-    return ok(unit);
   }
 
   /**
@@ -69,16 +113,38 @@ export class UnitService {
     data: UpdateUnit,
     ctx: AuthContext,
   ): Promise<Result<Unit>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Unit'));
-
-    // Permission check: Global Admin or Org Admin/Owner
-    if (!this.canManage(existing.organizationId, ctx)) {
-      return fail(new ForbiddenError());
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Unit not found for update', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Unit'));
+      }
+
+      // Permission check: Global Admin or Org Admin/Owner
+      if (!this.canManage(existing.organizationId, ctx)) {
+        this.logger.info('Unauthorized unit update attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      const updated = await this.repo.update(id, data);
+
+      this.logger.info('Unit updated', { unitId: id, userId: ctx.userId });
+
+      return ok(updated);
+    } catch (error) {
+      this.logger.error('Failed to update unit', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
     }
-
-    const updated = await this.repo.update(id, data);
-    return ok(updated);
   }
 
   /**
@@ -94,13 +160,33 @@ export class UnitService {
     data: ReorderUnits,
     ctx: AuthContext,
   ): Promise<Result<void>> {
-    // Permission check: Global Admin or Org Admin/Owner
-    if (!this.canManage(organizationId, ctx)) {
-      return fail(new ForbiddenError());
+    try {
+      // Permission check: Global Admin or Org Admin/Owner
+      if (!this.canManage(organizationId, ctx)) {
+        this.logger.info('Unauthorized unit reorder attempt', {
+          organizationId,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.reorder(data.units);
+
+      this.logger.info('Units reordered', {
+        organizationId,
+        userId: ctx.userId,
+        count: data.units.length,
+      });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to reorder units', {
+        organizationId,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
     }
-
-    await this.repo.reorder(data.units);
-    return ok(undefined);
   }
 
   /**
@@ -111,16 +197,38 @@ export class UnitService {
    * @returns `ok(void)` on success, `fail(CoreError)` on failure.
    */
   async delete(id: string, ctx: AuthContext): Promise<Result<void>> {
-    const existing = await this.repo.findById(id);
-    if (!existing) return fail(new NotFoundError('Unit'));
-
-    // Permission check: Global Admin or Org Admin/Owner
-    if (!this.canManage(existing.organizationId, ctx)) {
-      return fail(new ForbiddenError());
+    try {
+      const existing = await this.repo.findById(id);
+      if (!existing) {
+        this.logger.info('Unit not found for deletion', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new NotFoundError('Unit'));
+      }
+
+      // Permission check: Global Admin or Org Admin/Owner
+      if (!this.canManage(existing.organizationId, ctx)) {
+        this.logger.info('Unauthorized unit deletion attempt', {
+          id,
+          userId: ctx.userId,
+        });
+        return fail(new ForbiddenError());
+      }
+
+      await this.repo.delete(id);
+
+      this.logger.info('Unit deleted', { unitId: id, userId: ctx.userId });
+
+      return ok(undefined);
+    } catch (error) {
+      this.logger.error('Failed to delete unit', {
+        id,
+        userId: ctx.userId,
+        error,
+      });
+      return fail(new InternalError(error));
     }
-
-    await this.repo.delete(id);
-    return ok(undefined);
   }
 
   /**
diff --git a/packages/core/src/service/user.spec.ts b/packages/core/src/service/user.spec.ts
index 375ad3ab..1c8423a7 100644
--- a/packages/core/src/service/user.spec.ts
+++ b/packages/core/src/service/user.spec.ts
@@ -1,19 +1,28 @@
+import { v7 } from 'uuid';
 import { describe, expect, it } from 'vitest';
 import { mock } from 'vitest-mock-extended';
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { IUserRepository } from '../contract/user';
+import type { User } from '../entity';
 import { AccountStatus, UserRole } from '../entity/enums';
-import type { User } from '../entity/user';
 import { NotFoundError } from '../error';
 import { UserService } from './user';
 
 describe('UserService', () => {
   const repo = mock<IUserRepository>();
-  const service = new UserService(repo);
+  const publicStorage = mock<IPublicStorage>();
+  const privateStorage = mock<IPrivateStorage>();
+  const logger = mock<ILogger>();
+  const service = new UserService(repo, publicStorage, privateStorage, logger);
+
+  const userId = v7();
 
   describe('findByEmail', () => {
     it('should return user when found', async () => {
       const mockUser: User = {
-        id: 'user-1',
+        id: userId,
         name: 'Test User',
         email: 'test@example.com',
         emailVerified: true,
@@ -54,7 +63,7 @@ describe('UserService', () => {
     it('should return user when found', async () => {
       // Arrange
       const mockUser: User = {
-        id: 'user-1',
+        id: userId,
         name: 'Test User',
         email: 'test@example.com',
         emailVerified: true,
@@ -68,12 +77,12 @@ describe('UserService', () => {
       repo.findById.mockResolvedValue(mockUser);
 
       // Act
-      const [result, error] = await service.findById('user-1');
+      const [result, error] = await service.findById(userId);
 
       // Assert
       expect(error).toBeNull();
       expect(result).toEqual(mockUser);
-      expect(repo.findById).toHaveBeenCalledWith('user-1');
+      expect(repo.findById).toHaveBeenCalledWith(userId);
     });
 
     it('should return NotFoundError when user not found', async () => {
@@ -81,7 +90,7 @@ describe('UserService', () => {
       repo.findById.mockResolvedValue(null);
 
       // Act
-      const [result, error] = await service.findById('non-existent');
+      const [result, error] = await service.findById(v7());
 
       // Assert
       expect(result).toBeNull();
@@ -93,7 +102,7 @@ describe('UserService', () => {
     it('should return updated user on success', async () => {
       // Arrange
       const updatedUser: User = {
-        id: 'user-1',
+        id: userId,
         name: 'Updated Name',
         email: 'test@example.com',
         emailVerified: true,
@@ -107,14 +116,14 @@ describe('UserService', () => {
       repo.update.mockResolvedValue(updatedUser);
 
       // Act
-      const [result, error] = await service.update('user-1', {
+      const [result, error] = await service.update(userId, {
         name: 'Updated Name',
       });
 
       // Assert
       expect(error).toBeNull();
       expect(result).toEqual(updatedUser);
-      expect(repo.update).toHaveBeenCalledWith('user-1', {
+      expect(repo.update).toHaveBeenCalledWith(userId, {
         name: 'Updated Name',
       });
     });
@@ -124,7 +133,7 @@ describe('UserService', () => {
       repo.update.mockRejectedValue(new Error('DB Error'));
 
       // Act
-      const [result, error] = await service.update('user-1', {
+      const [result, error] = await service.update(userId, {
         name: 'Fail',
       });
 
diff --git a/packages/core/src/service/user.ts b/packages/core/src/service/user.ts
index 07d10d2a..b4649dc8 100644
--- a/packages/core/src/service/user.ts
+++ b/packages/core/src/service/user.ts
@@ -1,3 +1,6 @@
+import type { ILogger } from '../contract/logger';
+import type { IPrivateStorage } from '../contract/storage-private';
+import type { IPublicStorage } from '../contract/storage-public';
 import type { IUserRepository } from '../contract/user';
 import type { AuthContext } from '../entity/auth-context';
 import type { User } from '../entity/user';
@@ -8,7 +11,12 @@ import { fail, ok, type Result } from '../utils/result';
  * Service for managing user data.
  */
 export class UserService {
-  constructor(private readonly repo: IUserRepository) {}
+  constructor(
+    private readonly repo: IUserRepository,
+    readonly _publicStorage: IPublicStorage,
+    readonly _privateStorage: IPrivateStorage,
+    private readonly logger: ILogger,
+  ) {}
 
   /**
    * Finds a user by their email address.
@@ -17,23 +25,40 @@ export class UserService {
    * @returns `ok(user)` if found, `fail(NotFoundError)` if not.
    */
   async findByEmail(email: string): Promise<Result<User>> {
-    const user = await this.repo.findByEmail(email);
-    if (!user) return fail(new NotFoundError('User'));
-    return ok(user);
+    try {
+      const user = await this.repo.findByEmail(email);
+      if (!user) {
+        this.logger.info('User not found by email', { email });
+        return fail(new NotFoundError('User'));
+      }
+      return ok(user);
+    } catch (error) {
+      this.logger.error('Failed to find user by email', { email, error });
+      return fail(new InternalError(error));
+    }
   }
 
   async findById(id: string): Promise<Result<User>> {
-    const user = await this.repo.findById(id);
-
-    if (!user) return fail(new NotFoundError('User'));
-
-    return ok(user);
+    try {
+      const user = await this.repo.findById(id);
+      if (!user) {
+        this.logger.info('User not found by id', { id });
+        return fail(new NotFoundError('User'));
+      }
+      return ok(user);
+    } catch (error) {
+      this.logger.error('Failed to find user by id', { id, error });
+      return fail(new InternalError(error));
+    }
   }
 
   async update(id: string, payload: Partial<User>): Promise<Result<User>> {
     try {
-      return ok(await this.repo.update(id, payload));
+      const updated = await this.repo.update(id, payload);
+      this.logger.info('User updated', { userId: id });
+      return ok(updated);
     } catch (e) {
+      this.logger.error('Failed to update user', { userId: id, error: e });
       return fail(new InternalError(e));
     }
   }
@@ -42,6 +67,10 @@ export class UserService {
     try {
       return ok(await this.repo.getAuthContext(id));
     } catch (e) {
+      this.logger.error('Failed to get auth context for user', {
+        userId: id,
+        error: e,
+      });
       if (e instanceof CoreError) {
         return fail(e);
       }
diff --git a/packages/core/src/utils/console-logger.ts b/packages/core/src/utils/console-logger.ts
new file mode 100644
index 00000000..dcd3ca42
--- /dev/null
+++ b/packages/core/src/utils/console-logger.ts
@@ -0,0 +1,39 @@
+import type { ILogger, LogContext } from '../contract/logger';
+
+/**
+ * Console-based logger implementation for development and testing only.
+ * DO NOT use in production — use the Pino implementation instead.
+ *
+ * Usage:
+ * ```typescript
+ * import { ConsoleLogger } from '@domus/core/logger/console-logger'
+ * const logger = new ConsoleLogger()
+ * ```
+ */
+export class ConsoleLogger implements ILogger {
+  private format(level: string, message: string, context?: LogContext): string {
+    const timestamp = new Date().toISOString();
+    const ctx = context ? ` ${JSON.stringify(context)}` : '';
+    return `[${timestamp}] ${level.toUpperCase().padEnd(5)} ${message}${ctx}`;
+  }
+
+  info(message: string, context?: LogContext): void {
+    console.info(this.format('info', message, context));
+  }
+
+  warn(message: string, context?: LogContext): void {
+    console.warn(this.format('warn', message, context));
+  }
+
+  error(message: string, context?: LogContext): void {
+    console.error(this.format('error', message, context));
+  }
+
+  debug(message: string, context?: LogContext): void {
+    console.debug(this.format('debug', message, context));
+  }
+
+  fatal(message: string, context?: LogContext): void {
+    console.error(this.format('fatal', message, context));
+  }
+}
diff --git a/packages/core/src/utils/index.ts b/packages/core/src/utils/index.ts
index 1fd5e21e..5a29a3f7 100644
--- a/packages/core/src/utils/index.ts
+++ b/packages/core/src/utils/index.ts
@@ -1 +1,2 @@
+export * from './console-logger';
 export * from './result';
diff --git a/packages/core/src/utils/result.ts b/packages/core/src/utils/result.ts
index 5bb3179d..6cd411e5 100644
--- a/packages/core/src/utils/result.ts
+++ b/packages/core/src/utils/result.ts
@@ -1,4 +1,4 @@
-import type { CoreError } from '../error/core-error';
+import type { CoreError } from '../error/error';
 
 /**
  * Result pattern type for handling success and failure without throwing exceptions.
diff --git a/packages/db/migrations/0000_initial.sql b/packages/db/migrations/0000_initial.sql
index 85850a49..f5080fe6 100644
--- a/packages/db/migrations/0000_initial.sql
+++ b/packages/db/migrations/0000_initial.sql
@@ -6,15 +6,15 @@ CREATE TYPE "public"."period_status" AS ENUM('open', 'locked');--> statement-bre
 CREATE TYPE "public"."notification_channel" AS ENUM('in-app', 'email', 'push');--> statement-breakpoint
 CREATE TYPE "public"."notification_status" AS ENUM('pending', 'sent', 'failed');--> statement-breakpoint
 CREATE TYPE "public"."enrollment_status" AS ENUM('pending', 'active', 'inactive');--> statement-breakpoint
-CREATE TYPE "public"."education_level" AS ENUM('sd', 'smp', 'sma', 'd3', 's1', 's2', 's3');--> statement-breakpoint
+CREATE TYPE "public"."education_level" AS ENUM('primary', 'junior', 'senior', 'diploma', 'bachelor', 'master', 'doctorate');--> statement-breakpoint
 CREATE TYPE "public"."gender" AS ENUM('male', 'female');--> statement-breakpoint
 CREATE TYPE "public"."rsvp_status" AS ENUM('attending', 'not-attending', 'maybe');--> statement-breakpoint
 CREATE TYPE "public"."transaction_type" AS ENUM('income', 'expense');--> statement-breakpoint
 CREATE TABLE "account" (
-	"id" text PRIMARY KEY NOT NULL,
+	"id" uuid PRIMARY KEY NOT NULL,
 	"account_id" text NOT NULL,
 	"provider_id" text NOT NULL,
-	"user_id" text NOT NULL,
+	"user_id" uuid NOT NULL,
 	"access_token" text,
 	"refresh_token" text,
 	"id_token" text,
@@ -27,33 +27,33 @@ CREATE TABLE "account" (
 );
 --> statement-breakpoint
 CREATE TABLE "invitation" (
-	"id" text PRIMARY KEY NOT NULL,
-	"organization_id" text NOT NULL,
+	"id" uuid PRIMARY KEY NOT NULL,
+	"organization_id" uuid NOT NULL,
 	"email" text NOT NULL,
 	"role" text,
 	"status" text DEFAULT 'pending' NOT NULL,
 	"expires_at" timestamp NOT NULL,
 	"created_at" timestamp DEFAULT now() NOT NULL,
-	"inviter_id" text NOT NULL
+	"inviter_id" uuid NOT NULL
 );
 --> statement-breakpoint
 CREATE TABLE "member" (
-	"id" text PRIMARY KEY NOT NULL,
-	"organization_id" text NOT NULL,
-	"user_id" text NOT NULL,
+	"id" uuid PRIMARY KEY NOT NULL,
+	"organization_id" uuid NOT NULL,
+	"user_id" uuid NOT NULL,
 	"role" text DEFAULT 'member' NOT NULL,
 	"created_at" timestamp NOT NULL
 );
 --> statement-breakpoint
 CREATE TABLE "organization" (
-	"id" text PRIMARY KEY NOT NULL,
+	"id" uuid PRIMARY KEY NOT NULL,
 	"name" text NOT NULL,
 	"slug" text NOT NULL,
 	"logo" text,
 	"created_at" timestamp NOT NULL,
 	"metadata" text,
-	"type" text,
-	"parent_id" text,
+	"type" text NOT NULL,
+	"parent_id" uuid,
 	"cover" text,
 	"join_id" text,
 	"updated_at" timestamp,
@@ -63,21 +63,21 @@ CREATE TABLE "organization" (
 );
 --> statement-breakpoint
 CREATE TABLE "session" (
-	"id" text PRIMARY KEY NOT NULL,
+	"id" uuid PRIMARY KEY NOT NULL,
 	"expires_at" timestamp NOT NULL,
 	"token" text NOT NULL,
 	"created_at" timestamp DEFAULT now() NOT NULL,
 	"updated_at" timestamp NOT NULL,
 	"ip_address" text,
 	"user_agent" text,
-	"user_id" text NOT NULL,
-	"impersonated_by" text,
-	"active_organization_id" text,
+	"user_id" uuid NOT NULL,
+	"impersonated_by" uuid,
+	"active_organization_id" uuid,
 	CONSTRAINT "session_token_unique" UNIQUE("token")
 );
 --> statement-breakpoint
 CREATE TABLE "user" (
-	"id" text PRIMARY KEY NOT NULL,
+	"id" uuid PRIMARY KEY NOT NULL,
 	"name" text NOT NULL,
 	"email" text NOT NULL,
 	"email_verified" boolean DEFAULT false NOT NULL,
@@ -90,11 +90,12 @@ CREATE TABLE "user" (
 	"ban_expires" timestamp,
 	"account_status" text DEFAULT 'pending',
 	"deleted_at" timestamp,
+	"parishioner_id" text,
 	CONSTRAINT "user_email_unique" UNIQUE("email")
 );
 --> statement-breakpoint
 CREATE TABLE "verification" (
-	"id" text PRIMARY KEY NOT NULL,
+	"id" uuid PRIMARY KEY NOT NULL,
 	"identifier" text NOT NULL,
 	"value" text NOT NULL,
 	"expires_at" timestamp NOT NULL,
@@ -108,7 +109,7 @@ CREATE TABLE "attendances" (
 	"parishioner_id" uuid NOT NULL,
 	"method" "attendance_method" NOT NULL,
 	"status" "attendance_status" NOT NULL,
-	"verified_by" text,
+	"verified_by" uuid,
 	"verified_at" timestamp,
 	"created_at" timestamp DEFAULT now() NOT NULL,
 	"updated_at" timestamp DEFAULT now() NOT NULL,
@@ -118,7 +119,7 @@ CREATE TABLE "attendances" (
 --> statement-breakpoint
 CREATE TABLE "events" (
 	"id" uuid PRIMARY KEY NOT NULL,
-	"organization_id" text,
+	"organization_id" uuid,
 	"name" text NOT NULL,
 	"description" text,
 	"location" text NOT NULL,
@@ -132,7 +133,7 @@ CREATE TABLE "events" (
 	"visibility" "event_visibility" NOT NULL,
 	"is_rsvp_enabled" boolean DEFAULT false NOT NULL,
 	"status" "event_status" NOT NULL,
-	"created_by" text NOT NULL,
+	"created_by" uuid NOT NULL,
 	"created_at" timestamp DEFAULT now() NOT NULL,
 	"updated_at" timestamp DEFAULT now() NOT NULL,
 	"deleted_at" timestamp
@@ -143,7 +144,7 @@ CREATE TABLE "financial_periods" (
 	"month" integer NOT NULL,
 	"year" integer NOT NULL,
 	"status" "period_status" NOT NULL,
-	"locked_by" text,
+	"locked_by" uuid,
 	"locked_at" timestamp,
 	"created_at" timestamp DEFAULT now() NOT NULL,
 	"updated_at" timestamp DEFAULT now() NOT NULL,
@@ -152,7 +153,7 @@ CREATE TABLE "financial_periods" (
 --> statement-breakpoint
 CREATE TABLE "notifications" (
 	"id" uuid PRIMARY KEY NOT NULL,
-	"user_id" text NOT NULL,
+	"user_id" uuid NOT NULL,
 	"title" text NOT NULL,
 	"body" text NOT NULL,
 	"type" text NOT NULL,
@@ -169,7 +170,8 @@ CREATE TABLE "notifications" (
 CREATE TABLE "org_enrollments" (
 	"id" uuid PRIMARY KEY NOT NULL,
 	"parishioner_id" uuid NOT NULL,
-	"organization_id" text NOT NULL,
+	"organization_id" uuid NOT NULL,
+	"unit_id" uuid,
 	"status" "enrollment_status" NOT NULL,
 	"joined_at" timestamp,
 	"created_at" timestamp DEFAULT now() NOT NULL,
@@ -194,7 +196,7 @@ CREATE TABLE "org_placements" (
 --> statement-breakpoint
 CREATE TABLE "org_terms" (
 	"id" uuid PRIMARY KEY NOT NULL,
-	"organization_id" text NOT NULL,
+	"organization_id" uuid NOT NULL,
 	"name" text NOT NULL,
 	"start_date" timestamp,
 	"end_date" timestamp,
@@ -209,7 +211,7 @@ CREATE TABLE "org_terms" (
 --> statement-breakpoint
 CREATE TABLE "org_units" (
 	"id" uuid PRIMARY KEY NOT NULL,
-	"organization_id" text NOT NULL,
+	"organization_id" uuid NOT NULL,
 	"name" text NOT NULL,
 	"description" text,
 	"position" integer DEFAULT 0 NOT NULL,
@@ -220,7 +222,9 @@ CREATE TABLE "org_units" (
 --> statement-breakpoint
 CREATE TABLE "parishioners" (
 	"id" uuid PRIMARY KEY NOT NULL,
-	"user_id" text,
+	"user_id" uuid,
+	"email" text,
+	"avatar_url" text,
 	"full_name" text NOT NULL,
 	"honorific" text,
 	"suffix" text,
@@ -228,6 +232,7 @@ CREATE TABLE "parishioners" (
 	"birth_date" timestamp,
 	"gender" "gender",
 	"education_level" "education_level",
+	"id_card_number" text,
 	"id_card_photo" text,
 	"created_at" timestamp DEFAULT now() NOT NULL,
 	"updated_at" timestamp DEFAULT now() NOT NULL,
@@ -263,8 +268,8 @@ CREATE TABLE "transactions" (
 	"description" text NOT NULL,
 	"date" timestamp NOT NULL,
 	"receipt_photo" text,
-	"created_by" text NOT NULL,
-	"updated_by" text,
+	"created_by" uuid NOT NULL,
+	"updated_by" uuid,
 	"created_at" timestamp DEFAULT now() NOT NULL,
 	"updated_at" timestamp DEFAULT now() NOT NULL,
 	"deleted_at" timestamp
@@ -285,6 +290,7 @@ ALTER TABLE "financial_periods" ADD CONSTRAINT "financial_periods_locked_by_user
 ALTER TABLE "notifications" ADD CONSTRAINT "notifications_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE "org_enrollments" ADD CONSTRAINT "org_enrollments_parishioner_id_parishioners_id_fk" FOREIGN KEY ("parishioner_id") REFERENCES "public"."parishioners"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE "org_enrollments" ADD CONSTRAINT "org_enrollments_organization_id_organization_id_fk" FOREIGN KEY ("organization_id") REFERENCES "public"."organization"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
+ALTER TABLE "org_enrollments" ADD CONSTRAINT "org_enrollments_unit_id_org_units_id_fk" FOREIGN KEY ("unit_id") REFERENCES "public"."org_units"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE "org_placements" ADD CONSTRAINT "org_placements_enrollment_id_org_enrollments_id_fk" FOREIGN KEY ("enrollment_id") REFERENCES "public"."org_enrollments"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE "org_placements" ADD CONSTRAINT "org_placements_term_id_org_terms_id_fk" FOREIGN KEY ("term_id") REFERENCES "public"."org_terms"("id") ON DELETE set null ON UPDATE no action;--> statement-breakpoint
 ALTER TABLE "org_placements" ADD CONSTRAINT "org_placements_unit_id_org_units_id_fk" FOREIGN KEY ("unit_id") REFERENCES "public"."org_units"("id") ON DELETE set null ON UPDATE no action;--> statement-breakpoint
diff --git a/packages/db/migrations/0001_lying_lockheed.sql b/packages/db/migrations/0001_lying_lockheed.sql
deleted file mode 100644
index 9a4a9c74..00000000
--- a/packages/db/migrations/0001_lying_lockheed.sql
+++ /dev/null
@@ -1,2 +0,0 @@
-ALTER TABLE "parishioners" ADD COLUMN "email" text;--> statement-breakpoint
-ALTER TABLE "parishioners" ADD COLUMN "avatar_url" text;
\ No newline at end of file
diff --git a/packages/db/migrations/meta/0000_snapshot.json b/packages/db/migrations/meta/0000_snapshot.json
index 7b044905..7f2fe927 100644
--- a/packages/db/migrations/meta/0000_snapshot.json
+++ b/packages/db/migrations/meta/0000_snapshot.json
@@ -1,5 +1,5 @@
 {
-  "id": "8084a72a-de7c-4d38-b912-9fed3faa2c3b",
+  "id": "3bdf8363-f7e9-4737-8e39-00dd1886b872",
   "prevId": "00000000-0000-0000-0000-000000000000",
   "version": "7",
   "dialect": "postgresql",
@@ -10,7 +10,7 @@
       "columns": {
         "id": {
           "name": "id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": true,
           "notNull": true
         },
@@ -28,7 +28,7 @@
         },
         "user_id": {
           "name": "user_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
@@ -128,13 +128,13 @@
       "columns": {
         "id": {
           "name": "id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": true,
           "notNull": true
         },
         "organization_id": {
           "name": "organization_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
@@ -172,7 +172,7 @@
         },
         "inviter_id": {
           "name": "inviter_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         }
@@ -241,19 +241,19 @@
       "columns": {
         "id": {
           "name": "id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": true,
           "notNull": true
         },
         "organization_id": {
           "name": "organization_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
         "user_id": {
           "name": "user_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
@@ -335,7 +335,7 @@
       "columns": {
         "id": {
           "name": "id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": true,
           "notNull": true
         },
@@ -373,11 +373,11 @@
           "name": "type",
           "type": "text",
           "primaryKey": false,
-          "notNull": false
+          "notNull": true
         },
         "parent_id": {
           "name": "parent_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": false
         },
@@ -448,7 +448,7 @@
       "columns": {
         "id": {
           "name": "id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": true,
           "notNull": true
         },
@@ -491,19 +491,19 @@
         },
         "user_id": {
           "name": "user_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
         "impersonated_by": {
           "name": "impersonated_by",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": false
         },
         "active_organization_id": {
           "name": "active_organization_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": false
         }
@@ -554,7 +554,7 @@
       "columns": {
         "id": {
           "name": "id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": true,
           "notNull": true
         },
@@ -634,6 +634,12 @@
           "type": "timestamp",
           "primaryKey": false,
           "notNull": false
+        },
+        "parishioner_id": {
+          "name": "parishioner_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
         }
       },
       "indexes": {},
@@ -656,7 +662,7 @@
       "columns": {
         "id": {
           "name": "id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": true,
           "notNull": true
         },
@@ -755,7 +761,7 @@
         },
         "verified_by": {
           "name": "verified_by",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": false
         },
@@ -840,7 +846,7 @@
         },
         "organization_id": {
           "name": "organization_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": false
         },
@@ -928,7 +934,7 @@
         },
         "created_by": {
           "name": "created_by",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
@@ -1011,7 +1017,7 @@
         },
         "locked_by": {
           "name": "locked_by",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": false
         },
@@ -1072,7 +1078,7 @@
         },
         "user_id": {
           "name": "user_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
@@ -1183,10 +1189,16 @@
         },
         "organization_id": {
           "name": "organization_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
+        "unit_id": {
+          "name": "unit_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
         "status": {
           "name": "status",
           "type": "enrollment_status",
@@ -1240,6 +1252,15 @@
           "columnsTo": ["id"],
           "onDelete": "cascade",
           "onUpdate": "no action"
+        },
+        "org_enrollments_unit_id_org_units_id_fk": {
+          "name": "org_enrollments_unit_id_org_units_id_fk",
+          "tableFrom": "org_enrollments",
+          "tableTo": "org_units",
+          "columnsFrom": ["unit_id"],
+          "columnsTo": ["id"],
+          "onDelete": "cascade",
+          "onUpdate": "no action"
         }
       },
       "compositePrimaryKeys": {},
@@ -1377,7 +1398,7 @@
         },
         "organization_id": {
           "name": "organization_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
@@ -1474,7 +1495,7 @@
         },
         "organization_id": {
           "name": "organization_id",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
@@ -1548,6 +1569,18 @@
         },
         "user_id": {
           "name": "user_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "email": {
+          "name": "email",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "avatar_url": {
+          "name": "avatar_url",
           "type": "text",
           "primaryKey": false,
           "notNull": false
@@ -1596,6 +1629,12 @@
           "primaryKey": false,
           "notNull": false
         },
+        "id_card_number": {
+          "name": "id_card_number",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
         "id_card_photo": {
           "name": "id_card_photo",
           "type": "text",
@@ -1831,13 +1870,13 @@
         },
         "created_by": {
           "name": "created_by",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": true
         },
         "updated_by": {
           "name": "updated_by",
-          "type": "text",
+          "type": "uuid",
           "primaryKey": false,
           "notNull": false
         },
@@ -1952,7 +1991,15 @@
     "public.education_level": {
       "name": "education_level",
       "schema": "public",
-      "values": ["sd", "smp", "sma", "d3", "s1", "s2", "s3"]
+      "values": [
+        "primary",
+        "junior",
+        "senior",
+        "diploma",
+        "bachelor",
+        "master",
+        "doctorate"
+      ]
     },
     "public.gender": {
       "name": "gender",
diff --git a/packages/db/migrations/meta/0001_snapshot.json b/packages/db/migrations/meta/0001_snapshot.json
deleted file mode 100644
index 53775879..00000000
--- a/packages/db/migrations/meta/0001_snapshot.json
+++ /dev/null
@@ -1,1995 +0,0 @@
-{
-  "id": "67bc5617-2e3e-463c-91d9-cb6f226b5280",
-  "prevId": "8084a72a-de7c-4d38-b912-9fed3faa2c3b",
-  "version": "7",
-  "dialect": "postgresql",
-  "tables": {
-    "public.account": {
-      "name": "account",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "account_id": {
-          "name": "account_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "provider_id": {
-          "name": "provider_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "user_id": {
-          "name": "user_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "access_token": {
-          "name": "access_token",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "refresh_token": {
-          "name": "refresh_token",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "id_token": {
-          "name": "id_token",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "access_token_expires_at": {
-          "name": "access_token_expires_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "refresh_token_expires_at": {
-          "name": "refresh_token_expires_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "scope": {
-          "name": "scope",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "password": {
-          "name": "password",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        }
-      },
-      "indexes": {
-        "account_userId_idx": {
-          "name": "account_userId_idx",
-          "columns": [
-            {
-              "expression": "user_id",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": false,
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
-        }
-      },
-      "foreignKeys": {
-        "account_user_id_user_id_fk": {
-          "name": "account_user_id_user_id_fk",
-          "tableFrom": "account",
-          "tableTo": "user",
-          "columnsFrom": ["user_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.invitation": {
-      "name": "invitation",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "organization_id": {
-          "name": "organization_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "email": {
-          "name": "email",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "role": {
-          "name": "role",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "status": {
-          "name": "status",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "'pending'"
-        },
-        "expires_at": {
-          "name": "expires_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "inviter_id": {
-          "name": "inviter_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        }
-      },
-      "indexes": {
-        "invitation_organizationId_idx": {
-          "name": "invitation_organizationId_idx",
-          "columns": [
-            {
-              "expression": "organization_id",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": false,
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
-        },
-        "invitation_email_idx": {
-          "name": "invitation_email_idx",
-          "columns": [
-            {
-              "expression": "email",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": false,
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
-        }
-      },
-      "foreignKeys": {
-        "invitation_organization_id_organization_id_fk": {
-          "name": "invitation_organization_id_organization_id_fk",
-          "tableFrom": "invitation",
-          "tableTo": "organization",
-          "columnsFrom": ["organization_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        },
-        "invitation_inviter_id_user_id_fk": {
-          "name": "invitation_inviter_id_user_id_fk",
-          "tableFrom": "invitation",
-          "tableTo": "user",
-          "columnsFrom": ["inviter_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.member": {
-      "name": "member",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "organization_id": {
-          "name": "organization_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "user_id": {
-          "name": "user_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "role": {
-          "name": "role",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "'member'"
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        }
-      },
-      "indexes": {
-        "member_organizationId_idx": {
-          "name": "member_organizationId_idx",
-          "columns": [
-            {
-              "expression": "organization_id",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": false,
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
-        },
-        "member_userId_idx": {
-          "name": "member_userId_idx",
-          "columns": [
-            {
-              "expression": "user_id",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": false,
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
-        }
-      },
-      "foreignKeys": {
-        "member_organization_id_organization_id_fk": {
-          "name": "member_organization_id_organization_id_fk",
-          "tableFrom": "member",
-          "tableTo": "organization",
-          "columnsFrom": ["organization_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        },
-        "member_user_id_user_id_fk": {
-          "name": "member_user_id_user_id_fk",
-          "tableFrom": "member",
-          "tableTo": "user",
-          "columnsFrom": ["user_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.organization": {
-      "name": "organization",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "slug": {
-          "name": "slug",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "logo": {
-          "name": "logo",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "metadata": {
-          "name": "metadata",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "type": {
-          "name": "type",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "parent_id": {
-          "name": "parent_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "cover": {
-          "name": "cover",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "join_id": {
-          "name": "join_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "description": {
-          "name": "description",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {
-        "organization_slug_uidx": {
-          "name": "organization_slug_uidx",
-          "columns": [
-            {
-              "expression": "slug",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": true,
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
-        }
-      },
-      "foreignKeys": {},
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {
-        "organization_slug_unique": {
-          "name": "organization_slug_unique",
-          "nullsNotDistinct": false,
-          "columns": ["slug"]
-        }
-      },
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.session": {
-      "name": "session",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "expires_at": {
-          "name": "expires_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "token": {
-          "name": "token",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "ip_address": {
-          "name": "ip_address",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "user_agent": {
-          "name": "user_agent",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "user_id": {
-          "name": "user_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "impersonated_by": {
-          "name": "impersonated_by",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "active_organization_id": {
-          "name": "active_organization_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {
-        "session_userId_idx": {
-          "name": "session_userId_idx",
-          "columns": [
-            {
-              "expression": "user_id",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": false,
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
-        }
-      },
-      "foreignKeys": {
-        "session_user_id_user_id_fk": {
-          "name": "session_user_id_user_id_fk",
-          "tableFrom": "session",
-          "tableTo": "user",
-          "columnsFrom": ["user_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {
-        "session_token_unique": {
-          "name": "session_token_unique",
-          "nullsNotDistinct": false,
-          "columns": ["token"]
-        }
-      },
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.user": {
-      "name": "user",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "email": {
-          "name": "email",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "email_verified": {
-          "name": "email_verified",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "image": {
-          "name": "image",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "role": {
-          "name": "role",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "banned": {
-          "name": "banned",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": false,
-          "default": false
-        },
-        "ban_reason": {
-          "name": "ban_reason",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "ban_expires": {
-          "name": "ban_expires",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "account_status": {
-          "name": "account_status",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false,
-          "default": "'pending'"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {},
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {
-        "user_email_unique": {
-          "name": "user_email_unique",
-          "nullsNotDistinct": false,
-          "columns": ["email"]
-        }
-      },
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.verification": {
-      "name": "verification",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "text",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "identifier": {
-          "name": "identifier",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "value": {
-          "name": "value",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "expires_at": {
-          "name": "expires_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        }
-      },
-      "indexes": {
-        "verification_identifier_idx": {
-          "name": "verification_identifier_idx",
-          "columns": [
-            {
-              "expression": "identifier",
-              "isExpression": false,
-              "asc": true,
-              "nulls": "last"
-            }
-          ],
-          "isUnique": false,
-          "concurrently": false,
-          "method": "btree",
-          "with": {}
-        }
-      },
-      "foreignKeys": {},
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.attendances": {
-      "name": "attendances",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "event_id": {
-          "name": "event_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "parishioner_id": {
-          "name": "parishioner_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "method": {
-          "name": "method",
-          "type": "attendance_method",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "status": {
-          "name": "status",
-          "type": "attendance_status",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "verified_by": {
-          "name": "verified_by",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "verified_at": {
-          "name": "verified_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "attendances_event_id_events_id_fk": {
-          "name": "attendances_event_id_events_id_fk",
-          "tableFrom": "attendances",
-          "tableTo": "events",
-          "columnsFrom": ["event_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        },
-        "attendances_parishioner_id_parishioners_id_fk": {
-          "name": "attendances_parishioner_id_parishioners_id_fk",
-          "tableFrom": "attendances",
-          "tableTo": "parishioners",
-          "columnsFrom": ["parishioner_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        },
-        "attendances_verified_by_user_id_fk": {
-          "name": "attendances_verified_by_user_id_fk",
-          "tableFrom": "attendances",
-          "tableTo": "user",
-          "columnsFrom": ["verified_by"],
-          "columnsTo": ["id"],
-          "onDelete": "set null",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {
-        "attendances_event_id_parishioner_id_unique": {
-          "name": "attendances_event_id_parishioner_id_unique",
-          "nullsNotDistinct": false,
-          "columns": ["event_id", "parishioner_id"]
-        }
-      },
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.events": {
-      "name": "events",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "organization_id": {
-          "name": "organization_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "description": {
-          "name": "description",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "location": {
-          "name": "location",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "latitude": {
-          "name": "latitude",
-          "type": "double precision",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "longitude": {
-          "name": "longitude",
-          "type": "double precision",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "radius_meters": {
-          "name": "radius_meters",
-          "type": "integer",
-          "primaryKey": false,
-          "notNull": true,
-          "default": 100
-        },
-        "start_date_time": {
-          "name": "start_date_time",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "end_date_time": {
-          "name": "end_date_time",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "event_photo": {
-          "name": "event_photo",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "qr_code": {
-          "name": "qr_code",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "visibility": {
-          "name": "visibility",
-          "type": "event_visibility",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "is_rsvp_enabled": {
-          "name": "is_rsvp_enabled",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "status": {
-          "name": "status",
-          "type": "event_status",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "created_by": {
-          "name": "created_by",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "events_organization_id_organization_id_fk": {
-          "name": "events_organization_id_organization_id_fk",
-          "tableFrom": "events",
-          "tableTo": "organization",
-          "columnsFrom": ["organization_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        },
-        "events_created_by_user_id_fk": {
-          "name": "events_created_by_user_id_fk",
-          "tableFrom": "events",
-          "tableTo": "user",
-          "columnsFrom": ["created_by"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.financial_periods": {
-      "name": "financial_periods",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "month": {
-          "name": "month",
-          "type": "integer",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "year": {
-          "name": "year",
-          "type": "integer",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "status": {
-          "name": "status",
-          "type": "period_status",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "locked_by": {
-          "name": "locked_by",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "locked_at": {
-          "name": "locked_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "financial_periods_locked_by_user_id_fk": {
-          "name": "financial_periods_locked_by_user_id_fk",
-          "tableFrom": "financial_periods",
-          "tableTo": "user",
-          "columnsFrom": ["locked_by"],
-          "columnsTo": ["id"],
-          "onDelete": "set null",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.notifications": {
-      "name": "notifications",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "user_id": {
-          "name": "user_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "title": {
-          "name": "title",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "body": {
-          "name": "body",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "type": {
-          "name": "type",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "channel": {
-          "name": "channel",
-          "type": "notification_channel",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "is_read": {
-          "name": "is_read",
-          "type": "boolean",
-          "primaryKey": false,
-          "notNull": true,
-          "default": false
-        },
-        "status": {
-          "name": "status",
-          "type": "notification_status",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "reference_id": {
-          "name": "reference_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "reference_type": {
-          "name": "reference_type",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "sent_at": {
-          "name": "sent_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "notifications_user_id_user_id_fk": {
-          "name": "notifications_user_id_user_id_fk",
-          "tableFrom": "notifications",
-          "tableTo": "user",
-          "columnsFrom": ["user_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.org_enrollments": {
-      "name": "org_enrollments",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "parishioner_id": {
-          "name": "parishioner_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "organization_id": {
-          "name": "organization_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "status": {
-          "name": "status",
-          "type": "enrollment_status",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "joined_at": {
-          "name": "joined_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "org_enrollments_parishioner_id_parishioners_id_fk": {
-          "name": "org_enrollments_parishioner_id_parishioners_id_fk",
-          "tableFrom": "org_enrollments",
-          "tableTo": "parishioners",
-          "columnsFrom": ["parishioner_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        },
-        "org_enrollments_organization_id_organization_id_fk": {
-          "name": "org_enrollments_organization_id_organization_id_fk",
-          "tableFrom": "org_enrollments",
-          "tableTo": "organization",
-          "columnsFrom": ["organization_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {
-        "org_enrollments_parishioner_id_organization_id_unique": {
-          "name": "org_enrollments_parishioner_id_organization_id_unique",
-          "nullsNotDistinct": false,
-          "columns": ["parishioner_id", "organization_id"]
-        }
-      },
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.org_placements": {
-      "name": "org_placements",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "enrollment_id": {
-          "name": "enrollment_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "term_id": {
-          "name": "term_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "unit_id": {
-          "name": "unit_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "position": {
-          "name": "position",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "'anggota'"
-        },
-        "order": {
-          "name": "order",
-          "type": "integer",
-          "primaryKey": false,
-          "notNull": true,
-          "default": 0
-        },
-        "start_date": {
-          "name": "start_date",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "end_date": {
-          "name": "end_date",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "org_placements_enrollment_id_org_enrollments_id_fk": {
-          "name": "org_placements_enrollment_id_org_enrollments_id_fk",
-          "tableFrom": "org_placements",
-          "tableTo": "org_enrollments",
-          "columnsFrom": ["enrollment_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        },
-        "org_placements_term_id_org_terms_id_fk": {
-          "name": "org_placements_term_id_org_terms_id_fk",
-          "tableFrom": "org_placements",
-          "tableTo": "org_terms",
-          "columnsFrom": ["term_id"],
-          "columnsTo": ["id"],
-          "onDelete": "set null",
-          "onUpdate": "no action"
-        },
-        "org_placements_unit_id_org_units_id_fk": {
-          "name": "org_placements_unit_id_org_units_id_fk",
-          "tableFrom": "org_placements",
-          "tableTo": "org_units",
-          "columnsFrom": ["unit_id"],
-          "columnsTo": ["id"],
-          "onDelete": "set null",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.org_terms": {
-      "name": "org_terms",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "organization_id": {
-          "name": "organization_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "start_date": {
-          "name": "start_date",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "end_date": {
-          "name": "end_date",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "sk_number": {
-          "name": "sk_number",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "sk_date": {
-          "name": "sk_date",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "sk_document": {
-          "name": "sk_document",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "description": {
-          "name": "description",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "org_terms_organization_id_organization_id_fk": {
-          "name": "org_terms_organization_id_organization_id_fk",
-          "tableFrom": "org_terms",
-          "tableTo": "organization",
-          "columnsFrom": ["organization_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.org_units": {
-      "name": "org_units",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "organization_id": {
-          "name": "organization_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "description": {
-          "name": "description",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "position": {
-          "name": "position",
-          "type": "integer",
-          "primaryKey": false,
-          "notNull": true,
-          "default": 0
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "org_units_organization_id_organization_id_fk": {
-          "name": "org_units_organization_id_organization_id_fk",
-          "tableFrom": "org_units",
-          "tableTo": "organization",
-          "columnsFrom": ["organization_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.parishioners": {
-      "name": "parishioners",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "user_id": {
-          "name": "user_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "email": {
-          "name": "email",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "avatar_url": {
-          "name": "avatar_url",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "full_name": {
-          "name": "full_name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "honorific": {
-          "name": "honorific",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "suffix": {
-          "name": "suffix",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "birth_place": {
-          "name": "birth_place",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "birth_date": {
-          "name": "birth_date",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "gender": {
-          "name": "gender",
-          "type": "gender",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "education_level": {
-          "name": "education_level",
-          "type": "education_level",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "id_card_photo": {
-          "name": "id_card_photo",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "parishioners_user_id_user_id_fk": {
-          "name": "parishioners_user_id_user_id_fk",
-          "tableFrom": "parishioners",
-          "tableTo": "user",
-          "columnsFrom": ["user_id"],
-          "columnsTo": ["id"],
-          "onDelete": "set null",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.rsvp": {
-      "name": "rsvp",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "event_id": {
-          "name": "event_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "parishioner_id": {
-          "name": "parishioner_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "status": {
-          "name": "status",
-          "type": "rsvp_status",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "rsvp_event_id_events_id_fk": {
-          "name": "rsvp_event_id_events_id_fk",
-          "tableFrom": "rsvp",
-          "tableTo": "events",
-          "columnsFrom": ["event_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        },
-        "rsvp_parishioner_id_parishioners_id_fk": {
-          "name": "rsvp_parishioner_id_parishioners_id_fk",
-          "tableFrom": "rsvp",
-          "tableTo": "parishioners",
-          "columnsFrom": ["parishioner_id"],
-          "columnsTo": ["id"],
-          "onDelete": "cascade",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {
-        "rsvp_event_id_parishioner_id_unique": {
-          "name": "rsvp_event_id_parishioner_id_unique",
-          "nullsNotDistinct": false,
-          "columns": ["event_id", "parishioner_id"]
-        }
-      },
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.transaction_categories": {
-      "name": "transaction_categories",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "type": {
-          "name": "type",
-          "type": "transaction_type",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {},
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    },
-    "public.transactions": {
-      "name": "transactions",
-      "schema": "",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "uuid",
-          "primaryKey": true,
-          "notNull": true
-        },
-        "period_id": {
-          "name": "period_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "category_id": {
-          "name": "category_id",
-          "type": "uuid",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "type": {
-          "name": "type",
-          "type": "transaction_type",
-          "typeSchema": "public",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "amount": {
-          "name": "amount",
-          "type": "double precision",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "description": {
-          "name": "description",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "date": {
-          "name": "date",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "receipt_photo": {
-          "name": "receipt_photo",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_by": {
-          "name": "created_by",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true
-        },
-        "updated_by": {
-          "name": "updated_by",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false
-        },
-        "created_at": {
-          "name": "created_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "updated_at": {
-          "name": "updated_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": true,
-          "default": "now()"
-        },
-        "deleted_at": {
-          "name": "deleted_at",
-          "type": "timestamp",
-          "primaryKey": false,
-          "notNull": false
-        }
-      },
-      "indexes": {},
-      "foreignKeys": {
-        "transactions_period_id_financial_periods_id_fk": {
-          "name": "transactions_period_id_financial_periods_id_fk",
-          "tableFrom": "transactions",
-          "tableTo": "financial_periods",
-          "columnsFrom": ["period_id"],
-          "columnsTo": ["id"],
-          "onDelete": "restrict",
-          "onUpdate": "no action"
-        },
-        "transactions_category_id_transaction_categories_id_fk": {
-          "name": "transactions_category_id_transaction_categories_id_fk",
-          "tableFrom": "transactions",
-          "tableTo": "transaction_categories",
-          "columnsFrom": ["category_id"],
-          "columnsTo": ["id"],
-          "onDelete": "restrict",
-          "onUpdate": "no action"
-        },
-        "transactions_created_by_user_id_fk": {
-          "name": "transactions_created_by_user_id_fk",
-          "tableFrom": "transactions",
-          "tableTo": "user",
-          "columnsFrom": ["created_by"],
-          "columnsTo": ["id"],
-          "onDelete": "restrict",
-          "onUpdate": "no action"
-        },
-        "transactions_updated_by_user_id_fk": {
-          "name": "transactions_updated_by_user_id_fk",
-          "tableFrom": "transactions",
-          "tableTo": "user",
-          "columnsFrom": ["updated_by"],
-          "columnsTo": ["id"],
-          "onDelete": "set null",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "policies": {},
-      "checkConstraints": {},
-      "isRLSEnabled": false
-    }
-  },
-  "enums": {
-    "public.attendance_method": {
-      "name": "attendance_method",
-      "schema": "public",
-      "values": ["qr-code", "gps", "manual"]
-    },
-    "public.attendance_status": {
-      "name": "attendance_status",
-      "schema": "public",
-      "values": ["present", "pending", "absent"]
-    },
-    "public.event_status": {
-      "name": "event_status",
-      "schema": "public",
-      "values": ["published", "completed"]
-    },
-    "public.event_visibility": {
-      "name": "event_visibility",
-      "schema": "public",
-      "values": ["public", "private"]
-    },
-    "public.period_status": {
-      "name": "period_status",
-      "schema": "public",
-      "values": ["open", "locked"]
-    },
-    "public.notification_channel": {
-      "name": "notification_channel",
-      "schema": "public",
-      "values": ["in-app", "email", "push"]
-    },
-    "public.notification_status": {
-      "name": "notification_status",
-      "schema": "public",
-      "values": ["pending", "sent", "failed"]
-    },
-    "public.enrollment_status": {
-      "name": "enrollment_status",
-      "schema": "public",
-      "values": ["pending", "active", "inactive"]
-    },
-    "public.education_level": {
-      "name": "education_level",
-      "schema": "public",
-      "values": ["sd", "smp", "sma", "d3", "s1", "s2", "s3"]
-    },
-    "public.gender": {
-      "name": "gender",
-      "schema": "public",
-      "values": ["male", "female"]
-    },
-    "public.rsvp_status": {
-      "name": "rsvp_status",
-      "schema": "public",
-      "values": ["attending", "not-attending", "maybe"]
-    },
-    "public.transaction_type": {
-      "name": "transaction_type",
-      "schema": "public",
-      "values": ["income", "expense"]
-    }
-  },
-  "schemas": {},
-  "sequences": {},
-  "roles": {},
-  "policies": {},
-  "views": {},
-  "_meta": {
-    "columns": {},
-    "schemas": {},
-    "tables": {}
-  }
-}
diff --git a/packages/db/migrations/meta/_journal.json b/packages/db/migrations/meta/_journal.json
index dd287748..22883d1d 100644
--- a/packages/db/migrations/meta/_journal.json
+++ b/packages/db/migrations/meta/_journal.json
@@ -5,16 +5,9 @@
     {
       "idx": 0,
       "version": "7",
-      "when": 1774860602420,
+      "when": 1775185738356,
       "tag": "0000_initial",
       "breakpoints": true
-    },
-    {
-      "idx": 1,
-      "version": "7",
-      "when": 1775042273536,
-      "tag": "0001_lying_lockheed",
-      "breakpoints": true
     }
   ]
 }
diff --git a/packages/db/package.json b/packages/db/package.json
index dc3e5b56..b4227eab 100644
--- a/packages/db/package.json
+++ b/packages/db/package.json
@@ -19,6 +19,7 @@
     "@domus/tsconfig": "workspace:*",
     "@types/node": "^25.5.0",
     "@types/pg": "^8.20.0",
+    "@types/pino": "^7.0.5",
     "@vitest/coverage-istanbul": "^4.1.0",
     "vitest": "^4.1.0",
     "vitest-mock-extended": "^3.1.0"
@@ -31,6 +32,7 @@
     "drizzle-kit": "^0.31.10",
     "drizzle-orm": "^0.45.1",
     "pg": "^8.20.0",
+    "pino": "^10.3.1",
     "tsx": "^4.21.0",
     "uuid": "^13.0.0"
   }
diff --git a/packages/db/src/index.ts b/packages/db/src/index.ts
index 19e764ec..878557e7 100644
--- a/packages/db/src/index.ts
+++ b/packages/db/src/index.ts
@@ -1,7 +1,13 @@
 import c from '@domus/config';
 import { neon } from '@neondatabase/serverless';
-import { drizzle as drizzleNeon } from 'drizzle-orm/neon-http';
-import { drizzle as drizzlePg } from 'drizzle-orm/node-postgres';
+import {
+  drizzle as drizzleNeon,
+  type NeonHttpDatabase,
+} from 'drizzle-orm/neon-http';
+import {
+  drizzle as drizzlePg,
+  type NodePgDatabase,
+} from 'drizzle-orm/node-postgres';
 
 import * as schema from './schema/index';
 
