@iflow-mcp/shaun0927-openchrome 1.7.13

package/dist/router/tool-routing-registry.js

@@ -0,0 +1,89 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ToolRoutingRegistry = void 0;
+/**
+ * Static mapping of all tool names to their backend routing preference.
+ *
+ * chrome-only: Tools that require Chrome capabilities (screenshots, PDF).
+ * prefer-lightpanda: Tools that can run on Lightpanda for better performance.
+ */
+const TOOL_ROUTING_MAP = {
+    // Chrome-only tools (visual capabilities)
+    computer: 'chrome-only',
+    page_pdf: 'chrome-only',
+    // Core tools - prefer-lightpanda
+    navigate: 'prefer-lightpanda',
+    read_page: 'prefer-lightpanda',
+    find: 'prefer-lightpanda',
+    form_input: 'prefer-lightpanda',
+    javascript_tool: 'prefer-lightpanda',
+    network: 'prefer-lightpanda',
+    // Phase 1 tools - prefer-lightpanda
+    page_reload: 'prefer-lightpanda',
+    cookies: 'prefer-lightpanda',
+    query_dom: 'prefer-lightpanda',
+    page_content: 'prefer-lightpanda',
+    wait_for: 'prefer-lightpanda',
+    storage: 'prefer-lightpanda',
+    // Phase 2 tools - prefer-lightpanda
+    user_agent: 'prefer-lightpanda',
+    geolocation: 'prefer-lightpanda',
+    emulate_device: 'prefer-lightpanda',
+    console_capture: 'prefer-lightpanda',
+    performance_metrics: 'prefer-lightpanda',
+    request_intercept: 'prefer-lightpanda',
+    // Phase 3 tools - prefer-lightpanda
+    file_upload: 'prefer-lightpanda',
+    http_auth: 'prefer-lightpanda',
+    drag_drop: 'prefer-lightpanda',
+    // UX composite tools - prefer-lightpanda
+    click_element: 'prefer-lightpanda',
+    fill_form: 'prefer-lightpanda',
+    wait_and_click: 'prefer-lightpanda',
+    // Tab management tools - prefer-lightpanda
+    tabs_context: 'prefer-lightpanda',
+    tabs_create: 'prefer-lightpanda',
+    tabs_close: 'prefer-lightpanda',
+    // Worker management tool - prefer-lightpanda
+    worker: 'prefer-lightpanda',
+    // Memory tool - prefer-lightpanda
+    memory: 'prefer-lightpanda',
+    // Orchestration tools - prefer-lightpanda
+    workflow_init: 'prefer-lightpanda',
+    workflow_status: 'prefer-lightpanda',
+    workflow_collect: 'prefer-lightpanda',
+    workflow_cleanup: 'prefer-lightpanda',
+};
+class ToolRoutingRegistry {
+    /**
+     * Returns the routing preference for a given tool name.
+     * Unknown tools default to 'chrome-only' as a safe fallback.
+     */
+    static getRouting(toolName) {
+        return TOOL_ROUTING_MAP[toolName] ?? 'chrome-only';
+    }
+    /**
+     * Returns true if the tool requires Chrome (screenshot/PDF capability).
+     */
+    static isVisualTool(toolName) {
+        return TOOL_ROUTING_MAP[toolName] === 'chrome-only';
+    }
+    /**
+     * Returns the list of all chrome-only tool names.
+     */
+    static getChromeOnlyTools() {
+        return Object.entries(TOOL_ROUTING_MAP)
+            .filter(([, routing]) => routing === 'chrome-only')
+            .map(([name]) => name);
+    }
+    /**
+     * Returns the list of all prefer-lightpanda tool names.
+     */
+    static getPreferLightpandaTools() {
+        return Object.entries(TOOL_ROUTING_MAP)
+            .filter(([, routing]) => routing === 'prefer-lightpanda')
+            .map(([name]) => name);
+    }
+}
+exports.ToolRoutingRegistry = ToolRoutingRegistry;
+//# sourceMappingURL=tool-routing-registry.js.map

