npm - @quantracode/vibecheck - Versions diffs - 0.0.1 - Mend

@quantracode/vibecheck 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (209) hide show

package/LICENSE +21 -0
package/README.md +839 -0
package/dist/__tests__/cli.test.d.ts +2 -0
package/dist/__tests__/cli.test.d.ts.map +1 -0
package/dist/__tests__/cli.test.js +243 -0
package/dist/__tests__/fixtures/safe-app/app/api/users/route.js +36 -0
package/dist/__tests__/fixtures/vulnerable-app/app/api/users/route.js +28 -0
package/dist/__tests__/fixtures/vulnerable-app/lib/config.d.ts +4 -0
package/dist/__tests__/fixtures/vulnerable-app/lib/config.d.ts.map +1 -0
package/dist/__tests__/fixtures/vulnerable-app/lib/config.js +6 -0
package/dist/__tests__/scanners/env-config.test.d.ts +2 -0
package/dist/__tests__/scanners/env-config.test.d.ts.map +1 -0
package/dist/__tests__/scanners/env-config.test.js +142 -0
package/dist/__tests__/scanners/nextjs-middleware.test.d.ts +2 -0
package/dist/__tests__/scanners/nextjs-middleware.test.d.ts.map +1 -0
package/dist/__tests__/scanners/nextjs-middleware.test.js +193 -0
package/dist/__tests__/scanners/scanner-packs.test.d.ts +2 -0
package/dist/__tests__/scanners/scanner-packs.test.d.ts.map +1 -0
package/dist/__tests__/scanners/scanner-packs.test.js +126 -0
package/dist/__tests__/scanners/unused-security-imports.test.d.ts +2 -0
package/dist/__tests__/scanners/unused-security-imports.test.d.ts.map +1 -0
package/dist/__tests__/scanners/unused-security-imports.test.js +145 -0
package/dist/commands/demo-artifact.d.ts +7 -0
package/dist/commands/demo-artifact.d.ts.map +1 -0
package/dist/commands/demo-artifact.js +322 -0
package/dist/commands/evaluate.d.ts +30 -0
package/dist/commands/evaluate.d.ts.map +1 -0
package/dist/commands/evaluate.js +258 -0
package/dist/commands/explain.d.ts +12 -0
package/dist/commands/explain.d.ts.map +1 -0
package/dist/commands/explain.js +214 -0
package/dist/commands/index.d.ts +7 -0
package/dist/commands/index.d.ts.map +1 -0
package/dist/commands/index.js +6 -0
package/dist/commands/intent.d.ts +21 -0
package/dist/commands/intent.d.ts.map +1 -0
package/dist/commands/intent.js +192 -0
package/dist/commands/scan.d.ts +44 -0
package/dist/commands/scan.d.ts.map +1 -0
package/dist/commands/scan.js +497 -0
package/dist/commands/waivers.d.ts +30 -0
package/dist/commands/waivers.d.ts.map +1 -0
package/dist/commands/waivers.js +249 -0
package/dist/index.d.ts +3 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +17 -0
package/dist/phase3/index.d.ts +11 -0
package/dist/phase3/index.d.ts.map +1 -0
package/dist/phase3/index.js +12 -0
package/dist/phase3/intent-miner.d.ts +32 -0
package/dist/phase3/intent-miner.d.ts.map +1 -0
package/dist/phase3/intent-miner.js +323 -0
package/dist/phase3/proof-trace-builder.d.ts +42 -0
package/dist/phase3/proof-trace-builder.d.ts.map +1 -0
package/dist/phase3/proof-trace-builder.js +441 -0
package/dist/phase3/scanners/auth-by-ui-server-gap.d.ts +15 -0
package/dist/phase3/scanners/auth-by-ui-server-gap.d.ts.map +1 -0
package/dist/phase3/scanners/auth-by-ui-server-gap.js +237 -0
package/dist/phase3/scanners/comment-claim-unproven.d.ts +14 -0
package/dist/phase3/scanners/comment-claim-unproven.d.ts.map +1 -0
package/dist/phase3/scanners/comment-claim-unproven.js +161 -0
package/dist/phase3/scanners/index.d.ts +31 -0
package/dist/phase3/scanners/index.d.ts.map +1 -0
package/dist/phase3/scanners/index.js +40 -0
package/dist/phase3/scanners/middleware-assumed-not-matching.d.ts +14 -0
package/dist/phase3/scanners/middleware-assumed-not-matching.d.ts.map +1 -0
