@ic402/mcp 2.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +190 -0
- package/README.md +326 -0
- package/dist/guards.d.ts +79 -0
- package/dist/guards.js +233 -0
- package/dist/guards.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.js +1216 -0
- package/dist/index.js.map +1 -0
- package/dist/security.d.ts +71 -0
- package/dist/security.js +190 -0
- package/dist/security.js.map +1 -0
- package/package.json +38 -0
package/dist/guards.js
ADDED
|
@@ -0,0 +1,233 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Spend caps, config-escalation guard, dangerous-tool gate, and safe amount parsing
|
|
3
|
+
* for the ic402 MCP server.
|
|
4
|
+
*
|
|
5
|
+
* Extracted from index.ts so the security-critical decisions are pure and unit-testable
|
|
6
|
+
* (see test/mcp-guards.test.ts). The MCP is driven by a possibly prompt-injected LLM
|
|
7
|
+
* while holding a controller identity, so these guards are the last line between the
|
|
8
|
+
* model and value movement.
|
|
9
|
+
*/
|
|
10
|
+
/**
|
|
11
|
+
* Parse a token amount (atomic units) from untrusted input into a bigint, REJECTING
|
|
12
|
+
* floats and JS numbers that have already lost precision. C5: `value: z.number()`
|
|
13
|
+
* silently truncated uint256 amounts above 2^53; callers must pass amounts as decimal
|
|
14
|
+
* strings, and an unsafe number is rejected (not silently used).
|
|
15
|
+
*/
|
|
16
|
+
export function parseAtomicAmount(input, field = 'amount') {
|
|
17
|
+
if (typeof input === 'bigint') {
|
|
18
|
+
if (input < 0n)
|
|
19
|
+
throw new Error(`Invalid negative ${field}: ${input}`);
|
|
20
|
+
return input;
|
|
21
|
+
}
|
|
22
|
+
if (typeof input === 'string') {
|
|
23
|
+
const t = input.trim();
|
|
24
|
+
if (!/^\d+$/.test(t)) {
|
|
25
|
+
throw new Error(`Invalid ${field}: ${JSON.stringify(input)} (expected a non-negative integer string)`);
|
|
26
|
+
}
|
|
27
|
+
return BigInt(t);
|
|
28
|
+
}
|
|
29
|
+
if (typeof input === 'number') {
|
|
30
|
+
if (!Number.isSafeInteger(input) || input < 0) {
|
|
31
|
+
throw new Error(`Unsafe numeric ${field}: ${input}. Pass token amounts as decimal STRINGS — ` +
|
|
32
|
+
`a JS number cannot represent a uint256 without precision loss.`);
|
|
33
|
+
}
|
|
34
|
+
return BigInt(input);
|
|
35
|
+
}
|
|
36
|
+
throw new Error(`Invalid ${field}: ${JSON.stringify(input)}`);
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Enforce the per-call and cumulative session spend caps. Throws on violation; never
|
|
40
|
+
* mutates state. (S1/S9 — the cap logic that every value-moving tool must pass.)
|
|
41
|
+
*/
|
|
42
|
+
export function checkSpend(amountAtomic, caps, sessionSpentAtomic) {
|
|
43
|
+
if (amountAtomic < 0n) {
|
|
44
|
+
throw new Error(`Invalid negative amount: ${amountAtomic}`);
|
|
45
|
+
}
|
|
46
|
+
if (amountAtomic > caps.perCallMaxAtomic) {
|
|
47
|
+
throw new Error(`Amount ${amountAtomic} exceeds per-call cap ${caps.perCallMaxAtomic} (atomic units). ` +
|
|
48
|
+
`Raise perCallMaxAtomic via "configure" (only if the operator enabled security changes).`);
|
|
49
|
+
}
|
|
50
|
+
if (sessionSpentAtomic + amountAtomic > caps.sessionMaxAtomic) {
|
|
51
|
+
throw new Error(`Amount ${amountAtomic} would exceed the cumulative session cap ${caps.sessionMaxAtomic} ` +
|
|
52
|
+
`(already spent ${sessionSpentAtomic} atomic units).`);
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
/**
|
|
56
|
+
* S8: Resolve the effective security config from an LLM-supplied `configure` request.
