@factiii/stack 0.1.2

package/dist/cli/scan.js

@@ -0,0 +1,511 @@
+"use strict";
+/**
+ * Scan Command
+ *
+ * Runs scan side of all plugin fixes.
+ * Returns problems found (which are the fixes that need to run).
+ *
+ * Usage:
+ *   npx factiii scan           # Scan all stages
+ *   npx factiii scan --dev     # Scan dev only
+ *   npx factiii scan --staging # Scan staging only
+ *   npx factiii scan --prod    # Scan prod only
+ *
+ * ============================================================
+ * STAGE EXECUTION PATTERN - DO NOT MODIFY WITHOUT READING
+ * ============================================================
+ *
+ * How this works:
+ *
+ * 1. User specifies stage: --dev, --secrets, --staging, --prod
+ *    Or no flag = all stages in order
+ *
+ * 2. This file groups all plugin fixes by their stage property
+ *
+ * 3. For each requested stage, asks PIPELINE PLUGIN: canReach(stage)?
+ *    - { reachable: true, via: 'local' } → run fixes locally
+ *    - { reachable: true, via: 'workflow' } → pipeline triggers workflow
+ *    - { reachable: false, reason: '...' } → show error, stop
+ *
+ * CRITICAL: This file does NOT know about:
+ *   - GITHUB_TOKEN (that's pipeline plugin's concern)
+ *   - SSH keys (that's pipeline plugin's concern)
+ *   - How to trigger workflows (that's pipeline plugin's concern)
+ *
+ * This file ONLY:
+ *   - Collects fixes from all plugins
+ *   - Groups them by stage
+ *   - Asks pipeline if each stage is reachable
+ *   - Runs fixes for reachable stages
+ *
+ * This keeps scan.ts compatible with ANY pipeline plugin.
+ *
+ * ============================================================
+ * FOR PIPELINE PLUGIN AUTHORS:
+ * ============================================================
+ *
+ * When your workflow/CI SSHs to a server, you MUST call the
+ * command with the specific stage flag:
+ *
+ *   npx factiii fix --staging    # NOT just "npx factiii fix"
+ *   npx factiii scan --prod      # NOT just "npx factiii scan"
+ *
+ * Without the stage flag, the command will try to run ALL stages
+ * and may try to trigger workflows for stages it can't reach.
+ *
+ * Your canReach() should return 'local' when running on the
+ * target server (e.g., check GITHUB_ACTIONS or CI env vars).
+ *
+ * ============================================================
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.scan = scan;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const child_process_1 = require("child_process");
+const js_yaml_1 = __importDefault(require("js-yaml"));
+const index_js_1 = require("../plugins/index.js");
+const config_helpers_js_1 = require("../utils/config-helpers.js");
+/**
+ * Load relevant plugins based on config
+ */
+async function loadPlugins(rootDir) {
+    const config = loadConfig(rootDir);
+    // If no config exists, tell user to run init
+    if (!config || Object.keys(config).length === 0) {
+        const configPath = path.join(rootDir, 'factiii.yml');
+        if (fs.existsSync(configPath)) {
+            const content = fs.readFileSync(configPath, 'utf8');
+            if (!content || content.trim().length === 0) {
+                console.error('\n[ERROR] factiii.yml is empty.');
+                console.error('   Run: npx factiii init --force\n');
+            }
+            else {
+                console.error('\n[ERROR] factiii.yml contains no valid configuration.');
+                console.error('   Check your YAML syntax or run: npx factiii init --force\n');
+            }
+        }
+        else {
+            console.error('\n[ERROR] No factiii.yml found.');
+            console.error('   Run: npx factiii init\n');
+        }
+        process.exit(1);
+    }
+    return (await (0, index_js_1.loadRelevantPlugins)(rootDir, config));
+}
+/**
+ * Load config from factiii.yml
+ */
+function loadConfig(rootDir) {
+    const configPath = path.join(rootDir, 'factiii.yml');
+    if (!fs.existsSync(configPath)) {
+        return {};
+    }
+    try {
+        return js_yaml_1.default.load(fs.readFileSync(configPath, 'utf8')) ?? {};
+    }
+    catch (e) {
