@cotal-ai/core 0.3.2 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -0
- package/dist/agent-file.d.ts +36 -5
- package/dist/agent-file.d.ts.map +1 -1
- package/dist/agent-file.js +91 -11
- package/dist/agent-file.js.map +1 -1
- package/dist/channels.d.ts +13 -2
- package/dist/channels.d.ts.map +1 -1
- package/dist/channels.js +24 -1
- package/dist/channels.js.map +1 -1
- package/dist/command.d.ts +21 -0
- package/dist/command.d.ts.map +1 -1
- package/dist/connector-config.d.ts +42 -0
- package/dist/connector-config.d.ts.map +1 -0
- package/dist/connector-config.js +103 -0
- package/dist/connector-config.js.map +1 -0
- package/dist/connector.d.ts +11 -0
- package/dist/connector.d.ts.map +1 -1
- package/dist/endpoint.d.ts +331 -40
- package/dist/endpoint.d.ts.map +1 -1
- package/dist/endpoint.js +1280 -246
- package/dist/endpoint.js.map +1 -1
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +3 -0
- package/dist/index.js.map +1 -1
- package/dist/members.d.ts +93 -0
- package/dist/members.d.ts.map +1 -0
- package/dist/members.js +193 -0
- package/dist/members.js.map +1 -0
- package/dist/provision.d.ts +49 -11
- package/dist/provision.d.ts.map +1 -1
- package/dist/provision.js +92 -31
- package/dist/provision.js.map +1 -1
- package/dist/resolve.d.ts +53 -0
- package/dist/resolve.d.ts.map +1 -0
- package/dist/resolve.js +61 -0
- package/dist/resolve.js.map +1 -0
- package/dist/streams.d.ts +37 -0
- package/dist/streams.d.ts.map +1 -1
- package/dist/streams.js +91 -4
- package/dist/streams.js.map +1 -1
- package/dist/subjects.d.ts +80 -2
- package/dist/subjects.d.ts.map +1 -1
- package/dist/subjects.js +127 -3
- package/dist/subjects.js.map +1 -1
- package/dist/types.d.ts +111 -5
- package/dist/types.d.ts.map +1 -1
- package/package.json +4 -2
package/dist/streams.js
CHANGED
|
@@ -1,13 +1,27 @@
|
|
|
1
1
|
import { jetstreamManager, AckPolicy, DeliverPolicy, RetentionPolicy, DiscardPolicy, StorageType, } from "@nats-io/jetstream";
|
|
2
2
|
import { connect, credsAuthenticator, nanos } from "@nats-io/transport-node";
|
|
3
3
|
import { Kvm } from "@nats-io/kv";
|
|
4
|
-
import { spacePrefix, chatStream, chatSubject, isConcreteChannel, dmStream, dmDurable, unicastSubject, taskStream, taskDurable, anycastSubject, presenceBucket, channelBucket, } from "./subjects.js";
|
|
4
|
+
import { spacePrefix, chatStream, chatSubject, chatWildcard, isConcreteChannel, dmStream, dmDurable, unicastSubject, taskStream, taskDurable, anycastSubject, presenceBucket, channelBucket, membersBucket, inboxStream, dlvStream, dlvSubject, dlvDurable, FANOUT_DURABLE, INBOX_READER_DURABLE, } from "./subjects.js";
|
|
5
5
|
/** Default presence-bucket entry TTL (ms) — matches the endpoint's default liveness window. */
|
|
6
6
|
const PRESENCE_TTL_MS = 6_000;
|
|
7
7
|
/** Per-(sender,channel)-subject retention cap on the chat stream — the bound past which the
|
|
8
8
|
* oldest message on a subject is discarded (`DiscardPolicy.Old`). Also the horizon of focus
|
|
9
9
|
* recall: only the last {@link MAX_MSGS_PER_SUBJECT} per sender-subject are recallable. */
|
|
10
10
|
export const MAX_MSGS_PER_SUBJECT = 1000;
|
|
11
|
+
/** JetStream message-dedup window on the Plane-3 streams: a `Nats-Msg-Id`
|
|
12
|
+
* (`<msgId>:<owner>:<generation>`) repeated within this window is collapsed. Sized generous (2h) so
|
|
13
|
+
* an activation-catch-up copy and a racing fan-out copy of the same message dedup even for a slow/
|
|
14
|
+
* backlogged owner. **This window IS the cross-path exactly-once correctness horizon** — two writes
|
|
15
|
+
* of the same logical copy separated by more than it (e.g. a manager crash after a DLV publish, the
|
|
16
|
+
* dinbox ack lost, the window expiring, then a re-transfer after restart) are NOT collapsed at the
|
|
17
|
+
* stream. The connector's commit-aware id-cache (`MeshAgent.ingest`) coalesces live↔durable and
|
|
18
|
+
* redelivery duplicates within a SESSION, but it is in-memory and reset on agent restart, so it is
|
|
19
|
+
* NOT a cross-restart guarantee. A persistent per-owner delivery ledger would lift the bound; not
|
|
20
|
+
* built (the 2h horizon covers the realistic crash/redelivery lag). Keep the window ≥ worst-case lag. */
|
|
21
|
+
export const PLANE3_DEDUP_WINDOW_MS = 2 * 60 * 60 * 1000;
|
|
22
|
+
/** Bound on the trusted reader's in-flight (un-acked) entries per owner — an offline owner with a large
|
|
23
|
+
* backlog can't stall the reader's own redelivery by pinning unbounded pending. */
|
|
24
|
+
export const DINBOX_MAX_ACK_PENDING = 1000;
|
|
11
25
|
/**
|
|
12
26
|
* Create (idempotently) the three backing streams for a space — CHAT (multicast backlog +
|
|
13
27
|
* history), DM (per-instance inboxes), TASK (anycast work queue).
|
|
@@ -26,9 +40,10 @@ export async function createSpaceStreams(jsm, space) {
|
|
|
26
40
|
storage: StorageType.File,
|
|
27
41
|
max_msgs_per_subject: MAX_MSGS_PER_SUBJECT, // capped per-channel backlog (buffer + history)
|
|
28
42
|
discard: DiscardPolicy.Old,
|
|
29
|
-
//
|
|
30
|
-
//
|
|
31
|
-
//
|
|
43
|
+
// Direct Get API stays enabled on CHAT (harmless: agents hold no DIRECT.GET grant). Per-channel
|
|
44
|
+
// history reads no longer use it — they go through contained single-filter ephemeral consumers
|
|
45
|
+
// (endpoint `collectHistory`) so the read ACL bounds them. NEVER set on DM/TASK: direct-get
|
|
46
|
+
// would bypass the consumer-create deny that is DM's confidentiality boundary.
|
|
32
47
|
allow_direct: true,
|
|
33
48
|
});
|
|
34
49
|
await jsm.streams.add({
|
|
@@ -43,6 +58,29 @@ export async function createSpaceStreams(jsm, space) {
|
|
|
43
58
|
retention: RetentionPolicy.Workqueue,
|
|
44
59
|
storage: StorageType.File,
|
|
45
60
|
});
|
|
61
|
+
// Plane-3 (SPEC §8). INBOX = the mixed pre-auth store (fan-out target; agents hold no grant — see
|
|
62
|
+
// permissionsFor). DLV = the per-member post-auth handoff the agent binds + acks. Both per-owner
|
|
63
|
+
// (one subject per owner), capped per-owner backlog (DiscardPolicy.Old; an evicted entry is a
|
|
64
|
+
// delivery miss, surfaced, never a satisfied durable guarantee — SPEC §7). `duplicate_window`
|
|
65
|
+
// collapses a catch-up/fan-out double of the same Nats-Msg-Id. No Direct Get on either.
