@de-otio/trellis 0.6.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (339) hide show
  1. package/dist/env.d.ts +21 -0
  2. package/dist/env.d.ts.map +1 -1
  3. package/dist/env.js +12 -0
  4. package/dist/env.js.map +1 -1
  5. package/dist/lambda/nightly-cron.d.ts.map +1 -1
  6. package/dist/lambda/nightly-cron.js +5 -2
  7. package/dist/lambda/nightly-cron.js.map +1 -1
  8. package/dist/lambda/post-confirmation.d.ts +30 -0
  9. package/dist/lambda/post-confirmation.d.ts.map +1 -1
  10. package/dist/lambda/post-confirmation.js +333 -29
  11. package/dist/lambda/post-confirmation.js.map +1 -1
  12. package/dist/lambda/pre-token-generation.d.ts +20 -0
  13. package/dist/lambda/pre-token-generation.d.ts.map +1 -1
  14. package/dist/lambda/pre-token-generation.js +233 -48
  15. package/dist/lambda/pre-token-generation.js.map +1 -1
  16. package/dist/lib/activitypub/activity-processor.d.ts.map +1 -1
  17. package/dist/lib/activitypub/activity-processor.js +2 -1
  18. package/dist/lib/activitypub/activity-processor.js.map +1 -1
  19. package/dist/lib/activitypub/group-service.d.ts +2 -2
  20. package/dist/lib/activitypub/group-service.d.ts.map +1 -1
  21. package/dist/lib/activitypub/group-service.js +5 -2
  22. package/dist/lib/activitypub/group-service.js.map +1 -1
  23. package/dist/lib/age-tier-transition.d.ts.map +1 -1
  24. package/dist/lib/age-tier-transition.js +19 -10
  25. package/dist/lib/age-tier-transition.js.map +1 -1
  26. package/dist/lib/audit/csv-export.d.ts +25 -0
  27. package/dist/lib/audit/csv-export.d.ts.map +1 -0
  28. package/dist/lib/audit/csv-export.js +54 -0
  29. package/dist/lib/audit/csv-export.js.map +1 -0
  30. package/dist/lib/audit/emit.d.ts +56 -0
  31. package/dist/lib/audit/emit.d.ts.map +1 -0
  32. package/dist/lib/audit/emit.js +124 -0
  33. package/dist/lib/audit/emit.js.map +1 -0
  34. package/dist/lib/audit/event-types.d.ts +36 -0
  35. package/dist/lib/audit/event-types.d.ts.map +1 -0
  36. package/dist/lib/audit/event-types.js +69 -0
  37. package/dist/lib/audit/event-types.js.map +1 -0
  38. package/dist/lib/audit/pii-filter.d.ts +22 -0
  39. package/dist/lib/audit/pii-filter.d.ts.map +1 -0
  40. package/dist/lib/audit/pii-filter.js +51 -0
  41. package/dist/lib/audit/pii-filter.js.map +1 -0
  42. package/dist/lib/audit-logger.js +1 -1
  43. package/dist/lib/audit-logger.js.map +1 -1
  44. package/dist/lib/auth/auth-context.d.ts +34 -0
  45. package/dist/lib/auth/auth-context.d.ts.map +1 -0
  46. package/dist/lib/auth/auth-context.js +10 -0
  47. package/dist/lib/auth/auth-context.js.map +1 -0
  48. package/dist/lib/auth/auth-middleware.d.ts +50 -0
  49. package/dist/lib/auth/auth-middleware.d.ts.map +1 -0
  50. package/dist/lib/auth/auth-middleware.js +153 -0
  51. package/dist/lib/auth/auth-middleware.js.map +1 -0
  52. package/dist/lib/auth/capabilities.d.ts +40 -0
  53. package/dist/lib/auth/capabilities.d.ts.map +1 -0
  54. package/dist/lib/auth/capabilities.js +44 -0
  55. package/dist/lib/auth/capabilities.js.map +1 -0
  56. package/dist/lib/auth/claims-cache.d.ts +70 -0
  57. package/dist/lib/auth/claims-cache.d.ts.map +1 -0
  58. package/dist/lib/auth/claims-cache.js +139 -0
  59. package/dist/lib/auth/claims-cache.js.map +1 -0
  60. package/dist/lib/auth/cognito-jwt.d.ts +6 -0
  61. package/dist/lib/auth/cognito-jwt.d.ts.map +1 -1
  62. package/dist/lib/auth/cognito-jwt.js.map +1 -1
  63. package/dist/lib/auth/idp-redirect-builder.d.ts +43 -0
  64. package/dist/lib/auth/idp-redirect-builder.d.ts.map +1 -0
  65. package/dist/lib/auth/idp-redirect-builder.js +48 -0
  66. package/dist/lib/auth/idp-redirect-builder.js.map +1 -0
  67. package/dist/lib/auth/require.d.ts +51 -0
  68. package/dist/lib/auth/require.d.ts.map +1 -0
  69. package/dist/lib/auth/require.js +99 -0
  70. package/dist/lib/auth/require.js.map +1 -0
  71. package/dist/lib/auth/role-grants.d.ts +18 -0
  72. package/dist/lib/auth/role-grants.d.ts.map +1 -0
  73. package/dist/lib/auth/role-grants.js +62 -0
  74. package/dist/lib/auth/role-grants.js.map +1 -0
  75. package/dist/lib/cognito/idp-sdk.d.ts +80 -0
  76. package/dist/lib/cognito/idp-sdk.d.ts.map +1 -0
  77. package/dist/lib/cognito/idp-sdk.js +186 -0
  78. package/dist/lib/cognito/idp-sdk.js.map +1 -0
  79. package/dist/lib/cognito/issuer-probe.d.ts +47 -0
  80. package/dist/lib/cognito/issuer-probe.d.ts.map +1 -0
  81. package/dist/lib/cognito/issuer-probe.js +319 -0
  82. package/dist/lib/cognito/issuer-probe.js.map +1 -0
  83. package/dist/lib/comment-handler.d.ts +7 -7
  84. package/dist/lib/comment-handler.d.ts.map +1 -1
  85. package/dist/lib/comment-handler.js +23 -20
  86. package/dist/lib/comment-handler.js.map +1 -1
  87. package/dist/lib/compliance/baseline.d.ts +15 -0
  88. package/dist/lib/compliance/baseline.d.ts.map +1 -0
  89. package/dist/lib/compliance/baseline.js +205 -0
  90. package/dist/lib/compliance/baseline.js.map +1 -0
  91. package/dist/lib/compliance/tenant-merge.d.ts +35 -0
  92. package/dist/lib/compliance/tenant-merge.d.ts.map +1 -0
  93. package/dist/lib/compliance/tenant-merge.js +80 -0
  94. package/dist/lib/compliance/tenant-merge.js.map +1 -0
  95. package/dist/lib/compliance/types.d.ts +135 -0
  96. package/dist/lib/compliance/types.d.ts.map +1 -0
  97. package/dist/lib/compliance/types.js +9 -0
  98. package/dist/lib/compliance/types.js.map +1 -0
  99. package/dist/lib/connection-code-handler.d.ts +4 -4
  100. package/dist/lib/connection-code-handler.d.ts.map +1 -1
  101. package/dist/lib/connection-code-handler.js +21 -11
  102. package/dist/lib/connection-code-handler.js.map +1 -1
  103. package/dist/lib/feed-handler.d.ts +2 -2
  104. package/dist/lib/feed-handler.d.ts.map +1 -1
  105. package/dist/lib/feed-handler.js +5 -9
  106. package/dist/lib/feed-handler.js.map +1 -1
  107. package/dist/lib/middleware/idempotency-store.d.ts +86 -0
  108. package/dist/lib/middleware/idempotency-store.d.ts.map +1 -0
  109. package/dist/lib/middleware/idempotency-store.js +109 -0
  110. package/dist/lib/middleware/idempotency-store.js.map +1 -0
  111. package/dist/lib/middleware/idempotency.d.ts +37 -0
  112. package/dist/lib/middleware/idempotency.d.ts.map +1 -0
  113. package/dist/lib/middleware/idempotency.js +358 -0
  114. package/dist/lib/middleware/idempotency.js.map +1 -0
  115. package/dist/lib/net/trusted-client-ip.d.ts +39 -0
  116. package/dist/lib/net/trusted-client-ip.d.ts.map +1 -0
  117. package/dist/lib/net/trusted-client-ip.js +100 -0
  118. package/dist/lib/net/trusted-client-ip.js.map +1 -0
  119. package/dist/lib/notification-handler.d.ts +5 -5
  120. package/dist/lib/notification-handler.d.ts.map +1 -1
  121. package/dist/lib/notification-handler.js +11 -9
  122. package/dist/lib/notification-handler.js.map +1 -1
  123. package/dist/lib/oauth/cognito-issuer.d.ts +34 -0
  124. package/dist/lib/oauth/cognito-issuer.d.ts.map +1 -0
  125. package/dist/lib/oauth/cognito-issuer.js +53 -0
  126. package/dist/lib/oauth/cognito-issuer.js.map +1 -0
  127. package/dist/lib/oauth/device-authorization.d.ts +145 -0
  128. package/dist/lib/oauth/device-authorization.d.ts.map +1 -0
  129. package/dist/lib/oauth/device-authorization.js +312 -0
  130. package/dist/lib/oauth/device-authorization.js.map +1 -0
  131. package/dist/lib/oauth/envelope-crypto.d.ts +101 -0
  132. package/dist/lib/oauth/envelope-crypto.d.ts.map +1 -0
  133. package/dist/lib/oauth/envelope-crypto.js +223 -0
  134. package/dist/lib/oauth/envelope-crypto.js.map +1 -0
  135. package/dist/lib/oauth/refresh-detection.d.ts +126 -0
  136. package/dist/lib/oauth/refresh-detection.d.ts.map +1 -0
  137. package/dist/lib/oauth/refresh-detection.js +248 -0
  138. package/dist/lib/oauth/refresh-detection.js.map +1 -0
  139. package/dist/lib/openapi/generator.d.ts +78 -0
  140. package/dist/lib/openapi/generator.d.ts.map +1 -0
  141. package/dist/lib/openapi/generator.js +201 -0
  142. package/dist/lib/openapi/generator.js.map +1 -0
  143. package/dist/lib/post-handler.d.ts +1 -1
  144. package/dist/lib/post-handler.d.ts.map +1 -1
  145. package/dist/lib/post-handler.js +4 -15
  146. package/dist/lib/post-handler.js.map +1 -1
  147. package/dist/lib/rate-limit.d.ts.map +1 -1
  148. package/dist/lib/rate-limit.js +11 -3
  149. package/dist/lib/rate-limit.js.map +1 -1
  150. package/dist/lib/routes/agent-authorize.d.ts +32 -0
  151. package/dist/lib/routes/agent-authorize.d.ts.map +1 -0
  152. package/dist/lib/routes/agent-authorize.js +479 -0
  153. package/dist/lib/routes/agent-authorize.js.map +1 -0
  154. package/dist/lib/routes/agent-sessions.d.ts +20 -0
  155. package/dist/lib/routes/agent-sessions.d.ts.map +1 -0
  156. package/dist/lib/routes/agent-sessions.js +124 -0
