@hua-labs/tap 0.5.2 → 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AI_GUIDE.md +270 -0
- package/CHANGELOG.md +81 -0
- package/README.md +189 -133
- package/dist/bridges/codex-app-server-auth-gateway.mjs +16 -1
- package/dist/bridges/codex-app-server-auth-gateway.mjs.map +1 -1
- package/dist/bridges/codex-app-server-bridge.d.mts +105 -12
- package/dist/bridges/codex-app-server-bridge.mjs +3149 -251
- package/dist/bridges/codex-app-server-bridge.mjs.map +1 -1
- package/dist/bridges/codex-bridge-runner.d.mts +4 -1
- package/dist/bridges/codex-bridge-runner.mjs +512 -58
- package/dist/bridges/codex-bridge-runner.mjs.map +1 -1
- package/dist/bridges/codex-remote-ipc-relay.d.mts +1 -0
- package/dist/bridges/codex-remote-ipc-relay.mjs +1912 -0
- package/dist/bridges/codex-remote-ipc-relay.mjs.map +1 -0
- package/dist/bridges/gemini-ide-companion-runner.mjs.map +1 -1
- package/dist/cli.mjs +30818 -8324
- package/dist/cli.mjs.map +1 -1
- package/dist/codex-a2a/index.d.mts +2 -0
- package/dist/codex-a2a/index.mjs +416 -0
- package/dist/codex-a2a/index.mjs.map +1 -0
- package/dist/codex-health/index.d.mts +76 -0
- package/dist/codex-health/index.mjs +153 -0
- package/dist/codex-health/index.mjs.map +1 -0
- package/dist/codex-ipc/index.d.mts +2 -0
- package/dist/codex-ipc/index.mjs +1834 -0
- package/dist/codex-ipc/index.mjs.map +1 -0
- package/dist/index-D4Khz2Mh.d.mts +206 -0
- package/dist/index-DMToLyGd.d.mts +256 -0
- package/dist/index.d.mts +763 -8
- package/dist/index.mjs +11586 -3438
- package/dist/index.mjs.map +1 -1
- package/dist/mcp-server.mjs +8838 -811
- package/dist/mcp-server.mjs.map +1 -1
- package/dist/types-FWvKrFUt.d.mts +43 -0
- package/examples/01-logic-battle-known-broken.md +46 -0
- package/examples/02-cross-model-review-root-cause.md +37 -0
- package/examples/03-convergence-pattern.md +42 -0
- package/examples/04-tower-broadcast.md +41 -0
- package/examples/05-self-awareness-paradox.md +49 -0
- package/examples/06-session-resurrection.md +37 -0
- package/examples/07-ghost-agent.md +31 -0
- package/examples/08-naming-creates-identity.md +36 -0
- package/examples/09-ceo-as-middleware.md +52 -0
- package/examples/10-files-as-interface.md +67 -0
- package/examples/README.md +34 -0
- package/examples/tap-profile-pack.example.json +71 -0
- package/package.json +22 -5
package/README.md
CHANGED
|
@@ -1,222 +1,278 @@
|
|
|
1
1
|
# @hua-labs/tap
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
[](https://www.npmjs.com/package/@hua-labs/tap)
|
|
4
|
+
[](https://www.npmjs.com/package/@hua-labs/tap)
|
|
5
|
+
[](https://github.com/HUA-Labs/tap/blob/main/LICENSE)
|
|
4
6
|
|
|
5
|
-
|
|
7
|
+
`@hua-labs/tap` is a lightweight CLI that lets multiple AI agent runtimes, such
|
|
8
|
+
as Claude and Codex, exchange messages through a shared file-backed
|
|
9
|
+
communication directory.
|
|
6
10
|
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
11
|
+
It focuses on safe setup, durable delivery evidence, and runtime-specific
|
|
12
|
+
diagnostics without requiring a central daemon for every runtime.
|
|
13
|
+
|
|
14
|
+
## Preview Status
|
|
15
|
+
|
|
16
|
+
`0.6.x` is an advanced operator preview.
|
|
17
|
+
|
|
18
|
+
- Public defaults use neutral concrete agents such as `agent-a` and `agent-b`.
|
|
19
|
+
- `setup` is dry-run-first and only applies reviewed tap-managed changes.
|
|
20
|
+
- Profile packs are data-only validation inputs; tap does not run commands from
|
|
21
|
+
a profile pack in `0.6.x`.
|
|
22
|
+
- Codex App / Desktop live delivery is experimental and strict-gated by runtime
|
|
23
|
+
health and route freshness.
|
|
24
|
+
- Gemini CLI support is legacy/deprecated in this release line. If your
|
|
25
|
+
workflow has moved to Antigravity CLI, treat it as a custom profile-pack
|
|
26
|
+
surface until tap ships a dedicated adapter.
|
|
27
|
+
|
|
28
|
+
For detailed AI-operator troubleshooting, concepts, and advanced runtime notes,
|
|
29
|
+
read [AI_GUIDE.md](./AI_GUIDE.md). AI operators should read it before claiming
|
|
30
|
+
live delivery or runtime readiness.
|
|
31
|
+
|
|
32
|
+
## Requirements
|
|
33
|
+
|
|
34
|
+
- Node.js `>=22.6.0`
|
|
35
|
+
- A git repository for setup-managed MCP config
|
|
10
36
|
|
|
11
37
|
## Quick Start
|
|
12
38
|
|
|
13
|
-
|
|
39
|
+
Run inside an existing git repository. For a new test directory only:
|
|
14
40
|
|
|
15
41
|
```bash
|
|
16
|
-
|
|
17
|
-
npx @hua-labs/tap add claude
|
|
18
|
-
npx @hua-labs/tap add codex
|
|
19
|
-
npx @hua-labs/tap add gemini # experimental
|
|
20
|
-
npx @hua-labs/tap status
|
|
42
|
+
git init
|
|
21
43
|
```
|
|
22
44
|
|
|
23
|
-
|
|
45
|
+
Then inspect and apply setup:
|
|
24
46
|
|
|
25
|
-
|
|
47
|
+
```bash
|
|
48
|
+
# 1. Inspect setup changes first
|
|
49
|
+
npx @hua-labs/tap setup --profile codex-cli --dry-run --json
|
|
26
50
|
|
|
27
|
-
|
|
51
|
+
# 2. Apply only reviewed setup-safe changes
|
|
52
|
+
npx @hua-labs/tap setup --profile codex-cli --apply --json
|
|
28
53
|
|
|
29
|
-
|
|
54
|
+
# 3. Check setup readiness
|
|
55
|
+
npx @hua-labs/tap doctor --setup --profile codex-cli --json
|
|
56
|
+
npx @hua-labs/tap status --json
|
|
57
|
+
```
|
|
30
58
|
|
|
31
|
-
|
|
59
|
+
To add and verify a concrete runtime lane later:
|
|
60
|
+
|
|
61
|
+
```bash
|
|
62
|
+
npx @hua-labs/tap add codex --name agent-a
|
|
63
|
+
npx @hua-labs/tap ready --surface codex-cli --agent agent-a --apply --json
|
|
64
|
+
npx @hua-labs/tap comms-doctor --all-known --json
|
|
65
|
+
```
|
|
66
|
+
|
|
67
|
+
## What Setup Changes
|
|
68
|
+
|
|
69
|
+
`tap setup` is dry-run by default. With `--apply`, the reviewed public setup
|
|
70
|
+
path creates tap-owned directories, an initial tap state file, and guarded
|
|
71
|
+
tap-managed repo `.mcp.json` entries.
|
|
32
72
|
|
|
33
|
-
|
|
73
|
+
It does **not** start receiver, projection, uplink, bridge, app-server,
|
|
74
|
+
headless runner, or remote panel processes. It does not publish presence,
|
|
75
|
+
repair route tuples, send messages, or read credentials.
|
|
34
76
|
|
|
35
|
-
|
|
77
|
+
Most users should start with `setup`. Use `init` only when you want to manually
|
|
78
|
+
create or reset the shared communication directory and local tap state.
|
|
79
|
+
|
|
80
|
+
## Supported Public Setup Profiles
|
|
81
|
+
|
|
82
|
+
| Profile | Use when |
|
|
83
|
+
| ---------------- | ----------------------------------------------------------------------- |
|
|
84
|
+
| `codex-cli` | Codex CLI or headless CLI will use MCP tools plus inbox/receiver paths. |
|
|
85
|
+
| `codex-app` | Codex App/Desktop route readiness should be inspected read-only. |
|
|
86
|
+
| `claude-channel` | Claude/channel readiness should be inspected read-only. |
|
|
87
|
+
|
|
88
|
+
## Common Commands
|
|
89
|
+
|
|
90
|
+
### `setup`
|
|
91
|
+
|
|
92
|
+
Inspect and optionally apply first-run public deployment changes.
|
|
36
93
|
|
|
37
94
|
```bash
|
|
38
|
-
npx @hua-labs/tap
|
|
39
|
-
npx @hua-labs/tap
|
|
40
|
-
npx @hua-labs/tap
|
|
41
|
-
npx @hua-labs/tap init --permissions full # no restrictions (use with caution)
|
|
42
|
-
npx @hua-labs/tap init --force # re-initialize
|
|
95
|
+
npx @hua-labs/tap setup --profile codex-cli --dry-run --json
|
|
96
|
+
npx @hua-labs/tap setup --profile codex-cli --apply --json
|
|
97
|
+
npx @hua-labs/tap setup --profile codex-cli --profile-pack ./tap-profile-pack.json --json
|
|
43
98
|
```
|
|
44
99
|
|
|
45
|
-
|
|
100
|
+
tap refuses to mutate user-managed or ambiguous MCP entries.
|
|
101
|
+
|
|
102
|
+
### `ready`
|
|
46
103
|
|
|
47
|
-
|
|
104
|
+
Prepare or verify a concrete agent on a runtime surface.
|
|
48
105
|
|
|
49
106
|
```bash
|
|
50
|
-
npx @hua-labs/tap
|
|
51
|
-
npx @hua-labs/tap
|
|
52
|
-
npx @hua-labs/tap add gemini # experimental
|
|
53
|
-
npx @hua-labs/tap add claude --force # re-install
|
|
107
|
+
npx @hua-labs/tap ready --surface codex-cli --agent agent-a --json
|
|
108
|
+
npx @hua-labs/tap ready --surface codex-cli --agent agent-a --apply --json
|
|
54
109
|
```
|
|
55
110
|
|
|
56
|
-
|
|
111
|
+
By default, `ready` reports the current or planned readiness state. With
|
|
112
|
+
`--apply`, it applies reviewed readiness changes for the selected surface and
|
|
113
|
+
agent.
|
|
114
|
+
|
|
115
|
+
### `init`
|
|
57
116
|
|
|
58
|
-
|
|
117
|
+
Create or reset the shared comms directory and `.tap-comms/` state.
