@heimdall-ai/heimdall 0.1.0

package/dist/config/constants.js

@@ -0,0 +1,70 @@
+import * as path from "path";
+import { fileURLToPath } from "url";
+import * as fs from "fs";
+// Get directory paths
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+/**
+ * Host filesystem path to workspace directory
+ */
+export const WORKSPACE_DIR = process.env.HEIMDALL_WORKSPACE || path.join(__dirname, "..", "..", "workspace");
+/**
+ * Virtual filesystem path to workspace directory in Pyodide
+ */
+export const VIRTUAL_WORKSPACE = "/workspace";
+/**
+ * Parse and validate a size limit from environment variable
+ * @param envValue - Environment variable value
+ * @param defaultValue - Default value in bytes
+ * @param name - Name of the configuration (for error messages)
+ * @returns Validated size in bytes
+ */
+function parseSizeLimit(envValue, defaultValue, name) {
+    if (!envValue) {
+        return defaultValue;
+    }
+    const parsed = parseInt(envValue, 10);
+    if (isNaN(parsed) || parsed <= 0) {
+        console.error(`[Config] Invalid ${name}: "${envValue}". Must be a positive number. Using default: ${defaultValue} bytes`);
+        return defaultValue;
+    }
+    return parsed;
+}
+/**
+ * Parse and validate a timeout from environment variable
+ * @param envValue - Environment variable value
+ * @param defaultValue - Default value in milliseconds
+ * @param name - Name of the configuration (for error messages)
+ * @returns Validated timeout in milliseconds
+ */
+function parseTimeoutMs(envValue, defaultValue, name) {
+    if (!envValue) {
+        return defaultValue;
+    }
+    const parsed = parseInt(envValue, 10);
+    if (isNaN(parsed) || parsed <= 0) {
+        console.error(`[Config] Invalid ${name}: "${envValue}". Must be a positive number. Using default: ${defaultValue}ms`);
+        return defaultValue;
+    }
+    return parsed;
+}
+/**
+ * Maximum size for a single file (default: 10MB)
+ * Configure via HEIMDALL_MAX_FILE_SIZE environment variable (in bytes)
+ */
+export const MAX_FILE_SIZE = parseSizeLimit(process.env.HEIMDALL_MAX_FILE_SIZE, 10 * 1024 * 1024, "HEIMDALL_MAX_FILE_SIZE");
+/**
+ * Maximum total workspace size (default: 100MB)
+ * Configure via HEIMDALL_MAX_WORKSPACE_SIZE environment variable (in bytes)
+ */
+export const MAX_WORKSPACE_SIZE = parseSizeLimit(process.env.HEIMDALL_MAX_WORKSPACE_SIZE, 100 * 1024 * 1024, "HEIMDALL_MAX_WORKSPACE_SIZE");
+/**
+ * Maximum execution time for Python code (default: 5000ms)
+ * Configure via HEIMDALL_PYTHON_EXECUTION_TIMEOUT_MS environment variable
+ */
+export const PYTHON_EXECUTION_TIMEOUT_MS = parseTimeoutMs(process.env.HEIMDALL_PYTHON_EXECUTION_TIMEOUT_MS, 5000, "HEIMDALL_PYTHON_EXECUTION_TIMEOUT_MS");
+// Ensure workspace exists
+if (!fs.existsSync(WORKSPACE_DIR)) {
+    fs.mkdirSync(WORKSPACE_DIR, { recursive: true });
+}
+//# sourceMappingURL=constants.js.map

package/dist/config/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/config/constants.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AAEzB,sBAAsB;AACtB,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,aAAa,GACxB,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;AAElF;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,YAAY,CAAC;AAE9C;;;;;;GAMG;AACH,SAAS,cAAc,CAAC,QAA4B,EAAE,YAAoB,EAAE,IAAY;IACtF,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IAEtC,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,KAAK,CACX,oBAAoB,IAAI,MAAM,QAAQ,gDAAgD,YAAY,QAAQ,CAC3G,CAAC;QACF,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,cAAc,CAAC,QAA4B,EAAE,YAAoB,EAAE,IAAY;IACtF,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IAEtC,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,KAAK,CACX,oBAAoB,IAAI,MAAM,QAAQ,gDAAgD,YAAY,IAAI,CACvG,CAAC;QACF,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,cAAc,CACzC,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAClC,EAAE,GAAG,IAAI,GAAG,IAAI,EAChB,wBAAwB,CACzB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,cAAc,CAC9C,OAAO,CAAC,GAAG,CAAC,2BAA2B,EACvC,GAAG,GAAG,IAAI,GAAG,IAAI,EACjB,6BAA6B,CAC9B,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,cAAc,CACvD,OAAO,CAAC,GAAG,CAAC,oCAAoC,EAChD,IAAI,EACJ,sCAAsC,CACvC,CAAC;AAEF,0BAA0B;AAC1B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;IAClC,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AACnD,CAAC"}

