npm - @pan-sec/notebooklm-mcp - Versions diffs - 1.4.0 → 1.6.0 - Mend

@pan-sec/notebooklm-mcp 1.4.0 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

package/README.md +61 -7
package/SECURITY.md +40 -6
package/dist/auth/mcp-auth.d.ts.map +1 -1
package/dist/auth/mcp-auth.js +3 -6
package/dist/auth/mcp-auth.js.map +1 -1
package/dist/compliance/alert-manager.d.ts +120 -0
package/dist/compliance/alert-manager.d.ts.map +1 -0
package/dist/compliance/alert-manager.js +420 -0
package/dist/compliance/alert-manager.js.map +1 -0
package/dist/compliance/breach-detection.d.ts +134 -0
package/dist/compliance/breach-detection.d.ts.map +1 -0
package/dist/compliance/breach-detection.js +456 -0
package/dist/compliance/breach-detection.js.map +1 -0
package/dist/compliance/change-log.d.ts +113 -0
package/dist/compliance/change-log.d.ts.map +1 -0
package/dist/compliance/change-log.js +275 -0
package/dist/compliance/change-log.js.map +1 -0
package/dist/compliance/compliance-logger.d.ts +136 -0
package/dist/compliance/compliance-logger.d.ts.map +1 -0
package/dist/compliance/compliance-logger.js +425 -0
package/dist/compliance/compliance-logger.js.map +1 -0
package/dist/compliance/compliance-tools.d.ts +18 -0
package/dist/compliance/compliance-tools.d.ts.map +1 -0
package/dist/compliance/compliance-tools.js +673 -0
package/dist/compliance/compliance-tools.js.map +1 -0
package/dist/compliance/consent-manager.d.ts +130 -0
package/dist/compliance/consent-manager.d.ts.map +1 -0
package/dist/compliance/consent-manager.js +386 -0
package/dist/compliance/consent-manager.js.map +1 -0
package/dist/compliance/dashboard.d.ts +243 -0
package/dist/compliance/dashboard.d.ts.map +1 -0
package/dist/compliance/dashboard.js +519 -0
package/dist/compliance/dashboard.js.map +1 -0
package/dist/compliance/data-classification.d.ts +117 -0
package/dist/compliance/data-classification.d.ts.map +1 -0
package/dist/compliance/data-classification.js +469 -0
package/dist/compliance/data-classification.js.map +1 -0
package/dist/compliance/data-erasure.d.ts +110 -0
package/dist/compliance/data-erasure.d.ts.map +1 -0
package/dist/compliance/data-erasure.js +501 -0
package/dist/compliance/data-erasure.js.map +1 -0
package/dist/compliance/data-export.d.ts +85 -0
package/dist/compliance/data-export.d.ts.map +1 -0
package/dist/compliance/data-export.js +394 -0
package/dist/compliance/data-export.js.map +1 -0
package/dist/compliance/data-inventory.d.ts +136 -0
package/dist/compliance/data-inventory.d.ts.map +1 -0
package/dist/compliance/data-inventory.js +335 -0
package/dist/compliance/data-inventory.js.map +1 -0
package/dist/compliance/dsar-handler.d.ts +123 -0
package/dist/compliance/dsar-handler.d.ts.map +1 -0
package/dist/compliance/dsar-handler.js +371 -0
package/dist/compliance/dsar-handler.js.map +1 -0
package/dist/compliance/evidence-collector.d.ts +187 -0
package/dist/compliance/evidence-collector.d.ts.map +1 -0
package/dist/compliance/evidence-collector.js +656 -0
package/dist/compliance/evidence-collector.js.map +1 -0
package/dist/compliance/health-monitor.d.ts +111 -0
package/dist/compliance/health-monitor.d.ts.map +1 -0
package/dist/compliance/health-monitor.js +509 -0
package/dist/compliance/health-monitor.js.map +1 -0
package/dist/compliance/incident-manager.d.ts +131 -0
package/dist/compliance/incident-manager.d.ts.map +1 -0
package/dist/compliance/incident-manager.js +418 -0
package/dist/compliance/incident-manager.js.map +1 -0
package/dist/compliance/index.d.ts +32 -0
package/dist/compliance/index.d.ts.map +1 -0
package/dist/compliance/index.js +35 -0
package/dist/compliance/index.js.map +1 -0
package/dist/compliance/policy-docs.d.ts +108 -0
package/dist/compliance/policy-docs.d.ts.map +1 -0
package/dist/compliance/policy-docs.js +464 -0
package/dist/compliance/policy-docs.js.map +1 -0
package/dist/compliance/privacy-notice-text.d.ts +58 -0
package/dist/compliance/privacy-notice-text.d.ts.map +1 -0
package/dist/compliance/privacy-notice-text.js +161 -0
package/dist/compliance/privacy-notice-text.js.map +1 -0
package/dist/compliance/privacy-notice.d.ts +128 -0
package/dist/compliance/privacy-notice.d.ts.map +1 -0
package/dist/compliance/privacy-notice.js +250 -0
package/dist/compliance/privacy-notice.js.map +1 -0
package/dist/compliance/report-generator.d.ts +168 -0
package/dist/compliance/report-generator.d.ts.map +1 -0
package/dist/compliance/report-generator.js +830 -0
package/dist/compliance/report-generator.js.map +1 -0
package/dist/compliance/retention-engine.d.ts +130 -0
package/dist/compliance/retention-engine.d.ts.map +1 -0