|
|
59
118
|
|
|
60
119
|
```bash
|
|
61
|
-
npx @hua-labs/tap
|
|
62
|
-
npx @hua-labs/tap
|
|
120
|
+
npx @hua-labs/tap init
|
|
121
|
+
npx @hua-labs/tap init --comms-dir /path/to/comms
|
|
122
|
+
npx @hua-labs/tap init --permissions safe
|
|
123
|
+
npx @hua-labs/tap init --permissions full
|
|
63
124
|
```
|
|
64
125
|
|
|
126
|
+
### `add <runtime>`
|
|
127
|
+
|
|
128
|
+
Add a runtime instance and patch the runtime config when verification allows it.
|
|
129
|
+
|
|
130
|
+
```bash
|
|
131
|
+
npx @hua-labs/tap add claude
|
|
132
|
+
npx @hua-labs/tap add codex --name agent-a
|
|
133
|
+
npx @hua-labs/tap add codex --name agent-b --port 4520
|
|
134
|
+
```
|
|
135
|
+
|
|
136
|
+
`gemini` remains accepted for legacy compatibility, but new first-run docs do
|
|
137
|
+
not recommend it as a default runtime.
|
|
138
|
+
|
|
65
139
|
### `status`
|
|
66
140
|
|
|
67
141
|
Show installed runtimes and their status.
|
|
68
142
|
|
|
69
143
|
```bash
|
|
70
144
|
npx @hua-labs/tap status
|
|
145
|
+
npx @hua-labs/tap status --json
|
|
71
146
|
```
|
|
72
147
|
|
|
73
|
-
Output shows three status levels:
|
|
74
|
-
|
|
75
|
-
- **installed** — config written but not verified
|
|
76
|
-
- **configured** — config written and verified
|
|
77
|
-
- **active** — runtime is running and connected
|
|
78
|
-
|
|
79
148
|
### `doctor`
|
|
80
149
|
|
|
81
|
-
Diagnose config drift, bridge health, managed MCP wiring, and runtime
|
|
150
|
+
Diagnose setup, config drift, bridge health, managed MCP wiring, and runtime
|
|
151
|
+
state.
|
|
82
152
|
|
|
83
153
|
```bash
|
|
84
154
|
npx @hua-labs/tap doctor
|
|
85
|
-
npx @hua-labs/tap doctor --
|
|
155
|
+
npx @hua-labs/tap doctor --setup --profile codex-cli --json
|
|
86
156
|
```
|
|
87
157
|
|
|
88
|
-
### `
|
|
158
|
+
### `comms-doctor`
|
|
89
159
|
|
|
90
|
-
|
|
160
|
+
Explain delivery by runtime surface, including local inbox evidence and live
|
|
161
|
+
adapter readiness.
|
|
91
162
|
|
|
92
163
|
```bash
|
|
93
|
-
npx @hua-labs/tap
|
|
94
|
-
npx @hua-labs/tap
|
|
164
|
+
npx @hua-labs/tap comms-doctor --all-known --json
|
|
165
|
+
npx @hua-labs/tap comms-doctor --agent agent-a --plan-send --json
|
|
95
166
|
```
|
|
96
167
|
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
## Supported Runtimes
|
|
100
|
-
|
|
101
|
-
| Runtime | Config | Bridge | Mode |
|
|
102
|
-
| ------- | ----------------------- | ---------------------- | ------------------ |
|
|
103
|
-
| Claude | `.mcp.json` | native-push (fs.watch) | No daemon needed |
|
|
104
|
-
| Codex | `~/.codex/config.toml` | WebSocket bridge | Daemon per session |
|
|
105
|
-
| Gemini (experimental) | `.gemini/settings.json` | polling | No daemon needed |
|
|
106
|
-
|
|
107
|
-
## `--json` Flag
|
|
168
|
+
### `flow-doctor`
|
|
108
169
|
|
|
109
|
-
|
|
170
|
+
Diagnose one receiver/promoter lane without mutating process state.
|
|
110
171
|
|
|
111
172
|
```bash
|
|
112
|
-
npx @hua-labs/tap
|
|
173
|
+
npx @hua-labs/tap flow-doctor --agent agent-a --json
|
|
113
174
|
```
|
|
114
175
|
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
"command": "status",
|
|
119
|
-
"code": "TAP_STATUS_OK",
|
|
120
|
-
"message": "2 runtime(s) installed",
|
|
121
|
-
"warnings": [],
|
|
122
|
-
"data": {
|
|
123
|
-
"version": "0.x.y",
|
|
124
|
-
"commsDir": "/path/to/comms",
|
|
125
|
-
"runtimes": {
|
|
126
|
-
"claude": { "status": "active", "bridgeMode": "native-push" },
|
|
127
|
-
"codex": { "status": "configured", "bridgeMode": "app-server" }
|
|
128
|
-
}
|
|
129
|
-
}
|
|
130
|
-
}
|
|
131
|
-
```
|
|
176
|
+
`flow-doctor` is read-only by default. Its reviewed cleanup mode only archives
|
|
177
|
+
stale non-lane presence records with a manifest and prunes matching stale
|
|
178
|
+
heartbeat entries.
|
|
132
179
|
|
|
133
|
-
|
|
180
|
+
### `reviews register`
|
|
134
181
|
|
|
135
|
-
|
|
182
|
+
Register formal review outcomes into a discoverable review evidence stream.
|
|
136
183
|
|
|
137
|
-
|
|
184
|
+
```bash
|
|
185
|
+
npx @hua-labs/tap reviews register --source ./tap-comms --dry-run --json
|
|
186
|
+
```
|
|
138
187
|
|
|
139
|
-
|
|
188
|
+
### `serve`
|
|
140
189
|
|
|
141
|
-
|
|
190
|
+
Start the bundled tap MCP server on stdio.
|
|
142
191
|
|
|
143
|
-
|
|
192
|
+
```bash
|
|
193
|
+
npx @hua-labs/tap serve
|
|
194
|
+
```
|
|
144
195
|
|
|
145
|
-
|
|
196
|
+
### `bridge start|stop|restart`
|
|
146
197
|
|
|
147
|
-
|
|
198
|
+
Manage Codex app-server bridge lifecycle.
|
|
148
199
|
|
|
149
200
|
```bash
|
|
150
|
-
npx @hua-labs/tap
|
|
201
|
+
npx @hua-labs/tap bridge start codex --agent-name agent-c
|
|
202
|
+
npx @hua-labs/tap bridge stop codex --keep-server
|
|
203
|
+
npx @hua-labs/tap bridge restart codex
|
|
151
204
|
```
|
|
152
205
|
|
|
153
|
-
|
|
206
|
+
## Core Concepts
|
|
207
|
+
|
|
208
|
+
- **Runtime**: an AI tool or environment tap can connect to, such as Claude or
|
|
209
|
+
Codex.
|
|
210
|
+
- **Agent**: a named participant, such as `agent-a`, that sends or receives
|
|
211
|
+
messages.
|
|
212
|
+
- **Surface**: a specific runtime interface, such as `codex-cli` or
|
|
213
|
+
`codex-app`.
|
|
214
|
+
- **Comms directory**: the shared file-backed message store for inboxes,
|
|
215
|
+
reviews, handoffs, and evidence.
|
|
216
|
+
- **Profile**: a setup target that describes which runtime surface tap should
|
|
217
|
+
inspect or prepare.
|
|
218
|
+
- **Profile pack**: a data-only input for validating custom operator
|
|
219
|
+
environments.
|
|
154
220
|
|
|
155
|
-
|
|
221
|
+
## Permissions
|
|
156
222
|
|
|
157
|
-
|
|
223
|
+
Safe mode reduces destructive local file operations. It is not a
|
|
224
|
+
network-isolated mode.
|
|
158
225
|
|
|
159
|
-
|
|
226
|
+
- `safe` is the default.
|
|
227
|
+
- `full` enables less restricted local runtime settings and should only be used
|
|
228
|
+
on trusted machines.
|
|
160
229
|
|
|
161
|
-
|
|
162
|
-
comms/
|
|
163
|
-
├── inbox/ # Agent-to-agent messages
|
|
164
|
-
├── reviews/ # Code review results
|
|
165
|
-
├── findings/ # Out-of-scope discoveries
|
|
166
|
-
├── handoff/ # Session handoff documents
|
|
167
|
-
├── retros/ # Retrospectives
|
|
168
|
-
└── archive/ # Archived messages
|
|
169
|
-
```
|
|
230
|
+
See [AI_GUIDE.md](./AI_GUIDE.md#permissions-and-safety) for details.
|
|
170
231
|
|
|
171
|
-
|
|
232
|
+
## JSON Output
|
|
172
233
|
|
|
173
|
-
|
|
174
|
-
2. **Plans** — determines what patches to apply
|
|
175
|
-
3. **Applies** — backs up and patches config files
|
|
176
|
-
4. **Verifies** — confirms the runtime can read the config
|
|
234
|
+
Most operational commands support `--json` for machine-readable output.
|
|
177
235
|
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
### Config And Lifecycle
|
|
236
|
+
```bash
|
|
237
|
+
npx @hua-labs/tap status --json
|
|
238
|
+
```
|
|
183
239
|
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
- **Repair path** — `tap doctor --fix` can now repair more managed config drift, including Codex MCP table mismatches
|
|
240
|
+
Exit codes use `0` for ok and `1` for error. Error codes use the `TAP_*`
|
|
241
|
+
prefix.
|
|
187
242
|
|
|
188
|
-
|
|
243
|
+
## Supported Runtimes
|
|
189
244
|
|
|
190
|
-
|
|
191
|
-
|
|
245
|
+
| Runtime | Status | Notes |
|
|
246
|
+
| ------- | ------------------------- | ------------------------------------------ |
|
|
247
|
+
| Claude | supported | Uses `.mcp.json` / channel-style delivery. |
|
|
248
|
+
| Codex | supported | Uses CLI, MCP, and app-server surfaces. |
|
|
249
|
+
| Gemini | legacy / deprecated | Kept for compatibility only. |
|
|
250
|
+
| Other | custom profile-pack input | Use data-only profile packs in `0.6.x`. |
|
|
192
251
|
|
|
193
|
-
|
|
252
|
+
Antigravity CLI is not a bundled adapter in `0.6.x`. Model it as a custom
|
|
253
|
+
profile-pack surface until a dedicated integration is released.
