@classytic/arc 1.0.8 → 2.1.2

package/dist/createApp-CUgNqegw.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"createApp-CUgNqegw.mjs","names":[],"sources":["../src/factory/presets.ts","../src/factory/createApp.ts"],"sourcesContent":["/**\n * Environment Presets for createApp\n *\n * Provides sensible defaults for different environments:\n * - production: Strict security, performance optimized\n * - development: Relaxed CORS, verbose logging\n * - testing: In-memory DB, no rate limiting\n */\n\nimport type { CreateAppOptions } from './types.js';\n\n/**\n * Production preset - strict security, performance optimized\n */\nexport const productionPreset: Partial<CreateAppOptions> = {\n  // Raw JSON logs for production (log aggregators like Datadog, CloudWatch, etc.)\n  logger: {\n    level: 'info',\n    // Redact sensitive data from logs to prevent credential leaks\n    redact: {\n      paths: [\n        'req.headers.authorization',\n        'req.headers.cookie',\n        'req.headers[\"set-cookie\"]',\n        '*.password',\n        '*.secret',\n        '*.token',\n        '*.accessToken',\n        '*.refreshToken',\n        '*.creditCard',\n      ],\n      censor: '[REDACTED]',\n    },\n  },\n  trustProxy: true,\n\n  // Security\n  helmet: {\n    contentSecurityPolicy: {\n      directives: {\n        defaultSrc: [\"'self'\"],\n        styleSrc: [\"'self'\", \"'unsafe-inline'\"],\n        scriptSrc: [\"'self'\"],\n        imgSrc: [\"'self'\", \"data:\", \"https:\"],\n      },\n    },\n  },\n\n  // CORS - must be explicitly configured\n  cors: {\n    origin: false, // Disabled by default in production\n    credentials: true,\n    methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],\n    allowedHeaders: ['Content-Type', 'Authorization', 'Accept'],\n  },\n\n  // Rate limiting - strict\n  rateLimit: {\n    max: 100,\n    timeWindow: '1 minute',\n  },\n\n  // Note: Compression not included (use proxy/CDN instead)\n\n  // Under pressure - health monitoring\n  underPressure: {\n    exposeStatusRoute: true,\n    maxEventLoopDelay: 1000,\n    maxHeapUsedBytes: 1024 * 1024 * 1024, // 1GB\n    maxRssBytes: 1024 * 1024 * 1024, // 1GB\n  },\n};\n\n/**\n * Development preset - relaxed security, verbose logging\n */\nexport const developmentPreset: Partial<CreateAppOptions> = {\n  logger: {\n    level: 'debug',\n    transport: {\n      target: 'pino-pretty',\n      options: {\n        colorize: true,\n        translateTime: 'SYS:HH:MM:ss',\n        ignore: 'pid,hostname',\n      },\n    },\n  },\n  trustProxy: true,\n\n  // Security - relaxed for development\n  helmet: {\n    contentSecurityPolicy: false, // Disable CSP in dev\n  },\n\n  // CORS - allow all origins in development\n  cors: {\n    origin: true, // Allow all origins\n    credentials: true,\n    methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],\n    allowedHeaders: ['Content-Type', 'Authorization', 'Accept'],\n  },\n\n  // Rate limiting - very relaxed\n  rateLimit: {\n    max: 1000,\n    timeWindow: '1 minute',\n  },\n\n  // Note: Compression not included (use proxy/CDN instead)\n\n  // Under pressure - relaxed\n  underPressure: {\n    exposeStatusRoute: true,\n    maxEventLoopDelay: 5000,\n  },\n};\n\n/**\n * Testing preset - minimal setup, fast startup\n */\nexport const testingPreset: Partial<CreateAppOptions> = {\n  logger: false, // Disable logging in tests\n  trustProxy: false,\n\n  // Security - disabled for tests\n  helmet: false,\n  cors: false,\n  rateLimit: false,\n  underPressure: false,\n\n  // Sensible plugins still enabled\n  sensible: true,\n  multipart: {\n    limits: {\n      fileSize: 1024 * 1024, // 1MB\n      files: 5,\n    },\n  },\n};\n\n/**\n * Edge/Serverless preset - minimal cold-start overhead\n *\n * Optimized for AWS Lambda, Vercel, Cloudflare Workers, and similar environments.\n * Disables all heavy plugins that add cold-start latency:\n * - Security headers (handled by API Gateway / CDN)\n * - Rate limiting (handled by API Gateway / CDN)\n * - Health monitoring (Lambda has its own health checks)\n * - File uploads (use pre-signed URLs instead)\n * - Raw body parsing (register per-route if needed)\n *\n * Arc core plugins (requestId, health, gracefulShutdown) are also disabled\n * since the serverless runtime manages request lifecycle.