feat(api): add @microsoft/api-extractor for API surface tracking

[LucasSantana-Dev]

Summary

Adds @microsoft/api-extractor + api-documenter to @forgespace/brand-guide. Same pattern as Forge-Space/core#201 and Forge-Space/siza-gen#75.

What ships

• api-extractor.json — points at dist-lib/index.d.ts (uses tsconfig.lib.json)
• etc/brand-guide.api.md — committed baseline, CI verifies
• New .github/workflows/ci.yml — runs build:lib + test + api-check on PRs (the repo previously had no general CI workflow, only specialized jobs)
• npm scripts: api:extract, api:check, api:docs

Why this matters

• Breaking change detection: any future PR that changes the public API surface fails CI until the report is updated
• Foundation for npm package quality: brand-guide's API is consumed by other Forge Space packages — a bad change here cascades

Bugs caught

Zero — brand-guide's API surface is the cleanest of the 3 packages:

• 1 const: identity: BrandIdentity
• 12 type re-exports from @forgespace/branding-mcp (BrandIdentity, ColorPalette, TypographySystem, SpacingScale, ShadowSystem, BorderSystem, MotionSystem, GradientSystem, LogoOutput, BrandStyle, ColorHarmony, ExportFormat)

All properly forwarded — no forgotten exports.

Local verification

• npm run build:lib — OK
• npm run api:check — passes
• npm test — 24/24 tests pass

Cumulative API extractor rollout

Package	PR	Forgotten exports caught
@forgespace/core	#201	2
@forgespace/siza-gen	#75	38
@forgespace/brand-guide	(this PR)	0

Test plan

• CI "API Surface Check" job runs and passes
• CodeRabbit review
• SonarCloud review
• After merge: next PR that changes public API should fail CI until report is updated

Part of P3 tech debt from .claude/plans/reactive-whistling-pizza.md.

[coderabbitai]

Warning

Rate limit exceeded

@LucasSantana-Dev has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 7 minutes and 13 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 7 minutes and 13 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 84720e7b-daac-4909-9cb6-8b73d326d936

📥 Commits

Reviewing files that changed from the base of the PR and between c392cfc and beb38d7.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (6)

• .github/workflows/ci.yml
• .gitignore
• .prettierignore
• api-extractor.json
• etc/brand-guide.api.md
• package.json

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/api-extractor

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud