@getstackrun/sdk 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +32 -8
- package/dist/agent-auth.d.ts +11 -0
- package/dist/agent-auth.d.ts.map +1 -0
- package/dist/agent-auth.js +154 -0
- package/dist/agent-auth.js.map +1 -0
- package/dist/client.d.ts +41 -3
- package/dist/client.d.ts.map +1 -1
- package/dist/client.js +125 -5
- package/dist/client.js.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -16,16 +16,30 @@ Requires Node.js 18 or newer. Works in Deno, Bun, and browsers via native `fetch
|
|
|
16
16
|
|
|
17
17
|
## Quick start
|
|
18
18
|
|
|
19
|
+
Sign in once on your machine — the SDK reads credentials from `~/.stack/credentials.json` automatically:
|
|
20
|
+
|
|
21
|
+
```bash
|
|
22
|
+
npx -y @getstackrun/cli auth login
|
|
23
|
+
```
|
|
24
|
+
|
|
19
25
|
```ts
|
|
20
26
|
import { Stack } from '@getstackrun/sdk';
|
|
21
27
|
|
|
22
|
-
|
|
28
|
+
// No constructor args — reads ~/.stack/credentials.json (OAuth refresh token).
|
|
29
|
+
// Falls back to STACK_API_KEY env var or constructor { apiKey } for CI.
|
|
30
|
+
const stack = new Stack();
|
|
23
31
|
|
|
24
|
-
// 1. Register an agent
|
|
32
|
+
// 1. Register an agent (one-time)
|
|
25
33
|
const agent = await stack.agents.register({ name: 'support-bot' });
|
|
26
34
|
|
|
27
|
-
// 2.
|
|
28
|
-
const
|
|
35
|
+
// 2. In your agent runtime, switch to per-agent keypair mode
|
|
36
|
+
const agentStack = new Stack({ agent_id: agent.id });
|
|
37
|
+
// First run: generates an Ed25519 keypair locally + enrolls the public
|
|
38
|
+
// half via /v1/agents/<id>/enroll. Persisted at ~/.stack/agents/<id>.json
|
|
39
|
+
// (mode 0600). Every subsequent call signs a fresh 60-second JWT.
|
|
40
|
+
|
|
41
|
+
// 3. Issue a short-lived scoped passport
|
|
42
|
+
const passport = await agentStack.passports.issue({
|
|
29
43
|
agent_id: agent.id,
|
|
30
44
|
intent: {
|
|
31
45
|
summary: 'Answer one customer ticket',
|
|
@@ -35,8 +49,8 @@ const passport = await stack.passports.issue({
|
|
|
35
49
|
ttl_seconds: 900,
|
|
36
50
|
});
|
|
37
51
|
|
|
38
|
-
//
|
|
39
|
-
await
|
|
52
|
+
// 4. Every outbound call routes through the proxy
|
|
53
|
+
await agentStack.proxy.request({
|
|
40
54
|
service: 'slack',
|
|
41
55
|
method: 'POST',
|
|
42
56
|
url: 'https://slack.com/api/chat.postMessage',
|
|
@@ -44,10 +58,20 @@ await stack.proxy.request({
|
|
|
44
58
|
passport_token: passport.token,
|
|
45
59
|
});
|
|
46
60
|
|
|
47
|
-
//
|
|
48
|
-
await
|
|
61
|
+
// 5. Revoke when done (or let the passport expire)
|
|
62
|
+
await agentStack.passports.revoke(passport.jti, 'mission complete');
|
|
49
63
|
```
|
|
50
64
|
|
|
65
|
+
## Authentication
|
|
66
|
+
|
|
67
|
+
Three sources, resolved in priority order:
|
|
68
|
+
|
|
69
|
+
1. **Explicit `apiKey`** on the constructor or `STACK_API_KEY` env var (legacy `sk_live_*` path, preserved for CI)
|
|
70
|
+
2. **`agent_id`** option (Phase 2) — every request signed with the agent's local keypair
|
|
71
|
+
3. **`~/.stack/credentials.json`** — OAuth refresh token written by `stack-cli auth login`
|
|
72
|
+
|
|
73
|
+
See [/docs/security/stack-auth](https://getstack.run/docs/security/stack-auth) for the full auth model and [/docs/security/agent-keys](https://getstack.run/docs/security/agent-keys) for the per-agent keypair story.
|
|
74
|
+
|
|
51
75
|
## Offline passport verification
|
|
52
76
|
|
|
53
77
|
Downstream services that only need cryptographic validity (no revocation awareness) can verify a passport using the public JWKS — no network round-trip to STACK per request.
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Token provider for the HttpClient. Returns a fresh agent JWT per call.
|
|
3
|
+
* On first run (no stored key), runs the enrollment flow using the
|
|
4
|
+
* supplied bearerProvider for OAuth fallback authentication.
|
|
5
|
+
*/
|
|
6
|
+
export declare function createAgentTokenProvider(args: {
|
|
7
|
+
agentId: string;
|
|
8
|
+
baseUrl: string;
|
|
9
|
+
bearerProvider: () => Promise<string>;
|
|
10
|
+
}): () => Promise<string>;
|
|
11
|
+
//# sourceMappingURL=agent-auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"agent-auth.d.ts","sourceRoot":"","sources":["../src/agent-auth.ts"],"names":[],"mappings":"AA8JA;;;;GAIG;AACH,wBAAgB,wBAAwB,CAAC,IAAI,EAAE;IAC7C,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;CACvC,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,CAWxB"}
|
|
@@ -0,0 +1,154 @@
|
|
|
1
|
+
// Phase 2 — agent-keypair runtime auth.