+        const errorMessage = e instanceof Error ? e.message : String(e);
+        console.error('[!] Error parsing factiii.yml: ' + errorMessage);
+        return {};
+    }
+}
+/**
+ * Generate env var fixes from plugin requiredEnvVars
+ */
+function generateEnvVarFixes(plugin, rootDir, _config) {
+    const fixes = [];
+    for (const varName of plugin.requiredEnvVars ?? []) {
+        // Check .env.example has the var
+        fixes.push({
+            id: 'missing-env-example-' + varName.toLowerCase(),
+            stage: 'dev',
+            severity: 'critical',
+            description: varName + ' not found in .env.example',
+            plugin: plugin.id,
+            scan: async () => {
+                const envPath = path.join(rootDir, '.env.example');
+                if (!fs.existsSync(envPath))
+                    return true;
+                const content = fs.readFileSync(envPath, 'utf8');
+                return !content.includes(varName + '=');
+            },
+            fix: null,
+            manualFix: 'Add ' + varName + '=your_value to .env.example (format: KEY=value, one per line)',
+        });
+        // Check .env.staging has the var (only if staging environment is defined)
+        fixes.push({
+            id: 'missing-env-staging-' + varName.toLowerCase(),
+            stage: 'staging',
+            severity: 'critical',
+            description: varName + ' not found in .env.staging',
+            plugin: plugin.id,
+            scan: async (config) => {
+                // Only check if staging environment is defined in config
+                const hasStagingEnv = config?.environments?.staging;
+                if (!hasStagingEnv)
+                    return false; // Skip check if staging not configured
+                const envPath = path.join(rootDir, '.env.staging');
+                if (!fs.existsSync(envPath))
+                    return true;
+                const content = fs.readFileSync(envPath, 'utf8');
+                return !content.includes(varName + '=');
+            },
+            fix: null,
+            manualFix: 'Add ' + varName + '=staging_value to .env.staging (use your staging environment value)',
+        });
+        // Check .env.prod has the var (only if prod environment is defined)
+        fixes.push({
+            id: 'missing-env-prod-' + varName.toLowerCase(),
+            stage: 'prod',
+            severity: 'critical',
+            description: varName + ' not found in .env.prod',
+            plugin: plugin.id,
+            scan: async (config) => {
+                // Only check if prod environment is defined in config
+                const hasProdEnv = config?.environments?.prod || config?.environments?.production;
+                if (!hasProdEnv)
+                    return false; // Skip check if prod not configured
+                const envPath = path.join(rootDir, '.env.prod');
+                if (!fs.existsSync(envPath))
+                    return true;
+                const content = fs.readFileSync(envPath, 'utf8');
+                return !content.includes(varName + '=');
+            },
+            fix: null,
+            manualFix: 'Add ' + varName + '=production_value to .env.prod (use your production environment value)',
+        });
+    }
+    return fixes;
+}
+/**
+ * Get status icon and label for a stage based on reachability and problems
+ */
+function getStageStatus(stage, reach, problemCount) {
+    // Stage is not reachable
+    if (reach && !reach.reachable) {
+        return {
+            icon: '[X]',
+            label: 'Cannot reach',
+            detail: reach.reason,
+        };
+    }
+    // Stage is reachable remotely (pipeline handles it)
+    if (reach && reach.reachable && reach.via !== 'local') {
+        return {
+            icon: '[~]',
+            label: 'Via ' + reach.via,
+            detail: 'Handled by pipeline plugin',
+        };
+    }
+    // Stage is directly reachable (local)
+    if (problemCount === 0) {
+        return {
+            icon: '[OK]',
+            label: 'Ready',
+            detail: 'local',
+        };