package/dist/router/tool-routing-registry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-routing-registry.js","sourceRoot":"","sources":["../../src/router/tool-routing-registry.ts"],"names":[],"mappings":";;;AAEA;;;;;GAKG;AACH,MAAM,gBAAgB,GAAgC;IACpD,0CAA0C;IAC1C,QAAQ,EAAE,aAAa;IACvB,QAAQ,EAAE,aAAa;IAEvB,iCAAiC;IACjC,QAAQ,EAAE,mBAAmB;IAC7B,SAAS,EAAE,mBAAmB;IAC9B,IAAI,EAAE,mBAAmB;IACzB,UAAU,EAAE,mBAAmB;IAC/B,eAAe,EAAE,mBAAmB;IACpC,OAAO,EAAE,mBAAmB;IAE5B,oCAAoC;IACpC,WAAW,EAAE,mBAAmB;IAChC,OAAO,EAAE,mBAAmB;IAC5B,SAAS,EAAE,mBAAmB;IAC9B,YAAY,EAAE,mBAAmB;IACjC,QAAQ,EAAE,mBAAmB;IAC7B,OAAO,EAAE,mBAAmB;IAE5B,oCAAoC;IACpC,UAAU,EAAE,mBAAmB;IAC/B,WAAW,EAAE,mBAAmB;IAChC,cAAc,EAAE,mBAAmB;IACnC,eAAe,EAAE,mBAAmB;IACpC,mBAAmB,EAAE,mBAAmB;IACxC,iBAAiB,EAAE,mBAAmB;IAEtC,oCAAoC;IACpC,WAAW,EAAE,mBAAmB;IAChC,SAAS,EAAE,mBAAmB;IAC9B,SAAS,EAAE,mBAAmB;IAE9B,yCAAyC;IACzC,aAAa,EAAE,mBAAmB;IAClC,SAAS,EAAE,mBAAmB;IAC9B,cAAc,EAAE,mBAAmB;IAEnC,2CAA2C;IAC3C,YAAY,EAAE,mBAAmB;IACjC,WAAW,EAAE,mBAAmB;IAChC,UAAU,EAAE,mBAAmB;IAE/B,6CAA6C;IAC7C,MAAM,EAAE,mBAAmB;IAE3B,kCAAkC;IAClC,MAAM,EAAE,mBAAmB;IAE3B,0CAA0C;IAC1C,aAAa,EAAE,mBAAmB;IAClC,eAAe,EAAE,mBAAmB;IACpC,gBAAgB,EAAE,mBAAmB;IACrC,gBAAgB,EAAE,mBAAmB;CACtC,CAAC;AAEF,MAAa,mBAAmB;IAC9B;;;OAGG;IACH,MAAM,CAAC,UAAU,CAAC,QAAgB;QAChC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,IAAI,aAAa,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,YAAY,CAAC,QAAgB;QAClC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAK,aAAa,CAAC;IACtD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,kBAAkB;QACvB,OAAO,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC;aACpC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,OAAO,KAAK,aAAa,CAAC;aAClD,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,wBAAwB;QAC7B,OAAO,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC;aACpC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,OAAO,KAAK,mBAAmB,CAAC;aACxD,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;CACF;AAjCD,kDAiCC"}

package/dist/security/audit-logger.d.ts

@@ -0,0 +1,2 @@
+export declare function logAuditEntry(tool: string, sessionId: string, args: Record<string, unknown>, pageUrl?: string): void;
+//# sourceMappingURL=audit-logger.d.ts.map

package/dist/security/audit-logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-logger.d.ts","sourceRoot":"","sources":["../../src/security/audit-logger.ts"],"names":[],"mappings":"AAwDA,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CA4BpH"}

package/dist/security/audit-logger.js

@@ -0,0 +1,109 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.logAuditEntry = logAuditEntry;
+/**
+ * Audit Logger - Logs tool invocations for security review
+ * Writes structured JSONL to ~/.openchrome/audit.log
+ */
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const global_1 = require("../config/global");
+const url_utils_1 = require("../utils/url-utils");
+let logDirEnsured = false;
+// Get log file path
+function getLogPath() {
+    const config = (0, global_1.getGlobalConfig)();
+    return config.security?.audit_log_path ||
+        path.join(os.homedir(), '.openchrome', 'audit.log');
+}
+// Extract domain from URL safely
+function extractDomain(url) {
+    if (!url)
+        return null;
+    return (0, url_utils_1.extractHostname)(url) || null;
+}
+const SENSITIVE_KEYS = ['password', 'cookie', 'token', 'secret', 'auth', 'credential', 'value', 'text'];
+function isSensitiveKey(key) {
+    const lower = key.toLowerCase();
+    return SENSITIVE_KEYS.some(s => lower.includes(s));
+}
+// Summarize args (redact sensitive values)
+function summarizeArgs(args) {
+    // Include keys like tabId, url, action but redact values of sensitive keys
+    const safe = {};
+    for (const [key, value] of Object.entries(args)) {
+        if (isSensitiveKey(key)) {
+            safe[key] = '[REDACTED]';
+        }
+        else if (typeof value === 'string' && value.length > 100) {
+            safe[key] = value.slice(0, 100) + '...';
+        }
+        else {
+            safe[key] = value;
+        }
+    }
+    return JSON.stringify(safe);
+}
+function logAuditEntry(tool, sessionId, args, pageUrl) {
+    const config = (0, global_1.getGlobalConfig)();
+    if (!config.security?.audit_log)
+        return; // Disabled by default
+    const entry = {
+        timestamp: new Date().toISOString(),
+        tool,
+        domain: extractDomain(pageUrl || args.url),
+        sessionId,
+        args_summary: summarizeArgs(args),
+    };
+    const logPath = getLogPath();
+    const logDir = path.dirname(logPath);
+    // Ensure directory exists (first time only)
+    if (!logDirEnsured) {
+        try {
+            fs.mkdirSync(logDir, { recursive: true });
+            logDirEnsured = true;
+        }
+        catch {
+            return; // Non-fatal
+        }
+    }
+    // Non-blocking append
+    const line = JSON.stringify(entry) + '\n';
+    fs.appendFile(logPath, line, (err) => { if (err)
+        console.error('[audit-logger] write failed:', err.code); });
+}
+//# sourceMappingURL=audit-logger.js.map

