@fuzdev/fuz_app 0.38.1 → 0.40.0

package/dist/auth/admin_actions.js

@@ -43,12 +43,11 @@ import { admin_account_list_action_spec, admin_session_list_action_spec, admin_s
 /**
  * Create the admin-only RPC actions.
  *
- * @param deps - stateless capabilities (log, on_audit_event)
+ * @param deps - `AdminActionDeps` slice of `AppDeps` (`log`, `on_audit_event`, optional `audit_log_config`)
  * @param options - role schema for `grantable_roles` derivation
  * @returns the `RpcAction` array to spread into a `create_rpc_endpoint` call
  */
 export const create_admin_actions = (deps, options = {}) => {
-    const { log, on_audit_event } = deps;
     const role_options = options.roles?.role_options ?? BUILTIN_ROLE_OPTIONS;
     const grantable_roles = [];
     for (const [name, rc] of role_options) {
@@ -81,7 +80,7 @@ export const create_admin_actions = (deps, options = {}) => {
                     reason: ERROR_ACCOUNT_NOT_FOUND,
                     attempted_account_id: input.account_id,
                 },
-            }, log, on_audit_event);
+            }, deps);
             throw jsonrpc_errors.not_found('account', { reason: ERROR_ACCOUNT_NOT_FOUND });
         }
         const count = await query_session_revoke_all_for_account(ctx, input.account_id);
@@ -92,7 +91,7 @@ export const create_admin_actions = (deps, options = {}) => {
             target_account_id: input.account_id,
             ip: ctx.client_ip,
             metadata: { count },
-        }, log, on_audit_event);
+        }, deps);
         return { ok: true, count };
     };
     const token_revoke_all_handler = async (input, ctx) => {
@@ -112,7 +111,7 @@ export const create_admin_actions = (deps, options = {}) => {
                     reason: ERROR_ACCOUNT_NOT_FOUND,
                     attempted_account_id: input.account_id,
                 },
-            }, log, on_audit_event);
+            }, deps);
             throw jsonrpc_errors.not_found('account', { reason: ERROR_ACCOUNT_NOT_FOUND });
         }
         const count = await query_revoke_all_api_tokens_for_account(ctx, input.account_id);
@@ -123,7 +122,7 @@ export const create_admin_actions = (deps, options = {}) => {
             target_account_id: input.account_id,
             ip: ctx.client_ip,
             metadata: { count },
-        }, log, on_audit_event);
+        }, deps);
         return { ok: true, count };
     };
     const audit_log_list_handler = async (input, ctx) => {
@@ -188,7 +187,7 @@ export const create_admin_actions = (deps, options = {}) => {
             account_id: auth.account.id,
             ip: ctx.client_ip,
             metadata: { invite_id: invite.id, email, username },
-        }, log, on_audit_event);
+        }, deps);
         return { ok: true, invite };
     };
     const invite_list_handler = async (_input, ctx) => {
@@ -207,7 +206,7 @@ export const create_admin_actions = (deps, options = {}) => {
             account_id: auth.account.id,
             ip: ctx.client_ip,
             metadata: { invite_id: input.invite_id },
-        }, log, on_audit_event);
+        }, deps);
         return { ok: true };
     };
     const actions = [
@@ -246,7 +245,7 @@ export const create_admin_actions = (deps, options = {}) => {
                     old_value,
                     new_value: input.open_signup,
                 },
-            }, log, on_audit_event);
+            }, deps);
             const settings = await query_app_settings_load_with_username(ctx);
             return { ok: true, settings };
         };

package/dist/auth/audit_log_queries.d.ts

@@ -11,33 +11,35 @@
  *
  * @module
  */
-import type { Logger } from '@fuzdev/fuz_util/log.js';
 import type { QueryDeps } from '../db/query_deps.js';
 import type { RouteContext } from '../http/route_spec.js';
-import { type AuditEventType, type AuditLogEvent, type AuditLogInput, type AuditLogListOptions, type AuditLogEventWithUsernamesJson, type PermitHistoryEventJson } from './audit_log_schema.js';
+import type { AppDeps } from './deps.js';
+import { type AuditLogConfig, type AuditLogEvent, type AuditLogInput, type AuditLogListOptions, type AuditLogEventWithUsernamesJson, type PermitHistoryEventJson } from './audit_log_schema.js';
 /** Default limit for audit log listings. */
 export declare const AUDIT_LOG_DEFAULT_LIMIT = 50;
 /** Number of audit metadata validation failures observed since process start. */
 export declare const get_audit_metadata_validation_failures: () => number;
-/** Reset the counter — for tests only; production code should not call this. */
+/** Reset the counter — for tests only. */
 export declare const reset_audit_metadata_validation_failures: () => void;
+/** Number of audit unknown-event-type failures observed since process start. */
+export declare const get_audit_unknown_event_type_failures: () => number;
+/** Reset the counter — for tests only. */
+export declare const reset_audit_unknown_event_type_failures: () => void;
 /**
  * Insert an audit log entry.
  *
- * Uses `RETURNING *` to return the full inserted row including
- * DB-assigned fields (`id`, `seq`, `created_at`).