package/dist/core/bash-manager.d.ts

@@ -0,0 +1,56 @@
+/**
+ * BashManager - Manages bash command execution using just-bash
+ *
+ * Provides a sandboxed bash environment with an in-memory virtual filesystem.
+ * Commands are executed using just-bash, a TypeScript implementation of bash
+ * that doesn't spawn real processes.
+ *
+ * SECURITY: Uses SecureFs wrapper to prevent symlink-based path traversal attacks.
+ * All file operations validate that resolved paths stay within the workspace.
+ *
+ * @see SECURITY-REVIEW.md for security details
+ */
+/**
+ * Result of a bash command execution
+ */
+export interface BashExecutionResult {
+    stdout: string;
+    stderr: string;
+    exitCode: number;
+}
+/**
+ * Options for bash execution
+ */
+export interface BashExecutionOptions {
+    cwd?: string;
+}
+/**
+ * BashManager provides bash command execution in a sandboxed environment
+ */
+export declare class BashManager {
+    private bash;
+    private workspaceDir;
+    private initialized;
+    constructor(workspaceDir?: string);
+    /**
+     * Initialize the bash manager
+     */
+    initialize(): Promise<void>;
+    /**
+     * Execute a bash command
+     */
+    execute(command: string, options?: BashExecutionOptions): Promise<BashExecutionResult>;
+    /**
+     * Get the workspace directory
+     */
+    getWorkspaceDir(): string;
+    /**
+     * Check if the manager is initialized
+     */
+    isInitialized(): boolean;
+    /**
+     * Reset the bash environment (for testing)
+     */
+    reset(): Promise<void>;
+}
+//# sourceMappingURL=bash-manager.d.ts.map

package/dist/core/bash-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bash-manager.d.ts","sourceRoot":"","sources":["../../src/core/bash-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAOH;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,IAAI,CAAqB;IACjC,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,WAAW,CAAS;gBAEhB,YAAY,GAAE,MAAsB;IAIhD;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IA4BjC;;OAEG;IACG,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAgC5F;;OAEG;IACH,eAAe,IAAI,MAAM;IAIzB;;OAEG;IACH,aAAa,IAAI,OAAO;IAIxB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAK7B"}

package/dist/core/bash-manager.js

@@ -0,0 +1,106 @@
+/**
+ * BashManager - Manages bash command execution using just-bash
+ *
+ * Provides a sandboxed bash environment with an in-memory virtual filesystem.
+ * Commands are executed using just-bash, a TypeScript implementation of bash
+ * that doesn't spawn real processes.
+ *
+ * SECURITY: Uses SecureFs wrapper to prevent symlink-based path traversal attacks.
+ * All file operations validate that resolved paths stay within the workspace.
+ *
+ * @see SECURITY-REVIEW.md for security details
+ */
+import { Bash } from "just-bash";
+import { SecureFs } from "./secure-fs.js";
+import { WORKSPACE_DIR } from "../config/constants.js";
+import path from "path";
+/**
+ * BashManager provides bash command execution in a sandboxed environment
+ */
+export class BashManager {
+    bash = null;
+    workspaceDir;
+    initialized = false;
+    constructor(workspaceDir = WORKSPACE_DIR) {
+        this.workspaceDir = path.resolve(workspaceDir);
+    }
+    /**
+     * Initialize the bash manager
+     */
+    async initialize() {
+        if (this.initialized && this.bash) {
+            return;
+        }
+        // SECURITY: Use SecureFs instead of ReadWriteFs to prevent symlink attacks
+        // SecureFs validates all file operations to ensure they don't escape
+        // the workspace via symlinks
+        const fs = new SecureFs({ root: this.workspaceDir });
+        // Initialize bash environment
+        this.bash = new Bash({
+            fs,
+            cwd: "/",
+            // Configure execution limits to prevent DoS attacks
+            executionLimits: {
+                maxLoopIterations: 10000,
+                maxCommandCount: 10000,
+                maxCallDepth: 100,
+            },
+            // Network disabled by default for security
+            // Can be enabled later if needed with allowlist
+            network: undefined,
+        });
+        this.initialized = true;
+    }
+    /**
+     * Execute a bash command
+     */
+    async execute(command, options) {
+        if (!this.initialized || !this.bash) {
+            await this.initialize();
+        }
+        if (!this.bash) {
+            throw new Error("Bash manager not initialized");
+        }
+        try {
+            // Execute the command
+            const result = await this.bash.exec(command, {
+                cwd: options?.cwd,
+            });
+            return {
+                stdout: result.stdout,
+                stderr: result.stderr,
+                exitCode: result.exitCode,
+            };
+        }
+        catch (error) {
+            // Handle execution errors
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            return {
+                stdout: "",
+                stderr: errorMessage,
+                exitCode: 1,
+            };
+        }
+    }
+    /**
+     * Get the workspace directory
+     */
+    getWorkspaceDir() {
+        return this.workspaceDir;
+    }
+    /**
+     * Check if the manager is initialized
+     */
+    isInitialized() {
+        return this.initialized;
+    }
+    /**
+     * Reset the bash environment (for testing)
+     */
+    async reset() {
+        this.bash = null;
+        this.initialized = false;
+        await this.initialize();
+    }
+}
+//# sourceMappingURL=bash-manager.js.map

