npm - @floracodex/nestjs-secrets - Versions diffs - 1.0.0-rc.1 - Mend

@floracodex/nestjs-secrets 1.0.0-rc.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/LICENSE +21 -0
package/README.md +96 -0
package/dist/index.d.ts +5 -0
package/dist/index.js +22 -0
package/dist/index.js.map +1 -0
package/dist/interfaces/secrets-loader-options.interface.d.ts +12 -0
package/dist/interfaces/secrets-loader-options.interface.js +3 -0
package/dist/interfaces/secrets-loader-options.interface.js.map +1 -0
package/dist/interfaces/secrets-module-options.interface.d.ts +4 -0
package/dist/interfaces/secrets-module-options.interface.js +3 -0
package/dist/interfaces/secrets-module-options.interface.js.map +1 -0
package/dist/interfaces/secrets-provider.interface.d.ts +26 -0
package/dist/interfaces/secrets-provider.interface.js +10 -0
package/dist/interfaces/secrets-provider.interface.js.map +1 -0
package/dist/modules/secrets.module.d.ts +5 -0
package/dist/modules/secrets.module.js +37 -0
package/dist/modules/secrets.module.js.map +1 -0
package/dist/providers/aws-parameter-store.provider.d.ts +39 -0
package/dist/providers/aws-parameter-store.provider.js +98 -0
package/dist/providers/aws-parameter-store.provider.js.map +1 -0
package/dist/providers/aws-secrets-manager.provider.d.ts +30 -0
package/dist/providers/aws-secrets-manager.provider.js +65 -0
package/dist/providers/aws-secrets-manager.provider.js.map +1 -0
package/dist/providers/azure-key-vault.provider.d.ts +34 -0
package/dist/providers/azure-key-vault.provider.js +74 -0
package/dist/providers/azure-key-vault.provider.js.map +1 -0
package/dist/providers/google-secret-manager.provider.d.ts +25 -0
package/dist/providers/google-secret-manager.provider.js +63 -0
package/dist/providers/google-secret-manager.provider.js.map +1 -0
package/dist/services/secrets-loader.service.d.ts +58 -0
package/dist/services/secrets-loader.service.js +212 -0
package/dist/services/secrets-loader.service.js.map +1 -0
package/dist/tsconfig.build.tsbuildinfo +1 -0
package/package.json +105 -0

package/dist/providers/google-secret-manager.provider.d.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import { SecretManagerServiceClient } from '@google-cloud/secret-manager';
+import { SecretsProvider } from '../interfaces/secrets-provider.interface';
+export declare class GoogleSecretManagerProvider implements SecretsProvider {
+    private readonly client;
+    private readonly logger;
+    /**
+     * Regular expression pattern for Google Secret Manager paths
+     * Format: projects/{project-id}/secrets/{secret-id}/versions/{version}
+     */
+    private readonly secretPathPattern;
+    constructor(client: SecretManagerServiceClient);
+    /**
+     * Checks if a string is a valid Google Secret Manager reference.
+     * @param value The string to check
+     * @returns True if the string is a valid Google Secret Manager reference
+     */
+    isSecretReference(value: string): boolean;
+    /**
+     * Resolves a Google Secret Manager reference to its actual value.
+     * @param secretRef The full path to the secret in format projects/{project}/secrets/{secret}/versions/{version}
+     * @returns The resolved secret value as a string
+     * @throws Error when the secret cannot be retrieved or has an invalid format
+     */
+    resolveSecret(secretRef: string): Promise<string>;
+}

package/dist/providers/google-secret-manager.provider.js ADDED Viewed

@@ -0,0 +1,63 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var GoogleSecretManagerProvider_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GoogleSecretManagerProvider = void 0;
+const common_1 = require("@nestjs/common");
+const secret_manager_1 = require("@google-cloud/secret-manager");
+let GoogleSecretManagerProvider = GoogleSecretManagerProvider_1 = class GoogleSecretManagerProvider {
+    client;
+    logger = new common_1.Logger(GoogleSecretManagerProvider_1.name);
+    /**
+     * Regular expression pattern for Google Secret Manager paths
+     * Format: projects/{project-id}/secrets/{secret-id}/versions/{version}
+     */
+    secretPathPattern = /^projects\/[^/]+\/secrets\/[^/]+\/versions\/[^/]+$/;
+    constructor(client) {
+        this.client = client;
+    }
+    /**
+     * Checks if a string is a valid Google Secret Manager reference.
