@alfe.ai/openclaw-sync 0.0.17 → 0.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.cts +219 -20
- package/dist/index.d.cts.map +1 -1
- package/dist/index.d.ts +219 -20
- package/dist/index.d.ts.map +1 -1
- package/openclaw.plugin.json +1 -0
- package/package.json +2 -2
package/dist/index.d.cts
CHANGED
|
@@ -232,19 +232,84 @@ interface EncryptedEnvelopeV1 {
|
|
|
232
232
|
authTag: string;
|
|
233
233
|
dataKeyCiphertext: string;
|
|
234
234
|
}
|
|
235
|
-
/**
|
|
235
|
+
/**
|
|
236
|
+
* Display/validation hint for a field's value. `"json"` signals that the
|
|
237
|
+
* string is a JSON-stringified payload that consumers should `JSON.parse`.
|
|
238
|
+
*/
|
|
239
|
+
declare const FIELD_FORMATS: readonly ["text", "email", "url", "phone", "date", "number", "json"];
|
|
240
|
+
type FieldFormat = (typeof FIELD_FORMATS)[number];
|
|
241
|
+
/**
|
|
242
|
+
* Whether a field is stored in plaintext (visible to anyone with read access)
|
|
243
|
+
* or encrypted (requires KMS + the right encryption context to read).
|
|
244
|
+
*/
|
|
245
|
+
declare const FIELD_SENSITIVITIES: readonly ["plaintext", "encrypted"];
|
|
246
|
+
type FieldSensitivity = (typeof FIELD_SENSITIVITIES)[number];
|
|
247
|
+
/**
|
|
248
|
+
* A field on a secret. `value` is always a string at the wire; for encrypted
|
|
249
|
+
* fields it's the plaintext at the API edge (the service encrypts before
|
|
250
|
+
* persistence). Reads from the dashboard omit `value` for encrypted fields;
|
|
251
|
+
* agents get a `FieldEnvelope` instead and decrypt locally.
|
|
252
|
+
*/
|
|
253
|
+
|
|
254
|
+
/**
|
|
255
|
+
* Secret category — drives icon/template/filter behaviour. Defaults to
|
|
256
|
+
* `"other"` for migrated rows.
|
|
257
|
+
*/
|
|
258
|
+
declare const SECRET_CATEGORIES: readonly ["login", "api_key", "database", "ssh_key", "certificate", "secure_note", "credit_card", "identity", "wifi", "other"];
|
|
259
|
+
type SecretCategory = (typeof SECRET_CATEGORIES)[number];
|
|
260
|
+
/**
|
|
261
|
+
* One field as exposed to readers. Encrypted fields have no `value` on the
|
|
262
|
+
* dashboard read path; the agent-side aggregate carries `envelope` instead.
|
|
263
|
+
*/
|
|
264
|
+
interface FieldView {
|
|
265
|
+
key: string;
|
|
266
|
+
format?: FieldFormat;
|
|
267
|
+
sensitivity: FieldSensitivity;
|
|
268
|
+
/** Present for `sensitivity: "plaintext"` only. */
|
|
269
|
+
value?: string;
|
|
270
|
+
/** Present for `sensitivity: "encrypted"` on agent-side reads only. */
|
|
271
|
+
envelope?: EncryptedEnvelopeV1;
|
|
272
|
+
/** Plaintext fields that opt into `format: "json"` are pre-parsed for callers. */
|
|
273
|
+
parsedValue?: unknown;
|
|
274
|
+
rotatedAt?: string;
|
|
275
|
+
createdAt: string;
|
|
276
|
+
updatedAt: string;
|
|
277
|
+
}
|
|
278
|
+
/** A secret as assembled from its multi-row aggregate. */
|
|
279
|
+
interface SecretAggregate {
|
|
280
|
+
secretId: string;
|
|
281
|
+
secretName: string;
|
|
282
|
+
description?: string;
|
|
283
|
+
tags: string[];
|
|
284
|
+
category: SecretCategory;
|
|
285
|
+
fields: FieldView[];
|
|
286
|
+
changelogVersion: number;
|
|
287
|
+
createdAt: string;
|
|
288
|
+
updatedAt: string;
|
|
289
|
+
}
|
|
290
|
+
/** Metadata-only projection — used by list endpoints. */
|
|
236
291
|
interface SecretMetadata {
|
|
237
292
|
secretId: string;
|
|
238
293
|
secretName: string;
|
|
239
294
|
description?: string;
|
|
240
|
-
tags
|
|
295
|
+
tags: string[];
|
|
296
|
+
category: SecretCategory;
|
|
297
|
+
fieldKeys: string[];
|
|
298
|
+
changelogVersion: number;
|
|
241
299
|
createdAt: string;
|
|
242
300
|
updatedAt: string;
|
|
243
|
-
rotatedAt?: string;
|
|
244
301
|
}
|
|
245
|
-
/**
|
|
246
|
-
|
|
302
|
+
/**
|
|
303
|
+
* Per-field encrypted envelope returned to agents on the agent-side aggregate.
|
|
304
|
+
* Agents decrypt locally using a data key fetched from `/decrypt-data-key`.
|
|
305
|
+
*/
|
|
306
|
+
interface FieldEnvelope {
|
|
307
|
+
key: string;
|
|
308
|
+
format?: FieldFormat;
|
|
247
309
|
envelope: EncryptedEnvelopeV1;
|
|
310
|
+
rotatedAt?: string;
|
|
311
|
+
createdAt: string;
|
|
312
|
+
updatedAt: string;
|
|
248
313
|
}
|
|
249
314
|
/** A scope the caller can read or write secrets in. */
|
|
250
315
|
interface ScopeInfo {
|
|
@@ -262,6 +327,30 @@ interface GeneratedDataKey {
|
|
|
262
327
|
plaintextKey: string;
|
|
263
328
|
dataKeyCiphertext: string;
|
|
264
329
|
}
|
|
330
|
+
/**
|
|
331
|
+
* Action types recorded in the secret changelog. Append-only.
|
|
332
|
+
*/
|
|
333
|
+
declare const CHANGELOG_ACTIONS: readonly ["created", "deleted", "metadata_updated", "field_added", "field_rotated", "field_removed", "tag_added", "tag_removed"];
|
|
334
|
+
type ChangelogAction = (typeof CHANGELOG_ACTIONS)[number];
|
|
335
|
+
/** Who triggered a changelog entry. */
|
|
336
|
+
interface ChangelogActor {
|
|
337
|
+
kind: "user" | "agent" | "system";
|
|
338
|
+
id: string;
|
|
339
|
+
}
|
|
340
|
+
/**
|
|
341
|
+
* One audit row from the secret's changelog. Metadata only — never carries
|
|
342
|
+
* field VALUES (old or new). Rolling back a rotated secret is intentionally
|
|
343
|
+
* not supported.
|
|
344
|
+
*/
|
|
345
|
+
interface ChangelogEntry {
|
|
346
|
+
changelogVersion: number;
|
|
347
|
+
action: ChangelogAction;
|
|
348
|
+
fieldKey?: string;
|
|
349
|
+
fieldSensitivity?: FieldSensitivity;
|
|
350
|
+
changedBy: ChangelogActor;
|
|
351
|
+
reason?: string;
|
|
352
|
+
timestamp: string;
|
|
353
|
+
}
|
|
265
354
|
//# sourceMappingURL=secrets.d.ts.map
|
|
266
355
|
//#endregion
|
|
267
356
|
//#region src/index.d.ts
|
|
@@ -559,52 +648,135 @@ declare class AgentApiClient {
|
|
|
559
648
|
recorded: boolean;
|
|
560
649
|
}>;
|
|
561
650
|
/**
|
|
562
|
-
* Mint a fresh AES-256 data key for a
|
|
563
|
-
* context is rebuilt server-side from `auth.tenantId` + the body
|
|
564
|
-
* agent cannot forge context for a scope
|
|
651
|
+
* Mint a fresh AES-256 data key for a specific (secret, field) pair. The
|
|
652
|
+
* encryption context is rebuilt server-side from `auth.tenantId` + the body
|
|
653
|
+
* fields including `fieldKey`; the agent cannot forge context for a scope
|
|
654
|
+
* or field it doesn't own. Legacy single-envelope secrets are migrated to
|
|
655
|
+
* `field#value` rows by the data migration, so call with `fieldKey: "value"`
|
|
656
|
+
* to reach them.
|
|
565
657
|
*/
|
|
566
658
|
generateSecretDataKey(args: {
|
|
567
659
|
scope: SecretScope;
|
|
568
660
|
scopeId: string;
|
|
569
661
|
secretId: string;
|
|
662
|
+
fieldKey: string;
|
|
570
663
|
}): Promise<GeneratedDataKey>;
|
|
571
664
|
/**
|
|
572
665
|
* Unwrap a wrapped data key so the agent can decrypt the envelope locally.
|
|
573
|
-
*
|
|
574
|
-
*
|
|
666
|
+
* `fieldKey` MUST match the value supplied when the data key was generated
|
|
667
|
+
* (it's bound into KMS encryption context); mismatch fails with
|
|
668
|
+
* `InvalidCiphertextException`.
|
|
575
669
|
*/
|
|
576
670
|
decryptSecretDataKey(args: {
|
|
577
671
|
scope: SecretScope;
|
|
578
672
|
scopeId: string;
|
|
579
673
|
secretId: string;
|
|
674
|
+
fieldKey: string;
|
|
580
675
|
dataKeyCiphertext: string;
|
|
581
676
|
}): Promise<{
|
|
582
677
|
plaintextKey: string;
|
|
583
678
|
}>;
|
|
584
|
-
/**
|
|
585
|
-
|
|
679
|
+
/**
|
|
680
|
+
* Create a new secret with one or more fields. Encrypted fields must arrive
|
|
681
|
+
* pre-sealed (the agent has already obtained per-field data keys via
|
|
682
|
+
* `generateSecretDataKey({ ..., fieldKey })` and AES-encrypted locally).
|
|
683
|
+
* Plaintext fields ship the value inline.
|
|
684
|
+
*/
|
|
685
|
+
createSecret(args: {
|
|
586
686
|
scope: SecretScope;
|
|
587
687
|
scopeId: string;
|
|
588
688
|
secretId: string;
|
|
589
689
|
secretName: string;
|
|
590
|
-
|
|
690
|
+
category?: SecretCategory;
|
|
591
691
|
description?: string;
|
|
592
692
|
tags?: string[];
|
|
693
|
+
fields: {
|
|
694
|
+
key: string;
|
|
695
|
+
format?: FieldFormat;
|
|
696
|
+
sensitivity: FieldSensitivity;
|
|
697
|
+
value?: string;
|
|
698
|
+
envelope?: EncryptedEnvelopeV1;
|
|
699
|
+
}[];
|
|
700
|
+
reason?: string;
|
|
701
|
+
}): Promise<SecretAggregate>;
|
|
702
|
+
/** Fetch the secret aggregate plus per-field encrypted envelopes. */
|
|
703
|
+
getSecret(args: {
|
|
704
|
+
scope: SecretScope;
|
|
705
|
+
scopeId: string;
|
|
706
|
+
secretId: string;
|
|
593
707
|
}): Promise<{
|
|
708
|
+
aggregate: SecretAggregate;
|
|
709
|
+
envelopes: FieldEnvelope[];
|
|
710
|
+
}>;
|
|
711
|
+
/** Fetch one field. Plaintext: value inline. Encrypted: envelope. */
|
|
712
|
+
getSecretField(args: {
|
|
713
|
+
scope: SecretScope;
|
|
714
|
+
scopeId: string;
|
|
594
715
|
secretId: string;
|
|
716
|
+
fieldKey: string;
|
|
717
|
+
}): Promise<{
|
|
718
|
+
key: string;
|
|
719
|
+
sensitivity: FieldSensitivity;
|
|
720
|
+
format?: FieldFormat;
|
|
721
|
+
value?: string;
|
|
722
|
+
envelope?: EncryptedEnvelopeV1;
|
|
723
|
+
rotatedAt?: string;
|
|
724
|
+
createdAt: string;
|
|
725
|
+
updatedAt: string;
|
|
595
726
|
}>;
|
|
596
|
-
/**
|
|
597
|
-
|
|
727
|
+
/** Add OR rotate one field. */
|
|
728
|
+
setSecretField(args: {
|
|
598
729
|
scope: SecretScope;
|
|
599
730
|
scopeId: string;
|
|
600
731
|
secretId: string;
|
|
601
|
-
|
|
602
|
-
|
|
732
|
+
fieldKey: string;
|
|
733
|
+
sensitivity: FieldSensitivity;
|
|
734
|
+
format?: FieldFormat;
|
|
735
|
+
value?: string;
|
|
736
|
+
envelope?: EncryptedEnvelopeV1;
|
|
737
|
+
reason?: string;
|
|
738
|
+
}): Promise<{
|
|
739
|
+
fieldKey: string;
|
|
740
|
+
rotated: boolean;
|
|
741
|
+
}>;
|
|
742
|
+
/** Remove one field. */
|
|
743
|
+
removeSecretField(args: {
|
|
744
|
+
scope: SecretScope;
|
|
745
|
+
scopeId: string;
|
|
746
|
+
secretId: string;
|
|
747
|
+
fieldKey: string;
|
|
748
|
+
}): Promise<void>;
|
|
749
|
+
/** Update secret-level metadata (name/description/tags/category). */
|
|
750
|
+
updateSecretMetadata(args: {
|
|
751
|
+
scope: SecretScope;
|
|
752
|
+
scopeId: string;
|
|
753
|
+
secretId: string;
|
|
754
|
+
secretName?: string;
|
|
755
|
+
description?: string;
|
|
756
|
+
tags?: string[];
|
|
757
|
+
category?: SecretCategory;
|
|
758
|
+
reason?: string;
|
|
759
|
+
}): Promise<SecretAggregate>;
|
|
760
|
+
/** List metadata for secrets in a scope. Optional filters route through the byFacet GSI. */
|
|
603
761
|
listSecrets(args: {
|
|
604
762
|
scope: SecretScope;
|
|
605
763
|
scopeId: string;
|
|
764
|
+
category?: SecretCategory;
|
|
765
|
+
tag?: string;
|
|
766
|
+
fieldKey?: string;
|
|
606
767
|
}): Promise<SecretMetadata[]>;
|
|
607
|
-
/**
|
|
768
|
+
/** Bounded changelog read — metadata-only audit entries. */
|
|
769
|
+
getSecretHistory(args: {
|
|
770
|
+
scope: SecretScope;
|
|
771
|
+
scopeId: string;
|
|
772
|
+
secretId: string;
|
|
773
|
+
limit?: number;
|
|
774
|
+
cursor?: string;
|
|
775
|
+
}): Promise<{
|
|
776
|
+
entries: ChangelogEntry[];
|
|
777
|
+
nextCursor?: string;
|
|
778
|
+
}>;
|
|
779
|
+
/** Delete a secret (and all its field rows + tag rows + changelog rows). */
|
|
608
780
|
deleteSecret(args: {
|
|
609
781
|
scope: SecretScope;
|
|
610
782
|
scopeId: string;
|
|
@@ -620,9 +792,14 @@ declare class AgentApiClient {
|
|
|
620
792
|
}): Promise<{
|
|
621
793
|
identityId: string | null;
|
|
622
794
|
status: string;
|
|
623
|
-
accessAllowed: boolean;
|
|
624
795
|
created?: boolean;
|
|
625
796
|
reason?: string;
|
|
797
|
+
/**
|
|
798
|
+
* Flattened auriclabs permission strings for the resolved identity
|
|
799
|
+
* (scope-prefixed where applicable). Empty array on miss / org service
|
|
800
|
+
* outage — the runtime gate fails closed in that case.
|
|
801
|
+
*/
|
|
802
|
+
permissions: string[];
|
|
626
803
|
}>;
|
|
627
804
|
searchIdentities(args?: {
|
|
628
805
|
q?: string;
|
|
@@ -755,7 +932,6 @@ declare class AgentApiClient {
|
|
|
755
932
|
}): Promise<{
|
|
756
933
|
identityId: string | null;
|
|
757
934
|
status: string;
|
|
758
|
-
accessAllowed: boolean;
|
|
759
935
|
}>;
|
|
760
936
|
memorySearch(query: string, opts?: {
|
|
761
937
|
limit?: number;
|
|
@@ -835,6 +1011,29 @@ declare class AgentApiClient {
|
|
|
835
1011
|
storageEstimateBytes: number;
|
|
836
1012
|
lastIngestionAt?: string;
|
|
837
1013
|
}>;
|
|
1014
|
+
memoryLearn(args: {
|
|
1015
|
+
text: string;
|
|
1016
|
+
source?: string;
|
|
1017
|
+
sourceType?: "file" | "url" | "inline";
|
|
1018
|
+
metadata?: {
|
|
1019
|
+
sessionId?: string;
|
|
1020
|
+
channelId?: string;
|
|
1021
|
+
userName?: string;
|
|
1022
|
+
};
|
|
1023
|
+
}): Promise<{
|
|
1024
|
+
memoriesStored: number;
|
|
1025
|
+
triplesStored: number;
|
|
1026
|
+
chunks: number;
|
|
1027
|
+
source?: string;
|
|
1028
|
+
}>;
|
|
1029
|
+
memoryBootstrapStatus(): Promise<{
|
|
1030
|
+
synced: boolean;
|
|
1031
|
+
syncedAt?: string;
|
|
1032
|
+
}>;
|
|
1033
|
+
memoryBootstrapStatusMark(): Promise<{
|
|
1034
|
+
synced: true;
|
|
1035
|
+
syncedAt: string;
|
|
1036
|
+
}>;
|
|
838
1037
|
searchWeb(params: {
|
|
839
1038
|
query: string;
|
|
840
1039
|
count?: number;
|
package/dist/index.d.cts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.cts","names":["ResourceScope","IntegrationVisibility","IntegrationScope","IntegrationDesiredStatus","IntegrationActualStatus","IntegrationInstall","Record","IntegrationConfigSchemaField","IntegrationConfigResult","RegistryEntry","SecretScope","EncryptedEnvelopeV1","SecretMetadata","SecretEnvelopeResponse","ScopeInfo","GeneratedDataKey","AgentApiClientConfig","SyncAgentInfo","SyncManifestEntry","SyncManifest","SyncPresignedUrl","SyncConfirmedUpload","SyncReconstructFile","SyncReconstructBundle","SyncAgentStats","SyncFileEntry","SyncSessionEntry","SyncSessionContent","SharedFileEntry","AgentApiClient","Promise"],"sources":["../src/manifest.ts","../src/ignore.ts","../../agent-api-client/dist/index.d.ts","../src/sync-engine.ts","../src/watcher.ts","../src/uploader.ts","../src/downloader.ts","../src/retry.ts","../src/shared-sync.ts"],"sourcesContent":["//#region ../../packages-internal/types/dist/access.d.ts\n\n/**\n * The four resource scopes at which a permission can apply.\n * Order is meaningful: broader scopes first (`org`) → narrower last (`agent`).\n *\n * `IntegrationScope` in integration.ts and `SecretScope` in secrets.ts are\n * intentional aliases of this same enum — there is only one concept of\n * \"scope\" in Alfe.\n */\ndeclare const ResourceScope: {\n readonly Org: \"org\";\n readonly Team: \"team\";\n readonly Project: \"project\";\n readonly Agent: \"agent\";\n};\ntype ResourceScope = (typeof ResourceScope)[keyof typeof ResourceScope];\n/** Ordered tuple of resource scope string values (broad → narrow). */\n//#endregion\n//#region ../../packages-internal/types/dist/integration.d.ts\n/** Controls where an integration appears: public (everyone), hidden (nowhere) */\ndeclare const IntegrationVisibility: {\n readonly Public: \"public\";\n readonly Hidden: \"hidden\";\n};\ntype IntegrationVisibility = (typeof IntegrationVisibility)[keyof typeof IntegrationVisibility];\n/** Scope at which an integration is installed */\ndeclare const IntegrationScope: {\n readonly Org: \"org\";\n readonly Team: \"team\";\n readonly Project: \"project\";\n readonly Agent: \"agent\";\n};\ntype IntegrationScope = ResourceScope;\ndeclare const IntegrationDesiredStatus: {\n readonly Active: \"active\";\n readonly Removed: \"removed\";\n};\ntype IntegrationDesiredStatus = (typeof IntegrationDesiredStatus)[keyof typeof IntegrationDesiredStatus];\ndeclare const IntegrationActualStatus: {\n readonly Installing: \"installing\";\n readonly Active: \"active\";\n readonly Error: \"error\";\n readonly Removing: \"removing\";\n readonly Inactive: \"inactive\";\n readonly Unknown: \"unknown\";\n};\ntype IntegrationActualStatus = (typeof IntegrationActualStatus)[keyof typeof IntegrationActualStatus];\ninterface IntegrationInstall {\n scope: IntegrationScope;\n scopeId: string;\n integrationId: string;\n tenantId: string;\n desiredStatus: IntegrationDesiredStatus;\n actualStatus: IntegrationActualStatus;\n version: string;\n config: Record<string, unknown>;\n errorMessage: string;\n installedAt: string;\n updatedAt: string;\n}\n/** @deprecated Use IntegrationInstall instead */\n\ninterface IntegrationConfigSchemaField {\n key: string;\n label: string;\n type: string;\n description?: string;\n required?: boolean;\n default?: string | number | boolean;\n options?: string[];\n select_options?: {\n value: string;\n label: string;\n }[];\n oauth_provider?: string;\n oauth_scopes?: string[];\n oauth_integration_id?: string;\n editable?: string;\n hidden?: boolean;\n}\ninterface IntegrationConfigResult {\n integrationId: string;\n config: Record<string, unknown>;\n configSchema: IntegrationConfigSchemaField[];\n}\ninterface RegistryEntry {\n id: string;\n name: string;\n description: string;\n versions: string[];\n latest: string;\n repository: string;\n commit: string;\n icon?: string;\n author?: {\n name: string;\n url?: string;\n } | string;\n pricing?: {\n type: \"free\" | \"paid\" | \"usage\";\n price?: number;\n currency?: string;\n interval?: \"month\" | \"year\";\n description?: string;\n };\n features?: string[];\n preview_images?: string[];\n config_schema?: IntegrationConfigSchemaField[];\n supported_agents?: string[];\n /** Scopes where this integration can be installed */\n supported_scopes?: IntegrationScope[];\n /** Visibility status — controls where integration appears */\n visibility?: IntegrationVisibility;\n}\n//# sourceMappingURL=integration.d.ts.map\n//#endregion\n//#region ../../packages-internal/types/dist/secrets.d.ts\n/** Scope levels at which a secret can be owned. Aliased to ResourceScope. */\ntype SecretScope = ResourceScope;\n/**\n * v1 encrypted envelope as persisted by services/secrets and exchanged with\n * agents. Values are AES-256-GCM ciphertext; iv/authTag/ciphertext/dataKeyCiphertext\n * are all base64-encoded.\n */\ninterface EncryptedEnvelopeV1 {\n version: 1;\n iv: string;\n ciphertext: string;\n authTag: string;\n dataKeyCiphertext: string;\n}\n/** Opaque metadata about a secret row — never includes plaintext. */\ninterface SecretMetadata {\n secretId: string;\n secretName: string;\n description?: string;\n tags?: string[];\n createdAt: string;\n updatedAt: string;\n rotatedAt?: string;\n}\n/** A single secret row including its encrypted envelope. */\ninterface SecretEnvelopeResponse extends SecretMetadata {\n envelope: EncryptedEnvelopeV1;\n}\n/** A scope the caller can read or write secrets in. */\ninterface ScopeInfo {\n scope: SecretScope;\n scopeId: string;\n name?: string;\n}\n/**\n * KMS-issued data key, returned by the secrets service's\n * `/secrets/generate-data-key` KMS proxy endpoint. The plaintext key is\n * returned base64-encoded; callers MUST decode it to a Buffer and zero the\n * Buffer after use — never keep the plaintext as a JS string.