@nahisaho/musubix-security 1.8.0 → 1.8.1

package/dist/analyzers/api/api-security-analyzer.js

@@ -0,0 +1,581 @@
+/**
+ * @fileoverview API Security Analyzer - OpenAPI/REST API security analysis
+ * @module @nahisaho/musubix-security/analyzers/api/api-security-analyzer
+ * @trace DES-SEC3-API-001, REQ-SEC3-API-001
+ */
+/**
+ * Built-in security rules
+ */
+const BUILTIN_RULES = [
+    // Authentication rules
+    {
+        id: 'API-001',
+        name: 'Missing Authentication',
+        category: 'authentication',
+        severity: 'high',
+        check: (endpoint, spec) => {
+            const hasGlobalAuth = spec.security && spec.security.length > 0;
+            const hasEndpointAuth = endpoint.security && endpoint.security.length > 0;
+            const isPublicPath = endpoint.path.includes('/health') ||
+                endpoint.path.includes('/public') ||
+                endpoint.path.includes('/docs');
+            return !hasGlobalAuth && !hasEndpointAuth && !isPublicPath;
+        },
+        message: 'Endpoint has no authentication requirement',
+        recommendation: 'Add authentication security scheme to protect this endpoint',
+        owasp: ['A07:2021'],
+        cwe: ['CWE-306'],
+    },
+    {
+        id: 'API-002',
+        name: 'Weak Authentication Scheme',
+        category: 'authentication',
+        severity: 'medium',
+        check: (endpoint, spec) => {
+            const schemes = spec.components?.securitySchemes ?? {};
+            const usedSchemes = [...(spec.security ?? []), ...(endpoint.security ?? [])];
+            for (const req of usedSchemes) {
+                for (const schemeName of Object.keys(req)) {
+                    const scheme = schemes[schemeName];
+                    if (scheme?.type === 'apiKey' && scheme.in === 'query') {
+                        return true;
+                    }
+                    if (scheme?.type === 'http' && scheme.scheme === 'basic') {
+                        return true;
+                    }
+                }
+            }
+            return false;
+        },
+        message: 'Endpoint uses weak authentication (API key in query or Basic Auth)',
+        recommendation: 'Use Bearer tokens or OAuth2 for better security',
+        owasp: ['A07:2021'],
+        cwe: ['CWE-287'],
+    },
+    // Authorization rules
+    {
+        id: 'API-003',
+        name: 'Missing Scope/Permission Check',
+        category: 'authorization',
+        severity: 'medium',
+        check: (endpoint, spec) => {
+            const security = endpoint.security ?? spec.security ?? [];
+            // Check if any OAuth2 scope is defined
+            for (const req of security) {
+                for (const scopes of Object.values(req)) {
+                    if (Array.isArray(scopes) && scopes.length > 0) {
+                        return false;
+                    }
+                }
+            }
+            // Sensitive operations should have scopes
+            const sensitiveOps = ['POST', 'PUT', 'PATCH', 'DELETE'];
+            return sensitiveOps.includes(endpoint.method);
+        },
+        message: 'Sensitive operation lacks specific permission scopes',
+        recommendation: 'Define OAuth2 scopes or permission requirements for sensitive operations',
+        owasp: ['A01:2021'],
+        cwe: ['CWE-285'],
+    },
+    // Injection rules
+    {
+        id: 'API-004',
+        name: 'Missing Input Validation',
+        category: 'input-validation',
+        severity: 'high',
+        check: (endpoint) => {
+            const params = endpoint.parameters ?? [];
+            for (const param of params) {
+                if (!param.schema)
+                    return true;
+                const schema = param.schema;
+                // Check if string params have validation
+                if (schema.type === 'string' && !schema.pattern && !schema.maxLength && !schema.enum) {
+                    return true;
+                }
+            }
+            return false;
+        },
+        message: 'Input parameters lack validation constraints',
+        recommendation: 'Add pattern, maxLength, or enum constraints to string parameters',
+        owasp: ['A03:2021'],
+        cwe: ['CWE-20'],
+    },
+    {
+        id: 'API-005',
+        name: 'SQL Injection Risk',
+        category: 'injection',
+        severity: 'critical',
+        check: (endpoint) => {
+            // Check for dangerous parameter patterns
+            const dangerousPatterns = ['query', 'filter', 'where', 'orderBy', 'sortBy', 'search'];
+            const params = endpoint.parameters ?? [];
+            for (const param of params) {
+                if (dangerousPatterns.some(p => param.name.toLowerCase().includes(p))) {
+                    if (!param.schema?.pattern && !param.schema?.enum) {
+                        return true;
+                    }
+                }
