@riotprompt/riotprompt 0.0.20 → 1.0.0

package/dist/security/rate-limiter.js

@@ -0,0 +1,165 @@
+/**
+ * Rate Limiter Interfaces
+ * 
+ * Provides interfaces and basic implementations for rate limiting.
+ * Production applications should use dedicated rate limiting libraries
+ * (e.g., rate-limiter-flexible, express-rate-limit) for distributed systems.
+ * 
+ * @packageDocumentation
+ */ /**
+ * Rate limiter interface
+ * Implementation is left to users (use your preferred library)
+ */ function _define_property(obj, key, value) {
+    if (key in obj) {
+        Object.defineProperty(obj, key, {
+            value: value,
+            enumerable: true,
+            configurable: true,
+            writable: true
+        });
+    } else {
+        obj[key] = value;
+    }
+    return obj;
+}
+/**
+ * No-op rate limiter that always allows requests
+ * Use this as a default when rate limiting is not needed
+ */ class NoOpRateLimiter {
+    async check(_key) {
+        return true;
+    }
+    async remaining(_key) {
+        return Number.MAX_SAFE_INTEGER;
+    }
+    async reset(_key) {
+    // No-op
+    }
+}
+/**
+ * Simple in-memory rate limiter
+ * 
+ * **Warning**: This implementation is NOT suitable for production use in
+ * distributed systems. Use a Redis-backed solution for production.
+ * 
+ * @example
+ * ```typescript
+ * const limiter = new MemoryRateLimiter({
+ *   windowMs: 60000,  // 1 minute
+ *   maxRequests: 100, // 100 requests per minute
+ * });
+ * 
+ * if (await limiter.check('user-123')) {
+ *   // Process request
+ * } else {
+ *   // Rate limited
+ * }
+ * ```
+ */ class MemoryRateLimiter {
+    async check(key) {
+        const now = Date.now();
+        const record = this.requests.get(key);
+        // No record or expired - create new window
+        if (!record || record.resetAt < now) {
+            this.requests.set(key, {
+                count: 1,
+                resetAt: now + this.config.windowMs
+            });
+            return true;
+        }
+        // Check if limit exceeded
+        if (record.count >= this.config.maxRequests) {
+            return false;
+        }
+        // Increment count
+        record.count++;
+        return true;
+    }
+    async remaining(key) {
+        const record = this.requests.get(key);
+        if (!record || record.resetAt < Date.now()) {
+            return this.config.maxRequests;
+        }
+        return Math.max(0, this.config.maxRequests - record.count);
+    }
+    async reset(key) {
+        this.requests.delete(key);
+    }
+    /**
+     * Clean up expired entries to prevent memory leaks
+     */ cleanup() {
+        const now = Date.now();
+        for (const [key, record] of this.requests.entries()){
+            if (record.resetAt < now) {
+                this.requests.delete(key);
+            }
+        }
+    }
+    /**
+     * Stop the cleanup interval (call when done with the limiter)
+     */ destroy() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+            this.cleanupInterval = null;
+        }
+        this.requests.clear();
+    }
+    constructor(config){
+        _define_property(this, "requests", new Map());
+        _define_property(this, "config", void 0);
+        _define_property(this, "cleanupInterval", null);
+        this.config = config;
+        // Periodically clean up expired entries
+        this.cleanupInterval = setInterval(()=>{
+            this.cleanup();
+        }, config.windowMs);
+    }
+}
+/**
+ * Create a rate limiter with the given configuration
+ * 
+ * @param config - Rate limiter configuration
+ * @returns Rate limiter instance
+ */ function createRateLimiter(config) {
+    return new MemoryRateLimiter(config);
+}
+/**
+ * Create a no-op rate limiter that always allows requests
+ * 
+ * @returns No-op rate limiter instance
+ */ function createNoOpRateLimiter() {
+    return new NoOpRateLimiter();
+}
+// Global rate limiter instance
+let globalRateLimiter = null;
+/**
+ * Get the global rate limiter instance
+ * Returns a no-op limiter if not configured
+ */ function getRateLimiter() {
+    if (!globalRateLimiter) {
+        globalRateLimiter = new NoOpRateLimiter();
+    }
+    return globalRateLimiter;
+}
+/**
+ * Configure the global rate limiter
+ * 
+ * @param config - Rate limiter configuration
+ */ function configureRateLimiter(config) {
+    // Clean up existing limiter if it's a MemoryRateLimiter
+    if (globalRateLimiter instanceof MemoryRateLimiter) {
+        globalRateLimiter.destroy();
+    }
+    globalRateLimiter = new MemoryRateLimiter(config);
+}
+/**
+ * Reset the global rate limiter to the default no-op implementation
+ */ function resetRateLimiter() {
+    if (globalRateLimiter instanceof MemoryRateLimiter) {
+        globalRateLimiter.destroy();
+    }
+    globalRateLimiter = null;
+}
+
+export { MemoryRateLimiter, NoOpRateLimiter, configureRateLimiter, createNoOpRateLimiter, createRateLimiter, getRateLimiter, resetRateLimiter };
+//# sourceMappingURL=rate-limiter.js.map

