Migrate TREK 3 to NestJS + React 19 with a shared Zod contract layer

Brownfield strangler migration of the backend onto NestJS modules
(auth, trips, days, places, assignments, packing, todo, budget,
reservations, collab, files, photos, journey, share, settings, backup,
oidc, oauth, admin, atlas, vacay, weather, airports, maps, categories,
tags, notifications, system-notices) served through a per-prefix
dispatcher, keeping the existing SQLite/better-sqlite3 DB and JWT
httpOnly cookie auth, with behavioural parity for every route.

Client: React 19 upgrade, "page = wiring container + data hook"
pattern across all pages, per-domain Zustand stores bound to
@trek/shared contracts, and decomposition of the large components
(DayPlanSidebar, PackingListPanel, CollabNotes, FileManager,
MemoriesPanel, PlacesSidebar, CollabChat, SystemNoticeModal,
BudgetPanel, PlaceFormModal, ...) into focused render units backed by
in-file hooks.

Apply the shared global request pipeline (helmet/CSP, CORS, HSTS,
forced HTTPS, the global MFA policy and request logging) to the NestJS
instance as well, so a migrated route is protected identically to the
legacy fallback rather than bypassing it.

shared/src/notification/notification.schema.spec.ts

@@ -0,0 +1,36 @@
+import { describe, it, expect } from 'vitest';
+import {
+  preferencesUpdateRequestSchema,
+  notificationRespondRequestSchema,
+  channelTestResultSchema,
+  inAppListResultSchema,
+} from './notification.schema';
+
+describe('preferencesUpdateRequestSchema', () => {
+  it('accepts a nested event/channel/enabled matrix', () => {
+    expect(preferencesUpdateRequestSchema.safeParse({ trip_invite: { inapp: true, email: false } }).success).toBe(true);
+    expect(preferencesUpdateRequestSchema.safeParse({ trip_invite: { inapp: 'yes' } }).success).toBe(false);
+  });
+});
+
+describe('notificationRespondRequestSchema', () => {
+  it('only accepts positive/negative', () => {
+    expect(notificationRespondRequestSchema.safeParse({ response: 'positive' }).success).toBe(true);
+    expect(notificationRespondRequestSchema.safeParse({ response: 'maybe' }).success).toBe(false);
+  });
+});
+
+describe('channelTestResultSchema', () => {
+  it('accepts a success result and an error result', () => {
+    expect(channelTestResultSchema.safeParse({ success: true }).success).toBe(true);
+    expect(channelTestResultSchema.safeParse({ success: false, error: 'SMTP down' }).success).toBe(true);
+  });
+});
+
+describe('inAppListResultSchema', () => {
+  it('accepts the list envelope with open notification rows', () => {
+    expect(inAppListResultSchema.safeParse({
+      notifications: [{ id: 1, type: 'info', anything: 'goes' }], total: 1, unread_count: 0,
+    }).success).toBe(true);
+  });
+});

shared/src/notification/notification.schema.ts

@@ -0,0 +1,55 @@
+import { z } from 'zod';
+
+/**
+ * Notification API contract — single source of truth for the /api/notifications
+ * endpoints (channel-preference matrix, channel test pings, and in-app
+ * notifications).
+ *
+ * The notification row and the preferences matrix are wide, DB- and
+ * registry-derived shapes; the response schemas keep them as open records and
+ * pin the stable envelope fields, while the request schemas and the bespoke
+ * 400/403/404 controller messages capture the parts the client depends on.
+ * Real-time delivery happens over the existing WebSocket path inside the
+ * services and is untouched by this contract.
+ */
+
+/** Channel preference matrix update: { eventType: { channel: enabled } }. */
+export const preferencesUpdateRequestSchema = z.record(
+  z.string(),
+  z.record(z.string(), z.boolean()),
+);
+export type PreferencesUpdateRequest = z.infer<typeof preferencesUpdateRequestSchema>;
+
+export const testSmtpRequestSchema = z.object({ email: z.string().optional() });
+export const testWebhookRequestSchema = z.object({ url: z.string().optional() });
+export const testNtfyRequestSchema = z.object({
+  topic: z.string().optional(),
+  server: z.string().optional(),
+  token: z.string().optional(),
+});
+
+/** Result of a channel test ping. */
+export const channelTestResultSchema = z.object({
+  success: z.boolean(),
+  error: z.string().optional(),
+});
+export type ChannelTestResult = z.infer<typeof channelTestResultSchema>;
+
+/** Respond to a boolean (yes/no) notification. */
+export const notificationRespondRequestSchema = z.object({
+  response: z.enum(['positive', 'negative']),
+});
+export type NotificationRespondRequest = z.infer<typeof notificationRespondRequestSchema>;
+
+/** A single in-app notification row (DB-shaped; kept open). */
+export const notificationRowSchema = z.record(z.string(), z.unknown());
+
+export const inAppListResultSchema = z.object({
+  notifications: z.array(notificationRowSchema),
+  total: z.number(),
+  unread_count: z.number(),
+});
+export type InAppListResult = z.infer<typeof inAppListResultSchema>;
+
+export const unreadCountResultSchema = z.object({ count: z.number() });
+export type UnreadCountResult = z.infer<typeof unreadCountResultSchema>;