package/dist/security/audit-logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-logger.js","sourceRoot":"","sources":["../../src/security/audit-logger.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwDA,sCA4BC;AApFD;;;GAGG;AACH,uCAAyB;AACzB,2CAA6B;AAC7B,uCAAyB;AACzB,6CAAmD;AACnD,kDAAqD;AAUrD,IAAI,aAAa,GAAG,KAAK,CAAC;AAE1B,oBAAoB;AACpB,SAAS,UAAU;IACjB,MAAM,MAAM,GAAG,IAAA,wBAAe,GAAE,CAAC;IACjC,OAAO,MAAM,CAAC,QAAQ,EAAE,cAAc;QACpC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;AACxD,CAAC;AAED,iCAAiC;AACjC,SAAS,aAAa,CAAC,GAAY;IACjC,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,OAAO,IAAA,2BAAe,EAAC,GAAG,CAAC,IAAI,IAAI,CAAC;AACtC,CAAC;AAED,MAAM,cAAc,GAAG,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AAExG,SAAS,cAAc,CAAC,GAAW;IACjC,MAAM,KAAK,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IAChC,OAAO,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;AACrD,CAAC;AAED,2CAA2C;AAC3C,SAAS,aAAa,CAAC,IAA6B;IAClD,2EAA2E;IAC3E,MAAM,IAAI,GAA4B,EAAE,CAAC;IACzC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QAChD,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,IAAI,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;QAC3B,CAAC;aAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAC3D,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;QAC1C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;AAC9B,CAAC;AAED,SAAgB,aAAa,CAAC,IAAY,EAAE,SAAiB,EAAE,IAA6B,EAAE,OAAgB;IAC5G,MAAM,MAAM,GAAG,IAAA,wBAAe,GAAE,CAAC;IACjC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS;QAAE,OAAO,CAAC,sBAAsB;IAE/D,MAAM,KAAK,GAAe;QACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,IAAI;QACJ,MAAM,EAAE,aAAa,CAAC,OAAO,IAAK,IAAI,CAAC,GAAc,CAAC;QACtD,SAAS;QACT,YAAY,EAAE,aAAa,CAAC,IAAI,CAAC;KAClC,CAAC;IAEF,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAErC,4CAA4C;IAC5C,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,IAAI,CAAC;YACH,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC1C,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,YAAY;QACtB,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;IAC1C,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,GAAG;QAAE,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC/G,CAAC"}

package/dist/security/domain-guard.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Check whether a URL's domain is blocked by the configured blocklist.
+ * Returns false (allowed) if no blocked_domains are configured.
+ */
+export declare function isDomainBlocked(url: string): boolean;
+/**
+ * Assert that the given URL is not blocked.
+ * Throws a descriptive error if the domain is on the blocklist.
+ */
+export declare function assertDomainAllowed(url: string): void;
+//# sourceMappingURL=domain-guard.d.ts.map

package/dist/security/domain-guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"domain-guard.d.ts","sourceRoot":"","sources":["../../src/security/domain-guard.ts"],"names":[],"mappings":"AA2DA;;;GAGG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAiBpD;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAwBrD"}

