@channelfactory/cliend 0.1.0

package/dist/bin/cliend.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cliend.d.ts.map

package/dist/bin/cliend.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cliend.d.ts","sourceRoot":"","sources":["../../bin/cliend.ts"],"names":[],"mappings":""}

package/dist/bin/cliend.js

@@ -0,0 +1,7 @@
+#!/usr/bin/env node
+import { main } from '../src/index.js';
+main(process.argv).catch((error) => {
+    console.error(`Fatal: ${error.message}`);
+    process.exit(1);
+});
+//# sourceMappingURL=cliend.js.map

package/dist/bin/cliend.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cliend.js","sourceRoot":"","sources":["../../bin/cliend.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAEvC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,KAAY,EAAE,EAAE;IACxC,OAAO,CAAC,KAAK,CAAC,UAAU,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACzC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/src/auth/auth-manager.d.ts

@@ -0,0 +1,16 @@
+import type { Logger } from 'pino';
+import type { AppConfig } from '../types/config.js';
+export declare class AuthManager {
+    private readonly config;
+    private readonly logger;
+    private readonly credentialsStore;
+    private tokens;
+    constructor(config: AppConfig, logger: Logger);
+    isAuthenticated(): Promise<boolean>;
+    getAccessToken(): Promise<string>;
+    authenticate(): Promise<void>;
+    private exchangeCode;
+    private refreshTokens;
+    private getTokens;
+}
+//# sourceMappingURL=auth-manager.d.ts.map

package/dist/src/auth/auth-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-manager.d.ts","sourceRoot":"","sources":["../../../src/auth/auth-manager.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,MAAM,CAAC;AACnC,OAAO,KAAK,EAAE,SAAS,EAAc,MAAM,oBAAoB,CAAC;AAShE,qBAAa,WAAW;IAKpB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IALzB,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAmB;IACpD,OAAO,CAAC,MAAM,CAA2B;gBAGtB,MAAM,EAAE,SAAS,EACjB,MAAM,EAAE,MAAM;IAK3B,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAKnC,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC;IAgBjC,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;YAkDrB,YAAY;YAmCZ,aAAa;YAsCb,SAAS;CAKxB"}

