@provos/ironcurtain 0.1.0

package/dist/pipeline/constitution-compiler.js

@@ -0,0 +1,197 @@
+/**
+ * Constitution Compiler -- LLM-driven compilation of English-language
+ * constitution principles into enforceable declarative policy rules.
+ *
+ * The compiler takes the constitution text, tool annotations, and system
+ * config (concrete directory paths) and produces an ordered rule chain
+ * that faithfully implements the non-structural principles.
+ */
+import { z } from 'zod';
+import { generateObjectWithRepair } from './generate-with-repair.js';
+import { isArgumentRole, getArgumentRoleValues } from '../types/argument-roles.js';
+import { formatExecutionResults } from './policy-verifier.js';
+const pathConditionSchema = z.object({
+    roles: z.array(z.enum(getArgumentRoleValues())),
+    within: z.string(),
+});
+const domainConditionSchema = z.object({
+    roles: z.array(z.enum(getArgumentRoleValues())),
+    allowed: z.array(z.string()),
+});
+function buildCompilerResponseSchema(serverNames, toolNames) {
+    const compiledRuleSchema = z.object({
+        name: z.string(),
+        description: z.string(),
+        principle: z.string(),
+        if: z.object({
+            roles: z.array(z.enum(getArgumentRoleValues())).optional(),
+            server: z.array(z.enum(serverNames)).optional(),
+            tool: z.array(z.enum(toolNames)).optional(),
+            sideEffects: z.boolean().optional(),
+            paths: pathConditionSchema.optional(),
+            domains: domainConditionSchema.optional(),
+        }),
+        then: z.enum(['allow', 'deny', 'escalate']),
+        reason: z.string(),
+    });
+    return z.object({
+        rules: z.array(compiledRuleSchema),
+    });
+}
+export function buildCompilerPrompt(constitutionText, annotations, config) {
+    const annotationsSummary = annotations.map(a => {
+        const argsDesc = Object.entries(a.args)
+            .map(([name, roles]) => `    ${name}: [${roles.join(', ')}]`)
+            .join('\n');
+        return `  ${a.serverName}/${a.toolName}: ${a.comment}, sideEffects=${a.sideEffects}\n    args:\n${argsDesc || '    (none)'}`;
+    }).join('\n');
+    return `You are compiling a security policy from a constitution document into enforceable declarative rules.
+
+## Constitution
+
+${constitutionText}
+
+## Tool Annotations
+
+These are the available tools and their classified capabilities:
+
+${annotationsSummary}
+
+## Structural Invariants (handled automatically by the engine -- do NOT generate rules for these)
+
+The following checks are hardcoded and evaluated BEFORE compiled rules:
+
+1. **Protected paths** -- any read, write, or delete targeting these paths is automatically denied:
+${config.protectedPaths.map(p => `- ${p}`).join('\n')}
+
+2. **Sandbox containment** -- any tool call where ALL paths are within the sandbox directory is automatically allowed. Do NOT generate rules for sandbox-internal operations; the engine handles this at runtime with the dynamically configured sandbox path.
+
+## Instructions
+
+Produce an ORDERED list of policy rules (first match wins). Each rule has:
+- "name": a kebab-case identifier
+- "description": what the rule does
+- "principle": which constitution principle this implements
+- "if": conditions that must ALL be true for the rule to fire:
+  - "roles": array of argument roles to match. The rule fires if the tool has ANY argument with ANY of these roles. Use this for blanket rules (e.g., deny all tools with delete-path arguments). Omit = any tool.
+  - "server": array of server names (omit = any server)
+  - "tool": array of specific tool names (omit = any matching tool)
+  - "sideEffects": match on the tool's sideEffects annotation (omit = don't filter)
+  - "paths": path condition with "roles" (which argument roles to extract paths from) and "within" (concrete absolute directory). Rule fires only if ALL extracted paths are within that directory. If zero paths are extracted (tool has no matching path arguments), the condition is NOT satisfied and the rule does NOT match. This implicitly requires matching roles, so top-level "roles" is redundant when "paths" is present.
+  - "domains": domain condition with "roles" (which URL argument roles to extract domains from) and "allowed" (list of allowed domain patterns, e.g. ["github.com", "*.github.com"]). Rule fires only if ALL extracted domains match an allowed pattern. Supports exact match, "*.example.com" prefix wildcards, and "*" (any domain). If zero URLs are extracted, the condition is NOT satisfied and the rule does NOT match.
