npm - @llm-dev-ops/agentics-cli - Versions diffs - 1.4.32 → 1.4.35 - Mend

@llm-dev-ops/agentics-cli 1.4.32 → 1.4.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (400) hide show

package/dist/bundled-agents/policy-engine-agents/dist/security/audit-trail.d.ts ADDED Viewed

@@ -0,0 +1,82 @@
+/**
+ * Audit Trail System
+ *
+ * Append-only audit log for all policy mutations.
+ * Records are IMMUTABLE once written.
+ */
+import { Policy } from '../types/policy';
+/**
+ * Audit action types for policy mutations
+ */
+export type AuditAction = 'create' | 'edit' | 'enable' | 'disable' | 'delete' | 'version_update';
+/**
+ * Audit entry structure
+ */
+export interface AuditEntry {
+    id: string;
+    policy_id: string;
+    policy_version: number;
+    action: AuditAction;
+    actor_identity: string;
+    timestamp: Date;
+    before_hash: string | null;
+    after_hash: string | null;
+    correlation_id: string;
+    metadata: Record<string, unknown>;
+}
+/**
+ * Compute deterministic hash of policy state
+ */
+export declare function computePolicyHash(policy: Policy | null): string;
+/**
+ * Audit Trail Repository
+ * Append-only - no update or delete operations
+ */
+export declare class AuditTrailRepository {
+    /**
+     * Record a policy mutation
+     * This operation is APPEND-ONLY
+     */
+    record(entry: {
+        policyId: string;
+        policyVersion: number;
+        action: AuditAction;
+        actorIdentity: string;
+        correlationId: string;
+        beforeState: Policy | null;
+        afterState: Policy | null;
+        metadata?: Record<string, unknown>;
+    }): Promise<AuditEntry>;
+    /**
+     * Get audit trail for a specific policy
+     */
+    getByPolicyId(policyId: string, limit?: number): Promise<AuditEntry[]>;
+    /**
+     * Get audit trail for a specific policy version
+     */
+    getByPolicyVersion(policyId: string, version: number): Promise<AuditEntry[]>;
+    /**
+     * Get audit trail by actor
+     */
+    getByActor(actorIdentity: string, limit?: number): Promise<AuditEntry[]>;
+    /**
+     * Get audit trail by correlation ID (for request tracing)
+     */
+    getByCorrelationId(correlationId: string): Promise<AuditEntry[]>;
+    /**
+     * Get recent audit entries (for monitoring)
+     */
+    getRecent(limit?: number): Promise<AuditEntry[]>;
+    /**
+     * Verify audit chain integrity
+     * Checks that all entries are present and hashes are consistent
+     */
+    verifyIntegrity(policyId: string): Promise<{
+        valid: boolean;
+        entries: number;
+        issues: string[];
+    }>;
+    private mapRowToEntry;
+}
+export declare const auditTrail: AuditTrailRepository;
+//# sourceMappingURL=audit-trail.d.ts.map

package/dist/bundled-agents/policy-engine-agents/dist/security/audit-trail.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"audit-trail.d.ts","sourceRoot":"","sources":["../../src/security/audit-trail.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAEzC;;GAEG;AACH,MAAM,MAAM,WAAW,GACnB,QAAQ,GACR,MAAM,GACN,QAAQ,GACR,SAAS,GACT,QAAQ,GACR,gBAAgB,CAAC;AAErB;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,WAAW,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,IAAI,CAAC;IAChB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,GAAG,MAAM,CAiB/D;AAED;;;GAGG;AACH,qBAAa,oBAAoB;IAC/B;;;OAGG;IACG,MAAM,CAAC,KAAK,EAAE;QAClB,QAAQ,EAAE,MAAM,CAAC;QACjB,aAAa,EAAE,MAAM,CAAC;QACtB,MAAM,EAAE,WAAW,CAAC;QACpB,aAAa,EAAE,MAAM,CAAC;QACtB,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAC3B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;QAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KACpC,GAAG,OAAO,CAAC,UAAU,CAAC;IAgEvB;;OAEG;IACG,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,GAAE,MAAY,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAgBjF;;OAEG;IACG,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAelF;;OAEG;IACG,UAAU,CAAC,aAAa,EAAE,MAAM,EAAE,KAAK,GAAE,MAAY,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAgBnF;;OAEG;IACG,kBAAkB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAetE;;OAEG;IACG,SAAS,CAAC,KAAK,GAAE,MAAY,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAe3D;;;OAGG;IACG,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;QAC/C,KAAK,EAAE,OAAO,CAAC;QACf,OAAO,EAAE,MAAM,CAAC;QAChB,MAAM,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;IA6CF,OAAO,CAAC,aAAa;CActB;AAGD,eAAO,MAAM,UAAU,sBAA6B,CAAC"}

package/dist/bundled-agents/policy-engine-agents/dist/security/audit-trail.js ADDED Viewed

