@safebrowse/daemon 0.1.2-rc.1 → 0.1.3

package/LICENSE

@@ -1,15 +1,15 @@
-SafeBrowse Non-Commercial License 1.0
-
-Copyright (c) 2026 RobKang1234. All rights reserved.
-
-This package is licensed for non-commercial use only.
-
-You may use, copy, modify, and redistribute this package for
-non-commercial purposes only, provided that you preserve this license
-notice and all copyright notices.
-
-Commercial use is prohibited without prior written permission from the
-copyright holder.
-
-The full license text is distributed in the repository root `LICENSE`
-file for SafeBrowse.
+SafeBrowse Non-Commercial License 1.0
+
+Copyright (c) 2026 RobKang1234. All rights reserved.
+
+This package is licensed for non-commercial use only.
+
+You may use, copy, modify, and redistribute this package for
+non-commercial purposes only, provided that you preserve this license
+notice and all copyright notices.
+
+Commercial use is prohibited without prior written permission from the
+copyright holder.
+
+The full license text is distributed in the repository root `LICENSE`
+file for SafeBrowse.

package/README.md

@@ -1,31 +1,31 @@
-# `@safebrowse/daemon`
-
-Localhost SafeBrowse daemon with built-in runtime assets for policy, registry, and KB loading.
-
-## Install
-
-```bash
-npm install @safebrowse/daemon
-```
-
-## Run
-
-```bash
-npx @safebrowse/daemon --host 127.0.0.1 --port 8787
-```
-
-Environment variables:
-
-- `SAFEBROWSE_HOST`
-- `SAFEBROWSE_PORT`
-- `SAFEBROWSE_ROOT_DIR`
-
-Health endpoint:
-
-```text
-GET /health
-```
-
-See the repository README for full daemon routes and operational guidance:
-
-- https://github.com/RobKang1234/safebrowse-sdk#readme
+# `@safebrowse/daemon`
+
+Localhost SafeBrowse daemon with built-in runtime assets for policy, registry, and KB loading.
+
+## Install
+
+```bash
+npm install @safebrowse/daemon
+```
+
+## Run
+
+```bash
+npx @safebrowse/daemon --host 127.0.0.1 --port 8787
+```
+
+Environment variables:
+
+- `SAFEBROWSE_HOST`
+- `SAFEBROWSE_PORT`
+- `SAFEBROWSE_ROOT_DIR`
+
+Health endpoint:
+
+```text
+GET /health
+```
+
+See the repository README for full daemon routes and operational guidance:
+
+- https://github.com/RobKang1234/safebrowse-sdk#readme

package/dist/cli.js

@@ -1,15 +1,15 @@
 import { resolve } from "node:path";
 import process from "node:process";
 import { startSafeBrowseDaemon } from "./server.js";
-const HELP_TEXT = `SafeBrowse daemon
-
-Usage:
-  safebrowse-daemon [--host 127.0.0.1] [--port 8787] [--root-dir <path>]
-
-Environment:
-  SAFEBROWSE_HOST
-  SAFEBROWSE_PORT
-  SAFEBROWSE_ROOT_DIR
+const HELP_TEXT = `SafeBrowse daemon
+
+Usage:
+  safebrowse-daemon [--host 127.0.0.1] [--port 8787] [--root-dir <path>]
+
+Environment:
+  SAFEBROWSE_HOST
+  SAFEBROWSE_PORT
+  SAFEBROWSE_ROOT_DIR
 `;
 function parsePort(value) {
     const port = Number.parseInt(value, 10);

package/dist/index.d.ts

@@ -1,4 +1,5 @@
 #!/usr/bin/env node
 export { formatDaemonHelp, parseDaemonOptions, runDaemonCli } from "./cli.js";
+export { compileObservationInIsolation, probeParserIsolation } from "./parserIsolation.js";
 export { createSafeBrowseServer, startSafeBrowseDaemon } from "./server.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAOA,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAC9E,OAAO,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAQA,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAC9E,OAAO,EAAE,6BAA6B,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC3F,OAAO,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC"}

package/dist/index.js

@@ -2,8 +2,10 @@
 import { resolve } from "node:path";
 import { fileURLToPath } from "node:url";
 import { formatDaemonHelp, parseDaemonOptions, runDaemonCli } from "./cli.js";
+import { compileObservationInIsolation, probeParserIsolation } from "./parserIsolation.js";
 import { createSafeBrowseServer, startSafeBrowseDaemon } from "./server.js";
 export { formatDaemonHelp, parseDaemonOptions, runDaemonCli } from "./cli.js";
+export { compileObservationInIsolation, probeParserIsolation } from "./parserIsolation.js";
 export { createSafeBrowseServer, startSafeBrowseDaemon } from "./server.js";
 function isDirectExecution() {
     if (!process.argv[1]) {