package/dist/compliance/retention-engine.js +510 -0
package/dist/compliance/retention-engine.js.map +1 -0
package/dist/compliance/siem-exporter.d.ts +150 -0
package/dist/compliance/siem-exporter.d.ts.map +1 -0
package/dist/compliance/siem-exporter.js +509 -0
package/dist/compliance/siem-exporter.js.map +1 -0
package/dist/compliance/types.d.ts +601 -0
package/dist/compliance/types.d.ts.map +1 -0
package/dist/compliance/types.js +22 -0
package/dist/compliance/types.js.map +1 -0
package/dist/config.d.ts +4 -0
package/dist/config.d.ts.map +1 -1
package/dist/config.js +8 -1
package/dist/config.js.map +1 -1
package/dist/library/notebook-library.d.ts.map +1 -1
package/dist/library/notebook-library.js +2 -1
package/dist/library/notebook-library.js.map +1 -1
package/dist/session/shared-context-manager.d.ts.map +1 -1
package/dist/session/shared-context-manager.js +2 -1
package/dist/session/shared-context-manager.js.map +1 -1
package/dist/utils/audit-logger.d.ts +21 -1
package/dist/utils/audit-logger.d.ts.map +1 -1
package/dist/utils/audit-logger.js +53 -4
package/dist/utils/audit-logger.js.map +1 -1
package/dist/utils/crypto.d.ts.map +1 -1
package/dist/utils/crypto.js +8 -15
package/dist/utils/crypto.js.map +1 -1
package/dist/utils/file-permissions.d.ts +85 -0
package/dist/utils/file-permissions.d.ts.map +1 -0
package/dist/utils/file-permissions.js +180 -0
package/dist/utils/file-permissions.js.map +1 -0
package/dist/utils/settings-manager.d.ts.map +1 -1
package/dist/utils/settings-manager.js +6 -11
package/dist/utils/settings-manager.js.map +1 -1
package/docs/COMPLIANCE-SPEC.md +1452 -0
package/package.json +30 -4

package/dist/compliance/privacy-notice-text.js ADDED Viewed

@@ -0,0 +1,161 @@
+/**
+ * Privacy Notice Text Content
+ *
+ * Contains the privacy notice content for display to users.
+ * Structured for GDPR compliance (Articles 13/14).
+ *
+ * Added by Pantheon Security for enterprise compliance support.
+ */
+/**
+ * Current privacy notice version
+ */
+export const PRIVACY_NOTICE_VERSION = "1.0.0";
+/**
+ * Full privacy notice content
+ */
+export const PRIVACY_NOTICE = {
+    version: PRIVACY_NOTICE_VERSION,
+    effective_date: "2025-01-01",
+    sections: {
+        data_controller: `Pantheon Security
+Email: support@pantheonsecurity.io
+Website: https://pantheonsecurity.io
+This tool is designed for local use only. All data is processed and stored on your local device.`,
+        data_collected: [
+            "Browser session data (cookies, local storage) - Required for NotebookLM authentication",
+            "NotebookLM URLs and notebook metadata - Your saved notebook library",
+            "Query history within sessions - For contextual follow-up questions",
+            "Security audit logs - For security monitoring and compliance",
+            "User settings and preferences - Your configuration choices",
+        ],
+        purposes: [
+            "Service Provision - Enable access to NotebookLM through the MCP protocol",
+            "Session Management - Maintain your authenticated browser session",
+            "Security Logging - Detect and prevent unauthorized access",
+            "Error Diagnostics - Debug issues and improve the service",
+        ],
+        legal_basis: [
+            "Contract - Processing necessary to provide the service you requested",
+            "Legitimate Interest - Security logging and error diagnostics",
+            "Legal Obligation - Audit log retention for compliance (where applicable)",
+        ],
+        retention: `Data retention periods:
+- Session data: Cleared after 24 hours or on logout
+- Browser cookies: Encrypted and retained for service functionality
+- Audit logs: 7 years (configurable, for regulatory compliance)
+- Notebook library: Retained until you delete it
+- Settings: Retained until you delete them`,
+        rights: [
+            "Access - Request a copy of all your personal data",
+            "Portability - Export your data in machine-readable format",
+            "Erasure - Request deletion of your personal data",
+            "Rectification - Correct inaccurate personal data",
+            "Objection - Object to processing based on legitimate interest",
+            "Restriction - Request limited processing of your data",
+        ],
+        contact: `For data protection inquiries:
+Email: support@pantheonsecurity.io
+GitHub: https://github.com/Pantheon-Security/notebooklm-mcp-secure`,
+    },
+    summary: `This tool processes data locally on your device to enable NotebookLM access via MCP.
