@grackle-ai/database 0.73.0

package/README.md

@@ -0,0 +1,34 @@
+# @grackle-ai/database
+
+SQLite persistence layer for Grackle — schema definitions, store modules, migrations, and encrypted token storage.
+
+## What it provides
+
+- **Schema** — Drizzle ORM table definitions for environments, sessions, tasks, workspaces, findings, personas, settings, tokens, and domain events
+- **Stores** — Focused CRUD modules for each entity (e.g., `sessionStore`, `taskStore`, `workspaceStore`)
+- **Migrations** — Idempotent schema migrations that run on every startup
+- **Seeding** — Application-level defaults (personas, root task, settings backfills)
+- **Crypto** — AES-256-GCM encryption for token storage
+
+## Usage
+
+```typescript
+import { openDatabase, initDatabase, seedDatabase, sqlite, sessionStore } from "@grackle-ai/database";
+
+// Initialize at startup
+openDatabase();
+initDatabase();
+seedDatabase(sqlite!);
+
+// Use stores
+const session = sessionStore.getSession("session-123");
+```
+
+## Requirements
+
+- Node.js >= 22
+- `better-sqlite3` native module (built at install time)
+
+## License
+
+MIT

package/dist/credential-providers.d.ts

@@ -0,0 +1,41 @@
+import type { BetterSQLite3Database } from "drizzle-orm/better-sqlite3";
+import * as schema from "./schema.js";
+/** Configuration for which credential providers are enabled. */
+export interface CredentialProviderConfig {
+    claude: "off" | "subscription" | "api_key";
+    github: "off" | "on";
+    copilot: "off" | "on";
+    codex: "off" | "on";
+    goose: "off" | "on";
+}
+/** Valid provider names. */
+export declare const VALID_PROVIDERS: readonly string[];
+/** Valid values for the Claude provider. */
+export declare const VALID_CLAUDE_VALUES: ReadonlySet<string>;
+/** Valid values for toggle-style providers (github, copilot, codex). */
+export declare const VALID_TOGGLE_VALUES: ReadonlySet<string>;
+/** Drizzle database instance type used by credential-provider functions. */
+export type DatabaseInstance = BetterSQLite3Database<typeof schema>;
+/**
+ * Parse a raw JSON string into a validated {@link CredentialProviderConfig}.
+ * Invalid or missing fields fall back to {@link DEFAULT_CONFIG} values.
+ * Throws if the JSON is syntactically invalid — callers decide how to handle the error.
+ * Non-object values (e.g. `"null"`, `"42"`) are treated as empty and fall back to defaults.
+ */
+export declare function parseCredentialProviderConfig(rawJson: string): CredentialProviderConfig;
+/**
+ * Read the current credential provider configuration from the database.
+ * @param database - Optional Drizzle instance; defaults to the module-level db.
+ */
+export declare function getCredentialProviders(database?: DatabaseInstance): CredentialProviderConfig;
+/**
+ * Validate that a value is a well-formed credential provider config.
+ * Returns true if all fields have valid values.
+ */
+export declare function isValidCredentialProviderConfig(value: unknown): value is CredentialProviderConfig;
+/**
+ * Persist credential provider configuration to the database.
+ * @param database - Optional Drizzle instance; defaults to the module-level db.
+ */
+export declare function setCredentialProviders(config: CredentialProviderConfig, database?: DatabaseInstance): void;
+//# sourceMappingURL=credential-providers.d.ts.map

package/dist/credential-providers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-providers.d.ts","sourceRoot":"","sources":["../src/credential-providers.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAExE,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAItC,gEAAgE;AAChE,MAAM,WAAW,wBAAwB;IACvC,MAAM,EAAE,KAAK,GAAG,cAAc,GAAG,SAAS,CAAC;IAC3C,MAAM,EAAE,KAAK,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,KAAK,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;IACpB,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB;AAcD,4BAA4B;AAC5B,eAAO,MAAM,eAAe,EAAE,SAAS,MAAM,EAAsD,CAAC;AAEpG,4CAA4C;AAC5C,eAAO,MAAM,mBAAmB,EAAE,WAAW,CAAC,MAAM,CAA+C,CAAC;AAEpG,wEAAwE;AACxE,eAAO,MAAM,mBAAmB,EAAE,WAAW,CAAC,MAAM,CAA0B,CAAC;AAE/E,4EAA4E;AAC5E,MAAM,MAAM,gBAAgB,GAAG,qBAAqB,CAAC,OAAO,MAAM,CAAC,CAAC;AAIpE;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,wBAAwB,CAUvF;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,QAAQ,CAAC,EAAE,gBAAgB,GAAG,wBAAwB,CAkB5F;AAED;;;GAGG;AACH,wBAAgB,+BAA+B,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,wBAAwB,CAYjG;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,wBAAwB,EAAE,QAAQ,CAAC,EAAE,gBAAgB,GAAG,IAAI,CAU1G"}

