npm - @qnsp/tenant-sdk - Versions diffs - 0.1.1 → 0.3.0 - Mend

@qnsp/tenant-sdk 0.1.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/CHANGELOG.md +99 -0
package/README.md +2 -2
package/dist/index.d.ts +190 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +347 -4
package/dist/index.js.map +1 -1
package/package.json +9 -9
package/src/index.test.ts +5 -0
package/src/index.ts +562 -5
package/tsconfig.tsbuildinfo +1 -1
package/.turbo/turbo-build.log +0 -5
package/.turbo/turbo-lint.log +0 -6
package/.turbo/turbo-test.log +0 -58
package/.turbo/turbo-typecheck.log +0 -5

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,104 @@
 # @qnsp/tenant-sdk
+## 0.3.0
+### Minor Changes
+- Enforce mandatory API key at SDK construction time (BREAKING)
+  - All SDK clients (except @qnsp/browser-sdk) now require `apiKey` at
+    construction time. Constructors throw a clear error with signup URL,
+    free tier details, and documentation link if apiKey is missing or empty.
+  - Removed runtime 401 no-apiKey checks — validation is now fail-fast at
+    construction, not at request time.
+  - Removed conditional `if (apiKey)` guards on Authorization headers —
+    headers are always set since apiKey is guaranteed non-empty.
+  - @qnsp/kms-client: `apiToken` parameter is now required in the string
+    overload of `HttpKmsServiceClient` constructor.
+  - @qnsp/browser-sdk: Added opt-in telemetry module (`configureTelemetry`,
+    `recordTelemetryEvent`, `flushTelemetry`) for usage analytics without
+    collecting PII or cryptographic material. No API key required (local-only
+    PQC crypto).
+  - Updated cloud portal SDK factory functions to always pass apiKey.
+  - Updated crypto-inventory-service internal callers to always pass apiKey.
+  - Updated all SDK documentation examples to include apiKey.
+  - Updated developer hub quickstart code examples.
+### Patch Changes
+- ad6d0d4: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
+- b7599c7: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
+- be1dd80: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
+- 0f7ee07: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
+- 2b5dff8: Automated changeset generated for staged code updates to keep release workflows fully synchronized.
+- Enterprise-grade SDK hardening across all API-calling SDKs:
+  1. **Constructor validation**: Runtime guards for required API key/token with developer-friendly error messages
+  2. **HTTPS enforcement**: All SDKs reject non-HTTPS baseUrl in production (HTTP allowed only for localhost in development/test)
+  3. **Rate limiting with retry**: 429 handling with Retry-After header support, exponential backoff (2^attempt \* baseDelay, capped 30s), configurable maxRetries (default 3) and retryDelayMs (default 1000)
+  4. **Error message sanitization**: HTTP error responses no longer leak server error body text; errors report status code and status text only
+  5. **Input validation**: UUID validation via Zod for all tenant/resource ID parameters (storage-sdk, search-sdk, kms-client, ai-sdk)
+  6. **Telemetry hooks**: OpenTelemetry-based observability with configurable OTLP export, request counters, failure counters, and duration histograms (auth-sdk, crypto-inventory-sdk, kms-client, ai-sdk, search-sdk)
+- 7256284: SDK onboarding error messages and edge gateway universal auth enforcement
+  - All 12 SDKs now return developer-friendly 401 error messages with signup URL
+    (https://cloud.qnsp.cuilabs.io/signup) and documentation links when API key
+    is missing and backend returns 401
+  - Edge gateway service proxy now enforces authentication on ALL non-health,
+    non-public proxy routes (previously only tenant-service and ai-orchestrator
+    intelligence routes required auth)
+  - Updated proxy enforcement E2E test to include auth header for entitlement
+    enforcement test (correctly expects 403 after auth, not 401 before auth)
+## 0.2.0
+### Minor Changes
+- Add tenant crypto policy integration and PQC algorithm utilities to all SDKs.