package/dist/phase3/scanners/middleware-assumed-not-matching.js +172 -0
package/dist/phase3/scanners/validation-claimed-missing.d.ts +15 -0
package/dist/phase3/scanners/validation-claimed-missing.d.ts.map +1 -0
package/dist/phase3/scanners/validation-claimed-missing.js +204 -0
package/dist/scanners/abuse/compute-abuse.d.ts +20 -0
package/dist/scanners/abuse/compute-abuse.d.ts.map +1 -0
package/dist/scanners/abuse/compute-abuse.js +509 -0
package/dist/scanners/abuse/index.d.ts +12 -0
package/dist/scanners/abuse/index.d.ts.map +1 -0
package/dist/scanners/abuse/index.js +15 -0
package/dist/scanners/auth/index.d.ts +5 -0
package/dist/scanners/auth/index.d.ts.map +1 -0
package/dist/scanners/auth/index.js +10 -0
package/dist/scanners/auth/middleware-gap.d.ts +22 -0
package/dist/scanners/auth/middleware-gap.d.ts.map +1 -0
package/dist/scanners/auth/middleware-gap.js +203 -0
package/dist/scanners/auth/unprotected-api-route.d.ts +12 -0
package/dist/scanners/auth/unprotected-api-route.d.ts.map +1 -0
package/dist/scanners/auth/unprotected-api-route.js +126 -0
package/dist/scanners/config/index.d.ts +5 -0
package/dist/scanners/config/index.d.ts.map +1 -0
package/dist/scanners/config/index.js +10 -0
package/dist/scanners/config/insecure-defaults.d.ts +12 -0
package/dist/scanners/config/insecure-defaults.d.ts.map +1 -0
package/dist/scanners/config/insecure-defaults.js +77 -0
package/dist/scanners/config/undocumented-env.d.ts +24 -0
package/dist/scanners/config/undocumented-env.d.ts.map +1 -0
package/dist/scanners/config/undocumented-env.js +159 -0
package/dist/scanners/crypto/index.d.ts +6 -0
package/dist/scanners/crypto/index.d.ts.map +1 -0
package/dist/scanners/crypto/index.js +11 -0
package/dist/scanners/crypto/jwt-decode-unverified.d.ts +14 -0
package/dist/scanners/crypto/jwt-decode-unverified.d.ts.map +1 -0
package/dist/scanners/crypto/jwt-decode-unverified.js +87 -0
package/dist/scanners/crypto/math-random-tokens.d.ts +13 -0
package/dist/scanners/crypto/math-random-tokens.d.ts.map +1 -0
package/dist/scanners/crypto/math-random-tokens.js +80 -0
package/dist/scanners/crypto/weak-hashing.d.ts +11 -0
package/dist/scanners/crypto/weak-hashing.d.ts.map +1 -0
package/dist/scanners/crypto/weak-hashing.js +95 -0
package/dist/scanners/env-config.d.ts +24 -0
package/dist/scanners/env-config.d.ts.map +1 -0
package/dist/scanners/env-config.js +164 -0
package/dist/scanners/hallucinations/index.d.ts +4 -0
package/dist/scanners/hallucinations/index.d.ts.map +1 -0
package/dist/scanners/hallucinations/index.js +8 -0
package/dist/scanners/hallucinations/unused-security-imports.d.ts +36 -0
package/dist/scanners/hallucinations/unused-security-imports.d.ts.map +1 -0
package/dist/scanners/hallucinations/unused-security-imports.js +309 -0
package/dist/scanners/helpers/ast-helpers.d.ts +6 -0
package/dist/scanners/helpers/ast-helpers.d.ts.map +1 -0
package/dist/scanners/helpers/ast-helpers.js +945 -0
package/dist/scanners/helpers/context-builder.d.ts +17 -0
package/dist/scanners/helpers/context-builder.d.ts.map +1 -0
package/dist/scanners/helpers/context-builder.js +148 -0
package/dist/scanners/helpers/index.d.ts +3 -0
package/dist/scanners/helpers/index.d.ts.map +1 -0
package/dist/scanners/helpers/index.js +2 -0
package/dist/scanners/index.d.ts +30 -0
package/dist/scanners/index.d.ts.map +1 -0
package/dist/scanners/index.js +102 -0
package/dist/scanners/middleware/index.d.ts +4 -0
package/dist/scanners/middleware/index.d.ts.map +1 -0
package/dist/scanners/middleware/index.js +7 -0
package/dist/scanners/middleware/missing-rate-limit.d.ts +13 -0
