@agentbouncr/core 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +93 -0
- package/README.md +47 -0
- package/dist/audit/hash-chain.d.ts +39 -0
- package/dist/audit/hash-chain.d.ts.map +1 -0
- package/dist/audit/hash-chain.js +63 -0
- package/dist/audit/hash-chain.js.map +1 -0
- package/dist/audit/index.d.ts +2 -0
- package/dist/audit/index.d.ts.map +1 -0
- package/dist/audit/index.js +2 -0
- package/dist/audit/index.js.map +1 -0
- package/dist/core/condition-evaluator.d.ts +20 -0
- package/dist/core/condition-evaluator.d.ts.map +1 -0
- package/dist/core/condition-evaluator.js +85 -0
- package/dist/core/condition-evaluator.js.map +1 -0
- package/dist/core/permission-layer.d.ts +24 -0
- package/dist/core/permission-layer.d.ts.map +1 -0
- package/dist/core/permission-layer.js +58 -0
- package/dist/core/permission-layer.js.map +1 -0
- package/dist/core/policy-engine.d.ts +35 -0
- package/dist/core/policy-engine.d.ts.map +1 -0
- package/dist/core/policy-engine.js +131 -0
- package/dist/core/policy-engine.js.map +1 -0
- package/dist/core/policy-schema.d.ts +50 -0
- package/dist/core/policy-schema.d.ts.map +1 -0
- package/dist/core/policy-schema.js +59 -0
- package/dist/core/policy-schema.js.map +1 -0
- package/dist/core/tool-registry.d.ts +31 -0
- package/dist/core/tool-registry.d.ts.map +1 -0
- package/dist/core/tool-registry.js +53 -0
- package/dist/core/tool-registry.js.map +1 -0
- package/dist/detection/injection-detector.d.ts +21 -0
- package/dist/detection/injection-detector.d.ts.map +1 -0
- package/dist/detection/injection-detector.js +61 -0
- package/dist/detection/injection-detector.js.map +1 -0
- package/dist/events/event-emitter.d.ts +44 -0
- package/dist/events/event-emitter.d.ts.map +1 -0
- package/dist/events/event-emitter.js +119 -0
- package/dist/events/event-emitter.js.map +1 -0
- package/dist/importers/json-schema-converter.d.ts +16 -0
- package/dist/importers/json-schema-converter.d.ts.map +1 -0
- package/dist/importers/json-schema-converter.js +95 -0
- package/dist/importers/json-schema-converter.js.map +1 -0
- package/dist/importers/mcp-importer.d.ts +30 -0
- package/dist/importers/mcp-importer.d.ts.map +1 -0
- package/dist/importers/mcp-importer.js +45 -0
- package/dist/importers/mcp-importer.js.map +1 -0
- package/dist/index.d.ts +27 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +43 -0
- package/dist/index.js.map +1 -0
- package/dist/lifecycle/governance-middleware.d.ts +105 -0
- package/dist/lifecycle/governance-middleware.d.ts.map +1 -0
- package/dist/lifecycle/governance-middleware.js +610 -0
- package/dist/lifecycle/governance-middleware.js.map +1 -0
- package/dist/lifecycle/kill-switch.d.ts +46 -0
- package/dist/lifecycle/kill-switch.d.ts.map +1 -0
- package/dist/lifecycle/kill-switch.js +119 -0
- package/dist/lifecycle/kill-switch.js.map +1 -0
- package/dist/lifecycle/middleware-schemas.d.ts +49 -0
- package/dist/lifecycle/middleware-schemas.d.ts.map +1 -0
- package/dist/lifecycle/middleware-schemas.js +33 -0
- package/dist/lifecycle/middleware-schemas.js.map +1 -0
- package/dist/providers/vercel-ai-adapter.d.ts +42 -0
- package/dist/providers/vercel-ai-adapter.d.ts.map +1 -0
- package/dist/providers/vercel-ai-adapter.js +96 -0
- package/dist/providers/vercel-ai-adapter.js.map +1 -0
- package/dist/schema/tool-schema.d.ts +62 -0
- package/dist/schema/tool-schema.d.ts.map +1 -0
- package/dist/schema/tool-schema.js +88 -0
- package/dist/schema/tool-schema.js.map +1 -0
- package/dist/tracing/index.d.ts +6 -0
- package/dist/tracing/index.d.ts.map +1 -0
- package/dist/tracing/index.js +6 -0
- package/dist/tracing/index.js.map +1 -0
- package/dist/tracing/trace-context.d.ts +37 -0
- package/dist/tracing/trace-context.d.ts.map +1 -0
- package/dist/tracing/trace-context.js +76 -0
- package/dist/tracing/trace-context.js.map +1 -0
- package/dist/tracing/trace-provider.d.ts +43 -0
- package/dist/tracing/trace-provider.d.ts.map +1 -0
- package/dist/tracing/trace-provider.js +89 -0
- package/dist/tracing/trace-provider.js.map +1 -0
- package/dist/types/index.d.ts +248 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +20 -0
- package/dist/types/index.js.map +1 -0
- package/dist/utils/external-content.d.ts +9 -0
- package/dist/utils/external-content.d.ts.map +1 -0
- package/dist/utils/external-content.js +11 -0
- package/dist/utils/external-content.js.map +1 -0
- package/dist/utils/logger.d.ts +4 -0
- package/dist/utils/logger.d.ts.map +1 -0
- package/dist/utils/logger.js +13 -0
- package/dist/utils/logger.js.map +1 -0
- package/package.json +45 -0
|
@@ -0,0 +1,610 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @agentbouncr/core — GovernanceMiddleware
|
|
3
|
+
*
|
|
4
|
+
* Main entry point for developers.
|
|
5
|
+
* Orchestrates PolicyEngine, EventEmitter, KillSwitch, and DatabaseAdapter.
|
|
6
|
+
*
|
|
7
|
+
* Usage:
|
|
8
|
+
* const governance = new GovernanceMiddleware();
|
|
9
|
+
* const result = await governance.evaluate({ agentId: 'a', tool: 'x', params: {} });
|
|
10
|
+
*
|
|
11
|
+
* Zero-Config: Works without policy — defaults allow-all, logs all.
|
|
12
|
+
* Kill-Switch: emergencyStop() denies ALL evaluate() calls.
|
|
13
|
+
* Agent CRUD: registerAgent/start/stop/delete — requires DatabaseAdapter.