+  ### @qnsp/tenant-sdk
+  - Added crypto policy management APIs: `getTenantCryptoPolicy()`, `upsertTenantCryptoPolicy()`
+  - Added algorithm query methods: `getAllowedKemAlgorithms()`, `getAllowedSignatureAlgorithms()`, `getDefaultKemAlgorithm()`, `getDefaultSignatureAlgorithm()`
+  - Added `CRYPTO_POLICY_ALGORITHMS` tier configurations
+  - Added `toNistAlgorithmName()` and `ALGORITHM_TO_NIST` utilities
+  ### @qnsp/storage-sdk
+  - Added `PqcMetadata` interface with `algorithmNist` field
+  - `initiateUpload()` now returns NIST algorithm name
+  - Added `toNistAlgorithmName()` utility
+  ### @qnsp/auth-sdk
+  - Added `PqcSignatureMetadata` interface
+  - Added `toNistAlgorithmName()` and `ALGORITHM_TO_NIST` for signature algorithms
+  ### @qnsp/vault-sdk
+  - Enhanced `VaultSecretPqcMetadata` with `algorithmNist` field
+  - Added `toNistAlgorithmName()` utility
+  ### @qnsp/kms-client
+  - Added `KmsPqcMetadata` interface
+  - `wrapKey()` now returns `algorithmNist` field
+  - Added `toNistAlgorithmName()` utility
+  ### @qnsp/audit-sdk
+  - Added `toNistAlgorithmName()` and `ALGORITHM_TO_NIST` for signature algorithms
+  ### @qnsp/access-control-sdk
+  - Added `toNistAlgorithmName()` and `ALGORITHM_TO_NIST` for signature algorithms
+  ### Documentation
+  - Updated all SDK documentation with crypto policy integration examples
+  - Added algorithm naming conventions (internal vs NIST)
 ## 0.1.1
 ### Patch Changes

package/README.md CHANGED Viewed

@@ -18,7 +18,7 @@ signatures generated by the control plane; the SDK forwards your payloads but do
 import { TenantClient } from "@qnsp/tenant-sdk";
 const tenants = new TenantClient({
-  baseUrl: "https://tenant.qnsp.cuilabs.io",
+  baseUrl: "https://api.qnsp.cuilabs.io/proxy/tenant",
   apiKey: process.env.QNSP_SERVICE_TOKEN!,
 });
 ```
@@ -34,7 +34,7 @@ features, but there are no SDK-side restrictions.
 import { TenantClient } from "@qnsp/tenant-sdk";
 const tenants = new TenantClient({
-  baseUrl: "https://tenant.qnsp.cuilabs.io",
+  baseUrl: "https://api.qnsp.cuilabs.io/proxy/tenant",
   apiKey: process.env.QNSP_SERVICE_TOKEN!,
 });

package/dist/index.d.ts CHANGED Viewed

@@ -7,13 +7,132 @@ import type { TenantClientTelemetry, TenantClientTelemetryConfig } from "./obser
  */
 export interface TenantClientConfig {
     readonly baseUrl: string;
-    readonly apiKey?: string;
+    readonly apiKey: string;
     readonly timeoutMs?: number;
     readonly telemetry?: TenantClientTelemetry | TenantClientTelemetryConfig;
     readonly maxRetries?: number;
     readonly retryDelayMs?: number;
 }
 export type TenantStatus = "active" | "suspended" | "pending" | "deleted";
+export type HsmMode = "none" | "supported" | "required";
+/**
+ * Crypto policy tier determines which PQC algorithms are allowed.
+ * Maps to tenant_crypto_policies.policy_tier in tenant-service.
+ */
+export type CryptoPolicyTier = "default" | "strict" | "maximum" | "government";
+/**
+ * Crypto policy v1 uses profiles + tiers (evidence-first model).
