npm - @neurosec/sentry - Versions diffs - 1.0.0 - Mend

@neurosec/sentry 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

package/LICENSE +21 -0
package/README.md +118 -0
package/bin/cli.js +18 -0
package/bin/sentryd.js +19 -0
package/dist/api.d.ts +21 -0
package/dist/api.d.ts.map +1 -0
package/dist/api.js +161 -0
package/dist/api.js.map +1 -0
package/dist/audit.d.ts +18 -0
package/dist/audit.d.ts.map +1 -0
package/dist/audit.js +114 -0
package/dist/audit.js.map +1 -0
package/dist/cli.d.ts +3 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +255 -0
package/dist/cli.js.map +1 -0
package/dist/config.d.ts +54 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +160 -0
package/dist/config.js.map +1 -0
package/dist/discovery.d.ts +5 -0
package/dist/discovery.d.ts.map +1 -0
package/dist/discovery.js +279 -0
package/dist/discovery.js.map +1 -0
package/dist/enforcement/enforcement-engine.d.ts +37 -0
package/dist/enforcement/enforcement-engine.d.ts.map +1 -0
package/dist/enforcement/enforcement-engine.js +325 -0
package/dist/enforcement/enforcement-engine.js.map +1 -0
package/dist/enforcement/file-monitor.d.ts +4 -0
package/dist/enforcement/file-monitor.d.ts.map +1 -0
package/dist/enforcement/file-monitor.js +114 -0
package/dist/enforcement/file-monitor.js.map +1 -0
package/dist/index.d.ts +2 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +248 -0
package/dist/index.js.map +1 -0
package/dist/logger.d.ts +2 -0
package/dist/logger.d.ts.map +1 -0
package/dist/logger.js +17 -0
package/dist/logger.js.map +1 -0
package/dist/sandbox/index.d.ts +14 -0
package/dist/sandbox/index.d.ts.map +1 -0
package/dist/sandbox/index.js +91 -0
package/dist/sandbox/index.js.map +1 -0
package/dist/sandbox/linux-sandbox.d.ts +21 -0
package/dist/sandbox/linux-sandbox.d.ts.map +1 -0
package/dist/sandbox/linux-sandbox.js +186 -0
package/dist/sandbox/linux-sandbox.js.map +1 -0
package/dist/sandbox/macos-sandbox.d.ts +17 -0
package/dist/sandbox/macos-sandbox.d.ts.map +1 -0
package/dist/sandbox/macos-sandbox.js +145 -0
package/dist/sandbox/macos-sandbox.js.map +1 -0
package/dist/setup.d.ts +14 -0
package/dist/setup.d.ts.map +1 -0
package/dist/setup.js +220 -0
package/dist/setup.js.map +1 -0
package/dist/skill-authz/skill-evaluator.d.ts +20 -0
package/dist/skill-authz/skill-evaluator.d.ts.map +1 -0
package/dist/skill-authz/skill-evaluator.js +159 -0
package/dist/skill-authz/skill-evaluator.js.map +1 -0
package/dist/skill-authz/skill-scanner.d.ts +18 -0
package/dist/skill-authz/skill-scanner.d.ts.map +1 -0
package/dist/skill-authz/skill-scanner.js +169 -0
package/dist/skill-authz/skill-scanner.js.map +1 -0
package/dist/telemetry.d.ts +18 -0
package/dist/telemetry.d.ts.map +1 -0
package/dist/telemetry.js +106 -0
package/dist/telemetry.js.map +1 -0
package/dist/types.d.ts +127 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +209 -0
package/dist/types.js.map +1 -0
package/package.json +69 -0
package/scripts/install-sentry-macos.sh +238 -0
package/scripts/install-sentry.sh +253 -0
package/scripts/postinstall.js +191 -0
package/scripts/prepack.js +33 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 NeuroSec
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,118 @@
+# NeuroShield Sentry
+**Host-level agent protection daemon.** Detects AI agent processes running on your infrastructure, sandboxes them with kernel-level isolation, and enforces policies on filesystem access, network egress, syscalls, and skill/tool execution.
+```
+npm install -g @neurosec/sentry
+neuroshield-sentry setup
+sudo neuroshield-sentry install
+```
+## How It Works
+The Sentry daemon runs on each host and connects to your **NeuroSec** security platform:
