@openpalm/ui 0.11.3-rc.7 → 0.11.3-rc.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (246) hide show
  1. package/build/.openpalm-ui-version +1 -1
  2. package/build/client/_app/immutable/chunks/BGteD5HD.js +3 -0
  3. package/build/client/_app/immutable/chunks/BGteD5HD.js.br +0 -0
  4. package/build/client/_app/immutable/chunks/BGteD5HD.js.gz +0 -0
  5. package/build/client/_app/immutable/chunks/{Ch3mxygo.js → BdiA07Cr.js} +2 -2
  6. package/build/client/_app/immutable/chunks/BdiA07Cr.js.br +0 -0
  7. package/build/client/_app/immutable/chunks/BdiA07Cr.js.gz +0 -0
  8. package/build/client/_app/immutable/chunks/{8GwYYoh1.js → BrWfMke-.js} +1 -1
  9. package/build/client/_app/immutable/chunks/BrWfMke-.js.br +0 -0
  10. package/build/client/_app/immutable/chunks/BrWfMke-.js.gz +0 -0
  11. package/build/client/_app/immutable/chunks/CxdjKjms.js +1 -0
  12. package/build/client/_app/immutable/chunks/CxdjKjms.js.br +2 -0
  13. package/build/client/_app/immutable/chunks/CxdjKjms.js.gz +0 -0
  14. package/build/client/_app/immutable/entry/{app.BsCMRrYb.js → app.n2WxkaaX.js} +2 -2
  15. package/build/client/_app/immutable/entry/app.n2WxkaaX.js.br +0 -0
  16. package/build/client/_app/immutable/entry/app.n2WxkaaX.js.gz +0 -0
  17. package/build/client/_app/immutable/entry/start.BJuDKNgA.js +1 -0
  18. package/build/client/_app/immutable/entry/start.BJuDKNgA.js.br +1 -0
  19. package/build/client/_app/immutable/entry/start.BJuDKNgA.js.gz +0 -0
  20. package/build/client/_app/immutable/nodes/{1.JckcqvUc.js → 1.Bb0Ip5FV.js} +1 -1
  21. package/build/client/_app/immutable/nodes/1.Bb0Ip5FV.js.br +1 -0
  22. package/build/client/_app/immutable/nodes/1.Bb0Ip5FV.js.gz +0 -0
  23. package/build/client/_app/immutable/nodes/{4.Td4VWhKZ.js → 4.C8Z85GGd.js} +1 -1
  24. package/build/client/_app/immutable/nodes/4.C8Z85GGd.js.br +0 -0
  25. package/build/client/_app/immutable/nodes/4.C8Z85GGd.js.gz +0 -0
  26. package/build/client/_app/immutable/nodes/{5.6Z-Sb6Kz.js → 5.CFDs7Dy0.js} +1 -1
  27. package/build/client/_app/immutable/nodes/5.CFDs7Dy0.js.br +0 -0
  28. package/build/client/_app/immutable/nodes/5.CFDs7Dy0.js.gz +0 -0
  29. package/build/client/_app/immutable/nodes/{6.DSY3eG2t.js → 6.DKHV_Lbm.js} +1 -1
  30. package/build/client/_app/immutable/nodes/6.DKHV_Lbm.js.br +0 -0
  31. package/build/client/_app/immutable/nodes/6.DKHV_Lbm.js.gz +0 -0
  32. package/build/client/_app/immutable/nodes/{7.DlFye_fu.js → 7.CpYANMeV.js} +1 -1
  33. package/build/client/_app/immutable/nodes/7.CpYANMeV.js.br +0 -0
  34. package/build/client/_app/immutable/nodes/7.CpYANMeV.js.gz +0 -0
  35. package/build/client/_app/immutable/nodes/{8.IfoQxyZG.js → 8.B3hK7dCg.js} +1 -1
  36. package/build/client/_app/immutable/nodes/8.B3hK7dCg.js.br +0 -0
  37. package/build/client/_app/immutable/nodes/8.B3hK7dCg.js.gz +0 -0
  38. package/build/client/_app/version.json +1 -1
  39. package/build/client/_app/version.json.br +1 -1
  40. package/build/client/_app/version.json.gz +0 -0
  41. package/build/server/chunks/1-sHYqow-o.js +9 -0
  42. package/build/server/chunks/{1-BIjMZ-Bk.js.map → 1-sHYqow-o.js.map} +1 -1
  43. package/build/server/chunks/4-D0bsxEuU.js +9 -0
  44. package/build/server/chunks/{4-C_-w1ytD.js.map → 4-D0bsxEuU.js.map} +1 -1
  45. package/build/server/chunks/5-DmMvznoc.js +9 -0
  46. package/build/server/chunks/{5-mSscLbm1.js.map → 5-DmMvznoc.js.map} +1 -1
  47. package/build/server/chunks/{6-B1lBdjh9.js → 6-D_6ZnOUn.js} +3 -3
  48. package/build/server/chunks/{6-B1lBdjh9.js.map → 6-D_6ZnOUn.js.map} +1 -1
  49. package/build/server/chunks/7-BDQEzJqj.js +9 -0
  50. package/build/server/chunks/{7-xLOqOd6x.js.map → 7-BDQEzJqj.js.map} +1 -1
  51. package/build/server/chunks/{8-BpRVP1QQ.js → 8--SjCfJ_W.js} +3 -3
  52. package/build/server/chunks/{8-BpRVP1QQ.js.map → 8--SjCfJ_W.js.map} +1 -1
  53. package/build/server/chunks/{Navbar-lk8oBizZ.js → Navbar-eH-OnRXt.js} +3 -3
  54. package/build/server/chunks/{Navbar-lk8oBizZ.js.map → Navbar-eH-OnRXt.js.map} +1 -1
  55. package/build/server/chunks/{_page.svelte-BX1oHlIt.js → _page.svelte-CcvUi89z.js} +3 -3
  56. package/build/server/chunks/{_page.svelte-BX1oHlIt.js.map → _page.svelte-CcvUi89z.js.map} +1 -1
  57. package/build/server/chunks/{_page.svelte-CAGFUL1n.js → _page.svelte-Cva6sfY9.js} +5 -5
  58. package/build/server/chunks/{_page.svelte-CAGFUL1n.js.map → _page.svelte-Cva6sfY9.js.map} +1 -1
  59. package/build/server/chunks/{_page.svelte-CybkWQLJ.js → _page.svelte-DBT6m2Fy.js} +8 -8
  60. package/build/server/chunks/_page.svelte-DBT6m2Fy.js.map +1 -0
  61. package/build/server/chunks/{_page.svelte-CxVGj1pa.js → _page.svelte-DdfNz3ND.js} +5 -5
  62. package/build/server/chunks/{_page.svelte-CxVGj1pa.js.map → _page.svelte-DdfNz3ND.js.map} +1 -1
  63. package/build/server/chunks/{_page.svelte-D3udTbqw.js → _page.svelte-JKwUdwX7.js} +5 -5
  64. package/build/server/chunks/{_page.svelte-D3udTbqw.js.map → _page.svelte-JKwUdwX7.js.map} +1 -1
  65. package/build/server/chunks/{_server.ts-D5DGFhsH.js → _server.ts-0XsihZif.js} +2 -2
  66. package/build/server/chunks/{_server.ts-D5DGFhsH.js.map → _server.ts-0XsihZif.js.map} +1 -1
  67. package/build/server/chunks/{_server.ts-JJiwGX-I.js → _server.ts-2VQoZ57d.js} +2 -2
  68. package/build/server/chunks/{_server.ts-JJiwGX-I.js.map → _server.ts-2VQoZ57d.js.map} +1 -1
  69. package/build/server/chunks/{_server.ts-H7hcexYF.js → _server.ts-4-UC6SEV.js} +2 -2
