@lumenflow/kernel 3.0.0

package/dist/tool-host/builtins/capabilities.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"capabilities.js","sourceRoot":"","sources":["../../../src/tool-host/builtins/capabilities.ts"],"names":[],"mappings":"AAAA,iCAAiC;AACjC,sCAAsC;AAEtC,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,UAAU,MAAM,YAAY,CAAC;AACpC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE9F,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAEnD,MAAM,kBAAkB,GAAG;IACzB,aAAa,EAAE,iBAAiB,CAAC,eAAe;IAChD,sBAAsB,EAAE,iBAAiB,CAAC,sBAAsB;CACxD,CAAC;AAEX,MAAM,kBAAkB,GAAG;IACzB,OAAO,EAAE,SAAS;IAClB,QAAQ,EAAE,UAAU;IACpB,SAAS,EAAE,WAAW;CACd,CAAC;AAEX,MAAM,0BAA0B,GAAG;IACjC,QAAQ,EAAE,8BAA8B;IACxC,SAAS,EAAE,+BAA+B;CAClC,CAAC;AACX,MAAM,eAAe,GAAG,iBAAiB,CAAC;AAC1C,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAErC,MAAM,cAAc,GAAG,CAAC,aAAa,EAAE,eAAe,CAAU,CAAC;AAEjE,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE;CAC5C,CAAC,CAAC;AAEH,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE;CACtC,CAAC,CAAC;AAEH,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE;CAC5C,CAAC,CAAC;AAEH,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IACnC,MAAM,EAAE,CAAC,CAAC,OAAO,EAAE;IACnB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;CAC1B,CAAC,CAAC;AAEH,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IACnC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CACtC,CAAC,CAAC;AAEH,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IAC3B,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;CACnB,CAAC,CAAC;AAiBH,SAAS,aAAa,CAAC,KAAgB;IACrC,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC1B,OAAO,GAAG,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;IAC1D,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;AAC1C,CAAC;AAED,SAAS,YAAY,CAAC,MAAmB;IACvC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,OAAO,GAAgB,EAAE,CAAC;IAChC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;QACjC,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YAClB,SAAS;QACX,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY,EAAE,OAAe;IACvD,OAAO;QACL,OAAO,EAAE,KAAK;QACd,KAAK,EAAE;YACL,IAAI;YACJ,OAAO;SACR;KACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,KAAc,EAAE,MAAmB;IAC1D,MAAM,WAAW,GAAG,iBAAiB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACvD,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;QACzB,OAAO,kBAAkB,CAAC,eAAe,EAAE,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpD,MAAM,WAAW,GAAG,mBAAmB,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IAC9D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,kBAAkB,CACvB,iBAAiB,EACjB,QAAQ,YAAY,mDAAmD,CACxE,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,QAAQ,IAAI,aAAa,CAAC;IAC5D,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC3D,OAAO;YACL,OAAO,EAAE,IAAI;YACb,IAAI,EAAE;gBACJ,IAAI,EAAE,YAAY;gBAClB,OAAO;gBACP,KAAK,EAAE,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC;aAClC;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,kBAAkB,CAAC,gBAAgB,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;IACxE,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAmB,EAAE,QAAgB;IAChE,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAC9B,CAAC,KAAK,EAAiD,EAAE,CACvD,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,CACnD,CAAC;IAEF,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACpD,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAC/B,UAAU,CAAC,OAAO,CAAC,cAAc,EAAE,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAC/E,CAAC;AACJ,CAAC;AAED,SAAS,sBAAsB,CAAC,MAAmB;IACjD,OAAO;QACL,IAAI,EAAE,kBAAkB,CAAC,OAAO;QAChC,MAAM,EAAE,YAAY;QACpB,OAAO,EAAE,oBAAoB;QAC7B,YAAY,EAAE,iBAAiB;QAC/B,aAAa,EAAE,kBAAkB;QACjC,UAAU,EAAE,MAAM;QAClB,eAAe,EAAE,MAAM;QACvB,OAAO,EAAE;YACP,IAAI,EAAE,YAAY;YAClB,EAAE,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,EAAE,MAAM,CAAC;SACxC;QACD,WAAW,EAAE,yCAAyC;QACtD,IAAI,EAAE,eAAe;KACtB,CAAC;AACJ,CAAC;AAED,SAAS,uBAAuB,CAAC,MAAmB,EAAE,KAAa;IACjE,OAAO;QACL,IAAI,EAAE,kBAAkB,CAAC,QAAQ;QACjC,MAAM,EAAE,YAAY;QACpB,OAAO,EAAE,oBAAoB;QAC7B,YAAY,EAAE,kBAAkB;QAChC,aAAa,EAAE,mBAAmB;QAClC,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,MAAM;QACvB,OAAO,EAAE;YACP,IAAI,EAAE,YAAY;YAClB,KAAK;SACN;QACD,WAAW,EAAE,2DAA2D;QACxE,IAAI,EAAE,eAAe;KACtB,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB,CAAC,MAAmB,EAAE,KAAa;IAClE,OAAO;QACL,IAAI,EAAE,kBAAkB,CAAC,SAAS;QAClC,MAAM,EAAE,SAAS;QACjB,OAAO,EAAE,oBAAoB;QAC7B,YAAY,EAAE,mBAAmB;QACjC,aAAa,EAAE,oBAAoB;QACnC,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,MAAM;QACvB,OAAO,EAAE;YACP,IAAI,EAAE,YAAY;YAClB,KAAK;SACN;QACD,WAAW,EAAE,mEAAmE;QAChF,IAAI,EAAE,eAAe;KACtB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,6BAA6B,CAAC,OAA2B;IACvE,MAAM,aAAa,GAAG,YAAY,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IAC3D,MAAM,iBAAiB,GAAG;QACxB,OAAO,EAAE,OAAO,CAAC,iBAAiB,EAAE,OAAO,IAAI,0BAA0B,CAAC,QAAQ;QAClF,QAAQ,EAAE,OAAO,CAAC,iBAAiB,EAAE,QAAQ,IAAI,0BAA0B,CAAC,SAAS;KACtF,CAAC;IAEF,MAAM,YAAY,GAAqB;QACrC,sBAAsB,CAAC,aAAa,CAAC;QACrC,uBAAuB,CAAC,aAAa,EAAE,iBAAiB,CAAC,OAAO,CAAC;KAClE,CAAC;IAEF,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;QACjC,YAAY,CAAC,IAAI,CAAC,wBAAwB,CAAC,aAAa,EAAE,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC;IACzF,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,YAA8B;IACzE,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,KAAK,kBAAkB,CAAC,SAAS,CAAC,CAAC;AAC/F,CAAC;AAED,MAAM,UAAU,+BAA+B,CAC7C,QAAsB,EACtB,OAA2B;IAE3B,MAAM,YAAY,GAAG,6BAA6B,CAAC,OAAO,CAAC,CAAC;IAC5D,KAAK,MAAM,UAAU,IAAI,YAAY,EAAE,CAAC;QACtC,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAChC,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,UAAgC,EAAE;IACxE,MAAM,qBAAqB,GAAG,OAAO,CAAC,qBAAqB,IAAI,KAAK,CAAC;IACrE,OAAO,KAAK,EAAE,KAAsB,EAAE,EAAE;QACtC,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,KAAK,kBAAkB,CAAC,SAAS,IAAI,CAAC,qBAAqB,EAAE,CAAC;YACrF,OAAO;gBACL;oBACE,SAAS,EAAE,kBAAkB,CAAC,sBAAsB;oBACpD,QAAQ,EAAE,MAAM;oBAChB,MAAM,EAAE,oEAAoE;iBAC7E;aACF,CAAC;QACJ,CAAC;QAED,OAAO;YACL;gBACE,SAAS,EAAE,kBAAkB,CAAC,aAAa;gBAC3C,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,yCAAyC;aAClD;SACF,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/dist/tool-host/builtins/index.d.ts