@@ -18,7 +24,13 @@ function getDevelopment() {
  * The database client instance, configured for either production (Neon) or development (PostgreSQL).
  */
 export const db =
-  c.app.env === 'production' ? getProduction() : getDevelopment();
-export * from './mapper';
+  c.app.env === 'production'
+    ? getProduction()
+    : (getDevelopment() as unknown as ReturnType<typeof getProduction>);
+
+export type DrizzleClient =
+  | NeonHttpDatabase<typeof schema>
+  | NodePgDatabase<typeof schema>;
+
 export * from './repository';
 export * from './schema';
diff --git a/packages/db/src/mapper/attendance.spec.ts b/packages/db/src/mapper/attendance.spec.ts
deleted file mode 100644
index 0787ca4c..00000000
--- a/packages/db/src/mapper/attendance.spec.ts
+++ /dev/null
@@ -1,63 +0,0 @@
-import { AttendanceMethod, AttendanceStatus } from '@domus/core';
-import { describe, expect, it } from 'vitest';
-import { AttendanceMapper } from './attendance';
-
-describe('AttendanceMapper', () => {
-  const mockRow = {
-    id: 'att-1',
-    eventId: 'event-1',
-    parishionerId: 'p-1',
-    method: 'qr-code',
-    status: 'present',
-    verifiedBy: 'user-1',
-    verifiedAt: new Date('2024-01-01T00:00:00Z'),
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'att-1',
-    eventId: 'event-1',
-    parishionerId: 'p-1',
-    method: AttendanceMethod.QrCode,
-    status: AttendanceStatus.Present,
-    verifiedBy: 'user-1',
-    verifiedAt: new Date('2024-01-01T00:00:00Z'),
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map a database row to an Attendance entity', () => {
-      const result = AttendanceMapper.toEntity(
-        mockRow as unknown as Parameters<typeof AttendanceMapper.toEntity>[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-  });
-
-  describe('toInsert', () => {
-    it('should map an Attendance entity to a database insert object', () => {
-      const { createdAt, updatedAt, deletedAt, ...insertData } = mockEntity;
-      const result = AttendanceMapper.toInsert(insertData);
-      expect(result).toEqual({
-        id: 'att-1',
-        eventId: 'event-1',
-        parishionerId: 'p-1',
-        method: AttendanceMethod.QrCode,
-        status: AttendanceStatus.Present,
-        verifiedBy: 'user-1',
-        verifiedAt: new Date('2024-01-01T00:00:00Z'),
-      });
-    });
-
-    it('should allow omitting id for auto-generation', () => {
-      const { id, createdAt, updatedAt, deletedAt, ...insertData } = mockEntity;
-      const result = AttendanceMapper.toInsert(insertData);
-      expect(result.id).toBeUndefined();
-      expect(result.eventId).toBe('event-1');
-    });
-  });
-});
diff --git a/packages/db/src/mapper/attendance.ts b/packages/db/src/mapper/attendance.ts
deleted file mode 100644
index 4cbe204c..00000000
--- a/packages/db/src/mapper/attendance.ts
+++ /dev/null
@@ -1,45 +0,0 @@
-import type {
-  Attendance,
-  AttendanceMethod,
-  AttendanceStatus,
-  RecordAttendance,
-} from '@domus/core';
-import type { attendances } from '../schema/attendances';
-
-/**
- * Mapper for Attendance entity.
- */
-export const AttendanceMapper = {
-  /**
-   * Maps a database row to an Attendance entity.
-   */
-  toEntity(row: typeof attendances.$inferSelect): Attendance {
-    return {
-      id: row.id,
-      eventId: row.eventId,
-      parishionerId: row.parishionerId,
-      method: row.method as AttendanceMethod,
-      status: row.status as AttendanceStatus,
-      verifiedBy: row.verifiedBy,
-      verifiedAt: row.verifiedAt,
-      createdAt: row.createdAt,
-      updatedAt: row.updatedAt,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a RecordAttendance entity to a database insert object.
-   */
-  toInsert(entity: RecordAttendance): typeof attendances.$inferInsert {
-    return {
-      id: entity.id as string,
-      eventId: entity.eventId,
-      parishionerId: entity.parishionerId,
-      method: entity.method,
-      status: entity.status as AttendanceStatus,
-      verifiedBy: entity.verifiedBy,
-      verifiedAt: entity.verifiedAt,
-    };
-  },
-};
diff --git a/packages/db/src/mapper/enrollment.ts b/packages/db/src/mapper/enrollment.ts
deleted file mode 100644
index 591a3e58..00000000
--- a/packages/db/src/mapper/enrollment.ts
+++ /dev/null
@@ -1,35 +0,0 @@
-import type { Enrollment, RegisterEnrollment } from '@domus/core';
-import type { orgEnrollments } from '../schema/org-enrollments';
-
-/**
- * Maps a database row to a core entity.
- */
-export function toEnrollmentEntity(
-  row: typeof orgEnrollments.$inferSelect,
-): Enrollment {
-  return {
-    id: row.id,
-    parishionerId: row.parishionerId,
-    organizationId: row.organizationId,
-    status: row.status as Enrollment['status'],
-    joinedAt: row.joinedAt,
-    createdAt: row.createdAt,
-    updatedAt: row.updatedAt,
-    deletedAt: row.deletedAt,
-  };
-}
-
-/**
- * Maps a registration input to a database insert object.
- */
-export function toEnrollmentInsert(
-  data: RegisterEnrollment & { id: string },
-): typeof orgEnrollments.$inferInsert {
-  return {
-    id: data.id,
-    parishionerId: data.parishionerId,
-    organizationId: data.organizationId,
-    status: data.status,
-    joinedAt: data.joinedAt,
-  };
-}
diff --git a/packages/db/src/mapper/event.spec.ts b/packages/db/src/mapper/event.spec.ts
deleted file mode 100644
index c82c3474..00000000
--- a/packages/db/src/mapper/event.spec.ts
+++ /dev/null
@@ -1,83 +0,0 @@
-import { EventStatus, EventVisibility } from '@domus/core';
-import { describe, expect, it } from 'vitest';
-import { EventMapper } from './event';
-
-describe('EventMapper', () => {
-  const mockRow = {
-    id: 'event-1',
-    organizationId: 'org-1',
-    name: 'Test Event',
-    description: 'A test event',
-    location: 'Test Location',
-    latitude: 1.23,
-    longitude: 4.56,
-    radiusMeters: 100,
-    startDateTime: new Date('2024-01-01T09:00:00Z'),
-    endDateTime: new Date('2024-01-01T17:00:00Z'),
-    eventPhoto: 'photo.jpg',
-    qrCode: 'qr-code',
-    visibility: 'public',
-    isRsvpEnabled: true,
-    status: 'published',
-    createdBy: 'user-1',
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'event-1',
-    organizationId: 'org-1',
-    name: 'Test Event',
-    description: 'A test event',
-    location: 'Test Location',
-    latitude: 1.23,
-    longitude: 4.56,
-    radiusMeters: 100,
-    startDateTime: new Date('2024-01-01T09:00:00Z'),
-    endDateTime: new Date('2024-01-01T17:00:00Z'),
-    eventPhoto: 'photo.jpg',
-    qrCode: 'qr-code',
-    visibility: EventVisibility.Public,
-    isRsvpEnabled: true,
-    status: EventStatus.Published,
-    createdBy: 'user-1',
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map a database row to an Event entity', () => {
-      const result = EventMapper.toEntity(
-        mockRow as unknown as Parameters<typeof EventMapper.toEntity>[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-  });
-
-  describe('toInsert', () => {
-    it('should map an Event entity to a database insert object', () => {
-      const { createdAt, updatedAt, deletedAt, ...insertData } = mockEntity;
-      const result = EventMapper.toInsert(insertData);
-      expect(result).toEqual({
-        id: 'event-1',
-        organizationId: 'org-1',
-        name: 'Test Event',
-        description: 'A test event',
-        location: 'Test Location',
-        latitude: 1.23,
-        longitude: 4.56,
-        radiusMeters: 100,
-        startDateTime: new Date('2024-01-01T09:00:00Z'),
-        endDateTime: new Date('2024-01-01T17:00:00Z'),
-        eventPhoto: 'photo.jpg',
-        qrCode: 'qr-code',
-        visibility: EventVisibility.Public,
-        isRsvpEnabled: true,
-        status: EventStatus.Published,
-        createdBy: 'user-1',
-      });
-    });
-  });
-});
diff --git a/packages/db/src/mapper/event.ts b/packages/db/src/mapper/event.ts
deleted file mode 100644
index b2a84806..00000000
--- a/packages/db/src/mapper/event.ts
+++ /dev/null
@@ -1,63 +0,0 @@
-import type {
-  CreateEvent,
-  Event,
-  EventStatus,
-  EventVisibility,
-} from '@domus/core';
-import type { events } from '../schema/events';
-
-/**
- * Mapper for Event entity.
- */
-export const EventMapper = {
-  /**
-   * Maps a database row to an Event entity.
-   */
-  toEntity(row: typeof events.$inferSelect): Event {
-    return {
-      id: row.id,
-      organizationId: row.organizationId,
-      name: row.name,
-      description: row.description,
-      location: row.location,
-      latitude: row.latitude,
-      longitude: row.longitude,
-      radiusMeters: row.radiusMeters,
-      startDateTime: row.startDateTime,
-      endDateTime: row.endDateTime,
-      eventPhoto: row.eventPhoto,
-      qrCode: row.qrCode,
-      visibility: row.visibility as EventVisibility,
-      isRsvpEnabled: row.isRsvpEnabled,
-      status: row.status as EventStatus,
-      createdBy: row.createdBy,
-      createdAt: row.createdAt,
-      updatedAt: row.updatedAt,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a CreateEvent entity to a database insert object.
-   */
-  toInsert(entity: CreateEvent): typeof events.$inferInsert {
-    return {
-      id: entity.id as string,
-      organizationId: entity.organizationId,
-      name: entity.name,
-      description: entity.description,
-      location: entity.location,
-      latitude: entity.latitude,
-      longitude: entity.longitude,
-      radiusMeters: entity.radiusMeters,
-      startDateTime: entity.startDateTime,
-      endDateTime: entity.endDateTime,
-      eventPhoto: entity.eventPhoto,
-      qrCode: entity.qrCode as string,
-      visibility: entity.visibility,
-      isRsvpEnabled: entity.isRsvpEnabled,
-      status: entity.status as EventStatus,
-      createdBy: entity.createdBy as string,
-    };
-  },
-};
diff --git a/packages/db/src/mapper/financial-period.spec.ts b/packages/db/src/mapper/financial-period.spec.ts
deleted file mode 100644
index f51f2c63..00000000
--- a/packages/db/src/mapper/financial-period.spec.ts
+++ /dev/null
@@ -1,55 +0,0 @@
-import { PeriodStatus } from '@domus/core';
-import { describe, expect, it } from 'vitest';
-import { FinancialPeriodMapper } from './financial-period';
-
-describe('FinancialPeriodMapper', () => {
-  const mockRow = {
-    id: 'period-1',
-    month: 1,
-    year: 2024,
-    status: 'open',
-    lockedBy: null,
-    lockedAt: null,
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'period-1',
-    month: 1,
-    year: 2024,
-    status: PeriodStatus.Open,
-    lockedBy: null,
-    lockedAt: null,
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map a database row to a FinancialPeriod entity', () => {
-      const result = FinancialPeriodMapper.toEntity(
-        mockRow as unknown as Parameters<
-          typeof FinancialPeriodMapper.toEntity
-        >[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-  });
-
-  describe('toInsert', () => {
-    it('should map a FinancialPeriod entity to a database insert object', () => {
-      const { createdAt, updatedAt, deletedAt, ...insertData } = mockEntity;
-      const result = FinancialPeriodMapper.toInsert(insertData);
-      expect(result).toEqual({
-        id: 'period-1',
-        month: 1,
-        year: 2024,
-        status: PeriodStatus.Open,
-        lockedBy: null,
-        lockedAt: null,
-      });
-    });
-  });
-});
diff --git a/packages/db/src/mapper/financial-period.ts b/packages/db/src/mapper/financial-period.ts
deleted file mode 100644
index 6e6b5710..00000000
--- a/packages/db/src/mapper/financial-period.ts
+++ /dev/null
@@ -1,44 +0,0 @@
-import type {
-  CreateFinancialPeriod,
-  FinancialPeriod,
-  PeriodStatus,
-} from '@domus/core';
-import type { financialPeriods } from '../schema/financial-periods';
-
-/**
- * Mapper for FinancialPeriod entity.
- */
-export const FinancialPeriodMapper = {
-  /**
-   * Maps a database row to a FinancialPeriod entity.
-   */
-  toEntity(row: typeof financialPeriods.$inferSelect): FinancialPeriod {
-    return {
-      id: row.id,
-      month: row.month,
-      year: row.year,
-      status: row.status as PeriodStatus,
-      lockedBy: row.lockedBy,
-      lockedAt: row.lockedAt,
-      createdAt: row.createdAt,
-      updatedAt: row.updatedAt,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a CreateFinancialPeriod entity to a database insert object.
-   */
-  toInsert(
-    entity: CreateFinancialPeriod,
-  ): typeof financialPeriods.$inferInsert {
-    return {
-      id: entity.id as string,
-      month: entity.month,
-      year: entity.year,
-      status: entity.status as PeriodStatus,
-      lockedBy: entity.lockedBy,
-      lockedAt: entity.lockedAt,
-    };
-  },
-};
diff --git a/packages/db/src/mapper/index.ts b/packages/db/src/mapper/index.ts
deleted file mode 100644
index 0c19f571..00000000
--- a/packages/db/src/mapper/index.ts
+++ /dev/null
@@ -1,10 +0,0 @@
-export * from './attendance';
-export * from './enrollment';
-export * from './event';
-export * from './financial-period';
-export * from './notification';
-export * from './organization';
-export * from './parishioner';
-export * from './rsvp';
-export * from './transaction';
-export * from './user';
diff --git a/packages/db/src/mapper/notification.spec.ts b/packages/db/src/mapper/notification.spec.ts
deleted file mode 100644
index c07f102a..00000000
--- a/packages/db/src/mapper/notification.spec.ts
+++ /dev/null
@@ -1,66 +0,0 @@
-import { NotificationChannel, NotificationStatus } from '@domus/core';
-import { describe, expect, it } from 'vitest';
-import { NotificationMapper } from './notification';
-
-describe('NotificationMapper', () => {
-  const mockRow = {
-    id: 'notif-1',
-    userId: 'user-1',
-    title: 'Test Notification',
-    body: 'This is a test',
-    type: 'event_reminder',
-    channel: 'email',
-    status: 'sent',
-    isRead: false,
-    referenceId: 'ref-1',
-    referenceType: 'event',
-    sentAt: new Date('2024-01-01T10:00:00Z'),
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'notif-1',
-    userId: 'user-1',
-    title: 'Test Notification',
-    body: 'This is a test',
-    type: 'event_reminder',
-    channel: NotificationChannel.Email,
-    status: NotificationStatus.Sent,
-    isRead: false,
-    referenceId: 'ref-1',
-    referenceType: 'event',
-    sentAt: new Date('2024-01-01T10:00:00Z'),
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map a database row to a Notification entity', () => {
-      const result = NotificationMapper.toEntity(
-        mockRow as unknown as Parameters<typeof NotificationMapper.toEntity>[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-  });
-
-  describe('toInsert', () => {
-    it('should map a Notification entity to a database insert object', () => {
-      const { createdAt, deletedAt, ...insertData } = mockEntity;
-      const result = NotificationMapper.toInsert(insertData);
-      expect(result).toEqual({
-        id: 'notif-1',
-        userId: 'user-1',
-        title: 'Test Notification',
-        body: 'This is a test',
-        type: 'event_reminder',
-        channel: NotificationChannel.Email,
-        status: NotificationStatus.Sent,
-        isRead: false,
-        referenceId: 'ref-1',
-        referenceType: 'event',
-        sentAt: new Date('2024-01-01T10:00:00Z'),
-      });
-    });
-  });
-});
diff --git a/packages/db/src/mapper/notification.ts b/packages/db/src/mapper/notification.ts
deleted file mode 100644
index 4ffbd342..00000000
--- a/packages/db/src/mapper/notification.ts
+++ /dev/null
@@ -1,55 +0,0 @@
-import type {
-  Notification,
-  NotificationChannel,
-  NotificationStatus,
-} from '@domus/core';
-import type { notifications } from '../schema/notifications';
-
-/**
- * Mapper for Notification entity.
- */
-export const NotificationMapper = {
-  /**
-   * Maps a database row to a Notification entity.
-   */
-  toEntity(row: typeof notifications.$inferSelect): Notification {
-    return {
-      id: row.id,
-      userId: row.userId,
-      title: row.title,
-      body: row.body,
-      type: row.type,
-      channel: row.channel as NotificationChannel,
-      isRead: row.isRead,
-      status: row.status as NotificationStatus,
-      referenceId: row.referenceId,
-      referenceType: row.referenceType,
-      sentAt: row.sentAt,
-      createdAt: row.createdAt,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a Notification entity to a database insert object.
-   */
-  toInsert(
-    entity: Omit<Notification, 'id' | 'createdAt' | 'deletedAt'> & {
-      id?: string;
-    },
-  ): typeof notifications.$inferInsert {
-    return {
-      id: entity.id as string,
-      userId: entity.userId,
-      title: entity.title,
-      body: entity.body,
-      type: entity.type,
-      channel: entity.channel,
-      isRead: entity.isRead,
-      status: entity.status,
-      referenceId: entity.referenceId,
-      referenceType: entity.referenceType,
-      sentAt: entity.sentAt,
-    };
-  },
-};
diff --git a/packages/db/src/mapper/organization.spec.ts b/packages/db/src/mapper/organization.spec.ts
deleted file mode 100644
index b2554bf0..00000000
--- a/packages/db/src/mapper/organization.spec.ts
+++ /dev/null
@@ -1,73 +0,0 @@
-import { OrgType } from '@domus/core';
-import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
-import { OrganizationMapper } from './organization';
-
-describe('OrganizationMapper', () => {
-  const mockRow = {
-    id: 'org-1',
-    name: 'Test Organization',
-    slug: 'test-org',
-    logo: 'logo.png',
-    cover: 'cover.jpg',
-    type: OrgType.Station,
-    parentId: null,
-    joinId: 'ABC-123',
-    description: 'Test Description',
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'org-1',
-    name: 'Test Organization',
-    slug: 'test-org',
-    logo: 'logo.png',
-    cover: 'cover.jpg',
-    type: OrgType.Station,
-    parentId: null,
-    joinId: 'ABC-123',
-    description: 'Test Description',
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map a database row to an Organization entity', () => {
-      const result = OrganizationMapper.toEntity(
-        mockRow as unknown as Parameters<typeof OrganizationMapper.toEntity>[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-  });
-
-  describe('toInsert', () => {
-    beforeEach(() => {
-      vi.useFakeTimers();
-      vi.setSystemTime(new Date('2024-01-01T00:00:00Z'));
-    });
-
-    afterEach(() => {
-      vi.useRealTimers();
-    });
-
-    it('should map an Organization entity to a database insert object', () => {
-      const { createdAt, updatedAt, deletedAt, ...insertData } = mockEntity;
-      const result = OrganizationMapper.toInsert(insertData);
-      expect(result).toEqual({
-        id: 'org-1',
-        name: 'Test Organization',
-        slug: 'test-org',
-        logo: 'logo.png',
-        cover: 'cover.jpg',
-        type: OrgType.Station,
-        parentId: null,
-        joinId: 'ABC-123',
-        description: 'Test Description',
-        createdAt: new Date('2024-01-01T00:00:00Z'),
-        updatedAt: new Date('2024-01-01T00:00:00Z'),
-      });
-    });
-  });
-});
diff --git a/packages/db/src/mapper/organization.ts b/packages/db/src/mapper/organization.ts
deleted file mode 100644
index b9b873e1..00000000
--- a/packages/db/src/mapper/organization.ts
+++ /dev/null
@@ -1,51 +0,0 @@
-import type { CreateOrganization, Organization, OrgType } from '@domus/core';
-import type { organization } from '../schema/better-auth';
-
-/**
- * Mapper for Organization entity.
- */
-export const OrganizationMapper = {
-  /**
-   * Maps a database row to a Organization entity.
-   */
-  toEntity(row: typeof organization.$inferSelect): Organization {
-    return {
-      id: row.id,
-      name: row.name,
-      slug: row.slug,
-      logo: row.logo,
-      cover: row.cover,
-      type: row.type as OrgType,
-      parentId: row.parentId,
-      joinId: row.joinId,
-      description: row.description,
-      createdAt: row.createdAt,
-      updatedAt: (row.updatedAt ?? row.createdAt) as Date,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a CreateOrganization entity to a database insert object.
-   */
-  toInsert(entity: CreateOrganization): typeof organization.$inferInsert {
-    return {
-      id: (entity.id ?? '') as string,
-      name: entity.name,
-      slug:
-        entity.slug ??
-        entity.name
-          .toLowerCase()
-          .replace(/\s+/g, '-')
-          .replace(/[^a-z0-9-]/g, ''),
-      logo: entity.logo,
-      cover: entity.cover,
-      type: entity.type,
-      parentId: entity.parentId,
-      joinId: entity.joinId,
-      description: entity.description,
-      createdAt: new Date(),
-      updatedAt: new Date(),
-    };
-  },
-};
diff --git a/packages/db/src/mapper/parishioner.spec.ts b/packages/db/src/mapper/parishioner.spec.ts
deleted file mode 100644
index 30b696ae..00000000
--- a/packages/db/src/mapper/parishioner.spec.ts
+++ /dev/null
@@ -1,71 +0,0 @@
-import { EducationLevel, Gender } from '@domus/core';
-import { describe, expect, it } from 'vitest';
-import { ParishionerMapper } from './parishioner';
-
-describe('ParishionerMapper', () => {
-  const mockRow = {
-    id: 'p-1',
-    userId: 'user-1',
-    email: 'budi@example.com',
-    avatarUrl: 'https://example.com/avatar.jpg',
-    fullName: 'Budi Santoso',
-    honorific: 'Bp.',
-    suffix: 'S.T.',
-    birthPlace: 'Jakarta',
-    birthDate: new Date('1980-01-01'),
-    gender: 'male',
-    educationLevel: EducationLevel.S1,
-    idCardPhoto: 'id.jpg',
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'p-1',
-    userId: 'user-1',
-    email: 'budi@example.com',
-    avatarUrl: 'https://example.com/avatar.jpg',
-    fullName: 'Budi Santoso',
-    honorific: 'Bp.',
-    suffix: 'S.T.',
-    birthPlace: 'Jakarta',
-    birthDate: new Date('1980-01-01'),
-    gender: Gender.Male,
-    educationLevel: EducationLevel.S1,
-    idCardPhoto: 'id.jpg',
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map a database row to a Parishioner entity', () => {
-      const result = ParishionerMapper.toEntity(
-        mockRow as unknown as Parameters<typeof ParishionerMapper.toEntity>[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-  });
-
-  describe('toInsert', () => {
-    it('should map a Parishioner entity to a database insert object', () => {
-      const { createdAt, updatedAt, deletedAt, ...insertData } = mockEntity;
-      const result = ParishionerMapper.toInsert(insertData);
-      expect(result).toEqual({
-        id: 'p-1',
-        userId: 'user-1',
-        email: 'budi@example.com',
-        avatarUrl: 'https://example.com/avatar.jpg',
-        fullName: 'Budi Santoso',
-        honorific: 'Bp.',
-        suffix: 'S.T.',
-        birthPlace: 'Jakarta',
-        birthDate: new Date('1980-01-01'),
-        gender: Gender.Male,
-        educationLevel: EducationLevel.S1,
-        idCardPhoto: 'id.jpg',
-      });
-    });
-  });
-});
diff --git a/packages/db/src/mapper/parishioner.ts b/packages/db/src/mapper/parishioner.ts
deleted file mode 100644
index 20d26d10..00000000
--- a/packages/db/src/mapper/parishioner.ts
+++ /dev/null
@@ -1,55 +0,0 @@
-import type {
-  CreateParishioner,
-  EducationLevel,
-  Gender,
-  Parishioner,
-} from '@domus/core';
-import type { parishioners } from '../schema/parishioners';
-
-/**
- * Mapper for Parishioner entity.
- */
-export const ParishionerMapper = {
-  /**
-   * Maps a database row to a Parishioner entity.
-   */
-  toEntity(row: typeof parishioners.$inferSelect): Parishioner {
-    return {
-      id: row.id,
-      userId: row.userId,
-      email: row.email,
-      avatarUrl: row.avatarUrl,
-      fullName: row.fullName,
-      honorific: row.honorific,
-      suffix: row.suffix,
-      birthPlace: row.birthPlace,
-      birthDate: row.birthDate,
-      gender: row.gender as Gender | null,
-      educationLevel: row.educationLevel as EducationLevel | null,
-      idCardPhoto: row.idCardPhoto,
-      createdAt: row.createdAt,
-      updatedAt: row.updatedAt,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a CreateParishioner entity to a database insert object.
-   */
-  toInsert(entity: CreateParishioner): typeof parishioners.$inferInsert {
-    return {
-      id: entity.id as string,
-      userId: entity.userId,
-      email: entity.email,
-      avatarUrl: entity.avatarUrl,
-      fullName: entity.fullName,
-      honorific: entity.honorific,
-      suffix: entity.suffix,
-      birthPlace: entity.birthPlace,
-      birthDate: entity.birthDate,
-      gender: entity.gender,
-      educationLevel: entity.educationLevel,
-      idCardPhoto: entity.idCardPhoto,
-    };
-  },
-};
diff --git a/packages/db/src/mapper/rsvp.spec.ts b/packages/db/src/mapper/rsvp.spec.ts
deleted file mode 100644
index ea0de02c..00000000
--- a/packages/db/src/mapper/rsvp.spec.ts
+++ /dev/null
@@ -1,47 +0,0 @@
-import { RsvpStatus } from '@domus/core';
-import { describe, expect, it } from 'vitest';
-import { RsvpMapper } from './rsvp';
-
-describe('RsvpMapper', () => {
-  const mockRow = {
-    id: 'rsvp-1',
-    eventId: 'event-1',
-    parishionerId: 'p-1',
-    status: 'attending',
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'rsvp-1',
-    eventId: 'event-1',
-    parishionerId: 'p-1',
-    status: RsvpStatus.Attending,
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map a database row to an RSVP entity', () => {
-      const result = RsvpMapper.toEntity(
-        mockRow as unknown as Parameters<typeof RsvpMapper.toEntity>[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-  });
-
-  describe('toInsert', () => {
-    it('should map an RSVP entity to a database insert object', () => {
-      const { createdAt, updatedAt, deletedAt, ...insertData } = mockEntity;
-      const result = RsvpMapper.toInsert(insertData);
-      expect(result).toEqual({
-        id: 'rsvp-1',
-        eventId: 'event-1',
-        parishionerId: 'p-1',
-        status: RsvpStatus.Attending,
-      });
-    });
-  });
-});
diff --git a/packages/db/src/mapper/rsvp.ts b/packages/db/src/mapper/rsvp.ts
deleted file mode 100644
index 649f1d6d..00000000
--- a/packages/db/src/mapper/rsvp.ts
+++ /dev/null
@@ -1,34 +0,0 @@
-import type { CreateRsvp, Rsvp, RsvpStatus } from '@domus/core';
-import type { rsvp } from '../schema/rsvp';
-
-/**
- * Mapper for RSVP entity.
- */
-export const RsvpMapper = {
-  /**
-   * Maps a database row to an RSVP entity.
-   */
-  toEntity(row: typeof rsvp.$inferSelect): Rsvp {
-    return {
-      id: row.id,
-      eventId: row.eventId,
-      parishionerId: row.parishionerId,
-      status: row.status as RsvpStatus,
-      createdAt: row.createdAt,
-      updatedAt: row.updatedAt,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a CreateRsvp entity to a database insert object.
-   */
-  toInsert(entity: CreateRsvp): typeof rsvp.$inferInsert {
-    return {
-      id: entity.id as string,
-      eventId: entity.eventId,
-      parishionerId: entity.parishionerId,
-      status: entity.status,
-    };
-  },
-};
diff --git a/packages/db/src/mapper/transaction.spec.ts b/packages/db/src/mapper/transaction.spec.ts
deleted file mode 100644
index 8cc576c3..00000000
--- a/packages/db/src/mapper/transaction.spec.ts
+++ /dev/null
@@ -1,64 +0,0 @@
-import { TransactionType } from '@domus/core';
-import { describe, expect, it } from 'vitest';
-import { TransactionMapper } from './transaction';
-
-describe('TransactionMapper', () => {
-  const mockRow = {
-    id: 'tx-1',
-    periodId: 'period-1',
-    categoryId: 'cat-1',
-    type: 'income',
-    amount: 100000,
-    description: 'Offertory',
-    date: new Date('2024-01-01'),
-    receiptPhoto: null,
-    createdBy: 'user-1',
-    updatedBy: null,
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'tx-1',
-    periodId: 'period-1',
-    categoryId: 'cat-1',
-    type: TransactionType.Income,
-    amount: 100000,
-    description: 'Offertory',
-    date: new Date('2024-01-01'),
-    receiptPhoto: null,
-    createdBy: 'user-1',
-    updatedBy: null,
-    createdAt: new Date('2024-01-01T00:00:00Z'),
-    updatedAt: new Date('2024-01-01T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map a database row to a Transaction entity', () => {
-      const result = TransactionMapper.toEntity(
-        mockRow as unknown as Parameters<typeof TransactionMapper.toEntity>[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-  });
-
-  describe('toInsert', () => {
-    it('should map a Transaction entity to a database insert object', () => {
-      const { createdAt, updatedAt, deletedAt, ...insertData } = mockEntity;
-      const result = TransactionMapper.toInsert(insertData);
-      expect(result).toEqual({
-        id: 'tx-1',
-        periodId: 'period-1',
-        categoryId: 'cat-1',
-        type: TransactionType.Income,
-        amount: 100000,
-        description: 'Offertory',
-        date: new Date('2024-01-01'),
-        receiptPhoto: null,
-        createdBy: 'user-1',
-      });
-    });
-  });
-});
diff --git a/packages/db/src/mapper/transaction.ts b/packages/db/src/mapper/transaction.ts
deleted file mode 100644
index 43d33dac..00000000
--- a/packages/db/src/mapper/transaction.ts
+++ /dev/null
@@ -1,49 +0,0 @@
-import type {
-  CreateTransaction,
-  Transaction,
-  TransactionType,
-} from '@domus/core';
-import type { transactions } from '../schema/transactions';
-
-/**
- * Mapper for Transaction entity.
- */
-export const TransactionMapper = {
-  /**
-   * Maps a database row to a Transaction entity.
-   */
-  toEntity(row: typeof transactions.$inferSelect): Transaction {
-    return {
-      id: row.id,
-      periodId: row.periodId,
-      categoryId: row.categoryId,
-      type: row.type as TransactionType,
-      amount: row.amount,
-      description: row.description,
-      date: row.date,
-      receiptPhoto: row.receiptPhoto,
-      createdBy: row.createdBy,
-      updatedBy: row.updatedBy,
-      createdAt: row.createdAt,
-      updatedAt: row.updatedAt,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a CreateTransaction entity to a database insert object.
-   */
-  toInsert(entity: CreateTransaction): typeof transactions.$inferInsert {
-    return {
-      id: entity.id as string,
-      periodId: entity.periodId,
-      categoryId: entity.categoryId,
-      type: entity.type as TransactionType,
-      amount: entity.amount,
-      description: entity.description,
-      date: entity.date,
-      receiptPhoto: entity.receiptPhoto,
-      createdBy: entity.createdBy as string,
-    };
-  },
-};
diff --git a/packages/db/src/mapper/user.spec.ts b/packages/db/src/mapper/user.spec.ts
deleted file mode 100644
index 9c9bbc94..00000000
--- a/packages/db/src/mapper/user.spec.ts
+++ /dev/null
@@ -1,84 +0,0 @@
-import { AccountStatus, UserRole } from '@domus/core';
-import { describe, expect, it } from 'vitest';
-import { UserMapper } from './user';
-
-describe('UserMapper', () => {
-  const mockRow = {
-    id: 'user-1',
-    name: 'Test User',
-    email: 'test@example.com',
-    emailVerified: true,
-    image: 'https://example.com/image.png',
-    accountStatus: 'approved',
-    role: 'parish-admin',
-    banned: false,
-    banReason: null,
-    banExpires: null,
-    createdAt: new Date('2026-03-26T00:00:00Z'),
-    updatedAt: new Date('2026-03-26T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  const mockEntity = {
-    id: 'user-1',
-    name: 'Test User',
-    email: 'test@example.com',
-    emailVerified: true,
-    image: 'https://example.com/image.png',
-    accountStatus: AccountStatus.Approved,
-    role: [UserRole.ParishAdmin],
-    createdAt: new Date('2026-03-26T00:00:00Z'),
-    updatedAt: new Date('2026-03-26T00:00:00Z'),
-    deletedAt: null,
-  };
-
-  describe('toEntity', () => {
-    it('should map database row to entity', () => {
-      const result = UserMapper.toEntity(
-        mockRow as unknown as Parameters<typeof UserMapper.toEntity>[0],
-      );
-      expect(result).toEqual(mockEntity);
-    });
-
-    it('should handle null role by defaulting to parishioner', () => {
-      const rowWithNullRole = { ...mockRow, role: null };
-      const result = UserMapper.toEntity(
-        rowWithNullRole as unknown as Parameters<typeof UserMapper.toEntity>[0],
-      );
-      expect(result.role).toEqual([UserRole.Parishioner]);
-    });
-  });
-
-  describe('toInsert', () => {
-    it('should map partial entity to database insert object', () => {
-      const result = UserMapper.toInsert(mockEntity);
-      expect(result).toEqual({
-        id: 'user-1',
-        name: 'Test User',
-        email: 'test@example.com',
-        emailVerified: true,
-        image: 'https://example.com/image.png',
-        accountStatus: 'approved',
-        role: 'parish-admin',
-        createdAt: new Date('2026-03-26T00:00:00Z'),
-        updatedAt: new Date('2026-03-26T00:00:00Z'),
-        deletedAt: null,
-      });
-    });
-
-    it('should take the first role from the array for database storage', () => {
-      const entityWithMultipleRoles = {
-        ...mockEntity,
-        role: [UserRole.SuperAdmin, UserRole.Parishioner],
-      };
-      const result = UserMapper.toInsert(entityWithMultipleRoles);
-      expect(result.role).toBe('super-admin');
-    });
-
-    it('should default role to parishioner if role array is empty', () => {
-      const entityWithNoRole = { ...mockEntity, role: [] };
-      const result = UserMapper.toInsert(entityWithNoRole);
-      expect(result.role).toBe('parishioner');
-    });
-  });
-});
diff --git a/packages/db/src/mapper/user.ts b/packages/db/src/mapper/user.ts
deleted file mode 100644
index 873623bc..00000000
--- a/packages/db/src/mapper/user.ts
+++ /dev/null
@@ -1,56 +0,0 @@
-import type { AccountStatus, User, UserRole } from '@domus/core';
-import type { user } from '../schema/better-auth';
-
-/**
- * Mapper for User entity.
- */
-export const UserMapper = {
-  /**
-   * Maps a database row to a User entity.
-   */
-  toEntity(row: typeof user.$inferSelect): User {
-    return {
-      id: row.id,
-      name: row.name,
-      email: row.email,
-      emailVerified: row.emailVerified,
-      image: row.image,
-      accountStatus: row.accountStatus as AccountStatus,
-      role: [(row.role ?? 'parishioner') as UserRole],
-      createdAt: row.createdAt,
-      updatedAt: row.updatedAt,
-      deletedAt: row.deletedAt,
-    };
-  },
-
-  /**
-   * Maps a User entity to a database insert object.
-   */
-  toInsert(entity: Partial<User>): typeof user.$inferInsert {
-    return {
-      id: entity.id as string,
-      name: entity.name ?? '',
-      email: entity.email ?? '',
-      emailVerified: entity.emailVerified ?? false,
-      image: entity.image,
-      accountStatus: entity.accountStatus,
-      role: entity.role?.[0] ?? 'parishioner',
-      createdAt: entity.createdAt,
-      updatedAt: entity.updatedAt,
-      deletedAt: entity.deletedAt,
-    };
-  },
-
-  toUpdate(entity: Partial<User>): Partial<typeof user.$inferInsert> {
-    return {
-      name: entity.name ?? '',
-      emailVerified: entity.emailVerified ?? false,
-      image: entity.image,
-      accountStatus: entity.accountStatus,
-      role: entity.role?.[0] ?? 'parishioner',
-      createdAt: entity.createdAt,
-      updatedAt: entity.updatedAt,
-      deletedAt: entity.deletedAt,
-    };
-  },
-};
diff --git a/packages/db/src/repository/attendance.spec.ts b/packages/db/src/repository/attendance.spec.ts
index eaa99319..5b67345a 100644
--- a/packages/db/src/repository/attendance.spec.ts
+++ b/packages/db/src/repository/attendance.spec.ts
@@ -1,33 +1,35 @@
-import { AttendanceStatus } from '@domus/core';
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import {
+  AttendanceEntity,
+  AttendanceMethod,
+  AttendanceStatus,
+  type ILogger,
+} from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { AttendanceMapper } from '../mapper/attendance';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { attendances } from '../schema/attendances';
-import type * as schema from '../schema/index';
 import { AttendanceRepository } from './attendance';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('AttendanceRepository', () => {
-  const repo = new AttendanceRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new AttendanceRepository(dbMock, loggerMock);
+
+  const VALID_ID = '0194b150-0001-7000-8000-000000000001';
+  const VALID_EVENT_ID = '0194b150-0002-7000-8000-000000000001';
+  const VALID_PARISHIONER_ID = '0194b150-0003-7000-8000-000000000001';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockAttendanceRow = {
-    id: 'att-1',
-    eventId: 'event-1',
-    parishionerId: 'p-1',
-    method: 'qrCode',
-    status: 'present',
+    id: VALID_ID,
+    eventId: VALID_EVENT_ID,
+    parishionerId: VALID_PARISHIONER_ID,
+    method: AttendanceMethod.QrCode,
+    status: AttendanceStatus.Present,
     verifiedBy: null,
     verifiedAt: null,
     createdAt: new Date(),
@@ -35,71 +37,76 @@ describe('AttendanceRepository', () => {
     deletedAt: null,
   };
 
-  const mockAttendanceEntity = AttendanceMapper.toEntity(
-    mockAttendanceRow as unknown as Parameters<
-      typeof AttendanceMapper.toEntity
-    >[0],
-  );
+  const mockAttendanceEntity = AttendanceEntity.parse(mockAttendanceRow);
 
   describe('findById', () => {
     it('should return attendance when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockAttendanceRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('att-1');
+      const result = await repo.findById(VALID_ID);
 
       expect(result).toEqual(mockAttendanceEntity);
       expect(dbMock.select).toHaveBeenCalled();
     });
 
     it('should return null when not found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('non-existent');
+      const result = await repo.findById(VALID_ID);
 
       expect(result).toBeNull();
     });
   });
+
   describe('findByEventId', () => {
     it('should return attendances for event', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockAttendanceRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findByEventId('event-1');
+      const result = await repo.findByEventId(VALID_EVENT_ID);
       expect(result).toEqual([mockAttendanceEntity]);
     });
   });
 
   describe('findByEventAndParishioner', () => {
     it('should return attendance for event and parishioner', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockAttendanceRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findByEventAndParishioner('event-1', 'p-1');
+      const result = await repo.findByEventAndParishioner(
+        VALID_EVENT_ID,
+        VALID_PARISHIONER_ID,
+      );
       expect(result).toEqual(mockAttendanceEntity);
     });
   });
 
   describe('create', () => {
     it('should create and return attendance', async () => {
+      // @ts-expect-error
       dbMock.insert.mockReturnValue({
         values: vi.fn().mockReturnValue({
           returning: vi.fn().mockResolvedValue([mockAttendanceRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.insert>);
+      });
 
       const result = await repo.create(mockAttendanceEntity);
 
@@ -110,15 +117,16 @@ describe('AttendanceRepository', () => {
 
   describe('update', () => {
     it('should update and return attendance', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockAttendanceRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.update('att-1', {
+      const result = await repo.update(VALID_ID, {
         status: AttendanceStatus.Absent,
       });
 
@@ -129,13 +137,14 @@ describe('AttendanceRepository', () => {
 
   describe('delete', () => {
     it('should soft delete attendance', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'att-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.delete('att-1');
+      await repo.delete(VALID_ID);
 
       expect(dbMock.update).toHaveBeenCalledWith(attendances);
       // Verify soft delete (deletedAt is set)
diff --git a/packages/db/src/repository/attendance.ts b/packages/db/src/repository/attendance.ts
index 658c33c2..318a4b6b 100644
--- a/packages/db/src/repository/attendance.ts
+++ b/packages/db/src/repository/attendance.ts
@@ -1,42 +1,55 @@
-import type {
-  Attendance,
-  IAttendanceRepository,
-  RecordAttendance,
-  UpdateAttendance,
+import {
+  type Attendance,
+  AttendanceEntity,
+  type IAttendanceRepository,
+  type ILogger,
+  type RecordAttendance,
+  type UpdateAttendance,
 } from '@domus/core';
 import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
-import { AttendanceMapper } from '../mapper/attendance';
+import type { DrizzleClient } from '../index';
 import { attendances } from '../schema/attendances';
 
 /**
  * Repository implementation for attendances.
  */
 export class AttendanceRepository implements IAttendanceRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds an attendance record by its unique ID.
    */
   async findById(id: string): Promise<Attendance | null> {
-    const [row] = await db
+    this.logger.info('AttendanceRepository.findById', { attendanceId: id });
+    const [row] = await this.db
       .select()
       .from(attendances)
       .where(and(eq(attendances.id, id), isNull(attendances.deletedAt)));
 
-    return row ? AttendanceMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('AttendanceRepository.findById: not found', {
+        attendanceId: id,
+      });
+    }
+    return row ? AttendanceEntity.parse(row) : null;
   }
 
   /**
    * Finds attendance records for a specific event.
    */
   async findByEventId(eventId: string): Promise<Attendance[]> {
-    const rows = await db
+    this.logger.info('AttendanceRepository.findByEventId', { eventId });
+    const rows = await this.db
       .select()
       .from(attendances)
       .where(
         and(eq(attendances.eventId, eventId), isNull(attendances.deletedAt)),
       );
 
-    return rows.map((row) => AttendanceMapper.toEntity(row));
+    return rows.map((row) => AttendanceEntity.parse(row));
   }
 
   /**
@@ -46,7 +59,11 @@ export class AttendanceRepository implements IAttendanceRepository {
     eventId: string,
     parishionerId: string,
   ): Promise<Attendance | null> {
-    const [row] = await db
+    this.logger.info('AttendanceRepository.findByEventAndParishioner', {
+      eventId,
+      parishionerId,
+    });
+    const [row] = await this.db
       .select()
       .from(attendances)
       .where(
@@ -57,31 +74,45 @@ export class AttendanceRepository implements IAttendanceRepository {
         ),
       );
 
-    return row ? AttendanceMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn(
+        'AttendanceRepository.findByEventAndParishioner: not found',
+        {
+          eventId,
+          parishionerId,
+        },
+      );
+    }
+    return row ? AttendanceEntity.parse(row) : null;
   }
 
   /**
    * Creates a new attendance record.
    */
   async create(data: RecordAttendance): Promise<Attendance> {
-    const id = crypto.randomUUID();
-    const [row] = await db
+    this.logger.info('AttendanceRepository.create', {
+      eventId: data.eventId,
+      parishionerId: data.parishionerId,
+    });
+    const [row] = await this.db
       .insert(attendances)
-      .values(AttendanceMapper.toInsert({ ...data, id }))
+      .values({ ...data })
       .returning();
 
     if (!row) {
+      this.logger.error('AttendanceRepository.create: failed');
       throw new Error('Failed to create attendance record');
     }
 
-    return AttendanceMapper.toEntity(row);
+    return AttendanceEntity.parse(row);
   }
 
   /**
    * Updates an attendance record.
    */
   async update(id: string, data: UpdateAttendance): Promise<Attendance> {
-    const [row] = await db
+    this.logger.info('AttendanceRepository.update', { attendanceId: id });
+    const [row] = await this.db
       .update(attendances)
       .set({
         ...data,
@@ -91,17 +122,21 @@ export class AttendanceRepository implements IAttendanceRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('AttendanceRepository.update: not found', {
+        attendanceId: id,
+      });
       throw new Error(`Attendance with ID ${id} not found`);
     }
 
-    return AttendanceMapper.toEntity(row);
+    return AttendanceEntity.parse(row);
   }
 
   /**
    * Soft deletes an attendance record.
    */
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('AttendanceRepository.delete', { attendanceId: id });
+    await this.db
       .update(attendances)
       .set({ deletedAt: new Date() })
       .where(eq(attendances.id, id));
diff --git a/packages/db/src/repository/enrollment.spec.ts b/packages/db/src/repository/enrollment.spec.ts
new file mode 100644
index 00000000..8f00cbad
--- /dev/null
+++ b/packages/db/src/repository/enrollment.spec.ts
@@ -0,0 +1,125 @@
+import { EnrollmentEntity, EnrollmentStatus, type ILogger } from '@domus/core';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
+import { orgEnrollments } from '../schema/org-enrollments';
+import { EnrollmentRepository } from './enrollment';
+
+describe('EnrollmentRepository', () => {
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new EnrollmentRepository(dbMock, loggerMock);
+
+  const VALID_ID = '0194b150-0001-7000-8000-000000000000';
+  const VALID_PARISHIONER_ID = '0194b150-0002-7000-8000-000000000000';
+  const VALID_ORG_ID = '0194b150-0003-7000-8000-000000000000';
+
+  beforeEach(() => {
+    mockReset(dbMock);
+    mockReset(loggerMock);
+  });
+
+  describe('findById', () => {
+    it('should return enrollment when found', async () => {
+      const mockRow = {
+        id: VALID_ID,
+        parishionerId: VALID_PARISHIONER_ID,
+        organizationId: VALID_ORG_ID,
+        unitId: null,
+        status: EnrollmentStatus.Active,
+        joinedAt: new Date(),
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        deletedAt: null,
+      };
+
+      // @ts-expect-error - simplified mock for select().from().where()
+      dbMock.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([mockRow]),
+        }),
+      });
+
+      const result = await repo.findById(VALID_ID);
+
+      expect(result).toEqual(EnrollmentEntity.parse(mockRow));
+      expect(loggerMock.info).toHaveBeenCalledWith(
+        'EnrollmentRepository.findById',
+        { enrollmentId: VALID_ID },
+      );
+    });
+
+    it('should return null and warn when not found', async () => {
+      // @ts-expect-error
+      dbMock.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([]),
+        }),
+      });
+
+      const result = await repo.findById(VALID_ID);
+
+      expect(result).toBeNull();
+      expect(loggerMock.warn).toHaveBeenCalledWith(
+        'EnrollmentRepository.findById: not found',
+        { enrollmentId: VALID_ID },
+      );
+    });
+  });
+
+  describe('create', () => {
+    it('should create and return registration', async () => {
+      const input = {
+        parishionerId: VALID_PARISHIONER_ID,
+        organizationId: VALID_ORG_ID,
+        status: EnrollmentStatus.Pending,
+        joinedAt: new Date(),
+      };
+      const mockRow = {
+        ...input,
+        id: VALID_ID,
+        unitId: null,
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        deletedAt: null,
+      };
+
+      // @ts-expect-error
+      dbMock.insert.mockReturnValue({
+        values: vi.fn().mockReturnValue({
+          returning: vi.fn().mockResolvedValue([mockRow]),
+        }),
+      });
+
+      const result = await repo.create(input);
+
+      expect(result).toEqual(EnrollmentEntity.parse(mockRow));
+      expect(loggerMock.info).toHaveBeenCalledWith(
+        'EnrollmentRepository.create',
+        {
+          parishionerId: VALID_PARISHIONER_ID,
+          organizationId: VALID_ORG_ID,
+        },
+      );
+    });
+  });
+
+  describe('delete', () => {
+    it('should soft delete enrollment', async () => {
+      // @ts-expect-error
+      dbMock.update.mockReturnValue({
+        set: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue({}),
+        }),
+      });
+
+      await repo.delete(VALID_ID);
+
+      expect(dbMock.update).toHaveBeenCalledWith(orgEnrollments);
+      expect(loggerMock.info).toHaveBeenCalledWith(
+        'EnrollmentRepository.delete',
+        { enrollmentId: VALID_ID },
+      );
+    });
+  });
+});
diff --git a/packages/db/src/repository/enrollment.ts b/packages/db/src/repository/enrollment.ts
index c3d915f9..cceee4e2 100644
--- a/packages/db/src/repository/enrollment.ts
+++ b/packages/db/src/repository/enrollment.ts
@@ -1,28 +1,40 @@
-import type {
-  Enrollment,
-  IEnrollmentRepository,
-  RegisterEnrollment,
-  UpdateEnrollment,
+import {
+  type Enrollment,
+  EnrollmentEntity,
+  type IEnrollmentRepository,
+  type ILogger,
+  type RegisterEnrollment,
+  type UpdateEnrollment,
 } from '@domus/core';
 import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
-import { toEnrollmentEntity, toEnrollmentInsert } from '../mapper/enrollment';
+import type { DrizzleClient } from '../index';
 import { orgEnrollments } from '../schema/org-enrollments';
 
 /**
  * Repository implementation for organization enrollments.
  */
 export class EnrollmentRepository implements IEnrollmentRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds an enrollment record by its unique ID.
    */
   async findById(id: string): Promise<Enrollment | null> {
-    const [row] = await db
+    this.logger.info('EnrollmentRepository.findById', { enrollmentId: id });
+    const [row] = await this.db
       .select()
       .from(orgEnrollments)
       .where(and(eq(orgEnrollments.id, id), isNull(orgEnrollments.deletedAt)));
 
-    return row ? toEnrollmentEntity(row) : null;
+    if (!row) {
+      this.logger.warn('EnrollmentRepository.findById: not found', {
+        enrollmentId: id,
+      });
+    }
+    return row ? EnrollmentEntity.parse(row) : null;
   }
 
   /**
@@ -32,7 +44,11 @@ export class EnrollmentRepository implements IEnrollmentRepository {
     parishionerId: string,
     organizationId: string,
   ): Promise<Enrollment | null> {
-    const [row] = await db
+    this.logger.info('EnrollmentRepository.findByParishionerAndOrg', {
+      parishionerId,
+      organizationId,
+    });
+    const [row] = await this.db
       .select()
       .from(orgEnrollments)
       .where(
@@ -43,14 +59,24 @@ export class EnrollmentRepository implements IEnrollmentRepository {
         ),
       );
 
-    return row ? toEnrollmentEntity(row) : null;
+    if (!row) {
+      this.logger.warn(
+        'EnrollmentRepository.findByParishionerAndOrg: not found',
+        {
+          parishionerId,
+          organizationId,
+        },
+      );
+    }
+    return row ? EnrollmentEntity.parse(row) : null;
   }
 
   /**
    * Finds all enrollment records for a specific organization.
    */
   async findByOrg(organizationId: string): Promise<Enrollment[]> {
-    const rows = await db
+    this.logger.info('EnrollmentRepository.findByOrg', { organizationId });
+    const rows = await this.db
       .select()
       .from(orgEnrollments)
       .where(
@@ -60,31 +86,36 @@ export class EnrollmentRepository implements IEnrollmentRepository {
         ),
       );
 
-    return rows.map((row) => toEnrollmentEntity(row));
+    return rows.map((row) => EnrollmentEntity.parse(row));
   }
 
   /**
    * Creates a new enrollment record.
    */
   async create(data: RegisterEnrollment): Promise<Enrollment> {
-    const id = crypto.randomUUID();
-    const [row] = await db
+    this.logger.info('EnrollmentRepository.create', {
+      parishionerId: data.parishionerId,
+      organizationId: data.organizationId,
+    });
+    const [row] = await this.db
       .insert(orgEnrollments)
-      .values(toEnrollmentInsert({ ...data, id }))
+      .values({ ...data })
       .returning();
 
     if (!row) {
+      this.logger.error('EnrollmentRepository.create: failed');
       throw new Error('Failed to create enrollment');
     }
 
-    return toEnrollmentEntity(row);
+    return EnrollmentEntity.parse(row);
   }
 
   /**
    * Updates an existing enrollment record.
    */
   async update(id: string, data: UpdateEnrollment): Promise<Enrollment> {
-    const [row] = await db
+    this.logger.info('EnrollmentRepository.update', { enrollmentId: id });
+    const [row] = await this.db
       .update(orgEnrollments)
       .set({
         ...data,
@@ -94,17 +125,21 @@ export class EnrollmentRepository implements IEnrollmentRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('EnrollmentRepository.update: not found', {
+        enrollmentId: id,
+      });
       throw new Error(`Enrollment with ID ${id} not found`);
     }
 
-    return toEnrollmentEntity(row);
+    return EnrollmentEntity.parse(row);
   }
 
   /**
    * Soft deletes an enrollment record.
    */
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('EnrollmentRepository.delete', { enrollmentId: id });
+    await this.db
       .update(orgEnrollments)
       .set({ deletedAt: new Date() })
       .where(eq(orgEnrollments.id, id));
diff --git a/packages/db/src/repository/event.spec.ts b/packages/db/src/repository/event.spec.ts
index 1eabebfd..16c2052f 100644
--- a/packages/db/src/repository/event.spec.ts
+++ b/packages/db/src/repository/event.spec.ts
@@ -1,44 +1,52 @@
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import {
+  EventEntity,
+  EventStatus,
+  EventVisibility,
+  type ILogger,
+} from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { EventMapper } from '../mapper/event';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { events } from '../schema/events';
-import type * as schema from '../schema/index';
 import { EventRepository } from './event';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('EventRepository', () => {
-  const repo = new EventRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new EventRepository(dbMock, loggerMock);
+
+  const VALID_EVENT_ID = '0194b150-1234-7000-8000-000000000002';
+  const VALID_ORG_ID = '0194b150-1234-7000-8000-000000000004';
+  const VALID_USER_ID = '0194b150-1234-7000-8000-000000000005';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockEventRow = {
-    id: 'event-1',
-    organizationId: 'org-1',
+    id: VALID_EVENT_ID,
+    organizationId: VALID_ORG_ID,
     name: 'Test Event',
     description: 'A test event',
     location: 'Test Location',
+    latitude: null,
+    longitude: null,
+    radiusMeters: 100,
     startDateTime: new Date(),
     endDateTime: new Date(),
-    status: 'published',
-    visibility: 'public',
+    eventPhoto: null,
+    qrCode: 'test-qr',
+    visibility: EventVisibility.Public,
+    isRsvpEnabled: false,
+    status: EventStatus.Published,
+    createdBy: VALID_USER_ID,
     createdAt: new Date(),
     updatedAt: new Date(),
     deletedAt: null,
   };
 
-  const mockEventEntity = EventMapper.toEntity(
-    mockEventRow as unknown as Parameters<typeof EventMapper.toEntity>[0],
-  );
+  const mockEventEntity = EventEntity.parse(mockEventRow);
 
   describe('findById', () => {
     it('should return event when found', async () => {
@@ -48,7 +56,7 @@ describe('EventRepository', () => {
         }),
       } as unknown as ReturnType<typeof dbMock.select>);
 
-      const result = await repo.findById('event-1');
+      const result = await repo.findById(VALID_EVENT_ID);
       expect(result).toEqual(mockEventEntity);
     });
   });
@@ -61,7 +69,7 @@ describe('EventRepository', () => {
         }),
       } as unknown as ReturnType<typeof dbMock.select>);
 
-      const result = await repo.findByOrganizationId('org-1');
+      const result = await repo.findByOrganizationId(VALID_ORG_ID);
       expect(result).toEqual([mockEventEntity]);
     });
   });
@@ -103,7 +111,9 @@ describe('EventRepository', () => {
         }),
       } as unknown as ReturnType<typeof dbMock.update>);
 
-      const result = await repo.update('event-1', { name: 'Updated Event' });
+      const result = await repo.update(VALID_EVENT_ID, {
+        name: 'Updated Event',
+      });
       expect(result).toEqual(mockEventEntity);
       expect(dbMock.update).toHaveBeenCalledWith(events);
     });
@@ -113,11 +123,11 @@ describe('EventRepository', () => {
     it('should soft delete event', async () => {
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'event-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_EVENT_ID }]),
         }),
       } as unknown as ReturnType<typeof dbMock.update>);
 
-      await repo.delete('event-1');
+      await repo.delete(VALID_EVENT_ID);
       expect(dbMock.update).toHaveBeenCalledWith(events);
     });
   });
diff --git a/packages/db/src/repository/event.ts b/packages/db/src/repository/event.ts
index 301c1338..92b6e520 100644
--- a/packages/db/src/repository/event.ts
+++ b/packages/db/src/repository/event.ts
@@ -1,15 +1,16 @@
-import type { IEventRepository } from '@domus/core';
 import {
   type CreateEvent,
   type Event,
+  EventEntity,
   EventStatus,
   type EventWithDetails,
+  type IEventRepository,
+  type ILogger,
   type UpdateEvent,
 } from '@domus/core';
-import { and, desc, eq, gte, isNull } from 'drizzle-orm';
+import { and, desc, eq, gte, type InferInsertModel, isNull } from 'drizzle-orm';
 import { v7 as uuidv7 } from 'uuid';
-import { db } from '../index';
-import { EventMapper } from '../mapper/event';
+import type { DrizzleClient } from '../index';
 import { organization } from '../schema/better-auth';
 import { events } from '../schema/events';
 import { rsvp } from '../schema/rsvp';
@@ -18,23 +19,35 @@ import { rsvp } from '../schema/rsvp';
  * Repository implementation for events.
  */
 export class EventRepository implements IEventRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds an event by its unique ID.
    */
   async findById(id: string): Promise<Event | null> {
-    const [row] = await db
+    this.logger.info('EventRepository.findById', { eventId: id });
+    const [row] = await this.db
       .select()
       .from(events)
       .where(and(eq(events.id, id), isNull(events.deletedAt)));
 
-    return row ? EventMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('EventRepository.findById: not found', { eventId: id });
+    }
+    return row ? EventEntity.parse(row) : null;
   }
 
   /**
    * Finds all events belonging to a specific organization.
    */
   async findByOrganizationId(organizationId: string): Promise<Event[]> {
-    const rows = await db
+    this.logger.info('EventRepository.findByOrganizationId', {
+      organizationId,
+    });
+    const rows = await this.db
       .select()
       .from(events)
       .where(
@@ -44,7 +57,7 @@ export class EventRepository implements IEventRepository {
         ),
       );
 
-    return rows.map((row) => EventMapper.toEntity(row));
+    return rows.map((row) => EventEntity.parse(row));
   }
 
   /**
@@ -54,6 +67,7 @@ export class EventRepository implements IEventRepository {
     name: string,
     organizationId: string | null,
   ): Promise<Event | null> {
+    this.logger.info('EventRepository.findByName', { name, organizationId });
     const filters = [eq(events.name, name), isNull(events.deletedAt)];
     if (organizationId) {
       filters.push(eq(events.organizationId, organizationId));
@@ -61,48 +75,79 @@ export class EventRepository implements IEventRepository {
       filters.push(isNull(events.organizationId));
     }
 
-    const [row] = await db
+    const [row] = await this.db
       .select()
       .from(events)
       .where(and(...filters));
 
-    return row ? EventMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('EventRepository.findByName: not found', {
+        name,
+        organizationId,
+      });
+    }
+    return row ? EventEntity.parse(row) : null;
   }
 
   /**
    * Finds all public events.
    */
   async findPublicEvents(): Promise<Event[]> {
-    const rows = await db
+    this.logger.info('EventRepository.findPublicEvents');
+    const rows = await this.db
       .select()
       .from(events)
       .where(and(eq(events.visibility, 'public'), isNull(events.deletedAt)));
 
-    return rows.map((row) => EventMapper.toEntity(row));
+    return rows.map((row) => EventEntity.parse(row));
   }
 
   /**
    * Creates a new event record.
    */
   async create(data: CreateEvent): Promise<Event> {
+    this.logger.info('EventRepository.create', {
+      name: data.name,
+      organizationId: data.organizationId,
+    });
     const id = data.id || uuidv7();
-    const [row] = await db
-      .insert(events)
-      .values(EventMapper.toInsert({ ...data, id }))
-      .returning();
+    const values = {
+      id,
+      organizationId: data.organizationId,
+      name: data.name,
+      description: data.description,
+      location: data.location,
+      latitude: data.latitude,
+      longitude: data.longitude,
+      radiusMeters: data.radiusMeters,
+      startDateTime: data.startDateTime,
+      endDateTime: data.endDateTime,
+      eventPhoto: data.eventPhoto,
+      qrCode: data.qrCode || `event-${id}`,
+      visibility: data.visibility,
+      isRsvpEnabled: data.isRsvpEnabled,
+      status: data.status || EventStatus.Published,
+      createdBy: data.createdBy as string,
+      createdAt: new Date(),
+      updatedAt: new Date(),
+    } satisfies InferInsertModel<typeof events>;
+
+    const [row] = await this.db.insert(events).values(values).returning();
 
     if (!row) {
+      this.logger.error('EventRepository.create: failed');
       throw new Error('Failed to create event');
     }
 
-    return EventMapper.toEntity(row);
+    return EventEntity.parse(row);
   }
 
   /**
    * Updates an event record.
    */
   async update(id: string, data: UpdateEvent): Promise<Event> {
-    const [row] = await db
+    this.logger.info('EventRepository.update', { eventId: id });
+    const [row] = await this.db
       .update(events)
       .set({
         ...data,
@@ -112,17 +157,19 @@ export class EventRepository implements IEventRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('EventRepository.update: not found', { eventId: id });
       throw new Error(`Event with ID ${id} not found`);
     }
 
-    return EventMapper.toEntity(row);
+    return EventEntity.parse(row);
   }
 
   /**
    * Soft deletes an event record.
    */
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('EventRepository.delete', { eventId: id });
+    await this.db
       .update(events)
       .set({ deletedAt: new Date() })
       .where(eq(events.id, id));
@@ -135,7 +182,11 @@ export class EventRepository implements IEventRepository {
     parishionerId: string | null,
     limit: number,
   ): Promise<EventWithDetails[]> {
-    const rows = await db
+    this.logger.info('EventRepository.findUpcomingForParishioner', {
+      parishionerId,
+      limit,
+    });
+    const rows = await this.db
       .select({
         event: events,
         org: {
@@ -168,7 +219,7 @@ export class EventRepository implements IEventRepository {
       .limit(limit);
 
     return rows.map((row) => ({
-      ...EventMapper.toEntity(row.event),
+      ...EventEntity.parse(row.event),
       organizationName: row.org.name,
       organizationLogo: row.org.logo,
       userRsvpStatus: row.userRsvp?.status ?? null,
diff --git a/packages/db/src/repository/financial-period.spec.ts b/packages/db/src/repository/financial-period.spec.ts
index 4f0438b4..9be9fd67 100644
--- a/packages/db/src/repository/financial-period.spec.ts
+++ b/packages/db/src/repository/financial-period.spec.ts
@@ -1,31 +1,27 @@
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import { FinancialPeriodEntity, type ILogger, PeriodStatus } from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { FinancialPeriodMapper } from '../mapper/financial-period';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { financialPeriods } from '../schema/financial-periods';
-import type * as schema from '../schema/index';
 import { FinancialPeriodRepository } from './financial-period';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('FinancialPeriodRepository', () => {
-  const repo = new FinancialPeriodRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new FinancialPeriodRepository(dbMock, loggerMock);
+
+  const VALID_ID = '0194b150-0001-7000-8000-000000000001';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockPeriodRow = {
-    id: 'period-1',
+    id: VALID_ID,
     month: 1,
     year: 2024,
-    status: 'open',
+    status: PeriodStatus.Open,
     lockedBy: null,
     lockedAt: null,
     createdAt: new Date(),
@@ -33,32 +29,30 @@ describe('FinancialPeriodRepository', () => {
     deletedAt: null,
   };
 
-  const mockPeriodEntity = FinancialPeriodMapper.toEntity(
-    mockPeriodRow as unknown as Parameters<
-      typeof FinancialPeriodMapper.toEntity
-    >[0],
-  );
+  const mockPeriodEntity = FinancialPeriodEntity.parse(mockPeriodRow);
 
   describe('findById', () => {
     it('should return period when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockPeriodRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('period-1');
+      const result = await repo.findById(VALID_ID);
       expect(result).toEqual(mockPeriodEntity);
     });
   });
 
   describe('findByMonthAndYear', () => {
     it('should return period when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockPeriodRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
       const result = await repo.findByMonthAndYear(1, 2024);
       expect(result).toEqual(mockPeriodEntity);
@@ -67,11 +61,12 @@ describe('FinancialPeriodRepository', () => {
 
   describe('findAll', () => {
     it('should return all periods', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockPeriodRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
       const result = await repo.findAll();
       expect(result).toEqual([mockPeriodEntity]);
@@ -80,11 +75,12 @@ describe('FinancialPeriodRepository', () => {
 
   describe('create', () => {
     it('should create and return period', async () => {
+      // @ts-expect-error
       dbMock.insert.mockReturnValue({
         values: vi.fn().mockReturnValue({
           returning: vi.fn().mockResolvedValue([mockPeriodRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.insert>);
+      });
 
       const result = await repo.create(mockPeriodEntity);
       expect(result).toEqual(mockPeriodEntity);
@@ -93,28 +89,32 @@ describe('FinancialPeriodRepository', () => {
 
   describe('update', () => {
     it('should update and return period', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockPeriodRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.update('period-1', { month: 2 });
+      const result = await repo.update(VALID_ID, {
+        month: 2,
+      });
       expect(result).toEqual(mockPeriodEntity);
     });
   });
 
   describe('delete', () => {
     it('should soft delete period', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'period-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.delete('period-1');
+      await repo.delete(VALID_ID);
       expect(dbMock.update).toHaveBeenCalledWith(financialPeriods);
     });
   });
diff --git a/packages/db/src/repository/financial-period.ts b/packages/db/src/repository/financial-period.ts
index 2e6ea89c..22d41d2c 100644
--- a/packages/db/src/repository/financial-period.ts
+++ b/packages/db/src/repository/financial-period.ts
@@ -1,30 +1,43 @@
-import type {
-  CreateFinancialPeriod,
-  FinancialPeriod,
-  IFinancialPeriodRepository,
-  UpdateFinancialPeriod,
+import {
+  type CreateFinancialPeriod,
+  type FinancialPeriod,
+  FinancialPeriodEntity,
+  type IFinancialPeriodRepository,
+  type ILogger,
+  type UpdateFinancialPeriod,
 } from '@domus/core';
-import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
-import { FinancialPeriodMapper } from '../mapper/financial-period';
+import { and, eq, type InferInsertModel, isNull } from 'drizzle-orm';
+import { v7 as uuidv7 } from 'uuid';
+import type { DrizzleClient } from '../index';
 import { financialPeriods } from '../schema/financial-periods';
 
 /**
  * Repository implementation for financial periods.
  */
 export class FinancialPeriodRepository implements IFinancialPeriodRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds a financial period by its unique ID.
    */
   async findById(id: string): Promise<FinancialPeriod | null> {
-    const [row] = await db
+    this.logger.info('FinancialPeriodRepository.findById', { periodId: id });
+    const [row] = await this.db
       .select()
       .from(financialPeriods)
       .where(
         and(eq(financialPeriods.id, id), isNull(financialPeriods.deletedAt)),
       );
 
-    return row ? FinancialPeriodMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('FinancialPeriodRepository.findById: not found', {
+        periodId: id,
+      });
+    }
+    return row ? FinancialPeriodEntity.parse(row) : null;
   }
 
   /**
@@ -34,7 +47,11 @@ export class FinancialPeriodRepository implements IFinancialPeriodRepository {
     month: number,
     year: number,
   ): Promise<FinancialPeriod | null> {
-    const [row] = await db
+    this.logger.info('FinancialPeriodRepository.findByMonthAndYear', {
+      month,
+      year,
+    });
+    const [row] = await this.db
       .select()
       .from(financialPeriods)
       .where(
@@ -45,36 +62,60 @@ export class FinancialPeriodRepository implements IFinancialPeriodRepository {
         ),
       );
 
-    return row ? FinancialPeriodMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn(
+        'FinancialPeriodRepository.findByMonthAndYear: not found',
+        {
+          month,
+          year,
+        },
+      );
+    }
+    return row ? FinancialPeriodEntity.parse(row) : null;
   }
 
   /**
    * Retrieves all financial periods.
    */
   async findAll(): Promise<FinancialPeriod[]> {
-    const rows = await db
+    this.logger.info('FinancialPeriodRepository.findAll');
+    const rows = await this.db
       .select()
       .from(financialPeriods)
       .where(isNull(financialPeriods.deletedAt));
 
-    return rows.map((row) => FinancialPeriodMapper.toEntity(row));
+    return rows.map((row) => FinancialPeriodEntity.parse(row));
   }
 
   /**
    * Creates a new financial period record.
    */
   async create(data: CreateFinancialPeriod): Promise<FinancialPeriod> {
-    const id = crypto.randomUUID();
-    const [row] = await db
+    this.logger.info('FinancialPeriodRepository.create', {
+      month: data.month,
+      year: data.year,
+    });
+    const id = data.id || uuidv7();
+    const values = {
+      id,
+      month: data.month,
+      year: data.year,
+      status: data.status as typeof financialPeriods.$inferInsert.status,
+      createdAt: new Date(),
+      updatedAt: new Date(),
+    } satisfies InferInsertModel<typeof financialPeriods>;
+
+    const [row] = await this.db
       .insert(financialPeriods)
-      .values(FinancialPeriodMapper.toInsert({ ...data, id }))
+      .values(values)
       .returning();
 
     if (!row) {
+      this.logger.error('FinancialPeriodRepository.create: failed');
       throw new Error('Failed to create financial period');
     }
 
-    return FinancialPeriodMapper.toEntity(row);
+    return FinancialPeriodEntity.parse(row);
   }
 
   /**
@@ -84,7 +125,8 @@ export class FinancialPeriodRepository implements IFinancialPeriodRepository {
     id: string,
     data: UpdateFinancialPeriod,
   ): Promise<FinancialPeriod> {
-    const [row] = await db
+    this.logger.info('FinancialPeriodRepository.update', { periodId: id });
+    const [row] = await this.db
       .update(financialPeriods)
       .set({
         ...data,
@@ -96,17 +138,21 @@ export class FinancialPeriodRepository implements IFinancialPeriodRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('FinancialPeriodRepository.update: not found', {
+        periodId: id,
+      });
       throw new Error(`Financial period with ID ${id} not found`);
     }
 
-    return FinancialPeriodMapper.toEntity(row);
+    return FinancialPeriodEntity.parse(row);
   }
 
   /**
    * Soft deletes a financial period record.
    */
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('FinancialPeriodRepository.delete', { periodId: id });
+    await this.db
       .update(financialPeriods)
       .set({ deletedAt: new Date() })
       .where(eq(financialPeriods.id, id));
diff --git a/packages/db/src/repository/index.ts b/packages/db/src/repository/index.ts
index 3d2c966b..99e8cf80 100644
--- a/packages/db/src/repository/index.ts
+++ b/packages/db/src/repository/index.ts
@@ -1,3 +1,20 @@
+import type { ILogger } from '@domus/core';
+import type { DrizzleClient } from '../index';
+import { AttendanceRepository } from './attendance';
+import { EnrollmentRepository } from './enrollment';
+import { EventRepository } from './event';
+import { FinancialPeriodRepository } from './financial-period';
+import { MemberRepository } from './member';
+import { NotificationRepository } from './notification';
+import { OrganizationRepository } from './organization';
+import { ParishionerRepository } from './parishioner';
+import { PlacementRepository } from './placement';
+import { RsvpRepository } from './rsvp';
+import { TermRepository } from './term';
+import { TransactionRepository } from './transaction';
+import { UnitRepository } from './unit';
+import { UserRepository } from './user';
+
 export * from './attendance';
 export * from './enrollment';
 export * from './event';
@@ -12,3 +29,29 @@ export * from './term';
 export * from './transaction';
 export * from './unit';
 export * from './user';
+
+/**
+ * Creates and returns an object containing instances of all repositories.
+ * All repositories are injected with the same database client and logger.
+ *
+ * @param db - The Drizzle database client.
+ * @param logger - The logger instance.
+ */
+export function createRepositories(db: DrizzleClient, logger: ILogger) {
+  return {
+    attendance: new AttendanceRepository(db, logger),
+    enrollment: new EnrollmentRepository(db, logger),
+    event: new EventRepository(db, logger),
+    financialPeriod: new FinancialPeriodRepository(db, logger),
+    member: new MemberRepository(db, logger),
+    notification: new NotificationRepository(db, logger),
+    organization: new OrganizationRepository(db, logger),
+    parishioner: new ParishionerRepository(db, logger),
+    placement: new PlacementRepository(db, logger),
+    rsvp: new RsvpRepository(db, logger),
+    term: new TermRepository(db, logger),
+    transaction: new TransactionRepository(db, logger),
+    unit: new UnitRepository(db, logger),
+    user: new UserRepository(db, logger),
+  };
+}
diff --git a/packages/db/src/repository/member.spec.ts b/packages/db/src/repository/member.spec.ts
index ed7046f0..11dcc201 100644
--- a/packages/db/src/repository/member.spec.ts
+++ b/packages/db/src/repository/member.spec.ts
@@ -1,30 +1,27 @@
-import { OrgRole } from '@domus/core';
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import { type ILogger, OrgRole } from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { member } from '../schema/better-auth';
-import type * as schema from '../schema/index';
 import { MemberRepository } from './member';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('MemberRepository', () => {
-  const repo = new MemberRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new MemberRepository(dbMock, loggerMock);
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   describe('findByUserId', () => {
     it('should return memberships for a user', async () => {
       const mockResult = [
-        { organizationId: 'org-1', role: 'admin' },
+        {
+          organizationId: '0194b150-1234-7000-8000-000000000004',
+          role: 'admin',
+        },
         { organizationId: 'org-2', role: 'member' },
       ];
 
@@ -34,7 +31,9 @@ describe('MemberRepository', () => {
         }),
       } as unknown as ReturnType<typeof dbMock.select>);
 
-      const result = await repo.findByUserId('user-1');
+      const result = await repo.findByUserId(
+        '0194b150-1234-7000-8000-000000000005',
+      );
       expect(result).toEqual(mockResult);
       expect(dbMock.select).toHaveBeenCalled();
     });
@@ -50,7 +49,10 @@ describe('MemberRepository', () => {
         }),
       } as unknown as ReturnType<typeof dbMock.select>);
 
-      const result = await repo.findMember('org-1', 'user-1');
+      const result = await repo.findMember(
+        '0194b150-1234-7000-8000-000000000004',
+        '0194b150-1234-7000-8000-000000000005',
+      );
       expect(result).toEqual(mockResult);
     });
   });
@@ -62,8 +64,8 @@ describe('MemberRepository', () => {
       } as unknown as ReturnType<typeof dbMock.insert>);
 
       await repo.create({
-        organizationId: 'org-1',
-        userId: 'user-1',
+        organizationId: '0194b150-1234-7000-8000-000000000004',
+        userId: '0194b150-1234-7000-8000-000000000005',
         role: OrgRole.Admin,
       });
 
diff --git a/packages/db/src/repository/member.ts b/packages/db/src/repository/member.ts
index 49d00ef5..7e847124 100644
--- a/packages/db/src/repository/member.ts
+++ b/packages/db/src/repository/member.ts
@@ -1,12 +1,18 @@
-import type { IMemberRepository, OrgRole } from '@domus/core';
+import type { ILogger, IMemberRepository, OrgRole } from '@domus/core';
 import { and, eq } from 'drizzle-orm';
-import { db } from '../index';
+import { v7 } from 'uuid';
+import type { DrizzleClient } from '../index';
 import { member } from '../schema/better-auth';
 