\n */\ninterface GeneratedDataKey {\n plaintextKey: string;\n dataKeyCiphertext: string;\n}\n//# sourceMappingURL=secrets.d.ts.map\n//#endregion\n//#region src/index.d.ts\ninterface AgentApiClientConfig {\n apiKey: string;\n apiUrl: string;\n}\ninterface SyncAgentInfo {\n agentId: string;\n tenantId: string;\n displayName: string;\n s3Prefix: string;\n status: \"stale\" | \"syncing\" | \"synced\";\n fileCount?: number;\n totalSize?: number;\n lastSync?: string;\n}\ninterface SyncManifestEntry {\n hash: string;\n size: number;\n modified: string;\n etag?: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncManifest {\n version: 1;\n agentId: string;\n lastSync: string;\n files: Record<string, SyncManifestEntry>;\n}\ninterface SyncPresignedUrl {\n path: string;\n url: string;\n expiresAt: string;\n}\ninterface SyncConfirmedUpload {\n filePath: string;\n hash: string;\n size: number;\n storageClass: \"STANDARD\" | \"GLACIER_IR\";\n syncedAt: string;\n}\ninterface SyncReconstructFile {\n path: string;\n size: number;\n url: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncReconstructBundle {\n agentId: string;\n mode: \"full\" | \"active\" | \"memory\";\n fileCount: number;\n totalSize: number;\n files: SyncReconstructFile[];\n expiresAt: string;\n}\ninterface SyncAgentStats {\n agentId: string;\n standardBytes: number;\n glacierBytes: number;\n fileCount: number;\n lastSyncAt: string | null;\n}\ninterface SyncFileEntry {\n filePath: string;\n size: number;\n modified: string;\n contentHash: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncSessionEntry {\n sessionId: string;\n size: number;\n lastModified: string;\n storageClass?: string;\n isArchived: boolean;\n}\ninterface SyncSessionContent {\n sessionId: string;\n content: string;\n compressed: boolean;\n}\ninterface SharedFileEntry {\n filePath: string;\n fileName: string;\n size: number;\n contentType?: string;\n}\ndeclare class AgentApiClient {\n private readonly apiKey;\n private readonly apiUrl;\n constructor(config: AgentApiClientConfig);\n private request;\n syncRegister(args?: {\n displayName?: string;\n }): Promise<{\n agent: SyncAgentInfo;\n }>;\n syncGetManifest(): Promise<SyncManifest>;\n syncPresign(args: {\n files: {\n path: string;\n operation: \"put\" | \"get\";\n contentType?: string;\n }[];\n }): Promise<{\n urls: SyncPresignedUrl[];\n }>;\n syncConfirmUpload(args: {\n filePath: string;\n hash: string;\n size: number;\n storageClass?: \"STANDARD\" | \"GLACIER_IR\";\n }): Promise<SyncConfirmedUpload>;\n syncReconstruct(args: {\n mode: \"full\" | \"active\" | \"memory\";\n }): Promise<SyncReconstructBundle>;\n syncGetStats(): Promise<SyncAgentStats>;\n syncListFiles(args?: {\n prefix?: string;\n }): Promise<{\n files: SyncFileEntry[];\n }>;\n syncListSessions(): Promise<{\n sessions: SyncSessionEntry[];\n }>;\n syncGetSession(sessionId: string): Promise<SyncSessionContent>;\n syncDeleteFile(filePath: string): Promise<{\n removed: boolean;\n }>;\n sharedListFiles(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n }): Promise<{\n files: SharedFileEntry[];\n nextCursor: string | null;\n }>;\n sharedDownloadUrl(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n filePath: string;\n }): Promise<{\n downloadUrl: string;\n expiresIn: number;\n }>;\n listIntegrations(): Promise<IntegrationInstall[]>;\n getIntegrationConfig(integrationId: string): Promise<IntegrationConfigResult>;\n updateIntegrationConfig(integrationId: string, config: Record<string, unknown>): Promise<void>;\n installIntegration(integrationId: string, options?: {\n version?: string;\n config?: Record<string, unknown>;\n }): Promise<IntegrationInstall>;\n removeIntegration(integrationId: string): Promise<IntegrationInstall>;\n getOAuthUrl(provider: string, scopes?: string[]): Promise<{\n url: string;\n provider: string;\n expiresIn: number;\n }>;\n getOAuthStatus(provider: string): Promise<{\n provider: string;\n connected: boolean;\n config?: Record<string, string>;\n }>;\n getRegistry(): Promise<{\n integrations: RegistryEntry[];\n }>;\n getGoogleCredentials(): Promise<{\n accounts?: {\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n enabledServices?: string[];\n isDefault: boolean;\n displayName?: string;\n }[];\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n projectId: string;\n enabledServices?: string[];\n }>;\n disconnectGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n isDefault: boolean;\n }[];\n }>;\n setDefaultGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n isDefault: boolean;\n }[];\n }>;\n getGoogleChatCredentials(): Promise<{\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n displayName?: string;\n }>;\n getGithubCredentials(): Promise<{\n login: string;\n accessToken: string;\n }>;\n getXeroCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n xeroTenantId: string;\n }>;\n refreshXeroToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getNotionCredentials(): Promise<{\n accessToken: string;\n workspaceId: string;\n workspaceName: string;\n }>;\n getAtlassianCredentials(): Promise<{\n accessToken: string;\n refreshToken: string;\n accessTokenExpiresAt: string;\n cloudId: string;\n siteName: string;\n siteUrl: string;\n email: string;\n enabledProducts: string[];\n clientId: string;\n clientSecret: string;\n }>;\n refreshAtlassianToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getMYOBCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n myobBusinessId: string;\n clientId: string;\n }>;\n refreshMYOBToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getTeamsCredentials(): Promise<{\n agentId: string;\n tenantId: string;\n azureAppId: string;\n azureBotId: string;\n azureClientSecret: string;\n botDisplayName?: string;\n teamsTenantId?: string;\n serviceUrl?: string;\n }>;\n sendTeamsMessage(data: {\n conversationId: string;\n text?: string;\n adaptiveCard?: Record<string, unknown>;\n }): Promise<{\n ok: boolean;\n activityId: string;\n }>;\n listTeamsChannels(): Promise<{\n channels: {\n id: string;\n name: string;\n description?: string;\n }[];\n }>;\n presignAttachments(files: {\n filename: string;\n mimeType: string;\n size: number;\n }[]): Promise<{\n attachments: {\n id: string;\n uploadUrl: string;\n downloadUrl: string;\n s3Key: string;\n expiresAt: string;\n }[];\n }>;\n recordActivity(data: {\n userId?: string;\n channel: string;\n role: \"user\" | \"assistant\";\n }): Promise<{\n recorded: boolean;\n }>;\n /**\n * Mint a fresh AES-256 data key for a new secret or rotation. The encryption\n * context is rebuilt server-side from `auth.tenantId` + the body fields; the\n * agent cannot forge context for a scope it doesn't own.\n */\n generateSecretDataKey(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<GeneratedDataKey>;\n /**\n * Unwrap a wrapped data key so the agent can decrypt the envelope locally.\n * KMS Decrypt will fail with `InvalidCiphertextException` if the envelope\n * was tampered with in a way that changes `{ tenantId, scope, scopeId, secretId }`.\n */\n decryptSecretDataKey(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n dataKeyCiphertext: string;\n }): Promise<{\n plaintextKey: string;\n }>;\n /** Upload a pre-encrypted envelope for a secret. */\n putSecretEnvelope(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n secretName: string;\n envelope: EncryptedEnvelopeV1;\n description?: string;\n tags?: string[];\n }): Promise<{\n secretId: string;\n }>;\n /** Fetch the encrypted envelope for a single secret. */\n getSecretEnvelope(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<SecretEnvelopeResponse>;\n /** List metadata (never envelopes) for secrets in a scope. */\n listSecrets(args: {\n scope: SecretScope;\n scopeId: string;\n }): Promise<SecretMetadata[]>;\n /** Delete a secret. */\n deleteSecret(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<void>;\n /** Enumerate scopes (org/team/project/agent) this agent can access. */\n listSecretScopes(): Promise<ScopeInfo[]>;\n resolveIdentity(args: {\n provider: string;\n platformId: string;\n kind?: \"user\" | \"agent\" | \"service\" | \"bot\" | \"workspace\";\n displayName?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n accessAllowed: boolean;\n created?: boolean;\n reason?: string;\n }>;\n searchIdentities(args?: {\n q?: string;\n status?: string;\n limit?: number;\n }): Promise<{\n identities: unknown[];\n }>;\n getIdentityContext(identityId: string): Promise<{\n context: unknown;\n }>;\n mergeIdentities(survivorId: string, args: {\n mergedId: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n unmergeIdentity(identityId: string, args: {\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n addIdentityNote(identityId: string, args: {\n content: string;\n category?: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n noteId: string | null;\n }>;\n tagIdentity(identityId: string, args: {\n tag: string;\n action: \"add\" | \"remove\";\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n }>;\n getIdentityChangelog(identityId: string, args?: {\n limit?: number;\n }): Promise<{\n entries: unknown[];\n }>;\n rollbackIdentity(identityId: string, args: {\n targetVersion: number;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n entry?: unknown;\n }>;\n requestIdentityVerification(args: {\n claimedIdentityId: string;\n requestingIdentityId: string;\n requestingProvider: string;\n requestingPlatformId: string;\n preferredChannel?: \"mobile\" | \"email\";\n /**\n * Phase 2: agent-supplied contact endpoint. When provided, the top-level\n * `preferredChannel` is ignored — the contact's channel wins.\n */\n contact?: {\n channel: \"email\" | \"mobile\";\n value: string;\n };\n }): Promise<{\n verificationId: string;\n channel: string;\n deliveredTo: string;\n expiresAt: string;\n availableChannels: {\n channel: string;\n deliveredTo: string;\n }[];\n } | {\n error: string;\n }>;\n confirmIdentityVerification(args: {\n claimedIdentityId: string;\n verificationId: string;\n phrase: string;\n }): Promise<{\n verified: boolean;\n identityId?: string;\n /** Phase 2: how the confirm resolved — Scenario A vs B. */\n action?: \"merged\" | \"contact_verified\";\n error?: string;\n }>;\n /**\n * Update display-shape fields on an Identity. Body excludes `email` /\n * `phone` / `title` / `company` / `metadata` per Section D4 — contacts go\n * via the verify flow, title/company live on OrgMembership, metadata is\n * not agent-writable.\n */\n updateIdentity(identityId: string, args: {\n name?: string;\n avatarUrl?: string;\n timezone?: string;\n locale?: string;\n }): Promise<{\n ok: boolean;\n }>;\n /**\n * Phase 2 (Section H): server-side verification of a Google Chat sender via\n * the agent's existing Google OAuth credentials. Returns the resolved\n * identity (created or matched via Scenario-B email enrichment).\n */\n resolveGoogleChatSender(args: {\n senderUserId: string;\n spaceId?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n accessAllowed: boolean;\n }>;\n memorySearch(query: string, opts?: {\n limit?: number;\n topic?: string;\n subtopic?: string;\n tag?: string;\n includeKnowledge?: boolean;\n }): Promise<{\n facts: {\n subject: string;\n predicate: string;\n object: string;\n since: string;\n confidence: number;\n }[];\n memories: {\n id: string;\n text: string;\n topic: string;\n subtopic: string;\n tag: string;\n importance: number;\n timestamp: number;\n score: number;\n }[];\n }>;\n memoryStore(text: string, opts?: {\n topic?: string;\n subtopic?: string;\n tag?: string;\n importance?: number;\n }): Promise<{\n memoryId: string;\n }>;\n memoryIngest(sessionKey: string, messages: {\n role: string;\n content: string;\n index: number;\n timestamp?: string;\n }[], metadata?: {\n channelId?: string;\n userId?: string;\n userName?: string;\n }): Promise<{\n queued: boolean;\n messageCount: number;\n }>;\n memoryLoadContext(tier?: number, topicHint?: string): Promise<{\n formatted: string;\n [key: string]: unknown;\n }>;\n memoryLookupEntity(subject: string): Promise<{\n subject: string;\n triples: {\n tripleId: string;\n predicate: string;\n object: string;\n validFrom: string;\n validTo?: string;\n confidence: number;\n }[];\n }>;\n memoryNavigate(): Promise<{\n topics: {\n name: string;\n tripleCount: number;\n subtopics: string[];\n }[];\n cursor: string | null;\n }>;\n memoryDelete(memoryId: string): Promise<{\n deleted: boolean;\n }>;\n memoryStats(): Promise<{\n vectorCount: number;\n tripleCount: number;\n storageEstimateBytes: number;\n lastIngestionAt?: string;\n }>;\n searchWeb(params: {\n query: string;\n count?: number;\n offset?: number;\n country?: string;\n freshness?: string;\n }): Promise<unknown>;\n searchImages(params: {\n query: string;\n count?: number;\n }): Promise<unknown>;\n searchNews(params: {\n query: string;\n count?: number;\n freshness?: string;\n }): Promise<unknown>;\n registerDatabaseCredentials(): Promise<{\n connectionString: string;\n username: string;\n password: string;\n databases: string[];\n }>;\n reportDatabaseAudit(entry: {\n database: string;\n collection: string;\n operation: string;\n summary?: string;\n }): Promise<void>;\n}\n//# sourceMappingURL=index.d.ts.map\n//#endregion\nexport { AgentApiClient, AgentApiClientConfig, type EncryptedEnvelopeV1, type GeneratedDataKey, type IntegrationConfigResult, type IntegrationConfigSchemaField, type IntegrationInstall, type RegistryEntry, type ScopeInfo, type SecretEnvelopeResponse, type SecretMetadata, type SecretScope, SharedFileEntry, SyncAgentInfo, SyncAgentStats, SyncConfirmedUpload, SyncFileEntry, SyncManifest, SyncManifestEntry, SyncPresignedUrl, SyncReconstructBundle, SyncReconstructFile, SyncSessionContent, SyncSessionEntry };\n//# sourceMappingURL=index.d.ts.map"],"mappings":";;;;;;;AAyBA;AAOA;;;;;AAIA;AAiBA;AA4BsB,UAxDL,aAAA,CAwDiB;EAAA,IAAA,EAAA,MAAA;MAEvB,EAAA,MAAA;YAAR,EAAA,MAAA;EAAO,YAAA,EAAA,UAAA,GAAA,YAAA;AAmBV;AAAmC,UAtElB,aAAA,CAsEkB;OAEvB,EAvEH,MAuEG,CAAA,MAAA,EAvEY,aAuEZ,CAAA;;AACF,UArEO,cAAA,CAqEP;EAUY,OAAA,EAAA,CAAA;EAAmB,OAAA,EAAA,MAAA;UAGhC,EAAA,MAAA;OACN,EA/EM,MA+EN,CAAA,MAAA,EAAA;IAAO,IAAA,EAAA,MAAA;IASY,IAAA,EAAA,MAAA;IAgBA,QAAA,EAAA,MAAe;IAgBrB,IAAA,CAAA,EAAA,MAAa;IAAA,YAAA,CAAA,EAAA,MAAA;IACpB,UAAA,CAAA,EAAA,OAAA;;;AAEM,UA9GE,YAAA,CA8GF;;;;ECzIO,MAAA,EAAA,MAAA,EAAA;EA4BN;EAaA,SAAA,EAAA,MAAa,EAAA;;;;;ACpD5B;;;;;AACqE;AASjEC,iBFwDiB,YAAA,CExDI,aAAA,EAAA,MAAA,CAAA,EF0DvB,OE1DuB,CF0Df,aE1De,CAAA;;;;;AAEZC,iBF2EQ,aAAA,CEtErB,aAAA,EAAA,MAAA,EAAA,QAAA,EFwEW,aExEX,CAAA,EFyEE,OEzEF,CAAA,IAAA,CAAA;AAAA;AACoC;AAIpC;AAC4B,iBF6EP,mBAAA,CE7EO,aAAA,EAAA,MAAA,EAAA,YAAA,EAAA,MAAA,EAAA,KAAA,EFgFpB,aEhFoB,CAAA,EFiF1B,OEjF0B,CAAA,IAAA,CAAA;;;;AACfE,iBFyFQ,mBAAA,CElFrB,aAAA,EAAA,MAAA,EAAA,YAAA,EAAA,MAAA,CAAA,EFqFE,OErFF,CAAA,IAAA,CAAA;AAAA;;;;AACmG,iBFiG9E,eAAA,CEjG8E,QAAA,EAAA,MAAA,CAAA,EFiG3C,OEjG2C,CAAA,MAAA,CAAA;AAAA;;;;;AAS1FE,iBFwGM,aAAA,CExGNA,KAAAA,EFyGD,aEzGCA,EAAAA,MAAAA,EF0GA,cE1GAA,CAAAA,EF2GP,YE3GOA;;;;;;;AF/BV;AAOA;;;;AACe,iBCPO,kBAAA,CDOP,aAAA,EAAA,MAAA,CAAA,ECLZ,ODKY,CAAA,MAAA,EAAA,CAAA;AAGf;AAiBA;AA4BA;AAAkC,iBC3BlB,YAAA,CD2BkB,YAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,EAAA,CAAA,EAAA,OAAA;;;;AAqBZ,iBCnCN,aAAA,CDmCmB,KAAA,EAAA,MAAA,EAAA,EAAA,QAAA,EAAA,MAAA,EAAA,CAAA,EAAA,MAAA,EAAA;;;;;;;AA7EnC;AAOA;;;;;AAIA;AAiBA,cE3CcN,aF2Ce,EAAA;EA4B7B,SAAsB,GAAA,EAAA,KAAY;EAAA,SAAA,IAAA,EAAA,MAAA;WAEvB,OAAA,EAAA,SAAA;WAAR,KAAA,EAAA,OAAA;CAAO;AAmBV,KEtFKA,aAAAA,GFsF8B,CAAA,OEtFNA,aFsFM,CAAA,CAAA,MAAA,OEtFsBA,aFsFtB,CAAA;;;;;AAanC,cE9FcC,qBF8F2B,EAAA;EAAA,SAAA,MAAA,EAAA,QAAA;WAGhC,MAAA,EAAA,QAAA;;KE7FJA,qBAAAA,GF8FK,CAAA,OE9F2BA,qBF8F3B,CAAA,CAAA,MAAA,OE9F+DA,qBF8F/D,CAAA;AASV;AAgBA,cErHcC,gBFqHuB,EAAA;EAgBrC,SAAgB,GAAA,EAAA,KAAa;EAAA,SAAA,IAAA,EAAA,MAAA;WACpB,OAAA,EAAA,SAAA;WACC,KAAA,EAAA,OAAA;;KEjILA,gBAAAA,GAAmBF,aFkIT;cEjIDG;;;ADRd,CAAA;AA4BA,KChBKA,wBAAAA,GDgBuB,CAAA,OChBYA,wBDgBZ,CAAA,CAAA,MAAA,OChBmDA,wBDgBnD,CAAA;AAa5B,cC5BcC,uBD4Be,EAAA;;;;WCzDfJ,QAAAA,EAKb,UAAA;EAAA,SACIA,QAAAA,EAAa,UAAA;EAAA,SAAA,OAAA,EAAA,SAAA;;KA+BbI,uBAAAA,GA/BoDJ,CAAAA,OA+BlBI,uBA/BkBJ,CAAAA,CAAAA,MAAAA,OA+BoBI,uBA/BpBJ,CAAAA;UAgC/CK,kBAAAA,CAhC4D;EAAA,KAKxDJ,EA4BLC,gBA5BKD;EAGb,OACIA,EAAAA,MAAAA;EAAqB,aAAA,EAAA,MAAA;UAAWA,EAAAA,MAAAA;eAAoCA,EA4BxDE,wBA5BwDF;EAAqB,YAAA,EA6B9EG,uBA7B8E;EAAA,OAEhFF,EAAAA,MAAAA;EAKb,MACIA,EAuBKI,MAvBLJ,CAAAA,MAAgB,EAAA,OAAA,CAAA;EAAgB,YACvBC,EAAAA,MAAAA;EAGb,WACIA,EAAAA,MAAAA;EAAwB,SAAA,EAAA,MAAA;;;;AAA0E,UAyB7FI,4BAAAA,CAjBT;EAAA,GACIH,EAAAA,MAAAA;EAAuB,KAAA,EAAA,MAAA;QAAWA,MAAAA;aAAsCA,CAAAA,EAAAA,MAAAA;EAAuB,QAAA,CAAA,EAAA,OAAA;EAAA,OAC1FC,CAAAA,EAAAA,MAAAA,GAAAA,MAAkB,GAAA,OAAA;EAAA,OAAA,CAAA,EAAA,MAAA,EAAA;gBACnBH,CAAAA,EAAAA;SAIQC,EAAAA,MAAAA;SACDC,EAAAA,MAAAA;;EAEA,cAAA,CAAA,EAAA,MAAA;EAAA,YAONG,CAAAA,EAAAA,MAAAA,EAAAA;EAA4B,oBAkB5BC,CAAAA,EAAAA,MAAuB;EAAA,QAAA,CAAA,EAAA,MAAA;QAEvBF,CAAAA,EAAAA,OAAAA;;UAFAE,uBAAAA,CAGkC;EAAA,aAElCC,EAAAA,MAAa;EAAA,MAAA,EAHbH,MAGa,CAAA,MAAA,EAAA,OAAA,CAAA;cAsBLC,EAxBFA,4BAwBEA,EAAAA;;UAtBRE,aAAAA,CA2BKR;EAAqB,EAAA,EAAA,MAAA;EAAA,IAM/BS,EAAAA,MAAAA;EAA2B,WAMtBC,EAAAA,MAAAA;EAAmB,QAQnBC,EAAAA,MAAAA,EAAAA;EAAc,MAUdC,EAAAA,MAAAA;EAAsB,UAAA,EAAA,MAAA;QACpBF,EAAAA,MAAAA;OAD6BC,EAAAA,MAAAA;EAAc,MAAA,CAAA,EAAA;IAI7CE,IAAAA,EAAAA,MAAS;IAWTC,GAAAA,CAAAA,EAAAA,MAAAA;EAAgB,CAAA,GAOhBC,MAAAA;EAAoB,OAIpBC,CAAAA,EAAAA;IAUAC,IAAAA,EAAAA,MAAAA,GAAAA,MAAiB,GAAA,OAAA;IAQjBC,KAAAA,CAAAA,EAAAA,MAAAA;IAAY,QAAA,CAAA,EAAA,MAAA;YAIED,CAAAA,EAAAA,OAAAA,GAAAA,MAAAA;eAAfZ,CAAAA,EAAAA,MAAAA;EAAM,CAAA;EAAA,QAELc,CAAAA,EAAAA,MAAAA,EAAAA;EAAgB,cAKhBC,CAAAA,EAAAA,MAAAA,EAAmB;EAAA,aAOnBC,CAAAA,EAjGQf,4BAiGW,EAAA;EAAA,gBAOnBgB,CAAAA,EAAAA,MAAAA,EAAqB;EAKH;EAGJ,gBAOdE,CAAAA,EApHWvB,gBAoHE,EAAA;EAAA;EAQG,UAOhByB,CAAAA,EAjIK1B,qBAiIa;AAAA;AAKH;;;;KAhIpBS,WAAAA,GAAcV,aA6Ib8B;;;;;;UAvIInB,mBAAAA,CAyJJmB;SAGQP,EAAAA,CAAAA;YAARO;YACoBN,EAAAA,MAAAA;SAARM,EAAAA,MAAAA;mBAIPL,EAAAA,MAAAA;;;UAzJDb,cAAAA,CA2JYkB;UAGuBH,EAAAA,MAAAA;YAARG,EAAAA,MAAAA;aACDA,CAAAA,EAAAA,MAAAA;OAOzBF,EAAAA,MAAAA,EAAAA;WADLE,EAAAA,MAAAA;WAQAA,EAAAA,MAAAA;WAIwBzB,CAAAA,EAAAA,MAAAA;;;UAvKpBQ,sBAAAA,SAA+BD,cAwKMkB,CAAAA;UACUxB,EAxK7CK,mBAwK6CL;;;UArK/CQ,SAAAA,CAyKIT;OAARyB,EAxKGpB,WAwKHoB;SAC8CzB,EAAAA,MAAAA;OAARyB,EAAAA,MAAAA;;;;;;;;UA/JlCf,gBAAAA,CAqMgCe;cAOZA,EAAAA,MAAAA;mBAOJA,EAAAA,MAAAA;;;;;UA5MhBd,oBAAAA,CA0OiBc;QAIHA,EAAAA,MAAAA;QAMFA,EAAAA,MAAAA;;UAhPZb,aAAAA,CAiQSX;SACbwB,EAAAA,MAAAA;UAIiBA,EAAAA,MAAAA;aAWfA,EAAAA,MAAAA;UAaFA,EAAAA,MAAAA;QASKpB,EAAAA,OAAAA,GAAAA,SAAAA,GAAAA,QAAAA;WAGGK,CAAAA,EAAAA,MAAAA;WAARe,CAAAA,EAAAA,MAAAA;UAOKpB,CAAAA,EAAAA,MAAAA;;UAvSDQ,iBAAAA,CAgTCR;QAIGC,MAAAA;QAGRmB,MAAAA;UAKKpB,EAAAA,MAAAA;OAGGG,EAAAA,MAAAA;cAARiB,CAAAA,EAAAA,MAAAA;YAGKpB,CAAAA,EAAAA,OAAAA;;UA1TDS,YAAAA,CA4TJW;SAGKpB,EAAAA,CAAAA;SAGLoB,EAAAA,MAAAA;UAEwBhB,EAAAA,MAAAA;OAARgB,EAhUbxB,MAgUawB,CAAAA,MAAAA,EAhUEZ,iBAgUFY,CAAAA;;UA9TZV,gBAAAA,CA+UJU;QAGoCA,MAAAA;OAUpCA,MAAAA;WAUAA,EAAAA,MAAAA;;UAjWIT,mBAAAA,CAwXJS;UAKAA,EAAAA,MAAAA;QAUAA,MAAAA;QAkBAA,MAAAA;cAgBAA,EAAAA,UAAAA,GAAAA,YAAAA;UAkBAA,EAAAA,MAAAA;;UApbIR,mBAAAA,CA0cJQ;QAwBAA,MAAAA;QAYAA,MAAAA;OAIkDA,MAAAA;cAIjBA,CAAAA,EAAAA,MAAAA;YAWnBA,CAAAA,EAAAA,OAAAA;;UA1fVP,qBAAAA,CAqgBOO;SAYXA,EAAAA,MAAAA;QAIAA,MAAAA,GAAAA,QAAAA,GAAAA,QAAAA;WAKAA,EAAAA,MAAAA;WAC2BA,EAAAA,MAAAA;OAW3BA,EAjiBGR,mBAiiBHQ,EAAAA;EAAO,SAAA,EAAA,MAAA;;UA9hBHN,cAAAA;;EC9LV,aAAiB,EAAU,MAAA;EAO3B,YAAiB,EAAA,MAAA;EAWjB,SAAgB,EAAA,MAAA;EAAgB,UAAA,EAAA,MAAA,GAAA,IAAA;;UDmLtBC,aAAAA,CCnLwC;UAAU,EAAA,MAAA;;UAY7C,EAAA,MAAA;aAAR,EAAA,MAAA;cAgCoD,CAAA,EAAA,MAAA;YAAR,CAAA,EAAA,OAAA;;UD+IzCC,gBAAAA,CC1G6C;WA4FxC,EAAA,MAAA;QAAR,MAAA;cA2CA,EAAA,MAAA;EAAO,YAAA,CAAA,EAAA,MAAA;EAmBd,UAAY,EAAA,OAAU;;UDzCZC,kBAAAA,CCyCiC;WAAlB,EAAA,MAAA;EAAU,OAAA,EAAA,MAAA;;;UDpCzBC,eAAAA;EE5OV,QAAiB,EAAA,MAAA;EAajB,QAAsB,EAAA,MAAA;EAAY,IAAA,EAAA,MAAA;aACvB,CAAA,EAAA,MAAA;;cFoOGC,cAAAA,CEnOX;EAAO,iBAAA,MAAA;;sBFsOYb;;EGzOtB,YAAiB,CAAA,IA4FgB,CA5FJ,EAAA;IA4FP,WAAA,CAAA,EAAW,MAAA;EAAA,CAAA,CAAA,EHiJ3Bc,OGjJ2B,CAAA;SAGvB,EH+ICb,aG/ID;;iBAEP,CAAA,CAAA,EH+IkBa,OG/IlB,CH+I0BX,YG/I1B,CAAA;EAAO,WAAA,CAAA,IAAA,EAAA;;;;MCnGO,WAAA,CAAA,EAAA,MAAc;IAqDT,CAAA,EAAA;EAAa,CAAA,CAAA,EJoM7BW,OIpM6B,CAAA;QAGzB,EJkMAV,gBIlMA,EAAA;;mBAGC,CAAA,IAAA,EAAA;YAAR,EAAA,MAAA;IAAO,IAAA,EAAA,MAAA;;;MJsMJU,QAAQT;EK9Qd,eAAiB,CAAA,IAAY,EAAA;IAUP,IAAA,EAAA,MAAS,GAAA,QAAA,GAAA,QAAA;EAAA,CAAA,CAAA,ELuQzBS,OKvQyB,CLuQjBP,qBKvQiB,CAAA;cACX,CAAA,CAAA,ELuQFO,OKvQE,CLuQMN,cKvQN,CAAA;eAAR,CAAA,KAAA,EAAA;UACD,CAAA,EAAA,MAAA;MLyQLM,OKxQK,CAAA;SAAR,ELyQQL,aKzQR,EAAA;EAAO,CAAA,CAAA;sBL2QYK;cACRJ;;EMnQd,cAAiB,CAAA,SAAW,EAAA,MAAA,CAAA,ENqQSI,OMrQT,CNqQiBH,kBMrQjB,CAAA;EAM5B,cAAiB,CAAA,QAAgB,EAAA,MAEvB,CAAA,EN8P0BG,OM9P1B,CAAA;IAGA,OAAA,EAAA,OAAY;EAOtB,CAAA,CAAiB;EAAgB,eAAA,CAAA,IAAA,EAAA;SACZ,EAAA,KAAA,GAAA,MAAA,GAAA,SAAA;WAAgB,EAAA,MAAA;MNyP/BA,OMxPiB,CAAA;SAAgB,ENyP5BF,eMzP4B,EAAA;cACmC,EAAA,MAAA,GAAA,IAAA;;mBAE3D,CAAA,IAAA,EAAA;IAAW,KAAA,EAAA,KAAA,GAAA,MAAA,GAAA,SAAA;IAGV,OAAA,EAAA,MAAA;IAAsB,QAAA,EAAA,MAAA;MN0PhCE,OMzPI,CAAA;eACH,EAAA,MAAA;aACJ,EAAA,MAAA;EAAgB,CAAA,CAAA;sBN2PGA,QAAQzB;+CACiByB,QAAQtB;yDACEF,0BAA0BwB;;;aAGtExB;MACPwB,QAAQzB;4CAC8ByB,QAAQzB;oDACAyB;;;;;oCAKhBA;;;aAGvBxB;;iBAEIwB;kBACCrB;;0BAEQqB;;;;;;;;;;;;;;;;;0CAiBgBA;;;;;;;0CAOAA;;;;;;;8BAOZA;;;;;;;0BAOJA;;;;wBAIFA;;;;;sBAKFA;;;;0BAIIA;;;;;6BAKGA;;;;;;;;;;;;2BAYFA;;;;wBAIHA;;;;;;sBAMFA;;;;yBAIGA;;;;;;;;;;;;;mBAaNxB;MACbwB;;;;uBAIiBA;;;;;;;;;;;QAWfA;;;;;;;;;;;;;MAaFA;;;;;;;;;WASKpB;;;MAGLoB,QAAQf;;;;;;;WAOHL;;;;MAILoB;;;;;WAKKpB;;;;cAIGC;;;MAGRmB;;;;;WAKKpB;;;MAGLoB,QAAQjB;;;WAGHH;;MAELoB,QAAQlB;;;WAGHF;;;MAGLoB;;sBAEgBA,QAAQhB;;;;;;MAMxBgB;;;;;;;;;;;MAWAA;;;0CAGoCA;;;;;;;;;;MAUpCA;;;;;;;;;;MAUAA;;;;;;;;;;;;MAYAA;;;;;;;;;;;MAWAA;;;;;MAKAA;;;;;;;;;;MAUAA;;;;;;;;;;;;;;;;;;MAkBAA;;;;;;;;;;;;;;;;MAgBAA;;;;;;;;;;;;;;;;;;MAkBAA;;;;;;;;;;;MAWAA;;;;;;;;;;;MAWAA;;;;;;;;;;;;;;;;;;;;;;;;MAwBAA;;;;;;;;;;;;MAYAA;;;;wDAIkDA;;;;uCAIjBA;;;;;;;;;;;oBAWnBA;;;;;;;;kCAQcA;;;iBAGjBA;;;;;;;;;;;;MAYXA;;;;MAIAA;;;;;MAKAA;iCAC2BA;;;;;;;;;;;MAW3BA;;;;;;AFzqB4B,UGnDjB,UAAA,CHmDiB;QAEvB,EAAA,MAAA;QAAR,EAAA,MAAA;EAAO,SAAA,EAAA,MAAA;EAmBY,MAAA,EAAA,MAAA;;AAEV,UGnEK,iBAAA,CHmEL;eACT,EAAA,MAAA;EAAO,MAAA,EGlEA,cHkEA;AAUV;;;;;AAaA;AAgBA;AAgBgB,iBGhHA,gBAAA,CHgHa;EAAA,aAAA;EAAA;AAAA,CAAA,EGhH+B,iBHgH/B,CAAA,EAAA;EAAA,aAAA,EAAA,MAAA;QACpB,gBAAA;;;;;gCC3GO;;IA5BM,MAAA,CAAA,EAAA,MAAA;EA4BN,CAAA,CAAA,EEMT,OFNS,CEMD,UFNa,CAAA;EAaZ;;;MEyBmC,QAAQ;EDlF7C9B;AAKb;;;UACwDA,CAAAA,OAK3CC,CAL2CD,EAAAA;IAAa,KAAA,CAAA,EAAA,OAAA;EAKxDC,CAAAA,CAAAA,EC4GyC,OD5GzCA,CC4GiD,UD5GjDA,CAAAA;EAITA;;;;EAAyF,SAAA,CAAA,KAAA,EAAA,MAAA,EAAA,EAAA,OAQzFC,CARyF,EAAA;IAEhFA,KAAAA,CAAAA,EAAAA,OAKb;EACIA,CAAAA,CAAAA,EC4LE,OD5LFA,CC4LU,UD5LM,CAAA;EACPC;AAGb;;;iBAC8EA,CAAAA,QAAAA,EAAAA,MAAAA,EAAAA,OACjEC,CADiED,EAAAA;IAAwB,KAAA,CAAA,EAAA,OAAA;EACzFC,CAAAA,CAAAA,ECiOP,ODjOOA,CAAAA,IAAAA,CAAAA;AAOb,CAAA;AAC2B,KC4OhB,UAAA,GAAa,UD5OG,CAAA,OC4Oe,gBD5Of,CAAA;;;;;;;AFtB5B;AAOA;;AACwB,UItBP,cAAA,CJsBO;eAAf,EAAA,MAAA;EAAM;EAGE,UAAA,CAAA,EAAA,MAAc;EAiBd;EA4BK,SAAA,EAAA,CAAA,KAAY,EAAA,MAAA,EAAA,EAAA,GAAA,IAAA,GIjEO,OJiEP,CAAA,IAAA,CAAA;;;;;AAqBlC;;AAEY,iBIhFU,YAAA,CJgFV,OAAA,EI/ED,cJ+EC,CAAA,EI9ET,OJ8ES,CAAA,GAAA,GI9EK,OJ8EL,CAAA,IAAA,CAAA,CAAA;;;;AAvBsB,UK1DjB,YAAA,CL0DiB;MAEvB,EAAA,MAAA;SAAR,EAAA,OAAA;EAAO,IAAA,CAAA,EAAA,MAAA;EAmBY,IAAA,CAAA,EAAA,MAAA;EAAa,KAAA,CAAA,EAAA,MAAA;;;;AAanC;AAAyC,iBKAnB,WAAA,CLAmB,aAAA,EAAA,MAAA,EAAA,aAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EKG/B,cLH+B,EAAA,OAI/B,CAJ+B,EAAA;aAGhC,CAAA,EAAA,MAAA;OACN,CAAA,EAAA,OAAA;CAAO,CAAA,EKCP,OLDO,CKCC,YLDD,EAAA,CAAA;AASV;;;AA/CsB,UM5DL,cAAA,CN4DiB;EAAA,IAAA,EAAA,MAAA;SAEvB,EAAA,OAAA;MAAR,CAAA,EAAA,MAAA;EAAO,KAAA,CAAA,EAAA,MAAA;AAmBV;AAAmC,iBM5Bb,aAAA,CN4Ba,aAAA,EAAA,MAAA,EAAA,aAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EMzBzB,cNyByB,EAAA,cAAA,CAAA,EMxBhB,cNwBgB,EAAA,OAGzB,CAHyB,EAAA;aAEvB,CAAA,EAAA,MAAA;OACT,CAAA,EAAA,OAAA;CAAO,CAAA,EMzBP,ONyBO,CMzBC,cNyBD,EAAA,CAAA;AAUV;;;;;;AA1FA;AAOiB,UOxBA,YAAA,CPwBa;EAAA,UAAA,CAAA,EAAA,MAAA;aACN,CAAA,EAAA,MAAA;;;AAGxB;AAiBA;AA4BA;;AAEW,iBOjEW,SPiEX,CAAA,CAAA,CAAA,CAAA,EAAA,EAAA,GAAA,GOhEC,OPgED,COhES,CPgET,CAAA,EAAA,OAAA,CAAA,EO/DA,YP+DA,CAAA,EO9DR,OP8DQ,CO9DA,CP8DA,CAAA;;;;AAFuB,UQnDjB,WAAA,CRmDiB;WAEvB,EAAA,MAAA,GAAA,SAAA,GAAA,KAAA;SAAR,EAAA,MAAA;EAAO,IAAA,EAAA,MAAA;AAmBV;AAAmC,UQlElB,gBAAA,CRkEkB;eAEvB,EAAA,MAAA;QACT,EQnEO,cRmEP;;AAUH,UQ1EU,YAAA,CR0EY;EAAmB,IAAA,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;MAGhC,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;OACN,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;EAAO,KAAA,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;AASV;AAgBsB,UQhGL,gBAAA,CRgGwC;EAgBzC,UAAA,CAAA,MAAa,EQ/GR,WR+GQ,EAAA,CAAA,EQ/GQ,OR+GR,CAAA,IAAA,CAAA;EAAA,YAAA,CAAA,MAAA,EQ9GN,WR8GM,EAAA,CAAA,EQ9GU,OR8GV,CAAA,IAAA,CAAA;oBACpB,CAAA,QAAA,EAAA,MAAA,EAAA,SAAA,EAAA,SAAA,GAAA,SAAA,CAAA,EQ9GiE,OR8GjE,CAAA,IAAA,CAAA;UACC,EAAA,EQ9GI,OR8GJ,CAAA,IAAA,CAAA;WACP,EAAA,EQ9GY,WR8GZ,EAAA;;iBQ3Ga,sBAAA,SACN,uBACH,eACJ"}
