@semiont/sdk 0.5.4 → 0.5.5

package/dist/session/knowledge-base.d.ts

@@ -1,95 +0,0 @@
-/**
- * KnowledgeBase — a connection to a Semiont knowledge system.
- *
- * The KB type itself is uniform. The transport-shape variation lives in
- * the nested `endpoint` field, which is a discriminated union:
- *
- *  - `endpoint.kind === 'http'`  — a remote backend reached over HTTP+SSE.
- *                                  Carries `host`/`port`/`protocol`.
- *  - `endpoint.kind === 'local'` — an in-process knowledge system reached
- *                                  via `LocalTransport` from
- *                                  `@semiont/make-meaning`. Carries an
- *                                  opaque `kbId` identifying the local
- *                                  instance to the host process.
- *
- * Code that doesn't know how to make a transport (`SemiontSession`,
- * `SemiontBrowser`, the frontend KB list UI) treats `KnowledgeBase` as
- * uniform and never inspects `endpoint`. Code that *does* construct
- * transports (the transport-factory passed to `SemiontBrowser`,
- * `kbBackendUrl` for HTTP URL construction) inspects `endpoint.kind`
- * and dispatches.
- *
- * Each KB has its own session, its own credentials (where applicable),
- * and its own JWT (HTTP only). The user is "authenticated against KB X" —
- * never globally authenticated.
- */
-/** Fields shared by every KB regardless of endpoint kind. */
-export interface KnowledgeBase {
-    id: string;
-    label: string;
-    email: string;
-    gitBranch?: string;
-    endpoint: KbEndpoint;
-}
-export type KbEndpoint = HttpEndpoint | LocalEndpoint;
-export interface HttpEndpoint {
-    kind: 'http';
-    host: string;
-    port: number;
-    protocol: 'http' | 'https';
-}
-export interface LocalEndpoint {
-    kind: 'local';
-    /** Opaque identifier for the in-process KB instance the host has loaded. */
-    kbId: string;
-}
-/**
- * Input shape for adding a new KB. The id is generated by the provider.
- */
-export type NewKnowledgeBase = Omit<KnowledgeBase, 'id'>;
-/**
- * Status of the locally-stored credential for a KB. Derived from the
- * presence and validity of the JWT in session storage.
- */
-export type KbSessionStatus = 'authenticated' | 'expired' | 'signed-out' | 'unreachable';
-/**
- * Construct a `KnowledgeBase` for an HTTP-backed Semiont backend without
- * spelling out the nested `endpoint` literal. Convenience for tests,
- * worker bootstraps, and one-off scripts.
- *
- * ```ts
- * const kb = httpKb({
- *   id: 'my-watcher',
- *   label: 'My Watcher',
- *   email: 'me@example.com',
- *   host: 'localhost',
- *   port: 4000,
- *   protocol: 'http',
- * });
- * ```
- *
- * Equivalent to:
- *
- * ```ts
- * const kb: KnowledgeBase = {
- *   id, label, email,
- *   endpoint: { kind: 'http', host, port, protocol },
- * };
- * ```
- *
- * UI hosts that have a structured form (host / port / protocol pickers)
- * already construct the literal directly — they don't need this helper.
- * Local-endpoint KBs construct the literal directly too; the local
- * endpoint shape (`{ kind: 'local', kbId }`) is one line and doesn't
- * earn a helper.
- */
-export declare function httpKb(opts: {
-    id: string;
-    label: string;
-    email: string;
-    host: string;
-    port: number;
-    protocol: 'http' | 'https';
-    gitBranch?: string;
-}): KnowledgeBase;
-//# sourceMappingURL=knowledge-base.d.ts.map

package/dist/session/knowledge-base.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"knowledge-base.d.ts","sourceRoot":"","sources":["../../src/session/knowledge-base.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,6DAA6D;AAC7D,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,UAAU,CAAC;CACtB;AAED,MAAM,MAAM,UAAU,GAAG,YAAY,GAAG,aAAa,CAAC;AAEtD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,OAAO,CAAC;IACd,4EAA4E;IAC5E,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;AAEzD;;;GAGG;AACH,MAAM,MAAM,eAAe,GAAG,eAAe,GAAG,SAAS,GAAG,YAAY,GAAG,aAAa,CAAC;AAEzF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,wBAAgB,MAAM,CAAC,IAAI,EAAE;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,GAAG,aAAa,CAShB"}