\n */\nexport const edgePreset: Partial<CreateAppOptions> = {\n  logger: {\n    level: 'warn', // Minimal logging to reduce I/O overhead\n  },\n  trustProxy: true, // Always behind API Gateway / CDN\n\n  // Security — handled by API Gateway / CDN layer\n  helmet: false,\n  cors: false,\n  rateLimit: false,\n\n  // Performance — not needed in serverless\n  underPressure: false,\n\n  // Utilities — minimal footprint\n  sensible: true,\n  multipart: false,  // Use pre-signed URLs for file uploads\n  rawBody: false,    // Register per-route if needed for webhooks\n\n  // Arc plugins — serverless runtime handles lifecycle\n  arcPlugins: {\n    requestId: false,      // API Gateway provides request IDs\n    health: false,         // Lambda has its own health checks\n    gracefulShutdown: false, // Runtime manages shutdown\n    emitEvents: true,      // Keep events for business logic\n  },\n};\n\n/**\n * Get preset by name\n */\nexport function getPreset(name: 'production' | 'development' | 'testing' | 'edge'): Partial<CreateAppOptions> {\n  switch (name) {\n    case 'production':\n      return productionPreset;\n    case 'development':\n      return developmentPreset;\n    case 'testing':\n      return testingPreset;\n    case 'edge':\n      return edgePreset;\n    default:\n      throw new Error(`Unknown preset: ${name}`);\n  }\n}\n","/**\n * ArcFactory - Production-ready Fastify application factory\n *\n * Enforces security best practices by making plugins opt-out instead of opt-in.\n * A developer must explicitly disable security features rather than forget to enable them.\n *\n * Note: Arc is database-agnostic. Connect your database separately and provide\n * adapters when defining resources. This allows multiple databases, custom\n * connection pooling, and full control over your data layer.\n *\n * @example\n * // 1. Connect your database(s) separately\n * import mongoose from 'mongoose';\n * await mongoose.connect(process.env.MONGO_URI);\n *\n * // 2. Create Arc app (no database config needed)\n * const app = await createApp({\n *   preset: 'production',\n *   auth: { type: 'jwt', jwt: { secret: process.env.JWT_SECRET } },\n *   cors: { origin: ['https://example.com'] },\n * });\n *\n * // 3. Register resources with your adapters\n * await app.register(productResource.toPlugin());\n *\n * @example\n * // Multiple databases example\n * const primaryDb = await mongoose.connect(process.env.PRIMARY_DB);\n * const analyticsDb = mongoose.createConnection(process.env.ANALYTICS_DB);\n *\n * const orderResource = defineResource({\n *   adapter: createMongooseAdapter({ model: OrderModel, repository: orderRepo }),\n * });\n *\n * const analyticsResource = defineResource({\n *   adapter: createMongooseAdapter({ model: AnalyticsModel, repository: analyticsRepo }),\n * });\n */\n\nimport Fastify, { type FastifyInstance, type FastifyReply, type FastifyRequest } from 'fastify';\nimport qs from 'qs';\nimport type { CreateAppOptions } from './types.js';\nimport { getPreset } from './presets.js';\nimport { PUBLIC_SCOPE } from '../scope/types.js';\n\n// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Fastify plugin types vary per package\ntype FastifyPlugin = (...args: any[]) => any;\n\n// Plugin registry: name → { package, loader, optional }\nconst PLUGIN_REGISTRY: Record<string, {\n  package: string;\n  loader: () => Promise<FastifyPlugin>;\n  optional?: boolean;\n}> = {\n  cors:           { package: '@fastify/cors',           loader: () => import('@fastify/cors').then(m => m.default) },\n  helmet:         { package: '@fastify/helmet',         loader: () => import('@fastify/helmet').then(m => m.default) },\n  rateLimit:      { package: '@fastify/rate-limit',     loader: () => import('@fastify/rate-limit').then(m => m.default) },\n  underPressure:  { package: '@fastify/under-pressure', loader: () => import('@fastify/under-pressure').then(m => m.default) },\n  sensible:       { package: '@fastify/sensible',       loader: () => import('@fastify/sensible').then(m => m.default) },\n  multipart:      { package: '@fastify/multipart',      loader: () => import('@fastify/multipart').then(m => m.default), optional: true },\n  rawBody:        { package: 'fastify-raw-body',        loader: () => import('fastify-raw-body').then(m => m.default), optional: true },\n};\n\n// Import plugins (with lazy loading for optional dependencies)\nasync function loadPlugin(name: string, logger?: { warn: (msg: string) => void }): Promise<FastifyPlugin | null> {\n  const entry = PLUGIN_REGISTRY[name];\n  if (!entry) {\n    throw new Error(`Unknown plugin: ${name}`);\n  }\n\n  try {\n    return await entry.loader();\n  } catch (error) {\n    const err = error as Error;\n    const isModuleNotFound = err.message.includes('Cannot find module') ||\n      err.message.includes('Cannot find package') ||\n      err.message.includes('MODULE_NOT_FOUND') ||\n      err.message.includes('Could not resolve');\n\n    // For optional plugins, return null instead of throwing\n    if (isModuleNotFound && entry.optional) {\n      logger?.warn(`Optional plugin '${name}' skipped (${entry.package} not installed)`);\n      return null;\n    }\n\n    // For required plugins, throw helpful error\n    if (isModuleNotFound) {\n      throw new Error(\n        `Plugin '${name}' requires package '${entry.package}' which is not installed.\\n` +\n        `Install it with: npm install ${entry.package}\\n` +\n        `Or disable this plugin by setting ${name}: false in createApp options.