npm - @kya-os/agentshield-nextjs - Versions diffs - 0.3.3 → 0.3.5 - Mend

@kya-os/agentshield-nextjs 0.3.3 → 0.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/README.md +21 -369
package/index.js +9 -0
package/package.json +7 -141
package/EDGE_RUNTIME_WASM_SETUP.md +0 -348
package/bin/setup-edge-wasm.js +0 -525
package/dist/.tsbuildinfo +0 -1
package/dist/api-client.d.mts +0 -196
package/dist/api-client.d.ts +0 -196
package/dist/api-client.js +0 -200
package/dist/api-client.js.map +0 -1
package/dist/api-client.mjs +0 -196
package/dist/api-client.mjs.map +0 -1
package/dist/api-middleware.d.mts +0 -140
package/dist/api-middleware.d.ts +0 -140
package/dist/api-middleware.js +0 -511
package/dist/api-middleware.js.map +0 -1
package/dist/api-middleware.mjs +0 -508
package/dist/api-middleware.mjs.map +0 -1
package/dist/create-middleware.d.mts +0 -17
package/dist/create-middleware.d.ts +0 -17
package/dist/create-middleware.js +0 -1381
package/dist/create-middleware.js.map +0 -1
package/dist/create-middleware.mjs +0 -1358
package/dist/create-middleware.mjs.map +0 -1
package/dist/edge/index.d.mts +0 -110
package/dist/edge/index.d.ts +0 -110
package/dist/edge/index.js +0 -277
package/dist/edge/index.js.map +0 -1
package/dist/edge/index.mjs +0 -275
package/dist/edge/index.mjs.map +0 -1
package/dist/edge-detector-wrapper.d.mts +0 -34
package/dist/edge-detector-wrapper.d.ts +0 -34
package/dist/edge-detector-wrapper.js +0 -596
package/dist/edge-detector-wrapper.js.map +0 -1
package/dist/edge-detector-wrapper.mjs +0 -574
package/dist/edge-detector-wrapper.mjs.map +0 -1
package/dist/edge-runtime-loader.d.mts +0 -50
package/dist/edge-runtime-loader.d.ts +0 -50
package/dist/edge-runtime-loader.js +0 -204
package/dist/edge-runtime-loader.js.map +0 -1
package/dist/edge-runtime-loader.mjs +0 -201
package/dist/edge-runtime-loader.mjs.map +0 -1
package/dist/edge-wasm-middleware.d.mts +0 -68
package/dist/edge-wasm-middleware.d.ts +0 -68
package/dist/edge-wasm-middleware.js +0 -318
package/dist/edge-wasm-middleware.js.map +0 -1
package/dist/edge-wasm-middleware.mjs +0 -315
package/dist/edge-wasm-middleware.mjs.map +0 -1
package/dist/enhanced-middleware.d.mts +0 -153
package/dist/enhanced-middleware.d.ts +0 -153
package/dist/enhanced-middleware.js +0 -1082
package/dist/enhanced-middleware.js.map +0 -1
package/dist/enhanced-middleware.mjs +0 -1080
package/dist/enhanced-middleware.mjs.map +0 -1
package/dist/index.d.mts +0 -24
package/dist/index.d.ts +0 -24
package/dist/index.js +0 -2717
package/dist/index.js.map +0 -1
package/dist/index.mjs +0 -2662
package/dist/index.mjs.map +0 -1
package/dist/middleware.d.mts +0 -21
package/dist/middleware.d.ts +0 -21
package/dist/middleware.js +0 -1362
package/dist/middleware.js.map +0 -1
package/dist/middleware.mjs +0 -1339
package/dist/middleware.mjs.map +0 -1
package/dist/nodejs-wasm-loader.d.mts +0 -25
package/dist/nodejs-wasm-loader.d.ts +0 -25
package/dist/nodejs-wasm-loader.js +0 -78
package/dist/nodejs-wasm-loader.js.map +0 -1
package/dist/nodejs-wasm-loader.mjs +0 -68
package/dist/nodejs-wasm-loader.mjs.map +0 -1
package/dist/policy.d.mts +0 -162
package/dist/policy.d.ts +0 -162
package/dist/policy.js +0 -189
package/dist/policy.js.map +0 -1
package/dist/policy.mjs +0 -165
package/dist/policy.mjs.map +0 -1
package/dist/session-tracker.d.mts +0 -55
package/dist/session-tracker.d.ts +0 -55
package/dist/session-tracker.js +0 -170
package/dist/session-tracker.js.map +0 -1
package/dist/session-tracker.mjs +0 -167
package/dist/session-tracker.mjs.map +0 -1
package/dist/signature-verifier.d.mts +0 -33
package/dist/signature-verifier.d.ts +0 -33
package/dist/signature-verifier.js +0 -386
package/dist/signature-verifier.js.map +0 -1
package/dist/signature-verifier.mjs +0 -362
package/dist/signature-verifier.mjs.map +0 -1
package/dist/types-DVmy9NE3.d.mts +0 -105
package/dist/types-DVmy9NE3.d.ts +0 -105
package/dist/wasm-middleware.d.mts +0 -63
package/dist/wasm-middleware.d.ts +0 -63
package/dist/wasm-middleware.js +0 -98
package/dist/wasm-middleware.js.map +0 -1
package/dist/wasm-middleware.mjs +0 -95
package/dist/wasm-middleware.mjs.map +0 -1
package/dist/wasm-setup.d.mts +0 -46
package/dist/wasm-setup.d.ts +0 -46
package/dist/wasm-setup.js +0 -157
package/dist/wasm-setup.js.map +0 -1
package/dist/wasm-setup.mjs +0 -148
package/dist/wasm-setup.mjs.map +0 -1
package/templates/middleware-wasm-100.ts +0 -151
package/wasm/agentshield_wasm.d.ts +0 -479
package/wasm/agentshield_wasm.js +0 -1536
package/wasm/agentshield_wasm_bg.wasm +0 -0
package/wasm/package.json +0 -30
package/wasm.d.ts +0 -21

package/dist/edge-detector-wrapper.mjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/signature-verifier.ts","../src/edge-detector-wrapper.ts"],"names":["now"],"mappings":";;;;;AAaQ,OAAA,CAAA,GAAA,CAAI,UAAA,GAAa,IAAI,CAAA,KAAM,MAAA,CAAe,YAAI,WAAA,CAAY,GAAG,CAAC,CAAC,CAAA;AAcvE,IAAM,UAAA,GAAa;AAAA,EACjB,OAAA,EAAS;AAAA,IACP;AAAA,MACE,GAAA,EAAK,6CAAA;AAAA;AAAA;AAAA,MAGL,SAAA,EAAW,6CAAA;AAAA,MACX,SAAA,EAAW,UAAA;AAAA;AAAA,MACX,UAAA,EAAY;AAAA;AAAA;AACd;AAEJ,CAAA;AAeA,IAAM,QAAA,uBAAe,GAAA,EAAwB;AAC7C,IAAM,YAAA,GAAe,IAAI,EAAA,GAAK,GAAA;AAC9B,IAAM,cAAA,GAAiB,GAAA;AAMvB,SAAS,aAAA,GAAwB;AAC/B,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAEjC,IAAA,OAAO,eAAA;AAAA,EACT;AAIA,EAAA,MAAM,UACJ,OAAA,CAAQ,GAAA,CAAI,mBAAA,IACZ,OAAA,CAAQ,IAAI,mBAAA,IACZ,OAAA,CAAQ,GAAA,CAAI,OAAA,KACX,QAAQ,GAAA,CAAI,UAAA,GAAa,WAAW,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA,CAAA,GAAK,IAAA,CAAA;AAElE,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA,GAAI,eAAA;AAAA,EACtC;AAKA,EAAA,IAAI,OAAA,CAAQ,GAAA,CAAI,QAAA,KAAa,YAAA,EAAc;AACzC,IAAA,OAAA,CAAQ,IAAA;AAAA,MACN;AAAA,KACF;AACA,IAAA,OAAO,oCAAA;AAAA,EACT;AAGA,EAAA,OAAA,CAAQ,KAAA;AAAA,IACN;AAAA,GACF;AACA,EAAA,OAAO,eAAA;AACT;AAOA,SAAS,mBAAA,GAA4B;AACnC,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,MAAM,kBAA4B,EAAC;AAGnC,EAAA,KAAA,MAAW,CAAC,KAAA,EAAO,MAAM,CAAA,IAAK,QAAA,CAAS,SAAQ,EAAG;AAChD,IAAA,IAAI,GAAA,GAAM,MAAA,CAAO,QAAA,GAAW,YAAA,EAAc;AACxC,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B;AAAA,EACF;AAEA,EAAA,KAAA,MAAW,SAAS,eAAA,EAAiB;AACnC,IAAA,QAAA,CAAS,OAAO,KAAK,CAAA;AAAA,EACvB;AAGA,EAAA,IAAI,QAAA,CAAS,OAAO,cAAA,EAAgB;AAElC,IAAA,MAAM,OAAA,GAAU,KAAA,CAAM,IAAA,CAAK,QAAA,CAAS,OAAA,EAAS,CAAA,CAAE,GAAA,CAAI,CAAC,CAAC,KAAA,EAAO,MAAM,CAAA,MAAO;AAAA,MACvE,KAAA;AAAA,MACA,UAAU,MAAA,CAAO;AAAA,KACnB,CAAE,CAAA;AAGF,IAAA,OAAA,CAAQ,KAAK,CAAC,CAAA,EAAG,MAAM,CAAA,CAAE,QAAA,GAAW,EAAE,QAAQ,CAAA;AAG9C,IAAA,MAAM,WAAW,OAAA,CAAQ,KAAA,CAAM,CAAA,EAAG,QAAA,CAAS,OAAO,cAAc,CAAA;AAChE,IAAA,KAAA,MAAW,SAAS,QAAA,EAAU;AAC5B,MAAA,QAAA,CAAS,MAAA,CAAO,MAAM,KAAK,CAAA;AAAA,IAC7B;AAAA,EACF;AACF;AAKA,eAAe,iBAAiB,KAAA,EAKrB;AAET,EAAA,IAAI,QAAA,CAAS,OAAO,cAAA,EAAgB;AAClC,IAAA,mBAAA,EAAoB;AAAA,EACtB;AAGA,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,GAAA,CAAI,KAAK,CAAA;AACjC,EAAA,IAAI,UAAU,IAAA,CAAK,GAAA,EAAI,GAAI,MAAA,CAAO,WAAW,YAAA,EAAc;AACzD,IAAA,OAAO,MAAA,CAAO,IAAA;AAAA,EAChB;AAGA,EAAA,IAAI,OAAO,UAAU,WAAA,EAAa;AAChC,IAAA,OAAA,CAAQ,KAAK,uDAAuD,CAAA;AACpE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,aAAa,aAAA,EAAc;AACjC,IAAA,MAAM,MAAM,CAAA,EAAG,UAAU,CAAA,sBAAA,EAAyB,kBAAA,CAAmB,KAAK,CAAC,CAAA,CAAA;AAE3E,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,GAAA,EAAK;AAAA,MAChC,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB;AAAA,OAClB;AAAA;AAAA,MAEA,MAAA,EAAQ,WAAA,CAAY,OAAA,CAAQ,GAAI;AAAA,KACjC,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,2CAAA,EAA8C,QAAA,CAAS,MAAM,CAAA,CAAE,CAAA;AAC5E,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,IAAA,IAAI,CAAC,IAAA,CAAK,IAAA,IAAQ,CAAC,KAAA,CAAM,OAAA,CAAQ,IAAA,CAAK,IAAI,CAAA,IAAK,IAAA,CAAK,IAAA,CAAK,MAAA,KAAW,CAAA,EAAG;AACrE,MAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,iDAAA,EAAoD,KAAK,CAAA,CAAE,CAAA;AACxE,MAAA,OAAO,IAAA;AAAA,IACT;AAGA,IAAA,QAAA,CAAS,IAAI,KAAA,EAAO;AAAA,MAClB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,QAAA,EAAU,KAAK,GAAA;AAAI,KACpB,CAAA;AAED,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAK,0DAAA,EAA4D;AAAA,MACvE,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,eAAA;AAAA,MAChD;AAAA,KACD,CAAA;AACD,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAKA,SAAS,aAAa,KAAA,EAAiD;AACrE,EAAA,OAAO,KAAA,IAAS,UAAA;AAClB;AAKA,eAAe,gBAAgB,KAAA,EAO7B;AAEA,EAAA,MAAM,OAAA,GAAU,MAAM,gBAAA,CAAiB,KAAK,CAAA;AAC5C,EAAA,IAAI,OAAA,IAAW,OAAA,CAAQ,MAAA,GAAS,CAAA,EAAG;AACjC,IAAA,OAAO,OAAA;AAAA,EACT;AAGA,EAAA,IAAI,YAAA,CAAa,KAAK,CAAA,EAAG;AACvB,IAAA,OAAO,WAAW,KAAK,CAAA;AAAA,EACzB;AAEA,EAAA,OAAO,EAAC;AACV;AAKA,SAAS,oBAAoB,cAAA,EAKpB;AACP,EAAA,IAAI;AAEF,IAAA,MAAM,KAAA,GAAQ,cAAA,CAAe,KAAA,CAAM,qBAAqB,CAAA;AACxD,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AAEnB,IAAA,MAAM,GAAG,WAAA,EAAa,MAAM,CAAA,GAAI,KAAA;AAGhC,IAAA,MAAM,aAAA,GAAgB,WAAA,GAClB,WAAA,CACG,KAAA,CAAM,GAAG,EACT,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA,CAAE,IAAA,EAAM,CAAA,CACrC,MAAA,CAAO,CAAC,MAAM,CAAA,CAAE,MAAA,GAAS,CAAC,CAAA,GAC7B,EAAC;AAGL,IAAA,MAAM,UAAA,GAAa,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,iBAAiB,CAAA,GAAI,IAAA;AAC9D,IAAA,MAAM,YAAA,GAAe,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,eAAe,CAAA,GAAI,IAAA;AAC9D,IAAA,MAAM,YAAA,GAAe,MAAA,GAAS,MAAA,CAAO,KAAA,CAAM,eAAe,CAAA,GAAI,IAAA;AAE9D,IAAA,IAAI,CAAC,UAAA,IAAc,CAAC,UAAA,CAAW,CAAC,GAAG,OAAO,IAAA;AAE1C,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,WAAW,CAAC,CAAA;AAAA,MACnB,OAAA,EAAS,gBAAgB,YAAA,CAAa,CAAC,IAAI,QAAA,CAAS,YAAA,CAAa,CAAC,CAAC,CAAA,GAAI,KAAA,CAAA;AAAA,MACvE,OAAA,EAAS,gBAAgB,YAAA,CAAa,CAAC,IAAI,QAAA,CAAS,YAAA,CAAa,CAAC,CAAC,CAAA,GAAI,KAAA,CAAA;AAAA,MACvE;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,gDAAgD,KAAK,CAAA;AACnE,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAMA,SAAS,kBAAA,CACP,MAAA,EACA,IAAA,EACA,OAAA,EACA,aAAA,EACQ;AACR,EAAA,MAAM,aAAuB,EAAC;AAE9B,EAAA,KAAA,MAAW,cAAc,aAAA,EAAe;AACtC,IAAA,IAAI,KAAA;AAEJ,IAAA,QAAQ,UAAA;AAAY,MAClB,KAAK,SAAA;AACH,QAAA,KAAA,GAAQ,OAAO,WAAA,EAAY;AAC3B,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,KAAA,GAAQ,IAAA;AACR,QAAA;AAAA,MACF,KAAK,YAAA;AAEH,QAAA,KAAA,GAAQ,OAAA,CAAQ,MAAM,CAAA,IAAK,OAAA,CAAQ,MAAM,CAAA