  70. package/build/server/chunks/{_server.ts-H7hcexYF.js.map → _server.ts-4-UC6SEV.js.map} +1 -1
  71. package/build/server/chunks/{_server.ts-BTznNbRE.js → _server.ts-7D-Rc6vR.js} +2 -2
  72. package/build/server/chunks/{_server.ts-BTznNbRE.js.map → _server.ts-7D-Rc6vR.js.map} +1 -1
  73. package/build/server/chunks/{_server.ts-kbgiaQ3k.js → _server.ts-B-e9YBGN.js} +2 -2
  74. package/build/server/chunks/{_server.ts-kbgiaQ3k.js.map → _server.ts-B-e9YBGN.js.map} +1 -1
  75. package/build/server/chunks/{_server.ts-BM_LtlVD.js → _server.ts-B19b36Eo.js} +2 -2
  76. package/build/server/chunks/{_server.ts-BM_LtlVD.js.map → _server.ts-B19b36Eo.js.map} +1 -1
  77. package/build/server/chunks/{_server.ts-DbCK6l5Q.js → _server.ts-B262_mM_.js} +2 -2
  78. package/build/server/chunks/{_server.ts-DbCK6l5Q.js.map → _server.ts-B262_mM_.js.map} +1 -1
  79. package/build/server/chunks/{_server.ts-CP998tWl.js → _server.ts-B4xZ8oA3.js} +2 -2
  80. package/build/server/chunks/{_server.ts-CP998tWl.js.map → _server.ts-B4xZ8oA3.js.map} +1 -1
  81. package/build/server/chunks/{_server.ts-uUHkM5Mz.js → _server.ts-B6xTnPJR.js} +2 -2
  82. package/build/server/chunks/{_server.ts-uUHkM5Mz.js.map → _server.ts-B6xTnPJR.js.map} +1 -1
  83. package/build/server/chunks/{_server.ts-YxrlXy1y.js → _server.ts-B8yF8yr3.js} +2 -2
  84. package/build/server/chunks/{_server.ts-YxrlXy1y.js.map → _server.ts-B8yF8yr3.js.map} +1 -1
  85. package/build/server/chunks/{_server.ts-25h8BWdu.js → _server.ts-BPI-RcmG.js} +2 -2
  86. package/build/server/chunks/{_server.ts-25h8BWdu.js.map → _server.ts-BPI-RcmG.js.map} +1 -1
  87. package/build/server/chunks/{_server.ts-DWHfVWXw.js → _server.ts-BYeJhgFH.js} +3 -3
  88. package/build/server/chunks/{_server.ts-DWHfVWXw.js.map → _server.ts-BYeJhgFH.js.map} +1 -1
  89. package/build/server/chunks/{_server.ts-DFhKj9_I.js → _server.ts-Bb6_g6bb.js} +2 -2
  90. package/build/server/chunks/{_server.ts-DFhKj9_I.js.map → _server.ts-Bb6_g6bb.js.map} +1 -1
  91. package/build/server/chunks/{_server.ts-BDeYSzjl.js → _server.ts-Bdc1yveI.js} +2 -2
  92. package/build/server/chunks/{_server.ts-BDeYSzjl.js.map → _server.ts-Bdc1yveI.js.map} +1 -1
  93. package/build/server/chunks/{_server.ts-C_pheGBh.js → _server.ts-BesHLxS2.js} +2 -2
  94. package/build/server/chunks/{_server.ts-C_pheGBh.js.map → _server.ts-BesHLxS2.js.map} +1 -1
  95. package/build/server/chunks/{_server.ts-B_wU_JZs.js → _server.ts-BjKendRn.js} +2 -2
  96. package/build/server/chunks/{_server.ts-B_wU_JZs.js.map → _server.ts-BjKendRn.js.map} +1 -1
  97. package/build/server/chunks/{_server.ts-BA2qNiaQ.js → _server.ts-BjzBsC6w.js} +2 -2
  98. package/build/server/chunks/{_server.ts-BA2qNiaQ.js.map → _server.ts-BjzBsC6w.js.map} +1 -1
  99. package/build/server/chunks/{_server.ts-k66up4gn.js → _server.ts-BkYAvAn4.js} +2 -2
  100. package/build/server/chunks/{_server.ts-k66up4gn.js.map → _server.ts-BkYAvAn4.js.map} +1 -1
  101. package/build/server/chunks/{_server.ts-CC4PAiW5.js → _server.ts-BnjrP3ks.js} +2 -2
  102. package/build/server/chunks/{_server.ts-CC4PAiW5.js.map → _server.ts-BnjrP3ks.js.map} +1 -1
  103. package/build/server/chunks/{_server.ts-DQQKiqAk.js → _server.ts-Bs9prWkw.js} +2 -2
  104. package/build/server/chunks/{_server.ts-DQQKiqAk.js.map → _server.ts-Bs9prWkw.js.map} +1 -1
  105. package/build/server/chunks/{_server.ts-BMycg9Mr.js → _server.ts-BstRFodf.js} +2 -2
  106. package/build/server/chunks/{_server.ts-BMycg9Mr.js.map → _server.ts-BstRFodf.js.map} +1 -1
  107. package/build/server/chunks/{_server.ts-wd1lrJrd.js → _server.ts-BvhZYj4O.js} +2 -2
  108. package/build/server/chunks/{_server.ts-wd1lrJrd.js.map → _server.ts-BvhZYj4O.js.map} +1 -1
  109. package/build/server/chunks/{_server.ts-CFUrkKjI.js → _server.ts-BzSa91Mu.js} +2 -2
  110. package/build/server/chunks/{_server.ts-CFUrkKjI.js.map → _server.ts-BzSa91Mu.js.map} +1 -1
  111. package/build/server/chunks/{_server.ts-BYjh1Zoy.js → _server.ts-C-iybQg_.js} +2 -2
  112. package/build/server/chunks/{_server.ts-BYjh1Zoy.js.map → _server.ts-C-iybQg_.js.map} +1 -1
  113. package/build/server/chunks/{_server.ts-Dh2kTeDa.js → _server.ts-C1KzS6xc.js} +3 -3
  114. package/build/server/chunks/{_server.ts-Dh2kTeDa.js.map → _server.ts-C1KzS6xc.js.map} +1 -1
  115. package/build/server/chunks/{_server.ts-YstA0SiN.js → _server.ts-C73JZxNS.js} +2 -2
  116. package/build/server/chunks/{_server.ts-YstA0SiN.js.map → _server.ts-C73JZxNS.js.map} +1 -1
  117. package/build/server/chunks/{_server.ts-FL0Nq15G.js → _server.ts-C8y5k5IZ.js} +2 -2
  118. package/build/server/chunks/{_server.ts-FL0Nq15G.js.map → _server.ts-C8y5k5IZ.js.map} +1 -1
  119. package/build/server/chunks/{_server.ts-Bg9KNWBH.js → _server.ts-CAdmGw2l.js} +2 -2
  120. package/build/server/chunks/{_server.ts-Bg9KNWBH.js.map → _server.ts-CAdmGw2l.js.map} +1 -1
  121. package/build/server/chunks/{_server.ts-CDiy7p3c.js → _server.ts-CEM2Bhrp.js} +2 -2
  122. package/build/server/chunks/{_server.ts-CDiy7p3c.js.map → _server.ts-CEM2Bhrp.js.map} +1 -1
  123. package/build/server/chunks/{_server.ts-DLY1PkBV.js → _server.ts-CJyYri21.js} +2 -2
  124. package/build/server/chunks/{_server.ts-DLY1PkBV.js.map → _server.ts-CJyYri21.js.map} +1 -1
  125. package/build/server/chunks/{_server.ts-CkMWwYdK.js → _server.ts-COKTksXS.js} +2 -2
  126. package/build/server/chunks/{_server.ts-CkMWwYdK.js.map → _server.ts-COKTksXS.js.map} +1 -1