`\n      );\n    }\n\n    // Re-throw other errors\n    throw new Error(`Failed to load plugin '${name}': ${err.message}`);\n  }\n}\n\n/**\n * Create a production-ready Fastify application with Arc framework\n *\n * Security plugins are enabled by default (opt-out):\n * - helmet (security headers)\n * - cors (cross-origin requests)\n * - rateLimit (DDoS protection)\n * - underPressure (health monitoring)\n *\n * Note: Compression is not included due to known Fastify 5 issues.\n * Use a reverse proxy (Nginx, Caddy) or CDN for compression.\n *\n * @param options - Application configuration\n * @returns Configured Fastify instance\n */\nexport async function createApp(options: CreateAppOptions): Promise<FastifyInstance> {\n  // ============================================\n  // 0. CONFIGURE ARC LOGGER\n  // ============================================\n  if (options.debug !== undefined && options.debug !== false) {\n    const { configureArcLogger } = await import('../logger/index.js');\n    configureArcLogger({ debug: options.debug });\n  }\n\n  // ============================================\n  // 1. VALIDATE AUTH OPTIONS\n  // ============================================\n  const authConfig = options.auth;\n  const isAuthDisabled = authConfig === false;\n\n  // Validate JWT auth requires a secret (unless a custom authenticator is provided)\n  if (!isAuthDisabled && authConfig && authConfig.type === 'jwt') {\n    if (!authConfig.jwt?.secret && !authConfig.authenticate) {\n      throw new Error(\n        'createApp: JWT secret required when Arc auth is enabled.\\n' +\n        'Provide auth.jwt.secret, auth.authenticate, or set auth: false to disable.\\n' +\n        'Example: auth: { type: \\'jwt\\', jwt: { secret: process.env.JWT_SECRET } }'\n      );\n    }\n  }\n\n  // ============================================\n  // 1b. VALIDATE RUNTIME PROFILE\n  // ============================================\n  if (options.runtime === 'distributed') {\n    const MEMORY_NAMES = new Set(['memory', 'memory-cache']);\n    const missing: string[] = [];\n\n    const eventsTransport = options.stores?.events;\n    if (!eventsTransport || MEMORY_NAMES.has(eventsTransport.name)) {\n      missing.push('events transport');\n    }\n\n    const cacheStore = options.stores?.cache;\n    if (!cacheStore || MEMORY_NAMES.has(cacheStore.name)) {\n      missing.push('cache store');\n    }\n\n    const idempotencyStore = options.stores?.idempotency;\n    if (!idempotencyStore || MEMORY_NAMES.has(idempotencyStore.name)) {\n      missing.push('idempotency store');\n    }\n\n    // QueryCache store validation (only when queryCache plugin is enabled)\n    if (options.arcPlugins?.queryCache) {\n      const qcStore = options.stores?.queryCache;\n      if (!qcStore || MEMORY_NAMES.has(qcStore.name)) {\n        missing.push('queryCache store');\n      }\n    }\n\n    if (missing.length > 0) {\n      throw new Error(\n        `[Arc] runtime: 'distributed' requires Redis/durable adapters.\\n` +\n        `Missing: ${missing.join(', ')}.\\n` +\n        `Provide Redis-backed stores or use runtime: 'memory' for development.`\n      );\n    }\n  }\n\n  // ============================================\n  // 2. MERGE WITH PRESET\n  // ============================================\n  const presetConfig = options.preset ? getPreset(options.preset) : {};\n  const config = { ...presetConfig, ...options }; // User options override preset\n\n  // ============================================\n  // 3. CREATE FASTIFY INSTANCE\n  // ============================================\n  let fastify: FastifyInstance = Fastify({\n    logger: config.logger ?? true,\n    trustProxy: config.trustProxy ?? false,\n    // Use qs parser to support nested bracket notation in query strings\n    // e.g., ?populate[author][select]=name,email → { populate: { author: { select: 'name,email' } } }\n    // This is required for MongoKit's advanced populate options to work\n    // Placed under routerOptions to avoid FSTDEP022 deprecation warning in Fastify 5\n    routerOptions: {\n      querystringParser: (str: string) => qs.parse(str),\n    },\n    ajv: {\n      customOptions: {\n        coerceTypes: true,\n        useDefaults: true,\n        removeAdditional: false,\n        // Allow OpenAPI keywords (example, description, etc.) in schemas\n        // These are used by response schemas for documentation but aren't standard JSON Schema\n        keywords: ['example'],\n      },\n    },\n  });\n\n  // Apply TypeBox type provider if requested\n  // This enables TypeScript type inference from TypeBox route schemas\n  if (config.typeProvider === 'typebox') {\n    try {\n      const { TypeBoxValidatorCompiler } = await import('@fastify/type-provider-typebox');\n      fastify.setValidatorCompiler(TypeBoxValidatorCompiler);\n      fastify.log.debug('TypeBox type provider enabled');\n    } catch {\n      fastify.log.warn(\n        'typeProvider: \"typebox\" requested but @fastify/type-provider-typebox is not installed. ' +\n        'Install it with: npm install @sinclair/typebox @fastify/type-provider-typebox'\n      );\n    }\n  }\n\n  // ============================================\n  // 3b. FIX EMPTY JSON BODY ON DELETE/GET REQUESTS\n  // ============================================\n  // Some clients (browsers, fetch wrappers) send Content-Type: application/json\n  // on DELETE/GET requests with no body. Fastify's default JSON parser rejects\n  // empty bodies with FST_ERR_CTP_EMPTY_JSON_BODY. Override to treat them as undefined.