package/dist/security/domain-guard.js

@@ -0,0 +1,98 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isDomainBlocked = isDomainBlocked;
+exports.assertDomainAllowed = assertDomainAllowed;
+/**
+ * Domain Guard - Blocks AI agent access to configured domains
+ * Default-allow: no domains blocked unless explicitly configured.
+ */
+const global_1 = require("../config/global");
+const url_utils_1 = require("../utils/url-utils");
+/**
+ * Convert a glob pattern to a RegExp.
+ * Supports "*" as a wildcard matching any sequence of non-dot characters,
+ * and "**" or leading "*." to match across subdomains.
+ * Examples:
+ *   "*.bank.com"      -> matches "www.bank.com", "login.bank.com"
+ *   "mail.google.com" -> exact match only
+ */
+function globToRegex(pattern) {
+    // Reject overly long patterns (DNS max is 253 chars)
+    if (pattern.length > 253) {
+        throw new Error(`Domain pattern too long (${pattern.length} chars, max 253): "${pattern.slice(0, 50)}..."`);
+    }
+    // Escape all regex special chars except "*"
+    const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, '\\$&');
+    // Replace "*" with "[^.]*" to match any non-dot characters (single-level wildcard)
+    // This means "*.bank.com" matches "www.bank.com" but NOT "a.b.bank.com"
+    const regexStr = escaped.replace(/\*/g, '[^.]*');
+    return new RegExp(`^${regexStr}$`, 'i');
+}
+/**
+ * Extract the hostname from a URL string.
+ * Returns null for invalid URLs or special schemes (about:, chrome:, etc.).
+ */
+function extractHostname(url) {
+    // Always allow special browser URLs
+    if (url === 'about:blank' ||
+        url.startsWith('about:') ||
+        url.startsWith('chrome:') ||
+        url.startsWith('chrome-extension:')) {
+        return null;
+    }
+    // Allow data: URIs — they don't have hostnames and blocking them globally
+    // would break inline images, SVGs, and other legitimate content.
+    // Note: file: URIs are NOT exempted — they could be used to read local files.
+    if (url.startsWith('data:')) {
+        return null;
+    }
+    const hostname = (0, url_utils_1.extractHostname)(url).toLowerCase();
+    if (hostname)
+        return hostname;
+    // Try adding protocol for bare hostnames (e.g., "bank.com")
+    const fallback = (0, url_utils_1.extractHostname)('https://' + url).toLowerCase();
+    return fallback || null;
+}
+/**
+ * Check whether a URL's domain is blocked by the configured blocklist.
+ * Returns false (allowed) if no blocked_domains are configured.
+ */
+function isDomainBlocked(url) {
+    const config = (0, global_1.getGlobalConfig)();
+    const blockedDomains = config.security?.blocked_domains;
+    if (!blockedDomains || blockedDomains.length === 0) {
+        return false;
+    }
+    const hostname = extractHostname(url);
+    if (!hostname) {
+        return false;
+    }
+    return blockedDomains.some((pattern) => {
+        const regex = globToRegex(pattern);
+        return regex.test(hostname);
+    });
+}
+/**
+ * Assert that the given URL is not blocked.
+ * Throws a descriptive error if the domain is on the blocklist.
+ */
+function assertDomainAllowed(url) {
+    const config = (0, global_1.getGlobalConfig)();
+    const blockedDomains = config.security?.blocked_domains;
+    if (!blockedDomains || blockedDomains.length === 0) {
+        return;
+    }
+    const hostname = extractHostname(url);
+    if (!hostname) {
+        return;
+    }
+    const matchedPattern = blockedDomains.find((pattern) => {
+        const regex = globToRegex(pattern);
+        return regex.test(hostname);
+    });
+    if (matchedPattern) {
+        throw new Error(`Access to domain "${hostname}" is blocked by security policy (matched pattern: "${matchedPattern}"). ` +
+            `Configure blocked_domains in your OpenChrome security settings to change this.`);
+    }
+}
+//# sourceMappingURL=domain-guard.js.map

package/dist/security/domain-guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"domain-guard.js","sourceRoot":"","sources":["../../src/security/domain-guard.ts"],"names":[],"mappings":";;AA+DA,0CAiBC;AAMD,kDAwBC;AA9GD;;;GAGG;AACH,6CAAmD;AACnD,kDAA+E;AAE/E;;;;;;;GAOG;AACH,SAAS,WAAW,CAAC,OAAe;IAClC,qDAAqD;IACrD,IAAI,OAAO,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,CAAC,MAAM,sBAAsB,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC;IAC9G,CAAC;IAED,4CAA4C;IAC5C,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;IAC7D,mFAAmF;IACnF,wEAAwE;IACxE,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACjD,OAAO,IAAI,MAAM,CAAC,IAAI,QAAQ,GAAG,EAAE,GAAG,CAAC,CAAC;AAC1C,CAAC;AAED;;;GAGG;AACH,SAAS,eAAe,CAAC,GAAW;IAClC,oCAAoC;IACpC,IACE,GAAG,KAAK,aAAa;QACrB,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC;QACxB,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC;QACzB,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC,EACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,0EAA0E;IAC1E,iEAAiE;IACjE,8EAA8E;IAC9E,IAAI,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,QAAQ,GAAG,IAAA,2BAAsB,EAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;IAC3D,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAE9B,4DAA4D;IAC5D,MAAM,QAAQ,GAAG,IAAA,2BAAsB,EAAC,UAAU,GAAG,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;IACxE,OAAO,QAAQ,IAAI,IAAI,CAAC;AAC1B,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,GAAW;IACzC,MAAM,MAAM,GAAG,IAAA,wBAAe,GAAE,CAAC;IACjC,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,EAAE,eAAe,CAAC;IAExD,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACtC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,cAAc,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QACrC,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QACnC,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,SAAgB,mBAAmB,CAAC,GAAW;IAC7C,MAAM,MAAM,GAAG,IAAA,wBAAe,GAAE,CAAC;IACjC,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,EAAE,eAAe,CAAC;IAExD,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnD,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACtC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;IACT,CAAC;IAED,MAAM,cAAc,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QACrD,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QACnC,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CACb,qBAAqB,QAAQ,sDAAsD,cAAc,MAAM;YACrG,gFAAgF,CACnF,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/session-manager.d.ts