 /**
  * Repository implementation for managing Better Auth organization roles.
  */
 export class MemberRepository implements IMemberRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds a member by organization and user ID.
    */
@@ -14,7 +20,11 @@ export class MemberRepository implements IMemberRepository {
     organizationId: string,
     userId: string,
   ): Promise<{ id: string; role: string } | null> {
-    const [row] = await db
+    this.logger.info('MemberRepository.findMember', {
+      organizationId,
+      userId,
+    });
+    const [row] = await this.db
       .select({ id: member.id, role: member.role })
       .from(member)
       .where(
@@ -24,6 +34,12 @@ export class MemberRepository implements IMemberRepository {
         ),
       );
 
+    if (!row) {
+      this.logger.warn('MemberRepository.findMember: not found', {
+        organizationId,
+        userId,
+      });
+    }
     return row ?? null;
   }
 
@@ -35,9 +51,13 @@ export class MemberRepository implements IMemberRepository {
     userId: string;
     role: OrgRole;
   }): Promise<void> {
-    const id = crypto.randomUUID();
-    await db.insert(member).values({
-      id,
+    this.logger.info('MemberRepository.create', {
+      organizationId: data.organizationId,
+      userId: data.userId,
+      role: data.role,
+    });
+    await this.db.insert(member).values({
+      id: v7(),
       organizationId: data.organizationId,
       userId: data.userId,
       role: data.role,
@@ -49,7 +69,8 @@ export class MemberRepository implements IMemberRepository {
    * Updates a member's role in the organization.
    */
   async updateRole(id: string, role: string): Promise<void> {
-    await db.update(member).set({ role }).where(eq(member.id, id));
+    this.logger.info('MemberRepository.updateRole', { memberId: id, role });
+    await this.db.update(member).set({ role }).where(eq(member.id, id));
   }
 
   /**
@@ -58,7 +79,8 @@ export class MemberRepository implements IMemberRepository {
   async findByUserId(
     userId: string,
   ): Promise<Array<{ organizationId: string; role: string }>> {
-    const rows = await db
+    this.logger.info('MemberRepository.findByUserId', { userId });
+    const rows = await this.db
       .select({
         organizationId: member.organizationId,
         role: member.role,
diff --git a/packages/db/src/repository/notification.spec.ts b/packages/db/src/repository/notification.spec.ts
index d153565c..75e75fe8 100644
--- a/packages/db/src/repository/notification.spec.ts
+++ b/packages/db/src/repository/notification.spec.ts
@@ -1,134 +1,144 @@
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import {
+  type ILogger,
+  NotificationChannel,
+  NotificationEntity,
+  NotificationStatus,
+} from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { NotificationMapper } from '../mapper/notification';
-import type * as schema from '../schema/index';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { notifications } from '../schema/notifications';
 import { NotificationRepository } from './notification';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('NotificationRepository', () => {
-  const repo = new NotificationRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new NotificationRepository(dbMock, loggerMock);
+
+  const VALID_ID = '0194b150-0001-7000-8000-000000000001';
+  const VALID_USER_ID = '0194b150-0002-7000-8000-000000000001';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockNotifRow = {
-    id: 'notif-1',
-    userId: 'user-1',
+    id: VALID_ID,
+    userId: VALID_USER_ID,
     title: 'Test',
     body: 'Test body',
-    status: 'sent',
+    type: 'system',
+    channel: NotificationChannel.InApp,
     isRead: false,
+    status: NotificationStatus.Sent,
+    referenceId: null,
+    referenceType: null,
+    sentAt: new Date(),
     createdAt: new Date(),
     deletedAt: null,
   };
 
-  const mockNotifEntity = NotificationMapper.toEntity(
-    mockNotifRow as unknown as Parameters<
-      typeof NotificationMapper.toEntity
-    >[0],
-  );
+  const mockNotifEntity = NotificationEntity.parse(mockNotifRow);
 
   describe('findById', () => {
     it('should return notification when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockNotifRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('notif-1');
+      const result = await repo.findById(VALID_ID);
       expect(result).toEqual(mockNotifEntity);
     });
   });
 
   describe('findByUserId', () => {
     it('should return notifications for user', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockNotifRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findByUserId('user-1');
+      const result = await repo.findByUserId(VALID_USER_ID);
       expect(result).toEqual([mockNotifEntity]);
     });
   });
 
   describe('create', () => {
     it('should create and return notification', async () => {
+      // @ts-expect-error
       dbMock.insert.mockReturnValue({
         values: vi.fn().mockReturnValue({
           returning: vi.fn().mockResolvedValue([mockNotifRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.insert>);
+      });
 
-      const result = await repo.create(
-        mockNotifEntity as unknown as Parameters<typeof repo.create>[0],
-      );
+      const result = await repo.create(mockNotifEntity);
       expect(result).toEqual(mockNotifEntity);
     });
   });
 
   describe('update', () => {
     it('should update and return notification', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockNotifRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.update('notif-1', { isRead: true });
+      const result = await repo.update(VALID_ID, {
+        isRead: true,
+      });
       expect(result).toEqual(mockNotifEntity);
     });
   });
 
   describe('markAsRead', () => {
     it('should mark notification as read', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'notif-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.markAsRead('notif-1');
+      await repo.markAsRead(VALID_ID);
       expect(dbMock.update).toHaveBeenCalledWith(notifications);
     });
   });
 
   describe('markAllAsRead', () => {
     it('should mark all notifications as read for user', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'notif-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.markAllAsRead('user-1');
+      await repo.markAllAsRead(VALID_USER_ID);
       expect(dbMock.update).toHaveBeenCalledWith(notifications);
     });
   });
 
   describe('delete', () => {
     it('should soft delete notification', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'notif-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.delete('notif-1');
+      await repo.delete(VALID_ID);
       expect(dbMock.update).toHaveBeenCalledWith(notifications);
     });
   });
diff --git a/packages/db/src/repository/notification.ts b/packages/db/src/repository/notification.ts
index 0e9863fa..a21307db 100644
--- a/packages/db/src/repository/notification.ts
+++ b/packages/db/src/repository/notification.ts
@@ -1,58 +1,72 @@
-import type {
-  CreateNotification,
-  INotificationRepository,
-  Notification,
+import {
+  type CreateNotification,
+  type ILogger,
+  type INotificationRepository,
+  type Notification,
+  NotificationEntity,
 } from '@domus/core';
 import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
-import { NotificationMapper } from '../mapper/notification';
+import type { DrizzleClient } from '../index';
 import { notifications } from '../schema/notifications';
 
 /**
  * Repository implementation for notifications.
  */
 export class NotificationRepository implements INotificationRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds a notification by its unique ID.
    */
   async findById(id: string): Promise<Notification | null> {
-    const [row] = await db
+    this.logger.info('NotificationRepository.findById', { notificationId: id });
+    const [row] = await this.db
       .select()
       .from(notifications)
       .where(and(eq(notifications.id, id), isNull(notifications.deletedAt)));
 
-    return row ? NotificationMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('NotificationRepository.findById: not found', {
+        notificationId: id,
+      });
+    }
+    return row ? NotificationEntity.parse(row) : null;
   }
 
   /**
    * Finds all notifications for a specific user.
    */
   async findByUserId(userId: string): Promise<Notification[]> {
-    const rows = await db
+    this.logger.info('NotificationRepository.findByUserId', { userId });
+    const rows = await this.db
       .select()
       .from(notifications)
       .where(
         and(eq(notifications.userId, userId), isNull(notifications.deletedAt)),
       );
 
-    return rows.map((row) => NotificationMapper.toEntity(row));
+    return rows.map((row) => NotificationEntity.parse(row));
   }
 
   /**
    * Creates a new notification record.
    */
   async create(data: CreateNotification): Promise<Notification> {
-    const id = crypto.randomUUID();
-    const [row] = await db
+    this.logger.info('NotificationRepository.create', { userId: data.userId });
+    const [row] = await this.db
       .insert(notifications)
-      .values(NotificationMapper.toInsert({ ...data, id }))
+      .values({ ...data })
       .returning();
 
     if (!row) {
+      this.logger.error('NotificationRepository.create: failed');
       throw new Error('Failed to create notification');
     }
 
-    return NotificationMapper.toEntity(row);
+    return NotificationEntity.parse(row);
   }
 
   /**
@@ -62,7 +76,8 @@ export class NotificationRepository implements INotificationRepository {
     id: string,
     data: Partial<Omit<Notification, 'id' | 'createdAt' | 'deletedAt'>>,
   ): Promise<Notification> {
-    const [row] = await db
+    this.logger.info('NotificationRepository.update', { notificationId: id });
+    const [row] = await this.db
       .update(notifications)
       .set({
         ...data,
@@ -71,17 +86,21 @@ export class NotificationRepository implements INotificationRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('NotificationRepository.update: not found', {
+        notificationId: id,
+      });
       throw new Error(`Notification with ID ${id} not found`);
     }
 
-    return NotificationMapper.toEntity(row);
+    return NotificationEntity.parse(row);
   }
 
   /**
    * Marks all notifications for a user as read.
    */
   async markAllAsRead(userId: string): Promise<void> {
-    await db
+    this.logger.info('NotificationRepository.markAllAsRead', { userId });
+    await this.db
       .update(notifications)
       .set({ isRead: true })
       .where(
@@ -93,7 +112,10 @@ export class NotificationRepository implements INotificationRepository {
    * Marks a notification as read.
    */
   async markAsRead(id: string): Promise<void> {
-    await db
+    this.logger.info('NotificationRepository.markAsRead', {
+      notificationId: id,
+    });
+    await this.db
       .update(notifications)
       .set({ isRead: true })
       .where(and(eq(notifications.id, id), isNull(notifications.deletedAt)));
@@ -103,7 +125,8 @@ export class NotificationRepository implements INotificationRepository {
    * Soft deletes a notification record.
    */
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('NotificationRepository.delete', { notificationId: id });
+    await this.db
       .update(notifications)
       .set({ deletedAt: new Date() })
       .where(eq(notifications.id, id));
diff --git a/packages/db/src/repository/organization.spec.ts b/packages/db/src/repository/organization.spec.ts
index 83028695..fb7fc8ad 100644
--- a/packages/db/src/repository/organization.spec.ts
+++ b/packages/db/src/repository/organization.spec.ts
@@ -1,61 +1,57 @@
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import { type ILogger, OrganizationEntity, OrgType } from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { OrganizationMapper } from '../mapper/organization';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { organization } from '../schema/better-auth';
-import type * as schema from '../schema/index';
 import { OrganizationRepository } from './organization';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('OrganizationRepository', () => {
-  const repo = new OrganizationRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new OrganizationRepository(dbMock, loggerMock);
+
+  const VALID_ID = '0194b150-0001-7000-8000-000000000001';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockOrgRow = {
-    id: 'org-1',
+    id: VALID_ID,
     name: 'Test Org',
     slug: 'test-org',
     joinId: 'JOIN123',
-    type: 'wilayah',
+    type: OrgType.BEC,
     createdAt: new Date(),
     updatedAt: new Date(),
     deletedAt: null,
   };
 
-  const mockOrgEntity = OrganizationMapper.toEntity(
-    mockOrgRow as unknown as Parameters<typeof OrganizationMapper.toEntity>[0],
-  );
+  const mockOrgEntity = OrganizationEntity.parse(mockOrgRow);
 
   describe('findById', () => {
     it('should return organization when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockOrgRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('org-1');
+      const result = await repo.findById(VALID_ID);
       expect(result).toEqual(mockOrgEntity);
     });
   });
 
   describe('findBySlug', () => {
     it('should return organization when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockOrgRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
       const result = await repo.findBySlug('test-org');
       expect(result).toEqual(mockOrgEntity);
@@ -64,11 +60,12 @@ describe('OrganizationRepository', () => {
 
   describe('findByJoinId', () => {
     it('should return organization when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockOrgRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
       const result = await repo.findByJoinId('JOIN123');
       expect(result).toEqual(mockOrgEntity);
@@ -77,11 +74,12 @@ describe('OrganizationRepository', () => {
 
   describe('findAll', () => {
     it('should return all organizations', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockOrgRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
       const result = await repo.findAll();
       expect(result).toEqual([mockOrgEntity]);
@@ -90,37 +88,42 @@ describe('OrganizationRepository', () => {
 
   describe('listForCategorical', () => {
     it('should return only categorical organizations', async () => {
+      const categoricalOrg = { ...mockOrgRow, type: OrgType.Categorical };
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([mockOrgRow]),
+          where: vi.fn().mockResolvedValue([categoricalOrg]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
       const result = await repo.listForCategorical();
-      expect(result).toEqual([mockOrgEntity]);
+      expect(result).toEqual([OrganizationEntity.parse(categoricalOrg)]);
     });
   });
 
   describe('listForTerritorial', () => {
     it('should return only territorial organizations', async () => {
+      const territorialOrg = { ...mockOrgRow, type: OrgType.Region };
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([mockOrgRow]),
+          where: vi.fn().mockResolvedValue([territorialOrg]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
       const result = await repo.listForTerritorial();
-      expect(result).toEqual([mockOrgEntity]);
+      expect(result).toEqual([OrganizationEntity.parse(territorialOrg)]);
     });
   });
 
   describe('create', () => {
     it('should create and return organization', async () => {
+      // @ts-expect-error
       dbMock.insert.mockReturnValue({
         values: vi.fn().mockReturnValue({
           returning: vi.fn().mockResolvedValue([mockOrgRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.insert>);
+      });
 
       const result = await repo.create(mockOrgEntity);
       expect(result).toEqual(mockOrgEntity);
@@ -129,28 +132,32 @@ describe('OrganizationRepository', () => {
 
   describe('update', () => {
     it('should update and return organization', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockOrgRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.update('org-1', { name: 'Updated Org' });
+      const result = await repo.update(VALID_ID, {
+        name: 'Updated Org',
+      });
       expect(result).toEqual(mockOrgEntity);
     });
   });
 
   describe('delete', () => {
     it('should soft delete organization', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'org-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.delete('org-1');
+      await repo.delete(VALID_ID);
       expect(dbMock.update).toHaveBeenCalledWith(organization);
     });
   });
diff --git a/packages/db/src/repository/organization.ts b/packages/db/src/repository/organization.ts
index 8714e3c4..8a78dd66 100644
--- a/packages/db/src/repository/organization.ts
+++ b/packages/db/src/repository/organization.ts
@@ -1,56 +1,80 @@
 import {
   type CreateOrganization,
+  type ILogger,
   type IOrganizationRepository,
   type Organization,
+  OrganizationEntity,
   OrgType,
   type UpdateOrganization,
 } from '@domus/core';
 import { and, count, eq, inArray, isNotNull, isNull } from 'drizzle-orm';
 import { v7 } from 'uuid';
-import { db } from '../index';
-import { OrganizationMapper } from '../mapper/organization';
+import type { DrizzleClient } from '../index';
 import { member, organization } from '../schema/better-auth';
 
 /**
  * Repository implementation for organizations.
  */
 export class OrganizationRepository implements IOrganizationRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds an organization by its unique ID.
    */
   async findById(id: string): Promise<Organization | null> {
-    const [row] = await db
+    this.logger.info('OrganizationRepository.findById', { organizationId: id });
+    const [row] = await this.db
       .select()
       .from(organization)
       .where(and(eq(organization.id, id), isNull(organization.deletedAt)));
 
-    return row ? OrganizationMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('OrganizationRepository.findById: not found', {
+        organizationId: id,
+      });
+    }
+    return row ? OrganizationEntity.parse(row) : null;
   }
 
   /**
    * Finds an organization by its unique slug.
    */
   async findBySlug(slug: string): Promise<Organization | null> {
-    const [row] = await db
+    this.logger.info('OrganizationRepository.findBySlug', { slug });
+    const [row] = await this.db
       .select()
       .from(organization)
       .where(and(eq(organization.slug, slug), isNull(organization.deletedAt)));
 
-    return row ? OrganizationMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('OrganizationRepository.findBySlug: not found', {
+        slug,
+      });
+    }
+    return row ? OrganizationEntity.parse(row) : null;
   }
 
   /**
    * Finds an organization by its unique join ID.
    */
   async findByJoinId(joinId: string): Promise<Organization | null> {
-    const [row] = await db
+    this.logger.info('OrganizationRepository.findByJoinId', { joinId });
+    const [row] = await this.db
       .select()
       .from(organization)
       .where(
         and(eq(organization.joinId, joinId), isNull(organization.deletedAt)),
       );
 
-    return row ? OrganizationMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('OrganizationRepository.findByJoinId: not found', {
+        joinId,
+      });
+    }
+    return row ? OrganizationEntity.parse(row) : null;
   }
 
   /**
@@ -59,7 +83,8 @@ export class OrganizationRepository implements IOrganizationRepository {
   async findManyByUserId(
     userId: string,
   ): Promise<(Organization & { memberCount: number })[]> {
-    const rows = await db
+    this.logger.info('OrganizationRepository.findManyByUserId', { userId });
+    const rows = await this.db
       .select({
         organization,
         memberCount: count(member.id),
@@ -70,7 +95,7 @@ export class OrganizationRepository implements IOrganizationRepository {
       .groupBy(organization.id);
 
     return rows.map((row) => ({
-      ...OrganizationMapper.toEntity(row.organization),
+      ...OrganizationEntity.parse(row.organization),
       memberCount: row.memberCount,
     }));
   }
@@ -79,19 +104,21 @@ export class OrganizationRepository implements IOrganizationRepository {
    * Retrieves all organizations.
    */
   async findAll(): Promise<Organization[]> {
-    const rows = await db
+    this.logger.info('OrganizationRepository.findAll');
+    const rows = await this.db
       .select()
       .from(organization)
       .where(isNull(organization.deletedAt));
 
-    return rows.map((row) => OrganizationMapper.toEntity(row));
+    return rows.map((row) => OrganizationEntity.parse(row));
   }
 
   /**
    * Retrieves all categorical organizations.
    */
   async listForCategorical(): Promise<Organization[]> {
-    const rows = await db
+    this.logger.info('OrganizationRepository.listForCategorical');
+    const rows = await this.db
       .select()
       .from(organization)
       .where(
@@ -101,14 +128,15 @@ export class OrganizationRepository implements IOrganizationRepository {
         ),
       );
 
-    return rows.map((row) => OrganizationMapper.toEntity(row));
+    return rows.map((row) => OrganizationEntity.parse(row));
   }
 
   /**
    * Retrieves all territorial organizations.
    */
   async listForTerritorial(): Promise<Organization[]> {
-    const rows = await db
+    this.logger.info('OrganizationRepository.listForTerritorial');
+    const rows = await this.db
       .select()
       .from(organization)
       .where(
@@ -122,35 +150,46 @@ export class OrganizationRepository implements IOrganizationRepository {
         ),
       );
 
-    return rows.map((row) => OrganizationMapper.toEntity(row));
+    return rows.map((row) => OrganizationEntity.parse(row));
   }
 
   /**
    * Creates a new organization record.
    */
   async create(data: CreateOrganization): Promise<Organization> {
+    this.logger.info('OrganizationRepository.create');
     const id = data.id || v7();
-    const [row] = await db
+    const [row] = await this.db
       .insert(organization)
       .values({
-        ...OrganizationMapper.toInsert({ ...data, id }),
+        id: id as string,
+        name: data.name,
+        slug: data.slug || data.name.toLowerCase().replace(/\s+/g, '-'),
+        logo: data.logo,
+        cover: data.cover,
+        type: data.type,
+        parentId: data.parentId,
+        description: data.description,
+        joinId: data.joinId,
         createdAt: new Date(),
         updatedAt: new Date(),
       })
       .returning();
 
     if (!row) {
+      this.logger.error('OrganizationRepository.create: failed');
       throw new Error('Failed to create organization');
     }
 
-    return OrganizationMapper.toEntity(row);
+    return OrganizationEntity.parse(row);
   }
 
   /**
    * Updates an organization record.
    */
   async update(id: string, data: UpdateOrganization): Promise<Organization> {
-    const [row] = await db
+    this.logger.info('OrganizationRepository.update', { organizationId: id });
+    const [row] = await this.db
       .update(organization)
       .set({
         ...data,
@@ -160,17 +199,21 @@ export class OrganizationRepository implements IOrganizationRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('OrganizationRepository.update: not found', {
+        organizationId: id,
+      });
       throw new Error(`Organization with ID ${id} not found`);
     }
 
-    return OrganizationMapper.toEntity(row);
+    return OrganizationEntity.parse(row);
   }
 
   /**
    * Soft deletes an organization record.
    */
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('OrganizationRepository.delete', { organizationId: id });
+    await this.db
       .update(organization)
       .set({ deletedAt: new Date() })
       .where(eq(organization.id, id));
@@ -180,18 +223,27 @@ export class OrganizationRepository implements IOrganizationRepository {
    * Performs a batch update to rotate join IDs for all active organizations.
    */
   async rotateJoinIds(generateId: () => string): Promise<number> {
-    const orgs = await db
+    this.logger.info('OrganizationRepository.rotateJoinIds');
+    const orgs = await this.db
       .select({ id: organization.id })
       .from(organization)
       .where(
         and(isNotNull(organization.joinId), isNull(organization.deletedAt)),
       );
 
-    if (orgs.length === 0) return 0;
+    if (orgs.length === 0) {
+      this.logger.info(
+        'OrganizationRepository.rotateJoinIds: no active orgs found',
+      );
+      return 0;
+    }
 
+    this.logger.info('OrganizationRepository.rotateJoinIds: rotating', {
+      count: orgs.length,
+    });
     await Promise.all(
       orgs.map((org) =>
-        db
+        this.db
           .update(organization)
           .set({ joinId: generateId(), updatedAt: new Date() })
           .where(eq(organization.id, org.id)),
diff --git a/packages/db/src/repository/parishioner.spec.ts b/packages/db/src/repository/parishioner.spec.ts
index 15d13884..43b41e30 100644
--- a/packages/db/src/repository/parishioner.spec.ts
+++ b/packages/db/src/repository/parishioner.spec.ts
@@ -1,74 +1,85 @@
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import {
+  EducationLevel,
+  Gender,
+  type ILogger,
+  ParishionerEntity,
+} from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { ParishionerMapper } from '../mapper/parishioner';
-import type * as schema from '../schema/index';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { parishioners } from '../schema/parishioners';
 import { ParishionerRepository } from './parishioner';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('ParishionerRepository', () => {
-  const repo = new ParishionerRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new ParishionerRepository(dbMock, loggerMock);
+
+  const VALID_ID = '0194b150-0001-7000-8000-000000000001';
+  const VALID_USER_ID = '0194b150-0002-7000-8000-000000000001';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockPRow = {
-    id: 'p-1',
-    userId: 'user-1',
+    id: VALID_ID,
+    userId: VALID_USER_ID,
+    email: 'test@example.com',
+    avatarUrl: 'https://example.com/avatar.png',
     fullName: 'Budi',
-    gender: 'male',
-    educationLevel: 's1',
+    honorific: 'Mr.',
+    suffix: 'Jr.',
+    birthPlace: 'Jakarta',
+    birthDate: new Date('1990-01-01'),
+    gender: Gender.Male,
+    educationLevel: EducationLevel.Bachelor,
+    idCardNumber: '1234567890',
+    idCardPhoto: null,
     createdAt: new Date(),
     updatedAt: new Date(),
     deletedAt: null,
   };
 
-  const mockPEntity = ParishionerMapper.toEntity(
-    mockPRow as unknown as Parameters<typeof ParishionerMapper.toEntity>[0],
-  );
+  const mockPEntity = ParishionerEntity.parse(mockPRow);
 
   describe('findByUserId', () => {
     it('should return parishioner for user', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockPRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findByUserId('user-1');
+      const result = await repo.findByUserId(VALID_USER_ID);
       expect(result).toEqual(mockPEntity);
     });
   });
 
   describe('findById', () => {
     it('should return parishioner when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockPRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('p-1');
+      const result = await repo.findById(VALID_ID);
       expect(result).toEqual(mockPEntity);
     });
   });
 
   describe('create', () => {
     it('should create and return parishioner', async () => {
+      // @ts-expect-error
       dbMock.insert.mockReturnValue({
         values: vi.fn().mockReturnValue({
           returning: vi.fn().mockResolvedValue([mockPRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.insert>);
+      });
 
       const result = await repo.create(mockPEntity);
       expect(result).toEqual(mockPEntity);
@@ -77,28 +88,32 @@ describe('ParishionerRepository', () => {
 
   describe('update', () => {
     it('should update and return parishioner', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockPRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.update('p-1', { fullName: 'Budi Updated' });
+      const result = await repo.update(VALID_ID, {
+        fullName: 'Budi Updated',
+      });
       expect(result).toEqual(mockPEntity);
     });
   });
 
   describe('delete', () => {
     it('should soft delete parishioner', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'p-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.delete('p-1');
+      await repo.delete(VALID_ID);
       expect(dbMock.update).toHaveBeenCalledWith(parishioners);
     });
   });
diff --git a/packages/db/src/repository/parishioner.ts b/packages/db/src/repository/parishioner.ts
index e433a19e..b939e3fe 100644
--- a/packages/db/src/repository/parishioner.ts
+++ b/packages/db/src/repository/parishioner.ts
@@ -1,15 +1,16 @@
-import type {
-  CreateParishioner,
-  IParishionerRepository,
-  Parishioner,
-  ParishionerMembershipRequest,
-  UpdateParishioner,
+import {
+  type CreateParishioner,
+  EnrollmentStatus,
+  type ILogger,
+  type IParishionerRepository,
+  type Parishioner,
+  ParishionerEntity,
+  type ParishionerMembershipRequest,
+  type UpdateParishioner,
 } from '@domus/core';
-import { EnrollmentStatus } from '@domus/core';
 import { and, desc, eq, inArray, isNull } from 'drizzle-orm';
 import { v7 as uuidv7 } from 'uuid';
-import { db } from '../index';
-import { ParishionerMapper } from '../mapper/parishioner';
+import type { DrizzleClient } from '../index';
 import { organization, user } from '../schema/better-auth';
 import { orgEnrollments } from '../schema/org-enrollments';
 import { parishioners } from '../schema/parishioners';
@@ -18,37 +19,55 @@ import { parishioners } from '../schema/parishioners';
  * Repository implementation for parishioners.
  */
 export class ParishionerRepository implements IParishionerRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds a parishioner by their unique ID.
    */
   async findById(id: string): Promise<Parishioner | null> {
-    const [row] = await db
+    this.logger.info('ParishionerRepository.findById', { parishionerId: id });
+    const [row] = await this.db
       .select()
       .from(parishioners)
       .where(and(eq(parishioners.id, id), isNull(parishioners.deletedAt)));
 
-    return row ? ParishionerMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('ParishionerRepository.findById: not found', {
+        parishionerId: id,
+      });
+    }
+    return row ? ParishionerEntity.parse(row) : null;
   }
 
   /**
    * Finds a parishioner linked to a specific user account.
    */
   async findByUserId(userId: string): Promise<Parishioner | null> {
-    const [row] = await db
+    this.logger.info('ParishionerRepository.findByUserId', { userId });
+    const [row] = await this.db
       .select()
       .from(parishioners)
       .where(
         and(eq(parishioners.userId, userId), isNull(parishioners.deletedAt)),
       );
 
-    return row ? ParishionerMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('ParishionerRepository.findByUserId: not found', {
+        userId,
+      });
+    }
+    return row ? ParishionerEntity.parse(row) : null;
   }
 
   /**
    * Finds a parishioner by their full name.
    */
   async findByFullName(fullName: string): Promise<Parishioner | null> {
-    const [row] = await db
+    this.logger.info('ParishionerRepository.findByFullName');
+    const [row] = await this.db
       .select()
       .from(parishioners)
       .where(
@@ -58,31 +77,39 @@ export class ParishionerRepository implements IParishionerRepository {
         ),
       );
 
-    return row ? ParishionerMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('ParishionerRepository.findByFullName: not found');
+    }
+    return row ? ParishionerEntity.parse(row) : null;
   }
 
   /**
    * Creates a new parishioner record.
    */
   async create(data: CreateParishioner): Promise<Parishioner> {
+    this.logger.info('ParishionerRepository.create', {
+      userId: data.userId,
+    });
     const id = data.id || uuidv7();
-    const [row] = await db
+    const [row] = await this.db
       .insert(parishioners)
-      .values(ParishionerMapper.toInsert({ ...data, id }))
+      .values({ ...data, id: id as string })
       .returning();
 
     if (!row) {
+      this.logger.error('ParishionerRepository.create: failed');
       throw new Error('Failed to create parishioner');
     }
 
-    return ParishionerMapper.toEntity(row);
+    return ParishionerEntity.parse(row);
   }
 
   /**
    * Updates an existing parishioner record.
    */
   async update(id: string, data: UpdateParishioner): Promise<Parishioner> {
-    const [row] = await db
+    this.logger.info('ParishionerRepository.update', { parishionerId: id });
+    const [row] = await this.db
       .update(parishioners)
       .set({
         ...data,
@@ -92,17 +119,21 @@ export class ParishionerRepository implements IParishionerRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('ParishionerRepository.update: not found', {
+        parishionerId: id,
+      });
       throw new Error(`Parishioner with ID ${id} not found`);
     }
 
-    return ParishionerMapper.toEntity(row);
+    return ParishionerEntity.parse(row);
   }
 
   /**
    * Soft deletes a parishioner record.
    */
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('ParishionerRepository.delete', { parishionerId: id });
+    await this.db
       .update(parishioners)
       .set({ deletedAt: new Date() })
       .where(eq(parishioners.id, id));
@@ -116,9 +147,18 @@ export class ParishionerRepository implements IParishionerRepository {
     organizationIds: string[],
     limit: number,
   ): Promise<ParishionerMembershipRequest[]> {
-    if (organizationIds.length === 0) return [];
+    this.logger.info('ParishionerRepository.findPendingRequests', {
+      organizationIds,
+      limit,
+    });
+    if (organizationIds.length === 0) {
+      this.logger.info(
+        'ParishionerRepository.findPendingRequests: no org IDs provided',
+      );
+      return [];
+    }
 
-    const rows = await db
+    const rows = await this.db
       .select({
         id: orgEnrollments.id,
         parishionerId: parishioners.id,
@@ -148,6 +188,9 @@ export class ParishionerRepository implements IParishionerRepository {
       .limit(limit)
       .orderBy(desc(orgEnrollments.createdAt));
 
+    this.logger.info('ParishionerRepository.findPendingRequests: complete', {
+      count: rows.length,
+    });
     return rows;
   }
 }
diff --git a/packages/db/src/repository/placement.spec.ts b/packages/db/src/repository/placement.spec.ts
new file mode 100644
index 00000000..9e2553bf
--- /dev/null
+++ b/packages/db/src/repository/placement.spec.ts
@@ -0,0 +1,122 @@
+import type { ILogger } from '@domus/core';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
+import { orgPlacements } from '../schema/org-placements';
+import { PlacementRepository } from './placement';
+
+describe('PlacementRepository', () => {
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new PlacementRepository(dbMock, loggerMock);
+
+  beforeEach(() => {
+    mockReset(dbMock);
+    mockReset(loggerMock);
+  });
+
+  describe('findById', () => {
+    it('should return placement when found', async () => {
+      const mockRow = {
+        id: '1',
+        enrollmentId: 'e1',
+        termId: 't1',
+        unitId: 'u1',
+        position: 'Member',
+        order: 1,
+        startDate: new Date(),
+        endDate: new Date(),
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        deletedAt: null,
+      };
+
+      // @ts-expect-error
+      dbMock.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([mockRow]),
+        }),
+      });
+
+      const result = await repo.findById('1');
+
+      expect(result).toEqual(mockRow);
+      expect(loggerMock.info).toHaveBeenCalledWith(
+        'PlacementRepository.findById',
+        { placementId: '1' },
+      );
+    });
+
+    it('should return null and warn when not found', async () => {
+      // @ts-expect-error
+      dbMock.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([]),
+        }),
+      });
+
+      const result = await repo.findById('999');
+
+      expect(result).toBeNull();
+      expect(loggerMock.warn).toHaveBeenCalledWith(
+        'PlacementRepository.findById: not found',
+        { placementId: '999' },
+      );
+    });
+  });
+
+  describe('create', () => {
+    it('should create and return placement', async () => {
+      const input = {
+        enrollmentId: 'e1',
+        termId: 't1',
+        unitId: 'u1',
+        position: 'Member',
+        order: 1,
+        startDate: new Date(),
+        endDate: new Date(),
+      };
+      const mockRow = {
+        ...input,
+        id: '1',
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        deletedAt: null,
+      };
+
+      // @ts-expect-error
+      dbMock.insert.mockReturnValue({
+        values: vi.fn().mockReturnValue({
+          returning: vi.fn().mockResolvedValue([mockRow]),
+        }),
+      });
+
+      const result = await repo.create(input);
+
+      expect(result).toEqual(mockRow);
+      expect(loggerMock.info).toHaveBeenCalledWith(
+        'PlacementRepository.create',
+        { enrollmentId: 'e1' },
+      );
+    });
+  });
+
+  describe('delete', () => {
+    it('should soft delete placement', async () => {
+      // @ts-expect-error
+      dbMock.update.mockReturnValue({
+        set: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue({}),
+        }),
+      });
+
+      await repo.delete('1');
+
+      expect(dbMock.update).toHaveBeenCalledWith(orgPlacements);
+      expect(loggerMock.info).toHaveBeenCalledWith(
+        'PlacementRepository.delete',
+        { placementId: '1' },
+      );
+    });
+  });
+});
diff --git a/packages/db/src/repository/placement.ts b/packages/db/src/repository/placement.ts
index 62113867..0ce52467 100644
--- a/packages/db/src/repository/placement.ts
+++ b/packages/db/src/repository/placement.ts
@@ -1,22 +1,36 @@
-import type { IPlacementRepository, Placement } from '@domus/core';
+import type { ILogger, IPlacementRepository, Placement } from '@domus/core';
 import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
+import type { DrizzleClient } from '../index';
 import { orgPlacements } from '../schema/org-placements';
 
 /**
  * Repository implementation for parishioner placements.
  */
 export class PlacementRepository implements IPlacementRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   async findById(id: string): Promise<Placement | null> {
-    const [row] = await db
+    this.logger.info('PlacementRepository.findById', { placementId: id });
+    const [row] = await this.db
       .select()
       .from(orgPlacements)
       .where(and(eq(orgPlacements.id, id), isNull(orgPlacements.deletedAt)));
+    if (!row) {
+      this.logger.warn('PlacementRepository.findById: not found', {
+        placementId: id,
+      });
+    }
     return (row as Placement) || null;
   }
 
   async findByEnrollmentId(enrollmentId: string): Promise<Placement[]> {
-    const rows = await db
+    this.logger.info('PlacementRepository.findByEnrollmentId', {
+      enrollmentId,
+    });
+    const rows = await this.db
       .select()
       .from(orgPlacements)
       .where(
@@ -29,7 +43,8 @@ export class PlacementRepository implements IPlacementRepository {
   }
 
   async findByTermId(termId: string): Promise<Placement[]> {
-    const rows = await db
+    this.logger.info('PlacementRepository.findByTermId', { termId });
+    const rows = await this.db
       .select()
       .from(orgPlacements)
       .where(
@@ -39,7 +54,8 @@ export class PlacementRepository implements IPlacementRepository {
   }
 
   async findByUnitId(unitId: string): Promise<Placement[]> {
-    const rows = await db
+    this.logger.info('PlacementRepository.findByUnitId', { unitId });
+    const rows = await this.db
       .select()
       .from(orgPlacements)
       .where(
@@ -51,11 +67,17 @@ export class PlacementRepository implements IPlacementRepository {
   async create(
     placement: Omit<Placement, 'id' | 'createdAt' | 'updatedAt' | 'deletedAt'>,
   ): Promise<Placement> {
-    const [row] = await db
+    this.logger.info('PlacementRepository.create', {
+      enrollmentId: placement.enrollmentId,
+    });
+    const [row] = await this.db
       .insert(orgPlacements)
-      .values({ ...placement, id: crypto.randomUUID() })
+      .values({ ...placement })
       .returning();
-    if (!row) throw new Error('Failed to create placement');
+    if (!row) {
+      this.logger.error('PlacementRepository.create: failed');
+      throw new Error('Failed to create placement');
+    }
     return row as Placement;
   }
 
@@ -68,17 +90,24 @@ export class PlacementRepository implements IPlacementRepository {
       >
     >,
   ): Promise<Placement> {
-    const [row] = await db
+    this.logger.info('PlacementRepository.update', { placementId: id });
+    const [row] = await this.db
       .update(orgPlacements)
       .set({ ...placement, updatedAt: new Date() })
       .where(and(eq(orgPlacements.id, id), isNull(orgPlacements.deletedAt)))
       .returning();
-    if (!row) throw new Error('Placement not found');
+    if (!row) {
+      this.logger.warn('PlacementRepository.update: not found', {
+        placementId: id,
+      });
+      throw new Error('Placement not found');
+    }
     return row as Placement;
   }
 
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('PlacementRepository.delete', { placementId: id });
+    await this.db
       .update(orgPlacements)
       .set({ deletedAt: new Date() })
       .where(eq(orgPlacements.id, id));
diff --git a/packages/db/src/repository/rsvp.spec.ts b/packages/db/src/repository/rsvp.spec.ts
index 32ea31b4..4786e20d 100644
--- a/packages/db/src/repository/rsvp.spec.ts
+++ b/packages/db/src/repository/rsvp.spec.ts
@@ -1,87 +1,89 @@
-import type { RsvpStatus } from '@domus/core';
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import { type ILogger, RsvpEntity, RsvpStatus } from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { RsvpMapper } from '../mapper/rsvp';
-import type * as schema from '../schema/index';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { rsvp } from '../schema/rsvp';
 import { RsvpRepository } from './rsvp';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('RsvpRepository', () => {
-  const repo = new RsvpRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new RsvpRepository(dbMock, loggerMock);
+
+  const VALID_ID = '0194b150-0001-7000-8000-000000000001';
+  const VALID_EVENT_ID = '0194b150-0002-7000-8000-000000000001';
+  const VALID_PARISHIONER_ID = '0194b150-0003-7000-8000-000000000001';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockRsvpRow = {
-    id: 'rsvp-1',
-    eventId: 'event-1',
-    parishionerId: 'p-1',
-    status: 'attending',
+    id: VALID_ID,
+    eventId: VALID_EVENT_ID,
+    parishionerId: VALID_PARISHIONER_ID,
+    status: RsvpStatus.Attending,
     createdAt: new Date(),
     updatedAt: new Date(),
     deletedAt: null,
   };
 
-  const mockRsvpEntity = RsvpMapper.toEntity(
-    mockRsvpRow as unknown as Parameters<typeof RsvpMapper.toEntity>[0],
-  );
+  const mockRsvpEntity = RsvpEntity.parse(mockRsvpRow);
 
   describe('findById', () => {
     it('should return rsvp when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockRsvpRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('rsvp-1');
+      const result = await repo.findById(VALID_ID);
       expect(result).toEqual(mockRsvpEntity);
     });
   });
 
   describe('findByEventId', () => {
     it('should return rsvps for event', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockRsvpRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findByEventId('event-1');
+      const result = await repo.findByEventId(VALID_EVENT_ID);
       expect(result).toEqual([mockRsvpEntity]);
     });
   });
 
   describe('findByEventAndParishioner', () => {
     it('should return rsvp for event and parishioner', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockRsvpRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findByEventAndParishioner('event-1', 'p-1');
+      const result = await repo.findByEventAndParishioner(
+        VALID_EVENT_ID,
+        VALID_PARISHIONER_ID,
+      );
       expect(result).toEqual(mockRsvpEntity);
     });
   });
 
   describe('create', () => {
     it('should create and return rsvp', async () => {
+      // @ts-expect-error
       dbMock.insert.mockReturnValue({
         values: vi.fn().mockReturnValue({
           returning: vi.fn().mockResolvedValue([mockRsvpRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.insert>);
+      });
 
       const result = await repo.create(mockRsvpEntity);
       expect(result).toEqual(mockRsvpEntity);
@@ -90,16 +92,17 @@ describe('RsvpRepository', () => {
 
   describe('update', () => {
     it('should update and return rsvp', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockRsvpRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.update('rsvp-1', {
-        status: 'maybe' as RsvpStatus,
+      const result = await repo.update(VALID_ID, {
+        status: RsvpStatus.Maybe,
       });
       expect(result).toEqual(mockRsvpEntity);
     });
@@ -107,13 +110,14 @@ describe('RsvpRepository', () => {
 
   describe('delete', () => {
     it('should soft delete rsvp', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'rsvp-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.delete('rsvp-1');
+      await repo.delete(VALID_ID);
       expect(dbMock.update).toHaveBeenCalledWith(rsvp);
     });
   });
diff --git a/packages/db/src/repository/rsvp.ts b/packages/db/src/repository/rsvp.ts
index 203f958e..490d2a4c 100644
--- a/packages/db/src/repository/rsvp.ts
+++ b/packages/db/src/repository/rsvp.ts
@@ -1,40 +1,51 @@
-import type {
-  CreateRsvp,
-  IRsvpRepository,
-  Rsvp,
-  UpdateRsvp,
+import {
+  type CreateRsvp,
+  type ILogger,
+  type IRsvpRepository,
+  type Rsvp,
+  RsvpEntity,
+  type UpdateRsvp,
 } from '@domus/core';
 import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
-import { RsvpMapper } from '../mapper/rsvp';
+import type { DrizzleClient } from '../index';
 import { rsvp } from '../schema/rsvp';
 
 /**
  * Repository implementation for RSVPs.
  */
 export class RsvpRepository implements IRsvpRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds an RSVP record by its unique ID.
    */
   async findById(id: string): Promise<Rsvp | null> {
-    const [row] = await db
+    this.logger.info('RsvpRepository.findById', { rsvpId: id });
+    const [row] = await this.db
       .select()
       .from(rsvp)
       .where(and(eq(rsvp.id, id), isNull(rsvp.deletedAt)));
 
-    return row ? RsvpMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('RsvpRepository.findById: not found', { rsvpId: id });
+    }
+    return row ? RsvpEntity.parse(row) : null;
   }
 
   /**
    * Finds all RSVP records for a specific event.
    */
   async findByEventId(eventId: string): Promise<Rsvp[]> {
-    const rows = await db
+    this.logger.info('RsvpRepository.findByEventId', { eventId });
+    const rows = await this.db
       .select()
       .from(rsvp)
       .where(and(eq(rsvp.eventId, eventId), isNull(rsvp.deletedAt)));
 
-    return rows.map((row) => RsvpMapper.toEntity(row));
+    return rows.map((row) => RsvpEntity.parse(row));
   }
 
   /**
@@ -44,7 +55,11 @@ export class RsvpRepository implements IRsvpRepository {
     eventId: string,
     parishionerId: string,
   ): Promise<Rsvp | null> {
-    const [row] = await db
+    this.logger.info('RsvpRepository.findByEventAndParishioner', {
+      eventId,
+      parishionerId,
+    });
+    const [row] = await this.db
       .select()
       .from(rsvp)
       .where(
@@ -55,31 +70,42 @@ export class RsvpRepository implements IRsvpRepository {
         ),
       );
 
-    return row ? RsvpMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('RsvpRepository.findByEventAndParishioner: not found', {
+        eventId,
+        parishionerId,
+      });
+    }
+    return row ? RsvpEntity.parse(row) : null;
   }
 
   /**
    * Creates a new RSVP record.
    */
   async create(data: CreateRsvp): Promise<Rsvp> {
-    const id = crypto.randomUUID();
-    const [row] = await db
+    this.logger.info('RsvpRepository.create', {
+      eventId: data.eventId,
+      parishionerId: data.parishionerId,
+    });
+    const [row] = await this.db
       .insert(rsvp)
-      .values(RsvpMapper.toInsert({ ...data, id }))
+      .values({ ...data })
       .returning();
 
     if (!row) {
+      this.logger.error('RsvpRepository.create: failed');
       throw new Error('Failed to create RSVP record');
     }
 
-    return RsvpMapper.toEntity(row);
+    return RsvpEntity.parse(row);
   }
 
   /**
    * Updates an existing RSVP record.
    */
   async update(id: string, data: UpdateRsvp): Promise<Rsvp> {
-    const [row] = await db
+    this.logger.info('RsvpRepository.update', { rsvpId: id });
+    const [row] = await this.db
       .update(rsvp)
       .set({
         ...data,
@@ -89,16 +115,21 @@ export class RsvpRepository implements IRsvpRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('RsvpRepository.update: not found', { rsvpId: id });
       throw new Error(`RSVP with ID ${id} not found`);
     }
 
-    return RsvpMapper.toEntity(row);
+    return RsvpEntity.parse(row);
   }
 
   /**
    * Soft deletes an RSVP record.
    */
   async delete(id: string): Promise<void> {
-    await db.update(rsvp).set({ deletedAt: new Date() }).where(eq(rsvp.id, id));
+    this.logger.info('RsvpRepository.delete', { rsvpId: id });
+    await this.db
+      .update(rsvp)
+      .set({ deletedAt: new Date() })
+      .where(eq(rsvp.id, id));
   }
 }
diff --git a/packages/db/src/repository/term.spec.ts b/packages/db/src/repository/term.spec.ts
new file mode 100644
index 00000000..d6a9411c
--- /dev/null
+++ b/packages/db/src/repository/term.spec.ts
@@ -0,0 +1,126 @@
+import type { ILogger } from '@domus/core';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
+import { orgTerms } from '../schema/org-terms';
+import { TermRepository } from './term';
+
+describe('TermRepository', () => {
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new TermRepository(dbMock, loggerMock);
+
+  beforeEach(() => {
+    mockReset(dbMock);
+    mockReset(loggerMock);
+  });
+
+  describe('findById', () => {
+    it('should return term when found', async () => {
+      const mockRow = {
+        id: '1',
+        organizationId: 'o1',
+        name: 'Term 1',
+        description: 'First term',
+        skNumber: 'SK/001',
+        skDate: new Date(),
+        skDocument: 'doc.pdf',
+        startDate: new Date(),
+        endDate: new Date(),
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        deletedAt: null,
+      };
+
+      // @ts-expect-error
+      dbMock.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([mockRow]),
+        }),
+      });
+
+      const result = await repo.findById('1');
+
+      expect(result).toEqual(mockRow);
+      expect(loggerMock.info).toHaveBeenCalledWith('TermRepository.findById', {
+        termId: '1',
+      });
+    });
+
+    it('should return null and warn when not found', async () => {
+      // @ts-expect-error
+      dbMock.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([]),
+        }),
+      });
+
+      const result = await repo.findById('999');
+
+      expect(result).toBeNull();
+      expect(loggerMock.warn).toHaveBeenCalledWith(
+        'TermRepository.findById: not found',
+        { termId: '999' },
+      );
+    });
+  });
+
+  describe('create', () => {
+    it('should create and return term', async () => {
+      const input = {
+        organizationId: 'o1',
+        name: 'New Term',
+        description: 'New term description',
+        skNumber: 'SK/002',
+        skDate: new Date(),
+        skDocument: 'doc2.pdf',
+        startDate: new Date(),
+        endDate: new Date(),
+      };
+      const mockRow = {
+        ...input,
+        id: '1',
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        deletedAt: null,
+      };
+
+      // @ts-expect-error
+      dbMock.insert.mockReturnValue({
+        values: vi.fn().mockReturnValue({
+          returning: vi.fn().mockResolvedValue([mockRow]),
+        }),
+      });
+
+      const result = await repo.create(input);
+
+      expect(result).toEqual(toTermEntity(mockRow));
+      expect(loggerMock.info).toHaveBeenCalledWith('TermRepository.create', {
+        organizationId: 'o1',
+      });
+    });
+  });
+
+  describe('delete', () => {
+    it('should soft delete term', async () => {
+      // @ts-expect-error
+      dbMock.update.mockReturnValue({
+        set: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue({}),
+        }),
+      });
+
+      await repo.delete('1');
+
+      expect(dbMock.update).toHaveBeenCalledWith(orgTerms);
+      expect(loggerMock.info).toHaveBeenCalledWith('TermRepository.delete', {
+        termId: '1',
+      });
+    });
+  });
+});
+
+// Mock helper to avoid import loop or missing mapper
+function toTermEntity(row: unknown) {
+  return row;
+}
diff --git a/packages/db/src/repository/term.ts b/packages/db/src/repository/term.ts
index 678e0831..a188211e 100644
--- a/packages/db/src/repository/term.ts
+++ b/packages/db/src/repository/term.ts
@@ -1,22 +1,32 @@
-import type { ITermRepository, Term } from '@domus/core';
+import type { ILogger, ITermRepository, Term } from '@domus/core';
 import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
+import type { DrizzleClient } from '../index';
 import { orgTerms } from '../schema/org-terms';
 
 /**
  * Repository implementation for organizational terms.
  */
 export class TermRepository implements ITermRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   async findById(id: string): Promise<Term | null> {
-    const [row] = await db
+    this.logger.info('TermRepository.findById', { termId: id });
+    const [row] = await this.db
       .select()
       .from(orgTerms)
       .where(and(eq(orgTerms.id, id), isNull(orgTerms.deletedAt)));
+    if (!row) {
+      this.logger.warn('TermRepository.findById: not found', { termId: id });
+    }
     return (row as Term) || null;
   }
 
   async findByOrganizationId(organizationId: string): Promise<Term[]> {
-    const rows = await db
+    this.logger.info('TermRepository.findByOrganizationId', { organizationId });
+    const rows = await this.db
       .select()
       .from(orgTerms)
       .where(
@@ -31,8 +41,14 @@ export class TermRepository implements ITermRepository {
   async create(
     term: Omit<Term, 'id' | 'createdAt' | 'updatedAt' | 'deletedAt'>,
   ): Promise<Term> {
-    const [row] = await db.insert(orgTerms).values(term).returning();
-    if (!row) throw new Error('Failed to create term');
+    this.logger.info('TermRepository.create', {
+      organizationId: term.organizationId,
+    });
+    const [row] = await this.db.insert(orgTerms).values(term).returning();
+    if (!row) {
+      this.logger.error('TermRepository.create: failed');
+      throw new Error('Failed to create term');
+    }
     return row as Term;
   }
 
@@ -45,17 +61,22 @@ export class TermRepository implements ITermRepository {
       >
     >,
   ): Promise<Term> {
-    const [row] = await db
+    this.logger.info('TermRepository.update', { termId: id });
+    const [row] = await this.db
       .update(orgTerms)
       .set({ ...term, updatedAt: new Date() })
       .where(and(eq(orgTerms.id, id), isNull(orgTerms.deletedAt)))
       .returning();
-    if (!row) throw new Error('Term not found');
+    if (!row) {
+      this.logger.warn('TermRepository.update: not found', { termId: id });
+      throw new Error('Term not found');
+    }
     return row as Term;
   }
 
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('TermRepository.delete', { termId: id });
+    await this.db
       .update(orgTerms)
       .set({ deletedAt: new Date() })
       .where(eq(orgTerms.id, id));
diff --git a/packages/db/src/repository/transaction.spec.ts b/packages/db/src/repository/transaction.spec.ts
index b6a38043..a9272b5f 100644
--- a/packages/db/src/repository/transaction.spec.ts
+++ b/packages/db/src/repository/transaction.spec.ts
@@ -1,77 +1,79 @@
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import { type ILogger, TransactionEntity, TransactionType } from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { TransactionMapper } from '../mapper/transaction';
-import type * as schema from '../schema/index';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { transactions } from '../schema/transactions';
 import { TransactionRepository } from './transaction';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('TransactionRepository', () => {
-  const repo = new TransactionRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new TransactionRepository(dbMock, loggerMock);
+
+  const VALID_ID = '0194b150-0001-7000-8000-000000000001';
+  const VALID_PERIOD_ID = '0194b150-0002-7000-8000-000000000001';
+  const VALID_CATEGORY_ID = '0194b150-0003-7000-8000-000000000001';
+  const VALID_USER_ID = '0194b150-0004-7000-8000-000000000001';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockTxRow = {
-    id: 'tx-1',
-    periodId: 'period-1',
-    categoryId: 'cat-1',
-    type: 'income',
+    id: VALID_ID,
+    periodId: VALID_PERIOD_ID,
+    categoryId: VALID_CATEGORY_ID,
+    type: TransactionType.Income,
     amount: 1000,
     description: 'Test',
     date: new Date(),
-    createdBy: 'user-1',
+    receiptPhoto: null,
+    createdBy: VALID_USER_ID,
+    updatedBy: null,
     createdAt: new Date(),
     updatedAt: new Date(),
     deletedAt: null,
   };
 
-  const mockTxEntity = TransactionMapper.toEntity(
-    mockTxRow as unknown as Parameters<typeof TransactionMapper.toEntity>[0],
-  );
+  const mockTxEntity = TransactionEntity.parse(mockTxRow);
 
   describe('findById', () => {
     it('should return transaction when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockTxRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('tx-1');
+      const result = await repo.findById(VALID_ID);
       expect(result).toEqual(mockTxEntity);
     });
   });
 
   describe('findByPeriodId', () => {
     it('should return transactions for period', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockTxRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findByPeriodId('period-1');
+      const result = await repo.findByPeriodId(VALID_PERIOD_ID);
       expect(result).toEqual([mockTxEntity]);
     });
   });
 
   describe('create', () => {
     it('should create and return transaction', async () => {
+      // @ts-expect-error
       dbMock.insert.mockReturnValue({
         values: vi.fn().mockReturnValue({
           returning: vi.fn().mockResolvedValue([mockTxRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.insert>);
+      });
 
       const result = await repo.create(mockTxEntity);
       expect(result).toEqual(mockTxEntity);
@@ -80,28 +82,30 @@ describe('TransactionRepository', () => {
 
   describe('update', () => {
     it('should update and return transaction', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockTxRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.update('tx-1', { amount: 2000 });
+      const result = await repo.update(VALID_ID, { amount: 2000 });
       expect(result).toEqual(mockTxEntity);
     });
   });
 
   describe('delete', () => {
     it('should soft delete transaction', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
-          where: vi.fn().mockResolvedValue([{ id: 'tx-1' }]),
+          where: vi.fn().mockResolvedValue([{ id: VALID_ID }]),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      await repo.delete('tx-1');
+      await repo.delete(VALID_ID);
       expect(dbMock.update).toHaveBeenCalledWith(transactions);
     });
   });
diff --git a/packages/db/src/repository/transaction.ts b/packages/db/src/repository/transaction.ts
index 343b6e51..b9bfb979 100644
--- a/packages/db/src/repository/transaction.ts
+++ b/packages/db/src/repository/transaction.ts
@@ -1,35 +1,49 @@
-import type {
-  CreateTransaction,
-  ITransactionRepository,
-  Transaction,
-  UpdateTransaction,
+import {
+  type CreateTransaction,
+  type ILogger,
+  type ITransactionRepository,
+  type Transaction,
+  TransactionEntity,
+  type UpdateTransaction,
 } from '@domus/core';
-import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
-import { TransactionMapper } from '../mapper/transaction';
+import { and, eq, type InferInsertModel, isNull } from 'drizzle-orm';
+import { v7 as uuidv7 } from 'uuid';
+import type { DrizzleClient } from '../index';
 import { transactions } from '../schema/transactions';
 
 /**
  * Repository implementation for transactions.
  */
 export class TransactionRepository implements ITransactionRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds a transaction by its unique ID.
    */
   async findById(id: string): Promise<Transaction | null> {
-    const [row] = await db
+    this.logger.info('TransactionRepository.findById', { transactionId: id });
+    const [row] = await this.db
       .select()
       .from(transactions)
       .where(and(eq(transactions.id, id), isNull(transactions.deletedAt)));
 
-    return row ? TransactionMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('TransactionRepository.findById: not found', {
+        transactionId: id,
+      });
+    }
+    return row ? TransactionEntity.parse(row) : null;
   }
 
   /**
    * Finds all transactions for a specific financial period.
    */
   async findByPeriodId(periodId: string): Promise<Transaction[]> {
-    const rows = await db
+    this.logger.info('TransactionRepository.findByPeriodId', { periodId });
+    const rows = await this.db
       .select()
       .from(transactions)
       .where(
@@ -39,31 +53,48 @@ export class TransactionRepository implements ITransactionRepository {
         ),
       );
 
-    return rows.map((row) => TransactionMapper.toEntity(row));
+    return rows.map((row) => TransactionEntity.parse(row));
   }
 
   /**
    * Creates a new transaction record.
    */
   async create(data: CreateTransaction): Promise<Transaction> {
-    const id = crypto.randomUUID();
-    const [row] = await db
-      .insert(transactions)
-      .values(TransactionMapper.toInsert({ ...data, id }))
-      .returning();
+    this.logger.info('TransactionRepository.create', {
+      periodId: data.periodId,
+      amount: data.amount,
+    });
+    const id = data.id || uuidv7();
+    const values = {
+      id,
+      periodId: data.periodId,
+      categoryId: data.categoryId,
+      type: data.type as typeof transactions.$inferInsert.type,
+      amount: data.amount,
+      description: data.description,
+      date: data.date,
+      receiptPhoto: data.receiptPhoto,
+      createdBy: data.createdBy as string,
+      createdAt: new Date(),
+      updatedAt: new Date(),
+    } satisfies InferInsertModel<typeof transactions>;
+
+    const [row] = await this.db.insert(transactions).values(values).returning();
 
     if (!row) {
+      this.logger.error('TransactionRepository.create: failed');
       throw new Error('Failed to create transaction');
     }
 
-    return TransactionMapper.toEntity(row);
+    return TransactionEntity.parse(row);
   }
 
   /**
    * Updates a transaction record.
    */
   async update(id: string, data: UpdateTransaction): Promise<Transaction> {
-    const [row] = await db
+    this.logger.info('TransactionRepository.update', { transactionId: id });
+    const [row] = await this.db
       .update(transactions)
       .set({
         ...data,
@@ -73,17 +104,21 @@ export class TransactionRepository implements ITransactionRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('TransactionRepository.update: not found', {
+        transactionId: id,
+      });
       throw new Error(`Transaction with ID ${id} not found`);
     }
 
-    return TransactionMapper.toEntity(row);
+    return TransactionEntity.parse(row);
   }
 
   /**
    * Soft deletes a transaction record.
    */
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('TransactionRepository.delete', { transactionId: id });
+    await this.db
       .update(transactions)
       .set({ deletedAt: new Date() })
       .where(eq(transactions.id, id));
diff --git a/packages/db/src/repository/unit.spec.ts b/packages/db/src/repository/unit.spec.ts
new file mode 100644
index 00000000..fbb081d2
--- /dev/null
+++ b/packages/db/src/repository/unit.spec.ts
@@ -0,0 +1,113 @@
+import type { ILogger } from '@domus/core';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
+import { orgUnits } from '../schema/org-units';
+import { UnitRepository } from './unit';
+
+describe('UnitRepository', () => {
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new UnitRepository(dbMock, loggerMock);
+
+  beforeEach(() => {
+    mockReset(dbMock);
+    mockReset(loggerMock);
+  });
+
+  describe('findById', () => {
+    it('should return unit when found', async () => {
+      const mockRow = {
+        id: '1',
+        organizationId: 'o1',
+        name: 'Unit 1',
+        description: 'First unit',
+        position: 1,
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        deletedAt: null,
+      };
+
+      // @ts-expect-error
+      dbMock.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([mockRow]),
+        }),
+      });
+
+      const result = await repo.findById('1');
+
+      expect(result).toEqual(mockRow);
+      expect(loggerMock.info).toHaveBeenCalledWith('UnitRepository.findById', {
+        unitId: '1',
+      });
+    });
+
+    it('should return null and warn when not found', async () => {
+      // @ts-expect-error
+      dbMock.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue([]),
+        }),
+      });
+
+      const result = await repo.findById('999');
+
+      expect(result).toBeNull();
+      expect(loggerMock.warn).toHaveBeenCalledWith(
+        'UnitRepository.findById: not found',
+        { unitId: '999' },
+      );
+    });
+  });
+
+  describe('create', () => {
+    it('should create and return unit', async () => {
+      const input = {
+        organizationId: 'o1',
+        name: 'New Unit',
+        description: 'New unit description',
+        position: 2,
+      };
+      const mockRow = {
+        ...input,
+        id: '1',
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        deletedAt: null,
+      };
+
+      // @ts-expect-error
+      dbMock.insert.mockReturnValue({
+        values: vi.fn().mockReturnValue({
+          returning: vi.fn().mockResolvedValue([mockRow]),
+        }),
+      });
+
+      const result = await repo.create(input);
+
+      expect(result).toEqual(mockRow);
+      expect(loggerMock.info).toHaveBeenCalledWith('UnitRepository.create', {
+        organizationId: 'o1',
+      });
+    });
+  });
+
+  describe('delete', () => {
+    it('should soft delete unit', async () => {
+      // @ts-expect-error
+      dbMock.update.mockReturnValue({
+        set: vi.fn().mockReturnValue({
+          where: vi.fn().mockResolvedValue({}),
+        }),
+      });
+
+      await repo.delete('1');
+
+      expect(dbMock.update).toHaveBeenCalledWith(orgUnits);
+      expect(loggerMock.info).toHaveBeenCalledWith('UnitRepository.delete', {
+        unitId: '1',
+      });
+    });
+  });
+});
diff --git a/packages/db/src/repository/unit.ts b/packages/db/src/repository/unit.ts
index e049bf25..acf596af 100644
--- a/packages/db/src/repository/unit.ts
+++ b/packages/db/src/repository/unit.ts
@@ -1,27 +1,38 @@
 import type {
   CreateUnit,
+  ILogger,
   IUnitRepository,
   Unit,
   UpdateUnit,
 } from '@domus/core';
 import { and, eq, isNull } from 'drizzle-orm';
-import { db } from '../index';
+import type { DrizzleClient } from '../index';
 import { orgUnits } from '../schema/org-units';
 
 /**
  * Repository implementation for organizational units using Drizzle ORM.
  */
 export class UnitRepository implements IUnitRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   async findById(id: string): Promise<Unit | null> {
-    const [row] = await db
+    this.logger.info('UnitRepository.findById', { unitId: id });
+    const [row] = await this.db
       .select()
       .from(orgUnits)
       .where(and(eq(orgUnits.id, id), isNull(orgUnits.deletedAt)));
+    if (!row) {
+      this.logger.warn('UnitRepository.findById: not found', { unitId: id });
+    }
     return (row as Unit) || null;
   }
 
   async findByOrganizationId(organizationId: string): Promise<Unit[]> {
-    const rows = await db
+    this.logger.info('UnitRepository.findByOrganizationId', { organizationId });
+    const rows = await this.db
       .select()
       .from(orgUnits)
       .where(
@@ -35,27 +46,43 @@ export class UnitRepository implements IUnitRepository {
   }
 
   async create(unit: CreateUnit): Promise<Unit> {
-    const [row] = await db
+    this.logger.info('UnitRepository.create', {
+      organizationId: unit.organizationId,
+    });
+    const [row] = await this.db
       .insert(orgUnits)
       .values({
         ...unit,
-        id: crypto.randomUUID(),
       })
       .returning();
+
+    if (!row) {
+      this.logger.error('UnitRepository.create: failed');
+      throw new Error('Failed to create unit');
+    }
+
     return row as Unit;
   }
 
   async update(id: string, unit: UpdateUnit): Promise<Unit> {
-    const [row] = await db
+    this.logger.info('UnitRepository.update', { unitId: id });
+    const [row] = await this.db
       .update(orgUnits)
       .set({ ...unit, updatedAt: new Date() })
       .where(eq(orgUnits.id, id))
       .returning();
+
+    if (!row) {
+      this.logger.warn('UnitRepository.update: not found', { unitId: id });
+      throw new Error('Unit not found');
+    }
+
     return row as Unit;
   }
 
   async reorder(units: { id: string; position: number }[]): Promise<void> {
-    await db.transaction(async (tx) => {
+    this.logger.info('UnitRepository.reorder', { count: units.length });
+    await this.db.transaction(async (tx) => {
       for (const unit of units) {
         await tx
           .update(orgUnits)
@@ -66,7 +93,8 @@ export class UnitRepository implements IUnitRepository {
   }
 
   async delete(id: string): Promise<void> {
-    await db
+    this.logger.info('UnitRepository.delete', { unitId: id });
+    await this.db
       .update(orgUnits)
       .set({ deletedAt: new Date() })
       .where(eq(orgUnits.id, id));
diff --git a/packages/db/src/repository/user.spec.ts b/packages/db/src/repository/user.spec.ts
index 86894010..9b96eede 100644
--- a/packages/db/src/repository/user.spec.ts
+++ b/packages/db/src/repository/user.spec.ts
@@ -1,62 +1,62 @@
-import { AccountStatus } from '@domus/core';
-import type { PostgresJsDatabase } from 'drizzle-orm/postgres-js';
+import { AccountStatus, type ILogger, UserEntity, UserRole } from '@domus/core';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { type DeepMockProxy, mockDeep, mockReset } from 'vitest-mock-extended';
-import { db } from '../index';
-import { UserMapper } from '../mapper/user';
+import { mockDeep, mockReset } from 'vitest-mock-extended';
+import type { TestDrizzleClient } from '../../test/helper';
 import { user } from '../schema/better-auth';
-import type * as schema from '../schema/index';
 import { UserRepository } from './user';
 
