@n8n/expression-runtime 0.2.0 → 0.3.0

package/ARCHITECTURE.md

@@ -306,7 +306,7 @@ packages/@n8n/expression-runtime/
 
 **Future-Proofing**: Frontend will use Web Workers. Backend uses isolated-vm. Abstract bridge allows adding new environments without changing other layers.
 
-**Testing**: NodeVmBridge allows fast testing without native isolated-vm dependency.
+**Testing**: Integration tests use `IsolatedVmBridge` directly (see `src/__tests__/integration.test.ts`).
 
 ## Known Limitations
 
@@ -361,16 +361,15 @@ The runtime has **no access** to:
 - ❌ Cookies
 
 The runtime **can only**:
-- ✅ Call `getDataSync()` to fetch workflow data
+- ✅ Call back to host via `ivm.Reference` callbacks to fetch workflow data
 - ✅ Access lodash and Luxon libraries
 - ✅ Execute pure JavaScript code
 
 ## Testing Strategy
 
-**Runtime Tests** (vitest):
-- Use NodeVmBridge for fast, isolated tests
-- Test lazy loading, helpers, error handling
-- No native dependencies required
+**Integration Tests** (vitest):
+- Use `IsolatedVmBridge` with real `isolated-vm`
+- Test lazy loading, helpers, error handling, security wrappers
 
 **Bridge Tests** (vitest):
 - Test each bridge implementation

package/LICENSE_EE.md

@@ -0,0 +1,27 @@
+# The n8n Enterprise License (the “Enterprise License”)
+
+Copyright (c) 2022-present n8n GmbH.
+
+With regard to the n8n Software:
+
+This software and associated documentation files (the "Software") may only be used in production, if
+you (and any entity that you represent) hold a valid n8n Enterprise license corresponding to your
+usage. Subject to the foregoing sentence, you are free to modify this Software and publish patches
+to the Software. You agree that n8n and/or its licensors (as applicable) retain all right, title and
+interest in and to all such modifications and/or patches, and all such modifications and/or patches
+may only be used, copied, modified, displayed, distributed, or otherwise exploited with a valid n8n
+Enterprise license for the corresponding usage. Notwithstanding the foregoing, you may copy and
+modify the Software for development and testing purposes, without requiring a subscription. You
+agree that n8n and/or its licensors (as applicable) retain all right, title and interest in and to
+all such modifications. You are not granted any other rights beyond what is expressly stated herein.
+Subject to the foregoing, it is forbidden to copy, merge, publish, distribute, sublicense, and/or
+sell the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT
+NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
+OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+For all third party components incorporated into the n8n Software, those components are licensed
+under the original license provided by the owner of the applicable component.

package/README.md

@@ -7,12 +7,12 @@ Secure, isolated expression evaluation runtime for n8n workflows.
 **In progress — landing as a series of incremental PRs.**
 
 Implemented so far:
-- ✅ TypeScript interfaces and architecture design
-- ✅ Core architecture documentation
+- ✅ TypeScript interfaces and architecture design (PR 1)
+- ✅ Core architecture documentation (PR 1)
+- ✅ Runtime bundle: extension functions, deep lazy proxy system (PR 2)
+- ✅ `IsolatedVmBridge`: V8 isolate management via `isolated-vm` (PR 3)
 
 Coming in later PRs:
-- 🚧 Runtime bundle: extension functions, deep lazy proxy system (PR 2)
-- 🚧 `IsolatedVmBridge`: V8 isolate management via `isolated-vm` (PR 3)
 - 🚧 `ExpressionEvaluator`: tournament integration, expression code caching (PR 4)
 - 🚧 Integration tests (PR 4)
 - 🚧 Workflow integration behind `N8N_EXPRESSION_ENGINE=vm` flag (PR 5)
@@ -165,7 +165,7 @@ interface RuntimeBridge {
 
 ### Bridge Implementations
 
-- **IsolatedVmBridge**: 🚧 For Node.js backend (isolated-vm with V8 isolates) - coming in PR 3
+- **IsolatedVmBridge**: ✅ For Node.js backend (isolated-vm with V8 isolates)
   - Memory isolation with hard 128MB limit
   - Timeout enforcement (5s default)
   - Deep lazy proxy system for workflow data
@@ -185,9 +185,9 @@ interface EvaluatorConfig {
 }
 