+1. **Discovery** — scans `/proc/*` for processes matching agent framework signatures (LangChain, CrewAI, Claude Code, MCP, AutoGen, etc.)
+2. **Sandbox** — applies cgroups v2 (CPU/memory limits), seccomp (syscall allowlist), and Landlock (filesystem path restrictions) to each agent process
+3. **Enforcement** — evaluates every file access, network connection, and syscall against policy. Monitor mode = log-only. Enforce mode = block violations. Quarantine mode = kill on repeat offenses
+4. **Skill Authorization** — detects tool definitions from MCP manifests, env vars, and process args. High-risk skills (shell exec, file write, database queries) require approval or are blocked
+5. **Audit** — all decisions are logged as JSON Lines with auto-rotation and SIEM-ready format
+## Quick Start
+```bash
+# Install globally
+npm install -g @neurosec/sentry
+# Interactive setup (prompts for NeuroSec URL, org ID, token)
+neuroshield-sentry setup
+# Or non-interactive for automation
+neuroshield-sentry setup \
+  --org=org_abc123 \
+  --token=nst_yourtoken \
+  --mode=enforce \
+  --url=https://api.neurosec.ai
+# Install as system service (systemd on Linux, launchd on macOS)
+sudo neuroshield-sentry install
+# Check status
+neuroshield-sentry status
+# View real-time enforcement decisions
+neuroshield-sentry logs -f
+# Start the daemon manually
+sudo neuroshield-sentryd
+```
+## CLI Reference
+| Command | Description |
+|---------|-------------|
+| `setup` | Generate sentry.yaml configuration |
+| `install` | Install system service (systemd/launchd) |
+| `status` | Show daemon status and active processes |
+| `logs` | Tail the audit log (`-f` to follow, `-n 100` for lines) |
+| `version` | Print version |
+| `help` | Show usage |
+## Local API
+When running, the daemon exposes a local HTTP API on `127.0.0.1:9191`:
+```
+GET  /api/v1/status         — Daemon status
+GET  /api/v1/processes      — Tagged agent processes
+GET  /api/v1/processes/:pid — Single process detail
+GET  /api/v1/decisions      — Recent enforcement decisions
+GET  /api/v1/policy         — Active policy
+POST /api/v1/policy/reload  — Force policy sync
+GET  /api/v1/approvals      — Pending skill approvals
+POST /api/v1/approve/:id    — Approve a skill invocation
+POST /api/v1/deny/:id       — Deny a skill invocation
+```
+## Requirements
+- **Linux** (kernel 5.4+ for cgroups v2, seccomp, Landlock) or **macOS** (Ventura+)
+- **Node.js** >= 20
+- **Systemd** (Linux) or **launchd** (macOS) for service installation
+- Root/sudo access for sandbox (cgroups, seccomp) and `/proc` scanning
+## Configuration
+Config is at `/etc/neuroshield/sentry.yaml`. Key settings:
+```yaml
+neurosec:
+  endpoint: "https://api.neurosec.ai"
+  org_id: "your-org-id"
+  token_path: /etc/neuroshield/sentry.token
+enforcement:
+  mode: "monitor"   # monitor | enforce | quarantine
+```
+All settings are also configurable via environment variables (`NEUROSEC_ORG_ID`, `SENTRY_ENFORCEMENT_MODE`, etc.)
+## Platform Backends
+| Feature | Linux | macOS |
+|---------|-------|-------|
+| Cgroups CPU/memory limits | ✓ cgroups v2 | — |
+| Seccomp syscall filtering | ✓ BPF | — |
+| Landlock FS restrictions | ✓ kernel 5.13+ | — |
+| Seatbelt sandbox profile | — | ✓ sandbox-exec |
+| Endpoint Security monitor | — | ✓ ES framework |
+| Process discovery (/proc) | ✓ | limited |
+| Network monitoring | ✓ nftables/iptables | ✓ pf |
+## Kubernetes
+Deploy as a DaemonSet for per-node enforcement:
+```bash
+kubectl apply -f https://raw.githubusercontent.com/neurosec-ai/neurosec/main/packages/sentry/k8s/daemonset.yaml
+```