-vi.mock('../index', () => ({
-  db: mockDeep(),
-}));
-
 describe('UserRepository', () => {
-  const repo = new UserRepository();
-  const dbMock = db as unknown as DeepMockProxy<
-    PostgresJsDatabase<typeof schema>
-  >;
+  const dbMock = mockDeep<TestDrizzleClient>();
+  const loggerMock = mockDeep<ILogger>();
+  const repo = new UserRepository(dbMock, loggerMock);
+
+  const VALID_USER_ID = '0194b150-1234-7000-8000-000000000005';
 
   beforeEach(() => {
     mockReset(dbMock);
+    mockReset(loggerMock);
   });
 
   const mockUserRow = {
-    id: 'user-1',
+    id: VALID_USER_ID,
     email: 'test@example.com',
+    emailVerified: false,
     name: 'Test User',
-    accountStatus: 'approved',
-    role: 'parishioner',
+    image: null,
+    accountStatus: AccountStatus.Approved,
+    role: UserRole.Parishioner,
     createdAt: new Date(),
     updatedAt: new Date(),
     deletedAt: null,
   };
 
-  const mockUserEntity = UserMapper.toEntity(
-    mockUserRow as unknown as Parameters<typeof UserMapper.toEntity>[0],
-  );
+  const mockUserEntity = UserEntity.parse({
+    ...mockUserRow,
+    role: mockUserRow.role ? mockUserRow.role.split(',') : ['parishioner'],
+  });
 
   describe('findById', () => {
     it('should return user when found', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockUserRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
-      const result = await repo.findById('user-1');
+      const result = await repo.findById(VALID_USER_ID);
       expect(result).toEqual(mockUserEntity);
     });
   });
 
   describe('findByEmail', () => {
     it('should return user when found by email', async () => {
+      // @ts-expect-error
       dbMock.select.mockReturnValue({
         from: vi.fn().mockReturnValue({
           where: vi.fn().mockResolvedValue([mockUserRow]),
         }),
-      } as unknown as ReturnType<typeof dbMock.select>);
+      });
 
       const result = await repo.findByEmail('test@example.com');
       expect(result).toEqual(mockUserEntity);
@@ -65,15 +65,19 @@ describe('UserRepository', () => {
 
   describe('updateStatus', () => {
     it('should update and return user', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockUserRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.updateStatus('user-1', AccountStatus.Approved);
+      const result = await repo.updateStatus(
+        VALID_USER_ID,
+        AccountStatus.Approved,
+      );
       expect(result).toEqual(mockUserEntity);
       expect(dbMock.update).toHaveBeenCalledWith(user);
     });
@@ -81,26 +85,31 @@ describe('UserRepository', () => {
 
   describe('delete', () => {
     it('should hard delete user', async () => {
+      // @ts-expect-error
       dbMock.delete.mockReturnValue({
-        where: vi.fn().mockResolvedValue([{ id: 'user-1' }]),
-      } as unknown as ReturnType<typeof dbMock.delete>);
+        where: vi.fn().mockResolvedValue([{ id: VALID_USER_ID }]),
+      });
 
-      await repo.delete('user-1');
+      await repo.delete(VALID_USER_ID);
       expect(dbMock.delete).toHaveBeenCalledWith(user);
     });
   });
 
   describe('update', () => {
     it('should update and return user', async () => {
+      // @ts-expect-error
       dbMock.update.mockReturnValue({
         set: vi.fn().mockReturnValue({
           where: vi.fn().mockReturnValue({
             returning: vi.fn().mockResolvedValue([mockUserRow]),
           }),
         }),
-      } as unknown as ReturnType<typeof dbMock.update>);
+      });
 
-      const result = await repo.update('user-1', { name: 'New Name' });
+      const result = await repo.update(VALID_USER_ID, {
+        name: 'New Name',
+        role: [UserRole.Parishioner],
+      });
       expect(result).toEqual(mockUserEntity);
       expect(dbMock.update).toHaveBeenCalledWith(user);
     });
diff --git a/packages/db/src/repository/user.ts b/packages/db/src/repository/user.ts
index 07ab3fe2..1e44021e 100644
--- a/packages/db/src/repository/user.ts
+++ b/packages/db/src/repository/user.ts
@@ -1,49 +1,75 @@
-import type {
-  AccountStatus,
-  AuthContext,
-  IUserRepository,
-  OrgRole,
-  User,
+import {
+  type AccountStatus,
+  type AuthContext,
+  type ILogger,
+  type IUserRepository,
+  NotFoundError,
+  type OrgRole,
+  type User,
+  UserEntity,
 } from '@domus/core';
-import { NotFoundError } from '@domus/core';
 import { and, eq, isNull } from 'drizzle-orm';
-import { db, MemberRepository } from '../index';
-import { UserMapper } from '../mapper/user';
+import type { DrizzleClient } from '../index';
 import { user } from '../schema/better-auth';
+import { MemberRepository } from './member';
 
 /**
  * Repository implementation for users.
  */
 export class UserRepository implements IUserRepository {
+  constructor(
+    private readonly db: DrizzleClient,
+    private readonly logger: ILogger,
+  ) {}
+
   /**
    * Finds a user by their unique ID.
    */
   async findById(id: string): Promise<User | null> {
-    const [row] = await db
+    this.logger.info('UserRepository.findById', { userId: id });
+    const [row] = await this.db
       .select()
       .from(user)
       .where(and(eq(user.id, id), isNull(user.deletedAt)));
 
-    return row ? UserMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('UserRepository.findById: not found', { userId: id });
+    }
+    return row
+      ? UserEntity.parse({
+          ...row,
+          role: row.role ? row.role.split(',') : ['parishioner'],
+        })
+      : null;
   }
 
   /**
    * Finds a user by their email address.
    */
   async findByEmail(email: string): Promise<User | null> {
-    const [row] = await db
+    this.logger.info('UserRepository.findByEmail');
+    const [row] = await this.db
       .select()
       .from(user)
       .where(and(eq(user.email, email), isNull(user.deletedAt)));
 
-    return row ? UserMapper.toEntity(row) : null;
+    if (!row) {
+      this.logger.warn('UserRepository.findByEmail: not found');
+    }
+    return row
+      ? UserEntity.parse({
+          ...row,
+          role: row.role ? row.role.split(',') : ['parishioner'],
+        })
+      : null;
   }
 
   /**
    * Updates a user's account status.
    */
   async updateStatus(id: string, status: AccountStatus): Promise<User> {
-    const [row] = await db
+    this.logger.info('UserRepository.updateStatus', { userId: id, status });
+    const [row] = await this.db
       .update(user)
       .set({
         accountStatus: status,
@@ -53,44 +79,65 @@ export class UserRepository implements IUserRepository {
       .returning();
 
     if (!row) {
+      this.logger.warn('UserRepository.updateStatus: not found', {
+        userId: id,
+      });
       throw new Error(`User with ID ${id} not found`);
     }
 
-    return UserMapper.toEntity(row);
+    return UserEntity.parse({
+      ...row,
+      role: row.role ? row.role.split(',') : ['parishioner'],
+    });
   }
 
   /**
    * Hard deletes a user record.
    */
   async delete(id: string): Promise<void> {
-    await db.delete(user).where(eq(user.id, id));
+    this.logger.info('UserRepository.delete', { userId: id });
+    await this.db.delete(user).where(eq(user.id, id));
   }
 
   /**
    * Updates an existing user record.
    */
   async update(id: string, data: Partial<User>): Promise<User> {
-    const [row] = await db
+    this.logger.info('UserRepository.update', { userId: id });
+    const [row] = await this.db
       .update(user)
       .set({
-        ...UserMapper.toUpdate(data),
+        name: data.name,
+        email: data.email,
+        emailVerified: data.emailVerified ?? undefined,
+        image: data.image,
+        role: data.role?.[0],
+        accountStatus: data.accountStatus,
         updatedAt: new Date(),
       })
       .where(and(eq(user.id, id), isNull(user.deletedAt)))
       .returning();
 
     if (!row) {
+      this.logger.warn('UserRepository.update: not found', { userId: id });
       throw new Error(`User with ID ${id} not found`);
     }
 
-    return UserMapper.toEntity(row);
+    return UserEntity.parse({
+      ...row,
+      role: row.role ? row.role.split(',') : ['parishioner'],
+    });
   }
 
   async getAuthContext(id: string): Promise<AuthContext> {
-    const memberRepo = new MemberRepository();
+    this.logger.info('UserRepository.getAuthContext', { userId: id });
+    const memberRepo = new MemberRepository(this.db, this.logger);
     const user = await this.findById(id);
 
     if (!user) {
+      this.logger.warn('UserRepository.getAuthContext: user not found', {
+        userId: id,
+      });
       throw new NotFoundError('User');
     }
 
@@ -103,6 +150,7 @@ export class UserRepository implements IUserRepository {
       {} as Record<string, OrgRole>,
     );
 
+    this.logger.info('UserRepository.getAuthContext: complete', { userId: id });
     return {
       userId: user.id,
       accountStatus: user.accountStatus,
diff --git a/packages/db/src/schema/attendances.ts b/packages/db/src/schema/attendances.ts
index d9aa7983..8a526e4c 100644
--- a/packages/db/src/schema/attendances.ts
+++ b/packages/db/src/schema/attendances.ts
@@ -1,13 +1,5 @@
 import { AttendanceMethod, AttendanceStatus } from '@domus/core';
-import {
-  pgEnum,
-  pgTable,
-  text,
-  timestamp,
-  unique,
-  uuid,
-} from 'drizzle-orm/pg-core';
-
+import { pgEnum, pgTable, timestamp, unique, uuid } from 'drizzle-orm/pg-core';
 import { v7 as uuidv7 } from 'uuid';
 
 import { user } from './better-auth';
@@ -41,7 +33,7 @@ export const attendances = pgTable(
 
     method: attendanceMethodEnum('method').notNull(),
     status: attendanceStatusEnum('status').notNull(),
-    verifiedBy: text('verified_by').references(() => user.id, {
+    verifiedBy: uuid('verified_by').references(() => user.id, {
       onDelete: 'set null',
     }),
 
diff --git a/packages/db/src/schema/better-auth.ts b/packages/db/src/schema/better-auth.ts
index 41f7094f..caa41518 100644
--- a/packages/db/src/schema/better-auth.ts
+++ b/packages/db/src/schema/better-auth.ts
@@ -6,10 +6,11 @@ import {
   text,
   timestamp,
   uniqueIndex,
+  uuid,
 } from 'drizzle-orm/pg-core';
 
 export const user = pgTable('user', {
-  id: text('id').primaryKey(),
+  id: uuid('id').primaryKey(),
   name: text('name').notNull(),
   email: text('email').notNull().unique(),
   emailVerified: boolean('email_verified').default(false).notNull(),
@@ -25,12 +26,13 @@ export const user = pgTable('user', {
   banExpires: timestamp('ban_expires'),
   accountStatus: text('account_status').default('pending'),
   deletedAt: timestamp('deleted_at'),
+  parishionerId: text('parishioner_id'),
 });
 
 export const session = pgTable(
   'session',
   {
-    id: text('id').primaryKey(),
+    id: uuid('id').primaryKey(),
     expiresAt: timestamp('expires_at').notNull(),
     token: text('token').notNull().unique(),
     createdAt: timestamp('created_at').defaultNow().notNull(),
@@ -39,11 +41,11 @@ export const session = pgTable(
       .notNull(),
     ipAddress: text('ip_address'),
     userAgent: text('user_agent'),
-    userId: text('user_id')
+    userId: uuid('user_id')
       .notNull()
       .references(() => user.id, { onDelete: 'cascade' }),
-    impersonatedBy: text('impersonated_by'),
-    activeOrganizationId: text('active_organization_id'),
+    impersonatedBy: uuid('impersonated_by'),
+    activeOrganizationId: uuid('active_organization_id'),
   },
   (table) => [index('session_userId_idx').on(table.userId)],
 );
@@ -51,10 +53,10 @@ export const session = pgTable(
 export const account = pgTable(
   'account',
   {
-    id: text('id').primaryKey(),
+    id: uuid('id').primaryKey(),
     accountId: text('account_id').notNull(),
     providerId: text('provider_id').notNull(),
-    userId: text('user_id')
+    userId: uuid('user_id')
       .notNull()
       .references(() => user.id, { onDelete: 'cascade' }),
     accessToken: text('access_token'),
@@ -75,7 +77,7 @@ export const account = pgTable(
 export const verification = pgTable(
   'verification',
   {
-    id: text('id').primaryKey(),
+    id: uuid('id').primaryKey(),
     identifier: text('identifier').notNull(),
     value: text('value').notNull(),
     expiresAt: timestamp('expires_at').notNull(),
@@ -91,14 +93,14 @@ export const verification = pgTable(
 export const organization = pgTable(
   'organization',
   {
-    id: text('id').primaryKey(),
+    id: uuid('id').primaryKey(),
     name: text('name').notNull(),
     slug: text('slug').notNull().unique(),
     logo: text('logo'),
     createdAt: timestamp('created_at').notNull(),
     metadata: text('metadata'),
-    type: text('type'),
-    parentId: text('parent_id'),
+    type: text('type').notNull(),
+    parentId: uuid('parent_id'),
     cover: text('cover'),
     joinId: text('join_id'),
     updatedAt: timestamp('updated_at'),
@@ -111,11 +113,11 @@ export const organization = pgTable(
 export const member = pgTable(
   'member',
   {
-    id: text('id').primaryKey(),
-    organizationId: text('organization_id')
+    id: uuid('id').primaryKey(),
+    organizationId: uuid('organization_id')
       .notNull()
       .references(() => organization.id, { onDelete: 'cascade' }),
-    userId: text('user_id')
+    userId: uuid('user_id')
       .notNull()
       .references(() => user.id, { onDelete: 'cascade' }),
     role: text('role').default('member').notNull(),
@@ -130,8 +132,8 @@ export const member = pgTable(
 export const invitation = pgTable(
   'invitation',
   {
-    id: text('id').primaryKey(),
-    organizationId: text('organization_id')
+    id: uuid('id').primaryKey(),
+    organizationId: uuid('organization_id')
       .notNull()
       .references(() => organization.id, { onDelete: 'cascade' }),
     email: text('email').notNull(),
@@ -139,7 +141,7 @@ export const invitation = pgTable(
     status: text('status').default('pending').notNull(),
     expiresAt: timestamp('expires_at').notNull(),
     createdAt: timestamp('created_at').defaultNow().notNull(),
-    inviterId: text('inviter_id')
+    inviterId: uuid('inviter_id')
       .notNull()
       .references(() => user.id, { onDelete: 'cascade' }),
   },
diff --git a/packages/db/src/schema/events.ts b/packages/db/src/schema/events.ts
index 0039a33e..72078e3c 100644
--- a/packages/db/src/schema/events.ts
+++ b/packages/db/src/schema/events.ts
@@ -9,7 +9,6 @@ import {
   timestamp,
   uuid,
 } from 'drizzle-orm/pg-core';
-
 import { v7 as uuidv7 } from 'uuid';
 
 import { organization, user } from './better-auth';
@@ -29,7 +28,7 @@ export const events = pgTable('events', {
     .primaryKey()
     .$defaultFn(() => uuidv7()),
 
-  organizationId: text('organization_id').references(() => organization.id, {
+  organizationId: uuid('organization_id').references(() => organization.id, {
     onDelete: 'cascade',
   }),
 
@@ -46,7 +45,7 @@ export const events = pgTable('events', {
   visibility: eventVisibilityEnum('visibility').notNull(),
   isRsvpEnabled: boolean('is_rsvp_enabled').default(false).notNull(),
   status: eventStatusEnum('status').notNull(),
-  createdBy: text('created_by')
+  createdBy: uuid('created_by')
     .notNull()
     .references(() => user.id, { onDelete: 'cascade' }),
 
diff --git a/packages/db/src/schema/financial-periods.ts b/packages/db/src/schema/financial-periods.ts
index e768a5e2..e996d70b 100644
--- a/packages/db/src/schema/financial-periods.ts
+++ b/packages/db/src/schema/financial-periods.ts
@@ -1,12 +1,5 @@
 import { PeriodStatus } from '@domus/core';
-import {
-  integer,
-  pgEnum,
-  pgTable,
-  text,
-  timestamp,
-  uuid,
-} from 'drizzle-orm/pg-core';
+import { integer, pgEnum, pgTable, timestamp, uuid } from 'drizzle-orm/pg-core';
 
 import { v7 as uuidv7 } from 'uuid';
 
@@ -25,7 +18,7 @@ export const financialPeriods = pgTable('financial_periods', {
   month: integer('month').notNull(),
   year: integer('year').notNull(),
   status: periodStatusEnum('status').notNull(),
-  lockedBy: text('locked_by').references(() => user.id, {
+  lockedBy: uuid('locked_by').references(() => user.id, {
     onDelete: 'set null',
   }),
 
diff --git a/packages/db/src/schema/notifications.ts b/packages/db/src/schema/notifications.ts
index d226f31e..ba92ad24 100644
--- a/packages/db/src/schema/notifications.ts
+++ b/packages/db/src/schema/notifications.ts
@@ -27,7 +27,7 @@ export const notifications = pgTable('notifications', {
     .primaryKey()
     .$defaultFn(() => uuidv7()),
 
-  userId: text('user_id')
+  userId: uuid('user_id')
     .notNull()
     .references(() => user.id, { onDelete: 'cascade' }),
 
diff --git a/packages/db/src/schema/org-enrollments.ts b/packages/db/src/schema/org-enrollments.ts
index 4471b747..2adbec60 100644
--- a/packages/db/src/schema/org-enrollments.ts
+++ b/packages/db/src/schema/org-enrollments.ts
@@ -1,14 +1,8 @@
 import { EnrollmentStatus } from '@domus/core';
-import {
-  pgEnum,
-  pgTable,
-  text,
-  timestamp,
-  unique,
-  uuid,
-} from 'drizzle-orm/pg-core';
+import { pgEnum, pgTable, timestamp, unique, uuid } from 'drizzle-orm/pg-core';
 import { v7 as uuidv7 } from 'uuid';
 import { organization } from './better-auth';
+import { orgUnits } from './org-units';
 import { parishioners } from './parishioners';
 
 /**
@@ -31,10 +25,14 @@ export const orgEnrollments = pgTable(
     parishionerId: uuid('parishioner_id')
       .notNull()
       .references(() => parishioners.id, { onDelete: 'cascade' }),
-    organizationId: text('organization_id')
+    organizationId: uuid('organization_id')
       .notNull()
       .references(() => organization.id, { onDelete: 'cascade' }),
 
+    unitId: uuid('unit_id').references(() => orgUnits.id, {
+      onDelete: 'cascade',
+    }),
+
     status: enrollmentStatusEnum('status').notNull(),
     joinedAt: timestamp('joined_at'),
     createdAt: timestamp('created_at').defaultNow().notNull(),
diff --git a/packages/db/src/schema/org-terms.ts b/packages/db/src/schema/org-terms.ts
index c8d088b5..808d844a 100644
--- a/packages/db/src/schema/org-terms.ts
+++ b/packages/db/src/schema/org-terms.ts
@@ -9,7 +9,7 @@ export const orgTerms = pgTable('org_terms', {
   id: uuid('id')
     .primaryKey()
     .$defaultFn(() => uuidv7()),
-  organizationId: text('organization_id')
+  organizationId: uuid('organization_id')
     .notNull()
     .references(() => organization.id, { onDelete: 'cascade' }),
 
diff --git a/packages/db/src/schema/org-units.ts b/packages/db/src/schema/org-units.ts
index 13ad6135..68a8953a 100644
--- a/packages/db/src/schema/org-units.ts
+++ b/packages/db/src/schema/org-units.ts
@@ -9,7 +9,7 @@ export const orgUnits = pgTable('org_units', {
   id: uuid('id')
     .primaryKey()
     .$defaultFn(() => uuidv7()),
-  organizationId: text('organization_id')
+  organizationId: uuid('organization_id')
     .notNull()
     .references(() => organization.id, { onDelete: 'cascade' }),
 
diff --git a/packages/db/src/schema/parishioners.ts b/packages/db/src/schema/parishioners.ts
index 088c3fdc..bbdeb86b 100644
--- a/packages/db/src/schema/parishioners.ts
+++ b/packages/db/src/schema/parishioners.ts
@@ -2,6 +2,7 @@ import { EducationLevel, Gender } from '@domus/core';
 import { pgEnum, pgTable, text, timestamp, uuid } from 'drizzle-orm/pg-core';
 
 import { v7 as uuidv7 } from 'uuid';
+
 import { user } from './better-auth';
 
 export const genderEnum = pgEnum(
@@ -19,7 +20,7 @@ export const parishioners = pgTable('parishioners', {
     .primaryKey()
     .$defaultFn(() => uuidv7()),
 
-  userId: text('user_id').references(() => user.id, { onDelete: 'set null' }),
+  userId: uuid('user_id').references(() => user.id, { onDelete: 'set null' }),
   email: text('email'),
   avatarUrl: text('avatar_url'),
 
@@ -30,6 +31,7 @@ export const parishioners = pgTable('parishioners', {
   birthDate: timestamp('birth_date'), // Zod says z.date(), mapping to timestamp for precision or date if just date. Use timestamp for consistency.
   gender: genderEnum('gender'),
   educationLevel: educationLevelEnum('education_level'),
+  idCardNumber: text('id_card_number'),
   idCardPhoto: text('id_card_photo'),
   createdAt: timestamp('created_at').defaultNow().notNull(),
   updatedAt: timestamp('updated_at')
diff --git a/packages/db/src/schema/relations.ts b/packages/db/src/schema/relations.ts
index 533f803e..2c216d36 100644
--- a/packages/db/src/schema/relations.ts
+++ b/packages/db/src/schema/relations.ts
@@ -25,12 +25,12 @@ import { transactionCategories } from './transaction-categories';
 import { transactions } from './transactions';
 
 // better-auth tables relations
-export const userRelations = relations(user, ({ many }) => ({
+export const userRelations = relations(user, ({ one, many }) => ({
   sessions: many(session),
   accounts: many(account),
   members: many(member),
   invitations: many(invitation),
-  parishioners: many(parishioners),
+  parishioner: one(parishioners),
   eventsCreated: many(events),
   attendancesVerified: many(attendances),
   financialPeriodsLocked: many(financialPeriods),
@@ -46,14 +46,25 @@ export {
   sessionRelations,
 };
 
-export const organizationRelations = relations(organization, ({ many }) => ({
-  members: many(member),
-  invitations: many(invitation),
-  orgUnits: many(orgUnits),
-  orgEnrollments: many(orgEnrollments),
-  orgTerms: many(orgTerms),
-  events: many(events),
-}));
+export const organizationRelations = relations(
+  organization,
+  ({ one, many }) => ({
+    members: many(member),
+    invitations: many(invitation),
+    orgUnits: many(orgUnits),
+    orgEnrollments: many(orgEnrollments),
+    orgTerms: many(orgTerms),
+    events: many(events),
+    parent: one(organization, {
+      fields: [organization.parentId],
+      references: [organization.id],
+      relationName: 'parent',
+    }),
+    children: many(organization, {
+      relationName: 'parent',
+    }),
+  }),
+);
 
 // domus-specific tables relations
 
diff --git a/packages/db/src/schema/transactions.ts b/packages/db/src/schema/transactions.ts
index 2bb03c39..f653c20f 100644
--- a/packages/db/src/schema/transactions.ts
+++ b/packages/db/src/schema/transactions.ts
@@ -30,10 +30,10 @@ export const transactions = pgTable('transactions', {
   description: text('description').notNull(),
   date: timestamp('date').notNull(),
   receiptPhoto: text('receipt_photo'),
-  createdBy: text('created_by')
+  createdBy: uuid('created_by')
     .notNull()
     .references(() => user.id, { onDelete: 'restrict' }),
-  updatedBy: text('updated_by').references(() => user.id, {
+  updatedBy: uuid('updated_by').references(() => user.id, {
     onDelete: 'set null',
   }),
 
diff --git a/packages/db/test/helper.ts b/packages/db/test/helper.ts
new file mode 100644
index 00000000..c62ea3ec
--- /dev/null
+++ b/packages/db/test/helper.ts
@@ -0,0 +1,8 @@
+import type { NodePgDatabase } from 'drizzle-orm/node-postgres';
+import type * as schema from '../src/schema';
+
+/**
+ * Shared type for Drizzle client mocks in repository unit tests.
+ * Resolves union-type compatibility issues with vitest-mock-extended.
+ */
+export type TestDrizzleClient = NodePgDatabase<typeof schema>;
diff --git a/packages/db/tsconfig.json b/packages/db/tsconfig.json
index ccdfef4d..ebb07b72 100644
--- a/packages/db/tsconfig.json
+++ b/packages/db/tsconfig.json
@@ -2,8 +2,8 @@
   "extends": "@domus/tsconfig/base.json",
   "compilerOptions": {
     "outDir": "dist",
-    "rootDir": "src"
+    "rootDir": "."
   },
-  "include": ["src"],
+  "include": ["src", "test"],
   "exclude": ["node_modules", "dist"]
 }
diff --git a/packages/storage/package.json b/packages/storage/package.json
new file mode 100644
index 00000000..c649cb58
--- /dev/null
+++ b/packages/storage/package.json
@@ -0,0 +1,21 @@
+{
+  "name": "@domus/storage",
+  "version": "0.0.0",
+  "private": true,
+  "type": "module",
+  "exports": {
+    ".": "./src/index.ts"
+  },
+  "scripts": {
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "@aws-sdk/client-s3": "^3.712.0",
+    "@domus/core": "workspace:*",
+    "googleapis": "144.0.0"
+  },
+  "devDependencies": {
+    "@domus/tsconfig": "workspace:*",
+    "typescript": "^5.7.2"
+  }
+}
diff --git a/packages/storage/src/gdrive.ts b/packages/storage/src/gdrive.ts
new file mode 100644
index 00000000..9a3d0b73
--- /dev/null
+++ b/packages/storage/src/gdrive.ts
@@ -0,0 +1,79 @@
+import { Readable } from 'node:stream';
+import type { IPrivateStorage } from '@domus/core';
+import { google } from 'googleapis';
+
+/**
+ * Private storage implementation using Google Drive (Service Account).
+ */
+export class GDriveStorage implements IPrivateStorage {
+  private readonly drive;
+
+  constructor(config: { serviceAccountKeyBase64: string }) {
+    const decodedKey = Buffer.from(
+      config.serviceAccountKeyBase64,
+      'base64',
+    ).toString('utf-8');
+    const credentials = JSON.parse(decodedKey);
+
+    const auth = new google.auth.JWT(
+      credentials.client_email,
+      undefined,
+      credentials.private_key,
+      ['https://www.googleapis.com/auth/drive.file'],
+    );
+
+    this.drive = google.drive({ version: 'v3', auth });
+  }
+
+  /**
+   * Uploads a file to Google Drive.
+   *
+   * @param file - File buffer to upload.
+   * @param folderId - Parent folder ID in Google Drive.
+   * @param fileName - Name of the file in Drive.
+   * @returns fileId and viewerUrl.
+   */
+  async upload(
+    file: Buffer,
+    folderId: string,
+    fileName: string,
+  ): Promise<{ fileId: string; viewerUrl: string }> {
+    const response = await this.drive.files.create({
+      requestBody: {
+        name: fileName,
+        parents: [folderId],
+      },
+      media: {
+        body: this.bufferToStream(file),
+      },
+      fields: 'id, webViewLink',
+    });
+
+    if (!response.data.id || !response.data.webViewLink) {
+      throw new Error('Failed to upload file to Google Drive');
+    }
+
+    return {
+      fileId: response.data.id,
+      viewerUrl: response.data.webViewLink,
+    };
+  }
+
+  /**
+   * Deletes a file from Google Drive.
+   *
+   * @param fileId - ID of the file to delete.
+   */
+  async delete(fileId: string): Promise<void> {
+    await this.drive.files.delete({
+      fileId,
+    });
+  }
+
+  private bufferToStream(buffer: Buffer): Readable {
+    const stream = new Readable();
+    stream.push(buffer);
+    stream.push(null);
+    return stream;
+  }
+}
diff --git a/packages/storage/src/index.ts b/packages/storage/src/index.ts
new file mode 100644
index 00000000..bbe9159f
--- /dev/null
+++ b/packages/storage/src/index.ts
@@ -0,0 +1,2 @@
+export * from './gdrive';
+export * from './r2';
diff --git a/packages/storage/src/r2.ts b/packages/storage/src/r2.ts
new file mode 100644
index 00000000..d7e50cf5
--- /dev/null
+++ b/packages/storage/src/r2.ts
@@ -0,0 +1,71 @@
+import {
+  DeleteObjectCommand,
+  PutObjectCommand,
+  S3Client,
+} from '@aws-sdk/client-s3';
+import type { IPublicStorage } from '@domus/core';
+
+/**
+ * Public storage implementation using Cloudflare R2 (S3-compatible).
+ */
+export class R2Storage implements IPublicStorage {
+  private readonly client: S3Client;
+  private readonly bucket: string;
+  private readonly publicUrl: string;
+
+  constructor(config: {
+    accountId: string;
+    accessKeyId: string;
+    secretAccessKey: string;
+    bucketName: string;
+    publicUrl: string;
+  }) {
+    this.client = new S3Client({
+      region: 'auto',
+      endpoint: `https://${config.accountId}.r2.cloudflarestorage.com`,
+      credentials: {
+        accessKeyId: config.accessKeyId,
+        secretAccessKey: config.secretAccessKey,
+      },
+    });
+    this.bucket = config.bucketName;
+    this.publicUrl = config.publicUrl.endsWith('/')
+      ? config.publicUrl.slice(0, -1)
+      : config.publicUrl;
+  }
+
+  /**
+   * Uploads a file to R2 bucket.
+   *
+   * @param file - File buffer to upload.
+   * @param path - Destination path in the bucket.
+   * @returns Public URL of the uploaded file.
+   */
+  async upload(file: Buffer, path: string): Promise<string> {
+    const command = new PutObjectCommand({
+      Bucket: this.bucket,
+      Key: path,
+      Body: file,
+      // Default to public-read or handle visibility via bucket policy
+      // R2 doesn't always strictly enforce ACLs like S3, usually controlled via workers/subdomains
+    });
+
+    await this.client.send(command);
+
+    return `${this.publicUrl}/${path}`;
+  }
+
+  /**
+   * Deletes a file from R2 bucket.
+   *
+   * @param path - Path of the file to delete.
+   */
+  async delete(path: string): Promise<void> {
+    const command = new DeleteObjectCommand({
+      Bucket: this.bucket,
+      Key: path,
+    });
+
+    await this.client.send(command);
+  }
+}
diff --git a/packages/storage/tsconfig.json b/packages/storage/tsconfig.json
new file mode 100644
index 00000000..b506c248
--- /dev/null
+++ b/packages/storage/tsconfig.json
@@ -0,0 +1,9 @@
+{
+  "extends": "@domus/tsconfig/base.json",
+  "compilerOptions": {
+    "outDir": "./dist",
+    "rootDir": "./src"
+  },
+  "include": ["src/**/*.ts"],
+  "exclude": ["node_modules"]
+}
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 863fe6a0..4e9c164e 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -24,8 +24,8 @@ importers:
         specifier: ^16.4.0
         version: 16.4.0
       turbo:
-        specifier: ^2.8.21
-        version: 2.8.21
+        specifier: ^2.9.4
+        version: 2.9.4
       typescript:
         specifier: 5.9.3
         version: 5.9.3
@@ -39,15 +39,21 @@ importers:
       '@cloudflare/workers-types':
         specifier: ^4.20250224.0
         version: 4.20260401.1
+      tsdown:
+        specifier: ^0.21.7
+        version: 0.21.7(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(typescript@5.9.3)
       typescript:
         specifier: ^5.7.3
         version: 5.9.3
       wrangler:
-        specifier: ^3.111.0
-        version: 3.114.17(@cloudflare/workers-types@4.20260401.1)
+        specifier: ^4.79.0
+        version: 4.79.0(@cloudflare/workers-types@4.20260401.1)
 
   apps/dash:
     dependencies:
+      '@axiomhq/pino':
+        specifier: ^1.6.0
+        version: 1.6.0
       '@base-ui/react':
         specifier: ^1.3.0
         version: 1.3.0(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
@@ -63,6 +69,9 @@ importers:
       '@domus/db':
         specifier: workspace:*
         version: link:../../packages/db
+      '@domus/storage':
+        specifier: workspace:*
+        version: link:../../packages/storage
       '@fontsource/inter':
         specifier: ^5.2.8
         version: 5.2.8
@@ -83,7 +92,10 @@ importers:
         version: 11.0.0
       better-auth:
         specifier: 1.5.6
-        version: 1.5.6(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(drizzle-kit@0.31.10)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))(next@16.2.1(@babel/core@7.29.0)(@opentelemetry/api@1.9.0)(@playwright/test@1.58.2)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(pg@8.20.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+        version: 1.5.6(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(drizzle-kit@0.31.10)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))(next@16.2.1(@babel/core@7.29.0)(@opentelemetry/api@1.9.0)(@playwright/test@1.58.2)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(pg@8.20.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+      browser-image-compression:
+        specifier: ^2.0.2
+        version: 2.0.2
       class-variance-authority:
         specifier: ^0.7.1
         version: 0.7.1
@@ -111,6 +123,9 @@ importers:
       next-themes:
         specifier: ^0.4.6
         version: 0.4.6(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
+      pino:
+        specifier: ^10.3.1
+        version: 10.3.1
       react:
         specifier: 19.2.4
         version: 19.2.4
@@ -154,6 +169,9 @@ importers:
       '@types/node':
         specifier: ^24.0.0
         version: 24.12.0
+      '@types/pino':
+        specifier: ^7.0.5
+        version: 7.0.5
       '@types/react':
         specifier: ^19
         version: 19.2.14
@@ -162,7 +180,10 @@ importers:
         version: 19.2.3(@types/react@19.2.14)
       '@vitest/coverage-istanbul':
         specifier: ^4.1.0
-        version: 4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+        version: 4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+      pino-pretty:
+        specifier: ^13.1.3
+        version: 13.1.3
       tailwindcss:
         specifier: ^4
         version: 4.2.2
@@ -171,10 +192,10 @@ importers:
         version: 5.9.3
       vitest:
         specifier: ^4.1.0
-        version: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+        version: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
       vitest-mock-extended:
         specifier: ^3.1.0
-        version: 3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+        version: 3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
 
   packages/auth:
     dependencies:
@@ -186,7 +207,7 @@ importers:
         version: link:../core
       better-auth:
         specifier: ^1.5.6
-        version: 1.5.6(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(drizzle-kit@0.31.10)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))(next@16.2.1(@opentelemetry/api@1.9.0)(@playwright/test@1.58.2)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(pg@8.20.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+        version: 1.5.6(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(drizzle-kit@0.31.10)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))(next@16.2.1(@opentelemetry/api@1.9.0)(@playwright/test@1.58.2)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(pg@8.20.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
       uuid:
         specifier: ^11.1.0
         version: 11.1.0
@@ -229,15 +250,18 @@ importers:
       '@domus/tsconfig':
         specifier: workspace:*
         version: link:../tsconfig
+      '@types/node':
+        specifier: ^24.0.0
+        version: 24.12.0
       '@vitest/coverage-istanbul':
         specifier: ^4.1.0
-        version: 4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+        version: 4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
       vitest:
         specifier: ^4.1.0
-        version: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+        version: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
       vitest-mock-extended:
         specifier: ^3.1.0
-        version: 3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+        version: 3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
 
   packages/db:
     dependencies:
@@ -262,6 +286,9 @@ importers:
       pg:
         specifier: ^8.20.0
         version: 8.20.0
+      pino:
+        specifier: ^10.3.1
+        version: 10.3.1
       tsx:
         specifier: ^4.21.0
         version: 4.21.0
@@ -278,15 +305,37 @@ importers:
       '@types/pg':
         specifier: ^8.20.0
         version: 8.20.0
+      '@types/pino':
+        specifier: ^7.0.5
+        version: 7.0.5
       '@vitest/coverage-istanbul':
         specifier: ^4.1.0
-        version: 4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+        version: 4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
       vitest:
         specifier: ^4.1.0
-        version: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+        version: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
       vitest-mock-extended:
         specifier: ^3.1.0
-        version: 3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+        version: 3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))
+
+  packages/storage:
+    dependencies:
+      '@aws-sdk/client-s3':
+        specifier: ^3.712.0
+        version: 3.1022.0
+      '@domus/core':
+        specifier: workspace:*
+        version: link:../core
+      googleapis:
+        specifier: 144.0.0
+        version: 144.0.0
+    devDependencies:
+      '@domus/tsconfig':
+        specifier: workspace:*
+        version: link:../tsconfig
+      typescript:
+        specifier: ^5.7.2
+        version: 5.9.3
 
   packages/tsconfig: {}
 
@@ -296,6 +345,173 @@ packages:
     resolution: {integrity: sha512-UrcABB+4bUrFABwbluTIBErXwvbsU/V7TZWfmbgJfbkwiBuziS9gxdODUyuiecfdGQ85jglMW6juS3+z5TsKLw==}
     engines: {node: '>=10'}
 
+  '@aws-crypto/crc32@5.2.0':
+    resolution: {integrity: sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==}
+    engines: {node: '>=16.0.0'}
+
+  '@aws-crypto/crc32c@5.2.0':
+    resolution: {integrity: sha512-+iWb8qaHLYKrNvGRbiYRHSdKRWhto5XlZUEBwDjYNf+ly5SVYG6zEoYIdxvf5R3zyeP16w4PLBn3rH1xc74Rag==}
+
+  '@aws-crypto/sha1-browser@5.2.0':
+    resolution: {integrity: sha512-OH6lveCFfcDjX4dbAvCFSYUjJZjDr/3XJ3xHtjn3Oj5b9RjojQo8npoLeA/bNwkOkrSQ0wgrHzXk4tDRxGKJeg==}
+
+  '@aws-crypto/sha256-browser@5.2.0':
+    resolution: {integrity: sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw==}
+
+  '@aws-crypto/sha256-js@5.2.0':
+    resolution: {integrity: sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==}
+    engines: {node: '>=16.0.0'}
+
+  '@aws-crypto/supports-web-crypto@5.2.0':
+    resolution: {integrity: sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg==}
+
+  '@aws-crypto/util@5.2.0':
+    resolution: {integrity: sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==}
+
+  '@aws-sdk/client-s3@3.1022.0':
+    resolution: {integrity: sha512-PhdIW0LxjzcMlBiCldRefnyZk84wtYGnEV0sNGOD55DZTvZsibG2XHvQiL1aFliKugfAhuIpNmFkctI2n2I3Dg==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/core@3.973.26':
+    resolution: {integrity: sha512-A/E6n2W42ruU+sfWk+mMUOyVXbsSgGrY3MJ9/0Az5qUdG67y8I6HYzzoAa+e/lzxxl1uCYmEL6BTMi9ZiZnplQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/crc64-nvme@3.972.5':
+    resolution: {integrity: sha512-2VbTstbjKdT+yKi8m7b3a9CiVac+pL/IY2PHJwsaGkkHmuuqkJZIErPck1h6P3T9ghQMLSdMPyW6Qp7Di5swFg==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/credential-provider-env@3.972.24':
+    resolution: {integrity: sha512-FWg8uFmT6vQM7VuzELzwVo5bzExGaKHdubn0StjgrcU5FvuLExUe+k06kn/40uKv59rYzhez8eFNM4yYE/Yb/w==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/credential-provider-http@3.972.26':
+    resolution: {integrity: sha512-CY4ppZ+qHYqcXqBVi//sdHST1QK3KzOEiLtpLsc9W2k2vfZPKExGaQIsOwcyvjpjUEolotitmd3mUNY56IwDEA==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/credential-provider-ini@3.972.28':
+    resolution: {integrity: sha512-wXYvq3+uQcZV7k+bE4yDXCTBdzWTU9x/nMiKBfzInmv6yYK1veMK0AKvRfRBd72nGWYKcL6AxwiPg9z/pYlgpw==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/credential-provider-login@3.972.28':
+    resolution: {integrity: sha512-ZSTfO6jqUTCysbdBPtEX5OUR//3rbD0lN7jO3sQeS2Gjr/Y+DT6SbIJ0oT2cemNw3UzKu97sNONd1CwNMthuZQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/credential-provider-node@3.972.29':
+    resolution: {integrity: sha512-clSzDcvndpFJAggLDnDb36sPdlZYyEs5Zm6zgZjjUhwsJgSWiWKwFIXUVBcbruidNyBdbpOv2tNDL9sX8y3/0g==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/credential-provider-process@3.972.24':
+    resolution: {integrity: sha512-Q2k/XLrFXhEztPHqj4SLCNID3hEPdlhh1CDLBpNnM+1L8fq7P+yON9/9M1IGN/dA5W45v44ylERfXtDAlmMNmw==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/credential-provider-sso@3.972.28':
+    resolution: {integrity: sha512-IoUlmKMLEITFn1SiCTjPfR6KrE799FBo5baWyk/5Ppar2yXZoUdaRqZzJzK6TcJxx450M8m8DbpddRVYlp5R/A==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/credential-provider-web-identity@3.972.28':
+    resolution: {integrity: sha512-d+6h0SD8GGERzKe27v5rOzNGKOl0D+l0bWJdqrxH8WSQzHzjsQFIAPgIeOTUwBHVsKKwtSxc91K/SWax6XgswQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-bucket-endpoint@3.972.8':
+    resolution: {integrity: sha512-WR525Rr2QJSETa9a050isktyWi/4yIGcmY3BQ1kpHqb0LqUglQHCS8R27dTJxxWNZvQ0RVGtEZjTCbZJpyF3Aw==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-expect-continue@3.972.8':
+    resolution: {integrity: sha512-5DTBTiotEES1e2jOHAq//zyzCjeMB78lEHd35u15qnrid4Nxm7diqIf9fQQ3Ov0ChH1V3Vvt13thOnrACmfGVQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-flexible-checksums@3.974.6':
+    resolution: {integrity: sha512-YckB8k1ejbyCg/g36gUMFLNzE4W5cERIa4MtsdO+wpTmJEP0+TB7okWIt7d8TDOvnb7SwvxJ21E4TGOBxFpSWQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-host-header@3.972.8':
+    resolution: {integrity: sha512-wAr2REfKsqoKQ+OkNqvOShnBoh+nkPurDKW7uAeVSu6kUECnWlSJiPvnoqxGlfousEY/v9LfS9sNc46hjSYDIQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-location-constraint@3.972.8':
+    resolution: {integrity: sha512-KaUoFuoFPziIa98DSQsTPeke1gvGXlc5ZGMhy+b+nLxZ4A7jmJgLzjEF95l8aOQN2T/qlPP3MrAyELm8ExXucw==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-logger@3.972.8':
+    resolution: {integrity: sha512-CWl5UCM57WUFaFi5kB7IBY1UmOeLvNZAZ2/OZ5l20ldiJ3TiIz1pC65gYj8X0BCPWkeR1E32mpsCk1L1I4n+lA==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-recursion-detection@3.972.9':
+    resolution: {integrity: sha512-/Wt5+CT8dpTFQxEJ9iGy/UGrXr7p2wlIOEHvIr/YcHYByzoLjrqkYqXdJjd9UIgWjv7eqV2HnFJen93UTuwfTQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-sdk-s3@3.972.27':
+    resolution: {integrity: sha512-gomO6DZwx+1D/9mbCpcqO5tPBqYBK7DtdgjTIjZ4yvfh/S7ETwAPS0XbJgP2JD8Ycr5CwVrEkV1sFtu3ShXeOw==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-ssec@3.972.8':
+    resolution: {integrity: sha512-wqlK0yO/TxEC2UsY9wIlqeeutF6jjLe0f96Pbm40XscTo57nImUk9lBcw0dPgsm0sppFtAkSlDrfpK+pC30Wqw==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/middleware-user-agent@3.972.28':
+    resolution: {integrity: sha512-cfWZFlVh7Va9lRay4PN2A9ARFzaBYcA097InT5M2CdRS05ECF5yaz86jET8Wsl2WcyKYEvVr/QNmKtYtafUHtQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/nested-clients@3.996.18':
+    resolution: {integrity: sha512-c7ZSIXrESxHKx2Mcopgd8AlzZgoXMr20fkx5ViPWPOLBvmyhw9VwJx/Govg8Ef/IhEon5R9l53Z8fdYSEmp6VA==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/region-config-resolver@3.972.10':
+    resolution: {integrity: sha512-1dq9ToC6e070QvnVhhbAs3bb5r6cQ10gTVc6cyRV5uvQe7P138TV2uG2i6+Yok4bAkVAcx5AqkTEBUvWEtBlsQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/signature-v4-multi-region@3.996.15':
+    resolution: {integrity: sha512-Ukw2RpqvaL96CjfH/FgfBmy/ZosHBqoHBCFsN61qGg99F33vpntIVii8aNeh65XuOja73arSduskoa4OJea9RQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/token-providers@3.1021.0':
+    resolution: {integrity: sha512-TKY6h9spUk3OLs5v1oAgW9mAeBE3LAGNBwJokLy96wwmd4W2v/tYlXseProyed9ValDj2u1jK/4Rg1T+1NXyJA==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/types@3.973.6':
+    resolution: {integrity: sha512-Atfcy4E++beKtwJHiDln2Nby8W/mam64opFPTiHEqgsthqeydFS1pY+OUlN1ouNOmf8ArPU/6cDS65anOP3KQw==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/util-arn-parser@3.972.3':
+    resolution: {integrity: sha512-HzSD8PMFrvgi2Kserxuff5VitNq2sgf3w9qxmskKDiDTThWfVteJxuCS9JXiPIPtmCrp+7N9asfIaVhBFORllA==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/util-endpoints@3.996.5':
+    resolution: {integrity: sha512-Uh93L5sXFNbyR5sEPMzUU8tJ++Ku97EY4udmC01nB8Zu+xfBPwpIwJ6F7snqQeq8h2pf+8SGN5/NoytfKgYPIw==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/util-locate-window@3.965.5':
+    resolution: {integrity: sha512-WhlJNNINQB+9qtLtZJcpQdgZw3SCDCpXdUJP7cToGwHbCWCnRckGlc6Bx/OhWwIYFNAn+FIydY8SZ0QmVu3xTQ==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws-sdk/util-user-agent-browser@3.972.8':
+    resolution: {integrity: sha512-B3KGXJviV2u6Cdw2SDY2aDhoJkVfY/Q/Trwk2CMSkikE1Oi6gRzxhvhIfiRpHfmIsAhV4EA54TVEX8K6CbHbkA==}
+
+  '@aws-sdk/util-user-agent-node@3.973.14':
+    resolution: {integrity: sha512-vNSB/DYaPOyujVZBg/zUznH9QC142MaTHVmaFlF7uzzfg3CgT9f/l4C0Yi+vU/tbBhxVcXVB90Oohk5+o+ZbWw==}
+    engines: {node: '>=20.0.0'}
+    peerDependencies:
+      aws-crt: '>=1.0.0'
+    peerDependenciesMeta:
+      aws-crt:
+        optional: true
+
+  '@aws-sdk/xml-builder@3.972.16':
+    resolution: {integrity: sha512-iu2pyvaqmeatIJLURLqx9D+4jKAdTH20ntzB6BFwjyN7V960r4jK32mx0Zf7YbtOYAbmbtQfDNuL60ONinyw7A==}
+    engines: {node: '>=20.0.0'}
+
+  '@aws/lambda-invoke-store@0.2.4':
+    resolution: {integrity: sha512-iY8yvjE0y651BixKNPgmv1WrQc+GZ142sb0z4gYnChDDY2YqI4P/jsSopBWrKfAt7LOJAkOXt7rC/hms+WclQQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@axiomhq/js@1.6.0':
+    resolution: {integrity: sha512-qm0ObduIpI6PJUOYwakH5WV3E7IF0qXE/wh5N1JWGAzxKtCZryk+YwA0aW3lPZSGPQeLHyEzN+9pXsOIjoPiRg==}
+    engines: {node: '>=20'}
+
+  '@axiomhq/pino@1.6.0':
+    resolution: {integrity: sha512-JLTeoH8d9Hk4IZ1SoPl9ejeRCaDtf9gtnsvScSx1zRE/9tyYAM7y0OQGWAbsLJdtcZCI64ehGlb+hd1xGc+jrw==}
+    engines: {node: '>=20'}
+
   '@babel/code-frame@7.29.0':
     resolution: {integrity: sha512-9NhCeYjq9+3uxgdtp20LSiJXJvN0FeCtNGpJxuMFZ1Kv3cWUNb6DOhJwUvcVCzKGR66cw4njwM6hrJLqgOwbcw==}
     engines: {node: '>=6.9.0'}
@@ -312,6 +528,10 @@ packages:
     resolution: {integrity: sha512-qsaF+9Qcm2Qv8SRIMMscAvG4O3lJ0F1GuMo5HR/Bp02LopNgnZBC/EkbevHFeGs4ls/oPz9v+Bsmzbkbe+0dUw==}
     engines: {node: '>=6.9.0'}
 
+  '@babel/generator@8.0.0-rc.3':
+    resolution: {integrity: sha512-em37/13/nR320G4jab/nIIHZgc2Wz2y/D39lxnTyxB4/D/omPQncl/lSdlnJY1OhQcRGugTSIF2l/69o31C9dA==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+
   '@babel/helper-annotate-as-pure@7.27.3':
     resolution: {integrity: sha512-fXSwMQqitTGeHLBC08Eq5yXz2m37E4pJX1qAU1+2cNedz/ifv/bVXft90VeSav5nFO61EcNgwr0aJxbyPaWBPg==}
     engines: {node: '>=6.9.0'}
@@ -366,10 +586,18 @@ packages:
     resolution: {integrity: sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==}
     engines: {node: '>=6.9.0'}
 
+  '@babel/helper-string-parser@8.0.0-rc.3':
+    resolution: {integrity: sha512-AmwWFx1m8G/a5cXkxLxTiWl+YEoWuoFLUCwqMlNuWO1tqAYITQAbCRPUkyBHv1VOFgfjVOqEj6L3u15J5ZCzTA==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+
   '@babel/helper-validator-identifier@7.28.5':
     resolution: {integrity: sha512-qSs4ifwzKJSV39ucNjsvc6WVHs6b7S03sOh2OcHF9UHfVPqWWALUsNUVzhSBiItjRZoLHx7nIarVjqKVusUZ1Q==}
     engines: {node: '>=6.9.0'}
 
+  '@babel/helper-validator-identifier@8.0.0-rc.3':
+    resolution: {integrity: sha512-8AWCJ2VJJyDFlGBep5GpaaQ9AAaE/FjAcrqI7jyssYhtL7WGV0DOKpJsQqM037xDbpRLHXsY8TwU7zDma7coOw==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+
   '@babel/helper-validator-option@7.27.1':
     resolution: {integrity: sha512-YvjJow9FxbhFFKDSuFnVCe2WxXk1zWc22fFePVNEaWJEu8IrZVlda6N0uHwzZrUM1il7NC9Mlp4MaJYbYd9JSg==}
     engines: {node: '>=6.9.0'}
@@ -383,6 +611,11 @@ packages:
     engines: {node: '>=6.0.0'}
     hasBin: true
 
+  '@babel/parser@8.0.0-rc.3':
+    resolution: {integrity: sha512-B20dvP3MfNc/XS5KKCHy/oyWl5IA6Cn9YjXRdDlCjNmUFrjvLXMNUfQq/QUy9fnG2gYkKKcrto2YaF9B32ToOQ==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    hasBin: true
+
   '@babel/plugin-syntax-jsx@7.28.6':
     resolution: {integrity: sha512-wgEmr06G6sIpqr8YDwA2dSRTE3bJ+V0IfpzfSY3Lfgd7YWOaAdlykvJi13ZKBt8cZHfgH1IXN+CL656W3uUa4w==}
     engines: {node: '>=6.9.0'}
@@ -429,6 +662,10 @@ packages:
     resolution: {integrity: sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==}
     engines: {node: '>=6.9.0'}
 
+  '@babel/types@8.0.0-rc.3':
+    resolution: {integrity: sha512-mOm5ZrYmphGfqVWoH5YYMTITb3cDXsFgmvFlvkvWDMsR9X8RFnt7a0Wb6yNIdoFsiMO9WjYLq+U/FMtqIYAF8Q==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+
   '@base-ui/react@1.3.0':
     resolution: {integrity: sha512-FwpKqZbPz14AITp1CVgf4AjhKPe1OeeVKSBMdgD10zbFlj3QSWelmtCMLi2+/PFZZcIm3l87G7rwtCZJwHyXWA==}
     engines: {node: '>=14.0.0'}
@@ -582,45 +819,45 @@ packages:
     cpu: [x64]
     os: [win32]
 
-  '@cloudflare/kv-asset-handler@0.3.4':
-    resolution: {integrity: sha512-YLPHc8yASwjNkmcDMQMY35yiWjoKAKnhUbPRszBRS0YgH+IXtsMp61j+yTcnCE3oO2DgP0U3iejLC8FTtKDC8Q==}
-    engines: {node: '>=16.13'}
+  '@cloudflare/kv-asset-handler@0.4.2':
+    resolution: {integrity: sha512-SIOD2DxrRRwQ+jgzlXCqoEFiKOFqaPjhnNTGKXSRLvp1HiOvapLaFG2kEr9dYQTYe8rKrd9uvDUzmAITeNyaHQ==}
+    engines: {node: '>=18.0.0'}
 
-  '@cloudflare/unenv-preset@2.0.2':
-    resolution: {integrity: sha512-nyzYnlZjjV5xT3LizahG1Iu6mnrCaxglJ04rZLpDwlDVDZ7v46lNsfxhV3A/xtfgQuSHmLnc6SVI+KwBpc3Lwg==}
+  '@cloudflare/unenv-preset@2.16.0':
+    resolution: {integrity: sha512-8ovsRpwzPoEqPUzoErAYVv8l3FMZNeBVQfJTvtzP4AgLSRGZISRfuChFxHWUQd3n6cnrwkuTGxT+2cGo8EsyYg==}
     peerDependencies:
-      unenv: 2.0.0-rc.14
-      workerd: ^1.20250124.0
+      unenv: 2.0.0-rc.24
+      workerd: 1.20260301.1 || ~1.20260302.1 || ~1.20260303.1 || ~1.20260304.1 || >1.20260305.0 <2.0.0-0
     peerDependenciesMeta:
       workerd:
         optional: true
 
-  '@cloudflare/workerd-darwin-64@1.20250718.0':
-    resolution: {integrity: sha512-FHf4t7zbVN8yyXgQ/r/GqLPaYZSGUVzeR7RnL28Mwj2djyw2ZergvytVc7fdGcczl6PQh+VKGfZCfUqpJlbi9g==}
+  '@cloudflare/workerd-darwin-64@1.20260329.1':
+    resolution: {integrity: sha512-oyDXYlPBuGXKkZ85+M3jFz0/qYmvA4AEURN8USIGPDCR5q+HFSRwywSd9neTx3Wi7jhey2wuYaEpD3fEFWyWUA==}
     engines: {node: '>=16'}
     cpu: [x64]
     os: [darwin]
 
-  '@cloudflare/workerd-darwin-arm64@1.20250718.0':
-    resolution: {integrity: sha512-fUiyUJYyqqp4NqJ0YgGtp4WJh/II/YZsUnEb6vVy5Oeas8lUOxnN+ZOJ8N/6/5LQCVAtYCChRiIrBbfhTn5Z8Q==}
+  '@cloudflare/workerd-darwin-arm64@1.20260329.1':
+    resolution: {integrity: sha512-++ZxVa3ovzYeDLEG6zMqql9gzZAG8vak6ZSBQgprGKZp7akr+GKTpw9f3RrMP552NSi3gTisroLobrrkPBtYLQ==}
     engines: {node: '>=16'}
     cpu: [arm64]
     os: [darwin]
 
-  '@cloudflare/workerd-linux-64@1.20250718.0':
-    resolution: {integrity: sha512-5+eb3rtJMiEwp08Kryqzzu8d1rUcK+gdE442auo5eniMpT170Dz0QxBrqkg2Z48SFUPYbj+6uknuA5tzdRSUSg==}
+  '@cloudflare/workerd-linux-64@1.20260329.1':
+    resolution: {integrity: sha512-kkeywAgIHwbqHkVILqbj/YkfbrA6ARbmutjiYzZA2MwMSfNXlw6/kedAKOY8YwcymZIgepx3YTIPnBP50pOotw==}
     engines: {node: '>=16'}
     cpu: [x64]
     os: [linux]
 
-  '@cloudflare/workerd-linux-arm64@1.20250718.0':
-    resolution: {integrity: sha512-Aa2M/DVBEBQDdATMbn217zCSFKE+ud/teS+fFS+OQqKABLn0azO2qq6ANAHYOIE6Q3Sq4CxDIQr8lGdaJHwUog==}
+  '@cloudflare/workerd-linux-arm64@1.20260329.1':
+    resolution: {integrity: sha512-eYBN20+B7XOUSWEe0mlqkMUbfLoIKjKZnpqQiSxnLbL72JKY0D/KlfN/b7RVGLpewB7i8rTrwTNr0szCKnZzSQ==}
     engines: {node: '>=16'}
     cpu: [arm64]
     os: [linux]
 
-  '@cloudflare/workerd-windows-64@1.20250718.0':
-    resolution: {integrity: sha512-dY16RXKffmugnc67LTbyjdDHZn5NoTF1yHEf2fN4+OaOnoGSp3N1x77QubTDwqZ9zECWxgQfDLjddcH8dWeFhg==}
+  '@cloudflare/workerd-windows-64@1.20260329.1':
+    resolution: {integrity: sha512-5R+/oxrDhS9nL3oA3ZWtD6ndMOqm7RfKknDNxLcmYW5DkUu7UH3J/s1t/Dz66iFePzr5BJmE7/8gbmve6TjtZQ==}
     engines: {node: '>=16'}
     cpu: [x64]
     os: [win32]
@@ -746,34 +983,24 @@ packages:
     resolution: {integrity: sha512-FxEMIkJKnodyA1OaCUoEvbYRkoZlLZ4d/eXFu9Fh8CbBBgP5EmZxrfTRyN0qpXZ4vOvqnE5YdRdcrmUUXuU+dA==}
     deprecated: 'Merged into tsx: https://tsx.is'
 
-  '@esbuild-plugins/node-globals-polyfill@0.2.3':
-    resolution: {integrity: sha512-r3MIryXDeXDOZh7ih1l/yE9ZLORCd5e8vWg02azWRGj5SPTuoh69A2AIyn0Z31V/kHBfZ4HgWJ+OK3GTTwLmnw==}
-    peerDependencies:
-      esbuild: '*'
-
-  '@esbuild-plugins/node-modules-polyfill@0.2.2':
-    resolution: {integrity: sha512-LXV7QsWJxRuMYvKbiznh+U1ilIop3g2TeKRzUxOG5X3YITc8JyyTa90BmLwqqv0YnX4v32CSlG+vsziZp9dMvA==}
-    peerDependencies:
-      esbuild: '*'
-
   '@esbuild/aix-ppc64@0.25.12':
     resolution: {integrity: sha512-Hhmwd6CInZ3dwpuGTF8fJG6yoWmsToE+vYgD4nytZVxcu1ulHpUQRAB1UJ8+N1Am3Mz4+xOByoQoSZf4D+CpkA==}
     engines: {node: '>=18'}
     cpu: [ppc64]
     os: [aix]
 
+  '@esbuild/aix-ppc64@0.27.3':
+    resolution: {integrity: sha512-9fJMTNFTWZMh5qwrBItuziu834eOCUcEqymSH7pY+zoMVEZg3gcPuBNxH1EvfVYe9h0x/Ptw8KBzv7qxb7l8dg==}
+    engines: {node: '>=18'}
+    cpu: [ppc64]
+    os: [aix]
+
   '@esbuild/aix-ppc64@0.27.4':
     resolution: {integrity: sha512-cQPwL2mp2nSmHHJlCyoXgHGhbEPMrEEU5xhkcy3Hs/O7nGZqEpZ2sUtLaL9MORLtDfRvVl2/3PAuEkYZH0Ty8Q==}
     engines: {node: '>=18'}
     cpu: [ppc64]
     os: [aix]
 
-  '@esbuild/android-arm64@0.17.19':
-    resolution: {integrity: sha512-KBMWvEZooR7+kzY0BtbTQn0OAYY7CsiydT63pVEaPtVYF0hXbUaOyZog37DKxK7NF3XacBJOpYT4adIJh+avxA==}
-    engines: {node: '>=12'}
-    cpu: [arm64]
-    os: [android]
-
   '@esbuild/android-arm64@0.18.20':
     resolution: {integrity: sha512-Nz4rJcchGDtENV0eMKUNa6L12zz2zBDXuhj/Vjh18zGqB44Bi7MBMSXjgunJgjRhCmKOjnPuZp4Mb6OKqtMHLQ==}
     engines: {node: '>=12'}
@@ -786,16 +1013,16 @@ packages:
     cpu: [arm64]
     os: [android]
 
-  '@esbuild/android-arm64@0.27.4':
-    resolution: {integrity: sha512-gdLscB7v75wRfu7QSm/zg6Rx29VLdy9eTr2t44sfTW7CxwAtQghZ4ZnqHk3/ogz7xao0QAgrkradbBzcqFPasw==}
+  '@esbuild/android-arm64@0.27.3':
+    resolution: {integrity: sha512-YdghPYUmj/FX2SYKJ0OZxf+iaKgMsKHVPF1MAq/P8WirnSpCStzKJFjOjzsW0QQ7oIAiccHdcqjbHmJxRb/dmg==}
     engines: {node: '>=18'}
     cpu: [arm64]
     os: [android]
 
-  '@esbuild/android-arm@0.17.19':
-    resolution: {integrity: sha512-rIKddzqhmav7MSmoFCmDIb6e2W57geRsM94gV2l38fzhXMwq7hZoClug9USI2pFRGL06f4IOPHHpFNOkWieR8A==}
-    engines: {node: '>=12'}
-    cpu: [arm]
+  '@esbuild/android-arm64@0.27.4':
+    resolution: {integrity: sha512-gdLscB7v75wRfu7QSm/zg6Rx29VLdy9eTr2t44sfTW7CxwAtQghZ4ZnqHk3/ogz7xao0QAgrkradbBzcqFPasw==}
+    engines: {node: '>=18'}
+    cpu: [arm64]
     os: [android]
 
