npm - @ait-co/devtools - Versions diffs - 0.1.39 → 0.1.41 - Mend

@ait-co/devtools 0.1.39 → 0.1.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/mcp/cli.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"cli.js","names":["isObject","DEFAULT_BUFFER_SIZE","isObject","parseInbound","PHASE_1_EVENTS","isObject","jsonResult"],"sources":["../../src/mcp/ait-chii-source.ts","../../src/mcp/chii-connection.ts","../../src/mcp/chii-relay.ts","../../src/mcp/local-connection.ts","../../src/mcp/local-launcher.ts","../../src/mcp/qr-http-server.ts","../../src/mcp/deeplink.ts","../../src/mcp/tools.ts","../../src/mcp/totp.ts","../../src/mcp/tunnel.ts","../../src/mcp/debug-server.ts","../../src/mcp/ait-http-source.ts","../../src/mcp/server.ts","../../src/mcp/cli.ts"],"sourcesContent":["/*\n Debug-mode `AitSource` — forwards `AIT.` methods over the Chii channel.\n \n * The AIT domain (`AIT.getSdkCallHistory` / `getMockState` /\n * `getOperationalEnvironment`) is non-standard CDP: the in-app side registers a\n * handler for these methods and answers them over the same Chii websocket the\n * CDP commands use. Building the AIT source on `ChiiCdpConnection.sendCommand`\n * means both domains share one transport (spec: \"the same MCP server forwards\n * both CDP and AIT domains\").\n \n The in-app `AIT.` handler lives downstream in sdk-example. Here we build\n the MCP-server-side forwarding + the injectable seam; tests inject a fake\n * `AitSource` returning canned responses, so this forwarding layer needs no\n * phone.\n \n Node-only (wraps the relay websocket connection).\n /\n\nimport type {\n AitMethodMap,\n AitMethodName,\n AitMockState,\n AitOperationalEnvironment,\n AitSdkCallHistory,\n AitSource,\n} from './ait-source.js';\n\n/* The slice of `ChiiCdpConnection` this source needs (keeps it testable). /\nexport interface AitCommandSender {\n sendCommand(method: string, params?: Record<string, unknown>): Promise<unknown>;\n}\n\nfunction isObject(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n\n/* Narrows an `AIT.getSdkCallHistory` response, tolerating a missing array. /\nfunction asSdkCallHistory(raw: unknown): AitSdkCallHistory {\n if (isObject(raw) && Array.isArray(raw.calls)) {\n return { calls: raw.calls as AitSdkCallHistory['calls'] };\n }\n return { calls: [] };\n}\n\n/* Narrows an `AIT.getMockState` response to an opaque record. /\nfunction asMockState(raw: unknown): AitMockState {\n return isObject(raw) ? raw : {};\n}\n\n/* Narrows an `AIT.getOperationalEnvironment` response. /\nfunction asOperationalEnvironment(raw: unknown): AitOperationalEnvironment {\n const environment =\n isObject(raw) && typeof raw.environment === 'string' ? raw.environment : 'unknown';\n const sdkVersion = isObject(raw) && typeof raw.sdkVersion === 'string' ? raw.sdkVersion : null;\n return { environment, sdkVersion };\n}\n\nexport class ChiiAitSource implements AitSource {\n constructor(private readonly sender: AitCommandSender) {}\n\n async get<M extends AitMethodName>(method: M): Promise<AitMethodMap[M]> {\n const raw = await this.sender.sendCommand(method);\n // The map's value type is resolved per-key below; the cast is the single\n // narrowing point (each branch returns the precise shape for `method`).\n switch (method) {\n case 'AIT.getSdkCallHistory':\n return asSdkCallHistory(raw) as AitMethodMap[M];\n case 'AIT.getMockState':\n return asMockState(raw) as AitMethodMap[M];\n case 'AIT.getOperationalEnvironment':\n return asOperationalEnvironment(raw) as AitMethodMap[M];\n default:\n throw new Error(`Unknown AIT method: ${String(method)}`);\n }\n }\n}\n","/\n Production `CdpConnection` backed by the local Chii relay.\n \n Topology (debug mode):\n * phone target.js --WS--> Chii relay :9100 <--WS-- this connection\n \n The phone connects to the relay as a `target`; this module connects as a\n * `client` (the role a CDP frontend would take) so CDP events the page emits\n * (`Runtime.consoleAPICalled`, `Network.`) flow back here. We buffer recent\n events in ring buffers the tool layer reads via `getBufferedEvents`.\n \n Node-only: imports `ws`. Never bundled into the browser/in-app entries.\n /\n\nimport { EventEmitter } from 'node:events';\nimport { WebSocket } from 'ws';\nimport type {\n CdpCommandMap,\n CdpCommandName,\n CdpConnection,\n CdpEventMap,\n CdpEventName,\n CdpTarget,\n} from './cdp-connection.js';\n\n/* Max events retained per domain ring buffer. /\nconst DEFAULT_BUFFER_SIZE = 500;\n\n/* A CDP message arriving over the relay websocket. /\ninterface CdpInboundMessage {\n id?: number;\n method?: string;\n params?: unknown;\n result?: unknown;\n error?: { message: string };\n}\n\nfunction isObject(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n\nfunction parseInbound(raw: string): CdpInboundMessage \| null {\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n return null;\n }\n if (!isObject(parsed)) return null;\n const message: CdpInboundMessage = {};\n if (typeof parsed.id === 'number') message.id = parsed.id;\n if (typeof parsed.method === 'string') message.method = parsed.method;\n if ('params' in parsed) message.params = parsed.params;\n if ('result' in parsed) message.result = parsed.result;\n if (isObject(parsed.error) && typeof parsed.error.message === 'string') {\n message.error = { message: parsed.error.message };\n }\n return message;\n}\n\nconst PHASE_1_EVENTS: readonly CdpEventName[] = [\n 'Runtime.consoleAPICalled',\n 'Network.requestWillBeSent',\n 'Network.responseReceived',\n];\n\nexport interface ChiiCdpConnectionOptions {\n /* Base URL of the local Chii relay HTTP/WS server, e.g. `http://127.0.0.1:9100`. /\n relayBaseUrl: string;\n /* Per-domain ring buffer size. /\n bufferSize?: number;\n}\n\n/\n Production CDP connection. Polls the relay for the first attached target,\n * opens a client websocket to it, enables Phase 1 domains, and buffers events.\n /\nexport class ChiiCdpConnection implements CdpConnection {\n private readonly relayBaseUrl: string;\n private readonly bufferSize: number;\n private readonly emitter = new EventEmitter();\n private readonly buffers = new Map<CdpEventName, unknown[]>();\n private readonly targets = new Map<string, CdpTarget>();\n\n private ws: WebSocket \| null = null;\n private nextCommandId = 1;\n /* In-flight enableDomains() promise — concurrent callers share it. /\n private enablingPromise: Promise<void> \| null = null;\n /* Pending request→response commands keyed by CDP message id. /\n private readonly pending = new Map<\n number,\n { resolve: (result: unknown) => void; reject: (err: Error) => void }\n >();\n\n constructor(options: ChiiCdpConnectionOptions) {\n this.relayBaseUrl = options.relayBaseUrl.replace(/\\/$/, '');\n this.bufferSize = options.bufferSize ?? DEFAULT_BUFFER_SIZE;\n for (const event of PHASE_1_EVENTS) this.buffers.set(event, []);\n // EventEmitter caps listeners at 10 by default; the tool layer may add\n // several short-lived subscriptions, so lift the cap.\n this.emitter.setMaxListeners(0);\n }\n\n /* Refresh the attached-target list from the relay's `GET /targets`. /\n async refreshTargets(): Promise<CdpTarget[]> {\n const res = await fetch(`${this.relayBaseUrl}/targets`);\n if (!res.ok) {\n throw new Error(`Chii relay /targets returned HTTP ${res.status} ${res.statusText}`);\n }\n const body: unknown = await res.json();\n const list = isObject(body) && Array.isArray(body.targets) ? body.targets : [];\n this.targets.clear();\n for (const item of list) {\n if (!isObject(item) \|\| typeof item.id !== 'string') continue;\n this.targets.set(item.id, {\n id: item.id,\n title: typeof item.title === 'string' ? item.title : '',\n url: typeof item.url === 'string' ? item.url : '',\n });\n }\n return [...this.targets.values()];\n }\n\n listTargets(): CdpTarget[] {\n return [...this.targets.values()];\n }\n\n /\n Connect a client websocket to the first attached target and enable Phase 1\n * domains. Resolves once the socket is open and enable commands are sent.\n /\n async enableDomains(): Promise<void> {\n if (this.ws && this.ws.readyState === WebSocket.OPEN) return;\n // If a connect attempt is already in-flight, await it rather than racing\n // to open a second websocket that would overwrite `this.ws` and leak the first.\n if (this.enablingPromise) return this.enablingPromise;\n this.enablingPromise = this._doEnableDomains().finally(() => {\n this.enablingPromise = null;\n });\n return this.enablingPromise;\n }\n\n private async _doEnableDomains(): Promise<void> {\n const targets = await this.refreshTargets();\n const target = targets[0];\n if (!target) {\n throw new Error('No mini-app page attached to the Chii relay yet.');\n }\n\n const wsBase = this.relayBaseUrl.replace(/^http/, 'ws');\n const clientId = `devtools-mcp-${Date.now()}`;\n const ws = new WebSocket(\n `${wsBase}/client/${clientId}?target=${encodeURIComponent(target.id)}`,\n );\n this.ws = ws;\n\n await new Promise<void>((resolve, reject) => {\n ws.once('open', () => resolve());\n ws.once('error', (err: Error) => reject(err));\n });\n\n ws.on('message', (data: WebSocket.RawData) => this.handleMessage(data.toString()));\n\n this.sendFireAndForget('Runtime.enable');\n this.sendFireAndForget('Network.enable');\n // DOM/Page domains back the Phase 2 command tools; Chii answers their\n // request→response commands once enabled.\n this.sendFireAndForget('DOM.enable');\n this.sendFireAndForget('Page.enable');\n }\n\n /* Fire-and-forget CDP message (used for `.enable`, no result awaited). /\n private sendFireAndForget(method: string, params: Record<string, unknown> = {}): void {\n if (!this.ws \|\| this.ws.readyState !== WebSocket.OPEN) return;\n const id = this.nextCommandId++;\n this.ws.send(JSON.stringify({ id, method, params }));\n }\n\n /*\n Issue a CDP command and resolve with its result (Phase 2). Rejects on a CDP\n * error frame or when no websocket is open (no page attached yet).\n /\n send<M extends CdpCommandName>(\n method: M,\n params?: CdpCommandMap[M]['params'],\n ): Promise<CdpCommandMap[M]['result']> {\n return this.sendCommand(method, (params ?? {}) as Record<string, unknown>) as Promise<\n CdpCommandMap[M]['result']\n >;\n }\n\n /\n Issue an arbitrary request→response command over the relay and resolve with\n * its raw result. Both the typed CDP {@link send} and the AIT domain (Phase 3\n * `AIT.` methods, forwarded over the same Chii channel) build on this.\n /\n sendCommand(method: string, params: Record<string, unknown> = {}): Promise<unknown> {\n if (!this.ws \|\| this.ws.readyState !== WebSocket.OPEN) {\n return Promise.reject(\n new Error('No mini-app page attached to the Chii relay yet. Call enableDomains() first.'),\n );\n }\n const id = this.nextCommandId++;\n const ws = this.ws;\n return new Promise<unknown>((resolve, reject) => {\n this.pending.set(id, { resolve, reject });\n ws.send(JSON.stringify({ id, method, params }));\n });\n }\n\n private handleMessage(raw: string): void {\n const message = parseInbound(raw);\n if (!message) return;\n\n // Command response (has an id matching a pending request).\n if (typeof message.id === 'number' && this.pending.has(message.id)) {\n const waiter = this.pending.get(message.id);\n this.pending.delete(message.id);\n if (waiter) {\n if (message.error) waiter.reject(new Error(message.error.message));\n else waiter.resolve(message.result);\n }\n return;\n }\n\n // Event (buffered for the Phase 1 stream tools).\n if (typeof message.method !== 'string') return;\n if (!this.buffers.has(message.method as CdpEventName)) return;\n const event = message.method as CdpEventName;\n const buffer = this.buffers.get(event);\n if (!buffer) return;\n buffer.push(message.params);\n if (buffer.length > this.bufferSize) buffer.shift();\n this.emitter.emit(event, message.params);\n }\n\n getBufferedEvents<E extends CdpEventName>(event: E): ReadonlyArray<CdpEventMap[E]> {\n const buffer = this.buffers.get(event);\n return (buffer ?? []) as ReadonlyArray<CdpEventMap[E]>;\n }\n\n on<E extends CdpEventName>(event: E, listener: (payload: CdpEventMap[E]) => void): () => void {\n this.emitter.on(event, listener as (payload: unknown) => void);\n return () => this.emitter.off(event, listener as (payload: unknown) => void);\n }\n\n /** Close the relay client websocket and reject any in-flight commands. /\n close(): void {\n this.ws?.close();\n this.ws = null;\n for (const waiter of this.pending.values()) {\n waiter.reject(new Error('Chii relay connection closed.'));\n }\n this.pending.clear();\n }\n}\n","/\n Boots the local Chii relay server.\n \n Chii (liriliri/chii) is a chobitsu-based CDP relay that lets non-Chrome\n * WebViews (iOS WKWebView / Android WebView — i.e. the Toss app) expose CDP.\n * The relay accepts a `target` websocket from the phone's injected `target.js`\n * and `client` websockets from CDP frontends (our MCP connection).\n \n Node-only: `chii` pulls in Koa + ws. Never bundled into the browser/in-app\n * entries.\n \n TOTP auth (relay-side, authoritative gate):\n * When `verifyAuth` is provided, this module registers an HTTP upgrade\n * listener on the server BEFORE calling `chii.start({server})`. Node's\n * `http.Server` allows multiple 'upgrade' listeners; the first to call\n * `socket.destroy()` wins. Invalid auth → 401 + destroy (chii never sees\n * the connection). Valid auth → return without side-effect (chii handles it).\n \n Threat model: \"URL leak\" — someone obtains the tunnel URL (Slack paste, QR\n * screenshot, shoulder-surfing) but does not have the shared TOTP secret.\n * Rotating 6-digit code makes the URL stale after 30 s.\n * A determined attacker who extracts the secret from the dogfood bundle can\n * still compute valid codes; that is out of scope (see umbrella CLAUDE.md §4).\n \n SECRET-HANDLING: The secret value and computed TOTP codes MUST NOT appear\n * in any log, error message, or process output. `verifyAuth` is a black-box\n * predicate from the caller's perspective; this module only forwards pass/fail.\n /\n\nimport { createServer, type IncomingMessage, type Server } from 'node:http';\nimport { createRequire } from 'node:module';\nimport type { AddressInfo } from 'node:net';\nimport type { Duplex } from 'node:stream';\n\nconst require = createRequire(import.meta.url);\n\n/* `chii/server` is CommonJS and shipped without TypeScript types. /\ninterface ChiiServerModule {\n start(options: {\n port?: number;\n host?: string;\n domain?: string;\n server?: Server;\n basePath?: string;\n }): Promise<void>;\n}\n\nfunction loadChiiServer(): ChiiServerModule {\n // `chii`'s package `main` is `./server/index.js`, exposing `{ start }`.\n const mod: unknown = require('chii');\n if (\n typeof mod === 'object' &&\n mod !== null &&\n 'start' in mod &&\n typeof (mod as { start: unknown }).start === 'function'\n ) {\n return mod as ChiiServerModule;\n }\n throw new Error('chii server module did not expose start()');\n}\n\nexport interface ChiiRelay {\n port: number;\n /* Base URL for the relay HTTP/WS server, e.g. `http://127.0.0.1:54321`. /\n baseUrl: string;\n close(): Promise<void>;\n}\n\nexport interface StartChiiRelayOptions {\n /\n Local port for the relay. Default 0 (OS-assigned ephemeral port).\n \n Using 0 means the OS picks a free port — this is the safe default because\n * a stale cloudflared child process (PPID 1, orphaned after SIGKILL) may still\n * be holding a fixed port. A fixed port causes EADDRINUSE on the next startup,\n * which makes the MCP handshake fail with -32000. With port 0 the new relay\n * always gets a fresh port, making any orphaned process harmless.\n \n Pass an explicit number to restore fixed-port behaviour (backwards-compatible).\n /\n port?: number;\n /* Bind host. Default 127.0.0.1 (tunnel reaches it locally). /\n host?: string;\n /\n Optional auth predicate for WebSocket upgrade requests.\n \n When provided, every inbound WebSocket upgrade is checked by calling\n * `verifyAuth(req)` before Chii processes it. Return `true` to allow the\n * upgrade; return `false` to reject with HTTP 401 and destroy the socket.\n \n The predicate MUST NOT log the secret or any TOTP code — it is a black-box\n * from this module's perspective.\n \n @param req - The raw HTTP `IncomingMessage` from the upgrade handshake.\n * Inspect `req.url` for query parameters (e.g. `at=<code>`).\n * @returns `true` if the upgrade is authorised, `false` to reject.\n /\n verifyAuth?: (req: IncomingMessage) => boolean;\n}\n\n/\n Starts the Chii relay and resolves once listening.\n \n Default port is 0 (OS-assigned). With port 0 the OS picks a free ephemeral\n * port on every start, so a stale cloudflared orphan holding any particular\n * port cannot cause EADDRINUSE. The resolved `ChiiRelay.port` and `baseUrl`\n * always reflect the actual bound port.\n \n chii.start() is called with `server` (our pre-created httpServer) BEFORE\n * httpServer.listen(). This is intentional: chii attaches its Koa handler and\n * WS upgrade listener to the server object, but the actual TCP bind is\n * performed by our httpServer.listen() call below. The `port`/`domain` values\n * passed to chii.start() are used for display/banner purposes inside chii and\n * do not affect which port the server binds. The connection path (clients\n * connecting to `relay.baseUrl`) always uses the post-listen confirmed port.\n /\nexport async function startChiiRelay(options: StartChiiRelayOptions = {}): Promise<ChiiRelay> {\n const requestedPort = options.port ?? 0;\n const host = options.host ?? '127.0.0.1';\n const { verifyAuth } = options;\n\n const httpServer = createServer();\n\n // Register our auth listener BEFORE chii.start() so it fires first.\n // Node's http.Server emits 'upgrade' to all listeners in registration order;\n // the first to destroy() the socket wins. Valid requests return without\n // side-effect so chii's own upgrade handler takes over normally.\n //\n // We only register when verifyAuth is provided so the no-auth path is\n // zero-overhead for tests and local-only dev sessions.\n if (verifyAuth) {\n httpServer.on('upgrade', (req: IncomingMessage, socket: Duplex) => {\n if (!verifyAuth(req)) {\n // Reject: send a minimal HTTP 401 response and close the socket.\n // We do NOT log req.url or any auth param here to avoid leaking codes.\n socket.write('HTTP/1.1 401 Unauthorized\\r\\nContent-Length: 0\\r\\n\\r\\n');\n socket.destroy();\n // Early return — chii's handler is NOT called for this socket.\n return;\n }\n // Auth passed: no-op. Chii's upgrade listener (registered below by\n // chii.start) will handle the rest.\n });\n }\n\n const chii = loadChiiServer();\n // Passing an existing `server` makes chii attach its Koa handler + WS upgrade\n // to our HTTP server rather than creating its own listener.\n // Note: port/domain here are display-only inside chii — the TCP bind is ours.\n await chii.start({ server: httpServer, domain: `${host}:${requestedPort}`, port: requestedPort });\n\n const actualPort = await new Promise<number>((resolve, reject) => {\n httpServer.once('error', reject);\n httpServer.listen(requestedPort, host, () => {\n httpServer.off('error', reject);\n // httpServer.address() is non-null immediately after the listen callback.\n const addr = httpServer.address() as AddressInfo;\n resolve(addr.port);\n });\n });\n\n return {\n port: actualPort,\n baseUrl: `http://${host}:${actualPort}`,\n close: () =>\n new Promise<void>((resolve) => {\n httpServer.close(() => resolve());\n }),\n };\n}\n","/\n Local-browser `CdpConnection` — attaches directly to a Chromium instance\n * started with `--remote-debugging-port=<port>`.\n \n Topology (local debug mode, env 1):\n * Chromium --CDP WS--> this connection <--stdio--> MCP host\n \n The core insight: local Chromium and the phone's Toss WebView both speak\n * Chrome DevTools Protocol. The only difference is the attach strategy — how\n * you reach the CDP endpoint. Here we hit the Chromium DevTools HTTP endpoint\n * (`GET /json`) to discover per-target websocket URLs, then connect directly.\n * The Chii relay (env 2/3) uses `GET /targets` + `/client/<id>?target=<id>`.\n * Every tool (list_console_messages, get_dom_document, take_screenshot, …)\n * reads only the `CdpConnection` interface and works unchanged on both.\n \n Node-only: imports `ws`. Never bundled into the browser/in-app entries.\n /\n\nimport { EventEmitter } from 'node:events';\nimport { WebSocket } from 'ws';\nimport type {\n CdpCommandMap,\n CdpCommandName,\n CdpConnection,\n CdpEventMap,\n CdpEventName,\n CdpTarget,\n} from './cdp-connection.js';\n\n/* Max events retained per domain ring buffer. /\nconst DEFAULT_BUFFER_SIZE = 500;\n\n/* A CDP message arriving over the local Chromium websocket. /\ninterface CdpInboundMessage {\n id?: number;\n method?: string;\n params?: unknown;\n result?: unknown;\n error?: { message: string };\n}\n\nfunction isObject(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n\nfunction parseInbound(raw: string): CdpInboundMessage \| null {\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n return null;\n }\n if (!isObject(parsed)) return null;\n const message: CdpInboundMessage = {};\n if (typeof parsed.id === 'number') message.id = parsed.id;\n if (typeof parsed.method === 'string') message.method = parsed.method;\n if ('params' in parsed) message.params = parsed.params;\n if ('result' in parsed) message.result = parsed.result;\n if (isObject(parsed.error) && typeof parsed.error.message === 'string') {\n message.error = { message: parsed.error.message };\n }\n return message;\n}\n\nconst PHASE_1_EVENTS: readonly CdpEventName[] = [\n 'Runtime.consoleAPICalled',\n 'Network.requestWillBeSent',\n 'Network.responseReceived',\n];\n\n/\n A target entry from the Chromium DevTools HTTP `/json` endpoint.\n * Each page target includes a `webSocketDebuggerUrl` pointing directly at the\n * target's CDP websocket — no relay URL indirection.\n /\ninterface ChromiumJsonTarget {\n id: string;\n title: string;\n url: string;\n type: string;\n webSocketDebuggerUrl?: string;\n}\n\nexport interface LocalCdpConnectionOptions {\n /\n Base URL of the Chromium DevTools HTTP server, e.g. `http://127.0.0.1:9222`.\n * The connection hits `<devtoolsHttpUrl>/json` to discover targets.\n /\n devtoolsHttpUrl: string;\n /* Per-domain ring buffer size. Default 500. /\n bufferSize?: number;\n}\n\n/\n `CdpConnection` that attaches directly to a local Chromium over its built-in\n * CDP websocket. Mirrors `ChiiCdpConnection`'s buffering/command-routing/event\n * logic — same `parseInbound`, ring-buffer, `pending` map patterns — but the\n * attach strategy differs:\n \n Chii relay: `GET /targets` → open `/client/<id>?target=<id>` WS\n * Local CDP: `GET /json` → open `webSocketDebuggerUrl` per target directly\n \n Target selection: first `type === 'page'` target whose URL is not\n * `about:blank`, `about:newtab`, or a devtools:// URL.\n /\nexport class LocalCdpConnection implements CdpConnection {\n private readonly devtoolsHttpUrl: string;\n private readonly bufferSize: number;\n private readonly emitter = new EventEmitter();\n private readonly buffers = new Map<CdpEventName, unknown[]>();\n private readonly targets = new Map<string, CdpTarget>();\n\n private ws: WebSocket \| null = null;\n private nextCommandId = 1;\n /* In-flight enableDomains() promise — concurrent callers share it. /\n private enablingPromise: Promise<void> \| null = null;\n /* Pending request→response commands keyed by CDP message id. /\n private readonly pending = new Map<\n number,\n { resolve: (result: unknown) => void; reject: (err: Error) => void }\n >();\n\n constructor(options: LocalCdpConnectionOptions) {\n this.devtoolsHttpUrl = options.devtoolsHttpUrl.replace(/\\/$/, '');\n this.bufferSize = options.bufferSize ?? DEFAULT_BUFFER_SIZE;\n for (const event of PHASE_1_EVENTS) this.buffers.set(event, []);\n // EventEmitter caps listeners at 10 by default; the tool layer may add\n // several short-lived subscriptions, so lift the cap.\n this.emitter.setMaxListeners(0);\n }\n\n /\n Fetch the target list from the Chromium DevTools `/json` (or `/json/list`)\n * endpoint and pick the first non-blank page target.\n \n Returns the selected target's `webSocketDebuggerUrl` alongside the\n * normalized `CdpTarget` list (all page targets visible to the server).\n /\n private async fetchTargets(): Promise<{\n selected: ChromiumJsonTarget \| null;\n all: CdpTarget[];\n }> {\n // Chromium exposes both /json and /json/list; /json is the canonical form.\n const res = await fetch(`${this.devtoolsHttpUrl}/json`);\n if (!res.ok) {\n throw new Error(\n `Chromium DevTools /json returned HTTP ${res.status} ${res.statusText}. ` +\n 'Is the browser running with --remote-debugging-port?',\n );\n }\n const body: unknown = await res.json();\n const list: ChromiumJsonTarget[] = Array.isArray(body) ? (body as ChromiumJsonTarget[]) : [];\n\n this.targets.clear();\n let selected: ChromiumJsonTarget \| null = null;\n\n for (const item of list) {\n if (!isObject(item) \|\| typeof item.id !== 'string') continue;\n const cdpTarget: CdpTarget = {\n id: item.id,\n title: typeof item.title === 'string' ? item.title : '',\n url: typeof item.url === 'string' ? item.url : '',\n };\n this.targets.set(item.id, cdpTarget);\n\n // Pick the first `page` target that is not a blank/devtools page.\n if (\n selected === null &&\n item.type === 'page' &&\n typeof item.webSocketDebuggerUrl === 'string' &&\n !isBlankOrDevtoolsUrl(item.url)\n ) {\n selected = item;\n }\n }\n\n return { selected, all: [...this.targets.values()] };\n }\n\n listTargets(): CdpTarget[] {\n return [...this.targets.values()];\n }\n\n /\n Discover the target, open a direct CDP websocket to its\n * `webSocketDebuggerUrl`, and enable Phase 1+2 domains. Resolves once the\n * socket is open and domain-enable commands are sent. Idempotent — concurrent\n * callers share the in-flight promise.\n /\n async enableDomains(): Promise<void> {\n if (this.ws && this.ws.readyState === WebSocket.OPEN) return;\n if (this.enablingPromise) return this.enablingPromise;\n this.enablingPromise = this._doEnableDomains().finally(() => {\n this.enablingPromise = null;\n });\n return this.enablingPromise;\n }\n\n private async _doEnableDomains(): Promise<void> {\n const { selected } = await this.fetchTargets();\n if (!selected) {\n throw new Error(\n 'No suitable page target found in the local Chromium instance. ' +\n 'Ensure the browser has a non-blank page open and was started with ' +\n '--remote-debugging-port matching devtoolsHttpUrl.',\n );\n }\n\n // Local CDP gives us the per-target WS URL directly — no relay path needed.\n const wsUrl = selected.webSocketDebuggerUrl as string;\n const ws = new WebSocket(wsUrl);\n this.ws = ws;\n\n await new Promise<void>((resolve, reject) => {\n ws.once('open', () => resolve());\n ws.once('error', (err: Error) => reject(err));\n });\n\n ws.on('message', (data: WebSocket.RawData) => this.handleMessage(data.toString()));\n\n // Enable the same domain set as ChiiCdpConnection so all tools work identically.\n this.sendFireAndForget('Runtime.enable');\n this.sendFireAndForget('Network.enable');\n this.sendFireAndForget('DOM.enable');\n this.sendFireAndForget('Page.enable');\n }\n\n /* Fire-and-forget CDP message (used for `.enable`, no result awaited). /\n private sendFireAndForget(method: string, params: Record<string, unknown> = {}): void {\n if (!this.ws \|\| this.ws.readyState !== WebSocket.OPEN) return;\n const id = this.nextCommandId++;\n this.ws.send(JSON.stringify({ id, method, params }));\n }\n\n /*\n Issue a CDP command and resolve with its typed result. Rejects on a CDP\n * error frame or when no websocket is open.\n /\n send<M extends CdpCommandName>(\n method: M,\n params?: CdpCommandMap[M]['params'],\n ): Promise<CdpCommandMap[M]['result']> {\n return this.sendCommand(method, (params ?? {}) as Record<string, unknown>) as Promise<\n CdpCommandMap[M]['result']\n >;\n }\n\n /\n Issue an arbitrary request→response command and resolve with its raw\n * result. Both the typed CDP `send` and any AIT domain commands build on this.\n /\n sendCommand(method: string, params: Record<string, unknown> = {}): Promise<unknown> {\n if (!this.ws \|\| this.ws.readyState !== WebSocket.OPEN) {\n return Promise.reject(\n new Error(\n 'No local Chromium page attached yet. Call enableDomains() first and ensure ' +\n 'the browser is running with --remote-debugging-port.',\n ),\n );\n }\n const id = this.nextCommandId++;\n const ws = this.ws;\n return new Promise<unknown>((resolve, reject) => {\n this.pending.set(id, { resolve, reject });\n ws.send(JSON.stringify({ id, method, params }));\n });\n }\n\n private handleMessage(raw: string): void {\n const message = parseInbound(raw);\n if (!message) return;\n\n // Command response (has an id matching a pending request).\n if (typeof message.id === 'number' && this.pending.has(message.id)) {\n const waiter = this.pending.get(message.id);\n this.pending.delete(message.id);\n if (waiter) {\n if (message.error) waiter.reject(new Error(message.error.message));\n else waiter.resolve(message.result);\n }\n return;\n }\n\n // Event (buffered for the Phase 1 stream tools).\n if (typeof message.method !== 'string') return;\n if (!this.buffers.has(message.method as CdpEventName)) return;\n const event = message.method as CdpEventName;\n const buffer = this.buffers.get(event);\n if (!buffer) return;\n buffer.push(message.params);\n if (buffer.length > this.bufferSize) buffer.shift();\n this.emitter.emit(event, message.params);\n }\n\n getBufferedEvents<E extends CdpEventName>(event: E): ReadonlyArray<CdpEventMap[E]> {\n const buffer = this.buffers.get(event);\n return (buffer ?? []) as ReadonlyArray<CdpEventMap[E]>;\n }\n\n on<E extends CdpEventName>(event: E, listener: (payload: CdpEventMap[E]) => void): () => void {\n this.emitter.on(event, listener as (payload: unknown) => void);\n return () => this.emitter.off(event, listener as (payload: unknown) => void);\n }\n\n /* Close the local CDP websocket and reject any in-flight commands. /\n close(): void {\n this.ws?.close();\n this.ws = null;\n for (const waiter of this.pending.values()) {\n waiter.reject(new Error('Local Chromium CDP connection closed.'));\n }\n this.pending.clear();\n }\n}\n\n/* True for URLs that should be skipped when selecting a page target. /\nfunction isBlankOrDevtoolsUrl(url: string): boolean {\n return (\n url === '' \|\|\n url === 'about:blank' \|\|\n url === 'about:newtab' \|\|\n url.startsWith('devtools://') \|\|\n url.startsWith('chrome://') \|\|\n url.startsWith('chrome-extension://')\n );\n}\n","/\n Chromium launcher for the local debug mode (env 1).\n \n Launch decision rationale:\n * - `chrome-launcher` (npm) is purpose-built and finds installed Chrome, but\n * adds a runtime dependency to the MCP bundle. The repo already has a clear\n * \"external dependency minimization\" policy; `chrome-launcher` is not worth\n * pulling in for what is essentially `spawn(chromeBin, [...flags])`.\n * - Playwright is a devDependency used for E2E only — pulling `chromium.launch`\n * into the runtime MCP path would add ~100 MB of bundled Chromium to the\n * production install and break the \"devDep = e2e only\" boundary.\n * - `child_process.spawn` with a platform-aware binary search is the lightest\n * option: zero new dependencies, portable across macOS/Linux/Windows, and\n * trivially testable by injecting a `spawnFn`.\n \n The launcher finds an installed Chrome/Chromium using a prioritized list of\n * well-known binary paths per platform, then spawns it with:\n * --remote-debugging-port=<port>\n * --no-first-run\n * --no-default-browser-check\n * <devUrl>\n \n `pnpm dev` is started by the user; the MCP only launches the browser pointing\n * at it.\n \n Node-only.\n /\n\nimport { type ChildProcess, spawn } from 'node:child_process';\nimport { existsSync } from 'node:fs';\nimport net from 'node:net';\nimport { platform } from 'node:os';\n\n/* A handle returned by `launchChromium`. /\nexport interface ChromiumHandle {\n /* The port Chromium is listening on for CDP (`--remote-debugging-port`). /\n port: number;\n /* Devtools HTTP base URL, e.g. `http://127.0.0.1:9222`. /\n devtoolsUrl: string;\n /* Stop the Chromium child process. /\n stop(): void;\n}\n\nexport interface LaunchChromiumOptions {\n /\n CDP remote debugging port. If 0 or omitted, an ephemeral free port is\n * chosen automatically.\n /\n port?: number;\n /\n URL to open in the browser. Defaults to `AIT_DEVTOOLS_URL` env var or\n * `http://localhost:5173`.\n /\n devUrl?: string;\n /\n Extra Chromium flags appended to the spawn command. Use with caution.\n /\n extraArgs?: string[];\n /\n Injectable `spawn` function for unit testing — defaults to Node's\n * `child_process.spawn`. Tests inject a fake to avoid launching a real browser.\n /\n spawnFn?: typeof spawn;\n}\n\n/\n Find an ephemeral free TCP port by briefly binding a server on port 0.\n * Resolves with the OS-assigned port number.\n /\nexport function findFreePort(): Promise<number> {\n return new Promise((resolve, reject) => {\n const server = net.createServer();\n server.listen(0, '127.0.0.1', () => {\n const addr = server.address();\n const port = typeof addr === 'object' && addr !== null ? addr.port : null;\n server.close(() => {\n if (port === null) {\n reject(new Error('Failed to determine free port from net.Server.'));\n } else {\n resolve(port);\n }\n });\n });\n server.once('error', reject);\n });\n}\n\n/\n Returns an ordered list of Chromium/Chrome binary paths to try for the\n * current platform.\n /\nexport function candidateChromePaths(): string[] {\n const os = platform();\n if (os === 'darwin') {\n return [\n '/Applications/Google Chrome.app/Contents/MacOS/Google Chrome',\n '/Applications/Google Chrome Canary.app/Contents/MacOS/Google Chrome Canary',\n '/Applications/Chromium.app/Contents/MacOS/Chromium',\n '/Applications/Brave Browser.app/Contents/MacOS/Brave Browser',\n ];\n }\n if (os === 'linux') {\n return [\n '/usr/bin/google-chrome',\n '/usr/bin/google-chrome-stable',\n '/usr/bin/chromium',\n '/usr/bin/chromium-browser',\n '/usr/local/bin/google-chrome',\n '/usr/local/bin/chromium',\n '/snap/bin/chromium',\n ];\n }\n if (os === 'win32') {\n const programFiles = process.env.PROGRAMFILES ?? 'C:\\\\Program Files';\n const programFilesX86 = process.env['PROGRAMFILES(X86)'] ?? 'C:\\\\Program Files (x86)';\n return [\n `${programFiles}\\\\Google\\\\Chrome\\\\Application\\\\chrome.exe`,\n `${programFilesX86}\\\\Google\\\\Chrome\\\\Application\\\\chrome.exe`,\n `${programFiles}\\\\Chromium\\\\Application\\\\chrome.exe`,\n ];\n }\n return [];\n}\n\n/* Find the first Chrome/Chromium binary that exists on this machine. /\nexport function findChromeBinary(): string \| null {\n for (const p of candidateChromePaths()) {\n if (existsSync(p)) return p;\n }\n return null;\n}\n\n/\n Launch a local Chromium instance with CDP remote debugging enabled.\n \n The caller is responsible for calling `handle.stop()` when done.\n \n @throws if no Chrome/Chromium binary is found on the system.\n /\nexport async function launchChromium(options: LaunchChromiumOptions = {}): Promise<ChromiumHandle> {\n const spawnImpl = options.spawnFn ?? spawn;\n\n // Resolve the CDP port — find a free one if not specified.\n const requestedPort = options.port ?? 0;\n const port = requestedPort === 0 ? await findFreePort() : requestedPort;\n\n const devUrl = options.devUrl ?? process.env.AIT_DEVTOOLS_URL ?? 'http://localhost:5173';\n\n const binary = findChromeBinary();\n if (binary === null) {\n throw new Error(\n 'No Chrome/Chromium binary found on this system. ' +\n 'Install Google Chrome or Chromium and try again. ' +\n 'Searched: ' +\n candidateChromePaths().join(', '),\n );\n }\n\n const args = [\n `--remote-debugging-port=${port}`,\n '--no-first-run',\n '--no-default-browser-check',\n // Use a separate profile dir so the debugged instance doesn't interfere\n // with the user's regular Chrome profile.\n '--user-data-dir=/tmp/ait-devtools-chromium-profile',\n ...(options.extraArgs ?? []),\n devUrl,\n ];\n\n const child: ChildProcess = spawnImpl(binary, args, {\n // Detach stdio so the MCP server's stdio transport is not contaminated.\n stdio: 'ignore',\n detached: false,\n });\n\n // Allow the Node process to exit even if the child is still running.\n child.unref();\n\n const devtoolsUrl = `http://127.0.0.1:${port}`;\n\n process.stderr.write(\n `[ait-local-debug] Launched Chromium: ${binary}\\n` +\n `[ait-local-debug] CDP endpoint: ${devtoolsUrl}\\n` +\n `[ait-local-debug] Opening: ${devUrl}\\n`,\n );\n\n return {\n port,\n devtoolsUrl,\n stop(): void {\n try {\n child.kill();\n } catch {\n // Ignore — the child may have already exited.\n }\n },\n };\n}\n","/\n 로컬 HTTP 서버 — QR 페이지를 `http://127.0.0.1:<port>` 에서 서빙한다.\n \n file:// origin 대신 HTTP origin을 쓰는 이유: 브라우저 보안 정책상 file://에서\n * 로드된 페이지는 외부 fetch/script가 전부 차단되며, file:// 절대 경로를 <img src>에\n * 넣으면 브라우저에 따라 빈 화면이 된다. 127.0.0.1 HTTP는 modern 브라우저가 fully trust.\n \n SECRET-HANDLING:\n * - 127.0.0.1 바인딩만 — 외부 노출 0.\n * - attachUrl은 HTML 본문과 /qr.png query에만 들어간다 (의도된 전달 경로).\n * - stdout/stderr/로그에 별도 출력하지 않는다.\n * - tmp 파일 만들지 않음 — 모든 응답을 메모리에서 생성.\n /\n\nimport type { Server } from 'node:http';\nimport { createServer } from 'node:http';\n\nexport interface QrHttpServer {\n port: number;\n /* `http://127.0.0.1:<port>/attach?u=<encoded>` URL 생성 헬퍼. /\n buildAttachPageUrl(attachUrl: string): string;\n close(): Promise<void>;\n}\n\n/\n 로컬 HTTP 서버를 127.0.0.1 random port(또는 `AIT_DEBUG_HTTP_PORT` env)로 시작한다.\n * MCP debug server 생애주기에 묶어 사용 — `runDebugServer` shutdown 시 `close()`로 정리.\n /\nexport async function startQrHttpServer(): Promise<QrHttpServer> {\n const { default: QRCode } = await import('qrcode');\n\n const server: Server = createServer((req, res) => {\n const rawUrl = req.url ?? '/';\n const [path, query = ''] = rawUrl.split('?', 2) as [string, string \| undefined];\n const params = new URLSearchParams(query ?? '');\n\n if (path === '/attach') {\n const encodedU = params.get('u') ?? '';\n let attachUrl: string;\n try {\n attachUrl = decodeURIComponent(encodedU);\n } catch {\n res.writeHead(400, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('잘못된 u 파라미터입니다.');\n return;\n }\n\n // deploymentId 라벨 — attachUrl에서 _deploymentId 파라미터만 추출 (at= 노출 방지).\n let deploymentIdLabel = 'attach';\n try {\n const dpMatch = attachUrl.match(/[?&]_deploymentId=([^&]+)/);\n if (dpMatch?.[1]) {\n deploymentIdLabel = decodeURIComponent(dpMatch[1]).slice(0, 36);\n }\n } catch {\n // best-effort\n }\n\n // QR을 base64 data URL로 인라인 생성 — 외부 fetch 없이 self-contained HTML.\n QRCode.toDataURL(attachUrl, { type: 'image/png', errorCorrectionLevel: 'M' })\n .then((dataUrl: string) => {\n const safeLabel = deploymentIdLabel.replace(/[<>&\"']/g, (c) => `&#${c.charCodeAt(0)};`);\n const safeAttachUrl = attachUrl.replace(/[<>&\"']/g, (c) => `&#${c.charCodeAt(0)};`);\n const html = buildAttachHtml(dataUrl, safeLabel, safeAttachUrl);\n res.writeHead(200, {\n 'Content-Type': 'text/html; charset=utf-8',\n 'Cache-Control': 'no-store',\n });\n res.end(html);\n })\n .catch(() => {\n res.writeHead(500, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('QR 생성에 실패했습니다.');\n });\n return;\n }\n\n if (path === '/qr.png') {\n const encodedU = params.get('u') ?? '';\n let attachUrl: string;\n try {\n attachUrl = decodeURIComponent(encodedU);\n } catch {\n res.writeHead(400, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('잘못된 u 파라미터입니다.');\n return;\n }\n\n QRCode.toBuffer(attachUrl, { type: 'png', errorCorrectionLevel: 'M' })\n .then((buf: Buffer) => {\n res.writeHead(200, {\n 'Content-Type': 'image/png',\n 'Cache-Control': 'no-store',\n 'Content-Length': String(buf.length),\n });\n res.end(buf);\n })\n .catch(() => {\n res.writeHead(500, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('QR PNG 생성에 실패했습니다.');\n });\n return;\n }\n\n res.writeHead(404, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('Not Found');\n });\n\n const listenPort = Number(process.env.AIT_DEBUG_HTTP_PORT ?? 0);\n\n await new Promise<void>((resolve, reject) => {\n server.listen(listenPort, '127.0.0.1', () => resolve());\n server.once('error', reject);\n });\n\n const address = server.address();\n if (!address \|\| typeof address === 'string') {\n throw new Error('qr-http-server: server.address()가 예상하지 못한 형태입니다.');\n }\n const port = address.port;\n\n return {\n port,\n buildAttachPageUrl(attachUrl: string): string {\n return `http://127.0.0.1:${port}/attach?u=${encodeURIComponent(attachUrl)}`;\n },\n close(): Promise<void> {\n return new Promise((resolve, reject) => {\n server.close((err) => (err ? reject(err) : resolve()));\n });\n },\n };\n}\n\n/\n QR 스캔 페이지 HTML 본문.\n * dark theme, inline style, 외부 fetch 없음.\n /\nfunction buildAttachHtml(qrDataUrl: string, safeLabel: string, safeAttachUrl: string): string {\n return `<!DOCTYPE html>\n<html lang=\"ko\">\n<head>\n <meta charset=\"utf-8\" />\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" />\n <title>AIT 디버그 세션 — QR 스캔</title>\n <style>\n , ::before, ::after { box-sizing: border-box; }\n body {\n font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", sans-serif;\n background: #0d1117; color: #c9d1d9;\n display: flex; flex-direction: column; align-items: center;\n min-height: 100vh; margin: 0; padding: 2rem 1rem;\n gap: 1.5rem;\n }\n h1 { font-size: 1.25rem; font-weight: 600; color: #e6edf3; margin: 0; text-align: center; }\n .label { font-size: 0.8rem; opacity: 0.5; font-family: monospace; margin: 0; }\n img.qr {\n width: min(90vw, 360px); height: auto;\n image-rendering: pixelated;\n background: #fff; padding: 1rem; border-radius: 12px;\n }\n section { width: 100%; max-width: 480px; }\n h2 { font-size: 1rem; font-weight: 600; color: #e6edf3; margin: 0 0 0.5rem; }\n ol, ul { margin: 0; padding-left: 1.25rem; }\n li { margin-bottom: 0.4rem; font-size: 0.9rem; line-height: 1.5; }\n .url-box {\n font-family: monospace; font-size: 0.72rem;\n word-break: break-all; opacity: 0.4;\n background: #161b22; padding: 0.75rem 1rem;\n border-radius: 6px; border: 1px solid #30363d;\n }\n hr { border: none; border-top: 1px solid #21262d; width: 100%; margin: 0.5rem 0; }\n </style>\n</head>\n<body>\n <h1>AIT 디버그 세션 — QR 스캔</h1>\n <p class=\"label\">deployment: ${safeLabel}</p>\n <img class=\"qr\" src=\"${qrDataUrl}\" alt=\"attach QR\" />\n\n <section>\n <h2>스캔 절차</h2>\n <ol>\n <li>토스 앱을 실행하세요.</li>\n <li>폰 카메라 앱으로 QR 코드를 스캔하세요.</li>\n <li>팝업이 뜨면 <strong>\"토스로 열기\"</strong>를 탭하세요.</li>\n <li>미니앱이 열리고 디버그 세션이 자동으로 attach됩니다.</li>\n </ol>\n </section>\n\n <hr />\n\n <section>\n <h2>진단 체크리스트</h2>\n <ul>\n <li><strong>토스 앱이 안 열리는 경우</strong> — 앱 버전 확인, 카메라 앱으로 스캔 (토스 앱 내 QR 리더 X)</li>\n <li><strong>미니앱이 PREPARE 상태에서 멈추는 경우</strong> — deep-link에 <code>_deploymentId</code> 파라미터가 있는지 확인</li>\n <li><strong>Chii 주입 실패 / 콘솔이 비어 있는 경우</strong> — 미니앱 번들에 <code>in-app</code> debug import가 있는지 확인</li>\n <li><strong>TOTP gate Layer C가 비활성인 경우</strong> — relay 서버에 <code>AIT_DEBUG_TOTP_SECRET</code>이 설정돼 있는지 확인</li>\n </ul>\n </section>\n\n <hr />\n\n <section>\n <h2>URL (fallback)</h2>\n <p class=\"url-box\">${safeAttachUrl}</p>\n </section>\n</body>\n</html>`;\n}\n","/*\n Build a self-attaching dogfood deep link.\n \n `ait deploy --scheme-only` prints an `intoss-private://…?_deploymentId=<uuid>`\n * URL that opens a dogfood bundle on a phone. The in-app debug gate\n * (`src/in-app/gate.ts`) auto-attaches when the entry URL also carries\n * `debug=1` and `relay=<wss-url>`. This helper splices those params (plus\n * `at=<code>` when TOTP is enabled) into the scheme URL; rendering the result\n * as a QR code and scanning it with the phone camera opens the mini-app and\n * attaches it to the live Chii relay. QR is the single entry path — it needs\n * no USB cable, platform CLI, or driver, and works the same on iOS/Android.\n \n The Toss app propagates extra query params from the entry deep link into the\n * mini-app WebView's `location.search` (confirmed behavior), so the gate reads\n * them at attach time.\n \n TOTP `at=` param:\n * When a TOTP secret is active, `buildDeepLinkAttachUrl` accepts an optional\n * `totpCode` argument and splices `at=<code>` alongside `debug` and `relay`.\n * The code must be computed by the caller at call time — do NOT pre-compute\n * and cache it, because the 30-second window expires quickly. The in-app gate\n * (`src/in-app/gate.ts` Layer C) validates this code against the baked secret.\n \n Why not `URL`/`URLSearchParams`: `intoss-private:` is a non-special scheme.\n * The WHATWG `URL` parser treats such schemes opaquely (no host/path/query\n * decomposition you can rely on across runtimes), so query manipulation via\n * `url.searchParams` is not portable here. We splice the query string directly\n * on the raw string instead, which keeps the scheme, authority, path, and any\n * pre-existing params (notably `_deploymentId`) byte-for-byte intact.\n /\n\n/\n Suspicious/generic authority values that indicate a malformed or placeholder\n * scheme URL. These are host strings that will almost certainly cause the Toss\n * app to fail with \"bundle not found\" silently.\n \n The expected form from `ait deploy --scheme-only` is:\n * intoss-private://<appName>?_deploymentId=<uuid>\n * where `<appName>` is a non-generic string like `aitc-sdk-example`.\n /\nconst SUSPICIOUS_AUTHORITIES = new Set<string>(['', 'web', 'localhost', '127.0.0.1', 'app']);\n\n/\n Validates the authority (host) portion of a scheme URL.\n \n Returns a warning message if the authority is missing or looks like a\n * placeholder, or `null` if the authority looks valid.\n \n Expected form: `intoss-private://<appName>?_deploymentId=<uuid>`\n * The authority must be a non-empty, non-generic app name (e.g. `aitc-sdk-example`).\n /\nexport function validateSchemeAuthority(schemeUrl: string): string \| null {\n // Extract authority from `scheme://authority[/path][?query][#hash]`.\n // We cannot use the WHATWG URL parser for non-special schemes reliably\n // (see the deeplink.ts module comment), so we parse the raw string.\n const afterScheme = schemeUrl.replace(/^[a-zA-Z][a-zA-Z0-9+\\-.]:\\/\\//, '');\n if (afterScheme === schemeUrl) {\n // No `://` found — not a scheme URL at all.\n return (\n 'scheme_url does not look like a scheme URL (expected `intoss-private://<appName>?_deploymentId=<uuid>`). ' +\n 'Use the URL printed by `ait deploy --scheme-only`.'\n );\n }\n\n // authority ends at the first `/`, `?`, `#`, or end of string.\n const authorityEnd = afterScheme.search(/[/?#]/);\n const authority = authorityEnd === -1 ? afterScheme : afterScheme.slice(0, authorityEnd);\n\n if (SUSPICIOUS_AUTHORITIES.has(authority.toLowerCase())) {\n const displayAuthority = authority === '' ? '(empty)' : `\"${authority}\"`;\n return (\n `scheme_url authority ${displayAuthority} looks like a placeholder. ` +\n 'Expected an app name like `intoss-private://aitc-sdk-example?_deploymentId=<uuid>`. ' +\n 'Use the URL printed by `ait deploy --scheme-only` — it includes the correct app name as the host.'\n );\n }\n\n return null;\n}\n\n/** A param the helper appends. Existing occurrences are replaced, not duplicated. /\ntype AppendParam = readonly [key: string, value: string];\n\nfunction stripExisting(query: string, key: string): string {\n if (query === '') return '';\n return query\n .split('&')\n .filter((pair) => pair !== '' && pair.split('=')[0] !== key)\n .join('&');\n}\n\n/\n Splices `debug=1`, `relay=<wssUrl>`, and (optionally) `at=<totpCode>` into a\n * scheme URL's query string, preserving everything else (scheme, authority,\n * path, hash, and the existing `_deploymentId` param). If any of the spliced\n * params is already present it is replaced so the helper is idempotent.\n \n @param schemeUrl - The `intoss-private://…?_deploymentId=<uuid>` URL printed\n * by `ait deploy --scheme-only`. Must already carry `_deploymentId` (Layer B\n * of the gate); this helper does not invent one.\n * @param wssUrl - The live relay URL (`wss://…trycloudflare.com`) from the\n * running debug MCP server's quick tunnel.