@getrift/rift 0.1.0-beta.2 → 0.1.0-beta.21

package/dist/src/cli/feedback/feedback-config.js

@@ -1,14 +1,20 @@
 /**
  * Feedback opt-in sidecar.
  *
- * Lives at `<data_dir>/feedback-config.json`, written by `rift onboard`.
- * Holds the relay URL + a per-installation pseudonymous UUID. Optional
- * `hmac_secret` lets the relay verify message integrity (used by the
- * Cloudflare Worker variant; Slack incoming webhooks don't validate it).
+ * Lives at `<data_dir>/feedback-config.json`, written by `rift onboard` /
+ * `rift feedback setup`. Holds the relay URL + a per-installation pseudonymous
+ * UUID + optional contact email — all non-secret. The relay HMAC secret is
+ * NOT stored here: it lives in the macOS Keychain (see `relay-secret-store.ts`)
+ * and is resolved at POST time via `resolveRelaySecret`.
+ *
+ * `hmac_secret` remains in the schema ONLY so legacy plaintext sidecars still
+ * parse and can be migrated into the Keychain on next use; new writes never
+ * include it.
  *
  * Loader is fail-soft: a missing or unreadable sidecar yields a "relay
  * off" config so `rift feedback` still writes a local row.
  */
+import crypto from "node:crypto";
 import fs from "node:fs";
 import path from "node:path";
 import { z } from "zod";
@@ -17,7 +23,19 @@ export const FeedbackConfigSchema = z
     enabled: z.boolean(),
     url: z.string().url().optional(),
     installation_id: z.string().min(1).optional(),
+    // DEPRECATED — legacy plaintext secret. Read only for one-time migration
+    // into the Keychain (see `resolveRelaySecret`); never written by new code.
     hmac_secret: z.string().min(1).optional(),
+    // True only for an intentionally-unsigned dev/local relay
+    // (`--allow-unsigned-feedback-relay`). Lets `maybeRelay` POST without a
+    // secret ONLY when this was an explicit choice — never as a silent
+    // fallback when a secret should exist but couldn't be resolved.
+    unsigned: z.boolean().optional(),
+    // Opt-in beta contact email, captured at onboarding. Stored locally;
+    // reaches the operator only via the relay (or the local
+    // beta-signups.jsonl) and only because the user chose to share it.
+    // Absent unless the user opted in.
+    email: z.string().email().optional(),
 })
     .strict();
 export function feedbackConfigPath(dataDir) {
@@ -40,4 +58,112 @@ export function loadFeedbackConfig(dataDir) {
         return { enabled: false };
     }
 }
+/**
+ * Persist the feedback config, ALWAYS stripping the deprecated `hmac_secret`
+ * — the secret belongs in the Keychain, never the sidecar. Writes mode 0600.
+ */
+export function writeFeedbackConfig(dataDir, cfg) {
+    const { hmac_secret: _legacy, ...safe } = cfg;
+    void _legacy;
+    fs.mkdirSync(dataDir, { recursive: true });
+    const file = feedbackConfigPath(dataDir);
+    fs.writeFileSync(file, JSON.stringify(safe, null, 2) + "\n", {
+        encoding: "utf8",
+        mode: 0o600,
+    });
+    try {
+        fs.chmodSync(file, 0o600);
+    }
+    catch {
+        // best-effort permission fix
+    }
+}
+/**
+ * Resolve the relay HMAC secret, migrating a legacy plaintext sidecar secret
+ * into the Keychain on first use. Order:
+ *   1. Keychain (the canonical home) — return it if present.
+ *   2. Legacy `hmac_secret` in the sidecar — write it to the Keychain, strip
+ *      it from the file, then return it.
+ *   3. None / not securely resolvable — return null.
+ *
+ * NEVER returns a secret that isn't (or didn't just become) securely stored:
+ *   - If the Keychain READ fails (e.g. locked), returns null — the caller must
+ *     not downgrade to an unsigned production POST.
+ *   - A legacy plaintext secret is returned ONLY after it is successfully
+ *     written to the Keychain. If that write fails, returns null (no silent
+ *     plaintext fallback); migration retries next time once the Keychain is
+ *     reachable.
+ *
+ * NEVER throws — it runs in the best-effort `rift feedback` relay path. The
+ * plaintext strip is best-effort and RETRYABLE: a strip that fails (e.g. a
+ * read-only sidecar) leaves the plaintext for a later call to remove, and a
+ * later call strips a lingering plaintext copy even when the Keychain already
+ * holds the secret (the partial-migration case).
+ */
+export async function resolveRelaySecret(deps) {
+    let fromStore;
+    try {
+        fromStore = await deps.store.read();
+    }
+    catch {
+        // Keychain unreadable (e.g. locked) — cannot resolve a secure secret.
+        return null;
+    }
+    if (fromStore) {
+        // Keychain is canonical. Strip any plaintext copy a prior partial
+        // migration left behind (best-effort; retried each call).
+        stripLegacyPlaintextSecret(deps.dataDir);
+        return fromStore;
+    }
+    const legacy = loadFeedbackConfig(deps.dataDir).hmac_secret;
+    if (!legacy)
+        return null;
+    try {
+        await deps.store.write(legacy);
+    }
+    catch {
+        // Could not secure the legacy secret — do NOT fall back to the plaintext.
+        return null;
+    }
+    // Now safely in the Keychain → strip the plaintext copy (best-effort) and
+    // use it. A strip failure must NOT throw out of the best-effort feedback
+    // path; the next call retries via the Keychain-hit branch above.
+    stripLegacyPlaintextSecret(deps.dataDir);
+    return legacy;
+}
+/**
+ * Best-effort removal of a legacy plaintext `hmac_secret` from the sidecar.
+ * Rewrites only when the secret is actually present (no needless writes) and
+ * NEVER throws — a failed strip (e.g. read-only file) leaves the plaintext for
+ * the next call to retry and must not break the best-effort feedback path.
+ */
+function stripLegacyPlaintextSecret(dataDir) {
+    try {
+        const cfg = loadFeedbackConfig(dataDir);
+        if (cfg.hmac_secret === undefined)
+            return; // nothing to strip
+        writeFeedbackConfig(dataDir, cfg); // writeFeedbackConfig drops hmac_secret
+    }
+    catch {
+        // best-effort — retried on a later call once the sidecar is writable
+    }
+}
+/**
+ * Turn the relay on for this install (from an accepted invite or operator
+ * flags): set `enabled` + `url`, mint an `installation_id` when absent, and
+ * preserve any existing email. `writeFeedbackConfig` guarantees no secret
+ * lands in the sidecar — the caller writes the secret to the Keychain. Returns
+ * the persisted config.
+ */
+export function applyRelayUrl(dataDir, url) {
+    const existing = loadFeedbackConfig(dataDir);
+    const cfg = {
+        enabled: true,
+        url,
+        installation_id: existing.installation_id ?? crypto.randomUUID(),
+        ...(existing.email ? { email: existing.email } : {}),
+    };
+    writeFeedbackConfig(dataDir, cfg);
+    return cfg;
+}
 //# sourceMappingURL=feedback-config.js.map