+            }
+            return false;
+        },
+        message: 'Query/filter parameter without validation may allow SQL injection',
+        recommendation: 'Validate and sanitize query parameters; use parameterized queries',
+        owasp: ['A03:2021'],
+        cwe: ['CWE-89'],
+    },
+    // Data exposure rules
+    {
+        id: 'API-006',
+        name: 'Sensitive Data in Response',
+        category: 'data-exposure',
+        severity: 'high',
+        check: (endpoint) => {
+            const sensitiveFields = ['password', 'secret', 'token', 'ssn', 'credit_card', 'cvv'];
+            const responses = endpoint.responses ?? {};
+            for (const [code, response] of Object.entries(responses)) {
+                if (!code.startsWith('2'))
+                    continue;
+                for (const mediaType of Object.values(response.content ?? {})) {
+                    const schema = mediaType.schema;
+                    if (schema?.properties) {
+                        for (const prop of Object.keys(schema.properties)) {
+                            if (sensitiveFields.some(s => prop.toLowerCase().includes(s))) {
+                                return true;
+                            }
+                        }
+                    }
+                }
+            }
+            return false;
+        },
+        message: 'Response may contain sensitive data fields',
+        recommendation: 'Remove sensitive fields from API responses or mask them',
+        owasp: ['A01:2021'],
+        cwe: ['CWE-200'],
+    },
+    {
+        id: 'API-007',
+        name: 'Missing Rate Limiting Header',
+        category: 'rate-limiting',
+        severity: 'medium',
+        check: (endpoint) => {
+            const responses = endpoint.responses ?? {};
+            const hasRateLimitHeader = Object.values(responses).some(r => r.description?.toLowerCase().includes('rate limit'));
+            return !hasRateLimitHeader && endpoint.method === 'POST';
+        },
+        message: 'No rate limiting documented for POST endpoint',
+        recommendation: 'Implement and document rate limiting headers (X-RateLimit-*)',
+        owasp: ['A05:2021'],
+        cwe: ['CWE-770'],
+    },
+    // Transport security
+    {
+        id: 'API-008',
+        name: 'HTTP Server URL',
+        category: 'transport-security',
+        severity: 'high',
+        check: (_endpoint, spec) => {
+            const servers = spec.servers ?? [];
+            return servers.some(s => s.url.startsWith('http://') && !s.url.includes('localhost'));
+        },
+        message: 'API server uses insecure HTTP protocol',
+        recommendation: 'Use HTTPS for all API communications',
+        owasp: ['A02:2021'],
+        cwe: ['CWE-319'],
+    },
+    // Error handling
+    {
+        id: 'API-009',
+        name: 'Missing Error Response Schema',
+        category: 'error-handling',
+        severity: 'low',
+        check: (endpoint) => {
+            const responses = endpoint.responses ?? {};
+            const hasErrorSchema = Object.entries(responses).some(([code, r]) => {
+                const isError = code.startsWith('4') || code.startsWith('5');
+                return isError && r.content;
+            });
+            return !hasErrorSchema;
+        },
+        message: 'Error responses lack schema definition',
+        recommendation: 'Define error response schemas to ensure consistent error handling',
+        owasp: ['A09:2021'],
+        cwe: ['CWE-209'],
+    },
+    // Deprecated API
+    {
+        id: 'API-010',
+        name: 'Deprecated Endpoint',
+        category: 'deprecated-api',
+        severity: 'info',
+        check: (endpoint, spec) => {
+            // Check in the spec if operation is marked deprecated
+            const paths = spec.paths ?? {};
+            const pathItem = paths[endpoint.path];
+            if (!pathItem)
+                return false;
+            const method = endpoint.method.toLowerCase();
+            const operation = pathItem[method];
+            return operation?.deprecated === true;
+        },
+        message: 'Endpoint is marked as deprecated',
+        recommendation: 'Plan migration to the replacement API; document deprecation timeline',
+        owasp: ['A09:2021'],
+        cwe: ['CWE-1104'],
+    },
+    // CORS
+    {
+        id: 'API-011',
+        name: 'Missing CORS Configuration',
+        category: 'cors',
+        severity: 'medium',
+        check: (endpoint, spec) => {
+            // If there's no OPTIONS handler for paths, CORS might not be configured
+            const paths = spec.paths ?? {};
+            const pathItem = paths[endpoint.path];
+            if (!pathItem)
+                return false;
+            return !pathItem.options;
+        },
+        message: 'No OPTIONS method defined for CORS preflight',
