@reverso/api 0.1.0

package/dist/routes/sitemap.js

@@ -0,0 +1,144 @@
+/**
+ * Sitemap route.
+ * Generates dynamic XML sitemap for SEO.
+ */
+import { getFormsByStatus, getPages } from '@reverso/db';
+/**
+ * Build XML sitemap from URLs.
+ */
+function buildSitemapXml(urls) {
+    const urlEntries = urls
+        .map((url) => {
+        const parts = [`    <url>`, `      <loc>${escapeXml(url.loc)}</loc>`];
+        if (url.lastmod) {
+            parts.push(`      <lastmod>${url.lastmod}</lastmod>`);
+        }
+        if (url.changefreq) {
+            parts.push(`      <changefreq>${url.changefreq}</changefreq>`);
+        }
+        if (url.priority !== undefined) {
+            parts.push(`      <priority>${url.priority.toFixed(1)}</priority>`);
+        }
+        parts.push(`    </url>`);
+        return parts.join('\n');
+    })
+        .join('\n');
+    return `<?xml version="1.0" encoding="UTF-8"?>
+<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
+${urlEntries}
+</urlset>`;
+}
+/**
+ * Escape special XML characters.
+ */
+function escapeXml(str) {
+    return str
+        .replace(/&/g, '&amp;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&apos;');
+}
+/**
+ * Format date for sitemap (ISO 8601 date format).
+ */
+function formatDate(date) {
+    if (!date)
+        return undefined;
+    const d = typeof date === 'string' ? new Date(date) : date;
+    return d.toISOString().split('T')[0];
+}
+// Cache for sitemap (1 hour)
+let sitemapCache = null;
+const CACHE_TTL = 60 * 60 * 1000; // 1 hour in milliseconds
+const sitemapRoutes = async (fastify) => {
+    /**
+     * GET /sitemap.xml
+     * Generate dynamic sitemap.
+     */
+    fastify.get('/sitemap.xml', async (request, reply) => {
+        try {
+            // Check cache
+            const now = Date.now();
+            if (sitemapCache && now - sitemapCache.timestamp < CACHE_TTL) {
+                reply.header('Content-Type', 'application/xml');
+                reply.header('Cache-Control', 'public, max-age=3600');
+                return sitemapCache.xml;
+            }
+            const db = request.db;
+            // Get base URL from request or config
+            const protocol = request.protocol || 'https';
+            const host = request.hostname || 'localhost';
+            const baseUrl = `${protocol}://${host}`;
+            const urls = [];
+            // Add homepage
+            urls.push({
+                loc: baseUrl,
+                changefreq: 'daily',
+                priority: 1.0,
+            });
+            // Get all pages
+            const pages = await getPages(db);
+            for (const page of pages) {
+                // Skip home page (already added)
+                if (page.slug === 'home' || page.slug === 'index') {
+                    continue;
+                }
+                urls.push({
+                    loc: `${baseUrl}/${page.slug}`,
+                    lastmod: formatDate(page.updatedAt),
+                    changefreq: 'weekly',
+                    priority: 0.8,
+                });
+            }
+            // Get published forms (for public form pages)
+            const publishedForms = await getFormsByStatus(db, 'published');
+            for (const form of publishedForms) {
+                urls.push({
+                    loc: `${baseUrl}/forms/${form.slug}`,
+                    lastmod: formatDate(form.updatedAt),
+                    changefreq: 'monthly',
+                    priority: 0.6,
+                });
+            }
+            // Build XML
+            const xml = buildSitemapXml(urls);
+            // Update cache
+            sitemapCache = { xml, timestamp: now };
+            reply.header('Content-Type', 'application/xml');
+            reply.header('Cache-Control', 'public, max-age=3600');
+            return xml;
+        }
+        catch (error) {
+            fastify.log.error(error, 'Failed to generate sitemap');
+            return reply.status(500).send({
+                success: false,
+                error: 'Internal error',
+                message: 'Failed to generate sitemap',
+            });
+        }
+    });
+    /**
+     * POST /sitemap/invalidate
+     * Invalidate sitemap cache (admin only).