|
|
194
254
|
|
|
195
|
-
|
|
196
|
-
- **Codex MCP defaults** — managed Codex installs now persist `[mcp_servers.tap] approval_mode = "auto"` and re-sync the runtime config hash when tap rewrites managed config
|
|
197
|
-
- **Bundled MCP runtime** — bundled `.mjs` server entries now prefer `node`; repo-local TypeScript sources still use `bun`
|
|
198
|
-
- **Hotfixes** — ESM `require()` breakage, temp file leaks in name claims, and claim-stealing edge cases were fixed during publish prep
|
|
255
|
+
## Examples
|
|
199
256
|
|
|
200
|
-
|
|
257
|
+
- Generic profile pack:
|
|
258
|
+
[`examples/tap-profile-pack.example.json`](./examples/tap-profile-pack.example.json)
|
|
259
|
+
- Narrative examples:
|
|
260
|
+
[`examples/`](./examples/)
|
|
201
261
|
|
|
202
|
-
|
|
203
|
-
- **Attached TUI rebind** — Codex TUI attach can now recover `agentId` and `agentName` from runtime heartbeat and agent-name files without relying on per-session env injection
|
|
204
|
-
- **State surface alignment** — bridge status, runtime heartbeat, and presence now read from the same state surfaces, reducing mismatches between `tap status`, bridge state, and plugin-visible presence
|
|
205
|
-
- **Broadcast dedupe** — bridge-dispatched notifications are deduplicated so one broadcast does not fan out twice
|
|
206
|
-
- **Ack storm prevention** — peer DM auto-replies are rate-limited to stop acknowledgement loops from flooding the inbox
|
|
262
|
+
The narrative examples are real collaboration stories, not setup defaults.
|
|
207
263
|
|
|
208
|
-
|
|
264
|
+
## Recent Changes
|
|
209
265
|
|
|
210
|
-
|
|
211
|
-
- **Publish prep stabilization** — failing suites were fixed or quarantined so release-blocking regressions show up earlier in the main package tests
|
|
266
|
+
See [CHANGELOG.md](./CHANGELOG.md) for full release history.
|
|
212
267
|
|
|
213
|
-
|
|
268
|
+
Highlights in `0.6.x`:
|
|
214
269
|
|
|
215
|
-
-
|
|
216
|
-
-
|
|
217
|
-
-
|
|
218
|
-
-
|
|
219
|
-
-
|
|
270
|
+
- dry-run-first public setup profiles;
|
|
271
|
+
- `ready`, `comms-doctor`, and `flow-doctor` for surface-specific diagnostics;
|
|
272
|
+
- explicit `tap reviews register` evidence registration;
|
|
273
|
+
- profile-pack validation for custom environments;
|
|
274
|
+
- stricter broad-role and stale-presence guards;
|
|
275
|
+
- packaged AI operator guide and npm provenance publishing.
|
|
220
276
|
|
|
221
277
|
## License
|
|
222
278
|
|
|
@@ -3,7 +3,7 @@ import {
|
|
|
3
3
|
createServer
|
|
4
4
|
} from "http";
|
|
5
5
|
import { readFileSync } from "fs";
|
|
6
|
-
import { resolve } from "path";
|
|
6
|
+
import { basename, resolve } from "path";
|
|
7
7
|
import { pathToFileURL } from "url";
|
|
8
8
|
import { timingSafeEqual } from "crypto";
|
|
9
9
|
import { WebSocket, WebSocketServer } from "ws";
|
|
@@ -273,9 +273,15 @@ async function startGatewayServer(options) {
|
|
|
273
273
|
closeSocket(client, CLOSE_UNAUTHORIZED, "Unauthorized");
|
|
274
274
|
return;
|
|
275
275
|
}
|
|
276
|
+
console.log(
|
|
277
|
+
`[auth-gateway] client authenticated from ${request.socket.remoteAddress ?? "unknown"} -> ${options.upstreamUrl}`
|
|
278
|
+
);
|
|
276
279
|
const upstream = new WebSocket(options.upstreamUrl, {
|
|
277
280
|
perMessageDeflate: false
|
|
278
281
|
});
|
|
282
|
+
upstream.on("open", () => {
|
|
283
|
+
console.log(`[auth-gateway] upstream connected ${options.upstreamUrl}`);
|
|
284
|
+
});
|
|
279
285
|
upstream.on("message", (data, isBinary) => {
|
|
280
286
|
if (client.readyState === WebSocket.OPEN) {
|
|
281
287
|
client.send(data, { binary: isBinary });
|
|
@@ -288,10 +294,16 @@ async function startGatewayServer(options) {
|
|
|
288
294
|
});
|
|
289
295
|
upstream.on("close", (code, reasonBuffer) => {
|
|
290
296
|
const reason = reasonBuffer.toString() || "Upstream closed";
|
|
297
|
+
console.log(
|
|
298
|
+
`[auth-gateway] upstream closed code=${code || 1e3} reason=${reason}`
|
|
299
|
+
);
|
|
291
300
|
closeSocket(client, code || 1e3, reason);
|
|
292
301
|
});
|
|
293
302
|
client.on("close", (code, reasonBuffer) => {
|
|
294
303
|
const reason = reasonBuffer.toString() || "Client closed";
|
|
304
|
+
console.log(
|
|
305
|
+
`[auth-gateway] client closed code=${code || 1e3} reason=${reason}`
|
|
306
|
+
);
|
|
295
307
|
closeSocket(upstream, code || 1e3, reason);
|
|
296
308
|
});
|
|
297
309
|
upstream.on("error", (error) => {
|
|
@@ -361,6 +373,9 @@ async function startGatewayServer(options) {
|
|
|
361
373
|
function isDirectExecution() {
|
|
362
374
|
const entry = process.argv[1];
|
|
363
375
|
if (!entry) return false;
|
|
376
|
+
if (!basename(entry).startsWith("codex-app-server-auth-gateway")) {
|
|
377
|
+
return false;
|
|
378
|
+
}
|
|
364
379
|
return import.meta.url === pathToFileURL(resolve(entry)).href;
|
|
365
380
|
}
|
|
366
381
|
if (isDirectExecution()) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/bridges/codex-app-server-auth-gateway.ts","../../src/engine/bridge-app-server-health.ts"],"sourcesContent":["import {\n createServer,\n type IncomingMessage,\n type Server as HttpServer,\n type ServerResponse,\n} from \"node:http\";\nimport { readFileSync } from \"node:fs\";\nimport { resolve } from \"node:path\";\nimport type { Duplex } from \"node:stream\";\nimport { pathToFileURL } from \"node:url\";\nimport { timingSafeEqual } from \"node:crypto\";\nimport { WebSocket, WebSocketServer, type RawData } from \"ws\";\nimport { checkManagedAppServerReady } from \"../engine/bridge-app-server-health.js\";\n\nconst AUTH_SUBPROTOCOL_PREFIX = \"tap-auth-\";\nconst CLOSE_UNAUTHORIZED = 4401;\nconst CLOSE_UPSTREAM_ERROR = 1013;\nexport const GATEWAY_READYZ_PATH = \"/readyz\";\n\nexport interface GatewayOptions {\n listenUrl: string;\n upstreamUrl: string;\n token: string;\n}\n\nexport interface GatewayRuntime {\n server: HttpServer;\n close(): Promise<void>;\n}\n\nfunction normalizeUrl(value: string): string {\n return value.replace(/\\/$/, \"\");\n}\n\nfunction closeSocket(\n socket: Pick<WebSocket, \"readyState\" | \"close\">,\n code: number,\n reason: string,\n): void {\n if (\n socket.readyState === WebSocket.CLOSING ||\n socket.readyState === WebSocket.CLOSED\n ) {\n return;\n }\n\n try {\n socket.close(code, reason);\n } catch {\n // Best-effort cleanup only.