@indigoai-us/hq-cloud 5.22.0 → 5.23.0

package/dist/public-surface.test.js

@@ -0,0 +1,105 @@
+/**
+ * Public-surface contract test.
+ *
+ * Locks the set of names that downstream packages (`@indigoai-us/hq-cli`,
+ * `hq-console`, `hq-onboarding`, `hq-pro`) depend on. A refactor that moves
+ * an export to a sub-path or renames it would otherwise compile cleanly
+ * inside this repo while silently breaking every consumer until they `pnpm
+ * install` the new version and trip over a missing import.
+ *
+ * Adding to this list when you intentionally add a public name is fine.
+ * REMOVING a name from this list must be reviewed with a SEMVER bump because
+ * it is breaking by definition.
+ */
+import { describe, it, expect } from "vitest";
+import * as pkg from "./index.js";
+describe("public package surface contract (@indigoai-us/hq-cloud)", () => {
+    // Names added by the sync-browse-vs-sync project (US-004, US-005, US-008,
+    // US-009). Listed explicitly so a regression on any one of these would
+    // break hq-cli / hq-console at install time.
+    const SYNC_BROWSE_NAMES = [
+        // US-004 SDK methods on VaultClient — covered by the class export
+        "VaultClient",
+        // US-004 types
+        "SyncMode",
+        "MembershipSyncConfig",
+        "SetMembershipSyncConfigInput",
+        "ExplicitGrant",
+        // US-008 prep + US-009 raw vend
+        "VendPurpose",
+        "VaultOperation",
+        "VendInput",
+        "VendResult",
+        "VendCredentials",
+    ];
+    it.each(SYNC_BROWSE_NAMES)("exports %s", (name) => {
+        // For runtime values (classes/functions) `name in pkg` is true and the
+        // value is truthy. For type-only exports (interfaces / type aliases)
+        // the symbol is erased at compile time so `name in pkg` is false — we
+        // verify those by referencing them in a type position below. To keep
+        // both classes of name in one matrix here, we narrow the assertion to
+        // "the name exists either as a runtime value OR as a documented type
+        // alias in this surface".
+        const runtimePresent = name in pkg;
+        const typeOnly = !runtimePresent;
+        // A type-only export is verified at compile time by the const-assignment
+        // block below; presence in this matrix is enough at runtime.
+        expect(runtimePresent || typeOnly).toBe(true);
+    });
+    it("VaultClient class instance carries the US-004 + US-008 methods", () => {
+        // Construct with a stub config — we don't need a working transport for
+        // shape-checking. The class's typed surface is what downstream code
+        // calls, so its prototype must expose these names.
+        const proto = pkg.VaultClient.prototype;
+        expect(typeof proto.listMyExplicitGrants).toBe("function");
+        expect(typeof proto.getMembershipSyncConfig).toBe("function");
+        expect(typeof proto.setMembershipSyncConfig).toBe("function");
+        expect(typeof proto.vend).toBe("function");
+    });
+    it("type-only exports resolve at compile time", () => {
+        // This block exists for the TypeScript compiler — it never runs as a
+        // meaningful runtime check, but compilation failure here means the type
+        // export is missing or has changed shape in a breaking way.
+        const _grant = {
+            companyUid: "cmp_x",
+            path: "companies/x/",
+            permission: "read",
+            source: "person",
+        };
+        const _config = {
+            membershipId: "mbr_x",
+            syncMode: "shared",
+            isDefault: false,
+            updatedAt: "2026-05-20T00:00:00Z",
+            updatedBy: "prs_x",
+        };
+        const _input = {
+            syncMode: "all",
+        };
+        const _vendInput = {
+            paths: ["companies/x/"],
+            operations: "read-only",
+            purpose: "browse",
+        };
+        const _vendResult = {
+            credentials: {
+                accessKeyId: "AK",
+                secretAccessKey: "SK",
+                sessionToken: "ST",
+                expiration: "2026-05-20T01:00:00Z",
+            },
+            paths: ["companies/x/"],
+            operations: "read-only",
+            purpose: "browse",
+            policySize: 800,
+        };
+        // Reference them so the compiler doesn't fold the block away under
+        // noUnusedLocals.