|
|
66
|
+
await jsm.streams.add({
|
|
67
|
+
name: inboxStream(space),
|
|
68
|
+
subjects: [`${p}.dinbox.>`],
|
|
69
|
+
retention: RetentionPolicy.Limits,
|
|
70
|
+
storage: StorageType.File,
|
|
71
|
+
max_msgs_per_subject: MAX_MSGS_PER_SUBJECT,
|
|
72
|
+
discard: DiscardPolicy.Old,
|
|
73
|
+
duplicate_window: nanos(PLANE3_DEDUP_WINDOW_MS),
|
|
74
|
+
});
|
|
75
|
+
await jsm.streams.add({
|
|
76
|
+
name: dlvStream(space),
|
|
77
|
+
subjects: [`${p}.dlv.>`],
|
|
78
|
+
retention: RetentionPolicy.Limits,
|
|
79
|
+
storage: StorageType.File,
|
|
80
|
+
max_msgs_per_subject: MAX_MSGS_PER_SUBJECT,
|
|
81
|
+
discard: DiscardPolicy.Old,
|
|
82
|
+
duplicate_window: nanos(PLANE3_DEDUP_WINDOW_MS),
|
|
83
|
+
});
|
|
46
84
|
}
|
|
47
85
|
/**
|
|
48
86
|
* The DM inbox durable for an instance — ONE definition, used both by the privileged
|
|
@@ -85,6 +123,51 @@ export function taskDurableConfig(space, role, opts = {}) {
|
|
|
85
123
|
ack_wait: nanos(opts.ackWaitMs ?? 60_000),
|
|
86
124
|
};
|
|
87
125
|
}
|
|
126
|
+
// ---- Plane-3 consumers (SPEC §8) ----
|
|
127
|
+
/** The single privileged trusted-reader consumer over the WHOLE INBOX (mixed pre-auth) store
|
|
128
|
+
* (`dinbox.>`, all owners) — created + bound only by the manager. Explicit ack: the reader holds an
|
|
129
|
+
* entry un-acked until it has transferred the re-authorized copy to DLV (a crash before transfer
|
|
130
|
+
* redelivers). `max_ack_pending` bounds the reader's in-flight set. The per-message owner is
|
|
131
|
+
* recovered from the subject (`parseDinboxOwner`). */
|
|
132
|
+
export function inboxReaderConfig(space, opts = {}) {
|
|
133
|
+
return {
|
|
134
|
+
durable_name: INBOX_READER_DURABLE,
|
|
135
|
+
filter_subject: `${spacePrefix(space)}.dinbox.>`,
|
|
136
|
+
ack_policy: AckPolicy.Explicit,
|
|
137
|
+
ack_wait: nanos(opts.ackWaitMs ?? 60_000),
|
|
138
|
+
deliver_policy: DeliverPolicy.All,
|
|
139
|
+
max_ack_pending: DINBOX_MAX_ACK_PENDING,
|
|
140
|
+
};
|
|
141
|
+
}
|
|
142
|
+
/** An agent's bind-only per-member DELIVER consumer (mirrors {@link dmDurableConfig}): the provisioner
|
|
143
|
+
* pre-creates it filtered to `dlv.<owner>`; the agent BINDS it (denied CREATE on DLV) and acks via
|
|
144
|
+
* native JetStream — the §8 "equivalent per-member at-least-once mechanism with the same ack
|
|
145
|
+
* semantics". `inactive_threshold` only for an open-mode self-create (none today; Plane-3 is
|
|
146
|
+
* auth-only). */
|
|
147
|
+
export function dlvDurableConfig(space, owner, opts = {}) {
|
|
148
|
+
const cfg = {
|
|
149
|
+
durable_name: dlvDurable(owner),
|
|
150
|
+
filter_subject: dlvSubject(space, owner),
|
|
151
|
+
ack_policy: AckPolicy.Explicit,
|
|
152
|
+
ack_wait: nanos(opts.ackWaitMs ?? 60_000),
|
|
153
|
+
deliver_policy: DeliverPolicy.All,
|
|
154
|
+
};
|
|
155
|
+
if (opts.inactiveThresholdMs)
|
|
156
|
+
cfg.inactive_threshold = nanos(opts.inactiveThresholdMs);
|
|
157
|
+
return cfg;
|
|
158
|
+
}
|
|
159
|
+
/** The single privileged fan-out consumer on CHAT (manager-pumped; routing, not auth).
|
|
160
|
+
* `DeliverPolicy.New` at creation (pre-existing backlog is pre-membership); a DURABLE, so on a
|
|
161
|
+
* manager restart it resumes from its ack cursor and fans out the gap, idempotent via `Nats-Msg-Id`. */
|
|
162
|
+
export function fanoutDurableConfig(space, opts = {}) {
|
|
163
|
+
return {
|
|
164
|
+
durable_name: FANOUT_DURABLE,
|
|
165
|
+
filter_subject: chatWildcard(space),
|
|
166
|
+
ack_policy: AckPolicy.Explicit,
|
|
167
|
+
ack_wait: nanos(opts.ackWaitMs ?? 60_000),
|
|
168
|
+
deliver_policy: DeliverPolicy.New,
|
|
169
|
+
};
|
|
170
|
+
}
|
|
88
171
|
/** Connect with the given (privileged) creds, create the space's streams, and disconnect.
|
|
89
172
|
* Used by `cotal up` to pre-create streams once at setup. */
|
|
90
173
|
export async function setupSpaceStreams(opts) {
|
|
@@ -100,6 +183,10 @@ export async function setupSpaceStreams(opts) {
|
|
|
100
183
|
const kvm = new Kvm(nc);
|
|
101
184
|
await kvm.create(presenceBucket(opts.space), { ttl: PRESENCE_TTL_MS });
|
|
102
185
|
await kvm.create(channelBucket(opts.space));
|
|
186
|
+
// Durable-membership registry (Plane-3): privileged-write, no TTL (durable config, like the
|
|
187
|
+
// channel registry). Pre-created so the manager (and open-mode self) can OPEN it; agents hold no
|
|
188
|
+
// grant. Idempotent.