+    }
+    else {
+        return {
+            icon: '[X]',
+            label: problemCount + ' issue' + (problemCount > 1 ? 's' : ''),
+            detail: 'local',
+        };
+    }
+}
+/**
+ * Display problems grouped by stage with clear pipeline status
+ */
+function displayProblems(problems, reachability, options = {}) {
+    if (options.silent)
+        return;
+    const stages = ['dev', 'secrets', 'staging', 'prod'];
+    let totalProblems = 0;
+    const unreachableStages = [];
+    // Count total problems (only for locally-scanned stages)
+    for (const stage of stages) {
+        if (reachability[stage]) {
+            const stageProblems = problems[stage] ?? [];
+            const reach = reachability[stage];
+            if (reach?.reachable && reach.via === 'local') {
+                totalProblems += stageProblems.length;
+            }
+        }
+    }
+    // Header
+    console.log('\nPIPELINE STATUS\n');
+    // Stage status overview
+    for (const stage of stages) {
+        const reach = reachability[stage];
+        if (!reach)
+            continue; // Stage wasn't checked
+        const problemCount = problems[stage]?.length ?? 0;
+        const status = getStageStatus(stage, reach, problemCount);
+        // Format: [STAGE]     icon Status (detail)
+        const stageLabel = ('[' + stage.toUpperCase() + ']').padEnd(10);
+        const statusLine = stageLabel + ' ' + status.icon + ' ' + status.label;
+        if (status.detail && status.label !== 'Cannot reach') {
+            console.log(statusLine + ' (' + status.detail + ')');
+        }
+        else {
+            console.log(statusLine);
+        }
+        // Track unreachable stages for blockers section
+        if (!reach.reachable) {
+            unreachableStages.push({ stage, reason: reach.reason });
+        }
+    }
+    // Blockers section (only if there are unreachable stages)
+    if (unreachableStages.length > 0) {
+        console.log('\n' + '-'.repeat(60));
+        console.log('BLOCKERS');
+        console.log('-'.repeat(60) + '\n');
+        for (const { stage, reason } of unreachableStages) {
+            console.log('[ERROR] ' + stage.toUpperCase() + ' unreachable: ' + reason);
+            // Provide smart hints based on the actual reason
+            if (reason.includes('vault_path')) {
+                console.log('   Hint: Add ansible config to factiii.yml:');
+                console.log('         ansible:');
+                console.log('           vault_path: group_vars/all/vault.yml');
+                console.log('           vault_password_file: ~/.vault_pass');
+            }
+            else if (reason.includes('Vault password')) {
+                console.log('   Hint: Create vault password file or set ANSIBLE_VAULT_PASSWORD env var');
+            }
+            else if (reason.includes('SSH key')) {
+                console.log('   Hint: Run: npx factiii secrets write-ssh-keys');
+            }
+            else if (reason.includes('GITHUB_TOKEN')) {
+                console.log('   Hint: Run: export GITHUB_TOKEN=your_token');
+            }
+        }
+    }
+    // Issues section (only if there are problems)
+    if (totalProblems > 0) {
+        console.log('\n' + '-'.repeat(60));
+        console.log('ISSUES BY STAGE');
+        console.log('-'.repeat(60) + '\n');
+        for (const stage of stages) {
+            const reach = reachability[stage];
+            if (!reach)
+                continue;
+            const stageProblems = problems[stage] ?? [];
+            // Skip stages not scanned locally
+            if (!reach.reachable || reach.via !== 'local') {
+                continue;
+            }
+            if (stageProblems.length > 0) {
+                console.log(stage.toUpperCase() + ':');
+                for (const problem of stageProblems) {
+                    const icon = problem.fix ? '[fix]' : '[man]';
+                    const autoFix = problem.fix ? '(auto-fixable)' : '(manual)';
+                    console.log('  ' + icon + ' ' + problem.description + ' ' + autoFix);
+                }