package/dist/credential-providers.js

@@ -0,0 +1,97 @@
+/**
+ * Configurable credential providers — manages which credential providers
+ * are enabled and persists the configuration to the database.
+ *
+ * The token bundle builder that reads `process.env` / disk lives in
+ * `@grackle-ai/server` to keep this module a pure persistence layer.
+ */
+import { eq } from "drizzle-orm";
+import db from "./db.js";
+import * as schema from "./schema.js";
+/** Settings table key for credential provider configuration. */
+const SETTINGS_KEY = "credential_providers";
+/** Default configuration — all providers off. */
+const DEFAULT_CONFIG = {
+    claude: "off",
+    github: "off",
+    copilot: "off",
+    codex: "off",
+    goose: "off",
+};
+/** Valid provider names. */
+export const VALID_PROVIDERS = ["claude", "github", "copilot", "codex", "goose"];
+/** Valid values for the Claude provider. */
+export const VALID_CLAUDE_VALUES = new Set(["off", "subscription", "api_key"]);
+/** Valid values for toggle-style providers (github, copilot, codex). */
+export const VALID_TOGGLE_VALUES = new Set(["off", "on"]);
+// ─── Read / Write ──────────────────────────────────────────
+/**
+ * Parse a raw JSON string into a validated {@link CredentialProviderConfig}.
+ * Invalid or missing fields fall back to {@link DEFAULT_CONFIG} values.
+ * Throws if the JSON is syntactically invalid — callers decide how to handle the error.
+ * Non-object values (e.g. `"null"`, `"42"`) are treated as empty and fall back to defaults.
+ */
+export function parseCredentialProviderConfig(rawJson) {
+    const raw = JSON.parse(rawJson);
+    const parsed = (typeof raw === "object" && raw !== null ? raw : {});
+    return {
+        claude: VALID_CLAUDE_VALUES.has(parsed.claude ?? "") ? parsed.claude : DEFAULT_CONFIG.claude,
+        github: VALID_TOGGLE_VALUES.has(parsed.github ?? "") ? parsed.github : DEFAULT_CONFIG.github,
+        copilot: VALID_TOGGLE_VALUES.has(parsed.copilot ?? "") ? parsed.copilot : DEFAULT_CONFIG.copilot,
+        codex: VALID_TOGGLE_VALUES.has(parsed.codex ?? "") ? parsed.codex : DEFAULT_CONFIG.codex,
+        goose: VALID_TOGGLE_VALUES.has(parsed.goose ?? "") ? parsed.goose : DEFAULT_CONFIG.goose,
+    };
+}
+/**
+ * Read the current credential provider configuration from the database.
+ * @param database - Optional Drizzle instance; defaults to the module-level db.
+ */
+export function getCredentialProviders(database) {
+    const conn = database ?? db;
+    const row = conn
+        .select()
+        .from(schema.settings)
+        .where(eq(schema.settings.key, SETTINGS_KEY))
+        .get();
+    if (!row) {
+        return { ...DEFAULT_CONFIG };
+    }
+    try {
+        return parseCredentialProviderConfig(row.value);
+    }
+    catch {
+        process.stderr.write("Invalid credential_providers setting; returning defaults\n");
+        return { ...DEFAULT_CONFIG };
+    }
+}
+/**
+ * Validate that a value is a well-formed credential provider config.
+ * Returns true if all fields have valid values.
+ */
+export function isValidCredentialProviderConfig(value) {
+    if (typeof value !== "object" || value === null) {
+        return false;
+    }
+    const v = value;
+    return (VALID_CLAUDE_VALUES.has(v.claude) &&
+        VALID_TOGGLE_VALUES.has(v.github) &&
+        VALID_TOGGLE_VALUES.has(v.copilot) &&
+        VALID_TOGGLE_VALUES.has(v.codex) &&
+        VALID_TOGGLE_VALUES.has(v.goose));
+}
+/**
+ * Persist credential provider configuration to the database.
+ * @param database - Optional Drizzle instance; defaults to the module-level db.
+ */
+export function setCredentialProviders(config, database) {
+    const conn = database ?? db;
+    const value = JSON.stringify(config);
+    conn.insert(schema.settings)
+        .values({ key: SETTINGS_KEY, value })
+        .onConflictDoUpdate({
+        target: schema.settings.key,
+        set: { value },
+    })
+        .run();
+}
+//# sourceMappingURL=credential-providers.js.map