+        recommendation: 'Configure CORS headers and OPTIONS handler appropriately',
+        owasp: ['A05:2021'],
+        cwe: ['CWE-942'],
+    },
+    // Misconfiguration
+    {
+        id: 'API-012',
+        name: 'Missing Content-Type Validation',
+        category: 'misconfiguration',
+        severity: 'medium',
+        check: (endpoint) => {
+            if (!endpoint.requestBody)
+                return false;
+            const content = endpoint.requestBody.content ?? {};
+            // Check if only specific content types are accepted
+            return Object.keys(content).includes('*/*');
+        },
+        message: 'Endpoint accepts any content type',
+        recommendation: 'Restrict accepted content types to prevent content type confusion attacks',
+        owasp: ['A05:2021'],
+        cwe: ['CWE-436'],
+    },
+];
+/**
+ * API Security Analyzer
+ * @trace DES-SEC3-API-001
+ */
+export class APISecurityAnalyzer {
+    options;
+    rules;
+    constructor(options = {}) {
+        this.options = {
+            checkAuth: options.checkAuth ?? true,
+            checkInjection: options.checkInjection ?? true,
+            checkDataExposure: options.checkDataExposure ?? true,
+            checkRateLimiting: options.checkRateLimiting ?? true,
+            checkCORS: options.checkCORS ?? true,
+            skipPaths: options.skipPaths ?? [],
+            customRules: options.customRules ?? [],
+        };
+        this.rules = [...BUILTIN_RULES];
+    }
+    /**
+     * Analyze OpenAPI specification
+     * @trace REQ-SEC3-API-001
+     */
+    async analyze(spec) {
+        const parsedSpec = typeof spec === 'string' ? JSON.parse(spec) : spec;
+        const endpoints = this.extractEndpoints(parsedSpec);
+        const issues = [];
+        // Filter endpoints
+        const filteredEndpoints = endpoints.filter(ep => !this.options.skipPaths.some(p => ep.path.startsWith(p)));
+        // Run rules on each endpoint
+        for (const endpoint of filteredEndpoints) {
+            for (const rule of this.rules) {
+                // Skip rules based on options
+                if (!this.shouldRunRule(rule.category))
+                    continue;
+                try {
+                    if (rule.check(endpoint, parsedSpec)) {
+                        issues.push({
+                            id: `${rule.id}-${endpoint.method}-${endpoint.path.replace(/\//g, '-')}`,
+                            severity: rule.severity,
+                            category: rule.category,
+                            endpoint: endpoint.path,
+                            method: endpoint.method,
+                            title: rule.name,
+                            description: rule.message,
+                            recommendation: rule.recommendation,
+                            owasp: rule.owasp,
+                            cwe: rule.cwe,
+                        });
+                    }
+                }
+                catch {
+                    // Ignore rule errors
+                }
+            }
+        }
+        // Run custom rules
+        for (const customRule of this.options.customRules) {
+            for (const endpoint of filteredEndpoints) {
+                try {
+                    if (customRule.check(endpoint, parsedSpec)) {
+                        issues.push({
+                            id: `${customRule.id}-${endpoint.method}-${endpoint.path.replace(/\//g, '-')}`,
+                            severity: customRule.severity,
+                            category: customRule.category,
+                            endpoint: endpoint.path,
+                            method: endpoint.method,
+                            title: customRule.name,
+                            description: customRule.message,
+                            recommendation: customRule.recommendation,
+                        });
+                    }
+                }
+                catch {
+                    // Ignore rule errors
+                }
+            }
+        }
+        const coverage = this.calculateCoverage(filteredEndpoints, parsedSpec);
+        const score = this.calculateScore(issues, coverage);
+        return {
+            timestamp: new Date(),
+            specVersion: parsedSpec.openapi ?? parsedSpec.swagger,
+            title: parsedSpec.info?.title,
+            endpoints: filteredEndpoints.length,
+            issues,
+            coverage,
+            score,
+            summary: this.generateSummary(issues),
+        };
+    }
+    /**
+     * Analyze from file path
+     */
+    async analyzeFile(filePath) {
+        const fs = await import('node:fs');
+        const content = fs.readFileSync(filePath, 'utf-8');
+        // Try JSON first, then YAML
+        let spec;
+        try {
+            spec = JSON.parse(content);
+        }
+        catch {
+            // Try basic YAML parsing (simplified)