package/dist/core/bash-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bash-manager.js","sourceRoot":"","sources":["../../src/core/bash-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AACvD,OAAO,IAAI,MAAM,MAAM,CAAC;AAkBxB;;GAEG;AACH,MAAM,OAAO,WAAW;IACd,IAAI,GAAgB,IAAI,CAAC;IACzB,YAAY,CAAS;IACrB,WAAW,GAAG,KAAK,CAAC;IAE5B,YAAY,eAAuB,aAAa;QAC9C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU;QACd,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YAClC,OAAO;QACT,CAAC;QAED,2EAA2E;QAC3E,qEAAqE;QACrE,6BAA6B;QAC7B,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;QAErD,8BAA8B;QAC9B,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,CAAC;YACnB,EAAE;YACF,GAAG,EAAE,GAAG;YACR,oDAAoD;YACpD,eAAe,EAAE;gBACf,iBAAiB,EAAE,KAAK;gBACxB,eAAe,EAAE,KAAK;gBACtB,YAAY,EAAE,GAAG;aAClB;YACD,2CAA2C;YAC3C,gDAAgD;YAChD,OAAO,EAAE,SAAS;SACnB,CAAC,CAAC;QAEH,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,OAAe,EAAE,OAA8B;QAC3D,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAC1B,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAClD,CAAC;QAED,IAAI,CAAC;YACH,sBAAsB;YACtB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;gBAC3C,GAAG,EAAE,OAAO,EAAE,GAAG;aAClB,CAAC,CAAC;YAEH,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;aAC1B,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,0BAA0B;YAC1B,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAE5E,OAAO;gBACL,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,YAAY;gBACpB,QAAQ,EAAE,CAAC;aACZ,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,aAAa;QACX,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QACzB,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;IAC1B,CAAC;CACF"}

