npm - @jmruthers/pace-core - Versions diffs - 0.5.186 → 0.5.187 - Mend

@jmruthers/pace-core 0.5.186 → 0.5.187

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (284) hide show

package/dist/{DataTable-Z9NLVJh0.d.ts → DataTable-IVYljGJ6.d.ts} +1 -1
package/dist/{DataTable-IX2NBUTP.js → DataTable-K3RJRSOX.js} +7 -7
package/dist/{PublicPageProvider-DIzEzwKl.d.ts → PublicPageProvider-DrLDztHt.d.ts} +211 -106
package/dist/{UnifiedAuthProvider-A4BCQRJY.js → UnifiedAuthProvider-B76OWOAT.js} +2 -2
package/dist/{api-BMFCXVQX.js → api-YP7XD5L6.js} +3 -3
package/dist/{audit-WRS3KJKI.js → audit-B5P6FFIR.js} +2 -2
package/dist/{chunk-445GEP27.js → chunk-3IC5WCMO.js} +33 -8
package/dist/chunk-3IC5WCMO.js.map +1 -0
package/dist/{chunk-OALXJH4Y.js → chunk-3NFNJOO7.js} +8 -8
package/dist/chunk-3NFNJOO7.js.map +1 -0
package/dist/{chunk-FSFQFJCU.js → chunk-63FOKYGO.js} +174 -6
package/dist/chunk-63FOKYGO.js.map +1 -0
package/dist/{chunk-TC7D3CR3.js → chunk-C4OYJOV4.js} +556 -101
package/dist/chunk-C4OYJOV4.js.map +1 -0
package/dist/{chunk-HGPQUCBC.js → chunk-FMTK4XNN.js} +3 -3
package/dist/{chunk-U6WNSFX5.js → chunk-HEHYGYOX.js} +279 -44
package/dist/chunk-HEHYGYOX.js.map +1 -0
package/dist/{chunk-XAUHJD3L.js → chunk-K2JGDXGU.js} +2 -2
package/dist/{chunk-HDCUMOOI.js → chunk-LBBUPSSC.js} +792 -559
package/dist/chunk-LBBUPSSC.js.map +1 -0
package/dist/{chunk-UQWSHFVX.js → chunk-SAUPYVLF.js} +1 -1
package/dist/{chunk-UQWSHFVX.js.map → chunk-SAUPYVLF.js.map} +1 -1
package/dist/{chunk-GRIQLQ52.js → chunk-T6ZJVI3A.js} +27 -23
package/dist/chunk-T6ZJVI3A.js.map +1 -0
package/dist/{chunk-DAGICKHT.js → chunk-ULX5FYEM.js} +3 -3
package/dist/{chunk-FXFJRTKI.js → chunk-WK2Y6TGA.js} +3 -3
package/dist/chunk-WK2Y6TGA.js.map +1 -0
package/dist/chunk-YHCN776L.js +447 -0
package/dist/chunk-YHCN776L.js.map +1 -0
package/dist/components.d.ts +4 -4
package/dist/components.js +12 -10
package/dist/components.js.map +1 -1
package/dist/{file-reference-PRTSLxKx.d.ts → file-reference-D037xOFK.d.ts} +0 -1
package/dist/hooks.d.ts +221 -6
package/dist/hooks.js +146 -49
package/dist/hooks.js.map +1 -1
package/dist/index.d.ts +24 -9
package/dist/index.js +62 -28
package/dist/index.js.map +1 -1
package/dist/providers.js +1 -1
package/dist/rbac/index.d.ts +124 -7
package/dist/rbac/index.js +27 -7
package/dist/{types-DUyCRSTj.d.ts → types-Bwgl--Xo.d.ts} +162 -1
package/dist/types.d.ts +1 -1
package/dist/types.js +1 -1
package/dist/{usePublicRouteParams-D71QLlg4.d.ts → usePublicRouteParams-CTDELQ7H.d.ts} +2 -2
package/dist/utils.d.ts +213 -3
package/dist/utils.js +22 -2
package/dist/utils.js.map +1 -1
package/docs/api/classes/ColumnFactory.md +1 -1
package/docs/api/classes/ErrorBoundary.md +1 -1
package/docs/api/classes/InvalidScopeError.md +1 -1
package/docs/api/classes/Logger.md +1 -1
package/docs/api/classes/MissingUserContextError.md +1 -1
package/docs/api/classes/OrganisationContextRequiredError.md +1 -1
package/docs/api/classes/PermissionDeniedError.md +1 -1
package/docs/api/classes/RBACAuditManager.md +21 -17
package/docs/api/classes/RBACCache.md +31 -23
package/docs/api/classes/RBACEngine.md +5 -5
package/docs/api/classes/RBACError.md +1 -1
package/docs/api/classes/RBACNotInitializedError.md +1 -1
package/docs/api/classes/SecureSupabaseClient.md +1 -1
package/docs/api/classes/StorageUtils.md +1 -1
package/docs/api/enums/FileCategory.md +1 -1
package/docs/api/enums/LogLevel.md +1 -1
package/docs/api/enums/RBACErrorCode.md +1 -1
package/docs/api/enums/RPCFunction.md +1 -1
package/docs/api/interfaces/AddressFieldProps.md +241 -0
package/docs/api/interfaces/AddressFieldRef.md +94 -0
package/docs/api/interfaces/AggregateConfig.md +1 -1
package/docs/api/interfaces/AutocompleteOptions.md +75 -0
package/docs/api/interfaces/BadgeProps.md +1 -1
package/docs/api/interfaces/ButtonProps.md +1 -1
package/docs/api/interfaces/CalendarProps.md +1 -1
package/docs/api/interfaces/CardProps.md +1 -1
package/docs/api/interfaces/ColorPalette.md +1 -1
package/docs/api/interfaces/ColorShade.md +1 -1
package/docs/api/interfaces/ComplianceResult.md +1 -1
package/docs/api/interfaces/DataAccessRecord.md +1 -1
package/docs/api/interfaces/DataRecord.md +1 -1
package/docs/api/interfaces/DataTableAction.md +1 -1
package/docs/api/interfaces/DataTableColumn.md +1 -1
package/docs/api/interfaces/DataTableProps.md +1 -1
package/docs/api/interfaces/DataTableToolbarButton.md +1 -1
package/docs/api/interfaces/DatabaseComplianceResult.md +1 -1
package/docs/api/interfaces/DatabaseIssue.md +1 -1
package/docs/api/interfaces/EmptyStateConfig.md +1 -1
package/docs/api/interfaces/EnhancedNavigationMenuProps.md +1 -1
package/docs/api/interfaces/EventAppRoleData.md +1 -1
package/docs/api/interfaces/ExportColumn.md +1 -1
package/docs/api/interfaces/ExportOptions.md +1 -1
package/docs/api/interfaces/FileDisplayProps.md +15 -15
package/docs/api/interfaces/FileMetadata.md +1 -1
package/docs/api/interfaces/FileReference.md +1 -1
package/docs/api/interfaces/FileSizeLimits.md +1 -1
package/docs/api/interfaces/FileUploadOptions.md +1 -1
package/docs/api/interfaces/FileUploadProps.md +1 -1
package/docs/api/interfaces/FooterProps.md +1 -1
package/docs/api/interfaces/FormFieldProps.md +1 -1
package/docs/api/interfaces/FormProps.md +1 -1
package/docs/api/interfaces/GrantEventAppRoleParams.md +1 -1
package/docs/api/interfaces/InactivityWarningModalProps.md +1 -1
package/docs/api/interfaces/InputProps.md +1 -1
package/docs/api/interfaces/LabelProps.md +1 -1
package/docs/api/interfaces/LoggerConfig.md +1 -1
package/docs/api/interfaces/LoginFormProps.md +1 -1
package/docs/api/interfaces/NavigationAccessRecord.md +1 -1
package/docs/api/interfaces/NavigationContextType.md +1 -1
package/docs/api/interfaces/NavigationGuardProps.md +1 -1
package/docs/api/interfaces/NavigationItem.md +1 -1
package/docs/api/interfaces/NavigationMenuProps.md +1 -1
package/docs/api/interfaces/NavigationProviderProps.md +1 -1
package/docs/api/interfaces/Organisation.md +1 -1
package/docs/api/interfaces/OrganisationContextType.md +1 -1
package/docs/api/interfaces/OrganisationMembership.md +1 -1
package/docs/api/interfaces/OrganisationProviderProps.md +1 -1
package/docs/api/interfaces/OrganisationSecurityError.md +1 -1
package/docs/api/interfaces/PaceAppLayoutProps.md +1 -1
package/docs/api/interfaces/PaceLoginPageProps.md +1 -1
package/docs/api/interfaces/PageAccessRecord.md +1 -1
package/docs/api/interfaces/PagePermissionContextType.md +1 -1
package/docs/api/interfaces/PagePermissionGuardProps.md +11 -11
package/docs/api/interfaces/PagePermissionProviderProps.md +1 -1
package/docs/api/interfaces/PaletteData.md +1 -1
package/docs/api/interfaces/ParsedAddress.md +120 -0
package/docs/api/interfaces/PermissionEnforcerProps.md +1 -1
package/docs/api/interfaces/ProgressProps.md +1 -1
package/docs/api/interfaces/ProtectedRouteProps.md +1 -1
package/docs/api/interfaces/PublicPageFooterProps.md +1 -1
package/docs/api/interfaces/PublicPageHeaderProps.md +1 -1
package/docs/api/interfaces/PublicPageLayoutProps.md +1 -1
package/docs/api/interfaces/QuickFix.md +1 -1
package/docs/api/interfaces/RBACAccessValidateParams.md +1 -1
package/docs/api/interfaces/RBACAccessValidateResult.md +1 -1
package/docs/api/interfaces/RBACAuditLogParams.md +1 -1
package/docs/api/interfaces/RBACAuditLogResult.md +1 -1
package/docs/api/interfaces/RBACConfig.md +26 -3
package/docs/api/interfaces/RBACContext.md +1 -1
package/docs/api/interfaces/RBACLogger.md +5 -5
package/docs/api/interfaces/RBACPageAccessCheckParams.md +1 -1
package/docs/api/interfaces/RBACPerformanceMetrics.md +138 -0
package/docs/api/interfaces/RBACPermissionCheckParams.md +1 -1
package/docs/api/interfaces/RBACPermissionCheckResult.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetParams.md +1 -1
package/docs/api/interfaces/RBACPermissionsGetResult.md +1 -1
package/docs/api/interfaces/RBACResult.md +1 -1
package/docs/api/interfaces/RBACRoleGrantParams.md +1 -1
package/docs/api/interfaces/RBACRoleGrantResult.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeParams.md +1 -1
package/docs/api/interfaces/RBACRoleRevokeResult.md +1 -1
package/docs/api/interfaces/RBACRoleValidateParams.md +1 -1
package/docs/api/interfaces/RBACRoleValidateResult.md +1 -1
package/docs/api/interfaces/RBACRolesListParams.md +1 -1
package/docs/api/interfaces/RBACRolesListResult.md +1 -1
package/docs/api/interfaces/RBACSessionTrackParams.md +1 -1
package/docs/api/interfaces/RBACSessionTrackResult.md +1 -1
package/docs/api/interfaces/ResourcePermissions.md +1 -1
package/docs/api/interfaces/RevokeEventAppRoleParams.md +1 -1
package/docs/api/interfaces/RoleBasedRouterContextType.md +1 -1
package/docs/api/interfaces/RoleBasedRouterProps.md +1 -1
package/docs/api/interfaces/RoleManagementResult.md +1 -1
package/docs/api/interfaces/RouteAccessRecord.md +1 -1
package/docs/api/interfaces/RouteConfig.md +1 -1
package/docs/api/interfaces/RuntimeComplianceResult.md +1 -1
package/docs/api/interfaces/SecureDataContextType.md +1 -1
package/docs/api/interfaces/SecureDataProviderProps.md +1 -1
package/docs/api/interfaces/SessionRestorationLoaderProps.md +1 -1
package/docs/api/interfaces/SetupIssue.md +1 -1
package/docs/api/interfaces/StorageConfig.md +1 -1
package/docs/api/interfaces/StorageFileInfo.md +1 -1
package/docs/api/interfaces/StorageFileMetadata.md +1 -1
package/docs/api/interfaces/StorageListOptions.md +1 -1
package/docs/api/interfaces/StorageListResult.md +1 -1
package/docs/api/interfaces/StorageUploadOptions.md +1 -1
package/docs/api/interfaces/StorageUploadResult.md +1 -1
package/docs/api/interfaces/StorageUrlOptions.md +1 -1
package/docs/api/interfaces/StyleImport.md +1 -1
package/docs/api/interfaces/SwitchProps.md +1 -1
package/docs/api/interfaces/TabsContentProps.md +1 -1
package/docs/api/interfaces/TabsListProps.md +1 -1
package/docs/api/interfaces/TabsProps.md +1 -1
package/docs/api/interfaces/TabsTriggerProps.md +1 -1
package/docs/api/interfaces/TextareaProps.md +1 -1
package/docs/api/interfaces/ToastActionElement.md +1 -1
package/docs/api/interfaces/ToastProps.md +1 -1
package/docs/api/interfaces/UnifiedAuthContextType.md +1 -1
package/docs/api/interfaces/UnifiedAuthProviderProps.md +1 -1
package/docs/api/interfaces/UseFormDialogOptions.md +1 -1
package/docs/api/interfaces/UseFormDialogReturn.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerOptions.md +1 -1
package/docs/api/interfaces/UseInactivityTrackerReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventLogoReturn.md +1 -1
package/docs/api/interfaces/UsePublicEventOptions.md +1 -1
package/docs/api/interfaces/UsePublicEventReturn.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayOptions.md +1 -1
package/docs/api/interfaces/UsePublicFileDisplayReturn.md +1 -1
package/docs/api/interfaces/UsePublicRouteParamsReturn.md +1 -1
package/docs/api/interfaces/UseResolvedScopeOptions.md +1 -1
package/docs/api/interfaces/UseResolvedScopeReturn.md +1 -1
package/docs/api/interfaces/UseResourcePermissionsOptions.md +1 -1
package/docs/api/interfaces/UserEventAccess.md +1 -1
package/docs/api/interfaces/UserMenuProps.md +1 -1
package/docs/api/interfaces/UserProfile.md +1 -1
package/docs/api/modules.md +318 -59
package/docs/best-practices/performance.md +11 -0
package/docs/implementation-guides/file-upload-storage.md +29 -0
package/docs/rbac/README.md +2 -1
package/docs/rbac/api-reference.md +11 -0
package/docs/rbac/performance.md +320 -0
package/docs/standards/01-architecture-standard.md +5 -0
package/docs/standards/05-security-standard.md +12 -0
package/package.json +1 -1
package/src/components/AddressField/AddressField.test.tsx +411 -0
package/src/components/AddressField/AddressField.tsx +323 -0
package/src/components/AddressField/README.md +336 -0
package/src/components/AddressField/index.ts +10 -0
package/src/components/AddressField/types.ts +65 -0
package/src/components/FileDisplay/FileDisplay.test.tsx +454 -0
package/src/components/FileDisplay/FileDisplay.tsx +28 -1
package/src/components/index.ts +2 -0
package/src/hooks/__tests__/useFileDisplay.unit.test.ts +30 -5
package/src/hooks/__tests__/useOrganisationSecurity.unit.test.tsx +11 -10
package/src/hooks/__tests__/usePublicFileDisplay.test.ts +31 -6
package/src/hooks/index.ts +6 -0
package/src/hooks/public/usePublicFileDisplay.ts +8 -10
package/src/hooks/useAddressAutocomplete.test.ts +318 -0
package/src/hooks/useAddressAutocomplete.ts +268 -0
package/src/hooks/useFileDisplay.ts +3 -15
package/src/hooks/useFileReference.test.ts +20 -3
package/src/hooks/useFileReference.ts +3 -24
package/src/hooks/useFileUrlCache.ts +246 -0
package/src/hooks/useInactivityTracker.ts +31 -20
package/src/hooks/useOrganisationSecurity.test.ts +10 -7
package/src/hooks/useOrganisationSecurity.ts +3 -3
package/src/hooks/useQueryCache.ts +315 -0
package/src/index.ts +2 -0
package/src/providers/services/EventServiceProvider.tsx +4 -1
package/src/rbac/api.test.ts +21 -6
package/src/rbac/api.ts +32 -11
package/src/rbac/audit-batched.ts +223 -0
package/src/rbac/audit-enhanced.ts +2 -2
package/src/rbac/audit.test.ts +6 -5
package/src/rbac/audit.ts +34 -6
package/src/rbac/cache-invalidation.ts +63 -12
package/src/rbac/cache.test.ts +2 -2
package/src/rbac/cache.ts +61 -14
package/src/rbac/components/PagePermissionGuard.tsx +19 -10
package/src/rbac/components/__tests__/PagePermissionGuard.performance.test.tsx +248 -0
package/src/rbac/config.ts +9 -0
package/src/rbac/engine.ts +2 -21
package/src/rbac/hooks/usePermissions.ts +21 -5
package/src/rbac/index.ts +19 -0
package/src/rbac/performance.ts +210 -0
package/src/rbac/request-deduplication.ts +87 -0
package/src/rbac/utils/deep-equal.ts +93 -0
package/src/types/file-reference.ts +0 -1
package/src/utils/file-reference/__tests__/file-reference.test.ts +31 -4
package/src/utils/file-reference/index.ts +44 -15
package/src/utils/google-places/googlePlacesUtils.test.ts +403 -0
package/src/utils/google-places/googlePlacesUtils.ts +475 -0
package/src/utils/google-places/index.ts +26 -0
package/src/utils/google-places/loadGoogleMapsScript.ts +207 -0
package/src/utils/google-places/types.ts +94 -0
package/src/utils/index.ts +23 -0
package/src/utils/request-deduplication.ts +165 -0
package/src/utils/storage/helpers.ts +143 -4
package/dist/chunk-445GEP27.js.map +0 -1
package/dist/chunk-FMUCXFII.js +0 -76
package/dist/chunk-FMUCXFII.js.map +0 -1
package/dist/chunk-FSFQFJCU.js.map +0 -1
package/dist/chunk-FXFJRTKI.js.map +0 -1
package/dist/chunk-GRIQLQ52.js.map +0 -1
package/dist/chunk-HDCUMOOI.js.map +0 -1
package/dist/chunk-OALXJH4Y.js.map +0 -1
package/dist/chunk-TC7D3CR3.js.map +0 -1
package/dist/chunk-U6WNSFX5.js.map +0 -1
/package/dist/{DataTable-IX2NBUTP.js.map → DataTable-K3RJRSOX.js.map} +0 -0
/package/dist/{UnifiedAuthProvider-A4BCQRJY.js.map → UnifiedAuthProvider-B76OWOAT.js.map} +0 -0
/package/dist/{api-BMFCXVQX.js.map → api-YP7XD5L6.js.map} +0 -0
/package/dist/{audit-WRS3KJKI.js.map → audit-B5P6FFIR.js.map} +0 -0
/package/dist/{chunk-HGPQUCBC.js.map → chunk-FMTK4XNN.js.map} +0 -0
/package/dist/{chunk-XAUHJD3L.js.map → chunk-K2JGDXGU.js.map} +0 -0
/package/dist/{chunk-DAGICKHT.js.map → chunk-ULX5FYEM.js.map} +0 -0