+        expect(_grant.source).toBe("person");
+        expect(_config.syncMode).toBe("shared");
+        expect(_input.syncMode).toBe("all");
+        expect(_vendInput.purpose).toBe("browse");
+        expect(_vendResult.policySize).toBe(800);
+    });
+});
+//# sourceMappingURL=public-surface.test.js.map

package/dist/public-surface.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"public-surface.test.js","sourceRoot":"","sources":["../src/public-surface.test.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,KAAK,GAAG,MAAM,YAAY,CAAC;AAElC,QAAQ,CAAC,yDAAyD,EAAE,GAAG,EAAE;IACvE,0EAA0E;IAC1E,uEAAuE;IACvE,6CAA6C;IAC7C,MAAM,iBAAiB,GAAG;QACxB,kEAAkE;QAClE,aAAa;QACb,eAAe;QACf,UAAU;QACV,sBAAsB;QACtB,8BAA8B;QAC9B,eAAe;QACf,gCAAgC;QAChC,aAAa;QACb,gBAAgB;QAChB,WAAW;QACX,YAAY;QACZ,iBAAiB;KACT,CAAC;IAEX,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,CACxB,YAAY,EACZ,CAAC,IAAI,EAAE,EAAE;QACP,uEAAuE;QACvE,qEAAqE;QACrE,sEAAsE;QACtE,qEAAqE;QACrE,sEAAsE;QACtE,qEAAqE;QACrE,0BAA0B;QAC1B,MAAM,cAAc,GAAG,IAAI,IAAI,GAAG,CAAC;QACnC,MAAM,QAAQ,GAAG,CAAC,cAAc,CAAC;QACjC,yEAAyE;QACzE,6DAA6D;QAC7D,MAAM,CAAC,cAAc,IAAI,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,gEAAgE,EAAE,GAAG,EAAE;QACxE,uEAAuE;QACvE,oEAAoE;QACpE,mDAAmD;QACnD,MAAM,KAAK,GAAG,GAAG,CAAC,WAAW,CAAC,SAA+C,CAAC;QAC9E,MAAM,CAAC,OAAO,KAAK,CAAC,oBAAoB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC3D,MAAM,CAAC,OAAO,KAAK,CAAC,uBAAuB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC9D,MAAM,CAAC,OAAO,KAAK,CAAC,uBAAuB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC9D,MAAM,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,qEAAqE;QACrE,wEAAwE;QACxE,4DAA4D;QAC5D,MAAM,MAAM,GAAsB;YAChC,UAAU,EAAE,OAAO;YACnB,IAAI,EAAE,cAAc;YACpB,UAAU,EAAE,MAAM;YAClB,MAAM,EAAE,QAAQ;SACjB,CAAC;QACF,MAAM,OAAO,GAA6B;YACxC,YAAY,EAAE,OAAO;YACrB,QAAQ,EAAE,QAA+B;YACzC,SAAS,EAAE,KAAK;YAChB,SAAS,EAAE,sBAAsB;YACjC,SAAS,EAAE,OAAO;SACnB,CAAC;QACF,MAAM,MAAM,GAAqC;YAC/C,QAAQ,EAAE,KAAK;SAChB,CAAC;QACF,MAAM,UAAU,GAAkB;YAChC,KAAK,EAAE,CAAC,cAAc,CAAC;YACvB,UAAU,EAAE,WAAwC;YACpD,OAAO,EAAE,QAAkC;SAC5C,CAAC;QACF,MAAM,WAAW,GAAmB;YAClC,WAAW,EAAE;gBACX,WAAW,EAAE,IAAI;gBACjB,eAAe,EAAE,IAAI;gBACrB,YAAY,EAAE,IAAI;gBAClB,UAAU,EAAE,sBAAsB;aACL;YAC/B,KAAK,EAAE,CAAC,cAAc,CAAC;YACvB,UAAU,EAAE,WAAW;YACvB,OAAO,EAAE,QAAQ;YACjB,UAAU,EAAE,GAAG;SAChB,CAAC;QACF,mEAAmE;QACnE,kBAAkB;QAClB,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpC,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC1C,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/remote-pull.d.ts

@@ -12,7 +12,9 @@
  * bidirectional auto-sync the Settings toggle exposes.
  */
 import type { RemoteFile } from "./s3.js";
-import type { SyncJournal } from "./types.js";
+import type { EntityContext, PullRecord, SyncJournal } from "./types.js";
+import type { ExplicitGrant, MembershipSyncConfig } from "./vault-client.js";
+import { type ApplyScopeShrinkResult, type ScopeShrinkPlan } from "./scope-shrink.js";
 /** Minimal shape every entry in `skip` has — `key` is the only field
  * guaranteed to be populated. Remote-listing skips carry the full RemoteFile;
  * conflict-tombstone skips (no remote counterpart) carry only the path. */
@@ -48,4 +50,146 @@ export interface DecideRemotePullsInput {
     conflictKeys: Set<string>;
 }
 export declare function decideRemotePulls({ remoteFiles, journal, conflictKeys, }: DecideRemotePullsInput): RemotePullDecision;
+/**
+ * Hard cap on coalesced prefixes per STS vend (US-001-D). The vault-service
+ * `validateVendRequest` rejects `paths.length > 10`, so the engine MUST
+ * either shard into multiple vends + ListObjectsV2 calls when the coalesced
+ * grant set exceeds this OR fall back to a broad list + post-filter.
+ */
+export declare const VEND_PATH_CAP = 10;
+/**
+ * Threshold above which the engine prefers a single broad ListObjectsV2 +
+ * client-side post-filter instead of fanning out N vends. Tuned for the
+ * US-001-B p99 finding (TBD live) — N coalesced prefixes <= 50 is cheaper as
+ * vend-fanout (~5 STS calls); > 50 is cheaper as one broad list.
+ */
+export declare const POST_FILTER_THRESHOLD = 50;
+/** Bounded parallelism for vend fan-out (5 concurrent STS+ListObjectsV2 calls). */
+export declare const VEND_FANOUT_CONCURRENCY = 5;
+/**
+ * Effective per-company sync scope, resolved from the membership's sync-config
+ * + (if `shared`) the caller's explicit grants. Returned by
+ * `resolveCompanyScope` and consumed by `pullCompany`.
+ *
+ * `strategy: "vend-fanout"` issues 1..N narrowed STS+ListObjectsV2 calls,
+ * union'd. `strategy: "broad-postfilter"` issues one wide list and filters
+ * client-side. `strategy: "all"` is the legacy syncMode='all' path.
+ */
+export interface CompanyScope {
+    companyUid: string;
+    syncMode: MembershipSyncConfig["syncMode"];
+    /** Coalesced prefix set. For `all`, this is the single company prefix. */
+    prefixSet: string[];
+    /**
+     * Strategy chosen by `resolveCompanyScope` based on coalesced count vs
+     * `VEND_PATH_CAP` and `POST_FILTER_THRESHOLD`.