+                console.log('');
+            }
+        }
+    }
+    // Summary
+    console.log('-'.repeat(60));
+    if (totalProblems === 0 && unreachableStages.length === 0) {
+        console.log('[OK] All checks passed!\n');
+    }
+    else if (totalProblems === 0 && unreachableStages.length > 0) {
+        console.log('[!] Some stages cannot be reached. Fix blockers above.\n');
+    }
+    else {
+        console.log('Found ' + totalProblems + ' issue' + (totalProblems > 1 ? 's' : '') + '.');
+        console.log('Hint: Run: npx factiii fix\n');
+    }
+}
+/**
+ * Get pipeline plugin from loaded plugins
+ */
+function getPipelinePlugin(plugins) {
+    return plugins.find((p) => p.category === 'pipeline');
+}
+/**
+ * Main scan function
+ */
+async function scan(options = {}) {
+    const rootDir = options.rootDir ?? process.cwd();
+    const config = loadConfig(rootDir);
+    // If commit hash provided, verify we're scanning the right code
+    if (options.commit) {
+        try {
+            const currentCommit = (0, child_process_1.execSync)('git rev-parse HEAD', {
+                cwd: rootDir,
+                encoding: 'utf8',
+            }).trim();
+            if (!options.silent) {
+                console.log('Scanning commit: ' + options.commit.substring(0, 7));
+            }
+            if (currentCommit !== options.commit) {
+                console.warn('[!] Warning: Expected commit ' + options.commit.substring(0, 7) + ' but found ' + currentCommit.substring(0, 7));
+            }
+        }
+        catch {
+            // Not a git repo or git not available, skip verification
+        }
+    }
+    // Determine which stages to scan
+    let stages = ['dev', 'secrets', 'staging', 'prod'];
+    if (options.dev)
+        stages = ['dev'];
+    else if (options.secrets)
+        stages = ['secrets'];
+    else if (options.staging)
+        stages = ['staging'];
+    else if (options.prod)
+        stages = ['prod'];
+    else if (options.stages)
+        stages = options.stages;
+    // Load all plugins
+    const plugins = await loadPlugins(rootDir);
+    // Get pipeline plugin to check reachability
+    const pipelinePlugin = getPipelinePlugin(plugins);
+    // Check reachability for each stage
+    // Separate local vs remote stages — pipeline plugin handles remote
+    const reachability = {};
+    const localStages = [];
+    const remoteStages = [];
+    for (const stage of stages) {
+        if (pipelinePlugin && typeof pipelinePlugin.canReach === 'function') {
+            reachability[stage] = pipelinePlugin.canReach(stage, config);
+            if (reachability[stage]?.reachable) {
+                if (reachability[stage].via === 'local') {
+                    localStages.push(stage);
+                }
+                else {
+                    remoteStages.push(stage);
+                }
+            }
+        }
+        else {
+            // No pipeline plugin or no canReach method - assume all reachable locally
+            reachability[stage] = { reachable: true, via: 'local' };
+            localStages.push(stage);
+        }
+    }
+    // Collect all fixes from all plugins
+    const allFixes = [];
+    for (const plugin of plugins) {
+        // Add plugin fixes
+        for (const fix of plugin.fixes ?? []) {
+            allFixes.push({ ...fix, plugin: plugin.id });
+        }
+        // Add auto-generated env var fixes
+        const envFixes = generateEnvVarFixes(plugin, rootDir, config);
+        allFixes.push(...envFixes);
+    }
+    // Run scan() for each fix, collect problems found
+    const problems = {
+        dev: [],
+        secrets: [],
+        staging: [],
+        prod: [],
+    };
+    if (!options.silent) {
+        console.log('Scanning...\n');
+    }
+    // Get target server OS for each stage (for OS filtering)
+    const environments = (0, config_helpers_js_1.extractEnvironments)(config);
+    const stageToOS = {};
+    for (const [name, env] of Object.entries(environments)) {
+        // Map environment names to stages
+        if (name.startsWith('staging') || name.startsWith('stage-')) {
+            stageToOS['staging'] = env.server;
+        }
+        else if (name.startsWith('prod') || name === 'production') {
+            stageToOS['prod'] = env.server;
+        }
+    }
+    for (const fix of allFixes) {
+        // Skip if stage not in local stages
+        if (!localStages.includes(fix.stage))
+            continue;
+        // OS filtering: Skip fixes that don't match the target OS
+        if (fix.os) {
+            const targetOS = stageToOS[fix.stage];
+            if (targetOS) {
+                const fixOSList = Array.isArray(fix.os) ? fix.os : [fix.os];
+                if (!fixOSList.includes(targetOS)) {
+                    continue; // Skip this fix - OS doesn't match
+                }
+            }
+        }
+        const startTime = performance.now();
+        try {
+            // Run the scan function
+            const hasProblem = await fix.scan(config, rootDir);
+            const duration = performance.now() - startTime;
+            // Log timing for slow checks (> 500ms)
+            if (duration > 500 && !options.silent) {
+                console.log('   [' + duration.toFixed(0) + 'ms] ' + fix.id);
+            }
+            if (hasProblem) {
+                problems[fix.stage].push(fix);
+            }
+        }
+        catch (e) {
+            // Scan failed - treat as problem
+            if (!options.silent) {
+                const errorMessage = e instanceof Error ? e.message : String(e);
+                console.log('  [!] Error scanning ' + fix.id + ': ' + errorMessage);
+            }
+        }
+    }
+    // Remote stages: delegate to pipeline plugin
+    if (remoteStages.length > 0 && !options.silent) {
+        const PipelineClass = pipelinePlugin;
+        if (PipelineClass) {
+            const pipeline = new PipelineClass(config);
+            for (const stage of remoteStages) {
+                await pipeline.scanStage(stage, {});
+            }
+        }
+    }
+    // Display problems grouped by stage
+    displayProblems(problems, reachability, options);
+    // Return the fixes needed (problems found)
+    return problems;
+}
+exports.default = scan;
+//# sourceMappingURL=scan.js.map

package/dist/cli/scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.js","sourceRoot":"","sources":["../../src/cli/scan.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0DG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAmUH,oBA2JC;AA5dD,uCAAyB;AACzB,2CAA6B;AAC7B,iDAAyC;AACzC,sDAA2B;AAE3B,kDAA0D;AAE1D,kEAAiE;AAuBjE;;GAEG;AACH,KAAK,UAAU,WAAW,CAAC,OAAe;IACxC,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IAEnC,6CAA6C;IAC7C,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACrD,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YACpD,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC5C,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;gBACjD,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;gBACxE,OAAO,CAAC,KAAK,CAAC,8DAA8D,CAAC,CAAC;YAChF,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACjD,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC9C,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,MAAM,IAAA,8BAAmB,EAAC,OAAO,EAAE,MAAM,CAAC,CAA6B,CAAC;AAClF,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,OAAe;IACjC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAErD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,OAAO,EAAmB,CAAC;IAC7B,CAAC;IAED,IAAI,CAAC;QACH,OAAQ,iBAAI,CAAC,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAmB,IAAK,EAAoB,CAAC;IACpG,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,YAAY,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAChE,OAAO,CAAC,KAAK,CAAC,iCAAiC,GAAG,YAAY,CAAC,CAAC;QAChE,OAAO,EAAmB,CAAC;IAC7B,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAC1B,MAAmB,EACnB,OAAe,EACf,OAAsB;IAEtB,MAAM,KAAK,GAAU,EAAE,CAAC;IAExB,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,eAAe,IAAI,EAAE,EAAE,CAAC;QACnD,iCAAiC;QACjC,KAAK,CAAC,IAAI,CAAC;YACT,EAAE,EAAE,sBAAsB,GAAG,OAAO,CAAC,WAAW,EAAE;YAClD,KAAK,EAAE,KAAK;YACZ,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