package/dist/src/cli/feedback/feedback-config.js.map

@@ -1 +1 @@
-{"version":3,"file":"feedback-config.js","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC;KAClC,MAAM,CAAC;IACN,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE;IACpB,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAChC,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC7C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC1C,CAAC;KACD,MAAM,EAAE,CAAC;AAIZ,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,IAAI,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAY,CAAC;QAC1C,OAAO,oBAAoB,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;AACH,CAAC"}
+{"version":3,"file":"feedback-config.js","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AACH,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC;KAClC,MAAM,CAAC;IACN,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE;IACpB,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAChC,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC7C,yEAAyE;IACzE,2EAA2E;IAC3E,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACzC,0DAA0D;IAC1D,wEAAwE;IACxE,mEAAmE;IACnE,gEAAgE;IAChE,QAAQ,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAChC,qEAAqE;IACrE,wDAAwD;IACxD,mEAAmE;IACnE,mCAAmC;IACnC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;CACrC,CAAC;KACD,MAAM,EAAE,CAAC;AAIZ,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,IAAI,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;IACD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAY,CAAC;QAC1C,OAAO,oBAAoB,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC5B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe,EAAE,GAAmB;IACtE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,IAAI,EAAE,GAAG,GAAG,CAAC;IAC9C,KAAK,OAAO,CAAC;IACb,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACzC,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE;QAC3D,QAAQ,EAAE,MAAM;QAChB,IAAI,EAAE,KAAK;KACZ,CAAC,CAAC;IACH,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,6BAA6B;IAC/B,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,IAGxC;IACC,IAAI,SAAwB,CAAC;IAC7B,IAAI,CAAC;QACH,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,sEAAsE;QACtE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,SAAS,EAAE,CAAC;QACd,kEAAkE;QAClE,0DAA0D;QAC1D,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,MAAM,GAAG,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC;IAC5D,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,0EAA0E;QAC1E,OAAO,IAAI,CAAC;IACd,CAAC;IACD,0EAA0E;IAC1E,yEAAyE;IACzE,iEAAiE;IACjE,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACzC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;GAKG;AACH,SAAS,0BAA0B,CAAC,OAAe;IACjD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,GAAG,CAAC,WAAW,KAAK,SAAS;YAAE,OAAO,CAAC,mBAAmB;QAC9D,mBAAmB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,wCAAwC;IAC7E,CAAC;IAAC,MAAM,CAAC;QACP,qEAAqE;IACvE,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,aAAa,CAAC,OAAe,EAAE,GAAW;IACxD,MAAM,QAAQ,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAmB;QAC1B,OAAO,EAAE,IAAI;QACb,GAAG;QACH,eAAe,EAAE,QAAQ,CAAC,eAAe,IAAI,MAAM,CAAC,UAAU,EAAE;QAChE,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACrD,CAAC;IACF,mBAAmB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAClC,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/src/cli/feedback/feedback-history.d.ts

@@ -1,4 +1,11 @@
 export declare function sanitizeText(input: string): string;
 export declare function formatHistoryLine(rawLine: string): string;
+/**
+ * Render a beta-signup row. Signups carry the user's own email (no note),
+ * so the audit surface shows it back to them — that is the point of the
+ * audit. ts/email still pass through `sanitizeText` for control-char and
+ * path/secret safety.
+ */
+export declare function formatSignupLine(rawLine: string): string;
 export declare function renderHistory(dataDir: string, emit: (line: string) => void): void;
 //# sourceMappingURL=feedback-history.d.ts.map

package/dist/src/cli/feedback/feedback-history.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"feedback-history.d.ts","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-history.ts"],"names":[],"mappings":"AA4EA,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAMlD;AAED,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAkBzD;AAED,wBAAgB,aAAa,CAC3B,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,GAC3B,IAAI,CAaN"}
+{"version":3,"file":"feedback-history.d.ts","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-history.ts"],"names":[],"mappings":"AA4EA,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAMlD;AAED,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAkBzD;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAcxD;AAUD,wBAAgB,aAAa,CAC3B,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,GAC3B,IAAI,CAaN"}