|
|
1
|
+
{"version":3,"file":"index.d.cts","names":["ResourceScope","IntegrationVisibility","IntegrationScope","IntegrationDesiredStatus","IntegrationActualStatus","IntegrationInstall","Record","IntegrationConfigSchemaField","IntegrationConfigResult","RegistryEntry","SecretScope","EncryptedEnvelopeV1","FIELD_FORMATS","FieldFormat","FIELD_SENSITIVITIES","FieldSensitivity","Field","SECRET_CATEGORIES","SecretCategory","FieldView","SecretAggregate","SecretMetadata","FieldEnvelope","ScopeInfo","GeneratedDataKey","CHANGELOG_ACTIONS","ChangelogAction","ChangelogActor","ChangelogEntry","AgentApiClientConfig","SyncAgentInfo","SyncManifestEntry","SyncManifest","SyncPresignedUrl","SyncConfirmedUpload","SyncReconstructFile","SyncReconstructBundle","SyncAgentStats","SyncFileEntry","SyncSessionEntry","SyncSessionContent","SharedFileEntry","AgentApiClient","Promise"],"sources":["../src/manifest.ts","../src/ignore.ts","../../agent-api-client/dist/index.d.ts","../src/sync-engine.ts","../src/watcher.ts","../src/uploader.ts","../src/downloader.ts","../src/retry.ts","../src/shared-sync.ts"],"sourcesContent":["//#region ../../packages-internal/types/dist/access.d.ts\n\n/**\n * The four resource scopes at which a permission can apply.\n * Order is meaningful: broader scopes first (`org`) → narrower last (`agent`).\n *\n * `IntegrationScope` in integration.ts and `SecretScope` in secrets.ts are\n * intentional aliases of this same enum — there is only one concept of\n * \"scope\" in Alfe.\n */\ndeclare const ResourceScope: {\n readonly Org: \"org\";\n readonly Team: \"team\";\n readonly Project: \"project\";\n readonly Agent: \"agent\";\n};\ntype ResourceScope = (typeof ResourceScope)[keyof typeof ResourceScope];\n/** Ordered tuple of resource scope string values (broad → narrow). */\n//#endregion\n//#region ../../packages-internal/types/dist/integration.d.ts\n/** Controls where an integration appears: public (everyone), hidden (nowhere) */\ndeclare const IntegrationVisibility: {\n readonly Public: \"public\";\n readonly Hidden: \"hidden\";\n};\ntype IntegrationVisibility = (typeof IntegrationVisibility)[keyof typeof IntegrationVisibility];\n/** Scope at which an integration is installed */\ndeclare const IntegrationScope: {\n readonly Org: \"org\";\n readonly Team: \"team\";\n readonly Project: \"project\";\n readonly Agent: \"agent\";\n};\ntype IntegrationScope = ResourceScope;\ndeclare const IntegrationDesiredStatus: {\n readonly Active: \"active\";\n readonly Removed: \"removed\";\n};\ntype IntegrationDesiredStatus = (typeof IntegrationDesiredStatus)[keyof typeof IntegrationDesiredStatus];\ndeclare const IntegrationActualStatus: {\n readonly Installing: \"installing\";\n readonly Active: \"active\";\n readonly Error: \"error\";\n readonly Removing: \"removing\";\n readonly Inactive: \"inactive\";\n readonly Unknown: \"unknown\";\n};\ntype IntegrationActualStatus = (typeof IntegrationActualStatus)[keyof typeof IntegrationActualStatus];\ninterface IntegrationInstall {\n scope: IntegrationScope;\n scopeId: string;\n integrationId: string;\n tenantId: string;\n desiredStatus: IntegrationDesiredStatus;\n actualStatus: IntegrationActualStatus;\n version: string;\n config: Record<string, unknown>;\n errorMessage: string;\n installedAt: string;\n updatedAt: string;\n}\n/** @deprecated Use IntegrationInstall instead */\n\ninterface IntegrationConfigSchemaField {\n key: string;\n label: string;\n type: string;\n description?: string;\n required?: boolean;\n default?: string | number | boolean;\n options?: string[];\n select_options?: {\n value: string;\n label: string;\n }[];\n oauth_provider?: string;\n oauth_scopes?: string[];\n oauth_integration_id?: string;\n editable?: string;\n hidden?: boolean;\n}\ninterface IntegrationConfigResult {\n integrationId: string;\n config: Record<string, unknown>;\n configSchema: IntegrationConfigSchemaField[];\n}\ninterface RegistryEntry {\n id: string;\n name: string;\n description: string;\n versions: string[];\n latest: string;\n repository: string;\n commit: string;\n icon?: string;\n author?: {\n name: string;\n url?: string;\n } | string;\n pricing?: {\n type: \"free\" | \"paid\" | \"usage\";\n price?: number;\n currency?: string;\n interval?: \"month\" | \"year\";\n description?: string;\n };\n features?: string[];\n preview_images?: string[];\n config_schema?: IntegrationConfigSchemaField[];\n supported_agents?: string[];\n /** Scopes where this integration can be installed */\n supported_scopes?: IntegrationScope[];\n /** Visibility status — controls where integration appears */\n visibility?: IntegrationVisibility;\n}\n//# sourceMappingURL=integration.d.ts.map\n//#endregion\n//#region ../../packages-internal/types/dist/secrets.d.ts\n/** Scope levels at which a secret can be owned. Aliased to ResourceScope. */\ntype SecretScope = ResourceScope;\n/**\n * v1 encrypted envelope as persisted by services/secrets and exchanged with\n * agents. Values are AES-256-GCM ciphertext; iv/authTag/ciphertext/dataKeyCiphertext\n * are all base64-encoded.\n */\ninterface EncryptedEnvelopeV1 {\n version: 1;\n iv: string;\n ciphertext: string;\n authTag: string;\n dataKeyCiphertext: string;\n}\n/**\n * Display/validation hint for a field's value. `\"json\"` signals that the\n * string is a JSON-stringified payload that consumers should `JSON.parse`.\n */\ndeclare const FIELD_FORMATS: readonly [\"text\", \"email\", \"url\", \"phone\", \"date\", \"number\", \"json\"];\ntype FieldFormat = (typeof FIELD_FORMATS)[number];\n/**\n * Whether a field is stored in plaintext (visible to anyone with read access)\n * or encrypted (requires KMS + the right encryption context to read).\n */\ndeclare const FIELD_SENSITIVITIES: readonly [\"plaintext\", \"encrypted\"];\ntype FieldSensitivity = (typeof FIELD_SENSITIVITIES)[number];\n/**\n * A field on a secret. `value` is always a string at the wire; for encrypted\n * fields it's the plaintext at the API edge (the service encrypts before\n * persistence). Reads from the dashboard omit `value` for encrypted fields;\n * agents get a `FieldEnvelope` instead and decrypt locally.\n */\ninterface Field {\n key: string;\n format?: FieldFormat;\n sensitivity: FieldSensitivity;\n value: string;\n}\n/**\n * Secret category — drives icon/template/filter behaviour. Defaults to\n * `\"other\"` for migrated rows.\n */\ndeclare const SECRET_CATEGORIES: readonly [\"login\", \"api_key\", \"database\", \"ssh_key\", \"certificate\", \"secure_note\", \"credit_card\", \"identity\", \"wifi\", \"other\"];\ntype SecretCategory = (typeof SECRET_CATEGORIES)[number];\n/**\n * One field as exposed to readers. Encrypted fields have no `value` on the\n * dashboard read path; the agent-side aggregate carries `envelope` instead.\n */\ninterface FieldView {\n key: string;\n format?: FieldFormat;\n sensitivity: FieldSensitivity;\n /** Present for `sensitivity: \"plaintext\"` only. */\n value?: string;\n /** Present for `sensitivity: \"encrypted\"` on agent-side reads only. */\n envelope?: EncryptedEnvelopeV1;\n /** Plaintext fields that opt into `format: \"json\"` are pre-parsed for callers. */\n parsedValue?: unknown;\n rotatedAt?: string;\n createdAt: string;\n updatedAt: string;\n}\n/** A secret as assembled from its multi-row aggregate. */\ninterface SecretAggregate {\n secretId: string;\n secretName: string;\n description?: string;\n tags: string[];\n category: SecretCategory;\n fields: FieldView[];\n changelogVersion: number;\n createdAt: string;\n updatedAt: string;\n}\n/** Metadata-only projection — used by list endpoints. */\ninterface SecretMetadata {\n secretId: string;\n secretName: string;\n description?: string;\n tags: string[];\n category: SecretCategory;\n fieldKeys: string[];\n changelogVersion: number;\n createdAt: string;\n updatedAt: string;\n}\n/**\n * Per-field encrypted envelope returned to agents on the agent-side aggregate.\n * Agents decrypt locally using a data key fetched from `/decrypt-data-key`.\n */\ninterface FieldEnvelope {\n key: string;\n format?: FieldFormat;\n envelope: EncryptedEnvelopeV1;\n rotatedAt?: string;\n createdAt: string;\n updatedAt: string;\n}\n/** A scope the caller can read or write secrets in. */\ninterface ScopeInfo {\n scope: SecretScope;\n scopeId: string;\n name?: string;\n}\n/**\n * KMS-issued data key, returned by the secrets service's\n * `/secrets/generate-data-key` KMS proxy endpoint. The plaintext key is\n * returned base64-encoded; callers MUST decode it to a Buffer and zero the\n * Buffer after use — never keep the plaintext as a JS string.\n */\ninterface GeneratedDataKey {\n plaintextKey: string;\n dataKeyCiphertext: string;\n}\n/**\n * Action types recorded in the secret changelog. Append-only.\n */\ndeclare const CHANGELOG_ACTIONS: readonly [\"created\", \"deleted\", \"metadata_updated\", \"field_added\", \"field_rotated\", \"field_removed\", \"tag_added\", \"tag_removed\"];\ntype ChangelogAction = (typeof CHANGELOG_ACTIONS)[number];\n/** Who triggered a changelog entry. */\ninterface ChangelogActor {\n kind: \"user\" | \"agent\" | \"system\";\n id: string;\n}\n/**\n * One audit row from the secret's changelog. Metadata only — never carries\n * field VALUES (old or new). Rolling back a rotated secret is intentionally\n * not supported.\n */\ninterface ChangelogEntry {\n changelogVersion: number;\n action: ChangelogAction;\n fieldKey?: string;\n fieldSensitivity?: FieldSensitivity;\n changedBy: ChangelogActor;\n reason?: string;\n timestamp: string;\n}\n//# sourceMappingURL=secrets.d.ts.map\n//#endregion\n//#region src/index.d.ts\ninterface AgentApiClientConfig {\n apiKey: string;\n apiUrl: string;\n}\ninterface SyncAgentInfo {\n agentId: string;\n tenantId: string;\n displayName: string;\n s3Prefix: string;\n status: \"stale\" | \"syncing\" | \"synced\";\n fileCount?: number;\n totalSize?: number;\n lastSync?: string;\n}\ninterface SyncManifestEntry {\n hash: string;\n size: number;\n modified: string;\n etag?: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncManifest {\n version: 1;\n agentId: string;\n lastSync: string;\n files: Record<string, SyncManifestEntry>;\n}\ninterface SyncPresignedUrl {\n path: string;\n url: string;\n expiresAt: string;\n}\ninterface SyncConfirmedUpload {\n filePath: string;\n hash: string;\n size: number;\n storageClass: \"STANDARD\" | \"GLACIER_IR\";\n syncedAt: string;\n}\ninterface SyncReconstructFile {\n path: string;\n size: number;\n url: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncReconstructBundle {\n agentId: string;\n mode: \"full\" | \"active\" | \"memory\";\n fileCount: number;\n totalSize: number;\n files: SyncReconstructFile[];\n expiresAt: string;\n}\ninterface SyncAgentStats {\n agentId: string;\n standardBytes: number;\n glacierBytes: number;\n fileCount: number;\n lastSyncAt: string | null;\n}\ninterface SyncFileEntry {\n filePath: string;\n size: number;\n modified: string;\n contentHash: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncSessionEntry {\n sessionId: string;\n size: number;\n lastModified: string;\n storageClass?: string;\n isArchived: boolean;\n}\ninterface SyncSessionContent {\n sessionId: string;\n content: string;\n compressed: boolean;\n}\ninterface SharedFileEntry {\n filePath: string;\n fileName: string;\n size: number;\n contentType?: string;\n}\ndeclare class AgentApiClient {\n private readonly apiKey;\n private readonly apiUrl;\n constructor(config: AgentApiClientConfig);\n private request;\n syncRegister(args?: {\n displayName?: string;\n }): Promise<{\n agent: SyncAgentInfo;\n }>;\n syncGetManifest(): Promise<SyncManifest>;\n syncPresign(args: {\n files: {\n path: string;\n operation: \"put\" | \"get\";\n contentType?: string;\n }[];\n }): Promise<{\n urls: SyncPresignedUrl[];\n }>;\n syncConfirmUpload(args: {\n filePath: string;\n hash: string;\n size: number;\n storageClass?: \"STANDARD\" | \"GLACIER_IR\";\n }): Promise<SyncConfirmedUpload>;\n syncReconstruct(args: {\n mode: \"full\" | \"active\" | \"memory\";\n }): Promise<SyncReconstructBundle>;\n syncGetStats(): Promise<SyncAgentStats>;\n syncListFiles(args?: {\n prefix?: string;\n }): Promise<{\n files: SyncFileEntry[];\n }>;\n syncListSessions(): Promise<{\n sessions: SyncSessionEntry[];\n }>;\n syncGetSession(sessionId: string): Promise<SyncSessionContent>;\n syncDeleteFile(filePath: string): Promise<{\n removed: boolean;\n }>;\n sharedListFiles(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n }): Promise<{\n files: SharedFileEntry[];\n nextCursor: string | null;\n }>;\n sharedDownloadUrl(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n filePath: string;\n }): Promise<{\n downloadUrl: string;\n expiresIn: number;\n }>;\n listIntegrations(): Promise<IntegrationInstall[]>;\n getIntegrationConfig(integrationId: string): Promise<IntegrationConfigResult>;\n updateIntegrationConfig(integrationId: string, config: Record<string, unknown>): Promise<void>;\n installIntegration(integrationId: string, options?: {\n version?: string;\n config?: Record<string, unknown>;\n }): Promise<IntegrationInstall>;\n removeIntegration(integrationId: string): Promise<IntegrationInstall>;\n getOAuthUrl(provider: string, scopes?: string[]): Promise<{\n url: string;\n provider: string;\n expiresIn: number;\n }>;\n getOAuthStatus(provider: string): Promise<{\n provider: string;\n connected: boolean;\n config?: Record<string, string>;\n }>;\n getRegistry(): Promise<{\n integrations: RegistryEntry[];\n }>;\n getGoogleCredentials(): Promise<{\n accounts?: {\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n enabledServices?: string[];\n isDefault: boolean;\n displayName?: string;\n }[];\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n projectId: string;\n enabledServices?: string[];\n }>;\n disconnectGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n isDefault: boolean;\n }[];\n }>;\n setDefaultGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n isDefault: boolean;\n }[];\n }>;\n getGoogleChatCredentials(): Promise<{\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n displayName?: string;\n }>;\n getGithubCredentials(): Promise<{\n login: string;\n accessToken: string;\n }>;\n getXeroCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n xeroTenantId: string;\n }>;\n refreshXeroToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getNotionCredentials(): Promise<{\n accessToken: string;\n workspaceId: string;\n workspaceName: string;\n }>;\n getAtlassianCredentials(): Promise<{\n accessToken: string;\n refreshToken: string;\n accessTokenExpiresAt: string;\n cloudId: string;\n siteName: string;\n siteUrl: string;\n email: string;\n enabledProducts: string[];\n clientId: string;\n clientSecret: string;\n }>;\n refreshAtlassianToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getMYOBCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n myobBusinessId: string;\n clientId: string;\n }>;\n refreshMYOBToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getTeamsCredentials(): Promise<{\n agentId: string;\n tenantId: string;\n azureAppId: string;\n azureBotId: string;\n azureClientSecret: string;\n botDisplayName?: string;\n teamsTenantId?: string;\n serviceUrl?: string;\n }>;\n sendTeamsMessage(data: {\n conversationId: string;\n text?: string;\n adaptiveCard?: Record<string, unknown>;\n }): Promise<{\n ok: boolean;\n activityId: string;\n }>;\n listTeamsChannels(): Promise<{\n channels: {\n id: string;\n name: string;\n description?: string;\n }[];\n }>;\n presignAttachments(files: {\n filename: string;\n mimeType: string;\n size: number;\n }[]): Promise<{\n attachments: {\n id: string;\n uploadUrl: string;\n downloadUrl: string;\n s3Key: string;\n expiresAt: string;\n }[];\n }>;\n recordActivity(data: {\n userId?: string;\n channel: string;\n role: \"user\" | \"assistant\";\n }): Promise<{\n recorded: boolean;\n }>;\n /**\n * Mint a fresh AES-256 data key for a specific (secret, field) pair. The\n * encryption context is rebuilt server-side from `auth.tenantId` + the body\n * fields including `fieldKey`; the agent cannot forge context for a scope\n * or field it doesn't own. Legacy single-envelope secrets are migrated to\n * `field#value` rows by the data migration, so call with `fieldKey: \"value\"`\n * to reach them.\n */\n generateSecretDataKey(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<GeneratedDataKey>;\n /**\n * Unwrap a wrapped data key so the agent can decrypt the envelope locally.\n * `fieldKey` MUST match the value supplied when the data key was generated\n * (it's bound into KMS encryption context); mismatch fails with\n * `InvalidCiphertextException`.\n */\n decryptSecretDataKey(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n dataKeyCiphertext: string;\n }): Promise<{\n plaintextKey: string;\n }>;\n /**\n * Create a new secret with one or more fields. Encrypted fields must arrive\n * pre-sealed (the agent has already obtained per-field data keys via\n * `generateSecretDataKey({ ..., fieldKey })` and AES-encrypted locally).\n * Plaintext fields ship the value inline.