diff --git a/.env.example b/.env.example
index 9627e79..4e822b3 100644
--- a/.env.example
+++ b/.env.example
@@ -91,6 +91,20 @@ ENCRYPTION_KEY=change_me_in_env_local
 # POSTGRES_PORT=5435
 # XDEBUG_CLIENT_HOST=host.docker.internal
 
+# ===========================================================================
+# Error tracking — GlitchTip (compatible SDK Sentry)
+# ===========================================================================
+
+# DSN du projet GlitchTip "lesstime-api" (BACKEND, runtime).
+# Actif uniquement en prod (bundle prod-only). Vide/absent => Sentry inerte.
+# A definir dans infra/prod/.env (pas en dev). Ex : http://<cle>@glitchtip.interne:<port>/<id>
+# SENTRY_DSN=
+
+# NB : le DSN FRONT (lesstime-front) et l'upload des source maps sont fournis
+# au BUILD de l'image, pas au runtime. Voir infra/prod/Dockerfile (ARG) et la
+# CI .gitea/workflows/build-docker.yml (build-args depuis les secrets Gitea) :
+#   NUXT_PUBLIC_SENTRY_DSN, SENTRY_URL, SENTRY_ORG, SENTRY_PROJECT, SENTRY_AUTH_TOKEN
+
 # ===========================================================================
 # Frontend (frontend/.env)
 # ===========================================================================
diff --git a/.gitea/workflows/build-docker.yml b/.gitea/workflows/build-docker.yml
index 2b0b3f8..d5913ad 100644
--- a/.gitea/workflows/build-docker.yml
+++ b/.gitea/workflows/build-docker.yml
@@ -20,6 +20,11 @@ jobs:
         run: |
           docker build \
             -f infra/prod/Dockerfile \
+            --build-arg NUXT_PUBLIC_SENTRY_DSN="${{ secrets.SENTRY_FRONT_DSN }}" \
+            --build-arg SENTRY_URL="${{ secrets.SENTRY_URL }}" \
+            --build-arg SENTRY_ORG="${{ secrets.SENTRY_ORG }}" \
+            --build-arg SENTRY_PROJECT="${{ secrets.SENTRY_FRONT_PROJECT }}" \
+            --build-arg SENTRY_AUTH_TOKEN="${{ secrets.SENTRY_AUTH_TOKEN }}" \
             -t gitea.malio.fr/malio-dev/lesstime:${{ gitea.ref_name }} \
             -t gitea.malio.fr/malio-dev/lesstime:latest \
             .
diff --git a/.mcp.json b/.mcp.json
index aeea346..dbf183b 100644
--- a/.mcp.json
+++ b/.mcp.json
@@ -1,12 +1,5 @@
 {
     "mcpServers": {
-        "lesstime": {
-            "type": "http",
-            "url": "http://project.malio-dev.fr/_mcp",
-            "headers": {
-                "Authorization": "Bearer 7e8b410a5b79b5c0432951dcee3a3a81e0731e86d9f70d8784ec079a2b759c64"
-            }
-        },
         "lesstime-local": {
             "command": "docker",
             "args": [
diff --git a/README.md b/README.md
index ba7b601..926ed2a 100644
--- a/README.md
+++ b/README.md
@@ -23,6 +23,7 @@ Application de gestion de projet avec suivi du temps et portail client.
 - Intégration Gitea (issues, repos)
 - Intégration Mail IMAP (boîte partagée OVH, voir `docs/mail-integration.md`)
 - Serveur MCP pour assistants IA
+- Error tracking centralisé back + front (GlitchTip / SDK Sentry, prod uniquement — voir « Error tracking »)
 - Multi-langue (i18n)
 
 ## Prérequis
@@ -74,6 +75,7 @@ peuvent être surchargées dans `.env.local` (jamais committé). En prod, elles
 | `CORS_ALLOW_ORIGIN` | Origines CORS autorisées | localhost | ✅ (domaine prod) |
 | **`ENCRYPTION_KEY`** | **Clé hex 32 bytes chiffrant les credentials IMAP/SMTP (feature mail)** | placeholder | ✅ — doit rester **stable**, sinon les credentials mail stockés deviennent illisibles |
 | **`LOCK_DSN`** | **Store de verrous Symfony pour la sync mail (anti-chevauchement)** | `flock` | `flock` suffit |
+| `SENTRY_DSN` | Error tracking **backend** → GlitchTip (projet `lesstime-api`) | _(vide)_ | ⚪ optionnel — active le tracking (voir « Error tracking ») |
 
 > **Messagerie** : `ENCRYPTION_KEY` et `LOCK_DSN` sont introduites par l'intégration mail.
 > Détails de config et cron de synchronisation : `docs/mail-integration.md` et `docs/mail-cron-setup.md`.
@@ -217,28 +219,60 @@ Lesstime expose un serveur MCP (Model Context Protocol) permettant aux assistant
 }
 ```
 
-### Configuration réseau (HTTP)
+### Configuration réseau (HTTP) — par poste, hors git
+
+Le transport HTTP nécessite un **token API** (Bearer), qui est un **secret** : il ne va **jamais**
+dans le `.mcp.json` versionné (celui-ci ne contient que le serveur STDIO local, sans secret).
+Chaque développeur configure le serveur HTTP dans sa **config Claude Code locale**.
+
+**Méthode recommandée (identique sur Fedora, Windows et macOS) :**
+
+```bash
+claude mcp add --transport http --scope user lesstime \
+  http://project.malio-dev.fr/_mcp \
+  --header "Authorization: Bearer <api-token>"
+```
+- En prod : `http://project.malio-dev.fr/_mcp`
+- En réseau local : `http://<ip-serveur>:8082/_mcp`
+
+**Où c'est stocké** (si tu édites le fichier à la main, sous la clé `mcpServers`) :
+
+| OS | Fichier de config Claude Code |
+|----|-------------------------------|
+| **Fedora / Linux** | `~/.claude.json` |
+| **Windows** (collègue) | `%USERPROFILE%\.claude.json` (ex. `C:\Users\<user>\.claude.json`) |
+| **macOS** | `~/.claude.json` |
 
 ```json
 {
   "mcpServers": {
     "lesstime": {
-      "type": "url",
-      "url": "http://<ip-serveur>:8082/_mcp",
-      "headers": {
-        "Authorization": "Bearer <api-token>"
-      }
+      "type": "http",
+      "url": "http://project.malio-dev.fr/_mcp",
+      "headers": { "Authorization": "Bearer <api-token>" }
     }
   }
 }
 ```
 
+Après modification, relancer la connexion avec `/mcp` dans Claude Code.
+
 ### Gestion des tokens API
 
+Générer / régénérer un token pour un utilisateur :
+
 ```bash
+# En dev (container local)
 docker exec -u www-data php-lesstime-fpm php bin/console app:generate-api-token <username>
+
+# En prod (sur le serveur, dans infra/prod)
+sudo docker compose exec -T -u www-data app php bin/console app:generate-api-token <username>
 ```
 
+⚠️ Le token est **invalidé à chaque reset/reseed de la base**. Symptôme : `/mcp` renvoie
+`HTTP 401 "Invalid API token"`. Il faut alors le **régénérer** (commande ci-dessus) puis remplacer
+la valeur `Bearer ...` dans ta config locale (par poste).
+
 ## Déploiement
 
 La prod tourne en **Docker** : l'image est buildée par la CI Gitea sur push de tag `v*`
@@ -255,6 +289,131 @@ Le script active la maintenance, pull l'image, redémarre le container, lance le
 et vide le cache. Guide complet (première installation, BDD, Nginx, JWT, rollback) :
 **`doc/deployment-docker.md`**.
 
+## Error tracking (GlitchTip)
+
+Les erreurs **backend** et **frontend** sont remontées vers **GlitchTip** (instance auto-hébergée
+interne, compatible SDK Sentry) qui les **groupe par projet** et compte les occurrences. Activé
+**uniquement en prod** : en dev, sans DSN, le SDK est inerte (zéro impact). Ticket de référence :
+INFRA #146.
+
+### Pourquoi back et front se configurent différemment
+
+| | Backend (Symfony) | Frontend (Nuxt SPA) |
+|---|---|---|
+| Nature | process PHP qui tourne en continu | fichiers JS/HTML **statiques** (`nuxt generate`) |
+| Quand le DSN est lu | au **runtime** | **figé au build** (baké dans le JS) |
+| Où mettre le DSN | `.env` du serveur (`/var/www/lesstime/.env`) — runtime | **secrets Gitea** → build-args de la CI |
+
+> Les erreurs partent **toujours vers GlitchTip**, jamais vers la CI. La CI ne sert qu'à *écrire*
+> le DSN front dans le bundle au moment du build (il n'y a aucun process front en prod qui
+> pourrait lire une variable d'environnement).
+
+### Variables
+
+**Backend — fichier `.env` du serveur** (`/var/www/lesstime/.env`, chargé via `env_file` ; le repo ne fournit que le template `infra/prod/.env.example`) :
+```env
+SENTRY_DSN=http://<clé>@glitchtip.interne:<port>/<id-projet-api>
+```
+
+**Frontend — secrets Gitea** (repo → Settings → Actions → Secrets), consommés par
+`.gitea/workflows/build-docker.yml` :
+
+| Secret Gitea | Rôle |
+|---|---|
+| `SENTRY_FRONT_DSN` | DSN du projet `lesstime-front` (public, baké dans le JS) |
+| `SENTRY_URL` | URL de l'instance GlitchTip |
+| `SENTRY_ORG` | slug de l'organisation GlitchTip |
+| `SENTRY_FRONT_PROJECT` | slug du projet front |
+| `SENTRY_AUTH_TOKEN` | token d'upload des **source maps** (vrai secret) |
+
+> Sans source maps, seul `SENTRY_FRONT_DSN` est requis (les stacktraces front seront sur du JS
+> minifié). Le build n'échoue pas si les autres secrets sont absents.
+
+### Fichiers concernés
+
+| Fichier | Rôle |
+|---|---|
+| `config/packages/sentry.yaml` | conf backend (prod-only, exceptions, 4xx ignorés, release = `app.version`) |
+| `config/bundles.php` | `SentryBundle` enregistré `['prod' => true]` |
+| `frontend/nuxt.config.ts` | module Sentry chargé **uniquement si DSN présent** + upload source maps |
+| `frontend/sentry.client.config.ts` | init du SDK client (no-op si DSN vide) |
+| `infra/prod/Dockerfile` | build-args front (`NUXT_PUBLIC_SENTRY_DSN`, `SENTRY_*`) |
+| `.gitea/workflows/build-docker.yml` | injection des secrets Gitea en build-args |
+
+### Activation (résumé)
+
+1. Dans GlitchTip : créer les projets `lesstime-api` et `lesstime-front`, récupérer les 2 DSN
+   (+ un auth token pour les source maps).
+2. Backend : ajouter `SENTRY_DSN` dans le `.env` du serveur (`/var/www/lesstime/.env`).
+3. Frontend : ajouter les secrets Gitea ci-dessus.
+4. Tagger une version (`v*`) → la CI build l'image avec le DSN front baké → `deploy.sh`.
+
+### Certificat HTTPS interne (CA auto-signée)
+
+GlitchTip est servi en **HTTPS** sur `https://logs.malio-dev.fr` (nginx devant), avec un certificat
+**auto-signé** par une **CA interne** (« MALIO-DEV Local Root CA », cert serveur `*.malio-dev.fr`).
+`malio-dev.fr` est un **domaine interne uniquement** (DNS local, pas de résolution publique).
+
+> **Pourquoi pas Let's Encrypt ?** Une CA publique doit valider le domaine via Internet (challenge
+> HTTP ou DNS public). Comme `malio-dev.fr` n'existe qu'en interne, aucune validation n'est
+> possible → on reste sur la CA interne, qu'il faut faire **approuver partout** où la connexion TLS
+> est établie. Tant que la CA n'est pas approuvée, **rien ne remonte** : le backend logue
+> « Message not sent » (SDK Sentry) et le navigateur affiche « connexion non sécurisée » (le front
+> n'envoie rien).
+
+**Qui doit faire confiance à la CA ?** La connexion à `logs.malio-dev.fr` part de deux endroits
+différents, donc deux fixes distincts :
+
+| Émetteur des erreurs | Qui établit le TLS | Où approuver la CA |
+|---|---|---|
+| Backend (Symfony) | le **container PHP** | CA bakée dans l'**image Docker** (ci-dessous) |
+| Frontend (SPA) | le **navigateur du poste** | CA poussée sur les **postes via GPO** (ci-dessous) |
+
+#### Fix backend — CA bakée dans l'image
+
+Le certificat **public** de la root CA est committé dans le repo (`infra/prod/malio-dev-root-ca.crt`,
+aucune clé privée) et installé dans le trust store du container au build (`infra/prod/Dockerfile`,
+stage production — `ca-certificates` est déjà installé) :
+
+```dockerfile
+COPY infra/prod/malio-dev-root-ca.crt /usr/local/share/ca-certificates/malio-dev-root-ca.crt
+RUN update-ca-certificates
+```
+
+Le container fait alors confiance à tout `*.malio-dev.fr` interne et le SDK Sentry backend peut
+envoyer. Vérification :
+
+```bash
+curl --cacert infra/prod/malio-dev-root-ca.crt https://logs.malio-dev.fr/api/1/store/   # → HTTP 200
+```
+
+#### Fix postes — CA poussée par GPO (Active Directory)
+
+Le front est une SPA : c'est le **navigateur de l'utilisateur** qui contacte `logs.malio-dev.fr`,
+donc c'est le **poste** qui doit faire confiance à la CA (la CA de l'image ne sert qu'au backend).
+Sur le domaine Active Directory, on pousse la CA **une seule fois via GPO** plutôt que poste par poste :
+
+1. Contrôleur de domaine → **Group Policy Management** → éditer une GPO.
+2. `Configuration ordinateur → Stratégies → Paramètres Windows → Paramètres de sécurité → Stratégies
+   de clé publique → Autorités de certification racines de confiance`.
+3. Clic droit → **Importer** → sélectionner `rootCA.crt` (« MALIO-DEV Local Root CA »).
+4. Sur les postes : `gpupdate /force` (ou attendre le rafraîchissement), puis **redémarrer le navigateur**.
+
+- Chrome / Edge utilisent le magasin Windows → confiance automatique.
+- ⚠️ **Firefox** a son propre magasin : activer `security.enterprise_roots.enabled = true`
+  (`about:config` ou via policy) pour qu'il lise le magasin Windows.
+
+> **Validation poste** : ouvrir `https://logs.malio-dev.fr` → cadenas vert sans avertissement = CA
+> approuvée = le front peut envoyer.
+
+#### Renouvellement / changement de CA
+
+Si la CA interne change (rotation, expiration) :
+
+1. Remplacer `infra/prod/malio-dev-root-ca.crt` par le nouveau certificat public, commit + **rebuild
+   de l'image** (re-tag `v*`) pour le backend.
+2. **Re-pousser** la nouvelle CA via GPO (étapes ci-dessus) pour les postes.
+
 ## Licence
 
 Propriétaire — Tous droits réservés.
diff --git a/composer.json b/composer.json
index 7b9c607..c298ae7 100644
--- a/composer.json
+++ b/composer.json
@@ -20,6 +20,7 @@
         "phpoffice/phpspreadsheet": "^5.5",
         "phpstan/phpdoc-parser": "^2.3",
         "sabre/vobject": "^4.5",
+        "sentry/sentry-symfony": "^5.10",
         "symfony/asset": "8.0.*",
         "symfony/console": "8.0.*",
         "symfony/doctrine-messenger": "^8.0",
diff --git a/composer.lock b/composer.lock
index 844faa7..1beb069 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "eee87b9c0011fb88523cb5aea0de29ba",
+    "content-hash": "106755bef51fd069316cd7f3a7e1a0b6",
     "packages": [
         {
             "name": "api-platform/doctrine-common",
@@ -2508,6 +2508,125 @@
             },
             "time": "2026-02-08T16:21:46+00:00"
         },
+        {
+            "name": "guzzlehttp/psr7",
+            "version": "2.12.3",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/guzzle/psr7.git",
+                "reference": "7ec62dc3f44aa218487dbed81a9bf9bc647be55d"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/guzzle/psr7/zipball/7ec62dc3f44aa218487dbed81a9bf9bc647be55d",
+                "reference": "7ec62dc3f44aa218487dbed81a9bf9bc647be55d",
+                "shasum": ""
+            },
+            "require": {
+                "php": "^7.2.5 || ^8.0",
+                "psr/http-factory": "^1.0",
+                "psr/http-message": "^1.1 || ^2.0",
+                "ralouphie/getallheaders": "^3.0",
+                "symfony/deprecation-contracts": "^2.5 || ^3.0",
+                "symfony/polyfill-php80": "^1.25"
+            },
+            "provide": {
+                "psr/http-factory-implementation": "1.0",
+                "psr/http-message-implementation": "1.0"
+            },
+            "require-dev": {
+                "bamarni/composer-bin-plugin": "^1.8.2",
+                "http-interop/http-factory-tests": "1.1.0",
+                "jshttp/mime-db": "1.54.0.1",
+                "phpunit/phpunit": "^8.5.52 || ^9.6.34"
+            },
+            "suggest": {
+                "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
+            },
+            "type": "library",
+            "extra": {
+                "bamarni-bin": {
+                    "bin-links": true,
+                    "forward-command": false
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "GuzzleHttp\\Psr7\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Graham Campbell",
+                    "email": "hello@gjcampbell.co.uk",
+                    "homepage": "https://github.com/GrahamCampbell"
+                },
+                {
+                    "name": "Michael Dowling",
+                    "email": "mtdowling@gmail.com",
+                    "homepage": "https://github.com/mtdowling"
+                },
+                {
+                    "name": "George Mponos",
+                    "email": "gmponos@gmail.com",
+                    "homepage": "https://github.com/gmponos"
+                },
+                {
+                    "name": "Tobias Nyholm",
+                    "email": "tobias.nyholm@gmail.com",
+                    "homepage": "https://github.com/Nyholm"
+                },
+                {
+                    "name": "Márk Sági-Kazár",
+                    "email": "mark.sagikazar@gmail.com",
+                    "homepage": "https://github.com/sagikazarmark"
+                },
+                {
+                    "name": "Tobias Schultze",
+                    "email": "webmaster@tubo-world.de",
+                    "homepage": "https://github.com/Tobion"
+                },
+                {
+                    "name": "Márk Sági-Kazár",
+                    "email": "mark.sagikazar@gmail.com",
+                    "homepage": "https://sagikazarmark.hu"
+                }
+            ],
+            "description": "PSR-7 message implementation that also provides common utility methods",
+            "keywords": [
+                "http",
+                "message",
+                "psr-7",
+                "request",
+                "response",
+                "stream",
+                "uri",
+                "url"
+            ],
+            "support": {
+                "issues": "https://github.com/guzzle/psr7/issues",
+                "source": "https://github.com/guzzle/psr7/tree/2.12.3"
+            },
+            "funding": [
+                {
+                    "url": "https://github.com/GrahamCampbell",
+                    "type": "github"
+                },
+                {
+                    "url": "https://github.com/Nyholm",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2026-06-23T15:21:08+00:00"
+        },
         {
             "name": "icewind/smb",
             "version": "3.8.1",
@@ -2960,6 +3079,66 @@
             },
             "time": "2026-05-04T12:34:54+00:00"
         },
+        {
+            "name": "jean85/pretty-package-versions",
+            "version": "2.1.1",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/Jean85/pretty-package-versions.git",
+                "reference": "4d7aa5dab42e2a76d99559706022885de0e18e1a"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/Jean85/pretty-package-versions/zipball/4d7aa5dab42e2a76d99559706022885de0e18e1a",
+                "reference": "4d7aa5dab42e2a76d99559706022885de0e18e1a",
+                "shasum": ""
+            },
+            "require": {
+                "composer-runtime-api": "^2.1.0",
+                "php": "^7.4|^8.0"
+            },
+            "require-dev": {
+                "friendsofphp/php-cs-fixer": "^3.2",
+                "jean85/composer-provided-replaced-stub-package": "^1.0",
+                "phpstan/phpstan": "^2.0",
+                "phpunit/phpunit": "^7.5|^8.5|^9.6",
+                "rector/rector": "^2.0",
+                "vimeo/psalm": "^4.3 || ^5.0"
+            },
+            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "1.x-dev"
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "Jean85\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Alessandro Lai",
+                    "email": "alessandro.lai85@gmail.com"
+                }
+            ],
+            "description": "A library to get pretty versions strings of installed dependencies",
+            "keywords": [
+                "composer",
+                "package",
+                "release",
+                "versions"
+            ],
+            "support": {
+                "issues": "https://github.com/Jean85/pretty-package-versions/issues",
+                "source": "https://github.com/Jean85/pretty-package-versions/tree/2.1.1"
+            },
+            "time": "2025-03-19T14:43:43+00:00"
+        },
         {
             "name": "lcobucci/jwt",
             "version": "5.6.0",
@@ -4939,6 +5118,50 @@
             },
             "time": "2021-10-29T13:26:27+00:00"
         },
+        {
+            "name": "ralouphie/getallheaders",
+            "version": "3.0.3",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/ralouphie/getallheaders.git",
+                "reference": "120b605dfeb996808c31b6477290a714d356e822"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822",
+                "reference": "120b605dfeb996808c31b6477290a714d356e822",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=5.6"
+            },
+            "require-dev": {
+                "php-coveralls/php-coveralls": "^2.1",
+                "phpunit/phpunit": "^5 || ^6.5"
+            },
+            "type": "library",
+            "autoload": {
+                "files": [
+                    "src/getallheaders.php"
+                ]
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Ralph Khattar",
+                    "email": "ralph.khattar@gmail.com"
+                }
+            ],
+            "description": "A polyfill for getallheaders.",
+            "support": {
+                "issues": "https://github.com/ralouphie/getallheaders/issues",
+                "source": "https://github.com/ralouphie/getallheaders/tree/develop"
+            },
+            "time": "2019-03-08T08:55:37+00:00"
+        },
         {
             "name": "sabre/uri",
             "version": "3.0.2",
@@ -5172,6 +5395,201 @@
             },
             "time": "2024-09-06T08:00:55+00:00"
         },
+        {
+            "name": "sentry/sentry",
+            "version": "4.28.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/getsentry/sentry-php.git",
+                "reference": "662cb7a01a342a7f33780fc955ff4a028d8b785a"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/getsentry/sentry-php/zipball/662cb7a01a342a7f33780fc955ff4a028d8b785a",
+                "reference": "662cb7a01a342a7f33780fc955ff4a028d8b785a",
+                "shasum": ""
+            },
+            "require": {
+                "ext-curl": "*",
+                "ext-json": "*",
+                "ext-mbstring": "*",
+                "guzzlehttp/psr7": "^1.8.4|^2.1.1",
+                "jean85/pretty-package-versions": "^1.5|^2.0.4",
+                "php": "^7.2|^8.0",
+                "psr/log": "^1.0|^2.0|^3.0",
+                "symfony/options-resolver": "^4.4.30|^5.0.11|^6.0|^7.0|^8.0"
+            },
+            "conflict": {
+                "raven/raven": "*"
+            },
+            "require-dev": {
+                "carthage-software/mago": "1.30.0",
+                "friendsofphp/php-cs-fixer": "^3.4",
+                "guzzlehttp/promises": "^2.0.3",
+                "monolog/monolog": "^1.6|^2.0|^3.0",
+                "nyholm/psr7": "^1.8",
+                "open-telemetry/api": "^1.0",
+                "open-telemetry/exporter-otlp": "^1.0",
+                "open-telemetry/sdk": "^1.0",
+                "phpstan/phpstan": "^1.3",
+                "phpunit/phpunit": "^8.5.52|^9.6.34",
+                "spiral/roadrunner-http": "^3.6",
+                "spiral/roadrunner-worker": "^3.6"
+            },
+            "suggest": {
+                "ext-excimer": "Enable Sentry profiling with the Excimer PHP extension.",
+                "monolog/monolog": "Allow sending log messages to Sentry by using the included Monolog handler."
+            },
+            "type": "library",
+            "autoload": {
+                "files": [
+                    "src/functions.php"
+                ],
+                "psr-4": {
+                    "Sentry\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Sentry",
+                    "email": "accounts@sentry.io"
+                }
+            ],
+            "description": "PHP SDK for Sentry (http://sentry.io)",
+            "homepage": "http://sentry.io",
+            "keywords": [
+                "crash-reporting",
+                "crash-reports",
+                "error-handler",
+                "error-monitoring",
+                "log",
+                "logging",
+                "profiling",
+                "sentry",
+                "tracing"
+            ],
+            "support": {
+                "issues": "https://github.com/getsentry/sentry-php/issues",
+                "source": "https://github.com/getsentry/sentry-php/tree/4.28.0"
+            },
+            "funding": [
+                {
+                    "url": "https://sentry.io/",
+                    "type": "custom"
+                },
+                {
+                    "url": "https://sentry.io/pricing/",
+                    "type": "custom"
+                }
+            ],
+            "time": "2026-06-11T12:22:38+00:00"
+        },
+        {
+            "name": "sentry/sentry-symfony",
+            "version": "5.10.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/getsentry/sentry-symfony.git",
+                "reference": "6f49255f4cdcfc43a3a283bd3a1f65d483e9192f"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/getsentry/sentry-symfony/zipball/6f49255f4cdcfc43a3a283bd3a1f65d483e9192f",
+                "reference": "6f49255f4cdcfc43a3a283bd3a1f65d483e9192f",
+                "shasum": ""
+            },
+            "require": {
+                "guzzlehttp/psr7": "^2.1.1",
+                "jean85/pretty-package-versions": "^1.5||^2.0",
+                "php": "^7.2||^8.0",
+                "sentry/sentry": "^4.23.0",
+                "symfony/cache-contracts": "^1.1||^2.4||^3.0",
+                "symfony/config": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/console": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/dependency-injection": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/event-dispatcher": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/http-kernel": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/polyfill-php80": "^1.22",
+                "symfony/psr-http-message-bridge": "^1.2||^2.0||^6.4||^7.0||^8.0",
+                "symfony/yaml": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0"
+            },
+            "require-dev": {
+                "doctrine/dbal": "^2.13||^3.3||^4.0",
+                "doctrine/doctrine-bundle": "^2.6||^3.0",
+                "friendsofphp/php-cs-fixer": "^2.19||^3.40",
+                "masterminds/html5": "^2.8",
+                "phpstan/extension-installer": "^1.0",
+                "phpstan/phpstan": "1.12.5",
+                "phpstan/phpstan-phpunit": "1.4.0",
+                "phpstan/phpstan-symfony": "1.4.10",
+                "phpunit/phpunit": "^8.5.40||^9.6.21",
+                "symfony/browser-kit": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/cache": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/dom-crawler": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/framework-bundle": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/http-client": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/messenger": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/monolog-bundle": "^3.4||^4.0",
+                "symfony/phpunit-bridge": "^5.2.6||^6.0||^7.0||^8.0",
+                "symfony/process": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/security-core": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/security-http": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "symfony/twig-bundle": "^4.4.20||^5.0.11||^6.0||^7.0||^8.0",
+                "vimeo/psalm": "^4.3||^5.16.0"
+            },
+            "suggest": {
+                "doctrine/doctrine-bundle": "Allow distributed tracing of database queries using Sentry.",
+                "monolog/monolog": "Allow sending log messages to Sentry by using the included Monolog handler.",
+                "symfony/cache": "Allow distributed tracing of cache pools using Sentry.",
+                "symfony/twig-bundle": "Allow distributed tracing of Twig template rendering using Sentry."
+            },
+            "type": "symfony-bundle",
+            "autoload": {
+                "files": [
+                    "src/aliases.php"
+                ],
+                "psr-4": {
+                    "Sentry\\SentryBundle\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Sentry",
+                    "email": "accounts@sentry.io"
+                }
+            ],
+            "description": "Symfony integration for Sentry (http://getsentry.com)",
+            "homepage": "http://getsentry.com",
+            "keywords": [
+                "errors",
+                "logging",
+                "sentry",
+                "symfony"
+            ],
+            "support": {
+                "issues": "https://github.com/getsentry/sentry-symfony/issues",
+                "source": "https://github.com/getsentry/sentry-symfony/tree/5.10.0"
+            },
+            "funding": [
+                {
+                    "url": "https://sentry.io/",
+                    "type": "custom"
+                },
+                {
+                    "url": "https://sentry.io/pricing/",
+                    "type": "custom"
+                }
+            ],
+            "time": "2026-04-01T14:50:32+00:00"
+        },
         {
             "name": "symfony/asset",
             "version": "v8.0.6",
diff --git a/config/bundles.php b/config/bundles.php
index 3bbe71a..a5c0576 100644
--- a/config/bundles.php
+++ b/config/bundles.php
@@ -8,6 +8,7 @@ use Doctrine\Bundle\FixturesBundle\DoctrineFixturesBundle;
 use Doctrine\Bundle\MigrationsBundle\DoctrineMigrationsBundle;
 use Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle;
 use Nelmio\CorsBundle\NelmioCorsBundle;
+use Sentry\SentryBundle\SentryBundle;
 use Symfony\AI\McpBundle\McpBundle;
 use Symfony\Bundle\FrameworkBundle\FrameworkBundle;
 use Symfony\Bundle\MonologBundle\MonologBundle;
@@ -24,4 +25,5 @@ return [
     LexikJWTAuthenticationBundle::class => ['all' => true],
     McpBundle::class                    => ['all' => true],
     MonologBundle::class                => ['all' => true],
+    SentryBundle::class                 => ['prod' => true],
 ];
diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 24cb6de..fdfe255 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -22,6 +22,7 @@ security:
             pattern: ^/login_check
             stateless: true
             provider: app_user_provider
+            user_checker: App\Module\Core\Infrastructure\Security\ArchivedUserChecker
             login_throttling:
                 max_attempts: 5
                 interval: '1 minute'
@@ -41,6 +42,7 @@ security:
             pattern: ^/api
             stateless: true
             provider: app_user_provider
+            user_checker: App\Module\Core\Infrastructure\Security\ArchivedUserChecker
             jwt: ~
             logout:
                 path: /api/logout
diff --git a/config/packages/sentry.yaml b/config/packages/sentry.yaml
new file mode 100644
index 0000000..cbc4938
--- /dev/null
+++ b/config/packages/sentry.yaml
@@ -0,0 +1,23 @@
+# Error tracking → GlitchTip (compatible SDK Sentry).
+# Actif uniquement en prod (bundle enregistre seulement pour prod dans bundles.php).
+# Si SENTRY_DSN est vide/non defini, le SDK est inerte (rien n'est envoye).