|
|
2
|
+
//
|
|
3
|
+
// When `new Stack({ agent_id })` is constructed, the SDK enters
|
|
4
|
+
// agent-runtime mode: every API call is signed with a fresh 60-second
|
|
5
|
+
// EdDSA JWT minted on demand from the agent's local privkey.
|
|
6
|
+
//
|
|
7
|
+
// First run flow:
|
|
8
|
+
// 1. Try to read ~/.stack/agents/<agent_id>.json (privkey JWK).
|
|
9
|
+
// 2. If missing, kick off the enrollment dance using the developer's
|
|
10
|
+
// OAuth credentials (the ones written by `stack-cli auth login`):
|
|
11
|
+
// a. POST /v1/agents/<id>/enrollment-challenge
|
|
12
|
+
// b. Generate Ed25519 keypair locally
|
|
13
|
+
// c. Sign the challenge bytes with the new privkey
|
|
14
|
+
// d. POST /v1/agents/<id>/enroll with the public_key JWK +
|
|
15
|
+
// signed_challenge
|
|
16
|
+
// Persist the privkey to disk (mode 0600) and proceed.
|
|
17
|
+
//
|
|
18
|
+
// Subsequent runs hit step 1 only — no enrollment, no browser, no
|
|
19
|
+
// developer interaction.
|
|
20
|
+
//
|
|
21
|
+
// Threat model: the privkey lives on disk just like an OAuth refresh
|
|
22
|
+
// token. Phase 3 (passkey-rooted) closes the laptop-decryption gap.
|
|
23
|
+
// Until then, file-on-disk + chmod 600 is the same posture as `aws cli`.
|
|
24
|
+
import { generateKeyPair, exportJWK, importJWK, SignJWT } from 'jose';
|
|
25
|
+
import { sign as cryptoSign } from 'node:crypto';
|
|
26
|
+
const AGENT_KEY_DIR = '.stack/agents';
|
|
27
|
+
const AGENT_JWT_TTL = 60;
|
|
28
|
+
const AGENT_JWT_AUDIENCE = 'stack:agent';
|
|
29
|
+
const AGENT_JWT_ISSUER = 'stack-sdk';
|
|
30
|
+
async function keyPath(agentId) {
|
|
31
|
+
const { homedir } = await import('node:os');
|
|
32
|
+
const { join } = await import('node:path');
|
|
33
|
+
return join(homedir(), AGENT_KEY_DIR, `${agentId}.json`);
|
|
34
|
+
}
|
|
35
|
+
async function readStoredKey(agentId) {
|
|
36
|
+
try {
|
|
37
|
+
const { readFile } = await import('node:fs/promises');
|
|
38
|
+
const path = await keyPath(agentId);
|
|
39
|
+
const raw = await readFile(path, 'utf8');
|
|
40
|
+
return JSON.parse(raw);
|
|
41
|
+
}
|
|
42
|
+
catch {
|
|
43
|
+
return null;
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
async function writeStoredKey(key) {
|
|
47
|
+
const { writeFile, mkdir, chmod } = await import('node:fs/promises');
|
|
48
|
+
const { join, dirname } = await import('node:path');
|
|
49
|
+
const { homedir } = await import('node:os');
|
|
50
|
+
const path = join(homedir(), AGENT_KEY_DIR, `${key.agent_id}.json`);
|
|
51
|
+
await mkdir(dirname(path), { recursive: true });
|
|
52
|
+
await writeFile(path, JSON.stringify(key, null, 2), 'utf8');
|
|
53
|
+
try {
|
|
54
|
+
await chmod(path, 0o600);
|
|
55
|
+
}
|
|
56
|
+
catch {
|
|
57
|
+
/* Windows / unsupported FS */
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
/**
|
|
61
|
+
* Run the enrollment dance for `agentId`. Authenticated calls to
|
|
62
|
+
* `/enrollment-challenge` and `/enroll` reuse the developer's OAuth
|
|
63
|
+
* credentials via the bearer-token resolver passed in.
|
|
64
|
+
*/
|
|
65
|
+
async function enroll(args) {
|
|
66
|
+
const bearer = await args.bearerProvider();
|
|
67
|
+
// Step 1: request challenge.
|
|
68
|
+
const challengeRes = await fetch(`${args.baseUrl}/v1/agents/${args.agentId}/enrollment-challenge`, {
|
|
69
|
+
method: 'POST',
|
|
70
|
+
headers: {
|
|
71
|
+
Authorization: `Bearer ${bearer}`,
|
|
72
|
+
'Content-Type': 'application/json',
|
|
73
|
+
},
|
|
74
|
+
});
|
|
75
|
+
if (!challengeRes.ok) {
|
|
76
|
+
const errBody = await challengeRes.json().catch(() => ({}));
|
|
77
|
+
throw new Error(`enrollment-challenge failed: ${errBody.error?.message ?? challengeRes.statusText}`);
|
|
78
|
+
}
|
|
79
|
+
const { challenge_id, challenge } = (await challengeRes.json());
|
|
80
|
+
// Step 2: generate keypair locally.
|
|
81
|
+
const { publicKey, privateKey } = await generateKeyPair('EdDSA', { crv: 'Ed25519', extractable: true });
|
|
82
|
+
const publicJwk = await exportJWK(publicKey);
|
|
83
|
+
const privateJwk = await exportJWK(privateKey);
|
|
84
|
+
// Step 3: sign the challenge bytes with the privkey.
|
|
85
|
+
// Node's `sign(null, ...)` is the Ed25519 entry-point; matches what
|
|
86
|
+
// the API's `crypto.verify(null, ...)` consumes.