|
|
189
|
+
await kvm.create(membersBucket(opts.space));
|
|
103
190
|
}
|
|
104
191
|
finally {
|
|
105
192
|
await nc.drain();
|
package/dist/streams.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"streams.js","sourceRoot":"","sources":["../src/streams.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,aAAa,EACb,WAAW,GAGZ,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,OAAO,EAAE,kBAAkB,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAC7E,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EACL,WAAW,EACX,UAAU,EACV,WAAW,EACX,iBAAiB,EACjB,QAAQ,EACR,SAAS,EACT,cAAc,EACd,UAAU,EACV,WAAW,EACX,cAAc,EACd,cAAc,EACd,aAAa,
|
|
1
|
+
{"version":3,"file":"streams.js","sourceRoot":"","sources":["../src/streams.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,aAAa,EACb,WAAW,GAGZ,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,OAAO,EAAE,kBAAkB,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAC7E,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,EACL,WAAW,EACX,UAAU,EACV,WAAW,EACX,YAAY,EACZ,iBAAiB,EACjB,QAAQ,EACR,SAAS,EACT,cAAc,EACd,UAAU,EACV,WAAW,EACX,cAAc,EACd,cAAc,EACd,aAAa,EACb,aAAa,EACb,WAAW,EACX,SAAS,EACT,UAAU,EACV,UAAU,EACV,cAAc,EACd,oBAAoB,GACrB,MAAM,eAAe,CAAC;AAEvB,+FAA+F;AAC/F,MAAM,eAAe,GAAG,KAAK,CAAC;AAE9B;;4FAE4F;AAC5F,MAAM,CAAC,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAEzC;;;;;;;;;0GAS0G;AAC1G,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAEzD;oFACoF;AACpF,MAAM,CAAC,MAAM,sBAAsB,GAAG,IAAI,CAAC;AAO3C;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,GAAqB,EACrB,KAAa;IAEb,MAAM,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IAC7B,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;QACpB,IAAI,EAAE,UAAU,CAAC,KAAK,CAAC;QACvB,QAAQ,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC;QACzB,SAAS,EAAE,eAAe,CAAC,MAAM;QACjC,OAAO,EAAE,WAAW,CAAC,IAAI;QACzB,oBAAoB,EAAE,oBAAoB,EAAE,gDAAgD;QAC5F,OAAO,EAAE,aAAa,CAAC,GAAG;QAC1B,gGAAgG;QAChG,+FAA+F;QAC/F,4FAA4F;QAC5F,+EAA+E;QAC/E,YAAY,EAAE,IAAI;KACnB,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;QACpB,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC;QACrB,QAAQ,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC;QACzB,SAAS,EAAE,eAAe,CAAC,MAAM;QACjC,OAAO,EAAE,WAAW,CAAC,IAAI;KAC1B,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;QACpB,IAAI,EAAE,UAAU,CAAC,KAAK,CAAC;QACvB,QAAQ,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC;QACxB,SAAS,EAAE,eAAe,CAAC,SAAS;QACpC,OAAO,EAAE,WAAW,CAAC,IAAI;KAC1B,CAAC,CAAC;IACH,kGAAkG;IAClG,iGAAiG;IACjG,8FAA8F;IAC9F,8FAA8F;IAC9F,wFAAwF;IACxF,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;QACpB,IAAI,EAAE,WAAW,CAAC,KAAK,CAAC;QACxB,QAAQ,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC;QAC3B,SAAS,EAAE,eAAe,CAAC,MAAM;QACjC,OAAO,EAAE,WAAW,CAAC,IAAI;QACzB,oBAAoB,EAAE,oBAAoB;QAC1C,OAAO,EAAE,aAAa,CAAC,GAAG;QAC1B,gBAAgB,EAAE,KAAK,CAAC,sBAAsB,CAAC;KAChD,CAAC,CAAC;IACH,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;QACpB,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC;QACtB,QAAQ,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC;QACxB,SAAS,EAAE,eAAe,CAAC,MAAM;QACjC,OAAO,EAAE,WAAW,CAAC,IAAI;QACzB,oBAAoB,EAAE,oBAAoB;QAC1C,OAAO,EAAE,aAAa,CAAC,GAAG;QAC1B,gBAAgB,EAAE,KAAK,CAAC,sBAAsB,CAAC;KAChD,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,eAAe,CAC7B,KAAa,EACb,EAAU,EACV,OAA6D,EAAE;IAE/D,MAAM,GAAG,GAA4B;QACnC,YAAY,EAAE,SAAS,CAAC,EAAE,CAAC;QAC3B,cAAc,EAAE,cAAc,CAAC,KAAK,EAAE,EAAE,EAAE,GAAG,CAAC;QAC9C,UAAU,EAAE,SAAS,CAAC,QAAQ;QAC9B,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC;QACzC,cAAc,EAAE,aAAa,CAAC,GAAG;KAClC,CAAC;IACF,IAAI,IAAI,CAAC,mBAAmB;QAAE,GAAG,CAAC,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACvF,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAC/B,KAAa,EACb,IAAY,EACZ,OAA+B,EAAE;IAEjC,OAAO;QACL,YAAY,EAAE,WAAW,CAAC,IAAI,CAAC;QAC/B,cAAc,EAAE,cAAc,CAAC,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC;QAChD,UAAU,EAAE,SAAS,CAAC,QAAQ;QAC9B,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC;KAC1C,CAAC;AACJ,CAAC;AAED,wCAAwC;AAExC;;;;uDAIuD;AACvD,MAAM,UAAU,iBAAiB,CAC/B,KAAa,EACb,OAA+B,EAAE;IAEjC,OAAO;QACL,YAAY,EAAE,oBAAoB;QAClC,cAAc,EAAE,GAAG,WAAW,CAAC,KAAK,CAAC,WAAW;QAChD,UAAU,EAAE,SAAS,CAAC,QAAQ;QAC9B,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC;QACzC,cAAc,EAAE,aAAa,CAAC,GAAG;QACjC,eAAe,EAAE,sBAAsB;KACxC,CAAC;AACJ,CAAC;AAED;;;;kBAIkB;AAClB,MAAM,UAAU,gBAAgB,CAC9B,KAAa,EACb,KAAa,EACb,OAA6D,EAAE;IAE/D,MAAM,GAAG,GAA4B;QACnC,YAAY,EAAE,UAAU,CAAC,KAAK,CAAC;QAC/B,cAAc,EAAE,UAAU,CAAC,KAAK,EAAE,KAAK,CAAC;QACxC,UAAU,EAAE,SAAS,CAAC,QAAQ;QAC9B,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC;QACzC,cAAc,EAAE,aAAa,CAAC,GAAG;KAClC,CAAC;IACF,IAAI,IAAI,CAAC,mBAAmB;QAAE,GAAG,CAAC,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACvF,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;yGAEyG;AACzG,MAAM,UAAU,mBAAmB,CACjC,KAAa,EACb,OAA+B,EAAE;IAEjC,OAAO;QACL,YAAY,EAAE,cAAc;QAC5B,cAAc,EAAE,YAAY,CAAC,KAAK,CAAC;QACnC,UAAU,EAAE,SAAS,CAAC,QAAQ;QAC9B,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC;QACzC,cAAc,EAAE,aAAa,CAAC,GAAG;KAClC,CAAC;AACJ,CAAC;AAED;8DAC8D;AAC9D,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAKvC;IACC,MAAM,EAAE,GAAG,MAAM,OAAO,CAAC;QACvB,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,kBAAkB,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACnG,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,kBAAkB,CAAC,MAAM,gBAAgB,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QACjE,yFAAyF;QACzF,yFAAyF;QACzF,yCAAyC;QACzC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;QACxB,MAAM,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC,CAAC;QACvE,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QAC5C,4FAA4F;QAC5F,iGAAiG;QACjG,qBAAqB;QACrB,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAC9C,CAAC;YAAS,CAAC;QACT,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;IACnB,CAAC;AACH,CAAC;AAED;kDACkD;AAClD,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAKvC;IACC,MAAM,EAAE,GAAG,MAAM,OAAO,CAAC;QACvB,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,kBAAkB,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACnG,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,gBAAgB,CAAC,EAAE,CAAC,CAAC;QACvC,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QACtE,IAAI,CAAC,IAAI,CAAC,UAAU;YAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QACtC,MAAM,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAClE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IACtB,CAAC;YAAS,CAAC;QACT,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;;;;oFAKoF;AACpF,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAKlC;IACC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,IAAI,IAAI,CAAC,OAAO,0CAA0C,CAAC,CAAC;IAC9E,MAAM,EAAE,GAAG,MAAM,OAAO,CAAC;QACvB,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,kBAAkB,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACnG,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,gBAAgB,CAAC,EAAE,CAAC,CAAC;QACvC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;YACjE,MAAM,EAAE,WAAW,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC;SACnD,CAAC,CAAC;QACH,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YACnE,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACtC,CAAC;QAAC,MAAM,CAAC;YACP,yFAAyF;QAC3F,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;IAC3C,CAAC;YAAS,CAAC;QACT,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC;IACnB,CAAC;AACH,CAAC"}
|
package/dist/subjects.d.ts
CHANGED
|
@@ -26,9 +26,29 @@ export declare function isConcreteChannel(channel: string): boolean;
|
|
|
26
26
|
* matching ("is a member on `team.>` a member of `team.backend`?") — channels are dotted
|
|
27
27
|
* token strings, same rules. */
|
|
28
28
|
export declare function subjectMatches(pattern: string, subject: string): boolean;
|
|
29
|
+
/** Validate a channel name/pattern used as **policy** (an agent file's `subscribe`/`allowSubscribe`/
|
|
30
|
+
* `allowPublish` entry, a CLI flag, or a join target). Each dotted segment must be a NATS-safe
|
|
31
|
+
* token (exactly what {@link token} leaves unchanged: `[A-Za-z0-9_-]`), or `*` (one level), or `>`
|
|
32
|
+
* (final segment only). Rejects — fail-loud — anything {@link token} would silently rewrite.