package/dist/credential-providers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-providers.js","sourceRoot":"","sources":["../src/credential-providers.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAEjC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAatC,gEAAgE;AAChE,MAAM,YAAY,GAAW,sBAAsB,CAAC;AAEpD,iDAAiD;AACjD,MAAM,cAAc,GAA6B;IAC/C,MAAM,EAAE,KAAK;IACb,MAAM,EAAE,KAAK;IACb,OAAO,EAAE,KAAK;IACd,KAAK,EAAE,KAAK;IACZ,KAAK,EAAE,KAAK;CACb,CAAC;AAEF,4BAA4B;AAC5B,MAAM,CAAC,MAAM,eAAe,GAAsB,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;AAEpG,4CAA4C;AAC5C,MAAM,CAAC,MAAM,mBAAmB,GAAwB,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC,CAAC;AAEpG,wEAAwE;AACxE,MAAM,CAAC,MAAM,mBAAmB,GAAwB,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;AAK/E,8DAA8D;AAE9D;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAAC,OAAe;IAC3D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAY,CAAC;IAC3C,MAAM,MAAM,GAAG,CAAC,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAsC,CAAC;IACzG,OAAO;QACL,MAAM,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAO,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM;QAC7F,MAAM,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAO,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM;QAC7F,OAAO,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,OAAO;QACjG,KAAK,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAM,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK;QACzF,KAAK,EAAE,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAM,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK;KAC1F,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,QAA2B;IAChE,MAAM,IAAI,GAAG,QAAQ,IAAI,EAAE,CAAC;IAC5B,MAAM,GAAG,GAAG,IAAI;SACb,MAAM,EAAE;SACR,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;SACrB,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;SAC5C,GAAG,EAAE,CAAC;IAET,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;IAC/B,CAAC;IAED,IAAI,CAAC;QACH,OAAO,6BAA6B,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;QACnF,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;IAC/B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,+BAA+B,CAAC,KAAc;IAC5D,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,CAAC,GAAG,KAAgC,CAAC;IAC3C,OAAO,CACL,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,MAAgB,CAAC;QAC3C,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,MAAgB,CAAC;QAC3C,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,OAAiB,CAAC;QAC5C,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,KAAe,CAAC;QAC1C,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,KAAe,CAAC,CAC3C,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAgC,EAAE,QAA2B;IAClG,MAAM,IAAI,GAAG,QAAQ,IAAI,EAAE,CAAC;IAC5B,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC;SACzB,MAAM,CAAC,EAAE,GAAG,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;SACpC,kBAAkB,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG;QAC3B,GAAG,EAAE,EAAE,KAAK,EAAE;KACf,CAAC;SACD,GAAG,EAAE,CAAC;AACX,CAAC"}

package/dist/crypto.d.ts

@@ -0,0 +1,5 @@
+/** Encrypt a plaintext string using AES-256-GCM with a PBKDF2-derived key. */
+export declare function encrypt(plaintext: string): string;
+/** Decrypt an AES-256-GCM ciphertext string produced by {@link encrypt}. */
+export declare function decrypt(ciphertext: string): string;
+//# sourceMappingURL=crypto.d.ts.map

package/dist/crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AA6DA,8EAA8E;AAC9E,wBAAgB,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAWjD;AAED,4EAA4E;AAC5E,wBAAgB,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAWlD"}

package/dist/crypto.js

@@ -0,0 +1,75 @@
+import { randomBytes, createCipheriv, createDecipheriv, pbkdf2Sync } from "node:crypto";
+import { readFileSync, writeFileSync, existsSync, mkdirSync, chmodSync } from "node:fs";
+import { join } from "node:path";
+import { grackleHome } from "./paths.js";
+const ALGORITHM = "aes-256-gcm";
+const IV_LENGTH = 12;
+const TAG_LENGTH = 16;
+const SALT_LENGTH = 16;
+const KEY_LENGTH = 32;
+const ITERATIONS = 100_000;
+const MASTER_KEY_BYTE_LENGTH = 32;
+const MASTER_KEY_FILENAME = "master-key";
+/**
+ * Load or generate the master key for token encryption. Priority:
+ * 1. `GRACKLE_MASTER_KEY` env var
+ * 2. Persisted random key at `$GRACKLE_HOME/.grackle/master-key`
+ * 3. Generate and persist a new random key
+ */
+function loadMasterKey() {
+    if (process.env.GRACKLE_MASTER_KEY) {
+        return process.env.GRACKLE_MASTER_KEY;
+    }
+    const keyPath = join(grackleHome, MASTER_KEY_FILENAME);
+    if (existsSync(keyPath)) {
+        const key = readFileSync(keyPath, "utf8").trim();
+        if (key.length > 0) {
+            return key;
+        }
+    }
+    // Generate and persist a random key
+    const key = randomBytes(MASTER_KEY_BYTE_LENGTH).toString("hex");
+    mkdirSync(grackleHome, { recursive: true });
+    writeFileSync(keyPath, key + "\n", { mode: 0o600 });
+    try {
+        chmodSync(keyPath, 0o600);
+    }
+    catch { /* Windows may not support this */ }
+    // Informational only — logged to stdout to avoid Rush interpreting stderr as a build warning.
+    // eslint-disable-next-line no-console
+    console.log("Generated new master key for token encryption. Set GRACKLE_MASTER_KEY env var for explicit control.");
+    return key;
+}
+let cachedMasterKey = undefined;
+function getMasterKey() {
+    if (!cachedMasterKey) {
+        cachedMasterKey = loadMasterKey();
+    }
+    return cachedMasterKey;
+}
+function deriveKey(salt) {
+    return pbkdf2Sync(getMasterKey(), salt, ITERATIONS, KEY_LENGTH, "sha256");
+}
+/** Encrypt a plaintext string using AES-256-GCM with a PBKDF2-derived key. */
+export function encrypt(plaintext) {
+    const salt = randomBytes(SALT_LENGTH);
+    const key = deriveKey(salt);
+    const iv = randomBytes(IV_LENGTH);
+    const cipher = createCipheriv(ALGORITHM, key, iv, { authTagLength: TAG_LENGTH });
+    const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+    const tag = cipher.getAuthTag();
+    // Format: salt:iv:tag:ciphertext (all base64)
+    return [salt, iv, tag, encrypted].map((b) => b.toString("base64")).join(":");
+}
+/** Decrypt an AES-256-GCM ciphertext string produced by {@link encrypt}. */
+export function decrypt(ciphertext) {
+    const parts = ciphertext.split(":");
+    if (parts.length !== 4)
+        throw new Error("Invalid encrypted format");
+    const [salt, iv, tag, encrypted] = parts.map((p) => Buffer.from(p, "base64"));
+    const key = deriveKey(salt);
+    const decipher = createDecipheriv(ALGORITHM, key, iv, { authTagLength: TAG_LENGTH });
+    decipher.setAuthTag(tag);
+    return Buffer.concat([decipher.update(encrypted), decipher.final()]).toString("utf8");
+}
+//# sourceMappingURL=crypto.js.map

package/dist/crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACxF,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACxF,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzC,MAAM,SAAS,GAAkB,aAAa,CAAC;AAC/C,MAAM,SAAS,GAAW,EAAE,CAAC;AAC7B,MAAM,UAAU,GAAW,EAAE,CAAC;AAC9B,MAAM,WAAW,GAAW,EAAE,CAAC;AAC/B,MAAM,UAAU,GAAW,EAAE,CAAC;AAC9B,MAAM,UAAU,GAAW,OAAO,CAAC;AACnC,MAAM,sBAAsB,GAAW,EAAE,CAAC;AAC1C,MAAM,mBAAmB,GAAW,YAAY,CAAC;AAEjD;;;;;GAKG;AACH,SAAS,aAAa;IACpB,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC;QACnC,OAAO,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;IACxC,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAC;IAEvD,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACxB,MAAM,GAAG,GAAG,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;QACjD,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACnB,OAAO,GAAG,CAAC;QACb,CAAC;IACH,CAAC;IAED,oCAAoC;IACpC,MAAM,GAAG,GAAG,WAAW,CAAC,sBAAsB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAChE,SAAS,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,aAAa,CAAC,OAAO,EAAE,GAAG,GAAG,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACpD,IAAI,CAAC;QACH,SAAS,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC,CAAC,kCAAkC,CAAC,CAAC;IAC9C,8FAA8F;IAC9F,sCAAsC;IACtC,OAAO,CAAC,GAAG,CAAC,qGAAqG,CAAC,CAAC;IAEnH,OAAO,GAAG,CAAC;AACb,CAAC;AAED,IAAI,eAAe,GAAuB,SAAS,CAAC;AAEpD,SAAS,YAAY;IACnB,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,eAAe,GAAG,aAAa,EAAE,CAAC;IACpC,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,SAAS,CAAC,IAAY;IAC7B,OAAO,UAAU,CAAC,YAAY,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;AAC5E,CAAC;AAED,8EAA8E;AAC9E,MAAM,UAAU,OAAO,CAAC,SAAiB;IACvC,MAAM,IAAI,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;IACtC,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAC5B,MAAM,EAAE,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC;IAElC,MAAM,MAAM,GAAG,cAAc,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC,CAAC;IACjF,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IAEhC,8CAA8C;IAC9C,OAAO,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/E,CAAC;AAED,4EAA4E;AAC5E,MAAM,UAAU,OAAO,CAAC,UAAkB;IACxC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAEpE,MAAM,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAE9E,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAC5B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,aAAa,EAAE,UAAU,EAAE,CAAC,CAAC;IACrF,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAEzB,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AACxF,CAAC"}