package/dist/session/open-resource.d.ts

@@ -1,22 +0,0 @@
-/**
- * OpenResource — a single entry in the open-resources list (tabs).
- *
- * The list itself lives on `SemiontBrowser.openResources$`. The CRUD
- * methods (`addOpenResource`, `removeOpenResource`, `updateOpenResourceName`,
- * `reorderOpenResources`) live on `SemiontBrowser` too.
- */
-export interface OpenResource {
-    /** Unique identifier for the resource */
-    id: string;
-    /** Display name of the resource */
-    name: string;
-    /** Timestamp when the resource was opened */
-    openedAt: number;
-    /** Order/position for manual sorting (optional for backward compatibility) */
-    order?: number;
-    /** Media type for icon display (e.g., 'application/pdf', 'text/plain') */
-    mediaType?: string;
-    /** Working-tree URI (e.g. "file://docs/overview.md") — used as tooltip in navigation */
-    storageUri?: string;
-}
-//# sourceMappingURL=open-resource.d.ts.map

package/dist/session/open-resource.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"open-resource.d.ts","sourceRoot":"","sources":["../../src/session/open-resource.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,WAAW,YAAY;IAC3B,yCAAyC;IACzC,EAAE,EAAE,MAAM,CAAC;IAEX,mCAAmC;IACnC,IAAI,EAAE,MAAM,CAAC;IAEb,6CAA6C;IAC7C,QAAQ,EAAE,MAAM,CAAC;IAEjB,8EAA8E;IAC9E,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,0EAA0E;IAC1E,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,wFAAwF;IACxF,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB"}

package/dist/session/registry.d.ts

@@ -1,31 +0,0 @@
-/**
- * Process-wide accessor for `SemiontBrowser`. Constructed lazily on the
- * first `getBrowser()` call and held for the host's lifetime — a single
- * instance owns the KB list, identity token, and active-session state,
- * so callers throughout the host get the same view of "which KB am I
- * talking to right now" regardless of where they pick it up.
- *
- * The caller provides a `SessionStorage` implementation and a
- * `SessionFactory` — both are environment-specific (browsers use
- * `WebBrowserStorage` + `createHttpSessionFactory()`, CLI/embedded
- * hosts use a filesystem adapter and possibly a local-process
- * factory, tests use `InMemorySessionStorage` and stubs). The first
- * call to `getBrowser` wins; subsequent calls return the cached
- * instance regardless of the options passed.
- */
-import { SemiontBrowser } from './semiont-browser';
-import type { SessionStorage } from './session-storage';
-import type { SessionFactory } from './session-factory';
-export interface GetBrowserOptions {
-    /** Persistence adapter used to construct the singleton on first call. */
-    storage: SessionStorage;
-    /** Session factory used to build a `SemiontSession` per active KB. */
-    sessionFactory: SessionFactory;
-}
-export declare function getBrowser(options: GetBrowserOptions): SemiontBrowser;
-/**
- * Test-only reset hook. Tests import this to clear the singleton between
- * runs. Production code must not import it.
- */
-export declare function __resetForTests(): Promise<void>;
-//# sourceMappingURL=registry.d.ts.map

package/dist/session/registry.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../src/session/registry.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAIxD,MAAM,WAAW,iBAAiB;IAChC,yEAAyE;IACzE,OAAO,EAAE,cAAc,CAAC;IACxB,sEAAsE;IACtE,cAAc,EAAE,cAAc,CAAC;CAChC;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,iBAAiB,GAAG,cAAc,CAQrE;AAED;;;GAGG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC,CAKrD"}