   '@esbuild/android-arm@0.18.20':
@@ -810,16 +1037,16 @@ packages:
     cpu: [arm]
     os: [android]
 
-  '@esbuild/android-arm@0.27.4':
-    resolution: {integrity: sha512-X9bUgvxiC8CHAGKYufLIHGXPJWnr0OCdR0anD2e21vdvgCI8lIfqFbnoeOz7lBjdrAGUhqLZLcQo6MLhTO2DKQ==}
+  '@esbuild/android-arm@0.27.3':
+    resolution: {integrity: sha512-i5D1hPY7GIQmXlXhs2w8AWHhenb00+GxjxRncS2ZM7YNVGNfaMxgzSGuO8o8SJzRc/oZwU2bcScvVERk03QhzA==}
     engines: {node: '>=18'}
     cpu: [arm]
     os: [android]
 
-  '@esbuild/android-x64@0.17.19':
-    resolution: {integrity: sha512-uUTTc4xGNDT7YSArp/zbtmbhO0uEEK9/ETW29Wk1thYUJBz3IVnvgEiEwEa9IeLyvnpKrWK64Utw2bgUmDveww==}
-    engines: {node: '>=12'}
-    cpu: [x64]
+  '@esbuild/android-arm@0.27.4':
+    resolution: {integrity: sha512-X9bUgvxiC8CHAGKYufLIHGXPJWnr0OCdR0anD2e21vdvgCI8lIfqFbnoeOz7lBjdrAGUhqLZLcQo6MLhTO2DKQ==}
+    engines: {node: '>=18'}
+    cpu: [arm]
     os: [android]
 
   '@esbuild/android-x64@0.18.20':
@@ -834,18 +1061,18 @@ packages:
     cpu: [x64]
     os: [android]
 
+  '@esbuild/android-x64@0.27.3':
+    resolution: {integrity: sha512-IN/0BNTkHtk8lkOM8JWAYFg4ORxBkZQf9zXiEOfERX/CzxW3Vg1ewAhU7QSWQpVIzTW+b8Xy+lGzdYXV6UZObQ==}
+    engines: {node: '>=18'}
+    cpu: [x64]
+    os: [android]
+
   '@esbuild/android-x64@0.27.4':
     resolution: {integrity: sha512-PzPFnBNVF292sfpfhiyiXCGSn9HZg5BcAz+ivBuSsl6Rk4ga1oEXAamhOXRFyMcjwr2DVtm40G65N3GLeH1Lvw==}
     engines: {node: '>=18'}
     cpu: [x64]
     os: [android]
 
-  '@esbuild/darwin-arm64@0.17.19':
-    resolution: {integrity: sha512-80wEoCfF/hFKM6WE1FyBHc9SfUblloAWx6FJkFWTWiCoht9Mc0ARGEM47e67W9rI09YoUxJL68WHfDRYEAvOhg==}
-    engines: {node: '>=12'}
-    cpu: [arm64]
-    os: [darwin]
-
   '@esbuild/darwin-arm64@0.18.20':
     resolution: {integrity: sha512-bxRHW5kHU38zS2lPTPOyuyTm+S+eobPUnTNkdJEfAddYgEcll4xkT8DB9d2008DtTbl7uJag2HuE5NZAZgnNEA==}
     engines: {node: '>=12'}
@@ -858,16 +1085,16 @@ packages:
     cpu: [arm64]
     os: [darwin]
 
-  '@esbuild/darwin-arm64@0.27.4':
-    resolution: {integrity: sha512-b7xaGIwdJlht8ZFCvMkpDN6uiSmnxxK56N2GDTMYPr2/gzvfdQN8rTfBsvVKmIVY/X7EM+/hJKEIbbHs9oA4tQ==}
+  '@esbuild/darwin-arm64@0.27.3':
+    resolution: {integrity: sha512-Re491k7ByTVRy0t3EKWajdLIr0gz2kKKfzafkth4Q8A5n1xTHrkqZgLLjFEHVD+AXdUGgQMq+Godfq45mGpCKg==}
     engines: {node: '>=18'}
     cpu: [arm64]
     os: [darwin]
 
-  '@esbuild/darwin-x64@0.17.19':
-    resolution: {integrity: sha512-IJM4JJsLhRYr9xdtLytPLSH9k/oxR3boaUIYiHkAawtwNOXKE8KoU8tMvryogdcT8AU+Bflmh81Xn6Q0vTZbQw==}
-    engines: {node: '>=12'}
-    cpu: [x64]
+  '@esbuild/darwin-arm64@0.27.4':
+    resolution: {integrity: sha512-b7xaGIwdJlht8ZFCvMkpDN6uiSmnxxK56N2GDTMYPr2/gzvfdQN8rTfBsvVKmIVY/X7EM+/hJKEIbbHs9oA4tQ==}
+    engines: {node: '>=18'}
+    cpu: [arm64]
     os: [darwin]
 
   '@esbuild/darwin-x64@0.18.20':
@@ -882,18 +1109,18 @@ packages:
     cpu: [x64]
     os: [darwin]
 
+  '@esbuild/darwin-x64@0.27.3':
+    resolution: {integrity: sha512-vHk/hA7/1AckjGzRqi6wbo+jaShzRowYip6rt6q7VYEDX4LEy1pZfDpdxCBnGtl+A5zq8iXDcyuxwtv3hNtHFg==}
+    engines: {node: '>=18'}
+    cpu: [x64]
+    os: [darwin]
+
   '@esbuild/darwin-x64@0.27.4':
     resolution: {integrity: sha512-sR+OiKLwd15nmCdqpXMnuJ9W2kpy0KigzqScqHI3Hqwr7IXxBp3Yva+yJwoqh7rE8V77tdoheRYataNKL4QrPw==}
     engines: {node: '>=18'}
     cpu: [x64]
     os: [darwin]
 
-  '@esbuild/freebsd-arm64@0.17.19':
-    resolution: {integrity: sha512-pBwbc7DufluUeGdjSU5Si+P3SoMF5DQ/F/UmTSb8HXO80ZEAJmrykPyzo1IfNbAoaqw48YRpv8shwd1NoI0jcQ==}
-    engines: {node: '>=12'}
-    cpu: [arm64]
-    os: [freebsd]
-
   '@esbuild/freebsd-arm64@0.18.20':
     resolution: {integrity: sha512-yqDQHy4QHevpMAaxhhIwYPMv1NECwOvIpGCZkECn8w2WFHXjEwrBn3CeNIYsibZ/iZEUemj++M26W3cNR5h+Tw==}
     engines: {node: '>=12'}
@@ -906,16 +1133,16 @@ packages:
     cpu: [arm64]
     os: [freebsd]
 
-  '@esbuild/freebsd-arm64@0.27.4':
-    resolution: {integrity: sha512-jnfpKe+p79tCnm4GVav68A7tUFeKQwQyLgESwEAUzyxk/TJr4QdGog9sqWNcUbr/bZt/O/HXouspuQDd9JxFSw==}
+  '@esbuild/freebsd-arm64@0.27.3':
+    resolution: {integrity: sha512-ipTYM2fjt3kQAYOvo6vcxJx3nBYAzPjgTCk7QEgZG8AUO3ydUhvelmhrbOheMnGOlaSFUoHXB6un+A7q4ygY9w==}
     engines: {node: '>=18'}
     cpu: [arm64]
     os: [freebsd]
 
-  '@esbuild/freebsd-x64@0.17.19':
-    resolution: {integrity: sha512-4lu+n8Wk0XlajEhbEffdy2xy53dpR06SlzvhGByyg36qJw6Kpfk7cp45DR/62aPH9mtJRmIyrXAS5UWBrJT6TQ==}
-    engines: {node: '>=12'}
-    cpu: [x64]
+  '@esbuild/freebsd-arm64@0.27.4':
+    resolution: {integrity: sha512-jnfpKe+p79tCnm4GVav68A7tUFeKQwQyLgESwEAUzyxk/TJr4QdGog9sqWNcUbr/bZt/O/HXouspuQDd9JxFSw==}
+    engines: {node: '>=18'}
+    cpu: [arm64]
     os: [freebsd]
 
   '@esbuild/freebsd-x64@0.18.20':
@@ -930,18 +1157,18 @@ packages:
     cpu: [x64]
     os: [freebsd]
 
+  '@esbuild/freebsd-x64@0.27.3':
+    resolution: {integrity: sha512-dDk0X87T7mI6U3K9VjWtHOXqwAMJBNN2r7bejDsc+j03SEjtD9HrOl8gVFByeM0aJksoUuUVU9TBaZa2rgj0oA==}
+    engines: {node: '>=18'}
+    cpu: [x64]
+    os: [freebsd]
+
   '@esbuild/freebsd-x64@0.27.4':
     resolution: {integrity: sha512-2kb4ceA/CpfUrIcTUl1wrP/9ad9Atrp5J94Lq69w7UwOMolPIGrfLSvAKJp0RTvkPPyn6CIWrNy13kyLikZRZQ==}
     engines: {node: '>=18'}
     cpu: [x64]
     os: [freebsd]
 
-  '@esbuild/linux-arm64@0.17.19':
-    resolution: {integrity: sha512-ct1Tg3WGwd3P+oZYqic+YZF4snNl2bsnMKRkb3ozHmnM0dGWuxcPTTntAF6bOP0Sp4x0PjSF+4uHQ1xvxfRKqg==}
-    engines: {node: '>=12'}
-    cpu: [arm64]
-    os: [linux]
-
   '@esbuild/linux-arm64@0.18.20':
     resolution: {integrity: sha512-2YbscF+UL7SQAVIpnWvYwM+3LskyDmPhe31pE7/aoTMFKKzIc9lLbyGUpmmb8a8AixOL61sQ/mFh3jEjHYFvdA==}
     engines: {node: '>=12'}
@@ -954,16 +1181,16 @@ packages:
     cpu: [arm64]
     os: [linux]
 
-  '@esbuild/linux-arm64@0.27.4':
-    resolution: {integrity: sha512-7nQOttdzVGth1iz57kxg9uCz57dxQLHWxopL6mYuYthohPKEK0vU0C3O21CcBK6KDlkYVcnDXY099HcCDXd9dA==}
+  '@esbuild/linux-arm64@0.27.3':
+    resolution: {integrity: sha512-sZOuFz/xWnZ4KH3YfFrKCf1WyPZHakVzTiqji3WDc0BCl2kBwiJLCXpzLzUBLgmp4veFZdvN5ChW4Eq/8Fc2Fg==}
     engines: {node: '>=18'}
     cpu: [arm64]
     os: [linux]
 
-  '@esbuild/linux-arm@0.17.19':
-    resolution: {integrity: sha512-cdmT3KxjlOQ/gZ2cjfrQOtmhG4HJs6hhvm3mWSRDPtZ/lP5oe8FWceS10JaSJC13GBd4eH/haHnqf7hhGNLerA==}
-    engines: {node: '>=12'}
-    cpu: [arm]
+  '@esbuild/linux-arm64@0.27.4':
+    resolution: {integrity: sha512-7nQOttdzVGth1iz57kxg9uCz57dxQLHWxopL6mYuYthohPKEK0vU0C3O21CcBK6KDlkYVcnDXY099HcCDXd9dA==}
+    engines: {node: '>=18'}
+    cpu: [arm64]
     os: [linux]
 
   '@esbuild/linux-arm@0.18.20':
@@ -978,16 +1205,16 @@ packages:
     cpu: [arm]
     os: [linux]
 
-  '@esbuild/linux-arm@0.27.4':
-    resolution: {integrity: sha512-aBYgcIxX/wd5n2ys0yESGeYMGF+pv6g0DhZr3G1ZG4jMfruU9Tl1i2Z+Wnj9/KjGz1lTLCcorqE2viePZqj4Eg==}
+  '@esbuild/linux-arm@0.27.3':
+    resolution: {integrity: sha512-s6nPv2QkSupJwLYyfS+gwdirm0ukyTFNl3KTgZEAiJDd+iHZcbTPPcWCcRYH+WlNbwChgH2QkE9NSlNrMT8Gfw==}
     engines: {node: '>=18'}
     cpu: [arm]
     os: [linux]
 
-  '@esbuild/linux-ia32@0.17.19':
-    resolution: {integrity: sha512-w4IRhSy1VbsNxHRQpeGCHEmibqdTUx61Vc38APcsRbuVgK0OPEnQ0YD39Brymn96mOx48Y2laBQGqgZ0j9w6SQ==}
-    engines: {node: '>=12'}
-    cpu: [ia32]
+  '@esbuild/linux-arm@0.27.4':
+    resolution: {integrity: sha512-aBYgcIxX/wd5n2ys0yESGeYMGF+pv6g0DhZr3G1ZG4jMfruU9Tl1i2Z+Wnj9/KjGz1lTLCcorqE2viePZqj4Eg==}
+    engines: {node: '>=18'}
+    cpu: [arm]
     os: [linux]
 
   '@esbuild/linux-ia32@0.18.20':
@@ -1002,16 +1229,16 @@ packages:
     cpu: [ia32]
     os: [linux]
 
-  '@esbuild/linux-ia32@0.27.4':
-    resolution: {integrity: sha512-oPtixtAIzgvzYcKBQM/qZ3R+9TEUd1aNJQu0HhGyqtx6oS7qTpvjheIWBbes4+qu1bNlo2V4cbkISr8q6gRBFA==}
+  '@esbuild/linux-ia32@0.27.3':
+    resolution: {integrity: sha512-yGlQYjdxtLdh0a3jHjuwOrxQjOZYD/C9PfdbgJJF3TIZWnm/tMd/RcNiLngiu4iwcBAOezdnSLAwQDPqTmtTYg==}
     engines: {node: '>=18'}
     cpu: [ia32]
     os: [linux]
 
-  '@esbuild/linux-loong64@0.17.19':
-    resolution: {integrity: sha512-2iAngUbBPMq439a+z//gE+9WBldoMp1s5GWsUSgqHLzLJ9WoZLZhpwWuym0u0u/4XmZ3gpHmzV84PonE+9IIdQ==}
-    engines: {node: '>=12'}
-    cpu: [loong64]
+  '@esbuild/linux-ia32@0.27.4':
+    resolution: {integrity: sha512-oPtixtAIzgvzYcKBQM/qZ3R+9TEUd1aNJQu0HhGyqtx6oS7qTpvjheIWBbes4+qu1bNlo2V4cbkISr8q6gRBFA==}
+    engines: {node: '>=18'}
+    cpu: [ia32]
     os: [linux]
 
   '@esbuild/linux-loong64@0.18.20':
@@ -1026,16 +1253,16 @@ packages:
     cpu: [loong64]
     os: [linux]
 
-  '@esbuild/linux-loong64@0.27.4':
-    resolution: {integrity: sha512-8mL/vh8qeCoRcFH2nM8wm5uJP+ZcVYGGayMavi8GmRJjuI3g1v6Z7Ni0JJKAJW+m0EtUuARb6Lmp4hMjzCBWzA==}
+  '@esbuild/linux-loong64@0.27.3':
+    resolution: {integrity: sha512-WO60Sn8ly3gtzhyjATDgieJNet/KqsDlX5nRC5Y3oTFcS1l0KWba+SEa9Ja1GfDqSF1z6hif/SkpQJbL63cgOA==}
     engines: {node: '>=18'}
     cpu: [loong64]
     os: [linux]
 
-  '@esbuild/linux-mips64el@0.17.19':
-    resolution: {integrity: sha512-LKJltc4LVdMKHsrFe4MGNPp0hqDFA1Wpt3jE1gEyM3nKUvOiO//9PheZZHfYRfYl6AwdTH4aTcXSqBerX0ml4A==}
-    engines: {node: '>=12'}
-    cpu: [mips64el]
+  '@esbuild/linux-loong64@0.27.4':
+    resolution: {integrity: sha512-8mL/vh8qeCoRcFH2nM8wm5uJP+ZcVYGGayMavi8GmRJjuI3g1v6Z7Ni0JJKAJW+m0EtUuARb6Lmp4hMjzCBWzA==}
+    engines: {node: '>=18'}
+    cpu: [loong64]
     os: [linux]
 
   '@esbuild/linux-mips64el@0.18.20':
@@ -1050,16 +1277,16 @@ packages:
     cpu: [mips64el]
     os: [linux]
 
-  '@esbuild/linux-mips64el@0.27.4':
-    resolution: {integrity: sha512-1RdrWFFiiLIW7LQq9Q2NES+HiD4NyT8Itj9AUeCl0IVCA459WnPhREKgwrpaIfTOe+/2rdntisegiPWn/r/aAw==}
+  '@esbuild/linux-mips64el@0.27.3':
+    resolution: {integrity: sha512-APsymYA6sGcZ4pD6k+UxbDjOFSvPWyZhjaiPyl/f79xKxwTnrn5QUnXR5prvetuaSMsb4jgeHewIDCIWljrSxw==}
     engines: {node: '>=18'}
     cpu: [mips64el]
     os: [linux]
 
-  '@esbuild/linux-ppc64@0.17.19':
-    resolution: {integrity: sha512-/c/DGybs95WXNS8y3Ti/ytqETiW7EU44MEKuCAcpPto3YjQbyK3IQVKfF6nbghD7EcLUGl0NbiL5Rt5DMhn5tg==}
-    engines: {node: '>=12'}
-    cpu: [ppc64]
+  '@esbuild/linux-mips64el@0.27.4':
+    resolution: {integrity: sha512-1RdrWFFiiLIW7LQq9Q2NES+HiD4NyT8Itj9AUeCl0IVCA459WnPhREKgwrpaIfTOe+/2rdntisegiPWn/r/aAw==}
+    engines: {node: '>=18'}
+    cpu: [mips64el]
     os: [linux]
 
   '@esbuild/linux-ppc64@0.18.20':
@@ -1074,16 +1301,16 @@ packages:
     cpu: [ppc64]
     os: [linux]
 
-  '@esbuild/linux-ppc64@0.27.4':
-    resolution: {integrity: sha512-tLCwNG47l3sd9lpfyx9LAGEGItCUeRCWeAx6x2Jmbav65nAwoPXfewtAdtbtit/pJFLUWOhpv0FpS6GQAmPrHA==}
+  '@esbuild/linux-ppc64@0.27.3':
+    resolution: {integrity: sha512-eizBnTeBefojtDb9nSh4vvVQ3V9Qf9Df01PfawPcRzJH4gFSgrObw+LveUyDoKU3kxi5+9RJTCWlj4FjYXVPEA==}
     engines: {node: '>=18'}
     cpu: [ppc64]
     os: [linux]
 
-  '@esbuild/linux-riscv64@0.17.19':
-    resolution: {integrity: sha512-FC3nUAWhvFoutlhAkgHf8f5HwFWUL6bYdvLc/TTuxKlvLi3+pPzdZiFKSWz/PF30TB1K19SuCxDTI5KcqASJqA==}
-    engines: {node: '>=12'}
-    cpu: [riscv64]
+  '@esbuild/linux-ppc64@0.27.4':
+    resolution: {integrity: sha512-tLCwNG47l3sd9lpfyx9LAGEGItCUeRCWeAx6x2Jmbav65nAwoPXfewtAdtbtit/pJFLUWOhpv0FpS6GQAmPrHA==}
+    engines: {node: '>=18'}
+    cpu: [ppc64]
     os: [linux]
 
   '@esbuild/linux-riscv64@0.18.20':
@@ -1098,16 +1325,16 @@ packages:
     cpu: [riscv64]
     os: [linux]
 
-  '@esbuild/linux-riscv64@0.27.4':
-    resolution: {integrity: sha512-BnASypppbUWyqjd1KIpU4AUBiIhVr6YlHx/cnPgqEkNoVOhHg+YiSVxM1RLfiy4t9cAulbRGTNCKOcqHrEQLIw==}
+  '@esbuild/linux-riscv64@0.27.3':
+    resolution: {integrity: sha512-3Emwh0r5wmfm3ssTWRQSyVhbOHvqegUDRd0WhmXKX2mkHJe1SFCMJhagUleMq+Uci34wLSipf8Lagt4LlpRFWQ==}
     engines: {node: '>=18'}
     cpu: [riscv64]
     os: [linux]
 
-  '@esbuild/linux-s390x@0.17.19':
-    resolution: {integrity: sha512-IbFsFbxMWLuKEbH+7sTkKzL6NJmG2vRyy6K7JJo55w+8xDk7RElYn6xvXtDW8HCfoKBFK69f3pgBJSUSQPr+4Q==}
-    engines: {node: '>=12'}
-    cpu: [s390x]
+  '@esbuild/linux-riscv64@0.27.4':
+    resolution: {integrity: sha512-BnASypppbUWyqjd1KIpU4AUBiIhVr6YlHx/cnPgqEkNoVOhHg+YiSVxM1RLfiy4t9cAulbRGTNCKOcqHrEQLIw==}
+    engines: {node: '>=18'}
+    cpu: [riscv64]
     os: [linux]
 
   '@esbuild/linux-s390x@0.18.20':
@@ -1122,16 +1349,16 @@ packages:
     cpu: [s390x]
     os: [linux]
 
-  '@esbuild/linux-s390x@0.27.4':
-    resolution: {integrity: sha512-+eUqgb/Z7vxVLezG8bVB9SfBie89gMueS+I0xYh2tJdw3vqA/0ImZJ2ROeWwVJN59ihBeZ7Tu92dF/5dy5FttA==}
+  '@esbuild/linux-s390x@0.27.3':
+    resolution: {integrity: sha512-pBHUx9LzXWBc7MFIEEL0yD/ZVtNgLytvx60gES28GcWMqil8ElCYR4kvbV2BDqsHOvVDRrOxGySBM9Fcv744hw==}
     engines: {node: '>=18'}
     cpu: [s390x]
     os: [linux]
 
-  '@esbuild/linux-x64@0.17.19':
-    resolution: {integrity: sha512-68ngA9lg2H6zkZcyp22tsVt38mlhWde8l3eJLWkyLrp4HwMUr3c1s/M2t7+kHIhvMjglIBrFpncX1SzMckomGw==}
-    engines: {node: '>=12'}
-    cpu: [x64]
+  '@esbuild/linux-s390x@0.27.4':
+    resolution: {integrity: sha512-+eUqgb/Z7vxVLezG8bVB9SfBie89gMueS+I0xYh2tJdw3vqA/0ImZJ2ROeWwVJN59ihBeZ7Tu92dF/5dy5FttA==}
+    engines: {node: '>=18'}
+    cpu: [s390x]
     os: [linux]
 
   '@esbuild/linux-x64@0.18.20':
@@ -1146,6 +1373,12 @@ packages:
     cpu: [x64]
     os: [linux]
 
+  '@esbuild/linux-x64@0.27.3':
+    resolution: {integrity: sha512-Czi8yzXUWIQYAtL/2y6vogER8pvcsOsk5cpwL4Gk5nJqH5UZiVByIY8Eorm5R13gq+DQKYg0+JyQoytLQas4dA==}
+    engines: {node: '>=18'}
+    cpu: [x64]
+    os: [linux]
+
   '@esbuild/linux-x64@0.27.4':
     resolution: {integrity: sha512-S5qOXrKV8BQEzJPVxAwnryi2+Iq5pB40gTEIT69BQONqR7JH1EPIcQ/Uiv9mCnn05jff9umq/5nqzxlqTOg9NA==}
     engines: {node: '>=18'}
@@ -1158,16 +1391,16 @@ packages:
     cpu: [arm64]
     os: [netbsd]
 
-  '@esbuild/netbsd-arm64@0.27.4':
-    resolution: {integrity: sha512-xHT8X4sb0GS8qTqiwzHqpY00C95DPAq7nAwX35Ie/s+LO9830hrMd3oX0ZMKLvy7vsonee73x0lmcdOVXFzd6Q==}
+  '@esbuild/netbsd-arm64@0.27.3':
+    resolution: {integrity: sha512-sDpk0RgmTCR/5HguIZa9n9u+HVKf40fbEUt+iTzSnCaGvY9kFP0YKBWZtJaraonFnqef5SlJ8/TiPAxzyS+UoA==}
     engines: {node: '>=18'}
     cpu: [arm64]
     os: [netbsd]
 
-  '@esbuild/netbsd-x64@0.17.19':
-    resolution: {integrity: sha512-CwFq42rXCR8TYIjIfpXCbRX0rp1jo6cPIUPSaWwzbVI4aOfX96OXY8M6KNmtPcg7QjYeDmN+DD0Wp3LaBOLf4Q==}
-    engines: {node: '>=12'}
-    cpu: [x64]
+  '@esbuild/netbsd-arm64@0.27.4':
+    resolution: {integrity: sha512-xHT8X4sb0GS8qTqiwzHqpY00C95DPAq7nAwX35Ie/s+LO9830hrMd3oX0ZMKLvy7vsonee73x0lmcdOVXFzd6Q==}
+    engines: {node: '>=18'}
+    cpu: [arm64]
     os: [netbsd]
 
   '@esbuild/netbsd-x64@0.18.20':
@@ -1182,6 +1415,12 @@ packages:
     cpu: [x64]
     os: [netbsd]
 
+  '@esbuild/netbsd-x64@0.27.3':
+    resolution: {integrity: sha512-P14lFKJl/DdaE00LItAukUdZO5iqNH7+PjoBm+fLQjtxfcfFE20Xf5CrLsmZdq5LFFZzb5JMZ9grUwvtVYzjiA==}
+    engines: {node: '>=18'}
+    cpu: [x64]
+    os: [netbsd]
+
   '@esbuild/netbsd-x64@0.27.4':
     resolution: {integrity: sha512-RugOvOdXfdyi5Tyv40kgQnI0byv66BFgAqjdgtAKqHoZTbTF2QqfQrFwa7cHEORJf6X2ht+l9ABLMP0dnKYsgg==}
     engines: {node: '>=18'}
@@ -1194,16 +1433,16 @@ packages:
     cpu: [arm64]
     os: [openbsd]
 
-  '@esbuild/openbsd-arm64@0.27.4':
-    resolution: {integrity: sha512-2MyL3IAaTX+1/qP0O1SwskwcwCoOI4kV2IBX1xYnDDqthmq5ArrW94qSIKCAuRraMgPOmG0RDTA74mzYNQA9ow==}
+  '@esbuild/openbsd-arm64@0.27.3':
+    resolution: {integrity: sha512-AIcMP77AvirGbRl/UZFTq5hjXK+2wC7qFRGoHSDrZ5v5b8DK/GYpXW3CPRL53NkvDqb9D+alBiC/dV0Fb7eJcw==}
     engines: {node: '>=18'}
     cpu: [arm64]
     os: [openbsd]
 
-  '@esbuild/openbsd-x64@0.17.19':
-    resolution: {integrity: sha512-cnq5brJYrSZ2CF6c35eCmviIN3k3RczmHz8eYaVlNasVqsNY+JKohZU5MKmaOI+KkllCdzOKKdPs762VCPC20g==}
-    engines: {node: '>=12'}
-    cpu: [x64]
+  '@esbuild/openbsd-arm64@0.27.4':
+    resolution: {integrity: sha512-2MyL3IAaTX+1/qP0O1SwskwcwCoOI4kV2IBX1xYnDDqthmq5ArrW94qSIKCAuRraMgPOmG0RDTA74mzYNQA9ow==}
+    engines: {node: '>=18'}
+    cpu: [arm64]
     os: [openbsd]
 
   '@esbuild/openbsd-x64@0.18.20':
@@ -1218,6 +1457,12 @@ packages:
     cpu: [x64]
     os: [openbsd]
 
+  '@esbuild/openbsd-x64@0.27.3':
+    resolution: {integrity: sha512-DnW2sRrBzA+YnE70LKqnM3P+z8vehfJWHXECbwBmH/CU51z6FiqTQTHFenPlHmo3a8UgpLyH3PT+87OViOh1AQ==}
+    engines: {node: '>=18'}
+    cpu: [x64]
+    os: [openbsd]
+
   '@esbuild/openbsd-x64@0.27.4':
     resolution: {integrity: sha512-u8fg/jQ5aQDfsnIV6+KwLOf1CmJnfu1ShpwqdwC0uA7ZPwFws55Ngc12vBdeUdnuWoQYx/SOQLGDcdlfXhYmXQ==}
     engines: {node: '>=18'}
@@ -1230,18 +1475,18 @@ packages:
     cpu: [arm64]
     os: [openharmony]
 
+  '@esbuild/openharmony-arm64@0.27.3':
+    resolution: {integrity: sha512-NinAEgr/etERPTsZJ7aEZQvvg/A6IsZG/LgZy+81wON2huV7SrK3e63dU0XhyZP4RKGyTm7aOgmQk0bGp0fy2g==}
+    engines: {node: '>=18'}
+    cpu: [arm64]
+    os: [openharmony]
+
   '@esbuild/openharmony-arm64@0.27.4':
     resolution: {integrity: sha512-JkTZrl6VbyO8lDQO3yv26nNr2RM2yZzNrNHEsj9bm6dOwwu9OYN28CjzZkH57bh4w0I2F7IodpQvUAEd1mbWXg==}
     engines: {node: '>=18'}
     cpu: [arm64]
     os: [openharmony]
 
-  '@esbuild/sunos-x64@0.17.19':
-    resolution: {integrity: sha512-vCRT7yP3zX+bKWFeP/zdS6SqdWB8OIpaRq/mbXQxTGHnIxspRtigpkUcDMlSCOejlHowLqII7K2JKevwyRP2rg==}
-    engines: {node: '>=12'}
-    cpu: [x64]
-    os: [sunos]
-
   '@esbuild/sunos-x64@0.18.20':
     resolution: {integrity: sha512-kDbFRFp0YpTQVVrqUd5FTYmWo45zGaXe0X8E1G/LKFC0v8x0vWrhOWSLITcCn63lmZIxfOMXtCfti/RxN/0wnQ==}
     engines: {node: '>=12'}
@@ -1254,18 +1499,18 @@ packages:
     cpu: [x64]
     os: [sunos]
 
+  '@esbuild/sunos-x64@0.27.3':
+    resolution: {integrity: sha512-PanZ+nEz+eWoBJ8/f8HKxTTD172SKwdXebZ0ndd953gt1HRBbhMsaNqjTyYLGLPdoWHy4zLU7bDVJztF5f3BHA==}
+    engines: {node: '>=18'}
+    cpu: [x64]
+    os: [sunos]
+
   '@esbuild/sunos-x64@0.27.4':
     resolution: {integrity: sha512-/gOzgaewZJfeJTlsWhvUEmUG4tWEY2Spp5M20INYRg2ZKl9QPO3QEEgPeRtLjEWSW8FilRNacPOg8R1uaYkA6g==}
     engines: {node: '>=18'}
     cpu: [x64]
     os: [sunos]
 
-  '@esbuild/win32-arm64@0.17.19':
-    resolution: {integrity: sha512-yYx+8jwowUstVdorcMdNlzklLYhPxjniHWFKgRqH7IFlUEa0Umu3KuYplf1HUZZ422e3NU9F4LGb+4O0Kdcaag==}
-    engines: {node: '>=12'}
-    cpu: [arm64]
-    os: [win32]
-
   '@esbuild/win32-arm64@0.18.20':
     resolution: {integrity: sha512-ddYFR6ItYgoaq4v4JmQQaAI5s7npztfV4Ag6NrhiaW0RrnOXqBkgwZLofVTlq1daVTQNhtI5oieTvkRPfZrePg==}
     engines: {node: '>=12'}
@@ -1278,16 +1523,16 @@ packages:
     cpu: [arm64]
     os: [win32]
 
-  '@esbuild/win32-arm64@0.27.4':
-    resolution: {integrity: sha512-Z9SExBg2y32smoDQdf1HRwHRt6vAHLXcxD2uGgO/v2jK7Y718Ix4ndsbNMU/+1Qiem9OiOdaqitioZwxivhXYg==}
+  '@esbuild/win32-arm64@0.27.3':
+    resolution: {integrity: sha512-B2t59lWWYrbRDw/tjiWOuzSsFh1Y/E95ofKz7rIVYSQkUYBjfSgf6oeYPNWHToFRr2zx52JKApIcAS/D5TUBnA==}
     engines: {node: '>=18'}
     cpu: [arm64]
     os: [win32]
 
-  '@esbuild/win32-ia32@0.17.19':
-    resolution: {integrity: sha512-eggDKanJszUtCdlVs0RB+h35wNlb5v4TWEkq4vZcmVt5u/HiDZrTXe2bWFQUez3RgNHwx/x4sk5++4NSSicKkw==}
-    engines: {node: '>=12'}
-    cpu: [ia32]
+  '@esbuild/win32-arm64@0.27.4':
+    resolution: {integrity: sha512-Z9SExBg2y32smoDQdf1HRwHRt6vAHLXcxD2uGgO/v2jK7Y718Ix4ndsbNMU/+1Qiem9OiOdaqitioZwxivhXYg==}
+    engines: {node: '>=18'}
+    cpu: [arm64]
     os: [win32]
 
   '@esbuild/win32-ia32@0.18.20':
@@ -1302,16 +1547,16 @@ packages:
     cpu: [ia32]
     os: [win32]
 
-  '@esbuild/win32-ia32@0.27.4':
-    resolution: {integrity: sha512-DAyGLS0Jz5G5iixEbMHi5KdiApqHBWMGzTtMiJ72ZOLhbu/bzxgAe8Ue8CTS3n3HbIUHQz/L51yMdGMeoxXNJw==}
+  '@esbuild/win32-ia32@0.27.3':
+    resolution: {integrity: sha512-QLKSFeXNS8+tHW7tZpMtjlNb7HKau0QDpwm49u0vUp9y1WOF+PEzkU84y9GqYaAVW8aH8f3GcBck26jh54cX4Q==}
     engines: {node: '>=18'}
     cpu: [ia32]
     os: [win32]
 
-  '@esbuild/win32-x64@0.17.19':
-    resolution: {integrity: sha512-lAhycmKnVOuRYNtRtatQR1LPQf2oYCkRGkSFnseDAKPl8lu5SOsK/e1sXe5a0Pc5kHIHe6P2I/ilntNv2xf3cA==}
-    engines: {node: '>=12'}
-    cpu: [x64]
+  '@esbuild/win32-ia32@0.27.4':
+    resolution: {integrity: sha512-DAyGLS0Jz5G5iixEbMHi5KdiApqHBWMGzTtMiJ72ZOLhbu/bzxgAe8Ue8CTS3n3HbIUHQz/L51yMdGMeoxXNJw==}
+    engines: {node: '>=18'}
+    cpu: [ia32]
     os: [win32]
 
   '@esbuild/win32-x64@0.18.20':
@@ -1326,16 +1571,18 @@ packages:
     cpu: [x64]
     os: [win32]
 
+  '@esbuild/win32-x64@0.27.3':
+    resolution: {integrity: sha512-4uJGhsxuptu3OcpVAzli+/gWusVGwZZHTlS63hh++ehExkVT8SgiEf7/uC/PclrPPkLhZqGgCTjd0VWLo6xMqA==}
+    engines: {node: '>=18'}
+    cpu: [x64]
+    os: [win32]
+
   '@esbuild/win32-x64@0.27.4':
     resolution: {integrity: sha512-+knoa0BDoeXgkNvvV1vvbZX4+hizelrkwmGJBdT17t8FNPwG2lKemmuMZlmaNQ3ws3DKKCxpb4zRZEIp3UxFCg==}
     engines: {node: '>=18'}
     cpu: [x64]
     os: [win32]
 
-  '@fastify/busboy@2.1.1':
-    resolution: {integrity: sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==}
-    engines: {node: '>=14'}
-
   '@floating-ui/core@1.7.5':
     resolution: {integrity: sha512-1Ih4WTWyw0+lKyFMcBHGbb5U5FtuHJuujoyyr5zTaWS5EYMeT6Jb2AuDeftsCsEuchO+mM2ij5+q9crhydzLhQ==}
 
@@ -1391,68 +1638,34 @@ packages:
     resolution: {integrity: sha512-Td76q7j57o/tLVdgS746cYARfSyxk8iEfRxewL9h4OMzYhbW4TAcppl0mT4eyqXddh6L/jwoM75mo7ixa/pCeQ==}
     engines: {node: '>=18'}
 
-  '@img/sharp-darwin-arm64@0.33.5':
-    resolution: {integrity: sha512-UT4p+iz/2H4twwAoLCqfA9UH5pI6DggwKEGuaPy7nCVQ8ZsiY5PIcrRvD1DzuY3qYL07NtIQcWnBSY/heikIFQ==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [arm64]
-    os: [darwin]
-
   '@img/sharp-darwin-arm64@0.34.5':
     resolution: {integrity: sha512-imtQ3WMJXbMY4fxb/Ndp6HBTNVtWCUI0WdobyheGf5+ad6xX8VIDO8u2xE4qc/fr08CKG/7dDseFtn6M6g/r3w==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [arm64]
     os: [darwin]
 
-  '@img/sharp-darwin-x64@0.33.5':
-    resolution: {integrity: sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [x64]
-    os: [darwin]
-
   '@img/sharp-darwin-x64@0.34.5':
     resolution: {integrity: sha512-YNEFAF/4KQ/PeW0N+r+aVVsoIY0/qxxikF2SWdp+NRkmMB7y9LBZAVqQ4yhGCm/H3H270OSykqmQMKLBhBJDEw==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [x64]
     os: [darwin]
 
-  '@img/sharp-libvips-darwin-arm64@1.0.4':
-    resolution: {integrity: sha512-XblONe153h0O2zuFfTAbQYAX2JhYmDHeWikp1LM9Hul9gVPjFY427k6dFEcOL72O01QxQsWi761svJ/ev9xEDg==}
-    cpu: [arm64]
-    os: [darwin]
-
   '@img/sharp-libvips-darwin-arm64@1.2.4':
     resolution: {integrity: sha512-zqjjo7RatFfFoP0MkQ51jfuFZBnVE2pRiaydKJ1G/rHZvnsrHAOcQALIi9sA5co5xenQdTugCvtb1cuf78Vf4g==}
     cpu: [arm64]
     os: [darwin]
 
-  '@img/sharp-libvips-darwin-x64@1.0.4':
-    resolution: {integrity: sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ==}
-    cpu: [x64]
-    os: [darwin]
-
   '@img/sharp-libvips-darwin-x64@1.2.4':
     resolution: {integrity: sha512-1IOd5xfVhlGwX+zXv2N93k0yMONvUlANylbJw1eTah8K/Jtpi15KC+WSiaX/nBmbm2HxRM1gZ0nSdjSsrZbGKg==}
     cpu: [x64]
     os: [darwin]
 
-  '@img/sharp-libvips-linux-arm64@1.0.4':
-    resolution: {integrity: sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA==}
-    cpu: [arm64]
-    os: [linux]
-    libc: [glibc]
-
   '@img/sharp-libvips-linux-arm64@1.2.4':
     resolution: {integrity: sha512-excjX8DfsIcJ10x1Kzr4RcWe1edC9PquDRRPx3YVCvQv+U5p7Yin2s32ftzikXojb1PIFc/9Mt28/y+iRklkrw==}
     cpu: [arm64]
     os: [linux]
     libc: [glibc]
 
-  '@img/sharp-libvips-linux-arm@1.0.5':
-    resolution: {integrity: sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g==}
-    cpu: [arm]
-    os: [linux]
-    libc: [glibc]
-
   '@img/sharp-libvips-linux-arm@1.2.4':
     resolution: {integrity: sha512-bFI7xcKFELdiNCVov8e44Ia4u2byA+l3XtsAj+Q8tfCwO6BQ8iDojYdvoPMqsKDkuoOo+X6HZA0s0q11ANMQ8A==}
     cpu: [arm]
@@ -1471,61 +1684,30 @@ packages:
     os: [linux]
     libc: [glibc]
 
-  '@img/sharp-libvips-linux-s390x@1.0.4':
-    resolution: {integrity: sha512-u7Wz6ntiSSgGSGcjZ55im6uvTrOxSIS8/dgoVMoiGE9I6JAfU50yH5BoDlYA1tcuGS7g/QNtetJnxA6QEsCVTA==}
-    cpu: [s390x]
-    os: [linux]
-    libc: [glibc]
-
   '@img/sharp-libvips-linux-s390x@1.2.4':
     resolution: {integrity: sha512-qmp9VrzgPgMoGZyPvrQHqk02uyjA0/QrTO26Tqk6l4ZV0MPWIW6LTkqOIov+J1yEu7MbFQaDpwdwJKhbJvuRxQ==}
     cpu: [s390x]
     os: [linux]
     libc: [glibc]
 
-  '@img/sharp-libvips-linux-x64@1.0.4':
-    resolution: {integrity: sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw==}
-    cpu: [x64]
-    os: [linux]
-    libc: [glibc]
-
   '@img/sharp-libvips-linux-x64@1.2.4':
     resolution: {integrity: sha512-tJxiiLsmHc9Ax1bz3oaOYBURTXGIRDODBqhveVHonrHJ9/+k89qbLl0bcJns+e4t4rvaNBxaEZsFtSfAdquPrw==}
     cpu: [x64]
     os: [linux]
     libc: [glibc]
 
-  '@img/sharp-libvips-linuxmusl-arm64@1.0.4':
-    resolution: {integrity: sha512-9Ti+BbTYDcsbp4wfYib8Ctm1ilkugkA/uscUn6UXK1ldpC1JjiXbLfFZtRlBhjPZ5o1NCLiDbg8fhUPKStHoTA==}
-    cpu: [arm64]
-    os: [linux]
-    libc: [musl]
-
   '@img/sharp-libvips-linuxmusl-arm64@1.2.4':
     resolution: {integrity: sha512-FVQHuwx1IIuNow9QAbYUzJ+En8KcVm9Lk5+uGUQJHaZmMECZmOlix9HnH7n1TRkXMS0pGxIJokIVB9SuqZGGXw==}
     cpu: [arm64]
     os: [linux]
     libc: [musl]
 
-  '@img/sharp-libvips-linuxmusl-x64@1.0.4':
-    resolution: {integrity: sha512-viYN1KX9m+/hGkJtvYYp+CCLgnJXwiQB39damAO7WMdKWlIhmYTfHjwSbQeUK/20vY154mwezd9HflVFM1wVSw==}
-    cpu: [x64]
-    os: [linux]
-    libc: [musl]
-
   '@img/sharp-libvips-linuxmusl-x64@1.2.4':
     resolution: {integrity: sha512-+LpyBk7L44ZIXwz/VYfglaX/okxezESc6UxDSoyo2Ks6Jxc4Y7sGjpgU9s4PMgqgjj1gZCylTieNamqA1MF7Dg==}
     cpu: [x64]
     os: [linux]
     libc: [musl]
 
-  '@img/sharp-linux-arm64@0.33.5':
-    resolution: {integrity: sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [arm64]
-    os: [linux]
-    libc: [glibc]
-
   '@img/sharp-linux-arm64@0.34.5':
     resolution: {integrity: sha512-bKQzaJRY/bkPOXyKx5EVup7qkaojECG6NLYswgktOZjaXecSAeCWiZwwiFf3/Y+O1HrauiE3FVsGxFg8c24rZg==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -1533,13 +1715,6 @@ packages:
     os: [linux]
     libc: [glibc]
 
-  '@img/sharp-linux-arm@0.33.5':
-    resolution: {integrity: sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [arm]
-    os: [linux]
-    libc: [glibc]
-
   '@img/sharp-linux-arm@0.34.5':
     resolution: {integrity: sha512-9dLqsvwtg1uuXBGZKsxem9595+ujv0sJ6Vi8wcTANSFpwV/GONat5eCkzQo/1O6zRIkh0m/8+5BjrRr7jDUSZw==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -1561,13 +1736,6 @@ packages:
     os: [linux]
     libc: [glibc]
 
-  '@img/sharp-linux-s390x@0.33.5':
-    resolution: {integrity: sha512-y/5PCd+mP4CA/sPDKl2961b+C9d+vPAveS33s6Z3zfASk2j5upL6fXVPZi7ztePZ5CuH+1kW8JtvxgbuXHRa4Q==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [s390x]
-    os: [linux]
-    libc: [glibc]
-
   '@img/sharp-linux-s390x@0.34.5':
     resolution: {integrity: sha512-nQtCk0PdKfho3eC5MrbQoigJ2gd1CgddUMkabUj+rBevs8tZ2cULOx46E7oyX+04WGfABgIwmMC0VqieTiR4jg==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -1575,13 +1743,6 @@ packages:
     os: [linux]
     libc: [glibc]
 
-  '@img/sharp-linux-x64@0.33.5':
-    resolution: {integrity: sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [x64]
-    os: [linux]
-    libc: [glibc]
-
   '@img/sharp-linux-x64@0.34.5':
     resolution: {integrity: sha512-MEzd8HPKxVxVenwAa+JRPwEC7QFjoPWuS5NZnBt6B3pu7EG2Ge0id1oLHZpPJdn3OQK+BQDiw9zStiHBTJQQQQ==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -1589,13 +1750,6 @@ packages:
     os: [linux]
     libc: [glibc]
 
-  '@img/sharp-linuxmusl-arm64@0.33.5':
-    resolution: {integrity: sha512-XrHMZwGQGvJg2V/oRSUfSAfjfPxO+4DkiRh6p2AFjLQztWUuY/o8Mq0eMQVIY7HJ1CDQUJlxGGZRw1a5bqmd1g==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [arm64]
-    os: [linux]
-    libc: [musl]
-
   '@img/sharp-linuxmusl-arm64@0.34.5':
     resolution: {integrity: sha512-fprJR6GtRsMt6Kyfq44IsChVZeGN97gTD331weR1ex1c1rypDEABN6Tm2xa1wE6lYb5DdEnk03NZPqA7Id21yg==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -1603,13 +1757,6 @@ packages:
     os: [linux]
     libc: [musl]
 
-  '@img/sharp-linuxmusl-x64@0.33.5':
-    resolution: {integrity: sha512-WT+d/cgqKkkKySYmqoZ8y3pxx7lx9vVejxW/W4DOFMYVSkErR+w7mf2u8m/y4+xHe7yY9DAXQMWQhpnMuFfScw==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [x64]
-    os: [linux]
-    libc: [musl]
-
   '@img/sharp-linuxmusl-x64@0.34.5':
     resolution: {integrity: sha512-Jg8wNT1MUzIvhBFxViqrEhWDGzqymo3sV7z7ZsaWbZNDLXRJZoRGrjulp60YYtV4wfY8VIKcWidjojlLcWrd8Q==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -1617,11 +1764,6 @@ packages:
     os: [linux]
     libc: [musl]
 
-  '@img/sharp-wasm32@0.33.5':
-    resolution: {integrity: sha512-ykUW4LVGaMcU9lu9thv85CbRMAwfeadCJHRsg2GmeRa/cJxsVY9Rbd57JcMxBkKHag5U/x7TSBpScF4U8ElVzg==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [wasm32]
-
   '@img/sharp-wasm32@0.34.5':
     resolution: {integrity: sha512-OdWTEiVkY2PHwqkbBI8frFxQQFekHaSSkUIJkwzclWZe64O1X4UlUjqqqLaPbUpMOQk6FBu/HtlGXNblIs0huw==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -1633,24 +1775,12 @@ packages:
     cpu: [arm64]
     os: [win32]
 
-  '@img/sharp-win32-ia32@0.33.5':
-    resolution: {integrity: sha512-T36PblLaTwuVJ/zw/LaH0PdZkRz5rd3SmMHX8GSmR7vtNSP5Z6bQkExdSK7xGWyxLw4sUknBuugTelgw2faBbQ==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [ia32]
-    os: [win32]
-
   '@img/sharp-win32-ia32@0.34.5':
     resolution: {integrity: sha512-FV9m/7NmeCmSHDD5j4+4pNI8Cp3aW+JvLoXcTUo0IqyjSfAZJ8dIUmijx1qaJsIiU+Hosw6xM5KijAWRJCSgNg==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
     cpu: [ia32]
     os: [win32]
 
-  '@img/sharp-win32-x64@0.33.5':
-    resolution: {integrity: sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-    cpu: [x64]
-    os: [win32]
-
   '@img/sharp-win32-x64@0.34.5':
     resolution: {integrity: sha512-+29YMsqY2/9eFEiW93eqWnuLcWcufowXewwSNIT6UwZdUUCrM3oFjMWH/Z6/TMmb4hlFenmfAVbpWeup2jryCw==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -1729,8 +1859,11 @@ packages:
     resolution: {integrity: sha512-cXu86tF4VQVfwz8W1SPbhoRyHJkti6mjH/XJIxp40jhO4j2k1m4KYrEykxqWPkFF3vrK4rgQppBh//AwyGSXPA==}
     engines: {node: '>=18'}
 
-  '@napi-rs/wasm-runtime@1.1.1':
-    resolution: {integrity: sha512-p64ah1M1ld8xjWv3qbvFwHiFVWrq1yFvV4f7w+mzaqiR4IlSgkqhcRdHwsGgomwzBH51sRY4NEowLxnaBjcW/A==}
+  '@napi-rs/wasm-runtime@1.1.2':
+    resolution: {integrity: sha512-sNXv5oLJ7ob93xkZ1XnxisYhGYXfaG9f65/ZgYuAu3qt7b3NadcOEhLvx28hv31PgX8SZJRYrAIPQilQmFpLVw==}
+    peerDependencies:
+      '@emnapi/core': ^1.7.1
+      '@emnapi/runtime': ^1.7.1
 
   '@neondatabase/serverless@1.0.2':
     resolution: {integrity: sha512-I5sbpSIAHiB+b6UttofhrN/UJXII+4tZPAq1qugzwCwLIL8EZLV7F/JyHUrEIiGgQpEXzpnjlJ+zwcEhheGvCw==}
@@ -1848,6 +1981,9 @@ packages:
   '@oxc-project/types@0.120.0':
     resolution: {integrity: sha512-k1YNu55DuvAip/MGE1FTsIuU3FUCn6v/ujG9V7Nq5Df/kX2CWb13hhwD0lmJGMGqE+bE1MXvv9SZVnMzEXlWcg==}
 
+  '@oxc-project/types@0.122.0':
+    resolution: {integrity: sha512-oLAl5kBpV4w69UtFZ9xqcmTi+GENWOcPF7FCrczTiBbmC0ibXxCwyvZGbO39rCVEuLGAZM84DH0pUIyyv/YJzA==}
+
   '@parcel/watcher-android-arm64@2.5.6':
     resolution: {integrity: sha512-YQxSS34tPF/6ZG7r/Ih9xy+kP/WwediEUsqmtf0cuCV5TPPKw/PQHRhueUo6JdeFJaqV3pyjm0GdYjZotbRt/A==}
     engines: {node: '>= 10.0.0'}
@@ -1936,41 +2072,86 @@ packages:
     resolution: {integrity: sha512-tmmZ3lQxAe/k/+rNnXQRawJ4NjxO2hqiOLTHvWchtGZULp4RyFeh6aU4XdOYBFe2KE1oShQTv4AblOs2iOrNnQ==}
     engines: {node: '>= 10.0.0'}
 
+  '@pinojs/redact@0.4.0':
+    resolution: {integrity: sha512-k2ENnmBugE/rzQfEcdWHcCY+/FM3VLzH9cYEsbdsoqrvzAKRhUZeRNhAZvB8OitQJ1TBed3yqWtdjzS6wJKBwg==}
+
   '@playwright/test@1.58.2':
     resolution: {integrity: sha512-akea+6bHYBBfA9uQqSYmlJXn61cTa+jbO87xVLCWbTqbWadRVmhxlXATaOjOgcBaWU4ePo0wB41KMFv3o35IXA==}
     engines: {node: '>=18'}
     hasBin: true
 
+  '@poppinss/colors@4.1.6':
+    resolution: {integrity: sha512-H9xkIdFswbS8n1d6vmRd8+c10t2Qe+rZITbbDHHkQixH5+2x1FDGmi/0K+WgWiqQFKPSlIYB7jlH6Kpfn6Fleg==}
+
+  '@poppinss/dumper@0.6.5':
+    resolution: {integrity: sha512-NBdYIb90J7LfOI32dOewKI1r7wnkiH6m920puQ3qHUeZkxNkQiFnXVWoE6YtFSv6QOiPPf7ys6i+HWWecDz7sw==}
+
+  '@poppinss/exception@1.2.3':
+    resolution: {integrity: sha512-dCED+QRChTVatE9ibtoaxc+WkdzOSjYTKi/+uacHWIsfodVfpsueo3+DKpgU5Px8qXjgmXkSvhXvSCz3fnP9lw==}
+
+  '@quansync/fs@1.0.0':
+    resolution: {integrity: sha512-4TJ3DFtlf1L5LDMaM6CanJ/0lckGNtJcMjQ1NAV6zDmA0tEHKZtxNKin8EgPaVX1YzljbxckyT2tJrpQKAtngQ==}
+
   '@rolldown/binding-android-arm64@1.0.0-rc.10':
     resolution: {integrity: sha512-jOHxwXhxmFKuXztiu1ORieJeTbx5vrTkcOkkkn2d35726+iwhrY1w/+nYY/AGgF12thg33qC3R1LMBF5tHTZHg==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [android]
 
+  '@rolldown/binding-android-arm64@1.0.0-rc.12':
+    resolution: {integrity: sha512-pv1y2Fv0JybcykuiiD3qBOBdz6RteYojRFY1d+b95WVuzx211CRh+ytI/+9iVyWQ6koTh5dawe4S/yRfOFjgaA==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [arm64]
+    os: [android]
+
   '@rolldown/binding-darwin-arm64@1.0.0-rc.10':
     resolution: {integrity: sha512-gED05Teg/vtTZbIJBc4VNMAxAFDUPkuO/rAIyyxZjTj1a1/s6z5TII/5yMGZ0uLRCifEtwUQn8OlYzuYc0m70w==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [darwin]
 
+  '@rolldown/binding-darwin-arm64@1.0.0-rc.12':
+    resolution: {integrity: sha512-cFYr6zTG/3PXXF3pUO+umXxt1wkRK/0AYT8lDwuqvRC+LuKYWSAQAQZjCWDQpAH172ZV6ieYrNnFzVVcnSflAg==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [arm64]
+    os: [darwin]
+
   '@rolldown/binding-darwin-x64@1.0.0-rc.10':
     resolution: {integrity: sha512-rI15NcM1mA48lqrIxVkHfAqcyFLcQwyXWThy+BQ5+mkKKPvSO26ir+ZDp36AgYoYVkqvMcdS8zOE6SeBsR9e8A==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [x64]
     os: [darwin]
 
+  '@rolldown/binding-darwin-x64@1.0.0-rc.12':
+    resolution: {integrity: sha512-ZCsYknnHzeXYps0lGBz8JrF37GpE9bFVefrlmDrAQhOEi4IOIlcoU1+FwHEtyXGx2VkYAvhu7dyBf75EJQffBw==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [x64]
+    os: [darwin]
+
   '@rolldown/binding-freebsd-x64@1.0.0-rc.10':
     resolution: {integrity: sha512-XZRXHdTa+4ME1MuDVp021+doQ+z6Ei4CCFmNc5/sKbqb8YmkiJdj8QKlV3rCI0AJtAeSB5n0WGPuJWNL9p/L2w==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [x64]
     os: [freebsd]
 
+  '@rolldown/binding-freebsd-x64@1.0.0-rc.12':
+    resolution: {integrity: sha512-dMLeprcVsyJsKolRXyoTH3NL6qtsT0Y2xeuEA8WQJquWFXkEC4bcu1rLZZSnZRMtAqwtrF/Ib9Ddtpa/Gkge9Q==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [x64]
+    os: [freebsd]
+
   '@rolldown/binding-linux-arm-gnueabihf@1.0.0-rc.10':
     resolution: {integrity: sha512-R0SQMRluISSLzFE20sPWYHVmJdDQnRyc/FzSCN72BqQmh2SOZUFG+N3/vBZpR4C6WpEUVYJLrYUXaj43sJsNLA==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm]
     os: [linux]
 
+  '@rolldown/binding-linux-arm-gnueabihf@1.0.0-rc.12':
+    resolution: {integrity: sha512-YqWjAgGC/9M1lz3GR1r1rP79nMgo3mQiiA+Hfo+pvKFK1fAJ1bCi0ZQVh8noOqNacuY1qIcfyVfP6HoyBRZ85Q==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [arm]
+    os: [linux]
+
   '@rolldown/binding-linux-arm64-gnu@1.0.0-rc.10':
     resolution: {integrity: sha512-Y1reMrV/o+cwpduYhJuOE3OMKx32RMYCidf14y+HssARRmhDuWXJ4yVguDg2R/8SyyGNo+auzz64LnPK9Hq6jg==}
     engines: {node: ^20.19.0 || >=22.12.0}
@@ -1978,6 +2159,13 @@ packages:
     os: [linux]
     libc: [glibc]
 
+  '@rolldown/binding-linux-arm64-gnu@1.0.0-rc.12':
+    resolution: {integrity: sha512-/I5AS4cIroLpslsmzXfwbe5OmWvSsrFuEw3mwvbQ1kDxJ822hFHIx+vsN/TAzNVyepI/j/GSzrtCIwQPeKCLIg==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [arm64]
+    os: [linux]
+    libc: [glibc]
+
   '@rolldown/binding-linux-arm64-musl@1.0.0-rc.10':
     resolution: {integrity: sha512-vELN+HNb2IzuzSBUOD4NHmP9yrGwl1DVM29wlQvx1OLSclL0NgVWnVDKl/8tEks79EFek/kebQKnNJkIAA4W2g==}
     engines: {node: ^20.19.0 || >=22.12.0}
@@ -1985,6 +2173,13 @@ packages:
     os: [linux]
     libc: [musl]
 
+  '@rolldown/binding-linux-arm64-musl@1.0.0-rc.12':
+    resolution: {integrity: sha512-V6/wZztnBqlx5hJQqNWwFdxIKN0m38p8Jas+VoSfgH54HSj9tKTt1dZvG6JRHcjh6D7TvrJPWFGaY9UBVOaWPw==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [arm64]
+    os: [linux]
+    libc: [musl]
+
   '@rolldown/binding-linux-ppc64-gnu@1.0.0-rc.10':
     resolution: {integrity: sha512-ZqrufYTgzxbHwpqOjzSsb0UV/aV2TFIY5rP8HdsiPTv/CuAgCRjM6s9cYFwQ4CNH+hf9Y4erHW1GjZuZ7WoI7w==}
     engines: {node: ^20.19.0 || >=22.12.0}
@@ -1992,6 +2187,13 @@ packages:
     os: [linux]
     libc: [glibc]
 
+  '@rolldown/binding-linux-ppc64-gnu@1.0.0-rc.12':
+    resolution: {integrity: sha512-AP3E9BpcUYliZCxa3w5Kwj9OtEVDYK6sVoUzy4vTOJsjPOgdaJZKFmN4oOlX0Wp0RPV2ETfmIra9x1xuayFB7g==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [ppc64]
+    os: [linux]
+    libc: [glibc]
+
   '@rolldown/binding-linux-s390x-gnu@1.0.0-rc.10':
     resolution: {integrity: sha512-gSlmVS1FZJSRicA6IyjoRoKAFK7IIHBs7xJuHRSmjImqk3mPPWbR7RhbnfH2G6bcmMEllCt2vQ/7u9e6bBnByg==}
     engines: {node: ^20.19.0 || >=22.12.0}
@@ -1999,6 +2201,13 @@ packages:
     os: [linux]
     libc: [glibc]
 
+  '@rolldown/binding-linux-s390x-gnu@1.0.0-rc.12':
+    resolution: {integrity: sha512-nWwpvUSPkoFmZo0kQazZYOrT7J5DGOJ/+QHHzjvNlooDZED8oH82Yg67HvehPPLAg5fUff7TfWFHQS8IV1n3og==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [s390x]
+    os: [linux]
+    libc: [glibc]
+
   '@rolldown/binding-linux-x64-gnu@1.0.0-rc.10':
     resolution: {integrity: sha512-eOCKUpluKgfObT2pHjztnaWEIbUabWzk3qPZ5PuacuPmr4+JtQG4k2vGTY0H15edaTnicgU428XW/IH6AimcQw==}
     engines: {node: ^20.19.0 || >=22.12.0}
@@ -2006,6 +2215,13 @@ packages:
     os: [linux]
     libc: [glibc]
 
+  '@rolldown/binding-linux-x64-gnu@1.0.0-rc.12':
+    resolution: {integrity: sha512-RNrafz5bcwRy+O9e6P8Z/OCAJW/A+qtBczIqVYwTs14pf4iV1/+eKEjdOUta93q2TsT/FI0XYDP3TCky38LMAg==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [x64]
+    os: [linux]
+    libc: [glibc]
+
   '@rolldown/binding-linux-x64-musl@1.0.0-rc.10':
     resolution: {integrity: sha512-Xdf2jQbfQowJnLcgYfD/m0Uu0Qj5OdxKallD78/IPPfzaiaI4KRAwZzHcKQ4ig1gtg1SuzC7jovNiM2TzQsBXA==}
     engines: {node: ^20.19.0 || >=22.12.0}
@@ -2013,32 +2229,65 @@ packages:
     os: [linux]
     libc: [musl]
 
+  '@rolldown/binding-linux-x64-musl@1.0.0-rc.12':
+    resolution: {integrity: sha512-Jpw/0iwoKWx3LJ2rc1yjFrj+T7iHZn2JDg1Yny1ma0luviFS4mhAIcd1LFNxK3EYu3DHWCps0ydXQ5i/rrJ2ig==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [x64]
+    os: [linux]
+    libc: [musl]
+
   '@rolldown/binding-openharmony-arm64@1.0.0-rc.10':
     resolution: {integrity: sha512-o1hYe8hLi1EY6jgPFyxQgQ1wcycX+qz8eEbVmot2hFkgUzPxy9+kF0u0NIQBeDq+Mko47AkaFFaChcvZa9UX9Q==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [openharmony]
 
+  '@rolldown/binding-openharmony-arm64@1.0.0-rc.12':
+    resolution: {integrity: sha512-vRugONE4yMfVn0+7lUKdKvN4D5YusEiPilaoO2sgUWpCvrncvWgPMzK00ZFFJuiPgLwgFNP5eSiUlv2tfc+lpA==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [arm64]
+    os: [openharmony]
+
   '@rolldown/binding-wasm32-wasi@1.0.0-rc.10':
     resolution: {integrity: sha512-Ugv9o7qYJudqQO5Y5y2N2SOo6S4WiqiNOpuQyoPInnhVzCY+wi/GHltcLHypG9DEUYMB0iTB/huJrpadiAcNcA==}
     engines: {node: '>=14.0.0'}
     cpu: [wasm32]
 
+  '@rolldown/binding-wasm32-wasi@1.0.0-rc.12':
+    resolution: {integrity: sha512-ykGiLr/6kkiHc0XnBfmFJuCjr5ZYKKofkx+chJWDjitX+KsJuAmrzWhwyOMSHzPhzOHOy7u9HlFoa5MoAOJ/Zg==}
+    engines: {node: '>=14.0.0'}
+    cpu: [wasm32]
+
   '@rolldown/binding-win32-arm64-msvc@1.0.0-rc.10':
     resolution: {integrity: sha512-7UODQb4fQUNT/vmgDZBl3XOBAIOutP5R3O/rkxg0aLfEGQ4opbCgU5vOw/scPe4xOqBwL9fw7/RP1vAMZ6QlAQ==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [win32]
 
+  '@rolldown/binding-win32-arm64-msvc@1.0.0-rc.12':
+    resolution: {integrity: sha512-5eOND4duWkwx1AzCxadcOrNeighiLwMInEADT0YM7xeEOOFcovWZCq8dadXgcRHSf3Ulh1kFo/qvzoFiCLOL1Q==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [arm64]
+    os: [win32]
+
   '@rolldown/binding-win32-x64-msvc@1.0.0-rc.10':
     resolution: {integrity: sha512-PYxKHMVHOb5NJuDL53vBUl1VwUjymDcYI6rzpIni0C9+9mTiJedvUxSk7/RPp7OOAm3v+EjgMu9bIy3N6b408w==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [x64]
     os: [win32]
 