package/dist/utils.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/utils/core/debugLogger.ts","../src/utils/validation/validation.ts","../src/utils/validation/validationUtils.ts","../src/utils/validation/sanitization.ts","../src/utils/validation/csrf.ts","../src/utils/validation/sqlInjectionProtection.ts","../src/utils/validation/user.ts","../src/utils/security/security.ts","../src/utils/security/securityMonitor.ts","../src/constants/performance.ts","../src/utils/performance/performanceBenchmark.ts","../src/utils/performance/bundleAnalysis.ts","../src/utils/dynamic/dynamicUtils.ts","../src/utils/dynamic/lazyLoad.tsx","../src/utils/permissions/permissionUtils.ts","../src/utils/permissions/permissionTypes.ts","../src/utils/audit/audit.ts","../src/utils/device/deviceFingerprint.ts","../src/utils/location/location.ts"],"sourcesContent":["/*\n @file Debug Logger Utility\n * @package @jmruthers/pace-core\n * @module Utils/DebugLogger\n * @since 0.4.76\n /\n\n/\n Debug logger that respects environment settings\n * Only logs in development mode to prevent production console spam\n /\nexport class DebugLogger {\n /\n Check if we're in development mode\n /\n private static get isDevelopment(): boolean {\n return import.meta.env.MODE === 'development';\n }\n\n /\n Log debug information only in development mode\n /\n static log(component: string, message: string, ...args: any[]): void {\n if (this.isDevelopment) {\n try {\n console.log(`[${component}] ${message}`, ...args);\n } catch (e) {\n // Gracefully handle console method errors\n }\n }\n }\n\n /\n Log error information (always logged)\n /\n static error(component: string, message: string, ...args: any[]): void {\n try {\n console.error(`[${component}] ${message}`, ...args);\n } catch (e) {\n // Gracefully handle console method errors\n }\n }\n\n /\n Log warning information (always logged)\n /\n static warn(component: string, message: string, ...args: any[]): void {\n try {\n console.warn(`[${component}] ${message}`, ...args);\n } catch (e) {\n // Gracefully handle console method errors\n }\n }\n\n /\n Log info information only in development mode\n /\n static info(component: string, message: string, ...args: any[]): void {\n if (this.isDevelopment) {\n try {\n console.info(`[${component}] ${message}`, ...args);\n } catch (e) {\n // Gracefully handle console method errors\n }\n }\n }\n}\n","/\n @file Internal utilities for validation module\n * @internal This file contains implementation details that should not be used directly\n /\n\n/\n Utility functions for validating data in the application\n /\n\n/\n Check if a string is a valid email\n /\nexport function isValidEmail(email: string): boolean {\n const emailPattern = /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/;\n return emailPattern.test(email);\n}\n\n/\n Check if a string is empty (either null, undefined, or just whitespace)\n /\nexport function isEmpty(value: string \| null \| undefined): boolean {\n return value === null \|\| value === undefined \|\| value.trim() === '';\n}\n\n/\n Check if a password meets minimum requirements\n /\nexport function isStrongPassword(password: string): boolean {\n // Minimum 8 characters, at least one uppercase, one lowercase, one number\n const passwordPattern = /^(?=.[a-z])(?=.[A-Z])(?=.\\d).{8,}$/;\n return passwordPattern.test(password);\n}\n\n/*\n Check if a URL is valid\n /\nexport function isValidUrl(url: string): boolean {\n try {\n new URL(url);\n return true;\n } catch {\n return false;\n }\n}\n\n/\n Check if a date string is valid\n /\nexport function isValidDate(dateStr: string): boolean {\n const date = new Date(dateStr);\n return !isNaN(date.getTime());\n}\n\n/\n Check if a value is within a range\n /\nexport function isWithinRange(value: number, min: number, max: number): boolean {\n return value >= min && value <= max;\n}\n\n/\n Check if a value matches a specific pattern\n /\nexport function matchesPattern(value: string, pattern: RegExp): boolean {\n return pattern.test(value);\n}\n\n/\n Utility function to deep merge objects for schema combination\n * @internal\n /\nexport function deepMerge<T extends Record<string, unknown>>(\n target: T, \n source: Record<string, unknown>\n): T {\n const output = { ...target };\n \n if (isObject(target) && isObject(source)) {\n Object.keys(source).forEach(key => {\n if (isObject(source[key])) {\n if (!(key in target)) {\n Object.assign(output, { [key]: source[key] });\n } else {\n // Use a type assertion to safely handle the indexing\n const targetKey = key as keyof typeof target;\n const targetValue = target[targetKey];\n \n if (isObject(targetValue)) {\n // Safe cast using type assertion\n output[targetKey] = deepMerge(\n targetValue as Record<string, unknown>,\n source[key] as Record<string, unknown>\n ) as unknown as T[keyof T];\n }\n }\n } else {\n Object.assign(output, { [key]: source[key] });\n }\n });\n }\n \n return output as T;\n}\n\n/\n Type guard to check if a value is a plain object\n * @internal\n /\nexport function isObject(item: unknown): item is Record<string, unknown> {\n return item !== null && typeof item === 'object' && !Array.isArray(item);\n}\n","\n/\n @file Validation utilities\n * \n * Shared validation utilities with enhanced security\n /\n\nimport { z } from 'zod';\nimport { sanitizeUserInput, sanitizeFormData, type SanitizationOptions } from './sanitization';\n\n/\n Validates user input against a schema with automatic sanitization\n /\nexport function validateUserInput<T>(\n schema: z.ZodSchema<T>, \n data: unknown,\n sanitizationRules?: Record<string, SanitizationOptions>\n): { success: boolean; data?: T; error?: string } {\n return sanitizeFormData(data, schema, sanitizationRules);\n}\n\n/\n Enhanced email validation with sanitization\n /\nexport const emailSchema = z.string()\n .transform(email => email.toLowerCase().trim())\n .pipe(z.string().min(1, 'Email is required').email('Invalid email format').max(254, 'Email too long'));\n\n/\n Enhanced password validation\n /\nexport const passwordSchema = z.string()\n .min(8, 'Password must be at least 8 characters')\n .max(128, 'Password too long')\n .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')\n .regex(/[a-z]/, 'Password must contain at least one lowercase letter')\n .regex(/[0-9]/, 'Password must contain at least one number')\n .regex(/[^A-Za-z0-9]/, 'Password must contain at least one special character');\n\n/\n Username validation with sanitization\n /\nexport const usernameSchema = z.string()\n .transform(username => username.toLowerCase().trim())\n .pipe(z.string().min(3, 'Username must be at least 3 characters').max(30, 'Username too long').regex(/^[a-zA-Z0-9_-]+$/, 'Username can only contain letters, numbers, hyphens, and underscores'));\n\n/\n Name validation with sanitization\n /\nexport const nameSchema = z.string()\n .min(1, 'Name is required')\n .max(100, 'Name too long')\n .refine(name => {\n // Check for XSS attempts and other invalid patterns\n const dangerousPatterns = [\n /<script/i,\n /<img/i,\n /on\\w+\\s=/i,\n /javascript:/i,\n /data:/i,\n /vbscript:/i\n ];\n \n return !dangerousPatterns.some(pattern => pattern.test(name));\n }, 'Name contains invalid characters')\n .transform(name => sanitizeUserInput(name, { \n allowHtml: false, \n maxLength: 100, \n trim: true \n }));\n\n/*\n Phone number validation with sanitization\n /\nexport const phoneSchema = z.string()\n .min(10, 'Phone number must be at least 10 digits')\n .max(20, 'Phone number too long')\n .regex(/^[\\+]?[0-9\\s\\-\$\$\\.]+$/, 'Invalid phone number format')\n .refine(phone => {\n // Remove all non-digit characters and check length\n const digitsOnly = phone.replace(/\\D/g, '');\n return digitsOnly.length >= 10 && digitsOnly.length <= 15;\n }, 'Phone number must be between 10 and 15 digits');\n\n/\n URL validation with sanitization\n /\nexport const urlSchema = z.string()\n .min(1, 'URL is required')\n .max(2048, 'URL too long')\n .refine(url => {\n try {\n const parsed = new URL(url);\n return ['http:', 'https:'].includes(parsed.protocol);\n } catch {\n return false;\n }\n }, 'Invalid URL format')\n .refine(url => {\n // Additional security checks\n const dangerousPatterns = [\n /javascript:/i,\n /data:/i,\n /vbscript:/i,\n /file:/i,\n /mailto:/i\n ];\n \n return !dangerousPatterns.some(pattern => pattern.test(url));\n }, 'URL contains invalid protocol');\n","/\n @file Input Sanitization Layer\n * @package @jmruthers/pace-core\n * @module Utils/Validation/Sanitization\n * @since 0.1.0\n * \n * Comprehensive input sanitization utilities to prevent XSS, injection attacks,\n * and other security vulnerabilities.\n /\n\nimport { z } from 'zod';\n\n/\n Sanitization options for different contexts\n /\nexport interface SanitizationOptions {\n allowHtml?: boolean;\n allowedTags?: string[];\n maxLength?: number;\n trim?: boolean;\n removeScripts?: boolean;\n removeEvents?: boolean;\n}\n\n/\n Default sanitization options\n /\nconst DEFAULT_OPTIONS: SanitizationOptions = {\n allowHtml: false,\n allowedTags: [],\n maxLength: 1000,\n trim: true,\n removeScripts: true,\n removeEvents: true\n};\n\n/\n Sanitizes user input by removing potentially dangerous characters and patterns\n /\nexport function sanitizeUserInput(input: string, options: SanitizationOptions = {}): string {\n if (typeof input !== 'string') {\n return '';\n }\n\n const opts = { ...DEFAULT_OPTIONS, ...options };\n let sanitized = input;\n\n // Trim whitespace if requested\n if (opts.trim) {\n sanitized = sanitized.trim();\n }\n\n // Enforce maximum length\n if (opts.maxLength && sanitized.length > opts.maxLength) {\n sanitized = sanitized.substring(0, opts.maxLength);\n }\n\n // Remove or escape HTML if not allowed\n if (!opts.allowHtml) {\n sanitized = sanitized\n .replace(/</g, '<')\n .replace(/>/g, '>')\n .replace(/\"/g, '"')\n .replace(/'/g, ''')\n .replace(/\\//g, '/');\n } else if (opts.allowedTags && opts.allowedTags.length > 0) {\n // If HTML is allowed, only permit specific tags\n const allowedTagsRegex = new RegExp(`<(?!\\/?(?:${opts.allowedTags.join('\|')})\\s\\/?>)[^>]+>`, 'gi');\n sanitized = sanitized.replace(allowedTagsRegex, '');\n }\n\n // Remove script tags and javascript: protocols\n if (opts.removeScripts) {\n sanitized = sanitized\n .replace(/<script[^>]>.?<\\/script>/gi, '')\n .replace(/javascript:/gi, '')\n .replace(/vbscript:/gi, '')\n .replace(/data:/gi, '');\n }\n\n // Remove event handlers\n if (opts.removeEvents) {\n sanitized = sanitized.replace(/on\\w+\\s=/gi, '');\n }\n\n return sanitized;\n}\n\n/\n Sanitizes email addresses\n /\nexport function sanitizeEmail(email: string): string {\n if (typeof email !== 'string') {\n return '';\n }\n\n return email\n .trim()\n .toLowerCase()\n .replace(/[^\\w@.-]/g, ''); // Only allow word characters, @, ., and -\n}\n\n/\n Sanitizes phone numbers\n /\nexport function sanitizePhoneNumber(phone: string): string {\n if (typeof phone !== 'string') {\n return '';\n }\n\n return phone.replace(/[^\\d+\\-\\s()]/g, '').trim();\n}\n\n/\n Sanitizes URLs\n /\nexport function sanitizeUrl(url: string): string {\n if (typeof url !== 'string') {\n return '';\n }\n\n const sanitized = url.trim();\n \n // Only allow http(s) and ftp protocols\n if (!/^https?:\\/\\/\|^ftp:\\/\\//i.test(sanitized)) {\n return '';\n }\n\n // Remove javascript: and other dangerous protocols\n if (/javascript:\|data:\|vbscript:/i.test(sanitized)) {\n return '';\n }\n\n return sanitized;\n}\n\n/\n Sanitizes file names\n /\nexport function sanitizeFileName(fileName: string): string {\n if (typeof fileName !== 'string') {\n return '';\n }\n\n return fileName\n .trim()\n .replace(/[<>:\"/\\\\\|?]/g, '') // Remove invalid file name characters\n .replace(/\\.\\./g, '') // Remove directory traversal attempts\n .substring(0, 255); // Limit length\n}\n\n/*\n Sanitizes SQL input to prevent injection\n /\nexport function sanitizeSqlInput(input: string): string {\n if (typeof input !== 'string') {\n return '';\n }\n\n return input\n .replace(/['\";\\\\]/g, '') // Remove SQL special characters\n .replace(/--.$/gm, '') // Remove SQL comments\n .replace(/\\/\\.?\\\\//g, '') // Remove SQL block comments\n .trim();\n}\n\n/\n Validates and sanitizes form data using Zod schemas\n /\nexport function sanitizeFormData<T>(\n data: unknown,\n schema: z.ZodSchema<T>,\n sanitizationRules?: Record<string, SanitizationOptions>\n): { success: boolean; data?: T; error?: string } {\n try {\n // First, sanitize string fields if rules are provided\n if (sanitizationRules && typeof data === 'object' && data !== null) {\n const sanitizedData = { ...data } as Record<string, unknown>;\n \n Object.entries(sanitizationRules).forEach(([field, options]) => {\n if (typeof sanitizedData[field] === 'string') {\n sanitizedData[field] = sanitizeUserInput(sanitizedData[field] as string, options);\n }\n });\n \n data = sanitizedData;\n }\n\n // Then validate with Zod schema\n const result = schema.parse(data);\n return { success: true, data: result };\n } catch (error) {\n if (error instanceof z.ZodError) {\n return { \n success: false, \n error: error.errors.map(e => e.message).join(', ') \n };\n }\n return { \n success: false, \n error: 'Validation failed' \n };\n }\n}\n\n// Re-export HTML sanitization from the consolidated module\n// The new implementation allows safe HTML tags while removing dangerous ones\nexport { sanitizeHtml } from './htmlSanitization';\n\n/\n Content Security Policy (CSP) utilities\n /\nexport const CSP_DIRECTIVES = {\n default: \"default-src 'self'\",\n script: \"script-src 'self' 'unsafe-inline'\",\n style: \"style-src 'self' 'unsafe-inline'\",\n img: \"img-src 'self' data: https:\",\n font: \"font-src 'self'\",\n connect: \"connect-src 'self'\",\n frame: \"frame-src 'none'\"\n};\n\nexport function generateCSPHeader(customDirectives?: Partial<typeof CSP_DIRECTIVES>): string {\n const directives = { ...CSP_DIRECTIVES, ...customDirectives };\n return Object.values(directives).join('; ');\n}\n\n/\n Rate limiting utilities\n /\nexport class RateLimiter {\n private attempts: Map<string, { count: number; resetTime: number }> = new Map();\n\n constructor(\n private maxAttempts: number = 5,\n private windowMs: number = 15 60 * 1000 // 15 minutes\n ) {}\n\n isAllowed(identifier: string): boolean {\n const now = Date.now();\n const record = this.attempts.get(identifier);\n\n if (!record \|\| now > record.resetTime) {\n this.attempts.set(identifier, { count: 1, resetTime: now + this.windowMs });\n return true;\n }\n\n if (record.count >= this.maxAttempts) {\n return false;\n }\n\n record.count++;\n return true;\n }\n\n getRemainingAttempts(identifier: string): number {\n const record = this.attempts.get(identifier);\n if (!record \|\| Date.now() > record.resetTime) {\n return this.maxAttempts;\n }\n return Math.max(0, this.maxAttempts - record.count);\n }\n\n reset(identifier: string): void {\n this.attempts.delete(identifier);\n }\n}\n\n// Validation schemas (kept from previous version)\n/*\n Enhanced email schema with security checks\n /\nexport const secureEmailSchema = z\n .string()\n .min(1, 'Email is required')\n .email('Invalid email format')\n .max(254, 'Email too long')\n .refine(\n (email) => {\n if (!email \|\| typeof email !== 'string') return false;\n // Basic domain validation\n const domain = email.split('@')[1];\n return domain && domain.includes('.') && domain.length > 3;\n },\n 'Invalid email domain'\n )\n .transform((email) => sanitizeEmail(email));\n\n/\n Basic email schema for common use\n /\nexport const emailSchema = z\n .string()\n .min(1, 'Email is required')\n .email('Invalid email format');\n\n/\n Name validation schema\n /\nexport const nameSchema = z\n .string()\n .min(1, 'Name is required')\n .max(100, 'Name too long')\n .regex(/^[a-zA-Z\\s'-]+$/, 'Name contains invalid characters');\n\n/\n Phone validation schema\n /\nexport const phoneSchema = z\n .string()\n .regex(/^[\\+]?[1-9][\\d]{0,15}$/, 'Invalid phone number format');\n\n/\n URL validation schema\n /\nexport const urlSchema = z\n .string()\n .url('Invalid URL format');\n\n/\n Date validation schema\n /\nexport const dateSchema = z\n .string()\n .regex(/^\\d{4}-\\d{2}-\\d{2}$/, 'Invalid date format (YYYY-MM-DD)');\n\n/\n Secure login schema\n /\nexport const secureLoginSchema = z.object({\n email: secureEmailSchema,\n password: z.string().min(1, 'Password is required'),\n});\n","/\n @file CSRF Protection Implementation\n * @description Session-based CSRF token management with security enhancements\n /\n\nimport { secureStorage } from '../security/secureStorage';\n\nexport interface CSRFTokenData {\n token: string;\n sessionId: string;\n timestamp: number;\n used: boolean;\n}\n\nclass CSRFManager {\n private tokenCache = new Map<string, CSRFTokenData>();\n private readonly TOKEN_EXPIRY = 30 60 * 1000; // 30 minutes\n private readonly MAX_TOKENS_PER_SESSION = 10;\n\n /*\n Generate a new CSRF token for the current session\n /\n async generateToken(sessionId: string): Promise<string> {\n try {\n // Clean up expired tokens\n await this.cleanupExpiredTokens();\n\n // Limit tokens per session\n const sessionTokens = Array.from(this.tokenCache.values())\n .filter(data => data.sessionId === sessionId && !data.used);\n \n if (sessionTokens.length >= this.MAX_TOKENS_PER_SESSION) {\n // Remove oldest token\n const oldest = sessionTokens.sort((a, b) => a.timestamp - b.timestamp)[0];\n this.tokenCache.delete(oldest.token);\n }\n\n // Generate cryptographically secure token\n const tokenBytes = new Uint8Array(32);\n crypto.getRandomValues(tokenBytes);\n const token = Array.from(tokenBytes, byte => \n byte.toString(16).padStart(2, '0')\n ).join('');\n\n const tokenData: CSRFTokenData = {\n token,\n sessionId,\n timestamp: Date.now(),\n used: false,\n };\n\n // Store in memory and secure storage\n this.tokenCache.set(token, tokenData);\n await this.persistTokens();\n\n return token;\n } catch (error) {\n throw new Error('CSRF token generation failed');\n }\n }\n\n /\n Validate and consume a CSRF token\n /\n async validateToken(token: string, sessionId: string): Promise<boolean> {\n try {\n // Load tokens from storage if cache is empty\n if (this.tokenCache.size === 0) {\n await this.loadTokens();\n }\n\n const tokenData = this.tokenCache.get(token);\n \n if (!tokenData) {\n return false;\n }\n\n // Check if token belongs to the session\n if (tokenData.sessionId !== sessionId) {\n return false;\n }\n\n // Check if token is already used\n if (tokenData.used) {\n return false;\n }\n\n // Check if token is expired\n if (Date.now() - tokenData.timestamp > this.TOKEN_EXPIRY) {\n this.tokenCache.delete(token);\n await this.persistTokens();\n return false;\n }\n\n // Mark token as used (one-time use)\n tokenData.used = true;\n this.tokenCache.set(token, tokenData);\n await this.persistTokens();\n\n return true;\n } catch (error) {\n return false;\n }\n }\n\n /\n Get current valid token for session\n /\n async getCurrentToken(sessionId: string): Promise<string \| null> {\n // Load tokens from storage if needed\n if (this.tokenCache.size === 0) {\n await this.loadTokens();\n }\n\n // Find valid unused token for session\n for (const [token, data] of this.tokenCache.entries()) {\n if (\n data.sessionId === sessionId &&\n !data.used &&\n (Date.now() - data.timestamp) < this.TOKEN_EXPIRY\n ) {\n return token;\n }\n }\n\n // Generate new token if none found\n return await this.generateToken(sessionId);\n }\n\n /\n Clean up expired and used tokens\n /\n private async cleanupExpiredTokens(): Promise<void> {\n const now = Date.now();\n const expiredTokens: string[] = [];\n\n for (const [token, data] of this.tokenCache.entries()) {\n if (data.used \|\| (now - data.timestamp) > this.TOKEN_EXPIRY) {\n expiredTokens.push(token);\n }\n }\n\n expiredTokens.forEach(token => this.tokenCache.delete(token));\n \n if (expiredTokens.length > 0) {\n await this.persistTokens();\n }\n }\n\n /\n Persist tokens to secure storage\n /\n private async persistTokens(): Promise<void> {\n try {\n const tokensArray = Array.from(this.tokenCache.entries());\n await secureStorage.setItem(\n 'csrf_tokens',\n JSON.stringify(tokensArray),\n { encrypt: true, expiry: this.TOKEN_EXPIRY }\n );\n } catch (error) {\n // Silent fail - tokens will be regenerated if needed\n }\n }\n\n /\n Load tokens from secure storage\n /\n private async loadTokens(): Promise<void> {\n try {\n const tokensData = await secureStorage.getItem('csrf_tokens');\n if (tokensData) {\n const tokensArray = JSON.parse(tokensData);\n this.tokenCache = new Map(tokensArray);\n // Clean up on load\n await this.cleanupExpiredTokens();\n }\n } catch (error) {\n this.tokenCache.clear();\n }\n }\n\n /\n Clear all tokens for session\n /\n async clearSession(sessionId: string): Promise<void> {\n const tokensToRemove: string[] = [];\n \n for (const [token, data] of this.tokenCache.entries()) {\n if (data.sessionId === sessionId) {\n tokensToRemove.push(token);\n }\n }\n \n tokensToRemove.forEach(token => this.tokenCache.delete(token));\n await this.persistTokens();\n }\n}\n\n// Export singleton instance\nexport const csrfManager = new CSRFManager();\n\n// Convenience functions\nexport async function generateCSRFToken(sessionId: string): Promise<string> {\n return csrfManager.generateToken(sessionId);\n}\n\nexport async function validateCSRFToken(token: string, sessionId: string): Promise<boolean> {\n return csrfManager.validateToken(token, sessionId);\n}\n\nexport async function getCSRFToken(sessionId: string): Promise<string \| null> {\n return csrfManager.getCurrentToken(sessionId);\n}\n","\n/\n @file SQL Injection Protection\n * @description Utilities to prevent SQL injection attacks in dynamic queries\n /\n\nimport { z } from 'zod';\n\n// Common SQL injection patterns\nconst SQL_INJECTION_PATTERNS = [\n /(\\b(SELECT\|INSERT\|UPDATE\|DELETE\|DROP\|CREATE\|ALTER\|EXEC\|EXECUTE\|UNION\|SCRIPT\|JAVASCRIPT)\\b)/i,\n /(\\'\|(\\\\\\')\|(\\'\\')\|(\\\"\|(\\\\\\\")\|(\\\\\")))\|(\\\\x)\|(\\\\u)/i,\n /((%27)\|(')\|(%6F)\|o\|(%4F)\|(%72)\|r\|(%52))/i, // '\|%27\|' OR\n /((%27)\|(')\|(%55)\|u\|(%55)\|(%4E)\|n\|(%4E)\|(%49)\|i\|(%49)\|(%4F)\|o\|(%4F)\|(%4E)\|n\|(%4E))/i, // '\|%27\|' UNION\n /((%3D)\|(=))[^\\n]((%27)\|(')\|((\\\\x27))\|((\\\\x2D))\|((\\\\x23)))/i,\n /(w((%27)\|(')\|(%6F)\|o\|(%4F)\|(%72)\|r\|(%52)))/i,\n /((%27)\|(')\|(''))+union/i,\n /exec(\\+\|\\s)+(s\|x)p\\w+/i,\n /\\b(and\|or)\\b.+?(=\|<\|>\|\\bin\\b\|\\blike\\b)/i,\n /\\bunion\\b.+?\\bselect\\b/i,\n /\\bdrop\\b.+?\\btable\\b/i,\n /\\binsert\\b.+?\\binto\\b/i,\n /\\bdelete\\b.+?\\bfrom\\b/i,\n /\\bupdate\\b.+?\\bset\\b/i,\n /(;\|(\\\\x3B)).+?(drop\|create\|alter\|exec\|execute\|insert\|update\|delete)/i,\n /(%3B\|;).+?(%44\|%64\|d)(%52\|%72\|r)(%4F\|%6F\|o)(%50\|%70\|p)/i\n];\n\n// Characters that should be escaped or removed\nconst DANGEROUS_CHARS = /[';\\\"\\\\%]/g;\n\n/\n Schema for validating and sanitizing search queries\n /\nexport const searchQuerySchema = z\n .string()\n .max(500, 'Search query too long')\n .refine(\n (query) => {\n return !SQL_INJECTION_PATTERNS.some(pattern => pattern.test(query));\n },\n 'Invalid characters detected in search query'\n )\n .transform((query) => sanitizeSearchQuery(query));\n\n/\n Schema for validating table/column names\n /\nexport const sqlIdentifierSchema = z\n .string()\n .min(1, 'Identifier cannot be empty')\n .max(63, 'Identifier too long') // PostgreSQL limit\n .regex(/^[a-zA-Z_][a-zA-Z0-9_]$/, 'Invalid identifier format')\n .refine(\n (identifier) => {\n const reservedWords = [\n 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE', 'ALTER',\n 'FROM', 'WHERE', 'JOIN', 'UNION', 'ORDER', 'GROUP', 'HAVING'\n ];\n return !reservedWords.includes(identifier.toUpperCase());\n },\n 'Identifier cannot be a reserved SQL keyword'\n );\n\n/*\n Schema for validating order by clauses\n /\nexport const orderBySchema = z\n .string()\n .regex(/^[a-zA-Z_][a-zA-Z0-9_](\\s+(ASC\|DESC\|asc\|desc))?$/, 'Invalid order by format');\n\n/*\n Schema for validating limit/offset values\n /\nexport const limitOffsetSchema = z\n .number()\n .int('Must be an integer')\n .min(0, 'Must be non-negative')\n .max(1000, 'Limit too large'); // Reasonable maximum\n\n/\n Sanitize search query by removing dangerous characters\n /\nexport function sanitizeSearchQuery(query: string): string {\n return query\n .replace(DANGEROUS_CHARS, '') // Remove dangerous characters\n .replace(/\\s+/g, ' ') // Normalize whitespace\n .trim()\n .slice(0, 500); // Enforce length limit\n}\n\n/\n Escape special characters for LIKE queries\n /\nexport function escapeLikeQuery(query: string): string {\n return query\n .replace(/\\\\/g, '\\\\\\\\') // Escape backslashes\n .replace(/%/g, '\\\\%') // Escape percent signs\n .replace(/_/g, '\\\\_'); // Escape underscores\n}\n\n/\n Validate and sanitize a dynamic filter object\n /\nexport function sanitizeFilters(filters: Record<string, unknown>): Record<string, unknown> {\n const sanitized: Record<string, unknown> = {};\n \n for (const [key, value] of Object.entries(filters)) {\n // Validate the key (column name)\n const keyValidation = sqlIdentifierSchema.safeParse(key);\n if (!keyValidation.success) {\n // Log warning for invalid filter keys\n // Note: Using console.warn here is intentional for security events\n // This should eventually use the security audit system\n console.warn(`[SECURITY] Invalid filter key detected and removed: ${key}`);\n continue;\n }\n \n // Sanitize the value based on type\n if (typeof value === 'string') {\n const valueValidation = searchQuerySchema.safeParse(value);\n if (valueValidation.success) {\n sanitized[key] = valueValidation.data;\n }\n } else if (typeof value === 'number') {\n if (Number.isFinite(value)) {\n sanitized[key] = value;\n }\n } else if (typeof value === 'boolean') {\n sanitized[key] = value;\n } else if (Array.isArray(value)) {\n // For IN queries, validate each item\n const sanitizedArray = value\n .filter(item => typeof item === 'string' \|\| typeof item === 'number')\n .map(item => typeof item === 'string' ? sanitizeSearchQuery(item) : item)\n .slice(0, 100); // Limit array size\n \n if (sanitizedArray.length > 0) {\n sanitized[key] = sanitizedArray;\n }\n }\n }\n \n return sanitized;\n}\n\n/\n Build safe query parameters for Supabase\n /\nexport interface SafeQueryParams {\n select?: string;\n filters?: Record<string, unknown>;\n orderBy?: string;\n limit?: number;\n offset?: number;\n search?: string;\n}\n\nexport function buildSafeQueryParams(params: SafeQueryParams): SafeQueryParams {\n const safe: SafeQueryParams = {};\n \n // Validate select clause\n if (params.select) {\n const selectFields = params.select.split(',').map(field => field.trim());\n const validFields = selectFields.filter(field => {\n return sqlIdentifierSchema.safeParse(field).success;\n });\n \n if (validFields.length > 0) {\n safe.select = validFields.join(', ');\n }\n }\n \n // Sanitize filters\n if (params.filters) {\n safe.filters = sanitizeFilters(params.filters);\n }\n \n // Validate order by\n if (params.orderBy) {\n const orderByValidation = orderBySchema.safeParse(params.orderBy);\n if (orderByValidation.success) {\n safe.orderBy = orderByValidation.data;\n }\n }\n \n // Validate limit and offset\n if (params.limit !== undefined) {\n const limitValidation = limitOffsetSchema.safeParse(params.limit);\n if (limitValidation.success) {\n safe.limit = limitValidation.data;\n }\n }\n \n if (params.offset !== undefined) {\n const offsetValidation = limitOffsetSchema.safeParse(params.offset);\n if (offsetValidation.success) {\n safe.offset = offsetValidation.data;\n }\n }\n \n // Sanitize search query\n if (params.search) {\n const searchValidation = searchQuerySchema.safeParse(params.search);\n if (searchValidation.success) {\n safe.search = searchValidation.data;\n }\n }\n \n return safe;\n}\n\n/\n Detect potential SQL injection attempts\n /\nexport function detectSQLInjection(input: string): {\n isSuspicious: boolean;\n patterns: string[];\n riskLevel: 'low' \| 'medium' \| 'high' \| 'critical';\n} {\n const detectedPatterns: string[] = [];\n let maxRisk: 'low' \| 'medium' \| 'high' \| 'critical' = 'low';\n \n SQL_INJECTION_PATTERNS.forEach((pattern, index) => {\n if (pattern.test(input)) {\n detectedPatterns.push(`Pattern ${index + 1}`);\n \n // Assign risk levels based on pattern severity\n if (index < 3) { // Most dangerous patterns first\n maxRisk = 'critical';\n } else if (index < 7 && maxRisk !