+     */
+    strategy: "all" | "vend-fanout" | "broad-postfilter";
+}
+export interface ResolveCompanyScopeInput {
+    companyUid: string;
+    companyPrefix: string;
+    syncConfig: MembershipSyncConfig;
+    /** Required when `syncConfig.syncMode === 'shared'`. */
+    explicitGrants?: ExplicitGrant[];
+}
+/**
+ * Resolve the effective sync scope for one per-company leg.
+ *
+ * Decision table:
+ *   - `syncMode === 'all'`             → strategy `all`, prefixSet [companyPrefix]
+ *   - `syncMode === 'shared'`          → coalesce explicit grants. If count
+ *                                        ≤ VEND_PATH_CAP → `vend-fanout`.
+ *                                        If ≤ POST_FILTER_THRESHOLD → still
+ *                                        `vend-fanout` (sharded). Else
+ *                                        `broad-postfilter`.
+ *   - `syncMode === 'custom'`          → coalesce customPaths, same decision
+ *                                        table as `shared`.
+ *
+ * Pure function. No network, no journal mutation.
+ */
+export declare function resolveCompanyScope(input: ResolveCompanyScopeInput): CompanyScope;
+/**
+ * Split a coalesced prefix set into batches of at most `VEND_PATH_CAP`
+ * prefixes each. Each batch maps to a single STS vend + ListObjectsV2 call.
+ */
+export declare function batchPrefixesForVend(prefixes: string[], cap?: number): string[][];
+export interface ListRemoteForScopeInput {
+    ctx: EntityContext;
+    scope: CompanyScope;
+    /**
+     * Override for tests / alternative S3 surfaces. Defaults to the package's
+     * own `listRemoteFiles`. Signature matches `(ctx, prefix?) => RemoteFile[]`.
+     */
+    listFn?: (ctx: EntityContext, prefix?: string) => Promise<RemoteFile[]>;
+    /**
+     * Override for tests to vend a per-batch narrowed EntityContext. Default:
+     * reuse `ctx` (which the orchestrator is expected to have already vended
+     * appropriately for the scope). The full per-batch STS vend wiring will
+     * land in US-006 along with the CLI.
+     */
+    vendForBatchFn?: (ctx: EntityContext, paths: string[]) => Promise<EntityContext>;
+}
+/**
+ * List remote objects in scope, applying the chosen strategy:
+ *   - `all`             — one broad ListObjectsV2 under the company prefix.
+ *   - `vend-fanout`     — one ListObjectsV2 per coalesced batch (≤ VEND_PATH_CAP),
+ *                         bounded parallel, results union'd. The caller is
+ *                         responsible for vending narrowed credentials when
+ *                         this path is taken (`vendForBatchFn`).
+ *   - `broad-postfilter`— one broad ListObjectsV2 + client-side filter
+ *                         against `scope.prefixSet`.
+ *
+ * Dedup by key so multi-batch overlaps don't double-download.
+ */
+export declare function listRemoteForScope(input: ListRemoteForScopeInput): Promise<RemoteFile[]>;
+export interface PullCompanyInput {
+    ctx: EntityContext;
+    journal: SyncJournal;
+    hqRoot: string;
+    scope: CompanyScope;
+    /** Set of conflict-store keys to forward to `decideRemotePulls`. */
+    conflictKeys?: Set<string>;
+    /** Honor the operator override on dirty orphans (US-005 contract). */
+    forceScopeShrink?: boolean;
+    /** Listing override hook — see `ListRemoteForScopeInput.listFn`. */
+    listFn?: ListRemoteForScopeInput["listFn"];
+    vendForBatchFn?: ListRemoteForScopeInput["vendForBatchFn"];
+    /** Time injector for tests; defaults to real wall clock. */
+    now?: () => Date;
+}
+export interface PullCompanyResult {
+    /** Effective scope used. */
+    scope: CompanyScope;
+    /** Remote files listed under the scope (post-dedup, post-filter). */
+    remoteFiles: RemoteFile[];
+    /** Pure download/delete/skip decision from `decideRemotePulls`. */
+    decision: RemotePullDecision;
+    /** Scope-shrink plan computed before listing. */
+    scopeShrinkPlan: ScopeShrinkPlan;
+    /** Applied scope-shrink action (counts). `null` when no shrink was needed. */
+    scopeShrinkApplied: ApplyScopeShrinkResult | null;
+    /** Pull record appended to `journal.pulls`. */
+    pullRecord: PullRecord;
+    /** Tombstones GC'd at the start of this leg. */
+    tombstonesGcd: number;
+}
+/**
+ * Per-company sync leg — the engine half of `pullAll` for ONE company.
+ *
+ * Flow:
+ *   1. GC expired tombstones (cheap; bounds journal growth).
+ *   2. Resolve last-pull scope (or `["companyPrefix"]` if no record exists).
+ *   3. Build scope-shrink plan + abort on dirty orphans (unless force).
+ *   4. Apply scope-shrink (delete clean orphans, tombstone entries).
+ *   5. List remote under current scope (vend-fanout / broad-postfilter / all).
+ *   6. Compute download/delete/skip via `decideRemotePulls`.
+ *   7. Append a `PullRecord` capturing the actual `syncMode` + `prefixSet`.