package/dist/src/auth/auth-manager.js

@@ -0,0 +1,135 @@
+import { randomBytes } from 'node:crypto';
+import { CredentialsStore } from './credentials-store.js';
+import { startCallbackServer } from './local-server.js';
+import { TokenExpiredError, OAuthFlowError } from '../errors/auth-error.js';
+const AUTH_URL = 'https://auth.atlassian.com/authorize';
+const TOKEN_URL = 'https://auth.atlassian.com/oauth/token';
+const SCOPES = ['read:jira-work', 'read:jira-user', 'offline_access'];
+export class AuthManager {
+    config;
+    logger;
+    credentialsStore;
+    tokens = null;
+    constructor(config, logger) {
+        this.config = config;
+        this.logger = logger;
+        this.credentialsStore = new CredentialsStore();
+    }
+    async isAuthenticated() {
+        const tokens = await this.getTokens();
+        return tokens !== null;
+    }
+    async getAccessToken() {
+        let tokens = await this.getTokens();
+        if (!tokens) {
+            throw new OAuthFlowError('Not authenticated. Run /auth first.');
+        }
+        // Check if token is expired (with 60s buffer)
+        if (Date.now() >= tokens.expiresAt - 60_000) {
+            this.logger.info('Access token expired, refreshing...');
+            tokens = await this.refreshTokens(tokens.refreshToken);
+        }
+        return tokens.accessToken;
+    }
+    async authenticate() {
+        const { clientId, callbackUrl } = this.config.atlassian;
+        if (!clientId) {
+            throw new OAuthFlowError('Atlassian Client ID not configured. Set CLIEND_ATLASSIAN_CLIENT_ID.');
+        }
+        const state = randomBytes(16).toString('hex');
+        const port = new URL(callbackUrl).port || '3456';
+        const authUrl = new URL(AUTH_URL);
+        authUrl.searchParams.set('audience', 'api.atlassian.com');
+        authUrl.searchParams.set('client_id', clientId);
+        authUrl.searchParams.set('scope', SCOPES.join(' '));
+        authUrl.searchParams.set('redirect_uri', callbackUrl);
+        authUrl.searchParams.set('state', state);
+        authUrl.searchParams.set('response_type', 'code');
+        authUrl.searchParams.set('prompt', 'consent');
+        // Start local server to receive callback
+        const { promise, server } = startCallbackServer(parseInt(port, 10));
+        // Open browser
+        console.log(`\n  Open this URL in your browser:\n  ${authUrl.toString()}\n`);
+        try {
+            const open = (await import('open')).default;
+            await open(authUrl.toString());
+        }
+        catch {
+            // open failed, user will use the printed URL
+        }
+        console.log('  Waiting for authentication...');
+        try {
+            const result = await promise;
+            if (result.state !== state) {
+                throw new OAuthFlowError('OAuth state mismatch — possible CSRF attack');
+            }
+            // Exchange code for tokens
+            const tokens = await this.exchangeCode(result.code);
+            await this.credentialsStore.setTokens(tokens);
+            this.tokens = tokens;
+            this.logger.info('OAuth authentication successful');
+        }
+        finally {
+            server.close();
+        }
+    }
+    async exchangeCode(code) {
+        const { clientId, clientSecret, callbackUrl } = this.config.atlassian;
+        const response = await fetch(TOKEN_URL, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                grant_type: 'authorization_code',
+                client_id: clientId,
+                client_secret: clientSecret,
+                code,
+                redirect_uri: callbackUrl,
+            }),
+        });
+        if (!response.ok) {
+            const body = await response.text();
+            throw new OAuthFlowError(`Token exchange failed: ${response.status} ${body}`);
+        }
+        const data = (await response.json());
+        return {
+            accessToken: data.access_token,
+            refreshToken: data.refresh_token,
+            expiresAt: Date.now() + data.expires_in * 1000,
+            scope: data.scope,
+        };
+    }
+    async refreshTokens(refreshToken) {
+        const { clientId, clientSecret } = this.config.atlassian;
+        const response = await fetch(TOKEN_URL, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                grant_type: 'refresh_token',
+                client_id: clientId,
+                client_secret: clientSecret,
+                refresh_token: refreshToken,
+            }),
+        });
+        if (!response.ok) {
+            throw new TokenExpiredError(new Error(`Refresh failed: ${response.status}`));
+        }
+        const data = (await response.json());
+        const tokens = {
+            accessToken: data.access_token,
+            refreshToken: data.refresh_token,
+            expiresAt: Date.now() + data.expires_in * 1000,
+            scope: data.scope,
+        };
+        await this.credentialsStore.setTokens(tokens);
+        this.tokens = tokens;
+        this.logger.info('Tokens refreshed successfully');
+        return tokens;
+    }
+    async getTokens() {
+        if (this.tokens)
+            return this.tokens;
+        this.tokens = await this.credentialsStore.getTokens();
+        return this.tokens;
+    }
+}
+//# sourceMappingURL=auth-manager.js.map