+when@prod:
+    parameters:
+        # Valeur par defaut : DSN vide => Sentry desactive tant qu'il n'est pas fourni.
+        env(SENTRY_DSN): ''
+
+    sentry:
+        dsn: '%env(SENTRY_DSN)%'
+        # Capture les exceptions levees par le kernel (comportement par defaut).
+        register_error_listener: true
+        register_error_handler: true
+        options:
+            environment: '%env(APP_ENV)%'
+            release: '%app.version%'
+            # Pas d'APM/tracing (DuckDB hors perimetre du ticket #146).
+            traces_sample_rate: 0.0
+            # Ne pas remonter les 4xx HTTP comme des erreurs (bruit).
+            ignore_exceptions:
+                - Symfony\Component\HttpKernel\Exception\NotFoundHttpException
+                - Symfony\Component\HttpKernel\Exception\MethodNotAllowedHttpException
+                - Symfony\Component\Security\Core\Exception\AccessDeniedException
diff --git a/config/reference.php b/config/reference.php
index 145877b..8733dbe 100644
--- a/config/reference.php
+++ b/config/reference.php
@@ -1752,6 +1752,90 @@ use Symfony\Component\Config\Loader\ParamConfigurator as Param;
  *         },
  *     }>,
  * }
+ * @psalm-type SentryConfig = array{
+ *     dsn?: scalar|Param|null, // If this value is not provided, the SDK will try to read it from the SENTRY_DSN environment variable. If that variable also does not exist, the SDK will not send any events.
+ *     register_error_listener?: bool|Param, // Default: true
+ *     register_error_handler?: bool|Param, // Default: true
+ *     logger?: scalar|Param|null, // The service ID of the PSR-3 logger used to log messages coming from the SDK client. Be aware that setting the same logger of the application may create a circular loop when an event fails to be sent. // Default: null
+ *     options?: array{
+ *         integrations?: mixed, // Default: []
+ *         default_integrations?: bool|Param,
+ *         prefixes?: list<scalar|Param|null>,
+ *         sample_rate?: float|Param, // The sampling factor to apply to events. A value of 0 will deny sending any event, and a value of 1 will send all events.
+ *         enable_tracing?: bool|Param,
+ *         traces_sample_rate?: float|Param, // The sampling factor to apply to transactions. A value of 0 will deny sending any transaction, and a value of 1 will send all transactions.
+ *         traces_sampler?: scalar|Param|null,
+ *         profiles_sample_rate?: float|Param, // The sampling factor to apply to profiles. A value of 0 will deny sending any profiles, and a value of 1 will send all profiles. Profiles are sampled in relation to traces_sample_rate
+ *         enable_logs?: bool|Param,
+ *         log_flush_threshold?: mixed, // Default: null
+ *         enable_metrics?: bool|Param, // Default: true
+ *         attach_stacktrace?: bool|Param,
+ *         attach_metric_code_locations?: bool|Param,
+ *         context_lines?: int|Param,
+ *         environment?: scalar|Param|null, // Default: "%kernel.environment%"
+ *         logger?: scalar|Param|null,
+ *         spotlight?: bool|Param,
+ *         spotlight_url?: scalar|Param|null,
+ *         release?: scalar|Param|null, // Default: "%env(default::SENTRY_RELEASE)%"
+ *         org_id?: int|Param,
+ *         server_name?: scalar|Param|null,
+ *         ignore_exceptions?: list<scalar|Param|null>,
+ *         ignore_transactions?: list<scalar|Param|null>,
+ *         before_send?: scalar|Param|null,
+ *         before_send_transaction?: scalar|Param|null,
+ *         before_send_check_in?: scalar|Param|null,
+ *         before_send_metrics?: scalar|Param|null,
+ *         before_send_log?: scalar|Param|null,
+ *         before_send_metric?: scalar|Param|null,
+ *         trace_propagation_targets?: mixed,
+ *         strict_trace_continuation?: bool|Param,
+ *         tags?: array<string, scalar|Param|null>,
+ *         error_types?: scalar|Param|null,
+ *         max_breadcrumbs?: int|Param,
+ *         before_breadcrumb?: mixed,
+ *         in_app_exclude?: list<scalar|Param|null>,
+ *         in_app_include?: list<scalar|Param|null>,
+ *         send_default_pii?: bool|Param,
+ *         max_value_length?: int|Param,
+ *         transport?: scalar|Param|null,
+ *         http_client?: scalar|Param|null,
+ *         http_proxy?: scalar|Param|null,
+ *         http_proxy_authentication?: scalar|Param|null,
+ *         http_connect_timeout?: float|Param, // The maximum number of seconds to wait while trying to connect to a server. It works only when using the default transport.
+ *         http_timeout?: float|Param, // The maximum execution time for the request+response as a whole. It works only when using the default transport.
+ *         http_ssl_verify_peer?: bool|Param,
+ *         http_compression?: bool|Param,
+ *         capture_silenced_errors?: bool|Param,
+ *         max_request_body_size?: "none"|"never"|"small"|"medium"|"always"|Param,
+ *         class_serializers?: array<string, scalar|Param|null>,
+ *     },
+ *     messenger?: bool|array{
+ *         enabled?: bool|Param, // Default: true
+ *         capture_soft_fails?: bool|Param, // Default: true
+ *         isolate_breadcrumbs_by_message?: bool|Param, // Default: false
+ *         isolate_context_by_message?: bool|Param, // Default: false
+ *     },
+ *     tracing?: bool|array{
+ *         enabled?: bool|Param, // Default: true
+ *         dbal?: bool|array{
+ *             enabled?: bool|Param, // Default: true
+ *             ignore_prepare_spans?: bool|Param, // Default: false
+ *             connections?: list<scalar|Param|null>,
+ *         },
+ *         twig?: bool|array{
+ *             enabled?: bool|Param, // Default: false
+ *         },
+ *         cache?: bool|array{
+ *             enabled?: bool|Param, // Default: true
+ *         },
+ *         http_client?: bool|array{
+ *             enabled?: bool|Param, // Default: true
+ *         },
+ *         console?: array{
+ *             excluded_commands?: list<scalar|Param|null>,
+ *         },
+ *     },
+ * }
  * @psalm-type ConfigType = array{
  *     imports?: ImportsConfig,
  *     parameters?: ParametersConfig,
@@ -1792,6 +1876,7 @@ use Symfony\Component\Config\Loader\ParamConfigurator as Param;
  *         lexik_jwt_authentication?: LexikJwtAuthenticationConfig,
  *         mcp?: McpConfig,
  *         monolog?: MonologConfig,
+ *         sentry?: SentryConfig,
  *     },
  *     "when@test"?: array{
  *         imports?: ImportsConfig,
diff --git a/config/sidebar.php b/config/sidebar.php
index b4761d4..75e1312 100644
--- a/config/sidebar.php
+++ b/config/sidebar.php
@@ -26,7 +26,14 @@ return [
             ['label' => 'sidebar.general.myTasks', 'to' => '/my-tasks', 'icon' => 'mdi:clipboard-check-outline', 'module' => 'project-management', 'permission' => 'project-management.tasks.view'],
             ['label' => 'sidebar.general.projects', 'to' => '/projects', 'icon' => 'mdi:folder-outline', 'module' => 'project-management', 'permission' => 'project-management.projects.view'],
             ['label' => 'sidebar.general.timeTracking', 'to' => '/time-tracking', 'icon' => 'mdi:calendar-edit-outline', 'module' => 'time-tracking', 'permission' => 'time-tracking.entries.view'],
-            // Gating module uniquement (cf. en-tête) : rendu visuel + badge gérés côté layout.
+        ],
+    ],
+    [
+        'label' => 'sidebar.tools.section',
+        'icon'  => 'mdi:tools',
+        'items' => [
+            // Gating module uniquement : rendu visuel + badge non-lus gérés côté layout
+            // (filtré de translatedSections puis ré-injecté avec suffixe (N)).
             ['label' => 'sidebar.general.mail', 'to' => '/mail', 'icon' => 'mdi:email-outline', 'module' => 'mail'],
         ],
     ],
@@ -37,8 +44,8 @@ return [
         'items' => [
             ['label' => 'sidebar.admin.teamAbsences', 'to' => '/team-absences', 'icon' => 'mdi:calendar-account-outline', 'module' => 'absence'],
             ['label' => 'sidebar.admin.directory', 'to' => '/directory', 'icon' => 'mdi:card-account-details-outline', 'module' => 'directory'],
-            ['label' => 'sidebar.admin.administration', 'to' => '/admin', 'icon' => 'mdi:cog-outline', 'permission' => 'core.users.view'],
             ['label' => 'sidebar.admin.reporting', 'to' => '/reporting', 'icon' => 'mdi:chart-line', 'module' => 'reporting', 'permission' => 'reporting.view'],
+            ['label' => 'sidebar.admin.administration', 'to' => '/admin', 'icon' => 'mdi:cog-outline', 'permission' => 'core.users.view'],
         ],
     ],
 ];
diff --git a/config/version.yaml b/config/version.yaml
index 350bb88..1644873 100644
--- a/config/version.yaml
+++ b/config/version.yaml
@@ -1,2 +1,2 @@
 parameters:
-    app.version: '0.4.38'
+    app.version: '0.4.45'
diff --git a/docs/superpowers/plans/2026-06-25-malio-sidebar-migration.md b/docs/superpowers/plans/2026-06-25-malio-sidebar-migration.md
new file mode 100644
index 0000000..fcb0ada
--- /dev/null
+++ b/docs/superpowers/plans/2026-06-25-malio-sidebar-migration.md
@@ -0,0 +1,484 @@
+# Migration sidebar vers MalioSidebar — Implementation Plan
+
+> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
+
+**Goal:** Remplacer la sidebar maison de Lesstime par le composant `MalioSidebar` de `@malio/layer-ui`, en 3 groupes (Général / Outils / Administration), avec timer + version dans le footer et le logo Malio de Starseed.
+
+**Architecture:** Modèle backend-driven conservé — `config/sidebar.php` filtré par `SidebarProvider` (permissions/rôles/modules côté serveur), exposé via `/api/sidebar`, consommé par `useSidebar()`. Le layout `default.vue` mappe ces sections vers le format `MalioSidebar` et fusionne les items contextuels rendus côté client (Kanban/Groupes/Archives, Documents, Mail+badge, Mes absences).
+
+**Tech Stack:** Nuxt 4 (SPA), Vue 3 `<script setup>` TS, Pinia, `@malio/layer-ui` ^1.7.16, i18n (@nuxtjs/i18n), Symfony 8 / API Platform 4 (backend config PHP).
+
+## Global Constraints
+
+- **Ne jamais modifier `@malio/layer-ui`** (lib externe). Source de référence en lecture seule : `frontend/node_modules/@malio/layer-ui/app/components/malio/sidebar/Sidebar.vue`.
+- `MalioSidebar` : props `sections` (requis), `modelValue` (v-model collapse bool), `sidebarClass`, `toggleClass`. Item = `{ label: string; to: string; exact?: boolean }` (pas d'icône ni de badge par item). Section = `{ label?: string; icon?: string; items: SidebarItem[] }`. Slots : `#logo`, `#logo-collapsed`, `#footer`, `#footer-collapsed`.
+- **TypeScript strict** ; indentation **4 espaces** (frontend).
+- Backend : `declare(strict_types=1)` en tête des fichiers PHP.
+- Commits format projet : `type(scope) : message` (espaces autour du `:`), types autorisés minuscules (`feat`, `fix`, `refactor`, `chore`, …). **Ne committer que sur demande de l'utilisateur** (règle CLAUDE.md). Travailler sur une branche dédiée (pas directement sur `develop`).
+- **Pas de runner de test frontend** dans ce projet → vérification par `npm run build` (Nuxt, échoue sur erreur TS/template) + **QA manuelle navigateur** (`make dev-nuxt`, port 3002). Ne PAS introduire de framework de test (hors scope).
+- Décisions validées : 3 groupes ; badge mail = **suffixe `(N)`** sur le label.
+
+## File Structure
+
+- `config/sidebar.php` — **Modify** : re-catégorisation en 3 sections.
+- `frontend/i18n/locales/fr.json` — **Modify** : clés de sections/items.
+- `frontend/i18n/locales/*.json` (autres langues présentes) — **Modify si existantes** : mêmes clés.
+- `frontend/public/LOGO_MALIO.png` — **Create** (copie Starseed).
+- `frontend/public/LOGO_MALIO_COLLAPSED.png` — **Create** (copie Starseed).
+- `frontend/app/layouts/default.vue` — **Modify** : réécriture du template sidebar + logique `mergedSections`.
+- `frontend/components/ui/SidebarLink.vue` — **Possible delete** (si plus aucun usage après migration).
+
+---
+
+## Task 0 : Branche de travail
+
+**Files:** aucun (git).
+
+- [ ] **Step 1 : Créer la branche depuis `develop`**
+
+```bash
+cd /home/m-tristan/workspace/Lesstime
+git checkout develop && git pull --ff-only
+git checkout -b feat/malio-sidebar
+```
+
+Expected : sur la branche `feat/malio-sidebar`.
+
+---
+
+## Task 1 : Backend — re-catégorisation `config/sidebar.php` + i18n
+
+**Files:**
+- Modify: `config/sidebar.php`
+- Modify: `frontend/i18n/locales/fr.json`
+- Modify: autres `frontend/i18n/locales/*.json` si présentes (mêmes clés)
+
+**Interfaces:**
+- Produces : `/api/sidebar` renvoie des sections dont les `label` sont les clés `sidebar.general.section`, `sidebar.tools.section`, `sidebar.admin.section`. Items inchangés en `to` ; gates (`module`/`roles`/`permission`) inchangés, juste réorganisés.
+
+- [ ] **Step 1 : Réécrire `config/sidebar.php` en 3 sections**
+
+Remplacer le `return [...]` (lignes 20-44) par :
+
+```php
+return [
+    [
+        'label' => 'sidebar.general.section',
+        'icon'  => 'mdi:view-dashboard-outline',
+        'items' => [
+            ['label' => 'sidebar.general.dashboard', 'to' => '/', 'icon' => 'mdi:view-dashboard-outline'],
+            ['label' => 'sidebar.general.myTasks', 'to' => '/my-tasks', 'icon' => 'mdi:clipboard-check-outline', 'module' => 'project-management', 'permission' => 'project-management.tasks.view'],
+            ['label' => 'sidebar.general.projects', 'to' => '/projects', 'icon' => 'mdi:folder-outline', 'module' => 'project-management', 'permission' => 'project-management.projects.view'],
+            ['label' => 'sidebar.general.timeTracking', 'to' => '/time-tracking', 'icon' => 'mdi:calendar-edit-outline', 'module' => 'time-tracking', 'permission' => 'time-tracking.entries.view'],
+        ],
+    ],
+    [
+        'label' => 'sidebar.tools.section',
+        'icon'  => 'mdi:tools',
+        'items' => [
+            // Gating module uniquement : rendu visuel + badge non-lus gérés côté layout
+            // (filtré de translatedSections puis ré-injecté avec suffixe (N)).
+            ['label' => 'sidebar.general.mail', 'to' => '/mail', 'icon' => 'mdi:email-outline', 'module' => 'mail'],
+        ],
+    ],
+    [
+        'label' => 'sidebar.admin.section',
+        'icon'  => 'mdi:cog-outline',
+        'roles' => ['ROLE_ADMIN'],
+        'items' => [
+            ['label' => 'sidebar.admin.teamAbsences', 'to' => '/team-absences', 'icon' => 'mdi:calendar-account-outline', 'module' => 'absence'],
+            ['label' => 'sidebar.admin.directory', 'to' => '/directory', 'icon' => 'mdi:card-account-details-outline', 'module' => 'directory'],
+            ['label' => 'sidebar.admin.reporting', 'to' => '/reporting', 'icon' => 'mdi:chart-line', 'module' => 'reporting', 'permission' => 'reporting.view'],
+            ['label' => 'sidebar.admin.administration', 'to' => '/admin', 'icon' => 'mdi:cog-outline', 'permission' => 'core.users.view'],
+        ],
+    ],
+];
+```
+
+> Mettre aussi à jour le commentaire d'en-tête si nécessaire (le bloc décrivant Mail/contextuels reste valable).
+
+- [ ] **Step 2 : Mettre à jour les clés i18n FR**
+
+Dans `frontend/i18n/locales/fr.json`, bloc `sidebar` :
+- `sidebar.general.section` : remplacer la valeur par `"Général"`.
+- Ajouter `sidebar.tools.section` : `"Outils"`.
+- Conserver `sidebar.general.dashboard|myTasks|projects|timeTracking|mail` et `sidebar.admin.*`.
+- Ajouter les clés pour items client (utilisées en Task 3) :
+  - `sidebar.general.myAbsences` : `"Mes absences"`
+  - `sidebar.project.kanban` : `"Kanban"`
+  - `sidebar.project.groups` : `"Groupes"`
+  - `sidebar.project.archives` : `"Archives"`
+
+Résultat attendu du bloc (extrait) :
+
+```json
+"sidebar": {
+  "general": {
+    "section": "Général",
+    "dashboard": "Tableau de bord",
+    "myTasks": "Mes tâches",
+    "projects": "Projets",
+    "timeTracking": "Suivi de temps",
+    "mail": "Messagerie",
+    "myAbsences": "Mes absences"
+  },
+  "tools": {
+    "section": "Outils"
+  },
+  "project": {
+    "kanban": "Kanban",
+    "groups": "Groupes",
+    "archives": "Archives"
+  },
+  "admin": {
+    "section": "Administration",
+    "teamAbsences": "Absences équipe",
+    "directory": "Répertoire",
+    "administration": "Administration",
+    "reporting": "Rapports"
+  }
+}
+```
+
+- [ ] **Step 3 : Répliquer les clés dans les autres locales si présentes**
+
+```bash
+ls /home/m-tristan/workspace/Lesstime/frontend/i18n/locales/
+```
+
+Pour chaque fichier autre que `fr.json`, ajouter `tools.section`, `general.myAbsences`, `project.kanban|groups|archives` et ajuster `general.section`. S'il n'existe que `fr.json`, ne rien faire de plus.
+
+- [ ] **Step 4 : Vérifier `/api/sidebar` (admin)**
+
+```bash
+docker exec -i php-lesstime-fpm php -r 'var_dump(require "/var/www/config/sidebar.php");' | head -5
+```
+
+Expected : le fichier PHP se parse sans erreur (3 entrées de premier niveau). (Le chemin exact dans le container peut différer — sinon, vérifier via `make cache-clear` qui échouerait sur une erreur de syntaxe PHP.)
+
+```bash
+make cache-clear
+```
+
+Expected : succès, pas d'erreur de parse.
+
+- [ ] **Step 5 : Commit (sur demande utilisateur)**
+
+```bash
+git add config/sidebar.php frontend/i18n/locales/
+git commit -m "refactor(sidebar) : re-catégorisation en 3 groupes (Général / Outils / Administration)"
+```
+
+---
+
+## Task 2 : Frontend — assets logo
+
+**Files:**
+- Create: `frontend/public/LOGO_MALIO.png`
+- Create: `frontend/public/LOGO_MALIO_COLLAPSED.png`
+
+**Interfaces:**
+- Produces : assets statiques servis à `/LOGO_MALIO.png` et `/LOGO_MALIO_COLLAPSED.png`.
+
+- [ ] **Step 1 : Copier les logos depuis Starseed**
+
+```bash
+cp /home/m-tristan/workspace/Starseed/frontend/public/LOGO_MALIO.png \
+   /home/m-tristan/workspace/Lesstime/frontend/public/LOGO_MALIO.png
+cp /home/m-tristan/workspace/Starseed/frontend/public/LOGO_MALIO_COLLAPSED.png \
+   /home/m-tristan/workspace/Lesstime/frontend/public/LOGO_MALIO_COLLAPSED.png
+```
+
+- [ ] **Step 2 : Vérifier**
+
+```bash
+ls -la /home/m-tristan/workspace/Lesstime/frontend/public/LOGO_MALIO*.png
+```
+
+Expected : deux fichiers présents (~5.8K et ~2.2K).
+
+- [ ] **Step 3 : Commit (sur demande utilisateur)**
+
+```bash
+git add frontend/public/LOGO_MALIO.png frontend/public/LOGO_MALIO_COLLAPSED.png
+git commit -m "chore(sidebar) : ajout des logos Malio (déplié / replié)"
+```
+
+---
+
+## Task 3 : Frontend — migration du layout vers `MalioSidebar`
+
+**Files:**
+- Modify: `frontend/app/layouts/default.vue`
+
+**Interfaces:**
+- Consumes : `useSidebar().sections` (clés i18n des Task 1), `useUiStore().sidebarCollapsed`, `SidebarTimer` (`:collapsed`), `useAppVersion().version`, `useMailStore().globalUnreadCount`, `useShareStatus()`, `auth.user.isEmployee`, `auth.user.roles`, `useI18n().t`.
+- Produces : layout rendant `<MalioSidebar>`.
+
+> Ce task est une réécriture cohérente d'un seul fichier : la sidebar doit rester fonctionnelle (toutes features préservées) à la fin du task. On ne committe pas d'état intermédiaire cassé.
+
+- [ ] **Step 1 : Remplacer le bloc `<aside>…</aside>` (lignes 13-104) par `<MalioSidebar>`**
+
+Nouveau template de la zone sidebar (remplace l'overlay mobile lignes 5-11 **et** l'`<aside>`) :
+
+```vue
+            <MalioSidebar
+                v-model="ui.sidebarCollapsed"
+                :sections="mergedSections"
+                :sidebar-class="ui.sidebarCollapsed ? '' : 'w-[232px]'"
+            >
+                <template #logo>
+                    <img src="/LOGO_MALIO.png" alt="Malio"/>
+                </template>
+                <template #logo-collapsed>
+                    <img src="/LOGO_MALIO_COLLAPSED.png" alt="Malio"/>
+                </template>
+                <template #footer>
+                    <div class="flex flex-col gap-2">
+                        <SidebarTimer :collapsed="false" />
+                        <p v-if="version" class="text-center text-sm font-bold">v {{ version }}</p>
+                    </div>
+                </template>
+                <template #footer-collapsed>
+                    <SidebarTimer :collapsed="true" />
+                </template>
+            </MalioSidebar>
+```
+
+Le bloc `<div class="h-full flex-1 …">` (AppTopNav + `<main>` + `<slot/>`) et le `<TimeEntryDrawer>` restent **inchangés**.
+
+- [ ] **Step 2 : Remplacer la logique `translatedSections` par `mergedSections` dans le `<script setup>`**
+
+Supprimer le computed `translatedSections` (lignes 144-156) et le remplacer par :
+
+```ts
+type MalioItem = { label: string; to: string; exact?: boolean }
+type MalioSection = { label: string; icon: string; items: MalioItem[] }
+
+// Ordre d'affichage canonique des sections.
+const SECTION_ORDER = [
+    'sidebar.general.section',
+    'sidebar.tools.section',
+    'sidebar.admin.section',
+] as const
+
+// Icônes de secours pour les sections créées côté client (absentes du backend,
+// ex. module mail off mais partage actif → section Outils à recréer).
+const SECTION_ICON: Record<string, string> = {
+    'sidebar.general.section': 'mdi:view-dashboard-outline',
+    'sidebar.tools.section': 'mdi:tools',
+    'sidebar.admin.section': 'mdi:cog-outline',
+}
+
+// Items rendus côté client (dépendent d'un état runtime ignoré du backend).
+function clientItemsFor(key: string): MalioItem[] {
+    if (key === 'sidebar.general.section') {
+        const items: MalioItem[] = []
+        if (currentProjectId.value) {
+            const id = currentProjectId.value
+            items.push({ label: t('sidebar.project.kanban'), to: `/projects/${id}`, exact: true })
+            items.push({ label: t('sidebar.project.groups'), to: `/projects/${id}/groups` })
+            items.push({ label: t('sidebar.project.archives'), to: `/projects/${id}/archives` })
+        }
+        if (isEmployee.value) {
+            items.push({ label: t('sidebar.general.myAbsences'), to: '/absences' })
+        }
+        return items
+    }
+    if (key === 'sidebar.tools.section') {
+        const items: MalioItem[] = []
+        if (isMailVisible.value) {
+            const n = mailStore.globalUnreadCount
+            const suffix = n > 0 ? ` (${n > 99 ? '99+' : n})` : ''
+            items.push({ label: `${t('mail.sidebar.title')}${suffix}`, to: '/mail' })
+        }
+        if (isDocumentsVisible.value) {
+            items.push({ label: t('sharedFiles.sidebar.title'), to: '/documents' })
+        }
+        return items
+    }
+    return []
+}
+
+const mergedSections = computed<MalioSection[]>(() => {
+    // 1. Sections backend (déjà filtrées par permissions), mail retiré (ré-injecté côté client).
+    const backend = new Map<string, MalioSection>()
+    for (const section of sections.value) {
+        backend.set(section.label, {
+            label: t(section.label),
+            icon: section.icon,
+            items: section.items
+                .filter((item) => item.to !== '/mail')
+                .map((item) => ({ label: t(item.label), to: item.to })),
+        })
+    }
+
+    // 2. Fusion dans l'ordre canonique.
+    const result: MalioSection[] = []
+    for (const key of SECTION_ORDER) {
+        const base = backend.get(key)
+        const extra = clientItemsFor(key)
+        if (base) {
+            base.items.push(...extra)
+            if (base.items.length > 0) {
+                result.push(base)
+            }
+        } else if (extra.length > 0) {
+            result.push({ label: t(key), icon: SECTION_ICON[key], items: extra })
+        }
+    }
+
+    // 3. Garde-fou : toute section backend hors ordre canonique n'est pas perdue.
+    for (const [key, section] of backend) {
+        if (!(SECTION_ORDER as readonly string[]).includes(key) && section.items.length > 0) {
+            result.push(section)
+        }
+    }
+
+    return result
+})
+```
+
+> `isDocumentsVisible` existe déjà (ligne 166). `isMailVisible`, `isEmployee`, `currentProjectId`, `sections`, `mailStore`, `t`, `version`, `ui` sont déjà déclarés — ne pas les redéclarer.
+
+- [ ] **Step 3 : Nettoyer le `<script>` et les imports devenus inutiles**
+
+- Supprimer `sidebarIsCollapsed` (computed lignes 169-172) **si** plus utilisé après suppression de l'`<aside>` (l'était pour le rendu manuel). Vérifier qu'aucune autre référence ne subsiste :
+
+```bash
+grep -n "sidebarIsCollapsed" frontend/app/layouts/default.vue
+```
+
+S'il ne reste aucune occurrence hors déclaration, supprimer le computed.
+
+- Conserver `watch(() => route.path, () => { ui.closeMobileSidebar() })` (fermeture mobile sur navigation).
+- Vérifier que `SidebarLink` n'est plus référencé dans ce fichier (le composant Malio le remplace) :
+
+```bash
+grep -n "SidebarLink" frontend/app/layouts/default.vue
+```
+
+Expected : aucune occurrence.
+
+- [ ] **Step 4 : Build de vérification**
+
+```bash
+cd /home/m-tristan/workspace/Lesstime/frontend && npm run build
+```
+
+Expected : build Nuxt réussi, **aucune erreur TypeScript** ni de template. (Si `mergedSections`/types invalides, le build échoue ici.)
+
+- [ ] **Step 5 : QA manuelle (dev server)**
+
+```bash
+make dev-nuxt   # port 3002
+```
+
+Vérifier en **admin** (`admin`/`admin`) :
+- 3 groupes : Général, Outils, Administration.
+- Général : Tableau de bord, Mes tâches, Projets, Suivi de temps.
+- En ouvrant un projet (`/projects/<id>`) : Kanban/Groupes/Archives apparaissent dans Général ; Kanban actif uniquement sur la page kanban (exact).
+- Outils : Messagerie (+ `(N)` si non-lus), Documents (si partage activé).
+- Administration : Absences équipe, Répertoire, Rapports, Administration.
+- Footer : timer cliquable (start/stop) + `v <version>` ; en replié, le timer reste (icône) et la version disparaît.
+- Logo Malio déplié + replié (collapsed via toggle du composant).
+- Route active surlignée ; pas de doublon `/mail`.
+
+Vérifier en **utilisateur non-admin** (`alice`/`alice`) :
+- **Pas** de groupe Administration.
+- Items gated par permission absents si l'utilisateur n'a pas la permission.
+- Mes absences visible uniquement si `isEmployee`.
+
+- [ ] **Step 6 : Vérifier le comportement mobile (largeur < lg)**
+
+Réduire la fenêtre / activer le responsive devtools.
+- Vérifier l'ouverture/fermeture de la sidebar sur mobile.
+- Vérifier le bouton hamburger éventuel de `AppTopNav` :
+
+```bash
+grep -rn "openMobileSidebar\|sidebarOpen\|closeMobileSidebar" frontend/app/components/ frontend/components/ frontend/app/layouts/default.vue
+```
+
+- Si `MalioSidebar` gère le responsive et que l'overlay supprimé n'est plus nécessaire : OK.
+- Si l'ouverture mobile ne fonctionne plus (ex. AppTopNav appelait `openMobileSidebar` pour l'ancien overlay) : adapter **sans modifier la lib** — a minima conserver le repli/déploiement via `ui.sidebarCollapsed`, ou conserver un déclencheur. Documenter le choix retenu dans le commit.
+
+- [ ] **Step 7 : Commit (sur demande utilisateur)**
+
+```bash
+git add frontend/app/layouts/default.vue
+git commit -m "feat(sidebar) : migration du layout vers MalioSidebar (footer timer + version, logo Malio)"
+```
+
+---
+
+## Task 4 : Nettoyage des éléments obsolètes
+
+**Files:**
+- Possible delete: `frontend/components/ui/SidebarLink.vue`
+- Possible delete: anciens logos `frontend/public/malio.png`, `frontend/public/LOGO_CARRE.png`
+
+**Interfaces:** aucun (suppression sûre uniquement si zéro référence).
+
+- [ ] **Step 1 : Vérifier les usages restants de `SidebarLink`**
+
+```bash
+grep -rn "SidebarLink" /home/m-tristan/workspace/Lesstime/frontend --include="*.vue" --include="*.ts" | grep -v node_modules
+```
+
+- Si **aucune** occurrence : supprimer le fichier.
+
+```bash
+git rm frontend/components/ui/SidebarLink.vue
+```
+
+- Si encore référencé ailleurs : **ne pas supprimer**, laisser tel quel.
+
+- [ ] **Step 2 : Vérifier les usages des anciens logos**
+
+```bash
+grep -rn "malio.png\|LOGO_CARRE.png" /home/m-tristan/workspace/Lesstime/frontend --include="*.vue" --include="*.ts" --include="*.css" | grep -v node_modules
+```
+
+- Si **aucune** occurrence : supprimer les deux PNG.