|
|
57
|
+
* The caps / localDev / autoPayment knobs loosen the server's security posture, so the
|
|
58
|
+
* LLM may only change them when the OPERATOR opted in at startup (allowSecurityChanges).
|
|
59
|
+
* Otherwise the request's security fields are IGNORED and the operator/default config
|
|
60
|
+
* stands — a prompt-injected model cannot raise its own caps or enable localDev.
|
|
61
|
+
* Returns the resolved config and the list of fields that were ignored (for reporting).
|
|
62
|
+
*/
|
|
63
|
+
export function resolveSecurityConfig(base, req, allowSecurityChanges) {
|
|
64
|
+
if (allowSecurityChanges) {
|
|
65
|
+
return {
|
|
66
|
+
config: {
|
|
67
|
+
localDev: req.localDev ?? base.localDev,
|
|
68
|
+
autoPayment: req.autoPayment ?? base.autoPayment,
|
|
69
|
+
perCallMaxAtomic: req.perCallMaxAtomic !== undefined
|
|
70
|
+
? parseAtomicAmount(req.perCallMaxAtomic, 'perCallMaxAtomic')
|
|
71
|
+
: base.perCallMaxAtomic,
|
|
72
|
+
sessionMaxAtomic: req.sessionMaxAtomic !== undefined
|
|
73
|
+
? parseAtomicAmount(req.sessionMaxAtomic, 'sessionMaxAtomic')
|
|
74
|
+
: base.sessionMaxAtomic,
|
|
75
|
+
},
|
|
76
|
+
ignored: [],
|
|
77
|
+
};
|
|
78
|
+
}
|
|
79
|
+
const ignored = [];
|
|
80
|
+
if (req.localDev)
|
|
81
|
+
ignored.push('localDev');
|
|
82
|
+
if (req.autoPayment)
|
|
83
|
+
ignored.push('autoPayment');
|
|
84
|
+
if (req.perCallMaxAtomic !== undefined)
|
|
85
|
+
ignored.push('perCallMaxAtomic');
|
|
86
|
+
if (req.sessionMaxAtomic !== undefined)
|
|
87
|
+
ignored.push('sessionMaxAtomic');
|
|
88
|
+
return { config: { ...base }, ignored };
|
|
89
|
+
}
|
|
90
|
+
/**
|
|
91
|
+
* S1/S9: Tools that are dangerous primitives — the raw EIP-712 signing oracle
|
|
92
|
+
* (`sign_typed_data`, which can authorize an arbitrary-value transfer and bypasses the
|
|
93
|
+
* spend caps) and destructive `delete_content` — are DEFAULT-DENIED so a prompt-injected
|
|
94
|
+
* LLM cannot reach them. An operator enables them explicitly at startup.
|
|
95
|
+
*/
|
|
96
|
+
const DANGEROUS_TOOLS = new Set(['sign_typed_data', 'delete_content']);
|
|
97
|
+
/**
|
|
98
|
+
* SEC-3: state-changing ADMIN tools — registering/enabling services, claiming + submitting job
|
|
99
|
+
* results, uploading content. They mutate canister state (and drive the value-moving job lifecycle),
|
|
100
|
+
* so like the dangerous primitives they are now DEFAULT-DENIED and require an explicit operator
|
|
101
|
+
* opt-in at startup. An in-band `confirm` flag alone is NOT sufficient — a prompt-injected LLM can
|
|
102
|
+
* set it. (`delete_content` is already covered by DANGEROUS_TOOLS.)