@@ -0,0 +1,234 @@
+"use strict";
+/**
+ * Audit Trail System
+ *
+ * Append-only audit log for all policy mutations.
+ * Records are IMMUTABLE once written.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.auditTrail = exports.AuditTrailRepository = void 0;
+exports.computePolicyHash = computePolicyHash;
+const client_1 = require("@db/client");
+const errors_1 = require("@utils/errors");
+const logger_1 = __importDefault(require("@utils/logger"));
+const crypto_1 = __importDefault(require("crypto"));
+/**
+ * Compute deterministic hash of policy state
+ */
+function computePolicyHash(policy) {
+    if (!policy) {
+        return 'null';
+    }
+    const normalized = JSON.stringify({
+        id: policy.metadata.id,
+        name: policy.metadata.name,
+        version: policy.metadata.version,
+        namespace: policy.metadata.namespace,
+        status: policy.status,
+        rules: policy.rules,
+    }, Object.keys({
+        id: 1, name: 1, version: 1, namespace: 1, status: 1, rules: 1
+    }).sort());
+    return crypto_1.default.createHash('sha256').update(normalized).digest('hex');
+}
+/**
+ * Audit Trail Repository
+ * Append-only - no update or delete operations
+ */
+class AuditTrailRepository {
+    /**
+     * Record a policy mutation
+     * This operation is APPEND-ONLY
+     */
+    async record(entry) {
+        const id = crypto_1.default.randomUUID();
+        const timestamp = new Date();
+        const beforeHash = computePolicyHash(entry.beforeState);
+        const afterHash = computePolicyHash(entry.afterState);
+        try {
+            const result = await client_1.db.query(`INSERT INTO policy_audit_trail (
+          id, policy_id, policy_version, action, actor_identity,
+          timestamp, before_hash, after_hash, correlation_id, metadata
+        ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
+        RETURNING *`, [
+                id,
+                entry.policyId,
+                entry.policyVersion,
+                entry.action,
+                entry.actorIdentity,
+                timestamp,
+                beforeHash,
+                afterHash,
+                entry.correlationId,
+                JSON.stringify(entry.metadata || {}),
+            ]);
+            const auditEntry = {
+                id: result.rows[0].id,
+                policy_id: result.rows[0].policy_id,
+                policy_version: result.rows[0].policy_version,
+                action: result.rows[0].action,
+                actor_identity: result.rows[0].actor_identity,
+                timestamp: result.rows[0].timestamp,
+                before_hash: result.rows[0].before_hash,
+                after_hash: result.rows[0].after_hash,
+                correlation_id: result.rows[0].correlation_id,
+                metadata: result.rows[0].metadata,
+            };
+            logger_1.default.info({
+                auditId: id,
+                policyId: entry.policyId,
+                policyVersion: entry.policyVersion,
+                action: entry.action,
+                actorIdentity: entry.actorIdentity,
+                correlationId: entry.correlationId,
+                beforeHash,
+                afterHash,
+            }, 'Audit entry recorded');
+            return auditEntry;
+        }
+        catch (error) {
+            // Log the failure but don't expose internal details
+            logger_1.default.error({
+                policyId: entry.policyId,
+                action: entry.action,
+                error: error instanceof Error ? error.message : 'Unknown error',
+            }, 'Failed to record audit entry');
+            throw new errors_1.DatabaseError('Failed to record audit entry');
+        }
+    }
+    /**
+     * Get audit trail for a specific policy
+     */
+    async getByPolicyId(policyId, limit = 100) {
+        try {
+            const result = await client_1.db.query(`SELECT * FROM policy_audit_trail
+         WHERE policy_id = $1
+         ORDER BY timestamp DESC
+         LIMIT $2`, [policyId, limit]);
+            return result.rows.map(this.mapRowToEntry);
+        }
+        catch (error) {
+            throw new errors_1.DatabaseError('Failed to retrieve audit trail');
+        }
+    }
+    /**
+     * Get audit trail for a specific policy version
+     */
+    async getByPolicyVersion(policyId, version) {
+        try {
+            const result = await client_1.db.query(`SELECT * FROM policy_audit_trail
+         WHERE policy_id = $1 AND policy_version = $2
+         ORDER BY timestamp DESC`, [policyId, version]);
+            return result.rows.map(this.mapRowToEntry);
+        }
+        catch (error) {
+            throw new errors_1.DatabaseError('Failed to retrieve audit trail by version');
+        }
+    }
+    /**
+     * Get audit trail by actor
+     */
+    async getByActor(actorIdentity, limit = 100) {
+        try {
+            const result = await client_1.db.query(`SELECT * FROM policy_audit_trail
+         WHERE actor_identity = $1
+         ORDER BY timestamp DESC
+         LIMIT $2`, [actorIdentity, limit]);
+            return result.rows.map(this.mapRowToEntry);
+        }
+        catch (error) {
+            throw new errors_1.DatabaseError('Failed to retrieve audit trail by actor');
+        }
+    }
+    /**
+     * Get audit trail by correlation ID (for request tracing)
+     */
+    async getByCorrelationId(correlationId) {
+        try {
+            const result = await client_1.db.query(`SELECT * FROM policy_audit_trail
+         WHERE correlation_id = $1
+         ORDER BY timestamp ASC`, [correlationId]);
+            return result.rows.map(this.mapRowToEntry);
+        }
+        catch (error) {
+            throw new errors_1.DatabaseError('Failed to retrieve audit trail by correlation ID');
+        }
+    }
+    /**
+     * Get recent audit entries (for monitoring)
+     */
+    async getRecent(limit = 100) {
+        try {
+            const result = await client_1.db.query(`SELECT * FROM policy_audit_trail
+         ORDER BY timestamp DESC
+         LIMIT $1`, [limit]);
+            return result.rows.map(this.mapRowToEntry);
+        }
+        catch (error) {
+            throw new errors_1.DatabaseError('Failed to retrieve recent audit entries');
+        }
+    }
+    /**
+     * Verify audit chain integrity
+     * Checks that all entries are present and hashes are consistent
+     */
+    async verifyIntegrity(policyId) {
+        try {
+            const entries = await this.getByPolicyId(policyId, 10000);
+            const issues = [];
+            // Check chronological order
+            for (let i = 1; i < entries.length; i++) {
+                if (entries[i].timestamp > entries[i - 1].timestamp) {
+                    issues.push(`Entry ${entries[i].id} has inconsistent timestamp order`);
+                }
+            }
+            // Check hash chain consistency
+            // The after_hash of one entry should match the before_hash of the next
+            const sortedByTime = [...entries].sort((a, b) => a.timestamp.getTime() - b.timestamp.getTime());
+            for (let i = 1; i < sortedByTime.length; i++) {
+                const prev = sortedByTime[i - 1];
+                const curr = sortedByTime[i];
+                // Only check if it's the same policy and sequential operations
+                if (prev.after_hash !== curr.before_hash && curr.action !== 'create') {
+                    // This might be okay if there was a parallel update - log but don't fail
+                    logger_1.default.warn({
+                        policyId,
+                        prevEntry: prev.id,
+                        currEntry: curr.id,
+                        prevAfterHash: prev.after_hash,
+                        currBeforeHash: curr.before_hash,
+                    }, 'Potential hash chain gap detected');
+                }
+            }
+            return {
+                valid: issues.length === 0,
+                entries: entries.length,
+                issues,
+            };
+        }
+        catch (error) {
+            throw new errors_1.DatabaseError('Failed to verify audit integrity');
+        }
+    }
+    mapRowToEntry(row) {
+        return {
+            id: row.id,
+            policy_id: row.policy_id,
+            policy_version: row.policy_version,
+            action: row.action,
+            actor_identity: row.actor_identity,
+            timestamp: row.timestamp,
+            before_hash: row.before_hash,
+            after_hash: row.after_hash,
+            correlation_id: row.correlation_id,
+            metadata: row.metadata || {},
+        };
+    }
+}
+exports.AuditTrailRepository = AuditTrailRepository;
+// Singleton instance
+exports.auditTrail = new AuditTrailRepository();
+//# sourceMappingURL=audit-trail.js.map