+     */
+    fastify.post('/sitemap/invalidate', async (request, reply) => {
+        try {
+            sitemapCache = null;
+            return {
+                success: true,
+                message: 'Sitemap cache invalidated',
+            };
+        }
+        catch (error) {
+            fastify.log.error(error, 'Failed to invalidate sitemap cache');
+            return reply.status(500).send({
+                success: false,
+                error: 'Internal error',
+                message: 'Failed to invalidate sitemap cache',
+            });
+        }
+    });
+};
+export default sitemapRoutes;
+//# sourceMappingURL=sitemap.js.map

package/dist/routes/sitemap.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sitemap.js","sourceRoot":"","sources":["../../src/routes/sitemap.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAUzD;;GAEG;AACH,SAAS,eAAe,CAAC,IAAkB;IACzC,MAAM,UAAU,GAAG,IAAI;SACpB,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACX,MAAM,KAAK,GAAG,CAAC,WAAW,EAAE,cAAc,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtE,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAChB,KAAK,CAAC,IAAI,CAAC,kBAAkB,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;YACnB,KAAK,CAAC,IAAI,CAAC,qBAAqB,GAAG,CAAC,UAAU,eAAe,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC/B,KAAK,CAAC,IAAI,CAAC,mBAAmB,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;QACtE,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACzB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;IAEd,OAAO;;EAEP,UAAU;UACF,CAAC;AACX,CAAC;AAED;;GAEG;AACH,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,GAAG;SACP,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;SACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC;SACvB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,IAA0B;IAC5C,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAC5B,MAAM,CAAC,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,6BAA6B;AAC7B,IAAI,YAAY,GAA8C,IAAI,CAAC;AACnE,MAAM,SAAS,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,yBAAyB;AAE3D,MAAM,aAAa,GAAuB,KAAK,EAAE,OAAwB,EAAE,EAAE;IAC3E;;;OAGG;IACH,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACnD,IAAI,CAAC;YACH,cAAc;YACd,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,YAAY,IAAI,GAAG,GAAG,YAAY,CAAC,SAAS,GAAG,SAAS,EAAE,CAAC;gBAC7D,KAAK,CAAC,MAAM,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;gBAChD,KAAK,CAAC,MAAM,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAAC;gBACtD,OAAO,YAAY,CAAC,GAAG,CAAC;YAC1B,CAAC;YAED,MAAM,EAAE,GAAG,OAAO,CAAC,EAAE,CAAC;YAEtB,sCAAsC;YACtC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC;YAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,IAAI,WAAW,CAAC;YAC7C,MAAM,OAAO,GAAG,GAAG,QAAQ,MAAM,IAAI,EAAE,CAAC;YAExC,MAAM,IAAI,GAAiB,EAAE,CAAC;YAE9B,eAAe;YACf,IAAI,CAAC,IAAI,CAAC;gBACR,GAAG,EAAE,OAAO;gBACZ,UAAU,EAAE,OAAO;gBACnB,QAAQ,EAAE,GAAG;aACd,CAAC,CAAC;YAEH,gBAAgB;YAChB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,EAAE,CAAC,CAAC;YACjC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,iCAAiC;gBACjC,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAClD,SAAS;gBACX,CAAC;gBAED,IAAI,CAAC,IAAI,CAAC;oBACR,GAAG,EAAE,GAAG,OAAO,IAAI,IAAI,CAAC,IAAI,EAAE;oBAC9B,OAAO,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;oBACnC,UAAU,EAAE,QAAQ;oBACpB,QAAQ,EAAE,GAAG;iBACd,CAAC,CAAC;YACL,CAAC;YAED,8CAA8C;YAC9C,MAAM,cAAc,GAAG,MAAM,gBAAgB,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC;YAC/D,KAAK,MAAM,IAAI,IAAI,cAAc,EAAE,CAAC;gBAClC,IAAI,CAAC,IAAI,CAAC;oBACR,GAAG,EAAE,GAAG,OAAO,UAAU,IAAI,CAAC,IAAI,EAAE;oBACpC,OAAO,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;oBACnC,UAAU,EAAE,SAAS;oBACrB,QAAQ,EAAE,GAAG;iBACd,CAAC,CAAC;YACL,CAAC;YAED,YAAY;YACZ,MAAM,GAAG,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;YAElC,eAAe;YACf,YAAY,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;YAEvC,KAAK,CAAC,MAAM,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;YAChD,KAAK,CAAC,MAAM,CAAC,eAAe,EAAE,sBAAsB,CAAC,CAAC;YACtD,OAAO,GAAG,CAAC;QACb,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,4BAA4B,CAAC,CAAC;YACvD,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC5B,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,gBAAgB;gBACvB,OAAO,EAAE,4BAA4B;aACtC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IAEH;;;OAGG;IACH,OAAO,CAAC,IAAI,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC3D,IAAI,CAAC;YACH,YAAY,GAAG,IAAI,CAAC;YAEpB,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,2BAA2B;aACrC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,oCAAoC,CAAC,CAAC;YAC/D,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC5B,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,gBAAgB;gBACvB,OAAO,EAAE,oCAAoC;aAC9C,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,eAAe,aAAa,CAAC"}

package/dist/server.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Fastify server setup.
+ */
+import { type FastifyInstance } from 'fastify';
+export interface ServerConfig {
+    /** Server port */
+    port?: number;
+    /** Server host */
+    host?: string;
+    /** Enable CORS */
+    cors?: boolean | CorsOptions;
+    /** Cookie secret */
+    cookieSecret?: string;
+    /** Uploads directory */
+    uploadsDir?: string;
+    /** Enable request logging */
+    logger?: boolean;
+    /** API prefix */
+    prefix?: string;
+    /** API key for authentication */
+    apiKey?: string;
+    /** Enable authentication (default: true in production) */
+    authEnabled?: boolean;
+}
+export interface CorsOptions {
+    origin?: string | string[] | boolean;
+    methods?: string[];
+    credentials?: boolean;
+}
+/**
+ * Create a Fastify server instance.
+ */
+export declare function createServer(config?: ServerConfig): Promise<FastifyInstance>;
+/**
+ * Start the server.
+ */
+export declare function startServer(server: FastifyInstance, config?: ServerConfig): Promise<string>;
+/**
+ * Stop the server gracefully.
+ */
+export declare function stopServer(server: FastifyInstance): Promise<void>;
+declare module 'fastify' {
+    interface FastifyInstance {
+        config: Required<ServerConfig>;
+    }
+}
+//# sourceMappingURL=server.d.ts.map

package/dist/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;GAEG;AAWH,OAAgB,EAAE,KAAK,eAAe,EAA6B,MAAM,SAAS,CAAC;AAGnF,MAAM,WAAW,YAAY;IAC3B,kBAAkB;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,kBAAkB;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,kBAAkB;IAClB,IAAI,CAAC,EAAE,OAAO,GAAG,WAAW,CAAC;IAC7B,oBAAoB;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,wBAAwB;IACxB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,6BAA6B;IAC7B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,iBAAiB;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,iCAAiC;IACjC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,0DAA0D;IAC1D,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC;IACrC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAgCD;;GAEG;AACH,wBAAsB,YAAY,CAAC,MAAM,GAAE,YAAiB,GAAG,OAAO,CAAC,eAAe,CAAC,CA2KtF;AAED;;GAEG;AACH,wBAAsB,WAAW,CAC/B,MAAM,EAAE,eAAe,EACvB,MAAM,GAAE,YAAiB,GACxB,OAAO,CAAC,MAAM,CAAC,CAcjB;AAED;;GAEG;AACH,wBAAsB,UAAU,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC,CAEvE;AAGD,OAAO,QAAQ,SAAS,CAAC;IACvB,UAAU,eAAe;QACvB,MAAM,EAAE,QAAQ,CAAC,YAAY,CAAC,CAAC;KAChC;CACF"}

package/dist/server.js

@@ -0,0 +1,218 @@
+/**
+ * Fastify server setup.