,IAAK,EAAA;AAC9C,QAAA;AAAA,MACF,SAAS;AAEP,QAAA,MAAM,GAAA,GAAM,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,CAAE,IAAA,CAAK,CAAC,CAAA,KAAM,CAAA,CAAE,WAAA,EAAY,KAAM,UAAA,CAAW,aAAa,CAAA;AACzF,QAAA,KAAA,GAAQ,GAAA,GAAM,OAAA,CAAQ,GAAG,CAAA,IAAK,EAAA,GAAK,EAAA;AACnC,QAAA;AAAA,MACF;AAAA;AAIF,IAAA,UAAA,CAAW,IAAA,CAAK,CAAA,CAAA,EAAI,UAAU,CAAA,GAAA,EAAM,KAAK,CAAA,CAAE,CAAA;AAAA,EAC7C;AAEA,EAAA,OAAO,UAAA,CAAW,KAAK,IAAI,CAAA;AAC7B;AAMA,SAAS,cAAc,MAAA,EAA4B;AAEjD,EAAA,IAAI,cAAA,GAAiB,OAAO,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAGhE,EAAA,MAAM,OAAA,GAAU,eAAe,MAAA,GAAS,CAAA;AACxC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,cAAA,IAAkB,GAAA,CAAI,MAAA,CAAO,CAAA,GAAI,OAAO,CAAA;AAAA,EAC1C;AAEA,EAAA,MAAM,YAAA,GAAe,KAAK,cAAc,CAAA;AACxC,EAAA,OAAO,UAAA,CAAW,KAAK,YAAA,EAAc,CAAC,MAAM,CAAA,CAAE,UAAA,CAAW,CAAC,CAAC,CAAA;AAC7D;AAMA,eAAe,sBAAA,CACb,eAAA,EACA,eAAA,EACA,OAAA,EACkB;AAClB,EAAA,IAAI;AAEF,IAAA,MAAM,cAAA,GAAiB,cAAc,eAAe,CAAA;AACpD,IAAA,MAAM,cAAA,GAAiB,cAAc,eAAe,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,IAAI,WAAA,EAAY,CAAE,OAAO,OAAO,CAAA;AAGrD,IAAA,IAAI,cAAA,CAAe,WAAW,EAAA,EAAI;AAChC,MAAA,OAAA,CAAQ,KAAA,CAAM,wCAAA,EAA0C,cAAA,CAAe,MAAM,CAAA;AAC7E,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,IAAI,cAAA,CAAe,WAAW,EAAA,EAAI;AAChC,MAAA,OAAA,CAAQ,KAAA,CAAM,uCAAA,EAAyC,cAAA,CAAe,MAAM,CAAA;AAC5E,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,OAAe,OAAA,CAAA,MAAA,CAAO,cAAA,EAAgB,YAAA,EAAc,cAAc,CAAA;AAAA,EACpE,SAAS,UAAA,EAAY;AACnB,IAAA,OAAA,CAAQ,IAAA,CAAK,kEAAkE,UAAU,CAAA;AAGzF,IAAA,IAAI;AACF,MAAA,MAAM,cAAA,GAAiB,cAAc,eAAe,CAAA;AACpD,MAAA,MAAM,cAAA,GAAiB,cAAc,eAAe,CAAA;AACpD,MAAA,MAAM,YAAA,GAAe,IAAI,WAAA,EAAY,CAAE,OAAO,OAAO,CAAA;AAErD,MAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,QACpC,KAAA;AAAA,QACA,cAAA,CAAe,MAAA;AAAA,QACf;AAAA,UACE,IAAA,EAAM,SAAA;AAAA,UACN,UAAA,EAAY;AAAA,SACd;AAAA,QACA,KAAA;AAAA,QACA,CAAC,QAAQ;AAAA,OACX;AAEA,MAAA,OAAO,MAAM,OAAO,MAAA,CAAO,MAAA;AAAA,QACzB,SAAA;AAAA,QACA,SAAA;AAAA,QACA,cAAA,CAAe,MAAA;AAAA,QACf;AAAA,OACF;AAAA,IACF,SAAS,WAAA,EAAa;AACpB,MAAA,OAAA,CAAQ,MAAM,wDAAA,EAA0D;AAAA,QACtE,UAAA,EAAY,UAAA,YAAsB,KAAA,GAAQ,UAAA,CAAW,OAAA,GAAU,SAAA;AAAA,QAC/D,WAAA,EAAa,WAAA,YAAuB,KAAA,GAAQ,WAAA,CAAY,OAAA,GAAU;AAAA,OACnE,CAAA;AACD,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AACF;AAiBA,eAAsB,oBAAA,CACpB,MAAA,EACA,IAAA,EACA,OAAA,EACsC;AAEtC,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,WAAW,CAAA,IAAK,QAAQ,WAAW,CAAA;AAC7D,EAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,iBAAiB,CAAA,IAAK,QAAQ,iBAAiB,CAAA;AAC9E,EAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,iBAAiB,CAAA,IAAK,QAAQ,iBAAiB,CAAA;AAG9E,EAAA,IAAI,CAAC,SAAA,IAAa,CAAC,cAAA,EAAgB;AACjC,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,UAAA,EAAY,CAAA;AAAA,MACZ,MAAA,EAAQ,8BAAA;AAAA,MACR,kBAAA,EAAoB;AAAA,KACtB;AAAA,EACF;AAGA,EAAA,MAAM,MAAA,GAAS,oBAAoB,cAAc,CAAA;AACjD,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,UAAA,EAAY,CAAA;AAAA,MACZ,MAAA,EAAQ,gCAAA;AAAA,MACR,kBAAA,EAAoB;AAAA,KACtB;AAAA,EACF;AAGA,EAAA,IAAI,OAAO,OAAA,EAAS;AAClB,IAAA,MAAMA,OAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,GAAA,GAAMA,OAAM,MAAA,CAAO,OAAA;AAGzB,IAAA,IAAI,MAAM,GAAA,EAAK;AACb,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,UAAA,EAAY,CAAA;AAAA,QACZ,MAAA,EAAQ,0CAAA;AAAA,QACR,kBAAA,EAAoB;AAAA,OACtB;AAAA,IACF;AAGA,IAAA,IAAI,MAAM,GAAA,EAAK;AACb,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,UAAA,EAAY,CAAA;AAAA,QACZ,MAAA,EAAQ,sCAAA;AAAA,QACR,kBAAA,EAAoB;AAAA,OACtB;AAAA,IACF;AAAA,EACF;AAGA,EAAA,IAAI,KAAA;AACJ,EAAA,IAAI,QAAA;AAGJ,EAAA,MAAM,SAAA,GACJ,cAAA,KAAmB,uBAAA,IAAA,CAClB,MAAM;AACL,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,cAAA,EAAgB,QAAQ,QAAA,EAAU,EAAE,KAAK,EAAE,CAAA;AAC/D,MAAA,OAAO,IAAI,QAAA,KAAa,aAAA,IAAiB,GAAA,CAAI,QAAA,CAAS,SAAS,cAAc,CAAA;AAAA,IAC/E,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF,CAAA,GAAG;AAEL,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,KAAA,GAAQ,SAAA;AACR,IAAA,QAAA,GAAW,SAAA;AAAA,EACb;AAGA,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,QAAA,EAAU;AACvB,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,UAAA,EAAY,CAAA;AAAA,MACZ,MAAA,EAAQ,yBAAA;AAAA,MACR,kBAAA,EAAoB;AAAA,KACtB;AAAA,EACF;AAGA,EAAA,MAAM,SAAA,GAAY,MAAM,eAAA,CAAgB,QAAQ,CAAA;AAEhD,EAAA,IAAI,SAAA,CAAU,WAAW,CAAA,EAAG;AAC1B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,UAAA,EAAY,CAAA;AAAA,MACZ,MAAA,EAAQ,6BAAA;AAAA,MACR,kBAAA,EAAoB;AAAA,KACtB;AAAA,EACF;AAGA,EAAA,MAAM,GAAA,GAAM,UAAU,IAAA,CAAK,CAAC,MAAM,CAAA,CAAE,GAAA,KAAQ,OAAO,KAAK,CAAA;AACxD,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,UAAA,EAAY,CAAA;AAAA,MACZ,MAAA,EAAQ,CAAA,gBAAA,EAAmB,MAAA,CAAO,KAAK,CAAA,CAAA;AAAA,MACvC,kBAAA,EAAoB;AAAA,KACtB;AAAA,EACF;AAGA,EAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,EAAA,IAAI,GAAA,GAAM,GAAA,CAAI,SAAA,IAAa,GAAA,GAAM,IAAI,UAAA,EAAY;AAC/C,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,UAAA,EAAY,CAAA;AAAA,MACZ,MAAA,EAAQ,kCAAA;AAAA,MACR,kBAAA,EAAoB;AAAA,KACtB;AAAA,EACF;AAGA,EAAA,MAAM,gBAAgB,kBAAA,CAAmB,MAAA,EAAQ,IAAA,EAAM,OAAA,EAAS,OAAO,aAAa,CAAA;AAGpF,EAAA,IAAI,cAAA,GAAiB,SAAA;AACrB,EAAA,IAAI,cAAA,CAAe,UAAA,CAAW,QAAQ,CAAA,EAAG;AACvC,IAAA,cAAA,GAAiB,cAAA,CAAe,UAAU,CAAC,CAAA;AAAA,EAC7C;AACA,EAAA,IAAI,cAAA,CAAe,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,IAAA,cAAA,GAAiB,cAAA,CAAe,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA;AAAA,EAC7C;AAGA,EAAA,MAAM,UAAU,MAAM,sBAAA,CAAuB,GAAA,CAAI,SAAA,EAAW,gBAAgB,aAAa,CAAA;AAEzF,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,IAAA;AAAA,MACT,KAAA;AAAA,MACA,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,UAAA,EAAY,CAAA;AAAA;AAAA,MACZ,kBAAA,EAAoB;AAAA,KACtB;AAAA,EACF,CAAA,MAAO;AACL,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,UAAA,EAAY,CAAA;AAAA,MACZ,MAAA,EAAQ,+BAAA;AAAA,MACR,kBAAA,EAAoB;AAAA,KACtB;AAAA,EACF;AACF;AAKO,SAAS,oBAAoB,OAAA,EAA0C;AAC5E,EAAA,OAAO,CAAC,EAAA,CACL,OAAA,CAAQ,WAAW,CAAA,IAAK,OAAA,CAAQ,WAAW,CAAA,MAC3C,OAAA,CAAQ,iBAAiB,CAAA,IAAK,OAAA,CAAQ,iBAAiB,CAAA,CAAA,CAAA;AAE5D;AAMO,SAAS,mBAAmB,OAAA,EAA0C;AAC3E,EAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,iBAAiB,CAAA,IAAK,QAAQ,iBAAiB,CAAA;AAE9E,EAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,WAAA,GAAc,cAAA,CAAe,OAAA,CAAQ,UAAA,EAAY,EAAE,CAAA;AAGzD,EAAA,IAAI,gBAAgB,qBAAA,EAAuB;AACzC,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,IAAI,GAAA,CAAI,WAAW,CAAA;AACpC,IAAA,MAAM,YAAA,GAAe,CAAC,aAAA,EAAe,iBAAiB,CAAA;AACtD,IAAA,OAAO,YAAA,CAAa,QAAA,CAAS,QAAA,CAAS,IAAI,CAAA;AAAA,EAC5C,CAAA,CAAA,MAAQ;AAEN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;ACzjBA,IAAM,QAAwB,aAAA,EAAc;AAK5C,IAAM,oBAAN,MAAwB;AAAA,EACd,KAAA;AAAA,EAER,WAAA,GAAc;AACZ,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA,EAEA,MAAM,QAAQ,KAAA,EAAiD;AAC7D,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,IAAI,aAAA;AACJ,IAAA,IAAI,kBAAA;AACJ,IAAA,IAAI,UAAA,GAAa,CAAA;AAEjB,IAAA,MAAM,OAAA,GAAU,KAAA,CAAM,OAAA,IAAW,EAAC;AAClC,IAAA,MAAM,oBAA4C,EAAC;AAGnD,IAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,OAAO,CAAA,EAAG;AAClD,MAAA,iBAAA,CAAkB,GAAA,CAAI,WAAA,EAAa,CAAA,GAAI,KAAA;AAAA,IACzC;AAGA,IAAA,IAAI,mBAAA,CAAoB,OAAO,CAAA,EAAG;AAChC,MAAA,IAAI;AAEF,QAAA,MAAM,kBAAkB,MAAM,oBAAA;AAAA,UAC5B,MAAM,MAAA,IAAU,KAAA;AAAA,UAChB,MAAM,GAAA,IAAO,GAAA;AAAA,UACb;AAAA,SACF;AAEA,QAAA,IAAI,gBAAgB,OAAA,EAAS;AAE3B,UAAA,UAAA,GAAa,gBAAgB,UAAA,GAAa,GAAA;AAC1C,UAAA,OAAA,CAAQ,KAAK,CAAA,mBAAA,EAAsB,eAAA,CAAgB,OAAO,WAAA,EAAY,IAAK,SAAS,CAAA,CAAE,CAAA;AACtF,UAAA,IAAI,gBAAgB,KAAA,EAAO;AACzB,YAAA,aAAA,GAAgB;AAAA,cACd,IAAA,EAAM,eAAA,CAAgB,KAAA,CAAM,WAAA,EAAY;AAAA,cACxC,MAAM,eAAA,CAAgB;AAAA,aACxB;AAAA,UACF;AACA,UAAA,kBAAA,GAAqB,eAAA,CAAgB,kBAAA;AAGrC,UAAA,IAAI,gBAAgB,KAAA,EAAO;AACzB,YAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,MAAA,EAAS,eAAA,CAAgB,KAAK,CAAA,CAAE,CAAA;AAAA,UAC/C;AAAA,QACF,CAAA,MAAO;AAEL,UAAA,OAAA,CAAQ,KAAK,oDAAA,EAAsD;AAAA,YACjE,QAAQ,eAAA,CAAgB,MAAA;AAAA,YACxB,OAAO,eAAA,CAAgB,KAAA;AAAA,YACvB,iBAAA,EAAmB,CAAC,CAAC,OAAA,CAAQ,iBAAiB,CAAA,IAAK,CAAC,CAAC,OAAA,CAAQ,iBAAiB,CAAA;AAAA,YAC9E,mBAAA,EAAqB,OAAA,CAAQ,iBAAiB,CAAA,IAAK,QAAQ,iBAAiB;AAAA,WAC7E,CAAA;AACD,UAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,EAAE,CAAA;AACpC,UAAA,OAAA,CAAQ,KAAK,mBAAmB,CAAA;AAChC,UAAA,IAAI,gBAAgB,MAAA,EAAQ;AAC1B,YAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,gBAAA,EAAmB,eAAA,CAAgB,MAAM,CAAA,CAAE,CAAA;AAAA,UAC1D;AAGA,UAAA,IAAI,kBAAA,CAAmB,OAAO,CAAA,EAAG;AAC/B,YAAA,OAAA,CAAQ,KAAK,gBAAgB,CAAA;AAC7B,YAAA,aAAA,GAAgB,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,sBAAA,EAAuB;AAAA,UAClE;AAAA,QACF;AAAA,MACF,SAAS,KAAA,EAAO;AAEd,QAAA,OAAA,CAAQ,KAAA,CAAM,qDAAqD,KAAK,CAAA;AACxE,QAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,EAAE,CAAA;AACpC,QAAA,OAAA,CAAQ,KAAK,8BAA8B,CAAA;AAAA,MAC7C;AAAA,IACF;AAIA,IAAA,MAAM,YAAY,KAAA,CAAM,SAAA,IAAa,KAAA,CAAM,OAAA,GAAU,YAAY,CAAA,IAAK,EAAA;AACtE,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,MAAM,mBAAmB,MAAA,CAAO,OAAA,CAAQ,IAAA,CAAK,KAAA,CAAM,MAAM,UAAU,CAAA;AAEnE,MAAA,MAAM,WAAA,GAAc,CAAC,aAAA,EAAe,WAAA,EAAa,kBAAkB,CAAA;AACnE,MAAA,MAAM,aAAA,GAAgB,gBAAA,CAAiB,IAAA,CAAK,CAAC,GAAG,CAAA,KAAM;AACpD,QAAA,MAAM,UAAA,GAAa,WAAA,CAAY,QAAA,CAAS,CAAA,CAAE,CAAC,CAAC,CAAA;AAC5C,QAAA,MAAM,UAAA,GAAa,WAAA,CAAY,QAAA,CAAS,CAAA,CAAE,CAAC,CAAC,CAAA;AAC5C,QAAA,IAAI,UAAA,IAAc,CAAC,UAAA,EAAY,OAAO,CAAA;AACtC,QAAA,IAAI,CAAC,UAAA,IAAc,UAAA,EAAY,OAAO,EAAA;AACtC,QAAA,OAAO,CAAA;AAAA,MACT,CAAC,CAAA;AAED,MAAA,KAAA,MAAW,CAAC,QAAA,EAAU,SAAS,CAAA,IAAK,aAAA,EAAe;AACjD,QAAA,MAAM,IAAA,GAAO,SAAA;AACb,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,QAAA,CAAS,IAAA,CAAK,CAAC,OAAA,KAAoB;AACtD,UAAA,MAAM,KAAA,GAAQ,IAAI,MAAA,CAAO,OAAA,EAAS,GAAG,CAAA;AACrC,UAAA,OAAO,KAAA,CAAM,KAAK,SAAS,CAAA;AAAA,QAC7B,CAAC,CAAA;AAED,QAAA,IAAI,OAAA,EAAS;AACX,UAAA,MAAM,SAAA,GAAY,IAAA,CAAK,YAAA,CAAa,QAAQ,CAAA;AAC5C,UAAA,MAAM,SAAA,GAAY,IAAA,CAAK,YAAA,CAAa,QAAQ,CAAA;AAE5C,UAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,IAAA,CAAK,aAAa,GAAG,CAAA;AACvD,UAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,cAAA,EAAiB,SAAS,CAAA,CAAE,CAAA;AACzC,UAAA,IAAI,CAAC,aAAA,EAAe;AAClB,YAAA,aAAA,GAAgB,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAU;AACnD,YAAA,kBAAA,GAAqB,SAAA;AAAA,UACvB;AACA,UAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAGA,IAAA,MAAM,iBAAA,GAAoB,IAAA,CAAK,KAAA,CAAM,KAAA,CAAM,OAAA,CAAQ,UAAA;AACnD,IAAA,MAAM,iBAAiB,iBAAA,CAAkB,MAAA;AAAA,MACvC,CAAC,UAAA,KAA2B,iBAAA,CAAkB,UAAA,CAAW,IAAA,CAAK,aAAa;AAAA,KAC7E;AAEA,IAAA,IAAI,cAAA,CAAe,SAAS,CAAA,EAAG;AAC7B,MAAA,MAAM,aAAA,GAAgB,IAAA,CAAK,GAAA,CAAI,GAAG,cAAA,CAAe,GAAA,CAAI,CAAC,CAAA,KAAkB,CAAA,CAAE,UAAA,GAAa,GAAG,CAAC,CAAA;AAC3F,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,aAAa,CAAA;AAC/C,MAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,WAAA,EAAc,cAAA,CAAe,MAAM,CAAA,CAAE,CAAA;AAAA,IACpD;AAGA,IAAA,MAAM,EAAA,GAAK,KAAA,CAAM,EAAA,IAAM,KAAA,CAAM,SAAA;AAC7B,IAAA,IAAI,EAAA,IAAM,CAAC,iBAAA,CAAkB,iBAAiB,KAAK,CAAC,iBAAA,CAAkB,WAAW,CAAA,EAAG;AAElF,MAAA,MAAM,QAAA,GACJ,WAAA,IAAe,IAAA,CAAK,KAAA,CAAM,KAAA,CAAM,QAAA,GAC5B,IAAA,CAAK,KAAA,CAAM,KAAA,CAAM,QAAA,CAAS,SAAA,GAC1B,IAAA,CAAK,MAAM,KAAA,CAAM,QAAA;AAEvB,MAAA,KAAA,MAAW,CAAC,QAAA,EAAU,MAAM,KAAK,MAAA,CAAO,OAAA,CAAQ,QAAQ,CAAA,EAAG;AAEzD,QAAA,IACE,CAAC,MAAA,IACD,OAAO,MAAA,KAAW,QAAA,IAClB,EAAE,QAAA,IAAY,MAAA,CAAA,IACd,CAAC,KAAA,CAAM,OAAA,CAAQ,MAAA,CAAO,MAAM,CAAA;AAE5B,UAAA;AAEF,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,CAAC,KAAA,KAAkB;AACpD,UAAA,MAAM,MAAA,GAAS,KAAA,CAAM,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AACjC,UAAA,MAAM,WAAA,GAAc,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACpC,UAAA,MAAM,OAAA,GAAU,EAAA,CAAG,KAAA,CAAM,GAAG,CAAA;AAG5B,UAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,GAAA,CAAI,YAAY,MAAA,GAAS,CAAA,EAAG,CAAC,CAAA,EAAG,CAAA,EAAA,EAAK;AAC5D,YAAA,IAAI,WAAA,CAAY,CAAC,CAAA,KAAM,OAAA,CAAQ,CAAC,CAAA,IAAK,WAAA,CAAY,CAAC,CAAA,KAAM,GAAA,EAAK;AAC3D,cAAA,OAAO,KAAA;AAAA,YACT;AAAA,UACF;AACA,UAAA,OAAO,IAAA;AAAA,QACT,CAAC,CAAA;AAED,QAAA,IAAI,OAAA,EAAS;AACX,UAAA,MAAM,IAAA,GAAO,MAAA;AACb,UAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,IAAA,CAAK,aAAa,EAAE,CAAA;AACtD,UAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,eAAA,EAAkB,QAAQ,CAAA,CAAE,CAAA;AACzC,UAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAGA,IAAA,IAAI,OAAA,CAAQ,MAAA,GAAS,CAAA,IAAK,UAAA,GAAa,GAAA,EAAK;AAC1C,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,GAAa,GAAA,EAAK,EAAE,CAAA;AAAA,IAC5C;AAGA,IAAA,UAAA,GAAa,KAAK,GAAA,CAAI,IAAA,CAAK,IAAI,UAAA,EAAY,CAAC,GAAG,GAAG,CAAA;AAElD,IAAA,OAAO;AAAA,MACL,SAAS,UAAA,GAAa,EAAA;AAAA;AAAA,MACtB,UAAA;AAAA,MACA,gBACE,UAAA,GAAa,EAAA,IAAM,gBACf,EAAE,IAAA,EAAM,WAAoB,SAAA,EAAW,aAAA,CAAc,MAAK,GAC1D,UAAA,GAAa,KACX,EAAE,IAAA,EAAM,WAAmB,GAC3B,EAAE,MAAM,OAAA,EAAiB;AAAA,MACjC,SAAS,EAAC;AAAA;AAAA,MACV,GAAI,aAAA,IAAiB,EAAE,aAAA,EAAc;AAAA,MACrC,OAAA;AAAA,MACA,GAAI,kBAAA,IAAsB;AAAA,QACxB;AAAA,OAOF;AAAA,MACA,kBACE,kBAAA,KAAuB,WAAA,GAAc,KAAA,GAAQ,UAAA,GAAa,KAAK,QAAA,GAAW,MAAA;AAAA;AAAA,MAC5E,SAAA,sBAAe,IAAA;AAAK,KACtB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,aAAa,QAAA,EAA0B;AAC7C,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,aAAA,EAAe,QAAA;AAAA,MACf,gBAAA,EAAkB,WAAA;AAAA,MAClB,cAAA,EAAgB,YAAA;AAAA,MAChB,SAAA,EAAW,QAAA;AAAA,MACX,YAAA,EAAc,WAAA;AAAA,MACd,OAAA,EAAS,MAAA;AAAA,MACT,UAAA,EAAY,QAAA;AAAA,MACZ,eAAA,EAAiB,aAAA;AAAA,MACjB,WAAA,EAAa,SAAA;AAAA,MACb,SAAA,EAAW,KAAA;AAAA,MACX,gBAAA,EAAkB;AAAA,KACpB;AACA,IAAA,OAAO,OAAA,CAAQ,QAAQ,CAAA,IAAK,QAAA;AAAA,EAC9B;AAAA;AAAA;AAAA;AAAA,EAKQ,aAAa,QAAA,EAA0B;AAC7C,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,aAAA,EAAe,gBAAA;AAAA,MACf,gBAAA,EAAkB,QAAA;AAAA,MAClB,cAAA,EAAgB,YAAA;AAAA,MAChB,SAAA,EAAW,WAAA;AAAA,MACX,YAAA,EAAc,mBAAA;AAAA,MACd,OAAA,EAAS,SAAA;AAAA,MACT,UAAA,EAAY,QAAA;AAAA,MACZ,eAAA,EAAiB,aAAA;AAAA,MACjB,WAAA,EAAa,aAAA;AAAA,MACb,SAAA,EAAW,kBAAA;AAAA,MACX,gBAAA,EAAkB;AAAA,KACpB;AACA,IAAA,OAAO,OAAA,CAAQ,QAAQ,CAAA,IAAK,QAAA;AAAA,EAC9B;AACF,CAAA;AAKO,IAAM,2BAAN,MAA+B;AAAA,EAC5B,QAAA;AAAA,EACA,MAAA,uBAA0C,GAAA,EAAI;AAAA,EAEtD,YAAY,OAAA,EAAmB;AAE7B,IAAA,IAAA,CAAK,QAAA,GAAW,IAAI,iBAAA,EAAkB;AAAA,EACxC;AAAA,EAEA,MAAM,QAAQ,KAAA,EAAiD;AAC7D,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,QAAA,CAAS,QAAQ,KAAK,CAAA;AAGhD,IAAA,IAAI,OAAO,OAAA,IAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,EAAG;AACvD,MAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,gBAAgB,KAAK,EAAC;AACvD,MAAA,QAAA,CAAS,QAAQ,CAAC,OAAA,KAAY,OAAA,CAAQ,MAAA,EAAQ,KAAK,CAAC,CAAA;AAAA,IACtD;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA,EAEA,EAAA,CAAG,OAAe,OAAA,EAA6B;AAC7C,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,CAAA,EAAG;AAC3B,MAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAA,EAAO,EAAE,CAAA;AAAA,IAC3B;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,CAAA,CAAG,KAAK,OAAO,CAAA;AAAA,EACtC;AAAA,EAEA,IAAA,CAAK,UAAkB,IAAA,EAAuB;AAC5C,IAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,KAAK,EAAC;AAC5C,IAAA,QAAA,CAAS,QAAQ,CAAC,OAAA,KAAY,OAAA,CAAQ,GAAG,IAAI,CAAC,CAAA;AAAA,EAChD;AAAA,EAEA,MAAM,IAAA,GAAsB;AAE1B,IAAA;AAAA,EACF;AACF","file":"edge-detector-wrapper.mjs","sourcesContent":["/**\n * Ed25519 Signature Verification for HTTP Message Signatures\n * Implements proper cryptographic verification for ChatGPT and other agents\n *\n * Based on RFC 9421 (HTTP Message Signatures) and ChatGPT's implementation\n * Reference: https://help.openai.com/en/articles/9785974-chatgpt-user-allowlisting\n */\n\nimport * as ed25519 from '@noble/ed25519';\nimport { sha512 } from '@noble/hashes/sha2.js';\n\n// Configure @noble/ed25519 to use sync SHA-512 from @noble/hashes\n// This works in all environments including Edge Runtime\ned25519.etc.sha512Sync = (...m) => sha512(ed25519.etc.concatBytes(...m));\n\n/**\n * Known public keys for AI agents (fallback)\n *\n * IMPORTANT: These keys are used as fallback when the API is unavailable.\n * The primary source of keys should be the /api/internal/signature-keys endpoint\n * which fetches from https://chatgpt.com/.well-known/http-message-signatures-directory\n *\n * TODO: Implement automated key rotation by:\n * 1. Setting up a cron job to fetch from OpenAI's well-known endpoint\n * 2. Storing keys in database/KV store with proper expiration handling\n * 3. Removing hardcoded fallback keys entirely\n */\nconst KNOWN_KEYS = {\n chatgpt: [\n {\n kid: 'otMqcjr17mGyruktGvJU8oojQTSMHlVm7uO-lrcqbdg',\n // ChatGPT's current Ed25519 public key (base64)\n // Source: https://chatgpt.com/.well-known/http-message-signatures-directory\n publicKey: '7F_3jDlxaquwh291MiACkcS3Opq88NksyHiakzS-Y1g',\n validFrom: 1735689600, // Jan 1, 2025 (nbf from OpenAI)\n validUntil: 1769029093, // Jan 21, 2026 (exp from OpenAI)\n },\n ],\n};\n\n/**\n * In-memory cache for API-fetched keys\n */\ninterface CachedKeys {\n keys: Array<{\n kid: string;\n publicKey: string;\n validFrom: number;\n validUntil: number;\n }>;\n cachedAt: number;\n}\n\nconst keyCache = new Map<string, CachedKeys>();\nconst CACHE_TTL_MS = 5 * 60 * 1000; // 5 minutes\nconst CACHE_MAX_SIZE = 100; // Maximum cache entries before cleanup\n\n/**\n * Get API base URL for fetching keys\n * Returns absolute URL for server-side, relative for browser\n */\nfunction getApiBaseUrl(): string {\n if (typeof window !== 'undefined') {\n // Browser: use relative path\n return '/api/internal';\n }\n\n // Server-side: must use absolute URL\n // Try environment variables first\n const baseUrl =\n process.env.NEXT_PUBLIC_APP_URL ||\n process.env.NEXT_PUBLIC_API_URL ||\n process.env.API_URL ||\n (process.env.VERCEL_URL ? `https://${process.env.VERCEL_URL}` : null);\n\n if (baseUrl) {\n return baseUrl.replace(/\\/$/, '') + '/api/internal';\n }\n\n // Fallback: try to construct from request context if available\n // For middleware/edge runtime, we may need to pass the request URL\n // For now, return relative path and log warning\n if (process.env.NODE_ENV !== 'production') {\n console.warn(\n '[Signature] No base URL configured for server-side fetch. Using localhost fallback.'\n );\n return 'http://localhost:3000/api/internal';\n }\n\n // Production fallback - should not reach here if properly configured\n console.error(\n '[Signature] CRITICAL: No base URL configured for server-side fetch in production!'\n );\n return '/api/internal'; // Will fail, but prevents silent success\n}\n\n/**\n * Clean up expired cache entries and enforce size limit\n * Called periodically to prevent unbounded memory growth\n * Uses LRU-style eviction: removes expired entries first, then oldest entries if still over limit\n */\nfunction cleanupExpiredCache(): void {\n const now = Date.now();\n const entriesToDelete: string[] = [];\n\n // First pass: remove expired entries\n for (const [agent, cached] of keyCache.entries()) {\n if (now - cached.cachedAt > CACHE_TTL_MS) {\n entriesToDelete.push(agent);\n }\n }\n\n for (const agent of entriesToDelete) {\n keyCache.delete(agent);\n }\n\n // Second pass: if still over limit, remove oldest entries (LRU eviction)\n if (keyCache.size > CACHE_MAX_SIZE) {\n // Convert entries to array with cachedAt timestamp for sorting\n const entries = Array.from(keyCache.entries()).map(([agent, cached]) => ({\n agent,\n cachedAt: cached.cachedAt,\n }));\n\n // Sort by cachedAt (oldest first)\n entries.sort((a, b) => a.cachedAt - b.cachedAt);\n\n // Remove oldest entries until we're under the limit\n const toRemove = entries.slice(0, keyCache.size - CACHE_MAX_SIZE);\n for (const entry of toRemove) {\n keyCache.delete(entry.agent);\n }\n }\n}\n\n/**\n * Fetch keys from API with caching\n */\nasync function fetchKeysFromApi(agent: string): Promise<Array<{\n kid: string;\n publicKey: string;\n validFrom: number;\n validUntil: number;\n}> | null> {\n // Periodic cleanup to prevent memory leaks\n if (keyCache.size > CACHE_MAX_SIZE) {\n cleanupExpiredCache();\n }\n\n // Check cache first\n const cached = keyCache.get(agent);\n if (cached && Date.now() - cached.cachedAt < CACHE_TTL_MS) {\n return cached.keys;\n }\n\n // Check if fetch is available (Edge Runtime compatibility)\n if (typeof fetch === 'undefined') {\n console.warn('[Signature] fetch() not available in this environment');\n return null;\n }\n\n try {\n const apiBaseUrl = getApiBaseUrl();\n const url = `${apiBaseUrl}/signature-keys?agent=${encodeURIComponent(agent)}`;\n\n const response = await fetch(url, {\n