package/dist/security/rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limiter.js","sources":["../../src/security/rate-limiter.ts"],"sourcesContent":["/**\n * Rate Limiter Interfaces\n * \n * Provides interfaces and basic implementations for rate limiting.\n * Production applications should use dedicated rate limiting libraries\n * (e.g., rate-limiter-flexible, express-rate-limit) for distributed systems.\n * \n * @packageDocumentation\n */\n\n/**\n * Rate limiter interface\n * Implementation is left to users (use your preferred library)\n */\nexport interface RateLimiter {\n    /**\n     * Check if request is allowed\n     * @param key - Unique identifier for the rate limit bucket (e.g., user ID, IP)\n     * @returns true if allowed, false if rate limited\n     */\n    check(key: string): Promise<boolean>;\n\n    /**\n     * Get remaining requests in the current window\n     * @param key - Unique identifier for the rate limit bucket\n     * @returns Number of remaining requests\n     */\n    remaining(key: string): Promise<number>;\n\n    /**\n     * Reset rate limit for a key\n     * @param key - Unique identifier for the rate limit bucket\n     */\n    reset(key: string): Promise<void>;\n}\n\n/**\n * Rate limiter configuration\n */\nexport interface RateLimiterConfig {\n    /** Time window in milliseconds */\n    windowMs: number;\n    /** Maximum requests allowed in the window */\n    maxRequests: number;\n    /** Optional function to generate keys from context */\n    keyGenerator?: (context: unknown) => string;\n}\n\n/**\n * No-op rate limiter that always allows requests\n * Use this as a default when rate limiting is not needed\n */\nexport class NoOpRateLimiter implements RateLimiter {\n    async check(_key: string): Promise<boolean> {\n        return true;\n    }\n\n    async remaining(_key: string): Promise<number> {\n        return Number.MAX_SAFE_INTEGER;\n    }\n\n    async reset(_key: string): Promise<void> {\n        // No-op\n    }\n}\n\ninterface RateLimitRecord {\n    count: number;\n    resetAt: number;\n}\n\n/**\n * Simple in-memory rate limiter\n * \n * **Warning**: This implementation is NOT suitable for production use in\n * distributed systems. Use a Redis-backed solution for production.\n * \n * @example\n * ```typescript\n * const limiter = new MemoryRateLimiter({\n *   windowMs: 60000,  // 1 minute\n *   maxRequests: 100, // 100 requests per minute\n * });\n * \n * if (await limiter.check('user-123')) {\n *   // Process request\n * } else {\n *   // Rate limited\n * }\n * ```\n */\nexport class MemoryRateLimiter implements RateLimiter {\n    private requests: Map<string, RateLimitRecord> = new Map();\n    private config: RateLimiterConfig;\n    private cleanupInterval: ReturnType<typeof setInterval> | null = null;\n\n    constructor(config: RateLimiterConfig) {\n        this.config = config;\n        \n        // Periodically clean up expired entries\n        this.cleanupInterval = setInterval(() => {\n            this.cleanup();\n        }, config.windowMs);\n    }\n\n    async check(key: string): Promise<boolean> {\n        const now = Date.now();\n        const record = this.requests.get(key);\n\n        // No record or expired - create new window\n        if (!record || record.resetAt < now) {\n            this.requests.set(key, { count: 1, resetAt: now + this.config.windowMs });\n            return true;\n        }\n\n        // Check if limit exceeded\n        if (record.count >= this.config.maxRequests) {\n            return false;\n        }\n\n        // Increment count\n        record.count++;\n        return true;\n    }\n\n    async remaining(key: string): Promise<number> {\n        const record = this.requests.get(key);\n        if (!record || record.resetAt < Date.now()) {\n            return this.config.maxRequests;\n        }\n        return Math.max(0, this.config.maxRequests - record.count);\n    }\n\n    async reset(key: string): Promise<void> {\n        this.requests.delete(key);\n    }\n\n    /**\n     * Clean up expired entries to prevent memory leaks\n     */\n    private cleanup(): void {\n        const now = Date.now();\n        for (const [key, record] of this.requests.entries()) {\n            if (record.resetAt < now) {\n                this.requests.delete(key);\n            }\n        }\n    }\n\n    /**\n     * Stop the cleanup interval (call when done with the limiter)\n     */\n    destroy(): void {\n        if (this.cleanupInterval) {\n            clearInterval(this.cleanupInterval);\n            this.cleanupInterval = null;\n        }\n        this.requests.clear();\n    }\n}\n\n/**\n * Create a rate limiter with the given configuration\n * \n * @param config - Rate limiter configuration\n * @returns Rate limiter instance\n */\nexport function createRateLimiter(config: RateLimiterConfig): RateLimiter {\n    return new MemoryRateLimiter(config);\n}\n\n/**\n * Create a no-op rate limiter that always allows requests\n * \n * @returns No-op rate limiter instance\n */\nexport function createNoOpRateLimiter(): RateLimiter {\n    return new NoOpRateLimiter();\n}\n\n// Global rate limiter instance\nlet globalRateLimiter: RateLimiter | null = null;\n\n/**\n * Get the global rate limiter instance\n * Returns a no-op limiter if not configured\n */\nexport function getRateLimiter(): RateLimiter {\n    if (!globalRateLimiter) {\n        globalRateLimiter = new NoOpRateLimiter();\n    }\n    return globalRateLimiter;\n}\n\n/**\n * Configure the global rate limiter\n * \n * @param config - Rate limiter configuration\n */\nexport function configureRateLimiter(config: RateLimiterConfig): void {\n    // Clean up existing limiter if it's a MemoryRateLimiter\n    if (globalRateLimiter instanceof MemoryRateLimiter) {\n        globalRateLimiter.destroy();\n    }\n    globalRateLimiter = new MemoryRateLimiter(config);\n}\n\n/**\n * Reset the global rate limiter to the default no-op implementation\n */\nexport function resetRateLimiter(): void {\n    if (globalRateLimiter instanceof MemoryRateLimiter) {\n        globalRateLimiter.destroy();\n    }\n    globalRateLimiter = null;\n}\n\n"],"names":["NoOpRateLimiter","check","_key","remaining","Number","MAX_SAFE_INTEGER","reset","MemoryRateLimiter","key","now","Date","record","requests","get","resetAt","set","count","config","windowMs","maxRequests","Math","max","delete","cleanup","entries","destroy","cleanupInterval","clearInterval","clear","Map","setInterval","createRateLimiter","createNoOpRateLimiter","globalRateLimiter","getRateLimiter","configureRateLimiter","resetRateLimiter"],"mappings":"AAAA;;;;;;;;;;;AAaC,IAAA,SAAA,gBAAA,CAAA,GAAA,EAAA,GAAA,EAAA,KAAA,EAAA;;;;;;;;;;;;;AAmCD;;;AAGC,IACM,MAAMA,eAAAA,CAAAA;IACT,MAAMC,KAAAA,CAAMC,IAAY,EAAoB;QACxC,OAAO,IAAA;AACX,IAAA;IAEA,MAAMC,SAAAA,CAAUD,IAAY,EAAmB;AAC3C,QAAA,OAAOE,OAAOC,gBAAgB;AAClC,IAAA;IAEA,MAAMC,KAAAA,CAAMJ,IAAY,EAAiB;;AAEzC,IAAA;AACJ;AAOA;;;;;;;;;;;;;;;;;;;AAmBC,IACM,MAAMK,iBAAAA,CAAAA;IAcT,MAAMN,KAAAA,CAAMO,GAAW,EAAoB;QACvC,MAAMC,GAAAA,GAAMC,KAAKD,GAAG,EAAA;AACpB,QAAA,MAAME,SAAS,IAAI,CAACC,QAAQ,CAACC,GAAG,CAACL,GAAAA,CAAAA;;AAGjC,QAAA,IAAI,CAACG,MAAAA,IAAUA,MAAAA,CAAOG,OAAO,GAAGL,GAAAA,EAAK;AACjC,YAAA,IAAI,CAACG,QAAQ,CAACG,GAAG,CAACP,GAAAA,EAAK;gBAAEQ,KAAAA,EAAO,CAAA;AAAGF,gBAAAA,OAAAA,EAASL,GAAAA,GAAM,IAAI,CAACQ,MAAM,CAACC;AAAS,aAAA,CAAA;YACvE,OAAO,IAAA;AACX,QAAA;;QAGA,IAAIP,MAAAA,CAAOK,KAAK,IAAI,IAAI,CAACC,MAAM,CAACE,WAAW,EAAE;YACzC,OAAO,KAAA;AACX,QAAA;;AAGAR,QAAAA,MAAAA,CAAOK,KAAK,EAAA;QACZ,OAAO,IAAA;AACX,IAAA;IAEA,MAAMb,SAAAA,CAAUK,GAAW,EAAmB;AAC1C,QAAA,MAAMG,SAAS,IAAI,CAACC,QAAQ,CAACC,GAAG,CAACL,GAAAA,CAAAA;AACjC,QAAA,IAAI,CAACG,MAAAA,IAAUA,MAAAA,CAAOG,OAAO,GAAGJ,IAAAA,CAAKD,GAAG,EAAA,EAAI;AACxC,YAAA,OAAO,IAAI,CAACQ,MAAM,CAACE,WAAW;AAClC,QAAA;QACA,OAAOC,IAAAA,CAAKC,GAAG,CAAC,CAAA,EAAG,IAAI,CAACJ,MAAM,CAACE,WAAW,GAAGR,MAAAA,CAAOK,KAAK,CAAA;AAC7D,IAAA;IAEA,MAAMV,KAAAA,CAAME,GAAW,EAAiB;AACpC,QAAA,IAAI,CAACI,QAAQ,CAACU,MAAM,CAACd,GAAAA,CAAAA;AACzB,IAAA;AAEA;;AAEC,QACD,OAAQe,GAAgB;QACpB,MAAMd,GAAAA,GAAMC,KAAKD,GAAG,EAAA;QACpB,KAAK,MAAM,CAACD,GAAAA,EAAKG,MAAAA,CAAO,IAAI,IAAI,CAACC,QAAQ,CAACY,OAAO,EAAA,CAAI;YACjD,IAAIb,MAAAA,CAAOG,OAAO,GAAGL,GAAAA,EAAK;AACtB,gBAAA,IAAI,CAACG,QAAQ,CAACU,MAAM,CAACd,GAAAA,CAAAA;AACzB,YAAA;AACJ,QAAA;AACJ,IAAA;AAEA;;AAEC,QACDiB,OAAAA,GAAgB;QACZ,IAAI,IAAI,CAACC,eAAe,EAAE;YACtBC,aAAAA,CAAc,IAAI,CAACD,eAAe,CAAA;YAClC,IAAI,CAACA,eAAe,GAAG,IAAA;AAC3B,QAAA;QACA,IAAI,CAACd,QAAQ,CAACgB,KAAK,EAAA;AACvB,IAAA;AA9DA,IAAA,WAAA,CAAYX,MAAyB,CAAE;AAJvC,QAAA,gBAAA,CAAA,IAAA,EAAQL,YAAyC,IAAIiB,GAAAA,EAAAA,CAAAA;AACrD,QAAA,gBAAA,CAAA,IAAA,EAAQZ,UAAR,MAAA,CAAA;AACA,QAAA,gBAAA,CAAA,IAAA,EAAQS,iBAAAA,EAAyD,IAAA,CAAA;QAG7D,IAAI,CAACT,MAAM,GAAGA,MAAAA;;QAGd,IAAI,CAACS,eAAe,GAAGI,WAAAA,CAAY,IAAA;AAC/B,YAAA,IAAI,CAACP,OAAO,EAAA;AAChB,QAAA,CAAA,EAAGN,OAAOC,QAAQ,CAAA;AACtB,IAAA;AAwDJ;AAEA;;;;;IAMO,SAASa,iBAAAA,CAAkBd,MAAyB,EAAA;AACvD,IAAA,OAAO,IAAIV,iBAAAA,CAAkBU,MAAAA,CAAAA;AACjC;AAEA;;;;AAIC,IACM,SAASe,qBAAAA,GAAAA;AACZ,IAAA,OAAO,IAAIhC,eAAAA,EAAAA;AACf;AAEA;AACA,IAAIiC,iBAAAA,GAAwC,IAAA;AAE5C;;;AAGC,IACM,SAASC,cAAAA,GAAAA;AACZ,IAAA,IAAI,CAACD,iBAAAA,EAAmB;AACpBA,QAAAA,iBAAAA,GAAoB,IAAIjC,eAAAA,EAAAA;AAC5B,IAAA;IACA,OAAOiC,iBAAAA;AACX;AAEA;;;;IAKO,SAASE,oBAAAA,CAAqBlB,MAAyB,EAAA;;AAE1D,IAAA,IAAIgB,6BAA6B1B,iBAAAA,EAAmB;AAChD0B,QAAAA,iBAAAA,CAAkBR,OAAO,EAAA;AAC7B,IAAA;AACAQ,IAAAA,iBAAAA,GAAoB,IAAI1B,iBAAAA,CAAkBU,MAAAA,CAAAA;AAC9C;AAEA;;AAEC,IACM,SAASmB,gBAAAA,GAAAA;AACZ,IAAA,IAAIH,6BAA6B1B,iBAAAA,EAAmB;AAChD0B,QAAAA,iBAAAA,CAAkBR,OAAO,EAAA;AAC7B,IAAA;IACAQ,iBAAAA,GAAoB,IAAA;AACxB;;;;"}

package/dist/security/serialization-schemas.d.ts

@@ -0,0 +1,183 @@
+import { z } from 'zod';
+/**
+ * Schema version for forward compatibility
+ */
+export declare const SCHEMA_VERSION = "1.0.0";
+/**
+ * Maximum sizes for serialized data
+ */
+export declare const SERIALIZATION_LIMITS: {
+    maxContentLength: number;
+    maxArgumentsLength: number;
+    maxMessages: number;
+    maxContextItems: number;
+    maxStringLength: number;
+    maxToolCalls: number;
+};
+/**
+ * Tool call schema
+ */
+export declare const ToolCallSchema: z.ZodObject<{
+    id: z.ZodString;
+    type: z.ZodLiteral<"function">;
+    function: z.ZodObject<{
+        name: z.ZodString;
+        arguments: z.ZodString;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+export type ToolCall = z.infer<typeof ToolCallSchema>;
+/**
+ * Conversation message schema
+ */
+export declare const ConversationMessageSchema: z.ZodObject<{
+    role: z.ZodEnum<{
+        system: "system";
+        user: "user";
+        assistant: "assistant";
+        tool: "tool";
+    }>;
+    content: z.ZodNullable<z.ZodString>;
+    name: z.ZodOptional<z.ZodString>;
+    tool_calls: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        type: z.ZodLiteral<"function">;