|
|
14
|
+
*/
|
|
15
|
+
import pino from 'pino';
|
|
16
|
+
import { GovernanceError } from '../types/index.js';
|
|
17
|
+
import { PolicyEngine } from '../core/policy-engine.js';
|
|
18
|
+
import { GovernanceEventEmitter, } from '../events/event-emitter.js';
|
|
19
|
+
import { KillSwitchManager } from './kill-switch.js';
|
|
20
|
+
import { generateTraceId } from '../tracing/trace-context.js';
|
|
21
|
+
import { policySchema } from '../core/policy-schema.js';
|
|
22
|
+
import { evaluateRequestSchema, agentConfigSchema } from './middleware-schemas.js';
|
|
23
|
+
/** Default: 1 hour */
|
|
24
|
+
const DEFAULT_APPROVAL_TIMEOUT_SECONDS = 3600;
|
|
25
|
+
// --- Default allow-all policy ---
|
|
26
|
+
function defaultAllowAllPolicy() {
|
|
27
|
+
return {
|
|
28
|
+
name: 'default-allow-all',
|
|
29
|
+
version: '1.0',
|
|
30
|
+
rules: [{ tool: '*', effect: 'allow' }],
|
|
31
|
+
createdAt: new Date().toISOString(),
|
|
32
|
+
updatedAt: new Date().toISOString(),
|
|
33
|
+
};
|
|
34
|
+
}
|
|
35
|
+
// --- GovernanceMiddleware ---
|
|
36
|
+
export class GovernanceMiddleware {
|
|
37
|
+
logger;
|
|
38
|
+
eventEmitter;
|
|
39
|
+
policyEngine;
|
|
40
|
+
killSwitch;
|
|
41
|
+
db;
|
|
42
|
+
approvalTimeoutSeconds;
|
|
43
|
+
tenantId;
|
|
44
|
+
policy;
|
|
45
|
+
constructor(options) {
|
|
46
|
+
this.logger = options?.logger ?? pino({ level: 'info' });
|
|
47
|
+
this.eventEmitter = new GovernanceEventEmitter(this.logger);
|
|
48
|
+
this.policyEngine = new PolicyEngine(this.logger);
|
|
49
|
+
this.killSwitch = new KillSwitchManager(this.logger, this.eventEmitter);
|
|
50
|
+
this.db = options?.db;
|
|
51
|
+
this.policy = options?.policy ?? null;
|
|
52
|
+
this.approvalTimeoutSeconds = options?.approvalTimeoutSeconds ?? DEFAULT_APPROVAL_TIMEOUT_SECONDS;
|
|
53
|
+
}
|
|
54
|
+
// --- Multi-Tenant ---
|
|
55
|
+
/**
|
|
56
|
+
* Return a tenant-scoped middleware sharing EventEmitter, PolicyEngine, KillSwitch.
|
|
57
|
+
* Only the DatabaseAdapter is scoped to the given tenantId.
|
|
58
|
+
*/
|
|
59
|
+
forTenant(tenantId) {
|
|
60
|
+
if (!this.db?.forTenant)
|
|
61
|
+
return this;
|
|
62
|
+
const scopedDb = this.db.forTenant(tenantId);
|
|
63
|
+
if (scopedDb === this.db)
|
|
64
|
+
return this;
|
|
65
|
+
const scoped = Object.create(this);
|
|
66
|
+
Object.defineProperty(scoped, 'db', { value: scopedDb });
|
|
67
|
+
Object.defineProperty(scoped, 'tenantId', { value: tenantId });
|
|
68
|
+
return scoped;
|
|
69
|
+
}
|
|
70
|
+
// --- Evaluate ---
|
|
71
|
+
/**
|
|
72
|
+
* Evaluate a tool-call request against governance policies.
|
|
73
|
+
*
|
|
74
|
+
* Flow:
|
|
75
|
+
* 1. Kill-Switch check (immediate deny if active)
|
|
76
|
+
* 2. Policy resolution: inline > DB > default allow-all
|
|
77
|
+
* 3. PolicyEngine.evaluate()
|
|
78
|
+
* 4. Event emission (tool_call.allowed / tool_call.denied)
|
|
79
|
+
*/
|
|
80
|
+
async evaluate(request) {
|
|
81
|
+
// 0. Input validation
|
|
82
|
+
try {
|
|
83
|
+
evaluateRequestSchema.parse(request);
|
|
84
|
+
}
|
|
85
|
+
catch (err) {
|
|
86
|
+
throw new GovernanceError(`Invalid EvaluateRequest: ${err instanceof Error ? err.message : String(err)}`, 'INVALID_REQUEST', 'config_error');
|
|
87
|
+
}
|
|
88
|
+
const traceId = request.traceId ?? generateTraceId();
|
|
89
|
+
// 1. Kill-Switch check
|
|
90
|
+
if (this.killSwitch.isActive(this.tenantId)) {
|
|
91
|
+
const timestamp = new Date().toISOString();
|
|
92
|
+
const result = {
|
|
93
|
+
allowed: false,
|
|
94
|
+
traceId,
|
|
95
|
+
reason: 'Kill-Switch is active — all tool calls denied',
|
|
96
|
+
appliedRules: [],
|
|
97
|
+
};
|
|
98
|
+
this.eventEmitter.emitEvent({
|
|
99
|
+
type: 'tool_call.denied',
|
|
100
|
+
timestamp,
|
|
101
|
+
traceId,
|
|
102
|
+
agentId: request.agentId,
|
|
103
|
+
tenantId: this.tenantId,
|
|
104
|
+
data: {
|
|
105
|
+
tool: request.tool,
|
|
106
|
+
params: request.params,
|
|
107
|
+
reason: result.reason,
|
|
108
|
+
killSwitch: true,
|
|
109
|
+
},
|
|
110
|
+
});
|
|
111
|
+
// Persist kill-switch denial to audit trail
|
|
112
|
+
if (this.db?.writeAuditEvent) {
|
|
113
|
+
try {
|
|
114
|
+
await this.db.writeAuditEvent({
|
|
115
|
+
traceId,
|
|
116
|
+
timestamp,
|
|
117
|
+
agentId: request.agentId,
|
|
118
|
+
tool: request.tool,
|
|
119
|
+
params: request.params,
|
|
120
|
+
result: 'denied',
|
|
121
|
+
reason: result.reason,
|
|
122
|
+
durationMs: 0,
|
|
123
|
+
});
|
|
124
|
+
}
|
|
125
|
+
catch (err) {
|
|
126
|
+
this.logger.error({ err, traceId }, 'Failed to write audit event for kill-switch denial');
|
|
127
|
+
this.eventEmitter.emitEvent({
|
|
128
|
+
type: 'audit.write_failure',