@@ -0,0 +1,2 @@
+export * from './capabilities.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/tool-host/builtins/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/tool-host/builtins/index.ts"],"names":[],"mappings":"AAGA,cAAc,mBAAmB,CAAC"}

package/dist/tool-host/builtins/index.js

@@ -0,0 +1,4 @@
+// Copyright (c) 2026 Hellmai Ltd
+// SPDX-License-Identifier: Apache-2.0
+export * from './capabilities.js';
+//# sourceMappingURL=index.js.map

package/dist/tool-host/builtins/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/tool-host/builtins/index.ts"],"names":[],"mappings":"AAAA,iCAAiC;AACjC,sCAAsC;AAEtC,cAAc,mBAAmB,CAAC"}

package/dist/tool-host/index.d.ts

@@ -0,0 +1,5 @@
+export * from './scope-intersection.js';
+export * from './subprocess-dispatcher.js';
+export * from './tool-host.js';
+export * from './tool-registry.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/tool-host/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/tool-host/index.ts"],"names":[],"mappings":"AAGA,cAAc,yBAAyB,CAAC;AACxC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,gBAAgB,CAAC;AAC/B,cAAc,oBAAoB,CAAC"}

package/dist/tool-host/index.js

@@ -0,0 +1,7 @@
+// Copyright (c) 2026 Hellmai Ltd
+// SPDX-License-Identifier: Apache-2.0
+export * from './scope-intersection.js';
+export * from './subprocess-dispatcher.js';
+export * from './tool-host.js';
+export * from './tool-registry.js';
+//# sourceMappingURL=index.js.map

package/dist/tool-host/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/tool-host/index.ts"],"names":[],"mappings":"AAAA,iCAAiC;AACjC,sCAAsC;AAEtC,cAAc,yBAAyB,CAAC;AACxC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,gBAAgB,CAAC;AAC/B,cAAc,oBAAoB,CAAC"}

package/dist/tool-host/scope-intersection.d.ts

@@ -0,0 +1,10 @@
+import type { ToolScope } from '../kernel.schemas.js';
+export interface ScopeIntersectionInput {
+    workspaceAllowed: ToolScope[];
+    laneAllowed: ToolScope[];
+    taskDeclared: ToolScope[];
+    toolRequired: ToolScope[];
+}
+export declare function patternContains(containerPattern: string, nestedPattern: string): boolean;
+export declare function intersectToolScopes(input: ScopeIntersectionInput): ToolScope[];
+//# sourceMappingURL=scope-intersection.d.ts.map

package/dist/tool-host/scope-intersection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scope-intersection.d.ts","sourceRoot":"","sources":["../../src/tool-host/scope-intersection.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAMtD,MAAM,WAAW,sBAAsB;IACrC,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,WAAW,EAAE,SAAS,EAAE,CAAC;IACzB,YAAY,EAAE,SAAS,EAAE,CAAC;IAC1B,YAAY,EAAE,SAAS,EAAE,CAAC;CAC3B;AAmCD,wBAAgB,eAAe,CAAC,gBAAgB,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,GAAG,OAAO,CAuDxF;AAqID,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,sBAAsB,GAAG,SAAS,EAAE,CAuB9E"}

