@push.rocks/smartproxy 26.3.0 → 27.0.0

package/readme.md

@@ -44,7 +44,7 @@ Whether you're building microservices, deploying edge infrastructure, proxying U
 Get up and running in 30 seconds:
 
 ```typescript
-import { SmartProxy, createCompleteHttpsServer } from '@push.rocks/smartproxy';
+import { SmartProxy, SocketHandlers } from '@push.rocks/smartproxy';
 
 // Create a proxy with automatic HTTPS
 const proxy = new SmartProxy({
@@ -53,13 +53,25 @@ const proxy = new SmartProxy({
     useProduction: true
   },
   routes: [
-    // Complete HTTPS setup in one call! ✨
-    ...createCompleteHttpsServer('app.example.com', {
-      host: 'localhost',
-      port: 3000
-    }, {
-      certificate: 'auto'  // Automatic Let's Encrypt cert 🎩
-    })
+    // HTTPS route with automatic Let's Encrypt cert
+    {
+      name: 'https-app',
+      match: { ports: 443, domains: 'app.example.com' },
+      action: {
+        type: 'forward',
+        targets: [{ host: 'localhost', port: 3000 }],
+        tls: { mode: 'terminate', certificate: 'auto' }
+      }
+    },
+    // HTTP → HTTPS redirect
+    {
+      name: 'http-redirect',
+      match: { ports: 80, domains: 'app.example.com' },
+      action: {
+        type: 'socket-handler',
+        socketHandler: SocketHandlers.httpRedirect('https://{domain}:443{path}', 301)
+      }
+    }
   ]
 });
 
@@ -111,31 +123,38 @@ SmartProxy supports three TLS handling modes:
 ### 🌐 HTTP to HTTPS Redirect
 
 ```typescript
-import { SmartProxy, createHttpToHttpsRedirect } from '@push.rocks/smartproxy';
+import { SmartProxy, SocketHandlers } from '@push.rocks/smartproxy';
 
 const proxy = new SmartProxy({
-  routes: [
-    createHttpToHttpsRedirect(['example.com', '*.example.com'])
-  ]
+  routes: [{
+    name: 'http-to-https',
+    match: { ports: 80, domains: ['example.com', '*.example.com'] },
+    action: {
+      type: 'socket-handler',
+      socketHandler: SocketHandlers.httpRedirect('https://{domain}:443{path}', 301)
+    }
+  }]
 });
 ```
 
 ### ⚖️ Load Balancer with Health Checks
 
 ```typescript
-import { SmartProxy, createLoadBalancerRoute } from '@push.rocks/smartproxy';
+import { SmartProxy } from '@push.rocks/smartproxy';
 
 const proxy = new SmartProxy({
-  routes: [
-    createLoadBalancerRoute(
-      'app.example.com',
-      [
+  routes: [{
+    name: 'load-balancer',
+    match: { ports: 443, domains: 'app.example.com' },
+    action: {
+      type: 'forward',
+      targets: [
         { host: 'server1.internal', port: 8080 },
         { host: 'server2.internal', port: 8080 },
         { host: 'server3.internal', port: 8080 }
       ],
-      {
-        tls: { mode: 'terminate', certificate: 'auto' },
+      tls: { mode: 'terminate', certificate: 'auto' },
+      loadBalancing: {
         algorithm: 'round-robin',
         healthCheck: {
           path: '/health',
@@ -145,57 +164,68 @@ const proxy = new SmartProxy({
           healthyThreshold: 2
         }
       }
-    )
-  ]
+    }
+  }]
 });
 ```
 
 ### 🔌 WebSocket Proxy
 
 ```typescript
-import { SmartProxy, createWebSocketRoute } from '@push.rocks/smartproxy';
+import { SmartProxy } from '@push.rocks/smartproxy';
 
 const proxy = new SmartProxy({
-  routes: [
-    createWebSocketRoute(
-      'ws.example.com',
-      { host: 'websocket-server', port: 8080 },
-      {
-        path: '/socket',
-        useTls: true,
-        certificate: 'auto',
+  routes: [{
+    name: 'websocket',
+    match: { ports: 443, domains: 'ws.example.com', path: '/socket' },
+    priority: 100,
+    action: {
+      type: 'forward',
+      targets: [{ host: 'websocket-server', port: 8080 }],
+      tls: { mode: 'terminate', certificate: 'auto' },
+      websocket: {
+        enabled: true,
         pingInterval: 30000,
         pingTimeout: 10000
       }
-    )
-  ]
+    }
+  }]
 });
 ```
 
 ### 🚦 API Gateway with Rate Limiting
 