+
+```bash
+git rm frontend/public/malio.png frontend/public/LOGO_CARRE.png
+```
+
+- Sinon : conserver.
+
+- [ ] **Step 3 : Build final**
+
+```bash
+cd /home/m-tristan/workspace/Lesstime/frontend && npm run build
+```
+
+Expected : build réussi.
+
+- [ ] **Step 4 : Commit (sur demande utilisateur)**
+
+```bash
+git add -A
+git commit -m "chore(sidebar) : suppression des composants/assets obsolètes de l'ancienne sidebar"
+```
+
+---
+
+## Self-Review (auteur du plan)
+
+**Spec coverage :**
+- Remplacement par MalioSidebar → Task 3 ✓
+- Permissions serveur préservées → Task 1 (gates inchangés) + Task 3 (mail filtré/ré-injecté, garde-fou sections) ✓
+- 3 groupes Général/Outils/Administration → Task 1 + Task 3 (ordre canonique) ✓
+- Footer timer + version → Task 3 Step 1 ✓
+- Logo Malio Starseed → Task 2 + Task 3 ✓
+- Items contextuels (Kanban/Groupes/Archives, Documents, Mes absences) → Task 3 `clientItemsFor` ✓
+- Badge mail = suffixe `(N)` → Task 3 `clientItemsFor` ✓
+- Mobile → Task 3 Step 6 ✓
+- Nettoyage → Task 4 ✓
+
+**Placeholder scan :** pas de TBD ; les branches conditionnelles de suppression (Task 4) et d'adaptation mobile (Task 3 Step 6) sont des décisions binaires basées sur un `grep`, pas des placeholders.
+
+**Type consistency :** `MalioItem`/`MalioSection` définis une fois (Task 3) et utilisés de façon cohérente ; `clientItemsFor`/`mergedSections`/`SECTION_ORDER`/`SECTION_ICON` cohérents. Items produits conformes au type attendu par `MalioSidebar` (`{label, to, exact?}`).
+
+**Réserve connue :** absence de runner de test FE → vérification par build + QA manuelle (assumé, conforme à l'état du repo).
diff --git a/docs/superpowers/specs/2026-06-25-malio-sidebar-migration-design.md b/docs/superpowers/specs/2026-06-25-malio-sidebar-migration-design.md
new file mode 100644
index 0000000..ffafef7
--- /dev/null
+++ b/docs/superpowers/specs/2026-06-25-malio-sidebar-migration-design.md
@@ -0,0 +1,200 @@
+# Migration de la sidebar vers `MalioSidebar` (@malio/layer-ui)
+
+**Date** : 2026-06-25
+**Statut** : Design validé
+**Scope** : Frontend (layout) + backend (config sidebar) + assets
+
+## Contexte
+
+La sidebar actuelle de Lesstime est un `<aside>` fait main dans
+`frontend/app/layouts/default.vue`, qui itère sur les sections renvoyées par
+`/api/sidebar` et rend chaque item via le composant maison `SidebarLink`. Le
+timer et la version sont empilés en bas du `<aside>`, le toggle collapse et
+l'overlay mobile sont gérés manuellement.
+
+La librairie `@malio/layer-ui` (mise à jour) fournit désormais un composant
+`MalioSidebar`. Le projet **Starseed** a déjà effectué cette migration sur une
+architecture identique (`config/sidebar.php` → `SidebarProvider` → composable
+`useSidebar` → layout). Cette spec applique la même migration à Lesstime, avec
+trois spécificités Lesstime : footer (timer + version), re-catégorisation des
+onglets, et plusieurs items contextuels rendus côté client.
+
+On **ne modifie pas** la lib `@malio/layer-ui` (règle CLAUDE.md).
+
+## Objectifs
+
+1. Remplacer le `<aside>` maison par `<MalioSidebar>`.
+2. Préserver le filtrage des permissions/rôles/modules **côté serveur**.
+3. Re-catégoriser la navigation en 3 groupes : **Général / Outils / Administration**.
+4. Mettre le timer et la version dans le **footer** du composant.
+5. Reprendre le **logo Malio** de Starseed.
+
+## Décisions validées
+
+- **Catégorisation** : 3 groupes (option B).
+- **Badge mail** : le compteur de non-lus devient un **suffixe sur le label**
+  (`Messagerie (3)`), faute de slot badge/icône par item dans `MalioSidebar`.
+
+## Contraintes du composant `MalioSidebar`
+
+Source : `frontend/node_modules/@malio/layer-ui/app/components/malio/sidebar/Sidebar.vue`.
+
+- **Props** : `sections` (requis), `modelValue` (v-model collapse, bool),
+  `id`, `sidebarClass`, `toggleClass`.
+- **Types** :
+  - `SidebarItem = { label: string; to: string; exact?: boolean }`
+  - `SidebarSection = { label?: string; icon?: string; items: SidebarItem[] }`
+- **Slots** : `#logo`, `#logo-collapsed`, `#footer`, `#footer-collapsed`.
+- **Events** : `update:modelValue(boolean)`.
+- **Item** : pas d'icône par item ni de badge — uniquement l'icône de section.
+  Route active = match exact ou par préfixe (`exact: true` pour exact strict).
+- Largeurs fixes : 232px (déplié) / 72px (replié). Toggle interne.
+
+### Conséquences (compromis assumés)
+
+- Perte de l'**icône par item** (design malioUI = texte + icône de section).
+  Starseed fonctionne ainsi.
+- Le **badge mail** ne peut pas être une pastille → suffixe `(N)` dans le label.
+
+## Architecture cible
+
+Modèle **backend-driven** conservé (sécurité serveur intacte). Le frontend
+mappe les sections renvoyées par `/api/sidebar` vers le format `MalioSidebar`
+et **fusionne** les items contextuels (qui dépendent d'un état runtime non
+connu du backend).
+
+### 1. Backend — `config/sidebar.php`
+
+Re-catégorisation en 3 sections (gates inchangés, juste réorganisés) :
+
+```
+GÉNÉRAL  (sidebar.general.section, icon mdi:view-dashboard-outline)
+  Tableau de bord   /              —
+  Mes tâches        /my-tasks      module project-management, perm tasks.view
+  Projets           /projects      module project-management, perm projects.view
+  Suivi de temps    /time-tracking module time-tracking,      perm entries.view
+
+OUTILS   (sidebar.tools.section, icon mdi:tools)
+  Messagerie        /mail          module mail
+                    (filtré du rendu backend côté front, ré-injecté avec badge)
+
+ADMINISTRATION (sidebar.admin.section, icon mdi:cog-outline, roles [ROLE_ADMIN])
+  Absences équipe   /team-absences module absence
+  Répertoire        /directory     module directory
+  Rapports          /reporting     module reporting, perm reporting.view
+  Administration    /admin         perm core.users.view
+```
+
+> `/mail` reste déclaré pour le gating module (`disabledRoutes`), mais est
+> filtré des sections rendues et ré-injecté côté client avec son badge, comme
+> aujourd'hui.
+
+### 2. i18n — `frontend/i18n/locales/fr.json`
+
+- Renommer `sidebar.general.section` : « Gestion de projet » → « Général ».
+- Ajouter `sidebar.tools.section` : « Outils ».
+- Conserver les clés d'items existantes. Items client : réutiliser les clés
+  existantes quand elles existent (`sharedFiles.sidebar.title` pour Documents,
+  `mail.sidebar.title`/`sidebar.general.mail` pour Messagerie) ; ajouter une
+  clé pour « Mes absences » (aujourd'hui en dur) et pour les contextuels
+  (Kanban/Groupes/Archives, aujourd'hui en dur) si on souhaite les traduire,
+  sinon conserver les libellés en dur actuels.
+
+### 3. Frontend — `frontend/app/layouts/default.vue`
+
+Réécriture du template autour de `<MalioSidebar>` :
+
+```vue
+<MalioSidebar v-model="ui.sidebarCollapsed" :sections="mergedSections"
+              :sidebar-class="ui.sidebarCollapsed ? '' : 'w-[232px]'">
+  <template #logo>           <img src="/LOGO_MALIO.png" alt="Malio"/></template>
+  <template #logo-collapsed> <img src="/LOGO_MALIO_COLLAPSED.png" alt="Malio"/></template>
+  <template #footer>
+    <SidebarTimer :collapsed="false" />
+    <p class="font-bold">v {{ version }}</p>
+  </template>
+  <template #footer-collapsed>
+    <SidebarTimer :collapsed="true" />
+  </template>
+</MalioSidebar>
+```
+
+**Computed `mergedSections`** : construit les sections finales dans l'ordre
+canonique `[général, outils, administration]`.
+
+Logique de fusion :
+1. Partir des sections backend (déjà filtrées), mappées en
+   `{ label: t(label), icon, items: items.filter(to !== '/mail').map({label: t, to}) }`.
+2. Définir une table `clientItems` indexée par clé de section :
+   - `sidebar.general.section` → (si `currentProjectId`) Kanban (`exact`),
+     Groupes, Archives ; puis (si `isEmployee`) Mes absences.
+   - `sidebar.tools.section` → (si `isMailVisible`) Messagerie avec label
+     `Messagerie` + suffixe `(N)` quand `mailStore.globalUnreadCount > 0`
+     (`99+` au-delà) ; puis (si `shareEnabled`) Documents.
+3. Pour chaque section backend, **append** ses items client.
+4. Si une clé de `clientItems` produit des items mais que la section
+   correspondante n'est **pas** présente dans la réponse backend (ex. module
+   mail off mais partage on → pas de section « Outils » côté backend), **créer**
+   la section côté front (label + icône depuis une table locale).
+5. **Supprimer** les sections finales sans items.
+6. Trier selon l'ordre canonique des clés.
+
+Le reste du `<script>` (timer title watchers, `refData`/`TimeEntryDrawer`,
+polling mail, `ensureShareStatus`, `currentProjectId`, `isEmployee`,
+`isMailVisible`, `shareEnabled`) est **conservé tel quel**.
+
+### 4. Mobile
+
+Starseed a **supprimé l'overlay mobile custom** et ne garde que
+`watch(route) → ui.closeMobileSidebar()`. On s'aligne : suppression du markup
+overlay (`ui.sidebarOpen`, `.sidebar-overlay`) si `MalioSidebar` gère le
+responsive. **À vérifier à l'implémentation** : comportement mobile réel du
+composant ; si l'ouverture mobile n'est pas couverte, adapter a minima sans
+modifier la lib.
+
+### 5. Assets — logo
+
+Copier depuis Starseed vers `frontend/public/` :
+- `LOGO_MALIO.png` (128×44)
+- `LOGO_MALIO_COLLAPSED.png` (34×40)
+
+Les anciens `/malio.png` et `/LOGO_CARRE.png` ne sont plus référencés par le
+layout (les laisser ou les retirer si plus aucun usage — à vérifier).
+
+## Composants / éléments réutilisés
+
+- `SidebarTimer` (`components/ui/SidebarTimer.vue`) : inchangé, déjà piloté par
+  `:collapsed`.
+- `useAppVersion()` : inchangé.
+- `useSidebar()` : inchangé.
+- `usePermissions()` : inchangé (le filtrage permission reste backend ; les
+  flags client `isEmployee`/`isMailVisible`/`shareEnabled` restent locaux).
+
+## Éléments supprimés
+
+- Le `<aside>` manuel et son markup (logo, nav, toggle, overlay) dans
+  `default.vue`.
+- L'usage de `SidebarLink` dans le layout (le composant peut rester s'il est
+  utilisé ailleurs — à vérifier ; sinon suppression possible).
+
+## Critères d'acceptation
+
+1. La sidebar est rendue par `<MalioSidebar>`.
+2. 3 groupes : Général, Outils, Administration (Administration visible
+   uniquement pour `ROLE_ADMIN` / permissions, comme avant).
+3. Toutes les permissions/rôles/modules sont respectés à l'identique (aucune
+   régression de visibilité pour user/admin).
+4. Items contextuels présents : Kanban/Groupes/Archives (dans un projet),
+   Documents (partage activé), Mes absences (employé).
+5. Messagerie affiche `(N)` quand il y a des non-lus.
+6. Footer : timer fonctionnel + version (version masquée en replié).
+7. Logo Malio de Starseed affiché (déplié + replié).
+8. Collapse/expand et route active fonctionnent.
+9. Pas de doublon `/mail`. Pas de section vide affichée.
+10. Build Nuxt OK, pas d'erreur TS.
+
+## Hors scope
+
+- Refonte du `SiteSelector` (n'existe pas dans Lesstime).
+- Modification de la lib `@malio/layer-ui`.
+- Changement du modèle de permissions backend.
diff --git a/frontend/app/layouts/default.vue b/frontend/app/layouts/default.vue
index a7c1729..c07bf6f 100644
--- a/frontend/app/layouts/default.vue
+++ b/frontend/app/layouts/default.vue
@@ -1,112 +1,31 @@
 <template>
     <div class="h-screen overflow-hidden">
         <div class="flex h-full">
-            <!-- Mobile sidebar overlay -->
-            <Transition name="sidebar-overlay">
-                <div
-                    v-if="ui.sidebarOpen"
-                    class="fixed inset-0 z-40 bg-black/50 lg:hidden"
-                    @click="ui.closeMobileSidebar()"
-                />
-            </Transition>
-
-            <aside
-                class="fixed inset-y-0 left-0 z-50 flex h-full flex-shrink-0 flex-col border-r border-neutral-200 bg-tertiary-500 transition-transform duration-300 lg:static lg:z-auto lg:translate-x-0"
-                :class="[
-                    ui.sidebarCollapsed ? 'lg:w-16' : 'lg:w-64',
-                    ui.sidebarOpen ? 'w-64 translate-x-0' : '-translate-x-full',
-                ]"
+            <MalioSidebar
+                v-model="ui.sidebarCollapsed"
+                :sections="mergedSections"
+                :sidebar-class="ui.sidebarCollapsed ? '' : 'w-[232px]'"
             >
-                <div class="flex items-center overflow-hidden" :class="sidebarIsCollapsed ? 'justify-center p-3' : 'justify-between'">
-                    <img
-                        v-if="!sidebarIsCollapsed"
-                        src="/malio.png"
-                        alt="Logo"
-                        class="w-auto"
-                    />
-                    <img
-                        v-else
-                        src="/LOGO_CARRE.png"
-                        alt="Logo"
-                        class="w-[46px] h-[55px]"
-                    />
-                    <button
-                        class="mr-2 rounded-md p-2 text-neutral-500 hover:bg-neutral-200 hover:text-neutral-700 transition-colors lg:hidden"
-                        @click="ui.closeMobileSidebar()"
-                    >
-                        <Icon name="mdi:close" size="20" />
-                    </button>
-                </div>
-                <nav class="flex-1 overflow-hidden" :class="sidebarIsCollapsed ? 'px-1 pb-6' : 'px-4 pb-6'">
-                    <!-- Sections dynamiques (/api/sidebar) : navigation globale + sections gated par rôle -->
-                    <template v-for="(section, sIndex) in translatedSections" :key="section.label">
-                        <p v-if="!sidebarIsCollapsed" class="px-4 pt-5 pb-1 text-xs font-semibold uppercase tracking-wider text-neutral-400">
-                            {{ section.label }}
-                        </p>
-                        <div v-else class="mx-2 my-3 border-t border-secondary-500" />
-                        <SidebarLink
-                            v-for="item in section.items"
-                            :key="item.to"
-                            :to="item.to"
-                            :icon="item.icon"
-                            :label="item.label"
-                            :collapsed="sidebarIsCollapsed"
-                            @click="ui.closeMobileSidebar()"
-                        />
-
-                        <!-- Items conservés côté client, insérés après la 1re section (cf. décision 3) -->
-                        <template v-if="sIndex === 0">
-                            <!-- Contextuel projet -->
-                            <template v-if="currentProjectId">
-                                <SidebarLink :to="`/projects/${currentProjectId}`" icon="mdi:view-column-outline" label="Kanban" :collapsed="sidebarIsCollapsed" sub exact @click="ui.closeMobileSidebar()" />
-                                <SidebarLink :to="`/projects/${currentProjectId}/groups`" icon="mdi:tag-multiple-outline" label="Groupes" :collapsed="sidebarIsCollapsed" sub @click="ui.closeMobileSidebar()" />
-                                <SidebarLink :to="`/projects/${currentProjectId}/archives`" icon="mdi:archive-outline" label="Archives" :collapsed="sidebarIsCollapsed" sub @click="ui.closeMobileSidebar()" />
-                            </template>
-                            <!-- Feature-flag : Documents -->
-                            <SidebarLink v-if="isDocumentsVisible" to="/documents" icon="mdi:folder-network-outline" :label="$t('sharedFiles.sidebar.title')" :collapsed="sidebarIsCollapsed" @click="ui.closeMobileSidebar()" />
-                            <!-- Feature-flag : Mail + badge -->
-                            <div v-if="isMailVisible" class="relative">
-                                <SidebarLink to="/mail" icon="mdi:email-outline" :label="$t('mail.sidebar.title')" :collapsed="sidebarIsCollapsed" @click="ui.closeMobileSidebar()" />
-                                <span
-                                    v-if="mailStore.globalUnreadCount > 0"
-                                    class="pointer-events-none absolute right-3 top-1/2 flex h-5 min-w-5 -translate-y-1/2 items-center justify-center rounded-full bg-red-500 px-1 text-xs font-bold text-white"
-                                    :class="{ 'right-1 top-1 translate-y-0': sidebarIsCollapsed }"
-                                    :aria-label="`${mailStore.globalUnreadCount} messages non lus`"
-                                >
-                                    {{ mailStore.globalUnreadCount > 99 ? '99+' : mailStore.globalUnreadCount }}
-                                </span>
-                            </div>
-                            <!-- User-flag : Mes absences (isEmployee — non couvert par le gate rôle) -->
-                            <SidebarLink v-if="isEmployee" to="/absences" icon="mdi:umbrella-beach-outline" label="Mes absences" :collapsed="sidebarIsCollapsed" @click="ui.closeMobileSidebar()" />
-                        </template>
-                    </template>
-                </nav>
-
-                <div class="px-4 py-3">
-                    <SidebarTimer :collapsed="sidebarIsCollapsed" />
-                </div>
-
-                <div class="flex items-center justify-center p-4">
-                    <p v-if="!sidebarIsCollapsed" class="font-bold">v {{ version }}</p>
-                </div>
-
-                <!-- Collapse toggle button centered vertically on the sidebar edge -->
-                <button
-                    class="absolute top-1/2 -right-4 z-10 hidden h-8 w-8 -translate-y-1/2 items-center justify-center rounded-full border border-neutral-200 bg-white text-neutral-400 shadow-sm hover:text-neutral-700 transition-colors lg:flex"
-                    :title="ui.sidebarCollapsed ? 'Ouvrir le menu' : 'Réduire le menu'"
-                    @click="ui.toggleSidebar()"
-                >
-                    <Icon
-                        :name="ui.sidebarCollapsed ? 'mdi:chevron-right' : 'mdi:chevron-left'"
-                        size="18"
-                    />
-                </button>
-            </aside>
+                <template #logo>
+                    <img src="/LOGO_MALIO.png" alt="Malio"/>
+                </template>
+                <template #logo-collapsed>
+                    <img src="/LOGO_MALIO_COLLAPSED.png" alt="Malio"/>
+                </template>
+                <template #footer>
+                    <div class="flex flex-col gap-2">
+                        <SidebarTimer :collapsed="false" />
+                        <p v-if="version" class="text-center text-sm font-bold">v {{ version }}</p>
+                    </div>
+                </template>
+                <template #footer-collapsed>
+                    <SidebarTimer :collapsed="true" />
+                </template>
+            </MalioSidebar>
 
             <div class="h-full flex-1 flex flex-col min-h-0 min-w-0">
                 <AppTopNav :user="auth.user" />
-                <main class="flex flex-1 flex-col overflow-y-auto overflow-x-hidden bg-white px-4 pb-24 sm:px-8 lg:px-16">
-                    <div aria-hidden="true" class="pointer-events-none sticky top-0 z-30 h-8 flex-shrink-0 bg-white sm:h-12" />
+                <main class="flex flex-1 flex-col overflow-y-auto overflow-x-hidden bg-white px-4 pb-24 sm:px-6 lg:px-12 xl:px-11">
                     <slot/>
                 </main>
             </div>
@@ -139,23 +58,6 @@ const route = useRoute()
 const { t } = useI18n()
 const { sections } = useSidebar()
 
-// `/mail` est déclaré dans config/sidebar.php pour le gating module (disabledRoutes),
-// mais son rendu visuel + badge non-lus est géré manuellement ci-dessous (feature-flag Mail).
-// On le filtre des sections dynamiques pour éviter un doublon dans la nav.
-const translatedSections = computed(() =>
-    sections.value.map((section) => ({
-        label: t(section.label),
-        icon: section.icon,
-        items: section.items
-            .filter((item) => item.to !== '/mail')
-            .map((item) => ({
-                label: t(item.label),
-                to: item.to,
-                icon: item.icon,
-            })),
-    })),
-)
-
 const isEmployee = computed(() => Boolean(auth.user?.isEmployee))
 
 const isMailVisible = computed(() => {
@@ -166,22 +68,116 @@ const isMailVisible = computed(() => {
 const { enabled: shareEnabled, ensureLoaded: ensureShareStatus } = useShareStatus()
 const isDocumentsVisible = computed(() => shareEnabled.value === true)
 
-// On mobile, sidebar is always expanded (not collapsed icon mode)
-const sidebarIsCollapsed = computed(() => {
-    if (ui.sidebarOpen) return false
-    return ui.sidebarCollapsed
-})
-
-// Close mobile sidebar on route change
-watch(() => route.path, () => {
-    ui.closeMobileSidebar()
-})
-
 const currentProjectId = computed(() => {
     const match = route.path.match(/^\/projects\/(\d+)/)
     return match ? match[1] : null
 })
 
+type MalioItem = { label: string; to: string; exact?: boolean }
+type MalioSection = { label: string; icon: string; items: MalioItem[] }
+
+// Ordre d'affichage canonique des sections.
+const SECTION_ORDER = [
+    'sidebar.general.section',
+    'sidebar.tools.section',
+    'sidebar.admin.section',
+] as const
+
+// Icônes de secours pour les sections créées côté client (absentes du backend,
+// ex. module mail off mais partage actif → section Outils à recréer).
+const SECTION_ICON: Record<string, string> = {
+    'sidebar.general.section': 'mdi:view-dashboard-outline',
+    'sidebar.tools.section': 'mdi:tools',
+    'sidebar.admin.section': 'mdi:cog-outline',
+}
+
+// Item client avec ancre optionnelle : `after` = `to` de l'item après lequel l'insérer
+// (sinon ajouté en fin de section).
+type ClientItem = MalioItem & { after?: string }
+
+// Items rendus côté client (dépendent d'un état runtime ignoré du backend).
+function clientItemsFor(key: string): ClientItem[] {
+    if (key === 'sidebar.general.section') {
+        const items: ClientItem[] = []
+        if (currentProjectId.value) {
+            const id = currentProjectId.value
+            // Insérés juste sous « Projets », dans l'ordre via ancres chaînées.
+            items.push({ label: t('sidebar.project.kanban'), to: `/projects/${id}`, exact: true, after: '/projects' })
+            items.push({ label: t('sidebar.project.groups'), to: `/projects/${id}/groups`, after: `/projects/${id}` })
+            items.push({ label: t('sidebar.project.archives'), to: `/projects/${id}/archives`, after: `/projects/${id}/groups` })
+        }
+        if (isEmployee.value) {
+            items.push({ label: t('sidebar.general.myAbsences'), to: '/absences' })
+        }
+        return items
+    }
+    if (key === 'sidebar.tools.section') {
+        const items: ClientItem[] = []
+        if (isMailVisible.value) {
+            const n = mailStore.globalUnreadCount
+            const suffix = n > 0 ? ` (${n > 99 ? '99+' : n})` : ''
+            items.push({ label: `${t('mail.sidebar.title')}${suffix}`, to: '/mail' })
+        }
+        if (isDocumentsVisible.value) {
+            items.push({ label: t('sharedFiles.sidebar.title'), to: '/documents' })
+        }
+        return items
+    }
+    return []
+}
+
+// Insère les items client après leur ancre (`after`), sinon en fin de liste.
+function mergeClientItems(base: MalioItem[], extra: ClientItem[]): MalioItem[] {
+    const result = [...base]
+    for (const { after, ...item } of extra) {
+        const idx = after ? result.findIndex((i) => i.to === after) : -1
+        if (idx !== -1) {
+            result.splice(idx + 1, 0, item)
+        } else {
+            result.push(item)
+        }
+    }
+    return result
+}
+
+const mergedSections = computed<MalioSection[]>(() => {
+    // 1. Sections backend (déjà filtrées par permissions), mail retiré (ré-injecté côté client).
+    const backend = new Map<string, MalioSection>()
+    for (const section of sections.value) {
+        backend.set(section.label, {
+            label: t(section.label),
+            icon: section.icon,
+            items: section.items
+                .filter((item) => item.to !== '/mail')
+                .map((item) => ({ label: t(item.label), to: item.to })),
+        })
+    }
+
+    // 2. Fusion dans l'ordre canonique.
+    const result: MalioSection[] = []
+    for (const key of SECTION_ORDER) {
+        const base = backend.get(key)
+        const extra = clientItemsFor(key)
+        if (base) {
+            base.items = mergeClientItems(base.items, extra)
+            if (base.items.length > 0) {
+                result.push(base)
+            }
+        } else if (extra.length > 0) {
+            result.push({ label: t(key), icon: SECTION_ICON[key] ?? '', items: mergeClientItems([], extra) })
+        }
+    }
+
+    // 3. Garde-fou : toute section backend hors ordre canonique n'est pas perdue.
+    for (const [key, section] of backend) {
+        if (!(SECTION_ORDER as readonly string[]).includes(key) && section.items.length > 0) {
+            result.push(section)
+        }
+    }
+
+    return result
+})
+
 const timerStore = useTimerStore()
 
 const baseTitle = ref('Lesstime')
@@ -269,14 +265,3 @@ function onCompleteSaved() {
     })
 }
 </script>
-
-<style scoped>
-.sidebar-overlay-enter-active,
-.sidebar-overlay-leave-active {
-    transition: opacity 0.3s ease;
-}
-.sidebar-overlay-enter-from,
-.sidebar-overlay-leave-to {
-    opacity: 0;
-}
-</style>
diff --git a/frontend/components/ui/AppTopNav.vue b/frontend/components/ui/AppTopNav.vue
index b8fdef2..05b77fd 100644
--- a/frontend/components/ui/AppTopNav.vue
+++ b/frontend/components/ui/AppTopNav.vue
@@ -3,11 +3,11 @@
     <div class="flex h-full items-center justify-between">
       <MalioButtonIcon
         icon="mdi:menu"
-        aria-label="Menu"
+        aria-label="Replier ou déplier le menu"
         variant="ghost"
         icon-size="24"
         button-class="lg:hidden text-white hover:bg-primary-600"
-        @click="ui.openMobileSidebar()"
+        @click="ui.toggleSidebar()"
       />
       <div class="hidden items-center gap-2 lg:flex">
         <h1 class="text-lg font-bold tracking-tight">Lesstime</h1>
diff --git a/frontend/components/ui/PageHeader.vue b/frontend/components/ui/PageHeader.vue
new file mode 100644
index 0000000..336d41f
--- /dev/null
+++ b/frontend/components/ui/PageHeader.vue
@@ -0,0 +1,25 @@
+<template>
+    <!-- Entête de page standard : source unique du style des titres.
+         Toujours sticky en haut du <main> scrollable : reste visible au scroll.
+         Fond blanc + pt-[38px]/pb-[30px] (au lieu de marges) pour que le contenu
+         défilant soit masqué sous l'entête (espaces haut ET bas compris) et que
+         l'entête soit collée sous l'AppTopNav sans trou.