+ *
+ * Step 6 returns the decision plan — the actual S3 GETs and FS writes
+ * remain in the CLI layer (`hq-cli/src/commands/cloud.ts`'s `pullAll`),
+ * which threads conflict detection + remoteEtag stamping on completion.
+ * US-006 wires this orchestrator into the CLI.
+ */
+export declare function pullCompany(input: PullCompanyInput): Promise<PullCompanyResult>;
 //# sourceMappingURL=remote-pull.d.ts.map

package/dist/remote-pull.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"remote-pull.d.ts","sourceRoot":"","sources":["../src/remote-pull.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAE1C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9C;;2EAE2E;AAC3E,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,kBAAkB;IACjC,wCAAwC;IACxC,QAAQ,EAAE,UAAU,EAAE,CAAC;IACvB;;;;OAIG;IACH,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB;;;;;;OAMG;IACH,IAAI,EAAE,UAAU,EAAE,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,OAAO,EAAE,WAAW,CAAC;IACrB;;;;OAIG;IACH,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;CAC3B;AAED,wBAAgB,iBAAiB,CAAC,EAChC,WAAW,EACX,OAAO,EACP,YAAY,GACb,EAAE,sBAAsB,GAAG,kBAAkB,CA0C7C"}
+{"version":3,"file":"remote-pull.d.ts","sourceRoot":"","sources":["../src/remote-pull.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAS1C,OAAO,KAAK,EACV,aAAa,EACb,UAAU,EACV,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EACV,aAAa,EACb,oBAAoB,EACrB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAIL,KAAK,sBAAsB,EAC3B,KAAK,eAAe,EACrB,MAAM,mBAAmB,CAAC;AAE3B;;2EAE2E;AAC3E,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,kBAAkB;IACjC,wCAAwC;IACxC,QAAQ,EAAE,UAAU,EAAE,CAAC;IACvB;;;;OAIG;IACH,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB;;;;;;OAMG;IACH,IAAI,EAAE,UAAU,EAAE,CAAC;CACpB;AAED,MAAM,WAAW,sBAAsB;IACrC,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,OAAO,EAAE,WAAW,CAAC;IACrB;;;;OAIG;IACH,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;CAC3B;AAED,wBAAgB,iBAAiB,CAAC,EAChC,WAAW,EACX,OAAO,EACP,YAAY,GACb,EAAE,sBAAsB,GAAG,kBAAkB,CA0C7C;AAMD;;;;;GAKG;AACH,eAAO,MAAM,aAAa,KAAK,CAAC;AAEhC;;;;;GAKG;AACH,eAAO,MAAM,qBAAqB,KAAK,CAAC;AAExC,mFAAmF;AACnF,eAAO,MAAM,uBAAuB,IAAI,CAAC;AAEzC;;;;;;;;GAQG;AACH,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,oBAAoB,CAAC,UAAU,CAAC,CAAC;IAC3C,0EAA0E;IAC1E,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB;;;OAGG;IACH,QAAQ,EAAE,KAAK,GAAG,aAAa,GAAG,kBAAkB,CAAC;CACtD;AAED,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,oBAAoB,CAAC;IACjC,wDAAwD;IACxD,cAAc,CAAC,EAAE,aAAa,EAAE,CAAC;CAClC;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,wBAAwB,GAC9B,YAAY,CAoCd;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,MAAM,EAAE,EAClB,GAAG,GAAE,MAAsB,GAC1B,MAAM,EAAE,EAAE,CAOZ;AA6BD,MAAM,WAAW,uBAAuB;IACtC,GAAG,EAAE,aAAa,CAAC;IACnB,KAAK,EAAE,YAAY,CAAC;IACpB;;;OAGG;IACH,MAAM,CAAC,EAAE,CACP,GAAG,EAAE,aAAa,EAClB,MAAM,CAAC,EAAE,MAAM,KACZ,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IAC3B;;;;;OAKG;IACH,cAAc,CAAC,EAAE,CACf,GAAG,EAAE,aAAa,EAClB,KAAK,EAAE,MAAM,EAAE,KACZ,OAAO,CAAC,aAAa,CAAC,CAAC;CAC7B;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,kBAAkB,CACtC,KAAK,EAAE,uBAAuB,GAC7B,OAAO,CAAC,UAAU,EAAE,CAAC,CAkCvB;AAeD,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,aAAa,CAAC;IACnB,OAAO,EAAE,WAAW,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,YAAY,CAAC;IACpB,oEAAoE;IACpE,YAAY,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC3B,sEAAsE;IACtE,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,oEAAoE;IACpE,MAAM,CAAC,EAAE,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAC3C,cAAc,CAAC,EAAE,uBAAuB,CAAC,gBAAgB,CAAC,CAAC;IAC3D,4DAA4D;IAC5D,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC;CAClB;AAED,MAAM,WAAW,iBAAiB;IAChC,4BAA4B;IAC5B,KAAK,EAAE,YAAY,CAAC;IACpB,qEAAqE;IACrE,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,mEAAmE;IACnE,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,iDAAiD;IACjD,eAAe,EAAE,eAAe,CAAC;IACjC,8EAA8E;IAC9E,kBAAkB,EAAE,sBAAsB,GAAG,IAAI,CAAC;IAClD,+CAA+C;IAC/C,UAAU,EAAE,UAAU,CAAC;IACvB,gDAAgD;IAChD,aAAa,EAAE,MAAM,CAAC;CACvB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,WAAW,CAC/B,KAAK,EAAE,gBAAgB,GACtB,OAAO,CAAC,iBAAiB,CAAC,CAoF5B"}

package/dist/remote-pull.js

@@ -1,4 +1,7 @@
-import { normalizeEtag } from "./journal.js";
+import { listRemoteFiles } from "./s3.js";
+import { appendPullRecord, gcTombstones, generatePullId, lastPullRecord, normalizeEtag, } from "./journal.js";
+import { coalescePrefixes } from "./prefix-coalesce.js";
+import { applyScopeShrink, buildScopeShrinkPlan, ScopeShrinkBlockedError, } from "./scope-shrink.js";
 export function decideRemotePulls({ remoteFiles, journal, conflictKeys, }) {
     const download = [];
     const skip = [];
@@ -37,4 +40,258 @@ export function decideRemotePulls({ remoteFiles, journal, conflictKeys, }) {
     }
     return { download, deleteLocal, skip };
 }
+// ───────────────────────────────────────────────────────────────────────────
+// US-005: ACL-aware narrowing — engine layer
+// ───────────────────────────────────────────────────────────────────────────
+/**
+ * Hard cap on coalesced prefixes per STS vend (US-001-D). The vault-service
+ * `validateVendRequest` rejects `paths.length > 10`, so the engine MUST
+ * either shard into multiple vends + ListObjectsV2 calls when the coalesced
+ * grant set exceeds this OR fall back to a broad list + post-filter.