package/dist/src/cli/feedback/feedback-history.js

@@ -97,19 +97,49 @@ export function formatHistoryLine(rawLine) {
     const status = row.status_snapshot ? "  (with status)" : "";
     return `${ts} · ${kind} · ${note}${status}`;
 }
-export function renderHistory(dataDir, emit) {
-    const file = path.join(dataDir, "observability", "feedback.jsonl");
-    if (!fs.existsSync(file)) {
-        emit("No feedback rows yet.");
-        return;
+/**
+ * Render a beta-signup row. Signups carry the user's own email (no note),
+ * so the audit surface shows it back to them — that is the point of the
+ * audit. ts/email still pass through `sanitizeText` for control-char and
+ * path/secret safety.
+ */
+export function formatSignupLine(rawLine) {
+    let parsed;
+    try {
+        parsed = JSON.parse(rawLine);
     }
-    const raw = fs.readFileSync(file, "utf8");
-    const lines = raw.split("\n").filter((l) => l.length > 0);
-    if (lines.length === 0) {
+    catch {
+        return "[malformed row — skipped]";
+    }
+    if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+        return "[malformed row — skipped]";
+    }
+    const row = parsed;
+    const ts = typeof row.ts === "string" ? sanitizeText(row.ts) : "?";
+    const email = typeof row.email === "string" ? sanitizeText(row.email) : "?";
+    return `${ts} · beta signup · ${email}`;
+}
+function readNonEmptyLines(file) {
+    if (!fs.existsSync(file))
+        return [];
+    return fs
+        .readFileSync(file, "utf8")
+        .split("\n")
+        .filter((l) => l.length > 0);
+}
+export function renderHistory(dataDir, emit) {
+    const obs = path.join(dataDir, "observability");
+    const feedbackLines = readNonEmptyLines(path.join(obs, "feedback.jsonl"));
+    // beta-signups.jsonl is part of "every byte that went to Clem", so the
+    // audit surface must include it — not just feedback.jsonl.
+    const signupLines = readNonEmptyLines(path.join(obs, "beta-signups.jsonl"));
+    if (feedbackLines.length === 0 && signupLines.length === 0) {
         emit("No feedback rows yet.");
         return;
     }
-    for (const line of lines)
+    for (const line of feedbackLines)
         emit(formatHistoryLine(line));
+    for (const line of signupLines)
+        emit(formatSignupLine(line));
 }
 //# sourceMappingURL=feedback-history.js.map

package/dist/src/cli/feedback/feedback-history.js.map

@@ -1 +1 @@
-{"version":3,"file":"feedback-history.js","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-history.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,MAAM,aAAa,GAAG,MAAM,CAAC;AAC7B,MAAM,aAAa,GAAG,OAAO,CAAC;AAE9B,MAAM,oBAAoB,GAA0B;IAClD,IAAI,MAAM,CAAC,MAAM,aAAa,OAAO,aAAa,KAAK,EAAE,IAAI,CAAC;IAC9D,IAAI,MAAM,CAAC,MAAM,aAAa,GAAG,aAAa,KAAK,EAAE,IAAI,CAAC;IAC1D,IAAI,MAAM,CAAC,aAAa,aAAa,KAAK,EAAE,IAAI,CAAC;IACjD,IAAI,MAAM,CAAC,MAAM,aAAa,gBAAgB,EAAE,IAAI,CAAC;CACtD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,aAAa,GAA0B;IAC3C,wKAAwK;CACzK,CAAC;AAEF,MAAM,eAAe,GAA0B;IAC7C,gDAAgD;IAChD,sCAAsC;IACtC,4BAA4B;CAC7B,CAAC;AAEF,MAAM,aAAa,GAAG,IAAI,MAAM,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;AAEnE,MAAM,UAAU,YAAY,CAAC,KAAa;IACxC,IAAI,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IACnE,KAAK,MAAM,EAAE,IAAI,aAAa;QAAE,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAChE,KAAK,MAAM,EAAE,IAAI,oBAAoB;QAAE,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;IACzE,KAAK,MAAM,EAAE,IAAI,eAAe;QAAE,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;IACtE,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,2BAA2B,CAAC;IACrC,CAAC;IACD,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACnE,OAAO,2BAA2B,CAAC;IACrC,CAAC;IACD,MAAM,GAAG,GAAG,MAAiC,CAAC;IAC9C,MAAM,EAAE,GAAG,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACnE,MAAM,IAAI,GACR,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;IAC5E,MAAM,OAAO,GAAG,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7D,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1C,MAAM,MAAM,GAAG,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;IAC5D,OAAO,GAAG,EAAE,MAAM,IAAI,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC;AAC9C,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,OAAe,EACf,IAA4B;IAE5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,EAAE,gBAAgB,CAAC,CAAC;IACnE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAC9B,OAAO;IACT,CAAC;IACD,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC1D,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAC9B,OAAO;IACT,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK;QAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC;AAC1D,CAAC"}
+{"version":3,"file":"feedback-history.js","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-history.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,MAAM,aAAa,GAAG,MAAM,CAAC;AAC7B,MAAM,aAAa,GAAG,OAAO,CAAC;AAE9B,MAAM,oBAAoB,GAA0B;IAClD,IAAI,MAAM,CAAC,MAAM,aAAa,OAAO,aAAa,KAAK,EAAE,IAAI,CAAC;IAC9D,IAAI,MAAM,CAAC,MAAM,aAAa,GAAG,aAAa,KAAK,EAAE,IAAI,CAAC;IAC1D,IAAI,MAAM,CAAC,aAAa,aAAa,KAAK,EAAE,IAAI,CAAC;IACjD,IAAI,MAAM,CAAC,MAAM,aAAa,gBAAgB,EAAE,IAAI,CAAC;CACtD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,aAAa,GAA0B;IAC3C,wKAAwK;CACzK,CAAC;AAEF,MAAM,eAAe,GAA0B;IAC7C,gDAAgD;IAChD,sCAAsC;IACtC,4BAA4B;CAC7B,CAAC;AAEF,MAAM,aAAa,GAAG,IAAI,MAAM,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;AAEnE,MAAM,UAAU,YAAY,CAAC,KAAa;IACxC,IAAI,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IACnE,KAAK,MAAM,EAAE,IAAI,aAAa;QAAE,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAChE,KAAK,MAAM,EAAE,IAAI,oBAAoB;QAAE,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;IACzE,KAAK,MAAM,EAAE,IAAI,eAAe;QAAE,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;IACtE,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,2BAA2B,CAAC;IACrC,CAAC;IACD,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACnE,OAAO,2BAA2B,CAAC;IACrC,CAAC;IACD,MAAM,GAAG,GAAG,MAAiC,CAAC;IAC9C,MAAM,EAAE,GAAG,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACnE,MAAM,IAAI,GACR,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;IAC5E,MAAM,OAAO,GAAG,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7D,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1C,MAAM,MAAM,GAAG,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;IAC5D,OAAO,GAAG,EAAE,MAAM,IAAI,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC;AAC9C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC9C,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,2BAA2B,CAAC;IACrC,CAAC;IACD,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACnE,OAAO,2BAA2B,CAAC;IACrC,CAAC;IACD,MAAM,GAAG,GAAG,MAAiC,CAAC;IAC9C,MAAM,EAAE,GAAG,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACnE,MAAM,KAAK,GAAG,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC5E,OAAO,GAAG,EAAE,oBAAoB,KAAK,EAAE,CAAC;AAC1C,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY;IACrC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,OAAO,EAAE;SACN,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC;SAC1B,KAAK,CAAC,IAAI,CAAC;SACX,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,OAAe,EACf,IAA4B;IAE5B,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAChD,MAAM,aAAa,GAAG,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC;IAC1E,uEAAuE;IACvE,2DAA2D;IAC3D,MAAM,WAAW,GAAG,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC,CAAC;IAE5E,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3D,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAC9B,OAAO;IACT,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,aAAa;QAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC;IAChE,KAAK,MAAM,IAAI,IAAI,WAAW;QAAE,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/D,CAAC"}