|
|
129
|
+
timestamp: new Date().toISOString(),
|
|
130
|
+
traceId,
|
|
131
|
+
agentId: request.agentId,
|
|
132
|
+
tenantId: this.tenantId,
|
|
133
|
+
data: { error: 'Database write failed', context: 'killswitch_denial' },
|
|
134
|
+
});
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
return result;
|
|
138
|
+
}
|
|
139
|
+
// 2. Policy resolution
|
|
140
|
+
let policy = this.policy;
|
|
141
|
+
if (!policy && this.db) {
|
|
142
|
+
try {
|
|
143
|
+
policy = await this.db.getActivePolicy(request.agentId);
|
|
144
|
+
}
|
|
145
|
+
catch (err) {
|
|
146
|
+
this.logger.error({ err, agentId: request.agentId }, 'DB error during policy resolution — denying (fail-secure)');
|
|
147
|
+
const result = {
|
|
148
|
+
allowed: false,
|
|
149
|
+
traceId,
|
|
150
|
+
reason: 'Policy resolution failed — database error (fail-secure)',
|
|
151
|
+
appliedRules: [],
|
|
152
|
+
};
|
|
153
|
+
this.eventEmitter.emitEvent({
|
|
154
|
+
type: 'tool_call.denied',
|
|
155
|
+
timestamp: new Date().toISOString(),
|
|
156
|
+
traceId,
|
|
157
|
+
agentId: request.agentId,
|
|
158
|
+
tenantId: this.tenantId,
|
|
159
|
+
data: {
|
|
160
|
+
tool: request.tool,
|
|
161
|
+
params: request.params,
|
|
162
|
+
reason: result.reason,
|
|
163
|
+
},
|
|
164
|
+
});
|
|
165
|
+
return result;
|
|
166
|
+
}
|
|
167
|
+
}
|
|
168
|
+
if (!policy) {
|
|
169
|
+
policy = defaultAllowAllPolicy();
|
|
170
|
+
}
|
|
171
|
+
// 3. PolicyEngine evaluate
|
|
172
|
+
const result = this.policyEngine.evaluate({ ...request, traceId }, policy);
|
|
173
|
+
// 3.5 Approval interception — allowed + requireApproval = pause
|
|
174
|
+
if (result.allowed && result.appliedRules[0]?.requireApproval === true) {
|
|
175
|
+
return this.handleApprovalRequired(request, result, policy);
|
|
176
|
+
}
|
|
177
|
+
// 4. Event emission
|
|
178
|
+
const timestamp = new Date().toISOString();
|
|
179
|
+
if (result.allowed) {
|
|
180
|
+
this.eventEmitter.emitEvent({
|
|
181
|
+
type: 'tool_call.allowed',
|
|
182
|
+
timestamp,
|
|
183
|
+
traceId: result.traceId,
|
|
184
|
+
agentId: request.agentId,
|
|
185
|
+
tenantId: this.tenantId,
|
|
186
|
+
data: {
|
|
187
|
+
tool: request.tool,
|
|
188
|
+
params: request.params,
|
|
189
|
+
appliedRules: result.appliedRules,
|
|
190
|
+
},
|
|
191
|
+
});
|
|
192
|
+
}
|
|
193
|
+
else {
|
|
194
|
+
this.eventEmitter.emitEvent({
|
|
195
|
+
type: 'tool_call.denied',
|
|
196
|
+
timestamp,
|
|
197
|
+
traceId: result.traceId,
|
|
198
|
+
agentId: request.agentId,
|
|
199
|
+
tenantId: this.tenantId,
|
|
200
|
+
data: {
|
|
201
|
+
tool: request.tool,
|
|
202
|
+
params: request.params,
|
|
203
|
+
reason: result.reason,
|
|
204
|
+
appliedRules: result.appliedRules,
|
|
205
|
+
},
|
|
206
|
+
});
|
|
207
|
+
}
|
|
208
|
+
// 5. Audit trail persistence (if DB available)
|
|
209
|
+
if (this.db?.writeAuditEvent) {
|
|
210
|
+
try {
|
|
211
|
+
await this.db.writeAuditEvent({
|
|
212
|
+
traceId: result.traceId,
|
|
213
|
+
timestamp,
|
|
214
|
+
agentId: request.agentId,
|
|
215
|
+
tool: request.tool,
|
|
216
|
+
params: request.params,
|
|
217
|
+
result: result.allowed ? 'allowed' : 'denied',
|
|
218
|
+
reason: result.reason,
|
|
219
|
+
durationMs: 0,
|
|
220
|
+
failureCategory: result.allowed ? undefined : 'policy_denial',
|
|
221
|
+
});
|
|
222
|
+
}
|
|
223
|
+
catch (err) {
|
|
224
|
+
this.logger.error({ err, traceId: result.traceId }, 'Failed to write audit event — evaluate result unaffected');
|
|
225
|
+
this.eventEmitter.emitEvent({
|
|
226
|
+
type: 'audit.write_failure',
|
|
227
|
+
timestamp: new Date().toISOString(),
|
|
228
|
+
traceId: result.traceId,
|
|
229
|
+
agentId: request.agentId,
|
|
230
|
+
tenantId: this.tenantId,
|
|
231
|
+
data: { error: 'Database write failed', context: 'policy_evaluation' },
|
|
232
|
+
});
|
|
233
|
+
}
|
|
234
|
+
}
|
|
235
|
+
return result;
|
|
236
|
+
}
|
|
237
|
+
// --- Agent CRUD (requires DB) ---
|
|
238
|
+
async registerAgent(config) {
|
|
239
|
+
let parsed;
|
|
240
|
+
try {
|
|
241
|
+
parsed = agentConfigSchema.parse(config);
|
|
242
|
+
}
|
|
243
|
+
catch (err) {
|
|
244
|
+
throw new GovernanceError(`Invalid AgentConfig: ${err instanceof Error ? err.message : String(err)}`, 'INVALID_CONFIG', 'config_error');
|
|
245
|
+
}
|
|
246
|
+
const db = this.requireDb('registerAgent');
|
|
247
|
+
const id = await db.registerAgent(parsed);
|
|
248
|
+
this.eventEmitter.emitEvent({
|
|
249
|
+
type: 'agent.config_changed',
|
|
250
|
+
timestamp: new Date().toISOString(),
|
|
251
|
+
agentId: parsed.agentId,
|
|
252
|
+
tenantId: this.tenantId,
|
|
253
|
+
data: { action: 'registered', config: parsed },