+What we collect:
+- Browser session data (cookies, local storage)
+- NotebookLM URLs and metadata
+- Security audit logs
+All data is:
+- Stored locally only (no cloud sync)
+- Encrypted with post-quantum cryptography
+- Subject to automatic retention policies
+Your rights: Access, Export, Erasure, Portability`,
+};
+/**
+ * CLI-formatted privacy notice for terminal display
+ */
+export function getPrivacyNoticeCLI() {
+    const notice = PRIVACY_NOTICE;
+    const width = 68;
+    const border = "═".repeat(width);
+    return `
+╔${border}╗
+║${"PRIVACY NOTICE v" + notice.version}${" ".repeat(width - 18 - notice.version.length)}║
+╠${border}╣
+║${" ".repeat(width)}║
+║  This tool processes the following data locally on your device:${" ".repeat(width - 65)}║
+║${" ".repeat(width)}║
+║  • Browser session data (cookies, local storage)${" ".repeat(width - 51)}║
+║  • NotebookLM URLs and metadata${" ".repeat(width - 34)}║
+║  • Query history (for session context)${" ".repeat(width - 41)}║
+║  • Security audit logs${" ".repeat(width - 25)}║
+║${" ".repeat(width)}║
+║  All data is:${" ".repeat(width - 15)}║
+║  ✓ Stored locally only (no cloud sync)${" ".repeat(width - 41)}║
+║  ✓ Encrypted with post-quantum cryptography${" ".repeat(width - 46)}║
+║  ✓ Subject to automatic retention policies${" ".repeat(width - 44)}║
+║${" ".repeat(width)}║
+║  Your rights: Access, Export, Erasure, Portability${" ".repeat(width - 53)}║
+║${" ".repeat(width)}║
+║  Full policy: https://github.com/Pantheon-Security/...${" ".repeat(width - 57)}║
+║${" ".repeat(width)}║
+╠${border}╣
+║  By continuing, you acknowledge this privacy notice.${" ".repeat(width - 55)}║
+║${" ".repeat(width)}║
+║  [Press Enter to continue, or Ctrl+C to exit]${" ".repeat(width - 48)}║
+╚${border}╝
+`;
+}
+/**
+ * Compact privacy notice for JSON responses
+ */
+export function getPrivacyNoticeCompact() {
+    return {
+        version: PRIVACY_NOTICE.version,
+        summary: PRIVACY_NOTICE.summary,
+        data_collected: PRIVACY_NOTICE.sections.data_collected,
+        purposes: PRIVACY_NOTICE.sections.purposes,
+        rights: PRIVACY_NOTICE.sections.rights,
+        full_notice_url: process.env.NLMCP_PRIVACY_NOTICE_URL ||
+            "https://github.com/Pantheon-Security/notebooklm-mcp-secure/blob/main/SECURITY.md",
+    };
+}
+/**
+ * Get structured privacy notice for MCP tool response
+ */
+export function getPrivacyNoticeStructured() {
+    return {
+        version: PRIVACY_NOTICE.version,
+        effective_date: PRIVACY_NOTICE.effective_date,
+        data_controller: PRIVACY_NOTICE.sections.data_controller,
+        data_collected: PRIVACY_NOTICE.sections.data_collected,
+        purposes: PRIVACY_NOTICE.sections.purposes,
+        legal_basis: PRIVACY_NOTICE.sections.legal_basis,
+        retention: PRIVACY_NOTICE.sections.retention,
+        rights: PRIVACY_NOTICE.sections.rights,
+        contact: PRIVACY_NOTICE.sections.contact,
+    };
+}
+/**
+ * Get data processing agreement summary
+ */
+export function getProcessingAgreement() {
+    return {
+        version: PRIVACY_NOTICE.version,
+        processor: "Pantheon Security (local processing only)",
+        sub_processors: [
+            "None - All data is processed locally on your device",
+        ],
+        data_location: "Local device only (no cloud transfer)",
+        security_measures: [
+            "Post-quantum encryption (ML-KEM-768 + ChaCha20-Poly1305)",
+            "Certificate pinning for Google connections",
+            "Memory scrubbing for sensitive data",
+            "Tamper-evident audit logging",
+            "Secure file permissions",
+        ],
+        breach_notification: "In the unlikely event of a data breach, we will notify affected users within 72 hours as required by GDPR.",
+    };
+}