 ```typescript
-import { SmartProxy, createApiGatewayRoute, addRateLimiting } from '@push.rocks/smartproxy';
-
-let apiRoute = createApiGatewayRoute(
-  'api.example.com',
-  '/api',
-  { host: 'api-backend', port: 8080 },
-  {
-    useTls: true,
-    certificate: 'auto',
-    addCorsHeaders: true
-  }
-);
+import { SmartProxy } from '@push.rocks/smartproxy';
 
-// Add rate limiting — 100 requests per minute per IP
-apiRoute = addRateLimiting(apiRoute, {
-  maxRequests: 100,
-  window: 60,
-  keyBy: 'ip'
+const proxy = new SmartProxy({
+  routes: [{
+    name: 'api-gateway',
+    match: { ports: 443, domains: 'api.example.com', path: '/api/*' },
+    priority: 100,
+    action: {
+      type: 'forward',
+      targets: [{ host: 'api-backend', port: 8080 }],
+      tls: { mode: 'terminate', certificate: 'auto' }
+    },
+    headers: {
+      response: {
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
+        'Access-Control-Allow-Headers': 'Content-Type, Authorization',
+        'Access-Control-Max-Age': '86400'
+      }
+    },
+    security: {
+      rateLimit: {
+        enabled: true,
+        maxRequests: 100,
+        window: 60,
+        keyBy: 'ip'
+      }
+    }
+  }]
 });
-
-const proxy = new SmartProxy({ routes: [apiRoute] });
 ```
 
 ### 🎮 Custom Protocol Handler (TCP)
@@ -203,36 +233,40 @@ const proxy = new SmartProxy({ routes: [apiRoute] });
 SmartProxy lets you implement any protocol with full socket control. Routes with JavaScript socket handlers are automatically relayed from the Rust engine back to your TypeScript code:
 
 ```typescript
-import { SmartProxy, createSocketHandlerRoute, SocketHandlers } from '@push.rocks/smartproxy';
-
-// Use pre-built handlers
-const echoRoute = createSocketHandlerRoute(
-  'echo.example.com',
-  7777,
-  SocketHandlers.echo
-);
-
-// Or create your own custom protocol
-const customRoute = createSocketHandlerRoute(
-  'custom.example.com',
-  9999,
-  async (socket) => {
-    console.log(`New connection on custom protocol`);
-    socket.write('Welcome to my custom protocol!\n');
-
-    socket.on('data', (data) => {
-      const command = data.toString().trim();
-      switch (command) {
-        case 'PING': socket.write('PONG\n'); break;
-        case 'TIME': socket.write(`${new Date().toISOString()}\n`); break;
-        case 'QUIT': socket.end('Goodbye!\n'); break;
-        default: socket.write(`Unknown: ${command}\n`);
-      }
-    });
-  }
-);
+import { SmartProxy, SocketHandlers } from '@push.rocks/smartproxy';
 
-const proxy = new SmartProxy({ routes: [echoRoute, customRoute] });
+const proxy = new SmartProxy({
+  routes: [
+    // Use pre-built handlers
+    {
+      name: 'echo-server',
+      match: { ports: 7777, domains: 'echo.example.com' },
+      action: { type: 'socket-handler', socketHandler: SocketHandlers.echo }
+    },
+    // Or create your own custom protocol
+    {
+      name: 'custom-protocol',
+      match: { ports: 9999, domains: 'custom.example.com' },
+      action: {
+        type: 'socket-handler',
+        socketHandler: async (socket) => {
+          console.log(`New connection on custom protocol`);
+          socket.write('Welcome to my custom protocol!\n');
+
+          socket.on('data', (data) => {
+            const command = data.toString().trim();
+            switch (command) {
+              case 'PING': socket.write('PONG\n'); break;
+              case 'TIME': socket.write(`${new Date().toISOString()}\n`); break;
+              case 'QUIT': socket.end('Goodbye!\n'); break;
+              default: socket.write(`Unknown: ${command}\n`);
+            }
+          });
+        }
+      }
+    }
+  ]
+});
 ```
 
 **Pre-built Socket Handlers:**
@@ -387,20 +421,23 @@ const dualStackRoute: IRouteConfig = {
 For ultra-low latency on Linux, use kernel-level forwarding via [`@push.rocks/smartnftables`](https://code.foss.global/push.rocks/smartnftables) (requires root):
 