package/dist/db-seed.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Application-level database seeding — creates default personas, root task,
+ * and backfills settings for fresh installs and upgrades.
+ *
+ * Separated from {@link initDatabase} (which owns schema migrations) so that
+ * the persistence layer stays free of business/domain knowledge.
+ */
+import type Database from "better-sqlite3";
+/**
+ * Seed the database with application-level defaults.
+ * Call once at startup after {@link initDatabase} has applied schema migrations.
+ *
+ * @param conn - The raw better-sqlite3 connection to seed.
+ */
+export declare function seedDatabase(conn: InstanceType<typeof Database>): void;
+//# sourceMappingURL=db-seed.d.ts.map

package/dist/db-seed.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"db-seed.d.ts","sourceRoot":"","sources":["../src/db-seed.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAG3C;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,YAAY,CAAC,OAAO,QAAQ,CAAC,GAAG,IAAI,CAsLtE"}

package/dist/db-seed.js

@@ -0,0 +1,176 @@
+import { SYSTEM_PERSONA_ID, ROOT_TASK_ID } from "@grackle-ai/common";
+/**
+ * Seed the database with application-level defaults.
+ * Call once at startup after {@link initDatabase} has applied schema migrations.
+ *
+ * @param conn - The raw better-sqlite3 connection to seed.
+ */
+export function seedDatabase(conn) {
+    // Capture persona count BEFORE any seed inserts so we can distinguish
+    // fresh installs from upgrades in the onboarding backfill below.
+    const personaCount = conn
+        .prepare("SELECT COUNT(*) as cnt FROM personas")
+        .get();
+    // Seed: create default "Claude Code" persona if no personas exist
+    if (personaCount.cnt === 0) {
+        conn.exec(`
+      INSERT INTO personas (id, name, description, system_prompt, runtime, model, max_turns)
+      VALUES (
+        'claude-code',
+        'Claude Code',
+        'Default agent persona using Claude Code runtime',
+        '',
+        'claude-code',
+        'sonnet',
+        0
+      )
+    `);
+        conn.exec(`
+      INSERT OR IGNORE INTO settings (key, value)
+      VALUES ('default_persona_id', 'claude-code')
+    `);
+    }
+    // Migration: update the seed persona with the completion checklist and clearer name.
+    // Guards: only run when the system_prompt is still empty and name is still "Claude Code"
+    // so we don't overwrite user customizations.
+    conn.exec(`
+    UPDATE personas SET system_prompt = 'When you have finished implementing the task, you MUST complete ALL steps below in order. Do NOT stop early or go to "waiting for input" until every step is done.
+
+### Phase 1: Implement & Test
+1. **Implement** the task requirements.
+2. **Write tests**: Write unit tests, integration tests, or E2E specs as appropriate. Every implementation MUST include tests unless the change is purely cosmetic or untestable (state why if skipping).
+3. **Build**: Run the repository''s build command and fix any errors.
+4. **Run tests**: Run relevant tests and ensure they pass.
+5. **Manual test**: If the change affects UI, visually verify. If it affects CLI or API, run the commands manually. State explicitly if skipping and why.
+
+### Phase 2: Create PR
+6. **Sync with main**: Fetch and merge the main branch. If merge conflicts arise, resolve them, stage, and commit the merge. NEVER rebase.
+7. **Rebuild after merge**: If the merge brought in new commits, rebuild to catch integration conflicts.
+8. **Commit**: Stage your changed files and create a descriptive git commit. Use a conventional commit message (e.g., fix: ..., feat: ...).
+9. **Push**: Push your branch to the remote.
+10. **Create PR**: Create a pull request that links back to the issue (e.g., "Closes #ISSUE").
+
+### Phase 3: PR Readiness (you MUST complete this — do NOT skip)
+After creating the PR, you must ensure it is ready to merge.
+
+11. **Check for merge conflicts**: Verify the PR has no merge conflicts. If it does, fetch and merge the main branch, resolve conflicts, rebuild, commit, and push.
+12. **Wait for CI**: Wait for all CI checks to complete. If any check fails, read the logs, fix the issue, commit, push, and repeat.
+13. **Address code review comments**: Check for automated code review comments. For each unresolved comment: read the suggestion, fix the code or dismiss with an explanation, reply to the comment, and resolve the thread. After fixing, commit, push, and check again. Repeat until all review threads are resolved.
+14. **Post finding**: Use finding_post to summarize what you did and any key decisions.
+
+IMPORTANT: The PR is the deliverable, but a PR with failing CI or unresolved review comments is NOT done. You MUST complete Phase 3. Do NOT go to "waiting for input" until CI is green AND all review threads are resolved.'
+    WHERE id = 'claude-code' AND system_prompt = '' AND name = 'Claude Code'
+  `);
+    conn.exec(`
+    UPDATE personas
+    SET name = 'Software Engineer',
+        description = 'Default agent persona for software engineering tasks'
+    WHERE id = 'claude-code'
+      AND name = 'Claude Code'
+      AND NOT EXISTS (
+        SELECT 1 FROM personas
+        WHERE name = 'Software Engineer'
+          AND id != 'claude-code'
+      )
+  `);
+    // Seed: ensure a System persona exists with the canonical SYSTEM_PERSONA_ID.
+    // Copies runtime + model from the seed persona so the FRE choice propagates.
+    // Handles name collisions: if a user-created persona named "System" already
+    // exists under a different id, reassign it to SYSTEM_PERSONA_ID.
+    {
+        const existingSystemById = conn
+            .prepare("SELECT id FROM personas WHERE id = ?")
+            .get(SYSTEM_PERSONA_ID);
+        if (!existingSystemById) {