== 'critical') {\n maxRisk = 'high';\n } else if (index < 12 && !['critical', 'high'].includes(maxRisk)) {\n maxRisk = 'medium';\n }\n }\n });\n \n return {\n isSuspicious: detectedPatterns.length > 0,\n patterns: detectedPatterns,\n riskLevel: maxRisk\n };\n}\n","import { z } from 'zod';\nimport { emailSchema, nameSchema } from './common';\n\n/\n Schema for user profile data\n /\nexport const userProfileSchema = z.object({\n name: nameSchema,\n email: emailSchema,\n phone: z.string().optional(),\n website: z.string().url().optional(),\n bio: z.string().max(500).optional(),\n});\n\n/\n Schema for user settings\n /\nexport const userSettingsSchema = z.object({\n notifications: z.object({\n email: z.boolean(),\n push: z.boolean(),\n }),\n language: z.string(),\n});\n\n/\n Schema for user preferences\n /\nexport const userPreferencesSchema = z.object({\n displayName: nameSchema,\n timezone: z.string(),\n dateFormat: z.string(),\n currency: z.string(),\n}); ","\nimport type { SupabaseClient } from '@supabase/supabase-js';\nimport { createLogger } from '../core/logger';\n\nconst log = createLogger('Security');\n\nexport interface SecurityEvent {\n type: string;\n timestamp: Date;\n userId?: string;\n details: Record<string, unknown>;\n}\n\nexport function logSecurityEvent(event: SecurityEvent): void {\n // In production, this should log to your security monitoring system\n // Using Logger.warn for now - can be upgraded to audit system later\n log.warn('Security event:', {\n ...event,\n timestamp: event.timestamp.toISOString()\n });\n}\n\nexport function validateUserSession(userId: string, sessionToken?: string): Promise<boolean> {\n // Mock implementation - replace with actual session validation\n if (!userId \|\| typeof userId !== 'string') {\n logSecurityEvent({\n type: 'invalid_session_validation',\n timestamp: new Date(),\n details: { reason: 'Invalid userId provided' }\n });\n return Promise.resolve(false);\n }\n \n if (sessionToken && sessionToken.length < 10) {\n logSecurityEvent({\n type: 'suspicious_session_token',\n timestamp: new Date(),\n userId,\n details: { reason: 'Session token too short' }\n });\n return Promise.resolve(false);\n }\n \n return Promise.resolve(true);\n}\n\nexport function createSecureSession(\n _supabaseClient: SupabaseClient,\n sessionData: { userId: string; deviceFingerprint?: string }\n): Promise<string> {\n // Mock implementation - in production, create actual secure session\n const sessionId = `sess_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;\n \n logSecurityEvent({\n type: 'session_created',\n timestamp: new Date(),\n userId: sessionData.userId,\n details: { \n sessionId,\n hasDeviceFingerprint: !!sessionData.deviceFingerprint\n }\n });\n \n return Promise.resolve(sessionId);\n}\n\nexport function invalidateSession(\n _supabaseClient: SupabaseClient,\n sessionId: string\n): Promise<void> {\n // Mock implementation - in production, invalidate actual session\n logSecurityEvent({\n type: 'session_invalidated',\n timestamp: new Date(),\n details: { sessionId }\n });\n \n return Promise.resolve();\n}\n\nexport function getSecurityHeaders(): Record<string, string> {\n return {\n 'X-Content-Type-Options': 'nosniff',\n 'X-Frame-Options': 'DENY',\n 'X-XSS-Protection': '1; mode=block',\n 'Referrer-Policy': 'strict-origin-when-cross-origin',\n 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'\n };\n}\n\nexport function validateSecurityHeaders(headers: Record<string, string>): boolean {\n const requiredHeaders = ['X-Content-Type-Options', 'X-Frame-Options'];\n const missingHeaders = requiredHeaders.filter(header => !headers[header]);\n \n if (missingHeaders.length > 0) {\n logSecurityEvent({\n type: 'missing_security_headers',\n timestamp: new Date(),\n details: { missingHeaders }\n });\n return false;\n }\n \n return true;\n}\n\nexport function generateDeviceFingerprint(): string {\n // Basic device fingerprinting - in production, use more sophisticated methods\n const canvas = document.createElement('canvas');\n const ctx = canvas.getContext('2d');\n if (ctx) {\n ctx.textBaseline = 'top';\n ctx.font = '14px Arial';\n ctx.fillText('Device fingerprint', 2, 2);\n }\n \n const fingerprint = [\n navigator.userAgent,\n navigator.language,\n screen.width + 'x' + screen.height,\n new Date().getTimezoneOffset(),\n canvas.toDataURL()\n ].join('\|');\n \n // Simple hash function for demonstration\n let hash = 0;\n for (let i = 0; i < fingerprint.length; i++) {\n const char = fingerprint.charCodeAt(i);\n hash = ((hash << 5) - hash) + char;\n hash = hash & hash; // Convert to 32-bit integer\n }\n \n return Math.abs(hash).toString(16);\n}\n\nexport function validateDeviceFingerprint(fingerprint: string, expectedFingerprint?: string): boolean {\n if (!fingerprint \|\| typeof fingerprint !== 'string') {\n logSecurityEvent({\n type: 'invalid_device_fingerprint',\n timestamp: new Date(),\n details: { reason: 'Invalid fingerprint format' }\n });\n return false;\n }\n \n if (expectedFingerprint && fingerprint !== expectedFingerprint) {\n logSecurityEvent({\n type: 'device_fingerprint_mismatch',\n timestamp: new Date(),\n details: { \n provided: fingerprint,\n expected: expectedFingerprint\n }\n });\n return false;\n }\n \n return true;\n}\n","\ninterface SecurityEvent {\n id?: string;\n action: string;\n details: Record<string, any>;\n timestamp?: number;\n}\n\ninterface SecurityAlert {\n id: string;\n type: string;\n message: string;\n timestamp: Date;\n}\n\nclass SecurityMonitor {\n private events: SecurityEvent[] = [];\n\n logEvent(event: SecurityEvent) {\n const eventWithId = {\n ...event,\n id: Math.random().toString(36).substr(2, 9),\n timestamp: Date.now()\n };\n this.events.push(eventWithId);\n }\n\n getEvents(): SecurityEvent[] {\n return [...this.events];\n }\n\n clearEvents() {\n this.events = [];\n }\n\n createAlert(alert: Omit<SecurityAlert, 'id' \| 'timestamp'>): SecurityAlert {\n return {\n ...alert,\n id: Math.random().toString(36).substr(2, 9),\n timestamp: new Date()\n };\n }\n}\n\nexport const securityMonitor = new SecurityMonitor();\n","/\n @file Performance Constants\n * @package @jmruthers/pace-core\n * @module Constants/Performance\n * @since 0.1.0\n * \n * Performance thresholds and constants used across the application.\n /\n\n/\n Performance thresholds for various operations.\n * These thresholds are used for smoke tests to detect significant regressions.\n * They are intentionally generous to avoid flakiness in CI/coverage environments.\n /\nexport const PERFORMANCE_THRESHOLDS = {\n /* Render time threshold in milliseconds /\n RENDER_TIME: 200,\n /* Permission check time threshold in milliseconds /\n PERMISSION_CHECK_TIME: 110,\n /* Memory usage increase threshold in bytes /\n MEMORY_USAGE_INCREASE: 1024 1024, // 1MB\n /** Maximum acceptable re-render count /\n RE_RENDER_COUNT: 3,\n} as const;\n\n","/\n Performance benchmarking utilities\n /\n\nexport interface PerformanceMetrics {\n renderTime: number;\n interactionTime: number;\n memoryUsage: number;\n bundleSize: number;\n}\n\nexport function createPerformanceBenchmark(name: string) {\n const startTime = performance.now();\n const startMemory = (performance as any).memory?.usedJSHeapSize \|\| 0;\n\n return {\n end: () => {\n const endTime = performance.now();\n const endMemory = (performance as any).memory?.usedJSHeapSize \|\| 0;\n \n const metrics: PerformanceMetrics = {\n renderTime: endTime - startTime,\n interactionTime: 0, // Would be measured separately\n memoryUsage: endMemory - startMemory,\n bundleSize: 0, // Would be measured at build time\n };\n\n // TODO: Replace with proper logging service integration\n // For now, we'll use a no-op to prevent console pollution\n const _unused = { \n benchmark: `Performance Benchmark [${name}]`, \n metrics \n };\n \n return metrics;\n }\n };\n}\n\nexport function measureRenderPerformance(componentName: string, renderFn: () => void): PerformanceMetrics {\n const startTime = performance.now();\n const startMemory = (performance as any).memory?.usedJSHeapSize \|\| 0;\n \n renderFn();\n \n const endTime = performance.now();\n const endMemory = (performance as any).memory?.usedJSHeapSize \|\| 0;\n \n const metrics: PerformanceMetrics = {\n renderTime: endTime - startTime,\n interactionTime: 0,\n memoryUsage: endMemory - startMemory,\n bundleSize: 0,\n };\n \n // TODO: Replace with proper logging service integration\n // For now, we'll use a no-op to prevent console pollution\n const _unused = { \n benchmark: `Render Performance [${componentName}]`, \n metrics \n };\n \n return metrics;\n} ","\ninterface BundleStats {\n totalSize: number;\n gzippedSize: number;\n chunks: ChunkInfo[];\n treeshakingEffectiveness: number;\n}\n\ninterface ChunkInfo {\n name: string;\n size: number;\n modules: string[];\n dynamicallyImported: boolean;\n}\n\nclass BundleAnalyzer {\n private get enabled(): boolean {\n try {\n return import.meta.env?.MODE === 'development';\n } catch {\n return false;\n }\n }\n\n analyzeBundle(): BundleStats \| null {\n if (!this.enabled) return null;\n\n // In a real implementation, this would integrate with webpack-bundle-analyzer\n // or similar tools. For now, we'll simulate analysis\n \n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.log('Bundle analysis would run here in development');\n console.log('To enable real bundle analysis:');\n console.log('1. Install webpack-bundle-analyzer');\n console.log('2. Add bundle analysis to build scripts');\n console.log('3. Integrate with performance budgets');\n\n return {\n totalSize: 0,\n gzippedSize: 0,\n chunks: [],\n treeshakingEffectiveness: 0\n };\n }\n\n checkTreeshaking(): void {\n if (!this.enabled) return;\n\n const potentialIssues = [\n 'Check for unused exports in index files',\n 'Verify side-effect free modules in package.json',\n 'Ensure proper ES module syntax',\n 'Check for circular dependencies'\n ];\n\n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.group('Tree-shaking Analysis');\n potentialIssues.forEach(issue => console.log('- ' + issue));\n console.groupEnd();\n }\n\n validateExports(): void {\n if (!this.enabled) return;\n\n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.group('Export Validation');\n console.log('Checking for optimal export patterns...');\n console.log('- Prefer named exports over default exports');\n console.log('- Avoid barrel exports for large modules');\n console.log('- Use dynamic imports for large dependencies');\n console.groupEnd();\n }\n\n generateReport(): string {\n const report = `\n# Bundle Analysis Report\n\n## Recommendations for @jmruthers/pace-core\n\n### 1. Code Splitting Opportunities\n- ✅ DataTable virtualization is lazy-loaded\n- ⚠️ Consider splitting auth providers by use case\n- ⚠️ Lazy load heavy UI components (charts, complex forms)\n\n### 2. Tree-shaking Optimization\n- ✅ Using ES modules throughout\n- ✅ Proper sideEffects configuration\n- ⚠️ Check for unused utility functions\n\n### 3. Bundle Size Targets\n- Core components: < 50KB gzipped\n- Auth module: < 30KB gzipped \n- Utilities: < 20KB gzipped\n- Total package: < 150KB gzipped\n\n### 4. Performance Monitoring\n- Monitor component render times\n- Track bundle size changes\n- Validate tree-shaking effectiveness\n `;\n\n return report.trim();\n }\n}\n\nexport const bundleAnalyzer = new BundleAnalyzer();\n\n// Helper to check if imports are optimized\nexport function validateImportPattern(moduleId: string, importedItems: string[]): void {\n try {\n if (import.meta.env?.MODE !== 'development') return;\n } catch {\n return; // Silently skip in test environments\n }\n\n const largeModules = ['lodash', 'moment', 'rxjs'];\n const isLargeModule = largeModules.some(mod => moduleId.includes(mod));\n \n if (isLargeModule && importedItems.length > 5) {\n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.warn(\n 'Large import detected: importing ' + importedItems.length + ' items from ' + moduleId + '. ' +\n 'Consider splitting imports or using more specific imports.'\n );\n }\n}\n\n// Monitor dynamic imports\nexport function trackDynamicImport(moduleName: string): void {\n try {\n if (import.meta.env?.MODE !== 'development') return;\n } catch {\n return; // Silently skip in test environments\n }\n \n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.log('Dynamic import: ' + moduleName + ' - Good for code splitting!');\n}\n","\n/\n Dynamic utility loader to reduce initial bundle size\n * Heavy utilities are loaded on-demand\n /\n\n// Type definitions for dynamic imports\ntype DebounceFunction = <T extends (...args: unknown[]) => unknown>(\n func: T,\n wait?: number,\n options?: { leading?: boolean; maxWait?: number; trailing?: boolean }\n) => T & { cancel(): void; flush(): void };\n\ntype ThrottleFunction = <T extends (...args: unknown[]) => unknown>(\n func: T,\n wait?: number,\n options?: { leading?: boolean; trailing?: boolean }\n) => T & { cancel(): void; flush(): void };\n\n// Dynamic lodash utilities\nexport const loadLodash = async (): Promise<{\n debounce: DebounceFunction;\n throttle: ThrottleFunction;\n}> => {\n // Using type assertions for dynamic imports - these modules don't have consistent type exports\n const [debounceModule, throttleModule] = await Promise.all([\n import('lodash.debounce') as Promise<{ default?: DebounceFunction } & { [key: string]: unknown }>,\n import('lodash.throttle') as Promise<{ default?: ThrottleFunction } & { [key: string]: unknown }>\n ]);\n \n return {\n debounce: (debounceModule.default \|\| debounceModule) as DebounceFunction,\n throttle: (throttleModule.default \|\| throttleModule) as ThrottleFunction\n };\n};\n\n// Dynamic date utilities\nexport const loadDateUtils = async (): Promise<typeof import('date-fns')> => {\n const dateFns = await import('date-fns');\n return dateFns;\n};\n\n// Dynamic chart utilities - using unknown type to avoid Recharts type issues\nexport const loadChartUtils = async (): Promise<unknown> => {\n const recharts = await import('recharts');\n return recharts;\n};\n\n// Dynamic form utilities\nexport const loadFormUtils = async (): Promise<{\n useForm: unknown;\n useController: unknown;\n Controller: unknown;\n FormProvider: unknown;\n useFormContext: unknown;\n useWatch: unknown;\n useFormState: unknown;\n useFieldArray: unknown;\n zodResolver: unknown;\n}> => {\n const [reactHookForm, zodResolvers] = await Promise.all([\n import('react-hook-form'),\n import('@hookform/resolvers/zod')\n ]);\n \n return {\n ...reactHookForm,\n zodResolver: zodResolvers.zodResolver\n };\n};\n\n// Dynamic CSV utilities\nexport const loadCSVUtils = async (): Promise<unknown> => {\n const papaparse = await import('papaparse');\n return papaparse.default;\n};\n\n// Utility function to create lazy utility hooks\nexport function createLazyUtility<T>(loader: () => Promise<T>) {\n let cached: T \| null = null;\n let loading: Promise<T> \| null = null;\n\n return {\n load: async (): Promise<T> => {\n if (cached) return cached;\n if (loading) return loading;\n\n loading = loader().then(result => {\n cached = result;\n loading = null;\n return result;\n });\n\n return loading;\n },\n getCached: (): T \| null => cached,\n isLoaded: (): boolean => cached !== null\n };\n}\n\n// Pre-configured lazy utilities with explicit types\nexport const lazyLodash: ReturnType<typeof createLazyUtility<Awaited<ReturnType<typeof loadLodash>>>> = createLazyUtility(loadLodash);\nexport const lazyDateUtils: ReturnType<typeof createLazyUtility<Awaited<ReturnType<typeof loadDateUtils>>>> = createLazyUtility(loadDateUtils);\nexport const lazyChartUtils: ReturnType<typeof createLazyUtility<unknown>> = createLazyUtility(loadChartUtils);\nexport const lazyFormUtils: ReturnType<typeof createLazyUtility<Awaited<ReturnType<typeof loadFormUtils>>>> = createLazyUtility(loadFormUtils);\nexport const lazyCSVUtils: ReturnType<typeof createLazyUtility<unknown>> = createLazyUtility(loadCSVUtils);\n","import React, { Suspense, ComponentType, lazy } from 'react';\nimport { LoadingSpinner } from '../../components/LoadingSpinner/LoadingSpinner';\n\ninterface LazyLoadOptions {\n fallback?: React.ReactNode;\n errorBoundary?: ComponentType<{ children: React.ReactNode }>;\n}\n\n/\n Create a lazy-loaded component with error boundary and loading fallback\n /\nexport function createLazyComponent<T extends ComponentType<any>>(\n importFn: () => Promise<{ default: T }>,\n componentName: string,\n options: LazyLoadOptions = {}\n): T {\n const LazyComponent = lazy(importFn);\n \n const WrappedComponent = (props: any) => {\n const content = (\n <Suspense fallback={options.fallback \|\| <LoadingSpinner />}>\n <LazyComponent {...props} />\n </Suspense>\n );\n\n if (options.errorBoundary) {\n const ErrorBoundary = options.errorBoundary;\n return <ErrorBoundary>{content}</ErrorBoundary>;\n }\n\n return content;\n };\n \n WrappedComponent.displayName = `Lazy${componentName}`;\n return WrappedComponent as T;\n}\n\n/\n Lazy-loaded DataTable component\n /\nexport const LazyDataTable = createLazyComponent(\n () => import('../../components/DataTable').then(module => ({ default: module.DataTable })),\n 'DataTable'\n);\n","\n/\n Permission utilities for transforming and managing permissions\n /\n\nexport function transformPermissionMapToBoolean(permissions: Record<string, unknown>): Record<string, boolean> {\n const result: Record<string, boolean> = {};\n \n Object.entries(permissions).forEach(([key, value]) => {\n if (typeof value === 'string') {\n // Handle string values - 'false' should be false, empty strings are false, other non-empty strings are true\n result[key] = value !== '' && value.toLowerCase() !== 'false';\n } else {\n result[key] = Boolean(value);\n }\n });\n \n return result;\n}\n\nexport function hasPermission(permissions: Record<string, boolean>, permission: string): boolean {\n return Boolean(permissions[permission]);\n}\n\nexport function hasAnyPermission(permissions: Record<string, boolean>, permissionList: string[] \| null \| undefined): boolean {\n if (!permissionList \|\| permissionList.length === 0) return false;\n return permissionList.some(permission => hasPermission(permissions, permission));\n}\n\nexport function hasAllPermissions(permissions: Record<string, boolean>, permissionList: string[] \| null \| undefined): boolean {\n if (!permissionList) return false;\n if (permissionList.length === 0) return true;\n return permissionList.every(permission => hasPermission(permissions, permission));\n}\n","\n/\n @file Permission type definitions and utilities\n /\n\nexport enum PermissionType {\n READ = 'read',\n WRITE = 'write',\n DELETE = 'delete',\n ADMIN = 'admin'\n}\n\n/\n Parse a permission string into components\n /\nexport function parsePermission(permission: string): { resource: string; action: string } \| null {\n if (!permission \|\| typeof permission !== 'string') {\n return null;\n }\n \n const parts = permission.split(':');\n if (parts.length !== 2) {\n return null;\n }\n \n const [action, resource] = parts;\n \n // Check that both action and resource exist and are not empty\n if (action === undefined \|\| resource === undefined \|\| action === '' \|\| resource === '') {\n return null;\n }\n \n return {\n resource,\n action\n };\n}\n","\n/\n @file Audit Logger - General Utility\n * \n * Moved from shared/auditLogger to lib for better organization\n /\n\nexport interface AuditEvent {\n type: 'auth' \| 'permission' \| 'security';\n action?: string;\n event?: string;\n user?: string;\n userId?: string;\n details?: Record<string, unknown>;\n data?: Record<string, unknown>;\n timestamp?: number;\n severity?: 'low' \| 'medium' \| 'high' \| 'critical';\n source?: string;\n}\n\nclass AuditLogger {\n private events: AuditEvent[] = [];\n\n log(event: AuditEvent): void {\n const eventWithTimestamp = {\n ...event,\n timestamp: Date.now(),\n };\n \n this.events.push(eventWithTimestamp);\n // TODO: In production, this should send to a proper logging service\n // Console logging removed for production\n }\n\n async logPermissionEvent(event: {\n event: string;\n userId: string;\n data?: Record<string, unknown>;\n }): Promise<void> {\n this.log({\n type: 'permission',\n event: event.event,\n userId: event.userId,\n data: event.data,\n });\n }\n\n async logSecurityEvent(event: {\n event: string;\n data?: Record<string, unknown>;\n }): Promise<void> {\n this.log({\n type: 'security',\n event: event.event,\n data: event.data,\n });\n }\n\n async logAuthEvent(event: {\n event: string;\n userId?: string;\n data?: Record<string, unknown>;\n }): Promise<void> {\n this.log({\n type: 'auth',\n event: event.event,\n userId: event.userId,\n data: event.data,\n });\n }\n\n async getSecurityEvents(): Promise<AuditEvent[]> {\n return this.events.filter(event => event.type === 'security');\n }\n\n getEvents(): AuditEvent[] {\n return [...this.events];\n }\n\n clearEvents(): void {\n this.events = [];\n }\n}\n\nexport const auditLogger = new AuditLogger();\n\n// Alias for backward compatibility\nexport const auditLog = auditLogger;\n\nexport function logAuthEvent(action: string, user?: string, details?: Record<string, unknown>): void {\n auditLogger.log({\n type: 'auth',\n action,\n user,\n details,\n });\n // Console logging removed for production\n}\n\nexport function logPermissionEvent(action: string, user?: string, details?: Record<string, unknown>): void {\n auditLogger.log({\n type: 'permission',\n action,\n user,\n details,\n });\n // Console logging removed for production\n}\n\nexport function logSecurityEvent(action: string, user?: string, details?: Record<string, unknown>): void {\n auditLogger.log({\n type: 'security',\n action,\n user,\n details,\n });\n // Console logging removed for production\n}\n\nexport function logAuditEvent(action: string, user?: string, details?: Record<string, unknown>): void {\n auditLogger.log({\n type: 'auth', // Default to auth type for general audit events\n action,\n user,\n details,\n });\n}\n","/\n @file Secure Device Fingerprinting\n * @description Enhanced device fingerprinting with encryption and security measures\n /\n\nimport { secureStorage } from '../security/secureStorage';\n\nexport interface DeviceFingerprint {\n hash: string;\n timestamp: number;\n components: {\n userAgent: string;\n language: string;\n platform: string;\n screen: string;\n timezone: string;\n canvas?: string;\n webgl?: string;\n };\n entropy: number;\n}\n\n/\n Generate a secure device fingerprint (synchronous)\n /\nexport function generateDeviceFingerprint(): DeviceFingerprint {\n try {\n const components = {\n userAgent: getHashedUserAgent(),\n language: navigator.language \|\| 'unknown',\n platform: navigator.platform \|\| 'unknown',\n screen: `${screen.width}x${screen.height}x${screen.colorDepth}`,\n timezone: Intl.DateTimeFormat().resolvedOptions().timeZone \|\| 'unknown',\n canvas: getCanvasFingerprint(),\n webgl: getWebGLFingerprint(),\n };\n\n // Calculate entropy (uniqueness score)\n const entropy = calculateEntropy(components);\n \n // Create a hash from all components\n const fingerprintData = JSON.stringify(components);\n const hash = hashStringSync(fingerprintData);\n\n const fingerprint: DeviceFingerprint = {\n hash,\n timestamp: Date.now(),\n components,\n entropy,\n };\n\n // Store fingerprint asynchronously\n secureStorage.setItem('device_fingerprint', JSON.stringify(fingerprint));\n \n return fingerprint;\n } catch (error) {\n return generateFallbackFingerprint();\n }\n}\n\n/\n Validate device fingerprint with security checks\n /\nexport function validateDeviceFingerprint(\n storedFingerprint: DeviceFingerprint,\n currentFingerprint: DeviceFingerprint\n): {\n isValid: boolean;\n confidence: number;\n reasons: string[];\n} {\n const reasons: string[] = [];\n let matchingComponents = 0;\n const totalComponents = Object.keys(storedFingerprint.components).length;\n\n // Check each component\n Object.entries(storedFingerprint.components).forEach(([key, value]) => {\n if (currentFingerprint.components[key as keyof typeof currentFingerprint.components] === value) {\n matchingComponents++;\n } else {\n reasons.push(`Component mismatch: ${key}`);\n }\n });\n\n // Calculate confidence score\n const confidence = (matchingComponents / totalComponents) 100;\n\n // Security thresholds\n const isValid = confidence >= 80; // Require 80% match\n \n // Additional security checks\n const timeDiff = currentFingerprint.timestamp - storedFingerprint.timestamp;\n const maxAge = 30 * 24 * 60 * 60 * 1000; // 30 days\n \n if (timeDiff > maxAge) {\n reasons.push('Fingerprint too old');\n return { isValid: false, confidence, reasons };\n }\n\n if (confidence < 60) {\n reasons.push('Device signature changed significantly');\n }\n\n return { isValid, confidence, reasons };\n}\n\n/*\n Generate canvas fingerprint for enhanced uniqueness\n /\nfunction getCanvasFingerprint(): string {\n try {\n const canvas = document.createElement('canvas');\n const ctx = canvas.getContext('2d');\n \n if (!ctx) return 'canvas-unavailable';\n\n // Draw complex pattern for fingerprinting\n ctx.textBaseline = 'top';\n ctx.font = '14px Arial';\n ctx.fillStyle = '#f60';\n ctx.fillRect(125, 1, 62, 20);\n ctx.fillStyle = '#069';\n ctx.fillText('Device fingerprint 🔒', 2, 15);\n ctx.fillStyle = 'rgba(102, 204, 0, 0.2)';\n ctx.fillText('Device fingerprint 🔒', 4, 17);\n\n const dataURL = canvas.toDataURL();\n return hashStringSync(dataURL);\n } catch (error) {\n return 'canvas-error';\n }\n}\n\n/\n Get WebGL fingerprint\n /\nfunction getWebGLFingerprint(): string {\n try {\n const canvas = document.createElement('canvas');\n const gl = canvas.getContext('webgl') \|\| canvas.getContext('experimental-webgl') as WebGLRenderingContext \| null;\n \n if (!gl) return 'webgl-unavailable';\n\n const debugInfo = gl.getExtension('WEBGL_debug_renderer_info');\n if (!debugInfo) return 'webgl-no-debug';\n\n const vendor = gl.getParameter(debugInfo.UNMASKED_VENDOR_WEBGL);\n const renderer = gl.getParameter(debugInfo.UNMASKED_RENDERER_WEBGL);\n \n return `${vendor}\|${renderer}`;\n } catch (error) {\n return 'webgl-error';\n }\n}\n\n/\n Hash user agent to prevent direct exposure\n /\nfunction getHashedUserAgent(): string {\n const ua = navigator.userAgent;\n return hashStringSync(ua).substring(0, 16); // Shorter hash for storage\n}\n\n/\n Calculate entropy of fingerprint components\n /\nfunction calculateEntropy(components: Record<string, string>): number {\n const values = Object.values(components).join('');\n const charCounts = new Map<string, number>();\n \n for (const char of values) {\n charCounts.set(char, (charCounts.get(char) \|\| 0) + 1);\n }\n \n let entropy = 0;\n for (const count of charCounts.values()) {\n const probability = count / values.length;\n entropy -= probability Math.log2(probability);\n }\n \n return entropy;\n}\n\n/*\n Synchronous hash function for device fingerprinting\n /\nfunction hashStringSync(str: string): string {\n let hash = 0;\n for (let i = 0; i < str.length; i++) {\n const char = str.charCodeAt(i);\n hash = ((hash << 5) - hash) + char;\n hash = hash & hash;\n }\n return Math.abs(hash).toString(36);\n}\n\n/\n Generate fallback fingerprint for error cases\n /\nfunction generateFallbackFingerprint(): DeviceFingerprint {\n const components = {\n userAgent: 'fallback',\n language: 'unknown',\n platform: 'unknown',\n screen: 'unknown',\n timezone: 'unknown',\n };\n\n return {\n hash: `fallback_${Date.now()}_${Math.random().toString(36)}`,\n timestamp: Date.now(),\n components,\n entropy: 1, // Low entropy for fallback\n };\n}\n","/\n @file Location Utilities\n * @package @jmruthers/pace-core\n * @module Utils/Location\n * @since 0.1.0\n \n Utility functions for working with geographic coordinates.\n * Provides functions for formatting, validating, comparing, and generating URLs for coordinates.