\n  fastify.removeContentTypeParser('application/json');\n  fastify.addContentTypeParser(\n    'application/json',\n    { parseAs: 'string' },\n    (_req: FastifyRequest, body: string, done: (err: Error | null, body?: unknown) => void) => {\n      if (!body || body.length === 0) {\n        return done(null, undefined);\n      }\n      try {\n        done(null, JSON.parse(body));\n      } catch (err) {\n        done(err as Error);\n      }\n    }\n  );\n\n  // ============================================\n  // 4. REGISTER SECURITY PLUGINS (opt-out)\n  // ============================================\n\n  // Helmet - Security headers\n  if (config.helmet !== false) {\n    const helmet = (await loadPlugin('helmet'))!;\n    // Use type assertion to handle complex helmet options\n    await fastify.register(helmet, (config.helmet ?? {}) as Record<string, unknown>);\n    fastify.log.debug('Helmet (security headers) enabled');\n  } else {\n    fastify.log.warn('Helmet disabled - security headers not applied');\n  }\n\n  // CORS - Cross-origin requests\n  if (config.cors !== false) {\n    const cors = (await loadPlugin('cors'))!;\n    const corsOptions = config.cors ?? {};\n\n    // Require explicit origin in production\n    if (config.preset === 'production' && (!corsOptions || !('origin' in corsOptions))) {\n      throw new Error(\n        'CORS origin must be explicitly configured in production.\\n' +\n        'Set cors.origin to allowed domains or set cors: false to disable.\\n' +\n        'Example: cors: { origin: [\\'https://yourdomain.com\\'] }\\n' +\n        'Docs: https://github.com/classytic/arc#security'\n      );\n    }\n\n    await fastify.register(cors, corsOptions);\n    fastify.log.debug('CORS enabled');\n  } else {\n    fastify.log.warn('CORS disabled');\n  }\n\n  // Rate limiting - DDoS protection\n  if (config.rateLimit !== false) {\n    const rateLimit = (await loadPlugin('rateLimit'))!;\n    const rateLimitOpts = config.rateLimit ?? { max: 100, timeWindow: '1 minute' };\n    await fastify.register(rateLimit, rateLimitOpts);\n\n    // Warn if production without Redis store (in-memory = per-instance counters)\n    if (config.preset === 'production') {\n      const hasStore = typeof rateLimitOpts === 'object' && 'store' in rateLimitOpts;\n      if (!hasStore) {\n        fastify.log.warn(\n          'Rate limiting is using in-memory store. In multi-instance deployments, ' +\n          'each instance tracks limits independently. Configure a Redis store for distributed rate limiting: ' +\n          'rateLimit: { store: new RedisStore({ ... }) }'\n        );\n      }\n    }\n\n    fastify.log.debug('Rate limiting enabled');\n  } else {\n    fastify.log.warn('Rate limiting disabled');\n  }\n\n  // ============================================\n  // 5. REGISTER PERFORMANCE PLUGINS\n  // ============================================\n\n  // Note: Compression is NOT included due to known Fastify 5 stream issues.\n  // Use a reverse proxy (Nginx, Caddy) or CDN for response compression.\n  // See: https://github.com/fastify/fastify/issues/6017\n  if (config.preset === 'production') {\n    fastify.log.warn(\n      'Response compression is not enabled (Fastify 5 stream issues). ' +\n      'Use a reverse proxy (Nginx, Caddy, Cloudflare) for gzip/brotli in production.'\n    );\n  }\n\n  // Under Pressure - Health monitoring\n  if (config.underPressure !== false) {\n    const underPressure = (await loadPlugin('underPressure'))!;\n    await fastify.register(underPressure, config.underPressure ?? { exposeStatusRoute: true });\n    fastify.log.debug('Health monitoring (under-pressure) enabled');\n  } else {\n    fastify.log.debug('Health monitoring disabled');\n  }\n\n  // ============================================\n  // 6. REGISTER UTILITY PLUGINS (opt-out)\n  // ============================================\n\n  // Sensible - HTTP helpers\n  if (config.sensible !== false) {\n    const sensible = (await loadPlugin('sensible'))!;\n    await fastify.register(sensible);\n    fastify.log.debug('Sensible (HTTP helpers) enabled');\n  }\n\n  // Multipart - File uploads (optional)\n  if (config.multipart !