  157. package/dist/lib/routes/agent-sessions.js.map +1 -0
  158. package/dist/lib/routes/agent-surface.d.ts +37 -0
  159. package/dist/lib/routes/agent-surface.d.ts.map +1 -0
  160. package/dist/lib/routes/agent-surface.js +208 -0
  161. package/dist/lib/routes/agent-surface.js.map +1 -0
  162. package/dist/lib/routes/auth-discover.d.ts +18 -0
  163. package/dist/lib/routes/auth-discover.d.ts.map +1 -0
  164. package/dist/lib/routes/auth-discover.js +177 -0
  165. package/dist/lib/routes/auth-discover.js.map +1 -0
  166. package/dist/lib/routes/comments.d.ts.map +1 -1
  167. package/dist/lib/routes/comments.js +36 -7
  168. package/dist/lib/routes/comments.js.map +1 -1
  169. package/dist/lib/routes/connection-codes.d.ts.map +1 -1
  170. package/dist/lib/routes/connection-codes.js +21 -4
  171. package/dist/lib/routes/connection-codes.js.map +1 -1
  172. package/dist/lib/routes/content-discovery.d.ts.map +1 -1
  173. package/dist/lib/routes/content-discovery.js +18 -13
  174. package/dist/lib/routes/content-discovery.js.map +1 -1
  175. package/dist/lib/routes/dashboard.js +1 -1
  176. package/dist/lib/routes/dashboard.js.map +1 -1
  177. package/dist/lib/routes/employees.d.ts.map +1 -1
  178. package/dist/lib/routes/employees.js +57 -15
  179. package/dist/lib/routes/employees.js.map +1 -1
  180. package/dist/lib/routes/entities.d.ts.map +1 -1
  181. package/dist/lib/routes/entities.js +35 -19
  182. package/dist/lib/routes/entities.js.map +1 -1
  183. package/dist/lib/routes/errors.d.ts +34 -0
  184. package/dist/lib/routes/errors.d.ts.map +1 -0
  185. package/dist/lib/routes/errors.js +57 -0
  186. package/dist/lib/routes/errors.js.map +1 -0
  187. package/dist/lib/routes/feeds.d.ts.map +1 -1
  188. package/dist/lib/routes/feeds.js +12 -2
  189. package/dist/lib/routes/feeds.js.map +1 -1
  190. package/dist/lib/routes/index.d.ts.map +1 -1
  191. package/dist/lib/routes/index.js +50 -0
  192. package/dist/lib/routes/index.js.map +1 -1
  193. package/dist/lib/routes/mfa.d.ts.map +1 -1
  194. package/dist/lib/routes/mfa.js +1 -0
  195. package/dist/lib/routes/mfa.js.map +1 -1
  196. package/dist/lib/routes/notifications.d.ts.map +1 -1
  197. package/dist/lib/routes/notifications.js +21 -4
  198. package/dist/lib/routes/notifications.js.map +1 -1
  199. package/dist/lib/routes/oauth.d.ts +15 -0
  200. package/dist/lib/routes/oauth.d.ts.map +1 -0
  201. package/dist/lib/routes/oauth.js +139 -0
  202. package/dist/lib/routes/oauth.js.map +1 -0
  203. package/dist/lib/routes/posts.d.ts.map +1 -1
  204. package/dist/lib/routes/posts.js +30 -19
  205. package/dist/lib/routes/posts.js.map +1 -1
  206. package/dist/lib/routes/products.d.ts.map +1 -1
  207. package/dist/lib/routes/products.js +19 -22
  208. package/dist/lib/routes/products.js.map +1 -1
  209. package/dist/lib/routes/setup-status.d.ts +34 -0
  210. package/dist/lib/routes/setup-status.d.ts.map +1 -0
  211. package/dist/lib/routes/setup-status.js +87 -0
  212. package/dist/lib/routes/setup-status.js.map +1 -0
  213. package/dist/lib/routes/taxonomy-analytics.d.ts.map +1 -1
  214. package/dist/lib/routes/taxonomy-analytics.js +15 -14
  215. package/dist/lib/routes/taxonomy-analytics.js.map +1 -1
  216. package/dist/lib/routes/taxonomy.d.ts.map +1 -1
  217. package/dist/lib/routes/taxonomy.js +19 -16
  218. package/dist/lib/routes/taxonomy.js.map +1 -1
  219. package/dist/lib/routes/tenant-audit.d.ts +19 -0
  220. package/dist/lib/routes/tenant-audit.d.ts.map +1 -0
  221. package/dist/lib/routes/tenant-audit.js +244 -0
  222. package/dist/lib/routes/tenant-audit.js.map +1 -0
  223. package/dist/lib/routes/tenant-compliance.d.ts +21 -0
  224. package/dist/lib/routes/tenant-compliance.d.ts.map +1 -0
  225. package/dist/lib/routes/tenant-compliance.js +122 -0
  226. package/dist/lib/routes/tenant-compliance.js.map +1 -0
  227. package/dist/lib/routes/tenant-domains.d.ts +11 -0
  228. package/dist/lib/routes/tenant-domains.d.ts.map +1 -0
  229. package/dist/lib/routes/tenant-domains.js +95 -0
  230. package/dist/lib/routes/tenant-domains.js.map +1 -0
  231. package/dist/lib/routes/tenant-idp.d.ts +3 -0
  232. package/dist/lib/routes/tenant-idp.d.ts.map +1 -0
  233. package/dist/lib/routes/tenant-idp.js +89 -0
  234. package/dist/lib/routes/tenant-idp.js.map +1 -0
  235. package/dist/lib/routes/tenant-members.d.ts +13 -0
  236. package/dist/lib/routes/tenant-members.d.ts.map +1 -0
  237. package/dist/lib/routes/tenant-members.js +75 -0
  238. package/dist/lib/routes/tenant-members.js.map +1 -0
  239. package/dist/lib/routes/tenant-role-mappings.d.ts +11 -0
  240. package/dist/lib/routes/tenant-role-mappings.d.ts.map +1 -0
  241. package/dist/lib/routes/tenant-role-mappings.js +90 -0
  242. package/dist/lib/routes/tenant-role-mappings.js.map +1 -0
  243. package/dist/lib/routes/tenants.d.ts +13 -0
  244. package/dist/lib/routes/tenants.d.ts.map +1 -0
  245. package/dist/lib/routes/tenants.js +121 -0
  246. package/dist/lib/routes/tenants.js.map +1 -0
  247. package/dist/lib/routes/types.d.ts +9 -0
  248. package/dist/lib/routes/types.d.ts.map +1 -1
  249. package/dist/lib/schemas.d.ts +2 -2
  250. package/dist/lib/secrets/idp-secrets.d.ts +51 -0
  251. package/dist/lib/secrets/idp-secrets.d.ts.map +1 -0
  252. package/dist/lib/secrets/idp-secrets.js +111 -0
  253. package/dist/lib/secrets/idp-secrets.js.map +1 -0
  254. package/dist/lib/security-monitor.d.ts.map +1 -1
  255. package/dist/lib/security-monitor.js +6 -1
  256. package/dist/lib/security-monitor.js.map +1 -1
  257. package/dist/lib/session-manager.d.ts +1 -0
  258. package/dist/lib/session-manager.d.ts.map +1 -1
  259. package/dist/lib/session-manager.js.map +1 -1
  260. package/dist/lib/taxonomy-handler-factory.d.ts +4 -2
  261. package/dist/lib/taxonomy-handler-factory.d.ts.map +1 -1
  262. package/dist/lib/taxonomy-handler-factory.js +8 -7
  263. package/dist/lib/taxonomy-handler-factory.js.map +1 -1
  264. package/dist/lib/tenant/audit-emit.d.ts +18 -0
  265. package/dist/lib/tenant/audit-emit.d.ts.map +1 -0
  266. package/dist/lib/tenant/audit-emit.js +16 -0
  267. package/dist/lib/tenant/audit-emit.js.map +1 -0
  268. package/dist/lib/tenant/derive-domain.d.ts +19 -0
  269. package/dist/lib/tenant/derive-domain.d.ts.map +1 -0
  270. package/dist/lib/tenant/derive-domain.js +38 -0
  271. package/dist/lib/tenant/derive-domain.js.map +1 -0
  272. package/dist/lib/tenant/domain-handler.d.ts +42 -0
  273. package/dist/lib/tenant/domain-handler.d.ts.map +1 -0
  274. package/dist/lib/tenant/domain-handler.js +344 -0
  275. package/dist/lib/tenant/domain-handler.js.map +1 -0
  276. package/dist/lib/tenant/domain-validator.d.ts +28 -0
  277. package/dist/lib/tenant/domain-validator.d.ts.map +1 -0
  278. package/dist/lib/tenant/domain-validator.js +145 -0
  279. package/dist/lib/tenant/domain-validator.js.map +1 -0
  280. package/dist/lib/tenant/domain-verifier.d.ts +30 -0
  281. package/dist/lib/tenant/domain-verifier.d.ts.map +1 -0
  282. package/dist/lib/tenant/domain-verifier.js +53 -0
  283. package/dist/lib/tenant/domain-verifier.js.map +1 -0
  284. package/dist/lib/tenant/idp-handler.d.ts +29 -0
  285. package/dist/lib/tenant/idp-handler.d.ts.map +1 -0
  286. package/dist/lib/tenant/idp-handler.js +693 -0
  287. package/dist/lib/tenant/idp-handler.js.map +1 -0
  288. package/dist/lib/tenant/idp-name.d.ts +2 -0
  289. package/dist/lib/tenant/idp-name.d.ts.map +1 -0
  290. package/dist/lib/tenant/idp-name.js +20 -0
  291. package/dist/lib/tenant/idp-name.js.map +1 -0
  292. package/dist/lib/tenant/member-handler.d.ts +31 -0
  293. package/dist/lib/tenant/member-handler.d.ts.map +1 -0
  294. package/dist/lib/tenant/member-handler.js +343 -0
  295. package/dist/lib/tenant/member-handler.js.map +1 -0
  296. package/dist/lib/tenant/reserved-slugs.d.ts +37 -0
  297. package/dist/lib/tenant/reserved-slugs.d.ts.map +1 -0
  298. package/dist/lib/tenant/reserved-slugs.js +116 -0
  299. package/dist/lib/tenant/reserved-slugs.js.map +1 -0
  300. package/dist/lib/tenant/resolve-role.d.ts +39 -0
  301. package/dist/lib/tenant/resolve-role.d.ts.map +1 -0
  302. package/dist/lib/tenant/resolve-role.js +60 -0
  303. package/dist/lib/tenant/resolve-role.js.map +1 -0
  304. package/dist/lib/tenant/role-mapping-handler.d.ts +26 -0
  305. package/dist/lib/tenant/role-mapping-handler.d.ts.map +1 -0
  306. package/dist/lib/tenant/role-mapping-handler.js +260 -0
  307. package/dist/lib/tenant/role-mapping-handler.js.map +1 -0
  308. package/dist/lib/tenant/setup-status.d.ts +83 -0
  309. package/dist/lib/tenant/setup-status.d.ts.map +1 -0
  310. package/dist/lib/tenant/setup-status.js +201 -0
  311. package/dist/lib/tenant/setup-status.js.map +1 -0
  312. package/dist/lib/tenant/slug-validator.d.ts +31 -0