method: 'GET',\n headers: {\n 'Content-Type': 'application/json',\n },\n // 5 second timeout\n signal: AbortSignal.timeout(5000),\n });\n\n if (!response.ok) {\n console.warn(`[Signature] Failed to fetch keys from API: ${response.status}`);\n return null;\n }\n\n const data = await response.json();\n\n if (!data.keys || !Array.isArray(data.keys) || data.keys.length === 0) {\n console.warn(`[Signature] No keys returned from API for agent: ${agent}`);\n return null;\n }\n\n // Cache the result\n keyCache.set(agent, {\n keys: data.keys,\n cachedAt: Date.now(),\n });\n\n return data.keys;\n } catch (error) {\n console.warn('[Signature] Error fetching keys from API, using fallback', {\n error: error instanceof Error ? error.message : 'Unknown error',\n agent,\n });\n return null;\n }\n}\n\n/**\n * Type guard to check if agent is a valid key in KNOWN_KEYS\n */\nfunction isValidAgent(agent: string): agent is keyof typeof KNOWN_KEYS {\n return agent in KNOWN_KEYS;\n}\n\n/**\n * Get keys for an agent (API first, then fallback)\n */\nasync function getKeysForAgent(agent: string): Promise<\n Array<{\n kid: string;\n publicKey: string;\n validFrom: number;\n validUntil: number;\n }>\n> {\n // Try API first\n const apiKeys = await fetchKeysFromApi(agent);\n if (apiKeys && apiKeys.length > 0) {\n return apiKeys;\n }\n\n // Fallback to hardcoded keys with type guard\n if (isValidAgent(agent)) {\n return KNOWN_KEYS[agent];\n }\n\n return [];\n}\n\n/**\n * Parse the Signature-Input header according to RFC 9421\n */\nfunction parseSignatureInput(signatureInput: string): {\n keyid: string;\n created?: number | undefined;\n expires?: number | undefined;\n signedHeaders: string[];\n} | null {\n try {\n // Example: sig1=(\"@method\" \"@path\" \"@authority\" \"date\");keyid=\"...\";created=1234567890\n const match = signatureInput.match(/sig1=\$(.*?)\$;(.+)/);\n if (!match) return null;\n\n const [, headersList, params] = match;\n\n // Parse signed headers\n const signedHeaders = headersList\n ? headersList\n .split(' ')\n .map((h) => h.replace(/\"/g, '').trim())\n .filter((h) => h.length > 0)\n : [];\n\n // Parse parameters\n const keyidMatch = params ? params.match(/keyid=\"([^\"]+)\"/) : null;\n const createdMatch = params ? params.match(/created=(\\d+)/) : null;\n const expiresMatch = params ? params.match(/expires=(\\d+)/) : null;\n\n if (!keyidMatch || !keyidMatch[1]) return null;\n\n return {\n keyid: keyidMatch[1],\n created: createdMatch && createdMatch[1] ? parseInt(createdMatch[1]) : undefined,\n expires: expiresMatch && expiresMatch[1] ? parseInt(expiresMatch[1]) : undefined,\n signedHeaders,\n };\n } catch (error) {\n console.error('[Signature] Failed to parse Signature-Input:', error);\n return null;\n }\n}\n\n/**\n * Build the signature base string according to RFC 9421\n * This is what gets signed\n */\nfunction buildSignatureBase(\n method: string,\n path: string,\n headers: Record<string, string>,\n signedHeaders: string[]\n): string {\n const components: string[] = [];\n\n for (const headerName of signedHeaders) {\n let value: string;\n\n switch (headerName) {\n case '@method':\n value = method.toUpperCase();\n break;\n case '@path':\n value = path;\n break;\n case '@authority':\n // Get from Host header or URL\n value = headers['host'] || headers['Host'] || '';\n break;\n default: {\n // Regular headers (case-insensitive lookup)\n const key = Object.keys(headers).find((k) => k.toLowerCase() === headerName.toLowerCase());\n value = key ? headers[key] || '' : '';\n break;\n }\n }\n\n // Format according to RFC 9421\n components.push(`\"${headerName}\": ${value}`);\n }\n\n return components.join('\\n');\n}\n\n/**\n * Decode base64 (handles both standard and URL-safe variants)\n * URL-safe base64 uses - instead of + and _ instead of /\n */\nfunction base64ToBytes(base64: string): Uint8Array {\n // Convert URL-safe base64 to standard base64\n let standardBase64 = base64.replace(/-/g, '+').replace(/_/g, '/');\n\n // Add padding if needed\n const padding = standardBase64.length % 4;\n if (padding) {\n standardBase64 += '='.repeat(4 - padding);\n }\n\n const binaryString = atob(standardBase64);\n return Uint8Array.from(binaryString, (c) => c.charCodeAt(0));\n}\n\n/**\n * Verify Ed25519 signature using @noble/ed25519 (works in all environments including Edge Runtime)\n * Falls back to Web Crypto API if available\n */\nasync function verifyEd25519Signature(\n publicKeyBase64: string,\n signatureBase64: string,\n message: string\n): Promise<boolean> {\n try {\n // Decode base64 to Uint8Array (handles URL-safe base64)\n const publicKeyBytes = base64ToBytes(publicKeyBase64);\n const signatureBytes = base64ToBytes(signatureBase64);\n const messageBytes = new TextEncoder().encode(message);\n\n // Check key and signature lengths\n if (publicKeyBytes.length !== 32) {\n console.error('[Signature] Invalid public key length:', publicKeyBytes.length);\n return false;\n }\n if (signatureBytes.length !== 64) {\n console.error('[Signature] Invalid signature length:', signatureBytes.length);\n return false;\n }\n\n // Use @noble/ed25519 with sync SHA-512 - works in all environments including Edge Runtime\n return ed25519.verify(signatureBytes, messageBytes, publicKeyBytes);\n } catch (nobleError) {\n console.warn('[Signature] @noble/ed25519 failed, trying Web Crypto fallback:', nobleError);\n\n // Fallback to Web Crypto API (may not work in Edge Runtime)\n try {\n const publicKeyBytes = base64ToBytes(publicKeyBase64);\n const signatureBytes = base64ToBytes(signatureBase64);\n const messageBytes = new TextEncoder().encode(message);\n\n const publicKey = await crypto.subtle.importKey(\n 'raw',\n publicKeyBytes.buffer as ArrayBuffer,\n {\n name: 'Ed25519',\n namedCurve: 'Ed25519',\n },\n false,\n ['verify']\n );\n\n return await crypto.subtle.verify(\n 'Ed25519',\n publicKey,\n signatureBytes.buffer as ArrayBuffer,\n messageBytes\n );\n } catch (cryptoError) {\n console.error('[Signature] Both @noble/ed25519 and Web Crypto failed:', {\n nobleError: nobleError instanceof Error ? nobleError.message : 'Unknown',\n cryptoError: cryptoError instanceof Error ? cryptoError.message : 'Unknown',\n });\n return false;\n }\n }\n}\n\n/**\n * Signature verification result\n */\nexport interface SignatureVerificationResult {\n isValid: boolean;\n agent?: string;\n keyid?: string;\n confidence: number;\n reason?: string;\n verificationMethod: 'signature' | 'none';\n}\n\n/**\n * Verify HTTP Message Signature for AI agents\n */\nexport async function verifyAgentSignature(\n method: string,\n path: string,\n headers: Record<string, string>\n): Promise<SignatureVerificationResult> {\n // Check for signature headers\n const signature = headers['signature'] || headers['Signature'];\n const signatureInput = headers['signature-input'] || headers['Signature-Input'];\n const signatureAgent = headers['signature-agent'] || headers['Signature-Agent'];\n\n // No signature present\n if (!signature || !signatureInput) {\n return {\n isValid: false,\n confidence: 0,\n reason: 'No signature headers present',\n verificationMethod: 'none',\n };\n }\n\n // Parse Signature-Input header\n const parsed = parseSignatureInput(signatureInput);\n if (!parsed) {\n return {\n isValid: false,\n confidence: 0,\n reason: 'Invalid Signature-Input header',\n verificationMethod: 'none',\n };\n }\n\n // Check timestamp if present\n if (parsed.created) {\n const now = Math.floor(Date.now() / 1000);\n const age = now - parsed.created;\n\n // Reject signatures older than 5 minutes\n if (age > 300) {\n return {\n isValid: false,\n confidence: 0,\n reason: 'Signature expired (older than 5 minutes)',\n verificationMethod: 'none',\n };\n }\n\n // Reject signatures from the future (clock skew tolerance: 30 seconds)\n if (age < -30) {\n return {\n isValid: false,\n confidence: 0,\n reason: 'Signature timestamp is in the future',\n verificationMethod: 'none',\n };\n }\n }\n\n // Determine which agent based on signature-agent header\n let agent: string | undefined;\n let agentKey: string | undefined;\n\n // Validate URL hostname to prevent bypass attacks (e.g., evil.com/chatgpt.com)\n const isChatGPT =\n signatureAgent === '\"https://chatgpt.com\"' ||\n (() => {\n try {\n const url = new URL(signatureAgent?.replace(/^\"|\"$/g, '') || '');\n return url.hostname === 'chatgpt.com' || url.hostname.endsWith('.chatgpt.com');\n } catch {\n return false;\n }\n })();\n\n if (isChatGPT) {\n agent = 'ChatGPT';\n agentKey = 'chatgpt';\n }\n // Add other agents here as needed\n\n if (!agent || !agentKey) {\n return {\n isValid: false,\n confidence: 0,\n reason: 'Unknown signature agent',\n verificationMethod: 'none',\n };\n }\n\n // Get keys (API first, then fallback)\n const knownKeys = await getKeysForAgent(agentKey);\n\n if (knownKeys.length === 0) {\n return {\n isValid: false,\n confidence: 0,\n reason: 'No keys available for agent',\n verificationMethod: 'none',\n };\n }\n\n // Find the key by ID\n const key = knownKeys.find((k) => k.kid === parsed.keyid);\n if (!key) {\n return {\n isValid: false,\n confidence: 0,\n reason: `Unknown key ID: ${parsed.keyid}`,\n verificationMethod: 'none',\n };\n }\n\n // Check key validity period\n const now = Math.floor(Date.now() / 1000);\n if (now < key.validFrom || now > key.validUntil) {\n return {\n isValid: false,\n confidence: 0,\n reason: 'Key is not valid at current time',\n verificationMethod: 'none',\n };\n }\n\n // Build the signature base string\n const signatureBase = buildSignatureBase(method, path, headers, parsed.signedHeaders);\n\n // Extract the actual signature value (remove \"sig1=:\" prefix and \"::\" suffix if present)\n let signatureValue = signature;\n if (signatureValue.startsWith('sig1=:')) {\n signatureValue = signatureValue.substring(6);\n }\n if (signatureValue.endsWith(':')) {\n signatureValue = signatureValue.slice(0, -1);\n }\n\n // Verify the signature\n const isValid = await verifyEd25519Signature(key.publicKey, signatureValue, signatureBase);\n\n if (isValid) {\n return {\n isValid: true,\n agent,\n keyid: parsed.keyid,\n confidence: 1.0, // 100% confidence for valid signature\n verificationMethod: 'signature',\n };\n } else {\n return {\n isValid: false,\n confidence: 0,\n reason: 'Signature verification failed',\n verificationMethod: 'none',\n };\n }\n}\n\n/**\n * Quick check if signature headers are present (for performance)\n */\nexport function hasSignatureHeaders(headers: Record<string, string>): boolean {\n return !!