+  '@rolldown/binding-win32-x64-msvc@1.0.0-rc.12':
+    resolution: {integrity: sha512-PyqoipaswDLAZtot351MLhrlrh6lcZPo2LSYE+VDxbVk24LVKAGOuE4hb8xZQmrPAuEtTZW8E6D2zc5EUZX4Lw==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    cpu: [x64]
+    os: [win32]
+
   '@rolldown/pluginutils@1.0.0-rc.10':
     resolution: {integrity: sha512-UkVDEFk1w3mveXeKgaTuYfKWtPbvgck1dT8TUG3bnccrH0XtLTuAyfCoks4Q/M5ZGToSVJTIQYCzy2g/atAOeg==}
 
+  '@rolldown/pluginutils@1.0.0-rc.12':
+    resolution: {integrity: sha512-HHMwmarRKvoFsJorqYlFeFRzXZqCt2ETQlEDOb9aqssrnVBB1/+xgTGtuTrIk5vzLNX1MjMtTf7W9z3tsSbrxw==}
+
   '@schummar/icu-type-parser@1.21.5':
     resolution: {integrity: sha512-bXHSaW5jRTmke9Vd0h5P7BtWZG9Znqb8gSDxZnxaGSJnGwPLDPfS+3g0BKzeWqzgZPsIVZkM7m2tbo18cm5HBw==}
 
@@ -2053,62 +2302,281 @@ packages:
     resolution: {integrity: sha512-KxXvfapcixpz6rVEB6HPjOUZT22yN6v0vI0urQSk1L8MlEWPDFCZkhw2xmkyoTGYeFw7tWTZd7e3lVzRZRN/EA==}
     engines: {node: '>=18'}
 
+  '@sindresorhus/is@7.2.0':
+    resolution: {integrity: sha512-P1Cz1dWaFfR4IR+U13mqqiGsLFf1KbayybWwdd2vfctdV6hDpUkgCY0nKOLLTMSoRd/jJNjtbqzf13K8DCCXQw==}
+    engines: {node: '>=18'}
+
   '@sindresorhus/merge-streams@4.0.0':
     resolution: {integrity: sha512-tlqY9xq5ukxTUZBmoOp+m61cqwQD5pHJtFY3Mn8CA8ps6yghLH/Hw8UPdqg4OLmFW3IFlcXnQNmo/dh8HzXYIQ==}
     engines: {node: '>=18'}
 
-  '@standard-schema/spec@1.1.0':
-    resolution: {integrity: sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==}
+  '@smithy/chunked-blob-reader-native@4.2.3':
+    resolution: {integrity: sha512-jA5k5Udn7Y5717L86h4EIv06wIr3xn8GM1qHRi/Nf31annXcXHJjBKvgztnbn2TxH3xWrPBfgwHsOwZf0UmQWw==}
+    engines: {node: '>=18.0.0'}
 
-  '@swc/core-darwin-arm64@1.15.21':
-    resolution: {integrity: sha512-SA8SFg9dp0qKRH8goWsax6bptFE2EdmPf2YRAQW9WoHGf3XKM1bX0nd5UdwxmC5hXsBUZAYf7xSciCler6/oyA==}
-    engines: {node: '>=10'}
-    cpu: [arm64]
-    os: [darwin]
+  '@smithy/chunked-blob-reader@5.2.2':
+    resolution: {integrity: sha512-St+kVicSyayWQca+I1rGitaOEH6uKgE8IUWoYnnEX26SWdWQcL6LvMSD19Lg+vYHKdT9B2Zuu7rd3i6Wnyb/iw==}
+    engines: {node: '>=18.0.0'}
 
-  '@swc/core-darwin-x64@1.15.21':
-    resolution: {integrity: sha512-//fOVntgowz9+V90lVsNCtyyrtbHp3jWH6Rch7MXHXbcvbLmbCTmssl5DeedUWLLGiAAW1wksBdqdGYOTjaNLw==}
-    engines: {node: '>=10'}
-    cpu: [x64]
-    os: [darwin]
+  '@smithy/config-resolver@4.4.13':
+    resolution: {integrity: sha512-iIzMC5NmOUP6WL6o8iPBjFhUhBZ9pPjpUpQYWMUFQqKyXXzOftbfK8zcQCz/jFV1Psmf05BK5ypx4K2r4Tnwdg==}
+    engines: {node: '>=18.0.0'}
 
-  '@swc/core-linux-arm-gnueabihf@1.15.21':
-    resolution: {integrity: sha512-meNI4Sh6h9h8DvIfEc0l5URabYMSuNvyisLmG6vnoYAS43s8ON3NJR8sDHvdP7NJTrLe0q/x2XCn6yL/BeHcZg==}
-    engines: {node: '>=10'}
-    cpu: [arm]
-    os: [linux]
+  '@smithy/core@3.23.13':
+    resolution: {integrity: sha512-J+2TT9D6oGsUVXVEMvz8h2EmdVnkBiy2auCie4aSJMvKlzUtO5hqjEzXhoCUkIMo7gAYjbQcN0g/MMSXEhDs1Q==}
+    engines: {node: '>=18.0.0'}
 
-  '@swc/core-linux-arm64-gnu@1.15.21':
-    resolution: {integrity: sha512-QrXlNQnHeXqU2EzLlnsPoWEh8/GtNJLvfMiPsDhk+ht6Xv8+vhvZ5YZ/BokNWSIZiWPKLAqR0M7T92YF5tmD3g==}
-    engines: {node: '>=10'}
-    cpu: [arm64]
-    os: [linux]
-    libc: [glibc]
+  '@smithy/credential-provider-imds@4.2.12':
+    resolution: {integrity: sha512-cr2lR792vNZcYMriSIj+Um3x9KWrjcu98kn234xA6reOAFMmbRpQMOv8KPgEmLLtx3eldU6c5wALKFqNOhugmg==}
+    engines: {node: '>=18.0.0'}
 
-  '@swc/core-linux-arm64-musl@1.15.21':
-    resolution: {integrity: sha512-8/yGCMO333ultDaMQivE5CjO6oXDPeeg1IV4sphojPkb0Pv0i6zvcRIkgp60xDB+UxLr6VgHgt+BBgqS959E9g==}
-    engines: {node: '>=10'}
-    cpu: [arm64]
-    os: [linux]
-    libc: [musl]
+  '@smithy/eventstream-codec@4.2.12':
+    resolution: {integrity: sha512-FE3bZdEl62ojmy8x4FHqxq2+BuOHlcxiH5vaZ6aqHJr3AIZzwF5jfx8dEiU/X0a8RboyNDjmXjlbr8AdEyLgiA==}
+    engines: {node: '>=18.0.0'}
 
-  '@swc/core-linux-ppc64-gnu@1.15.21':
-    resolution: {integrity: sha512-ucW0HzPx0s1dgRvcvuLSPSA/2Kk/VYTv9st8qe1Kc22Gu0Q0rH9+6TcBTmMuNIp0Xs4BPr1uBttmbO1wEGI49Q==}
-    engines: {node: '>=10'}
-    cpu: [ppc64]
-    os: [linux]
-    libc: [glibc]
+  '@smithy/eventstream-serde-browser@4.2.12':
+    resolution: {integrity: sha512-XUSuMxlTxV5pp4VpqZf6Sa3vT/Q75FVkLSpSSE3KkWBvAQWeuWt1msTv8fJfgA4/jcJhrbrbMzN1AC/hvPmm5A==}
+    engines: {node: '>=18.0.0'}
 
-  '@swc/core-linux-s390x-gnu@1.15.21':
-    resolution: {integrity: sha512-ulTnOGc5I7YRObE/9NreAhQg94QkiR5qNhhcUZ1iFAYjzg/JGAi1ch+s/Ixe61pMIr8bfVrF0NOaB0f8wjaAfA==}
-    engines: {node: '>=10'}
-    cpu: [s390x]
-    os: [linux]
-    libc: [glibc]
+  '@smithy/eventstream-serde-config-resolver@4.3.12':
+    resolution: {integrity: sha512-7epsAZ3QvfHkngz6RXQYseyZYHlmWXSTPOfPmXkiS+zA6TBNo1awUaMFL9vxyXlGdoELmCZyZe1nQE+imbmV+Q==}
+    engines: {node: '>=18.0.0'}
 
-  '@swc/core-linux-x64-gnu@1.15.21':
-    resolution: {integrity: sha512-D0RokxtM+cPvSqJIKR6uja4hbD+scI9ezo95mBhfSyLUs9wnPPl26sLp1ZPR/EXRdYm3F3S6RUtVi+8QXhT24Q==}
-    engines: {node: '>=10'}
+  '@smithy/eventstream-serde-node@4.2.12':
+    resolution: {integrity: sha512-D1pFuExo31854eAvg89KMn9Oab/wEeJR6Buy32B49A9Ogdtx5fwZPqBHUlDzaCDpycTFk2+fSQgX689Qsk7UGA==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/eventstream-serde-universal@4.2.12':
+    resolution: {integrity: sha512-+yNuTiyBACxOJUTvbsNsSOfH9G9oKbaJE1lNL3YHpGcuucl6rPZMi3nrpehpVOVR2E07YqFFmtwpImtpzlouHQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/fetch-http-handler@5.3.15':
+    resolution: {integrity: sha512-T4jFU5N/yiIfrtrsb9uOQn7RdELdM/7HbyLNr6uO/mpkj1ctiVs7CihVr51w4LyQlXWDpXFn4BElf1WmQvZu/A==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/hash-blob-browser@4.2.13':
+    resolution: {integrity: sha512-YrF4zWKh+ghLuquldj6e/RzE3xZYL8wIPfkt0MqCRphVICjyyjH8OwKD7LLlKpVEbk4FLizFfC1+gwK6XQdR3g==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/hash-node@4.2.12':
+    resolution: {integrity: sha512-QhBYbGrbxTkZ43QoTPrK72DoYviDeg6YKDrHTMJbbC+A0sml3kSjzFtXP7BtbyJnXojLfTQldGdUR0RGD8dA3w==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/hash-stream-node@4.2.12':
+    resolution: {integrity: sha512-O3YbmGExeafuM/kP7Y8r6+1y0hIh3/zn6GROx0uNlB54K9oihAL75Qtc+jFfLNliTi6pxOAYZrRKD9A7iA6UFw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/invalid-dependency@4.2.12':
+    resolution: {integrity: sha512-/4F1zb7Z8LOu1PalTdESFHR0RbPwHd3FcaG1sI3UEIriQTWakysgJr65lc1jj6QY5ye7aFsisajotH6UhWfm/g==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/is-array-buffer@2.2.0':
+    resolution: {integrity: sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==}
+    engines: {node: '>=14.0.0'}
+
+  '@smithy/is-array-buffer@4.2.2':
+    resolution: {integrity: sha512-n6rQ4N8Jj4YTQO3YFrlgZuwKodf4zUFs7EJIWH86pSCWBaAtAGBFfCM7Wx6D2bBJ2xqFNxGBSrUWswT3M0VJow==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/md5-js@4.2.12':
+    resolution: {integrity: sha512-W/oIpHCpWU2+iAkfZYyGWE+qkpuf3vEXHLxQQDx9FPNZTTdnul0dZ2d/gUFrtQ5je1G2kp4cjG0/24YueG2LbQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/middleware-content-length@4.2.12':
+    resolution: {integrity: sha512-YE58Yz+cvFInWI/wOTrB+DbvUVz/pLn5mC5MvOV4fdRUc6qGwygyngcucRQjAhiCEbmfLOXX0gntSIcgMvAjmA==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/middleware-endpoint@4.4.28':
+    resolution: {integrity: sha512-p1gfYpi91CHcs5cBq982UlGlDrxoYUX6XdHSo91cQ2KFuz6QloHosO7Jc60pJiVmkWrKOV8kFYlGFFbQ2WUKKQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/middleware-retry@4.4.46':
+    resolution: {integrity: sha512-SpvWNNOPOrKQGUqZbEPO+es+FRXMWvIyzUKUOYdDgdlA6BdZj/R58p4umoQ76c2oJC44PiM7mKizyyex1IJzow==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/middleware-serde@4.2.16':
+    resolution: {integrity: sha512-beqfV+RZ9RSv+sQqor3xroUUYgRFCGRw6niGstPG8zO9LgTl0B0MCucxjmrH/2WwksQN7UUgI7KNANoZv+KALA==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/middleware-stack@4.2.12':
+    resolution: {integrity: sha512-kruC5gRHwsCOuyCd4ouQxYjgRAym2uDlCvQ5acuMtRrcdfg7mFBg6blaxcJ09STpt3ziEkis6bhg1uwrWU7txw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/node-config-provider@4.3.12':
+    resolution: {integrity: sha512-tr2oKX2xMcO+rBOjobSwVAkV05SIfUKz8iI53rzxEmgW3GOOPOv0UioSDk+J8OpRQnpnhsO3Af6IEBabQBVmiw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/node-http-handler@4.5.1':
+    resolution: {integrity: sha512-ejjxdAXjkPIs9lyYyVutOGNOraqUE9v/NjGMKwwFrfOM354wfSD8lmlj8hVwUzQmlLLF4+udhfCX9Exnbmvfzw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/property-provider@4.2.12':
+    resolution: {integrity: sha512-jqve46eYU1v7pZ5BM+fmkbq3DerkSluPr5EhvOcHxygxzD05ByDRppRwRPPpFrsFo5yDtCYLKu+kreHKVrvc7A==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/protocol-http@5.3.12':
+    resolution: {integrity: sha512-fit0GZK9I1xoRlR4jXmbLhoN0OdEpa96ul8M65XdmXnxXkuMxM0Y8HDT0Fh0Xb4I85MBvBClOzgSrV1X2s1Hxw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/querystring-builder@4.2.12':
+    resolution: {integrity: sha512-6wTZjGABQufekycfDGMEB84BgtdOE/rCVTov+EDXQ8NHKTUNIp/j27IliwP7tjIU9LR+sSzyGBOXjeEtVgzCHg==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/querystring-parser@4.2.12':
+    resolution: {integrity: sha512-P2OdvrgiAKpkPNKlKUtWbNZKB1XjPxM086NeVhK+W+wI46pIKdWBe5QyXvhUm3MEcyS/rkLvY8rZzyUdmyDZBw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/service-error-classification@4.2.12':
+    resolution: {integrity: sha512-LlP29oSQN0Tw0b6D0Xo6BIikBswuIiGYbRACy5ujw/JgWSzTdYj46U83ssf6Ux0GyNJVivs2uReU8pt7Eu9okQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/shared-ini-file-loader@4.4.7':
+    resolution: {integrity: sha512-HrOKWsUb+otTeo1HxVWeEb99t5ER1XrBi/xka2Wv6NVmTbuCUC1dvlrksdvxFtODLBjsC+PHK+fuy2x/7Ynyiw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/signature-v4@5.3.12':
+    resolution: {integrity: sha512-B/FBwO3MVOL00DaRSXfXfa/TRXRheagt/q5A2NM13u7q+sHS59EOVGQNfG7DkmVtdQm5m3vOosoKAXSqn/OEgw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/smithy-client@4.12.8':
+    resolution: {integrity: sha512-aJaAX7vHe5i66smoSSID7t4rKY08PbD8EBU7DOloixvhOozfYWdcSYE4l6/tjkZ0vBZhGjheWzB2mh31sLgCMA==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/types@4.13.1':
+    resolution: {integrity: sha512-787F3yzE2UiJIQ+wYW1CVg2odHjmaWLGksnKQHUrK/lYZSEcy1msuLVvxaR/sI2/aDe9U+TBuLsXnr3vod1g0g==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/url-parser@4.2.12':
+    resolution: {integrity: sha512-wOPKPEpso+doCZGIlr+e1lVI6+9VAKfL4kZWFgzVgGWY2hZxshNKod4l2LXS3PRC9otH/JRSjtEHqQ/7eLciRA==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-base64@4.3.2':
+    resolution: {integrity: sha512-XRH6b0H/5A3SgblmMa5ErXQ2XKhfbQB+Fm/oyLZ2O2kCUrwgg55bU0RekmzAhuwOjA9qdN5VU2BprOvGGUkOOQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-body-length-browser@4.2.2':
+    resolution: {integrity: sha512-JKCrLNOup3OOgmzeaKQwi4ZCTWlYR5H4Gm1r2uTMVBXoemo1UEghk5vtMi1xSu2ymgKVGW631e2fp9/R610ZjQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-body-length-node@4.2.3':
+    resolution: {integrity: sha512-ZkJGvqBzMHVHE7r/hcuCxlTY8pQr1kMtdsVPs7ex4mMU+EAbcXppfo5NmyxMYi2XU49eqaz56j2gsk4dHHPG/g==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-buffer-from@2.2.0':
+    resolution: {integrity: sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==}
+    engines: {node: '>=14.0.0'}
+
+  '@smithy/util-buffer-from@4.2.2':
+    resolution: {integrity: sha512-FDXD7cvUoFWwN6vtQfEta540Y/YBe5JneK3SoZg9bThSoOAC/eGeYEua6RkBgKjGa/sz6Y+DuBZj3+YEY21y4Q==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-config-provider@4.2.2':
+    resolution: {integrity: sha512-dWU03V3XUprJwaUIFVv4iOnS1FC9HnMHDfUrlNDSh4315v0cWyaIErP8KiqGVbf5z+JupoVpNM7ZB3jFiTejvQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-defaults-mode-browser@4.3.44':
+    resolution: {integrity: sha512-eZg6XzaCbVr2S5cAErU5eGBDaOVTuTo1I65i4tQcHENRcZ8rMWhQy1DaIYUSLyZjsfXvmCqZrstSMYyGFocvHA==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-defaults-mode-node@4.2.48':
+    resolution: {integrity: sha512-FqOKTlqSaoV3nzO55pMs5NBnZX8EhoI0DGmn9kbYeXWppgHD6dchyuj2HLqp4INJDJbSrj6OFYJkAh/WhSzZPg==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-endpoints@3.3.3':
+    resolution: {integrity: sha512-VACQVe50j0HZPjpwWcjyT51KUQ4AnsvEaQ2lKHOSL4mNLD0G9BjEniQ+yCt1qqfKfiAHRAts26ud7hBjamrwig==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-hex-encoding@4.2.2':
+    resolution: {integrity: sha512-Qcz3W5vuHK4sLQdyT93k/rfrUwdJ8/HZ+nMUOyGdpeGA1Wxt65zYwi3oEl9kOM+RswvYq90fzkNDahPS8K0OIg==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-middleware@4.2.12':
+    resolution: {integrity: sha512-Er805uFUOvgc0l8nv0e0su0VFISoxhJ/AwOn3gL2NWNY2LUEldP5WtVcRYSQBcjg0y9NfG8JYrCJaYDpupBHJQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-retry@4.2.13':
+    resolution: {integrity: sha512-qQQsIvL0MGIbUjeSrg0/VlQ3jGNKyM3/2iU3FPNgy01z+Sp4OvcaxbgIoFOTvB61ZoohtutuOvOcgmhbD0katQ==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-stream@4.5.21':
+    resolution: {integrity: sha512-KzSg+7KKywLnkoKejRtIBXDmwBfjGvg1U1i/etkC7XSWUyFCoLno1IohV2c74IzQqdhX5y3uE44r/8/wuK+A7Q==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-uri-escape@4.2.2':
+    resolution: {integrity: sha512-2kAStBlvq+lTXHyAZYfJRb/DfS3rsinLiwb+69SstC9Vb0s9vNWkRwpnj918Pfi85mzi42sOqdV72OLxWAISnw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-utf8@2.3.0':
+    resolution: {integrity: sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==}
+    engines: {node: '>=14.0.0'}
+
+  '@smithy/util-utf8@4.2.2':
+    resolution: {integrity: sha512-75MeYpjdWRe8M5E3AW0O4Cx3UadweS+cwdXjwYGBW5h/gxxnbeZ877sLPX/ZJA9GVTlL/qG0dXP29JWFCD1Ayw==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/util-waiter@4.2.14':
+    resolution: {integrity: sha512-2zqq5o/oizvMaFUlNiTyZ7dbgYv1a893aGut2uaxtbzTx/VYYnRxWzDHuD/ftgcw94ffenua+ZNLrbqwUYE+Bg==}
+    engines: {node: '>=18.0.0'}
+
+  '@smithy/uuid@1.1.2':
+    resolution: {integrity: sha512-O/IEdcCUKkubz60tFbGA7ceITTAJsty+lBjNoorP4Z6XRqaFb/OjQjZODophEcuq68nKm6/0r+6/lLQ+XVpk8g==}
+    engines: {node: '>=18.0.0'}
+
+  '@speed-highlight/core@1.2.15':
+    resolution: {integrity: sha512-BMq1K3DsElxDWawkX6eLg9+CKJrTVGCBAWVuHXVUV2u0s2711qiChLSId6ikYPfxhdYocLNt3wWwSvDiTvFabw==}
+
+  '@standard-schema/spec@1.1.0':
+    resolution: {integrity: sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==}
+
+  '@swc/core-darwin-arm64@1.15.21':
+    resolution: {integrity: sha512-SA8SFg9dp0qKRH8goWsax6bptFE2EdmPf2YRAQW9WoHGf3XKM1bX0nd5UdwxmC5hXsBUZAYf7xSciCler6/oyA==}
+    engines: {node: '>=10'}
+    cpu: [arm64]
+    os: [darwin]
+
+  '@swc/core-darwin-x64@1.15.21':
+    resolution: {integrity: sha512-//fOVntgowz9+V90lVsNCtyyrtbHp3jWH6Rch7MXHXbcvbLmbCTmssl5DeedUWLLGiAAW1wksBdqdGYOTjaNLw==}
+    engines: {node: '>=10'}
+    cpu: [x64]
+    os: [darwin]
+
+  '@swc/core-linux-arm-gnueabihf@1.15.21':
+    resolution: {integrity: sha512-meNI4Sh6h9h8DvIfEc0l5URabYMSuNvyisLmG6vnoYAS43s8ON3NJR8sDHvdP7NJTrLe0q/x2XCn6yL/BeHcZg==}
+    engines: {node: '>=10'}
+    cpu: [arm]
+    os: [linux]
+
+  '@swc/core-linux-arm64-gnu@1.15.21':
+    resolution: {integrity: sha512-QrXlNQnHeXqU2EzLlnsPoWEh8/GtNJLvfMiPsDhk+ht6Xv8+vhvZ5YZ/BokNWSIZiWPKLAqR0M7T92YF5tmD3g==}
+    engines: {node: '>=10'}
+    cpu: [arm64]
+    os: [linux]
+    libc: [glibc]
+
+  '@swc/core-linux-arm64-musl@1.15.21':
+    resolution: {integrity: sha512-8/yGCMO333ultDaMQivE5CjO6oXDPeeg1IV4sphojPkb0Pv0i6zvcRIkgp60xDB+UxLr6VgHgt+BBgqS959E9g==}
+    engines: {node: '>=10'}
+    cpu: [arm64]
+    os: [linux]
+    libc: [musl]
+
+  '@swc/core-linux-ppc64-gnu@1.15.21':
+    resolution: {integrity: sha512-ucW0HzPx0s1dgRvcvuLSPSA/2Kk/VYTv9st8qe1Kc22Gu0Q0rH9+6TcBTmMuNIp0Xs4BPr1uBttmbO1wEGI49Q==}
+    engines: {node: '>=10'}
+    cpu: [ppc64]
+    os: [linux]
+    libc: [glibc]
+
+  '@swc/core-linux-s390x-gnu@1.15.21':
+    resolution: {integrity: sha512-ulTnOGc5I7YRObE/9NreAhQg94QkiR5qNhhcUZ1iFAYjzg/JGAi1ch+s/Ixe61pMIr8bfVrF0NOaB0f8wjaAfA==}
+    engines: {node: '>=10'}
+    cpu: [s390x]
+    os: [linux]
+    libc: [glibc]
+
+  '@swc/core-linux-x64-gnu@1.15.21':
+    resolution: {integrity: sha512-D0RokxtM+cPvSqJIKR6uja4hbD+scI9ezo95mBhfSyLUs9wnPPl26sLp1ZPR/EXRdYm3F3S6RUtVi+8QXhT24Q==}
+    engines: {node: '>=10'}
     cpu: [x64]
     os: [linux]
     libc: [glibc]
@@ -2285,33 +2753,33 @@ packages:
   '@ts-morph/common@0.27.0':
     resolution: {integrity: sha512-Wf29UqxWDpc+i61k3oIOzcUfQt79PIT9y/MWfAGlrkjg6lBC1hwDECLXPVJAhWjiGbfBCxZd65F/LIZF3+jeJQ==}
 
-  '@turbo/darwin-64@2.8.21':
-    resolution: {integrity: sha512-kfGoM0Iw8ZNZpbds+4IzOe0hjvHldqJwUPRAjXJi3KBxg/QOZL95N893SRoMtf2aJ+jJ3dk32yPkp8rvcIjP9g==}
+  '@turbo/darwin-64@2.9.4':
+    resolution: {integrity: sha512-ZSlPqJ5Vqg/wgVw8P3AOVCIosnbBilOxLq7TMz3MN/9U46DUYfdG2jtfevNDufyxyrg98pcPs/GBgDRaaids6g==}
     cpu: [x64]
     os: [darwin]
 
-  '@turbo/darwin-arm64@2.8.21':
-    resolution: {integrity: sha512-o9HEflxUEyr987x0cTUzZBhDOyL6u95JmdmlkH2VyxAw7zq2sdtM5e72y9ufv2N5SIoOBw1fVn9UES5VY5H6vQ==}
+  '@turbo/darwin-arm64@2.9.4':
+    resolution: {integrity: sha512-9cjTWe4OiNlFMSRggPNh+TJlRs7MS5FWrHc96MOzft5vESWjjpvaadYPv5ykDW7b45mVHOF2U/W+48LoX9USWw==}
     cpu: [arm64]
     os: [darwin]
 
-  '@turbo/linux-64@2.8.21':
-    resolution: {integrity: sha512-uTxlCcXWy5h1fSSymP8XSJ+AudzEHMDV3IDfKX7+DGB8kgJ+SLoTUAH7z4OFA7I/l2sznz0upPdbNNZs91YMag==}
+  '@turbo/linux-64@2.9.4':
+    resolution: {integrity: sha512-Cl1GjxqBXQ+r9KKowmXG+lhD1gclLp48/SE7NxL//66iaMytRw0uiphWGOkccD92iPiRjHLRUaA9lOTtgr5OCA==}
     cpu: [x64]
     os: [linux]
 
-  '@turbo/linux-arm64@2.8.21':
-    resolution: {integrity: sha512-cdHIcxNcihHHkCHp0Y4Zb60K4Qz+CK4xw1gb6s/t/9o4SMeMj+hTBCtoW6QpPnl9xPYmxuTou8Zw6+cylTnREg==}
+  '@turbo/linux-arm64@2.9.4':
+    resolution: {integrity: sha512-j2hPAKVmGNN2EsKigEWD+43y9m7zaPhNAs6ptsyfq0u7evHHBAXAwOfv86OEMg/gvC+pwGip0i1CIm1bR1vYug==}
     cpu: [arm64]
     os: [linux]
 
-  '@turbo/windows-64@2.8.21':
-    resolution: {integrity: sha512-/iBj4OzbqEY8CX+eaeKbBTMZv2CLXNrt0692F7HnK7LcyYwyDecaAiSET6ZzL4opT7sbwkKvzAC/fhqT3Quu1A==}
+  '@turbo/windows-64@2.9.4':
+    resolution: {integrity: sha512-1jWPjCe9ZRmsDTXE7uzqfySNQspnUx0g6caqvwps+k/sc+fm9hC/4zRQKlXZLbVmP3Xxp601Ju71boegHdnYGw==}
     cpu: [x64]
     os: [win32]
 
-  '@turbo/windows-arm64@2.8.21':
-    resolution: {integrity: sha512-95tMA/ZbIidJFUUtkmqioQ1gf3n3I1YbRP3ZgVdWTVn2qVbkodcIdGXBKRHHrIbRsLRl99SiHi/L7IxhpZDagQ==}
+  '@turbo/windows-arm64@2.9.4':
+    resolution: {integrity: sha512-dlko15TQVu/BFYmIY018Y3covWMRQlUgAkD+OOk+Rokcfj6VY02Vv4mCfT/Zns6B4q8jGbOd6IZhnCFYsE8Viw==}
     cpu: [arm64]
     os: [win32]
 
@@ -2327,6 +2795,9 @@ packages:
   '@types/estree@1.0.8':
     resolution: {integrity: sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==}
 
+  '@types/jsesc@2.5.1':
+    resolution: {integrity: sha512-9VN+6yxLOPLOav+7PwjZbxiID2bVaeq0ED4qSQmdQTdjnXJSaCVKTR58t15oqH1H5t8Ng2ZX1SabJVoN9Q34bw==}
+
   '@types/node@22.19.15':
     resolution: {integrity: sha512-F0R/h2+dsy5wJAUe3tAU6oqa2qbWY5TpNfL/RGmo1y38hiyO1w3x2jPtt76wmuaJI4DQnOBu21cNXQ2STIUUWg==}
 
@@ -2339,6 +2810,10 @@ packages:
   '@types/pg@8.20.0':
     resolution: {integrity: sha512-bEPFOaMAHTEP1EzpvHTbmwR8UsFyHSKsRisLIHVMXnpNefSbGA1bD6CVy+qKjGSqmZqNqBDV2azOBo8TgkcVow==}
 
+  '@types/pino@7.0.5':
+    resolution: {integrity: sha512-wKoab31pknvILkxAF8ss+v9iNyhw5Iu/0jLtRkUD74cNfOOLJNnqfFKAv0r7wVaTQxRZtWrMpGfShwwBjOcgcg==}
+    deprecated: This is a stub types definition. pino provides its own type definitions, so you do not need this installed.
+
   '@types/react-dom@19.2.3':
     resolution: {integrity: sha512-jp2L/eY6fn+KgVVQAOqYItbF0VY/YApe5Mz2F0aykSO8gx31bYCZyvSeYxCHKvzHG5eZjc+zyaS5BrBWya2+kQ==}
     peerDependencies:
@@ -2394,19 +2869,14 @@ packages:
   '@vitest/utils@4.1.0':
     resolution: {integrity: sha512-XfPXT6a8TZY3dcGY8EdwsBulFCIw+BeeX0RZn2x/BtiY/75YGh8FeWGG8QISN/WhaqSrE2OrlDgtF8q5uhOTmw==}
 
+  abort-controller@3.0.0:
+    resolution: {integrity: sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==}
+    engines: {node: '>=6.5'}
+
   accepts@2.0.0:
     resolution: {integrity: sha512-5cvg6CtKwfgdmVqY1WIiXKc3Q1bkRqGLi+2W/6ao+6Y7gu/RCwRuAhGEzh5B4KlszSuTLgZYuqFqo5bImjNKng==}
     engines: {node: '>= 0.6'}
 
-  acorn-walk@8.3.2:
-    resolution: {integrity: sha512-cjkyv4OtNCIeqhHrfS81QWXoCBPExR/J62oyEqepVw8WaQeSqpW2uhuLPh1m9eWhDuOo/jUXVTlifvesOWp/4A==}
-    engines: {node: '>=0.4.0'}
-
-  acorn@8.14.0:
-    resolution: {integrity: sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==}
-    engines: {node: '>=0.4.0'}
-    hasBin: true
-
   agent-base@7.1.4:
     resolution: {integrity: sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==}
     engines: {node: '>= 14'}
@@ -2442,27 +2912,39 @@ packages:
     resolution: {integrity: sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==}
     engines: {node: '>=12'}
 
+  ansis@4.2.0:
+    resolution: {integrity: sha512-HqZ5rWlFjGiV0tDm3UxxgNRqsOTniqoKZu0pIAfh7TZQMGuZK+hH0drySty0si0QXj1ieop4+SkSfPZBPPkHig==}
+    engines: {node: '>=14'}
+
   argparse@2.0.1:
     resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==}
 
   array-ify@1.0.0:
     resolution: {integrity: sha512-c5AMf34bKdvPhQ7tBGhqkgKNUzMr4WUs+WDtC2ZUGOUncbxKMTvqxYctiseW3+L4bA8ec+GcZ6/A/FW4m8ukng==}
 
-  as-table@1.0.55:
-    resolution: {integrity: sha512-xvsWESUJn0JN421Xb9MQw6AsMHRCUknCe0Wjlxvjud80mU4E6hQf1A6NzQKcYNmYw62MfzEtXc+badstZP3JpQ==}
-
   assertion-error@2.0.1:
     resolution: {integrity: sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==}
     engines: {node: '>=12'}
 
+  ast-kit@3.0.0-beta.1:
+    resolution: {integrity: sha512-trmleAnZ2PxN/loHWVhhx1qeOHSRXq4TDsBBxq3GqeJitfk3+jTQ+v/C1km/KYq9M7wKqCewMh+/NAvVH7m+bw==}
+    engines: {node: '>=20.19.0'}
+
   ast-types@0.16.1:
     resolution: {integrity: sha512-6t10qk83GOG8p0vKmaCr8eiilZwO171AvbROMtvvNiwrTly62t+7XkA8RdIIVbpMhCASAsxgAzdRSwh6nw/5Dg==}
     engines: {node: '>=4'}
 
+  atomic-sleep@1.0.0:
+    resolution: {integrity: sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==}
+    engines: {node: '>=8.0.0'}
+
   balanced-match@4.0.4:
     resolution: {integrity: sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==}
     engines: {node: 18 || 20 || >=22}
 
+  base64-js@1.5.1:
+    resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==}
+
   baseline-browser-mapping@2.10.10:
     resolution: {integrity: sha512-sUoJ3IMxx4AyRqO4MLeHlnGDkyXRoUG0/AI9fjK+vS72ekpV0yWVY7O0BVjmBcRtkNcsAO2QDZ4tdKKGoI6YaQ==}
     engines: {node: '>=6.0.0'}
@@ -2538,6 +3020,12 @@ packages:
       zod:
         optional: true
 
+  bignumber.js@9.3.1:
+    resolution: {integrity: sha512-Ko0uX15oIUS7wJ3Rb30Fs6SkVbLmPBAKdlm7q9+ak9bbIeFf0MwuBsQV6z7+X768/cHsfg+WlysDWJcmthjsjQ==}
+
+  birpc@4.0.0:
+    resolution: {integrity: sha512-LShSxJP0KTmd101b6DRyGBj57LZxSDYWKitQNW/mi8GRMvZb078Uf9+pveax1DrVL89vm7mWe+TovdI/UDOuPw==}
+
   blake3-wasm@2.1.5:
     resolution: {integrity: sha512-F1+K8EbfOZE49dtoPtmxUQrpXaBIl3ICvasLh+nJta0xkz+9kF/7uet9fLnwKqhDrmj6g+6K3Tw9yQPUg2ka5g==}
 
@@ -2545,6 +3033,9 @@ packages:
     resolution: {integrity: sha512-oP5VkATKlNwcgvxi0vM0p/D3n2C3EReYVX+DNYs5TjZFn/oQt2j+4sVJtSMr18pdRr8wjTcBl6LoV+FUwzPmNA==}
     engines: {node: '>=18'}
 
+  bowser@2.14.1:
+    resolution: {integrity: sha512-tzPjzCxygAKWFOJP011oxFHs57HzIhOEracIgAePE4pqB3LikALKnSzUyU4MGs9/iCEUuHlAJTjTc5M+u7YEGg==}
+
   brace-expansion@5.0.4:
     resolution: {integrity: sha512-h+DEnpVvxmfVefa4jFbCf5HdH5YMDXRsmKflpf1pILZWRFlTbJpxeU55nJl4Smt5HQaGzg1o6RHFPJaOqnmBDg==}
     engines: {node: 18 || 20 || >=22}
@@ -2553,14 +3044,23 @@ packages:
     resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==}
     engines: {node: '>=8'}
 
+  browser-image-compression@2.0.2:
+    resolution: {integrity: sha512-pBLlQyUf6yB8SmmngrcOw3EoS4RpQ1BcylI3T9Yqn7+4nrQTXJD4sJDe5ODnJdrvNMaio5OicFo75rDyJD2Ucw==}
+
   browserslist@4.28.1:
     resolution: {integrity: sha512-ZC5Bd0LgJXgwGqUknZY/vkUQ04r8NXnJZ3yYi4vDmSiZmC/pdSN0NbNRPxZpbtO4uAfDUAFffO8IZoM3Gj8IkA==}
     engines: {node: ^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7}
     hasBin: true
 
+  buffer-equal-constant-time@1.0.1:
+    resolution: {integrity: sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==}
+
   buffer-from@1.1.2:
     resolution: {integrity: sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==}
 
+  buffer@6.0.3:
+    resolution: {integrity: sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==}
+
   bundle-name@4.1.0:
     resolution: {integrity: sha512-tjwM5exMg6BGRI+kNmTntNsvdZS1X8BFYS6tnJ2hdH0kVxM6/eVZ2xy+FqStSWvYmtfFMDLIxurorHwDKfDz5Q==}
     engines: {node: '>=18'}
@@ -2569,6 +3069,10 @@ packages:
     resolution: {integrity: sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==}
     engines: {node: '>= 0.8'}
 
+  cac@7.0.0:
+    resolution: {integrity: sha512-tixWYgm5ZoOD+3g6UTea91eow5z6AAHaho3g0V9CNSNb45gM8SmflpAc+GRd1InC4AqN/07Unrgp56Y94N9hJQ==}
+    engines: {node: '>=20.19.0'}
+
   call-bind-apply-helpers@1.0.2:
     resolution: {integrity: sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==}
     engines: {node: '>= 0.4'}
@@ -2632,13 +3136,6 @@ packages:
   color-name@1.1.4:
     resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==}
 
-  color-string@1.9.1:
-    resolution: {integrity: sha512-shrVawQFojnZv6xM40anx4CkoDP+fZsw/ZerEMsW/pyzsRbElpsL/DBVW7q3ExxwusdNXI3lXpuhEZkzs8p5Eg==}
-
-  color@4.2.3:
-    resolution: {integrity: sha512-1rXeuUUiGGrykh+CeBdu5Ie7OJwinCgQY0bc7GCRxy5xVHy+moaqkpL/jqQq0MtQOeYcrqEz4abc5f0KtU7W4A==}
-    engines: {node: '>=12.5.0'}
-
   colorette@2.0.20:
     resolution: {integrity: sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==}
 
@@ -2725,9 +3222,6 @@ packages:
   csstype@3.2.3:
     resolution: {integrity: sha512-z1HGKcYy2xA8AGQfwrn0PAy+PB7X/GSj3UVJW9qKyn43xWa+gl5nXmU4qqLMRzWVLFC8KusUX8T/0kCiOYpAIQ==}
 
-  data-uri-to-buffer@2.0.2:
-    resolution: {integrity: sha512-ND9qDTLc6diwj+Xe5cdAgVTbLVdXbtxTJRXRhli8Mowuaan+0EJOtdqJ0QCHNSSPyoXGx9HX2/VMnKeC34AChA==}
-
   data-uri-to-buffer@4.0.1:
     resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==}
     engines: {node: '>= 12'}
@@ -2738,6 +3232,9 @@ packages:
   date-fns@4.1.0:
     resolution: {integrity: sha512-Ukq0owbQXxa/U3EGtsdVBkR1w7KOQ5gIBqdH2hkvknzZPYvBxb/aa6E8L7tmjFtkwZBu3UXBbjIgPo/Ez4xaNg==}
 
+  dateformat@4.6.3:
+    resolution: {integrity: sha512-2P0p0pFGzHS5EMnhdxQi7aJN+iMheud0UhG4dlE1DLAlvL8JHjJJTX/CSm4JXwV0Ka5nGk3zC5mcb5bUQUxxMA==}
+
   debug@4.4.3:
     resolution: {integrity: sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==}
     engines: {node: '>=6.0'}
@@ -2890,10 +3387,22 @@ packages:
       sqlite3:
         optional: true
 
+  dts-resolver@2.1.3:
+    resolution: {integrity: sha512-bihc7jPC90VrosXNzK0LTE2cuLP6jr0Ro8jk+kMugHReJVLIpHz/xadeq3MhuwyO4TD4OA3L1Q8pBBFRc08Tsw==}
+    engines: {node: '>=20.19.0'}
+    peerDependencies:
+      oxc-resolver: '>=11.0.0'
+    peerDependenciesMeta:
+      oxc-resolver:
+        optional: true
+
   dunder-proto@1.0.1:
     resolution: {integrity: sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==}
     engines: {node: '>= 0.4'}
 
+  ecdsa-sig-formatter@1.0.11:
+    resolution: {integrity: sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==}
+
   eciesjs@0.4.18:
     resolution: {integrity: sha512-wG99Zcfcys9fZux7Cft8BAX/YrOJLJSZ3jyYPfhZHqN2E+Ffx+QXBDsv3gubEgPtV6dTzJMSQUwk1H98/t/0wQ==}
     engines: {bun: '>=1', deno: '>=2', node: '>=16'}
@@ -2910,10 +3419,17 @@ packages:
   emoji-regex@8.0.0:
     resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==}
 
+  empathic@2.0.0:
+    resolution: {integrity: sha512-i6UzDscO/XfAcNYD75CfICkmfLedpyPDdozrLMmQc5ORaQcdMoc21OnlEylMIqI7U8eniKrPMxxtj8k0vhmJhA==}
+    engines: {node: '>=14'}
+
   encodeurl@2.0.0:
     resolution: {integrity: sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg==}
     engines: {node: '>= 0.8'}
 
+  end-of-stream@1.4.5:
+    resolution: {integrity: sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==}
+
   enhanced-resolve@5.20.1:
     resolution: {integrity: sha512-Qohcme7V1inbAfvjItgw0EaxVX5q2rdVEZHRBrEQdRZTssLDGsL8Lwrznl8oQ/6kuTJONLaDcGjkNP247XEhcA==}
     engines: {node: '>=10.13.0'}
@@ -2929,6 +3445,9 @@ packages:
   error-ex@1.3.4:
     resolution: {integrity: sha512-sqQamAnR14VgCr1A618A3sGrygcpK+HEbenA/HiEAkkUwcZIIB/tgWqHFxWgOyDh4nB4JCRimh79dR5Ywc9MDQ==}
 
+  error-stack-parser-es@1.0.5:
+    resolution: {integrity: sha512-5qucVt2XcuGMcEGgWI7i+yZpmpByQ8J1lHhcL7PwqCwu9FPP3VUXzT4ltHe5i2z9dePwEHcDVOAfSnHsOlCXRA==}
+
   es-define-property@1.0.1:
     resolution: {integrity: sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==}
     engines: {node: '>= 0.4'}
@@ -2944,11 +3463,6 @@ packages:
     resolution: {integrity: sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==}
     engines: {node: '>= 0.4'}
 
-  esbuild@0.17.19:
-    resolution: {integrity: sha512-XQ0jAPFkK/u3LcVRcvVHQcTIqD6E2H1fvZMA5dQPSOWb3suUbWbfbRf94pjc0bNzRYLfIrDRQXr7X+LHIm5oHw==}
-    engines: {node: '>=12'}
-    hasBin: true
-
   esbuild@0.18.20:
     resolution: {integrity: sha512-ceqxoedUrcayh7Y7ZX6NdbbDzGROiyVBgC4PriJThBKSVPWnnFHZAkfI1lJT8QFkOwH4qOS2SJkS4wvpGl8BpA==}
     engines: {node: '>=12'}
@@ -2959,6 +3473,11 @@ packages:
     engines: {node: '>=18'}
     hasBin: true
 
+  esbuild@0.27.3:
+    resolution: {integrity: sha512-8VwMnyGCONIs6cWue2IdpHxHnAjzxnw2Zr7MkVxB2vjmQ2ivqGFb4LEG3SMnv0Gb2F/G/2yA8zUaiL1gywDCCg==}
+    engines: {node: '>=18'}
+    hasBin: true
+
   esbuild@0.27.4:
     resolution: {integrity: sha512-Rq4vbHnYkK5fws5NF7MYTU68FPRE1ajX7heQ/8QXXWqNgqqJ/GkmmyxIzUnf2Sr/bakf8l54716CcMGHYhMrrQ==}
     engines: {node: '>=18'}
@@ -2971,18 +3490,11 @@ packages:
   escape-html@1.0.3:
     resolution: {integrity: sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==}
 
-  escape-string-regexp@4.0.0:
-    resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==}
-    engines: {node: '>=10'}
-
   esprima@4.0.1:
     resolution: {integrity: sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==}
     engines: {node: '>=4'}
     hasBin: true
 
-  estree-walker@0.6.1:
-    resolution: {integrity: sha512-SqmZANLWS0mnatqbSfRP5g8OXZC12Fgg1IwNtLsyHDzJizORW4khDfjPqJZsemPWBB2uqykUah5YpQ6epsqC/w==}
-
   estree-walker@3.0.3:
     resolution: {integrity: sha512-7RUKfXgSMMkzt6ZuXmqapOurLGPPfgj6l9uRZ7lRGolvk0y2yocc35LdcxKC5PQZdn2DMqioAQ2NoWcrTKmm6g==}
 
@@ -2990,9 +3502,17 @@ packages:
     resolution: {integrity: sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg==}
     engines: {node: '>= 0.6'}
 
+  event-target-shim@5.0.1:
+    resolution: {integrity: sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==}
+    engines: {node: '>=6'}
+
   eventemitter3@5.0.4:
     resolution: {integrity: sha512-mlsTRyGaPBjPedk6Bvw+aqbsXDtoAyAzm5MO7JgU+yVRyMQ5O8bD4Kcci7BS85f93veegeCPkL8R4GLClnjLFw==}
 
+  events@3.3.0:
+    resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==}
+    engines: {node: '>=0.8.x'}
+
   eventsource-parser@3.0.6:
     resolution: {integrity: sha512-Vo1ab+QXPzZ4tCa8SwIHJFaSzy4R6SHf7BY79rFBDf0idraZWAkYrDjDj8uWaSm3S2TK+hJ7/t1CEmZ7jXw+pg==}
     engines: {node: '>=18.0.0'}
@@ -3009,10 +3529,6 @@ packages:
     resolution: {integrity: sha512-9Be3ZoN4LmYR90tUoVu2te2BsbzHfhJyfEiAVfz7N5/zv+jduIfLrV2xdQXOHbaD6KgpGdO9PRPM1Y4Q9QkPkA==}
     engines: {node: ^18.19.0 || >=20.5.0}
 
-  exit-hook@2.2.1:
-    resolution: {integrity: sha512-eNTPlAD67BmP31LDINZ3U7HSF8l57TxOY2PmBJ1shpCvpnxBF93mWCE8YHBnXs8qiUZJc9WDcWIeC3a2HIAMfw==}
-    engines: {node: '>=6'}
-
   expect-type@1.3.0:
     resolution: {integrity: sha512-knvyeauYhqjOYvQ66MznSMs83wmHrCycNEN6Ao+2AeYEfxUIkuiVxdEa1qlGEPK+We3n0THiDciYSsCcgW/DoA==}
     engines: {node: '>=12.0.0'}
@@ -3027,8 +3543,11 @@ packages:
     resolution: {integrity: sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==}
     engines: {node: '>= 18'}
 
-  exsolve@1.0.8:
-    resolution: {integrity: sha512-LmDxfWXwcTArk8fUEnOfSZpHOJ6zOMUJKOtFLFqJLoKJetuQG874Uc7/Kki7zFLzYybmZhp1M7+98pfMqeX8yA==}
+  extend@3.0.2:
+    resolution: {integrity: sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==}
+
+  fast-copy@4.0.2:
+    resolution: {integrity: sha512-ybA6PDXIXOXivLJK/z9e+Otk7ve13I4ckBvGO5I2RRmBU1gMHLVDJYEuJYhGwez7YNlYji2M2DvVU+a9mSFDlw==}
 
   fast-deep-equal@3.1.3:
     resolution: {integrity: sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==}
@@ -3037,9 +3556,19 @@ packages:
     resolution: {integrity: sha512-7MptL8U0cqcFdzIzwOTHoilX9x5BrNqye7Z/LuC7kCMRio1EMSyqRK3BEAUD7sXRq4iT4AzTVuZdhgQ2TCvYLg==}
     engines: {node: '>=8.6.0'}
 
+  fast-safe-stringify@2.1.1:
+    resolution: {integrity: sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA==}
+
   fast-uri@3.1.0:
     resolution: {integrity: sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==}
 
+  fast-xml-builder@1.1.4:
+    resolution: {integrity: sha512-f2jhpN4Eccy0/Uz9csxh3Nu6q4ErKxf0XIsasomfOihuSUa3/xw6w8dnOtCDgEItQFJG8KyXPzQXzcODDrrbOg==}
+
+  fast-xml-parser@5.5.8:
+    resolution: {integrity: sha512-Z7Fh2nVQSb2d+poDViM063ix2ZGt9jmY1nWhPfHBOK2Hgnb/OW3P4Et3P/81SEej0J7QbWtJqxO05h8QYfK7LQ==}
+    hasBin: true
+
   fastq@1.20.1:
     resolution: {integrity: sha512-GGToxJ/w1x32s/D2EKND7kTil4n8OVk/9mycTc4VDza13lOvpUZTGX3mFSCtV9ksdGBVzvsyAVLM6mHFThxXxw==}
 
@@ -3056,6 +3585,9 @@ packages:
     resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==}
     engines: {node: ^12.20 || >= 14.13}
 
+  fetch-retry@6.0.0:
+    resolution: {integrity: sha512-BUFj1aMubgib37I3v4q78fYo63Po7t4HUPTpQ6/QE6yK6cIQrP+W43FYToeTEyg5m2Y7eFUtijUuAv/PDlWuag==}
+
   figures@6.1.0:
     resolution: {integrity: sha512-d+l3qxjSesT4V7v2fh+QnmFnUWv9lSpjarhShNTgBOfA0ttejbQUAlHLitbjkoRiDulW0OPoQPYIGhIC8ohejg==}
     engines: {node: '>=18'}
@@ -3100,6 +3632,14 @@ packages:
   fuzzysort@3.1.0:
     resolution: {integrity: sha512-sR9BNCjBg6LNgwvxlBd0sBABvQitkLzoVY9MYYROQVX/FvfJ4Mai9LsGhDgd8qYdds0bY77VzYd5iuB+v5rwQQ==}
 
+  gaxios@6.7.1:
+    resolution: {integrity: sha512-LDODD4TMYx7XXdpwxAVRAIAuB0bzv0s+ywFonY46k126qzQHT9ygyoa9tncmOiQmmDrik65UYsEkv3lbfqQ3yQ==}
+    engines: {node: '>=14'}
+
+  gcp-metadata@6.1.1:
+    resolution: {integrity: sha512-a4tiq7E0/5fTjxPAaH4jpjkSv/uCaU2p5KC6HVGrvl0cDjA8iBZv4vv1gyzlmK0ZUKqwpOyQMKzZQe3lTit77A==}
+    engines: {node: '>=14'}
+
   gensync@1.0.0-beta.2:
     resolution: {integrity: sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==}
     engines: {node: '>=6.9.0'}
@@ -3124,9 +3664,6 @@ packages:
     resolution: {integrity: sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==}
     engines: {node: '>= 0.4'}
 
-  get-source@2.0.12:
-    resolution: {integrity: sha512-X5+4+iD+HoSeEED+uwrQ07BOQr0kEDFMVqqpBuI+RaZBpBpHCuXxo70bjar6f0b0u/DQJsJ7ssurpP0V60Az+w==}
-
   get-stream@6.0.1:
     resolution: {integrity: sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==}
     engines: {node: '>=10'}
@@ -3147,13 +3684,26 @@ packages:
     resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==}
     engines: {node: '>= 6'}
 
-  glob-to-regexp@0.4.1:
-    resolution: {integrity: sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==}
-
   global-directory@4.0.1:
     resolution: {integrity: sha512-wHTUcDUoZ1H5/0iVqEudYW4/kAlN5cZ3j/bXn0Dpbizl9iaUVeWSHqiOjsgk6OW2bkLclbBjzewBz6weQ1zA2Q==}
     engines: {node: '>=18'}
 
+  google-auth-library@9.15.1:
+    resolution: {integrity: sha512-Jb6Z0+nvECVz+2lzSMt9u98UsoakXxA2HGHMCxh+so3n90XgYWkq5dur19JAJV7ONiJY22yBTyJB1TSkvPq9Ng==}
+    engines: {node: '>=14'}
+
+  google-logging-utils@0.0.2:
+    resolution: {integrity: sha512-NEgUnEcBiP5HrPzufUkBzJOD/Sxsco3rLNo1F1TNf7ieU8ryUzBhqba8r756CjLX7rn3fHl6iLEwPYuqpoKgQQ==}
+    engines: {node: '>=14'}
+
+  googleapis-common@7.2.0:
+    resolution: {integrity: sha512-/fhDZEJZvOV3X5jmD+fKxMqma5q2Q9nZNSF3kn1F18tpxmA86BcTxAGBQdM0N89Z3bEaIs+HVznSmFJEAmMTjA==}
+    engines: {node: '>=14.0.0'}
+
+  googleapis@144.0.0:
+    resolution: {integrity: sha512-ELcWOXtJxjPX4vsKMh+7V+jZvgPwYMlEhQFiu2sa9Qmt5veX8nwXPksOWGGN6Zk4xCiLygUyaz7xGtcMO+Onxw==}
+    engines: {node: '>=14.0.0'}
+
   gopd@1.2.0:
     resolution: {integrity: sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==}
     engines: {node: '>= 0.4'}
@@ -3165,6 +3715,10 @@ packages:
     resolution: {integrity: sha512-gGgrVCoDKlIZ8fIqXBBb0pPKqDgki0Z/FSKNiQzSGj2uEYHr1tq5wmBegGwJx6QB5S5cM0khSBpi/JFHMCvsmQ==}
     engines: {node: ^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0}
 
+  gtoken@7.1.0:
+    resolution: {integrity: sha512-pCcEwRi+TKpMlxAQObHDQ56KawURgyAf6jtIY046fJ5tIv3zDe/LEIubckAO8fj6JnAxLdmWkUfNyulQ2iKdEw==}
+    engines: {node: '>=14.0.0'}
+
   has-flag@4.0.0:
     resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==}
     engines: {node: '>=8'}
@@ -3180,10 +3734,16 @@ packages:
   headers-polyfill@4.0.3:
     resolution: {integrity: sha512-IScLbePpkvO846sIwOtOTDjutRMWdXdJmXdMvk6gCBHxFO8d+QKOQedyZSxFTTFYRSmlgSTDtXqqq4pcenBXLQ==}
 
+  help-me@5.0.0:
+    resolution: {integrity: sha512-7xgomUX6ADmcYzFik0HzAxh/73YlKR9bmFzf51CZwR+b6YtzU2m0u49hQCqV6SvlqIqsaxovfwdvbnsw3b/zpg==}
+
   hono@4.12.8:
     resolution: {integrity: sha512-VJCEvtrezO1IAR+kqEYnxUOoStaQPGrCmX3j4wDTNOcD1uRPFpGlwQUIW8niPuvHXaTUxeOUl5MMDGrl+tmO9A==}
     engines: {node: '>=16.9.0'}
 
+  hookable@6.1.0:
+    resolution: {integrity: sha512-ZoKZSJgu8voGK2geJS+6YtYjvIzu9AOM/KZXsBxr83uhLL++e9pEv/dlgwgy3dvHg06kTz6JOh1hk3C8Ceiymw==}
+
   html-escaper@2.0.2:
     resolution: {integrity: sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==}
 
@@ -3215,6 +3775,9 @@ packages:
   icu-minify@4.8.3:
     resolution: {integrity: sha512-65Av7FLosNk7bPbmQx5z5XG2Y3T2GFppcjiXh4z1idHeVgQxlDpAmkGoYI0eFzAvrOnjpWTL5FmPDhsdfRMPEA==}
 
+  ieee754@1.2.1:
+    resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==}
+
   ignore@5.3.2:
     resolution: {integrity: sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==}
     engines: {node: '>= 4'}
@@ -3226,6 +3789,10 @@ packages:
   import-meta-resolve@4.2.0:
     resolution: {integrity: sha512-Iqv2fzaTQN28s/FwZAoFq0ZSs/7hMAHJVX+w8PZl3cY19Pxk6jFFalxQoIfW2826i/fDLXv8IiEZRIT0lDuWcg==}
 
+  import-without-cache@0.2.5:
+    resolution: {integrity: sha512-B6Lc2s6yApwnD2/pMzFh/d5AVjdsDXjgkeJ766FmFuJELIGHNycKRj+l3A39yZPM4CchqNCB4RITEAYB1KUM6A==}
+    engines: {node: '>=20.19.0'}
+
   inherits@2.0.4:
     resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==}
 
@@ -3247,9 +3814,6 @@ packages:
   is-arrayish@0.2.1:
     resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==}
 
-  is-arrayish@0.3.4:
-    resolution: {integrity: sha512-m6UrgzFVUYawGBh1dUsWR5M2Clqic9RVXC/9f8ceNlv2IcO9j9J/z8UoCLPqtsPBFNzEpfR3xftohbfqDx8EQA==}
-
   is-docker@3.0.0:
     resolution: {integrity: sha512-eljcgEDlEns/7AXFosB5K/2nCM4P7FQPkGc/DWLy5rmFEWvZayGrik1d9/QIY5nJ4f9YsVvBkA6kJpHn9rISdQ==}
     engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0}
@@ -3356,6 +3920,10 @@ packages:
   jose@6.2.2:
     resolution: {integrity: sha512-d7kPDd34KO/YnzaDOlikGpOurfF0ByC2sEV4cANCtdqLlTfBlw2p14O/5d/zv40gJPbIQxfES3nSx1/oYNyuZQ==}
 
+  joycon@3.1.1:
+    resolution: {integrity: sha512-34wB/Y7MW7bzjKRjUKTa46I2Z7eV62Rkhva+KkopW7Qvv/OSWBqvkSY7vusOPrNuZcUG3tApvdVgNB8POj3SPw==}
+    engines: {node: '>=10'}
+
   js-tokens@4.0.0:
     resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==}
 
@@ -3368,6 +3936,9 @@ packages:
     engines: {node: '>=6'}
     hasBin: true
 
+  json-bigint@1.0.0:
+    resolution: {integrity: sha512-SiPv/8VpZuWbvLSMtTDU8hEfrZWg/mH/nV/b4o0CYbSxu1UIQPLdwKOCIyLQX+VIPO5vrLX3i8qtqFyhdPSUSQ==}
+
   json-parse-even-better-errors@2.3.1:
     resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==}
 
@@ -3385,6 +3956,12 @@ packages:
   jsonfile@6.2.0:
     resolution: {integrity: sha512-FGuPw30AdOIUTRMC2OMRtQV+jkVj2cfPqSeWXv1NEAJ1qZ5zb1X6z1mFhbfOB/iy3ssJCD+3KuZ8r8C3uVFlAg==}
 
+  jwa@2.0.1:
+    resolution: {integrity: sha512-hRF04fqJIP8Abbkq5NKGN0Bbr3JxlQ+qhZufXVr0DvujKy93ZCbXZMHDL4EOtodSbCWxOqR8MS1tXA5hwqCXDg==}
+
+  jws@4.0.1:
+    resolution: {integrity: sha512-EKI/M/yqPncGUUh44xz0PxSidXFr/+r0pA70+gIYhjv+et7yxM+s29Y+VGDkovRofQem0fs7Uvf4+YmAdyRduA==}
+
   kleur@3.0.3:
     resolution: {integrity: sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==}
     engines: {node: '>=6'}
@@ -3517,9 +4094,6 @@ packages:
     peerDependencies:
       react: ^16.5.1 || ^17.0.0 || ^18.0.0 || ^19.0.0
 
-  magic-string@0.25.9:
-    resolution: {integrity: sha512-RmF0AsMzgt25qzqqLc1+MbHmhdx0ojF2Fvs4XnOqz2ZOBXzzkEwc/dJQZCYHAn7v1jbVOjAZfK8msRn4BxO4VQ==}
-
   magic-string@0.30.21:
     resolution: {integrity: sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==}
 
@@ -3565,11 +4139,6 @@ packages:
     resolution: {integrity: sha512-Lbgzdk0h4juoQ9fCKXW4by0UJqj+nOOrI9MJ1sSj4nI8aI2eo1qmvQEie4VD1glsS250n15LsWsYtCugiStS5A==}
     engines: {node: '>=18'}
 
-  mime@3.0.0:
-    resolution: {integrity: sha512-jSCU7/VB1loIWBZe14aEYHU/+1UMEHoaO7qxCOVJOw9GgH72VAWppxNcjU+x9a2k3GSIBXNKxXQFqRvvZ7vr3A==}
-    engines: {node: '>=10.0.0'}
-    hasBin: true
-
   mimic-fn@2.1.0:
     resolution: {integrity: sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==}
     engines: {node: '>=6'}
@@ -3578,9 +4147,9 @@ packages:
     resolution: {integrity: sha512-VP79XUPxV2CigYP3jWwAUFSku2aKqBH7uTAapFWCBqutsbmDo96KY5o8uh6U+/YSIn5OxJnXp73beVkpqMIGhA==}
     engines: {node: '>=18'}
 
-  miniflare@3.20250718.3:
-    resolution: {integrity: sha512-JuPrDJhwLrNLEJiNLWO7ZzJrv/Vv9kZuwMYCfv0LskQDM6Eonw4OvywO3CH/wCGjgHzha/qyjUh8JQ068TjDgQ==}
-    engines: {node: '>=16.13'}
+  miniflare@4.20260329.0:
+    resolution: {integrity: sha512-+G+1YFVeuEpw/gZZmUHQR7IfzJV+DDGvnSl0yXzhgvHh8Nbr8Go5uiWIwl17EyZ1Uors3FKUMDUyU6+ejeKZOw==}
+    engines: {node: '>=18.0.0'}
     hasBin: true
 
   minimatch@10.2.4:
@@ -3603,10 +4172,6 @@ packages:
       typescript:
         optional: true
 
-  mustache@4.2.0:
-    resolution: {integrity: sha512-71ippSywq5Yb7/tVYyGbkBggbU8H3u5Rz56fH60jGFgr8uHwxs+aSKeqmluIVzM0m0kB7xQjKS6qPfd0b2ZoqQ==}
-    hasBin: true
-
   mute-stream@2.0.0:
     resolution: {integrity: sha512-WWdIxpyjEn+FhQJQQv9aQAYlHoNVdzIzUySNV1gHUPDSdZJ3yZn7pAAbQcV7B56Mvu881q9FZV+0Vx2xC44VWA==}
     engines: {node: ^18.17.0 || >=20.5.0}
@@ -3677,6 +4242,15 @@ packages:
     engines: {node: '>=10.5.0'}
     deprecated: Use your platform's native DOMException instead
 
+  node-fetch@2.7.0:
+    resolution: {integrity: sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==}
+    engines: {node: 4.x || >=6.0.0}
+    peerDependencies:
+      encoding: ^0.1.0
+    peerDependenciesMeta:
+      encoding:
+        optional: true
+
   node-fetch@3.3.2:
     resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==}
     engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0}
@@ -3707,8 +4281,9 @@ packages:
   obug@2.1.1:
     resolution: {integrity: sha512-uTqF9MuPraAQ+IsnPf366RG4cP9RtUi7MLO1N3KEc+wb0a6yKpeL0lmk2IB1jY5KHPAlTc6T/JRdC/YqxHNwkQ==}
 