+            const seedRow = conn
+                .prepare("SELECT runtime, model FROM personas WHERE id = 'claude-code'")
+                .get();
+            const systemRuntime = seedRow?.runtime || "claude-code";
+            const systemModel = seedRow?.model || "sonnet";
+            const existingSystemByName = conn
+                .prepare("SELECT id FROM personas WHERE name = 'System'")
+                .get();
+            if (existingSystemByName && existingSystemByName.id !== SYSTEM_PERSONA_ID) {
+                // Reassign existing "System" persona to the canonical id and update
+                // all stored references atomically so a crash can't leave dangling refs.
+                const reassignSystemPersona = conn.transaction((oldId) => {
+                    conn.prepare("UPDATE personas SET id = ? WHERE id = ?").run(SYSTEM_PERSONA_ID, oldId);
+                    conn.prepare("UPDATE settings SET value = ? WHERE key = 'default_persona_id' AND value = ?").run(SYSTEM_PERSONA_ID, oldId);
+                    conn.prepare("UPDATE sessions SET persona_id = ? WHERE persona_id = ?").run(SYSTEM_PERSONA_ID, oldId);
+                    conn.prepare("UPDATE tasks SET default_persona_id = ? WHERE default_persona_id = ?").run(SYSTEM_PERSONA_ID, oldId);
+                    conn.prepare("UPDATE workspaces SET default_persona_id = ? WHERE default_persona_id = ?").run(SYSTEM_PERSONA_ID, oldId);
+                });
+                reassignSystemPersona(existingSystemByName.id);
+            }
+            else if (!existingSystemByName) {
+                conn
+                    .prepare(`
+            INSERT INTO personas (id, name, description, system_prompt, runtime, model, max_turns, type)
+            VALUES (?, 'System', 'Central orchestrator persona', ?, ?, ?, 0, 'agent')
+          `)
+                    .run(SYSTEM_PERSONA_ID, [
+                    "You are the System — the central orchestrator for Grackle, an agent kernel that manages AI coding agents.",
+                    "",
+                    "You help the user coordinate work across their development environments. You can:",
+                    "- Answer questions and have conversations",
+                    "- Help plan and break down work into tasks",
+                    "- Create and manage workspaces (project containers tied to environments)",
+                    "- Create, assign, and monitor tasks executed by AI coding agents",
+                    "- Share and query findings (knowledge shared between agents)",
+                    "",
+                    "When the user describes work to be done:",
+                    "1. Help them think through the approach",
+                    "2. Break complex work into discrete, well-scoped tasks",
+                    "3. Create tasks with clear titles and descriptions that an AI agent can execute independently",
+                    "4. Start tasks on appropriate environments",
+                    "5. Monitor progress and report results",
+                    "",
+                    "You are always available for conversation. Think of yourself as the user's AI project manager — you coordinate the agents, track progress, and ensure work is organized effectively.",
+                    "",
+                    "Keep responses concise and action-oriented. When the user wants something done, bias toward creating and starting tasks rather than lengthy discussion.",
+                ].join("\n"), systemRuntime, systemModel);
+            }
+        }
+    }
+    // Seed: create root task (well-known "system" task) if it doesn't exist.
+    conn
+        .prepare(`
+      INSERT OR IGNORE INTO tasks (id, workspace_id, title, description, status, branch, parent_task_id, depth, can_decompose, default_persona_id)
+      VALUES (?, NULL, 'System', '', 'not_started', 'system', '', 0, 1, ?)
+    `)
+        .run(ROOT_TASK_ID, SYSTEM_PERSONA_ID);
+    // Backfill: ensure default_persona_id setting exists for upgrades.
+    // Existing installations may have personas but no default_persona_id setting,
+    // which would cause resolvePersona() to fail when no persona is explicitly specified.
+    const existingDefault = conn
+        .prepare("SELECT value FROM settings WHERE key = 'default_persona_id'")
+        .get();
+    if (!existingDefault) {
+        // Prefer the seed persona 'claude-code' if it exists; otherwise fall back
+        // to the first persona alphabetically.
+        const fallback = (conn.prepare("SELECT id FROM personas WHERE id = 'claude-code'").get() ??
+            conn.prepare("SELECT id FROM personas ORDER BY name LIMIT 1").get());
+        if (fallback) {
+            conn
+                .prepare("INSERT OR IGNORE INTO settings (key, value) VALUES ('default_persona_id', ?)")
+                .run(fallback.id);
+        }
+    }
+    // Backfill: ensure onboarding_completed setting exists.
+    // Fresh installs (no pre-existing environments or personas) get "false" to trigger
+    // the setup wizard. Upgrades (pre-existing data) get "true" to skip it.
+    // personaCount was captured before the seed insert, so it reflects user-created personas.
+    const existingOnboarding = conn
+        .prepare("SELECT value FROM settings WHERE key = 'onboarding_completed'")
+        .get();
+    if (!existingOnboarding) {
+        const environmentCount = conn
+            .prepare("SELECT COUNT(*) as cnt FROM environments")
+            .get();
+        const isFreshInstall = environmentCount.cnt === 0 && personaCount.cnt === 0;
+        conn
+            .prepare("INSERT OR IGNORE INTO settings (key, value) VALUES ('onboarding_completed', ?)")
+            .run(isFreshInstall ? "false" : "true");
+    }
+}
+//# sourceMappingURL=db-seed.js.map