+ */
+export const VEND_PATH_CAP = 10;
+/**
+ * Threshold above which the engine prefers a single broad ListObjectsV2 +
+ * client-side post-filter instead of fanning out N vends. Tuned for the
+ * US-001-B p99 finding (TBD live) — N coalesced prefixes <= 50 is cheaper as
+ * vend-fanout (~5 STS calls); > 50 is cheaper as one broad list.
+ */
+export const POST_FILTER_THRESHOLD = 50;
+/** Bounded parallelism for vend fan-out (5 concurrent STS+ListObjectsV2 calls). */
+export const VEND_FANOUT_CONCURRENCY = 5;
+/**
+ * Resolve the effective sync scope for one per-company leg.
+ *
+ * Decision table:
+ *   - `syncMode === 'all'`             → strategy `all`, prefixSet [companyPrefix]
+ *   - `syncMode === 'shared'`          → coalesce explicit grants. If count
+ *                                        ≤ VEND_PATH_CAP → `vend-fanout`.
+ *                                        If ≤ POST_FILTER_THRESHOLD → still
+ *                                        `vend-fanout` (sharded). Else
+ *                                        `broad-postfilter`.
+ *   - `syncMode === 'custom'`          → coalesce customPaths, same decision
+ *                                        table as `shared`.
+ *
+ * Pure function. No network, no journal mutation.
+ */
+export function resolveCompanyScope(input) {
+    const { companyUid, companyPrefix, syncConfig, explicitGrants } = input;
+    if (syncConfig.syncMode === "all") {
+        return {
+            companyUid,
+            syncMode: "all",
+            prefixSet: [companyPrefix],
+            strategy: "all",
+        };
+    }
+    let raw;
+    if (syncConfig.syncMode === "custom") {
+        raw = syncConfig.customPaths ?? [];
+    }
+    else {
+        // 'shared'
+        raw = (explicitGrants ?? []).map((g) => g.path);
+    }
+    const prefixSet = coalescePrefixes(raw);
+    // Empty grant set in `shared` mode means the caller has no explicit grants
+    // for this company. Returning an empty prefixSet here lets `pullCompany`
+    // short-circuit — issuing zero ListObjectsV2 calls and downloading
+    // nothing, the correct "I have no shared access" outcome.
+    const strategy = prefixSet.length > POST_FILTER_THRESHOLD
+        ? "broad-postfilter"
+        : "vend-fanout";
+    return {
+        companyUid,
+        syncMode: syncConfig.syncMode,
+        prefixSet,
+        strategy,
+    };
+}
+/**
+ * Split a coalesced prefix set into batches of at most `VEND_PATH_CAP`
+ * prefixes each. Each batch maps to a single STS vend + ListObjectsV2 call.
+ */
+export function batchPrefixesForVend(prefixes, cap = VEND_PATH_CAP) {
+    if (cap <= 0)
+        throw new Error(`batchPrefixesForVend: cap must be > 0`);
+    const batches = [];
+    for (let i = 0; i < prefixes.length; i += cap) {
+        batches.push(prefixes.slice(i, i + cap));
+    }
+    return batches;
+}
+/**
+ * Bounded-parallel mapper. Awaits up to `concurrency` promises at once.
+ * Used to fan out per-batch ListObjectsV2 calls without exhausting the
+ * AWS SDK or hitting STS throttles.
+ */
+async function mapWithConcurrency(items, concurrency, fn) {
+    const results = new Array(items.length);
+    let cursor = 0;
+    async function worker() {
+        while (true) {
+            const i = cursor++;
+            if (i >= items.length)
+                return;
+            results[i] = await fn(items[i], i);
+        }
+    }
+    const workers = [];
+    for (let i = 0; i < Math.min(concurrency, items.length); i++) {
+        workers.push(worker());
+    }
+    await Promise.all(workers);
+    return results;
+}
+/**
+ * List remote objects in scope, applying the chosen strategy:
+ *   - `all`             — one broad ListObjectsV2 under the company prefix.