+         Slots :
+           - défaut   : texte du titre
+           - #actions : boutons à droite du titre
+           - #subheader : barre de filtres / onglets rendue SOUS le titre, dans le
+                          même bloc sticky (reste donc collée avec le titre). La
+                          marge titre -> sous-entête est portée par le contenu passé
+                          (ex. mt-4) pour laisser chaque page régler son cas. -->
+    <div class="sticky top-0 z-20 bg-white pt-[38px] pb-[30px]">
+        <div class="flex items-center justify-between gap-4">
+            <h1 class="text-[30px] font-semibold text-primary-500">
+                <slot/>
+            </h1>
+            <div v-if="$slots.actions" class="shrink-0">
+                <slot name="actions"/>
+            </div>
+        </div>
+        <slot name="subheader"/>
+    </div>
+</template>
diff --git a/frontend/components/ui/SidebarLink.vue b/frontend/components/ui/SidebarLink.vue
deleted file mode 100644
index f008b77..0000000
--- a/frontend/components/ui/SidebarLink.vue
+++ /dev/null
@@ -1,52 +0,0 @@
-<template>
-    <NuxtLink
-        :to="to"
-        class="group/link relative flex items-center transition-colors hover:text-primary-500"
-        :class="linkClasses"
-        :active-class="exact ? '' : activeClass"
-        :exact-active-class="exact ? activeClass : ''"
-    >
-        <Icon :name="icon" :size="sub ? '20' : '24'" class="flex-shrink-0" />
-        <span
-            v-if="!collapsed"
-            class="self-baseline whitespace-nowrap overflow-hidden transition-opacity duration-300"
-            :class="sub ? 'text-sm' : 'text-md'"
-        >
-            {{ label }}
-        </span>
-        <div
-            v-if="collapsed"
-            class="pointer-events-none absolute left-full z-50 ml-2 rounded-md bg-neutral-800 px-2 py-1 text-xs text-white opacity-0 shadow-lg transition-opacity group-hover/link:pointer-events-auto group-hover/link:opacity-100 whitespace-nowrap"
-        >
-            {{ label }}
-        </div>
-    </NuxtLink>
-</template>
-
-<script setup lang="ts">
-const props = defineProps<{
-    to: string
-    icon: string
-    label: string
-    collapsed: boolean
-    sub?: boolean
-    exact?: boolean
-}>()
-
-const activeClass = computed(() => {
-    if (props.collapsed) {
-        return '!text-primary-500 bg-primary-500/10'
-    }
-    return '!text-primary-500 bg-tertiary-500'
-})
-
-const linkClasses = computed(() => {
-    if (props.collapsed) {
-        return 'justify-center w-10 h-10 mx-auto my-1 p-2 rounded-lg text-neutral-600 hover:text-primary-500 hover:bg-primary-500/10'
-    }
-    if (props.sub) {
-        return 'gap-3 px-4 py-2 pl-12 text-sm font-semibold text-neutral-700'
-    }
-    return 'gap-3 px-4 py-3 text-md font-semibold text-neutral-700'
-})
-</script>
diff --git a/frontend/i18n/locales/fr.json b/frontend/i18n/locales/fr.json
index d35d48f..9dabbc1 100644
--- a/frontend/i18n/locales/fr.json
+++ b/frontend/i18n/locales/fr.json
@@ -349,21 +349,29 @@
     }
   },
   "sidebar": {
-    "myTasks": "Mes tâches",
     "general": {
-      "section": "Gestion de projet",
+      "section": "Général",
       "dashboard": "Tableau de bord",
       "myTasks": "Mes tâches",
       "projects": "Projets",
       "timeTracking": "Suivi de temps",
-      "mail": "Messagerie"
+      "mail": "Messagerie",
+      "myAbsences": "Mes absences"
+    },
+    "tools": {
+      "section": "Outils"
+    },
+    "project": {
+      "kanban": "Kanban",
+      "groups": "Groupes",
+      "archives": "Archives"
     },
     "admin": {
       "section": "Administration",
       "teamAbsences": "Absences équipe",
-      "administration": "Administration",
       "directory": "Répertoire",
-      "reporting": "Rapports"
+      "reporting": "Rapports",
+      "administration": "Administration"
     }
   },
   "reporting": {
diff --git a/frontend/modules/absence/pages/absences.vue b/frontend/modules/absence/pages/absences.vue
index 9f569c0..b441965 100644
--- a/frontend/modules/absence/pages/absences.vue
+++ b/frontend/modules/absence/pages/absences.vue
@@ -1,15 +1,18 @@
 <template>
-    <div class="flex flex-col gap-6">
-        <div class="flex items-center justify-between">
-            <h1 class="text-2xl font-bold text-neutral-900">{{ $t('absences.title') }}</h1>
-            <MalioButton
-                :label="$t('absences.newRequest')"
-                icon-name="mdi:plus"
-                icon-position="left"
-                @click="requestDrawerOpen = true"
-            />
-        </div>
+    <div>
+        <PageHeader>
+            {{ $t('absences.title') }}
+            <template #actions>
+                <MalioButton
+                    :label="$t('absences.newRequest')"
+                    icon-name="mdi:plus"
+                    icon-position="left"
+                    @click="requestDrawerOpen = true"
+                />
+            </template>
+        </PageHeader>
 
+        <div class="flex flex-col gap-6">
         <AbsenceBalanceCards :balances="balances" />
 
         <!-- Filters -->
@@ -65,6 +68,7 @@
             :can-cancel="selected?.status === 'pending'"
             @cancelled="reload"
         />
+        </div>
     </div>
 </template>
 
diff --git a/frontend/modules/absence/pages/team-absences.vue b/frontend/modules/absence/pages/team-absences.vue
index 385bdba..6725ddf 100644
--- a/frontend/modules/absence/pages/team-absences.vue
+++ b/frontend/modules/absence/pages/team-absences.vue
@@ -1,9 +1,10 @@
 <template>
-    <div class="flex flex-col gap-6">
-        <h1 class="text-2xl font-bold text-neutral-900">
+    <div>
+        <PageHeader>
             {{ $t("absences.teamTitle") }}
-        </h1>
+        </PageHeader>
 
+        <div class="flex flex-col gap-6">
         <!-- KPIs -->
         <div class="grid grid-cols-1 gap-4 sm:grid-cols-3">
             <div class="rounded-lg border border-neutral-200 bg-white p-4">
@@ -189,6 +190,7 @@
             :user="selectedEmployee"
             @saved="loadEmployees"
         />
+        </div>
     </div>
 </template>
 
diff --git a/frontend/modules/core/pages/profile.vue b/frontend/modules/core/pages/profile.vue
index 368185f..54a1cc4 100644
--- a/frontend/modules/core/pages/profile.vue
+++ b/frontend/modules/core/pages/profile.vue
@@ -1,7 +1,7 @@
 <template>
     <NuxtLayout name="default">
     <div class="mx-auto max-w-lg px-4 py-10">
-        <h1 class="mb-8 text-2xl font-bold text-neutral-900">{{ $t('profile.title') }}</h1>
+        <PageHeader>{{ $t('profile.title') }}</PageHeader>
 
         <div class="flex flex-col items-center gap-6 rounded-xl border border-neutral-200 bg-white p-8 shadow-sm">
             <!-- Current avatar -->
diff --git a/frontend/modules/directory/pages/directory/clients/[id].vue b/frontend/modules/directory/pages/directory/clients/[id].vue
index a08b886..3d28983 100644
--- a/frontend/modules/directory/pages/directory/clients/[id].vue
+++ b/frontend/modules/directory/pages/directory/clients/[id].vue
@@ -1,10 +1,13 @@
 <template>
-    <div class="flex flex-col gap-6">
-        <div class="flex items-center gap-3 pt-4">
-            <MalioButtonIcon icon="mdi:arrow-left" :aria-label="$t('common.back')" @click="goBack" />
-            <h1 class="text-2xl font-bold text-neutral-900">{{ client?.name ?? '…' }}</h1>
-        </div>
+    <div>
+        <PageHeader>
+            <span class="inline-flex items-center gap-3">
+                <MalioButtonIcon icon="mdi:arrow-left" :aria-label="$t('common.back')" @click="goBack" />
+                {{ client?.name ?? '…' }}
+            </span>
+        </PageHeader>
 
+        <div class="flex flex-col gap-6">
         <p v-if="loading">{{ $t('common.loading') }}</p>
         <template v-else-if="client">
             <MalioTabList v-model="activeTab" :tabs="tabs">
@@ -111,6 +114,7 @@
                 </template>
             </MalioTabList>
         </template>
+        </div>
     </div>
 </template>
 
diff --git a/frontend/modules/directory/pages/directory/index.vue b/frontend/modules/directory/pages/directory/index.vue
index f3d44b5..b4e8005 100644
--- a/frontend/modules/directory/pages/directory/index.vue
+++ b/frontend/modules/directory/pages/directory/index.vue
@@ -1,9 +1,10 @@
 <template>
-    <div class="flex flex-col gap-6">
-        <h1 class="text-2xl font-bold text-neutral-900">
+    <div>
+        <PageHeader>
             {{ $t('directory.title') }}
-        </h1>
+        </PageHeader>
 
+        <div class="flex flex-col gap-6">
         <MalioTabList v-model="activeTab" :tabs="tabs">
             <!-- Clients -->
             <template #clients>
@@ -171,6 +172,7 @@
             :message="deleteModalMessage"
             @confirm="confirmDelete"
         />
+        </div>
     </div>
 </template>
 
diff --git a/frontend/modules/directory/pages/directory/prestataires/[id].vue b/frontend/modules/directory/pages/directory/prestataires/[id].vue
index 4709cfe..d677e9b 100644
--- a/frontend/modules/directory/pages/directory/prestataires/[id].vue
+++ b/frontend/modules/directory/pages/directory/prestataires/[id].vue
@@ -1,10 +1,13 @@
 <template>
-    <div class="flex flex-col gap-6">
-        <div class="flex items-center gap-3 pt-4">
-            <MalioButtonIcon icon="mdi:arrow-left" :aria-label="$t('common.back')" @click="goBack" />
-            <h1 class="text-2xl font-bold text-neutral-900">{{ prestataire?.name ?? '…' }}</h1>
-        </div>
+    <div>
+        <PageHeader>
+            <span class="inline-flex items-center gap-3">
+                <MalioButtonIcon icon="mdi:arrow-left" :aria-label="$t('common.back')" @click="goBack" />
+                {{ prestataire?.name ?? '…' }}
+            </span>
+        </PageHeader>
 
+        <div class="flex flex-col gap-6">
         <p v-if="loading">{{ $t('common.loading') }}</p>
         <template v-else-if="prestataire">
             <MalioTabList v-model="activeTab" :tabs="tabs">
@@ -111,6 +114,7 @@
                 </template>
             </MalioTabList>
         </template>
+        </div>
     </div>
 </template>
 
diff --git a/frontend/modules/directory/pages/directory/prospects/[id].vue b/frontend/modules/directory/pages/directory/prospects/[id].vue
index ccf7095..ef8d568 100644
--- a/frontend/modules/directory/pages/directory/prospects/[id].vue
+++ b/frontend/modules/directory/pages/directory/prospects/[id].vue
@@ -1,10 +1,13 @@
 <template>
-    <div class="flex flex-col gap-6">
-        <div class="flex items-center gap-3 pt-4">
-            <MalioButtonIcon icon="mdi:arrow-left" :aria-label="$t('common.back')" @click="goBack" />
-            <h1 class="text-2xl font-bold text-neutral-900">{{ prospect?.company ?? '…' }}</h1>
-        </div>
+    <div>
+        <PageHeader>
+            <span class="inline-flex items-center gap-3">
+                <MalioButtonIcon icon="mdi:arrow-left" :aria-label="$t('common.back')" @click="goBack" />
+                {{ prospect?.company ?? '…' }}
+            </span>
+        </PageHeader>
 
+        <div class="flex flex-col gap-6">
         <p v-if="loading">{{ $t('common.loading') }}</p>
         <template v-else-if="prospect">
             <MalioTabList v-model="activeTab" :tabs="tabs">
@@ -126,6 +129,7 @@
                 </template>
             </MalioTabList>
         </template>
+        </div>
     </div>
 </template>
 
diff --git a/frontend/modules/mail/pages/mail.vue b/frontend/modules/mail/pages/mail.vue
index 2690254..c429359 100644
--- a/frontend/modules/mail/pages/mail.vue
+++ b/frontend/modules/mail/pages/mail.vue
@@ -95,11 +95,13 @@ function handleTaskLinked(_taskId: number): void {
 
 <template>
     <div class="flex h-full flex-col overflow-hidden">
-        <div class="flex flex-shrink-0 items-center justify-between border-b border-neutral-200 bg-white px-4 py-3">
-            <h1 class="text-lg font-semibold text-neutral-900">
+        <div class="flex-shrink-0">
+            <PageHeader>
                 {{ t('mail.title') }}
-            </h1>
-            <MailRefreshButton />
+                <template #actions>
+                    <MailRefreshButton />
+                </template>
+            </PageHeader>
         </div>
 
         <div class="flex flex-1 overflow-hidden">
diff --git a/frontend/modules/project-management/pages/my-tasks.vue b/frontend/modules/project-management/pages/my-tasks.vue
index 52e019d..40491fc 100644
--- a/frontend/modules/project-management/pages/my-tasks.vue
+++ b/frontend/modules/project-management/pages/my-tasks.vue
@@ -355,9 +355,9 @@ onMounted(async () => {
 <template>
     <div class="min-w-0">
         <!-- Header + Filters -->
-        <div class="sticky top-8 z-20 bg-white pb-4 sm:top-12">
-            <div class="flex items-center justify-between gap-3">
-                <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">{{ $t('myTasks.title') }}</h1>
+        <PageHeader>
+            {{ $t('myTasks.title') }}
+            <template #actions>
                 <div class="flex items-center gap-2">
                     <MalioButton
                         icon-name="mdi:plus"
@@ -378,78 +378,79 @@ onMounted(async () => {
                         <Icon name="mdi:format-list-bulleted" size="20" />
                     </button>
                 </div>
-            </div>
-
-            <div class="mt-4 flex flex-wrap gap-3">
-                <MalioSelect
-                    v-model="selectedProjectId"
-                    :options="projectOptions"
-                    label="Projet"
-                    :empty-option-label="$t('myTasks.allProjects')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedGroupId"
-                    :options="groupOptions"
-                    label="Groupe"
-                    :empty-option-label="$t('myTasks.allGroups')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedTagId"
-                    :options="tagOptions"
-                    label="Type"
-                    :empty-option-label="$t('myTasks.allTypes')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedPriorityId"
-                    :options="priorityOptions"
-                    label="Priorité"
-                    :empty-option-label="$t('myTasks.allPriorities')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedEffortId"
-                    :options="effortOptions"
-                    label="Effort"
-                    :empty-option-label="$t('myTasks.allEfforts')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedAssigneeId"
-                    :options="assigneeOptions"
-                    label="Assigné"
-                    :empty-option-label="$t('myTasks.allAssignees')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="sortById"
-                    :options="sortOptions"
-                    :label="$t('myTasks.sortBy')"
-                    :empty-option-label="$t('myTasks.sortDefault')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-            </div>
-        </div>
+            </template>
+            <template #subheader>
+                <div class="mt-4 flex flex-wrap gap-3">
+                    <MalioSelect
+                        v-model="selectedProjectId"
+                        :options="projectOptions"
+                        label="Projet"
+                        :empty-option-label="$t('myTasks.allProjects')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedGroupId"
+                        :options="groupOptions"
+                        label="Groupe"
+                        :empty-option-label="$t('myTasks.allGroups')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedTagId"
+                        :options="tagOptions"
+                        label="Type"
+                        :empty-option-label="$t('myTasks.allTypes')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedPriorityId"
+                        :options="priorityOptions"
+                        label="Priorité"
+                        :empty-option-label="$t('myTasks.allPriorities')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedEffortId"
+                        :options="effortOptions"
+                        label="Effort"
+                        :empty-option-label="$t('myTasks.allEfforts')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedAssigneeId"
+                        :options="assigneeOptions"
+                        label="Assigné"
+                        :empty-option-label="$t('myTasks.allAssignees')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="sortById"
+                        :options="sortOptions"
+                        :label="$t('myTasks.sortBy')"
+                        :empty-option-label="$t('myTasks.sortDefault')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                </div>
+            </template>
+        </PageHeader>
 
         <!-- Kanban View — grouped by canonical category -->
         <div v-if="viewMode === 'kanban'">
-            <div class="mt-6 flex h-[calc(100vh-260px)] gap-3 overflow-x-auto pb-4">
+            <div class="flex h-[calc(100vh-260px)] gap-3 overflow-x-auto pb-4">
                 <div
                     v-for="cat in CATEGORIES"
                     :key="cat"
@@ -509,7 +510,7 @@ onMounted(async () => {
         </div>
 
         <!-- List View -->
-        <div v-if="viewMode === 'list'" class="mt-6 flex flex-col gap-2.5 rounded-[10px] bg-tertiary-500 p-2.5">
+        <div v-if="viewMode === 'list'" class="flex flex-col gap-2.5 rounded-[10px] bg-tertiary-500 p-2.5">
             <TaskBulkActions
                 :selected-count="selectedTaskIds.size"
                 :total-count="tasks.length"
diff --git a/frontend/modules/project-management/pages/projects/[id]/archives.vue b/frontend/modules/project-management/pages/projects/[id]/archives.vue
index de3ea86..a8173a5 100644
--- a/frontend/modules/project-management/pages/projects/[id]/archives.vue
+++ b/frontend/modules/project-management/pages/projects/[id]/archives.vue
@@ -1,20 +1,19 @@
 <template>
     <div>
-        <div class="sticky top-8 z-20 bg-white pb-4 sm:top-12">
-            <div class="flex items-center justify-between">
-                <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">{{ project?.name ?? '' }} — {{ $t('archive.title') }}</h1>
-            </div>
-
-            <div class="mt-4">
-                <MalioSelect
-                    v-model="selectedGroupId"
-                    :options="groupFilterOptions"
-                    label="Groupe"
-                    empty-option-label="Tous les groupes"
-                    group-class="w-64"
-                />
-            </div>
-        </div>
+        <PageHeader>
+            {{ project?.name ?? '' }} — {{ $t('archive.title') }}
+            <template #subheader>
+                <div class="mt-4">
+                    <MalioSelect
+                        v-model="selectedGroupId"
+                        :options="groupFilterOptions"
+                        label="Groupe"
+                        empty-option-label="Tous les groupes"
+                        group-class="w-64"
+                    />
+                </div>
+            </template>
+        </PageHeader>
 
         <div>
             <p v-if="filteredTasks.length === 0" class="text-sm text-neutral-400">
diff --git a/frontend/modules/project-management/pages/projects/[id]/groups.vue b/frontend/modules/project-management/pages/projects/[id]/groups.vue
index 3a4f802..e68c42a 100644
--- a/frontend/modules/project-management/pages/projects/[id]/groups.vue
+++ b/frontend/modules/project-management/pages/projects/[id]/groups.vue
@@ -1,10 +1,6 @@
 <template>
     <div>
-        <div class="sticky top-8 z-20 bg-white pb-4 sm:top-12">
-            <div class="flex items-center justify-between">
-                <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">{{ project?.name ?? '' }} — Groupes</h1>
-            </div>
-        </div>
+        <PageHeader>{{ project?.name ?? '' }} — Groupes</PageHeader>
 
         <div>
             <ProjectGroupTab :project-id="projectId" />
diff --git a/frontend/modules/project-management/pages/projects/[id]/index.vue b/frontend/modules/project-management/pages/projects/[id]/index.vue
index 13bd443..94b0d19 100644
--- a/frontend/modules/project-management/pages/projects/[id]/index.vue
+++ b/frontend/modules/project-management/pages/projects/[id]/index.vue
@@ -1,8 +1,8 @@
 <template>
     <div class="min-w-0">
-        <div class="sticky top-8 z-20 bg-white pb-4 sm:top-12">
-            <div class="flex items-center justify-between gap-3">
-                <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">{{ project?.name ?? '' }}</h1>
+        <PageHeader>
+            {{ project?.name ?? '' }}
+            <template #actions>
                 <div class="flex items-center gap-2">
                     <MalioButton
                         icon-name="mdi:plus"
@@ -30,66 +30,67 @@
                         @click="projectDrawerOpen = true"
                     />
                 </div>
-            </div>
-
-            <div class="mt-4 flex flex-wrap gap-3">
-                <MalioSelect
-                    v-model="selectedGroupId"
-                    :options="groupFilterOptions"
-                    label="Groupe"
-                    empty-option-label="Tous les groupes"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedTagId"
-                    :options="tagFilterOptions"
-                    label="Tags"
-                    empty-option-label="Tous les tags"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedAssigneeId"
-                    :options="userFilterOptions"
-                    label="User"
-                    empty-option-label="Tous les users"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-if="viewMode === 'list'"
-                    v-model="selectedStatusId"
-                    :options="statusFilterOptions"
-                    label="Status"
-                    empty-option-label="Tous les status"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedPriorityId"
-                    :options="priorityFilterOptions"
-                    label="Priorité"
-                    empty-option-label="Toutes"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedEffortId"
-                    :options="effortFilterOptions"
-                    label="Effort"
-                    empty-option-label="Tous"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-            </div>
-        </div>
+            </template>
+            <template #subheader>
+                <div class="mt-4 flex flex-wrap gap-3">
+                    <MalioSelect
+                        v-model="selectedGroupId"
+                        :options="groupFilterOptions"
+                        label="Groupe"
+                        empty-option-label="Tous les groupes"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedTagId"
+                        :options="tagFilterOptions"
+                        label="Tags"
+                        empty-option-label="Tous les tags"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedAssigneeId"
+                        :options="userFilterOptions"
+                        label="User"
+                        empty-option-label="Tous les users"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-if="viewMode === 'list'"
+                        v-model="selectedStatusId"
+                        :options="statusFilterOptions"
+                        label="Status"
+                        empty-option-label="Tous les status"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedPriorityId"
+                        :options="priorityFilterOptions"
+                        label="Priorité"
+                        empty-option-label="Toutes"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedEffortId"
+                        :options="effortFilterOptions"
+                        label="Effort"
+                        empty-option-label="Tous"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                </div>
+            </template>
+        </PageHeader>
 
         <!-- Kanban -->
         <div v-if="viewMode === 'kanban'" class="mt-6 flex h-[calc(100vh-200px)] gap-3 overflow-x-auto pb-4">
diff --git a/frontend/modules/project-management/pages/projects/index.vue b/frontend/modules/project-management/pages/projects/index.vue
index d4b1b99..9301180 100644
--- a/frontend/modules/project-management/pages/projects/index.vue
+++ b/frontend/modules/project-management/pages/projects/index.vue
@@ -1,8 +1,8 @@
 <template>
     <div>
-        <div class="sticky top-8 z-20 bg-white pb-4 sm:top-12">
-            <div class="flex flex-wrap items-center justify-between gap-3">
-                <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">{{ $t('projects.title') }}</h1>
+        <PageHeader>
+            {{ $t('projects.title') }}
+            <template #actions>
                 <div class="flex items-center gap-2 sm:gap-3">
                     <MalioButton
                         variant="tertiary"
@@ -23,8 +23,8 @@
                         <span class="sm:hidden">{{ $t('projects.addProjectShort') }}</span>
                     </MalioButton>
                 </div>
-            </div>
-        </div>
+            </template>
+        </PageHeader>
 
         <div class="grid grid-cols-1 gap-6 sm:grid-cols-2 lg:grid-cols-3 xl:grid-cols-4">
             <div
diff --git a/frontend/modules/reporting/pages/reporting.vue b/frontend/modules/reporting/pages/reporting.vue
index 8fc220b..a00c16c 100644
--- a/frontend/modules/reporting/pages/reporting.vue
+++ b/frontend/modules/reporting/pages/reporting.vue
@@ -1,60 +1,59 @@
 <template>
     <div>
-        <div class="sticky top-8 z-20 bg-white pb-4 sm:top-12">
-            <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">
-                {{ $t('reporting.title') }}
-            </h1>
-
-            <!-- Filters -->
-            <div class="mt-4 flex flex-wrap items-end gap-3">
-                <MalioSelect
-                    v-model="selectedPeriod"
-                    :options="periodOptions"
-                    :label="$t('reporting.filters.period')"
-                    group-class="!w-48"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <div class="w-40">
-                    <label class="mb-1 block text-sm font-medium text-neutral-700">
-                        {{ $t('reporting.filters.from') }}
-                    </label>
-                    <MalioDate
-                        v-model="customFrom"
-                        :disabled="selectedPeriod !== 'custom'"
-                        group-class="w-full"
+        <PageHeader>
+            {{ $t('reporting.title') }}
+            <template #subheader>
+                <!-- Filters -->
+                <div class="mt-4 flex flex-wrap items-end gap-3">
+                    <MalioSelect
+                        v-model="selectedPeriod"
+                        :options="periodOptions"
+                        :label="$t('reporting.filters.period')"
+                        group-class="!w-48"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <div class="w-40">
+                        <label class="mb-1 block text-sm font-medium text-neutral-700">
+                            {{ $t('reporting.filters.from') }}
+                        </label>
+                        <MalioDate
+                            v-model="customFrom"
+                            :disabled="selectedPeriod !== 'custom'"
+                            group-class="w-full"
+                        />
+                    </div>
+                    <div class="w-40">
+                        <label class="mb-1 block text-sm font-medium text-neutral-700">
+                            {{ $t('reporting.filters.to') }}
+                        </label>
+                        <MalioDate
+                            v-model="customTo"
+                            :disabled="selectedPeriod !== 'custom'"
+                            group-class="w-full"
+                        />
+                    </div>
+                    <MalioSelect
+                        v-model="selectedProjectId"
+                        :options="projectOptions"
+                        :label="$t('reporting.filters.project')"
+                        :empty-option-label="$t('reporting.filters.allProjects')"
+                        group-class="!w-44"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedUserId"
+                        :options="userOptions"
+                        :label="$t('reporting.filters.user')"
+                        :empty-option-label="$t('reporting.filters.allUsers')"
+                        group-class="!w-44"
+                        text-field="text-sm"
+                        text-value="text-sm"
                     />
                 </div>
-                <div class="w-40">
-                    <label class="mb-1 block text-sm font-medium text-neutral-700">
-                        {{ $t('reporting.filters.to') }}
-                    </label>
-                    <MalioDate
-                        v-model="customTo"
-                        :disabled="selectedPeriod !== 'custom'"
-                        group-class="w-full"
-                    />
-                </div>
-                <MalioSelect
-                    v-model="selectedProjectId"
-                    :options="projectOptions"
-                    :label="$t('reporting.filters.project')"
-                    :empty-option-label="$t('reporting.filters.allProjects')"
-                    group-class="!w-44"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedUserId"
-                    :options="userOptions"
-                    :label="$t('reporting.filters.user')"
-                    :empty-option-label="$t('reporting.filters.allUsers')"
-                    group-class="!w-44"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-            </div>
-        </div>
+            </template>
+        </PageHeader>
 
         <!-- Loading -->
         <div v-if="isLoading" class="mt-12 flex items-center justify-center">
diff --git a/frontend/modules/time-tracking/pages/time-tracking.vue b/frontend/modules/time-tracking/pages/time-tracking.vue
index 070c55b..c3939ec 100644
--- a/frontend/modules/time-tracking/pages/time-tracking.vue
+++ b/frontend/modules/time-tracking/pages/time-tracking.vue
@@ -1,101 +1,104 @@
 <template>
     <div class="flex min-h-0 flex-1 flex-col">
-        <div ref="pageHeaderEl" class="sticky top-8 z-20 flex-shrink-0 bg-white pb-4 sm:top-12">
-            <div class="flex items-center justify-between gap-3">
-                <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">Suivi des temps</h1>
-                <MalioButton
-                    icon-name="mdi:plus"
-                    icon-position="left"
-                    button-class="shrink-0"
-                    @click="openCreateDrawer()"
-                >
-                    <span class="hidden sm:inline">Ajouter une Activité</span>
-                    <span class="sm:hidden">Activité</span>
-                </MalioButton>
-            </div>
-
-            <div class="relative z-30 mt-4 flex flex-wrap items-center gap-3 sm:gap-4">
-                <div class="flex shrink-0 items-center gap-1 h-8">
-                    <MalioButtonIcon
-                        icon="mdi:chevron-left"
-                        aria-label="Précédent"
-                        variant="ghost"
-                        @click="navigatePrev"
-                    />
-                    <DateFilter v-model="selectedDateFilter" :picker-mode="viewMode === 'day' ? 'day' : 'week'" />
-                    <h2 class="shrink-0 whitespace-nowrap text-lg font-bold leading-8 text-orange-500">
-                        {{ currentMonthLabel }}
-                    </h2>
-                    <MalioButtonIcon
-                        icon="mdi:chevron-right"
-                        aria-label="Suivant"
-                        variant="ghost"
-                        @click="navigateNext"
-                    />
-                </div>
-
-                <div class="flex items-center rounded-full bg-neutral-100 p-1">
-                    <button
-                        v-for="mode in (['week', 'day', 'list'] as const)"
-                        :key="mode"
-                        class="rounded-full px-4 py-1.5 text-sm font-semibold transition-all"
-                        :class="viewMode === mode
-                            ? 'bg-primary-500 text-white shadow-sm'
-                            : 'text-neutral-500 hover:text-neutral-700'"
-                        @click="viewMode = mode"
+        <div ref="pageHeaderEl" class="flex-shrink-0">
+            <PageHeader>
+                Suivi des temps
+                <template #actions>
+                    <MalioButton
+                        icon-name="mdi:plus"
+                        icon-position="left"
+                        button-class="shrink-0"
+                        @click="openCreateDrawer()"
                     >
-                        {{ mode === 'week' ? 'Semaine' : mode === 'day' ? 'Jour' : 'Liste' }}
-                    </button>
-                </div>
+                        <span class="hidden sm:inline">Ajouter une Activité</span>
+                        <span class="sm:hidden">Activité</span>
+                    </MalioButton>
+                </template>
+                <template #subheader>
+                    <div class="relative z-30 mt-4 flex flex-wrap items-center gap-3 sm:gap-4">
+                        <div class="flex shrink-0 items-center gap-1 h-8">
+                            <MalioButtonIcon
+                                icon="mdi:chevron-left"
+                                aria-label="Précédent"
+                                variant="ghost"
+                                @click="navigatePrev"
+                            />
+                            <DateFilter v-model="selectedDateFilter" :picker-mode="viewMode === 'day' ? 'day' : 'week'" />
+                            <h2 class="shrink-0 whitespace-nowrap text-lg font-bold leading-8 text-orange-500">
+                                {{ currentMonthLabel }}
+                            </h2>
+                            <MalioButtonIcon
+                                icon="mdi:chevron-right"
+                                aria-label="Suivant"
+                                variant="ghost"
+                                @click="navigateNext"
+                            />
+                        </div>
 
-                <div class="[&>div]:!mt-0">
-                    <MalioSelect
-                        v-model="selectedUserId"
-                        :options="userOptions"
-                        group-class="!w-36 sm:!w-44"
-                        text-field="text-sm"
-                        text-value="text-sm"
-                        label="User"
-                        empty-option-label="Tous"
-                    />
-                </div>
+                        <div class="flex items-center rounded-full bg-neutral-100 p-1">
+                            <button
+                                v-for="mode in (['week', 'day', 'list'] as const)"
+                                :key="mode"
+                                class="rounded-full px-4 py-1.5 text-sm font-semibold transition-all"
+                                :class="viewMode === mode
+                                    ? 'bg-primary-500 text-white shadow-sm'
+                                    : 'text-neutral-500 hover:text-neutral-700'"
+                                @click="viewMode = mode"
+                            >
+                                {{ mode === 'week' ? 'Semaine' : mode === 'day' ? 'Jour' : 'Liste' }}
+                            </button>
+                        </div>
 
-                <div class="[&>div]:!mt-0">
-                    <MalioSelect
-                        v-model="selectedProjectId"
-                        :options="projectOptions"
-                        empty-option-label="Tous"
-                        label="Projet"
-                        group-class="!w-36 sm:!w-44"
-                        text-field="text-sm"
-                        text-value="text-sm"
-                    />
-                </div>
+                        <div class="[&>div]:!mt-0">
+                            <MalioSelect
+                                v-model="selectedUserId"
+                                :options="userOptions"
+                                group-class="!w-36 sm:!w-44"
+                                text-field="text-sm"
+                                text-value="text-sm"
+                                label="User"
+                                empty-option-label="Tous"
+                            />
+                        </div>
 
-                <div class="[&>div]:!mt-0">
-                    <MalioSelect
-                        v-model="selectedTagId"
-                        :options="tagOptions"
-                        empty-option-label="Tous"
-                        label="Tag"
-                        group-class="!w-36 sm:!w-44"
-                        text-field="text-sm"
-                        text-value="text-sm"
-                    />
-                </div>
+                        <div class="[&>div]:!mt-0">
+                            <MalioSelect
+                                v-model="selectedProjectId"
+                                :options="projectOptions"
+                                empty-option-label="Tous"
+                                label="Projet"
+                                group-class="!w-36 sm:!w-44"
+                                text-field="text-sm"
+                                text-value="text-sm"
+                            />
+                        </div>
 
-                <MalioButton
-                    :label="$t('timeEntries.export')"
-                    variant="secondary"
-                    icon-name="mdi:download"
-                    icon-position="left"
-                    button-class="w-auto px-4"
-                    @click="exportDrawerOpen = true"
-                />
-            </div>
+                        <div class="[&>div]:!mt-0">
+                            <MalioSelect
+                                v-model="selectedTagId"
+                                :options="tagOptions"
+                                empty-option-label="Tous"
+                                label="Tag"
+                                group-class="!w-36 sm:!w-44"
+                                text-field="text-sm"
+                                text-value="text-sm"
+                            />
+                        </div>
+
+                        <MalioButton
+                            :label="$t('timeEntries.export')"
+                            variant="secondary"
+                            icon-name="mdi:download"
+                            icon-position="left"
+                            button-class="w-auto px-4"
+                            @click="exportDrawerOpen = true"
+                        />
+                    </div>
+                </template>
+            </PageHeader>
         </div>
 
-        <div class="relative z-0 mt-4 -mb-24 min-h-0 flex-1">
+        <div class="relative z-0 -mb-24 min-h-0 flex-1">
             <TimeEntryList
                 v-if="viewMode === 'list'"
                 :entries="filteredEntries"
diff --git a/frontend/nuxt.config.ts b/frontend/nuxt.config.ts
index 2819db7..185738b 100644
--- a/frontend/nuxt.config.ts
+++ b/frontend/nuxt.config.ts
@@ -33,6 +33,9 @@ export default defineNuxtConfig({
         'nuxt-toast',
         '@nuxtjs/i18n',
         '@nuxt/icon',
+        // Error tracking GlitchTip : charge le module uniquement si un DSN est fourni
+        // (donc seulement au build prod). En dev, aucun DSN => zero impact.