\n \n Features:\n * - Format coordinates for display\n * - Validate coordinate objects\n * - Compare coordinates with tolerance\n * - Generate Google Maps URLs\n \n @example\n * ```ts\n * import { formatCoordinates, hasValidCoordinates, areCoordinatesEqual, getGoogleMapsUrl } from '@jmruthers/pace-core/utils/location';\n \n const coords = { lat: -37.8136, lng: 144.9631 };\n \n // Format for display\n * formatCoordinates(coords); // \"-37.813600, 144.963100\"\n \n // Validate\n * hasValidCoordinates(coords); // true\n \n // Compare\n * areCoordinatesEqual(coords, { lat: -37.8137, lng: 144.9632 }); // true (within tolerance)\n \n // Generate Google Maps URL\n * getGoogleMapsUrl(coords); // \"https://www.google.com/maps/search/?api=1&query=-37.8136,144.9631\"\n * ```\n /\n\n/\n Coordinate interface for latitude and longitude\n /\nexport interface Coordinates {\n lat: number;\n lng: number;\n}\n\n/\n Format coordinates as a string with 6 decimal places\n \n @param coords - Coordinate object with lat and lng\n * @returns Formatted string \"lat, lng\" or \"N/A\" if invalid\n \n @example\n * ```ts\n * formatCoordinates({ lat: -37.8136, lng: 144.9631 });\n * // \"-37.813600, 144.963100\"\n \n formatCoordinates(undefined);\n * // \"N/A\"\n * ```\n /\nexport function formatCoordinates(coords?: Coordinates): string {\n if (!coords \|\| typeof coords.lat !== 'number' \|\| typeof coords.lng !== 'number') {\n return 'N/A';\n }\n\n if (!isFinite(coords.lat) \|\| !isFinite(coords.lng)) {\n return 'N/A';\n }\n\n return `${coords.lat.toFixed(6)}, ${coords.lng.toFixed(6)}`;\n}\n\n/\n Check if coordinates are valid\n \n @param coords - Coordinate object to validate\n * @returns true if coordinates are valid, false otherwise\n \n @example\n * ```ts\n * hasValidCoordinates({ lat: -37.8136, lng: 144.9631 }); // true\n * hasValidCoordinates({ lat: 91, lng: 0 }); // false (lat out of range)\n * hasValidCoordinates(undefined); // false\n * ```\n /\nexport function hasValidCoordinates(coords?: { lat?: number; lng?: number }): boolean {\n if (!coords) {\n return false;\n }\n\n const { lat, lng } = coords;\n\n if (typeof lat !== 'number' \|\| typeof lng !== 'number') {\n return false;\n }\n\n if (!isFinite(lat) \|\| !isFinite(lng)) {\n return false;\n }\n\n // Latitude must be between -90 and 90\n if (lat < -90 \|\| lat > 90) {\n return false;\n }\n\n // Longitude must be between -180 and 180\n if (lng < -180 \|\| lng > 180) {\n return false;\n }\n\n return true;\n}\n\n/\n Check if two coordinates are equal within a tolerance\n \n @param coords1 - First coordinate object\n * @param coords2 - Second coordinate object\n * @param tolerance - Tolerance in degrees (default: 0.0001° ≈ 11 meters)\n * @returns true if coordinates are within tolerance, false otherwise\n \n @example\n * ```ts\n * const coords1 = { lat: -37.8136, lng: 144.9631 };\n * const coords2 = { lat: -37.8137, lng: 144.9632 };\n * areCoordinatesEqual(coords1, coords2); // true (within default tolerance)\n * areCoordinatesEqual(coords1, coords2, 0.00001); // false (stricter tolerance)\n * ```\n /\nexport function areCoordinatesEqual(\n coords1: Coordinates \| null \| undefined,\n coords2: Coordinates \| null \| undefined,\n tolerance: number = 0.0001\n): boolean {\n // Both null/undefined are considered equal\n if (!coords1 && !coords2) {\n return true;\n }\n\n // One null/undefined and one not are not equal\n if (!coords1 \|\| !coords2) {\n return false;\n }\n\n // Validate both coordinates\n if (!hasValidCoordinates(coords1) \|\| !hasValidCoordinates(coords2)) {\n return false;\n }\n\n // Check if within tolerance (with small epsilon for floating point precision)\n const epsilon = 1e-10;\n const latDiff = Math.abs(coords1.lat - coords2.lat);\n const lngDiff = Math.abs(coords1.lng - coords2.lng);\n\n return latDiff <= tolerance + epsilon && lngDiff <= tolerance + epsilon;\n}\n\n/\n Generate a Google Maps search URL for coordinates\n \n @param coords - Coordinate object with lat and lng\n * @returns Google Maps search URL or empty string if invalid\n \n @example\n * ```ts\n * getGoogleMapsUrl({ lat: -37.8136, lng: 144.9631 });\n * // \"https://www.google.com/maps/search/?api=1&query=-37.8136,144.9631\"\n * ```\n */\nexport function getGoogleMapsUrl(coords?: Coordinates): string {\n if (!coords \|\| !hasValidCoordinates(coords)) {\n return '';\n }\n\n return `https://www.google.com/maps/search/?api=1&query=${coords.lat},${coords.lng}`;\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAWO,IAAM,cAAN,MAAkB;AAAA;AAAA;AAAA;AAAA,EAIvB,WAAmB,gBAAyB;AAC1C,WAAO,YAAY,IAAI,SAAS;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAI,WAAmB,YAAoB,MAAmB;AACnE,QAAI,KAAK,eAAe;AACtB,UAAI;AACF,gBAAQ,IAAI,IAAI,SAAS,KAAK,OAAO,IAAI,GAAG,IAAI;AAAA,MAClD,SAAS,GAAG;AAAA,MAEZ;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAM,WAAmB,YAAoB,MAAmB;AACrE,QAAI;AACF,cAAQ,MAAM,IAAI,SAAS,KAAK,OAAO,IAAI,GAAG,IAAI;AAAA,IACpD,SAAS,GAAG;AAAA,IAEZ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,KAAK,WAAmB,YAAoB,MAAmB;AACpE,QAAI;AACF,cAAQ,KAAK,IAAI,SAAS,KAAK,OAAO,IAAI,GAAG,IAAI;AAAA,IACnD,SAAS,GAAG;AAAA,IAEZ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,KAAK,WAAmB,YAAoB,MAAmB;AACpE,QAAI,KAAK,eAAe;AACtB,UAAI;AACF,gBAAQ,KAAK,IAAI,SAAS,KAAK,OAAO,IAAI,GAAG,IAAI;AAAA,MACnD,SAAS,GAAG;AAAA,MAEZ;AAAA,IACF;AAAA,EACF;AACF;;;ACtDO,SAAS,aAAa,OAAwB;AACnD,QAAM,eAAe;AACrB,SAAO,aAAa,KAAK,KAAK;AAChC;AAKO,SAAS,QAAQ,OAA2C;AACjE,SAAO,UAAU,QAAQ,UAAU,UAAa,MAAM,KAAK,MAAM;AACnE;AAKO,SAAS,iBAAiB,UAA2B;AAE1D,QAAM,kBAAkB;AACxB,SAAO,gBAAgB,KAAK,QAAQ;AACtC;AAKO,SAAS,WAAW,KAAsB;AAC/C,MAAI;AACF,QAAI,IAAI,GAAG;AACX,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAKO,SAAS,YAAY,SAA0B;AACpD,QAAM,OAAO,IAAI,KAAK,OAAO;AAC7B,SAAO,CAAC,MAAM,KAAK,QAAQ,CAAC;AAC9B;AAKO,SAAS,cAAc,OAAe,KAAa,KAAsB;AAC9E,SAAO,SAAS,OAAO,SAAS;AAClC;AAKO,SAAS,eAAe,OAAe,SAA0B;AACtE,SAAO,QAAQ,KAAK,KAAK;AAC3B;AAMO,SAAS,UACd,QACA,QACG;AACH,QAAM,SAAS,EAAE,GAAG,OAAO;AAE3B,MAAI,SAAS,MAAM,KAAK,SAAS,MAAM,GAAG;AACxC,WAAO,KAAK,MAAM,EAAE,QAAQ,SAAO;AACjC,UAAI,SAAS,OAAO,GAAG,CAAC,GAAG;AACzB,YAAI,EAAE,OAAO,SAAS;AACpB,iBAAO,OAAO,QAAQ,EAAE,CAAC,GAAG,GAAG,OAAO,GAAG,EAAE,CAAC;AAAA,QAC9C,OAAO;AAEL,gBAAM,YAAY;AAClB,gBAAM,cAAc,OAAO,SAAS;AAEpC,cAAI,SAAS,WAAW,GAAG;AAEzB,mBAAO,SAAS,IAAI;AAAA,cAClB;AAAA,cACA,OAAO,GAAG;AAAA,YACZ;AAAA,UACF;AAAA,QACF;AAAA,MACF,OAAO;AACL,eAAO,OAAO,QAAQ,EAAE,CAAC,GAAG,GAAG,OAAO,GAAG,EAAE,CAAC;AAAA,MAC9C;AAAA,IACF,CAAC;AAAA,EACH;AAEA,SAAO;AACT;AAMO,SAAS,SAAS,MAAgD;AACvE,SAAO,SAAS,QAAQ,OAAO,SAAS,YAAY,CAAC,MAAM,QAAQ,IAAI;AACzE;;;ACvGA,SAAS,KAAAA,UAAS;;;ACGlB,SAAS,SAAS;AAiBlB,IAAM,kBAAuC;AAAA,EAC3C,WAAW;AAAA,EACX,aAAa,CAAC;AAAA,EACd,WAAW;AAAA,EACX,MAAM;AAAA,EACN,eAAe;AAAA,EACf,cAAc;AAChB;AAKO,SAAS,kBAAkB,OAAe,UAA+B,CAAC,GAAW;AAC1F,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AAEA,QAAM,OAAO,EAAE,GAAG,iBAAiB,GAAG,QAAQ;AAC9C,MAAI,YAAY;AAGhB,MAAI,KAAK,MAAM;AACb,gBAAY,UAAU,KAAK;AAAA,EAC7B;AAGA,MAAI,KAAK,aAAa,UAAU,SAAS,KAAK,WAAW;AACvD,gBAAY,UAAU,UAAU,GAAG,KAAK,SAAS;AAAA,EACnD;AAGA,MAAI,CAAC,KAAK,WAAW;AACnB,gBAAY,UACT,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,QAAQ,EACtB,QAAQ,MAAM,QAAQ,EACtB,QAAQ,OAAO,QAAQ;AAAA,EAC5B,WAAW,KAAK,eAAe,KAAK,YAAY,SAAS,GAAG;AAE1D,UAAM,mBAAmB,IAAI,OAAO,YAAa,KAAK,YAAY,KAAK,GAAG,CAAC,iBAAmB,IAAI;AAClG,gBAAY,UAAU,QAAQ,kBAAkB,EAAE;AAAA,EACpD;AAGA,MAAI,KAAK,eAAe;AACtB,gBAAY,UACT,QAAQ,gCAAgC,EAAE,EAC1C,QAAQ,iBAAiB,EAAE,EAC3B,QAAQ,eAAe,EAAE,EACzB,QAAQ,WAAW,EAAE;AAAA,EAC1B;AAGA,MAAI,KAAK,cAAc;AACrB,gBAAY,UAAU,QAAQ,eAAe,EAAE;AAAA,EACjD;AAEA,SAAO;AACT;AAKO,SAAS,cAAc,OAAuB;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AAEA,SAAO,MACJ,KAAK,EACL,YAAY,EACZ,QAAQ,aAAa,EAAE;AAC5B;AAqEO,SAAS,iBACd,MACA,QACA,mBACgD;AAChD,MAAI;AAEF,QAAI,qBAAqB,OAAO,SAAS,YAAY,SAAS,MAAM;AAClE,YAAM,gBAAgB,EAAE,GAAG,KAAK;AAEhC,aAAO,QAAQ,iBAAiB,EAAE,QAAQ,CAAC,CAAC,OAAO,OAAO,MAAM;AAC9D,YAAI,OAAO,cAAc,KAAK,MAAM,UAAU;AAC5C,wBAAc,KAAK,IAAI,kBAAkB,cAAc,KAAK,GAAa,OAAO;AAAA,QAClF;AAAA,MACF,CAAC;AAED,aAAO;AAAA,IACT;AAGA,UAAM,SAAS,OAAO,MAAM,IAAI;AAChC,WAAO,EAAE,SAAS,MAAM,MAAM,OAAO;AAAA,EACvC,SAAS,OAAO;AACd,QAAI,iBAAiB,EAAE,UAAU;AAC/B,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO,MAAM,OAAO,IAAI,OAAK,EAAE,OAAO,EAAE,KAAK,IAAI;AAAA,MACnD;AAAA,IACF;AACA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,OAAO;AAAA,IACT;AAAA,EACF;AACF;AAqEO,IAAM,oBAAoB,EAC9B,OAAO,EACP,IAAI,GAAG,mBAAmB,EAC1B,MAAM,sBAAsB,EAC5B,IAAI,KAAK,gBAAgB,EACzB;AAAA,EACC,CAAC,UAAU;AACT,QAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAEhD,UAAM,SAAS,MAAM,MAAM,GAAG,EAAE,CAAC;AACjC,WAAO,UAAU,OAAO,SAAS,GAAG,KAAK,OAAO,SAAS;AAAA,EAC3D;AAAA,EACA;AACF,EACC,UAAU,CAAC,UAAU,cAAc,KAAK,CAAC;AAKrC,IAAMC,eAAc,EACxB,OAAO,EACP,IAAI,GAAG,mBAAmB,EAC1B,MAAM,sBAAsB;AAKxB,IAAMC,cAAa,EACvB,OAAO,EACP,IAAI,GAAG,kBAAkB,EACzB,IAAI,KAAK,eAAe,EACxB,MAAM,mBAAmB,kCAAkC;AAKvD,IAAMC,eAAc,EACxB,OAAO,EACP,MAAM,0BAA0B,6BAA6B;AAKzD,IAAMC,aAAY,EACtB,OAAO,EACP,IAAI,oBAAoB;AAKpB,IAAMC,cAAa,EACvB,OAAO,EACP,MAAM,uBAAuB,kCAAkC;AAK3D,IAAMC,qBAAoB,EAAE,OAAO;AAAA,EACxC,OAAO;AAAA,EACP,UAAU,EAAE,OAAO,EAAE,IAAI,GAAG,sBAAsB;AACpD,CAAC;;;AD/TM,SAAS,kBACd,QACA,MACA,mBACgD;AAChD,SAAO,iBAAiB,MAAM,QAAQ,iBAAiB;AACzD;AAKO,IAAMC,eAAcC,GAAE,OAAO,EACjC,UAAU,WAAS,MAAM,YAAY,EAAE,KAAK,CAAC,EAC7C,KAAKA,GAAE,OAAO,EAAE,IAAI,GAAG,mBAAmB,EAAE,MAAM,sBAAsB,EAAE,IAAI,KAAK,gBAAgB,CAAC;AAKhG,IAAMC,kBAAiBD,GAAE,OAAO,EACpC,IAAI,GAAG,wCAAwC,EAC/C,IAAI,KAAK,mBAAmB,EAC5B,MAAM,SAAS,qDAAqD,EACpE,MAAM,SAAS,qDAAqD,EACpE,MAAM,SAAS,2CAA2C,EAC1D,MAAM,gBAAgB,sDAAsD;AAKxE,IAAM,iBAAiBA,GAAE,OAAO,EACpC,UAAU,cAAY,SAAS,YAAY,EAAE,KAAK,CAAC,EACnD,KAAKA,GAAE,OAAO,EAAE,IAAI,GAAG,wCAAwC,EAAE,IAAI,IAAI,mBAAmB,EAAE,MAAM,oBAAoB,sEAAsE,CAAC;AAK3L,IAAME,cAAaF,GAAE,OAAO,EAChC,IAAI,GAAG,kBAAkB,EACzB,IAAI,KAAK,eAAe,EACxB,OAAO,UAAQ;AAEd,QAAM,oBAAoB;AAAA,IACxB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO,CAAC,kBAAkB,KAAK,aAAW,QAAQ,KAAK,IAAI,CAAC;AAC9D,GAAG,kCAAkC,EACpC,UAAU,UAAQ,kBAAkB,MAAM;AAAA,EACzC,WAAW;AAAA,EACX,WAAW;AAAA,EACX,MAAM;AACR,CAAC,CAAC;AAKG,IAAMG,eAAcH,GAAE,OAAO,EACjC,IAAI,IAAI,yCAAyC,EACjD,IAAI,IAAI,uBAAuB,EAC/B,MAAM,2BAA2B,6BAA6B,EAC9D,OAAO,WAAS;AAEf,QAAM,aAAa,MAAM,QAAQ,OAAO,EAAE;AAC1C,SAAO,WAAW,UAAU,MAAM,WAAW,UAAU;AACzD,GAAG,+CAA+C;AAK7C,IAAMI,aAAYJ,GAAE,OAAO,EAC/B,IAAI,GAAG,iBAAiB,EACxB,IAAI,MAAM,cAAc,EACxB,OAAO,SAAO;AACb,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,WAAO,CAAC,SAAS,QAAQ,EAAE,SAAS,OAAO,QAAQ;AAAA,EACrD,QAAQ;AACN,WAAO;AAAA,EACT;AACF,GAAG,oBAAoB,EACtB,OAAO,SAAO;AAEb,QAAM,oBAAoB;AAAA,IACxB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO,CAAC,kBAAkB,KAAK,aAAW,QAAQ,KAAK,GAAG,CAAC;AAC7D,GAAG,+BAA+B;;;AE/FpC,IAAM,cAAN,MAAkB;AAAA,EAAlB;AACE,SAAQ,aAAa,oBAAI,IAA2B;AACpD,SAAiB,eAAe,KAAK,KAAK;AAC1C;AAAA,SAAiB,yBAAyB;AAAA;AAAA;AAAA;AAAA;AAAA,EAK1C,MAAM,cAAc,WAAoC;AACtD,QAAI;AAEF,YAAM,KAAK,qBAAqB;AAGhC,YAAM,gBAAgB,MAAM,KAAK,KAAK,WAAW,OAAO,CAAC,EACtD,OAAO,UAAQ,KAAK,cAAc,aAAa,CAAC,KAAK,IAAI;AAE5D,UAAI,cAAc,UAAU,KAAK,wBAAwB;AAEvD,cAAM,SAAS,cAAc,KAAK,CAAC,GAAG,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;AACxE,aAAK,WAAW,OAAO,OAAO,KAAK;AAAA,MACrC;AAGA,YAAM,aAAa,IAAI,WAAW,EAAE;AACpC,aAAO,gBAAgB,UAAU;AACjC,YAAM,QAAQ,MAAM;AAAA,QAAK;AAAA,QAAY,UACnC,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG;AAAA,MACnC,EAAE,KAAK,EAAE;AAET,YAAM,YAA2B;AAAA,QAC/B;AAAA,QACA;AAAA,QACA,WAAW,KAAK,IAAI;AAAA,QACpB,MAAM;AAAA,MACR;AAGA,WAAK,WAAW,IAAI,OAAO,SAAS;AACpC,YAAM,KAAK,cAAc;AAEzB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,YAAM,IAAI,MAAM,8BAA8B;AAAA,IAChD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,cAAc,OAAe,WAAqC;AACtE,QAAI;AAEF,UAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,cAAM,KAAK,WAAW;AAAA,MACxB;AAEA,YAAM,YAAY,KAAK,WAAW,IAAI,KAAK;AAE3C,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,MACT;AAGA,UAAI,UAAU,cAAc,WAAW;AACrC,eAAO;AAAA,MACT;AAGA,UAAI,UAAU,MAAM;AAClB,eAAO;AAAA,MACT;AAGA,UAAI,KAAK,IAAI,IAAI,UAAU,YAAY,KAAK,cAAc;AACxD,aAAK,WAAW,OAAO,KAAK;AAC5B,cAAM,KAAK,cAAc;AACzB,eAAO;AAAA,MACT;AAGA,gBAAU,OAAO;AACjB,WAAK,WAAW,IAAI,OAAO,SAAS;AACpC,YAAM,KAAK,cAAc;AAEzB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,WAA2C;AAE/D,QAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,YAAM,KAAK,WAAW;AAAA,IACxB;AAGA,eAAW,CAAC,OAAO,IAAI,KAAK,KAAK,WAAW,QAAQ,GAAG;AACrD,UACE,KAAK,cAAc,aACnB,CAAC,KAAK,QACL,KAAK,IAAI,IAAI,KAAK,YAAa,KAAK,cACrC;AACA,eAAO;AAAA,MACT;AAAA,IACF;AAGA,WAAO,MAAM,KAAK,cAAc,SAAS;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,uBAAsC;AAClD,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,gBAA0B,CAAC;AAEjC,eAAW,CAAC,OAAO,IAAI,KAAK,KAAK,WAAW,QAAQ,GAAG;AACrD,UAAI,KAAK,QAAS,MAAM,KAAK,YAAa,KAAK,cAAc;AAC3D,sBAAc,KAAK,KAAK;AAAA,MAC1B;AAAA,IACF;AAEA,kBAAc,QAAQ,WAAS,KAAK,WAAW,OAAO,KAAK,CAAC;AAE5D,QAAI,cAAc,SAAS,GAAG;AAC5B,YAAM,KAAK,cAAc;AAAA,IAC3B;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,gBAA+B;AAC3C,QAAI;AACF,YAAM,cAAc,MAAM,KAAK,KAAK,WAAW,QAAQ,CAAC;AACxD,YAAM,cAAc;AAAA,QAClB;AAAA,QACA,KAAK,UAAU,WAAW;AAAA,QAC1B,EAAE,SAAS,MAAM,QAAQ,KAAK,aAAa;AAAA,MAC7C;AAAA,IACF,SAAS,OAAO;AAAA,IAEhB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,aAA4B;AACxC,QAAI;AACF,YAAM,aAAa,MAAM,cAAc,QAAQ,aAAa;AAC5D,UAAI,YAAY;AACd,cAAM,cAAc,KAAK,MAAM,UAAU;AACzC,aAAK,aAAa,IAAI,IAAI,WAAW;AAErC,cAAM,KAAK,qBAAqB;AAAA,MAClC;AAAA,IACF,SAAS,OAAO;AACd,WAAK,WAAW,MAAM;AAAA,IACxB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,WAAkC;AACnD,UAAM,iBAA2B,CAAC;AAElC,eAAW,CAAC,OAAO,IAAI,KAAK,KAAK,WAAW,QAAQ,GAAG;AACrD,UAAI,KAAK,cAAc,WAAW;AAChC,uBAAe,KAAK,KAAK;AAAA,MAC3B;AAAA,IACF;AAEA,mBAAe,QAAQ,WAAS,KAAK,WAAW,OAAO,KAAK,CAAC;AAC7D,UAAM,KAAK,cAAc;AAAA,EAC3B;AACF;AAGO,IAAM,cAAc,IAAI,YAAY;AAG3C,eAAsB,kBAAkB,WAAoC;AAC1E,SAAO,YAAY,cAAc,SAAS;AAC5C;AAEA,eAAsB,kBAAkB,OAAe,WAAqC;AAC1F,SAAO,YAAY,cAAc,OAAO,SAAS;AACnD;AAEA,eAAsB,aAAa,WAA2C;AAC5E,SAAO,YAAY,gBAAgB,SAAS;AAC9C;;;AC/MA,SAAS,KAAAK,UAAS;AAGlB,IAAM,yBAAyB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAGA,IAAM,kBAAkB;AAKjB,IAAM,oBAAoBA,GAC9B,OAAO,EACP,IAAI,KAAK,uBAAuB,EAChC;AAAA,EACC,CAAC,UAAU;AACT,WAAO,CAAC,uBAAuB,KAAK,aAAW,QAAQ,KAAK,KAAK,CAAC;AAAA,EACpE;AAAA,EACA;AACF,EACC,UAAU,CAAC,UAAU,oBAAoB,KAAK,CAAC;AAK3C,IAAM,sBAAsBA,GAChC,OAAO,EACP,IAAI,GAAG,4BAA4B,EACnC,IAAI,IAAI,qBAAqB,EAC7B,MAAM,4BAA4B,2BAA2B,EAC7D;AAAA,EACC,CAAC,eAAe;AACd,UAAM,gBAAgB;AAAA,MACpB;AAAA,MAAU;AAAA,MAAU;AAAA,MAAU;AAAA,MAAU;AAAA,MAAQ;AAAA,MAAU;AAAA,MAC1D;AAAA,MAAQ;AAAA,MAAS;AAAA,MAAQ;AAAA,MAAS;AAAA,MAAS;AAAA,MAAS;AAAA,IACtD;AACA,WAAO,CAAC,cAAc,SAAS,WAAW,YAAY,CAAC;AAAA,EACzD;AAAA,EACA;AACF;AAKK,IAAM,gBAAgBA,GAC1B,OAAO,EACP,MAAM,qDAAqD,yBAAyB;AAKhF,IAAM,oBAAoBA,GAC9B,OAAO,EACP,IAAI,oBAAoB,EACxB,IAAI,GAAG,sBAAsB,EAC7B,IAAI,KAAM,iBAAiB;AAKvB,SAAS,oBAAoB,OAAuB;AACzD,SAAO,MACJ,QAAQ,iBAAiB,EAAE,EAC3B,QAAQ,QAAQ,GAAG,EACnB,KAAK,EACL,MAAM,GAAG,GAAG;AACjB;AAKO,SAAS,gBAAgB,OAAuB;AACrD,SAAO,MACJ,QAAQ,OAAO,MAAM,EACrB,QAAQ,MAAM,KAAK,EACnB,QAAQ,MAAM,KAAK;AACxB;AAKO,SAAS,gBAAgB,SAA2D;AACzF,QAAM,YAAqC,CAAC;AAE5C,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,OAAO,GAAG;AAElD,UAAM,gBAAgB,oBAAoB,UAAU,GAAG;AACvD,QAAI,CAAC,cAAc,SAAS;AAI1B,cAAQ,KAAK,uDAAuD,GAAG,EAAE;AACzE;AAAA,IACF;AAGA,QAAI,OAAO,UAAU,UAAU;AAC7B,YAAM,kBAAkB,kBAAkB,UAAU,KAAK;AACzD,UAAI,gBAAgB,SAAS;AAC3B,kBAAU,GAAG,IAAI,gBAAgB;AAAA,MACnC;AAAA,IACF,WAAW,OAAO,UAAU,UAAU;AACpC,UAAI,OAAO,SAAS,KAAK,GAAG;AAC1B,kBAAU,GAAG,IAAI;AAAA,MACnB;AAAA,IACF,WAAW,OAAO,UAAU,WAAW;AACrC,gBAAU,GAAG,IAAI;AAAA,IACnB,WAAW,MAAM,QAAQ,KAAK,GAAG;AAE/B,YAAM,iBAAiB,MACpB,OAAO,UAAQ,OAAO,SAAS,YAAY,OAAO,SAAS,QAAQ,EACnE,IAAI,UAAQ,OAAO,SAAS,WAAW,oBAAoB,IAAI,IAAI,IAAI,EACvE,MAAM,GAAG,GAAG;AAEf,UAAI,eAAe,SAAS,GAAG;AAC7B,kBAAU,GAAG,IAAI;AAAA,MACnB;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAcO,SAAS,qBAAqB,QAA0C;AAC7E,QAAM,OAAwB,CAAC;AAG/B,MAAI,OAAO,QAAQ;AACjB,UAAM,eAAe,OAAO,OAAO,MAAM,GAAG,EAAE,IAAI,WAAS,MAAM,KAAK,CAAC;AACvE,UAAM,cAAc,aAAa,OAAO,WAAS;AAC/C,aAAO,oBAAoB,UAAU,KAAK,EAAE;AAAA,IAC9C,CAAC;AAED,QAAI,YAAY,SAAS,GAAG;AAC1B,WAAK,SAAS,YAAY,KAAK,IAAI;AAAA,IACrC;AAAA,EACF;AAGA,MAAI,OAAO,SAAS;AAClB,SAAK,UAAU,gBAAgB,OAAO,OAAO;AAAA,EAC/C;AAGA,MAAI,OAAO,SAAS;AAClB,UAAM,oBAAoB,cAAc,UAAU,OAAO,OAAO;AAChE,QAAI,kBAAkB,SAAS;AAC7B,WAAK,UAAU,kBAAkB;AAAA,IACnC;AAAA,EACF;AAGA,MAAI,OAAO,UAAU,QAAW;AAC9B,UAAM,kBAAkB,kBAAkB,UAAU,OAAO,KAAK;AAChE,QAAI,gBAAgB,SAAS;AAC3B,WAAK,QAAQ,gBAAgB;AAAA,IAC/B;AAAA,EACF;AAEA,MAAI,OAAO,WAAW,QAAW;AAC/B,UAAM,mBAAmB,kBAAkB,UAAU,OAAO,MAAM;AAClE,QAAI,iBAAiB,SAAS;AAC5B,WAAK,SAAS,iBAAiB;AAAA,IACjC;AAAA,EACF;AAGA,MAAI,OAAO,QAAQ;AACjB,UAAM,mBAAmB,kBAAkB,UAAU,OAAO,MAAM;AAClE,QAAI,iBAAiB,SAAS;AAC5B,WAAK,SAAS,iBAAiB;AAAA,IACjC;AAAA,EACF;AAEA,SAAO;AACT;AAKO,SAAS,mBAAmB,OAIjC;AACA,QAAM,mBAA6B,CAAC;AACpC,MAAI,UAAkD;AAEtD,yBAAuB,QAAQ,CAAC,SAAS,UAAU;AACjD,QAAI,QAAQ,KAAK,KAAK,GAAG;AACvB,uBAAiB,KAAK,WAAW,QAAQ,CAAC,EAAE;AAG5C,UAAI,QAAQ,GAAG;AACb,kBAAU;AAAA,MACZ,WAAW,QAAQ,KAAK,YAAY,YAAY;AAC9C,kBAAU;AAAA,MACZ,WAAW,QAAQ,MAAM,CAAC,CAAC,YAAY,MAAM,EAAE,SAAS,OAAO,GAAG;AAChE,kBAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF,CAAC;AAED,SAAO;AAAA,IACL,cAAc,iBAAiB,SAAS;AAAA,IACxC,UAAU;AAAA,IACV,WAAW;AAAA,EACb;AACF;;;ACnPA,SAAS,KAAAC,UAAS;AAMX,IAAMC,qBAAoBC,GAAE,OAAO;AAAA,EACxC,MAAM;AAAA,EACN,OAAO;AAAA,EACP,OAAOA,GAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,SAASA,GAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AAAA,EACnC,KAAKA,GAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AACpC,CAAC;AAKM,IAAM,qBAAqBA,GAAE,OAAO;AAAA,EACzC,eAAeA,GAAE,OAAO;AAAA,IACtB,OAAOA,GAAE,QAAQ;AAAA,IACjB,MAAMA,GAAE,QAAQ;AAAA,EAClB,CAAC;AAAA,EACD,UAAUA,GAAE,OAAO;AACrB,CAAC;AAKM,IAAM,wBAAwBA,GAAE,OAAO;AAAA,EAC5C,aAAa;AAAA,EACb,UAAUA,GAAE,OAAO;AAAA,EACnB,YAAYA,GAAE,OAAO;AAAA,EACrB,UAAUA,GAAE,OAAO;AACrB,CAAC;;;AC7BD,IAAM,MAAM,aAAa,UAAU;AAS5B,SAAS,iBAAiB,OAA4B;AAG3D,MAAI,KAAK,mBAAmB;AAAA,IAC1B,GAAG;AAAA,IACH,WAAW,MAAM,UAAU,YAAY;AAAA,EACzC,CAAC;AACH;AA4DO,SAAS,qBAA6C;AAC3D,SAAO;AAAA,IACL,0BAA0B;AAAA,IAC1B,mBAAmB;AAAA,IACnB,oBAAoB;AAAA,IACpB,mBAAmB;AAAA,IACnB,6BAA6B;AAAA,EAC/B;AACF;AAEO,SAAS,wBAAwB,SAA0C;AAChF,QAAM,kBAAkB,CAAC,0BAA0B,iBAAiB;AACpE,QAAM,iBAAiB,gBAAgB,OAAO,YAAU,CAAC,QAAQ,MAAM,CAAC;AAExE,MAAI,eAAe,SAAS,GAAG;AAC7B,qBAAiB;AAAA,MACf,MAAM;AAAA,MACN,WAAW,oBAAI,KAAK;AAAA,MACpB,SAAS,EAAE,eAAe;AAAA,IAC5B,CAAC;AACD,WAAO;AAAA,EACT;AAEA,SAAO;AACT;;;ACzFA,IAAM,kBAAN,MAAsB;AAAA,EAAtB;AACE,SAAQ,SAA0B,CAAC;AAAA;AAAA,EAEnC,SAAS,OAAsB;AAC7B,UAAM,cAAc;AAAA,MAClB,GAAG;AAAA,MACH,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,GAAG,CAAC;AAAA,MAC1C,WAAW,KAAK,IAAI;AAAA,IACtB;AACA,SAAK,OAAO,KAAK,WAAW;AAAA,EAC9B;AAAA,EAEA,YAA6B;AAC3B,WAAO,CAAC,GAAG,KAAK,MAAM;AAAA,EACxB;AAAA,EAEA,cAAc;AACZ,SAAK,SAAS,CAAC;AAAA,EACjB;AAAA,EAEA,YAAY,OAA+D;AACzE,WAAO;AAAA,MACL,GAAG;AAAA,MACH,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,GAAG,CAAC;AAAA,MAC1C,WAAW,oBAAI,KAAK;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,kBAAkB,IAAI,gBAAgB;;;AC9B5C,IAAM,yBAAyB;AAAA;AAAA,EAEpC,aAAa;AAAA;AAAA,EAEb,uBAAuB;AAAA;AAAA,EAEvB,uBAAuB,OAAO;AAAA;AAAA;AAAA,EAE9B,iBAAiB;AACnB;;;ACZO,SAAS,2BAA2B,MAAc;AACvD,QAAM,YAAY,YAAY,IAAI;AAClC,QAAM,cAAe,YAAoB,QAAQ,kBAAkB;AAEnE,SAAO;AAAA,IACL,KAAK,MAAM;AACT,YAAM,UAAU,YAAY,IAAI;AAChC,YAAM,YAAa,YAAoB,QAAQ,kBAAkB;AAEjE,YAAM,UAA8B;AAAA,QAClC,YAAY,UAAU;AAAA,QACtB,iBAAiB;AAAA;AAAA,QACjB,aAAa,YAAY;AAAA,QACzB,YAAY;AAAA;AAAA,MACd;AAIA,YAAM,UAAU;AAAA,QACd,WAAW,0BAA0B,IAAI;AAAA,QACzC;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEO,SAAS,yBAAyB,eAAuB,UAA0C;AACxG,QAAM,YAAY,YAAY,IAAI;AAClC,QAAM,cAAe,YAAoB,QAAQ,kBAAkB;AAEnE,WAAS;AAET,QAAM,UAAU,YAAY,IAAI;AAChC,QAAM,YAAa,YAAoB,QAAQ,kBAAkB;AAEjE,QAAM,UAA8B;AAAA,IAClC,YAAY,UAAU;AAAA,IACtB,iBAAiB;AAAA,IACjB,aAAa,YAAY;AAAA,IACzB,YAAY;AAAA,EACd;AAIA,QAAM,UAAU;AAAA,IACd,WAAW,uBAAuB,aAAa;AAAA,IAC/C;AAAA,EACF;AAEA,SAAO;AACT;;;AChDA,IAAM,iBAAN,MAAqB;AAAA,EACnB,IAAY,UAAmB;AAC7B,QAAI;AACF,aAAO,YAAY,KAAK,SAAS;AAAA,IACnC,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,gBAAoC;AAClC,QAAI,CAAC,KAAK,QAAS,QAAO;AAO1B,YAAQ,IAAI,+CAA+C;AAC3D,YAAQ,IAAI,iCAAiC;AAC7C,YAAQ,IAAI,oCAAoC;AAChD,YAAQ,IAAI,yCAAyC;AACrD,YAAQ,IAAI,uCAAuC;AAEnD,WAAO;AAAA,MACL,WAAW;AAAA,MACX,aAAa;AAAA,MACb,QAAQ,CAAC;AAAA,MACT,0BAA0B;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,mBAAyB;AACvB,QAAI,CAAC,KAAK,QAAS;AAEnB,UAAM,kBAAkB;AAAA,MACtB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAIA,YAAQ,MAAM,uBAAuB;AACrC,oBAAgB,QAAQ,WAAS,QAAQ,IAAI,OAAO,KAAK,CAAC;AAC1D,YAAQ,SAAS;AAAA,EACnB;AAAA,EAEA,kBAAwB;AACtB,QAAI,CAAC,KAAK,QAAS;AAInB,YAAQ,MAAM,mBAAmB;AACjC,YAAQ,IAAI,yCAAyC;AACrD,YAAQ,IAAI,6CAA6C;AACzD,YAAQ,IAAI,0CAA0C;AACtD,YAAQ,IAAI,8CAA8C;AAC1D,YAAQ,SAAS;AAAA,EACnB;AAAA,EAEA,iBAAyB;AACvB,UAAM,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA2Bf,WAAO,OAAO,KAAK;AAAA,EACrB;AACF;AAEO,IAAM,iBAAiB,IAAI,eAAe;AAG1C,SAAS,sBAAsB,UAAkB,eAA+B;AACrF,MAAI;AACF,QAAI,YAAY,KAAK,SAAS,cAAe;AAAA,EAC/C,QAAQ;AACN;AAAA,EACF;AAEA,QAAM,eAAe,CAAC,UAAU,UAAU,MAAM;AAChD,QAAM,gBAAgB,aAAa,KAAK,SAAO,SAAS,SAAS,GAAG,CAAC;AAErE,MAAI,iBAAiB,cAAc,SAAS,GAAG;AAG7C,YAAQ;AAAA,MACN,sCAAsC,cAAc,SAAS,iBAAiB,WAAW;AAAA,IAE3F;AAAA,EACF;AACF;AAGO,SAAS,mBAAmB,YAA0B;AAC3D,MAAI;AACF,QAAI,YAAY,KAAK,SAAS,cAAe;AAAA,EAC/C,QAAQ;AACN;AAAA,EACF;AAIA,UAAQ,IAAI,qBAAqB,aAAa,6BAA6B;AAC7E;;;AC1HO,IAAM,aAAa,YAGpB;AAEJ,QAAM,CAAC,gBAAgB,cAAc,IAAI,MAAM,QAAQ,IAAI;AAAA,IACzD,OAAO,iBAAiB;AAAA,IACxB,OAAO,iBAAiB;AAAA,EAC1B,CAAC;AAED,SAAO;AAAA,IACL,UAAW,eAAe,WAAW;AAAA,IACrC,UAAW,eAAe,WAAW;AAAA,EACvC;AACF;AAGO,IAAM,gBAAgB,YAAgD;AAC3E,QAAM,UAAU,MAAM,OAAO,UAAU;AACvC,SAAO;AACT;AAGO,IAAM,iBAAiB,YAA8B;AAC1D,QAAM,WAAW,MAAM,OAAO,UAAU;AACxC,SAAO;AACT;AAGO,IAAM,gBAAgB,YAUvB;AACJ,QAAM,CAAC,eAAe,YAAY,IAAI,MAAM,QAAQ,IAAI;AAAA,IACtD,OAAO,iBAAiB;AAAA,IACxB,OAAO,yBAAyB;AAAA,EAClC,CAAC;AAED,SAAO;AAAA,IACL,GAAG;AAAA,IACH,aAAa,aAAa;AAAA,EAC5B;AACF;AAGO,IAAM,eAAe,YAA8B;AACxD,QAAM,YAAY,MAAM,OAAO,WAAW;AAC1C,SAAO,UAAU;AACnB;AAGO,SAAS,kBAAqB,QAA0B;AAC7D,MAAI,SAAmB;AACvB,MAAI,UAA6B;AAEjC,SAAO;AAAA,IACL,MAAM,YAAwB;AAC5B,UAAI,OAAQ,QAAO;AACnB,UAAI,QAAS,QAAO;AAEpB,gBAAU,OAAO,EAAE,KAAK,YAAU;AAChC,iBAAS;AACT,kBAAU;AACV,eAAO;AAAA,MACT,CAAC;AAED,aAAO;AAAA,IACT;AAAA,IACA,WAAW,MAAgB;AAAA,IAC3B,UAAU,MAAe,WAAW;AAAA,EACtC;AACF;AAGO,IAAM,aAA2F,kBAAkB,UAAU;AAC7H,IAAM,gBAAiG,kBAAkB,aAAa;AACtI,IAAM,iBAAgE,kBAAkB,cAAc;AACtG,IAAM,gBAAiG,kBAAkB,aAAa;AACtI,IAAM,eAA8D,kBAAkB,YAAY;;;ACzGzG,SAAgB,UAAyB,YAAY;AAoBP;AATvC,SAAS,oBACd,UACA,eACA,UAA2B,CAAC,GACzB;AACH,QAAM,gBAAgB,KAAK,QAAQ;AAEnC,QAAM,mBAAmB,CAAC,UAAe;AACvC,UAAM,UACJ,oBAAC,YAAS,UAAU,QAAQ,YAAY,oBAAC,kBAAe,GACtD,8BAAC,iBAAe,GAAG,OAAO,GAC5B;AAGF,QAAI,QAAQ,eAAe;AACzB,YAAM,gBAAgB,QAAQ;AAC9B,aAAO,oBAAC,iBAAe,mBAAQ;AAAA,IACjC;AAEA,WAAO;AAAA,EACT;AAEA,mBAAiB,cAAc,OAAO,aAAa;AACnD,SAAO;AACT;AAKO,IAAM,gBAAgB;AAAA,EAC3B,MAAM,OAAO,yBAA4B,EAAE,KAAK,aAAW,EAAE,SAAS,OAAO,UAAU,EAAE;AAAA,EACzF;AACF;;;ACtCO,SAAS,gCAAgC,aAA+D;AAC7G,QAAM,SAAkC,CAAC;AAEzC,SAAO,QAAQ,WAAW,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACpD,QAAI,OAAO,UAAU,UAAU;AAE7B,aAAO,GAAG,IAAI,UAAU,MAAM,MAAM,YAAY,MAAM;AAAA,IACxD,OAAO;AACL,aAAO,GAAG,IAAI,QAAQ,KAAK;AAAA,IAC7B;AAAA,EACF,CAAC;AAED,SAAO;AACT;AAEO,SAAS,cAAc,aAAsC,YAA6B;AAC/F,SAAO,QAAQ,YAAY,UAAU,CAAC;AACxC;AAEO,SAAS,iBAAiB,aAAsC,gBAAsD;AAC3H,MAAI,CAAC,kBAAkB,eAAe,WAAW,EAAG,QAAO;AAC3D,SAAO,eAAe,KAAK,gBAAc,cAAc,aAAa,UAAU,CAAC;AACjF;AAEO,SAAS,kBAAkB,aAAsC,gBAAsD;AAC5H,MAAI,CAAC,eAAgB,QAAO;AAC5B,MAAI,eAAe,WAAW,EAAG,QAAO;AACxC,SAAO,eAAe,MAAM,gBAAc,cAAc,aAAa,UAAU,CAAC;AAClF;;;AC5BO,IAAK,iBAAL,kBAAKC,oBAAL;AACL,EAAAA,gBAAA,UAAO;AACP,EAAAA,gBAAA,WAAQ;AACR,EAAAA,gBAAA,YAAS;AACT,EAAAA,gBAAA,WAAQ;AAJE,SAAAA;AAAA,GAAA;AAUL,SAAS,gBAAgB,YAAiE;AAC/F,MAAI,CAAC,cAAc,OAAO,eAAe,UAAU;AACjD,WAAO;AAAA,EACT;AAEA,QAAM,QAAQ,WAAW,MAAM,GAAG;AAClC,MAAI,MAAM,WAAW,GAAG;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,CAAC,QAAQ,QAAQ,IAAI;AAG3B,MAAI,WAAW,UAAa,aAAa,UAAa,WAAW,MAAM,aAAa,IAAI;AACtF,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,EACF;AACF;;;AChBA,IAAM,cAAN,MAAkB;AAAA,EAAlB;AACE,SAAQ,SAAuB,CAAC;AAAA;AAAA,EAEhC,IAAI,OAAyB;AAC3B,UAAM,qBAAqB;AAAA,MACzB,GAAG;AAAA,MACH,WAAW,KAAK,IAAI;AAAA,IACtB;AAEA,SAAK,OAAO,KAAK,kBAAkB;AAAA,EAGrC;AAAA,EAEA,MAAM,mBAAmB,OAIP;AAChB,SAAK,IAAI;AAAA,MACP,MAAM;AAAA,MACN,OAAO,MAAM;AAAA,MACb,QAAQ,MAAM;AAAA,MACd,MAAM,MAAM;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,iBAAiB,OAGL;AAChB,SAAK,IAAI;AAAA,MACP,MAAM;AAAA,MACN,OAAO,MAAM;AAAA,MACb,MAAM,MAAM;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,aAAa,OAID;AAChB,SAAK,IAAI;AAAA,MACP,MAAM;AAAA,MACN,OAAO,MAAM;AAAA,MACb,QAAQ,MAAM;AAAA,MACd,MAAM,MAAM;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,oBAA2C;AAC/C,WAAO,KAAK,OAAO,OAAO,WAAS,MAAM,SAAS,UAAU;AAAA,EAC9D;AAAA,EAEA,YAA0B;AACxB,WAAO,CAAC,GAAG,KAAK,MAAM;AAAA,EACxB;AAAA,EAEA,cAAoB;AAClB,SAAK,SAAS,CAAC;AAAA,EACjB;AACF;AAEO,IAAM,cAAc,IAAI,YAAY;AAGpC,IAAM,WAAW;AAEjB,SAAS,aAAa,QAAgB,MAAe,SAAyC;AACnG,cAAY,IAAI;AAAA,IACd,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAEH;AAEO,SAAS,mBAAmB,QAAgB,MAAe,SAAyC;AACzG,cAAY,IAAI;AAAA,IACd,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAEH;AAEO,SAASC,kBAAiB,QAAgB,MAAe,SAAyC;AACvG,cAAY,IAAI;AAAA,IACd,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAEH;AAEO,SAAS,cAAc,QAAgB,MAAe,SAAyC;AACpG,cAAY,IAAI;AAAA,IACd,MAAM;AAAA;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACH;;;ACrGO,SAAS,4BAA+C;AAC7D,MAAI;AACF,UAAM,aAAa;AAAA,MACjB,WAAW,mBAAmB;AAAA,MAC9B,UAAU,UAAU,YAAY;AAAA,MAChC,UAAU,UAAU,YAAY;AAAA,MAChC,QAAQ,GAAG,OAAO,KAAK,IAAI,OAAO,MAAM,IAAI,OAAO,UAAU;AAAA,MAC7D,UAAU,KAAK,eAAe,EAAE,gBAAgB,EAAE,YAAY;AAAA,MAC9D,QAAQ,qBAAqB;AAAA,MAC7B,OAAO,oBAAoB;AAAA,IAC7B;AAGA,UAAM,UAAU,iBAAiB,UAAU;AAG3C,UAAM,kBAAkB,KAAK,UAAU,UAAU;AACjD,UAAM,OAAO,eAAe,eAAe;AAE3C,UAAM,cAAiC;AAAA,MACrC;AAAA,MACA,WAAW,KAAK,IAAI;AAAA,MACpB;AAAA,MACA;AAAA,IACF;AAGA,kBAAc,QAAQ,sBAAsB,KAAK,UAAU,WAAW,CAAC;AAEvE,WAAO;AAAA,EACT,SAAS,OAAO;AACd,WAAO,4BAA4B;AAAA,EACrC;AACF;AAKO,SAAS,0BACd,mBACA,oBAKA;AACA,QAAM,UAAoB,CAAC;AAC3B,MAAI,qBAAqB;AACzB,QAAM,kBAAkB,OAAO,KAAK,kBAAkB,UAAU,EAAE;AAGlE,SAAO,QAAQ,kBAAkB,UAAU,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACrE,QAAI,mBAAmB,WAAW,GAAiD,MAAM,OAAO;AAC9F;AAAA,IACF,OAAO;AACL,cAAQ,KAAK,uBAAuB,GAAG,EAAE;AAAA,IAC3C;AAAA,EACF,CAAC;AAGD,QAAM,aAAc,qBAAqB,kBAAmB;AAG5D,QAAM,UAAU,cAAc;AAG9B,QAAM,WAAW,mBAAmB,YAAY,kBAAkB;AAClE,QAAM,SAAS,KAAK,KAAK,KAAK,KAAK;AAEnC,MAAI,WAAW,QAAQ;AACrB,YAAQ,KAAK,qBAAqB;AAClC,WAAO,EAAE,SAAS,OAAO,YAAY,QAAQ;AAAA,EAC/C;AAEA,MAAI,aAAa,IAAI;AACnB,YAAQ,KAAK,wCAAwC;AAAA,EACvD;AAEA,SAAO,EAAE,SAAS,YAAY,QAAQ;AACxC;AAKA,SAAS,uBAA+B;AACtC,MAAI;AACF,UAAM,SAAS,SAAS,cAAc,QAAQ;AAC9C,UAAM,MAAM,OAAO,WAAW,IAAI;AAElC,QAAI,CAAC,IAAK,QAAO;AAGjB,QAAI,eAAe;AACnB,QAAI,OAAO;AACX,QAAI,YAAY;AAChB,QAAI,SAAS,KAAK,GAAG,IAAI,EAAE;AAC3B,QAAI,YAAY;AAChB,QAAI,SAAS,gCAAyB,GAAG,EAAE;AAC3C,QAAI,YAAY;AAChB,QAAI,SAAS,gCAAyB,GAAG,EAAE;AAE3C,UAAM,UAAU,OAAO,UAAU;AACjC,WAAO,eAAe,OAAO;AAAA,EAC/B,SAAS,OAAO;AACd,WAAO;AAAA,EACT;AACF;AAKA,SAAS,sBAA8B;AACrC,MAAI;AACF,UAAM,SAAS,SAAS,cAAc,QAAQ;AAC9C,UAAM,KAAK,OAAO,WAAW,OAAO,KAAK,OAAO,WAAW,oBAAoB;AAE/E,QAAI,CAAC,GAAI,QAAO;AAEhB,UAAM,YAAY,GAAG,aAAa,2BAA2B;AAC7D,QAAI,CAAC,UAAW,QAAO;AAEvB,UAAM,SAAS,GAAG,aAAa,UAAU,qBAAqB;AAC9D,UAAM,WAAW,GAAG,aAAa,UAAU,uBAAuB;AAElE,WAAO,GAAG,MAAM,IAAI,QAAQ;AAAA,EAC9B,SAAS,OAAO;AACd,WAAO;AAAA,EACT;AACF;AAKA,SAAS,qBAA6B;AACpC,QAAM,KAAK,UAAU;AACrB,SAAO,eAAe,EAAE,EAAE,UAAU,GAAG,EAAE;AAC3C;AAKA,SAAS,iBAAiB,YAA4C;AACpE,QAAM,SAAS,OAAO,OAAO,UAAU,EAAE,KAAK,EAAE;AAChD,QAAM,aAAa,oBAAI,IAAoB;AAE3C,aAAW,QAAQ,QAAQ;AACzB,eAAW,IAAI,OAAO,WAAW,IAAI,IAAI,KAAK,KAAK,CAAC;AAAA,EACtD;AAEA,MAAI,UAAU;AACd,aAAW,SAAS,WAAW,OAAO,GAAG;AACvC,UAAM,cAAc,QAAQ,OAAO;AACnC,eAAW,cAAc,KAAK,KAAK,WAAW;AAAA,EAChD;AAEA,SAAO;AACT;AAKA,SAAS,eAAe,KAAqB;AAC3C,MAAI,OAAO;AACX,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK;AACnC,UAAM,OAAO,IAAI,WAAW,CAAC;AAC7B,YAAS,QAAQ,KAAK,OAAQ;AAC9B,WAAO,OAAO;AAAA,EAChB;AACA,SAAO,KAAK,IAAI,IAAI,EAAE,SAAS,EAAE;AACnC;AAKA,SAAS,8BAAiD;AACxD,QAAM,aAAa;AAAA,IACjB,WAAW;AAAA,IACX,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ;AAAA,IACR,UAAU;AAAA,EACZ;AAEA,SAAO;AAAA,IACL,MAAM,YAAY,KAAK,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,CAAC;AAAA,IAC1D,WAAW,KAAK,IAAI;AAAA,IACpB;AAAA,IACA,SAAS;AAAA;AAAA,EACX;AACF;;;AC5JO,SAAS,kBAAkB,QAA8B;AAC9D,MAAI,CAAC,UAAU,OAAO,OAAO,QAAQ,YAAY,OAAO,OAAO,QAAQ,UAAU;AAC/E,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,SAAS,OAAO,GAAG,KAAK,CAAC,SAAS,OAAO,GAAG,GAAG;AAClD,WAAO;AAAA,EACT;AAEA,SAAO,GAAG,OAAO,IAAI,QAAQ,CAAC,CAAC,KAAK,OAAO,IAAI,QAAQ,CAAC,CAAC;AAC3D;AAeO,SAAS,oBAAoB,QAAkD;AACpF,MAAI,CAAC,QAAQ;AACX,WAAO;AAAA,EACT;AAEA,QAAM,EAAE,KAAK,IAAI,IAAI;AAErB,MAAI,OAAO,QAAQ,YAAY,OAAO,QAAQ,UAAU;AACtD,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,GAAG,GAAG;AACpC,WAAO;AAAA,EACT;AAGA,MAAI,MAAM,OAAO,MAAM,IAAI;AACzB,WAAO;AAAA,EACT;AAGA,MAAI,MAAM,QAAQ,MAAM,KAAK;AAC3B,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAkBO,SAAS,oBACd,SACA,SACA,YAAoB,MACX;AAET,MAAI,CAAC,WAAW,CAAC,SAAS;AACxB,WAAO;AAAA,EACT;AAGA,MAAI,CAAC,WAAW,CAAC,SAAS;AACxB,WAAO;AAAA,EACT;AAGA,MAAI,CAAC,oBAAoB,OAAO,KAAK,CAAC,oBAAoB,OAAO,GAAG;AAClE,WAAO;AAAA,EACT;AAGA,QAAM,UAAU;AAChB,QAAM,UAAU,KAAK,IAAI,QAAQ,MAAM,QAAQ,GAAG;AAClD,QAAM,UAAU,KAAK,IAAI,QAAQ,MAAM,QAAQ,GAAG;AAElD,SAAO,WAAW,YAAY,WAAW,WAAW,YAAY;AAClE;AAcO,SAAS,iBAAiB,QAA8B;AAC7D,MAAI,CAAC,UAAU,CAAC,oBAAoB,MAAM,GAAG;AAC3C,WAAO;AAAA,EACT;AAEA,SAAO,mDAAmD,OAAO,GAAG,IAAI,OAAO,GAAG;AACpF;","names":["z","emailSchema","nameSchema","phoneSchema","urlSchema","dateSchema","secureLoginSchema","emailSchema","z","passwordSchema","nameSchema","phoneSchema","urlSchema","z","z","userProfileSchema","z","PermissionType","logSecurityEvent"]}