-  ohash@2.0.11:
-    resolution: {integrity: sha512-RdR9FQrFwNBNXAr4GixM8YaRZRJ5PUWbKYbE5eOsrwAjJW0q2REGcf79oYPsLyskQCZG1PLN+S/K1V00joZAoQ==}
+  on-exit-leak-free@2.1.2:
+    resolution: {integrity: sha512-0eJJY6hXLGf1udHwfNftBqH+g73EU4B504nZeKpz1sYRKafAghwxEJunB2O7rDZkL4PGfsMVnTXZ2EjibbqcsA==}
+    engines: {node: '>=14.0.0'}
 
   on-finished@2.4.1:
     resolution: {integrity: sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==}
@@ -3755,6 +4330,10 @@ packages:
   path-browserify@1.0.1:
     resolution: {integrity: sha512-b7uo2UCUOYZcnF/3ID0lulOJi/bafxa1xPe7ZPsammBSpjSWQkjNxlt635YGS2MiR9GjvuXCtz2emr3jbsz98g==}
 
+  path-expression-matcher@1.2.0:
+    resolution: {integrity: sha512-DwmPWeFn+tq7TiyJ2CxezCAirXjFxvaiD03npak3cRjlP9+OjTmSy1EpIrEbh+l6JgUundniloMLDQ/6VTdhLQ==}
+    engines: {node: '>=14.0.0'}
+
   path-key@3.1.1:
     resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==}
     engines: {node: '>=8'}
@@ -3817,6 +4396,27 @@ packages:
     resolution: {integrity: sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==}
     engines: {node: '>=12'}
 
+  picomatch@4.0.4:
+    resolution: {integrity: sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==}
+    engines: {node: '>=12'}
+
+  pino-abstract-transport@1.2.0:
+    resolution: {integrity: sha512-Guhh8EZfPCfH+PMXAb6rKOjGQEoy0xlAIn+irODG5kgfYV+BQ0rGYYWTIel3P5mmyXqkYkPmdIkywsn6QKUR1Q==}
+
+  pino-abstract-transport@3.0.0:
+    resolution: {integrity: sha512-wlfUczU+n7Hy/Ha5j9a/gZNy7We5+cXp8YL+X+PG8S0KXxw7n/JXA3c46Y0zQznIJ83URJiwy7Lh56WLokNuxg==}
+
+  pino-pretty@13.1.3:
+    resolution: {integrity: sha512-ttXRkkOz6WWC95KeY9+xxWL6AtImwbyMHrL1mSwqwW9u+vLp/WIElvHvCSDg0xO/Dzrggz1zv3rN5ovTRVowKg==}
+    hasBin: true
+
+  pino-std-serializers@7.1.0:
+    resolution: {integrity: sha512-BndPH67/JxGExRgiX1dX0w1FvZck5Wa4aal9198SrRhZjH3GxKQUKIBnYJTdj2HDN3UQAS06HlfcSbQj2OHmaw==}
+
+  pino@10.3.1:
+    resolution: {integrity: sha512-r34yH/GlQpKZbU1BvFFqOjhISRo1MNx1tWYsYvmj6KIRHSPMT2+yHOEb1SG6NMvRoHRF0a07kCOox/9yakl1vg==}
+    hasBin: true
+
   pkce-challenge@5.0.1:
     resolution: {integrity: sha512-wQ0b/W4Fr01qtpHlqSqspcj3EhBvimsdh0KlHhH8HRZnMsEa0ea2fTULOXOS9ccQr3om+GcGRk4e+isrZWV8qQ==}
     engines: {node: '>=16.20.0'}
@@ -3874,8 +4474,12 @@ packages:
     resolution: {integrity: sha512-gjVS5hOP+M3wMm5nmNOucbIrqudzs9v/57bWRHQWLYklXqoXKrVfYW2W9+glfGsqtPgpiz5WwyEEB+ksXIx3gQ==}
     engines: {node: '>=18'}
 
-  printable-characters@1.0.42:
-    resolution: {integrity: sha512-dKp+C4iXWK4vVYZmYSd0KBH5F/h1HoZRsbJ82AVKRO3PEo8L4lBS/vLwhVtpwwuYcoIsVY+1JYKR268yn480uQ==}
+  process-warning@5.0.0:
+    resolution: {integrity: sha512-a39t9ApHNx2L4+HBnQKqxxHNs1r7KF+Intd8Q/g1bUh6q0WIp9voPXJ/x0j+ZL45KF1pJd9+q2jLIRMfvEshkA==}
+
+  process@0.11.10:
+    resolution: {integrity: sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==}
+    engines: {node: '>= 0.6.0'}
 
   prompts@2.4.2:
     resolution: {integrity: sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==}
@@ -3885,13 +4489,22 @@ packages:
     resolution: {integrity: sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==}
     engines: {node: '>= 0.10'}
 
+  pump@3.0.4:
+    resolution: {integrity: sha512-VS7sjc6KR7e1ukRFhQSY5LM2uBWAUPiOPa/A3mkKmiMwSmRFUITt0xuj+/lesgnCv+dPIEYlkzrcyXgquIHMcA==}
+
   qs@6.15.0:
     resolution: {integrity: sha512-mAZTtNCeetKMH+pSjrb76NAM8V9a05I9aBZOHztWy/UqcJdQYNsf59vrRKWnojAT9Y+GbIvoTBC++CPHqpDBhQ==}
     engines: {node: '>=0.6'}
 
+  quansync@1.0.0:
+    resolution: {integrity: sha512-5xZacEEufv3HSTPQuchrvV6soaiACMFnq1H8wkVioctoH3TRha9Sz66lOxRwPK/qZj7HPiSveih9yAyh98gvqA==}
+
   queue-microtask@1.2.3:
     resolution: {integrity: sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==}
 
+  quick-format-unescaped@4.0.4:
+    resolution: {integrity: sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==}
+
   raf-schd@4.0.3:
     resolution: {integrity: sha512-tQkJl2GRWh83ui2DiPTJz9wEiMN20syf+5oKfB03yYP7ioZcJwsIK8FjrtLwH1m7C7e+Tt2yYBlrOpdT+dyeIQ==}
 
@@ -3930,6 +4543,14 @@ packages:
     resolution: {integrity: sha512-9nfp2hYpCwOjAN+8TZFGhtWEwgvWHXqESH8qT89AT/lWklpLON22Lc8pEtnpsZz7VmawabSU0gCjnj8aC0euHQ==}
     engines: {node: '>=0.10.0'}
 
+  readable-stream@4.7.0:
+    resolution: {integrity: sha512-oIGGmcpTLwPga8Bn6/Z75SVaH1z5dUut2ibSyAMVhmUggWpmDn2dapB0n7f8nwaSiRtepAsfJyfXIO5DCVAODg==}
+    engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0}
+
+  real-require@0.2.0:
+    resolution: {integrity: sha512-57frrGM/OCTLqLOAh0mhVA9VBMHd+9U7Zb2THMGdBUoZVOtGbJzjxsYGDJ3A9AYYCP4hn6y1TVbaOfzWtm5GFg==}
+    engines: {node: '>= 12.13.0'}
+
   recast@0.23.11:
     resolution: {integrity: sha512-YTUo+Flmw4ZXiWfQKGcwwc11KnoRAYgzAE2E7mXKCjSviTKShtxBsN6YUUBB2gtaBzKzeKunxhUwNHQuRryhWA==}
     engines: {node: '>= 4'}
@@ -3973,20 +4594,34 @@ packages:
   rfdc@1.4.1:
     resolution: {integrity: sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA==}
 
-  rolldown@1.0.0-rc.10:
-    resolution: {integrity: sha512-q7j6vvarRFmKpgJUT8HCAUljkgzEp4LAhPlJUvQhA5LA1SUL36s5QCysMutErzL3EbNOZOkoziSx9iZC4FddKA==}
-    engines: {node: ^20.19.0 || >=22.12.0}
-    hasBin: true
-
-  rollup-plugin-inject@3.0.2:
-    resolution: {integrity: sha512-ptg9PQwzs3orn4jkgXJ74bfs5vYz1NCZlSQMBUA0wKcGp5i5pA1AO3fOUEte8enhGUC+iapTCzEWw2jEFFUO/w==}
-    deprecated: This package has been deprecated and is no longer maintained. Please use @rollup/plugin-inject.
+  rolldown-plugin-dts@0.23.2:
+    resolution: {integrity: sha512-PbSqLawLgZBGcOGT3yqWBGn4cX+wh2nt5FuBGdcMHyOhoukmjbhYAl8NT9sE4U38Cm9tqLOIQeOrvzeayM0DLQ==}
+    engines: {node: '>=20.19.0'}
+    peerDependencies:
+      '@ts-macro/tsc': ^0.3.6
+      '@typescript/native-preview': '>=7.0.0-dev.20260325.1'
+      rolldown: ^1.0.0-rc.12
+      typescript: ^5.0.0 || ^6.0.0
+      vue-tsc: ~3.2.0
+    peerDependenciesMeta:
+      '@ts-macro/tsc':
+        optional: true
+      '@typescript/native-preview':
+        optional: true
+      typescript:
+        optional: true
+      vue-tsc:
+        optional: true
 
-  rollup-plugin-node-polyfills@0.2.1:
-    resolution: {integrity: sha512-4kCrKPTJ6sK4/gLL/U5QzVT8cxJcofO0OU74tnB19F40cmuAKSzH5/siithxlofFEjwvw1YAhPmbvGNA6jEroA==}
+  rolldown@1.0.0-rc.10:
+    resolution: {integrity: sha512-q7j6vvarRFmKpgJUT8HCAUljkgzEp4LAhPlJUvQhA5LA1SUL36s5QCysMutErzL3EbNOZOkoziSx9iZC4FddKA==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    hasBin: true
 
-  rollup-pluginutils@2.8.2:
-    resolution: {integrity: sha512-EEp9NhnUkwY8aif6bxgovPHMoMoNr2FulJziTndpt5H9RdwC47GSGuII9XxpSdzVGM0GWrNPHV6ie1LTNJPaLQ==}
+  rolldown@1.0.0-rc.12:
+    resolution: {integrity: sha512-yP4USLIMYrwpPHEFB5JGH1uxhcslv6/hL0OyvTuY+3qlOSJvZ7ntYnoWpehBxufkgN0cvXxppuTu5hHa/zPh+A==}
+    engines: {node: ^20.19.0 || >=22.12.0}
+    hasBin: true
 
   rou3@0.7.12:
     resolution: {integrity: sha512-iFE4hLDuloSWcD7mjdCDhx2bKcIsYbtOTpfH5MHHLSKMOUyjqQXTeZVa289uuwEGEKFoE/BAPbhaU4B774nceg==}
@@ -4002,12 +4637,22 @@ packages:
   run-parallel@1.2.0:
     resolution: {integrity: sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==}
 
+  safe-buffer@5.2.1:
+    resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==}
+
+  safe-stable-stringify@2.5.0:
+    resolution: {integrity: sha512-b3rppTKm9T+PsVCBEOUR46GWI7fdOs00VKZ1+9c1EWDaDMvjQc6tUwuFyIprgGgTcWoVHSKrU8H31ZHA2e0RHA==}
+    engines: {node: '>=10'}
+
   safer-buffer@2.1.2:
     resolution: {integrity: sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==}
 
   scheduler@0.27.0:
     resolution: {integrity: sha512-eNv+WrVbKu1f3vbYJT/xtiF5syA5HPIMtf9IgY/nKg0sWqzAUEvqY/xm7OcZc/qafLx/iO9FgOmeSAp4v5ti/Q==}
 
+  secure-json-parse@4.1.0:
+    resolution: {integrity: sha512-l4KnYfEyqYJxDwlNVyRfO2E4NTHfMKAWdUuA8J0yve2Dz/E/PdBepY03RvyJpssIpRFwJoCD55wA+mEDs6ByWA==}
+
   semver@6.3.1:
     resolution: {integrity: sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==}
     hasBin: true
@@ -4035,10 +4680,6 @@ packages:
     resolution: {integrity: sha512-3zETJ+0Ezj69FS6RL0HOkLKKAR5yXisXx1iISJdfLQfrUqj/VIQlanQi1Ukk+9OE+XHZVj4FQNTBSfbr2CyCYg==}
     hasBin: true
 
-  sharp@0.33.5:
-    resolution: {integrity: sha512-haPVm1EkS9pgvHrQ/F3Xy+hgcuMV0Wm9vfIBSiwZ05k+xgb0PkBQpGsAA/oWdDobNaZTH5ppvHtzCFbnSEwHVw==}
-    engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
-
   sharp@0.34.5:
     resolution: {integrity: sha512-Ou9I5Ft9WNcCbXrU9cMgPBcCK8LiwLqcbywW3t4oDV37n1pzpuNLsYiAV8eODnjbtQlSDwZ2cUEeQz4E54Hltg==}
     engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0}
@@ -4077,9 +4718,6 @@ packages:
     resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==}
     engines: {node: '>=14'}
 
-  simple-swizzle@0.2.4:
-    resolution: {integrity: sha512-nAu1WFPQSMNr2Zn9PGSZK9AGn4t/y97lEm+MXTtUDwfP0ksAIX4nO+6ruD9Jwut4C49SB1Ws+fbXsm/yScWOHw==}
-
   sisteransi@1.0.5:
     resolution: {integrity: sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==}
 
@@ -4091,6 +4729,9 @@ packages:
     resolution: {integrity: sha512-stxByr12oeeOyY2BlviTNQlYV5xOj47GirPr4yA1hE9JCtxfQN0+tVbkxwCtYDQWhEKWFHsEK48ORg5jrouCAg==}
     engines: {node: '>=20'}
 
+  sonic-boom@4.2.1:
+    resolution: {integrity: sha512-w6AxtubXa2wTXAUsZMMWERrsIRAdrK0Sc+FUytWvYAhBJLyuI4llrMIC1DtlNSdI99EI86KZum2MMq3EAZlF9Q==}
+
   sonner@2.0.7:
     resolution: {integrity: sha512-W6ZN4p58k8aDKA4XPcx2hpIQXBRAgyiWVkYhT7CvK6D3iAu7xjvVyhQHg2/iaKJZ1XVJ4r7XuwGL+WGEK37i9w==}
     peerDependencies:
@@ -4108,10 +4749,6 @@ packages:
     resolution: {integrity: sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==}
     engines: {node: '>=0.10.0'}
 
-  sourcemap-codec@1.4.8:
-    resolution: {integrity: sha512-9NykojV5Uih4lgo5So5dtw+f0JgJX30KCNI8gwhz2J9A15wD0Ml6tjHKwf6fTSa6fAdVBdZeNOs9eJ71qCk8vA==}
-    deprecated: Please use @jridgewell/sourcemap-codec instead
-
   split2@4.2.0:
     resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==}
     engines: {node: '>= 10.x'}
@@ -4119,9 +4756,6 @@ packages:
   stackback@0.0.2:
     resolution: {integrity: sha512-1XMJE5fQo1jGH6Y/7ebnwPOBEkIEnT4QF32d5R1+VXdXveM0IBMJt8zfaxX1P3QhVwrYe+576+jkANtSS2mBbw==}
 
-  stacktracey@2.2.0:
-    resolution: {integrity: sha512-ETyQEz+CzXiLjEbyJqpbp+/T79RQD/6wqFucRBIlVNZfYq2Ay7wbretD4cxpbymZlaPWx58aIhPEY1Cr8DlVvg==}
-
   statuses@2.0.2:
     resolution: {integrity: sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==}
     engines: {node: '>= 0.8'}
@@ -4133,10 +4767,6 @@ packages:
     resolution: {integrity: sha512-UhDfHmA92YAlNnCfhmq0VeNL5bDbiZGg7sZ2IvPsXubGkiNa9EC+tUTsjBRsYUAz87btI6/1wf4XoVvQ3uRnmQ==}
     engines: {node: '>=18'}
 
-  stoppable@1.1.0:
-    resolution: {integrity: sha512-KXDYZ9dszj6bzvnEMRYvxgeTHU74QBFL54XKtP3nyMuJ81CFYtABZ3bAzL2EdFUaEwJOBOgENyFj3R7oTzDyyw==}
-    engines: {node: '>=4', npm: '>=6'}
-
   strict-event-emitter@0.5.1:
     resolution: {integrity: sha512-vMgjE/GGEPEFnhFub6pa4FmJBRBVOLpIII2hvCZ8Kzb7K0hlHo7mQv6xYrBvCL2LtAIBwFUK8wvuJgTVSQ5MFQ==}
 
@@ -4156,6 +4786,9 @@ packages:
     resolution: {integrity: sha512-6hJPQ8N0V0P3SNmP6h2J99RLuzrWz2gvT7VnK5tKvrNqJoyS9W4/Fb8mo31UiPvy00z7DQXkP2hnKBVav76thw==}
     engines: {node: '>=20'}
 
+  string_decoder@1.3.0:
+    resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==}
+
   stringify-object@5.0.0:
     resolution: {integrity: sha512-zaJYxz2FtcMb4f+g60KsRNFOpVMUyuJgA51Zi5Z1DOTC3S59+OQiVOzE9GZt0x72uBGWKsQIuBKeF9iusmKFsg==}
     engines: {node: '>=14.16'}
@@ -4180,6 +4813,13 @@ packages:
     resolution: {integrity: sha512-aulFJcD6YK8V1G7iRB5tigAP4TsHBZZrOV8pjV++zdUwmeV8uzbY7yn6h9MswN62adStNZFuCIx4haBnRuMDaw==}
     engines: {node: '>=18'}
 
+  strip-json-comments@5.0.3:
+    resolution: {integrity: sha512-1tB5mhVo7U+ETBKNf92xT4hrQa3pm0MZ0PQvuDnWgAAGHDsfp4lPSpiS6psrSiet87wyGPh9ft6wmhOMQ0hDiw==}
+    engines: {node: '>=14.16'}
+
+  strnum@2.2.2:
+    resolution: {integrity: sha512-DnR90I+jtXNSTXWdwrEy9FakW7UX+qUZg28gj5fk2vxxl7uS/3bpI4fjFYVmdK9etptYBPNkpahuQnEwhwECqA==}
+
   styled-jsx@5.1.6:
     resolution: {integrity: sha512-qSVyDTeMotdvQYoHWLNGwRFJHC+i+ZvdBRYosOFgC+Wg1vx4frN2/RG/NA7SYqqvKNLf39P2LSRA2pu6n0XYZA==}
     engines: {node: '>= 12.0.0'}
@@ -4193,6 +4833,10 @@ packages:
       babel-plugin-macros:
         optional: true
 
+  supports-color@10.2.2:
+    resolution: {integrity: sha512-SS+jx45GF1QjgEXQx4NJZV9ImqmO2NPz5FNsIHrsDjh2YsHnawpan7SNQ1o8NuhrbHZy9AZhIoCUiCeaW/C80g==}
+    engines: {node: '>=18'}
+
   supports-color@7.2.0:
     resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==}
     engines: {node: '>=8'}
@@ -4214,6 +4858,10 @@ packages:
     resolution: {integrity: sha512-g9ljZiwki/LfxmQADO3dEY1CbpmXT5Hm2fJ+QaGKwSXUylMybePR7/67YW7jOrrvjEgL1Fmz5kzyAjWVWLlucg==}
     engines: {node: '>=6'}
 
+  thread-stream@4.0.0:
+    resolution: {integrity: sha512-4iMVL6HAINXWf1ZKZjIPcz5wYaOdPhtO8ATvZ+Xqp3BTdaqtAwQkNmKORqcIo5YkQqGXq5cwfswDwMqqQNrpJA==}
+    engines: {node: '>=20'}
+
   tiny-invariant@1.3.3:
     resolution: {integrity: sha512-+FbBPE1o9QAYvviau/qC5SE3caw21q3xkvWKBtja5vgqOWIHHJ3ioaq1VPfn/Szqctz2bU/oYeKd9/z5BL+PVg==}
 
@@ -4251,6 +4899,13 @@ packages:
     resolution: {integrity: sha512-LktZQb3IeoUWB9lqR5EWTHgW/VTITCXg4D21M+lvybRVdylLrRMnqaIONLVb5mav8vM19m44HIcGq4qASeu2Qw==}
     engines: {node: '>=16'}
 
+  tr46@0.0.3:
+    resolution: {integrity: sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==}
+
+  tree-kill@1.2.2:
+    resolution: {integrity: sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==}
+    hasBin: true
+
   ts-essentials@10.1.1:
     resolution: {integrity: sha512-4aTB7KLHKmUvkjNj8V+EdnmuVTiECzn3K+zIbRthumvHu+j44x3w63xpfs0JL3NGIzGXqoQ7AV591xHO+XrOTw==}
     peerDependencies:
@@ -4266,6 +4921,34 @@ packages:
     resolution: {integrity: sha512-NoZ4roiN7LnbKn9QqE1amc9DJfzvZXxF4xDavcOWt1BPkdx+m+0gJuPM+S0vCe7zTJMYUP0R8pO2XMr+Y8oLIg==}
     engines: {node: '>=6'}
 
+  tsdown@0.21.7:
+    resolution: {integrity: sha512-ukKIxKQzngkWvOYJAyptudclkm4VQqbjq+9HF5K5qDO8GJsYtMh8gIRwicbnZEnvFPr6mquFwYAVZ8JKt3rY2g==}
+    engines: {node: '>=20.19.0'}
+    hasBin: true
+    peerDependencies:
+      '@arethetypeswrong/core': ^0.18.1
+      '@tsdown/css': 0.21.7
+      '@tsdown/exe': 0.21.7
+      '@vitejs/devtools': '*'
+      publint: ^0.3.0
+      typescript: ^5.0.0 || ^6.0.0
+      unplugin-unused: ^0.5.0
+    peerDependenciesMeta:
+      '@arethetypeswrong/core':
+        optional: true
+      '@tsdown/css':
+        optional: true
+      '@tsdown/exe':
+        optional: true
+      '@vitejs/devtools':
+        optional: true
+      publint:
+        optional: true
+      typescript:
+        optional: true
+      unplugin-unused:
+        optional: true
+
   tslib@2.8.1:
     resolution: {integrity: sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==}
 
@@ -4274,8 +4957,8 @@ packages:
     engines: {node: '>=18.0.0'}
     hasBin: true
 
-  turbo@2.8.21:
-    resolution: {integrity: sha512-FlJ8OD5Qcp0jTAM7E4a/RhUzRNds2GzKlyxHKA6N247VLy628rrxAGlMpIXSz6VB430+TiQDJ/SMl6PL1lu6wQ==}
+  turbo@2.9.4:
+    resolution: {integrity: sha512-wZ/kMcZCuK5oEp7sXSSo/5fzKjP9I2EhoiarZjyCm2Ixk0WxFrC/h0gF3686eHHINoFQOOSWgB/pGfvkR8rkgQ==}
     hasBin: true
 
   tw-animate-css@1.4.0:
@@ -4294,8 +4977,8 @@ packages:
     engines: {node: '>=14.17'}
     hasBin: true
 
-  ufo@1.6.3:
-    resolution: {integrity: sha512-yDJTmhydvl5lJzBmy/hyOAA0d+aqCBuwl818haVdYCRrWV84o7YyeVm4QlVHStqNrrJSTb6jKuFAVqAFsr+K3Q==}
+  unconfig-core@7.5.0:
+    resolution: {integrity: sha512-Su3FauozOGP44ZmKdHy2oE6LPjk51M/TRRjHv2HNCWiDvfvCoxC2lno6jevMA91MYAdCdwP05QnWdWpSbncX/w==}
 
   undici-types@6.21.0:
     resolution: {integrity: sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==}
@@ -4306,12 +4989,12 @@ packages:
   undici-types@7.18.2:
     resolution: {integrity: sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==}
 
-  undici@5.29.0:
-    resolution: {integrity: sha512-raqeBD6NQK4SkWhQzeYKd1KmIG6dllBOTt55Rmkt4HtI9mwdWtJljnrXjAFUBLTSN67HWrOIZ3EPF4kjUw80Bg==}
-    engines: {node: '>=14.0'}
+  undici@7.24.4:
+    resolution: {integrity: sha512-BM/JzwwaRXxrLdElV2Uo6cTLEjhSb3WXboncJamZ15NgUURmvlXvxa6xkwIOILIjPNo9i8ku136ZvWV0Uly8+w==}
+    engines: {node: '>=20.18.1'}
 
-  unenv@2.0.0-rc.14:
-    resolution: {integrity: sha512-od496pShMen7nOy5VmVJCnq8rptd45vh6Nx/r2iPbrba6pa6p+tS2ywuIHRZ/OBvSbQZB0kWvpO9XBNVFXHD3Q==}
+  unenv@2.0.0-rc.24:
+    resolution: {integrity: sha512-i7qRCmY42zmCwnYlh9H2SvLEypEFGye5iRmEMKjcGi7zk9UquigRjFtTLz0TYqr0ZGLZhaMHl/foy1bZR+Cwlw==}
 
   unicorn-magic@0.3.0:
     resolution: {integrity: sha512-+QBBXBCvifc56fsbuxZQ6Sic3wqqc3WWaqxs58gvJrcOuN83HGTCwz3oS5phzU9LthRNE9VrJCFCLUgHeeFnfA==}
@@ -4325,6 +5008,16 @@ packages:
     resolution: {integrity: sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==}
     engines: {node: '>= 0.8'}
 
+  unrun@0.2.34:
+    resolution: {integrity: sha512-LyaghRBR++r7svhDK6tnDz2XaYHWdneBOA0jbS8wnRsHerI9MFljX4fIiTgbbNbEVzZ0C9P1OjWLLe1OqoaaEw==}
+    engines: {node: '>=20.19.0'}
+    hasBin: true
+    peerDependencies:
+      synckit: ^0.11.11
+    peerDependenciesMeta:
+      synckit:
+        optional: true
+
   until-async@3.0.2:
     resolution: {integrity: sha512-IiSk4HlzAMqTUseHHe3VhIGyuFmN90zMTpD3Z3y8jeQbzLIq500MVM7Jq2vUAnTKAFPJrqwkzr6PoTcPhGcOiw==}
 
@@ -4334,6 +5027,9 @@ packages:
     peerDependencies:
       browserslist: '>= 4.21.0'
 
+  url-template@2.0.8:
+    resolution: {integrity: sha512-XdVKMF4SJ0nP/O7XIPB0JwAEuT9lDIYnNsK8yGVe43y0AWoKeJNdv3ZNWh7ksJ6KqQFjOO6ox/VEitLnaVNufw==}
+
   use-intl@4.8.3:
     resolution: {integrity: sha512-nLxlC/RH+le6g3amA508Itnn/00mE+J22ui21QhOWo5V9hCEC43+WtnRAITbJW0ztVZphev5X9gvOf2/Dk9PLA==}
     peerDependencies:
@@ -4355,6 +5051,13 @@ packages:
     resolution: {integrity: sha512-XQegIaBTVUjSHliKqcnFqYypAd4S+WCYt5NIeRs6w/UAry7z8Y9j5ZwRRL4kzq9U3sD6v+85er9FvkEaBpji2w==}
     hasBin: true
 
+  uuid@9.0.1:
+    resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==}
+    hasBin: true
+
+  uzip@0.20201231.0:
+    resolution: {integrity: sha512-OZeJfZP+R0z9D6TmBgLq2LHzSSptGMGDGigGiEe0pr8UBe/7fdflgHlHBNDASTXB5jnFuxHpNaJywSg8YFeGng==}
+
   validate-npm-package-name@7.0.2:
     resolution: {integrity: sha512-hVDIBwsRruT73PbK7uP5ebUt+ezEtCmzZz3F59BSr2F6OVFnJ/6h8liuvdLrQ88Xmnk6/+xGGuq+pG9WwTuy3A==}
     engines: {node: ^20.17.0 || >=22.9.0}
@@ -4451,6 +5154,12 @@ packages:
     resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==}
     engines: {node: '>= 8'}
 
+  webidl-conversions@3.0.1:
+    resolution: {integrity: sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==}
+
+  whatwg-url@5.0.0:
+    resolution: {integrity: sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==}
+
   which@2.0.2:
     resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==}
     engines: {node: '>= 8'}
@@ -4466,17 +5175,17 @@ packages:
     engines: {node: '>=8'}
     hasBin: true
 
-  workerd@1.20250718.0:
-    resolution: {integrity: sha512-kqkIJP/eOfDlUyBzU7joBg+tl8aB25gEAGqDap+nFWb+WHhnooxjGHgxPBy3ipw2hnShPFNOQt5lFRxbwALirg==}
+  workerd@1.20260329.1:
+    resolution: {integrity: sha512-+ifMv3uBuD33ee7pan5n8+sgVxm2u5HnbgfXzHKwMNTKw86znqBJSnJoBqtP88+2T5U2Lu11xXUt+khPYioXwQ==}
     engines: {node: '>=16'}
     hasBin: true
 
-  wrangler@3.114.17:
-    resolution: {integrity: sha512-tAvf7ly+tB+zwwrmjsCyJ2pJnnc7SZhbnNwXbH+OIdVas3zTSmjcZOjmLKcGGptssAA3RyTKhcF9BvKZzMUycA==}
-    engines: {node: '>=16.17.0'}
+  wrangler@4.79.0:
+    resolution: {integrity: sha512-NMinIdB1pXIqdk+NLw4+RjzB7K5z4+lWMxhTxFTfZomwJu3Pm6N+kZ+a66D3nI7w0oCjsdv/umrZVmSHCBp2cg==}
+    engines: {node: '>=20.3.0'}
     hasBin: true
     peerDependencies:
-      '@cloudflare/workers-types': ^4.20250408.0
+      '@cloudflare/workers-types': ^4.20260329.1
     peerDependenciesMeta:
       '@cloudflare/workers-types':
         optional: true
@@ -4544,17 +5253,17 @@ packages:
     resolution: {integrity: sha512-CzhO+pFNo8ajLM2d2IW/R93ipy99LWjtwblvC1RsoSUMZgyLbYFr221TnSNT7GjGdYui6P459mw9JH/g/zW2ug==}
     engines: {node: '>=18'}
 
-  youch@3.3.4:
-    resolution: {integrity: sha512-UeVBXie8cA35DS6+nBkls68xaBBXCye0CNznrhszZjTbRVnJKQuNsyLKBTTL4ln1o1rh2PKtv35twV7irj5SEg==}
+  youch-core@0.3.3:
+    resolution: {integrity: sha512-ho7XuGjLaJ2hWHoK8yFnsUGy2Y5uDpqSTq1FkHLK4/oqKtyUU1AFbOOxY4IpC9f0fTLjwYbslUz0Po5BpD1wrA==}
+
+  youch@4.1.0-beta.10:
+    resolution: {integrity: sha512-rLfVLB4FgQneDr0dv1oddCVZmKjcJ6yX6mS4pU82Mq/Dt9a3cLZQ62pDBL4AUO+uVrCvtWz3ZFUL2HFAFJ/BXQ==}
 
   zod-to-json-schema@3.25.1:
     resolution: {integrity: sha512-pM/SU9d3YAggzi6MtR4h7ruuQlqKtad8e9S0fmxcMi+ueAK5Korys/aWcV9LIIHTVbj01NdzxcnXSN+O74ZIVA==}
     peerDependencies:
       zod: ^3.25 || ^4
 
-  zod@3.22.3:
-    resolution: {integrity: sha512-EjIevzuJRiRPbVH4mGc8nApb/lVLKVpmUhAaR5R5doKGfAnGJ6Gr3CViAVjP+4FWSxCsybeWQdcgCtbX+7oZug==}
-
   zod@3.25.76:
     resolution: {integrity: sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==}
 
@@ -4565,6 +5274,459 @@ snapshots:
 
   '@alloc/quick-lru@5.2.0': {}
 
+  '@aws-crypto/crc32@5.2.0':
+    dependencies:
+      '@aws-crypto/util': 5.2.0
+      '@aws-sdk/types': 3.973.6
+      tslib: 2.8.1
+
+  '@aws-crypto/crc32c@5.2.0':
+    dependencies:
+      '@aws-crypto/util': 5.2.0
+      '@aws-sdk/types': 3.973.6
+      tslib: 2.8.1
+
+  '@aws-crypto/sha1-browser@5.2.0':
+    dependencies:
+      '@aws-crypto/supports-web-crypto': 5.2.0
+      '@aws-crypto/util': 5.2.0
+      '@aws-sdk/types': 3.973.6
+      '@aws-sdk/util-locate-window': 3.965.5
+      '@smithy/util-utf8': 2.3.0
+      tslib: 2.8.1
+
+  '@aws-crypto/sha256-browser@5.2.0':
+    dependencies:
+      '@aws-crypto/sha256-js': 5.2.0
+      '@aws-crypto/supports-web-crypto': 5.2.0
+      '@aws-crypto/util': 5.2.0
+      '@aws-sdk/types': 3.973.6
+      '@aws-sdk/util-locate-window': 3.965.5
+      '@smithy/util-utf8': 2.3.0
+      tslib: 2.8.1
+
+  '@aws-crypto/sha256-js@5.2.0':
+    dependencies:
+      '@aws-crypto/util': 5.2.0
+      '@aws-sdk/types': 3.973.6
+      tslib: 2.8.1
+
+  '@aws-crypto/supports-web-crypto@5.2.0':
+    dependencies:
+      tslib: 2.8.1
+
+  '@aws-crypto/util@5.2.0':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/util-utf8': 2.3.0
+      tslib: 2.8.1
+
+  '@aws-sdk/client-s3@3.1022.0':
+    dependencies:
+      '@aws-crypto/sha1-browser': 5.2.0
+      '@aws-crypto/sha256-browser': 5.2.0
+      '@aws-crypto/sha256-js': 5.2.0
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/credential-provider-node': 3.972.29
+      '@aws-sdk/middleware-bucket-endpoint': 3.972.8
+      '@aws-sdk/middleware-expect-continue': 3.972.8
+      '@aws-sdk/middleware-flexible-checksums': 3.974.6
+      '@aws-sdk/middleware-host-header': 3.972.8
+      '@aws-sdk/middleware-location-constraint': 3.972.8
+      '@aws-sdk/middleware-logger': 3.972.8
+      '@aws-sdk/middleware-recursion-detection': 3.972.9
+      '@aws-sdk/middleware-sdk-s3': 3.972.27
+      '@aws-sdk/middleware-ssec': 3.972.8
+      '@aws-sdk/middleware-user-agent': 3.972.28
+      '@aws-sdk/region-config-resolver': 3.972.10
+      '@aws-sdk/signature-v4-multi-region': 3.996.15
+      '@aws-sdk/types': 3.973.6
+      '@aws-sdk/util-endpoints': 3.996.5
+      '@aws-sdk/util-user-agent-browser': 3.972.8
+      '@aws-sdk/util-user-agent-node': 3.973.14
+      '@smithy/config-resolver': 4.4.13
+      '@smithy/core': 3.23.13
+      '@smithy/eventstream-serde-browser': 4.2.12
+      '@smithy/eventstream-serde-config-resolver': 4.3.12
+      '@smithy/eventstream-serde-node': 4.2.12
+      '@smithy/fetch-http-handler': 5.3.15
+      '@smithy/hash-blob-browser': 4.2.13
+      '@smithy/hash-node': 4.2.12
+      '@smithy/hash-stream-node': 4.2.12
+      '@smithy/invalid-dependency': 4.2.12
+      '@smithy/md5-js': 4.2.12
+      '@smithy/middleware-content-length': 4.2.12
+      '@smithy/middleware-endpoint': 4.4.28
+      '@smithy/middleware-retry': 4.4.46
+      '@smithy/middleware-serde': 4.2.16
+      '@smithy/middleware-stack': 4.2.12
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/node-http-handler': 4.5.1
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/smithy-client': 4.12.8
+      '@smithy/types': 4.13.1
+      '@smithy/url-parser': 4.2.12
+      '@smithy/util-base64': 4.3.2
+      '@smithy/util-body-length-browser': 4.2.2
+      '@smithy/util-body-length-node': 4.2.3
+      '@smithy/util-defaults-mode-browser': 4.3.44
+      '@smithy/util-defaults-mode-node': 4.2.48
+      '@smithy/util-endpoints': 3.3.3
+      '@smithy/util-middleware': 4.2.12
+      '@smithy/util-retry': 4.2.13
+      '@smithy/util-stream': 4.5.21
+      '@smithy/util-utf8': 4.2.2
+      '@smithy/util-waiter': 4.2.14
+      tslib: 2.8.1
+    transitivePeerDependencies:
+      - aws-crt
+
+  '@aws-sdk/core@3.973.26':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@aws-sdk/xml-builder': 3.972.16
+      '@smithy/core': 3.23.13
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/property-provider': 4.2.12
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/signature-v4': 5.3.12
+      '@smithy/smithy-client': 4.12.8
+      '@smithy/types': 4.13.1
+      '@smithy/util-base64': 4.3.2
+      '@smithy/util-middleware': 4.2.12
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+
+  '@aws-sdk/crc64-nvme@3.972.5':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/credential-provider-env@3.972.24':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/types': 3.973.6
+      '@smithy/property-provider': 4.2.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/credential-provider-http@3.972.26':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/types': 3.973.6
+      '@smithy/fetch-http-handler': 5.3.15
+      '@smithy/node-http-handler': 4.5.1
+      '@smithy/property-provider': 4.2.12
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/smithy-client': 4.12.8
+      '@smithy/types': 4.13.1
+      '@smithy/util-stream': 4.5.21
+      tslib: 2.8.1
+
+  '@aws-sdk/credential-provider-ini@3.972.28':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/credential-provider-env': 3.972.24
+      '@aws-sdk/credential-provider-http': 3.972.26
+      '@aws-sdk/credential-provider-login': 3.972.28
+      '@aws-sdk/credential-provider-process': 3.972.24
+      '@aws-sdk/credential-provider-sso': 3.972.28
+      '@aws-sdk/credential-provider-web-identity': 3.972.28
+      '@aws-sdk/nested-clients': 3.996.18
+      '@aws-sdk/types': 3.973.6
+      '@smithy/credential-provider-imds': 4.2.12
+      '@smithy/property-provider': 4.2.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+    transitivePeerDependencies:
+      - aws-crt
+
+  '@aws-sdk/credential-provider-login@3.972.28':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/nested-clients': 3.996.18
+      '@aws-sdk/types': 3.973.6
+      '@smithy/property-provider': 4.2.12
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+    transitivePeerDependencies:
+      - aws-crt
+
+  '@aws-sdk/credential-provider-node@3.972.29':
+    dependencies:
+      '@aws-sdk/credential-provider-env': 3.972.24
+      '@aws-sdk/credential-provider-http': 3.972.26
+      '@aws-sdk/credential-provider-ini': 3.972.28
+      '@aws-sdk/credential-provider-process': 3.972.24
+      '@aws-sdk/credential-provider-sso': 3.972.28
+      '@aws-sdk/credential-provider-web-identity': 3.972.28
+      '@aws-sdk/types': 3.973.6
+      '@smithy/credential-provider-imds': 4.2.12
+      '@smithy/property-provider': 4.2.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+    transitivePeerDependencies:
+      - aws-crt
+
+  '@aws-sdk/credential-provider-process@3.972.24':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/types': 3.973.6
+      '@smithy/property-provider': 4.2.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/credential-provider-sso@3.972.28':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/nested-clients': 3.996.18
+      '@aws-sdk/token-providers': 3.1021.0
+      '@aws-sdk/types': 3.973.6
+      '@smithy/property-provider': 4.2.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+    transitivePeerDependencies:
+      - aws-crt
+
+  '@aws-sdk/credential-provider-web-identity@3.972.28':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/nested-clients': 3.996.18
+      '@aws-sdk/types': 3.973.6
+      '@smithy/property-provider': 4.2.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+    transitivePeerDependencies:
+      - aws-crt
+
+  '@aws-sdk/middleware-bucket-endpoint@3.972.8':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@aws-sdk/util-arn-parser': 3.972.3
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      '@smithy/util-config-provider': 4.2.2
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-expect-continue@3.972.8':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-flexible-checksums@3.974.6':
+    dependencies:
+      '@aws-crypto/crc32': 5.2.0
+      '@aws-crypto/crc32c': 5.2.0
+      '@aws-crypto/util': 5.2.0
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/crc64-nvme': 3.972.5
+      '@aws-sdk/types': 3.973.6
+      '@smithy/is-array-buffer': 4.2.2
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      '@smithy/util-middleware': 4.2.12
+      '@smithy/util-stream': 4.5.21
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-host-header@3.972.8':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-location-constraint@3.972.8':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-logger@3.972.8':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-recursion-detection@3.972.9':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@aws/lambda-invoke-store': 0.2.4
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-sdk-s3@3.972.27':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/types': 3.973.6
+      '@aws-sdk/util-arn-parser': 3.972.3
+      '@smithy/core': 3.23.13
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/signature-v4': 5.3.12
+      '@smithy/smithy-client': 4.12.8
+      '@smithy/types': 4.13.1
+      '@smithy/util-config-provider': 4.2.2
+      '@smithy/util-middleware': 4.2.12
+      '@smithy/util-stream': 4.5.21
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-ssec@3.972.8':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/middleware-user-agent@3.972.28':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/types': 3.973.6
+      '@aws-sdk/util-endpoints': 3.996.5
+      '@smithy/core': 3.23.13
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      '@smithy/util-retry': 4.2.13
+      tslib: 2.8.1
+
+  '@aws-sdk/nested-clients@3.996.18':
+    dependencies:
+      '@aws-crypto/sha256-browser': 5.2.0
+      '@aws-crypto/sha256-js': 5.2.0
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/middleware-host-header': 3.972.8
+      '@aws-sdk/middleware-logger': 3.972.8
+      '@aws-sdk/middleware-recursion-detection': 3.972.9
+      '@aws-sdk/middleware-user-agent': 3.972.28
+      '@aws-sdk/region-config-resolver': 3.972.10
+      '@aws-sdk/types': 3.973.6
+      '@aws-sdk/util-endpoints': 3.996.5
+      '@aws-sdk/util-user-agent-browser': 3.972.8
+      '@aws-sdk/util-user-agent-node': 3.973.14
+      '@smithy/config-resolver': 4.4.13
+      '@smithy/core': 3.23.13
+      '@smithy/fetch-http-handler': 5.3.15
+      '@smithy/hash-node': 4.2.12
+      '@smithy/invalid-dependency': 4.2.12
+      '@smithy/middleware-content-length': 4.2.12
+      '@smithy/middleware-endpoint': 4.4.28
+      '@smithy/middleware-retry': 4.4.46
+      '@smithy/middleware-serde': 4.2.16
+      '@smithy/middleware-stack': 4.2.12
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/node-http-handler': 4.5.1
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/smithy-client': 4.12.8
+      '@smithy/types': 4.13.1
+      '@smithy/url-parser': 4.2.12
+      '@smithy/util-base64': 4.3.2
+      '@smithy/util-body-length-browser': 4.2.2
+      '@smithy/util-body-length-node': 4.2.3
+      '@smithy/util-defaults-mode-browser': 4.3.44
+      '@smithy/util-defaults-mode-node': 4.2.48
+      '@smithy/util-endpoints': 3.3.3
+      '@smithy/util-middleware': 4.2.12
+      '@smithy/util-retry': 4.2.13
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+    transitivePeerDependencies:
+      - aws-crt
+
+  '@aws-sdk/region-config-resolver@3.972.10':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/config-resolver': 4.4.13
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/signature-v4-multi-region@3.996.15':
+    dependencies:
+      '@aws-sdk/middleware-sdk-s3': 3.972.27
+      '@aws-sdk/types': 3.973.6
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/signature-v4': 5.3.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/token-providers@3.1021.0':
+    dependencies:
+      '@aws-sdk/core': 3.973.26
+      '@aws-sdk/nested-clients': 3.996.18
+      '@aws-sdk/types': 3.973.6
+      '@smithy/property-provider': 4.2.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+    transitivePeerDependencies:
+      - aws-crt
+
+  '@aws-sdk/types@3.973.6':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@aws-sdk/util-arn-parser@3.972.3':
+    dependencies:
+      tslib: 2.8.1
+
+  '@aws-sdk/util-endpoints@3.996.5':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/types': 4.13.1
+      '@smithy/url-parser': 4.2.12
+      '@smithy/util-endpoints': 3.3.3
+      tslib: 2.8.1
+
+  '@aws-sdk/util-locate-window@3.965.5':
+    dependencies:
+      tslib: 2.8.1
+
+  '@aws-sdk/util-user-agent-browser@3.972.8':
+    dependencies:
+      '@aws-sdk/types': 3.973.6
+      '@smithy/types': 4.13.1
+      bowser: 2.14.1
+      tslib: 2.8.1
+
+  '@aws-sdk/util-user-agent-node@3.973.14':
+    dependencies:
+      '@aws-sdk/middleware-user-agent': 3.972.28
+      '@aws-sdk/types': 3.973.6
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/types': 4.13.1
+      '@smithy/util-config-provider': 4.2.2
+      tslib: 2.8.1
+
+  '@aws-sdk/xml-builder@3.972.16':
+    dependencies:
+      '@smithy/types': 4.13.1
+      fast-xml-parser: 5.5.8
+      tslib: 2.8.1
+
+  '@aws/lambda-invoke-store@0.2.4': {}
+
+  '@axiomhq/js@1.6.0':
+    dependencies:
+      fetch-retry: 6.0.0
+
+  '@axiomhq/pino@1.6.0':
+    dependencies:
+      '@axiomhq/js': 1.6.0
+      pino-abstract-transport: 1.2.0
+
   '@babel/code-frame@7.29.0':
     dependencies:
       '@babel/helper-validator-identifier': 7.28.5
@@ -4601,6 +5763,15 @@ snapshots:
       '@jridgewell/trace-mapping': 0.3.31
       jsesc: 3.1.0
 
+  '@babel/generator@8.0.0-rc.3':
+    dependencies:
+      '@babel/parser': 8.0.0-rc.3
+      '@babel/types': 8.0.0-rc.3
+      '@jridgewell/gen-mapping': 0.3.13
+      '@jridgewell/trace-mapping': 0.3.31
+      '@types/jsesc': 2.5.1
+      jsesc: 3.1.0
+
   '@babel/helper-annotate-as-pure@7.27.3':
     dependencies:
       '@babel/types': 7.29.0
@@ -4675,8 +5846,12 @@ snapshots:
 
   '@babel/helper-string-parser@7.27.1': {}
 
+  '@babel/helper-string-parser@8.0.0-rc.3': {}
+
   '@babel/helper-validator-identifier@7.28.5': {}
 
+  '@babel/helper-validator-identifier@8.0.0-rc.3': {}
+
   '@babel/helper-validator-option@7.27.1': {}
 
   '@babel/helpers@7.29.2':
@@ -4688,6 +5863,10 @@ snapshots:
     dependencies:
       '@babel/types': 7.29.0
 
+  '@babel/parser@8.0.0-rc.3':
+    dependencies:
+      '@babel/types': 8.0.0-rc.3
+
   '@babel/plugin-syntax-jsx@7.28.6(@babel/core@7.29.0)':
     dependencies:
       '@babel/core': 7.29.0
@@ -4753,6 +5932,11 @@ snapshots:
       '@babel/helper-string-parser': 7.27.1
       '@babel/helper-validator-identifier': 7.28.5
 
+  '@babel/types@8.0.0-rc.3':
+    dependencies:
+      '@babel/helper-string-parser': 8.0.0-rc.3
+      '@babel/helper-validator-identifier': 8.0.0-rc.3
+
   '@base-ui/react@1.3.0(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)':
     dependencies:
       '@babel/runtime': 7.29.2
@@ -4866,29 +6050,27 @@ snapshots:
   '@biomejs/cli-win32-x64@2.4.8':
     optional: true
 
-  '@cloudflare/kv-asset-handler@0.3.4':
-    dependencies:
-      mime: 3.0.0
+  '@cloudflare/kv-asset-handler@0.4.2': {}
 
-  '@cloudflare/unenv-preset@2.0.2(unenv@2.0.0-rc.14)(workerd@1.20250718.0)':
+  '@cloudflare/unenv-preset@2.16.0(unenv@2.0.0-rc.24)(workerd@1.20260329.1)':
     dependencies:
-      unenv: 2.0.0-rc.14
+      unenv: 2.0.0-rc.24
     optionalDependencies:
-      workerd: 1.20250718.0
+      workerd: 1.20260329.1
 
-  '@cloudflare/workerd-darwin-64@1.20250718.0':
+  '@cloudflare/workerd-darwin-64@1.20260329.1':
     optional: true
 
-  '@cloudflare/workerd-darwin-arm64@1.20250718.0':
+  '@cloudflare/workerd-darwin-arm64@1.20260329.1':
     optional: true
 
-  '@cloudflare/workerd-linux-64@1.20250718.0':
+  '@cloudflare/workerd-linux-64@1.20260329.1':
     optional: true
 
-  '@cloudflare/workerd-linux-arm64@1.20250718.0':
+  '@cloudflare/workerd-linux-arm64@1.20260329.1':
     optional: true
 
-  '@cloudflare/workerd-windows-64@1.20250718.0':
+  '@cloudflare/workerd-windows-64@1.20260329.1':
     optional: true
 
   '@cloudflare/workers-types@4.20260401.1': {}
@@ -5065,23 +6247,13 @@ snapshots:
       '@esbuild-kit/core-utils': 3.3.2
       get-tsconfig: 4.13.7
 
-  '@esbuild-plugins/node-globals-polyfill@0.2.3(esbuild@0.17.19)':
-    dependencies:
-      esbuild: 0.17.19
-
-  '@esbuild-plugins/node-modules-polyfill@0.2.2(esbuild@0.17.19)':
-    dependencies:
-      esbuild: 0.17.19
-      escape-string-regexp: 4.0.0
-      rollup-plugin-node-polyfills: 0.2.1
-
   '@esbuild/aix-ppc64@0.25.12':
     optional: true
 
-  '@esbuild/aix-ppc64@0.27.4':
+  '@esbuild/aix-ppc64@0.27.3':
     optional: true
 
-  '@esbuild/android-arm64@0.17.19':
+  '@esbuild/aix-ppc64@0.27.4':
     optional: true
 
   '@esbuild/android-arm64@0.18.20':
@@ -5090,10 +6262,10 @@ snapshots:
   '@esbuild/android-arm64@0.25.12':
     optional: true
 
-  '@esbuild/android-arm64@0.27.4':
+  '@esbuild/android-arm64@0.27.3':
     optional: true
 
-  '@esbuild/android-arm@0.17.19':
+  '@esbuild/android-arm64@0.27.4':
     optional: true
 
   '@esbuild/android-arm@0.18.20':
@@ -5102,10 +6274,10 @@ snapshots:
   '@esbuild/android-arm@0.25.12':
     optional: true
 
-  '@esbuild/android-arm@0.27.4':
+  '@esbuild/android-arm@0.27.3':
     optional: true
 
-  '@esbuild/android-x64@0.17.19':
+  '@esbuild/android-arm@0.27.4':
     optional: true
 
   '@esbuild/android-x64@0.18.20':
@@ -5114,10 +6286,10 @@ snapshots:
   '@esbuild/android-x64@0.25.12':
     optional: true
 
-  '@esbuild/android-x64@0.27.4':
+  '@esbuild/android-x64@0.27.3':
     optional: true
 
-  '@esbuild/darwin-arm64@0.17.19':
+  '@esbuild/android-x64@0.27.4':
     optional: true
 
   '@esbuild/darwin-arm64@0.18.20':
@@ -5126,10 +6298,10 @@ snapshots:
   '@esbuild/darwin-arm64@0.25.12':
     optional: true
 
-  '@esbuild/darwin-arm64@0.27.4':
+  '@esbuild/darwin-arm64@0.27.3':
     optional: true
 
-  '@esbuild/darwin-x64@0.17.19':
+  '@esbuild/darwin-arm64@0.27.4':
     optional: true
 
   '@esbuild/darwin-x64@0.18.20':
@@ -5138,10 +6310,10 @@ snapshots:
   '@esbuild/darwin-x64@0.25.12':
     optional: true
 
-  '@esbuild/darwin-x64@0.27.4':
+  '@esbuild/darwin-x64@0.27.3':
     optional: true
 
-  '@esbuild/freebsd-arm64@0.17.19':
+  '@esbuild/darwin-x64@0.27.4':
     optional: true
 
   '@esbuild/freebsd-arm64@0.18.20':
@@ -5150,10 +6322,10 @@ snapshots:
   '@esbuild/freebsd-arm64@0.25.12':
     optional: true
 
-  '@esbuild/freebsd-arm64@0.27.4':
+  '@esbuild/freebsd-arm64@0.27.3':
     optional: true
 
-  '@esbuild/freebsd-x64@0.17.19':
+  '@esbuild/freebsd-arm64@0.27.4':
     optional: true
 
   '@esbuild/freebsd-x64@0.18.20':
@@ -5162,10 +6334,10 @@ snapshots:
   '@esbuild/freebsd-x64@0.25.12':
     optional: true
 
-  '@esbuild/freebsd-x64@0.27.4':
+  '@esbuild/freebsd-x64@0.27.3':
     optional: true
 
-  '@esbuild/linux-arm64@0.17.19':
+  '@esbuild/freebsd-x64@0.27.4':
     optional: true
 
   '@esbuild/linux-arm64@0.18.20':
@@ -5174,10 +6346,10 @@ snapshots:
   '@esbuild/linux-arm64@0.25.12':
     optional: true
 
-  '@esbuild/linux-arm64@0.27.4':
+  '@esbuild/linux-arm64@0.27.3':
     optional: true
 
-  '@esbuild/linux-arm@0.17.19':
+  '@esbuild/linux-arm64@0.27.4':
     optional: true
 
   '@esbuild/linux-arm@0.18.20':
@@ -5186,10 +6358,10 @@ snapshots:
   '@esbuild/linux-arm@0.25.12':
     optional: true
 
-  '@esbuild/linux-arm@0.27.4':
+  '@esbuild/linux-arm@0.27.3':
     optional: true
 
-  '@esbuild/linux-ia32@0.17.19':
+  '@esbuild/linux-arm@0.27.4':
     optional: true
 
   '@esbuild/linux-ia32@0.18.20':
@@ -5198,10 +6370,10 @@ snapshots:
   '@esbuild/linux-ia32@0.25.12':
     optional: true
 
-  '@esbuild/linux-ia32@0.27.4':
+  '@esbuild/linux-ia32@0.27.3':
     optional: true
 
-  '@esbuild/linux-loong64@0.17.19':
+  '@esbuild/linux-ia32@0.27.4':
     optional: true
 
   '@esbuild/linux-loong64@0.18.20':
@@ -5210,10 +6382,10 @@ snapshots:
   '@esbuild/linux-loong64@0.25.12':
     optional: true
 
-  '@esbuild/linux-loong64@0.27.4':
+  '@esbuild/linux-loong64@0.27.3':
     optional: true
 
-  '@esbuild/linux-mips64el@0.17.19':
+  '@esbuild/linux-loong64@0.27.4':
     optional: true
 
   '@esbuild/linux-mips64el@0.18.20':
@@ -5222,10 +6394,10 @@ snapshots:
   '@esbuild/linux-mips64el@0.25.12':
     optional: true
 
-  '@esbuild/linux-mips64el@0.27.4':
+  '@esbuild/linux-mips64el@0.27.3':
     optional: true
 
-  '@esbuild/linux-ppc64@0.17.19':
+  '@esbuild/linux-mips64el@0.27.4':
     optional: true
 
   '@esbuild/linux-ppc64@0.18.20':
@@ -5234,10 +6406,10 @@ snapshots:
   '@esbuild/linux-ppc64@0.25.12':
     optional: true
 
-  '@esbuild/linux-ppc64@0.27.4':
+  '@esbuild/linux-ppc64@0.27.3':
     optional: true
 
-  '@esbuild/linux-riscv64@0.17.19':
+  '@esbuild/linux-ppc64@0.27.4':
     optional: true
 
   '@esbuild/linux-riscv64@0.18.20':
@@ -5246,10 +6418,10 @@ snapshots:
   '@esbuild/linux-riscv64@0.25.12':
     optional: true
 
-  '@esbuild/linux-riscv64@0.27.4':
+  '@esbuild/linux-riscv64@0.27.3':
     optional: true
 
-  '@esbuild/linux-s390x@0.17.19':
+  '@esbuild/linux-riscv64@0.27.4':
     optional: true
 
   '@esbuild/linux-s390x@0.18.20':
@@ -5258,10 +6430,10 @@ snapshots:
   '@esbuild/linux-s390x@0.25.12':
     optional: true
 
-  '@esbuild/linux-s390x@0.27.4':
+  '@esbuild/linux-s390x@0.27.3':
     optional: true
 
-  '@esbuild/linux-x64@0.17.19':
+  '@esbuild/linux-s390x@0.27.4':
     optional: true
 
   '@esbuild/linux-x64@0.18.20':
@@ -5270,16 +6442,19 @@ snapshots:
   '@esbuild/linux-x64@0.25.12':
     optional: true
 
+  '@esbuild/linux-x64@0.27.3':
+    optional: true
+
   '@esbuild/linux-x64@0.27.4':
     optional: true
 
   '@esbuild/netbsd-arm64@0.25.12':
     optional: true
 
-  '@esbuild/netbsd-arm64@0.27.4':
+  '@esbuild/netbsd-arm64@0.27.3':
     optional: true
 
-  '@esbuild/netbsd-x64@0.17.19':
+  '@esbuild/netbsd-arm64@0.27.4':
     optional: true
 
   '@esbuild/netbsd-x64@0.18.20':
@@ -5288,16 +6463,19 @@ snapshots:
   '@esbuild/netbsd-x64@0.25.12':
     optional: true
 
+  '@esbuild/netbsd-x64@0.27.3':
+    optional: true
+
   '@esbuild/netbsd-x64@0.27.4':
     optional: true
 
   '@esbuild/openbsd-arm64@0.25.12':
     optional: true
 
-  '@esbuild/openbsd-arm64@0.27.4':
+  '@esbuild/openbsd-arm64@0.27.3':
     optional: true
 
-  '@esbuild/openbsd-x64@0.17.19':
+  '@esbuild/openbsd-arm64@0.27.4':
     optional: true
 
   '@esbuild/openbsd-x64@0.18.20':
@@ -5306,16 +6484,19 @@ snapshots:
   '@esbuild/openbsd-x64@0.25.12':
     optional: true
 
+  '@esbuild/openbsd-x64@0.27.3':
+    optional: true
+
   '@esbuild/openbsd-x64@0.27.4':
     optional: true
 
   '@esbuild/openharmony-arm64@0.25.12':
     optional: true
 
-  '@esbuild/openharmony-arm64@0.27.4':
+  '@esbuild/openharmony-arm64@0.27.3':
     optional: true
 
-  '@esbuild/sunos-x64@0.17.19':
+  '@esbuild/openharmony-arm64@0.27.4':
     optional: true
 
   '@esbuild/sunos-x64@0.18.20':
@@ -5324,10 +6505,10 @@ snapshots:
   '@esbuild/sunos-x64@0.25.12':
     optional: true
 
-  '@esbuild/sunos-x64@0.27.4':
+  '@esbuild/sunos-x64@0.27.3':
     optional: true
 
-  '@esbuild/win32-arm64@0.17.19':
+  '@esbuild/sunos-x64@0.27.4':
     optional: true
 
   '@esbuild/win32-arm64@0.18.20':
@@ -5336,10 +6517,10 @@ snapshots:
   '@esbuild/win32-arm64@0.25.12':
     optional: true
 
-  '@esbuild/win32-arm64@0.27.4':
+  '@esbuild/win32-arm64@0.27.3':
     optional: true
 
-  '@esbuild/win32-ia32@0.17.19':
+  '@esbuild/win32-arm64@0.27.4':
     optional: true
 
   '@esbuild/win32-ia32@0.18.20':
@@ -5348,10 +6529,10 @@ snapshots:
   '@esbuild/win32-ia32@0.25.12':
     optional: true
 
-  '@esbuild/win32-ia32@0.27.4':
+  '@esbuild/win32-ia32@0.27.3':
     optional: true
 
-  '@esbuild/win32-x64@0.17.19':
+  '@esbuild/win32-ia32@0.27.4':
     optional: true
 
   '@esbuild/win32-x64@0.18.20':
@@ -5360,10 +6541,11 @@ snapshots:
   '@esbuild/win32-x64@0.25.12':
     optional: true
 
-  '@esbuild/win32-x64@0.27.4':
+  '@esbuild/win32-x64@0.27.3':
     optional: true
 
-  '@fastify/busboy@2.1.1': {}
+  '@esbuild/win32-x64@0.27.4':
+    optional: true
 
   '@floating-ui/core@1.7.5':
     dependencies:
@@ -5425,50 +6607,27 @@ snapshots:
     dependencies:
       hono: 4.12.8
 
-  '@img/colour@1.1.0':
-    optional: true
-
-  '@img/sharp-darwin-arm64@0.33.5':
-    optionalDependencies:
-      '@img/sharp-libvips-darwin-arm64': 1.0.4
-    optional: true
+  '@img/colour@1.1.0': {}
 
   '@img/sharp-darwin-arm64@0.34.5':
     optionalDependencies:
       '@img/sharp-libvips-darwin-arm64': 1.2.4
     optional: true
 
-  '@img/sharp-darwin-x64@0.33.5':
-    optionalDependencies:
-      '@img/sharp-libvips-darwin-x64': 1.0.4
-    optional: true
-
   '@img/sharp-darwin-x64@0.34.5':
     optionalDependencies:
       '@img/sharp-libvips-darwin-x64': 1.2.4
     optional: true
 
-  '@img/sharp-libvips-darwin-arm64@1.0.4':
-    optional: true
-
   '@img/sharp-libvips-darwin-arm64@1.2.4':
     optional: true
 
-  '@img/sharp-libvips-darwin-x64@1.0.4':
-    optional: true
-
   '@img/sharp-libvips-darwin-x64@1.2.4':
     optional: true
 
-  '@img/sharp-libvips-linux-arm64@1.0.4':
-    optional: true
-
   '@img/sharp-libvips-linux-arm64@1.2.4':
     optional: true
 
-  '@img/sharp-libvips-linux-arm@1.0.5':
-    optional: true
-
   '@img/sharp-libvips-linux-arm@1.2.4':
     optional: true
 
@@ -5478,45 +6637,23 @@ snapshots:
   '@img/sharp-libvips-linux-riscv64@1.2.4':
     optional: true
 
-  '@img/sharp-libvips-linux-s390x@1.0.4':
-    optional: true
-
   '@img/sharp-libvips-linux-s390x@1.2.4':
     optional: true
 
-  '@img/sharp-libvips-linux-x64@1.0.4':
-    optional: true
-
   '@img/sharp-libvips-linux-x64@1.2.4':
     optional: true
 
-  '@img/sharp-libvips-linuxmusl-arm64@1.0.4':
-    optional: true
-
   '@img/sharp-libvips-linuxmusl-arm64@1.2.4':
     optional: true
 
-  '@img/sharp-libvips-linuxmusl-x64@1.0.4':
-    optional: true
-
   '@img/sharp-libvips-linuxmusl-x64@1.2.4':
     optional: true
 
-  '@img/sharp-linux-arm64@0.33.5':
-    optionalDependencies:
-      '@img/sharp-libvips-linux-arm64': 1.0.4
-    optional: true
-
   '@img/sharp-linux-arm64@0.34.5':
     optionalDependencies:
       '@img/sharp-libvips-linux-arm64': 1.2.4
     optional: true
 
-  '@img/sharp-linux-arm@0.33.5':
-    optionalDependencies:
-      '@img/sharp-libvips-linux-arm': 1.0.5
-    optional: true
-
   '@img/sharp-linux-arm@0.34.5':
     optionalDependencies:
       '@img/sharp-libvips-linux-arm': 1.2.4
@@ -5532,51 +6669,26 @@ snapshots:
       '@img/sharp-libvips-linux-riscv64': 1.2.4
     optional: true
 
-  '@img/sharp-linux-s390x@0.33.5':
-    optionalDependencies:
-      '@img/sharp-libvips-linux-s390x': 1.0.4
-    optional: true
-
   '@img/sharp-linux-s390x@0.34.5':
     optionalDependencies:
       '@img/sharp-libvips-linux-s390x': 1.2.4
     optional: true
 