+            spec = this.parseSimpleYaml(content);
+        }
+        return this.analyze(spec);
+    }
+    /**
+     * Extract endpoints from spec
+     */
+    extractEndpoints(spec) {
+        const endpoints = [];
+        const paths = spec.paths ?? {};
+        for (const [path, pathItem] of Object.entries(paths)) {
+            const methods = ['get', 'post', 'put', 'patch', 'delete', 'options', 'head'];
+            for (const method of methods) {
+                const operation = pathItem[method];
+                if (!operation)
+                    continue;
+                endpoints.push({
+                    path,
+                    method: method.toUpperCase(),
+                    operationId: operation.operationId,
+                    summary: operation.summary,
+                    tags: operation.tags,
+                    parameters: [...(pathItem.parameters ?? []), ...(operation.parameters ?? [])],
+                    requestBody: operation.requestBody,
+                    responses: operation.responses,
+                    security: operation.security,
+                });
+            }
+        }
+        return endpoints;
+    }
+    /**
+     * Check if rule should run based on options
+     */
+    shouldRunRule(category) {
+        switch (category) {
+            case 'authentication':
+            case 'authorization':
+                return this.options.checkAuth;
+            case 'injection':
+            case 'input-validation':
+                return this.options.checkInjection;
+            case 'data-exposure':
+                return this.options.checkDataExposure;
+            case 'rate-limiting':
+                return this.options.checkRateLimiting;
+            case 'cors':
+                return this.options.checkCORS;
+            default:
+                return true;
+        }
+    }
+    /**
+     * Calculate security coverage
+     */
+    calculateCoverage(endpoints, spec) {
+        let withAuth = 0;
+        let withValidation = 0;
+        let withRateLimiting = 0;
+        const globalAuth = spec.security && spec.security.length > 0;
+        for (const endpoint of endpoints) {
+            const hasAuth = globalAuth || (endpoint.security && endpoint.security.length > 0);
+            if (hasAuth)
+                withAuth++;
+            const hasValidation = endpoint.parameters?.some(p => p.schema?.pattern || p.schema?.maxLength || p.schema?.enum);
+            if (hasValidation)
+                withValidation++;
+            // Check for rate limit documentation
+            const hasRateLimit = Object.values(endpoint.responses ?? {}).some(r => r.description?.toLowerCase().includes('rate'));
+            if (hasRateLimit)
+                withRateLimiting++;
+        }
+        const total = endpoints.length;
+        return {
+            endpointsWithAuth: withAuth,
+            endpointsWithoutAuth: total - withAuth,
+            endpointsWithValidation: withValidation,
+            endpointsWithRateLimiting: withRateLimiting,
+            totalEndpoints: total,
+            authCoverage: total > 0 ? Math.round((withAuth / total) * 100) : 100,
+            validationCoverage: total > 0 ? Math.round((withValidation / total) * 100) : 100,
+        };
+    }
+    /**
+     * Calculate security score
+     */
+    calculateScore(issues, coverage) {
+        let score = 100;
+        // Deduct for issues
+        for (const issue of issues) {
+            switch (issue.severity) {
+                case 'critical':
+                    score -= 15;
+                    break;
+                case 'high':
+                    score -= 10;
+                    break;
+                case 'medium':
+                    score -= 5;
+                    break;
+                case 'low':
+                    score -= 2;
+                    break;
+            }
+        }
+        // Deduct for poor coverage
+        if (coverage.authCoverage < 100) {
+            score -= Math.round((100 - coverage.authCoverage) / 10);
+        }
+        if (coverage.validationCoverage < 50) {
+            score -= 10;
+        }
+        return Math.max(0, Math.min(100, score));
+    }
+    /**
+     * Generate summary
+     */
+    generateSummary(issues) {
+        const counts = { critical: 0, high: 0, medium: 0, low: 0, info: 0 };
+        const categoryCount = {};
+        const recommendations = new Set();
+        for (const issue of issues) {
+            if (issue.severity in counts) {
+                counts[issue.severity]++;
+            }
+            categoryCount[issue.category] = (categoryCount[issue.category] ?? 0) + 1;
+            recommendations.add(issue.recommendation);
+        }
+        const topCategories = Object.entries(categoryCount)
+            .sort(([, a], [, b]) => b - a)
+            .slice(0, 5)
+            .map(([category, count]) => ({ category: category, count }));