  313. package/dist/lib/tenant/slug-validator.d.ts.map +1 -0
  314. package/dist/lib/tenant/slug-validator.js +42 -0
  315. package/dist/lib/tenant/slug-validator.js.map +1 -0
  316. package/dist/lib/tenant/tenant-handler.d.ts +49 -0
  317. package/dist/lib/tenant/tenant-handler.d.ts.map +1 -0
  318. package/dist/lib/tenant/tenant-handler.js +377 -0
  319. package/dist/lib/tenant/tenant-handler.js.map +1 -0
  320. package/dist/lib/tenant/transfer-ownership.d.ts +39 -0
  321. package/dist/lib/tenant/transfer-ownership.d.ts.map +1 -0
  322. package/dist/lib/tenant/transfer-ownership.js +66 -0
  323. package/dist/lib/tenant/transfer-ownership.js.map +1 -0
  324. package/dist/lib/user/derive-handle.d.ts +29 -0
  325. package/dist/lib/user/derive-handle.d.ts.map +1 -0
  326. package/dist/lib/user/derive-handle.js +65 -0
  327. package/dist/lib/user/derive-handle.js.map +1 -0
  328. package/dist/lib/user-deprovisioning.d.ts +11 -1
  329. package/dist/lib/user-deprovisioning.d.ts.map +1 -1
  330. package/dist/lib/user-deprovisioning.js +46 -2
  331. package/dist/lib/user-deprovisioning.js.map +1 -1
  332. package/dist/lib/validation/feature-toggle-schemas.d.ts +10 -10
  333. package/package.json +6 -3
  334. package/prisma/migrations/20260502094501_add_tenancy_model/migration.sql +334 -0
  335. package/prisma/migrations/20260503000000_add_tenant_region/migration.sql +4 -0
  336. package/prisma/schema.prisma +324 -74
  337. package/src/lambda/nightly-cron.ts +4 -1
  338. package/src/lambda/post-confirmation.ts +405 -29
  339. package/src/lambda/pre-token-generation.ts +300 -59
@@ -0,0 +1 @@
1
+ {"version":3,"file":"idp-handler.js","sourceRoot":"","sources":["../../../src/lib/tenant/idp-handler.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuBA,gGAA0F;AAG1F,6DAAgF;AAChF,6CAAgE;AAChE,uDAAgE;AAChE,wCAAkD;AAClD,sDAAsD;AACtD,yCAA4C;AAC5C,gDAK4B;AAC5B,0DAA0D;AAC1D,wDAA0D;AAC1D,4EAAuE;AAEvE,MAAM,YAAY,GAAG,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC;AAE5D,SAAS,YAAY,CAAC,MAAc,EAAE,IAAa;IACjD,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,UAAU,CAAC,OAAe,EAAE,IAAI,GAAG,kBAAkB;IAC5D,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,aAAa,CAAC,OAAe,EAAE,WAAoB;IAC1D,OAAO,YAAY,CAAC,GAAG,EAAE;QACvB,KAAK,EAAE,eAAe;QACtB,OAAO;QACP,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACxC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,YAAY,CAAC,GAAG,EAAE;QACvB,KAAK,EAAE,eAAe;QACtB,OAAO,EAAE,uEAAuE;KACjF,CAAC,CAAC;AACL,CAAC;AAED,SAAS,QAAQ;IACf,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAC;AAC3F,CAAC;AAED,MAAM,YAAY,GAAG,IAAI,wBAAiB,EAAE,CAAC;AAmC7C,MAAa,UAAU;IACQ;IAA7B,YAA6B,OAA+B,EAAE;QAAjC,SAAI,GAAJ,IAAI,CAA6B;IAAG,CAAC;IAElE,8EAA8E;IACtE,MAAM,CAAC,GAAQ;QACrB,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;QACxC,OAAO,IAAI,uBAAa,CACtB,IAAI,gEAA6B,CAAC;YAChC,MAAM,EAAE,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU;SACrD,CAAC,CACH,CAAC;IACJ,CAAC;IAEO,UAAU,CAAC,GAAQ;QACzB,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC;QAChD,OAAO,IAAI,8BAAgB,CACzB,IAAI,6CAAoB,CAAC;YACvB,MAAM,EAAE,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU;SACrD,CAAC,CACH,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,yBAAyB,CAAC,QAAgB,EAAE,GAAQ;QAChE,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC;YAC7C,KAAK,EAAE,EAAE,QAAQ,EAAE;YACnB,MAAM,EAAE,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,EAAE;SACnD,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACnF,IAAI,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE,CAAC;YACtC,MAAM,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;YAC9C,OAAO;QACT,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAC9B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,IAAA,uCAAwB,GAAE,CAAC;YACzC,MAAM,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QACjF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,MAAM;gBACb,GAAG,EAAE,oCAAoC;gBACzC,QAAQ;gBACR,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC;aACnB,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,KAAK,CAAC,YAAY,CAChB,QAAgB,EAChB,OAAgB,EAChB,IAAiB,EACjB,GAAQ;QAER,MAAM,MAAM,GACV,IAAA,qCAAmB,EAAC,IAAI,EAAE,QAAQ,CAAC;YACnC,IAAA,2BAAiB,EAAC,IAAI,EAAE,oBAAU,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,EAAE,CAAC,EAAE,GAAG,wDAAa,KAAK,GAAC,CAAC;QAClC,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,UAAU,CAAC,yBAAyB,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,IAAI,GAAI,GAAgC,EAAE,IAAI,CAAC;QACrD,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;YACpB,OAAO,YAAY,CAAC,GAAG,EAAE;gBACvB,KAAK,EAAE,2BAA2B;gBAClC,OAAO,EAAE,6DAA6D;aACvE,CAAC,CAAC;QACL,CAAC;QACD,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;YACpB,OAAO,UAAU,CAAC,qBAAqB,CAAC,CAAC;QAC3C,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC;YACtB,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;YACvB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC;YACrC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YACpC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;YACzC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE;YAC5D,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;YACvC,gBAAgB,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;SAC9D,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,eAAe,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAsB,CAAC;QAE3C,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC;YACxC,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE;YACvB,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;SACrB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM;YAAE,OAAO,QAAQ,EAAE,CAAC;QAE/B,MAAM,eAAe,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC;YACrD,KAAK,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAC9C,MAAM,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE;YACxB,OAAO,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE;SAC3B,CAAC,CAAC;QACH,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,OAAO,aAAa,CAClB,wEAAwE,EACxE,qBAAqB,QAAQ,UAAU,CACxC,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC;YAC1D,KAAK,EAAE,EAAE,QAAQ,EAAE;YACnB,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE;SACrB,CAAC,CAAC;QACH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,YAAY,CAAC,GAAG,EAAE;gBACvB,KAAK,EAAE,YAAY;gBACnB,OAAO,EAAE,yCAAyC;gBAClD,WAAW,EAAE,gCAAgC,QAAQ,oBAAoB;aAC1E,CAAC,CAAC;QACL,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,8BAAe,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpD,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;YACd,OAAO,YAAY,CAAC,GAAG,EAAE;gBACvB,KAAK,EAAE,oBAAoB;gBAC3B,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,MAAM,EAAE,KAAK,CAAC,MAAM;gBACpB,WAAW,EACT,mGAAmG;aACtG,CAAC,CAAC;QACL,CAAC;QAED,MAAM,UAAU,GAAG,GAAG,CAAC,oBAAoB,CAAC;QAC5C,MAAM,gBAAgB,GAAG,GAAG,CAAC,qBAAqB,CAAC;QACnD,IAAI,CAAC,UAAU,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACrC,OAAO,UAAU,EAAE,CAAC;QACtB,CAAC;QAED,MAAM,YAAY,GAAG,IAAA,yBAAc,EAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,gBAAgB,GAAwB;YAC5C,GAAG,IAAA,qCAA2B,GAAE;YAChC,GAAG,CAAC,IAAI,CAAC,gBAAgB,IAAI,EAAE,CAAC;SACjC,CAAC;QACF,MAAM,cAAc,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAE7B,IAAI,SAAiB,CAAC;QACtB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;YACjE,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC;QACzB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAI,GAAyB,CAAC,IAAI,CAAC;YAChD,IAAI,OAAO,KAAK,yBAAyB,EAAE,CAAC;gBAC1C,OAAO,YAAY,CAAC,GAAG,EAAE;oBACvB,KAAK,EAAE,YAAY;oBACnB,OAAO,EAAE,8CAA8C;oBACvD,WAAW,EAAE,gCAAgC,QAAQ,oBAAoB;iBAC1E,CAAC,CAAC;YACL,CAAC;YACD,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,MAAM;gBACb,GAAG,EAAE,0BAA0B;gBAC/B,QAAQ;gBACR,OAAO;aACR,CAAC,CACH,CAAC;YACF,OAAO,UAAU,EAAE,CAAC;QACtB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,GAAG,CAAC,kBAAkB,CAAC;gBAC3B,UAAU;gBACV,YAAY;gBACZ,OAAO,EAAE;oBACP,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,YAAY,EAAE,IAAI,CAAC,YAAY;oBAC/B,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAChD;gBACD,gBAAgB;gBAChB,cAAc;aACf,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,MAAM;gBACb,GAAG,EAAE,2DAA2D;gBAChE,QAAQ;gBACR,OAAO,EAAG,GAAyB,CAAC,IAAI;aACzC,CAAC,CACH,CAAC;YACF,OAAO,UAAU,EAAE,CAAC;QACtB,CAAC;QAED,IAAI,GAgBF,CAAC;QACH,IAAI,CAAC;YACH,uEAAuE;YACvE,mEAAmE;YACnE,sDAAsD;YACtD,GAAG,GAAG,MAAM,EAAE,CAAC,YAAY,CACzB,KAAK,EAAE,EAAE,EAAE,EAAE;gBACX,MAAM,IAAA,gCAAsB,EAAC,EAAE,EAAE,UAAU,EAAE,KAAK,IAAI,EAAE;oBACtD,MAAM,GAAG,CAAC,4BAA4B,CACpC,UAAU,EACV,gBAAgB,EAChB,YAAY,EACZ,KAAK,CACN,CAAC;gBACJ,CAAC,CAAC,CAAC;gBACH,OAAO,EAAE,CAAC,sBAAsB,CAAC,MAAM,CAAC;oBACtC,IAAI,EAAE;wBACJ,QAAQ;wBACR,IAAI,EAAE,MAAiB;wBACvB,cAAc,EAAE,YAAY;wBAC5B,SAAS,EAAE,IAAI,CAAC,SAAS;wBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,eAAe,EAAE,SAAS;wBAC1B,