package/dist/tool-host/scope-intersection.js

@@ -0,0 +1,188 @@
+// Copyright (c) 2026 Hellmai Ltd
+// SPDX-License-Identifier: Apache-2.0
+import micromatch from 'micromatch';
+function toPathScopes(scopes, access) {
+    return scopes.filter((scope) => scope.type === 'path' && scope.access === access);
+}
+function toNetworkScopes(scopes) {
+    return scopes.filter((scope) => scope.type === 'network');
+}
+// Heuristic: does containerPattern glob-contain nestedPattern?
+//
+// Converts the nested pattern into synthetic test paths by replacing
+// double-star with representative expansions and single-star with
+// __segment__, then checks if the container matches ALL of them.
+//
+// GUARANTEES:
+// - Correct for literal paths and simple wildcard hierarchies
+//   (e.g. packages/double-star contains packages/foo/bar/double-star)
+// - Correct for single-star segments (e.g. star.ts contains foo.ts)
+// - Negation patterns (!) in either operand are rejected (return false)
+// - Multiple depth expansions for double-star prevent false positives
+//   from fixed-depth container patterns
+//
+// APPROXIMATIONS / KNOWN LIMITATIONS (WU-1864):
+// - Brace expansion ({a,b}): partially handled by micromatch on the
+//   container side, but the nested side's braces become literal text in
+//   the synthetic path. This can produce false negatives but NOT false
+//   positives (safe direction for security).
+// - Character classes ([abc]): similar to brace expansion -- container
+//   side works, nested side becomes literal. Safe direction.
+//
+// @internal Exported for property-based fuzz testing (WU-1864).
+export function patternContains(containerPattern, nestedPattern) {
+    // Negation patterns are not supported by this heuristic. Returning
+    // false is the safe direction (denies access rather than granting it).
+    if (containerPattern.startsWith('!') || nestedPattern.startsWith('!')) {
+        return false;
+    }
+    // When the nested pattern contains double-star (matches 0+ segments),
+    // a single synthetic expansion can falsely match fixed-depth containers.
+    // Test multiple depth expansions and require ALL valid ones to match
+    // the container.
+    const hasGlobstar = nestedPattern.includes('**');
+    if (hasGlobstar) {
+        // Generate test paths at different depths to verify containment
+        // across the full range of what double-star can match.
+        const rawExpansions = [
+            // 0 segments: double-star matches empty (strip the globstar segment)
+            nestedPattern
+                .replace(/\*\*\/?/g, '')
+                .replace(/\/+/g, '/')
+                .replace(/^\/|\/$/g, ''),
+            // 1 segment depth
+            nestedPattern.replace(/\*\*/g, '__depth1__'),
+            // 2 segment depth
+            nestedPattern.replace(/\*\*/g, '__depth2a__/__depth2b__'),
+            // 3 segment depth
+            nestedPattern.replace(/\*\*/g, '__depth3a__/__depth3b__/__depth3c__'),
+        ];
+        // Replace remaining single-stars in all expansions
+        const testPaths = rawExpansions
+            .map((p) => p.replace(/\*/g, '__segment__'))
+            .filter((p) => p.length > 0);
+        // Only include test paths that the nested pattern itself would match.
+        // Some depth expansions produce paths that the nested pattern does not
+        // actually match (e.g. 0-depth expansion of star/doublestar produces
+        // __segment__ which star/doublestar does not match). Including those
+        // would cause false negatives.
+        const validTestPaths = testPaths.filter((tp) => micromatch.isMatch(tp, nestedPattern));
+        // ALL valid synthetic paths must match the container for containment
+        // to hold. If any valid expansion fails, the heuristic conservatively
+        // returns false. This prevents false positives where a fixed-depth
+        // container incorrectly claims to contain a globstar pattern.
+        return (validTestPaths.length > 0 &&
+            validTestPaths.every((tp) => micromatch.isMatch(tp, containerPattern)));
+    }
+    // No globstar: simple replacement of single-star with a test segment.
+    const testPath = nestedPattern.replace(/\*/g, '__segment__');
+    return micromatch.isMatch(testPath, containerPattern);
+}
+function patternsOverlap(left, right) {
+    return (left === right ||