package/dist/src/auth/auth-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-manager.js","sourceRoot":"","sources":["../../../src/auth/auth-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAG1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAE5E,MAAM,QAAQ,GAAG,sCAAsC,CAAC;AACxD,MAAM,SAAS,GAAG,wCAAwC,CAAC;AAC3D,MAAM,MAAM,GAAG,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;AAEtE,MAAM,OAAO,WAAW;IAKH;IACA;IALF,gBAAgB,CAAmB;IAC5C,MAAM,GAAsB,IAAI,CAAC;IAEzC,YACmB,MAAiB,EACjB,MAAc;QADd,WAAM,GAAN,MAAM,CAAW;QACjB,WAAM,GAAN,MAAM,CAAQ;QAE/B,IAAI,CAAC,gBAAgB,GAAG,IAAI,gBAAgB,EAAE,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QACtC,OAAO,MAAM,KAAK,IAAI,CAAC;IACzB,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,IAAI,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QAEpC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,cAAc,CAAC,qCAAqC,CAAC,CAAC;QAClE,CAAC;QAED,8CAA8C;QAC9C,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC,SAAS,GAAG,MAAM,EAAE,CAAC;YAC5C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;YACxD,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,MAAM,CAAC,WAAW,CAAC;IAC5B,CAAC;IAED,KAAK,CAAC,YAAY;QAChB,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QAExD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,cAAc,CAAC,qEAAqE,CAAC,CAAC;QAClG,CAAC;QAED,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC9C,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,IAAI,MAAM,CAAC;QAEjD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;QAClC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC;QAC1D,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QAChD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACpD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;QACtD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACzC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAClD,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAE9C,yCAAyC;QACzC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,mBAAmB,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;QAEpE,eAAe;QACf,OAAO,CAAC,GAAG,CAAC,yCAAyC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC7E,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;YAC5C,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,6CAA6C;QAC/C,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;QAE/C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC;YAE7B,IAAI,MAAM,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;gBAC3B,MAAM,IAAI,cAAc,CAAC,6CAA6C,CAAC,CAAC;YAC1E,CAAC;YAED,2BAA2B;YAC3B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACpD,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAC9C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;QACtD,CAAC;gBAAS,CAAC;YACT,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,IAAY;QACrC,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QAEtE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;YACtC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,oBAAoB;gBAChC,SAAS,EAAE,QAAQ;gBACnB,aAAa,EAAE,YAAY;gBAC3B,IAAI;gBACJ,YAAY,EAAE,WAAW;aAC1B,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,cAAc,CAAC,0BAA0B,QAAQ,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAKlC,CAAC;QAEF,OAAO;YACL,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,YAAY,EAAE,IAAI,CAAC,aAAa;YAChC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI;YAC9C,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,YAAoB;QAC9C,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QAEzD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;YACtC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,eAAe;gBAC3B,SAAS,EAAE,QAAQ;gBACnB,aAAa,EAAE,YAAY;gBAC3B,aAAa,EAAE,YAAY;aAC5B,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,iBAAiB,CAAC,IAAI,KAAK,CAAC,mBAAmB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC/E,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAKlC,CAAC;QAEF,MAAM,MAAM,GAAe;YACzB,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,YAAY,EAAE,IAAI,CAAC,aAAa;YAChC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI;YAC9C,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC;QAEF,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAClD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,SAAS;QACrB,IAAI,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC,MAAM,CAAC;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC;QACtD,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;CACF"}

package/dist/src/auth/credentials-store.d.ts

@@ -0,0 +1,12 @@
+import type { AuthTokens } from '../types/config.js';
+export declare class CredentialsStore {
+    private readonly encryptedPath;
+    constructor();
+    getTokens(): Promise<AuthTokens | null>;
+    setTokens(tokens: AuthTokens): Promise<void>;
+    clearTokens(): Promise<void>;
+    private getEncryptionKey;
+    private encrypt;
+    private decrypt;
+}
+//# sourceMappingURL=credentials-store.d.ts.map

package/dist/src/auth/credentials-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials-store.d.ts","sourceRoot":"","sources":["../../../src/auth/credentials-store.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAMrD,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;;IAMjC,SAAS,IAAI,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAqBvC,SAAS,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAqB5C,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;IAclC,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,OAAO;IAUf,OAAO,CAAC,OAAO;CAWhB"}

