refactor: migrate vendor APIs to token-based context and consolidate architecture

## Vendor-in-Token Architecture (Complete Migration)
- Migrate all vendor API endpoints from require_vendor_context() to token_vendor_id
- Update permission dependencies to extract vendor from JWT token
- Add vendor exceptions: VendorAccessDeniedException, VendorOwnerOnlyException,
  InsufficientVendorPermissionsException
- Shop endpoints retain require_vendor_context() for URL-based detection
- Add AUTH-004 architecture rule enforcing vendor context patterns
- Fix marketplace router missing /marketplace prefix

## Exception Pattern Fixes (API-003/API-004)
- Services raise domain exceptions, endpoints let them bubble up
- Add code_quality and content_page exception modules
- Move business logic from endpoints to services (admin, auth, content_page)
- Fix exception handling in admin, shop, and vendor endpoints

## Tailwind CSS Consolidation
- Consolidate CSS to per-area files (admin, vendor, shop, platform)
- Remove shared/cdn-fallback.html and shared/css/tailwind.min.css
- Update all templates to use area-specific Tailwind output files
- Remove Node.js config (package.json, postcss.config.js, tailwind.config.js)

## Documentation & Cleanup
- Update vendor-in-token-architecture.md with completed migration status
- Update architecture-rules.md with new rules
- Move migration docs to docs/development/migration/
- Remove duplicate/obsolete documentation files
- Merge pytest.ini settings into pyproject.toml

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

pyproject.toml

@@ -119,18 +119,53 @@ python_classes = ["Test*"]
 python_functions = ["test_*"]
 addopts = [
     "-v",
+    "--tb=short",
     "--strict-markers",
     "--strict-config",
     "--color=yes",
+    "--durations=10",
+    "--showlocals",
+    "-ra",
+    "--cov=app",
+    "--cov=models",
+    "--cov=middleware",
+    "--cov-report=term-missing",
+    "--cov-report=html:htmlcov",
+    "--cov-fail-under=80",
 ]
 markers = [
-    "unit: Unit tests",
-    "integration: Integration tests",
-    "slow: Slow running tests",
+    "unit: marks tests as unit tests - fast, isolated components",
+    "integration: marks tests as integration tests - multiple components working together",
+    "system: marks tests as system tests - full application behavior",
+    "e2e: marks tests as end-to-end tests - complete user workflows",
+    "slow: marks tests as slow running tests (deselect with '-m \"not slow\"')",
+    "performance: marks tests as performance and load tests",
+    "auth: marks tests as authentication and authorization tests",
+    "products: marks tests as product management functionality",
+    "inventory: marks tests as inventory and inventory management",
+    "vendors: marks tests as vendor management functionality",
+    "admin: marks tests as admin functionality and permissions",
+    "marketplace: marks tests as marketplace import functionality",
+    "stats: marks tests as statistics and reporting",
+    "database: marks tests as tests that require database operations",
+    "external: marks tests as tests that require external services",
+    "api: marks tests as API endpoint tests",
+    "security: marks tests as security-related tests",
+    "ci: marks tests as tests that should only run in CI",
+    "dev: marks tests as development-specific tests",
 ]
 filterwarnings = [
+    "ignore::UserWarning",
     "ignore::DeprecationWarning",
+    "ignore::PendingDeprecationWarning",
+    "ignore::sqlalchemy.exc.SAWarning",
 ]
+timeout = 300
+timeout_method = "thread"
+log_cli = true
+log_cli_level = "INFO"
+log_cli_format = "%(asctime)s [%(levelname)8s] %(name)s: %(message)s"
+log_cli_date_format = "%Y-%m-%d %H:%M:%S"
 
 # =============================================================================
 # COVERAGE