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n * is spliced as `at=<totpCode>`. Must be computed at call time — it rotates\n * every 30 s. Pass `undefined` or omit when TOTP is disabled.\n * @returns The same URL with `debug=1&relay=<encoded wssUrl>[&at=<totpCode>]`\n * appended.\n * @throws If `wssUrl` is not a `wss:` URL (the gate rejects anything else, so\n * producing such a link would be a silent dead end).\n /\nexport function buildDeepLinkAttachUrl(\n schemeUrl: string,\n wssUrl: string,\n totpCode?: string,\n): string {\n let relay: URL;\n try {\n relay = new URL(wssUrl);\n } catch {\n throw new Error(`relay URL is not a valid URL: ${wssUrl}`);\n }\n if (relay.protocol !== 'wss:') {\n throw new Error(`relay URL must use the wss: scheme, got ${relay.protocol} (${wssUrl})`);\n }\n\n const hashIndex = schemeUrl.indexOf('#');\n const hash = hashIndex === -1 ? '' : schemeUrl.slice(hashIndex);\n const beforeHash = hashIndex === -1 ? schemeUrl : schemeUrl.slice(0, hashIndex);\n\n const queryIndex = beforeHash.indexOf('?');\n const base = queryIndex === -1 ? beforeHash : beforeHash.slice(0, queryIndex);\n let query = queryIndex === -1 ? '' : beforeHash.slice(queryIndex + 1);\n\n const appended: AppendParam[] = [\n ['debug', '1'],\n ['relay', wssUrl],\n ];\n // Only splice `at=` when a code is provided (TOTP enabled). Omitting it when\n // TOTP is disabled preserves backward compatibility with gate deployments\n // that do not yet evaluate the `at` param.\n if (totpCode !== undefined && totpCode !== '') {\n appended.push(['at', totpCode]);\n }\n\n // Always strip the `at` key from the existing query so a stale code from a\n // previous run is removed even when the caller does not provide a fresh code.\n query = stripExisting(query, 'at');\n\n for (const [key] of appended) {\n query = stripExisting(query, key);\n }\n for (const [key, value] of appended) {\n const pair = `${key}=${encodeURIComponent(value)}`;\n query = query === '' ? pair : `${query}&${pair}`;\n }\n\n return `${base}?${query}${hash}`;\n}\n","/\n Debug-mode MCP tools (Phase 1–3 + safe-area probe).\n \n Read-only tools that normalize CDP / AIT data into `chrome-devtools-mcp`-\n * compatible shapes. The tools never touch a websocket or HTTP endpoint\n * directly — they read from an injected `CdpConnection` (CDP events/commands)\n * or `AitSource` (AIT.* domain), which is what makes them unit-testable with a\n * fake. No phone and no running dev server are needed in tests.\n \n Phase 1 (CDP events):\n * - `list_console_messages` ← Runtime.consoleAPICalled\n * - `list_network_requests` ← Network.requestWillBeSent + responseReceived\n * - `list_pages` ← Chii relay target list + tunnel status\n * Phase 2 (CDP commands):\n * - `get_dom_document` ← DOM.getDocument\n * - `take_snapshot` ← DOMSnapshot.captureSnapshot\n * - `take_screenshot` ← Page.captureScreenshot\n * - `measure_safe_area` ← Runtime.evaluate (safe-area probe)\n * Phase 3 (AIT.* domain — CDP can't cover these):\n * - `AIT.getSdkCallHistory`\n * - `AIT.getMockState`\n * - `AIT.getOperationalEnvironment`\n /\n\nimport type {\n AitMockState,\n AitOperationalEnvironment,\n AitSdkCallHistory,\n AitSource,\n} from './ait-source.js';\nimport type {\n CdpConnection,\n CdpRemoteObject,\n ConsoleApiCalledEvent,\n DomGetDocumentResult,\n DomSnapshotResult,\n NetworkRequestWillBeSentEvent,\n NetworkResponseReceivedEvent,\n} from './cdp-connection.js';\nimport { buildDeepLinkAttachUrl, validateSchemeAuthority } from './deeplink.js';\n\n/* Tunnel state surfaced by `list_pages`. /\nexport interface TunnelStatus {\n /* Whether the cloudflared quick tunnel is up. /\n up: boolean;\n /* Public `wss://.trycloudflare.com` relay URL the phone attaches to. /\n wssUrl: string \| null;\n}\n\n/** Static MCP tool descriptors (name + JSONSchema) for the full debug tool surface. /\nexport const DEBUG_TOOL_DEFINITIONS = [\n {\n name: 'list_console_messages',\n description:\n 'Lists recent console messages (console.log/warn/error/info) captured from the attached ' +\n 'mini-app page over CDP (Runtime.consoleAPICalled). Read-only. Returns level, text, ' +\n 'timestamp, and stringified args, oldest-first.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'list_network_requests',\n description:\n 'Lists recent network requests (XHR/fetch) captured from the attached mini-app page over ' +\n 'CDP (Network.requestWillBeSent + Network.responseReceived). Read-only. Returns url, ' +\n 'method, status, and timing, oldest-first.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'list_pages',\n description:\n 'Lists the mini-app page(s) the Chii relay currently sees attached, plus whether the ' +\n 'cloudflared tunnel is up and the public wss relay URL the phone uses to attach. ' +\n 'Call this first to confirm a page is attached before reading console/network.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'build_attach_url',\n description:\n \"The tool result already shows the QR to the user directly (Claude Code renders MCP tool output to the user's screen; they press Ctrl+O to expand if it's collapsed). Do NOT re-print or re-render the QR in your reply — that just wastes output tokens. Simply tell the user to scan the QR shown in this tool's output with their phone camera. \" +\n 'Turns an `ait deploy --scheme-only` URL (intoss-private://…?_deploymentId=<uuid>) into a ' +\n 'self-attaching deep link by splicing in debug=1 and the live relay URL for this session. ' +\n 'Returns the deep link JSON and a unicode QR of that deep link. Scan the QR with the phone ' +\n 'camera to open the mini-app and attach it to this debug session (QR is the single entry ' +\n 'path — no USB cable or platform CLI needed). Requires the tunnel to be up — call ' +\n 'list_pages first. Set wait_for_attach=true to block until the phone scans and a page ' +\n 'attaches (polls listTargets up to 90 s), then returns the attached page info too. ' +\n 'When open_in_browser=true (default), saves the QR as a PNG and opens it in the OS default ' +\n 'browser — only works when the MCP server runs on a local GUI machine (not headless/remote containers).',\n inputSchema: {\n type: 'object',\n properties: {\n scheme_url: {\n type: 'string',\n description:\n 'The intoss-private:// scheme URL from `ait deploy --scheme-only` (must carry _deploymentId). ' +\n 'The authority (host) must be the app name (e.g. intoss-private://aitc-sdk-example?_deploymentId=…). ' +\n 'Generic values like \"web\" or an empty host indicate a malformed URL.',\n },\n wait_for_attach: {\n type: 'boolean',\n description:\n 'If true, block after returning the QR until a page attaches to the relay (polls ' +\n 'listTargets ~1 s interval, timeout 90 s). On attach, the response includes the ' +\n 'attached page list. On timeout, returns an error with a list_pages retry hint.',\n },\n open_in_browser: {\n type: 'boolean',\n description:\n 'If true (default), render the QR as a PNG and open it in the OS default browser. ' +\n 'Only works when the MCP server is running on a local GUI machine — headless or ' +\n 'remote container environments should set this to false to use the text QR fallback.',\n },\n },\n required: ['scheme_url'],\n },\n },\n {\n name: 'get_dom_document',\n description:\n 'Returns the DOM tree of the attached mini-app page over CDP (DOM.getDocument). Read-only. ' +\n 'Use for structural/layout regression diagnosis (e.g. confirming an element exists, ' +\n 'inspecting attributes). Returns the document root node with children.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'take_snapshot',\n description:\n 'Captures a serialized snapshot of the attached page over CDP (DOMSnapshot.captureSnapshot). ' +\n 'Read-only. Returns the documents + interned strings table for visual-regression diagnosis ' +\n '(e.g. checking computed CSS custom properties like --sat against the live layout).',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'take_screenshot',\n description:\n 'Captures a PNG screenshot of the attached mini-app page over CDP (Page.captureScreenshot) ' +\n 'so the agent can see the phone screen directly. Read-only. Returns an image content block.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'measure_safe_area',\n description:\n 'Runs a safe-area probe on the attached mini-app page via Runtime.evaluate and returns ' +\n 'normalized safe-area insets, viewport geometry, device pixel ratio, and User-Agent. ' +\n 'Read-only — does not modify page state. ' +\n 'Use in a relay session (phone attached) to get ground-truth values for upgrading a ' +\n 'viewport preset from extrapolated/placeholder to measured. ' +\n 'Requires the relay to be attached — call list_pages first.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'evaluate',\n description:\n 'Evaluates an arbitrary JavaScript expression on the attached mini-app page via ' +\n 'CDP Runtime.evaluate (returnByValue: true) and returns the result. ' +\n 'NOT read-only — the expression can have side effects (DOM mutations, SDK calls, ' +\n 'state changes). Requires the relay to be attached — call list_pages first. ' +\n 'Throws if the evaluation throws an exception on the page.',\n inputSchema: {\n type: 'object',\n properties: {\n expression: {\n type: 'string',\n description: 'JavaScript expression to evaluate in the page context.',\n },\n },\n required: ['expression'],\n },\n },\n {\n name: 'call_sdk',\n description:\n 'Calls a dogfood SDK method via the window.__sdkCall bridge ' +\n '(exported by @apps-in-toss/web-framework only in __DEBUG_BUILD__ bundles). ' +\n 'NOT read-only — SDK calls have side effects (navigation, payments, permissions, etc.). ' +\n 'On env 2/3 (real device relay) this hits the real SDK; on env 1 (local mock) it hits ' +\n 'the mock SDK. Requires the relay to be attached — call list_pages first. ' +\n 'Returns {ok: true, value} on success or {ok: false, error} on failure. ' +\n 'Returns a clear error if window.__sdkCall is not available (non-dogfood bundle).',\n inputSchema: {\n type: 'object',\n properties: {\n name: {\n type: 'string',\n description: 'SDK method name to call (e.g. \"getOperationalEnvironment\").',\n },\n args: {\n type: 'array',\n description: 'Arguments to pass to the SDK method (optional, default []).',\n items: {},\n },\n },\n required: ['name'],\n },\n },\n {\n name: 'AIT.getSdkCallHistory',\n description:\n 'Returns the recent Apps In Toss SDK call trace (method, args, result/error, timestamp) that ' +\n 'raw CDP cannot observe. Read-only. Use to confirm an SDK call fired and how it resolved ' +\n '(e.g. a saveBase64Data permission regression).',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'AIT.getMockState',\n description:\n 'Returns the devtools mock state snapshot (window.__ait) — environment, permissions, location, ' +\n 'auth, network, IAP, and more. Read-only. In dev mode this is the live browser mock state; in ' +\n 'debug mode the in-app side reports it over the AIT domain.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'AIT.getOperationalEnvironment',\n description:\n 'Returns getOperationalEnvironment() plus the resolved SDK version — metadata raw CDP cannot ' +\n 'observe. Read-only.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n] as const;\n\nexport type DebugToolName = (typeof DEBUG_TOOL_DEFINITIONS)[number]['name'];\n\nconst DEBUG_TOOL_NAMES = new Set<string>(DEBUG_TOOL_DEFINITIONS.map((t) => t.name));\n\nexport function isDebugToolName(name: string): name is DebugToolName {\n return DEBUG_TOOL_NAMES.has(name);\n}\n\n/\n Tool names that are available before any page attaches (bootstrap tier).\n \n `build_attach_url` — pure URL synthesis, no attach needed.\n * `list_pages` — reports tunnel status + empty pages even pre-attach.\n \n All other tools require an attached page (`enableDomains` must succeed) and\n * are only advertised in `tools/list` once a target appears.\n /\nexport const BOOTSTRAP_TOOL_NAMES: ReadonlySet<string> = new Set<string>([\n 'build_attach_url',\n 'list_pages',\n]);\n\n/* Normalized console message returned by `list_console_messages`. /\nexport interface ConsoleMessage {\n level: string;\n text: string;\n timestamp: number;\n args: string[];\n}\n\n/* Normalized network request returned by `list_network_requests`. /\nexport interface NetworkRequest {\n requestId: string;\n url: string;\n method: string;\n /* HTTP status once a response was seen, else null (still in-flight). /\n status: number \| null;\n statusText: string \| null;\n /* Request start (CDP timestamp). /\n startTime: number;\n /* Response received (CDP timestamp), else null. /\n endTime: number \| null;\n}\n\n/* Renders a CDP `RemoteObject` console arg to a stable display string. /\nfunction renderRemoteObject(arg: CdpRemoteObject): string {\n if (arg.value !== undefined) {\n if (typeof arg.value === 'string') return arg.value;\n try {\n return JSON.stringify(arg.value);\n } catch {\n return String(arg.value);\n }\n }\n if (arg.description !== undefined) return arg.description;\n if (arg.className !== undefined) return arg.className;\n return arg.subtype ?? arg.type;\n}\n\nexport function normalizeConsoleMessage(event: ConsoleApiCalledEvent): ConsoleMessage {\n const args = event.args.map(renderRemoteObject);\n return {\n level: event.type,\n text: args.join(' '),\n timestamp: event.timestamp,\n args,\n };\n}\n\nexport function listConsoleMessages(connection: CdpConnection): ConsoleMessage[] {\n return connection\n .getBufferedEvents('Runtime.consoleAPICalled')\n .map((event) => normalizeConsoleMessage(event));\n}\n\nexport function listNetworkRequests(connection: CdpConnection): NetworkRequest[] {\n const requests = connection.getBufferedEvents('Network.requestWillBeSent');\n const responses = connection.getBufferedEvents('Network.responseReceived');\n\n const responseByRequestId = new Map<string, NetworkResponseReceivedEvent>();\n for (const response of responses) {\n responseByRequestId.set(response.requestId, response);\n }\n\n return requests.map((request: NetworkRequestWillBeSentEvent) => {\n const response = responseByRequestId.get(request.requestId);\n return {\n requestId: request.requestId,\n url: request.request.url,\n method: request.request.method,\n status: response ? response.response.status : null,\n statusText: response ? response.response.statusText : null,\n startTime: request.timestamp,\n endTime: response ? response.timestamp : null,\n };\n });\n}\n\n/* Result of `list_pages`: attach status + tunnel state. /\nexport interface ListPagesResult {\n pages: ReturnType<CdpConnection['listTargets']>;\n tunnel: TunnelStatus;\n}\n\nexport function listPages(connection: CdpConnection, tunnel: TunnelStatus): ListPagesResult {\n return { pages: connection.listTargets(), tunnel };\n}\n\n/* A `build_attach_url` result: the spliced deep link the phone should open. /\nexport interface BuildAttachUrlResult {\n /* The scheme URL with `debug=1&relay=<wss>` spliced in. /\n attachUrl: string;\n /* The relay URL that was spliced in (this session's quick tunnel). /\n relayUrl: string;\n /\n Non-fatal warning about the scheme URL's authority being missing or\n * suspicious (e.g. \"web\", \"localhost\"). Callers should surface this to\n * help the user catch a malformed URL early.\n /\n authorityWarning?: string;\n}\n\n/\n Builds a self-attaching dogfood deep link from an `ait deploy --scheme-only`\n * URL plus this session's live relay. Throws if the tunnel is not up yet (no\n * relay URL to splice in) — the caller surfaces that as a tool error.\n \n Also validates the scheme URL's authority. A suspicious authority (empty,\n * \"web\", \"localhost\", etc.) is surfaced as a non-fatal `authorityWarning` on\n * the result so the caller can show a helpful hint without blocking the link\n * generation (the warning is consistent with how other validation in\n * `buildDeepLinkAttachUrl` works — hard errors for relay, soft warning for\n * the scheme authority which is in the caller's input, not ours to own).\n /\nexport function buildAttachUrl(schemeUrl: string, tunnel: TunnelStatus): BuildAttachUrlResult {\n if (!tunnel.up \|\| tunnel.wssUrl === null) {\n throw new Error(\n 'No relay URL yet — the cloudflared quick tunnel is not up. ' +\n 'Call list_pages to check tunnel status.',\n );\n }\n const authorityWarning = validateSchemeAuthority(schemeUrl) ?? undefined;\n return {\n attachUrl: buildDeepLinkAttachUrl(schemeUrl, tunnel.wssUrl),\n relayUrl: tunnel.wssUrl,\n ...(authorityWarning !== undefined ? { authorityWarning } : {}),\n };\n}\n\n/ -------------------------------------------------------------------------- /\n/ QR PNG rendering + browser open /\n/ -------------------------------------------------------------------------- /\n\n/\n Heuristic: can this process open a GUI browser?\n \n Returns `true` when we think a GUI is available:\n * - On macOS (`darwin`) we assume yes (MCP normally runs on the user's Mac).\n * - On Linux we check for `DISPLAY` or `WAYLAND_DISPLAY`.\n * - On Windows we assume yes.\n * - In a CI environment (`CI=true`) we assume no.\n /\nexport function canOpenBrowser(): boolean {\n if (process.env.CI === 'true' \|\| process.env.CI === '1') return false;\n const platform = process.platform;\n if (platform === 'darwin' \|\| platform === 'win32') return true;\n if (platform === 'linux') {\n return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n }\n return false;\n}\n\n/\n Result of `openQrInBrowser`.\n \n HTTP URL 기반으로 재구현 — tmp 파일 없음. `httpUrl`이 브라우저에 전달되는 URL이다.\n * SECRET-HANDLING: `httpUrl`은 127.0.0.1 로컬 전용이며 at= 코드 값을 직접 담지 않는다\n * (attachUrl은 /attach?u= query로 전달되어 서버 메모리에서만 처리).\n /\nexport interface OpenQrInBrowserResult {\n /* `true` if the browser was successfully opened. /\n opened: boolean;\n /* `http://127.0.0.1:<port>/attach?u=...` — 브라우저에 전달된 URL. /\n httpUrl: string;\n /* `http://127.0.0.1:<port>/qr.png?u=...` — PNG fallback URL. /\n pngUrl: string;\n /* Error message if `opened` is false (browser spawn failed). /\n error?: string;\n /* Captured stderr from failed spawn attempts (at= 값은 redact됨). /\n stderrSummary?: string;\n}\n\n/* platform별 browser open 명령 후보 목록 — 앞에서부터 순차 시도. /\nfunction getBrowserCandidates(httpUrl: string): Array<{ cmd: string; args: string[] }> {\n const platform = process.platform;\n if (platform === 'darwin') {\n return [\n { cmd: 'open', args: [httpUrl] },\n { cmd: 'open', args: ['-a', 'Safari', httpUrl] },\n { cmd: 'open', args: ['-a', 'Google Chrome', httpUrl] },\n { cmd: 'open', args: ['-a', 'Firefox', httpUrl] },\n ];\n }\n if (platform === 'win32') {\n return [\n { cmd: 'cmd', args: ['/c', 'start', '', httpUrl] },\n { cmd: 'rundll32', args: ['url.dll,FileProtocolHandler', httpUrl] },\n ];\n }\n // linux + fallback\n return [\n { cmd: 'xdg-open', args: [httpUrl] },\n { cmd: 'sensible-browser', args: [httpUrl] },\n { cmd: 'x-www-browser', args: [httpUrl] },\n { cmd: 'firefox', args: [httpUrl] },\n { cmd: 'google-chrome', args: [httpUrl] },\n { cmd: 'chromium', args: [httpUrl] },\n ];\n}\n\n/* stderr에서 at= TOTP 코드 값을 redact한다. /\nfunction redactSecrets(text: string): string {\n // at=<value> 패턴에서 값 부분을 redact — TOTP 코드가 노출되지 않도록.\n return text.replace(/\\bat=([^&\\s\"']+)/g, 'at=<redacted>');\n}\n\n/* spawnSync exit 0이어도 stderr에 launch 실패 시그널이 있으면 실패로 판단한다. /\nconst LAUNCH_FAILURE_PATTERNS = [\n /LSOpenURLsWithRole\$\$ failed/,\n /kLSApplicationNotFoundErr/,\n /No application/,\n /Unable to find application/,\n /xdg-open: not found/,\n /command not found/,\n];\n\nfunction isLaunchFailureStderr(stderr: string): boolean {\n return LAUNCH_FAILURE_PATTERNS.some((p) => p.test(stderr));\n}\n\n/\n 로컬 HTTP 서버 URL(`http://127.0.0.1:<port>/attach?u=...`)을 OS 기본 브라우저로 연다.\n \n platform별 fallback chain으로 시도하며, 모두 실패해도 `opened: false` + `httpUrl`을\n * 반환해 사용자가 직접 브라우저에 붙여넣을 수 있게 한다.\n \n SECRET-HANDLING:\n * - tmp 파일을 만들지 않는다 (HTML/PNG는 HTTP 서버가 메모리에서 응답).\n * - httpUrl/pngUrl은 127.0.0.1 로컬 전용.\n * - stderr 캡처 결과에서 at= 코드 값을 redact한 후 stderrSummary에 포함.\n * - attachUrl, deploymentId, TOTP 코드를 stdout/stderr/로그에 직접 출력 금지.\n \n @param httpUrl - `http://127.0.0.1:<port>/attach?u=<encoded>` HTTP URL.\n * @param pngUrl - `http://127.0.0.1:<port>/qr.png?u=<encoded>` PNG fallback URL.\n /\nexport async function openQrInBrowser(\n httpUrl: string,\n pngUrl: string,\n): Promise<OpenQrInBrowserResult> {\n const { spawnSync } = await import('node:child_process');\n\n const candidates = getBrowserCandidates(httpUrl);\n const stderrLines: string[] = [];\n\n for (const { cmd, args } of candidates) {\n const result = spawnSync(cmd, args, { encoding: 'utf8', timeout: 5000 });\n\n if (result.error) {\n // 명령 자체를 실행하지 못한 경우 (ENOENT 등) — 다음 후보로.\n stderrLines.push(`${cmd}: ${result.error.message}`);\n continue;\n }\n\n const stderr = typeof result.stderr === 'string' ? result.stderr : '';\n if (stderr) {\n stderrLines.push(`${cmd}: ${redactSecrets(stderr.trim())}`);\n }\n\n // exit 0이어도 stderr에 launch 실패 패턴이 있으면 실패로 취급.\n if (result.status === 0 && !isLaunchFailureStderr(stderr)) {\n return { opened: true, httpUrl, pngUrl };\n }\n }\n\n const stderrSummary = stderrLines.length > 0 ? stderrLines.join('\\n') : undefined;\n return {\n opened: false,\n httpUrl,\n pngUrl,\n error: '모든 브라우저 실행 후보가 실패했습니다.',\n stderrSummary,\n };\n}\n\n/ -------------------------------------------------------------------------- /\n/ Phase 2 — DOM / snapshot / screenshot (CDP commands) /\n/ -------------------------------------------------------------------------- /\n\n/* Returns the DOM tree of the attached page (`DOM.getDocument`). /\nexport function getDomDocument(connection: CdpConnection): Promise<DomGetDocumentResult> {\n // `pierce: true` flattens shadow roots; depth -1 returns the whole subtree so\n // a single call yields the full tree for structural diagnosis.\n return connection.send('DOM.getDocument', { depth: -1, pierce: true });\n}\n\n/* Returns a serialized page snapshot (`DOMSnapshot.captureSnapshot`). /\nexport function takeSnapshot(connection: CdpConnection): Promise<DomSnapshotResult> {\n return connection.send('DOMSnapshot.captureSnapshot', {});\n}\n\n/* A `take_screenshot` result: the raw base64 PNG plus a ready-to-use data URI. /\nexport interface ScreenshotResult {\n /* Base64-encoded PNG bytes (no data-URI prefix). /\n data: string;\n /* `data:image/png;base64,…` form for clients that render a URI. /\n dataUri: string;\n mimeType: 'image/png';\n}\n\n/* Captures a PNG screenshot of the attached page (`Page.captureScreenshot`). /\nexport async function takeScreenshot(connection: CdpConnection): Promise<ScreenshotResult> {\n const { data } = await connection.send('Page.captureScreenshot', { format: 'png' });\n return { data, dataUri: `data:image/png;base64,${data}`, mimeType: 'image/png' };\n}\n\n/ -------------------------------------------------------------------------- /\n/ measure_safe_area — Runtime.evaluate probe /\n/ -------------------------------------------------------------------------- /\n\n/\n The JS probe injected via `Runtime.evaluate`. It reads:\n * 1. `env(safe-area-inset-)` via a temporary element with padding set to\n those CSS env vars, then `getComputedStyle`.\n * 2. `SafeAreaInsets.get()` if the native SDK object is available.\n * 3. nav bar geometry (first `.ait-navbar` element height, if present).\n * 4. `innerWidth`, `innerHeight`, `devicePixelRatio`, `navigator.userAgent`.\n \n Returns a plain JSON-serialisable object so `returnByValue: true` works.\n \n NOTE: This expression is evaluated in the page context on the real device.\n * It does not mutate any page state — the temporary element is removed after\n * reading. No secret or auth token is read or returned.\n /\nexport const SAFE_AREA_PROBE_EXPRESSION = `\n(function() {\n var el = document.createElement('div');\n el.style.cssText = 'position:fixed;top:0;left:0;width:0;height:0;visibility:hidden;' +\n 'padding-top:env(safe-area-inset-top,0px);' +\n 'padding-right:env(safe-area-inset-right,0px);' +\n 'padding-bottom:env(safe-area-inset-bottom,0px);' +\n 'padding-left:env(safe-area-inset-left,0px)';\n document.documentElement.appendChild(el);\n var cs = window.getComputedStyle(el);\n var cssEnv = {\n top: parseFloat(cs.paddingTop) \|\| 0,\n right: parseFloat(cs.paddingRight) \|\| 0,\n bottom: parseFloat(cs.paddingBottom) \|\| 0,\n left: parseFloat(cs.paddingLeft) \|\| 0\n };\n document.documentElement.removeChild(el);\n var sdkInsets = null;\n try {\n if (typeof SafeAreaInsets !== 'undefined' && SafeAreaInsets && typeof SafeAreaInsets.get === 'function') {\n sdkInsets = SafeAreaInsets.get();\n }\n } catch(_) {}\n var navBarHeight = null;\n try {\n var nb = document.querySelector('.ait-navbar');\n if (nb) navBarHeight = nb.getBoundingClientRect().height;\n } catch(_) {}\n return JSON.stringify({\n cssEnv: cssEnv,\n sdkInsets: sdkInsets,\n navBarHeight: navBarHeight,\n innerWidth: window.innerWidth,\n innerHeight: window.innerHeight,\n devicePixelRatio: window.devicePixelRatio,\n userAgent: navigator.userAgent\n });\n})()\n`.trim();\n\n/\n Normalized result returned by `measure_safe_area`.\n \n All inset values are in CSS pixels as reported by the real device.\n * `userAgent` is included for device identification; it never contains\n * authentication secrets or session tokens.\n /\nexport interface SafeAreaMeasurement {\n /\n `env(safe-area-inset-)` values read via `getComputedStyle` on the device.\n On iOS inside the Toss host WebView this is typically all-zero because the\n * WebView viewport is placed below the physical notch by the host app.\n /\n cssEnv: { top: number; right: number; bottom: number; left: number };\n /\n `SafeAreaInsets.get()` result from the native SDK, if available.\n * In the Toss host this carries the nav bar height as `top` and the\n * home-indicator height as `bottom`. `null` when the SDK object is absent\n * (e.g. outside a Toss WebView).\n /\n sdkInsets: { top: number; right: number; bottom: number; left: number } \| null;\n /\n Height of the `.ait-navbar` element (px) if present, else `null`.\n * Useful to cross-validate `sdkInsets.top` against the rendered nav bar.\n /\n navBarHeight: number \| null;\n /* CSS viewport width (`window.innerWidth`). /\n innerWidth: number;\n /* CSS viewport height (`window.innerHeight`). /\n innerHeight: number;\n /\n Device pixel ratio (`window.devicePixelRatio`).\n * Note: `window.devicePixelRatio` is read-only in the browser, so devtools\n * cannot emulate DPR locally — this is the ground-truth value from the device.\n /\n devicePixelRatio: number;\n /\n `navigator.userAgent` string for device identification.\n * Does not contain authentication secrets.\n /\n userAgent: string;\n}\n\n/\n Parses a raw `Runtime.evaluate` result value into a `SafeAreaMeasurement`.\n * The probe returns a JSON string (because `returnByValue:true` with a plain\n * object works unreliably across Chii relay versions — stringifying is safer).\n \n Throws if the result is missing, contains an exception, or cannot be parsed.\n /\nexport function normalizeSafeAreaResult(rawValue: unknown): SafeAreaMeasurement {\n if (typeof rawValue !== 'string') {\n throw new Error(\n `measure_safe_area: probe returned unexpected type \"${typeof rawValue}\" — expected JSON string`,\n );\n }\n let parsed: unknown;\n try {\n parsed = JSON.parse(rawValue);\n } catch {\n throw new Error(`measure_safe_area: probe returned non-JSON string: ${rawValue}`);\n }\n if (typeof parsed !== 'object' \|\| parsed === null \|\| Array.isArray(parsed)) {\n throw new Error('measure_safe_area: parsed result is not an object');\n }\n const obj = parsed as Record<string, unknown>;\n\n function requireInsets(\n key: string,\n ): { top: number; right: number; bottom: number; left: number } \| null {\n const v = obj[key];\n if (v === null \|\| v === undefined) return null;\n if (typeof v !== 'object') return null;\n const r = v as Record<string, unknown>;\n return {\n top: typeof r.top === 'number' ? r.top : 0,\n right: typeof r.right === 'number' ? r.right : 0,\n bottom: typeof r.bottom === 'number' ? r.bottom : 0,\n left: typeof r.left === 'number' ? r.left : 0,\n };\n }\n\n const cssEnv = requireInsets('cssEnv') ?? { top: 0, right: 0, bottom: 0, left: 0 };\n const sdkInsets = requireInsets('sdkInsets');\n const navBarHeight = typeof obj.navBarHeight === 'number' ? obj.navBarHeight : null;\n const innerWidth = typeof obj.innerWidth === 'number' ? obj.innerWidth : 0;\n const innerHeight = typeof obj.innerHeight === 'number' ? obj.innerHeight : 0;\n const devicePixelRatio = typeof obj.devicePixelRatio === 'number' ? obj.devicePixelRatio : 1;\n const userAgent = typeof obj.userAgent === 'string' ? obj.userAgent : '';\n\n return { cssEnv, sdkInsets, navBarHeight, innerWidth, innerHeight, devicePixelRatio, userAgent };\n}\n\n/\n Runs the safe-area probe on the attached page and returns a normalized\n * `SafeAreaMeasurement`. Read-only — does not mutate page state.\n \n Throws on CDP error, probe exception, or result parse failure.\n /\nexport async function measureSafeArea(connection: CdpConnection): Promise<SafeAreaMeasurement> {\n const result = await connection.send('Runtime.evaluate', {\n expression: SAFE_AREA_PROBE_EXPRESSION,\n returnByValue: true,\n awaitPromise: false,\n });\n if (result.exceptionDetails) {\n const msg =\n result.exceptionDetails.exception?.description ??\n result.exceptionDetails.text ??\n 'Runtime.evaluate threw an exception';\n throw new Error(`measure_safe_area: probe threw — ${msg}`);\n }\n return normalizeSafeAreaResult(result.result.value);\n}\n\n/ -------------------------------------------------------------------------- /\n/ evaluate — arbitrary JS via Runtime.evaluate /\n/ -------------------------------------------------------------------------- /\n\n/\n Result returned by the `evaluate` tool.\n \n `value` holds the `returnByValue` result from CDP — it may be any\n * JSON-serialisable type. Treat it as opaque for logging purposes (it could\n * carry sensitive data from the page context).\n \n SECRET-HANDLING: do NOT write `value` to any log or stderr — return it to\n * the agent via the tool result only.\n /\nexport interface EvaluateResult {\n /* The evaluated result value (`returnByValue: true`). /\n value: unknown;\n /* CDP type string of the result (e.g. \"string\", \"number\", \"object\"). /\n type: string;\n}\n\n/\n Evaluates an arbitrary JS expression on the attached page via\n * `Runtime.evaluate`. NOT read-only — the expression may have side effects.\n \n Throws if the evaluation produced a CDP exception.\n \n SECRET-HANDLING: expression and result value are NOT written to any log.\n /\nexport async function evaluate(\n connection: CdpConnection,\n expression: string,\n): Promise<EvaluateResult> {\n const result = await connection.send('Runtime.evaluate', {\n expression,\n returnByValue: true,\n awaitPromise: false,\n });\n if (result.exceptionDetails) {\n // Surface only the engine error string — never the expression or result value.\n const msg =\n result.exceptionDetails.exception?.description ??\n result.exceptionDetails.text ??\n 'Runtime.evaluate threw an exception';\n throw new Error(`evaluate failed: ${msg}`);\n }\n return { value: result.result.value, type: result.result.type };\n}\n\n/ -------------------------------------------------------------------------- /\n/ call_sdk — window.__sdkCall bridge via Runtime.evaluate /\n/ -------------------------------------------------------------------------- /\n\n/\n Result returned by the `call_sdk` tool.\n * The bridge call wraps success/failure in a JSON envelope so cross-Chii\n * stringification is reliable (same approach as `measure_safe_area`).\n /\nexport type CallSdkResult = { ok: true; value: unknown } \| { ok: false; error: string };\n\n/\n Builds the Runtime.evaluate expression that calls `window.__sdkCall` with\n * the given method name and args, awaits the promise, and returns a JSON\n * envelope `{ok, value/error}` as a string.\n \n Name and args are embedded via `JSON.stringify` so they are safely escaped.\n * The expression checks for `window.__sdkCall` and returns a clear error if\n * it is absent (non-dogfood bundle).\n \n SECRET-HANDLING: the expression is built here and MUST NOT be written to\n * any log or stderr by the caller.\n /\nexport function buildCallSdkExpression(name: string, args: unknown[]): string {\n const safeName = JSON.stringify(name);\n const safeArgs = JSON.stringify(args);\n return (\n `(async () => {` +\n ` if (typeof window.__sdkCall !== 'function') {` +\n ` return JSON.stringify({ok:false,error:'window.__sdkCall is not available — is this a dogfood (__DEBUG_BUILD__) bundle?'});` +\n ` }` +\n ` try {` +\n ` const r = await window.__sdkCall(${safeName}, ...${safeArgs});` +\n ` return JSON.stringify({ok:true,value:r});` +\n ` } catch(e) {` +\n ` return JSON.stringify({ok:false,error:String(e && e.message \|\| e)});` +\n ` }` +\n `})()`\n );\n}\n\n/\n Parses the JSON envelope string returned by the `call_sdk` expression.\n * Returns a typed `CallSdkResult`.\n \n Throws only on parse failure (not on ok:false — that is a normal result).\n /\nexport function normalizeCallSdkResult(rawValue: unknown): CallSdkResult {\n if (typeof rawValue !== 'string') {\n throw new Error(\n `call_sdk: bridge returned unexpected type \"${typeof rawValue}\" — expected JSON string`,\n );\n }\n let parsed: unknown;\n try {\n parsed = JSON.parse(rawValue);\n } catch {\n // Do NOT include rawValue in the error message — it could contain secrets.\n throw new Error('call_sdk: bridge returned non-JSON string');\n }\n if (typeof parsed !== 'object' \|\| parsed === null \|\| Array.isArray(parsed)) {\n throw new Error('call_sdk: parsed result is not an object');\n }\n const obj = parsed as Record<string, unknown>;\n if (obj.ok === true) {\n return { ok: true, value: obj.value };\n }\n if (obj.ok === false) {\n return { ok: false, error: typeof obj.error === 'string' ? obj.error : String(obj.error) };\n }\n throw new Error('call_sdk: bridge result missing \"ok\" field');\n}\n\n/\n Calls a dogfood SDK method via `window.__sdkCall` on the attached page.\n * NOT read-only — SDK calls may have side effects.\n \n On env 2/3 (real device relay) this hits the real SDK; on env 1 (local\n * mock) it hits the mock SDK.\n \n Throws on CDP error or result parse failure. Returns `{ok:false, error}`\n * for bridge-level errors (method not found, SDK threw, bridge absent).\n \n SECRET-HANDLING: name, args, and the result value are NOT written to any log.\n /\nexport async function callSdk(\n connection: CdpConnection,\n name: string,\n args: unknown[],\n): Promise<CallSdkResult> {\n const expression = buildCallSdkExpression(name, args);\n const result = await connection.send('Runtime.evaluate', {\n expression,\n returnByValue: true,\n awaitPromise: true,\n });\n if (result.exceptionDetails) {\n // Surface only the engine error string — never name, args, or result value.\n const msg =\n result.exceptionDetails.exception?.description ??\n result.exceptionDetails.text ??\n 'Runtime.evaluate threw an exception';\n throw new Error(`call_sdk threw: ${msg}`);\n }\n return normalizeCallSdkResult(result.result.value);\n}\n\n/ -------------------------------------------------------------------------- /\n/ Phase 3 — AIT.* domain (CDP can't cover these) /\n/ -------------------------------------------------------------------------- /\n\n/* Set of tool names served by the AIT source rather than the CDP connection. /\nconst AIT_TOOL_NAMES = new Set<string>([\n 'AIT.getSdkCallHistory',\n 'AIT.getMockState',\n 'AIT.getOperationalEnvironment',\n]);\n\n/* True for the Phase 3 AIT.* tools (served by an `AitSource`, not CDP). /\nexport function isAitToolName(name: string): boolean {\n return AIT_TOOL_NAMES.has(name);\n}\n\n/* Returns the recent SDK call trace (`AIT.getSdkCallHistory`). /\nexport function getSdkCallHistory(source: AitSource): Promise<AitSdkCallHistory> {\n return source.get('AIT.getSdkCallHistory');\n}\n\n/* Returns the devtools mock-state snapshot (`AIT.getMockState`). /\nexport function getMockState(source: AitSource): Promise<AitMockState> {\n return source.get('AIT.getMockState');\n}\n\n/* Returns the operational environment + SDK version (`AIT.getOperationalEnvironment`). /\nexport function getOperationalEnvironment(source: AitSource): Promise<AitOperationalEnvironment> {\n return source.get('AIT.getOperationalEnvironment');\n}\n","/\n RFC 6238 TOTP implementation (Node.js, node:crypto only).\n \n External TOTP libraries (otplib, speakeasy, …) are intentionally NOT used\n * to keep the dependency surface minimal. This hand-roll is ~30 lines and\n * covers exactly what relay-side auth needs.\n \n Algorithm summary (RFC 6238 + RFC 4226):\n * T = floor(now / 30) — 30-second time step counter\n * K = Buffer.from(secret, 'hex') — shared secret (raw bytes, hex-encoded)\n * MAC = HMAC-SHA1(K, T as 8-byte big-endian uint64)\n * offset = MAC[19] & 0x0f\n * code = (MAC[offset..offset+4] & 0x7fffffff) % 10^6 — 6 digits\n \n Security note (keep this comment accurate):\n * The baked-in secret in a dogfood build is extractable from the bundle by a\n * determined reverse engineer. This mechanism raises the bar from\n * \"anyone with the URL\" to \"URL + bundle extraction + live TOTP calculation\".\n * Casual URL leaks (Slack paste, QR screenshot, shoulder-surfing) are\n * blocked; deliberate reverse engineering is not. See threat model in\n * src/mcp/chii-relay.ts and umbrella CLAUDE.md §4.\n \n SECRET-HANDLING: secret values and computed codes MUST NOT appear in any\n * log, error message, or string visible outside this module. Only boolean\n * pass/fail and reason enum values are safe to surface.\n /\n\nimport { createHmac, timingSafeEqual } from 'node:crypto';\n\n/* Time step window in seconds (RFC 6238 default). /\nconst TIME_STEP = 30;\n\n/* Number of digits in the generated code. /\nconst DIGITS = 6;\n\n/\n Derives a 6-digit TOTP code from a hex-encoded secret at the given wall-\n * clock time.\n \n @param secret - The shared secret as a hex string (e.g. 64 hex chars = 32\n * bytes). Must be the output of `generateAttachToken()` or compatible.\n * @param when - Unix timestamp in milliseconds. Defaults to `Date.now()`.\n * @returns A zero-padded 6-digit decimal string, e.g. `\"042193\"`.\n /\nexport function generateTotp(secret: string, when: number = Date.now()): string {\n const key = Buffer.from(secret, 'hex');\n // Clamp to 0 so negative timestamps (e.g. in ±skew checks near epoch) do not\n // produce a negative counter, which would cause writeUInt32BE to throw.\n const counter = Math.max(0, Math.floor(when / 1000 / TIME_STEP));\n\n // Encode counter as 8-byte big-endian unsigned integer.\n const counterBuf = Buffer.alloc(8);\n // JavaScript numbers are safe integers up to 2^53; counter is ~7.5×10^10 at\n // year 9999 — well within safe range so standard bitwise ops are fine.\n const hi = Math.floor(counter / 0x100000000);\n const lo = counter >>> 0;\n counterBuf.writeUInt32BE(hi, 0);\n counterBuf.writeUInt32BE(lo, 4);\n\n const mac = createHmac('sha1', key).update(counterBuf).digest();\n\n // Dynamic truncation (RFC 4226 §5.4).\n const offset = mac[19] & 0x0f;\n const binCode =\n ((mac[offset] & 0x7f) << 24) \|\n ((mac[offset + 1] & 0xff) << 16) \|\n ((mac[offset + 2] & 0xff) << 8) \|\n (mac[offset + 3] & 0xff);\n\n const otp = binCode % 10 * DIGITS;\n return otp.toString().padStart(DIGITS, '0');\n}\n\n/*\n Verifies a TOTP code against the secret, accepting ±`skew` time steps to\n * tolerate clock drift between the relay host and the client device.\n \n Uses `timingSafeEqual` for constant-time comparison to prevent timing\n * side-channel attacks.\n \n @param secret - Hex-encoded shared secret.\n * @param code - The 6-digit code to verify (string or numeric).\n * @param when - Unix timestamp in milliseconds. Defaults to `Date.now()`.\n * @param skew - Number of adjacent steps to accept on either side. Default 1\n * (accepts T-1, T, T+1 — a 90-second acceptance window).\n * @returns `true` if the code matches any accepted step, `false` otherwise.\n /\nexport function verifyTotp(\n secret: string,\n code: string,\n when: number = Date.now(),\n skew: number = 1,\n): boolean {\n const normalised = String(code).padStart(DIGITS, '0');\n if (normalised.length !== DIGITS \|\| !/^\\d{6}$/.test(normalised)) {\n return false;\n }\n\n const candidateBuf = Buffer.from(normalised, 'utf8');\n\n for (let delta = -skew; delta <= skew; delta++) {\n const stepWhen = when + delta TIME_STEP * 1000;\n const expected = generateTotp(secret, stepWhen);\n const expectedBuf = Buffer.from(expected, 'utf8');\n if (timingSafeEqual(expectedBuf, candidateBuf)) {\n return true;\n }\n }\n\n return false;\n}\n","/*\n cloudflared quick tunnel + attach banner for the debug-mode MCP server.\n \n On spawn, the debug server opens an accountless `.trycloudflare.com` quick\n tunnel to the local Chii relay so the phone can attach over a public wss URL,\n * then prints a unicode half-block QR + attach instructions. When TOTP auth is\n * enabled (`AIT_DEBUG_TOTP_SECRET` is set), the QR encodes only the base relay\n * URL — the TOTP code (`at=`) is NOT included because it rotates every 30 s\n * and would be stale by the time a human scans. The in-app deep-link builder\n * splices the live code at attach time.\n \n SECRET-HANDLING: The TOTP secret and computed code values MUST NOT appear\n * in any output from this module.\n \n Node-only: spawns the cloudflared binary and writes to stdout/stderr.\n /\n\nimport { randomBytes } from 'node:crypto';\nimport { bin, install, Tunnel } from 'cloudflared';\n\n/* Generates a 32-byte hex attach token shown as a pairing hint (relay-side validation is a later phase). /\nexport function generateAttachToken(): string {\n return randomBytes(32).toString('hex');\n}\n\nexport interface QuickTunnel {\n /* Public `https://.trycloudflare.com` URL the tunnel exposes. /\n url: string;\n /** Same host as `wss://` — the relay endpoint the phone attaches to. /\n wssUrl: string;\n stop(): void;\n}\n\n/* Ensures the cloudflared binary is installed (downloads + caches on first run). /\nasync function ensureCloudflaredBin(): Promise<void> {\n const { existsSync } = await import('node:fs');\n if (!existsSync(bin)) {\n await install(bin);\n }\n}\n\n/\n Opens a cloudflared quick tunnel to the local relay port and resolves once\n * the public URL is assigned.\n /\nexport async function startQuickTunnel(localPort: number): Promise<QuickTunnel> {\n await ensureCloudflaredBin();\n\n const tunnel = Tunnel.quick(`http://127.0.0.1:${localPort}`);\n\n const url = await new Promise<string>((resolve, reject) => {\n const onUrl = (assigned: string) => {\n cleanup();\n resolve(assigned);\n };\n const onError = (err: Error) => {\n cleanup();\n reject(err);\n };\n const onExit = (code: number \| null) => {\n cleanup();\n reject(new Error(`cloudflared exited before assigning a URL (code ${code})`));\n };\n const cleanup = () => {\n tunnel.off('url', onUrl);\n tunnel.off('error', onError);\n tunnel.off('exit', onExit);\n };\n tunnel.once('url', onUrl);\n tunnel.once('error', onError);\n tunnel.once('exit', onExit);\n });\n\n return {\n url,\n wssUrl: url.replace(/^https/, 'wss'),\n stop: () => {\n tunnel.stop();\n },\n };\n}\n\nexport interface AttachBannerInput {\n wssUrl: string;\n /\n Whether TOTP auth is enabled on the relay (`AIT_DEBUG_TOTP_SECRET` is set).\n \n When `true`, the banner notes that a rotating code (`at=`) will be\n * appended to attach URLs at call time — the code is NOT printed here\n * because it rotates every 30 s and would be stale in seconds.\n /\n totpEnabled: boolean;\n}\n\n/\n Renders a pure unicode half-block QR string for the given text.\n \n Uses `qrcode` (Node full lib) to get the raw bit matrix, then encodes every\n * two vertical modules into a single half-block character:\n * - both dark → `█`\n * - top only → `▀`\n * - bottom only → `▄`\n * - both light → ` ` (space)\n \n The output contains zero ANSI escape codes, so it renders correctly in\n * every surface (terminal, VS Code, JetBrains, web) and can be scanned by a\n * phone camera when shown verbatim in an agent response.\n \n Shared by `renderAttachBanner` (relay wssUrl QR) and the `build_attach_url`\n * MCP tool response (attach deep-link QR).\n /\nexport async function renderQr(text: string): Promise<string> {\n // Dynamic import mirrors the cloudflared/qrcode-terminal precedent: keeps the\n // dependency out of the module graph when the function is not called.\n const { default: QRCode } = await import('qrcode');\n const qr = QRCode.create(text, { errorCorrectionLevel: 'M' });\n const size: number = qr.modules.size;\n const data: Uint8Array = qr.modules.data as Uint8Array;\n\n const isDark = (x: number, y: number): boolean => {\n if (x < 0 \|\| y < 0 \|\| x >= size \|\| y >= size) return false;\n return data[y size + x] === 1;\n };\n\n const QUIET = 1;\n const lines: string[] = [];\n for (let y = -QUIET; y < size + QUIET; y += 2) {\n let line = '';\n for (let x = -QUIET; x < size + QUIET; x++) {\n const top = isDark(x, y);\n const bot = isDark(x, y + 1);\n line += top && bot ? '█' : top ? '▀' : bot ? '▄' : ' ';\n }\n lines.push(line);\n }\n return `${lines.join('\\n')}\\n`;\n}\n\n/*\n Renders the attach banner (relay URL + ASCII QR) as a string.\n \n The QR encodes the base `wssUrl` only. When `totpEnabled` is true, a note\n * is added that attach URLs generated by `build_attach_url` will include a\n * live TOTP code (`at=`) appended at call time.\n \n SECRET-HANDLING: no secret value, TOTP code, or intermediate value is\n * included in this output.\n /\nexport async function renderAttachBanner(input: AttachBannerInput): Promise<string> {\n // The QR encodes only the relay wssUrl — no token or code. This is safe\n // because the relay gate enforces the code at WS upgrade time anyway; the\n // QR is just for locating the relay, not for bypassing auth.\n const qr = await renderQr(input.wssUrl);\n\n const authNote = input.totpEnabled\n ? ' auth: TOTP enabled — attach URLs include a rotating code (at=).'\n : ' auth: none (set AIT_DEBUG_TOTP_SECRET to enable TOTP).';\n\n return [\n '',\n 'AIT debug — attach a mini-app to this session',\n '',\n ` relay (wss): ${input.wssUrl}`,\n authNote,\n '',\n ' Use build_attach_url to generate a deep link with the current TOTP code.',\n ' Scan the QR to locate the relay (open the dogfood URL separately with',\n ' ?debug=1&relay=<wss>&at=<code> or use the build_attach_url tool):',\n '',\n qr,\n ].join('\\n');\n}\n\n/* Prints the attach banner to stderr (stdout is the MCP stdio channel). /\nexport async function printAttachBanner(input: AttachBannerInput): Promise<void> {\n const banner = await renderAttachBanner(input);\n process.stderr.write(`${banner}\\n`);\n}\n","/\n @ait-co/devtools debug-mode MCP server (stdio).\n \n Lets an AI coding agent attach to a running mini-app (real Toss WebView, or a\n * browser in dev mode) and read its console/network/DOM/screenshot over CDP plus\n * the AIT.* domain, without a human watching a phone. Transport is CDP-via-Chii:\n * a local Chii relay on an OS-assigned port (default 0) exposed through a\n * cloudflared quick tunnel; the phone attaches over the public wss URL.\n \n AI host --stdio--> this server --CDP client WS--> Chii relay :<OS-port>\n * ^-- target WS -- phone\n \n Port 0 (default): the OS picks a free ephemeral port on every startup.\n * This prevents EADDRINUSE when a stale cloudflared child (orphaned after\n * SIGKILL, PPID 1) still holds a fixed port — which previously caused the MCP\n * handshake to fail with -32000. With port 0 any orphaned cloudflared is\n * harmless; the new relay always gets a fresh port.\n \n Best-effort child cleanup: SIGINT/SIGTERM/SIGHUP handlers call shutdown() to\n * stop cloudflared and the relay. uncaughtException/unhandledRejection also\n * call shutdown() before exit. SIGKILL cannot be intercepted by Node, so\n * cloudflared orphans from SIGKILL remain (port 0 makes them harmless). Users\n * can clean up manually: `pkill -f 'cloudflared.trycloudflare'`.