@@ -0,0 +1,325 @@
+/**
+ * Session Manager - Manages lifecycle of parallel Claude Code sessions
+ * Supports multiple Workers within a single session for parallel browser operations
+ */
+import { Page } from 'puppeteer-core';
+import { Session, SessionInfo, SessionCreateOptions, SessionEvent, Worker, WorkerInfo, WorkerCreateOptions } from './types/session';
+import { CDPClient } from './cdp/client';
+import { PoolStats } from './cdp/connection-pool';
+import { BrowserRouter } from './router';
+import { HybridConfig } from './types/browser-backend';
+import { StorageStateConfig } from './config';
+export interface SessionManagerConfig {
+    /** Session TTL in milliseconds (default: 30 minutes) */
+    sessionTTL?: number;
+    /** Auto-cleanup interval in milliseconds (default: 1 minute) */
+    cleanupInterval?: number;
+    /** Enable auto-cleanup (default: true) */
+    autoCleanup?: boolean;
+    /** Maximum number of sessions (default: 100) */
+    maxSessions?: number;
+    /** Maximum workers per session (default: 20) */
+    maxWorkersPerSession?: number;
+    /** Maximum targets (tabs) per worker (default: 5). Oldest closed when exceeded. */
+    maxTargetsPerWorker?: number;
+    /** Memory pressure threshold in bytes. Below this free memory, aggressive cleanup triggers. (default: 500MB) */
+    memoryPressureThreshold?: number;
+    /** Use connection pool for page management (default: false for worker isolation) */
+    useConnectionPool?: boolean;
+    /** Use default browser context (shares cookies/sessions with Chrome profile) */
+    useDefaultContext?: boolean;
+    /** Enable Chrome pool for origin-aware instance distribution (default: false) */
+    usePool?: boolean;
+    /** Storage state persistence config (default: disabled) */
+    storageState?: StorageStateConfig;
+}
+export interface SessionManagerStats {
+    activeSessions: number;
+    totalTargets: number;
+    totalWorkers: number;
+    totalSessionsCreated: number;
+    totalSessionsCleaned: number;
+    uptime: number;
+    lastCleanup: number | null;
+    memoryUsage: number;
+    connectionPool?: PoolStats;
+}
+export declare class SessionManager {
+    private sessions;
+    private targetToWorker;
+    private cdpClient;
+    private connectionPool;
+    private chromePool;
+    private cdpFactory;
+    private queueManager;
+    private eventListeners;
+    private browserRouter;
+    private storageStateManagers;
+    private storageStateConfig;
+    private pendingCreations;
+    private config;
+    private cleanupTimer;
+    private startTime;
+    private totalSessionsCreated;
+    private totalSessionsCleaned;
+    private lastCleanupTime;
+    constructor(cdpClient?: CDPClient, config?: SessionManagerConfig);
+    /**
+     * Get the CDPClient for a specific worker (may be on a different Chrome instance)
+     */
+    private getCDPClientForWorker;
+    /**
+     * Start automatic cleanup interval
+     */
+    private startAutoCleanup;
+    /**
+     * Stop automatic cleanup
+     */
+    stopAutoCleanup(): void;
+    /**
+     * Get session manager statistics
+     */
+    getStats(): SessionManagerStats;
+    /**
+     * Get current configuration
+     */
+    getConfig(): Required<SessionManagerConfig>;
+    /**
+     * Update configuration
+     */
+    updateConfig(config: Partial<SessionManagerConfig>): void;
+    /**
+     * Ensure connected to Chrome
+     */
+    ensureConnected(): Promise<void>;
+    /**
+     * Create a new session with a default worker
+     */
+    createSession(options?: SessionCreateOptions): Promise<Session>;
+    /**
+     * Get or create a session
+     */
+    getOrCreateSession(sessionId: string): Promise<Session>;
+    /**
+     * Get an existing session
+     */
+    getSession(sessionId: string): Session | undefined;
+    /**
+     * Update last activity timestamp
+     */
+    touchSession(sessionId: string): void;
+    /**
+     * Delete a session and clean up all workers