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,6BAA6B;wBACpD,gBAAgB,EAAE,gBAAyC;wBAC3D,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,IAAI;wBACrC,MAAM,EAAE,QAAqB;wBAC7B,SAAS,EAAE,IAAI,IAAI,EAAE;qBACtB;oBACD,MAAM,EAAE;wBACN,EAAE,EAAE,IAAI;wBACR,QAAQ,EAAE,IAAI;wBACd,IAAI,EAAE,IAAI;wBACV,MAAM,EAAE,IAAI;wBACZ,cAAc,EAAE,IAAI;wBACpB,SAAS,EAAE,IAAI;wBACf,QAAQ,EAAE,IAAI;wBACd,WAAW,EAAE,IAAI;wBACjB,gBAAgB,EAAE,IAAI;wBACtB,MAAM,EAAE,IAAI;wBACZ,SAAS,EAAE,IAAI;wBACf,SAAS,EAAE,IAAI;wBACf,SAAS,EAAE,IAAI;qBAChB;iBACF,CAAC,CAAC;YACL,CAAC,EACD,EAAE,OAAO,EAAE,KAAK,EAAE,CACnB,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;YAC1E,MAAM,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,MAAM;gBACb,GAAG,EAAE,iDAAiD;gBACtD,QAAQ;gBACR,OAAO,EAAG,GAAyB,CAAC,IAAI;aACzC,CAAC,CACH,CAAC;YACF,OAAO,UAAU,EAAE,CAAC;QACtB,CAAC;QAED,KAAK,YAAY;aACd,IAAI,CACH;YACE,IAAI,EAAE,4BAAc,CAAC,oBAAoB;YACzC,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,MAAM;YACxB,OAAO,EAAE;gBACP,OAAO,EAAE,MAAM;gBACf,MAAM,EAAE,IAAI,CAAC,SAAS;gBACtB,SAAS,EAAE,QAAQ;aACpB;SACF,EACD,EAAE,CACH;aACA,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE,CACtB,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,mBAAmB;YAC1B,KAAK,EAAG,GAA4B,EAAE,OAAO,IAAI,SAAS;SAC3D,CAAC,CACH,CACF,CAAC;QAEJ,OAAO,YAAY,CAAC,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,8EAA8E;IAC9E,KAAK,CAAC,SAAS,CAAC,QAAgB,EAAE,IAAiB,EAAE,GAAQ;QAC3D,MAAM,MAAM,GACV,IAAA,kCAAgB,EAAC,IAAI,EAAE,QAAQ,CAAC;YAChC,IAAA,2BAAiB,EAAC,IAAI,EAAE,oBAAU,CAAC,OAAO,CAAC,CAAC;QAC9C,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC;YACrD,KAAK,EAAE,EAAE,QAAQ,EAAE;YACnB,MAAM,EAAE;gBACN,EAAE,EAAE,IAAI;gBACR,QAAQ,EAAE,IAAI;gBACd,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,IAAI;gBACZ,cAAc,EAAE,IAAI;gBACpB,SAAS,EAAE,IAAI;gBACf,QAAQ,EAAE,IAAI;gBACd,WAAW,EAAE,IAAI;gBACjB,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;gBACZ,SAAS,EAAE,IAAI;gBACf,SAAS,EAAE,IAAI;gBACf,SAAS,EAAE,IAAI;aAChB;SACF,CAAC,CAAC;QACH,IAAI,CAAC,GAAG;YAAE,OAAO,QAAQ,EAAE,CAAC;QAC5B,OAAO,YAAY,CAAC,GAAG,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,8EAA8E;IAC9E,KAAK,CAAC,WAAW,CACf,QAAgB,EAChB,OAAgB,EAChB,IAAiB,EACjB,GAAQ;QAER,MAAM,MAAM,GACV,IAAA,qCAAmB,EAAC,IAAI,EAAE,QAAQ,CAAC;YACnC,IAAA,2BAAiB,EAAC,IAAI,EAAE,oBAAU,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,EAAE,CAAC,EAAE,GAAG,wDAAa,KAAK,GAAC,CAAC;QAClC,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QAC7B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,UAAU,CAAC,yBAAyB,EAAE,cAAc,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,QAAQ,GAAG,OAAQ,GAA4B,EAAE,MAAM,KAAK,QAAQ,CAAC;QAE3E,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;YACpE,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,OAAO,UAAU,CAAC,mCAAmC,CAAC,CAAC;YACzD,CAAC;YACD,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAuB,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;QAC/E,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC;YACtB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;YACpD,gBAAgB,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;YAC7D,WAAW,EAAE,CAAC;iBACX,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;iBAClC,QAAQ,EAAE;iBACV,QAAQ,EAAE;YACb,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;SACxC,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,eAAe,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAuB,CAAC;QAE5C,IACE,IAAI,CAAC,YAAY,KAAK,SAAS;YAC/B,IAAI,CAAC,gBAAgB,KAAK,SAAS;YACnC,IAAI,CAAC,WAAW,KAAK,SAAS;YAC9B,IAAI,CAAC,MAAM,KAAK,SAAS,EACzB,CAAC;YACD,OAAO,UAAU,CAAC,mFAAmF,CAAC,CAAC;QACzG,CAAC;QAED,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;IACrD,CAAC;IAEO,KAAK,CAAC,WAAW,CACvB,QAAgB,EAChB,IAAqB,EACrB,IAAiB,EACjB,GAAQ;QAER,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC;YACrD,KAAK,EAAE,EAAE,QAAQ,EAAE;YACnB,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE;SACzD,CAAC,CAAC;QACH,IAAI,CAAC,GAAG;YAAE,OAAO,QAAQ,EAAE,CAAC;QAE5B,IAAI,GAAG,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;YAC/B,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,MAAM,UAAU,GAAG,GAAG,CAAC,oBAAoB,CAAC;QAC5C,MAAM,gBAAgB,GAAG,GAAG,CAAC,qBAAqB,CAAC;QACnD,IAAI,CAAC,UAAU,IAAI,CAAC,gBAAgB;YAAE,OAAO,UAAU,EAAE,CAAC;QAE1D,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC;QACvD,IAAI,CAAC;YACH,gEAAgE;YAChE,gDAAgD;YAChD,MAAM,EAAE,CAAC,YAAY,CACnB,KAAK,EAAE,EAAE,EAAE,EAAE;gBACX,MAAM,IAAA,gCAAsB,EAAC,EAAE,EAAE,UAAU,EAAE,KAAK,IAAI,EAAE;oBACtD,MAAM,GAAG,CAAC,4BAA4B,CACpC,UAAU,EACV,gBAAgB,EAChB,GAAG,CAAC,cAAc,EAClB,EAAE,CACH,CAAC;gBACJ,CAAC,CAAC,CAAC;gBACH,MAAM,EAAE,CAAC,sBAAsB,CAAC,MAAM,CAAC;oBACrC,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE;oBACrB,IAAI,EAAE;wBACJ,MAAM,EAAE,IAAI,CAAC,MAAmB;wBAChC,GAAG,CAAC,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;qBAC/D;iBACF,CAAC,CAAC;YACL,CAAC,EACD,EAAE,OAAO,EAAE,KAAK,EAAE,CACnB,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,MAAM;gBACb,GAAG,EAAE,0BAA0B;gBAC/B,QAAQ;gBACR,OAAO,EAAG,GAAyB,CAAC,IAAI;aACzC,CAAC,CACH,CAAC;YACF,OAAO,UAAU,EAAE,CAAC;QACtB,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC/B,MAAM,IAAI,CAAC,yBAAyB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QACtD,CAAC;QAED,KAAK,YAAY;aACd,IAAI,CACH;YACE,IAAI,EACF,IAAI,CAAC,MAAM,KAAK,UAAU;gBACxB,CAAC,CAAC,4BAAc,CAAC,mBAAmB;gBACpC,CAAC,CAAC,4BAAc,CAAC,mBAAmB;YACxC,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,MAAM;YACxB,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE;SACpC,EACD,EAAE,CACH;aACA,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE,CACtB,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,mBAAmB;YAC1B,KAAK,EAAG,GAA4B,EAAE,OAAO,IAAI,SAAS;SAC3D,CAAC,CACH,CACF,CAAC;QAEJ,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAChE,CAAC;IAEO,KAAK,CAAC,WAAW,CACvB,QAAgB,EAChB,IAAqB,EACrB,IAAiB,EACjB,GAAQ;QAER,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC;YACrD,KAAK,EAAE,EAAE,QAAQ,EAAE;YACnB,MAAM,EAAE;gBACN,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,IAAI;gBACV,cAAc,EAAE,IAAI;gBACpB,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;aACb;SACF,CAAC,CAAC;QACH,IAAI,CAAC,GAAG;YAAE,OAAO,QAAQ,EAAE,CAAC;QAC5B,IAAI,GAAG,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;YACxB,OAAO,YAAY,CAAC,GAAG,EAAE;gBACvB,KAAK,EAAE,2BAA2B;gBAClC,OAAO,EAAE,0CAA0C;aACpD,CAAC,CAAC;QACL,CAAC;QAED,MAAM,UAAU,GAAG,GAAG,CAAC,oBAAoB,CAAC;QAC5C,IAAI,CAAC,UAAU;YAAE,OAAO,UAAU,EAAE,CAAC;QAErC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAErC,MAAM,mBAAmB,GAAG,IAAI,CAAC,gBAAgB;YAC/C,CAAC,CAAC,qBAAqB,CAAC,GAAG,CAAC,gBAAgB,EAAE,IAAI,CAAC,gBAAgB,CAAC;YACpE,CAAC,CAAC,SAAS,CAAC;QAEd,0EAA0E;QAC1E,0EAA0E;QAC1E,qEAAqE;QACrE,0EAA0E;QAC1E,uBAAuB;QACvB,IAAI,CAAC;YACH,MAAM,GAAG,CAAC,kBAAkB,CAAC;gBAC3B,UAAU;gBACV,YAAY,EAAE,GAAG,CAAC,cAAc;gBAChC,GAAG,CAAC,IAAI,CAAC,YAAY,KAAK,SAAS;oBACjC,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;oBACnG,CAAC,CAAC,IAAI,CAAC,MAAM;wBACX,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,EAAE;wBACtC,CAAC,CAAC,EAAE,CAAC;gBACT,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC1E,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,MAAM;gBACb,GAAG,EAAE,uCAAuC;gBAC5C,QAAQ;gBACR,OAAO,EAAG,GAAyB,CAAC,IAAI;aACzC,CAAC,CACH,CAAC;YACF,OAAO,UAAU,EAAE,CAAC;QACtB,CAAC;QAED,IAAI,IAAI,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACpC,IAAI,CAAC;gBACH,MAAM,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;YACpD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;oBACb,KAAK,EAAE,MAAM;oBACb,GAAG,EAAE,0BAA0B;oBAC/B,QAAQ;oBACR,OAAO,EAAG,GAAyB,CAAC,IAAI;iBACzC,CAAC,CACH,CAAC;gBACF,OAAO,UAAU,EAAE,CAAC;YACtB,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAA6C,EAAE,CAAC;QAC1D,IAAI,mBAAmB;YAAE,IAAI,CAAC,gBAAgB,GAAG,mBAA4C,CAAC;QAC9F,IAAI,IAAI,CAAC,WAAW,KAAK,SAAS;YAAE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACxE,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;YAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAEzD,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,MAAM,CAAC;YACrD,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE;YACrB,IAAI;YACJ,MAAM,EAAE;gBACN,EAAE,EAAE,IAAI;gBACR,QAAQ,EAAE,IAAI;gBACd,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,IAAI;gBACZ,cAAc,EAAE,IAAI;gBACpB,SAAS,EAAE,IAAI;gBACf,QAAQ,EAAE,IAAI;gBACd,WAAW,EAAE,IAAI;gBACjB,gBAAgB,EAAE,IAAI;gBACtB,MAAM,EAAE,IAAI;gBACZ,SAAS,EAAE,IAAI;gBACf,SAAS,EAAE,IAAI;gBACf,SAAS,EAAE,IAAI;aAChB;SACF,CAAC,CAAC;QAEH,KAAK,YAAY;aACd,IAAI,CACH;YACE,IAAI,EAAE,4BAAc,CAAC,mBAAmB;YACxC,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,MAAM;YACxB,OAAO,EAAE;gBACP,OAAO,EAAE,GAAG,CAAC,IAAI;gBACjB,iBAAiB,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;aACrC;SACF,EACD,EAAE,CACH;aACA,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE,CACtB,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,mBAAmB;YAC1B,KAAK,EAAG,GAA4B,EAAE,OAAO,IAAI,SAAS;SAC3D,CAAC,CACH,CACF,CAAC;QAEJ,OAAO,YAAY,CAAC,GAAG,EAAE,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,8EAA8E;IAC9E,KAAK,CAAC,YAAY,CAChB,QAAgB,EAChB,GAAQ,EACR,IAAiB,EACjB,GAAQ;QAER,MAAM,MAAM,GACV,IAAA,qCAAmB,EAAC,IAAI,EAAE,QAAQ,CAAC;YACnC,IAAA,2BAAiB,EAAC,IAAI,EAAE,oBAAU,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,IAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,MAAM,EAAE,CAAC;YAC/C,OAAO,YAAY,CAAC,GAAG,EAAE;gBACvB,KAAK,EAAE,kBAAkB;gBACzB,OAAO,EAAE,4CAA4C;gBACrD,WAAW,EAAE,uBAAuB,QAAQ,iCAAiC;aAC9E,CAAC,CAAC;QACL,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC;YACrD,KAAK,EAAE,EAAE,QAAQ,EAAE;YACnB,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;SACvD,CAAC,CAAC;QACH,IAAI,CAAC,GAAG;YAAE,OAAO,QAAQ,EAAE,CAAC;QAE5B,MAAM,UAAU,GAAG,GAAG,CAAC,oBAAoB,CAAC;QAC5C,MAAM,gBAAgB,GAAG,GAAG,CAAC,qBAAqB,CAAC;QACnD,IAAI,CAAC,UAAU,IAAI,CAAC,gBAAgB;YAAE,OAAO,UAAU,EAAE,CAAC;QAE1D,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,CAAC;YACH,uEAAuE;YACvE,2CAA2C;YAC3C,MAAM,EAAE,CAAC,YAAY,CACnB,KAAK,EAAE,EAAE,EAAE,EAAE;gBACX,MAAM,IAAA,gCAAsB,EAAC,EAAE,EAAE,UAAU,EAAE,KAAK,IAAI,EAAE;oBACtD,MAAM,GAAG,CAAC,4BAA4B,CACpC,UAAU,EACV,gBAAgB,EAChB,GAAG,CAAC,cAAc,EAClB,QAAQ,CACT,CAAC;gBACJ,CAAC,CAAC,CAAC;gBACH,MAAM,GAAG,CAAC,cAAc,CAAC,UAAU,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC;gBACzD,MAAM,EAAE,CAAC,sBAAsB,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACpE,CAAC,EACD,EAAE,OAAO,EAAE,KAAK,EAAE,CACnB,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,MAAM;gBACb,GAAG,EAAE,mBAAmB;gBACxB,QAAQ;gBACR,OAAO,EAAG,GAAyB,CAAC,IAAI;aACzC,CAAC,CACH,CAAC;YACF,OAAO,UAAU,EAAE,CAAC;QACtB,CAAC;QAED,MAAM,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QACtD,MAAM,IAAI,CAAC,yBAAyB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAEpD,MAAM,iCAAiC,CAAC,GAAG,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;QAE3D,KAAK,YAAY;aACd,IAAI,CACH;YACE,IAAI,EAAE,4BAAc,CAAC,kBAAkB;YACvC,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,MAAM;YACxB,OAAO,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE;SAC/B,EACD,EAAE,CACH;aACA,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE,CACtB,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,mBAAmB;YAC1B,KAAK,EAAG,GAA4B,EAAE,OAAO,IAAI,SAAS;SAC3D,CAAC,CACH,CACF,CAAC;QAEJ,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;CACF;AAvsBD,gCAusBC;AAED,SAAS,qBAAqB,CAC5B,QAAiB,EACjB,QAA6B;IAE7B,MAAM,IAAI,GACR,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC;QAClE,CAAC,CAAE,QAAgC;QACnC,CAAC,CAAC,IAAA,qCAA2B,GAAE,CAAC;IACpC,OAAO,EAAE,GAAG,IAAI,EAAE,GAAG,QAAQ,EAAE,CAAC;AAClC,CAAC;AAkBD,SAAS,eAAe,CAAC,GAAiB;IACxC,OAAO;QACL,EAAE,EAAE,GAAG,CAAC,EAAE;QACV,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,IAAI,EAAE,GAAG,CAAC,IAAI;QACd,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,cAAc,EAAE,GAAG,CAAC,cAAc;QAClC,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,WAAW,EAAE,GAAG,CAAC,WAAW;QAC5B,gBAAgB,EAAE,GAAG,CAAC,gBAAgB;QACtC,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,SAAS,EAAE,GAAG,CAAC,SAAS;QACxB,SAAS,EAAE,GAAG,CAAC,SAAS;KACzB,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,iCAAiC,CAC9C,GAAQ,EACR,QAAgB,EAChB,EAAgB;IAEhB,MAAM,UAAU,GAAG,GAAG,CAAC,oBAAoB,CAAC;IAC5C,IAAI,CAAC,UAAU;QAAE,OAAO;IACxB,IAAI,SAAS,GAAa,EAAE,CAAC;IAC7B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC;YAC7C,KAAK,EAAE,EAAE,QAAQ,EAAE;YACnB,MAAM,EAAE,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE;SAC9C,CAAC,CAAC;QACH,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IACD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IACnC,IAAI,CAAC;QACH,MAAM,EAAE,6BAA6B,EAAE,GAAG,EAAE,6BAA6B,EAAE,GACzE,wDAAa,2CAA2C,GAAC,CAAC;QAC5D,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC;YACrB,MAAM,EAAE,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU;SACrD,CAAC,CAAC;QACH,MAAM,OAAO,CAAC,GAAG,CACf,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAClB,MAAM;aACH,IAAI,CAAC,IAAI,6BAA6B,CAAC,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC;aAChF,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAE,MAAM;gBACb,GAAG,EAAE,6CAA6C;gBAClD,QAAQ;gBACR,OAAO,EAAG,GAAyB,CAAC,IAAI;aACzC,CAAC,CACH,CAAC;QACJ,CAAC,CAAC,CACL,CACF,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;AACH,CAAC"}
@@ -0,0 +1,2 @@
1
+ export declare function cognitoIdpName(tenantId: string): string;
2
+ //# sourceMappingURL=idp-name.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"idp-name.d.ts","sourceRoot":"","sources":["../../../src/lib/tenant/idp-name.ts"],"names":[],"mappings":"AAaA,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAGvD"}
@@ -0,0 +1,20 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.cognitoIdpName = cognitoIdpName;
4
+ /**
5
+ * Cognito IdP-name derivation. Cognito's user-pool quota limits provider names
6
+ * to 32 characters. We use `tenant-{cuid}` so each tenant gets a unique
7
+ * Cognito identity-provider name. cuid v1 is 25 chars which fits the 32-char
8
+ * limit (`tenant-` is 7 chars). Tenants whose IDs exceed 25 chars are
9
+ * truncated to 25 — collision is theoretically possible only between IDs
10
+ * sharing a 25-char prefix, which is astronomically unlikely for cuid.
11
+ *
12
+ * T5 (IdP CRUD) consumes this to populate `ProviderName` on `CreateIdentityProviderCommand`;
13
+ * T8 (sign-in discovery) consumes it to build the Cognito Hosted UI redirect URL.
14
+ */
15
+ const TENANT_ID_MAX = 25;
16
+ function cognitoIdpName(tenantId) {
17
+ const id = tenantId.length > TENANT_ID_MAX ? tenantId.slice(0, TENANT_ID_MAX) : tenantId;
18
+ return `tenant-${id}`;
19
+ }
20
+ //# sourceMappingURL=idp-name.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"idp-name.js","sourceRoot":"","sources":["../../../src/lib/tenant/idp-name.ts"],"names":[],"mappings":";;AAaA,wCAGC;AAhBD;;;;;;;;;;GAUG;AACH,MAAM,aAAa,GAAG,EAAE,CAAC;AAEzB,SAAgB,cAAc,CAAC,QAAgB;IAC7C,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IACzF,OAAO,UAAU,EAAE,EAAE,CAAC;AACxB,CAAC"}
@@ -0,0 +1,31 @@
1
+ /**
2
+ * Member CRUD handler — list, change role, delete.
3
+ *
4
+ * Endpoints (wired in routes/tenant-members.ts):
5
+ * GET /api/tenants/:id/members
6
+ * PATCH /api/tenants/:id/members/:memberId { role }
7
+ * DELETE /api/tenants/:id/members/:memberId
8
+ * POST /api/tenants/:id/transfer-ownership { newOwnerUserId }
9
+ *
10
+ * Invariants enforced here:
11
+ * - Cross-tenant: every Prisma query includes `tenantId: auth.activeTenantId`.
12
+ * - Single-OWNER: PATCH cannot promote anyone to OWNER (transfer-ownership only).
13
+ * - Self-demotion: OWNER cannot lose their own role via PATCH or DELETE.
14
+ * - Cache invalidation: every mutation invalidates the affected user's claims
15
+ * cache before returning.
16
+ * - AdminUserGlobalSignOut on member removal is best-effort; log + continue.
17
+ * - Audit emit: stub call site for T7 to replace.
18
+ */
19
+ import type { Env } from "../../env";
20
+ import type { AuthContext } from "../auth/auth-context";
21
+ export declare class MemberHandler {
22
+ /** GET /api/tenants/:id/members — paginated. */
23
+ handleList(tenantId: string, request: Request, auth: AuthContext, env: Env): Promise<Response>;
24
+ /** PATCH /api/tenants/:id/members/:memberId — change role. */
25
+ handlePatchRole(tenantId: string, memberId: string, request: Request, auth: AuthContext, env: Env): Promise<Response>;
26
+ /** DELETE /api/tenants/:id/members/:memberId — soft-delete + sign-out. */
27
+ handleRemove(tenantId: string, memberId: string, auth: AuthContext, env: Env): Promise<Response>;
28
+ /** POST /api/tenants/:id/transfer-ownership { newOwnerUserId }. */
29
+ handleTransferOwnership(tenantId: string, request: Request, auth: AuthContext, env: Env): Promise<Response>;
30
+ }
31
+ //# sourceMappingURL=member-handler.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"member-handler.d.ts","sourceRoot":"","sources":["../../../src/lib/tenant/member-handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAOH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AACrC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAqExD,qBAAa,aAAa;IACxB,gDAAgD;IAC1C,UAAU,CACd,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,WAAW,EACjB,GAAG,EAAE,GAAG,GACP,OAAO,CAAC,QAAQ,CAAC;IAkDpB,8DAA8D;IACxD,eAAe,CACnB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,WAAW,EACjB,GAAG,EAAE,GAAG,GACP,OAAO,CAAC,QAAQ,CAAC;IAyFpB,0EAA0E;IACpE,YAAY,CAChB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,WAAW,EACjB,GAAG,EAAE,GAAG,GACP,OAAO,CAAC,QAAQ,CAAC;IA8DpB,mEAAmE;IAC7D,uBAAuB,CAC3B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,WAAW,EACjB,GAAG,EAAE,GAAG,GACP,OAAO,CAAC,QAAQ,CAAC;CA2ErB"}
@@ -0,0 +1,343 @@
1
+ "use strict";
2
+ /**
3
+ * Member CRUD handler — list, change role, delete.