+ */
+export type QnspTier = "TIER0_LEGACY" | "TIER1_APPROVED" | "TIER2_HIGH_ASSURANCE" | "TIER3_DIVERSITY" | "TIER4_EXPERIMENTAL";
+export type TenantType = "FREE_FOREVER" | "DEV_STARTER" | "DEV_PRO" | "DEV_ELITE" | "BUSINESS_TEAM" | "BUSINESS_ADVANCED" | "BUSINESS_ELITE" | "ENTERPRISE_STANDARD" | "ENTERPRISE_PRO" | "ENTERPRISE_ELITE" | "PUBLIC_SECTOR";
+export type CryptoProfileId = "gov-high-assurance" | "defense-long-life-data" | "financial-hybrid-pqc" | "research-eval";
+export type TenantCryptoPolicyV1Action = "CREATE" | "UPDATE" | "ROLLBACK";
+export interface CryptoPolicyV1 {
+    readonly version: "v1";
+    readonly tenantType: TenantType;
+    readonly profile: CryptoProfileId;
+    readonly enabledTiers: readonly QnspTier[];
+    readonly tier0Expiry?: string;
+    readonly tier4Acknowledgement?: {
+        readonly nonCompliant: true;
+        readonly noProductionSecrets: true;
+        readonly approvedBy: string;
+        readonly approvedAt: string;
+    };
+    readonly overrides?: {
+        readonly allowFalcon?: boolean;
+    };
+    readonly requirements: {
+        readonly fipsAligned: boolean;
+        readonly evidenceRequired: boolean;
+        readonly cryptoAgilityMetadataRequired: boolean;
+        readonly statefulLifecycleGuards: boolean;
+        readonly downgradeDetection: boolean;
+    };
+}
+export interface TenantCryptoPolicyV1Record {
+    readonly id: string;
+    readonly tenantId: string;
+    readonly version: "v1";
+    readonly policy: CryptoPolicyV1;
+    readonly policyHash: string;
+    readonly etag: string;
+    readonly createdAt: string;
+    readonly createdByPrincipal: string;
+    readonly createdByIp: string | null;
+    readonly updatedAt: string;
+    readonly updatedByPrincipal: string;
+    readonly updatedByIp: string | null;
+}
+export interface TenantCryptoPolicyV1HistoryRecord {
+    readonly id: string;
+    readonly tenantId: string;
+    readonly version: "v1";
+    readonly policy: CryptoPolicyV1;
+    readonly policyHash: string;
+    readonly action: TenantCryptoPolicyV1Action;
+    readonly reason: string | null;
+    readonly changedAt: string;
+    readonly changedByPrincipal: string;
+    readonly changedByIp: string | null;
+}
+export interface TenantCryptoPolicyV1HistoryResponse {
+    readonly tenantId: string;
+    readonly items: readonly TenantCryptoPolicyV1HistoryRecord[];
+}
+/**
+ * Tenant crypto policy configuration.
+ */
+export interface TenantCryptoPolicy {
+    readonly tenantId: string;
+    readonly policyTier: CryptoPolicyTier;
+    readonly customAllowedKemAlgorithms: readonly string[] | null;
+    readonly customAllowedSignatureAlgorithms: readonly string[] | null;
+    readonly customAllowedSymmetricAlgorithms?: readonly string[] | null;
+    readonly customForbiddenAlgorithms?: readonly string[] | null;
+    readonly requireHsmForRootKeys: boolean;
+    readonly maxKeyAgeDays: number;
+    readonly enforcementMode?: "audit" | "enforce";
+    readonly createdAt: string;
+    readonly updatedAt: string;
+}
+/**
+ * Input for creating or updating a tenant crypto policy.
+ */
+export interface TenantCryptoPolicyInput {
+    readonly policyTier: CryptoPolicyTier;
+    readonly customAllowedKemAlgorithms?: readonly string[] | null;
+    readonly customAllowedSignatureAlgorithms?: readonly string[] | null;
+    readonly requireHsmForRootKeys?: boolean;
+    readonly maxKeyAgeDays?: number;
+}
+/**
+ * Algorithm configuration per crypto policy tier.
+ */
+export interface TierAlgorithmConfig {
+    readonly kemAlgorithms: readonly string[];
+    readonly signatureAlgorithms: readonly string[];
+    readonly defaultKemAlgorithm: string;
+    readonly defaultSignatureAlgorithm: string;
+}
+/**
+ * Default algorithms per crypto policy tier.
+ */
+export declare const CRYPTO_POLICY_ALGORITHMS: Record<CryptoPolicyTier, TierAlgorithmConfig>;
+/**
+ * Mapping from internal algorithm names to NIST/standards display names.
+ * Covers all 90 PQC algorithms supported by QNSP.