|
|
254
|
+
});
|
|
255
|
+
return id;
|
|
256
|
+
}
|
|
257
|
+
async startAgent(agentId) {
|
|
258
|
+
const db = this.requireDb('startAgent');
|
|
259
|
+
await db.updateAgentStatus(agentId, 'running');
|
|
260
|
+
this.eventEmitter.emitEvent({
|
|
261
|
+
type: 'agent.started',
|
|
262
|
+
timestamp: new Date().toISOString(),
|
|
263
|
+
agentId,
|
|
264
|
+
tenantId: this.tenantId,
|
|
265
|
+
data: { agentId },
|
|
266
|
+
});
|
|
267
|
+
}
|
|
268
|
+
async stopAgent(agentId, reason) {
|
|
269
|
+
const db = this.requireDb('stopAgent');
|
|
270
|
+
await db.updateAgentStatus(agentId, 'stopped');
|
|
271
|
+
this.eventEmitter.emitEvent({
|
|
272
|
+
type: 'agent.stopped',
|
|
273
|
+
timestamp: new Date().toISOString(),
|
|
274
|
+
agentId,
|
|
275
|
+
tenantId: this.tenantId,
|
|
276
|
+
data: { agentId, reason },
|
|
277
|
+
});
|
|
278
|
+
}
|
|
279
|
+
async getAgentStatus(agentId) {
|
|
280
|
+
const db = this.requireDb('getAgentStatus');
|
|
281
|
+
return db.getAgentStatus(agentId);
|
|
282
|
+
}
|
|
283
|
+
async listAgents() {
|
|
284
|
+
const db = this.requireDb('listAgents');
|
|
285
|
+
return db.listAgents();
|
|
286
|
+
}
|
|
287
|
+
async deleteAgent(agentId) {
|
|
288
|
+
const db = this.requireDb('deleteAgent');
|
|
289
|
+
const deleted = await db.deleteAgent(agentId);
|
|
290
|
+
if (deleted) {
|
|
291
|
+
this.eventEmitter.emitEvent({
|
|
292
|
+
type: 'agent.config_changed',
|
|
293
|
+
timestamp: new Date().toISOString(),
|
|
294
|
+
agentId,
|
|
295
|
+
tenantId: this.tenantId,
|
|
296
|
+
data: { action: 'deleted', agentId },
|
|
297
|
+
});
|
|
298
|
+
}
|
|
299
|
+
return deleted;
|
|
300
|
+
}
|
|
301
|
+
// --- Kill-Switch ---
|
|
302
|
+
emergencyStop(reason) {
|
|
303
|
+
this.killSwitch.activate(reason ?? 'Manual emergency stop', this.tenantId);
|
|
304
|
+
}
|
|
305
|
+
resetKillSwitch(reason) {
|
|
306
|
+
this.killSwitch.reset(this.tenantId, reason);
|
|
307
|
+
}
|
|
308
|
+
isKillSwitchActive() {
|
|
309
|
+
return this.killSwitch.isActive(this.tenantId);
|
|
310
|
+
}
|
|
311
|
+
// --- Events ---
|
|
312
|
+
on(type, listener) {
|
|
313
|
+
this.eventEmitter.on(type, listener);
|
|
314
|
+
}
|
|
315
|
+
off(type, listener) {
|
|
316
|
+
this.eventEmitter.off(type, listener);
|
|
317
|
+
}
|
|
318
|
+
// --- Kill-Switch Status ---
|
|
319
|
+
getKillSwitchStatus() {
|
|
320
|
+
return this.killSwitch.getStatus(this.tenantId);
|
|
321
|
+
}
|
|
322
|
+
// --- Policy ---
|
|
323
|
+
setPolicy(policy) {
|
|
324
|
+
try {
|
|
325
|
+
policySchema.parse(policy);
|
|
326
|
+
}
|
|
327
|
+
catch (err) {
|
|
328
|
+
throw new GovernanceError(`Invalid Policy: ${err instanceof Error ? err.message : String(err)}`, 'INVALID_POLICY', 'config_error');
|
|
329
|
+
}
|
|
330
|
+
this.policy = policy;
|
|
331
|
+
}
|
|
332
|
+
/**
|
|
333
|
+
* Clear the inline policy. Subsequent evaluate() calls will
|
|
334
|
+
* fall back to DB-based policy or default allow-all.
|
|
335
|
+
*/
|
|
336
|
+
clearPolicy() {
|
|
337
|
+
this.policy = null;
|
|
338
|
+
}
|
|
339
|
+
async writePolicy(policy) {
|
|
340
|
+
try {
|
|
341
|
+
policySchema.parse(policy);
|
|
342
|
+
}
|
|
343
|
+
catch (err) {
|
|
344
|
+
throw new GovernanceError(`Invalid Policy: ${err instanceof Error ? err.message : String(err)}`, 'INVALID_POLICY', 'config_error');
|
|
345
|
+
}
|
|
346
|
+
const db = this.requireDb('writePolicy');
|
|
347
|
+
await db.writePolicy(policy);
|
|
348
|
+
this.eventEmitter.emitEvent({
|
|
349
|
+
type: 'policy.updated',
|
|
350
|
+
timestamp: new Date().toISOString(),
|
|
351
|
+
tenantId: this.tenantId,
|
|
352
|
+
data: { policyName: policy.name, version: policy.version },
|
|
353
|
+
});
|
|
354
|
+
}
|
|
355
|
+
async listPolicies() {
|
|
356
|
+
const db = this.requireDb('listPolicies');
|
|
357
|
+
return db.listPolicies();
|
|
358
|
+
}
|
|
359
|
+
async getPolicyByName(name) {
|
|
360
|
+
const db = this.requireDb('getPolicyByName');
|
|
361
|
+
return db.getPolicyByName(name);
|
|
362
|
+
}
|
|
363
|
+
async deletePolicy(name) {
|
|
364
|
+
const db = this.requireDb('deletePolicy');
|
|
365
|
+
const deleted = await db.deletePolicy(name);
|
|
366
|
+
if (deleted) {
|
|
367
|
+
this.eventEmitter.emitEvent({
|
|
368
|
+
type: 'policy.deleted',
|
|
369
|
+
timestamp: new Date().toISOString(),
|
|
370
|
+
tenantId: this.tenantId,
|
|
371
|
+
data: { policyName: name },
|
|
372
|
+
});
|
|
373
|
+
}
|
|
374
|
+
return deleted;
|
|
375
|
+
}
|
|
376
|
+
// --- Dry-Run ---
|
|
377
|
+
/**
|
|
378
|
+
* Evaluate a request against an inline policy without side effects.
|
|
379
|
+
* NO kill-switch check, NO events, NO DB interaction.