+ */
+import { existsSync, mkdirSync } from 'node:fs';
+import { join } from 'node:path';
+import cookie from '@fastify/cookie';
+import cors from '@fastify/cors';
+import csrfProtection from '@fastify/csrf-protection';
+import helmet from '@fastify/helmet';
+import multipart from '@fastify/multipart';
+import rateLimit from '@fastify/rate-limit';
+import fastifyStatic from '@fastify/static';
+import Fastify, {} from 'fastify';
+import authPlugin, {} from './plugins/auth.js';
+/**
+ * Get cookie secret from environment or use development fallback.
+ * In production, REVERSO_COOKIE_SECRET must be set.
+ */
+function getCookieSecret() {
+    const envSecret = process.env.REVERSO_COOKIE_SECRET;
+    if (envSecret) {
+        return envSecret;
+    }
+    // Only allow fallback in non-production environments
+    if (process.env.NODE_ENV === 'production') {
+        throw new Error('REVERSO_COOKIE_SECRET environment variable must be set in production');
+    }
+    return 'reverso-dev-secret-do-not-use-in-production';
+}
+const defaultConfig = {
+    port: 3001,
+    host: '0.0.0.0',
+    cors: true,
+    cookieSecret: getCookieSecret(),
+    uploadsDir: '.reverso/uploads',
+    logger: true,
+    prefix: '/api/reverso',
+    apiKey: process.env.REVERSO_API_KEY || '',
+    authEnabled: process.env.NODE_ENV === 'production',
+};
+/**
+ * Create a Fastify server instance.
+ */
+export async function createServer(config = {}) {
+    const opts = { ...defaultConfig, ...config };
+    const fastifyOptions = {
+        logger: opts.logger
+            ? {
+                transport: {
+                    target: 'pino-pretty',
+                    options: {
+                        translateTime: 'HH:MM:ss Z',
+                        ignore: 'pid,hostname',
+                    },
+                },
+            }
+            : false,
+    };
+    const server = Fastify(fastifyOptions);
+    // Register CORS
+    if (opts.cors) {
+        // In production, require explicit origin configuration
+        const isProduction = process.env.NODE_ENV === 'production';
+        const defaultOrigin = isProduction
+            ? process.env.REVERSO_CORS_ORIGIN || 'http://localhost:3000'
+            : true;
+        const corsOptions = typeof opts.cors === 'object'
+            ? {
+                origin: opts.cors.origin ?? defaultOrigin,
+                methods: opts.cors.methods ?? ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
+                credentials: opts.cors.credentials ?? true,
+                allowedHeaders: ['Content-Type', 'Authorization', 'X-API-Key'],
+            }
+            : {
+                origin: defaultOrigin,
+                methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
+                credentials: true,
+                allowedHeaders: ['Content-Type', 'Authorization', 'X-API-Key'],
+            };
+        await server.register(cors, corsOptions);
+    }
+    // Register security headers (helmet)
+    await server.register(helmet, {
+        contentSecurityPolicy: {
+            directives: {
+                defaultSrc: ["'self'"],
+                styleSrc: ["'self'", "'unsafe-inline'"],
+                scriptSrc: ["'self'"],
+                imgSrc: ["'self'", 'data:', 'blob:'],
+                fontSrc: ["'self'"],
+                objectSrc: ["'none'"],
+                upgradeInsecureRequests: process.env.NODE_ENV === 'production' ? [] : null,
+            },
+        },
+        crossOriginEmbedderPolicy: false, // Disable for media uploads
+        crossOriginResourcePolicy: { policy: 'cross-origin' }, // Allow cross-origin for assets
+    });
+    // Register cookies
+    await server.register(cookie, {
+        secret: opts.cookieSecret,
+        parseOptions: {},
+    });
+    // Register CSRF protection (enabled by default, can be disabled in dev with env var)