 ```typescript
-import { SmartProxy, createNfTablesTerminateRoute } from '@push.rocks/smartproxy';
+import { SmartProxy } from '@push.rocks/smartproxy';
 
 const proxy = new SmartProxy({
-  routes: [
-    createNfTablesTerminateRoute(
-      'fast.example.com',
-      { host: 'backend', port: 8080 },
-      {
-        ports: 443,
-        certificate: 'auto',
+  routes: [{
+    name: 'nftables-fast',
+    match: { ports: 443, domains: 'fast.example.com' },
+    action: {
+      type: 'forward',
+      forwardingEngine: 'nftables',
+      targets: [{ host: 'backend', port: 8080 }],
+      tls: { mode: 'terminate', certificate: 'auto' },
+      nftables: {
+        protocol: 'tcp',
         preserveSourceIP: true  // Backend sees real client IP
       }
-    )
-  ]
+    }
+  }]
 });
 ```
 
@@ -409,15 +446,18 @@ const proxy = new SmartProxy({
 Forward encrypted traffic to backends without terminating TLS — the proxy routes based on the SNI hostname alone:
 
 ```typescript
-import { SmartProxy, createHttpsPassthroughRoute } from '@push.rocks/smartproxy';
+import { SmartProxy } from '@push.rocks/smartproxy';
 
 const proxy = new SmartProxy({
-  routes: [
-    createHttpsPassthroughRoute('secure.example.com', {
-      host: 'backend-that-handles-tls',
-      port: 8443
-    })
-  ]
+  routes: [{
+    name: 'sni-passthrough',
+    match: { ports: 443, domains: 'secure.example.com' },
+    action: {
+      type: 'forward',
+      targets: [{ host: 'backend-that-handles-tls', port: 8443 }],
+      tls: { mode: 'passthrough' }
+    }
+  }]
 });
 ```
 
@@ -524,15 +564,7 @@ Comprehensive per-route security options:
 }
 ```
 
-**Security modifier helpers** let you add security to any existing route:
-
-```typescript
-import { addRateLimiting, addBasicAuth, addJwtAuth } from '@push.rocks/smartproxy';
-
-let route = createHttpsTerminateRoute('api.example.com', { host: 'backend', port: 8080 });
-route = addRateLimiting(route, { maxRequests: 100, window: 60, keyBy: 'ip' });
-route = addBasicAuth(route, { users: [{ username: 'admin', password: 'secret' }] });
-```
+Security options are configured directly on each route's `security` property — no separate helpers needed.
 
 ### 📊 Runtime Management
 
@@ -712,7 +744,7 @@ SmartProxy uses a hybrid **Rust + TypeScript** architecture:
 ```
 
 - **Rust Engine** handles all networking: TCP, UDP, TLS, QUIC, HTTP proxying, connection management, security, and metrics
-- **TypeScript** provides the npm API, configuration types, route helpers, validation, and handler callbacks
+- **TypeScript** provides the npm API, configuration types, validation, and handler callbacks
 - **NFTables** managed by [`@push.rocks/smartnftables`](https://code.foss.global/push.rocks/smartnftables) — kernel-level DNAT/SNAT forwarding, firewall rules, and rate limiting via the `nft` CLI
 - **IPC** — The TypeScript wrapper uses JSON commands/events over stdin/stdout to communicate with the Rust binary
 - **Socket/Datagram Relay** — Unix domain socket servers for routes requiring TypeScript-side handling (socket handlers, datagram handlers, dynamic host/port functions)
@@ -858,47 +890,13 @@ interface IRouteQuic {
 }
 ```
 