package/dist/scanners/middleware/missing-rate-limit.d.ts.map +1 -0
package/dist/scanners/middleware/missing-rate-limit.js +140 -0
package/dist/scanners/network/cors-misconfiguration.d.ts +14 -0
package/dist/scanners/network/cors-misconfiguration.d.ts.map +1 -0
package/dist/scanners/network/cors-misconfiguration.js +89 -0
package/dist/scanners/network/index.d.ts +7 -0
package/dist/scanners/network/index.d.ts.map +1 -0
package/dist/scanners/network/index.js +18 -0
package/dist/scanners/network/missing-timeout.d.ts +15 -0
package/dist/scanners/network/missing-timeout.d.ts.map +1 -0
package/dist/scanners/network/missing-timeout.js +93 -0
package/dist/scanners/network/open-redirect.d.ts +15 -0
package/dist/scanners/network/open-redirect.d.ts.map +1 -0
package/dist/scanners/network/open-redirect.js +88 -0
package/dist/scanners/network/ssrf-prone-fetch.d.ts +12 -0
package/dist/scanners/network/ssrf-prone-fetch.d.ts.map +1 -0
package/dist/scanners/network/ssrf-prone-fetch.js +90 -0
package/dist/scanners/nextjs-middleware.d.ts +26 -0
package/dist/scanners/nextjs-middleware.d.ts.map +1 -0
package/dist/scanners/nextjs-middleware.js +246 -0
package/dist/scanners/privacy/debug-flags.d.ts +13 -0
package/dist/scanners/privacy/debug-flags.d.ts.map +1 -0
package/dist/scanners/privacy/debug-flags.js +124 -0
package/dist/scanners/privacy/index.d.ts +6 -0
package/dist/scanners/privacy/index.d.ts.map +1 -0
package/dist/scanners/privacy/index.js +11 -0
package/dist/scanners/privacy/over-broad-response.d.ts +15 -0
package/dist/scanners/privacy/over-broad-response.d.ts.map +1 -0
package/dist/scanners/privacy/over-broad-response.js +109 -0
package/dist/scanners/privacy/sensitive-logging.d.ts +11 -0
package/dist/scanners/privacy/sensitive-logging.d.ts.map +1 -0
package/dist/scanners/privacy/sensitive-logging.js +78 -0
package/dist/scanners/types.d.ts +456 -0
package/dist/scanners/types.d.ts.map +1 -0
package/dist/scanners/types.js +16 -0
package/dist/scanners/unused-security-imports.d.ts +34 -0
package/dist/scanners/unused-security-imports.d.ts.map +1 -0
package/dist/scanners/unused-security-imports.js +206 -0
package/dist/scanners/uploads/index.d.ts +5 -0
package/dist/scanners/uploads/index.d.ts.map +1 -0
package/dist/scanners/uploads/index.js +9 -0
package/dist/scanners/uploads/missing-constraints.d.ts +15 -0
package/dist/scanners/uploads/missing-constraints.d.ts.map +1 -0
package/dist/scanners/uploads/missing-constraints.js +109 -0
package/dist/scanners/uploads/public-path.d.ts +11 -0
package/dist/scanners/uploads/public-path.d.ts.map +1 -0
package/dist/scanners/uploads/public-path.js +87 -0
package/dist/scanners/validation/client-side-only.d.ts +14 -0
package/dist/scanners/validation/client-side-only.d.ts.map +1 -0
package/dist/scanners/validation/client-side-only.js +140 -0
package/dist/scanners/validation/ignored-validation.d.ts +12 -0
package/dist/scanners/validation/ignored-validation.d.ts.map +1 -0
package/dist/scanners/validation/ignored-validation.js +119 -0
package/dist/scanners/validation/index.d.ts +5 -0
package/dist/scanners/validation/index.d.ts.map +1 -0
package/dist/scanners/validation/index.js +9 -0
package/dist/utils/exclude-patterns.d.ts +35 -0
package/dist/utils/exclude-patterns.d.ts.map +1 -0
package/dist/utils/exclude-patterns.js +78 -0
package/dist/utils/file-utils.d.ts +37 -0
package/dist/utils/file-utils.d.ts.map +1 -0
package/dist/utils/file-utils.js +77 -0
package/dist/utils/fingerprint.d.ts +25 -0
package/dist/utils/fingerprint.d.ts.map +1 -0