1	+ {"version":3,"sources":["../src/utils/core/debugLogger.ts","../src/utils/validation/validation.ts","../src/utils/validation/validationUtils.ts","../src/utils/validation/sanitization.ts","../src/utils/validation/csrf.ts","../src/utils/validation/sqlInjectionProtection.ts","../src/utils/validation/user.ts","../src/utils/security/security.ts","../src/utils/security/securityMonitor.ts","../src/constants/performance.ts","../src/utils/performance/performanceBenchmark.ts","../src/utils/performance/bundleAnalysis.ts","../src/utils/dynamic/dynamicUtils.ts","../src/utils/dynamic/lazyLoad.tsx","../src/utils/permissions/permissionUtils.ts","../src/utils/permissions/permissionTypes.ts","../src/utils/audit/audit.ts","../src/utils/device/deviceFingerprint.ts","../src/utils/location/location.ts"],"sourcesContent":["/*\n @file Debug Logger Utility\n * @package @jmruthers/pace-core\n * @module Utils/DebugLogger\n * @since 0.4.76\n /\n\n/\n Debug logger that respects environment settings\n * Only logs in development mode to prevent production console spam\n /\nexport class DebugLogger {\n /\n Check if we're in development mode\n /\n private static get isDevelopment(): boolean {\n return import.meta.env.MODE === 'development';\n }\n\n /\n Log debug information only in development mode\n /\n static log(component: string, message: string, ...args: any[]): void {\n if (this.isDevelopment) {\n try {\n console.log(`[${component}] ${message}`, ...args);\n } catch (e) {\n // Gracefully handle console method errors\n }\n }\n }\n\n /\n Log error information (always logged)\n /\n static error(component: string, message: string, ...args: any[]): void {\n try {\n console.error(`[${component}] ${message}`, ...args);\n } catch (e) {\n // Gracefully handle console method errors\n }\n }\n\n /\n Log warning information (always logged)\n /\n static warn(component: string, message: string, ...args: any[]): void {\n try {\n console.warn(`[${component}] ${message}`, ...args);\n } catch (e) {\n // Gracefully handle console method errors\n }\n }\n\n /\n Log info information only in development mode\n /\n static info(component: string, message: string, ...args: any[]): void {\n if (this.isDevelopment) {\n try {\n console.info(`[${component}] ${message}`, ...args);\n } catch (e) {\n // Gracefully handle console method errors\n }\n }\n }\n}\n","/\n @file Internal utilities for validation module\n * @internal This file contains implementation details that should not be used directly\n /\n\n/\n Utility functions for validating data in the application\n /\n\n/\n Check if a string is a valid email\n /\nexport function isValidEmail(email: string): boolean {\n const emailPattern = /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/;\n return emailPattern.test(email);\n}\n\n/\n Check if a string is empty (either null, undefined, or just whitespace)\n /\nexport function isEmpty(value: string \| null \| undefined): boolean {\n return value === null \|\| value === undefined \|\| value.trim() === '';\n}\n\n/\n Check if a password meets minimum requirements\n /\nexport function isStrongPassword(password: string): boolean {\n // Minimum 8 characters, at least one uppercase, one lowercase, one number\n const passwordPattern = /^(?=.[a-z])(?=.[A-Z])(?=.\\d).{8,}$/;\n return passwordPattern.test(password);\n}\n\n/*\n Check if a URL is valid\n /\nexport function isValidUrl(url: string): boolean {\n try {\n new URL(url);\n return true;\n } catch {\n return false;\n }\n}\n\n/\n Check if a date string is valid\n /\nexport function isValidDate(dateStr: string): boolean {\n const date = new Date(dateStr);\n return !isNaN(date.getTime());\n}\n\n/\n Check if a value is within a range\n /\nexport function isWithinRange(value: number, min: number, max: number): boolean {\n return value >= min && value <= max;\n}\n\n/\n Check if a value matches a specific pattern\n /\nexport function matchesPattern(value: string, pattern: RegExp): boolean {\n return pattern.test(value);\n}\n\n/\n Utility function to deep merge objects for schema combination\n * @internal\n /\nexport function deepMerge<T extends Record<string, unknown>>(\n target: T, \n source: Record<string, unknown>\n): T {\n const output = { ...target };\n \n if (isObject(target) && isObject(source)) {\n Object.keys(source).forEach(key => {\n if (isObject(source[key])) {\n if (!(key in target)) {\n Object.assign(output, { [key]: source[key] });\n } else {\n // Use a type assertion to safely handle the indexing\n const targetKey = key as keyof typeof target;\n const targetValue = target[targetKey];\n \n if (isObject(targetValue)) {\n // Safe cast using type assertion\n output[targetKey] = deepMerge(\n targetValue as Record<string, unknown>,\n source[key] as Record<string, unknown>\n ) as unknown as T[keyof T];\n }\n }\n } else {\n Object.assign(output, { [key]: source[key] });\n }\n });\n }\n \n return output as T;\n}\n\n/\n Type guard to check if a value is a plain object\n * @internal\n /\nexport function isObject(item: unknown): item is Record<string, unknown> {\n return item !== null && typeof item === 'object' && !Array.isArray(item);\n}\n","\n/\n @file Validation utilities\n * \n * Shared validation utilities with enhanced security\n /\n\nimport { z } from 'zod';\nimport { sanitizeUserInput, sanitizeFormData, type SanitizationOptions } from './sanitization';\n\n/\n Validates user input against a schema with automatic sanitization\n /\nexport function validateUserInput<T>(\n schema: z.ZodSchema<T>, \n data: unknown,\n sanitizationRules?: Record<string, SanitizationOptions>\n): { success: boolean; data?: T; error?: string } {\n return sanitizeFormData(data, schema, sanitizationRules);\n}\n\n/\n Enhanced email validation with sanitization\n /\nexport const emailSchema = z.string()\n .transform(email => email.toLowerCase().trim())\n .pipe(z.string().min(1, 'Email is required').email('Invalid email format').max(254, 'Email too long'));\n\n/\n Enhanced password validation\n /\nexport const passwordSchema = z.string()\n .min(8, 'Password must be at least 8 characters')\n .max(128, 'Password too long')\n .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')\n .regex(/[a-z]/, 'Password must contain at least one lowercase letter')\n .regex(/[0-9]/, 'Password must contain at least one number')\n .regex(/[^A-Za-z0-9]/, 'Password must contain at least one special character');\n\n/\n Username validation with sanitization\n /\nexport const usernameSchema = z.string()\n .transform(username => username.toLowerCase().trim())\n .pipe(z.string().min(3, 'Username must be at least 3 characters').max(30, 'Username too long').regex(/^[a-zA-Z0-9_-]+$/, 'Username can only contain letters, numbers, hyphens, and underscores'));\n\n/\n Name validation with sanitization\n /\nexport const nameSchema = z.string()\n .min(1, 'Name is required')\n .max(100, 'Name too long')\n .refine(name => {\n // Check for XSS attempts and other invalid patterns\n const dangerousPatterns = [\n /<script/i,\n /<img/i,\n /on\\w+\\s=/i,\n /javascript:/i,\n /data:/i,\n /vbscript:/i\n ];\n \n return !dangerousPatterns.some(pattern => pattern.test(name));\n }, 'Name contains invalid characters')\n .transform(name => sanitizeUserInput(name, { \n allowHtml: false, \n maxLength: 100, \n trim: true \n }));\n\n/*\n Phone number validation with sanitization\n /\nexport const phoneSchema = z.string()\n .min(10, 'Phone number must be at least 10 digits')\n .max(20, 'Phone number too long')\n .regex(/^[\\+]?[0-9\\s\\-\$\$\\.]+$/, 'Invalid phone number format')\n .refine(phone => {\n // Remove all non-digit characters and check length\n const digitsOnly = phone.replace(/\\D/g, '');\n return digitsOnly.length >= 10 && digitsOnly.length <= 15;\n }, 'Phone number must be between 10 and 15 digits');\n\n/\n URL validation with sanitization\n /\nexport const urlSchema = z.string()\n .min(1, 'URL is required')\n .max(2048, 'URL too long')\n .refine(url => {\n try {\n const parsed = new URL(url);\n return ['http:', 'https:'].includes(parsed.protocol);\n } catch {\n return false;\n }\n }, 'Invalid URL format')\n .refine(url => {\n // Additional security checks\n const dangerousPatterns = [\n /javascript:/i,\n /data:/i,\n /vbscript:/i,\n /file:/i,\n /mailto:/i\n ];\n \n return !dangerousPatterns.some(pattern => pattern.test(url));\n }, 'URL contains invalid protocol');\n","/\n @file Input Sanitization Layer\n * @package @jmruthers/pace-core\n * @module Utils/Validation/Sanitization\n * @since 0.1.0\n * \n * Comprehensive input sanitization utilities to prevent XSS, injection attacks,\n * and other security vulnerabilities.\n /\n\nimport { z } from 'zod';\n\n/\n Sanitization options for different contexts\n /\nexport interface SanitizationOptions {\n allowHtml?: boolean;\n allowedTags?: string[];\n maxLength?: number;\n trim?: boolean;\n removeScripts?: boolean;\n removeEvents?: boolean;\n}\n\n/\n Default sanitization options\n /\nconst DEFAULT_OPTIONS: SanitizationOptions = {\n allowHtml: false,\n allowedTags: [],\n maxLength: 1000,\n trim: true,\n removeScripts: true,\n removeEvents: true\n};\n\n/\n Sanitizes user input by removing potentially dangerous characters and patterns\n /\nexport function sanitizeUserInput(input: string, options: SanitizationOptions = {}): string {\n if (typeof input !== 'string') {\n return '';\n }\n\n const opts = { ...DEFAULT_OPTIONS, ...options };\n let sanitized = input;\n\n // Trim whitespace if requested\n if (opts.trim) {\n sanitized = sanitized.trim();\n }\n\n // Enforce maximum length\n if (opts.maxLength && sanitized.length > opts.maxLength) {\n sanitized = sanitized.substring(0, opts.maxLength);\n }\n\n // Remove or escape HTML if not allowed\n if (!opts.allowHtml) {\n sanitized = sanitized\n .replace(/</g, '<')\n .replace(/>/g, '>')\n .replace(/\"/g, '"')\n .replace(/'/g, ''')\n .replace(/\\//g, '/');\n } else if (opts.allowedTags && opts.allowedTags.length > 0) {\n // If HTML is allowed, only permit specific tags\n const allowedTagsRegex = new RegExp(`<(?!\\/?(?:${opts.allowedTags.join('\|')})\\s\\/?>)[^>]+>`, 'gi');\n sanitized = sanitized.replace(allowedTagsRegex, '');\n }\n\n // Remove script tags and javascript: protocols\n if (opts.removeScripts) {\n sanitized = sanitized\n .replace(/<script[^>]>.?<\\/script>/gi, '')\n .replace(/javascript:/gi, '')\n .replace(/vbscript:/gi, '')\n .replace(/data:/gi, '');\n }\n\n // Remove event handlers\n if (opts.removeEvents) {\n sanitized = sanitized.replace(/on\\w+\\s=/gi, '');\n }\n\n return sanitized;\n}\n\n/\n Sanitizes email addresses\n /\nexport function sanitizeEmail(email: string): string {\n if (typeof email !== 'string') {\n return '';\n }\n\n return email\n .trim()\n .toLowerCase()\n .replace(/[^\\w@.-]/g, ''); // Only allow word characters, @, ., and -\n}\n\n/\n Sanitizes phone numbers\n /\nexport function sanitizePhoneNumber(phone: string): string {\n if (typeof phone !== 'string') {\n return '';\n }\n\n return phone.replace(/[^\\d+\\-\\s()]/g, '').trim();\n}\n\n/\n Sanitizes URLs\n /\nexport function sanitizeUrl(url: string): string {\n if (typeof url !== 'string') {\n return '';\n }\n\n const sanitized = url.trim();\n \n // Only allow http(s) and ftp protocols\n if (!/^https?:\\/\\/\|^ftp:\\/\\//i.test(sanitized)) {\n return '';\n }\n\n // Remove javascript: and other dangerous protocols\n if (/javascript:\|data:\|vbscript:/i.test(sanitized)) {\n return '';\n }\n\n return sanitized;\n}\n\n/\n Sanitizes file names\n /\nexport function sanitizeFileName(fileName: string): string {\n if (typeof fileName !== 'string') {\n return '';\n }\n\n return fileName\n .trim()\n .replace(/[<>:\"/\\\\\|?]/g, '') // Remove invalid file name characters\n .replace(/\\.\\./g, '') // Remove directory traversal attempts\n .substring(0, 255); // Limit length\n}\n\n/*\n Sanitizes SQL input to prevent injection\n /\nexport function sanitizeSqlInput(input: string): string {\n if (typeof input !== 'string') {\n return '';\n }\n\n return input\n .replace(/['\";\\\\]/g, '') // Remove SQL special characters\n .replace(/--.$/gm, '') // Remove SQL comments\n .replace(/\\/\\.?\\\\//g, '') // Remove SQL block comments\n .trim();\n}\n\n/\n Validates and sanitizes form data using Zod schemas\n /\nexport function sanitizeFormData<T>(\n data: unknown,\n schema: z.ZodSchema<T>,\n sanitizationRules?: Record<string, SanitizationOptions>\n): { success: boolean; data?: T; error?: string } {\n try {\n // First, sanitize string fields if rules are provided\n if (sanitizationRules && typeof data === 'object' && data !== null) {\n const sanitizedData = { ...data } as Record<string, unknown>;\n \n Object.entries(sanitizationRules).forEach(([field, options]) => {\n if (typeof sanitizedData[field] === 'string') {\n sanitizedData[field] = sanitizeUserInput(sanitizedData[field] as string, options);\n }\n });\n \n data = sanitizedData;\n }\n\n // Then validate with Zod schema\n const result = schema.parse(data);\n return { success: true, data: result };\n } catch (error) {\n if (error instanceof z.ZodError) {\n return { \n success: false, \n error: error.errors.map(e => e.message).join(', ') \n };\n }\n return { \n success: false, \n error: 'Validation failed' \n };\n }\n}\n\n// Re-export HTML sanitization from the consolidated module\n// The new implementation allows safe HTML tags while removing dangerous ones\nexport { sanitizeHtml } from './htmlSanitization';\n\n/\n Content Security Policy (CSP) utilities\n /\nexport const CSP_DIRECTIVES = {\n default: \"default-src 'self'\",\n script: \"script-src 'self' 'unsafe-inline'\",\n style: \"style-src 'self' 'unsafe-inline'\",\n img: \"img-src 'self' data: https:\",\n font: \"font-src 'self'\",\n connect: \"connect-src 'self'\",\n frame: \"frame-src 'none'\"\n};\n\nexport function generateCSPHeader(customDirectives?: Partial<typeof CSP_DIRECTIVES>): string {\n const directives = { ...CSP_DIRECTIVES, ...customDirectives };\n return Object.values(directives).join('; ');\n}\n\n/\n Rate limiting utilities\n /\nexport class RateLimiter {\n private attempts: Map<string, { count: number; resetTime: number }> = new Map();\n\n constructor(\n private maxAttempts: number = 5,\n private windowMs: number = 15 60 * 1000 // 15 minutes\n ) {}\n\n isAllowed(identifier: string): boolean {\n const now = Date.now();\n const record = this.attempts.get(identifier);\n\n if (!record \|\| now > record.resetTime) {\n this.attempts.set(identifier, { count: 1, resetTime: now + this.windowMs });\n return true;\n }\n\n if (record.count >= this.maxAttempts) {\n return false;\n }\n\n record.count++;\n return true;\n }\n\n getRemainingAttempts(identifier: string): number {\n const record = this.attempts.get(identifier);\n if (!record \|\| Date.now() > record.resetTime) {\n return this.maxAttempts;\n }\n return Math.max(0, this.maxAttempts - record.count);\n }\n\n reset(identifier: string): void {\n this.attempts.delete(identifier);\n }\n}\n\n// Validation schemas (kept from previous version)\n/*\n Enhanced email schema with security checks\n /\nexport const secureEmailSchema = z\n .string()\n .min(1, 'Email is required')\n .email('Invalid email format')\n .max(254, 'Email too long')\n .refine(\n (email) => {\n if (!email \|\| typeof email !== 'string') return false;\n // Basic domain validation\n const domain = email.split('@')[1];\n return domain && domain.includes('.') && domain.length > 3;\n },\n 'Invalid email domain'\n )\n .transform((email) => sanitizeEmail(email));\n\n/\n Basic email schema for common use\n /\nexport const emailSchema = z\n .string()\n .min(1, 'Email is required')\n .email('Invalid email format');\n\n/\n Name validation schema\n /\nexport const nameSchema = z\n .string()\n .min(1, 'Name is required')\n .max(100, 'Name too long')\n .regex(/^[a-zA-Z\\s'-]+$/, 'Name contains invalid characters');\n\n/\n Phone validation schema\n /\nexport const phoneSchema = z\n .string()\n .regex(/^[\\+]?[1-9][\\d]{0,15}$/, 'Invalid phone number format');\n\n/\n URL validation schema\n /\nexport const urlSchema = z\n .string()\n .url('Invalid URL format');\n\n/\n Date validation schema\n /\nexport const dateSchema = z\n .string()\n .regex(/^\\d{4}-\\d{2}-\\d{2}$/, 'Invalid date format (YYYY-MM-DD)');\n\n/\n Secure login schema\n /\nexport const secureLoginSchema = z.object({\n email: secureEmailSchema,\n password: z.string().min(1, 'Password is required'),\n});\n","/\n @file CSRF Protection Implementation\n * @description Session-based CSRF token management with security enhancements\n /\n\nimport { secureStorage } from '../security/secureStorage';\n\nexport interface CSRFTokenData {\n token: string;\n sessionId: string;\n timestamp: number;\n used: boolean;\n}\n\nclass CSRFManager {\n private tokenCache = new Map<string, CSRFTokenData>();\n private readonly TOKEN_EXPIRY = 30 60 * 1000; // 30 minutes\n private readonly MAX_TOKENS_PER_SESSION = 10;\n\n /*\n Generate a new CSRF token for the current session\n /\n async generateToken(sessionId: string): Promise<string> {\n try {\n // Clean up expired tokens\n await this.cleanupExpiredTokens();\n\n // Limit tokens per session\n const sessionTokens = Array.from(this.tokenCache.values())\n .filter(data => data.sessionId === sessionId && !data.used);\n \n if (sessionTokens.length >= this.MAX_TOKENS_PER_SESSION) {\n // Remove oldest token\n const oldest = sessionTokens.sort((a, b) => a.timestamp - b.timestamp)[0];\n this.tokenCache.delete(oldest.token);\n }\n\n // Generate cryptographically secure token\n const tokenBytes = new Uint8Array(32);\n crypto.getRandomValues(tokenBytes);\n const token = Array.from(tokenBytes, byte => \n byte.toString(16).padStart(2, '0')\n ).join('');\n\n const tokenData: CSRFTokenData = {\n token,\n sessionId,\n timestamp: Date.now(),\n used: false,\n };\n\n // Store in memory and secure storage\n this.tokenCache.set(token, tokenData);\n await this.persistTokens();\n\n return token;\n } catch (error) {\n throw new Error('CSRF token generation failed');\n }\n }\n\n /\n Validate and consume a CSRF token\n /\n async validateToken(token: string, sessionId: string): Promise<boolean> {\n try {\n // Load tokens from storage if cache is empty\n if (this.tokenCache.size === 0) {\n await this.loadTokens();\n }\n\n const tokenData = this.tokenCache.get(token);\n \n if (!tokenData) {\n return false;\n }\n\n // Check if token belongs to the session\n if (tokenData.sessionId !== sessionId) {\n return false;\n }\n\n // Check if token is already used\n if (tokenData.used) {\n return false;\n }\n\n // Check if token is expired\n if (Date.now() - tokenData.timestamp > this.TOKEN_EXPIRY) {\n this.tokenCache.delete(token);\n await this.persistTokens();\n return false;\n }\n\n // Mark token as used (one-time use)\n tokenData.used = true;\n this.tokenCache.set(token, tokenData);\n await this.persistTokens();\n\n return true;\n } catch (error) {\n return false;\n }\n }\n\n /\n Get current valid token for session\n /\n async getCurrentToken(sessionId: string): Promise<string \| null> {\n // Load tokens from storage if needed\n if (this.tokenCache.size === 0) {\n await this.loadTokens();\n }\n\n // Find valid unused token for session\n for (const [token, data] of this.tokenCache.entries()) {\n if (\n data.sessionId === sessionId &&\n !data.used &&\n (Date.now() - data.timestamp) < this.TOKEN_EXPIRY\n ) {\n return token;\n }\n }\n\n // Generate new token if none found\n return await this.generateToken(sessionId);\n }\n\n /\n Clean up expired and used tokens\n /\n private async cleanupExpiredTokens(): Promise<void> {\n const now = Date.now();\n const expiredTokens: string[] = [];\n\n for (const [token, data] of this.tokenCache.entries()) {\n if (data.used \|\| (now - data.timestamp) > this.TOKEN_EXPIRY) {\n expiredTokens.push(token);\n }\n }\n\n expiredTokens.forEach(token => this.tokenCache.delete(token));\n \n if (expiredTokens.length > 0) {\n await this.persistTokens();\n }\n }\n\n /\n Persist tokens to secure storage\n /\n private async persistTokens(): Promise<void> {\n try {\n const tokensArray = Array.from(this.tokenCache.entries());\n await secureStorage.setItem(\n 'csrf_tokens',\n JSON.stringify(tokensArray),\n { encrypt: true, expiry: this.TOKEN_EXPIRY }\n );\n } catch (error) {\n // Silent fail - tokens will be regenerated if needed\n }\n }\n\n /\n Load tokens from secure storage\n /\n private async loadTokens(): Promise<void> {\n try {\n const tokensData = await secureStorage.getItem('csrf_tokens');\n if (tokensData) {\n const tokensArray = JSON.parse(tokensData);\n this.tokenCache = new Map(tokensArray);\n // Clean up on load\n await this.cleanupExpiredTokens();\n }\n } catch (error) {\n this.tokenCache.clear();\n }\n }\n\n /\n Clear all tokens for session\n /\n async clearSession(sessionId: string): Promise<void> {\n const tokensToRemove: string[] = [];\n \n for (const [token, data] of this.tokenCache.entries()) {\n if (data.sessionId === sessionId) {\n tokensToRemove.push(token);\n }\n }\n \n tokensToRemove.forEach(token => this.tokenCache.delete(token));\n await this.persistTokens();\n }\n}\n\n// Export singleton instance\nexport const csrfManager = new CSRFManager();\n\n// Convenience functions\nexport async function generateCSRFToken(sessionId: string): Promise<string> {\n return csrfManager.generateToken(sessionId);\n}\n\nexport async function validateCSRFToken(token: string, sessionId: string): Promise<boolean> {\n return csrfManager.validateToken(token, sessionId);\n}\n\nexport async function getCSRFToken(sessionId: string): Promise<string \| null> {\n return csrfManager.getCurrentToken(sessionId);\n}\n","\n/\n @file SQL Injection Protection\n * @description Utilities to prevent SQL injection attacks in dynamic queries\n /\n\nimport { z } from 'zod';\n\n// Common SQL injection patterns\nconst SQL_INJECTION_PATTERNS = [\n /(\\b(SELECT\|INSERT\|UPDATE\|DELETE\|DROP\|CREATE\|ALTER\|EXEC\|EXECUTE\|UNION\|SCRIPT\|JAVASCRIPT)\\b)/i,\n /(\\'\|(\\\\\\')\|(\\'\\')\|(\\\"\|(\\\\\\\")\|(\\\\\")))\|(\\\\x)\|(\\\\u)/i,\n /((%27)\|(')\|(%6F)\|o\|(%4F)\|(%72)\|r\|(%52))/i, // '\|%27\|' OR\n /((%27)\|(')\|(%55)\|u\|(%55)\|(%4E)\|n\|(%4E)\|(%49)\|i\|(%49)\|(%4F)\|o\|(%4F)\|(%4E)\|n\|(%4E))/i, // '\|%27\|' UNION\n /((%3D)\|(=))[^\\n]((%27)\|(')\|((\\\\x27))\|((\\\\x2D))\|((\\\\x23)))/i,\n /(w((%27)\|(')\|(%6F)\|o\|(%4F)\|(%72)\|r\|(%52)))/i,\n /((%27)\|(')\|(''))+union/i,\n /exec(\\+\|\\s)+(s\|x)p\\w+/i,\n /\\b(and\|or)\\b.+?(=\|<\|>\|\\bin\\b\|\\blike\\b)/i,\n /\\bunion\\b.+?\\bselect\\b/i,\n /\\bdrop\\b.+?\\btable\\b/i,\n /\\binsert\\b.+?\\binto\\b/i,\n /\\bdelete\\b.+?\\bfrom\\b/i,\n /\\bupdate\\b.+?\\bset\\b/i,\n /(;\|(\\\\x3B)).+?(drop\|create\|alter\|exec\|execute\|insert\|update\|delete)/i,\n /(%3B\|;).+?(%44\|%64\|d)(%52\|%72\|r)(%4F\|%6F\|o)(%50\|%70\|p)/i\n];\n\n// Characters that should be escaped or removed\nconst DANGEROUS_CHARS = /[';\\\"\\\\%]/g;\n\n/\n Schema for validating and sanitizing search queries\n /\nexport const searchQuerySchema = z\n .string()\n .max(500, 'Search query too long')\n .refine(\n (query) => {\n return !SQL_INJECTION_PATTERNS.some(pattern => pattern.test(query));\n },\n 'Invalid characters detected in search query'\n )\n .transform((query) => sanitizeSearchQuery(query));\n\n/\n Schema for validating table/column names\n /\nexport const sqlIdentifierSchema = z\n .string()\n .min(1, 'Identifier cannot be empty')\n .max(63, 'Identifier too long') // PostgreSQL limit\n .regex(/^[a-zA-Z_][a-zA-Z0-9_]$/, 'Invalid identifier format')\n .refine(\n (identifier) => {\n const reservedWords = [\n 'SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE', 'ALTER',\n 'FROM', 'WHERE', 'JOIN', 'UNION', 'ORDER', 'GROUP', 'HAVING'\n ];\n return !reservedWords.includes(identifier.toUpperCase());\n },\n 'Identifier cannot be a reserved SQL keyword'\n );\n\n/*\n Schema for validating order by clauses\n /\nexport const orderBySchema = z\n .string()\n .regex(/^[a-zA-Z_][a-zA-Z0-9_](\\s+(ASC\|DESC\|asc\|desc))?$/, 'Invalid order by format');\n\n/*\n Schema for validating limit/offset values\n /\nexport const limitOffsetSchema = z\n .number()\n .int('Must be an integer')\n .min(0, 'Must be non-negative')\n .max(1000, 'Limit too large'); // Reasonable maximum\n\n/\n Sanitize search query by removing dangerous characters\n /\nexport function sanitizeSearchQuery(query: string): string {\n return query\n .replace(DANGEROUS_CHARS, '') // Remove dangerous characters\n .replace(/\\s+/g, ' ') // Normalize whitespace\n .trim()\n .slice(0, 500); // Enforce length limit\n}\n\n/\n Escape special characters for LIKE queries\n /\nexport function escapeLikeQuery(query: string): string {\n return query\n .replace(/\\\\/g, '\\\\\\\\') // Escape backslashes\n .replace(/%/g, '\\\\%') // Escape percent signs\n .replace(/_/g, '\\\\_'); // Escape underscores\n}\n\n/\n Validate and sanitize a dynamic filter object\n /\nexport function sanitizeFilters(filters: Record<string, unknown>): Record<string, unknown> {\n const sanitized: Record<string, unknown> = {};\n \n for (const [key, value] of Object.entries(filters)) {\n // Validate the key (column name)\n const keyValidation = sqlIdentifierSchema.safeParse(key);\n if (!keyValidation.success) {\n // Log warning for invalid filter keys\n // Note: Using console.warn here is intentional for security events\n // This should eventually use the security audit system\n console.warn(`[SECURITY] Invalid filter key detected and removed: ${key}`);\n continue;\n }\n \n // Sanitize the value based on type\n if (typeof value === 'string') {\n const valueValidation = searchQuerySchema.safeParse(value);\n if (valueValidation.success) {\n sanitized[key] = valueValidation.data;\n }\n } else if (typeof value === 'number') {\n if (Number.isFinite(value)) {\n sanitized[key] = value;\n }\n } else if (typeof value === 'boolean') {\n sanitized[key] = value;\n } else if (Array.isArray(value)) {\n // For IN queries, validate each item\n const sanitizedArray = value\n .filter(item => typeof item === 'string' \|\| typeof item === 'number')\n .map(item => typeof item === 'string' ? sanitizeSearchQuery(item) : item)\n .slice(0, 100); // Limit array size\n \n if (sanitizedArray.length > 0) {\n sanitized[key] = sanitizedArray;\n }\n }\n }\n \n return sanitized;\n}\n\n/\n Build safe query parameters for Supabase\n /\nexport interface SafeQueryParams {\n select?: string;\n filters?: Record<string, unknown>;\n orderBy?: string;\n limit?: number;\n offset?: number;\n search?: string;\n}\n\nexport function buildSafeQueryParams(params: SafeQueryParams): SafeQueryParams {\n const safe: SafeQueryParams = {};\n \n // Validate select clause\n if (params.select) {\n const selectFields = params.select.split(',').map(field => field.trim());\n const validFields = selectFields.filter(field => {\n return sqlIdentifierSchema.safeParse(field).success;\n });\n \n if (validFields.length > 0) {\n safe.select = validFields.join(', ');\n }\n }\n \n // Sanitize filters\n if (params.filters) {\n safe.filters = sanitizeFilters(params.filters);\n }\n \n // Validate order by\n if (params.orderBy) {\n const orderByValidation = orderBySchema.safeParse(params.orderBy);\n if (orderByValidation.success) {\n safe.orderBy = orderByValidation.data;\n }\n }\n \n // Validate limit and offset\n if (params.limit !== undefined) {\n const limitValidation = limitOffsetSchema.safeParse(params.limit);\n if (limitValidation.success) {\n safe.limit = limitValidation.data;\n }\n }\n \n if (params.offset !== undefined) {\n const offsetValidation = limitOffsetSchema.safeParse(params.offset);\n if (offsetValidation.success) {\n safe.offset = offsetValidation.data;\n }\n }\n \n // Sanitize search query\n if (params.search) {\n const searchValidation = searchQuerySchema.safeParse(params.search);\n if (searchValidation.success) {\n safe.search = searchValidation.data;\n }\n }\n \n return safe;\n}\n\n/\n Detect potential SQL injection attempts\n /\nexport function detectSQLInjection(input: string): {\n isSuspicious: boolean;\n patterns: string[];\n riskLevel: 'low' \| 'medium' \| 'high' \| 'critical';\n} {\n const detectedPatterns: string[] = [];\n let maxRisk: 'low' \| 'medium' \| 'high' \| 'critical' = 'low';\n \n SQL_INJECTION_PATTERNS.forEach((pattern, index) => {\n if (pattern.test(input)) {\n detectedPatterns.push(`Pattern ${index + 1}`);\n \n // Assign risk levels based on pattern severity\n if (index < 3) { // Most dangerous patterns first\n maxRisk = 'critical';\n } else if (index < 7 && maxRisk !