package/dist/bundled-agents/policy-engine-agents/dist/security/audit-trail.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"audit-trail.js","sourceRoot":"","sources":["../../src/security/audit-trail.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;;;;AAsCH,8CAiBC;AArDD,uCAAgC;AAChC,0CAA8C;AAC9C,2DAAmC;AACnC,oDAA4B;AA8B5B;;GAEG;AACH,SAAgB,iBAAiB,CAAC,MAAqB;IACrD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC;QAChC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,EAAE;QACtB,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;QAC1B,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,OAAO;QAChC,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,SAAS;QACpC,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,KAAK,EAAE,MAAM,CAAC,KAAK;KACpB,EAAE,MAAM,CAAC,IAAI,CAAC;QACb,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC;KAC9D,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAEX,OAAO,gBAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACtE,CAAC;AAED;;;GAGG;AACH,MAAa,oBAAoB;IAC/B;;;OAGG;IACH,KAAK,CAAC,MAAM,CAAC,KASZ;QACC,MAAM,EAAE,GAAG,gBAAM,CAAC,UAAU,EAAE,CAAC;QAC/B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;QAC7B,MAAM,UAAU,GAAG,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACxD,MAAM,SAAS,GAAG,iBAAiB,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAEtD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAE,CAAC,KAAK,CAC3B;;;;oBAIY,EACZ;gBACE,EAAE;gBACF,KAAK,CAAC,QAAQ;gBACd,KAAK,CAAC,aAAa;gBACnB,KAAK,CAAC,MAAM;gBACZ,KAAK,CAAC,aAAa;gBACnB,SAAS;gBACT,UAAU;gBACV,SAAS;gBACT,KAAK,CAAC,aAAa;gBACnB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC;aACrC,CACF,CAAC;YAEF,MAAM,UAAU,GAAe;gBAC7B,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE;gBACrB,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;gBACnC,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,cAAc;gBAC7C,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM;gBAC7B,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,cAAc;gBAC7C,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;gBACnC,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW;gBACvC,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU;gBACrC,cAAc,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,cAAc;gBAC7C,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ;aAClC,CAAC;YAEF,gBAAM,CAAC,IAAI,CAAC;gBACV,OAAO,EAAE,EAAE;gBACX,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,aAAa,EAAE,KAAK,CAAC,aAAa;gBAClC,MAAM,EAAE,KAAK,CAAC,MAAM;gBACpB,aAAa,EAAE,KAAK,CAAC,aAAa;gBAClC,aAAa,EAAE,KAAK,CAAC,aAAa;gBAClC,UAAU;gBACV,SAAS;aACV,EAAE,sBAAsB,CAAC,CAAC;YAE3B,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,oDAAoD;YACpD,gBAAM,CAAC,KAAK,CAAC;gBACX,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,MAAM,EAAE,KAAK,CAAC,MAAM;gBACpB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;aAChE,EAAE,8BAA8B,CAAC,CAAC;YAEnC,MAAM,IAAI,sBAAa,CAAC,8BAA8B,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,QAAgB,EAAE,QAAgB,GAAG;QACvD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAE,CAAC,KAAK,CAC3B;;;kBAGU,EACV,CAAC,QAAQ,EAAE,KAAK,CAAC,CAClB,CAAC;YAEF,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,sBAAa,CAAC,gCAAgC,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CAAC,QAAgB,EAAE,OAAe;QACxD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAE,CAAC,KAAK,CAC3B;;iCAEyB,EACzB,CAAC,QAAQ,EAAE,OAAO,CAAC,CACpB,CAAC;YAEF,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,sBAAa,CAAC,2CAA2C,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,aAAqB,EAAE,QAAgB,GAAG;QACzD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAE,CAAC,KAAK,CAC3B;;;kBAGU,EACV,CAAC,aAAa,EAAE,KAAK,CAAC,CACvB,CAAC;YAEF,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,sBAAa,CAAC,yCAAyC,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CAAC,aAAqB;QAC5C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAE,CAAC,KAAK,CAC3B;;gCAEwB,EACxB,CAAC,aAAa,CAAC,CAChB,CAAC;YAEF,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,sBAAa,CAAC,kDAAkD,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,QAAgB,GAAG;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAE,CAAC,KAAK,CAC3B;;kBAEU,EACV,CAAC,KAAK,CAAC,CACR,CAAC;YAEF,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,sBAAa,CAAC,yCAAyC,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,eAAe,CAAC,QAAgB;QAKpC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YAC1D,MAAM,MAAM,GAAa,EAAE,CAAC;YAE5B,4BAA4B;YAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACxC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;oBACpD,MAAM,CAAC,IAAI,CAAC,SAAS,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,mCAAmC,CAAC,CAAC;gBACzE,CAAC;YACH,CAAC;YAED,+BAA+B;YAC/B,uEAAuE;YACvE,MAAM,YAAY,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,SAAS,CAAC,OAAO,EAAE,CACxD,CAAC;YAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC7C,MAAM,IAAI,GAAG,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACjC,MAAM,IAAI,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;gBAE7B,+DAA+D;gBAC/D,IAAI,IAAI,CAAC,UAAU,KAAK,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;oBACrE,yEAAyE;oBACzE,gBAAM,CAAC,IAAI,CAAC;wBACV,QAAQ;wBACR,SAAS,EAAE,IAAI,CAAC,EAAE;wBAClB,SAAS,EAAE,IAAI,CAAC,EAAE;wBAClB,aAAa,EAAE,IAAI,CAAC,UAAU;wBAC9B,cAAc,EAAE,IAAI,CAAC,WAAW;qBACjC,EAAE,mCAAmC,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;gBAC1B,OAAO,EAAE,OAAO,CAAC,MAAM;gBACvB,MAAM;aACP,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,sBAAa,CAAC,kCAAkC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,GAAQ;QAC5B,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,cAAc,EAAE,GAAG,CAAC,cAAc;YAClC,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,cAAc,EAAE,GAAG,CAAC,cAAc;YAClC,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,WAAW,EAAE,GAAG,CAAC,WAAW;YAC5B,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,cAAc,EAAE,GAAG,CAAC,cAAc;YAClC,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,EAAE;SAC7B,CAAC;IACJ,CAAC;CACF;AA7OD,oDA6OC;AAED,qBAAqB;AACR,QAAA,UAAU,GAAG,IAAI,oBAAoB,EAAE,CAAC"}