|
|
380
|
+
*/
|
|
381
|
+
evaluateDryRun(request, policy) {
|
|
382
|
+
// Validate request
|
|
383
|
+
try {
|
|
384
|
+
evaluateRequestSchema.parse(request);
|
|
385
|
+
}
|
|
386
|
+
catch (err) {
|
|
387
|
+
throw new GovernanceError(`Invalid EvaluateRequest: ${err instanceof Error ? err.message : String(err)}`, 'INVALID_REQUEST', 'config_error');
|
|
388
|
+
}
|
|
389
|
+
// Validate policy
|
|
390
|
+
try {
|
|
391
|
+
policySchema.parse(policy);
|
|
392
|
+
}
|
|
393
|
+
catch (err) {
|
|
394
|
+
throw new GovernanceError(`Invalid Policy: ${err instanceof Error ? err.message : String(err)}`, 'INVALID_POLICY', 'config_error');
|
|
395
|
+
}
|
|
396
|
+
const traceId = request.traceId ?? generateTraceId();
|
|
397
|
+
return this.policyEngine.evaluate({ ...request, traceId }, policy);
|
|
398
|
+
}
|
|
399
|
+
// --- Policy Versioning ---
|
|
400
|
+
async getPolicyHistory(policyName) {
|
|
401
|
+
const db = this.requireDb('getPolicyHistory');
|
|
402
|
+
return db.getPolicyHistory(policyName);
|
|
403
|
+
}
|
|
404
|
+
async getPolicyVersion(policyName, versionId) {
|
|
405
|
+
const db = this.requireDb('getPolicyVersion');
|
|
406
|
+
return db.getPolicyVersion(policyName, versionId);
|
|
407
|
+
}
|
|
408
|
+
async rollbackPolicy(policyName, versionId) {
|
|
409
|
+
const db = this.requireDb('rollbackPolicy');
|
|
410
|
+
const version = await db.getPolicyVersion(policyName, versionId);
|
|
411
|
+
if (!version) {
|
|
412
|
+
throw new GovernanceError(`Policy version ${versionId} not found for policy '${policyName}'`, 'VERSION_NOT_FOUND', 'config_error');
|
|
413
|
+
}
|
|
414
|
+
const policy = {
|
|
415
|
+
name: version.policyName,
|
|
416
|
+
version: version.version,
|
|
417
|
+
agentId: version.agentId,
|
|
418
|
+
rules: version.rules,
|
|
419
|
+
createdAt: version.createdAt,
|
|
420
|
+
updatedAt: new Date().toISOString(),
|
|
421
|
+
};
|
|
422
|
+
// writePolicy auto-snapshots the current version before overwriting
|
|
423
|
+
await db.writePolicy(policy);
|
|
424
|
+
this.eventEmitter.emitEvent({
|
|
425
|
+
type: 'policy.updated',
|
|
426
|
+
timestamp: new Date().toISOString(),
|
|
427
|
+
tenantId: this.tenantId,
|
|
428
|
+
data: {
|
|
429
|
+
policyName,
|
|
430
|
+
version: version.version,
|
|
431
|
+
action: 'rollback',
|
|
432
|
+
fromVersionId: versionId,
|
|
433
|
+
},
|
|
434
|
+
});
|
|
435
|
+
return policy;
|
|
436
|
+
}
|
|
437
|
+
// --- Approval Workflows ---
|
|
438
|
+
/**
|
|
439
|
+
* Get a single approval request by ID.
|
|
440
|
+
* Implements lazy timeout: if pending and past deadline, auto-resolves to 'timeout'.
|
|
441
|
+
*/
|
|
442
|
+
async getApprovalRequest(id) {
|
|
443
|
+
const db = this.requireDb('getApprovalRequest');
|
|
444
|
+
if (!db.getApprovalRequest) {
|
|
445
|
+
throw new GovernanceError('Approval methods not available on this DatabaseAdapter', 'APPROVAL_NOT_SUPPORTED', 'config_error');
|
|
446
|
+
}
|
|
447
|
+
const approval = await db.getApprovalRequest(id);
|
|
448
|
+
if (!approval)
|
|
449
|
+
return null;
|
|
450
|
+
// Lazy timeout: pending + past deadline → auto-resolve
|
|
451
|
+
if (approval.status === 'pending' && new Date(approval.deadline) < new Date()) {
|
|
452
|
+
await this.resolveApproval(id, { status: 'timeout' });
|
|
453
|
+
return db.getApprovalRequest(id);
|
|
454
|
+
}
|
|
455
|
+
return approval;
|
|
456
|
+
}
|
|
457
|
+
/**
|
|
458
|
+
* List approval requests with optional filtering.
|
|
459
|
+
* Applies lazy timeout to all overdue pending items.
|
|
460
|
+
*/
|
|
461
|
+
async listApprovalRequests(filter) {
|
|
462
|
+
const db = this.requireDb('listApprovalRequests');
|
|
463
|
+
if (!db.listApprovalRequests) {
|
|
464
|
+
throw new GovernanceError('Approval methods not available on this DatabaseAdapter', 'APPROVAL_NOT_SUPPORTED', 'config_error');
|
|
465
|
+
}
|
|
466
|
+
const results = await db.listApprovalRequests(filter);
|
|
467
|
+
// Lazy timeout for overdue pending items
|
|
468
|
+
const now = new Date();
|
|
469
|
+
for (const approval of results) {
|
|
470
|
+
if (approval.status === 'pending' && new Date(approval.deadline) < now) {
|
|
471
|
+
await this.resolveApproval(approval.id, { status: 'timeout' });
|
|
472
|
+
}
|
|
473
|
+
}
|
|
474
|
+
// Re-fetch to get updated statuses if any were timed out
|
|
475
|
+
return db.listApprovalRequests(filter);
|
|
476
|
+
}
|
|
477
|
+
/**
|
|
478
|
+
* Resolve an approval request (approve, reject, or timeout).
|
|
479
|
+
* Uses optimistic locking — returns { resolved, approval }.
|
|
480
|
+
*/
|
|
481
|
+
async resolveApproval(id, resolution) {
|
|
482
|
+
const db = this.requireDb('resolveApproval');
|
|
483
|
+
if (!db.resolveApprovalRequest || !db.getApprovalRequest) {
|
|
484
|
+
throw new GovernanceError('Approval methods not available on this DatabaseAdapter', 'APPROVAL_NOT_SUPPORTED', 'config_error');
|
|
485
|
+
}
|
|
486
|
+
const resolved = await db.resolveApprovalRequest(id, resolution);
|
|
487
|
+
if (!resolved) {
|
|
488
|
+
return { resolved: false };
|
|
489
|
+
}
|
|
490
|
+
const approval = await db.getApprovalRequest(id);
|
|
491
|
+
if (!approval) {
|
|
492
|
+
return { resolved: false };
|
|
493
|
+
}
|
|
494
|
+
// Emit appropriate event
|
|
495
|
+
const eventTypeMap = {
|
|
496
|
+
approved: 'approval.granted',
|
|
497
|
+
rejected: 'approval.rejected',
|
|
498
|
+
timeout: 'approval.timeout',
|
|
499
|
+
};
|
|
500
|
+
const eventType = eventTypeMap[approval.status];
|
|
501
|
+
if (eventType) {
|
|
502
|
+
this.eventEmitter.emitEvent({
|
|
503
|
+
type: eventType,
|
|
504
|
+
timestamp: new Date().toISOString(),
|
|
505
|
+
traceId: approval.traceId,
|
|
506
|
+
agentId: approval.agentId,
|
|
507
|
+
tenantId: this.tenantId,
|
|
508
|
+
data: {
|
|
509
|
+
approvalId: approval.id,
|
|
510
|
+
tool: approval.tool,
|
|
511
|
+
policyName: approval.policyName,
|
|
512
|
+
ruleName: approval.ruleName,
|
|
513
|
+
approver: approval.approver,
|
|
514
|
+
comment: approval.comment,
|
|
515
|
+
},
|
|
516
|
+
});
|
|
517
|
+
}
|
|
518
|
+
// Write audit event
|
|
519
|
+
if (db.writeAuditEvent) {
|
|
520
|
+
const auditResult = approval.status === 'approved' ? 'allowed' : 'denied';
|
|
521
|
+
await db.writeAuditEvent({
|
|
522
|
+
traceId: approval.traceId,
|
|
523
|
+
timestamp: new Date().toISOString(),
|
|
524
|
+
agentId: approval.agentId,
|
|
525
|
+
tool: approval.tool,
|
|
526
|
+
params: approval.params,
|
|
527
|
+
result: auditResult,
|
|
528
|
+
reason: approval.status === 'timeout'
|
|
529
|
+
? 'Approval request timed out'
|
|
530
|
+
: `Approval ${approval.status} by ${approval.approver ?? 'unknown'}`,
|
|
531
|
+
durationMs: 0,
|
|
532
|
+
failureCategory: approval.status === 'timeout' ? 'approval_timeout' : undefined,
|
|
533
|
+
});
|
|
534
|
+
}
|
|
535
|
+
return { resolved: true, approval };
|
|
536
|
+
}
|
|
537
|
+
// --- Internal ---
|
|
538
|
+
/**
|
|
539
|
+
* Handle a tool call that requires approval.