+     * @param value The string to check
+     * @returns True if the string is a valid Google Secret Manager reference
+     */
+    isSecretReference(value) {
+        return this.secretPathPattern.test(value);
+    }
+    /**
+     * Resolves a Google Secret Manager reference to its actual value.
+     * @param secretRef The full path to the secret in format projects/{project}/secrets/{secret}/versions/{version}
+     * @returns The resolved secret value as a string
+     * @throws Error when the secret cannot be retrieved or has an invalid format
+     */
+    async resolveSecret(secretRef) {
+        // The Google client returns an array where the first element contains the response
+        const [response] = await this.client.accessSecretVersion({
+            name: secretRef
+        });
+        if (!response || !response.payload) {
+            throw new Error('Secret payload is missing');
+        }
+        if (!response.payload.data) {
+            throw new Error('Secret payload data is missing');
+        }
+        // Return the secret data as a string, handling both Buffer and string formats
+        return Buffer.isBuffer(response.payload.data)
+            ? response.payload.data.toString('utf8')
+            : response.payload.data.toString();
+    }
+};
+exports.GoogleSecretManagerProvider = GoogleSecretManagerProvider;
+exports.GoogleSecretManagerProvider = GoogleSecretManagerProvider = GoogleSecretManagerProvider_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [secret_manager_1.SecretManagerServiceClient])
+], GoogleSecretManagerProvider);
+//# sourceMappingURL=google-secret-manager.provider.js.map

package/dist/providers/google-secret-manager.provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"google-secret-manager.provider.js","sourceRoot":"","sources":["../../src/providers/google-secret-manager.provider.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAkD;AAClD,iEAAwE;AAIjE,IAAM,2BAA2B,mCAAjC,MAAM,2BAA2B;IASP;IARZ,MAAM,GAAG,IAAI,eAAM,CAAC,6BAA2B,CAAC,IAAI,CAAC,CAAC;IAEvE;;;OAGG;IACc,iBAAiB,GAAG,oDAAoD,CAAC;IAE1F,YAA6B,MAAkC;QAAlC,WAAM,GAAN,MAAM,CAA4B;IAC/D,CAAC;IAED;;;;OAIG;IACH,iBAAiB,CAAC,KAAa;QAC3B,OAAO,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC9C,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB;QACjC,mFAAmF;QACnF,MAAM,CAAC,QAAQ,CAAC,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC;YACrD,IAAI,EAAE,SAAS;SAClB,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QACjD,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACtD,CAAC;QAED,8EAA8E;QAC9E,OAAO,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC;YACzC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;YACxC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC3C,CAAC;CACJ,CAAA;AA9CY,kEAA2B;sCAA3B,2BAA2B;IADvC,IAAA,mBAAU,GAAE;qCAU4B,2CAA0B;GATtD,2BAA2B,CA8CvC"}

package/dist/services/secrets-loader.service.d.ts ADDED Viewed

@@ -0,0 +1,58 @@
+import { ConfigFactory, ConfigService } from '@nestjs/config';
+import { SecretsLoaderOptions } from '../interfaces/secrets-loader-options.interface';
+import { SecretsProvider } from '../interfaces/secrets-provider.interface';
+/**
+ * Configuration loader with support for secret resolution
+ */
+export declare class SecretsLoaderService {
+    private readonly logger;
+    /**
+     * Creates a config factory for use with ConfigModule.forRoot()
+     * @param options Configuration options
+     * @returns A config factory function
+     */
+    createConfigFactory(options: SecretsLoaderOptions): ConfigFactory;
+    /**
+     * Creates a secrets provider based on the provided key and client.