+- "then": the policy decision:
+  - "allow" — the operation is explicitly permitted by the constitution
+  - "deny" — the operation is categorically forbidden by the constitution (absolute prohibition)
+  - "escalate" — the operation is not explicitly permitted but also not forbidden; route to a human for approval
+- "reason": human-readable explanation
+
+CRITICAL RULES:
+1. Do NOT generate rules for protected path checking, unknown tool denial, or sandbox containment -- those are handled by structural invariants in the engine.
+2. Use CONCRETE ABSOLUTE paths (e.g., "/home/user/Downloads"), not abstract labels.
+3. "Outside a directory" semantics: use rule ordering. A rule with "within" matches the inside case; the next rule without "paths" catches everything else as a fallthrough.
+4. The move tool's source argument has both read-path and delete-path roles. A blanket "roles": ["delete-path"] rule will catch all moves.
+5. Order matters: more specific rules before more general ones.
+6. Use all three decision types. Map each constitution principle to the appropriate decision: "allow" for grants, "deny" for prohibitions, and "escalate" for principles that require human judgment or approval. If the constitution does not explicitly forbid an operation, prefer "escalate" over "deny" so a human can decide.
+7. The rule chain must cover all operation types with appropriate fallthrough rules. Do not leave gaps — every combination of argument roles should eventually match a rule.
+
+Be concise in descriptions and reasons -- one sentence each.`;
+}
+export function buildRepairPrompt(basePrompt, repairContext) {
+    const rulesText = repairContext.previousRules
+        .map((r, i) => `  ${i + 1}. [${r.name}] if: ${JSON.stringify(r.if)} then: ${r.then} -- ${r.reason}`)
+        .join('\n');
+    const failuresText = formatExecutionResults(repairContext.failedScenarios);
+    return `${basePrompt}
+
+## REPAIR INSTRUCTIONS (attempt ${repairContext.attemptNumber})
+
+Your previous compilation produced rules that failed verification. You MUST fix these issues.
+
+### Previous Rules
+
+${rulesText}
+
+### Failed Scenarios
+
+${failuresText}
+
+### Judge Analysis
+
+${repairContext.judgeAnalysis}
+
+### Requirements
+
+1. Fix the rule ordering, conditions, or add missing rules to make ALL failed scenarios pass.
+2. Do NOT break scenarios that were already passing — only fix the failures.
+3. Pay close attention to the judge analysis for specific guidance on what went wrong.
+4. Return a complete, corrected rule set (not just the changed rules).`;
+}
+export async function compileConstitution(constitutionText, annotations, config, llm, repairContext, onProgress) {
+    const serverNames = [...new Set(annotations.map(a => a.serverName))];
+    const toolNames = [...new Set(annotations.map(a => a.toolName))];
+    const schema = buildCompilerResponseSchema(serverNames, toolNames);
+    const basePrompt = buildCompilerPrompt(constitutionText, annotations, config);
+    const prompt = repairContext
+        ? buildRepairPrompt(basePrompt, repairContext)
+        : basePrompt;
+    const { output } = await generateObjectWithRepair({
+        model: llm,
+        schema,
+        prompt,
+        onProgress,
+    });
+    return output.rules;
+}
+export function validateCompiledRules(rules) {
+    const errors = [];
+    const warnings = [];
+    for (const rule of rules) {
+        // Validate top-level roles
+        if (rule.if.roles) {
+            for (const role of rule.if.roles) {
+                if (!isArgumentRole(role)) {
+                    errors.push(`Rule "${rule.name}": invalid role "${role}" in roles`);
+                }
+            }
+        }
+        // Validate path roles
+        if (rule.if.paths) {
+            for (const role of rule.if.paths.roles) {
+                if (!isArgumentRole(role)) {
+                    errors.push(`Rule "${rule.name}": invalid role "${role}" in paths.roles`);
+                }
+            }
+            // Validate within is an absolute path
+            if (!rule.if.paths.within.startsWith('/')) {
+                errors.push(`Rule "${rule.name}": paths.within must be an absolute path, got "${rule.if.paths.within}"`);
+            }
+        }
+        // Validate domain roles
+        if (rule.if.domains) {
+            for (const role of rule.if.domains.roles) {
+                if (!isArgumentRole(role)) {
+                    errors.push(`Rule "${rule.name}": invalid role "${role}" in domains.roles`);
+                }
+            }
+            if (rule.if.domains.allowed.length === 0) {
+                warnings.push(`Rule "${rule.name}": domains.allowed is empty (condition will never match)`);
+            }
+        }
+        // Check for structural invariant concepts that should not be compiled
+        const lowerName = rule.name.toLowerCase();
+        const lowerDesc = rule.description.toLowerCase();
+        if (lowerName.includes('protected') ||
+            lowerName.includes('structural') ||
+            lowerName.includes('unknown-tool') ||
+            lowerDesc.includes('protected path') ||
+            lowerDesc.includes('unknown tool')) {
+            errors.push(`Rule "${rule.name}": appears to implement a structural invariant -- these must not be in compiled rules`);
+        }
+    }
+    return {
+        valid: errors.length === 0,
+        errors,
+        warnings,
+    };
+}
+//# sourceMappingURL=constitution-compiler.js.map