+        patternContains(left, right) ||
+        patternContains(right, left) ||
+        micromatch.isMatch(right, left) ||
+        micromatch.isMatch(left, right));
+}
+function allPatternsOverlap(patterns) {
+    for (let i = 0; i < patterns.length; i += 1) {
+        const left = patterns[i];
+        if (left === undefined) {
+            continue;
+        }
+        for (let j = i + 1; j < patterns.length; j += 1) {
+            const right = patterns[j];
+            if (right === undefined) {
+                continue;
+            }
+            if (!patternsOverlap(left, right)) {
+                return false;
+            }
+        }
+    }
+    return true;
+}
+function specificityScore(pattern) {
+    const literalLength = pattern.replace(/[*[\]{}()!?+@]/g, '').length;
+    const wildcardCount = (pattern.match(/\*/g) ?? []).length;
+    return literalLength - wildcardCount * 5;
+}
+function selectNarrowestPattern(patterns) {
+    return ([...patterns].sort((left, right) => specificityScore(right) - specificityScore(left))[0] ??
+        patterns[0] ??
+        '');
+}
+function intersectPathScopes(workspaceAllowed, laneAllowed, taskDeclared, toolRequired, access) {
+    const workspace = toPathScopes(workspaceAllowed, access);
+    const lane = toPathScopes(laneAllowed, access);
+    const task = toPathScopes(taskDeclared, access);
+    const tool = toPathScopes(toolRequired, access);
+    if (workspace.length === 0 || lane.length === 0 || task.length === 0 || tool.length === 0) {
+        return [];
+    }
+    const scopes = new Map();
+    for (const toolScope of tool) {
+        for (const workspaceScope of workspace) {
+            if (!patternsOverlap(toolScope.pattern, workspaceScope.pattern)) {
+                continue;
+            }
+            for (const laneScope of lane) {
+                if (!patternsOverlap(toolScope.pattern, laneScope.pattern)) {
+                    continue;
+                }
+                for (const taskScope of task) {
+                    if (!patternsOverlap(toolScope.pattern, taskScope.pattern)) {
+                        continue;
+                    }
+                    const candidates = [
+                        workspaceScope.pattern,
+                        laneScope.pattern,
+                        taskScope.pattern,
+                        toolScope.pattern,
+                    ];
+                    if (!allPatternsOverlap(candidates)) {
+                        continue;
+                    }
+                    const pattern = selectNarrowestPattern(candidates);
+                    const dedupeKey = `${access}:${pattern}`;
+                    scopes.set(dedupeKey, {
+                        type: 'path',
+                        access,
+                        pattern,
+                    });
+                }
+            }
+        }
+    }
+    return [...scopes.values()];
+}
+function intersectNetworkScopes(workspaceAllowed, laneAllowed, taskDeclared, toolRequired) {
+    const workspace = toNetworkScopes(workspaceAllowed);
+    const lane = toNetworkScopes(laneAllowed);
+    const task = toNetworkScopes(taskDeclared);
+    const tool = toNetworkScopes(toolRequired);
+    if (workspace.length === 0 || lane.length === 0 || task.length === 0 || tool.length === 0) {
+        return [];
+    }
+    const scopes = new Map();
+    for (const toolScope of tool) {
+        const posture = toolScope.posture;
+        if (workspace.some((scope) => scope.posture === posture) &&
+            lane.some((scope) => scope.posture === posture) &&
+            task.some((scope) => scope.posture === posture)) {
+            scopes.set(posture, {
+                type: 'network',
+                posture,
+            });
+        }
+    }
+    return [...scopes.values()];
+}
+export function intersectToolScopes(input) {
+    const readPaths = intersectPathScopes(input.workspaceAllowed, input.laneAllowed, input.taskDeclared, input.toolRequired, 'read');
+    const writePaths = intersectPathScopes(input.workspaceAllowed, input.laneAllowed, input.taskDeclared, input.toolRequired, 'write');
+    const network = intersectNetworkScopes(input.workspaceAllowed, input.laneAllowed, input.taskDeclared, input.toolRequired);
+    return [...readPaths, ...writePaths, ...network];
+}
+//# sourceMappingURL=scope-intersection.js.map