== false) {\n    const multipart = await loadPlugin('multipart', fastify.log);\n    if (multipart) {\n      const multipartDefaults = {\n        limits: {\n          fileSize: 10 * 1024 * 1024, // 10MB\n          files: 10,\n        },\n        // CRITICAL: Throw on file size exceeded instead of silently truncating\n        throwFileSizeLimit: true,\n      };\n      await fastify.register(multipart, { ...multipartDefaults, ...config.multipart });\n      fastify.log.debug('Multipart (file uploads) enabled');\n    }\n  }\n\n  // Raw body - For webhooks (optional)\n  if (config.rawBody !== false) {\n    const rawBody = await loadPlugin('rawBody', fastify.log);\n    if (rawBody) {\n      const rawBodyDefaults = {\n        field: 'rawBody',\n        global: false,\n        encoding: 'utf8',\n        runFirst: true,\n      };\n      await fastify.register(rawBody, { ...rawBodyDefaults, ...config.rawBody });\n      fastify.log.debug('Raw body parsing enabled');\n    }\n  }\n\n  // ============================================\n  // 7. REGISTER ARC CORE & PLUGINS\n  // ============================================\n\n  // Single dynamic import for all Arc plugins\n  const {\n    arcCorePlugin,\n    requestIdPlugin,\n    healthPlugin,\n    gracefulShutdownPlugin,\n  } = await import('../plugins/index.js');\n\n  // Always register arc core first - provides fastify.arc with hooks & registry\n  // This prevents global singleton leaks between app instances (e.g., in tests)\n  await fastify.register(arcCorePlugin, {\n    emitEvents: config.arcPlugins?.emitEvents !== false,\n  });\n\n  /** Track a plugin in the Arc plugin registry */\n  const trackPlugin = (name: string, opts?: Record<string, unknown>) => {\n    fastify.arc.plugins.set(name, {\n      name,\n      options: opts,\n      registeredAt: new Date().toISOString(),\n    });\n  };\n  trackPlugin('arc-core');\n\n  // Register event plugin — provides fastify.events for pub/sub.\n  // Without this, arcCorePlugin's CRUD event hooks are no-ops (hasEvents check).\n  // Transport is sourced from stores.events (defaults to MemoryEventTransport).\n  if (config.arcPlugins?.events !== false) {\n    const { default: eventPlugin } = await import('../events/eventPlugin.js');\n    const eventOpts = typeof config.arcPlugins?.events === 'object' ? config.arcPlugins.events : {};\n    await fastify.register(eventPlugin, {\n      ...eventOpts,\n      transport: options.stores?.events, // undefined → eventPlugin defaults to MemoryEventTransport\n    });\n    trackPlugin('arc-events', eventOpts as Record<string, unknown>);\n    fastify.log.debug(`Arc events plugin enabled (transport: ${fastify.events.transportName})`);\n  }\n\n  // ============================================\n  // 8. REGISTER ARC PLUGINS (opt-in)\n  // ============================================\n\n  if (config.arcPlugins?.requestId !== false) {\n    await fastify.register(requestIdPlugin);\n    trackPlugin('arc-request-id');\n    fastify.log.debug('Arc requestId plugin enabled');\n  }\n\n  if (config.arcPlugins?.health !== false) {\n    await fastify.register(healthPlugin);\n    trackPlugin('arc-health');\n    fastify.log.debug('Arc health plugin enabled');\n  }\n\n  if (config.arcPlugins?.gracefulShutdown !== false) {\n    await fastify.register(gracefulShutdownPlugin);\n    trackPlugin('arc-graceful-shutdown');\n    fastify.log.debug('Arc gracefulShutdown plugin enabled');\n  }\n\n  // Caching plugin (opt-in)\n  if (config.arcPlugins?.caching) {\n    const { default: cachingPlugin } = await import('../plugins/caching.js');\n    const cachingOpts = config.arcPlugins.caching === true ? {} : config.arcPlugins.caching;\n    await fastify.register(cachingPlugin, cachingOpts);\n    trackPlugin('arc-caching', cachingOpts as Record<string, unknown>);\n    fastify.log.debug('Arc caching plugin enabled');\n  }\n\n  // QueryCache plugin (opt-in)\n  if (config.arcPlugins?.queryCache) {\n    const { queryCachePlugin } = await import('../cache/queryCachePlugin.js');\n    const qcOpts = config.arcPlugins.queryCache === true ? {} : config.arcPlugins.queryCache;\n    const store = options.stores?.queryCache ?? new (await import('../cache/memory.js')).MemoryCacheStore();\n    await fastify.register(queryCachePlugin, { store, ...qcOpts });\n    trackPlugin('arc-query-cache', qcOpts as Record<string, unknown>);\n    fastify.log.debug('Arc queryCache plugin enabled');\n  }\n\n  // SSE plugin (opt-in, requires events)\n  if (config.arcPlugins?.sse) {\n    if (config.arcPlugins?.events === false) {\n      fastify.log.warn('SSE plugin requires events plugin (arcPlugins.events). SSE disabled.');\n    } else {\n      const { default: ssePlugin } = await import('../plugins/sse.js');\n      const sseOpts = config.arcPlugins.sse === true ? {} : config.arcPlugins.sse;\n      await fastify.register(ssePlugin, sseOpts);\n      trackPlugin('arc-sse', sseOpts as Record<string, unknown>);\n      fastify.log.debug('Arc SSE plugin enabled');\n    }\n  }\n\n  // ============================================\n  // 9a. DECORATE request.scope (default: public)\n  // ============================================\n  // Every request starts as 'public'. Auth hooks upgrade to 'authenticated' or 'member'.