\n }\n}\n\nfunction readFlagValue(argv: string[], index: number, flag: string): string {\n const current = argv[index] ?? \"\";\n const eqIndex = current.indexOf(\"=\");\n if (eqIndex >= 0) {\n return current.slice(eqIndex + 1);\n }\n\n const next = argv[index + 1];\n if (!next || next.startsWith(\"--\")) {\n throw new Error(`Missing value for ${flag}`);\n }\n return next;\n}\n\nexport function buildGatewayOptions(argv: string[]): GatewayOptions {\n let listenUrl = process.env.TAP_GATEWAY_LISTEN_URL?.trim() || \"\";\n let upstreamUrl = process.env.TAP_GATEWAY_UPSTREAM_URL?.trim() || \"\";\n let tokenFile = process.env.TAP_GATEWAY_TOKEN_FILE?.trim() || \"\";\n let token = process.env.TAP_GATEWAY_TOKEN?.trim() || \"\";\n\n for (let index = 0; index < argv.length; index += 1) {\n const flag = argv[index] ?? \"\";\n const consumesNext = !flag.includes(\"=\");\n\n if (flag.startsWith(\"--listen-url\")) {\n listenUrl = readFlagValue(argv, index, \"--listen-url\").trim();\n if (consumesNext) index += 1;\n continue;\n }\n\n if (flag.startsWith(\"--upstream-url\")) {\n upstreamUrl = readFlagValue(argv, index, \"--upstream-url\").trim();\n if (consumesNext) index += 1;\n continue;\n }\n\n if (flag.startsWith(\"--token\")) {\n token = readFlagValue(argv, index, \"--token\").trim();\n if (consumesNext) index += 1;\n continue;\n }\n\n if (flag.startsWith(\"--token-file\")) {\n tokenFile = readFlagValue(argv, index, \"--token-file\").trim();\n if (consumesNext) index += 1;\n continue;\n }\n }\n\n if (tokenFile) {\n token = readFileSync(tokenFile, \"utf8\").trim();\n }\n\n if (!listenUrl) {\n throw new Error(\"Missing gateway listen URL\");\n }\n if (!upstreamUrl) {\n throw new Error(\"Missing gateway upstream URL\");\n }\n if (!token) {\n throw new Error(\"Missing gateway auth token\");\n }\n\n const listen = new URL(listenUrl);\n const upstream = new URL(upstreamUrl);\n if (!/^wss?:$/.test(listen.protocol)) {\n throw new Error(`Unsupported gateway listen protocol: ${listen.protocol}`);\n }\n if (!/^wss?:$/.test(upstream.protocol)) {\n throw new Error(\n `Unsupported gateway upstream protocol: ${upstream.protocol}`,\n );\n }\n\n return {\n listenUrl: normalizeUrl(listen.toString()),\n upstreamUrl: normalizeUrl(upstream.toString()),\n token,\n };\n}\n\nfunction tokensMatch(\n presentedToken: string | null,\n expectedToken: string,\n): boolean {\n if (!presentedToken) {\n return false;\n }\n\n const presented = Buffer.from(presentedToken, \"utf8\");\n const expected = Buffer.from(expectedToken, \"utf8\");\n if (presented.length !== expected.length) {\n return false;\n }\n\n return timingSafeEqual(presented, expected);\n}\n\nasync function main(): Promise<void> {\n const options = buildGatewayOptions(process.argv.slice(2));\n const runtime = await startGatewayServer(options);\n\n const shutdown = () => {\n void runtime.close().finally(() => {\n process.exit(0);\n });\n };\n\n process.on(\"SIGINT\", shutdown);\n process.on(\"SIGTERM\", shutdown);\n}\n\nfunction writeJson(\n response: ServerResponse,\n statusCode: number,\n body: Record<string, unknown>,\n): void {\n response.statusCode = statusCode;\n response.setHeader(\"Content-Type\", \"application/json\");\n response.end(JSON.stringify(body));\n}\n\nfunction writeUpgradeRequired(response: ServerResponse): void {\n response.statusCode = 426;\n response.setHeader(\"Connection\", \"Upgrade\");\n response.setHeader(\"Upgrade\", \"websocket\");\n response.end(\"Upgrade Required\");\n}\n\nfunction writeNotFound(response: ServerResponse): void {\n response.statusCode = 404;\n response.end(\"Not Found\");\n}\n\nfunction rejectUpgrade(socket: Duplex, statusCode: number): void {\n socket.write(\n `HTTP/1.1 ${statusCode} ${statusCode === 404 ? \"Not Found\" : \"Bad Request\"}\\r\\n\\r\\n`,\n );\n socket.destroy();\n}\n\n/**\n * Detect traversal sequences in any encoding: raw \"..\", percent-encoded\n * \"%2e%2e\", or mixed forms like \".%2e\" / \"%2e.\".\n */\nfunction containsTraversal(raw: string): boolean {\n if (raw.includes(\"..\")) return true;\n // Decode percent-encoded dots and recheck\n if (/%2e/i.test(raw) && raw.replace(/%2e/gi, \".\").includes(\"..\")) return true;\n return false;\n}\n\nfunction isUpgradePath(listenUrl: string, request: IncomingMessage): boolean {\n const requestUrl = new URL(\n request.url ?? \"/\",\n listenUrl.replace(/^ws/, \"http\"),\n );\n const listenPath = new URL(listenUrl).pathname;\n return requestUrl.pathname === (listenPath || \"/\");\n}\n\nasync function handleReadyzRequest(\n response: ServerResponse,\n options: GatewayOptions,\n): Promise<void> {\n const ready = await checkManagedAppServerReady(options.upstreamUrl);\n writeJson(response, ready ? 200 : 503, { ok: ready });\n}\n\nexport async function startGatewayServer(\n options: GatewayOptions,\n): Promise<GatewayRuntime> {\n const listen = new URL(options.listenUrl);\n const host = listen.hostname === \"localhost\" ? \"127.0.0.1\" : listen.hostname;\n const port = Number.parseInt(listen.port, 10);\n if (!Number.isFinite(port) || port <= 0) {\n throw new Error(\n `Gateway listen URL must include a valid port: ${options.listenUrl}`,\n );\n }\n\n const wsServer = new WebSocketServer({\n noServer: true,\n perMessageDeflate: false,\n });\n\n wsServer.on(\"connection\", (client: WebSocket, request: IncomingMessage) => {\n // Extract token from Sec-WebSocket-Protocol header (subprotocol auth).\n // Client sends: WebSocket(url, [\"tap-auth-<token>\"])\n // Falls back to query param for backward compatibility during migration.\n const protocols =\n request.headers[\"sec-websocket-protocol\"]\n ?.split(\",\")\n .map((s) => s.trim()) ?? [];\n const authProtocol = protocols.find((p) =>\n p.startsWith(AUTH_SUBPROTOCOL_PREFIX),\n );\n const subprotocolToken =\n authProtocol?.slice(AUTH_SUBPROTOCOL_PREFIX.length) ?? null;\n\n // Legacy fallback: query param (will be removed in future version)\n const requestUrl = new URL(request.url ?? \"/\", options.listenUrl);\n const queryToken = requestUrl.searchParams.get(\"tap_token\");\n\n const presentedToken = subprotocolToken ?? queryToken;\n if (!tokensMatch(presentedToken, options.token)) {\n closeSocket(client, CLOSE_UNAUTHORIZED, \"Unauthorized\");\n return;\n }\n\n const upstream = new WebSocket(options.upstreamUrl, {\n perMessageDeflate: false,\n });\n\n upstream.on(\"message\", (data: RawData, isBinary: boolean) => {\n if (client.readyState === WebSocket.OPEN) {\n client.send(data, { binary: isBinary });\n }\n });\n\n client.on(\"message\", (data: RawData, isBinary: boolean) => {\n if (upstream.readyState === WebSocket.OPEN) {\n upstream.send(data, { binary: isBinary });\n }\n });\n\n upstream.on(\"close\", (code: number, reasonBuffer: Buffer) => {\n const reason = reasonBuffer.toString() || \"Upstream closed\";\n closeSocket(client, code || 1000, reason);\n });\n\n client.on(\"close\", (code: number, reasonBuffer: Buffer) => {\n const reason = reasonBuffer.toString() || \"Client closed\";\n closeSocket(upstream, code || 1000, reason);\n });\n\n upstream.on(\"error\", (error: Error) => {\n console.error(`[auth-gateway] upstream error: ${String(error)}`);\n closeSocket(client, CLOSE_UPSTREAM_ERROR, \"Upstream unavailable\");\n closeSocket(upstream, CLOSE_UPSTREAM_ERROR, \"Upstream unavailable\");\n });\n\n client.on(\"error\", (error: Error) => {\n console.error(`[auth-gateway] client error: ${String(error)}`);\n closeSocket(upstream, 1011, \"Client error\");\n });\n });\n\n const listenPath = new URL(options.listenUrl).pathname || \"/\";\n\n const server = createServer(async (request, response) => {\n const requestUrl = new URL(\n request.url ?? \"/\",\n options.listenUrl.replace(/^ws/, \"http\"),\n );\n\n // Defense-in-depth: reject traversal sequences in any encoding.