== 'critical') {\n maxRisk = 'high';\n } else if (index < 12 && !['critical', 'high'].includes(maxRisk)) {\n maxRisk = 'medium';\n }\n }\n });\n \n return {\n isSuspicious: detectedPatterns.length > 0,\n patterns: detectedPatterns,\n riskLevel: maxRisk\n };\n}\n","import { z } from 'zod';\nimport { emailSchema, nameSchema } from './common';\n\n/\n Schema for user profile data\n /\nexport const userProfileSchema = z.object({\n name: nameSchema,\n email: emailSchema,\n phone: z.string().optional(),\n website: z.string().url().optional(),\n bio: z.string().max(500).optional(),\n});\n\n/\n Schema for user settings\n /\nexport const userSettingsSchema = z.object({\n notifications: z.object({\n email: z.boolean(),\n push: z.boolean(),\n }),\n language: z.string(),\n});\n\n/\n Schema for user preferences\n /\nexport const userPreferencesSchema = z.object({\n displayName: nameSchema,\n timezone: z.string(),\n dateFormat: z.string(),\n currency: z.string(),\n}); ","\nimport type { SupabaseClient } from '@supabase/supabase-js';\nimport { createLogger } from '../core/logger';\n\nconst log = createLogger('Security');\n\nexport interface SecurityEvent {\n type: string;\n timestamp: Date;\n userId?: string;\n details: Record<string, unknown>;\n}\n\nexport function logSecurityEvent(event: SecurityEvent): void {\n // In production, this should log to your security monitoring system\n // Using Logger.warn for now - can be upgraded to audit system later\n log.warn('Security event:', {\n ...event,\n timestamp: event.timestamp.toISOString()\n });\n}\n\nexport function validateUserSession(userId: string, sessionToken?: string): Promise<boolean> {\n // Mock implementation - replace with actual session validation\n if (!userId \|\| typeof userId !== 'string') {\n logSecurityEvent({\n type: 'invalid_session_validation',\n timestamp: new Date(),\n details: { reason: 'Invalid userId provided' }\n });\n return Promise.resolve(false);\n }\n \n if (sessionToken && sessionToken.length < 10) {\n logSecurityEvent({\n type: 'suspicious_session_token',\n timestamp: new Date(),\n userId,\n details: { reason: 'Session token too short' }\n });\n return Promise.resolve(false);\n }\n \n return Promise.resolve(true);\n}\n\nexport function createSecureSession(\n _supabaseClient: SupabaseClient,\n sessionData: { userId: string; deviceFingerprint?: string }\n): Promise<string> {\n // Mock implementation - in production, create actual secure session\n const sessionId = `sess_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;\n \n logSecurityEvent({\n type: 'session_created',\n timestamp: new Date(),\n userId: sessionData.userId,\n details: { \n sessionId,\n hasDeviceFingerprint: !!sessionData.deviceFingerprint\n }\n });\n \n return Promise.resolve(sessionId);\n}\n\nexport function invalidateSession(\n _supabaseClient: SupabaseClient,\n sessionId: string\n): Promise<void> {\n // Mock implementation - in production, invalidate actual session\n logSecurityEvent({\n type: 'session_invalidated',\n timestamp: new Date(),\n details: { sessionId }\n });\n \n return Promise.resolve();\n}\n\nexport function getSecurityHeaders(): Record<string, string> {\n return {\n 'X-Content-Type-Options': 'nosniff',\n 'X-Frame-Options': 'DENY',\n 'X-XSS-Protection': '1; mode=block',\n 'Referrer-Policy': 'strict-origin-when-cross-origin',\n 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'\n };\n}\n\nexport function validateSecurityHeaders(headers: Record<string, string>): boolean {\n const requiredHeaders = ['X-Content-Type-Options', 'X-Frame-Options'];\n const missingHeaders = requiredHeaders.filter(header => !headers[header]);\n \n if (missingHeaders.length > 0) {\n logSecurityEvent({\n type: 'missing_security_headers',\n timestamp: new Date(),\n details: { missingHeaders }\n });\n return false;\n }\n \n return true;\n}\n\nexport function generateDeviceFingerprint(): string {\n // Basic device fingerprinting - in production, use more sophisticated methods\n const canvas = document.createElement('canvas');\n const ctx = canvas.getContext('2d');\n if (ctx) {\n ctx.textBaseline = 'top';\n ctx.font = '14px Arial';\n ctx.fillText('Device fingerprint', 2, 2);\n }\n \n const fingerprint = [\n navigator.userAgent,\n navigator.language,\n screen.width + 'x' + screen.height,\n new Date().getTimezoneOffset(),\n canvas.toDataURL()\n ].join('\|');\n \n // Simple hash function for demonstration\n let hash = 0;\n for (let i = 0; i < fingerprint.length; i++) {\n const char = fingerprint.charCodeAt(i);\n hash = ((hash << 5) - hash) + char;\n hash = hash & hash; // Convert to 32-bit integer\n }\n \n return Math.abs(hash).toString(16);\n}\n\nexport function validateDeviceFingerprint(fingerprint: string, expectedFingerprint?: string): boolean {\n if (!fingerprint \|\| typeof fingerprint !== 'string') {\n logSecurityEvent({\n type: 'invalid_device_fingerprint',\n timestamp: new Date(),\n details: { reason: 'Invalid fingerprint format' }\n });\n return false;\n }\n \n if (expectedFingerprint && fingerprint !== expectedFingerprint) {\n logSecurityEvent({\n type: 'device_fingerprint_mismatch',\n timestamp: new Date(),\n details: { \n provided: fingerprint,\n expected: expectedFingerprint\n }\n });\n return false;\n }\n \n return true;\n}\n","\ninterface SecurityEvent {\n id?: string;\n action: string;\n details: Record<string, any>;\n timestamp?: number;\n}\n\ninterface SecurityAlert {\n id: string;\n type: string;\n message: string;\n timestamp: Date;\n}\n\nclass SecurityMonitor {\n private events: SecurityEvent[] = [];\n\n logEvent(event: SecurityEvent) {\n const eventWithId = {\n ...event,\n id: Math.random().toString(36).substr(2, 9),\n timestamp: Date.now()\n };\n this.events.push(eventWithId);\n }\n\n getEvents(): SecurityEvent[] {\n return [...this.events];\n }\n\n clearEvents() {\n this.events = [];\n }\n\n createAlert(alert: Omit<SecurityAlert, 'id' \| 'timestamp'>): SecurityAlert {\n return {\n ...alert,\n id: Math.random().toString(36).substr(2, 9),\n timestamp: new Date()\n };\n }\n}\n\nexport const securityMonitor = new SecurityMonitor();\n","/\n @file Performance Constants\n * @package @jmruthers/pace-core\n * @module Constants/Performance\n * @since 0.1.0\n * \n * Performance thresholds and constants used across the application.\n /\n\n/\n Performance thresholds for various operations.\n * These thresholds are used for smoke tests to detect significant regressions.\n * They are intentionally generous to avoid flakiness in CI/coverage environments.\n /\nexport const PERFORMANCE_THRESHOLDS = {\n /* Render time threshold in milliseconds /\n RENDER_TIME: 200,\n /* Permission check time threshold in milliseconds /\n PERMISSION_CHECK_TIME: 110,\n /* Memory usage increase threshold in bytes /\n MEMORY_USAGE_INCREASE: 1024 1024, // 1MB\n /** Maximum acceptable re-render count /\n RE_RENDER_COUNT: 3,\n} as const;\n\n","/\n Performance benchmarking utilities\n /\n\nexport interface PerformanceMetrics {\n renderTime: number;\n interactionTime: number;\n memoryUsage: number;\n bundleSize: number;\n}\n\nexport function createPerformanceBenchmark(name: string) {\n const startTime = performance.now();\n const startMemory = (performance as any).memory?.usedJSHeapSize \|\| 0;\n\n return {\n end: () => {\n const endTime = performance.now();\n const endMemory = (performance as any).memory?.usedJSHeapSize \|\| 0;\n \n const metrics: PerformanceMetrics = {\n renderTime: endTime - startTime,\n interactionTime: 0, // Would be measured separately\n memoryUsage: endMemory - startMemory,\n bundleSize: 0, // Would be measured at build time\n };\n\n // TODO: Replace with proper logging service integration\n // For now, we'll use a no-op to prevent console pollution\n const _unused = { \n benchmark: `Performance Benchmark [${name}]`, \n metrics \n };\n \n return metrics;\n }\n };\n}\n\nexport function measureRenderPerformance(componentName: string, renderFn: () => void): PerformanceMetrics {\n const startTime = performance.now();\n const startMemory = (performance as any).memory?.usedJSHeapSize \|\| 0;\n \n renderFn();\n \n const endTime = performance.now();\n const endMemory = (performance as any).memory?.usedJSHeapSize \|\| 0;\n \n const metrics: PerformanceMetrics = {\n renderTime: endTime - startTime,\n interactionTime: 0,\n memoryUsage: endMemory - startMemory,\n bundleSize: 0,\n };\n \n // TODO: Replace with proper logging service integration\n // For now, we'll use a no-op to prevent console pollution\n const _unused = { \n benchmark: `Render Performance [${componentName}]`, \n metrics \n };\n \n return metrics;\n} ","\ninterface BundleStats {\n totalSize: number;\n gzippedSize: number;\n chunks: ChunkInfo[];\n treeshakingEffectiveness: number;\n}\n\ninterface ChunkInfo {\n name: string;\n size: number;\n modules: string[];\n dynamicallyImported: boolean;\n}\n\nclass BundleAnalyzer {\n private get enabled(): boolean {\n try {\n return import.meta.env?.MODE === 'development';\n } catch {\n return false;\n }\n }\n\n analyzeBundle(): BundleStats \| null {\n if (!this.enabled) return null;\n\n // In a real implementation, this would integrate with webpack-bundle-analyzer\n // or similar tools. For now, we'll simulate analysis\n \n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.log('Bundle analysis would run here in development');\n console.log('To enable real bundle analysis:');\n console.log('1. Install webpack-bundle-analyzer');\n console.log('2. Add bundle analysis to build scripts');\n console.log('3. Integrate with performance budgets');\n\n return {\n totalSize: 0,\n gzippedSize: 0,\n chunks: [],\n treeshakingEffectiveness: 0\n };\n }\n\n checkTreeshaking(): void {\n if (!this.enabled) return;\n\n const potentialIssues = [\n 'Check for unused exports in index files',\n 'Verify side-effect free modules in package.json',\n 'Ensure proper ES module syntax',\n 'Check for circular dependencies'\n ];\n\n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.group('Tree-shaking Analysis');\n potentialIssues.forEach(issue => console.log('- ' + issue));\n console.groupEnd();\n }\n\n validateExports(): void {\n if (!this.enabled) return;\n\n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.group('Export Validation');\n console.log('Checking for optimal export patterns...');\n console.log('- Prefer named exports over default exports');\n console.log('- Avoid barrel exports for large modules');\n console.log('- Use dynamic imports for large dependencies');\n console.groupEnd();\n }\n\n generateReport(): string {\n const report = `\n# Bundle Analysis Report\n\n## Recommendations for @jmruthers/pace-core\n\n### 1. Code Splitting Opportunities\n- ✅ DataTable virtualization is lazy-loaded\n- ⚠️ Consider splitting auth providers by use case\n- ⚠️ Lazy load heavy UI components (charts, complex forms)\n\n### 2. Tree-shaking Optimization\n- ✅ Using ES modules throughout\n- ✅ Proper sideEffects configuration\n- ⚠️ Check for unused utility functions\n\n### 3. Bundle Size Targets\n- Core components: < 50KB gzipped\n- Auth module: < 30KB gzipped \n- Utilities: < 20KB gzipped\n- Total package: < 150KB gzipped\n\n### 4. Performance Monitoring\n- Monitor component render times\n- Track bundle size changes\n- Validate tree-shaking effectiveness\n `;\n\n return report.trim();\n }\n}\n\nexport const bundleAnalyzer = new BundleAnalyzer();\n\n// Helper to check if imports are optimized\nexport function validateImportPattern(moduleId: string, importedItems: string[]): void {\n try {\n if (import.meta.env?.MODE !== 'development') return;\n } catch {\n return; // Silently skip in test environments\n }\n\n const largeModules = ['lodash', 'moment', 'rxjs'];\n const isLargeModule = largeModules.some(mod => moduleId.includes(mod));\n \n if (isLargeModule && importedItems.length > 5) {\n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.warn(\n 'Large import detected: importing ' + importedItems.length + ' items from ' + moduleId + '. ' +\n 'Consider splitting imports or using more specific imports.'\n );\n }\n}\n\n// Monitor dynamic imports\nexport function trackDynamicImport(moduleName: string): void {\n try {\n if (import.meta.env?.MODE !== 'development') return;\n } catch {\n return; // Silently skip in test environments\n }\n \n // TODO: Replace with proper logging service integration\n // For now, we'll log to console for testing purposes\n console.log('Dynamic import: ' + moduleName + ' - Good for code splitting!');\n}\n","\n/\n Dynamic utility loader to reduce initial bundle size\n * Heavy utilities are loaded on-demand\n /\n\n// Type definitions for dynamic imports\ntype DebounceFunction = <T extends (...args: unknown[]) => unknown>(\n func: T,\n wait?: number,\n options?: { leading?: boolean; maxWait?: number; trailing?: boolean }\n) => T & { cancel(): void; flush(): void };\n\ntype ThrottleFunction = <T extends (...args: unknown[]) => unknown>(\n func: T,\n wait?: number,\n options?: { leading?: boolean; trailing?: boolean }\n) => T & { cancel(): void; flush(): void };\n\n// Dynamic lodash utilities\nexport const loadLodash = async (): Promise<{\n debounce: DebounceFunction;\n throttle: ThrottleFunction;\n}> => {\n // Using type assertions for dynamic imports - these modules don't have consistent type exports\n const [debounceModule, throttleModule] = await Promise.all([\n import('lodash.debounce') as Promise<{ default?: DebounceFunction } & { [key: string]: unknown }>,\n import('lodash.throttle') as Promise<{ default?: ThrottleFunction } & { [key: string]: unknown }>\n ]);\n \n return {\n debounce: (debounceModule.default \|\| debounceModule) as DebounceFunction,\n throttle: (throttleModule.default \|\| throttleModule) as ThrottleFunction\n };\n};\n\n// Dynamic date utilities\nexport const loadDateUtils = async (): Promise<typeof import('date-fns')> => {\n const dateFns = await import('date-fns');\n return dateFns;\n};\n\n// Dynamic chart utilities - using unknown type to avoid Recharts type issues\nexport const loadChartUtils = async (): Promise<unknown> => {\n const recharts = await import('recharts');\n return recharts;\n};\n\n// Dynamic form utilities\nexport const loadFormUtils = async (): Promise<{\n useForm: unknown;\n useController: unknown;\n Controller: unknown;\n FormProvider: unknown;\n useFormContext: unknown;\n useWatch: unknown;\n useFormState: unknown;\n useFieldArray: unknown;\n zodResolver: unknown;\n}> => {\n const [reactHookForm, zodResolvers] = await Promise.all([\n import('react-hook-form'),\n import('@hookform/resolvers/zod')\n ]);\n \n return {\n ...reactHookForm,\n zodResolver: zodResolvers.zodResolver\n };\n};\n\n// Dynamic CSV utilities\nexport const loadCSVUtils = async (): Promise<unknown> => {\n const papaparse = await import('papaparse');\n return papaparse.default;\n};\n\n// Utility function to create lazy utility hooks\nexport function createLazyUtility<T>(loader: () => Promise<T>) {\n let cached: T \| null = null;\n let loading: Promise<T> \| null = null;\n\n return {\n load: async (): Promise<T> => {\n if (cached) return cached;\n if (loading) return loading;\n\n loading = loader().then(result => {\n cached = result;\n loading = null;\n return result;\n });\n\n return loading;\n },\n getCached: (): T \| null => cached,\n isLoaded: (): boolean => cached !== null\n };\n}\n\n// Pre-configured lazy utilities with explicit types\nexport const lazyLodash: ReturnType<typeof createLazyUtility<Awaited<ReturnType<typeof loadLodash>>>> = createLazyUtility(loadLodash);\nexport const lazyDateUtils: ReturnType<typeof createLazyUtility<Awaited<ReturnType<typeof loadDateUtils>>>> = createLazyUtility(loadDateUtils);\nexport const lazyChartUtils: ReturnType<typeof createLazyUtility<unknown>> = createLazyUtility(loadChartUtils);\nexport const lazyFormUtils: ReturnType<typeof createLazyUtility<Awaited<ReturnType<typeof loadFormUtils>>>> = createLazyUtility(loadFormUtils);\nexport const lazyCSVUtils: ReturnType<typeof createLazyUtility<unknown>> = createLazyUtility(loadCSVUtils);\n","import React, { Suspense, ComponentType, lazy } from 'react';\nimport { LoadingSpinner } from '../../components/LoadingSpinner/LoadingSpinner';\n\ninterface LazyLoadOptions {\n fallback?: React.ReactNode;\n errorBoundary?: ComponentType<{ children: React.ReactNode }>;\n}\n\n/\n Create a lazy-loaded component with error boundary and loading fallback\n /\nexport function createLazyComponent<T extends ComponentType<any>>(\n importFn: () => Promise<{ default: T }>,\n componentName: string,\n options: LazyLoadOptions = {}\n): T {\n const LazyComponent = lazy(importFn);\n \n const WrappedComponent = (props: any) => {\n const content = (\n <Suspense fallback={options.fallback \|\| <LoadingSpinner />}>\n <LazyComponent {...props} />\n </Suspense>\n );\n\n if (options.errorBoundary) {\n const ErrorBoundary = options.errorBoundary;\n return <ErrorBoundary>{content}</ErrorBoundary>;\n }\n\n return content;\n };\n \n WrappedComponent.displayName = `Lazy${componentName}`;\n return WrappedComponent as T;\n}\n\n/\n Lazy-loaded DataTable component\n /\nexport const LazyDataTable = createLazyComponent(\n () => import('../../components/DataTable').then(module => ({ default: module.DataTable })),\n 'DataTable'\n);\n","\n/\n Permission utilities for transforming and managing permissions\n /\n\nexport function transformPermissionMapToBoolean(permissions: Record<string, unknown>): Record<string, boolean> {\n const result: Record<string, boolean> = {};\n \n Object.entries(permissions).forEach(([key, value]) => {\n if (typeof value === 'string') {\n // Handle string values - 'false' should be false, empty strings are false, other non-empty strings are true\n result[key] = value !== '' && value.toLowerCase() !== 'false';\n } else {\n result[key] = Boolean(value);\n }\n });\n \n return result;\n}\n\nexport function hasPermission(permissions: Record<string, boolean>, permission: string): boolean {\n return Boolean(permissions[permission]);\n}\n\nexport function hasAnyPermission(permissions: Record<string, boolean>, permissionList: string[] \| null \| undefined): boolean {\n if (!permissionList \|\| permissionList.length === 0) return false;\n return permissionList.some(permission => hasPermission(permissions, permission));\n}\n\nexport function hasAllPermissions(permissions: Record<string, boolean>, permissionList: string[] \| null \| undefined): boolean {\n if (!permissionList) return false;\n if (permissionList.length === 0) return true;\n return permissionList.every(permission => hasPermission(permissions, permission));\n}\n","\n/\n @file Permission type definitions and utilities\n /\n\nexport enum PermissionType {\n READ = 'read',\n WRITE = 'write',\n DELETE = 'delete',\n ADMIN = 'admin'\n}\n\n/\n Parse a permission string into components\n /\nexport function parsePermission(permission: string): { resource: string; action: string } \| null {\n if (!permission \|\| typeof permission !== 'string') {\n return null;\n }\n \n const parts = permission.split(':');\n if (parts.length !== 2) {\n return null;\n }\n \n const [action, resource] = parts;\n \n // Check that both action and resource exist and are not empty\n if (action === undefined \|\| resource === undefined \|\| action === '' \|\| resource === '') {\n return null;\n }\n \n return {\n resource,\n action\n };\n}\n","\n/\n @file Audit Logger - General Utility\n * \n * Moved from shared/auditLogger to lib for better organization\n /\n\nexport interface AuditEvent {\n type: 'auth' \| 'permission' \| 'security';\n action?: string;\n event?: string;\n user?: string;\n userId?: string;\n details?: Record<string, unknown>;\n data?: Record<string, unknown>;\n timestamp?: number;\n severity?: 'low' \| 'medium' \| 'high' \| 'critical';\n source?: string;\n}\n\nclass AuditLogger {\n private events: AuditEvent[] = [];\n\n log(event: AuditEvent): void {\n const eventWithTimestamp = {\n ...event,\n timestamp: Date.now(),\n };\n \n this.events.push(eventWithTimestamp);\n // TODO: In production, this should send to a proper logging service\n // Console logging removed for production\n }\n\n async logPermissionEvent(event: {\n event: string;\n userId: string;\n data?: Record<string, unknown>;\n }): Promise<void> {\n this.log({\n type: 'permission',\n event: event.event,\n userId: event.userId,\n data: event.data,\n });\n }\n\n async logSecurityEvent(event: {\n event: string;\n data?: Record<string, unknown>;\n }): Promise<void> {\n this.log({\n type: 'security',\n event: event.event,\n data: event.data,\n });\n }\n\n async logAuthEvent(event: {\n event: string;\n userId?: string;\n data?: Record<string, unknown>;\n }): Promise<void> {\n this.log({\n type: 'auth',\n event: event.event,\n userId: event.userId,\n data: event.data,\n });\n }\n\n async getSecurityEvents(): Promise<AuditEvent[]> {\n return this.events.filter(event => event.type === 'security');\n }\n\n getEvents(): AuditEvent[] {\n return [...this.events];\n }\n\n clearEvents(): void {\n this.events = [];\n }\n}\n\nexport const auditLogger = new AuditLogger();\n\n// Alias for backward compatibility\nexport const auditLog = auditLogger;\n\nexport function logAuthEvent(action: string, user?: string, details?: Record<string, unknown>): void {\n auditLogger.log({\n type: 'auth',\n action,\n user,\n details,\n });\n // Console logging removed for production\n}\n\nexport function logPermissionEvent(action: string, user?: string, details?: Record<string, unknown>): void {\n auditLogger.log({\n type: 'permission',\n action,\n user,\n details,\n });\n // Console logging removed for production\n}\n\nexport function logSecurityEvent(action: string, user?: string, details?: Record<string, unknown>): void {\n auditLogger.log({\n type: 'security',\n action,\n user,\n details,\n });\n // Console logging removed for production\n}\n\nexport function logAuditEvent(action: string, user?: string, details?: Record<string, unknown>): void {\n auditLogger.log({\n type: 'auth', // Default to auth type for general audit events\n action,\n user,\n details,\n });\n}\n","/\n @file Secure Device Fingerprinting\n * @description Enhanced device fingerprinting with encryption and security measures\n /\n\nimport { secureStorage } from '../security/secureStorage';\n\nexport interface DeviceFingerprint {\n hash: string;\n timestamp: number;\n components: {\n userAgent: string;\n language: string;\n platform: string;\n screen: string;\n timezone: string;\n canvas?: string;\n webgl?: string;\n };\n entropy: number;\n}\n\n/\n Generate a secure device fingerprint (synchronous)\n /\nexport function generateDeviceFingerprint(): DeviceFingerprint {\n try {\n const components = {\n userAgent: getHashedUserAgent(),\n language: navigator.language \|\| 'unknown',\n platform: navigator.platform \|\| 'unknown',\n screen: `${screen.width}x${screen.height}x${screen.colorDepth}`,\n timezone: Intl.DateTimeFormat().resolvedOptions().timeZone \|\| 'unknown',\n canvas: getCanvasFingerprint(),\n webgl: getWebGLFingerprint(),\n };\n\n // Calculate entropy (uniqueness score)\n const entropy = calculateEntropy(components);\n \n // Create a hash from all components\n const fingerprintData = JSON.stringify(components);\n const hash = hashStringSync(fingerprintData);\n\n const fingerprint: DeviceFingerprint = {\n hash,\n timestamp: Date.now(),\n components,\n entropy,\n };\n\n // Store fingerprint asynchronously\n secureStorage.setItem('device_fingerprint', JSON.stringify(fingerprint));\n \n return fingerprint;\n } catch (error) {\n return generateFallbackFingerprint();\n }\n}\n\n/\n Validate device fingerprint with security checks\n /\nexport function validateDeviceFingerprint(\n storedFingerprint: DeviceFingerprint,\n currentFingerprint: DeviceFingerprint\n): {\n isValid: boolean;\n confidence: number;\n reasons: string[];\n} {\n const reasons: string[] = [];\n let matchingComponents = 0;\n const totalComponents = Object.keys(storedFingerprint.components).length;\n\n // Check each component\n Object.entries(storedFingerprint.components).forEach(([key, value]) => {\n if (currentFingerprint.components[key as keyof typeof currentFingerprint.components] === value) {\n matchingComponents++;\n } else {\n reasons.push(`Component mismatch: ${key}`);\n }\n });\n\n // Calculate confidence score\n const confidence = (matchingComponents / totalComponents) 100;\n\n // Security thresholds\n const isValid = confidence >= 80; // Require 80% match\n \n // Additional security checks\n const timeDiff = currentFingerprint.timestamp - storedFingerprint.timestamp;\n const maxAge = 30 * 24 * 60 * 60 * 1000; // 30 days\n \n if (timeDiff > maxAge) {\n reasons.push('Fingerprint too old');\n return { isValid: false, confidence, reasons };\n }\n\n if (confidence < 60) {\n reasons.push('Device signature changed significantly');\n }\n\n return { isValid, confidence, reasons };\n}\n\n/*\n Generate canvas fingerprint for enhanced uniqueness\n /\nfunction getCanvasFingerprint(): string {\n try {\n const canvas = document.createElement('canvas');\n const ctx = canvas.getContext('2d');\n \n if (!ctx) return 'canvas-unavailable';\n\n // Draw complex pattern for fingerprinting\n ctx.textBaseline = 'top';\n ctx.font = '14px Arial';\n ctx.fillStyle = '#f60';\n ctx.fillRect(125, 1, 62, 20);\n ctx.fillStyle = '#069';\n ctx.fillText('Device fingerprint 🔒', 2, 15);\n ctx.fillStyle = 'rgba(102, 204, 0, 0.2)';\n ctx.fillText('Device fingerprint 🔒', 4, 17);\n\n const dataURL = canvas.toDataURL();\n return hashStringSync(dataURL);\n } catch (error) {\n return 'canvas-error';\n }\n}\n\n/\n Get WebGL fingerprint\n /\nfunction getWebGLFingerprint(): string {\n try {\n const canvas = document.createElement('canvas');\n const gl = canvas.getContext('webgl') \|\| canvas.getContext('experimental-webgl') as WebGLRenderingContext \| null;\n \n if (!gl) return 'webgl-unavailable';\n\n const debugInfo = gl.getExtension('WEBGL_debug_renderer_info');\n if (!debugInfo) return 'webgl-no-debug';\n\n const vendor = gl.getParameter(debugInfo.UNMASKED_VENDOR_WEBGL);\n const renderer = gl.getParameter(debugInfo.UNMASKED_RENDERER_WEBGL);\n \n return `${vendor}\|${renderer}`;\n } catch (error) {\n return 'webgl-error';\n }\n}\n\n/\n Hash user agent to prevent direct exposure\n /\nfunction getHashedUserAgent(): string {\n const ua = navigator.userAgent;\n return hashStringSync(ua).substring(0, 16); // Shorter hash for storage\n}\n\n/\n Calculate entropy of fingerprint components\n /\nfunction calculateEntropy(components: Record<string, string>): number {\n const values = Object.values(components).join('');\n const charCounts = new Map<string, number>();\n \n for (const char of values) {\n charCounts.set(char, (charCounts.get(char) \|\| 0) + 1);\n }\n \n let entropy = 0;\n for (const count of charCounts.values()) {\n const probability = count / values.length;\n entropy -= probability Math.log2(probability);\n }\n \n return entropy;\n}\n\n/*\n Synchronous hash function for device fingerprinting\n /\nfunction hashStringSync(str: string): string {\n let hash = 0;\n for (let i = 0; i < str.length; i++) {\n const char = str.charCodeAt(i);\n hash = ((hash << 5) - hash) + char;\n hash = hash & hash;\n }\n return Math.abs(hash).toString(36);\n}\n\n/\n Generate fallback fingerprint for error cases\n /\nfunction generateFallbackFingerprint(): DeviceFingerprint {\n const components = {\n userAgent: 'fallback',\n language: 'unknown',\n platform: 'unknown',\n screen: 'unknown',\n timezone: 'unknown',\n };\n\n return {\n hash: `fallback_${Date.now()}_${Math.random().toString(36)}`,\n timestamp: Date.now(),\n components,\n entropy: 1, // Low entropy for fallback\n };\n}\n","/\n @file Location Utilities\n * @package @jmruthers/pace-core\n * @module Utils/Location\n * @since 0.1.0\n \n Utility functions for working with geographic coordinates.\n * Provides functions for formatting, validating, comparing, and generating URLs for coordinates.