package/dist/session/semiont-browser.d.ts

@@ -1,141 +0,0 @@
-/**
- * SemiontBrowser — top-level app-facing container for non-KB state.
- *
- * Holds the list of configured KBs, the active KB selection, the active
- * SemiontSession, the identity token, the open-resources list, and a
- * session-level error stream. Held as a process-wide instance for the
- * host's lifetime — see `getBrowser()` in `registry.ts` for the canonical
- * accessor.
- *
- * Transport-agnostic: the browser orchestrates session *lifecycle* but
- * delegates session *construction* to a `SessionFactory` injected at
- * construction. HTTP-backed apps pass `createHttpSessionFactory()` from
- * `@semiont/sdk`; in-process apps pass their own factory.
- *
- * Persistence goes through a `SessionStorage` adapter provided at
- * construction — the browser never touches `localStorage` or `window`
- * directly.
- */
-import { BehaviorSubject, Subject, type Observable } from 'rxjs';
-import { type EventMap } from '@semiont/core';
-import type { KnowledgeBase, KbSessionStatus, NewKnowledgeBase } from './knowledge-base';
-import type { OpenResource } from './open-resource';
-import { SemiontSession } from './semiont-session';
-import { SessionSignals } from './session-signals';
-import { SemiontSessionError } from './errors';
-import type { SessionStorage } from './session-storage';
-import type { SessionFactory } from './session-factory';
-export interface SemiontBrowserConfig {
-    /** Persistence adapter. The browser reads/writes all persisted state via this. */
-    storage: SessionStorage;
-    /**
-     * Builds a `SemiontSession` for a KB. The browser is transport-
-     * agnostic — every HTTP-vs-local construction concern lives in the
-     * factory. HTTP-backed apps pass `createHttpSessionFactory()` from
-     * `@semiont/sdk`; a future in-process variant from `@semiont/make-meaning`
-     * would expose its own factory.
-     */
-    sessionFactory: SessionFactory;
-}
-export declare class SemiontBrowser {
-    readonly kbs$: BehaviorSubject<KnowledgeBase[]>;
-    readonly activeKbId$: BehaviorSubject<string | null>;
-    readonly activeSession$: BehaviorSubject<SemiontSession | null>;
-    /**
-     * Modal signals (session-expired / permission-denied) for the
-     * currently-active session. Parallels `activeSession$` — always
-     * non-null when `activeSession$` is non-null, always null when it
-     * is. Extracted from the session itself so headless sessions
-     * (workers, CLIs, tests) don't carry dead modal observables.
-     * See [SessionSignals](./session-signals.ts).
-     */
-    readonly activeSignals$: BehaviorSubject<SessionSignals | null>;
-    /**
-     * True while a session is actively being constructed (setActiveKb /
-     * signIn in flight, awaiting `session.ready`). Distinguishes the
-     * "session about to arrive" intermediate state from "session
-     * intentionally null" (after signOut, or when the active KB has no
-     * stored credentials). UIs that want a loading spinner should gate
-     * on this; otherwise they get stuck spinning after every signOut.
-     */
-    readonly sessionActivating$: BehaviorSubject<boolean>;
-    readonly openResources$: BehaviorSubject<OpenResource[]>;
-    readonly error$: Subject<SemiontSessionError>;
-    readonly identityToken$: BehaviorSubject<string | null>;
-    private readonly storage;
-    private readonly sessionFactory;
-    /**
-     * App-scoped EventBus. Hosts UI-shell events that must work regardless
-     * of whether a KB session is active: panel toggles, sidebar state,
-     * tab reorders, routing, settings, etc. Disjoint from the per-session
-     * bus inside `SemiontClient`, which carries KB-content events
-     * (mark:*, beckon:*, gather:*, match:*, bind:*, yield:*, browse:click).
-     */
-    private readonly eventBus;
-    private unsubscribeStorage;
-    private disposed;
-    private activating;
-    constructor(config: SemiontBrowserConfig);
-    /** Emit an event on the browser's app-scoped bus. */
-    emit<K extends keyof EventMap>(channel: K, payload: EventMap[K]): void;
-    /** Subscribe to an event; returns unsubscribe. */
-    on<K extends keyof EventMap>(channel: K, handler: (payload: EventMap[K]) => void): () => void;
-    /** Read-only observable for an app-scoped channel. */
-    stream<K extends keyof EventMap>(channel: K): Observable<EventMap[K]>;
-    /**
-     * Set the app-level identity token. Sourced from whatever the host
-     * environment uses for OAuth sessions (e.g. NextAuth in a browser app).
-     * Should be called once from the host's startup-and-on-change site;
-     * no other code should write to this slot.
-     */
-    setIdentityToken(token: string | null): void;
-    addKb(input: NewKnowledgeBase, access: string, refresh: string): KnowledgeBase;
-    removeKb(id: string): void;
-    /**
-     * Patch a KB in the list. Restricted to the common, endpoint-agnostic
-     * fields (`label`, `email`, `gitBranch`) — the `endpoint` shape isn't
-     * editable in place; remove and re-add to change the connection
-     * target.
-     */
-    updateKb(id: string, updates: {
-        label?: string;
-        email?: string;
-        gitBranch?: string;
-    }): void;
-    /**
-     * Read the locally-stored credential status for a KB. Pure / synchronous —
-     * does not subscribe to context changes. Used by KB-list UI to color status
-     * dots without requiring re-renders on every tick.
-     */
-    getKbSessionStatus(kbId: string): KbSessionStatus;
-    /**
-     * Switch the active KB. Follows the D2 disposal contract:
-     *   1. Synchronously announce the new id on `activeKbId$` and null out
-     *      `activeSession$` so views see a safe empty state first.
-     *   2. Serialize overlapping calls — if an activation is in flight, wait
-     *      for it before proceeding.
-     *   3. Dispose whatever session is currently live.
-     *   4. Construct the next session and await `session.ready`.
-     *   5. Before emitting, re-check `activeKbId$` — if a newer call superseded
-     *      us while we waited, dispose our session and skip the emit.
-     *   6. Emit the new session.
-     */
-    setActiveKb(id: string | null): Promise<void>;
-    /**
-     * Sign in to an existing KB: store the tokens and (re)activate the
-     * session. If the KB is already active, the current session is disposed
-     * and replaced so the new tokens take effect.
-     */
-    signIn(id: string, access: string, refresh: string): Promise<void>;
-    /**
-     * Sign out of a KB: clear stored tokens. If the KB is active, dispose
-     * its session + signals and emit null for both.
-     */
-    signOut(id: string): Promise<void>;
-    addOpenResource(id: string, name: string, mediaType?: string, storageUri?: string): void;
-    removeOpenResource(id: string): void;
-    updateOpenResourceName(id: string, name: string): void;
-    reorderOpenResources(oldIndex: number, newIndex: number): void;
-    dispose(): Promise<void>;
-}
-//# sourceMappingURL=semiont-browser.d.ts.map