|
|
33
|
+
*
|
|
34
|
+
* This closes an ACL-aliasing gap: containment is validated against the RAW policy string
|
|
35
|
+
* (`channelInAllow`), but the minted wire grant is built through `token()` (`chatSubject`). Without
|
|
36
|
+
* this, `allowSubscribe:[foo/bar]` would validate as the channel `foo/bar` yet mint a read grant for
|
|
37
|
+
* the wire subject `chat.*.foo_bar` — letting the agent read `#foo_bar`, a channel the operator
|
|
38
|
+
* never named (and two distinct policy strings could collide on one token). Returns the channel
|
|
39
|
+
* unchanged when valid so callers can use it inline. */
|
|
40
|
+
export declare function assertValidChannel(channel: string): string;
|
|
41
|
+
/** Is `channel` within a read/post ACL `allow` (a list of channel patterns)? True when some
|
|
42
|
+
* entry covers it — exact, or a wildcard subtree (`team.>` covers `team.backend`). Channels are
|
|
43
|
+
* dotted token strings, so this rides {@link subjectMatches}. The single covering rule shared by
|
|
44
|
+
* the load-time invariant (`subscribe ⊆ allowSubscribe`), the connector subset check, and the
|
|
45
|
+
* manager's mediated-join validation (`channel ∈ allowSubscribe`) so they can't drift. */
|
|
46
|
+
export declare function channelInAllow(allow: string[], channel: string): boolean;
|
|
29
47
|
/** Drop exact duplicates and any subject subsumed by a more-general one — JetStream
|
|
30
48
|
* rejects a consumer whose `filter_subjects` overlap, so `[team.>, team.backend]`
|
|
31
|
-
* must collapse to `[team.>]` before binding the chat consumer.
|
|
49
|
+
* must collapse to `[team.>]` before binding the chat consumer. A parent and its subtree
|
|
50
|
+
* (`[review, review.>]`) are disjoint in NATS (`review.>` never matches bare `review`), so
|
|
51
|
+
* both are kept — that's how a peer subscribes to a channel *and* everything under it. */
|
|
32
52
|
export declare function collapseFilterSubjects(subjects: string[]): string[];
|
|
33
53
|
/** Unicast: a specific instance's inbox, tagged with the sender. (Either position may be
|
|
34
54
|
* `*` for subscribe/allow rules: `inst.<myId>.*` to receive, `inst.*.<myId>` to send as me.) */
|
|
@@ -37,6 +57,21 @@ export declare function unicastSubject(space: string, target: string, sender: st
|
|
|
37
57
|
export declare function anycastSubject(space: string, service: string, sender: string): string;
|
|
38
58
|
/** Control request/reply to a service (e.g. the manager), tagged with the sender; anycast via queue group. */
|
|
39
59
|
export declare function controlServiceSubject(space: string, service: string, sender: string): string;
|
|
60
|
+
/** Control-plane service names — the three-tier split (P2a). The manager subscribes to ALL
|
|
61
|
+
* three; the cred layer grants {@link CONTROL_SELF_SERVICE} to every agent and
|
|
62
|
+
* {@link CONTROL_PRIVILEGED} only to spawn-capable agents (default-deny otherwise), while
|
|
63
|
+
* {@link CONTROL_ADMIN} is reached only by the manager's own allow-all profile (no agent ever
|
|
64
|
+
* gets it). nats-server — not a handler — is the coarse boundary. The handler then routes by
|
|
65
|
+
* op↔service (fail-closed on mismatch) and refines own-child vs admin among holders of the
|
|
66
|
+
* privileged subject. `CONTROL_PRIVILEGED` is the existing `manager` service; `CONTROL_SELF_SERVICE`
|
|
67
|
+
* carries only the no-name self stop/despawn; `CONTROL_ADMIN` carries the operator-only ops
|
|
68
|
+
* (purge, cross-agent stop/despawn/attach/definePersona). */
|
|
69
|
+
export declare const CONTROL_PRIVILEGED: "manager";
|
|
70
|
+
export declare const CONTROL_SELF_SERVICE: "self";
|
|
71
|
+
export declare const CONTROL_ADMIN: "admin";
|
|
72
|
+
/** The three control-plane tiers the manager serves — values tie to the `CONTROL_*` service
|
|
73
|
+
* names so handler routing can't drift from the subject names. */
|
|
74
|
+
export type ControlTier = typeof CONTROL_PRIVILEGED | typeof CONTROL_SELF_SERVICE | typeof CONTROL_ADMIN;
|
|
40
75
|
export declare function traceSubject(space: string, agentId: string): string;
|
|
41
76
|
export declare function controlSubject(space: string, agentId: string): string;
|
|
42
77
|
/** Wildcard matching every subject within a space. */
|
|
@@ -79,14 +114,57 @@ export declare function channelBucket(space: string): string;
|
|
|
79
114
|
* character (`/^[-/=.\w]+$/`) but one `token()` can never produce (it maps every char
|
|
80
115
|
* outside `[A-Za-z0-9_-]` to `_`), so this key can never collide with a real channel. */
|
|
81
116
|
export declare const CHANNEL_DEFAULTS_KEY = "=defaults";
|
|
117
|
+
/** Name of the KV bucket holding the durable-membership registry (Plane-3) for a space — a
|
|
118
|
+
* privileged-write sibling of the channels/presence buckets. One record per (concrete channel,
|
|
119
|
+
* owner) under {@link memberKey}; the source of truth for `channelMembers()` and the fan-out's
|
|
120
|
+
* member list, moved off JetStream consumer topology (which core-sub joins don't create). */
|
|
121
|
+
export declare function membersBucket(space: string): string;
|
|
122
|
+
/** KV key for one membership record: `<channel>/<owner>`. The channel is concrete (no `*`/`>`,
|
|
123
|
+
* validated at the write path) so it is dotted-but-`/`-free, and an owner id is an nkey
|
|
124
|
+
* (`[A-Z0-9]`, also `/`-free), so the single `/` separates them unambiguously — both halves
|
|
125
|
+
* recover via {@link parseMemberKey}. `/`, `.`, and `[A-Za-z0-9_-]` are all legal KV-key chars
|
|
126
|
+
* (`/^[-/=.\w]+$/`), so no encoding is needed. */
|
|
127
|
+
export declare function memberKey(channel: string, owner: string): string;
|
|
128
|
+
/** Inverse of {@link memberKey}: split a member key back into `{ channel, owner }`, or `null` if
|
|
129
|
+
* it isn't one (no `/`). Splits on the single separator — channels and owner ids are both `/`-free. */
|
|
130
|
+
export declare function parseMemberKey(key: string): {
|
|
131
|
+
channel: string;
|
|
132
|
+
owner: string;
|
|
133
|
+
} | null;
|
|
82
134
|
/** Stream capturing `chat.>` — multicast backlog + history. */
|
|
83
135
|
export declare function chatStream(space: string): string;
|
|
84
136
|
/** Stream capturing `inst.>` — per-instance direct-message inboxes. */
|
|
85
137
|
export declare function dmStream(space: string): string;
|
|
86
138
|
/** Stream capturing `svc.>` — anycast work queue. */
|
|
87
139
|
export declare function taskStream(space: string): string;
|
|
88
|
-
/**
|
|
140
|
+
/** Stream capturing `dinbox.>` — the per-owner mixed durable inbox (fan-out target; agent unreadable). */
|
|
141
|
+
export declare function inboxStream(space: string): string;
|
|
142
|
+
/** Stream capturing `dlv.>` — the per-member post-auth delivery store (agent binds + acks). */
|
|
143
|
+
export declare function dlvStream(space: string): string;
|
|
144
|
+
/** Subject of an owner's mixed durable inbox: `cotal.<space>.dinbox.<owner>` (one per owner). */
|
|
145
|
+
export declare function dinboxSubject(space: string, owner: string): string;
|
|
146
|
+
/** Subject of an owner's post-auth delivery: `cotal.<space>.dlv.<owner>` (one per owner). */
|
|
147
|
+
export declare function dlvSubject(space: string, owner: string): string;
|
|
148
|
+
/** Parse the owner id out of an owner's mixed-inbox subject `cotal.<space>.dinbox.<owner>`, or null.