\n */\n createSecret(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n secretName: string;\n category?: SecretCategory;\n description?: string;\n tags?: string[];\n fields: {\n key: string;\n format?: FieldFormat;\n sensitivity: FieldSensitivity;\n value?: string;\n envelope?: EncryptedEnvelopeV1;\n }[];\n reason?: string;\n }): Promise<SecretAggregate>;\n /** Fetch the secret aggregate plus per-field encrypted envelopes. */\n getSecret(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<{\n aggregate: SecretAggregate;\n envelopes: FieldEnvelope[];\n }>;\n /** Fetch one field. Plaintext: value inline. Encrypted: envelope. */\n getSecretField(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<{\n key: string;\n sensitivity: FieldSensitivity;\n format?: FieldFormat;\n value?: string;\n envelope?: EncryptedEnvelopeV1;\n rotatedAt?: string;\n createdAt: string;\n updatedAt: string;\n }>;\n /** Add OR rotate one field. */\n setSecretField(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n sensitivity: FieldSensitivity;\n format?: FieldFormat;\n value?: string;\n envelope?: EncryptedEnvelopeV1;\n reason?: string;\n }): Promise<{\n fieldKey: string;\n rotated: boolean;\n }>;\n /** Remove one field. */\n removeSecretField(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<void>;\n /** Update secret-level metadata (name/description/tags/category). */\n updateSecretMetadata(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n secretName?: string;\n description?: string;\n tags?: string[];\n category?: SecretCategory;\n reason?: string;\n }): Promise<SecretAggregate>;\n /** List metadata for secrets in a scope. Optional filters route through the byFacet GSI. */\n listSecrets(args: {\n scope: SecretScope;\n scopeId: string;\n category?: SecretCategory;\n tag?: string;\n fieldKey?: string;\n }): Promise<SecretMetadata[]>;\n /** Bounded changelog read — metadata-only audit entries. */\n getSecretHistory(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n limit?: number;\n cursor?: string;\n }): Promise<{\n entries: ChangelogEntry[];\n nextCursor?: string;\n }>;\n /** Delete a secret (and all its field rows + tag rows + changelog rows). */\n deleteSecret(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<void>;\n /** Enumerate scopes (org/team/project/agent) this agent can access. */\n listSecretScopes(): Promise<ScopeInfo[]>;\n resolveIdentity(args: {\n provider: string;\n platformId: string;\n kind?: \"user\" | \"agent\" | \"service\" | \"bot\" | \"workspace\";\n displayName?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n created?: boolean;\n reason?: string;\n /**\n * Flattened auriclabs permission strings for the resolved identity\n * (scope-prefixed where applicable). Empty array on miss / org service\n * outage — the runtime gate fails closed in that case.\n */\n permissions: string[];\n }>;\n searchIdentities(args?: {\n q?: string;\n status?: string;\n limit?: number;\n }): Promise<{\n identities: unknown[];\n }>;\n getIdentityContext(identityId: string): Promise<{\n context: unknown;\n }>;\n mergeIdentities(survivorId: string, args: {\n mergedId: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n unmergeIdentity(identityId: string, args: {\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n addIdentityNote(identityId: string, args: {\n content: string;\n category?: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n noteId: string | null;\n }>;\n tagIdentity(identityId: string, args: {\n tag: string;\n action: \"add\" | \"remove\";\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n }>;\n getIdentityChangelog(identityId: string, args?: {\n limit?: number;\n }): Promise<{\n entries: unknown[];\n }>;\n rollbackIdentity(identityId: string, args: {\n targetVersion: number;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n entry?: unknown;\n }>;\n requestIdentityVerification(args: {\n claimedIdentityId: string;\n requestingIdentityId: string;\n requestingProvider: string;\n requestingPlatformId: string;\n preferredChannel?: \"mobile\" | \"email\";\n /**\n * Phase 2: agent-supplied contact endpoint. When provided, the top-level\n * `preferredChannel` is ignored — the contact's channel wins.\n */\n contact?: {\n channel: \"email\" | \"mobile\";\n value: string;\n };\n }): Promise<{\n verificationId: string;\n channel: string;\n deliveredTo: string;\n expiresAt: string;\n availableChannels: {\n channel: string;\n deliveredTo: string;\n }[];\n } | {\n error: string;\n }>;\n confirmIdentityVerification(args: {\n claimedIdentityId: string;\n verificationId: string;\n phrase: string;\n }): Promise<{\n verified: boolean;\n identityId?: string;\n /** Phase 2: how the confirm resolved — Scenario A vs B. */\n action?: \"merged\" | \"contact_verified\";\n error?: string;\n }>;\n /**\n * Update display-shape fields on an Identity. Body excludes `email` /\n * `phone` / `title` / `company` / `metadata` per Section D4 — contacts go\n * via the verify flow, title/company live on OrgMembership, metadata is\n * not agent-writable.\n */\n updateIdentity(identityId: string, args: {\n name?: string;\n avatarUrl?: string;\n timezone?: string;\n locale?: string;\n }): Promise<{\n ok: boolean;\n }>;\n /**\n * Phase 2 (Section H): server-side verification of a Google Chat sender via\n * the agent's existing Google OAuth credentials. Returns the resolved\n * identity (created or matched via Scenario-B email enrichment).\n */\n resolveGoogleChatSender(args: {\n senderUserId: string;\n spaceId?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n }>;\n memorySearch(query: string, opts?: {\n limit?: number;\n topic?: string;\n subtopic?: string;\n tag?: string;\n includeKnowledge?: boolean;\n }): Promise<{\n facts: {\n subject: string;\n predicate: string;\n object: string;\n since: string;\n confidence: number;\n }[];\n memories: {\n id: string;\n text: string;\n topic: string;\n subtopic: string;\n tag: string;\n importance: number;\n timestamp: number;\n score: number;\n }[];\n }>;\n memoryStore(text: string, opts?: {\n topic?: string;\n subtopic?: string;\n tag?: string;\n importance?: number;\n }): Promise<{\n memoryId: string;\n }>;\n memoryIngest(sessionKey: string, messages: {\n role: string;\n content: string;\n index: number;\n timestamp?: string;\n }[], metadata?: {\n channelId?: string;\n userId?: string;\n userName?: string;\n }): Promise<{\n queued: boolean;\n messageCount: number;\n }>;\n memoryLoadContext(tier?: number, topicHint?: string): Promise<{\n formatted: string;\n [key: string]: unknown;\n }>;\n memoryLookupEntity(subject: string): Promise<{\n subject: string;\n triples: {\n tripleId: string;\n predicate: string;\n object: string;\n validFrom: string;\n validTo?: string;\n confidence: number;\n }[];\n }>;\n memoryNavigate(): Promise<{\n topics: {\n name: string;\n tripleCount: number;\n subtopics: string[];\n }[];\n cursor: string | null;\n }>;\n memoryDelete(memoryId: string): Promise<{\n deleted: boolean;\n }>;\n memoryStats(): Promise<{\n vectorCount: number;\n tripleCount: number;\n storageEstimateBytes: number;\n lastIngestionAt?: string;\n }>;\n memoryLearn(args: {\n text: string;\n source?: string;\n sourceType?: \"file\" | \"url\" | \"inline\";\n metadata?: {\n sessionId?: string;\n channelId?: string;\n userName?: string;\n };\n }): Promise<{\n memoriesStored: number;\n triplesStored: number;\n chunks: number;\n source?: string;\n }>;\n memoryBootstrapStatus(): Promise<{\n synced: boolean;\n syncedAt?: string;\n }>;\n memoryBootstrapStatusMark(): Promise<{\n synced: true;\n syncedAt: string;\n }>;\n searchWeb(params: {\n query: string;\n count?: number;\n offset?: number;\n country?: string;\n freshness?: string;\n }): Promise<unknown>;\n searchImages(params: {\n query: string;\n count?: number;\n }): Promise<unknown>;\n searchNews(params: {\n query: string;\n count?: number;\n freshness?: string;\n }): Promise<unknown>;\n registerDatabaseCredentials(): Promise<{\n connectionString: string;\n username: string;\n password: string;\n databases: string[];\n }>;\n reportDatabaseAudit(entry: {\n database: string;\n collection: string;\n operation: string;\n summary?: string;\n }): Promise<void>;\n}\n//# sourceMappingURL=index.d.ts.map\n//#endregion\nexport { AgentApiClient, AgentApiClientConfig, type ChangelogAction, type ChangelogActor, type ChangelogEntry, type EncryptedEnvelopeV1, type Field, type FieldEnvelope, type FieldFormat, type FieldSensitivity, type FieldView, type GeneratedDataKey, type IntegrationConfigResult, type IntegrationConfigSchemaField, type IntegrationInstall, type RegistryEntry, type ScopeInfo, type SecretAggregate, type SecretCategory, type SecretMetadata, type SecretScope, SharedFileEntry, SyncAgentInfo, SyncAgentStats, SyncConfirmedUpload, SyncFileEntry, SyncManifest, SyncManifestEntry, SyncPresignedUrl, SyncReconstructBundle, SyncReconstructFile, SyncSessionContent, SyncSessionEntry };\n//# sourceMappingURL=index.d.ts.map"],"mappings":";;;;;;;AAyBA;AAOA;;;;;AAIA;AAiBA;AA4BsB,UAxDL,aAAA,CAwDiB;EAAA,IAAA,EAAA,MAAA;MAEvB,EAAA,MAAA;YAAR,EAAA,MAAA;EAAO,YAAA,EAAA,UAAA,GAAA,YAAA;AAmBV;AAAmC,UAtElB,aAAA,CAsEkB;OAEvB,EAvEH,MAuEG,CAAA,MAAA,EAvEY,aAuEZ,CAAA;;AACF,UArEO,cAAA,CAqEP;EAUY,OAAA,EAAA,CAAA;EAAmB,OAAA,EAAA,MAAA;UAGhC,EAAA,MAAA;OACN,EA/EM,MA+EN,CAAA,MAAA,EAAA;IAAO,IAAA,EAAA,MAAA;IASY,IAAA,EAAA,MAAA;IAgBA,QAAA,EAAA,MAAe;IAgBrB,IAAA,CAAA,EAAA,MAAa;IAAA,YAAA,CAAA,EAAA,MAAA;IACpB,UAAA,CAAA,EAAA,OAAA;;;AAEM,UA9GE,YAAA,CA8GF;;;;ECzIO,MAAA,EAAA,MAAA,EAAA;EA4BN;EAaA,SAAA,EAAA,MAAa,EAAA;;;;;ACpD5B;;;;;AACqE;AASjEC,iBFwDiB,YAAA,CExDI,aAAA,EAAA,MAAA,CAAA,EF0DvB,OE1DuB,CF0Df,aE1De,CAAA;;;;;AAEZC,iBF2EQ,aAAA,CEtErB,aAAA,EAAA,MAAA,EAAA,QAAA,EFwEW,aExEX,CAAA,EFyEE,OEzEF,CAAA,IAAA,CAAA;AAAA;AACoC;AAIpC;AAC4B,iBF6EP,mBAAA,CE7EO,aAAA,EAAA,MAAA,EAAA,YAAA,EAAA,MAAA,EAAA,KAAA,EFgFpB,aEhFoB,CAAA,EFiF1B,OEjF0B,CAAA,IAAA,CAAA;;;;AACfE,iBFyFQ,mBAAA,CElFrB,aAAA,EAAA,MAAA,EAAA,YAAA,EAAA,MAAA,CAAA,EFqFE,OErFF,CAAA,IAAA,CAAA;AAAA;;;;AACmG,iBFiG9E,eAAA,CEjG8E,QAAA,EAAA,MAAA,CAAA,EFiG3C,OEjG2C,CAAA,MAAA,CAAA;AAAA;;;;;AAS1FE,iBFwGM,aAAA,CExGNA,KAAAA,EFyGD,aEzGCA,EAAAA,MAAAA,EF0GA,cE1GAA,CAAAA,EF2GP,YE3GOA;;;;;;;AF/BV;AAOA;;;;AACe,iBCPO,kBAAA,CDOP,aAAA,EAAA,MAAA,CAAA,ECLZ,ODKY,CAAA,MAAA,EAAA,CAAA;AAGf;AAiBA;AA4BA;AAAkC,iBC3BlB,YAAA,CD2BkB,YAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,EAAA,CAAA,EAAA,OAAA;;;;AAqBZ,iBCnCN,aAAA,CDmCmB,KAAA,EAAA,MAAA,EAAA,EAAA,QAAA,EAAA,MAAA,EAAA,CAAA,EAAA,MAAA,EAAA;;;;;;;AA7EnC;AAOA;;;;;AAIA;AAiBA,cE3CcN,aF2Ce,EAAA;EA4B7B,SAAsB,GAAA,EAAA,KAAY;EAAA,SAAA,IAAA,EAAA,MAAA;WAEvB,OAAA,EAAA,SAAA;WAAR,KAAA,EAAA,OAAA;CAAO;AAmBV,KEtFKA,aAAAA,GFsF8B,CAAA,OEtFNA,aFsFM,CAAA,CAAA,MAAA,OEtFsBA,aFsFtB,CAAA;;;;;AAanC,cE9FcC,qBF8F2B,EAAA;EAAA,SAAA,MAAA,EAAA,QAAA;WAGhC,MAAA,EAAA,QAAA;;KE7FJA,qBAAAA,GF8FK,CAAA,OE9F2BA,qBF8F3B,CAAA,CAAA,MAAA,OE9F+DA,qBF8F/D,CAAA;AASV;AAgBA,cErHcC,gBFqHuB,EAAA;EAgBrC,SAAgB,GAAA,EAAA,KAAa;EAAA,SAAA,IAAA,EAAA,MAAA;WACpB,OAAA,EAAA,SAAA;WACC,KAAA,EAAA,OAAA;;KEjILA,gBAAAA,GAAmBF,aFkIT;cEjIDG;;;ADRd,CAAA;AA4BA,KChBKA,wBAAAA,GDgBuB,CAAA,OChBYA,wBDgBZ,CAAA,CAAA,MAAA,OChBmDA,wBDgBnD,CAAA;AAa5B,cC5BcC,uBD4Be,EAAA;;;;WCzDfJ,QAAAA,EAKb,UAAA;EAAA,SACIA,QAAAA,EAAa,UAAA;EAAA,SAAA,OAAA,EAAA,SAAA;;KA+BbI,uBAAAA,GA/BoDJ,CAAAA,OA+BlBI,uBA/BkBJ,CAAAA,CAAAA,MAAAA,OA+BoBI,uBA/BpBJ,CAAAA;UAgC/CK,kBAAAA,CAhC4D;EAAA,KAKxDJ,EA4BLC,gBA5BKD;EAGb,OACIA,EAAAA,MAAAA;EAAqB,aAAA,EAAA,MAAA;UAAWA,EAAAA,MAAAA;eAAoCA,EA4BxDE,wBA5BwDF;EAAqB,YAAA,EA6B9EG,uBA7B8E;EAAA,OAEhFF,EAAAA,MAAAA;EAKb,MACIA,EAuBKI,MAvBLJ,CAAAA,MAAgB,EAAA,OAAA,CAAA;EAAgB,YACvBC,EAAAA,MAAAA;EAGb,WACIA,EAAAA,MAAAA;EAAwB,SAAA,EAAA,MAAA;;;;AAA0E,UAyB7FI,4BAAAA,CAjBT;EAAA,GACIH,EAAAA,MAAAA;EAAuB,KAAA,EAAA,MAAA;QAAWA,MAAAA;aAAsCA,CAAAA,EAAAA,MAAAA;EAAuB,QAAA,CAAA,EAAA,OAAA;EAAA,OAC1FC,CAAAA,EAAAA,MAAAA,GAAAA,MAAkB,GAAA,OAAA;EAAA,OAAA,CAAA,EAAA,MAAA,EAAA;gBACnBH,CAAAA,EAAAA;SAIQC,EAAAA,MAAAA;SACDC,EAAAA,MAAAA;;EAEA,cAAA,CAAA,EAAA,MAAA;EAAA,YAONG,CAAAA,EAAAA,MAAAA,EAAAA;EAA4B,oBAkB5BC,CAAAA,EAAAA,MAAuB;EAAA,QAAA,CAAA,EAAA,MAAA;QAEvBF,CAAAA,EAAAA,OAAAA;;UAFAE,uBAAAA,CAGkC;EAAA,aAElCC,EAAAA,MAAa;EAAA,MAAA,EAHbH,MAGa,CAAA,MAAA,EAAA,OAAA,CAAA;cAsBLC,EAxBFA,4BAwBEA,EAAAA;;UAtBRE,aAAAA,CA2BKR;EAAqB,EAAA,EAAA,MAAA;EAAA,IAM/BS,EAAAA,MAAAA;EAA2B,WAMtBC,EAAAA,MAAAA;EAAmB,QAWfC,EAAAA,MAAAA,EAAmF;EAAA,MAC5FC,EAAAA,MAAAA;EAAmC,UAK1BC,EAAAA,MAAAA;EAAwD,MACjEC,EAAAA,MAAAA;EAU0B,IAOjBE,CAAAA,EAAAA,MAAAA;EAAiJ,MAC1JC,CAAAA,EAAAA;IAKKC,IAAAA,EAAAA,MAAS;IAAA,GAAA,CAAA,EAAA,MAAA;YAERN;SACIE,CAAAA,EAAAA;QAIFJ,EAAAA,MAAAA,GAAAA,MAAAA,GAAAA,OAAAA;IAAmB,KAAA,CAAA,EAAA,MAAA;IAQtBS,QAAAA,CAAAA,EAAAA,MAAAA;IAAe,QAAA,CAAA,EAAA,OAAA,GAAA,MAAA;eAKbF,CAAAA,EAAAA,MAAAA;;EACO,QAAA,CAAA,EAAA,MAAA,EAAA;EAAA,cAMTG,CAAAA,EAAAA,MAAc,EAAA;EAKE,aAUhBC,CAAAA,EApGQf,4BAoGK,EAAA;EAAA,gBAAA,CAAA,EAAA,MAAA,EAAA;;kBAGXI,CAAAA,EApGST,gBAoGTS,EAAAA;EAAmB;EAAA,UAMrBY,CAAAA,EAxGKtB,qBAyGNS;AAAW;AAUM;AAOuI;AACjH;AAExB;KAvHnBA,WAAAA,GAAcV,aAgIK;;;;;AAKG;AAOG,UAtIpBW,mBAAAA,CA0Ia;EAAA,OAUboB,EAAAA,CAAAA;EAAiB,EAQjBC,EAAAA,MAAAA;EAAY,UAAA,EAAA,MAAA;SAIED,EAAAA,MAAAA;mBAAfzB,EAAAA,MAAAA;;AAAM;AAEW;AAKG;AAOA;AAYD,cA/KdM,aAkLU,EAAA,SAAA,CAAA,MAAA,EAAA,OAAA,EAAA,KAAA,EAAA,OAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,CAAA;AAAA,KAjLnBC,WAAAA,GAwLKyB,CAAa,OAxLI1B,aAwLJ,CAAA,CAAA,MAAA,CAAA;AAAA;AAQG;AAOE;AAKH;cAvMXE,mBA6Mc,EAAA,SAAA,CAAA,WAAA,EAAA,WAAA,CAAA;KA5MvBC,gBAAAA,GA+MiBc,CAAAA,OA/MUf,mBA+MVe,CAAAA,CAAAA,MAAAA,CAAAA;;;;;;;;;;;;cA9LRZ,iBAiO+BuB,EAAAA,SAAAA,CAAAA,OAAAA,EAAAA,SAAAA,EAAAA,UAAAA,EAAAA,SAAAA,EAAAA,aAAAA,EAAAA,aAAAA,EAAAA,aAAAA,EAAAA,UAAAA,EAAAA,MAAAA,EAAAA,OAAAA,CAAAA;KAhOxCtB,cAAAA,GAgOgCyB,CAAAA,OAhOP1B,iBAgOO0B,CAAAA,CAAAA,MAAAA,CAAAA;;;;;UA3N3BxB,SAAAA,CA8OoBd;OAARsC,MAAAA;QACiCnC,CAAAA,EA7O5CK,WA6O4CL;aAARmC,EA5OhC5B,gBA4OgC4B;;OACoCA,CAAAA,EAAAA,MAAAA;;UAIrEtC,CAAAA,EA7ODM,mBA6OCN;;aACsCA,CAAAA,EAAAA,OAAAA;WAARsC,CAAAA,EAAAA,MAAAA;WACQA,EAAAA,MAAAA;WAQvCrC,EAAAA,MAAAA;;;UA/OHc,eAAAA,CAiPOuB;UAGSA,EAAAA,MAAAA;YAiBgBA,EAAAA,MAAAA;aAOAA,CAAAA,EAAAA,MAAAA;QAOZA,MAAAA,EAAAA;UAOJA,EArRdzB,cAqRcyB;QAIFA,EAxRdxB,SAwRcwB,EAAAA;kBAKFA,EAAAA,MAAAA;WAIIA,EAAAA,MAAAA;WAKGA,EAAAA,MAAAA;;;UAhSnBtB,cAAAA,CAsTYsB;UAIGA,EAAAA,MAAAA;YAaNrC,EAAAA,MAAAA;aACbqC,CAAAA,EAAAA,MAAAA;QAIiBA,MAAAA,EAAAA;UAWfA,EAlVIzB,cAkVJyB;WAaFA,EAAAA,MAAAA,EAAAA;kBAYKjC,EAAAA,MAAAA;WAIGc,EAAAA,MAAAA;WAARmB,EAAAA,MAAAA;;;;;;UArWIrB,aAAAA,CAsYSP;OAEFJ,MAAAA;QAGHS,CAAAA,EAzYHP,WAyYGO;UAARuB,EAxYMhC,mBAwYNgC;WAGKjC,CAAAA,EAAAA,MAAAA;WAIIU,EAAAA,MAAAA;WACAE,EAAAA,MAAAA;;;UA1YLC,SAAAA,CAoZOR;OACJF,EApZJH,WAoZIG;SAEEF,EAAAA,MAAAA;OALTgC,EAAAA,MAAAA;;;;;;;;UAvYInB,gBAAAA,CAyaCd;cAMIQ,EAAAA,MAAAA;mBAEDE,EAAAA,MAAAA;;;;;cA1aAK,iBAkbRkB,EAAAA,SAAAA,CAAAA,SAAAA,EAAAA,SAAAA,EAAAA,kBAAAA,EAAAA,aAAAA,EAAAA,eAAAA,EAAAA,eAAAA,EAAAA,WAAAA,EAAAA,aAAAA,CAAAA;KAjbDjB,eAAAA,GAobMhB,CAAAA,OApboBe,iBAobpBf,CAAAA,CAAAA,MAAAA,CAAAA;;UAlbDiB,cAAAA,CAubJgB;QAMKjC,MAAAA,GAAAA,OAAAA,GAAAA,QAAAA;YAGLiC;;;;;;;UAvbIf,cAAAA,CAseJe;kBAYAA,EAAAA,MAAAA;QAWAA,EA3fIjB,eA2fJiB;UAKAA,CAAAA,EAAAA,MAAAA;kBAUAA,CAAAA,EAxgBe5B,gBAwgBf4B;WAkBAA,EAzhBOhB,cAyhBPgB;QAgBAA,CAAAA,EAAAA,MAAAA;WAkBAA,EAAAA,MAAAA;;;;;UApjBId,oBAAAA,CAinB8Cc;QAIjBA,EAAAA,MAAAA;QAWnBA,EAAAA,MAAAA;;UA5nBVb,aAAAA,CAuoBOa;SAeXA,EAAAA,MAAAA;UAMqBA,EAAAA,MAAAA;aAIIA,EAAAA,MAAAA;UAUzBA,EAAAA,MAAAA;QAIAA,EAAAA,OAAAA,GAAAA,SAAAA,GAAAA,QAAAA;WAKAA,CAAAA,EAAAA,MAAAA;WAC2BA,CAAAA,EAAAA,MAAAA;UAW3BA,CAAAA,EAAAA,MAAAA;;UArrBIZ,iBAAAA;;;ECnPV,QAAiB,EAAA,MAAU;EAO3B,IAAiB,CAAA,EAAA,MAAA;EAWjB,YAAgB,CAAA,EAAA,MAAgB;EAAA,UAAA,CAAA,EAAA,OAAA;;UDyOtBC,YAAAA,CCzOwC;SAAU,EAAA,CAAA;;UAY7C,EAAA,MAAA;OAAR,EDiOE1B,MCjOF,CAAA,MAAA,EDiOiByB,iBCjOjB,CAAA;;UDmOGE,gBAAAA,CCnMyC;QAqCY,MAAA;OAAR,MAAA;WA4FxC,EAAA,MAAA;;UDuELC,mBAAAA,CC5BH;EAAO,QAAA,EAAA,MAAA;EAmBd,IAAY,EAAA,MAAA;EAAU,IAAA,EAAA,MAAA;cAAqB,EAAA,UAAA,GAAA,YAAA;UAAlB,EAAA,MAAA;;UDgBfC,mBAAAA;;;EEhSV,GAAiB,EAAA,MAAA;EAajB,YAAsB,CAAA,EAAA,MAAY;EAAA,UAAA,CAAA,EAAA,OAAA;;UF0RxBC,qBAAAA,CExRO;SAAd,EAAA,MAAA;EAAO,IAAA,EAAA,MAAA,GAAA,QAAA,GAAA,QAAA;;;SF6RDD;EGhST,SAAiB,EAAA,MAAY;AA4F7B;UHuMUE,cAAAA,CGvMuB;SAGvB,EAAA,MAAA;eAEC,EAAA,MAAA;cAAR,EAAA,MAAA;EAAO,SAAA,EAAA,MAAA;;;UHyMAC,aAAAA;EI5SV,QAAiB,EAAA,MAAA;EAqDjB,IAAsB,EAAA,MAAA;EAAa,QAAA,EAAA,MAAA;aAGzB,EAAA,MAAA;cACS,CAAA,EAAA,MAAA;YAER,CAAA,EAAA,OAAA;;UJyPDC,gBAAAA,CIzPA;;;;ECxEV,YAAiB,CAAA,EAAA,MAAY;EAU7B,UAAsB,EAAA,OAAS;;UL8TrBC,kBAAAA,CK7TU;WAAR,EAAA,MAAA;SACD,EAAA,MAAA;YACA,EAAA,OAAA;;ULgUDC,eAAAA,CKhUA;;;;ECSV,WAAiB,CAAA,EAAA,MAAW;AAM5B;AAGC,cNoTaC,cAAAA,CMlTQ;EAOtB,iBAAiB,MAAgB;EAAA,iBAAA,MAAA;aACZ,CAAA,MAAA,EN6SCb,oBM7SD;UAAgB,OAAA;cACd,CAAA,KAAA,EAAA;eAAgB,CAAA,EAAA,MAAA;MNgTjCc,OM/SoE,CAAA;SAC5D,EN+SHb,aM/SG;;EACY,eAAA,CAAA,CAAA,ENgTLa,OMhTK,CNgTGX,YMhTH,CAAA;EAG1B,WAAgB,CAAA,IAAA,EAAA;IAAsB,KAAA,EAAA;UAC5B,EAAA,MAAA;eACH,EAAA,KAAA,GAAA,KAAA;iBACJ,CAAA,EAAA,MAAA;IAAgB,CAAA,EAAA;MNiTbW;UACIV;;;;;;;MAOJU,QAAQT;;;MAGRS,QAAQP;kBACIO,QAAQN;;;MAGpBM;WACKL;;sBAEWK;cACRJ;;qCAEuBI,QAAQH;oCACTG;;;;;;MAM9BA;WACKF;;;;;;;MAOLE;;;;sBAIgBA,QAAQtC;+CACiBsC,QAAQnC;yDACEF,0BAA0BqC;;;aAGtErC;MACPqC,QAAQtC;4CAC8BsC,QAAQtC;oDACAsC;;;;;oCAKhBA;;;aAGvBrC;;iBAEIqC;kBACClC;;0BAEQkC;;;;;;;;;;;;;;;;;0CAiBgBA;;;;;;;0CAOAA;;;;;;;8BAOZA;;;;;;;0BAOJA;;;;wBAIFA;;;;;sBAKFA;;;;0BAIIA;;;;;6BAKGA;;;;;;;;;;;;2BAYFA;;;;wBAIHA;;;;;;sBAMFA;;;;yBAIGA;;;;;;;;;;;;;mBAaNrC;MACbqC;;;;uBAIiBA;;;;;;;;;;;QAWfA;;;;;;;;;;;;;MAaFA;;;;;;;;;;;;WAYKjC;;;;MAILiC,QAAQnB;;;;;;;;WAQHd;;;;;MAKLiC;;;;;;;;;;WAUKjC;;;;eAIIQ;;;;;eAKAL;mBACIE;;iBAEFJ;;;MAGXgC,QAAQvB;;;WAGHV;;;MAGLiC;eACSvB;eACAE;;;;WAIJZ;;;;MAILiC;;iBAEW5B;aACJF;;eAEEF;;;;;;;WAOJD;;;;iBAIMK;aACJF;;eAEEF;;MAETgC;;;;;;WAMKjC;;;;MAILiC;;;WAGKjC;;;;;;eAMIQ;;MAETyB,QAAQvB;;;WAGHV;;eAEIQ;;;MAGTyB,QAAQtB;;;WAGHX;;;;;MAKLiC;aACOf;;;;;WAKFlB;;;MAGLiC;;sBAEgBA,QAAQpB;;;;;;MAMxBoB;;;;;;;;;;;;;;;;MAgBAA;;;0CAGoCA;;;;;;;;;;MAUpCA;;;;;;;;;;MAUAA;;;;;;;;;;;;MAYAA;;;;;;;;;;;MAWAA;;;;;MAKAA;;;;;;;;;;MAUAA;;;;;;;;;;;;;;;;;;MAkBAA;;;;;;;;;;;;;;;;MAgBAA;;;;;;;;;;;;;;;;;;MAkBAA;;;;;;;;;;;MAWAA;;;;;;;;;;MAUAA;;;;;;;;;;;;;;;;;;;;;;;;MAwBAA;;;;;;;;;;;;MAYAA;;;;wDAIkDA;;;;uCAIjBA;;;;;;;;;;;oBAWnBA;;;;;;;;kCAQcA;;;iBAGjBA;;;;;;;;;;;;;;;MAeXA;;;;;;2BAMqBA;;;;+BAIIA;;;;;;;;;;MAUzBA;;;;MAIAA;;;;;MAKAA;iCAC2BA;;;;;;;;;;;MAW3BA;;;;;;AFr3B4B,UGnDjB,UAAA,CHmDiB;QAEvB,EAAA,MAAA;QAAR,EAAA,MAAA;EAAO,SAAA,EAAA,MAAA;EAmBY,MAAA,EAAA,MAAA;;AAEV,UGnEK,iBAAA,CHmEL;eACT,EAAA,MAAA;EAAO,MAAA,EGlEA,cHkEA;AAUV;;;;;AAaA;AAgBA;AAgBgB,iBGhHA,gBAAA,CHgHa;EAAA,aAAA;EAAA;AAAA,CAAA,EGhH+B,iBHgH/B,CAAA,EAAA;EAAA,aAAA,EAAA,MAAA;QACpB,gBAAA;;;;;gCC3GO;;IA5BM,MAAA,CAAA,EAAA,MAAA;EA4BN,CAAA,CAAA,EEMT,OFNS,CEMD,UFNa,CAAA;EAaZ;;;MEyBmC,QAAQ;EDlF7C3C;AAKb;;;UACwDA,CAAAA,OAK3CC,CAL2CD,EAAAA;IAAa,KAAA,CAAA,EAAA,OAAA;EAKxDC,CAAAA,CAAAA,EC4GyC,OD5GzCA,CC4GiD,UD5GjDA,CAAAA;EAITA;;;;EAAyF,SAAA,CAAA,KAAA,EAAA,MAAA,EAAA,EAAA,OAQzFC,CARyF,EAAA;IAEhFA,KAAAA,CAAAA,EAAAA,OAKb;EACIA,CAAAA,CAAAA,EC4LE,OD5LFA,CC4LU,UD5LM,CAAA;EACPC;AAGb;;;iBAC8EA,CAAAA,QAAAA,EAAAA,MAAAA,EAAAA,OACjEC,CADiED,EAAAA;IAAwB,KAAA,CAAA,EAAA,OAAA;EACzFC,CAAAA,CAAAA,ECiOP,ODjOOA,CAAAA,IAAAA,CAAAA;AAOb,CAAA;AAC2B,KC4OhB,UAAA,GAAa,UD5OG,CAAA,OC4Oe,gBD5Of,CAAA;;;;;;;AFtB5B;AAOA;;AACwB,UItBP,cAAA,CJsBO;eAAf,EAAA,MAAA;EAAM;EAGE,UAAA,CAAA,EAAA,MAAc;EAiBd;EA4BK,SAAA,EAAA,CAAA,KAAY,EAAA,MAAA,EAAA,EAAA,GAAA,IAAA,GIjEO,OJiEP,CAAA,IAAA,CAAA;;;;;AAqBlC;;AAEY,iBIhFU,YAAA,CJgFV,OAAA,EI/ED,cJ+EC,CAAA,EI9ET,OJ8ES,CAAA,GAAA,GI9EK,OJ8EL,CAAA,IAAA,CAAA,CAAA;;;;AAvBsB,UK1DjB,YAAA,CL0DiB;MAEvB,EAAA,MAAA;SAAR,EAAA,OAAA;EAAO,IAAA,CAAA,EAAA,MAAA;EAmBY,IAAA,CAAA,EAAA,MAAA;EAAa,KAAA,CAAA,EAAA,MAAA;;;;AAanC;AAAyC,iBKAnB,WAAA,CLAmB,aAAA,EAAA,MAAA,EAAA,aAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EKG/B,cLH+B,EAAA,OAI/B,CAJ+B,EAAA;aAGhC,CAAA,EAAA,MAAA;OACN,CAAA,EAAA,OAAA;CAAO,CAAA,EKCP,OLDO,CKCC,YLDD,EAAA,CAAA;AASV;;;AA/CsB,UM5DL,cAAA,CN4DiB;EAAA,IAAA,EAAA,MAAA;SAEvB,EAAA,OAAA;MAAR,CAAA,EAAA,MAAA;EAAO,KAAA,CAAA,EAAA,MAAA;AAmBV;AAAmC,iBM5Bb,aAAA,CN4Ba,aAAA,EAAA,MAAA,EAAA,aAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EMzBzB,cNyByB,EAAA,cAAA,CAAA,EMxBhB,cNwBgB,EAAA,OAGzB,CAHyB,EAAA;aAEvB,CAAA,EAAA,MAAA;OACT,CAAA,EAAA,OAAA;CAAO,CAAA,EMzBP,ONyBO,CMzBC,cNyBD,EAAA,CAAA;AAUV;;;;;;AA1FA;AAOiB,UOxBA,YAAA,CPwBa;EAAA,UAAA,CAAA,EAAA,MAAA;aACN,CAAA,EAAA,MAAA;;;AAGxB;AAiBA;AA4BA;;AAEW,iBOjEW,SPiEX,CAAA,CAAA,CAAA,CAAA,EAAA,EAAA,GAAA,GOhEC,OPgED,COhES,CPgET,CAAA,EAAA,OAAA,CAAA,EO/DA,YP+DA,CAAA,EO9DR,OP8DQ,CO9DA,CP8DA,CAAA;;;;AAFuB,UQnDjB,WAAA,CRmDiB;WAEvB,EAAA,MAAA,GAAA,SAAA,GAAA,KAAA;SAAR,EAAA,MAAA;EAAO,IAAA,EAAA,MAAA;AAmBV;AAAmC,UQlElB,gBAAA,CRkEkB;eAEvB,EAAA,MAAA;QACT,EQnEO,cRmEP;;AAUH,UQ1EU,YAAA,CR0EY;EAAmB,IAAA,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;MAGhC,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;OACN,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;EAAO,KAAA,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;AASV;AAgBsB,UQhGL,gBAAA,CRgGwC;EAgBzC,UAAA,CAAA,MAAa,EQ/GR,WR+GQ,EAAA,CAAA,EQ/GQ,OR+GR,CAAA,IAAA,CAAA;EAAA,YAAA,CAAA,MAAA,EQ9GN,WR8GM,EAAA,CAAA,EQ9GU,OR8GV,CAAA,IAAA,CAAA;oBACpB,CAAA,QAAA,EAAA,MAAA,EAAA,SAAA,EAAA,SAAA,GAAA,SAAA,CAAA,EQ9GiE,OR8GjE,CAAA,IAAA,CAAA;UACC,EAAA,EQ9GI,OR8GJ,CAAA,IAAA,CAAA;WACP,EAAA,EQ9GY,WR8GZ,EAAA;;iBQ3Ga,sBAAA,SACN,uBACH,eACJ"}
|
package/dist/index.d.ts
CHANGED
|
@@ -232,19 +232,84 @@ interface EncryptedEnvelopeV1 {
|
|
|
232
232
|
authTag: string;
|
|
233
233
|
dataKeyCiphertext: string;
|
|
234
234
|
}
|
|
235
|
-
/**
|
|
235
|
+
/**
|
|
236
|
+
* Display/validation hint for a field's value. `"json"` signals that the
|
|
237
|
+
* string is a JSON-stringified payload that consumers should `JSON.parse`.