package/dist/db-seed.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"db-seed.js","sourceRoot":"","sources":["../src/db-seed.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAErE;;;;;GAKG;AACH,MAAM,UAAU,YAAY,CAAC,IAAmC;IAC9D,sEAAsE;IACtE,iEAAiE;IACjE,MAAM,YAAY,GAAG,IAAI;SACtB,OAAO,CAAC,sCAAsC,CAAC;SAC/C,GAAG,EAAqB,CAAC;IAE5B,kEAAkE;IAClE,IAAI,YAAY,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC;;;;;;;;;;;KAWT,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC;;;KAGT,CAAC,CAAC;IACL,CAAC;IAED,qFAAqF;IACrF,yFAAyF;IACzF,6CAA6C;IAC7C,IAAI,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BT,CAAC,CAAC;IACH,IAAI,CAAC,IAAI,CAAC;;;;;;;;;;;GAWT,CAAC,CAAC;IAEH,6EAA6E;IAC7E,6EAA6E;IAC7E,4EAA4E;IAC5E,iEAAiE;IACjE,CAAC;QACC,MAAM,kBAAkB,GAAG,IAAI;aAC5B,OAAO,CAAC,sCAAsC,CAAC;aAC/C,GAAG,CAAC,iBAAiB,CAA+B,CAAC;QAExD,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,MAAM,OAAO,GAAG,IAAI;iBACjB,OAAO,CAAC,8DAA8D,CAAC;iBACvE,GAAG,EAAoD,CAAC;YAC3D,MAAM,aAAa,GAAG,OAAO,EAAE,OAAO,IAAI,aAAa,CAAC;YACxD,MAAM,WAAW,GAAG,OAAO,EAAE,KAAK,IAAI,QAAQ,CAAC;YAE/C,MAAM,oBAAoB,GAAG,IAAI;iBAC9B,OAAO,CAAC,+CAA+C,CAAC;iBACxD,GAAG,EAAgC,CAAC;YAEvC,IAAI,oBAAoB,IAAI,oBAAoB,CAAC,EAAE,KAAK,iBAAiB,EAAE,CAAC;gBAC1E,oEAAoE;gBACpE,yEAAyE;gBACzE,MAAM,qBAAqB,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC,KAAa,EAAE,EAAE;oBAC/D,IAAI,CAAC,OAAO,CAAC,yCAAyC,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;oBACtF,IAAI,CAAC,OAAO,CAAC,8EAA8E,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;oBAC3H,IAAI,CAAC,OAAO,CAAC,yDAAyD,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;oBACtG,IAAI,CAAC,OAAO,CAAC,sEAAsE,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;oBACnH,IAAI,CAAC,OAAO,CAAC,2EAA2E,CAAC,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;gBAC1H,CAAC,CAAC,CAAC;gBACH,qBAAqB,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC;YACjD,CAAC;iBAAM,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACjC,IAAI;qBACD,OAAO,CAAC;;;WAGR,CAAC;qBACD,GAAG,CACF,iBAAiB,EACjB;oBACE,2GAA2G;oBAC3G,EAAE;oBACF,mFAAmF;oBACnF,2CAA2C;oBAC3C,4CAA4C;oBAC5C,0EAA0E;oBAC1E,kEAAkE;oBAClE,8DAA8D;oBAC9D,EAAE;oBACF,0CAA0C;oBAC1C,yCAAyC;oBACzC,wDAAwD;oBACxD,+FAA+F;oBAC/F,4CAA4C;oBAC5C,wCAAwC;oBACxC,EAAE;oBACF,sLAAsL;oBACtL,EAAE;oBACF,yJAAyJ;iBAC1J,CAAC,IAAI,CAAC,IAAI,CAAC,EACZ,aAAa,EACb,WAAW,CACZ,CAAC;YACN,CAAC;QACH,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,IAAI;SACD,OAAO,CAAC;;;KAGR,CAAC;SACD,GAAG,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAC;IAExC,mEAAmE;IACnE,8EAA8E;IAC9E,sFAAsF;IACtF,MAAM,eAAe,GAAG,IAAI;SACzB,OAAO,CAAC,6DAA6D,CAAC;SACtE,GAAG,EAAmC,CAAC;IAC1C,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,0EAA0E;QAC1E,uCAAuC;QACvC,MAAM,QAAQ,GAAG,CACf,IAAI,CAAC,OAAO,CAAC,kDAAkD,CAAC,CAAC,GAAG,EAAE;YACtE,IAAI,CAAC,OAAO,CAAC,+CAA+C,CAAC,CAAC,GAAG,EAAE,CACtC,CAAC;QAChC,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI;iBACD,OAAO,CAAC,8EAA8E,CAAC;iBACvF,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED,wDAAwD;IACxD,mFAAmF;IACnF,wEAAwE;IACxE,0FAA0F;IAC1F,MAAM,kBAAkB,GAAG,IAAI;SAC5B,OAAO,CAAC,+DAA+D,CAAC;SACxE,GAAG,EAAmC,CAAC;IAC1C,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,gBAAgB,GAAG,IAAI;aAC1B,OAAO,CAAC,0CAA0C,CAAC;aACnD,GAAG,EAAqB,CAAC;QAC5B,MAAM,cAAc,GAAG,gBAAgB,CAAC,GAAG,KAAK,CAAC,IAAI,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC;QAC5E,IAAI;aACD,OAAO,CAAC,gFAAgF,CAAC;aACzF,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC"}

