# Merge Blueprint V11 — Inventory ERP Control Retro Cyberpunk V11

## Goal

Use the successful compiler-project pattern: the portfolio application remains the visible product, browser-safe features run immediately, upstream source evidence is preserved, and server-only capabilities are connected through an explicit adapter rather than falsely claimed as running inside Cloudflare Pages.

## Layers

1. **Presentation** — semantic HTML, the supplied retro-cyberpunk CSS language, accessible fixed navigation on laptop, mobile command drawer, responsive tables and reduced-motion support.
2. **Browser domain engine** — project-specific CRUD, filters, calculated metrics, status transitions, audit history, JSON/CSV export, JSON import and local persistence.
3. **Upstream source evidence** — original source archive, upstream license/readme/snapshot, source-pair metadata and chunk reconstruction instructions where supplied.
4. **Production adapter** — a server-side gateway owns credentials, validates inputs, rate-limits requests and translates browser domain objects to `frappe/erpnext` APIs/models.
5. **Deployment** — Cloudflare Pages serves only the static shell/PWA. Server runtimes and databases are deployed separately.

## Capability truth table

| Capability | Browser ZIP | Production backend |
|---|---:|---:|
| Responsive UI and navigation | Yes | Optional |
| Local CRUD and workflow simulation | Yes | Optional |
| Local audit and export/import | Yes | Optional |
| PWA install and offline shell | Yes | No |
| Real upstream authentication | No | Required |
| Shared multi-user database | No | Required |
| Email/jobs/search/native runtime | No | Required where applicable |

## Source status

Selected official source evidence and original project are bundled; a full ERPNext runtime is not executed by Cloudflare Pages.

## Security boundary

Never expose upstream tokens in public assets. Use server-side secrets, origin allowlists, request validation, rate limits, timeouts, logging and least-privilege service accounts.