- *
- * Validates `metadata` against the per-event-type schema in production +
- * DEV both. Mismatches log to `console.error` and increment
- * `audit_metadata_validation_failures` (sampled via the exported getter)
- * but never throw — the audit row is still written. Schema-vs-runtime
- * drift is an operator signal, not a request-failing condition.
+ * `RETURNING *` so callers receive DB-assigned fields (`id`, `seq`,
+ * `created_at`). Validates `metadata` against `config.metadata_schemas`;
+ * unknown `event_type` and metadata mismatches log + bump their counters
+ * but write the row anyway. Consumers extend the recognized set via
+ * `create_audit_log_config({extra_events})`.
  *
  * @param deps - query dependencies
  * @param input - the audit event to record
+ * @param config - audit-log config. Defaults to `BUILTIN_AUDIT_LOG_CONFIG`.
  * @returns the inserted audit log row
  */
-export declare const query_audit_log: <T extends AuditEventType>(deps: QueryDeps, input: AuditLogInput<T>) => Promise<AuditLogEvent>;
+export declare const query_audit_log: <T extends string>(deps: QueryDeps, input: AuditLogInput<T>, config?: AuditLogConfig) => Promise<AuditLogEvent>;
 /**
  * List audit log entries, newest first.
  *
@@ -79,19 +81,29 @@ export declare const query_audit_log_list_permit_history: (deps: QueryDeps, limi
  * @returns the number of entries deleted
  */
 export declare const query_audit_log_cleanup_before: (deps: QueryDeps, before: Date) => Promise<number>;
+/**
+ * Capabilities required by `audit_log_fire_and_forget`.
+ *
+ * Defined as a slice of `AppDeps` so call sites can pass the surrounding deps
+ * bundle directly without a structural-compatibility coincidence. The bundled
+ * shape replaces the prior `(log, on_audit_event, config?)` positional args
+ * — consumers that forgot the trailing `config` would silently fall back to
+ * `BUILTIN_AUDIT_LOG_CONFIG` and skip metadata validation for their own
+ * event types. `audit_log_config` is optional on `AppDeps` and defaults to
+ * `BUILTIN_AUDIT_LOG_CONFIG` inside `audit_log_fire_and_forget` when absent.
+ */
+export type AuditLogFireAndForgetDeps = Pick<AppDeps, 'log' | 'on_audit_event' | 'audit_log_config'>;
 /**
  * Log an audit event without blocking the caller.
  *
- * Errors are logged to console — audit logging never breaks auth flows.
- * Uses `background_db` so audit entries persist even if the request transaction rolls back.
- * Write failures and `on_event` callback failures are logged separately
- * so the error message indicates which phase failed.
+ * Errors are logged — audit logging never breaks auth flows. Uses
+ * `background_db` so entries persist even when the request transaction
+ * rolls back. Write and `on_audit_event` callback failures are logged separately.
  *
  * @param route - `background_db` and `pending_effects` from the route context
  * @param input - the audit event to record
- * @param log - the logger instance
- * @param on_event - callback invoked with the inserted row after a successful write
- * @returns the settled promise (callers may ignore it — fire-and-forget semantics preserved)
+ * @param deps - logger, `on_audit_event` callback, and optional `audit_log_config`
+ * @returns the settled promise (callers may ignore it)
  */
-export declare const audit_log_fire_and_forget: <T extends AuditEventType>(route: Pick<RouteContext, "background_db" | "pending_effects">, input: AuditLogInput<T>, log: Logger, on_event: (event: AuditLogEvent) => void) => Promise<void>;
+export declare const audit_log_fire_and_forget: <T extends string>(route: Pick<RouteContext, "background_db" | "pending_effects">, input: AuditLogInput<T>, deps: AuditLogFireAndForgetDeps) => Promise<void>;
 //# sourceMappingURL=audit_log_queries.d.ts.map

package/dist/auth/audit_log_queries.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"audit_log_queries.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/audit_log_queries.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAC,MAAM,EAAC,MAAM,yBAAyB,CAAC;AAEpD,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAEnD,OAAO,KAAK,EAAC,YAAY,EAAC,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAEN,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,mBAAmB,EACxB,KAAK,8BAA8B,EACnC,KAAK,sBAAsB,EAC3B,MAAM,uBAAuB,CAAC;AAE/B,4CAA4C;AAC5C,eAAO,MAAM,uBAAuB,KAAK,CAAC;AAmB1C,iFAAiF;AACjF,eAAO,MAAM,sCAAsC,QAAO,MACvB,CAAC;AAEpC,gFAAgF;AAChF,eAAO,MAAM,wCAAwC,QAAO,IAE3D,CAAC;AAEF;;;;;;;;;;;;;;;GAeG;AACH,eAAO,MAAM,eAAe,GAAU,CAAC,SAAS,cAAc,EAC7D,MAAM,SAAS,EACf,OAAO,aAAa,CAAC,CAAC,CAAC,KACrB,OAAO,CAAC,aAAa,CA2BvB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,oBAAoB,GAChC,MAAM,SAAS,EACf,UAAU,mBAAmB,KAC3B,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAwC9B,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mCAAmC,GAC/C,MAAM,SAAS,EACf,UAAU,mBAAmB,KAC3B,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CA8C/C,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,gCAAgC,GAC5C,MAAM,SAAS,EACf,YAAY,MAAM,EAClB,cAA+B,KAC7B,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAO9B,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,mCAAmC,GAC/C,MAAM,SAAS,EACf,cAA+B,EAC/B,eAAU,KACR,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAYvC,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,8BAA8B,GAC1C,MAAM,SAAS,EACf,QAAQ,IAAI,KACV,OAAO,CAAC,MAAM,CAMhB,CAAC;AAEF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,yBAAyB,GAAI,CAAC,SAAS,cAAc,EACjE,OAAO,IAAI,CAAC,YAAY,EAAE,eAAe,GAAG,iBAAiB,CAAC,EAC9D,OAAO,aAAa,CAAC,CAAC,CAAC,EACvB,KAAK,MAAM,EACX,UAAU,CAAC,KAAK,EAAE,aAAa,KAAK,IAAI,KACtC,OAAO,CAAC,IAAI,CAcd,CAAC"}
+{"version":3,"file":"audit_log_queries.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/audit_log_queries.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAEnD,OAAO,KAAK,EAAC,YAAY,EAAC,MAAM,uBAAuB,CAAC;AACxD,OAAO,KAAK,EAAC,OAAO,EAAC,MAAM,WAAW,CAAC;AACvC,OAAO,EAEN,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,aAAa,EAClB,KAAK,mBAAmB,EACxB,KAAK,8BAA8B,EACnC,KAAK,sBAAsB,EAC3B,MAAM,uBAAuB,CAAC;AAE/B,4CAA4C;AAC5C,eAAO,MAAM,uBAAuB,KAAK,CAAC;AAa1C,iFAAiF;AACjF,eAAO,MAAM,sCAAsC,QAAO,MACvB,CAAC;AAEpC,0CAA0C;AAC1C,eAAO,MAAM,wCAAwC,QAAO,IAE3D,CAAC;AAYF,gFAAgF;AAChF,eAAO,MAAM,qCAAqC,QAAO,MACvB,CAAC;AAEnC,0CAA0C;AAC1C,eAAO,MAAM,uCAAuC,QAAO,IAE1D,CAAC;AAEF;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,eAAe,GAAU,CAAC,SAAS,MAAM,EACrD,MAAM,SAAS,EACf,OAAO,aAAa,CAAC,CAAC,CAAC,EACvB,SAAQ,cAAyC,KAC/C,OAAO,CAAC,aAAa,CAmCvB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,oBAAoB,GAChC,MAAM,SAAS,EACf,UAAU,mBAAmB,KAC3B,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAwC9B,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,mCAAmC,GAC/C,MAAM,SAAS,EACf,UAAU,mBAAmB,KAC3B,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CA8C/C,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,gCAAgC,GAC5C,MAAM,SAAS,EACf,YAAY,MAAM,EAClB,cAA+B,KAC7B,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAO9B,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,mCAAmC,GAC/C,MAAM,SAAS,EACf,cAA+B,EAC/B,eAAU,KACR,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAYvC,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,8BAA8B,GAC1C,MAAM,SAAS,EACf,QAAQ,IAAI,KACV,OAAO,CAAC,MAAM,CAMhB,CAAC;AAEF;;;;;;;;;;GAUG;AACH,MAAM,MAAM,yBAAyB,GAAG,IAAI,CAC3C,OAAO,EACP,KAAK,GAAG,gBAAgB,GAAG,kBAAkB,CAC7C,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,yBAAyB,GAAI,CAAC,SAAS,MAAM,EACzD,OAAO,IAAI,CAAC,YAAY,EAAE,eAAe,GAAG,iBAAiB,CAAC,EAC9D,OAAO,aAAa,CAAC,CAAC,CAAC,EACvB,MAAM,yBAAyB,KAC7B,OAAO,CAAC,IAAI,CAed,CAAC"}

package/dist/auth/audit_log_queries.js

@@ -12,54 +12,67 @@
  * @module
  */
 import { assert_row } from '../db/assert_row.js';
-import { AUDIT_METADATA_SCHEMAS, } from './audit_log_schema.js';
+import { BUILTIN_AUDIT_LOG_CONFIG, } from './audit_log_schema.js';
 /** Default limit for audit log listings. */
 export const AUDIT_LOG_DEFAULT_LIMIT = 50;
 /**
- * Process-wide counter for audit metadata validation failures.
- *
- * `query_audit_log` validates each `metadata` payload against the per-event
- * schema in `AUDIT_METADATA_SCHEMAS` and increments this counter on
- * mismatch. The audit row is still written — validation is fail-open by
- * design, matching the rest of the fire-and-forget audit pipeline (a
- * schema-vs-runtime drift should not break auth flows). Operators sample
- * the counter via `get_audit_metadata_validation_failures()` (e.g. from
- * a future `/metrics` surface or a debug RPC handler).
- *
- * Single-process scope: fuz_app's runtime state lives in-process (rate
- * limiter, daemon token state); this counter follows the same pattern
- * and resets on server restart.
+ * Process-wide counter for audit metadata validation failures. `query_audit_log`
+ * increments on `safeParse` mismatch and writes the row anyway (fail-open —
+ * schema drift should not break auth flows). Independent of the
+ * unknown-event-type counter — `create_audit_log_config` keeps the two in
+ * sync, but a hand-rolled `AuditLogConfig` (or a cast escape) can have a
+ * schema entry without a matching `event_types` entry, in which case both
+ * counters bump on a single emission. In-process; resets on restart.
  */
 let audit_metadata_validation_failures = 0;
 /** Number of audit metadata validation failures observed since process start. */
 export const get_audit_metadata_validation_failures = () => audit_metadata_validation_failures;
-/** Reset the counter — for tests only; production code should not call this. */
+/** Reset the counter — for tests only. */
 export const reset_audit_metadata_validation_failures = () => {
     audit_metadata_validation_failures = 0;
 };
+/**
+ * Process-wide counter for audit-log emissions whose `event_type` is missing
+ * from the active config. Same fail-open posture as the metadata counter;
+ * orthogonal in implementation — metadata validation runs regardless of
+ * registration — though under the factory both counters track the same
+ * config (see `audit_metadata_validation_failures`). Catches typos and
+ * missing `extra_events` registrations.
+ */
+let audit_unknown_event_type_failures = 0;
+/** Number of audit unknown-event-type failures observed since process start. */
+export const get_audit_unknown_event_type_failures = () => audit_unknown_event_type_failures;
+/** Reset the counter — for tests only. */
+export const reset_audit_unknown_event_type_failures = () => {
+    audit_unknown_event_type_failures = 0;
+};
 /**
  * Insert an audit log entry.
  *
- * Uses `RETURNING *` to return the full inserted row including
- * DB-assigned fields (`id`, `seq`, `created_at`).
- *
- * Validates `metadata` against the per-event-type schema in production +
- * DEV both. Mismatches log to `console.error` and increment
- * `audit_metadata_validation_failures` (sampled via the exported getter)
- * but never throw — the audit row is still written. Schema-vs-runtime
- * drift is an operator signal, not a request-failing condition.
+ * `RETURNING *` so callers receive DB-assigned fields (`id`, `seq`,
+ * `created_at`). Validates `metadata` against `config.metadata_schemas`;
+ * unknown `event_type` and metadata mismatches log + bump their counters
+ * but write the row anyway. Consumers extend the recognized set via
+ * `create_audit_log_config({extra_events})`.
  *
  * @param deps - query dependencies
  * @param input - the audit event to record
+ * @param config - audit-log config. Defaults to `BUILTIN_AUDIT_LOG_CONFIG`.
  * @returns the inserted audit log row
  */
-export const query_audit_log = async (deps, input) => {
+export const query_audit_log = async (deps, input, config = BUILTIN_AUDIT_LOG_CONFIG) => {
+    if (!config.event_types.includes(input.event_type)) {
+        audit_unknown_event_type_failures++;
+        console.error(`[audit_log] unknown event_type '${input.event_type}' — register via create_audit_log_config({extra_events})`);
+    }
     if (input.metadata != null) {
-        const schema = AUDIT_METADATA_SCHEMAS[input.event_type];
-        const result = schema.safeParse(input.metadata);
-        if (!result.success) {
-            audit_metadata_validation_failures++;
-            console.error(`[audit_log] metadata mismatch for '${input.event_type}':`, result.error.issues);
+        const schema = config.metadata_schemas[input.event_type];
+        if (schema) {
+            const result = schema.safeParse(input.metadata);
+            if (!result.success) {
+                audit_metadata_validation_failures++;
+                console.error(`[audit_log] metadata mismatch for '${input.event_type}':`, result.error.issues);
+            }
         }
     }
     const rows = await deps.db.query(`INSERT INTO audit_log (event_type, outcome, actor_id, account_id, target_account_id, ip, metadata)
@@ -201,25 +214,24 @@ export const query_audit_log_cleanup_before = async (deps, before) => {
 /**
  * Log an audit event without blocking the caller.
  *
- * Errors are logged to console — audit logging never breaks auth flows.
- * Uses `background_db` so audit entries persist even if the request transaction rolls back.
- * Write failures and `on_event` callback failures are logged separately
- * so the error message indicates which phase failed.
+ * Errors are logged — audit logging never breaks auth flows. Uses
+ * `background_db` so entries persist even when the request transaction
+ * rolls back. Write and `on_audit_event` callback failures are logged separately.
  *
  * @param route - `background_db` and `pending_effects` from the route context
  * @param input - the audit event to record
- * @param log - the logger instance
- * @param on_event - callback invoked with the inserted row after a successful write
- * @returns the settled promise (callers may ignore it — fire-and-forget semantics preserved)
+ * @param deps - logger, `on_audit_event` callback, and optional `audit_log_config`
+ * @returns the settled promise (callers may ignore it)
  */
-export const audit_log_fire_and_forget = (route, input, log, on_event) => {
-    const p = query_audit_log({ db: route.background_db }, input)
+export const audit_log_fire_and_forget = (route, input, deps) => {
+    const { log, on_audit_event, audit_log_config = BUILTIN_AUDIT_LOG_CONFIG } = deps;
+    const p = query_audit_log({ db: route.background_db }, input, audit_log_config)
         .then((event) => {
         try {
-            on_event(event);
+            on_audit_event(event);
         }
         catch (callback_err) {
-            log.error('Audit log on_event callback failed:', callback_err);
+            log.error('Audit log on_audit_event callback failed:', callback_err);
         }
     })
         .catch((err) => {

package/dist/auth/audit_log_schema.d.ts

@@ -8,7 +8,12 @@
  */
 import { z } from 'zod';
 import { Uuid } from '../uuid.js';
-/** All tracked auth event types. */
+/**
+ * All tracked auth event types. Frozen to convert accidental in-process
+ * mutation (test cross-contamination, cast escapes) into loud TypeErrors.
+ * Not a security boundary — in-process code has many other paths to subvert
+ * audit logging.
+ */
 export declare const AUDIT_EVENT_TYPES: readonly ["login", "logout", "bootstrap", "signup", "password_change", "session_revoke", "session_revoke_all", "token_create", "token_revoke", "token_revoke_all", "permit_grant", "permit_revoke", "permit_offer_create", "permit_offer_accept", "permit_offer_decline", "permit_offer_retract", "permit_offer_expire", "permit_offer_supersede", "invite_create", "invite_delete", "app_settings_update"];
 /** Zod schema for audit event types. */
 export declare const AuditEventType: z.ZodEnum<{
@@ -35,6 +40,15 @@ export declare const AuditEventType: z.ZodEnum<{
     app_settings_update: "app_settings_update";
 }>;
 export type AuditEventType = z.infer<typeof AuditEventType>;
+/**
+ * Letter start, then letters, digits, `_`, `.`, `/`, `-`. Accepts snake_case,
+ * dotted, and namespaced consumer conventions; rejects empty strings, leading
+ * separators, whitespace, and control characters.
+ */
+export declare const AUDIT_EVENT_TYPE_NAME_REGEX: RegExp;
+/** Zod schema for valid audit event-type name strings. */
+export declare const AuditEventTypeName: z.ZodString;
+export type AuditEventTypeName = z.infer<typeof AuditEventTypeName>;
 /** Zod schema for audit event outcomes. */
 export declare const AuditOutcome: z.ZodEnum<{
     success: "success";
@@ -42,13 +56,13 @@ export declare const AuditOutcome: z.ZodEnum<{
 }>;
 export type AuditOutcome = z.infer<typeof AuditOutcome>;
 /**
- * Per-event-type metadata Zod schemas.
- *
- * Uses `z.looseObject` so consumers can add extra fields
- * (e.g. visiones `self_service`) while known fields are validated.
- * Events with outcome-dependent metadata use a union with `z.null()`.
+ * Per-event-type metadata Zod schemas. `z.looseObject` so consumers can
+ * add fields while known ones are validated. The record is frozen to
+ * catch mutation bugs at the key level (e.g. tests that try to swap in a
+ * stub schema); the Zod schemas themselves are reachable and mutable —
+ * freeze isn't a security boundary.
  */
-export declare const AUDIT_METADATA_SCHEMAS: {
+export declare const AUDIT_METADATA_SCHEMAS: Readonly<{
     login: z.ZodNullable<z.ZodObject<{
         username: z.ZodString;
     }, z.core.$loose>>;
@@ -89,12 +103,14 @@ export declare const AUDIT_METADATA_SCHEMAS: {
         permit_id: z.ZodOptional<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>;
         scope_id: z.ZodOptional<z.ZodNullable<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>>;
         source_offer_id: z.ZodOptional<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>;
+        self_service: z.ZodOptional<z.ZodBoolean>;
     }, z.core.$loose>;
     permit_revoke: z.ZodObject<{
         role: z.ZodString;
         permit_id: z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">;
         scope_id: z.ZodOptional<z.ZodNullable<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>>;
         reason: z.ZodOptional<z.ZodString>;
+        self_service: z.ZodOptional<z.ZodBoolean>;
     }, z.core.$loose>;
     permit_offer_create: z.ZodObject<{
         offer_id: z.ZodOptional<z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">>;
@@ -147,16 +163,16 @@ export declare const AUDIT_METADATA_SCHEMAS: {
         old_value: z.ZodUnknown;
         new_value: z.ZodUnknown;
     }, z.core.$loose>;
-};
+}>;
 /** Mapped type of metadata shapes per event type, derived from Zod schemas. */
 export type AuditMetadataMap = {
     [K in AuditEventType]: z.infer<(typeof AUDIT_METADATA_SCHEMAS)[K]>;
 };
-/** Audit log row from the database. */
+/** Audit log row from the database. See `AuditLogEventJson` for `event_type` widening rationale. */
 export interface AuditLogEvent {
     id: Uuid;
     seq: number;
-    event_type: AuditEventType;
+    event_type: AuditEventTypeName;
     outcome: AuditOutcome;
     actor_id: Uuid | null;
     account_id: Uuid | null;
@@ -174,53 +190,102 @@ export declare const get_audit_metadata: <T extends AuditEventType>(event: Audit
     event_type: T;
 }) => AuditMetadataMap[T] | null;
 /** Input for creating an audit log entry. */
-export interface AuditLogInput<T extends AuditEventType = AuditEventType> {
+export interface AuditLogInput<T extends string = AuditEventType> {
     event_type: T;
     outcome?: AuditOutcome;
     actor_id?: Uuid | null;
     account_id?: Uuid | null;
     target_account_id?: Uuid | null;
     ip?: string | null;
-    metadata?: (AuditMetadataMap[T] & Record<string, unknown>) | null;
+    /**
+     * Per-event-type metadata. Builtin `T` narrows to `AuditMetadataMap[T]`;
+     * consumer strings widen to a generic record (validation runs against
+     * `AuditLogConfig.metadata_schemas` at insert time).
+     */
+    metadata?: T extends AuditEventType ? (AuditMetadataMap[T] & Record<string, unknown>) | null : Record<string, unknown> | null;
+}
+/**
+ * Configuration bundle for audit-log event types and metadata schemas.
+ *
+ * Lets consumers extend the closed `AUDIT_EVENT_TYPES` enum with their own
+ * event strings (and metadata Zod schemas) without forking. Pass to
+ * `audit_log_fire_and_forget` / `query_audit_log` as the optional `config`
+ * argument; both default to `BUILTIN_AUDIT_LOG_CONFIG`.
+ *
+ * The DB column is `TEXT NOT NULL` and never enforced an enum, so consumer
+ * event types round-trip through `query_audit_log_list` and SSE identically
+ * to builtins.
+ *
+ * Constructed configs are deep-frozen (wrapper, `event_types`,
+ * `metadata_schemas`) to catch accidental mutation bugs early. Not a
+ * security boundary against in-process code, which can subvert audit
+ * logging through other paths.
+ */
+export interface AuditLogConfig {
+    /** All recognized event-type strings — fuz_app builtins plus consumer extras. */
+    readonly event_types: ReadonlyArray<string>;
+    /**
+     * Per-event-type metadata schemas. Missing entries skip metadata
+     * validation for that type (row still written; metadata stored as raw JSONB).
+     */
+    readonly metadata_schemas: Readonly<Record<string, z.ZodType>>;
+}
+/** Builtin fuz_app audit-log config — every existing event type and its metadata schema. */
+export declare const BUILTIN_AUDIT_LOG_CONFIG: AuditLogConfig;
+/** Options for `create_audit_log_config`. */
+export interface CreateAuditLogConfigOptions {
+    /**
+     * Extra event types keyed by event-type string. Value is a Zod metadata
+     * schema, or `null` to register the type without validation (row still
+     * written, metadata stored as raw JSONB).
+     *
+     * Collisions with builtin event-type strings throw at construction.
+     * Schemas are run via `safeParse` at insert time; mismatches log + count
+     * but never throw (fail-open — see the drift counters in `audit_log_queries.ts`).
+     */
+    extra_events?: Readonly<Record<string, z.ZodType | null>>;
 }
+/**
+ * Build an `AuditLogConfig` by merging fuz_app builtins with consumer extras.
+ *
+ * Throws when an `extra_events` key collides with a builtin event type, or
+ * fails `AuditEventTypeName` format validation.
+ *
+ * Call once at startup; pass the result to consumer-emitted
+ * `audit_log_fire_and_forget` calls. Builtin handlers omit the argument and
+ * pick up `BUILTIN_AUDIT_LOG_CONFIG`.
+ */
+export declare const create_audit_log_config: (options?: CreateAuditLogConfigOptions) => AuditLogConfig;
 /** Options for listing audit log entries. */
 export interface AuditLogListOptions {
     limit?: number;
     offset?: number;
-    event_type?: AuditEventType;
-    event_type_in?: Array<AuditEventType>;
+    /**
+     * Event-type filter. Accepts any string — builtins or consumer-registered
+     * via `create_audit_log_config({extra_events})`. The DB column is
+     * `TEXT NOT NULL` with no CHECK, so unknown strings simply match nothing.
+     */
+    event_type?: string;
+    event_type_in?: Array<string>;
     account_id?: Uuid;
     outcome?: AuditOutcome;
     /** When set, only return events with `seq` greater than this value. Enables SSE reconnection gap fill. */
     since_seq?: number;
 }
-/** Zod schema for client-safe audit log event. */
+/**
+ * Zod schema for client-safe audit log event.
+ *
+ * `event_type` is `AuditEventTypeName` (regex-validated string) — matches
+ * the `AuditLogEvent` row and the DB's `TEXT NOT NULL` column. Consumer
+ * types registered via `create_audit_log_config({extra_events})` round-trip
+ * through queries, `on_audit_event` callbacks, and JSON-RPC responses
+ * identically to builtins. `AuditLogInput<T>` stays parameterized on the
+ * write side so `AuditMetadataMap` narrowing via `get_audit_metadata` works.
+ */
 export declare const AuditLogEventJson: z.ZodObject<{
     id: z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">;
     seq: z.ZodNumber;
-    event_type: z.ZodEnum<{
-        login: "login";
-        logout: "logout";
-        bootstrap: "bootstrap";
-        signup: "signup";
-        password_change: "password_change";
-        session_revoke: "session_revoke";
-        session_revoke_all: "session_revoke_all";
-        token_create: "token_create";
-        token_revoke: "token_revoke";
-        token_revoke_all: "token_revoke_all";
-        permit_grant: "permit_grant";
-        permit_revoke: "permit_revoke";
-        permit_offer_create: "permit_offer_create";
-        permit_offer_accept: "permit_offer_accept";
-        permit_offer_decline: "permit_offer_decline";
-        permit_offer_retract: "permit_offer_retract";
-        permit_offer_expire: "permit_offer_expire";
-        permit_offer_supersede: "permit_offer_supersede";
-        invite_create: "invite_create";
-        invite_delete: "invite_delete";
-        app_settings_update: "app_settings_update";
-    }>;
+    event_type: z.ZodString;
     outcome: z.ZodEnum<{
         success: "success";
         failure: "failure";
@@ -237,29 +302,7 @@ export type AuditLogEventJson = z.infer<typeof AuditLogEventJson>;
 export declare const AuditLogEventWithUsernamesJson: z.ZodObject<{
     id: z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">;
     seq: z.ZodNumber;
-    event_type: z.ZodEnum<{
-        login: "login";
-        logout: "logout";
-        bootstrap: "bootstrap";
-        signup: "signup";
-        password_change: "password_change";
-        session_revoke: "session_revoke";
-        session_revoke_all: "session_revoke_all";
-        token_create: "token_create";
-        token_revoke: "token_revoke";
-        token_revoke_all: "token_revoke_all";
-        permit_grant: "permit_grant";
-        permit_revoke: "permit_revoke";
-        permit_offer_create: "permit_offer_create";
-        permit_offer_accept: "permit_offer_accept";
-        permit_offer_decline: "permit_offer_decline";
-        permit_offer_retract: "permit_offer_retract";
-        permit_offer_expire: "permit_offer_expire";
-        permit_offer_supersede: "permit_offer_supersede";
-        invite_create: "invite_create";
-        invite_delete: "invite_delete";
-        app_settings_update: "app_settings_update";
-    }>;
+    event_type: z.ZodString;
     outcome: z.ZodEnum<{
         success: "success";
         failure: "failure";
@@ -278,29 +321,7 @@ export type AuditLogEventWithUsernamesJson = z.infer<typeof AuditLogEventWithUse
 export declare const PermitHistoryEventJson: z.ZodObject<{
     id: z.core.$ZodBranded<z.ZodUUID, "Uuid", "out">;
     seq: z.ZodNumber;
-    event_type: z.ZodEnum<{
-        login: "login";
-        logout: "logout";
-        bootstrap: "bootstrap";
-        signup: "signup";
-        password_change: "password_change";
-        session_revoke: "session_revoke";
-        session_revoke_all: "session_revoke_all";
-        token_create: "token_create";
-        token_revoke: "token_revoke";
-        token_revoke_all: "token_revoke_all";
-        permit_grant: "permit_grant";
-        permit_revoke: "permit_revoke";
-        permit_offer_create: "permit_offer_create";
-        permit_offer_accept: "permit_offer_accept";
-        permit_offer_decline: "permit_offer_decline";
-        permit_offer_retract: "permit_offer_retract";
-        permit_offer_expire: "permit_offer_expire";
-        permit_offer_supersede: "permit_offer_supersede";
-        invite_create: "invite_create";
-        invite_delete: "invite_delete";
-        app_settings_update: "app_settings_update";
-    }>;
+    event_type: z.ZodString;
     outcome: z.ZodEnum<{
         success: "success";
         failure: "failure";

package/dist/auth/audit_log_schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"audit_log_schema.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/audit_log_schema.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAAC,IAAI,EAAC,MAAM,YAAY,CAAC;AAGhC,oCAAoC;AACpC,eAAO,MAAM,iBAAiB,6YAsBpB,CAAC;AAEX,wCAAwC;AACxC,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;EAA4B,CAAC;AACxD,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAE5D,2CAA2C;AAC3C,eAAO,MAAM,YAAY;;;EAAiC,CAAC;AAC3D,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AAExD;;;;;;GAMG;AACH,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+FU,CAAC;AAE9C,+EAA+E;AAC/E,MAAM,MAAM,gBAAgB,GAAG;KAC7B,CAAC,IAAI,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,sBAAsB,CAAC,CAAC,CAAC,CAAC,CAAC;CAClE,CAAC;AAEF,uCAAuC;AACvC,MAAM,WAAW,aAAa;IAC7B,EAAE,EAAE,IAAI,CAAC;IACT,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,cAAc,CAAC;IAC3B,OAAO,EAAE,YAAY,CAAC;IACtB,QAAQ,EAAE,IAAI,GAAG,IAAI,CAAC;IACtB,UAAU,EAAE,IAAI,GAAG,IAAI,CAAC;IACxB,iBAAiB,EAAE,IAAI,GAAG,IAAI,CAAC;IAC/B,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CACzC;AAED;;;;GAIG;AACH,eAAO,MAAM,kBAAkB,GAAI,CAAC,SAAS,cAAc,EAC1D,OAAO,aAAa,GAAG;IAAC,UAAU,EAAE,CAAC,CAAA;CAAC,KACpC,gBAAgB,CAAC,CAAC,CAAC,GAAG,IAExB,CAAC;AAEF,6CAA6C;AAC7C,MAAM,WAAW,aAAa,CAAC,CAAC,SAAS,cAAc,GAAG,cAAc;IACvE,UAAU,EAAE,CAAC,CAAC;IACd,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,QAAQ,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACvB,UAAU,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACzB,iBAAiB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAChC,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,QAAQ,CAAC,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,GAAG,IAAI,CAAC;CAClE;AAED,6CAA6C;AAC7C,MAAM,WAAW,mBAAmB;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,cAAc,CAAC;IAC5B,aAAa,CAAC,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;IACtC,UAAU,CAAC,EAAE,IAAI,CAAC;IAClB,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,0GAA0G;IAC1G,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,kDAAkD;AAClD,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAW5B,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,+DAA+D;AAC/D,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAGzC,CAAC;AACH,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AAE5F,oEAAoE;AACpE,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAGjC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAE5E,iEAAiE;AACjE,eAAO,MAAM,gBAAgB;;;;;;;kBAE3B,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAIhE,eAAO,MAAM,gBAAgB,gdAY3B,CAAC;AAEH,eAAO,MAAM,iBAAiB,UAK7B,CAAC"}
+{"version":3,"file":"audit_log_schema.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/audit_log_schema.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAC,CAAC,EAAC,MAAM,KAAK,CAAC;AAEtB,OAAO,EAAC,IAAI,EAAC,MAAM,YAAY,CAAC;AAGhC;;;;;GAKG;AACH,eAAO,MAAM,iBAAiB,6YAsBnB,CAAC;AAEZ,wCAAwC;AACxC,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;EAA4B,CAAC;AACxD,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AAE5D;;;;GAIG;AACH,eAAO,MAAM,2BAA2B,QAA+B,CAAC;AAExE,0DAA0D;AAC1D,eAAO,MAAM,kBAAkB,aAE7B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAEpE,2CAA2C;AAC3C,eAAO,MAAM,YAAY;;;EAAiC,CAAC;AAC3D,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,YAAY,CAAC,CAAC;AAExD;;;;;;GAMG;AACH,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAqGW,CAAC;AAE/C,+EAA+E;AAC/E,MAAM,MAAM,gBAAgB,GAAG;KAC7B,CAAC,IAAI,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,sBAAsB,CAAC,CAAC,CAAC,CAAC,CAAC;CAClE,CAAC;AAEF,oGAAoG;AACpG,MAAM,WAAW,aAAa;IAC7B,EAAE,EAAE,IAAI,CAAC;IACT,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,kBAAkB,CAAC;IAC/B,OAAO,EAAE,YAAY,CAAC;IACtB,QAAQ,EAAE,IAAI,GAAG,IAAI,CAAC;IACtB,UAAU,EAAE,IAAI,GAAG,IAAI,CAAC;IACxB,iBAAiB,EAAE,IAAI,GAAG,IAAI,CAAC;IAC/B,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CACzC;AAED;;;;GAIG;AACH,eAAO,MAAM,kBAAkB,GAAI,CAAC,SAAS,cAAc,EAC1D,OAAO,aAAa,GAAG;IAAC,UAAU,EAAE,CAAC,CAAA;CAAC,KACpC,gBAAgB,CAAC,CAAC,CAAC,GAAG,IAExB,CAAC;AAEF,6CAA6C;AAC7C,MAAM,WAAW,aAAa,CAAC,CAAC,SAAS,MAAM,GAAG,cAAc;IAC/D,UAAU,EAAE,CAAC,CAAC;IACd,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,QAAQ,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACvB,UAAU,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IACzB,iBAAiB,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAChC,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,CAAC,SAAS,cAAc,GAChC,CAAC,gBAAgB,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,GAAG,IAAI,GACtD,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CAClC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,cAAc;IAC9B,iFAAiF;IACjF,QAAQ,CAAC,WAAW,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAC5C;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;CAC/D;AAED,4FAA4F;AAC5F,eAAO,MAAM,wBAAwB,EAAE,cAGrC,CAAC;AAEH,6CAA6C;AAC7C,MAAM,WAAW,2BAA2B;IAC3C;;;;;;;;OAQG;IACH,YAAY,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC;CAC1D;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,uBAAuB,GAAI,UAAU,2BAA2B,KAAG,cA2B/E,CAAC;AAEF,6CAA6C;AAC7C,MAAM,WAAW,mBAAmB;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;OAIG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9B,UAAU,CAAC,EAAE,IAAI,CAAC;IAClB,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,0GAA0G;IAC1G,SAAS,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;kBAW5B,CAAC;AACH,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAElE,+DAA+D;AAC/D,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;kBAGzC,CAAC;AACH,MAAM,MAAM,8BAA8B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AAE5F,oEAAoE;AACpE,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;kBAGjC,CAAC;AACH,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAE5E,iEAAiE;AACjE,eAAO,MAAM,gBAAgB;;;;;;;kBAE3B,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAIhE,eAAO,MAAM,gBAAgB,gdAY3B,CAAC;AAEH,eAAO,MAAM,iBAAiB,UAK7B,CAAC"}