+     * @param key The provider type identifier
+     * @param client The client instance to be used by the provider
+     * @returns A promise that resolves to the created SecretsProvider or undefined if not supported
+     */
+    createSecretProvider(key: string, client: any): Promise<SecretsProvider | undefined>;
+    /**
+     * Finds the application root directory
+     * (Usually one level up from where this code is running in a typical NestJS app)
+     */
+    private findAppRootDirectory;
+    /**
+     * Determines if the path is specified relative to the current working directory
+     */
+    private isRelativePathFromCwd;
+    /**
+     * Loads configuration and resolves secrets
+     * @param options Configuration options
+     * @returns ConfigService instance
+     */
+    load(options: SecretsLoaderOptions): Promise<ConfigService>;
+    /**
+     * Loads and merges configuration files, resolving secrets if a provider is available
+     * @param provider The instantiated secret provider
+     * @param options Configuration options
+     * @returns Merged configuration object
+     */
+    private loadConfigFiles;
+    loadProvider(options: SecretsLoaderOptions): Promise<SecretsProvider | undefined>;
+    /**
+     * Resolves the base directory for configuration files based on the provided configuration
+     * or defaults to the application's standard config directory
+     */
+    private resolveBaseDirectory;
+    /**
+     * Resolves the default configuration directory path and logs it
+     */
+    private resolveDefaultConfigDirectory;
+    /**
+     * Recursively resolves secrets in configuration objects
+     */
+    private resolveSecrets;
+}

package/dist/services/secrets-loader.service.js ADDED Viewed

@@ -0,0 +1,212 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var SecretsLoaderService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecretsLoaderService = void 0;
+const common_1 = require("@nestjs/common");
+const config_1 = require("@nestjs/config");
+const node_fs_1 = require("node:fs");
+const yaml = require("js-yaml");
+const node_path_1 = require("node:path");
+const lodash_1 = require("lodash");
+/**
+ * Configuration loader with support for secret resolution
+ */
+let SecretsLoaderService = SecretsLoaderService_1 = class SecretsLoaderService {
+    logger = new common_1.Logger(SecretsLoaderService_1.name);
+    /**
+     * Creates a config factory for use with ConfigModule.forRoot()
+     * @param options Configuration options
+     * @returns A config factory function
+     */
+    createConfigFactory(options) {
+        return async () => {
+            const provider = await this.loadProvider(options);
+            return await this.loadConfigFiles(provider, options);
+        };
+    }
+    /**
+     * Creates a secrets provider based on the provided key and client.
+     * @param key The provider type identifier
+     * @param client The client instance to be used by the provider
+     * @returns A promise that resolves to the created SecretsProvider or undefined if not supported
+     */
+    async createSecretProvider(key, client) {
+        switch (key) {
+            case 'AwsSecretsManagerProvider':
+            case 'SecretsManager':
+                const { AwsSecretsManagerProvider } = await Promise.resolve().then(() => require('../providers/aws-secrets-manager.provider'));
+                return new AwsSecretsManagerProvider(client);
+            case 'AwsParameterStoreProvider':
+            case 'SSMClient':
+                const { AwsParameterStoreProvider } = await Promise.resolve().then(() => require('../providers/aws-parameter-store.provider'));
+                return new AwsParameterStoreProvider(client);
+            case 'AzureKeyVaultProvider':
+            case 'SecretClient':
+                const { AzureKeyVaultProvider } = await Promise.resolve().then(() => require('../providers/azure-key-vault.provider'));
+                return new AzureKeyVaultProvider(client);
+            case 'GoogleSecretManagerProvider':
+            case 'SecretManagerServiceClient':
+                const { GoogleSecretManagerProvider } = await Promise.resolve().then(() => require('../providers/google-secret-manager.provider'));