\n // Covers raw \"..\", percent-encoded \"%2e%2e\", and mixed forms.\n if (containsTraversal(request.url ?? \"\")) {\n writeNotFound(response);\n return;\n }\n\n if (\n request.method === \"GET\" &&\n requestUrl.pathname === GATEWAY_READYZ_PATH\n ) {\n await handleReadyzRequest(response, options);\n return;\n }\n\n if (requestUrl.pathname === listenPath) {\n writeUpgradeRequired(response);\n return;\n }\n\n writeNotFound(response);\n });\n\n server.on(\"upgrade\", (request, socket, head) => {\n // Block traversal in upgrade requests (raw + encoded)\n if (containsTraversal(request.url ?? \"\")) {\n rejectUpgrade(socket, 400);\n return;\n }\n\n if (!isUpgradePath(options.listenUrl, request)) {\n rejectUpgrade(socket, 404);\n return;\n }\n\n wsServer.handleUpgrade(request, socket, head, (client) => {\n wsServer.emit(\"connection\", client, request);\n });\n });\n\n await new Promise<void>((resolvePromise, rejectPromise) => {\n server.once(\"error\", rejectPromise);\n server.listen(port, host, () => {\n server.off(\"error\", rejectPromise);\n console.log(\n `[auth-gateway] listening ${options.listenUrl} -> ${options.upstreamUrl}`,\n );\n resolvePromise();\n });\n });\n\n return {\n server,\n close() {\n return new Promise<void>((resolvePromise) => {\n server.close(() => {\n wsServer.close(() => resolvePromise());\n });\n });\n },\n };\n}\n\nfunction isDirectExecution(): boolean {\n const entry = process.argv[1];\n if (!entry) return false;\n return import.meta.url === pathToFileURL(resolve(entry)).href;\n}\n\nif (isDirectExecution()) {\n main().catch((error) => {\n console.error(\n error instanceof Error ? (error.stack ?? error.message) : String(error),\n );\n process.exit(1);\n });\n}\n","import * as net from \"node:net\";\nimport type { AppServerState } from \"../types.js\";\nimport { getWebSocketCtor, delay } from \"./bridge-port-network.js\";\n\nexport interface WebSocketLike {\n addEventListener(\n type: \"open\" | \"error\" | \"close\",\n listener: () => void,\n options?: { once?: boolean },\n ): void;\n close(code?: number, reason?: string): void;\n}\n\nexport type WebSocketCtor = new (\n url: string,\n protocols?: string | string[],\n) => WebSocketLike;\n\nexport const APP_SERVER_HEALTH_TIMEOUT_MS = 1_500;\nexport const APP_SERVER_HEALTH_RETRY_MS = 250;\nexport const APP_SERVER_READYZ_PATH = \"/readyz\";\n\nexport const AUTH_SUBPROTOCOL_PREFIX = \"tap-auth-\";\n\nexport type AppServerReadyzStatus = \"ready\" | \"not-ready\" | \"unsupported\";\n\nexport async function checkAppServerHealth(\n url: string,\n timeoutMs: number = APP_SERVER_HEALTH_TIMEOUT_MS,\n gatewayToken?: string | null,\n): Promise<boolean> {\n const WebSocket = getWebSocketCtor();\n if (!WebSocket) {\n return false;\n }\n\n return new Promise<boolean>((resolve) => {\n let settled = false;\n let socket: WebSocketLike | null = null;\n\n const finish = (healthy: boolean) => {\n if (settled) {\n return;\n }\n settled = true;\n clearTimeout(timer);\n try {\n socket?.close();\n } catch {\n // Best-effort cleanup only.\n }\n resolve(healthy);\n };\n\n const timer = setTimeout(() => finish(false), timeoutMs);\n\n try {\n // Authenticate via WebSocket subprotocol when a gateway token is provided.\n const protocols = gatewayToken\n ? [`${AUTH_SUBPROTOCOL_PREFIX}${gatewayToken}`]\n : undefined;\n socket = new WebSocket(url, protocols);\n socket.addEventListener(\"open\", () => finish(true), { once: true });\n socket.addEventListener(\"error\", () => finish(false), { once: true });\n socket.addEventListener(\"close\", () => finish(false), { once: true });\n } catch {\n finish(false);\n }\n });\n}\n\nexport async function waitForAppServerHealth(\n url: string,\n timeoutMs: number,\n gatewayToken?: string | null,\n): Promise<boolean> {\n const deadline = Date.now() + timeoutMs;\n\n while (Date.now() < deadline) {\n if (\n await checkAppServerHealth(\n url,\n APP_SERVER_HEALTH_TIMEOUT_MS,\n gatewayToken,\n )\n ) {\n return true;\n }\n await delay(APP_SERVER_HEALTH_RETRY_MS);\n }\n\n return false;\n}\n\nexport function buildAppServerReadyzUrl(url: string): string | null {\n let parsed: URL;\n try {\n parsed = new URL(url);\n } catch {\n return null;\n }\n\n if (parsed.protocol === \"ws:\") {\n parsed.protocol = \"http:\";\n } else if (parsed.protocol === \"wss:\") {\n parsed.protocol = \"https:\";\n } else if (parsed.protocol !== \"http:\" && parsed.protocol !== \"https:\") {\n return null;\n }\n\n parsed.pathname = APP_SERVER_READYZ_PATH;\n parsed.search = \"\";\n parsed.hash = \"\";\n return parsed.toString();\n}\n\nexport async function checkAppServerReadyz(\n url: string,\n timeoutMs: number = APP_SERVER_HEALTH_TIMEOUT_MS,\n): Promise<AppServerReadyzStatus> {\n const readyzUrl = buildAppServerReadyzUrl(url);\n if (!readyzUrl) {\n return \"unsupported\";\n }\n\n const controller = new AbortController();\n const timer = setTimeout(() => controller.abort(), timeoutMs);\n\n try {\n const response = await fetch(readyzUrl, {\n method: \"GET\",\n signal: controller.signal,\n headers: {\n accept: \"application/json\",\n },\n });\n\n if (response.ok) {\n return \"ready\";\n }\n\n if (\n response.status === 400 ||\n response.status === 404 ||\n response.status === 405 ||\n response.status === 426 ||\n response.status === 501\n ) {\n return \"unsupported\";\n }\n\n return \"not-ready\";\n } catch {\n return \"not-ready\";\n } finally {\n clearTimeout(timer);\n }\n}\n\n/**\n * Check if a TCP port is accepting connections (without WebSocket upgrade).\n * Use this for managed startup health checks to avoid creating app-server sessions.