\n \n * The tool layer reads from an injectable `CdpConnection` (CDP) and `AitSource`\n * (AIT.), so every tool is unit-testable with a fake (no phone). This module\n wires the live pieces (relay + tunnel + production connection); the phone\n * roundtrip is fully wired and pending only on-device acceptance.\n \n Dynamic tool registration (issue #208):\n * The server advertises `listChanged: true` so MCP clients can subscribe to\n * `notifications/tools/list_changed`. Before any page attaches, only bootstrap\n * tools (`build_attach_url`, `list_pages`) are listed. Once a target appears,\n * the full attach-dependent tool set is added and a `list_changed` notification\n * is sent — without requiring a session restart. `runDebugServer` and\n * `runLocalDebugServer` start a polling watcher that detects the 0→N target\n * transition and calls `server.sendToolListChanged()`.\n \n Note: `src/mcp/server.ts` (dev mode, HTTP mock-state) is NOT subject to this\n * model — it has no attach concept and always exposes the full tool surface.\n \n Node-only.\n /\n\nimport { Server } from '@modelcontextprotocol/sdk/server/index.js';\nimport { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';\nimport { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';\nimport { ChiiAitSource } from './ait-chii-source.js';\nimport type { AitSource } from './ait-source.js';\nimport type { CdpConnection } from './cdp-connection.js';\nimport { ChiiCdpConnection } from './chii-connection.js';\nimport { startChiiRelay } from './chii-relay.js';\nimport { LocalCdpConnection } from './local-connection.js';\nimport { launchChromium } from './local-launcher.js';\nimport { type QrHttpServer, startQrHttpServer } from './qr-http-server.js';\nimport {\n BOOTSTRAP_TOOL_NAMES,\n buildAttachUrl,\n callSdk,\n canOpenBrowser,\n DEBUG_TOOL_DEFINITIONS,\n evaluate,\n getDomDocument,\n getMockState,\n getOperationalEnvironment,\n getSdkCallHistory,\n isAitToolName,\n isDebugToolName,\n listConsoleMessages,\n listNetworkRequests,\n listPages,\n measureSafeArea,\n openQrInBrowser,\n type TunnelStatus,\n takeScreenshot,\n takeSnapshot,\n} from './tools.js';\nimport { verifyTotp } from './totp.js';\nimport {\n generateAttachToken,\n printAttachBanner,\n type QuickTunnel,\n renderQr,\n startQuickTunnel,\n} from './tunnel.js';\n\n/* Live infra the connection reads tunnel status from. /\nexport interface DebugServerDeps {\n connection: CdpConnection;\n /* AIT.* domain source — forwarded over the same Chii channel in production. /\n aitSource: AitSource;\n /* Returns current tunnel status (URL changes per spawn). /\n getTunnelStatus(): TunnelStatus;\n /\n Maximum time in ms to wait for a page to attach when `wait_for_attach=true`.\n * Default 90 000 ms. Exposed for testing so tests can use a small value without\n * fake timers (which conflict with MCP SDK's own timeouts).\n /\n waitForAttachTimeoutMs?: number;\n /\n 로컬 QR HTTP 서버 — `build_attach_url` tool이 브라우저로 열 HTTP URL을 제공.\n * 없으면 text QR fallback으로만 동작 (GUI 없는 환경 호환).\n /\n qrHttpServer?: QrHttpServer;\n}\n\n/\n Builds the debug-mode MCP server around an injected CDP connection + AIT\n * source + tunnel status getter. Pure wiring — does not start a relay or\n * tunnel, which is what makes the tool surface unit-testable.\n \n `tools/list` is two-tiered (issue #208):\n * - bootstrap (always): `build_attach_url`, `list_pages`\n * - attach-dependent (after `connection.listTargets().length > 0`): all others\n \n `CallTool` is NOT tiered — hidden tools still execute (attach errors surface\n * naturally via `enableDomains`). The tier only controls visibility.\n /\nexport function createDebugServer(deps: DebugServerDeps): Server {\n const {\n connection,\n aitSource,\n getTunnelStatus,\n waitForAttachTimeoutMs = 90_000,\n qrHttpServer,\n } = deps;\n\n const server = new Server(\n { name: 'ait-debug', version: __VERSION__ },\n // listChanged: true — the server emits notifications/tools/list_changed when\n // a page attaches (0→N target transition), promoted attach-dependent tools.\n { capabilities: { tools: { listChanged: true } } },\n );\n\n server.setRequestHandler(ListToolsRequestSchema, () => {\n const attached = connection.listTargets().length > 0;\n const tools = attached\n ? DEBUG_TOOL_DEFINITIONS.map((tool) => ({ ...tool }))\n : DEBUG_TOOL_DEFINITIONS.filter((tool) => BOOTSTRAP_TOOL_NAMES.has(tool.name)).map(\n (tool) => ({ ...tool }),\n );\n return { tools };\n });\n\n server.setRequestHandler(CallToolRequestSchema, async (request) => {\n const name = request.params.name;\n if (!isDebugToolName(name)) {\n return {\n content: [{ type: 'text', text: `Unknown tool: ${name}` }],\n isError: true,\n };\n }\n\n // AIT. tools are served by the AIT source. In production it rides the same\n // Chii websocket as CDP, so the connection must be attached first; the AIT\n // source's sendCommand rejects with a clear message if no page is attached.\n if (isAitToolName(name)) {\n try {\n await connection.enableDomains();\n switch (name) {\n case 'AIT.getSdkCallHistory':\n return jsonResult(await getSdkCallHistory(aitSource));\n case 'AIT.getMockState':\n return jsonResult(await getMockState(aitSource));\n case 'AIT.getOperationalEnvironment':\n return jsonResult(await getOperationalEnvironment(aitSource));\n default:\n return unknownTool(name);\n }\n } catch (err) {\n return errorResult(err, name);\n }\n }\n\n // build_attach_url is pure synthesis (scheme URL + relay URL → deep link).\n // It works before any page attaches, so it must not require enableDomains.\n if (name === 'build_attach_url') {\n const schemeUrl = request.params.arguments?.scheme_url;\n if (typeof schemeUrl !== 'string' \|\| schemeUrl === '') {\n return {\n content: [{ type: 'text', text: 'build_attach_url requires a non-empty scheme_url.' }],\n isError: true,\n };\n }\n const waitForAttach = request.params.arguments?.wait_for_attach === true;\n // open_in_browser defaults to true when not explicitly set.\n const openInBrowser = request.params.arguments?.open_in_browser !== false;\n\n try {\n const { attachUrl, relayUrl, authorityWarning } = buildAttachUrl(\n schemeUrl,\n getTunnelStatus(),\n );\n\n // Prepend a non-fatal authority warning when the scheme URL host looks wrong.\n const warningPrefix = authorityWarning ? `⚠️ scheme_url 경고: ${authorityWarning}\\n\\n` : '';\n\n const header =\n 'This tool result is shown to the user directly — do NOT re-print the QR below in your reply (it wastes output tokens). Just tell the user to scan the QR in this output (Ctrl+O to expand if collapsed).';\n\n // Try to open QR in browser when requested, a GUI is available, and the HTTP server is up.\n if (openInBrowser && canOpenBrowser() && qrHttpServer) {\n const httpUrl = qrHttpServer.buildAttachPageUrl(attachUrl);\n const pngUrl = `http://127.0.0.1:${qrHttpServer.port}/qr.png?u=${encodeURIComponent(attachUrl)}`;\n\n const browserResult = await openQrInBrowser(httpUrl, pngUrl);\n\n if (browserResult.opened) {\n // Opened successfully — HTTP URL을 사용자에게 명시.\n // SECRET-HANDLING: attachUrl은 httpUrl query string 안에 있고, tool result에는 httpUrl만 노출.\n const shortText =\n `${warningPrefix}${header}\\n` +\n `${JSON.stringify({ relayUrl }, null, 2)}\\n\\n` +\n `브라우저에서 QR을 열었습니다. 폰 카메라로 스캔하세요.\\n` +\n `URL: ${browserResult.httpUrl}`;\n\n if (!waitForAttach) {\n return { content: [{ type: 'text' as const, text: shortText }] };\n }\n\n // wait_for_attach path (browser opened).\n const POLL_INTERVAL_MS = 1000;\n const TIMEOUT_MS = waitForAttachTimeoutMs;\n const deadline = Date.now() + TIMEOUT_MS;\n let attachedPages: ReturnType<CdpConnection['listTargets']> = [];\n while (Date.now() < deadline) {\n attachedPages = connection.listTargets();\n if (attachedPages.length > 0) break;\n await new Promise<void>((r) => setTimeout(r, POLL_INTERVAL_MS));\n }\n\n if (attachedPages.length === 0) {\n return {\n content: [\n {\n type: 'text' as const,\n text:\n `${shortText}\\n\\nNo page attached within ${TIMEOUT_MS / 1000}s — ` +\n 'call list_pages to retry.',\n },\n ],\n isError: true,\n };\n }\n\n const pagesResult = listPages(connection, getTunnelStatus());\n return {\n content: [\n {\n type: 'text' as const,\n text: `${shortText}\\n\\n${JSON.stringify(pagesResult, null, 2)}`,\n },\n ],\n };\n }\n\n // Browser open failed — URL + stderr 안내 후 text QR fallback.\n const stderrNote = browserResult.stderrSummary\n ? `\\nstderr: ${browserResult.stderrSummary}`\n : '';\n const fallbackNote =\n `브라우저 자동 열기에 실패했습니다. 다음 URL을 직접 브라우저에서 여세요:\\n` +\n `${browserResult.httpUrl}\\n` +\n `또는 PNG로 받기: ${browserResult.pngUrl}` +\n stderrNote +\n '\\n\\n';\n const qr = await renderQr(attachUrl);\n const baseText = `${warningPrefix}${fallbackNote}${header}\\n${JSON.stringify({ attachUrl, relayUrl }, null, 2)}\\n\\n${qr}`;\n\n if (!waitForAttach) {\n return { content: [{ type: 'text' as const, text: baseText }] };\n }\n\n // wait_for_attach + fallback path.\n const POLL_INTERVAL_MS_FB = 1000;\n const TIMEOUT_MS_FB = waitForAttachTimeoutMs;\n const deadline2 = Date.now() + TIMEOUT_MS_FB;\n let attachedPagesFb: ReturnType<CdpConnection['listTargets']> = [];\n while (Date.now() < deadline2) {\n attachedPagesFb = connection.listTargets();\n if (attachedPagesFb.length > 0) break;\n await new Promise<void>((r) => setTimeout(r, POLL_INTERVAL_MS_FB));\n }\n\n if (attachedPagesFb.length === 0) {\n return {\n content: [\n {\n type: 'text' as const,\n text:\n `${baseText}\\n\\nNo page attached within ${TIMEOUT_MS_FB / 1000}s — ` +\n 'call list_pages to retry.',\n },\n ],\n isError: true,\n };\n }\n\n const pagesResultFb = listPages(connection, getTunnelStatus());\n return {\n content: [\n {\n type: 'text' as const,\n text: `${baseText}\\n\\n${JSON.stringify(pagesResultFb, null, 2)}`,\n },\n ],\n };\n }\n\n // open_in_browser=false or no GUI available or no HTTP server: text QR fallback.\n const qr = await renderQr(attachUrl);\n const baseText = `${warningPrefix}${header}\\n${JSON.stringify({ attachUrl, relayUrl }, null, 2)}\\n\\n${qr}`;\n\n if (!waitForAttach) {\n return {\n content: [{ type: 'text' as const, text: baseText }],\n };\n }\n\n // wait_for_attach=true: poll listTargets until a page attaches or timeout.\n // enableDomains is NOT called here — listTargets is a buffered target list\n // read and does not require domain negotiation.\n const POLL_INTERVAL_MS = 1000;\n const TIMEOUT_MS = waitForAttachTimeoutMs;\n const deadline = Date.now() + TIMEOUT_MS;\n let attachedPages: ReturnType<CdpConnection['listTargets']> = [];\n while (Date.now() < deadline) {\n attachedPages = connection.listTargets();\n if (attachedPages.length > 0) break;\n await new Promise<void>((r) => setTimeout(r, POLL_INTERVAL_MS));\n }\n\n if (attachedPages.length === 0) {\n return {\n content: [\n {\n type: 'text' as const,\n text:\n `${baseText}\\n\\nNo page attached within ${TIMEOUT_MS / 1000}s — ` +\n 'call list_pages to retry.',\n },\n ],\n isError: true,\n };\n }\n\n const pagesResult = listPages(connection, getTunnelStatus());\n return {\n content: [\n {\n type: 'text' as const,\n text: `${baseText}\\n\\n${JSON.stringify(pagesResult, null, 2)}`,\n },\n ],\n };\n } catch (err) {\n return errorResult(err, name);\n }\n }\n\n try {\n // Ensure CDP domains are enabled before reading. No-op once attached;\n // throws a clear message while no page is attached yet.\n await connection.enableDomains();\n } catch (err) {\n const message = err instanceof Error ? err.message : String(err);\n if (name === 'list_pages') {\n // list_pages is still useful pre-attach: report tunnel + empty pages.\n return jsonResult(listPages(connection, getTunnelStatus()));\n }\n return {\n content: [\n {\n type: 'text',\n text: `${message}\\nCall list_pages to confirm a mini-app has attached over the relay.`,\n },\n ],\n isError: true,\n };\n }\n\n try {\n switch (name) {\n case 'list_console_messages':\n return jsonResult(listConsoleMessages(connection));\n case 'list_network_requests':\n return jsonResult(listNetworkRequests(connection));\n case 'list_pages':\n return jsonResult(listPages(connection, getTunnelStatus()));\n case 'get_dom_document':\n return jsonResult(await getDomDocument(connection));\n case 'take_snapshot':\n return jsonResult(await takeSnapshot(connection));\n case 'take_screenshot': {\n const shot = await takeScreenshot(connection);\n return {\n content: [{ type: 'image' as const, data: shot.data, mimeType: shot.mimeType }],\n };\n }\n case 'measure_safe_area':\n return jsonResult(await measureSafeArea(connection));\n case 'evaluate': {\n const expression = request.params.arguments?.expression;\n if (typeof expression !== 'string' \|\| expression === '') {\n return {\n content: [\n { type: 'text' as const, text: 'evaluate requires a non-empty expression.' },\n ],\n isError: true,\n };\n }\n // SECRET-HANDLING: do not log expression or result value.\n return jsonResult(await evaluate(connection, expression));\n }\n case 'call_sdk': {\n const sdkName = request.params.arguments?.name;\n if (typeof sdkName !== 'string' \|\| sdkName === '') {\n return {\n content: [{ type: 'text' as const, text: 'call_sdk requires a non-empty name.' }],\n isError: true,\n };\n }\n const rawArgs = request.params.arguments?.args;\n const sdkArgs: unknown[] = Array.isArray(rawArgs) ? rawArgs : [];\n // SECRET-HANDLING: do not log name, args, or result value.\n return jsonResult(await callSdk(connection, sdkName, sdkArgs));\n }\n default:\n return unknownTool(name);\n }\n } catch (err) {\n return errorResult(err, name);\n }\n });\n\n return server;\n}\n\nfunction jsonResult(value: unknown) {\n return { content: [{ type: 'text' as const, text: JSON.stringify(value, null, 2) }] };\n}\n\nfunction unknownTool(name: string) {\n return { content: [{ type: 'text' as const, text: `Unknown tool: ${name}` }], isError: true };\n}\n\nfunction errorResult(err: unknown, name: string) {\n const message = err instanceof Error ? err.message : String(err);\n return {\n content: [\n {\n type: 'text' as const,\n text: `${name} failed: ${message}\\nCall list_pages to confirm a mini-app has attached over the relay.`,\n },\n ],\n isError: true,\n };\n}\n\n/*\n Starts a polling watcher that detects the first 0→N target transition on\n * `connection.listTargets()` and sends a `notifications/tools/list_changed`\n * notification on the given server.\n \n The watcher polls every `intervalMs` (default 1 000 ms). It fires\n * `server.sendToolListChanged()` exactly once — on the first transition — then\n * clears itself. Shutdown calls `stop()` to clear the interval.\n \n SECRET-HANDLING: target `id`/`title`/`url` are not written to any log here.\n * Only an attach-detected stderr line is emitted (no target details).\n \n @returns `stop` — call this during shutdown to clear the interval.\n /\nexport function startAttachWatcher(\n connection: CdpConnection,\n server: Server,\n intervalMs = 1_000,\n): { stop(): void } {\n let wasAttached = connection.listTargets().length > 0;\n // If already attached when the watcher starts, send once immediately.\n if (wasAttached) {\n void server.sendToolListChanged();\n }\n\n const handle = setInterval(() => {\n const isAttached = connection.listTargets().length > 0;\n if (!wasAttached && isAttached) {\n wasAttached = true;\n // Emit once on 0→N transition so the MCP client refreshes its tool list.\n void server.sendToolListChanged();\n clearInterval(handle);\n }\n }, intervalMs);\n\n return {\n stop() {\n clearInterval(handle);\n },\n };\n}\n\nexport interface RunDebugServerOptions {\n /\n Local Chii relay port. Default 0 (OS-assigned ephemeral port).\n \n Passing 0 lets the OS choose a free port on each startup — this prevents\n * EADDRINUSE when a stale cloudflared orphan still holds a fixed port (the\n * root cause of -32000 MCP handshake failures). Pass an explicit port number\n * only when a fixed port is specifically required (backwards-compatible).\n /\n relayPort?: number;\n}\n\n/\n Reads `AIT_DEBUG_TOTP_SECRET` from `process.env` at runtime and builds a\n * `verifyAuth` predicate for the Chii relay's WebSocket upgrade gate.\n \n The predicate checks the `at` query parameter against the current and\n * adjacent TOTP time steps (±1 skew) using `verifyTotp`.\n \n Returns `undefined` when the env var is not set — callers treat that as\n * \"auth disabled\" (no predicate registered on the relay).\n \n SECRET-HANDLING: The secret value read from env is captured in a closure and\n * is NEVER written to any log, error message, or process output.\n /\nexport function buildRelayVerifyAuth():\n \| ((req: import('node:http').IncomingMessage) => boolean)\n \| undefined {\n const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n if (!secret) return undefined;\n\n return (req) => {\n // Parse the `at` query param from the upgrade request URL.\n // req.url is the raw request path + query, e.g. `/client/id?target=…&at=123456`\n const rawUrl = req.url ?? '';\n const qIndex = rawUrl.indexOf('?');\n const queryStr = qIndex === -1 ? '' : rawUrl.slice(qIndex + 1);\n const params = new URLSearchParams(queryStr);\n const code = params.get('at') ?? '';\n\n // Do NOT log `code`, `secret`, or any derived value here.\n return verifyTotp(secret, code);\n };\n}\n\n/\n Boots the live debug stack and serves it over stdio:\n * 1. start the Chii relay on an OS-assigned port (with TOTP auth if\n * AIT_DEBUG_TOTP_SECRET is set),\n * 2. open a cloudflared quick tunnel to the relay's confirmed port,\n * 3. print relay URL + attach instructions,\n * 4. expose the debug tools backed by a `ChiiCdpConnection` + `ChiiAitSource`.\n /\nexport async function runDebugServer(options: RunDebugServerOptions = {}): Promise<void> {\n // Default 0: OS picks a free port. Prevents EADDRINUSE from stale cloudflared\n // orphans (SIGKILL survivors) that would otherwise block a fixed port and\n // cause -32000 MCP handshake failures on reconnect.\n const relayPort = options.relayPort ?? 0;\n\n // Build the TOTP verifyAuth predicate from env at startup (runtime read).\n const verifyAuth = buildRelayVerifyAuth();\n const totpEnabled = verifyAuth !== undefined;\n\n const relay = await startChiiRelay({ port: relayPort, verifyAuth });\n // relay.port is the actual OS-assigned port (may differ from relayPort when 0).\n\n let tunnel: QuickTunnel \| null = null;\n let tunnelStatus: TunnelStatus = { up: false, wssUrl: null };\n // generateAttachToken is kept for legacy/non-TOTP token use, but we no\n // longer print it in the banner to avoid accidental secret exposure.\n const _token = generateAttachToken();\n\n // Bring the cloudflared tunnel up in the background so the MCP stdio\n // transport can answer `initialize` immediately. cloudflared has to lazy-\n // download a ~38 MB binary on first run; awaiting it here pushes the\n // initialize response past Claude Code's MCP connection timeout. Tools that\n // need the tunnel (`build_attach_url`) already gate on `getTunnelStatus()`\n // and return a clear \"tunnel not up\" message when it isn't ready yet, so\n // dropping the await is safe — the agent retries once the banner prints.\n const tunnelReady = startQuickTunnel(relay.port).then(\n (t) => {\n tunnel = t;\n tunnelStatus = { up: true, wssUrl: t.wssUrl };\n return printAttachBanner({ wssUrl: t.wssUrl, totpEnabled });\n },\n (err) => {\n const message = err instanceof Error ? err.message : String(err);\n process.stderr.write(\n `[ait-debug] Failed to open cloudflared quick tunnel: ${message}\\n` +\n '[ait-debug] The relay is up locally; attach over the public URL is unavailable until the tunnel starts.\\n',\n );\n },\n );\n // Reference the promise to placate the linter — actual completion is observed\n // via the side-effects on `tunnelStatus` from inside `.then`.\n void tunnelReady;\n\n const connection = new ChiiCdpConnection({ relayBaseUrl: relay.baseUrl });\n // AIT. methods ride the same Chii channel as CDP commands.\n const aitSource = new ChiiAitSource(connection);\n\n // 로컬 QR HTTP 서버를 cloudflared와 동일하게 background 시작.\n // GUI 없는 환경에서는 startQrHttpServer가 실패해도 text QR fallback으로 동작한다.\n let qrServer: QrHttpServer \| undefined;\n void startQrHttpServer().then(\n (s) => {\n qrServer = s;\n },\n (err: unknown) => {\n const message = err instanceof Error ? err.message : String(err);\n process.stderr.write(\n `[ait-debug] QR HTTP 서버 시작 실패 (text QR fallback 사용): ${message}\\n`,\n );\n },\n );\n\n const server = createDebugServer({\n connection,\n aitSource,\n getTunnelStatus: () => tunnelStatus,\n get qrHttpServer() {\n return qrServer;\n },\n });\n\n const transport = new StdioServerTransport();\n\n // ---------------------------------------------------------------------------\n // Shutdown: best-effort cleanup of relay + cloudflared child process.\n //\n // SIGKILL cannot be intercepted — cloudflared may remain orphaned (PPID 1).\n // Port 0 makes such orphans harmless: the next startup gets a fresh port.\n // Manual cleanup if needed: `pkill -f 'cloudflared.trycloudflare'`\n // ---------------------------------------------------------------------------\n\n let closed = false;\n let attachWatcher: { stop(): void } \| null = null;\n\n const shutdown = () => {\n // Idempotent: multiple simultaneous signals/exit/uncaught calls run only once.\n if (closed) return;\n closed = true;\n\n attachWatcher?.stop();\n connection.close();\n // tunnel.stop() is synchronous (child process kill) — safe from exit handler.\n tunnel?.stop();\n // relay.close(), server.close(), qrServer.close() are async — fine for signal handlers.\n void relay.close();\n void server.close();\n void qrServer?.close();\n };\n\n // Graceful termination signals.\n process.once('SIGINT', shutdown);\n process.once('SIGTERM', shutdown);\n // SIGHUP: terminal hangup / parent process exit.\n process.once('SIGHUP', shutdown);\n\n // Synchronous-only cleanup on process.exit (async calls are silently ignored\n // by Node at this stage — only tunnel.stop() which is a sync child kill).\n process.on('exit', () => {\n if (!closed) {\n closed = true;\n attachWatcher?.stop();\n tunnel?.stop();\n }\n });\n\n // Crash safety: shutdown before exiting so cloudflared is killed even on\n // unhandled errors. Covers cases where no signal is delivered (e.g. thrown\n // exception in async code that wasn't caught).\n process.on('uncaughtException', (err) => {\n process.stderr.write(`[ait-debug] uncaughtException: ${String(err)}\\n`);\n shutdown();\n process.exit(1);\n });\n\n process.on('unhandledRejection', (reason) => {\n process.stderr.write(`[ait-debug] unhandledRejection: ${String(reason)}\\n`);\n shutdown();\n process.exit(1);\n });\n\n await server.connect(transport);\n\n // Start the attach watcher after the transport is connected so\n // sendToolListChanged has a live session to notify.\n attachWatcher = startAttachWatcher(connection, server);\n}\n\nexport interface RunLocalDebugServerOptions {\n /\n CDP remote debugging port for the local Chromium. Default 0 (OS-assigned).\n * Uses an ephemeral free port when 0, avoiding EADDRINUSE on reconnect.\n /\n cdpPort?: number;\n /\n URL to open in the launched browser. Defaults to `AIT_DEVTOOLS_URL` env var\n * or `http://localhost:5173`.\n /\n devUrl?: string;\n}\n\n/\n Boots the local-browser debug stack and serves it over stdio:\n * 1. launch a local Chromium with `--remote-debugging-port=<port>`,\n * 2. attach a `LocalCdpConnection` to the first non-blank page target,\n * 3. expose the debug tools backed by that connection + a `ChiiAitSource`.\n \n `build_attach_url` (relay-specific, generates a deep-link + QR for the phone)\n * is not applicable in local mode because there is no relay or tunnel. The tool\n * is still listed (it is part of `DEBUG_TOOL_DEFINITIONS`) but will return a\n * clear \"not applicable\" message via the tunnel-down path (wssUrl is null).\n \n The AIT.* tools (`AIT.getSdkCallHistory`, `AIT.getMockState`,\n * `AIT.getOperationalEnvironment`) ride the same CDP channel via\n * `ChiiAitSource` → `LocalCdpConnection.sendCommand`. They will succeed once\n * the sdk-example dev-bridge (`window.__sdkCall` install) lands in sdk-example;\n * until then they return the sdk-example \"bridge absent\" message — which is\n * expected and noted in the PR as an explicit out-of-scope follow-up.\n /\nexport async function runLocalDebugServer(options: RunLocalDebugServerOptions = {}): Promise<void> {\n const cdpPort = options.cdpPort ?? 0;\n const devUrl = options.devUrl ?? process.env.AIT_DEVTOOLS_URL ?? 'http://localhost:5173';\n\n const chromium = await launchChromium({ port: cdpPort, devUrl });\n\n // Give Chromium a moment to start the CDP endpoint before we connect.\n // 800 ms is enough on most machines; the connection retries if it fails.\n await new Promise<void>((r) => setTimeout(r, 800));\n\n const connection = new LocalCdpConnection({ devtoolsHttpUrl: chromium.devtoolsUrl });\n // AIT. methods ride the same CDP channel via LocalCdpConnection.sendCommand.\n const aitSource = new ChiiAitSource(connection);\n\n // Local mode has no relay tunnel — tunnelStatus is always \"down\" which causes\n // build_attach_url to return a clear \"tunnel not up\" error, communicating to\n // the agent that this tool is relay-only.\n const tunnelStatus: TunnelStatus = { up: false, wssUrl: null };\n\n const server = createDebugServer({\n connection,\n aitSource,\n getTunnelStatus: () => tunnelStatus,\n });\n\n const transport = new StdioServerTransport();\n\n let closed = false;\n let attachWatcher: { stop(): void } \| null = null;\n\n const shutdown = () => {\n if (closed) return;\n closed = true;\n attachWatcher?.stop();\n connection.close();\n chromium.stop();\n void server.close();\n };\n\n process.once('SIGINT', shutdown);\n process.once('SIGTERM', shutdown);\n process.once('SIGHUP', shutdown);\n\n process.on('exit', () => {\n if (!closed) {\n closed = true;\n attachWatcher?.stop();\n chromium.stop();\n }\n });\n\n process.on('uncaughtException', (err) => {\n process.stderr.write(`[ait-local-debug] uncaughtException: ${String(err)}\\n`);\n shutdown();\n process.exit(1);\n });\n\n process.on('unhandledRejection', (reason) => {\n process.stderr.write(`[ait-local-debug] unhandledRejection: ${String(reason)}\\n`);\n shutdown();\n process.exit(1);\n });\n\n await server.connect(transport);\n\n // Start the attach watcher after the transport is connected so\n // sendToolListChanged has a live session to notify.\n attachWatcher = startAttachWatcher(connection, server);\n}\n","/*\n Dev-mode `AitSource` — backed by the Vite dev server's mock-state endpoint.\n \n The dev server already exposes the live browser mock state at\n * `GET /api/ait-devtools/state` (registered by the unplugin with `mcp: true`).\n * Phase 3 aligns dev mode and debug mode on the same `AIT.` tool surface, so\n dev mode serves those tools off this one HTTP source instead of a CDP channel:\n \n - `AIT.getMockState` → the full state snapshot (verbatim).\n * - `AIT.getOperationalEnvironment` → derived from the snapshot's\n * `environment` + `appVersion` fields.\n * - `AIT.getSdkCallHistory` → empty (the dev endpoint does not record\n * an SDK call trace — honest, not faked).\n \n An AI agent thus sees the same `AIT.getMockState` tool whether attached to a\n * phone (debug) or a dev browser (dev). Tests inject a fake `fetch`.\n /\n\nimport type {\n AitMethodMap,\n AitMethodName,\n AitMockState,\n AitOperationalEnvironment,\n AitSdkCallHistory,\n AitSource,\n} from './ait-source.js';\n\n/* Minimal `fetch` shape this source needs (injectable in tests). /\nexport type FetchLike = (url: string) => Promise<{\n ok: boolean;\n status: number;\n statusText: string;\n json(): Promise<unknown>;\n}>;\n\nexport interface HttpAitSourceOptions {\n /* Full URL of the mock-state endpoint, e.g. `http://localhost:5173/api/ait-devtools/state`. /\n stateEndpoint: string;\n /* Injected for tests; defaults to global `fetch`. /\n fetchImpl?: FetchLike;\n}\n\nfunction isObject(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n\nexport class HttpAitSource implements AitSource {\n private readonly stateEndpoint: string;\n private readonly fetchImpl: FetchLike;\n\n constructor(options: HttpAitSourceOptions) {\n this.stateEndpoint = options.stateEndpoint;\n this.fetchImpl = options.fetchImpl ?? ((url) => fetch(url));\n }\n\n private async fetchState(): Promise<AitMockState> {\n const res = await this.fetchImpl(this.stateEndpoint);\n if (!res.ok) {\n throw new Error(\n `Failed to fetch mock state from ${this.stateEndpoint}: HTTP ${res.status} ${res.statusText}. ` +\n 'Ensure the Vite dev server is running with the @ait-co/devtools unplugin option `mcp: true`.',\n );\n }\n const body = await res.json();\n return isObject(body) ? body : {};\n }\n\n async get<M extends AitMethodName>(method: M): Promise<AitMethodMap[M]> {\n switch (method) {\n case 'AIT.getMockState': {\n const state = await this.fetchState();\n return state as AitMethodMap[M];\n }\n case 'AIT.getOperationalEnvironment': {\n const state = await this.fetchState();\n const environment = typeof state.environment === 'string' ? state.environment : 'unknown';\n const sdkVersion = typeof state.appVersion === 'string' ? state.appVersion : null;\n const result: AitOperationalEnvironment = { environment, sdkVersion };\n return result as AitMethodMap[M];\n }\n case 'AIT.getSdkCallHistory': {\n // sdkCallLog slice is now part of the mock state pushed by the browser panel.\n // Read it from the state snapshot rather than returning an empty stub.\n const state = await this.fetchState();\n const raw = state.sdkCallLog;\n const calls = Array.isArray(raw) ? (raw as AitSdkCallHistory['calls']) : [];\n const result: AitSdkCallHistory = { calls };\n return result as AitMethodMap[M];\n }\n default:\n throw new Error(`Unknown AIT method: ${String(method)}`);\n }\n }\n}\n","/\n @ait-co/devtools dev-mode MCP server (stdio).\n \n Exposes the live browser mock state from a running Vite dev server to AI\n * coding agents via the Model Context Protocol (MCP).\n \n Architecture:\n * Browser (aitState) → Vite dev server endpoint (/api/ait-devtools/state)\n * ← HTTP GET ← this stdio MCP server ← AI agent\n \n The Vite endpoint is registered by the unplugin when `mcp: true` is set in\n * the plugin options (see `src/unplugin/index.ts`).\n \n Phase 3 tool-surface alignment: dev mode and debug mode now expose the same\n * `AIT.` tools (`AIT.getMockState`, `AIT.getOperationalEnvironment`,\n `AIT.getSdkCallHistory`). In dev mode they are backed by the HTTP mock-state\n * endpoint (see `HttpAitSource`); in debug mode by the Chii channel. So an AI\n * sees a coherent tool whether attached to a phone (debug) or a dev browser\n * (dev). `devtools_get_mock_state` (the original devtools#130 name) is kept as a\n * backward-compatible alias of `AIT.getMockState`.\n \n This module is reached via the `devtools-mcp --mode=dev` CLI entry (see\n * `cli.ts`); the default (no flag) bin mode is the debug-mode CDP/Chii server.\n \n Usage (in your MCP client config, e.g. Claude Desktop):\n * {\n * \"mcpServers\": {\n * \"ait-devtools\": {\n * \"command\": \"pnpm\",\n * \"args\": [\"exec\", \"devtools-mcp\", \"--mode=dev\"],\n * \"env\": { \"AIT_DEVTOOLS_URL\": \"http://localhost:5173\" }\n * }\n * }\n * }\n /\n\nimport { Server } from '@modelcontextprotocol/sdk/server/index.js';\nimport { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';\nimport { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';\nimport { HttpAitSource } from './ait-http-source.js';\nimport type { AitSource } from './ait-source.js';\nimport {\n getMockState,\n getOperationalEnvironment,\n getSdkCallHistory,\n isAitToolName,\n} from './tools.js';\n\n/* Tool descriptors served by the dev-mode server. /\nconst DEV_TOOL_DEFINITIONS = [\n {\n name: 'AIT.getMockState',\n description:\n 'Returns the devtools mock state snapshot (window.__ait) from the running browser session — ' +\n 'environment, permissions, location, auth, network, IAP, and more. Read-only. ' +\n 'Requires the Vite dev server running with the @ait-co/devtools unplugin option `mcp: true`. ' +\n 'Same tool as in debug mode, where the in-app side reports it over the AIT domain.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'AIT.getOperationalEnvironment',\n description:\n 'Returns the operational environment + SDK/app version derived from the dev mock state. ' +\n 'Read-only.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'AIT.getSdkCallHistory',\n description:\n 'Returns the SDK call trace. In dev mode the HTTP mock-state endpoint records no trace, so ' +\n 'this returns an empty list; in debug mode it is populated over the AIT domain. Read-only.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'devtools_get_mock_state',\n description:\n 'Backward-compatible alias of AIT.getMockState (the original devtools#130 name). Returns the ' +\n 'current AIT DevTools mock state snapshot. Read-only. Prefer AIT.getMockState in new configs.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n] as const;\n\nconst DEV_TOOL_NAMES = new Set<string>(DEV_TOOL_DEFINITIONS.map((t) => t.name));\n\nexport interface CreateDevServerDeps {\n /* AIT source for the dev tools. Defaults to an HTTP source over the dev server. /\n aitSource?: AitSource;\n}\n\n/* Builds the dev-mode MCP server (does not connect a transport). /\nexport function createDevServer(deps: CreateDevServerDeps = {}): Server {\n const devtoolsUrl = process.env.AIT_DEVTOOLS_URL ?? 'http://localhost:5173';\n const stateEndpoint = `${devtoolsUrl}/api/ait-devtools/state`;\n const aitSource = deps.aitSource ?? new HttpAitSource({ stateEndpoint });\n\n const server = new Server(\n { name: 'ait-devtools', version: __VERSION__ },\n { capabilities: { tools: {} } },\n );\n\n server.setRequestHandler(ListToolsRequestSchema, () => ({\n tools: DEV_TOOL_DEFINITIONS.map((tool) => ({ ...tool })),\n }));\n\n server.setRequestHandler(CallToolRequestSchema, async (request) => {\n const name = request.params.name;\n if (!DEV_TOOL_NAMES.has(name)) {\n return { content: [{ type: 'text', text: `Unknown tool: ${name}` }], isError: true };\n }\n\n try {\n // `devtools_get_mock_state` is an alias of `AIT.getMockState`.\n const effective = name === 'devtools_get_mock_state' ? 'AIT.getMockState' : name;\n if (!isAitToolName(effective)) {\n return { content: [{ type: 'text', text: `Unknown tool: ${name}` }], isError: true };\n }\n switch (effective) {\n case 'AIT.getMockState':\n return jsonResult(await getMockState(aitSource));\n case 'AIT.getOperationalEnvironment':\n return jsonResult(await getOperationalEnvironment(aitSource));\n case 'AIT.getSdkCallHistory':\n return jsonResult(await getSdkCallHistory(aitSource));\n default:\n return { content: [{ type: 'text', text: `Unknown tool: ${name}` }], isError: true };\n }\n } catch (err) {\n const message = err instanceof Error ? err.message : String(err);\n return {\n content: [\n {\n type: 'text',\n text:\n `${message}\\n` +\n 'Is the Vite dev server running with the @ait-co/devtools unplugin option `mcp: true`? ' +\n 'Is AIT_DEVTOOLS_URL set correctly?',\n },\n ],\n isError: true,\n };\n }\n });\n\n return server;\n}\n\nfunction jsonResult(value: unknown) {\n return { content: [{ type: 'text' as const, text: JSON.stringify(value, null, 2) }] };\n}\n\n/* Builds the dev-mode server and connects it over stdio. /\nexport async function runDevServer(): Promise<void> {\n const server = createDevServer();\n const transport = new StdioServerTransport();\n await server.connect(transport);\n}\n","/\n `devtools-mcp` bin entry.\n \n Single bin, two modes selected by `--mode` and one target selected by\n * `--target`:\n \n --mode=debug (default)\n * --target=relay (default) — CDP/Chii relay + cloudflared quick tunnel.\n * Attach a running mini-app (real Toss WebView, env 2/3) and read its\n * console + network over CDP without a human watching a phone.\n * --target=local — CDP direct-attach to a local Chromium launched by the\n * MCP server (env 1). No relay or tunnel; the browser is launched\n * pointing at AIT_DEVTOOLS_URL (default http://localhost:5173).\n \n --mode=dev — dev mode — reads the live browser mock state from a running\n * Vite dev server (the devtools#130 `devtools_get_mock_state` surface).\n \n Node-only stdio process.\n /\n\nimport { realpathSync } from 'node:fs';\nimport { argv } from 'node:process';\nimport { fileURLToPath } from 'node:url';\nimport { runDebugServer, runLocalDebugServer } from './debug-server.js';\nimport { runDevServer } from './server.js';\n\ntype Mode = 'debug' \| 'dev';\ntype Target = 'relay' \| 'local';\n\n/* Parses `--mode=<value>` / `--mode <value>` from argv; default `debug`. /\nexport function parseMode(argv: readonly string[]): Mode {\n for (let i = 0; i < argv.length; i++) {\n const arg = argv[i];\n if (arg === undefined) continue;\n if (arg.startsWith('--mode=')) {\n return normalizeMode(arg.slice('--mode='.length));\n }\n if (arg === '--mode') {\n const next = argv[i + 1];\n if (next === undefined) {\n throw new Error(\"--mode requires a value: 'debug' (default) or 'dev'.\");\n }\n return normalizeMode(next);\n }\n }\n return 'debug';\n}\n\n/\n Parses `--target=<value>` / `--target <value>` from argv; default `relay`.\n \n Only meaningful when `--mode=debug`:\n * - `relay` — phone/WebView attach over Chii relay + cloudflared tunnel (env 2/3).\n * - `local` — local Chromium CDP attach (env 1, no relay needed).\n /\nexport function parseTarget(argv: readonly string[]): Target {\n for (let i = 0; i < argv.length; i++) {\n const arg = argv[i];\n if (arg === undefined) continue;\n if (arg.startsWith('--target=')) {\n return normalizeTarget(arg.slice('--target='.length));\n }\n if (arg === '--target') {\n const next = argv[i + 1];\n if (next === undefined) {\n throw new Error(\"--target requires a value: 'relay' (default) or 'local'.\");\n }\n return normalizeTarget(next);\n }\n }\n return 'relay';\n}\n\nfunction normalizeMode(value: string): Mode {\n if (value === 'dev') return 'dev';\n if (value === 'debug') return 'debug';\n throw new Error(`Unknown --mode '${value}'. Expected 'debug' (default) or 'dev'.`);\n}\n\nfunction normalizeTarget(value: string): Target {\n if (value === 'relay') return 'relay';\n if (value === 'local') return 'local';\n throw new Error(`Unknown --target '${value}'. Expected 'relay' (default) or 'local'.`);\n}\n\nasync function main(): Promise<void> {\n const args = process.argv.slice(2);\n const mode = parseMode(args);\n if (mode === 'dev') {\n await runDevServer();\n } else {\n const target = parseTarget(args);\n if (target === 'local') {\n await runLocalDebugServer();\n } else {\n await runDebugServer();\n }\n }\n}\n\n/\n True when this file is the process entry (the bin), not an import.\n \n `argv[1]` is whatever path the OS used to launch node — under `npx`/npm's\n * bin shim that's the symlink in `node_modules/.bin/` (or a wrapper), whereas\n * `import.meta.url` resolves to the realpath inside the package. Comparing\n * the two raw paths gives a false negative on every install that goes through\n * a bin shim — exactly the dominant path for `npx -y @ait-co/devtools\n * devtools-mcp`. Resolve `argv[1]` to its realpath before comparing.\n */\nfunction isEntrypoint(): boolean {\n const entry = argv[1];\n if (entry === undefined) return false;\n try {\n return fileURLToPath(import.meta.url) === realpathSync(entry);\n } catch {\n return false;\n }\n}\n\nif (isEntrypoint()) {\n main().catch((err: unknown) => {\n const message = err instanceof Error ? err.message : String(err);\n process.stderr.write(`[devtools-mcp] fatal: ${message}\\n`);\n process.exitCode = 1;\n });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAgCA,SAASA,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;;AAIhD,SAAS,iBAAiB,KAAiC;AACzD,KAAIA,WAAS,IAAI,IAAI,MAAM,QAAQ,IAAI,MAAM,CAC3C,QAAO,EAAE,OAAO,IAAI,OAAqC;AAE3D,QAAO,EAAE,OAAO,EAAE,EAAE;;;AAItB,SAAS,YAAY,KAA4B;AAC/C,QAAOA,WAAS,IAAI,GAAG,MAAM,EAAE;;;AAIjC,SAAS,yBAAyB,KAAyC;AAIzE,QAAO;EAAE,aAFPA,WAAS,IAAI,IAAI,OAAO,IAAI,gBAAgB,WAAW,IAAI,cAAc;EAErD,YADHA,WAAS,IAAI,IAAI,OAAO,IAAI,eAAe,WAAW,IAAI,aAAa;EACxD;;AAGpC,IAAa,gBAAb,MAAgD;CAC9C,YAAY,QAA2C;AAA1B,OAAA,SAAA;;CAE7B,MAAM,IAA6B,QAAqC;EACtE,MAAM,MAAM,MAAM,KAAK,OAAO,YAAY,OAAO;AAGjD,UAAQ,QAAR;GACE,KAAK,wBACH,QAAO,iBAAiB,IAAI;GAC9B,KAAK,mBACH,QAAO,YAAY,IAAI;GACzB,KAAK,gCACH,QAAO,yBAAyB,IAAI;GACtC,QACE,OAAM,IAAI,MAAM,uBAAuB,OAAO,OAAO,GAAG;;;;;;;;;;;;;;;;;;;;AC9ChE,MAAMC,wBAAsB;AAW5B,SAASC,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;AAGhD,SAASC,eAAa,KAAuC;CAC3D,IAAI;AACJ,KAAI;AACF,WAAS,KAAK,MAAM,IAAI;SAClB;AACN,SAAO;;AAET,KAAI,CAACD,WAAS,OAAO,CAAE,QAAO;CAC9B,MAAM,UAA6B,EAAE;AACrC,KAAI,OAAO,OAAO,OAAO,SAAU,SAAQ,KAAK,OAAO;AACvD,KAAI,OAAO,OAAO,WAAW,SAAU,SAAQ,SAAS,OAAO;AAC/D,KAAI,YAAY,OAAQ,SAAQ,SAAS,OAAO;AAChD,KAAI,YAAY,OAAQ,SAAQ,SAAS,OAAO;AAChD,KAAIA,WAAS,OAAO,MAAM,IAAI,OAAO,OAAO,MAAM,YAAY,SAC5D,SAAQ,QAAQ,EAAE,SAAS,OAAO,MAAM,SAAS;AAEnD,QAAO;;AAGT,MAAME,mBAA0C;CAC9C;CACA;CACA;CACD;;;;;AAaD,IAAa,oBAAb,MAAwD;CACtD;CACA;CACA,UAA2B,IAAI,cAAc;CAC7C,0BAA2B,IAAI,KAA8B;CAC7D,0BAA2B,IAAI,KAAwB;CAEvD,KAA+B;CAC/B,gBAAwB;;CAExB,kBAAgD;;CAEhD,0BAA2B,IAAI,KAG5B;CAEH,YAAY,SAAmC;AAC7C,OAAK,eAAe,QAAQ,aAAa,QAAQ,OAAO,GAAG;AAC3D,OAAK,aAAa,QAAQ,cAAcH;AACxC,OAAK,MAAM,SAASG,iBAAgB,MAAK,QAAQ,IAAI,OAAO,EAAE,CAAC;AAG/D,OAAK,QAAQ,gBAAgB,EAAE;;;CAIjC,MAAM,iBAAuC;EAC3C,MAAM,MAAM,MAAM,MAAM,GAAG,KAAK,aAAa,UAAU;AACvD,MAAI,CAAC,IAAI,GACP,OAAM,IAAI,MAAM,qCAAqC,IAAI,OAAO,GAAG,IAAI,aAAa;EAEtF,MAAM,OAAgB,MAAM,IAAI,MAAM;EACtC,MAAM,OAAOF,WAAS,KAAK,IAAI,MAAM,QAAQ,KAAK,QAAQ,GAAG,KAAK,UAAU,EAAE;AAC9E,OAAK,QAAQ,OAAO;AACpB,OAAK,MAAM,QAAQ,MAAM;AACvB,OAAI,CAACA,WAAS,KAAK,IAAI,OAAO,KAAK,OAAO,SAAU;AACpD,QAAK,QAAQ,IAAI,KAAK,IAAI;IACxB,IAAI,KAAK;IACT,OAAO,OAAO,KAAK,UAAU,WAAW,KAAK,QAAQ;IACrD,KAAK,OAAO,KAAK,QAAQ,WAAW,KAAK,MAAM;IAChD,CAAC;;AAEJ,SAAO,CAAC,GAAG,KAAK,QAAQ,QAAQ,CAAC;;CAGnC,cAA2B;AACzB,SAAO,CAAC,GAAG,KAAK,QAAQ,QAAQ,CAAC;;;;;;CAOnC,MAAM,gBAA+B;AACnC,MAAI,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAAM;AAGtD,MAAI,KAAK,gBAAiB,QAAO,KAAK;AACtC,OAAK,kBAAkB,KAAK,kBAAkB,CAAC,cAAc;AAC3D,QAAK,kBAAkB;IACvB;AACF,SAAO,KAAK;;CAGd,MAAc,mBAAkC;EAE9C,MAAM,UADU,MAAM,KAAK,gBAAgB,EACpB;AACvB,MAAI,CAAC,OACH,OAAM,IAAI,MAAM,mDAAmD;EAKrE,MAAM,KAAK,IAAI,UACb,GAHa,KAAK,aAAa,QAAQ,SAAS,KAAK,CAG3C,UAFK,gBAAgB,KAAK,KAAK,GAEZ,UAAU,mBAAmB,OAAO,GAAG,GACrE;AACD,OAAK,KAAK;AAEV,QAAM,IAAI,SAAe,SAAS,WAAW;AAC3C,MAAG,KAAK,cAAc,SAAS,CAAC;AAChC,MAAG,KAAK,UAAU,QAAe,OAAO,IAAI,CAAC;IAC7C;AAEF,KAAG,GAAG,YAAY,SAA4B,KAAK,cAAc,KAAK,UAAU,CAAC,CAAC;AAElF,OAAK,kBAAkB,iBAAiB;AACxC,OAAK,kBAAkB,iBAAiB;AAGxC,OAAK,kBAAkB,aAAa;AACpC,OAAK,kBAAkB,cAAc;;;CAIvC,kBAA0B,QAAgB,SAAkC,EAAE,EAAQ;AACpF,MAAI,CAAC,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAAM;EACvD,MAAM,KAAK,KAAK;AAChB,OAAK,GAAG,KAAK,KAAK,UAAU;GAAE;GAAI;GAAQ;GAAQ,CAAC,CAAC;;;;;;CAOtD,KACE,QACA,QACqC;AACrC,SAAO,KAAK,YAAY,QAAS,UAAU,EAAE,CAA6B;;;;;;;CAU5E,YAAY,QAAgB,SAAkC,EAAE,EAAoB;AAClF,MAAI,CAAC,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAC/C,QAAO,QAAQ,uBACb,IAAI,MAAM,+EAA+E,CAC1F;EAEH,MAAM,KAAK,KAAK;EAChB,MAAM,KAAK,KAAK;AAChB,SAAO,IAAI,SAAkB,SAAS,WAAW;AAC/C,QAAK,QAAQ,IAAI,IAAI;IAAE;IAAS;IAAQ,CAAC;AACzC,MAAG,KAAK,KAAK,UAAU;IAAE;IAAI;IAAQ;IAAQ,CAAC,CAAC;IAC/C;;CAGJ,cAAsB,KAAmB;EACvC,MAAM,UAAUC,eAAa,IAAI;AACjC,MAAI,CAAC,QAAS;AAGd,MAAI,OAAO,QAAQ,OAAO,YAAY,KAAK,QAAQ,IAAI,QAAQ,GAAG,EAAE;GAClE,MAAM,SAAS,KAAK,QAAQ,IAAI,QAAQ,GAAG;AAC3C,QAAK,QAAQ,OAAO,QAAQ,GAAG;AAC/B,OAAI,OACF,KAAI,QAAQ,MAAO,QAAO,OAAO,IAAI,MAAM,QAAQ,MAAM,QAAQ,CAAC;OAC7D,QAAO,QAAQ,QAAQ,OAAO;AAErC;;AAIF,MAAI,OAAO,QAAQ,WAAW,SAAU;AACxC,MAAI,CAAC,KAAK,QAAQ,IAAI,QAAQ,OAAuB,CAAE;EACvD,MAAM,QAAQ,QAAQ;EACtB,MAAM,SAAS,KAAK,QAAQ,IAAI,MAAM;AACtC,MAAI,CAAC,OAAQ;AACb,SAAO,KAAK,QAAQ,OAAO;AAC3B,MAAI,OAAO,SAAS,KAAK,WAAY,QAAO,OAAO;AACnD,OAAK,QAAQ,KAAK,OAAO,QAAQ,OAAO;;CAG1C,kBAA0C,OAAyC;AAEjF,SADe,KAAK,QAAQ,IAAI,MAAM,IACpB,EAAE;;CAGtB,GAA2B,OAAU,UAAyD;AAC5F,OAAK,QAAQ,GAAG,OAAO,SAAuC;AAC9D,eAAa,KAAK,QAAQ,IAAI,OAAO,SAAuC;;;CAI9E,QAAc;AACZ,OAAK,IAAI,OAAO;AAChB,OAAK,KAAK;AACV,OAAK,MAAM,UAAU,KAAK,QAAQ,QAAQ,CACxC,QAAO,uBAAO,IAAI,MAAM,gCAAgC,CAAC;AAE3D,OAAK,QAAQ,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC3NxB,MAAM,UAAU,cAAc,OAAO,KAAK,IAAI;AAa9C,SAAS,iBAAmC;CAE1C,MAAM,MAAe,QAAQ,OAAO;AACpC,KACE,OAAO,QAAQ,YACf,QAAQ,QACR,WAAW,OACX,OAAQ,IAA2B,UAAU,WAE7C,QAAO;AAET,OAAM,IAAI,MAAM,4CAA4C;;;;;;;;;;;;;;;;;;AA0D9D,eAAsB,eAAe,UAAiC,EAAE,EAAsB;CAC5F,MAAM,gBAAgB,QAAQ,QAAQ;CACtC,MAAM,OAAO,QAAQ,QAAQ;CAC7B,MAAM,EAAE,eAAe;CAEvB,MAAM,aAAa,cAAc;AASjC,KAAI,WACF,YAAW,GAAG,YAAY,KAAsB,WAAmB;AACjE,MAAI,CAAC,WAAW,IAAI,EAAE;AAGpB,UAAO,MAAM,yDAAyD;AACtE,UAAO,SAAS;AAEhB;;GAIF;AAOJ,OAJa,gBAAgB,CAIlB,MAAM;EAAE,QAAQ;EAAY,QAAQ,GAAG,KAAK,GAAG;EAAiB,MAAM;EAAe,CAAC;CAEjG,MAAM,aAAa,MAAM,IAAI,SAAiB,SAAS,WAAW;AAChE,aAAW,KAAK,SAAS,OAAO;AAChC,aAAW,OAAO,eAAe,YAAY;AAC3C,cAAW,IAAI,SAAS,OAAO;AAG/B,WADa,WAAW,SAAS,CACpB,KAAK;IAClB;GACF;AAEF,QAAO;EACL,MAAM;EACN,SAAS,UAAU,KAAK,GAAG;EAC3B,aACE,IAAI,SAAe,YAAY;AAC7B,cAAW,YAAY,SAAS,CAAC;IACjC;EACL;;;;;;;;;;;;;;;;;;;;;;AC1IH,MAAM,sBAAsB;AAW5B,SAASE,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;AAGhD,SAAS,aAAa,KAAuC;CAC3D,IAAI;AACJ,KAAI;AACF,WAAS,KAAK,MAAM,IAAI;SAClB;AACN,SAAO;;AAET,KAAI,CAACA,WAAS,OAAO,CAAE,QAAO;CAC9B,MAAM,UAA6B,EAAE;AACrC,KAAI,OAAO,OAAO,OAAO,SAAU,SAAQ,KAAK,OAAO;AACvD,KAAI,OAAO,OAAO,WAAW,SAAU,SAAQ,SAAS,OAAO;AAC/D,KAAI,YAAY,OAAQ,SAAQ,SAAS,OAAO;AAChD,KAAI,YAAY,OAAQ,SAAQ,SAAS,OAAO;AAChD,KAAIA,WAAS,OAAO,MAAM,IAAI,OAAO,OAAO,MAAM,YAAY,SAC5D,SAAQ,QAAQ,EAAE,SAAS,OAAO,MAAM,SAAS;AAEnD,QAAO;;AAGT,MAAM,iBAA0C;CAC9C;CACA;CACA;CACD;;;;;;;;;;;;;AAqCD,IAAa,qBAAb,MAAyD;CACvD;CACA;CACA,UAA2B,IAAI,cAAc;CAC7C,0BAA2B,IAAI,KAA8B;CAC7D,0BAA2B,IAAI,KAAwB;CAEvD,KAA+B;CAC/B,gBAAwB;;CAExB,kBAAgD;;CAEhD,0BAA2B,IAAI,KAG5B;CAEH,YAAY,SAAoC;AAC9C,OAAK,kBAAkB,QAAQ,gBAAgB,QAAQ,OAAO,GAAG;AACjE,OAAK,aAAa,QAAQ,cAAc;AACxC,OAAK,MAAM,SAAS,eAAgB,MAAK,QAAQ,IAAI,OAAO,EAAE,CAAC;AAG/D,OAAK,QAAQ,gBAAgB,EAAE;;;;;;;;;CAUjC,MAAc,eAGX;EAED,MAAM,MAAM,MAAM,MAAM,GAAG,KAAK,gBAAgB,OAAO;AACvD,MAAI,CAAC,IAAI,GACP,OAAM,IAAI,MACR,yCAAyC,IAAI,OAAO,GAAG,IAAI,WAAW,wDAEvE;EAEH,MAAM,OAAgB,MAAM,IAAI,MAAM;EACtC,MAAM,OAA6B,MAAM,QAAQ,KAAK,GAAI,OAAgC,EAAE;AAE5F,OAAK,QAAQ,OAAO;EACpB,IAAI,WAAsC;AAE1C,OAAK,MAAM,QAAQ,MAAM;AACvB,OAAI,CAACA,WAAS,KAAK,IAAI,OAAO,KAAK,OAAO,SAAU;GACpD,MAAM,YAAuB;IAC3B,IAAI,KAAK;IACT,OAAO,OAAO,KAAK,UAAU,WAAW,KAAK,QAAQ;IACrD,KAAK,OAAO,KAAK,QAAQ,WAAW,KAAK,MAAM;IAChD;AACD,QAAK,QAAQ,IAAI,KAAK,IAAI,UAAU;AAGpC,OACE,aAAa,QACb,KAAK,SAAS,UACd,OAAO,KAAK,yBAAyB,YACrC,CAAC,qBAAqB,KAAK,IAAI,CAE/B,YAAW;;AAIf,SAAO;GAAE;GAAU,KAAK,CAAC,GAAG,KAAK,QAAQ,QAAQ,CAAC;GAAE;;CAGtD,cAA2B;AACzB,SAAO,CAAC,GAAG,KAAK,QAAQ,QAAQ,CAAC;;;;;;;;CASnC,MAAM,gBAA+B;AACnC,MAAI,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAAM;AACtD,MAAI,KAAK,gBAAiB,QAAO,KAAK;AACtC,OAAK,kBAAkB,KAAK,kBAAkB,CAAC,cAAc;AAC3D,QAAK,kBAAkB;IACvB;AACF,SAAO,KAAK;;CAGd,MAAc,mBAAkC;EAC9C,MAAM,EAAE,aAAa,MAAM,KAAK,cAAc;AAC9C,MAAI,CAAC,SACH,OAAM,IAAI,MACR,oLAGD;EAIH,MAAM,QAAQ,SAAS;EACvB,MAAM,KAAK,IAAI,UAAU,MAAM;AAC/B,OAAK,KAAK;AAEV,QAAM,IAAI,SAAe,SAAS,WAAW;AAC3C,MAAG,KAAK,cAAc,SAAS,CAAC;AAChC,MAAG,KAAK,UAAU,QAAe,OAAO,IAAI,CAAC;IAC7C;AAEF,KAAG,GAAG,YAAY,SAA4B,KAAK,cAAc,KAAK,UAAU,CAAC,CAAC;AAGlF,OAAK,kBAAkB,iBAAiB;AACxC,OAAK,kBAAkB,iBAAiB;AACxC,OAAK,kBAAkB,aAAa;AACpC,OAAK,kBAAkB,cAAc;;;CAIvC,kBAA0B,QAAgB,SAAkC,EAAE,EAAQ;AACpF,MAAI,CAAC,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAAM;EACvD,MAAM,KAAK,KAAK;AAChB,OAAK,GAAG,KAAK,KAAK,UAAU;GAAE;GAAI;GAAQ;GAAQ,CAAC,CAAC;;;;;;CAOtD,KACE,QACA,QACqC;AACrC,SAAO,KAAK,YAAY,QAAS,UAAU,EAAE,CAA6B;;;;;;CAS5E,YAAY,QAAgB,SAAkC,EAAE,EAAoB;AAClF,MAAI,CAAC,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAC/C,QAAO,QAAQ,uBACb,IAAI,MACF,kIAED,CACF;EAEH,MAAM,KAAK,KAAK;EAChB,MAAM,KAAK,KAAK;AAChB,SAAO,IAAI,SAAkB,SAAS,WAAW;AAC/C,QAAK,QAAQ,IAAI,IAAI;IAAE;IAAS;IAAQ,CAAC;AACzC,MAAG,KAAK,KAAK,UAAU;IAAE;IAAI;IAAQ;IAAQ,CAAC,CAAC;IAC/C;;CAGJ,cAAsB,KAAmB;EACvC,MAAM,UAAU,aAAa,IAAI;AACjC,MAAI,CAAC,QAAS;AAGd,MAAI,OAAO,QAAQ,OAAO,YAAY,KAAK,QAAQ,IAAI,QAAQ,GAAG,EAAE;GAClE,MAAM,SAAS,KAAK,QAAQ,IAAI,QAAQ,GAAG;AAC3C,QAAK,QAAQ,OAAO,QAAQ,GAAG;AAC/B,OAAI,OACF,KAAI,QAAQ,MAAO,QAAO,OAAO,IAAI,MAAM,QAAQ,MAAM,QAAQ,CAAC;OAC7D,QAAO,QAAQ,QAAQ,OAAO;AAErC;;AAIF,MAAI,OAAO,QAAQ,WAAW,SAAU;AACxC,MAAI,CAAC,KAAK,QAAQ,IAAI,QAAQ,OAAuB,CAAE;EACvD,MAAM,QAAQ,QAAQ;EACtB,MAAM,SAAS,KAAK,QAAQ,IAAI,MAAM;AACtC,MAAI,CAAC,OAAQ;AACb,SAAO,KAAK,QAAQ,OAAO;AAC3B,MAAI,OAAO,SAAS,KAAK,WAAY,QAAO,OAAO;AACnD,OAAK,QAAQ,KAAK,OAAO,QAAQ,OAAO;;CAG1C,kBAA0C,OAAyC;AAEjF,SADe,KAAK,QAAQ,IAAI,