-## 🛠️ Helper Functions Reference
-
-All helpers are fully typed and return `IRouteConfig` or `IRouteConfig[]`:
+## 🛠️ Exports Reference
 
 ```typescript
 import {
-  // HTTP/HTTPS
-  createHttpRoute,                 // Plain HTTP route
-  createHttpsTerminateRoute,       // HTTPS with TLS termination
-  createHttpsPassthroughRoute,     // SNI passthrough (no termination)
-  createHttpToHttpsRedirect,       // HTTP → HTTPS redirect
-  createCompleteHttpsServer,       // HTTPS + redirect combo (returns IRouteConfig[])
-
-  // Load Balancing
-  createLoadBalancerRoute,         // Multi-backend with health checks
-  createSmartLoadBalancer,         // Dynamic domain-based backend selection
-
-  // API & WebSocket
-  createApiRoute,                  // API route with path matching
-  createApiGatewayRoute,           // API gateway with CORS
-  createWebSocketRoute,            // WebSocket-enabled route
-
-  // Custom Protocols
-  createSocketHandlerRoute,        // Custom TCP socket handler
-  SocketHandlers,                  // Pre-built handlers (echo, proxy, block, etc.)
-
-  // NFTables (Linux, requires root)
-  createNfTablesRoute,             // Kernel-level packet forwarding
-  createNfTablesTerminateRoute,    // NFTables + TLS termination
-  createCompleteNfTablesHttpsServer, // NFTables HTTPS + redirect combo
-
-  // Dynamic Routing
-  createPortMappingRoute,          // Port mapping with context
-  createOffsetPortMappingRoute,    // Simple port offset
-  createDynamicRoute,              // Dynamic host/port via functions
-  createPortOffset,                // Port offset factory
-
-  // Security Modifiers
-  addRateLimiting,                 // Add rate limiting to any route
-  addBasicAuth,                    // Add basic auth to any route
-  addJwtAuth,                      // Add JWT auth to any route
+  // Core
+  SmartProxy,                      // Main proxy class
+  SocketHandlers,                  // Pre-built socket handlers (echo, proxy, block, httpRedirect, httpServer, etc.)
 
   // Route Utilities
   mergeRouteConfigs,               // Deep-merge two route configs
@@ -910,7 +908,7 @@ import {
 } from '@push.rocks/smartproxy';
 ```
 
-> **Tip:** For UDP datagram handler routes or QUIC/HTTP3 routes, construct `IRouteConfig` objects directly — there are no helper functions for these yet. See the [UDP Datagram Handler](#-udp-datagram-handler) and [QUIC / HTTP3 Forwarding](#-quic--http3-forwarding) examples above.
+All routes are configured as plain `IRouteConfig` objects with `match` and `action` properties — see the examples throughout this document.
 
 ## 📖 API Documentation
 

package/ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '26.3.0',
+  version: '27.0.0',
   description: 'A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.'
 }

package/ts/proxies/smart-proxy/utils/index.ts

@@ -2,12 +2,9 @@
  * SmartProxy Route Utilities
  *
  * This file exports all route-related utilities for the SmartProxy module,
- * including helpers, validators, utilities, and patterns for working with routes.
+ * including validators, utilities, and socket handlers for working with routes.
  */
 
-// Export route helpers for creating route configurations
-export * from './route-helpers.js';
-
 // Export route validator (class-based and functional API)
 export * from './route-validator.js';
 
@@ -20,10 +17,5 @@ export { generateDefaultCertificate } from './default-cert-generator.js';
 // Export concurrency semaphore
 export { ConcurrencySemaphore } from './concurrency-semaphore.js';
 
-// Export additional functions from route-helpers that weren't already exported
-export {
-  createApiGatewayRoute,
-  addRateLimiting,
-  addBasicAuth,
-  addJwtAuth
-} from './route-helpers.js';
+// Export socket handlers
+export { SocketHandlers } from './socket-handlers.js';

package/ts/proxies/smart-proxy/utils/{route-helpers/socket-handlers.ts → socket-handlers.ts}

@@ -5,9 +5,9 @@
  * like echoing, proxying, HTTP responses, and redirects.
  */
 
-import * as plugins from '../../../../plugins.js';
-import type { IRouteConfig, TPortRange, IRouteContext } from '../../models/route-types.js';
-import { createSocketTracker } from '../../../../core/utils/socket-tracker.js';
+import * as plugins from '../../../plugins.js';
+import type { IRouteContext } from '../models/route-types.js';
+import { createSocketTracker } from '../../../core/utils/socket-tracker.js';
 