+ * Canonical source: @qnsp/cryptography pqc-standards.ts ALGORITHM_NIST_NAMES
+ */
+export declare const ALGORITHM_TO_NIST: Record<string, string>;
+/**
+ * Convert internal algorithm name to NIST standardized name.
+ */
+export declare function toNistAlgorithmName(internal: string): string;
+/**
+ * Get algorithm config for a crypto policy tier.
+ */
+export declare function getAlgorithmConfigForTier(tier: CryptoPolicyTier): TierAlgorithmConfig;
 export interface TenantSecurityEnvelope {
     readonly controlPlaneTokenSha256: string | null;
     readonly pqcSignatures: readonly {
@@ -47,6 +166,7 @@ export interface Tenant {
     readonly plan: string;
     readonly region: string;
     readonly complianceTags: readonly string[];
+    readonly hsmMode: HsmMode;
     readonly metadata: Record<string, unknown>;
     readonly security: TenantSecurityEnvelope;
     readonly domains: readonly TenantDomain[];
@@ -59,6 +179,7 @@ export interface CreateTenantRequest {
     readonly plan?: string;
     readonly region?: string;
     readonly complianceTags?: readonly string[];
+    readonly hsmMode?: HsmMode;
     readonly metadata?: Record<string, unknown>;
     readonly domains?: readonly {
         readonly domain: string;
@@ -71,6 +192,7 @@ export interface UpdateTenantRequest {
     readonly plan?: string;
     readonly status?: TenantStatus;
     readonly complianceTags?: readonly string[];
+    readonly hsmMode?: HsmMode;
     readonly metadata?: Record<string, unknown>;
     readonly security: TenantSecurityEnvelope;
     readonly signature?: TenantSignature;
@@ -110,6 +232,73 @@ export declare class TenantClient {
         readonly limit?: number;
         readonly cursor?: string;
     }): Promise<ListTenantsResponse>;
+    /**
+     * Get the crypto policy for a tenant.
+     * Returns the tenant's crypto policy configuration including allowed algorithms.
+     * If no policy exists, a default policy is created and returned.
+     */
+    getTenantCryptoPolicy(tenantId: string): Promise<TenantCryptoPolicy>;
+    /**
+     * Get the v1 crypto policy for a tenant (profiles + tiers model).
+     * If no policy exists, a default policy is created and returned.
+     */
+    getTenantCryptoPolicyV1(tenantId: string): Promise<TenantCryptoPolicyV1Record>;
+    /**
+     * List v1 crypto policy history entries.
+     */
+    listTenantCryptoPolicyV1History(tenantId: string, options?: {
+        readonly limit?: number;
+    }): Promise<TenantCryptoPolicyV1HistoryResponse>;
+    /**
+     * Create or update the crypto policy for a tenant.
+     * Sets the policy tier and optional custom algorithm restrictions.
+     */
+    upsertTenantCryptoPolicy(tenantId: string, policy: TenantCryptoPolicyInput): Promise<TenantCryptoPolicy>;
+    /**
+     * Update the v1 crypto policy for a tenant (requires If-Match with current ETag).
+     */
+    updateTenantCryptoPolicyV1(tenantId: string, policy: CryptoPolicyV1, etag: string): Promise<TenantCryptoPolicyV1Record>;
+    /**
+     * Enable Tier0 legacy algorithms (time-bounded) for a tenant.
+     */
+    enableTier0Legacy(tenantId: string, input: {
+        readonly expiry: string;
+    }, etag: string): Promise<TenantCryptoPolicyV1Record>;
+    /**
+     * Disable Tier0 legacy algorithms for a tenant.
+     */
+    disableTier0Legacy(tenantId: string, etag: string): Promise<TenantCryptoPolicyV1Record>;
+    /**
+     * Enable Tier4 experimental algorithms with acknowledgement.
+     */
+    enableTier4Experimental(tenantId: string, input: {
+        readonly approvedBy: string;
+    }, etag: string): Promise<TenantCryptoPolicyV1Record>;
+    /**
+     * Roll back the v1 crypto policy to a previous history record or policy hash.
+     */
+    rollbackTenantCryptoPolicyV1(tenantId: string, input: {
+        readonly historyId?: string;
+        readonly policyHash?: string;
+    }, etag: string): Promise<TenantCryptoPolicyV1Record>;
+    /**
+     * Get the allowed KEM algorithms for a tenant based on their crypto policy.