  127. package/build/server/chunks/{_server.ts-CIBDBP5l.js → _server.ts-COzEgPgm.js} +2 -2
  128. package/build/server/chunks/{_server.ts-CIBDBP5l.js.map → _server.ts-COzEgPgm.js.map} +1 -1
  129. package/build/server/chunks/{_server.ts-CPkbn9Vi.js → _server.ts-CY2txcrO.js} +3 -3
  130. package/build/server/chunks/{_server.ts-CPkbn9Vi.js.map → _server.ts-CY2txcrO.js.map} +1 -1
  131. package/build/server/chunks/{_server.ts-Bk_5F1eg.js → _server.ts-CbHU1vkN.js} +2 -2
  132. package/build/server/chunks/{_server.ts-Bk_5F1eg.js.map → _server.ts-CbHU1vkN.js.map} +1 -1
  133. package/build/server/chunks/{_server.ts-wkwY04Ge.js → _server.ts-CgIBSa2W.js} +2 -2
  134. package/build/server/chunks/{_server.ts-wkwY04Ge.js.map → _server.ts-CgIBSa2W.js.map} +1 -1
  135. package/build/server/chunks/{_server.ts-BAVYt5Fo.js → _server.ts-ClrUP4an.js} +2 -2
  136. package/build/server/chunks/{_server.ts-BAVYt5Fo.js.map → _server.ts-ClrUP4an.js.map} +1 -1
  137. package/build/server/chunks/{_server.ts-BqMdWp7p.js → _server.ts-CmzKw1o3.js} +2 -2
  138. package/build/server/chunks/{_server.ts-BqMdWp7p.js.map → _server.ts-CmzKw1o3.js.map} +1 -1
  139. package/build/server/chunks/{_server.ts-qUIjjSKS.js → _server.ts-CsN4U0jo.js} +2 -2
  140. package/build/server/chunks/{_server.ts-qUIjjSKS.js.map → _server.ts-CsN4U0jo.js.map} +1 -1
  141. package/build/server/chunks/{_server.ts-B-R6YamC.js → _server.ts-CtPbD9jt.js} +2 -2
  142. package/build/server/chunks/{_server.ts-B-R6YamC.js.map → _server.ts-CtPbD9jt.js.map} +1 -1
  143. package/build/server/chunks/{_server.ts-BR6fu5Fc.js → _server.ts-D3JrqMf5.js} +2 -2
  144. package/build/server/chunks/{_server.ts-BR6fu5Fc.js.map → _server.ts-D3JrqMf5.js.map} +1 -1
  145. package/build/server/chunks/{_server.ts-CTvOmZnO.js → _server.ts-D41uKHXF.js} +2 -2
  146. package/build/server/chunks/{_server.ts-CTvOmZnO.js.map → _server.ts-D41uKHXF.js.map} +1 -1
  147. package/build/server/chunks/{_server.ts-BaihC-wh.js → _server.ts-D6GjjoAA.js} +2 -2
  148. package/build/server/chunks/{_server.ts-BaihC-wh.js.map → _server.ts-D6GjjoAA.js.map} +1 -1
  149. package/build/server/chunks/{_server.ts-Dka3sDi4.js → _server.ts-DFpwWuLU.js} +2 -2
  150. package/build/server/chunks/{_server.ts-Dka3sDi4.js.map → _server.ts-DFpwWuLU.js.map} +1 -1
  151. package/build/server/chunks/{_server.ts-sySLYaRP.js → _server.ts-DK_yszHc.js} +2 -2
  152. package/build/server/chunks/{_server.ts-sySLYaRP.js.map → _server.ts-DK_yszHc.js.map} +1 -1
  153. package/build/server/chunks/{_server.ts-s3Xlvw8e.js → _server.ts-DN6e9aZX.js} +3 -3
  154. package/build/server/chunks/{_server.ts-s3Xlvw8e.js.map → _server.ts-DN6e9aZX.js.map} +1 -1
  155. package/build/server/chunks/{_server.ts-DETHIaqd.js → _server.ts-DRFb9TfV.js} +2 -2
  156. package/build/server/chunks/{_server.ts-DETHIaqd.js.map → _server.ts-DRFb9TfV.js.map} +1 -1
  157. package/build/server/chunks/{_server.ts-Bct7Ygc7.js → _server.ts-DVtd0Eah.js} +2 -2
  158. package/build/server/chunks/{_server.ts-Bct7Ygc7.js.map → _server.ts-DVtd0Eah.js.map} +1 -1
  159. package/build/server/chunks/{_server.ts-CIsDWvMc.js → _server.ts-D_RT5a88.js} +2 -2
  160. package/build/server/chunks/{_server.ts-CIsDWvMc.js.map → _server.ts-D_RT5a88.js.map} +1 -1
  161. package/build/server/chunks/{_server.ts-_U4W_57y.js → _server.ts-DcTyFyDW.js} +2 -2
  162. package/build/server/chunks/{_server.ts-_U4W_57y.js.map → _server.ts-DcTyFyDW.js.map} +1 -1
  163. package/build/server/chunks/{_server.ts-BtD49pDt.js → _server.ts-Dfoak6lb.js} +2 -2
  164. package/build/server/chunks/{_server.ts-BtD49pDt.js.map → _server.ts-Dfoak6lb.js.map} +1 -1
  165. package/build/server/chunks/{_server.ts-tJPIvAPJ.js → _server.ts-DhHNXH2Y.js} +2 -2
  166. package/build/server/chunks/{_server.ts-tJPIvAPJ.js.map → _server.ts-DhHNXH2Y.js.map} +1 -1
  167. package/build/server/chunks/{_server.ts-xGWRRx7r.js → _server.ts-DkLhIF73.js} +2 -2
  168. package/build/server/chunks/{_server.ts-xGWRRx7r.js.map → _server.ts-DkLhIF73.js.map} +1 -1
  169. package/build/server/chunks/{_server.ts-BvFf6tJN.js → _server.ts-DpL6zI13.js} +2 -2
  170. package/build/server/chunks/{_server.ts-BvFf6tJN.js.map → _server.ts-DpL6zI13.js.map} +1 -1
  171. package/build/server/chunks/{_server.ts-dvQt4QSz.js → _server.ts-DrySD7h9.js} +2 -2
  172. package/build/server/chunks/{_server.ts-dvQt4QSz.js.map → _server.ts-DrySD7h9.js.map} +1 -1
  173. package/build/server/chunks/{_server.ts-XyCiDeVn.js → _server.ts-DvrTAImV.js} +2 -2
  174. package/build/server/chunks/{_server.ts-XyCiDeVn.js.map → _server.ts-DvrTAImV.js.map} +1 -1
  175. package/build/server/chunks/{_server.ts-3ws7fULm.js → _server.ts-DzFwsF9j.js} +2 -2
  176. package/build/server/chunks/{_server.ts-3ws7fULm.js.map → _server.ts-DzFwsF9j.js.map} +1 -1
  177. package/build/server/chunks/{_server.ts-C_9QtU4r.js → _server.ts-JrZ2T0x3.js} +2 -2
  178. package/build/server/chunks/{_server.ts-C_9QtU4r.js.map → _server.ts-JrZ2T0x3.js.map} +1 -1
  179. package/build/server/chunks/{_server.ts-DBETx0v5.js → _server.ts-KrHLZ41l.js} +2 -2
  180. package/build/server/chunks/{_server.ts-DBETx0v5.js.map → _server.ts-KrHLZ41l.js.map} +1 -1
  181. package/build/server/chunks/{_server.ts-B1fmdcBV.js → _server.ts-LPclMhOg.js} +2 -2
  182. package/build/server/chunks/{_server.ts-B1fmdcBV.js.map → _server.ts-LPclMhOg.js.map} +1 -1
  183. package/build/server/chunks/{_server.ts-mShZAFPW.js → _server.ts-XvDJ5OtB.js} +2 -2