+    const csrfEnabled = process.env.REVERSO_CSRF_DISABLED !== 'true';
+    if (csrfEnabled) {
+        await server.register(csrfProtection, {
+            sessionPlugin: '@fastify/cookie',
+            cookieOpts: {
+                signed: true,
+                httpOnly: true,
+                sameSite: 'strict',
+                secure: process.env.NODE_ENV === 'production',
+                path: '/',
+            },
+            // Skip CSRF for public endpoints and API key authentication
+            getToken: (request) => {
+                return (request.headers['x-csrf-token']?.toString() ||
+                    request.headers['csrf-token']?.toString());
+            },
+        });
+        // Add hook to skip CSRF for safe methods and API key auth
+        server.addHook('onRequest', async (request, reply) => {
+            const safeMethods = ['GET', 'HEAD', 'OPTIONS'];
+            if (safeMethods.includes(request.method))
+                return;
+            // Skip CSRF if API key is provided
+            if (request.headers['x-api-key'])
+                return;
+            // Skip CSRF for public form submissions (they have their own validation)
+            if (request.url.startsWith('/api/reverso/public/'))
+                return;
+        });
+        // Add CSRF token generation endpoint
+        server.get('/api/csrf-token', async (request, reply) => {
+            const token = await reply.generateCsrf();
+            return { csrfToken: token };
+        });
+    }
+    // Register rate limiting
+    await server.register(rateLimit, {
+        max: 100, // Max 100 requests per window
+        timeWindow: '1 minute',
+        // Stricter limits for specific routes
+        keyGenerator: (request) => {
+            // Use API key or IP for rate limiting
+            return (request.headers['x-api-key']?.toString() ||
+                request.headers['x-forwarded-for']?.toString() ||
+                request.ip);
+        },
+        // Skip rate limiting for health checks
+        allowList: ['/health'],
+        // Custom error response
+        errorResponseBuilder: () => ({
+            success: false,
+            error: 'Too Many Requests',
+            message: 'Rate limit exceeded. Please try again later.',
+        }),
+    });
+    // Register multipart for file uploads
+    await server.register(multipart, {
+        limits: {
+            fileSize: 50 * 1024 * 1024, // 50MB
+            files: 10,
+        },
+    });
+    // Register authentication plugin
+    await server.register(authPlugin, {
+        apiKey: opts.apiKey,
+        enabled: opts.authEnabled,
+        publicPaths: [
+            /^\/api\/reverso\/public\//,
+            /^\/sitemap\.xml$/,
+        ],
+    });
+    // Ensure uploads directory exists
+    if (!existsSync(opts.uploadsDir)) {
+        mkdirSync(opts.uploadsDir, { recursive: true });
+    }
+    // Serve static files from uploads directory
+    await server.register(fastifyStatic, {
+        root: join(process.cwd(), opts.uploadsDir),
+        prefix: '/uploads/',
+        decorateReply: false,
+    });
+    // Health check endpoint
+    server.get('/health', async () => ({
+        status: 'ok',
+        timestamp: new Date().toISOString(),
+    }));
+    // Store config in server instance
+    server.decorate('config', opts);
+    return server;
+}
+/**
+ * Start the server.
+ */
+export async function startServer(server, config = {}) {
+    // Use server's stored config as base, then override with passed config
+    const opts = { ...defaultConfig, ...server.config, ...config };
+    try {
+        const address = await server.listen({
+            port: opts.port,
+            host: opts.host,
+        });
+        return address;
+    }
+    catch (err) {
+        server.log.error(err);
+        throw err;
+    }
+}
+/**
+ * Stop the server gracefully.