4
+ *
5
+ * Endpoints (wired in routes/tenant-members.ts):
6
+ * GET /api/tenants/:id/members
7
+ * PATCH /api/tenants/:id/members/:memberId { role }
8
+ * DELETE /api/tenants/:id/members/:memberId
9
+ * POST /api/tenants/:id/transfer-ownership { newOwnerUserId }
10
+ *
11
+ * Invariants enforced here:
12
+ * - Cross-tenant: every Prisma query includes `tenantId: auth.activeTenantId`.
13
+ * - Single-OWNER: PATCH cannot promote anyone to OWNER (transfer-ownership only).
14
+ * - Self-demotion: OWNER cannot lose their own role via PATCH or DELETE.
15
+ * - Cache invalidation: every mutation invalidates the affected user's claims
16
+ * cache before returning.
17
+ * - AdminUserGlobalSignOut on member removal is best-effort; log + continue.
18
+ * - Audit emit: stub call site for T7 to replace.
19
+ */
20
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
21
+ if (k2 === undefined) k2 = k;
22
+ var desc = Object.getOwnPropertyDescriptor(m, k);
23
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
24
+ desc = { enumerable: true, get: function() { return m[k]; } };
25
+ }
26
+ Object.defineProperty(o, k2, desc);
27
+ }) : (function(o, m, k, k2) {
28
+ if (k2 === undefined) k2 = k;
29
+ o[k2] = m[k];
30
+ }));
31
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
32
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
33
+ }) : function(o, v) {
34
+ o["default"] = v;
35
+ });
36
+ var __importStar = (this && this.__importStar) || (function () {
37
+ var ownKeys = function(o) {
38
+ ownKeys = Object.getOwnPropertyNames || function (o) {
39
+ var ar = [];
40
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
41
+ return ar;
42
+ };
43
+ return ownKeys(o);
44
+ };
45
+ return function (mod) {
46
+ if (mod && mod.__esModule) return mod;
47
+ var result = {};
48
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
49
+ __setModuleDefault(result, mod);
50
+ return result;
51
+ };
52
+ })();
53
+ Object.defineProperty(exports, "__esModule", { value: true });
54
+ exports.MemberHandler = void 0;
55
+ const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
56
+ const auth_middleware_1 = require("../auth/auth-middleware");
57
+ const require_1 = require("../auth/require");
58
+ const claims_cache_1 = require("../auth/claims-cache");
59
+ const audit_emit_1 = require("./audit-emit");
60
+ const transfer_ownership_1 = require("./transfer-ownership");
61
+ const JSON_HEADERS = { "content-type": "application/json" };
62
+ function jsonResponse(status, body) {
63
+ return new Response(JSON.stringify(body), { status, headers: JSON_HEADERS });
64
+ }
65
+ function unprocessable(message, remediation) {
66
+ return jsonResponse(422, {
67
+ error: "UNPROCESSABLE",
68
+ message,
69
+ ...(remediation ? { remediation } : {}),
70
+ });
71
+ }
72
+ async function invalidateCache(env, cognitoSub) {
73
+ if (!cognitoSub)
74
+ return;
75
+ try {
76
+ const cache = (0, claims_cache_1.createClaimsCacheFromEnv)();
77
+ await cache.invalidate(cognitoSub);
78
+ }
79
+ catch (err) {
80
+ console.warn(JSON.stringify({
81
+ level: "warn",
82
+ msg: "Cache invalidation failed",
83
+ cognitoSub,
84
+ error: String(err),
85
+ }));
86
+ }
87
+ // env is unused but kept in the signature in case T7 wants to read DDB
88
+ // table name from env directly rather than via the factory.
89
+ void env;
90
+ }
91
+ async function bestEffortGlobalSignOut(env, username) {
92
+ const userPoolId = env.COGNITO_USER_POOL_ID;
93
+ if (!userPoolId || !username)
94
+ return;
95
+ try {
96
+ const client = new client_cognito_identity_provider_1.CognitoIdentityProviderClient({
97
+ region: env.COGNITO_REGION ?? process.env.AWS_REGION,
98
+ });
99
+ await client.send(new client_cognito_identity_provider_1.AdminUserGlobalSignOutCommand({
100
+ UserPoolId: userPoolId,
101
+ Username: username,
102
+ }));
103
+ }
104
+ catch (err) {
105
+ console.warn(JSON.stringify({
106
+ level: "warn",
107
+ msg: "AdminUserGlobalSignOut failed",
108
+ username,
109
+ error: String(err),
110
+ }));
111
+ }
112
+ }
113
+ class MemberHandler {
114
+ /** GET /api/tenants/:id/members — paginated. */
115
+ async handleList(tenantId, request, auth, env) {
116
+ const denied = (0, auth_middleware_1.requireActiveTenant)(auth, tenantId) ??
117
+ (0, require_1.requireCapability)(auth, require_1.Capability.MemberView);
118
+ if (denied)
119
+ return denied;
120
+ const url = new URL(request.url);
121
+ const limit = Math.min(Math.max(Number(url.searchParams.get("limit") ?? "50"), 1), 200);
122
+ const cursor = url.searchParams.get("cursor") ?? undefined;
123
+ const { createPrisma } = await Promise.resolve().then(() => __importStar(require("../../db")));
124
+ const db = createPrisma(env);
125
+ const where = { tenantId };
126
+ const members = await db.tenantMember.findMany({
127
+ where,
128
+ take: limit + 1,
129
+ ...(cursor ? { cursor: { id: cursor }, skip: 1 } : {}),
130
+ orderBy: { id: "asc" },
131
+ select: {
132
+ id: true,
133
+ userId: true,
134
+ role: true,
135
+ status: true,
136
+ joinedAt: true,
137
+ invitedAt: true,
138
+ lastActiveAt: true,
139
+ user: { select: { id: true, email: true, handle: true } },
140
+ },
141
+ });
142
+ const hasMore = members.length > limit;
143
+ const page = hasMore ? members.slice(0, limit) : members;
144
+ const nextCursor = hasMore ? page[page.length - 1]?.id : null;
145
+ return jsonResponse(200, {
146
+ members: page.map((m) => ({
147
+ id: m.id,
148
+ userId: m.userId,
149
+ role: m.role,
150
+ status: m.status,
151
+ joinedAt: m.joinedAt,
152
+ invitedAt: m.invitedAt,
153
+ lastActiveAt: m.lastActiveAt,
154
+ user: m.user,
155
+ })),
156
+ nextCursor,
157
+ });
158
+ }
159
+ /** PATCH /api/tenants/:id/members/:memberId — change role. */
160
+ async handlePatchRole(tenantId, memberId, request, auth, env) {
161
+ const denied = (0, auth_middleware_1.requireActiveTenant)(auth, tenantId) ??
162
+ (0, require_1.requireCapability)(auth, require_1.Capability.MemberChangeRole);
163
+ if (denied)
164
+ return denied;
165
+ const { z } = await Promise.resolve().then(() => __importStar(require("zod")));
166
+ let body;
167
+ try {
168
+ body = await request.json();
169
+ }
170
+ catch {
171
+ return jsonResponse(400, { error: "INVALID_JSON", message: "Body must be valid JSON" });
172
+ }
173
+ const schema = z.object({
174
+ role: z.enum(["ADMIN", "MEMBER", "GUEST"]),
175
+ });
176
+ const parsed = schema.safeParse(body);
177
+ if (!parsed.success) {
178
+ const msg = parsed.error.issues[0]?.message ?? "Invalid role";
179
+ const isOwner = typeof body === "object" &&
180
+ body !== null &&
181
+ body.role === "OWNER";
182
+ if (isOwner) {
183
+ return unprocessable("OWNER cannot be assigned via PATCH", `POST /api/tenants/${tenantId}/transfer-ownership`);
184
+ }
185
+ return jsonResponse(400, { error: "VALIDATION_ERROR", message: msg });
186
+ }
187
+ const { createPrisma } = await Promise.resolve().then(() => __importStar(require("../../db")));
188
+ const db = createPrisma(env);
189
+ const target = await db.tenantMember.findFirst({
190
+ where: { id: memberId, tenantId },
191
+ select: {
192
+ id: true,
193
+ userId: true,
194
+ role: true,
195
+ status: true,
196
+ user: { select: { cognitoSub: true } },
197
+ },
198
+ });
199
+ if (!target) {
200
+ return jsonResponse(404, { error: "NOT_FOUND", message: "Member not found" });
201
+ }
202
+ if (target.role === "OWNER") {
203
+ return unprocessable("Cannot demote OWNER via PATCH", `POST /api/tenants/${tenantId}/transfer-ownership`);
204
+ }
205
+ if (target.userId === auth.userId && auth.tenantRole === "OWNER") {
206
+ return unprocessable("OWNER cannot self-demote", `POST /api/tenants/${tenantId}/transfer-ownership`);
207
+ }
208
+ if (target.role === parsed.data.role) {
209
+ return jsonResponse(200, { id: target.id, role: target.role, unchanged: true });
210
+ }
211
+ const updated = await db.tenantMember.update({
212
+ where: { id: target.id },
213
+ data: { role: parsed.data.role },
214
+ select: { id: true, userId: true, role: true, status: true },
215
+ });
216
+ await invalidateCache(env, target.user.cognitoSub);
217
+ (0, audit_emit_1.emitTenantAudit)({
218
+ tenantId,
219
+ actorUserId: auth.userId,
220
+ action: "member.change_role",
221
+ targetType: "member",
222
+ targetId: target.id,
223
+ metadata: { previousRole: target.role, newRole: updated.role },
224
+ });
225
+ return jsonResponse(200, updated);
226
+ }
227
+ /** DELETE /api/tenants/:id/members/:memberId — soft-delete + sign-out. */
228
+ async handleRemove(tenantId, memberId, auth, env) {
229
+ const denied = (0, auth_middleware_1.requireActiveTenant)(auth, tenantId) ??