package/bin/cli.js ADDED Viewed

@@ -0,0 +1,18 @@
+#!/usr/bin/env node
+// NeuroShield Sentry — CLI management tool
+// Installed globally via `npm install -g @neurosec/sentry`
+const path = require('path');
+let cli;
+try {
+  cli = require(path.resolve(__dirname, '..', 'dist', 'cli.js'));
+} catch (e1) {
+  try {
+    cli = require(path.resolve(__dirname, '..', 'src', 'cli.ts'));
+  } catch (e2) {
+    console.error('Failed to load CLI. Build it first: npm run build');
+    console.error('  or install globally: npm install -g @neurosec/sentry');
+    process.exit(1);
+  }
+}

package/bin/sentryd.js ADDED Viewed

@@ -0,0 +1,19 @@
+#!/usr/bin/env node
+// NeuroShield Sentry Daemon — binary entry point
+// Installed globally via `npm install -g @neurosec/sentry`
+const path = require('path');
+// Try the dist build first (production), then source as fallback (dev)
+let main;
+try {
+  main = require(path.resolve(__dirname, '..', 'dist', 'index.js'));
+} catch (e1) {
+  try {
+    main = require(path.resolve(__dirname, '..', 'src', 'index.ts'));
+  } catch (e2) {
+    console.error('Failed to load sentry daemon. Build it first: npm run build');
+    console.error('  or install globally: npm install -g @neurosec/sentry');
+    process.exit(1);
+  }
+}

package/dist/api.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import { SentryConfig } from './config';
+import { TaggedProcess, SentryStatus } from './types';
+import { EnforcementEngine } from './enforcement/enforcement-engine';
+import { SkillEvaluator } from './skill-authz/skill-evaluator';
+export declare class SentryApiServer {
+    private config;
+    private getTaggedProcesses;
+    private getEngine;
+    private getSkillEvaluator;
+    private getPolicyVersion;
+    private getLastSyncAt;
+    private server;
+    private startTime;
+    constructor(config: SentryConfig, getTaggedProcesses: () => TaggedProcess[], getEngine: () => EnforcementEngine, getSkillEvaluator: () => SkillEvaluator, getPolicyVersion: () => string, getLastSyncAt: () => string | null);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    getStatus(): SentryStatus;
+    private handleRequest;
+    private json;
+}
+//# sourceMappingURL=api.d.ts.map

package/dist/api.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AACxC,OAAO,EAAE,aAAa,EAAuB,YAAY,EAAE,MAAM,SAAS,CAAC;AAC3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAG/D,qBAAa,eAAe;IAKxB,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,kBAAkB;IAC1B,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,iBAAiB;IACzB,OAAO,CAAC,gBAAgB;IACxB,OAAO,CAAC,aAAa;IATvB,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,SAAS,CAAc;gBAGrB,MAAM,EAAE,YAAY,EACpB,kBAAkB,EAAE,MAAM,aAAa,EAAE,EACzC,SAAS,EAAE,MAAM,iBAAiB,EAClC,iBAAiB,EAAE,MAAM,cAAc,EACvC,gBAAgB,EAAE,MAAM,MAAM,EAC9B,aAAa,EAAE,MAAM,MAAM,GAAG,IAAI;IAGtC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAqBtB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ3B,SAAS,IAAI,YAAY;YAmBX,aAAa;YAuGb,IAAI;CAInB"}