+        ...(process.env.NUXT_PUBLIC_SENTRY_DSN ? ['@sentry/nuxt/module'] : []),
     ],
     dir: {
         layouts: 'app/layouts',
@@ -56,6 +59,23 @@ export default defineNuxtConfig({
     runtimeConfig: {
         public: {
             apiBase: process.env.NUXT_PUBLIC_API_BASE,
+            sentry: {
+                // DSN du projet GlitchTip "lesstime-front" (vide => SDK inerte).
+                dsn: process.env.NUXT_PUBLIC_SENTRY_DSN || '',
+                environment: process.env.NODE_ENV || 'development',
+            },
+        },
+    },
+
+    // Upload des source maps vers GlitchTip (stacktraces lisibles cote front).
+    // Ne s'execute au build que si un token d'upload est fourni.
+    sourcemap: { client: 'hidden' },
+    sentry: {
+        sourceMapsUploadOptions: {
+            url: process.env.SENTRY_URL,
+            org: process.env.SENTRY_ORG,
+            project: process.env.SENTRY_PROJECT,
+            authToken: process.env.SENTRY_AUTH_TOKEN,
         },
     },
     devServer: {
diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index 3f7232a..5b7698b 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -7,11 +7,12 @@
             "name": "nuxt-app",
             "hasInstallScript": true,
             "dependencies": {
-                "@malio/layer-ui": "^1.7.5",
+                "@malio/layer-ui": "^1.7.16",
                 "@nuxt/icon": "^2.2.1",
                 "@nuxtjs/i18n": "^10.2.3",
                 "@nuxtjs/tailwindcss": "^6.14.0",
                 "@pinia/nuxt": "^0.11.3",
+                "@sentry/nuxt": "^10.61.0",
                 "@tailwindcss/typography": "^0.5.19",
                 "@vuepic/vue-datepicker": "^12.1.0",
                 "chart.js": "^4.5.1",
@@ -56,6 +57,58 @@
                 "url": "https://github.com/sponsors/antfu"
             }
         },
+        "node_modules/@apm-js-collab/code-transformer": {
+            "version": "0.15.0",
+            "resolved": "https://registry.npmjs.org/@apm-js-collab/code-transformer/-/code-transformer-0.15.0.tgz",
+            "integrity": "sha512-XmXYVs8CzJ1Aj79noVbn2weUO/XWtRyURpGqx7aU7DOXlUQhR0WKOQNF0okh7PCeY37vxf7kU3v57OAkEPm3ww==",
+            "license": "Apache-2.0",
+            "dependencies": {
+                "@types/estree": "^1.0.8",
+                "astring": "^1.9.0",
+                "esquery": "^1.7.0",
+                "meriyah": "^6.1.4",
+                "semifies": "^1.0.0",
+                "source-map": "^0.6.0"
+            },
+            "bin": {
+                "code-transformer": "cli.js"
+            }
+        },
+        "node_modules/@apm-js-collab/code-transformer-bundler-plugins": {
+            "version": "0.5.0",
+            "resolved": "https://registry.npmjs.org/@apm-js-collab/code-transformer-bundler-plugins/-/code-transformer-bundler-plugins-0.5.0.tgz",
+            "integrity": "sha512-YxLBY5nGlurL7QeJLq6e5g0ouBpAp0pwgyA/5rHXEXwhiPLn9ZHbT+Y2LlP90GT872cSocfjWRYu/fnpuBudNQ==",
+            "license": "MIT",
+            "dependencies": {
+                "@apm-js-collab/code-transformer": "^0.15.0",
+                "es-module-lexer": "^2.1.0",
+                "magic-string": "^0.30.21",
+                "module-details-from-path": "^1.0.4"
+            },
+            "engines": {
+                "node": ">=18.0.0"
+            }
+        },
+        "node_modules/@apm-js-collab/code-transformer/node_modules/source-map": {
+            "version": "0.6.1",
+            "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+            "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+            "license": "BSD-3-Clause",
+            "engines": {
+                "node": ">=0.10.0"
+            }
+        },
+        "node_modules/@apm-js-collab/tracing-hooks": {
+            "version": "0.10.0",
+            "resolved": "https://registry.npmjs.org/@apm-js-collab/tracing-hooks/-/tracing-hooks-0.10.0.tgz",
+            "integrity": "sha512-2/Z3NTewJTruUkmsSnBC5bJlLNUd9keuD1OLlTEpim4FyLhm6m2Rnfv+wrFdUvFfhmH8CRdiDZBqBrn+wyaGuA==",
+            "license": "Apache-2.0",
+            "dependencies": {
+                "@apm-js-collab/code-transformer": "^0.15.0",
+                "debug": "^4.4.1",
+                "module-details-from-path": "^1.0.4"
+            }
+        },
         "node_modules/@babel/code-frame": {
             "version": "7.29.0",
             "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.29.0.tgz",
@@ -84,6 +137,7 @@
             "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.29.0.tgz",
             "integrity": "sha512-CGOfOJqWjg2qW/Mb6zNsDm+u5vFQ8DxXfbM09z69p5Z6+mE1ikP2jUXw+j42Pf1XTYED2Rni5f95npYeuwMDQA==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@babel/code-frame": "^7.29.0",
                 "@babel/generator": "^7.29.0",
@@ -1045,7 +1099,6 @@
             "resolved": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.12.2.tgz",
             "integrity": "sha512-EriSTlt5OC9/7SXkRSCAhfSxxoSUgBm33OH+IkwbdpgoqsSsUg7y3uh+IICI/Qg4BBWr3U2i39RpmycbxMq4ew==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": "^12.0.0 || ^14.0.0 || >=16.0.0"
             }
@@ -1055,7 +1108,6 @@
             "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.23.3.tgz",
             "integrity": "sha512-j+eEWmB6YYLwcNOdlwQ6L2OsptI/LO6lNBuLIqe5R7RetD658HLoF+Mn7LzYmAWWNNzdC6cqP+L6r8ujeYXWLw==",
             "license": "Apache-2.0",
-            "peer": true,
             "dependencies": {
                 "@eslint/object-schema": "^3.0.3",
                 "debug": "^4.3.1",
@@ -1070,7 +1122,6 @@
             "resolved": "https://registry.npmjs.org/@eslint/config-helpers/-/config-helpers-0.5.3.tgz",
             "integrity": "sha512-lzGN0onllOZCGroKJmRwY6QcEHxbjBw1gwB8SgRSqK8YbbtEXMvKynsXc3553ckIEBxsbMBU7oOZXKIPGZNeZw==",
             "license": "Apache-2.0",
-            "peer": true,
             "dependencies": {
                 "@eslint/core": "^1.1.1"
             },
@@ -1083,7 +1134,6 @@
             "resolved": "https://registry.npmjs.org/@eslint/core/-/core-1.1.1.tgz",
             "integrity": "sha512-QUPblTtE51/7/Zhfv8BDwO0qkkzQL7P/aWWbqcf4xWLEYn1oKjdO0gglQBB4GAsu7u6wjijbCmzsUTy6mnk6oQ==",
             "license": "Apache-2.0",
-            "peer": true,
             "dependencies": {
                 "@types/json-schema": "^7.0.15"
             },
@@ -1096,7 +1146,6 @@
             "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-3.0.3.tgz",
             "integrity": "sha512-iM869Pugn9Nsxbh/YHRqYiqd23AmIbxJOcpUMOuWCVNdoQJ5ZtwL6h3t0bcZzJUlC3Dq9jCFCESBZnX0GTv7iQ==",
             "license": "Apache-2.0",
-            "peer": true,
             "engines": {
                 "node": "^20.19.0 || ^22.13.0 || >=24"
             }
@@ -1106,7 +1155,6 @@
             "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.6.1.tgz",
             "integrity": "sha512-iH1B076HoAshH1mLpHMgwdGeTs0CYwL0SPMkGuSebZrwBp16v415e9NZXg2jtrqPVQjf6IANe2Vtlr5KswtcZQ==",
             "license": "Apache-2.0",
-            "peer": true,
             "dependencies": {
                 "@eslint/core": "^1.1.1",
                 "levn": "^0.4.1"
@@ -1129,6 +1177,7 @@
             "resolved": "https://registry.npmjs.org/@floating-ui/dom/-/dom-1.7.6.tgz",
             "integrity": "sha512-9gZSAI5XM36880PPMm//9dfiEngYoC6Am2izES1FF406YFsjvyBMmeJ2g4SAju3xWwtuynNRFL2s9hgxpLI5SQ==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@floating-ui/core": "^1.7.5",
                 "@floating-ui/utils": "^0.2.11"
@@ -1182,7 +1231,6 @@
             "resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz",
             "integrity": "sha512-5DyQ4+1JEUzejeK1JGICcideyfUbGixgS9jNgex5nqkW+cY7WZhxBigmieN5Qnw9ZosSNVC9KQKyb+GUaGyKUA==",
             "license": "Apache-2.0",
-            "peer": true,
             "engines": {
                 "node": ">=18.18.0"
             }
@@ -1192,7 +1240,6 @@
             "resolved": "https://registry.npmjs.org/@humanfs/node/-/node-0.16.7.tgz",
             "integrity": "sha512-/zUx+yOsIrG4Y43Eh2peDeKCxlRt/gET6aHfaKpuq267qXdYDFViVHfMaLyygZOnl0kGWxFIgsBy8QFuTLUXEQ==",
             "license": "Apache-2.0",
-            "peer": true,
             "dependencies": {
                 "@humanfs/core": "^0.19.1",
                 "@humanwhocodes/retry": "^0.4.0"
@@ -1206,7 +1253,6 @@
             "resolved": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz",
             "integrity": "sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==",
             "license": "Apache-2.0",
-            "peer": true,
             "engines": {
                 "node": ">=12.22"
             },
@@ -1220,7 +1266,6 @@
             "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.3.tgz",
             "integrity": "sha512-bV0Tgo9K4hfPCek+aMAn81RppFKv2ySDQeMoSZuvTASywNTnVJCArCZE2FWqpvIatKu7VMRLWlR1EazvVhDyhQ==",
             "license": "Apache-2.0",
-            "peer": true,
             "engines": {
                 "node": ">=18.18"
             },
@@ -2220,9 +2265,9 @@
             "license": "MIT"
         },
         "node_modules/@malio/layer-ui": {
-            "version": "1.7.5",
-            "resolved": "https://gitea.malio.fr/api/packages/MALIO-DEV/npm/%40malio%2Flayer-ui/-/1.7.5/layer-ui-1.7.5.tgz",
-            "integrity": "sha512-xryrAYgVgX3eurEWXT/d0p4r/MBYNBB3mBnvV6xVcFhzxW+HfOra8hsVHLvrCtd+m5E1t7PDRzjw1FObkV6fdQ==",
+            "version": "1.7.16",
+            "resolved": "https://gitea.malio.fr/api/packages/MALIO-DEV/npm/%40malio%2Flayer-ui/-/1.7.16/layer-ui-1.7.16.tgz",
+            "integrity": "sha512-24scQzhfnwLJr+JTlusiiazkjEK8pqwPp5NZGLdFbP32f+J9RpwoJf/U0ztwIJssXEeYvJB4cdLDYow7dZJv6Q==",
             "dependencies": {
                 "@nuxt/icon": "^2.2.1",
                 "@nuxtjs/tailwindcss": "^6.14.0",
@@ -2246,6 +2291,7 @@
             "resolved": "https://registry.npmjs.org/@tiptap/core/-/core-3.22.5.tgz",
             "integrity": "sha512-L1lhWz6ujGny8LduTJ7MBWYhzigwOvfUJUrJ7IzOJSuy3+OAzisdGDD1GV7LEO/hU0Hr2Mkm1wajRIHExvS9HQ==",
             "license": "MIT",
+            "peer": true,
             "funding": {
                 "type": "github",
                 "url": "https://github.com/sponsors/ueberdosis"
@@ -2494,6 +2540,7 @@
             "resolved": "https://registry.npmjs.org/@tiptap/extension-list/-/extension-list-3.22.5.tgz",
             "integrity": "sha512-cVO3ZHCgxAWZ4zrFSs81FO2nyCk1wb2EHkpLpW98FzbJLkN9rDkazhW99P3HRWy/CvUldOT+8ecI1YrQtBojMg==",
             "license": "MIT",
+            "peer": true,
             "funding": {
                 "type": "github",
                 "url": "https://github.com/sponsors/ueberdosis"
@@ -2599,6 +2646,7 @@
             "resolved": "https://registry.npmjs.org/@tiptap/extension-text-style/-/extension-text-style-3.22.5.tgz",
             "integrity": "sha512-jt63jy8YbhZJUGMxTUzeivLhowGtFp6YbCFrrmZJ7G6IHu8X8LJzO81ksz5nT5l8DKpldGwnINUfA6iE91JIAg==",
             "license": "MIT",
+            "peer": true,
             "funding": {
                 "type": "github",
                 "url": "https://github.com/sponsors/ueberdosis"
@@ -2625,6 +2673,7 @@
             "resolved": "https://registry.npmjs.org/@tiptap/extensions/-/extensions-3.22.5.tgz",
             "integrity": "sha512-Ifg4MzKCj3uRqe3ieTwYnomu2y4p7EXr2avVSKZYfh12i2dyWe2Gkn1KuZDREANVE+gHqFlQjJRYzhJFwzSCrg==",
             "license": "MIT",
+            "peer": true,
             "funding": {
                 "type": "github",
                 "url": "https://github.com/sponsors/ueberdosis"
@@ -2639,6 +2688,7 @@
             "resolved": "https://registry.npmjs.org/@tiptap/pm/-/pm-3.22.5.tgz",
             "integrity": "sha512-Cr9Mv4igxvI2tKMiahw48sZxva3PfDzypErH8IB82N+9qa9n9ygVMt0BOaDg53hLKxEEVeYr2S/wCcJIVFgBTw==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "prosemirror-changeset": "^2.3.0",
                 "prosemirror-commands": "^1.6.2",
@@ -3021,6 +3071,7 @@
             "resolved": "https://registry.npmjs.org/@nuxt/kit/-/kit-4.3.1.tgz",
             "integrity": "sha512-UjBFt72dnpc+83BV3OIbCT0YHLevJtgJCHpxMX0YRKWLDhhbcDdUse87GtsQBrjvOzK7WUNUYLDS/hQLYev5rA==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "c12": "^3.3.3",
                 "consola": "^3.4.2",
@@ -3093,6 +3144,7 @@
             "resolved": "https://registry.npmjs.org/@nuxt/schema/-/schema-4.3.1.tgz",
             "integrity": "sha512-S+wHJdYDuyk9I43Ej27y5BeWMZgi7R/UVql3b3qtT35d0fbpXW7fUenzhLRCCDC6O10sjguc6fcMcR9sMKvV8g==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@vue/shared": "^3.5.27",
                 "defu": "^6.1.4",
@@ -3739,6 +3791,7 @@
             "resolved": "https://registry.npmjs.org/oxc-parser/-/oxc-parser-0.95.0.tgz",
             "integrity": "sha512-Te8fE/SmiiKWIrwBwxz5Dod87uYvsbcZ9JAL5ylPg1DevyKgTkxCXnPEaewk1Su2qpfNmry5RHoN+NywWFCG+A==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@oxc-project/types": "^0.95.0"
             },
@@ -3926,6 +3979,103 @@
                 "node": ">=18.12.0"
             }
         },
+        "node_modules/@opentelemetry/api": {
+            "version": "1.9.1",
+            "resolved": "https://registry.npmjs.org/@opentelemetry/api/-/api-1.9.1.tgz",
+            "integrity": "sha512-gLyJlPHPZYdAk1JENA9LeHejZe1Ti77/pTeFm/nMXmQH/HFZlcS/O2XJB+L8fkbrNSqhdtlvjBVjxwUYanNH5Q==",
+            "license": "Apache-2.0",
+            "engines": {
+                "node": ">=8.0.0"
+            }
+        },
+        "node_modules/@opentelemetry/api-logs": {
+            "version": "0.214.0",
+            "resolved": "https://registry.npmjs.org/@opentelemetry/api-logs/-/api-logs-0.214.0.tgz",
+            "integrity": "sha512-40lSJeqYO8Uz2Yj7u94/SJWE/wONa7rmMKjI1ZcIjgf3MHNHv1OZUCrCETGuaRF62d5pQD1wKIW+L4lmSMTzZA==",
+            "license": "Apache-2.0",
+            "dependencies": {
+                "@opentelemetry/api": "^1.3.0"
+            },
+            "engines": {
+                "node": ">=8.0.0"
+            }
+        },
+        "node_modules/@opentelemetry/core": {
+            "version": "2.8.0",
+            "resolved": "https://registry.npmjs.org/@opentelemetry/core/-/core-2.8.0.tgz",
+            "integrity": "sha512-hd1Lfh8p545nNz+jq1Ejfz+Mn1hyLuxYn1YzTfFNrxr8urEWMNQLPf1Th8kjOH+HxwawCrtgBp8JpBUR4ZSgww==",
+            "license": "Apache-2.0",
+            "peer": true,
+            "dependencies": {
+                "@opentelemetry/semantic-conventions": "^1.29.0"
+            },
+            "engines": {
+                "node": "^18.19.0 || >=20.6.0"
+            },
+            "peerDependencies": {
+                "@opentelemetry/api": ">=1.0.0 <1.10.0"
+            }
+        },
+        "node_modules/@opentelemetry/instrumentation": {
+            "version": "0.214.0",
+            "resolved": "https://registry.npmjs.org/@opentelemetry/instrumentation/-/instrumentation-0.214.0.tgz",
+            "integrity": "sha512-MHqEX5Dk59cqVah5LiARMACku7jXSVk9iVDWOea4x3cr7VfdByeDCURK6o1lntT1JS/Tsovw01UJrBhN3/uC5w==",
+            "license": "Apache-2.0",
+            "dependencies": {
+                "@opentelemetry/api-logs": "0.214.0",
+                "import-in-the-middle": "^3.0.0",
+                "require-in-the-middle": "^8.0.0"
+            },
+            "engines": {
+                "node": "^18.19.0 || >=20.6.0"
+            },
+            "peerDependencies": {
+                "@opentelemetry/api": "^1.3.0"
+            }
+        },
+        "node_modules/@opentelemetry/resources": {
+            "version": "2.8.0",
+            "resolved": "https://registry.npmjs.org/@opentelemetry/resources/-/resources-2.8.0.tgz",
+            "integrity": "sha512-qmXQ27ilDbUK/vGMqwL8D4/rhn76C+sherM4wTbjlfknR8Nvfc/hCxjRJPhkzZzUsPiNg16SA31NxMabwttRjg==",
+            "license": "Apache-2.0",
+            "dependencies": {
+                "@opentelemetry/core": "2.8.0",
+                "@opentelemetry/semantic-conventions": "^1.29.0"
+            },
+            "engines": {
+                "node": "^18.19.0 || >=20.6.0"
+            },
+            "peerDependencies": {
+                "@opentelemetry/api": ">=1.3.0 <1.10.0"
+            }
+        },
+        "node_modules/@opentelemetry/sdk-trace-base": {
+            "version": "2.8.0",
+            "resolved": "https://registry.npmjs.org/@opentelemetry/sdk-trace-base/-/sdk-trace-base-2.8.0.tgz",
+            "integrity": "sha512-mhU4jp+vW0mGbFRd+GeXHvmfA4aDqWjBjLC3pE5XMpLs0IE2ryYb019Ts2AQrOq67gaTF25D91+fgvEHDZEnuQ==",
+            "license": "Apache-2.0",
+            "peer": true,
+            "dependencies": {
+                "@opentelemetry/core": "2.8.0",
+                "@opentelemetry/resources": "2.8.0",
+                "@opentelemetry/semantic-conventions": "^1.29.0"
+            },
+            "engines": {
+                "node": "^18.19.0 || >=20.6.0"
+            },
+            "peerDependencies": {
+                "@opentelemetry/api": ">=1.3.0 <1.10.0"
+            }
+        },
+        "node_modules/@opentelemetry/semantic-conventions": {
+            "version": "1.41.1",
+            "resolved": "https://registry.npmjs.org/@opentelemetry/semantic-conventions/-/semantic-conventions-1.41.1.tgz",
+            "integrity": "sha512-/UhIkaZgPutTFmQ7RnIJGgDXZmtEJ7Dvi86xNTFWcnRxVRNk/aotsqDJYeEvDP+FSMB2SdW+pQzNMcWP0rwuNA==",
+            "license": "Apache-2.0",
+            "engines": {
+                "node": ">=14"
+            }
+        },
         "node_modules/@oxc-minify/binding-android-arm-eabi": {
             "version": "0.112.0",
             "resolved": "https://registry.npmjs.org/@oxc-minify/binding-android-arm-eabi/-/binding-android-arm-eabi-0.112.0.tgz",
@@ -5800,6 +5950,577 @@
                 "win32"
             ]
         },
+        "node_modules/@sentry/babel-plugin-component-annotate": {
+            "version": "5.3.0",
+            "resolved": "https://registry.npmjs.org/@sentry/babel-plugin-component-annotate/-/babel-plugin-component-annotate-5.3.0.tgz",
+            "integrity": "sha512-p4q8gn8wcFqZGP/s2MnJCAAd8fTikaU6A0mM97RDHQgStcrYiaS0Sc5zUNfb1V+UOLPuvdEdL6MwyxfzjYJQTA==",
+            "license": "MIT",
+            "engines": {
+                "node": ">= 18"
+            }
+        },
+        "node_modules/@sentry/browser": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/browser/-/browser-10.61.0.tgz",
+            "integrity": "sha512-I02k3/tpCbQ+Dm3d1eA+JHVS452gY4fCTh+fT3FcfZkovB/WaeJcwc+ywQN1jpTYBRKZ1HbXXZQhEhXYvb8MkA==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/browser-utils": "10.61.0",
+                "@sentry/core": "10.61.0",
+                "@sentry/feedback": "10.61.0",
+                "@sentry/replay": "10.61.0",
+                "@sentry/replay-canvas": "10.61.0"
+            },
+            "engines": {
+                "node": ">=18"
+            }
+        },
+        "node_modules/@sentry/browser-utils": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/browser-utils/-/browser-utils-10.61.0.tgz",
+            "integrity": "sha512-kj/Qs5hz/VQPOLesgv9wq8O1z3aKSHSkyFiCSzaOthb8ARISchk8Eiukbvw9GxX2gmgsCd0L35gD6gxnhlE9ag==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/core": "10.61.0"
+            },
+            "engines": {
+                "node": ">=18"
+            }
+        },
+        "node_modules/@sentry/bundler-plugin-core": {
+            "version": "5.3.0",
+            "resolved": "https://registry.npmjs.org/@sentry/bundler-plugin-core/-/bundler-plugin-core-5.3.0.tgz",
+            "integrity": "sha512-L5T60sWdAI3qWwdg3Ptwek/0TY59PERrxyqp4XMUkroayQvGd9r5dIW9Q1kSeXX9iJ442nXbFZKAOyCKV4Z13Q==",
+            "license": "MIT",
+            "dependencies": {
+                "@babel/core": "^7.18.5",
+                "@sentry/babel-plugin-component-annotate": "5.3.0",
+                "@sentry/cli": "^2.58.5",
+                "dotenv": "^16.3.1",
+                "find-up": "^5.0.0",
+                "glob": "^13.0.6",
+                "magic-string": "~0.30.8"
+            },
+            "engines": {
+                "node": ">= 18"
+            }
+        },
+        "node_modules/@sentry/bundler-plugin-core/node_modules/dotenv": {
+            "version": "16.6.1",
+            "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.6.1.tgz",
+            "integrity": "sha512-uBq4egWHTcTt33a72vpSG0z3HnPuIl6NqYcTrKEg2azoEyl2hpW0zqlxysq2pK9HlDIHyHyakeYaYnSAwd8bow==",
+            "license": "BSD-2-Clause",
+            "engines": {
+                "node": ">=12"
+            },
+            "funding": {
+                "url": "https://dotenvx.com"
+            }
+        },
+        "node_modules/@sentry/cli": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli/-/cli-2.58.6.tgz",
+            "integrity": "sha512-baBcNPLLfUi9WuL+Tpri9BFaAdvugZIKelC5X0tt0Zdy+K0K+PCVSrnNmwMWU/HyaF/SEv6b6UHnXIdqanBlcg==",
+            "hasInstallScript": true,
+            "license": "FSL-1.1-MIT",
+            "dependencies": {
+                "https-proxy-agent": "^5.0.0",
+                "node-fetch": "^2.6.7",
+                "progress": "^2.0.3",
+                "proxy-from-env": "^1.1.0",
+                "which": "^2.0.2"
+            },
+            "bin": {
+                "sentry-cli": "bin/sentry-cli"
+            },
+            "engines": {
+                "node": ">= 10"
+            },
+            "optionalDependencies": {
+                "@sentry/cli-darwin": "2.58.6",
+                "@sentry/cli-linux-arm": "2.58.6",
+                "@sentry/cli-linux-arm64": "2.58.6",
+                "@sentry/cli-linux-i686": "2.58.6",
+                "@sentry/cli-linux-x64": "2.58.6",
+                "@sentry/cli-win32-arm64": "2.58.6",
+                "@sentry/cli-win32-i686": "2.58.6",
+                "@sentry/cli-win32-x64": "2.58.6"
+            }
+        },
+        "node_modules/@sentry/cli-darwin": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli-darwin/-/cli-darwin-2.58.6.tgz",
+            "integrity": "sha512-udAVvcyfNa0R+95GvPz/+43/N3TC0TYKdkQ7D7jhPSzbcMc7l2fxRNN5yB3UpCA5fWFnW4toeaqwDBhb/Wh3LA==",
+            "license": "FSL-1.1-MIT",
+            "optional": true,
+            "os": [
+                "darwin"
+            ],
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@sentry/cli-linux-arm": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli-linux-arm/-/cli-linux-arm-2.58.6.tgz",
+            "integrity": "sha512-pD0LAt5PcUzAinBwvDqc66x9+2CabHEv486yP0gRjWO7SakbaxmfVq/EXd8VLq/Tzi39LAu422UYK1lpW3MILw==",
+            "cpu": [
+                "arm"
+            ],
+            "license": "FSL-1.1-MIT",
+            "optional": true,
+            "os": [
+                "linux",
+                "freebsd",
+                "android"
+            ],
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@sentry/cli-linux-arm64": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli-linux-arm64/-/cli-linux-arm64-2.58.6.tgz",
+            "integrity": "sha512-q8mEcNNmeXMy5i+jWT30TVpH7LcP4HD21CD5XRSPAd/a912HF6EpK0ybf/1USO14WOhoXbAGi9txwaWabSe33g==",
+            "cpu": [
+                "arm64"
+            ],
+            "license": "FSL-1.1-MIT",
+            "optional": true,
+            "os": [
+                "linux",
+                "freebsd",
+                "android"
+            ],
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@sentry/cli-linux-i686": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli-linux-i686/-/cli-linux-i686-2.58.6.tgz",
+            "integrity": "sha512-q8vNJi1eOV/4vxAFWBsEwLHoSYapaZHIf4j76KJGJXFKTkEbsjCOOsKbwUIBTQQhRgV4DFWh3ryfsPS/que4Kg==",
+            "cpu": [
+                "x86",
+                "ia32"
+            ],
+            "license": "FSL-1.1-MIT",
+            "optional": true,
+            "os": [
+                "linux",
+                "freebsd",
+                "android"
+            ],
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@sentry/cli-linux-x64": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli-linux-x64/-/cli-linux-x64-2.58.6.tgz",
+            "integrity": "sha512-DZu956Mhi3ZRjTBe1WdbGV46ldVbA8d2rgp/fh51GsI25zjBHah4wZnPTSzpc+YqxU6pJpg579B/r3jrIK530Q==",
+            "cpu": [
+                "x64"
+            ],
+            "license": "FSL-1.1-MIT",
+            "optional": true,
+            "os": [
+                "linux",
+                "freebsd",
+                "android"
+            ],
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@sentry/cli-win32-arm64": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli-win32-arm64/-/cli-win32-arm64-2.58.6.tgz",
+            "integrity": "sha512-nj0Ff/kmAB73EPDhR8B4O9r+NUHK5GkPCkGWC+kXVemqAJWL5jcJ5KdxG0l/S0z6RoEoltID8/43/B+TaMlT7A==",
+            "cpu": [
+                "arm64"
+            ],
+            "license": "FSL-1.1-MIT",
+            "optional": true,
+            "os": [
+                "win32"
+            ],
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@sentry/cli-win32-i686": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli-win32-i686/-/cli-win32-i686-2.58.6.tgz",
+            "integrity": "sha512-WNZiDzPbgsEMQWq4avsQ391v/xWKJDIWWWo9GYl+N/w5qcYKkoDW7wQG7T9FasI6ENn68phChTOAPXXxbfAdOg==",
+            "cpu": [
+                "x86",
+                "ia32"
+            ],
+            "license": "FSL-1.1-MIT",
+            "optional": true,
+            "os": [
+                "win32"
+            ],
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@sentry/cli-win32-x64": {
+            "version": "2.58.6",
+            "resolved": "https://registry.npmjs.org/@sentry/cli-win32-x64/-/cli-win32-x64-2.58.6.tgz",
+            "integrity": "sha512-R35WJ17oF4D2eqI1DR2sQQqr0fjRTt5xoP16WrTu91XM2lndRMFsnjh+/GttbxapLCBNlrjzia99MJ0PZHZpgA==",
+            "cpu": [
+                "x64"
+            ],
+            "license": "FSL-1.1-MIT",
+            "optional": true,
+            "os": [
+                "win32"
+            ],
+            "engines": {
+                "node": ">=10"
+            }
+        },
+        "node_modules/@sentry/cli/node_modules/agent-base": {
+            "version": "6.0.2",
+            "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz",
+            "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==",
+            "license": "MIT",
+            "dependencies": {
+                "debug": "4"
+            },
+            "engines": {
+                "node": ">= 6.0.0"
+            }
+        },
+        "node_modules/@sentry/cli/node_modules/https-proxy-agent": {
+            "version": "5.0.1",
+            "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz",
+            "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==",
+            "license": "MIT",
+            "dependencies": {
+                "agent-base": "6",
+                "debug": "4"
+            },
+            "engines": {
+                "node": ">= 6"
+            }
+        },
+        "node_modules/@sentry/cli/node_modules/isexe": {
+            "version": "2.0.0",
+            "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
+            "integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==",
+            "license": "ISC"
+        },
+        "node_modules/@sentry/cli/node_modules/which": {
+            "version": "2.0.2",
+            "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
+            "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==",
+            "license": "ISC",
+            "dependencies": {
+                "isexe": "^2.0.0"
+            },
+            "bin": {
+                "node-which": "bin/node-which"
+            },
+            "engines": {
+                "node": ">= 8"
+            }
+        },
+        "node_modules/@sentry/cloudflare": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/cloudflare/-/cloudflare-10.61.0.tgz",
+            "integrity": "sha512-8Glns89u78OPI7QoWwmWmt5OL1o3fP+N76rYYunaXHMnA7XTXlBuPvbV98kPlO4lRK7v4zqgmc3wPylQTCpycA==",
+            "license": "MIT",
+            "dependencies": {
+                "@opentelemetry/api": "^1.9.1",
+                "@sentry/core": "10.61.0"