230
+ (0, require_1.requireCapability)(auth, require_1.Capability.MemberRemove);
231
+ if (denied)
232
+ return denied;
233
+ const { createPrisma } = await Promise.resolve().then(() => __importStar(require("../../db")));
234
+ const db = createPrisma(env);
235
+ const target = await db.tenantMember.findFirst({
236
+ where: { id: memberId, tenantId },
237
+ select: {
238
+ id: true,
239
+ userId: true,
240
+ role: true,
241
+ status: true,
242
+ user: { select: { cognitoSub: true, email: true } },
243
+ },
244
+ });
245
+ if (!target) {
246
+ return jsonResponse(404, { error: "NOT_FOUND", message: "Member not found" });
247
+ }
248
+ if (target.role === "OWNER") {
249
+ return unprocessable("OWNER cannot be removed", `POST /api/tenants/${tenantId}/transfer-ownership`);
250
+ }
251
+ if (target.userId === auth.userId && auth.tenantRole === "OWNER") {
252
+ return unprocessable("OWNER cannot remove themselves", `POST /api/tenants/${tenantId}/transfer-ownership`);
253
+ }
254
+ if (target.status === "REMOVED") {
255
+ return jsonResponse(200, { id: target.id, status: "REMOVED", unchanged: true });
256
+ }
257
+ await db.tenantMember.update({
258
+ where: { id: target.id },
259
+ data: { status: "REMOVED", removedAt: new Date() },
260
+ });
261
+ await invalidateCache(env, target.user.cognitoSub);
262
+ await bestEffortGlobalSignOut(env, target.user.email);
263
+ (0, audit_emit_1.emitTenantAudit)({
264
+ tenantId,
265
+ actorUserId: auth.userId,
266
+ action: "member.remove",
267
+ targetType: "member",
268
+ targetId: target.id,
269
+ metadata: { userId: target.userId },
270
+ });
271
+ return jsonResponse(200, { id: target.id, status: "REMOVED" });
272
+ }
273
+ /** POST /api/tenants/:id/transfer-ownership { newOwnerUserId }. */
274
+ async handleTransferOwnership(tenantId, request, auth, env) {
275
+ const denied = (0, auth_middleware_1.requireActiveTenant)(auth, tenantId);
276
+ if (denied)
277
+ return denied;
278
+ if (auth.tenantRole !== "OWNER" && auth.globalRole !== "SUPER_ADMIN") {
279
+ return jsonResponse(403, {
280
+ error: "FORBIDDEN",
281
+ message: "Only the current OWNER can transfer ownership",
282
+ });
283
+ }
284
+ const { z } = await Promise.resolve().then(() => __importStar(require("zod")));
285
+ let body;
286
+ try {
287
+ body = await request.json();
288
+ }
289
+ catch {
290
+ return jsonResponse(400, { error: "INVALID_JSON", message: "Body must be valid JSON" });
291
+ }
292
+ const parsed = z.object({ newOwnerUserId: z.string().min(1) }).safeParse(body);
293
+ if (!parsed.success) {
294
+ return jsonResponse(400, {
295
+ error: "VALIDATION_ERROR",
296
+ message: "newOwnerUserId is required",
297
+ });
298
+ }
299
+ if (parsed.data.newOwnerUserId === auth.userId) {
300
+ return jsonResponse(400, {
301
+ error: "VALIDATION_ERROR",
302
+ message: "New owner must be a different user",
303
+ });
304
+ }
305
+ const { createPrisma } = await Promise.resolve().then(() => __importStar(require("../../db")));
306
+ const db = createPrisma(env);
307
+ const result = await (0, transfer_ownership_1.transferOwnership)({
308
+ db,
309
+ tenantId,
310
+ currentOwnerUserId: auth.userId,
311
+ newOwnerUserId: parsed.data.newOwnerUserId,
312
+ });
313
+ if (!result.ok) {
314
+ const code = result.code;
315
+ if (code === "NOT_MEMBER" || code === "INACTIVE") {
316
+ return jsonResponse(404, {
317
+ error: "NOT_FOUND",
318
+ message: "New owner must be an active member of this tenant",
319
+ });
320
+ }
321
+ if (code === "ALREADY_OWNER") {
322
+ return jsonResponse(400, {
323
+ error: "VALIDATION_ERROR",
324
+ message: "New owner must be a different user",
325
+ });
326
+ }
327
+ return jsonResponse(409, { error: "CONFLICT", message: "OWNER row not found" });
328
+ }
329
+ await invalidateCache(env, result.oldOwnerCognitoSub);
330
+ await invalidateCache(env, result.newOwnerCognitoSub);
331
+ (0, audit_emit_1.emitTenantAudit)({
332
+ tenantId,
333
+ actorUserId: auth.userId,
334
+ action: "tenant.transfer_ownership",
335
+ targetType: "tenant",
336
+ targetId: tenantId,
337
+ metadata: { newOwnerUserId: parsed.data.newOwnerUserId },
338
+ });
339
+ return jsonResponse(200, { ok: true, newOwnerId: parsed.data.newOwnerUserId });
340
+ }
341
+ }
342
+ exports.MemberHandler = MemberHandler;
343
+ //# sourceMappingURL=member-handler.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"member-handler.js","sourceRoot":"","sources":["../../../src/lib/tenant/member-handler.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;GAiBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGH,gGAGmD;AAGnD,6DAA8D;AAC9D,6CAAgE;AAChE,uDAAgE;AAChE,6CAA+C;AAC/C,6DAAyD;AAEzD,MAAM,YAAY,GAAG,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC;AAE5D,SAAS,YAAY,CAAC,MAAc,EAAE,IAAa;IACjD,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,aAAa,CAAC,OAAe,EAAE,WAAoB;IAC1D,OAAO,YAAY,CAAC,GAAG,EAAE;QACvB,KAAK,EAAE,eAAe;QACtB,OAAO;QACP,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACxC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,GAAQ,EAAE,UAAqC;IAC5E,IAAI,CAAC,UAAU;QAAE,OAAO;IACxB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,IAAA,uCAAwB,GAAE,CAAC;QACzC,MAAM,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IACrC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,MAAM;YACb,GAAG,EAAE,2BAA2B;YAChC,UAAU;YACV,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC;SACnB,CAAC,CACH,CAAC;IACJ,CAAC;IACD,uEAAuE;IACvE,4DAA4D;IAC5D,KAAK,GAAG,CAAC;AACX,CAAC;AAED,KAAK,UAAU,uBAAuB,CACpC,GAAQ,EACR,QAAgB;IAEhB,MAAM,UAAU,GAAG,GAAG,CAAC,oBAAoB,CAAC;IAC5C,IAAI,CAAC,UAAU,IAAI,CAAC,QAAQ;QAAE,OAAO;IACrC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,gEAA6B,CAAC;YAC/C,MAAM,EAAE,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU;SACrD,CAAC,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,gEAA6B,CAAC;YAChC,UAAU,EAAE,UAAU;YACtB,QAAQ,EAAE,QAAQ;SACnB,CAAC,CACH,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,MAAM;YACb,GAAG,EAAE,+BAA+B;YACpC,QAAQ;YACR,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC;SACnB,CAAC,CACH,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAa,aAAa;IACxB,gDAAgD;IAChD,KAAK,CAAC,UAAU,CACd,QAAgB,EAChB,OAAgB,EAChB,IAAiB,EACjB,GAAQ;QAER,MAAM,MAAM,GACV,IAAA,qCAAmB,EAAC,IAAI,EAAE,QAAQ,CAAC;YACnC,IAAA,2BAAiB,EAAC,IAAI,EAAE,oBAAU,CAAC,UAAU,CAAC,CAAC;QACjD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACxF,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC;QAE3D,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,KAAK,GAAkC,EAAE,QAAQ,EAAE,CAAC;QAC1D,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC;YAC7C,KAAK;YACL,IAAI,EAAE,KAAK,GAAG,CAAC;YACf,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACtD,OAAO,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE;YACtB,MAAM,EAAE;gBACN,EAAE,EAAE,IAAI;gBACR,MAAM,EAAE,IAAI;gBACZ,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,IAAI;gBACd,SAAS,EAAE,IAAI;gBACf,YAAY,EAAE,IAAI;gBAClB,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE;aAC1D;SACF,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC;QACvC,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;QACzD,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAE9D,OAAO,YAAY,CAAC,GAAG,EAAE;YACvB,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACxB,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,YAAY,EAAE,CAAC,CAAC,YAAY;gBAC5B,IAAI,EAAE,CAAC,CAAC,IAAI;aACb,CAAC,CAAC;YACH,UAAU;SACX,CAAC,CAAC;IACL,CAAC;IAED,8DAA8D;IAC9D,KAAK,CAAC,eAAe,CACnB,QAAgB,EAChB,QAAgB,EAChB,OAAgB,EAChB,IAAiB,EACjB,GAAQ;QAER,MAAM,MAAM,GACV,IAAA,qCAAmB,EAAC,IAAI,EAAE,QAAQ,CAAC;YACnC,IAAA,2BAAiB,EAAC,IAAI,EAAE,oBAAU,CAAC,gBAAgB,CAAC,CAAC;QACvD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,EAAE,CAAC,EAAE,GAAG,wDAAa,KAAK,GAAC,CAAC;QAClC,IAAI,IAAa,CAAC;QAClB,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC;YACtB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;SAC3C,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,IAAI,cAAc,CAAC;YAC9D,MAAM,OAAO,GACX,OAAO,IAAI,KAAK,QAAQ;gBACxB,IAAI,KAAK,IAAI;gBACZ,IAA0B,CAAC,IAAI,KAAK,OAAO,CAAC;YAC/C,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,aAAa,CAClB,oCAAoC,EACpC,qBAAqB,QAAQ,qBAAqB,CACnD,CAAC;YACJ,CAAC;YACD,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,kBAAkB,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC;YAC7C,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE;YACjC,MAAM,EAAE;gBACN,EAAE,EAAE,IAAI;gBACR,MAAM,EAAE,IAAI;gBACZ,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,IAAI;gBACZ,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE;aACvC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YAC5B,OAAO,aAAa,CAClB,+BAA+B,EAC/B,qBAAqB,QAAQ,qBAAqB,CACnD,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE,CAAC;YACjE,OAAO,aAAa,CAClB,0BAA0B,EAC1B,qBAAqB,QAAQ,qBAAqB,CACnD,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACrC,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC;YAC3C,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE;YACxB,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAkB,EAAE;YAC9C,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;SAC7D,CAAC,CAAC;QAEH,MAAM,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAEnD,IAAA,4BAAe,EAAC;YACd,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,MAAM;YACxB,MAAM,EAAE,oBAAoB;YAC5B,UAAU,EAAE,QAAQ;YACpB,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,QAAQ,EAAE,EAAE,YAAY,EAAE,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,IAAI,EAAE;SAC/D,CAAC,CAAC;QAEH,OAAO,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,0EAA0E;IAC1E,KAAK,CAAC,YAAY,CAChB,QAAgB,EAChB,QAAgB,EAChB,IAAiB,EACjB,GAAQ;QAER,MAAM,MAAM,GACV,IAAA,qCAAmB,EAAC,IAAI,EAAE,QAAQ,CAAC;YACnC,IAAA,2BAAiB,EAAC,IAAI,EAAE,oBAAU,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,SAAS,CAAC;YAC7C,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE;YACjC,MAAM,EAAE;gBACN,EAAE,EAAE,IAAI;gBACR,MAAM,EAAE,IAAI;gBACZ,IAAI,EAAE,IAAI;gBACV,MAAM,EAAE,IAAI;gBACZ,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;aACpD;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YAC5B,OAAO,aAAa,CAClB,yBAAyB,EACzB,qBAAqB,QAAQ,qBAAqB,CACnD,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO,EAAE,CAAC;YACjE,OAAO,aAAa,CAClB,gCAAgC,EAChC,qBAAqB,QAAQ,qBAAqB,CACnD,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,KAAM,SAAuC,EAAE,CAAC;YAC/D,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC;YAC3B,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE;YACxB,IAAI,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE;SACnD,CAAC,CAAC;QAEH,MAAM,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACnD,MAAM,uBAAuB,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEtD,IAAA,4BAAe,EAAC;YACd,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,MAAM;YACxB,MAAM,EAAE,eAAe;YACvB,UAAU,EAAE,QAAQ;YACpB,QAAQ,EAAE,MAAM,CAAC,EAAE;YACnB,QAAQ,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE;SACpC,CAAC,CAAC;QAEH,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,mEAAmE;IACnE,KAAK,CAAC,uBAAuB,CAC3B,QAAgB,EAChB,OAAgB,EAChB,IAAiB,EACjB,GAAQ;QAER,MAAM,MAAM,GAAG,IAAA,qCAAmB,EAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO,IAAI,IAAI,CAAC,UAAU,KAAK,aAAa,EAAE,CAAC;YACrE,OAAO,YAAY,CAAC,GAAG,EAAE;gBACvB,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,+CAA+C;aACzD,CAAC,CAAC;QACL,CAAC;QAED,MAAM,EAAE,CAAC,EAAE,GAAG,wDAAa,KAAK,GAAC,CAAC;QAClC,IAAI,IAAa,CAAC;QAClB,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAC/E,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,YAAY,CAAC,GAAG,EAAE;gBACvB,KAAK,EAAE,kBAAkB;gBACzB,OAAO,EAAE,4BAA4B;aACtC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,cAAc,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;YAC/C,OAAO,YAAY,CAAC,GAAG,EAAE;gBACvB,KAAK,EAAE,kBAAkB;gBACzB,OAAO,EAAE,oCAAoC;aAC9C,CAAC,CAAC;QACL,CAAC;QAED,MAAM,EAAE,YAAY,EAAE,GAAG,wDAAa,UAAU,GAAC,CAAC;QAClD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;QAE7B,MAAM,MAAM,GAAG,MAAM,IAAA,sCAAiB,EAAC;YACrC,EAAE;YACF,QAAQ;YACR,kBAAkB,EAAE,IAAI,CAAC,MAAM;YAC/B,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc;SAC3C,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;YACf,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACzB,IAAI,IAAI,KAAK,YAAY,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;gBACjD,OAAO,YAAY,CAAC,GAAG,EAAE;oBACvB,KAAK,EAAE,WAAW;oBAClB,OAAO,EAAE,mDAAmD;iBAC7D,CAAC,CAAC;YACL,CAAC;YACD,IAAI,IAAI,KAAK,eAAe,EAAE,CAAC;gBAC7B,OAAO,YAAY,CAAC,GAAG,EAAE;oBACvB,KAAK,EAAE,kBAAkB;oBACzB,OAAO,EAAE,oCAAoC;iBAC9C,CAAC,CAAC;YACL,CAAC;YACD,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,qBAAqB,EAAE,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACtD,MAAM,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAEtD,IAAA,4BAAe,EAAC;YACd,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,MAAM;YACxB,MAAM,EAAE,2BAA2B;YACnC,UAAU,EAAE,QAAQ;YACpB,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,EAAE,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE;SACzD,CAAC,CAAC;QAEH,OAAO,YAAY,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;IACjF,CAAC;CACF;AA9SD,sCA8SC"}
@@ -0,0 +1,37 @@
1
+ /**
2
+ * Reserved tenant slugs — values that may not be used as a Tenant.slug.