package/dist/api.js ADDED Viewed

@@ -0,0 +1,161 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SentryApiServer = void 0;
+const http_1 = __importDefault(require("http"));
+const logger_1 = require("./logger");
+class SentryApiServer {
+    constructor(config, getTaggedProcesses, getEngine, getSkillEvaluator, getPolicyVersion, getLastSyncAt) {
+        this.config = config;
+        this.getTaggedProcesses = getTaggedProcesses;
+        this.getEngine = getEngine;
+        this.getSkillEvaluator = getSkillEvaluator;
+        this.getPolicyVersion = getPolicyVersion;
+        this.getLastSyncAt = getLastSyncAt;
+        this.server = null;
+        this.startTime = Date.now();
+    }
+    async start() {
+        if (this.server)
+            return;
+        this.server = http_1.default.createServer((req, res) => {
+            this.handleRequest(req, res).catch(err => {
+                logger_1.logger.error('API handler error', { err: err.message });
+                if (!res.headersSent) {
+                    res.writeHead(500, { 'Content-Type': 'application/json' });
+                }
+                res.end(JSON.stringify({ error: 'Internal server error' }));
+            });
+        });
+        await new Promise((resolve, reject) => {
+            this.server.once('error', reject);
+            this.server.listen(this.config.sentry.apiPort, '127.0.0.1', () => resolve());
+        });
+        logger_1.logger.info('Sentry API server listening', { port: this.config.sentry.apiPort });
+    }
+    async stop() {
+        if (!this.server)
+            return;
+        await new Promise((resolve, reject) => {
+            this.server?.close(err => (err ? reject(err) : resolve()));
+        });
+        this.server = null;
+    }
+    getStatus() {
+        const engine = this.getEngine();
+        const stats = engine.getStats();
+        const processes = this.getTaggedProcesses();
+        return {
+            version: this.config.sentry.version,
+            uptime: Math.floor((Date.now() - this.startTime) / 1000),
+            mode: this.config.enforcement.mode,
+            policyVersion: this.getPolicyVersion(),
+            taggedProcesses: processes.length,
+            sandboxedProcesses: processes.filter(p => p.sandboxed).length,
+            decisionsTotal: stats.total,
+            decisionsDenied: stats.denied,
+            lastSyncAt: this.getLastSyncAt(),
+            platform: process.platform === 'linux' ? 'linux' : process.platform === 'darwin' ? 'darwin' : 'unknown',
+        };
+    }
+    async handleRequest(req, res) {
+        res.setHeader('Content-Type', 'application/json');
+        const parsed = new URL(req.url ?? '/', 'http://127.0.0.1');
+        const pathname = parsed.pathname;
+        const method = req.method ?? 'GET';
+        // CORS for local dev
+        res.setHeader('Access-Control-Allow-Origin', 'http://localhost:3000');
+        res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
+        res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
+        if (method === 'OPTIONS') {
+            res.writeHead(204);
+            res.end();
+            return;
+        }
+        try {
+            switch (true) {
+                case method === 'GET' && pathname === '/api/v1/status':
+                    await this.json(res, 200, this.getStatus());
+                    break;
+                case method === 'GET' && pathname === '/api/v1/processes':
+                    await this.json(res, 200, this.getTaggedProcesses());
+                    break;
+                case method === 'GET' && /^\/api\/v1\/processes\/(\d+)$/.test(pathname): {
+                    const pid = parseInt(pathname.match(/^\/api\/v1\/processes\/(\d+)$/)[1], 10);
+                    const processes = this.getTaggedProcesses();
+                    const proc = processes.find(p => p.pid === pid);