  184. package/build/server/chunks/{_server.ts-mShZAFPW.js.map → _server.ts-XvDJ5OtB.js.map} +1 -1
  185. package/build/server/chunks/{_server.ts-QywDsPEW.js → _server.ts-ek6MwdUK.js} +2 -2
  186. package/build/server/chunks/{_server.ts-QywDsPEW.js.map → _server.ts-ek6MwdUK.js.map} +1 -1
  187. package/build/server/chunks/{_server.ts-CzTRfYjE.js → _server.ts-pmjwexpo.js} +2 -2
  188. package/build/server/chunks/{_server.ts-CzTRfYjE.js.map → _server.ts-pmjwexpo.js.map} +1 -1
  189. package/build/server/chunks/{_server.ts-7LlHRa7q.js → _server.ts-xZeGGokt.js} +2 -2
  190. package/build/server/chunks/{_server.ts-7LlHRa7q.js.map → _server.ts-xZeGGokt.js.map} +1 -1
  191. package/build/server/chunks/{_server.ts-DmmiNv44.js → _server.ts-zyxUGoYW.js} +2 -2
  192. package/build/server/chunks/{_server.ts-DmmiNv44.js.map → _server.ts-zyxUGoYW.js.map} +1 -1
  193. package/build/server/chunks/{client-qMhDM3hE.js → client-Bf7oPIoX.js} +2 -2
  194. package/build/server/chunks/{client-qMhDM3hE.js.map → client-Bf7oPIoX.js.map} +1 -1
  195. package/build/server/chunks/{environment-qUZpU1kk.js → environment-BDzGWNJ1.js} +2 -2
  196. package/build/server/chunks/{environment-qUZpU1kk.js.map → environment-BDzGWNJ1.js.map} +1 -1
  197. package/build/server/chunks/{error.svelte-C0rps-sm.js → error.svelte-CgQy3bD5.js} +4 -4
  198. package/build/server/chunks/{error.svelte-C0rps-sm.js.map → error.svelte-CgQy3bD5.js.map} +1 -1
  199. package/build/server/chunks/{helpers--0A5yqid.js → helpers-DHbBmb0V.js} +50 -32
  200. package/build/server/chunks/helpers-DHbBmb0V.js.map +1 -0
  201. package/build/server/chunks/{hooks.server-DkKp22aH.js → hooks.server-BcB7DyJ7.js} +3 -3
  202. package/build/server/chunks/{hooks.server-DkKp22aH.js.map → hooks.server-BcB7DyJ7.js.map} +1 -1
  203. package/build/server/chunks/{internal-BOu4TTqQ.js → internal-B9RpODEl.js} +3 -3
  204. package/build/server/chunks/{internal-BOu4TTqQ.js.map → internal-B9RpODEl.js.map} +1 -1
  205. package/build/server/chunks/{session-cookie-CF02T7RX.js → session-cookie-Do-csnSL.js} +3 -3
  206. package/build/server/chunks/session-cookie-Do-csnSL.js.map +1 -0
  207. package/build/server/chunks/{state-L3aPP9Av.js → state-qSvDCPCW.js} +2 -2
  208. package/build/server/chunks/{state-L3aPP9Av.js.map → state-qSvDCPCW.js.map} +1 -1
  209. package/build/server/index.js +2 -2
  210. package/build/server/manifest.js +71 -71
  211. package/build/server/manifest.js.map +1 -1
  212. package/package.json +2 -2
  213. package/build/client/_app/immutable/chunks/8GwYYoh1.js.br +0 -0
  214. package/build/client/_app/immutable/chunks/8GwYYoh1.js.gz +0 -0
  215. package/build/client/_app/immutable/chunks/Ch3mxygo.js.br +0 -0
  216. package/build/client/_app/immutable/chunks/Ch3mxygo.js.gz +0 -0
  217. package/build/client/_app/immutable/chunks/CzZcY46L.js +0 -1
  218. package/build/client/_app/immutable/chunks/CzZcY46L.js.br +0 -2
  219. package/build/client/_app/immutable/chunks/CzZcY46L.js.gz +0 -0
  220. package/build/client/_app/immutable/chunks/Dk0tygQU.js +0 -3
  221. package/build/client/_app/immutable/chunks/Dk0tygQU.js.br +0 -0
  222. package/build/client/_app/immutable/chunks/Dk0tygQU.js.gz +0 -0
  223. package/build/client/_app/immutable/entry/app.BsCMRrYb.js.br +0 -0
  224. package/build/client/_app/immutable/entry/app.BsCMRrYb.js.gz +0 -0
  225. package/build/client/_app/immutable/entry/start.BYcI0uOq.js +0 -1
  226. package/build/client/_app/immutable/entry/start.BYcI0uOq.js.br +0 -0
  227. package/build/client/_app/immutable/entry/start.BYcI0uOq.js.gz +0 -0
  228. package/build/client/_app/immutable/nodes/1.JckcqvUc.js.br +0 -1
  229. package/build/client/_app/immutable/nodes/1.JckcqvUc.js.gz +0 -0
  230. package/build/client/_app/immutable/nodes/4.Td4VWhKZ.js.br +0 -0
  231. package/build/client/_app/immutable/nodes/4.Td4VWhKZ.js.gz +0 -0
  232. package/build/client/_app/immutable/nodes/5.6Z-Sb6Kz.js.br +0 -0
  233. package/build/client/_app/immutable/nodes/5.6Z-Sb6Kz.js.gz +0 -0
  234. package/build/client/_app/immutable/nodes/6.DSY3eG2t.js.br +0 -0
  235. package/build/client/_app/immutable/nodes/6.DSY3eG2t.js.gz +0 -0
  236. package/build/client/_app/immutable/nodes/7.DlFye_fu.js.br +0 -0
  237. package/build/client/_app/immutable/nodes/7.DlFye_fu.js.gz +0 -0
  238. package/build/client/_app/immutable/nodes/8.IfoQxyZG.js.br +0 -0
  239. package/build/client/_app/immutable/nodes/8.IfoQxyZG.js.gz +0 -0
  240. package/build/server/chunks/1-BIjMZ-Bk.js +0 -9
  241. package/build/server/chunks/4-C_-w1ytD.js +0 -9
  242. package/build/server/chunks/5-mSscLbm1.js +0 -9
  243. package/build/server/chunks/7-xLOqOd6x.js +0 -9
  244. package/build/server/chunks/_page.svelte-CybkWQLJ.js.map +0 -1
  245. package/build/server/chunks/helpers--0A5yqid.js.map +0 -1
  246. package/build/server/chunks/session-cookie-CF02T7RX.js.map +0 -1
@@ -1 +0,0 @@
1