+     */
+    deleteSession(sessionId: string): Promise<void>;
+    /**
+     * Clean up inactive sessions
+     */
+    cleanupInactiveSessions(maxAgeMs: number, options?: {
+        force?: boolean;
+    }): Promise<string[]>;
+    /**
+     * Force cleanup all sessions (including "default").
+     * Unlike cleanupInactiveSessions, this is a forced full teardown (called on shutdown).
+     */
+    cleanupAllSessions(): Promise<number>;
+    /**
+     * Create a new worker within a session
+     * Each worker has its own isolated browser context (cookies, localStorage, etc.)
+     */
+    createWorker(sessionId: string, options?: WorkerCreateOptions): Promise<Worker>;
+    /**
+     * Get a worker by ID
+     */
+    getWorker(sessionId: string, workerId: string): Worker | undefined;
+    /**
+     * Get or create a worker
+     */
+    getOrCreateWorker(sessionId: string, workerId?: string): Promise<Worker>;
+    /**
+     * List all workers in a session
+     */
+    getWorkers(sessionId: string): WorkerInfo[];
+    /**
+     * Delete a worker and its resources
+     */
+    deleteWorker(sessionId: string, workerId: string): Promise<void>;
+    /**
+     * Internal worker deletion (also used for cleanup)
+     */
+    private deleteWorkerInternal;
+    /**
+     * Create a new page/target for a worker
+     * @param sessionId Session ID
+     * @param url Optional URL to navigate to
+     * @param workerId Optional worker ID (uses default worker if not specified)
+     */
+    createTarget(sessionId: string, url?: string, workerId?: string): Promise<{
+        targetId: string;
+        page: Page;
+        workerId: string;
+    }>;
+    private _createTargetImpl;
+    /**
+     * CDP-free stealth navigation: opens a new tab via Chrome's HTTP debug API without
+     * attaching Puppeteer/CDP during page load, letting anti-bot checks (e.g. Cloudflare
+     * Turnstile) complete without CDP signals present. CDP attaches after settleMs.
+     *
+     * @param sessionId  Session to register the new target under
+     * @param url        URL to navigate to
+     * @param workerId   Optional worker ID (uses default worker if omitted)
+     * @param settleMs   How long to wait before attaching CDP (default 5000, range 1000-30000)
+     * @returns          Registered targetId, Page, and workerId
+     */
+    createTargetStealth(sessionId: string, url: string, workerId?: string, settleMs?: number): Promise<{
+        targetId: string;
+        page: Page;
+        workerId: string;
+    }>;
+    /**
+     * Register a pre-acquired page as a target for a worker.
+     * Used by workflow engine when pages are batch-acquired from the pool
+     * to avoid per-page replenishment (about:blank proliferation fix).
+     */
+    registerExistingTarget(sessionId: string, workerId: string, targetId: string): void;
+    /**
+     * Check if a target is still valid (page not closed)
+     */
+    isTargetValid(targetId: string): Promise<boolean>;
+    /**
+     * Get page for a target
+     * @param sessionId Session ID
+     * @param targetId Target/Tab ID
+     * @param workerId Optional worker ID for validation
+     * @param toolName Optional MCP tool name for hybrid BrowserRouter routing
+     */
+    getPage(sessionId: string, targetId: string, workerId?: string, toolName?: string): Promise<Page | null>;
+    /**
+     * Attempt to recover an untracked target that exists in Chrome.
+     * Cross-origin navigations (OAuth, SSO) can cause Chrome to replace the target
+     * without OpenChrome tracking the new one (we skip targetcreated indexing to
+     * prevent ghost tabs). This fallback re-registers valid targets.
+     */
+    private tryRecoverTarget;
+    /**
+     * Get all pages for a worker
+     */
+    getWorkerPages(sessionId: string, workerId: string): Promise<Page[]>;
+    /**
+     * Get target IDs for a session (all workers)
+     */
+    getSessionTargetIds(sessionId: string): string[];
+    /**