,OAAO,GAAG,4BAA4B;YACnD,MAAM,EAAE,MAAM,CAAC,EAAE;YACjB,IAAI,EAAE,KAAK,IAAsB,EAAE;gBACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;gBACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACzC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBACjD,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,GAAG,GAAG,CAAC,CAAC;YAC1C,CAAC;YACD,GAAG,EAAE,IAAI;YACT,SAAS,EAAE,MAAM,GAAG,OAAO,GAAG,+DAA+D;SAC9F,CAAC,CAAC;QAEH,0EAA0E;QAC1E,KAAK,CAAC,IAAI,CAAC;YACT,EAAE,EAAE,sBAAsB,GAAG,OAAO,CAAC,WAAW,EAAE;YAClD,KAAK,EAAE,SAAS;YAChB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,OAAO,GAAG,4BAA4B;YACnD,MAAM,EAAE,MAAM,CAAC,EAAE;YACjB,IAAI,EAAE,KAAK,EAAE,MAAqB,EAAoB,EAAE;gBACtD,yDAAyD;gBACzD,MAAM,aAAa,GAAG,MAAM,EAAE,YAAY,EAAE,OAAO,CAAC;gBACpD,IAAI,CAAC,aAAa;oBAAE,OAAO,KAAK,CAAC,CAAC,uCAAuC;gBAEzE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;gBACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACzC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBACjD,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,GAAG,GAAG,CAAC,CAAC;YAC1C,CAAC;YACD,GAAG,EAAE,IAAI;YACT,SAAS,EAAE,MAAM,GAAG,OAAO,GAAG,qEAAqE;SACpG,CAAC,CAAC;QAEH,oEAAoE;QACpE,KAAK,CAAC,IAAI,CAAC;YACT,EAAE,EAAE,mBAAmB,GAAG,OAAO,CAAC,WAAW,EAAE;YAC/C,KAAK,EAAE,MAAM;YACb,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,OAAO,GAAG,yBAAyB;YAChD,MAAM,EAAE,MAAM,CAAC,EAAE;YACjB,IAAI,EAAE,KAAK,EAAE,MAAqB,EAAoB,EAAE;gBACtD,sDAAsD;gBACtD,MAAM,UAAU,GAAG,MAAM,EAAE,YAAY,EAAE,IAAI,IAAI,MAAM,EAAE,YAAY,EAAE,UAAU,CAAC;gBAClF,IAAI,CAAC,UAAU;oBAAE,OAAO,KAAK,CAAC,CAAC,oCAAoC;gBAEnE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;gBAChD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACzC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBACjD,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,GAAG,GAAG,CAAC,CAAC;YAC1C,CAAC;YACD,GAAG,EAAE,IAAI;YACT,SAAS,EAAE,MAAM,GAAG,OAAO,GAAG,wEAAwE;SACvG,CAAC,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CACrB,KAAY,EACZ,KAA+B,EAC/B,YAAoB;IAEpB,yBAAyB;IACzB,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QAC9B,OAAO;YACL,IAAI,EAAE,KAAK;YACX,KAAK,EAAE,cAAc;YACrB,MAAM,EAAE,KAAK,CAAC,MAAM;SACrB,CAAC;IACJ,CAAC;IAED,oDAAoD;IACpD,IAAI,KAAK,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,GAAG,KAAK,OAAO,EAAE,CAAC;QACtD,OAAO;YACL,IAAI,EAAE,KAAK;YACX,KAAK,EAAE,MAAM,GAAG,KAAK,CAAC,GAAG;YACzB,MAAM,EAAE,4BAA4B;SACrC,CAAC;IACJ,CAAC;IAED,sCAAsC;IACtC,IAAI,YAAY,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,OAAO;YACd,MAAM,EAAE,OAAO;SAChB,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,OAAO;YACL,IAAI,EAAE,KAAK;YACX,KAAK,EAAE,YAAY,GAAG,QAAQ,GAAG,CAAC,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9D,MAAM,EAAE,OAAO;SAChB,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CACtB,QAAsB,EACtB,YAA0C,EAC1C,UAAuB,EAAE;IAEzB,IAAI,OAAO,CAAC,MAAM;QAAE,OAAO;IAE3B,MAAM,MAAM,GAAY,CAAC,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,MAAM,iBAAiB,GAAuC,EAAE,CAAC;IAEjE,yDAAyD;IACzD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;YAC5C,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;YAClC,IAAI,KAAK,EAAE,SAAS,IAAI,KAAK,CAAC,GAAG,KAAK,OAAO,EAAE,CAAC;gBAC9C,aAAa,IAAI,aAAa,CAAC,MAAM,CAAC;YACxC,CAAC;QACH,CAAC;IACH,CAAC;IAED,SAAS;IACT,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IAEnC,wBAAwB;IACxB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK;YAAE,SAAS,CAAC,uBAAuB;QAE7C,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,IAAI,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,cAAc,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;QAE1D,2CAA2C;QAC3C,MAAM,UAAU,GAAG,CAAC,GAAG,GAAG,KAAK,CAAC,WAAW,EAAE,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAChE,MAAM,UAAU,GAAG,UAAU,GAAG,GAAG,GAAG,MAAM,CAAC,IAAI,GAAG,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC;QAEvE,IAAI,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,KAAK,KAAK,cAAc,EAAE,CAAC;YACrD,OAAO,CAAC,GAAG,CAAC,UAAU,GAAG,IAAI,GAAG,MAAM,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC;QACvD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC1B,CAAC;QAED,gDAAgD;QAChD,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACrB,iBAAiB,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,0DAA0D;IAC1D,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QAEnC,KAAK,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,iBAAiB,EAAE,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,UAAU,GAAG,KAAK,CAAC,WAAW,EAAE,GAAG,gBAAgB,GAAG,MAAM,CAAC,CAAC;YAE1E,iDAAiD;YACjD,IAAI,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;gBAC3D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;gBAC/D,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;YAC/D,CAAC;iBAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAC7C,OAAO,CAAC,GAAG,CAAC,2EAA2E,CAAC,CAAC;YAC3F,CAAC;iBAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;YAClE,CAAC;iBAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;gBAC3C,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;IAED,8CAA8C;IAC9C,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QAEnC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;YAClC,IAAI,CAAC,KAAK;gBAAE,SAAS;YAErB,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;YAE5C,kCAAkC;YAClC,IAAI,CAAC,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,GAAG,KAAK,OAAO,EAAE,CAAC;gBAC9C,SAAS;YACX,CAAC;YAED,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG,GAAG,CAAC,CAAC;gBACvC,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;oBACpC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;oBAC7C,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,CAAC;oBAC5D,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAI,GAAG,GAAG,GAAG,OAAO,CAAC,WAAW,GAAG,GAAG,GAAG,OAAO,CAAC,CAAC;gBACvE,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;IACH,CAAC;IAED,UAAU;IACV,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,IAAI,aAAa,KAAK,CAAC,IAAI,iBAAiB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAC3C,CAAC;SAAM,IAAI,aAAa,KAAK,CAAC,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/D,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;IAC1E,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,aAAa,GAAG,QAAQ,GAAG,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;QACxF,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;IAC9C,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAAsB;IAC/C,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;AACxD,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,IAAI,CAAC,UAAuB,EAAE;IAClD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;IACjD,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IAEnC,gEAAgE;IAChE,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,IAAA,wBAAQ,EAAC,oBAAoB,EAAE;gBACnD,GAAG,EAAE,OAAO;gBACZ,QAAQ,EAAE,MAAM;aACjB,CAAC,CAAC,IAAI,EAAE,CAAC;YAEV,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACpE,CAAC;YAED,IAAI,aAAa,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC;gBACrC,OAAO,CAAC,IAAI,CACV,+BAA+B,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,aAAa,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CACjH,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,yDAAyD;QAC3D,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,IAAI,MAAM,GAAY,CAAC,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IAC5D,IAAI,OAAO,CAAC,GAAG;QAAE,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC;SAC7B,IAAI,OAAO,CAAC,OAAO;QAAE,MAAM,GAAG,CAAC,SAAS,CAAC,CAAC;SAC1C,IAAI,OAAO,CAAC,OAAO;QAAE,MAAM,GAAG,CAAC,SAAS,CAAC,CAAC;SAC1C,IAAI,OAAO,CAAC,IAAI;QAAE,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC;SACpC,IAAI,OAAO,CAAC,MAAM;QAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAEjD,mBAAmB;IACnB,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;IAE3C,4CAA4C;IAC5C,MAAM,cAAc,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAElD,oCAAoC;IACpC,mEAAmE;IACnE,MAAM,YAAY,GAAiC,EAAE,CAAC;IACtD,MAAM,WAAW,GAAY,EAAE,CAAC;IAChC,MAAM,YAAY,GAAY,EAAE,CAAC;IAEjC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,cAAc,IAAI,OAAO,cAAc,CAAC,QAAQ,KAAK,UAAU,EAAE,CAAC;YACpE,YAAY,CAAC,KAAK,CAAC,GAAG,cAAc,CAAC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAE7D,IAAI,YAAY,CAAC,KAAK,CAAC,EAAE,SAAS,EAAE,CAAC;gBACnC,IAAI,YAAY,CAAC,KAAK,CAAE,CAAC,GAAG,KAAK,OAAO,EAAE,CAAC;oBACzC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