package/dist/utils/fingerprint.js +28 -0
package/dist/utils/git-info.d.ts +14 -0
package/dist/utils/git-info.d.ts.map +1 -0
package/dist/utils/git-info.js +55 -0
package/dist/utils/index.d.ts +4 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +3 -0
package/dist/utils/progress.d.ts +42 -0
package/dist/utils/progress.d.ts.map +1 -0
package/dist/utils/progress.js +165 -0
package/dist/utils/sarif-formatter.d.ts +92 -0
package/dist/utils/sarif-formatter.d.ts.map +1 -0
package/dist/utils/sarif-formatter.js +172 -0
package/package.json +66 -0

package/dist/commands/intent.js ADDED Viewed

@@ -0,0 +1,192 @@
+/**
+ * Intent Command
+ *
+ * Generates a security intent map baseline for the codebase.
+ * Useful for tracking drift over time.
+ */
+import path from "node:path";
+import { ARTIFACT_VERSION } from "@vibecheck/schema";
+import { writeFileSync, resolvePath } from "../utils/file-utils.js";
+import { hashPath } from "../utils/fingerprint.js";
+import { getGitInfo, getRepoName } from "../utils/git-info.js";
+import { buildScanContext } from "../scanners/index.js";
+import { buildRouteMap, buildMiddlewareMap, buildAllProofTraces, calculateCoverage, mineAllIntentClaims, } from "../phase3/index.js";
+/**
+ * Execute the intent command
+ */
+export async function executeIntent(targetDir, options) {
+    const absoluteTarget = resolvePath(targetDir);
+    console.log(`Mining intent map: ${absoluteTarget}`);
+    const startTime = Date.now();
+    // Build scan context
+    console.log("Building scan context...");
+    const context = await buildScanContext(absoluteTarget);
+    console.log(`Found ${context.fileIndex.allSourceFiles.length} source files`);
+    // Build Phase 3 maps
+    console.log("\nBuilding route map...");
+    const routeMap = buildRouteMap(context);
+    console.log(`  Found ${routeMap.length} routes`);
+    console.log("Building middleware map...");
+    const middlewareMap = buildMiddlewareMap(context);
+    console.log(`  Found ${middlewareMap.length} middleware configurations`);
+    console.log("Mining intent claims...");
+    const intentMap = mineAllIntentClaims(context, routeMap);
+    console.log(`  Found ${intentMap.length} intent claims`);
+    console.log("Building proof traces...");
+    const proofTraces = buildAllProofTraces(context, routeMap);
+    console.log(`  Built ${proofTraces.size} proof traces`);
+    console.log("Calculating coverage...");
+    const coverage = calculateCoverage(routeMap, proofTraces, middlewareMap);
+    const endTime = Date.now();
+    console.log(`\nCompleted in ${endTime - startTime}ms`);
+    // Create artifact
+    const artifact = createIntentArtifact(routeMap, middlewareMap, intentMap, proofTraces, coverage, absoluteTarget, options.repoName);
+    // Determine output path
+    let outputPath = options.out;
+    if (!path.isAbsolute(outputPath)) {
+        outputPath = resolvePath(absoluteTarget, outputPath);
+    }
+    // Write artifact
+    if (options.format === "json") {
+        writeFileSync(outputPath, JSON.stringify(artifact, null, 2));
+        console.log(`\nIntent map written to: ${outputPath}`);
+    }
+    // Print summary
+    printIntentSummary(artifact);
+    return 0;
+}
+/**
+ * Create intent map artifact
+ */
+function createIntentArtifact(routeMap, middlewareMap, intentMap, proofTraces, coverage, targetDir, repoName) {
+    const gitInfo = getGitInfo(targetDir);
+    const name = repoName ?? getRepoName(targetDir);
+    // Convert proofTraces Map to schema format
+    const proofTracesRecord = {};
+    for (const [key, value] of proofTraces) {