MAAM,IACpB,EAAE;;CAGtB,GAA2B,OAAU,UAAyD;AAC5F,OAAK,QAAQ,GAAG,OAAO,SAAuC;AAC9D,eAAa,KAAK,QAAQ,IAAI,OAAO,SAAuC;;;CAI9E,QAAc;AACZ,OAAK,IAAI,OAAO;AAChB,OAAK,KAAK;AACV,OAAK,MAAM,UAAU,KAAK,QAAQ,QAAQ,CACxC,QAAO,uBAAO,IAAI,MAAM,wCAAwC,CAAC;AAEnE,OAAK,QAAQ,OAAO;;;;AAKxB,SAAS,qBAAqB,KAAsB;AAClD,QACE,QAAQ,MACR,QAAQ,iBACR,QAAQ,kBACR,IAAI,WAAW,cAAc,IAC7B,IAAI,WAAW,YAAY,IAC3B,IAAI,WAAW,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC9PzC,SAAgB,eAAgC;AAC9C,QAAO,IAAI,SAAS,SAAS,WAAW;EACtC,MAAM,SAAS,IAAI,cAAc;AACjC,SAAO,OAAO,GAAG,mBAAmB;GAClC,MAAM,OAAO,OAAO,SAAS;GAC7B,MAAM,OAAO,OAAO,SAAS,YAAY,SAAS,OAAO,KAAK,OAAO;AACrE,UAAO,YAAY;AACjB,QAAI,SAAS,KACX,wBAAO,IAAI,MAAM,iDAAiD,CAAC;QAEnE,SAAQ,KAAK;KAEf;IACF;AACF,SAAO,KAAK,SAAS,OAAO;GAC5B;;;;;;AAOJ,SAAgB,uBAAiC;CAC/C,MAAM,KAAK,UAAU;AACrB,KAAI,OAAO,SACT,QAAO;EACL;EACA;EACA;EACA;EACD;AAEH,KAAI,OAAO,QACT,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACD;AAEH,KAAI,OAAO,SAAS;EAClB,MAAM,eAAe,QAAQ,IAAI,gBAAgB;EACjD,MAAM,kBAAkB,QAAQ,IAAI,wBAAwB;AAC5D,SAAO;GACL,GAAG,aAAa;GAChB,GAAG,gBAAgB;GACnB,GAAG,aAAa;GACjB;;AAEH,QAAO,EAAE;;;AAIX,SAAgB,mBAAkC;AAChD,MAAK,MAAM,KAAK,sBAAsB,CACpC,KAAI,WAAW,EAAE,CAAE,QAAO;AAE5B,QAAO;;;;;;;;;AAUT,eAAsB,eAAe,UAAiC,EAAE,EAA2B;CACjG,MAAM,YAAY,QAAQ,WAAW;CAGrC,MAAM,gBAAgB,QAAQ,QAAQ;CACtC,MAAM,OAAO,kBAAkB,IAAI,MAAM,cAAc,GAAG;CAE1D,MAAM,SAAS,QAAQ,UAAU,QAAQ,IAAI,oBAAoB;CAEjE,MAAM,SAAS,kBAAkB;AACjC,KAAI,WAAW,KACb,OAAM,IAAI,MACR,gHAGE,sBAAsB,CAAC,KAAK,KAAK,CACpC;CAcH,MAAM,QAAsB,UAAU,QAXzB;EACX,2BAA2B;EAC3B;EACA;EAGA;EACA,GAAI,QAAQ,aAAa,EAAE;EAC3B;EACD,EAEmD;EAElD,OAAO;EACP,UAAU;EACX,CAAC;AAGF,OAAM,OAAO;CAEb,MAAM,cAAc,oBAAoB;AAExC,SAAQ,OAAO,MACb,wCAAwC,OAAO,oCACV,YAAY,+BACjB,OAAO,IACxC;AAED,QAAO;EACL;EACA;EACA,OAAa;AACX,OAAI;AACF,UAAM,MAAM;WACN;;EAIX;;;;;;;;ACxKH,eAAsB,oBAA2C;CAC/D,MAAM,EAAE,SAAS,WAAW,MAAM,OAAO;CAEzC,MAAM,SAAiB,cAAc,KAAK,QAAQ;EAEhD,MAAM,CAAC,MAAM,QAAQ,OADN,IAAI,OAAO,KACQ,MAAM,KAAK,EAAE;EAC/C,MAAM,SAAS,IAAI,gBAAgB,SAAS,GAAG;AAE/C,MAAI,SAAS,WAAW;GACtB,MAAM,WAAW,OAAO,IAAI,IAAI,IAAI;GACpC,IAAI;AACJ,OAAI;AACF,gBAAY,mBAAmB,SAAS;WAClC;AACN,QAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,QAAI,IAAI,iBAAiB;AACzB;;GAIF,IAAI,oBAAoB;AACxB,OAAI;IACF,MAAM,UAAU,UAAU,MAAM,4BAA4B;AAC5D,QAAI,UAAU,GACZ,qBAAoB,mBAAmB,QAAQ,GAAG,CAAC,MAAM,GAAG,GAAG;WAE3D;AAKR,UAAO,UAAU,WAAW;IAAE,MAAM;IAAa,sBAAsB;IAAK,CAAC,CAC1E,MAAM,YAAoB;IAGzB,MAAM,OAAO,gBAAgB,SAFX,kBAAkB,QAAQ,aAAa,MAAM,KAAK,EAAE,WAAW,EAAE,CAAC,GAAG,EACjE,UAAU,QAAQ,aAAa,MAAM,KAAK,EAAE,WAAW,EAAE,CAAC,GAAG,CACpB;AAC/D,QAAI,UAAU,KAAK;KACjB,gBAAgB;KAChB,iBAAiB;KAClB,CAAC;AACF,QAAI,IAAI,KAAK;KACb,CACD,YAAY;AACX,QAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,QAAI,IAAI,iBAAiB;KACzB;AACJ;;AAGF,MAAI,SAAS,WAAW;GACtB,MAAM,WAAW,OAAO,IAAI,IAAI,IAAI;GACpC,IAAI;AACJ,OAAI;AACF,gBAAY,mBAAmB,SAAS;WAClC;AACN,QAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,QAAI,IAAI,iBAAiB;AACzB;;AAGF,UAAO,SAAS,WAAW;IAAE,MAAM;IAAO,sBAAsB;IAAK,CAAC,CACnE,MAAM,QAAgB;AACrB,QAAI,UAAU,KAAK;KACjB,gBAAgB;KAChB,iBAAiB;KACjB,kBAAkB,OAAO,IAAI,OAAO;KACrC,CAAC;AACF,QAAI,IAAI,IAAI;KACZ,CACD,YAAY;AACX,QAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,QAAI,IAAI,qBAAqB;KAC7B;AACJ;;AAGF,MAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,MAAI,IAAI,YAAY;GACpB;CAEF,MAAM,aAAa,OAAO,QAAQ,IAAI,uBAAuB,EAAE;AAE/D,OAAM,IAAI,SAAe,SAAS,WAAW;AAC3C,SAAO,OAAO,YAAY,mBAAmB,SAAS,CAAC;AACvD,SAAO,KAAK,SAAS,OAAO;GAC5B;CAEF,MAAM,UAAU,OAAO,SAAS;AAChC,KAAI,CAAC,WAAW,OAAO,YAAY,SACjC,OAAM,IAAI,MAAM,mDAAmD;CAErE,MAAM,OAAO,QAAQ;AAErB,QAAO;EACL;EACA,mBAAmB,WAA2B;AAC5C,UAAO,oBAAoB,KAAK,YAAY,mBAAmB,UAAU;;EAE3E,QAAuB;AACrB,UAAO,IAAI,SAAS,SAAS,WAAW;AACtC,WAAO,OAAO,QAAS,MAAM,OAAO,IAAI,GAAG,SAAS,CAAE;KACtD;;EAEL;;;;;;AAOH,SAAS,gBAAgB,WAAmB,WAAmB,eAA+B;AAC5F,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iCAqCwB,UAAU;yBAClB,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;yBA4BV,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACrKvC,MAAM,yBAAyB,IAAI,IAAY;CAAC;CAAI;CAAO;CAAa;CAAa;CAAM,CAAC;;;;;;;;;;AAW5F,SAAgB,wBAAwB,WAAkC;CAIxE,MAAM,cAAc,UAAU,QAAQ,kCAAkC,GAAG;AAC3E,KAAI,gBAAgB,UAElB,QACE;CAMJ,MAAM,eAAe,YAAY,OAAO,QAAQ;CAChD,MAAM,YAAY,iBAAiB,KAAK,cAAc,YAAY,MAAM,GAAG,aAAa;AAExF,KAAI,uBAAuB,IAAI,UAAU,aAAa,CAAC,CAErD,QACE,wBAFuB,cAAc,KAAK,YAAY,IAAI,UAAU,GAE3B;AAM7C,QAAO;;AAMT,SAAS,cAAc,OAAe,KAAqB;AACzD,KAAI,UAAU,GAAI,QAAO;AACzB,QAAO,MACJ,MAAM,IAAI,CACV,QAAQ,SAAS,SAAS,MAAM,KAAK,MAAM,IAAI,CAAC,OAAO,IAAI,CAC3D,KAAK,IAAI;;;;;;;;;;;;;;;;;;;;;AAsBd,SAAgB,uBACd,WACA,QACA,UACQ;CACR,IAAI;AACJ,KAAI;AACF,UAAQ,IAAI,IAAI,OAAO;SACjB;AACN,QAAM,IAAI,MAAM,iCAAiC,SAAS;;AAE5D,KAAI,MAAM,aAAa,OACrB,OAAM,IAAI,MAAM,2CAA2C,MAAM,SAAS,IAAI,OAAO,GAAG;CAG1F,MAAM,YAAY,UAAU,QAAQ,IAAI;CACxC,MAAM,OAAO,cAAc,KAAK,KAAK,UAAU,MAAM,UAAU;CAC/D,MAAM,aAAa,cAAc,KAAK,YAAY,UAAU,MAAM,GAAG,UAAU;CAE/E,MAAM,aAAa,WAAW,QAAQ,IAAI;CAC1C,MAAM,OAAO,eAAe,KAAK,aAAa,WAAW,MAAM,GAAG,WAAW;CAC7E,IAAI,QAAQ,eAAe,KAAK,KAAK,WAAW,MAAM,aAAa,EAAE;CAErE,MAAM,WAA0B,CAC9B,CAAC,SAAS,IAAI,EACd,CAAC,SAAS,OAAO,CAClB;AAID,KAAI,aAAa,KAAA,KAAa,aAAa,GACzC,UAAS,KAAK,CAAC,MAAM,SAAS,CAAC;AAKjC,SAAQ,cAAc,OAAO,KAAK;AAElC,MAAK,MAAM,CAAC,QAAQ,SAClB,SAAQ,cAAc,OAAO,IAAI;AAEnC,MAAK,MAAM,CAAC,KAAK,UAAU,UAAU;EACnC,MAAM,OAAO,GAAG,IAAI,GAAG,mBAAmB,MAAM;AAChD,UAAQ,UAAU,KAAK,OAAO,GAAG,MAAM,GAAG;;AAG5C,QAAO,GAAG,KAAK,GAAG,QAAQ;;;;;AC1G5B,MAAa,yBAAyB;CACpC;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAUF,aAAa;GACX,MAAM;GACN,YAAY;IACV,YAAY;KACV,MAAM;KACN,aACE;KAGH;IACD,iBAAiB;KACf,MAAM;KACN,aACE;KAGH;IACD,iBAAiB;KACf,MAAM;KACN,aACE;KAGH;IACF;GACD,UAAU,CAAC,aAAa;GACzB;EACF;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAMF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAKF,aAAa;GACX,MAAM;GACN,YAAY,EACV,YAAY;IACV,MAAM;IACN,aAAa;IACd,EACF;GACD,UAAU,CAAC,aAAa;GACzB;EACF;CACD;EACE,MAAM;EACN,aACE;EAOF,aAAa;GACX,MAAM;GACN,YAAY;IACV,MAAM;KACJ,MAAM;KACN,aAAa;KACd;IACD,MAAM;KACJ,MAAM;KACN,aAAa;KACb,OAAO,EAAE;KACV;IACF;GACD,UAAU,CAAC,OAAO;GACnB;EACF;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACF;AAID,MAAM,mBAAmB,IAAI,IAAY,uBAAuB,KAAK,MAAM,EAAE,KAAK,CAAC;AAEnF,SAAgB,gBAAgB,MAAqC;AACnE,QAAO,iBAAiB,IAAI,KAAK;;;;;;;;;;;AAYnC,MAAa,uBAA4C,IAAI,IAAY,CACvE,oBACA,aACD,CAAC;;AAyBF,SAAS,mBAAmB,KAA8B;AACxD,KAAI,IAAI,UAAU,KAAA,GAAW;AAC3B,MAAI,OAAO,IAAI,UAAU,SAAU,QAAO,IAAI;AAC9C,MAAI;AACF,UAAO,KAAK,UAAU,IAAI,MAAM;UAC1B;AACN,UAAO,OAAO,IAAI,MAAM;;;AAG5B,KAAI,IAAI,gBAAgB,KAAA,EAAW,QAAO,IAAI;AAC9C,KAAI,IAAI,cAAc,KAAA,EAAW,QAAO,IAAI;AAC5C,QAAO,IAAI,WAAW,IAAI;;AAG5B,SAAgB,wBAAwB,OAA8C;CACpF,MAAM,OAAO,MAAM,KAAK,IAAI,mBAAmB;AAC/C,QAAO;EACL,OAAO,MAAM;EACb,MAAM,KAAK,KAAK,IAAI;EACpB,WAAW,MAAM;EACjB;EACD;;AAGH,SAAgB,oBAAoB,YAA6C;AAC/E,QAAO,WACJ,kBAAkB,2BAA2B,CAC7C,KAAK,UAAU,wBAAwB,MAAM,CAAC;;AAGnD,SAAgB,oBAAoB,YAA6C;CAC/E,MAAM,WAAW,WAAW,kBAAkB,4BAA4B;CAC1E,MAAM,YAAY,WAAW,kBAAkB,2BAA2B;CAE1E,MAAM,sCAAsB,IAAI,KAA2C;AAC3E,MAAK,MAAM,YAAY,UACrB,qBAAoB,IAAI,SAAS,WAAW,SAAS;AAGvD,QAAO,SAAS,KAAK,YAA2C;EAC9D,MAAM,WAAW,oBAAoB,IAAI,QAAQ,UAAU;AAC3D,SAAO;GACL,WAAW,QAAQ;GACnB,KAAK,QAAQ,QAAQ;GACrB,QAAQ,QAAQ,QAAQ;GACxB,QAAQ,WAAW,SAAS,SAAS,SAAS;GAC9C,YAAY,WAAW,SAAS,SAAS,aAAa;GACtD,WAAW,QAAQ;GACnB,SAAS,WAAW,SAAS,YAAY;GAC1C;GACD;;AASJ,SAAgB,UAAU,YAA2B,QAAuC;AAC1F,QAAO;EAAE,OAAO,WAAW,aAAa;EAAE;EAAQ;;;;;;;;;;;;;;AA6BpD,SAAgB,eAAe,WAAmB,QAA4C;AAC5F,KAAI,CAAC,OAAO,MAAM,OAAO,WAAW,KAClC,OAAM,IAAI,MACR,qGAED;CAEH,MAAM,mBAAmB,wBAAwB,UAAU,IAAI,KAAA;AAC/D,QAAO;EACL,WAAW,uBAAuB,WAAW,OAAO,OAAO;EAC3D,UAAU,OAAO;EACjB,GAAI,qBAAqB,KAAA,IAAY,EAAE,kBAAkB,GAAG,EAAE;EAC/D;;;;;;;;;;;AAgBH,SAAgB,iBAA0B;AACxC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;AAwBT,SAAS,qBAAqB,SAAyD;CACrF,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,SACf,QAAO;EACL;GAAE,KAAK;GAAQ,MAAM,CAAC,QAAQ;GAAE;EAChC;GAAE,KAAK;GAAQ,MAAM;IAAC;IAAM;IAAU;IAAQ;GAAE;EAChD;GAAE,KAAK;GAAQ,MAAM;IAAC;IAAM;IAAiB;IAAQ;GAAE;EACvD;GAAE,KAAK;GAAQ,MAAM;IAAC;IAAM;IAAW;IAAQ;GAAE;EAClD;AAEH,KAAI,aAAa,QACf,QAAO,CACL;EAAE,KAAK;EAAO,MAAM;GAAC;GAAM;GAAS;GAAI;GAAQ;EAAE,EAClD;EAAE,KAAK;EAAY,MAAM,CAAC,+BAA+B,QAAQ;EAAE,CACpE;AAGH,QAAO;EACL;GAAE,KAAK;GAAY,MAAM,CAAC,QAAQ;GAAE;EACpC;GAAE,KAAK;GAAoB,MAAM,CAAC,QAAQ;GAAE;EAC5C;GAAE,KAAK;GAAiB,MAAM,CAAC,QAAQ;GAAE;EACzC;GAAE,KAAK;GAAW,MAAM,CAAC,QAAQ;GAAE;EACnC;GAAE,KAAK;GAAiB,MAAM,CAAC,QAAQ;GAAE;EACzC;GAAE,KAAK;GAAY,MAAM,CAAC,QAAQ;GAAE;EACrC;;;AAIH,SAAS,cAAc,MAAsB;AAE3C,QAAO,KAAK,QAAQ,qBAAqB,gBAAgB;;;AAI3D,MAAM,0BAA0B;CAC9B;CACA;CACA;CACA;CACA;CACA;CACD;AAED,SAAS,sBAAsB,QAAyB;AACtD,QAAO,wBAAwB,MAAM,MAAM,EAAE,KAAK,OAAO,CAAC;;;;;;;;;;;;;;;;;AAkB5D,eAAsB,gBACpB,SACA,QACgC;CAChC,MAAM,EAAE,cAAc,MAAM,OAAO;CAEnC,MAAM,aAAa,qBAAqB,QAAQ;CAChD,MAAM,cAAwB,EAAE;AAEhC,MAAK,MAAM,EAAE,KAAK,UAAU,YAAY;EACtC,MAAM,SAAS,UAAU,KAAK,MAAM;GAAE,UAAU;GAAQ,SAAS;GAAM,CAAC;AAExE,MAAI,OAAO,OAAO;AAEhB,eAAY,KAAK,GAAG,IAAI,IAAI,OAAO,MAAM,UAAU;AACnD;;EAGF,MAAM,SAAS,OAAO,OAAO,WAAW,WAAW,OAAO,SAAS;AACnE,MAAI,OACF,aAAY,KAAK,GAAG,IAAI,IAAI,cAAc,OAAO,MAAM,CAAC,GAAG;AAI7D,MAAI,OAAO,WAAW,KAAK,CAAC,sBAAsB,OAAO,CACvD,QAAO;GAAE,QAAQ;GAAM;GAAS;GAAQ;;AAK5C,QAAO;EACL,QAAQ;EACR;EACA;EACA,OAAO;EACP,eANoB,YAAY,SAAS,IAAI,YAAY,KAAK,KAAK,GAAG,KAAA;EAOvE;;;AAQH,SAAgB,eAAe,YAA0D;AAGvF,QAAO,WAAW,KAAK,mBAAmB;EAAE,OAAO;EAAI,QAAQ;EAAM,CAAC;;;AAIxE,SAAgB,aAAa,YAAuD;AAClF,QAAO,WAAW,KAAK,+BAA+B,EAAE,CAAC;;;AAa3D,eAAsB,eAAe,YAAsD;CACzF,MAAM,EAAE,SAAS,MAAM,WAAW,KAAK,0BAA0B,EAAE,QAAQ,OAAO,CAAC;AACnF,QAAO;EAAE;EAAM,SAAS,yBAAyB;EAAQ,UAAU;EAAa;;;;;;;;;;;;;;;;AAqBlF,MAAa,6BAA6B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAsCxC,MAAM;;;;;;;;AAoDR,SAAgB,wBAAwB,UAAwC;AAC9E,KAAI,OAAO,aAAa,SACtB,OAAM,IAAI,MACR,sDAAsD,OAAO,SAAS,0BACvE;CAEH,IAAI;AACJ,KAAI;AACF,WAAS,KAAK,MAAM,SAAS;SACvB;AACN,QAAM,IAAI,MAAM,sDAAsD,WAAW;;AAEnF,KAAI,OAAO,WAAW,YAAY,WAAW,QAAQ,MAAM,QAAQ,OAAO,CACxE,OAAM,IAAI,MAAM,oDAAoD;CAEtE,MAAM,MAAM;CAEZ,SAAS,cACP,KACqE;EACrE,MAAM,IAAI,IAAI;AACd,MAAI,MAAM,QAAQ,MAAM,KAAA,EAAW,QAAO;AAC1C,MAAI,OAAO,MAAM,SAAU,QAAO;EAClC,MAAM,IAAI;AACV,SAAO;GACL,KAAK,OAAO,EAAE,QAAQ,WAAW,EAAE,MAAM;GACzC,OAAO,OAAO,EAAE,UAAU,WAAW,EAAE,QAAQ;GAC/C,QAAQ,OAAO,EAAE,WAAW,WAAW,EAAE,SAAS;GAClD,MAAM,OAAO,EAAE,SAAS,WAAW,EAAE,OAAO;GAC7C;;AAWH,QAAO;EAAE,QARM,cAAc,SAAS,IAAI;GAAE,KAAK;GAAG,OAAO;GAAG,QAAQ;GAAG,MAAM;GAAG;EAQjE,WAPC,cAAc,YAAY;EAOhB,cANP,OAAO,IAAI,iBAAiB,WAAW,IAAI,eAAe;EAMrC,YALvB,OAAO,IAAI,eAAe,WAAW,IAAI,aAAa;EAKnB,aAJlC,OAAO,IAAI,gBAAgB,WAAW,IAAI,cAAc;EAIT,kBAH1C,OAAO,IAAI,qBAAqB,WAAW,IAAI,mBAAmB;EAGN,WAFnE,OAAO,IAAI,cAAc,WAAW,IAAI,YAAY;EAE0B;;;;;;;;AASlG,eAAsB,gBAAgB,YAAyD;CAC7F,MAAM,SAAS,MAAM,WAAW,KAAK,oBAAoB;EACvD,YAAY;EACZ,eAAe;EACf,cAAc;EACf,CAAC;AACF,KAAI,OAAO,kBAAkB;EAC3B,MAAM,MACJ,OAAO,iBAAiB,WAAW,eACnC,OAAO,iBAAiB,QACxB;AACF,QAAM,IAAI,MAAM,oCAAoC,MAAM;;AAE5D,QAAO,wBAAwB,OAAO,OAAO,MAAM;;;;;;;;;;AAgCrD,eAAsB,SACpB,YACA,YACyB;CACzB,MAAM,SAAS,MAAM,WAAW,KAAK,oBAAoB;EACvD;EACA,eAAe;EACf,cAAc;EACf,CAAC;AACF,KAAI,OAAO,kBAAkB;EAE3B,MAAM,MACJ,OAAO,iBAAiB,WAAW,eACnC,OAAO,iBAAiB,QACxB;AACF,QAAM,IAAI,MAAM,oBAAoB,MAAM;;AAE5C,QAAO;EAAE,OAAO,OAAO,OAAO;EAAO,MAAM,OAAO,OAAO;EAAM;;;;;;;;;;;;;;AA0BjE,SAAgB,uBAAuB,MAAc,MAAyB;AAG5E,QACE,sOAHe,KAAK,UAAU,KAAK,CAQY,OAPhC,KAAK,UAAU,KAAK,CAO4B;;;;;;;;AAenE,SAAgB,uBAAuB,UAAkC;AACvE,KAAI,OAAO,aAAa,SACtB,OAAM,IAAI,MACR,8CAA8C,OAAO,SAAS,0BAC/D;CAEH,IAAI;AACJ,KAAI;AACF,WAAS,KAAK,MAAM,SAAS;SACvB;AAEN,QAAM,IAAI,MAAM,4CAA4C;;AAE9D,KAAI,OAAO,WAAW,YAAY,WAAW,QAAQ,MAAM,QAAQ,OAAO,CACxE,OAAM,IAAI,MAAM,2CAA2C;CAE7D,MAAM,MAAM;AACZ,KAAI,IAAI,OAAO,KACb,QAAO;EAAE,IAAI;EAAM,OAAO,IAAI;EAAO;AAEvC,KAAI,IAAI,OAAO,MACb,QAAO;EAAE,IAAI;EAAO,OAAO,OAAO,IAAI,UAAU,WAAW,IAAI,QAAQ,OAAO,IAAI,MAAM;EAAE;AAE5F,OAAM,IAAI,MAAM,+CAA6C;;;;;;;;;;;;;;AAe/D,eAAsB,QACpB,YACA,MACA,MACwB;CACxB,MAAM,aAAa,uBAAuB,MAAM,KAAK;CACrD,MAAM,SAAS,MAAM,WAAW,KAAK,oBAAoB;EACvD;EACA,eAAe;EACf,cAAc;EACf,CAAC;AACF,KAAI,OAAO,kBAAkB;EAE3B,MAAM,MACJ,OAAO,iBAAiB,WAAW,eACnC,OAAO,iBAAiB,QACxB;AACF,QAAM,IAAI,MAAM,mBAAmB,MAAM;;AAE3C,QAAO,uBAAuB,OAAO,OAAO,MAAM;;;AAQpD,MAAM,iBAAiB,IAAI,IAAY;CACrC;CACA;CACA;CACD,CAAC;;AAGF,SAAgB,cAAc,MAAuB;AACnD,QAAO,eAAe,IAAI,KAAK;;;AAIjC,SAAgB,kBAAkB,QAA+C;AAC/E,QAAO,OAAO,IAAI,wBAAwB;;;AAI5C,SAAgB,aAAa,QAA0C;AACrE,QAAO,OAAO,IAAI,mBAAmB;;;AAIvC,SAAgB,0BAA0B,QAAuD;AAC/F,QAAO,OAAO,IAAI,gCAAgC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACx2BpD,MAAM,YAAY;;AAGlB,MAAM,SAAS;;;;;;;;;;AAWf,SAAgB,aAAa,QAAgB,OAAe,KAAK,KAAK,EAAU;CAC9E,MAAM,MAAM,OAAO,KAAK,QAAQ,MAAM;CAGtC,MAAM,UAAU,KAAK,IAAI,GAAG,KAAK,MAAM,OAAO,MAAO,UAAU,CAAC;CAGhE,MAAM,aAAa,OAAO,MAAM,EAAE;CAGlC,MAAM,KAAK,KAAK,MAAM,UAAU,WAAY;CAC5C,MAAM,KAAK,YAAY;AACvB,YAAW,cAAc,IAAI,EAAE;AAC/B,YAAW,cAAc,IAAI,EAAE;CAE/B,MAAM,MAAM,WAAW,QAAQ,IAAI,CAAC,OAAO,WAAW,CAAC,QAAQ;CAG/D,MAAM,SAAS,IAAI,MAAM;AAQzB,WANI,IAAI,UAAU,QAAS,MACvB,IAAI,SAAS,KAAK,QAAS,MAC3B,IAAI,SAAS,KAAK,QAAS,IAC5B,IAAI,SAAS,KAAK,OAEC,MAAM,QACjB,UAAU,CAAC,SAAS,QAAQ,IAAI;;;;;;;;;;;;;;;;AAiB7C,SAAgB,WACd,QACA,MACA,OAAe,KAAK,KAAK,EACzB,OAAe,GACN;CACT,MAAM,aAAa,OAAO,KAAK,CAAC,SAAS,QAAQ,IAAI;AACrD,KAAI,WAAW,WAAW,UAAU,CAAC,UAAU,KAAK,WAAW,CAC7D,QAAO;CAGT,MAAM,eAAe,OAAO,KAAK,YAAY,OAAO;AAEpD,MAAK,IAAI,QAAQ,CAAC,MAAM,SAAS,MAAM,SAAS;EAE9C,MAAM,WAAW,aAAa,QADb,OAAO,QAAQ,YAAY,IACG;AAE/C,MAAI,gBADgB,OAAO,KAAK,UAAU,OAAO,EAChB,aAAa,CAC5C,QAAO;;AAIX,QAAO;;;;;;;;;;;;;;;;;;;;;ACxFT,SAAgB,sBAA8B;AAC5C,QAAO,YAAY,GAAG,CAAC,SAAS,MAAM;;;AAYxC,eAAe,uBAAsC;CACnD,MAAM,EAAE,eAAe,MAAM,OAAO;AACpC,KAAI,CAAC,WAAW,IAAI,CAClB,OAAM,QAAQ,IAAI;;;;;;AAQtB,eAAsB,iBAAiB,WAAyC;AAC9E,OAAM,sBAAsB;CAE5B,MAAM,SAAS,OAAO,MAAM,oBAAoB,YAAY;CAE5D,MAAM,MAAM,MAAM,IAAI,SAAiB,SAAS,WAAW;EACzD,MAAM,SAAS,aAAqB;AAClC,YAAS;AACT,WAAQ,SAAS;;EAEnB,MAAM,WAAW,QAAe;AAC9B,YAAS;AACT,UAAO,IAAI;;EAEb,MAAM,UAAU,SAAwB;AACtC,YAAS;AACT,0BAAO,IAAI,MAAM,mDAAmD,KAAK,GAAG,CAAC;;EAE/E,MAAM,gBAAgB;AACpB,UAAO,IAAI,OAAO,MAAM;AACxB,UAAO,IAAI,SAAS,QAAQ;AAC5B,UAAO,IAAI,QAAQ,OAAO;;AAE5B,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,KAAK,SAAS,QAAQ;AAC7B,SAAO,KAAK,QAAQ,OAAO;GAC3B;AAEF,QAAO;EACL;EACA,QAAQ,IAAI,QAAQ,UAAU,MAAM;EACpC,YAAY;AACV,UAAO,MAAM;;EAEhB;;;;;;;;;;;;;;;;;;;AAgCH,eAAsB,SAAS,MAA+B;CAG5D,MAAM,EAAE,SAAS,WAAW,MAAM,OAAO;CACzC,MAAM,KAAK,OAAO,OAAO,MAAM,EAAE,sBAAsB,KAAK,CAAC;CAC7D,MAAM,OAAe,GAAG,QAAQ;CAChC,MAAM,OAAmB,GAAG,QAAQ;CAEpC,MAAM,UAAU,GAAW,MAAuB;AAChD,MAAI,IAAI,KAAK,IAAI,KAAK,KAAK,QAAQ,KAAK,KAAM,QAAO;AACrD,SAAO,KAAK,IAAI,OAAO,OAAO;;CAGhC,MAAM,QAAQ;CACd,MAAM,QAAkB,EAAE;AAC1B,MAAK,IAAI,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,GAAG;EAC7C,IAAI,OAAO;AACX,OAAK,IAAI,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK;GAC1C,MAAM,MAAM,OAAO,GAAG,EAAE;GACxB,MAAM,MAAM,OAAO,GAAG,IAAI,EAAE;AAC5B,WAAQ,OAAO,MAAM,MAAM,MAAM,MAAM,MAAM,MAAM;;AAErD,QAAM,KAAK,KAAK;;AAElB,QAAO,GAAG,MAAM,KAAK,KAAK,CAAC;;;;;;;;;;;;AAa7B,eAAsB,mBAAmB,OAA2C;CAIlF,MAAM,KAAK,MAAM,SAAS,MAAM,OAAO;CAEvC,MAAM,WAAW,MAAM,cACnB,+EACA;AAEJ,QAAO;EACL;EACA;EACA;EACA,oBAAoB,MAAM;EAC1B;EACA;EACA;EACA;EACA;EACA;EACA;EACD,CAAC,KAAK,KAAK;;;AAId,eAAsB,kBAAkB,OAAyC;CAC/E,MAAM,SAAS,MAAM,mBAAmB,MAAM;AAC9C,SAAQ,OAAO,MAAM,GAAG,OAAO,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC1DrC,SAAgB,kBAAkB,MAA+B;CAC/D,MAAM,EACJ,YACA,WACA,iBACA,yBAAyB,KACzB,iBACE;CAEJ,MAAM,SAAS,IAAI,OACjB;EAAE,MAAM;EAAa,SAAA;EAAsB,EAG3C,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa,MAAM,EAAE,EAAE,CACnD;AAED,QAAO,kBAAkB,8BAA8B;AAOrD,SAAO,EAAE,OANQ,WAAW,aAAa,CAAC,SAAS,IAE/C,uBAAuB,KAAK,UAAU,EAAE,GAAG,MAAM,EAAE,GACnD,uBAAuB,QAAQ,SAAS,qBAAqB,IAAI,KAAK,KAAK,CAAC,CAAC,KAC1E,UAAU,EAAE,GAAG,MAAM,EACvB,EACW;GAChB;AAEF,QAAO,kBAAkB,uBAAuB,OAAO,YAAY;EACjE,MAAM,OAAO,QAAQ,OAAO;AAC5B,MAAI,CAAC,gBAAgB,KAAK,CACxB,QAAO;GACL,SAAS,CAAC;IAAE,MAAM;IAAQ,MAAM,iBAAiB;IAAQ,CAAC;GAC1D,SAAS;GACV;AAMH,MAAI,cAAc,KAAK,CACrB,KAAI;AACF,SAAM,WAAW,eAAe;AAChC,WAAQ,MAAR;IACE,KAAK,wBACH,QAAOC,aAAW,MAAM,kBAAkB,UAAU,CAAC;IACvD,KAAK,mBACH,QAAOA,aAAW,MAAM,aAAa,UAAU,CAAC;IAClD,KAAK,gCACH,QAAOA,aAAW,MAAM,0BAA0B,UAAU,CAAC;IAC/D,QACE,QAAO,YAAY,KAAK;;WAErB,KAAK;AACZ,UAAO,YAAY,KAAK,KAAK;;AAMjC,MAAI,SAAS,oBAAoB;GAC/B,MAAM,YAAY,QAAQ,OAAO,WAAW;AAC5C,OAAI,OAAO,cAAc,YAAY,cAAc,GACjD,QAAO;IACL,SAAS,CAAC;KAAE,MAAM;KAAQ,MAAM;KAAqD,CAAC;IACtF,SAAS;IACV;GAEH,MAAM,gBAAgB,QAAQ,OAAO,WAAW,oBAAoB;GAEpE,MAAM,gBAAgB,QAAQ,OAAO,WAAW,oBAAoB;AAEpE,OAAI;IACF,MAAM,EAAE,WAAW,UAAU,qBAAqB,eAChD,WACA,iBAAiB,CAClB;IAGD,MAAM,gBAAgB,mBAAmB,sBAAsB,iBAAiB,QAAQ;IAExF,MAAM,SACJ;AAGF,QAAI,iBAAiB,gBAAgB,IAAI,cAAc;KAIrD,MAAM,gBAAgB,MAAM,gBAHZ,aAAa,mBAAmB,UAAU,EAC3C,oBAAoB,aAAa,KAAK,YAAY,mBAAmB,UAAU,GAElC;AAE5D,SAAI,cAAc,QAAQ;MAGxB,MAAM,YACJ,GAAG,gBAAgB,OAAO,IACvB,KAAK,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,4CAEjC,cAAc;AAExB,UAAI,CAAC,cACH,QAAO,EAAE,SAAS,CAAC;OAAE,MAAM;OAAiB,MAAM;OAAW,CAAC,EAAE;MAIlE,MAAM,mBAAmB;MACzB,MAAM,aAAa;MACnB,MAAM,WAAW,KAAK,KAAK,GAAG;MAC9B,IAAI,gBAA0D,EAAE;AAChE,aAAO,KAAK,KAAK,GAAG,UAAU;AAC5B,uBAAgB,WAAW,aAAa;AACxC,WAAI,cAAc,SAAS,EAAG;AAC9B,aAAM,IAAI,SAAe,MAAM,WAAW,GAAG,iBAAiB,CAAC;;AAGjE,UAAI,cAAc,WAAW,EAC3B,QAAO;OACL,SAAS,CACP;QACE,MAAM;QACN,MACE,GAAG,UAAU,8BAA8B,aAAa,IAAK;QAEhE,CACF;OACD,SAAS;OACV;MAGH,MAAM,cAAc,UAAU,YAAY,iBAAiB,CAAC;AAC5D,aAAO,EACL,SAAS,CACP;OACE,MAAM;OACN,MAAM,GAAG,UAAU,MAAM,KAAK,UAAU,aAAa,MAAM,EAAE;OAC9D,CACF,EACF;;KAIH,MAAM,aAAa,cAAc,gBAC7B,aAAa,cAAc,kBAC3B;KACJ,MAAM,eACJ,+CACG,cAAc,QAAQ,gBACV,cAAc,WAC7B,aACA;KACF,MAAM,KAAK,MAAM,SAAS,UAAU;KACpC,MAAM,WAAW,GAAG,gBAAgB,eAAe,OAAO,IAAI,KAAK,UAAU;MAAE;MAAW;MAAU,EAAE,MAAM,EAAE,CAAC,MAAM;AAErH,SAAI,CAAC,cACH,QAAO,EAAE,SAAS,CAAC;MAAE,MAAM;MAAiB,MAAM;MAAU,CAAC,EAAE;KAIjE,MAAM,sBAAsB;KAC5B,MAAM,gBAAgB;KACtB,MAAM,YAAY,KAAK,KAAK,GAAG;KAC/B,IAAI,kBAA4D,EAAE;AAClE,YAAO,KAAK,KAAK,GAAG,WAAW;AAC7B,wBAAkB,WAAW,aAAa;AAC1C,UAAI,gBAAgB,SAAS,EAAG;AAChC,YAAM,IAAI,SAAe,MAAM,WAAW,GAAG,oBAAoB,CAAC;;AAGpE,SAAI,gBAAgB,WAAW,EAC7B,QAAO;MACL,SAAS,CACP;OACE,MAAM;OACN,MACE,GAAG,SAAS,8BAA8B,gBAAgB,IAAK;OAElE,CACF;MACD,SAAS;MACV;KAGH,MAAM,gBAAgB,UAAU,YAAY,iBAAiB,CAAC;AAC9D,YAAO,EACL,SAAS,CACP;MACE,MAAM;MACN,MAAM,GAAG,SAAS,MAAM,KAAK,UAAU,eAAe,MAAM,EAAE;MAC/D,CACF,EACF;;IAIH,MAAM,KAAK,MAAM,SAAS,UAAU;IACpC,MAAM,WAAW,GAAG,gBAAgB,OAAO,IAAI,KAAK,UAAU;KAAE;KAAW;KAAU,EAAE,MAAM,EAAE,CAAC,MAAM;AAEtG,QAAI,CAAC,cACH,QAAO,EACL,SAAS,CAAC;KAAE,MAAM;KAAiB,MAAM;KAAU,CAAC,EACrD;IAMH,MAAM,mBAAmB;IACzB,MAAM,aAAa;IACnB,MAAM,WAAW,KAAK,KAAK,GAAG;IAC9B,IAAI,gBAA0D,EAAE;AAChE,WAAO,KAAK,KAAK,GAAG,UAAU;AAC5B,qBAAgB,WAAW,aAAa;AACxC,SAAI,cAAc,SAAS,EAAG;AAC9B,WAAM,IAAI,SAAe,MAAM,WAAW,GAAG,iBAAiB,CAAC;;AAGjE,QAAI,cAAc,WAAW,EAC3B,QAAO;KACL,SAAS,CACP;MACE,MAAM;MACN,MACE,GAAG,SAAS,8BAA8B,aAAa,IAAK;MAE/D,CACF;KACD,SAAS;KACV;IAGH,MAAM,cAAc,UAAU,YAAY,iBAAiB,CAAC;AAC5D,WAAO,EACL,SAAS,CACP;KACE,MAAM;KACN,MAAM,GAAG,SAAS,MAAM,KAAK,UAAU,aAAa,MAAM,EAAE;KAC7D,CACF,EACF;YACM,KAAK;AACZ,WAAO,YAAY,KAAK,KAAK;;;AAIjC,MAAI;AAGF,SAAM,WAAW,eAAe;WACzB,KAAK;GACZ,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI;AAChE,OAAI,SAAS,aAEX,QAAOA,aAAW,UAAU,YAAY,iBAAiB,CAAC,CAAC;AAE7D,UAAO;IACL,SAAS,CACP;KACE,MAAM;KACN,MAAM,GAAG,QAAQ;KAClB,CACF;IACD,SAAS;IACV;;AAGH,MAAI;AACF,WAAQ,MAAR;IACE,KAAK,wBACH,QAAOA,aAAW,oBAAoB,WAAW,CAAC;IACpD,KAAK,wBACH,QAAOA,aAAW,oBAAoB,WAAW,CAAC;IACpD,KAAK,aACH,QAAOA,aAAW,UAAU,YAAY,iBAAiB,CAAC,CAAC;IAC7D,KAAK,mBACH,QAAOA,aAAW,MAAM,eAAe,WAAW,CAAC;IACrD,KAAK,gBACH,QAAOA,aAAW,MAAM,aAAa,WAAW,CAAC;IACnD,KAAK,mBAAmB;KACtB,MAAM,OAAO,MAAM,eAAe,WAAW;AAC7C,YAAO,EACL,SAAS,CAAC;MAAE,MAAM;MAAkB,MAAM,KAAK;MAAM,UAAU,KAAK;MAAU,CAAC,EAChF;;IAEH,KAAK,oBACH,QAAOA,aAAW,MAAM,gBAAgB,WAAW,CAAC;IACtD,KAAK,YAAY;KACf,MAAM,aAAa,QAAQ,OAAO,WAAW;AAC7C,SAAI,OAAO,eAAe,YAAY,eAAe,GACnD,QAAO;MACL,SAAS,CACP;OAAE,MAAM;OAAiB,MAAM;OAA6C,CAC7E;MACD,SAAS;MACV;AAGH,YAAOA,aAAW,MAAM,SAAS,YAAY,WAAW,CAAC;;IAE3D,KAAK,YAAY;KACf,MAAM,UAAU,QAAQ,OAAO,WAAW;AAC1C,SAAI,OAAO,YAAY,YAAY,YAAY,GAC7C,QAAO;MACL,SAAS,CAAC;OAAE,MAAM;OAAiB,MAAM;OAAuC,CAAC;MACjF,SAAS;MACV;KAEH,MAAM,UAAU,QAAQ,OAAO,WAAW;AAG1C,YAAOA,aAAW,MAAM,QAAQ,YAAY,SAFjB,MAAM,QAAQ,QAAQ,GAAG,UAAU,EAAE,CAEH,CAAC;;IAEhE,QACE,QAAO,YAAY,KAAK;;WAErB,KAAK;AACZ,UAAO,YAAY,KAAK,KAAK;;GAE/B;AAEF,QAAO;;AAGT,SAASA,aAAW,OAAgB;AAClC,QAAO,EAAE,SAAS,CAAC;EAAE,MAAM;EAAiB,MAAM,KAAK,UAAU,OAAO,MAAM,EAAE;EAAE,CAAC,EAAE;;AAGvF,SAAS,YAAY,MAAc;AACjC,QAAO;EAAE,SAAS,CAAC;GAAE,MAAM;GAAiB,MAAM,iBAAiB;GAAQ,CAAC;EAAE,SAAS;EAAM;;AAG/F,SAAS,YAAY,KAAc,MAAc;AAE/C,QAAO;EACL,SAAS,CACP;GACE,MAAM;GACN,MAAM,GAAG,KAAK,WALJ,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI,CAKzB;GAClC,CACF;EACD,SAAS;EACV;;;;;;;;;;;;;;;;AAiBH,SAAgB,mBACd,YACA,QACA,aAAa,KACK;CAClB,IAAI,cAAc,WAAW,aAAa,CAAC,SAAS;AAEpD,KAAI,YACG,QAAO,qBAAqB;CAGnC,MAAM,SAAS,kBAAkB;EAC/B,MAAM,aAAa,WAAW,aAAa,CAAC,SAAS;AACrD,MAAI,CAAC,eAAe,YAAY;AAC9B,iBAAc;AAET,UAAO,qBAAqB;AACjC,iBAAc,OAAO;;IAEtB,WAAW;AAEd,QAAO,EACL,OAAO;AACL,gBAAc,OAAO;IAExB;;;;;;;;;;;;;;;AA4BH,SAAgB,uBAEF;CACZ,MAAM,SAAS,QAAQ,IAAI;AAC3B,KAAI,CAAC,OAAQ,QAAO,KAAA;AAEpB,SAAQ,QAAQ;EAGd,MAAM,SAAS,IAAI,OAAO;EAC1B,MAAM,SAAS,OAAO,QAAQ,IAAI;EAClC,MAAM,WAAW,WAAW,KAAK,KAAK,OAAO,MAAM,SAAS,EAAE;AAK9D,SAAO,WAAW,QAJH,IAAI,gBAAgB,SAAS,CACxB,IAAI,KAAK,IAAI,GAGF;;;;;;;;;;;AAYnC,eAAsB,eAAe,UAAiC,EAAE,EAAiB;CAIvF,MAAM,YAAY,QAAQ,aAAa;CAGvC,MAAM,aAAa,sBAAsB;CACzC,MAAM,cAAc,eAAe,KAAA;CAEnC,MAAM,QAAQ,MAAM,eAAe;EAAE,MAAM;EAAW;EAAY,CAAC;CAGnE,IAAI,SAA6B;CACjC,IAAI,eAA6B;EAAE,IAAI;EAAO,QAAQ;EAAM;AAG7C,sBAAqB;AAShB,kBAAiB,MAAM,KAAK,CAAC,MAC9C,MAAM;AACL,WAAS;AACT,iBAAe;GAAE,IAAI;GAAM,QAAQ,EAAE;GAAQ;AAC7C,SAAO,kBAAkB;GAAE,QAAQ,EAAE;GAAQ;GAAa,CAAC;KAE5D,QAAQ;EACP,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI;AAChE,UAAQ,OAAO,MACb,wDAAwD,QAAQ;EAEjE;GAEJ;CAKD,MAAM,aAAa,IAAI,kBAAkB,EAAE,cAAc,MAAM,SAAS,CAAC;CAEzE,MAAM,YAAY,IAAI,cAAc,WAAW;CAI/C,IAAI;AACC,oBAAmB,CAAC,MACtB,MAAM;AACL,aAAW;KAEZ,QAAiB;EAChB,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI;AAChE,UAAQ,OAAO,MACb,uDAAuD,QAAQ,IAChE;GAEJ;CAED,MAAM,SAAS,kBAAkB;EAC/B;EACA;EACA,uBAAuB;EACvB,IAAI,eAAe;AACjB,UAAO;;EAEV,CAAC;CAEF,MAAM,YAAY,IAAI,sBAAsB;CAU5C,IAAI,SAAS;CACb,IAAI,gBAAyC;CAE7C,MAAM,iBAAiB;AAErB,MAAI,OAAQ;AACZ,WAAS;AAET,iBAAe,MAAM;AACrB,aAAW,OAAO;AAElB,UAAQ,MAAM;AAET,QAAM,OAAO;AACb,SAAO,OAAO;AACd,YAAU,OAAO;;AAIxB,SAAQ,KAAK,UAAU,SAAS;AAChC,SAAQ,KAAK,WAAW,SAAS;AAEjC,SAAQ,KAAK,UAAU,SAAS;AAIhC,SAAQ,GAAG,cAAc;AACvB,MAAI,CAAC,QAAQ;AACX,YAAS;AACT,kBAAe,MAAM;AACrB,WAAQ,MAAM;;GAEhB;AAKF,SAAQ,GAAG,sBAAsB,QAAQ;AACvC,UAAQ,OAAO,MAAM,kCAAkC,OAAO,IAAI,CAAC,IAAI;AACvE,YAAU;AACV,UAAQ,KAAK,EAAE;GACf;AAEF,SAAQ,GAAG,uBAAuB,WAAW;AAC3C,UAAQ,OAAO,MAAM,mCAAmC,OAAO,OAAO,CAAC,IAAI;AAC3E,YAAU;AACV,UAAQ,KAAK,EAAE;GACf;AAEF,OAAM,OAAO,QAAQ,UAAU;AAI/B,iBAAgB,mBAAmB,YAAY,OAAO;;;;;;;;;;;;;;;;;;;;AAkCxD,eAAsB,oBAAoB,UAAsC,EAAE,EAAiB;CAIjG,MAAM,WAAW,MAAM,eAAe;EAAE,MAHxB,QAAQ,WAAW;EAGoB,QAFxC,QAAQ,UAAU,QAAQ,IAAI,oBAAoB;EAEF,CAAC;AAIhE,OAAM,IAAI,SAAe,MAAM,WAAW,GAAG,IAAI,CAAC;CAElD,MAAM,aAAa,IAAI,mBAAmB,EAAE,iBAAiB,SAAS,aAAa,CAAC;CAEpF,MAAM,YAAY,IAAI,cAAc,WAAW;CAK/C,MAAM,eAA6B;EAAE,IAAI;EAAO,QAAQ;EAAM;CAE9D,MAAM,SAAS,kBAAkB;EAC/B;EACA;EACA,uBAAuB;EACxB,CAAC;CAEF,MAAM,YAAY,IAAI,sBAAsB;CAE5C,IAAI,SAAS;CACb,IAAI,gBAAyC;CAE7C,MAAM,iBAAiB;AACrB,MAAI,OAAQ;AACZ,WAAS;AACT,iBAAe,MAAM;AACrB,aAAW,OAAO;AAClB,WAAS,MAAM;AACV,SAAO,OAAO;;AAGrB,SAAQ,KAAK,UAAU,SAAS;AAChC,SAAQ,KAAK,WAAW,SAAS;AACjC,SAAQ,KAAK,UAAU,SAAS;AAEhC,SAAQ,GAAG,cAAc;AACvB,MAAI,CAAC,QAAQ;AACX,YAAS;AACT,kBAAe,MAAM;AACrB,YAAS,MAAM;;GAEjB;AAEF,SAAQ,GAAG,sBAAsB,QAAQ;AACvC,UAAQ,OAAO,MAAM,wCAAwC,OAAO,IAAI,CAAC,IAAI;AAC7E,YAAU;AACV,UAAQ,KAAK,EAAE;GACf;AAEF,SAAQ,GAAG,uBAAuB,WAAW;AAC3C,UAAQ,OAAO,MAAM,yCAAyC,OAAO,OAAO,CAAC,IAAI;AACjF,YAAU;AACV,UAAQ,KAAK,EAAE;GACf;AAEF,OAAM,OAAO,QAAQ,UAAU;AAI/B,iBAAgB,mBAAmB,YAAY,OAAO;;;;AC5uBxD,SAAS,SAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;AAGhD,IAAa,gBAAb,MAAgD;CAC9C;CACA;CAEA,YAAY,SAA+B;AACzC,OAAK,gBAAgB,QAAQ;AAC7B,OAAK,YAAY,QAAQ,eAAe,QAAQ,MAAM,IAAI;;CAG5D,MAAc,aAAoC;EAChD,MAAM,MAAM,MAAM,KAAK,UAAU,KAAK,cAAc;AACpD,MAAI,CAAC,IAAI,GACP,OAAM,IAAI,MACR,mCAAmC,KAAK,cAAc,SAAS,IAAI,OAAO,GAAG,IAAI,WAAW,kGAE7F;EAEH,MAAM,OAAO,MAAM,IAAI,MAAM;AAC7B,SAAO,SAAS,KAAK,GAAG,OAAO,EAAE;;CAGnC,MAAM,IAA6B,QAAqC;AACtE,UAAQ,QAAR;GACE,KAAK,mBAEH,QADc,MAAM,KAAK,YAAY;GAGvC,KAAK,iCAAiC;IACpC,MAAM,QAAQ,MAAM,KAAK,YAAY;AAIrC,WAD0C;KAAE,aAFxB,OAAO,MAAM,gBAAgB,WAAW,MAAM,cAAc;KAEvB,YADtC,OAAO,MAAM,eAAe,WAAW,MAAM,aAAa;KACR;;GAGvE,KAAK,yBAAyB;IAI5B,MAAM,OADQ,MAAM,KAAK,YAAY,EACnB;AAGlB,WADkC,EAAE,OADtB,MAAM,QAAQ,IAAI,GAAI,MAAqC,EAAE,EAChC;;GAG7C,QACE,OAAM,IAAI,MAAM,uBAAuB,OAAO,OAAO,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACzChE,MAAM,uBAAuB;CAC3B;EACE,MAAM;EACN,aACE;EAIF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACF;AAED,MAAM,iBAAiB,IAAI,IAAY,qBAAqB,KAAK,MAAM,EAAE,KAAK,CAAC;;AAQ/E,SAAgB,gBAAgB,OAA4B,EAAE,EAAU;CAEtE,MAAM,gBAAgB,GADF,QAAQ,IAAI,oBAAoB,wBACf;CACrC,MAAM,YAAY,KAAK,aAAa,IAAI,cAAc,EAAE,eAAe,CAAC;CAExE,MAAM,SAAS,IAAI,OACjB;EAAE,MAAM;EAAgB,SAAA;EAAsB,EAC9C,EAAE,cAAc,EAAE,OAAO,EAAE,EAAE,EAAE,CAChC;AAED,QAAO,kBAAkB,+BAA+B,EACtD,OAAO,qBAAqB,KAAK,UAAU,EAAE,GAAG,MAAM,EAAE,EACzD,EAAE;AAEH,QAAO,kBAAkB,uBAAuB,OAAO,YAAY;EACjE,MAAM,OAAO,QAAQ,OAAO;AAC5B,MAAI,CAAC,eAAe,IAAI,KAAK,CAC3B,QAAO;GAAE,SAAS,CAAC;IAAE,MAAM;IAAQ,MAAM,iBAAiB;IAAQ,CAAC;GAAE,SAAS;GAAM;AAGtF,MAAI;GAEF,MAAM,YAAY,SAAS,4BAA4B,qBAAqB;AAC5E,OAAI,CAAC,cAAc,UAAU,CAC3B,QAAO;IAAE,SAAS,CAAC;KAAE,MAAM;KAAQ,MAAM,iBAAiB;KAAQ,CAAC;IAAE,SAAS;IAAM;AAEtF,WAAQ,WAAR;IACE,KAAK,mBACH,QAAO,WAAW,MAAM,aAAa,UAAU,CAAC;IAClD,KAAK,gCACH,QAAO,WAAW,MAAM,0BAA0B,UAAU,CAAC;IAC/D,KAAK,wBACH,QAAO,WAAW,MAAM,kBAAkB,UAAU,CAAC;IACvD,QACE,QAAO;KAAE,SAAS,CAAC;MAAE,MAAM;MAAQ,MAAM,iBAAiB;MAAQ,CAAC;KAAE,SAAS;KAAM;;WAEjF,KAAK;AAEZ,UAAO;IACL,SAAS,CACP;KACE,MAAM;KACN,MACE,GANQ,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI,CAM7C;KAGd,CACF;IACD,SAAS;IACV;;GAEH;AAEF,QAAO;;AAGT,SAAS,WAAW,OAAgB;AAClC,QAAO,EAAE,SAAS,CAAC;EAAE,MAAM;EAAiB,MAAM,KAAK,UAAU,OAAO,MAAM,EAAE;EAAE,CAAC,EAAE;;;AAIvF,eAAsB,eAA8B;CAClD,MAAM,SAAS,iBAAiB;CAChC,MAAM,YAAY,IAAI,sBAAsB;AAC5C,OAAM,OAAO,QAAQ,UAAU;;;;;;;;;;;;;;;;;;;;;;;;AC5HjC,SAAgB,UAAU,MAA+B;AACvD,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KAAK;EACpC,MAAM,MAAM,KAAK;AACjB,MAAI,QAAQ,KAAA,EAAW;AACvB,MAAI,IAAI,WAAW,UAAU,CAC3B,QAAO,cAAc,IAAI,MAAM,EAAiB,CAAC;AAEnD,MAAI,QAAQ,UAAU;GACpB,MAAM,OAAO,KAAK,IAAI;AACtB,OAAI,SAAS,KAAA,EACX,OAAM,IAAI,MAAM,uDAAuD;AAEzE,UAAO,cAAc,KAAK;;;AAG9B,QAAO;;;;;;;;;AAUT,SAAgB,YAAY,MAAiC;AAC3D,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KAAK;EACpC,MAAM,MAAM,KAAK;AACjB,MAAI,QAAQ,KAAA,EAAW;AACvB,MAAI,IAAI,WAAW,YAAY,CAC7B,QAAO,gBAAgB,IAAI,MAAM,EAAmB,CAAC;AAEvD,MAAI,QAAQ,YAAY;GACtB,MAAM,OAAO,KAAK,IAAI;AACtB,OAAI,SAAS,KAAA,EACX,OAAM,IAAI,MAAM,2DAA2D;AAE7E,UAAO,gBAAgB,KAAK;;;AAGhC,QAAO;;AAGT,SAAS,cAAc,OAAqB;AAC1C,KAAI,UAAU,MAAO,QAAO;AAC5B,KAAI,UAAU,QAAS,QAAO;AAC9B,OAAM,IAAI,MAAM,mBAAmB,MAAM,yCAAyC;;AAGpF,SAAS,gBAAgB,OAAuB;AAC9C,KAAI,UAAU,QAAS,QAAO;AAC9B,KAAI,UAAU,QAAS,QAAO;AAC9B,OAAM,IAAI,MAAM,qBAAqB,MAAM,2CAA2C;;AAGxF,eAAe,OAAsB;CACnC,MAAM,OAAO,QAAQ,KAAK,MAAM,EAAE;AAElC,KADa,UAAU,KAAK,KACf,MACX,OAAM,cAAc;UAEL,YAAY,KAAK,KACjB,QACb,OAAM,qBAAqB;KAE3B,OAAM,gBAAgB;;;;;;;;;;;;AAe5B,SAAS,eAAwB;CAC/B,MAAM,QAAQ,KAAK;AACnB,KAAI,UAAU,KAAA,EAAW,QAAO;AAChC,KAAI;AACF,SAAO,cAAc,OAAO,KAAK,IAAI,KAAK,aAAa,MAAM;SACvD;AACN,SAAO;;;AAIX,IAAI,cAAc,CAChB,OAAM,CAAC,OAAO,QAAiB;CAC7B,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI;AAChE,SAAQ,OAAO,MAAM,yBAAyB,QAAQ,IAAI;AAC1D,SAAQ,WAAW;EACnB"}
1	+ {"version":3,"file":"cli.js","names":["isObject","DEFAULT_BUFFER_SIZE","isObject","parseInbound","PHASE_1_EVENTS","isObject","isObject","jsonResult"],"sources":["../../src/mcp/ait-chii-source.ts","../../src/mcp/chii-connection.ts","../../src/mcp/chii-relay.ts","../../src/mcp/local-connection.ts","../../src/mcp/local-launcher.ts","../../src/mcp/qr-http-server.ts","../../src/mcp/deeplink.ts","../../src/mcp/sdk-signatures.ts","../../src/mcp/tools.ts","../../src/mcp/totp.ts","../../src/mcp/tunnel.ts","../../src/mcp/debug-server.ts","../../src/mcp/ait-http-source.ts","../../src/mcp/server.ts","../../src/mcp/cli.ts"],"sourcesContent":["/*\n Debug-mode `AitSource` — forwards `AIT.` methods over the Chii channel.\n \n * The AIT domain (`AIT.getSdkCallHistory` / `getMockState` /\n * `getOperationalEnvironment`) is non-standard CDP: the in-app side registers a\n * handler for these methods and answers them over the same Chii websocket the\n * CDP commands use. Building the AIT source on `ChiiCdpConnection.sendCommand`\n * means both domains share one transport (spec: \"the same MCP server forwards\n * both CDP and AIT domains\").\n \n The in-app `AIT.` handler lives downstream in sdk-example. Here we build\n the MCP-server-side forwarding + the injectable seam; tests inject a fake\n * `AitSource` returning canned responses, so this forwarding layer needs no\n * phone.\n \n Node-only (wraps the relay websocket connection).\n /\n\nimport type {\n AitMethodMap,\n AitMethodName,\n AitMockState,\n AitOperationalEnvironment,\n AitSdkCallHistory,\n AitSource,\n} from './ait-source.js';\n\n/* The slice of `ChiiCdpConnection` this source needs (keeps it testable). /\nexport interface AitCommandSender {\n sendCommand(method: string, params?: Record<string, unknown>): Promise<unknown>;\n}\n\nfunction isObject(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n\n/* Narrows an `AIT.getSdkCallHistory` response, tolerating a missing array. /\nfunction asSdkCallHistory(raw: unknown): AitSdkCallHistory {\n if (isObject(raw) && Array.isArray(raw.calls)) {\n return { calls: raw.calls as AitSdkCallHistory['calls'] };\n }\n return { calls: [] };\n}\n\n/* Narrows an `AIT.getMockState` response to an opaque record. /\nfunction asMockState(raw: unknown): AitMockState {\n return isObject(raw) ? raw : {};\n}\n\n/* Narrows an `AIT.getOperationalEnvironment` response. /\nfunction asOperationalEnvironment(raw: unknown): AitOperationalEnvironment {\n const environment =\n isObject(raw) && typeof raw.environment === 'string' ? raw.environment : 'unknown';\n const sdkVersion = isObject(raw) && typeof raw.sdkVersion === 'string' ? raw.sdkVersion : null;\n return { environment, sdkVersion };\n}\n\nexport class ChiiAitSource implements AitSource {\n constructor(private readonly sender: AitCommandSender) {}\n\n async get<M extends AitMethodName>(method: M): Promise<AitMethodMap[M]> {\n const raw = await this.sender.sendCommand(method);\n // The map's value type is resolved per-key below; the cast is the single\n // narrowing point (each branch returns the precise shape for `method`).\n switch (method) {\n case 'AIT.getSdkCallHistory':\n return asSdkCallHistory(raw) as AitMethodMap[M];\n case 'AIT.getMockState':\n return asMockState(raw) as AitMethodMap[M];\n case 'AIT.getOperationalEnvironment':\n return asOperationalEnvironment(raw) as AitMethodMap[M];\n default:\n throw new Error(`Unknown AIT method: ${String(method)}`);\n }\n }\n}\n","/\n Production `CdpConnection` backed by the local Chii relay.\n \n Topology (debug mode):\n * phone target.js --WS--> Chii relay :9100 <--WS-- this connection\n \n The phone connects to the relay as a `target`; this module connects as a\n * `client` (the role a CDP frontend would take) so CDP events the page emits\n * (`Runtime.consoleAPICalled`, `Network.`) flow back here. We buffer recent\n events in ring buffers the tool layer reads via `getBufferedEvents`.\n \n Node-only: imports `ws`. Never bundled into the browser/in-app entries.\n /\n\nimport { EventEmitter } from 'node:events';\nimport { WebSocket } from 'ws';\nimport type {\n CdpCommandMap,\n CdpCommandName,\n CdpConnection,\n CdpEventMap,\n CdpEventName,\n CdpTarget,\n} from './cdp-connection.js';\n\n/* Max events retained per domain ring buffer. /\nconst DEFAULT_BUFFER_SIZE = 500;\n\n/* A CDP message arriving over the relay websocket. /\ninterface CdpInboundMessage {\n id?: number;\n method?: string;\n params?: unknown;\n result?: unknown;\n error?: { message: string };\n}\n\n/\n Events emitted by `ChiiCdpConnection` for crash / lifecycle notifications.\n * Consumers (e.g. the tool layer) can subscribe with `.onLifecycle(cb)`.\n /\nexport interface TargetLifecycleEvent {\n /\n 'crashed' → Inspector.targetCrashed\n * 'destroyed' → Target.targetDestroyed\n * 'detached' → Target.detachedFromTarget\n * 'replaced' → evicted by single-attach model (last-attach wins)\n /\n kind: 'crashed' \| 'destroyed' \| 'detached' \| 'replaced';\n targetId: string \| null;\n /* ISO timestamp of detection. /\n detectedAt: string;\n}\n\nfunction isObject(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n\nfunction parseInbound(raw: string): CdpInboundMessage \| null {\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n return null;\n }\n if (!isObject(parsed)) return null;\n const message: CdpInboundMessage = {};\n if (typeof parsed.id === 'number') message.id = parsed.id;\n if (typeof parsed.method === 'string') message.method = parsed.method;\n if ('params' in parsed) message.params = parsed.params;\n if ('result' in parsed) message.result = parsed.result;\n if (isObject(parsed.error) && typeof parsed.error.message === 'string') {\n message.error = { message: parsed.error.message };\n }\n return message;\n}\n\nconst PHASE_1_EVENTS: readonly CdpEventName[] = [\n 'Runtime.consoleAPICalled',\n 'Network.requestWillBeSent',\n 'Network.responseReceived',\n];\n\n/\n Ring buffer size for `Runtime.exceptionThrown`.\n \n Exceptions are rarer than console messages but each is heavier (stack\n * trace). 50 is generous enough to cover a crash scenario while keeping\n * memory bounded.\n \n Lifecycle note: the exception buffer intentionally survives `replaced` /\n * `crashed` / `destroyed` lifecycle events — it is NOT cleared on target\n * transitions. Rationale: an exception fired just before a crash is exactly\n * the signal we want to preserve for root-cause analysis. The buffer\n * represents \"exceptions seen in this MCP session\", not \"exceptions in the\n * current page\".\n /\nconst EXCEPTION_BUFFER_SIZE = 50;\n\nexport interface ChiiCdpConnectionOptions {\n /* Base URL of the local Chii relay HTTP/WS server, e.g. `http://127.0.0.1:9100`. /\n relayBaseUrl: string;\n /* Per-domain ring buffer size. /\n bufferSize?: number;\n /\n Default per-command timeout in milliseconds.\n * Override via env `AIT_CDP_COMMAND_TIMEOUT_MS`.\n * Defaults to 30 000 ms (30s).\n /\n commandTimeoutMs?: number;\n}\n\n/* Default per-command timeout if neither option nor env var is set. /\nconst DEFAULT_COMMAND_TIMEOUT_MS = 30_000;\n\n/\n Production CDP connection. Polls the relay for the first attached target,\n * opens a client websocket to it, enables Phase 1 domains, and buffers events.\n /\nexport class ChiiCdpConnection implements CdpConnection {\n private readonly relayBaseUrl: string;\n private readonly bufferSize: number;\n private readonly commandTimeoutMs: number;\n private readonly emitter = new EventEmitter();\n private readonly buffers = new Map<CdpEventName, unknown[]>();\n private readonly targets = new Map<string, CdpTarget>();\n\n private ws: WebSocket \| null = null;\n private connectionState: 'idle' \| 'connected' \| 'disconnected' = 'idle';\n private nextCommandId = 1;\n /\n The single active target id under the single-attach model.\n * Updated by `refreshTargets()` whenever a non-null target is present.\n * Used to detect a new (different) target attach and evict the previous one.\n /\n private activeTargetId: string \| null = null;\n /* In-flight enableDomains() promise — concurrent callers share it. /\n private enablingPromise: Promise<void> \| null = null;\n /* Pending request→response commands keyed by CDP message id. /\n private readonly pending = new Map<\n number,\n { resolve: (result: unknown) => void; reject: (err: Error) => void }\n >();\n\n /\n Timestamp (ms since epoch) of the most recent crash/destroy/detach event,\n * or `null` if no crash has been detected since the last `enableDomains()`.\n /\n private lastCrashDetectedAt: number \| null = null;\n\n /\n Per-target last-seen timestamp (ms since epoch). Updated on any inbound\n * CDP message carrying data from a target. Keyed by target id.\n /\n private readonly targetLastSeenAt = new Map<string, number>();\n\n /* Active heartbeat interval handle (only when `AIT_CDP_HEARTBEAT_MS` is set). /\n private heartbeatHandle: ReturnType<typeof setInterval> \| null = null;\n\n /* Lifecycle event listeners (crash / destroyed / detached). /\n private readonly lifecycleListeners: Array<(event: TargetLifecycleEvent) => void> = [];\n\n constructor(options: ChiiCdpConnectionOptions) {\n this.relayBaseUrl = options.relayBaseUrl.replace(/\\/$/, '');\n this.bufferSize = options.bufferSize ?? DEFAULT_BUFFER_SIZE;\n const envMs = process.env.AIT_CDP_COMMAND_TIMEOUT_MS\n ? Number(process.env.AIT_CDP_COMMAND_TIMEOUT_MS)\n : undefined;\n this.commandTimeoutMs =\n (envMs !== undefined && Number.isFinite(envMs) && envMs > 0 ? envMs : undefined) ??\n options.commandTimeoutMs ??\n DEFAULT_COMMAND_TIMEOUT_MS;\n for (const event of PHASE_1_EVENTS) this.buffers.set(event, []);\n // Exception buffer initialized separately — its per-event size cap\n // (EXCEPTION_BUFFER_SIZE=50) is enforced in handleMessage below.\n this.buffers.set('Runtime.exceptionThrown', []);\n // EventEmitter caps listeners at 10 by default; the tool layer may add\n // several short-lived subscriptions, so lift the cap.\n this.emitter.setMaxListeners(0);\n }\n\n /* Refresh the attached-target list from the relay's `GET /targets`. /\n async refreshTargets(): Promise<CdpTarget[]> {\n const res = await fetch(`${this.relayBaseUrl}/targets`);\n if (!res.ok) {\n throw new Error(`Chii relay /targets returned HTTP ${res.status} ${res.statusText}`);\n }\n const body: unknown = await res.json();\n const list = isObject(body) && Array.isArray(body.targets) ? body.targets : [];\n\n // Single-attach model: find the \"newest\" target id from the relay response.\n // The relay may return multiple targets if the previous session did not cleanly\n // detach. We keep only the last entry (last-attach wins) and evict the previous\n // active target if it differs.\n let newestTargetId: string \| null = null;\n for (const item of list) {\n if (!isObject(item) \|\| typeof item.id !== 'string') continue;\n newestTargetId = item.id; // last wins\n }\n\n // Evict previous active target when a genuinely new targetId arrives.\n if (\n newestTargetId !== null &&\n this.activeTargetId !== null &&\n newestTargetId !== this.activeTargetId\n ) {\n const prevId = this.activeTargetId;\n process.stderr.write(`[ait-debug] 이전 page 세션 종료 — 새 attach로 교체 (prev=${prevId})\\n`);\n this.evictTarget(prevId);\n }\n\n // Rebuild the targets map with at most the single newest target.\n this.targets.clear();\n for (const item of list) {\n if (!isObject(item) \|\| typeof item.id !== 'string') continue;\n // Single-attach model: only register the newest target.\n if (item.id !== newestTargetId) continue;\n this.targets.set(item.id, {\n id: item.id,\n title: typeof item.title === 'string' ? item.title : '',\n url: typeof item.url === 'string' ? item.url : '',\n });\n }\n\n if (newestTargetId !== null) {\n this.activeTargetId = newestTargetId;\n } else {\n this.activeTargetId = null;\n }\n\n return [...this.targets.values()];\n }\n\n listTargets(): CdpTarget[] {\n return [...this.targets.values()];\n }\n\n /\n Timestamp (ms since epoch) of the most recent crash/destroy/detach event\n * detected since the last `enableDomains()` call, or `null` if none.\n /\n getLastCrashDetectedAt(): number \| null {\n return this.lastCrashDetectedAt;\n }\n\n /\n Last-seen timestamp (ms since epoch) for a given target id, or `null` if\n * the target is unknown / no message has been received from it yet.\n /\n getTargetLastSeenAt(targetId: string): number \| null {\n return this.targetLastSeenAt.get(targetId) ?? null;\n }\n\n /* Subscribe to target lifecycle events (crash / destroyed / detached). /\n onLifecycle(listener: (event: TargetLifecycleEvent) => void): () => void {\n this.lifecycleListeners.push(listener);\n return () => {\n const idx = this.lifecycleListeners.indexOf(listener);\n if (idx !== -1) this.lifecycleListeners.splice(idx, 1);\n };\n }\n\n /\n Connect a client websocket to the first attached target and enable Phase 1\n * domains. Resolves once the socket is open and enable commands are sent.\n /\n async enableDomains(): Promise<void> {\n if (this.ws && this.ws.readyState === WebSocket.OPEN) return;\n // If a connect attempt is already in-flight, await it rather than racing\n // to open a second websocket that would overwrite `this.ws` and leak the first.\n if (this.enablingPromise) return this.enablingPromise;\n this.enablingPromise = this._doEnableDomains().finally(() => {\n this.enablingPromise = null;\n });\n return this.enablingPromise;\n }\n\n private async _doEnableDomains(): Promise<void> {\n const targets = await this.refreshTargets();\n const target = targets[0];\n if (!target) {\n throw new Error('No mini-app page attached to the Chii relay yet.');\n }\n\n const wsBase = this.relayBaseUrl.replace(/^http/, 'ws');\n const clientId = `devtools-mcp-${Date.now()}`;\n const ws = new WebSocket(\n `${wsBase}/client/${clientId}?target=${encodeURIComponent(target.id)}`,\n );\n this.ws = ws;\n\n await new Promise<void>((resolve, reject) => {\n ws.once('open', () => resolve());\n ws.once('error', (err: Error) => reject(err));\n });\n\n // Reset crash state when a new connection is established.\n this.lastCrashDetectedAt = null;\n this.targetLastSeenAt.clear();\n // activeTargetId is already set by refreshTargets() above; don't reset here.\n\n this.connectionState = 'connected';\n ws.on('message', (data: WebSocket.RawData) => this.handleMessage(data.toString()));\n ws.on('close', () => this.handleDisconnect('relay WebSocket 연결이 끊겼습니다'));\n ws.on('error', (err: Error) => this.handleDisconnect(`relay WebSocket 오류: ${err.message}`));\n\n this.sendFireAndForget('Runtime.enable');\n this.sendFireAndForget('Network.enable');\n // DOM/Page domains back the Phase 2 command tools; Chii answers their\n // request→response commands once enabled.\n this.sendFireAndForget('DOM.enable');\n this.sendFireAndForget('Page.enable');\n // Subscribe to page-level crash and target lifecycle events.\n // Inspector.targetCrashed fires when a page OOM/JS-crash/native-bridge crash.\n // Target.setDiscoverTargets enables Target.targetDestroyed + Target.detachedFromTarget.\n this.sendFireAndForget('Inspector.enable');\n this.sendFireAndForget('Target.setDiscoverTargets', { discover: true });\n\n // Optional heartbeat: env AIT_CDP_HEARTBEAT_MS=N enables a ping loop.\n this.startHeartbeat(target.id);\n }\n\n /* Fire-and-forget CDP message (used for `.enable`, no result awaited). /\n private sendFireAndForget(method: string, params: Record<string, unknown> = {}): void {\n if (!this.ws \|\| this.ws.readyState !== WebSocket.OPEN) return;\n const id = this.nextCommandId++;\n this.ws.send(JSON.stringify({ id, method, params }));\n }\n\n /*\n Issue a CDP command and resolve with its result (Phase 2). Rejects on a CDP\n * error frame or when no websocket is open (no page attached yet).\n /\n send<M extends CdpCommandName>(\n method: M,\n params?: CdpCommandMap[M]['params'],\n ): Promise<CdpCommandMap[M]['result']> {\n return this.sendCommand(method, (params ?? {}) as Record<string, unknown>) as Promise<\n CdpCommandMap[M]['result']\n >;\n }\n\n /\n Issue an arbitrary request→response command over the relay and resolve with\n * its raw result. Both the typed CDP {@link send} and the AIT domain (Phase 3\n * `AIT.` methods, forwarded over the same Chii channel) build on this.\n \n * Rejects immediately if the connection is disconnected (fail-fast — no\n * auto-reconnect). Caller should re-run `list_pages` or `enableDomains` to\n * reattach.\n \n Times out after `commandTimeoutMs` (default 30s, env\n * `AIT_CDP_COMMAND_TIMEOUT_MS`). On timeout the pending entry is cleaned up\n * and the promise rejects with a descriptive Korean error.\n /\n sendCommand(method: string, params: Record<string, unknown> = {}): Promise<unknown> {\n // Fail-fast: connection already known to be dead — don't write into a dead socket.\n if (this.connectionState === 'disconnected') {\n return Promise.reject(\n new Error(\n `relay에 연결되어 있지 않습니다 (${method}). list_pages로 attach 상태를 확인하고 enableDomains()로 재연결하세요.`,\n ),\n );\n }\n if (!this.ws \|\| this.ws.readyState !== WebSocket.OPEN) {\n return Promise.reject(\n new Error('No mini-app page attached to the Chii relay yet. Call enableDomains() first.'),\n );\n }\n const id = this.nextCommandId++;\n const ws = this.ws;\n const timeoutMs = this.commandTimeoutMs;\n return new Promise<unknown>((resolve, reject) => {\n const handle = setTimeout(() => {\n this.pending.delete(id);\n reject(\n new Error(\n `CDP 명령이 타임아웃됐습니다 (${method}, ${timeoutMs}ms). ` +\n '폰 측 토스 앱이 백그라운드로 내려갔거나 미니앱이 unload됐을 수 있습니다. ' +\n 'list_pages로 attach 상태를 확인하세요.',\n ),\n );\n }, timeoutMs);\n this.pending.set(id, {\n resolve: (v) => {\n clearTimeout(handle);\n resolve(v);\n },\n reject: (e) => {\n clearTimeout(handle);\n reject(e);\n },\n });\n ws.send(JSON.stringify({ id, method, params }));\n });\n }\n\n /\n Called on WebSocket `close` or `error` after a successful connection.\n * Rejects all pending commands and marks the connection as disconnected so\n * subsequent `sendCommand` calls fail fast (no auto-reconnect).\n /\n private handleDisconnect(reason: string): void {\n if (this.connectionState === 'disconnected') return; // already handled\n this.connectionState = 'disconnected';\n this.ws = null;\n this.stopHeartbeat();\n const err = new Error(\n `${reason}. list_pages로 attach 상태를 확인하고 enableDomains()로 재연결하세요.`,\n );\n for (const waiter of this.pending.values()) {\n waiter.reject(err);\n }\n this.pending.clear();\n }\n\n /\n Evict a previously active target under the single-attach model.\n * Rejects pending commands with a 'replaced-by-new-attach' reason and emits\n * a 'replaced' lifecycle event. Does NOT clear all targets — only the specific\n * targetId. The caller is responsible for rebuilding the targets map afterwards.\n \n The error message uses 'replaced-by-new-attach' so test assertions can match it.\n /\n private evictTarget(targetId: string): void {\n const detectedAt = new Date().toISOString();\n this.targets.delete(targetId);\n this.targetLastSeenAt.delete(targetId);\n\n const err = new Error(\n `[ait-debug] replaced-by-new-attach — 이전 page 세션이 새 attach로 교체됐습니다 (targetId=${targetId}). ` +\n 'list_pages로 현재 attach 상태를 확인하세요.',\n );\n for (const waiter of this.pending.values()) {\n waiter.reject(err);\n }\n this.pending.clear();\n\n const event: TargetLifecycleEvent = { kind: 'replaced', targetId, detectedAt };\n for (const listener of this.lifecycleListeners) {\n try {\n listener(event);\n } catch {\n // Listeners must not crash the connection.\n }\n }\n }\n\n /\n Handle a page-level crash or target destruction event.\n * Removes the target from the in-memory map, rejects all pending commands,\n * and emits a lifecycle event.\n \n @param kind - Event kind: 'crashed' \| 'destroyed' \| 'detached'\n * @param targetId - The target ID from the event params (may be null for\n * Inspector.targetCrashed which has no targetId in the params).\n /\n private handleTargetGone(kind: TargetLifecycleEvent['kind'], targetId: string \| null): void {\n const detectedAt = new Date().toISOString();\n this.lastCrashDetectedAt = Date.now();\n\n // Remove matching target(s) from the in-memory map.\n if (targetId !== null) {\n this.targets.delete(targetId);\n this.targetLastSeenAt.delete(targetId);\n // Also clear activeTargetId when the active target is gone.\n if (this.activeTargetId === targetId) {\n this.activeTargetId = null;\n }\n } else {\n // Inspector.targetCrashed carries no targetId — clear all targets.\n this.targets.clear();\n this.targetLastSeenAt.clear();\n this.activeTargetId = null;\n }\n\n // Reject pending commands with a descriptive Korean error.\n const label =\n kind === 'crashed'\n ? 'page crash (Inspector.targetCrashed)'\n : kind === 'destroyed'\n ? 'target 종료 (Target.targetDestroyed)'\n : 'target detach (Target.detachedFromTarget)';\n const err = new Error(\n `[ait-debug] ${label} 감지됨 — relay에서 제거됐습니다. ` +\n '새 attach가 필요합니다 (list_pages로 확인 → enableDomains()로 재연결).',\n );\n for (const waiter of this.pending.values()) {\n waiter.reject(err);\n }\n this.pending.clear();\n\n // Notify lifecycle listeners.\n const event: TargetLifecycleEvent = { kind, targetId, detectedAt };\n for (const listener of this.lifecycleListeners) {\n try {\n listener(event);\n } catch {\n // Listeners must not crash the connection.\n }\n }\n }\n\n /\n Start the optional CDP heartbeat loop.\n \n When `AIT_CDP_HEARTBEAT_MS` is set to a positive integer, every interval\n * we send `Runtime.evaluate({expression: '1'})` to each active target. If\n * the command times out (2 s hard deadline) or errors, we treat the target\n * as dead and call `handleTargetGone`.\n \n This is a zombie-detector fallback: cloudflared keeps-alive the tunnel ws\n * even when the phone app has crashed, so the ws-level disconnect (#252) won't\n * fire. The heartbeat catches this gap.