+        function: z.ZodObject<{
+            name: z.ZodString;
+            arguments: z.ZodString;
+        }, z.core.$strip>;
+    }, z.core.$strip>>>;
+    tool_call_id: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+export type ConversationMessage = z.infer<typeof ConversationMessageSchema>;
+/**
+ * Conversation metadata schema
+ */
+export declare const ConversationMetadataSchema: z.ZodObject<{
+    model: z.ZodString;
+    created: z.ZodString;
+    lastModified: z.ZodString;
+    messageCount: z.ZodNumber;
+    toolCallCount: z.ZodNumber;
+}, z.core.$strip>;
+export type ConversationMetadata = z.infer<typeof ConversationMetadataSchema>;
+/**
+ * Serialized conversation schema
+ */
+export declare const SerializedConversationSchema: z.ZodObject<{
+    version: z.ZodOptional<z.ZodString>;
+    messages: z.ZodArray<z.ZodObject<{
+        role: z.ZodEnum<{
+            system: "system";
+            user: "user";
+            assistant: "assistant";
+            tool: "tool";
+        }>;
+        content: z.ZodNullable<z.ZodString>;
+        name: z.ZodOptional<z.ZodString>;
+        tool_calls: z.ZodOptional<z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            type: z.ZodLiteral<"function">;
+            function: z.ZodObject<{
+                name: z.ZodString;
+                arguments: z.ZodString;
+            }, z.core.$strip>;
+        }, z.core.$strip>>>;
+        tool_call_id: z.ZodOptional<z.ZodString>;
+    }, z.core.$strip>>;
+    metadata: z.ZodObject<{
+        model: z.ZodString;
+        created: z.ZodString;
+        lastModified: z.ZodString;
+        messageCount: z.ZodNumber;
+        toolCallCount: z.ZodNumber;
+    }, z.core.$strip>;
+    contextProvided: z.ZodOptional<z.ZodArray<z.ZodString>>;
+}, z.core.$strip>;
+export type SerializedConversation = z.infer<typeof SerializedConversationSchema>;
+/**
+ * Prompt serialization schema (flexible for various prompt structures)
+ */
+export declare const SerializedPromptSchema: z.ZodObject<{
+    version: z.ZodOptional<z.ZodString>;
+    persona: z.ZodOptional<z.ZodAny>;
+    instructions: z.ZodOptional<z.ZodAny>;
+    contexts: z.ZodOptional<z.ZodAny>;
+    content: z.ZodOptional<z.ZodAny>;
+}, z.core.$strip>;
+export type SerializedPrompt = z.infer<typeof SerializedPromptSchema>;
+/**
+ * Logged conversation schema (for conversation-logger)
+ */
+export declare const LoggedConversationSchema: z.ZodObject<{
+    id: z.ZodString;
+    metadata: z.ZodObject<{
+        startTime: z.ZodUnion<readonly [z.ZodString, z.ZodDate]>;
+        endTime: z.ZodOptional<z.ZodUnion<readonly [z.ZodString, z.ZodDate]>>;
+        duration: z.ZodOptional<z.ZodNumber>;
+        model: z.ZodString;
+        template: z.ZodOptional<z.ZodString>;
+        userContext: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
+    }, z.core.$strip>;
+    prompt: z.ZodOptional<z.ZodObject<{
+        persona: z.ZodOptional<z.ZodString>;
+        instructions: z.ZodOptional<z.ZodString>;
+        content: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        context: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$strip>>;
+    messages: z.ZodArray<z.ZodObject<{
+        index: z.ZodNumber;
+        timestamp: z.ZodString;
+        role: z.ZodString;
+        content: z.ZodNullable<z.ZodString>;
+        tool_calls: z.ZodOptional<z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            type: z.ZodLiteral<"function">;
+            function: z.ZodObject<{
+                name: z.ZodString;
+                arguments: z.ZodString;
+            }, z.core.$strip>;
+        }, z.core.$strip>>>;
+        tool_call_id: z.ZodOptional<z.ZodString>;
+        metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
+    }, z.core.$strip>>;
+    summary: z.ZodObject<{
+        totalMessages: z.ZodNumber;
+        totalTokens: z.ZodOptional<z.ZodNumber>;
+        toolCallsExecuted: z.ZodNumber;
+        iterations: z.ZodNumber;
+        finalOutput: z.ZodOptional<z.ZodString>;
+        success: z.ZodBoolean;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+export type LoggedConversation = z.infer<typeof LoggedConversationSchema>;
+/**
+ * Validate serialized conversation data
+ *
+ * @param data - The data to validate
+ * @returns Validation result
+ */
+export declare function validateConversation(data: unknown): {
+    success: boolean;
+    data?: SerializedConversation;
+    error?: string;
+};
+/**
+ * Validate logged conversation data
+ *
+ * @param data - The data to validate
+ * @returns Validation result
+ */
+export declare function validateLoggedConversation(data: unknown): {
+    success: boolean;
+    data?: LoggedConversation;
+    error?: string;
+};
+/**
+ * Safe JSON parse with schema validation
+ *
+ * @param json - JSON string to parse
+ * @param schema - Zod schema to validate against
+ * @returns Parsed and validated data
+ * @throws Error if parsing or validation fails
+ */
+export declare function safeJsonParse<T>(json: string, schema: z.ZodSchema<T>): T;

package/dist/security/serialization-schemas.js

@@ -0,0 +1,174 @@
+import { z } from 'zod';
+
+/**
+ * Schema version for forward compatibility
+ */ const SCHEMA_VERSION = '1.0.0';
+/**