+            },
+            "engines": {
+                "node": ">=18"
+            },
+            "peerDependencies": {
+                "@cloudflare/workers-types": "^4.x"
+            },
+            "peerDependenciesMeta": {
+                "@cloudflare/workers-types": {
+                    "optional": true
+                }
+            }
+        },
+        "node_modules/@sentry/conventions": {
+            "version": "0.12.0",
+            "resolved": "https://registry.npmjs.org/@sentry/conventions/-/conventions-0.12.0.tgz",
+            "integrity": "sha512-z1JQrl/1SLY+8wpzvork6vl+fpsg/oCCxM7HWWhUnI/R+OGNyoIzieQuggX3uUMY7NBtp8UWCQx6FeFazzOF9g==",
+            "license": "MIT",
+            "engines": {
+                "node": ">=14"
+            }
+        },
+        "node_modules/@sentry/core": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/core/-/core-10.61.0.tgz",
+            "integrity": "sha512-Edg8t2w45qEKiFnjeA6zRmU47R6la5FEMG+maZEOB2oTyJ+ujmh8LGaZ3G8aC0VdkKn8CXhHtDesze6oDc1oTA==",
+            "license": "MIT",
+            "engines": {
+                "node": ">=18"
+            }
+        },
+        "node_modules/@sentry/feedback": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/feedback/-/feedback-10.61.0.tgz",
+            "integrity": "sha512-DvG5pc2BibQjdvFC75u1S5DzghcFZ/juCDb2UnRKjiWnNhiUUAweAkUv4mMednrbuOeGOgO2R3CaiqIvDrAUAw==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/core": "10.61.0"
+            },
+            "engines": {
+                "node": ">=18"
+            }
+        },
+        "node_modules/@sentry/node": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/node/-/node-10.61.0.tgz",
+            "integrity": "sha512-nct3VqOIuPBnsvqHHWkPG6Ta7QwJftxWXQzHt0+soNcWBoh5WU8hEzIPVEXzxTThJ9AOkF/df3ApWUX4i6ylqQ==",
+            "license": "MIT",
+            "dependencies": {
+                "@opentelemetry/api": "^1.9.1",
+                "@opentelemetry/instrumentation": "^0.214.0",
+                "@opentelemetry/sdk-trace-base": "^2.6.1",
+                "@opentelemetry/semantic-conventions": "^1.40.0",
+                "@sentry/core": "10.61.0",
+                "@sentry/node-core": "10.61.0",
+                "@sentry/opentelemetry": "10.61.0",
+                "@sentry/server-utils": "10.61.0",
+                "import-in-the-middle": "^3.0.0"
+            },
+            "engines": {
+                "node": ">=18"
+            }
+        },
+        "node_modules/@sentry/node-core": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/node-core/-/node-core-10.61.0.tgz",
+            "integrity": "sha512-aVSnYqaq5FXv9hX6lVGbg4gB+mVrb6QDoNE/IBq8OBR90TR9I/KU6KlWAcfB9H7I6CHnedldOpljkMAJ5eZ3qA==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/conventions": "^0.12.0",
+                "@sentry/core": "10.61.0",
+                "@sentry/opentelemetry": "10.61.0",
+                "import-in-the-middle": "^3.0.0"
+            },
+            "engines": {
+                "node": ">=18"
+            },
+            "peerDependencies": {
+                "@opentelemetry/api": "^1.9.0",
+                "@opentelemetry/core": "^1.30.1 || ^2.1.0",
+                "@opentelemetry/exporter-trace-otlp-http": ">=0.57.0 <1",
+                "@opentelemetry/instrumentation": ">=0.57.1 <1",
+                "@opentelemetry/sdk-trace-base": "^1.30.1 || ^2.1.0"
+            },
+            "peerDependenciesMeta": {
+                "@opentelemetry/api": {
+                    "optional": true
+                },
+                "@opentelemetry/core": {
+                    "optional": true
+                },
+                "@opentelemetry/exporter-trace-otlp-http": {
+                    "optional": true
+                },
+                "@opentelemetry/instrumentation": {
+                    "optional": true
+                },
+                "@opentelemetry/sdk-trace-base": {
+                    "optional": true
+                }
+            }
+        },
+        "node_modules/@sentry/nuxt": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/nuxt/-/nuxt-10.61.0.tgz",
+            "integrity": "sha512-gNwM9NtGpmxFpAMT7JWL/NaieudZGcNponxiQBots58vSg7bxTuo5uGXws6QJxslrywefPFCFz/FSjtQj3Xt6A==",
+            "license": "MIT",
+            "dependencies": {
+                "@nuxt/kit": "^3.13.2",
+                "@sentry/browser": "10.61.0",
+                "@sentry/cloudflare": "10.61.0",
+                "@sentry/core": "10.61.0",
+                "@sentry/node": "10.61.0",
+                "@sentry/node-core": "10.61.0",
+                "@sentry/rollup-plugin": "^5.3.0",
+                "@sentry/vite-plugin": "^5.3.0",
+                "@sentry/vue": "10.61.0",
+                "local-pkg": "^1.1.2"
+            },
+            "engines": {
+                "node": ">=18.19.1"
+            },
+            "peerDependencies": {
+                "nitro": "2.x || 3.x",
+                "nuxt": ">=3.7.0 || 4.x || 5.x"
+            },
+            "peerDependenciesMeta": {
+                "nitro": {
+                    "optional": true
+                }
+            }
+        },
+        "node_modules/@sentry/nuxt/node_modules/@nuxt/kit": {
+            "version": "3.21.8",
+            "resolved": "https://registry.npmjs.org/@nuxt/kit/-/kit-3.21.8.tgz",
+            "integrity": "sha512-kg63DUPY5AHPn+9XM7u8rYcdWHXjzwfUscgRDuiC5YUciQ+xdLRhdwXelYFxEAx2nxJHossliiQXbMm/Fleivw==",
+            "license": "MIT",
+            "dependencies": {
+                "c12": "^3.3.4",
+                "consola": "^3.4.2",
+                "defu": "^6.1.7",
+                "destr": "^2.0.5",
+                "errx": "^0.1.0",
+                "exsolve": "^1.0.8",
+                "ignore": "^7.0.5",
+                "jiti": "^2.7.0",
+                "klona": "^2.0.6",
+                "knitwork": "^1.3.0",
+                "mlly": "^1.8.2",
+                "ohash": "^2.0.11",
+                "pathe": "^2.0.3",
+                "pkg-types": "^2.3.1",
+                "rc9": "^3.0.1",
+                "scule": "^1.3.0",
+                "semver": "^7.8.0",
+                "tinyglobby": "^0.2.16",
+                "ufo": "^1.6.4",
+                "unctx": "^2.5.0",
+                "untyped": "^2.0.0"
+            },
+            "engines": {
+                "node": ">=18.12.0"
+            }
+        },
+        "node_modules/@sentry/opentelemetry": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/opentelemetry/-/opentelemetry-10.61.0.tgz",
+            "integrity": "sha512-wg8bY1sWPyFOVh59ThiFDeuyheD7DdQliqWmrCCa5q+PSRLij+zpmsGqjlzGU74lzj1Kvpkicw5LsO6U49b2xA==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/conventions": "^0.12.0",
+                "@sentry/core": "10.61.0"
+            },
+            "engines": {
+                "node": ">=18"
+            },
+            "peerDependencies": {
+                "@opentelemetry/api": "^1.9.0",
+                "@opentelemetry/core": "^1.30.1 || ^2.1.0",
+                "@opentelemetry/sdk-trace-base": "^1.30.1 || ^2.1.0"
+            }
+        },
+        "node_modules/@sentry/replay": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/replay/-/replay-10.61.0.tgz",
+            "integrity": "sha512-EkLaPR7A89mRGucZY9WxKLGeiRKMuNeGfIthLrs9cumUP8Smc80qxSAsF3NggRHSQEeYHDAifY/1q1qW16yvJg==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/browser-utils": "10.61.0",
+                "@sentry/core": "10.61.0"
+            },
+            "engines": {
+                "node": ">=18"
+            }
+        },
+        "node_modules/@sentry/replay-canvas": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/replay-canvas/-/replay-canvas-10.61.0.tgz",
+            "integrity": "sha512-n6QUN+qylEdKLcijpJsJ58ekY58kg0nG0dKxkD2wecKubl7B1mj/gwP35NmJOZ35vJTk/KbJeWB//finspJqYg==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/core": "10.61.0",
+                "@sentry/replay": "10.61.0"
+            },
+            "engines": {
+                "node": ">=18"
+            }
+        },
+        "node_modules/@sentry/rollup-plugin": {
+            "version": "5.3.0",
+            "resolved": "https://registry.npmjs.org/@sentry/rollup-plugin/-/rollup-plugin-5.3.0.tgz",
+            "integrity": "sha512-hgPGPYdQJ/G1cGYOxAb7d4z3V+/k/E5/P/5TFPEEBLuIbFFk+JG0CISUDJdzXJjO382Lb99PBJuXGbueBmO79w==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/bundler-plugin-core": "5.3.0",
+                "magic-string": "~0.30.8"
+            },
+            "engines": {
+                "node": ">= 18"
+            },
+            "peerDependencies": {
+                "rollup": ">=3.2.0"
+            },
+            "peerDependenciesMeta": {
+                "rollup": {
+                    "optional": true
+                }
+            }
+        },
+        "node_modules/@sentry/server-utils": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/server-utils/-/server-utils-10.61.0.tgz",
+            "integrity": "sha512-IrOyMzlOyBkWtnVYb54sALf2f8WVqyyp7woRfHw8c3IMwUr5AskGOi7k2rjmUXO3Q0UkfHNVarexiEfo8ZqTsg==",
+            "license": "MIT",
+            "dependencies": {
+                "@apm-js-collab/code-transformer": "^0.15.0",
+                "@apm-js-collab/code-transformer-bundler-plugins": "^0.5.0",
+                "@apm-js-collab/tracing-hooks": "^0.10.0",
+                "@sentry/conventions": "^0.12.0",
+                "@sentry/core": "10.61.0",
+                "magic-string": "~0.30.0"
+            },
+            "engines": {
+                "node": ">=18"
+            }
+        },
+        "node_modules/@sentry/vite-plugin": {
+            "version": "5.3.0",
+            "resolved": "https://registry.npmjs.org/@sentry/vite-plugin/-/vite-plugin-5.3.0.tgz",
+            "integrity": "sha512-qcoSzo4n2MulVQ70UUPLq6dTleb2a2HwL2wuwvAgWhPChrYTuk6A6mDg6aQb9fairPAwFPiU9PzOANpoDJcz1A==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/bundler-plugin-core": "5.3.0",
+                "@sentry/rollup-plugin": "5.3.0"
+            },
+            "engines": {
+                "node": ">= 18"
+            }
+        },
+        "node_modules/@sentry/vue": {
+            "version": "10.61.0",
+            "resolved": "https://registry.npmjs.org/@sentry/vue/-/vue-10.61.0.tgz",
+            "integrity": "sha512-3uqiphsUwdVTK2kYU7Eb2cp8eDc55mA0J7Hc7lQlgTs1VD8yevahYR/Fdp5pJR5roTXbOXTt6VMbRUtAxr0Aow==",
+            "license": "MIT",
+            "dependencies": {
+                "@sentry/browser": "10.61.0",
+                "@sentry/core": "10.61.0"
+            },
+            "engines": {
+                "node": ">=18"
+            },
+            "peerDependencies": {
+                "@tanstack/vue-router": "^1.64.0",
+                "pinia": "2.x || 3.x",
+                "vue": "2.x || 3.x"
+            },
+            "peerDependenciesMeta": {
+                "@tanstack/vue-router": {
+                    "optional": true
+                },
+                "pinia": {
+                    "optional": true
+                }
+            }
+        },
         "node_modules/@sindresorhus/is": {
             "version": "7.2.0",
             "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-7.2.0.tgz",
@@ -5879,8 +6600,7 @@
             "version": "4.3.1",
             "resolved": "https://registry.npmjs.org/@types/esrecurse/-/esrecurse-4.3.1.tgz",
             "integrity": "sha512-xJBAbDifo5hpffDBuHl0Y8ywswbiAp/Wi7Y/GtAgSlZyIABppyurxVueOPE8LUQOxdlgi6Zqce7uoEpqNTeiUw==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/@types/estree": {
             "version": "1.0.8",
@@ -5892,8 +6612,7 @@
             "version": "7.0.15",
             "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz",
             "integrity": "sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/@types/linkify-it": {
             "version": "5.0.0",
@@ -6263,6 +6982,7 @@
             "resolved": "https://registry.npmjs.org/@vue/compiler-sfc/-/compiler-sfc-3.5.29.tgz",
             "integrity": "sha512-oJZhN5XJs35Gzr50E82jg2cYdZQ78wEwvRO6Y63TvLVTc+6xICzJHP1UIecdSPPYIbkautNBanDiWYa64QSFIA==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@babel/parser": "^7.29.0",
                 "@vue/compiler-core": "3.5.29",
@@ -6512,6 +7232,7 @@
             "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.16.0.tgz",
             "integrity": "sha512-UVJyE9MttOsBQIDKw1skb9nAwQuR5wuGD3+82K6JgJlm/Y+KI92oNsMNGZCYdDsVtRHSak0pcV5Dno5+4jh9sw==",
             "license": "MIT",
+            "peer": true,
             "bin": {
                 "acorn": "bin/acorn"
             },
@@ -6551,7 +7272,6 @@
             "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
             "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "fast-deep-equal": "^3.1.1",
                 "fast-json-stable-stringify": "^2.0.0",
@@ -6798,6 +7518,15 @@
                 "url": "https://github.com/sponsors/sxzz"
             }
         },
+        "node_modules/astring": {
+            "version": "1.9.0",
+            "resolved": "https://registry.npmjs.org/astring/-/astring-1.9.0.tgz",
+            "integrity": "sha512-LElXdjswlqjWrPpJFg1Fx4wpkOCxj1TDHlSV4PlaRxHGWko024xICaa97ZkMfs6DRKlCguiAI+rbXv5GWwXIkg==",
+            "license": "MIT",
+            "bin": {
+                "astring": "bin/astring"
+            }
+        },
         "node_modules/async": {
             "version": "3.2.6",
             "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz",
@@ -6883,6 +7612,7 @@
             "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.8.2.tgz",
             "integrity": "sha512-riJjyv1/mHLIPX4RwiK+oW9/4c3TEUeORHKefKAKnZ5kyslbN+HXowtbaVEqt4IMUB7OXlfixcs6gsFeo/jhiQ==",
             "license": "Apache-2.0",
+            "peer": true,
             "peerDependencies": {
                 "bare-abort-controller": "*"
             },
@@ -7076,6 +7806,7 @@
                 }
             ],
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "baseline-browser-mapping": "^2.9.0",
                 "caniuse-lite": "^1.0.30001759",
@@ -7145,23 +7876,23 @@
             }
         },
         "node_modules/c12": {
-            "version": "3.3.3",
-            "resolved": "https://registry.npmjs.org/c12/-/c12-3.3.3.tgz",
-            "integrity": "sha512-750hTRvgBy5kcMNPdh95Qo+XUBeGo8C7nsKSmedDmaQI+E0r82DwHeM6vBewDe4rGFbnxoa4V9pw+sPh5+Iz8Q==",
+            "version": "3.3.4",
+            "resolved": "https://registry.npmjs.org/c12/-/c12-3.3.4.tgz",
+            "integrity": "sha512-cM0ApFQSBXuourJejzwv/AuPRvAxordTyParRVcHjjtXirtkzM0uK2L9TTn9s0cXZbG7E55jCivRQzoxYmRAlA==",
             "license": "MIT",
             "dependencies": {
                 "chokidar": "^5.0.0",
-                "confbox": "^0.2.2",
-                "defu": "^6.1.4",
-                "dotenv": "^17.2.3",
+                "confbox": "^0.2.4",
+                "defu": "^6.1.6",
+                "dotenv": "^17.3.1",
                 "exsolve": "^1.0.8",
-                "giget": "^2.0.0",
+                "giget": "^3.2.0",
                 "jiti": "^2.6.1",
                 "ohash": "^2.0.11",
                 "pathe": "^2.0.3",
-                "perfect-debounce": "^2.0.0",
+                "perfect-debounce": "^2.1.0",
                 "pkg-types": "^2.3.0",
-                "rc9": "^2.1.2"
+                "rc9": "^3.0.1"
             },
             "peerDependencies": {
                 "magicast": "*"
@@ -7172,38 +7903,12 @@
                 }
             }
         },
-        "node_modules/c12/node_modules/giget": {
-            "version": "2.0.0",
-            "resolved": "https://registry.npmjs.org/giget/-/giget-2.0.0.tgz",
-            "integrity": "sha512-L5bGsVkxJbJgdnwyuheIunkGatUF/zssUoxxjACCseZYAVbaqdh9Tsmmlkl8vYan09H7sbvKt4pS8GqKLBrEzA==",
-            "license": "MIT",
-            "dependencies": {
-                "citty": "^0.1.6",
-                "consola": "^3.4.0",
-                "defu": "^6.1.4",
-                "node-fetch-native": "^1.6.6",
-                "nypm": "^0.6.0",
-                "pathe": "^2.0.3"
-            },
-            "bin": {
-                "giget": "dist/cli.mjs"
-            }
-        },
-        "node_modules/c12/node_modules/rc9": {
-            "version": "2.1.2",
-            "resolved": "https://registry.npmjs.org/rc9/-/rc9-2.1.2.tgz",
-            "integrity": "sha512-btXCnMmRIBINM2LDZoEmOogIZU7Qe7zn4BpomSKZ/ykbLObuBdvG+mFq11DL6fjH1DRwHhrlgtYWG96bJiC7Cg==",
-            "license": "MIT",
-            "dependencies": {
-                "defu": "^6.1.4",
-                "destr": "^2.0.3"
-            }
-        },
         "node_modules/cac": {
             "version": "6.7.14",
             "resolved": "https://registry.npmjs.org/cac/-/cac-6.7.14.tgz",
             "integrity": "sha512-b6Ilus+c3RrdDk+JhLKUAQfzzgLEPy6wcXqS7f/xe1EETvsDP6GORG7SFuOs6cID5YkqchW/LXZbX5bc8j7ZcQ==",
             "license": "MIT",
+            "peer": true,
             "engines": {
                 "node": ">=8"
             }
@@ -7345,6 +8050,7 @@
             "resolved": "https://registry.npmjs.org/chart.js/-/chart.js-4.5.1.tgz",
             "integrity": "sha512-GIjfiT9dbmHRiYi6Nl2yFCq7kkwdkp1W/lp2J99rX0yo9tgJGn3lKQATztIjb5tVtevcBtIdICNWqlq5+E8/Pw==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@kurkle/color": "^0.3.0"
             },
@@ -7381,10 +8087,17 @@
             "resolved": "https://registry.npmjs.org/citty/-/citty-0.1.6.tgz",
             "integrity": "sha512-tskPPKEs8D2KPafUypv2gxwJP8h/OaJmC82QQGGDQcHvXX43xF2VDACcJVmZ0EuSxkpO9Kc4MlrA3q0+FG58AQ==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "consola": "^3.2.3"
             }
         },
+        "node_modules/cjs-module-lexer": {
+            "version": "2.2.0",
+            "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-2.2.0.tgz",
+            "integrity": "sha512-4bHTS2YuzUvtoLjdy+98ykbNB5jS0+07EvFNXerqZQJ89F7DI6ET7OQo/HJuW6K0aVsKA9hj9/RVb2kQVOrPDQ==",
+            "license": "MIT"
+        },
         "node_modules/classnames": {
             "version": "2.5.1",
             "resolved": "https://registry.npmjs.org/classnames/-/classnames-2.5.1.tgz",
@@ -7936,8 +8649,7 @@
             "version": "0.1.4",
             "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz",
             "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/deepmerge": {
             "version": "4.3.1",
@@ -7986,9 +8698,9 @@
             }
         },
         "node_modules/defu": {
-            "version": "6.1.4",
-            "resolved": "https://registry.npmjs.org/defu/-/defu-6.1.4.tgz",
-            "integrity": "sha512-mEQCMmwJu317oSz8CwdIOdwf3xMif1ttiM8LTufzc3g6kR+9Pe236twL8j3IYT1F7GfRgGcW6MWxzZjLIkuHIg==",
+            "version": "6.1.7",
+            "resolved": "https://registry.npmjs.org/defu/-/defu-6.1.7.tgz",
+            "integrity": "sha512-7z22QmUWiQ/2d0KkdYmANbRUVABpZ9SNYyH5vx6PZ+nE5bcC0l7uFvEfHlyld/HcGBFTL536ClDt3DEcSlEJAQ==",
             "license": "MIT"
         },
         "node_modules/delegates": {
@@ -8284,9 +8996,9 @@
             }
         },
         "node_modules/es-module-lexer": {
-            "version": "2.0.0",
-            "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-2.0.0.tgz",
-            "integrity": "sha512-5POEcUuZybH7IdmGsD8wlf0AI55wMecM9rVBTI/qEAy2c1kTOm3DjFYjrBdI2K3BaJjJYfYFeRtM0t9ssnRuxw==",
+            "version": "2.1.0",
+            "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-2.1.0.tgz",
+            "integrity": "sha512-n27zTYMjYu1aj4MjCWzSP7G9r75utsaoc8m61weK+W8JMBGGQybd43GstCXZ3WNmSFtGT9wi59qQTW6mhTR5LQ==",
             "license": "MIT"
         },
         "node_modules/es-object-atoms": {
@@ -8461,7 +9173,6 @@
             "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-9.1.2.tgz",
             "integrity": "sha512-xS90H51cKw0jltxmvmHy2Iai1LIqrfbw57b79w/J7MfvDfkIkFZ+kj6zC3BjtUwh150HsSSdxXZcsuv72miDFQ==",
             "license": "BSD-2-Clause",
-            "peer": true,
             "dependencies": {
                 "@types/esrecurse": "^4.3.1",
                 "@types/estree": "^1.0.8",
@@ -8492,7 +9203,6 @@
             "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz",
             "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": ">=10"
             },
@@ -8505,7 +9215,6 @@
             "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-5.0.1.tgz",
             "integrity": "sha512-tD40eHxA35h0PEIZNeIjkHoDR4YjjJp34biM0mDvplBe//mB+IHCqHDGV7pxF+7MklTvighcCPPZC7ynWyjdTA==",
             "license": "Apache-2.0",
-            "peer": true,
             "engines": {
                 "node": "^20.19.0 || ^22.13.0 || >=24"
             },
@@ -8518,7 +9227,6 @@
             "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz",
             "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==",
             "license": "ISC",
-            "peer": true,
             "dependencies": {
                 "is-glob": "^4.0.3"
             },
@@ -8531,7 +9239,6 @@
             "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz",
             "integrity": "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": ">= 4"
             }
@@ -8541,7 +9248,6 @@
             "resolved": "https://registry.npmjs.org/espree/-/espree-11.2.0.tgz",
             "integrity": "sha512-7p3DrVEIopW1B1avAGLuCSh1jubc01H2JHc8B4qqGblmg5gI9yumBgACjWo4JlIc04ufug4xJ3SQI8HkS/Rgzw==",
             "license": "BSD-2-Clause",
-            "peer": true,
             "dependencies": {
                 "acorn": "^8.16.0",
                 "acorn-jsx": "^5.3.2",
@@ -8559,7 +9265,6 @@
             "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-5.0.1.tgz",
             "integrity": "sha512-tD40eHxA35h0PEIZNeIjkHoDR4YjjJp34biM0mDvplBe//mB+IHCqHDGV7pxF+7MklTvighcCPPZC7ynWyjdTA==",
             "license": "Apache-2.0",
-            "peer": true,
             "engines": {
                 "node": "^20.19.0 || ^22.13.0 || >=24"
             },
@@ -8585,7 +9290,6 @@
             "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.7.0.tgz",
             "integrity": "sha512-Ap6G0WQwcU/LHsvLwON1fAQX9Zp0A2Y6Y/cJBl9r/JbW90Zyg4/zbG6zzKa2OTALELarYHmKu0GhpM5EO+7T0g==",
             "license": "BSD-3-Clause",
-            "peer": true,
             "dependencies": {
                 "estraverse": "^5.1.0"
             },
@@ -8598,7 +9302,6 @@
             "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz",
             "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==",
             "license": "BSD-2-Clause",
-            "peer": true,
             "dependencies": {
                 "estraverse": "^5.2.0"
             },
@@ -8699,8 +9402,7 @@
             "version": "3.1.3",
             "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
             "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/fast-fifo": {
             "version": "1.3.2",
@@ -8728,15 +9430,13 @@
             "version": "2.1.0",
             "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz",
             "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/fast-levenshtein": {
             "version": "2.0.6",
             "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz",
             "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/fast-npm-meta": {
             "version": "1.4.0",
@@ -8781,7 +9481,6 @@
             "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-8.0.0.tgz",
             "integrity": "sha512-XXTUwCvisa5oacNGRP9SfNtYBNAMi+RPwBFmblZEF7N7swHYQS6/Zfk7SRwx4D5j3CH211YNRco1DEMNVfZCnQ==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "flat-cache": "^4.0.0"
             },
@@ -8812,7 +9511,6 @@
             "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz",
             "integrity": "sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "locate-path": "^6.0.0",
                 "path-exists": "^4.0.0"
@@ -8829,7 +9527,6 @@
             "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-4.0.1.tgz",
             "integrity": "sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "flatted": "^3.2.9",
                 "keyv": "^4.5.4"
@@ -8842,8 +9539,7 @@
             "version": "3.4.0",
             "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.0.tgz",
             "integrity": "sha512-kC6Bb+ooptOIvWj5B63EQWkF0FEnNjV2ZNkLMLZRDDduIiWeFF4iKnslwhiWxjAdbg4NzTNo6h0qLuvFrcx+Sw==",
-            "license": "ISC",
-            "peer": true
+            "license": "ISC"
         },
         "node_modules/foreground-child": {
             "version": "3.3.1",
@@ -9025,9 +9721,9 @@
             }
         },
         "node_modules/giget": {
-            "version": "3.1.2",
-            "resolved": "https://registry.npmjs.org/giget/-/giget-3.1.2.tgz",
-            "integrity": "sha512-T2qUpKBHeUTwHcIhydgnJzhL0Hj785ms+JkxaaWQH9SDM/llXeewnOkfJcFShAHjWI+26hOChwUfCoupaXLm8g==",
+            "version": "3.3.0",
+            "resolved": "https://registry.npmjs.org/giget/-/giget-3.3.0.tgz",
+            "integrity": "sha512-gzi2D96p+AMfDcmJHGDj3KJ9NRiwvlFAU5yfa3ROwWZmFUjX4P43x3BcyRaOMMLto1vUo7C+86+MFhYTl6Ryiw==",
             "license": "MIT",
             "bin": {
                 "giget": "dist/cli.mjs"
@@ -9365,6 +10061,21 @@
             "integrity": "sha512-XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ==",
             "license": "MIT"
         },
+        "node_modules/import-in-the-middle": {
+            "version": "3.2.0",
+            "resolved": "https://registry.npmjs.org/import-in-the-middle/-/import-in-the-middle-3.2.0.tgz",
+            "integrity": "sha512-vR2B6HKIhaBjcZr2bLpFiJ1VbzOlRQ7aby4/gw5WPIzToLjqpfWw3VJ4sk1uDchoOODEirvO2jyrSPtUSL5CrQ==",
+            "license": "Apache-2.0",
+            "dependencies": {
+                "acorn": "^8.15.0",
+                "acorn-import-attributes": "^1.9.5",
+                "cjs-module-lexer": "^2.2.0",
+                "module-details-from-path": "^1.0.4"
+            },
+            "engines": {
+                "node": ">=18"
+            }
+        },
         "node_modules/impound": {
             "version": "1.1.2",
             "resolved": "https://registry.npmjs.org/impound/-/impound-1.1.2.tgz",
@@ -9382,7 +10093,6 @@
             "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz",
             "integrity": "sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": ">=0.8.19"
             }
@@ -9717,9 +10427,9 @@
             }
         },
         "node_modules/jiti": {
-            "version": "2.6.1",
-            "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.6.1.tgz",
-            "integrity": "sha512-ekilCSN1jwRvIbgeg/57YFh8qQDNbwDb9xT/qu2DAHbFFZUicIl4ygVaAvzveMhMVr3LnpSKTNnwt8PoOfmKhQ==",
+            "version": "2.7.0",
+            "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.7.0.tgz",
+            "integrity": "sha512-AC/7JofJvZGrrneWNaEnJeOLUx+JlGt7tNa0wZiRPT4MY1wmfKjt2+6O2p2uz2+skll8OZZmJMNqeke7kKbNgQ==",
             "license": "MIT",
             "bin": {
                 "jiti": "lib/jiti-cli.mjs"
@@ -9759,22 +10469,19 @@
             "version": "3.0.1",
             "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz",
             "integrity": "sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/json-schema-traverse": {
             "version": "0.4.1",
             "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
             "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/json-stable-stringify-without-jsonify": {
             "version": "1.0.1",
             "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz",
             "integrity": "sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/json5": {
             "version": "2.2.3",
@@ -9894,7 +10601,6 @@
             "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz",
             "integrity": "sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "json-buffer": "3.0.1"
             }
@@ -10155,7 +10861,6 @@
             "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz",
             "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "prelude-ls": "^1.2.1",