 interface BridgeConfig {
-  memoryLimit?: number;        // Default: 128 MB (PR 3)
-  timeout?: number;            // Default: 5000 ms (PR 3)
-  debug?: boolean;             // Default: false (PR 3)
+  memoryLimit?: number;        // Default: 128 MB
+  timeout?: number;            // Default: 5000 ms
+  debug?: boolean;             // Default: false
 }
 ```
 

package/dist/bridge/isolated-vm-bridge.d.ts

@@ -0,0 +1,132 @@
+import type { RuntimeBridge, BridgeConfig } from '../types';
+/**
+ * IsolatedVmBridge - Runtime bridge using isolated-vm for secure expression evaluation.
+ *
+ * This bridge creates a V8 isolate with:
+ * - Hard memory limit (128MB default)
+ * - No access to Node.js APIs
+ * - Timeout enforcement
+ * - Complete isolation from host process
+ *
+ * Context reuse pattern: Create isolate/context once, reset state between evaluations.
+ */
+export declare class IsolatedVmBridge implements RuntimeBridge {
+    private isolate;
+    private context?;
+    private initialized;
+    private disposed;
+    private config;
+    private scriptCache;
+    private valueAtPathRef?;
+    private arrayElementRef?;
+    private callFunctionRef?;
+    constructor(config?: BridgeConfig);
+    /**
+     * Initialize the isolate and create execution context.
+     *
+     * Steps:
+     * 1. Create context
+     * 2. Set up basic globals (global reference)
+     * 3. Load runtime bundle (DateTime, extend, proxy system)
+     * 4. Verify proxy system
+     *
+     * Must be called before execute().
+     */
+    initialize(): Promise<void>;
+    /**
+     * Load runtime bundle into the isolate.
+     *
+     * The runtime bundle includes:
+     * - DateTime, extend, extendOptional (expression engine globals)
+     * - SafeObject and SafeError wrappers
+     * - createDeepLazyProxy function
+     * - __data object initialization
+     *
+     * @private
+     * @throws {Error} If context not initialized or bundle loading fails
+     */
+    private loadVendorLibraries;
+    /**
+     * Verify the proxy system loaded correctly.
+     *
+     * The proxy system is loaded as part of the runtime bundle in loadVendorLibraries().
+     * This method verifies all required components are available.
+     *
+     * @private
+     * @throws {Error} If context not initialized or proxy system verification fails
+     */
+    private verifyProxySystem;
+    /**
+     * Inject the E() error handler into the isolate context.
+     *
+     * Tournament wraps expressions with try-catch that calls E(error, this).
+     * This handler:
+     * - Re-throws security violations from __sanitize
+     * - Swallows TypeErrors (failed attack attempts return undefined)
+     * - Re-throws all other errors
+     *
+     * @private
+     * @throws {Error} If context not initialized
+     */
+    private injectErrorHandler;
+    /**
+     * Reset data proxies in the isolate context.
+     *
+     * This method should be called before each execute() to:
+     * 1. Clear proxy caches from previous evaluations
+     * 2. Initialize fresh workflow data references
+     * 3. Expose workflow properties to globalThis
+     *
+     * The reset function runs in the isolate and calls back to the host
+     * via ivm.Reference callbacks to fetch workflow data.
+     *
+     * @private
+     * @throws {Error} If context not initialized or reset fails
+     */
+    private resetDataProxies;
+    /**
+     * Register callback functions for cross-isolate communication.
+     *
+     * Creates three ivm.Reference callbacks that the runtime bundle uses
+     * to fetch data from the host process:
+     *
+     * - __getValueAtPath: Returns metadata or primitive for a property path
+     * - __getArrayElement: Returns individual array elements
+     * - __callFunctionAtPath: Executes functions in host context
+     *
+     * These callbacks are called synchronously from isolate proxy traps.
+     *
+     * @param data - Current workflow data to use for callback responses
+     * @private
+     */
+    private registerCallbacks;
+    /**
+     * Execute JavaScript code in the isolated context.
+     *
+     * Flow:
+     * 1. Register callbacks as ivm.Reference for cross-isolate communication
+     * 2. Call resetDataProxies() to initialize workflow data proxies
+     * 3. Compile script (with caching for performance)
+     * 4. Execute with timeout enforcement
+     * 5. Return result (copied from isolate)
+     *
+     * @param code - JavaScript expression to evaluate
+     * @param data - Workflow data (e.g., { $json: {...}, $runIndex: 0 })
+     * @returns Result of the expression
+     * @throws {Error} If bridge not initialized or execution fails
+     */