+ * Maximum sizes for serialized data
+ */ const SERIALIZATION_LIMITS = {
+    maxContentLength: 1000000,
+    maxArgumentsLength: 100000,
+    maxMessages: 10000,
+    maxContextItems: 1000,
+    maxStringLength: 100,
+    maxToolCalls: 100
+};
+/**
+ * Tool call schema
+ */ const ToolCallSchema = z.object({
+    id: z.string().max(SERIALIZATION_LIMITS.maxStringLength),
+    type: z.literal('function'),
+    function: z.object({
+        name: z.string().max(SERIALIZATION_LIMITS.maxStringLength),
+        arguments: z.string().max(SERIALIZATION_LIMITS.maxArgumentsLength)
+    })
+});
+/**
+ * Conversation message schema
+ */ const ConversationMessageSchema = z.object({
+    role: z.enum([
+        'system',
+        'user',
+        'assistant',
+        'tool'
+    ]),
+    content: z.string().nullable().refine((val)=>val === null || val.length <= SERIALIZATION_LIMITS.maxContentLength, {
+        message: `Content exceeds maximum length of ${SERIALIZATION_LIMITS.maxContentLength}`
+    }),
+    name: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional(),
+    tool_calls: z.array(ToolCallSchema).max(SERIALIZATION_LIMITS.maxToolCalls).optional(),
+    tool_call_id: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional()
+});
+/**
+ * Conversation metadata schema
+ */ const ConversationMetadataSchema = z.object({
+    model: z.string().max(SERIALIZATION_LIMITS.maxStringLength),
+    created: z.string().datetime(),
+    lastModified: z.string().datetime(),
+    messageCount: z.number().int().nonnegative(),
+    toolCallCount: z.number().int().nonnegative()
+});
+/**
+ * Serialized conversation schema
+ */ const SerializedConversationSchema = z.object({
+    // Optional version for forward compatibility
+    version: z.string().optional(),
+    messages: z.array(ConversationMessageSchema).max(SERIALIZATION_LIMITS.maxMessages),
+    metadata: ConversationMetadataSchema,
+    contextProvided: z.array(z.string().max(1000)).max(SERIALIZATION_LIMITS.maxContextItems).optional()
+});
+/**
+ * Prompt serialization schema (flexible for various prompt structures)
+ */ const SerializedPromptSchema = z.object({
+    version: z.string().optional(),
+    persona: z.any().optional(),
+    instructions: z.any().optional(),
+    contexts: z.any().optional(),
+    content: z.any().optional()
+});
+/**
+ * Logged conversation schema (for conversation-logger)
+ */ const LoggedConversationSchema = z.object({
+    id: z.string().max(200),
+    metadata: z.object({
+        startTime: z.union([
+            z.string().datetime(),
+            z.date()
+        ]),
+        endTime: z.union([
+            z.string().datetime(),
+            z.date()
+        ]).optional(),
+        duration: z.number().nonnegative().optional(),
+        model: z.string().max(SERIALIZATION_LIMITS.maxStringLength),
+        template: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional(),
+        userContext: z.record(z.string(), z.any()).optional()
+    }),
+    prompt: z.object({
+        persona: z.string().optional(),
+        instructions: z.string().optional(),
+        content: z.array(z.string()).optional(),
+        context: z.array(z.string()).optional()
+    }).optional(),
+    messages: z.array(z.object({
+        index: z.number().int().nonnegative(),
+        timestamp: z.string(),
+        role: z.string(),
+        content: z.string().nullable(),
+        tool_calls: z.array(ToolCallSchema).optional(),
+        tool_call_id: z.string().optional(),
+        metadata: z.record(z.string(), z.any()).optional()
+    })).max(SERIALIZATION_LIMITS.maxMessages),
+    summary: z.object({
+        totalMessages: z.number().int().nonnegative(),
+        totalTokens: z.number().int().nonnegative().optional(),
+        toolCallsExecuted: z.number().int().nonnegative(),
+        iterations: z.number().int().nonnegative(),
+        finalOutput: z.string().optional(),
+        success: z.boolean()
+    })
+});
+/**
+ * Validate serialized conversation data
+ *
+ * @param data - The data to validate
+ * @returns Validation result
+ */ function validateConversation(data) {
+    const result = SerializedConversationSchema.safeParse(data);
+    if (result.success) {
+        return {
+            success: true,
+            data: result.data
+        };
+    }
+    // Create safe error message (don't leak full schema details)
+    const issues = result.error.issues.slice(0, 3) // Limit to first 3 issues
+    .map((i)=>`${i.path.join('.')}: ${i.message}`).join('; ');
+    return {
+        success: false,
+        error: issues
+    };
+}
+/**
+ * Validate logged conversation data
+ *
+ * @param data - The data to validate
+ * @returns Validation result
+ */ function validateLoggedConversation(data) {
+    const result = LoggedConversationSchema.safeParse(data);
+    if (result.success) {
+        return {
+            success: true,
+            data: result.data
+        };
+    }
+    const issues = result.error.issues.slice(0, 3).map((i)=>`${i.path.join('.')}: ${i.message}`).join('; ');
+    return {
+        success: false,
+        error: issues
+    };
+}
+/**
+ * Safe JSON parse with schema validation
+ *
+ * @param json - JSON string to parse
+ * @param schema - Zod schema to validate against