|
|
238
|
+
*/
|
|
239
|
+
declare const FIELD_FORMATS: readonly ["text", "email", "url", "phone", "date", "number", "json"];
|
|
240
|
+
type FieldFormat = (typeof FIELD_FORMATS)[number];
|
|
241
|
+
/**
|
|
242
|
+
* Whether a field is stored in plaintext (visible to anyone with read access)
|
|
243
|
+
* or encrypted (requires KMS + the right encryption context to read).
|
|
244
|
+
*/
|
|
245
|
+
declare const FIELD_SENSITIVITIES: readonly ["plaintext", "encrypted"];
|
|
246
|
+
type FieldSensitivity = (typeof FIELD_SENSITIVITIES)[number];
|
|
247
|
+
/**
|
|
248
|
+
* A field on a secret. `value` is always a string at the wire; for encrypted
|
|
249
|
+
* fields it's the plaintext at the API edge (the service encrypts before
|
|
250
|
+
* persistence). Reads from the dashboard omit `value` for encrypted fields;
|
|
251
|
+
* agents get a `FieldEnvelope` instead and decrypt locally.
|
|
252
|
+
*/
|
|
253
|
+
|
|
254
|
+
/**
|
|
255
|
+
* Secret category — drives icon/template/filter behaviour. Defaults to
|
|
256
|
+
* `"other"` for migrated rows.
|
|
257
|
+
*/
|
|
258
|
+
declare const SECRET_CATEGORIES: readonly ["login", "api_key", "database", "ssh_key", "certificate", "secure_note", "credit_card", "identity", "wifi", "other"];
|
|
259
|
+
type SecretCategory = (typeof SECRET_CATEGORIES)[number];
|
|
260
|
+
/**
|
|
261
|
+
* One field as exposed to readers. Encrypted fields have no `value` on the
|
|
262
|
+
* dashboard read path; the agent-side aggregate carries `envelope` instead.
|
|
263
|
+
*/
|
|
264
|
+
interface FieldView {
|
|
265
|
+
key: string;
|
|
266
|
+
format?: FieldFormat;
|
|
267
|
+
sensitivity: FieldSensitivity;
|
|
268
|
+
/** Present for `sensitivity: "plaintext"` only. */
|
|
269
|
+
value?: string;
|
|
270
|
+
/** Present for `sensitivity: "encrypted"` on agent-side reads only. */
|
|
271
|
+
envelope?: EncryptedEnvelopeV1;
|
|
272
|
+
/** Plaintext fields that opt into `format: "json"` are pre-parsed for callers. */
|
|
273
|
+
parsedValue?: unknown;
|
|
274
|
+
rotatedAt?: string;
|
|
275
|
+
createdAt: string;
|
|
276
|
+
updatedAt: string;
|
|
277
|
+
}
|
|
278
|
+
/** A secret as assembled from its multi-row aggregate. */
|
|
279
|
+
interface SecretAggregate {
|
|
280
|
+
secretId: string;
|
|
281
|
+
secretName: string;
|
|
282
|
+
description?: string;
|
|
283
|
+
tags: string[];
|
|
284
|
+
category: SecretCategory;
|
|
285
|
+
fields: FieldView[];
|
|
286
|
+
changelogVersion: number;
|
|
287
|
+
createdAt: string;
|
|
288
|
+
updatedAt: string;
|
|
289
|
+
}
|
|
290
|
+
/** Metadata-only projection — used by list endpoints. */
|
|
236
291
|
interface SecretMetadata {
|
|
237
292
|
secretId: string;
|
|
238
293
|
secretName: string;
|
|
239
294
|
description?: string;
|
|
240
|
-
tags
|
|
295
|
+
tags: string[];
|
|
296
|
+
category: SecretCategory;
|
|
297
|
+
fieldKeys: string[];
|
|
298
|
+
changelogVersion: number;
|
|
241
299
|
createdAt: string;
|
|
242
300
|
updatedAt: string;
|
|
243
|
-
rotatedAt?: string;
|
|
244
301
|
}
|
|
245
|
-
/**
|
|
246
|
-
|
|
302
|
+
/**
|
|
303
|
+
* Per-field encrypted envelope returned to agents on the agent-side aggregate.
|
|
304
|
+
* Agents decrypt locally using a data key fetched from `/decrypt-data-key`.
|
|
305
|
+
*/
|
|
306
|
+
interface FieldEnvelope {
|
|
307
|
+
key: string;
|
|
308
|
+
format?: FieldFormat;
|
|
247
309
|
envelope: EncryptedEnvelopeV1;
|
|
310
|
+
rotatedAt?: string;
|
|
311
|
+
createdAt: string;
|
|
312
|
+
updatedAt: string;
|
|
248
313
|
}
|
|
249
314
|
/** A scope the caller can read or write secrets in. */
|
|
250
315
|
interface ScopeInfo {
|
|
@@ -262,6 +327,30 @@ interface GeneratedDataKey {
|
|
|
262
327
|
plaintextKey: string;
|
|
263
328
|
dataKeyCiphertext: string;
|
|
264
329
|
}
|
|
330
|
+
/**
|
|
331
|
+
* Action types recorded in the secret changelog. Append-only.
|
|
332
|
+
*/
|
|
333
|
+
declare const CHANGELOG_ACTIONS: readonly ["created", "deleted", "metadata_updated", "field_added", "field_rotated", "field_removed", "tag_added", "tag_removed"];
|
|
334
|
+
type ChangelogAction = (typeof CHANGELOG_ACTIONS)[number];
|
|
335
|
+
/** Who triggered a changelog entry. */
|
|
336
|
+
interface ChangelogActor {
|
|
337
|
+
kind: "user" | "agent" | "system";
|
|
338
|
+
id: string;
|
|
339
|
+
}
|
|
340
|
+
/**
|
|
341
|
+
* One audit row from the secret's changelog. Metadata only — never carries
|
|
342
|
+
* field VALUES (old or new). Rolling back a rotated secret is intentionally
|
|
343
|
+
* not supported.
|
|
344
|
+
*/
|
|
345
|
+
interface ChangelogEntry {
|
|
346
|
+
changelogVersion: number;
|
|
347
|
+
action: ChangelogAction;
|
|
348
|
+
fieldKey?: string;
|
|
349
|
+
fieldSensitivity?: FieldSensitivity;
|
|
350
|
+
changedBy: ChangelogActor;
|
|
351
|
+
reason?: string;
|
|
352
|
+
timestamp: string;
|
|
353
|
+
}
|
|
265
354
|
//# sourceMappingURL=secrets.d.ts.map
|
|
266
355
|
//#endregion
|
|
267
356
|
//#region src/index.d.ts
|
|
@@ -559,52 +648,135 @@ declare class AgentApiClient {
|
|
|
559
648
|
recorded: boolean;
|
|
560
649
|
}>;
|
|
561
650
|
/**
|
|
562
|
-
* Mint a fresh AES-256 data key for a
|
|
563
|
-
* context is rebuilt server-side from `auth.tenantId` + the body
|
|
564
|
-
* agent cannot forge context for a scope
|
|
651
|
+
* Mint a fresh AES-256 data key for a specific (secret, field) pair. The
|
|
652
|
+
* encryption context is rebuilt server-side from `auth.tenantId` + the body
|
|
653
|
+
* fields including `fieldKey`; the agent cannot forge context for a scope
|
|
654
|
+
* or field it doesn't own. Legacy single-envelope secrets are migrated to
|
|
655
|
+
* `field#value` rows by the data migration, so call with `fieldKey: "value"`
|
|
656
|
+
* to reach them.
|
|
565
657
|
*/
|
|
566
658
|
generateSecretDataKey(args: {
|
|
567
659
|
scope: SecretScope;
|
|
568
660
|
scopeId: string;
|
|
569
661
|
secretId: string;
|
|
662
|
+
fieldKey: string;
|
|
570
663
|
}): Promise<GeneratedDataKey>;
|
|
571
664
|
/**
|
|
572
665
|
* Unwrap a wrapped data key so the agent can decrypt the envelope locally.
|
|
573
|
-
*
|
|
574
|
-
*
|
|
666
|
+
* `fieldKey` MUST match the value supplied when the data key was generated
|
|
667
|
+
* (it's bound into KMS encryption context); mismatch fails with
|
|
668
|
+
* `InvalidCiphertextException`.
|
|
575
669
|
*/
|
|
576
670
|
decryptSecretDataKey(args: {
|
|
577
671
|
scope: SecretScope;
|
|
578
672
|
scopeId: string;
|
|
579
673
|
secretId: string;
|
|
674
|
+
fieldKey: string;
|
|
580
675
|
dataKeyCiphertext: string;
|
|
581
676
|
}): Promise<{
|
|
582
677
|
plaintextKey: string;
|
|
583
678
|
}>;
|
|
584
|
-
/**
|
|
585
|
-
|
|
679
|
+
/**
|
|
680
|
+
* Create a new secret with one or more fields. Encrypted fields must arrive
|
|
681
|
+
* pre-sealed (the agent has already obtained per-field data keys via
|
|
682
|
+
* `generateSecretDataKey({ ..., fieldKey })` and AES-encrypted locally).
|
|
683
|
+
* Plaintext fields ship the value inline.
|
|
684
|
+
*/
|
|
685
|
+
createSecret(args: {
|
|
586
686
|
scope: SecretScope;
|
|
587
687
|
scopeId: string;
|
|
588
688
|
secretId: string;
|
|
589
689
|
secretName: string;
|
|
590
|
-
|
|
690
|
+
category?: SecretCategory;
|
|
591
691
|
description?: string;
|
|
592
692
|
tags?: string[];
|
|
693
|
+
fields: {
|
|
694
|
+
key: string;
|
|
695
|
+
format?: FieldFormat;
|
|
696
|
+
sensitivity: FieldSensitivity;
|
|
697
|
+
value?: string;
|
|
698
|
+
envelope?: EncryptedEnvelopeV1;
|
|
699
|
+
}[];
|
|
700
|
+
reason?: string;
|
|
701
|
+
}): Promise<SecretAggregate>;
|
|
702
|
+
/** Fetch the secret aggregate plus per-field encrypted envelopes. */
|
|
703
|
+
getSecret(args: {
|
|
704
|
+
scope: SecretScope;
|
|
705
|
+
scopeId: string;
|
|
706
|
+
secretId: string;
|
|
593
707
|
}): Promise<{
|
|
708
|
+
aggregate: SecretAggregate;
|
|
709
|
+
envelopes: FieldEnvelope[];
|
|
710
|
+
}>;
|
|
711
|
+
/** Fetch one field. Plaintext: value inline. Encrypted: envelope. */
|
|
712
|
+
getSecretField(args: {
|
|
713
|
+
scope: SecretScope;
|
|
714
|
+
scopeId: string;
|
|
594
715
|
secretId: string;
|
|
716
|
+
fieldKey: string;
|
|
717
|
+
}): Promise<{
|
|
718
|
+
key: string;
|
|
719
|
+
sensitivity: FieldSensitivity;
|
|
720
|
+
format?: FieldFormat;
|
|
721
|
+
value?: string;
|
|
722
|
+
envelope?: EncryptedEnvelopeV1;
|
|
723
|
+
rotatedAt?: string;
|
|
724
|
+
createdAt: string;
|
|
725
|
+
updatedAt: string;
|
|
595
726
|
}>;
|
|
596
|
-
/**
|
|
597
|
-
|
|
727
|
+
/** Add OR rotate one field. */
|
|
728
|
+
setSecretField(args: {
|
|
598
729
|
scope: SecretScope;
|
|
599
730
|
scopeId: string;
|
|
600
731
|
secretId: string;
|
|
601
|
-
|
|
602
|
-
|
|
732
|
+
fieldKey: string;
|
|
733
|
+
sensitivity: FieldSensitivity;
|
|
734
|
+
format?: FieldFormat;
|
|
735
|
+
value?: string;
|
|
736
|
+
envelope?: EncryptedEnvelopeV1;
|
|
737
|
+
reason?: string;
|
|
738
|
+
}): Promise<{
|
|
739
|
+
fieldKey: string;
|
|
740
|
+
rotated: boolean;
|
|
741
|
+
}>;
|
|
742
|
+
/** Remove one field. */
|
|
743
|
+
removeSecretField(args: {
|
|
744
|
+
scope: SecretScope;
|
|
745
|
+
scopeId: string;
|
|
746
|
+
secretId: string;
|
|
747
|
+
fieldKey: string;
|
|
748
|
+
}): Promise<void>;
|
|
749
|
+
/** Update secret-level metadata (name/description/tags/category). */
|
|
750
|
+
updateSecretMetadata(args: {
|
|
751
|
+
scope: SecretScope;
|
|
752
|
+
scopeId: string;
|
|
753
|
+
secretId: string;
|
|
754
|
+
secretName?: string;
|
|
755
|
+
description?: string;
|
|
756
|
+
tags?: string[];
|
|
757
|
+
category?: SecretCategory;
|
|
758
|
+
reason?: string;
|
|
759
|
+
}): Promise<SecretAggregate>;
|
|
760
|
+
/** List metadata for secrets in a scope. Optional filters route through the byFacet GSI. */
|
|
603
761
|
listSecrets(args: {
|
|
604
762
|
scope: SecretScope;
|
|
605
763
|
scopeId: string;
|
|
764
|
+
category?: SecretCategory;
|
|
765
|
+
tag?: string;
|
|
766
|
+
fieldKey?: string;
|
|
606
767
|
}): Promise<SecretMetadata[]>;
|
|
607
|
-
/**
|
|
768
|
+
/** Bounded changelog read — metadata-only audit entries. */
|
|
769
|
+
getSecretHistory(args: {
|
|
770
|
+
scope: SecretScope;
|
|
771
|
+
scopeId: string;
|
|
772
|
+
secretId: string;
|
|
773
|
+
limit?: number;
|
|
774
|
+
cursor?: string;
|
|
775
|
+
}): Promise<{
|
|
776
|
+
entries: ChangelogEntry[];
|
|
777
|
+
nextCursor?: string;
|
|
778
|
+
}>;
|
|
779
|
+
/** Delete a secret (and all its field rows + tag rows + changelog rows). */
|
|
608
780
|
deleteSecret(args: {
|
|
609
781
|
scope: SecretScope;
|
|
610
782
|
scopeId: string;
|
|
@@ -620,9 +792,14 @@ declare class AgentApiClient {
|
|
|
620
792
|
}): Promise<{
|
|
621
793
|
identityId: string | null;
|
|
622
794
|
status: string;
|
|
623
|
-
accessAllowed: boolean;
|
|
624
795
|
created?: boolean;
|
|
625
796
|
reason?: string;
|
|
797
|
+
/**
|
|
798
|
+
* Flattened auriclabs permission strings for the resolved identity
|
|
799
|
+
* (scope-prefixed where applicable). Empty array on miss / org service
|
|
800
|
+
* outage — the runtime gate fails closed in that case.
|
|
801
|
+
*/
|
|
802
|
+
permissions: string[];
|
|
626
803
|
}>;
|
|
627
804
|
searchIdentities(args?: {
|
|
628
805
|
q?: string;
|
|
@@ -755,7 +932,6 @@ declare class AgentApiClient {
|
|
|
755
932
|
}): Promise<{
|
|
756
933
|
identityId: string | null;
|
|
757
934
|
status: string;
|
|
758
|
-
accessAllowed: boolean;
|
|
759
935
|
}>;
|
|
760
936
|
memorySearch(query: string, opts?: {
|
|
761
937
|
limit?: number;
|
|
@@ -835,6 +1011,29 @@ declare class AgentApiClient {
|
|
|
835
1011
|
storageEstimateBytes: number;
|
|
836
1012
|
lastIngestionAt?: string;
|
|
837
1013
|
}>;
|
|
1014
|
+
memoryLearn(args: {
|
|
1015
|
+
text: string;
|
|
1016
|
+
source?: string;
|
|
1017
|
+
sourceType?: "file" | "url" | "inline";
|
|
1018
|
+
metadata?: {
|
|
1019
|
+
sessionId?: string;
|
|
1020
|
+
channelId?: string;
|
|
1021
|
+
userName?: string;
|
|
1022
|
+
};
|
|
1023
|
+
}): Promise<{
|
|
1024
|
+
memoriesStored: number;
|
|
1025
|
+
triplesStored: number;
|
|
1026
|
+
chunks: number;
|
|
1027
|
+
source?: string;
|
|
1028
|
+
}>;
|
|
1029
|
+
memoryBootstrapStatus(): Promise<{
|
|
1030
|
+
synced: boolean;
|
|
1031
|
+
syncedAt?: string;
|
|
1032
|
+
}>;
|
|
1033
|
+
memoryBootstrapStatusMark(): Promise<{
|
|
1034
|
+
synced: true;
|
|
1035
|
+
syncedAt: string;
|
|
1036
|
+
}>;
|
|
838
1037
|
searchWeb(params: {
|
|
839
1038
|
query: string;
|
|
840
1039
|
count?: number;
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","names":["ResourceScope","IntegrationVisibility","IntegrationScope","IntegrationDesiredStatus","IntegrationActualStatus","IntegrationInstall","Record","IntegrationConfigSchemaField","IntegrationConfigResult","RegistryEntry","SecretScope","EncryptedEnvelopeV1","SecretMetadata","SecretEnvelopeResponse","ScopeInfo","GeneratedDataKey","AgentApiClientConfig","SyncAgentInfo","SyncManifestEntry","SyncManifest","SyncPresignedUrl","SyncConfirmedUpload","SyncReconstructFile","SyncReconstructBundle","SyncAgentStats","SyncFileEntry","SyncSessionEntry","SyncSessionContent","SharedFileEntry","AgentApiClient","Promise"],"sources":["../src/manifest.ts","../src/ignore.ts","../../agent-api-client/dist/index.d.ts","../src/sync-engine.ts","../src/watcher.ts","../src/uploader.ts","../src/downloader.ts","../src/retry.ts","../src/shared-sync.ts"],"sourcesContent":["//#region ../../packages-internal/types/dist/access.d.ts\n\n/**\n * The four resource scopes at which a permission can apply.\n * Order is meaningful: broader scopes first (`org`) → narrower last (`agent`).\n *\n * `IntegrationScope` in integration.ts and `SecretScope` in secrets.ts are\n * intentional aliases of this same enum — there is only one concept of\n * \"scope\" in Alfe.\n */\ndeclare const ResourceScope: {\n readonly Org: \"org\";\n readonly Team: \"team\";\n readonly Project: \"project\";\n readonly Agent: \"agent\";\n};\ntype ResourceScope = (typeof ResourceScope)[keyof typeof ResourceScope];\n/** Ordered tuple of resource scope string values (broad → narrow). */\n//#endregion\n//#region ../../packages-internal/types/dist/integration.d.ts\n/** Controls where an integration appears: public (everyone), hidden (nowhere) */\ndeclare const IntegrationVisibility: {\n readonly Public: \"public\";\n readonly Hidden: \"hidden\";\n};\ntype IntegrationVisibility = (typeof IntegrationVisibility)[keyof typeof IntegrationVisibility];\n/** Scope at which an integration is installed */\ndeclare const IntegrationScope: {\n readonly Org: \"org\";\n readonly Team: \"team\";\n readonly Project: \"project\";\n readonly Agent: \"agent\";\n};\ntype IntegrationScope = ResourceScope;\ndeclare const IntegrationDesiredStatus: {\n readonly Active: \"active\";\n readonly Removed: \"removed\";\n};\ntype IntegrationDesiredStatus = (typeof IntegrationDesiredStatus)[keyof typeof IntegrationDesiredStatus];\ndeclare const IntegrationActualStatus: {\n readonly Installing: \"installing\";\n readonly Active: \"active\";\n readonly Error: \"error\";\n readonly Removing: \"removing\";\n readonly Inactive: \"inactive\";\n readonly Unknown: \"unknown\";\n};\ntype IntegrationActualStatus = (typeof IntegrationActualStatus)[keyof typeof IntegrationActualStatus];\ninterface IntegrationInstall {\n scope: IntegrationScope;\n scopeId: string;\n integrationId: string;\n tenantId: string;\n desiredStatus: IntegrationDesiredStatus;\n actualStatus: IntegrationActualStatus;\n version: string;\n config: Record<string, unknown>;\n errorMessage: string;\n installedAt: string;\n updatedAt: string;\n}\n/** @deprecated Use IntegrationInstall instead */\n\ninterface IntegrationConfigSchemaField {\n key: string;\n label: string;\n type: string;\n description?: string;\n required?: boolean;\n default?: string | number | boolean;\n options?: string[];\n select_options?: {\n value: string;\n label: string;\n }[];\n oauth_provider?: string;\n oauth_scopes?: string[];\n oauth_integration_id?: string;\n editable?: string;\n hidden?: boolean;\n}\ninterface IntegrationConfigResult {\n integrationId: string;\n config: Record<string, unknown>;\n configSchema: IntegrationConfigSchemaField[];\n}\ninterface RegistryEntry {\n id: string;\n name: string;\n description: string;\n versions: string[];\n latest: string;\n repository: string;\n commit: string;\n icon?: string;\n author?: {\n name: string;\n url?: string;\n } | string;\n pricing?: {\n type: \"free\" | \"paid\" | \"usage\";\n price?: number;\n currency?: string;\n interval?: \"month\" | \"year\";\n description?: string;\n };\n features?: string[];\n preview_images?: string[];\n config_schema?: IntegrationConfigSchemaField[];\n supported_agents?: string[];\n /** Scopes where this integration can be installed */\n supported_scopes?: IntegrationScope[];\n /** Visibility status — controls where integration appears */\n visibility?: IntegrationVisibility;\n}\n//# sourceMappingURL=integration.d.ts.map\n//#endregion\n//#region ../../packages-internal/types/dist/secrets.d.ts\n/** Scope levels at which a secret can be owned. Aliased to ResourceScope. */\ntype SecretScope = ResourceScope;\n/**\n * v1 encrypted envelope as persisted by services/secrets and exchanged with\n * agents. Values are AES-256-GCM ciphertext; iv/authTag/ciphertext/dataKeyCiphertext\n * are all base64-encoded.\n */\ninterface EncryptedEnvelopeV1 {\n version: 1;\n iv: string;\n ciphertext: string;\n authTag: string;\n dataKeyCiphertext: string;\n}\n/** Opaque metadata about a secret row — never includes plaintext. */\ninterface SecretMetadata {\n secretId: string;\n secretName: string;\n description?: string;\n tags?: string[];\n createdAt: string;\n updatedAt: string;\n rotatedAt?: string;\n}\n/** A single secret row including its encrypted envelope. */\ninterface SecretEnvelopeResponse extends SecretMetadata {\n envelope: EncryptedEnvelopeV1;\n}\n/** A scope the caller can read or write secrets in. */\ninterface ScopeInfo {\n scope: SecretScope;\n scopeId: string;\n name?: string;\n}\n/**\n * KMS-issued data key, returned by the secrets service's\n * `/secrets/generate-data-key` KMS proxy endpoint. The plaintext key is\n * returned base64-encoded; callers MUST decode it to a Buffer and zero the\n * Buffer after use — never keep the plaintext as a JS string.