+     * Get target IDs for a specific worker
+     */
+    getWorkerTargetIds(sessionId: string, workerId: string): string[];
+    /**
+     * Validate target ownership (legacy method, checks session only)
+     */
+    validateTargetOwnership(sessionId: string, targetId: string): boolean;
+    /**
+     * Get the worker ID that owns a target
+     */
+    getTargetWorkerId(targetId: string): string | undefined;
+    /**
+     * Get the session and worker that own a target.
+     * Used by CDPClient's targetcreated listener to determine popup ownership.
+     */
+    getTargetOwner(targetId: string): {
+        sessionId: string;
+        workerId: string;
+    } | undefined;
+    /**
+     * Register an externally-created target (e.g., popup via window.open) into a worker.
+     * Only registers if the target is not already tracked, to avoid overwriting ownership.
+     */
+    registerExternalTarget(targetId: string, sessionId: string, workerId: string): void;
+    /**
+     * Close a specific target/tab
+     * @param sessionId Session ID
+     * @param targetId Target/Tab ID to close
+     * @returns true if closed, false if not found
+     */
+    closeTarget(sessionId: string, targetId: string): Promise<boolean>;
+    /**
+     * Close all tabs in a worker (without deleting the worker)
+     * @param sessionId Session ID
+     * @param workerId Worker ID
+     * @returns Number of tabs closed
+     */
+    closeWorkerTabs(sessionId: string, workerId: string): Promise<number>;
+    /**
+     * Execute a CDP command through the session's queue
+     */
+    executeCDP<T = unknown>(sessionId: string, targetId: string, method: string, params?: Record<string, unknown>): Promise<T>;
+    /**
+     * Handle target closed event
+     */
+    onTargetClosed(targetId: string): void;
+    /**
+     * Build an enriched error message for stale target IDs, including available tab IDs
+     * so the LLM can select the correct one without an extra tabs_context round trip.
+     */
+    private buildStaleTargetError;
+    /**
+     * Public wrapper for validateTargetsAfterReconnect().
+     * Called by MCP server before retrying a tool after reconnect.
+     */
+    reconcileAfterReconnect(): Promise<void>;
+    /**
+     * Validate all tracked targets after a reconnection.
+     * Performs bidirectional reconciliation:
+     * 1. Removes targets that no longer exist in Chrome
+     * 2. Re-maps dead target IDs to new live targets by URL matching
+     *    (Chrome may reassign different target IDs to the same logical tabs)
+     */
+    private validateTargetsAfterReconnect;
+    /**
+     * Get session info (for serialization)
+     */
+    getSessionInfo(sessionId: string): SessionInfo | undefined;
+    /**
+     * Get all session infos
+     */
+    getAllSessionInfos(): SessionInfo[];
+    /**
+     * Add event listener
+     */
+    addEventListener(listener: (event: SessionEvent) => void): void;
+    /**
+     * Remove event listener
+     */
+    removeEventListener(listener: (event: SessionEvent) => void): void;
+    /**
+     * Emit event to all listeners
+     */
+    private emitEvent;
+    /**
+     * Get the number of active sessions
+     */
+    get sessionCount(): number;
+    /**
+     * Get the storage state file path for a session
+     */
+    private getStorageStatePath;
+    /**
+     * Get CDPClient
+     */
+    getCDPClient(): CDPClient;
+    /**
+     * Initialize hybrid mode with BrowserRouter
+     */
+    initHybrid(config: HybridConfig): Promise<void>;
+    /**
+     * Get the BrowserRouter (for stats/escalation)
+     */
+    getBrowserRouter(): BrowserRouter | null;
+    /**
+     * Cleanup hybrid mode
+     */
+    cleanupHybrid(): Promise<void>;
+}
+export declare function getSessionManager(): SessionManager;
+/** Reset singleton for testing. Do not use in production code. */
+export declare function _resetSessionManagerForTesting(): void;
+//# sourceMappingURL=session-manager.d.ts.map