package/dist/bundled-agents/policy-engine-agents/dist/security/index.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+/**
+ * Security Module Exports
+ *
+ * Enterprise security layer for the Policy Engine:
+ * - Agentics-only identity verification
+ * - Append-only audit trail
+ * - Policy governance and fail-closed validation
+ * - Versioned policy repository
+ * - Prometheus metrics
+ * - Post-auth rate limiting
+ */
+export { type AgenticsIdentity, type AuthenticatedRequest, requireAgenticsIdentity, requireScope, requireReadScope, requireWriteScope, requireAdminScope, hasApprovalAuthority, getActorIdentity, } from './agentics-identity';
+export { AuditAction, AuditEntry, AuditTrailRepository, auditTrail, computePolicyHash, } from './audit-trail';
+export { GovernanceViolationType, GovernanceViolation, GovernanceCheckResult, PolicyType, detectPolicyType, isProductionPolicy, validatePolicyGovernance, enforceGovernance, requiresApprovalForStatusChange, } from './policy-governance';
+export { VersionedPolicy, VersionQueryOptions, VersionedPolicyRepository, versionedPolicyRepository, } from './versioned-policy-repository';
+export { metricsRegistry, evaluationLatency, evaluationCounter, decisionCounter, validationFailures, governanceViolations, policyMutations, activePolicies, authAttempts, rateLimitHits, requestDuration, recordEvaluation, recordDecision, recordValidationFailure, recordGovernanceViolation, recordMutation, updateActivePolicyCount, recordAuthAttempt, recordRateLimitHit, recordRequestDuration, getMetrics, getMetricsJson, } from './metrics';
+export { createPostAuthRateLimiter, evaluationRateLimiter, mutationRateLimiter, readRateLimiter, strictRateLimiter, } from './rate-limiter';
+//# sourceMappingURL=index.d.ts.map