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAC9E,OAAO,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAE5E,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAC9E,OAAO,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAE5E,SAAS,iBAAiB;IACxB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,IAAI,iBAAiB,EAAE,EAAE,CAAC;IACxB,YAAY,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QAC7B,OAAO,CAAC,KAAK,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACtE,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;QAClC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;AACL,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAC9E,OAAO,EAAE,6BAA6B,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC3F,OAAO,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAE5E,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAC9E,OAAO,EAAE,6BAA6B,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC3F,OAAO,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAE5E,SAAS,iBAAiB;IACxB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,IAAI,iBAAiB,EAAE,EAAE,CAAC;IACxB,YAAY,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QAC7B,OAAO,CAAC,KAAK,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACtE,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC,CAAC;QAClC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/parserIsolation.d.ts

@@ -0,0 +1,12 @@
+import type { CompiledObservation, ParserWorkerProbe, RuntimeContext, StructuredPlannerInput, SurfaceCapture } from "@safebrowse/core";
+export declare function compileObservationInIsolation(input: {
+    capture: SurfaceCapture;
+    workflowHash?: string;
+    allowlistedEgress?: string[];
+    runtime?: Partial<RuntimeContext>;
+}): Promise<{
+    compiledObservation: CompiledObservation;
+    plannerInput: StructuredPlannerInput;
+}>;
+export declare function probeParserIsolation(): Promise<ParserWorkerProbe>;
+//# sourceMappingURL=parserIsolation.d.ts.map

package/dist/parserIsolation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parserIsolation.d.ts","sourceRoot":"","sources":["../src/parserIsolation.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EACV,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,EACd,sBAAsB,EACtB,cAAc,EACf,MAAM,kBAAkB,CAAC;AAwE1B,wBAAgB,6BAA6B,CAAC,KAAK,EAAE;IACnD,OAAO,EAAE,cAAc,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,OAAO,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;CACnC,GAAG,OAAO,CAAC;IACV,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,YAAY,EAAE,sBAAsB,CAAC;CACtC,CAAC,CAQD;AAED,wBAAgB,oBAAoB,IAAI,OAAO,CAAC,iBAAiB,CAAC,CAIjE"}

package/dist/parserIsolation.js

@@ -0,0 +1,57 @@
+import { existsSync } from "node:fs";
+import { fork } from "node:child_process";
+import { fileURLToPath } from "node:url";
+import { resolve, dirname } from "node:path";
+const moduleDir = dirname(fileURLToPath(import.meta.url));
+const compiledWorkerPath = resolve(moduleDir, "parserWorker.js");
+const sourceWorkerPath = resolve(moduleDir, "parserWorker.ts");
+const workerPath = existsSync(compiledWorkerPath) ? compiledWorkerPath : sourceWorkerPath;
+function runWorker(payload) {
+    return new Promise((resolvePromise, rejectPromise) => {
+        const child = fork(workerPath, [], {
+            env: {},
+            stdio: ["ignore", "ignore", "ignore", "ipc"],
+            execArgv: workerPath.endsWith(".ts")
+                ? [...process.execArgv, "--import", "tsx"]
+                : process.execArgv
+        });
+        const finish = (error, value) => {
+            child.removeAllListeners();
+            child.kill();
+            if (error) {
+                rejectPromise(error);
+                return;
+            }
+            resolvePromise(value);
+        };
+        child.once("error", (error) => finish(error));
+        child.once("message", (message) => {
+            if (!message.ok) {
+                finish(new Error(message.error));
+                return;
+            }
+            finish(undefined, (message.probe ?? message.result));
+        });
+        child.once("exit", (code) => {
+            if (code && code !== 0) {
+                finish(new Error(`parser worker exited with code ${code}`));
+            }
+        });
+        child.send(payload);
+    });
+}
+export function compileObservationInIsolation(input) {
+    return runWorker({
+        kind: "parse",
+        capture: input.capture,
+        workflowHash: input.workflowHash,
+        allowlistedEgress: input.allowlistedEgress,
+        runtime: input.runtime
+    });
+}
+export function probeParserIsolation() {
+    return runWorker({
+        kind: "probe"
+    });
+}
+//# sourceMappingURL=parserIsolation.js.map