package/dist/core/pyodide-manager.d.ts

@@ -0,0 +1,125 @@
+/**
+ * PyodideManager - Handles Python runtime lifecycle
+ *
+ * This class manages the Pyodide WebAssembly Python runtime, including:
+ * - Initialization and lifecycle management
+ * - Virtual filesystem operations
+ * - Host <-> Virtual filesystem synchronization
+ * - Python code execution (via worker thread for timeout support)
+ * - Package installation
+ *
+ * Code execution runs in a separate worker thread to enable true timeout
+ * enforcement. If Python code blocks indefinitely (infinite loops, etc.),
+ * the worker can be terminated to enforce the timeout.
+ */
+import { PyodideInterface } from "pyodide";
+import type { ExecutionResult, FileReadResult, FileWriteResult, FileListResult, FileDeleteResult, PackageInstallResult } from "../types/index.js";
+export declare class PyodideManager {
+    private pyodide;
+    private initialized;
+    private initializationPromise;
+    private worker;
+    private workerReady;
+    private workerInitPromise;
+    private writeLock;
+    /**
+     * Convert a virtual path to a host filesystem path.
+     */
+    private virtualToHostPath;
+    /**
+     * Validate and normalize a file path to prevent directory traversal attacks
+     * @param filePath - The file path to validate
+     * @returns The normalized virtual filesystem path
+     * @throws Error if path is invalid or attempts to escape workspace
+     */
+    private validatePath;
+    /**
+     * Resolve symlinks and validate that the real path is within the workspace.
+     * This prevents symlink-based path traversal attacks where an attacker creates
+     * a symlink inside the workspace pointing to a location outside.
+     *
+     * @param hostPath - The host filesystem path to validate
+     * @throws Error if the resolved path escapes the workspace
+     */
+    private validateHostPathWithSymlinkResolution;
+    /**
+     * For files that don't exist yet, validate parent directories for symlinks.
+     * Walks up the path until we find an existing directory, then validates it.
+     */
+    private validateParentPathForSymlinks;
+    /**
+     * Calculate total workspace size from host filesystem
+     * @returns Total size in bytes
+     */
+    private getWorkspaceSize;
+    /**
+     * Validate that writing a file won't exceed workspace size limit
+     * @param fileSize - Size of file to be written
+     * @throws Error if workspace size limit would be exceeded
+     */
+    private checkWorkspaceSize;
+    initialize(): Promise<PyodideInterface>;
+    private doInitialize;
+    /**
+     * Sync files from host filesystem to Pyodide virtual FS
+     */
+    syncHostToVirtual(hostPath?: string, virtualPath?: string): Promise<void>;
+    /**
+     * Sync a specific host file or directory into the virtual FS.
+     */
+    private syncHostPathToVirtual;
+    /**
+     * Sync files from Pyodide virtual FS to host filesystem
+     */
+    syncVirtualToHost(virtualPath?: string, hostPath?: string): Promise<void>;
+    /**
+     * Sync a specific virtual file or directory into the host filesystem.
+     * Includes symlink protection to prevent writing outside workspace.
+     */
+    private syncVirtualPathToHost;
+    /**
+     * Initialize the worker thread for code execution
+     */
+    private initializeWorker;
+    private doInitializeWorker;
+    /**
+     * Terminate the worker thread
+     */
+    private terminateWorker;
+    /**
+     * Execute Python code in the sandbox using a worker thread
+     *
+     * Network access is NOT available - Pyodide runs in WebAssembly which
+     * doesn't have network capabilities. This is by design for security.
+     *
+     * The code runs in a separate worker thread, enabling true timeout
+     * enforcement. If the code doesn't complete within the timeout,
+     * the worker is terminated.
+     */
+    executeCode(code: string, packages?: string[]): Promise<ExecutionResult>;
+    /**
+     * Install packages via micropip
+     */
+    installPackages(packages: string[]): Promise<PackageInstallResult[]>;
+    /**
+     * Read a file from the virtual filesystem
+     */
+    readFile(filePath: string): Promise<FileReadResult>;
+    /**
+     * Write a file to the virtual filesystem
+     *
+     * Uses a write lock to prevent TOCTOU race conditions where concurrent
+     * writes could bypass workspace size limits. The lock ensures that the
+     * size check and write operation are atomic.
+     */
+    writeFile(filePath: string, content: string): Promise<FileWriteResult>;
+    /**
+     * List files in a directory
+     */
+    listFiles(dirPath?: string): Promise<FileListResult>;
+    /**
+     * Delete a file or directory
+     */
+    deleteFile(filePath: string): Promise<FileDeleteResult>;
+}
+//# sourceMappingURL=pyodide-manager.d.ts.map

package/dist/core/pyodide-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pyodide-manager.d.ts","sourceRoot":"","sources":["../../src/core/pyodide-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAe,gBAAgB,EAAE,MAAM,SAAS,CAAC;AAYxD,OAAO,KAAK,EACV,eAAe,EACf,cAAc,EACd,eAAe,EACf,cAAc,EACd,gBAAgB,EAChB,oBAAoB,EACrB,MAAM,mBAAmB,CAAC;AA0B3B,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAiC;IAChD,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,qBAAqB,CAA0C;IAGvE,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,iBAAiB,CAA8B;IAIvD,OAAO,CAAC,SAAS,CAAmB;IAEpC;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAYzB;;;;;OAKG;IACH,OAAO,CAAC,YAAY;IAuBpB;;;;;;;OAOG;YACW,qCAAqC;IAuBnD;;;OAGG;YACW,6BAA6B;IAgC3C;;;OAGG;YACW,gBAAgB;IA0B9B;;;;OAIG;YACW,kBAAkB;IAU1B,UAAU,IAAI,OAAO,CAAC,gBAAgB,CAAC;YAsB/B,YAAY;IA4C1B;;OAEG;IACG,iBAAiB,CACrB,QAAQ,SAAgB,EACxB,WAAW,SAAoB,GAC9B,OAAO,CAAC,IAAI,CAAC;IAIhB;;OAEG;YACW,qBAAqB;IAqDnC;;OAEG;IACG,iBAAiB,CACrB,WAAW,SAAoB,EAC/B,QAAQ,SAAgB,GACvB,OAAO,CAAC,IAAI,CAAC;IAIhB;;;OAGG;YACW,qBAAqB;IAqDnC;;OAEG;YACW,gBAAgB;YAmBhB,kBAAkB;IAoEhC;;OAEG;IACH,OAAO,CAAC,eAAe;IASvB;;;;;;;;;OASG;IACG,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,GAAE,MAAM,EAAO,GAAG,OAAO,CAAC,eAAe,CAAC;IAyFlF;;OAEG;IACG,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,oBAAoB,EAAE,CAAC;IAsB1E;;OAEG;IACG,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAmBzD;;;;;;OAMG;IACG,SAAS,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAqC5E;;OAEG;IACG,SAAS,CAAC,OAAO,SAAK,GAAG,OAAO,CAAC,cAAc,CAAC;IA6BtD;;OAEG;IACG,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;CAsC9D"}