- {"version":3,"file":"helpers--0A5yqid.js","sources":["../../../.svelte-kit/adapter-node/chunks/helpers.js"],"sourcesContent":["import { It as resolveStackDir, Tt as readSecret, nt as createOpenCodeClient } from \"./src.js\";\nimport { r as getActiveEndpoint } from \"./endpoints.js\";\nimport { createHash, createHmac, timingSafeEqual } from \"node:crypto\";\n//#region src/lib/server/session-store.ts\n/**\n* Stateless signed session tokens.\n*\n* Token format: `<expiresAt>.<hmac-sha256-hex>`\n* expiresAt — unix ms timestamp when the session expires\n* signature — HMAC-SHA256(expiresAt, OP_UI_LOGIN_PASSWORD)\n*\n* Tokens are self-validating: the server holds no state and sessions survive\n* UI server restarts without any disk I/O. Signing with the login password\n* means a password change invalidates all existing sessions — correct behaviour.\n*\n* Logout adds the token to a small in-memory revocation list. That list is\n* cleared on server restart, which is acceptable: nobody holds a just-logged-out\n* token across a restart.\n*/\n/** Session lifetime for both the token expiry and the cookie Max-Age. 14 days. */\nvar SESSION_TTL_MS = 12096e5;\n/** Cookie Max-Age in seconds (Set-Cookie uses seconds, not ms). */\nvar SESSION_TTL_SECONDS = SESSION_TTL_MS / 1e3;\nvar _revoked = /* @__PURE__ */ new Set();\nvar _testOverrides = /* @__PURE__ */ new Set();\nfunction getSecret() {\n\treturn process.env.OP_UI_LOGIN_PASSWORD ?? \"no-secret-set\";\n}\nfunction signToken(expiresAt) {\n\treturn createHmac(\"sha256\", getSecret()).update(String(expiresAt)).digest(\"hex\");\n}\n/**\n* Mint a new signed session token with a 14-day TTL.\n* Place the result in the `op_session` cookie.\n*/\nfunction createSession() {\n\tconst expiresAt = Date.now() + SESSION_TTL_MS;\n\treturn `${expiresAt}.${signToken(expiresAt)}`;\n}\n/**\n* Return true iff `token` is a valid, non-expired, non-revoked session.\n*/\nfunction validateSession(token) {\n\tif (!token) return false;\n\tif (_testOverrides.has(token)) return true;\n\tif (_revoked.has(token)) return false;\n\tconst dot = token.lastIndexOf(\".\");\n\tif (dot < 0) return false;\n\tconst expiresAt = Number(token.slice(0, dot));\n\tif (!Number.isFinite(expiresAt) || Date.now() >= expiresAt) return false;\n\tconst sig = token.slice(dot + 1);\n\tconst expected = signToken(expiresAt);\n\tif (sig.length !== expected.length) return false;\n\treturn timingSafeEqual(Buffer.from(sig), Buffer.from(expected));\n}\n/**\n* Sliding renewal: validate the old token, return a new one with a fresh\n* 14-day TTL, or return false if the old token is invalid/expired.\n* The caller must place the returned token in the `op_session` cookie.\n*/\nfunction touchSession(token) {\n\tif (!validateSession(token)) return false;\n\treturn createSession();\n}\n/**\n* Revoke a token (logout). The browser cookie must also be cleared by the caller.\n* The revocation list survives until the next server restart.\n*/\nfunction invalidateSession(token) {\n\t_revoked.add(token);\n}\n//#endregion\n//#region src/lib/server/helpers.ts\n/**\n* Lazy OpenCode client bound to the currently active endpoint. The client is\n* recreated whenever the active endpoint URL changes so user switches in the\n* UI take effect on the next call.\n*/\nvar _openCodeClient;\nvar _openCodeClientUrl;\nfunction getOpenCodeClient() {\n\tconst { url } = getActiveEndpoint();\n\tif (!_openCodeClient || url !== _openCodeClientUrl) {\n\t\t_openCodeClient = createOpenCodeClient({ baseUrl: url });\n\t\t_openCodeClientUrl = url;\n\t}\n\treturn _openCodeClient;\n}\nfunction safeTokenCompare(a, b) {\n\tif (typeof a !== \"string\" || typeof b !== \"string\") return false;\n\tif (!a || !b) return false;\n\treturn timingSafeEqual(createHash(\"sha256\").update(a).digest(), createHash(\"sha256\").update(b).digest());\n}\n/** Standard JSON response with request ID header */\nfunction jsonResponse(status, body, requestId = \"\") {\n\treturn new Response(JSON.stringify(body), {\n\t\tstatus,\n\t\theaders: {\n\t\t\t\"content-type\": \"application/json\",\n\t\t\t...requestId ? { \"x-request-id\": requestId } : {}\n\t\t}\n\t});\n}\n/** Standard error envelope */\nfunction errorResponse(status, error, message, details = {}, requestId = \"\") {\n\treturn jsonResponse(status, {\n\t\terror,\n\t\tmessage,\n\t\tdetails,\n\t\trequestId\n\t}, requestId);\n}\n/** Extract or generate request ID */\nfunction getRequestId(event) {\n\treturn event.request.headers.get(\"x-request-id\") || crypto.randomUUID();\n}\n/**\n* Read the operator UI login password from the host environment or the\n* file-based stack secret.\n*\n* Phase 4 of the auth/proxy refactor collapsed\n* `ControlPlaneState.adminToken` (and the assistant token alongside it).\n* Runtime persistence lives in `knowledge/secrets/op_ui_login_password`.\n* `process.env.OP_UI_LOGIN_PASSWORD` is still accepted for tests and explicit\n* host-process overrides.\n*\n* Returns the empty string when the env var is unset — `requireNonEmptyUiLoginPassword()`\n* surfaces that case as a 503 so all authenticated routes fail loudly\n* rather than silently accepting any cookie.\n*/\nfunction getUiLoginPassword() {\n\tconst envValue = process.env.OP_UI_LOGIN_PASSWORD;\n\tif (envValue) return envValue;\n\treturn readSecret(resolveStackDir(), \"op_ui_login_password\")?.trimEnd() ?? \"\";\n}\n/**\n* Extract raw session token from the `op_session` cookie.\n*\n* Phase 2 of the auth/proxy refactor (docs/technical/auth-and-proxy-refactor-plan.md)\n* removed the legacy `x-admin-token` / `Authorization: Bearer` header fallbacks.\n* The cookie is HttpOnly + SameSite=Strict and is the ONLY credential the browser\n* holds; XSS cannot read it and out-of-process callers must obtain a session via\n* `POST /admin/auth/login` (or `/session`) and present the cookie on subsequent\n* requests.