3
+ *
4
+ * Categories:
5
+ * - Platform terms (paths reachable on api.skybber.com / app.skybber.com).
6
+ * - Brand-protection placeholders (top consumer brands and the trellis-org).
7
+ * - Generic legal / system terms.
8
+ *
9
+ * The list is conservative; expand over time. Slugs that pass {@link SLUG_REGEX}
10
+ * but appear in this set are rejected at tenant-creation time.
11
+ *
12
+ * See plans/mvp/10-trellis-stages/01-schema-migration.md §slug-reservation-list.
13
+ */
14
+ export declare const RESERVED_SLUGS: ReadonlySet<string>;
15
+ /**
16
+ * Validates the *format* of a tenant slug.
17
+ *
18
+ * Rules:
19
+ * - 3–40 characters.
20
+ * - Lowercase ASCII letters, digits, and hyphens only.
21
+ * - Must start and end with an alphanumeric character (no leading/trailing hyphens).
22
+ * - No two consecutive hyphens (avoids confusion with punycode `xn--`).
23
+ *
24
+ * The 40-char ceiling accommodates auto-generated personal-tenant slugs of
25
+ * the form `personal-{userId}` where userId is a 25-char cuid (T2 — JIT
26
+ * provisioning). User-claimed organization slugs typically stay well under
27
+ * the Cognito `tenantSlug` claim limit of 32 chars.
28
+ *
29
+ * Format-only — does not check the reserved list. Combine with
30
+ * {@link isReservedSlug} for the full admission test.
31
+ */
32
+ export declare const SLUG_REGEX: RegExp;
33
+ /** Returns true if `slug` exactly matches a reserved value (case-insensitive). */
34
+ export declare function isReservedSlug(slug: string): boolean;
35
+ /** Combined check: format + reservation. Returns null if valid, an error code otherwise. */
36
+ export declare function validateSlug(slug: string): "INVALID_FORMAT" | "RESERVED" | null;
37
+ //# sourceMappingURL=reserved-slugs.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"reserved-slugs.d.ts","sourceRoot":"","sources":["../../../src/lib/tenant/reserved-slugs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,eAAO,MAAM,cAAc,EAAE,WAAW,CAAC,MAAM,CAqE7C,CAAC;AAEH;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,UAAU,QAA8C,CAAC;AAEtE,kFAAkF;AAClF,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED,4FAA4F;AAC5F,wBAAgB,YAAY,CAC1B,IAAI,EAAE,MAAM,GACX,gBAAgB,GAAG,UAAU,GAAG,IAAI,CAItC"}
@@ -0,0 +1,116 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.SLUG_REGEX = exports.RESERVED_SLUGS = void 0;
4
+ exports.isReservedSlug = isReservedSlug;
5
+ exports.validateSlug = validateSlug;
6
+ /**
7
+ * Reserved tenant slugs — values that may not be used as a Tenant.slug.
8
+ *
9
+ * Categories:
10
+ * - Platform terms (paths reachable on api.skybber.com / app.skybber.com).
11
+ * - Brand-protection placeholders (top consumer brands and the trellis-org).
12
+ * - Generic legal / system terms.
13
+ *
14
+ * The list is conservative; expand over time. Slugs that pass {@link SLUG_REGEX}
15
+ * but appear in this set are rejected at tenant-creation time.
16
+ *
17
+ * See plans/mvp/10-trellis-stages/01-schema-migration.md §slug-reservation-list.
18
+ */
19
+ exports.RESERVED_SLUGS = new Set([
20
+ // Platform / routing terms
21
+ "admin",
22
+ "agent",
23
+ "agents",
24
+ "api",
25
+ "app",
26
+ "apps",
27
+ "auth",
28
+ "billing",
29
+ "cdn",
30
+ "console",
31
+ "dashboard",
32
+ "docs",
33
+ "help",
34
+ "login",
35
+ "logout",
36
+ "mail",
37
+ "media",
38
+ "oauth",
39
+ "openid",
40
+ "register",
41
+ "settings",
42
+ "signin",
43
+ "signup",
44
+ "sso",
45
+ "staff",
46
+ "static",
47
+ "status",
48
+ "support",
49
+ "system",
50
+ "team",
51
+ "test",
52
+ "tenant",
53
+ "tenants",
54
+ "user",
55
+ "users",
56
+ "well-known",
57
+ "www",
58
+ // Skybber / de otio / trellis specific
59
+ "deotio",
60
+ "de-otio",
61
+ "skybber",
62
+ "trellis",
63
+ // Top consumer brands (illustrative — extend as squatting attempts surface)
64
+ "amazon",
65
+ "apple",
66
+ "facebook",
67
+ "google",
68
+ "instagram",
69
+ "meta",
70
+ "microsoft",
71
+ "openai",
72
+ "twitter",
73
+ "whatsapp",
74
+ "youtube",
75
+ // Note: 1-char brand "x" is not listed — SLUG_REGEX enforces a 3-char minimum,
76
+ // so 1-char slugs are unclaimable by format anyway.
77
+ // Generic legal/product terms
78
+ "about",
79
+ "contact",
80
+ "legal",
81
+ "privacy",
82
+ "security",
83
+ "terms",
84
+ "tos",
85
+ ]);
86
+ /**
87
+ * Validates the *format* of a tenant slug.
88
+ *
89
+ * Rules:
90
+ * - 3–40 characters.
91
+ * - Lowercase ASCII letters, digits, and hyphens only.
92
+ * - Must start and end with an alphanumeric character (no leading/trailing hyphens).
93
+ * - No two consecutive hyphens (avoids confusion with punycode `xn--`).
94
+ *
95
+ * The 40-char ceiling accommodates auto-generated personal-tenant slugs of
96
+ * the form `personal-{userId}` where userId is a 25-char cuid (T2 — JIT
97
+ * provisioning). User-claimed organization slugs typically stay well under
98
+ * the Cognito `tenantSlug` claim limit of 32 chars.
99
+ *
100
+ * Format-only — does not check the reserved list. Combine with
101
+ * {@link isReservedSlug} for the full admission test.
102
+ */
103
+ exports.SLUG_REGEX = /^(?!.*--)[a-z0-9][a-z0-9-]{1,38}[a-z0-9]$/;
104
+ /** Returns true if `slug` exactly matches a reserved value (case-insensitive). */
105
+ function isReservedSlug(slug) {
106
+ return exports.RESERVED_SLUGS.has(slug.toLowerCase());
107
+ }
108
+ /** Combined check: format + reservation. Returns null if valid, an error code otherwise. */
109
+ function validateSlug(slug) {
110
+ if (!exports.SLUG_REGEX.test(slug))
111
+ return "INVALID_FORMAT";
112
+ if (isReservedSlug(slug))
113
+ return "RESERVED";
114
+ return null;
115
+ }
116
+ //# sourceMappingURL=reserved-slugs.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"reserved-slugs.js","sourceRoot":"","sources":["../../../src/lib/tenant/reserved-slugs.ts"],"names":[],"mappings":";;;AAwGA,wCAEC;AAGD,oCAMC;AAnHD;;;;;;;;;;;;GAYG;AACU,QAAA,cAAc,GAAwB,IAAI,GAAG,CAAC;IACzD,2BAA2B;IAC3B,OAAO;IACP,OAAO;IACP,QAAQ;IACR,KAAK;IACL,KAAK;IACL,MAAM;IACN,MAAM;IACN,SAAS;IACT,KAAK;IACL,SAAS;IACT,WAAW;IACX,MAAM;IACN,MAAM;IACN,OAAO;IACP,QAAQ;IACR,MAAM;IACN,OAAO;IACP,OAAO;IACP,QAAQ;IACR,UAAU;IACV,UAAU;IACV,QAAQ;IACR,QAAQ;IACR,KAAK;IACL,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,MAAM;IACN,MAAM;IACN,QAAQ;IACR,SAAS;IACT,MAAM;IACN,OAAO;IACP,YAAY;IACZ,KAAK;IAEL,uCAAuC;IACvC,QAAQ;IACR,SAAS;IACT,SAAS;IACT,SAAS;IAET,4EAA4E;IAC5E,QAAQ;IACR,OAAO;IACP,UAAU;IACV,QAAQ;IACR,WAAW;IACX,MAAM;IACN,WAAW;IACX,QAAQ;IACR,SAAS;IACT,UAAU;IACV,SAAS;IACT,+EAA+E;IAC/E,oDAAoD;IAEpD,8BAA8B;IAC9B,OAAO;IACP,SAAS;IACT,OAAO;IACP,SAAS;IACT,UAAU;IACV,OAAO;IACP,KAAK;CACN,CAAC,CAAC;AAEH;;;;;;;;;;;;;;;;GAgBG;AACU,QAAA,UAAU,GAAG,2CAA2C,CAAC;AAEtE,kFAAkF;AAClF,SAAgB,cAAc,CAAC,IAAY;IACzC,OAAO,sBAAc,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;AAChD,CAAC;AAED,4FAA4F;AAC5F,SAAgB,YAAY,CAC1B,IAAY;IAEZ,IAAI,CAAC,kBAAU,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,gBAAgB,CAAC;IACpD,IAAI,cAAc,CAAC,IAAI,CAAC;QAAE,OAAO,UAAU,CAAC;IAC5C,OAAO,IAAI,CAAC;AACd,CAAC"}