 /**
  * Minimal HTTP request parser for socket handlers.
@@ -308,31 +308,3 @@ export const SocketHandlers = {
     });
   }
 };
-
-/**
- * Create a socket handler route configuration
- */
-export function createSocketHandlerRoute(
-  domains: string | string[],
-  ports: TPortRange,
-  handler: (socket: plugins.net.Socket) => void | Promise<void>,
-  options: {
-    name?: string;
-    priority?: number;
-    path?: string;
-  } = {}
-): IRouteConfig {
-  return {
-    name: options.name || 'socket-handler-route',
-    priority: options.priority !== undefined ? options.priority : 50,
-    match: {
-      domains,
-      ports,
-      ...(options.path && { path: options.path })
-    },
-    action: {
-      type: 'socket-handler',
-      socketHandler: handler
-    }
-  };
-}

package/dist_ts/proxies/smart-proxy/utils/route-helpers/api-helpers.d.ts

@@ -1,49 +0,0 @@
-/**
- * API Route Helper Functions
- *
- * This module provides utility functions for creating API route configurations.
- */
-import type { IRouteConfig } from '../../models/route-types.js';
-/**
- * Create an API route configuration
- * @param domains Domain(s) to match
- * @param apiPath API base path (e.g., "/api")
- * @param target Target host and port
- * @param options Additional route options
- * @returns Route configuration object
- */
-export declare function createApiRoute(domains: string | string[], apiPath: string, target: {
-    host: string | string[];
-    port: number;
-}, options?: {
-    useTls?: boolean;
-    certificate?: 'auto' | {
-        key: string;
-        cert: string;
-    };
-    addCorsHeaders?: boolean;
-    httpPort?: number | number[];
-    httpsPort?: number | number[];
-    name?: string;
-    [key: string]: any;
-}): IRouteConfig;
-/**
- * Create an API Gateway route pattern
- * @param domains Domain(s) to match
- * @param apiBasePath Base path for API endpoints (e.g., '/api')
- * @param target Target host and port
- * @param options Additional route options
- * @returns API route configuration
- */
-export declare function createApiGatewayRoute(domains: string | string[], apiBasePath: string, target: {
-    host: string | string[];
-    port: number;
-}, options?: {
-    useTls?: boolean;
-    certificate?: 'auto' | {
-        key: string;
-        cert: string;
-    };
-    addCorsHeaders?: boolean;
-    [key: string]: any;
-}): IRouteConfig;