+     * Convenience method that fetches the policy and returns the allowed algorithms.
+     */
+    getAllowedKemAlgorithms(tenantId: string): Promise<readonly string[]>;
+    /**
+     * Get the allowed signature algorithms for a tenant based on their crypto policy.
+     * Convenience method that fetches the policy and returns the allowed algorithms.
+     */
+    getAllowedSignatureAlgorithms(tenantId: string): Promise<readonly string[]>;
+    /**
+     * Get the default KEM algorithm for a tenant based on their crypto policy tier.
+     */
+    getDefaultKemAlgorithm(tenantId: string): Promise<string>;
+    /**
+     * Get the default signature algorithm for a tenant based on their crypto policy tier.
+     */
+    getDefaultSignatureAlgorithm(tenantId: string): Promise<string>;
 }
 export * from "./observability.js";
 export * from "./validation.js";

package/dist/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACX,qBAAqB,EACrB,2BAA2B,EAE3B,MAAM,oBAAoB,CAAC;AAI5B;;;;;GAKG;AAEH,MAAM,WAAW,kBAAkB;IAClC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,~~CAAC,~~EAAE,MAAM,CAAC;~~IACzB~~,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,SAAS,CAAC,EAAE,qBAAqB,GAAG,2BAA2B,CAAC;IACzE,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;CAC/B;AAUD,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,WAAW,GAAG,SAAS,GAAG,SAAS,CAAC;AAE1E,MAAM,WAAW,sBAAsB;IACtC,QAAQ,CAAC,uBAAuB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChD,QAAQ,CAAC,aAAa,EAAE,SAAS;QAChC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;QAC3B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;QACvB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;KAC3B,EAAE,CAAC;IACJ,QAAQ,CAAC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IACzC,QAAQ,CAAC,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1C,QAAQ,CAAC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;CACzC;AAED,MAAM,WAAW,eAAe;IAC/B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,YAAY;IAC5B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,MAAM;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,cAAc,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3C,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC3C,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,CAAC;IAC1C,QAAQ,CAAC,OAAO,EAAE,SAAS,YAAY,EAAE,CAAC;IAC1C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,cAAc,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC5C,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,QAAQ,CAAC,OAAO,CAAC,EAAE,SAAS;QAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;KAC5B,EAAE,CAAC;IACJ,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,CAAC;IAC1C,QAAQ,CAAC,SAAS,CAAC,EAAE,eAAe,CAAC;CACrC;AAED,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,CAAC,EAAE,YAAY,CAAC;IAC/B,QAAQ,CAAC,cAAc,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC5C,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,CAAC;IAC1C,QAAQ,CAAC,SAAS,CAAC,EAAE,eAAe,CAAC;CACrC;AAED,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,KAAK,EAAE,SAAS,MAAM,EAAE,CAAC;IAClC,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CACnC;AAWD,qBAAa,YAAY;IACxB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAA+B;IACzD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAE3B,MAAM,EAAE,kBAAkB;~~YAqCxB~~,OAAO;YAIP,gBAAgB;~~IA6G9B~~,OAAO,CAAC,oBAAoB;IAO5B;;;OAGG;IACG,YAAY,CAAC,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;~~IAkBjE~~;;;OAGG;IACG,YAAY,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;~~IAgB7E~~;;;OAGG;IACG,SAAS,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAQ5C;;;OAGG;IACG,WAAW,CAAC,OAAO,CAAC,EAAE;QAC3B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;KACzB,GAAG,OAAO,CAAC,mBAAmB,CAAC;~~CAehC~~;AAED,cAAc,oBAAoB,CAAC;AACnC,cAAc,iBAAiB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACX,qBAAqB,EACrB,2BAA2B,EAE3B,MAAM,oBAAoB,CAAC;AAI5B;;;;;GAKG;AAEH,MAAM,WAAW,kBAAkB;IAClC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,SAAS,CAAC,EAAE,qBAAqB,GAAG,2BAA2B,CAAC;IACzE,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;CAC/B;AAUD,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,WAAW,GAAG,SAAS,GAAG,SAAS,CAAC;AAE1E,MAAM,MAAM,OAAO,GAAG,MAAM,GAAG,WAAW,GAAG,UAAU,CAAC;AAExD;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,YAAY,CAAC;AAE/E;;GAEG;AACH,MAAM,MAAM,QAAQ,GACjB,cAAc,GACd,gBAAgB,GAChB,sBAAsB,GACtB,iBAAiB,GACjB,oBAAoB,CAAC;AAExB,MAAM,MAAM,UAAU,GACnB,cAAc,GACd,aAAa,GACb,SAAS,GACT,WAAW,GACX,eAAe,GACf,mBAAmB,GACnB,gBAAgB,GAChB,qBAAqB,GACrB,gBAAgB,GAChB,kBAAkB,GAClB,eAAe,CAAC;AAEnB,MAAM,MAAM,eAAe,GACxB,oBAAoB,GACpB,wBAAwB,GACxB,sBAAsB,GACtB,eAAe,CAAC;AAEnB,MAAM,MAAM,0BAA0B,GAAG,QAAQ,GAAG,QAAQ,GAAG,UAAU,CAAC;AAE1E,MAAM,WAAW,cAAc;IAC9B,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC;IACvB,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;IAChC,QAAQ,CAAC,OAAO,EAAE,eAAe,CAAC;IAClC,QAAQ,CAAC,YAAY,EAAE,SAAS,QAAQ,EAAE,CAAC;IAC3C,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,oBAAoB,CAAC,EAAE;QAC/B,QAAQ,CAAC,YAAY,EAAE,IAAI,CAAC;QAC5B,QAAQ,CAAC,mBAAmB,EAAE,IAAI,CAAC;QACnC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;QAC5B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;KAC5B,CAAC;IACF,QAAQ,CAAC,SAAS,CAAC,EAAE;QACpB,QAAQ,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC;KAC/B,CAAC;IACF,QAAQ,CAAC,YAAY,EAAE;QACtB,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;QAC9B,QAAQ,CAAC,gBAAgB,EAAE,OAAO,CAAC;QACnC,QAAQ,CAAC,6BAA6B,EAAE,OAAO,CAAC;QAChD,QAAQ,CAAC,uBAAuB,EAAE,OAAO,CAAC;QAC1C,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAC;KACrC,CAAC;CACF;AAED,MAAM,WAAW,0BAA0B;IAC1C,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAChC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CACpC;AAED,MAAM,WAAW,iCAAiC;IACjD,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAChC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,MAAM,EAAE,0BAA0B,CAAC;IAC5C,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CACpC;AAED,MAAM,WAAW,mCAAmC;IACnD,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,KAAK,EAAE,SAAS,iCAAiC,EAAE,CAAC;CAC7D;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAClC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,UAAU,EAAE,gBAAgB,CAAC;IACtC,QAAQ,CAAC,0BAA0B,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI,CAAC;IAC9D,QAAQ,CAAC,gCAAgC,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI,CAAC;IACpE,QAAQ,CAAC,gCAAgC,CAAC,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI,CAAC;IACrE,QAAQ,CAAC,yBAAyB,CAAC,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI,CAAC;IAC9D,QAAQ,CAAC,qBAAqB,EAAE,OAAO,CAAC;IACxC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,eAAe,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC;IAC/C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACvC,QAAQ,CAAC,UAAU,EAAE,gBAAgB,CAAC;IACtC,QAAQ,CAAC,0BAA0B,CAAC,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI,CAAC;IAC/D,QAAQ,CAAC,gCAAgC,CAAC,EAAE,SAAS,MAAM,EAAE,GAAG,IAAI,CAAC;IACrE,QAAQ,CAAC,qBAAqB,CAAC,EAAE,OAAO,CAAC;IACzC,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,aAAa,EAAE,SAAS,MAAM,EAAE,CAAC;IAC1C,QAAQ,CAAC,mBAAmB,EAAE,SAAS,MAAM,EAAE,CAAC;IAChD,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC;IACrC,QAAQ,CAAC,yBAAyB,EAAE,MAAM,CAAC;CAC3C;AAED;;GAEG;AACH,eAAO,MAAM,wBAAwB,EAAE,MAAM,CAAC,gBAAgB,EAAE,mBAAmB,CAyBlF,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CA0GpD,CAAC;AAEF;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAE5D;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,gBAAgB,GAAG,mBAAmB,CAErF;AAED,MAAM,WAAW,sBAAsB;IACtC,QAAQ,CAAC,uBAAuB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChD,QAAQ,CAAC,aAAa,EAAE,SAAS;QAChC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