package/dist/pipeline/constitution-compiler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constitution-compiler.js","sourceRoot":"","sources":["../../src/pipeline/constitution-compiler.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,wBAAwB,EAAE,MAAM,2BAA2B,CAAC;AAErE,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnF,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAM9D,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IACnC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC,CAAC;IAC/C,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;CACnB,CAAC,CAAC;AAEH,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC,CAAC;IAC/C,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CAC7B,CAAC,CAAC;AAEH,SAAS,2BAA2B,CAClC,WAAkC,EAClC,SAAgC;IAEhC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;QAClC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;QAChB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;QACvB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;QACrB,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC;YACX,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE;YAC1D,MAAM,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,EAAE;YAC/C,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,EAAE;YAC3C,WAAW,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;YACnC,KAAK,EAAE,mBAAmB,CAAC,QAAQ,EAAE;YACrC,OAAO,EAAE,qBAAqB,CAAC,QAAQ,EAAE;SAC1C,CAAC;QACF,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;QAC3C,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;KACnB,CAAC,CAAC;IAEH,OAAO,CAAC,CAAC,MAAM,CAAC;QACd,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC;KACnC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,mBAAmB,CACjC,gBAAwB,EACxB,WAA6B,EAC7B,MAAsB;IAEtB,MAAM,kBAAkB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;QAC7C,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;aACpC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,OAAO,IAAI,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;aAC5D,IAAI,CAAC,IAAI,CAAC,CAAC;QACd,OAAO,KAAK,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,OAAO,iBAAiB,CAAC,CAAC,WAAW,gBAAgB,QAAQ,IAAI,YAAY,EAAE,CAAC;IAC/H,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,OAAO;;;;EAIP,gBAAgB;;;;;;EAMhB,kBAAkB;;;;;;;EAOlB,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;6DAgCQ,CAAC;AAC9D,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,UAAkB,EAClB,aAA4B;IAE5B,MAAM,SAAS,GAAG,aAAa,CAAC,aAAa;SAC1C,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;SACnG,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,MAAM,YAAY,GAAG,sBAAsB,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;IAE3E,OAAO,GAAG,UAAU;;kCAEY,aAAa,CAAC,aAAa;;;;;;EAM3D,SAAS;;;;EAIT,YAAY;;;;EAIZ,aAAa,CAAC,aAAa;;;;;;;uEAO0C,CAAC;AACxE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,gBAAwB,EACxB,WAA6B,EAC7B,MAAsB,EACtB,GAAkB,EAClB,aAA6B,EAC7B,UAAsC;IAEtC,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAA0B,CAAC;IAC9F,MAAM,SAAS,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAA0B,CAAC;IAC1F,MAAM,MAAM,GAAG,2BAA2B,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;IACnE,MAAM,UAAU,GAAG,mBAAmB,CAAC,gBAAgB,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;IAC9E,MAAM,MAAM,GAAG,aAAa;QAC1B,CAAC,CAAC,iBAAiB,CAAC,UAAU,EAAE,aAAa,CAAC;QAC9C,CAAC,CAAC,UAAU,CAAC;IAEf,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,wBAAwB,CAAC;QAChD,KAAK,EAAE,GAAG;QACV,MAAM;QACN,MAAM;QACN,UAAU;KACX,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC,KAAK,CAAC;AACtB,CAAC;AAYD,MAAM,UAAU,qBAAqB,CACnC,KAAqB;IAErB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,2BAA2B;QAC3B,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAClB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;gBACjC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1B,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,oBAAoB,IAAI,YAAY,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;QACH,CAAC;QAED,sBAAsB;QACtB,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAClB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;gBACvC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1B,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,oBAAoB,IAAI,kBAAkB,CAAC,CAAC;gBAC5E,CAAC;YACH,CAAC;YAED,sCAAsC;YACtC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1C,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,kDAAkD,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;YAC3G,CAAC;QACH,CAAC;QAED,wBAAwB;QACxB,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC;YACpB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACzC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1B,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,oBAAoB,IAAI,oBAAoB,CAAC,CAAC;gBAC9E,CAAC;YACH,CAAC;YACD,IAAI,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACzC,QAAQ,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,0DAA0D,CAAC,CAAC;YAC9F,CAAC;QACH,CAAC;QAED,sEAAsE;QACtE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAC1C,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;QACjD,IACE,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC/B,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC;YAChC,SAAS,CAAC,QAAQ,CAAC,cAAc,CAAC;YAClC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YACpC,SAAS,CAAC,QAAQ,CAAC,cAAc,CAAC,EAClC,CAAC;YACD,MAAM,CAAC,IAAI,CACT,SAAS,IAAI,CAAC,IAAI,uFAAuF,CAC1G,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,MAAM;QACN,QAAQ;KACT,CAAC;AACJ,CAAC"}

package/dist/pipeline/generate-with-repair.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Multi-turn LLM repair for schema validation failures.