+//# sourceMappingURL=privacy-notice-text.js.map

package/dist/compliance/privacy-notice-text.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"privacy-notice-text.js","sourceRoot":"","sources":["../../src/compliance/privacy-notice-text.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,OAAO,CAAC;AAE9C;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAkB;IAC3C,OAAO,EAAE,sBAAsB;IAC/B,cAAc,EAAE,YAAY;IAE5B,QAAQ,EAAE;QACR,eAAe,EAAE;;;;iGAI4E;QAE7F,cAAc,EAAE;YACd,wFAAwF;YACxF,qEAAqE;YACrE,oEAAoE;YACpE,8DAA8D;YAC9D,4DAA4D;SAC7D;QAED,QAAQ,EAAE;YACR,0EAA0E;YAC1E,kEAAkE;YAClE,2DAA2D;YAC3D,0DAA0D;SAC3D;QAED,WAAW,EAAE;YACX,sEAAsE;YACtE,8DAA8D;YAC9D,0EAA0E;SAC3E;QAED,SAAS,EAAE;;;;;2CAK4B;QAEvC,MAAM,EAAE;YACN,mDAAmD;YACnD,2DAA2D;YAC3D,kDAAkD;YAClD,kDAAkD;YAClD,+DAA+D;YAC/D,uDAAuD;SACxD;QAED,OAAO,EAAE;;mEAEsD;KAChE;IAED,OAAO,EAAE;;;;;;;;;;;;kDAYuC;CACjD,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,MAAM,MAAM,GAAG,cAAc,CAAC;IAC9B,MAAM,KAAK,GAAG,EAAE,CAAC;IACjB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAEjC,OAAO;GACN,MAAM;GACN,kBAAkB,GAAG,MAAM,CAAC,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;GACpF,MAAM;GACN,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;mEAC+C,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;GACtF,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;oDACgC,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;mCACvC,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;0CACf,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;0BACtC,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;GAC7C,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;iBACH,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;0CACG,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;+CACjB,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;8CACvB,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;GACjE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;sDACkC,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;GACzE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;0DACsC,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;GAC7E,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;GACjB,MAAM;wDAC+C,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;GAC3E,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;iDAC6B,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,EAAE,CAAC;GACpE,MAAM;CACR,CAAC;AACF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB;IAQrC,OAAO;QACL,OAAO,EAAE,cAAc,CAAC,OAAO;QAC/B,OAAO,EAAE,cAAc,CAAC,OAAO;QAC/B,cAAc,EAAE,cAAc,CAAC,QAAQ,CAAC,cAAc;QACtD,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC,QAAQ;QAC1C,MAAM,EAAE,cAAc,CAAC,QAAQ,CAAC,MAAM;QACtC,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,wBAAwB;YACnD,kFAAkF;KACrF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0BAA0B;IAWxC,OAAO;QACL,OAAO,EAAE,cAAc,CAAC,OAAO;QAC/B,cAAc,EAAE,cAAc,CAAC,cAAc;QAC7C,eAAe,EAAE,cAAc,CAAC,QAAQ,CAAC,eAAe;QACxD,cAAc,EAAE,cAAc,CAAC,QAAQ,CAAC,cAAc;QACtD,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC,QAAQ;QAC1C,WAAW,EAAE,cAAc,CAAC,QAAQ,CAAC,WAAW;QAChD,SAAS,EAAE,cAAc,CAAC,QAAQ,CAAC,SAAS;QAC5C,MAAM,EAAE,cAAc,CAAC,QAAQ,CAAC,MAAM;QACtC,OAAO,EAAE,cAAc,CAAC,QAAQ,CAAC,OAAO;KACzC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB;IAQpC,OAAO;QACL,OAAO,EAAE,cAAc,CAAC,OAAO;QAC/B,SAAS,EAAE,2CAA2C;QACtD,cAAc,EAAE;YACd,qDAAqD;SACtD;QACD,aAAa,EAAE,uCAAuC;QACtD,iBAAiB,EAAE;YACjB,0DAA0D;YAC1D,4CAA4C;YAC5C,qCAAqC;YACrC,8BAA8B;YAC9B,yBAAyB;SAC1B;QACD,mBAAmB,EAAE,4GAA4G;KAClI,CAAC;AACJ,CAAC"}

package/dist/compliance/privacy-notice.d.ts ADDED Viewed

@@ -0,0 +1,128 @@
+/**
+ * Privacy Notice Display Handler
+ *
+ * Manages display of privacy notice on first run and version updates.
+ * Tracks acknowledgment and integrates with consent management.
+ *
+ * Added by Pantheon Security for enterprise compliance support.