+        return {
+            criticalIssues: counts.critical,
+            highIssues: counts.high,
+            mediumIssues: counts.medium,
+            lowIssues: counts.low + counts.info,
+            topCategories,
+            recommendations: Array.from(recommendations).slice(0, 5),
+        };
+    }
+    /**
+     * Simple YAML parser (for basic OpenAPI specs)
+     */
+    parseSimpleYaml(content) {
+        // This is a very simplified parser - in production, use js-yaml
+        const spec = {};
+        const lines = content.split('\n');
+        let currentPath = '';
+        let currentMethod = '';
+        for (const line of lines) {
+            const trimmed = line.trim();
+            // Skip comments and empty lines
+            if (trimmed.startsWith('#') || !trimmed)
+                continue;
+            // Detect openapi version
+            if (trimmed.startsWith('openapi:')) {
+                spec.openapi = trimmed.split(':')[1]?.trim().replace(/['"]/g, '');
+            }
+            // Detect swagger version
+            if (trimmed.startsWith('swagger:')) {
+                spec.swagger = trimmed.split(':')[1]?.trim().replace(/['"]/g, '');
+            }
+            // Detect paths
+            if (trimmed.match(/^\/[^:]*:/)) {
+                currentPath = trimmed.replace(':', '');
+                if (!spec.paths)
+                    spec.paths = {};
+                spec.paths[currentPath] = {};
+            }
+            // Detect methods under paths
+            if (currentPath && ['get:', 'post:', 'put:', 'patch:', 'delete:'].includes(trimmed)) {
+                currentMethod = trimmed.replace(':', '');
+                if (spec.paths?.[currentPath]) {
+                    spec.paths[currentPath][currentMethod] = {};
+                }
+            }
+        }
+        return spec;
+    }
+    /**
+     * Convert issues to vulnerabilities
+     */
+    toVulnerabilities(result) {
+        return result.issues.map(issue => ({
+            id: issue.id,
+            type: 'configuration',
+            severity: issue.severity,
+            cwes: issue.cwe ?? [],
+            owasp: (issue.owasp ?? []),
+            location: {
+                file: 'openapi.json',
+                startLine: 1,
+                endLine: 1,
+                startColumn: 0,
+                endColumn: 0,
+            },
+            description: `[${issue.method} ${issue.endpoint}] ${issue.title}: ${issue.description}`,
+            recommendation: issue.recommendation,
+            confidence: 0.9,
+            ruleId: issue.id,
+            codeSnippet: `${issue.method} ${issue.endpoint}`,
+            detectedAt: new Date(),
+        }));
+    }
+}
+/**
+ * Create API security analyzer instance
+ */
+export function createAPISecurityAnalyzer(options) {
+    return new APISecurityAnalyzer(options);
+}
+//# sourceMappingURL=api-security-analyzer.js.map

package/dist/analyzers/api/api-security-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-security-analyzer.js","sourceRoot":"","sources":["../../../src/analyzers/api/api-security-analyzer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAoOH;;GAEG;AACH,MAAM,aAAa,GAUd;IACH,uBAAuB;IACvB;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE;YACxB,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;YAChE,MAAM,eAAe,GAAG,QAAQ,CAAC,QAAQ,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;YAC1E,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACjC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACjC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YACrD,OAAO,CAAC,aAAa,IAAI,CAAC,eAAe,IAAI,CAAC,YAAY,CAAC;QAC7D,CAAC;QACD,OAAO,EAAE,4CAA4C;QACrD,cAAc,EAAE,6DAA6D;QAC7E,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,QAAQ;QAClB,KAAK,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE;YACxB,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,eAAe,IAAI,EAAE,CAAC;YACvD,MAAM,WAAW,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAC;YAE7E,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;gBAC9B,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC1C,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;oBACnC,IAAI,MAAM,EAAE,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,EAAE,KAAK,OAAO,EAAE,CAAC;wBACvD,OAAO,IAAI,CAAC;oBACd,CAAC;oBACD,IAAI,MAAM,EAAE,IAAI,KAAK,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;wBACzD,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,EAAE,oEAAoE;QAC7E,cAAc,EAAE,iDAAiD;QACjE,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;IACD,sBAAsB;IACtB;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,eAAe;QACzB,QAAQ,EAAE,QAAQ;QAClB,KAAK,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE;YACxB,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;YAC1D,uCAAuC;YACvC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;gBAC3B,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