+                    if (proc) {
+                        await this.json(res, 200, proc);
+                    }
+                    else {
+                        await this.json(res, 404, { error: 'Process not found' });
+                    }
+                    break;
+                }
+                case method === 'GET' && pathname === '/api/v1/decisions':
+                    await this.json(res, 200, this.getEngine().getRecentDecisions());
+                    break;
+                case method === 'GET' && pathname === '/api/v1/policy':
+                    await this.json(res, 200, {
+                        version: this.getPolicyVersion(),
+                        mode: this.config.enforcement.mode,
+                        sandboxEnabled: this.config.enforcement.sandboxEnabled,
+                        skillAuthzEnabled: this.config.skillAuthz.enabled,
+                        allowedEgress: this.config.network.allowHosts,
+                        blockedEgress: this.config.network.blockHosts,
+                    });
+                    break;
+                case method === 'POST' && pathname === '/api/v1/policy/reload':
+                    await this.json(res, 200, { message: 'Policy reload requested' });
+                    break;
+                case method === 'POST' && /^\/api\/v1\/sandbox\/(\d+)\/(disable|restrict)$/.test(pathname): {
+                    const match = pathname.match(/^\/api\/v1\/sandbox\/(\d+)\/(disable|restrict)$/);
+                    const pid = parseInt(match[1], 10);
+                    const action = match[2];
+                    logger_1.logger.info('Sandbox action requested', { pid, action });
+                    await this.json(res, 200, { message: `Sandbox ${action} for pid ${pid}` });
+                    break;
+                }
+                case method === 'GET' && pathname === '/api/v1/approvals':
+                    await this.json(res, 200, this.getSkillEvaluator().getPendingApprovals());
+                    break;
+                case method === 'POST' && /^\/api\/v1\/approve\/(.+)$/.test(pathname): {
+                    const invocationId = pathname.match(/^\/api\/v1\/approve\/(.+)$/)[1];
+                    const success = this.getSkillEvaluator().approve(invocationId);
+                    if (success) {
+                        await this.json(res, 200, { message: 'Skill invocation approved', invocationId });
+                    }
+                    else {
+                        await this.json(res, 404, { error: 'Approval request not found or expired', invocationId });
+                    }
+                    break;
+                }
+                case method === 'POST' && /^\/api\/v1\/deny\/(.+)$/.test(pathname): {
+                    const invocationId = pathname.match(/^\/api\/v1\/deny\/(.+)$/)[1];
+                    const success = this.getSkillEvaluator().deny(invocationId);
+                    if (success) {
+                        await this.json(res, 200, { message: 'Skill invocation denied', invocationId });
+                    }
+                    else {
+                        await this.json(res, 404, { error: 'Denial request not found or expired', invocationId });
+                    }
+                    break;
+                }
+                default:
+                    await this.json(res, 404, { error: 'Not found', path: pathname });
+            }
+        }
+        catch (err) {
+            logger_1.logger.error('API error', { path: pathname, err: err.message });
+            await this.json(res, 500, { error: 'Internal error' });
+        }
+    }
+    async json(res, status, data) {
+        res.writeHead(status, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify(data));
+    }
+}
+exports.SentryApiServer = SentryApiServer;
+//# sourceMappingURL=api.js.map