\n  // Elevation plugin (if registered) may further upgrade to 'elevated'.\n  // Initial value is null — the onRequest hook below sets the real default per-request.\n  // Using null avoids Fastify 5's reference-type sharing bug (objects are shared across requests).\n  fastify.decorateRequest('scope', null!);\n  fastify.addHook('onRequest', async (request) => {\n    if (!request.scope) {\n      request.scope = PUBLIC_SCOPE;\n    }\n  });\n\n  // ============================================\n  // 9b. REGISTER AUTHENTICATION (Arc, Better Auth, or custom)\n  // ============================================\n\n  if (isAuthDisabled) {\n    fastify.log.debug('Authentication disabled');\n  } else if (authConfig) {\n    switch (authConfig.type) {\n      case 'betterAuth': {\n        // Better Auth adapter — registers auth routes + fastify.authenticate\n        const { plugin, openapi } = authConfig.betterAuth;\n        await fastify.register(plugin);\n        trackPlugin('auth-better-auth');\n        // Push OpenAPI paths if the adapter extracted them (and plugin didn't already)\n        if (openapi && !fastify.arc.externalOpenApiPaths.includes(openapi)) {\n          fastify.arc.externalOpenApiPaths.push(openapi);\n        }\n        fastify.log.debug('Better Auth authentication enabled');\n        break;\n      }\n      case 'custom': {\n        // Custom auth plugin — user has full control\n        await fastify.register(authConfig.plugin);\n        trackPlugin('auth-custom');\n        fastify.log.debug('Custom authentication plugin enabled');\n        break;\n      }\n      case 'authenticator': {\n        // Custom authenticator function — decorate directly\n        const { authenticate } = authConfig;\n        fastify.decorate('authenticate', async function (request: FastifyRequest, reply: FastifyReply) {\n          await authenticate(request, reply);\n        });\n        trackPlugin('auth-authenticator');\n        fastify.log.debug('Custom authenticator enabled');\n        break;\n      }\n      case 'jwt': {\n        // Arc's built-in JWT auth plugin\n        const { authPlugin } = await import('../auth/index.js');\n        // Pass all fields except `type` to the auth plugin (matches AuthPluginOptions shape)\n        const { type: _, ...arcAuthOpts } = authConfig;\n        await fastify.register(authPlugin, arcAuthOpts);\n        trackPlugin('auth-jwt');\n        fastify.log.debug('Arc authentication plugin enabled');\n        break;\n      }\n    }\n  }\n\n  // ============================================\n  // 9c. REGISTER ELEVATION PLUGIN (opt-in, after auth)\n  // ============================================\n  if (config.elevation) {\n    const { elevationPlugin } = await import('../scope/elevation.js');\n    await fastify.register(elevationPlugin, config.elevation);\n    trackPlugin('arc-elevation', config.elevation as Record<string, unknown>);\n    fastify.log.debug('Elevation plugin enabled');\n  }\n\n  // ============================================\n  // 9d. REGISTER ERROR HANDLER (opt-out)\n  // ============================================\n  if (config.errorHandler !== false) {\n    const { errorHandlerPlugin } = await import('../plugins/errorHandler.js');\n    const errorOpts = typeof config.errorHandler === 'object' ? config.errorHandler : {\n      includeStack: config.preset !== 'production',\n    };\n    await fastify.register(errorHandlerPlugin, errorOpts);\n    trackPlugin('arc-error-handler', errorOpts as Record<string, unknown>);\n    fastify.log.debug('Arc error handler enabled');\n  }\n\n  // ============================================\n  // 10. REGISTER CUSTOM PLUGINS\n  // ============================================\n\n  if (config.plugins) {\n    await config.plugins(fastify);\n    fastify.log.debug('Custom plugins registered');\n  }\n\n  // ============================================\n  // 10b. LIFECYCLE HOOKS\n  // ============================================\n  if (config.onReady) {\n    const onReady = config.onReady;\n    fastify.addHook('onReady', async () => {\n      await onReady(fastify);\n    });\n  }\n  if (config.onClose) {\n    const onClose = config.onClose;\n    fastify.addHook('onClose', async () => {\n      await onClose(fastify);\n    });\n  }\n\n  // ============================================\n  // 11. LOG SUMMARY\n  // ============================================\n\n  const authMode = isAuthDisabled ? 'none' : authConfig ? authConfig.type : 'none';\n  fastify.log.info(\n    { preset: config.preset ?? 'custom', runtime: config.runtime ?? 'memory', auth: authMode, helmet: config.helmet !