+    execute(code: string, data: Record<string, unknown>): unknown;
+    /**
+     * Dispose of the isolate and free resources.
+     *
+     * After disposal, the bridge cannot be used again.
+     */
+    dispose(): Promise<void>;
+    /**
+     * Check if the bridge has been disposed.
+     *
+     * @returns true if disposed, false otherwise
+     */
+    isDisposed(): boolean;
+}
+//# sourceMappingURL=isolated-vm-bridge.d.ts.map

package/dist/bridge/isolated-vm-bridge.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"isolated-vm-bridge.d.ts","sourceRoot":"","sources":["../../src/bridge/isolated-vm-bridge.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAM5D;;;;;;;;;;GAUG;AACH,qBAAa,gBAAiB,YAAW,aAAa;IACrD,OAAO,CAAC,OAAO,CAAc;IAC7B,OAAO,CAAC,OAAO,CAAC,CAAc;IAC9B,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,MAAM,CAAyB;IAIvC,OAAO,CAAC,WAAW,CAAiC;IAIpD,OAAO,CAAC,cAAc,CAAC,CAAgB;IACvC,OAAO,CAAC,eAAe,CAAC,CAAgB;IACxC,OAAO,CAAC,eAAe,CAAC,CAAgB;gBAE5B,MAAM,GAAE,YAAiB;IAYrC;;;;;;;;;;OAUG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAgCjC;;;;;;;;;;;OAWG;YACW,mBAAmB;IAsCjC;;;;;;;;OAQG;YACW,iBAAiB;IA+B/B;;;;;;;;;;;OAWG;YACW,kBAAkB;IA0BhC;;;;;;;;;;;;;OAaG;IACH,OAAO,CAAC,gBAAgB;IAmBxB;;;;;;;;;;;;;;OAcG;IACH,OAAO,CAAC,iBAAiB;IA8HzB;;;;;;;;;;;;;;OAcG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO;IA6C7D;;;;OAIG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAwB9B;;;;OAIG;IACH,UAAU,IAAI,OAAO;CAGrB"}

package/dist/bridge/isolated-vm-bridge.js

@@ -0,0 +1,427 @@
+import ivm from 'isolated-vm';
+import { readFile } from 'node:fs/promises';
+import * as path from 'node:path';
+import { fileURLToPath } from 'node:url';
+// Get __dirname equivalent for ES modules
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+/**
+ * IsolatedVmBridge - Runtime bridge using isolated-vm for secure expression evaluation.
+ *
+ * This bridge creates a V8 isolate with:
+ * - Hard memory limit (128MB default)
+ * - No access to Node.js APIs
+ * - Timeout enforcement
+ * - Complete isolation from host process
+ *
+ * Context reuse pattern: Create isolate/context once, reset state between evaluations.
+ */
+export class IsolatedVmBridge {
+    isolate;
+    context;
+    initialized = false;
+    disposed = false;
+    config;
+    // Script compilation cache for performance
+    // Maps expression code -> compiled ivm.Script
+    scriptCache = new Map();
+    // Active ivm.Reference callbacks — released before each re-registration
+    // to prevent reference accumulation across execute() calls
+    valueAtPathRef;
+    arrayElementRef;
+    callFunctionRef;
+    constructor(config = {}) {
+        this.config = {
+            memoryLimit: config.memoryLimit ?? 128,
+            timeout: config.timeout ?? 5000,
+            debug: config.debug ?? false,
+        };
+        // Create isolate with memory limit
+        // Note: memoryLimit is in MB
+        this.isolate = new ivm.Isolate({ memoryLimit: this.config.memoryLimit });
+    }
+    /**
+     * Initialize the isolate and create execution context.
+     *
+     * Steps:
+     * 1. Create context
+     * 2. Set up basic globals (global reference)
+     * 3. Load runtime bundle (DateTime, extend, proxy system)
+     * 4. Verify proxy system
+     *
+     * Must be called before execute().
+     */
+    async initialize() {
+        if (this.initialized) {
+            return;
+        }
+        // Create context in the isolate
+        this.context = await this.isolate.createContext();
+        // Set up basic globals
+        // jail is a reference to the context's global object
+        const jail = this.context.global;
+        // Set 'global' to reference itself (pattern from POC)
+        // This allows code in isolate to access 'global.something'
+        await jail.set('global', jail.derefInto());
+        // Load runtime bundle (DateTime, extend, SafeObject, proxy system)
+        await this.loadVendorLibraries();
+        // Verify proxy system loaded correctly
+        await this.verifyProxySystem();
+        // Inject E() error handler needed by tournament-generated try-catch code
+        await this.injectErrorHandler();
+        this.initialized = true;
+        if (this.config.debug) {
+            console.log('[IsolatedVmBridge] Initialized successfully');
+        }
+    }
+    /**
+     * Load runtime bundle into the isolate.
+     *
+     * The runtime bundle includes:
+     * - DateTime, extend, extendOptional (expression engine globals)
+     * - SafeObject and SafeError wrappers
+     * - createDeepLazyProxy function
+     * - __data object initialization
+     *
+     * @private
+     * @throws {Error} If context not initialized or bundle loading fails