+ * @returns Parsed and validated data
+ * @throws Error if parsing or validation fails
+ */ function safeJsonParse(json, schema) {
+    let parsed;
+    try {
+        parsed = JSON.parse(json);
+    } catch  {
+        throw new Error('Invalid JSON format');
+    }
+    const result = schema.safeParse(parsed);
+    if (!result.success) {
+        const issues = result.error.issues.slice(0, 3).map((i)=>`${i.path.join('.')}: ${i.message}`).join('; ');
+        throw new Error(`Validation failed: ${issues}`);
+    }
+    return result.data;
+}
+
+export { ConversationMessageSchema, ConversationMetadataSchema, LoggedConversationSchema, SCHEMA_VERSION, SERIALIZATION_LIMITS, SerializedConversationSchema, SerializedPromptSchema, ToolCallSchema, safeJsonParse, validateConversation, validateLoggedConversation };
+//# sourceMappingURL=serialization-schemas.js.map

package/dist/security/serialization-schemas.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"serialization-schemas.js","sources":["../../src/security/serialization-schemas.ts"],"sourcesContent":["/**\n * RiotPrompt - Serialization Schemas\n *\n * Zod schemas for validating deserialized data to prevent\n * object injection attacks and ensure data integrity.\n */\n\nimport { z } from 'zod';\n\n/**\n * Schema version for forward compatibility\n */\nexport const SCHEMA_VERSION = '1.0.0';\n\n/**\n * Maximum sizes for serialized data\n */\nexport const SERIALIZATION_LIMITS = {\n    maxContentLength: 1_000_000,    // 1MB per message\n    maxArgumentsLength: 100_000,    // 100KB for tool arguments\n    maxMessages: 10_000,            // 10k messages per conversation\n    maxContextItems: 1_000,         // 1k context items\n    maxStringLength: 100,           // 100 chars for names/ids\n    maxToolCalls: 100,              // 100 tool calls per message\n};\n\n/**\n * Tool call schema\n */\nexport const ToolCallSchema = z.object({\n    id: z.string().max(SERIALIZATION_LIMITS.maxStringLength),\n    type: z.literal('function'),\n    function: z.object({\n        name: z.string().max(SERIALIZATION_LIMITS.maxStringLength),\n        arguments: z.string().max(SERIALIZATION_LIMITS.maxArgumentsLength),\n    }),\n});\n\nexport type ToolCall = z.infer<typeof ToolCallSchema>;\n\n/**\n * Conversation message schema\n */\nexport const ConversationMessageSchema = z.object({\n    role: z.enum(['system', 'user', 'assistant', 'tool']),\n    content: z.string().nullable().refine(\n        val => val === null || val.length <= SERIALIZATION_LIMITS.maxContentLength,\n        { message: `Content exceeds maximum length of ${SERIALIZATION_LIMITS.maxContentLength}` }\n    ),\n    name: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional(),\n    tool_calls: z.array(ToolCallSchema).max(SERIALIZATION_LIMITS.maxToolCalls).optional(),\n    tool_call_id: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional(),\n});\n\nexport type ConversationMessage = z.infer<typeof ConversationMessageSchema>;\n\n/**\n * Conversation metadata schema\n */\nexport const ConversationMetadataSchema = z.object({\n    model: z.string().max(SERIALIZATION_LIMITS.maxStringLength),\n    created: z.string().datetime(),\n    lastModified: z.string().datetime(),\n    messageCount: z.number().int().nonnegative(),\n    toolCallCount: z.number().int().nonnegative(),\n});\n\nexport type ConversationMetadata = z.infer<typeof ConversationMetadataSchema>;\n\n/**\n * Serialized conversation schema\n */\nexport const SerializedConversationSchema = z.object({\n    // Optional version for forward compatibility\n    version: z.string().optional(),\n    messages: z.array(ConversationMessageSchema).max(SERIALIZATION_LIMITS.maxMessages),\n    metadata: ConversationMetadataSchema,\n    contextProvided: z.array(z.string().max(1000)).max(SERIALIZATION_LIMITS.maxContextItems).optional(),\n});\n\nexport type SerializedConversation = z.infer<typeof SerializedConversationSchema>;\n\n/**\n * Prompt serialization schema (flexible for various prompt structures)\n */\nexport const SerializedPromptSchema = z.object({\n    version: z.string().optional(),\n    persona: z.any().optional(),\n    instructions: z.any().optional(),\n    contexts: z.any().optional(),\n    content: z.any().optional(),\n});\n\nexport type SerializedPrompt = z.infer<typeof SerializedPromptSchema>;\n\n/**\n * Logged conversation schema (for conversation-logger)\n */\nexport const LoggedConversationSchema = z.object({\n    id: z.string().max(200),\n    metadata: z.object({\n        startTime: z.union([z.string().datetime(), z.date()]),\n        endTime: z.union([z.string().datetime(), z.date()]).optional(),\n        duration: z.number().nonnegative().optional(),\n        model: z.string().max(SERIALIZATION_LIMITS.maxStringLength),\n        template: z.string().max(SERIALIZATION_LIMITS.maxStringLength).optional(),\n        userContext: z.record(z.string(), z.any()).optional(),\n    }),\n    prompt: z.object({\n        persona: z.string().optional(),\n        instructions: z.string().optional(),\n        content: z.array(z.string()).optional(),\n        context: z.array(z.string()).optional(),\n    }).optional(),\n    messages: z.array(z.object({\n        index: z.number().int().nonnegative(),\n        timestamp: z.string(),\n        