package/dist/db.d.ts

@@ -0,0 +1,43 @@
+import Database from "better-sqlite3";
+import type { BetterSQLite3Database } from "drizzle-orm/better-sqlite3";
+import * as schema from "./schema.js";
+/** Error collected from a migration step that uses try-catch for idempotency. */
+export interface MigrationError {
+    name: string;
+    error: unknown;
+}
+/** Result returned by {@link initDatabase}. */
+export interface InitDatabaseResult {
+    migrationErrors: MigrationError[];
+}
+/** Raw better-sqlite3 instance. Available after {@link openDatabase} has been called. */
+declare let sqlite: InstanceType<typeof Database> | undefined;
+/**
+ * Drizzle ORM instance wrapping the SQLite database.
+ * Available after {@link openDatabase} has been called.
+ * Exported as the default export via ESM live binding so that store modules
+ * that do `import db from "./db.js"` see the initialized value after startup.
+ */
+declare let db: BetterSQLite3Database<typeof schema> & {
+    $client: InstanceType<typeof Database>;
+};
+/**
+ * Open the SQLite database and initialize the Drizzle ORM instance.
+ * Call once at startup before using `db` or `sqlite`.
+ * If already initialized, returns silently.
+ *
+ * @param dbPath - Optional path to the database file. Defaults to `~/.grackle/grackle.db`.
+ */
+export declare function openDatabase(dbPath?: string): void;
+/**
+ * Initialize all database tables and run migrations.
+ * Call once at startup after {@link openDatabase}, or pass an in-memory
+ * SQLite instance for testing.
+ *
+ * @param sqliteOverride - Optional SQLite instance to use instead of the module-level one.
+ * @returns Collected migration errors from idempotent try-catch steps.
+ */
+export declare function initDatabase(sqliteOverride?: InstanceType<typeof Database>): InitDatabaseResult;
+export { sqlite };
+export { db as default };
+//# sourceMappingURL=db.d.ts.map

package/dist/db.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"db.d.ts","sourceRoot":"","sources":["../src/db.ts"],"names":[],"mappings":"AAAA,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AAEtC,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAKxE,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAEtC,iFAAiF;AACjF,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,+CAA+C;AAC/C,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,cAAc,EAAE,CAAC;CACnC;AAED,yFAAyF;AACzF,QAAA,IAAI,MAAM,EAAE,YAAY,CAAC,OAAO,QAAQ,CAAC,GAAG,SAAS,CAAC;AAEtD;;;;;GAKG;AACH,QAAA,IAAI,EAAE,EAAG,qBAAqB,CAAC,OAAO,MAAM,CAAC,GAAG;IAC9C,OAAO,EAAE,YAAY,CAAC,OAAO,QAAQ,CAAC,CAAC;CACxC,CAAC;AAEF;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAsElD;AAED;;;;;;;GAOG;AACH,wBAAgB,YAAY,CAAC,cAAc,CAAC,EAAE,YAAY,CAAC,OAAO,QAAQ,CAAC,GAAG,kBAAkB,CAkd/F;AAED,OAAO,EAAE,MAAM,EAAE,CAAC;AAClB,OAAO,EAAE,EAAE,IAAI,OAAO,EAAE,CAAC"}