package/dist/session/semiont-browser.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"semiont-browser.d.ts","sourceRoot":"","sources":["../../src/session/semiont-browser.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,MAAM,CAAC;AACjE,OAAO,EAAY,KAAK,QAAQ,EAAE,MAAM,eAAe,CAAC;AAWxD,OAAO,KAAK,EACV,aAAa,EACb,eAAe,EACf,gBAAgB,EACjB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAC/C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAqBxD,MAAM,WAAW,oBAAoB;IACnC,kFAAkF;IAClF,OAAO,EAAE,cAAc,CAAC;IACxB;;;;;;OAMG;IACH,cAAc,EAAE,cAAc,CAAC;CAChC;AAED,qBAAa,cAAc;IACzB,QAAQ,CAAC,IAAI,EAAE,eAAe,CAAC,aAAa,EAAE,CAAC,CAAC;IAChD,QAAQ,CAAC,WAAW,EAAE,eAAe,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACrD,QAAQ,CAAC,cAAc,EAAE,eAAe,CAAC,cAAc,GAAG,IAAI,CAAC,CAAC;IAChE;;;;;;;OAOG;IACH,QAAQ,CAAC,cAAc,EAAE,eAAe,CAAC,cAAc,GAAG,IAAI,CAAC,CAAC;IAChE;;;;;;;OAOG;IACH,QAAQ,CAAC,kBAAkB,EAAE,eAAe,CAAC,OAAO,CAAC,CAAC;IACtD,QAAQ,CAAC,cAAc,EAAE,eAAe,CAAC,YAAY,EAAE,CAAC,CAAC;IACzD,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAC9C,QAAQ,CAAC,cAAc,EAAE,eAAe,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAExD,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAiB;IACzC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAiB;IAChD;;;;;;OAMG;IACH,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAA4B;IACrD,OAAO,CAAC,kBAAkB,CAA6B;IACvD,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,UAAU,CAA8B;gBAEpC,MAAM,EAAE,oBAAoB;IAkDxC,qDAAqD;IACrD,IAAI,CAAC,CAAC,SAAS,MAAM,QAAQ,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI;IAKtE,kDAAkD;IAClD,EAAE,CAAC,CAAC,SAAS,MAAM,QAAQ,EACzB,OAAO,EAAE,CAAC,EACV,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,KAAK,IAAI,GACtC,MAAM,IAAI;IAKb,sDAAsD;IACtD,MAAM,CAAC,CAAC,SAAS,MAAM,QAAQ,EAAE,OAAO,EAAE,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAMrE;;;;;OAKG;IACH,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAO5C,KAAK,CAAC,KAAK,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,aAAa;IAQ9E,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAS1B;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAM3F;;;;OAIG;IACH,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe;IAMjD;;;;;;;;;;;OAWG;IACG,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IA8HnD;;;;OAIG;IACG,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBxE;;;OAGG;IACG,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAmBxC,eAAe,CACb,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,MAAM,EACZ,SAAS,CAAC,EAAE,MAAM,EAClB,UAAU,CAAC,EAAE,MAAM,GAClB,IAAI;IA4BP,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAIpC,sBAAsB,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI;IAMtD,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI;IAYxD,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;CAyB/B"}