package/dist/src/auth/credentials-store.js

@@ -0,0 +1,95 @@
+import { readFile, writeFile, mkdir } from 'node:fs/promises';
+import { existsSync } from 'node:fs';
+import { join, dirname } from 'node:path';
+import { homedir } from 'node:os';
+import { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'node:crypto';
+const SERVICE_NAME = 'cliend';
+const ACCOUNT_NAME = 'atlassian-oauth';
+const ALGORITHM = 'aes-256-gcm';
+export class CredentialsStore {
+    encryptedPath;
+    constructor() {
+        this.encryptedPath = join(homedir(), '.cliend', 'credentials.enc');
+    }
+    async getTokens() {
+        // Try keytar first (OS keychain)
+        try {
+            const keytar = await import('keytar');
+            const raw = await keytar.getPassword(SERVICE_NAME, ACCOUNT_NAME);
+            if (raw)
+                return JSON.parse(raw);
+        }
+        catch {
+            // keytar not available, fall through to encrypted file
+        }
+        // Fallback: encrypted file
+        if (!existsSync(this.encryptedPath))
+            return null;
+        try {
+            const encrypted = await readFile(this.encryptedPath, 'utf-8');
+            const decrypted = this.decrypt(encrypted);
+            return JSON.parse(decrypted);
+        }
+        catch {
+            return null;
+        }
+    }
+    async setTokens(tokens) {
+        const json = JSON.stringify(tokens);
+        // Try keytar first
+        try {
+            const keytar = await import('keytar');
+            await keytar.setPassword(SERVICE_NAME, ACCOUNT_NAME, json);
+            return;
+        }
+        catch {
+            // keytar not available, fall through
+        }
+        // Fallback: encrypted file
+        const dir = dirname(this.encryptedPath);
+        if (!existsSync(dir)) {
+            await mkdir(dir, { recursive: true });
+        }
+        const encrypted = this.encrypt(json);
+        await writeFile(this.encryptedPath, encrypted, 'utf-8');
+    }
+    async clearTokens() {
+        try {
+            const keytar = await import('keytar');
+            await keytar.deletePassword(SERVICE_NAME, ACCOUNT_NAME);
+        }
+        catch {
+            // ignore
+        }
+        if (existsSync(this.encryptedPath)) {
+            const { unlink } = await import('node:fs/promises');
+            await unlink(this.encryptedPath);
+        }
+    }
+    getEncryptionKey() {
+        // Derive from a machine-stable seed (hostname + homedir)
+        const seed = `${homedir()}-${process.env.USER ?? 'cliend'}`;
+        return scryptSync(seed, 'cliend-salt', 32);
+    }
+    encrypt(plaintext) {
+        const key = this.getEncryptionKey();
+        const iv = randomBytes(16);
+        const cipher = createCipheriv(ALGORITHM, key, iv);
+        let encrypted = cipher.update(plaintext, 'utf-8', 'hex');
+        encrypted += cipher.final('hex');
+        const authTag = cipher.getAuthTag().toString('hex');
+        return `${iv.toString('hex')}:${authTag}:${encrypted}`;
+    }
+    decrypt(ciphertext) {
+        const [ivHex, authTagHex, encrypted] = ciphertext.split(':');
+        const key = this.getEncryptionKey();
+        const iv = Buffer.from(ivHex, 'hex');
+        const authTag = Buffer.from(authTagHex, 'hex');
+        const decipher = createDecipheriv(ALGORITHM, key, iv);
+        decipher.setAuthTag(authTag);
+        let decrypted = decipher.update(encrypted, 'hex', 'utf-8');
+        decrypted += decipher.final('utf-8');
+        return decrypted;
+    }
+}
+//# sourceMappingURL=credentials-store.js.map

package/dist/src/auth/credentials-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials-store.js","sourceRoot":"","sources":["../../../src/auth/credentials-store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGxF,MAAM,YAAY,GAAG,QAAQ,CAAC;AAC9B,MAAM,YAAY,GAAG,iBAAiB,CAAC;AACvC,MAAM,SAAS,GAAG,aAAa,CAAC;AAEhC,MAAM,OAAO,gBAAgB;IACV,aAAa,CAAS;IAEvC;QACE,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,iBAAiB,CAAC,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,SAAS;QACb,iCAAiC;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;YACtC,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;YACjE,IAAI,GAAG;gBAAE,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAe,CAAC;QAChD,CAAC;QAAC,MAAM,CAAC;YACP,uDAAuD;QACzD,CAAC;QAED,2BAA2B;QAC3B,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC;YAAE,OAAO,IAAI,CAAC;QACjD,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;YAC9D,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAC1C,OAAO,IAAI,CAAC,KAAK,CAAC,SAAS,CAAe,CAAC;QAC7C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,MAAkB;QAChC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAEpC,mBAAmB;QACnB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;YACtC,MAAM,MAAM,CAAC,WAAW,CAAC,YAAY,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;YAC3D,OAAO;QACT,CAAC;QAAC,MAAM,CAAC;YACP,qCAAqC;QACvC,CAAC;QAED,2BAA2B;QAC3B,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACxC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,SAAS,CAAC,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;YACtC,MAAM,MAAM,CAAC,cAAc,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;QAC1D,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,IAAI,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,CAAC;YACnC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;YACpD,MAAM,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAEO,gBAAgB;QACtB,yDAAyD;QACzD,MAAM,IAAI,GAAG,GAAG,OAAO,EAAE,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5D,OAAO,UAAU,CAAC,IAAI,EAAE,aAAa,EAAE,EAAE,CAAC,CAAC;IAC7C,CAAC;IAEO,OAAO,CAAC,SAAiB;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACpC,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAC3B,MAAM,MAAM,GAAG,cAAc,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAClD,IAAI,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QACzD,SAAS,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACpD,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,OAAO,IAAI,SAAS,EAAE,CAAC;IACzD,CAAC;IAEO,OAAO,CAAC,UAAkB;QAChC,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7D,MAAM,GAAG,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACpC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,gBAAgB,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACtD,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC7B,IAAI,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QAC3D,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACrC,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}