+     */
+    async loadVendorLibraries() {
+        if (!this.context) {
+            throw new Error('Context not initialized');
+        }
+        try {
+            // Load runtime bundle (includes vendor libraries + proxy system)
+            // Path: dist/bundle/runtime.iife.js
+            const runtimeBundlePath = path.join(__dirname, '../../dist/bundle/runtime.iife.js');
+            const runtimeBundle = await readFile(runtimeBundlePath, 'utf-8');
+            // Evaluate bundle in isolate context
+            // This makes all exported globals available (DateTime, extend, extendOptional, SafeObject, SafeError, createDeepLazyProxy, resetDataProxies, __data)
+            await this.context.eval(runtimeBundle);
+            if (this.config.debug) {
+                console.log('[IsolatedVmBridge] Runtime bundle loaded from:', runtimeBundlePath);
+            }
+            // Verify vendor libraries loaded correctly
+            const hasDateTime = await this.context.eval('typeof DateTime !== "undefined"');
+            const hasExtend = await this.context.eval('typeof extend !== "undefined"');
+            if (!hasDateTime || !hasExtend) {
+                throw new Error(`Library verification failed: DateTime=${hasDateTime}, extend=${hasExtend}`);
+            }
+            if (this.config.debug) {
+                console.log('[IsolatedVmBridge] Vendor libraries verified successfully');
+            }
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            throw new Error(`Failed to load runtime bundle: ${errorMessage}`);
+        }
+    }
+    /**
+     * Verify the proxy system loaded correctly.
+     *
+     * The proxy system is loaded as part of the runtime bundle in loadVendorLibraries().
+     * This method verifies all required components are available.
+     *
+     * @private
+     * @throws {Error} If context not initialized or proxy system verification fails
+     */
+    async verifyProxySystem() {
+        if (!this.context) {
+            throw new Error('Context not initialized');
+        }
+        try {
+            // Verify proxy system components loaded correctly
+            const hasProxyCreator = await this.context.eval('typeof createDeepLazyProxy !== "undefined"');
+            const hasData = await this.context.eval('typeof __data !== "undefined"');
+            const hasSafeObject = await this.context.eval('typeof SafeObject !== "undefined"');
+            const hasSafeError = await this.context.eval('typeof SafeError !== "undefined"');
+            const hasResetFunction = await this.context.eval('typeof resetDataProxies !== "undefined"');
+            if (!hasProxyCreator || !hasData || !hasSafeObject || !hasSafeError || !hasResetFunction) {
+                throw new Error(`Proxy system verification failed: ` +
+                    `createDeepLazyProxy=${hasProxyCreator}, __data=${hasData}, ` +
+                    `SafeObject=${hasSafeObject}, SafeError=${hasSafeError}, ` +
+                    `resetDataProxies=${hasResetFunction}`);
+            }
+            if (this.config.debug) {
+                console.log('[IsolatedVmBridge] Proxy system verified successfully');
+            }
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            throw new Error(`Failed to verify proxy system: ${errorMessage}`);
+        }
+    }
+    /**
+     * Inject the E() error handler into the isolate context.
+     *
+     * Tournament wraps expressions with try-catch that calls E(error, this).
+     * This handler:
+     * - Re-throws security violations from __sanitize
+     * - Swallows TypeErrors (failed attack attempts return undefined)
+     * - Re-throws all other errors
+     *
+     * @private
+     * @throws {Error} If context not initialized
+     */
+    async injectErrorHandler() {
+        if (!this.context) {
+            throw new Error('Context not initialized');
+        }
+        await this.context.eval(`
+			if (typeof E === 'undefined') {
+				globalThis.E = function(error, _context) {
+					// Re-throw security violations from __sanitize
+					if (error && error.message && error.message.includes('due to security concerns')) {
+						throw error;
+					}
+					// Swallow TypeErrors (failed attack attempts return undefined)
+					if (error instanceof TypeError) {
+						return undefined;
+					}
+					throw error;
+				};
+			}
+		`);
+        if (this.config.debug) {
+            console.log('[IsolatedVmBridge] Error handler injected successfully');
+        }
+    }
+    /**
+     * Reset data proxies in the isolate context.
+     *
+     * This method should be called before each execute() to:
+     * 1. Clear proxy caches from previous evaluations
+     * 2. Initialize fresh workflow data references
+     * 3. Expose workflow properties to globalThis
+     *
+     * The reset function runs in the isolate and calls back to the host
+     * via ivm.Reference callbacks to fetch workflow data.
+     *
+     * @private
+     * @throws {Error} If context not initialized or reset fails
+     */
+    resetDataProxies() {
+        if (!this.context) {
+            throw new Error('Context not initialized');
+        }
+        try {
+            // Call the resetDataProxies function in the isolate
+            // This function is loaded as part of the runtime bundle
+            this.context.evalSync('resetDataProxies()');
+            if (this.config.debug) {
+                console.log('[IsolatedVmBridge] Data proxies reset successfully');
+            }
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            throw new Error(`Failed to reset data proxies: ${errorMessage}`);
+        }
+    }
+    /**
+     * Register callback functions for cross-isolate communication.
+     *
+     * Creates three ivm.Reference callbacks that the runtime bundle uses
+     * to fetch data from the host process:
+     *
+     * - __getValueAtPath: Returns metadata or primitive for a property path
+     * - __getArrayElement: Returns individual array elements
+     * - __callFunctionAtPath: Executes functions in host context
+     *
+     * These callbacks are called synchronously from isolate proxy traps.
+     *
+     * @param data - Current workflow data to use for callback responses
+     * @private
+     */
+    registerCallbacks(data) {
+        if (!this.context) {
+            throw new Error('Context not initialized');
+        }
+        // Callback 1: Get value/metadata at path
+        // Used by createDeepLazyProxy when accessing properties
+        const getValueAtPath = new ivm.Reference((path) => {
+            // Navigate to value
+            let value = data;
+            for (const key of path) {
+                value = value?.[key];
+                if (value === undefined || value === null) {
+                    return value;
+                }
+            }
+            // Handle functions - return metadata marker
+            if (typeof value === 'function') {
+                const fnString = value.toString();
+                // Block native functions for security
+                if (fnString.includes('[native code]')) {
+                    return undefined;
+                }
+                return { __isFunction: true, __name: path[path.length - 1] };
+            }
+            // Handle arrays - always lazy, only transfer length
+            if (Array.isArray(value)) {
+                return {
+                    __isArray: true,
+                    __length: value.length,
+                    __data: null,
+                };
+            }
+            // Handle objects - return metadata with keys
+            if (value !== null && typeof value === 'object') {
+                return {
+                    __isObject: true,
+                    __keys: Object.keys(value),
+                };
+            }
+            // Primitive value
+            return value;
+        });
+        // Callback 2: Get array element at index
+        // Used by array proxy when accessing numeric indices
+        const getArrayElement = new ivm.Reference((path, index) => {
+            // Navigate to array
+            let arr = data;
+            for (const key of path) {
+                arr = arr?.[key];
+            }
+            if (!Array.isArray(arr)) {
+                return undefined;
+            }
+            const element = arr[index];
+            // If element is object/array, return metadata
+            if (element !== null && typeof element === 'object') {
+                if (Array.isArray(element)) {
+                    return {
+                        __isArray: true,
+                        __length: element.length,
+                        __data: null,
+                    };
+                }
+                return {
+                    __isObject: true,
+                    __keys: Object.keys(element),
+                };
+            }
+            // Primitive element
+            return element;
+        });
+        // Callback 3: Call function at path with arguments
+        // Used when expressions invoke functions from workflow data
+        const callFunctionAtPath = new ivm.Reference((path, ...args) => {
+            // Navigate to function, tracking parent to preserve `this` context
+            let fn = data;
+            let parent = undefined;
+            for (const key of path) {