+ */
+import { PRIVACY_NOTICE, getPrivacyNoticeCompact, getPrivacyNoticeStructured } from "./privacy-notice-text.js";
+/**
+ * Privacy notice acknowledgment record
+ */
+interface PrivacyNoticeAcknowledgment {
+    version: string;
+    acknowledged_at: string;
+    method: "cli" | "api" | "auto";
+}
+/**
+ * Privacy Notice Manager class
+ */
+export declare class PrivacyNoticeManager {
+    private static instance;
+    private acknowledgmentFile;
+    private acknowledgments;
+    private loaded;
+    private constructor();
+    /**
+     * Get singleton instance
+     */
+    static getInstance(): PrivacyNoticeManager;
+    /**
+     * Load acknowledgments from storage
+     */
+    private load;
+    /**
+     * Save acknowledgments to storage
+     */
+    private save;
+    /**
+     * Check if privacy notice needs to be shown
+     */
+    needsDisplay(): Promise<boolean>;
+    /**
+     * Check if this is the first run ever
+     */
+    isFirstRun(): Promise<boolean>;
+    /**
+     * Get the CLI-formatted privacy notice
+     */
+    getCLINotice(): string;
+    /**
+     * Get compact privacy notice (for API responses)
+     */
+    getCompactNotice(): ReturnType<typeof getPrivacyNoticeCompact>;
+    /**
+     * Get structured privacy notice (full details)
+     */
+    getStructuredNotice(): ReturnType<typeof getPrivacyNoticeStructured>;
+    /**
+     * Get full privacy notice object
+     */
+    getFullNotice(): typeof PRIVACY_NOTICE;
+    /**
+     * Record acknowledgment of privacy notice
+     */
+    acknowledge(method?: "cli" | "api" | "auto"): Promise<void>;
+    /**
+     * Get acknowledgment history
+     */
+    getAcknowledgmentHistory(): Promise<PrivacyNoticeAcknowledgment[]>;
+    /**
+     * Get the current privacy notice version
+     */
+    getCurrentVersion(): string;
+    /**
+     * Check if a specific version has been acknowledged
+     */
+    hasAcknowledgedVersion(version: string): Promise<boolean>;
+    /**
+     * Get status summary
+     */
+    getStatus(): Promise<{
+        currentVersion: string;
+        needsDisplay: boolean;
+        isFirstRun: boolean;
+        acknowledgedVersions: string[];
+        lastAcknowledgment?: {
+            version: string;
+            acknowledged_at: string;
+            method: string;
+        };
+    }>;
+    /**
+     * Display privacy notice in console (for CLI use)
+     */
+    displayInConsole(): void;
+    /**
+     * Check and prompt for privacy notice if needed
+     * Returns true if acknowledged, false if user declined
+     */
+    checkAndPrompt(): Promise<boolean>;
+    /**
+     * Delete all acknowledgment records (for data erasure)
+     */
+    deleteAllRecords(): Promise<number>;
+}
+/**
+ * Get the privacy notice manager instance
+ */
+export declare function getPrivacyNoticeManager(): PrivacyNoticeManager;
+/**
+ * Check if privacy notice needs to be displayed
+ */
+export declare function needsPrivacyNotice(): Promise<boolean>;
+/**
+ * Acknowledge the privacy notice
+ */
+export declare function acknowledgePrivacyNotice(method?: "cli" | "api" | "auto"): Promise<void>;
+/**
+ * Get the privacy notice for display
+ */
+export declare function getPrivacyNotice(): ReturnType<typeof getPrivacyNoticeStructured>;
+/**
+ * Get CLI-formatted privacy notice
+ */
+export declare function getPrivacyNoticeCLIText(): string;
+export {};
+//# sourceMappingURL=privacy-notice.d.ts.map

package/dist/compliance/privacy-notice.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"privacy-notice.d.ts","sourceRoot":"","sources":["../../src/compliance/privacy-notice.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAQH,OAAO,EACL,cAAc,EAGd,uBAAuB,EACvB,0BAA0B,EAC3B,MAAM,0BAA0B,CAAC;AAElC;;GAEG;AACH,UAAU,2BAA2B;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,MAAM,CAAC;IACxB,MAAM,EAAE,KAAK,GAAG,KAAK,GAAG,MAAM,CAAC;CAChC;AAED;;GAEG;AACH,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAuB;IAC9C,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,eAAe,CAAqC;IAC5D,OAAO,CAAC,MAAM,CAAkB;IAEhC,OAAO;IAKP;;OAEG;WACW,WAAW,IAAI,oBAAoB;IAOjD;;OAEG;YACW,IAAI;IAgBlB;;OAEG;YACW,IAAI;IAalB;;OAEG;IACU,YAAY,IAAI,OAAO,CAAC,OAAO,CAAC;IAW7C;;OAEG;IACU,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC;IAK3C;;OAEG;IACI,YAAY,IAAI,MAAM;IAI7B;;OAEG;IACI,gBAAgB,IAAI,UAAU,CAAC,OAAO,uBAAuB,CAAC;IAIrE;;OAEG;IACI,mBAAmB,IAAI,UAAU,CAAC,OAAO,0BAA0B,CAAC;IAI3E;;OAEG;IACI,aAAa,IAAI,OAAO,cAAc;IAI7C;;OAEG;IACU,WAAW,CAAC,MAAM,GAAE,KAAK,GAAG,KAAK,GAAG,MAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAgC/E;;OAEG;IACU,wBAAwB,IAAI,OAAO,CAAC,2BAA2B,EAAE,CAAC;IAO/E;;OAEG;IACI,iBAAiB,IAAI,MAAM;IAIlC;;OAEG;IACU,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKtE;;OAEG;IACU,SAAS,IAAI,OAAO,CAAC;QAChC,cAAc,EAAE,MAAM,CAAC;QACvB,YAAY,EAAE,OAAO,CAAC;QACtB,UAAU,EAAE,OAAO,CAAC;QACpB,oBAAoB,EAAE,MAAM,EAAE,CAAC;QAC/B,kBAAkB,CAAC,EAAE;YACnB,OAAO,EAAE,MAAM,CAAC;YAChB,eAAe,EAAE,MAAM,CAAC;YACxB,MAAM,EAAE,MAAM,CAAC;SAChB,CAAC;KACH,CAAC;IAmBF;;OAEG;IACI,gBAAgB,IAAI,IAAI;IAI/B;;;OAGG;IACU,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC;IA0B/C;;OAEG;IACU,gBAAgB,IAAI,OAAO,CAAC,MAAM,CAAC;CAoBjD;AAMD;;GAEG;AACH,wBAAgB,uBAAuB,IAAI,oBAAoB,CAE9D;AAMD;;GAEG;AACH,wBAAsB,kBAAkB,IAAI,OAAO,CAAC,OAAO,CAAC,CAE3D;AAED;;GAEG;AACH,wBAAsB,wBAAwB,CAC5C,MAAM,GAAE,KAAK,GAAG,KAAK,GAAG,MAAc,GACrC,OAAO,CAAC,IAAI,CAAC,CAEf;AAED;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,UAAU,CAAC,OAAO,0BAA0B,CAAC,CAEhF;AAED;;GAEG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CAEhD"}

package/dist/compliance/privacy-notice.js ADDED Viewed

@@ -0,0 +1,250 @@
+/**
+ * Privacy Notice Display Handler
+ *
+ * Manages display of privacy notice on first run and version updates.