package/dist/src/cli/feedback/feedback-payload.d.ts

@@ -6,7 +6,12 @@
  *  - `ts`              : ISO timestamp the friend hit enter.
  *  - `installation_id` : per-install random UUID from `feedback-config.json`,
  *                        present only if relay opt-in is on. **Not** the
- *                        friend's username, hostname, or email.
+ *                        friend's username or hostname.
+ *  - `email`           : OPT-IN beta contact email, present only if the user
+ *                        chose to share it at onboarding (it lives in
+ *                        `feedback-config.json`). Lets the operator attribute
+ *                        feedback to a person and send news/pricing/launch
+ *                        updates. Absent for anyone who didn't opt in.
  *  - `kind`            : enum free-form intent tag (worked|broke|surprised|idea).
  *  - `note`            : free text from the friend. **Untrusted** — the
  *                        friend can paste anything they like into this. We
@@ -44,10 +49,26 @@ export interface FeedbackPayload {
     installation_id?: string;
     kind: FeedbackKind;
     note: string;
+    email?: string;
     version: string;
     commit: string;
     node: string;
     status_snapshot?: FeedbackStatusSnapshot;
 }
+/**
+ * One-time beta signup, emitted at onboarding when a user opts in to stay
+ * connected. Distinct from feedback: it carries the email but no note/kind.
+ * Written to `data/observability/beta-signups.jsonl` (canonical) and POSTed
+ * to the relay when an endpoint URL is configured.
+ */
+export interface SignupPayload {
+    ts: string;
+    event: "beta_signup";
+    email: string;
+    installation_id: string;
+    version: string;
+    commit: string;
+    node: string;
+}
 export declare function isFeedbackKind(s: string): s is FeedbackKind;
 //# sourceMappingURL=feedback-payload.d.ts.map