,0EAA0E;YAC1E,YAAY,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;YACxD,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,MAAM,QAAQ,GAAU,EAAE,CAAC;IAC3B,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,mBAAmB;QACnB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;YACrC,QAAQ,CAAC,IAAI,CAAC,EAAE,GAAG,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/C,CAAC;QAED,mCAAmC;QACnC,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAC9D,QAAQ,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC7B,CAAC;IAED,kDAAkD;IAClD,MAAM,QAAQ,GAAiB;QAC7B,GAAG,EAAE,EAAE;QACP,OAAO,EAAE,EAAE;QACX,OAAO,EAAE,EAAE;QACX,IAAI,EAAE,EAAE;KACT,CAAC;IAEF,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAC/B,CAAC;IAED,yDAAyD;IACzD,MAAM,YAAY,GAAG,IAAA,uCAAmB,EAAC,MAAM,CAAC,CAAC;IACjD,MAAM,SAAS,GAAyC,EAAE,CAAC;IAC3D,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QACvD,kCAAkC;QAClC,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5D,SAAS,CAAC,SAAS,CAAC,GAAG,GAAG,CAAC,MAA8B,CAAC;QAC5D,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YAC5D,SAAS,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,MAA8B,CAAC;QACzD,CAAC;IACH,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,oCAAoC;QACpC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,SAAS;QAE/C,0DAA0D;QAC1D,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC;YACX,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACtC,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC5D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAClC,SAAS,CAAC,mCAAmC;gBAC/C,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QACpC,IAAI,CAAC;YACH,wBAAwB;YACxB,MAAM,UAAU,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAE/C,uCAAuC;YACvC,IAAI,QAAQ,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CAAC,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,MAAM,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;YAC9D,CAAC;YAED,IAAI,UAAU,EAAE,CAAC;gBACf,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,iCAAiC;YACjC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,YAAY,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBAChE,OAAO,CAAC,GAAG,CAAC,uBAAuB,GAAG,GAAG,CAAC,EAAE,GAAG,IAAI,GAAG,YAAY,CAAC,CAAC;YACtE,CAAC;QACH,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QAC/C,MAAM,aAAa,GAAG,cAAgD,CAAC;QACvE,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,QAAQ,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,CAAC;YAC3C,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;gBACjC,MAAM,QAAQ,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;IACH,CAAC;IAED,oCAAoC;IACpC,eAAe,CAAC,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;IAEjD,2CAA2C;IAC3C,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,kBAAe,IAAI,CAAC"}

package/dist/cli/secrets.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Secrets Command
+ *
+ * Manages secrets via Ansible Vault.
+ *
+ * Actions:
+ *   list       - List all secrets (SSH keys + env vars)
+ *   set        - Set a secret (SSH keys, AWS credentials)
+ *   check      - Check if secrets exist
+ *   set-env    - Set environment variable for a stage
+ *   list-env   - List environment variable keys for a stage
+ *   deploy     - Deploy secrets to staging/prod servers
+ *   write-ssh-keys - Write SSH keys to ~/.ssh/ (for workflows)
+ */
+import type { SecretsOptions } from '../types/index.js';
+export type SecretsAction = 'list' | 'set' | 'check' | 'set-env' | 'list-env' | 'deploy' | 'write-ssh-keys';
+export declare function secrets(action: SecretsAction, secretName?: string, options?: SecretsOptions): Promise<void>;
+export default secrets;
+//# sourceMappingURL=secrets.d.ts.map

package/dist/cli/secrets.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../src/cli/secrets.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AASH,OAAO,KAAK,EAAE,cAAc,EAAiB,MAAM,mBAAmB,CAAC;AAEvE,MAAM,MAAM,aAAa,GACrB,MAAM,GACN,KAAK,GACL,OAAO,GACP,SAAS,GACT,UAAU,GACV,QAAQ,GACR,gBAAgB,CAAC;AA+BrB,wBAAsB,OAAO,CAC3B,MAAM,EAAE,aAAa,EACrB,UAAU,CAAC,EAAE,MAAM,EACnB,OAAO,GAAE,cAAmB,GAC3B,OAAO,CAAC,IAAI,CAAC,CAwPf;AAED,eAAe,OAAO,CAAC"}