;oBACxC,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBAC/C,OAAO,KAAK,CAAC;oBACf,CAAC;gBACH,CAAC;YACH,CAAC;YACD,0CAA0C;YAC1C,MAAM,YAAY,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACxD,OAAO,YAAY,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,EAAE,sDAAsD;QAC/D,cAAc,EAAE,0EAA0E;QAC1F,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;IACD,kBAAkB;IAClB;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,0BAA0B;QAChC,QAAQ,EAAE,kBAAkB;QAC5B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE;YAClB,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAC;YACzC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,IAAI,CAAC,KAAK,CAAC,MAAM;oBAAE,OAAO,IAAI,CAAC;gBAC/B,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;gBAC5B,yCAAyC;gBACzC,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;oBACrF,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,EAAE,8CAA8C;QACvD,cAAc,EAAE,kEAAkE;QAClF,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,QAAQ,CAAC;KAChB;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE;YAClB,yCAAyC;YACzC,MAAM,iBAAiB,GAAG,CAAC,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;YACtF,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAC;YAEzC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBACtE,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC;wBAClD,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,EAAE,mEAAmE;QAC5E,cAAc,EAAE,mEAAmE;QACnF,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,QAAQ,CAAC;KAChB;IACD,sBAAsB;IACtB;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,eAAe;QACzB,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE;YAClB,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;YACrF,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,IAAI,EAAE,CAAC;YAE3C,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;gBACzD,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAEpC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC;oBAC9D,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;oBAChC,IAAI,MAAM,EAAE,UAAU,EAAE,CAAC;wBACvB,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;4BAClD,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gCAC9D,OAAO,IAAI,CAAC;4BACd,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,EAAE,4CAA4C;QACrD,cAAc,EAAE,yDAAyD;QACzE,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,eAAe;QACzB,QAAQ,EAAE,QAAQ;QAClB,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE;YAClB,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,IAAI,EAAE,CAAC;YAC3C,MAAM,kBAAkB,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAC3D,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,CACpD,CAAC;YACF,OAAO,CAAC,kBAAkB,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,CAAC;QAC3D,CAAC;QACD,OAAO,EAAE,+CAA+C;QACxD,cAAc,EAAE,8DAA8D;QAC9E,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;IACD,qBAAqB;IACrB;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,oBAAoB;QAC9B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE;YACzB,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;YACnC,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;QACxF,CAAC;QACD,OAAO,EAAE,wCAAwC;QACjD,cAAc,EAAE,sCAAsC;QACtD,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;IACD,iBAAiB;IACjB;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,KAAK;QACf,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE;YAClB,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,IAAI,EAAE,CAAC;YAC3C,MAAM,cAAc,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE;gBAClE,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAC7D,OAAO,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC;YAC9B,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,cAAc,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,wCAAwC;QACjD,cAAc,EAAE,mEAAmE;QACnF,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;IACD,iBAAiB;IACjB;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE;YACxB,sDAAsD;YACtD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,IAAI,CAAC,QAAQ;gBAAE,OAAO,KAAK,CAAC;YAE5B,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAoB,CAAC;YAC/D,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAgC,CAAC;YAClE,OAAO,SAAS,EAAE,UAAU,KAAK,IAAI,CAAC;QACxC,CAAC;QACD,OAAO,EAAE,kCAAkC;QAC3C,cAAc,EAAE,sEAAsE;QACtF,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,UAAU,CAAC;KAClB;IACD,OAAO;IACP;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,QAAQ;QAClB,KAAK,EAAE,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE;YACxB,wEAAwE;YACxE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACtC,IAAI,CAAC,QAAQ;gBAAE,OAAO,KAAK,CAAC;YAC5B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,8CAA8C;QACvD,cAAc,EAAE,0DAA0D;QAC1E,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;IACD,mBAAmB;IACnB;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,kBAAkB;QAC5B,QAAQ,EAAE,QAAQ;QAClB,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE;YAClB,IAAI,CAAC,QAAQ,CAAC,WAAW;gBAAE,OAAO,KAAK,CAAC;YACxC,MAAM,OAAO,GAAG,QAAQ,CAAC,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;YACnD,oDAAoD;YACpD,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QACD,OAAO,EAAE,mCAAmC;QAC5C,cAAc,EAAE,2EAA2E;QAC3F,KAAK,EAAE,CAAC,UAAU,CAAC;QACnB,GAAG,EAAE,CAAC,SAAS,CAAC;KACjB;CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,OAAO,mBAAmB;IACtB,OAAO,CAA+B;IACtC,KAAK,CAAuB;IAEpC,YAAY,UAA8B,EAAE;QAC1C,IAAI,CAAC,OAAO,GAAG;YACb,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI;YACpC,cAAc,EAAE,OAAO,CAAC,cAAc,IAAI,IAAI;YAC9C,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI;YACpC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,EAAE;SACvC,CAAC;QAEF,IAAI,CAAC,KAAK,GAAG,CAAC,GAAG,aAAa,CAAC,CAAC;IAClC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,OAAO,CAAC,IAA0B;QACtC,MAAM,UAAU,GAAgB,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAEnF,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACpD,MAAM,MAAM,GAAuB,EAAE,CAAC;QAEtC,mBAAmB;QACnB,MAAM,iBAAiB,GAAG,SAAS,CAAC,MAAM,CACxC,EAAE,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAC/D,CAAC;QAEF,6BAA6B;QAC7B,KAAK,MAAM,QAAQ,IAAI,iBAAiB,EAAE,CAAC;YACzC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC9B,8BAA8B;gBAC9B,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC;oBAAE,SAAS;gBAEjD,IAAI,CAAC;oBACH,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,CAAC;wBACrC,MAAM,CAAC,IAAI,CAAC;4BACV,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE;4BACxE,QAAQ,EAAE,IAAI,CAAC,QAAQ;4BACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;4BACvB,QAAQ,EAAE,QAAQ,CAAC,IAAI;4BACvB,MAAM,EAAE,QAAQ,CAAC,MAAM;4BACvB,KAAK,EAAE,IAAI,CAAC,IAAI;4BAChB,WAAW,EAAE,IAAI,CAAC,OAAO;4BACzB,cAAc,EAAE,IAAI,CAAC,cAAc;4BACnC,KAAK,EAAE,IAAI,CAAC,KAAK;4BACjB,GAAG,EAAE,IAAI,CAAC,GAAG;yBACd,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,qBAAqB;gBACvB,CAAC;YACH,CAAC;QACH,CAAC;QAED,mBAAmB;QACnB,KAAK,MAAM,UAAU,IAAI,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YAClD,KAAK,MAAM,QAAQ,IAAI,iBAAiB,EAAE,CAAC;gBACzC,IAAI,CAAC;oBACH,IAAI,UAAU,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,CAAC;wBAC3C,MAAM,CAAC,IAAI,CAAC;4BACV,EAAE,EAAE,GAAG,UAAU,CAAC,EAAE,IAAI,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE;4BAC9E,QAAQ,EAAE,UAAU,CAAC,QAAQ;4BAC7B,QAAQ,EAAE,UAAU,CAAC,QAAQ;4BAC7B,QAAQ,EAAE,QAAQ,CAAC,IAAI;4BACvB,MAAM,EAAE,QAAQ,CAAC,MAAM;4BACvB,KAAK,EAAE,UAAU,CAAC,IAAI;4BACtB,WAAW,EAAE,UAAU,CAAC,OAAO;4BAC/B,cAAc,EAAE,UAAU,CAAC,cAAc;yBAC1C,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,qBAAqB;gBACvB,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC;QACvE,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAEpD,OAAO;YACL,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,WAAW,EAAE,UAAU,CAAC,OAAO,IAAI,UAAU,CAAC,OAAO;YACrD,KAAK,EAAE,UAAU,CAAC,IAAI,EAAE,KAAK;YAC7B,SAAS,EAAE,iBAAiB,CAAC,MAAM;YACnC,MAAM;YACN,QAAQ;YACR,KAAK;YACL,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC;SACtC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,QAAgB;QAChC,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAEnD,4BAA4B;QAC5B,IAAI,IAAiB,CAAC;QACtB,IAAI,CAAC;YACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC;QAAC,MAAM,CAAC;YACP,sCAAsC;YACtC,IAAI,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC;QAED,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,IAAiB;QACxC,MAAM,SAAS,GAAkB,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;QAE/B,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACrD,MAAM,OAAO,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAU,CAAC;YAEtF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAgC,CAAC;gBAClE,IAAI,CAAC,SAAS;oBAAE,SAAS;gBAEzB,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI;oBACJ,MAAM,EAAE,MAAM,CAAC,WAAW,EAA2B;oBACrD,WAAW,EAAE,SAAS,CAAC,WAAW;oBAClC,OAAO,EAAE,SAAS,CAAC,OAAO;oBAC1B,IAAI,EAAE,SAAS,CAAC,IAAI;oBACpB,UAAU,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,SAAS,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC;oBAC7E,WAAW,EAAE,SAAS,CAAC,WAAW;oBAClC,SAAS,EAAE,SAAS,CAAC,SAAS;oBAC9B,QAAQ,EAAE,SAAS,CAAC,QAAQ;iBAC7B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,QAA6B;QACjD,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,gBAAgB,CAAC;YACtB,KAAK,eAAe;gBAClB,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;YAChC,KAAK,WAAW,CAAC;YACjB,KAAK,kBAAkB;gBACrB,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;YACrC,KAAK,eAAe;gBAClB,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC;YACxC,KAAK,eAAe;gBAClB,OAAO,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC;YACxC,KAAK,MAAM;gBACT,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;YAChC;gBACE,OAAO,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,iBAAiB,CACvB,SAAwB,EACxB,IAAiB;QAEjB,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,IAAI,cAAc,GAAG,CAAC,CAAC;QACvB,IAAI,gBAAgB,GAAG,CAAC,CAAC;QAEzB,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;QAE7D,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