package/dist_ts/proxies/smart-proxy/utils/route-helpers/api-helpers.js

@@ -1,108 +0,0 @@
-/**
- * API Route Helper Functions
- *
- * This module provides utility functions for creating API route configurations.
- */
-import { mergeRouteConfigs } from '../route-utils.js';
-import { createHttpRoute } from './http-helpers.js';
-import { createHttpsTerminateRoute } from './https-helpers.js';
-/**
- * Create an API route configuration
- * @param domains Domain(s) to match
- * @param apiPath API base path (e.g., "/api")
- * @param target Target host and port
- * @param options Additional route options
- * @returns Route configuration object
- */
-export function createApiRoute(domains, apiPath, target, options = {}) {
-    // Normalize API path
-    const normalizedPath = apiPath.startsWith('/') ? apiPath : `/${apiPath}`;
-    const pathWithWildcard = normalizedPath.endsWith('/')
-        ? `${normalizedPath}*`
-        : `${normalizedPath}/*`;
-    // Create route match
-    const match = {
-        ports: options.useTls
-            ? (options.httpsPort || 443)
-            : (options.httpPort || 80),
-        domains,
-        path: pathWithWildcard
-    };
-    // Create route action
-    const action = {
-        type: 'forward',
-        targets: [target]
-    };
-    // Add TLS configuration if using HTTPS
-    if (options.useTls) {
-        action.tls = {
-            mode: 'terminate',
-            certificate: options.certificate || 'auto'
-        };
-    }
-    // Add CORS headers if requested
-    const headers = {};
-    if (options.addCorsHeaders) {
-        headers.response = {
-            'Access-Control-Allow-Origin': '*',
-            'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
-            'Access-Control-Allow-Headers': 'Content-Type, Authorization',
-            'Access-Control-Max-Age': '86400'
-        };
-    }
-    // Create the route config
-    return {
-        match,
-        action,
-        headers: Object.keys(headers).length > 0 ? headers : undefined,
-        name: options.name || `API Route ${normalizedPath} for ${Array.isArray(domains) ? domains.join(', ') : domains}`,
-        priority: options.priority || 100, // Higher priority for specific path matches
-        ...options
-    };
-}
-/**
- * Create an API Gateway route pattern
- * @param domains Domain(s) to match
- * @param apiBasePath Base path for API endpoints (e.g., '/api')
- * @param target Target host and port
- * @param options Additional route options
- * @returns API route configuration
- */
-export function createApiGatewayRoute(domains, apiBasePath, target, options = {}) {
-    // Normalize apiBasePath to ensure it starts with / and doesn't end with /
-    const normalizedPath = apiBasePath.startsWith('/')
-        ? apiBasePath
-        : `/${apiBasePath}`;
-    // Add wildcard to path to match all API endpoints
-    const apiPath = normalizedPath.endsWith('/')
-        ? `${normalizedPath}*`
-        : `${normalizedPath}/*`;
-    // Create base route
-    const baseRoute = options.useTls
-        ? createHttpsTerminateRoute(domains, target, {
-            certificate: options.certificate || 'auto'
-        })
-        : createHttpRoute(domains, target);
-    // Add API-specific configurations
-    const apiRoute = {
-        match: {
-            ...baseRoute.match,
-            path: apiPath
-        },
-        name: options.name || `API Gateway: ${apiPath} -> ${Array.isArray(target.host) ? target.host.join(', ') : target.host}:${target.port}`,
-        priority: options.priority || 100 // Higher priority for specific path matching
-    };
-    // Add CORS headers if requested
-    if (options.addCorsHeaders) {
-        apiRoute.headers = {
-            response: {
-                'Access-Control-Allow-Origin': '*',
-                'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
-                'Access-Control-Allow-Headers': 'Content-Type, Authorization',