                 "type-check": "~0.4.0"
@@ -10264,7 +10969,6 @@
             "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz",
             "integrity": "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "p-locate": "^5.0.0"
             },
@@ -10486,6 +11190,15 @@
                 "node": ">= 8"
             }
         },
+        "node_modules/meriyah": {
+            "version": "6.1.4",
+            "resolved": "https://registry.npmjs.org/meriyah/-/meriyah-6.1.4.tgz",
+            "integrity": "sha512-Sz8FzjzI0kN13GK/6MVEsVzMZEPvOhnmmI1lU5+/1cGOiK3QUahntrNNtdVeihrO7t9JpoH75iMNXg6R6uWflQ==",
+            "license": "ISC",
+            "engines": {
+                "node": ">=18.0.0"
+            }
+        },
         "node_modules/methods": {
             "version": "1.1.2",
             "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz",
@@ -10615,9 +11328,9 @@
             "license": "MIT"
         },
         "node_modules/mlly": {
-            "version": "1.8.1",
-            "resolved": "https://registry.npmjs.org/mlly/-/mlly-1.8.1.tgz",
-            "integrity": "sha512-SnL6sNutTwRWWR/vcmCYHSADjiEesp5TGQQ0pXyLhW5IoeibRlF/CbSLailbB3CNqJUk9cVJ9dUDnbD7GrcHBQ==",
+            "version": "1.8.2",
+            "resolved": "https://registry.npmjs.org/mlly/-/mlly-1.8.2.tgz",
+            "integrity": "sha512-d+ObxMQFmbt10sretNDytwt85VrbkhhUA/JBGm1MPaWJ65Cl4wOgLaB1NYvJSZ0Ef03MMEU/0xpPMXUIQ29UfA==",
             "license": "MIT",
             "dependencies": {
                 "acorn": "^8.16.0",
@@ -10649,6 +11362,12 @@
             "integrity": "sha512-aF7yRQr/Q0O2/4pIXm6PZ5G+jAd7QS4Yu8m+WEeEHGnbo+7mE36CbLSDQiXYV8bVL3NfmdeqPJct0tUlnjVSnA==",
             "license": "MIT"
         },
+        "node_modules/module-details-from-path": {
+            "version": "1.0.4",
+            "resolved": "https://registry.npmjs.org/module-details-from-path/-/module-details-from-path-1.0.4.tgz",
+            "integrity": "sha512-EGWKgxALGMgzvxYF1UyGTy0HXX/2vHLkw6+NvDKW2jypWbHpjQuj4UMcqQWXHERJhVGKikolT06G3bcKe4fi7w==",
+            "license": "MIT"
+        },
         "node_modules/mrmime": {
             "version": "2.0.1",
             "resolved": "https://registry.npmjs.org/mrmime/-/mrmime-2.0.1.tgz",
@@ -10709,8 +11428,7 @@
             "version": "1.4.0",
             "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz",
             "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==",
-            "license": "MIT",
-            "peer": true
+            "license": "MIT"
         },
         "node_modules/negotiator": {
             "version": "0.6.3",
@@ -10946,6 +11664,7 @@
             "resolved": "https://registry.npmjs.org/nuxt/-/nuxt-4.3.1.tgz",
             "integrity": "sha512-bl+0rFcT5Ax16aiWFBFPyWcsTob19NTZaDL5P6t0MQdK63AtgS6fN6fwvwdbXtnTk6/YdCzlmuLzXhSM22h0OA==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@dxup/nuxt": "^0.3.2",
                 "@nuxt/cli": "^3.33.0",
@@ -11216,7 +11935,6 @@
             "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.4.tgz",
             "integrity": "sha512-6IpQ7mKUxRcZNLIObR0hz7lxsapSSIYNZJwXPGeF0mTVqGKFIXj1DQcMoT22S3ROcLyY/rz0PWaWZ9ayWmad9g==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "deep-is": "^0.1.3",
                 "fast-levenshtein": "^2.0.6",
@@ -11274,6 +11992,7 @@
             "resolved": "https://registry.npmjs.org/oxc-parser/-/oxc-parser-0.112.0.tgz",
             "integrity": "sha512-7rQ3QdJwobMQLMZwQaPuPYMEF2fDRZwf51lZ//V+bA37nejjKW5ifMHbbCwvA889Y4RLhT+/wLJpPRhAoBaZYw==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@oxc-project/types": "^0.112.0"
             },
@@ -11357,7 +12076,6 @@
             "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz",
             "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "yocto-queue": "^0.1.0"
             },
@@ -11373,7 +12091,6 @@
             "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz",
             "integrity": "sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "p-limit": "^3.0.2"
             },
@@ -11422,7 +12139,6 @@
             "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
             "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": ">=8"
             }
@@ -11501,9 +12217,9 @@
             "license": "ISC"
         },
         "node_modules/picomatch": {
-            "version": "4.0.3",
-            "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
-            "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+            "version": "4.0.4",
+            "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.4.tgz",
+            "integrity": "sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==",
             "license": "MIT",
             "engines": {
                 "node": ">=12"
@@ -11526,6 +12242,7 @@
             "resolved": "https://registry.npmjs.org/pinia/-/pinia-3.0.4.tgz",
             "integrity": "sha512-l7pqLUFTI/+ESXn6k3nu30ZIzW5E2WZF/LaHJEpoq6ElcLD+wduZoB2kBN19du6K/4FDpPMazY2wJr+IndBtQw==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@vue/devtools-api": "^7.7.7"
             },
@@ -11600,13 +12317,13 @@
             }
         },
         "node_modules/pkg-types": {
-            "version": "2.3.0",
-            "resolved": "https://registry.npmjs.org/pkg-types/-/pkg-types-2.3.0.tgz",
-            "integrity": "sha512-SIqCzDRg0s9npO5XQ3tNZioRY1uK06lA41ynBC1YmFTmnY6FjUjVt6s4LoADmwoig1qqD0oK8h1p/8mlMx8Oig==",
+            "version": "2.3.1",
+            "resolved": "https://registry.npmjs.org/pkg-types/-/pkg-types-2.3.1.tgz",
+            "integrity": "sha512-y+ichcgc2LrADuhLNAx8DFjVfgz91pRxfZdI3UDhxHvcVEZsenLO+7XaU5vOp0u/7V/wZ+plyuQxtrDlZJ+yeg==",
             "license": "MIT",
             "dependencies": {
-                "confbox": "^0.2.2",
-                "exsolve": "^1.0.7",
+                "confbox": "^0.2.4",
+                "exsolve": "^1.0.8",
                 "pathe": "^2.0.3"
             }
         },
@@ -11642,6 +12359,7 @@
                 }
             ],
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "nanoid": "^3.3.11",
                 "picocolors": "^1.1.1",
@@ -12185,6 +12903,7 @@
             "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-7.1.1.tgz",
             "integrity": "sha512-orRsuYpJVw8LdAwqqLykBj9ecS5/cRHlI5+nvTo8LcCKmzDmqVORXtOIYEEQuL9D4BxtA1lm5isAqzQZCoQ6Eg==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "cssesc": "^3.0.0",
                 "util-deprecate": "^1.0.2"
@@ -12235,7 +12954,6 @@
             "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz",
             "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": ">= 0.8.0"
             }
@@ -12267,6 +12985,15 @@
             "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==",
             "license": "MIT"
         },
+        "node_modules/progress": {
+            "version": "2.0.3",
+            "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz",
+            "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==",
+            "license": "MIT",
+            "engines": {
+                "node": ">=0.4.0"
+            }
+        },
         "node_modules/prosemirror-changeset": {
             "version": "2.4.1",
             "resolved": "https://registry.npmjs.org/prosemirror-changeset/-/prosemirror-changeset-2.4.1.tgz",
@@ -12407,12 +13134,17 @@
                 "prosemirror-transform": "^1.1.0"
             }
         },
+        "node_modules/proxy-from-env": {
+            "version": "1.1.0",
+            "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
+            "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
+            "license": "MIT"
+        },
         "node_modules/punycode": {
             "version": "2.3.1",
             "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
             "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": ">=6"
             }
@@ -12487,12 +13219,12 @@
             }
         },
         "node_modules/rc9": {
-            "version": "3.0.0",
-            "resolved": "https://registry.npmjs.org/rc9/-/rc9-3.0.0.tgz",
-            "integrity": "sha512-MGOue0VqscKWQ104udASX/3GYDcKyPI4j4F8gu/jHHzglpmy9a/anZK3PNe8ug6aZFl+9GxLtdhe3kVZuMaQbA==",
+            "version": "3.0.1",
+            "resolved": "https://registry.npmjs.org/rc9/-/rc9-3.0.1.tgz",
+            "integrity": "sha512-gMDyleLWVE+i6Sgtc0QbbY6pEKqYs97NGi6isHQPqYlLemPoO8dxQ3uGi0f4NiP98c+jMW6cG1Kx9dDwfvqARQ==",
             "license": "MIT",
             "dependencies": {
-                "defu": "^6.1.4",
+                "defu": "^6.1.6",
                 "destr": "^2.0.5"
             }
         },
@@ -12675,6 +13407,19 @@
                 "node": ">=0.10.0"
             }
         },
+        "node_modules/require-in-the-middle": {
+            "version": "8.0.1",
+            "resolved": "https://registry.npmjs.org/require-in-the-middle/-/require-in-the-middle-8.0.1.tgz",
+            "integrity": "sha512-QT7FVMXfWOYFbeRBF6nu+I6tr2Tf3u0q8RIEjNob/heKY/nh7drD/k7eeMFmSQgnTtCzLDcCu/XEnpW2wk4xCQ==",
+            "license": "MIT",
+            "dependencies": {
+                "debug": "^4.3.5",
+                "module-details-from-path": "^1.0.3"
+            },
+            "engines": {
+                "node": ">=9.3.0 || >=8.10.0 <9.0.0"
+            }
+        },
         "node_modules/resolve": {
             "version": "1.22.11",
             "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.11.tgz",
@@ -12783,6 +13528,7 @@
             "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.59.0.tgz",
             "integrity": "sha512-2oMpl67a3zCH9H79LeMcbDhXW/UmWG/y2zuqnF2jQq5uq9TbM9TVyXvA4+t+ne2IIkBdrLpAaRQAvo7YI/Yyeg==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@types/estree": "1.0.8"
             },
@@ -12957,10 +13703,16 @@
             "integrity": "sha512-6FtHJEvt+pVMIB9IBY+IcCJ6Z5f1iQnytgyfKMhDKgmzYG+TeH/wx1y3l27rshSbLiSanrR9ffZDrEsmjlQF2g==",
             "license": "MIT"
         },
+        "node_modules/semifies": {
+            "version": "1.0.0",
+            "resolved": "https://registry.npmjs.org/semifies/-/semifies-1.0.0.tgz",
+            "integrity": "sha512-xXR3KGeoxTNWPD4aBvL5NUpMTT7WMANr3EWnaS190QVkY52lqqcVRD7Q05UVbBhiWDGWMlJEUam9m7uFFGVScw==",
+            "license": "Apache-2.0"
+        },
         "node_modules/semver": {
-            "version": "7.7.4",
-            "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz",
-            "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==",
+            "version": "7.8.5",
+            "resolved": "https://registry.npmjs.org/semver/-/semver-7.8.5.tgz",
+            "integrity": "sha512-Y7/KDsb8LjooZpwaqGyulO6DQlksgCncchHGk+sZIY4SBvUocMBEFH5Ur1fI4dV+Jvl0w6cjvucaIi40puRioA==",
             "license": "ISC",
             "bin": {
                 "semver": "bin/semver.js"
@@ -13577,6 +14329,7 @@
             "resolved": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.4.19.tgz",
             "integrity": "sha512-3ofp+LL8E+pK/JuPLPggVAIaEuhvIz4qNcf3nA1Xn2o/7fb7s/TYpHhwGDv1ZU3PkBluUVaF8PyCHcm48cKLWQ==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@alloc/quick-lru": "^5.2.0",
                 "arg": "^5.0.2",
@@ -13819,13 +14572,13 @@
             }
         },
         "node_modules/tinyglobby": {
-            "version": "0.2.15",
-            "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.15.tgz",
-            "integrity": "sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==",
+            "version": "0.2.17",
+            "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.17.tgz",
+            "integrity": "sha512-wXR/dYpcqKmfWpEdZjiKJOwCNFndD0DMnrW/cYjVGttEkBfVgcLFHoNrlj47mjOVic9yyNu65alsgF4NQyTa2g==",
             "license": "MIT",
             "dependencies": {
                 "fdir": "^6.5.0",
-                "picomatch": "^4.0.3"
+                "picomatch": "^4.0.4"
             },
             "engines": {
                 "node": ">=12.0.0"
@@ -13917,7 +14670,6 @@
             "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz",
             "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==",
             "license": "MIT",
-            "peer": true,
             "dependencies": {
                 "prelude-ls": "^1.2.1"
             },
@@ -13985,6 +14737,7 @@
             "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz",
             "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==",
             "license": "Apache-2.0",
+            "peer": true,
             "bin": {
                 "tsc": "bin/tsc",
                 "tsserver": "bin/tsserver"
@@ -14000,9 +14753,9 @@
             "license": "MIT"
         },
         "node_modules/ufo": {
-            "version": "1.6.3",
-            "resolved": "https://registry.npmjs.org/ufo/-/ufo-1.6.3.tgz",
-            "integrity": "sha512-yDJTmhydvl5lJzBmy/hyOAA0d+aqCBuwl818haVdYCRrWV84o7YyeVm4QlVHStqNrrJSTb6jKuFAVqAFsr+K3Q==",
+            "version": "1.6.4",
+            "resolved": "https://registry.npmjs.org/ufo/-/ufo-1.6.4.tgz",
+            "integrity": "sha512-JFNbkD1Svwe0KvGi8GOeLcP4kAWQ609twvCdcHxq1oSL8svv39ZuSvajcD8B+5D0eL4+s1Is2D/O6KN3qcTeRA==",
             "license": "MIT"
         },
         "node_modules/ultrahtml": {
@@ -14426,7 +15179,6 @@
             "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz",
             "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==",
             "license": "BSD-2-Clause",
-            "peer": true,
             "dependencies": {
                 "punycode": "^2.1.0"
             }
@@ -14451,6 +15203,7 @@
             "resolved": "https://registry.npmjs.org/vite/-/vite-7.3.1.tgz",
             "integrity": "sha512-w+N7Hifpc3gRjZ63vYBXA56dvvRlNWRczTdmCBBa+CotUzAPf5b7YMdMR/8CQoeYE5LX3W4wj6RYTgonm1b9DA==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "esbuild": "^0.27.0",
                 "fdir": "^6.5.0",
@@ -14812,6 +15565,7 @@
             "resolved": "https://registry.npmjs.org/vue/-/vue-3.5.29.tgz",
             "integrity": "sha512-BZqN4Ze6mDQVNAni0IHeMJ5mwr8VAJ3MQC9FmprRhcBYENw+wOAAjRj8jfmN6FLl0j96OXbR+CjWhmAmM+QGnA==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@vue/compiler-dom": "3.5.29",
                 "@vue/compiler-sfc": "3.5.29",
@@ -14876,6 +15630,7 @@
             "resolved": "https://registry.npmjs.org/vue-i18n/-/vue-i18n-11.3.0.tgz",
             "integrity": "sha512-1J+xDfDJTLhDxElkd3+XUhT7FYSZd2b8pa7IRKGxhWH/8yt6PTvi3xmWhGwhYT5EaXdatui11pF2R6tL73/zPA==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@intlify/core-base": "11.3.0",
                 "@intlify/devtools-types": "11.3.0",
@@ -14897,6 +15652,7 @@
             "resolved": "https://registry.npmjs.org/vue-router/-/vue-router-4.6.4.tgz",
             "integrity": "sha512-Hz9q5sa33Yhduglwz6g9skT8OBPii+4bFn88w6J+J4MfEo4KRRpmiNG/hHHkdbRFlLBOqxN8y8gf2Fb0MTUgVg==",
             "license": "MIT",
+            "peer": true,
             "dependencies": {
                 "@vue/devtools-api": "^6.6.4"
             },
@@ -14955,7 +15711,6 @@
             "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.5.tgz",
             "integrity": "sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": ">=0.10.0"
             }
@@ -15136,7 +15891,6 @@
             "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz",
             "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==",
             "license": "MIT",
-            "peer": true,
             "engines": {
                 "node": ">=10"
             },
diff --git a/frontend/package.json b/frontend/package.json
index 6edf4f5..efd00ad 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -11,11 +11,12 @@
         "build:dist": "nuxt generate && rm -rf dist && cp -R .output/public dist"
     },
     "dependencies": {
-        "@malio/layer-ui": "^1.7.5",
+        "@malio/layer-ui": "^1.7.16",
         "@nuxt/icon": "^2.2.1",
         "@nuxtjs/i18n": "^10.2.3",
         "@nuxtjs/tailwindcss": "^6.14.0",
         "@pinia/nuxt": "^0.11.3",
+        "@sentry/nuxt": "^10.61.0",
         "@tailwindcss/typography": "^0.5.19",
         "@vuepic/vue-datepicker": "^12.1.0",
         "chart.js": "^4.5.1",
diff --git a/frontend/pages/admin.vue b/frontend/pages/admin.vue
index 122f652..c4a3c3f 100644
--- a/frontend/pages/admin.vue
+++ b/frontend/pages/admin.vue
@@ -1,24 +1,25 @@
 <template>
     <div>
-        <div class="sticky top-8 z-20 bg-white pb-4 sm:top-12">
-            <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">Administration</h1>
-
-            <div class="mt-6 border-b border-neutral-200 overflow-x-auto">
-                <nav class="flex gap-4 sm:gap-6">
-                    <button
-                        v-for="tab in visibleTabs"
-                        :key="tab.key"
-                        class="whitespace-nowrap px-1 pb-3 text-sm font-semibold transition"
-                        :class="activeTab === tab.key
-                            ? 'border-b-2 border-primary-500 text-primary-500'
-                            : 'text-neutral-500 hover:text-neutral-700'"
-                        @click="activeTab = tab.key"
-                    >
-                        {{ tab.label }}
-                    </button>
-                </nav>
-            </div>
-        </div>
+        <PageHeader>
+            Administration
+            <template #subheader>
+                <div class="mt-6 border-b border-neutral-200 overflow-x-auto">
+                    <nav class="flex gap-4 sm:gap-6">
+                        <button
+                            v-for="tab in visibleTabs"
+                            :key="tab.key"
+                            class="whitespace-nowrap px-1 pb-3 text-sm font-semibold transition"
+                            :class="activeTab === tab.key
+                                ? 'border-b-2 border-primary-500 text-primary-500'
+                                : 'text-neutral-500 hover:text-neutral-700'"
+                            @click="activeTab = tab.key"
+                        >
+                            {{ tab.label }}
+                        </button>
+                    </nav>
+                </div>
+            </template>
+        </PageHeader>
 
         <div>
             <AdminWorkflowTab v-if="activeTab === 'workflows'" />
diff --git a/frontend/pages/documents.vue b/frontend/pages/documents.vue
index 1a68bfe..7d8d306 100644
--- a/frontend/pages/documents.vue
+++ b/frontend/pages/documents.vue
@@ -1,9 +1,9 @@
 <template>
     <div>
-        <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">{{ $t('sharedFiles.title') }}</h1>
+        <PageHeader>{{ $t('sharedFiles.title') }}</PageHeader>
 
         <!-- Fil d'Ariane -->
-        <nav class="mt-4 flex flex-wrap items-center gap-1 text-sm text-neutral-500">
+        <nav class="flex flex-wrap items-center gap-1 text-sm text-neutral-500">
             <button class="hover:text-primary-500" @click="openPath('')">{{ $t('sharedFiles.root') }}</button>
             <template v-for="crumb in breadcrumb" :key="crumb.path">
                 <span>/</span>
@@ -12,7 +12,7 @@
         </nav>
 
         <!-- Filtre local + rechargement -->
-        <div class="mt-4 flex items-center gap-2">
+        <div class="flex items-center gap-2">
             <div class="max-w-sm flex-1">
                 <MalioInputText
                     v-model="filter"
diff --git a/frontend/pages/index.vue b/frontend/pages/index.vue
index 96b1d67..e855f09 100644
--- a/frontend/pages/index.vue
+++ b/frontend/pages/index.vue
@@ -506,39 +506,40 @@ const lineOptions = {
 
 <template>
     <div>
-        <div class="sticky top-8 z-20 bg-white pb-4 sm:top-12">
-            <h1 class="text-xl font-bold text-primary-500 sm:text-2xl">{{ $t('dashboard.title') }}</h1>
-
-            <!-- Filters -->
-            <div class="mt-4 flex flex-wrap gap-3">
-                <MalioSelect
-                    v-model="selectedPeriod"
-                    :options="periodOptions"
-                    :label="$t('dashboard.filters.period')"
-                    group-class="!w-48"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedProjectId"
-                    :options="projectOptions"
-                    :label="$t('dashboard.filters.project')"
-                    :empty-option-label="$t('dashboard.filters.allProjects')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-                <MalioSelect
-                    v-model="selectedUserId"
-                    :options="userOptions"
-                    :label="$t('dashboard.filters.user')"
-                    :empty-option-label="$t('dashboard.filters.allUsers')"
-                    group-class="!w-40"
-                    text-field="text-sm"
-                    text-value="text-sm"
-                />
-            </div>
-        </div>
+        <PageHeader>
+            {{ $t('dashboard.title') }}
+            <template #subheader>
+                <!-- Filters -->
+                <div class="mt-4 flex flex-wrap gap-3">
+                    <MalioSelect
+                        v-model="selectedPeriod"
+                        :options="periodOptions"
+                        :label="$t('dashboard.filters.period')"
+                        group-class="!w-48"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedProjectId"
+                        :options="projectOptions"
+                        :label="$t('dashboard.filters.project')"
+                        :empty-option-label="$t('dashboard.filters.allProjects')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                    <MalioSelect
+                        v-model="selectedUserId"
+                        :options="userOptions"
+                        :label="$t('dashboard.filters.user')"
+                        :empty-option-label="$t('dashboard.filters.allUsers')"
+                        group-class="!w-40"
+                        text-field="text-sm"
+                        text-value="text-sm"
+                    />
+                </div>
+            </template>
+        </PageHeader>
 
         <!-- Loading -->
         <div v-if="isLoading" class="mt-12 flex items-center justify-center">
@@ -547,7 +548,7 @@ const lineOptions = {
 
         <template v-else>
             <!-- KPI Cards -->
-            <div class="mt-6 grid grid-cols-2 gap-4 lg:grid-cols-4">
+            <div class="grid grid-cols-2 gap-4 lg:grid-cols-4">
                 <div class="rounded-xl border border-neutral-100 bg-neutral-50 p-5">
                     <p class="text-xs font-medium uppercase tracking-wider text-neutral-400">
                         {{ $t('dashboard.stats.hoursPeriod') }}
diff --git a/frontend/public/LOGO_CARRE.png b/frontend/public/LOGO_CARRE.png
deleted file mode 100644
index 9ff58fd..0000000
Binary files a/frontend/public/LOGO_CARRE.png and /dev/null differ
diff --git a/frontend/public/LOGO_MALIO.png b/frontend/public/LOGO_MALIO.png
new file mode 100644
index 0000000..cb5ba46
Binary files /dev/null and b/frontend/public/LOGO_MALIO.png differ
diff --git a/frontend/public/LOGO_MALIO_COLLAPSED.png b/frontend/public/LOGO_MALIO_COLLAPSED.png
new file mode 100644
index 0000000..3a3d052
Binary files /dev/null and b/frontend/public/LOGO_MALIO_COLLAPSED.png differ
diff --git a/frontend/sentry.client.config.ts b/frontend/sentry.client.config.ts
new file mode 100644
index 0000000..91e1f8d
--- /dev/null
+++ b/frontend/sentry.client.config.ts
@@ -0,0 +1,18 @@
+import * as Sentry from '@sentry/nuxt'
+
+// Init Sentry cote client (SPA). Le DSN provient du build prod (NUXT_PUBLIC_SENTRY_DSN).
+// Si le DSN est vide (dev), Sentry.init est un no-op : rien n'est envoye.
+const config = useRuntimeConfig()
+const dsn = config.public.sentry?.dsn
+
+if (dsn) {
+    Sentry.init({
+        dsn,
+        environment: config.public.sentry?.environment,
+        // Pas d'APM/tracing (hors perimetre ticket #146) : on ne remonte que les erreurs.
+        tracesSampleRate: 0,
+        // Pas de session replay (volume).
+        replaysSessionSampleRate: 0,
+        replaysOnErrorSampleRate: 0,
+    })
+}
diff --git a/frontend/shared/stores/ui.ts b/frontend/shared/stores/ui.ts
index e61499b..2480417 100644
--- a/frontend/shared/stores/ui.ts
+++ b/frontend/shared/stores/ui.ts
@@ -1,6 +1,5 @@
 export const useUiStore = defineStore('ui', () => {
     const sidebarCollapsed = ref(false)
-    const sidebarOpen = ref(false)
     const darkMode = ref(false)
 
     if (import.meta.client) {
@@ -45,13 +44,5 @@ export const useUiStore = defineStore('ui', () => {
         sidebarCollapsed.value = !sidebarCollapsed.value
     }
 
-    function openMobileSidebar() {
-        sidebarOpen.value = true
-    }
-
-    function closeMobileSidebar() {
-        sidebarOpen.value = false
-    }
-
-    return { sidebarCollapsed, sidebarOpen, darkMode, toggleSidebar, openMobileSidebar, closeMobileSidebar, toggleDarkMode }
+    return { sidebarCollapsed, darkMode, toggleSidebar, toggleDarkMode }
 })
diff --git a/infra/prod/Dockerfile b/infra/prod/Dockerfile
index 4127e78..8f1194c 100644
--- a/infra/prod/Dockerfile
+++ b/infra/prod/Dockerfile
@@ -29,10 +29,26 @@ COPY frontend/package.json frontend/package-lock.json ./
 RUN npm ci
 
 COPY frontend/ ./
+
+# Sentry / GlitchTip (front) — fourni au BUILD :
+#  - NUXT_PUBLIC_SENTRY_DSN est bake dans le bundle statique (SPA generee).
+#  - SENTRY_URL/ORG/PROJECT/AUTH_TOKEN servent a uploader les source maps.
+# Si NUXT_PUBLIC_SENTRY_DSN est vide, le module Sentry n'est pas charge (no-op).
+ARG NUXT_PUBLIC_SENTRY_DSN=""
+ARG SENTRY_URL=""
+ARG SENTRY_ORG=""
+ARG SENTRY_PROJECT=""
+ARG SENTRY_AUTH_TOKEN=""
+
 ENV CI=1 \
     NUXT_TELEMETRY_DISABLED=1 \
     NUXT_PUBLIC_API_BASE=/api \
-    NUXT_PUBLIC_APP_BASE=/
+    NUXT_PUBLIC_APP_BASE=/ \
+    NUXT_PUBLIC_SENTRY_DSN=$NUXT_PUBLIC_SENTRY_DSN \
+    SENTRY_URL=$SENTRY_URL \
+    SENTRY_ORG=$SENTRY_ORG \
+    SENTRY_PROJECT=$SENTRY_PROJECT \
+    SENTRY_AUTH_TOKEN=$SENTRY_AUTH_TOKEN
 RUN npm run generate
 
 # --- Stage 3: Production image ---
@@ -40,10 +56,15 @@ FROM php:8.4-fpm AS production
 
 RUN apt-get update && apt-get install -y \
         libicu-dev libpq-dev libpng-dev libzip-dev libxml2-dev \
-        nginx supervisor smbclient \
+        nginx supervisor smbclient ca-certificates \
     && docker-php-ext-install -j$(nproc) intl pdo_pgsql zip gd opcache \
     && rm -rf /var/lib/apt/lists/*
 
+# CA racine interne MALIO (auto-signée) — permet au SDK Sentry/HttpClient de
+# joindre les services HTTPS internes (ex. GlitchTip sur logs.malio-dev.fr).
+COPY infra/prod/malio-dev-root-ca.crt /usr/local/share/ca-certificates/malio-dev-root-ca.crt
+RUN update-ca-certificates
+
 # PHP production config
 RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"
 
diff --git a/infra/prod/deploy.sh b/infra/prod/deploy.sh
index a4ab798..a0f6358 100755
--- a/infra/prod/deploy.sh
+++ b/infra/prod/deploy.sh
@@ -37,6 +37,14 @@ echo "==> Clearing cache..."
 sudo docker compose exec -T -u www-data app php bin/console cache:clear --env=prod
 sudo docker compose exec -T -u www-data app php bin/console cache:warmup --env=prod
 
+echo "==> Checking error tracking (GlitchTip)..."
+SENTRY_DSN_VALUE="$(sudo docker compose exec -T app printenv SENTRY_DSN 2>/dev/null || true)"
+if [ -n "${SENTRY_DSN_VALUE}" ]; then
+  echo "    SENTRY_DSN detecte — erreurs backend envoyees a GlitchTip."
+else
+  echo "    SENTRY_DSN absent/vide — error tracking backend desactive (ajouter SENTRY_DSN dans .env)."
+fi
+
 echo "==> Disabling maintenance mode..."
 rm -f maintenance.on
 
diff --git a/infra/prod/docker-compose.yml b/infra/prod/docker-compose.yml
index 092d703..e0dd309 100644
--- a/infra/prod/docker-compose.yml
+++ b/infra/prod/docker-compose.yml
@@ -2,6 +2,10 @@ services:
   app:
     image: gitea.malio.fr/malio-dev/lesstime:${LESSTIME_IMAGE_TAG:-latest}
     container_name: lesstime-app
+    # Error tracking backend → GlitchTip : ajouter `SENTRY_DSN=...` (projet
+    # GlitchTip "lesstime-api") dans ce fichier .env. Vide/absent => Sentry inerte.