|
|
540
|
+
* Creates an approval request, emits event, returns requiresApproval result.
|
|
541
|
+
*/
|
|
542
|
+
async handleApprovalRequired(request, result, _policy) {
|
|
543
|
+
const db = this.db;
|
|
544
|
+
if (!db?.createApprovalRequest) {
|
|
545
|
+
// Fail-secure: no DB or no approval support → deny
|
|
546
|
+
this.logger.warn({ agentId: request.agentId, tool: request.tool }, 'requireApproval set but no approval DB available — denied (fail-secure)');
|
|
547
|
+
this.eventEmitter.emitEvent({
|
|
548
|
+
type: 'tool_call.denied',
|
|
549
|
+
timestamp: new Date().toISOString(),
|
|
550
|
+
traceId: result.traceId,
|
|
551
|
+
agentId: request.agentId,
|
|
552
|
+
tenantId: this.tenantId,
|
|
553
|
+
data: {
|
|
554
|
+
tool: request.tool,
|
|
555
|
+
params: request.params,
|
|
556
|
+
reason: 'Approval required but approval infrastructure not available',
|
|
557
|
+
},
|
|
558
|
+
});
|
|
559
|
+
return {
|
|
560
|
+
allowed: false,
|
|
561
|
+
traceId: result.traceId,
|
|
562
|
+
reason: 'Approval required but approval infrastructure not available',
|
|
563
|
+
appliedRules: result.appliedRules,
|
|
564
|
+
requiresApproval: true,
|
|
565
|
+
};
|
|
566
|
+
}
|
|
567
|
+
const winningRule = result.appliedRules[0];
|
|
568
|
+
const deadline = new Date(Date.now() + this.approvalTimeoutSeconds * 1000).toISOString();
|
|
569
|
+
const approval = await db.createApprovalRequest({
|
|
570
|
+
agentId: request.agentId,
|
|
571
|
+
tool: request.tool,
|
|
572
|
+
params: request.params,
|
|
573
|
+
traceId: result.traceId,
|
|
574
|
+
policyName: winningRule.policyName,
|
|
575
|
+
ruleName: winningRule.ruleName,
|
|
576
|
+
deadline,
|
|
577
|
+
});
|
|
578
|
+
this.eventEmitter.emitEvent({
|
|
579
|
+
type: 'approval.requested',
|
|
580
|
+
timestamp: new Date().toISOString(),
|
|
581
|
+
traceId: result.traceId,
|
|
582
|
+
agentId: request.agentId,
|
|
583
|
+
tenantId: this.tenantId,
|
|
584
|
+
data: {
|
|
585
|
+
approvalId: approval.id,
|
|
586
|
+
tool: request.tool,
|
|
587
|
+
params: request.params,
|
|
588
|
+
policyName: winningRule.policyName,
|
|
589
|
+
ruleName: winningRule.ruleName,
|
|
590
|
+
deadline,
|
|
591
|
+
},
|
|
592
|
+
});
|
|
593
|
+
return {
|
|
594
|
+
allowed: false,
|
|
595
|
+
traceId: result.traceId,
|
|
596
|
+
reason: `Approval required — request ${approval.id} pending`,
|
|
597
|
+
appliedRules: result.appliedRules,
|
|
598
|
+
requiresApproval: true,
|
|
599
|
+
approvalId: approval.id,
|
|
600
|
+
deadline,
|
|
601
|
+
};
|
|
602
|
+
}
|
|
603
|
+
requireDb(method) {
|
|
604
|
+
if (!this.db) {
|
|
605
|
+
throw new GovernanceError(`${method}() requires a DatabaseAdapter — pass { db } in constructor options`, 'DATABASE_REQUIRED', 'config_error');
|
|
606
|
+
}
|
|
607
|
+
return this.db;
|
|
608
|
+
}
|
|
609
|
+
}
|
|
610
|
+
//# sourceMappingURL=governance-middleware.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"governance-middleware.js","sourceRoot":"","sources":["../../src/lifecycle/governance-middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AAcxB,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EACL,sBAAsB,GAGvB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,qBAAqB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAWnF,sBAAsB;AACtB,MAAM,gCAAgC,GAAG,IAAI,CAAC;AAE9C,mCAAmC;AAEnC,SAAS,qBAAqB;IAC5B,OAAO;QACL,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,OAAgB,EAAE,CAAC;QAChD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;AACJ,CAAC;AAED,+BAA+B;AAE/B,MAAM,OAAO,oBAAoB;IACd,MAAM,CAAc;IACpB,YAAY,CAAyB;IACrC,YAAY,CAAe;IAC3B,UAAU,CAAoB;IAC9B,EAAE,CAAmB;IACrB,sBAAsB,CAAS;IAC/B,QAAQ,CAAU;IAC3B,MAAM,CAAgB;IAE9B,YAAY,OAAqC;QAC/C,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,CAAC,UAAU,GAAG,IAAI,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QACxE,IAAI,CAAC,EAAE,GAAG,OAAO,EAAE,EAAE,CAAC;QACtB,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,IAAI,CAAC;QACtC,IAAI,CAAC,sBAAsB,GAAG,OAAO,EAAE,sBAAsB,IAAI,gCAAgC,CAAC;IACpG,CAAC;IAED,uBAAuB;IAEvB;;;OAGG;IACH,SAAS,CAAC,QAAgB;QACxB,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS;YAAE,OAAO,IAAI,CAAC;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC7C,IAAI,QAAQ,KAAK,IAAI,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QACtC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAyB,CAAC;QAC3D,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;QACzD,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC/D,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,mBAAmB;IAEnB;;;;;;;;OAQG;IACH,KAAK,CAAC,QAAQ,CAAC,OAAwB;QACrC,sBAAsB;QACtB,IAAI,CAAC;YACH,qBAAqB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,eAAe,CACvB,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAC9E,iBAAiB,EACjB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,eAAe,EAAE,CAAC;QAErD,uBAAuB;QACvB,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5C,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAmB;gBAC7B,OAAO,EAAE,KAAK;gBACd,OAAO;gBACP,MAAM,EAAE,+CAA+C;gBACvD,YAAY,EAAE,EAAE;aACjB,CAAC;YAEF,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;gBAC1B,IAAI,EAAE,kBAAkB;gBACxB,SAAS;gBACT,OAAO;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE;oBACJ,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,UAAU,EAAE,IAAI;iBACjB;aACF,CAAC,CAAC;YAEH,4CAA4C;YAC5C,IAAI,IAAI,CAAC,EAAE,EAAE,eAAe,EAAE,CAAC;gBAC7B,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC;wBAC5B,OAAO;wBACP,SAAS;wBACT,OAAO,EAAE,OAAO,CAAC,OAAO;wBACxB,IAAI,EAAE,OAAO,CAAC,IAAI;wBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,MAAM,EAAE,QAAQ;wBAChB,MAAM,EAAE,MAAM,CAAC,MAAM;wBACrB,UAAU,EAAE,CAAC;qBACd,CAAC,CAAC;gBACL,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,oDAAoD,CAAC,CAAC;oBAC1F,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;wBAC1B,IAAI,EAAE,qBAAqB;wBAC3B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACnC,OAAO;wBACP,OAAO,EAAE,OAAO,CAAC,OAAO;wBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,IAAI,EAAE,EAAE,KAAK,EAAE,uBAAuB,EAAE,OAAO,EAAE,mBAAmB,EAAE;qBACvE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,uBAAuB;QACvB,IAAI,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QACzB,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACvB,IAAI,CAAC;gBACH,MAAM,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,EAAE,2DAA2D,CAAC,CAAC;gBAElH,MAAM,MAAM,GAAmB;oBAC7B,OAAO,EAAE,KAAK;oBACd