+ *
+ * Wraps `generateText` with `Output.object`. On schema validation failure
+ * (NoObjectGeneratedError), feeds the Zod error back to the LLM in a
+ * multi-turn conversation so it can fix its output.
+ */
+import type { LanguageModel } from 'ai';
+import type { z } from 'zod';
+interface GenerateObjectWithRepairOptions<T extends z.ZodType> {
+    model: LanguageModel;
+    schema: T;
+    prompt: string;
+    maxRepairAttempts?: number;
+    maxOutputTokens?: number;
+    onProgress?: (message: string) => void;
+}
+export declare function generateObjectWithRepair<T extends z.ZodType>({ model, schema, prompt, maxRepairAttempts, maxOutputTokens, onProgress, }: GenerateObjectWithRepairOptions<T>): Promise<{
+    output: z.infer<T>;
+    repairAttempts: number;
+}>;
+export {};

package/dist/pipeline/generate-with-repair.js

@@ -0,0 +1,64 @@
+/**
+ * Multi-turn LLM repair for schema validation failures.
+ *
+ * Wraps `generateText` with `Output.object`. On schema validation failure
+ * (NoObjectGeneratedError), feeds the Zod error back to the LLM in a
+ * multi-turn conversation so it can fix its output.
+ */
+import { generateText, NoObjectGeneratedError, Output } from 'ai';
+const DEFAULT_MAX_TOKENS = 8192;
+function formatValidationError(cause) {
+    return cause instanceof Error ? cause.message : String(cause);
+}
+export async function generateObjectWithRepair({ model, schema, prompt, maxRepairAttempts = 2, maxOutputTokens = DEFAULT_MAX_TOKENS, onProgress, }) {
+    // First attempt: simple prompt-based call
+    try {
+        const result = await generateText({
+            model,
+            output: Output.object({ schema }),
+            prompt,
+            maxOutputTokens,
+        });
+        return { output: result.output, repairAttempts: 0 };
+    }
+    catch (error) {
+        if (!NoObjectGeneratedError.isInstance(error))
+            throw error;
+        if (maxRepairAttempts <= 0)
+            throw error;
+        // Build multi-turn conversation for repair
+        const messages = [
+            { role: 'user', content: prompt },
+            { role: 'assistant', content: error.text ?? '' },
+            {
+                role: 'user',
+                content: `Your response failed schema validation:\n${formatValidationError(error.cause)}\n\nPlease fix the errors and return valid JSON matching the schema.`,
+            },
+        ];
+        let lastError = error;
+        for (let attempt = 0; attempt < maxRepairAttempts; attempt++) {
+            onProgress?.(`Schema repair ${attempt + 1}/${maxRepairAttempts}...`);
+            try {
+                const result = await generateText({
+                    model,
+                    output: Output.object({ schema }),
+                    messages,
+                    maxOutputTokens,
+                });
+                return { output: result.output, repairAttempts: attempt + 1 };
+            }
+            catch (retryError) {
+                if (!NoObjectGeneratedError.isInstance(retryError))
+                    throw retryError;
+                lastError = retryError;
+                // Append the failed response and error for next attempt
+                messages.push({ role: 'assistant', content: retryError.text ?? '' }, {
+                    role: 'user',
+                    content: `Still failing schema validation:\n${formatValidationError(retryError.cause)}\n\nPlease fix the errors and return valid JSON matching the schema.`,
+                });
+            }
+        }
+        throw lastError;
+    }
+}
+//# sourceMappingURL=generate-with-repair.js.map

package/dist/pipeline/generate-with-repair.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate-with-repair.js","sourceRoot":"","sources":["../../src/pipeline/generate-with-repair.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;AAGlE,MAAM,kBAAkB,GAAG,IAAI,CAAC;AAEhC,SAAS,qBAAqB,CAAC,KAAc;IAC3C,OAAO,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAChE,CAAC;AAWD,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAsB,EAClE,KAAK,EACL,MAAM,EACN,MAAM,EACN,iBAAiB,GAAG,CAAC,EACrB,eAAe,GAAG,kBAAkB,EACpC,UAAU,GACyB;IACnC,0CAA0C;IAC1C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC;YAChC,KAAK;YACL,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;YACjC,MAAM;YACN,eAAe;SAChB,CAAC,CAAC;QACH,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAoB,EAAE,cAAc,EAAE,CAAC,EAAE,CAAC;IACpE,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,MAAM,KAAK,CAAC;QAC3D,IAAI,iBAAiB,IAAI,CAAC;YAAE,MAAM,KAAK,CAAC;QAExC,2CAA2C;QAC3C,MAAM,QAAQ,GAA2D;YACvE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE;YACjC,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,KAAK,CAAC,IAAI,IAAI,EAAE,EAAE;YAChD;gBACE,IAAI,EAAE,MAAM;gBACZ,OAAO,EAAE,4CAA4C,qBAAqB,CAAC,KAAK,CAAC,KAAK,CAAC,sEAAsE;aAC9J;SACF,CAAC;QAEF,IAAI,SAAS,GAAY,KAAK,CAAC;QAE/B,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,iBAAiB,EAAE,OAAO,EAAE,EAAE,CAAC;YAC7D,UAAU,EAAE,CAAC,iBAAiB,OAAO,GAAG,CAAC,IAAI,iBAAiB,KAAK,CAAC,CAAC;YACrE,