+ * Tracks acknowledgment and integrates with consent management.
+ *
+ * Added by Pantheon Security for enterprise compliance support.
+ */
+import path from "path";
+import fs from "fs";
+import { getConfig } from "../config.js";
+import { writeFileSecure, mkdirSecure } from "../utils/file-permissions.js";
+import { getConsentManager } from "./consent-manager.js";
+import { getComplianceLogger } from "./compliance-logger.js";
+import { PRIVACY_NOTICE, PRIVACY_NOTICE_VERSION, getPrivacyNoticeCLI, getPrivacyNoticeCompact, getPrivacyNoticeStructured, } from "./privacy-notice-text.js";
+/**
+ * Privacy Notice Manager class
+ */
+export class PrivacyNoticeManager {
+    static instance;
+    acknowledgmentFile;
+    acknowledgments = [];
+    loaded = false;
+    constructor() {
+        const config = getConfig();
+        this.acknowledgmentFile = path.join(config.configDir, "privacy-acknowledgment.json");
+    }
+    /**
+     * Get singleton instance
+     */
+    static getInstance() {
+        if (!PrivacyNoticeManager.instance) {
+            PrivacyNoticeManager.instance = new PrivacyNoticeManager();
+        }
+        return PrivacyNoticeManager.instance;
+    }
+    /**
+     * Load acknowledgments from storage
+     */
+    async load() {
+        if (this.loaded)
+            return;
+        try {
+            if (fs.existsSync(this.acknowledgmentFile)) {
+                const content = fs.readFileSync(this.acknowledgmentFile, "utf-8");
+                const data = JSON.parse(content);
+                this.acknowledgments = data.acknowledgments || [];
+            }
+        }
+        catch {
+            this.acknowledgments = [];
+        }
+        this.loaded = true;
+    }
+    /**
+     * Save acknowledgments to storage
+     */
+    async save() {
+        const dir = path.dirname(this.acknowledgmentFile);
+        mkdirSecure(dir);
+        const data = {
+            current_version: PRIVACY_NOTICE_VERSION,
+            acknowledgments: this.acknowledgments,
+            last_updated: new Date().toISOString(),
+        };
+        writeFileSecure(this.acknowledgmentFile, JSON.stringify(data, null, 2));
+    }
+    /**
+     * Check if privacy notice needs to be shown
+     */
+    async needsDisplay() {
+        await this.load();
+        // Check if current version has been acknowledged
+        const currentAck = this.acknowledgments.find(a => a.version === PRIVACY_NOTICE_VERSION);
+        return !currentAck;
+    }
+    /**
+     * Check if this is the first run ever
+     */
+    async isFirstRun() {
+        await this.load();
+        return this.acknowledgments.length === 0;
+    }
+    /**
+     * Get the CLI-formatted privacy notice
+     */
+    getCLINotice() {
+        return getPrivacyNoticeCLI();
+    }
+    /**
+     * Get compact privacy notice (for API responses)
+     */
+    getCompactNotice() {
+        return getPrivacyNoticeCompact();
+    }
+    /**
+     * Get structured privacy notice (full details)
+     */
+    getStructuredNotice() {
+        return getPrivacyNoticeStructured();
+    }
+    /**
+     * Get full privacy notice object
+     */
+    getFullNotice() {
+        return PRIVACY_NOTICE;
+    }
+    /**
+     * Record acknowledgment of privacy notice
+     */
+    async acknowledge(method = "cli") {
+        await this.load();
+        const acknowledgment = {
+            version: PRIVACY_NOTICE_VERSION,
+            acknowledged_at: new Date().toISOString(),
+            method,
+        };
+        this.acknowledgments.push(acknowledgment);
+        await this.save();
+        // Also record consent
+        const consentManager = getConsentManager();
+        await consentManager.acknowledgePrivacyNotice();
+        // Log the acknowledgment
+        const logger = getComplianceLogger();
+        await logger.log("consent", "privacy_notice_acknowledged", { type: "user" }, "success", {
+            details: {
+                version: PRIVACY_NOTICE_VERSION,
+                method,
+            },
+        });
+    }
+    /**
+     * Get acknowledgment history
+     */
+    async getAcknowledgmentHistory() {
+        await this.load();
+        return [...this.acknowledgments].sort((a, b) => new Date(b.acknowledged_at).getTime() - new Date(a.acknowledged_at).getTime());
+    }
+    /**
+     * Get the current privacy notice version
+     */
+    getCurrentVersion() {
+        return PRIVACY_NOTICE_VERSION;
+    }
+    /**