package/dist/bundled-agents/policy-engine-agents/dist/security/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EACL,KAAK,gBAAgB,EACrB,KAAK,oBAAoB,EACzB,uBAAuB,EACvB,YAAY,EACZ,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,oBAAoB,EACpB,gBAAgB,GACjB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,WAAW,EACX,UAAU,EACV,oBAAoB,EACpB,UAAU,EACV,iBAAiB,GAClB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,uBAAuB,EACvB,mBAAmB,EACnB,qBAAqB,EACrB,UAAU,EACV,gBAAgB,EAChB,kBAAkB,EAClB,wBAAwB,EACxB,iBAAiB,EACjB,+BAA+B,GAChC,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,eAAe,EACf,mBAAmB,EACnB,yBAAyB,EACzB,yBAAyB,GAC1B,MAAM,+BAA+B,CAAC;AAGvC,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,eAAe,EACf,kBAAkB,EAClB,oBAAoB,EACpB,eAAe,EACf,cAAc,EACd,YAAY,EACZ,aAAa,EACb,eAAe,EACf,gBAAgB,EAChB,cAAc,EACd,uBAAuB,EACvB,yBAAyB,EACzB,cAAc,EACd,uBAAuB,EACvB,iBAAiB,EACjB,kBAAkB,EAClB,qBAAqB,EACrB,UAAU,EACV,cAAc,GACf,MAAM,WAAW,CAAC;AAGnB,OAAO,EACL,yBAAyB,EACzB,qBAAqB,EACrB,mBAAmB,EACnB,eAAe,EACf,iBAAiB,GAClB,MAAM,gBAAgB,CAAC"}

package/dist/bundled-agents/policy-engine-agents/dist/security/index.js ADDED Viewed