\n \n Features:\n * - Format coordinates for display\n * - Validate coordinate objects\n * - Compare coordinates with tolerance\n * - Generate Google Maps URLs\n \n @example\n * ```ts\n * import { formatCoordinates, hasValidCoordinates, areCoordinatesEqual, getGoogleMapsUrl } from '@jmruthers/pace-core/utils/location';\n \n const coords = { lat: -37.8136, lng: 144.9631 };\n \n // Format for display\n * formatCoordinates(coords); // \"-37.813600, 144.963100\"\n \n // Validate\n * hasValidCoordinates(coords); // true\n \n // Compare\n * areCoordinatesEqual(coords, { lat: -37.8137, lng: 144.9632 }); // true (within tolerance)\n \n // Generate Google Maps URL\n * getGoogleMapsUrl(coords); // \"https://www.google.com/maps/search/?api=1&query=-37.8136,144.9631\"\n * ```\n /\n\n/\n Coordinate interface for latitude and longitude\n /\nexport interface Coordinates {\n lat: number;\n lng: number;\n}\n\n/\n Format coordinates as a string with 6 decimal places\n \n @param coords - Coordinate object with lat and lng\n * @returns Formatted string \"lat, lng\" or \"N/A\" if invalid\n \n @example\n * ```ts\n * formatCoordinates({ lat: -37.8136, lng: 144.9631 });\n * // \"-37.813600, 144.963100\"\n \n formatCoordinates(undefined);\n * // \"N/A\"\n * ```\n /\nexport function formatCoordinates(coords?: Coordinates): string {\n if (!coords \|\| typeof coords.lat !== 'number' \|\| typeof coords.lng !== 'number') {\n return 'N/A';\n }\n\n if (!isFinite(coords.lat) \|\| !isFinite(coords.lng)) {\n return 'N/A';\n }\n\n return `${coords.lat.toFixed(6)}, ${coords.lng.toFixed(6)}`;\n}\n\n/\n Check if coordinates are valid\n \n @param coords - Coordinate object to validate\n * @returns true if coordinates are valid, false otherwise\n \n @example\n * ```ts\n * hasValidCoordinates({ lat: -37.8136, lng: 144.9631 }); // true\n * hasValidCoordinates({ lat: 91, lng: 0 }); // false (lat out of range)\n * hasValidCoordinates(undefined); // false\n * ```\n /\nexport function hasValidCoordinates(coords?: { lat?: number; lng?: number }): boolean {\n if (!coords) {\n return false;\n }\n\n const { lat, lng } = coords;\n\n if (typeof lat !== 'number' \|\| typeof lng !== 'number') {\n return false;\n }\n\n if (!isFinite(lat) \|\| !isFinite(lng)) {\n return false;\n }\n\n // Latitude must be between -90 and 90\n if (lat < -90 \|\| lat > 90) {\n return false;\n }\n\n // Longitude must be between -180 and 180\n if (lng < -180 \|\| lng > 180) {\n return false;\n }\n\n return true;\n}\n\n/\n Check if two coordinates are equal within a tolerance\n \n @param coords1 - First coordinate object\n * @param coords2 - Second coordinate object\n * @param tolerance - Tolerance in degrees (default: 0.0001° ≈ 11 meters)\n * @returns true if coordinates are within tolerance, false otherwise\n \n @example\n * ```ts\n * const coords1 = { lat: -37.8136, lng: 144.9631 };\n * const coords2 = { lat: -37.8137, lng: 144.9632 };\n * areCoordinatesEqual(coords1, coords2); // true (within default tolerance)\n * areCoordinatesEqual(coords1, coords2, 0.00001); // false (stricter tolerance)\n * ```\n /\nexport function areCoordinatesEqual(\n coords1: Coordinates \| null \| undefined,\n coords2: Coordinates \| null \| undefined,\n tolerance: number = 0.0001\n): boolean {\n // Both null/undefined are considered equal\n if (!coords1 && !coords2) {\n return true;\n }\n\n // One null/undefined and one not are not equal\n if (!coords1 \|\| !coords2) {\n return false;\n }\n\n // Validate both coordinates\n if (!hasValidCoordinates(coords1) \|\| !hasValidCoordinates(coords2)) {\n return false;\n }\n\n // Check if within tolerance (with small epsilon for floating point precision)\n const epsilon = 1e-10;\n const latDiff = Math.abs(coords1.lat - coords2.lat);\n const lngDiff = Math.abs(coords1.lng - coords2.lng);\n\n return latDiff <= tolerance + epsilon && lngDiff <= tolerance + epsilon;\n}\n\n/\n Generate a Google Maps search URL for coordinates\n \n @param coords - Coordinate object with lat and lng\n * @returns Google Maps search URL or empty string if invalid\n \n @example\n * ```ts\n * getGoogleMapsUrl({ lat: -37.8136, lng: 144.9631 });\n * // \"https://www.google.com/maps/search/?api=1&query=-37.8136,144.9631\"\n * ```\n */\nexport function getGoogleMapsUrl(coords?: Coordinates): string {\n if (!coords \|\| !hasValidCoordinates(coords)) {\n return '';\n }\n\n return `https://www.google.com/maps/search/?api=1&query=${coords.lat},${coords.lng}`;\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAWO,IAAM,cAAN,MAAkB;AAAA;AAAA;AAAA;AAAA,EAIvB,WAAmB,gBAAyB;AAC1C,WAAO,YAAY,IAAI,SAAS;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,IAAI,WAAmB,YAAoB,MAAmB;AACnE,QAAI,KAAK,eAAe;AACtB,UAAI;AACF,gBAAQ,IAAI,IAAI,SAAS,KAAK,OAAO,IAAI,GAAG,IAAI;AAAA,MAClD,SAAS,GAAG;AAAA,MAEZ;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,MAAM,WAAmB,YAAoB,MAAmB;AACrE,QAAI;AACF,cAAQ,MAAM,IAAI,SAAS,KAAK,OAAO,IAAI,GAAG,IAAI;AAAA,IACpD,SAAS,GAAG;AAAA,IAEZ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,KAAK,WAAmB,YAAoB,MAAmB;AACpE,QAAI;AACF,cAAQ,KAAK,IAAI,SAAS,KAAK,OAAO,IAAI,GAAG,IAAI;AAAA,IACnD,SAAS,GAAG;AAAA,IAEZ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,KAAK,WAAmB,YAAoB,MAAmB;AACpE,QAAI,KAAK,eAAe;AACtB,UAAI;AACF,gBAAQ,KAAK,IAAI,SAAS,KAAK,OAAO,IAAI,GAAG,IAAI;AAAA,MACnD,SAAS,GAAG;AAAA,MAEZ;AAAA,IACF;AAAA,EACF;AACF;;;ACtDO,SAAS,aAAa,OAAwB;AACnD,QAAM,eAAe;AACrB,SAAO,aAAa,KAAK,KAAK;AAChC;AAKO,SAAS,QAAQ,OAA2C;AACjE,SAAO,UAAU,QAAQ,UAAU,UAAa,MAAM,KAAK,MAAM;AACnE;AAKO,SAAS,iBAAiB,UAA2B;AAE1D,QAAM,kBAAkB;AACxB,SAAO,gBAAgB,KAAK,QAAQ;AACtC;AAKO,SAAS,WAAW,KAAsB;AAC/C,MAAI;AACF,QAAI,IAAI,GAAG;AACX,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAKO,SAAS,YAAY,SAA0B;AACpD,QAAM,OAAO,IAAI,KAAK,OAAO;AAC7B,SAAO,CAAC,MAAM,KAAK,QAAQ,CAAC;AAC9B;AAKO,SAAS,cAAc,OAAe,KAAa,KAAsB;AAC9E,SAAO,SAAS,OAAO,SAAS;AAClC;AAKO,SAAS,eAAe,OAAe,SAA0B;AACtE,SAAO,QAAQ,KAAK,KAAK;AAC3B;AAMO,SAAS,UACd,QACA,QACG;AACH,QAAM,SAAS,EAAE,GAAG,OAAO;AAE3B,MAAI,SAAS,MAAM,KAAK,SAAS,MAAM,GAAG;AACxC,WAAO,KAAK,MAAM,EAAE,QAAQ,SAAO;AACjC,UAAI,SAAS,OAAO,GAAG,CAAC,GAAG;AACzB,YAAI,EAAE,OAAO,SAAS;AACpB,iBAAO,OAAO,QAAQ,EAAE,CAAC,GAAG,GAAG,OAAO,GAAG,EAAE,CAAC;AAAA,QAC9C,OAAO;AAEL,gBAAM,YAAY;AAClB,gBAAM,cAAc,OAAO,SAAS;AAEpC,cAAI,SAAS,WAAW,GAAG;AAEzB,mBAAO,SAAS,IAAI;AAAA,cAClB;AAAA,cACA,OAAO,GAAG;AAAA,YACZ;AAAA,UACF;AAAA,QACF;AAAA,MACF,OAAO;AACL,eAAO,OAAO,QAAQ,EAAE,CAAC,GAAG,GAAG,OAAO,GAAG,EAAE,CAAC;AAAA,MAC9C;AAAA,IACF,CAAC;AAAA,EACH;AAEA,SAAO;AACT;AAMO,SAAS,SAAS,MAAgD;AACvE,SAAO,SAAS,QAAQ,OAAO,SAAS,YAAY,CAAC,MAAM,QAAQ,IAAI;AACzE;;;ACvGA,SAAS,KAAAA,UAAS;;;ACGlB,SAAS,SAAS;AAiBlB,IAAM,kBAAuC;AAAA,EAC3C,WAAW;AAAA,EACX,aAAa,CAAC;AAAA,EACd,WAAW;AAAA,EACX,MAAM;AAAA,EACN,eAAe;AAAA,EACf,cAAc;AAChB;AAKO,SAAS,kBAAkB,OAAe,UAA+B,CAAC,GAAW;AAC1F,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AAEA,QAAM,OAAO,EAAE,GAAG,iBAAiB,GAAG,QAAQ;AAC9C,MAAI,YAAY;AAGhB,MAAI,KAAK,MAAM;AACb,gBAAY,UAAU,KAAK;AAAA,EAC7B;AAGA,MAAI,KAAK,aAAa,UAAU,SAAS,KAAK,WAAW;AACvD,gBAAY,UAAU,UAAU,GAAG,KAAK,SAAS;AAAA,EACnD;AAGA,MAAI,CAAC,KAAK,WAAW;AACnB,gBAAY,UACT,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,QAAQ,EACtB,QAAQ,MAAM,QAAQ,EACtB,QAAQ,OAAO,QAAQ;AAAA,EAC5B,WAAW,KAAK,eAAe,KAAK,YAAY,SAAS,GAAG;AAE1D,UAAM,mBAAmB,IAAI,OAAO,YAAa,KAAK,YAAY,KAAK,GAAG,CAAC,iBAAmB,IAAI;AAClG,gBAAY,UAAU,QAAQ,kBAAkB,EAAE;AAAA,EACpD;AAGA,MAAI,KAAK,eAAe;AACtB,gBAAY,UACT,QAAQ,gCAAgC,EAAE,EAC1C,QAAQ,iBAAiB,EAAE,EAC3B,QAAQ,eAAe,EAAE,EACzB,QAAQ,WAAW,EAAE;AAAA,EAC1B;AAGA,MAAI,KAAK,cAAc;AACrB,gBAAY,UAAU,QAAQ,eAAe,EAAE;AAAA,EACjD;AAEA,SAAO;AACT;AAKO,SAAS,cAAc,OAAuB;AACnD,MAAI,OAAO,UAAU,UAAU;AAC7B,WAAO;AAAA,EACT;AAEA,SAAO,MACJ,KAAK,EACL,YAAY,EACZ,QAAQ,aAAa,EAAE;AAC5B;AAqEO,SAAS,iBACd,MACA,QACA,mBACgD;AAChD,MAAI;AAEF,QAAI,qBAAqB,OAAO,SAAS,YAAY,SAAS,MAAM;AAClE,YAAM,gBAAgB,EAAE,GAAG,KAAK;AAEhC,aAAO,QAAQ,iBAAiB,EAAE,QAAQ,CAAC,CAAC,OAAO,OAAO,MAAM;AAC9D,YAAI,OAAO,cAAc,KAAK,MAAM,UAAU;AAC5C,wBAAc,KAAK,IAAI,kBAAkB,cAAc,KAAK,GAAa,OAAO;AAAA,QAClF;AAAA,MACF,CAAC;AAED,aAAO;AAAA,IACT;AAGA,UAAM,SAAS,OAAO,MAAM,IAAI;AAChC,WAAO,EAAE,SAAS,MAAM,MAAM,OAAO;AAAA,EACvC,SAAS,OAAO;AACd,QAAI,iBAAiB,EAAE,UAAU;AAC/B,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO,MAAM,OAAO,IAAI,OAAK,EAAE,OAAO,EAAE,KAAK,IAAI;AAAA,MACnD;AAAA,IACF;AACA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,OAAO;AAAA,IACT;AAAA,EACF;AACF;AAqEO,IAAM,oBAAoB,EAC9B,OAAO,EACP,IAAI,GAAG,mBAAmB,EAC1B,MAAM,sBAAsB,EAC5B,IAAI,KAAK,gBAAgB,EACzB;AAAA,EACC,CAAC,UAAU;AACT,QAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAEhD,UAAM,SAAS,MAAM,MAAM,GAAG,EAAE,CAAC;AACjC,WAAO,UAAU,OAAO,SAAS,GAAG,KAAK,OAAO,SAAS;AAAA,EAC3D;AAAA,EACA;AACF,EACC,UAAU,CAAC,UAAU,cAAc,KAAK,CAAC;AAKrC,IAAMC,eAAc,EACxB,OAAO,EACP,IAAI,GAAG,mBAAmB,EAC1B,MAAM,sBAAsB;AAKxB,IAAMC,cAAa,EACvB,OAAO,EACP,IAAI,GAAG,kBAAkB,EACzB,IAAI,KAAK,eAAe,EACxB,MAAM,mBAAmB,kCAAkC;AAKvD,IAAMC,eAAc,EACxB,OAAO,EACP,MAAM,0BAA0B,6BAA6B;AAKzD,IAAMC,aAAY,EACtB,OAAO,EACP,IAAI,oBAAoB;AAKpB,IAAMC,cAAa,EACvB,OAAO,EACP,MAAM,uBAAuB,kCAAkC;AAK3D,IAAMC,qBAAoB,EAAE,OAAO;AAAA,EACxC,OAAO;AAAA,EACP,UAAU,EAAE,OAAO,EAAE,IAAI,GAAG,sBAAsB;AACpD,CAAC;;;AD/TM,SAAS,kBACd,QACA,MACA,mBACgD;AAChD,SAAO,iBAAiB,MAAM,QAAQ,iBAAiB;AACzD;AAKO,IAAMC,eAAcC,GAAE,OAAO,EACjC,UAAU,WAAS,MAAM,YAAY,EAAE,KAAK,CAAC,EAC7C,KAAKA,GAAE,OAAO,EAAE,IAAI,GAAG,mBAAmB,EAAE,MAAM,sBAAsB,EAAE,IAAI,KAAK,gBAAgB,CAAC;AAKhG,IAAMC,kBAAiBD,GAAE,OAAO,EACpC,IAAI,GAAG,wCAAwC,EAC/C,IAAI,KAAK,mBAAmB,EAC5B,MAAM,SAAS,qDAAqD,EACpE,MAAM,SAAS,qDAAqD,EACpE,MAAM,SAAS,2CAA2C,EAC1D,MAAM,gBAAgB,sDAAsD;AAKxE,IAAM,iBAAiBA,GAAE,OAAO,EACpC,UAAU,cAAY,SAAS,YAAY,EAAE,KAAK,CAAC,EACnD,KAAKA,GAAE,OAAO,EAAE,IAAI,GAAG,wCAAwC,EAAE,IAAI,IAAI,mBAAmB,EAAE,MAAM,oBAAoB,sEAAsE,CAAC;AAK3L,IAAME,cAAaF,GAAE,OAAO,EAChC,IAAI,GAAG,kBAAkB,EACzB,IAAI,KAAK,eAAe,EACxB,OAAO,UAAQ;AAEd,QAAM,oBAAoB;AAAA,IACxB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO,CAAC,kBAAkB,KAAK,aAAW,QAAQ,KAAK,IAAI,CAAC;AAC9D,GAAG,kCAAkC,EACpC,UAAU,UAAQ,kBAAkB,MAAM;AAAA,EACzC,WAAW;AAAA,EACX,WAAW;AAAA,EACX,MAAM;AACR,CAAC,CAAC;AAKG,IAAMG,eAAcH,GAAE,OAAO,EACjC,IAAI,IAAI,yCAAyC,EACjD,IAAI,IAAI,uBAAuB,EAC/B,MAAM,2BAA2B,6BAA6B,EAC9D,OAAO,WAAS;AAEf,QAAM,aAAa,MAAM,QAAQ,OAAO,EAAE;AAC1C,SAAO,WAAW,UAAU,MAAM,WAAW,UAAU;AACzD,GAAG,+CAA+C;AAK7C,IAAMI,aAAYJ,GAAE,OAAO,EAC/B,IAAI,GAAG,iBAAiB,EACxB,IAAI,MAAM,cAAc,EACxB,OAAO,SAAO;AACb,MAAI;AACF,UAAM,SAAS,IAAI,IAAI,GAAG;AAC1B,WAAO,CAAC,SAAS,QAAQ,EAAE,SAAS,OAAO,QAAQ;AAAA,EACrD,QAAQ;AACN,WAAO;AAAA,EACT;AACF,GAAG,oBAAoB,EACtB,OAAO,SAAO;AAEb,QAAM,oBAAoB;AAAA,IACxB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO,CAAC,kBAAkB,KAAK,aAAW,QAAQ,KAAK,GAAG,CAAC;AAC7D,GAAG,+BAA+B;;;AE/FpC,IAAM,cAAN,MAAkB;AAAA,EAAlB;AACE,SAAQ,aAAa,oBAAI,IAA2B;AACpD,SAAiB,eAAe,KAAK,KAAK;AAC1C;AAAA,SAAiB,yBAAyB;AAAA;AAAA;AAAA;AAAA;AAAA,EAK1C,MAAM,cAAc,WAAoC;AACtD,QAAI;AAEF,YAAM,KAAK,qBAAqB;AAGhC,YAAM,gBAAgB,MAAM,KAAK,KAAK,WAAW,OAAO,CAAC,EACtD,OAAO,UAAQ,KAAK,cAAc,aAAa,CAAC,KAAK,IAAI;AAE5D,UAAI,cAAc,UAAU,KAAK,wBAAwB;AAEvD,cAAM,SAAS,cAAc,KAAK,CAAC,GAAG,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;AACxE,aAAK,WAAW,OAAO,OAAO,KAAK;AAAA,MACrC;AAGA,YAAM,aAAa,IAAI,WAAW,EAAE;AACpC,aAAO,gBAAgB,UAAU;AACjC,YAAM,QAAQ,MAAM;AAAA,QAAK;AAAA,QAAY,UACnC,KAAK,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG;AAAA,MACnC,EAAE,KAAK,EAAE;AAET,YAAM,YAA2B;AAAA,QAC/B;AAAA,QACA;AAAA,QACA,WAAW,KAAK,IAAI;AAAA,QACpB,MAAM;AAAA,MACR;AAGA,WAAK,WAAW,IAAI,OAAO,SAAS;AACpC,YAAM,KAAK,cAAc;AAEzB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,YAAM,IAAI,MAAM,8BAA8B;AAAA,IAChD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,cAAc,OAAe,WAAqC;AACtE,QAAI;AAEF,UAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,cAAM,KAAK,WAAW;AAAA,MACxB;AAEA,YAAM,YAAY,KAAK,WAAW,IAAI,KAAK;AAE3C,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,MACT;AAGA,UAAI,UAAU,cAAc,WAAW;AACrC,eAAO;AAAA,MACT;AAGA,UAAI,UAAU,MAAM;AAClB,eAAO;AAAA,MACT;AAGA,UAAI,KAAK,IAAI,IAAI,UAAU,YAAY,KAAK,cAAc;AACxD,aAAK,WAAW,OAAO,KAAK;AAC5B,cAAM,KAAK,cAAc;AACzB,eAAO;AAAA,MACT;AAGA,gBAAU,OAAO;AACjB,WAAK,WAAW,IAAI,OAAO,SAAS;AACpC,YAAM,KAAK,cAAc;AAEzB,aAAO;AAAA,IACT,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,WAA2C;AAE/D,QAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,YAAM,KAAK,WAAW;AAAA,IACxB;AAGA,eAAW,CAAC,OAAO,IAAI,KAAK,KAAK,WAAW,QAAQ,GAAG;AACrD,UACE,KAAK,cAAc,aACnB,CAAC,KAAK,QACL,KAAK,IAAI,IAAI,KAAK,YAAa,KAAK,cACrC;AACA,eAAO;AAAA,MACT;AAAA,IACF;AAGA,WAAO,MAAM,KAAK,cAAc,SAAS;AAAA,EAC3C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,uBAAsC;AAClD,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,gBAA0B,CAAC;AAEjC,eAAW,CAAC,OAAO,IAAI,KAAK,KAAK,WAAW,QAAQ,GAAG;AACrD,UAAI,KAAK,QAAS,MAAM,KAAK,YAAa,KAAK,cAAc;AAC3D,sBAAc,KAAK,KAAK;AAAA,MAC1B;AAAA,IACF;AAEA,kBAAc,QAAQ,WAAS,KAAK,WAAW,OAAO,KAAK,CAAC;AAE5D,QAAI,cAAc,SAAS,GAAG;AAC5B,YAAM,KAAK,cAAc;AAAA,IAC3B;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,gBAA+B;AAC3C,QAAI;AACF,YAAM,cAAc,MAAM,KAAK,KAAK,WAAW,QAAQ,CAAC;AACxD,YAAM,cAAc;AAAA,QAClB;AAAA,QACA,KAAK,UAAU,WAAW;AAAA,QAC1B,EAAE,SAAS,MAAM,QAAQ,KAAK,aAAa;AAAA,MAC7C;AAAA,IACF,SAAS,OAAO;AAAA,IAEhB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,aAA4B;AACxC,QAAI;AACF,YAAM,aAAa,MAAM,cAAc,QAAQ,aAAa;AAC5D,UAAI,YAAY;AACd,cAAM,cAAc,KAAK,MAAM,UAAU;AACzC,aAAK,aAAa,IAAI,IAAI,WAAW;AAErC,cAAM,KAAK,qBAAqB;AAAA,MAClC;AAAA,IACF,SAAS,OAAO;AACd,WAAK,WAAW,MAAM;AAAA,IACxB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,WAAkC;AACnD,UAAM,iBAA2B,CAAC;AAElC,eAAW,CAAC,OAAO,IAAI,KAAK,KAAK,WAAW,QAAQ,GAAG;AACrD,UAAI,KAAK,cAAc,WAAW;AAChC,uBAAe,KAAK,KAAK;AAAA,MAC3B;AAAA,IACF;AAEA,mBAAe,QAAQ,WAAS,KAAK,WAAW,OAAO,KAAK,CAAC;AAC7D,UAAM,KAAK,cAAc;AAAA,EAC3B;AACF;AAGO,IAAM,cAAc,IAAI,YAAY;AAG3C,eAAsB,kBAAkB,WAAoC;AAC1E,SAAO,YAAY,cAAc,SAAS;AAC5C;AAEA,eAAsB,kBAAkB,OAAe,WAAqC;AAC1F,SAAO,YAAY,cAAc,OAAO,SAAS;AACnD;AAEA,eAAsB,aAAa,WAA2C;AAC5E,SAAO,YAAY,gBAAgB,SAAS;AAC9C;;;AC/MA,SAAS,KAAAK,UAAS;AAGlB,IAAM,yBAAyB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAGA,IAAM,kBAAkB;AAKjB,IAAM,oBAAoBA,GAC9B,OAAO,EACP,IAAI,KAAK,uBAAuB,EAChC;AAAA,EACC,CAAC,UAAU;AACT,WAAO,CAAC,uBAAuB,KAAK,aAAW,QAAQ,KAAK,KAAK,CAAC;AAAA,EACpE;AAAA,EACA;AACF,EACC,UAAU,CAAC,UAAU,oBAAoB,KAAK,CAAC;AAK3C,IAAM,sBAAsBA,GAChC,OAAO,EACP,IAAI,GAAG,4BAA4B,EACnC,IAAI,IAAI,qBAAqB,EAC7B,MAAM,4BAA4B,2BAA2B,EAC7D;AAAA,EACC,CAAC,eAAe;AACd,UAAM,gBAAgB;AAAA,MACpB;AAAA,MAAU;AAAA,MAAU;AAAA,MAAU;AAAA,MAAU;AAAA,MAAQ;AAAA,MAAU;AAAA,MAC1D;AAAA,MAAQ;AAAA,MAAS;AAAA,MAAQ;AAAA,MAAS;AAAA,MAAS;AAAA,MAAS;AAAA,IACtD;AACA,WAAO,CAAC,cAAc,SAAS,WAAW,YAAY,CAAC;AAAA,EACzD;AAAA,EACA;AACF;AAKK,IAAM,gBAAgBA,GAC1B,OAAO,EACP,MAAM,qDAAqD,yBAAyB;AAKhF,IAAM,oBAAoBA,GAC9B,OAAO,EACP,IAAI,oBAAoB,EACxB,IAAI,GAAG,sBAAsB,EAC7B,IAAI,KAAM,iBAAiB;AAKvB,SAAS,oBAAoB,OAAuB;AACzD,SAAO,MACJ,QAAQ,iBAAiB,EAAE,EAC3B,QAAQ,QAAQ,GAAG,EACnB,KAAK,EACL,MAAM,GAAG,GAAG;AACjB;AAKO,SAAS,gBAAgB,OAAuB;AACrD,SAAO,MACJ,QAAQ,OAAO,MAAM,EACrB,QAAQ,MAAM,KAAK,EACnB,QAAQ,MAAM,KAAK;AACxB;AAKO,SAAS,gBAAgB,SAA2D;AACzF,QAAM,YAAqC,CAAC;AAE5C,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,OAAO,GAAG;AAElD,UAAM,gBAAgB,oBAAoB,UAAU,GAAG;AACvD,QAAI,CAAC,cAAc,SAAS;AAI1B,cAAQ,KAAK,uDAAuD,GAAG,EAAE;AACzE;AAAA,IACF;AAGA,QAAI,OAAO,UAAU,UAAU;AAC7B,YAAM,kBAAkB,kBAAkB,UAAU,KAAK;AACzD,UAAI,gBAAgB,SAAS;AAC3B,kBAAU,GAAG,IAAI,gBAAgB;AAAA,MACnC;AAAA,IACF,WAAW,OAAO,UAAU,UAAU;AACpC,UAAI,OAAO,SAAS,KAAK,GAAG;AAC1B,kBAAU,GAAG,IAAI;AAAA,MACnB;AAAA,IACF,WAAW,OAAO,UAAU,WAAW;AACrC,gBAAU,GAAG,IAAI;AAAA,IACnB,WAAW,MAAM,QAAQ,KAAK,GAAG;AAE/B,YAAM,iBAAiB,MACpB,OAAO,UAAQ,OAAO,SAAS,YAAY,OAAO,SAAS,QAAQ,EACnE,IAAI,UAAQ,OAAO,SAAS,WAAW,oBAAoB,IAAI,IAAI,IAAI,EACvE,MAAM,GAAG,GAAG;AAEf,UAAI,eAAe,SAAS,GAAG;AAC7B,kBAAU,GAAG,IAAI;AAAA,MACnB;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAcO,SAAS,qBAAqB,QAA0C;AAC7E,QAAM,OAAwB,CAAC;AAG/B,MAAI,OAAO,QAAQ;AACjB,UAAM,eAAe,OAAO,OAAO,MAAM,GAAG,EAAE,IAAI,WAAS,MAAM,KAAK,CAAC;AACvE,UAAM,cAAc,aAAa,OAAO,WAAS;AAC/C,aAAO,oBAAoB,UAAU,KAAK,EAAE;AAAA,IAC9C,CAAC;AAED,QAAI,YAAY,SAAS,GAAG;AAC1B,WAAK,SAAS,YAAY,KAAK,IAAI;AAAA,IACrC;AAAA,EACF;AAGA,MAAI,OAAO,SAAS;AAClB,SAAK,UAAU,gBAAgB,OAAO,OAAO;AAAA,EAC/C;AAGA,MAAI,OAAO,SAAS;AAClB,UAAM,oBAAoB,cAAc,UAAU,OAAO,OAAO;AAChE,QAAI,kBAAkB,SAAS;AAC7B,WAAK,UAAU,kBAAkB;AAAA,IACnC;AAAA,EACF;AAGA,MAAI,OAAO,UAAU,QAAW;AAC9B,UAAM,kBAAkB,kBAAkB,UAAU,OAAO,KAAK;AAChE,QAAI,gBAAgB,SAAS;AAC3B,WAAK,QAAQ,gBAAgB;AAAA,IAC/B;AAAA,EACF;AAEA,MAAI,OAAO,WAAW,QAAW;AAC/B,UAAM,mBAAmB,kBAAkB,UAAU,OAAO,MAAM;AAClE,QAAI,iBAAiB,SAAS;AAC5B,WAAK,SAAS,iBAAiB;AAAA,IACjC;AAAA,EACF;AAGA,MAAI,OAAO,QAAQ;AACjB,UAAM,mBAAmB,kBAAkB,UAAU,OAAO,MAAM;AAClE,QAAI,iBAAiB,SAAS;AAC5B,WAAK,SAAS,iBAAiB;AAAA,IACjC;AAAA,EACF;AAEA,SAAO;AACT;AAKO,SAAS,mBAAmB,OAIjC;AACA,QAAM,mBAA6B,CAAC;AACpC,MAAI,UAAkD;AAEtD,yBAAuB,QAAQ,CAAC,SAAS,UAAU;AACjD,QAAI,QAAQ,KAAK,KAAK,GAAG;AACvB,uBAAiB,KAAK,WAAW,QAAQ,CAAC,EAAE;AAG5C,UAAI,QAAQ,GAAG;AACb,kBAAU;AAAA,MACZ,WAAW,QAAQ,KAAK,YAAY,YAAY;AAC9C,kBAAU;AAAA,MACZ,WAAW,QAAQ,MAAM,CAAC,CAAC,YAAY,MAAM,EAAE,SAAS,OAAO,GAAG;AAChE,kBAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF,CAAC;AAED,SAAO;AAAA,IACL,cAAc,iBAAiB,SAAS;AAAA,IACxC,UAAU;AAAA,IACV,WAAW;AAAA,EACb;AACF;;;ACnPA,SAAS,KAAAC,UAAS;AAMX,IAAMC,qBAAoBC,GAAE,OAAO;AAAA,EACxC,MAAM;AAAA,EACN,OAAO;AAAA,EACP,OAAOA,GAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,SAASA,GAAE,OAAO,EAAE,IAAI,EAAE,SAAS;AAAA,EACnC,KAAKA,GAAE,OAAO,EAAE,IAAI,GAAG,EAAE,SAAS;AACpC,CAAC;AAKM,IAAM,qBAAqBA,GAAE,OAAO;AAAA,EACzC,eAAeA,GAAE,OAAO;AAAA,IACtB,OAAOA,GAAE,QAAQ;AAAA,IACjB,MAAMA,GAAE,QAAQ;AAAA,EAClB,CAAC;AAAA,EACD,UAAUA,GAAE,OAAO;AACrB,CAAC;AAKM,IAAM,wBAAwBA,GAAE,OAAO;AAAA,EAC5C,aAAa;AAAA,EACb,UAAUA,GAAE,OAAO;AAAA,EACnB,YAAYA,GAAE,OAAO;AAAA,EACrB,UAAUA,GAAE,OAAO;AACrB,CAAC;;;AC7BD,IAAM,MAAM,aAAa,UAAU;AAS5B,SAAS,iBAAiB,OAA4B;AAG3D,MAAI,KAAK,mBAAmB;AAAA,IAC1B,GAAG;AAAA,IACH,WAAW,MAAM,UAAU,YAAY;AAAA,EACzC,CAAC;AACH;AA4DO,SAAS,qBAA6C;AAC3D,SAAO;AAAA,IACL,0BAA0B;AAAA,IAC1B,mBAAmB;AAAA,IACnB,oBAAoB;AAAA,IACpB,mBAAmB;AAAA,IACnB,6BAA6B;AAAA,EAC/B;AACF;AAEO,SAAS,wBAAwB,SAA0C;AAChF,QAAM,kBAAkB,CAAC,0BAA0B,iBAAiB;AACpE,QAAM,iBAAiB,gBAAgB,OAAO,YAAU,CAAC,QAAQ,MAAM,CAAC;AAExE,MAAI,eAAe,SAAS,GAAG;AAC7B,qBAAiB;AAAA,MACf,MAAM;AAAA,MACN,WAAW,oBAAI,KAAK;AAAA,MACpB,SAAS,EAAE,eAAe;AAAA,IAC5B,CAAC;AACD,WAAO;AAAA,EACT;AAEA,SAAO;AACT;;;ACzFA,IAAM,kBAAN,MAAsB;AAAA,EAAtB;AACE,SAAQ,SAA0B,CAAC;AAAA;AAAA,EAEnC,SAAS,OAAsB;AAC7B,UAAM,cAAc;AAAA,MAClB,GAAG;AAAA,MACH,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,GAAG,CAAC;AAAA,MAC1C,WAAW,KAAK,IAAI;AAAA,IACtB;AACA,SAAK,OAAO,KAAK,WAAW;AAAA,EAC9B;AAAA,EAEA,YAA6B;AAC3B,WAAO,CAAC,GAAG,KAAK,MAAM;AAAA,EACxB;AAAA,EAEA,cAAc;AACZ,SAAK,SAAS,CAAC;AAAA,EACjB;AAAA,EAEA,YAAY,OAA+D;AACzE,WAAO;AAAA,MACL,GAAG;AAAA,MACH,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,GAAG,CAAC;AAAA,MAC1C,WAAW,oBAAI,KAAK;AAAA,IACtB;AAAA,EACF;AACF;AAEO,IAAM,kBAAkB,IAAI,gBAAgB;;;AC9B5C,IAAM,yBAAyB;AAAA;AAAA,EAEpC,aAAa;AAAA;AAAA,EAEb,uBAAuB;AAAA;AAAA,EAEvB,uBAAuB,OAAO;AAAA;AAAA;AAAA,EAE9B,iBAAiB;AACnB;;;ACZO,SAAS,2BAA2B,MAAc;AACvD,QAAM,YAAY,YAAY,IAAI;AAClC,QAAM,cAAe,YAAoB,QAAQ,kBAAkB;AAEnE,SAAO;AAAA,IACL,KAAK,MAAM;AACT,YAAM,UAAU,YAAY,IAAI;AAChC,YAAM,YAAa,YAAoB,QAAQ,kBAAkB;AAEjE,YAAM,UAA8B;AAAA,QAClC,YAAY,UAAU;AAAA,QACtB,iBAAiB;AAAA;AAAA,QACjB,aAAa,YAAY;AAAA,QACzB,YAAY;AAAA;AAAA,MACd;AAIA,YAAM,UAAU;AAAA,QACd,WAAW,0BAA0B,IAAI;AAAA,QACzC;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEO,SAAS,yBAAyB,eAAuB,UAA0C;AACxG,QAAM,YAAY,YAAY,IAAI;AAClC,QAAM,cAAe,YAAoB,QAAQ,kBAAkB;AAEnE,WAAS;AAET,QAAM,UAAU,YAAY,IAAI;AAChC,QAAM,YAAa,YAAoB,QAAQ,kBAAkB;AAEjE,QAAM,UAA8B;AAAA,IAClC,YAAY,UAAU;AAAA,IACtB,iBAAiB;AAAA,IACjB,aAAa,YAAY;AAAA,IACzB,YAAY;AAAA,EACd;AAIA,QAAM,UAAU;AAAA,IACd,WAAW,uBAAuB,aAAa;AAAA,IAC/C;AAAA,EACF;AAEA,SAAO;AACT;;;AChDA,IAAM,iBAAN,MAAqB;AAAA,EACnB,IAAY,UAAmB;AAC7B,QAAI;AACF,aAAO,YAAY,KAAK,SAAS;AAAA,IACnC,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,gBAAoC;AAClC,QAAI,CAAC,KAAK,QAAS,QAAO;AAO1B,YAAQ,IAAI,+CAA+C;AAC3D,YAAQ,IAAI,iCAAiC;AAC7C,YAAQ,IAAI,oCAAoC;AAChD,YAAQ,IAAI,yCAAyC;AACrD,YAAQ,IAAI,uCAAuC;AAEnD,WAAO;AAAA,MACL,WAAW;AAAA,MACX,aAAa;AAAA,MACb,QAAQ,CAAC;AAAA,MACT,0BAA0B;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,mBAAyB;AACvB,QAAI,CAAC,KAAK,QAAS;AAEnB,UAAM,kBAAkB;AAAA,MACtB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAIA,YAAQ,MAAM,uBAAuB;AACrC,oBAAgB,QAAQ,WAAS,QAAQ,IAAI,OAAO,KAAK,CAAC;AAC1D,YAAQ,SAAS;AAAA,EACnB;AAAA,EAEA,kBAAwB;AACtB,QAAI,CAAC,KAAK,QAAS;AAInB,YAAQ,MAAM,mBAAmB;AACjC,YAAQ,IAAI,yCAAyC;AACrD,YAAQ,IAAI,6CAA6C;AACzD,YAAQ,IAAI,0CAA0C;AACtD,YAAQ,IAAI,8CAA8C;AAC1D,YAAQ,SAAS;AAAA,EACnB;AAAA,EAEA,iBAAyB;AACvB,UAAM,SAAS;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA2Bf,WAAO,OAAO,KAAK;AAAA,EACrB;AACF;AAEO,IAAM,iBAAiB,IAAI,eAAe;AAG1C,SAAS,sBAAsB,UAAkB,eAA+B;AACrF,MAAI;AACF,QAAI,YAAY,KAAK,SAAS,cAAe;AAAA,EAC/C,QAAQ;AACN;AAAA,EACF;AAEA,QAAM,eAAe,CAAC,UAAU,UAAU,MAAM;AAChD,QAAM,gBAAgB,aAAa,KAAK,SAAO,SAAS,SAAS,GAAG,CAAC;AAErE,MAAI,iBAAiB,cAAc,SAAS,GAAG;AAG7C,YAAQ;AAAA,MACN,sCAAsC,cAAc,SAAS,iBAAiB,WAAW;AAAA,IAE3F;AAAA,EACF;AACF;AAGO,SAAS,mBAAmB,YAA0B;AAC3D,MAAI;AACF,QAAI,YAAY,KAAK,SAAS,cAAe;AAAA,EAC/C,QAAQ;AACN;AAAA,EACF;AAIA,UAAQ,IAAI,qBAAqB,aAAa,6BAA6B;AAC7E;;;AC1HO,IAAM,aAAa,YAGpB;AAEJ,QAAM,CAAC,gBAAgB,cAAc,IAAI,MAAM,QAAQ,IAAI;AAAA,IACzD,OAAO,iBAAiB;AAAA,IACxB,OAAO,iBAAiB;AAAA,EAC1B,CAAC;AAED,SAAO;AAAA,IACL,UAAW,eAAe,WAAW;AAAA,IACrC,UAAW,eAAe,WAAW;AAAA,EACvC;AACF;AAGO,IAAM,gBAAgB,YAAgD;AAC3E,QAAM,UAAU,MAAM,OAAO,UAAU;AACvC,SAAO;AACT;AAGO,IAAM,iBAAiB,YAA8B;AAC1D,QAAM,WAAW,MAAM,OAAO,UAAU;AACxC,SAAO;AACT;AAGO,IAAM,gBAAgB,YAUvB;AACJ,QAAM,CAAC,eAAe,YAAY,IAAI,MAAM,QAAQ,IAAI;AAAA,IACtD,OAAO,iBAAiB;AAAA,IACxB,OAAO,yBAAyB;AAAA,EAClC,CAAC;AAED,SAAO;AAAA,IACL,GAAG;AAAA,IACH,aAAa,aAAa;AAAA,EAC5B;AACF;AAGO,IAAM,eAAe,YAA8B;AACxD,QAAM,YAAY,MAAM,OAAO,WAAW;AAC1C,SAAO,UAAU;AACnB;AAGO,SAAS,kBAAqB,QAA0B;AAC7D,MAAI,SAAmB;AACvB,MAAI,UAA6B;AAEjC,SAAO;AAAA,IACL,MAAM,YAAwB;AAC5B,UAAI,OAAQ,QAAO;AACnB,UAAI,QAAS,QAAO;AAEpB,gBAAU,OAAO,EAAE,KAAK,YAAU;AAChC,iBAAS;AACT,kBAAU;AACV,eAAO;AAAA,MACT,CAAC;AAED,aAAO;AAAA,IACT;AAAA,IACA,WAAW,MAAgB;AAAA,IAC3B,UAAU,MAAe,WAAW;AAAA,EACtC;AACF;AAGO,IAAM,aAA2F,kBAAkB,UAAU;AAC7H,IAAM,gBAAiG,kBAAkB,aAAa;AACtI,IAAM,iBAAgE,kBAAkB,cAAc;AACtG,IAAM,gBAAiG,kBAAkB,aAAa;AACtI,IAAM,eAA8D,kBAAkB,YAAY;;;ACzGzG,SAAgB,UAAyB,YAAY;AAoBP;AATvC,SAAS,oBACd,UACA,eACA,UAA2B,CAAC,GACzB;AACH,QAAM,gBAAgB,KAAK,QAAQ;AAEnC,QAAM,mBAAmB,CAAC,UAAe;AACvC,UAAM,UACJ,oBAAC,YAAS,UAAU,QAAQ,YAAY,oBAAC,kBAAe,GACtD,8BAAC,iBAAe,GAAG,OAAO,GAC5B;AAGF,QAAI,QAAQ,eAAe;AACzB,YAAM,gBAAgB,QAAQ;AAC9B,aAAO,oBAAC,iBAAe,mBAAQ;AAAA,IACjC;AAEA,WAAO;AAAA,EACT;AAEA,mBAAiB,cAAc,OAAO,aAAa;AACnD,SAAO;AACT;AAKO,IAAM,gBAAgB;AAAA,EAC3B,MAAM,OAAO,yBAA4B,EAAE,KAAK,aAAW,EAAE,SAAS,OAAO,UAAU,EAAE;AAAA,EACzF;AACF;;;ACtCO,SAAS,gCAAgC,aAA+D;AAC7G,QAAM,SAAkC,CAAC;AAEzC,SAAO,QAAQ,WAAW,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACpD,QAAI,OAAO,UAAU,UAAU;AAE7B,aAAO,GAAG,IAAI,UAAU,MAAM,MAAM,YAAY,MAAM;AAAA,IACxD,OAAO;AACL,aAAO,GAAG,IAAI,QAAQ,KAAK;AAAA,IAC7B;AAAA,EACF,CAAC;AAED,SAAO;AACT;AAEO,SAAS,cAAc,aAAsC,YAA6B;AAC/F,SAAO,QAAQ,YAAY,UAAU,CAAC;AACxC;AAEO,SAAS,iBAAiB,aAAsC,gBAAsD;AAC3H,MAAI,CAAC,kBAAkB,eAAe,WAAW,EAAG,QAAO;AAC3D,SAAO,eAAe,KAAK,gBAAc,cAAc,aAAa,UAAU,CAAC;AACjF;AAEO,SAAS,kBAAkB,aAAsC,gBAAsD;AAC5H,MAAI,CAAC,eAAgB,QAAO;AAC5B,MAAI,eAAe,WAAW,EAAG,QAAO;AACxC,SAAO,eAAe,MAAM,gBAAc,cAAc,aAAa,UAAU,CAAC;AAClF;;;AC5BO,IAAK,iBAAL,kBAAKC,oBAAL;AACL,EAAAA,gBAAA,UAAO;AACP,EAAAA,gBAAA,WAAQ;AACR,EAAAA,gBAAA,YAAS;AACT,EAAAA,gBAAA,WAAQ;AAJE,SAAAA;AAAA,GAAA;AAUL,SAAS,gBAAgB,YAAiE;AAC/F,MAAI,CAAC,cAAc,OAAO,eAAe,UAAU;AACjD,WAAO;AAAA,EACT;AAEA,QAAM,QAAQ,WAAW,MAAM,GAAG;AAClC,MAAI,MAAM,WAAW,GAAG;AACtB,WAAO;AAAA,EACT;AAEA,QAAM,CAAC,QAAQ,QAAQ,IAAI;AAG3B,MAAI,WAAW,UAAa,aAAa,UAAa,WAAW,MAAM,aAAa,IAAI;AACtF,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,EACF;AACF;;;AChBA,IAAM,cAAN,MAAkB;AAAA,EAAlB;AACE,SAAQ,SAAuB,CAAC;AAAA;AAAA,EAEhC,IAAI,OAAyB;AAC3B,UAAM,qBAAqB;AAAA,MACzB,GAAG;AAAA,MACH,WAAW,KAAK,IAAI;AAAA,IACtB;AAEA,SAAK,OAAO,KAAK,kBAAkB;AAAA,EAGrC;AAAA,EAEA,MAAM,mBAAmB,OAIP;AAChB,SAAK,IAAI;AAAA,MACP,MAAM;AAAA,MACN,OAAO,MAAM;AAAA,MACb,QAAQ,MAAM;AAAA,MACd,MAAM,MAAM;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,iBAAiB,OAGL;AAChB,SAAK,IAAI;AAAA,MACP,MAAM;AAAA,MACN,OAAO,MAAM;AAAA,MACb,MAAM,MAAM;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,aAAa,OAID;AAChB,SAAK,IAAI;AAAA,MACP,MAAM;AAAA,MACN,OAAO,MAAM;AAAA,MACb,QAAQ,MAAM;AAAA,MACd,MAAM,MAAM;AAAA,IACd,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,oBAA2C;AAC/C,WAAO,KAAK,OAAO,OAAO,WAAS,MAAM,SAAS,UAAU;AAAA,EAC9D;AAAA,EAEA,YAA0B;AACxB,WAAO,CAAC,GAAG,KAAK,MAAM;AAAA,EACxB;AAAA,EAEA,cAAoB;AAClB,SAAK,SAAS,CAAC;AAAA,EACjB;AACF;AAEO,IAAM,cAAc,IAAI,YAAY;AAGpC,IAAM,WAAW;AAEjB,SAAS,aAAa,QAAgB,MAAe,SAAyC;AACnG,cAAY,IAAI;AAAA,IACd,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAEH;AAEO,SAAS,mBAAmB,QAAgB,MAAe,SAAyC;AACzG,cAAY,IAAI;AAAA,IACd,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAEH;AAEO,SAASC,kBAAiB,QAAgB,MAAe,SAAyC;AACvG,cAAY,IAAI;AAAA,IACd,MAAM;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAEH;AAEO,SAAS,cAAc,QAAgB,MAAe,SAAyC;AACpG,cAAY,IAAI;AAAA,IACd,MAAM;AAAA;AAAA,IACN;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACH;;;ACrGO,SAAS,4BAA+C;AAC7D,MAAI;AACF,UAAM,aAAa;AAAA,MACjB,WAAW,mBAAmB;AAAA,MAC9B,UAAU,UAAU,YAAY;AAAA,MAChC,UAAU,UAAU,YAAY;AAAA,MAChC,QAAQ,GAAG,OAAO,KAAK,IAAI,OAAO,MAAM,IAAI,OAAO,UAAU;AAAA,MAC7D,UAAU,KAAK,eAAe,EAAE,gBAAgB,EAAE,YAAY;AAAA,MAC9D,QAAQ,qBAAqB;AAAA,MAC7B,OAAO,oBAAoB;AAAA,IAC7B;AAGA,UAAM,UAAU,iBAAiB,UAAU;AAG3C,UAAM,kBAAkB,KAAK,UAAU,UAAU;AACjD,UAAM,OAAO,eAAe,eAAe;AAE3C,UAAM,cAAiC;AAAA,MACrC;AAAA,MACA,WAAW,KAAK,IAAI;AAAA,MACpB;AAAA,MACA;AAAA,IACF;AAGA,kBAAc,QAAQ,sBAAsB,KAAK,UAAU,WAAW,CAAC;AAEvE,WAAO;AAAA,EACT,SAAS,OAAO;AACd,WAAO,4BAA4B;AAAA,EACrC;AACF;AAKO,SAAS,0BACd,mBACA,oBAKA;AACA,QAAM,UAAoB,CAAC;AAC3B,MAAI,qBAAqB;AACzB,QAAM,kBAAkB,OAAO,KAAK,kBAAkB,UAAU,EAAE;AAGlE,SAAO,QAAQ,kBAAkB,UAAU,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACrE,QAAI,mBAAmB,WAAW,GAAiD,MAAM,OAAO;AAC9F;AAAA,IACF,OAAO;AACL,cAAQ,KAAK,uBAAuB,GAAG,EAAE;AAAA,IAC3C;AAAA,EACF,CAAC;AAGD,QAAM,aAAc,qBAAqB,kBAAmB;AAG5D,QAAM,UAAU,cAAc;AAG9B,QAAM,WAAW,mBAAmB,YAAY,kBAAkB;AAClE,QAAM,SAAS,KAAK,KAAK,KAAK,KAAK;AAEnC,MAAI,WAAW,QAAQ;AACrB,YAAQ,KAAK,qBAAqB;AAClC,WAAO,EAAE,SAAS,OAAO,YAAY,QAAQ;AAAA,EAC/C;AAEA,MAAI,aAAa,IAAI;AACnB,YAAQ,KAAK,wCAAwC;AAAA,EACvD;AAEA,SAAO,EAAE,SAAS,YAAY,QAAQ;AACxC;AAKA,SAAS,uBAA+B;AACtC,MAAI;AACF,UAAM,SAAS,SAAS,cAAc,QAAQ;AAC9C,UAAM,MAAM,OAAO,WAAW,IAAI;AAElC,QAAI,CAAC,IAAK,QAAO;AAGjB,QAAI,eAAe;AACnB,QAAI,OAAO;AACX,QAAI,YAAY;AAChB,QAAI,SAAS,KAAK,GAAG,IAAI,EAAE;AAC3B,QAAI,YAAY;AAChB,QAAI,SAAS,gCAAyB,GAAG,EAAE;AAC3C,QAAI,YAAY;AAChB,QAAI,SAAS,gCAAyB,GAAG,EAAE;AAE3C,UAAM,UAAU,OAAO,UAAU;AACjC,WAAO,eAAe,OAAO;AAAA,EAC/B,SAAS,OAAO;AACd,WAAO;AAAA,EACT;AACF;AAKA,SAAS,sBAA8B;AACrC,MAAI;AACF,UAAM,SAAS,SAAS,cAAc,QAAQ;AAC9C,UAAM,KAAK,OAAO,WAAW,OAAO,KAAK,OAAO,WAAW,oBAAoB;AAE/E,QAAI,CAAC,GAAI,QAAO;AAEhB,UAAM,YAAY,GAAG,aAAa,2BAA2B;AAC7D,QAAI,CAAC,UAAW,QAAO;AAEvB,UAAM,SAAS,GAAG,aAAa,UAAU,qBAAqB;AAC9D,UAAM,WAAW,GAAG,aAAa,UAAU,uBAAuB;AAElE,WAAO,GAAG,MAAM,IAAI,QAAQ;AAAA,EAC9B,SAAS,OAAO;AACd,WAAO;AAAA,EACT;AACF;AAKA,SAAS,qBAA6B;AACpC,QAAM,KAAK,UAAU;AACrB,SAAO,eAAe,EAAE,EAAE,UAAU,GAAG,EAAE;AAC3C;AAKA,SAAS,iBAAiB,YAA4C;AACpE,QAAM,SAAS,OAAO,OAAO,UAAU,EAAE,KAAK,EAAE;AAChD,QAAM,aAAa,oBAAI,IAAoB;AAE3C,aAAW,QAAQ,QAAQ;AACzB,eAAW,IAAI,OAAO,WAAW,IAAI,IAAI,KAAK,KAAK,CAAC;AAAA,EACtD;AAEA,MAAI,UAAU;AACd,aAAW,SAAS,WAAW,OAAO,GAAG;AACvC,UAAM,cAAc,QAAQ,OAAO;AACnC,eAAW,cAAc,KAAK,KAAK,WAAW;AAAA,EAChD;AAEA,SAAO;AACT;AAKA,SAAS,eAAe,KAAqB;AAC3C,MAAI,OAAO;AACX,WAAS,IAAI,GAAG,IAAI,IAAI,QAAQ,KAAK;AACnC,UAAM,OAAO,IAAI,WAAW,CAAC;AAC7B,YAAS,QAAQ,KAAK,OAAQ;AAC9B,WAAO,OAAO;AAAA,EAChB;AACA,SAAO,KAAK,IAAI,IAAI,EAAE,SAAS,EAAE;AACnC;AAKA,SAAS,8BAAiD;AACxD,QAAM,aAAa;AAAA,IACjB,WAAW;AAAA,IACX,UAAU;AAAA,IACV,UAAU;AAAA,IACV,QAAQ;AAAA,IACR,UAAU;AAAA,EACZ;AAEA,SAAO;AAAA,IACL,MAAM,YAAY,KAAK,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,SAAS,EAAE,CAAC;AAAA,IAC1D,WAAW,KAAK,IAAI;AAAA,IACpB;AAAA,IACA,SAAS;AAAA;AAAA,EACX;AACF;;;AC5JO,SAAS,kBAAkB,QAA8B;AAC9D,MAAI,CAAC,UAAU,OAAO,OAAO,QAAQ,YAAY,OAAO,OAAO,QAAQ,UAAU;AAC/E,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,SAAS,OAAO,GAAG,KAAK,CAAC,SAAS,OAAO,GAAG,GAAG;AAClD,WAAO;AAAA,EACT;AAEA,SAAO,GAAG,OAAO,IAAI,QAAQ,CAAC,CAAC,KAAK,OAAO,IAAI,QAAQ,CAAC,CAAC;AAC3D;AAeO,SAAS,oBAAoB,QAAkD;AACpF,MAAI,CAAC,QAAQ;AACX,WAAO;AAAA,EACT;AAEA,QAAM,EAAE,KAAK,IAAI,IAAI;AAErB,MAAI,OAAO,QAAQ,YAAY,OAAO,QAAQ,UAAU;AACtD,WAAO;AAAA,EACT;AAEA,MAAI,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,GAAG,GAAG;AACpC,WAAO;AAAA,EACT;AAGA,MAAI,MAAM,OAAO,MAAM,IAAI;AACzB,WAAO;AAAA,EACT;AAGA,MAAI,MAAM,QAAQ,MAAM,KAAK;AAC3B,WAAO;AAAA,EACT;AAEA,SAAO;AACT;AAkBO,SAAS,oBACd,SACA,SACA,YAAoB,MACX;AAET,MAAI,CAAC,WAAW,CAAC,SAAS;AACxB,WAAO;AAAA,EACT;AAGA,MAAI,CAAC,WAAW,CAAC,SAAS;AACxB,WAAO;AAAA,EACT;AAGA,MAAI,CAAC,oBAAoB,OAAO,KAAK,CAAC,oBAAoB,OAAO,GAAG;AAClE,WAAO;AAAA,EACT;AAGA,QAAM,UAAU;AAChB,QAAM,UAAU,KAAK,IAAI,QAAQ,MAAM,QAAQ,GAAG;AAClD,QAAM,UAAU,KAAK,IAAI,QAAQ,MAAM,QAAQ,GAAG;AAElD,SAAO,WAAW,YAAY,WAAW,WAAW,YAAY;AAClE;AAcO,SAAS,iBAAiB,QAA8B;AAC7D,MAAI,CAAC,UAAU,CAAC,oBAAoB,MAAM,GAAG;AAC3C,WAAO;AAAA,EACT;AAEA,SAAO,mDAAmD,OAAO,GAAG,IAAI,OAAO,GAAG;AACpF;","names":["z","emailSchema","nameSchema","phoneSchema","urlSchema","dateSchema","secureLoginSchema","emailSchema","z","passwordSchema","nameSchema","phoneSchema","urlSchema","z","z","userProfileSchema","z","PermissionType","logSecurityEvent"]}