|
|
87
|
+
const { createPrivateKey } = await import('node:crypto');
|
|
88
|
+
const privateKeyObject = createPrivateKey({ key: privateJwk, format: 'jwk' });
|
|
89
|
+
const signatureBytes = cryptoSign(null, Buffer.from(challenge, 'utf8'), privateKeyObject);
|
|
90
|
+
const signed_challenge = signatureBytes.toString('base64url');
|
|
91
|
+
// Step 4: POST /enroll.
|
|
92
|
+
const enrollRes = await fetch(`${args.baseUrl}/v1/agents/${args.agentId}/enroll`, {
|
|
93
|
+
method: 'POST',
|
|
94
|
+
headers: {
|
|
95
|
+
Authorization: `Bearer ${bearer}`,
|
|
96
|
+
'Content-Type': 'application/json',
|
|
97
|
+
},
|
|
98
|
+
body: JSON.stringify({
|
|
99
|
+
public_key: { kty: publicJwk.kty, crv: publicJwk.crv, x: publicJwk.x },
|
|
100
|
+
challenge_id,
|
|
101
|
+
signed_challenge,
|
|
102
|
+
}),
|
|
103
|
+
});
|
|
104
|
+
if (!enrollRes.ok) {
|
|
105
|
+
const errBody = await enrollRes.json().catch(() => ({}));
|
|
106
|
+
throw new Error(`enroll failed: ${errBody.error?.message ?? enrollRes.statusText}`);
|
|
107
|
+
}
|
|
108
|
+
const { enrolled_at } = (await enrollRes.json());
|
|
109
|
+
const stored = {
|
|
110
|
+
agent_id: args.agentId,
|
|
111
|
+
publicKey: publicJwk,
|
|
112
|
+
privateKey: privateJwk,
|
|
113
|
+
enrolled_at: new Date(enrolled_at).getTime() / 1000,
|
|
114
|
+
};
|
|
115
|
+
await writeStoredKey(stored);
|
|
116
|
+
return stored;
|
|
117
|
+
}
|
|
118
|
+
/**
|
|
119
|
+
* Mint a fresh agent JWT (60s TTL) signed with the agent's privkey.
|
|
120
|
+
* One JWT per request — no caching. Cheap (≈1ms EdDSA sign) and the
|
|
121
|
+
* jti uniqueness ensures the API's replay-cache stays effective.
|
|
122
|
+
*/
|
|
123
|
+
async function signAgentJwt(stored, agentId) {
|
|
124
|
+
const key = await importJWK(stored.privateKey, 'EdDSA');
|
|
125
|
+
const now = Math.floor(Date.now() / 1000);
|
|
126
|
+
return new SignJWT({})
|
|
127
|
+
.setProtectedHeader({ alg: 'EdDSA' })
|
|
128
|
+
.setIssuer(AGENT_JWT_ISSUER)
|
|
129
|
+
.setSubject(agentId)
|
|
130
|
+
.setAudience(AGENT_JWT_AUDIENCE)
|
|
131
|
+
.setIssuedAt(now)
|
|
132
|
+
.setNotBefore(now)
|
|
133
|
+
.setExpirationTime(now + AGENT_JWT_TTL)
|
|
134
|
+
.setJti(`aj_${now}_${Math.random().toString(36).slice(2, 12)}`)
|
|
135
|
+
.sign(key);
|
|
136
|
+
}
|
|
137
|
+
/**
|
|
138
|
+
* Token provider for the HttpClient. Returns a fresh agent JWT per call.
|
|
139
|
+
* On first run (no stored key), runs the enrollment flow using the
|
|
140
|
+
* supplied bearerProvider for OAuth fallback authentication.
|
|
141
|
+
*/
|
|
142
|
+
export function createAgentTokenProvider(args) {
|
|
143
|
+
let cached = null;
|
|
144
|
+
return async () => {
|
|
145
|
+
if (!cached) {
|
|
146
|
+
cached = await readStoredKey(args.agentId);
|
|
147
|
+
}
|
|
148
|
+
if (!cached) {
|
|
149
|
+
cached = await enroll({ agentId: args.agentId, baseUrl: args.baseUrl, bearerProvider: args.bearerProvider });
|
|
150
|
+
}
|
|
151
|
+
return signAgentJwt(cached, args.agentId);
|
|
152
|
+
};
|
|
153
|
+
}
|
|
154
|
+
//# sourceMappingURL=agent-auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"agent-auth.js","sourceRoot":"","sources":["../src/agent-auth.ts"],"names":[],"mappings":"AAAA,wCAAwC;AACxC,EAAE;AACF,gEAAgE;AAChE,sEAAsE;AACtE,6DAA6D;AAC7D,EAAE;AACF,kBAAkB;AAClB,kEAAkE;AAClE,uEAAuE;AACvE,uEAAuE;AACvE,uDAAuD;AACvD,8CAA8C;AAC9C,2DAA2D;AAC3D,mEAAmE;AACnE,8BAA8B;AAC9B,4DAA4D;AAC5D,EAAE;AACF,kEAAkE;AAClE,yBAAyB;AACzB,EAAE;AACF,qEAAqE;AACrE,oEAAoE;AACpE,yEAAyE;AAEzE,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,EAAY,MAAM,MAAM,CAAC;AAChF,OAAO,EAAE,IAAI,IAAI,UAAU,EAAE,MAAM,aAAa,CAAC;AAEjD,MAAM,aAAa,GAAG,eAAe,CAAC;AACtC,MAAM,aAAa,GAAG,EAAE,CAAC;AACzB,MAAM,kBAAkB,GAAG,aAAa,CAAC;AACzC,MAAM,gBAAgB,GAAG,WAAW,CAAC;AASrC,KAAK,UAAU,OAAO,CAAC,OAAe;IACpC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;IAC5C,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;IAC3C,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,GAAG,OAAO,OAAO,CAAC,CAAC;AAC3D,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,OAAe;IAC1C,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACtD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAc,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,GAAc;IAC1C,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;IACrE