@@ -0,0 +1,71 @@
+"use strict";
+/**
+ * Security Module Exports
+ *
+ * Enterprise security layer for the Policy Engine:
+ * - Agentics-only identity verification
+ * - Append-only audit trail
+ * - Policy governance and fail-closed validation
+ * - Versioned policy repository
+ * - Prometheus metrics
+ * - Post-auth rate limiting
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.strictRateLimiter = exports.readRateLimiter = exports.mutationRateLimiter = exports.evaluationRateLimiter = exports.createPostAuthRateLimiter = exports.getMetricsJson = exports.getMetrics = exports.recordRequestDuration = exports.recordRateLimitHit = exports.recordAuthAttempt = exports.updateActivePolicyCount = exports.recordMutation = exports.recordGovernanceViolation = exports.recordValidationFailure = exports.recordDecision = exports.recordEvaluation = exports.requestDuration = exports.rateLimitHits = exports.authAttempts = exports.activePolicies = exports.policyMutations = exports.governanceViolations = exports.validationFailures = exports.decisionCounter = exports.evaluationCounter = exports.evaluationLatency = exports.metricsRegistry = exports.versionedPolicyRepository = exports.VersionedPolicyRepository = exports.requiresApprovalForStatusChange = exports.enforceGovernance = exports.validatePolicyGovernance = exports.isProductionPolicy = exports.detectPolicyType = exports.computePolicyHash = exports.auditTrail = exports.AuditTrailRepository = exports.getActorIdentity = exports.hasApprovalAuthority = exports.requireAdminScope = exports.requireWriteScope = exports.requireReadScope = exports.requireScope = exports.requireAgenticsIdentity = void 0;
+// Identity & Authentication
+var agentics_identity_1 = require("./agentics-identity");
+Object.defineProperty(exports, "requireAgenticsIdentity", { enumerable: true, get: function () { return agentics_identity_1.requireAgenticsIdentity; } });
+Object.defineProperty(exports, "requireScope", { enumerable: true, get: function () { return agentics_identity_1.requireScope; } });
+Object.defineProperty(exports, "requireReadScope", { enumerable: true, get: function () { return agentics_identity_1.requireReadScope; } });
+Object.defineProperty(exports, "requireWriteScope", { enumerable: true, get: function () { return agentics_identity_1.requireWriteScope; } });
+Object.defineProperty(exports, "requireAdminScope", { enumerable: true, get: function () { return agentics_identity_1.requireAdminScope; } });
+Object.defineProperty(exports, "hasApprovalAuthority", { enumerable: true, get: function () { return agentics_identity_1.hasApprovalAuthority; } });
+Object.defineProperty(exports, "getActorIdentity", { enumerable: true, get: function () { return agentics_identity_1.getActorIdentity; } });
+// Audit Trail
+var audit_trail_1 = require("./audit-trail");
+Object.defineProperty(exports, "AuditTrailRepository", { enumerable: true, get: function () { return audit_trail_1.AuditTrailRepository; } });
+Object.defineProperty(exports, "auditTrail", { enumerable: true, get: function () { return audit_trail_1.auditTrail; } });
+Object.defineProperty(exports, "computePolicyHash", { enumerable: true, get: function () { return audit_trail_1.computePolicyHash; } });
+// Policy Governance
+var policy_governance_1 = require("./policy-governance");
+Object.defineProperty(exports, "detectPolicyType", { enumerable: true, get: function () { return policy_governance_1.detectPolicyType; } });
+Object.defineProperty(exports, "isProductionPolicy", { enumerable: true, get: function () { return policy_governance_1.isProductionPolicy; } });
+Object.defineProperty(exports, "validatePolicyGovernance", { enumerable: true, get: function () { return policy_governance_1.validatePolicyGovernance; } });
+Object.defineProperty(exports, "enforceGovernance", { enumerable: true, get: function () { return policy_governance_1.enforceGovernance; } });
+Object.defineProperty(exports, "requiresApprovalForStatusChange", { enumerable: true, get: function () { return policy_governance_1.requiresApprovalForStatusChange; } });
+// Versioned Policy Repository
+var versioned_policy_repository_1 = require("./versioned-policy-repository");
+Object.defineProperty(exports, "VersionedPolicyRepository", { enumerable: true, get: function () { return versioned_policy_repository_1.VersionedPolicyRepository; } });
+Object.defineProperty(exports, "versionedPolicyRepository", { enumerable: true, get: function () { return versioned_policy_repository_1.versionedPolicyRepository; } });
+// Metrics
+var metrics_1 = require("./metrics");
+Object.defineProperty(exports, "metricsRegistry", { enumerable: true, get: function () { return metrics_1.metricsRegistry; } });
+Object.defineProperty(exports, "evaluationLatency", { enumerable: true, get: function () { return metrics_1.evaluationLatency; } });
+Object.defineProperty(exports, "evaluationCounter", { enumerable: true, get: function () { return metrics_1.evaluationCounter; } });
+Object.defineProperty(exports, "decisionCounter", { enumerable: true, get: function () { return metrics_1.decisionCounter; } });
+Object.defineProperty(exports, "validationFailures", { enumerable: true, get: function () { return metrics_1.validationFailures; } });
+Object.defineProperty(exports, "governanceViolations", { enumerable: true, get: function () { return metrics_1.governanceViolations; } });
+Object.defineProperty(exports, "policyMutations", { enumerable: true, get: function () { return metrics_1.policyMutations; } });
+Object.defineProperty(exports, "activePolicies", { enumerable: true, get: function () { return metrics_1.activePolicies; } });
+Object.defineProperty(exports, "authAttempts", { enumerable: true, get: function () { return metrics_1.authAttempts; } });
+Object.defineProperty(exports, "rateLimitHits", { enumerable: true, get: function () { return metrics_1.rateLimitHits; } });
+Object.defineProperty(exports, "requestDuration", { enumerable: true, get: function () { return metrics_1.requestDuration; } });
+Object.defineProperty(exports, "recordEvaluation", { enumerable: true, get: function () { return metrics_1.recordEvaluation; } });
+Object.defineProperty(exports, "recordDecision", { enumerable: true, get: function () { return metrics_1.recordDecision; } });
+Object.defineProperty(exports, "recordValidationFailure", { enumerable: true, get: function () { return metrics_1.recordValidationFailure; } });
+Object.defineProperty(exports, "recordGovernanceViolation", { enumerable: true, get: function () { return metrics_1.recordGovernanceViolation; } });
+Object.defineProperty(exports, "recordMutation", { enumerable: true, get: function () { return metrics_1.recordMutation; } });
+Object.defineProperty(exports, "updateActivePolicyCount", { enumerable: true, get: function () { return metrics_1.updateActivePolicyCount; } });
+Object.defineProperty(exports, "recordAuthAttempt", { enumerable: true, get: function () { return metrics_1.recordAuthAttempt; } });
+Object.defineProperty(exports, "recordRateLimitHit", { enumerable: true, get: function () { return metrics_1.recordRateLimitHit; } });
+Object.defineProperty(exports, "recordRequestDuration", { enumerable: true, get: function () { return metrics_1.recordRequestDuration; } });
+Object.defineProperty(exports, "getMetrics", { enumerable: true, get: function () { return metrics_1.getMetrics; } });
+Object.defineProperty(exports, "getMetricsJson", { enumerable: true, get: function () { return metrics_1.getMetricsJson; } });
+// Rate Limiting
+var rate_limiter_1 = require("./rate-limiter");
+Object.defineProperty(exports, "createPostAuthRateLimiter", { enumerable: true, get: function () { return rate_limiter_1.createPostAuthRateLimiter; } });
+Object.defineProperty(exports, "evaluationRateLimiter", { enumerable: true, get: function () { return rate_limiter_1.evaluationRateLimiter; } });
+Object.defineProperty(exports, "mutationRateLimiter", { enumerable: true, get: function () { return rate_limiter_1.mutationRateLimiter; } });
+Object.defineProperty(exports, "readRateLimiter", { enumerable: true, get: function () { return rate_limiter_1.readRateLimiter; } });
+Object.defineProperty(exports, "strictRateLimiter", { enumerable: true, get: function () { return rate_limiter_1.strictRateLimiter; } });
+//# sourceMappingURL=index.js.map