\n */\ninterface GeneratedDataKey {\n plaintextKey: string;\n dataKeyCiphertext: string;\n}\n//# sourceMappingURL=secrets.d.ts.map\n//#endregion\n//#region src/index.d.ts\ninterface AgentApiClientConfig {\n apiKey: string;\n apiUrl: string;\n}\ninterface SyncAgentInfo {\n agentId: string;\n tenantId: string;\n displayName: string;\n s3Prefix: string;\n status: \"stale\" | \"syncing\" | \"synced\";\n fileCount?: number;\n totalSize?: number;\n lastSync?: string;\n}\ninterface SyncManifestEntry {\n hash: string;\n size: number;\n modified: string;\n etag?: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncManifest {\n version: 1;\n agentId: string;\n lastSync: string;\n files: Record<string, SyncManifestEntry>;\n}\ninterface SyncPresignedUrl {\n path: string;\n url: string;\n expiresAt: string;\n}\ninterface SyncConfirmedUpload {\n filePath: string;\n hash: string;\n size: number;\n storageClass: \"STANDARD\" | \"GLACIER_IR\";\n syncedAt: string;\n}\ninterface SyncReconstructFile {\n path: string;\n size: number;\n url: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncReconstructBundle {\n agentId: string;\n mode: \"full\" | \"active\" | \"memory\";\n fileCount: number;\n totalSize: number;\n files: SyncReconstructFile[];\n expiresAt: string;\n}\ninterface SyncAgentStats {\n agentId: string;\n standardBytes: number;\n glacierBytes: number;\n fileCount: number;\n lastSyncAt: string | null;\n}\ninterface SyncFileEntry {\n filePath: string;\n size: number;\n modified: string;\n contentHash: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncSessionEntry {\n sessionId: string;\n size: number;\n lastModified: string;\n storageClass?: string;\n isArchived: boolean;\n}\ninterface SyncSessionContent {\n sessionId: string;\n content: string;\n compressed: boolean;\n}\ninterface SharedFileEntry {\n filePath: string;\n fileName: string;\n size: number;\n contentType?: string;\n}\ndeclare class AgentApiClient {\n private readonly apiKey;\n private readonly apiUrl;\n constructor(config: AgentApiClientConfig);\n private request;\n syncRegister(args?: {\n displayName?: string;\n }): Promise<{\n agent: SyncAgentInfo;\n }>;\n syncGetManifest(): Promise<SyncManifest>;\n syncPresign(args: {\n files: {\n path: string;\n operation: \"put\" | \"get\";\n contentType?: string;\n }[];\n }): Promise<{\n urls: SyncPresignedUrl[];\n }>;\n syncConfirmUpload(args: {\n filePath: string;\n hash: string;\n size: number;\n storageClass?: \"STANDARD\" | \"GLACIER_IR\";\n }): Promise<SyncConfirmedUpload>;\n syncReconstruct(args: {\n mode: \"full\" | \"active\" | \"memory\";\n }): Promise<SyncReconstructBundle>;\n syncGetStats(): Promise<SyncAgentStats>;\n syncListFiles(args?: {\n prefix?: string;\n }): Promise<{\n files: SyncFileEntry[];\n }>;\n syncListSessions(): Promise<{\n sessions: SyncSessionEntry[];\n }>;\n syncGetSession(sessionId: string): Promise<SyncSessionContent>;\n syncDeleteFile(filePath: string): Promise<{\n removed: boolean;\n }>;\n sharedListFiles(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n }): Promise<{\n files: SharedFileEntry[];\n nextCursor: string | null;\n }>;\n sharedDownloadUrl(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n filePath: string;\n }): Promise<{\n downloadUrl: string;\n expiresIn: number;\n }>;\n listIntegrations(): Promise<IntegrationInstall[]>;\n getIntegrationConfig(integrationId: string): Promise<IntegrationConfigResult>;\n updateIntegrationConfig(integrationId: string, config: Record<string, unknown>): Promise<void>;\n installIntegration(integrationId: string, options?: {\n version?: string;\n config?: Record<string, unknown>;\n }): Promise<IntegrationInstall>;\n removeIntegration(integrationId: string): Promise<IntegrationInstall>;\n getOAuthUrl(provider: string, scopes?: string[]): Promise<{\n url: string;\n provider: string;\n expiresIn: number;\n }>;\n getOAuthStatus(provider: string): Promise<{\n provider: string;\n connected: boolean;\n config?: Record<string, string>;\n }>;\n getRegistry(): Promise<{\n integrations: RegistryEntry[];\n }>;\n getGoogleCredentials(): Promise<{\n accounts?: {\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n enabledServices?: string[];\n isDefault: boolean;\n displayName?: string;\n }[];\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n projectId: string;\n enabledServices?: string[];\n }>;\n disconnectGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n isDefault: boolean;\n }[];\n }>;\n setDefaultGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n isDefault: boolean;\n }[];\n }>;\n getGoogleChatCredentials(): Promise<{\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n displayName?: string;\n }>;\n getGithubCredentials(): Promise<{\n login: string;\n accessToken: string;\n }>;\n getXeroCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n xeroTenantId: string;\n }>;\n refreshXeroToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getNotionCredentials(): Promise<{\n accessToken: string;\n workspaceId: string;\n workspaceName: string;\n }>;\n getAtlassianCredentials(): Promise<{\n accessToken: string;\n refreshToken: string;\n accessTokenExpiresAt: string;\n cloudId: string;\n siteName: string;\n siteUrl: string;\n email: string;\n enabledProducts: string[];\n clientId: string;\n clientSecret: string;\n }>;\n refreshAtlassianToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getMYOBCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n myobBusinessId: string;\n clientId: string;\n }>;\n refreshMYOBToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getTeamsCredentials(): Promise<{\n agentId: string;\n tenantId: string;\n azureAppId: string;\n azureBotId: string;\n azureClientSecret: string;\n botDisplayName?: string;\n teamsTenantId?: string;\n serviceUrl?: string;\n }>;\n sendTeamsMessage(data: {\n conversationId: string;\n text?: string;\n adaptiveCard?: Record<string, unknown>;\n }): Promise<{\n ok: boolean;\n activityId: string;\n }>;\n listTeamsChannels(): Promise<{\n channels: {\n id: string;\n name: string;\n description?: string;\n }[];\n }>;\n presignAttachments(files: {\n filename: string;\n mimeType: string;\n size: number;\n }[]): Promise<{\n attachments: {\n id: string;\n uploadUrl: string;\n downloadUrl: string;\n s3Key: string;\n expiresAt: string;\n }[];\n }>;\n recordActivity(data: {\n userId?: string;\n channel: string;\n role: \"user\" | \"assistant\";\n }): Promise<{\n recorded: boolean;\n }>;\n /**\n * Mint a fresh AES-256 data key for a new secret or rotation. The encryption\n * context is rebuilt server-side from `auth.tenantId` + the body fields; the\n * agent cannot forge context for a scope it doesn't own.\n */\n generateSecretDataKey(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<GeneratedDataKey>;\n /**\n * Unwrap a wrapped data key so the agent can decrypt the envelope locally.\n * KMS Decrypt will fail with `InvalidCiphertextException` if the envelope\n * was tampered with in a way that changes `{ tenantId, scope, scopeId, secretId }`.\n */\n decryptSecretDataKey(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n dataKeyCiphertext: string;\n }): Promise<{\n plaintextKey: string;\n }>;\n /** Upload a pre-encrypted envelope for a secret. */\n putSecretEnvelope(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n secretName: string;\n envelope: EncryptedEnvelopeV1;\n description?: string;\n tags?: string[];\n }): Promise<{\n secretId: string;\n }>;\n /** Fetch the encrypted envelope for a single secret. */\n getSecretEnvelope(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<SecretEnvelopeResponse>;\n /** List metadata (never envelopes) for secrets in a scope. */\n listSecrets(args: {\n scope: SecretScope;\n scopeId: string;\n }): Promise<SecretMetadata[]>;\n /** Delete a secret. */\n deleteSecret(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<void>;\n /** Enumerate scopes (org/team/project/agent) this agent can access. */\n listSecretScopes(): Promise<ScopeInfo[]>;\n resolveIdentity(args: {\n provider: string;\n platformId: string;\n kind?: \"user\" | \"agent\" | \"service\" | \"bot\" | \"workspace\";\n displayName?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n accessAllowed: boolean;\n created?: boolean;\n reason?: string;\n }>;\n searchIdentities(args?: {\n q?: string;\n status?: string;\n limit?: number;\n }): Promise<{\n identities: unknown[];\n }>;\n getIdentityContext(identityId: string): Promise<{\n context: unknown;\n }>;\n mergeIdentities(survivorId: string, args: {\n mergedId: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n unmergeIdentity(identityId: string, args: {\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n addIdentityNote(identityId: string, args: {\n content: string;\n category?: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n noteId: string | null;\n }>;\n tagIdentity(identityId: string, args: {\n tag: string;\n action: \"add\" | \"remove\";\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n }>;\n getIdentityChangelog(identityId: string, args?: {\n limit?: number;\n }): Promise<{\n entries: unknown[];\n }>;\n rollbackIdentity(identityId: string, args: {\n targetVersion: number;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n entry?: unknown;\n }>;\n requestIdentityVerification(args: {\n claimedIdentityId: string;\n requestingIdentityId: string;\n requestingProvider: string;\n requestingPlatformId: string;\n preferredChannel?: \"mobile\" | \"email\";\n /**\n * Phase 2: agent-supplied contact endpoint. When provided, the top-level\n * `preferredChannel` is ignored — the contact's channel wins.\n */\n contact?: {\n channel: \"email\" | \"mobile\";\n value: string;\n };\n }): Promise<{\n verificationId: string;\n channel: string;\n deliveredTo: string;\n expiresAt: string;\n availableChannels: {\n channel: string;\n deliveredTo: string;\n }[];\n } | {\n error: string;\n }>;\n confirmIdentityVerification(args: {\n claimedIdentityId: string;\n verificationId: string;\n phrase: string;\n }): Promise<{\n verified: boolean;\n identityId?: string;\n /** Phase 2: how the confirm resolved — Scenario A vs B. */\n action?: \"merged\" | \"contact_verified\";\n error?: string;\n }>;\n /**\n * Update display-shape fields on an Identity. Body excludes `email` /\n * `phone` / `title` / `company` / `metadata` per Section D4 — contacts go\n * via the verify flow, title/company live on OrgMembership, metadata is\n * not agent-writable.\n */\n updateIdentity(identityId: string, args: {\n name?: string;\n avatarUrl?: string;\n timezone?: string;\n locale?: string;\n }): Promise<{\n ok: boolean;\n }>;\n /**\n * Phase 2 (Section H): server-side verification of a Google Chat sender via\n * the agent's existing Google OAuth credentials. Returns the resolved\n * identity (created or matched via Scenario-B email enrichment).\n */\n resolveGoogleChatSender(args: {\n senderUserId: string;\n spaceId?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n accessAllowed: boolean;\n }>;\n memorySearch(query: string, opts?: {\n limit?: number;\n topic?: string;\n subtopic?: string;\n tag?: string;\n includeKnowledge?: boolean;\n }): Promise<{\n facts: {\n subject: string;\n predicate: string;\n object: string;\n since: string;\n confidence: number;\n }[];\n memories: {\n id: string;\n text: string;\n topic: string;\n subtopic: string;\n tag: string;\n importance: number;\n timestamp: number;\n score: number;\n }[];\n }>;\n memoryStore(text: string, opts?: {\n topic?: string;\n subtopic?: string;\n tag?: string;\n importance?: number;\n }): Promise<{\n memoryId: string;\n }>;\n memoryIngest(sessionKey: string, messages: {\n role: string;\n content: string;\n index: number;\n timestamp?: string;\n }[], metadata?: {\n channelId?: string;\n userId?: string;\n userName?: string;\n }): Promise<{\n queued: boolean;\n messageCount: number;\n }>;\n memoryLoadContext(tier?: number, topicHint?: string): Promise<{\n formatted: string;\n [key: string]: unknown;\n }>;\n memoryLookupEntity(subject: string): Promise<{\n subject: string;\n triples: {\n tripleId: string;\n predicate: string;\n object: string;\n validFrom: string;\n validTo?: string;\n confidence: number;\n }[];\n }>;\n memoryNavigate(): Promise<{\n topics: {\n name: string;\n tripleCount: number;\n subtopics: string[];\n }[];\n cursor: string | null;\n }>;\n memoryDelete(memoryId: string): Promise<{\n deleted: boolean;\n }>;\n memoryStats(): Promise<{\n vectorCount: number;\n tripleCount: number;\n storageEstimateBytes: number;\n lastIngestionAt?: string;\n }>;\n searchWeb(params: {\n query: string;\n count?: number;\n offset?: number;\n country?: string;\n freshness?: string;\n }): Promise<unknown>;\n searchImages(params: {\n query: string;\n count?: number;\n }): Promise<unknown>;\n searchNews(params: {\n query: string;\n count?: number;\n freshness?: string;\n }): Promise<unknown>;\n registerDatabaseCredentials(): Promise<{\n connectionString: string;\n username: string;\n password: string;\n databases: string[];\n }>;\n reportDatabaseAudit(entry: {\n database: string;\n collection: string;\n operation: string;\n summary?: string;\n }): Promise<void>;\n}\n//# sourceMappingURL=index.d.ts.map\n//#endregion\nexport { AgentApiClient, AgentApiClientConfig, type EncryptedEnvelopeV1, type GeneratedDataKey, type IntegrationConfigResult, type IntegrationConfigSchemaField, type IntegrationInstall, type RegistryEntry, type ScopeInfo, type SecretEnvelopeResponse, type SecretMetadata, type SecretScope, SharedFileEntry, SyncAgentInfo, SyncAgentStats, SyncConfirmedUpload, SyncFileEntry, SyncManifest, SyncManifestEntry, SyncPresignedUrl, SyncReconstructBundle, SyncReconstructFile, SyncSessionContent, SyncSessionEntry };\n//# sourceMappingURL=index.d.ts.map"],"mappings":";;;;;;;AAyBA;AAOA;;;;;AAIA;AAiBA;AA4BsB,UAxDL,aAAA,CAwDiB;EAAA,IAAA,EAAA,MAAA;MAEvB,EAAA,MAAA;YAAR,EAAA,MAAA;EAAO,YAAA,EAAA,UAAA,GAAA,YAAA;AAmBV;AAAmC,UAtElB,aAAA,CAsEkB;OAEvB,EAvEH,MAuEG,CAAA,MAAA,EAvEY,aAuEZ,CAAA;;AACF,UArEO,cAAA,CAqEP;EAUY,OAAA,EAAA,CAAA;EAAmB,OAAA,EAAA,MAAA;UAGhC,EAAA,MAAA;OACN,EA/EM,MA+EN,CAAA,MAAA,EAAA;IAAO,IAAA,EAAA,MAAA;IASY,IAAA,EAAA,MAAA;IAgBA,QAAA,EAAA,MAAe;IAgBrB,IAAA,CAAA,EAAA,MAAa;IAAA,YAAA,CAAA,EAAA,MAAA;IACpB,UAAA,CAAA,EAAA,OAAA;;;AAEM,UA9GE,YAAA,CA8GF;;;;ECzIO,MAAA,EAAA,MAAA,EAAA;EA4BN;EAaA,SAAA,EAAA,MAAa,EAAA;;;;;ACpD5B;;;;;AACqE;AASjEC,iBFwDiB,YAAA,CExDI,aAAA,EAAA,MAAA,CAAA,EF0DvB,OE1DuB,CF0Df,aE1De,CAAA;;;;;AAEZC,iBF2EQ,aAAA,CEtErB,aAAA,EAAA,MAAA,EAAA,QAAA,EFwEW,aExEX,CAAA,EFyEE,OEzEF,CAAA,IAAA,CAAA;AAAA;AACoC;AAIpC;AAC4B,iBF6EP,mBAAA,CE7EO,aAAA,EAAA,MAAA,EAAA,YAAA,EAAA,MAAA,EAAA,KAAA,EFgFpB,aEhFoB,CAAA,EFiF1B,OEjF0B,CAAA,IAAA,CAAA;;;;AACfE,iBFyFQ,mBAAA,CElFrB,aAAA,EAAA,MAAA,EAAA,YAAA,EAAA,MAAA,CAAA,EFqFE,OErFF,CAAA,IAAA,CAAA;AAAA;;;;AACmG,iBFiG9E,eAAA,CEjG8E,QAAA,EAAA,MAAA,CAAA,EFiG3C,OEjG2C,CAAA,MAAA,CAAA;AAAA;;;;;AAS1FE,iBFwGM,aAAA,CExGNA,KAAAA,EFyGD,aEzGCA,EAAAA,MAAAA,EF0GA,cE1GAA,CAAAA,EF2GP,YE3GOA;;;;;;;AF/BV;AAOA;;;;AACe,iBCPO,kBAAA,CDOP,aAAA,EAAA,MAAA,CAAA,ECLZ,ODKY,CAAA,MAAA,EAAA,CAAA;AAGf;AAiBA;AA4BA;AAAkC,iBC3BlB,YAAA,CD2BkB,YAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,EAAA,CAAA,EAAA,OAAA;;;;AAqBZ,iBCnCN,aAAA,CDmCmB,KAAA,EAAA,MAAA,EAAA,EAAA,QAAA,EAAA,MAAA,EAAA,CAAA,EAAA,MAAA,EAAA;;;;;;;AA7EnC;AAOA;;;;;AAIA;AAiBA,cE3CcN,aF2Ce,EAAA;EA4B7B,SAAsB,GAAA,EAAA,KAAY;EAAA,SAAA,IAAA,EAAA,MAAA;WAEvB,OAAA,EAAA,SAAA;WAAR,KAAA,EAAA,OAAA;CAAO;AAmBV,KEtFKA,aAAAA,GFsF8B,CAAA,OEtFNA,aFsFM,CAAA,CAAA,MAAA,OEtFsBA,aFsFtB,CAAA;;;;;AAanC,cE9FcC,qBF8F2B,EAAA;EAAA,SAAA,MAAA,EAAA,QAAA;WAGhC,MAAA,EAAA,QAAA;;KE7FJA,qBAAAA,GF8FK,CAAA,OE9F2BA,qBF8F3B,CAAA,CAAA,MAAA,OE9F+DA,qBF8F/D,CAAA;AASV;AAgBA,cErHcC,gBFqHuB,EAAA;EAgBrC,SAAgB,GAAA,EAAA,KAAa;EAAA,SAAA,IAAA,EAAA,MAAA;WACpB,OAAA,EAAA,SAAA;WACC,KAAA,EAAA,OAAA;;KEjILA,gBAAAA,GAAmBF,aFkIT;cEjIDG;;;ADRd,CAAA;AA4BA,KChBKA,wBAAAA,GDgBuB,CAAA,OChBYA,wBDgBZ,CAAA,CAAA,MAAA,OChBmDA,wBDgBnD,CAAA;AAa5B,cC5BcC,uBD4Be,EAAA;;;;WCzDfJ,QAAAA,EAKb,UAAA;EAAA,SACIA,QAAAA,EAAa,UAAA;EAAA,SAAA,OAAA,EAAA,SAAA;;KA+BbI,uBAAAA,GA/BoDJ,CAAAA,OA+BlBI,uBA/BkBJ,CAAAA,CAAAA,MAAAA,OA+BoBI,uBA/BpBJ,CAAAA;UAgC/CK,kBAAAA,CAhC4D;EAAA,KAKxDJ,EA4BLC,gBA5BKD;EAGb,OACIA,EAAAA,MAAAA;EAAqB,aAAA,EAAA,MAAA;UAAWA,EAAAA,MAAAA;eAAoCA,EA4BxDE,wBA5BwDF;EAAqB,YAAA,EA6B9EG,uBA7B8E;EAAA,OAEhFF,EAAAA,MAAAA;EAKb,MACIA,EAuBKI,MAvBLJ,CAAAA,MAAgB,EAAA,OAAA,CAAA;EAAgB,YACvBC,EAAAA,MAAAA;EAGb,WACIA,EAAAA,MAAAA;EAAwB,SAAA,EAAA,MAAA;;;;AAA0E,UAyB7FI,4BAAAA,CAjBT;EAAA,GACIH,EAAAA,MAAAA;EAAuB,KAAA,EAAA,MAAA;QAAWA,MAAAA;aAAsCA,CAAAA,EAAAA,MAAAA;EAAuB,QAAA,CAAA,EAAA,OAAA;EAAA,OAC1FC,CAAAA,EAAAA,MAAAA,GAAAA,MAAkB,GAAA,OAAA;EAAA,OAAA,CAAA,EAAA,MAAA,EAAA;gBACnBH,CAAAA,EAAAA;SAIQC,EAAAA,MAAAA;SACDC,EAAAA,MAAAA;;EAEA,cAAA,CAAA,EAAA,MAAA;EAAA,YAONG,CAAAA,EAAAA,MAAAA,EAAAA;EAA4B,oBAkB5BC,CAAAA,EAAAA,MAAuB;EAAA,QAAA,CAAA,EAAA,MAAA;QAEvBF,CAAAA,EAAAA,OAAAA;;UAFAE,uBAAAA,CAGkC;EAAA,aAElCC,EAAAA,MAAa;EAAA,MAAA,EAHbH,MAGa,CAAA,MAAA,EAAA,OAAA,CAAA;cAsBLC,EAxBFA,4BAwBEA,EAAAA;;UAtBRE,aAAAA,CA2BKR;EAAqB,EAAA,EAAA,MAAA;EAAA,IAM/BS,EAAAA,MAAAA;EAA2B,WAMtBC,EAAAA,MAAAA;EAAmB,QAQnBC,EAAAA,MAAAA,EAAAA;EAAc,MAUdC,EAAAA,MAAAA;EAAsB,UAAA,EAAA,MAAA;QACpBF,EAAAA,MAAAA;OAD6BC,EAAAA,MAAAA;EAAc,MAAA,CAAA,EAAA;IAI7CE,IAAAA,EAAAA,MAAS;IAWTC,GAAAA,CAAAA,EAAAA,MAAAA;EAAgB,CAAA,GAOhBC,MAAAA;EAAoB,OAIpBC,CAAAA,EAAAA;IAUAC,IAAAA,EAAAA,MAAAA,GAAAA,MAAiB,GAAA,OAAA;IAQjBC,KAAAA,CAAAA,EAAAA,MAAAA;IAAY,QAAA,CAAA,EAAA,MAAA;YAIED,CAAAA,EAAAA,OAAAA,GAAAA,MAAAA;eAAfZ,CAAAA,EAAAA,MAAAA;EAAM,CAAA;EAAA,QAELc,CAAAA,EAAAA,MAAAA,EAAAA;EAAgB,cAKhBC,CAAAA,EAAAA,MAAAA,EAAmB;EAAA,aAOnBC,CAAAA,EAjGQf,4BAiGW,EAAA;EAAA,gBAOnBgB,CAAAA,EAAAA,MAAAA,EAAqB;EAKH;EAGJ,gBAOdE,CAAAA,EApHWvB,gBAoHE,EAAA;EAAA;EAQG,UAOhByB,CAAAA,EAjIK1B,qBAiIa;AAAA;AAKH;;;;KAhIpBS,WAAAA,GAAcV,aA6Ib8B;;;;;;UAvIInB,mBAAAA,CAyJJmB;SAGQP,EAAAA,CAAAA;YAARO;YACoBN,EAAAA,MAAAA;SAARM,EAAAA,MAAAA;mBAIPL,EAAAA,MAAAA;;;UAzJDb,cAAAA,CA2JYkB;UAGuBH,EAAAA,MAAAA;YAARG,EAAAA,MAAAA;aACDA,CAAAA,EAAAA,MAAAA;OAOzBF,EAAAA,MAAAA,EAAAA;WADLE,EAAAA,MAAAA;WAQAA,EAAAA,MAAAA;WAIwBzB,CAAAA,EAAAA,MAAAA;;;UAvKpBQ,sBAAAA,SAA+BD,cAwKMkB,CAAAA;UACUxB,EAxK7CK,mBAwK6CL;;;UArK/CQ,SAAAA,CAyKIT;OAARyB,EAxKGpB,WAwKHoB;SAC8CzB,EAAAA,MAAAA;OAARyB,EAAAA,MAAAA;;;;;;;;UA/JlCf,gBAAAA,CAqMgCe;cAOZA,EAAAA,MAAAA;mBAOJA,EAAAA,MAAAA;;;;;UA5MhBd,oBAAAA,CA0OiBc;QAIHA,EAAAA,MAAAA;QAMFA,EAAAA,MAAAA;;UAhPZb,aAAAA,CAiQSX;SACbwB,EAAAA,MAAAA;UAIiBA,EAAAA,MAAAA;aAWfA,EAAAA,MAAAA;UAaFA,EAAAA,MAAAA;QASKpB,EAAAA,OAAAA,GAAAA,SAAAA,GAAAA,QAAAA;WAGGK,CAAAA,EAAAA,MAAAA;WAARe,CAAAA,EAAAA,MAAAA;UAOKpB,CAAAA,EAAAA,MAAAA;;UAvSDQ,iBAAAA,CAgTCR;QAIGC,MAAAA;QAGRmB,MAAAA;UAKKpB,EAAAA,MAAAA;OAGGG,EAAAA,MAAAA;cAARiB,CAAAA,EAAAA,MAAAA;YAGKpB,CAAAA,EAAAA,OAAAA;;UA1TDS,YAAAA,CA4TJW;SAGKpB,EAAAA,CAAAA;SAGLoB,EAAAA,MAAAA;UAEwBhB,EAAAA,MAAAA;OAARgB,EAhUbxB,MAgUawB,CAAAA,MAAAA,EAhUEZ,iBAgUFY,CAAAA;;UA9TZV,gBAAAA,CA+UJU;QAGoCA,MAAAA;OAUpCA,MAAAA;WAUAA,EAAAA,MAAAA;;UAjWIT,mBAAAA,CAwXJS;UAKAA,EAAAA,MAAAA;QAUAA,MAAAA;QAkBAA,MAAAA;cAgBAA,EAAAA,UAAAA,GAAAA,YAAAA;UAkBAA,EAAAA,MAAAA;;UApbIR,mBAAAA,CA0cJQ;QAwBAA,MAAAA;QAYAA,MAAAA;OAIkDA,MAAAA;cAIjBA,CAAAA,EAAAA,MAAAA;YAWnBA,CAAAA,EAAAA,OAAAA;;UA1fVP,qBAAAA,CAqgBOO;SAYXA,EAAAA,MAAAA;QAIAA,MAAAA,GAAAA,QAAAA,GAAAA,QAAAA;WAKAA,EAAAA,MAAAA;WAC2BA,EAAAA,MAAAA;OAW3BA,EAjiBGR,mBAiiBHQ,EAAAA;EAAO,SAAA,EAAA,MAAA;;UA9hBHN,cAAAA;;EC9LV,aAAiB,EAAU,MAAA;EAO3B,YAAiB,EAAA,MAAA;EAWjB,SAAgB,EAAA,MAAA;EAAgB,UAAA,EAAA,MAAA,GAAA,IAAA;;UDmLtBC,aAAAA,CCnLwC;UAAU,EAAA,MAAA;;UAY7C,EAAA,MAAA;aAAR,EAAA,MAAA;cAgCoD,CAAA,EAAA,MAAA;YAAR,CAAA,EAAA,OAAA;;UD+IzCC,gBAAAA,CC1G6C;WA4FxC,EAAA,MAAA;QAAR,MAAA;cA2CA,EAAA,MAAA;EAAO,YAAA,CAAA,EAAA,MAAA;EAmBd,UAAY,EAAA,OAAU;;UDzCZC,kBAAAA,CCyCiC;WAAlB,EAAA,MAAA;EAAU,OAAA,EAAA,MAAA;;;UDpCzBC,eAAAA;EE5OV,QAAiB,EAAA,MAAA;EAajB,QAAsB,EAAA,MAAA;EAAY,IAAA,EAAA,MAAA;aACvB,CAAA,EAAA,MAAA;;cFoOGC,cAAAA,CEnOX;EAAO,iBAAA,MAAA;;sBFsOYb;;EGzOtB,YAAiB,CAAA,IA4FgB,CA5FJ,EAAA;IA4FP,WAAA,CAAA,EAAW,MAAA;EAAA,CAAA,CAAA,EHiJ3Bc,OGjJ2B,CAAA;SAGvB,EH+ICb,aG/ID;;iBAEP,CAAA,CAAA,EH+IkBa,OG/IlB,CH+I0BX,YG/I1B,CAAA;EAAO,WAAA,CAAA,IAAA,EAAA;;;;MCnGO,WAAA,CAAA,EAAA,MAAc;IAqDT,CAAA,EAAA;EAAa,CAAA,CAAA,EJoM7BW,OIpM6B,CAAA;QAGzB,EJkMAV,gBIlMA,EAAA;;mBAGC,CAAA,IAAA,EAAA;YAAR,EAAA,MAAA;IAAO,IAAA,EAAA,MAAA;;;MJsMJU,QAAQT;EK9Qd,eAAiB,CAAA,IAAY,EAAA;IAUP,IAAA,EAAA,MAAS,GAAA,QAAA,GAAA,QAAA;EAAA,CAAA,CAAA,ELuQzBS,OKvQyB,CLuQjBP,qBKvQiB,CAAA;cACX,CAAA,CAAA,ELuQFO,OKvQE,CLuQMN,cKvQN,CAAA;eAAR,CAAA,KAAA,EAAA;UACD,CAAA,EAAA,MAAA;MLyQLM,OKxQK,CAAA;SAAR,ELyQQL,aKzQR,EAAA;EAAO,CAAA,CAAA;sBL2QYK;cACRJ;;EMnQd,cAAiB,CAAA,SAAW,EAAA,MAAA,CAAA,ENqQSI,OMrQT,CNqQiBH,kBMrQjB,CAAA;EAM5B,cAAiB,CAAA,QAAgB,EAAA,MAEvB,CAAA,EN8P0BG,OM9P1B,CAAA;IAGA,OAAA,EAAA,OAAY;EAOtB,CAAA,CAAiB;EAAgB,eAAA,CAAA,IAAA,EAAA;SACZ,EAAA,KAAA,GAAA,MAAA,GAAA,SAAA;WAAgB,EAAA,MAAA;MNyP/BA,OMxPiB,CAAA;SAAgB,ENyP5BF,eMzP4B,EAAA;cACmC,EAAA,MAAA,GAAA,IAAA;;mBAE3D,CAAA,IAAA,EAAA;IAAW,KAAA,EAAA,KAAA,GAAA,MAAA,GAAA,SAAA;IAGV,OAAA,EAAA,MAAA;IAAsB,QAAA,EAAA,MAAA;MN0PhCE,OMzPI,CAAA;eACH,EAAA,MAAA;aACJ,EAAA,MAAA;EAAgB,CAAA,CAAA;sBN2PGA,QAAQzB;+CACiByB,QAAQtB;yDACEF,0BAA0BwB;;;aAGtExB;MACPwB,QAAQzB;4CAC8ByB,QAAQzB;oDACAyB;;;;;oCAKhBA;;;aAGvBxB;;iBAEIwB;kBACCrB;;0BAEQqB;;;;;;;;;;;;;;;;;0CAiBgBA;;;;;;;0CAOAA;;;;;;;8BAOZA;;;;;;;0BAOJA;;;;wBAIFA;;;;;sBAKFA;;;;0BAIIA;;;;;6BAKGA;;;;;;;;;;;;2BAYFA;;;;wBAIHA;;;;;;sBAMFA;;;;yBAIGA;;;;;;;;;;;;;mBAaNxB;MACbwB;;;;uBAIiBA;;;;;;;;;;;QAWfA;;;;;;;;;;;;;MAaFA;;;;;;;;;WASKpB;;;MAGLoB,QAAQf;;;;;;;WAOHL;;;;MAILoB;;;;;WAKKpB;;;;cAIGC;;;MAGRmB;;;;;WAKKpB;;;MAGLoB,QAAQjB;;;WAGHH;;MAELoB,QAAQlB;;;WAGHF;;;MAGLoB;;sBAEgBA,QAAQhB;;;;;;MAMxBgB;;;;;;;;;;;MAWAA;;;0CAGoCA;;;;;;;;;;MAUpCA;;;;;;;;;;MAUAA;;;;;;;;;;;;MAYAA;;;;;;;;;;;MAWAA;;;;;MAKAA;;;;;;;;;;MAUAA;;;;;;;;;;;;;;;;;;MAkBAA;;;;;;;;;;;;;;;;MAgBAA;;;;;;;;;;;;;;;;;;MAkBAA;;;;;;;;;;;MAWAA;;;;;;;;;;;MAWAA;;;;;;;;;;;;;;;;;;;;;;;;MAwBAA;;;;;;;;;;;;MAYAA;;;;wDAIkDA;;;;uCAIjBA;;;;;;;;;;;oBAWnBA;;;;;;;;kCAQcA;;;iBAGjBA;;;;;;;;;;;;MAYXA;;;;MAIAA;;;;;MAKAA;iCAC2BA;;;;;;;;;;;MAW3BA;;;;;;AFzqB4B,UGnDjB,UAAA,CHmDiB;QAEvB,EAAA,MAAA;QAAR,EAAA,MAAA;EAAO,SAAA,EAAA,MAAA;EAmBY,MAAA,EAAA,MAAA;;AAEV,UGnEK,iBAAA,CHmEL;eACT,EAAA,MAAA;EAAO,MAAA,EGlEA,cHkEA;AAUV;;;;;AAaA;AAgBA;AAgBgB,iBGhHA,gBAAA,CHgHa;EAAA,aAAA;EAAA;AAAA,CAAA,EGhH+B,iBHgH/B,CAAA,EAAA;EAAA,aAAA,EAAA,MAAA;QACpB,gBAAA;;;;;gCC3GO;;IA5BM,MAAA,CAAA,EAAA,MAAA;EA4BN,CAAA,CAAA,EEMT,OFNS,CEMD,UFNa,CAAA;EAaZ;;;MEyBmC,QAAQ;EDlF7C9B;AAKb;;;UACwDA,CAAAA,OAK3CC,CAL2CD,EAAAA;IAAa,KAAA,CAAA,EAAA,OAAA;EAKxDC,CAAAA,CAAAA,EC4GyC,OD5GzCA,CC4GiD,UD5GjDA,CAAAA;EAITA;;;;EAAyF,SAAA,CAAA,KAAA,EAAA,MAAA,EAAA,EAAA,OAQzFC,CARyF,EAAA;IAEhFA,KAAAA,CAAAA,EAAAA,OAKb;EACIA,CAAAA,CAAAA,EC4LE,OD5LFA,CC4LU,UD5LM,CAAA;EACPC;AAGb;;;iBAC8EA,CAAAA,QAAAA,EAAAA,MAAAA,EAAAA,OACjEC,CADiED,EAAAA;IAAwB,KAAA,CAAA,EAAA,OAAA;EACzFC,CAAAA,CAAAA,ECiOP,ODjOOA,CAAAA,IAAAA,CAAAA;AAOb,CAAA;AAC2B,KC4OhB,UAAA,GAAa,UD5OG,CAAA,OC4Oe,gBD5Of,CAAA;;;;;;;AFtB5B;AAOA;;AACwB,UItBP,cAAA,CJsBO;eAAf,EAAA,MAAA;EAAM;EAGE,UAAA,CAAA,EAAA,MAAc;EAiBd;EA4BK,SAAA,EAAA,CAAA,KAAY,EAAA,MAAA,EAAA,EAAA,GAAA,IAAA,GIjEO,OJiEP,CAAA,IAAA,CAAA;;;;;AAqBlC;;AAEY,iBIhFU,YAAA,CJgFV,OAAA,EI/ED,cJ+EC,CAAA,EI9ET,OJ8ES,CAAA,GAAA,GI9EK,OJ8EL,CAAA,IAAA,CAAA,CAAA;;;;AAvBsB,UK1DjB,YAAA,CL0DiB;MAEvB,EAAA,MAAA;SAAR,EAAA,OAAA;EAAO,IAAA,CAAA,EAAA,MAAA;EAmBY,IAAA,CAAA,EAAA,MAAA;EAAa,KAAA,CAAA,EAAA,MAAA;;;;AAanC;AAAyC,iBKAnB,WAAA,CLAmB,aAAA,EAAA,MAAA,EAAA,aAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EKG/B,cLH+B,EAAA,OAI/B,CAJ+B,EAAA;aAGhC,CAAA,EAAA,MAAA;OACN,CAAA,EAAA,OAAA;CAAO,CAAA,EKCP,OLDO,CKCC,YLDD,EAAA,CAAA;AASV;;;AA/CsB,UM5DL,cAAA,CN4DiB;EAAA,IAAA,EAAA,MAAA;SAEvB,EAAA,OAAA;MAAR,CAAA,EAAA,MAAA;EAAO,KAAA,CAAA,EAAA,MAAA;AAmBV;AAAmC,iBM5Bb,aAAA,CN4Ba,aAAA,EAAA,MAAA,EAAA,aAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EMzBzB,cNyByB,EAAA,cAAA,CAAA,EMxBhB,cNwBgB,EAAA,OAGzB,CAHyB,EAAA;aAEvB,CAAA,EAAA,MAAA;OACT,CAAA,EAAA,OAAA;CAAO,CAAA,EMzBP,ONyBO,CMzBC,cNyBD,EAAA,CAAA;AAUV;;;;;;AA1FA;AAOiB,UOxBA,YAAA,CPwBa;EAAA,UAAA,CAAA,EAAA,MAAA;aACN,CAAA,EAAA,MAAA;;;AAGxB;AAiBA;AA4BA;;AAEW,iBOjEW,SPiEX,CAAA,CAAA,CAAA,CAAA,EAAA,EAAA,GAAA,GOhEC,OPgED,COhES,CPgET,CAAA,EAAA,OAAA,CAAA,EO/DA,YP+DA,CAAA,EO9DR,OP8DQ,CO9DA,CP8DA,CAAA;;;;AAFuB,UQnDjB,WAAA,CRmDiB;WAEvB,EAAA,MAAA,GAAA,SAAA,GAAA,KAAA;SAAR,EAAA,MAAA;EAAO,IAAA,EAAA,MAAA;AAmBV;AAAmC,UQlElB,gBAAA,CRkEkB;eAEvB,EAAA,MAAA;QACT,EQnEO,cRmEP;;AAUH,UQ1EU,YAAA,CR0EY;EAAmB,IAAA,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;MAGhC,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;OACN,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;EAAO,KAAA,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;AASV;AAgBsB,UQhGL,gBAAA,CRgGwC;EAgBzC,UAAA,CAAA,MAAa,EQ/GR,WR+GQ,EAAA,CAAA,EQ/GQ,OR+GR,CAAA,IAAA,CAAA;EAAA,YAAA,CAAA,MAAA,EQ9GN,WR8GM,EAAA,CAAA,EQ9GU,OR8GV,CAAA,IAAA,CAAA;oBACpB,CAAA,QAAA,EAAA,MAAA,EAAA,SAAA,EAAA,SAAA,GAAA,SAAA,CAAA,EQ9GiE,OR8GjE,CAAA,IAAA,CAAA;UACC,EAAA,EQ9GI,OR8GJ,CAAA,IAAA,CAAA;WACP,EAAA,EQ9GY,WR8GZ,EAAA;;iBQ3Ga,sBAAA,SACN,uBACH,eACJ"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","names":["ResourceScope","IntegrationVisibility","IntegrationScope","IntegrationDesiredStatus","IntegrationActualStatus","IntegrationInstall","Record","IntegrationConfigSchemaField","IntegrationConfigResult","RegistryEntry","SecretScope","EncryptedEnvelopeV1","FIELD_FORMATS","FieldFormat","FIELD_SENSITIVITIES","FieldSensitivity","Field","SECRET_CATEGORIES","SecretCategory","FieldView","SecretAggregate","SecretMetadata","FieldEnvelope","ScopeInfo","GeneratedDataKey","CHANGELOG_ACTIONS","ChangelogAction","ChangelogActor","ChangelogEntry","AgentApiClientConfig","SyncAgentInfo","SyncManifestEntry","SyncManifest","SyncPresignedUrl","SyncConfirmedUpload","SyncReconstructFile","SyncReconstructBundle","SyncAgentStats","SyncFileEntry","SyncSessionEntry","SyncSessionContent","SharedFileEntry","AgentApiClient","Promise"],"sources":["../src/manifest.ts","../src/ignore.ts","../../agent-api-client/dist/index.d.ts","../src/sync-engine.ts","../src/watcher.ts","../src/uploader.ts","../src/downloader.ts","../src/retry.ts","../src/shared-sync.ts"],"sourcesContent":["//#region ../../packages-internal/types/dist/access.d.ts\n\n/**\n * The four resource scopes at which a permission can apply.\n * Order is meaningful: broader scopes first (`org`) → narrower last (`agent`).\n *\n * `IntegrationScope` in integration.ts and `SecretScope` in secrets.ts are\n * intentional aliases of this same enum — there is only one concept of\n * \"scope\" in Alfe.\n */\ndeclare const ResourceScope: {\n readonly Org: \"org\";\n readonly Team: \"team\";\n readonly Project: \"project\";\n readonly Agent: \"agent\";\n};\ntype ResourceScope = (typeof ResourceScope)[keyof typeof ResourceScope];\n/** Ordered tuple of resource scope string values (broad → narrow). */\n//#endregion\n//#region ../../packages-internal/types/dist/integration.d.ts\n/** Controls where an integration appears: public (everyone), hidden (nowhere) */\ndeclare const IntegrationVisibility: {\n readonly Public: \"public\";\n readonly Hidden: \"hidden\";\n};\ntype IntegrationVisibility = (typeof IntegrationVisibility)[keyof typeof IntegrationVisibility];\n/** Scope at which an integration is installed */\ndeclare const IntegrationScope: {\n readonly Org: \"org\";\n readonly Team: \"team\";\n readonly Project: \"project\";\n readonly Agent: \"agent\";\n};\ntype IntegrationScope = ResourceScope;\ndeclare const IntegrationDesiredStatus: {\n readonly Active: \"active\";\n readonly Removed: \"removed\";\n};\ntype IntegrationDesiredStatus = (typeof IntegrationDesiredStatus)[keyof typeof IntegrationDesiredStatus];\ndeclare const IntegrationActualStatus: {\n readonly Installing: \"installing\";\n readonly Active: \"active\";\n readonly Error: \"error\";\n readonly Removing: \"removing\";\n readonly Inactive: \"inactive\";\n readonly Unknown: \"unknown\";\n};\ntype IntegrationActualStatus = (typeof IntegrationActualStatus)[keyof typeof IntegrationActualStatus];\ninterface IntegrationInstall {\n scope: IntegrationScope;\n scopeId: string;\n integrationId: string;\n tenantId: string;\n desiredStatus: IntegrationDesiredStatus;\n actualStatus: IntegrationActualStatus;\n version: string;\n config: Record<string, unknown>;\n errorMessage: string;\n installedAt: string;\n updatedAt: string;\n}\n/** @deprecated Use IntegrationInstall instead */\n\ninterface IntegrationConfigSchemaField {\n key: string;\n label: string;\n type: string;\n description?: string;\n required?: boolean;\n default?: string | number | boolean;\n options?: string[];\n select_options?: {\n value: string;\n label: string;\n }[];\n oauth_provider?: string;\n oauth_scopes?: string[];\n oauth_integration_id?: string;\n editable?: string;\n hidden?: boolean;\n}\ninterface IntegrationConfigResult {\n integrationId: string;\n config: Record<string, unknown>;\n configSchema: IntegrationConfigSchemaField[];\n}\ninterface RegistryEntry {\n id: string;\n name: string;\n description: string;\n versions: string[];\n latest: string;\n repository: string;\n commit: string;\n icon?: string;\n author?: {\n name: string;\n url?: string;\n } | string;\n pricing?: {\n type: \"free\" | \"paid\" | \"usage\";\n price?: number;\n currency?: string;\n interval?: \"month\" | \"year\";\n description?: string;\n };\n features?: string[];\n preview_images?: string[];\n config_schema?: IntegrationConfigSchemaField[];\n supported_agents?: string[];\n /** Scopes where this integration can be installed */\n supported_scopes?: IntegrationScope[];\n /** Visibility status — controls where integration appears */\n visibility?: IntegrationVisibility;\n}\n//# sourceMappingURL=integration.d.ts.map\n//#endregion\n//#region ../../packages-internal/types/dist/secrets.d.ts\n/** Scope levels at which a secret can be owned. Aliased to ResourceScope. */\ntype SecretScope = ResourceScope;\n/**\n * v1 encrypted envelope as persisted by services/secrets and exchanged with\n * agents. Values are AES-256-GCM ciphertext; iv/authTag/ciphertext/dataKeyCiphertext\n * are all base64-encoded.\n */\ninterface EncryptedEnvelopeV1 {\n version: 1;\n iv: string;\n ciphertext: string;\n authTag: string;\n dataKeyCiphertext: string;\n}\n/**\n * Display/validation hint for a field's value. `\"json\"` signals that the\n * string is a JSON-stringified payload that consumers should `JSON.parse`.\n */\ndeclare const FIELD_FORMATS: readonly [\"text\", \"email\", \"url\", \"phone\", \"date\", \"number\", \"json\"];\ntype FieldFormat = (typeof FIELD_FORMATS)[number];\n/**\n * Whether a field is stored in plaintext (visible to anyone with read access)\n * or encrypted (requires KMS + the right encryption context to read).\n */\ndeclare const FIELD_SENSITIVITIES: readonly [\"plaintext\", \"encrypted\"];\ntype FieldSensitivity = (typeof FIELD_SENSITIVITIES)[number];\n/**\n * A field on a secret. `value` is always a string at the wire; for encrypted\n * fields it's the plaintext at the API edge (the service encrypts before\n * persistence). Reads from the dashboard omit `value` for encrypted fields;\n * agents get a `FieldEnvelope` instead and decrypt locally.\n */\ninterface Field {\n key: string;\n format?: FieldFormat;\n sensitivity: FieldSensitivity;\n value: string;\n}\n/**\n * Secret category — drives icon/template/filter behaviour. Defaults to\n * `\"other\"` for migrated rows.\n */\ndeclare const SECRET_CATEGORIES: readonly [\"login\", \"api_key\", \"database\", \"ssh_key\", \"certificate\", \"secure_note\", \"credit_card\", \"identity\", \"wifi\", \"other\"];\ntype SecretCategory = (typeof SECRET_CATEGORIES)[number];\n/**\n * One field as exposed to readers. Encrypted fields have no `value` on the\n * dashboard read path; the agent-side aggregate carries `envelope` instead.\n */\ninterface FieldView {\n key: string;\n format?: FieldFormat;\n sensitivity: FieldSensitivity;\n /** Present for `sensitivity: \"plaintext\"` only. */\n value?: string;\n /** Present for `sensitivity: \"encrypted\"` on agent-side reads only. */\n envelope?: EncryptedEnvelopeV1;\n /** Plaintext fields that opt into `format: \"json\"` are pre-parsed for callers. */\n parsedValue?: unknown;\n rotatedAt?: string;\n createdAt: string;\n updatedAt: string;\n}\n/** A secret as assembled from its multi-row aggregate. */\ninterface SecretAggregate {\n secretId: string;\n secretName: string;\n description?: string;\n tags: string[];\n category: SecretCategory;\n fields: FieldView[];\n changelogVersion: number;\n createdAt: string;\n updatedAt: string;\n}\n/** Metadata-only projection — used by list endpoints. */\ninterface SecretMetadata {\n secretId: string;\n secretName: string;\n description?: string;\n tags: string[];\n category: SecretCategory;\n fieldKeys: string[];\n changelogVersion: number;\n createdAt: string;\n updatedAt: string;\n}\n/**\n * Per-field encrypted envelope returned to agents on the agent-side aggregate.\n * Agents decrypt locally using a data key fetched from `/decrypt-data-key`.\n */\ninterface FieldEnvelope {\n key: string;\n format?: FieldFormat;\n envelope: EncryptedEnvelopeV1;\n rotatedAt?: string;\n createdAt: string;\n updatedAt: string;\n}\n/** A scope the caller can read or write secrets in. */\ninterface ScopeInfo {\n scope: SecretScope;\n scopeId: string;\n name?: string;\n}\n/**\n * KMS-issued data key, returned by the secrets service's\n * `/secrets/generate-data-key` KMS proxy endpoint. The plaintext key is\n * returned base64-encoded; callers MUST decode it to a Buffer and zero the\n * Buffer after use — never keep the plaintext as a JS string.\n */\ninterface GeneratedDataKey {\n plaintextKey: string;\n dataKeyCiphertext: string;\n}\n/**\n * Action types recorded in the secret changelog. Append-only.\n */\ndeclare const CHANGELOG_ACTIONS: readonly [\"created\", \"deleted\", \"metadata_updated\", \"field_added\", \"field_rotated\", \"field_removed\", \"tag_added\", \"tag_removed\"];\ntype ChangelogAction = (typeof CHANGELOG_ACTIONS)[number];\n/** Who triggered a changelog entry. */\ninterface ChangelogActor {\n kind: \"user\" | \"agent\" | \"system\";\n id: string;\n}\n/**\n * One audit row from the secret's changelog. Metadata only — never carries\n * field VALUES (old or new). Rolling back a rotated secret is intentionally\n * not supported.\n */\ninterface ChangelogEntry {\n changelogVersion: number;\n action: ChangelogAction;\n fieldKey?: string;\n fieldSensitivity?: FieldSensitivity;\n changedBy: ChangelogActor;\n reason?: string;\n timestamp: string;\n}\n//# sourceMappingURL=secrets.d.ts.map\n//#endregion\n//#region src/index.d.ts\ninterface AgentApiClientConfig {\n apiKey: string;\n apiUrl: string;\n}\ninterface SyncAgentInfo {\n agentId: string;\n tenantId: string;\n displayName: string;\n s3Prefix: string;\n status: \"stale\" | \"syncing\" | \"synced\";\n fileCount?: number;\n totalSize?: number;\n lastSync?: string;\n}\ninterface SyncManifestEntry {\n hash: string;\n size: number;\n modified: string;\n etag?: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncManifest {\n version: 1;\n agentId: string;\n lastSync: string;\n files: Record<string, SyncManifestEntry>;\n}\ninterface SyncPresignedUrl {\n path: string;\n url: string;\n expiresAt: string;\n}\ninterface SyncConfirmedUpload {\n filePath: string;\n hash: string;\n size: number;\n storageClass: \"STANDARD\" | \"GLACIER_IR\";\n syncedAt: string;\n}\ninterface SyncReconstructFile {\n path: string;\n size: number;\n url: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncReconstructBundle {\n agentId: string;\n mode: \"full\" | \"active\" | \"memory\";\n fileCount: number;\n totalSize: number;\n files: SyncReconstructFile[];\n expiresAt: string;\n}\ninterface SyncAgentStats {\n agentId: string;\n standardBytes: number;\n glacierBytes: number;\n fileCount: number;\n lastSyncAt: string | null;\n}\ninterface SyncFileEntry {\n filePath: string;\n size: number;\n modified: string;\n contentHash: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncSessionEntry {\n sessionId: string;\n size: number;\n lastModified: string;\n storageClass?: string;\n isArchived: boolean;\n}\ninterface SyncSessionContent {\n sessionId: string;\n content: string;\n compressed: boolean;\n}\ninterface SharedFileEntry {\n filePath: string;\n fileName: string;\n size: number;\n contentType?: string;\n}\ndeclare class AgentApiClient {\n private readonly apiKey;\n private readonly apiUrl;\n constructor(config: AgentApiClientConfig);\n private request;\n syncRegister(args?: {\n displayName?: string;\n }): Promise<{\n agent: SyncAgentInfo;\n }>;\n syncGetManifest(): Promise<SyncManifest>;\n syncPresign(args: {\n files: {\n path: string;\n operation: \"put\" | \"get\";\n contentType?: string;\n }[];\n }): Promise<{\n urls: SyncPresignedUrl[];\n }>;\n syncConfirmUpload(args: {\n filePath: string;\n hash: string;\n size: number;\n storageClass?: \"STANDARD\" | \"GLACIER_IR\";\n }): Promise<SyncConfirmedUpload>;\n syncReconstruct(args: {\n mode: \"full\" | \"active\" | \"memory\";\n }): Promise<SyncReconstructBundle>;\n syncGetStats(): Promise<SyncAgentStats>;\n syncListFiles(args?: {\n prefix?: string;\n }): Promise<{\n files: SyncFileEntry[];\n }>;\n syncListSessions(): Promise<{\n sessions: SyncSessionEntry[];\n }>;\n syncGetSession(sessionId: string): Promise<SyncSessionContent>;\n syncDeleteFile(filePath: string): Promise<{\n removed: boolean;\n }>;\n sharedListFiles(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n }): Promise<{\n files: SharedFileEntry[];\n nextCursor: string | null;\n }>;\n sharedDownloadUrl(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n filePath: string;\n }): Promise<{\n downloadUrl: string;\n expiresIn: number;\n }>;\n listIntegrations(): Promise<IntegrationInstall[]>;\n getIntegrationConfig(integrationId: string): Promise<IntegrationConfigResult>;\n updateIntegrationConfig(integrationId: string, config: Record<string, unknown>): Promise<void>;\n installIntegration(integrationId: string, options?: {\n version?: string;\n config?: Record<string, unknown>;\n }): Promise<IntegrationInstall>;\n removeIntegration(integrationId: string): Promise<IntegrationInstall>;\n getOAuthUrl(provider: string, scopes?: string[]): Promise<{\n url: string;\n provider: string;\n expiresIn: number;\n }>;\n getOAuthStatus(provider: string): Promise<{\n provider: string;\n connected: boolean;\n config?: Record<string, string>;\n }>;\n getRegistry(): Promise<{\n integrations: RegistryEntry[];\n }>;\n getGoogleCredentials(): Promise<{\n accounts?: {\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n enabledServices?: string[];\n isDefault: boolean;\n displayName?: string;\n }[];\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n projectId: string;\n enabledServices?: string[];\n }>;\n disconnectGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n isDefault: boolean;\n }[];\n }>;\n setDefaultGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n isDefault: boolean;\n }[];\n }>;\n getGoogleChatCredentials(): Promise<{\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n displayName?: string;\n }>;\n getGithubCredentials(): Promise<{\n login: string;\n accessToken: string;\n }>;\n getXeroCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n xeroTenantId: string;\n }>;\n refreshXeroToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getNotionCredentials(): Promise<{\n accessToken: string;\n workspaceId: string;\n workspaceName: string;\n }>;\n getAtlassianCredentials(): Promise<{\n accessToken: string;\n refreshToken: string;\n accessTokenExpiresAt: string;\n cloudId: string;\n siteName: string;\n siteUrl: string;\n email: string;\n enabledProducts: string[];\n clientId: string;\n clientSecret: string;\n }>;\n refreshAtlassianToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getMYOBCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n myobBusinessId: string;\n clientId: string;\n }>;\n refreshMYOBToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n getTeamsCredentials(): Promise<{\n agentId: string;\n tenantId: string;\n azureAppId: string;\n azureBotId: string;\n azureClientSecret: string;\n botDisplayName?: string;\n teamsTenantId?: string;\n serviceUrl?: string;\n }>;\n sendTeamsMessage(data: {\n conversationId: string;\n text?: string;\n adaptiveCard?: Record<string, unknown>;\n }): Promise<{\n ok: boolean;\n activityId: string;\n }>;\n listTeamsChannels(): Promise<{\n channels: {\n id: string;\n name: string;\n description?: string;\n }[];\n }>;\n presignAttachments(files: {\n filename: string;\n mimeType: string;\n size: number;\n }[]): Promise<{\n attachments: {\n id: string;\n uploadUrl: string;\n downloadUrl: string;\n s3Key: string;\n expiresAt: string;\n }[];\n }>;\n recordActivity(data: {\n userId?: string;\n channel: string;\n role: \"user\" | \"assistant\";\n }): Promise<{\n recorded: boolean;\n }>;\n /**\n * Mint a fresh AES-256 data key for a specific (secret, field) pair. The\n * encryption context is rebuilt server-side from `auth.tenantId` + the body\n * fields including `fieldKey`; the agent cannot forge context for a scope\n * or field it doesn't own. Legacy single-envelope secrets are migrated to\n * `field#value` rows by the data migration, so call with `fieldKey: \"value\"`\n * to reach them.\n */\n generateSecretDataKey(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<GeneratedDataKey>;\n /**\n * Unwrap a wrapped data key so the agent can decrypt the envelope locally.\n * `fieldKey` MUST match the value supplied when the data key was generated\n * (it's bound into KMS encryption context); mismatch fails with\n * `InvalidCiphertextException`.\n */\n decryptSecretDataKey(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n dataKeyCiphertext: string;\n }): Promise<{\n plaintextKey: string;\n }>;\n /**\n * Create a new secret with one or more fields. Encrypted fields must arrive\n * pre-sealed (the agent has already obtained per-field data keys via\n * `generateSecretDataKey({ ..., fieldKey })` and AES-encrypted locally).\n * Plaintext fields ship the value inline.\n */\n createSecret(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n secretName: string;\n category?: SecretCategory;\n description?: string;\n tags?: string[];\n fields: {\n key: string;\n format?: FieldFormat;\n sensitivity: FieldSensitivity;\n value?: string;\n envelope?: EncryptedEnvelopeV1;\n }[];\n reason?: string;\n }): Promise<SecretAggregate>;\n /** Fetch the secret aggregate plus per-field encrypted envelopes. */\n getSecret(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<{\n aggregate: SecretAggregate;\n envelopes: FieldEnvelope[];\n }>;\n /** Fetch one field. Plaintext: value inline. Encrypted: envelope. */\n getSecretField(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<{\n key: string;\n sensitivity: FieldSensitivity;\n format?: FieldFormat;\n value?: string;\n envelope?: EncryptedEnvelopeV1;\n rotatedAt?: string;\n createdAt: string;\n updatedAt: string;\n }>;\n /** Add OR rotate one field. */\n setSecretField(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n sensitivity: FieldSensitivity;\n format?: FieldFormat;\n value?: string;\n envelope?: EncryptedEnvelopeV1;\n reason?: string;\n }): Promise<{\n fieldKey: string;\n rotated: boolean;\n }>;\n /** Remove one field. */\n removeSecretField(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<void>;\n /** Update secret-level metadata (name/description/tags/category). */\n updateSecretMetadata(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n secretName?: string;\n description?: string;\n tags?: string[];\n category?: SecretCategory;\n reason?: string;\n }): Promise<SecretAggregate>;\n /** List metadata for secrets in a scope. Optional filters route through the byFacet GSI. */\n listSecrets(args: {\n scope: SecretScope;\n scopeId: string;\n category?: SecretCategory;\n tag?: string;\n fieldKey?: string;\n }): Promise<SecretMetadata[]>;\n /** Bounded changelog read — metadata-only audit entries. */\n getSecretHistory(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n limit?: number;\n cursor?: string;\n }): Promise<{\n entries: ChangelogEntry[];\n nextCursor?: string;\n }>;\n /** Delete a secret (and all its field rows + tag rows + changelog rows). */\n deleteSecret(args: {\n scope: SecretScope;\n scopeId: string;\n secretId: string;\n }): Promise<void>;\n /** Enumerate scopes (org/team/project/agent) this agent can access. */\n listSecretScopes(): Promise<ScopeInfo[]>;\n resolveIdentity(args: {\n provider: string;\n platformId: string;\n kind?: \"user\" | \"agent\" | \"service\" | \"bot\" | \"workspace\";\n displayName?