package/dist/api.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"api.js","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":";;;;;;AAAA,gDAAwB;AAKxB,qCAAkC;AAElC,MAAa,eAAe;IAI1B,YACU,MAAoB,EACpB,kBAAyC,EACzC,SAAkC,EAClC,iBAAuC,EACvC,gBAA8B,EAC9B,aAAkC;QALlC,WAAM,GAAN,MAAM,CAAc;QACpB,uBAAkB,GAAlB,kBAAkB,CAAuB;QACzC,cAAS,GAAT,SAAS,CAAyB;QAClC,sBAAiB,GAAjB,iBAAiB,CAAsB;QACvC,qBAAgB,GAAhB,gBAAgB,CAAc;QAC9B,kBAAa,GAAb,aAAa,CAAqB;QATpC,WAAM,GAAuB,IAAI,CAAC;QAClC,cAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAS5B,CAAC;IAEJ,KAAK,CAAC,KAAK;QACT,IAAI,IAAI,CAAC,MAAM;YAAE,OAAO;QAExB,IAAI,CAAC,MAAM,GAAG,cAAI,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YAC3C,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;gBACvC,eAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE,EAAE,GAAG,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;gBACnE,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;oBACrB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;gBAC7D,CAAC;gBACD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC,CAAC;YAC9D,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,IAAI,CAAC,MAAO,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACnC,IAAI,CAAC,MAAO,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;QAChF,CAAC,CAAC,CAAC;QAEH,eAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,OAAO;QACzB,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC1C,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QAC7D,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACrB,CAAC;IAED,SAAS;QACP,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;QAChC,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAE5C,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO;YACnC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;YACxD,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI;YAClC,aAAa,EAAE,IAAI,CAAC,gBAAgB,EAAE;YACtC,eAAe,EAAE,SAAS,CAAC,MAAM;YACjC,kBAAkB,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,MAAM;YAC7D,cAAc,EAAE,KAAK,CAAC,KAAK;YAC3B,eAAe,EAAE,KAAK,CAAC,MAAM;YAC7B,UAAU,EAAE,IAAI,CAAC,aAAa,EAAE;YAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;SACxG,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,GAAyB,EAAE,GAAwB;QAC7E,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAElD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,KAAK,CAAC;QAEnC,qBAAqB;QACrB,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,uBAAuB,CAAC,CAAC;QACtE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,oBAAoB,CAAC,CAAC;QACpE,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,cAAc,CAAC,CAAC;QAE9D,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,GAAG,EAAE,CAAC;YACV,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,QAAQ,IAAI,EAAE,CAAC;gBACb,KAAK,MAAM,KAAK,KAAK,IAAI,QAAQ,KAAK,gBAAgB;oBACpD,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;oBAC5C,MAAM;gBAER,KAAK,MAAM,KAAK,KAAK,IAAI,QAAQ,KAAK,mBAAmB;oBACvD,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC;oBACrD,MAAM;gBAER,KAAK,MAAM,KAAK,KAAK,IAAI,+BAA+B,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;oBACxE,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,+BAA+B,CAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC9E,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;oBAC5C,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;oBAChD,IAAI,IAAI,EAAE,CAAC;wBACT,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;oBAClC,CAAC;yBAAM,CAAC;wBACN,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC,CAAC;oBAC5D,CAAC;oBACD,MAAM;gBACR,CAAC;gBAED,KAAK,MAAM,KAAK,KAAK,IAAI,QAAQ,KAAK,mBAAmB;oBACvD,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,kBAAkB,EAAE,CAAC,CAAC;oBACjE,MAAM;gBAER,KAAK,MAAM,KAAK,KAAK,IAAI,QAAQ,KAAK,gBAAgB;oBACpD,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;wBACxB,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE;wBAChC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI;wBAClC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,cAAc;wBACtD,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,OAAO;wBACjD,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU;wBAC7C,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU;qBAC9C,CAAC,CAAC;oBACH,MAAM;gBAER,KAAK,MAAM,KAAK,MAAM,IAAI,QAAQ,KAAK,uBAAuB;oBAC5D,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;oBAClE,MAAM;gBAER,KAAK,MAAM,KAAK,MAAM,IAAI,iDAAiD,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;oBAC3F,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;oBAChF,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACpC,MAAM,MAAM,GAAG,KAAM,CAAC,CAAC,CAAC,CAAC;oBACzB,eAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,CAAC;oBACzD,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,WAAW,MAAM,YAAY,GAAG,EAAE,EAAE,CAAC,CAAC;oBAC3E,MAAM;gBACR,CAAC;gBAED,KAAK,MAAM,KAAK,KAAK,IAAI,QAAQ,KAAK,mBAAmB;oBACvD,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,iBAAiB,EAAE,CAAC,mBAAmB,EAAE,CAAC,CAAC;oBAC1E,MAAM;gBAER,KAAK,MAAM,KAAK,MAAM,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;oBACtE,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,4BAA4B,CAAE,CAAC,CAAC,CAAC,CAAC;oBACtE,MAAM,OAAO,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;oBAC/D,IAAI,OAAO,EAAE,CAAC;wBACZ,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,2BAA2B,EAAE,YAAY,EAAE,CAAC,CAAC;oBACpF,CAAC;yBAAM,CAAC;wBACN,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,uCAAuC,EAAE,YAAY,EAAE,CAAC,CAAC;oBAC9F,CAAC;oBACD,MAAM;gBACR,CAAC;gBAED,KAAK,MAAM,KAAK,MAAM,IAAI,yBAAyB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;oBACnE,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,yBAAyB,CAAE,CAAC,CAAC,CAAC,CAAC;oBACnE,MAAM,OAAO,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;oBAC5D,IAAI,OAAO,EAAE,CAAC;wBACZ,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,yBAAyB,EAAE,YAAY,EAAE,CAAC,CAAC;oBAClF,CAAC;yBAAM,CAAC;wBACN,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,qCAAqC,EAAE,YAAY,EAAE,CAAC,CAAC;oBAC5F,CAAC;oBACD,MAAM;gBACR,CAAC;gBAED;oBACE,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;YACtE,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,eAAM,CAAC,KAAK,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YAC3E,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,gBAAgB,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,IAAI,CAAC,GAAwB,EAAE,MAAc,EAAE,IAAa;QACxE,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC9D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAChC,CAAC;CACF;AAxKD,0CAwKC"}