\n*/\nfunction extractToken(event) {\n\tconst match = (event.request.headers.get(\"cookie\") ?? \"\").match(/(?:^|;\\s*)op_session=([^;]+)/);\n\tif (match) return match[1];\n\treturn \"\";\n}\n/** Check admin auth — returns error Response or null if OK */\nfunction requireAdmin(event, requestId) {\n\tif (!getUiLoginPassword()) return errorResponse(503, \"admin_not_configured\", \"OP_UI_LOGIN_PASSWORD has not been set. Complete setup first.\", {}, requestId);\n\tif (!validateSession(extractToken(event))) return errorResponse(401, \"unauthorized\", \"Missing or invalid credentials\", {}, requestId);\n\treturn null;\n}\n/**\n* Identify caller by the presented `op_session` cookie.\n*\n* Returns \"admin\" when the cookie holds a valid session token.\n*/\nfunction identifyCallerByToken(event) {\n\tif (!getUiLoginPassword()) return null;\n\tif (validateSession(extractToken(event))) return \"admin\";\n\treturn null;\n}\n/** Parse JSON body safely — returns discriminated result with error type */\nasync function parseJsonBody(request, maxBytes = 1048576) {\n\ttry {\n\t\tconst contentLength = request.headers.get(\"content-length\");\n\t\tif (contentLength && parseInt(contentLength, 10) > maxBytes) return { error: \"too_large\" };\n\t\treturn { data: await request.json() };\n\t} catch (e) {\n\t\tconsole.warn(\"[helpers] Failed to parse JSON request body\", e);\n\t\treturn { error: \"invalid_json\" };\n\t}\n}\n/** Convert a ParseJsonBodyError to an appropriate HTTP error response */\nfunction jsonBodyError(err, requestId) {\n\tif (err.error === \"too_large\") return errorResponse(413, \"too_large\", \"Request body too large\", {}, requestId);\n\treturn errorResponse(400, \"invalid_json\", \"Request body must be valid JSON\", {}, requestId);\n}\n/**\n* Auth + JSON body wrapper for admin POST/DELETE handlers.\n*\n* Replaces the 4-line boilerplate copy-pasted across 30+ routes:\n* const requestId = getRequestId(event);\n* const authError = requireAdmin(event, requestId);\n* if (authError) return authError;\n* const result = await parseJsonBody(event.request);\n* if ('error' in result) return jsonBodyError(result, requestId);\n*\n* Use for routes that need both auth and a JSON body. For auth-only or\n* GET routes, call `requireAdmin` directly.\n*/\nasync function withAdminBody(event, handler) {\n\tconst requestId = getRequestId(event);\n\tconst originError = checkOriginHeader(event.request, UI_PORT);\n\tif (originError) return originError;\n\tconst authError = requireAdmin(event, requestId);\n\tif (authError) return authError;\n\tconst result = await parseJsonBody(event.request);\n\tif (\"error\" in result) return jsonBodyError(result, requestId);\n\treturn handler({\n\t\trequestId,\n\t\tbody: result.data\n\t});\n}\n/**\n* Reject requests whose Host header does not match localhost or 127.0.0.1\n* on the configured admin port.\n*\n* @param request Incoming Request (or SvelteKit RequestEvent.request)\n* @param port The port this server is bound to (e.g. 3880 or 8100)\n* @returns A 400 Response if the host is rejected; null if allowed\n*/\nfunction checkHostHeader(request, port) {\n\tconst normalized = (request.headers.get(\"host\") ?? \"\").trim().replace(/\\.$/, \"\");\n\tif ([`localhost:${port}`, `127.0.0.1:${port}`].includes(normalized)) return null;\n\treturn new Response(JSON.stringify({\n\t\terror: \"invalid_host\",\n\t\thost: normalized,\n\t\tmessage: \"Request rejected: Host header does not match allowed hosts. The admin UI binds to loopback (127.0.0.1) only; reach it via localhost or front it with a reverse proxy/tunnel for remote access.\"\n\t}), {\n\t\tstatus: 400,\n\t\theaders: { \"content-type\": \"application/json\" }\n\t});\n}\n/**\n* Reject POST/PUT/DELETE requests whose Origin header does not match\n* localhost or 127.0.0.1. Requests with no Origin (non-browser clients)\n* are always allowed.\n*\n* @param request Incoming Request\n* @param port The port this server is bound to\n* @returns A 403 Response if the origin is rejected; null if allowed\n*/\nfunction checkOriginHeader(request, port) {\n\tconst method = request.method.toUpperCase();\n\tif (method === \"GET\" || method === \"HEAD\" || method === \"OPTIONS\") return null;\n\tconst origin = request.headers.get(\"origin\");\n\tif (!origin) return null;\n\ttry {\n\t\tconst u = new URL(origin);\n\t\tif ([`localhost:${port}`, `127.0.0.1:${port}`].includes(u.host)) return null;\n\t} catch {}\n\treturn new Response(JSON.stringify({\n\t\terror: \"forbidden_origin\",\n\t\torigin\n\t}), {\n\t\tstatus: 403,\n\t\theaders: { \"content-type\": \"application/json\" }\n\t});\n}\nvar UI_PORT = Number(process.env.PORT ?? 3880);\n//#endregion\nexport { invalidateSession as _, getOpenCodeClient as a, identifyCallerByToken as c, parseJsonBody as d, requireAdmin as f, createSession as g, SESSION_TTL_SECONDS as h, errorResponse as i, jsonBodyError as l, withAdminBody as m, checkHostHeader as n, getRequestId as o, safeTokenCompare as p, checkOriginHeader as r, getUiLoginPassword as s, UI_PORT as t, jsonResponse as u, touchSession as v };\n"],"names":[],"mappings":";;;;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,cAAc,GAAG,OAAO;AAC5B;AACG,IAAC,mBAAmB,GAAG,cAAc,GAAG;AAC3C,IAAI,QAAQ,mBAAmB,IAAI,GAAG,EAAE;AACxC,IAAI,cAAc,mBAAmB,IAAI,GAAG,EAAE;AAC9C,SAAS,SAAS,GAAG;AACrB,CAAC,OAAO,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,eAAe;AAC3D;AACA,SAAS,SAAS,CAAC,SAAS,EAAE;AAC9B,CAAC,OAAO,UAAU,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;AACjF;AACA;AACA;AACA;AACA;AACA,SAAS,aAAa,GAAG;AACzB,CAAC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc;AAC9C,CAAC,OAAO,CAAC,EAAE,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;AAC9C;AACA;AACA;AACA;AACA,SAAS,eAAe,CAAC,KAAK,EAAE;AAChC,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,KAAK;AACzB,CAAC,IAAI,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,OAAO,IAAI;AAC3C,CAAC,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,OAAO,KAAK;AACtC,CAAC,MAAM,GAAG,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC;AACnC,CAAC,IAAI,GAAG,GAAG,CAAC,EAAE,OAAO,KAAK;AAC1B,CAAC,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC9C,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,SAAS,EAAE,OAAO,KAAK;AACzE,CAAC,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC;AACjC,CAAC,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,CAAC;AACtC,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,EAAE,OAAO,KAAK;AACjD,CAAC,OAAO,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAChE;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,YAAY,CAAC,KAAK,EAAE;AAC7B,CAAC,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,EAAE,OAAO,KAAK;AAC1C,CAAC,OAAO,aAAa,EAAE;AACvB;AACA;AACA;AACA;AACA;AACA,SAAS,iBAAiB,CAAC,KAAK,EAAE;AAClC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC;AACpB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,eAAe;AACnB,IAAI,kBAAkB;AACtB,SAAS,iBAAiB,GAAG;AAC7B,CAAC,MAAM,EAAE,GAAG,EAAE,GAAG,iBAAiB,EAAE;AACpC,CAAC,IAAI,CAAC,eAAe,IAAI,GAAG,KAAK,kBAAkB,EAAE;AACrD,EAAE,eAAe,GAAG,oBAAoB,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;AAC1D,EAAE,kBAAkB,GAAG,GAAG;AAC1B,CAAC;AACD,CAAC,OAAO,eAAe;AACvB;AACA,SAAS,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE;AAChC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,OAAO,KAAK;AACjE,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,KAAK;AAC3B,CAAC,OAAO,eAAe,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;AACzG;AACA;AACA,SAAS,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,SAAS,GAAG,EAAE,EAAE;AACpD,CAAC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;AAC3C,EAAE,MAAM;AACR,EAAE,OAAO,EAAE;AACX,GAAG,cAAc,EAAE,kBAAkB;AACrC,GAAG,GAAG,SAAS,GAAG,EAAE,cAAc,EAAE,SAAS,EAAE,GAAG;AAClD;AACA,EAAE,CAAC;AACH;AACA;AACA,SAAS,aAAa,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,EAAE,SAAS,GAAG,EAAE,EAAE;AAC7E,CAAC,OAAO,YAAY,CAAC,MAAM,EAAE;AAC7B,EAAE,KAAK;AACP,EAAE,OAAO;AACT,EAAE,OAAO;AACT,EAAE;AACF,EAAE,EAAE,SAAS,CAAC;AACd;AACA;AACA,SAAS,YAAY,CAAC,KAAK,EAAE;AAC7B,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,MAAM,CAAC,UAAU,EAAE;AACxE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,kBAAkB,GAAG;AAC9B,CAAC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB;AAClD,CAAC,IAAI,QAAQ,EAAE,OAAO,QAAQ;AAC9B,CAAC,OAAO,UAAU,CAAC,eAAe,EAAE,EAAE,sBAAsB,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE;AAC9E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,YAAY,CAAC,KAAK,EAAE;AAC7B,CAAC,MAAM,KAAK,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,KAAK,CAAC,8BAA8B,CAAC;AAChG,CAAC,IAAI,KAAK,EAAE,OAAO,KAAK,CAAC,CAAC,CAAC;AAC3B,CAAC,OAAO,EAAE;AACV;AACA;AACA,SAAS,YAAY,CAAC,KAAK,EAAE,SAAS,EAAE;AACxC,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,OAAO,aAAa,CAAC,GAAG,EAAE,sBAAsB,EAAE,8DAA8D,EAAE,EAAE,EAAE,SAAS,CAAC;AAC5J,CAAC,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,aAAa,CAAC,GAAG,EAAE,cAAc,EAAE,gCAAgC,EAAE,EAAE,EAAE,SAAS,CAAC;AACtI,CAAC,OAAO,IAAI;AACZ;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,qBAAqB,CAAC,KAAK,EAAE;AACtC,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,OAAO,IAAI;AACvC,CAAC,IAAI,eAAe,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,OAAO;AACzD,CAAC,OAAO,IAAI;AACZ;AACA;AACA,eAAe,aAAa,CAAC,OAAO,EAAE,QAAQ,GAAG,OAAO,EAAE;AAC1D,CAAC,IAAI;AACL,EAAE,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;AAC7D,EAAE,IAAI,aAAa,IAAI,QAAQ,CAAC,aAAa,EAAE,EAAE,CAAC,GAAG,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE;AAC5F,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,EAAE,EAAE;AACvC,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE;AACb,EAAE,OAAO,CAAC,IAAI,CAAC,6CAA6C,EAAE,CAAC,CAAC;AAChE,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE;AAClC,CAAC;AACD;AACA;AACA,SAAS,aAAa,CAAC,GAAG,EAAE,SAAS,EAAE;AACvC,CAAC,IAAI,GAAG,CAAC,KAAK,KAAK,WAAW,EAAE,OAAO,aAAa,CAAC,GAAG,EAAE,WAAW,EAAE,wBAAwB,EAAE,EAAE,EAAE,SAAS,CAAC;AAC/G,CAAC,OAAO,aAAa,CAAC,GAAG,EAAE,cAAc,EAAE,iCAAiC,EAAE,EAAE,EAAE,SAAS,CAAC;AAC5F;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,eAAe,aAAa,CAAC,KAAK,EAAE,OAAO,EAAE;AAC7C,CAAC,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAAC;AACtC,CAAC,MAAM,WAAW,GAAG,iBAAiB,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC;AAC9D,CAAC,IAAI,WAAW,EAAE,OAAO,WAAW;AACpC,CAAC,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,EAAE,SAAS,CAAC;AACjD,CAAC,IAAI,SAAS,EAAE,OAAO,SAAS;AAChC,CAAC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,KAAK,CAAC,OAAO,CAAC;AAClD,CAAC,IAAI,OAAO,IAAI,MAAM,EAAE,OAAO,aAAa,CAAC,MAAM,EAAE,SAAS,CAAC;AAC/D,CAAC,OAAO,OAAO,CAAC;AAChB,EAAE,SAAS;AACX,EAAE,IAAI,EAAE,MAAM,CAAC;AACf,EAAE,CAAC;AACH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,eAAe,CAAC,OAAO,EAAE,IAAI,EAAE;AACxC,CAAC,MAAM,UAAU,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;AACjF,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,OAAO,IAAI;AACjF,CAAC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