package/dist/bundled-agents/policy-engine-agents/dist/security/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;AAEH,4BAA4B;AAC5B,yDAU6B;AAP3B,4HAAA,uBAAuB,OAAA;AACvB,iHAAA,YAAY,OAAA;AACZ,qHAAA,gBAAgB,OAAA;AAChB,sHAAA,iBAAiB,OAAA;AACjB,sHAAA,iBAAiB,OAAA;AACjB,yHAAA,oBAAoB,OAAA;AACpB,qHAAA,gBAAgB,OAAA;AAGlB,cAAc;AACd,6CAMuB;AAHrB,mHAAA,oBAAoB,OAAA;AACpB,yGAAA,UAAU,OAAA;AACV,gHAAA,iBAAiB,OAAA;AAGnB,oBAAoB;AACpB,yDAU6B;AAL3B,qHAAA,gBAAgB,OAAA;AAChB,uHAAA,kBAAkB,OAAA;AAClB,6HAAA,wBAAwB,OAAA;AACxB,sHAAA,iBAAiB,OAAA;AACjB,oIAAA,+BAA+B,OAAA;AAGjC,8BAA8B;AAC9B,6EAKuC;AAFrC,wIAAA,yBAAyB,OAAA;AACzB,wIAAA,yBAAyB,OAAA;AAG3B,UAAU;AACV,qCAuBmB;AAtBjB,0GAAA,eAAe,OAAA;AACf,4GAAA,iBAAiB,OAAA;AACjB,4GAAA,iBAAiB,OAAA;AACjB,0GAAA,eAAe,OAAA;AACf,6GAAA,kBAAkB,OAAA;AAClB,+GAAA,oBAAoB,OAAA;AACpB,0GAAA,eAAe,OAAA;AACf,yGAAA,cAAc,OAAA;AACd,uGAAA,YAAY,OAAA;AACZ,wGAAA,aAAa,OAAA;AACb,0GAAA,eAAe,OAAA;AACf,2GAAA,gBAAgB,OAAA;AAChB,yGAAA,cAAc,OAAA;AACd,kHAAA,uBAAuB,OAAA;AACvB,oHAAA,yBAAyB,OAAA;AACzB,yGAAA,cAAc,OAAA;AACd,kHAAA,uBAAuB,OAAA;AACvB,4GAAA,iBAAiB,OAAA;AACjB,6GAAA,kBAAkB,OAAA;AAClB,gHAAA,qBAAqB,OAAA;AACrB,qGAAA,UAAU,OAAA;AACV,yGAAA,cAAc,OAAA;AAGhB,gBAAgB;AAChB,+CAMwB;AALtB,yHAAA,yBAAyB,OAAA;AACzB,qHAAA,qBAAqB,OAAA;AACrB,mHAAA,mBAAmB,OAAA;AACnB,+GAAA,eAAe,OAAA;AACf,iHAAA,iBAAiB,OAAA"}

package/dist/bundled-agents/policy-engine-agents/dist/security/metrics.d.ts ADDED Viewed