|
|
103
|
+
*/
|
|
104
|
+
const ADMIN_TOOLS = new Set([
|
|
105
|
+
'register_service',
|
|
106
|
+
'enable_service',
|
|
107
|
+
'claim_job',
|
|
108
|
+
'submit_job_result',
|
|
109
|
+
'upload_content',
|
|
110
|
+
]);
|
|
111
|
+
export function isToolAllowed(toolName, allowDangerousTools, allowAdminTools) {
|
|
112
|
+
if (DANGEROUS_TOOLS.has(toolName))
|
|
113
|
+
return allowDangerousTools;
|
|
114
|
+
if (ADMIN_TOOLS.has(toolName))
|
|
115
|
+
return allowAdminTools;
|
|
116
|
+
return true;
|
|
117
|
+
}
|
|
118
|
+
/**
|
|
119
|
+
* Resolve the operator's startup security config from an optional JSON config file and the
|
|
120
|
+
* environment. BOTH are out-of-band inputs the LLM cannot influence, so the security boundary
|
|
121
|
+
* stays with the operator (audit S8). Precedence: built-in defaults < config file < env vars
|
|
122
|
+
* (env wins, so an operator can override a file value at launch). Unparseable values fall back
|
|
123
|
+
* to the lower-precedence source rather than throwing, so a typo can't crash the server.
|
|
124
|
+
*/
|
|
125
|
+
export function resolveOperatorConfig(file, env, defaults) {
|
|
126
|
+
const f = file ?? {};
|
|
127
|
+
const isTrue = (v) => v === '1' || v === 'true';
|
|
128
|
+
const pickBool = (fileKey, envKey) => {
|
|
129
|
+
if (env[envKey] !== undefined)
|
|
130
|
+
return isTrue(env[envKey]);
|
|
131
|
+
if (typeof f[fileKey] === 'boolean')
|
|
132
|
+
return f[fileKey];
|
|
133
|
+
return false;
|
|
134
|
+
};
|
|
135
|
+
const pickAmount = (fileKey, envKey, dflt) => {
|
|
136
|
+
const raw = env[envKey] !== undefined ? env[envKey] : f[fileKey];
|
|
137
|
+
if (raw === undefined)
|
|
138
|
+
return dflt;
|
|
139
|
+
try {
|
|
140
|
+
return parseAtomicAmount(raw, envKey);
|
|
141
|
+
}
|
|
142
|
+
catch {
|
|
143
|
+
return dflt;
|
|
144
|
+
}
|
|
145
|
+
};
|
|
146
|
+
return {
|
|
147
|
+
security: {
|
|
148
|
+
localDev: pickBool('localDev', 'IC402_MCP_LOCAL_DEV'),
|
|
149
|
+
autoPayment: pickBool('autoPayment', 'IC402_MCP_AUTO_PAYMENT'),
|
|
150
|
+
perCallMaxAtomic: pickAmount('perCallMaxAtomic', 'IC402_MCP_PER_CALL_MAX_ATOMIC', defaults.perCallMaxAtomic),
|
|
151
|
+
sessionMaxAtomic: pickAmount('sessionMaxAtomic', 'IC402_MCP_SESSION_MAX_ATOMIC', defaults.sessionMaxAtomic),
|
|
152
|
+
},
|
|
153
|
+
allowSecurityChanges: pickBool('allowSecurityChanges', 'IC402_MCP_ALLOW_SECURITY_CHANGES'),
|
|
154
|
+
allowDangerousTools: pickBool('allowDangerousTools', 'IC402_MCP_ALLOW_DANGEROUS_TOOLS'),
|
|
155
|
+
allowAdminTools: pickBool('allowAdminTools', 'IC402_MCP_ALLOW_ADMIN_TOOLS'),
|
|
156
|
+
};
|
|
157
|
+
}
|
|
158
|
+
// ---------------------------------------------------------------------------
|
|
159
|
+
// Generic `call` tool method gating (C3)
|
|
160
|
+
//
|
|
161
|
+
// The generic MCP `call` tool must only reach read-only/query methods; state-changing, signing,
|
|
162
|
+
// payment, and admin methods have dedicated, capped, confirmation-gated tools. This logic lives
|
|
163
|
+
// here (not in index.ts, which boots the server on import and can't be unit-tested) so the decision
|
|
164
|
+
// tree can be exercised directly — see test/mcp-guards.test.ts.