package/dist/audit.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { AuditEntry } from './types';
+import { SentryConfig } from './config';
+export declare class AuditLogger {
+    private config;
+    private stream;
+    private writeQueue;
+    private flushTimer;
+    private currentSizeBytes;
+    private logDir;
+    constructor(config: SentryConfig);
+    init(): Promise<void>;
+    log(entry: AuditEntry): Promise<void>;
+    private flush;
+    private rotate;
+    private cleanupOldRotations;
+    shutdown(): Promise<void>;
+}
+//# sourceMappingURL=audit.d.ts.map

package/dist/audit.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAGxC,qBAAa,WAAW;IAOV,OAAO,CAAC,MAAM;IAN1B,OAAO,CAAC,MAAM,CAA4B;IAC1C,OAAO,CAAC,UAAU,CAAoB;IACtC,OAAO,CAAC,UAAU,CAA+C;IACjE,OAAO,CAAC,gBAAgB,CAAK;IAC7B,OAAO,CAAC,MAAM,CAAS;gBAEH,MAAM,EAAE,YAAY;IAIlC,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAiBrB,GAAG,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;YAQ7B,KAAK;YAoBL,MAAM;YAqBN,mBAAmB;IA4B3B,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAahC"}

package/dist/audit.js ADDED Viewed

@@ -0,0 +1,114 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuditLogger = void 0;
+const promises_1 = __importDefault(require("fs/promises"));
+const path_1 = __importDefault(require("path"));
+const fs_1 = require("fs");
+const logger_1 = require("./logger");
+class AuditLogger {
+    constructor(config) {
+        this.config = config;
+        this.stream = null;
+        this.writeQueue = [];
+        this.flushTimer = null;
+        this.currentSizeBytes = 0;
+        this.logDir = path_1.default.dirname(config.audit.logPath);
+    }
+    async init() {
+        await promises_1.default.mkdir(this.logDir, { recursive: true });
+        try {
+            const stat = await promises_1.default.stat(this.config.audit.logPath).catch(() => null);
+            if (stat) {
+                this.currentSizeBytes = stat.size;
+            }
+        }
+        catch {
+            this.currentSizeBytes = 0;
+        }
+        this.stream = (0, fs_1.createWriteStream)(this.config.audit.logPath, { flags: 'a' });
+        this.flushTimer = setInterval(() => this.flush(), 5000);
+        logger_1.logger.info('Audit logger initialized', { path: this.config.audit.logPath });
+    }
+    async log(entry) {
+        this.writeQueue.push(entry);
+        if (this.writeQueue.length >= 100) {
+            await this.flush();
+        }
+    }
+    async flush() {
+        if (this.writeQueue.length === 0)
+            return;
+        const batch = this.writeQueue.splice(0, this.writeQueue.length);
+        const lines = batch.map(entry => JSON.stringify(entry)).join('\n') + '\n';
+        if (this.stream) {
+            const canWrite = this.stream.write(lines);
+            this.currentSizeBytes += Buffer.byteLength(lines);
+            if (this.currentSizeBytes >= this.config.audit.maxSizeMb * 1024 * 1024) {
+                await this.rotate();
+            }
+            if (!canWrite) {
+                await new Promise(resolve => this.stream.once('drain', resolve));
+            }
+        }
+    }
+    async rotate() {
+        if (this.stream) {
+            this.stream.end();
+            this.stream = null;
+        }
+        const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+        const rotatedPath = `${this.config.audit.logPath}.${timestamp}`;
+        try {
+            await promises_1.default.rename(this.config.audit.logPath, rotatedPath);
+        }
+        catch {
+            // Already rotated or doesn't exist
+        }
+        this.currentSizeBytes = 0;
+        this.stream = (0, fs_1.createWriteStream)(this.config.audit.logPath, { flags: 'a' });
+        await this.cleanupOldRotations();
+    }
+    async cleanupOldRotations() {
+        try {
+            const dir = path_1.default.dirname(this.config.audit.logPath);
+            const baseName = path_1.default.basename(this.config.audit.logPath);
+            const files = await promises_1.default.readdir(dir);
+            const now = Date.now();
+            const maxAge = this.config.audit.retentionDays * 24 * 60 * 60 * 1000;
+            for (const file of files) {
+                if (file.startsWith(baseName + '.')) {
+                    const filePath = path_1.default.join(dir, file);
+                    try {
+                        const stat = await promises_1.default.stat(filePath);
+                        if (now - stat.mtimeMs > maxAge) {
+                            await promises_1.default.unlink(filePath);
+                            logger_1.logger.debug('Removed old audit rotation', { file: filePath });
+                        }
+                    }
+                    catch {
+                        // skip
+                    }
+                }
+            }
+        }
+        catch {
+            // cleanup is best-effort
+        }
+    }
+    async shutdown() {
+        if (this.flushTimer) {
+            clearInterval(this.flushTimer);
+            this.flushTimer = null;
+        }
+        await this.flush();
+        if (this.stream) {
+            this.stream.end();
+            this.stream = null;
+        }
+    }
+}
+exports.AuditLogger = AuditLogger;
+//# sourceMappingURL=audit.js.map