-                'Access-Control-Max-Age': '86400'
-            }
-        };
-    }
-    return mergeRouteConfigs(baseRoute, apiRoute);
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBpLWhlbHBlcnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi8uLi90cy9wcm94aWVzL3NtYXJ0LXByb3h5L3V0aWxzL3JvdXRlLWhlbHBlcnMvYXBpLWhlbHBlcnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUE7Ozs7R0FJRztBQUdILE9BQU8sRUFBRSxpQkFBaUIsRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBQ3RELE9BQU8sRUFBRSxlQUFlLEVBQUUsTUFBTSxtQkFBbUIsQ0FBQztBQUNwRCxPQUFPLEVBQUUseUJBQXlCLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQztBQUUvRDs7Ozs7OztHQU9HO0FBQ0gsTUFBTSxVQUFVLGNBQWMsQ0FDNUIsT0FBMEIsRUFDMUIsT0FBZSxFQUNmLE1BQWlELEVBQ2pELFVBUUksRUFBRTtJQUVOLHFCQUFxQjtJQUNyQixNQUFNLGNBQWMsR0FBRyxPQUFPLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLElBQUksT0FBTyxFQUFFLENBQUM7SUFDekUsTUFBTSxnQkFBZ0IsR0FBRyxjQUFjLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQztRQUNuRCxDQUFDLENBQUMsR0FBRyxjQUFjLEdBQUc7UUFDdEIsQ0FBQyxDQUFDLEdBQUcsY0FBYyxJQUFJLENBQUM7SUFFMUIscUJBQXFCO0lBQ3JCLE1BQU0sS0FBSyxHQUFnQjtRQUN6QixLQUFLLEVBQUUsT0FBTyxDQUFDLE1BQU07WUFDbkIsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLFNBQVMsSUFBSSxHQUFHLENBQUM7WUFDNUIsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLFFBQVEsSUFBSSxFQUFFLENBQUM7UUFDNUIsT0FBTztRQUNQLElBQUksRUFBRSxnQkFBZ0I7S0FDdkIsQ0FBQztJQUVGLHNCQUFzQjtJQUN0QixNQUFNLE1BQU0sR0FBaUI7UUFDM0IsSUFBSSxFQUFFLFNBQVM7UUFDZixPQUFPLEVBQUUsQ0FBQyxNQUFNLENBQUM7S0FDbEIsQ0FBQztJQUVGLHVDQUF1QztJQUN2QyxJQUFJLE9BQU8sQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNuQixNQUFNLENBQUMsR0FBRyxHQUFHO1lBQ1gsSUFBSSxFQUFFLFdBQVc7WUFDakIsV0FBVyxFQUFFLE9BQU8sQ0FBQyxXQUFXLElBQUksTUFBTTtTQUMzQyxDQUFDO0lBQ0osQ0FBQztJQUVELGdDQUFnQztJQUNoQyxNQUFNLE9BQU8sR0FBMkMsRUFBRSxDQUFDO0lBQzNELElBQUksT0FBTyxDQUFDLGNBQWMsRUFBRSxDQUFDO1FBQzNCLE9BQU8sQ0FBQyxRQUFRLEdBQUc7WUFDakIsNkJBQTZCLEVBQUUsR0FBRztZQUNsQyw4QkFBOEIsRUFBRSxpQ0FBaUM7WUFDakUsOEJBQThCLEVBQUUsNkJBQTZCO1lBQzdELHdCQUF3QixFQUFFLE9BQU87U0FDbEMsQ0FBQztJQUNKLENBQUM7SUFFRCwwQkFBMEI7SUFDMUIsT0FBTztRQUNMLEtBQUs7UUFDTCxNQUFNO1FBQ04sT0FBTyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxTQUFTO1FBQzlELElBQUksRUFBRSxPQUFPLENBQUMsSUFBSSxJQUFJLGFBQWEsY0FBYyxRQUFRLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRTtRQUNoSCxRQUFRLEVBQUUsT0FBTyxDQUFDLFFBQVEsSUFBSSxHQUFHLEVBQUUsNENBQTRDO1FBQy9FLEdBQUcsT0FBTztLQUNYLENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7Ozs7R0FPRztBQUNILE1BQU0sVUFBVSxxQkFBcUIsQ0FDbkMsT0FBMEIsRUFDMUIsV0FBbUIsRUFDbkIsTUFBaUQsRUFDakQsVUFLSSxFQUFFO0lBRU4sMEVBQTBFO0lBQzFFLE1BQU0sY0FBYyxHQUFHLFdBQVcsQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDO1FBQ2hELENBQUMsQ0FBQyxXQUFXO1FBQ2IsQ0FBQyxDQUFDLElBQUksV0FBVyxFQUFFLENBQUM7SUFFdEIsa0RBQWtEO0lBQ2xELE1BQU0sT0FBTyxHQUFHLGNBQWMsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDO1FBQzFDLENBQUMsQ0FBQyxHQUFHLGNBQWMsR0FBRztRQUN0QixDQUFDLENBQUMsR0FBRyxjQUFjLElBQUksQ0FBQztJQUUxQixvQkFBb0I7SUFDcEIsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLE1BQU07UUFDOUIsQ0FBQyxDQUFDLHlCQUF5QixDQUFDLE9BQU8sRUFBRSxNQUFNLEVBQUU7WUFDekMsV0FBVyxFQUFFLE9BQU8sQ0FBQyxXQUFXLElBQUksTUFBTTtTQUMzQyxDQUFDO1FBQ0osQ0FBQyxDQUFDLGVBQWUsQ0FBQyxPQUFPLEVBQUUsTUFBTSxDQUFDLENBQUM7SUFFckMsa0NBQWtDO0lBQ2xDLE1BQU0sUUFBUSxHQUEwQjtRQUN0QyxLQUFLLEVBQUU7WUFDTCxHQUFHLFNBQVMsQ0FBQyxLQUFLO1lBQ2xCLElBQUksRUFBRSxPQUFPO1NBQ2Q7UUFDRCxJQUFJLEVBQUUsT0FBTyxDQUFDLElBQUksSUFBSSxnQkFBZ0IsT0FBTyxPQUFPLEtBQUssQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLElBQUksSUFBSSxNQUFNLENBQUMsSUFBSSxFQUFFO1FBQ3RJLFFBQVEsRUFBRSxPQUFPLENBQUMsUUFBUSxJQUFJLEdBQUcsQ0FBQyw2Q0FBNkM7S0FDaEYsQ0FBQztJQUVGLGdDQUFnQztJQUNoQyxJQUFJLE9BQU8sQ0FBQyxjQUFjLEVBQUUsQ0FBQztRQUMzQixRQUFRLENBQUMsT0FBTyxHQUFHO1lBQ2pCLFFBQVEsRUFBRTtnQkFDUiw2QkFBNkIsRUFBRSxHQUFHO2dCQUNsQyw4QkFBOEIsRUFBRSxpQ0FBaUM7Z0JBQ2pFLDhCQUE4QixFQUFFLDZCQUE2QjtnQkFDN0Qsd0JBQXdCLEVBQUUsT0FBTzthQUNsQztTQUNGLENBQUM7SUFDSixDQUFDO0lBRUQsT0FBTyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUUsUUFBUSxDQUFDLENBQUM7QUFDaEQsQ0FBQyJ9