|
|
165
|
+
// ---------------------------------------------------------------------------
|
|
166
|
+
/** Curated read-only allowlist — every entry is a `query` (or otherwise non-state-changing read)
|
|
167
|
+
* in the IDL. Authoritative: wins over the substring blocklist, so a genuine read-only getter
|
|
168
|
+
* whose name contains a blocked substring (e.g. getPolicyConfig contains 'policy') is still
|
|
169
|
+
* admitted. ONLY add verified non-state-changing query methods. */
|
|
170
|
+
export const READONLY_CALL_ALLOWLIST = new Set([
|
|
171
|
+
'listContent',
|
|
172
|
+
'getChunk',
|
|
173
|
+
'getAgentCard',
|
|
174
|
+
'getAgentId',
|
|
175
|
+
'verifyGrant',
|
|
176
|
+
'listServices',
|
|
177
|
+
'getJobStatus',
|
|
178
|
+
'getJob',
|
|
179
|
+
'getJobResult',
|
|
180
|
+
'keccak256',
|
|
181
|
+
'getPolicyConfig',
|
|
182
|
+
]);
|
|
183
|
+
/** Substrings that must NEVER be reachable through the generic `call` path — signing/admin/
|
|
184
|
+
* value-moving method names that have dedicated tools. */
|
|
185
|
+
export const CALL_BLOCK_SUBSTRINGS = [
|
|
186
|
+
'sign',
|
|
187
|
+
'set',
|
|
188
|
+
'submit',
|
|
189
|
+
'open',
|
|
190
|
+
'close',
|
|
191
|
+
'transfer',
|
|
192
|
+
'register',
|
|
193
|
+
'pay',
|
|
194
|
+
'approve',
|
|
195
|
+
'policy',
|
|
196
|
+
'upload',
|
|
197
|
+
'delete',
|
|
198
|
+
'claim',
|
|
199
|
+
'confirm',
|
|
200
|
+
'dispute',
|
|
201
|
+
'enable',
|
|
202
|
+
'disable',
|
|
203
|
+
'end',
|
|
204
|
+
];
|
|
205
|
+
// M16 (posture note): `getContent` is dual-mode — a read-only 402 challenge fetch with no
|
|
206
|
+
// PaymentSignature, but a SETTLING update when a signature is passed. It is the only content-
|
|
207
|
+
// purchase entry point over MCP, and there is no dedicated capped/confirmed purchase tool, so it
|
|
208
|
+
// stays reachable via the get-prefix fallback below. Settlement pays the operator's own canister
|
|
209
|
+
// (C-1), and spend caps are outbound-signing-only; a future `buy_content` tool is the right fix.
|
|
210
|
+
/** Decide whether a method name may be called through the generic (uncapped, unconfirmed) `call`
|
|
211
|
+
* tool. Order: allowlist (authoritative) → substring blocklist → read-only name-prefix fallback. */
|
|
212
|
+
export function isCallMethodAllowed(method) {
|
|
213
|
+
const lower = method.toLowerCase();
|
|
214
|
+
if (READONLY_CALL_ALLOWLIST.has(method))
|
|
215
|
+
return { ok: true };
|
|
216
|
+
for (const bad of CALL_BLOCK_SUBSTRINGS) {
|
|
217
|
+
if (lower.includes(bad)) {
|
|
218
|
+
return {
|
|
219
|
+
ok: false,
|
|
220
|
+
reason: `Method "${method}" looks state-changing/signing (contains "${bad}"). Use the dedicated tool for this action.`,
|
|
221
|
+
};
|
|
222
|
+
}
|
|
223
|
+
}
|
|
224
|
+
// Forward-compat: admit new read-only getters by name prefix, only after the blocklist cleared it.