== false, cors: config.cors !== false, rateLimit: config.rateLimit !== false },\n    'Arc application created'\n  );\n\n  return fastify;\n}\n\n/**\n * Quick factory for common scenarios\n */\nexport const ArcFactory = {\n  /**\n   * Create production app with strict security\n   */\n  async production(options: Omit<CreateAppOptions, 'preset'>): Promise<FastifyInstance> {\n    return createApp({ ...options, preset: 'production' });\n  },\n\n  /**\n   * Create development app with relaxed security\n   */\n  async development(options: Omit<CreateAppOptions, 'preset'>): Promise<FastifyInstance> {\n    return createApp({ ...options, preset: 'development' });\n  },\n\n  /**\n   * Create testing app with minimal setup\n   */\n  async testing(options: Omit<CreateAppOptions, 'preset'>): Promise<FastifyInstance> {\n    return createApp({ ...options, preset: 'testing' });\n  },\n};\n"],"mappings":";;;;;;;;;AAcA,MAAa,mBAA8C;CAEzD,QAAQ;EACN,OAAO;EAEP,QAAQ;GACN,OAAO;IACL;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACD;GACD,QAAQ;GACT;EACF;CACD,YAAY;CAGZ,QAAQ,EACN,uBAAuB,EACrB,YAAY;EACV,YAAY,CAAC,SAAS;EACtB,UAAU,CAAC,UAAU,kBAAkB;EACvC,WAAW,CAAC,SAAS;EACrB,QAAQ;GAAC;GAAU;GAAS;GAAS;EACtC,EACF,EACF;CAGD,MAAM;EACJ,QAAQ;EACR,aAAa;EACb,SAAS;GAAC;GAAO;GAAQ;GAAO;GAAU;GAAS;GAAU;EAC7D,gBAAgB;GAAC;GAAgB;GAAiB;GAAS;EAC5D;CAGD,WAAW;EACT,KAAK;EACL,YAAY;EACb;CAKD,eAAe;EACb,mBAAmB;EACnB,mBAAmB;EACnB,kBAAkB,OAAO,OAAO;EAChC,aAAa,OAAO,OAAO;EAC5B;CACF;;;;AAKD,MAAa,oBAA+C;CAC1D,QAAQ;EACN,OAAO;EACP,WAAW;GACT,QAAQ;GACR,SAAS;IACP,UAAU;IACV,eAAe;IACf,QAAQ;IACT;GACF;EACF;CACD,YAAY;CAGZ,QAAQ,EACN,uBAAuB,OACxB;CAGD,MAAM;EACJ,QAAQ;EACR,aAAa;EACb,SAAS;GAAC;GAAO;GAAQ;GAAO;GAAU;GAAS;GAAU;EAC7D,gBAAgB;GAAC;GAAgB;GAAiB;GAAS;EAC5D;CAGD,WAAW;EACT,KAAK;EACL,YAAY;EACb;CAKD,eAAe;EACb,mBAAmB;EACnB,mBAAmB;EACpB;CACF;;;;AAKD,MAAa,gBAA2C;CACtD,QAAQ;CACR,YAAY;CAGZ,QAAQ;CACR,MAAM;CACN,WAAW;CACX,eAAe;CAGf,UAAU;CACV,WAAW,EACT,QAAQ;EACN,UAAU,OAAO;EACjB,OAAO;EACR,EACF;CACF;;;;;;;;;;;;;;;AAgBD,MAAa,aAAwC;CACnD,QAAQ,EACN,OAAO,QACR;CACD,YAAY;CAGZ,QAAQ;CACR,MAAM;CACN,WAAW;CAGX,eAAe;CAGf,UAAU;CACV,WAAW;CACX,SAAS;CAGT,YAAY;EACV,WAAW;EACX,QAAQ;EACR,kBAAkB;EAClB,YAAY;EACb;CACF;;;;AAKD,SAAgB,UAAU,MAAoF;AAC5G,SAAQ,MAAR;EACE,KAAK,aACH,QAAO;EACT,KAAK,cACH,QAAO;EACT,KAAK,UACH,QAAO;EACT,KAAK,OACH,QAAO;EACT,QACE,OAAM,IAAI,MAAM,mBAAmB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACpJhD,MAAM,kBAID;CACH,MAAgB;EAAE,SAAS;EAA2B,cAAc,OAAO,iBAAiB,MAAK,MAAK,EAAE,QAAQ;EAAE;CAClH,QAAgB;EAAE,SAAS;EAA2B,cAAc,OAAO,mBAAmB,MAAK,MAAK,EAAE,QAAQ;EAAE;CACpH,WAAgB;EAAE,SAAS;EAA2B,cAAc,OAAO,uBAAuB,MAAK,MAAK,EAAE,QAAQ;EAAE;CACxH,eAAgB;EAAE,SAAS;EAA2B,cAAc,OAAO,2BAA2B,MAAK,MAAK,EAAE,QAAQ;EAAE;CAC5H,UAAgB;EAAE,SAAS;EAA2B,cAAc,OAAO,qBAAqB,MAAK,MAAK,EAAE,QAAQ;EAAE;CACtH,WAAgB;EAAE,SAAS;EAA2B,cAAc,OAAO,sBAAsB,MAAK,MAAK,EAAE,QAAQ;EAAE,UAAU;EAAM;CACvI,SAAgB;EAAE,SAAS;EAA2B,cAAc,OAAO,oBAAoB,MAAK,MAAK,EAAE,QAAQ;EAAE,UAAU;EAAM;CACtI;AAGD,eAAe,WAAW,MAAc,QAAyE;CAC/G,MAAM,QAAQ,gBAAgB;AAC9B,KAAI,CAAC,MACH,OAAM,IAAI,MAAM,mBAAmB,OAAO;AAG5C,KAAI;AACF,SAAO,MAAM,MAAM,QAAQ;UACpB,OAAO;EACd,MAAM,MAAM;EACZ,MAAM,mBAAmB,IAAI,QAAQ,SAAS,qBAAqB,IACjE,IAAI,QAAQ,SAAS,sBAAsB,IAC3C,IAAI,QAAQ,SAAS,mBAAmB,IACxC,IAAI,QAAQ,SAAS,oBAAoB;AAG3C,MAAI,oBAAoB,MAAM,UAAU;AACtC,WAAQ,KAAK,oBAAoB,KAAK,aAAa,MAAM,QAAQ,iBAAiB;AAClF,UAAO;;AAIT,MAAI,iBACF,OAAM,IAAI,MACR,WAAW,KAAK,sBAAsB,MAAM,QAAQ,0DACpB,MAAM,QAAQ,sCACT,KAAK,+BAC3C;AAIH,QAAM,IAAI,MAAM,0BAA0B,KAAK,KAAK,IAAI,UAAU;;;;;;;;;;;;;;;;;;AAmBtE,eAAsB,UAAU,SAAqD;AAInF,KAAI,QAAQ,UAAU,UAAa,QAAQ,UAAU,OAAO;EAC1D,MAAM,EAAE,uBAAuB,MAAM,OAAO;AAC5C,qBAAmB,EAAE,OAAO,QAAQ,OAAO,CAAC;;CAM9C,MAAM,aAAa,QAAQ;CAC3B,MAAM,iBAAiB,eAAe;AAGtC,KAAI,CAAC,kBAAkB,cAAc,WAAW,SAAS,OACvD;MAAI,CAAC,WAAW,KAAK,UAAU,CAAC,WAAW,aACzC,OAAM,IAAI,MACR,gNAGD;;AAOL,KAAI,QAAQ,YAAY,eAAe;EACrC,MAAM,eAAe,IAAI,IAAI,CAAC,UAAU,eAAe,CAAC;EACxD,MAAM,UAAoB,EAAE;EAE5B,MAAM,kBAAkB,QAAQ,QAAQ;AACxC,MAAI,CAAC,mBAAmB,aAAa,IAAI,gBAAgB,KAAK,CAC5D,SAAQ,KAAK,mBAAmB;EAGlC,MAAM,aAAa,QAAQ,QAAQ;AACnC,MAAI,CAAC,cAAc,aAAa,IAAI,WAAW,KAAK,CAClD,SAAQ,KAAK,cAAc;EAG7B,MAAM,mBAAmB,QAAQ,QAAQ;AACzC,MAAI,CAAC,oBAAoB,aAAa,IAAI,iBAAiB,KAAK,CAC9D,SAAQ,KAAK,oBAAoB;AAInC,MAAI,QAAQ,YAAY,YAAY;GAClC,MAAM,UAAU,QAAQ,QAAQ;AAChC,OAAI,CAAC,WAAW,aAAa,IAAI,QAAQ,KAAK,CAC5C,SAAQ,KAAK,mBAAmB;;AAIpC,MAAI,QAAQ,SAAS,EACnB,OAAM,IAAI,MACR,2EACY,QAAQ,KAAK,KAAK,CAAC,0EAEhC;;CAQL,MAAM,SAAS;EAAE,GADI,QAAQ,SAAS,UAAU,QAAQ,OAAO,GAAG,EAAE;EAClC,GAAG;EAAS;CAK9C,IAAI,UAA2B,QAAQ;EACrC,QAAQ,OAAO,UAAU;EACzB,YAAY,OAAO,cAAc;EAKjC,eAAe,EACb,oBAAoB,QAAgB,GAAG,MAAM,IAAI,EAClD;EACD,KAAK,EACH,eAAe;GACb,aAAa;GACb,aAAa;GACb,kBAAkB;GAGlB,UAAU,CAAC,UAAU;GACtB,EACF;EACF,CAAC;AAIF,KAAI,OAAO,iBAAiB,UAC1B,KAAI;EACF,MAAM,EAAE,6BAA6B,MAAM,OAAO;AAClD,UAAQ,qBAAqB,yBAAyB;AACtD,UAAQ,IAAI,MAAM,gCAAgC;SAC5C;AACN,UAAQ,IAAI,KACV,yKAED;;AAUL,SAAQ,wBAAwB,mBAAmB;AACnD,SAAQ,qBACN,oBACA,EAAE,SAAS,UAAU,GACpB,MAAsB,MAAc,SAAsD;AACzF,MAAI,CAAC,QAAQ,KAAK,WAAW,EAC3B,QAAO,KAAK,MAAM,OAAU;AAE9B,MAAI;AACF,QAAK,MAAM,KAAK,MAAM,KAAK,CAAC;WACrB,KAAK;AACZ,QAAK,IAAa;;GAGvB;AAOD,KAAI,OAAO,WAAW,OAAO;EAC3B,MAAM,SAAU,MAAM,WAAW,SAAS;AAE1C,QAAM,QAAQ,SAAS,QAAS,OAAO,UAAU,EAAE,CAA6B;AAChF,UAAQ,IAAI,MAAM,oCAAoC;OAEtD,SAAQ,IAAI,KAAK,iDAAiD;AAIpE,KAAI,OAAO,SAAS,OAAO;EACzB,MAAM,OAAQ,MAAM,WAAW,OAAO;EACtC,MAAM,cAAc,OAAO,QAAQ,EAAE;AAGrC,MAAI,OAAO,WAAW,iBAAiB,CAAC,eAAe,EAAE,YAAY,cACnE,OAAM,IAAI,MACR,sOAID;AAGH,QAAM,QAAQ,SAAS,MAAM,YAAY;AACzC,UAAQ,IAAI,MAAM,eAAe;OAEjC,SAAQ,IAAI,KAAK,gBAAgB;AAInC,KAAI,OAAO,cAAc,OAAO;EAC9B,MAAM,YAAa,MAAM,WAAW,YAAY;EAChD,MAAM,gBAAgB,OAAO,aAAa;GAAE,KAAK;GAAK,YAAY;GAAY;AAC9E,QAAM,QAAQ,SAAS,WAAW,cAAc;AAGhD,MAAI,OAAO,WAAW,cAEpB;OAAI,EADa,OAAO,kBAAkB,YAAY,WAAW,eAE/D,SAAQ,IAAI,KACV,yNAGD;;AAIL,UAAQ,IAAI,MAAM,wBAAwB;OAE1C,SAAQ,IAAI,KAAK,yBAAyB;AAU5C,KAAI,OAAO,WAAW,aACpB,SAAQ,IAAI,KACV,+IAED;AAIH,KAAI,OAAO,kBAAkB,OAAO;EAClC,MAAM,gBAAiB,MAAM,WAAW,gBAAgB;AACxD,QAAM,QAAQ,SAAS,eAAe,OAAO,iBAAiB,EAAE,mBAAmB,MAAM,CAAC;AAC1F,UAAQ,IAAI,MAAM,6CAA6C;OAE/D,SAAQ,IAAI,MAAM,6BAA6B;AAQjD,KAAI,OAAO,aAAa,OAAO;EAC7B,MAAM,WAAY,MAAM,WAAW,WAAW;AAC9C,QAAM,QAAQ,SAAS,SAAS;AAChC,UAAQ,IAAI,MAAM,kCAAkC;;AAItD,KAAI,OAAO,cAAc,OAAO;EAC9B,MAAM,YAAY,MAAM,WAAW,aAAa,QAAQ,IAAI;AAC5D,MAAI,WAAW;AASb,SAAM,QAAQ,SAAS,WAAW;IAPhC,QAAQ;KACN,UAAU,KAAK,OAAO;KACtB,OAAO;KACR;IAED,oBAAoB;IAEoC,GAAG,OAAO;IAAW,CAAC;AAChF,WAAQ,IAAI,MAAM,mCAAmC;;;AAKzD,KAAI,OAAO,YAAY,OAAO;EAC5B,MAAM,UAAU,MAAM,WAAW,WAAW,QAAQ,IAAI;AACxD,MAAI,SAAS;AAOX,SAAM,QAAQ,SAAS,SAAS;IAL9B,OAAO;IACP,QAAQ;IACR,UAAU;IACV,UAAU;IAE0C,GAAG,OAAO;IAAS,CAAC;AAC1E,WAAQ,IAAI,MAAM,2BAA2B;;;CASjD,MAAM,EACJ,eACA,iBACA,cACA,2BACE,MAAM,OAAO;AAIjB,OAAM,QAAQ,SAAS,eAAe,EACpC,YAAY,OAAO,YAAY,eAAe,OAC/C,CAAC;;CAGF,MAAM,eAAe,MAAc,SAAmC;AACpE,UAAQ,IAAI,QAAQ,IAAI,MAAM;GAC5B;GACA,SAAS;GACT,+BAAc,IAAI,MAAM,EAAC,aAAa;GACvC,CAAC;;AAEJ,aAAY,WAAW;AAKvB,KAAI,OAAO,YAAY,WAAW,OAAO;EACvC,MAAM,EAAE,SAAS,gBAAgB,MAAM,OAAO;EAC9C,MAAM,YAAY,OAAO,OAAO,YAAY,WAAW,WAAW,OAAO,WAAW,SAAS,EAAE;AAC/F,QAAM,QAAQ,SAAS,aAAa;GAClC,GAAG;GACH,WAAW,QAAQ,QAAQ;GAC5B,CAAC;AACF,cAAY,cAAc,UAAqC;AAC/D,UAAQ,IAAI,MAAM,yCAAyC,QAAQ,OAAO,cAAc,GAAG;;AAO7F,KAAI,OAAO,YAAY,cAAc,OAAO;AAC1C,QAAM,QAAQ,SAAS,gBAAgB;AACvC,cAAY,iBAAiB;AAC7B,UAAQ,IAAI,MAAM,+BAA+B;;AAGnD,KAAI,OAAO,YAAY,WAAW,OAAO;AACvC,QAAM,QAAQ,SAAS,aAAa;AACpC,cAAY,aAAa;AACzB,UAAQ,IAAI,MAAM,4BAA4B;;AAGhD,KAAI,OAAO,YAAY,qBAAqB,OAAO;AACjD,QAAM,QAAQ,SAAS,uBAAuB;AAC9C,cAAY,wBAAwB;AACpC,UAAQ,IAAI,MAAM,sCAAsC;;AAI1D,KAAI,OAAO,YAAY,SAAS;EAC9B,MAAM,EAAE,SAAS,kBAAkB,MAAM,OAAO;EAChD,MAAM,cAAc,OAAO,WAAW,YAAY,OAAO,EAAE,GAAG,OAAO,WAAW;AAChF,QAAM,QAAQ,SAAS,eAAe,YAAY;AAClD,cAAY,eAAe,YAAuC;AAClE,UAAQ,IAAI,MAAM,6BAA6B;;AAIjD,KAAI,OAAO,YAAY,YAAY;EACjC,MAAM,EAAE,qBAAqB,MAAM,OAAO;EAC1C,MAAM,SAAS,OAAO,WAAW,eAAe,OAAO,EAAE,GAAG,OAAO,WAAW;EAC9E,MAAM,QAAQ,QAAQ,QAAQ,cAAc,KAAK,OAAM,OAAO,4CAAuB,kBAAkB;AACvG,QAAM,QAAQ,SAAS,kBAAkB;GAAE;GAAO,GAAG;GAAQ,CAAC;AAC9D,cAAY,mBAAmB,OAAkC;AACjE,UAAQ,IAAI,MAAM,gCAAgC;;AAIpD,KAAI,OAAO,YAAY,IACrB,KAAI,OAAO,YAAY,WAAW,MAChC,SAAQ,IAAI,KAAK,uEAAuE;MACnF;EACL,MAAM,EAAE,SAAS,cAAc,MAAM,OAAO;EAC5C,MAAM,UAAU,OAAO,WAAW,QAAQ,OAAO,EAAE,GAAG,OAAO,WAAW;AACxE,QAAM,QAAQ,SAAS,WAAW,QAAQ;AAC1C,cAAY,WAAW,QAAmC;AAC1D,UAAQ,IAAI,MAAM,yBAAyB;;AAW/C,SAAQ,gBAAgB,SAAS,KAAM;AACvC,SAAQ,QAAQ,aAAa,OAAO,YAAY;AAC9C,MAAI,CAAC,QAAQ,MACX,SAAQ,QAAQ;GAElB;AAMF,KAAI,eACF,SAAQ,IAAI,MAAM,0BAA0B;UACnC,WACT,SAAQ,WAAW,MAAnB;EACE,KAAK,cAAc;GAEjB,MAAM,EAAE,QAAQ,YAAY,WAAW;AACvC,SAAM,QAAQ,SAAS,OAAO;AAC9B,eAAY,mBAAmB;AAE/B,OAAI,WAAW,CAAC,QAAQ,IAAI,qBAAqB,SAAS,QAAQ,CAChE,SAAQ,IAAI,qBAAqB,KAAK,QAAQ;AAEhD,WAAQ,IAAI,MAAM,qCAAqC;AACvD;;EAEF,KAAK;AAEH,SAAM,QAAQ,SAAS,WAAW,OAAO;AACzC,eAAY,cAAc;AAC1B,WAAQ,IAAI,MAAM,uCAAuC;AACzD;EAEF,KAAK,iBAAiB;GAEpB,MAAM,EAAE,iBAAiB;AACzB,WAAQ,SAAS,gBAAgB,eAAgB,SAAyB,OAAqB;AAC7F,UAAM,aAAa,SAAS,MAAM;KAClC;AACF,eAAY,qBAAqB;AACjC,WAAQ,IAAI,MAAM,+BAA+B;AACjD;;EAEF,KAAK,OAAO;GAEV,MAAM,EAAE,eAAe,MAAM,OAAO;GAEpC,MAAM,EAAE,MAAM,GAAG,GAAG,gBAAgB;AACpC,SAAM,QAAQ,SAAS,YAAY,YAAY;AAC/C,eAAY,WAAW;AACvB,WAAQ,IAAI,MAAM,oCAAoC;AACtD;;;AAQN,KAAI,OAAO,WAAW;EACpB,MAAM,EAAE,oBAAoB,MAAM,OAAO;AACzC,QAAM,QAAQ,SAAS,iBAAiB,OAAO,UAAU;AACzD,cAAY,iBAAiB,OAAO,UAAqC;AACzE,UAAQ,IAAI,MAAM,2BAA2B;;AAM/C,KAAI,OAAO,iBAAiB,OAAO;EACjC,MAAM,EAAE,uBAAuB,MAAM,OAAO;EAC5C,MAAM,YAAY,OAAO,OAAO,iBAAiB,WAAW,OAAO,eAAe,EAChF,cAAc,OAAO,WAAW,cACjC;AACD,QAAM,QAAQ,SAAS,oBAAoB,UAAU;AACrD,cAAY,qBAAqB,UAAqC;AACtE,UAAQ,IAAI,MAAM,4BAA4B;;AAOhD,KAAI,OAAO,SAAS;AAClB,QAAM,OAAO,QAAQ,QAAQ;AAC7B,UAAQ,IAAI,MAAM,4BAA4B;;AAMhD,KAAI,OAAO,SAAS;EAClB,MAAM,UAAU,OAAO;AACvB,UAAQ,QAAQ,WAAW,YAAY;AACrC,SAAM,QAAQ,QAAQ;IACtB;;AAEJ,KAAI,OAAO,SAAS;EAClB,MAAM,UAAU,OAAO;AACvB,UAAQ,QAAQ,WAAW,YAAY;AACrC,SAAM,QAAQ,QAAQ;IACtB;;CAOJ,MAAM,WAAW,iBAAiB,SAAS,aAAa,WAAW,OAAO;AAC1E,SAAQ,IAAI,KACV;EAAE,QAAQ,OAAO,UAAU;EAAU,SAAS,OAAO,WAAW;EAAU,MAAM;EAAU,QAAQ,OAAO,WAAW;EAAO,MAAM,OAAO,SAAS;EAAO,WAAW,OAAO,cAAc;EAAO,EAC/L,0BACD;AAED,QAAO;;;;;AAMT,MAAa,aAAa;CAIxB,MAAM,WAAW,SAAqE;AACpF,SAAO,UAAU;GAAE,GAAG;GAAS,QAAQ;GAAc,CAAC;;CAMxD,MAAM,YAAY,SAAqE;AACrF,SAAO,UAAU;GAAE,GAAG;GAAS,QAAQ;GAAe,CAAC;;CAMzD,MAAM,QAAQ,SAAqE;AACjF,SAAO,UAAU;GAAE,GAAG;GAAS,QAAQ;GAAW,CAAC;;CAEtD"}