package/dist/parserIsolation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"parserIsolation.js","sourceRoot":"","sources":["../src/parserIsolation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAU7C,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC1D,MAAM,kBAAkB,GAAG,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;AACjE,MAAM,gBAAgB,GAAG,OAAO,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;AAC/D,MAAM,UAAU,GAAG,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,gBAAgB,CAAC;AA4B1F,SAAS,SAAS,CAAI,OAAsB;IAC1C,OAAO,IAAI,OAAO,CAAI,CAAC,cAAc,EAAE,aAAa,EAAE,EAAE;QACtD,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,EAAE,EAAE,EAAE;YACjC,GAAG,EAAE,EAAE;YACP,KAAK,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC;YAC5C,QAAQ,EAAE,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC;gBAClC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,KAAK,CAAC;gBAC1C,CAAC,CAAC,OAAO,CAAC,QAAQ;SACrB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,CAAC,KAAa,EAAE,KAAS,EAAE,EAAE;YAC1C,KAAK,CAAC,kBAAkB,EAAE,CAAC;YAC3B,KAAK,CAAC,IAAI,EAAE,CAAC;YACb,IAAI,KAAK,EAAE,CAAC;gBACV,aAAa,CAAC,KAAK,CAAC,CAAC;gBACrB,OAAO;YACT,CAAC;YACD,cAAc,CAAC,KAAU,CAAC,CAAC;QAC7B,CAAC,CAAC;QAEF,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAC9C,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,OAAuB,EAAE,EAAE;YAChD,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;gBAChB,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;gBACjC,OAAO;YACT,CAAC;YAED,MAAM,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,MAAM,CAAM,CAAC,CAAC;QAC5D,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAC1B,IAAI,IAAI,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,CAAC,IAAI,KAAK,CAAC,kCAAkC,IAAI,EAAE,CAAC,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACtB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,6BAA6B,CAAC,KAK7C;IAIC,OAAO,SAAS,CAAC;QACf,IAAI,EAAE,OAAO;QACb,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,OAAO,EAAE,KAAK,CAAC,OAAO;KACvB,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,OAAO,SAAS,CAAC;QACf,IAAI,EAAE,OAAO;KACd,CAAC,CAAC;AACL,CAAC"}

package/dist/parserWorker.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=parserWorker.d.ts.map

package/dist/parserWorker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parserWorker.d.ts","sourceRoot":"","sources":["../src/parserWorker.ts"],"names":[],"mappings":""}