|
|
225
|
+
if (/^(get|list|fetch|is)[A-Z]/.test(method) || /^(get|list|fetch|is)$/.test(method)) {
|
|
226
|
+
return { ok: true };
|
|
227
|
+
}
|
|
228
|
+
return {
|
|
229
|
+
ok: false,
|
|
230
|
+
reason: `Method "${method}" is not on the read-only allowlist. The generic "call" tool only permits query/read methods; use a dedicated tool for state-changing or signing operations.`,
|
|
231
|
+
};
|
|
232
|
+
}
|
|
233
|
+
//# sourceMappingURL=guards.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guards.js","sourceRoot":"","sources":["../src/guards.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAmBH;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAc,EAAE,KAAK,GAAG,QAAQ;IAChE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,IAAI,KAAK,GAAG,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,KAAK,KAAK,KAAK,EAAE,CAAC,CAAC;QACvE,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CACb,WAAW,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,2CAA2C,CACtF,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CACb,kBAAkB,KAAK,KAAK,KAAK,4CAA4C;gBAC3E,gEAAgE,CACnE,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,WAAW,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AAChE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,UAAU,CACxB,YAAoB,EACpB,IAAe,EACf,kBAA0B;IAE1B,IAAI,YAAY,GAAG,EAAE,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,4BAA4B,YAAY,EAAE,CAAC,CAAC;IAC9D,CAAC;IACD,IAAI,YAAY,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACzC,MAAM,IAAI,KAAK,CACb,UAAU,YAAY,yBAAyB,IAAI,CAAC,gBAAgB,mBAAmB;YACrF,yFAAyF,CAC5F,CAAC;IACJ,CAAC;IACD,IAAI,kBAAkB,GAAG,YAAY,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CACb,UAAU,YAAY,4CAA4C,IAAI,CAAC,gBAAgB,GAAG;YACxF,kBAAkB,kBAAkB,iBAAiB,CACxD,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,qBAAqB,CACnC,IAAoB,EACpB,GAAqB,EACrB,oBAA6B;IAE7B,IAAI,oBAAoB,EAAE,CAAC;QACzB,OAAO;YACL,MAAM,EAAE;gBACN,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ;gBACvC,WAAW,EAAE,GAAG,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW;gBAChD,gBAAgB,EACd,GAAG,CAAC,gBAAgB,KAAK,SAAS;oBAChC,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,gBAAgB,EAAE,kBAAkB,CAAC;oBAC7D,CAAC,CAAC,IAAI,CAAC,gBAAgB;gBAC3B,gBAAgB,EACd,GAAG,CAAC,gBAAgB,KAAK,SAAS;oBAChC,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,gBAAgB,EAAE,kBAAkB,CAAC;oBAC7D,CAAC,CAAC,IAAI,CAAC,gBAAgB;aAC5B;YACD,OAAO,EAAE,EAAE;SACZ,CAAC;IACJ,CAAC;IACD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,GAAG,CAAC,QAAQ;QAAE,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC3C,IAAI,GAAG,CAAC,WAAW;QAAE,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACjD,IAAI,GAAG,CAAC,gBAAgB,KAAK,SAAS;QAAE,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACzE,IAAI,GAAG,CAAC,gBAAgB,KAAK,SAAS;QAAE,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACzE,OAAO,EAAE,MAAM,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,CAAC,CAAC;AAEvE;;;;;;GAMG;AACH,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC;IAC1B,kBAAkB;IAClB,gBAAgB;IAChB,WAAW;IACX,mBAAmB;IACnB,gBAAgB;CACjB,CAAC,CAAC;AAEH,MAAM,UAAU,aAAa,CAC3B,QAAgB,EAChB,mBAA4B,EAC5B,eAAwB;IAExB,IAAI,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,mBAAmB,CAAC;IAC9D,IAAI,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,eAAe,CAAC;IACtD,OAAO,IAAI,CAAC;AACd,CAAC;AASD;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CACnC,IAAoC,EACpC,GAAuC,EACvC,QAAgE;IAEhE,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,CAAC,CAAqB,EAAE,EAAE,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,MAAM,CAAC;IAEpE,MAAM,QAAQ,GAAG,CAAC,OAAe,EAAE,MAAc,EAAW,EAAE;QAC5D,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,SAAS;YAAE,OAAO,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1D,IAAI,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,SAAS;YAAE,OAAO,CAAC,CAAC,OAAO,CAAY,CAAC;QAClE,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;IACF,MAAM,UAAU,GAAG,CAAC,OAAe,EAAE,MAAc,EAAE,IAAY,EAAU,EAAE;QAC3E,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QACjE,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,IAAI,CAAC;QACnC,IAAI,CAAC;YACH,OAAO,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACxC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC,CAAC;IAEF,OAAO;QACL,QAAQ,EAAE;YACR,QAAQ,EAAE,QAAQ,CAAC,UAAU,EAAE,qBAAqB,CAAC;YACrD,WAAW,EAAE,QAAQ,CAAC,aAAa,EAAE,wBAAwB,CAAC;YAC9D,gBAAgB,EAAE,UAAU,CAC1B,kBAAkB,EAClB,+BAA+B,EAC/B,QAAQ,CAAC,gBAAgB,CAC1B;YACD,gBAAgB,EAAE,UAAU,CAC1B,kBAAkB,EAClB,8BAA8B,EAC9B,QAAQ,CAAC,gBAAgB,CAC1B;SACF;QACD,oBAAoB,EAAE,QAAQ,CAAC,sBAAsB,EAAE,kCAAkC,CAAC;QAC1F,mBAAmB,EAAE,QAAQ,CAAC,qBAAqB,EAAE,iCAAiC,CAAC;QACvF,eAAe,EAAE,QAAQ,CAAC,iBAAiB,EAAE,6BAA6B,CAAC;KAC5E,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,yCAAyC;AACzC,EAAE;AACF,gGAAgG;AAChG,gGAAgG;AAChG,oGAAoG;AACpG,gEAAgE;AAChE,8EAA8E;AAE9E;;;oEAGoE;AACpE,MAAM,CAAC,MAAM,uBAAuB,GAAG,IAAI,GAAG,CAAS;IACrD,aAAa;IACb,UAAU;IACV,cAAc;IACd,YAAY;IACZ,aAAa;IACb,cAAc;IACd,cAAc;IACd,QAAQ;IACR,cAAc;IACd,WAAW;IACX,iBAAiB;CAClB,CAAC,CAAC;AAEH;2DAC2D;AAC3D,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,MAAM;IACN,KAAK;IACL,QAAQ;IACR,MAAM;IACN,OAAO;IACP,UAAU;IACV,UAAU;IACV,KAAK;IACL,SAAS;IACT,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,OAAO;IACP,SAAS;IACT,SAAS;IACT,QAAQ;IACR,SAAS;IACT,KAAK;CACN,CAAC;AAEF,0FAA0F;AAC1F,8FAA8F;AAC9F,iGAAiG;AACjG,iGAAiG;AACjG,iGAAiG;AAEjG;qGACqG;AACrG,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IACnC,IAAI,uBAAuB,CAAC,GAAG,CAAC,MAAM,CAAC;QAAE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IAC7D,KAAK,MAAM,GAAG,IAAI,qBAAqB,EAAE,CAAC;QACxC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,WAAW,MAAM,6CAA6C,GAAG,6CAA6C;aACvH,CAAC;QACJ,CAAC;IACH,CAAC;IACD,mGAAmG;IACnG,IAAI,2BAA2B,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,uBAAuB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACtB,CAAC;IACD,OAAO;QACL,EAAE,EAAE,KAAK;QACT,MAAM,EAAE,WAAW,MAAM,8JAA8J;KACxL,CAAC;AACJ,CAAC"}
|
package/dist/index.d.ts
ADDED