package/dist/tool-host/scope-intersection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scope-intersection.js","sourceRoot":"","sources":["../../src/tool-host/scope-intersection.ts"],"names":[],"mappings":"AAAA,iCAAiC;AACjC,sCAAsC;AAEtC,OAAO,UAAU,MAAM,YAAY,CAAC;AAcpC,SAAS,YAAY,CAAC,MAAmB,EAAE,MAAkB;IAC3D,OAAO,MAAM,CAAC,MAAM,CAClB,CAAC,KAAK,EAAsB,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,CAChF,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,MAAmB;IAC1C,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAyB,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;AACnF,CAAC;AAED,+DAA+D;AAC/D,EAAE;AACF,qEAAqE;AACrE,kEAAkE;AAClE,iEAAiE;AACjE,EAAE;AACF,cAAc;AACd,8DAA8D;AAC9D,sEAAsE;AACtE,oEAAoE;AACpE,wEAAwE;AACxE,sEAAsE;AACtE,wCAAwC;AACxC,EAAE;AACF,gDAAgD;AAChD,oEAAoE;AACpE,wEAAwE;AACxE,uEAAuE;AACvE,6CAA6C;AAC7C,uEAAuE;AACvE,6DAA6D;AAC7D,EAAE;AACF,gEAAgE;AAChE,MAAM,UAAU,eAAe,CAAC,gBAAwB,EAAE,aAAqB;IAC7E,mEAAmE;IACnE,uEAAuE;IACvE,IAAI,gBAAgB,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACtE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,sEAAsE;IACtE,yEAAyE;IACzE,qEAAqE;IACrE,iBAAiB;IACjB,MAAM,WAAW,GAAG,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAEjD,IAAI,WAAW,EAAE,CAAC;QAChB,gEAAgE;QAChE,uDAAuD;QACvD,MAAM,aAAa,GAAG;YACpB,qEAAqE;YACrE,aAAa;iBACV,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC;iBACvB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;iBACpB,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC;YAC1B,kBAAkB;YAClB,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,YAAY,CAAC;YAC5C,kBAAkB;YAClB,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,yBAAyB,CAAC;YACzD,kBAAkB;YAClB,aAAa,CAAC,OAAO,CAAC,OAAO,EAAE,qCAAqC,CAAC;SACtE,CAAC;QAEF,mDAAmD;QACnD,MAAM,SAAS,GAAG,aAAa;aAC5B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;aAC3C,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAE/B,sEAAsE;QACtE,uEAAuE;QACvE,qEAAqE;QACrE,qEAAqE;QACrE,+BAA+B;QAC/B,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,EAAE,aAAa,CAAC,CAAC,CAAC;QAEvF,qEAAqE;QACrE,sEAAsE;QACtE,mEAAmE;QACnE,8DAA8D;QAC9D,OAAO,CACL,cAAc,CAAC,MAAM,GAAG,CAAC;YACzB,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,EAAE,gBAAgB,CAAC,CAAC,CACvE,CAAC;IACJ,CAAC;IAED,sEAAsE;IACtE,MAAM,QAAQ,GAAG,aAAa,CAAC,OAAO,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;IAC7D,OAAO,UAAU,CAAC,OAAO,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,KAAa;IAClD,OAAO,CACL,IAAI,KAAK,KAAK;QACd,eAAe,CAAC,IAAI,EAAE,KAAK,CAAC;QAC5B,eAAe,CAAC,KAAK,EAAE,IAAI,CAAC;QAC5B,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC;QAC/B,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAChC,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAkB;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACzB,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,SAAS;QACX,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC1B,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBACxB,SAAS;YACX,CAAC;YACD,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,CAAC;gBAClC,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAe;IACvC,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,iBAAiB,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC;IACpE,MAAM,aAAa,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IAC1D,OAAO,aAAa,GAAG,aAAa,GAAG,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAkB;IAChD,OAAO,CACL,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,gBAAgB,CAAC,KAAK,CAAC,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QACxF,QAAQ,CAAC,CAAC,CAAC;QACX,EAAE,CACH,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAC1B,gBAA6B,EAC7B,WAAwB,EACxB,YAAyB,EACzB,YAAyB,EACzB,MAAkB;IAElB,MAAM,SAAS,GAAG,YAAY,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IACzD,MAAM,IAAI,GAAG,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAChD,MAAM,IAAI,GAAG,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAEhD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1F,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAqB,CAAC;IAE5C,KAAK,MAAM,SAAS,IAAI,IAAI,EAAE,CAAC;QAC7B,KAAK,MAAM,cAAc,IAAI,SAAS,EAAE,CAAC;YACvC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,OAAO,EAAE,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;gBAChE,SAAS;YACX,CAAC;YACD,KAAK,MAAM,SAAS,IAAI,IAAI,EAAE,CAAC;gBAC7B,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3D,SAAS;gBACX,CAAC;gBACD,KAAK,MAAM,SAAS,IAAI,IAAI,EAAE,CAAC;oBAC7B,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;wBAC3D,SAAS;oBACX,CAAC;oBACD,MAAM,UAAU,GAAG;wBACjB,cAAc,CAAC,OAAO;wBACtB,SAAS,CAAC,OAAO;wBACjB,SAAS,CAAC,OAAO;wBACjB,SAAS,CAAC,OAAO;qBAClB,CAAC;oBACF,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;wBACpC,SAAS;oBACX,CAAC;oBACD,MAAM,OAAO,GAAG,sBAAsB,CAAC,UAAU,CAAC,CAAC;oBACnD,MAAM,SAAS,GAAG,GAAG,MAAM,IAAI,OAAO,EAAE,CAAC;oBACzC,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE;wBACpB,IAAI,EAAE,MAAM;wBACZ,MAAM;wBACN,OAAO;qBACR,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,sBAAsB,CAC7B,gBAA6B,EAC7B,WAAwB,EACxB,YAAyB,EACzB,YAAyB;IAEzB,MAAM,SAAS,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAC;IACpD,MAAM,IAAI,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;IAE3C,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1F,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAyC,CAAC;IAChE,KAAK,MAAM,SAAS,IAAI,IAAI,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,CAAC;QAClC,IACE,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,KAAK,OAAO,CAAC;YACpD,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,KAAK,OAAO,CAAC;YAC/C,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,KAAK,OAAO,CAAC,EAC/C,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE;gBAClB,IAAI,EAAE,SAAS;gBACf,OAAO;aACR,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;AAC9B,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,KAA6B;IAC/D,MAAM,SAAS,GAAG,mBAAmB,CACnC,KAAK,CAAC,gBAAgB,EACtB,KAAK,CAAC,WAAW,EACjB,KAAK,CAAC,YAAY,EAClB,KAAK,CAAC,YAAY,EAClB,MAAM,CACP,CAAC;IACF,MAAM,UAAU,GAAG,mBAAmB,CACpC,KAAK,CAAC,gBAAgB,EACtB,KAAK,CAAC,WAAW,EACjB,KAAK,CAAC,YAAY,EAClB,KAAK,CAAC,YAAY,EAClB,OAAO,CACR,CAAC;IACF,MAAM,OAAO,GAAG,sBAAsB,CACpC,KAAK,CAAC,gBAAgB,EACtB,KAAK,CAAC,WAAW,EACjB,KAAK,CAAC,YAAY,EAClB,KAAK,CAAC,YAAY,CACnB,CAAC;IAEF,OAAO,CAAC,GAAG,SAAS,EAAE,GAAG,UAAU,EAAE,GAAG,OAAO,CAAC,CAAC;AACnD,CAAC"}