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,QAAQ,OAAO,CAAC,CAAC;IACpE,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,MAAM,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IAC5D,IAAI,CAAC;QACH,MAAM,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,8BAA8B;IAChC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,MAAM,CAAC,IAIrB;IACC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;IAE3C,6BAA6B;IAC7B,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,IAAI,CAAC,OAAO,uBAAuB,EAAE;QACjG,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,MAAM,EAAE;YACjC,cAAc,EAAE,kBAAkB;SACnC;KACF,CAAC,CAAC;IACH,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC;QACrB,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAqC,CAAC;QAChG,MAAM,IAAI,KAAK,CAAC,gCAAgC,OAAO,CAAC,KAAK,EAAE,OAAO,IAAI,YAAY,CAAC,UAAU,EAAE,CAAC,CAAC;IACvG,CAAC;IACD,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,YAAY,CAAC,IAAI,EAAE,CAAgD,CAAC;IAE/G,oCAAoC;IACpC,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,eAAe,CAAC,OAAO,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC;IACxG,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,CAAC;IAE/C,qDAAqD;IACrD,oEAAoE;IACpE,iDAAiD;IACjD,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IACzD,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,EAAE,GAAG,EAAE,UAAgE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACpI,MAAM,cAAc,GAAG,UAAU,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,gBAAgB,CAAC,CAAC;IAC1F,MAAM,gBAAgB,GAAG,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAE9D,wBAAwB;IACxB,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,IAAI,CAAC,OAAO,SAAS,EAAE;QAChF,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,MAAM,EAAE;YACjC,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,UAAU,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,CAAC,EAAE,SAAS,CAAC,CAAC,EAAE;YACtE,YAAY;YACZ,gBAAgB;SACjB,CAAC;KACH,CAAC,CAAC;IACH,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;QAClB,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAqC,CAAC;QAC7F,MAAM,IAAI,KAAK,CAAC,kBAAkB,OAAO,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;IACtF,CAAC;IACD,MAAM,EAAE,WAAW,EAAE,GAAG,CAAC,MAAM,SAAS,CAAC,IAAI,EAAE,CAA4B,CAAC;IAE5E,MAAM,MAAM,GAAc;QACxB,QAAQ,EAAE,IAAI,CAAC,OAAO;QACtB,SAAS,EAAE,SAAS;QACpB,UAAU,EAAE,UAAU;QACtB,WAAW,EAAE,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI;KACpD,CAAC;IACF,MAAM,cAAc,CAAC,MAAM,CAAC,CAAC;IAC7B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,YAAY,CAAC,MAAiB,EAAE,OAAe;IAC5D,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,OAAO,IAAI,OAAO,CAAC,EAAE,CAAC;SACnB,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;SACpC,SAAS,CAAC,gBAAgB,CAAC;SAC3B,UAAU,CAAC,OAAO,CAAC;SACnB,WAAW,CAAC,kBAAkB,CAAC;SAC/B,WAAW,CAAC,GAAG,CAAC;SAChB,YAAY,CAAC,GAAG,CAAC;SACjB,iBAAiB,CAAC,GAAG,GAAG,aAAa,CAAC;SACtC,MAAM,CAAC,MAAM,GAAG,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;SAC9D,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,wBAAwB,CAAC,IAIxC;IACC,IAAI,MAAM,GAAqB,IAAI,CAAC;IACpC,OAAO,KAAK,IAAI,EAAE;QAChB,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,MAAM,MAAM,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,cAAc,EAAE,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;QAC/G,CAAC;QACD,OAAO,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAC5C,CAAC,CAAC;AACJ,CAAC"}
|
package/dist/client.d.ts
CHANGED
|
@@ -1,11 +1,28 @@
|
|
|
1
1
|
export interface ClientOptions {
|
|
2
|
-
|
|
2
|
+
/**
|
|
3
|
+
* Long-lived `sk_live_*` operator/member key. When omitted, the SDK
|
|
4
|
+
* falls back to (a) the `STACK_API_KEY` env var, (b) a refresh token
|
|
5
|
+
* stored at `~/.stack/credentials.json` (written by `stack-cli auth
|
|
6
|
+
* login`), exchanged on demand for a 5-minute access token.
|
|
7
|
+
*/
|
|
8
|
+
apiKey?: string;
|
|
3
9
|
baseUrl?: string;
|
|
10
|
+
/**
|
|
11
|
+
* Phase 2 — agent-runtime mode. When set, every request is signed with
|
|
12
|
+
* a fresh 60-second EdDSA JWT minted from the agent's local privkey
|
|
13
|
+
* (~/.stack/agents/<agent_id>.json, mode 0600). On first run, the SDK
|
|
14
|
+
* generates the keypair locally and enrolls the public half via
|
|
15
|
+
* /v1/agents/:id/enroll using the developer's OAuth credentials —
|
|
16
|
+
* the privkey never crosses the network or terminal.
