Better Auth permissions → flat scopes. { cart: ["read","write"] } → ["cart:read","cart:write"].
DEVIATION from saastarter scopes.ts:167-179 (receipted): the if (scope in API_SCOPES) catalog filter is REMOVED.
The scope catalog is APP-domain vocabulary (saastarter's ecommerce products/cart/orders), not auth machinery —
baking a fixed catalog into a candidate-spec package would couple it to one app's domain. An app that wants
catalog-validation filters the result against its own catalog. Lowered ceiling: this is reusable-primitive intent,
not a behavioral port.
Better Auth permissions → flat scopes.
{ cart: ["read","write"] }→["cart:read","cart:write"]. DEVIATION from saastarter scopes.ts:167-179 (receipted): theif (scope in API_SCOPES)catalog filter is REMOVED. The scope catalog is APP-domain vocabulary (saastarter's ecommerce products/cart/orders), not auth machinery — baking a fixed catalog into a candidate-spec package would couple it to one app's domain. An app that wants catalog-validation filters the result against its own catalog. Lowered ceiling: this is reusable-primitive intent, not a behavioral port.