+    # (Le DSN FRONT et l'upload des source maps sont fournis au BUILD de l'image,
+    #  pas ici — voir infra/prod/Dockerfile + .gitea/workflows/build-docker.yml.)
     env_file: .env
     ports:
       - "8081:80"
diff --git a/infra/prod/malio-dev-root-ca.crt b/infra/prod/malio-dev-root-ca.crt
new file mode 100644
index 0000000..087d73d
--- /dev/null
+++ b/infra/prod/malio-dev-root-ca.crt
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFZzCCA0+gAwIBAgIUOiZigxwgIgtLipnLnu4eSgItc5MwDQYJKoZIhvcNAQEL
+BQAwQzELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU1BTElPLURFVjEgMB4GA1UEAwwX
+TUFMSU8tREVWIExvY2FsIFJvb3QgQ0EwHhcNMjYwNjI1MTYxMjIwWhcNMzYwNjIy
+MTYxMjIwWjBDMQswCQYDVQQGEwJGUjESMBAGA1UECgwJTUFMSU8tREVWMSAwHgYD
+VQQDDBdNQUxJTy1ERVYgTG9jYWwgUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBALqHXVWEae9aKtveLfSpxYy9RS0Aslw2Ls9+LWI33lpMRs02
+QssE9wquf3WGjz8NnHUWl5RM0QHC0DOCCddcbnRBciDRJeTaU43IGdNg+TSY+7aM
+3t/jysZrpc/eu/udlIs7npCPaOGnRiuGN68Fkf9Q70FtmaASpusUe7J3jKDinznr
+R2hARplO4OF01tFauu039A4yudLrZTUFTldicuZ6a5U3NhajgfNZA+pyJqvL3tLT
+lXG3KupPD9BsbWe4zSM96CmyHM22QNlcL+M5XG5+EtDtM07tkDcyxFOsREjQHvSQ
+NH+7h6G/QBHHKkYJhdyiuvpj6b5tEJBM2PVgy1T2JX5TuOBOLx6HvHLbNjUY/JI5
+0sIjnHbeybQCOfnKNAwidtnqjAfVg+XJ9UZCiGJOeRJOdN5isvvqEKydsX4ouCTj
+89kwBbfCJeCS6BiadvNFUwnM0PksV0ovnOiUEEAPHRiP74jZ3IvH95BEwiZzyLpy
+tXiJMW7cJMaqlT3jNwq3P00irfrpJNy4S1Mg2cBQh5ucv+PcMBfQT8YiarzlTQJo
+saksh/2C43WH+qIFAL2aeD+rKReVBZcGa1XOBI8FUJTu3rLd37+iS4N2BUKq4fWo
+FttuX5NOfeU3BRDLlCJ2AXau7o0czVy896R9iZTfBJC95QWD07PdHgoctuexAgMB
+AAGjUzBRMB0GA1UdDgQWBBRNU0WsMg/pqo5XF/WXx78GrAzD5TAfBgNVHSMEGDAW
+gBRNU0WsMg/pqo5XF/WXx78GrAzD5TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
+DQEBCwUAA4ICAQBFXsuT7Rm2oJBlWT/RsJtmWr95NoFLHovVDycgM8Vjm+E8hv/m
+AcSjPjZDmXQLOrN31T/XUAs0nURHxSFgVzdIKpq2gOlGgHkZRMAW/iTON9Cqjn81
+Arjp5fjAJyFkoCiT3eTOElpteF4NhL8xMFaOg1Y2CEfOYO9OZR7Z38HdB6IArVwr
+W3Dxq3DPtarCeo1k8SHJmJzUduYCltV8urB43gIiI2Hqd7aAlpkTfDhruKxxr7sJ
+3/TpemJDCN9m8XMv2QvxqpMwH6EXg/7oqit5k0MvD445f3xt9vZydmV/x6F7u/A/
+gJitN+ixA4AKv7Lw210vaupiChqdY+78TXgLoPJ2/l2QPWG/R7Fb4yNZ2rEd6lyt
+KLPxHDcdZetFnyqyaoB2SNtLx9hNUE5G3udU6DkNhDfQlDhqEG4f7GAInOu/cMWE
+2uiIUEjcGSLM+XrrTFRc1tdXy6hnu+sw5ckvhwJ+kjah/pVGz21/y5a0p42AUznI
+iN7HBV8YaSkeJLvBPnfakUAat1R98e0l72DucHe8RF44NmZCywpaUBsTpNy+bO2f
+atqp4/ZEGJJlJ38rLv9bAuwr6d8x6T+m0oHknqtJHcWfO0kr4l3Lxsd8mRpGgmBe
+zOjqjrat4vSc04Rqic4UV2IEoWCiSS/TSiBx8JAB6Ck0+YR9dUgXVQsFFg==
+-----END CERTIFICATE-----
diff --git a/migrations/Version20260626153721.php b/migrations/Version20260626153721.php
new file mode 100644
index 0000000..9cbc873
--- /dev/null
+++ b/migrations/Version20260626153721.php
@@ -0,0 +1,31 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Adds a soft-delete flag on user. Deleting a user now archives it instead of
+ * removing the row, preserving referential integrity (tasks, time entries,
+ * notifications…). Existing users are kept active (archived = false).
+ */
+final class Version20260626153721 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return 'Add archived flag on user (soft delete)';
+    }
+
+    public function up(Schema $schema): void
+    {
+        $this->addSql('ALTER TABLE "user" ADD archived BOOLEAN DEFAULT false NOT NULL');
+    }
+
+    public function down(Schema $schema): void
+    {
+        $this->addSql('ALTER TABLE "user" DROP archived');
+    }
+}
diff --git a/phpunit.dist.xml b/phpunit.dist.xml
index 817239b..d90d6fb 100644
--- a/phpunit.dist.xml
+++ b/phpunit.dist.xml
@@ -13,6 +13,10 @@
     <php>
         <ini name="display_errors" value="1" />
         <ini name="error_reporting" value="-1" />
+        <!-- API Platform's serializer/metadata boot is memory-hungry on the first
+             call in a process (cold phpdoc + serializer metadata). 128M is too
+             tight for non-paginated collections such as GET /api/users. -->
+        <ini name="memory_limit" value="512M" />
         <server name="APP_ENV" value="test" force="true" />
         <server name="SHELL_VERBOSITY" value="-1" />
         <server name="KERNEL_CLASS" value="App\Kernel" />
diff --git a/src/Command/RestoreMissingUsersCommand.php b/src/Command/RestoreMissingUsersCommand.php
new file mode 100644
index 0000000..7a0e3e6
--- /dev/null
+++ b/src/Command/RestoreMissingUsersCommand.php
@@ -0,0 +1,139 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Command;
+
+use App\Module\Core\Domain\Entity\User;
+use Doctrine\DBAL\Connection;
+use Symfony\Component\Console\Attribute\AsCommand;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Style\SymfonyStyle;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+
+use function sprintf;
+
+/**
+ * Recreates user rows that are still referenced by other tables but no longer
+ * exist (legacy hard-deletes performed before the foreign keys enforced
+ * ON DELETE SET NULL / CASCADE). Recreated accounts are archived: their data
+ * (tasks, time entries, notifications…) is preserved and references become
+ * valid again, fixing the serialization crash (EntityNotFoundException), but
+ * the accounts cannot log in and are hidden from selectable user lists.
+ *
+ * Idempotent and non-destructive — nothing is deleted.
+ */
+#[AsCommand(
+    name: 'app:restore-missing-users',
+    description: 'Recreate (as archived) users that are still referenced but were hard-deleted, to restore referential integrity',
+)]
+final class RestoreMissingUsersCommand extends Command
+{
+    public function __construct(
+        private readonly Connection $connection,
+        private readonly UserPasswordHasherInterface $passwordHasher,
+    ) {
+        parent::__construct();
+    }
+
+    protected function configure(): void
+    {
+        $this->addOption('dry-run', null, InputOption::VALUE_NONE, 'List missing user ids without recreating them');
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output): int
+    {
+        $io     = new SymfonyStyle($input, $output);
+        $dryRun = (bool) $input->getOption('dry-run');
+
+        // 1. Discover every (table, column) that references "user" via a foreign key.
+        $references = $this->connection->fetchAllAssociative(<<<'SQL'
+            SELECT t.relname AS child_table, a.attname AS child_col
+            FROM pg_constraint c
+            JOIN pg_class t ON t.oid = c.conrelid
+            JOIN pg_class rt ON rt.oid = c.confrelid
+            JOIN unnest(c.conkey) WITH ORDINALITY AS k(attnum, ord) ON true
+            JOIN pg_attribute a ON a.attrelid = c.conrelid AND a.attnum = k.attnum
+            WHERE c.contype = 'f' AND rt.relname = 'user'
+            ORDER BY t.relname, a.attname
+            SQL);
+
+        // 2. Collect distinct orphan ids across all those columns.
+        $missingIds = [];
+        foreach ($references as $ref) {
+            $table = $ref['child_table'];
+            $col   = $ref['child_col'];
+
+            $ids = $this->connection->fetchFirstColumn(sprintf(
+                'SELECT DISTINCT %1$s FROM %2$s WHERE %1$s IS NOT NULL AND %1$s NOT IN (SELECT id FROM "user")',
+                $this->connection->quoteIdentifier($col),
+                $this->connection->quoteIdentifier($table),
+            ));
+
+            foreach ($ids as $id) {
+                $missingIds[(int) $id] = true;
+            }
+        }
+
+        $missingIds = array_keys($missingIds);
+        sort($missingIds);
+
+        $io->section(sprintf('%d foreign-key column(s) scanned', count($references)));
+
+        if ([] === $missingIds) {
+            $io->success('No missing users referenced. Nothing to restore.');
+
+            return Command::SUCCESS;
+        }
+
+        $io->writeln(sprintf('Missing user id(s): %s', implode(', ', $missingIds)));
+
+        if ($dryRun) {
+            $io->note('Dry run — no user recreated.');
+
+            return Command::SUCCESS;
+        }
+
+        // 3. Recreate each missing user as an archived placeholder, preserving its id.
+        $hash    = $this->passwordHasher->hashPassword(new User(), bin2hex(random_bytes(16)));
+        $created = 0;
+
+        foreach ($missingIds as $id) {
+            $inserted = $this->connection->executeStatement(
+                <<<'SQL'
+                    INSERT INTO "user"
+                        (id, username, first_name, last_name, roles, password, created_at,
+                         is_employee, work_time_ratio, annual_leave_days, reference_period_start,
+                         initial_leave_balance, archived)
+                    VALUES
+                        (:id, :username, :firstName, :lastName, :roles, :password, NOW(),
+                         false, 1.0, 25.0, '06-01', 0.0, true)
+                    ON CONFLICT (id) DO NOTHING
+                    SQL,
+                [
+                    'id'        => $id,
+                    'username'  => sprintf('deleted-user-%d', $id),
+                    'firstName' => 'Compte',
+                    'lastName'  => sprintf('supprimé #%d', $id),
+                    'roles'     => json_encode(['ROLE_USER'], JSON_THROW_ON_ERROR),
+                    'password'  => $hash,
+                ],
+            );
+
+            // ON CONFLICT may have skipped an already-present row — only count real inserts.
+            if ($inserted > 0) {
+                ++$created;
+                $io->writeln(sprintf('  ✓ user #%d recreated (archived)', $id));
+            } else {
+                $io->writeln(sprintf('  • user #%d already present — skipped', $id));
+            }
+        }
+
+        $io->success(sprintf('%d user(s) restored as archived. References are valid again — no data lost.', $created));
+
+        return Command::SUCCESS;
+    }
+}
diff --git a/src/Module/Core/Domain/Entity/User.php b/src/Module/Core/Domain/Entity/User.php
index 45b940e..e0a8d1b 100644
--- a/src/Module/Core/Domain/Entity/User.php
+++ b/src/Module/Core/Domain/Entity/User.php
@@ -4,6 +4,8 @@ declare(strict_types=1);
 
 namespace App\Module\Core\Domain\Entity;
 
+use ApiPlatform\Doctrine\Orm\Filter\BooleanFilter;
+use ApiPlatform\Metadata\ApiFilter;
 use ApiPlatform\Metadata\ApiProperty;
 use ApiPlatform\Metadata\ApiResource;
 use ApiPlatform\Metadata\Delete;
@@ -13,6 +15,7 @@ use ApiPlatform\Metadata\Patch;
 use ApiPlatform\Metadata\Post;
 use App\Module\Core\Domain\Enum\ContractType;
 use App\Module\Core\Infrastructure\ApiPlatform\State\MeProvider;
+use App\Module\Core\Infrastructure\ApiPlatform\State\Processor\UserArchiveProcessor;
 use App\Module\Core\Infrastructure\ApiPlatform\State\Processor\UserRbacProcessor;
 use App\Module\Core\Infrastructure\ApiPlatform\State\UserPasswordHasherProcessor;
 use App\Module\Core\Infrastructure\Doctrine\DoctrineUserRepository;
@@ -47,7 +50,7 @@ use Symfony\Component\Serializer\Attribute\Groups;
         ),
         new Post(security: "is_granted('ROLE_ADMIN')", processor: UserPasswordHasherProcessor::class),
         new Patch(security: "is_granted('ROLE_ADMIN')", processor: UserPasswordHasherProcessor::class),
-        new Delete(security: "is_granted('ROLE_ADMIN')"),
+        new Delete(security: "is_granted('ROLE_ADMIN')", processor: UserArchiveProcessor::class),
         new Get(
             uriTemplate: '/users/{id}/rbac',
             security: "is_granted('core.users.manage')",
@@ -63,6 +66,9 @@ use Symfony\Component\Serializer\Attribute\Groups;
     ],
     denormalizationContext: ['groups' => ['user:write']],
 )]
+// Archived users are hidden from the default /users collection by
+// ExcludeArchivedUserExtension; an admin can still list them with ?archived=true.
+#[ApiFilter(BooleanFilter::class, properties: ['archived'])]
 #[Auditable]
 #[ORM\Entity(repositoryClass: DoctrineUserRepository::class)]
 #[ORM\Table(name: '`user`')]
@@ -111,6 +117,16 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface, SharedU
     #[ORM\Column(length: 255, nullable: true)]
     private ?string $avatarFileName = null;
 
+    /**
+     * Soft-delete flag. Archived users are kept for referential integrity
+     * (tasks, time entries, notifications…) but cannot log in and are hidden
+     * from selectable user lists.
+     */
+    #[ORM\Column(options: ['default' => false])]
+    #[ApiProperty(security: "is_granted('ROLE_ADMIN')")]
+    #[Groups(['me:read', 'user:list', 'user:write'])]
+    private bool $archived = false;
+
     // --- HR / absence management fields (readable only by an admin or the user themselves) ---
 
     /** Whether this user is an employee subject to absence management. */
@@ -228,6 +244,18 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface, SharedU
         return (string) $this->username;
     }
 
+    public function isArchived(): bool
+    {
+        return $this->archived;
+    }
+
+    public function setArchived(bool $archived): static
+    {
+        $this->archived = $archived;
+
+        return $this;
+    }
+
     /** @return list<string> */
     public function getRoles(): array
     {
diff --git a/src/Module/Core/Infrastructure/ApiPlatform/Extension/ExcludeArchivedUserExtension.php b/src/Module/Core/Infrastructure/ApiPlatform/Extension/ExcludeArchivedUserExtension.php
new file mode 100644
index 0000000..a3b27a6
--- /dev/null
+++ b/src/Module/Core/Infrastructure/ApiPlatform/Extension/ExcludeArchivedUserExtension.php
@@ -0,0 +1,49 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Core\Infrastructure\ApiPlatform\Extension;
+
+use ApiPlatform\Doctrine\Orm\Extension\QueryCollectionExtensionInterface;
+use ApiPlatform\Doctrine\Orm\Util\QueryNameGeneratorInterface;
+use ApiPlatform\Metadata\Operation;
+use App\Module\Core\Domain\Entity\User;
+use Doctrine\ORM\QueryBuilder;
+use Symfony\Bundle\SecurityBundle\Security;
+
+use function array_key_exists;
+
+/**
+ * Hides archived (soft-deleted) users from the `/users` collection so they are
+ * no longer offered as assignees/collaborators, while existing references to
+ * them (already stored on tasks, time entries…) keep resolving normally.
+ *
+ * An admin can opt back in to see archived users — e.g. to restore one — by
+ * passing the `archived` query filter explicitly (`?archived=true`), in which
+ * case the BooleanFilter declared on User handles the predicate instead.
+ */
+final readonly class ExcludeArchivedUserExtension implements QueryCollectionExtensionInterface
+{
+    public function __construct(private Security $security) {}
+
+    public function applyToCollection(
+        QueryBuilder $queryBuilder,
+        QueryNameGeneratorInterface $queryNameGenerator,
+        string $resourceClass,
+        ?Operation $operation = null,
+        array $context = [],
+    ): void {
+        if (User::class !== $resourceClass) {
+            return;
+        }
+
+        // Let an admin explicitly query archived users via ?archived=...
+        $filters = $context['filters'] ?? [];
+        if (array_key_exists('archived', $filters) && $this->security->isGranted('ROLE_ADMIN')) {
+            return;
+        }
+
+        $alias = $queryBuilder->getRootAliases()[0];
+        $queryBuilder->andWhere(sprintf('%s.archived = false', $alias));
+    }
+}
diff --git a/src/Module/Core/Infrastructure/ApiPlatform/State/Processor/UserArchiveProcessor.php b/src/Module/Core/Infrastructure/ApiPlatform/State/Processor/UserArchiveProcessor.php
new file mode 100644
index 0000000..2bc7257
--- /dev/null
+++ b/src/Module/Core/Infrastructure/ApiPlatform/State/Processor/UserArchiveProcessor.php
@@ -0,0 +1,53 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Core\Infrastructure\ApiPlatform\State\Processor;
+
+use ApiPlatform\Metadata\Operation;
+use ApiPlatform\State\ProcessorInterface;
+use App\Module\Core\Domain\Entity\User;
+use Doctrine\ORM\EntityManagerInterface;
+use Symfony\Bundle\SecurityBundle\Security;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+
+use function assert;
+
+/**
+ * Soft-delete processor wired on the User `Delete` operation: instead of
+ * removing the row (which would orphan every task / time entry / notification
+ * referencing it and break their serialization), the user is archived. The
+ * account is kept for referential integrity but can no longer log in
+ * (ArchivedUserChecker) and is hidden from selectable user lists
+ * (ExcludeArchivedUserExtension).
+ *
+ * @implements ProcessorInterface<User, null|User>
+ */
+final readonly class UserArchiveProcessor implements ProcessorInterface
+{
+    public function __construct(
+        private EntityManagerInterface $em,
+        private Security $security,
+    ) {}
+
+    public function process(mixed $data, Operation $operation, array $uriVariables = [], array $context = []): ?User
+    {
+        assert($data instanceof User);
+
+        // Prevent an admin from archiving (locking out) their own account.
+        $current = $this->security->getUser();
+        if ($current instanceof User && $current->getId() === $data->getId()) {
+            throw new AccessDeniedHttpException('You cannot archive your own account.');
+        }
+
+        if ($data->isArchived()) {
+            return null;
+        }
+
+        $data->setArchived(true);
+        $data->setApiToken(null);
+        $this->em->flush();
+
+        return null;
+    }
+}
diff --git a/src/Module/Core/Infrastructure/Security/ArchivedUserChecker.php b/src/Module/Core/Infrastructure/Security/ArchivedUserChecker.php
new file mode 100644
index 0000000..7d31a22
--- /dev/null
+++ b/src/Module/Core/Infrastructure/Security/ArchivedUserChecker.php
@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Module\Core\Infrastructure\Security;
+
+use App\Module\Core\Domain\Entity\User;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
+use Symfony\Component\Security\Core\User\UserCheckerInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+/**
+ * Rejects authentication for archived (soft-deleted) users, both at password
+ * login and on every JWT-authenticated request, so an archived account is
+ * effectively locked out while its data is preserved.
+ */
+final class ArchivedUserChecker implements UserCheckerInterface
+{
+    public function checkPreAuth(UserInterface $user, ?TokenInterface $token = null): void
+    {
+        if ($user instanceof User && $user->isArchived()) {
+            throw new CustomUserMessageAccountStatusException('This account has been archived.');
+        }
+    }
+
+    public function checkPostAuth(UserInterface $user, ?TokenInterface $token = null): void {}
+}
diff --git a/src/Shared/Infrastructure/Mcp/Serializer.php b/src/Shared/Infrastructure/Mcp/Serializer.php
index 21e3fbc..6f2dd65 100644
--- a/src/Shared/Infrastructure/Mcp/Serializer.php
+++ b/src/Shared/Infrastructure/Mcp/Serializer.php
@@ -23,11 +23,13 @@ use App\Module\ProjectManagement\Domain\Entity\TaskPriority;
 use App\Module\ProjectManagement\Domain\Entity\TaskStatus;
 use App\Module\ProjectManagement\Domain\Entity\TaskTag;
 use App\Module\TimeTracking\Domain\Entity\TimeEntry;
+use App\Shared\Domain\Contract\ClientInterface;
 use App\Shared\Domain\Contract\ProjectInterface;
 use App\Shared\Domain\Contract\TaskInterface;
 use App\Shared\Domain\Contract\TaskTagInterface;
 use App\Shared\Domain\Contract\UserInterface;
 use Doctrine\Common\Collections\Collection;
+use Doctrine\ORM\EntityNotFoundException;
 
 /**
  * Shared serialization helpers for MCP tools.
@@ -59,11 +61,8 @@ final class Serializer
             'name'        => $project->getName(),
             'description' => $project->getDescription(),
             'color'       => $project->getColor(),
-            'client'      => $project->getClient() ? [
-                'id'   => $project->getClient()->getId(),
-                'name' => $project->getClient()->getName(),
-            ] : null,
-            'archived' => $project->isArchived(),
+            'client'      => self::clientRef($project->getClient()),
+            'archived'    => $project->isArchived(),
         ];
     }
 
@@ -516,4 +515,31 @@ final class Serializer
             'initialLeaveBalance'  => $u->getInitialLeaveBalance(),
         ];
     }
+
+    /**
+     * Safely serialize a project's client reference.
+     *
+     * The client association uses ON DELETE SET NULL, but a stale row may leave
+     * a dangling foreign key (e.g. data imported with the constraint disabled).
+     * In that case Doctrine returns an uninitialized proxy whose hydration
+     * throws EntityNotFoundException; we treat such a reference as absent rather
+     * than letting it crash the whole tool.
+     *
+     * @return null|array{id: ?int, name: ?string}
+     */
+    private static function clientRef(?ClientInterface $client): ?array
+    {
+        if (null === $client) {
+            return null;
+        }
+
+        try {
+            return [
+                'id'   => $client->getId(),
+                'name' => $client->getName(),
+            ];
+        } catch (EntityNotFoundException) {
+            return null;
+        }
+    }
 }
diff --git a/symfony.lock b/symfony.lock
index a2732c8..734be89 100644
--- a/symfony.lock
+++ b/symfony.lock
@@ -124,6 +124,15 @@
             "bin/phpunit"
         ]
     },
+    "sentry/sentry-symfony": {
+        "version": "5.10",
+        "recipe": {
+            "repo": "github.com/symfony/recipes-contrib",
+            "branch": "main",
+            "version": "5.0",
+            "ref": "aac2bc5220e9ab5b9e3838a7a4da90e7f74e6148"
+        }
+    },
     "symfony/console": {
         "version": "8.0",
         "recipe": {
diff --git a/tests/Functional/Module/Core/UserArchiveApiTest.php b/tests/Functional/Module/Core/UserArchiveApiTest.php
new file mode 100644
index 0000000..5d0de72
--- /dev/null
+++ b/tests/Functional/Module/Core/UserArchiveApiTest.php
@@ -0,0 +1,145 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Functional\Module\Core;
+
+use App\Module\Core\Domain\Entity\User;
+use Doctrine\ORM\EntityManagerInterface;
+use Symfony\Bundle\FrameworkBundle\KernelBrowser;
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+
+/**
+ * Covers the soft-delete behaviour: deleting a user archives it (the row is
+ * kept so referencing tasks/time entries still serialize), archived users are
+ * hidden from the default collection but an admin can list and restore them.
+ *
+ * @internal
+ */
+final class UserArchiveApiTest extends WebTestCase
+{
+    public function testDeleteArchivesUserInsteadOfRemovingIt(): void
+    {
+        $client = self::createClient();
+        $em     = self::getContainer()->get(EntityManagerInterface::class);
+        $target = $this->createUser($em, 'archive-target-'.uniqid());
+        $em->flush();
+        $targetId = $target->getId();
+
+        $this->loginAdmin($client);
+        $client->request('DELETE', '/api/users/'.$targetId);
+
+        self::assertResponseStatusCodeSame(204);
+
+        $em->clear();
+        $reloaded = $em->getRepository(User::class)->find($targetId);
+        self::assertInstanceOf(User::class, $reloaded, 'Row must still exist (soft delete)');
+        self::assertTrue($reloaded->isArchived(), 'User must be flagged archived');
+        self::assertNull($reloaded->getApiToken(), 'API token must be cleared on archive');
+    }
+
+    public function testAdminCannotArchiveOwnAccount(): void
+    {
+        $client = self::createClient();
+        $em     = self::getContainer()->get(EntityManagerInterface::class);
+        $this->loginAdmin($client);
+        $adminId = $this->userId('admin');
+
+        $client->request('DELETE', '/api/users/'.$adminId);
+
+        self::assertResponseStatusCodeSame(403);
+
+        $em->clear();
+        $admin = $em->getRepository(User::class)->find($adminId);
+        self::assertFalse($admin->isArchived(), 'Admin must not have archived itself');
+    }
+
+    public function testArchivedUserIsHiddenFromDefaultCollection(): void
+    {
+        $client   = self::createClient();
+        $username = $this->createArchivedUser();
+
+        $this->loginAdmin($client);
+        $client->request('GET', '/api/users', server: ['HTTP_ACCEPT' => 'application/json']);
+
+        self::assertResponseIsSuccessful();
+        $usernames = array_column(json_decode($client->getResponse()->getContent(), true), 'username');
+        self::assertNotContains($username, $usernames, 'Archived user must not appear in the default list');
+    }
+
+    public function testAdminCanListArchivedUsersViaFilter(): void
+    {
+        $client   = self::createClient();
+        $username = $this->createArchivedUser();
+
+        $this->loginAdmin($client);
+        $client->request('GET', '/api/users?archived=true', server: ['HTTP_ACCEPT' => 'application/json']);
+
+        self::assertResponseIsSuccessful();
+        $usernames = array_column(json_decode($client->getResponse()->getContent(), true), 'username');
+        self::assertContains($username, $usernames, 'Admin must be able to list archived users via ?archived=true');
+    }
+
+    public function testAdminCanRestoreUserViaPatch(): void
+    {
+        $client = self::createClient();
+        $em     = self::getContainer()->get(EntityManagerInterface::class);
+
+        $user = $this->createUser($em, 'restore-target-'.uniqid());
+        $user->setArchived(true);
+        $em->flush();
+        $userId = $user->getId();
+        $em->clear();
+
+        $this->loginAdmin($client);
+        $client->request('PATCH', '/api/users/'.$userId, server: [
+            'CONTENT_TYPE' => 'application/merge-patch+json',
+        ], content: json_encode(['archived' => false]));
+
+        self::assertResponseIsSuccessful();
+
+        $em->clear();
+        $reloaded = $em->getRepository(User::class)->find($userId);
+        self::assertFalse($reloaded->isArchived(), 'Admin PATCH must be able to un-archive a user');
+    }
+
+    private function createArchivedUser(): string
+    {
+        $em       = self::getContainer()->get(EntityManagerInterface::class);
+        $username = 'archived-'.uniqid();
+        $user     = $this->createUser($em, $username);
+        $user->setArchived(true);
+        $em->flush();
+        $em->clear();
+
+        return $username;
+    }
+
+    private function createUser(EntityManagerInterface $em, string $username): User
+    {
+        $user = new User();
+        $user->setUsername($username);
+        $user->setPassword('x');
+        $user->setRoles(['ROLE_USER']);
+        $em->persist($user);
+
+        return $user;
+    }
+
+    private function loginAdmin(KernelBrowser $client): void
+    {
+        $em   = self::getContainer()->get(EntityManagerInterface::class);
+        $user = $em->getRepository(User::class)->findOneBy(['username' => 'admin']);
+        self::assertInstanceOf(User::class, $user);
+        $client->loginUser($user);
+    }
+
+    private function userId(string $username): int
+    {
+        $em   = self::getContainer()->get(EntityManagerInterface::class);
+        $user = $em->getRepository(User::class)->findOneBy(['username' => $username]);
+        self::assertInstanceOf(User::class, $user);
+
+        return $user->getId();
+    }
+}
diff --git a/tests/Unit/Module/Core/Infrastructure/Security/ArchivedUserCheckerTest.php b/tests/Unit/Module/Core/Infrastructure/Security/ArchivedUserCheckerTest.php
new file mode 100644
index 0000000..8700e1f
--- /dev/null
+++ b/tests/Unit/Module/Core/Infrastructure/Security/ArchivedUserCheckerTest.php
@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Tests\Unit\Module\Core\Infrastructure\Security;
+
+use App\Module\Core\Domain\Entity\User;
+use App\Module\Core\Infrastructure\Security\ArchivedUserChecker;
+use PHPUnit\Framework\TestCase;
+use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
+use Symfony\Component\Security\Core\User\InMemoryUser;
+
+/**
+ * @internal
+ */
+final class ArchivedUserCheckerTest extends TestCase
+{
+    public function testArchivedUserIsRejectedPreAuth(): void
+    {
+        $user = new User()->setArchived(true);
+
+        $this->expectException(CustomUserMessageAccountStatusException::class);
+
+        new ArchivedUserChecker()->checkPreAuth($user);
+    }
+
+    public function testActiveUserPassesPreAuth(): void
+    {
+        $user = new User()->setArchived(false);
+
+        new ArchivedUserChecker()->checkPreAuth($user);
+
+        $this->addToAssertionCount(1);
+    }
+
+    public function testNonAppUserIsIgnored(): void
+    {
+        // A user that is not our entity must not be rejected by this checker.
+        new ArchivedUserChecker()->checkPreAuth(new InMemoryUser('someone', null));
+
+        $this->addToAssertionCount(1);
+    }
+}