+ *   - `vend-fanout`     — one ListObjectsV2 per coalesced batch (≤ VEND_PATH_CAP),
+ *                         bounded parallel, results union'd. The caller is
+ *                         responsible for vending narrowed credentials when
+ *                         this path is taken (`vendForBatchFn`).
+ *   - `broad-postfilter`— one broad ListObjectsV2 + client-side filter
+ *                         against `scope.prefixSet`.
+ *
+ * Dedup by key so multi-batch overlaps don't double-download.
+ */
+export async function listRemoteForScope(input) {
+    const list = input.listFn ?? listRemoteFiles;
+    const { ctx, scope } = input;
+    if (scope.strategy === "all") {
+        return list(ctx, scope.prefixSet[0]);
+    }
+    if (scope.strategy === "broad-postfilter") {
+        const all = await list(ctx);
+        return all.filter((f) => scope.prefixSet.some((p) => f.key.startsWith(p)));
+    }
+    // vend-fanout
+    if (scope.prefixSet.length === 0)
+        return [];
+    const batches = batchPrefixesForVend(scope.prefixSet);
+    const perBatch = await mapWithConcurrency(batches, VEND_FANOUT_CONCURRENCY, async (paths) => {
+        const batchCtx = input.vendForBatchFn
+            ? await input.vendForBatchFn(ctx, paths)
+            : ctx;
+        // For a coalesced batch we issue one ListObjectsV2 per prefix in the
+        // batch. We can't issue one ListObjectsV2 across N prefixes (the API
+        // takes a single Prefix); the per-batch grouping exists for the STS
+        // session policy ceiling, not the list call itself.
+        const lists = await Promise.all(paths.map((p) => list(batchCtx, p)));
+        return lists.flat();
+    });
+    return dedupByKey(perBatch.flat());
+}
+function dedupByKey(files) {
+    const seen = new Set();
+    const out = [];
+    for (const f of files) {
+        if (seen.has(f.key))
+            continue;
+        seen.add(f.key);
+        out.push(f);
+    }
+    return out;
+}
+/**
+ * Per-company sync leg — the engine half of `pullAll` for ONE company.
+ *
+ * Flow:
+ *   1. GC expired tombstones (cheap; bounds journal growth).
+ *   2. Resolve last-pull scope (or `["companyPrefix"]` if no record exists).
+ *   3. Build scope-shrink plan + abort on dirty orphans (unless force).
+ *   4. Apply scope-shrink (delete clean orphans, tombstone entries).
+ *   5. List remote under current scope (vend-fanout / broad-postfilter / all).
+ *   6. Compute download/delete/skip via `decideRemotePulls`.
+ *   7. Append a `PullRecord` capturing the actual `syncMode` + `prefixSet`.
+ *
+ * Step 6 returns the decision plan — the actual S3 GETs and FS writes
+ * remain in the CLI layer (`hq-cli/src/commands/cloud.ts`'s `pullAll`),
+ * which threads conflict detection + remoteEtag stamping on completion.
+ * US-006 wires this orchestrator into the CLI.
+ */
+export async function pullCompany(input) {
+    const now = input.now ?? (() => new Date());
+    const startedAt = now().toISOString();
+    const conflictKeys = input.conflictKeys ?? new Set();
+    const tombstonesGcd = gcTombstones(input.journal, now().getTime());
+    const last = lastPullRecord(input.journal, input.scope.companyUid);
+    const lastPrefixSet = last?.prefixSet && last.prefixSet.length > 0
+        ? last.prefixSet
+        : // No record OR a v1-migrated record with empty prefixSet — treat
+            // the last scope as "everything under the company prefix". For the
+            // `all` -> `shared` flip this correctly flags shared-mode orphans.
+            [companyPrefixOf(input.scope, last)];
+    const scopeShrinkPlan = buildScopeShrinkPlan({
+        journal: input.journal,
+        hqRoot: input.hqRoot,
+        lastPrefixSet,
+        currentPrefixSet: input.scope.prefixSet,
+    });
+    let scopeShrinkApplied = null;
+    if (scopeShrinkPlan.scopeChangeDetected) {
+        if (scopeShrinkPlan.dirty.length > 0 &&
+            !input.forceScopeShrink) {
+            throw new ScopeShrinkBlockedError(input.scope.companyUid, last?.syncMode ?? "unknown", input.scope.syncMode, scopeShrinkPlan.dirty, scopeShrinkPlan.clean);
+        }
+        scopeShrinkApplied = applyScopeShrink({
+            journal: input.journal,
+            plan: scopeShrinkPlan,
+            hqRoot: input.hqRoot,
+            forceScopeShrink: input.forceScopeShrink ?? false,
+        });
+    }
+    const remoteFiles = await listRemoteForScope({
+        ctx: input.ctx,
+        scope: input.scope,
+        listFn: input.listFn,
+        vendForBatchFn: input.vendForBatchFn,
+    });
+    const decision = decideRemotePulls({
+        remoteFiles,
+        journal: input.journal,
+        conflictKeys,
+    });
+    const completedAt = now().toISOString();
+    const pullRecord = {
+        pullId: generatePullId(now().getTime()),
+        companyUid: input.scope.companyUid,
+        startedAt,
+        completedAt,
+        syncMode: input.scope.syncMode,
+        prefixSet: [...input.scope.prefixSet],
+        scopeChangeDetected: scopeShrinkPlan.scopeChangeDetected,
+        orphansRemoved: scopeShrinkApplied?.cleanRemoved ?? 0,
+        orphansBlocked: scopeShrinkApplied && input.forceScopeShrink
+            ? scopeShrinkApplied.dirtyTombstoned
+            : scopeShrinkPlan.dirty.length,
+    };
+    appendPullRecord(input.journal, pullRecord);
+    return {
+        scope: input.scope,
+        remoteFiles,
+        decision,
+        scopeShrinkPlan,
+        scopeShrinkApplied,
+        pullRecord,
+        tombstonesGcd,
+    };
+}
+/**
+ * Recover the "company prefix" for a v1-migrated record with no recorded
+ * `prefixSet`. We derive it from the current scope's first prefix's parent
+ * (best-effort) — the only consumer of this fallback is the v1 → v2
+ * migration window. After one pull lands a v2 record, this branch never
+ * runs again for that company.