package/docs/api/classes/ColumnFactory.md CHANGED Viewed

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.186](../README.md) / [Exports](../modules.md) / ColumnFactory
+[@jmruthers/pace-core - v0.5.187](../README.md) / [Exports](../modules.md) / ColumnFactory
 # Class: ColumnFactory\<TData\>

package/docs/api/classes/ErrorBoundary.md CHANGED Viewed

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.186](../README.md) / [Exports](../modules.md) / ErrorBoundary
+[@jmruthers/pace-core - v0.5.187](../README.md) / [Exports](../modules.md) / ErrorBoundary
 # Class: ErrorBoundary

package/docs/api/classes/InvalidScopeError.md CHANGED Viewed

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.186](../README.md) / [Exports](../modules.md) / InvalidScopeError
+[@jmruthers/pace-core - v0.5.187](../README.md) / [Exports](../modules.md) / InvalidScopeError
 # Class: InvalidScopeError

package/docs/api/classes/Logger.md CHANGED Viewed

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.186](../README.md) / [Exports](../modules.md) / Logger
+[@jmruthers/pace-core - v0.5.187](../README.md) / [Exports](../modules.md) / Logger
 # Class: Logger

package/docs/api/classes/MissingUserContextError.md CHANGED Viewed

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.186](../README.md) / [Exports](../modules.md) / MissingUserContextError
+[@jmruthers/pace-core - v0.5.187](../README.md) / [Exports](../modules.md) / MissingUserContextError
 # Class: MissingUserContextError

package/docs/api/classes/OrganisationContextRequiredError.md CHANGED Viewed

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.186](../README.md) / [Exports](../modules.md) / OrganisationContextRequiredError
+[@jmruthers/pace-core - v0.5.187](../README.md) / [Exports](../modules.md) / OrganisationContextRequiredError
 # Class: OrganisationContextRequiredError

package/docs/api/classes/PermissionDeniedError.md CHANGED Viewed

@@ -1,4 +1,4 @@
-[@jmruthers/pace-core - v0.5.186](../README.md) / [Exports](../modules.md) / PermissionDeniedError
+[@jmruthers/pace-core - v0.5.187](../README.md) / [Exports](../modules.md) / PermissionDeniedError
 # Class: PermissionDeniedError