+     * Check if a specific version has been acknowledged
+     */
+    async hasAcknowledgedVersion(version) {
+        await this.load();
+        return this.acknowledgments.some(a => a.version === version);
+    }
+    /**
+     * Get status summary
+     */
+    async getStatus() {
+        await this.load();
+        const history = await this.getAcknowledgmentHistory();
+        const lastAck = history[0];
+        return {
+            currentVersion: PRIVACY_NOTICE_VERSION,
+            needsDisplay: await this.needsDisplay(),
+            isFirstRun: await this.isFirstRun(),
+            acknowledgedVersions: [...new Set(this.acknowledgments.map(a => a.version))],
+            lastAcknowledgment: lastAck ? {
+                version: lastAck.version,
+                acknowledged_at: lastAck.acknowledged_at,
+                method: lastAck.method,
+            } : undefined,
+        };
+    }
+    /**
+     * Display privacy notice in console (for CLI use)
+     */
+    displayInConsole() {
+        console.log(this.getCLINotice());
+    }
+    /**
+     * Check and prompt for privacy notice if needed
+     * Returns true if acknowledged, false if user declined
+     */
+    async checkAndPrompt() {
+        const needs = await this.needsDisplay();
+        if (!needs) {
+            return true; // Already acknowledged
+        }
+        // In non-interactive mode, auto-acknowledge with warning
+        if (!process.stdin.isTTY) {
+            console.warn("[Privacy Notice] Running in non-interactive mode. " +
+                "Privacy notice auto-acknowledged. Version: " + PRIVACY_NOTICE_VERSION);
+            await this.acknowledge("auto");
+            return true;
+        }
+        // Display notice
+        this.displayInConsole();
+        // In a real CLI, we'd wait for input here
+        // For MCP server use, the notice is informational
+        await this.acknowledge("cli");
+        return true;
+    }
+    /**
+     * Delete all acknowledgment records (for data erasure)
+     */
+    async deleteAllRecords() {
+        await this.load();
+        const count = this.acknowledgments.length;
+        // Log before deletion
+        const logger = getComplianceLogger();
+        await logger.logDataDeletion({ type: "user" }, "privacy_acknowledgments", count, true, { action: "erasure_request" });
+        this.acknowledgments = [];
+        await this.save();
+        return count;
+    }
+}
+// ============================================
+// SINGLETON ACCESS
+// ============================================
+/**
+ * Get the privacy notice manager instance
+ */
+export function getPrivacyNoticeManager() {
+    return PrivacyNoticeManager.getInstance();
+}
+// ============================================
+// CONVENIENCE EXPORTS
+// ============================================
+/**
+ * Check if privacy notice needs to be displayed
+ */
+export async function needsPrivacyNotice() {
+    return getPrivacyNoticeManager().needsDisplay();
+}
+/**
+ * Acknowledge the privacy notice
+ */
+export async function acknowledgePrivacyNotice(method = "cli") {
+    return getPrivacyNoticeManager().acknowledge(method);
+}
+/**
+ * Get the privacy notice for display
+ */
+export function getPrivacyNotice() {
+    return getPrivacyNoticeManager().getStructuredNotice();
+}
+/**
+ * Get CLI-formatted privacy notice
+ */
+export function getPrivacyNoticeCLIText() {
+    return getPrivacyNoticeManager().getCLINotice();
+}
+//# sourceMappingURL=privacy-notice.js.map

package/dist/compliance/privacy-notice.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"privacy-notice.js","sourceRoot":"","sources":["../../src/compliance/privacy-notice.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EACL,cAAc,EACd,sBAAsB,EACtB,mBAAmB,EACnB,uBAAuB,EACvB,0BAA0B,GAC3B,MAAM,0BAA0B,CAAC;AAWlC;;GAEG;AACH,MAAM,OAAO,oBAAoB;IACvB,MAAM,CAAC,QAAQ,CAAuB;IACtC,kBAAkB,CAAS;IAC3B,eAAe,GAAkC,EAAE,CAAC;IACpD,MAAM,GAAY,KAAK,CAAC;IAEhC;QACE,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,6BAA6B,CAAC,CAAC;IACvF,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,WAAW;QACvB,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,CAAC;YACnC,oBAAoB,CAAC,QAAQ,GAAG,IAAI,oBAAoB,EAAE,CAAC;QAC7D,CAAC;QACD,OAAO,oBAAoB,CAAC,QAAQ,CAAC;IACvC,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,IAAI;QAChB,IAAI,IAAI,CAAC,MAAM;YAAE,OAAO;QAExB,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC3C,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