(\n (headers['signature'] || headers['Signature']) &&\n (headers['signature-input'] || headers['Signature-Input'])\n );\n}\n\n/**\n * Check if this is a ChatGPT signature based on headers\n * Uses secure URL parsing to prevent spoofing attacks\n */\nexport function isChatGPTSignature(headers: Record<string, string>): boolean {\n const signatureAgent = headers['signature-agent'] || headers['Signature-Agent'];\n\n if (!signatureAgent) {\n return false;\n }\n\n // Strip leading/trailing quotes if present\n const agentUrlStr = signatureAgent.replace(/^\"+|\"+$/g, '');\n\n // Exact match for the standard ChatGPT signature agent\n if (agentUrlStr === 'https://chatgpt.com') {\n return true;\n }\n\n // Parse URL and validate host to prevent spoofing\n try {\n const agentUrl = new URL(agentUrlStr);\n const allowedHosts = ['chatgpt.com', 'www.chatgpt.com'];\n return allowedHosts.includes(agentUrl.host);\n } catch {\n // Not a valid URL, return false for security\n return false;\n }\n}\n","/**\n * Wrapper for EdgeAgentDetector to match AgentDetector interface\n * This allows the middleware to work with EdgeAgentDetector in Edge Runtime\n *\n * This is a self-contained implementation to avoid import resolution issues\n * Includes proper Ed25519 signature verification for ChatGPT and other agents\n */\n\ntype DetectionInput = {\n userAgent?: string;\n ip?: string;\n ipAddress?: string;\n headers?: Record<string, string>;\n url?: string;\n method?: string;\n timestamp?: Date;\n};\n\n// Import the proper DetectionResult type from shared package\nimport type { DetectionResult } from '@kya-os/agentshield-shared';\n\ntype EventHandler = (...args: unknown[]) => void;\n\n// Import signature verifier\nimport {\n verifyAgentSignature,\n hasSignatureHeaders,\n isChatGPTSignature,\n} from './signature-verifier';\nimport {\n loadRulesSync,\n type DetectionRules,\n type UserAgentRule,\n type HeaderRule,\n type IpRangeRule,\n} from '@kya-os/agentshield-shared';\n\n// Load centralized rules - this will fail fast if rules cannot be loaded\nconst rules: DetectionRules = loadRulesSync();\n\n/**\n * Self-contained EdgeAgentDetector implementation with proper signature verification\n */\nclass EdgeAgentDetector {\n private rules: DetectionRules;\n\n constructor() {\n this.rules = rules;\n }\n\n async analyze(input: DetectionInput): Promise<DetectionResult> {\n const reasons: string[] = [];\n let detectedAgent: { type: string; name: string } | undefined;\n let verificationMethod: string | undefined;\n let confidence = 0;\n\n const headers = input.headers || {};\n const normalizedHeaders: Record<string, string> = {};\n\n // Normalize header names to lowercase\n for (const [key, value] of Object.entries(headers)) {\n normalizedHeaders[key.toLowerCase()] = value;\n }\n\n // Check for HTTP Message Signatures with proper cryptographic verification\n if (hasSignatureHeaders(headers)) {\n try {\n // Verify the signature cryptographically\n const signatureResult = await verifyAgentSignature(\n input.method || 'GET',\n input.url || '/',\n headers\n );\n\n if (signatureResult.isValid) {\n // Valid cryptographic signature - highest confidence (convert 0-1 to 0-100)\n confidence = signatureResult.confidence * 100;\n reasons.push(`verified_signature:${signatureResult.agent?.toLowerCase() || 'unknown'}`);\n if (signatureResult.agent) {\n detectedAgent = {\n type: signatureResult.agent.toLowerCase(),\n name: signatureResult.agent,\n };\n }\n verificationMethod = signatureResult.verificationMethod;\n\n // Add keyid to reasons for debugging\n if (signatureResult.keyid) {\n reasons.push(`keyid:${signatureResult.keyid}`);\n }\n } else {\n // Invalid signature - suspicious\n console.warn('[EdgeAgentDetector] Signature verification failed:', {\n reason: signatureResult.reason,\n agent: signatureResult.agent,\n hasSignatureAgent: !!headers['signature-agent'] || !!headers['Signature-Agent'],\n signatureAgentValue: headers['signature-agent'] || headers['Signature-Agent'],\n });\n confidence = Math.max(confidence, 30); // Updated to 0-100 scale (was 0.3)\n reasons.push('invalid_signature');\n if (signatureResult.reason) {\n reasons.push(`signature_error:${signatureResult.reason}`);\n }\n\n // Still check if it claims to be ChatGPT\n if (isChatGPTSignature(headers)) {\n reasons.push('claims_chatgpt');\n detectedAgent = { type: 'chatgpt', name: 'ChatGPT (unverified)' };\n }\n }\n } catch (error) {\n // Error during verification\n console.error('[EdgeAgentDetector] Signature verification error:', error);\n confidence = Math.max(confidence, 20); // Updated to 0-100 scale (was 0.2)\n reasons.push('signature_verification_error');\n }\n }\n\n // Check User-Agent patterns using centralized rules\n // Sort rules to check more specific patterns first (generic_bot last)\n const userAgent = input.userAgent || input.headers?.['user-agent'] || '';\n if (userAgent) {\n const userAgentEntries = Object.entries(this.rules.rules.userAgents);\n // Sort: put generic_bot, dev_tools, automation_tools last since they have broad patterns\n const genericKeys = ['generic_bot', 'dev_tools', 'automation_tools'];\n const sortedEntries = userAgentEntries.sort((a, b) => {\n const aIsGeneric = genericKeys.includes(a[0]);\n const bIsGeneric = genericKeys.includes(b[0]);\n if (aIsGeneric && !bIsGeneric) return 1;\n if (!aIsGeneric && bIsGeneric) return -1;\n return 0;\n });\n\n for (const [agentKey, agentRule] of sortedEntries) {\n const rule = agentRule as UserAgentRule;\n const matched = rule.patterns.some((pattern: string) => {\n const regex = new RegExp(pattern, 'i');\n return regex.test(userAgent);\n });\n\n if (matched) {\n const agentType = this.getAgentType(agentKey);\n const agentName = this.getAgentName(agentKey);\n\n confidence = Math.max(confidence, rule.confidence * 100); // Convert 0-1 rule confidence to 0-100 scale\n reasons.push(`known_pattern:${agentType}`);\n if (!detectedAgent) {\n detectedAgent = { type: agentType, name: agentName };\n verificationMethod = 'pattern';\n }\n break;\n }\n }\n }\n\n // Check AI-specific headers using centralized rules\n const suspiciousHeaders = this.rules.rules.headers.suspicious;\n const foundAiHeaders = suspiciousHeaders.filter(\n (headerRule: HeaderRule) => normalizedHeaders[headerRule.name.toLowerCase()]\n );\n\n if (foundAiHeaders.length > 0) {\n const maxConfidence = Math.max(...foundAiHeaders.map((h: HeaderRule) => h.confidence * 100)); // Convert 0-1 to 0-100\n confidence = Math.max(confidence, maxConfidence);\n reasons.push(`ai_headers:${foundAiHeaders.length}`);\n }\n\n // Check cloud provider IPs using centralized rules\n const ip = input.ip || input.ipAddress;\n if (ip && !normalizedHeaders['x-forwarded-for'] && !normalizedHeaders['x-real-ip']) {\n // Handle both old (with providers) and new (direct) structures\n const ipRanges =\n 'providers' in this.rules.rules.ipRanges\n ? this.rules.rules.ipRanges.providers\n : this.rules.rules.ipRanges;\n\n for (const [provider, ipRule] of Object.entries(ipRanges)) {\n // Skip non-rule entries\n if (\n !ipRule ||\n typeof ipRule !== 'object' ||\n !('ranges' in ipRule) ||\n !Array.isArray(ipRule.ranges)\n )\n continue;\n\n const matched = ipRule.ranges.some((range: string) => {\n const prefix = range.split('/')[0];\n const prefixParts = prefix.split('.');\n const ipParts = ip.split('.');\n\n // Check if IP starts with the same octets\n for (let i = 0; i < Math.min(prefixParts.length - 1, 2); i++) {\n if (prefixParts[i] !== ipParts[i] && prefixParts[i] !== '0') {\n return false;\n }\n }\n return true;\n });\n\n if (matched) {\n const rule = ipRule as IpRangeRule;\n confidence = Math.max(confidence, rule.confidence * 40); // Convert 0-1 to 0-100 with 0.4 reduction factor\n reasons.push(`cloud_provider:${provider}`);\n break;\n }\n }\n }\n\n // Boost confidence for combinations (but not if already at 100 from signature)\n if (reasons.length > 2 && confidence < 100) {\n confidence = Math.min(confidence * 1.2, 95); // Cap at 95 to leave room for cryptographic verification\n }\n\n // Ensure confidence stays within 0-100 range\n confidence = Math.min(Math.max(confidence, 0), 100);\n\n return {\n isAgent: confidence > 30, // Updated to 0-100 scale (was 0.3)\n confidence,\n detectionClass:\n confidence > 30 && detectedAgent // Updated to 0-100 scale\n ? { type: 'AiAgent' as const, agentType: detectedAgent.name }\n : confidence > 30 // Updated to 0-100 scale\n ? { type: 'Unknown' as const }\n : { type: 'Human' as const },\n signals: [], // Will be populated by enhanced detection engine in future tasks\n ...(detectedAgent && { detectedAgent }),\n reasons,\n ...(verificationMethod && {\n verificationMethod: verificationMethod as\n | 'signature'\n | 'pattern'\n | 'behavioral'\n | 'network'\n | 'mcp_i_handshake'\n | 'none',\n }),\n forgeabilityRisk:\n verificationMethod === 'signature' ? 'low' : confidence > 80 ? 