|
|
17
|
+
*/
|
|
18
|
+
agent_id?: string;
|
|
4
19
|
}
|
|
5
20
|
export declare class HttpClient {
|
|
6
|
-
private readonly
|
|
21
|
+
private readonly explicitApiKey;
|
|
7
22
|
private readonly baseUrl;
|
|
8
|
-
|
|
23
|
+
private cachedAccessToken;
|
|
24
|
+
private readonly agentTokenProvider;
|
|
25
|
+
constructor(options?: ClientOptions);
|
|
9
26
|
get<T>(path: string, query?: Record<string, string | undefined>): Promise<T>;
|
|
10
27
|
post<T>(path: string, body?: unknown, options?: {
|
|
11
28
|
headers?: Record<string, string>;
|
|
@@ -18,6 +35,27 @@ export declare class HttpClient {
|
|
|
18
35
|
}): Promise<T>;
|
|
19
36
|
delete<T>(path: string): Promise<T>;
|
|
20
37
|
private buildUrl;
|
|
38
|
+
/**
|
|
39
|
+
* Resolve the bearer token to attach to a request. Three sources, in
|
|
40
|
+
* priority order:
|
|
41
|
+
* 1. Explicit `apiKey` on the constructor or STACK_API_KEY env var
|
|
42
|
+
* (legacy `sk_live_*`, preserved for CI).
|
|
43
|
+
* 2. Cached OAuth access token (5-minute TTL; refresh-rotates).
|
|
44
|
+
* 3. Refresh token in `~/.stack/credentials.json` (written by the
|
|
45
|
+
* CLI's `auth login`) — exchanged for a fresh access token.
|
|
46
|
+
*
|
|
47
|
+
* Throws `StackError('NOT_AUTHENTICATED', ...)` when none of the
|
|
48
|
+
* three resolve.
|
|
49
|
+
*/
|
|
50
|
+
private resolveBearer;
|
|
51
|
+
/**
|
|
52
|
+
* Static-bearer resolution: explicit apiKey → STACK_API_KEY env →
|
|
53
|
+
* ~/.stack/credentials.json refresh-token exchange. Does NOT mint
|
|
54
|
+
* agent JWTs — that's `resolveBearer()`'s job. Exposed separately so
|
|
55
|
+
* the agent-token provider can use this same path for the one-time
|
|
56
|
+
* enrollment dance (which itself needs a static bearer to authenticate).
|
|
57
|
+
*/
|
|
58
|
+
private resolveStaticBearer;
|
|
21
59
|
private request;
|
|
22
60
|
}
|
|
23
61
|
//# sourceMappingURL=client.d.ts.map
|
package/dist/client.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,aAAa;IAC5B;;;;;OAKG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;;;;;;OAOG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAqB;IACpD,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,iBAAiB,CAAqD;IAC9E,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAiC;gBAExD,OAAO,GAAE,aAAkB;IAkBjC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAK5E,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,CAAC,CAAC;IAKjG,KAAK,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,CAAC,CAAC;IAKlG,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,CAAC,CAAC;IAKhG,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAKzC,OAAO,CAAC,QAAQ;IAUhB;;;;;;;;;;;OAWG;YACW,aAAa;IAU3B;;;;;;OAMG;YACW,mBAAmB;YAoBnB,OAAO;CAkCtB"}
|
package/dist/client.js
CHANGED
|
@@ -1,10 +1,26 @@
|
|
|
1
1
|
import { StackError } from './errors.js';
|
|
2
|
+
import { createAgentTokenProvider } from './agent-auth.js';
|
|
2
3
|
export class HttpClient {
|
|
3
|
-
|
|
4
|
+
explicitApiKey;
|
|
4
5
|
baseUrl;
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
6
|
+
cachedAccessToken = null;
|
|
7
|
+
agentTokenProvider;
|
|
8
|
+
constructor(options = {}) {
|
|
9
|
+
this.explicitApiKey = options.apiKey ?? process.env['STACK_API_KEY'] ?? undefined;
|
|
10
|
+
this.baseUrl = (options.baseUrl ?? process.env['STACK_API_URL'] ?? 'https://api.getstack.run').replace(/\/$/, '');
|
|
11
|
+
this.agentTokenProvider = options.agent_id
|
|
12
|
+
? createAgentTokenProvider({
|
|
13
|
+
agentId: options.agent_id,
|
|
14
|
+
baseUrl: this.baseUrl,
|
|
15
|
+
// Bearer for the enrollment dance only — once enrolled the
|
|
16
|
+
// agent JWTs sign requests directly. Reuse the OAuth refresh
|
|
17
|
+
// path so the developer doesn't need to ship a separate key
|
|
18
|
+
// to their agent runtime; if neither STACK_API_KEY nor
|
|
19
|
+
// ~/.stack/credentials.json is present, enrollment will fail
|
|
20
|
+
// with a clear error.
|
|
21
|
+
bearerProvider: () => this.resolveStaticBearer(),
|
|
22
|
+
})
|
|
23
|
+
: null;
|
|
8
24
|
}
|
|
9
25
|
async get(path, query) {
|
|
10
26
|
const url = this.buildUrl(path, query);
|
|
@@ -36,9 +52,57 @@ export class HttpClient {
|
|
|
36
52
|
}
|
|
37
53
|
return url.toString();
|
|
38
54
|
}
|
|
55
|
+
/**
|
|
56
|
+
* Resolve the bearer token to attach to a request. Three sources, in
|
|
57
|
+
* priority order:
|
|
58
|
+
* 1. Explicit `apiKey` on the constructor or STACK_API_KEY env var
|
|
59
|
+
* (legacy `sk_live_*`, preserved for CI).
|
|
60
|
+
* 2. Cached OAuth access token (5-minute TTL; refresh-rotates).
|
|
61
|
+
* 3. Refresh token in `~/.stack/credentials.json` (written by the
|
|
62
|
+
* CLI's `auth login`) — exchanged for a fresh access token.