+                parent = fn;
+                fn = fn?.[key];
+            }
+            if (typeof fn !== 'function') {
+                throw new Error(`${path.join('.')} is not a function`);
+            }
+            // Block native functions for security (same check as getValueAtPath)
+            if (fn.toString().includes('[native code]')) {
+                throw new Error(`${path.join('.')} is a native function and cannot be called`);
+            }
+            // Execute function with parent as `this` to preserve method context
+            return fn.call(parent, ...args);
+        });
+        // Release previous references before replacing to avoid accumulation
+        this.valueAtPathRef?.release();
+        this.arrayElementRef?.release();
+        this.callFunctionRef?.release();
+        // Store references so they can be released on the next call or on dispose()
+        this.valueAtPathRef = getValueAtPath;
+        this.arrayElementRef = getArrayElement;
+        this.callFunctionRef = callFunctionAtPath;
+        // Register all callbacks in isolate global context
+        this.context.global.setSync('__getValueAtPath', getValueAtPath);
+        this.context.global.setSync('__getArrayElement', getArrayElement);
+        this.context.global.setSync('__callFunctionAtPath', callFunctionAtPath);
+        if (this.config.debug) {
+            console.log('[IsolatedVmBridge] Callbacks registered successfully');
+        }
+    }
+    /**
+     * Execute JavaScript code in the isolated context.
+     *
+     * Flow:
+     * 1. Register callbacks as ivm.Reference for cross-isolate communication
+     * 2. Call resetDataProxies() to initialize workflow data proxies
+     * 3. Compile script (with caching for performance)
+     * 4. Execute with timeout enforcement
+     * 5. Return result (copied from isolate)
+     *
+     * @param code - JavaScript expression to evaluate
+     * @param data - Workflow data (e.g., { $json: {...}, $runIndex: 0 })
+     * @returns Result of the expression
+     * @throws {Error} If bridge not initialized or execution fails
+     */
+    execute(code, data) {
+        if (!this.initialized || !this.context) {
+            throw new Error('Bridge not initialized. Call initialize() first.');
+        }
+        try {
+            // Step 1: Register callbacks with current data context
+            this.registerCallbacks(data);
+            // Step 2: Reset proxies for this evaluation
+            // This initializes $json, $binary, etc. as lazy proxies
+            this.resetDataProxies();
+            // Step 3: Wrap transformed code so 'this' === __data in the isolate.
+            // Tournament generates: this.$json.email, this.$items(), etc.
+            // __data has $json, $items, etc. as lazy proxies (set in resetDataProxies).
+            const wrappedCode = `(function() {\n${code}\n}).call(__data)`;
+            let script = this.scriptCache.get(code);
+            if (!script) {
+                script = this.isolate.compileScriptSync(wrappedCode);
+                this.scriptCache.set(code, script);
+                if (this.config.debug) {
+                    console.log('[IsolatedVmBridge] Script compiled and cached');
+                }
+            }
+            // Step 4: Execute with timeout and copy result back
+            const result = script.runSync(this.context, {
+                timeout: this.config.timeout,
+                copy: true,
+            });
+            if (this.config.debug) {
+                console.log('[IsolatedVmBridge] Expression executed successfully');
+            }
+            return result;
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            throw new Error(`Expression evaluation failed: ${errorMessage}`);
+        }
+    }
+    /**
+     * Dispose of the isolate and free resources.
+     *
+     * After disposal, the bridge cannot be used again.
+     */
+    async dispose() {
+        if (this.disposed) {
+            return;
+        }
+        // Dispose isolate (this also disposes all contexts, references, etc.)
+        if (!this.isolate.isDisposed) {
+            this.isolate.dispose();
+        }
+        // Release callback references
+        this.valueAtPathRef?.release();
+        this.arrayElementRef?.release();
+        this.callFunctionRef?.release();
+        this.disposed = true;
+        this.initialized = false;
+        this.scriptCache.clear();
+        if (this.config.debug) {
+            console.log('[IsolatedVmBridge] Disposed');
+        }
+    }
+    /**
+     * Check if the bridge has been disposed.
+     *
+     * @returns true if disposed, false otherwise
+     */