package/dist/src/auth/local-server.d.ts

@@ -0,0 +1,14 @@
+import { type Server } from 'node:http';
+export interface OAuthCallbackResult {
+    code: string;
+    state: string;
+}
+/**
+ * Starts an ephemeral HTTP server to receive the OAuth callback.
+ * Returns a promise that resolves with the authorization code.
+ */
+export declare function startCallbackServer(port: number): {
+    promise: Promise<OAuthCallbackResult>;
+    server: Server;
+};
+//# sourceMappingURL=local-server.d.ts.map

package/dist/src/auth/local-server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"local-server.d.ts","sourceRoot":"","sources":["../../../src/auth/local-server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,KAAK,MAAM,EAA6C,MAAM,WAAW,CAAC;AAEjG,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG;IACjD,OAAO,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC;IACtC,MAAM,EAAE,MAAM,CAAC;CAChB,CAkDA"}

package/dist/src/auth/local-server.js

@@ -0,0 +1,49 @@
+import { createServer } from 'node:http';
+/**
+ * Starts an ephemeral HTTP server to receive the OAuth callback.
+ * Returns a promise that resolves with the authorization code.
+ */
+export function startCallbackServer(port) {
+    let resolveCallback;
+    let rejectCallback;
+    const promise = new Promise((resolve, reject) => {
+        resolveCallback = resolve;
+        rejectCallback = reject;
+    });
+    const server = createServer((req, res) => {
+        const url = new URL(req.url ?? '/', `http://localhost:${port}`);
+        if (url.pathname === '/callback') {
+            const code = url.searchParams.get('code');
+            const state = url.searchParams.get('state');
+            const error = url.searchParams.get('error');
+            if (error) {
+                res.writeHead(400, { 'Content-Type': 'text/html' });
+                res.end('<html><body><h1>Authentication Failed</h1><p>You can close this window.</p></body></html>');
+                rejectCallback(new Error(`OAuth error: ${error}`));
+                server.close();
+                return;
+            }
+            if (code && state) {
+                res.writeHead(200, { 'Content-Type': 'text/html' });
+                res.end('<html><body><h1>Authentication Successful!</h1><p>You can close this window and return to your terminal.</p></body></html>');
+                resolveCallback({ code, state });
+                server.close();
+                return;
+            }
+            res.writeHead(400, { 'Content-Type': 'text/plain' });
+            res.end('Missing code or state parameter');
+        }
+        else {
+            res.writeHead(404, { 'Content-Type': 'text/plain' });
+            res.end('Not found');
+        }
+    });
+    server.listen(port);
+    // Timeout after 5 minutes
+    setTimeout(() => {
+        rejectCallback(new Error('OAuth callback timed out after 5 minutes'));
+        server.close();
+    }, 5 * 60 * 1000);
+    return { promise, server };
+}
+//# sourceMappingURL=local-server.js.map

package/dist/src/auth/local-server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"local-server.js","sourceRoot":"","sources":["../../../src/auth/local-server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAA0D,MAAM,WAAW,CAAC;AAOjG;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAI9C,IAAI,eAAsD,CAAC;IAC3D,IAAI,cAAsC,CAAC;IAE3C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACnE,eAAe,GAAG,OAAO,CAAC;QAC1B,cAAc,GAAG,MAAM,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,GAAoB,EAAE,GAAmB,EAAE,EAAE;QACxE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,oBAAoB,IAAI,EAAE,CAAC,CAAC;QAEhE,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC5C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAE5C,IAAI,KAAK,EAAE,CAAC;gBACV,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC,2FAA2F,CAAC,CAAC;gBACrG,cAAc,CAAC,IAAI,KAAK,CAAC,gBAAgB,KAAK,EAAE,CAAC,CAAC,CAAC;gBACnD,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YAED,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC;gBAClB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC,4HAA4H,CAAC,CAAC;gBACtI,eAAe,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;gBACjC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;YACrD,GAAG,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE,CAAC,CAAC;YACrD,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACvB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAEpB,0BAA0B;IAC1B,UAAU,CAAC,GAAG,EAAE;QACd,cAAc,CAAC,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC,CAAC;QACtE,MAAM,CAAC,KAAK,EAAE,CAAC;IACjB,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAElB,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AAC7B,CAAC"}