|
|
63
|
+
*
|
|
64
|
+
* Throws `StackError('NOT_AUTHENTICATED', ...)` when none of the
|
|
65
|
+
* three resolve.
|
|
66
|
+
*/
|
|
67
|
+
async resolveBearer() {
|
|
68
|
+
// Phase 2 — agent-runtime mode short-circuits everything. Mint a
|
|
69
|
+
// fresh agent JWT per request; enrollment happens inside the
|
|
70
|
+
// provider on first call.
|
|
71
|
+
if (this.agentTokenProvider) {
|
|
72
|
+
return this.agentTokenProvider();
|
|
73
|
+
}
|
|
74
|
+
return this.resolveStaticBearer();
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Static-bearer resolution: explicit apiKey → STACK_API_KEY env →
|
|
78
|
+
* ~/.stack/credentials.json refresh-token exchange. Does NOT mint
|
|
79
|
+
* agent JWTs — that's `resolveBearer()`'s job. Exposed separately so
|
|
80
|
+
* the agent-token provider can use this same path for the one-time
|
|
81
|
+
* enrollment dance (which itself needs a static bearer to authenticate).
|
|
82
|
+
*/
|
|
83
|
+
async resolveStaticBearer() {
|
|
84
|
+
if (this.explicitApiKey)
|
|
85
|
+
return this.explicitApiKey;
|
|
86
|
+
// Browser / non-Node runtimes: refresh-from-file is not possible.
|
|
87
|
+
// Fall through to the same NOT_AUTHENTICATED error.
|
|
88
|
+
const isNode = typeof process !== 'undefined' && process.versions?.node;
|
|
89
|
+
if (!isNode)
|
|
90
|
+
throw notAuthenticated();
|
|
91
|
+
const now = Math.floor(Date.now() / 1000);
|
|
92
|
+
if (this.cachedAccessToken && this.cachedAccessToken.expiresAt - 30 > now) {
|
|
93
|
+
// Re-use the cached access token unless within 30s of expiry.
|
|
94
|
+
return this.cachedAccessToken.token;
|
|
95
|
+
}
|
|
96
|
+
const fresh = await refreshAccessTokenFromFile(this.baseUrl);
|
|
97
|
+
if (!fresh)
|
|
98
|
+
throw notAuthenticated();
|
|
99
|
+
this.cachedAccessToken = { token: fresh.access_token, expiresAt: now + (fresh.expires_in ?? 300) };
|
|
100
|
+
return fresh.access_token;
|
|
101
|
+
}
|
|
39
102
|
async request(method, url, body, extraHeaders) {
|
|
103
|
+
const bearer = await this.resolveBearer();
|
|
40
104
|
const headers = {
|
|
41
|
-
'Authorization': `Bearer ${
|
|
105
|
+
'Authorization': `Bearer ${bearer}`,
|
|
42
106
|
'Accept': 'application/json',
|
|
43
107
|
...(extraHeaders ?? {}),
|
|
44
108
|
};
|
|
@@ -67,4 +131,60 @@ export class HttpClient {
|
|
|
67
131
|
return res.json();
|
|
68
132
|
}
|
|
69
133
|
}
|
|
134
|
+
function notAuthenticated() {
|
|
135
|
+
return new StackError('No STACK credentials found. Set STACK_API_KEY, pass { apiKey } to new Stack(), or run `stack-cli auth login`.', 'NOT_AUTHENTICATED', 401, {});
|
|
136
|
+
}
|
|
137
|
+
/**
|
|
138
|
+
* Read `~/.stack/credentials.json` (written by the CLI), exchange the
|
|
139
|
+
* stored refresh token for a fresh access token, write the rotated
|
|
140
|
+
* refresh back to the file. Returns null when the file is missing or
|
|
141
|
+
* the refresh has been revoked.
|
|
142
|
+
*
|
|
143
|
+
* Lazy-loaded Node-only path. The browser bundle skips this entirely
|
|
144
|
+
* via the isNode check in resolveBearer.
|
|
145
|
+
*/
|
|
146
|
+
async function refreshAccessTokenFromFile(baseUrl) {
|
|
147
|
+
// Lazy `node:` imports so the browser bundle never tries to resolve them.
|
|
148
|
+
const { readFile, writeFile, mkdir } = await import('node:fs/promises');
|
|
149
|
+
const { join } = await import('node:path');
|
|
150
|
+
const { homedir } = await import('node:os');
|
|
151
|
+
const credsPath = join(homedir(), '.stack', 'credentials.json');
|
|
152
|
+
let raw;
|
|
153
|
+
try {
|
|
154
|
+
raw = await readFile(credsPath, 'utf8');
|
|
155
|
+
}
|
|
156
|
+
catch {
|
|
157
|
+
return null;
|
|
158
|
+
}
|
|
159
|
+
let creds;
|
|
160
|
+
try {
|
|
161
|
+
creds = JSON.parse(raw);
|
|
162
|
+
}
|
|
163
|
+
catch {
|
|
164
|
+
return null;
|
|
165
|
+
}
|
|
166
|
+
const res = await fetch(`${baseUrl}/oauth/token`, {
|
|
167
|
+
method: 'POST',
|
|
168
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
169
|
+
body: new URLSearchParams({
|
|
170
|
+
grant_type: 'refresh_token',
|
|
171
|
+
refresh_token: creds.refresh_token,
|
|
172
|
+
client_id: creds.client_id,
|
|
173
|
+
}),
|
|
174
|
+
});
|
|
175
|
+
if (!res.ok)
|
|
176
|
+
return null;
|
|
177
|
+
const data = (await res.json());
|
|
178
|
+
// Persist the rotated refresh — failure to write means next run pays
|
|
179
|
+
// the round-trip again, but the in-memory access token is still good.