+ */
+export async function stopServer(server) {
+    await server.close();
+}
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,MAAM,MAAM,iBAAiB,CAAC;AACrC,OAAO,IAAI,MAAM,eAAe,CAAC;AACjC,OAAO,cAAc,MAAM,0BAA0B,CAAC;AACtD,OAAO,MAAM,MAAM,iBAAiB,CAAC;AACrC,OAAO,SAAS,MAAM,oBAAoB,CAAC;AAC3C,OAAO,SAAS,MAAM,qBAAqB,CAAC;AAC5C,OAAO,aAAa,MAAM,iBAAiB,CAAC;AAC5C,OAAO,OAAO,EAAE,EAAmD,MAAM,SAAS,CAAC;AACnF,OAAO,UAAU,EAAE,EAA0B,MAAM,mBAAmB,CAAC;AA6BvE;;;GAGG;AACH,SAAS,eAAe;IACtB,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC;IACpD,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,qDAAqD;IACrD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;IAC1F,CAAC;IAED,OAAO,6CAA6C,CAAC;AACvD,CAAC;AAED,MAAM,aAAa,GAA2B;IAC5C,IAAI,EAAE,IAAI;IACV,IAAI,EAAE,SAAS;IACf,IAAI,EAAE,IAAI;IACV,YAAY,EAAE,eAAe,EAAE;IAC/B,UAAU,EAAE,kBAAkB;IAC9B,MAAM,EAAE,IAAI;IACZ,MAAM,EAAE,cAAc;IACtB,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE;IACzC,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;CACnD,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,SAAuB,EAAE;IAC1D,MAAM,IAAI,GAAG,EAAE,GAAG,aAAa,EAAE,GAAG,MAAM,EAAE,CAAC;IAE7C,MAAM,cAAc,GAAyB;QAC3C,MAAM,EAAE,IAAI,CAAC,MAAM;YACjB,CAAC,CAAC;gBACE,SAAS,EAAE;oBACT,MAAM,EAAE,aAAa;oBACrB,OAAO,EAAE;wBACP,aAAa,EAAE,YAAY;wBAC3B,MAAM,EAAE,cAAc;qBACvB;iBACF;aACF;YACH,CAAC,CAAC,KAAK;KACV,CAAC;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IAEvC,gBAAgB;IAChB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,uDAAuD;QACvD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;QAC3D,MAAM,aAAa,GAAG,YAAY;YAChC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,uBAAuB;YAC5D,CAAC,CAAC,IAAI,CAAC;QAET,MAAM,WAAW,GACf,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;YAC3B,CAAC,CAAC;gBACE,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,aAAa;gBACzC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;gBAClF,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI;gBAC1C,cAAc,EAAE,CAAC,cAAc,EAAE,eAAe,EAAE,WAAW,CAAC;aAC/D;YACH,CAAC,CAAC;gBACE,MAAM,EAAE,aAAa;gBACrB,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;gBAC7D,WAAW,EAAE,IAAI;gBACjB,cAAc,EAAE,CAAC,cAAc,EAAE,eAAe,EAAE,WAAW,CAAC;aAC/D,CAAC;QAER,MAAM,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IAC3C,CAAC;IAED,qCAAqC;IACrC,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE;QAC5B,qBAAqB,EAAE;YACrB,UAAU,EAAE;gBACV,UAAU,EAAE,CAAC,QAAQ,CAAC;gBACtB,QAAQ,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;gBACvC,SAAS,EAAE,CAAC,QAAQ,CAAC;gBACrB,MAAM,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC;gBACpC,OAAO,EAAE,CAAC,QAAQ,CAAC;gBACnB,SAAS,EAAE,CAAC,QAAQ,CAAC;gBACrB,uBAAuB,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI;aAC3E;SACF;QACD,yBAAyB,EAAE,KAAK,EAAE,4BAA4B;QAC9D,yBAAyB,EAAE,EAAE,MAAM,EAAE,cAAc,EAAE,EAAE,gCAAgC;KACxF,CAAC,CAAC;IAEH,mBAAmB;IACnB,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE;QAC5B,MAAM,EAAE,IAAI,CAAC,YAAY;QACzB,YAAY,EAAE,EAAE;KACjB,CAAC,CAAC;IAEH,qFAAqF;IACrF,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,MAAM,CAAC;IACjE,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,MAAM,CAAC,QAAQ,CAAC,cAAc,EAAE;YACpC,aAAa,EAAE,iBAAiB;YAChC,UAAU,EAAE;gBACV,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;gBAC7C,IAAI,EAAE,GAAG;aACV;YACD,4DAA4D;YAC5D,QAAQ,EAAE,CAAC,OAAO,EAAE,EAAE;gBACpB,OAAO,CACL,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,QAAQ,EAAE;oBAC3C,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,QAAQ,EAAE,CAC1C,CAAC;YACJ,CAAC;SACF,CAAC,CAAC;QAEH,0DAA0D;QAC1D,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACnD,MAAM,WAAW,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;YAC/C,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;gBAAE,OAAO;YAEjD,mCAAmC;YACnC,IAAI,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC;gBAAE,OAAO;YAEzC,yEAAyE;YACzE,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,sBAAsB,CAAC;gBAAE,OAAO;QAC7D,CAAC,CAAC,CAAC;QAEH,qCAAqC;QACrC,MAAM,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;YACrD,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,YAAY,EAAE,CAAC;YACzC,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC,CAAC,CAAC;IACL,CAAC;IAED,yBAAyB;IACzB,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE;QAC/B,GAAG,EAAE,GAAG,EAAE,8BAA8B;QACxC,UAAU,EAAE,UAAU;QACtB,sCAAsC;QACtC,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE;YACxB,sCAAsC;YACtC,OAAO,CACL,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,QAAQ,EAAE;gBACxC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,QAAQ,EAAE;gBAC9C,OAAO,CAAC,EAAE,CACX,CAAC;QACJ,CAAC;QACD,uCAAuC;QACvC,SAAS,EAAE,CAAC,SAAS,CAAC;QACtB,wBAAwB;QACxB,oBAAoB,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3B,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,mBAAmB;YAC1B,OAAO,EAAE,8CAA8C;SACxD,CAAC;KACH,CAAC,CAAC;IAEH,sCAAsC;IACtC,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE;QAC/B,MAAM,EAAE;YACN,QAAQ,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;YACnC,KAAK,EAAE,EAAE;SACV;KACF,CAAC,CAAC;IAEH,iCAAiC;IACjC,MAAM,MAAM,CAAC,QAAQ,CAAC,UAAU,EAAE;QAChC,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,OAAO,EAAE,IAAI,CAAC,WAAW;QACzB,WAAW,EAAE;YACX,2BAA2B;YAC3B,kBAAkB;SACnB;KACF,CAAC,CAAC;IAEH,kCAAkC;IAClC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QACjC,SAAS,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,4CAA4C;IAC5C,MAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,EAAE;QACnC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,IAAI,CAAC,UAAU,CAAC;QAC1C,MAAM,EAAE,WAAW;QACnB,aAAa,EAAE,KAAK;KACrB,CAAC,CAAC;IAEH,wBAAwB;IACxB,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;QACjC,MAAM,EAAE,IAAI;QACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC,CAAC,CAAC;IAEJ,kCAAkC;IAClC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAEhC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAAuB,EACvB,SAAuB,EAAE;IAEzB,uEAAuE;IACvE,MAAM,IAAI,GAAG,EAAE,GAAG,aAAa,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IAE/D,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC;YAClC,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAC,CAAC;QACH,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACtB,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,MAAuB;IACtD,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;AACvB,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,91 @@
+/**
+ * API type definitions.
+ */
+import type { ContentValue, ProjectSchema } from '@reverso/core';
+import type { DrizzleDatabase } from '@reverso/db';
+import type { FastifyRequest } from 'fastify';
+import type { AuthUser } from './plugins/auth.js';
+export type { AuthUser };
+/**
+ * Extended FastifyRequest with database.
+ */
+export interface ApiRequest extends FastifyRequest {
+    db: DrizzleDatabase;
+}
+/**
+ * API error response.
+ */
+export interface ApiError {
+    error: string;
+    message: string;
+    statusCode: number;
+    details?: unknown;
+}
+/**
+ * API success response.