\n \n Default: OFF. Only activates when `AIT_CDP_HEARTBEAT_MS` is set.\n /\n private startHeartbeat(initialTargetId: string): void {\n this.stopHeartbeat(); // clear any previous interval\n\n const envMs = process.env.AIT_CDP_HEARTBEAT_MS\n ? Number(process.env.AIT_CDP_HEARTBEAT_MS)\n : undefined;\n if (envMs === undefined \|\| !Number.isFinite(envMs) \|\| envMs <= 0) return;\n\n const PING_TIMEOUT_MS = 2_000;\n\n this.heartbeatHandle = setInterval(() => {\n // Take a snapshot of current targets to avoid mutation during iteration.\n const targetIds = this.targets.size > 0 ? [...this.targets.keys()] : [initialTargetId];\n for (const targetId of targetIds) {\n // Issue a lightweight eval with a 2 s deadline.\n const pingPromise = this.sendCommand('Runtime.evaluate', {\n expression: '1',\n returnByValue: true,\n timeout: PING_TIMEOUT_MS,\n });\n const timeoutPromise = new Promise<never>((_, reject) =>\n setTimeout(\n () => reject(new Error('heartbeat timeout')),\n PING_TIMEOUT_MS + 500, // slightly longer than the CDP timeout\n ),\n );\n Promise.race([pingPromise, timeoutPromise]).catch(() => {\n // Ping failed: mark target as dead if it still exists in the map.\n if (this.targets.has(targetId)) {\n this.handleTargetGone('destroyed', targetId);\n }\n });\n }\n }, envMs) as unknown as ReturnType<typeof setInterval>;\n }\n\n private stopHeartbeat(): void {\n if (this.heartbeatHandle !== null) {\n clearInterval(this.heartbeatHandle);\n this.heartbeatHandle = null;\n }\n }\n\n private handleMessage(raw: string): void {\n const message = parseInbound(raw);\n if (!message) return;\n\n // Command response (has an id matching a pending request).\n if (typeof message.id === 'number' && this.pending.has(message.id)) {\n const waiter = this.pending.get(message.id);\n this.pending.delete(message.id);\n if (waiter) {\n if (message.error) waiter.reject(new Error(message.error.message));\n else waiter.resolve(message.result);\n }\n return;\n }\n\n // Any inbound message implies the connection is active — update lastSeenAt\n // for whichever target we currently know about (single-target model).\n const now = Date.now();\n for (const targetId of this.targets.keys()) {\n this.targetLastSeenAt.set(targetId, now);\n }\n\n if (typeof message.method !== 'string') return;\n\n // --- Target lifecycle events ---\n\n // Inspector.targetCrashed: page OOM / JS exception / native bridge crash.\n // Params are usually empty; no targetId field in the event.\n if (message.method === 'Inspector.targetCrashed') {\n this.handleTargetGone('crashed', null);\n return;\n }\n\n // Target.targetDestroyed: params = { targetId: string }\n if (message.method === 'Target.targetDestroyed') {\n const targetId =\n isObject(message.params) && typeof message.params.targetId === 'string'\n ? message.params.targetId\n : null;\n this.handleTargetGone('destroyed', targetId);\n return;\n }\n\n // Target.detachedFromTarget: params = { sessionId, targetId? }\n if (message.method === 'Target.detachedFromTarget') {\n const targetId =\n isObject(message.params) && typeof message.params.targetId === 'string'\n ? message.params.targetId\n : null;\n this.handleTargetGone('detached', targetId);\n return;\n }\n\n // --- Phase 1 event stream (buffered ring-buffer) ---\n if (!this.buffers.has(message.method as CdpEventName)) return;\n const event = message.method as CdpEventName;\n const buffer = this.buffers.get(event);\n if (!buffer) return;\n buffer.push(message.params);\n // Runtime.exceptionThrown uses a dedicated smaller cap (50); all other\n // Phase 1 events use the default bufferSize (500).\n const cap = event === 'Runtime.exceptionThrown' ? EXCEPTION_BUFFER_SIZE : this.bufferSize;\n if (buffer.length > cap) buffer.shift();\n this.emitter.emit(event, message.params);\n }\n\n getBufferedEvents<E extends CdpEventName>(event: E): ReadonlyArray<CdpEventMap[E]> {\n const buffer = this.buffers.get(event);\n return (buffer ?? []) as ReadonlyArray<CdpEventMap[E]>;\n }\n\n on<E extends CdpEventName>(event: E, listener: (payload: CdpEventMap[E]) => void): () => void {\n this.emitter.on(event, listener as (payload: unknown) => void);\n return () => this.emitter.off(event, listener as (payload: unknown) => void);\n }\n\n /* Close the relay client websocket and reject any in-flight commands. /\n close(): void {\n const ws = this.ws;\n this.stopHeartbeat();\n // handleDisconnect clears this.ws and pending; call it first so the 'close'\n // event from ws.close() below is a no-op (already disconnected).\n this.handleDisconnect('Chii relay connection closed');\n ws?.close();\n }\n}\n","/\n Boots the local Chii relay server.\n \n Chii (liriliri/chii) is a chobitsu-based CDP relay that lets non-Chrome\n * WebViews (iOS WKWebView / Android WebView — i.e. the Toss app) expose CDP.\n * The relay accepts a `target` websocket from the phone's injected `target.js`\n * and `client` websockets from CDP frontends (our MCP connection).\n \n Node-only: `chii` pulls in Koa + ws. Never bundled into the browser/in-app\n * entries.\n \n TOTP auth (relay-side, authoritative gate):\n * When `verifyAuth` is provided, this module registers an HTTP upgrade\n * listener on the server BEFORE calling `chii.start({server})`. Node's\n * `http.Server` allows multiple 'upgrade' listeners; the first to call\n * `socket.destroy()` wins. Invalid auth → 401 + destroy (chii never sees\n * the connection). Valid auth → return without side-effect (chii handles it).\n \n Threat model: \"URL leak\" — someone obtains the tunnel URL (Slack paste, QR\n * screenshot, shoulder-surfing) but does not have the shared TOTP secret.\n * Rotating 6-digit code makes the URL stale after 30 s.\n * A determined attacker who extracts the secret from the dogfood bundle can\n * still compute valid codes; that is out of scope (see umbrella CLAUDE.md §4).\n \n SECRET-HANDLING: The secret value and computed TOTP codes MUST NOT appear\n * in any log, error message, or process output. `verifyAuth` is a black-box\n * predicate from the caller's perspective; this module only forwards pass/fail.\n /\n\nimport { createServer, type IncomingMessage, type Server } from 'node:http';\nimport { createRequire } from 'node:module';\nimport type { AddressInfo } from 'node:net';\nimport type { Duplex } from 'node:stream';\n\nconst require = createRequire(import.meta.url);\n\n/* `chii/server` is CommonJS and shipped without TypeScript types. /\ninterface ChiiServerModule {\n start(options: {\n port?: number;\n host?: string;\n domain?: string;\n server?: Server;\n basePath?: string;\n }): Promise<void>;\n}\n\nfunction loadChiiServer(): ChiiServerModule {\n // `chii`'s package `main` is `./server/index.js`, exposing `{ start }`.\n const mod: unknown = require('chii');\n if (\n typeof mod === 'object' &&\n mod !== null &&\n 'start' in mod &&\n typeof (mod as { start: unknown }).start === 'function'\n ) {\n return mod as ChiiServerModule;\n }\n throw new Error('chii server module did not expose start()');\n}\n\nexport interface ChiiRelay {\n port: number;\n /* Base URL for the relay HTTP/WS server, e.g. `http://127.0.0.1:54321`. /\n baseUrl: string;\n close(): Promise<void>;\n}\n\nexport interface StartChiiRelayOptions {\n /\n Local port for the relay. Default 0 (OS-assigned ephemeral port).\n \n Using 0 means the OS picks a free port — this is the safe default because\n * a stale cloudflared child process (PPID 1, orphaned after SIGKILL) may still\n * be holding a fixed port. A fixed port causes EADDRINUSE on the next startup,\n * which makes the MCP handshake fail with -32000. With port 0 the new relay\n * always gets a fresh port, making any orphaned process harmless.\n \n Pass an explicit number to restore fixed-port behaviour (backwards-compatible).\n /\n port?: number;\n /* Bind host. Default 127.0.0.1 (tunnel reaches it locally). /\n host?: string;\n /\n Optional auth predicate for WebSocket upgrade requests.\n \n When provided, every inbound WebSocket upgrade is checked by calling\n * `verifyAuth(req)` before Chii processes it. Return `true` to allow the\n * upgrade; return `false` to reject with HTTP 401 and destroy the socket.\n \n The predicate MUST NOT log the secret or any TOTP code — it is a black-box\n * from this module's perspective.\n \n @param req - The raw HTTP `IncomingMessage` from the upgrade handshake.\n * Inspect `req.url` for query parameters (e.g. `at=<code>`).\n * @returns `true` if the upgrade is authorised, `false` to reject.\n /\n verifyAuth?: (req: IncomingMessage) => boolean;\n}\n\n/\n Starts the Chii relay and resolves once listening.\n \n Default port is 0 (OS-assigned). With port 0 the OS picks a free ephemeral\n * port on every start, so a stale cloudflared orphan holding any particular\n * port cannot cause EADDRINUSE. The resolved `ChiiRelay.port` and `baseUrl`\n * always reflect the actual bound port.\n \n chii.start() is called with `server` (our pre-created httpServer) BEFORE\n * httpServer.listen(). This is intentional: chii attaches its Koa handler and\n * WS upgrade listener to the server object, but the actual TCP bind is\n * performed by our httpServer.listen() call below. The `port`/`domain` values\n * passed to chii.start() are used for display/banner purposes inside chii and\n * do not affect which port the server binds. The connection path (clients\n * connecting to `relay.baseUrl`) always uses the post-listen confirmed port.\n /\nexport async function startChiiRelay(options: StartChiiRelayOptions = {}): Promise<ChiiRelay> {\n const requestedPort = options.port ?? 0;\n const host = options.host ?? '127.0.0.1';\n const { verifyAuth } = options;\n\n const httpServer = createServer();\n\n // Register our auth listener BEFORE chii.start() so it fires first.\n // Node's http.Server emits 'upgrade' to all listeners in registration order;\n // the first to destroy() the socket wins. Valid requests return without\n // side-effect so chii's own upgrade handler takes over normally.\n //\n // We only register when verifyAuth is provided so the no-auth path is\n // zero-overhead for tests and local-only dev sessions.\n if (verifyAuth) {\n httpServer.on('upgrade', (req: IncomingMessage, socket: Duplex) => {\n if (!verifyAuth(req)) {\n // Reject: send a minimal HTTP 401 response and close the socket.\n // We do NOT log req.url or any auth param here to avoid leaking codes.\n socket.write('HTTP/1.1 401 Unauthorized\\r\\nContent-Length: 0\\r\\n\\r\\n');\n socket.destroy();\n // Early return — chii's handler is NOT called for this socket.\n return;\n }\n // Auth passed: no-op. Chii's upgrade listener (registered below by\n // chii.start) will handle the rest.\n });\n }\n\n const chii = loadChiiServer();\n // Passing an existing `server` makes chii attach its Koa handler + WS upgrade\n // to our HTTP server rather than creating its own listener.\n // Note: port/domain here are display-only inside chii — the TCP bind is ours.\n await chii.start({ server: httpServer, domain: `${host}:${requestedPort}`, port: requestedPort });\n\n const actualPort = await new Promise<number>((resolve, reject) => {\n httpServer.once('error', reject);\n httpServer.listen(requestedPort, host, () => {\n httpServer.off('error', reject);\n // httpServer.address() is non-null immediately after the listen callback.\n const addr = httpServer.address() as AddressInfo;\n resolve(addr.port);\n });\n });\n\n return {\n port: actualPort,\n baseUrl: `http://${host}:${actualPort}`,\n close: () =>\n new Promise<void>((resolve) => {\n httpServer.close(() => resolve());\n }),\n };\n}\n","/\n Local-browser `CdpConnection` — attaches directly to a Chromium instance\n * started with `--remote-debugging-port=<port>`.\n \n Topology (local debug mode, env 1):\n * Chromium --CDP WS--> this connection <--stdio--> MCP host\n \n The core insight: local Chromium and the phone's Toss WebView both speak\n * Chrome DevTools Protocol. The only difference is the attach strategy — how\n * you reach the CDP endpoint. Here we hit the Chromium DevTools HTTP endpoint\n * (`GET /json`) to discover per-target websocket URLs, then connect directly.\n * The Chii relay (env 2/3) uses `GET /targets` + `/client/<id>?target=<id>`.\n * Every tool (list_console_messages, get_dom_document, take_screenshot, …)\n * reads only the `CdpConnection` interface and works unchanged on both.\n \n Node-only: imports `ws`. Never bundled into the browser/in-app entries.\n /\n\nimport { EventEmitter } from 'node:events';\nimport { WebSocket } from 'ws';\nimport type {\n CdpCommandMap,\n CdpCommandName,\n CdpConnection,\n CdpEventMap,\n CdpEventName,\n CdpTarget,\n} from './cdp-connection.js';\n\n/* Max events retained per domain ring buffer. /\nconst DEFAULT_BUFFER_SIZE = 500;\n\n/* A CDP message arriving over the local Chromium websocket. /\ninterface CdpInboundMessage {\n id?: number;\n method?: string;\n params?: unknown;\n result?: unknown;\n error?: { message: string };\n}\n\nfunction isObject(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n\nfunction parseInbound(raw: string): CdpInboundMessage \| null {\n let parsed: unknown;\n try {\n parsed = JSON.parse(raw);\n } catch {\n return null;\n }\n if (!isObject(parsed)) return null;\n const message: CdpInboundMessage = {};\n if (typeof parsed.id === 'number') message.id = parsed.id;\n if (typeof parsed.method === 'string') message.method = parsed.method;\n if ('params' in parsed) message.params = parsed.params;\n if ('result' in parsed) message.result = parsed.result;\n if (isObject(parsed.error) && typeof parsed.error.message === 'string') {\n message.error = { message: parsed.error.message };\n }\n return message;\n}\n\nconst PHASE_1_EVENTS: readonly CdpEventName[] = [\n 'Runtime.consoleAPICalled',\n 'Network.requestWillBeSent',\n 'Network.responseReceived',\n];\n\n/\n A target entry from the Chromium DevTools HTTP `/json` endpoint.\n * Each page target includes a `webSocketDebuggerUrl` pointing directly at the\n * target's CDP websocket — no relay URL indirection.\n /\ninterface ChromiumJsonTarget {\n id: string;\n title: string;\n url: string;\n type: string;\n webSocketDebuggerUrl?: string;\n}\n\nexport interface LocalCdpConnectionOptions {\n /\n Base URL of the Chromium DevTools HTTP server, e.g. `http://127.0.0.1:9222`.\n * The connection hits `<devtoolsHttpUrl>/json` to discover targets.\n /\n devtoolsHttpUrl: string;\n /* Per-domain ring buffer size. Default 500. /\n bufferSize?: number;\n}\n\n/\n `CdpConnection` that attaches directly to a local Chromium over its built-in\n * CDP websocket. Mirrors `ChiiCdpConnection`'s buffering/command-routing/event\n * logic — same `parseInbound`, ring-buffer, `pending` map patterns — but the\n * attach strategy differs:\n \n Chii relay: `GET /targets` → open `/client/<id>?target=<id>` WS\n * Local CDP: `GET /json` → open `webSocketDebuggerUrl` per target directly\n \n Target selection: first `type === 'page'` target whose URL is not\n * `about:blank`, `about:newtab`, or a devtools:// URL.\n /\nexport class LocalCdpConnection implements CdpConnection {\n private readonly devtoolsHttpUrl: string;\n private readonly bufferSize: number;\n private readonly emitter = new EventEmitter();\n private readonly buffers = new Map<CdpEventName, unknown[]>();\n private readonly targets = new Map<string, CdpTarget>();\n\n private ws: WebSocket \| null = null;\n private nextCommandId = 1;\n /* In-flight enableDomains() promise — concurrent callers share it. /\n private enablingPromise: Promise<void> \| null = null;\n /* Pending request→response commands keyed by CDP message id. /\n private readonly pending = new Map<\n number,\n { resolve: (result: unknown) => void; reject: (err: Error) => void }\n >();\n\n constructor(options: LocalCdpConnectionOptions) {\n this.devtoolsHttpUrl = options.devtoolsHttpUrl.replace(/\\/$/, '');\n this.bufferSize = options.bufferSize ?? DEFAULT_BUFFER_SIZE;\n for (const event of PHASE_1_EVENTS) this.buffers.set(event, []);\n // EventEmitter caps listeners at 10 by default; the tool layer may add\n // several short-lived subscriptions, so lift the cap.\n this.emitter.setMaxListeners(0);\n }\n\n /\n Fetch the target list from the Chromium DevTools `/json` (or `/json/list`)\n * endpoint and pick the first non-blank page target.\n \n Returns the selected target's `webSocketDebuggerUrl` alongside the\n * normalized `CdpTarget` list (all page targets visible to the server).\n /\n private async fetchTargets(): Promise<{\n selected: ChromiumJsonTarget \| null;\n all: CdpTarget[];\n }> {\n // Chromium exposes both /json and /json/list; /json is the canonical form.\n const res = await fetch(`${this.devtoolsHttpUrl}/json`);\n if (!res.ok) {\n throw new Error(\n `Chromium DevTools /json returned HTTP ${res.status} ${res.statusText}. ` +\n 'Is the browser running with --remote-debugging-port?',\n );\n }\n const body: unknown = await res.json();\n const list: ChromiumJsonTarget[] = Array.isArray(body) ? (body as ChromiumJsonTarget[]) : [];\n\n this.targets.clear();\n let selected: ChromiumJsonTarget \| null = null;\n\n for (const item of list) {\n if (!isObject(item) \|\| typeof item.id !== 'string') continue;\n const cdpTarget: CdpTarget = {\n id: item.id,\n title: typeof item.title === 'string' ? item.title : '',\n url: typeof item.url === 'string' ? item.url : '',\n };\n this.targets.set(item.id, cdpTarget);\n\n // Pick the first `page` target that is not a blank/devtools page.\n if (\n selected === null &&\n item.type === 'page' &&\n typeof item.webSocketDebuggerUrl === 'string' &&\n !isBlankOrDevtoolsUrl(item.url)\n ) {\n selected = item;\n }\n }\n\n return { selected, all: [...this.targets.values()] };\n }\n\n listTargets(): CdpTarget[] {\n return [...this.targets.values()];\n }\n\n /\n Discover the target, open a direct CDP websocket to its\n * `webSocketDebuggerUrl`, and enable Phase 1+2 domains. Resolves once the\n * socket is open and domain-enable commands are sent. Idempotent — concurrent\n * callers share the in-flight promise.\n /\n async enableDomains(): Promise<void> {\n if (this.ws && this.ws.readyState === WebSocket.OPEN) return;\n if (this.enablingPromise) return this.enablingPromise;\n this.enablingPromise = this._doEnableDomains().finally(() => {\n this.enablingPromise = null;\n });\n return this.enablingPromise;\n }\n\n private async _doEnableDomains(): Promise<void> {\n const { selected } = await this.fetchTargets();\n if (!selected) {\n throw new Error(\n 'No suitable page target found in the local Chromium instance. ' +\n 'Ensure the browser has a non-blank page open and was started with ' +\n '--remote-debugging-port matching devtoolsHttpUrl.',\n );\n }\n\n // Local CDP gives us the per-target WS URL directly — no relay path needed.\n const wsUrl = selected.webSocketDebuggerUrl as string;\n const ws = new WebSocket(wsUrl);\n this.ws = ws;\n\n await new Promise<void>((resolve, reject) => {\n ws.once('open', () => resolve());\n ws.once('error', (err: Error) => reject(err));\n });\n\n ws.on('message', (data: WebSocket.RawData) => this.handleMessage(data.toString()));\n\n // Enable the same domain set as ChiiCdpConnection so all tools work identically.\n this.sendFireAndForget('Runtime.enable');\n this.sendFireAndForget('Network.enable');\n this.sendFireAndForget('DOM.enable');\n this.sendFireAndForget('Page.enable');\n }\n\n /* Fire-and-forget CDP message (used for `.enable`, no result awaited). /\n private sendFireAndForget(method: string, params: Record<string, unknown> = {}): void {\n if (!this.ws \|\| this.ws.readyState !== WebSocket.OPEN) return;\n const id = this.nextCommandId++;\n this.ws.send(JSON.stringify({ id, method, params }));\n }\n\n /*\n Issue a CDP command and resolve with its typed result. Rejects on a CDP\n * error frame or when no websocket is open.\n /\n send<M extends CdpCommandName>(\n method: M,\n params?: CdpCommandMap[M]['params'],\n ): Promise<CdpCommandMap[M]['result']> {\n return this.sendCommand(method, (params ?? {}) as Record<string, unknown>) as Promise<\n CdpCommandMap[M]['result']\n >;\n }\n\n /\n Issue an arbitrary request→response command and resolve with its raw\n * result. Both the typed CDP `send` and any AIT domain commands build on this.\n /\n sendCommand(method: string, params: Record<string, unknown> = {}): Promise<unknown> {\n if (!this.ws \|\| this.ws.readyState !== WebSocket.OPEN) {\n return Promise.reject(\n new Error(\n 'No local Chromium page attached yet. Call enableDomains() first and ensure ' +\n 'the browser is running with --remote-debugging-port.',\n ),\n );\n }\n const id = this.nextCommandId++;\n const ws = this.ws;\n return new Promise<unknown>((resolve, reject) => {\n this.pending.set(id, { resolve, reject });\n ws.send(JSON.stringify({ id, method, params }));\n });\n }\n\n private handleMessage(raw: string): void {\n const message = parseInbound(raw);\n if (!message) return;\n\n // Command response (has an id matching a pending request).\n if (typeof message.id === 'number' && this.pending.has(message.id)) {\n const waiter = this.pending.get(message.id);\n this.pending.delete(message.id);\n if (waiter) {\n if (message.error) waiter.reject(new Error(message.error.message));\n else waiter.resolve(message.result);\n }\n return;\n }\n\n // Event (buffered for the Phase 1 stream tools).\n if (typeof message.method !== 'string') return;\n if (!this.buffers.has(message.method as CdpEventName)) return;\n const event = message.method as CdpEventName;\n const buffer = this.buffers.get(event);\n if (!buffer) return;\n buffer.push(message.params);\n if (buffer.length > this.bufferSize) buffer.shift();\n this.emitter.emit(event, message.params);\n }\n\n getBufferedEvents<E extends CdpEventName>(event: E): ReadonlyArray<CdpEventMap[E]> {\n const buffer = this.buffers.get(event);\n return (buffer ?? []) as ReadonlyArray<CdpEventMap[E]>;\n }\n\n on<E extends CdpEventName>(event: E, listener: (payload: CdpEventMap[E]) => void): () => void {\n this.emitter.on(event, listener as (payload: unknown) => void);\n return () => this.emitter.off(event, listener as (payload: unknown) => void);\n }\n\n /* Close the local CDP websocket and reject any in-flight commands. /\n close(): void {\n this.ws?.close();\n this.ws = null;\n for (const waiter of this.pending.values()) {\n waiter.reject(new Error('Local Chromium CDP connection closed.'));\n }\n this.pending.clear();\n }\n}\n\n/* True for URLs that should be skipped when selecting a page target. /\nfunction isBlankOrDevtoolsUrl(url: string): boolean {\n return (\n url === '' \|\|\n url === 'about:blank' \|\|\n url === 'about:newtab' \|\|\n url.startsWith('devtools://') \|\|\n url.startsWith('chrome://') \|\|\n url.startsWith('chrome-extension://')\n );\n}\n","/\n Chromium launcher for the local debug mode (env 1).\n \n Launch decision rationale:\n * - `chrome-launcher` (npm) is purpose-built and finds installed Chrome, but\n * adds a runtime dependency to the MCP bundle. The repo already has a clear\n * \"external dependency minimization\" policy; `chrome-launcher` is not worth\n * pulling in for what is essentially `spawn(chromeBin, [...flags])`.\n * - Playwright is a devDependency used for E2E only — pulling `chromium.launch`\n * into the runtime MCP path would add ~100 MB of bundled Chromium to the\n * production install and break the \"devDep = e2e only\" boundary.\n * - `child_process.spawn` with a platform-aware binary search is the lightest\n * option: zero new dependencies, portable across macOS/Linux/Windows, and\n * trivially testable by injecting a `spawnFn`.\n \n The launcher finds an installed Chrome/Chromium using a prioritized list of\n * well-known binary paths per platform, then spawns it with:\n * --remote-debugging-port=<port>\n * --no-first-run\n * --no-default-browser-check\n * <devUrl>\n \n `pnpm dev` is started by the user; the MCP only launches the browser pointing\n * at it.\n \n Node-only.\n /\n\nimport { type ChildProcess, spawn } from 'node:child_process';\nimport { existsSync } from 'node:fs';\nimport net from 'node:net';\nimport { platform } from 'node:os';\n\n/* A handle returned by `launchChromium`. /\nexport interface ChromiumHandle {\n /* The port Chromium is listening on for CDP (`--remote-debugging-port`). /\n port: number;\n /* Devtools HTTP base URL, e.g. `http://127.0.0.1:9222`. /\n devtoolsUrl: string;\n /* Stop the Chromium child process. /\n stop(): void;\n}\n\nexport interface LaunchChromiumOptions {\n /\n CDP remote debugging port. If 0 or omitted, an ephemeral free port is\n * chosen automatically.\n /\n port?: number;\n /\n URL to open in the browser. Defaults to `AIT_DEVTOOLS_URL` env var or\n * `http://localhost:5173`.\n /\n devUrl?: string;\n /\n Extra Chromium flags appended to the spawn command. Use with caution.\n /\n extraArgs?: string[];\n /\n Injectable `spawn` function for unit testing — defaults to Node's\n * `child_process.spawn`. Tests inject a fake to avoid launching a real browser.\n /\n spawnFn?: typeof spawn;\n}\n\n/\n Find an ephemeral free TCP port by briefly binding a server on port 0.\n * Resolves with the OS-assigned port number.\n /\nexport function findFreePort(): Promise<number> {\n return new Promise((resolve, reject) => {\n const server = net.createServer();\n server.listen(0, '127.0.0.1', () => {\n const addr = server.address();\n const port = typeof addr === 'object' && addr !== null ? addr.port : null;\n server.close(() => {\n if (port === null) {\n reject(new Error('Failed to determine free port from net.Server.'));\n } else {\n resolve(port);\n }\n });\n });\n server.once('error', reject);\n });\n}\n\n/\n Returns an ordered list of Chromium/Chrome binary paths to try for the\n * current platform.\n /\nexport function candidateChromePaths(): string[] {\n const os = platform();\n if (os === 'darwin') {\n return [\n '/Applications/Google Chrome.app/Contents/MacOS/Google Chrome',\n '/Applications/Google Chrome Canary.app/Contents/MacOS/Google Chrome Canary',\n '/Applications/Chromium.app/Contents/MacOS/Chromium',\n '/Applications/Brave Browser.app/Contents/MacOS/Brave Browser',\n ];\n }\n if (os === 'linux') {\n return [\n '/usr/bin/google-chrome',\n '/usr/bin/google-chrome-stable',\n '/usr/bin/chromium',\n '/usr/bin/chromium-browser',\n '/usr/local/bin/google-chrome',\n '/usr/local/bin/chromium',\n '/snap/bin/chromium',\n ];\n }\n if (os === 'win32') {\n const programFiles = process.env.PROGRAMFILES ?? 'C:\\\\Program Files';\n const programFilesX86 = process.env['PROGRAMFILES(X86)'] ?? 'C:\\\\Program Files (x86)';\n return [\n `${programFiles}\\\\Google\\\\Chrome\\\\Application\\\\chrome.exe`,\n `${programFilesX86}\\\\Google\\\\Chrome\\\\Application\\\\chrome.exe`,\n `${programFiles}\\\\Chromium\\\\Application\\\\chrome.exe`,\n ];\n }\n return [];\n}\n\n/* Find the first Chrome/Chromium binary that exists on this machine. /\nexport function findChromeBinary(): string \| null {\n for (const p of candidateChromePaths()) {\n if (existsSync(p)) return p;\n }\n return null;\n}\n\n/\n Launch a local Chromium instance with CDP remote debugging enabled.\n \n The caller is responsible for calling `handle.stop()` when done.\n \n @throws if no Chrome/Chromium binary is found on the system.\n /\nexport async function launchChromium(options: LaunchChromiumOptions = {}): Promise<ChromiumHandle> {\n const spawnImpl = options.spawnFn ?? spawn;\n\n // Resolve the CDP port — find a free one if not specified.\n const requestedPort = options.port ?? 0;\n const port = requestedPort === 0 ? await findFreePort() : requestedPort;\n\n const devUrl = options.devUrl ?? process.env.AIT_DEVTOOLS_URL ?? 'http://localhost:5173';\n\n const binary = findChromeBinary();\n if (binary === null) {\n throw new Error(\n 'No Chrome/Chromium binary found on this system. ' +\n 'Install Google Chrome or Chromium and try again. ' +\n 'Searched: ' +\n candidateChromePaths().join(', '),\n );\n }\n\n const args = [\n `--remote-debugging-port=${port}`,\n '--no-first-run',\n '--no-default-browser-check',\n // Use a separate profile dir so the debugged instance doesn't interfere\n // with the user's regular Chrome profile.\n '--user-data-dir=/tmp/ait-devtools-chromium-profile',\n ...(options.extraArgs ?? []),\n devUrl,\n ];\n\n const child: ChildProcess = spawnImpl(binary, args, {\n // Detach stdio so the MCP server's stdio transport is not contaminated.\n stdio: 'ignore',\n detached: false,\n });\n\n // Allow the Node process to exit even if the child is still running.\n child.unref();\n\n const devtoolsUrl = `http://127.0.0.1:${port}`;\n\n process.stderr.write(\n `[ait-local-debug] Launched Chromium: ${binary}\\n` +\n `[ait-local-debug] CDP endpoint: ${devtoolsUrl}\\n` +\n `[ait-local-debug] Opening: ${devUrl}\\n`,\n );\n\n return {\n port,\n devtoolsUrl,\n stop(): void {\n try {\n child.kill();\n } catch {\n // Ignore — the child may have already exited.\n }\n },\n };\n}\n","/\n 로컬 HTTP 서버 — QR 페이지를 `http://127.0.0.1:<port>` 에서 서빙한다.\n \n file:// origin 대신 HTTP origin을 쓰는 이유: 브라우저 보안 정책상 file://에서\n * 로드된 페이지는 외부 fetch/script가 전부 차단되며, file:// 절대 경로를 <img src>에\n * 넣으면 브라우저에 따라 빈 화면이 된다. 127.0.0.1 HTTP는 modern 브라우저가 fully trust.\n \n SECRET-HANDLING:\n * - 127.0.0.1 바인딩만 — 외부 노출 0.\n * - attachUrl은 HTML 본문과 /qr.png query에만 들어간다 (의도된 전달 경로).\n * - stdout/stderr/로그에 별도 출력하지 않는다.\n * - tmp 파일 만들지 않음 — 모든 응답을 메모리에서 생성.\n /\n\nimport type { Server } from 'node:http';\nimport { createServer } from 'node:http';\n\nexport interface QrHttpServer {\n port: number;\n /* `http://127.0.0.1:<port>/attach?u=<encoded>` URL 생성 헬퍼. /\n buildAttachPageUrl(attachUrl: string): string;\n close(): Promise<void>;\n}\n\n/\n 로컬 HTTP 서버를 127.0.0.1 random port(또는 `AIT_DEBUG_HTTP_PORT` env)로 시작한다.\n * MCP debug server 생애주기에 묶어 사용 — `runDebugServer` shutdown 시 `close()`로 정리.\n /\nexport async function startQrHttpServer(): Promise<QrHttpServer> {\n const { default: QRCode } = await import('qrcode');\n\n const server: Server = createServer((req, res) => {\n const rawUrl = req.url ?? '/';\n const [path, query = ''] = rawUrl.split('?', 2) as [string, string \| undefined];\n const params = new URLSearchParams(query ?? '');\n\n if (path === '/attach') {\n const encodedU = params.get('u') ?? '';\n let attachUrl: string;\n try {\n attachUrl = decodeURIComponent(encodedU);\n } catch {\n res.writeHead(400, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('잘못된 u 파라미터입니다.');\n return;\n }\n\n // deploymentId 라벨 — attachUrl에서 _deploymentId 파라미터만 추출 (at= 노출 방지).\n let deploymentIdLabel = 'attach';\n try {\n const dpMatch = attachUrl.match(/[?&]_deploymentId=([^&]+)/);\n if (dpMatch?.[1]) {\n deploymentIdLabel = decodeURIComponent(dpMatch[1]).slice(0, 36);\n }\n } catch {\n // best-effort\n }\n\n // QR을 base64 data URL로 인라인 생성 — 외부 fetch 없이 self-contained HTML.\n QRCode.toDataURL(attachUrl, { type: 'image/png', errorCorrectionLevel: 'M' })\n .then((dataUrl: string) => {\n const safeLabel = deploymentIdLabel.replace(/[<>&\"']/g, (c) => `&#${c.charCodeAt(0)};`);\n const safeAttachUrl = attachUrl.replace(/[<>&\"']/g, (c) => `&#${c.charCodeAt(0)};`);\n const html = buildAttachHtml(dataUrl, safeLabel, safeAttachUrl);\n res.writeHead(200, {\n 'Content-Type': 'text/html; charset=utf-8',\n 'Cache-Control': 'no-store',\n });\n res.end(html);\n })\n .catch(() => {\n res.writeHead(500, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('QR 생성에 실패했습니다.');\n });\n return;\n }\n\n if (path === '/qr.png') {\n const encodedU = params.get('u') ?? '';\n let attachUrl: string;\n try {\n attachUrl = decodeURIComponent(encodedU);\n } catch {\n res.writeHead(400, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('잘못된 u 파라미터입니다.');\n return;\n }\n\n QRCode.toBuffer(attachUrl, { type: 'png', errorCorrectionLevel: 'M' })\n .then((buf: Buffer) => {\n res.writeHead(200, {\n 'Content-Type': 'image/png',\n 'Cache-Control': 'no-store',\n 'Content-Length': String(buf.length),\n });\n res.end(buf);\n })\n .catch(() => {\n res.writeHead(500, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('QR PNG 생성에 실패했습니다.');\n });\n return;\n }\n\n res.writeHead(404, { 'Content-Type': 'text/plain; charset=utf-8' });\n res.end('Not Found');\n });\n\n const listenPort = Number(process.env.AIT_DEBUG_HTTP_PORT ?? 0);\n\n await new Promise<void>((resolve, reject) => {\n server.listen(listenPort, '127.0.0.1', () => resolve());\n server.once('error', reject);\n });\n\n const address = server.address();\n if (!address \|\| typeof address === 'string') {\n throw new Error('qr-http-server: server.address()가 예상하지 못한 형태입니다.');\n }\n const port = address.port;\n\n return {\n port,\n buildAttachPageUrl(attachUrl: string): string {\n return `http://127.0.0.1:${port}/attach?u=${encodeURIComponent(attachUrl)}`;\n },\n close(): Promise<void> {\n return new Promise((resolve, reject) => {\n server.close((err) => (err ? reject(err) : resolve()));\n });\n },\n };\n}\n\n/\n QR 스캔 페이지 HTML 본문.\n * dark theme, inline style, 외부 fetch 없음.\n /\nfunction buildAttachHtml(qrDataUrl: string, safeLabel: string, safeAttachUrl: string): string {\n return `<!DOCTYPE html>\n<html lang=\"ko\">\n<head>\n <meta charset=\"utf-8\" />\n <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" />\n <title>AIT 디버그 세션 — QR 스캔</title>\n <style>\n , ::before, ::after { box-sizing: border-box; }\n body {\n font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", sans-serif;\n background: #0d1117; color: #c9d1d9;\n display: flex; flex-direction: column; align-items: center;\n min-height: 100vh; margin: 0; padding: 2rem 1rem;\n gap: 1.5rem;\n }\n h1 { font-size: 1.25rem; font-weight: 600; color: #e6edf3; margin: 0; text-align: center; }\n .label { font-size: 0.8rem; opacity: 0.5; font-family: monospace; margin: 0; }\n img.qr {\n width: min(90vw, 360px); height: auto;\n image-rendering: pixelated;\n background: #fff; padding: 1rem; border-radius: 12px;\n }\n section { width: 100%; max-width: 480px; }\n h2 { font-size: 1rem; font-weight: 600; color: #e6edf3; margin: 0 0 0.5rem; }\n ol, ul { margin: 0; padding-left: 1.25rem; }\n li { margin-bottom: 0.4rem; font-size: 0.9rem; line-height: 1.5; }\n .url-box {\n font-family: monospace; font-size: 0.72rem;\n word-break: break-all; opacity: 0.4;\n background: #161b22; padding: 0.75rem 1rem;\n border-radius: 6px; border: 1px solid #30363d;\n }\n hr { border: none; border-top: 1px solid #21262d; width: 100%; margin: 0.5rem 0; }\n </style>\n</head>\n<body>\n <h1>AIT 디버그 세션 — QR 스캔</h1>\n <p class=\"label\">deployment: ${safeLabel}</p>\n <img class=\"qr\" src=\"${qrDataUrl}\" alt=\"attach QR\" />\n\n <section>\n <h2>스캔 절차</h2>\n <ol>\n <li>토스 앱을 실행하세요.</li>\n <li>폰 카메라 앱으로 QR 코드를 스캔하세요.</li>\n <li>팝업이 뜨면 <strong>\"토스로 열기\"</strong>를 탭하세요.</li>\n <li>미니앱이 열리고 디버그 세션이 자동으로 attach됩니다.</li>\n </ol>\n </section>\n\n <hr />\n\n <section>\n <h2>진단 체크리스트</h2>\n <ul>\n <li><strong>토스 앱이 안 열리는 경우</strong> — 앱 버전 확인, 카메라 앱으로 스캔 (토스 앱 내 QR 리더 X)</li>\n <li><strong>미니앱이 PREPARE 상태에서 멈추는 경우</strong> — deep-link에 <code>_deploymentId</code> 파라미터가 있는지 확인</li>\n <li><strong>Chii 주입 실패 / 콘솔이 비어 있는 경우</strong> — 미니앱 번들에 <code>in-app</code> debug import가 있는지 확인</li>\n <li><strong>TOTP gate Layer C가 비활성인 경우</strong> — relay 서버에 <code>AIT_DEBUG_TOTP_SECRET</code>이 설정돼 있는지 확인</li>\n </ul>\n </section>\n\n <hr />\n\n <section>\n <h2>URL (fallback)</h2>\n <p class=\"url-box\">${safeAttachUrl}</p>\n </section>\n</body>\n</html>`;\n}\n","/*\n Build a self-attaching dogfood deep link.\n \n `ait deploy --scheme-only` prints an `intoss-private://…?_deploymentId=<uuid>`\n * URL that opens a dogfood bundle on a phone. The in-app debug gate\n * (`src/in-app/gate.ts`) auto-attaches when the entry URL also carries\n * `debug=1` and `relay=<wss-url>`. This helper splices those params (plus\n * `at=<code>` when TOTP is enabled) into the scheme URL; rendering the result\n * as a QR code and scanning it with the phone camera opens the mini-app and\n * attaches it to the live Chii relay. QR is the single entry path — it needs\n * no USB cable, platform CLI, or driver, and works the same on iOS/Android.\n \n The Toss app propagates extra query params from the entry deep link into the\n * mini-app WebView's `location.search` (confirmed behavior), so the gate reads\n * them at attach time.\n \n TOTP `at=` param:\n * When a TOTP secret is active, `buildDeepLinkAttachUrl` accepts an optional\n * `totpCode` argument and splices `at=<code>` alongside `debug` and `relay`.\n * The code must be computed by the caller at call time — do NOT pre-compute\n * and cache it, because the 30-second window expires quickly. The in-app gate\n * (`src/in-app/gate.ts` Layer C) validates this code against the baked secret.\n \n Why not `URL`/`URLSearchParams`: `intoss-private:` is a non-special scheme.\n * The WHATWG `URL` parser treats such schemes opaquely (no host/path/query\n * decomposition you can rely on across runtimes), so query manipulation via\n * `url.searchParams` is not portable here. We splice the query string directly\n * on the raw string instead, which keeps the scheme, authority, path, and any\n * pre-existing params (notably `_deploymentId`) byte-for-byte intact.\n /\n\n/\n Suspicious/generic authority values that indicate a malformed or placeholder\n * scheme URL. These are host strings that will almost certainly cause the Toss\n * app to fail with \"bundle not found\" silently.\n \n The expected form from `ait deploy --scheme-only` is:\n * intoss-private://<appName>?_deploymentId=<uuid>\n * where `<appName>` is a non-generic string like `aitc-sdk-example`.\n /\nconst SUSPICIOUS_AUTHORITIES = new Set<string>(['', 'web', 'localhost', '127.0.0.1', 'app']);\n\n/\n Validates the authority (host) portion of a scheme URL.\n \n Returns a warning message if the authority is missing or looks like a\n * placeholder, or `null` if the authority looks valid.\n \n Expected form: `intoss-private://<appName>?_deploymentId=<uuid>`\n * The authority must be a non-empty, non-generic app name (e.g. `aitc-sdk-example`).\n /\nexport function validateSchemeAuthority(schemeUrl: string): string \| null {\n // Extract authority from `scheme://authority[/path][?query][#hash]`.\n // We cannot use the WHATWG URL parser for non-special schemes reliably\n // (see the deeplink.ts module comment), so we parse the raw string.\n const afterScheme = schemeUrl.replace(/^[a-zA-Z][a-zA-Z0-9+\\-.]:\\/\\//, '');\n if (afterScheme === schemeUrl) {\n // No `://` found — not a scheme URL at all.\n return (\n 'scheme_url does not look like a scheme URL (expected `intoss-private://<appName>?_deploymentId=<uuid>`). ' +\n 'Use the URL printed by `ait deploy --scheme-only`.'\n );\n }\n\n // authority ends at the first `/`, `?`, `#`, or end of string.\n const authorityEnd = afterScheme.search(/[/?#]/);\n const authority = authorityEnd === -1 ? afterScheme : afterScheme.slice(0, authorityEnd);\n\n if (SUSPICIOUS_AUTHORITIES.has(authority.toLowerCase())) {\n const displayAuthority = authority === '' ? '(empty)' : `\"${authority}\"`;\n return (\n `scheme_url authority ${displayAuthority} looks like a placeholder. ` +\n 'Expected an app name like `intoss-private://aitc-sdk-example?_deploymentId=<uuid>`. ' +\n 'Use the URL printed by `ait deploy --scheme-only` — it includes the correct app name as the host.'\n );\n }\n\n return null;\n}\n\n/** A param the helper appends. Existing occurrences are replaced, not duplicated. /\ntype AppendParam = readonly [key: string, value: string];\n\nfunction stripExisting(query: string, key: string): string {\n if (query === '') return '';\n return query\n .split('&')\n .filter((pair) => pair !== '' && pair.split('=')[0] !== key)\n .join('&');\n}\n\n/\n Splices `debug=1`, `relay=<wssUrl>`, and (optionally) `at=<totpCode>` into a\n * scheme URL's query string, preserving everything else (scheme, authority,\n * path, hash, and the existing `_deploymentId` param). If any of the spliced\n * params is already present it is replaced so the helper is idempotent.\n \n @param schemeUrl - The `intoss-private://…?_deploymentId=<uuid>` URL printed\n * by `ait deploy --scheme-only`. Must already carry `_deploymentId` (Layer B\n * of the gate); this helper does not invent one.\n * @param wssUrl - The live relay URL (`wss://…trycloudflare.com`) from the\n * running debug MCP server's quick tunnel.\n * @param totpCode - Optional current TOTP code (6 digits). When provided, it\n * is spliced as `at=<totpCode>`. Must be computed at call time — it rotates\n * every 30 s. Pass `undefined` or omit when TOTP is disabled.\n * @returns The same URL with `debug=1&relay=<encoded wssUrl>[&at=<totpCode>]`\n * appended.\n * @throws If `wssUrl` is not a `wss:` URL (the gate rejects anything else, so\n * producing such a link would be a silent dead end).\n /\nexport function buildDeepLinkAttachUrl(\n schemeUrl: string,\n wssUrl: string,\n totpCode?: string,\n): string {\n let relay: URL;\n try {\n relay = new URL(wssUrl);\n } catch {\n throw new Error(`relay URL is not a valid URL: ${wssUrl}`);\n }\n if (relay.protocol !== 'wss:') {\n throw new Error(`relay URL must use the wss: scheme, got ${relay.protocol} (${wssUrl})`);\n }\n\n const hashIndex = schemeUrl.indexOf('#');\n const hash = hashIndex === -1 ? '' : schemeUrl.slice(hashIndex);\n const beforeHash = hashIndex === -1 ? schemeUrl : schemeUrl.slice(0, hashIndex);\n\n const queryIndex = beforeHash.indexOf('?');\n const base = queryIndex === -1 ? beforeHash : beforeHash.slice(0, queryIndex);\n let query = queryIndex === -1 ? '' : beforeHash.slice(queryIndex + 1);\n\n const appended: AppendParam[] = [\n ['debug', '1'],\n ['relay', wssUrl],\n ];\n // Only splice `at=` when a code is provided (TOTP enabled). Omitting it when\n // TOTP is disabled preserves backward compatibility with gate deployments\n // that do not yet evaluate the `at` param.\n if (totpCode !== undefined && totpCode !== '') {\n appended.push(['at', totpCode]);\n }\n\n // Always strip the `at` key from the existing query so a stale code from a\n // previous run is removed even when the caller does not provide a fresh code.\n query = stripExisting(query, 'at');\n\n for (const [key] of appended) {\n query = stripExisting(query, key);\n }\n for (const [key, value] of appended) {\n const pair = `${key}=${encodeURIComponent(value)}`;\n query = query === '' ? pair : `${query}&${pair}`;\n }\n\n return `${base}?${query}${hash}`;\n}\n","/\n call_sdk 인자 시그니처 레지스트리\n \n 잘 알려진 SDK 메서드의 인자 schema를 수동으로 등록한다.\n * 목적: 잘못된 인자가 native bridge에 도달하기 전에 MCP 레이어에서 reject하여\n * 토스 앱 crash(Swift/Kotlin 측에서 `.type` 등을 undefined로 읽는 경우)를 예방.\n \n 등록되지 않은 메서드는 passthrough — 알 수 없는 메서드에 대해 stderr 경고 1회.\n \n 시그니처 출처:\n * - `src/__typecheck.ts` — Original SDK 타입 호환성 검증\n * - `src/mock/navigation/index.ts` — mock 구현의 함수 시그니처\n * - `src/mock/device/` — device mock 시그니처\n \n 새 메서드 추가 방법:\n * 1. `src/__typecheck.ts` 또는 mock 구현에서 시그니처 확인\n * 2. 아래 SIGNATURES 배열에 `SdkSignature` 항목 추가\n * 3. `src/__tests__/call-sdk-validation.test.ts`에 ok + bad 케이스 추가\n /\n\n/* 단일 메서드에 대한 인자 검증 결과 /\nexport type ValidationResult = { ok: true } \| { ok: false; expected: string; received: string };\n\n/* 등록된 SDK 메서드 시그니처 /\nexport interface SdkSignature {\n /* SDK 메서드 이름 (예: \"setDeviceOrientation\") /\n name: string;\n /\n 인자 배열을 검증하는 함수.\n * `args[0]` 등 필요한 인자를 `unknown` 타입으로 받아 type guard로 검증.\n /\n validateArgs(args: unknown[]): ValidationResult;\n /\n 에러 메시지에 포함할 올바른 호출 예시.\n * 예: `call_sdk('setDeviceOrientation', [{ type: 'landscape' }])`\n /\n example: string;\n}\n\n/ -------------------------------------------------------------------------- /\n/ 헬퍼 — 공통 type guard /\n/ -------------------------------------------------------------------------- /\n\nfunction isObject(v: unknown): v is Record<string, unknown> {\n return typeof v === 'object' && v !== null && !Array.isArray(v);\n}\n\nfunction describeArgs(args: unknown[]): string {\n try {\n return JSON.stringify(args);\n } catch {\n return String(args);\n }\n}\n\n/ -------------------------------------------------------------------------- /\n/ 시그니처 레지스트리 /\n/ -------------------------------------------------------------------------- /\n\n/\n 등록된 메서드 목록.\n \n 시그니처 출처 확인:\n * - 함수가 인자를 받지 않으면 args[0] 없음 → `args.length === 0`을 체크하지 않고\n * 그냥 통과시킨다(args 무시하는 stub가 많아서 noArgs 체크가 noise).\n * - 실 SDK 시그니처는 `src/__typecheck.ts`의 `Assert<Mock, Original>` 줄로 보장.\n /\nconst SIGNATURES: SdkSignature[] = [\n // --- setDeviceOrientation ---\n // 실 시그니처: setDeviceOrientation(options: { type: 'portrait' \| 'landscape' }): Promise<void>\n // 출처: src/mock/navigation/index.ts:40 / src/__typecheck.ts:55\n {\n name: 'setDeviceOrientation',\n validateArgs(args) {\n const arg = args[0];\n if (!isObject(arg)) {\n return {\n ok: false,\n expected: \"{ type: 'portrait' \| 'landscape' }\",\n received: describeArgs(args),\n };\n }\n const type = arg.type;\n if (type !== 'portrait' && type !== 'landscape') {\n return {\n ok: false,\n expected: \"{ type: 'portrait' \| 'landscape' }\",\n received: describeArgs(args),\n };\n }\n return { ok: true };\n },\n example: \"call_sdk('setDeviceOrientation', [{ type: 'landscape' }])\",\n },\n\n // --- setIosSwipeGestureEnabled ---\n // 실 시그니처: setIosSwipeGestureEnabled(options: { isEnabled: boolean }): Promise<void>\n // 출처: src/mock/navigation/index.ts:32 / src/__typecheck.ts:51\n {\n name: 'setIosSwipeGestureEnabled',\n validateArgs(args) {\n const arg = args[0];\n if (!isObject(arg) \|\| typeof arg.isEnabled !== 'boolean') {\n return {\n ok: false,\n expected: '{ isEnabled: boolean }',\n received: describeArgs(args),\n };\n }\n return { ok: true };\n },\n example: \"call_sdk('setIosSwipeGestureEnabled', [{ isEnabled: false }])\",\n },\n\n // --- setSecureScreen ---\n // 실 시그니처: setSecureScreen(options: { enabled: boolean }): Promise<{ enabled: boolean }>\n // 출처: src/mock/navigation/index.ts:66 / src/__typecheck.ts:46\n {\n name: 'setSecureScreen',\n validateArgs(args) {\n const arg = args[0];\n if (!isObject(arg) \|\| typeof arg.enabled !== 'boolean') {\n return {\n ok: false,\n expected: '{ enabled: boolean }',\n received: describeArgs(args),\n };\n }\n return { ok: true };\n },\n example: \"call_sdk('setSecureScreen', [{ enabled: true }])\",\n },\n\n // --- setScreenAwakeMode ---\n // 실 시그니처: setScreenAwakeMode(options: { enabled: boolean }): Promise<{ enabled: boolean }>\n // 출처: src/mock/navigation/index.ts:57 / src/__typecheck.ts:47\n {\n name: 'setScreenAwakeMode',\n validateArgs(args) {\n const arg = args[0];\n if (!isObject(arg) \|\| typeof arg.enabled !== 'boolean') {\n return {\n ok: false,\n expected: '{ enabled: boolean }',\n received: describeArgs(args),\n };\n }\n return { ok: true };\n },\n example: \"call_sdk('setScreenAwakeMode', [{ enabled: true }])\",\n },\n\n // --- getOperationalEnvironment ---\n // 실 시그니처: getOperationalEnvironment(): 'toss' \| 'sandbox'\n // 인자 없음 — args는 무시 (SDK 자체가 인자를 무시함)\n // 출처: src/mock/navigation/index.ts:88 / src/__typecheck.ts:62\n {\n name: 'getOperationalEnvironment',\n validateArgs(_args) {\n return { ok: true };\n },\n example: \"call_sdk('getOperationalEnvironment', [])\",\n },\n\n // --- getPlatformOS ---\n // 실 시그니처: getPlatformOS(): 'ios' \| 'android'\n // 출처: src/mock/navigation/index.ts:84 / src/__typecheck.ts:61\n {\n name: 'getPlatformOS',\n validateArgs(_args) {\n return { ok: true };\n },\n example: \"call_sdk('getPlatformOS', [])\",\n },\n\n // --- getDeviceId ---\n // 실 시그니처: getDeviceId(): string\n // 출처: src/mock/navigation/index.ts:119 / src/__typecheck.ts:74\n {\n name: 'getDeviceId',\n validateArgs(_args) {\n return { ok: true };\n },\n example: \"call_sdk('getDeviceId', [])\",\n },\n\n // --- getLocale ---\n // 실 시그니처: getLocale(): string\n // 출처: src/mock/navigation/index.ts:115 / src/__typecheck.ts:72\n {\n name: 'getLocale',\n validateArgs(_args) {\n return { ok: true };\n },\n example: \"call_sdk('getLocale', [])\",\n },\n\n // --- getNetworkStatus ---\n // 실 시그니처: getNetworkStatus(): Promise<NetworkStatus>\n // 출처: src/mock/navigation/index.ts:127 / src/__typecheck.ts:73\n {\n name: 'getNetworkStatus',\n validateArgs(_args) {\n return { ok: true };\n },\n example: \"call_sdk('getNetworkStatus', [])\",\n },\n\n // --- getSchemeUri ---\n // 실 시그니처: getSchemeUri(): string\n // 출처: src/mock/navigation/index.ts:111 / src/__typecheck.ts:71\n {\n name: 'getSchemeUri',\n validateArgs(_args) {\n return { ok: true };\n },\n example: \"call_sdk('getSchemeUri', [])\",\n },\n\n // --- requestReview ---\n // 실 시그니처: requestReview(): Promise<void>\n // 출처: src/mock/navigation/index.ts:75 / src/__typecheck.ts:76\n {\n name: 'requestReview',\n validateArgs(_args) {\n return { ok: true };\n },\n example: \"call_sdk('requestReview', [])\",\n },\n\n // --- closeView ---\n // 실 시그니처: closeView(): Promise<void>\n // 출처: src/mock/navigation/index.ts:10 / src/__typecheck.ts:42\n {\n name: 'closeView',\n validateArgs(_args) {\n return { ok: true };\n },\n example: \"call_sdk('closeView', [])\",\n },\n];\n\n/ -------------------------------------------------------------------------- /\n/ 레지스트리 공개 API /\n/ -------------------------------------------------------------------------- /\n\nconst SIGNATURE_MAP = new Map<string, SdkSignature>(SIGNATURES.map((s) => [s.name, s]));\n\n/* 세션 내 passthrough 경고를 한 번만 emit하기 위한 Set /\nconst _warnedPassthrough = new Set<string>();\n\n/\n 메서드 이름으로 시그니처를 조회한다.