'medium' : 'high', // Updated to 0-100 scale\n timestamp: new Date(),\n };\n }\n\n /**\n * Get agent type from rule key\n */\n private getAgentType(agentKey: string): string {\n const typeMap: Record<string, string> = {\n openai_gptbot: 'openai',\n anthropic_claude: 'anthropic',\n perplexity_bot: 'perplexity',\n google_ai: 'google',\n microsoft_ai: 'microsoft',\n meta_ai: 'meta',\n cohere_bot: 'cohere',\n huggingface_bot: 'huggingface',\n generic_bot: 'generic',\n dev_tools: 'dev',\n automation_tools: 'automation',\n };\n return typeMap[agentKey] || agentKey;\n }\n\n /**\n * Get agent name from rule key\n */\n private getAgentName(agentKey: string): string {\n const nameMap: Record<string, string> = {\n openai_gptbot: 'ChatGPT/GPTBot',\n anthropic_claude: 'Claude',\n perplexity_bot: 'Perplexity',\n google_ai: 'Google AI',\n microsoft_ai: 'Microsoft Copilot',\n meta_ai: 'Meta AI',\n cohere_bot: 'Cohere',\n huggingface_bot: 'HuggingFace',\n generic_bot: 'Generic Bot',\n dev_tools: 'Development Tool',\n automation_tools: 'Automation Tool',\n };\n return nameMap[agentKey] || agentKey;\n }\n}\n\n/**\n * Wrapper that provides event emitter functionality\n */\nexport class EdgeAgentDetectorWrapper {\n private detector: EdgeAgentDetector;\n private events: Map<string, EventHandler[]> = new Map();\n\n constructor(_config?: unknown) {\n // Config is accepted but not used by EdgeAgentDetector\n this.detector = new EdgeAgentDetector();\n }\n\n async analyze(input: DetectionInput): Promise<DetectionResult> {\n const result = await this.detector.analyze(input);\n\n // Emit events if there are listeners\n if (result.isAgent && this.events.has('agent.detected')) {\n const handlers = this.events.get('agent.detected') || [];\n handlers.forEach((handler) => handler(result, input));\n }\n\n return result;\n }\n\n on(event: string, handler: EventHandler): void {\n if (!this.events.has(event)) {\n this.events.set(event, []);\n }\n this.events.get(event)!.push(handler);\n }\n\n emit(event: string, ...args: unknown[]): void {\n const handlers = this.events.get(event) || [];\n handlers.forEach((handler) => handler(...args));\n }\n\n async init(): Promise<void> {\n // EdgeAgentDetector doesn't need initialization\n return;\n }\n}\n"]}

package/dist/edge-runtime-loader.d.mts DELETED Viewed

@@ -1,50 +0,0 @@
-import { NextRequest } from 'next/server';
-/**
- * Edge Runtime Compatible WASM Loader for AgentShield
- *
- * This module provides a pre-built solution for loading WASM in Edge Runtime.
- * It requires the WASM file to be manually placed in the project.
- */
-interface WasmModule {
-    default: WebAssembly.Module;
-}
-interface DetectionResult {
-    isAgent: boolean;
-    isAiCrawler?: boolean;
-    confidence: number;
-    agent?: string;
-    verificationMethod: 'cryptographic' | 'pattern';
-    riskLevel?: 'low' | 'medium' | 'high' | 'critical';
-    timestamp: string;
-}
-interface AgentShieldConfig {
-    wasmModule?: WebAssembly.Module;
-    enableWasm?: boolean;
-    onAgentDetected?: (result: DetectionResult) => void;
-    blockAgents?: boolean;
-    allowedAgents?: string[];
-    debug?: boolean;
-}
-declare class EdgeRuntimeAgentShield {
-    private wasmInstance;
-    private wasmMemory;
-    private config;
-    private initialized;
-    constructor(config?: AgentShieldConfig);
-    init(wasmModule?: WebAssembly.Module): Promise<void>;
-    private readString;
-    private writeString;
-    detect(request: NextRequest): Promise<DetectionResult>;
-    private patternDetection;
-    isInitialized(): boolean;
-    getVerificationMethod(): 'cryptographic' | 'pattern';
-}
-/**
- * Factory function to create an AgentShield instance for Edge Runtime
- */
-declare function createEdgeAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield;
-declare function getDefaultAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield;
-export { type AgentShieldConfig, type DetectionResult, type WasmModule, createEdgeAgentShield, getDefaultAgentShield };

package/dist/edge-runtime-loader.d.ts DELETED Viewed

@@ -1,50 +0,0 @@
-import { NextRequest } from 'next/server';
-/**
- * Edge Runtime Compatible WASM Loader for AgentShield
- *
- * This module provides a pre-built solution for loading WASM in Edge Runtime.
- * It requires the WASM file to be manually placed in the project.
- */
-interface WasmModule {
-    default: WebAssembly.Module;
-}
-interface DetectionResult {
-    isAgent: boolean;
-    isAiCrawler?: boolean;
-    confidence: number;
-    agent?: string;
-    verificationMethod: 'cryptographic' | 'pattern';
-    riskLevel?: 'low' | 'medium' | 'high' | 'critical';
-    timestamp: string;
-}
-interface AgentShieldConfig {
-    wasmModule?: WebAssembly.Module;
-    enableWasm?: boolean;
-    onAgentDetected?: (result: DetectionResult) => void;
-    blockAgents?: boolean;
-    allowedAgents?: string[];
-    debug?: boolean;
-}
-declare class EdgeRuntimeAgentShield {
-    private wasmInstance;
-    private wasmMemory;
-    private config;
-    private initialized;
-    constructor(config?: AgentShieldConfig);
-    init(wasmModule?: WebAssembly.Module): Promise<void>;
-    private readString;
-    private writeString;
-    detect(request: NextRequest): Promise<DetectionResult>;
-    private patternDetection;
-    isInitialized(): boolean;
-    getVerificationMethod(): 'cryptographic' | 'pattern';
-}
-/**
- * Factory function to create an AgentShield instance for Edge Runtime
- */
-declare function createEdgeAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield;
-declare function getDefaultAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield;
-export { type AgentShieldConfig, type DetectionResult, type WasmModule, createEdgeAgentShield, getDefaultAgentShield };

package/dist/edge-runtime-loader.js DELETED Viewed

@@ -1,204 +0,0 @@
-'use strict';
-// src/utils.ts
-function getClientIp(request) {
-  const forwardedFor = request.headers.get("x-forwarded-for");
-  if (forwardedFor) {
-    const ip = forwardedFor.split(",")[0]?.trim();
-    if (ip) return ip;
-  }
-  const realIp = request.headers.get("x-real-ip");
-  if (realIp) return realIp;
-  const cfIp = request.headers.get("cf-connecting-ip");
-  if (cfIp) return cfIp;
-  const clientIp = request.headers.get("x-client-ip");
-  if (clientIp) return clientIp;
-  return void 0;
-}
-// src/edge-runtime-loader.ts
-var EdgeRuntimeAgentShield = class {
-  wasmInstance = null;
-  wasmMemory = null;
-  config;
-  initialized = false;
-  constructor(config = {}) {
-    this.config = config;
-  }
-  async init(wasmModule) {
-    if (this.initialized) return;
-    const module = wasmModule || this.config.wasmModule;
-    if (module && this.config.enableWasm !== false) {
-      try {
-        this.wasmMemory = new WebAssembly.Memory({ initial: 17, maximum: 256 });
-        const imports = {
-          wbg: {
-            __wbindgen_throw: (ptr, len) => {
-              throw new Error(this.readString(ptr, len));
-            },
-            __wbg_log_: (ptr, len) => {
-              if (this.config.debug) {
-                console.log(this.readString(ptr, len));
-              }
-            }
-          },
-          env: {
-            memory: this.wasmMemory
-          }
-        };
-        this.wasmInstance = await WebAssembly.instantiate(module, imports);
-        this.initialized = true;
-        if (this.config.debug) {
-          console.log("\u2705 AgentShield WASM initialized in Edge Runtime");
-        }
-      } catch (error) {
-        console.warn("\u26A0\uFE0F WASM initialization failed, using pattern detection:", error);
-        this.initialized = true;
-      }
-    } else {
-      this.initialized = true;
-    }
-  }
-  readString(ptr, len) {
-    if (!this.wasmInstance || !this.wasmMemory) {
-      throw new Error("WASM not initialized");
-    }
-    const memory = new Uint8Array(this.wasmMemory.buffer);
-    const bytes = memory.slice(ptr, ptr + len);
-    return new TextDecoder().decode(bytes);
-  }
-  writeString(str) {
-    if (!this.wasmInstance) {
-      throw new Error("WASM not initialized");
-    }
-    const exports$1 = this.wasmInstance.exports;
-    const encoded = new TextEncoder().encode(str);
-    const ptr = exports$1.__wbindgen_malloc(encoded.length);
-    const memory = new Uint8Array(exports$1.memory.buffer);
-    memory.set(encoded, ptr);
-    return [ptr, encoded.length];
-  }
-  async detect(request) {
-    if (!this.initialized) {
-      await this.init();
-    }
-    const metadata = {
-      userAgent: request.headers.get("user-agent") || "",
-      ipAddress: getClientIp(request) || "",
-      headers: Object.fromEntries(request.headers.entries())
-    };
-    if (this.wasmInstance && this.config.enableWasm !== false) {
-      try {
-        const exports$1 = this.wasmInstance.exports;
-        const [ptr, len] = this.writeString(JSON.stringify(metadata));
-        const resultPtr = exports$1.detect_agent(ptr, len);
-        let resultStr = "";
-        let offset = 0;
-        const memory = new Uint8Array(exports$1.memory.buffer);
-        while (offset < 4096) {
-          const byte = memory[resultPtr + offset];
-          if (byte === 0 || byte === void 0) break;
-          offset++;
-        }
-        if (offset > 0) {
-          resultStr = this.readString(resultPtr, offset);
-        }
-        exports$1.__wbindgen_free(ptr, len);
-        if (offset > 0) {
-          exports$1.__wbindgen_free(resultPtr, offset);
-        }
-        const result = JSON.parse(resultStr);
-        const detection = {
-          ...result,
-          verificationMethod: "cryptographic",
-          timestamp: (/* @__PURE__ */ new Date()).toISOString()
-        };
-        if (this.config.onAgentDetected && detection.isAgent) {
-          this.config.onAgentDetected(detection);
-        }
-        return detection;
-      } catch (error) {
-        if (this.config.debug) {
-          console.error("WASM detection failed:", error);
-        }
-      }
-    }
-    return this.patternDetection(metadata);
-  }
-  patternDetection(metadata) {
-    const userAgent = metadata.userAgent.toLowerCase();
-    const patterns = [
-      // High confidence - explicit AI identifiers
-      { pattern: /chatgpt-user/i, name: "ChatGPT", confidence: 0.95 },
-      { pattern: /claude-web/i, name: "Claude", confidence: 0.95 },
-      { pattern: /claude-user/i, name: "Claude", confidence: 0.95 },
-      { pattern: /gpt-crawler/i, name: "GPT Crawler", confidence: 0.95 },
-      { pattern: /perplexitybot/i, name: "Perplexity", confidence: 0.95 },
-      { pattern: /perplexity-user/i, name: "Perplexity", confidence: 0.95 },
-      { pattern: /perplexity-ai/i, name: "Perplexity", confidence: 0.95 },