package/dist/tool-host/subprocess-dispatcher.d.ts

@@ -0,0 +1,14 @@
+import type { ExecutionContext, ToolCapability, ToolOutput, ToolScope } from '../kernel.schemas.js';
+export interface SubprocessDispatchRequest {
+    capability: ToolCapability;
+    input: unknown;
+    context: ExecutionContext;
+    scopeEnforced: ToolScope[];
+}
+export interface SubprocessDispatcher {
+    dispatch(request: SubprocessDispatchRequest): Promise<ToolOutput>;
+}
+export declare class DefaultSubprocessDispatcher implements SubprocessDispatcher {
+    dispatch(): Promise<ToolOutput>;
+}
+//# sourceMappingURL=subprocess-dispatcher.d.ts.map

package/dist/tool-host/subprocess-dispatcher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"subprocess-dispatcher.d.ts","sourceRoot":"","sources":["../../src/tool-host/subprocess-dispatcher.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,cAAc,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAEpG,MAAM,WAAW,yBAAyB;IACxC,UAAU,EAAE,cAAc,CAAC;IAC3B,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,gBAAgB,CAAC;IAC1B,aAAa,EAAE,SAAS,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,OAAO,EAAE,yBAAyB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;CACnE;AAED,qBAAa,2BAA4B,YAAW,oBAAoB;IAChE,QAAQ,IAAI,OAAO,CAAC,UAAU,CAAC;CAStC"}

package/dist/tool-host/subprocess-dispatcher.js

@@ -0,0 +1,14 @@
+// Copyright (c) 2026 Hellmai Ltd
+// SPDX-License-Identifier: Apache-2.0
+export class DefaultSubprocessDispatcher {
+    async dispatch() {
+        return {
+            success: false,
+            error: {
+                code: 'SUBPROCESS_NOT_AVAILABLE',
+                message: 'Subprocess execution unavailable: no subprocess dispatcher was configured.',
+            },
+        };
+    }
+}
+//# sourceMappingURL=subprocess-dispatcher.js.map