,OAAO;oBACP,MAAM,EAAE,yDAAyD;oBACjE,YAAY,EAAE,EAAE;iBACjB,CAAC;gBAEF,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;oBAC1B,IAAI,EAAE,kBAAkB;oBACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,OAAO;oBACP,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,IAAI,EAAE;wBACJ,IAAI,EAAE,OAAO,CAAC,IAAI;wBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,MAAM,EAAE,MAAM,CAAC,MAAM;qBACtB;iBACF,CAAC,CAAC;gBAEH,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,qBAAqB,EAAE,CAAC;QACnC,CAAC;QAED,2BAA2B;QAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CACvC,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,EACvB,MAAM,CACP,CAAC;QAEF,gEAAgE;QAChE,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,eAAe,KAAK,IAAI,EAAE,CAAC;YACvE,OAAO,IAAI,CAAC,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9D,CAAC;QAED,oBAAoB;QACpB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC3C,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;gBAC1B,IAAI,EAAE,mBAAmB;gBACzB,SAAS;gBACT,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE;oBACJ,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,YAAY,EAAE,MAAM,CAAC,YAAY;iBAClC;aACF,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;gBAC1B,IAAI,EAAE,kBAAkB;gBACxB,SAAS;gBACT,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE;oBACJ,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,YAAY,EAAE,MAAM,CAAC,YAAY;iBAClC;aACF,CAAC,CAAC;QACL,CAAC;QAED,+CAA+C;QAC/C,IAAI,IAAI,CAAC,EAAE,EAAE,eAAe,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC;oBAC5B,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,SAAS;oBACT,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ;oBAC7C,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,UAAU,EAAE,CAAC;oBACb,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe;iBAC9D,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,EAAE,0DAA0D,CAAC,CAAC;gBAChH,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;oBAC1B,IAAI,EAAE,qBAAqB;oBAC3B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,IAAI,EAAE,EAAE,KAAK,EAAE,uBAAuB,EAAE,OAAO,EAAE,mBAAmB,EAAE;iBACvE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,mCAAmC;IAEnC,KAAK,CAAC,aAAa,CAAC,MAAmB;QACrC,IAAI,MAAmB,CAAC;QACxB,IAAI,CAAC;YACH,MAAM,GAAG,iBAAiB,CAAC,KAAK,CAAC,MAAM,CAAgB,CAAC;QAC1D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,eAAe,CACvB,wBAAwB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAC1E,gBAAgB,EAChB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC3C,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QAE1C,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;YAC1B,IAAI,EAAE,sBAAsB;YAC5B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE;SAC/C,CAAC,CAAC;QAEH,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,OAAe;QAC9B,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,EAAE,CAAC,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAE/C,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;YAC1B,IAAI,EAAE,eAAe;YACrB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,OAAO;YACP,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE,EAAE,OAAO,EAAE;SAClB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,MAAe;QAC9C,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QACvC,MAAM,EAAE,CAAC,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAE/C,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;YAC1B,IAAI,EAAE,eAAe;YACrB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,OAAO;YACP,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE;SAC1B,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,OAAe;QAClC,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAC5C,OAAO,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACxC,OAAO,EAAE,CAAC,UAAU,EAAE,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAe;QAC/B,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACzC,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAE9C,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;gBAC1B,IAAI,EAAE,sBAAsB;gBAC5B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,OAAO;gBACP,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE;aACrC,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,sBAAsB;IAEtB,aAAa,CAAC,MAAe;QAC3B,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,IAAI,uBAAuB,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC7E,CAAC;IAED,eAAe,CAAC,MAAe;QAC7B,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC/C,CAAC;IAED,kBAAkB;QAChB,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACjD,CAAC;IAED,iBAAiB;IAEjB,EAAE,CAAC,IAAyB,EAAE,QAAiC;QAC7D,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACvC,CAAC;IAED,GAAG,CAAC,IAAyB,EAAE,QAAiC;QAC9D,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,6BAA6B;IAE7B,mBAAmB;QACjB,OAAO,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAClD,CAAC;IAED,iBAAiB;IAEjB,SAAS,CAAC,MAAc;QACtB,IAAI,CAAC;YACH,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,eAAe,CACvB,mBAAmB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACrE,gBAAgB,EAChB,cAAc,CACf,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;;OAGG;IACH,WAAW;QACT,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACrB,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,MAAc;QAC9B,IAAI,CAAC;YACH,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,eAAe,CACvB,mBAAmB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACrE,gBAAgB,EAChB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACzC,MAAM,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAE7B,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;YAC1B,IAAI,EAAE,gBAAgB;YACtB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE,EAAE,UAAU,EAAE,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE;SAC3D,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QAC1C,OAAO,EAAE,CAAC,YAAY,EAAE,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,IAAY;QAChC,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAC7C,OAAO,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,IAAY;QAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QAE5C,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;gBAC1B,IAAI,EAAE,gBAAgB;gBACtB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE;aAC3B,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,kBAAkB;IAElB;;;OAGG;IACH,cAAc,CAAC,OAAwB,EAAE,MAAc;QACrD,mBAAmB;QACnB,IAAI,CAAC;YACH,qBAAqB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