-      // Medium-high confidence - company identifiers
-      { pattern: /anthropic/i, name: "Anthropic", confidence: 0.9 },
-      { pattern: /openai/i, name: "OpenAI", confidence: 0.9 },
-      // Medium confidence - product names
-      { pattern: /copilot/i, name: "GitHub Copilot", confidence: 0.85 },
-      { pattern: /bard/i, name: "Google Bard", confidence: 0.85 },
-      { pattern: /gemini/i, name: "Google Gemini", confidence: 0.85 },
-      { pattern: /perplexity/i, name: "Perplexity", confidence: 0.85 },
-      // Fallback
-      { pattern: /\byou\.com\b/i, name: "You.com", confidence: 0.8 },
-      { pattern: /\bphind\b/i, name: "Phind", confidence: 0.8 }
-    ];
-    const suspiciousHeaders = ["x-openai-", "x-anthropic-", "x-ai-", "x-llm-", "x-gpt-"];
-    let headerBoost = 0;
-    for (const [key] of Object.entries(metadata.headers)) {
-      if (suspiciousHeaders.some((prefix) => key.toLowerCase().startsWith(prefix))) {
-        headerBoost = 0.1;
-        break;
-      }
-    }
-    for (const { pattern, name, confidence } of patterns) {
-      if (pattern.test(userAgent)) {
-        const finalConfidence = Math.min(confidence + headerBoost, 1);
-        const result = {
-          isAgent: true,
-          confidence: finalConfidence,
-          agent: name,
-          verificationMethod: "pattern",
-          riskLevel: finalConfidence > 0.9 ? "high" : "medium",
-          timestamp: (/* @__PURE__ */ new Date()).toISOString()
-        };
-        if (this.config.onAgentDetected) {
-          this.config.onAgentDetected(result);
-        }
-        return result;
-      }
-    }
-    return {
-      isAgent: false,
-      confidence: 0.85,
-      verificationMethod: "pattern",
-      timestamp: (/* @__PURE__ */ new Date()).toISOString()
-    };
-  }
-  isInitialized() {
-    return this.initialized;
-  }
-  getVerificationMethod() {
-    return this.wasmInstance ? "cryptographic" : "pattern";
-  }
-};
-function createEdgeAgentShield(config) {
-  return new EdgeRuntimeAgentShield(config);
-}
-var defaultInstance = null;
-function getDefaultAgentShield(config) {
-  if (!defaultInstance) {
-    defaultInstance = new EdgeRuntimeAgentShield(config);
-  }
-  return defaultInstance;
-}
-exports.createEdgeAgentShield = createEdgeAgentShield;
-exports.getDefaultAgentShield = getDefaultAgentShield;
-//# sourceMappingURL=edge-runtime-loader.js.map
-//# sourceMappingURL=edge-runtime-loader.js.map

package/dist/edge-runtime-loader.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/utils.ts","../src/edge-runtime-loader.ts"],"names":["exports"],"mappings":";;;AAcO,SAAS,YAAY,OAAA,EAA0C;AAEpE,EAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,iBAAiB,CAAA;AAC1D,EAAA,IAAI,YAAA,EAAc;AAEhB,IAAA,MAAM,KAAK,YAAA,CAAa,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,GAAG,IAAA,EAAK;AAC5C,IAAA,IAAI,IAAI,OAAO,EAAA;AAAA,EACjB;AAGA,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,WAAW,CAAA;AAC9C,EAAA,IAAI,QAAQ,OAAO,MAAA;AAGnB,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA;AACnD,EAAA,IAAI,MAAM,OAAO,IAAA;AAGjB,EAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,aAAa,CAAA;AAClD,EAAA,IAAI,UAAU,OAAO,QAAA;AAErB,EAAA,OAAO,MAAA;AACT;;;ACQA,IAAM,yBAAN,MAA6B;AAAA,EACnB,YAAA,GAA4C,IAAA;AAAA,EAC5C,UAAA,GAAwC,IAAA;AAAA,EACxC,MAAA;AAAA,EACA,WAAA,GAAc,KAAA;AAAA,EAEtB,WAAA,CAAY,MAAA,GAA4B,EAAC,EAAG;AAC1C,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,EAChB;AAAA,EAEA,MAAM,KAAK,UAAA,EAAgD;AACzD,IAAA,IAAI,KAAK,WAAA,EAAa;AAEtB,IAAA,MAAM,MAAA,GAAS,UAAA,IAAc,IAAA,CAAK,MAAA,CAAO,UAAA;AAEzC,IAAA,IAAI,MAAA,IAAU,IAAA,CAAK,MAAA,CAAO,UAAA,KAAe,KAAA,EAAO;AAC9C,MAAA,IAAI;AACF,QAAA,IAAA,CAAK,UAAA,GAAa,IAAI,WAAA,CAAY,MAAA,CAAO,EAAE,OAAA,EAAS,EAAA,EAAI,OAAA,EAAS,GAAA,EAAK,CAAA;AAEtE,QAAA,MAAM,OAAA,GAAU;AAAA,UACd,GAAA,EAAK;AAAA,YACH,gBAAA,EAAkB,CAAC,GAAA,EAAa,GAAA,KAAgB;AAC9C,cAAA,MAAM,IAAI,KAAA,CAAM,IAAA,CAAK,UAAA,CAAW,GAAA,EAAK,GAAG,CAAC,CAAA;AAAA,YAC3C,CAAA;AAAA,YACA,UAAA,EAAY,CAAC,GAAA,EAAa,GAAA,KAAgB;AACxC,cAAA,IAAI,IAAA,CAAK,OAAO,KAAA,EAAO;AACrB,gBAAA,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,UAAA,CAAW,GAAA,EAAK,GAAG,CAAC,CAAA;AAAA,cACvC;AAAA,YACF;AAAA,WACF;AAAA,UACA,GAAA,EAAK;AAAA,YACH,QAAQ,IAAA,CAAK;AAAA;AACf,SACF;AAEA,QAAA,IAAA,CAAK,YAAA,GAAe,MAAM,WAAA,CAAY,WAAA,CAAY,QAAQ,OAAO,CAAA;AACjE,QAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAEnB,QAAA,IAAI,IAAA,CAAK,OAAO,KAAA,EAAO;AACrB,UAAA,OAAA,CAAQ,IAAI,qDAAgD,CAAA;AAAA,QAC9D;AAAA,MACF,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,IAAA,CAAK,qEAA2D,KAAK,CAAA;AAC7E,QAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAAA,MACrB;AAAA,IACF,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,WAAA,GAAc,IAAA;AAAA,IACrB;AAAA,EACF;AAAA,EAEQ,UAAA,CAAW,KAAa,GAAA,EAAqB;AACnD,IAAA,IAAI,CAAC,IAAA,CAAK,YAAA,IAAgB,CAAC,KAAK,UAAA,EAAY;AAC1C,MAAA,MAAM,IAAI,MAAM,sBAAsB,CAAA;AAAA,IACxC;AACA,IAAA,MAAM,MAAA,GAAS,IAAI,UAAA,CAAW,IAAA,CAAK,WAAW,MAAM,CAAA;AACpD,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,GAAA,EAAK,MAAM,GAAG,CAAA;AACzC,IAAA,OAAO,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,KAAK,CAAA;AAAA,EACvC;AAAA,EAEQ,YAAY,GAAA,EAA+B;AACjD,IAAA,IAAI,CAAC,KAAK,YAAA,EAAc;AACtB,MAAA,MAAM,IAAI,MAAM,sBAAsB,CAAA;AAAA,IACxC;AACA,IAAA,MAAMA,SAAA,GAAU,KAAK,YAAA,CAAa,OAAA;AAElC,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY,CAAE,OAAO,GAAG,CAAA;AAC5C,IAAA,MAAM,GAAA,GAAMA,SAAA,CAAQ,iBAAA,CAAkB,OAAA,CAAQ,MAAM,CAAA;AAEpD,IAAA,MAAM,MAAA,GAAS,IAAI,UAAA,CAAWA,SAAA,CAAQ,OAAO,MAAM,CAAA;AACnD,IAAA,MAAA,CAAO,GAAA,CAAI,SAAS,GAAG,CAAA;AAEvB,IAAA,OAAO,CAAC,GAAA,EAAK,OAAA,CAAQ,MAAM,CAAA;AAAA,EAC7B;AAAA,EAEA,MAAM,OAAO,OAAA,EAAgD;AAC3D,IAAA,IAAI,CAAC,KAAK,WAAA,EAAa;AACrB,MAAA,MAAM,KAAK,IAAA,EAAK;AAAA,IAClB;AAEA,IAAA,MAAM,QAAA,GAAW;AAAA,MACf,SAAA,EAAW,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA,IAAK,EAAA;AAAA,MAChD,SAAA,EAAW,WAAA,CAAY,OAAO,CAAA,IAAK,EAAA;AAAA,MACnC,SAAS,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,OAAA,CAAQ,SAAS;AAAA,KACvD;AAGA,IAAA,IAAI,IAAA,CAAK,YAAA,IAAgB,IAAA,CAAK,MAAA,CAAO,eAAe,KAAA,EAAO;AACzD,MAAA,IAAI;AACF,QAAA,MAAMA,SAAA,GAAU,KAAK,YAAA,CAAa,OAAA;AAClC,QAAA,MAAM,CAAC,KAAK,GAAG,CAAA,GAAI,KAAK,WAAA,CAAY,IAAA,CAAK,SAAA,CAAU,QAAQ,CAAC,CAAA;AAE5D,QAAA,MAAM,SAAA,GAAYA,SAAA,CAAQ,YAAA,CAAa,GAAA,EAAK,GAAG,CAAA;AAE/C,QAAA,IAAI,SAAA,GAAY,EAAA;AAChB,QAAA,IAAI,MAAA,GAAS,CAAA;AACb,QAAA,MAAM,MAAA,GAAS,IAAI,UAAA,CAAYA,SAAA,CAAQ,OAA8B,MAAM,CAAA;AAG3E,QAAA,OAAO,SAAS,IAAA,EAAM;AAEpB,UAAA,MAAM,IAAA,GAAO,MAAA,CAAO,SAAA,GAAY,MAAM,CAAA;AACtC,UAAA,IAAI,IAAA,KAAS,CAAA,IAAK,IAAA,KAAS,KAAA,CAAA,EAAW;AACtC,UAAA,MAAA,EAAA;AAAA,QACF;AAEA,QAAA,IAAI,SAAS,CAAA,EAAG;AACd,UAAA,SAAA,GAAY,IAAA,CAAK,UAAA,CAAW,SAAA,EAAW,MAAM,CAAA;AAAA,QAC/C;AAEA,QAAAA,SAAA,CAAQ,eAAA,CAAgB,KAAK,GAAG,CAAA;AAChC,QAAA,IAAI,SAAS,CAAA,EAAG;AACd,UAAAA,SAAA,CAAQ,eAAA,CAAgB,WAAW,MAAM,CAAA;AAAA,QAC3C;AAEA,QAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,SAAS,CAAA;AAEnC,QAAA,MAAM,SAAA,GAA6B;AAAA,UACjC,GAAG,MAAA;AAAA,UACH,kBAAA,EAAoB,eAAA;AAAA,UACpB,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,SACpC;AAEA,QAAA,IAAI,IAAA,CAAK,MAAA,CAAO,eAAA,IAAmB,SAAA,CAAU,OAAA,EAAS;AACpD,UAAA,IAAA,CAAK,MAAA,CAAO,gBAAgB,SAAS,CAAA;AAAA,QACvC;AAEA,QAAA,OAAO,SAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,IAAI,IAAA,CAAK,OAAO,KAAA,EAAO;AACrB,UAAA,OAAA,CAAQ,KAAA,CAAM,0BAA0B,KAAK,CAAA;AAAA,QAC/C;AAAA,MAEF;AAAA,IACF;AAGA,IAAA,OAAO,IAAA,CAAK,iBAAiB,QAAQ,CAAA;AAAA,EACvC;AAAA,EAEQ,iBAAiB,QAAA,EAIL;AAClB,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,SAAA,CAAU,WAAA,EAAY;AAGjD,IAAA,MAAM,QAAA,GAAW;AAAA;AAAA,MAEf,EAAE,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,SAAA,EAAW,YAAY,IAAA,EAAK;AAAA,MAC9D,EAAE,OAAA,EAAS,aAAA,EAAe,IAAA,EAAM,QAAA,EAAU,YAAY,IAAA,EAAK;AAAA,MAC3D,EAAE,OAAA,EAAS,cAAA,EAAgB,IAAA,EAAM,QAAA,EAAU,YAAY,IAAA,EAAK;AAAA,MAC5D,EAAE,OAAA,EAAS,cAAA,EAAgB,IAAA,EAAM,aAAA,EAAe,YAAY,IAAA,EAAK;AAAA,MACjE,EAAE,OAAA,EAAS,gBAAA,EAAkB,IAAA,EAAM,YAAA,EAAc,YAAY,IAAA,EAAK;AAAA,MAClE,EAAE,OAAA,EAAS,kBAAA,EAAoB,IAAA,EAAM,YAAA,EAAc,YAAY,IAAA,EAAK;AAAA,MACpE,EAAE,OAAA,EAAS,gBAAA,EAAkB,IAAA,EAAM,YAAA,EAAc,YAAY,IAAA,EAAK;AAAA;AAAA,MAGlE,EAAE,OAAA,EAAS,YAAA,EAAc,IAAA,EAAM,WAAA,EAAa,YAAY,GAAA,EAAI;AAAA,MAC5D,EAAE,OAAA,EAAS,SAAA,EAAW,IAAA,EAAM,QAAA,EAAU,YAAY,GAAA,EAAI;AAAA;AAAA,MAGtD,EAAE,OAAA,EAAS,UAAA,EAAY,IAAA,EAAM,gBAAA,EAAkB,YAAY,IAAA,EAAK;AAAA,MAChE,EAAE,OAAA,EAAS,OAAA,EAAS,IAAA,EAAM,aAAA,EAAe,YAAY,IAAA,EAAK;AAAA,MAC1D,EAAE,OAAA,EAAS,SAAA,EAAW,IAAA,EAAM,eAAA,EAAiB,YAAY,IAAA,EAAK;AAAA,MAC9D,EAAE,OAAA,EAAS,aAAA,EAAe,IAAA,EAAM,YAAA,EAAc,YAAY,IAAA,EAAK;AAAA;AAAA,MAC/D,EAAE,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,SAAA,EAAW,YAAY,GAAA,EAAI;AAAA,MAC7D,EAAE,OAAA,EAAS,YAAA,EAAc,IAAA,EAAM,OAAA,EAAS,YAAY,GAAA;AAAI,KAC1D;AAGA,IAAA,MAAM,oBAAoB,CAAC,WAAA,EAAa,cAAA,EAAgB,OAAA,EAAS,UAAU,QAAQ,CAAA;AAEnF,IAAA,IAAI,WAAA,GAAc,CAAA;AAClB,IAAA,KAAA,MAAW,CAAC,GAAG,CAAA,IAAK,OAAO,OAAA,CAAQ,QAAA,CAAS,OAAO,CAAA,EAAG;AACpD,MAAA,IAAI,iBAAA,CAAkB,IAAA,CAAK,CAAC,MAAA,KAAW,GAAA,CAAI,aAAY,CAAE,UAAA,CAAW,MAAM,CAAC,CAAA,EAAG;AAC5E,QAAA,WAAA,GAAc,GAAA;AACd,QAAA;AAAA,MACF;AAAA,IACF;AAIA,IAAA,KAAA,MAAW,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,MAAgB,QAAA,EAAU;AACpD,MAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,SAAS,CAAA,EAAG;AAC3B,QAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,GAAA,CAAI,UAAA,GAAa,aAAa,CAAG,CAAA;AAE9D,QAAA,MAAM,MAAA,GAA0B;AAAA,UAC9B,OAAA,EAAS,IAAA;AAAA,UACT,UAAA,EAAY,eAAA;AAAA,UACZ,KAAA,EAAO,IAAA;AAAA,UACP,kBAAA,EAAoB,SAAA;AAAA,UACpB,SAAA,EAAW,eAAA,GAAkB,GAAA,GAAM,MAAA,GAAS,QAAA;AAAA,UAC5C,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,SACpC;AAEA,QAAA,IAAI,IAAA,CAAK,OAAO,eAAA,EAAiB;AAC/B,UAAA,IAAA,CAAK,MAAA,CAAO,gBAAgB,MAAM,CAAA;AAAA,QACpC;AAEA,QAAA,OAAO,MAAA;AAAA,MACT;AAAA,IACF;AAGA,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,UAAA,EAAY,IAAA;AAAA,MACZ,kBAAA,EAAoB,SAAA;AAAA,MACpB,SAAA,EAAA,iBAAW,IAAI,IAAA,EAAK,EAAE,WAAA;AAAY,KACpC;AAAA,EACF;AAAA,EAEA,aAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,WAAA;AAAA,EACd;AAAA,EAEA,qBAAA,GAAqD;AACnD,IAAA,OAAO,IAAA,CAAK,eAAe,eAAA,GAAkB,SAAA;AAAA,EAC/C;AACF,CAAA;AAKO,SAAS,sBAAsB,MAAA,EAA4B;AAChE,EAAA,OAAO,IAAI,uBAAuB,MAAM,CAAA;AAC1C;AAKA,IAAI,eAAA,GAAiD,IAAA;AAE9C,SAAS,sBAAsB,MAAA,EAAoD;AACxF,EAAA,IAAI,CAAC,eAAA,EAAiB;AACpB,IAAA,eAAA,GAAkB,IAAI,uBAAuB,MAAM,CAAA;AAAA,EACrD;AACA,EAAA,OAAO,eAAA;AACT","file":"edge-runtime-loader.js","sourcesContent":["/**\n * Utility functions for agentshield-nextjs\n */\n\nimport type { NextRequest } from 'next/server';\n\n/**\n * Extract client IP address from a NextRequest.