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC;oBAChC,KAAK;oBACL,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;oBACjC,QAAQ;oBACR,eAAe;iBAChB,CAAC,CAAC;gBACH,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAoB,EAAE,cAAc,EAAE,OAAO,GAAG,CAAC,EAAE,CAAC;YAC9E,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBACpB,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,UAAU,CAAC;oBAAE,MAAM,UAAU,CAAC;gBACrE,SAAS,GAAG,UAAU,CAAC;gBAEvB,wDAAwD;gBACxD,QAAQ,CAAC,IAAI,CACX,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,CAAC,IAAI,IAAI,EAAE,EAAE,EACrD;oBACE,IAAI,EAAE,MAAM;oBACZ,OAAO,EAAE,qCAAqC,qBAAqB,CAAC,UAAU,CAAC,KAAK,CAAC,sEAAsE;iBAC5J,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,SAAS,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/pipeline/handwritten-scenarios.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Mandatory handwritten test scenarios derived from existing policy engine tests.
+ *
+ * These provide human-authored ground truth that the verifier always checks,
+ * mitigating circular reasoning where the compiler and scenario generator
+ * share the same blind spots.
+ */
+import type { TestScenario } from './types.js';
+export declare function getHandwrittenScenarios(sandboxDir: string): TestScenario[];

package/dist/pipeline/handwritten-scenarios.js

@@ -0,0 +1,321 @@
+/**
+ * Mandatory handwritten test scenarios derived from existing policy engine tests.
+ *
+ * These provide human-authored ground truth that the verifier always checks,
+ * mitigating circular reasoning where the compiler and scenario generator
+ * share the same blind spots.
+ */
+export function getHandwrittenScenarios(sandboxDir) {
+    return [
+        // Read operations
+        {
+            description: 'Read file inside sandbox -- allow',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'read_file',
+                arguments: { path: `${sandboxDir}/test.txt` },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Containment principle: reads within the sandbox directory are permitted',
+            source: 'handwritten',
+        },
+        {
+            description: 'Read file outside sandbox -- escalate',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'read_file',
+                arguments: { path: '/etc/passwd' },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Human oversight principle: reads outside the sandbox require human approval',
+            source: 'handwritten',
+        },
+        {
+            description: 'List directory inside sandbox -- allow',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'list_directory',
+                arguments: { path: sandboxDir },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Containment principle: listing the sandbox directory is permitted',
+            source: 'handwritten',
+        },
+        {
+            description: 'Search files inside sandbox -- allow',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'search_files',
+                arguments: { path: sandboxDir, pattern: '*.txt' },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Containment principle: searching within the sandbox is permitted',
+            source: 'handwritten',
+        },
+        // Write operations
+        {
+            description: 'Write file inside sandbox -- allow',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'write_file',
+                arguments: { path: `${sandboxDir}/output.txt`, content: 'hello' },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Containment principle: writes within the sandbox directory are permitted',
+            source: 'handwritten',
+        },
+        {
+            description: 'Write file outside sandbox -- escalate',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'write_file',
+                arguments: { path: '/etc/test.txt', content: 'hello' },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Human oversight principle: writes outside permitted areas require human approval',
+            source: 'handwritten',
+        },
+        // Delete operations
+        {
+            description: 'Delete file inside sandbox -- allow (structural sandbox invariant)',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'delete_file',
+                arguments: { path: `${sandboxDir}/test.txt` },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Structural sandbox invariant: all paths are within the sandbox, auto-allowed before unknown-tool and compiled-rule checks',
+            source: 'handwritten',
+        },
+        {
+            description: 'Delete file outside sandbox -- deny',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'delete_file',
+                arguments: { path: '/etc/important.txt' },
+            },
+            expectedDecision: 'deny',
+            reasoning: 'No destruction principle: delete operations are never permitted',
+            source: 'handwritten',
+        },
+        // Path traversal
+        {
+            description: 'Path traversal attempt -- escalate',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'read_file',
+                arguments: { path: `${sandboxDir}/../../../etc/passwd` },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Human oversight principle: path traversal resolves outside sandbox, requires human approval',
+            source: 'handwritten',
+        },
+        // Move operations (move_file source has read-path + delete-path, destination has write-path)
+        {
+            description: 'Move file sandbox-to-sandbox -- allow (structural sandbox invariant)',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'move_file',
+                arguments: {
+                    source: `${sandboxDir}/a.txt`,
+                    destination: `${sandboxDir}/b.txt`,
+                },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Structural sandbox invariant: all paths are within the sandbox, auto-allowed before compiled rules',
+            source: 'handwritten',
+        },
+        {
+            description: 'Move file sandbox-to-external -- escalate (source sandbox-resolved, write-path escalated)',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'move_file',
+                arguments: {
+                    source: `${sandboxDir}/a.txt`,
+                    destination: '/tmp/outside/b.txt',
+                },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Source roles (read-path, delete-path) are sandbox-resolved. Only write-path on external destination is evaluated → escalate.',
+            source: 'handwritten',
+        },
+        {
+            description: 'Move file external-to-sandbox -- deny (source has delete-path)',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'move_file',
+                arguments: {
+                    source: '/etc/important.txt',
+                    destination: `${sandboxDir}/important.txt`,
+                },
+            },
+            expectedDecision: 'deny',
+            reasoning: 'No destruction: move_file source has delete-path role, caught by deny-delete-operations',
+            source: 'handwritten',
+        },
+        {
+            description: 'Move file external-to-external -- deny (source has delete-path)',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'move_file',
+                arguments: {
+                    source: '/etc/a.txt',
+                    destination: '/tmp/outside/b.txt',
+                },
+            },
+            expectedDecision: 'deny',
+            reasoning: 'No destruction: move_file source has delete-path role, caught by deny-delete-operations',
+            source: 'handwritten',
+        },
+        // Side-effect-free tool
+        {
+            description: 'list_allowed_directories (side-effect-free) -- allow',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'list_allowed_directories',
+                arguments: {},
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Least privilege: no side effects, no path arguments, safe to allow',
+            source: 'handwritten',
+        },
+        // Unknown tool
+        {
+            description: 'Unknown tool -- deny (structural invariant)',
+            request: {
+                serverName: 'filesystem',
+                toolName: 'execute_command',
+                arguments: { command: 'rm -rf /' },
+            },
+            expectedDecision: 'deny',
+            reasoning: 'Structural invariant: unknown tools with no annotation are denied',
+            source: 'handwritten',
+        },
+        // ── Git read operations in sandbox → allow ────────────────────────
+        {
+            description: 'Git status in sandbox -- allow',
+            request: {
+                serverName: 'git',
+                toolName: 'git_status',
+                arguments: { path: sandboxDir },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Read-only git operation within the sandbox is allowed by containment principle',
+            source: 'handwritten',
+        },
+        {
+            description: 'Git log in sandbox -- allow',
+            request: {
+                serverName: 'git',
+                toolName: 'git_log',
+                arguments: { path: sandboxDir },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Read-only git operation within the sandbox is allowed by containment principle',
+            source: 'handwritten',
+        },
+        {
+            description: 'Git diff in sandbox -- allow',
+            request: {
+                serverName: 'git',
+                toolName: 'git_diff',
+                arguments: { path: sandboxDir },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Read-only git operation within the sandbox is allowed by containment principle',
+            source: 'handwritten',
+        },
+        // ── Git write operations in sandbox → allow ───────────────────────
+        {
+            description: 'Git add in sandbox -- allow',
+            request: {
+                serverName: 'git',
+                toolName: 'git_add',