,kBAAkB,EAAE,OAAO,CAAC,CAAC;gBAClE,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBACjC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,EAAE,CAAC;YACpD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,eAAe,GAAG,EAAE,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACrB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,IAAI;QAChB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAClD,WAAW,CAAC,GAAG,CAAC,CAAC;QAEjB,MAAM,IAAI,GAAG;YACX,eAAe,EAAE,sBAAsB;YACvC,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACvC,CAAC;QAEF,eAAe,CAAC,IAAI,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC1E,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY;QACvB,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,iDAAiD;QACjD,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,sBAAsB,CAC1C,CAAC;QAEF,OAAO,CAAC,UAAU,CAAC;IACrB,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,UAAU;QACrB,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACI,YAAY;QACjB,OAAO,mBAAmB,EAAE,CAAC;IAC/B,CAAC;IAED;;OAEG;IACI,gBAAgB;QACrB,OAAO,uBAAuB,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACI,mBAAmB;QACxB,OAAO,0BAA0B,EAAE,CAAC;IACtC,CAAC;IAED;;OAEG;IACI,aAAa;QAClB,OAAO,cAAc,CAAC;IACxB,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,WAAW,CAAC,SAAiC,KAAK;QAC7D,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,MAAM,cAAc,GAAgC;YAClD,OAAO,EAAE,sBAAsB;YAC/B,eAAe,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACzC,MAAM;SACP,CAAC;QAEF,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC1C,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,sBAAsB;QACtB,MAAM,cAAc,GAAG,iBAAiB,EAAE,CAAC;QAC3C,MAAM,cAAc,CAAC,wBAAwB,EAAE,CAAC;QAEhD,yBAAyB;QACzB,MAAM,MAAM,GAAG,mBAAmB,EAAE,CAAC;QACrC,MAAM,MAAM,CAAC,GAAG,CACd,SAAS,EACT,6BAA6B,EAC7B,EAAE,IAAI,EAAE,MAAM,EAAE,EAChB,SAAS,EACT;YACE,OAAO,EAAE;gBACP,OAAO,EAAE,sBAAsB;gBAC/B,MAAM;aACP;SACF,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB;QACnC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAC7C,IAAI,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,OAAO,EAAE,CAC9E,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,iBAAiB;QACtB,OAAO,sBAAsB,CAAC;IAChC,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,sBAAsB,CAAC,OAAe;QACjD,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS;QAWpB,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;QACtD,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE3B,OAAO;YACL,cAAc,EAAE,sBAAsB;YACtC,YAAY,EAAE,MAAM,IAAI,CAAC,YAAY,EAAE;YACvC,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,EAAE;YACnC,oBAAoB,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;YAC5E,kBAAkB,EAAE,OAAO,CAAC,CAAC,CAAC;gBAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,eAAe,EAAE,OAAO,CAAC,eAAe;gBACxC,MAAM,EAAE,OAAO,CAAC,MAAM;aACvB,CAAC,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,gBAAgB;QACrB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;IACnC,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,cAAc;QACzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAExC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,CAAC,uBAAuB;QACtC,CAAC;QAED,yDAAyD;QACzD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACzB,OAAO,CAAC,IAAI,CACV,oDAAoD;gBACpD,6CAA6C,GAAG,sBAAsB,CACvE,CAAC;YACF,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YAC/B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,iBAAiB;QACjB,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExB,0CAA0C;QAC1C,kDAAkD;QAClD,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB;QAC3B,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC;QAE1C,sBAAsB;QACtB,MAAM,MAAM,GAAG,mBAAmB,EAAE,CAAC;QACrC,MAAM,MAAM,CAAC,eAAe,CAC1B,EAAE,IAAI,EAAE,MAAM,EAAE,EAChB,yBAAyB,EACzB,KAAK,EACL,IAAI,EACJ,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAC9B,CAAC;QAEF,IAAI,CAAC,eAAe,GAAG,EAAE,CAAC;QAC1B,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAED,+CAA+C;AAC/C,mBAAmB;AACnB,+CAA+C;AAE/C;;GAEG;AACH,MAAM,UAAU,uBAAuB;IACrC,OAAO,oBAAoB,CAAC,WAAW,EAAE,CAAC;AAC5C,CAAC;AAED,+CAA+C;AAC/C,sBAAsB;AACtB,+CAA+C;AAE/C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,OAAO,uBAAuB,EAAE,CAAC,YAAY,EAAE,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,SAAiC,KAAK;IAEtC,OAAO,uBAAuB,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;AACvD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB;IAC9B,OAAO,uBAAuB,EAAE,CAAC,mBAAmB,EAAE,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB;IACrC,OAAO,uBAAuB,EAAE,CAAC,YAAY,EAAE,CAAC;AAClD,CAAC"}