,MAAM,OAAO,GAAG,UAAU,IAAI,CAAC,QAAQ,CAAC,QAAQ,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAClF,IAAI,OAAO;gBAAE,QAAQ,EAAE,CAAC;YAExB,MAAM,aAAa,GAAG,QAAQ,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAClD,CAAC,CAAC,MAAM,EAAE,OAAO,IAAI,CAAC,CAAC,MAAM,EAAE,SAAS,IAAI,CAAC,CAAC,MAAM,EAAE,IAAI,CAC3D,CAAC;YACF,IAAI,aAAa;gBAAE,cAAc,EAAE,CAAC;YAEpC,qCAAqC;YACrC,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CACpE,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAC9C,CAAC;YACF,IAAI,YAAY;gBAAE,gBAAgB,EAAE,CAAC;QACvC,CAAC;QAED,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC;QAC/B,OAAO;YACL,iBAAiB,EAAE,QAAQ;YAC3B,oBAAoB,EAAE,KAAK,GAAG,QAAQ;YACtC,uBAAuB,EAAE,cAAc;YACvC,yBAAyB,EAAE,gBAAgB;YAC3C,cAAc,EAAE,KAAK;YACrB,YAAY,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG;YACpE,kBAAkB,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,cAAc,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG;SACjF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,cAAc,CACpB,MAA0B,EAC1B,QAA0B;QAE1B,IAAI,KAAK,GAAG,GAAG,CAAC;QAEhB,oBAAoB;QACpB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,QAAQ,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACvB,KAAK,UAAU;oBACb,KAAK,IAAI,EAAE,CAAC;oBACZ,MAAM;gBACR,KAAK,MAAM;oBACT,KAAK,IAAI,EAAE,CAAC;oBACZ,MAAM;gBACR,KAAK,QAAQ;oBACX,KAAK,IAAI,CAAC,CAAC;oBACX,MAAM;gBACR,KAAK,KAAK;oBACR,KAAK,IAAI,CAAC,CAAC;oBACX,MAAM;YACV,CAAC;QACH,CAAC;QAED,2BAA2B;QAC3B,IAAI,QAAQ,CAAC,YAAY,GAAG,GAAG,EAAE,CAAC;YAChC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,GAAG,QAAQ,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,IAAI,QAAQ,CAAC,kBAAkB,GAAG,EAAE,EAAE,CAAC;YACrC,KAAK,IAAI,EAAE,CAAC;QACd,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,MAA0B;QAChD,MAAM,MAAM,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACpE,MAAM,aAAa,GAA2B,EAAE,CAAC;QACjD,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;QAE1C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,CAAC,QAAQ,IAAI,MAAM,EAAE,CAAC;gBAC7B,MAAM,CAAC,KAAK,CAAC,QAA+B,CAAC,EAAE,CAAC;YAClD,CAAC;YAED,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACzE,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAC5C,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC;aAChD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;aAC7B,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;aACX,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,QAAQ,EAAE,QAA+B,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;QAEtF,OAAO;YACL,cAAc,EAAE,MAAM,CAAC,QAAQ;YAC/B,UAAU,EAAE,MAAM,CAAC,IAAI;YACvB,YAAY,EAAE,MAAM,CAAC,MAAM;YAC3B,SAAS,EAAE,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC,IAAI;YACnC,aAAa;YACb,eAAe,EAAE,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;SACzD,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,OAAe;QACrC,gEAAgE;QAChE,MAAM,IAAI,GAAgB,EAAE,CAAC;QAE7B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,WAAW,GAAG,EAAE,CAAC;QACrB,IAAI,aAAa,GAAG,EAAE,CAAC;QAEvB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAE5B,gCAAgC;YAChC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO;gBAAE,SAAS;YAElD,yBAAyB;YACzB,IAAI,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBACnC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YACpE,CAAC;YAED,yBAAyB;YACzB,IAAI,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBACnC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YACpE,CAAC;YAED,eAAe;YACf,IAAI,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/B,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;gBACvC,IAAI,CAAC,IAAI,CAAC,KAAK;oBAAE,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;gBACjC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC;YAC/B,CAAC;YAED,6BAA6B;YAC7B,IAAI,WAAW,IAAI,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACpF,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;gBACzC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC;oBAC7B,IAAI,CAAC,KAAK,CAAC,WAAW,CAAS,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC;gBACvD,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,iBAAiB,CAAC,MAAyB;QACzC,OAAO,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACjC,EAAE,EAAE,KAAK,CAAC,EAAE;YACZ,IAAI,EAAE,eAAwB;YAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,IAAI,EAAE,KAAK,CAAC,GAAG,IAAI,EAAE;YACrB,KAAK,EAAE,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAoB;YAC7C,QAAQ,EAAE;gBACR,IAAI,EAAE,cAAc;gBACpB,SAAS,EAAE,CAAC;gBACZ,OAAO,EAAE,CAAC;gBACV,WAAW,EAAE,CAAC;gBACd,SAAS,EAAE,CAAC;aACb;YACD,WAAW,EAAE,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,KAAK,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,WAAW,EAAE;YACvF,cAAc,EAAE,KAAK,CAAC,cAAc;YACpC,UAAU,EAAE,GAAG;YACf,MAAM,EAAE,KAAK,CAAC,EAAE;YAChB,WAAW,EAAE,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE;YAChD,UAAU,EAAE,IAAI,IAAI,EAAE;SACvB,CAAC,CAAC,CAAC;IACN,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAA4B;IACpE,OAAO,IAAI,mBAAmB,CAAC,OAAO,CAAC,CAAC;AAC1C,CAAC"}