package/dist/src/config/config-manager.d.ts

@@ -0,0 +1,11 @@
+import type { AppConfig } from '../types/config.js';
+export declare class ConfigManager {
+    private readonly globalConfigPath;
+    private readonly projectConfigPath;
+    constructor(projectDir?: string);
+    load(): Promise<AppConfig>;
+    private readEnv;
+    private readJsonFile;
+    private deepMerge;
+}
+//# sourceMappingURL=config-manager.d.ts.map

package/dist/src/config/config-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-manager.d.ts","sourceRoot":"","sources":["../../../src/config/config-manager.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAEpD,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;gBAE/B,UAAU,CAAC,EAAE,MAAM;IAKzB,IAAI,IAAI,OAAO,CAAC,SAAS,CAAC;IAqBhC,OAAO,CAAC,OAAO;YAgDD,YAAY;IAU1B,OAAO,CAAC,SAAS;CAuBlB"}

package/dist/src/config/config-manager.js

@@ -0,0 +1,102 @@
+import { readFile } from 'node:fs/promises';
+import { existsSync } from 'node:fs';
+import { join } from 'node:path';
+import { homedir } from 'node:os';
+import { appConfigSchema } from './config.schema.js';
+import { DEFAULT_CONFIG } from './defaults.js';
+export class ConfigManager {
+    globalConfigPath;
+    projectConfigPath;
+    constructor(projectDir) {
+        this.globalConfigPath = join(homedir(), '.cliend', 'config.json');
+        this.projectConfigPath = join(projectDir ?? process.cwd(), '.cliend', 'config.json');
+    }
+    async load() {
+        const globalOverrides = await this.readJsonFile(this.globalConfigPath);
+        const projectOverrides = await this.readJsonFile(this.projectConfigPath);
+        const envOverrides = this.readEnv();
+        // Merge layers: defaults < global < project < env
+        const merged = this.deepMerge(DEFAULT_CONFIG, globalOverrides, projectOverrides, envOverrides);
+        const parsed = appConfigSchema.safeParse(merged);
+        if (!parsed.success) {
+            return merged;
+        }
+        return parsed.data;
+    }
+    readEnv() {
+        const env = process.env;
+        const config = {};
+        if (env.CLIEND_ANTHROPIC_API_KEY) {
+            config.providers = {
+                ...(config.providers ?? {}),
+                claude: { apiKey: env.CLIEND_ANTHROPIC_API_KEY },
+            };
+        }
+        if (env.CLIEND_OPENAI_API_KEY) {
+            config.providers = {
+                ...(config.providers ?? {}),
+                codex: { apiKey: env.CLIEND_OPENAI_API_KEY },
+                chatgpt: { apiKey: env.CLIEND_OPENAI_API_KEY },
+            };
+        }
+        if (env.CLIEND_ATLASSIAN_CLIENT_ID) {
+            config.atlassian = {
+                ...(config.atlassian ?? {}),
+                clientId: env.CLIEND_ATLASSIAN_CLIENT_ID,
+            };
+        }
+        if (env.CLIEND_ATLASSIAN_CLIENT_SECRET) {
+            config.atlassian = {
+                ...(config.atlassian ?? {}),
+                clientSecret: env.CLIEND_ATLASSIAN_CLIENT_SECRET,
+            };
+        }
+        if (env.CLIEND_BITBUCKET_WORKSPACE) {
+            config.bitbucket = {
+                ...(config.bitbucket ?? {}),
+                workspace: env.CLIEND_BITBUCKET_WORKSPACE,
+            };
+        }
+        if (env.CLIEND_BITBUCKET_REPO_SLUG) {
+            config.bitbucket = {
+                ...(config.bitbucket ?? {}),
+                repoSlug: env.CLIEND_BITBUCKET_REPO_SLUG,
+            };
+        }
+        if (env.CLIEND_LOG_LEVEL) {
+            config.logging = { level: env.CLIEND_LOG_LEVEL };
+        }
+        return config;
+    }
+    async readJsonFile(path) {
+        if (!existsSync(path))
+            return {};
+        try {
+            const raw = await readFile(path, 'utf-8');
+            return JSON.parse(raw);
+        }
+        catch {
+            return {};
+        }
+    }
+    deepMerge(...objects) {
+        const result = {};
+        for (const obj of objects) {
+            for (const [key, value] of Object.entries(obj)) {
+                if (value !== null &&
+                    typeof value === 'object' &&
+                    !Array.isArray(value) &&
+                    result[key] !== null &&
+                    typeof result[key] === 'object' &&
+                    !Array.isArray(result[key])) {
+                    result[key] = this.deepMerge(result[key], value);
+                }
+                else {
+                    result[key] = value;
+                }
+            }
+        }
+        return result;
+    }
+}
+//# sourceMappingURL=config-manager.js.map