package/dist/audit.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"audit.js","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":";;;;;;AAAA,2DAA6B;AAC7B,gDAAwB;AACxB,2BAAoD;AAGpD,qCAAkC;AAElC,MAAa,WAAW;IAOtB,YAAoB,MAAoB;QAApB,WAAM,GAAN,MAAM,CAAc;QANhC,WAAM,GAAuB,IAAI,CAAC;QAClC,eAAU,GAAiB,EAAE,CAAC;QAC9B,eAAU,GAA0C,IAAI,CAAC;QACzD,qBAAgB,GAAG,CAAC,CAAC;QAI3B,IAAI,CAAC,MAAM,GAAG,cAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,IAAI;QACR,MAAM,kBAAE,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAEjD,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,kBAAE,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;YACxE,IAAI,IAAI,EAAE,CAAC;gBACT,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC;YACpC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,gBAAgB,GAAG,CAAC,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,IAAA,sBAAiB,EAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;QAC3E,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,CAAC;QACxD,eAAM,CAAC,IAAI,CAAC,0BAA0B,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/E,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,KAAiB;QACzB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE5B,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;YAClC,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;QACrB,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,KAAK;QACjB,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAEzC,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAChE,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;QAE1E,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC1C,IAAI,CAAC,gBAAgB,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;YAElD,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;gBACvE,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;YACtB,CAAC;YAED,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,OAAO,CAAO,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,MAAO,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,MAAM;QAClB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YAClB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACrB,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QACjE,MAAM,WAAW,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,IAAI,SAAS,EAAE,CAAC;QAEhE,IAAI,CAAC;YACH,MAAM,kBAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC1D,CAAC;QAAC,MAAM,CAAC;YACP,mCAAmC;QACrC,CAAC;QAED,IAAI,CAAC,gBAAgB,GAAG,CAAC,CAAC;QAC1B,IAAI,CAAC,MAAM,GAAG,IAAA,sBAAiB,EAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;QAE3E,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;IACnC,CAAC;IAEO,KAAK,CAAC,mBAAmB;QAC/B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,cAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACpD,MAAM,QAAQ,GAAG,cAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC1D,MAAM,KAAK,GAAG,MAAM,kBAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAEpC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;YAErE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,GAAG,GAAG,CAAC,EAAE,CAAC;oBACpC,MAAM,QAAQ,GAAG,cAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;oBACtC,IAAI,CAAC;wBACH,MAAM,IAAI,GAAG,MAAM,kBAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;wBACrC,IAAI,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,MAAM,EAAE,CAAC;4BAChC,MAAM,kBAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;4BAC1B,eAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;wBACjE,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,OAAO;oBACT,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,yBAAyB;QAC3B,CAAC;IACH,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QAED,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;QAEnB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YAClB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACrB,CAAC;IACH,CAAC;CACF;AAtHD,kCAsHC"}

package/dist/cli.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":""}