|
|
180
|
+
try {
|
|
181
|
+
await mkdir(join(homedir(), '.stack'), { recursive: true });
|
|
182
|
+
const next = { ...creds, refresh_token: data.refresh_token, issued_at: Math.floor(Date.now() / 1000), refresh_expires_at: Math.floor(Date.now() / 1000) + 30 * 24 * 60 * 60 };
|
|
183
|
+
await writeFile(credsPath, JSON.stringify(next, null, 2), 'utf8');
|
|
184
|
+
}
|
|
185
|
+
catch {
|
|
186
|
+
/* non-fatal */
|
|
187
|
+
}
|
|
188
|
+
return { access_token: data.access_token, expires_in: data.expires_in };
|
|
189
|
+
}
|
|
70
190
|
//# sourceMappingURL=client.js.map
|
package/dist/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAC;AAsB3D,MAAM,OAAO,UAAU;IACJ,cAAc,CAAqB;IACnC,OAAO,CAAS;IACzB,iBAAiB,GAAgD,IAAI,CAAC;IAC7D,kBAAkB,CAAiC;IAEpE,YAAY,UAAyB,EAAE;QACrC,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,SAAS,CAAC;QAClF,IAAI,CAAC,OAAO,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,0BAA0B,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAClH,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,QAAQ;YACxC,CAAC,CAAC,wBAAwB,CAAC;gBACvB,OAAO,EAAE,OAAO,CAAC,QAAQ;gBACzB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,2DAA2D;gBAC3D,6DAA6D;gBAC7D,4DAA4D;gBAC5D,uDAAuD;gBACvD,6DAA6D;gBAC7D,sBAAsB;gBACtB,cAAc,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,mBAAmB,EAAE;aACjD,CAAC;YACJ,CAAC,CAAC,IAAI,CAAC;IACX,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,IAAY,EAAE,KAA0C;QACnE,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,OAAO,CAAI,KAAK,EAAE,GAAG,CAAC,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,IAAI,CAAI,IAAY,EAAE,IAAc,EAAE,OAA8C;QACxF,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAI,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,KAAK,CAAI,IAAY,EAAE,IAAc,EAAE,OAA8C;QACzF,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAI,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC/D,CAAC;IAED,KAAK,CAAC,GAAG,CAAI,IAAY,EAAE,IAAc,EAAE,OAA8C;QACvF,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAI,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,MAAM,CAAI,IAAY;QAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAI,QAAQ,EAAE,GAAG,CAAC,CAAC;IACxC,CAAC;IAEO,QAAQ,CAAC,IAAY,EAAE,KAA0C;QACvE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACjD,IAAI,KAAK,KAAK,SAAS;oBAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QACD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;IACxB,CAAC;IAED;;;;;;;;;;;OAWG;IACK,KAAK,CAAC,aAAa;QACzB,iEAAiE;QACjE,6DAA6D;QAC7D,0BAA0B;QAC1B,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACnC,CAAC;QACD,OAAO,IAAI,CAAC,mBAAmB,EAAE,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACK,KAAK,CAAC,mBAAmB;QAC/B,IAAI,IAAI,CAAC,cAAc;YAAE,OAAO,IAAI,CAAC,cAAc,CAAC;QAEpD,kEAAkE;QAClE,oDAAoD;QACpD,MAAM,MAAM,GAAG,OAAO,OAAO,KAAK,WAAW,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC;QACxE,IAAI,CAAC,MAAM;YAAE,MAAM,gBAAgB,EAAE,CAAC;QAEtC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,iBAAiB,CAAC,SAAS,GAAG,EAAE,GAAG,GAAG,EAAE,CAAC;YAC1E,8DAA8D;YAC9D,OAAO,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC;QACtC,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7D,IAAI,CAAC,KAAK;YAAE,MAAM,gBAAgB,EAAE,CAAC;QACrC,IAAI,CAAC,iBAAiB,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,YAAY,EAAE,SAAS,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,UAAU,IAAI,GAAG,CAAC,EAAE,CAAC;QACnG,OAAO,KAAK,CAAC,YAAY,CAAC;IAC5B,CAAC;IAEO,KAAK,CAAC,OAAO,CAAI,MAAc,EAAE,GAAW,EAAE,IAAc,EAAE,YAAqC;QACzG,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAC1C,MAAM,OAAO,GAA2B;YACtC,eAAe,EAAE,UAAU,MAAM,EAAE;YACnC,QAAQ,EAAE,kBAAkB;YAC5B,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC;SACxB,CAAC;QAEF,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;QAC/C,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAC3B,MAAM;YACN,OAAO;YACP,IAAI,EAAE,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;SAC5D,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,IAAI,SAAS,GAAsE,EAAE,CAAC;YACtF,IAAI,CAAC;gBACH,SAAS,GAAG,MAAM,GAAG,CAAC,IAAI,EAAsB,CAAC;YACnD,CAAC;YAAC,MAAM,CAAC;gBACP,sBAAsB;YACxB,CAAC;YAED,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,EAAE,OAAO,IAAI,SAAS,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,CAAC;YAChF,MAAM,IAAI,GAAG,SAAS,CAAC,KAAK,EAAE,IAAI,IAAI,QAAQ,GAAG,CAAC,MAAM,EAAE,CAAC;YAC3D,MAAM,IAAI,UAAU,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;YAAE,OAAO,SAAc,CAAC;QAC9C,OAAO,GAAG,CAAC,IAAI,EAAgB,CAAC;IAClC,CAAC;CACF;AAED,SAAS,gBAAgB;IACvB,OAAO,IAAI,UAAU,CACnB,+GAA+G,EAC/G,mBAAmB,EACnB,GAAG,EACH,EAAE,CACH,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,UAAU,0BAA0B,CACvC,OAAe;IAEf,0EAA0E;IAC1E,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;IACxE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;IAC3C,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,kBAAkB,CAAC,CAAC;IAEhE,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,KAA2F,CAAC;IAChG,IAAI,CAAC;QACH,