refactor: migrate vendor APIs to token-based context and consolidate architecture

## Vendor-in-Token Architecture (Complete Migration)
- Migrate all vendor API endpoints from require_vendor_context() to token_vendor_id
- Update permission dependencies to extract vendor from JWT token
- Add vendor exceptions: VendorAccessDeniedException, VendorOwnerOnlyException,
  InsufficientVendorPermissionsException
- Shop endpoints retain require_vendor_context() for URL-based detection
- Add AUTH-004 architecture rule enforcing vendor context patterns
- Fix marketplace router missing /marketplace prefix

## Exception Pattern Fixes (API-003/API-004)
- Services raise domain exceptions, endpoints let them bubble up
- Add code_quality and content_page exception modules
- Move business logic from endpoints to services (admin, auth, content_page)
- Fix exception handling in admin, shop, and vendor endpoints

## Tailwind CSS Consolidation
- Consolidate CSS to per-area files (admin, vendor, shop, platform)
- Remove shared/cdn-fallback.html and shared/css/tailwind.min.css
- Update all templates to use area-specific Tailwind output files
- Remove Node.js config (package.json, postcss.config.js, tailwind.config.js)

## Documentation & Cleanup
- Update vendor-in-token-architecture.md with completed migration status
- Update architecture-rules.md with new rules
- Move migration docs to docs/development/migration/
- Remove duplicate/obsolete documentation files
- Merge pytest.ini settings into pyproject.toml

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

app/services/code_quality_service.py

@@ -11,6 +11,11 @@ from datetime import datetime
 from sqlalchemy import desc, func
 from sqlalchemy.orm import Session
 
+from app.exceptions import (
+    ScanParseException,
+    ScanTimeoutException,
+    ViolationNotFoundException,
+)
 from models.database.architecture_scan import (
     ArchitectureScan,
     ArchitectureViolation,
@@ -54,7 +59,7 @@ class CodeQualityService:
             )
         except subprocess.TimeoutExpired:
             logger.error("Architecture scan timed out after 5 minutes")
-            raise Exception("Scan timed out")
+            raise ScanTimeoutException(timeout_seconds=300)
 
         duration = (datetime.now() - start_time).total_seconds()
 
@@ -77,7 +82,7 @@ class CodeQualityService:
             logger.error(f"Failed to parse validator output: {e}")
             logger.error(f"Stdout: {result.stdout}")
             logger.error(f"Stderr: {result.stderr}")
-            raise Exception(f"Failed to parse scan results: {e}")
+            raise ScanParseException(reason=str(e))
 
         # Create scan record
         scan = ArchitectureScan(
@@ -285,7 +290,7 @@ class CodeQualityService:
         """
         violation = self.get_violation_by_id(db, violation_id)
         if not violation:
-            raise ValueError(f"Violation {violation_id} not found")
+            raise ViolationNotFoundException(violation_id)
 
         violation.status = "resolved"
         violation.resolved_at = datetime.now()
@@ -313,7 +318,7 @@ class CodeQualityService:
         """
         violation = self.get_violation_by_id(db, violation_id)
         if not violation:
-            raise ValueError(f"Violation {violation_id} not found")
+            raise ViolationNotFoundException(violation_id)
 
         violation.status = "ignored"
         violation.resolved_at = datetime.now()