package/dist/src/cli/feedback/feedback-payload.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"feedback-payload.d.ts","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-payload.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAE5D,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,OAAO,GAAG,WAAW,GAAG,MAAM,CAAC;AAErE,eAAO,MAAM,cAAc,EAAE,SAAS,YAAY,EAKxC,CAAC;AAEX,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE;QACN,MAAM,EAAE,IAAI,GAAG,aAAa,CAAC;QAC7B,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;QAC9B,kBAAkB,EAAE,OAAO,GAAG,IAAI,CAAC;KACpC,CAAC;IACF,KAAK,EAAE,SAAS,GAAG,IAAI,CAAC;IACxB,YAAY,EAAE;QACZ,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAC3B,WAAW,EAAE,OAAO,GAAG,IAAI,CAAC;QAC5B,iBAAiB,EAAE,OAAO,GAAG,IAAI,CAAC;QAClC,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;QACpC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;QAC9B,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;QAC/B,kBAAkB,EAAE,MAAM,GAAG,IAAI,CAAC;KACnC,CAAC;CACH;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,IAAI,EAAE,YAAY,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,CAAC,EAAE,sBAAsB,CAAC;CAC1C;AAED,wBAAgB,cAAc,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,IAAI,YAAY,CAE3D"}
+{"version":3,"file":"feedback-payload.d.ts","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-payload.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAE5D,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,OAAO,GAAG,WAAW,GAAG,MAAM,CAAC;AAErE,eAAO,MAAM,cAAc,EAAE,SAAS,YAAY,EAKxC,CAAC;AAEX,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE;QACN,MAAM,EAAE,IAAI,GAAG,aAAa,CAAC;QAC7B,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;QAC9B,kBAAkB,EAAE,OAAO,GAAG,IAAI,CAAC;KACpC,CAAC;IACF,KAAK,EAAE,SAAS,GAAG,IAAI,CAAC;IACxB,YAAY,EAAE;QACZ,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAC3B,WAAW,EAAE,OAAO,GAAG,IAAI,CAAC;QAC5B,iBAAiB,EAAE,OAAO,GAAG,IAAI,CAAC;QAClC,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;QACpC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;QAC9B,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;QAC/B,kBAAkB,EAAE,MAAM,GAAG,IAAI,CAAC;KACnC,CAAC;CACH;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,IAAI,EAAE,YAAY,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,CAAC,EAAE,sBAAsB,CAAC;CAC1C;AAED;;;;;GAKG;AACH,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,aAAa,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,eAAe,EAAE,MAAM,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;CACd;AAED,wBAAgB,cAAc,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,IAAI,YAAY,CAE3D"}

package/dist/src/cli/feedback/feedback-payload.js.map

@@ -1 +1 @@
-{"version":3,"file":"feedback-payload.js","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-payload.ts"],"names":[],"mappings":"AAyBA,MAAM,CAAC,MAAM,cAAc,GAA4B;IACrD,QAAQ;IACR,OAAO;IACP,WAAW;IACX,MAAM;CACE,CAAC;AA+BX,MAAM,UAAU,cAAc,CAAC,CAAS;IACtC,OAAQ,cAAoC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;AAC3D,CAAC"}
+{"version":3,"file":"feedback-payload.js","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-payload.ts"],"names":[],"mappings":"AA8BA,MAAM,CAAC,MAAM,cAAc,GAA4B;IACrD,QAAQ;IACR,OAAO;IACP,WAAW;IACX,MAAM;CACE,CAAC;AAgDX,MAAM,UAAU,cAAc,CAAC,CAAS;IACtC,OAAQ,cAAoC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;AAC3D,CAAC"}

package/dist/src/cli/feedback/feedback-relay.d.ts

@@ -1,4 +1,4 @@
-import type { FeedbackPayload } from "./feedback-payload.js";
+import type { FeedbackPayload, SignupPayload } from "./feedback-payload.js";
 export interface RelayResult {
     attempted: boolean;
     ok: boolean;
@@ -11,5 +11,5 @@ export interface RelayOpts {
     fetchFn?: typeof fetch;
     timeoutMs?: number;
 }
-export declare function postFeedback(payload: FeedbackPayload, opts: RelayOpts): Promise<RelayResult>;
+export declare function postFeedback(payload: FeedbackPayload | SignupPayload, opts: RelayOpts): Promise<RelayResult>;
 //# sourceMappingURL=feedback-relay.d.ts.map

package/dist/src/cli/feedback/feedback-relay.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"feedback-relay.d.ts","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-relay.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAE7D,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,OAAO,CAAC;IACnB,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,OAAO,KAAK,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,wBAAsB,YAAY,CAChC,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,SAAS,GACd,OAAO,CAAC,WAAW,CAAC,CA+BtB"}
+{"version":3,"file":"feedback-relay.d.ts","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-relay.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAE5E,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,OAAO,CAAC;IACnB,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,OAAO,KAAK,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,wBAAsB,YAAY,CAChC,OAAO,EAAE,eAAe,GAAG,aAAa,EACxC,IAAI,EAAE,SAAS,GACd,OAAO,CAAC,WAAW,CAAC,CA+BtB"}

package/dist/src/cli/feedback/feedback-relay.js.map

@@ -1 +1 @@
-{"version":3,"file":"feedback-relay.js","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-relay.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAiBzC,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAwB,EACxB,IAAe;IAEf,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC;IACtC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,OAAO,GAA2B;QACtC,cAAc,EAAE,kBAAkB;KACnC,CAAC;IACF,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC7E,OAAO,CAAC,kBAAkB,CAAC,GAAG,UAAU,GAAG,EAAE,CAAC;IAChD,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,SAAS,IAAI,KAAK,CAAC,CAAC;IAC5E,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE;YAClC,MAAM,EAAE,MAAM;YACd,IAAI;YACJ,OAAO;YACP,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QACH,OAAO,GAAG,CAAC,EAAE;YACX,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE;YACnD,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC;IACzD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,SAAS,EAAE,IAAI;YACf,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;AACH,CAAC"}
+{"version":3,"file":"feedback-relay.js","sourceRoot":"","sources":["../../../../src/cli/feedback/feedback-relay.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAiBzC,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAwC,EACxC,IAAe;IAEf,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC;IACtC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,OAAO,GAA2B;QACtC,cAAc,EAAE,kBAAkB;KACnC,CAAC;IACF,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC7E,OAAO,CAAC,kBAAkB,CAAC,GAAG,UAAU,GAAG,EAAE,CAAC;IAChD,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,SAAS,IAAI,KAAK,CAAC,CAAC;IAC5E,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE;YAClC,MAAM,EAAE,MAAM;YACd,IAAI;YACJ,OAAO;YACP,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QACH,OAAO,GAAG,CAAC,EAAE;YACX,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE;YACnD,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC;IACzD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,SAAS,EAAE,IAAI;YACf,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;AACH,CAAC"}