|
|
149
|
+
* The trusted reader is a SINGLE consumer over `dinbox.>` (all owners), so it recovers the per-message
|
|
150
|
+
* owner from the subject (the routing token is `routeToken(owner)` — an nkey, a `token()` no-op). */
|
|
151
|
+
export declare function parseDinboxOwner(subject: string): string | null;
|
|
152
|
+
/** An agent's bind-only per-owner consumer on {@link dlvStream} (filter `dlv.<owner>`). */
|
|
153
|
+
export declare function dlvDurable(owner: string): string;
|
|
154
|
+
/** The single privileged fan-out consumer on the CHAT stream (manager-pumped; routing, not auth). */
|
|
155
|
+
export declare const FANOUT_DURABLE: "fanout";
|
|
156
|
+
/** The single privileged trusted-reader consumer on {@link inboxStream} (filter `dinbox.>`,
|
|
157
|
+
* manager-pumped). It re-authorizes each entry and transfers the authorized copy to `dlv.<owner>`. */
|
|
158
|
+
export declare const INBOX_READER_DURABLE: "reader";
|
|
159
|
+
/** Name of the REMOVED per-instance chat live-tail durable. Retained only as the canonical name the
|
|
160
|
+
* read-ACL conformance test asserts an agent can NOT create — it has no live callers, the live read is
|
|
161
|
+
* now a native core subscription. */
|
|
89
162
|
export declare function chatDurable(instance: string): string;
|
|
163
|
+
/** Consumer name for an instance's short-lived chat **history** reads (join-backfill, focus-recall,
|
|
164
|
+
* drop-marker). A single per-instance name, scoped to the agent's own id so its create/info/fetch/
|
|
165
|
+
* delete grants name-scope to that id — a peer can never bind it — while the per-read single
|
|
166
|
+
* `filter_subject` is what the create-time ACL pins to `allowSubscribe`. */
|
|
167
|
+
export declare function chatHistDurable(instance: string): string;
|
|
90
168
|
/** Durable consumer name for an instance's private DM inbox. */
|
|
91
169
|
export declare function dmDurable(instance: string): string;
|
|
92
170
|
/** Durable consumer name (shared across instances of a role) for the task queue. */
|
package/dist/subjects.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"subjects.d.ts","sourceRoot":"","sources":["../src/subjects.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,gEAAgE;AAChE,wBAAgB,KAAK,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAGvC;AAED,eAAO,MAAM,IAAI,UAAU,CAAC;AAE5B,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEjD;AAED;;gFAEgF;AAChF,wBAAgB,iBAAiB,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,GAAG,SAAS,CAI3E;AAgCD,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAElF;AAED;iFACiF;AACjF,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAE1D;AAED;;iCAEiC;AACjC,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAUxE;AAED
|
|
1
|
+
{"version":3,"file":"subjects.d.ts","sourceRoot":"","sources":["../src/subjects.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,gEAAgE;AAChE,wBAAgB,KAAK,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAGvC;AAED,eAAO,MAAM,IAAI,UAAU,CAAC;AAE5B,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEjD;AAED;;gFAEgF;AAChF,wBAAgB,iBAAiB,CAAC,QAAQ,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,GAAG,SAAS,CAI3E;AAgCD,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAElF;AAED;iFACiF;AACjF,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAE1D;AAED;;iCAEiC;AACjC,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAUxE;AAED;;;;;;;;;;yDAUyD;AACzD,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAiB1D;AAED;;;;2FAI2F;AAC3F,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAExE;AAED;;;;2FAI2F;AAC3F,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAGnE;AAED;iGACiG;AACjG,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAEpF;AAED,kHAAkH;AAClH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAErF;AAED,8GAA8G;AAC9G,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAE5F;AAED;;;;;;;;8DAQ8D;AAC9D,eAAO,MAAM,kBAAkB,EAAG,SAAkB,CAAC;AACrD,eAAO,MAAM,oBAAoB,EAAG,MAAe,CAAC;AACpD,eAAO,MAAM,aAAa,EAAG,OAAgB,CAAC;AAC9C;mEACmE;AACnE,MAAM,MAAM,WAAW,GAAG,OAAO,kBAAkB,GAAG,OAAO,oBAAoB,GAAG,OAAO,aAAa,CAAC;AAEzG,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAEnE;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAErE;AAED,sDAAsD;AACtD,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEnD;AAED;0DAC0D;AAC1D,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAElD;AAED,yFAAyF;AACzF,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,SAAS,GAAG,SAAS,CAAC;AAE1D;qFACqF;AACrF,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,KAAK,GAAG,KAAK,CAAC;IACtC,MAAM,EAAE,MAAM,CAAC;IACf,wFAAwF;IACxF,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;;;;;;;;GASG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI,CAalE;AAED;;;GAGG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,YAAY,GAAG,IAAI,CAI/D;AAED,0DAA0D;AAC1D,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEpD;AAED;wFACwF;AACxF,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEnD;AAED;;0FAE0F;AAC1F,eAAO,MAAM,oBAAoB,cAAc,CAAC;AAEhD;;;8FAG8F;AAC9F,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEnD;AAED;;;;mDAImD;AACnD,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAEhE;AAED;wGACwG;AACxG,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAIrF;AAID,+DAA+D;AAC/D,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEhD;AAED,uEAAuE;AACvE,wBAAgB,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED,qDAAqD;AACrD,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEhD;AAWD,0GAA0G;AAC1G,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEjD;AAED,+FAA+F;AAC/F,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAE/C;AAED,iGAAiG;AACjG,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAElE;AAED,6FAA6F;AAC7F,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAE/D;AAED;;sGAEsG;AACtG,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAI/D;AAED,2FAA2F;AAC3F,wBAAgB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEhD;AAED,qGAAqG;AACrG,eAAO,MAAM,cAAc,EAAG,QAAiB,CAAC;AAEhD;uGACuG;AACvG,eAAO,MAAM,oBAAoB,EAAG,QAAiB,CAAC;AAEtD;;sCAEsC;AACtC,wBAAgB,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEpD;AAED;;;6EAG6E;AAC7E,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAExD;AAED,gEAAgE;AAChE,wBAAgB,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAElD;AAED,oFAAoF;AACpF,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEnD"}
|
package/dist/subjects.js
CHANGED
|
@@ -74,7 +74,7 @@ export function subjectMatches(pattern, subject) {
|
|
|
74
74
|
const s = subject.split(".");
|
|
75
75
|
for (let i = 0; i < p.length; i++) {
|
|
76
76
|
if (p[i] === ">")
|
|
77
|
-
return
|
|
77
|
+
return i < s.length; // '>' matches one-or-more remaining tokens — NATS semantics: 'a.>' does NOT match bare 'a'
|
|
78
78
|
if (i >= s.length)
|
|
79
79
|
return false;
|
|
80
80
|
if (p[i] === "*")
|
|
@@ -84,9 +84,48 @@ export function subjectMatches(pattern, subject) {
|
|
|
84
84
|
}
|
|
85
85
|
return p.length === s.length;
|
|
86
86
|
}
|
|
87
|
+
/** Validate a channel name/pattern used as **policy** (an agent file's `subscribe`/`allowSubscribe`/
|
|
88
|
+
* `allowPublish` entry, a CLI flag, or a join target). Each dotted segment must be a NATS-safe
|
|
89
|
+
* token (exactly what {@link token} leaves unchanged: `[A-Za-z0-9_-]`), or `*` (one level), or `>`
|
|
90
|
+
* (final segment only). Rejects — fail-loud — anything {@link token} would silently rewrite.