package/dist/src/config/config-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-manager.js","sourceRoot":"","sources":["../../../src/config/config-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAG/C,MAAM,OAAO,aAAa;IACP,gBAAgB,CAAS;IACzB,iBAAiB,CAAS;IAE3C,YAAY,UAAmB;QAC7B,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;QAClE,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;IACvF,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QACvE,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACzE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;QAEpC,kDAAkD;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAC3B,cAAoD,EACpD,eAAe,EACf,gBAAgB,EAChB,YAAuC,CACxC,CAAC;QAEF,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACjD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,MAA8B,CAAC;QACxC,CAAC;QAED,OAAO,MAAM,CAAC,IAA4B,CAAC;IAC7C,CAAC;IAEO,OAAO;QACb,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;QACxB,MAAM,MAAM,GAA4B,EAAE,CAAC;QAE3C,IAAI,GAAG,CAAC,wBAAwB,EAAE,CAAC;YACjC,MAAM,CAAC,SAAS,GAAG;gBACjB,GAAG,CAAE,MAAM,CAAC,SAAqC,IAAI,EAAE,CAAC;gBACxD,MAAM,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,wBAAwB,EAAE;aACjD,CAAC;QACJ,CAAC;QACD,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;YAC9B,MAAM,CAAC,SAAS,GAAG;gBACjB,GAAG,CAAE,MAAM,CAAC,SAAqC,IAAI,EAAE,CAAC;gBACxD,KAAK,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,qBAAqB,EAAE;gBAC5C,OAAO,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,qBAAqB,EAAE;aAC/C,CAAC;QACJ,CAAC;QACD,IAAI,GAAG,CAAC,0BAA0B,EAAE,CAAC;YACnC,MAAM,CAAC,SAAS,GAAG;gBACjB,GAAG,CAAE,MAAM,CAAC,SAAqC,IAAI,EAAE,CAAC;gBACxD,QAAQ,EAAE,GAAG,CAAC,0BAA0B;aACzC,CAAC;QACJ,CAAC;QACD,IAAI,GAAG,CAAC,8BAA8B,EAAE,CAAC;YACvC,MAAM,CAAC,SAAS,GAAG;gBACjB,GAAG,CAAE,MAAM,CAAC,SAAqC,IAAI,EAAE,CAAC;gBACxD,YAAY,EAAE,GAAG,CAAC,8BAA8B;aACjD,CAAC;QACJ,CAAC;QACD,IAAI,GAAG,CAAC,0BAA0B,EAAE,CAAC;YACnC,MAAM,CAAC,SAAS,GAAG;gBACjB,GAAG,CAAE,MAAM,CAAC,SAAqC,IAAI,EAAE,CAAC;gBACxD,SAAS,EAAE,GAAG,CAAC,0BAA0B;aAC1C,CAAC;QACJ,CAAC;QACD,IAAI,GAAG,CAAC,0BAA0B,EAAE,CAAC;YACnC,MAAM,CAAC,SAAS,GAAG;gBACjB,GAAG,CAAE,MAAM,CAAC,SAAqC,IAAI,EAAE,CAAC;gBACxD,QAAQ,EAAE,GAAG,CAAC,0BAA0B;aACzC,CAAC;QACJ,CAAC;QACD,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;YACzB,MAAM,CAAC,OAAO,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACnD,CAAC;QAED,OAAO,MAA4B,CAAC;IACtC,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,IAAY;QACrC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC1C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAA4B,CAAC;QACpD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAEO,SAAS,CAAC,GAAG,OAAkC;QACrD,MAAM,MAAM,GAA4B,EAAE,CAAC;QAC3C,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;YAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC/C,IACE,KAAK,KAAK,IAAI;oBACd,OAAO,KAAK,KAAK,QAAQ;oBACzB,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACrB,MAAM,CAAC,GAAG,CAAC,KAAK,IAAI;oBACpB,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,QAAQ;oBAC/B,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAC3B,CAAC;oBACD,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,SAAS,CAC1B,MAAM,CAAC,GAAG,CAA4B,EACtC,KAAgC,CACjC,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;gBACtB,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}