package/dist/src/cli/feedback/invite.d.ts

@@ -0,0 +1,17 @@
+export interface RiftInvite {
+    url: string;
+    secret: string;
+    label?: string;
+}
+/**
+ * Decode an invite code into its parts. Throws a `validation` CliError on any
+ * malformation (bad prefix, bad base64, bad JSON, missing/invalid fields) with
+ * one friend-facing message — never leaks the decode internals.
+ */
+export declare function parseInvite(raw: string): RiftInvite;
+/**
+ * Build an invite code from its parts. The operator-side counterpart to
+ * `parseInvite` (used to mint codes and to round-trip in tests).
+ */
+export declare function formatInvite(invite: RiftInvite): string;
+//# sourceMappingURL=invite.d.ts.map

package/dist/src/cli/feedback/invite.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"invite.d.ts","sourceRoot":"","sources":["../../../../src/cli/feedback/invite.ts"],"names":[],"mappings":"AA6BA,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAKD;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAmBnD;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAWvD"}

package/dist/src/cli/feedback/invite.js

@@ -0,0 +1,67 @@
+/**
+ * Feedback-relay invite codes.
+ *
+ * An invite is a single opaque string the operator hands a friend. It carries
+ * the relay URL + the HMAC secret so the friend never sees or types a raw
+ * secret — they paste ONE blob and Rift does the rest (URL → config, secret →
+ * Keychain). Shape:
+ *
+ *   rift-invite_<base64url(JSON)>   where JSON = { v: 1, url, secret, label? }
+ *
+ * NOTE (deferred, tracked): the invite embeds the *shared* beta secret, so it
+ * is only as revocable as that secret. Acceptable for beta (it signs feedback
+ * to Clem, low stakes); the revocable per-install token is the future upgrade.
+ */
+import { z } from "zod";
+import { CliError } from "../http-client.js";
+const INVITE_PREFIX = "rift-invite_";
+const InvitePayloadSchema = z
+    .object({
+    v: z.literal(1),
+    url: z.string().url(),
+    secret: z.string().min(1),
+    label: z.string().min(1).optional(),
+})
+    .strict();
+const INVALID = "That invite code is not valid. Ask Clem for a fresh `rift-invite_…` code.";
+/**
+ * Decode an invite code into its parts. Throws a `validation` CliError on any
+ * malformation (bad prefix, bad base64, bad JSON, missing/invalid fields) with
+ * one friend-facing message — never leaks the decode internals.
+ */
+export function parseInvite(raw) {
+    const code = raw.trim();
+    if (!code.startsWith(INVITE_PREFIX)) {
+        throw new CliError(INVALID, "validation");
+    }
+    const encoded = code.slice(INVITE_PREFIX.length);
+    let json;
+    try {
+        const decoded = Buffer.from(encoded, "base64url").toString("utf8");
+        json = JSON.parse(decoded);
+    }
+    catch {
+        throw new CliError(INVALID, "validation");
+    }
+    const parsed = InvitePayloadSchema.safeParse(json);
+    if (!parsed.success) {
+        throw new CliError(INVALID, "validation");
+    }
+    const { url, secret, label } = parsed.data;
+    return { url, secret, ...(label ? { label } : {}) };
+}
+/**
+ * Build an invite code from its parts. The operator-side counterpart to
+ * `parseInvite` (used to mint codes and to round-trip in tests).
+ */
+export function formatInvite(invite) {
+    const payload = {
+        v: 1,
+        url: invite.url,
+        secret: invite.secret,
+        ...(invite.label ? { label: invite.label } : {}),
+    };
+    const encoded = Buffer.from(JSON.stringify(payload), "utf8").toString("base64url");
+    return `${INVITE_PREFIX}${encoded}`;
+}
+//# sourceMappingURL=invite.js.map

package/dist/src/cli/feedback/invite.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"invite.js","sourceRoot":"","sources":["../../../../src/cli/feedback/invite.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AACH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAE7C,MAAM,aAAa,GAAG,cAAc,CAAC;AAErC,MAAM,mBAAmB,GAAG,CAAC;KAC1B,MAAM,CAAC;IACN,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IACf,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IACrB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACzB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;CACpC,CAAC;KACD,MAAM,EAAE,CAAC;AAQZ,MAAM,OAAO,GACX,2EAA2E,CAAC;AAE9E;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW;IACrC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IACxB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAC5C,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;IACjD,IAAI,IAAa,CAAC;IAClB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACnE,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAC5C,CAAC;IACD,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACnD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAC5C,CAAC;IACD,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC;IAC3C,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;AACtD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,MAAkB;IAC7C,MAAM,OAAO,GAAG;QACd,CAAC,EAAE,CAAU;QACb,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACjD,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CACnE,WAAW,CACZ,CAAC;IACF,OAAO,GAAG,aAAa,GAAG,OAAO,EAAE,CAAC;AACtC,CAAC"}