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n created?: boolean;\n reason?: string;\n /**\n * Flattened auriclabs permission strings for the resolved identity\n * (scope-prefixed where applicable). Empty array on miss / org service\n * outage — the runtime gate fails closed in that case.\n */\n permissions: string[];\n }>;\n searchIdentities(args?: {\n q?: string;\n status?: string;\n limit?: number;\n }): Promise<{\n identities: unknown[];\n }>;\n getIdentityContext(identityId: string): Promise<{\n context: unknown;\n }>;\n mergeIdentities(survivorId: string, args: {\n mergedId: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n unmergeIdentity(identityId: string, args: {\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n addIdentityNote(identityId: string, args: {\n content: string;\n category?: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n noteId: string | null;\n }>;\n tagIdentity(identityId: string, args: {\n tag: string;\n action: \"add\" | \"remove\";\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n }>;\n getIdentityChangelog(identityId: string, args?: {\n limit?: number;\n }): Promise<{\n entries: unknown[];\n }>;\n rollbackIdentity(identityId: string, args: {\n targetVersion: number;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n entry?: unknown;\n }>;\n requestIdentityVerification(args: {\n claimedIdentityId: string;\n requestingIdentityId: string;\n requestingProvider: string;\n requestingPlatformId: string;\n preferredChannel?: \"mobile\" | \"email\";\n /**\n * Phase 2: agent-supplied contact endpoint. When provided, the top-level\n * `preferredChannel` is ignored — the contact's channel wins.\n */\n contact?: {\n channel: \"email\" | \"mobile\";\n value: string;\n };\n }): Promise<{\n verificationId: string;\n channel: string;\n deliveredTo: string;\n expiresAt: string;\n availableChannels: {\n channel: string;\n deliveredTo: string;\n }[];\n } | {\n error: string;\n }>;\n confirmIdentityVerification(args: {\n claimedIdentityId: string;\n verificationId: string;\n phrase: string;\n }): Promise<{\n verified: boolean;\n identityId?: string;\n /** Phase 2: how the confirm resolved — Scenario A vs B. */\n action?: \"merged\" | \"contact_verified\";\n error?: string;\n }>;\n /**\n * Update display-shape fields on an Identity. Body excludes `email` /\n * `phone` / `title` / `company` / `metadata` per Section D4 — contacts go\n * via the verify flow, title/company live on OrgMembership, metadata is\n * not agent-writable.\n */\n updateIdentity(identityId: string, args: {\n name?: string;\n avatarUrl?: string;\n timezone?: string;\n locale?: string;\n }): Promise<{\n ok: boolean;\n }>;\n /**\n * Phase 2 (Section H): server-side verification of a Google Chat sender via\n * the agent's existing Google OAuth credentials. Returns the resolved\n * identity (created or matched via Scenario-B email enrichment).\n */\n resolveGoogleChatSender(args: {\n senderUserId: string;\n spaceId?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n }>;\n memorySearch(query: string, opts?: {\n limit?: number;\n topic?: string;\n subtopic?: string;\n tag?: string;\n includeKnowledge?: boolean;\n }): Promise<{\n facts: {\n subject: string;\n predicate: string;\n object: string;\n since: string;\n confidence: number;\n }[];\n memories: {\n id: string;\n text: string;\n topic: string;\n subtopic: string;\n tag: string;\n importance: number;\n timestamp: number;\n score: number;\n }[];\n }>;\n memoryStore(text: string, opts?: {\n topic?: string;\n subtopic?: string;\n tag?: string;\n importance?: number;\n }): Promise<{\n memoryId: string;\n }>;\n memoryIngest(sessionKey: string, messages: {\n role: string;\n content: string;\n index: number;\n timestamp?: string;\n }[], metadata?: {\n channelId?: string;\n userId?: string;\n userName?: string;\n }): Promise<{\n queued: boolean;\n messageCount: number;\n }>;\n memoryLoadContext(tier?: number, topicHint?: string): Promise<{\n formatted: string;\n [key: string]: unknown;\n }>;\n memoryLookupEntity(subject: string): Promise<{\n subject: string;\n triples: {\n tripleId: string;\n predicate: string;\n object: string;\n validFrom: string;\n validTo?: string;\n confidence: number;\n }[];\n }>;\n memoryNavigate(): Promise<{\n topics: {\n name: string;\n tripleCount: number;\n subtopics: string[];\n }[];\n cursor: string | null;\n }>;\n memoryDelete(memoryId: string): Promise<{\n deleted: boolean;\n }>;\n memoryStats(): Promise<{\n vectorCount: number;\n tripleCount: number;\n storageEstimateBytes: number;\n lastIngestionAt?: string;\n }>;\n memoryLearn(args: {\n text: string;\n source?: string;\n sourceType?: \"file\" | \"url\" | \"inline\";\n metadata?: {\n sessionId?: string;\n channelId?: string;\n userName?: string;\n };\n }): Promise<{\n memoriesStored: number;\n triplesStored: number;\n chunks: number;\n source?: string;\n }>;\n memoryBootstrapStatus(): Promise<{\n synced: boolean;\n syncedAt?: string;\n }>;\n memoryBootstrapStatusMark(): Promise<{\n synced: true;\n syncedAt: string;\n }>;\n searchWeb(params: {\n query: string;\n count?: number;\n offset?: number;\n country?: string;\n freshness?: string;\n }): Promise<unknown>;\n searchImages(params: {\n query: string;\n count?: number;\n }): Promise<unknown>;\n searchNews(params: {\n query: string;\n count?: number;\n freshness?: string;\n }): Promise<unknown>;\n registerDatabaseCredentials(): Promise<{\n connectionString: string;\n username: string;\n password: string;\n databases: string[];\n }>;\n reportDatabaseAudit(entry: {\n database: string;\n collection: string;\n operation: string;\n summary?: string;\n }): Promise<void>;\n}\n//# sourceMappingURL=index.d.ts.map\n//#endregion\nexport { AgentApiClient, AgentApiClientConfig, type ChangelogAction, type ChangelogActor, type ChangelogEntry, type EncryptedEnvelopeV1, type Field, type FieldEnvelope, type FieldFormat, type FieldSensitivity, type FieldView, type GeneratedDataKey, type IntegrationConfigResult, type IntegrationConfigSchemaField, type IntegrationInstall, type RegistryEntry, type ScopeInfo, type SecretAggregate, type SecretCategory, type SecretMetadata, type SecretScope, SharedFileEntry, SyncAgentInfo, SyncAgentStats, SyncConfirmedUpload, SyncFileEntry, SyncManifest, SyncManifestEntry, SyncPresignedUrl, SyncReconstructBundle, SyncReconstructFile, SyncSessionContent, SyncSessionEntry };\n//# sourceMappingURL=index.d.ts.map"],"mappings":";;;;;;;AAyBA;AAOA;;;;;AAIA;AAiBA;AA4BsB,UAxDL,aAAA,CAwDiB;EAAA,IAAA,EAAA,MAAA;MAEvB,EAAA,MAAA;YAAR,EAAA,MAAA;EAAO,YAAA,EAAA,UAAA,GAAA,YAAA;AAmBV;AAAmC,UAtElB,aAAA,CAsEkB;OAEvB,EAvEH,MAuEG,CAAA,MAAA,EAvEY,aAuEZ,CAAA;;AACF,UArEO,cAAA,CAqEP;EAUY,OAAA,EAAA,CAAA;EAAmB,OAAA,EAAA,MAAA;UAGhC,EAAA,MAAA;OACN,EA/EM,MA+EN,CAAA,MAAA,EAAA;IAAO,IAAA,EAAA,MAAA;IASY,IAAA,EAAA,MAAA;IAgBA,QAAA,EAAA,MAAe;IAgBrB,IAAA,CAAA,EAAA,MAAa;IAAA,YAAA,CAAA,EAAA,MAAA;IACpB,UAAA,CAAA,EAAA,OAAA;;;AAEM,UA9GE,YAAA,CA8GF;;;;ECzIO,MAAA,EAAA,MAAA,EAAA;EA4BN;EAaA,SAAA,EAAA,MAAa,EAAA;;;;;ACpD5B;;;;;AACqE;AASjEC,iBFwDiB,YAAA,CExDI,aAAA,EAAA,MAAA,CAAA,EF0DvB,OE1DuB,CF0Df,aE1De,CAAA;;;;;AAEZC,iBF2EQ,aAAA,CEtErB,aAAA,EAAA,MAAA,EAAA,QAAA,EFwEW,aExEX,CAAA,EFyEE,OEzEF,CAAA,IAAA,CAAA;AAAA;AACoC;AAIpC;AAC4B,iBF6EP,mBAAA,CE7EO,aAAA,EAAA,MAAA,EAAA,YAAA,EAAA,MAAA,EAAA,KAAA,EFgFpB,aEhFoB,CAAA,EFiF1B,OEjF0B,CAAA,IAAA,CAAA;;;;AACfE,iBFyFQ,mBAAA,CElFrB,aAAA,EAAA,MAAA,EAAA,YAAA,EAAA,MAAA,CAAA,EFqFE,OErFF,CAAA,IAAA,CAAA;AAAA;;;;AACmG,iBFiG9E,eAAA,CEjG8E,QAAA,EAAA,MAAA,CAAA,EFiG3C,OEjG2C,CAAA,MAAA,CAAA;AAAA;;;;;AAS1FE,iBFwGM,aAAA,CExGNA,KAAAA,EFyGD,aEzGCA,EAAAA,MAAAA,EF0GA,cE1GAA,CAAAA,EF2GP,YE3GOA;;;;;;;AF/BV;AAOA;;;;AACe,iBCPO,kBAAA,CDOP,aAAA,EAAA,MAAA,CAAA,ECLZ,ODKY,CAAA,MAAA,EAAA,CAAA;AAGf;AAiBA;AA4BA;AAAkC,iBC3BlB,YAAA,CD2BkB,YAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,EAAA,CAAA,EAAA,OAAA;;;;AAqBZ,iBCnCN,aAAA,CDmCmB,KAAA,EAAA,MAAA,EAAA,EAAA,QAAA,EAAA,MAAA,EAAA,CAAA,EAAA,MAAA,EAAA;;;;;;;AA7EnC;AAOA;;;;;AAIA;AAiBA,cE3CcN,aF2Ce,EAAA;EA4B7B,SAAsB,GAAA,EAAA,KAAY;EAAA,SAAA,IAAA,EAAA,MAAA;WAEvB,OAAA,EAAA,SAAA;WAAR,KAAA,EAAA,OAAA;CAAO;AAmBV,KEtFKA,aAAAA,GFsF8B,CAAA,OEtFNA,aFsFM,CAAA,CAAA,MAAA,OEtFsBA,aFsFtB,CAAA;;;;;AAanC,cE9FcC,qBF8F2B,EAAA;EAAA,SAAA,MAAA,EAAA,QAAA;WAGhC,MAAA,EAAA,QAAA;;KE7FJA,qBAAAA,GF8FK,CAAA,OE9F2BA,qBF8F3B,CAAA,CAAA,MAAA,OE9F+DA,qBF8F/D,CAAA;AASV;AAgBA,cErHcC,gBFqHuB,EAAA;EAgBrC,SAAgB,GAAA,EAAA,KAAa;EAAA,SAAA,IAAA,EAAA,MAAA;WACpB,OAAA,EAAA,SAAA;WACC,KAAA,EAAA,OAAA;;KEjILA,gBAAAA,GAAmBF,aFkIT;cEjIDG;;;ADRd,CAAA;AA4BA,KChBKA,wBAAAA,GDgBuB,CAAA,OChBYA,wBDgBZ,CAAA,CAAA,MAAA,OChBmDA,wBDgBnD,CAAA;AAa5B,cC5BcC,uBD4Be,EAAA;;;;WCzDfJ,QAAAA,EAKb,UAAA;EAAA,SACIA,QAAAA,EAAa,UAAA;EAAA,SAAA,OAAA,EAAA,SAAA;;KA+BbI,uBAAAA,GA/BoDJ,CAAAA,OA+BlBI,uBA/BkBJ,CAAAA,CAAAA,MAAAA,OA+BoBI,uBA/BpBJ,CAAAA;UAgC/CK,kBAAAA,CAhC4D;EAAA,KAKxDJ,EA4BLC,gBA5BKD;EAGb,OACIA,EAAAA,MAAAA;EAAqB,aAAA,EAAA,MAAA;UAAWA,EAAAA,MAAAA;eAAoCA,EA4BxDE,wBA5BwDF;EAAqB,YAAA,EA6B9EG,uBA7B8E;EAAA,OAEhFF,EAAAA,MAAAA;EAKb,MACIA,EAuBKI,MAvBLJ,CAAAA,MAAgB,EAAA,OAAA,CAAA;EAAgB,YACvBC,EAAAA,MAAAA;EAGb,WACIA,EAAAA,MAAAA;EAAwB,SAAA,EAAA,MAAA;;;;AAA0E,UAyB7FI,4BAAAA,CAjBT;EAAA,GACIH,EAAAA,MAAAA;EAAuB,KAAA,EAAA,MAAA;QAAWA,MAAAA;aAAsCA,CAAAA,EAAAA,MAAAA;EAAuB,QAAA,CAAA,EAAA,OAAA;EAAA,OAC1FC,CAAAA,EAAAA,MAAAA,GAAAA,MAAkB,GAAA,OAAA;EAAA,OAAA,CAAA,EAAA,MAAA,EAAA;gBACnBH,CAAAA,EAAAA;SAIQC,EAAAA,MAAAA;SACDC,EAAAA,MAAAA;;EAEA,cAAA,CAAA,EAAA,MAAA;EAAA,YAONG,CAAAA,EAAAA,MAAAA,EAAAA;EAA4B,oBAkB5BC,CAAAA,EAAAA,MAAuB;EAAA,QAAA,CAAA,EAAA,MAAA;QAEvBF,CAAAA,EAAAA,OAAAA;;UAFAE,uBAAAA,CAGkC;EAAA,aAElCC,EAAAA,MAAa;EAAA,MAAA,EAHbH,MAGa,CAAA,MAAA,EAAA,OAAA,CAAA;cAsBLC,EAxBFA,4BAwBEA,EAAAA;;UAtBRE,aAAAA,CA2BKR;EAAqB,EAAA,EAAA,MAAA;EAAA,IAM/BS,EAAAA,MAAAA;EAA2B,WAMtBC,EAAAA,MAAAA;EAAmB,QAWfC,EAAAA,MAAAA,EAAmF;EAAA,MAC5FC,EAAAA,MAAAA;EAAmC,UAK1BC,EAAAA,MAAAA;EAAwD,MACjEC,EAAAA,MAAAA;EAU0B,IAOjBE,CAAAA,EAAAA,MAAAA;EAAiJ,MAC1JC,CAAAA,EAAAA;IAKKC,IAAAA,EAAAA,MAAS;IAAA,GAAA,CAAA,EAAA,MAAA;YAERN;SACIE,CAAAA,EAAAA;QAIFJ,EAAAA,MAAAA,GAAAA,MAAAA,GAAAA,OAAAA;IAAmB,KAAA,CAAA,EAAA,MAAA;IAQtBS,QAAAA,CAAAA,EAAAA,MAAAA;IAAe,QAAA,CAAA,EAAA,OAAA,GAAA,MAAA;eAKbF,CAAAA,EAAAA,MAAAA;;EACO,QAAA,CAAA,EAAA,MAAA,EAAA;EAAA,cAMTG,CAAAA,EAAAA,MAAc,EAAA;EAKE,aAUhBC,CAAAA,EApGQf,4BAoGK,EAAA;EAAA,gBAAA,CAAA,EAAA,MAAA,EAAA;;kBAGXI,CAAAA,EApGST,gBAoGTS,EAAAA;EAAmB;EAAA,UAMrBY,CAAAA,EAxGKtB,qBAyGNS;AAAW;AAUM;AAOuI;AACjH;AAExB;KAvHnBA,WAAAA,GAAcV,aAgIK;;;;;AAKG;AAOG,UAtIpBW,mBAAAA,CA0Ia;EAAA,OAUboB,EAAAA,CAAAA;EAAiB,EAQjBC,EAAAA,MAAAA;EAAY,UAAA,EAAA,MAAA;SAIED,EAAAA,MAAAA;mBAAfzB,EAAAA,MAAAA;;AAAM;AAEW;AAKG;AAOA;AAYD,cA/KdM,aAkLU,EAAA,SAAA,CAAA,MAAA,EAAA,OAAA,EAAA,KAAA,EAAA,OAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,CAAA;AAAA,KAjLnBC,WAAAA,GAwLKyB,CAAa,OAxLI1B,aAwLJ,CAAA,CAAA,MAAA,CAAA;AAAA;AAQG;AAOE;AAKH;cAvMXE,mBA6Mc,EAAA,SAAA,CAAA,WAAA,EAAA,WAAA,CAAA;KA5MvBC,gBAAAA,GA+MiBc,CAAAA,OA/MUf,mBA+MVe,CAAAA,CAAAA,MAAAA,CAAAA;;;;;;;;;;;;cA9LRZ,iBAiO+BuB,EAAAA,SAAAA,CAAAA,OAAAA,EAAAA,SAAAA,EAAAA,UAAAA,EAAAA,SAAAA,EAAAA,aAAAA,EAAAA,aAAAA,EAAAA,aAAAA,EAAAA,UAAAA,EAAAA,MAAAA,EAAAA,OAAAA,CAAAA;KAhOxCtB,cAAAA,GAgOgCyB,CAAAA,OAhOP1B,iBAgOO0B,CAAAA,CAAAA,MAAAA,CAAAA;;;;;UA3N3BxB,SAAAA,CA8OoBd;OAARsC,MAAAA;QACiCnC,CAAAA,EA7O5CK,WA6O4CL;aAARmC,EA5OhC5B,gBA4OgC4B;;OACoCA,CAAAA,EAAAA,MAAAA;;UAIrEtC,CAAAA,EA7ODM,mBA6OCN;;aACsCA,CAAAA,EAAAA,OAAAA;WAARsC,CAAAA,EAAAA,MAAAA;WACQA,EAAAA,MAAAA;WAQvCrC,EAAAA,MAAAA;;;UA/OHc,eAAAA,CAiPOuB;UAGSA,EAAAA,MAAAA;YAiBgBA,EAAAA,MAAAA;aAOAA,CAAAA,EAAAA,MAAAA;QAOZA,MAAAA,EAAAA;UAOJA,EArRdzB,cAqRcyB;QAIFA,EAxRdxB,SAwRcwB,EAAAA;kBAKFA,EAAAA,MAAAA;WAIIA,EAAAA,MAAAA;WAKGA,EAAAA,MAAAA;;;UAhSnBtB,cAAAA,CAsTYsB;UAIGA,EAAAA,MAAAA;YAaNrC,EAAAA,MAAAA;aACbqC,CAAAA,EAAAA,MAAAA;QAIiBA,MAAAA,EAAAA;UAWfA,EAlVIzB,cAkVJyB;WAaFA,EAAAA,MAAAA,EAAAA;kBAYKjC,EAAAA,MAAAA;WAIGc,EAAAA,MAAAA;WAARmB,EAAAA,MAAAA;;;;;;UArWIrB,aAAAA,CAsYSP;OAEFJ,MAAAA;QAGHS,CAAAA,EAzYHP,WAyYGO;UAARuB,EAxYMhC,mBAwYNgC;WAGKjC,CAAAA,EAAAA,MAAAA;WAIIU,EAAAA,MAAAA;WACAE,EAAAA,MAAAA;;;UA1YLC,SAAAA,CAoZOR;OACJF,EApZJH,WAoZIG;SAEEF,EAAAA,MAAAA;OALTgC,EAAAA,MAAAA;;;;;;;;UAvYInB,gBAAAA,CAyaCd;cAMIQ,EAAAA,MAAAA;mBAEDE,EAAAA,MAAAA;;;;;cA1aAK,iBAkbRkB,EAAAA,SAAAA,CAAAA,SAAAA,EAAAA,SAAAA,EAAAA,kBAAAA,EAAAA,aAAAA,EAAAA,eAAAA,EAAAA,eAAAA,EAAAA,WAAAA,EAAAA,aAAAA,CAAAA;KAjbDjB,eAAAA,GAobMhB,CAAAA,OApboBe,iBAobpBf,CAAAA,CAAAA,MAAAA,CAAAA;;UAlbDiB,cAAAA,CAubJgB;QAMKjC,MAAAA,GAAAA,OAAAA,GAAAA,QAAAA;YAGLiC;;;;;;;UAvbIf,cAAAA,CAseJe;kBAYAA,EAAAA,MAAAA;QAWAA,EA3fIjB,eA2fJiB;UAKAA,CAAAA,EAAAA,MAAAA;kBAUAA,CAAAA,EAxgBe5B,gBAwgBf4B;WAkBAA,EAzhBOhB,cAyhBPgB;QAgBAA,CAAAA,EAAAA,MAAAA;WAkBAA,EAAAA,MAAAA;;;;;UApjBId,oBAAAA,CAinB8Cc;QAIjBA,EAAAA,MAAAA;QAWnBA,EAAAA,MAAAA;;UA5nBVb,aAAAA,CAuoBOa;SAeXA,EAAAA,MAAAA;UAMqBA,EAAAA,MAAAA;aAIIA,EAAAA,MAAAA;UAUzBA,EAAAA,MAAAA;QAIAA,EAAAA,OAAAA,GAAAA,SAAAA,GAAAA,QAAAA;WAKAA,CAAAA,EAAAA,MAAAA;WAC2BA,CAAAA,EAAAA,MAAAA;UAW3BA,CAAAA,EAAAA,MAAAA;;UArrBIZ,iBAAAA;;;ECnPV,QAAiB,EAAA,MAAU;EAO3B,IAAiB,CAAA,EAAA,MAAA;EAWjB,YAAgB,CAAA,EAAA,MAAgB;EAAA,UAAA,CAAA,EAAA,OAAA;;UDyOtBC,YAAAA,CCzOwC;SAAU,EAAA,CAAA;;UAY7C,EAAA,MAAA;OAAR,EDiOE1B,MCjOF,CAAA,MAAA,EDiOiByB,iBCjOjB,CAAA;;UDmOGE,gBAAAA,CCnMyC;QAqCY,MAAA;OAAR,MAAA;WA4FxC,EAAA,MAAA;;UDuELC,mBAAAA,CC5BH;EAAO,QAAA,EAAA,MAAA;EAmBd,IAAY,EAAA,MAAA;EAAU,IAAA,EAAA,MAAA;cAAqB,EAAA,UAAA,GAAA,YAAA;UAAlB,EAAA,MAAA;;UDgBfC,mBAAAA;;;EEhSV,GAAiB,EAAA,MAAA;EAajB,YAAsB,CAAA,EAAA,MAAY;EAAA,UAAA,CAAA,EAAA,OAAA;;UF0RxBC,qBAAAA,CExRO;SAAd,EAAA,MAAA;EAAO,IAAA,EAAA,MAAA,GAAA,QAAA,GAAA,QAAA;;;SF6RDD;EGhST,SAAiB,EAAA,MAAY;AA4F7B;UHuMUE,cAAAA,CGvMuB;SAGvB,EAAA,MAAA;eAEC,EAAA,MAAA;cAAR,EAAA,MAAA;EAAO,SAAA,EAAA,MAAA;;;UHyMAC,aAAAA;EI5SV,QAAiB,EAAA,MAAA;EAqDjB,IAAsB,EAAA,MAAA;EAAa,QAAA,EAAA,MAAA;aAGzB,EAAA,MAAA;cACS,CAAA,EAAA,MAAA;YAER,CAAA,EAAA,OAAA;;UJyPDC,gBAAAA,CIzPA;;;;ECxEV,YAAiB,CAAA,EAAA,MAAY;EAU7B,UAAsB,EAAA,OAAS;;UL8TrBC,kBAAAA,CK7TU;WAAR,EAAA,MAAA;SACD,EAAA,MAAA;YACA,EAAA,OAAA;;ULgUDC,eAAAA,CKhUA;;;;ECSV,WAAiB,CAAA,EAAA,MAAW;AAM5B;AAGC,cNoTaC,cAAAA,CMlTQ;EAOtB,iBAAiB,MAAgB;EAAA,iBAAA,MAAA;aACZ,CAAA,MAAA,EN6SCb,oBM7SD;UAAgB,OAAA;cACd,CAAA,KAAA,EAAA;eAAgB,CAAA,EAAA,MAAA;MNgTjCc,OM/SoE,CAAA;SAC5D,EN+SHb,aM/SG;;EACY,eAAA,CAAA,CAAA,ENgTLa,OMhTK,CNgTGX,YMhTH,CAAA;EAG1B,WAAgB,CAAA,IAAA,EAAA;IAAsB,KAAA,EAAA;UAC5B,EAAA,MAAA;eACH,EAAA,KAAA,GAAA,KAAA;iBACJ,CAAA,EAAA,MAAA;IAAgB,CAAA,EAAA;MNiTbW;UACIV;;;;;;;MAOJU,QAAQT;;;MAGRS,QAAQP;kBACIO,QAAQN;;;MAGpBM;WACKL;;sBAEWK;cACRJ;;qCAEuBI,QAAQH;oCACTG;;;;;;MAM9BA;WACKF;;;;;;;MAOLE;;;;sBAIgBA,QAAQtC;+CACiBsC,QAAQnC;yDACEF,0BAA0BqC;;;aAGtErC;MACPqC,QAAQtC;4CAC8BsC,QAAQtC;oDACAsC;;;;;oCAKhBA;;;aAGvBrC;;iBAEIqC;kBACClC;;0BAEQkC;;;;;;;;;;;;;;;;;0CAiBgBA;;;;;;;0CAOAA;;;;;;;8BAOZA;;;;;;;0BAOJA;;;;wBAIFA;;;;;sBAKFA;;;;0BAIIA;;;;;6BAKGA;;;;;;;;;;;;2BAYFA;;;;wBAIHA;;;;;;sBAMFA;;;;yBAIGA;;;;;;;;;;;;;mBAaNrC;MACbqC;;;;uBAIiBA;;;;;;;;;;;QAWfA;;;;;;;;;;;;;MAaFA;;;;;;;;;;;;WAYKjC;;;;MAILiC,QAAQnB;;;;;;;;WAQHd;;;;;MAKLiC;;;;;;;;;;WAUKjC;;;;eAIIQ;;;;;eAKAL;mBACIE;;iBAEFJ;;;MAGXgC,QAAQvB;;;WAGHV;;;MAGLiC;eACSvB;eACAE;;;;WAIJZ;;;;MAILiC;;iBAEW5B;aACJF;;eAEEF;;;;;;;WAOJD;;;;iBAIMK;aACJF;;eAEEF;;MAETgC;;;;;;WAMKjC;;;;MAILiC;;;WAGKjC;;;;;;eAMIQ;;MAETyB,QAAQvB;;;WAGHV;;eAEIQ;;;MAGTyB,QAAQtB;;;WAGHX;;;;;MAKLiC;aACOf;;;;;WAKFlB;;;MAGLiC;;sBAEgBA,QAAQpB;;;;;;MAMxBoB;;;;;;;;;;;;;;;;MAgBAA;;;0CAGoCA;;;;;;;;;;MAUpCA;;;;;;;;;;MAUAA;;;;;;;;;;;;MAYAA;;;;;;;;;;;MAWAA;;;;;MAKAA;;;;;;;;;;MAUAA;;;;;;;;;;;;;;;;;;MAkBAA;;;;;;;;;;;;;;;;MAgBAA;;;;;;;;;;;;;;;;;;MAkBAA;;;;;;;;;;;MAWAA;;;;;;;;;;MAUAA;;;;;;;;;;;;;;;;;;;;;;;;MAwBAA;;;;;;;;;;;;MAYAA;;;;wDAIkDA;;;;uCAIjBA;;;;;;;;;;;oBAWnBA;;;;;;;;kCAQcA;;;iBAGjBA;;;;;;;;;;;;;;;MAeXA;;;;;;2BAMqBA;;;;+BAIIA;;;;;;;;;;MAUzBA;;;;MAIAA;;;;;MAKAA;iCAC2BA;;;;;;;;;;;MAW3BA;;;;;;AFr3B4B,UGnDjB,UAAA,CHmDiB;QAEvB,EAAA,MAAA;QAAR,EAAA,MAAA;EAAO,SAAA,EAAA,MAAA;EAmBY,MAAA,EAAA,MAAA;;AAEV,UGnEK,iBAAA,CHmEL;eACT,EAAA,MAAA;EAAO,MAAA,EGlEA,cHkEA;AAUV;;;;;AAaA;AAgBA;AAgBgB,iBGhHA,gBAAA,CHgHa;EAAA,aAAA;EAAA;AAAA,CAAA,EGhH+B,iBHgH/B,CAAA,EAAA;EAAA,aAAA,EAAA,MAAA;QACpB,gBAAA;;;;;gCC3GO;;IA5BM,MAAA,CAAA,EAAA,MAAA;EA4BN,CAAA,CAAA,EEMT,OFNS,CEMD,UFNa,CAAA;EAaZ;;;MEyBmC,QAAQ;EDlF7C3C;AAKb;;;UACwDA,CAAAA,OAK3CC,CAL2CD,EAAAA;IAAa,KAAA,CAAA,EAAA,OAAA;EAKxDC,CAAAA,CAAAA,EC4GyC,OD5GzCA,CC4GiD,UD5GjDA,CAAAA;EAITA;;;;EAAyF,SAAA,CAAA,KAAA,EAAA,MAAA,EAAA,EAAA,OAQzFC,CARyF,EAAA;IAEhFA,KAAAA,CAAAA,EAAAA,OAKb;EACIA,CAAAA,CAAAA,EC4LE,OD5LFA,CC4LU,UD5LM,CAAA;EACPC;AAGb;;;iBAC8EA,CAAAA,QAAAA,EAAAA,MAAAA,EAAAA,OACjEC,CADiED,EAAAA;IAAwB,KAAA,CAAA,EAAA,OAAA;EACzFC,CAAAA,CAAAA,ECiOP,ODjOOA,CAAAA,IAAAA,CAAAA;AAOb,CAAA;AAC2B,KC4OhB,UAAA,GAAa,UD5OG,CAAA,OC4Oe,gBD5Of,CAAA;;;;;;;AFtB5B;AAOA;;AACwB,UItBP,cAAA,CJsBO;eAAf,EAAA,MAAA;EAAM;EAGE,UAAA,CAAA,EAAA,MAAc;EAiBd;EA4BK,SAAA,EAAA,CAAA,KAAY,EAAA,MAAA,EAAA,EAAA,GAAA,IAAA,GIjEO,OJiEP,CAAA,IAAA,CAAA;;;;;AAqBlC;;AAEY,iBIhFU,YAAA,CJgFV,OAAA,EI/ED,cJ+EC,CAAA,EI9ET,OJ8ES,CAAA,GAAA,GI9EK,OJ8EL,CAAA,IAAA,CAAA,CAAA;;;;AAvBsB,UK1DjB,YAAA,CL0DiB;MAEvB,EAAA,MAAA;SAAR,EAAA,OAAA;EAAO,IAAA,CAAA,EAAA,MAAA;EAmBY,IAAA,CAAA,EAAA,MAAA;EAAa,KAAA,CAAA,EAAA,MAAA;;;;AAanC;AAAyC,iBKAnB,WAAA,CLAmB,aAAA,EAAA,MAAA,EAAA,aAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EKG/B,cLH+B,EAAA,OAI/B,CAJ+B,EAAA;aAGhC,CAAA,EAAA,MAAA;OACN,CAAA,EAAA,OAAA;CAAO,CAAA,EKCP,OLDO,CKCC,YLDD,EAAA,CAAA;AASV;;;AA/CsB,UM5DL,cAAA,CN4DiB;EAAA,IAAA,EAAA,MAAA;SAEvB,EAAA,OAAA;MAAR,CAAA,EAAA,MAAA;EAAO,KAAA,CAAA,EAAA,MAAA;AAmBV;AAAmC,iBM5Bb,aAAA,CN4Ba,aAAA,EAAA,MAAA,EAAA,aAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EMzBzB,cNyByB,EAAA,cAAA,CAAA,EMxBhB,cNwBgB,EAAA,OAGzB,CAHyB,EAAA;aAEvB,CAAA,EAAA,MAAA;OACT,CAAA,EAAA,OAAA;CAAO,CAAA,EMzBP,ONyBO,CMzBC,cNyBD,EAAA,CAAA;AAUV;;;;;;AA1FA;AAOiB,UOxBA,YAAA,CPwBa;EAAA,UAAA,CAAA,EAAA,MAAA;aACN,CAAA,EAAA,MAAA;;;AAGxB;AAiBA;AA4BA;;AAEW,iBOjEW,SPiEX,CAAA,CAAA,CAAA,CAAA,EAAA,EAAA,GAAA,GOhEC,OPgED,COhES,CPgET,CAAA,EAAA,OAAA,CAAA,EO/DA,YP+DA,CAAA,EO9DR,OP8DQ,CO9DA,CP8DA,CAAA;;;;AAFuB,UQnDjB,WAAA,CRmDiB;WAEvB,EAAA,MAAA,GAAA,SAAA,GAAA,KAAA;SAAR,EAAA,MAAA;EAAO,IAAA,EAAA,MAAA;AAmBV;AAAmC,UQlElB,gBAAA,CRkEkB;eAEvB,EAAA,MAAA;QACT,EQnEO,cRmEP;;AAUH,UQ1EU,YAAA,CR0EY;EAAmB,IAAA,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;MAGhC,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;OACN,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;EAAO,KAAA,CAAA,GAAA,EAAA,MAAA,CAAA,EAAA,IAAA;AASV;AAgBsB,UQhGL,gBAAA,CRgGwC;EAgBzC,UAAA,CAAA,MAAa,EQ/GR,WR+GQ,EAAA,CAAA,EQ/GQ,OR+GR,CAAA,IAAA,CAAA;EAAA,YAAA,CAAA,MAAA,EQ9GN,WR8GM,EAAA,CAAA,EQ9GU,OR8GV,CAAA,IAAA,CAAA;oBACpB,CAAA,QAAA,EAAA,MAAA,EAAA,SAAA,EAAA,SAAA,GAAA,SAAA,CAAA,EQ9GiE,OR8GjE,CAAA,IAAA,CAAA;UACC,EAAA,EQ9GI,OR8GJ,CAAA,IAAA,CAAA;WACP,EAAA,EQ9GY,WR8GZ,EAAA;;iBQ3Ga,sBAAA,SACN,uBACH,eACJ"}
|
package/openclaw.plugin.json
CHANGED
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
"name": "Alfe Sync Plugin",
|
|
4
4
|
"description": "Agent workspace backup and sync — S3-backed, automatic pull/push on start/stop",
|
|
5
5
|
"entry": "./dist/plugin.js",
|
|
6
|
+
"activation": { "onStartup": true },
|
|
6
7
|
"hooks": {
|
|
7
8
|
"onAgentStart": "alfesync pull --quiet",
|
|
8
9
|
"onAgentStop": "alfesync push --quiet",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@alfe.ai/openclaw-sync",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.20",
|
|
4
4
|
"description": "AlfeSync — agent workspace backup and sync skill for OpenClaw",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -21,7 +21,7 @@
|
|
|
21
21
|
"commander": "^13.0.0",
|
|
22
22
|
"micromatch": "^4.0.8",
|
|
23
23
|
"ws": "^8.18.0",
|
|
24
|
-
"@alfe.ai/agent-api-client": "0.1.
|
|
24
|
+
"@alfe.ai/agent-api-client": "0.1.2",
|
|
25
25
|
"@alfe.ai/config": "0.0.8"
|
|
26
26
|
},
|
|
27
27
|
"files": [
|