;AACpC,EAAE,KAAK,EAAE,cAAc;AACvB,EAAE,IAAI,EAAE,UAAU;AAClB,EAAE,OAAO,EAAE;AACX,EAAE,CAAC,EAAE;AACL,EAAE,MAAM,EAAE,GAAG;AACb,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB;AAC/C,EAAE,CAAC;AACH;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,iBAAiB,CAAC,OAAO,EAAE,IAAI,EAAE;AAC1C,CAAC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;AAC5C,CAAC,IAAI,MAAM,KAAK,KAAK,IAAI,MAAM,KAAK,MAAM,IAAI,MAAM,KAAK,SAAS,EAAE,OAAO,IAAI;AAC/E,CAAC,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;AAC7C,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,IAAI;AACzB,CAAC,IAAI;AACL,EAAE,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC;AAC3B,EAAE,IAAI,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,IAAI;AAC9E,CAAC,CAAC,CAAC,MAAM,CAAC;AACV,CAAC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;AACpC,EAAE,KAAK,EAAE,kBAAkB;AAC3B,EAAE;AACF,EAAE,CAAC,EAAE;AACL,EAAE,MAAM,EAAE,GAAG;AACb,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB;AAC/C,EAAE,CAAC;AACH;AACG,IAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI;;;;"}
@@ -1 +0,0 @@
1
- {"version":3,"file":"session-cookie-CF02T7RX.js","sources":["../../../.svelte-kit/adapter-node/chunks/session-cookie.js"],"sourcesContent":["import { h as SESSION_TTL_SECONDS } from \"./helpers.js\";\n//#region src/lib/server/session-cookie.ts\n/**\n* Single source of truth for the `op_session` cookie's Set-Cookie attributes.\n*\n* Every issuer (login, session, setup/complete) and the sliding-renewal path in\n* hooks.server.ts builds the cookie through these helpers so the attributes can\n* never drift apart. Logout uses `clearSessionCookie()` with the SAME path so\n* the browser actually drops the cookie.\n*\n* Attribute rationale:\n* - HttpOnly — the cookie is the only credential the browser holds; XSS\n* must not be able to read it.\n* - SameSite=Lax — the cookie must ride along on top-level GET navigations\n* (typing the admin URL, following a bookmark) so a valid\n* session loads admin with no prompt. SameSite=Strict drops\n* the cookie on cross-site top-level GETs (e.g. opening the\n* console from a link in another app on the LAN), which\n* would force a needless re-prompt. State-mutating requests\n* are independently CSRF-guarded by the Origin check\n* (SEC-2) in hooks.server.ts, so Lax is safe here.\n* - Secure — set ONLY when the request arrived over HTTPS. LAN installs\n* are commonly plain HTTP; hardcoding Secure would make the\n* browser refuse to send the cookie and break login entirely\n* on those deployments. We honour `x-forwarded-proto` first\n* (reverse-proxy TLS termination) then the request URL.\n* - Path=/ — valid for the whole app; matched by the clear on logout.\n* - Max-Age — 7 days, in lockstep with the in-store session TTL.\n*/\nvar SESSION_COOKIE_NAME = \"op_session\";\n/** True when the request reached us over HTTPS (direct or via TLS-terminating proxy). */\nfunction isSecureRequest(request) {\n\tconst forwarded = request.headers.get(\"x-forwarded-proto\");\n\tif (forwarded) return forwarded.split(\",\")[0].trim().toLowerCase() === \"https\";\n\ttry {\n\t\treturn new URL(request.url).protocol === \"https:\";\n\t} catch {\n\t\treturn false;\n\t}\n}\n/**\n* Build the `Set-Cookie` value that issues/renews the session cookie.\n* `secure` is derived from the request so LAN-over-HTTP installs still work.\n*/\nfunction sessionCookieHeader(token, request) {\n\tconst parts = [\n\t\t`${SESSION_COOKIE_NAME}=${token}`,\n\t\t\"HttpOnly\",\n\t\t\"SameSite=Lax\",\n\t\t\"Path=/\",\n\t\t`Max-Age=${SESSION_TTL_SECONDS}`\n\t];\n\tif (isSecureRequest(request)) parts.push(\"Secure\");\n\treturn parts.join(\"; \");\n}\n/**\n* Build the `Set-Cookie` value that clears the session cookie (logout).\n* Must mirror name/path/attributes of the issued cookie so the browser deletes it.\n*/\nfunction clearSessionCookieHeader(request) {\n\tconst parts = [\n\t\t`${SESSION_COOKIE_NAME}=`,\n\t\t\"HttpOnly\",\n\t\t\"SameSite=Lax\",\n\t\t\"Path=/\",\n\t\t\"Max-Age=0\"\n\t];\n\tif (isSecureRequest(request)) parts.push(\"Secure\");\n\treturn parts.join(\"; \");\n}\n//#endregion\nexport { clearSessionCookieHeader as n, sessionCookieHeader as r, SESSION_COOKIE_NAME as t };\n"],"names":[],"mappings":";;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACG,IAAC,mBAAmB,GAAG;AAC1B;AACA,SAAS,eAAe,CAAC,OAAO,EAAE;AAClC,CAAC,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;AAC3D,CAAC,IAAI,SAAS,EAAE,OAAO,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,OAAO;AAC/E,CAAC,IAAI;AACL,EAAE,OAAO,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,QAAQ,KAAK,QAAQ;AACnD,CAAC,CAAC,CAAC,MAAM;AACT,EAAE,OAAO,KAAK;AACd,CAAC;AACD;AACA;AACA;AACA;AACA;AACA,SAAS,mBAAmB,CAAC,KAAK,EAAE,OAAO,EAAE;AAC7C,CAAC,MAAM,KAAK,GAAG;AACf,EAAE,CAAC,EAAE,mBAAmB,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AACnC,EAAE,UAAU;AACZ,EAAE,cAAc;AAChB,EAAE,QAAQ;AACV,EAAE,CAAC,QAAQ,EAAE,mBAAmB,CAAC;AACjC,EAAE;AACF,CAAC,IAAI,eAAe,CAAC,OAAO,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;AACnD,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;AACxB;AACA;AACA;AACA;AACA;AACA,SAAS,wBAAwB,CAAC,OAAO,EAAE;AAC3C,CAAC,MAAM,KAAK,GAAG;AACf,EAAE,CAAC,EAAE,mBAAmB,CAAC,CAAC,CAAC;AAC3B,EAAE,UAAU;AACZ,EAAE,cAAc;AAChB,EAAE,QAAQ;AACV,EAAE;AACF,EAAE;AACF,CAAC,IAAI,eAAe,CAAC,OAAO,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;AACnD,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;AACxB;;;;"}