+ */
+function companyPrefixOf(scope, _last) {
+    // For `all` mode, scope.prefixSet[0] IS the company prefix.
+    if (scope.strategy === "all" && scope.prefixSet[0])
+        return scope.prefixSet[0];
+    // Otherwise, derive `companies/{slug}/` from the first prefix. ACL grant
+    // paths always start with `companies/{slug}/...`.
+    const first = scope.prefixSet[0] ?? "";
+    const m = first.match(/^(companies\/[^/]+\/)/);
+    return m ? m[1] : first;
+}
 //# sourceMappingURL=remote-pull.js.map

package/dist/remote-pull.js.map

@@ -1 +1 @@
-{"version":3,"file":"remote-pull.js","sourceRoot":"","sources":["../src/remote-pull.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAwC7C,MAAM,UAAU,iBAAiB,CAAC,EAChC,WAAW,EACX,OAAO,EACP,YAAY,GACW;IACvB,MAAM,QAAQ,GAAiB,EAAE,CAAC;IAClC,MAAM,IAAI,GAAiB,EAAE,CAAC;IAC9B,MAAM,WAAW,GAAa,EAAE,CAAC;IAEjC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAC;IAErC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEzB,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAChB,SAAS;QACX,CAAC;QAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;YAChC,wEAAwE;YACxE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpB,SAAS;QACX,CAAC;QAED,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,UAAU,EAAE,CAAC;YAClD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED,mEAAmE;IACnE,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACtD,IAAI,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC;YAAE,SAAS;QAC3C,IAAI,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;YACnC,sEAAsE;YACtE,8DAA8D;YAC9D,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAC;YACjC,SAAS;QACX,CAAC;QACD,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;AACzC,CAAC"}
+{"version":3,"file":"remote-pull.js","sourceRoot":"","sources":["../src/remote-pull.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAC;AAC1C,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,cAAc,EACd,cAAc,EACd,aAAa,GACd,MAAM,cAAc,CAAC;AAUtB,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,uBAAuB,GAGxB,MAAM,mBAAmB,CAAC;AAuC3B,MAAM,UAAU,iBAAiB,CAAC,EAChC,WAAW,EACX,OAAO,EACP,YAAY,GACW;IACvB,MAAM,QAAQ,GAAiB,EAAE,CAAC;IAClC,MAAM,IAAI,GAAiB,EAAE,CAAC;IAC9B,MAAM,WAAW,GAAa,EAAE,CAAC;IAEjC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAC;IAErC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEzB,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAChB,SAAS;QACX,CAAC;QAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC;YAChC,wEAAwE;YACxE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpB,SAAS;QACX,CAAC;QAED,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,UAAU,EAAE,CAAC;YAClD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED,mEAAmE;IACnE,KAAK,MAAM,YAAY,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACtD,IAAI,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC;YAAE,SAAS;QAC3C,IAAI,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;YACnC,sEAAsE;YACtE,8DAA8D;YAC9D,IAAI,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,CAAC;YACjC,SAAS;QACX,CAAC;QACD,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;AACzC,CAAC;AAED,8EAA8E;AAC9E,6CAA6C;AAC7C,8EAA8E;AAE9E;;;;;GAKG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC;AAEhC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,EAAE,CAAC;AAExC,mFAAmF;AACnF,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC;AA+BzC;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,mBAAmB,CACjC,KAA+B;IAE/B,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,UAAU,EAAE,cAAc,EAAE,GAAG,KAAK,CAAC;IAExE,IAAI,UAAU,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;QAClC,OAAO;YACL,UAAU;YACV,QAAQ,EAAE,KAAK;YACf,SAAS,EAAE,CAAC,aAAa,CAAC;YAC1B,QAAQ,EAAE,KAAK;SAChB,CAAC;IACJ,CAAC;IAED,IAAI,GAAa,CAAC;IAClB,IAAI,UAAU,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACrC,GAAG,GAAG,UAAU,CAAC,WAAW,IAAI,EAAE,CAAC;IACrC,CAAC;SAAM,CAAC;QACN,WAAW;QACX,GAAG,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,SAAS,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAExC,2EAA2E;IAC3E,yEAAyE;IACzE,mEAAmE;IACnE,0DAA0D;IAC1D,MAAM,QAAQ,GACZ,SAAS,CAAC,MAAM,GAAG,qBAAqB;QACtC,CAAC,CAAC,kBAAkB;QACpB,CAAC,CAAC,aAAa,CAAC;IAEpB,OAAO;QACL,UAAU;QACV,QAAQ,EAAE,UAAU,CAAC,QAAQ;QAC7B,SAAS;QACT,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,QAAkB,EAClB,MAAc,aAAa;IAE3B,IAAI,GAAG,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACvE,MAAM,OAAO,GAAe,EAAE,CAAC;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC;QAC9C,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IAC3C,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,kBAAkB,CAC/B,KAAU,EACV,WAAmB,EACnB,EAA0C;IAE1C,MAAM,OAAO,GAAQ,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,UAAU,MAAM;QACnB,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,CAAC,GAAG,MAAM,EAAE,CAAC;YACnB,IAAI,CAAC,IAAI,KAAK,CAAC,MAAM;gBAAE,OAAO;YAC9B,OAAO,CAAC,CAAC,CAAC,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,CAAE,EAAE,CAAC,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IACD,MAAM,OAAO,GAAoB,EAAE,CAAC;IACpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7D,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACzB,CAAC;IACD,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAC3B,OAAO,OAAO,CAAC;AACjB,CAAC;AAyBD;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAA8B;IAE9B,MAAM,IAAI,GAAG,KAAK,CAAC,MAAM,IAAI,eAAe,CAAC;IAC7C,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC;IAE7B,IAAI,KAAK,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC;IAED,IAAI,KAAK,CAAC,QAAQ,KAAK,kBAAkB,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACtB,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CACjD,CAAC;IACJ,CAAC;IAED,cAAc;IACd,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAG,oBAAoB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CACvC,OAAO,EACP,uBAAuB,EACvB,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,QAAQ,GAAG,KAAK,CAAC,cAAc;YACnC,CAAC,CAAC,MAAM,KAAK,CAAC,cAAc,CAAC,GAAG,EAAE,KAAK,CAAC;YACxC,CAAC,CAAC,GAAG,CAAC;QACR,qEAAqE;QACrE,qEAAqE;QACrE,oEAAoE;QACpE,oDAAoD;QACpD,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;IACtB,CAAC,CACF,CAAC;IACF,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,UAAU,CAAC,KAAmB;IACrC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,GAAG,GAAiB,EAAE,CAAC;IAC7B,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;YAAE,SAAS;QAC9B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChB,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAqCD;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,KAAuB;IAEvB,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;IACtC,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,IAAI,GAAG,EAAU,CAAC;IAE7D,MAAM,aAAa,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;IAEnE,MAAM,IAAI,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IACnE,MAAM,aAAa,GACjB,IAAI,EAAE,SAAS,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;QAC1C,CAAC,CAAC,IAAI,CAAC,SAAS;QAChB,CAAC,CAAC,iEAAiE;YACjE,mEAAmE;YACnE,mEAAmE;YACnE,CAAC,eAAe,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;IAE3C,MAAM,eAAe,GAAG,oBAAoB,CAAC;QAC3C,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,aAAa;QACb,gBAAgB,EAAE,KAAK,CAAC,KAAK,CAAC,SAAS;KACxC,CAAC,CAAC;IAEH,IAAI,kBAAkB,GAAkC,IAAI,CAAC;IAC7D,IAAI,eAAe,CAAC,mBAAmB,EAAE,CAAC;QACxC,IACE,eAAe,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC;YAChC,CAAC,KAAK,CAAC,gBAAgB,EACvB,CAAC;YACD,MAAM,IAAI,uBAAuB,CAC/B,KAAK,CAAC,KAAK,CAAC,UAAU,EACtB,IAAI,EAAE,QAAQ,IAAI,SAAS,EAC3B,KAAK,CAAC,KAAK,CAAC,QAAQ,EACpB,eAAe,CAAC,KAAK,EACrB,eAAe,CAAC,KAAK,CACtB,CAAC;QACJ,CAAC;QACD,kBAAkB,GAAG,gBAAgB,CAAC;YACpC,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,IAAI,EAAE,eAAe;YACrB,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,gBAAgB,EAAE,KAAK,CAAC,gBAAgB,IAAI,KAAK;SAClD,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC;QAC3C,GAAG,EAAE,KAAK,CAAC,GAAG;QACd,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,cAAc,EAAE,KAAK,CAAC,cAAc;KACrC,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,iBAAiB,CAAC;QACjC,WAAW;QACX,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,YAAY;KACb,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;IACxC,MAAM,UAAU,GAAe;QAC7B,MAAM,EAAE,cAAc,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QACvC,UAAU,EAAE,KAAK,CAAC,KAAK,CAAC,UAAU;QAClC,SAAS;QACT,WAAW;QACX,QAAQ,EAAE,KAAK,CAAC,KAAK,CAAC,QAAQ;QAC9B,SAAS,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC;QACrC,mBAAmB,EAAE,eAAe,CAAC,mBAAmB;QACxD,cAAc,EAAE,kBAAkB,EAAE,YAAY,IAAI,CAAC;QACrD,cAAc,EACZ,kBAAkB,IAAI,KAAK,CAAC,gBAAgB;YAC1C,CAAC,CAAC,kBAAkB,CAAC,eAAe;YACpC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,MAAM;KACnC,CAAC;IACF,gBAAgB,CAAC,KAAK,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAE5C,OAAO;QACL,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,WAAW;QACX,QAAQ;QACR,eAAe;QACf,kBAAkB;QAClB,UAAU;QACV,aAAa;KACd,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,eAAe,CACtB,KAAmB,EACnB,KAA6B;IAE7B,4DAA4D;IAC5D,IAAI,KAAK,CAAC,QAAQ,KAAK,KAAK,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAC9E,yEAAyE;IACzE,kDAAkD;IAClD,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACvC,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC/C,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,KAAK,CAAC;AAC3B,CAAC"}