+    isDisposed() {
+        return this.disposed;
+    }
+}
+//# sourceMappingURL=isolated-vm-bridge.js.map

package/dist/bridge/isolated-vm-bridge.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"isolated-vm-bridge.js","sourceRoot":"","sources":["../../src/bridge/isolated-vm-bridge.ts"],"names":[],"mappings":"AAAA,OAAO,GAAG,MAAM,aAAa,CAAC;AAC9B,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAGzC,0CAA0C;AAC1C,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;AAE3C;;;;;;;;;;GAUG;AACH,MAAM,OAAO,gBAAgB;IACpB,OAAO,CAAc;IACrB,OAAO,CAAe;IACtB,WAAW,GAAG,KAAK,CAAC;IACpB,QAAQ,GAAG,KAAK,CAAC;IACjB,MAAM,CAAyB;IAEvC,2CAA2C;IAC3C,8CAA8C;IACtC,WAAW,GAAG,IAAI,GAAG,EAAsB,CAAC;IAEpD,wEAAwE;IACxE,2DAA2D;IACnD,cAAc,CAAiB;IAC/B,eAAe,CAAiB;IAChC,eAAe,CAAiB;IAExC,YAAY,SAAuB,EAAE;QACpC,IAAI,CAAC,MAAM,GAAG;YACb,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,GAAG;YACtC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,IAAI;YAC/B,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,KAAK;SAC5B,CAAC;QAEF,mCAAmC;QACnC,6BAA6B;QAC7B,IAAI,CAAC,OAAO,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;IAC1E,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,UAAU;QACf,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,OAAO;QACR,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QAElD,uBAAuB;QACvB,qDAAqD;QACrD,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QAEjC,sDAAsD;QACtD,2DAA2D;QAC3D,MAAM,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAE3C,mEAAmE;QACnE,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAEjC,uCAAuC;QACvC,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAE/B,yEAAyE;QACzE,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAEhC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAExB,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC5D,CAAC;IACF,CAAC;IAED;;;;;;;;;;;OAWG;IACK,KAAK,CAAC,mBAAmB;QAChC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC;YACJ,iEAAiE;YACjE,oCAAoC;YACpC,MAAM,iBAAiB,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,mCAAmC,CAAC,CAAC;YACpF,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC,CAAC;YAEjE,qCAAqC;YACrC,qJAAqJ;YACrJ,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAEvC,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,gDAAgD,EAAE,iBAAiB,CAAC,CAAC;YAClF,CAAC;YAED,2CAA2C;YAC3C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YAC/E,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAE3E,IAAI,CAAC,WAAW,IAAI,CAAC,SAAS,EAAE,CAAC;gBAChC,MAAM,IAAI,KAAK,CACd,yCAAyC,WAAW,YAAY,SAAS,EAAE,CAC3E,CAAC;YACH,CAAC;YAED,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;YAC1E,CAAC;QACF,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5E,MAAM,IAAI,KAAK,CAAC,kCAAkC,YAAY,EAAE,CAAC,CAAC;QACnE,CAAC;IACF,CAAC;IAED;;;;;;;;OAQG;IACK,KAAK,CAAC,iBAAiB;QAC9B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC;YACJ,kDAAkD;YAClD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;YAC9F,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YACzE,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;YACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YACjF,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;YAE5F,IAAI,CAAC,eAAe,IAAI,CAAC,OAAO,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBAC1F,MAAM,IAAI,KAAK,CACd,oCAAoC;oBACnC,uBAAuB,eAAe,YAAY,OAAO,IAAI;oBAC7D,cAAc,aAAa,eAAe,YAAY,IAAI;oBAC1D,oBAAoB,gBAAgB,EAAE,CACvC,CAAC;YACH,CAAC;YAED,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;YACtE,CAAC;QACF,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5E,MAAM,IAAI,KAAK,CAAC,kCAAkC,YAAY,EAAE,CAAC,CAAC;QACnE,CAAC;IACF,CAAC;IAED;;;;;;;;;;;OAWG;IACK,KAAK,CAAC,kBAAkB;QAC/B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5C,CAAC;QAED,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;;;;;;;;;;;;;;GAcvB,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;QACvE,CAAC;IACF,CAAC;IAED;;;;;;;;;;;;;OAaG;IACK,gBAAgB;QACvB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC;YACJ,oDAAoD;YACpD,wDAAwD;YACxD,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;YAE5C,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;YACnE,CAAC;QACF,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5E,MAAM,IAAI,KAAK,CAAC,iCAAiC,YAAY,EAAE,CAAC,CAAC;QAClE,CAAC;IACF,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACK,iBAAiB,CAAC,IAA6B;QACtD,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC5C,CAAC;QAED,yCAAyC;QACzC,wDAAwD;QACxD,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC,IAAc,EAAE,EAAE;YAC3D,oBAAoB;YACpB,IAAI,KAAK,GAAY,IAAI,CAAC;YAC1B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;gBACxB,KAAK,GAAI,KAAiC,EAAE,CAAC,GAAG,CAAC,CAAC;gBAClD,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;oBAC3C,OAAO,KAAK,CAAC;gBACd,CAAC;YACF,CAAC;YAED,4CAA4C;YAC5C,IAAI,OAAO,KAAK,KAAK,UAAU,EAAE,CAAC;gBACjC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;gBAClC,sCAAsC;gBACtC,IAAI,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;oBACxC,OAAO,SAAS,CAAC;gBAClB,CAAC;gBACD,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC;YAC9D,CAAC;YAED,oDAAoD;YACpD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO;oBACN,SAAS,EAAE,IAAI;oBACf,QAAQ,EAAE,KAAK,CAAC,MAAM;oBACtB,MAAM,EAAE,IAAI;iBACZ,CAAC;YACH,CAAC;YAED,6CAA6C;YAC7C,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACjD,OAAO;oBACN,UAAU,EAAE,IAAI;oBAChB,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;iBAC1B,CAAC;YACH,CAAC;YAED,kBAAkB;YAClB,OAAO,KAAK,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,yCAAyC;QACzC,qDAAqD;QACrD,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC,IAAc,EAAE,KAAa,EAAE,EAAE;YAC3E,oBAAoB;YACpB,IAAI,GAAG,GAAY,IAAI,CAAC;YACxB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;gBACxB,GAAG,GAAI,GAA+B,EAAE,CAAC,GAAG,CAAC,CAAC;YAC/C,CAAC;YAED,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzB,OAAO,SAAS,CAAC;YAClB,CAAC;YAED,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC;YAE3B,8CAA8C;YAC9C,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;gBACrD,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC5B,OAAO;wBACN,SAAS,EAAE,IAAI;wBACf,QAAQ,EAAE,OAAO,CAAC,MAAM;wBACxB,MAAM,EAAE,IAAI;qBACZ,CAAC;gBACH,CAAC;gBACD,OAAO;oBACN,UAAU,EAAE,IAAI;oBAChB,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;iBAC5B,CAAC;YACH,CAAC;YAED,oBAAoB;YACpB,OAAO,OAAO,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,mDAAmD;QACnD,4DAA4D;QAC5D,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC,IAAc,EAAE,GAAG,IAAe,EAAE,EAAE;YACnF,mEAAmE;YACnE,IAAI,EAAE,GAAY,IAAI,CAAC;YACvB,IAAI,MAAM,GAAY,SAAS,CAAC;YAChC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;gBACxB,MAAM,GAAG,EAAE,CAAC;gBACZ,EAAE,GAAI,EAA8B,EAAE,CAAC,GAAG,CAAC,CAAC;YAC7C,CAAC;YAED,IAAI,OAAO,EAAE,KAAK,UAAU,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YACxD,CAAC;YAED,qEAAqE;YACrE,IAAI,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;gBAC7C,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;YAChF,CAAC;YAED,oEAAoE;YACpE,OAAQ,EAAwC,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC;QACxE,CAAC,CAAC,CAAC;QAEH,qEAAqE;QACrE,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,CAAC;QAC/B,IAAI,CAAC,eAAe,EAAE,OAAO,EAAE,CAAC;QAChC,IAAI,CAAC,eAAe,EAAE,OAAO,EAAE,CAAC;QAEhC,4EAA4E;QAC5E,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,eAAe,GAAG,kBAAkB,CAAC;QAE1C,mDAAmD;QACnD,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,mBAAmB,EAAE,eAAe,CAAC,CAAC;QAClE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,sBAAsB,EAAE,kBAAkB,CAAC,CAAC;QAExE,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;QACrE,CAAC;IACF,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,OAAO,CAAC,IAAY,EAAE,IAA6B;QAClD,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,CAAC;YACJ,uDAAuD;YACvD,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;YAE7B,4CAA4C;YAC5C,wDAAwD;YACxD,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAExB,qEAAqE;YACrE,8DAA8D;YAC9D,4EAA4E;YAC5E,MAAM,WAAW,GAAG,kBAAkB,IAAI,mBAAmB,CAAC;YAE9D,IAAI,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACxC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACb,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;gBACrD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;gBAEnC,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBACvB,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;gBAC9D,CAAC;YACF,CAAC;YAED,oDAAoD;YACpD,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE;gBAC3C,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC5B,IAAI,EAAE,IAAI;aACV,CAAC,CAAC;YAEH,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,qDAAqD,CAAC,CAAC;YACpE,CAAC;YAED,OAAO,MAAM,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAChB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5E,MAAM,IAAI,KAAK,CAAC,iCAAiC,YAAY,EAAE,CAAC,CAAC;QAClE,CAAC;IACF,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,OAAO;QACZ,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,OAAO;QACR,CAAC;QAED,sEAAsE;QACtE,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YAC9B,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QACxB,CAAC;QAED,8BAA8B;QAC9B,IAAI,CAAC,cAAc,EAAE,OAAO,EAAE,CAAC;QAC/B,IAAI,CAAC,eAAe,EAAE,OAAO,EAAE,CAAC;QAChC,IAAI,CAAC,eAAe,EAAE,OAAO,EAAE,CAAC;QAEhC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QACzB,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QAEzB,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC5C,CAAC;IACF,CAAC;IAED;;;;OAIG;IACH,UAAU;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACtB,CAAC;CACD"}