@@ -0,0 +1,96 @@
+/**
+ * Enterprise Metrics Module
+ *
+ * Provides structured metrics for:
+ * - Evaluation latency
+ * - Policy hit rates
+ * - Deny vs allow ratios
+ * - Validation failures
+ */
+import { Counter, Histogram, Gauge, Registry } from 'prom-client';
+export declare const metricsRegistry: Registry<"text/plain; version=0.0.4; charset=utf-8">;
+/**
+ * Evaluation latency histogram
+ */
+export declare const evaluationLatency: Histogram<"decision" | "cached" | "policy_id">;
+/**
+ * Policy evaluation counter
+ */
+export declare const evaluationCounter: Counter<"decision" | "namespace" | "policy_id">;
+/**
+ * Deny vs Allow counter
+ */
+export declare const decisionCounter: Counter<"decision" | "namespace" | "policy_type">;
+/**
+ * Validation failure counter
+ */
+export declare const validationFailures: Counter<"namespace" | "severity" | "violation_type">;
+/**
+ * Governance violation counter
+ */
+export declare const governanceViolations: Counter<"policy_type" | "violation_type">;
+/**
+ * Policy mutation counter
+ */
+export declare const policyMutations: Counter<"action" | "namespace" | "actor_type">;
+/**
+ * Active policies gauge
+ */
+export declare const activePolicies: Gauge<"namespace" | "policy_type">;
+/**
+ * Authentication attempts counter
+ */
+export declare const authAttempts: Counter<"result" | "identity_type">;
+/**
+ * Rate limit hits counter
+ */
+export declare const rateLimitHits: Counter<"endpoint" | "identity">;
+/**
+ * Request duration histogram
+ */
+export declare const requestDuration: Histogram<"status" | "path" | "method">;
+/**
+ * Record an evaluation metric
+ */
+export declare function recordEvaluation(policyId: string, decision: string, namespace: string, latencyMs: number, cached: boolean): void;
+/**
+ * Record a decision metric
+ */
+export declare function recordDecision(decision: string, namespace: string, policyType: string): void;
+/**
+ * Record a validation failure
+ */
+export declare function recordValidationFailure(violationType: string, severity: string, namespace: string): void;
+/**
+ * Record a governance violation
+ */
+export declare function recordGovernanceViolation(violationType: string, policyType: string): void;
+/**
+ * Record a policy mutation
+ */
+export declare function recordMutation(action: string, namespace: string, actorType: string): void;
+/**
+ * Update active policy count
+ */
+export declare function updateActivePolicyCount(namespace: string, policyType: string, count: number): void;
+/**
+ * Record authentication attempt
+ */
+export declare function recordAuthAttempt(result: 'success' | 'failure', identityType: string): void;
+/**
+ * Record rate limit hit
+ */
+export declare function recordRateLimitHit(endpoint: string, identity: string): void;
+/**
+ * Record request duration
+ */
+export declare function recordRequestDuration(method: string, path: string, status: number, durationMs: number): void;
+/**
+ * Get metrics in Prometheus format
+ */
+export declare function getMetrics(): Promise<string>;
+/**
+ * Get metrics as JSON (for debugging)
+ */
+export declare function getMetricsJson(): Promise<object>;
+//# sourceMappingURL=metrics.d.ts.map

package/dist/bundled-agents/policy-engine-agents/dist/security/metrics.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"metrics.d.ts","sourceRoot":"","sources":["../../src/security/metrics.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAGlE,eAAO,MAAM,eAAe,sDAAiB,CAAC;AAM9C;;GAEG;AACH,eAAO,MAAM,iBAAiB,gDAM5B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,iBAAiB,iDAK5B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,eAAe,mDAK1B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,kBAAkB,sDAK7B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,oBAAoB,2CAK/B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,eAAe,gDAK1B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,cAAc,oCAKzB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,YAAY,qCAKvB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,aAAa,kCAKxB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,eAAe,yCAM1B,CAAC;AAEH;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,OAAO,GACd,IAAI,CAON;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,GACjB,IAAI,CAEN;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAChB,IAAI,CAEN;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,aAAa,EAAE,MAAM,EACrB,UAAU,EAAE,MAAM,GACjB,IAAI,CAEN;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GAChB,IAAI,CAEN;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,MAAM,GACZ,IAAI,CAEN;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,MAAM,EAAE,SAAS,GAAG,SAAS,EAC7B,YAAY,EAAE,MAAM,GACnB,IAAI,CAEN;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAE3E;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,UAAU,EAAE,MAAM,GACjB,IAAI,CAEN;AAED;;GAEG;AACH,wBAAsB,UAAU,IAAI,OAAO,CAAC,MAAM,CAAC,CAElD;AAED;;GAEG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAEtD"}