package/dist/tool-host/subprocess-dispatcher.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"subprocess-dispatcher.js","sourceRoot":"","sources":["../../src/tool-host/subprocess-dispatcher.ts"],"names":[],"mappings":"AAAA,iCAAiC;AACjC,sCAAsC;AAetC,MAAM,OAAO,2BAA2B;IACtC,KAAK,CAAC,QAAQ;QACZ,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE;gBACL,IAAI,EAAE,0BAA0B;gBAChC,OAAO,EAAE,4EAA4E;aACtF;SACF,CAAC;IACJ,CAAC;CACF"}

package/dist/tool-host/tool-host.d.ts

@@ -0,0 +1,42 @@
+import { type ExecutionContext, type PolicyDecision, type ToolCapability, type ToolOutput, type ToolScope } from '../kernel.schemas.js';
+import { EvidenceStore } from '../evidence/evidence-store.js';
+import { ToolRegistry } from './tool-registry.js';
+import { type SubprocessDispatcher } from './subprocess-dispatcher.js';
+export interface PolicyHookInput {
+    capability: ToolCapability;
+    input: unknown;
+    context: ExecutionContext;
+    scopeEnforced: ToolScope[];
+}
+export type PolicyHook = (input: PolicyHookInput) => Promise<PolicyDecision[]>;
+export interface ToolHostOptions {
+    registry: ToolRegistry;
+    evidenceStore: EvidenceStore;
+    subprocessDispatcher?: SubprocessDispatcher;
+    policyHook: PolicyHook;
+    runtimeVersion?: string;
+    now?: () => Date;
+    /** Optional callback invoked when trace recording fails. Provides observability into silent catch blocks. */
+    onTraceError?: (error: Error) => void;
+}
+export declare function allowAllPolicyHook(): Promise<PolicyDecision[]>;
+export declare class ToolHost {
+    private readonly registry;
+    private readonly evidenceStore;
+    private readonly subprocessDispatcher;
+    private readonly policyHook;
+    private readonly runtimeVersion;
+    private readonly now;
+    private readonly onTraceError?;
+    constructor(options: ToolHostOptions);
+    onStartup(): Promise<number>;
+    onShutdown(): Promise<number>;
+    execute(name: string, input: unknown, ctx: ExecutionContext): Promise<ToolOutput>;
+    private resolveScope;
+    private authorize;
+    private dispatch;
+    private normalizeOutput;
+    private recordDeniedTrace;
+    private recordTrace;
+}
+//# sourceMappingURL=tool-host.d.ts.map

package/dist/tool-host/tool-host.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-host.d.ts","sourceRoot":"","sources":["../../src/tool-host/tool-host.ts"],"names":[],"mappings":"AAMA,OAAO,EAML,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,UAAU,EACf,KAAK,SAAS,EACf,MAAM,sBAAsB,CAAC;AAW9B,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAA+B,KAAK,oBAAoB,EAAE,MAAM,4BAA4B,CAAC;AAEpG,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,cAAc,CAAC;IAC3B,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,EAAE,gBAAgB,CAAC;IAC1B,aAAa,EAAE,SAAS,EAAE,CAAC;CAC5B;AAED,MAAM,MAAM,UAAU,GAAG,CAAC,KAAK,EAAE,eAAe,KAAK,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC;AAE/E,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,YAAY,CAAC;IACvB,aAAa,EAAE,aAAa,CAAC;IAC7B,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;IAC5C,UAAU,EAAE,UAAU,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC;IACjB,6GAA6G;IAC7G,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CACvC;AAyDD,wBAAsB,kBAAkB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC,CAQpE;AAED,qBAAa,QAAQ;IACnB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAe;IACxC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAgB;IAC9C,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAuB;IAC5D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAa;IACxC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAa;IACjC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAyB;gBAE3C,OAAO,EAAE,eAAe;IAgB9B,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC;IAI5B,UAAU,IAAI,OAAO,CAAC,MAAM,CAAC;IAI7B,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,UAAU,CAAC;IA4HvF,OAAO,CAAC,YAAY;YA+BN,SAAS;YAyHT,QAAQ;IA2BtB,OAAO,CAAC,eAAe;YA8BT,iBAAiB;YAqBjB,WAAW;CAwC1B"}