package/dist/src/cli/feedback/relay-secret-store.d.ts

@@ -0,0 +1,32 @@
+/** Minimal shape of the promisified `execFile` we depend on (stdout only). */
+type ExecFn = (file: string, args: string[]) => Promise<{
+    stdout: string;
+}>;
+/**
+ * Storage for the relay HMAC secret. Abstracted so the feedback paths can be
+ * tested with an in-memory implementation that never shells out to `security`.
+ */
+export interface RelaySecretStore {
+    /** The stored secret, or null when none is set. */
+    read(): Promise<string | null>;
+    /** Write (or overwrite) the secret. */
+    write(secret: string): Promise<void>;
+    /** Remove the secret. No-op when already absent. */
+    delete(): Promise<void>;
+}
+/**
+ * Production store backed by the macOS `security` CLI. `exec` is injectable so
+ * tests can drive the error mapping (locked keychain, item-not-found) without
+ * a real Keychain. There is deliberately NO plaintext fallback — if the secret
+ * cannot be stored securely, relay signing is simply unavailable.
+ */
+export declare function createMacRelaySecretStore(exec?: ExecFn): RelaySecretStore;
+/** Production store backed by the real macOS `security` CLI. */
+export declare const macRelaySecretStore: RelaySecretStore;
+/**
+ * In-memory store for tests and any non-Keychain injection point. Holds the
+ * secret in a closure — never persisted. Production code never reaches for it.
+ */
+export declare function createInMemoryRelaySecretStore(initial?: string | null): RelaySecretStore;
+export {};
+//# sourceMappingURL=relay-secret-store.d.ts.map

package/dist/src/cli/feedback/relay-secret-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"relay-secret-store.d.ts","sourceRoot":"","sources":["../../../../src/cli/feedback/relay-secret-store.ts"],"names":[],"mappings":"AAmBA,8EAA8E;AAC9E,KAAK,MAAM,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC;AA2C5E;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,mDAAmD;IACnD,IAAI,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC/B,uCAAuC;IACvC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACrC,oDAAoD;IACpD,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CACzB;AAED;;;;;GAKG;AACH,wBAAgB,yBAAyB,CAAC,IAAI,GAAE,MAAoB,GAAG,gBAAgB,CAmDtF;AAED,gEAAgE;AAChE,eAAO,MAAM,mBAAmB,EAAE,gBAA8C,CAAC;AAEjF;;;GAGG;AACH,wBAAgB,8BAA8B,CAC5C,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,GACtB,gBAAgB,CAalB"}

package/dist/src/cli/feedback/relay-secret-store.js

@@ -0,0 +1,137 @@
+/**
+ * Secure storage for the feedback-relay HMAC secret.
+ *
+ * The secret proves a feedback POST came from a configured Rift install (the
+ * Cloudflare Worker validates the `X-Rift-Signature` HMAC). It is a real
+ * secret, so it must NOT sit in plaintext `feedback-config.json`. It lives in
+ * the macOS Keychain instead, under the same service as the daemon auth token
+ * (`com.getrift.daemon`) so all Rift secrets share one keychain service.
+ *
+ * The store is an injectable interface: production uses the `security` CLI;
+ * tests inject `createInMemoryRelaySecretStore()` (no real Keychain, no GUI
+ * session) or `createMacRelaySecretStore(fakeExec)` to exercise the error
+ * mapping without shelling out.
+ */
+import { execFile } from "node:child_process";
+import { promisify } from "node:util";
+import { LockedKeychainError } from "../../auth/keychain.js";
+const defaultExec = promisify(execFile);
+/** Same keychain service as the daemon auth token — one service per app. */
+const SERVICE = "com.getrift.daemon";
+/** Single (non-versioned) generic-password account for the relay secret. */
+const ACCOUNT = "RELAY_HMAC_SECRET";
+/** macOS `security` exit code for errSecItemNotFound — the only swallowed one. */
+const ERR_SEC_ITEM_NOT_FOUND = 44;
+/** Substring the `security` CLI emits when the login keychain is locked. */
+const LOCKED_KEYCHAIN_SUBSTRING = "User interaction is not allowed";
+// Predicates mirror the private helpers in ../../auth/keychain.ts. Kept local
+// (not exported from there) to avoid refactoring the heavily-tested auth path;
+// the auth token store remains the single owner of those internals.
+function isItemNotFound(err) {
+    if (!(err instanceof Error))
+        return false;
+    return err.code === ERR_SEC_ITEM_NOT_FOUND;
+}
+function isLockedKeychain(err) {
+    if (!(err instanceof Error))
+        return false;
+    if (err.message.includes(LOCKED_KEYCHAIN_SUBSTRING))
+        return true;
+    const stderr = err.stderr;
+    return typeof stderr === "string" && stderr.includes(LOCKED_KEYCHAIN_SUBSTRING);
+}
+/**
+ * Normalize a `security` failure: a locked keychain becomes the typed
+ * `LockedKeychainError` (so callers render the unlock hint instead of leaking
+ * raw `security` output); every other error propagates unchanged. Applied on
+ * EVERY path — read, write, and delete — so write failures during invite
+ * setup map the same way reads do.
+ */
+function rethrowKeychainError(err) {
+    if (isLockedKeychain(err)) {
+        throw new LockedKeychainError(err instanceof Error ? err.message : String(err));
+    }
+    throw err;
+}
+/**
+ * Production store backed by the macOS `security` CLI. `exec` is injectable so
+ * tests can drive the error mapping (locked keychain, item-not-found) without
+ * a real Keychain. There is deliberately NO plaintext fallback — if the secret
+ * cannot be stored securely, relay signing is simply unavailable.
+ */
+export function createMacRelaySecretStore(exec = defaultExec) {
+    return {
+        async read() {
+            try {
+                const { stdout } = await exec("security", [
+                    "find-generic-password",
+                    "-a",
+                    ACCOUNT,
+                    "-s",
+                    SERVICE,
+                    "-w",
+                ]);
+                return stdout.trim() || null;
+            }
+            catch (err) {
+                if (isItemNotFound(err))
+                    return null;
+                rethrowKeychainError(err);
+            }
+        },
+        async write(secret) {
+            try {
+                await exec("security", [
+                    "add-generic-password",
+                    "-a",
+                    ACCOUNT,
+                    "-s",
+                    SERVICE,
+                    "-w",
+                    secret,
+                    "-U", // update in place if it already exists
+                ]);
+            }
+            catch (err) {
+                rethrowKeychainError(err);
+            }
+        },
+        async delete() {
+            try {
+                await exec("security", [
+                    "delete-generic-password",
+                    "-a",
+                    ACCOUNT,
+                    "-s",
+                    SERVICE,
+                ]);
+            }
+            catch (err) {
+                if (isItemNotFound(err))
+                    return; // already gone — fine
+                rethrowKeychainError(err);
+            }
+        },
+    };
+}
+/** Production store backed by the real macOS `security` CLI. */
+export const macRelaySecretStore = createMacRelaySecretStore();
+/**
+ * In-memory store for tests and any non-Keychain injection point. Holds the
+ * secret in a closure — never persisted. Production code never reaches for it.
+ */
+export function createInMemoryRelaySecretStore(initial) {
+    let secret = initial ?? null;
+    return {
+        async read() {
+            return secret;
+        },
+        async write(value) {
+            secret = value;
+        },
+        async delete() {
+            secret = null;
+        },
+    };
+}
+//# sourceMappingURL=relay-secret-store.js.map