+        proofTracesRecord[key] = {
+            summary: value.authProven
+                ? "Auth proven"
+                : value.middlewareCovered
+                    ? "Protected by middleware"
+                    : "No protection proven",
+            nodes: value.steps.map((step) => ({
+                kind: "handler",
+                label: step.label,
+                file: step.file,
+                line: step.line,
+            })),
+        };
+    }
+    // Build middleware coverage
+    const allMatchers = middlewareMap.flatMap((m) => m.matchers);
+    const middlewareCoverage = routeMap.map((route) => {
+        const isRouteCovered = allMatchers.some((matcher) => {
+            const pattern = matcher.replace(/\*/g, ".*").replace(/\/:path\*/g, "/.*");
+            try {
+                return new RegExp(`^${pattern}`).test(route.path);
+            }
+            catch {
+                return route.path.startsWith(matcher.replace(/\/:path\*$/, ""));
+            }
+        });
+        return {
+            routeId: route.routeId,
+            covered: isRouteCovered,
+        };
+    });
+    // Calculate summary stats
+    const intentsByType = {};
+    const intentsBySource = {};
+    for (const intent of intentMap) {
+        intentsByType[intent.type] = (intentsByType[intent.type] || 0) + 1;
+        intentsBySource[intent.source] = (intentsBySource[intent.source] || 0) + 1;
+    }
+    return {
+        artifactVersion: ARTIFACT_VERSION,
+        generatedAt: new Date().toISOString(),
+        tool: {
+            name: "vibecheck",
+            version: "0.0.1",
+        },
+        repo: {
+            name,
+            rootPathHash: hashPath(targetDir),
+            git: gitInfo,
+        },
+        routeMap: { routes: routeMap },
+        middlewareMap: {
+            middlewareFile: middlewareMap[0]?.file,
+            matcher: allMatchers,
+            coverage: middlewareCoverage,
+        },
+        intentMap: { intents: intentMap },
+        proofTraces: proofTracesRecord,
+        coverage,
+        summary: {
+            totalRoutes: routeMap.length,
+            totalIntents: intentMap.length,
+            authCoveragePercent: Math.round(coverage.authCoverage * 100),
+            validationCoveragePercent: Math.round(coverage.validationCoverage * 100),
+            middlewareCoveragePercent: Math.round(coverage.middlewareCoverage * 100),
+            intentsByType,
+            intentsBySource,
+        },
+    };
+}
+/**
+ * Print intent map summary
+ */
+function printIntentSummary(artifact) {
+    const { summary, coverage } = artifact;
+    console.log("\n" + "=".repeat(60));
+    console.log("VibeCheck Intent Map Generated");
+    console.log("=".repeat(60));
+    console.log(`\nRoutes discovered: ${summary.totalRoutes}`);
+    console.log(`Intent claims found: ${summary.totalIntents}`);
+    console.log("\nCoverage metrics:");
+    console.log(`  Auth coverage: ${formatPercent(coverage.authCoverage)}`);
+    console.log(`  Validation coverage: ${formatPercent(coverage.validationCoverage)}`);
+    console.log(`  Middleware coverage: ${formatPercent(coverage.middlewareCoverage)}`);
+    if (summary.totalIntents > 0) {
+        console.log("\nIntents by type:");
+        for (const [type, count] of Object.entries(summary.intentsByType)) {
+            console.log(`  ${type}: ${count}`);
+        }
+        console.log("\nIntents by source:");
+        for (const [source, count] of Object.entries(summary.intentsBySource)) {