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAiB,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,cAAc,EAAE;QAChD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,eAAe,CAAC;YACxB,UAAU,EAAE,eAAe;YAC3B,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,SAAS,EAAE,KAAK,CAAC,SAAS;SAC3B,CAAC;KACH,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,OAAO,IAAI,CAAC;IACzB,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAwE,CAAC;IAEvG,qEAAqE;IACrE,sEAAsE;IACtE,IAAI,CAAC;QACH,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5D,MAAM,IAAI,GAAG,EAAE,GAAG,KAAK,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,kBAAkB,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC;QAC9K,MAAM,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACpE,CAAC;IAAC,MAAM,CAAC;QACP,eAAe;IACjB,CAAC;IAED,OAAO,EAAE,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC;AAC1E,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -31,7 +31,7 @@ export declare class Stack {
|
|
|
31
31
|
readonly scan: ScanService;
|
|
32
32
|
readonly audit: AuditService;
|
|
33
33
|
readonly detectorConfig: DetectorConfigService;
|
|
34
|
-
constructor(options
|
|
34
|
+
constructor(options?: ClientOptions);
|
|
35
35
|
}
|
|
36
36
|
export type { ClientOptions } from './client.js';
|
|
37
37
|
export * from './types.js';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,qBAAa,KAAK;IAChB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;IAEpC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,CAAC;IACxC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,eAAe,CAAC;IACnC,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC;IAC3B,QAAQ,CAAC,eAAe,EAAE,qBAAqB,CAAC;IAChD,QAAQ,CAAC,aAAa,EAAE,mBAAmB,CAAC;IAC5C,QAAQ,CAAC,cAAc,EAAE,oBAAoB,CAAC;IAC9C,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAC7B,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC;IAC3B,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAC7B,QAAQ,CAAC,cAAc,EAAE,qBAAqB,CAAC;gBAEnC,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,qBAAa,KAAK;IAChB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;IAEpC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,CAAC;IACxC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,eAAe,CAAC;IACnC,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC;IAC3B,QAAQ,CAAC,eAAe,EAAE,qBAAqB,CAAC;IAChD,QAAQ,CAAC,aAAa,EAAE,mBAAmB,CAAC;IAC5C,QAAQ,CAAC,cAAc,EAAE,oBAAoB,CAAC;IAC9C,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAC7B,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC;IAC3B,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;IAC7B,QAAQ,CAAC,cAAc,EAAE,qBAAqB,CAAC;gBAEnC,OAAO,GAAE,aAAkB;CAkBxC;AAGD,YAAY,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACjD,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC;AAK5B,OAAO,EACL,qBAAqB,EACrB,KAAK,sBAAsB,EAC3B,KAAK,oBAAoB,GAC1B,MAAM,qBAAqB,CAAC"}
|
package/dist/index.js
CHANGED
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAsB,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,MAAM,OAAO,KAAK;IACC,MAAM,CAAa;IAE3B,MAAM,CAAe;IACrB,SAAS,CAAkB;IAC3B,QAAQ,CAAiB;IACzB,WAAW,CAAoB;IAC/B,QAAQ,CAAiB;IACzB,MAAM,CAAe;IACrB,QAAQ,CAAkB;IAC1B,IAAI,CAAc;IAClB,eAAe,CAAwB;IACvC,aAAa,CAAsB;IACnC,cAAc,CAAuB;IACrC,KAAK,CAAe;IACpB,IAAI,CAAc;IAClB,KAAK,CAAe;IACpB,cAAc,CAAwB;IAE/C,YAAY,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAsB,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AACvE,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,MAAM,OAAO,KAAK;IACC,MAAM,CAAa;IAE3B,MAAM,CAAe;IACrB,SAAS,CAAkB;IAC3B,QAAQ,CAAiB;IACzB,WAAW,CAAoB;IAC/B,QAAQ,CAAiB;IACzB,MAAM,CAAe;IACrB,QAAQ,CAAkB;IAC1B,IAAI,CAAc;IAClB,eAAe,CAAwB;IACvC,aAAa,CAAsB;IACnC,cAAc,CAAuB;IACrC,KAAK,CAAe;IACpB,IAAI,CAAc;IAClB,KAAK,CAAe;IACpB,cAAc,CAAwB;IAE/C,YAAY,UAAyB,EAAE;QACrC,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5C,IAAI,CAAC,SAAS,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,WAAW,GAAG,IAAI,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,CAAC,QAAQ,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,MAAM,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5C,IAAI,CAAC,QAAQ,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACjD,IAAI,CAAC,IAAI,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzC,IAAI,CAAC,eAAe,GAAG,IAAI,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9D,IAAI,CAAC,aAAa,GAAG,IAAI,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC1D,IAAI,CAAC,cAAc,GAAG,IAAI,oBAAoB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5D,IAAI,CAAC,KAAK,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI,CAAC,IAAI,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzC,IAAI,CAAC,KAAK,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI,CAAC,cAAc,GAAG,IAAI,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/D,CAAC;CACF;AAID,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC;AAE5B,wEAAwE;AACxE,uEAAuE;AACvE,uCAAuC;AACvC,OAAO,EACL,qBAAqB,GAGtB,MAAM,qBAAqB,CAAC"}
|