package/dist/parserWorker.js

@@ -0,0 +1,89 @@
+import { createRequire } from "node:module";
+import process from "node:process";
+const require = createRequire(import.meta.url);
+function denyNetwork(message = "Parser worker egress denied") {
+    const denial = () => {
+        throw new Error(message);
+    };
+    const http = require("node:http");
+    const https = require("node:https");
+    const net = require("node:net");
+    const tls = require("node:tls");
+    const dns = require("node:dns");
+    http.request = denial;
+    http.get = denial;
+    https.request = denial;
+    https.get = denial;
+    net.connect = denial;
+    net.createConnection = denial;
+    tls.connect = denial;
+    dns.lookup = denial;
+    dns.resolve = denial;
+    dns.resolve4 = denial;
+    dns.resolve6 = denial;
+    Object.assign(globalThis, {
+        fetch: async () => {
+            throw new Error(message);
+        }
+    });
+}
+function lockDownEnvironment() {
+    for (const key of Object.keys(process.env)) {
+        delete process.env[key];
+    }
+    denyNetwork();
+}
+async function probeIsolation() {
+    let egressDenied = false;
+    try {
+        await globalThis.fetch("https://example.com");
+    }
+    catch {
+        egressDenied = true;
+    }
+    return {
+        envKeys: Object.keys(process.env),
+        egressDenied,
+        processIsolated: true
+    };
+}
+lockDownEnvironment();
+async function loadCoreRuntime() {
+    if (import.meta.url.endsWith(".ts")) {
+        const sourceEntryUrl = new URL("../../core/src/index.ts", import.meta.url).href;
+        return import(sourceEntryUrl);
+    }
+    return import("@safebrowse/core");
+}
+process.on("message", async (message) => {
+    try {
+        const { compileObservation } = await loadCoreRuntime();
+        if (message.kind === "probe") {
+            process.send?.({
+                ok: true,
+                probe: await probeIsolation()
+            });
+            return;
+        }
+        const result = compileObservation(message.capture, message.runtime ?? {}, {
+            workflowHash: message.workflowHash,
+            parserIsolation: {
+                processIsolated: true,
+                secretAccess: false,
+                arbitraryEgress: false,
+                allowlistedEgress: message.allowlistedEgress ?? []
+            }
+        });
+        process.send?.({
+            ok: true,
+            result
+        });
+    }
+    catch (error) {
+        process.send?.({
+            ok: false,
+            error: error instanceof Error ? error.message : String(error)
+        });
+    }
+});
+//# sourceMappingURL=parserWorker.js.map

package/dist/parserWorker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"parserWorker.js","sourceRoot":"","sources":["../src/parserWorker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,OAAO,MAAM,cAAc,CAAC;AAInC,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAE/C,SAAS,WAAW,CAAC,OAAO,GAAG,6BAA6B;IAC1D,MAAM,MAAM,GAAG,GAAG,EAAE;QAClB,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;IAC3B,CAAC,CAAC;IAEF,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAClC,MAAM,KAAK,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACpC,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAEhC,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;IACtB,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC;IAClB,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;IACvB,KAAK,CAAC,GAAG,GAAG,MAAM,CAAC;IACnB,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC;IACrB,GAAG,CAAC,gBAAgB,GAAG,MAAM,CAAC;IAC9B,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC;IACrB,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC;IACpB,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC;IACrB,GAAG,CAAC,QAAQ,GAAG,MAAM,CAAC;IACtB,GAAG,CAAC,QAAQ,GAAG,MAAM,CAAC;IAEtB,MAAM,CAAC,MAAM,CAAC,UAAU,EAAE;QACxB,KAAK,EAAE,KAAK,IAAI,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;QAC3B,CAAC;KACF,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mBAAmB;IAC1B,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3C,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IACD,WAAW,EAAE,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,cAAc;IAK3B,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,UAAU,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAChD,CAAC;IAAC,MAAM,CAAC;QACP,YAAY,GAAG,IAAI,CAAC;IACtB,CAAC;IAED,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;QACjC,YAAY;QACZ,eAAe,EAAE,IAAI;KACtB,CAAC;AACJ,CAAC;AAED,mBAAmB,EAAE,CAAC;AAEtB,KAAK,UAAU,eAAe;IAG5B,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACpC,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,yBAAyB,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;QAChF,OAAO,MAAM,CAAC,cAAc,CAAC,CAAC;IAChC,CAAC;IAED,OAAO,MAAM,CAAC,kBAAkB,CAAC,CAAC;AACpC,CAAC;AAcD,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,OAA4B,EAAE,EAAE;IAC3D,IAAI,CAAC;QACH,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,eAAe,EAAE,CAAC;QAEvD,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YAC7B,OAAO,CAAC,IAAI,EAAE,CAAC;gBACb,EAAE,EAAE,IAAI;gBACR,KAAK,EAAE,MAAM,cAAc,EAAE;aAC9B,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE,EAAE;YACxE,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,eAAe,EAAE;gBACf,eAAe,EAAE,IAAI;gBACrB,YAAY,EAAE,KAAK;gBACnB,eAAe,EAAE,KAAK;gBACtB,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,EAAE;aACnD;SACF,CAAC,CAAC;QAEH,OAAO,CAAC,IAAI,EAAE,CAAC;YACb,EAAE,EAAE,IAAI;YACR,MAAM;SACP,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,EAAE,CAAC;YACb,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC"}