+                return new GoogleSecretManagerProvider(client);
+        }
+        this.logger.warn(`Unsupported secret provider: ${client.constructor.name}`);
+        return undefined;
+    }
+    /**
+     * Finds the application root directory
+     * (Usually one level up from where this code is running in a typical NestJS app)
+     */
+    findAppRootDirectory() {
+        // Get the directory of the currently executing file
+        let currentDir = __dirname;
+        const specialDirs = ['dist', 'src', 'lib'];
+        // Check if we're in a special directory and move up if needed
+        const dirName = (0, node_path_1.basename)(currentDir);
+        if (specialDirs.includes(dirName)) {
+            currentDir = (0, node_path_1.resolve)(currentDir, '..');
+        }
+        // Handle the case where we might be in a deeper directory structure
+        const nodeModulesIndex = currentDir.indexOf('node_modules');
+        if (nodeModulesIndex > -1) {
+            currentDir = currentDir.substring(0, nodeModulesIndex);
+        }
+        return currentDir;
+    }
+    /**
+     * Determines if the path is specified relative to the current working directory
+     */
+    isRelativePathFromCwd(path) {
+        return path.startsWith('./') || path.startsWith('../');
+    }
+    /**
+     * Loads configuration and resolves secrets
+     * @param options Configuration options
+     * @returns ConfigService instance
+     */
+    async load(options) {
+        const provider = await this.loadProvider(options);
+        const config = await this.loadConfigFiles(provider, options);
+        return new config_1.ConfigService(config);
+    }
+    /**
+     * Loads and merges configuration files, resolving secrets if a provider is available
+     * @param provider The instantiated secret provider
+     * @param options Configuration options
+     * @returns Merged configuration object
+     */
+    async loadConfigFiles(provider, options) {
+        const { files, fileType = 'yaml' } = options;
+        // Resolve the base directory
+        const baseDirectory = this.resolveBaseDirectory(options.root);
+        if (!files.length) {
+            this.logger.warn('No configuration files specified');
+            return {};
+        }
+        let mergedConfig = {};
+        for (const filename of files) {
+            const filePath = (0, node_path_1.join)(baseDirectory, filename);
+            if ((0, node_fs_1.existsSync)(filePath)) {
+                try {
+                    this.logger.debug(`Loading config from ${filePath}`);
+                    const fileContent = (0, node_fs_1.readFileSync)(filePath, 'utf8');
+                    let fileConfig;
+                    if (fileType === 'yaml' || filename.endsWith('.yml') || filename.endsWith('.yaml')) {
+                        fileConfig = yaml.load(fileContent);
+                    }
+                    else {
+                        fileConfig = JSON.parse(fileContent);
+                    }
+                    // Merge with existing config, with the new config taking precedence
+                    // Using lodash's merge function
+                    mergedConfig = (0, lodash_1.merge)({}, mergedConfig, fileConfig);
+                }
+                catch (error) {
+                    this.logger.error(`Failed to load config from ${filePath}: ${error instanceof Error ? error.message : String(error)}`);
+                }
+            }
+            else {
+                this.logger.debug(`Config file not found: ${filePath}`);
+            }
+        }
+        // Resolve secrets if provider is available
+        if (provider) {
+            await this.resolveSecrets(mergedConfig, '', provider);
+        }
+        return mergedConfig;
+    }
+    async loadProvider(options) {
+        if (typeof options.provider === 'object') {
+            return options.provider;
+        }
+        if (typeof options.provider === 'string' && options.client) {
+            return this.createSecretProvider(options.provider, options.client);
+        }
+        if (options.client) {
+            return this.createSecretProvider(options.client.constructor.name, options.client);
+        }
+        return undefined;
+    }
+    /**