+                arguments: { path: sandboxDir, files: ['test.txt'] },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Staging files within the sandbox is allowed by containment principle',
+            source: 'handwritten',
+        },
+        {
+            description: 'Git commit in sandbox -- allow',
+            request: {
+                serverName: 'git',
+                toolName: 'git_commit',
+                arguments: { path: sandboxDir, message: 'test commit' },
+            },
+            expectedDecision: 'allow',
+            reasoning: 'Committing within the sandbox is allowed by containment principle',
+            source: 'handwritten',
+        },
+        // ── Git remote/destructive operations → escalate ──────────────────
+        {
+            description: 'Git push from sandbox -- escalate',
+            request: {
+                serverName: 'git',
+                toolName: 'git_push',
+                arguments: { path: sandboxDir, remote: 'origin' },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Push is a remote-contacting operation that requires human approval',
+            source: 'handwritten',
+        },
+        {
+            description: 'Git pull to sandbox -- escalate',
+            request: {
+                serverName: 'git',
+                toolName: 'git_pull',
+                arguments: { path: sandboxDir, remote: 'origin' },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Pull is a remote-contacting operation that requires human approval',
+            source: 'handwritten',
+        },
+        {
+            description: 'Git reset in sandbox -- escalate',
+            request: {
+                serverName: 'git',
+                toolName: 'git_reset',
+                arguments: { path: sandboxDir, mode: 'hard' },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Reset is a history-rewriting operation that requires human approval',
+            source: 'handwritten',
+        },
+        {
+            description: 'Git merge in sandbox -- escalate',
+            request: {
+                serverName: 'git',
+                toolName: 'git_merge',
+                arguments: { path: sandboxDir, branch: 'feature' },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Merge is a history-rewriting operation that requires human approval',
+            source: 'handwritten',
+        },
+        {
+            description: 'Git branch delete in sandbox -- escalate',
+            request: {
+                serverName: 'git',
+                toolName: 'git_branch',
+                arguments: { path: sandboxDir, name: 'old-branch', delete: true },
+            },
+            expectedDecision: 'escalate',
+            reasoning: 'Branch deletion requires human approval',
+            source: 'handwritten',
+        },
+        // ── Unknown git tool → deny ───────────────────────────────────────
+        {
+            description: 'Unknown git tool -- deny (structural invariant)',
+            request: {
+                serverName: 'git',
+                toolName: 'git_execute_arbitrary',
+                arguments: { command: 'rm -rf /' },
+            },
+            expectedDecision: 'deny',
+            reasoning: 'Structural invariant: unknown tools with no annotation are denied',
+            source: 'handwritten',
+        },
+    ];
+}
+//# sourceMappingURL=handwritten-scenarios.js.map

package/dist/pipeline/handwritten-scenarios.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"handwritten-scenarios.js","sourceRoot":"","sources":["../../src/pipeline/handwritten-scenarios.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,MAAM,UAAU,uBAAuB,CAAC,UAAkB;IACxD,OAAO;QACL,kBAAkB;QAClB;YACE,WAAW,EAAE,mCAAmC;YAChD,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE,EAAE,IAAI,EAAE,GAAG,UAAU,WAAW,EAAE;aAC9C;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,yEAAyE;YACpF,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,uCAAuC;YACpD,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE;aACnC;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,6EAA6E;YACxF,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,wCAAwC;YACrD,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,gBAAgB;gBAC1B,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;aAChC;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,mEAAmE;YAC9E,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,sCAAsC;YACnD,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,cAAc;gBACxB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE;aAClD;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,kEAAkE;YAC7E,MAAM,EAAE,aAAa;SACtB;QAED,mBAAmB;QACnB;YACE,WAAW,EAAE,oCAAoC;YACjD,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,YAAY;gBACtB,SAAS,EAAE,EAAE,IAAI,EAAE,GAAG,UAAU,aAAa,EAAE,OAAO,EAAE,OAAO,EAAE;aAClE;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,0EAA0E;YACrF,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,wCAAwC;YACrD,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,YAAY;gBACtB,SAAS,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