\n * 등록된 메서드이면 `SdkSignature`를 반환하고, 미등록이면 `undefined`.\n /\nexport function lookupSignature(name: string): SdkSignature \| undefined {\n return SIGNATURE_MAP.get(name);\n}\n\n/\n 미등록 메서드에 대해 stderr에 passthrough 경고를 1회 출력한다.\n * 세션 내 동일 메서드 이름은 최초 1회만 출력.\n /\nexport function warnPassthrough(name: string): void {\n if (_warnedPassthrough.has(name)) return;\n _warnedPassthrough.add(name);\n process.stderr.write(`[ait-debug] call_sdk: \"${name}\" 시그니처가 등록되지 않음 — passthrough\\n`);\n}\n\n/\n 테스트에서 passthrough 경고 Set을 초기화하기 위한 헬퍼.\n * 프로덕션 코드에서는 호출하지 않는다.\n /\nexport function _resetWarnedPassthroughForTest(): void {\n _warnedPassthrough.clear();\n}\n\n/\n 등록된 메서드 이름 목록 — tool description 생성 등에서 사용.\n /\nexport const REGISTERED_METHOD_NAMES: ReadonlyArray<string> = SIGNATURES.map((s) => s.name);\n","/\n Debug-mode MCP tools (Phase 1–3 + safe-area probe).\n \n Read-only tools that normalize CDP / AIT data into `chrome-devtools-mcp`-\n * compatible shapes. The tools never touch a websocket or HTTP endpoint\n * directly — they read from an injected `CdpConnection` (CDP events/commands)\n * or `AitSource` (AIT.* domain), which is what makes them unit-testable with a\n * fake. No phone and no running dev server are needed in tests.\n \n Phase 1 (CDP events):\n * - `list_console_messages` ← Runtime.consoleAPICalled\n * - `list_network_requests` ← Network.requestWillBeSent + responseReceived\n * - `list_pages` ← Chii relay target list + tunnel status\n * Phase 2 (CDP commands):\n * - `get_dom_document` ← DOM.getDocument\n * - `take_snapshot` ← DOMSnapshot.captureSnapshot\n * - `take_screenshot` ← Page.captureScreenshot\n * - `measure_safe_area` ← Runtime.evaluate (safe-area probe)\n * Phase 3 (AIT.* domain — CDP can't cover these):\n * - `AIT.getSdkCallHistory`\n * - `AIT.getMockState`\n * - `AIT.getOperationalEnvironment`\n /\n\nimport type {\n AitMockState,\n AitOperationalEnvironment,\n AitSdkCallHistory,\n AitSource,\n} from './ait-source.js';\nimport type {\n CdpCallFrame,\n CdpConnection,\n CdpRemoteObject,\n ConsoleApiCalledEvent,\n DomGetDocumentResult,\n DomSnapshotResult,\n NetworkRequestWillBeSentEvent,\n NetworkResponseReceivedEvent,\n RuntimeExceptionThrownEvent,\n} from './cdp-connection.js';\nimport { buildDeepLinkAttachUrl, validateSchemeAuthority } from './deeplink.js';\nimport { lookupSignature, warnPassthrough } from './sdk-signatures.js';\n\n/* Tunnel state surfaced by `list_pages`. /\nexport interface TunnelStatus {\n /* Whether the cloudflared quick tunnel is up. /\n up: boolean;\n /* Public `wss://.trycloudflare.com` relay URL the phone attaches to. /\n wssUrl: string \| null;\n}\n\n/** Static MCP tool descriptors (name + JSONSchema) for the full debug tool surface. /\nexport const DEBUG_TOOL_DEFINITIONS = [\n {\n name: 'list_console_messages',\n description:\n 'Lists recent console messages (console.log/warn/error/info) captured from the attached ' +\n 'mini-app page over CDP (Runtime.consoleAPICalled). Read-only. Returns level, text, ' +\n 'timestamp, and stringified args, oldest-first.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'list_network_requests',\n description:\n 'Lists recent network requests (XHR/fetch) captured from the attached mini-app page over ' +\n 'CDP (Network.requestWillBeSent + Network.responseReceived). Read-only. Returns url, ' +\n 'method, status, and timing, oldest-first.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'list_pages',\n description:\n 'Returns the single active page (at most one) the relay sees attached. ' +\n 'When a second page attaches, the previous one is evicted (last-attach wins — ' +\n 'single-attach model). The result includes `singleAttachModel: true` so the agent ' +\n 'knows the array is always 0 or 1 entries. ' +\n 'Also returns whether the cloudflared tunnel is up and the public wss relay URL. ' +\n 'Each page entry includes a `lastSeenAt` ISO timestamp (last inbound CDP message from ' +\n 'that target — useful to detect stale entries when the phone app backgrounded). ' +\n 'The result also includes `crashDetectedAt` (ISO timestamp or null): when non-null, ' +\n 'a page crash was detected via Inspector.targetCrashed / Target.targetDestroyed since ' +\n 'the last attach, the pages list will be empty, and `crashWarning` shows a Korean hint ' +\n 'to re-attach. ' +\n 'Call this first to confirm a page is attached before reading console/network.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'build_attach_url',\n description:\n \"The tool result already shows the QR to the user directly (Claude Code renders MCP tool output to the user's screen; they press Ctrl+O to expand if it's collapsed). Do NOT re-print or re-render the QR in your reply — that just wastes output tokens. Simply tell the user to scan the QR shown in this tool's output with their phone camera. \" +\n 'Turns an `ait deploy --scheme-only` URL (intoss-private://…?_deploymentId=<uuid>) into a ' +\n 'self-attaching deep link by splicing in debug=1 and the live relay URL for this session. ' +\n 'Returns the deep link JSON and a unicode QR of that deep link. Scan the QR with the phone ' +\n 'camera to open the mini-app and attach it to this debug session (QR is the single entry ' +\n 'path — no USB cable or platform CLI needed). Requires the tunnel to be up — call ' +\n 'list_pages first. Set wait_for_attach=true to block until the phone scans and a page ' +\n 'attaches (polls listTargets up to 90 s), then returns the attached page info too. ' +\n 'When open_in_browser=true (default), saves the QR as a PNG and opens it in the OS default ' +\n 'browser — only works when the MCP server runs on a local GUI machine (not headless/remote containers).',\n inputSchema: {\n type: 'object',\n properties: {\n scheme_url: {\n type: 'string',\n description:\n 'The intoss-private:// scheme URL from `ait deploy --scheme-only` (must carry _deploymentId). ' +\n 'The authority (host) must be the app name (e.g. intoss-private://aitc-sdk-example?_deploymentId=…). ' +\n 'Generic values like \"web\" or an empty host indicate a malformed URL.',\n },\n wait_for_attach: {\n type: 'boolean',\n description:\n 'If true, block after returning the QR until a page attaches to the relay (polls ' +\n 'listTargets ~1 s interval, timeout 90 s). On attach, the response includes the ' +\n 'attached page list. On timeout, returns an error with a list_pages retry hint.',\n },\n open_in_browser: {\n type: 'boolean',\n description:\n 'If true (default), render the QR as a PNG and open it in the OS default browser. ' +\n 'Only works when the MCP server is running on a local GUI machine — headless or ' +\n 'remote container environments should set this to false to use the text QR fallback.',\n },\n },\n required: ['scheme_url'],\n },\n },\n {\n name: 'get_dom_document',\n description:\n 'Returns the DOM tree of the attached mini-app page over CDP (DOM.getDocument). Read-only. ' +\n 'Use for structural/layout regression diagnosis (e.g. confirming an element exists, ' +\n 'inspecting attributes). Returns the document root node with children.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'take_snapshot',\n description:\n 'Captures a serialized snapshot of the attached page over CDP (DOMSnapshot.captureSnapshot). ' +\n 'Read-only. Returns the documents + interned strings table for visual-regression diagnosis ' +\n '(e.g. checking computed CSS custom properties like --sat against the live layout).',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'take_screenshot',\n description:\n 'Captures a PNG screenshot of the attached mini-app page over CDP (Page.captureScreenshot) ' +\n 'so the agent can see the phone screen directly. Read-only. Returns an image content block.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'measure_safe_area',\n description:\n 'Runs a safe-area probe on the attached mini-app page via Runtime.evaluate and returns ' +\n 'normalized safe-area insets, viewport geometry, device pixel ratio, and User-Agent. ' +\n 'Read-only — does not modify page state. ' +\n 'Use in a relay session (phone attached) to get ground-truth values for upgrading a ' +\n 'viewport preset from extrapolated/placeholder to measured. ' +\n 'Requires the relay to be attached — call list_pages first.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'evaluate',\n description:\n 'Evaluates an arbitrary JavaScript expression on the attached mini-app page via ' +\n 'CDP Runtime.evaluate (returnByValue: true) and returns the result. ' +\n 'NOT read-only — the expression can have side effects (DOM mutations, SDK calls, ' +\n 'state changes). Requires the relay to be attached — call list_pages first. ' +\n 'Throws if the evaluation throws an exception on the page.',\n inputSchema: {\n type: 'object',\n properties: {\n expression: {\n type: 'string',\n description: 'JavaScript expression to evaluate in the page context.',\n },\n },\n required: ['expression'],\n },\n },\n {\n name: 'list_exceptions',\n description:\n 'Lists JS-level exceptions captured via `Runtime.exceptionThrown` from the relay attached ' +\n 'page. Includes timestamp, exception text, source URL/line, and stack trace. ' +\n 'Use to root-cause SDK throws that may precede a Toss app crash (#265 / #267). ' +\n 'The buffer holds up to 50 most recent exceptions and survives target ' +\n 'replaced/crashed/destroyed events so an exception just before a crash is preserved. ' +\n 'Returns up to 50 most recent by default.',\n inputSchema: {\n type: 'object',\n properties: {\n limit: {\n type: 'number',\n description: 'Maximum number of exceptions to return (default 50, max 50).',\n },\n },\n required: [],\n },\n },\n {\n name: 'call_sdk',\n description:\n 'Calls a dogfood SDK method via the window.__sdkCall bridge ' +\n '(exported by @apps-in-toss/web-framework only in __DEBUG_BUILD__ bundles). ' +\n 'NOT read-only — SDK calls have side effects (navigation, payments, permissions, etc.). ' +\n 'On env 2/3 (real device relay) this hits the real SDK; on env 1 (local mock) it hits ' +\n 'the mock SDK. Requires the relay to be attached — call list_pages first. ' +\n 'Returns {ok: true, value} on success or {ok: false, error} on failure. ' +\n 'If a Runtime.exceptionThrown event was observed within [callStart-50ms, callEnd+200ms], ' +\n 'the result also includes `recentException` for crash triage. ' +\n 'Returns a clear error if window.__sdkCall is not available (non-dogfood bundle).\\n\\n' +\n 'IMPORTANT — 인자 시그니처 (잘못된 인자로 호출하면 토스 앱 crash 위험):\\n' +\n ' setDeviceOrientation: call_sdk(\"setDeviceOrientation\", [{ type: \"landscape\" }]) // NOT \"landscape\"\\n' +\n ' setIosSwipeGestureEnabled: call_sdk(\"setIosSwipeGestureEnabled\", [{ isEnabled: false }])\\n' +\n ' setSecureScreen: call_sdk(\"setSecureScreen\", [{ enabled: true }])\\n' +\n ' setScreenAwakeMode: call_sdk(\"setScreenAwakeMode\", [{ enabled: true }])\\n' +\n ' getOperationalEnvironment: call_sdk(\"getOperationalEnvironment\", [])\\n' +\n ' getPlatformOS: call_sdk(\"getPlatformOS\", [])\\n' +\n ' getDeviceId: call_sdk(\"getDeviceId\", [])\\n' +\n ' getLocale: call_sdk(\"getLocale\", [])\\n' +\n ' getNetworkStatus: call_sdk(\"getNetworkStatus\", [])\\n' +\n ' getSchemeUri: call_sdk(\"getSchemeUri\", [])\\n' +\n ' requestReview: call_sdk(\"requestReview\", [])\\n' +\n ' closeView: call_sdk(\"closeView\", [])',\n inputSchema: {\n type: 'object',\n properties: {\n name: {\n type: 'string',\n description: 'SDK method name to call (e.g. \"getOperationalEnvironment\").',\n },\n args: {\n type: 'array',\n description: 'Arguments to pass to the SDK method (optional, default []).',\n items: {},\n },\n },\n required: ['name'],\n },\n },\n {\n name: 'AIT.getSdkCallHistory',\n description:\n 'Returns the recent Apps In Toss SDK call trace (method, args, result/error, timestamp) that ' +\n 'raw CDP cannot observe. Read-only. Use to confirm an SDK call fired and how it resolved ' +\n '(e.g. a saveBase64Data permission regression).',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'AIT.getMockState',\n description:\n 'Returns the devtools mock state snapshot (window.__ait) — environment, permissions, location, ' +\n 'auth, network, IAP, and more. Read-only. In dev mode this is the live browser mock state; in ' +\n 'debug mode the in-app side reports it over the AIT domain.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'AIT.getOperationalEnvironment',\n description:\n 'Returns getOperationalEnvironment() plus the resolved SDK version — metadata raw CDP cannot ' +\n 'observe. Read-only.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n] as const;\n\nexport type DebugToolName = (typeof DEBUG_TOOL_DEFINITIONS)[number]['name'];\n\nconst DEBUG_TOOL_NAMES = new Set<string>(DEBUG_TOOL_DEFINITIONS.map((t) => t.name));\n\nexport function isDebugToolName(name: string): name is DebugToolName {\n return DEBUG_TOOL_NAMES.has(name);\n}\n\n/\n Tool names that are available before any page attaches (bootstrap tier).\n \n `build_attach_url` — pure URL synthesis, no attach needed.\n * `list_pages` — reports tunnel status + empty pages even pre-attach.\n \n All other tools require an attached page (`enableDomains` must succeed) and\n * are only advertised in `tools/list` once a target appears.\n /\nexport const BOOTSTRAP_TOOL_NAMES: ReadonlySet<string> = new Set<string>([\n 'build_attach_url',\n 'list_pages',\n]);\n\n/* Normalized console message returned by `list_console_messages`. /\nexport interface ConsoleMessage {\n level: string;\n text: string;\n timestamp: number;\n args: string[];\n}\n\n/* Normalized network request returned by `list_network_requests`. /\nexport interface NetworkRequest {\n requestId: string;\n url: string;\n method: string;\n /* HTTP status once a response was seen, else null (still in-flight). /\n status: number \| null;\n statusText: string \| null;\n /* Request start (CDP timestamp). /\n startTime: number;\n /* Response received (CDP timestamp), else null. /\n endTime: number \| null;\n}\n\n/* Renders a CDP `RemoteObject` console arg to a stable display string. /\nfunction renderRemoteObject(arg: CdpRemoteObject): string {\n if (arg.value !== undefined) {\n if (typeof arg.value === 'string') return arg.value;\n try {\n return JSON.stringify(arg.value);\n } catch {\n return String(arg.value);\n }\n }\n if (arg.description !== undefined) return arg.description;\n if (arg.className !== undefined) return arg.className;\n return arg.subtype ?? arg.type;\n}\n\nexport function normalizeConsoleMessage(event: ConsoleApiCalledEvent): ConsoleMessage {\n const args = event.args.map(renderRemoteObject);\n return {\n level: event.type,\n text: args.join(' '),\n timestamp: event.timestamp,\n args,\n };\n}\n\nexport function listConsoleMessages(connection: CdpConnection): ConsoleMessage[] {\n return connection\n .getBufferedEvents('Runtime.consoleAPICalled')\n .map((event) => normalizeConsoleMessage(event));\n}\n\nexport function listNetworkRequests(connection: CdpConnection): NetworkRequest[] {\n const requests = connection.getBufferedEvents('Network.requestWillBeSent');\n const responses = connection.getBufferedEvents('Network.responseReceived');\n\n const responseByRequestId = new Map<string, NetworkResponseReceivedEvent>();\n for (const response of responses) {\n responseByRequestId.set(response.requestId, response);\n }\n\n return requests.map((request: NetworkRequestWillBeSentEvent) => {\n const response = responseByRequestId.get(request.requestId);\n return {\n requestId: request.requestId,\n url: request.request.url,\n method: request.request.method,\n status: response ? response.response.status : null,\n statusText: response ? response.response.statusText : null,\n startTime: request.timestamp,\n endTime: response ? response.timestamp : null,\n };\n });\n}\n\n/ -------------------------------------------------------------------------- /\n/ list_exceptions — Runtime.exceptionThrown ring buffer /\n/ -------------------------------------------------------------------------- /\n\n/\n Normalized exception returned by `list_exceptions`.\n \n Flattens the CDP `Runtime.ExceptionDetails` shape into the most useful\n * fields. The `raw` field carries the original event for callers that need\n * the full payload.\n /\nexport interface BufferedException {\n /* Wall-clock ms since epoch (CDP `Runtime.Timestamp`). /\n timestamp: number;\n /* Short summary text from `exceptionDetails.text`. /\n text: string;\n /* Source URL where the exception was thrown, if known. /\n url?: string;\n /* 0-based line number in the source file, if known. /\n lineNumber?: number;\n /* 0-based column number in the source file, if known. /\n columnNumber?: number;\n /* `description` of the thrown `RemoteObject` (e.g. \"TypeError: …\"). /\n exceptionText?: string;\n /\n Formatted stack trace: `at fn (url:line:col)` lines joined by `\\n`.\n * Omitted when no `stackTrace.callFrames` are available.\n /\n stack?: string;\n /* Full original `Runtime.exceptionThrown` event payload. /\n raw: RuntimeExceptionThrownEvent;\n}\n\n/* Formats a single CDP call frame into `at fn (url:line:col)`. /\nfunction formatCallFrame(frame: CdpCallFrame): string {\n const fn = frame.functionName \|\| '(anonymous)';\n return `at ${fn} (${frame.url}:${frame.lineNumber}:${frame.columnNumber})`;\n}\n\n/* Normalizes a raw `Runtime.exceptionThrown` event into a `BufferedException`. /\nexport function normalizeException(event: RuntimeExceptionThrownEvent): BufferedException {\n const { timestamp, exceptionDetails } = event;\n const frames = exceptionDetails.stackTrace?.callFrames;\n const stack = frames && frames.length > 0 ? frames.map(formatCallFrame).join('\\n') : undefined;\n const exceptionText = exceptionDetails.exception?.description ?? undefined;\n\n const result: BufferedException = {\n timestamp,\n text: exceptionDetails.text,\n raw: event,\n };\n if (exceptionDetails.url !== undefined) result.url = exceptionDetails.url;\n if (exceptionDetails.lineNumber !== undefined) result.lineNumber = exceptionDetails.lineNumber;\n if (exceptionDetails.columnNumber !== undefined)\n result.columnNumber = exceptionDetails.columnNumber;\n if (exceptionText !== undefined) result.exceptionText = exceptionText;\n if (stack !== undefined) result.stack = stack;\n return result;\n}\n\n/\n Returns the most recent buffered `Runtime.exceptionThrown` events, normalized.\n * Oldest-first; limited to `limit` entries (default 50, max 50).\n /\nexport function listExceptions(connection: CdpConnection, limit = 50): BufferedException[] {\n const cap = Math.min(Math.max(1, limit), 50);\n const events = connection.getBufferedEvents('Runtime.exceptionThrown');\n // Slice from the tail to respect the cap while preserving oldest-first order.\n const sliced = events.length > cap ? events.slice(events.length - cap) : events;\n return sliced.map((e) => normalizeException(e));\n}\n\n/* A page entry in the `list_pages` result, extended with freshness info. /\nexport interface ListPagesEntry {\n id: string;\n title: string;\n url: string;\n /* ISO timestamp of the last inbound CDP message from this target, or null. /\n lastSeenAt: string \| null;\n}\n\n/* Result of `list_pages`: attach status + tunnel state + crash info. /\nexport interface ListPagesResult {\n /\n The single active page, or an empty array when nothing is attached.\n * Under the single-attach model this is always 0 or 1 entries.\n /\n pages: ListPagesEntry[];\n tunnel: TunnelStatus;\n /\n ISO timestamp of the most recent crash / targetDestroyed / detachedFromTarget\n * event detected since the last `enableDomains()`, or `null` if none.\n * When non-null, all attached pages have been removed from the relay map and\n * a new `enableDomains()` call is required to resume debugging.\n /\n crashDetectedAt: string \| null;\n /* Korean warning line shown in tool output when a crash was detected. /\n crashWarning: string \| null;\n /\n Always `true` — signals to the agent that at most one page is ever present.\n * When a second page attaches, the previous one is evicted (last-attach wins).\n /\n singleAttachModel: true;\n}\n\n/\n Duck-type interface for the crash-detection extras exposed by `ChiiCdpConnection`.\n * The base `CdpConnection` interface is kept minimal (fake-friendly); the extras\n * are opt-in so tests without them continue to compile.\n /\ninterface CrashAwareCdpConnection extends CdpConnection {\n getLastCrashDetectedAt(): number \| null;\n getTargetLastSeenAt(targetId: string): number \| null;\n}\n\nfunction isCrashAware(conn: CdpConnection): conn is CrashAwareCdpConnection {\n return (\n typeof (conn as CrashAwareCdpConnection).getLastCrashDetectedAt === 'function' &&\n typeof (conn as CrashAwareCdpConnection).getTargetLastSeenAt === 'function'\n );\n}\n\nexport function listPages(connection: CdpConnection, tunnel: TunnelStatus): ListPagesResult {\n const rawTargets = connection.listTargets();\n const pages: ListPagesEntry[] = rawTargets.map((t) => {\n const lastSeenMs = isCrashAware(connection) ? connection.getTargetLastSeenAt(t.id) : null;\n return {\n id: t.id,\n title: t.title,\n url: t.url,\n lastSeenAt: lastSeenMs !== null ? new Date(lastSeenMs).toISOString() : null,\n };\n });\n\n const crashMs = isCrashAware(connection) ? connection.getLastCrashDetectedAt() : null;\n const crashDetectedAt = crashMs !== null ? new Date(crashMs).toISOString() : null;\n const crashWarning = crashDetectedAt\n ? `[ait-debug] page crash 감지됨 — 새 attach 필요 (관측 시각: ${crashDetectedAt})`\n : null;\n\n return { pages, tunnel, crashDetectedAt, crashWarning, singleAttachModel: true };\n}\n\n/* A `build_attach_url` result: the spliced deep link the phone should open. /\nexport interface BuildAttachUrlResult {\n /* The scheme URL with `debug=1&relay=<wss>` spliced in. /\n attachUrl: string;\n /* The relay URL that was spliced in (this session's quick tunnel). /\n relayUrl: string;\n /\n Non-fatal warning about the scheme URL's authority being missing or\n * suspicious (e.g. \"web\", \"localhost\"). Callers should surface this to\n * help the user catch a malformed URL early.\n /\n authorityWarning?: string;\n}\n\n/\n Builds a self-attaching dogfood deep link from an `ait deploy --scheme-only`\n * URL plus this session's live relay. Throws if the tunnel is not up yet (no\n * relay URL to splice in) — the caller surfaces that as a tool error.\n \n Also validates the scheme URL's authority. A suspicious authority (empty,\n * \"web\", \"localhost\", etc.) is surfaced as a non-fatal `authorityWarning` on\n * the result so the caller can show a helpful hint without blocking the link\n * generation (the warning is consistent with how other validation in\n * `buildDeepLinkAttachUrl` works — hard errors for relay, soft warning for\n * the scheme authority which is in the caller's input, not ours to own).\n /\nexport function buildAttachUrl(schemeUrl: string, tunnel: TunnelStatus): BuildAttachUrlResult {\n if (!tunnel.up \|\| tunnel.wssUrl === null) {\n throw new Error(\n 'No relay URL yet — the cloudflared quick tunnel is not up. ' +\n 'Call list_pages to check tunnel status.',\n );\n }\n const authorityWarning = validateSchemeAuthority(schemeUrl) ?? undefined;\n return {\n attachUrl: buildDeepLinkAttachUrl(schemeUrl, tunnel.wssUrl),\n relayUrl: tunnel.wssUrl,\n ...(authorityWarning !== undefined ? { authorityWarning } : {}),\n };\n}\n\n/ -------------------------------------------------------------------------- /\n/ QR PNG rendering + browser open /\n/ -------------------------------------------------------------------------- /\n\n/\n Heuristic: can this process open a GUI browser?\n \n Returns `true` when we think a GUI is available:\n * - On macOS (`darwin`) we assume yes (MCP normally runs on the user's Mac).\n * - On Linux we check for `DISPLAY` or `WAYLAND_DISPLAY`.\n * - On Windows we assume yes.\n * - In a CI environment (`CI=true`) we assume no.\n /\nexport function canOpenBrowser(): boolean {\n if (process.env.CI === 'true' \|\| process.env.CI === '1') return false;\n const platform = process.platform;\n if (platform === 'darwin' \|\| platform === 'win32') return true;\n if (platform === 'linux') {\n return Boolean(process.env.DISPLAY ?? process.env.WAYLAND_DISPLAY);\n }\n return false;\n}\n\n/\n Result of `openQrInBrowser`.\n \n HTTP URL 기반으로 재구현 — tmp 파일 없음. `httpUrl`이 브라우저에 전달되는 URL이다.\n * SECRET-HANDLING: `httpUrl`은 127.0.0.1 로컬 전용이며 at= 코드 값을 직접 담지 않는다\n * (attachUrl은 /attach?u= query로 전달되어 서버 메모리에서만 처리).\n /\nexport interface OpenQrInBrowserResult {\n /* `true` if the browser was successfully opened. /\n opened: boolean;\n /* `http://127.0.0.1:<port>/attach?u=...` — 브라우저에 전달된 URL. /\n httpUrl: string;\n /* `http://127.0.0.1:<port>/qr.png?u=...` — PNG fallback URL. /\n pngUrl: string;\n /* Error message if `opened` is false (browser spawn failed). /\n error?: string;\n /* Captured stderr from failed spawn attempts (at= 값은 redact됨). /\n stderrSummary?: string;\n}\n\n/* platform별 browser open 명령 후보 목록 — 앞에서부터 순차 시도. /\nfunction getBrowserCandidates(httpUrl: string): Array<{ cmd: string; args: string[] }> {\n const platform = process.platform;\n if (platform === 'darwin') {\n return [\n { cmd: 'open', args: [httpUrl] },\n { cmd: 'open', args: ['-a', 'Safari', httpUrl] },\n { cmd: 'open', args: ['-a', 'Google Chrome', httpUrl] },\n { cmd: 'open', args: ['-a', 'Firefox', httpUrl] },\n ];\n }\n if (platform === 'win32') {\n return [\n { cmd: 'cmd', args: ['/c', 'start', '', httpUrl] },\n { cmd: 'rundll32', args: ['url.dll,FileProtocolHandler', httpUrl] },\n ];\n }\n // linux + fallback\n return [\n { cmd: 'xdg-open', args: [httpUrl] },\n { cmd: 'sensible-browser', args: [httpUrl] },\n { cmd: 'x-www-browser', args: [httpUrl] },\n { cmd: 'firefox', args: [httpUrl] },\n { cmd: 'google-chrome', args: [httpUrl] },\n { cmd: 'chromium', args: [httpUrl] },\n ];\n}\n\n/* stderr에서 at= TOTP 코드 값을 redact한다. /\nfunction redactSecrets(text: string): string {\n // at=<value> 패턴에서 값 부분을 redact — TOTP 코드가 노출되지 않도록.\n return text.replace(/\\bat=([^&\\s\"']+)/g, 'at=<redacted>');\n}\n\n/* spawnSync exit 0이어도 stderr에 launch 실패 시그널이 있으면 실패로 판단한다. /\nconst LAUNCH_FAILURE_PATTERNS = [\n /LSOpenURLsWithRole\$\$ failed/,\n /kLSApplicationNotFoundErr/,\n /No application/,\n /Unable to find application/,\n /xdg-open: not found/,\n /command not found/,\n];\n\nfunction isLaunchFailureStderr(stderr: string): boolean {\n return LAUNCH_FAILURE_PATTERNS.some((p) => p.test(stderr));\n}\n\n/\n 로컬 HTTP 서버 URL(`http://127.0.0.1:<port>/attach?u=...`)을 OS 기본 브라우저로 연다.\n \n platform별 fallback chain으로 시도하며, 모두 실패해도 `opened: false` + `httpUrl`을\n * 반환해 사용자가 직접 브라우저에 붙여넣을 수 있게 한다.\n \n SECRET-HANDLING:\n * - tmp 파일을 만들지 않는다 (HTML/PNG는 HTTP 서버가 메모리에서 응답).\n * - httpUrl/pngUrl은 127.0.0.1 로컬 전용.\n * - stderr 캡처 결과에서 at= 코드 값을 redact한 후 stderrSummary에 포함.\n * - attachUrl, deploymentId, TOTP 코드를 stdout/stderr/로그에 직접 출력 금지.\n \n @param httpUrl - `http://127.0.0.1:<port>/attach?u=<encoded>` HTTP URL.\n * @param pngUrl - `http://127.0.0.1:<port>/qr.png?u=<encoded>` PNG fallback URL.\n /\nexport async function openQrInBrowser(\n httpUrl: string,\n pngUrl: string,\n): Promise<OpenQrInBrowserResult> {\n const { spawnSync } = await import('node:child_process');\n\n const candidates = getBrowserCandidates(httpUrl);\n const stderrLines: string[] = [];\n\n for (const { cmd, args } of candidates) {\n const result = spawnSync(cmd, args, { encoding: 'utf8', timeout: 5000 });\n\n if (result.error) {\n // 명령 자체를 실행하지 못한 경우 (ENOENT 등) — 다음 후보로.\n stderrLines.push(`${cmd}: ${result.error.message}`);\n continue;\n }\n\n const stderr = typeof result.stderr === 'string' ? result.stderr : '';\n if (stderr) {\n stderrLines.push(`${cmd}: ${redactSecrets(stderr.trim())}`);\n }\n\n // exit 0이어도 stderr에 launch 실패 패턴이 있으면 실패로 취급.\n if (result.status === 0 && !isLaunchFailureStderr(stderr)) {\n return { opened: true, httpUrl, pngUrl };\n }\n }\n\n const stderrSummary = stderrLines.length > 0 ? stderrLines.join('\\n') : undefined;\n return {\n opened: false,\n httpUrl,\n pngUrl,\n error: '모든 브라우저 실행 후보가 실패했습니다.',\n stderrSummary,\n };\n}\n\n/ -------------------------------------------------------------------------- /\n/ Phase 2 — DOM / snapshot / screenshot (CDP commands) /\n/ -------------------------------------------------------------------------- /\n\n/* Returns the DOM tree of the attached page (`DOM.getDocument`). /\nexport function getDomDocument(connection: CdpConnection): Promise<DomGetDocumentResult> {\n // `pierce: true` flattens shadow roots; depth -1 returns the whole subtree so\n // a single call yields the full tree for structural diagnosis.\n return connection.send('DOM.getDocument', { depth: -1, pierce: true });\n}\n\n/* Returns a serialized page snapshot (`DOMSnapshot.captureSnapshot`). /\nexport function takeSnapshot(connection: CdpConnection): Promise<DomSnapshotResult> {\n return connection.send('DOMSnapshot.captureSnapshot', {});\n}\n\n/* A `take_screenshot` result: the raw base64 PNG plus a ready-to-use data URI. /\nexport interface ScreenshotResult {\n /* Base64-encoded PNG bytes (no data-URI prefix). /\n data: string;\n /* `data:image/png;base64,…` form for clients that render a URI. /\n dataUri: string;\n mimeType: 'image/png';\n}\n\n/* Captures a PNG screenshot of the attached page (`Page.captureScreenshot`). /\nexport async function takeScreenshot(connection: CdpConnection): Promise<ScreenshotResult> {\n const { data } = await connection.send('Page.captureScreenshot', { format: 'png' });\n return { data, dataUri: `data:image/png;base64,${data}`, mimeType: 'image/png' };\n}\n\n/ -------------------------------------------------------------------------- /\n/ measure_safe_area — Runtime.evaluate probe /\n/ -------------------------------------------------------------------------- /\n\n/\n The JS probe injected via `Runtime.evaluate`. It reads:\n * 1. `env(safe-area-inset-)` via a temporary element with padding set to\n those CSS env vars, then `getComputedStyle`.\n * 2. `window.__sdk.SafeAreaInsets.get()` (1st priority) or\n * `window.__sdk.getSafeAreaInsets()` (2nd priority) — both surfaces\n * confirmed live on iPhone 15 Pro relay. `window.__sdk` is only present\n * in dogfood (__DEBUG_BUILD__) bundles; outside those it is undefined.\n * If both paths fail the result carries `sdkInsetsError` explaining why.\n * 3. nav bar geometry: the SDK does not expose navBar height as a standalone\n * API — `.ait-navbar` DOM height is read as a cross-check, and\n * `navBarHeightSource` records where it came from.\n * 4. `innerWidth`, `innerHeight`, `devicePixelRatio`, `navigator.userAgent`.\n \n Returns a plain JSON-serialisable object so `returnByValue: true` works.\n \n NOTE: This expression is evaluated in the page context on the real device.\n * It does not mutate any page state — the temporary element is removed after\n * reading. No secret or auth token is read or returned.\n /\nexport const SAFE_AREA_PROBE_EXPRESSION = `\n(function() {\n var el = document.createElement('div');\n el.style.cssText = 'position:fixed;top:0;left:0;width:0;height:0;visibility:hidden;' +\n 'padding-top:env(safe-area-inset-top,0px);' +\n 'padding-right:env(safe-area-inset-right,0px);' +\n 'padding-bottom:env(safe-area-inset-bottom,0px);' +\n 'padding-left:env(safe-area-inset-left,0px)';\n document.documentElement.appendChild(el);\n var cs = window.getComputedStyle(el);\n var cssEnv = {\n top: parseFloat(cs.paddingTop) \|\| 0,\n right: parseFloat(cs.paddingRight) \|\| 0,\n bottom: parseFloat(cs.paddingBottom) \|\| 0,\n left: parseFloat(cs.paddingLeft) \|\| 0\n };\n document.documentElement.removeChild(el);\n var sdkInsets = null;\n var sdkInsetsError = undefined;\n try {\n var sdk = window.__sdk;\n if (sdk && sdk.SafeAreaInsets && typeof sdk.SafeAreaInsets.get === 'function') {\n sdkInsets = sdk.SafeAreaInsets.get();\n } else if (sdk && typeof sdk.getSafeAreaInsets === 'function') {\n sdkInsets = sdk.getSafeAreaInsets();\n } else if (!sdk) {\n sdkInsetsError = 'window.__sdk not available (non-dogfood bundle)';\n } else {\n sdkInsetsError = 'neither SafeAreaInsets.get nor getSafeAreaInsets found on window.__sdk';\n }\n } catch(e) {\n sdkInsetsError = String(e && e.message \|\| e);\n }\n var navBarHeight = null;\n var navBarHeightSource = 'not-exposed-by-sdk';\n try {\n var nb = document.querySelector('.ait-navbar');\n if (nb) {\n navBarHeight = nb.getBoundingClientRect().height;\n navBarHeightSource = 'dom-.ait-navbar';\n }\n } catch(_) {}\n var result = {\n cssEnv: cssEnv,\n sdkInsets: sdkInsets,\n navBarHeight: navBarHeight,\n navBarHeightSource: navBarHeightSource,\n innerWidth: window.innerWidth,\n innerHeight: window.innerHeight,\n devicePixelRatio: window.devicePixelRatio,\n userAgent: navigator.userAgent\n };\n if (sdkInsetsError !== undefined) result.sdkInsetsError = sdkInsetsError;\n return JSON.stringify(result);\n})()\n`.trim();\n\n/\n Normalized result returned by `measure_safe_area`.\n \n All inset values are in CSS pixels as reported by the real device.\n * `userAgent` is included for device identification; it never contains\n * authentication secrets or session tokens.\n /\nexport interface SafeAreaMeasurement {\n /\n `env(safe-area-inset-)` values read via `getComputedStyle` on the device.\n On iOS inside the Toss host WebView this is typically all-zero because the\n * WebView viewport is placed below the physical notch by the host app.\n /\n cssEnv: { top: number; right: number; bottom: number; left: number };\n /\n `window.__sdk.SafeAreaInsets.get()` (1st priority) or\n * `window.__sdk.getSafeAreaInsets()` (2nd priority) result from the native\n * SDK. `null` when both paths fail — see `sdkInsetsError` for the reason.\n * In the Toss host WebView `top` is the nav bar height and `bottom` is the\n * home-indicator height.\n /\n sdkInsets: { top: number; right: number; bottom: number; left: number } \| null;\n /\n Populated when the SDK inset lookup failed (both paths absent or threw).\n * `undefined` when `sdkInsets` is non-null (i.e. the lookup succeeded).\n \n Example values:\n * - `\"window.__sdk not available (non-dogfood bundle)\"`\n * - `\"neither SafeAreaInsets.get nor getSafeAreaInsets found on window.__sdk\"`\n * - `\"TypeError: ...\"`\n /\n sdkInsetsError?: string;\n /\n Height of the `.ait-navbar` element (px) if present, else `null`.\n * The SDK does not expose navBar height as a standalone API; this DOM\n * measurement is used to cross-validate `sdkInsets.top`.\n /\n navBarHeight: number \| null;\n /\n Describes where `navBarHeight` came from:\n * - `\"dom-.ait-navbar\"` — read from the `.ait-navbar` element's bounding rect.\n * - `\"not-exposed-by-sdk\"` — the SDK has no standalone navBar height API and\n * no `.ait-navbar` element was found in the DOM.\n /\n navBarHeightSource: string;\n /* CSS viewport width (`window.innerWidth`). /\n innerWidth: number;\n /* CSS viewport height (`window.innerHeight`). /\n innerHeight: number;\n /\n Device pixel ratio (`window.devicePixelRatio`).\n * Note: `window.devicePixelRatio` is read-only in the browser, so devtools\n * cannot emulate DPR locally — this is the ground-truth value from the device.\n /\n devicePixelRatio: number;\n /\n `navigator.userAgent` string for device identification.\n * Does not contain authentication secrets.\n /\n userAgent: string;\n}\n\n/\n Parses a raw `Runtime.evaluate` result value into a `SafeAreaMeasurement`.\n * The probe returns a JSON string (because `returnByValue:true` with a plain\n * object works unreliably across Chii relay versions — stringifying is safer).\n \n Throws if the result is missing, contains an exception, or cannot be parsed.\n /\nexport function normalizeSafeAreaResult(rawValue: unknown): SafeAreaMeasurement {\n if (typeof rawValue !== 'string') {\n throw new Error(\n `measure_safe_area: probe returned unexpected type \"${typeof rawValue}\" — expected JSON string`,\n );\n }\n let parsed: unknown;\n try {\n parsed = JSON.parse(rawValue);\n } catch {\n throw new Error(`measure_safe_area: probe returned non-JSON string: ${rawValue}`);\n }\n if (typeof parsed !== 'object' \|\| parsed === null \|\| Array.isArray(parsed)) {\n throw new Error('measure_safe_area: parsed result is not an object');\n }\n const obj = parsed as Record<string, unknown>;\n\n function requireInsets(\n key: string,\n ): { top: number; right: number; bottom: number; left: number } \| null {\n const v = obj[key];\n if (v === null \|\| v === undefined) return null;\n if (typeof v !== 'object') return null;\n const r = v as Record<string, unknown>;\n return {\n top: typeof r.top === 'number' ? r.top : 0,\n right: typeof r.right === 'number' ? r.right : 0,\n bottom: typeof r.bottom === 'number' ? r.bottom : 0,\n left: typeof r.left === 'number' ? r.left : 0,\n };\n }\n\n const cssEnv = requireInsets('cssEnv') ?? { top: 0, right: 0, bottom: 0, left: 0 };\n const sdkInsets = requireInsets('sdkInsets');\n const sdkInsetsError = typeof obj.sdkInsetsError === 'string' ? obj.sdkInsetsError : undefined;\n const navBarHeight = typeof obj.navBarHeight === 'number' ? obj.navBarHeight : null;\n const navBarHeightSource =\n typeof obj.navBarHeightSource === 'string' ? obj.navBarHeightSource : 'not-exposed-by-sdk';\n const innerWidth = typeof obj.innerWidth === 'number' ? obj.innerWidth : 0;\n const innerHeight = typeof obj.innerHeight === 'number' ? obj.innerHeight : 0;\n const devicePixelRatio = typeof obj.devicePixelRatio === 'number' ? obj.devicePixelRatio : 1;\n const userAgent = typeof obj.userAgent === 'string' ? obj.userAgent : '';\n\n return {\n cssEnv,\n sdkInsets,\n ...(sdkInsetsError !== undefined ? { sdkInsetsError } : {}),\n navBarHeight,\n navBarHeightSource,\n innerWidth,\n innerHeight,\n devicePixelRatio,\n userAgent,\n };\n}\n\n/\n Runs the safe-area probe on the attached page and returns a normalized\n * `SafeAreaMeasurement`. Read-only — does not mutate page state.\n \n Throws on CDP error, probe exception, or result parse failure.\n /\nexport async function measureSafeArea(connection: CdpConnection): Promise<SafeAreaMeasurement> {\n const result = await connection.send('Runtime.evaluate', {\n expression: SAFE_AREA_PROBE_EXPRESSION,\n returnByValue: true,\n awaitPromise: false,\n });\n if (result.exceptionDetails) {\n const msg =\n result.exceptionDetails.exception?.description ??\n result.exceptionDetails.text ??\n 'Runtime.evaluate threw an exception';\n throw new Error(`measure_safe_area: probe threw — ${msg}`);\n }\n return normalizeSafeAreaResult(result.result.value);\n}\n\n/ -------------------------------------------------------------------------- /\n/ evaluate — arbitrary JS via Runtime.evaluate /\n/ -------------------------------------------------------------------------- /\n\n/\n Result returned by the `evaluate` tool.\n \n `value` holds the `returnByValue` result from CDP — it may be any\n * JSON-serialisable type. Treat it as opaque for logging purposes (it could\n * carry sensitive data from the page context).\n \n SECRET-HANDLING: do NOT write `value` to any log or stderr — return it to\n * the agent via the tool result only.\n /\nexport interface EvaluateResult {\n /* The evaluated result value (`returnByValue: true`). /\n value: unknown;\n /* CDP type string of the result (e.g. \"string\", \"number\", \"object\"). /\n type: string;\n}\n\n/\n Evaluates an arbitrary JS expression on the attached page via\n * `Runtime.evaluate`. NOT read-only — the expression may have side effects.\n \n Throws if the evaluation produced a CDP exception.\n \n SECRET-HANDLING: expression and result value are NOT written to any log.\n /\nexport async function evaluate(\n connection: CdpConnection,\n expression: string,\n): Promise<EvaluateResult> {\n const result = await connection.send('Runtime.evaluate', {\n expression,\n returnByValue: true,\n awaitPromise: false,\n });\n if (result.exceptionDetails) {\n // Surface only the engine error string — never the expression or result value.\n const msg =\n result.exceptionDetails.exception?.description ??\n result.exceptionDetails.text ??\n 'Runtime.evaluate threw an exception';\n throw new Error(`evaluate failed: ${msg}`);\n }\n return { value: result.result.value, type: result.result.type };\n}\n\n/ -------------------------------------------------------------------------- /\n/ call_sdk — window.__sdkCall bridge via Runtime.evaluate /\n/ -------------------------------------------------------------------------- /\n\n/\n Result returned by the `call_sdk` tool.\n * The bridge call wraps success/failure in a JSON envelope so cross-Chii\n * stringification is reliable (same approach as `measure_safe_area`).\n \n `recentException` is populated when a `Runtime.exceptionThrown` event was\n * observed within the heuristic triage window [callStart-50ms, callEnd+200ms].\n * This helps correlate an SDK throw with the bridge result, especially when\n * the SDK throws synchronously before the promise resolves.\n /\nexport type CallSdkResult =\n \| { ok: true; value: unknown; recentException?: BufferedException }\n \| { ok: false; error: string; recentException?: BufferedException };\n\n/\n Builds the Runtime.evaluate expression that calls `window.__sdkCall` with\n * the given method name and args, awaits the promise, and returns a JSON\n * envelope `{ok, value/error}` as a string.\n \n Name and args are embedded via `JSON.stringify` so they are safely escaped.\n * The expression checks for `window.__sdkCall` and returns a clear error if\n * it is absent (non-dogfood bundle).\n \n SECRET-HANDLING: the expression is built here and MUST NOT be written to\n * any log or stderr by the caller.\n /\nexport function buildCallSdkExpression(name: string, args: unknown[]): string {\n const safeName = JSON.stringify(name);\n const safeArgs = JSON.stringify(args);\n return (\n `(async () => {` +\n ` if (typeof window.__sdkCall !== 'function') {` +\n ` return JSON.stringify({ok:false,error:'window.__sdkCall is not available — is this a dogfood (__DEBUG_BUILD__) bundle?'});` +\n ` }` +\n ` try {` +\n ` const r = await window.__sdkCall(${safeName}, ...${safeArgs});` +\n ` return JSON.stringify({ok:true,value:r});` +\n ` } catch(e) {` +\n ` return JSON.stringify({ok:false,error:String(e && e.message \|\| e)});` +\n ` }` +\n `})()`\n );\n}\n\n/\n Parses the JSON envelope string returned by the `call_sdk` expression.\n * Returns a typed `CallSdkResult`.\n \n Throws only on parse failure (not on ok:false — that is a normal result).\n /\nexport function normalizeCallSdkResult(rawValue: unknown): CallSdkResult {\n if (typeof rawValue !== 'string') {\n throw new Error(\n `call_sdk: bridge returned unexpected type \"${typeof rawValue}\" — expected JSON string`,\n );\n }\n let parsed: unknown;\n try {\n parsed = JSON.parse(rawValue);\n } catch {\n // Do NOT include rawValue in the error message — it could contain secrets.\n throw new Error('call_sdk: bridge returned non-JSON string');\n }\n if (typeof parsed !== 'object' \|\| parsed === null \|\| Array.isArray(parsed)) {\n throw new Error('call_sdk: parsed result is not an object');\n }\n const obj = parsed as Record<string, unknown>;\n if (obj.ok === true) {\n return { ok: true, value: obj.value };\n }\n if (obj.ok === false) {\n return { ok: false, error: typeof obj.error === 'string' ? obj.error : String(obj.error) };\n }\n throw new Error('call_sdk: bridge result missing \"ok\" field');\n}\n\n/\n Looks up the most recent exception from the buffer that falls within the\n * triage window [windowStart, windowEnd]. Returns `undefined` if none found.\n \n The heuristic window is:\n * - windowStart = callStart - 50ms (catch sync throws before bridge fires)\n * - windowEnd = callEnd + 200ms (catch async throws resolved soon after)\n \n Only the most recent exception within the window is returned (the one most\n * likely to be causally related to the SDK call).\n /\nfunction findRecentException(\n connection: CdpConnection,\n windowStart: number,\n windowEnd: number,\n): BufferedException \| undefined {\n const events = connection.getBufferedEvents('Runtime.exceptionThrown');\n // Scan from the tail (most recent) to find the closest-in-time exception.\n for (let i = events.length - 1; i >= 0; i--) {\n const e = events[i];\n if (e.timestamp >= windowStart && e.timestamp <= windowEnd) {\n return normalizeException(e);\n }\n }\n return undefined;\n}\n\n/\n Calls a dogfood SDK method via `window.__sdkCall` on the attached page.\n * NOT read-only — SDK calls may have side effects.\n \n On env 2/3 (real device relay) this hits the real SDK; on env 1 (local\n * mock) it hits the mock SDK.\n \n 인자 시그니처 검증: 등록된 메서드는 bridge 호출 전에 인자를 검증하고, mismatch면\n * `{ok:false, error}` MCP 오류 결과를 반환한다(bridge에 도달하지 않음).\n * 미등록 메서드는 passthrough + stderr 경고 1회.\n \n Throws on CDP error or result parse failure. Returns `{ok:false, error}`\n * for bridge-level errors (method not found, SDK threw, bridge absent) or\n * argument schema violations.\n \n If a `Runtime.exceptionThrown` event was observed within the triage window\n * [callStart-50ms, callEnd+200ms], the result includes `recentException` for\n * crash triage. This window is a heuristic — it catches the common case of an\n * SDK throw immediately before/after the bridge resolves.\n \n SECRET-HANDLING: name, args, and the result value are NOT written to any log.\n /\nexport async function callSdk(\n connection: CdpConnection,\n name: string,\n args: unknown[],\n): Promise<CallSdkResult> {\n // 인자 시그니처 검증 — bridge 호출 전에 reject하여 native crash를 예방한다.\n const signature = lookupSignature(name);\n if (signature !== undefined) {\n const validation = signature.validateArgs(args);\n if (!validation.ok) {\n // isError: true 형태로 반환 — bridge에 도달하지 않음.\n const errorText =\n `call_sdk(\"${name}\") 인자 시그니처 오류.\\n` +\n `받음: ${validation.received}\\n` +\n `기대: ${validation.expected}\\n` +\n `올바른 예시: ${signature.example}`;\n return { ok: false, error: errorText };\n }\n } else {\n // 미등록 메서드 — passthrough하지만 stderr에 경고 1회.\n warnPassthrough(name);\n }\n\n const callStart = Date.now();\n const expression = buildCallSdkExpression(name, args);\n const result = await connection.send('Runtime.evaluate', {\n expression,\n returnByValue: true,\n awaitPromise: true,\n });\n const callEnd = Date.now();\n\n if (result.exceptionDetails) {\n // Surface only the engine error string — never name, args, or result value.\n const msg =\n result.exceptionDetails.exception?.description ??\n result.exceptionDetails.text ??\n 'Runtime.evaluate threw an exception';\n throw new Error(`call_sdk threw: ${msg}`);\n }\n\n const sdkResult = normalizeCallSdkResult(result.result.value);\n\n // Triage window: [callStart - 50ms, callEnd + 200ms].\n // -50ms: catches sync throws that fire just before the bridge call is sent.\n // +200ms: catches async throws resolved shortly after the bridge returns.\n const recentException = findRecentException(connection, callStart - 50, callEnd + 200);\n\n if (recentException !== undefined) {\n return { ...sdkResult, recentException };\n }\n return sdkResult;\n}\n\n/ -------------------------------------------------------------------------- /\n/ Phase 3 — AIT.