|
|
91
|
+
*
|
|
92
|
+
* This closes an ACL-aliasing gap: containment is validated against the RAW policy string
|
|
93
|
+
* (`channelInAllow`), but the minted wire grant is built through `token()` (`chatSubject`). Without
|
|
94
|
+
* this, `allowSubscribe:[foo/bar]` would validate as the channel `foo/bar` yet mint a read grant for
|
|
95
|
+
* the wire subject `chat.*.foo_bar` — letting the agent read `#foo_bar`, a channel the operator
|
|
96
|
+
* never named (and two distinct policy strings could collide on one token). Returns the channel
|
|
97
|
+
* unchanged when valid so callers can use it inline. */
|
|
98
|
+
export function assertValidChannel(channel) {
|
|
99
|
+
const segs = channel.split(".");
|
|
100
|
+
if (!channel.length || segs.some((s) => s.length === 0))
|
|
101
|
+
throw new Error(`invalid channel "${channel}": empty segment (no leading/trailing/double dots)`);
|
|
102
|
+
segs.forEach((s, i) => {
|
|
103
|
+
if (s === ">") {
|
|
104
|
+
if (i !== segs.length - 1)
|
|
105
|
+
throw new Error(`invalid channel "${channel}": '>' is only valid as the last segment`);
|
|
106
|
+
return;
|
|
107
|
+
}
|
|
108
|
+
if (s === "*")
|
|
109
|
+
return;
|
|
110
|
+
if (!/^[A-Za-z0-9_-]+$/.test(s))
|
|
111
|
+
throw new Error(`invalid channel "${channel}": segment "${s}" must be a NATS-safe token ([A-Za-z0-9_-]), '*', or '>' — ` +
|
|
112
|
+
`policy channel names can't contain characters the wire layer would rewrite`);
|
|
113
|
+
});
|
|
114
|
+
return channel;
|
|
115
|
+
}
|
|
116
|
+
/** Is `channel` within a read/post ACL `allow` (a list of channel patterns)? True when some
|
|
117
|
+
* entry covers it — exact, or a wildcard subtree (`team.>` covers `team.backend`). Channels are
|
|
118
|
+
* dotted token strings, so this rides {@link subjectMatches}. The single covering rule shared by
|
|
119
|
+
* the load-time invariant (`subscribe ⊆ allowSubscribe`), the connector subset check, and the
|
|
120
|
+
* manager's mediated-join validation (`channel ∈ allowSubscribe`) so they can't drift. */
|
|
121
|
+
export function channelInAllow(allow, channel) {
|
|
122
|
+
return allow.some((a) => subjectMatches(a, channel));
|
|
123
|
+
}
|
|
87
124
|
/** Drop exact duplicates and any subject subsumed by a more-general one — JetStream
|
|
88
125
|
* rejects a consumer whose `filter_subjects` overlap, so `[team.>, team.backend]`
|
|
89
|
-
* must collapse to `[team.>]` before binding the chat consumer.
|
|
126
|
+
* must collapse to `[team.>]` before binding the chat consumer. A parent and its subtree
|
|
127
|
+
* (`[review, review.>]`) are disjoint in NATS (`review.>` never matches bare `review`), so
|
|
128
|
+
* both are kept — that's how a peer subscribes to a channel *and* everything under it. */
|
|
90
129
|
export function collapseFilterSubjects(subjects) {
|
|
91
130
|
const uniq = [...new Set(subjects)];
|
|
92
131
|
return uniq.filter((x) => !uniq.some((y) => y !== x && subjectMatches(y, x)));
|
|
@@ -104,6 +143,18 @@ export function anycastSubject(space, service, sender) {
|
|
|
104
143
|
export function controlServiceSubject(space, service, sender) {
|
|
105
144
|
return `${spacePrefix(space)}.ctl.${routeToken(service)}.${routeToken(sender)}`;
|
|
106
145
|
}
|
|
146
|
+
/** Control-plane service names — the three-tier split (P2a). The manager subscribes to ALL
|
|
147
|
+
* three; the cred layer grants {@link CONTROL_SELF_SERVICE} to every agent and
|
|
148
|
+
* {@link CONTROL_PRIVILEGED} only to spawn-capable agents (default-deny otherwise), while
|
|
149
|
+
* {@link CONTROL_ADMIN} is reached only by the manager's own allow-all profile (no agent ever
|
|
150
|
+
* gets it). nats-server — not a handler — is the coarse boundary. The handler then routes by
|
|
151
|
+
* op↔service (fail-closed on mismatch) and refines own-child vs admin among holders of the
|
|
152
|
+
* privileged subject. `CONTROL_PRIVILEGED` is the existing `manager` service; `CONTROL_SELF_SERVICE`
|
|
153
|
+
* carries only the no-name self stop/despawn; `CONTROL_ADMIN` carries the operator-only ops
|
|
154
|
+
* (purge, cross-agent stop/despawn/attach/definePersona). */
|
|
155
|
+
export const CONTROL_PRIVILEGED = "manager";
|
|
156
|
+
export const CONTROL_SELF_SERVICE = "self";
|
|
157
|
+
export const CONTROL_ADMIN = "admin";
|
|
107
158
|
export function traceSubject(space, agentId) {
|
|
108
159
|
return `${spacePrefix(space)}.trace.${token(agentId)}`;
|
|
109
160
|
}
|
|
@@ -169,6 +220,29 @@ export function channelBucket(space) {
|
|
|
169
220
|
* character (`/^[-/=.\w]+$/`) but one `token()` can never produce (it maps every char
|
|
170
221
|
* outside `[A-Za-z0-9_-]` to `_`), so this key can never collide with a real channel. */
|
|
171
222
|
export const CHANNEL_DEFAULTS_KEY = "=defaults";
|
|
223
|
+
/** Name of the KV bucket holding the durable-membership registry (Plane-3) for a space — a
|
|
224
|
+
* privileged-write sibling of the channels/presence buckets. One record per (concrete channel,
|
|
225
|
+
* owner) under {@link memberKey}; the source of truth for `channelMembers()` and the fan-out's
|
|
226
|
+
* member list, moved off JetStream consumer topology (which core-sub joins don't create). */
|
|
227
|
+
export function membersBucket(space) {
|
|
228
|
+
return `cotal_members_${token(space)}`;
|
|
229
|
+
}
|
|
230
|
+
/** KV key for one membership record: `<channel>/<owner>`. The channel is concrete (no `*`/`>`,
|
|
231
|
+
* validated at the write path) so it is dotted-but-`/`-free, and an owner id is an nkey
|
|
232
|
+
* (`[A-Z0-9]`, also `/`-free), so the single `/` separates them unambiguously — both halves
|
|
233
|
+
* recover via {@link parseMemberKey}. `/`, `.`, and `[A-Za-z0-9_-]` are all legal KV-key chars
|
|
234
|
+
* (`/^[-/=.\w]+$/`), so no encoding is needed. */
|
|
235
|
+
export function memberKey(channel, owner) {
|
|
236
|
+
return `${channel}/${owner}`;
|
|
237
|
+
}
|
|
238
|
+
/** Inverse of {@link memberKey}: split a member key back into `{ channel, owner }`, or `null` if
|
|
239
|
+
* it isn't one (no `/`). Splits on the single separator — channels and owner ids are both `/`-free. */
|
|
240
|
+
export function parseMemberKey(key) {
|
|
241
|
+
const i = key.indexOf("/");
|
|
242
|
+
if (i <= 0 || i >= key.length - 1)
|
|
243
|
+
return null;
|
|
244
|
+
return { channel: key.slice(0, i), owner: key.slice(i + 1) };
|
|
245
|
+
}
|
|
172
246
|
// ---- JetStream streams (the durable backing for the three delivery modes) ----
|
|
173
247
|
/** Stream capturing `chat.>` — multicast backlog + history. */
|
|
174
248
|
export function chatStream(space) {
|
|
@@ -182,10 +256,60 @@ export function dmStream(space) {
|
|
|
182
256
|
export function taskStream(space) {
|
|
183
257
|
return `TASK_${token(space)}`;
|
|
184
258
|
}
|
|
185
|
-
|
|
259
|
+
// ---- Plane-3 (durable backstop, SPEC §8) — two per-space streams ----
|
|
260
|
+
//
|
|
261
|
+
// `dinbox.<owner>` is the MIXED pre-auth store (fan-out target): the agent holds NO grant on
|
|
262
|
+
// {@link inboxStream} and the trusted reader (manager) is its only consumer. `dlv.<owner>` is the
|
|
263
|
+
// per-member POST-auth handoff: the reader transfers each re-authorized copy here and the agent binds
|
|
264
|
+
// {@link dlvDurable} bind-only and acks it via native JetStream (§8 "an equivalent per-member
|
|
265
|
+
// at-least-once mechanism with the same ack semantics"). `dlv` carries channel messages only, so the
|
|
266
|
+
// receiver derives `kind=channel` from the delivery path — no payload/header kind (SPEC §4).