,OAAO,EAAE;aACvD;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,kFAAkF;YAC7F,MAAM,EAAE,aAAa;SACtB;QAED,oBAAoB;QACpB;YACE,WAAW,EAAE,oEAAoE;YACjF,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,aAAa;gBACvB,SAAS,EAAE,EAAE,IAAI,EAAE,GAAG,UAAU,WAAW,EAAE;aAC9C;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,2HAA2H;YACtI,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,qCAAqC;YAClD,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,aAAa;gBACvB,SAAS,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE;aAC1C;YACD,gBAAgB,EAAE,MAAM;YACxB,SAAS,EAAE,iEAAiE;YAC5E,MAAM,EAAE,aAAa;SACtB;QAED,iBAAiB;QACjB;YACE,WAAW,EAAE,oCAAoC;YACjD,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE,EAAE,IAAI,EAAE,GAAG,UAAU,sBAAsB,EAAE;aACzD;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,6FAA6F;YACxG,MAAM,EAAE,aAAa;SACtB;QAED,6FAA6F;QAC7F;YACE,WAAW,EAAE,sEAAsE;YACnF,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE;oBACT,MAAM,EAAE,GAAG,UAAU,QAAQ;oBAC7B,WAAW,EAAE,GAAG,UAAU,QAAQ;iBACnC;aACF;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,oGAAoG;YAC/G,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,2FAA2F;YACxG,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE;oBACT,MAAM,EAAE,GAAG,UAAU,QAAQ;oBAC7B,WAAW,EAAE,oBAAoB;iBAClC;aACF;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,8HAA8H;YACzI,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,gEAAgE;YAC7E,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE;oBACT,MAAM,EAAE,oBAAoB;oBAC5B,WAAW,EAAE,GAAG,UAAU,gBAAgB;iBAC3C;aACF;YACD,gBAAgB,EAAE,MAAM;YACxB,SAAS,EAAE,yFAAyF;YACpG,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,iEAAiE;YAC9E,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE;oBACT,MAAM,EAAE,YAAY;oBACpB,WAAW,EAAE,oBAAoB;iBAClC;aACF;YACD,gBAAgB,EAAE,MAAM;YACxB,SAAS,EAAE,yFAAyF;YACpG,MAAM,EAAE,aAAa;SACtB;QAED,wBAAwB;QACxB;YACE,WAAW,EAAE,sDAAsD;YACnE,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,0BAA0B;gBACpC,SAAS,EAAE,EAAE;aACd;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,oEAAoE;YAC/E,MAAM,EAAE,aAAa;SACtB;QAED,eAAe;QACf;YACE,WAAW,EAAE,6CAA6C;YAC1D,OAAO,EAAE;gBACP,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,iBAAiB;gBAC3B,SAAS,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE;aACnC;YACD,gBAAgB,EAAE,MAAM;YACxB,SAAS,EAAE,mEAAmE;YAC9E,MAAM,EAAE,aAAa;SACtB;QAED,qEAAqE;QACrE;YACE,WAAW,EAAE,gCAAgC;YAC7C,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,YAAY;gBACtB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;aAChC;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,gFAAgF;YAC3F,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,6BAA6B;YAC1C,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,SAAS;gBACnB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;aAChC;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,gFAAgF;YAC3F,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,8BAA8B;YAC3C,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,UAAU;gBACpB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;aAChC;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,gFAAgF;YAC3F,MAAM,EAAE,aAAa;SACtB;QAED,qEAAqE;QACrE;YACE,WAAW,EAAE,6BAA6B;YAC1C,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,SAAS;gBACnB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,UAAU,CAAC,EAAE;aACrD;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,sEAAsE;YACjF,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,gCAAgC;YAC7C,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,YAAY;gBACtB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,aAAa,EAAE;aACxD;YACD,gBAAgB,EAAE,OAAO;YACzB,SAAS,EAAE,mEAAmE;YAC9E,MAAM,EAAE,aAAa;SACtB;QAED,qEAAqE;QACrE;YACE,WAAW,EAAE,mCAAmC;YAChD,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,UAAU;gBACpB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE;aAClD;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,oEAAoE;YAC/E,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,iCAAiC;YAC9C,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,UAAU;gBACpB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE;aAClD;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,oEAAoE;YAC/E,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,kCAAkC;YAC/C,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE;aAC9C;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,qEAAqE;YAChF,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,kCAAkC;YAC/C,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE;aACnD;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,qEAAqE;YAChF,MAAM,EAAE,aAAa;SACtB;QACD;YACE,WAAW,EAAE,0CAA0C;YACvD,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,YAAY;gBACtB,SAAS,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE;aAClE;YACD,gBAAgB,EAAE,UAAU;YAC5B,SAAS,EAAE,yCAAyC;YACpD,MAAM,EAAE,aAAa;SACtB;QAED,qEAAqE;QACrE;YACE,WAAW,EAAE,iDAAiD;YAC9D,OAAO,EAAE;gBACP,UAAU,EAAE,KAAK;gBACjB,QAAQ,EAAE,uBAAuB;gBACjC,SAAS,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE;aACnC;YACD,gBAAgB,EAAE,MAAM;YACxB,SAAS,EAAE,mEAAmE;YAC9E,MAAM,EAAE,aAAa;SACtB;KACF,CAAC;AACJ,CAAC"}