+ */
+export interface ApiResponse<T = unknown> {
+    success: boolean;
+    data?: T;
+    meta?: {
+        total?: number;
+        page?: number;
+        limit?: number;
+    };
+}
+/**
+ * Schema sync request body.
+ */
+export interface SchemaSyncBody {
+    schema: ProjectSchema;
+    deleteRemoved?: boolean;
+}
+/**
+ * Content update request body.
+ */
+export interface ContentUpdateBody {
+    value: ContentValue;
+    locale?: string;
+    publish?: boolean;
+}
+/**
+ * Bulk content update request body.
+ */
+export interface BulkContentUpdateBody {
+    updates: Array<{
+        path: string;
+        value: ContentValue;
+        locale?: string;
+    }>;
+}
+/**
+ * Media upload result.
+ */
+export interface MediaUploadResult {
+    id: string;
+    url: string;
+    filename: string;
+    mimeType: string;
+    size: number;
+    width?: number;
+    height?: number;
+}
+/**
+ * Pagination params.
+ */
+export interface PaginationParams {
+    page?: number;
+    limit?: number;
+    offset?: number;
+}
+/**
+ * List response with pagination.
+ */
+export interface ListResponse<T> {
+    items: T[];
+    total: number;
+    page: number;
+    limit: number;
+    totalPages: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,KAAK,EAAgB,cAAc,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAGlD,YAAY,EAAE,QAAQ,EAAE,CAAC;AAEzB;;GAEG;AACH,MAAM,WAAW,UAAW,SAAQ,cAAc;IAChD,EAAE,EAAE,eAAe,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW,CAAC,CAAC,GAAG,OAAO;IACtC,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,CAAC,CAAC;IACT,IAAI,CAAC,EAAE;QACL,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,aAAa,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,YAAY,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,KAAK,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,YAAY,CAAC;QACpB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;CACJ;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY,CAAC,CAAC;IAC7B,KAAK,EAAE,CAAC,EAAE,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;CACpB"}

package/dist/types.js

@@ -0,0 +1,5 @@
+/**
+ * API type definitions.
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/utils/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Utility exports.
+ */
+export { isUrlSafeForSSRF, isRedirectUrlSafe, generateWebhookSignature, verifyWebhookSignature, isValidTokenFormat, } from './security.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,wBAAwB,EACxB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,eAAe,CAAC"}

package/dist/utils/index.js

@@ -0,0 +1,5 @@
+/**
+ * Utility exports.
+ */
+export { isUrlSafeForSSRF, isRedirectUrlSafe, generateWebhookSignature, verifyWebhookSignature, isValidTokenFormat, } from './security.js';
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,wBAAwB,EACxB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,eAAe,CAAC"}

package/dist/utils/security.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Security utilities for the API.
+ */
+/**
+ * Check if a URL is safe for server-side requests (SSRF protection).
+ * Blocks private IPs, localhost, and cloud metadata endpoints.
+ */
+export declare function isUrlSafeForSSRF(urlString: string): {
+    safe: boolean;
+    reason?: string;
+};
+/**
+ * Check if a redirect URL is safe (prevents open redirect attacks).
+ * Only allows relative URLs or URLs to whitelisted domains.
+ */
+export declare function isRedirectUrlSafe(urlString: string | undefined | null): {
+    safe: boolean;
+    reason?: string;
+};
+/**
+ * Generate HMAC-SHA256 signature for webhook payloads.
+ */
+export declare function generateWebhookSignature(payload: string, secret: string): string;
+/**
+ * Verify HMAC-SHA256 signature for webhook payloads.
+ */
+export declare function verifyWebhookSignature(payload: string, signature: string, secret: string): boolean;
+/**
+ * Validate token format and length.
+ */
+export declare function isValidTokenFormat(token: string): boolean;
+//# sourceMappingURL=security.d.ts.map

package/dist/utils/security.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/utils/security.ts"],"names":[],"mappings":"AAAA;;GAEG;AAmCH;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CA+BtF;AAcD;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAuC1G;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAIhF;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAQlG;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAkBzD"}