package/dist/src/cli/feedback/relay-secret-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"relay-secret-store.js","sourceRoot":"","sources":["../../../../src/cli/feedback/relay-secret-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AACH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAK7D,MAAM,WAAW,GAAG,SAAS,CAAC,QAAQ,CAAsB,CAAC;AAE7D,4EAA4E;AAC5E,MAAM,OAAO,GAAG,oBAAoB,CAAC;AACrC,4EAA4E;AAC5E,MAAM,OAAO,GAAG,mBAAmB,CAAC;AAEpC,kFAAkF;AAClF,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAClC,4EAA4E;AAC5E,MAAM,yBAAyB,GAAG,iCAAiC,CAAC;AAEpE,8EAA8E;AAC9E,+EAA+E;AAC/E,oEAAoE;AACpE,SAAS,cAAc,CAAC,GAAY;IAClC,IAAI,CAAC,CAAC,GAAG,YAAY,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1C,OAAQ,GAAyB,CAAC,IAAI,KAAK,sBAAsB,CAAC;AACpE,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAY;IACpC,IAAI,CAAC,CAAC,GAAG,YAAY,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1C,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,yBAAyB,CAAC;QAAE,OAAO,IAAI,CAAC;IACjE,MAAM,MAAM,GAAI,GAA2B,CAAC,MAAM,CAAC;IACnD,OAAO,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC;AAClF,CAAC;AAED;;;;;;GAMG;AACH,SAAS,oBAAoB,CAAC,GAAY;IACxC,IAAI,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,mBAAmB,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAClF,CAAC;IACD,MAAM,GAAG,CAAC;AACZ,CAAC;AAeD;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAe,WAAW;IAClE,OAAO;QACL,KAAK,CAAC,IAAI;YACR,IAAI,CAAC;gBACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE;oBACxC,uBAAuB;oBACvB,IAAI;oBACJ,OAAO;oBACP,IAAI;oBACJ,OAAO;oBACP,IAAI;iBACL,CAAC,CAAC;gBACH,OAAO,MAAM,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC;YAC/B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,cAAc,CAAC,GAAG,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACrC,oBAAoB,CAAC,GAAG,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;QAED,KAAK,CAAC,KAAK,CAAC,MAAM;YAChB,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,UAAU,EAAE;oBACrB,sBAAsB;oBACtB,IAAI;oBACJ,OAAO;oBACP,IAAI;oBACJ,OAAO;oBACP,IAAI;oBACJ,MAAM;oBACN,IAAI,EAAE,uCAAuC;iBAC9C,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,oBAAoB,CAAC,GAAG,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;QAED,KAAK,CAAC,MAAM;YACV,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,UAAU,EAAE;oBACrB,yBAAyB;oBACzB,IAAI;oBACJ,OAAO;oBACP,IAAI;oBACJ,OAAO;iBACR,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,cAAc,CAAC,GAAG,CAAC;oBAAE,OAAO,CAAC,sBAAsB;gBACvD,oBAAoB,CAAC,GAAG,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED,gEAAgE;AAChE,MAAM,CAAC,MAAM,mBAAmB,GAAqB,yBAAyB,EAAE,CAAC;AAEjF;;;GAGG;AACH,MAAM,UAAU,8BAA8B,CAC5C,OAAuB;IAEvB,IAAI,MAAM,GAAkB,OAAO,IAAI,IAAI,CAAC;IAC5C,OAAO;QACL,KAAK,CAAC,IAAI;YACR,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,KAAK,CAAC,KAAK,CAAC,KAAa;YACvB,MAAM,GAAG,KAAK,CAAC;QACjB,CAAC;QACD,KAAK,CAAC,MAAM;YACV,MAAM,GAAG,IAAI,CAAC;QAChB,CAAC;KACF,CAAC;AACJ,CAAC"}