\n */\nexport async function checkTcpPortListening(\n url: string,\n timeoutMs: number = APP_SERVER_HEALTH_TIMEOUT_MS,\n): Promise<boolean> {\n let hostname: string;\n let port: number;\n try {\n const parsed = new URL(url.replace(/^ws/, \"http\"));\n hostname = parsed.hostname;\n port = parseInt(parsed.port, 10);\n } catch {\n return false;\n }\n if (!port || !Number.isFinite(port)) return false;\n\n return new Promise<boolean>((resolve) => {\n const socket = net.createConnection({ host: hostname, port });\n const timer = setTimeout(() => {\n socket.destroy();\n resolve(false);\n }, timeoutMs);\n\n socket.once(\"connect\", () => {\n clearTimeout(timer);\n socket.destroy();\n resolve(true);\n });\n socket.once(\"error\", () => {\n clearTimeout(timer);\n socket.destroy();\n resolve(false);\n });\n });\n}\n\n/**\n * Wait for a TCP port to start accepting connections.\n * Does NOT open a WebSocket, so no app-server session is created.\n */\nexport async function waitForTcpPortListening(\n url: string,\n timeoutMs: number,\n): Promise<boolean> {\n const deadline = Date.now() + timeoutMs;\n\n while (Date.now() < deadline) {\n if (await checkTcpPortListening(url, APP_SERVER_HEALTH_TIMEOUT_MS)) {\n return true;\n }\n await delay(APP_SERVER_HEALTH_RETRY_MS);\n }\n\n return false;\n}\n\nexport async function checkManagedAppServerReady(\n url: string,\n timeoutMs: number = APP_SERVER_HEALTH_TIMEOUT_MS,\n): Promise<boolean> {\n const readyzStatus = await checkAppServerReadyz(url, timeoutMs);\n if (readyzStatus === \"ready\") {\n return true;\n }\n\n if (readyzStatus === \"unsupported\") {\n return checkTcpPortListening(url, timeoutMs);\n }\n\n return false;\n}\n\nexport async function waitForManagedAppServerReady(\n url: string,\n timeoutMs: number,\n): Promise<boolean> {\n const deadline = Date.now() + timeoutMs;\n\n while (Date.now() < deadline) {\n const remaining = Math.max(\n 1,\n Math.min(APP_SERVER_HEALTH_TIMEOUT_MS, deadline - Date.now()),\n );\n if (await checkManagedAppServerReady(url, remaining)) {\n return true;\n }\n await delay(APP_SERVER_HEALTH_RETRY_MS);\n }\n\n return false;\n}\n\nexport function markAppServerHealthy(\n appServer: AppServerState,\n): AppServerState {\n const checkedAt = new Date().toISOString();\n return {\n ...appServer,\n healthy: true,\n lastCheckedAt: checkedAt,\n lastHealthyAt: checkedAt,\n };\n}\n"],"mappings":";AAAA;AAAA,EACE;AAAA,OAIK;AACP,SAAS,oBAAoB;AAC7B,SAAS,eAAe;AAExB,SAAS,qBAAqB;AAC9B,SAAS,uBAAuB;AAChC,SAAS,WAAW,uBAAqC;;;ACXzD,YAAY,SAAS;AAkBd,IAAM,+BAA+B;AAErC,IAAM,yBAAyB;AA0E/B,SAAS,wBAAwB,KAA4B;AAClE,MAAI;AACJ,MAAI;AACF,aAAS,IAAI,IAAI,GAAG;AAAA,EACtB,QAAQ;AACN,WAAO;AAAA,EACT;AAEA,MAAI,OAAO,aAAa,OAAO;AAC7B,WAAO,WAAW;AAAA,EACpB,WAAW,OAAO,aAAa,QAAQ;AACrC,WAAO,WAAW;AAAA,EACpB,WAAW,OAAO,aAAa,WAAW,OAAO,aAAa,UAAU;AACtE,WAAO;AAAA,EACT;AAEA,SAAO,WAAW;AAClB,SAAO,SAAS;AAChB,SAAO,OAAO;AACd,SAAO,OAAO,SAAS;AACzB;AAEA,eAAsB,qBACpB,KACA,YAAoB,8BACY;AAChC,QAAM,YAAY,wBAAwB,GAAG;AAC7C,MAAI,CAAC,WAAW;AACd,WAAO;AAAA,EACT;AAEA,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,QAAQ,WAAW,MAAM,WAAW,MAAM,GAAG,SAAS;AAE5D,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,WAAW;AAAA,MACtC,QAAQ;AAAA,MACR,QAAQ,WAAW;AAAA,MACnB,SAAS;AAAA,QACP,QAAQ;AAAA,MACV;AAAA,IACF,CAAC;AAED,QAAI,SAAS,IAAI;AACf,aAAO;AAAA,IACT;AAEA,QACE,SAAS,WAAW,OACpB,SAAS,WAAW,OACpB,SAAS,WAAW,OACpB,SAAS,WAAW,OACpB,SAAS,WAAW,KACpB;AACA,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT,UAAE;AACA,iBAAa,KAAK;AAAA,EACpB;AACF;AAMA,eAAsB,sBACpB,KACA,YAAoB,8BACF;AAClB,MAAI;AACJ,MAAI;AACJ,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,IAAI,QAAQ,OAAO,MAAM,CAAC;AACjD,eAAW,OAAO;AAClB,WAAO,SAAS,OAAO,MAAM,EAAE;AAAA,EACjC,QAAQ;AACN,WAAO;AAAA,EACT;AACA,MAAI,CAAC,QAAQ,CAAC,OAAO,SAAS,IAAI,EAAG,QAAO;AAE5C,SAAO,IAAI,QAAiB,CAACA,aAAY;AACvC,UAAM,SAAa,qBAAiB,EAAE,MAAM,UAAU,KAAK,CAAC;AAC5D,UAAM,QAAQ,WAAW,MAAM;AAC7B,aAAO,QAAQ;AACf,MAAAA,SAAQ,KAAK;AAAA,IACf,GAAG,SAAS;AAEZ,WAAO,KAAK,WAAW,MAAM;AAC3B,mBAAa,KAAK;AAClB,aAAO,QAAQ;AACf,MAAAA,SAAQ,IAAI;AAAA,IACd,CAAC;AACD,WAAO,KAAK,SAAS,MAAM;AACzB,mBAAa,KAAK;AAClB,aAAO,QAAQ;AACf,MAAAA,SAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH,CAAC;AACH;AAsBA,eAAsB,2BACpB,KACA,YAAoB,8BACF;AAClB,QAAM,eAAe,MAAM,qBAAqB,KAAK,SAAS;AAC9D,MAAI,iBAAiB,SAAS;AAC5B,WAAO;AAAA,EACT;AAEA,MAAI,iBAAiB,eAAe;AAClC,WAAO,sBAAsB,KAAK,SAAS;AAAA,EAC7C;AAEA,SAAO;AACT;;;AD1NA,IAAM,0BAA0B;AAChC,IAAM,qBAAqB;AAC3B,IAAM,uBAAuB;AACtB,IAAM,sBAAsB;AAanC,SAAS,aAAa,OAAuB;AAC3C,SAAO,MAAM,QAAQ,OAAO,EAAE;AAChC;AAEA,SAAS,YACP,QACA,MACA,QACM;AACN,MACE,OAAO,eAAe,UAAU,WAChC,OAAO,eAAe,UAAU,QAChC;AACA;AAAA,EACF;AAEA,MAAI;AACF,WAAO,MAAM,MAAM,MAAM;AAAA,EAC3B,QAAQ;AAAA,EAER;AACF;AAEA,SAAS,cAAc,MAAgB,OAAe,MAAsB;AAC1E,QAAM,UAAU,KAAK,KAAK,KAAK;AAC/B,QAAM,UAAU,QAAQ,QAAQ,GAAG;AACnC,MAAI,WAAW,GAAG;AAChB,WAAO,QAAQ,MAAM,UAAU,CAAC;AAAA,EAClC;AAEA,QAAM,OAAO,KAAK,QAAQ,CAAC;AAC3B,MAAI,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG;AAClC,UAAM,IAAI,MAAM,qBAAqB,IAAI,EAAE;AAAA,EAC7C;AACA,SAAO;AACT;AAEO,SAAS,oBAAoB,MAAgC;AAClE,MAAI,YAAY,QAAQ,IAAI,wBAAwB,KAAK,KAAK;AAC9D,MAAI,cAAc,QAAQ,IAAI,0BAA0B,KAAK,KAAK;AAClE,MAAI,YAAY,QAAQ,IAAI,wBAAwB,KAAK,KAAK;AAC9D,MAAI,QAAQ,QAAQ,IAAI,mBAAmB,KAAK,KAAK;AAErD,WAAS,QAAQ,GAAG,QAAQ,KAAK,QAAQ,SAAS,GAAG;AACnD,UAAM,OAAO,KAAK,KAAK,KAAK;AAC5B,UAAM,eAAe,CAAC,KAAK,SAAS,GAAG;AAEvC,QAAI,KAAK,WAAW,cAAc,GAAG;AACnC,kBAAY,cAAc,MAAM,OAAO,cAAc,EAAE,KAAK;AAC5D,UAAI,aAAc,UAAS;AAC3B;AAAA,IACF;AAEA,QAAI,KAAK,WAAW,gBAAgB,GAAG;AACrC,oBAAc,cAAc,MAAM,OAAO,gBAAgB,EAAE,KAAK;AAChE,UAAI,aAAc,UAAS;AAC3B;AAAA,IACF;AAEA,QAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,cAAQ,cAAc,MAAM,OAAO,SAAS,EAAE,KAAK;AACnD,UAAI,aAAc,UAAS;AAC3B;AAAA,IACF;AAEA,QAAI,KAAK,WAAW,cAAc,GAAG;AACnC,kBAAY,cAAc,MAAM,OAAO,cAAc,EAAE,KAAK;AAC5D,UAAI,aAAc,UAAS;AAC3B;AAAA,IACF;AAAA,EACF;AAEA,MAAI,WAAW;AACb,YAAQ,aAAa,WAAW,MAAM,EAAE,KAAK;AAAA,EAC/C;AAEA,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AACA,MAAI,CAAC,aAAa;AAChB,UAAM,IAAI,MAAM,8BAA8B;AAAA,EAChD;AACA,MAAI,CAAC,OAAO;AACV,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAEA,QAAM,SAAS,IAAI,IAAI,SAAS;AAChC,QAAM,WAAW,IAAI,IAAI,WAAW;AACpC,MAAI,CAAC,UAAU,KAAK,OAAO,QAAQ,GAAG;AACpC,UAAM,IAAI,MAAM,wCAAwC,OAAO,QAAQ,EAAE;AAAA,EAC3E;AACA,MAAI,CAAC,UAAU,KAAK,SAAS,QAAQ,GAAG;AACtC,UAAM,IAAI;AAAA,MACR,0CAA0C,SAAS,QAAQ;AAAA,IAC7D;AAAA,EACF;AAEA,SAAO;AAAA,IACL,WAAW,aAAa,OAAO,SAAS,CAAC;AAAA,IACzC,aAAa,aAAa,SAAS,SAAS,CAAC;AAAA,IAC7C;AAAA,EACF;AACF;AAEA,SAAS,YACP,gBACA,eACS;AACT,MAAI,CAAC,gBAAgB;AACnB,WAAO;AAAA,EACT;AAEA,QAAM,YAAY,OAAO,KAAK,gBAAgB,MAAM;AACpD,QAAM,WAAW,OAAO,KAAK,eAAe,MAAM;AAClD,MAAI,UAAU,WAAW,SAAS,QAAQ;AACxC,WAAO;AAAA,EACT;AAEA,SAAO,gBAAgB,