-  '@img/sharp-linux-x64@0.33.5':
-    optionalDependencies:
-      '@img/sharp-libvips-linux-x64': 1.0.4
-    optional: true
-
   '@img/sharp-linux-x64@0.34.5':
     optionalDependencies:
       '@img/sharp-libvips-linux-x64': 1.2.4
     optional: true
 
-  '@img/sharp-linuxmusl-arm64@0.33.5':
-    optionalDependencies:
-      '@img/sharp-libvips-linuxmusl-arm64': 1.0.4
-    optional: true
-
   '@img/sharp-linuxmusl-arm64@0.34.5':
     optionalDependencies:
       '@img/sharp-libvips-linuxmusl-arm64': 1.2.4
     optional: true
 
-  '@img/sharp-linuxmusl-x64@0.33.5':
-    optionalDependencies:
-      '@img/sharp-libvips-linuxmusl-x64': 1.0.4
-    optional: true
-
   '@img/sharp-linuxmusl-x64@0.34.5':
     optionalDependencies:
       '@img/sharp-libvips-linuxmusl-x64': 1.2.4
     optional: true
 
-  '@img/sharp-wasm32@0.33.5':
-    dependencies:
-      '@emnapi/runtime': 1.9.1
-    optional: true
-
   '@img/sharp-wasm32@0.34.5':
     dependencies:
       '@emnapi/runtime': 1.9.1
@@ -5585,15 +6697,9 @@ snapshots:
   '@img/sharp-win32-arm64@0.34.5':
     optional: true
 
-  '@img/sharp-win32-ia32@0.33.5':
-    optional: true
-
   '@img/sharp-win32-ia32@0.34.5':
     optional: true
 
-  '@img/sharp-win32-x64@0.33.5':
-    optional: true
-
   '@img/sharp-win32-x64@0.34.5':
     optional: true
 
@@ -5709,7 +6815,7 @@ snapshots:
       outvariant: 1.4.3
       strict-event-emitter: 0.5.1
 
-  '@napi-rs/wasm-runtime@1.1.1':
+  '@napi-rs/wasm-runtime@1.1.2(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)':
     dependencies:
       '@emnapi/core': 1.9.1
       '@emnapi/runtime': 1.9.1
@@ -5791,6 +6897,8 @@ snapshots:
 
   '@oxc-project/types@0.120.0': {}
 
+  '@oxc-project/types@0.122.0': {}
+
   '@parcel/watcher-android-arm64@2.5.6':
     optional: true
 
@@ -5851,70 +6959,479 @@ snapshots:
       '@parcel/watcher-win32-ia32': 2.5.6
       '@parcel/watcher-win32-x64': 2.5.6
 
+  '@pinojs/redact@0.4.0': {}
+
   '@playwright/test@1.58.2':
     dependencies:
       playwright: 1.58.2
 
+  '@poppinss/colors@4.1.6':
+    dependencies:
+      kleur: 4.1.5
+
+  '@poppinss/dumper@0.6.5':
+    dependencies:
+      '@poppinss/colors': 4.1.6
+      '@sindresorhus/is': 7.2.0
+      supports-color: 10.2.2
+
+  '@poppinss/exception@1.2.3': {}
+
+  '@quansync/fs@1.0.0':
+    dependencies:
+      quansync: 1.0.0
+
   '@rolldown/binding-android-arm64@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-android-arm64@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-darwin-arm64@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-darwin-arm64@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-darwin-x64@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-darwin-x64@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-freebsd-x64@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-freebsd-x64@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-linux-arm-gnueabihf@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-linux-arm-gnueabihf@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-linux-arm64-gnu@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-linux-arm64-gnu@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-linux-arm64-musl@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-linux-arm64-musl@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-linux-ppc64-gnu@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-linux-ppc64-gnu@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-linux-s390x-gnu@1.0.0-rc.10':
     optional: true
 
+  '@rolldown/binding-linux-s390x-gnu@1.0.0-rc.12':
+    optional: true
+
   '@rolldown/binding-linux-x64-gnu@1.0.0-rc.10':
     optional: true
 
-  '@rolldown/binding-linux-x64-musl@1.0.0-rc.10':
-    optional: true
+  '@rolldown/binding-linux-x64-gnu@1.0.0-rc.12':
+    optional: true
+
+  '@rolldown/binding-linux-x64-musl@1.0.0-rc.10':
+    optional: true
+
+  '@rolldown/binding-linux-x64-musl@1.0.0-rc.12':
+    optional: true
+
+  '@rolldown/binding-openharmony-arm64@1.0.0-rc.10':
+    optional: true
+
+  '@rolldown/binding-openharmony-arm64@1.0.0-rc.12':
+    optional: true
+
+  '@rolldown/binding-wasm32-wasi@1.0.0-rc.10(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)':
+    dependencies:
+      '@napi-rs/wasm-runtime': 1.1.2(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
+    transitivePeerDependencies:
+      - '@emnapi/core'
+      - '@emnapi/runtime'
+    optional: true
+
+  '@rolldown/binding-wasm32-wasi@1.0.0-rc.12(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)':
+    dependencies:
+      '@napi-rs/wasm-runtime': 1.1.2(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
+    transitivePeerDependencies:
+      - '@emnapi/core'
+      - '@emnapi/runtime'
+    optional: true
+
+  '@rolldown/binding-win32-arm64-msvc@1.0.0-rc.10':
+    optional: true
+
+  '@rolldown/binding-win32-arm64-msvc@1.0.0-rc.12':
+    optional: true
+
+  '@rolldown/binding-win32-x64-msvc@1.0.0-rc.10':
+    optional: true
+
+  '@rolldown/binding-win32-x64-msvc@1.0.0-rc.12':
+    optional: true
+
+  '@rolldown/pluginutils@1.0.0-rc.10': {}
+
+  '@rolldown/pluginutils@1.0.0-rc.12': {}
+
+  '@schummar/icu-type-parser@1.21.5': {}
+
+  '@sec-ant/readable-stream@0.4.1': {}
+
+  '@simple-libs/child-process-utils@1.0.2':
+    dependencies:
+      '@simple-libs/stream-utils': 1.2.0
+
+  '@simple-libs/stream-utils@1.2.0': {}
+
+  '@sindresorhus/is@7.2.0': {}
+
+  '@sindresorhus/merge-streams@4.0.0': {}
+
+  '@smithy/chunked-blob-reader-native@4.2.3':
+    dependencies:
+      '@smithy/util-base64': 4.3.2
+      tslib: 2.8.1
+
+  '@smithy/chunked-blob-reader@5.2.2':
+    dependencies:
+      tslib: 2.8.1
+
+  '@smithy/config-resolver@4.4.13':
+    dependencies:
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/types': 4.13.1
+      '@smithy/util-config-provider': 4.2.2
+      '@smithy/util-endpoints': 3.3.3
+      '@smithy/util-middleware': 4.2.12
+      tslib: 2.8.1
+
+  '@smithy/core@3.23.13':
+    dependencies:
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      '@smithy/url-parser': 4.2.12
+      '@smithy/util-base64': 4.3.2
+      '@smithy/util-body-length-browser': 4.2.2
+      '@smithy/util-middleware': 4.2.12
+      '@smithy/util-stream': 4.5.21
+      '@smithy/util-utf8': 4.2.2
+      '@smithy/uuid': 1.1.2
+      tslib: 2.8.1
+
+  '@smithy/credential-provider-imds@4.2.12':
+    dependencies:
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/property-provider': 4.2.12
+      '@smithy/types': 4.13.1
+      '@smithy/url-parser': 4.2.12
+      tslib: 2.8.1
+
+  '@smithy/eventstream-codec@4.2.12':
+    dependencies:
+      '@aws-crypto/crc32': 5.2.0
+      '@smithy/types': 4.13.1
+      '@smithy/util-hex-encoding': 4.2.2
+      tslib: 2.8.1
+
+  '@smithy/eventstream-serde-browser@4.2.12':
+    dependencies:
+      '@smithy/eventstream-serde-universal': 4.2.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/eventstream-serde-config-resolver@4.3.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/eventstream-serde-node@4.2.12':
+    dependencies:
+      '@smithy/eventstream-serde-universal': 4.2.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/eventstream-serde-universal@4.2.12':
+    dependencies:
+      '@smithy/eventstream-codec': 4.2.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/fetch-http-handler@5.3.15':
+    dependencies:
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/querystring-builder': 4.2.12
+      '@smithy/types': 4.13.1
+      '@smithy/util-base64': 4.3.2
+      tslib: 2.8.1
+
+  '@smithy/hash-blob-browser@4.2.13':
+    dependencies:
+      '@smithy/chunked-blob-reader': 5.2.2
+      '@smithy/chunked-blob-reader-native': 4.2.3
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/hash-node@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      '@smithy/util-buffer-from': 4.2.2
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+
+  '@smithy/hash-stream-node@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+
+  '@smithy/invalid-dependency@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/is-array-buffer@2.2.0':
+    dependencies:
+      tslib: 2.8.1
+
+  '@smithy/is-array-buffer@4.2.2':
+    dependencies:
+      tslib: 2.8.1
+
+  '@smithy/md5-js@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+
+  '@smithy/middleware-content-length@4.2.12':
+    dependencies:
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/middleware-endpoint@4.4.28':
+    dependencies:
+      '@smithy/core': 3.23.13
+      '@smithy/middleware-serde': 4.2.16
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      '@smithy/url-parser': 4.2.12
+      '@smithy/util-middleware': 4.2.12
+      tslib: 2.8.1
+
+  '@smithy/middleware-retry@4.4.46':
+    dependencies:
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/service-error-classification': 4.2.12
+      '@smithy/smithy-client': 4.12.8
+      '@smithy/types': 4.13.1
+      '@smithy/util-middleware': 4.2.12
+      '@smithy/util-retry': 4.2.13
+      '@smithy/uuid': 1.1.2
+      tslib: 2.8.1
+
+  '@smithy/middleware-serde@4.2.16':
+    dependencies:
+      '@smithy/core': 3.23.13
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/middleware-stack@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/node-config-provider@4.3.12':
+    dependencies:
+      '@smithy/property-provider': 4.2.12
+      '@smithy/shared-ini-file-loader': 4.4.7
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/node-http-handler@4.5.1':
+    dependencies:
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/querystring-builder': 4.2.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/property-provider@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/protocol-http@5.3.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/querystring-builder@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      '@smithy/util-uri-escape': 4.2.2
+      tslib: 2.8.1
+
+  '@smithy/querystring-parser@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/service-error-classification@4.2.12':
+    dependencies:
+      '@smithy/types': 4.13.1
+
+  '@smithy/shared-ini-file-loader@4.4.7':
+    dependencies:
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/signature-v4@5.3.12':
+    dependencies:
+      '@smithy/is-array-buffer': 4.2.2
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      '@smithy/util-hex-encoding': 4.2.2
+      '@smithy/util-middleware': 4.2.12
+      '@smithy/util-uri-escape': 4.2.2
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+
+  '@smithy/smithy-client@4.12.8':
+    dependencies:
+      '@smithy/core': 3.23.13
+      '@smithy/middleware-endpoint': 4.4.28
+      '@smithy/middleware-stack': 4.2.12
+      '@smithy/protocol-http': 5.3.12
+      '@smithy/types': 4.13.1
+      '@smithy/util-stream': 4.5.21
+      tslib: 2.8.1
+
+  '@smithy/types@4.13.1':
+    dependencies:
+      tslib: 2.8.1
+
+  '@smithy/url-parser@4.2.12':
+    dependencies:
+      '@smithy/querystring-parser': 4.2.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/util-base64@4.3.2':
+    dependencies:
+      '@smithy/util-buffer-from': 4.2.2
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
+
+  '@smithy/util-body-length-browser@4.2.2':
+    dependencies:
+      tslib: 2.8.1
+
+  '@smithy/util-body-length-node@4.2.3':
+    dependencies:
+      tslib: 2.8.1
+
+  '@smithy/util-buffer-from@2.2.0':
+    dependencies:
+      '@smithy/is-array-buffer': 2.2.0
+      tslib: 2.8.1
+
+  '@smithy/util-buffer-from@4.2.2':
+    dependencies:
+      '@smithy/is-array-buffer': 4.2.2
+      tslib: 2.8.1
+
+  '@smithy/util-config-provider@4.2.2':
+    dependencies:
+      tslib: 2.8.1
+
+  '@smithy/util-defaults-mode-browser@4.3.44':
+    dependencies:
+      '@smithy/property-provider': 4.2.12
+      '@smithy/smithy-client': 4.12.8
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/util-defaults-mode-node@4.2.48':
+    dependencies:
+      '@smithy/config-resolver': 4.4.13
+      '@smithy/credential-provider-imds': 4.2.12
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/property-provider': 4.2.12
+      '@smithy/smithy-client': 4.12.8
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
+
+  '@smithy/util-endpoints@3.3.3':
+    dependencies:
+      '@smithy/node-config-provider': 4.3.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
 
-  '@rolldown/binding-openharmony-arm64@1.0.0-rc.10':
-    optional: true
+  '@smithy/util-hex-encoding@4.2.2':
+    dependencies:
+      tslib: 2.8.1
 
-  '@rolldown/binding-wasm32-wasi@1.0.0-rc.10':
+  '@smithy/util-middleware@4.2.12':
     dependencies:
-      '@napi-rs/wasm-runtime': 1.1.1
-    optional: true
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
 
-  '@rolldown/binding-win32-arm64-msvc@1.0.0-rc.10':
-    optional: true
+  '@smithy/util-retry@4.2.13':
+    dependencies:
+      '@smithy/service-error-classification': 4.2.12
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
 
-  '@rolldown/binding-win32-x64-msvc@1.0.0-rc.10':
-    optional: true
+  '@smithy/util-stream@4.5.21':
+    dependencies:
+      '@smithy/fetch-http-handler': 5.3.15
+      '@smithy/node-http-handler': 4.5.1
+      '@smithy/types': 4.13.1
+      '@smithy/util-base64': 4.3.2
+      '@smithy/util-buffer-from': 4.2.2
+      '@smithy/util-hex-encoding': 4.2.2
+      '@smithy/util-utf8': 4.2.2
+      tslib: 2.8.1
 
-  '@rolldown/pluginutils@1.0.0-rc.10': {}
+  '@smithy/util-uri-escape@4.2.2':
+    dependencies:
+      tslib: 2.8.1
 
-  '@schummar/icu-type-parser@1.21.5': {}
+  '@smithy/util-utf8@2.3.0':
+    dependencies:
+      '@smithy/util-buffer-from': 2.2.0
+      tslib: 2.8.1
 
-  '@sec-ant/readable-stream@0.4.1': {}
+  '@smithy/util-utf8@4.2.2':
+    dependencies:
+      '@smithy/util-buffer-from': 4.2.2
+      tslib: 2.8.1
 
-  '@simple-libs/child-process-utils@1.0.2':
+  '@smithy/util-waiter@4.2.14':
     dependencies:
-      '@simple-libs/stream-utils': 1.2.0
+      '@smithy/types': 4.13.1
+      tslib: 2.8.1
 
-  '@simple-libs/stream-utils@1.2.0': {}
+  '@smithy/uuid@1.1.2':
+    dependencies:
+      tslib: 2.8.1
 
-  '@sindresorhus/merge-streams@4.0.0': {}
+  '@speed-highlight/core@1.2.15': {}
 
   '@standard-schema/spec@1.1.0': {}
 
@@ -6086,22 +7603,22 @@ snapshots:
       minimatch: 10.2.4
       path-browserify: 1.0.1
 
-  '@turbo/darwin-64@2.8.21':
+  '@turbo/darwin-64@2.9.4':
     optional: true
 
-  '@turbo/darwin-arm64@2.8.21':
+  '@turbo/darwin-arm64@2.9.4':
     optional: true
 
-  '@turbo/linux-64@2.8.21':
+  '@turbo/linux-64@2.9.4':
     optional: true
 
-  '@turbo/linux-arm64@2.8.21':
+  '@turbo/linux-arm64@2.9.4':
     optional: true
 
-  '@turbo/windows-64@2.8.21':
+  '@turbo/windows-64@2.9.4':
     optional: true
 
-  '@turbo/windows-arm64@2.8.21':
+  '@turbo/windows-arm64@2.9.4':
     optional: true
 
   '@tybys/wasm-util@0.10.1':
@@ -6118,6 +7635,8 @@ snapshots:
 
   '@types/estree@1.0.8': {}
 
+  '@types/jsesc@2.5.1': {}
+
   '@types/node@22.19.15':
     dependencies:
       undici-types: 6.21.0
@@ -6136,6 +7655,10 @@ snapshots:
       pg-protocol: 1.13.0
       pg-types: 2.2.0
 
+  '@types/pino@7.0.5':
+    dependencies:
+      pino: 10.3.1
+
   '@types/react-dom@19.2.3(@types/react@19.2.14)':
     dependencies:
       '@types/react': 19.2.14
@@ -6154,7 +7677,7 @@ snapshots:
 
   '@types/validate-npm-package-name@4.0.2': {}
 
-  '@vitest/coverage-istanbul@4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))':
+  '@vitest/coverage-istanbul@4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))':
     dependencies:
       '@babel/core': 7.29.0
       '@istanbuljs/schema': 0.1.3
@@ -6166,11 +7689,11 @@ snapshots:
       magicast: 0.5.2
       obug: 2.1.1
       tinyrainbow: 3.1.0
-      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
     transitivePeerDependencies:
       - supports-color
 
-  '@vitest/coverage-istanbul@4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))':
+  '@vitest/coverage-istanbul@4.1.0(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)))':
     dependencies:
       '@babel/core': 7.29.0
       '@istanbuljs/schema': 0.1.3
@@ -6182,7 +7705,7 @@ snapshots:
       magicast: 0.5.2
       obug: 2.1.1
       tinyrainbow: 3.1.0
-      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
     transitivePeerDependencies:
       - supports-color
 
@@ -6195,23 +7718,23 @@ snapshots:
       chai: 6.2.2
       tinyrainbow: 3.1.0
 
-  '@vitest/mocker@4.1.0(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))':
+  '@vitest/mocker@4.1.0(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))':
     dependencies:
       '@vitest/spy': 4.1.0
       estree-walker: 3.0.3
       magic-string: 0.30.21
     optionalDependencies:
       msw: 2.12.14(@types/node@24.12.0)(typescript@5.9.3)
-      vite: 8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)
+      vite: 8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)
 
-  '@vitest/mocker@4.1.0(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))':
+  '@vitest/mocker@4.1.0(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))':
     dependencies:
       '@vitest/spy': 4.1.0
       estree-walker: 3.0.3
       magic-string: 0.30.21
     optionalDependencies:
       msw: 2.12.14(@types/node@25.5.0)(typescript@5.9.3)
-      vite: 8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)
+      vite: 8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)
 
   '@vitest/pretty-format@4.1.0':
     dependencies:
@@ -6237,15 +7760,15 @@ snapshots:
       convert-source-map: 2.0.0
       tinyrainbow: 3.1.0
 
+  abort-controller@3.0.0:
+    dependencies:
+      event-target-shim: 5.0.1
+
   accepts@2.0.0:
     dependencies:
       mime-types: 3.0.2
       negotiator: 1.0.0
 
-  acorn-walk@8.3.2: {}
-
-  acorn@8.14.0: {}
-
   agent-base@7.1.4: {}
 
   ajv-formats@3.0.1(ajv@8.18.0):
@@ -6273,25 +7796,33 @@ snapshots:
 
   ansi-styles@6.2.3: {}
 
+  ansis@4.2.0: {}
+
   argparse@2.0.1: {}
 
   array-ify@1.0.0: {}
 
-  as-table@1.0.55:
-    dependencies:
-      printable-characters: 1.0.42
-
   assertion-error@2.0.1: {}
 
+  ast-kit@3.0.0-beta.1:
+    dependencies:
+      '@babel/parser': 8.0.0-rc.3
+      estree-walker: 3.0.3
+      pathe: 2.0.3
+
   ast-types@0.16.1:
     dependencies:
       tslib: 2.8.1
 
+  atomic-sleep@1.0.0: {}
+
   balanced-match@4.0.4: {}
 
+  base64-js@1.5.1: {}
+
   baseline-browser-mapping@2.10.10: {}
 
-  better-auth@1.5.6(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(drizzle-kit@0.31.10)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))(next@16.2.1(@babel/core@7.29.0)(@opentelemetry/api@1.9.0)(@playwright/test@1.58.2)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(pg@8.20.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))):
+  better-auth@1.5.6(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(drizzle-kit@0.31.10)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))(next@16.2.1(@babel/core@7.29.0)(@opentelemetry/api@1.9.0)(@playwright/test@1.58.2)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(pg@8.20.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))):
     dependencies:
       '@better-auth/core': 1.5.6(@better-auth/utils@0.3.1)(@better-fetch/fetch@1.1.21)(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(better-call@1.3.2(zod@4.3.6))(jose@6.2.2)(kysely@0.28.14)(nanostores@1.2.0)
       '@better-auth/drizzle-adapter': 1.5.6(@better-auth/core@1.5.6(@better-auth/utils@0.3.1)(@better-fetch/fetch@1.1.21)(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(better-call@1.3.2(zod@4.3.6))(jose@6.2.2)(kysely@0.28.14)(nanostores@1.2.0))(@better-auth/utils@0.3.1)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))
@@ -6317,12 +7848,12 @@ snapshots:
       pg: 8.20.0
       react: 19.2.4
       react-dom: 19.2.4(react@19.2.4)
-      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
     transitivePeerDependencies:
       - '@cloudflare/workers-types'
       - '@opentelemetry/api'
 
-  better-auth@1.5.6(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(drizzle-kit@0.31.10)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))(next@16.2.1(@opentelemetry/api@1.9.0)(@playwright/test@1.58.2)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(pg@8.20.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))):
+  better-auth@1.5.6(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(drizzle-kit@0.31.10)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))(next@16.2.1(@opentelemetry/api@1.9.0)(@playwright/test@1.58.2)(react-dom@19.2.4(react@19.2.4))(react@19.2.4))(pg@8.20.0)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))):
     dependencies:
       '@better-auth/core': 1.5.6(@better-auth/utils@0.3.1)(@better-fetch/fetch@1.1.21)(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(better-call@1.3.2(zod@4.3.6))(jose@6.2.2)(kysely@0.28.14)(nanostores@1.2.0)
       '@better-auth/drizzle-adapter': 1.5.6(@better-auth/core@1.5.6(@better-auth/utils@0.3.1)(@better-fetch/fetch@1.1.21)(@cloudflare/workers-types@4.20260401.1)(@opentelemetry/api@1.9.0)(better-call@1.3.2(zod@4.3.6))(jose@6.2.2)(kysely@0.28.14)(nanostores@1.2.0))(@better-auth/utils@0.3.1)(drizzle-orm@0.45.1(@cloudflare/workers-types@4.20260401.1)(@neondatabase/serverless@1.0.2)(@opentelemetry/api@1.9.0)(@types/pg@8.20.0)(kysely@0.28.14)(pg@8.20.0)(postgres@3.4.8))
@@ -6348,7 +7879,7 @@ snapshots:
       pg: 8.20.0
       react: 19.2.4
       react-dom: 19.2.4(react@19.2.4)
-      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
     transitivePeerDependencies:
       - '@cloudflare/workers-types'
       - '@opentelemetry/api'
@@ -6362,6 +7893,10 @@ snapshots:
     optionalDependencies:
       zod: 4.3.6
 
+  bignumber.js@9.3.1: {}
+
+  birpc@4.0.0: {}
+
   blake3-wasm@2.1.5: {}
 
   body-parser@2.2.2:
@@ -6378,6 +7913,8 @@ snapshots:
     transitivePeerDependencies:
       - supports-color
 
+  bowser@2.14.1: {}
+
   brace-expansion@5.0.4:
     dependencies:
       balanced-match: 4.0.4
@@ -6386,6 +7923,10 @@ snapshots:
     dependencies:
       fill-range: 7.1.1
 
+  browser-image-compression@2.0.2:
+    dependencies:
+      uzip: 0.20201231.0
+
   browserslist@4.28.1:
     dependencies:
       baseline-browser-mapping: 2.10.10
@@ -6394,14 +7935,23 @@ snapshots:
       node-releases: 2.0.36
       update-browserslist-db: 1.2.3(browserslist@4.28.1)
 
+  buffer-equal-constant-time@1.0.1: {}
+
   buffer-from@1.1.2: {}
 
+  buffer@6.0.3:
+    dependencies:
+      base64-js: 1.5.1
+      ieee754: 1.2.1
+
   bundle-name@4.1.0:
     dependencies:
       run-applescript: 7.1.0
 
   bytes@3.1.2: {}
 
+  cac@7.0.0: {}
+
   call-bind-apply-helpers@1.0.2:
     dependencies:
       es-errors: 1.3.0
@@ -6455,18 +8005,6 @@ snapshots:
 
   color-name@1.1.4: {}
 
-  color-string@1.9.1:
-    dependencies:
-      color-name: 1.1.4
-      simple-swizzle: 0.2.4
-    optional: true
-
-  color@4.2.3:
-    dependencies:
-      color-convert: 2.0.1
-      color-string: 1.9.1
-    optional: true
-
   colorette@2.0.20: {}
 
   commander@11.1.0: {}
@@ -6538,14 +8076,14 @@ snapshots:
 
   csstype@3.2.3: {}
 
-  data-uri-to-buffer@2.0.2: {}
-
   data-uri-to-buffer@4.0.1: {}
 
   date-fns-jalali@4.1.0-0: {}
 
   date-fns@4.1.0: {}
 
+  dateformat@4.6.3: {}
+
   debug@4.4.3:
     dependencies:
       ms: 2.1.3
@@ -6594,12 +8132,18 @@ snapshots:
       pg: 8.20.0
       postgres: 3.4.8
 
+  dts-resolver@2.1.3: {}
+
   dunder-proto@1.0.1:
     dependencies:
       call-bind-apply-helpers: 1.0.2
       es-errors: 1.3.0
       gopd: 1.2.0
 
+  ecdsa-sig-formatter@1.0.11:
+    dependencies:
+      safe-buffer: 5.2.1
+
   eciesjs@0.4.18:
     dependencies:
       '@ecies/ciphers': 0.2.5(@noble/ciphers@1.3.0)
@@ -6615,8 +8159,14 @@ snapshots:
 
   emoji-regex@8.0.0: {}
 
+  empathic@2.0.0: {}
+
   encodeurl@2.0.0: {}
 
+  end-of-stream@1.4.5:
+    dependencies:
+      once: 1.4.0
+
   enhanced-resolve@5.20.1:
     dependencies:
       graceful-fs: 4.2.11
@@ -6630,6 +8180,8 @@ snapshots:
     dependencies:
       is-arrayish: 0.2.1
 
+  error-stack-parser-es@1.0.5: {}
+
   es-define-property@1.0.1: {}
 
   es-errors@1.3.0: {}
@@ -6640,31 +8192,6 @@ snapshots:
     dependencies:
       es-errors: 1.3.0
 
-  esbuild@0.17.19:
-    optionalDependencies:
-      '@esbuild/android-arm': 0.17.19
-      '@esbuild/android-arm64': 0.17.19
-      '@esbuild/android-x64': 0.17.19
-      '@esbuild/darwin-arm64': 0.17.19
-      '@esbuild/darwin-x64': 0.17.19
-      '@esbuild/freebsd-arm64': 0.17.19
-      '@esbuild/freebsd-x64': 0.17.19
-      '@esbuild/linux-arm': 0.17.19
-      '@esbuild/linux-arm64': 0.17.19
-      '@esbuild/linux-ia32': 0.17.19
-      '@esbuild/linux-loong64': 0.17.19
-      '@esbuild/linux-mips64el': 0.17.19
-      '@esbuild/linux-ppc64': 0.17.19
-      '@esbuild/linux-riscv64': 0.17.19
-      '@esbuild/linux-s390x': 0.17.19
-      '@esbuild/linux-x64': 0.17.19
-      '@esbuild/netbsd-x64': 0.17.19
-      '@esbuild/openbsd-x64': 0.17.19
-      '@esbuild/sunos-x64': 0.17.19
-      '@esbuild/win32-arm64': 0.17.19
-      '@esbuild/win32-ia32': 0.17.19
-      '@esbuild/win32-x64': 0.17.19
-
   esbuild@0.18.20:
     optionalDependencies:
       '@esbuild/android-arm': 0.18.20
@@ -6719,6 +8246,35 @@ snapshots:
       '@esbuild/win32-ia32': 0.25.12
       '@esbuild/win32-x64': 0.25.12
 
+  esbuild@0.27.3:
+    optionalDependencies:
+      '@esbuild/aix-ppc64': 0.27.3
+      '@esbuild/android-arm': 0.27.3
+      '@esbuild/android-arm64': 0.27.3
+      '@esbuild/android-x64': 0.27.3
+      '@esbuild/darwin-arm64': 0.27.3
+      '@esbuild/darwin-x64': 0.27.3
+      '@esbuild/freebsd-arm64': 0.27.3
+      '@esbuild/freebsd-x64': 0.27.3
+      '@esbuild/linux-arm': 0.27.3
+      '@esbuild/linux-arm64': 0.27.3
+      '@esbuild/linux-ia32': 0.27.3
+      '@esbuild/linux-loong64': 0.27.3
+      '@esbuild/linux-mips64el': 0.27.3
+      '@esbuild/linux-ppc64': 0.27.3
+      '@esbuild/linux-riscv64': 0.27.3
+      '@esbuild/linux-s390x': 0.27.3
+      '@esbuild/linux-x64': 0.27.3
+      '@esbuild/netbsd-arm64': 0.27.3
+      '@esbuild/netbsd-x64': 0.27.3
+      '@esbuild/openbsd-arm64': 0.27.3
+      '@esbuild/openbsd-x64': 0.27.3
+      '@esbuild/openharmony-arm64': 0.27.3
+      '@esbuild/sunos-x64': 0.27.3
+      '@esbuild/win32-arm64': 0.27.3
+      '@esbuild/win32-ia32': 0.27.3
+      '@esbuild/win32-x64': 0.27.3
+
   esbuild@0.27.4:
     optionalDependencies:
       '@esbuild/aix-ppc64': 0.27.4
@@ -6752,20 +8308,20 @@ snapshots:
 
   escape-html@1.0.3: {}
 
-  escape-string-regexp@4.0.0: {}
-
   esprima@4.0.1: {}
 
-  estree-walker@0.6.1: {}
-
   estree-walker@3.0.3:
     dependencies:
       '@types/estree': 1.0.8
 
   etag@1.8.1: {}
 
+  event-target-shim@5.0.1: {}
+
   eventemitter3@5.0.4: {}
 
+  events@3.3.0: {}
+
   eventsource-parser@3.0.6: {}
 
   eventsource@3.0.7:
@@ -6799,8 +8355,6 @@ snapshots:
       strip-final-newline: 4.0.0
       yoctocolors: 2.1.2
 
-  exit-hook@2.2.1: {}
-
   expect-type@1.3.0: {}
 
   express-rate-limit@8.3.1(express@5.2.1):
@@ -6841,7 +8395,9 @@ snapshots:
     transitivePeerDependencies:
       - supports-color
 
-  exsolve@1.0.8: {}
+  extend@3.0.2: {}
+
+  fast-copy@4.0.2: {}
 
   fast-deep-equal@3.1.3: {}
 
@@ -6853,8 +8409,20 @@ snapshots:
       merge2: 1.4.1
       micromatch: 4.0.8
 
+  fast-safe-stringify@2.1.1: {}
+
   fast-uri@3.1.0: {}
 
+  fast-xml-builder@1.1.4:
+    dependencies:
+      path-expression-matcher: 1.2.0
+
+  fast-xml-parser@5.5.8:
+    dependencies:
+      fast-xml-builder: 1.1.4
+      path-expression-matcher: 1.2.0
+      strnum: 2.2.2
+
   fastq@1.20.1:
     dependencies:
       reusify: 1.1.0
@@ -6868,6 +8436,8 @@ snapshots:
       node-domexception: 1.0.0
       web-streams-polyfill: 3.3.3
 
+  fetch-retry@6.0.0: {}
+
   figures@6.1.0:
     dependencies:
       is-unicode-supported: 2.1.0
@@ -6911,6 +8481,26 @@ snapshots:
 
   fuzzysort@3.1.0: {}
 
+  gaxios@6.7.1:
+    dependencies:
+      extend: 3.0.2
+      https-proxy-agent: 7.0.6
+      is-stream: 2.0.1
+      node-fetch: 2.7.0
+      uuid: 9.0.1
+    transitivePeerDependencies:
+      - encoding
+      - supports-color
+
+  gcp-metadata@6.1.1:
+    dependencies:
+      gaxios: 6.7.1
+      google-logging-utils: 0.0.2
+      json-bigint: 1.0.0
+    transitivePeerDependencies:
+      - encoding
+      - supports-color
+
   gensync@1.0.0-beta.2: {}
 
   get-caller-file@2.0.5: {}
@@ -6937,11 +8527,6 @@ snapshots:
       dunder-proto: 1.0.1
       es-object-atoms: 1.1.1
 
-  get-source@2.0.12:
-    dependencies:
-      data-uri-to-buffer: 2.0.2
-      source-map: 0.6.1
-
   get-stream@6.0.1: {}
 
   get-stream@9.0.1:
@@ -6965,18 +8550,58 @@ snapshots:
     dependencies:
       is-glob: 4.0.3
 
-  glob-to-regexp@0.4.1: {}
-
   global-directory@4.0.1:
     dependencies:
       ini: 4.1.1
 
+  google-auth-library@9.15.1:
+    dependencies:
+      base64-js: 1.5.1
+      ecdsa-sig-formatter: 1.0.11
+      gaxios: 6.7.1
+      gcp-metadata: 6.1.1
+      gtoken: 7.1.0
+      jws: 4.0.1
+    transitivePeerDependencies:
+      - encoding
+      - supports-color
+
+  google-logging-utils@0.0.2: {}
+
+  googleapis-common@7.2.0:
+    dependencies:
+      extend: 3.0.2
+      gaxios: 6.7.1
+      google-auth-library: 9.15.1
+      qs: 6.15.0
+      url-template: 2.0.8
+      uuid: 9.0.1
+    transitivePeerDependencies:
+      - encoding
+      - supports-color
+
+  googleapis@144.0.0:
+    dependencies:
+      google-auth-library: 9.15.1
+      googleapis-common: 7.2.0
+    transitivePeerDependencies:
+      - encoding
+      - supports-color
+
   gopd@1.2.0: {}
 
   graceful-fs@4.2.11: {}
 
   graphql@16.13.1: {}
 
+  gtoken@7.1.0:
+    dependencies:
+      gaxios: 6.7.1
+      jws: 4.0.1
+    transitivePeerDependencies:
+      - encoding
+      - supports-color
+
   has-flag@4.0.0: {}
 
   has-symbols@1.1.0: {}
@@ -6987,8 +8612,12 @@ snapshots:
 
   headers-polyfill@4.0.3: {}
 
+  help-me@5.0.0: {}
+
   hono@4.12.8: {}
 
+  hookable@6.1.0: {}
+
   html-escaper@2.0.2: {}
 
   http-errors@2.0.1:
@@ -7020,6 +8649,8 @@ snapshots:
     dependencies:
       '@formatjs/icu-messageformat-parser': 3.5.3
 
+  ieee754@1.2.1: {}
+
   ignore@5.3.2: {}
 
   import-fresh@3.3.1:
@@ -7029,6 +8660,8 @@ snapshots:
 
   import-meta-resolve@4.2.0: {}
 
+  import-without-cache@0.2.5: {}
+
   inherits@2.0.4: {}
 
   ini@4.1.1: {}
@@ -7045,9 +8678,6 @@ snapshots:
 
   is-arrayish@0.2.1: {}
 
-  is-arrayish@0.3.4:
-    optional: true
-
   is-docker@3.0.0: {}
 
   is-extglob@2.1.1: {}
@@ -7117,6 +8747,8 @@ snapshots:
 
   jose@6.2.2: {}
 
+  joycon@3.1.1: {}
+
   js-tokens@4.0.0: {}
 
   js-yaml@4.1.1:
@@ -7125,6 +8757,10 @@ snapshots:
 
   jsesc@3.1.0: {}
 
+  json-bigint@1.0.0:
+    dependencies:
+      bignumber.js: 9.3.1
+
   json-parse-even-better-errors@2.3.1: {}
 
   json-schema-traverse@1.0.0: {}
@@ -7139,6 +8775,17 @@ snapshots:
     optionalDependencies:
       graceful-fs: 4.2.11
 
+  jwa@2.0.1:
+    dependencies:
+      buffer-equal-constant-time: 1.0.1
+      ecdsa-sig-formatter: 1.0.11
+      safe-buffer: 5.2.1
+
+  jws@4.0.1:
+    dependencies:
+      jwa: 2.0.1
+      safe-buffer: 5.2.1
+
   kleur@3.0.3: {}
 
   kleur@4.1.5: {}
@@ -7247,10 +8894,6 @@ snapshots:
     dependencies:
       react: 19.2.4
 
-  magic-string@0.25.9:
-    dependencies:
-      sourcemap-codec: 1.4.8
-
   magic-string@0.30.21:
     dependencies:
       '@jridgewell/sourcemap-codec': 1.5.5
@@ -7288,25 +8931,18 @@ snapshots:
     dependencies:
       mime-db: 1.54.0
 
-  mime@3.0.0: {}
-
   mimic-fn@2.1.0: {}
 
   mimic-function@5.0.1: {}
 
-  miniflare@3.20250718.3:
+  miniflare@4.20260329.0:
     dependencies:
       '@cspotcode/source-map-support': 0.8.1
-      acorn: 8.14.0
-      acorn-walk: 8.3.2
-      exit-hook: 2.2.1
-      glob-to-regexp: 0.4.1
-      stoppable: 1.1.0
-      undici: 5.29.0
-      workerd: 1.20250718.0
+      sharp: 0.34.5
+      undici: 7.24.4
+      workerd: 1.20260329.1
       ws: 8.18.0
-      youch: 3.3.4
-      zod: 3.22.3
+      youch: 4.1.0-beta.10
     transitivePeerDependencies:
       - bufferutil
       - utf-8-validate
@@ -7370,8 +9006,6 @@ snapshots:
       - '@types/node'
     optional: true
 
-  mustache@4.2.0: {}
-
   mute-stream@2.0.0: {}
 
   nanoid@3.3.11: {}
@@ -7436,6 +9070,10 @@ snapshots:
 
   node-domexception@1.0.0: {}
 
+  node-fetch@2.7.0:
+    dependencies:
+      whatwg-url: 5.0.0
+
   node-fetch@3.3.2:
     dependencies:
       data-uri-to-buffer: 4.0.1
@@ -7461,7 +9099,7 @@ snapshots:
 
   obug@2.1.1: {}
 
-  ohash@2.0.11: {}
+  on-exit-leak-free@2.1.2: {}
 
   on-finished@2.4.1:
     dependencies:
@@ -7519,6 +9157,8 @@ snapshots:
 
   path-browserify@1.0.1: {}
 
+  path-expression-matcher@1.2.0: {}
+
   path-key@3.1.1: {}
 
   path-key@4.0.0: {}
@@ -7570,6 +9210,49 @@ snapshots:
 
   picomatch@4.0.3: {}
 
+  picomatch@4.0.4: {}
+
+  pino-abstract-transport@1.2.0:
+    dependencies:
+      readable-stream: 4.7.0
+      split2: 4.2.0
+
+  pino-abstract-transport@3.0.0:
+    dependencies:
+      split2: 4.2.0
+
+  pino-pretty@13.1.3:
+    dependencies:
+      colorette: 2.0.20
+      dateformat: 4.6.3
+      fast-copy: 4.0.2
+      fast-safe-stringify: 2.1.1
+      help-me: 5.0.0
+      joycon: 3.1.1
+      minimist: 1.2.8
+      on-exit-leak-free: 2.1.2
+      pino-abstract-transport: 3.0.0
+      pump: 3.0.4
+      secure-json-parse: 4.1.0
+      sonic-boom: 4.2.1
+      strip-json-comments: 5.0.3
+
+  pino-std-serializers@7.1.0: {}
+
+  pino@10.3.1:
+    dependencies:
+      '@pinojs/redact': 0.4.0
+      atomic-sleep: 1.0.0
+      on-exit-leak-free: 2.1.2
+      pino-abstract-transport: 3.0.0
+      pino-std-serializers: 7.1.0
+      process-warning: 5.0.0
+      quick-format-unescaped: 4.0.4
+      real-require: 0.2.0
+      safe-stable-stringify: 2.5.0
+      sonic-boom: 4.2.1
+      thread-stream: 4.0.0
+
   pkce-challenge@5.0.1: {}
 
   playwright-core@1.58.2: {}
@@ -7618,7 +9301,9 @@ snapshots:
     dependencies:
       parse-ms: 4.0.0
 
-  printable-characters@1.0.42: {}
+  process-warning@5.0.0: {}
+
+  process@0.11.10: {}
 
   prompts@2.4.2:
     dependencies:
@@ -7630,12 +9315,21 @@ snapshots:
       forwarded: 0.2.0
       ipaddr.js: 1.9.1
 
+  pump@3.0.4:
+    dependencies:
+      end-of-stream: 1.4.5
+      once: 1.4.0
+
   qs@6.15.0:
     dependencies:
       side-channel: 1.1.0
 
+  quansync@1.0.0: {}
+
   queue-microtask@1.2.3: {}
 
+  quick-format-unescaped@4.0.4: {}
+
   raf-schd@4.0.3: {}
 
   range-parser@1.2.1: {}
@@ -7671,6 +9365,16 @@ snapshots:
 
   react@19.2.4: {}
 
+  readable-stream@4.7.0:
+    dependencies:
+      abort-controller: 3.0.0
+      buffer: 6.0.3
+      events: 3.3.0
+      process: 0.11.10
+      string_decoder: 1.3.0
+
+  real-require@0.2.0: {}
+
   recast@0.23.11:
     dependencies:
       ast-types: 0.16.1
@@ -7704,7 +9408,25 @@ snapshots:
 
   rfdc@1.4.1: {}
 
-  rolldown@1.0.0-rc.10:
+  rolldown-plugin-dts@0.23.2(rolldown@1.0.0-rc.12(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1))(typescript@5.9.3):
+    dependencies:
+      '@babel/generator': 8.0.0-rc.3
+      '@babel/helper-validator-identifier': 8.0.0-rc.3
+      '@babel/parser': 8.0.0-rc.3
+      '@babel/types': 8.0.0-rc.3
+      ast-kit: 3.0.0-beta.1
+      birpc: 4.0.0
+      dts-resolver: 2.1.3
+      get-tsconfig: 4.13.7
+      obug: 2.1.1
+      picomatch: 4.0.4
+      rolldown: 1.0.0-rc.12(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
+    optionalDependencies:
+      typescript: 5.9.3
+    transitivePeerDependencies:
+      - oxc-resolver
+
+  rolldown@1.0.0-rc.10(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1):
     dependencies:
       '@oxc-project/types': 0.120.0
       '@rolldown/pluginutils': 1.0.0-rc.10
@@ -7721,23 +9443,36 @@ snapshots:
       '@rolldown/binding-linux-x64-gnu': 1.0.0-rc.10
       '@rolldown/binding-linux-x64-musl': 1.0.0-rc.10
       '@rolldown/binding-openharmony-arm64': 1.0.0-rc.10
-      '@rolldown/binding-wasm32-wasi': 1.0.0-rc.10
+      '@rolldown/binding-wasm32-wasi': 1.0.0-rc.10(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
       '@rolldown/binding-win32-arm64-msvc': 1.0.0-rc.10
       '@rolldown/binding-win32-x64-msvc': 1.0.0-rc.10
+    transitivePeerDependencies:
+      - '@emnapi/core'
+      - '@emnapi/runtime'
 
-  rollup-plugin-inject@3.0.2:
-    dependencies:
-      estree-walker: 0.6.1
-      magic-string: 0.25.9
-      rollup-pluginutils: 2.8.2
-
-  rollup-plugin-node-polyfills@0.2.1:
-    dependencies:
-      rollup-plugin-inject: 3.0.2
-
-  rollup-pluginutils@2.8.2:
+  rolldown@1.0.0-rc.12(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1):
     dependencies:
-      estree-walker: 0.6.1
+      '@oxc-project/types': 0.122.0
+      '@rolldown/pluginutils': 1.0.0-rc.12
+    optionalDependencies:
+      '@rolldown/binding-android-arm64': 1.0.0-rc.12
+      '@rolldown/binding-darwin-arm64': 1.0.0-rc.12
+      '@rolldown/binding-darwin-x64': 1.0.0-rc.12
+      '@rolldown/binding-freebsd-x64': 1.0.0-rc.12
+      '@rolldown/binding-linux-arm-gnueabihf': 1.0.0-rc.12
+      '@rolldown/binding-linux-arm64-gnu': 1.0.0-rc.12
+      '@rolldown/binding-linux-arm64-musl': 1.0.0-rc.12
+      '@rolldown/binding-linux-ppc64-gnu': 1.0.0-rc.12
+      '@rolldown/binding-linux-s390x-gnu': 1.0.0-rc.12
+      '@rolldown/binding-linux-x64-gnu': 1.0.0-rc.12
+      '@rolldown/binding-linux-x64-musl': 1.0.0-rc.12
+      '@rolldown/binding-openharmony-arm64': 1.0.0-rc.12
+      '@rolldown/binding-wasm32-wasi': 1.0.0-rc.12(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
+      '@rolldown/binding-win32-arm64-msvc': 1.0.0-rc.12
+      '@rolldown/binding-win32-x64-msvc': 1.0.0-rc.12
+    transitivePeerDependencies:
+      - '@emnapi/core'
+      - '@emnapi/runtime'
 
   rou3@0.7.12: {}
 
@@ -7757,10 +9492,16 @@ snapshots:
     dependencies:
       queue-microtask: 1.2.3
 
+  safe-buffer@5.2.1: {}
+
+  safe-stable-stringify@2.5.0: {}
+
   safer-buffer@2.1.2: {}
 
   scheduler@0.27.0: {}
 
+  secure-json-parse@4.1.0: {}
+
   semver@6.3.1: {}
 
   semver@7.7.4: {}
@@ -7837,33 +9578,6 @@ snapshots:
       - supports-color
       - typescript
 
-  sharp@0.33.5:
-    dependencies:
-      color: 4.2.3
-      detect-libc: 2.1.2
-      semver: 7.7.4
-    optionalDependencies:
-      '@img/sharp-darwin-arm64': 0.33.5
-      '@img/sharp-darwin-x64': 0.33.5
-      '@img/sharp-libvips-darwin-arm64': 1.0.4
-      '@img/sharp-libvips-darwin-x64': 1.0.4
-      '@img/sharp-libvips-linux-arm': 1.0.5
-      '@img/sharp-libvips-linux-arm64': 1.0.4
-      '@img/sharp-libvips-linux-s390x': 1.0.4
-      '@img/sharp-libvips-linux-x64': 1.0.4
-      '@img/sharp-libvips-linuxmusl-arm64': 1.0.4
-      '@img/sharp-libvips-linuxmusl-x64': 1.0.4
-      '@img/sharp-linux-arm': 0.33.5
-      '@img/sharp-linux-arm64': 0.33.5
-      '@img/sharp-linux-s390x': 0.33.5
-      '@img/sharp-linux-x64': 0.33.5
-      '@img/sharp-linuxmusl-arm64': 0.33.5
-      '@img/sharp-linuxmusl-x64': 0.33.5
-      '@img/sharp-wasm32': 0.33.5
-      '@img/sharp-win32-ia32': 0.33.5
-      '@img/sharp-win32-x64': 0.33.5
-    optional: true
-
   sharp@0.34.5:
     dependencies:
       '@img/colour': 1.1.0
@@ -7894,7 +9608,6 @@ snapshots:
       '@img/sharp-win32-arm64': 0.34.5
       '@img/sharp-win32-ia32': 0.34.5
       '@img/sharp-win32-x64': 0.34.5
-    optional: true
 
   shebang-command@2.0.0:
     dependencies:
@@ -7936,11 +9649,6 @@ snapshots:
 
   signal-exit@4.1.0: {}
 
-  simple-swizzle@0.2.4:
-    dependencies:
-      is-arrayish: 0.3.4
-    optional: true
-
   sisteransi@1.0.5: {}
 
   slice-ansi@7.1.2:
@@ -7953,6 +9661,10 @@ snapshots:
       ansi-styles: 6.2.3
       is-fullwidth-code-point: 5.1.0
 
+  sonic-boom@4.2.1:
+    dependencies:
+      atomic-sleep: 1.0.0
+
   sonner@2.0.7(react-dom@19.2.4(react@19.2.4))(react@19.2.4):
     dependencies:
       react: 19.2.4
@@ -7967,25 +9679,16 @@ snapshots:
 
   source-map@0.6.1: {}
 
-  sourcemap-codec@1.4.8: {}
-
   split2@4.2.0: {}
 
   stackback@0.0.2: {}
 
-  stacktracey@2.2.0:
-    dependencies:
-      as-table: 1.0.55
-      get-source: 2.0.12
-
   statuses@2.0.2: {}
 
   std-env@4.0.0: {}
 
   stdin-discarder@0.2.2: {}
 
-  stoppable@1.1.0: {}
-
   strict-event-emitter@0.5.1: {}
 
   string-argv@0.3.2: {}
@@ -8007,6 +9710,10 @@ snapshots:
       get-east-asian-width: 1.5.0
       strip-ansi: 7.2.0
 
+  string_decoder@1.3.0:
+    dependencies:
+      safe-buffer: 5.2.1
+
   stringify-object@5.0.0:
     dependencies:
       get-own-enumerable-keys: 1.0.0
@@ -8027,6 +9734,10 @@ snapshots:
 
   strip-final-newline@4.0.0: {}
 
+  strip-json-comments@5.0.3: {}
+
+  strnum@2.2.2: {}
+
   styled-jsx@5.1.6(@babel/core@7.29.0)(react@19.2.4):
     dependencies:
       client-only: 0.0.1
@@ -8034,6 +9745,8 @@ snapshots:
     optionalDependencies:
       '@babel/core': 7.29.0
 
+  supports-color@10.2.2: {}
+
   supports-color@7.2.0:
     dependencies:
       has-flag: 4.0.0
@@ -8048,6 +9761,10 @@ snapshots:
 
   tapable@2.3.0: {}
 
+  thread-stream@4.0.0:
+    dependencies:
+      real-require: 0.2.0
+
   tiny-invariant@1.3.3: {}
 
   tinybench@2.9.0: {}
@@ -8077,6 +9794,10 @@ snapshots:
     dependencies:
       tldts: 7.0.27
 
+  tr46@0.0.3: {}
+
+  tree-kill@1.2.2: {}
+
   ts-essentials@10.1.1(typescript@5.9.3):
     optionalDependencies:
       typescript: 5.9.3
@@ -8092,6 +9813,35 @@ snapshots:
       minimist: 1.2.8
       strip-bom: 3.0.0
 
+  tsdown@0.21.7(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(typescript@5.9.3):
+    dependencies:
+      ansis: 4.2.0
+      cac: 7.0.0
+      defu: 6.1.4
+      empathic: 2.0.0
+      hookable: 6.1.0
+      import-without-cache: 0.2.5
+      obug: 2.1.1
+      picomatch: 4.0.4
+      rolldown: 1.0.0-rc.12(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
+      rolldown-plugin-dts: 0.23.2(rolldown@1.0.0-rc.12(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1))(typescript@5.9.3)
+      semver: 7.7.4
+      tinyexec: 1.0.4
+      tinyglobby: 0.2.15
+      tree-kill: 1.2.2
+      unconfig-core: 7.5.0
+      unrun: 0.2.34(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
+    optionalDependencies:
+      typescript: 5.9.3
+    transitivePeerDependencies:
+      - '@emnapi/core'
+      - '@emnapi/runtime'
+      - '@ts-macro/tsc'
+      - '@typescript/native-preview'
+      - oxc-resolver
+      - synckit
+      - vue-tsc
+
   tslib@2.8.1: {}
 
   tsx@4.21.0:
@@ -8101,14 +9851,14 @@ snapshots:
     optionalDependencies:
       fsevents: 2.3.3
 
-  turbo@2.8.21:
+  turbo@2.9.4:
     optionalDependencies:
-      '@turbo/darwin-64': 2.8.21
-      '@turbo/darwin-arm64': 2.8.21
-      '@turbo/linux-64': 2.8.21
-      '@turbo/linux-arm64': 2.8.21
-      '@turbo/windows-64': 2.8.21
-      '@turbo/windows-arm64': 2.8.21
+      '@turbo/darwin-64': 2.9.4
+      '@turbo/darwin-arm64': 2.9.4
+      '@turbo/linux-64': 2.9.4
+      '@turbo/linux-arm64': 2.9.4
+      '@turbo/windows-64': 2.9.4
+      '@turbo/windows-arm64': 2.9.4
 
   tw-animate-css@1.4.0: {}
 
@@ -8124,7 +9874,10 @@ snapshots:
 
   typescript@5.9.3: {}
 
-  ufo@1.6.3: {}
+  unconfig-core@7.5.0:
+    dependencies:
+      '@quansync/fs': 1.0.0
+      quansync: 1.0.0
 
   undici-types@6.21.0: {}
 
@@ -8132,17 +9885,11 @@ snapshots:
 
   undici-types@7.18.2: {}
 
-  undici@5.29.0:
-    dependencies:
-      '@fastify/busboy': 2.1.1
+  undici@7.24.4: {}
 
-  unenv@2.0.0-rc.14:
+  unenv@2.0.0-rc.24:
     dependencies:
-      defu: 6.1.4
-      exsolve: 1.0.8
-      ohash: 2.0.11
       pathe: 2.0.3
-      ufo: 1.6.3
 
   unicorn-magic@0.3.0: {}
 
@@ -8150,6 +9897,13 @@ snapshots:
 
   unpipe@1.0.0: {}
 
+  unrun@0.2.34(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1):
+    dependencies:
+      rolldown: 1.0.0-rc.12(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
+    transitivePeerDependencies:
+      - '@emnapi/core'
+      - '@emnapi/runtime'
+
   until-async@3.0.2: {}
 
   update-browserslist-db@1.2.3(browserslist@4.28.1):
@@ -8158,6 +9912,8 @@ snapshots:
       escalade: 3.2.0
       picocolors: 1.1.1
 
+  url-template@2.0.8: {}
+
   use-intl@4.8.3(react@19.2.4):
     dependencies:
       '@formatjs/fast-memoize': 3.1.1
@@ -8176,16 +9932,20 @@ snapshots:
 
   uuid@13.0.0: {}
 
+  uuid@9.0.1: {}
+
+  uzip@0.20201231.0: {}
+
   validate-npm-package-name@7.0.2: {}
 
   vary@1.1.2: {}
 
-  vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3):
+  vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3):
     dependencies:
       lightningcss: 1.32.0
-      picomatch: 4.0.3
+      picomatch: 4.0.4
       postcss: 8.5.8
-      rolldown: 1.0.0-rc.10
+      rolldown: 1.0.0-rc.10(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
       tinyglobby: 0.2.15
     optionalDependencies:
       '@types/node': 24.12.0
@@ -8194,13 +9954,16 @@ snapshots:
       jiti: 2.6.1
       tsx: 4.21.0
       yaml: 2.8.3
+    transitivePeerDependencies:
+      - '@emnapi/core'
+      - '@emnapi/runtime'
 
-  vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3):
+  vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3):
     dependencies:
       lightningcss: 1.32.0
-      picomatch: 4.0.3
+      picomatch: 4.0.4
       postcss: 8.5.8
-      rolldown: 1.0.0-rc.10
+      rolldown: 1.0.0-rc.10(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)
       tinyglobby: 0.2.15
     optionalDependencies:
       '@types/node': 25.5.0
@@ -8209,23 +9972,26 @@ snapshots:
       jiti: 2.6.1
       tsx: 4.21.0
       yaml: 2.8.3
+    transitivePeerDependencies:
+      - '@emnapi/core'
+      - '@emnapi/runtime'
 
-  vitest-mock-extended@3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))):
+  vitest-mock-extended@3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))):
     dependencies:
       ts-essentials: 10.1.1(typescript@5.9.3)
       typescript: 5.9.3
-      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
 
-  vitest-mock-extended@3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))):
+  vitest-mock-extended@3.1.0(typescript@5.9.3)(vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))):
     dependencies:
       ts-essentials: 10.1.1(typescript@5.9.3)
       typescript: 5.9.3
-      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+      vitest: 4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
 
-  vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)):
+  vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@24.12.0)(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)):
     dependencies:
       '@vitest/expect': 4.1.0
-      '@vitest/mocker': 4.1.0(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+      '@vitest/mocker': 4.1.0(msw@2.12.14(@types/node@24.12.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
       '@vitest/pretty-format': 4.1.0
       '@vitest/runner': 4.1.0
       '@vitest/snapshot': 4.1.0
@@ -8242,7 +10008,7 @@ snapshots:
       tinyexec: 1.0.4
       tinyglobby: 0.2.15
       tinyrainbow: 3.1.0
-      vite: 8.0.1(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)
+      vite: 8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@24.12.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)
       why-is-node-running: 2.3.0
     optionalDependencies:
       '@opentelemetry/api': 1.9.0
@@ -8250,10 +10016,10 @@ snapshots:
     transitivePeerDependencies:
       - msw
 
-  vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)):
+  vitest@4.1.0(@opentelemetry/api@1.9.0)(@types/node@25.5.0)(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)):
     dependencies:
       '@vitest/expect': 4.1.0
-      '@vitest/mocker': 4.1.0(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
+      '@vitest/mocker': 4.1.0(msw@2.12.14(@types/node@25.5.0)(typescript@5.9.3))(vite@8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3))
       '@vitest/pretty-format': 4.1.0
       '@vitest/runner': 4.1.0
       '@vitest/snapshot': 4.1.0
@@ -8270,7 +10036,7 @@ snapshots:
       tinyexec: 1.0.4
       tinyglobby: 0.2.15
       tinyrainbow: 3.1.0
-      vite: 8.0.1(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)
+      vite: 8.0.1(@emnapi/core@1.9.1)(@emnapi/runtime@1.9.1)(@types/node@25.5.0)(esbuild@0.27.4)(jiti@2.6.1)(tsx@4.21.0)(yaml@2.8.3)
       why-is-node-running: 2.3.0
     optionalDependencies:
       '@opentelemetry/api': 1.9.0
@@ -8280,6 +10046,13 @@ snapshots:
 
   web-streams-polyfill@3.3.3: {}
 
+  webidl-conversions@3.0.1: {}
+
+  whatwg-url@5.0.0:
+    dependencies:
+      tr46: 0.0.3
+      webidl-conversions: 3.0.1
+
   which@2.0.2:
     dependencies:
       isexe: 2.0.0
@@ -8293,30 +10066,27 @@ snapshots:
       siginfo: 2.0.0
       stackback: 0.0.2
 
-  workerd@1.20250718.0:
+  workerd@1.20260329.1:
     optionalDependencies:
-      '@cloudflare/workerd-darwin-64': 1.20250718.0
-      '@cloudflare/workerd-darwin-arm64': 1.20250718.0
-      '@cloudflare/workerd-linux-64': 1.20250718.0
-      '@cloudflare/workerd-linux-arm64': 1.20250718.0
-      '@cloudflare/workerd-windows-64': 1.20250718.0
-
-  wrangler@3.114.17(@cloudflare/workers-types@4.20260401.1):
-    dependencies:
-      '@cloudflare/kv-asset-handler': 0.3.4
-      '@cloudflare/unenv-preset': 2.0.2(unenv@2.0.0-rc.14)(workerd@1.20250718.0)
-      '@esbuild-plugins/node-globals-polyfill': 0.2.3(esbuild@0.17.19)
-      '@esbuild-plugins/node-modules-polyfill': 0.2.2(esbuild@0.17.19)
+      '@cloudflare/workerd-darwin-64': 1.20260329.1
+      '@cloudflare/workerd-darwin-arm64': 1.20260329.1
+      '@cloudflare/workerd-linux-64': 1.20260329.1
+      '@cloudflare/workerd-linux-arm64': 1.20260329.1
+      '@cloudflare/workerd-windows-64': 1.20260329.1
+
+  wrangler@4.79.0(@cloudflare/workers-types@4.20260401.1):
+    dependencies:
+      '@cloudflare/kv-asset-handler': 0.4.2
+      '@cloudflare/unenv-preset': 2.16.0(unenv@2.0.0-rc.24)(workerd@1.20260329.1)
       blake3-wasm: 2.1.5
-      esbuild: 0.17.19
-      miniflare: 3.20250718.3
+      esbuild: 0.27.3
+      miniflare: 4.20260329.0
       path-to-regexp: 6.3.0
-      unenv: 2.0.0-rc.14
-      workerd: 1.20250718.0
+      unenv: 2.0.0-rc.24
+      workerd: 1.20260329.1
     optionalDependencies:
       '@cloudflare/workers-types': 4.20260401.1
       fsevents: 2.3.3
-      sharp: 0.33.5
     transitivePeerDependencies:
       - bufferutil
       - utf-8-validate
@@ -8372,18 +10142,23 @@ snapshots:
 
   yoctocolors@2.1.2: {}
 
-  youch@3.3.4:
+  youch-core@0.3.3:
     dependencies:
-      cookie: 0.7.2
-      mustache: 4.2.0
-      stacktracey: 2.2.0
+      '@poppinss/exception': 1.2.3
+      error-stack-parser-es: 1.0.5
+
+  youch@4.1.0-beta.10:
+    dependencies:
+      '@poppinss/colors': 4.1.6
+      '@poppinss/dumper': 0.6.5
+      '@speed-highlight/core': 1.2.15
+      cookie: 1.1.1
+      youch-core: 0.3.3
 
   zod-to-json-schema@3.25.1(zod@3.25.76):
     dependencies:
       zod: 3.25.76
 
-  zod@3.22.3: {}
-
   zod@3.25.76: {}
 
   zod@4.3.6: {}
diff --git a/turbo.json b/turbo.json
index 491790a1..00b2efb5 100644
--- a/turbo.json
+++ b/turbo.json
@@ -1,5 +1,5 @@
 {
-  "$schema": "https://turborepo.dev/schema.json",
+  "$schema": "https://v2-9-4.turborepo.dev/schema.json",
   "ui": "tui",
   "remoteCache": {
     "signature": true
@@ -18,13 +18,27 @@
     "SUPER_ADMIN_EMAIL",
     "SUPER_ADMIN_PASSWORD",
     "SUPER_ADMIN_NAME",
-    "NEXT_PUBLIC_DOMUS_VERSION"
+    "NEXT_PUBLIC_DOMUS_VERSION",
+    "CRON_SECRET",
+    "AXIOM_TOKEN",
+    "AXIOM_DATASET",
+    "CF_API_TOKEN",
+    "CF_ACCOUNT_ID",
+    "CF_AUD",
+    "CF_JWKS",
+    "WHATSAPP_TOKEN",
+    "GDRIVE_SERVICE_ACCOUNT_KEY",
+    "R2_ACCOUNT_ID",
+    "R2_ACCESS_KEY_ID",
+    "R2_SECRET_ACCESS_KEY",
+    "R2_BUCKET_NAME",
+    "R2_PUBLIC_URL"
   ],
   "tasks": {
     "build": {
       "dependsOn": ["^build"],
       "inputs": ["$TURBO_DEFAULT$", ".env*"],
-      "outputs": [".next/**", "!.next/cache/**"]
+      "outputs": [".next/**", "!.next/cache/**", "dist/**"]
     },
     "//#lint": {
       "inputs": ["$TURBO_DEFAULT$", "biome.json"]