+            console.log(`  ${source}: ${count}`);
+        }
+    }
+    console.log("");
+}
+/**
+ * Format percentage with color
+ */
+function formatPercent(value) {
+    const percent = Math.round(value * 100);
+    let color = "\x1b[32m"; // Green
+    if (percent < 50) {
+        color = "\x1b[31m"; // Red
+    }
+    else if (percent < 80) {
+        color = "\x1b[33m"; // Yellow
+    }
+    return `${color}${percent}%\x1b[0m`;
+}
+/**
+ * Register intent command with commander
+ */
+export function registerIntentCommand(program) {
+    program
+        .command("intent [target]")
+        .description("Generate security intent map baseline")
+        .option("-o, --out <path>", "Output file path", "vibecheck-artifacts/intent-map.json")
+        .option("-f, --format <format>", "Output format", "json")
+        .option("--repo-name <name>", "Override repository name")
+        .action(async (target, options) => {
+        const targetDir = target ?? process.cwd();
+        const exitCode = await executeIntent(targetDir, options);
+        process.exit(exitCode);
+    });
+}

package/dist/commands/scan.d.ts ADDED Viewed

@@ -0,0 +1,44 @@
+import type { Command } from "commander";
+import { type Severity } from "@vibecheck/schema";
+/**
+ * Valid output formats
+ */
+export type OutputFormat = "json" | "sarif" | "both";
+/**
+ * Valid fail-on thresholds
+ */
+export type FailThreshold = "off" | Severity;
+/**
+ * Scan command options
+ */
+export interface ScanOptions {
+    /** Output file/directory path */
+    out: string;
+    /** Output format: json, sarif, or both */
+    format: OutputFormat;
+    /** Override repository name */
+    repoName?: string;
+    /** Fail threshold: off, info, low, medium, high, critical */
+    failOn: FailThreshold;
+    /** Only scan changed files (not implemented) */
+    changed: boolean;
+    /** Include route map in output (default: true) */
+    emitRouteMap: boolean;
+    /** Include intent claims in output (default: true) */
+    emitIntents: boolean;
+    /** Include proof traces in output (default: true) */
+    emitTraces: boolean;
+    /** Additional glob patterns to exclude */
+    exclude: string[];
+    /** Include test files in scan */
+    includeTests: boolean;
+}
+/**
+ * Execute the scan command
+ */
+export declare function executeScan(targetDir: string, options: ScanOptions): Promise<number>;
+/**
+ * Register scan command with commander
+ */
+export declare function registerScanCommand(program: Command): void;
+//# sourceMappingURL=scan.d.ts.map

package/dist/commands/scan.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../src/commands/scan.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAML,KAAK,QAAQ,EACd,MAAM,mBAAmB,CAAC;AA0B3B;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,CAAC;AAErD;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,QAAQ,CAAC;AAE7C;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,iCAAiC;IACjC,GAAG,EAAE,MAAM,CAAC;IACZ,0CAA0C;IAC1C,MAAM,EAAE,YAAY,CAAC;IACrB,+BAA+B;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,6DAA6D;IAC7D,MAAM,EAAE,aAAa,CAAC;IACtB,gDAAgD;IAChD,OAAO,EAAE,OAAO,CAAC;IACjB,kDAAkD;IAClD,YAAY,EAAE,OAAO,CAAC;IACtB,sDAAsD;IACtD,WAAW,EAAE,OAAO,CAAC;IACrB,qDAAqD;IACrD,UAAU,EAAE,OAAO,CAAC;IACpB,0CAA0C;IAC1C,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,iCAAiC;IACjC,YAAY,EAAE,OAAO,CAAC;CACvB;AA0VD;;GAEG;AACH,wBAAsB,WAAW,CAC/B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,MAAM,CAAC,CAwMjB;AASD;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAkH1D"}