* domain (CDP can't cover these) /\n/ -------------------------------------------------------------------------- /\n\n/* Set of tool names served by the AIT source rather than the CDP connection. /\nconst AIT_TOOL_NAMES = new Set<string>([\n 'AIT.getSdkCallHistory',\n 'AIT.getMockState',\n 'AIT.getOperationalEnvironment',\n]);\n\n/* True for the Phase 3 AIT.* tools (served by an `AitSource`, not CDP). /\nexport function isAitToolName(name: string): boolean {\n return AIT_TOOL_NAMES.has(name);\n}\n\n/* Returns the recent SDK call trace (`AIT.getSdkCallHistory`). /\nexport function getSdkCallHistory(source: AitSource): Promise<AitSdkCallHistory> {\n return source.get('AIT.getSdkCallHistory');\n}\n\n/* Returns the devtools mock-state snapshot (`AIT.getMockState`). /\nexport function getMockState(source: AitSource): Promise<AitMockState> {\n return source.get('AIT.getMockState');\n}\n\n/* Returns the operational environment + SDK version (`AIT.getOperationalEnvironment`). /\nexport function getOperationalEnvironment(source: AitSource): Promise<AitOperationalEnvironment> {\n return source.get('AIT.getOperationalEnvironment');\n}\n","/\n RFC 6238 TOTP implementation (Node.js, node:crypto only).\n \n External TOTP libraries (otplib, speakeasy, …) are intentionally NOT used\n * to keep the dependency surface minimal. This hand-roll is ~30 lines and\n * covers exactly what relay-side auth needs.\n \n Algorithm summary (RFC 6238 + RFC 4226):\n * T = floor(now / 30) — 30-second time step counter\n * K = Buffer.from(secret, 'hex') — shared secret (raw bytes, hex-encoded)\n * MAC = HMAC-SHA1(K, T as 8-byte big-endian uint64)\n * offset = MAC[19] & 0x0f\n * code = (MAC[offset..offset+4] & 0x7fffffff) % 10^6 — 6 digits\n \n Security note (keep this comment accurate):\n * The baked-in secret in a dogfood build is extractable from the bundle by a\n * determined reverse engineer. This mechanism raises the bar from\n * \"anyone with the URL\" to \"URL + bundle extraction + live TOTP calculation\".\n * Casual URL leaks (Slack paste, QR screenshot, shoulder-surfing) are\n * blocked; deliberate reverse engineering is not. See threat model in\n * src/mcp/chii-relay.ts and umbrella CLAUDE.md §4.\n \n SECRET-HANDLING: secret values and computed codes MUST NOT appear in any\n * log, error message, or string visible outside this module. Only boolean\n * pass/fail and reason enum values are safe to surface.\n /\n\nimport { createHmac, timingSafeEqual } from 'node:crypto';\n\n/* Time step window in seconds (RFC 6238 default). /\nconst TIME_STEP = 30;\n\n/* Number of digits in the generated code. /\nconst DIGITS = 6;\n\n/\n Derives a 6-digit TOTP code from a hex-encoded secret at the given wall-\n * clock time.\n \n @param secret - The shared secret as a hex string (e.g. 64 hex chars = 32\n * bytes). Must be the output of `generateAttachToken()` or compatible.\n * @param when - Unix timestamp in milliseconds. Defaults to `Date.now()`.\n * @returns A zero-padded 6-digit decimal string, e.g. `\"042193\"`.\n /\nexport function generateTotp(secret: string, when: number = Date.now()): string {\n const key = Buffer.from(secret, 'hex');\n // Clamp to 0 so negative timestamps (e.g. in ±skew checks near epoch) do not\n // produce a negative counter, which would cause writeUInt32BE to throw.\n const counter = Math.max(0, Math.floor(when / 1000 / TIME_STEP));\n\n // Encode counter as 8-byte big-endian unsigned integer.\n const counterBuf = Buffer.alloc(8);\n // JavaScript numbers are safe integers up to 2^53; counter is ~7.5×10^10 at\n // year 9999 — well within safe range so standard bitwise ops are fine.\n const hi = Math.floor(counter / 0x100000000);\n const lo = counter >>> 0;\n counterBuf.writeUInt32BE(hi, 0);\n counterBuf.writeUInt32BE(lo, 4);\n\n const mac = createHmac('sha1', key).update(counterBuf).digest();\n\n // Dynamic truncation (RFC 4226 §5.4).\n const offset = mac[19] & 0x0f;\n const binCode =\n ((mac[offset] & 0x7f) << 24) \|\n ((mac[offset + 1] & 0xff) << 16) \|\n ((mac[offset + 2] & 0xff) << 8) \|\n (mac[offset + 3] & 0xff);\n\n const otp = binCode % 10 * DIGITS;\n return otp.toString().padStart(DIGITS, '0');\n}\n\n/*\n Verifies a TOTP code against the secret, accepting ±`skew` time steps to\n * tolerate clock drift between the relay host and the client device.\n \n Uses `timingSafeEqual` for constant-time comparison to prevent timing\n * side-channel attacks.\n \n @param secret - Hex-encoded shared secret.\n * @param code - The 6-digit code to verify (string or numeric).\n * @param when - Unix timestamp in milliseconds. Defaults to `Date.now()`.\n * @param skew - Number of adjacent steps to accept on either side. Default 1\n * (accepts T-1, T, T+1 — a 90-second acceptance window).\n * @returns `true` if the code matches any accepted step, `false` otherwise.\n /\nexport function verifyTotp(\n secret: string,\n code: string,\n when: number = Date.now(),\n skew: number = 1,\n): boolean {\n const normalised = String(code).padStart(DIGITS, '0');\n if (normalised.length !== DIGITS \|\| !/^\\d{6}$/.test(normalised)) {\n return false;\n }\n\n const candidateBuf = Buffer.from(normalised, 'utf8');\n\n for (let delta = -skew; delta <= skew; delta++) {\n const stepWhen = when + delta TIME_STEP * 1000;\n const expected = generateTotp(secret, stepWhen);\n const expectedBuf = Buffer.from(expected, 'utf8');\n if (timingSafeEqual(expectedBuf, candidateBuf)) {\n return true;\n }\n }\n\n return false;\n}\n","/*\n cloudflared quick tunnel + attach banner for the debug-mode MCP server.\n \n On spawn, the debug server opens an accountless `.trycloudflare.com` quick\n tunnel to the local Chii relay so the phone can attach over a public wss URL,\n * then prints a unicode half-block QR + attach instructions. When TOTP auth is\n * enabled (`AIT_DEBUG_TOTP_SECRET` is set), the QR encodes only the base relay\n * URL — the TOTP code (`at=`) is NOT included because it rotates every 30 s\n * and would be stale by the time a human scans. The in-app deep-link builder\n * splices the live code at attach time.\n \n SECRET-HANDLING: The TOTP secret and computed code values MUST NOT appear\n * in any output from this module.\n \n Node-only: spawns the cloudflared binary and writes to stdout/stderr.\n /\n\nimport { randomBytes } from 'node:crypto';\nimport { bin, install, Tunnel } from 'cloudflared';\n\n/* Generates a 32-byte hex attach token shown as a pairing hint (relay-side validation is a later phase). /\nexport function generateAttachToken(): string {\n return randomBytes(32).toString('hex');\n}\n\nexport interface QuickTunnel {\n /* Public `https://.trycloudflare.com` URL the tunnel exposes. /\n url: string;\n /** Same host as `wss://` — the relay endpoint the phone attaches to. /\n wssUrl: string;\n stop(): void;\n}\n\n/* Ensures the cloudflared binary is installed (downloads + caches on first run). /\nasync function ensureCloudflaredBin(): Promise<void> {\n const { existsSync } = await import('node:fs');\n if (!existsSync(bin)) {\n await install(bin);\n }\n}\n\n/\n Opens a cloudflared quick tunnel to the local relay port and resolves once\n * the public URL is assigned.\n /\nexport async function startQuickTunnel(localPort: number): Promise<QuickTunnel> {\n await ensureCloudflaredBin();\n\n const tunnel = Tunnel.quick(`http://127.0.0.1:${localPort}`);\n\n const url = await new Promise<string>((resolve, reject) => {\n const onUrl = (assigned: string) => {\n cleanup();\n resolve(assigned);\n };\n const onError = (err: Error) => {\n cleanup();\n reject(err);\n };\n const onExit = (code: number \| null) => {\n cleanup();\n reject(new Error(`cloudflared exited before assigning a URL (code ${code})`));\n };\n const cleanup = () => {\n tunnel.off('url', onUrl);\n tunnel.off('error', onError);\n tunnel.off('exit', onExit);\n };\n tunnel.once('url', onUrl);\n tunnel.once('error', onError);\n tunnel.once('exit', onExit);\n });\n\n return {\n url,\n wssUrl: url.replace(/^https/, 'wss'),\n stop: () => {\n tunnel.stop();\n },\n };\n}\n\nexport interface AttachBannerInput {\n wssUrl: string;\n /\n Whether TOTP auth is enabled on the relay (`AIT_DEBUG_TOTP_SECRET` is set).\n \n When `true`, the banner notes that a rotating code (`at=`) will be\n * appended to attach URLs at call time — the code is NOT printed here\n * because it rotates every 30 s and would be stale in seconds.\n /\n totpEnabled: boolean;\n}\n\n/\n Renders a pure unicode half-block QR string for the given text.\n \n Uses `qrcode` (Node full lib) to get the raw bit matrix, then encodes every\n * two vertical modules into a single half-block character:\n * - both dark → `█`\n * - top only → `▀`\n * - bottom only → `▄`\n * - both light → ` ` (space)\n \n The output contains zero ANSI escape codes, so it renders correctly in\n * every surface (terminal, VS Code, JetBrains, web) and can be scanned by a\n * phone camera when shown verbatim in an agent response.\n \n Shared by `renderAttachBanner` (relay wssUrl QR) and the `build_attach_url`\n * MCP tool response (attach deep-link QR).\n /\nexport async function renderQr(text: string): Promise<string> {\n // Dynamic import mirrors the cloudflared/qrcode-terminal precedent: keeps the\n // dependency out of the module graph when the function is not called.\n const { default: QRCode } = await import('qrcode');\n const qr = QRCode.create(text, { errorCorrectionLevel: 'M' });\n const size: number = qr.modules.size;\n const data: Uint8Array = qr.modules.data as Uint8Array;\n\n const isDark = (x: number, y: number): boolean => {\n if (x < 0 \|\| y < 0 \|\| x >= size \|\| y >= size) return false;\n return data[y size + x] === 1;\n };\n\n const QUIET = 1;\n const lines: string[] = [];\n for (let y = -QUIET; y < size + QUIET; y += 2) {\n let line = '';\n for (let x = -QUIET; x < size + QUIET; x++) {\n const top = isDark(x, y);\n const bot = isDark(x, y + 1);\n line += top && bot ? '█' : top ? '▀' : bot ? '▄' : ' ';\n }\n lines.push(line);\n }\n return `${lines.join('\\n')}\\n`;\n}\n\n/*\n Renders the attach banner (relay URL + ASCII QR) as a string.\n \n The QR encodes the base `wssUrl` only. When `totpEnabled` is true, a note\n * is added that attach URLs generated by `build_attach_url` will include a\n * live TOTP code (`at=`) appended at call time.\n \n SECRET-HANDLING: no secret value, TOTP code, or intermediate value is\n * included in this output.\n /\nexport async function renderAttachBanner(input: AttachBannerInput): Promise<string> {\n // The QR encodes only the relay wssUrl — no token or code. This is safe\n // because the relay gate enforces the code at WS upgrade time anyway; the\n // QR is just for locating the relay, not for bypassing auth.\n const qr = await renderQr(input.wssUrl);\n\n const authNote = input.totpEnabled\n ? ' auth: TOTP enabled — attach URLs include a rotating code (at=).'\n : ' auth: none (set AIT_DEBUG_TOTP_SECRET to enable TOTP).';\n\n return [\n '',\n 'AIT debug — attach a mini-app to this session',\n '',\n ` relay (wss): ${input.wssUrl}`,\n authNote,\n '',\n ' Use build_attach_url to generate a deep link with the current TOTP code.',\n ' Scan the QR to locate the relay (open the dogfood URL separately with',\n ' ?debug=1&relay=<wss>&at=<code> or use the build_attach_url tool):',\n '',\n qr,\n ].join('\\n');\n}\n\n/* Prints the attach banner to stderr (stdout is the MCP stdio channel). /\nexport async function printAttachBanner(input: AttachBannerInput): Promise<void> {\n const banner = await renderAttachBanner(input);\n process.stderr.write(`${banner}\\n`);\n}\n","/\n @ait-co/devtools debug-mode MCP server (stdio).\n \n Lets an AI coding agent attach to a running mini-app (real Toss WebView, or a\n * browser in dev mode) and read its console/network/DOM/screenshot over CDP plus\n * the AIT.* domain, without a human watching a phone. Transport is CDP-via-Chii:\n * a local Chii relay on an OS-assigned port (default 0) exposed through a\n * cloudflared quick tunnel; the phone attaches over the public wss URL.\n \n AI host --stdio--> this server --CDP client WS--> Chii relay :<OS-port>\n * ^-- target WS -- phone\n \n Port 0 (default): the OS picks a free ephemeral port on every startup.\n * This prevents EADDRINUSE when a stale cloudflared child (orphaned after\n * SIGKILL, PPID 1) still holds a fixed port — which previously caused the MCP\n * handshake to fail with -32000. With port 0 any orphaned cloudflared is\n * harmless; the new relay always gets a fresh port.\n \n Best-effort child cleanup: SIGINT/SIGTERM/SIGHUP handlers call shutdown() to\n * stop cloudflared and the relay. uncaughtException/unhandledRejection also\n * call shutdown() before exit. SIGKILL cannot be intercepted by Node, so\n * cloudflared orphans from SIGKILL remain (port 0 makes them harmless). Users\n * can clean up manually: `pkill -f 'cloudflared.trycloudflare'`.\n \n * The tool layer reads from an injectable `CdpConnection` (CDP) and `AitSource`\n * (AIT.), so every tool is unit-testable with a fake (no phone). This module\n wires the live pieces (relay + tunnel + production connection); the phone\n * roundtrip is fully wired and pending only on-device acceptance.\n \n Dynamic tool registration (issue #208):\n * The server advertises `listChanged: true` so MCP clients can subscribe to\n * `notifications/tools/list_changed`. Before any page attaches, only bootstrap\n * tools (`build_attach_url`, `list_pages`) are listed. Once a target appears,\n * the full attach-dependent tool set is added and a `list_changed` notification\n * is sent — without requiring a session restart. `runDebugServer` and\n * `runLocalDebugServer` start a polling watcher that detects the 0→N target\n * transition and calls `server.sendToolListChanged()`.\n \n Note: `src/mcp/server.ts` (dev mode, HTTP mock-state) is NOT subject to this\n * model — it has no attach concept and always exposes the full tool surface.\n \n Node-only.\n /\n\nimport { Server } from '@modelcontextprotocol/sdk/server/index.js';\nimport { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';\nimport { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';\nimport { ChiiAitSource } from './ait-chii-source.js';\nimport type { AitSource } from './ait-source.js';\nimport type { CdpConnection } from './cdp-connection.js';\nimport { ChiiCdpConnection } from './chii-connection.js';\nimport { startChiiRelay } from './chii-relay.js';\nimport { LocalCdpConnection } from './local-connection.js';\nimport { launchChromium } from './local-launcher.js';\nimport { type QrHttpServer, startQrHttpServer } from './qr-http-server.js';\nimport {\n BOOTSTRAP_TOOL_NAMES,\n buildAttachUrl,\n callSdk,\n canOpenBrowser,\n DEBUG_TOOL_DEFINITIONS,\n evaluate,\n getDomDocument,\n getMockState,\n getOperationalEnvironment,\n getSdkCallHistory,\n isAitToolName,\n isDebugToolName,\n listConsoleMessages,\n listExceptions,\n listNetworkRequests,\n listPages,\n measureSafeArea,\n openQrInBrowser,\n type TunnelStatus,\n takeScreenshot,\n takeSnapshot,\n} from './tools.js';\nimport { verifyTotp } from './totp.js';\nimport {\n generateAttachToken,\n printAttachBanner,\n type QuickTunnel,\n renderQr,\n startQuickTunnel,\n} from './tunnel.js';\n\n/* Live infra the connection reads tunnel status from. /\nexport interface DebugServerDeps {\n connection: CdpConnection;\n /* AIT.* domain source — forwarded over the same Chii channel in production. /\n aitSource: AitSource;\n /* Returns current tunnel status (URL changes per spawn). /\n getTunnelStatus(): TunnelStatus;\n /\n Maximum time in ms to wait for a page to attach when `wait_for_attach=true`.\n * Default 90 000 ms. Exposed for testing so tests can use a small value without\n * fake timers (which conflict with MCP SDK's own timeouts).\n /\n waitForAttachTimeoutMs?: number;\n /\n 로컬 QR HTTP 서버 — `build_attach_url` tool이 브라우저로 열 HTTP URL을 제공.\n * 없으면 text QR fallback으로만 동작 (GUI 없는 환경 호환).\n /\n qrHttpServer?: QrHttpServer;\n}\n\n/\n Builds the debug-mode MCP server around an injected CDP connection + AIT\n * source + tunnel status getter. Pure wiring — does not start a relay or\n * tunnel, which is what makes the tool surface unit-testable.\n \n `tools/list` is two-tiered (issue #208):\n * - bootstrap (always): `build_attach_url`, `list_pages`\n * - attach-dependent (after `connection.listTargets().length > 0`): all others\n \n `CallTool` is NOT tiered — hidden tools still execute (attach errors surface\n * naturally via `enableDomains`). The tier only controls visibility.\n /\nexport function createDebugServer(deps: DebugServerDeps): Server {\n const {\n connection,\n aitSource,\n getTunnelStatus,\n waitForAttachTimeoutMs = 90_000,\n qrHttpServer,\n } = deps;\n\n const server = new Server(\n { name: 'ait-debug', version: __VERSION__ },\n // listChanged: true — the server emits notifications/tools/list_changed when\n // a page attaches (0→N target transition), promoted attach-dependent tools.\n { capabilities: { tools: { listChanged: true } } },\n );\n\n server.setRequestHandler(ListToolsRequestSchema, () => {\n const attached = connection.listTargets().length > 0;\n const tools = attached\n ? DEBUG_TOOL_DEFINITIONS.map((tool) => ({ ...tool }))\n : DEBUG_TOOL_DEFINITIONS.filter((tool) => BOOTSTRAP_TOOL_NAMES.has(tool.name)).map(\n (tool) => ({ ...tool }),\n );\n return { tools };\n });\n\n server.setRequestHandler(CallToolRequestSchema, async (request) => {\n const name = request.params.name;\n if (!isDebugToolName(name)) {\n return {\n content: [{ type: 'text', text: `Unknown tool: ${name}` }],\n isError: true,\n };\n }\n\n // AIT. tools are served by the AIT source. In production it rides the same\n // Chii websocket as CDP, so the connection must be attached first; the AIT\n // source's sendCommand rejects with a clear message if no page is attached.\n if (isAitToolName(name)) {\n try {\n await connection.enableDomains();\n switch (name) {\n case 'AIT.getSdkCallHistory':\n return jsonResult(await getSdkCallHistory(aitSource));\n case 'AIT.getMockState':\n return jsonResult(await getMockState(aitSource));\n case 'AIT.getOperationalEnvironment':\n return jsonResult(await getOperationalEnvironment(aitSource));\n default:\n return unknownTool(name);\n }\n } catch (err) {\n return errorResult(err, name);\n }\n }\n\n // build_attach_url is pure synthesis (scheme URL + relay URL → deep link).\n // It works before any page attaches, so it must not require enableDomains.\n if (name === 'build_attach_url') {\n const schemeUrl = request.params.arguments?.scheme_url;\n if (typeof schemeUrl !== 'string' \|\| schemeUrl === '') {\n return {\n content: [{ type: 'text', text: 'build_attach_url requires a non-empty scheme_url.' }],\n isError: true,\n };\n }\n const waitForAttach = request.params.arguments?.wait_for_attach === true;\n // open_in_browser defaults to true when not explicitly set.\n const openInBrowser = request.params.arguments?.open_in_browser !== false;\n\n try {\n const { attachUrl, relayUrl, authorityWarning } = buildAttachUrl(\n schemeUrl,\n getTunnelStatus(),\n );\n\n // Prepend a non-fatal authority warning when the scheme URL host looks wrong.\n const warningPrefix = authorityWarning ? `⚠️ scheme_url 경고: ${authorityWarning}\\n\\n` : '';\n\n const header =\n 'This tool result is shown to the user directly — do NOT re-print the QR below in your reply (it wastes output tokens). Just tell the user to scan the QR in this output (Ctrl+O to expand if collapsed).';\n\n // Try to open QR in browser when requested, a GUI is available, and the HTTP server is up.\n if (openInBrowser && canOpenBrowser() && qrHttpServer) {\n const httpUrl = qrHttpServer.buildAttachPageUrl(attachUrl);\n const pngUrl = `http://127.0.0.1:${qrHttpServer.port}/qr.png?u=${encodeURIComponent(attachUrl)}`;\n\n const browserResult = await openQrInBrowser(httpUrl, pngUrl);\n\n if (browserResult.opened) {\n // Opened successfully — HTTP URL을 사용자에게 명시.\n // SECRET-HANDLING: attachUrl은 httpUrl query string 안에 있고, tool result에는 httpUrl만 노출.\n const shortText =\n `${warningPrefix}${header}\\n` +\n `${JSON.stringify({ relayUrl }, null, 2)}\\n\\n` +\n `브라우저에서 QR을 열었습니다. 폰 카메라로 스캔하세요.\\n` +\n `URL: ${browserResult.httpUrl}`;\n\n if (!waitForAttach) {\n return { content: [{ type: 'text' as const, text: shortText }] };\n }\n\n // wait_for_attach path (browser opened).\n const POLL_INTERVAL_MS = 1000;\n const TIMEOUT_MS = waitForAttachTimeoutMs;\n const deadline = Date.now() + TIMEOUT_MS;\n let attachedPages: ReturnType<CdpConnection['listTargets']> = [];\n while (Date.now() < deadline) {\n attachedPages = connection.listTargets();\n if (attachedPages.length > 0) break;\n await new Promise<void>((r) => setTimeout(r, POLL_INTERVAL_MS));\n }\n\n if (attachedPages.length === 0) {\n return {\n content: [\n {\n type: 'text' as const,\n text:\n `${shortText}\\n\\nNo page attached within ${TIMEOUT_MS / 1000}s — ` +\n 'call list_pages to retry.',\n },\n ],\n isError: true,\n };\n }\n\n const pagesResult = listPages(connection, getTunnelStatus());\n return {\n content: [\n {\n type: 'text' as const,\n text: `${shortText}\\n\\n${JSON.stringify(pagesResult, null, 2)}`,\n },\n ],\n };\n }\n\n // Browser open failed — URL + stderr 안내 후 text QR fallback.\n const stderrNote = browserResult.stderrSummary\n ? `\\nstderr: ${browserResult.stderrSummary}`\n : '';\n const fallbackNote =\n `브라우저 자동 열기에 실패했습니다. 다음 URL을 직접 브라우저에서 여세요:\\n` +\n `${browserResult.httpUrl}\\n` +\n `또는 PNG로 받기: ${browserResult.pngUrl}` +\n stderrNote +\n '\\n\\n';\n const qr = await renderQr(attachUrl);\n const baseText = `${warningPrefix}${fallbackNote}${header}\\n${JSON.stringify({ attachUrl, relayUrl }, null, 2)}\\n\\n${qr}`;\n\n if (!waitForAttach) {\n return { content: [{ type: 'text' as const, text: baseText }] };\n }\n\n // wait_for_attach + fallback path.\n const POLL_INTERVAL_MS_FB = 1000;\n const TIMEOUT_MS_FB = waitForAttachTimeoutMs;\n const deadline2 = Date.now() + TIMEOUT_MS_FB;\n let attachedPagesFb: ReturnType<CdpConnection['listTargets']> = [];\n while (Date.now() < deadline2) {\n attachedPagesFb = connection.listTargets();\n if (attachedPagesFb.length > 0) break;\n await new Promise<void>((r) => setTimeout(r, POLL_INTERVAL_MS_FB));\n }\n\n if (attachedPagesFb.length === 0) {\n return {\n content: [\n {\n type: 'text' as const,\n text:\n `${baseText}\\n\\nNo page attached within ${TIMEOUT_MS_FB / 1000}s — ` +\n 'call list_pages to retry.',\n },\n ],\n isError: true,\n };\n }\n\n const pagesResultFb = listPages(connection, getTunnelStatus());\n return {\n content: [\n {\n type: 'text' as const,\n text: `${baseText}\\n\\n${JSON.stringify(pagesResultFb, null, 2)}`,\n },\n ],\n };\n }\n\n // open_in_browser=false or no GUI available or no HTTP server: text QR fallback.\n const qr = await renderQr(attachUrl);\n const baseText = `${warningPrefix}${header}\\n${JSON.stringify({ attachUrl, relayUrl }, null, 2)}\\n\\n${qr}`;\n\n if (!waitForAttach) {\n return {\n content: [{ type: 'text' as const, text: baseText }],\n };\n }\n\n // wait_for_attach=true: poll listTargets until a page attaches or timeout.\n // enableDomains is NOT called here — listTargets is a buffered target list\n // read and does not require domain negotiation.\n const POLL_INTERVAL_MS = 1000;\n const TIMEOUT_MS = waitForAttachTimeoutMs;\n const deadline = Date.now() + TIMEOUT_MS;\n let attachedPages: ReturnType<CdpConnection['listTargets']> = [];\n while (Date.now() < deadline) {\n attachedPages = connection.listTargets();\n if (attachedPages.length > 0) break;\n await new Promise<void>((r) => setTimeout(r, POLL_INTERVAL_MS));\n }\n\n if (attachedPages.length === 0) {\n return {\n content: [\n {\n type: 'text' as const,\n text:\n `${baseText}\\n\\nNo page attached within ${TIMEOUT_MS / 1000}s — ` +\n 'call list_pages to retry.',\n },\n ],\n isError: true,\n };\n }\n\n const pagesResult = listPages(connection, getTunnelStatus());\n return {\n content: [\n {\n type: 'text' as const,\n text: `${baseText}\\n\\n${JSON.stringify(pagesResult, null, 2)}`,\n },\n ],\n };\n } catch (err) {\n return errorResult(err, name);\n }\n }\n\n try {\n // Ensure CDP domains are enabled before reading. No-op once attached;\n // throws a clear message while no page is attached yet.\n await connection.enableDomains();\n } catch (err) {\n const message = err instanceof Error ? err.message : String(err);\n if (name === 'list_pages') {\n // list_pages is still useful pre-attach: report tunnel + empty pages.\n return jsonResult(listPages(connection, getTunnelStatus()));\n }\n return {\n content: [\n {\n type: 'text',\n text: `${message}\\nCall list_pages to confirm a mini-app has attached over the relay.`,\n },\n ],\n isError: true,\n };\n }\n\n try {\n switch (name) {\n case 'list_console_messages':\n return jsonResult(listConsoleMessages(connection));\n case 'list_exceptions': {\n const rawLimit = request.params.arguments?.limit;\n const limit = typeof rawLimit === 'number' && rawLimit > 0 ? rawLimit : 50;\n return jsonResult({ exceptions: listExceptions(connection, limit) });\n }\n case 'list_network_requests':\n return jsonResult(listNetworkRequests(connection));\n case 'list_pages':\n return jsonResult(listPages(connection, getTunnelStatus()));\n case 'get_dom_document':\n return jsonResult(await getDomDocument(connection));\n case 'take_snapshot':\n return jsonResult(await takeSnapshot(connection));\n case 'take_screenshot': {\n const shot = await takeScreenshot(connection);\n return {\n content: [{ type: 'image' as const, data: shot.data, mimeType: shot.mimeType }],\n };\n }\n case 'measure_safe_area':\n return jsonResult(await measureSafeArea(connection));\n case 'evaluate': {\n const expression = request.params.arguments?.expression;\n if (typeof expression !== 'string' \|\| expression === '') {\n return {\n content: [\n { type: 'text' as const, text: 'evaluate requires a non-empty expression.' },\n ],\n isError: true,\n };\n }\n // SECRET-HANDLING: do not log expression or result value.\n return jsonResult(await evaluate(connection, expression));\n }\n case 'call_sdk': {\n const sdkName = request.params.arguments?.name;\n if (typeof sdkName !== 'string' \|\| sdkName === '') {\n return {\n content: [{ type: 'text' as const, text: 'call_sdk requires a non-empty name.' }],\n isError: true,\n };\n }\n const rawArgs = request.params.arguments?.args;\n const sdkArgs: unknown[] = Array.isArray(rawArgs) ? rawArgs : [];\n // SECRET-HANDLING: do not log name, args, or result value.\n return jsonResult(await callSdk(connection, sdkName, sdkArgs));\n }\n default:\n return unknownTool(name);\n }\n } catch (err) {\n return errorResult(err, name);\n }\n });\n\n return server;\n}\n\nfunction jsonResult(value: unknown) {\n return { content: [{ type: 'text' as const, text: JSON.stringify(value, null, 2) }] };\n}\n\nfunction unknownTool(name: string) {\n return { content: [{ type: 'text' as const, text: `Unknown tool: ${name}` }], isError: true };\n}\n\nfunction errorResult(err: unknown, name: string) {\n const message = err instanceof Error ? err.message : String(err);\n return {\n content: [\n {\n type: 'text' as const,\n text: `${name} failed: ${message}\\nCall list_pages to confirm a mini-app has attached over the relay.`,\n },\n ],\n isError: true,\n };\n}\n\n/*\n Starts a polling watcher that detects the first 0→N target transition on\n * `connection.listTargets()` and sends a `notifications/tools/list_changed`\n * notification on the given server.\n \n The watcher polls every `intervalMs` (default 1 000 ms). It fires\n * `server.sendToolListChanged()` exactly once — on the first transition — then\n * clears itself. Shutdown calls `stop()` to clear the interval.\n \n SECRET-HANDLING: target `id`/`title`/`url` are not written to any log here.\n * Only an attach-detected stderr line is emitted (no target details).\n \n @returns `stop` — call this during shutdown to clear the interval.\n /\nexport function startAttachWatcher(\n connection: CdpConnection,\n server: Server,\n intervalMs = 1_000,\n): { stop(): void } {\n let wasAttached = connection.listTargets().length > 0;\n // If already attached when the watcher starts, send once immediately.\n if (wasAttached) {\n void server.sendToolListChanged();\n }\n\n const handle = setInterval(() => {\n const isAttached = connection.listTargets().length > 0;\n if (!wasAttached && isAttached) {\n wasAttached = true;\n // Emit once on 0→N transition so the MCP client refreshes its tool list.\n void server.sendToolListChanged();\n clearInterval(handle);\n }\n }, intervalMs);\n\n return {\n stop() {\n clearInterval(handle);\n },\n };\n}\n\nexport interface RunDebugServerOptions {\n /\n Local Chii relay port. Default 0 (OS-assigned ephemeral port).\n \n Passing 0 lets the OS choose a free port on each startup — this prevents\n * EADDRINUSE when a stale cloudflared orphan still holds a fixed port (the\n * root cause of -32000 MCP handshake failures). Pass an explicit port number\n * only when a fixed port is specifically required (backwards-compatible).\n /\n relayPort?: number;\n}\n\n/\n Reads `AIT_DEBUG_TOTP_SECRET` from `process.env` at runtime and builds a\n * `verifyAuth` predicate for the Chii relay's WebSocket upgrade gate.\n \n The predicate checks the `at` query parameter against the current and\n * adjacent TOTP time steps (±1 skew) using `verifyTotp`.\n \n Returns `undefined` when the env var is not set — callers treat that as\n * \"auth disabled\" (no predicate registered on the relay).\n \n SECRET-HANDLING: The secret value read from env is captured in a closure and\n * is NEVER written to any log, error message, or process output.\n /\nexport function buildRelayVerifyAuth():\n \| ((req: import('node:http').IncomingMessage) => boolean)\n \| undefined {\n const secret = process.env.AIT_DEBUG_TOTP_SECRET;\n if (!secret) return undefined;\n\n return (req) => {\n // Parse the `at` query param from the upgrade request URL.\n // req.url is the raw request path + query, e.g. `/client/id?target=…&at=123456`\n const rawUrl = req.url ?? '';\n const qIndex = rawUrl.indexOf('?');\n const queryStr = qIndex === -1 ? '' : rawUrl.slice(qIndex + 1);\n const params = new URLSearchParams(queryStr);\n const code = params.get('at') ?? '';\n\n // Do NOT log `code`, `secret`, or any derived value here.\n return verifyTotp(secret, code);\n };\n}\n\n/\n Boots the live debug stack and serves it over stdio:\n * 1. start the Chii relay on an OS-assigned port (with TOTP auth if\n * AIT_DEBUG_TOTP_SECRET is set),\n * 2. open a cloudflared quick tunnel to the relay's confirmed port,\n * 3. print relay URL + attach instructions,\n * 4. expose the debug tools backed by a `ChiiCdpConnection` + `ChiiAitSource`.\n /\nexport async function runDebugServer(options: RunDebugServerOptions = {}): Promise<void> {\n // Default 0: OS picks a free port. Prevents EADDRINUSE from stale cloudflared\n // orphans (SIGKILL survivors) that would otherwise block a fixed port and\n // cause -32000 MCP handshake failures on reconnect.\n const relayPort = options.relayPort ?? 0;\n\n // Build the TOTP verifyAuth predicate from env at startup (runtime read).\n const verifyAuth = buildRelayVerifyAuth();\n const totpEnabled = verifyAuth !== undefined;\n\n const relay = await startChiiRelay({ port: relayPort, verifyAuth });\n // relay.port is the actual OS-assigned port (may differ from relayPort when 0).\n\n let tunnel: QuickTunnel \| null = null;\n let tunnelStatus: TunnelStatus = { up: false, wssUrl: null };\n // generateAttachToken is kept for legacy/non-TOTP token use, but we no\n // longer print it in the banner to avoid accidental secret exposure.\n const _token = generateAttachToken();\n\n // Bring the cloudflared tunnel up in the background so the MCP stdio\n // transport can answer `initialize` immediately. cloudflared has to lazy-\n // download a ~38 MB binary on first run; awaiting it here pushes the\n // initialize response past Claude Code's MCP connection timeout. Tools that\n // need the tunnel (`build_attach_url`) already gate on `getTunnelStatus()`\n // and return a clear \"tunnel not up\" message when it isn't ready yet, so\n // dropping the await is safe — the agent retries once the banner prints.\n const tunnelReady = startQuickTunnel(relay.port).then(\n (t) => {\n tunnel = t;\n tunnelStatus = { up: true, wssUrl: t.wssUrl };\n return printAttachBanner({ wssUrl: t.wssUrl, totpEnabled });\n },\n (err) => {\n const message = err instanceof Error ? err.message : String(err);\n process.stderr.write(\n `[ait-debug] Failed to open cloudflared quick tunnel: ${message}\\n` +\n '[ait-debug] The relay is up locally; attach over the public URL is unavailable until the tunnel starts.\\n',\n );\n },\n );\n // Reference the promise to placate the linter — actual completion is observed\n // via the side-effects on `tunnelStatus` from inside `.then`.\n void tunnelReady;\n\n const connection = new ChiiCdpConnection({ relayBaseUrl: relay.baseUrl });\n // AIT. methods ride the same Chii channel as CDP commands.\n const aitSource = new ChiiAitSource(connection);\n\n // 로컬 QR HTTP 서버를 await로 시작 — build_attach_url 첫 호출이 qrHttpServer 확인 전에\n // 도달하는 race를 없애기 위해 cloudflared(fire-and-forget)와 달리 동기 await 사용.\n // GUI 없는 환경에서는 startQrHttpServer가 실패해도 text QR fallback으로 동작한다.\n let qrServer: QrHttpServer \| undefined;\n try {\n qrServer = await startQrHttpServer();\n } catch (err: unknown) {\n const message = err instanceof Error ? err.message : String(err);\n process.stderr.write(\n `[ait-debug] QR HTTP 서버 시작 실패 (text QR fallback 사용): ${message}\\n`,\n );\n }\n\n const server = createDebugServer({\n connection,\n aitSource,\n getTunnelStatus: () => tunnelStatus,\n get qrHttpServer() {\n return qrServer;\n },\n });\n\n const transport = new StdioServerTransport();\n\n // ---------------------------------------------------------------------------\n // Shutdown: best-effort cleanup of relay + cloudflared child process.\n //\n // SIGKILL cannot be intercepted — cloudflared may remain orphaned (PPID 1).\n // Port 0 makes such orphans harmless: the next startup gets a fresh port.\n // Manual cleanup if needed: `pkill -f 'cloudflared.trycloudflare'`\n // ---------------------------------------------------------------------------\n\n let closed = false;\n let attachWatcher: { stop(): void } \| null = null;\n\n const shutdown = () => {\n // Idempotent: multiple simultaneous signals/exit/uncaught calls run only once.\n if (closed) return;\n closed = true;\n\n attachWatcher?.stop();\n connection.close();\n // tunnel.stop() is synchronous (child process kill) — safe from exit handler.\n tunnel?.stop();\n // relay.close(), server.close(), qrServer.close() are async — fine for signal handlers.\n void relay.close();\n void server.close();\n void qrServer?.close();\n };\n\n // Graceful termination signals.\n process.once('SIGINT', shutdown);\n process.once('SIGTERM', shutdown);\n // SIGHUP: terminal hangup / parent process exit.\n process.once('SIGHUP', shutdown);\n\n // Synchronous-only cleanup on process.exit (async calls are silently ignored\n // by Node at this stage — only tunnel.stop() which is a sync child kill).\n process.on('exit', () => {\n if (!closed) {\n closed = true;\n attachWatcher?.stop();\n tunnel?.stop();\n }\n });\n\n // Crash safety: shutdown before exiting so cloudflared is killed even on\n // unhandled errors. Covers cases where no signal is delivered (e.g. thrown\n // exception in async code that wasn't caught).\n process.on('uncaughtException', (err) => {\n process.stderr.write(`[ait-debug] uncaughtException: ${String(err)}\\n`);\n shutdown();\n process.exit(1);\n });\n\n process.on('unhandledRejection', (reason) => {\n process.stderr.write(`[ait-debug] unhandledRejection: ${String(reason)}\\n`);\n shutdown();\n process.exit(1);\n });\n\n await server.connect(transport);\n\n // Start the attach watcher after the transport is connected so\n // sendToolListChanged has a live session to notify.\n attachWatcher = startAttachWatcher(connection, server);\n}\n\nexport interface RunLocalDebugServerOptions {\n /\n CDP remote debugging port for the local Chromium. Default 0 (OS-assigned).\n * Uses an ephemeral free port when 0, avoiding EADDRINUSE on reconnect.\n /\n cdpPort?: number;\n /\n URL to open in the launched browser. Defaults to `AIT_DEVTOOLS_URL` env var\n * or `http://localhost:5173`.\n /\n devUrl?: string;\n}\n\n/\n Boots the local-browser debug stack and serves it over stdio:\n * 1. launch a local Chromium with `--remote-debugging-port=<port>`,\n * 2. attach a `LocalCdpConnection` to the first non-blank page target,\n * 3. expose the debug tools backed by that connection + a `ChiiAitSource`.\n \n `build_attach_url` (relay-specific, generates a deep-link + QR for the phone)\n * is not applicable in local mode because there is no relay or tunnel. The tool\n * is still listed (it is part of `DEBUG_TOOL_DEFINITIONS`) but will return a\n * clear \"not applicable\" message via the tunnel-down path (wssUrl is null).\n \n The AIT.* tools (`AIT.getSdkCallHistory`, `AIT.getMockState`,\n * `AIT.getOperationalEnvironment`) ride the same CDP channel via\n * `ChiiAitSource` → `LocalCdpConnection.sendCommand`. They will succeed once\n * the sdk-example dev-bridge (`window.__sdkCall` install) lands in sdk-example;\n * until then they return the sdk-example \"bridge absent\" message — which is\n * expected and noted in the PR as an explicit out-of-scope follow-up.\n /\nexport async function runLocalDebugServer(options: RunLocalDebugServerOptions = {}): Promise<void> {\n const cdpPort = options.cdpPort ?? 0;\n const devUrl = options.devUrl ?? process.env.AIT_DEVTOOLS_URL ?? 'http://localhost:5173';\n\n const chromium = await launchChromium({ port: cdpPort, devUrl });\n\n // Give Chromium a moment to start the CDP endpoint before we connect.\n // 800 ms is enough on most machines; the connection retries if it fails.\n await new Promise<void>((r) => setTimeout(r, 800));\n\n const connection = new LocalCdpConnection({ devtoolsHttpUrl: chromium.devtoolsUrl });\n // AIT. methods ride the same CDP channel via LocalCdpConnection.sendCommand.\n const aitSource = new ChiiAitSource(connection);\n\n // Local mode has no relay tunnel — tunnelStatus is always \"down\" which causes\n // build_attach_url to return a clear \"tunnel not up\" error, communicating to\n // the agent that this tool is relay-only.\n const tunnelStatus: TunnelStatus = { up: false, wssUrl: null };\n\n const server = createDebugServer({\n connection,\n aitSource,\n getTunnelStatus: () => tunnelStatus,\n });\n\n const transport = new StdioServerTransport();\n\n let closed = false;\n let attachWatcher: { stop(): void } \| null = null;\n\n const shutdown = () => {\n if (closed) return;\n closed = true;\n attachWatcher?.stop();\n connection.close();\n chromium.stop();\n void server.close();\n };\n\n process.once('SIGINT', shutdown);\n process.once('SIGTERM', shutdown);\n process.once('SIGHUP', shutdown);\n\n process.on('exit', () => {\n if (!closed) {\n closed = true;\n attachWatcher?.stop();\n chromium.stop();\n }\n });\n\n process.on('uncaughtException', (err) => {\n process.stderr.write(`[ait-local-debug] uncaughtException: ${String(err)}\\n`);\n shutdown();\n process.exit(1);\n });\n\n process.on('unhandledRejection', (reason) => {\n process.stderr.write(`[ait-local-debug] unhandledRejection: ${String(reason)}\\n`);\n shutdown();\n process.exit(1);\n });\n\n await server.connect(transport);\n\n // Start the attach watcher after the transport is connected so\n // sendToolListChanged has a live session to notify.\n attachWatcher = startAttachWatcher(connection, server);\n}\n","/*\n Dev-mode `AitSource` — backed by the Vite dev server's mock-state endpoint.\n \n The dev server already exposes the live browser mock state at\n * `GET /api/ait-devtools/state` (registered by the unplugin with `mcp: true`).\n * Phase 3 aligns dev mode and debug mode on the same `AIT.` tool surface, so\n dev mode serves those tools off this one HTTP source instead of a CDP channel:\n \n - `AIT.getMockState` → the full state snapshot (verbatim).\n * - `AIT.getOperationalEnvironment` → derived from the snapshot's\n * `environment` + `appVersion` fields.\n * - `AIT.getSdkCallHistory` → empty (the dev endpoint does not record\n * an SDK call trace — honest, not faked).\n \n An AI agent thus sees the same `AIT.getMockState` tool whether attached to a\n * phone (debug) or a dev browser (dev). Tests inject a fake `fetch`.\n /\n\nimport type {\n AitMethodMap,\n AitMethodName,\n AitMockState,\n AitOperationalEnvironment,\n AitSdkCallHistory,\n AitSource,\n} from './ait-source.js';\n\n/* Minimal `fetch` shape this source needs (injectable in tests). /\nexport type FetchLike = (url: string) => Promise<{\n ok: boolean;\n status: number;\n statusText: string;\n json(): Promise<unknown>;\n}>;\n\nexport interface HttpAitSourceOptions {\n /* Full URL of the mock-state endpoint, e.g. `http://localhost:5173/api/ait-devtools/state`. /\n stateEndpoint: string;\n /* Injected for tests; defaults to global `fetch`. /\n fetchImpl?: FetchLike;\n}\n\nfunction isObject(value: unknown): value is Record<string, unknown> {\n return typeof value === 'object' && value !== null;\n}\n\nexport class HttpAitSource implements AitSource {\n private readonly stateEndpoint: string;\n private readonly fetchImpl: FetchLike;\n\n constructor(options: HttpAitSourceOptions) {\n this.stateEndpoint = options.stateEndpoint;\n this.fetchImpl = options.fetchImpl ?? ((url) => fetch(url));\n }\n\n private async fetchState(): Promise<AitMockState> {\n const res = await this.fetchImpl(this.stateEndpoint);\n if (!res.ok) {\n throw new Error(\n `Failed to fetch mock state from ${this.stateEndpoint}: HTTP ${res.status} ${res.statusText}. ` +\n 'Ensure the Vite dev server is running with the @ait-co/devtools unplugin option `mcp: true`.',\n );\n }\n const body = await res.json();\n return isObject(body) ? body : {};\n }\n\n async get<M extends AitMethodName>(method: M): Promise<AitMethodMap[M]> {\n switch (method) {\n case 'AIT.getMockState': {\n const state = await this.fetchState();\n return state as AitMethodMap[M];\n }\n case 'AIT.getOperationalEnvironment': {\n const state = await this.fetchState();\n const environment = typeof state.environment === 'string' ? state.environment : 'unknown';\n const sdkVersion = typeof state.appVersion === 'string' ? state.appVersion : null;\n const result: AitOperationalEnvironment = { environment, sdkVersion };\n return result as AitMethodMap[M];\n }\n case 'AIT.getSdkCallHistory': {\n // sdkCallLog slice is now part of the mock state pushed by the browser panel.\n // Read it from the state snapshot rather than returning an empty stub.\n const state = await this.fetchState();\n const raw = state.sdkCallLog;\n const calls = Array.isArray(raw) ? (raw as AitSdkCallHistory['calls']) : [];\n const result: AitSdkCallHistory = { calls };\n return result as AitMethodMap[M];\n }\n default:\n throw new Error(`Unknown AIT method: ${String(method)}`);\n }\n }\n}\n","/\n @ait-co/devtools dev-mode MCP server (stdio).\n \n Exposes the live browser mock state from a running Vite dev server to AI\n * coding agents via the Model Context Protocol (MCP).\n \n Architecture:\n * Browser (aitState) → Vite dev server endpoint (/api/ait-devtools/state)\n * ← HTTP GET ← this stdio MCP server ← AI agent\n \n The Vite endpoint is registered by the unplugin when `mcp: true` is set in\n * the plugin options (see `src/unplugin/index.ts`).\n \n Phase 3 tool-surface alignment: dev mode and debug mode now expose the same\n * `AIT.` tools (`AIT.getMockState`, `AIT.getOperationalEnvironment`,\n `AIT.getSdkCallHistory`). In dev mode they are backed by the HTTP mock-state\n * endpoint (see `HttpAitSource`); in debug mode by the Chii channel. So an AI\n * sees a coherent tool whether attached to a phone (debug) or a dev browser\n * (dev). `devtools_get_mock_state` (the original devtools#130 name) is kept as a\n * backward-compatible alias of `AIT.getMockState`.\n \n This module is reached via the `devtools-mcp --mode=dev` CLI entry (see\n * `cli.ts`); the default (no flag) bin mode is the debug-mode CDP/Chii server.\n \n Usage (in your MCP client config, e.g. Claude Desktop):\n * {\n * \"mcpServers\": {\n * \"ait-devtools\": {\n * \"command\": \"pnpm\",\n * \"args\": [\"exec\", \"devtools-mcp\", \"--mode=dev\"],\n * \"env\": { \"AIT_DEVTOOLS_URL\": \"http://localhost:5173\" }\n * }\n * }\n * }\n /\n\nimport { Server } from '@modelcontextprotocol/sdk/server/index.js';\nimport { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';\nimport { CallToolRequestSchema, ListToolsRequestSchema } from '@modelcontextprotocol/sdk/types.js';\nimport { HttpAitSource } from './ait-http-source.js';\nimport type { AitSource } from './ait-source.js';\nimport {\n getMockState,\n getOperationalEnvironment,\n getSdkCallHistory,\n isAitToolName,\n} from './tools.js';\n\n/* Tool descriptors served by the dev-mode server. /\nconst DEV_TOOL_DEFINITIONS = [\n {\n name: 'AIT.getMockState',\n description:\n 'Returns the devtools mock state snapshot (window.__ait) from the running browser session — ' +\n 'environment, permissions, location, auth, network, IAP, and more. Read-only. ' +\n 'Requires the Vite dev server running with the @ait-co/devtools unplugin option `mcp: true`. ' +\n 'Same tool as in debug mode, where the in-app side reports it over the AIT domain.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'AIT.getOperationalEnvironment',\n description:\n 'Returns the operational environment + SDK/app version derived from the dev mock state. ' +\n 'Read-only.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'AIT.getSdkCallHistory',\n description:\n 'Returns the SDK call trace. In dev mode the HTTP mock-state endpoint records no trace, so ' +\n 'this returns an empty list; in debug mode it is populated over the AIT domain. Read-only.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n {\n name: 'devtools_get_mock_state',\n description:\n 'Backward-compatible alias of AIT.getMockState (the original devtools#130 name). Returns the ' +\n 'current AIT DevTools mock state snapshot. Read-only. Prefer AIT.getMockState in new configs.',\n inputSchema: { type: 'object', properties: {}, required: [] },\n },\n] as const;\n\nconst DEV_TOOL_NAMES = new Set<string>(DEV_TOOL_DEFINITIONS.map((t) => t.name));\n\nexport interface CreateDevServerDeps {\n /* AIT source for the dev tools. Defaults to an HTTP source over the dev server. /\n aitSource?: AitSource;\n}\n\n/* Builds the dev-mode MCP server (does not connect a transport). /\nexport function createDevServer(deps: CreateDevServerDeps = {}): Server {\n const devtoolsUrl = process.env.AIT_DEVTOOLS_URL ?? 'http://localhost:5173';\n const stateEndpoint = `${devtoolsUrl}/api/ait-devtools/state`;\n const aitSource = deps.aitSource ?? new HttpAitSource({ stateEndpoint });\n\n const server = new Server(\n { name: 'ait-devtools', version: __VERSION__ },\n { capabilities: { tools: {} } },\n );\n\n server.setRequestHandler(ListToolsRequestSchema, () => ({\n tools: DEV_TOOL_DEFINITIONS.map((tool) => ({ ...tool })),\n }));\n\n server.setRequestHandler(CallToolRequestSchema, async (request) => {\n const name = request.params.name;\n if (!DEV_TOOL_NAMES.has(name)) {\n return { content: [{ type: 'text', text: `Unknown tool: ${name}` }], isError: true };\n }\n\n try {\n // `devtools_get_mock_state` is an alias of `AIT.getMockState`.\n const effective = name === 'devtools_get_mock_state' ? 