WAAW,QAAQ;AAC5C;AAEA,eAAe,OAAsB;AACnC,QAAM,UAAU,oBAAoB,QAAQ,KAAK,MAAM,CAAC,CAAC;AACzD,QAAM,UAAU,MAAM,mBAAmB,OAAO;AAEhD,QAAM,WAAW,MAAM;AACrB,SAAK,QAAQ,MAAM,EAAE,QAAQ,MAAM;AACjC,cAAQ,KAAK,CAAC;AAAA,IAChB,CAAC;AAAA,EACH;AAEA,UAAQ,GAAG,UAAU,QAAQ;AAC7B,UAAQ,GAAG,WAAW,QAAQ;AAChC;AAEA,SAAS,UACP,UACA,YACA,MACM;AACN,WAAS,aAAa;AACtB,WAAS,UAAU,gBAAgB,kBAAkB;AACrD,WAAS,IAAI,KAAK,UAAU,IAAI,CAAC;AACnC;AAEA,SAAS,qBAAqB,UAAgC;AAC5D,WAAS,aAAa;AACtB,WAAS,UAAU,cAAc,SAAS;AAC1C,WAAS,UAAU,WAAW,WAAW;AACzC,WAAS,IAAI,kBAAkB;AACjC;AAEA,SAAS,cAAc,UAAgC;AACrD,WAAS,aAAa;AACtB,WAAS,IAAI,WAAW;AAC1B;AAEA,SAAS,cAAc,QAAgB,YAA0B;AAC/D,SAAO;AAAA,IACL,YAAY,UAAU,IAAI,eAAe,MAAM,cAAc,aAAa;AAAA;AAAA;AAAA,EAC5E;AACA,SAAO,QAAQ;AACjB;AAMA,SAAS,kBAAkB,KAAsB;AAC/C,MAAI,IAAI,SAAS,IAAI,EAAG,QAAO;AAE/B,MAAI,OAAO,KAAK,GAAG,KAAK,IAAI,QAAQ,SAAS,GAAG,EAAE,SAAS,IAAI,EAAG,QAAO;AACzE,SAAO;AACT;AAEA,SAAS,cAAc,WAAmB,SAAmC;AAC3E,QAAM,aAAa,IAAI;AAAA,IACrB,QAAQ,OAAO;AAAA,IACf,UAAU,QAAQ,OAAO,MAAM;AAAA,EACjC;AACA,QAAM,aAAa,IAAI,IAAI,SAAS,EAAE;AACtC,SAAO,WAAW,cAAc,cAAc;AAChD;AAEA,eAAe,oBACb,UACA,SACe;AACf,QAAM,QAAQ,MAAM,2BAA2B,QAAQ,WAAW;AAClE,YAAU,UAAU,QAAQ,MAAM,KAAK,EAAE,IAAI,MAAM,CAAC;AACtD;AAEA,eAAsB,mBACpB,SACyB;AACzB,QAAM,SAAS,IAAI,IAAI,QAAQ,SAAS;AACxC,QAAM,OAAO,OAAO,aAAa,cAAc,cAAc,OAAO;AACpE,QAAM,OAAO,OAAO,SAAS,OAAO,MAAM,EAAE;AAC5C,MAAI,CAAC,OAAO,SAAS,IAAI,KAAK,QAAQ,GAAG;AACvC,UAAM,IAAI;AAAA,MACR,iDAAiD,QAAQ,SAAS;AAAA,IACpE;AAAA,EACF;AAEA,QAAM,WAAW,IAAI,gBAAgB;AAAA,IACnC,UAAU;AAAA,IACV,mBAAmB;AAAA,EACrB,CAAC;AAED,WAAS,GAAG,cAAc,CAAC,QAAmB,YAA6B;AAIzE,UAAM,YACJ,QAAQ,QAAQ,wBAAwB,GACpC,MAAM,GAAG,EACV,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC;AAC9B,UAAM,eAAe,UAAU;AAAA,MAAK,CAAC,MACnC,EAAE,WAAW,uBAAuB;AAAA,IACtC;AACA,UAAM,mBACJ,cAAc,MAAM,wBAAwB,MAAM,KAAK;AAGzD,UAAM,aAAa,IAAI,IAAI,QAAQ,OAAO,KAAK,QAAQ,SAAS;AAChE,UAAM,aAAa,WAAW,aAAa,IAAI,WAAW;AAE1D,UAAM,iBAAiB,oBAAoB;AAC3C,QAAI,CAAC,YAAY,gBAAgB,QAAQ,KAAK,GAAG;AAC/C,kBAAY,QAAQ,oBAAoB,cAAc;AACtD;AAAA,IACF;AAEA,UAAM,WAAW,IAAI,UAAU,QAAQ,aAAa;AAAA,MAClD,mBAAmB;AAAA,IACrB,CAAC;AAED,aAAS,GAAG,WAAW,CAAC,MAAe,aAAsB;AAC3D,UAAI,OAAO,eAAe,UAAU,MAAM;AACxC,eAAO,KAAK,MAAM,EAAE,QAAQ,SAAS,CAAC;AAAA,MACxC;AAAA,IACF,CAAC;AAED,WAAO,GAAG,WAAW,CAAC,MAAe,aAAsB;AACzD,UAAI,SAAS,eAAe,UAAU,MAAM;AAC1C,iBAAS,KAAK,MAAM,EAAE,QAAQ,SAAS,CAAC;AAAA,MAC1C;AAAA,IACF,CAAC;AAED,aAAS,GAAG,SAAS,CAAC,MAAc,iBAAyB;AAC3D,YAAM,SAAS,aAAa,SAAS,KAAK;AAC1C,kBAAY,QAAQ,QAAQ,KAAM,MAAM;AAAA,IAC1C,CAAC;AAED,WAAO,GAAG,SAAS,CAAC,MAAc,iBAAyB;AACzD,YAAM,SAAS,aAAa,SAAS,KAAK;AAC1C,kBAAY,UAAU,QAAQ,KAAM,MAAM;AAAA,IAC5C,CAAC;AAED,aAAS,GAAG,SAAS,CAAC,UAAiB;AACrC,cAAQ,MAAM,kCAAkC,OAAO,KAAK,CAAC,EAAE;AAC/D,kBAAY,QAAQ,sBAAsB,sBAAsB;AAChE,kBAAY,UAAU,sBAAsB,sBAAsB;AAAA,IACpE,CAAC;AAED,WAAO,GAAG,SAAS,CAAC,UAAiB;AACnC,cAAQ,MAAM,gCAAgC,OAAO,KAAK,CAAC,EAAE;AAC7D,kBAAY,UAAU,MAAM,cAAc;AAAA,IAC5C,CAAC;AAAA,EACH,CAAC;AAED,QAAM,aAAa,IAAI,IAAI,QAAQ,SAAS,EAAE,YAAY;AAE1D,QAAM,SAAS,aAAa,OAAO,SAAS,aAAa;AACvD,UAAM,aAAa,IAAI;AAAA,MACrB,QAAQ,OAAO;AAAA,MACf,QAAQ,UAAU,QAAQ,OAAO,MAAM;AAAA,IACzC;AAIA,QAAI,kBAAkB,QAAQ,OAAO,EAAE,GAAG;AACxC,oBAAc,QAAQ;AACtB;AAAA,IACF;AAEA,QACE,QAAQ,WAAW,SACnB,WAAW,aAAa,qBACxB;AACA,YAAM,oBAAoB,UAAU,OAAO;AAC3C;AAAA,IACF;AAEA,QAAI,WAAW,aAAa,YAAY;AACtC,2BAAqB,QAAQ;AAC7B;AAAA,IACF;AAEA,kBAAc,QAAQ;AAAA,EACxB,CAAC;AAED,SAAO,GAAG,WAAW,CAAC,SAAS,QAAQ,SAAS;AAE9C,QAAI,kBAAkB,QAAQ,OAAO,EAAE,GAAG;AACxC,oBAAc,QAAQ,GAAG;AACzB;AAAA,IACF;AAEA,QAAI,CAAC,cAAc,QAAQ,WAAW,OAAO,GAAG;AAC9C,oBAAc,QAAQ,GAAG;AACzB;AAAA,IACF;AAEA,aAAS,cAAc,SAAS,QAAQ,MAAM,CAAC,WAAW;AACxD,eAAS,KAAK,cAAc,QAAQ,OAAO;AAAA,IAC7C,CAAC;AAAA,EACH,CAAC;AAED,QAAM,IAAI,QAAc,CAAC,gBAAgB,kBAAkB;AACzD,WAAO,KAAK,SAAS,aAAa;AAClC,WAAO,OAAO,MAAM,MAAM,MAAM;AAC9B,aAAO,IAAI,SAAS,aAAa;AACjC,cAAQ;AAAA,QACN,4BAA4B,QAAQ,SAAS,OAAO,QAAQ,WAAW;AAAA,MACzE;AACA,qBAAe;AAAA,IACjB,CAAC;AAAA,EACH,CAAC;AAED,SAAO;AAAA,IACL;AAAA,IACA,QAAQ;AACN,aAAO,IAAI,QAAc,CAAC,mBAAmB;AAC3C,eAAO,MAAM,MAAM;AACjB,mBAAS,MAAM,MAAM,eAAe,CAAC;AAAA,QACvC,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,EACF;AACF;AAEA,SAAS,oBAA6B;AACpC,QAAM,QAAQ,QAAQ,KAAK,CAAC;AAC5B,MAAI,CAAC,MAAO,QAAO;AACnB,SAAO,YAAY,QAAQ,cAAc,QAAQ,KAAK,CAAC,EAAE;AAC3D;AAEA,IAAI,kBAAkB,GAAG;AACvB,OAAK,EAAE,MAAM,CAAC,UAAU;AACtB,YAAQ;AAAA,MACN,iBAAiB,QAAS,MAAM,SAAS,MAAM,UAAW,OAAO,KAAK;AAAA,IACxE;AACA,YAAQ,KAAK,CAAC;AAAA,EAChB,CAAC;AACH;","names":["resolve"]}
|
|
1
|
+
{"version":3,"sources":["../../src/bridges/codex-app-server-auth-gateway.ts","../../src/engine/bridge-app-server-health.ts"],"mappings":";AAAA;AAAA,EACE;AAAA,OAIK;AACP,SAAS,oBAAoB;AAC7B,SAAS,UAAU,eAAe;AAElC,SAAS,qBAAqB;AAC9B,SAAS,uBAAuB;AAChC,SAAS,WAAW,uBAAqC;;;ACXzD,YAAY,SAAS;AAkBd,IAAM,+BAA+B;AAErC,IAAM,yBAAyB;AA0E/B,SAAS,wBAAwB,KAA4B;AAClE,MAAI;AACJ,MAAI;AACF,aAAS,IAAI,IAAI,GAAG;AAAA,EACtB,QAAQ;AACN,WAAO;AAAA,EACT;AAEA,MAAI,OAAO,aAAa,OAAO;AAC7B,WAAO,WAAW;AAAA,EACpB,WAAW,OAAO,aAAa,QAAQ;AACrC,WAAO,WAAW;AAAA,EACpB,WAAW,OAAO,aAAa,WAAW,OAAO,aAAa,UAAU;AACtE,WAAO;AAAA,EACT;AAEA,SAAO,WAAW;AAClB,SAAO,SAAS;AAChB,SAAO,OAAO;AACd,SAAO,OAAO,SAAS;AACzB;AAEA,eAAsB,qBACpB,KACA,YAAoB,8BACY;AAChC,QAAM,YAAY,wBAAwB,GAAG;AAC7C,MAAI,CAAC,WAAW;AACd,WAAO;AAAA,EACT;AAEA,QAAM,aAAa,IAAI,gBAAgB;AACvC,QAAM,QAAQ,WAAW,MAAM,WAAW,MAAM,GAAG,SAAS;AAE5D,MAAI;AACF,UAAM,WAAW,MAAM,MAAM,WAAW;AAAA,MACtC,QAAQ;AAAA,MACR,QAAQ,WAAW;AAAA,MACnB,SAAS;AAAA,QACP,QAAQ;AAAA,MACV;AAAA,IACF,CAAC;AAED,QAAI,SAAS,IAAI;AACf,aAAO;AAAA,IACT;AAEA,QACE,SAAS,WAAW,OACpB,SAAS,WAAW,OACpB,SAAS,WAAW,OACpB,SAAS,WAAW,OACpB,SAAS,WAAW,KACpB;AACA,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT,UAAE;AACA,iBAAa,KAAK;AAAA,EACpB;AACF;AAMA,eAAsB,sBACpB,KACA,YAAoB,8BACF;AAClB,MAAI;AACJ,MAAI;AACJ,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,IAAI,QAAQ,OAAO,MAAM,CAAC;AACjD,eAAW,OAAO;AAClB,WAAO,SAAS,OAAO,MAAM,EAAE;AAAA,EACjC,QAAQ;AACN,WAAO;AAAA,EACT;AACA,MAAI,CAAC,QAAQ,CAAC,OAAO,SAAS,IAAI,EAAG,QAAO;AAE5C,SAAO,IAAI,QAAiB,CAACA,aAAY;AACvC,UAAM,SAAa,qBAAiB,EAAE,MAAM,UAAU,KAAK,CAAC;AAC5D,UAAM,QAAQ,WAAW,MAAM;AAC7B,aAAO,QAAQ;AACf,MAAAA,SAAQ,KAAK;AAAA,IACf,GAAG,SAAS;AAEZ,WAAO,KAAK,WAAW,MAAM;AAC3B,mBAAa,KAAK;AAClB,aAAO,QAAQ;AACf,MAAAA,SAAQ,IAAI;AAAA,IACd,CAAC;AACD,WAAO,KAAK,SAAS,MAAM;AACzB,mBAAa,KAAK;AAClB,aAAO,QAAQ;AACf,MAAAA,SAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH,CAAC;AACH;AAsBA,eAAsB,2BACpB,KACA,YAAoB,8BACF;AAClB,QAAM,eAAe,MAAM,qBAAqB,KAAK,SAAS;AAC9D,MAAI,iBAAiB,SAAS;AAC5B,WAAO;AAAA,EACT;AAEA,MAAI,iBAAiB,eAAe;AAClC,WAAO,sBAAsB,KAAK,SAAS;AAAA,EAC7C;AAEA,SAAO;AACT;;;AD1NA,IAAM,0BAA0B;AAChC,IAAM,qBAAqB;AAC3B,IAAM,uBAAuB;AACtB,IAAM,sBAAsB;AAanC,SAAS,aAAa,OAAuB;AAC3C,SAAO,MAAM,QAAQ,OAAO,EAAE;AAChC;AAEA,SAAS,YACP,QACA,MACA,QACM;AACN,MACE,OAAO,eAAe,UAAU,WAChC,OAAO,eAAe,UAAU,QAChC;AACA;AAAA,EACF;AAEA,MAAI;AACF,WAAO,MAAM,MAAM,MAAM;AAAA,EAC3B,QAAQ;AAAA,EAER;AACF;AAEA,SAAS,cAAc,MAAgB,OAAe,MAAsB;AAC1E,QAAM,UAAU,KAAK,KAAK,KAAK;AAC/B,QAAM,UAAU,QAAQ,QAAQ,GAAG;AACnC,MAAI,WAAW,GAAG;AAChB,WAAO,QAAQ,MAAM,UAAU,CAAC;AAAA,EAClC;AAEA,QAAM,OAAO,KAAK,QAAQ,CAAC;AAC3B,MAAI,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG;AAClC,UAAM,IAAI,MAAM,qBAAqB,IAAI,EAAE;AAAA,EAC7C;AACA,SAAO;AACT;AAEO,SAAS,oBAAoB,MAAgC;AAClE,MAAI,YAAY,QAAQ,IAAI,wBAAwB,KAAK,KAAK;AAC9D,MAAI,cAAc,QAAQ,IAAI,0BAA0B,KAAK,KAAK;AAClE,MAAI,YAAY,QAAQ,IAAI,wBAAwB,KAAK,KAAK;AAC9D,MAAI,QAAQ,QAAQ,IAAI,mBAAmB,KAAK,KAAK;AAErD,WAAS,QAAQ,GAAG,QAAQ,KAAK,QAAQ,SAAS,GAAG;AACnD,UAAM,OAAO,KAAK,KAAK,KAAK;AAC5B,UAAM,eAAe,CAAC,KAAK,SAAS,GAAG;AAEvC,QAAI,KAAK,WAAW,cAAc,GAAG;AACnC,kBAAY,cAAc,MAAM,OAAO,cAAc,EAAE,KAAK;AAC5D,UAAI,aAAc,UAAS;AAC3B;AAAA,IACF;AAEA,QAAI,KAAK,WAAW,gBAAgB,GAAG;AACrC,oBAAc,cAAc,MAAM,OAAO,gBAAgB,EAAE,KAAK;AAChE,UAAI,aAAc,UAAS;AAC3B;AAAA,IACF;AAEA,QAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,cAAQ,cAAc,MAAM,OAAO,SAAS,EAAE,KAAK;AACnD,UAAI,aAAc,UAAS;AAC3B;AAAA,IACF;AAEA,QAAI,KAAK,WAAW,cAAc,GAAG;AACnC,kBAAY,cAAc,MAAM,OAAO,cAAc,EAAE,KAAK;AAC5D,UAAI,aAAc,UAAS;AAC3B;AAAA,IACF;AAAA,EACF;AAEA,MAAI,WAAW;AACb,YAAQ,aAAa,WAAW,MAAM,EAAE,KAAK;AAAA,EAC/C;AAEA,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AACA,MAAI,CAAC,aAAa;AAChB,UAAM,IAAI,MAAM,8BAA8B;AAAA,EAChD;AACA,MAAI,CAAC,OAAO;AACV,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAEA,QAAM,SAAS,IAAI,IAAI,SAAS;AAChC,QAAM,WAAW,IAAI,IAAI,WAAW;AACpC,MAAI,CAAC,UAAU,KAAK,OAAO,QAAQ,GAAG;AACpC,UAAM,IAAI,MAAM,wCAAwC,OAAO,QAAQ,EAAE;AAAA,EAC3E;AACA,MAAI,CAAC,UAAU,KAAK,SAAS,QAAQ,GAAG;AACtC,UAAM,IAAI;AAAA,MACR,0CAA0C,SAAS,QAAQ;AAAA,IAC7D;AAAA,EACF;AAEA,SAAO;AAAA,IACL,WAAW,aAAa,OAAO,SAAS,CAAC;AAAA,IACzC,aAAa,aAAa,SAAS,SAAS,CAAC;AAAA,IAC7C;AAAA,EACF;AACF;AAEA,SAAS,YACP,gBACA,eACS;AACT,MAAI,CAAC,gBAAgB;AACnB,WAAO;AAAA,EACT;AAEA,QAAM,YAAY,OAAO,KAAK,gBAAgB,MAAM;AACpD,QAAM,WAAW,OAAO,KAAK,eAAe,MAAM;AAClD,MAAI,UAAU,WAAW,SAAS,QAAQ;AACxC,WAAO;AAAA,EACT;AAEA,SAAO,gBAAgB,WAAW,QAAQ;AAC5C;AAEA,eAAe,OAAsB;AACnC,QAAM,UAAU,oBAAoB,QAAQ,KAAK,MAAM,CAAC,CAAC;AACzD,QAAM,UAAU,MAAM,mBAAmB,OAAO;AAEhD,QAAM,WAAW,MAAM;AACrB,SAAK,QAAQ,MAAM,EAAE,QAAQ,MAAM;AACjC,cAAQ,KAAK,CAAC;AAAA,IAChB,CAAC;AAAA,EACH;AAEA,UAAQ,GAAG,UAAU,QAAQ;AAC7B,UAAQ,GAAG,WAAW,QAAQ;AAChC;AAEA,SAAS,UACP,UACA,YACA,MACM;AACN,WAAS,aAAa;AACtB,WAAS,UAAU,gBAAgB,kBAAkB;AACrD,WAAS,IAAI,KAAK,UAAU,IAAI,CAAC;AACnC;AAEA,SAAS,qBAAqB,UAAgC;AAC5D,WAAS,aAAa;AACtB,WAAS,UAAU,cAAc,SAAS;AAC1C,WAAS,UAAU,WAAW,WAAW;AACzC,WAAS,IAAI,kBAAkB;AACjC;AAEA,SAAS,cAAc,UAAgC;AACrD,WAAS,aAAa;AACtB,WAAS,IAAI,WAAW;AAC1B;AAEA,SAAS,cAAc,QAAgB,YAA0B;AAC/D,SAAO;AAAA,IACL,YAAY,UAAU,IAAI,eAAe,MAAM,cAAc,aAAa;AAAA;AAAA;AAAA,EAC5E;AACA,SAAO,QAAQ;AACjB;AAMA,SAAS,kBAAkB,KAAsB;AAC/C,MAAI,IAAI,SAAS,IAAI,EAAG,QAAO;AAE/B,MAAI,OAAO,KAAK,GAAG,KAAK,IAAI,QAAQ,SAAS,GAAG,EAAE,SAAS,IAAI,EAAG,QAAO;AACzE,SAAO;AACT;AAEA,SAAS,cAAc,WAAmB,SAAmC;AAC3E,QAAM,aAAa,IAAI;AAAA,IACrB,QAAQ,OAAO;AAAA,IACf,UAAU,QAAQ,OAAO,MAAM;AAAA,EACjC;AACA,QAAM,aAAa,IAAI,IAAI,SAAS,EAAE;AACtC,SAAO,WAAW,cAAc,cAAc;AAChD;AAEA,eAAe,oBACb,UACA,SACe;AACf,QAAM,QAAQ,MAAM,2BAA2B,QAAQ,WAAW;AAClE,YAAU,UAAU,QAAQ,MAAM,KAAK,EAAE,IAAI,MAAM,CAAC;AACtD;AAEA,eAAsB,mBACpB,SACyB;AACzB,QAAM,SAAS,IAAI,IAAI,QAAQ,SAAS;AACxC,QAAM,OAAO,OAAO,aAAa,cAAc,cAAc,OAAO;AACpE,QAAM,OAAO,OAAO,SAAS,OAAO,MAAM,EAAE;AAC5C,MAAI,CAAC,OAAO,SAAS,IAAI,KAAK,QAAQ,GAAG;AACvC,UAAM,IAAI;AAAA,MACR,iDAAiD,QAAQ,SAAS;AAAA,IACpE;AAAA,EACF;AAEA,QAAM,WAAW,IAAI,gBAAgB;AAAA,IACnC,UAAU;AAAA,IACV,mBAAmB;AAAA,EACrB,CAAC;AAED,WAAS,GAAG,cAAc,CAAC,QAAmB,YAA6B;AAIzE,UAAM,YACJ,QAAQ,QAAQ,wBAAwB,GACpC,MAAM,GAAG,EACV,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC;AAC9B,UAAM,eAAe,UAAU;AAAA,MAAK,CAAC,MACnC,EAAE,WAAW,uBAAuB;AAAA,IACtC;AACA,UAAM,mBACJ,cAAc,MAAM,wBAAwB,MAAM,KAAK;AAGzD,UAAM,aAAa,IAAI,IAAI,QAAQ,OAAO,KAAK,QAAQ,SAAS;AAChE,UAAM,aAAa,WAAW,aAAa,IAAI,WAAW;AAE1D,UAAM,iBAAiB,oBAAoB;AAC3C,QAAI,CAAC,YAAY,gBAAgB,QAAQ,KAAK,GAAG;AAC/C,kBAAY,QAAQ,oBAAoB,cAAc;AACtD;AAAA,IACF;AAEA,YAAQ;AAAA,MACN,4CAA4C,QAAQ,OAAO,iBAAiB,SAAS,OAAO,QAAQ,WAAW;AAAA,IACjH;AAEA,UAAM,WAAW,IAAI,UAAU,QAAQ,aAAa;AAAA,MAClD,mBAAmB;AAAA,IACrB,CAAC;AAED,aAAS,GAAG,QAAQ,MAAM;AACxB,cAAQ,IAAI,qCAAqC,QAAQ,WAAW,EAAE;AAAA,IACxE,CAAC;AAED,aAAS,GAAG,WAAW,CAAC,MAAe,aAAsB;AAC3D,UAAI,OAAO,eAAe,UAAU,MAAM;AACxC,eAAO,KAAK,MAAM,EAAE,QAAQ,SAAS,CAAC;AAAA,MACxC;AAAA,IACF,CAAC;AAED,WAAO,GAAG,WAAW,CAAC,MAAe,aAAsB;AACzD,UAAI,SAAS,eAAe,UAAU,MAAM;AAC1C,iBAAS,KAAK,MAAM,EAAE,QAAQ,SAAS,CAAC;AAAA,MAC1C;AAAA,IACF,CAAC;AAED,aAAS,GAAG,SAAS,CAAC,MAAc,iBAAyB;AAC3D,YAAM,SAAS,aAAa,SAAS,KAAK;AAC1C,cAAQ;AAAA,QACN,uCAAuC,QAAQ,GAAI,WAAW,MAAM;AAAA,MACtE;AACA,kBAAY,QAAQ,QAAQ,KAAM,MAAM;AAAA,IAC1C,CAAC;AAED,WAAO,GAAG,SAAS,CAAC,MAAc,iBAAyB;AACzD,YAAM,SAAS,aAAa,SAAS,KAAK;AAC1C,cAAQ;AAAA,QACN,qCAAqC,QAAQ,GAAI,WAAW,MAAM;AAAA,MACpE;AACA,kBAAY,UAAU,QAAQ,KAAM,MAAM;AAAA,IAC5C,CAAC;AAED,aAAS,GAAG,SAAS,CAAC,UAAiB;AACrC,cAAQ,MAAM,kCAAkC,OAAO,KAAK,CAAC,EAAE;AAC/D,kBAAY,QAAQ,sBAAsB,sBAAsB;AAChE,kBAAY,UAAU,sBAAsB,sBAAsB;AAAA,IACpE,CAAC;AAED,WAAO,GAAG,SAAS,CAAC,UAAiB;AACnC,cAAQ,MAAM,gCAAgC,OAAO,KAAK,CAAC,EAAE;AAC7D,kBAAY,UAAU,MAAM,cAAc;AAAA,IAC5C,CAAC;AAAA,EACH,CAAC;AAED,QAAM,aAAa,IAAI,IAAI,QAAQ,SAAS,EAAE,YAAY;AAE1D,QAAM,SAAS,aAAa,OAAO,SAAS,aAAa;AACvD,UAAM,aAAa,IAAI;AAAA,MACrB,QAAQ,OAAO;AAAA,MACf,QAAQ,UAAU,QAAQ,OAAO,MAAM;AAAA,IACzC;AAIA,QAAI,kBAAkB,QAAQ,OAAO,EAAE,GAAG;AACxC,oBAAc,QAAQ;AACtB;AAAA,IACF;AAEA,QACE,QAAQ,WAAW,SACnB,WAAW,aAAa,qBACxB;AACA,YAAM,oBAAoB,UAAU,OAAO;AAC3C;AAAA,IACF;AAEA,QAAI,WAAW,aAAa,YAAY;AACtC,2BAAqB,QAAQ;AAC7B;AAAA,IACF;AAEA,kBAAc,QAAQ;AAAA,EACxB,CAAC;AAED,SAAO,GAAG,WAAW,CAAC,SAAS,QAAQ,SAAS;AAE9C,QAAI,kBAAkB,QAAQ,OAAO,EAAE,GAAG;AACxC,oBAAc,QAAQ,GAAG;AACzB;AAAA,IACF;AAEA,QAAI,CAAC,cAAc,QAAQ,WAAW,OAAO,GAAG;AAC9C,oBAAc,QAAQ,GAAG;AACzB;AAAA,IACF;AAEA,aAAS,cAAc,SAAS,QAAQ,MAAM,CAAC,WAAW;AACxD,eAAS,KAAK,cAAc,QAAQ,OAAO;AAAA,IAC7C,CAAC;AAAA,EACH,CAAC;AAED,QAAM,IAAI,QAAc,CAAC,gBAAgB,kBAAkB;AACzD,WAAO,KAAK,SAAS,aAAa;AAClC,WAAO,OAAO,MAAM,MAAM,MAAM;AAC9B,aAAO,IAAI,SAAS,aAAa;AACjC,cAAQ;AAAA,QACN,4BAA4B,QAAQ,SAAS,OAAO,QAAQ,WAAW;AAAA,MACzE;AACA,qBAAe;AAAA,IACjB,CAAC;AAAA,EACH,CAAC;AAED,SAAO;AAAA,IACL;AAAA,IACA,QAAQ;AACN,aAAO,IAAI,QAAc,CAAC,mBAAmB;AAC3C,eAAO,MAAM,MAAM;AACjB,mBAAS,MAAM,MAAM,eAAe,CAAC;AAAA,QACvC,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,EACF;AACF;AAEA,SAAS,oBAA6B;AACpC,QAAM,QAAQ,QAAQ,KAAK,CAAC;AAC5B,MAAI,CAAC,MAAO,QAAO;AACnB,MAAI,CAAC,SAAS,KAAK,EAAE,WAAW,+BAA+B,GAAG;AAChE,WAAO;AAAA,EACT;AACA,SAAO,YAAY,QAAQ,cAAc,QAAQ,KAAK,CAAC,EAAE;AAC3D;AAEA,IAAI,kBAAkB,GAAG;AACvB,OAAK,EAAE,MAAM,CAAC,UAAU;AACtB,YAAQ;AAAA,MACN,iBAAiB,QAAS,MAAM,SAAS,MAAM,UAAW,OAAO,KAAK;AAAA,IACxE;AACA,YAAQ,KAAK,CAAC;AAAA,EAChB,CAAC;AACH;","names":["resolve"]}
|