|
|
267
|
+
/** Stream capturing `dinbox.>` — the per-owner mixed durable inbox (fan-out target; agent unreadable). */
|
|
268
|
+
export function inboxStream(space) {
|
|
269
|
+
return `INBOX_${token(space)}`;
|
|
270
|
+
}
|
|
271
|
+
/** Stream capturing `dlv.>` — the per-member post-auth delivery store (agent binds + acks). */
|
|
272
|
+
export function dlvStream(space) {
|
|
273
|
+
return `DLV_${token(space)}`;
|
|
274
|
+
}
|
|
275
|
+
/** Subject of an owner's mixed durable inbox: `cotal.<space>.dinbox.<owner>` (one per owner). */
|
|
276
|
+
export function dinboxSubject(space, owner) {
|
|
277
|
+
return `${spacePrefix(space)}.dinbox.${routeToken(owner)}`;
|
|
278
|
+
}
|
|
279
|
+
/** Subject of an owner's post-auth delivery: `cotal.<space>.dlv.<owner>` (one per owner). */
|
|
280
|
+
export function dlvSubject(space, owner) {
|
|
281
|
+
return `${spacePrefix(space)}.dlv.${routeToken(owner)}`;
|
|
282
|
+
}
|
|
283
|
+
/** Parse the owner id out of an owner's mixed-inbox subject `cotal.<space>.dinbox.<owner>`, or null.
|
|
284
|
+
* The trusted reader is a SINGLE consumer over `dinbox.>` (all owners), so it recovers the per-message
|
|
285
|
+
* owner from the subject (the routing token is `routeToken(owner)` — an nkey, a `token()` no-op). */
|
|
286
|
+
export function parseDinboxOwner(subject) {
|
|
287
|
+
const parts = subject.split(".");
|
|
288
|
+
// cotal.<space>.dinbox.<owner>
|
|
289
|
+
return parts.length === 4 && parts[0] === ROOT && parts[2] === "dinbox" ? parts[3] : null;
|
|
290
|
+
}
|
|
291
|
+
/** An agent's bind-only per-owner consumer on {@link dlvStream} (filter `dlv.<owner>`). */
|
|
292
|
+
export function dlvDurable(owner) {
|
|
293
|
+
return `dlv_${token(owner)}`;
|
|
294
|
+
}
|
|
295
|
+
/** The single privileged fan-out consumer on the CHAT stream (manager-pumped; routing, not auth). */
|
|
296
|
+
export const FANOUT_DURABLE = "fanout";
|
|
297
|
+
/** The single privileged trusted-reader consumer on {@link inboxStream} (filter `dinbox.>`,
|
|
298
|
+
* manager-pumped). It re-authorizes each entry and transfers the authorized copy to `dlv.<owner>`. */
|
|
299
|
+
export const INBOX_READER_DURABLE = "reader";
|
|
300
|
+
/** Name of the REMOVED per-instance chat live-tail durable. Retained only as the canonical name the
|
|
301
|
+
* read-ACL conformance test asserts an agent can NOT create — it has no live callers, the live read is
|
|
302
|
+
* now a native core subscription. */
|
|
186
303
|
export function chatDurable(instance) {
|
|
187
304
|
return `chat_${token(instance)}`;
|
|
188
305
|
}
|
|
306
|
+
/** Consumer name for an instance's short-lived chat **history** reads (join-backfill, focus-recall,
|
|
307
|
+
* drop-marker). A single per-instance name, scoped to the agent's own id so its create/info/fetch/
|
|
308
|
+
* delete grants name-scope to that id — a peer can never bind it — while the per-read single
|
|
309
|
+
* `filter_subject` is what the create-time ACL pins to `allowSubscribe`. */
|
|
310
|
+
export function chatHistDurable(instance) {
|
|
311
|
+
return `chathist_${token(instance)}`;
|
|
312
|
+
}
|
|
189
313
|
/** Durable consumer name for an instance's private DM inbox. */
|
|
190
314
|
export function dmDurable(instance) {
|
|
191
315
|
return `dm_${token(instance)}`;
|
package/dist/subjects.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"subjects.js","sourceRoot":"","sources":["../src/subjects.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,MAAM,OAAO,GAAG,iBAAiB,CAAC;AAElC,gEAAgE;AAChE,MAAM,UAAU,KAAK,CAAC,CAAS;IAC7B,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACzC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,OAAO,CAAC;AAE5B,MAAM,UAAU,WAAW,CAAC,KAAa;IACvC,OAAO,GAAG,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AACnC,CAAC;AAED;;gFAEgF;AAChF,MAAM,UAAU,iBAAiB,CAAC,QAAmB;IACnD,IAAI,CAAC,QAAQ,EAAE,MAAM;QAAE,OAAO,SAAS,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClG,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;AACtC,CAAC;AAED;;;;;;GAMG;AACH,SAAS,WAAW,CAAC,OAAe;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACjF,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,GAAG,CAAC;IAClC,OAAO,IAAI;SACR,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACZ,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YACd,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,GAAG,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,YAAY,OAAO,0CAA0C,CAAC,CAAC;YACjF,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACpC,CAAC,CAAC;SACD,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED;;;gGAGgG;AAChG,SAAS,UAAU,CAAC,CAAS;IAC3B,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAa,EAAE,MAAc,EAAE,OAAe;IACxE,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,SAAS,UAAU,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;AACpF,CAAC;AAED;iFACiF;AACjF,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,GAAG,CAAC,CAAC;AAC/E,CAAC;AAED;;iCAEiC;AACjC,MAAM,UAAU,cAAc,CAAC,OAAe,EAAE,OAAe;IAC7D,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,OAAO,
|
|
1
|
+
{"version":3,"file":"subjects.js","sourceRoot":"","sources":["../src/subjects.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,MAAM,OAAO,GAAG,iBAAiB,CAAC;AAElC,gEAAgE;AAChE,MAAM,UAAU,KAAK,CAAC,CAAS;IAC7B,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACzC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,OAAO,CAAC;AAE5B,MAAM,UAAU,WAAW,CAAC,KAAa;IACvC,OAAO,GAAG,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AACnC,CAAC;AAED;;gFAEgF;AAChF,MAAM,UAAU,iBAAiB,CAAC,QAAmB;IACnD,IAAI,CAAC,QAAQ,EAAE,MAAM;QAAE,OAAO,SAAS,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClG,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;AACtC,CAAC;AAED;;;;;;GAMG;AACH,SAAS,WAAW,CAAC,OAAe;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACjF,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,GAAG,CAAC;IAClC,OAAO,IAAI;SACR,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACZ,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YACd,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,GAAG,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,YAAY,OAAO,0CAA0C,CAAC,CAAC;YACjF,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACpC,CAAC,CAAC;SACD,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED;;;gGAGgG;AAChG,SAAS,UAAU,CAAC,CAAS;IAC3B,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAa,EAAE,MAAc,EAAE,OAAe;IACxE,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,SAAS,UAAU,CAAC,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;AACpF,CAAC;AAED;iFACiF;AACjF,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,GAAG,CAAC,CAAC;AAC/E,CAAC;AAED;;iCAEiC;AACjC,MAAM,UAAU,cAAc,CAAC,OAAe,EAAE,OAAe;IAC7D,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,2FAA2F;QAClI,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAChC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG;YAAE,SAAS;QAC3B,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IAClC,CAAC;IACD,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,CAAC;AAC/B,CAAC;AAED;;;;;;;;;;yDAUyD;AACzD,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,oBAAoB,OAAO,oDAAoD,CAAC,CAAC;IACnG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACpB,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YACd,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,OAAO,0CAA0C,CAAC,CAAC;YAClH,OAAO;QACT,CAAC;QACD,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO;QACtB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC;YAC7B,MAAM,IAAI,KAAK,CACb,oBAAoB,OAAO,eAAe,CAAC,6DAA6D;gBACtG,4EAA4E,CAC/E,CAAC;IACN,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;2FAI2F;AAC3F,MAAM,UAAU,cAAc,CAAC,KAAe,EAAE,OAAe;IAC7D,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;AACvD,CAAC;AAED;;;;2FAI2F;AAC3F,MAAM,UAAU,sBAAsB,CAAC,QAAkB;IACvD,MAAM,IAAI,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;IACpC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,IAAI,cAAc,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;AAChF,CAAC;AAED;iGACiG;AACjG,MAAM,UAAU,cAAc,CAAC,KAAa,EAAE,MAAc,EAAE,MAAc;IAC1E,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,SAAS,UAAU,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;AAClF,CAAC;AAED,kHAAkH;AAClH,MAAM,UAAU,cAAc,CAAC,KAAa,EAAE,OAAe,EAAE,MAAc;IAC3E,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,QAAQ,UAAU,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;AAClF,CAAC;AAED,8GAA8G;AAC9G,MAAM,UAAU,qBAAqB,CAAC,KAAa,EAAE,OAAe,EAAE,MAAc;IAClF,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,QAAQ,UAAU,CAAC,OAAO,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;AAClF,CAAC;AAED;;;;;;;;8DAQ8D;AAC9D,MAAM,CAAC,MAAM,kBAAkB,GAAG,SAAkB,CAAC;AACrD,MAAM,CAAC,MAAM,oBAAoB,GAAG,MAAe,CAAC;AACpD,MAAM,CAAC,MAAM,aAAa,GAAG,OAAgB,CAAC;AAK9C,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,OAAe;IACzD,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,KAAa,EAAE,OAAe;IAC3D,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,YAAY,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;AAC3D,CAAC;AAED,sDAAsD;AACtD,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC;AACnC,CAAC;AAED;0DAC0D;AAC1D,MAAM,UAAU,YAAY,CAAC,KAAa;IACxC,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,SAAS,CAAC;AACxC,CAAC;AAcD;;;;;;;;;GASG;AACH,MAAM,UAAU,YAAY,CAAC,OAAe;IAC1C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC,CAAC,yBAAyB;IAC7D,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACtB,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;QACpB,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC,CAAC,yCAAyC;QAC5E,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;IACpE,CAAC;IACD,IAAI,IAAI,KAAK,MAAM,IAAI,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;QACxD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC,CAAC,wCAAwC;QAC7E,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IACpD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,UAAU,CAAC,OAAe;IACxC,MAAM,CAAC,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAChC,IAAI,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IACpB,OAAO,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC;AAC1G,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,cAAc,CAAC,KAAa;IAC1C,OAAO,kBAAkB,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AAC1C,CAAC;AAED;wFACwF;AACxF,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,OAAO,kBAAkB,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AAC1C,CAAC;AAED;;0FAE0F;AAC1F,MAAM,CAAC,MAAM,oBAAoB,GAAG,WAAW,CAAC;AAEhD;;;8FAG8F;AAC9F,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,OAAO,iBAAiB,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AACzC,CAAC;AAED;;;;mDAImD;AACnD,MAAM,UAAU,SAAS,CAAC,OAAe,EAAE,KAAa;IACtD,OAAO,GAAG,OAAO,IAAI,KAAK,EAAE,CAAC;AAC/B,CAAC;AAED;wGACwG;AACxG,MAAM,UAAU,cAAc,CAAC,GAAW;IACxC,MAAM,CAAC,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC3B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC/C,OAAO,EAAE,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;AAC/D,CAAC;AAED,iFAAiF;AAEjF,+DAA+D;AAC/D,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,OAAO,QAAQ,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AAChC,CAAC;AAED,uEAAuE;AACvE,MAAM,UAAU,QAAQ,CAAC,KAAa;IACpC,OAAO,MAAM,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AAC9B,CAAC;AAED,qDAAqD;AACrD,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,OAAO,QAAQ,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AAChC,CAAC;AAED,wEAAwE;AACxE,EAAE;AACF,6FAA6F;AAC7F,kGAAkG;AAClG,sGAAsG;AACtG,8FAA8F;AAC9F,qGAAqG;AACrG,6FAA6F;AAE7F,0GAA0G;AAC1G,MAAM,UAAU,WAAW,CAAC,KAAa;IACvC,OAAO,SAAS,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AACjC,CAAC;AAED,+FAA+F;AAC/F,MAAM,UAAU,SAAS,CAAC,KAAa;IACrC,OAAO,OAAO,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AAC/B,CAAC;AAED,iGAAiG;AACjG,MAAM,UAAU,aAAa,CAAC,KAAa,EAAE,KAAa;IACxD,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,WAAW,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;AAC7D,CAAC;AAED,6FAA6F;AAC7F,MAAM,UAAU,UAAU,CAAC,KAAa,EAAE,KAAa;IACrD,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,QAAQ,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;AAC1D,CAAC;AAED;;sGAEsG;AACtG,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC9C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,+BAA+B;IAC/B,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC5F,CAAC;AAED,2FAA2F;AAC3F,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,OAAO,OAAO,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;AAC/B,CAAC;AAED,qGAAqG;AACrG,MAAM,CAAC,MAAM,cAAc,GAAG,QAAiB,CAAC;AAEhD;uGACuG;AACvG,MAAM,CAAC,MAAM,oBAAoB,GAAG,QAAiB,CAAC;AAEtD;;sCAEsC;AACtC,MAAM,UAAU,WAAW,CAAC,QAAgB;IAC1C,OAAO,QAAQ,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;AACnC,CAAC;AAED;;;6EAG6E;AAC7E,MAAM,UAAU,eAAe,CAAC,QAAgB;IAC9C,OAAO,YAAY,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;AACvC,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,SAAS,CAAC,QAAgB;IACxC,OAAO,MAAM,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;AACjC,CAAC;AAED,oFAAoF;AACpF,MAAM,UAAU,WAAW,CAAC,OAAe;IACzC,OAAO,OAAO,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;AACjC,CAAC"}
|