\n * In Next.js 15+, the `ip` property was removed from NextRequest.\n * This function uses headers to determine the client IP.\n *\n * @param request - The NextRequest object\n * @returns The client IP address or undefined if not available\n */\nexport function getClientIp(request: NextRequest): string | undefined {\n // Check x-forwarded-for header (standard for proxies/load balancers)\n const forwardedFor = request.headers.get('x-forwarded-for');\n if (forwardedFor) {\n // Take the first IP in the chain (original client)\n const ip = forwardedFor.split(',')[0]?.trim();\n if (ip) return ip;\n }\n\n // Check x-real-ip header (commonly used by nginx)\n const realIp = request.headers.get('x-real-ip');\n if (realIp) return realIp;\n\n // Check cf-connecting-ip header (Cloudflare)\n const cfIp = request.headers.get('cf-connecting-ip');\n if (cfIp) return cfIp;\n\n // Check x-client-ip header (some proxies use this)\n const clientIp = request.headers.get('x-client-ip');\n if (clientIp) return clientIp;\n\n return undefined;\n}\n\n/**\n * Safely extract the hostname from a URL string.\n * Returns a friendly fallback when parsing fails so UX copy doesn't leak\n * \"undefined\" or similar to end users.\n */\nexport function safeHostname(url: string): string {\n try {\n return new URL(url).hostname;\n } catch {\n return 'this site';\n }\n}\n","/**\n * Edge Runtime Compatible WASM Loader for AgentShield\n *\n * This module provides a pre-built solution for loading WASM in Edge Runtime.\n * It requires the WASM file to be manually placed in the project.\n */\n\nimport type { NextRequest } from 'next/server';\nimport { getClientIp } from './utils';\n\n// User must provide the WASM module via import\n// This is intentionally not imported here to allow user control\nexport interface WasmModule {\n default: WebAssembly.Module;\n}\n\nexport interface DetectionResult {\n isAgent: boolean;\n isAiCrawler?: boolean;\n confidence: number;\n agent?: string;\n verificationMethod: 'cryptographic' | 'pattern';\n riskLevel?: 'low' | 'medium' | 'high' | 'critical';\n timestamp: string;\n}\n\nexport interface AgentShieldConfig {\n wasmModule?: WebAssembly.Module;\n enableWasm?: boolean;\n onAgentDetected?: (result: DetectionResult) => void;\n blockAgents?: boolean;\n allowedAgents?: string[];\n debug?: boolean;\n}\n\ninterface WasmExports {\n detect_agent(metadataPtr: number, metadataLen: number): number;\n get_version(): number;\n __wbindgen_malloc(size: number): number;\n __wbindgen_free(ptr: number, size: number): void;\n __wbindgen_realloc(ptr: number, oldSize: number, newSize: number): number;\n memory: WebAssembly.Memory;\n}\n\nclass EdgeRuntimeAgentShield {\n private wasmInstance: WebAssembly.Instance | null = null;\n private wasmMemory: WebAssembly.Memory | null = null;\n private config: AgentShieldConfig;\n private initialized = false;\n\n constructor(config: AgentShieldConfig = {}) {\n this.config = config;\n }\n\n async init(wasmModule?: WebAssembly.Module): Promise<void> {\n if (this.initialized) return;\n\n const module = wasmModule || this.config.wasmModule;\n\n if (module && this.config.enableWasm !== false) {\n try {\n this.wasmMemory = new WebAssembly.Memory({ initial: 17, maximum: 256 });\n\n const imports = {\n wbg: {\n __wbindgen_throw: (ptr: number, len: number) => {\n throw new Error(this.readString(ptr, len));\n },\n __wbg_log_: (ptr: number, len: number) => {\n if (this.config.debug) {\n console.log(this.readString(ptr, len));\n }\n },\n },\n env: {\n memory: this.wasmMemory,\n },\n };\n\n this.wasmInstance = await WebAssembly.instantiate(module, imports);\n this.initialized = true;\n\n if (this.config.debug) {\n console.log('✅ AgentShield WASM initialized in Edge Runtime');\n }\n } catch (error) {\n console.warn('⚠️ WASM initialization failed, using pattern detection:', error);\n this.initialized = true;\n }\n } else {\n this.initialized = true;\n }\n }\n\n private readString(ptr: number, len: number): string {\n if (!this.wasmInstance || !this.wasmMemory) {\n throw new Error('WASM not initialized');\n }\n const memory = new Uint8Array(this.wasmMemory.buffer);\n const bytes = memory.slice(ptr, ptr + len);\n return new TextDecoder().decode(bytes);\n }\n\n private writeString(str: string): [number, number] {\n if (!this.wasmInstance) {\n throw new Error('WASM not initialized');\n }\n const exports = this.wasmInstance.exports as unknown as WasmExports;\n\n const encoded = new TextEncoder().encode(str);\n const ptr = exports.__wbindgen_malloc(encoded.length);\n\n const memory = new Uint8Array(exports.memory.buffer);\n memory.set(encoded, ptr);\n\n return [ptr, encoded.length];\n }\n\n async detect(request: NextRequest): Promise<DetectionResult> {\n if (!this.initialized) {\n await this.init();\n }\n\n const metadata = {\n userAgent: request.headers.get('user-agent') || '',\n ipAddress: getClientIp(request) || '',\n headers: Object.fromEntries(request.headers.entries()),\n };\n\n // Try WASM detection first\n if (this.wasmInstance && this.config.enableWasm !== false) {\n try {\n const exports = this.wasmInstance.exports as unknown as WasmExports;\n const [ptr, len] = this.writeString(JSON.stringify(metadata));\n\n const resultPtr = exports.detect_agent(ptr, len);\n // Read result with dynamic size\n let resultStr = '';\n let offset = 0;\n const memory = new Uint8Array((exports.memory as WebAssembly.Memory).buffer);\n\n // Read until we find the end of the JSON string\n while (offset < 4096) {\n // Max 4KB result\n const byte = memory[resultPtr + offset];\n if (byte === 0 || byte === undefined) break;\n offset++;\n }\n\n if (offset > 0) {\n resultStr = this.readString(resultPtr, offset);\n }\n\n exports.__wbindgen_free(ptr, len);\n if (offset > 0) {\n exports.__wbindgen_free(resultPtr, offset);\n }\n\n const result = JSON.parse(resultStr);\n\n const detection: DetectionResult = {\n ...result,\n verificationMethod: 'cryptographic',\n timestamp: new Date().toISOString(),\n };\n\n if (this.config.onAgentDetected && detection.isAgent) {\n this.config.onAgentDetected(detection);\n }\n\n return detection;\n } catch (error) {\n if (this.config.debug) {\n console.error('WASM detection failed:', error);\n }\n // Fall through to pattern detection\n }\n }\n\n // Fallback: Pattern-based detection\n return this.patternDetection(metadata);\n }\n\n private patternDetection(metadata: {\n userAgent: string;\n ipAddress: string;\n headers: Record<string, string>;\n }): DetectionResult {\n const userAgent = metadata.userAgent.toLowerCase();\n\n // Enhanced AI agent patterns with confidence scores\n const patterns = [\n // High confidence - explicit AI identifiers\n { pattern: /chatgpt-user/i, name: 'ChatGPT', confidence: 0.95 },\n { pattern: /claude-web/i, name: 'Claude', confidence: 0.95 },\n { pattern: /claude-user/i, name: 'Claude', confidence: 0.95 },\n { pattern: /gpt-crawler/i, name: 'GPT Crawler', confidence: 0.95 },\n { pattern: /perplexitybot/i, name: 'Perplexity', confidence: 0.95 },\n { pattern: /perplexity-user/i, name: 'Perplexity', confidence: 0.95 },\n { pattern: /perplexity-ai/i, name: 'Perplexity', confidence: 0.95 },\n\n // Medium-high confidence - company identifiers\n { pattern: /anthropic/i, name: 'Anthropic', confidence: 0.9 },\n { pattern: /openai/i, name: 'OpenAI', confidence: 0.9 },\n\n // Medium confidence - product names\n { pattern: /copilot/i, name: 'GitHub Copilot', confidence: 0.85 },\n { pattern: /bard/i, name: 'Google Bard', confidence: 0.85 },\n { pattern: /gemini/i, name: 'Google Gemini', confidence: 0.85 },\n { pattern: /perplexity/i, name: 'Perplexity', confidence: 0.85 }, // Fallback\n { pattern: /\\byou\\.com\\b/i, name: 'You.com', confidence: 0.8 },\n { pattern: /\\bphind\\b/i, name: 'Phind', confidence: 0.8 },\n ];\n\n // Check for suspicious headers\n const suspiciousHeaders = ['x-openai-', 'x-anthropic-', 'x-ai-', 'x-llm-', 'x-gpt-'];\n\n let headerBoost = 0;\n for (const [key] of Object.entries(metadata.headers)) {\n if (suspiciousHeaders.some((prefix) => key.toLowerCase().startsWith(prefix))) {\n headerBoost = 0.1;\n break;\n }\n }\n\n // Check patterns - patterns are ordered by confidence (highest first: 0.95, 0.90, 0.85...)\n // so breaking on first match returns the highest-confidence match\n for (const { pattern, name, confidence } of patterns) {\n if (pattern.test(userAgent)) {\n const finalConfidence = Math.min(confidence + headerBoost, 1.0);\n\n const result: DetectionResult = {\n isAgent: true,\n confidence: finalConfidence,\n agent: name,\n verificationMethod: 'pattern',\n riskLevel: finalConfidence > 0.9 ? 'high' : 'medium',\n timestamp: new Date().toISOString(),\n };\n\n if (this.config.onAgentDetected) {\n this.config.onAgentDetected(result);\n }\n\n return result;\n }\n }\n\n // Not detected\n return {\n isAgent: false,\n confidence: 0.85,\n verificationMethod: 'pattern',\n timestamp: new Date().toISOString(),\n };\n }\n\n isInitialized(): boolean {\n return this.initialized;\n }\n\n getVerificationMethod(): 'cryptographic' | 'pattern' {\n return this.wasmInstance ? 'cryptographic' : 'pattern';\n }\n}\n\n/**\n * Factory function to create an AgentShield instance for Edge Runtime\n */\nexport function createEdgeAgentShield(config?: AgentShieldConfig) {\n return new EdgeRuntimeAgentShield(config);\n}\n\n/**\n * Singleton instance for simple usage\n */\nlet defaultInstance: EdgeRuntimeAgentShield | null = null;\n\nexport function getDefaultAgentShield(config?: AgentShieldConfig): EdgeRuntimeAgentShield {\n if (!defaultInstance) {\n defaultInstance = new EdgeRuntimeAgentShield(config);\n }\n return defaultInstance;\n}\n"]}