;QAC3B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;QACvB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;KAC3B,EAAE,CAAC;IACJ,QAAQ,CAAC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IACzC,QAAQ,CAAC,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1C,QAAQ,CAAC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;CACzC;AAED,MAAM,WAAW,eAAe;IAC/B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,YAAY;IAC5B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,MAAM;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,cAAc,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3C,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC3C,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,CAAC;IAC1C,QAAQ,CAAC,OAAO,EAAE,SAAS,YAAY,EAAE,CAAC;IAC1C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,cAAc,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC5C,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,QAAQ,CAAC,OAAO,CAAC,EAAE,SAAS;QAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;KAC5B,EAAE,CAAC;IACJ,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,CAAC;IAC1C,QAAQ,CAAC,SAAS,CAAC,EAAE,eAAe,CAAC;CACrC;AAED,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,CAAC,EAAE,YAAY,CAAC;IAC/B,QAAQ,CAAC,cAAc,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC5C,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,QAAQ,CAAC,QAAQ,EAAE,sBAAsB,CAAC;IAC1C,QAAQ,CAAC,SAAS,CAAC,EAAE,eAAe,CAAC;CACrC;AAED,MAAM,WAAW,mBAAmB;IACnC,QAAQ,CAAC,KAAK,EAAE,SAAS,MAAM,EAAE,CAAC;IAClC,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CACnC;AAWD,qBAAa,YAAY;IACxB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAA+B;IACzD,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAE3B,MAAM,EAAE,kBAAkB;YA8CxB,OAAO;YAIP,gBAAgB;IA2G9B,OAAO,CAAC,oBAAoB;IAO5B;;;OAGG;IACG,YAAY,CAAC,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;IAmBjE;;;OAGG;IACG,YAAY,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC;IAiB7E;;;OAGG;IACG,SAAS,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAQ5C;;;OAGG;IACG,WAAW,CAAC,OAAO,CAAC,EAAE;QAC3B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QACxB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;KACzB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAgBhC;;;;OAIG;IACG,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAQ1E;;;OAGG;IACG,uBAAuB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,0BAA0B,CAAC;IAYpF;;OAEG;IACG,+BAA+B,CACpC,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GACnC,OAAO,CAAC,mCAAmC,CAAC;IAgB/C;;;OAGG;IACG,wBAAwB,CAC7B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,uBAAuB,GAC7B,OAAO,CAAC,kBAAkB,CAAC;IAqB9B;;OAEG;IACG,0BAA0B,CAC/B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,cAAc,EACtB,IAAI,EAAE,MAAM,GACV,OAAO,CAAC,0BAA0B,CAAC;IAmBtC;;OAEG;IACG,iBAAiB,CACtB,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE;QAAE,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;KAAE,EAClC,IAAI,EAAE,MAAM,GACV,OAAO,CAAC,0BAA0B,CAAC;IAmBtC;;OAEG;IACG,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,0BAA0B,CAAC;IAmB7F;;OAEG;IACG,uBAAuB,CAC5B,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE;QAAE,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAA;KAAE,EACtC,IAAI,EAAE,MAAM,GACV,OAAO,CAAC,0BAA0B,CAAC;IAmBtC;;OAEG;IACG,4BAA4B,CACjC,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE;QAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE,EACpE,IAAI,EAAE,MAAM,GACV,OAAO,CAAC,0BAA0B,CAAC;IAyBtC;;;OAGG;IACG,uBAAuB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,MAAM,EAAE,CAAC;IAQ3E;;;OAGG;IACG,6BAA6B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,MAAM,EAAE,CAAC;IAWjF;;OAEG;IACG,sBAAsB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAK/D;;OAEG;IACG,4BAA4B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAIrE;AAED,cAAc,oBAAoB,CAAC;AACnC,cAAc,iBAAiB,CAAC"}