+     * Resolves the base directory for configuration files based on the provided configuration
+     * or defaults to the application's standard config directory
+     */
+    resolveBaseDirectory(directoryPath) {
+        const appRoot = this.findAppRootDirectory();
+        // If no directory path is specified, use the default config location
+        if (!directoryPath) {
+            return this.resolveDefaultConfigDirectory(appRoot, 'config');
+        }
+        // If it's an absolute path, use it directly
+        if ((0, node_path_1.isAbsolute)(directoryPath)) {
+            return directoryPath;
+        }
+        // Resolve from the current working directory
+        if (this.isRelativePathFromCwd(directoryPath)) {
+            return (0, node_path_1.resolve)(process.cwd(), directoryPath);
+        }
+        // If it's just a directory name, resolve from app root
+        return (0, node_path_1.join)(appRoot, directoryPath);
+    }
+    /**
+     * Resolves the default configuration directory path and logs it
+     */
+    resolveDefaultConfigDirectory(appRoot, configDir) {
+        configDir = (0, node_path_1.join)(appRoot, configDir);
+        this.logger.debug(`No base directory specified, using: ${configDir}`);
+        return configDir;
+    }
+    /**
+     * Recursively resolves secrets in configuration objects
+     */
+    async resolveSecrets(config, path = '', secretProvider) {
+        for (const key in config) {
+            const fullPath = path ? `${path}.${key}` : key;
+            // Using lodash's isString and isObject
+            if ((0, lodash_1.isString)(config[key])) {
+                if (secretProvider.isSecretReference(config[key])) {
+                    try {
+                        config[key] = await secretProvider.resolveSecret(config[key]);
+                        this.logger.debug(`Loaded secret from provider [${fullPath}]`);
+                    }
+                    catch (error) {
+                        this.logger.error(`Failed to load secret [${fullPath}]: ${error instanceof Error ? error.message : String(error)}`);
+                    }
+                }
+            }
+            else if ((0, lodash_1.isObject)(config[key]) && !Array.isArray(config[key])) {
+                await this.resolveSecrets(config[key], fullPath, secretProvider);
+            }
+        }
+    }
+};
+exports.SecretsLoaderService = SecretsLoaderService;
+exports.SecretsLoaderService = SecretsLoaderService = SecretsLoaderService_1 = __decorate([
+    (0, common_1.Injectable)()
+], SecretsLoaderService);
+//# sourceMappingURL=secrets-loader.service.js.map

package/dist/services/secrets-loader.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"secrets-loader.service.js","sourceRoot":"","sources":["../../src/services/secrets-loader.service.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAAkD;AAClD,2CAA4D;AAC5D,qCAAiD;AACjD,gCAAgC;AAChC,yCAA8D;AAC9D,mCAAiD;AAIjD;;GAEG;AAEI,IAAM,oBAAoB,4BAA1B,MAAM,oBAAoB;IACZ,MAAM,GAAG,IAAI,eAAM,CAAC,sBAAoB,CAAC,IAAI,CAAC,CAAC;IAEhE;;;;OAIG;IACI,mBAAmB,CAAC,OAA6B;QACpD,OAAO,KAAK,IAAI,EAAE;YACd,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YAClD,OAAO,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACzD,CAAC,CAAC;IACN,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,oBAAoB,CAAC,GAAW,EAAE,MAAW;QAC/C,QAAQ,GAAG,EAAE,CAAC;YACV,KAAK,2BAA2B,CAAC;YACjC,KAAK,gBAAgB;gBACjB,MAAM,EAAC,yBAAyB,EAAC,GAAG,2CAAa,2CAA2C,EAAC,CAAC;gBAC9F,OAAO,IAAI,yBAAyB,CAAC,MAAM,CAAC,CAAC;YACjD,KAAK,2BAA2B,CAAC;YACjC,KAAK,WAAW;gBACZ,MAAM,EAAC,yBAAyB,EAAC,GAAG,2CAAa,2CAA2C,EAAC,CAAC;gBAC9F,OAAO,IAAI,yBAAyB,CAAC,MAAM,CAAC,CAAC;YACjD,KAAK,uBAAuB,CAAC;YAC7B,KAAK,cAAc;gBACf,MAAM,EAAC,qBAAqB,EAAC,GAAG,2CAAa,uCAAuC,EAAC,CAAC;gBACtF,OAAO,IAAI,qBAAqB,CAAC,MAAM,CAAC,CAAC;YAC7C,KAAK,6BAA6B,CAAC;YACnC,KAAK,4BAA4B;gBAC7B,MAAM,EAAC,2BAA2B,EAAC,GAAG,2CAAa,6CAA6C,EAAC,CAAC;gBAClG,OAAO,IAAI,2BAA2B,CAAC,MAAM,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;QAC5E,OAAO,SAAS,CAAC;IACrB,CAAC;IAED;;;OAGG;IACK,oBAAoB;QACxB,oDAAoD;QACpD,IAAI,UAAU,GAAG,SAAS,CAAC;QAE3B,MAAM,WAAW,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QAE3C,8DAA8D;QAC9D,MAAM,OAAO,GAAG,IAAA,oBAAQ,EAAC,UAAU,CAAC,CAAC;QACrC,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAChC,UAAU,GAAG,IAAA,mBAAO,EAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAC3C,CAAC;QAED,oEAAoE;QACpE,MAAM,gBAAgB,GAAG,UAAU,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAC5D,IAAI,gBAAgB,GAAG,CAAC,CAAC,EAAE,CAAC;YACxB,UAAU,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC;QAC3D,CAAC;QAED,OAAO,UAAU,CAAC;IACtB,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,IAAY;QACtC,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IAC3D,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,IAAI,CAAC,OAA6B;QAC3C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7D,OAAO,IAAI,sBAAa,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,eAAe,CAAC,QAAqC,EAAE,OAA6B;QAC9F,MAAM,EAAC,KAAK,EAAE,QAAQ,GAAG,MAAM,EAAC,GAAG,OAAO,CAAC;QAE3C,6BAA6B;QAC7B,MAAM,aAAa,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAE9D,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YACrD,OAAO,EAAE,CAAC;QACd,CAAC;QAED,IAAI,YAAY,GAAG,EAAE,CAAC;QAEtB,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;YAC3B,MAAM,QAAQ,GAAG,IAAA,gBAAI,EAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;YAE/C,IAAI,IAAA,oBAAU,EAAC,QAAQ,CAAC,EAAE,CAAC;gBACvB,IAAI,CAAC;oBACD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,QAAQ,EAAE,CAAC,CAAC;oBACrD,MAAM,WAAW,GAAG,IAAA,sBAAY,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;oBAEnD,IAAI,UAA+B,CAAC;oBACpC,IAAI,QAAQ,KAAK,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;wBACjF,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAwB,CAAC;oBAC/D,CAAC;yBAAM,CAAC;wBACJ,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAwB,CAAC;oBAChE,CAAC;oBAED,oEAAoE;oBACpE,gCAAgC;oBAChC,YAAY,GAAG,IAAA,cAAK,EAAC,EAAE,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;gBACvD,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,QAAQ,KAAK,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAC3H,CAAC;YACL,CAAC;iBAAM,CAAC;gBACJ,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,QAAQ,EAAE,CAAC,CAAC;YAC5D,CAAC;QACL,CAAC;QAED,2CAA2C;QAC3C,IAAI,QAAQ,EAAE,CAAC;YACX,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,EAAE,EAAE,QAAQ,CAAC,CAAC;QAC1D,CAAC;QAED,OAAO,YAAY,CAAC;IACxB,CAAC;IAEM,KAAK,CAAC,YAAY,CAAC,OAA6B;QACnD,IAAI,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACvC,OAAO,OAAO,CAAC,QAAQ,CAAC;QAC5B,CAAC;QAED,IAAI,OAAO,OAAO,CAAC,QAAQ,KAAK,QAAQ,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACzD,OAAO,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QACvE,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QACtF,CAAC;QAED,OAAO,SAAS,CAAC;IACrB,CAAC;IAED;;;OAGG;IACK,oBAAoB,CAAC,aAAsB;QAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAE5C,qEAAqE;QACrE,IAAI,CAAC,aAAa,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,6BAA6B,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;QAED,4CAA4C;QAC5C,IAAI,IAAA,sBAAU,EAAC,aAAa,CAAC,EAAE,CAAC;YAC5B,OAAO,aAAa,CAAC;QACzB,CAAC;QAED,6CAA6C;QAC7C,IAAI,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAA,mBAAO,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,CAAC,CAAC;QACjD,CAAC;QAED,uDAAuD;QACvD,OAAO,IAAA,gBAAI,EAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACK,6BAA6B,CAAC,OAAe,EAAE,SAAiB;QACpE,SAAS,GAAG,IAAA,gBAAI,EAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,SAAS,EAAE,CAAC,CAAC;QACtE,OAAO,SAAS,CAAC;IACrB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc,CACxB,MAA2B,EAC3B,OAAe,EAAE,EACjB,cAA+B;QAE/B,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;YAE/C,uCAAuC;YACvC,IAAI,IAAA,iBAAQ,EAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBACxB,IAAI,cAAc,CAAC,iBAAiB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;oBAChD,IAAI,CAAC;wBACD,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,cAAc,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;wBAC9D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,QAAQ,GAAG,CAAC,CAAC;oBACnE,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACb,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,0BAA0B,QAAQ,MAAM,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACnG,CAAC;oBACN,CAAC;gBACL,CAAC;YACL,CAAC;iBAAM,IAAI,IAAA,iBAAQ,EAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBAC9D,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;YACrE,CAAC;QACL,CAAC;IACL,CAAC;CACJ,CAAA;AA5NY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,mBAAU,GAAE;GACA,oBAAoB,CA4NhC"}