package/dist/session-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-manager.d.ts","sourceRoot":"","sources":["../src/session-manager.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,IAAI,EAA0B,MAAM,gBAAgB,CAAC;AAC9D,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACpI,OAAO,EAAE,SAAS,EAAuD,MAAM,cAAc,CAAC;AAC9F,OAAO,EAA2C,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAQ3F,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEvD,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAO9C,MAAM,WAAW,oBAAoB;IACnC,wDAAwD;IACxD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gEAAgE;IAChE,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,0CAA0C;IAC1C,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,gDAAgD;IAChD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gDAAgD;IAChD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,mFAAmF;IACnF,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,gHAAgH;IAChH,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,oFAAoF;IACpF,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,gFAAgF;IAChF,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,iFAAiF;IACjF,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,2DAA2D;IAC3D,YAAY,CAAC,EAAE,kBAAkB,CAAC;CACnC;AAED,MAAM,WAAW,mBAAmB;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,SAAS,CAAC;CAC5B;AAgBD,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAmC;IACnD,OAAO,CAAC,cAAc,CAAmE;IACzF,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,cAAc,CAAkC;IACxD,OAAO,CAAC,UAAU,CAA2B;IAC7C,OAAO,CAAC,UAAU,CAAmB;IACrC,OAAO,CAAC,YAAY,CAAsB;IAC1C,OAAO,CAAC,cAAc,CAAyC;IAC/D,OAAO,CAAC,aAAa,CAA8B;IACnD,OAAO,CAAC,oBAAoB,CAA0C;IACtE,OAAO,CAAC,kBAAkB,CAAmC;IAC7D,OAAO,CAAC,gBAAgB,CAAuC;IAG/D,OAAO,CAAC,MAAM,CAAiC;IAC/C,OAAO,CAAC,YAAY,CAA+B;IACnD,OAAO,CAAC,SAAS,CAAsB;IACvC,OAAO,CAAC,oBAAoB,CAAa;IACzC,OAAO,CAAC,oBAAoB,CAAa;IACzC,OAAO,CAAC,eAAe,CAAuB;gBAElC,SAAS,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,oBAAoB;IA+ChE;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAS7B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAgCxB;;OAEG;IACH,eAAe,IAAI,IAAI;IAOvB;;OAEG;IACH,QAAQ,IAAI,mBAAmB;IA+B/B;;OAEG;IACH,SAAS,IAAI,QAAQ,CAAC,oBAAoB,CAAC;IAI3C;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,IAAI;IAYzD;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC;IAQtC;;OAEG;IACG,aAAa,CAAC,OAAO,GAAE,oBAAyB,GAAG,OAAO,CAAC,OAAO,CAAC;IAqDzE;;OAEG;IACG,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAoB7D;;OAEG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,GAAG,SAAS;IAIlD;;OAEG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAOrC;;OAEG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgDrD;;OAEG;IACG,uBAAuB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAmCjG;;;OAGG;IACG,kBAAkB,IAAI,OAAO,CAAC,MAAM,CAAC;IAoB3C;;;OAGG;IACG,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,GAAE,mBAAwB,GAAG,OAAO,CAAC,MAAM,CAAC;IA0EzF;;OAEG;IACH,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAMlE;;OAEG;IACG,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAc9E;;OAEG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,UAAU,EAAE;IAkB3C;;OAEG;IACG,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAmBtE;;OAEG;YACW,oBAAoB;IAsDlC;;;;;OAKG;IACG,YAAY,CAChB,SAAS,EAAE,MAAM,EACjB,GAAG,CAAC,EAAE,MAAM,EACZ,QAAQ,CAAC,EAAE,MAAM,GAChB,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;YAUhD,iBAAiB;IA+I/B;;;;;;;;;;OAUG;IACG,mBAAmB,CACvB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,EACX,QAAQ,CAAC,EAAE,MAAM,EACjB,QAAQ,GAAE,MAAa,GACtB,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,IAAI,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IAqC9D;;;;OAIG;IACH,sBAAsB,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI;IA0BnF;;OAEG;IACG,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IASvD;;;;;;OAMG;IACG,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAqD9G;;;;;OAKG;YACW,gBAAgB;IAqC9B;;OAEG;IACG,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAgB1E;;OAEG;IACH,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE;IAYhD;;OAEG;IACH,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE;IAMjE;;OAEG;IACH,uBAAuB,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO;IAKrE;;OAEG;IACH,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAIvD;;;OAGG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,GAAG,SAAS;IAIrF;;;OAGG;IACH,sBAAsB,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI;IA0BnF;;;;;OAKG;IACG,WAAW,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4DxE;;;;;OAKG;IACG,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAgB3E;;OAEG;IACG,UAAU,CAAC,CAAC,GAAG,OAAO,EAC1B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC/B,OAAO,CAAC,CAAC,CAAC;IAsBb;;OAEG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IA0BtC;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IAmB7B;;;OAGG;IACG,uBAAuB,IAAI,OAAO,CAAC,IAAI,CAAC;IAI9C;;;;;;OAMG;YACW,6BAA6B;IA8G3C;;OAEG;IACH,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,WAAW,GAAG,SAAS;IA6B1D;;OAEG;IACH,kBAAkB,IAAI,WAAW,EAAE;IAanC;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,YAAY,KAAK,IAAI,GAAG,IAAI;IAI/D;;OAEG;IACH,mBAAmB,CAAC,QAAQ,EAAE,CAAC,KAAK,EAAE,YAAY,KAAK,IAAI,GAAG,IAAI;IAOlE;;OAEG;IACH,OAAO,CAAC,SAAS;IAUjB;;OAEG;IACH,IAAI,YAAY,IAAI,MAAM,CAEzB;IAED;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAQ3B;;OAEG;IACH,YAAY,IAAI,SAAS;IAIzB;;OAEG;IACG,UAAU,CAAC,MAAM,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAOrD;;OAEG;IACH,gBAAgB,IAAI,aAAa,GAAG,IAAI;IAIxC;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;CAOrC;AAKD,wBAAgB,iBAAiB,IAAI,cAAc,CAgBlD;AAED,kEAAkE;AAClE,wBAAgB,8BAA8B,IAAI,IAAI,CAErD"}