,eAAe,CACvB,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAC9E,iBAAiB,EACjB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,kBAAkB;QAClB,IAAI,CAAC;YACH,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,eAAe,CACvB,mBAAmB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACrE,gBAAgB,EAChB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,eAAe,EAAE,CAAC;QAErD,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,CAC/B,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,EACvB,MAAM,CACP,CAAC;IACJ,CAAC;IAED,4BAA4B;IAE5B,KAAK,CAAC,gBAAgB,CAAC,UAAkB;QACvC,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAC9C,OAAO,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,UAAkB,EAAE,SAAiB;QAC1D,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAC9C,OAAO,EAAE,CAAC,gBAAgB,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IACpD,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,UAAkB,EAAE,SAAiB;QACxD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAE5C,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,gBAAgB,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,eAAe,CACvB,kBAAkB,SAAS,0BAA0B,UAAU,GAAG,EAClE,mBAAmB,EACnB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAW;YACrB,IAAI,EAAE,OAAO,CAAC,UAAU;YACxB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;QAEF,oEAAoE;QACpE,MAAM,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAE7B,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;YAC1B,IAAI,EAAE,gBAAgB;YACtB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE;gBACJ,UAAU;gBACV,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,MAAM,EAAE,UAAU;gBAClB,aAAa,EAAE,SAAS;aACzB;SACF,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,6BAA6B;IAE7B;;;OAGG;IACH,KAAK,CAAC,kBAAkB,CAAC,EAAU;QACjC,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QAChD,IAAI,CAAC,EAAE,CAAC,kBAAkB,EAAE,CAAC;YAC3B,MAAM,IAAI,eAAe,CACvB,wDAAwD,EACxD,wBAAwB,EACxB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ;YAAE,OAAO,IAAI,CAAC;QAE3B,uDAAuD;QACvD,IAAI,QAAQ,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YAC9E,MAAM,IAAI,CAAC,eAAe,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;YACtD,OAAO,EAAE,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,oBAAoB,CAAC,MAAuB;QAChD,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;QAClD,IAAI,CAAC,EAAE,CAAC,oBAAoB,EAAE,CAAC;YAC7B,MAAM,IAAI,eAAe,CACvB,wDAAwD,EACxD,wBAAwB,EACxB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;QAEtD,yCAAyC;QACzC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;YAC/B,IAAI,QAAQ,CAAC,MAAM,KAAK,SAAS,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,EAAE,CAAC;gBACvE,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;YACjE,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,OAAO,EAAE,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IACzC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,eAAe,CACnB,EAAU,EACV,UAA8B;QAE9B,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAC7C,IAAI,CAAC,EAAE,CAAC,sBAAsB,IAAI,CAAC,EAAE,CAAC,kBAAkB,EAAE,CAAC;YACzD,MAAM,IAAI,eAAe,CACvB,wDAAwD,EACxD,wBAAwB,EACxB,cAAc,CACf,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;QACjE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC7B,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC;QACjD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;QAC7B,CAAC;QAED,yBAAyB;QACzB,MAAM,YAAY,GAA2B;YAC3C,QAAQ,EAAE,kBAAkB;YAC5B,QAAQ,EAAE,mBAAmB;YAC7B,OAAO,EAAE,kBAAkB;SAC5B,CAAC;QACF,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;gBAC1B,IAAI,EAAE,SAA0E;gBAChF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE;oBACJ,UAAU,EAAE,QAAQ,CAAC,EAAE;oBACvB,IAAI,EAAE,QAAQ,CAAC,IAAI;oBACnB,UAAU,EAAE,QAAQ,CAAC,UAAU;oBAC/B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;oBAC3B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;oBAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;iBAC1B;aACF,CAAC,CAAC;QACL,CAAC;QAED,oBAAoB;QACpB,IAAI,EAAE,CAAC,eAAe,EAAE,CAAC;YACvB,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC;YAC1E,MAAM,EAAE,CAAC,eAAe,CAAC;gBACvB,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,IAAI,EAAE,QAAQ,CAAC,IAAI;gBACnB,MAAM,EAAE,QAAQ,CAAC,MAAM;gBACvB,MAAM,EAAE,WAAW;gBACnB,MAAM,EAAE,QAAQ,CAAC,MAAM,KAAK,SAAS;oBACnC,CAAC,CAAC,4BAA4B;oBAC9B,CAAC,CAAC,YAAY,QAAQ,CAAC,MAAM,OAAO,QAAQ,CAAC,QAAQ,IAAI,SAAS,EAAE;gBACtE,UAAU,EAAE,CAAC;gBACb,eAAe,EAAE,QAAQ,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS;aAChF,CAAC,CAAC;QACL,CAAC;QAED,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACtC,CAAC;IAED,mBAAmB;IAEnB;;;OAGG;IACK,KAAK,CAAC,sBAAsB,CAClC,OAAwB,EACxB,MAAsB,EACtB,OAAe;QAEf,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACnB,IAAI,CAAC,EAAE,EAAE,qBAAqB,EAAE,CAAC;YAC/B,mDAAmD;YACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAChD,yEAAyE,CAC1E,CAAC;YAEF,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;gBAC1B,IAAI,EAAE,kBAAkB;gBACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE;oBACJ,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,MAAM,EAAE,6DAA6D;iBACtE;aACF,CAAC,CAAC;YAEH,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,MAAM,EAAE,6DAA6D;gBACrE,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,gBAAgB,EAAE,IAAI;aACvB,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC3C,MAAM,QAAQ,GAAG,IAAI,IAAI,CACvB,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAChD,CAAC,WAAW,EAAE,CAAC;QAEhB,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,qBAAqB,CAAC;YAC9C,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,UAAU,EAAE,WAAW,CAAC,UAAU;YAClC,QAAQ,EAAE,WAAW,CAAC,QAAQ;YAC9B,QAAQ;SACT,CAAC,CAAC;QAEH,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;YAC1B,IAAI,EAAE,oBAAoB;YAC1B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,IAAI,EAAE;gBACJ,UAAU,EAAE,QAAQ,CAAC,EAAE;gBACvB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,UAAU,EAAE,WAAW,CAAC,UAAU;gBAClC,QAAQ,EAAE,WAAW,CAAC,QAAQ;gBAC9B,QAAQ;aACT;SACF,CAAC,CAAC;QAEH,OAAO;YACL,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,+BAA+B,QAAQ,CAAC,EAAE,UAAU;YAC5D,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,gBAAgB,EAAE,IAAI;YACtB,UAAU,EAAE,QAAQ,CAAC,EAAE;YACvB,QAAQ;SACT,CAAC;IACJ,CAAC;IAEO,SAAS,CAAC,MAAc;QAC9B,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,MAAM,IAAI,eAAe,CACvB,GAAG,MAAM,oEAAoE,EAC7E,mBAAmB,EACnB,cAAc,CACf,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,EAAE,CAAC;IACjB,CAAC;CACF"}
|