role: z.string(),\n        content: z.string().nullable(),\n        tool_calls: z.array(ToolCallSchema).optional(),\n        tool_call_id: z.string().optional(),\n        metadata: z.record(z.string(), z.any()).optional(),\n    })).max(SERIALIZATION_LIMITS.maxMessages),\n    summary: z.object({\n        totalMessages: z.number().int().nonnegative(),\n        totalTokens: z.number().int().nonnegative().optional(),\n        toolCallsExecuted: z.number().int().nonnegative(),\n        iterations: z.number().int().nonnegative(),\n        finalOutput: z.string().optional(),\n        success: z.boolean(),\n    }),\n});\n\nexport type LoggedConversation = z.infer<typeof LoggedConversationSchema>;\n\n/**\n * Validate serialized conversation data\n *\n * @param data - The data to validate\n * @returns Validation result\n */\nexport function validateConversation(data: unknown): {\n    success: boolean;\n    data?: SerializedConversation;\n    error?: string;\n} {\n    const result = SerializedConversationSchema.safeParse(data);\n\n    if (result.success) {\n        return { success: true, data: result.data };\n    }\n\n    // Create safe error message (don't leak full schema details)\n    const issues = result.error.issues\n        .slice(0, 3) // Limit to first 3 issues\n        .map(i => `${i.path.join('.')}: ${i.message}`)\n        .join('; ');\n\n    return { success: false, error: issues };\n}\n\n/**\n * Validate logged conversation data\n *\n * @param data - The data to validate\n * @returns Validation result\n */\nexport function validateLoggedConversation(data: unknown): {\n    success: boolean;\n    data?: LoggedConversation;\n    error?: string;\n} {\n    const result = LoggedConversationSchema.safeParse(data);\n\n    if (result.success) {\n        return { success: true, data: result.data };\n    }\n\n    const issues = result.error.issues\n        .slice(0, 3)\n        .map(i => `${i.path.join('.')}: ${i.message}`)\n        .join('; ');\n\n    return { success: false, error: issues };\n}\n\n/**\n * Safe JSON parse with schema validation\n *\n * @param json - JSON string to parse\n * @param schema - Zod schema to validate against\n * @returns Parsed and validated data\n * @throws Error if parsing or validation fails\n */\nexport function safeJsonParse<T>(\n    json: string,\n    schema: z.ZodSchema<T>\n): T {\n    let parsed: unknown;\n\n    try {\n        parsed = JSON.parse(json);\n    } catch {\n        throw new Error('Invalid JSON format');\n    }\n\n    const result = schema.safeParse(parsed);\n\n    if (!result.success) {\n        const issues = result.error.issues\n            .slice(0, 3)\n            .map(i => `${i.path.join('.')}: ${i.message}`)\n            .join('; ');\n        throw new Error(`Validation failed: ${issues}`);\n    }\n\n    return result.data;\n}\n\n"],"names":["SCHEMA_VERSION","SERIALIZATION_LIMITS","maxContentLength","maxArgumentsLength","maxMessages","maxContextItems","maxStringLength","maxToolCalls","ToolCallSchema","z","object","id","string","max","type","literal","function","name","arguments","ConversationMessageSchema","role","enum","content","nullable","refine","val","length","message","optional","tool_calls","array","tool_call_id","ConversationMetadataSchema","model","created","datetime","lastModified","messageCount","number","int","nonnegative","toolCallCount","SerializedConversationSchema","version","messages","metadata","contextProvided","SerializedPromptSchema","persona","any","instructions","contexts","LoggedConversationSchema","startTime","union","date","endTime","duration","template","userContext","record","prompt","context","index","timestamp","summary","totalMessages","totalTokens","toolCallsExecuted","iterations","finalOutput","success","boolean","validateConversation","data","result","safeParse","issues","error","slice","map","i","path","join","validateLoggedConversation","safeJsonParse","json","schema","parsed","JSON","parse","Error"],"mappings":";;AASA;;IAGO,MAAMA,cAAAA,GAAiB;AAE9B;;UAGaC,oBAAAA,GAAuB;IAChCC,gBAAAA,EAAkB,OAAA;IAClBC,kBAAAA,EAAoB,MAAA;IACpBC,WAAAA,EAAa,KAAA;IACbC,eAAAA,EAAiB,IAAA;IACjBC,eAAAA,EAAiB,GAAA;IACjBC,YAAAA,EAAc;AAClB;AAEA;;AAEC,IACM,MAAMC,cAAAA,GAAiBC,CAAAA,CAAEC,MAAM,CAAC;AACnCC,IAAAA,EAAAA,EAAIF,EAAEG,MAAM,EAAA,CAAGC,GAAG,CAACZ,qBAAqBK,eAAe,CAAA;IACvDQ,IAAAA,EAAML,CAAAA,CAAEM,OAAO,CAAC,UAAA,CAAA;IAChBC,QAAAA,EAAUP,CAAAA,CAAEC,MAAM,CAAC;AACfO,QAAAA,IAAAA,EAAMR,EAAEG,MAAM,EAAA,CAAGC,GAAG,CAACZ,qBAAqBK,eAAe,CAAA;AACzDY,QAAAA,SAAAA,EAAWT,EAAEG,MAAM,EAAA,CAAGC,GAAG,CAACZ,qBAAqBE,kBAAkB;AACrE,KAAA;AACJ,CAAA;AAIA;;AAEC,IACM,MAAMgB,yBAAAA,GAA4BV,CAAAA,CAAEC,MAAM,CAAC;IAC9CU,IAAAA,EAAMX,CAAAA,CAAEY,IAAI,CAAC;AAAC,QAAA,QAAA;AAAU,QAAA,MAAA;AAAQ,QAAA,WAAA;AAAa,QAAA;AAAO,KAAA,CAAA;AACpDC,IAAAA,OAAAA,EAASb,EAAEG,MAAM,EAAA,CAAGW,QAAQ,EAAA,CAAGC,MAAM,CACjCC,CAAAA,GAAAA,GAAOA,GAAAA,KAAQ,QAAQA,GAAAA,CAAIC,MAAM,IAAIzB,oBAAAA,CAAqBC,gBAAgB,EAC1E;AAAEyB,QAAAA,OAAAA,EAAS,CAAC,kCAAkC,EAAE1B,oBAAAA,CAAqBC,gBAAgB,CAAA;AAAG,KAAA,CAAA;IAE5Fe,IAAAA,EAAMR,CAAAA,CAAEG,MAAM,EAAA,CAAGC,GAAG,CAACZ,oBAAAA,CAAqBK,eAAe,EAAEsB,QAAQ,EAAA;IACnEC,UAAAA,EAAYpB,CAAAA,CAAEqB,KAAK,CAACtB,cAAAA,CAAAA,CAAgBK,GAAG,CAACZ,oBAAAA,CAAqBM,YAAY,CAAA,CAAEqB,QAAQ,EAAA;IACnFG,YAAAA,EAActB,CAAAA,CAAEG,MAAM,EAAA,CAAGC,GAAG,CAACZ,oBAAAA,CAAqBK,eAAe,EAAEsB,QAAQ;AAC/E,CAAA;AAIA;;AAEC,IACM,MAAMI,0BAAAA,GAA6BvB,CAAAA,CAAEC,MAAM,CAAC;AAC/CuB,IAAAA,KAAAA,EAAOxB,EAAEG,MAAM,EAAA,CAAGC,GAAG,CAACZ,qBAAqBK,eAAe,CAAA;IAC1D4B,OAAAA,EAASzB,CAAAA,CAAEG,MAAM,EAAA,CAAGuB,QAAQ,EAAA;IAC5BC,YAAAA,EAAc3B,CAAAA,CAAEG,MAAM,EAAA,CAAGuB,QAAQ,EAAA;AACjCE,IAAAA,YAAAA,EAAc5B,CAAAA,CAAE6B,MAAM,EAAA,CAAGC,GAAG,GAAGC,WAAW,EAAA;AAC1CC,IAAAA,aAAAA,EAAehC,CAAAA,CAAE6B,MAAM,EAAA,CAAGC,GAAG,GAAGC,WAAW;AAC/C,CAAA;AAIA;;AAEC,IACM,MAAME,4BAAAA,GAA+BjC,CAAAA,CAAEC,MAAM,CAAC;;IAEjDiC,OAAAA,EAASlC,CAAAA,CAAEG,MAAM,EAAA,CAAGgB,QAAQ,EAAA;AAC5BgB,IAAAA,QAAAA,EAAUnC,EAAEqB,KAAK,CAACX,2BAA2BN,GAAG,CAACZ,qBAAqBG,WAAW,CAAA;IACjFyC,QAAAA,EAAUb,0BAAAA;AACVc,IAAAA,eAAAA,EAAiBrC,CAAAA,CAAEqB,KAAK,CAACrB,CAAAA,CAAEG,MAAM,EAAA,CAAGC,GAAG,CAAC,IAAA,CAAA,CAAA,CAAOA,GAAG,CAACZ,oBAAAA,CAAqBI,eAAe,EAAEuB,QAAQ;AACrG,CAAA;AAIA;;AAEC,IACM,MAAMmB,sBAAAA,GAAyBtC,CAAAA,CAAEC,MAAM,CAAC;IAC3CiC,OAAAA,EAASlC,CAAAA,CAAEG,MAAM,EAAA,CAAGgB,QAAQ,EAAA;IAC5BoB,OAAAA,EAASvC,CAAAA,CAAEwC,GAAG,EAAA,CAAGrB,QAAQ,EAAA;IACzBsB,YAAAA,EAAczC,CAAAA,CAAEwC,GAAG,EAAA,CAAGrB,QAAQ,EAAA;IAC9BuB,QAAAA,EAAU1C,CAAAA,CAAEwC,GAAG,EAAA,CAAGrB,QAAQ,EAAA;IAC1BN,OAAAA,EAASb,CAAAA,CAAEwC,GAAG,EAAA,CAAGrB,QAAQ;AAC7B,CAAA;AAIA;;AAEC,IACM,MAAMwB,wBAAAA,GAA2B3C,CAAAA,CAAEC,MAAM,CAAC;AAC7CC,IAAAA,EAAAA,EAAIF,CAAAA,CAAEG,MAAM,EAAA,CAAGC,GAAG,CAAC,GAAA,CAAA;IACnBgC,QAAAA,EAAUpC,CAAAA,CAAEC,MAAM,CAAC;QACf2C,SAAAA,EAAW5C,CAAAA,CAAE6C,KAAK,CAAC;YAAC7C,CAAAA,CAAEG,MAAM,GAAGuB,QAAQ,EAAA;AAAI1B,YAAAA,CAAAA,CAAE8C,IAAI;AAAG,SAAA,CAAA;QACpDC,OAAAA,EAAS/C,CAAAA,CAAE6C,KAAK,CAAC;YAAC7C,CAAAA,CAAEG,MAAM,GAAGuB,QAAQ,EAAA;AAAI1B,YAAAA,CAAAA,CAAE8C,IAAI;AAAG,SAAA,CAAA,CAAE3B,QAAQ,EAAA;AAC5D6B,QAAAA,QAAAA,EAAUhD,CAAAA,CAAE6B,MAAM,EAAA,CAAGE,WAAW,GAAGZ,QAAQ,EAAA;AAC3CK,QAAAA,KAAAA,EAAOxB,EAAEG,MAAM,EAAA,CAAGC,GAAG,CAACZ,qBAAqBK,eAAe,CAAA;QAC1DoD,QAAAA,EAAUjD,CAAAA,CAAEG,MAAM,EAAA,CAAGC,GAAG,CAACZ,oBAAAA,CAAqBK,eAAe,EAAEsB,QAAQ,EAAA;QACvE+B,WAAAA,EAAalD,CAAAA,CAAEmD,MAAM,CAACnD,CAAAA,CAAEG,MAAM,EAAA,EAAIH,CAAAA,CAAEwC,GAAG,EAAA,CAAA,CAAIrB,QAAQ;AACvD,KAAA,CAAA;IACAiC,MAAAA,EAAQpD,CAAAA,CAAEC,MAAM,CAAC;QACbsC,OAAAA,EAASvC,CAAAA,CAAEG,MAAM,EAAA,CAAGgB,QAAQ,EAAA;QAC5BsB,YAAAA,EAAczC,CAAAA,CAAEG,MAAM,EAAA,CAAGgB,QAAQ,EAAA;AACjCN,QAAAA,OAAAA,EAASb,EAAEqB,KAAK,CAACrB,CAAAA,CAAEG,MAAM,IAAIgB,QAAQ,EAAA;AACrCkC,QAAAA,OAAAA,EAASrD,EAAEqB,KAAK,CAACrB,CAAAA,CAAEG,MAAM,IAAIgB,QAAQ;AACzC,KAAA,CAAA,CAAGA,QAAQ,EAAA;AACXgB,IAAAA,QAAAA,EAAUnC,CAAAA,CAAEqB,KAAK,CAACrB,CAAAA,CAAEC,MAAM,CAAC;AACvBqD,QAAAA,KAAAA,EAAOtD,CAAAA,CAAE6B,MAAM,EAAA,CAAGC,GAAG,GAAGC,WAAW,EAAA;AACnCwB,QAAAA,SAAAA,EAAWvD,EAAEG,MAAM,EAAA;AACnBQ,QAAAA,IAAAA,EAAMX,EAAEG,MAAM,EAAA;QACdU,OAAAA,EAASb,CAAAA,CAAEG,MAAM,EAAA,CAAGW,QAAQ,EAAA;AAC5BM,QAAAA,UAAAA,EAAYpB,CAAAA,CAAEqB,KAAK,CAACtB,cAAAA,CAAAA,CAAgBoB,QAAQ,EAAA;QAC5CG,YAAAA,EAActB,CAAAA,CAAEG,MAAM,EAAA,CAAGgB,QAAQ,EAAA;QACjCiB,QAAAA,EAAUpC,CAAAA,CAAEmD,MAAM,CAACnD,CAAAA,CAAEG,MAAM,EAAA,EAAIH,CAAAA,CAAEwC,GAAG,EAAA,CAAA,CAAIrB,QAAQ;KACpD,CAAA,CAAA,CAAIf,GAAG,CAACZ,oBAAAA,CAAqBG,WAAW,CAAA;IACxC6D,OAAAA,EAASxD,CAAAA,CAAEC,MAAM,CAAC;AACdwD,QAAAA,aAAAA,EAAezD,CAAAA,CAAE6B,MAAM,EAAA,CAAGC,GAAG,GAAGC,WAAW,EAAA;AAC3C2B,QAAAA,WAAAA,EAAa1D,EAAE6B,MAAM,EAAA,CAAGC,GAAG,EAAA,CAAGC,WAAW,GAAGZ,QAAQ,EAAA;AACpDwC,QAAAA,iBAAAA,EAAmB3D,CAAAA,CAAE6B,MAAM,EAAA,CAAGC,GAAG,GAAGC,WAAW,EAAA;AAC/C6B,QAAAA,UAAAA,EAAY5D,CAAAA,CAAE6B,MAAM,EAAA,CAAGC,GAAG,GAAGC,WAAW,EAAA;QACxC8B,WAAAA,EAAa7D,CAAAA,CAAEG,MAAM,EAAA,CAAGgB,QAAQ,EAAA;AAChC2C,QAAAA,OAAAA,EAAS9D,EAAE+D,OAAO;AACtB,KAAA;AACJ,CAAA;AAIA;;;;;IAMO,SAASC,oBAAAA,CAAqBC,IAAa,EAAA;IAK9C,MAAMC,MAAAA,GAASjC,4BAAAA,CAA6BkC,SAAS,CAACF,IAAAA,CAAAA;IAEtD,IAAIC,MAAAA,CAAOJ,OAAO,EAAE;QAChB,OAAO;YAAEA,OAAAA,EAAS,IAAA;AAAMG,YAAAA,IAAAA,EAAMC,OAAOD;AAAK,SAAA;AAC9C,IAAA;;IAGA,MAAMG,MAAAA,GAASF,MAAAA,CAAOG,KAAK,CAACD,MAAM,CAC7BE,KAAK,CAAC,CAAA,EAAG,CAAA,CAAA;AACTC,KAAAA,GAAG,CAACC,CAAAA,CAAAA,GAAK,CAAA,EAAGA,CAAAA,CAAEC,IAAI,CAACC,IAAI,CAAC,GAAA,CAAA,CAAK,EAAE,EAAEF,CAAAA,CAAEtD,OAAO,CAAA,CAAE,CAAA,CAC5CwD,IAAI,CAAC,IAAA,CAAA;IAEV,OAAO;QAAEZ,OAAAA,EAAS,KAAA;QAAOO,KAAAA,EAAOD;AAAO,KAAA;AAC3C;AAEA;;;;;IAMO,SAASO,0BAAAA,CAA2BV,IAAa,EAAA;IAKpD,MAAMC,MAAAA,GAASvB,wBAAAA,CAAyBwB,SAAS,CAACF,IAAAA,CAAAA;IAElD,IAAIC,MAAAA,CAAOJ,OAAO,EAAE;QAChB,OAAO;YAAEA,OAAAA,EAAS,IAAA;AAAMG,YAAAA,IAAAA,EAAMC,OAAOD;AAAK,SAAA;AAC9C,IAAA;AAEA,IAAA,MAAMG,MAAAA,GAASF,MAAAA,CAAOG,KAAK,CAACD,MAAM,CAC7BE,KAAK,CAAC,CAAA,EAAG,CAAA,CAAA,CACTC,GAAG,CAACC,CAAAA,CAAAA,GAAK,CAAA,EAAGA,CAAAA,CAAEC,IAAI,CAACC,IAAI,CAAC,GAAA,CAAA,CAAK,EAAE,EAAEF,CAAAA,CAAEtD,OAAO,CAAA,CAAE,CAAA,CAC5CwD,IAAI,CAAC,IAAA,CAAA;IAEV,OAAO;QAAEZ,OAAAA,EAAS,KAAA;QAAOO,KAAAA,EAAOD;AAAO,KAAA;AAC3C;AAEA;;;;;;;AAOC,IACM,SAASQ,aAAAA,CACZC,IAAY,EACZC,MAAsB,EAAA;IAEtB,IAAIC,MAAAA;IAEJ,IAAI;QACAA,MAAAA,GAASC,IAAAA,CAAKC,KAAK,CAACJ,IAAAA,CAAAA;AACxB,IAAA,CAAA,CAAE,OAAM;AACJ,QAAA,MAAM,IAAIK,KAAAA,CAAM,qBAAA,CAAA;AACpB,IAAA;IAEA,MAAMhB,MAAAA,GAASY,MAAAA,CAAOX,SAAS,CAACY,MAAAA,CAAAA;IAEhC,IAAI,CAACb,MAAAA,CAAOJ,OAAO,EAAE;AACjB,QAAA,MAAMM,MAAAA,GAASF,MAAAA,CAAOG,KAAK,CAACD,MAAM,CAC7BE,KAAK,CAAC,CAAA,EAAG,CAAA,CAAA,CACTC,GAAG,CAACC,CAAAA,CAAAA,GAAK,CAAA,EAAGA,CAAAA,CAAEC,IAAI,CAACC,IAAI,CAAC,GAAA,CAAA,CAAK,EAAE,EAAEF,CAAAA,CAAEtD,OAAO,CAAA,CAAE,CAAA,CAC5CwD,IAAI,CAAC,IAAA,CAAA;AACV,QAAA,MAAM,IAAIQ,KAAAA,CAAM,CAAC,mBAAmB,EAAEd,MAAAA,CAAAA,CAAQ,CAAA;AAClD,IAAA;AAEA,IAAA,OAAOF,OAAOD,IAAI;AACtB;;;;"}