'AIT.getMockState' : name;\n if (!isAitToolName(effective)) {\n return { content: [{ type: 'text', text: `Unknown tool: ${name}` }], isError: true };\n }\n switch (effective) {\n case 'AIT.getMockState':\n return jsonResult(await getMockState(aitSource));\n case 'AIT.getOperationalEnvironment':\n return jsonResult(await getOperationalEnvironment(aitSource));\n case 'AIT.getSdkCallHistory':\n return jsonResult(await getSdkCallHistory(aitSource));\n default:\n return { content: [{ type: 'text', text: `Unknown tool: ${name}` }], isError: true };\n }\n } catch (err) {\n const message = err instanceof Error ? err.message : String(err);\n return {\n content: [\n {\n type: 'text',\n text:\n `${message}\\n` +\n 'Is the Vite dev server running with the @ait-co/devtools unplugin option `mcp: true`? ' +\n 'Is AIT_DEVTOOLS_URL set correctly?',\n },\n ],\n isError: true,\n };\n }\n });\n\n return server;\n}\n\nfunction jsonResult(value: unknown) {\n return { content: [{ type: 'text' as const, text: JSON.stringify(value, null, 2) }] };\n}\n\n/* Builds the dev-mode server and connects it over stdio. /\nexport async function runDevServer(): Promise<void> {\n const server = createDevServer();\n const transport = new StdioServerTransport();\n await server.connect(transport);\n}\n","/\n `devtools-mcp` bin entry.\n \n Single bin, two modes selected by `--mode` and one target selected by\n * `--target`:\n \n --mode=debug (default)\n * --target=relay (default) — CDP/Chii relay + cloudflared quick tunnel.\n * Attach a running mini-app (real Toss WebView, env 2/3) and read its\n * console + network over CDP without a human watching a phone.\n * --target=local — CDP direct-attach to a local Chromium launched by the\n * MCP server (env 1). No relay or tunnel; the browser is launched\n * pointing at AIT_DEVTOOLS_URL (default http://localhost:5173).\n \n --mode=dev — dev mode — reads the live browser mock state from a running\n * Vite dev server (the devtools#130 `devtools_get_mock_state` surface).\n \n Node-only stdio process.\n /\n\nimport { realpathSync } from 'node:fs';\nimport { argv } from 'node:process';\nimport { fileURLToPath } from 'node:url';\nimport { runDebugServer, runLocalDebugServer } from './debug-server.js';\nimport { runDevServer } from './server.js';\n\ntype Mode = 'debug' \| 'dev';\ntype Target = 'relay' \| 'local';\n\n/* Parses `--mode=<value>` / `--mode <value>` from argv; default `debug`. /\nexport function parseMode(argv: readonly string[]): Mode {\n for (let i = 0; i < argv.length; i++) {\n const arg = argv[i];\n if (arg === undefined) continue;\n if (arg.startsWith('--mode=')) {\n return normalizeMode(arg.slice('--mode='.length));\n }\n if (arg === '--mode') {\n const next = argv[i + 1];\n if (next === undefined) {\n throw new Error(\"--mode requires a value: 'debug' (default) or 'dev'.\");\n }\n return normalizeMode(next);\n }\n }\n return 'debug';\n}\n\n/\n Parses `--target=<value>` / `--target <value>` from argv; default `relay`.\n \n Only meaningful when `--mode=debug`:\n * - `relay` — phone/WebView attach over Chii relay + cloudflared tunnel (env 2/3).\n * - `local` — local Chromium CDP attach (env 1, no relay needed).\n /\nexport function parseTarget(argv: readonly string[]): Target {\n for (let i = 0; i < argv.length; i++) {\n const arg = argv[i];\n if (arg === undefined) continue;\n if (arg.startsWith('--target=')) {\n return normalizeTarget(arg.slice('--target='.length));\n }\n if (arg === '--target') {\n const next = argv[i + 1];\n if (next === undefined) {\n throw new Error(\"--target requires a value: 'relay' (default) or 'local'.\");\n }\n return normalizeTarget(next);\n }\n }\n return 'relay';\n}\n\nfunction normalizeMode(value: string): Mode {\n if (value === 'dev') return 'dev';\n if (value === 'debug') return 'debug';\n throw new Error(`Unknown --mode '${value}'. Expected 'debug' (default) or 'dev'.`);\n}\n\nfunction normalizeTarget(value: string): Target {\n if (value === 'relay') return 'relay';\n if (value === 'local') return 'local';\n throw new Error(`Unknown --target '${value}'. Expected 'relay' (default) or 'local'.`);\n}\n\nasync function main(): Promise<void> {\n const args = process.argv.slice(2);\n const mode = parseMode(args);\n if (mode === 'dev') {\n await runDevServer();\n } else {\n const target = parseTarget(args);\n if (target === 'local') {\n await runLocalDebugServer();\n } else {\n await runDebugServer();\n }\n }\n}\n\n/\n True when this file is the process entry (the bin), not an import.\n \n `argv[1]` is whatever path the OS used to launch node — under `npx`/npm's\n * bin shim that's the symlink in `node_modules/.bin/` (or a wrapper), whereas\n * `import.meta.url` resolves to the realpath inside the package. Comparing\n * the two raw paths gives a false negative on every install that goes through\n * a bin shim — exactly the dominant path for `npx -y @ait-co/devtools\n * devtools-mcp`. Resolve `argv[1]` to its realpath before comparing.\n */\nfunction isEntrypoint(): boolean {\n const entry = argv[1];\n if (entry === undefined) return false;\n try {\n return fileURLToPath(import.meta.url) === realpathSync(entry);\n } catch {\n return false;\n }\n}\n\nif (isEntrypoint()) {\n main().catch((err: unknown) => {\n const message = err instanceof Error ? err.message : String(err);\n process.stderr.write(`[devtools-mcp] fatal: ${message}\\n`);\n process.exitCode = 1;\n });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAgCA,SAASA,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;;AAIhD,SAAS,iBAAiB,KAAiC;AACzD,KAAIA,WAAS,IAAI,IAAI,MAAM,QAAQ,IAAI,MAAM,CAC3C,QAAO,EAAE,OAAO,IAAI,OAAqC;AAE3D,QAAO,EAAE,OAAO,EAAE,EAAE;;;AAItB,SAAS,YAAY,KAA4B;AAC/C,QAAOA,WAAS,IAAI,GAAG,MAAM,EAAE;;;AAIjC,SAAS,yBAAyB,KAAyC;AAIzE,QAAO;EAAE,aAFPA,WAAS,IAAI,IAAI,OAAO,IAAI,gBAAgB,WAAW,IAAI,cAAc;EAErD,YADHA,WAAS,IAAI,IAAI,OAAO,IAAI,eAAe,WAAW,IAAI,aAAa;EACxD;;AAGpC,IAAa,gBAAb,MAAgD;CAC9C,YAAY,QAA2C;AAA1B,OAAA,SAAA;;CAE7B,MAAM,IAA6B,QAAqC;EACtE,MAAM,MAAM,MAAM,KAAK,OAAO,YAAY,OAAO;AAGjD,UAAQ,QAAR;GACE,KAAK,wBACH,QAAO,iBAAiB,IAAI;GAC9B,KAAK,mBACH,QAAO,YAAY,IAAI;GACzB,KAAK,gCACH,QAAO,yBAAyB,IAAI;GACtC,QACE,OAAM,IAAI,MAAM,uBAAuB,OAAO,OAAO,GAAG;;;;;;;;;;;;;;;;;;;;AC9ChE,MAAMC,wBAAsB;AA4B5B,SAASC,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;AAGhD,SAASC,eAAa,KAAuC;CAC3D,IAAI;AACJ,KAAI;AACF,WAAS,KAAK,MAAM,IAAI;SAClB;AACN,SAAO;;AAET,KAAI,CAACD,WAAS,OAAO,CAAE,QAAO;CAC9B,MAAM,UAA6B,EAAE;AACrC,KAAI,OAAO,OAAO,OAAO,SAAU,SAAQ,KAAK,OAAO;AACvD,KAAI,OAAO,OAAO,WAAW,SAAU,SAAQ,SAAS,OAAO;AAC/D,KAAI,YAAY,OAAQ,SAAQ,SAAS,OAAO;AAChD,KAAI,YAAY,OAAQ,SAAQ,SAAS,OAAO;AAChD,KAAIA,WAAS,OAAO,MAAM,IAAI,OAAO,OAAO,MAAM,YAAY,SAC5D,SAAQ,QAAQ,EAAE,SAAS,OAAO,MAAM,SAAS;AAEnD,QAAO;;AAGT,MAAME,mBAA0C;CAC9C;CACA;CACA;CACD;;;;;;;;;;;;;;;AAgBD,MAAM,wBAAwB;;AAgB9B,MAAM,6BAA6B;;;;;AAMnC,IAAa,oBAAb,MAAwD;CACtD;CACA;CACA;CACA,UAA2B,IAAI,cAAc;CAC7C,0BAA2B,IAAI,KAA8B;CAC7D,0BAA2B,IAAI,KAAwB;CAEvD,KAA+B;CAC/B,kBAAiE;CACjE,gBAAwB;;;;;;CAMxB,iBAAwC;;CAExC,kBAAgD;;CAEhD,0BAA2B,IAAI,KAG5B;;;;;CAMH,sBAA6C;;;;;CAM7C,mCAAoC,IAAI,KAAqB;;CAG7D,kBAAiE;;CAGjE,qBAAoF,EAAE;CAEtF,YAAY,SAAmC;AAC7C,OAAK,eAAe,QAAQ,aAAa,QAAQ,OAAO,GAAG;AAC3D,OAAK,aAAa,QAAQ,cAAcH;EACxC,MAAM,QAAQ,QAAQ,IAAI,6BACtB,OAAO,QAAQ,IAAI,2BAA2B,GAC9C,KAAA;AACJ,OAAK,oBACF,UAAU,KAAA,KAAa,OAAO,SAAS,MAAM,IAAI,QAAQ,IAAI,QAAQ,KAAA,MACtE,QAAQ,oBACR;AACF,OAAK,MAAM,SAASG,iBAAgB,MAAK,QAAQ,IAAI,OAAO,EAAE,CAAC;AAG/D,OAAK,QAAQ,IAAI,2BAA2B,EAAE,CAAC;AAG/C,OAAK,QAAQ,gBAAgB,EAAE;;;CAIjC,MAAM,iBAAuC;EAC3C,MAAM,MAAM,MAAM,MAAM,GAAG,KAAK,aAAa,UAAU;AACvD,MAAI,CAAC,IAAI,GACP,OAAM,IAAI,MAAM,qCAAqC,IAAI,OAAO,GAAG,IAAI,aAAa;EAEtF,MAAM,OAAgB,MAAM,IAAI,MAAM;EACtC,MAAM,OAAOF,WAAS,KAAK,IAAI,MAAM,QAAQ,KAAK,QAAQ,GAAG,KAAK,UAAU,EAAE;EAM9E,IAAI,iBAAgC;AACpC,OAAK,MAAM,QAAQ,MAAM;AACvB,OAAI,CAACA,WAAS,KAAK,IAAI,OAAO,KAAK,OAAO,SAAU;AACpD,oBAAiB,KAAK;;AAIxB,MACE,mBAAmB,QACnB,KAAK,mBAAmB,QACxB,mBAAmB,KAAK,gBACxB;GACA,MAAM,SAAS,KAAK;AACpB,WAAQ,OAAO,MAAM,kDAAkD,OAAO,KAAK;AACnF,QAAK,YAAY,OAAO;;AAI1B,OAAK,QAAQ,OAAO;AACpB,OAAK,MAAM,QAAQ,MAAM;AACvB,OAAI,CAACA,WAAS,KAAK,IAAI,OAAO,KAAK,OAAO,SAAU;AAEpD,OAAI,KAAK,OAAO,eAAgB;AAChC,QAAK,QAAQ,IAAI,KAAK,IAAI;IACxB,IAAI,KAAK;IACT,OAAO,OAAO,KAAK,UAAU,WAAW,KAAK,QAAQ;IACrD,KAAK,OAAO,KAAK,QAAQ,WAAW,KAAK,MAAM;IAChD,CAAC;;AAGJ,MAAI,mBAAmB,KACrB,MAAK,iBAAiB;MAEtB,MAAK,iBAAiB;AAGxB,SAAO,CAAC,GAAG,KAAK,QAAQ,QAAQ,CAAC;;CAGnC,cAA2B;AACzB,SAAO,CAAC,GAAG,KAAK,QAAQ,QAAQ,CAAC;;;;;;CAOnC,yBAAwC;AACtC,SAAO,KAAK;;;;;;CAOd,oBAAoB,UAAiC;AACnD,SAAO,KAAK,iBAAiB,IAAI,SAAS,IAAI;;;CAIhD,YAAY,UAA6D;AACvE,OAAK,mBAAmB,KAAK,SAAS;AACtC,eAAa;GACX,MAAM,MAAM,KAAK,mBAAmB,QAAQ,SAAS;AACrD,OAAI,QAAQ,GAAI,MAAK,mBAAmB,OAAO,KAAK,EAAE;;;;;;;CAQ1D,MAAM,gBAA+B;AACnC,MAAI,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAAM;AAGtD,MAAI,KAAK,gBAAiB,QAAO,KAAK;AACtC,OAAK,kBAAkB,KAAK,kBAAkB,CAAC,cAAc;AAC3D,QAAK,kBAAkB;IACvB;AACF,SAAO,KAAK;;CAGd,MAAc,mBAAkC;EAE9C,MAAM,UADU,MAAM,KAAK,gBAAgB,EACpB;AACvB,MAAI,CAAC,OACH,OAAM,IAAI,MAAM,mDAAmD;EAKrE,MAAM,KAAK,IAAI,UACb,GAHa,KAAK,aAAa,QAAQ,SAAS,KAAK,CAG3C,UAFK,gBAAgB,KAAK,KAAK,GAEZ,UAAU,mBAAmB,OAAO,GAAG,GACrE;AACD,OAAK,KAAK;AAEV,QAAM,IAAI,SAAe,SAAS,WAAW;AAC3C,MAAG,KAAK,cAAc,SAAS,CAAC;AAChC,MAAG,KAAK,UAAU,QAAe,OAAO,IAAI,CAAC;IAC7C;AAGF,OAAK,sBAAsB;AAC3B,OAAK,iBAAiB,OAAO;AAG7B,OAAK,kBAAkB;AACvB,KAAG,GAAG,YAAY,SAA4B,KAAK,cAAc,KAAK,UAAU,CAAC,CAAC;AAClF,KAAG,GAAG,eAAe,KAAK,iBAAiB,4BAA4B,CAAC;AACxE,KAAG,GAAG,UAAU,QAAe,KAAK,iBAAiB,uBAAuB,IAAI,UAAU,CAAC;AAE3F,OAAK,kBAAkB,iBAAiB;AACxC,OAAK,kBAAkB,iBAAiB;AAGxC,OAAK,kBAAkB,aAAa;AACpC,OAAK,kBAAkB,cAAc;AAIrC,OAAK,kBAAkB,mBAAmB;AAC1C,OAAK,kBAAkB,6BAA6B,EAAE,UAAU,MAAM,CAAC;AAGvE,OAAK,eAAe,OAAO,GAAG;;;CAIhC,kBAA0B,QAAgB,SAAkC,EAAE,EAAQ;AACpF,MAAI,CAAC,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAAM;EACvD,MAAM,KAAK,KAAK;AAChB,OAAK,GAAG,KAAK,KAAK,UAAU;GAAE;GAAI;GAAQ;GAAQ,CAAC,CAAC;;;;;;CAOtD,KACE,QACA,QACqC;AACrC,SAAO,KAAK,YAAY,QAAS,UAAU,EAAE,CAA6B;;;;;;;;;;;;;;;CAkB5E,YAAY,QAAgB,SAAkC,EAAE,EAAoB;AAElF,MAAI,KAAK,oBAAoB,eAC3B,QAAO,QAAQ,uBACb,IAAI,MACF,wBAAwB,OAAO,yDAChC,CACF;AAEH,MAAI,CAAC,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAC/C,QAAO,QAAQ,uBACb,IAAI,MAAM,+EAA+E,CAC1F;EAEH,MAAM,KAAK,KAAK;EAChB,MAAM,KAAK,KAAK;EAChB,MAAM,YAAY,KAAK;AACvB,SAAO,IAAI,SAAkB,SAAS,WAAW;GAC/C,MAAM,SAAS,iBAAiB;AAC9B,SAAK,QAAQ,OAAO,GAAG;AACvB,2BACE,IAAI,MACF,qBAAqB,OAAO,IAAI,UAAU,iFAG3C,CACF;MACA,UAAU;AACb,QAAK,QAAQ,IAAI,IAAI;IACnB,UAAU,MAAM;AACd,kBAAa,OAAO;AACpB,aAAQ,EAAE;;IAEZ,SAAS,MAAM;AACb,kBAAa,OAAO;AACpB,YAAO,EAAE;;IAEZ,CAAC;AACF,MAAG,KAAK,KAAK,UAAU;IAAE;IAAI;IAAQ;IAAQ,CAAC,CAAC;IAC/C;;;;;;;CAQJ,iBAAyB,QAAsB;AAC7C,MAAI,KAAK,oBAAoB,eAAgB;AAC7C,OAAK,kBAAkB;AACvB,OAAK,KAAK;AACV,OAAK,eAAe;EACpB,MAAM,sBAAM,IAAI,MACd,GAAG,OAAO,wDACX;AACD,OAAK,MAAM,UAAU,KAAK,QAAQ,QAAQ,CACxC,QAAO,OAAO,IAAI;AAEpB,OAAK,QAAQ,OAAO;;;;;;;;;;CAWtB,YAAoB,UAAwB;EAC1C,MAAM,8BAAa,IAAI,MAAM,EAAC,aAAa;AAC3C,OAAK,QAAQ,OAAO,SAAS;AAC7B,OAAK,iBAAiB,OAAO,SAAS;EAEtC,MAAM,sBAAM,IAAI,MACd,+EAA+E,SAAS,qCAEzF;AACD,OAAK,MAAM,UAAU,KAAK,QAAQ,QAAQ,CACxC,QAAO,OAAO,IAAI;AAEpB,OAAK,QAAQ,OAAO;EAEpB,MAAM,QAA8B;GAAE,MAAM;GAAY;GAAU;GAAY;AAC9E,OAAK,MAAM,YAAY,KAAK,mBAC1B,KAAI;AACF,YAAS,MAAM;UACT;;;;;;;;;;;CAeZ,iBAAyB,MAAoC,UAA+B;EAC1F,MAAM,8BAAa,IAAI,MAAM,EAAC,aAAa;AAC3C,OAAK,sBAAsB,KAAK,KAAK;AAGrC,MAAI,aAAa,MAAM;AACrB,QAAK,QAAQ,OAAO,SAAS;AAC7B,QAAK,iBAAiB,OAAO,SAAS;AAEtC,OAAI,KAAK,mBAAmB,SAC1B,MAAK,iBAAiB;SAEnB;AAEL,QAAK,QAAQ,OAAO;AACpB,QAAK,iBAAiB,OAAO;AAC7B,QAAK,iBAAiB;;EAUxB,MAAM,sBAAM,IAAI,MACd,eANA,SAAS,YACL,yCACA,SAAS,cACP,uCACA,4CAEe,iFAEtB;AACD,OAAK,MAAM,UAAU,KAAK,QAAQ,QAAQ,CACxC,QAAO,OAAO,IAAI;AAEpB,OAAK,QAAQ,OAAO;EAGpB,MAAM,QAA8B;GAAE;GAAM;GAAU;GAAY;AAClE,OAAK,MAAM,YAAY,KAAK,mBAC1B,KAAI;AACF,YAAS,MAAM;UACT;;;;;;;;;;;;;;;;CAoBZ,eAAuB,iBAA+B;AACpD,OAAK,eAAe;EAEpB,MAAM,QAAQ,QAAQ,IAAI,uBACtB,OAAO,QAAQ,IAAI,qBAAqB,GACxC,KAAA;AACJ,MAAI,UAAU,KAAA,KAAa,CAAC,OAAO,SAAS,MAAM,IAAI,SAAS,EAAG;EAElE,MAAM,kBAAkB;AAExB,OAAK,kBAAkB,kBAAkB;GAEvC,MAAM,YAAY,KAAK,QAAQ,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,MAAM,CAAC,GAAG,CAAC,gBAAgB;AACtF,QAAK,MAAM,YAAY,WAAW;IAEhC,MAAM,cAAc,KAAK,YAAY,oBAAoB;KACvD,YAAY;KACZ,eAAe;KACf,SAAS;KACV,CAAC;IACF,MAAM,iBAAiB,IAAI,SAAgB,GAAG,WAC5C,iBACQ,uBAAO,IAAI,MAAM,oBAAoB,CAAC,EAC5C,kBAAkB,IACnB,CACF;AACD,YAAQ,KAAK,CAAC,aAAa,eAAe,CAAC,CAAC,YAAY;AAEtD,SAAI,KAAK,QAAQ,IAAI,SAAS,CAC5B,MAAK,iBAAiB,aAAa,SAAS;MAE9C;;KAEH,MAAM;;CAGX,gBAA8B;AAC5B,MAAI,KAAK,oBAAoB,MAAM;AACjC,iBAAc,KAAK,gBAAgB;AACnC,QAAK,kBAAkB;;;CAI3B,cAAsB,KAAmB;EACvC,MAAM,UAAUC,eAAa,IAAI;AACjC,MAAI,CAAC,QAAS;AAGd,MAAI,OAAO,QAAQ,OAAO,YAAY,KAAK,QAAQ,IAAI,QAAQ,GAAG,EAAE;GAClE,MAAM,SAAS,KAAK,QAAQ,IAAI,QAAQ,GAAG;AAC3C,QAAK,QAAQ,OAAO,QAAQ,GAAG;AAC/B,OAAI,OACF,KAAI,QAAQ,MAAO,QAAO,OAAO,IAAI,MAAM,QAAQ,MAAM,QAAQ,CAAC;OAC7D,QAAO,QAAQ,QAAQ,OAAO;AAErC;;EAKF,MAAM,MAAM,KAAK,KAAK;AACtB,OAAK,MAAM,YAAY,KAAK,QAAQ,MAAM,CACxC,MAAK,iBAAiB,IAAI,UAAU,IAAI;AAG1C,MAAI,OAAO,QAAQ,WAAW,SAAU;AAMxC,MAAI,QAAQ,WAAW,2BAA2B;AAChD,QAAK,iBAAiB,WAAW,KAAK;AACtC;;AAIF,MAAI,QAAQ,WAAW,0BAA0B;GAC/C,MAAM,WACJD,WAAS,QAAQ,OAAO,IAAI,OAAO,QAAQ,OAAO,aAAa,WAC3D,QAAQ,OAAO,WACf;AACN,QAAK,iBAAiB,aAAa,SAAS;AAC5C;;AAIF,MAAI,QAAQ,WAAW,6BAA6B;GAClD,MAAM,WACJA,WAAS,QAAQ,OAAO,IAAI,OAAO,QAAQ,OAAO,aAAa,WAC3D,QAAQ,OAAO,WACf;AACN,QAAK,iBAAiB,YAAY,SAAS;AAC3C;;AAIF,MAAI,CAAC,KAAK,QAAQ,IAAI,QAAQ,OAAuB,CAAE;EACvD,MAAM,QAAQ,QAAQ;EACtB,MAAM,SAAS,KAAK,QAAQ,IAAI,MAAM;AACtC,MAAI,CAAC,OAAQ;AACb,SAAO,KAAK,QAAQ,OAAO;EAG3B,MAAM,MAAM,UAAU,4BAA4B,wBAAwB,KAAK;AAC/E,MAAI,OAAO,SAAS,IAAK,QAAO,OAAO;AACvC,OAAK,QAAQ,KAAK,OAAO,QAAQ,OAAO;;CAG1C,kBAA0C,OAAyC;AAEjF,SADe,KAAK,QAAQ,IAAI,MAAM,IACpB,EAAE;;CAGtB,GAA2B,OAAU,UAAyD;AAC5F,OAAK,QAAQ,GAAG,OAAO,SAAuC;AAC9D,eAAa,KAAK,QAAQ,IAAI,OAAO,SAAuC;;;CAI9E,QAAc;EACZ,MAAM,KAAK,KAAK;AAChB,OAAK,eAAe;AAGpB,OAAK,iBAAiB,+BAA+B;AACrD,MAAI,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACjmBf,MAAM,UAAU,cAAc,OAAO,KAAK,IAAI;AAa9C,SAAS,iBAAmC;CAE1C,MAAM,MAAe,QAAQ,OAAO;AACpC,KACE,OAAO,QAAQ,YACf,QAAQ,QACR,WAAW,OACX,OAAQ,IAA2B,UAAU,WAE7C,QAAO;AAET,OAAM,IAAI,MAAM,4CAA4C;;;;;;;;;;;;;;;;;;AA0D9D,eAAsB,eAAe,UAAiC,EAAE,EAAsB;CAC5F,MAAM,gBAAgB,QAAQ,QAAQ;CACtC,MAAM,OAAO,QAAQ,QAAQ;CAC7B,MAAM,EAAE,eAAe;CAEvB,MAAM,aAAa,cAAc;AASjC,KAAI,WACF,YAAW,GAAG,YAAY,KAAsB,WAAmB;AACjE,MAAI,CAAC,WAAW,IAAI,EAAE;AAGpB,UAAO,MAAM,yDAAyD;AACtE,UAAO,SAAS;AAEhB;;GAIF;AAOJ,OAJa,gBAAgB,CAIlB,MAAM;EAAE,QAAQ;EAAY,QAAQ,GAAG,KAAK,GAAG;EAAiB,MAAM;EAAe,CAAC;CAEjG,MAAM,aAAa,MAAM,IAAI,SAAiB,SAAS,WAAW;AAChE,aAAW,KAAK,SAAS,OAAO;AAChC,aAAW,OAAO,eAAe,YAAY;AAC3C,cAAW,IAAI,SAAS,OAAO;AAG/B,WADa,WAAW,SAAS,CACpB,KAAK;IAClB;GACF;AAEF,QAAO;EACL,MAAM;EACN,SAAS,UAAU,KAAK,GAAG;EAC3B,aACE,IAAI,SAAe,YAAY;AAC7B,cAAW,YAAY,SAAS,CAAC;IACjC;EACL;;;;;;;;;;;;;;;;;;;;;;AC1IH,MAAM,sBAAsB;AAW5B,SAASG,WAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;AAGhD,SAAS,aAAa,KAAuC;CAC3D,IAAI;AACJ,KAAI;AACF,WAAS,KAAK,MAAM,IAAI;SAClB;AACN,SAAO;;AAET,KAAI,CAACA,WAAS,OAAO,CAAE,QAAO;CAC9B,MAAM,UAA6B,EAAE;AACrC,KAAI,OAAO,OAAO,OAAO,SAAU,SAAQ,KAAK,OAAO;AACvD,KAAI,OAAO,OAAO,WAAW,SAAU,SAAQ,SAAS,OAAO;AAC/D,KAAI,YAAY,OAAQ,SAAQ,SAAS,OAAO;AAChD,KAAI,YAAY,OAAQ,SAAQ,SAAS,OAAO;AAChD,KAAIA,WAAS,OAAO,MAAM,IAAI,OAAO,OAAO,MAAM,YAAY,SAC5D,SAAQ,QAAQ,EAAE,SAAS,OAAO,MAAM,SAAS;AAEnD,QAAO;;AAGT,MAAM,iBAA0C;CAC9C;CACA;CACA;CACD;;;;;;;;;;;;;AAqCD,IAAa,qBAAb,MAAyD;CACvD;CACA;CACA,UAA2B,IAAI,cAAc;CAC7C,0BAA2B,IAAI,KAA8B;CAC7D,0BAA2B,IAAI,KAAwB;CAEvD,KAA+B;CAC/B,gBAAwB;;CAExB,kBAAgD;;CAEhD,0BAA2B,IAAI,KAG5B;CAEH,YAAY,SAAoC;AAC9C,OAAK,kBAAkB,QAAQ,gBAAgB,QAAQ,OAAO,GAAG;AACjE,OAAK,aAAa,QAAQ,cAAc;AACxC,OAAK,MAAM,SAAS,eAAgB,MAAK,QAAQ,IAAI,OAAO,EAAE,CAAC;AAG/D,OAAK,QAAQ,gBAAgB,EAAE;;;;;;;;;CAUjC,MAAc,eAGX;EAED,MAAM,MAAM,MAAM,MAAM,GAAG,KAAK,gBAAgB,OAAO;AACvD,MAAI,CAAC,IAAI,GACP,OAAM,IAAI,MACR,yCAAyC,IAAI,OAAO,GAAG,IAAI,WAAW,wDAEvE;EAEH,MAAM,OAAgB,MAAM,IAAI,MAAM;EACtC,MAAM,OAA6B,MAAM,QAAQ,KAAK,GAAI,OAAgC,EAAE;AAE5F,OAAK,QAAQ,OAAO;EACpB,IAAI,WAAsC;AAE1C,OAAK,MAAM,QAAQ,MAAM;AACvB,OAAI,CAACA,WAAS,KAAK,IAAI,OAAO,KAAK,OAAO,SAAU;GACpD,MAAM,YAAuB;IAC3B,IAAI,KAAK;IACT,OAAO,OAAO,KAAK,UAAU,WAAW,KAAK,QAAQ;IACrD,KAAK,OAAO,KAAK,QAAQ,WAAW,KAAK,MAAM;IAChD;AACD,QAAK,QAAQ,IAAI,KAAK,IAAI,UAAU;AAGpC,OACE,aAAa,QACb,KAAK,SAAS,UACd,OAAO,KAAK,yBAAyB,YACrC,CAAC,qBAAqB,KAAK,IAAI,CAE/B,YAAW;;AAIf,SAAO;GAAE;GAAU,KAAK,CAAC,GAAG,KAAK,QAAQ,QAAQ,CAAC;GAAE;;CAGtD,cAA2B;AACzB,SAAO,CAAC,GAAG,KAAK,QAAQ,QAAQ,CAAC;;;;;;;;CASnC,MAAM,gBAA+B;AACnC,MAAI,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAAM;AACtD,MAAI,KAAK,gBAAiB,QAAO,KAAK;AACtC,OAAK,kBAAkB,KAAK,kBAAkB,CAAC,cAAc;AAC3D,QAAK,kBAAkB;IACvB;AACF,SAAO,KAAK;;CAGd,MAAc,mBAAkC;EAC9C,MAAM,EAAE,aAAa,MAAM,KAAK,cAAc;AAC9C,MAAI,CAAC,SACH,OAAM,IAAI,MACR,oLAGD;EAIH,MAAM,QAAQ,SAAS;EACvB,MAAM,KAAK,IAAI,UAAU,MAAM;AAC/B,OAAK,KAAK;AAEV,QAAM,IAAI,SAAe,SAAS,WAAW;AAC3C,MAAG,KAAK,cAAc,SAAS,CAAC;AAChC,MAAG,KAAK,UAAU,QAAe,OAAO,IAAI,CAAC;IAC7C;AAEF,KAAG,GAAG,YAAY,SAA4B,KAAK,cAAc,KAAK,UAAU,CAAC,CAAC;AAGlF,OAAK,kBAAkB,iBAAiB;AACxC,OAAK,kBAAkB,iBAAiB;AACxC,OAAK,kBAAkB,aAAa;AACpC,OAAK,kBAAkB,cAAc;;;CAIvC,kBAA0B,QAAgB,SAAkC,EAAE,EAAQ;AACpF,MAAI,CAAC,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAAM;EACvD,MAAM,KAAK,KAAK;AAChB,OAAK,GAAG,KAAK,KAAK,UAAU;GAAE;GAAI;GAAQ;GAAQ,CAAC,CAAC;;;;;;CAOtD,KACE,QACA,QACqC;AACrC,SAAO,KAAK,YAAY,QAAS,UAAU,EAAE,CAA6B;;;;;;CAS5E,YAAY,QAAgB,SAAkC,EAAE,EAAoB;AAClF,MAAI,CAAC,KAAK,MAAM,KAAK,GAAG,eAAe,UAAU,KAC/C,QAAO,QAAQ,uBACb,IAAI,MACF,kIAED,CACF;EAEH,MAAM,KAAK,KAAK;EAChB,MAAM,KAAK,KAAK;AAChB,SAAO,IAAI,SAAkB,SAAS,WAAW;AAC/C,QAAK,QAAQ,IAAI,IAAI;IAAE;IAAS;IAAQ,CAAC;AACzC,MAAG,KAAK,KAAK,UAAU;IAAE;IAAI;IAAQ;IAAQ,CAAC,CAAC;IAC/C;;CAGJ,cAAsB,KAAmB;EACvC,MAAM,UAAU,aAAa,IAAI;AACjC,MAAI,CAAC,QAAS;AAGd,MAAI,OAAO,QAAQ,OAAO,YAAY,KAAK,QAAQ,IAAI,QAAQ,GAAG,EAAE;GAClE,MAAM,SAAS,KAAK,QAAQ,IAAI,QAAQ,GAAG;AAC3C,QAAK,QAAQ,OAAO,QAAQ,GAAG;AAC/B,OAAI,OACF,KAAI,QAAQ,MAAO,QAAO,OAAO,IAAI,MAAM,QAAQ,MAAM,QAAQ,CAAC;OAC7D,QAAO,QAAQ,QAAQ,OAAO;AAErC;;AAIF,MAAI,OAAO,QAAQ,WAAW,SAAU;AACxC,MAAI,CAAC,KAAK,QAAQ,IAAI,QAAQ,OAAuB,CAAE;EACvD,MAAM,QAAQ,QAAQ;EACtB,MAAM,SAAS,KAAK,QAAQ,IAAI,MAAM;AACtC,MAAI,CAAC,OAAQ;AACb,SAAO,KAAK,QAAQ,OAAO;AAC3B,MAAI,OAAO,SAAS,KAAK,WAAY,QAAO,OAAO;AACnD,OAAK,QAAQ,KAAK,OAAO,QAAQ,OAAO;;CAG1C,kBAA0C,OAAyC;AAEjF,SADe,KAAK,QAAQ,IAAI,MAAM,IACpB,EAAE;;CAGtB,GAA2B,OAAU,UAAyD;AAC5F,OAAK,QAAQ,GAAG,OAAO,SAAuC;AAC9D,eAAa,KAAK,QAAQ,IAAI,OAAO,SAAuC;;;CAI9E,QAAc;AACZ,OAAK,IAAI,OAAO;AAChB,OAAK,KAAK;AACV,OAAK,MAAM,UAAU,KAAK,QAAQ,QAAQ,CACxC,QAAO,uBAAO,IAAI,MAAM,wCAAwC,CAAC;AAEnE,OAAK,QAAQ,OAAO;;;;AAKxB,SAAS,qBAAqB,KAAsB;AAClD,QACE,QAAQ,MACR,QAAQ,iBACR,QAAQ,kBACR,IAAI,WAAW,cAAc,IAC7B,IAAI,WAAW,YAAY,IAC3B,IAAI,WAAW,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC9PzC,SAAgB,eAAgC;AAC9C,QAAO,IAAI,SAAS,SAAS,WAAW;EACtC,MAAM,SAAS,IAAI,cAAc;AACjC,SAAO,OAAO,GAAG,mBAAmB;GAClC,MAAM,OAAO,OAAO,SAAS;GAC7B,MAAM,OAAO,OAAO,SAAS,YAAY,SAAS,OAAO,KAAK,OAAO;AACrE,UAAO,YAAY;AACjB,QAAI,SAAS,KACX,wBAAO,IAAI,MAAM,iDAAiD,CAAC;QAEnE,SAAQ,KAAK;KAEf;IACF;AACF,SAAO,KAAK,SAAS,OAAO;GAC5B;;;;;;AAOJ,SAAgB,uBAAiC;CAC/C,MAAM,KAAK,UAAU;AACrB,KAAI,OAAO,SACT,QAAO;EACL;EACA;EACA;EACA;EACD;AAEH,KAAI,OAAO,QACT,QAAO;EACL;EACA;EACA;EACA;EACA;EACA;EACA;EACD;AAEH,KAAI,OAAO,SAAS;EAClB,MAAM,eAAe,QAAQ,IAAI,gBAAgB;EACjD,MAAM,kBAAkB,QAAQ,IAAI,wBAAwB;AAC5D,SAAO;GACL,GAAG,aAAa;GAChB,GAAG,gBAAgB;GACnB,GAAG,aAAa;GACjB;;AAEH,QAAO,EAAE;;;AAIX,SAAgB,mBAAkC;AAChD,MAAK,MAAM,KAAK,sBAAsB,CACpC,KAAI,WAAW,EAAE,CAAE,QAAO;AAE5B,QAAO;;;;;;;;;AAUT,eAAsB,eAAe,UAAiC,EAAE,EAA2B;CACjG,MAAM,YAAY,QAAQ,WAAW;CAGrC,MAAM,gBAAgB,QAAQ,QAAQ;CACtC,MAAM,OAAO,kBAAkB,IAAI,MAAM,cAAc,GAAG;CAE1D,MAAM,SAAS,QAAQ,UAAU,QAAQ,IAAI,oBAAoB;CAEjE,MAAM,SAAS,kBAAkB;AACjC,KAAI,WAAW,KACb,OAAM,IAAI,MACR,gHAGE,sBAAsB,CAAC,KAAK,KAAK,CACpC;CAcH,MAAM,QAAsB,UAAU,QAXzB;EACX,2BAA2B;EAC3B;EACA;EAGA;EACA,GAAI,QAAQ,aAAa,EAAE;EAC3B;EACD,EAEmD;EAElD,OAAO;EACP,UAAU;EACX,CAAC;AAGF,OAAM,OAAO;CAEb,MAAM,cAAc,oBAAoB;AAExC,SAAQ,OAAO,MACb,wCAAwC,OAAO,oCACV,YAAY,+BACjB,OAAO,IACxC;AAED,QAAO;EACL;EACA;EACA,OAAa;AACX,OAAI;AACF,UAAM,MAAM;WACN;;EAIX;;;;;;;;ACxKH,eAAsB,oBAA2C;CAC/D,MAAM,EAAE,SAAS,WAAW,MAAM,OAAO;CAEzC,MAAM,SAAiB,cAAc,KAAK,QAAQ;EAEhD,MAAM,CAAC,MAAM,QAAQ,OADN,IAAI,OAAO,KACQ,MAAM,KAAK,EAAE;EAC/C,MAAM,SAAS,IAAI,gBAAgB,SAAS,GAAG;AAE/C,MAAI,SAAS,WAAW;GACtB,MAAM,WAAW,OAAO,IAAI,IAAI,IAAI;GACpC,IAAI;AACJ,OAAI;AACF,gBAAY,mBAAmB,SAAS;WAClC;AACN,QAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,QAAI,IAAI,iBAAiB;AACzB;;GAIF,IAAI,oBAAoB;AACxB,OAAI;IACF,MAAM,UAAU,UAAU,MAAM,4BAA4B;AAC5D,QAAI,UAAU,GACZ,qBAAoB,mBAAmB,QAAQ,GAAG,CAAC,MAAM,GAAG,GAAG;WAE3D;AAKR,UAAO,UAAU,WAAW;IAAE,MAAM;IAAa,sBAAsB;IAAK,CAAC,CAC1E,MAAM,YAAoB;IAGzB,MAAM,OAAO,gBAAgB,SAFX,kBAAkB,QAAQ,aAAa,MAAM,KAAK,EAAE,WAAW,EAAE,CAAC,GAAG,EACjE,UAAU,QAAQ,aAAa,MAAM,KAAK,EAAE,WAAW,EAAE,CAAC,GAAG,CACpB;AAC/D,QAAI,UAAU,KAAK;KACjB,gBAAgB;KAChB,iBAAiB;KAClB,CAAC;AACF,QAAI,IAAI,KAAK;KACb,CACD,YAAY;AACX,QAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,QAAI,IAAI,iBAAiB;KACzB;AACJ;;AAGF,MAAI,SAAS,WAAW;GACtB,MAAM,WAAW,OAAO,IAAI,IAAI,IAAI;GACpC,IAAI;AACJ,OAAI;AACF,gBAAY,mBAAmB,SAAS;WAClC;AACN,QAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,QAAI,IAAI,iBAAiB;AACzB;;AAGF,UAAO,SAAS,WAAW;IAAE,MAAM;IAAO,sBAAsB;IAAK,CAAC,CACnE,MAAM,QAAgB;AACrB,QAAI,UAAU,KAAK;KACjB,gBAAgB;KAChB,iBAAiB;KACjB,kBAAkB,OAAO,IAAI,OAAO;KACrC,CAAC;AACF,QAAI,IAAI,IAAI;KACZ,CACD,YAAY;AACX,QAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,QAAI,IAAI,qBAAqB;KAC7B;AACJ;;AAGF,MAAI,UAAU,KAAK,EAAE,gBAAgB,6BAA6B,CAAC;AACnE,MAAI,IAAI,YAAY;GACpB;CAEF,MAAM,aAAa,OAAO,QAAQ,IAAI,uBAAuB,EAAE;AAE/D,OAAM,IAAI,SAAe,SAAS,WAAW;AAC3C,SAAO,OAAO,YAAY,mBAAmB,SAAS,CAAC;AACvD,SAAO,KAAK,SAAS,OAAO;GAC5B;CAEF,MAAM,UAAU,OAAO,SAAS;AAChC,KAAI,CAAC,WAAW,OAAO,YAAY,SACjC,OAAM,IAAI,MAAM,mDAAmD;CAErE,MAAM,OAAO,QAAQ;AAErB,QAAO;EACL;EACA,mBAAmB,WAA2B;AAC5C,UAAO,oBAAoB,KAAK,YAAY,mBAAmB,UAAU;;EAE3E,QAAuB;AACrB,UAAO,IAAI,SAAS,SAAS,WAAW;AACtC,WAAO,OAAO,QAAS,MAAM,OAAO,IAAI,GAAG,SAAS,CAAE;KACtD;;EAEL;;;;;;AAOH,SAAS,gBAAgB,WAAmB,WAAmB,eAA+B;AAC5F,QAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iCAqCwB,UAAU;yBAClB,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;yBA4BV,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACrKvC,MAAM,yBAAyB,IAAI,IAAY;CAAC;CAAI;CAAO;CAAa;CAAa;CAAM,CAAC;;;;;;;;;;AAW5F,SAAgB,wBAAwB,WAAkC;CAIxE,MAAM,cAAc,UAAU,QAAQ,kCAAkC,GAAG;AAC3E,KAAI,gBAAgB,UAElB,QACE;CAMJ,MAAM,eAAe,YAAY,OAAO,QAAQ;CAChD,MAAM,YAAY,iBAAiB,KAAK,cAAc,YAAY,MAAM,GAAG,aAAa;AAExF,KAAI,uBAAuB,IAAI,UAAU,aAAa,CAAC,CAErD,QACE,wBAFuB,cAAc,KAAK,YAAY,IAAI,UAAU,GAE3B;AAM7C,QAAO;;AAMT,SAAS,cAAc,OAAe,KAAqB;AACzD,KAAI,UAAU,GAAI,QAAO;AACzB,QAAO,MACJ,MAAM,IAAI,CACV,QAAQ,SAAS,SAAS,MAAM,KAAK,MAAM,IAAI,CAAC,OAAO,IAAI,CAC3D,KAAK,IAAI;;;;;;;;;;;;;;;;;;;;;AAsBd,SAAgB,uBACd,WACA,QACA,UACQ;CACR,IAAI;AACJ,KAAI;AACF,UAAQ,IAAI,IAAI,OAAO;SACjB;AACN,QAAM,IAAI,MAAM,iCAAiC,SAAS;;AAE5D,KAAI,MAAM,aAAa,OACrB,OAAM,IAAI,MAAM,2CAA2C,MAAM,SAAS,IAAI,OAAO,GAAG;CAG1F,MAAM,YAAY,UAAU,QAAQ,IAAI;CACxC,MAAM,OAAO,cAAc,KAAK,KAAK,UAAU,MAAM,UAAU;CAC/D,MAAM,aAAa,cAAc,KAAK,YAAY,UAAU,MAAM,GAAG,UAAU;CAE/E,MAAM,aAAa,WAAW,QAAQ,IAAI;CAC1C,MAAM,OAAO,eAAe,KAAK,aAAa,WAAW,MAAM,GAAG,WAAW;CAC7E,IAAI,QAAQ,eAAe,KAAK,KAAK,WAAW,MAAM,aAAa,EAAE;CAErE,MAAM,WAA0B,CAC9B,CAAC,SAAS,IAAI,EACd,CAAC,SAAS,OAAO,CAClB;AAID,KAAI,aAAa,KAAA,KAAa,aAAa,GACzC,UAAS,KAAK,CAAC,MAAM,SAAS,CAAC;AAKjC,SAAQ,cAAc,OAAO,KAAK;AAElC,MAAK,MAAM,CAAC,QAAQ,SAClB,SAAQ,cAAc,OAAO,IAAI;AAEnC,MAAK,MAAM,CAAC,KAAK,UAAU,UAAU;EACnC,MAAM,OAAO,GAAG,IAAI,GAAG,mBAAmB,MAAM;AAChD,UAAQ,UAAU,KAAK,OAAO,GAAG,MAAM,GAAG;;AAG5C,QAAO,GAAG,KAAK,GAAG,QAAQ;;;;ACjH5B,SAASC,WAAS,GAA0C;AAC1D,QAAO,OAAO,MAAM,YAAY,MAAM,QAAQ,CAAC,MAAM,QAAQ,EAAE;;AAGjE,SAAS,aAAa,MAAyB;AAC7C,KAAI;AACF,SAAO,KAAK,UAAU,KAAK;SACrB;AACN,SAAO,OAAO,KAAK;;;;;;;;;;;AAgBvB,MAAM,aAA6B;CAIjC;EACE,MAAM;EACN,aAAa,MAAM;GACjB,MAAM,MAAM,KAAK;AACjB,OAAI,CAACA,WAAS,IAAI,CAChB,QAAO;IACL,IAAI;IACJ,UAAU;IACV,UAAU,aAAa,KAAK;IAC7B;GAEH,MAAM,OAAO,IAAI;AACjB,OAAI,SAAS,cAAc,SAAS,YAClC,QAAO;IACL,IAAI;IACJ,UAAU;IACV,UAAU,aAAa,KAAK;IAC7B;AAEH,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,MAAM;GACjB,MAAM,MAAM,KAAK;AACjB,OAAI,CAACA,WAAS,IAAI,IAAI,OAAO,IAAI,cAAc,UAC7C,QAAO;IACL,IAAI;IACJ,UAAU;IACV,UAAU,aAAa,KAAK;IAC7B;AAEH,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,MAAM;GACjB,MAAM,MAAM,KAAK;AACjB,OAAI,CAACA,WAAS,IAAI,IAAI,OAAO,IAAI,YAAY,UAC3C,QAAO;IACL,IAAI;IACJ,UAAU;IACV,UAAU,aAAa,KAAK;IAC7B;AAEH,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,MAAM;GACjB,MAAM,MAAM,KAAK;AACjB,OAAI,CAACA,WAAS,IAAI,IAAI,OAAO,IAAI,YAAY,UAC3C,QAAO;IACL,IAAI;IACJ,UAAU;IACV,UAAU,aAAa,KAAK;IAC7B;AAEH,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAMD;EACE,MAAM;EACN,aAAa,OAAO;AAClB,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,OAAO;AAClB,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,OAAO;AAClB,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,OAAO;AAClB,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,OAAO;AAClB,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,OAAO;AAClB,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,OAAO;AAClB,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CAKD;EACE,MAAM;EACN,aAAa,OAAO;AAClB,UAAO,EAAE,IAAI,MAAM;;EAErB,SAAS;EACV;CACF;AAMD,MAAM,gBAAgB,IAAI,IAA0B,WAAW,KAAK,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;;AAGvF,MAAM,qCAAqB,IAAI,KAAa;;;;;AAM5C,SAAgB,gBAAgB,MAAwC;AACtE,QAAO,cAAc,IAAI,KAAK;;;;;;AAOhC,SAAgB,gBAAgB,MAAoB;AAClD,KAAI,mBAAmB,IAAI,KAAK,CAAE;AAClC,oBAAmB,IAAI,KAAK;AAC5B,SAAQ,OAAO,MAAM,0BAA0B,KAAK,iCAAiC;;AAczB,WAAW,KAAK,MAAM,EAAE,KAAK;;;;ACnO3F,MAAa,yBAAyB;CACpC;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAYF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAUF,aAAa;GACX,MAAM;GACN,YAAY;IACV,YAAY;KACV,MAAM;KACN,aACE;KAGH;IACD,iBAAiB;KACf,MAAM;KACN,aACE;KAGH;IACD,iBAAiB;KACf,MAAM;KACN,aACE;KAGH;IACF;GACD,UAAU,CAAC,aAAa;GACzB;EACF;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAMF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAKF,aAAa;GACX,MAAM;GACN,YAAY,EACV,YAAY;IACV,MAAM;IACN,aAAa;IACd,EACF;GACD,UAAU,CAAC,aAAa;GACzB;EACF;CACD;EACE,MAAM;EACN,aACE;EAMF,aAAa;GACX,MAAM;GACN,YAAY,EACV,OAAO;IACL,MAAM;IACN,aAAa;IACd,EACF;GACD,UAAU,EAAE;GACb;EACF;CACD;EACE,MAAM;EACN,aACE;EAsBF,aAAa;GACX,MAAM;GACN,YAAY;IACV,MAAM;KACJ,MAAM;KACN,aAAa;KACd;IACD,MAAM;KACJ,MAAM;KACN,aAAa;KACb,OAAO,EAAE;KACV;IACF;GACD,UAAU,CAAC,OAAO;GACnB;EACF;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAGF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACF;AAID,MAAM,mBAAmB,IAAI,IAAY,uBAAuB,KAAK,MAAM,EAAE,KAAK,CAAC;AAEnF,SAAgB,gBAAgB,MAAqC;AACnE,QAAO,iBAAiB,IAAI,KAAK;;;;;;;;;;;AAYnC,MAAa,uBAA4C,IAAI,IAAY,CACvE,oBACA,aACD,CAAC;;AAyBF,SAAS,mBAAmB,KAA8B;AACxD,KAAI,IAAI,UAAU,KAAA,GAAW;AAC3B,MAAI,OAAO,IAAI,UAAU,SAAU,QAAO,IAAI;AAC9C,MAAI;AACF,UAAO,KAAK,UAAU,IAAI,MAAM;UAC1B;AACN,UAAO,OAAO,IAAI,MAAM;;;AAG5B,KAAI,IAAI,gBAAgB,KAAA,EAAW,QAAO,IAAI;AAC9C,KAAI,IAAI,cAAc,KAAA,EAAW,QAAO,IAAI;AAC5C,QAAO,IAAI,WAAW,IAAI;;AAG5B,SAAgB,wBAAwB,OAA8C;CACpF,MAAM,OAAO,MAAM,KAAK,IAAI,mBAAmB;AAC/C,QAAO;EACL,OAAO,MAAM;EACb,MAAM,KAAK,KAAK,IAAI;EACpB,WAAW,MAAM;EACjB;EACD;;AAGH,SAAgB,oBAAoB,YAA6C;AAC/E,QAAO,WACJ,kBAAkB,2BAA2B,CAC7C,KAAK,UAAU,wBAAwB,MAAM,CAAC;;AAGnD,SAAgB,oBAAoB,YAA6C;CAC/E,MAAM,WAAW,WAAW,kBAAkB,4BAA4B;CAC1E,MAAM,YAAY,WAAW,kBAAkB,2BAA2B;CAE1E,MAAM,sCAAsB,IAAI,KAA2C;AAC3E,MAAK,MAAM,YAAY,UACrB,qBAAoB,IAAI,SAAS,WAAW,SAAS;AAGvD,QAAO,SAAS,KAAK,YAA2C;EAC9D,MAAM,WAAW,oBAAoB,IAAI,QAAQ,UAAU;AAC3D,SAAO;GACL,WAAW,QAAQ;GACnB,KAAK,QAAQ,QAAQ;GACrB,QAAQ,QAAQ,QAAQ;GACxB,QAAQ,WAAW,SAAS,SAAS,SAAS;GAC9C,YAAY,WAAW,SAAS,SAAS,aAAa;GACtD,WAAW,QAAQ;GACnB,SAAS,WAAW,SAAS,YAAY;GAC1C;GACD;;;AAqCJ,SAAS,gBAAgB,OAA6B;AAEpD,QAAO,MADI,MAAM,gBAAgB,cACjB,IAAI,MAAM,IAAI,GAAG,MAAM,WAAW,GAAG,MAAM,aAAa;;;AAI1E,SAAgB,mBAAmB,OAAuD;CACxF,MAAM,EAAE,WAAW,qBAAqB;CACxC,MAAM,SAAS,iBAAiB,YAAY;CAC5C,MAAM,QAAQ,UAAU,OAAO,SAAS,IAAI,OAAO,IAAI,gBAAgB,CAAC,KAAK,KAAK,GAAG,KAAA;CACrF,MAAM,gBAAgB,iBAAiB,WAAW,eAAe,KAAA;CAEjE,MAAM,SAA4B;EAChC;EACA,MAAM,iBAAiB;EACvB,KAAK;EACN;AACD,KAAI,iBAAiB,QAAQ,KAAA,EAAW,QAAO,MAAM,iBAAiB;AACtE,KAAI,iBAAiB,eAAe,KAAA,EAAW,QAAO,aAAa,iBAAiB;AACpF,KAAI,iBAAiB,iBAAiB,KAAA,EACpC,QAAO,eAAe,iBAAiB;AACzC,KAAI,kBAAkB,KAAA,EAAW,QAAO,gBAAgB;AACxD,KAAI,UAAU,KAAA,EAAW,QAAO,QAAQ;AACxC,QAAO;;;;;;AAOT,SAAgB,eAAe,YAA2B,QAAQ,IAAyB;CACzF,MAAM,MAAM,KAAK,IAAI,KAAK,IAAI,GAAG,MAAM,EAAE,GAAG;CAC5C,MAAM,SAAS,WAAW,kBAAkB,0BAA0B;AAGtE,SADe,OAAO,SAAS,MAAM,OAAO,MAAM,OAAO,SAAS,IAAI,GAAG,QAC3D,KAAK,MAAM,mBAAmB,EAAE,CAAC;;AA8CjD,SAAS,aAAa,MAAsD;AAC1E,QACE,OAAQ,KAAiC,2BAA2B,cACpE,OAAQ,KAAiC,wBAAwB;;AAIrE,SAAgB,UAAU,YAA2B,QAAuC;CAE1F,MAAM,QADa,WAAW,aAAa,CACA,KAAK,MAAM;EACpD,MAAM,aAAa,aAAa,WAAW,GAAG,WAAW,oBAAoB,EAAE,GAAG,GAAG;AACrF,SAAO;GACL,IAAI,EAAE;GACN,OAAO,EAAE;GACT,KAAK,EAAE;GACP,YAAY,eAAe,OAAO,IAAI,KAAK,WAAW,CAAC,aAAa,GAAG;GACxE;GACD;CAEF,MAAM,UAAU,aAAa,WAAW,GAAG,WAAW,wBAAwB,GAAG;CACjF,MAAM,kBAAkB,YAAY,OAAO,IAAI,KAAK,QAAQ,CAAC,aAAa,GAAG;AAK7E,QAAO;EAAE;EAAO;EAAQ;EAAiB,cAJpB,kBACjB,oDAAoD,gBAAgB,KACpE;EAEmD,mBAAmB;EAAM;;;;;;;;;;;;;;AA6BlF,SAAgB,eAAe,WAAmB,QAA4C;AAC5F,KAAI,CAAC,OAAO,MAAM,OAAO,WAAW,KAClC,OAAM,IAAI,MACR,qGAED;CAEH,MAAM,mBAAmB,wBAAwB,UAAU,IAAI,KAAA;AAC/D,QAAO;EACL,WAAW,uBAAuB,WAAW,OAAO,OAAO;EAC3D,UAAU,OAAO;EACjB,GAAI,qBAAqB,KAAA,IAAY,EAAE,kBAAkB,GAAG,EAAE;EAC/D;;;;;;;;;;;AAgBH,SAAgB,iBAA0B;AACxC,KAAI,QAAQ,IAAI,OAAO,UAAU,QAAQ,IAAI,OAAO,IAAK,QAAO;CAChE,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,YAAY,aAAa,QAAS,QAAO;AAC1D,KAAI,aAAa,QACf,QAAO,QAAQ,QAAQ,IAAI,WAAW,QAAQ,IAAI,gBAAgB;AAEpE,QAAO;;;AAwBT,SAAS,qBAAqB,SAAyD;CACrF,MAAM,WAAW,QAAQ;AACzB,KAAI,aAAa,SACf,QAAO;EACL;GAAE,KAAK;GAAQ,MAAM,CAAC,QAAQ;GAAE;EAChC;GAAE,KAAK;GAAQ,MAAM;IAAC;IAAM;IAAU;IAAQ;GAAE;EAChD;GAAE,KAAK;GAAQ,MAAM;IAAC;IAAM;IAAiB;IAAQ;GAAE;EACvD;GAAE,KAAK;GAAQ,MAAM;IAAC;IAAM;IAAW;IAAQ;GAAE;EAClD;AAEH,KAAI,aAAa,QACf,QAAO,CACL;EAAE,KAAK;EAAO,MAAM;GAAC;GAAM;GAAS;GAAI;GAAQ;EAAE,EAClD;EAAE,KAAK;EAAY,MAAM,CAAC,+BAA+B,QAAQ;EAAE,CACpE;AAGH,QAAO;EACL;GAAE,KAAK;GAAY,MAAM,CAAC,QAAQ;GAAE;EACpC;GAAE,KAAK;GAAoB,MAAM,CAAC,QAAQ;GAAE;EAC5C;GAAE,KAAK;GAAiB,MAAM,CAAC,QAAQ;GAAE;EACzC;GAAE,KAAK;GAAW,MAAM,CAAC,QAAQ;GAAE;EACnC;GAAE,KAAK;GAAiB,MAAM,CAAC,QAAQ;GAAE;EACzC;GAAE,KAAK;GAAY,MAAM,CAAC,QAAQ;GAAE;EACrC;;;AAIH,SAAS,cAAc,MAAsB;AAE3C,QAAO,KAAK,QAAQ,qBAAqB,gBAAgB;;;AAI3D,MAAM,0BAA0B;CAC9B;CACA;CACA;CACA;CACA;CACA;CACD;AAED,SAAS,sBAAsB,QAAyB;AACtD,QAAO,wBAAwB,MAAM,MAAM,EAAE,KAAK,OAAO,CAAC;;;;;;;;;;;;;;;;;AAkB5D,eAAsB,gBACpB,SACA,QACgC;CAChC,MAAM,EAAE,cAAc,MAAM,OAAO;CAEnC,MAAM,aAAa,qBAAqB,QAAQ;CAChD,MAAM,cAAwB,EAAE;AAEhC,MAAK,MAAM,EAAE,KAAK,UAAU,YAAY;EACtC,MAAM,SAAS,UAAU,KAAK,MAAM;GAAE,UAAU;GAAQ,SAAS;GAAM,CAAC;AAExE,MAAI,OAAO,OAAO;AAEhB,eAAY,KAAK,GAAG,IAAI,IAAI,OAAO,MAAM,UAAU;AACnD;;EAGF,MAAM,SAAS,OAAO,OAAO,WAAW,WAAW,OAAO,SAAS;AACnE,MAAI,OACF,aAAY,KAAK,GAAG,IAAI,IAAI,cAAc,OAAO,MAAM,CAAC,GAAG;AAI7D,MAAI,OAAO,WAAW,KAAK,CAAC,sBAAsB,OAAO,CACvD,QAAO;GAAE,QAAQ;GAAM;GAAS;GAAQ;;AAK5C,QAAO;EACL,QAAQ;EACR;EACA;EACA,OAAO;EACP,eANoB,YAAY,SAAS,IAAI,YAAY,KAAK,KAAK,GAAG,KAAA;EAOvE;;;AAQH,SAAgB,eAAe,YAA0D;AAGvF,QAAO,WAAW,KAAK,mBAAmB;EAAE,OAAO;EAAI,QAAQ;EAAM,CAAC;;;AAIxE,SAAgB,aAAa,YAAuD;AAClF,QAAO,WAAW,KAAK,+BAA+B,EAAE,CAAC;;;AAa3D,eAAsB,eAAe,YAAsD;CACzF,MAAM,EAAE,SAAS,MAAM,WAAW,KAAK,0BAA0B,EAAE,QAAQ,OAAO,CAAC;AACnF,QAAO;EAAE;EAAM,SAAS,yBAAyB;EAAQ,UAAU;EAAa;;;;;;;;;;;;;;;;;;;;;;AA2BlF,MAAa,6BAA6B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAuDxC,MAAM;;;;;;;;AAuER,SAAgB,wBAAwB,UAAwC;AAC9E,KAAI,OAAO,aAAa,SACtB,OAAM,IAAI,MACR,sDAAsD,OAAO,SAAS,0BACvE;CAEH,IAAI;AACJ,KAAI;AACF,WAAS,KAAK,MAAM,SAAS;SACvB;AACN,QAAM,IAAI,MAAM,sDAAsD,WAAW;;AAEnF,KAAI,OAAO,WAAW,YAAY,WAAW,QAAQ,MAAM,QAAQ,OAAO,CACxE,OAAM,IAAI,MAAM,oDAAoD;CAEtE,MAAM,MAAM;CAEZ,SAAS,cACP,KACqE;EACrE,MAAM,IAAI,IAAI;AACd,MAAI,MAAM,QAAQ,MAAM,KAAA,EAAW,QAAO;AAC1C,MAAI,OAAO,MAAM,SAAU,QAAO;EAClC,MAAM,IAAI;AACV,SAAO;GACL,KAAK,OAAO,EAAE,QAAQ,WAAW,EAAE,MAAM;GACzC,OAAO,OAAO,EAAE,UAAU,WAAW,EAAE,QAAQ;GAC/C,QAAQ,OAAO,EAAE,WAAW,WAAW,EAAE,SAAS;GAClD,MAAM,OAAO,EAAE,SAAS,WAAW,EAAE,OAAO;GAC7C;;CAGH,MAAM,SAAS,cAAc,SAAS,IAAI;EAAE,KAAK;EAAG,OAAO;EAAG,QAAQ;EAAG,MAAM;EAAG;CAClF,MAAM,YAAY,cAAc,YAAY;CAC5C,MAAM,iBAAiB,OAAO,IAAI,mBAAmB,WAAW,IAAI,iBAAiB,KAAA;CACrF,MAAM,eAAe,OAAO,IAAI,iBAAiB,WAAW,IAAI,eAAe;CAC/E,MAAM,qBACJ,OAAO,IAAI,uBAAuB,WAAW,IAAI,qBAAqB;CACxE,MAAM,aAAa,OAAO,IAAI,eAAe,WAAW,IAAI,aAAa;CACzE,MAAM,cAAc,OAAO,IAAI,gBAAgB,WAAW,IAAI,cAAc;CAC5E,MAAM,mBAAmB,OAAO,IAAI,qBAAqB,WAAW,IAAI,mBAAmB;CAC3F,MAAM,YAAY,OAAO,IAAI,cAAc,WAAW,IAAI,YAAY;AAEtE,QAAO;EACL;EACA;EACA,GAAI,mBAAmB,KAAA,IAAY,EAAE,gBAAgB,GAAG,EAAE;EAC1D;EACA;EACA;EACA;EACA;EACA;EACD;;;;;;;;AASH,eAAsB,gBAAgB,YAAyD;CAC7F,MAAM,SAAS,MAAM,WAAW,KAAK,oBAAoB;EACvD,YAAY;EACZ,eAAe;EACf,cAAc;EACf,CAAC;AACF,KAAI,OAAO,kBAAkB;EAC3B,MAAM,MACJ,OAAO,iBAAiB,WAAW,eACnC,OAAO,iBAAiB,QACxB;AACF,QAAM,IAAI,MAAM,oCAAoC,MAAM;;AAE5D,QAAO,wBAAwB,OAAO,OAAO,MAAM;;;;;;;;;;AAgCrD,eAAsB,SACpB,YACA,YACyB;CACzB,MAAM,SAAS,MAAM,WAAW,KAAK,oBAAoB;EACvD;EACA,eAAe;EACf,cAAc;EACf,CAAC;AACF,KAAI,OAAO,kBAAkB;EAE3B,MAAM,MACJ,OAAO,iBAAiB,WAAW,eACnC,OAAO,iBAAiB,QACxB;AACF,QAAM,IAAI,MAAM,oBAAoB,MAAM;;AAE5C,QAAO;EAAE,OAAO,OAAO,OAAO;EAAO,MAAM,OAAO,OAAO;EAAM;;;;;;;;;;;;;;AAiCjE,SAAgB,uBAAuB,MAAc,MAAyB;AAG5E,QACE,sOAHe,KAAK,UAAU,KAAK,CAQY,OAPhC,KAAK,UAAU,KAAK,CAO4B;;;;;;;;AAenE,SAAgB,uBAAuB,UAAkC;AACvE,KAAI,OAAO,aAAa,SACtB,OAAM,IAAI,MACR,8CAA8C,OAAO,SAAS,0BAC/D;CAEH,IAAI;AACJ,KAAI;AACF,WAAS,KAAK,MAAM,SAAS;SACvB;AAEN,QAAM,IAAI,MAAM,4CAA4C;;AAE9D,KAAI,OAAO,WAAW,YAAY,WAAW,QAAQ,MAAM,QAAQ,OAAO,CACxE,OAAM,IAAI,MAAM,2CAA2C;CAE7D,MAAM,MAAM;AACZ,KAAI,IAAI,OAAO,KACb,QAAO;EAAE,IAAI;EAAM,OAAO,IAAI;EAAO;AAEvC,KAAI,IAAI,OAAO,MACb,QAAO;EAAE,IAAI;EAAO,OAAO,OAAO,IAAI,UAAU,WAAW,IAAI,QAAQ,OAAO,IAAI,MAAM;EAAE;AAE5F,OAAM,IAAI,MAAM,+CAA6C;;;;;;;;;;;;;AAc/D,SAAS,oBACP,YACA,aACA,WAC+B;CAC/B,MAAM,SAAS,WAAW,kBAAkB,0BAA0B;AAEtE,MAAK,IAAI,IAAI,OAAO,SAAS,GAAG,KAAK,GAAG,KAAK;EAC3C,MAAM,IAAI,OAAO;AACjB,MAAI,EAAE,aAAa,eAAe,EAAE,aAAa,UAC/C,QAAO,mBAAmB,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;AA4BlC,eAAsB,QACpB,YACA,MACA,MACwB;CAExB,MAAM,YAAY,gBAAgB,KAAK;AACvC,KAAI,cAAc,KAAA,GAAW;EAC3B,MAAM,aAAa,UAAU,aAAa,KAAK;AAC/C,MAAI,CAAC,WAAW,GAOd,QAAO;GAAE,IAAI;GAAO,OAJlB,aAAa,KAAK,sBACX,WAAW,SAAS,QACpB,WAAW,SAAS,YAChB,UAAU;GACe;OAIxC,iBAAgB,KAAK;CAGvB,MAAM,YAAY,KAAK,KAAK;CAC5B,MAAM,aAAa,uBAAuB,MAAM,KAAK;CACrD,MAAM,SAAS,MAAM,WAAW,KAAK,oBAAoB;EACvD;EACA,eAAe;EACf,cAAc;EACf,CAAC;CACF,MAAM,UAAU,KAAK,KAAK;AAE1B,KAAI,OAAO,kBAAkB;EAE3B,MAAM,MACJ,OAAO,iBAAiB,WAAW,eACnC,OAAO,iBAAiB,QACxB;AACF,QAAM,IAAI,MAAM,mBAAmB,MAAM;;CAG3C,MAAM,YAAY,uBAAuB,OAAO,OAAO,MAAM;CAK7D,MAAM,kBAAkB,oBAAoB,YAAY,YAAY,IAAI,UAAU,IAAI;AAEtF,KAAI,oBAAoB,KAAA,EACtB,QAAO;EAAE,GAAG;EAAW;EAAiB;AAE1C,QAAO;;;AAQT,MAAM,iBAAiB,IAAI,IAAY;CACrC;CACA;CACA;CACD,CAAC;;AAGF,SAAgB,cAAc,MAAuB;AACnD,QAAO,eAAe,IAAI,KAAK;;;AAIjC,SAAgB,kBAAkB,QAA+C;AAC/E,QAAO,OAAO,IAAI,wBAAwB;;;AAI5C,SAAgB,aAAa,QAA0C;AACrE,QAAO,OAAO,IAAI,mBAAmB;;;AAIvC,SAAgB,0BAA0B,QAAuD;AAC/F,QAAO,OAAO,IAAI,gCAAgC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AC/pCpD,MAAM,YAAY;;AAGlB,MAAM,SAAS;;;;;;;;;;AAWf,SAAgB,aAAa,QAAgB,OAAe,KAAK,KAAK,EAAU;CAC9E,MAAM,MAAM,OAAO,KAAK,QAAQ,MAAM;CAGtC,MAAM,UAAU,KAAK,IAAI,GAAG,KAAK,MAAM,OAAO,MAAO,UAAU,CAAC;CAGhE,MAAM,aAAa,OAAO,MAAM,EAAE;CAGlC,MAAM,KAAK,KAAK,MAAM,UAAU,WAAY;CAC5C,MAAM,KAAK,YAAY;AACvB,YAAW,cAAc,IAAI,EAAE;AAC/B,YAAW,cAAc,IAAI,EAAE;CAE/B,MAAM,MAAM,WAAW,QAAQ,IAAI,CAAC,OAAO,WAAW,CAAC,QAAQ;CAG/D,MAAM,SAAS,IAAI,MAAM;AAQzB,WANI,IAAI,UAAU,QAAS,MACvB,IAAI,SAAS,KAAK,QAAS,MAC3B,IAAI,SAAS,KAAK,QAAS,IAC5B,IAAI,SAAS,KAAK,OAEC,MAAM,QACjB,UAAU,CAAC,SAAS,QAAQ,IAAI;;;;;;;;;;;;;;;;AAiB7C,SAAgB,WACd,QACA,MACA,OAAe,KAAK,KAAK,EACzB,OAAe,GACN;CACT,MAAM,aAAa,OAAO,KAAK,CAAC,SAAS,QAAQ,IAAI;AACrD,KAAI,WAAW,WAAW,UAAU,CAAC,UAAU,KAAK,WAAW,CAC7D,QAAO;CAGT,MAAM,eAAe,OAAO,KAAK,YAAY,OAAO;AAEpD,MAAK,IAAI,QAAQ,CAAC,MAAM,SAAS,MAAM,SAAS;EAE9C,MAAM,WAAW,aAAa,QADb,OAAO,QAAQ,YAAY,IACG;AAE/C,MAAI,gBADgB,OAAO,KAAK,UAAU,OAAO,EAChB,aAAa,CAC5C,QAAO;;AAIX,QAAO;;;;;;;;;;;;;;;;;;;;;ACxFT,SAAgB,sBAA8B;AAC5C,QAAO,YAAY,GAAG,CAAC,SAAS,MAAM;;;AAYxC,eAAe,uBAAsC;CACnD,MAAM,EAAE,eAAe,MAAM,OAAO;AACpC,KAAI,CAAC,WAAW,IAAI,CAClB,OAAM,QAAQ,IAAI;;;;;;AAQtB,eAAsB,iBAAiB,WAAyC;AAC9E,OAAM,sBAAsB;CAE5B,MAAM,SAAS,OAAO,MAAM,oBAAoB,YAAY;CAE5D,MAAM,MAAM,MAAM,IAAI,SAAiB,SAAS,WAAW;EACzD,MAAM,SAAS,aAAqB;AAClC,YAAS;AACT,WAAQ,SAAS;;EAEnB,MAAM,WAAW,QAAe;AAC9B,YAAS;AACT,UAAO,IAAI;;EAEb,MAAM,UAAU,SAAwB;AACtC,YAAS;AACT,0BAAO,IAAI,MAAM,mDAAmD,KAAK,GAAG,CAAC;;EAE/E,MAAM,gBAAgB;AACpB,UAAO,IAAI,OAAO,MAAM;AACxB,UAAO,IAAI,SAAS,QAAQ;AAC5B,UAAO,IAAI,QAAQ,OAAO;;AAE5B,SAAO,KAAK,OAAO,MAAM;AACzB,SAAO,KAAK,SAAS,QAAQ;AAC7B,SAAO,KAAK,QAAQ,OAAO;GAC3B;AAEF,QAAO;EACL;EACA,QAAQ,IAAI,QAAQ,UAAU,MAAM;EACpC,YAAY;AACV,UAAO,MAAM;;EAEhB;;;;;;;;;;;;;;;;;;;AAgCH,eAAsB,SAAS,MAA+B;CAG5D,MAAM,EAAE,SAAS,WAAW,MAAM,OAAO;CACzC,MAAM,KAAK,OAAO,OAAO,MAAM,EAAE,sBAAsB,KAAK,CAAC;CAC7D,MAAM,OAAe,GAAG,QAAQ;CAChC,MAAM,OAAmB,GAAG,QAAQ;CAEpC,MAAM,UAAU,GAAW,MAAuB;AAChD,MAAI,IAAI,KAAK,IAAI,KAAK,KAAK,QAAQ,KAAK,KAAM,QAAO;AACrD,SAAO,KAAK,IAAI,OAAO,OAAO;;CAGhC,MAAM,QAAQ;CACd,MAAM,QAAkB,EAAE;AAC1B,MAAK,IAAI,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,GAAG;EAC7C,IAAI,OAAO;AACX,OAAK,IAAI,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK;GAC1C,MAAM,MAAM,OAAO,GAAG,EAAE;GACxB,MAAM,MAAM,OAAO,GAAG,IAAI,EAAE;AAC5B,WAAQ,OAAO,MAAM,MAAM,MAAM,MAAM,MAAM,MAAM;;AAErD,QAAM,KAAK,KAAK;;AAElB,QAAO,GAAG,MAAM,KAAK,KAAK,CAAC;;;;;;;;;;;;AAa7B,eAAsB,mBAAmB,OAA2C;CAIlF,MAAM,KAAK,MAAM,SAAS,MAAM,OAAO;CAEvC,MAAM,WAAW,MAAM,cACnB,+EACA;AAEJ,QAAO;EACL;EACA;EACA;EACA,oBAAoB,MAAM;EAC1B;EACA;EACA;EACA;EACA;EACA;EACA;EACD,CAAC,KAAK,KAAK;;;AAId,eAAsB,kBAAkB,OAAyC;CAC/E,MAAM,SAAS,MAAM,mBAAmB,MAAM;AAC9C,SAAQ,OAAO,MAAM,GAAG,OAAO,IAAI;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACzDrC,SAAgB,kBAAkB,MAA+B;CAC/D,MAAM,EACJ,YACA,WACA,iBACA,yBAAyB,KACzB,iBACE;CAEJ,MAAM,SAAS,IAAI,OACjB;EAAE,MAAM;EAAa,SAAA;EAAsB,EAG3C,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa,MAAM,EAAE,EAAE,CACnD;AAED,QAAO,kBAAkB,8BAA8B;AAOrD,SAAO,EAAE,OANQ,WAAW,aAAa,CAAC,SAAS,IAE/C,uBAAuB,KAAK,UAAU,EAAE,GAAG,MAAM,EAAE,GACnD,uBAAuB,QAAQ,SAAS,qBAAqB,IAAI,KAAK,KAAK,CAAC,CAAC,KAC1E,UAAU,EAAE,GAAG,MAAM,EACvB,EACW;GAChB;AAEF,QAAO,kBAAkB,uBAAuB,OAAO,YAAY;EACjE,MAAM,OAAO,QAAQ,OAAO;AAC5B,MAAI,CAAC,gBAAgB,KAAK,CACxB,QAAO;GACL,SAAS,CAAC;IAAE,MAAM;IAAQ,MAAM,iBAAiB;IAAQ,CAAC;GAC1D,SAAS;GACV;AAMH,MAAI,cAAc,KAAK,CACrB,KAAI;AACF,SAAM,WAAW,eAAe;AAChC,WAAQ,MAAR;IACE,KAAK,wBACH,QAAOC,aAAW,MAAM,kBAAkB,UAAU,CAAC;IACvD,KAAK,mBACH,QAAOA,aAAW,MAAM,aAAa,UAAU,CAAC;IAClD,KAAK,gCACH,QAAOA,aAAW,MAAM,0BAA0B,UAAU,CAAC;IAC/D,QACE,QAAO,YAAY,KAAK;;WAErB,KAAK;AACZ,UAAO,YAAY,KAAK,KAAK;;AAMjC,MAAI,SAAS,oBAAoB;GAC/B,MAAM,YAAY,QAAQ,OAAO,WAAW;AAC5C,OAAI,OAAO,cAAc,YAAY,cAAc,GACjD,QAAO;IACL,SAAS,CAAC;KAAE,MAAM;KAAQ,MAAM;KAAqD,CAAC;IACtF,SAAS;IACV;GAEH,MAAM,gBAAgB,QAAQ,OAAO,WAAW,oBAAoB;GAEpE,MAAM,gBAAgB,QAAQ,OAAO,WAAW,oBAAoB;AAEpE,OAAI;IACF,MAAM,EAAE,WAAW,UAAU,qBAAqB,eAChD,WACA,iBAAiB,CAClB;IAGD,MAAM,gBAAgB,mBAAmB,sBAAsB,iBAAiB,QAAQ;IAExF,MAAM,SACJ;AAGF,QAAI,iBAAiB,gBAAgB,IAAI,cAAc;KAIrD,MAAM,gBAAgB,MAAM,gBAHZ,aAAa,mBAAmB,UAAU,EAC3C,oBAAoB,aAAa,KAAK,YAAY,mBAAmB,UAAU,GAElC;AAE5D,SAAI,cAAc,QAAQ;MAGxB,MAAM,YACJ,GAAG,gBAAgB,OAAO,IACvB,KAAK,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,4CAEjC,cAAc;AAExB,UAAI,CAAC,cACH,QAAO,EAAE,SAAS,CAAC;OAAE,MAAM;OAAiB,MAAM;OAAW,CAAC,EAAE;MAIlE,MAAM,mBAAmB;MACzB,MAAM,aAAa;MACnB,MAAM,WAAW,KAAK,KAAK,GAAG;MAC9B,IAAI,gBAA0D,EAAE;AAChE,aAAO,KAAK,KAAK,GAAG,UAAU;AAC5B,uBAAgB,WAAW,aAAa;AACxC,WAAI,cAAc,SAAS,EAAG;AAC9B,aAAM,IAAI,SAAe,MAAM,WAAW,GAAG,iBAAiB,CAAC;;AAGjE,UAAI,cAAc,WAAW,EAC3B,QAAO;OACL,SAAS,CACP;QACE,MAAM;QACN,MACE,GAAG,UAAU,8BAA8B,aAAa,IAAK;QAEhE,CACF;OACD,SAAS;OACV;MAGH,MAAM,cAAc,UAAU,YAAY,iBAAiB,CAAC;AAC5D,aAAO,EACL,SAAS,CACP;OACE,MAAM;OACN,MAAM,GAAG,UAAU,MAAM,KAAK,UAAU,aAAa,MAAM,EAAE;OAC9D,CACF,EACF;;KAIH,MAAM,aAAa,cAAc,gBAC7B,aAAa,cAAc,kBAC3B;KACJ,MAAM,eACJ,+CACG,cAAc,QAAQ,gBACV,cAAc,WAC7B,aACA;KACF,MAAM,KAAK,MAAM,SAAS,UAAU;KACpC,MAAM,WAAW,GAAG,gBAAgB,eAAe,OAAO,IAAI,KAAK,UAAU;MAAE;MAAW;MAAU,EAAE,MAAM,EAAE,CAAC,MAAM;AAErH,SAAI,CAAC,cACH,QAAO,EAAE,SAAS,CAAC;MAAE,MAAM;MAAiB,MAAM;MAAU,CAAC,EAAE;KAIjE,MAAM,sBAAsB;KAC5B,MAAM,gBAAgB;KACtB,MAAM,YAAY,KAAK,KAAK,GAAG;KAC/B,IAAI,kBAA4D,EAAE;AAClE,YAAO,KAAK,KAAK,GAAG,WAAW;AAC7B,wBAAkB,WAAW,aAAa;AAC1C,UAAI,gBAAgB,SAAS,EAAG;AAChC,YAAM,IAAI,SAAe,MAAM,WAAW,GAAG,oBAAoB,CAAC;;AAGpE,SAAI,gBAAgB,WAAW,EAC7B,QAAO;MACL,SAAS,CACP;OACE,MAAM;OACN,MACE,GAAG,SAAS,8BAA8B,gBAAgB,IAAK;OAElE,CACF;MACD,SAAS;MACV;KAGH,MAAM,gBAAgB,UAAU,YAAY,iBAAiB,CAAC;AAC9D,YAAO,EACL,SAAS,CACP;MACE,MAAM;MACN,MAAM,GAAG,SAAS,MAAM,KAAK,UAAU,eAAe,MAAM,EAAE;MAC/D,CACF,EACF;;IAIH,MAAM,KAAK,MAAM,SAAS,UAAU;IACpC,MAAM,WAAW,GAAG,gBAAgB,OAAO,IAAI,KAAK,UAAU;KAAE;KAAW;KAAU,EAAE,MAAM,EAAE,CAAC,MAAM;AAEtG,QAAI,CAAC,cACH,QAAO,EACL,SAAS,CAAC;KAAE,MAAM;KAAiB,MAAM;KAAU,CAAC,EACrD;IAMH,MAAM,mBAAmB;IACzB,MAAM,aAAa;IACnB,MAAM,WAAW,KAAK,KAAK,GAAG;IAC9B,IAAI,gBAA0D,EAAE;AAChE,WAAO,KAAK,KAAK,GAAG,UAAU;AAC5B,qBAAgB,WAAW,aAAa;AACxC,SAAI,cAAc,SAAS,EAAG;AAC9B,WAAM,IAAI,SAAe,MAAM,WAAW,GAAG,iBAAiB,CAAC;;AAGjE,QAAI,cAAc,WAAW,EAC3B,QAAO;KACL,SAAS,CACP;MACE,MAAM;MACN,MACE,GAAG,SAAS,8BAA8B,aAAa,IAAK;MAE/D,CACF;KACD,SAAS;KACV;IAGH,MAAM,cAAc,UAAU,YAAY,iBAAiB,CAAC;AAC5D,WAAO,EACL,SAAS,CACP;KACE,MAAM;KACN,MAAM,GAAG,SAAS,MAAM,KAAK,UAAU,aAAa,MAAM,EAAE;KAC7D,CACF,EACF;YACM,KAAK;AACZ,WAAO,YAAY,KAAK,KAAK;;;AAIjC,MAAI;AAGF,SAAM,WAAW,eAAe;WACzB,KAAK;GACZ,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI;AAChE,OAAI,SAAS,aAEX,QAAOA,aAAW,UAAU,YAAY,iBAAiB,CAAC,CAAC;AAE7D,UAAO;IACL,SAAS,CACP;KACE,MAAM;KACN,MAAM,GAAG,QAAQ;KAClB,CACF;IACD,SAAS;IACV;;AAGH,MAAI;AACF,WAAQ,MAAR;IACE,KAAK,wBACH,QAAOA,aAAW,oBAAoB,WAAW,CAAC;IACpD,KAAK,mBAAmB;KACtB,MAAM,WAAW,QAAQ,OAAO,WAAW;AAE3C,YAAOA,aAAW,EAAE,YAAY,eAAe,YADjC,OAAO,aAAa,YAAY,WAAW,IAAI,WAAW,GACP,EAAE,CAAC;;IAEtE,KAAK,wBACH,QAAOA,aAAW,oBAAoB,WAAW,CAAC;IACpD,KAAK,aACH,QAAOA,aAAW,UAAU,YAAY,iBAAiB,CAAC,CAAC;IAC7D,KAAK,mBACH,QAAOA,aAAW,MAAM,eAAe,WAAW,CAAC;IACrD,KAAK,gBACH,QAAOA,aAAW,MAAM,aAAa,WAAW,CAAC;IACnD,KAAK,mBAAmB;KACtB,MAAM,OAAO,MAAM,eAAe,WAAW;AAC7C,YAAO,EACL,SAAS,CAAC;MAAE,MAAM;MAAkB,MAAM,KAAK;MAAM,UAAU,KAAK;MAAU,CAAC,EAChF;;IAEH,KAAK,oBACH,QAAOA,aAAW,MAAM,gBAAgB,WAAW,CAAC;IACtD,KAAK,YAAY;KACf,MAAM,aAAa,QAAQ,OAAO,WAAW;AAC7C,SAAI,OAAO,eAAe,YAAY,eAAe,GACnD,QAAO;MACL,SAAS,CACP;OAAE,MAAM;OAAiB,MAAM;OAA6C,CAC7E;MACD,SAAS;MACV;AAGH,YAAOA,aAAW,MAAM,SAAS,YAAY,WAAW,CAAC;;IAE3D,KAAK,YAAY;KACf,MAAM,UAAU,QAAQ,OAAO,WAAW;AAC1C,SAAI,OAAO,YAAY,YAAY,YAAY,GAC7C,QAAO;MACL,SAAS,CAAC;OAAE,MAAM;OAAiB,MAAM;OAAuC,CAAC;MACjF,SAAS;MACV;KAEH,MAAM,UAAU,QAAQ,OAAO,WAAW;AAG1C,YAAOA,aAAW,MAAM,QAAQ,YAAY,SAFjB,MAAM,QAAQ,QAAQ,GAAG,UAAU,EAAE,CAEH,CAAC;;IAEhE,QACE,QAAO,YAAY,KAAK;;WAErB,KAAK;AACZ,UAAO,YAAY,KAAK,KAAK;;GAE/B;AAEF,QAAO;;AAGT,SAASA,aAAW,OAAgB;AAClC,QAAO,EAAE,SAAS,CAAC;EAAE,MAAM;EAAiB,MAAM,KAAK,UAAU,OAAO,MAAM,EAAE;EAAE,CAAC,EAAE;;AAGvF,SAAS,YAAY,MAAc;AACjC,QAAO;EAAE,SAAS,CAAC;GAAE,MAAM;GAAiB,MAAM,iBAAiB;GAAQ,CAAC;EAAE,SAAS;EAAM;;AAG/F,SAAS,YAAY,KAAc,MAAc;AAE/C,QAAO;EACL,SAAS,CACP;GACE,MAAM;GACN,MAAM,GAAG,KAAK,WALJ,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI,CAKzB;GAClC,CACF;EACD,SAAS;EACV;;;;;;;;;;;;;;;;AAiBH,SAAgB,mBACd,YACA,QACA,aAAa,KACK;CAClB,IAAI,cAAc,WAAW,aAAa,CAAC,SAAS;AAEpD,KAAI,YACG,QAAO,qBAAqB;CAGnC,MAAM,SAAS,kBAAkB;EAC/B,MAAM,aAAa,WAAW,aAAa,CAAC,SAAS;AACrD,MAAI,CAAC,eAAe,YAAY;AAC9B,iBAAc;AAET,UAAO,qBAAqB;AACjC,iBAAc,OAAO;;IAEtB,WAAW;AAEd,QAAO,EACL,OAAO;AACL,gBAAc,OAAO;IAExB;;;;;;;;;;;;;;;AA4BH,SAAgB,uBAEF;CACZ,MAAM,SAAS,QAAQ,IAAI;AAC3B,KAAI,CAAC,OAAQ,QAAO,KAAA;AAEpB,SAAQ,QAAQ;EAGd,MAAM,SAAS,IAAI,OAAO;EAC1B,MAAM,SAAS,OAAO,QAAQ,IAAI;EAClC,MAAM,WAAW,WAAW,KAAK,KAAK,OAAO,MAAM,SAAS,EAAE;AAK9D,SAAO,WAAW,QAJH,IAAI,gBAAgB,SAAS,CACxB,IAAI,KAAK,IAAI,GAGF;;;;;;;;;;;AAYnC,eAAsB,eAAe,UAAiC,EAAE,EAAiB;CAIvF,MAAM,YAAY,QAAQ,aAAa;CAGvC,MAAM,aAAa,sBAAsB;CACzC,MAAM,cAAc,eAAe,KAAA;CAEnC,MAAM,QAAQ,MAAM,eAAe;EAAE,MAAM;EAAW;EAAY,CAAC;CAGnE,IAAI,SAA6B;CACjC,IAAI,eAA6B;EAAE,IAAI;EAAO,QAAQ;EAAM;AAG7C,sBAAqB;AAShB,kBAAiB,MAAM,KAAK,CAAC,MAC9C,MAAM;AACL,WAAS;AACT,iBAAe;GAAE,IAAI;GAAM,QAAQ,EAAE;GAAQ;AAC7C,SAAO,kBAAkB;GAAE,QAAQ,EAAE;GAAQ;GAAa,CAAC;KAE5D,QAAQ;EACP,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI;AAChE,UAAQ,OAAO,MACb,wDAAwD,QAAQ;EAEjE;GAEJ;CAKD,MAAM,aAAa,IAAI,kBAAkB,EAAE,cAAc,MAAM,SAAS,CAAC;CAEzE,MAAM,YAAY,IAAI,cAAc,WAAW;CAK/C,IAAI;AACJ,KAAI;AACF,aAAW,MAAM,mBAAmB;UAC7B,KAAc;EACrB,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI;AAChE,UAAQ,OAAO,MACb,uDAAuD,QAAQ,IAChE;;CAGH,MAAM,SAAS,kBAAkB;EAC/B;EACA;EACA,uBAAuB;EACvB,IAAI,eAAe;AACjB,UAAO;;EAEV,CAAC;CAEF,MAAM,YAAY,IAAI,sBAAsB;CAU5C,IAAI,SAAS;CACb,IAAI,gBAAyC;CAE7C,MAAM,iBAAiB;AAErB,MAAI,OAAQ;AACZ,WAAS;AAET,iBAAe,MAAM;AACrB,aAAW,OAAO;AAElB,UAAQ,MAAM;AAET,QAAM,OAAO;AACb,SAAO,OAAO;AACd,YAAU,OAAO;;AAIxB,SAAQ,KAAK,UAAU,SAAS;AAChC,SAAQ,KAAK,WAAW,SAAS;AAEjC,SAAQ,KAAK,UAAU,SAAS;AAIhC,SAAQ,GAAG,cAAc;AACvB,MAAI,CAAC,QAAQ;AACX,YAAS;AACT,kBAAe,MAAM;AACrB,WAAQ,MAAM;;GAEhB;AAKF,SAAQ,GAAG,sBAAsB,QAAQ;AACvC,UAAQ,OAAO,MAAM,kCAAkC,OAAO,IAAI,CAAC,IAAI;AACvE,YAAU;AACV,UAAQ,KAAK,EAAE;GACf;AAEF,SAAQ,GAAG,uBAAuB,WAAW;AAC3C,UAAQ,OAAO,MAAM,mCAAmC,OAAO,OAAO,CAAC,IAAI;AAC3E,YAAU;AACV,UAAQ,KAAK,EAAE;GACf;AAEF,OAAM,OAAO,QAAQ,UAAU;AAI/B,iBAAgB,mBAAmB,YAAY,OAAO;;;;;;;;;;;;;;;;;;;;AAkCxD,eAAsB,oBAAoB,UAAsC,EAAE,EAAiB;CAIjG,MAAM,WAAW,MAAM,eAAe;EAAE,MAHxB,QAAQ,WAAW;EAGoB,QAFxC,QAAQ,UAAU,QAAQ,IAAI,oBAAoB;EAEF,CAAC;AAIhE,OAAM,IAAI,SAAe,MAAM,WAAW,GAAG,IAAI,CAAC;CAElD,MAAM,aAAa,IAAI,mBAAmB,EAAE,iBAAiB,SAAS,aAAa,CAAC;CAEpF,MAAM,YAAY,IAAI,cAAc,WAAW;CAK/C,MAAM,eAA6B;EAAE,IAAI;EAAO,QAAQ;EAAM;CAE9D,MAAM,SAAS,kBAAkB;EAC/B;EACA;EACA,uBAAuB;EACxB,CAAC;CAEF,MAAM,YAAY,IAAI,sBAAsB;CAE5C,IAAI,SAAS;CACb,IAAI,gBAAyC;CAE7C,MAAM,iBAAiB;AACrB,MAAI,OAAQ;AACZ,WAAS;AACT,iBAAe,MAAM;AACrB,aAAW,OAAO;AAClB,WAAS,MAAM;AACV,SAAO,OAAO;;AAGrB,SAAQ,KAAK,UAAU,SAAS;AAChC,SAAQ,KAAK,WAAW,SAAS;AACjC,SAAQ,KAAK,UAAU,SAAS;AAEhC,SAAQ,GAAG,cAAc;AACvB,MAAI,CAAC,QAAQ;AACX,YAAS;AACT,kBAAe,MAAM;AACrB,YAAS,MAAM;;GAEjB;AAEF,SAAQ,GAAG,sBAAsB,QAAQ;AACvC,UAAQ,OAAO,MAAM,wCAAwC,OAAO,IAAI,CAAC,IAAI;AAC7E,YAAU;AACV,UAAQ,KAAK,EAAE;GACf;AAEF,SAAQ,GAAG,uBAAuB,WAAW;AAC3C,UAAQ,OAAO,MAAM,yCAAyC,OAAO,OAAO,CAAC,IAAI;AACjF,YAAU;AACV,UAAQ,KAAK,EAAE;GACf;AAEF,OAAM,OAAO,QAAQ,UAAU;AAI/B,iBAAgB,mBAAmB,YAAY,OAAO;;;;AChvBxD,SAAS,SAAS,OAAkD;AAClE,QAAO,OAAO,UAAU,YAAY,UAAU;;AAGhD,IAAa,gBAAb,MAAgD;CAC9C;CACA;CAEA,YAAY,SAA+B;AACzC,OAAK,gBAAgB,QAAQ;AAC7B,OAAK,YAAY,QAAQ,eAAe,QAAQ,MAAM,IAAI;;CAG5D,MAAc,aAAoC;EAChD,MAAM,MAAM,MAAM,KAAK,UAAU,KAAK,cAAc;AACpD,MAAI,CAAC,IAAI,GACP,OAAM,IAAI,MACR,mCAAmC,KAAK,cAAc,SAAS,IAAI,OAAO,GAAG,IAAI,WAAW,kGAE7F;EAEH,MAAM,OAAO,MAAM,IAAI,MAAM;AAC7B,SAAO,SAAS,KAAK,GAAG,OAAO,EAAE;;CAGnC,MAAM,IAA6B,QAAqC;AACtE,UAAQ,QAAR;GACE,KAAK,mBAEH,QADc,MAAM,KAAK,YAAY;GAGvC,KAAK,iCAAiC;IACpC,MAAM,QAAQ,MAAM,KAAK,YAAY;AAIrC,WAD0C;KAAE,aAFxB,OAAO,MAAM,gBAAgB,WAAW,MAAM,cAAc;KAEvB,YADtC,OAAO,MAAM,eAAe,WAAW,MAAM,aAAa;KACR;;GAGvE,KAAK,yBAAyB;IAI5B,MAAM,OADQ,MAAM,KAAK,YAAY,EACnB;AAGlB,WADkC,EAAE,OADtB,MAAM,QAAQ,IAAI,GAAI,MAAqC,EAAE,EAChC;;GAG7C,QACE,OAAM,IAAI,MAAM,uBAAuB,OAAO,OAAO,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACzChE,MAAM,uBAAuB;CAC3B;EACE,MAAM;EACN,aACE;EAIF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACD;EACE,MAAM;EACN,aACE;EAEF,aAAa;GAAE,MAAM;GAAU,YAAY,EAAE;GAAE,UAAU,EAAE;GAAE;EAC9D;CACF;AAED,MAAM,iBAAiB,IAAI,IAAY,qBAAqB,KAAK,MAAM,EAAE,KAAK,CAAC;;AAQ/E,SAAgB,gBAAgB,OAA4B,EAAE,EAAU;CAEtE,MAAM,gBAAgB,GADF,QAAQ,IAAI,oBAAoB,wBACf;CACrC,MAAM,YAAY,KAAK,aAAa,IAAI,cAAc,EAAE,eAAe,CAAC;CAExE,MAAM,SAAS,IAAI,OACjB;EAAE,MAAM;EAAgB,SAAA;EAAsB,EAC9C,EAAE,cAAc,EAAE,OAAO,EAAE,EAAE,EAAE,CAChC;AAED,QAAO,kBAAkB,+BAA+B,EACtD,OAAO,qBAAqB,KAAK,UAAU,EAAE,GAAG,MAAM,EAAE,EACzD,EAAE;AAEH,QAAO,kBAAkB,uBAAuB,OAAO,YAAY;EACjE,MAAM,OAAO,QAAQ,OAAO;AAC5B,MAAI,CAAC,eAAe,IAAI,KAAK,CAC3B,QAAO;GAAE,SAAS,CAAC;IAAE,MAAM;IAAQ,MAAM,iBAAiB;IAAQ,CAAC;GAAE,SAAS;GAAM;AAGtF,MAAI;GAEF,MAAM,YAAY,SAAS,4BAA4B,qBAAqB;AAC5E,OAAI,CAAC,cAAc,UAAU,CAC3B,QAAO;IAAE,SAAS,CAAC;KAAE,MAAM;KAAQ,MAAM,iBAAiB;KAAQ,CAAC;IAAE,SAAS;IAAM;AAEtF,WAAQ,WAAR;IACE,KAAK,mBACH,QAAO,WAAW,MAAM,aAAa,UAAU,CAAC;IAClD,KAAK,gCACH,QAAO,WAAW,MAAM,0BAA0B,UAAU,CAAC;IAC/D,KAAK,wBACH,QAAO,WAAW,MAAM,kBAAkB,UAAU,CAAC;IACvD,QACE,QAAO;KAAE,SAAS,CAAC;MAAE,MAAM;MAAQ,MAAM,iBAAiB;MAAQ,CAAC;KAAE,SAAS;KAAM;;WAEjF,KAAK;AAEZ,UAAO;IACL,SAAS,CACP;KACE,MAAM;KACN,MACE,GANQ,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI,CAM7C;KAGd,CACF;IACD,SAAS;IACV;;GAEH;AAEF,QAAO;;AAGT,SAAS,WAAW,OAAgB;AAClC,QAAO,EAAE,SAAS,CAAC;EAAE,MAAM;EAAiB,MAAM,KAAK,UAAU,OAAO,MAAM,EAAE;EAAE,CAAC,EAAE;;;AAIvF,eAAsB,eAA8B;CAClD,MAAM,SAAS,iBAAiB;CAChC,MAAM,YAAY,IAAI,sBAAsB;AAC5C,OAAM,OAAO,QAAQ,UAAU;;;;;;;;;;;;;;;;;;;;;;;;AC5HjC,SAAgB,UAAU,MAA+B;AACvD,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KAAK;EACpC,MAAM,MAAM,KAAK;AACjB,MAAI,QAAQ,KAAA,EAAW;AACvB,MAAI,IAAI,WAAW,UAAU,CAC3B,QAAO,cAAc,IAAI,MAAM,EAAiB,CAAC;AAEnD,MAAI,QAAQ,UAAU;GACpB,MAAM,OAAO,KAAK,IAAI;AACtB,OAAI,SAAS,KAAA,EACX,OAAM,IAAI,MAAM,uDAAuD;AAEzE,UAAO,cAAc,KAAK;;;AAG9B,QAAO;;;;;;;;;AAUT,SAAgB,YAAY,MAAiC;AAC3D,MAAK,IAAI,IAAI,GAAG,IAAI,KAAK,QAAQ,KAAK;EACpC,MAAM,MAAM,KAAK;AACjB,MAAI,QAAQ,KAAA,EAAW;AACvB,MAAI,IAAI,WAAW,YAAY,CAC7B,QAAO,gBAAgB,IAAI,MAAM,EAAmB,CAAC;AAEvD,MAAI,QAAQ,YAAY;GACtB,MAAM,OAAO,KAAK,IAAI;AACtB,OAAI,SAAS,KAAA,EACX,OAAM,IAAI,MAAM,2DAA2D;AAE7E,UAAO,gBAAgB,KAAK;;;AAGhC,QAAO;;AAGT,SAAS,cAAc,OAAqB;AAC1C,KAAI,UAAU,MAAO,QAAO;AAC5B,KAAI,UAAU,QAAS,QAAO;AAC9B,OAAM,IAAI,MAAM,mBAAmB,MAAM,yCAAyC;;AAGpF,SAAS,gBAAgB,OAAuB;AAC9C,KAAI,UAAU,QAAS,QAAO;AAC9B,KAAI,UAAU,QAAS,QAAO;AAC9B,OAAM,IAAI,MAAM,qBAAqB,MAAM,2CAA2C;;AAGxF,eAAe,OAAsB;CACnC,MAAM,OAAO,QAAQ,KAAK,MAAM,EAAE;AAElC,KADa,UAAU,KAAK,KACf,MACX,OAAM,cAAc;UAEL,YAAY,KAAK,KACjB,QACb,OAAM,qBAAqB;KAE3B,OAAM,gBAAgB;;;;;;;;;;;;AAe5B,SAAS,eAAwB;CAC/B,MAAM,QAAQ,KAAK;AACnB,KAAI,UAAU,KAAA,EAAW,QAAO;AAChC,KAAI;AACF,SAAO,cAAc,OAAO,KAAK,IAAI,KAAK,aAAa,MAAM;SACvD;AACN,SAAO;;;AAIX,IAAI,cAAc,CAChB,OAAM,CAAC,OAAO,QAAiB;CAC7B,MAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,IAAI;AAChE,SAAQ,OAAO,MAAM,yBAAyB,QAAQ,IAAI;AAC1D,SAAQ,WAAW;EACnB"}