package/dist/session/semiont-session.d.ts

@@ -1,210 +0,0 @@
-/**
- * SemiontSession — per-backend session lifetime object. Owns the
- * SemiontClient, the access token BehaviorSubject, and optionally
- * an authenticated user. One SemiontSession exists per active backend
- * connection; lifetime is decoupled from React mount lifetime.
- *
- * Headless by design. Runs in browsers, CLIs, workers, and tests.
- * UI-specific state (session-expired/permission-denied modals) lives
- * in `SessionSignals`, which wraps a session — the session
- * itself has no modal observables, no user-facing notifications.
- *
- * Auth is parameterized via callbacks passed at construction:
- *
- *   - `refresh()` — invoked on 401 / proactive re-auth. Returns the
- *     new access token, or null on failure. The frontend passes a
- *     closure that runs the refresh-token flow; the worker passes
- *     one that exchanges the shared secret.
- *
- *   - `validate(token)` — optional. If provided, the session calls
- *     it once at startup with the stored token to confirm it's
- *     still good and populate `user$`. Frontend passes `getMe`;
- *     worker omits this (service principals have no user record).
- *
- *   - `onAuthFailed(message)` — optional. Invoked when refresh
- *     terminally fails (expired token, no recovery possible). UI hosts
- *     typically wire this to `SessionSignals.notifySessionExpired` so a
- *     modal surfaces; headless consumers typically just log.
- *
- * Persistence goes through a `SessionStorage` adapter provided at
- * construction — the session never touches `localStorage` or `window`
- * directly.
- */
-import { BehaviorSubject, type Observable } from 'rxjs';
-import { type AccessToken, type BaseUrl } from '@semiont/core';
-import type { components, EventMap } from '@semiont/core';
-import { SemiontClient } from '../client';
-import type { SemiontError } from '@semiont/core';
-import type { ConnectionState } from '@semiont/core';
-import type { KnowledgeBase } from './knowledge-base';
-import { SemiontSessionError } from './errors';
-import type { SessionStorage } from './session-storage';
-export type UserInfo = components['schemas']['UserResponse'];
-export interface SemiontSessionConfig {
-    kb: KnowledgeBase;
-    /** Persistence adapter. Reads/writes tokens via this. */
-    storage: SessionStorage;
-    /**
-     * Pre-built api client. The session does not construct it — caller
-     * builds the transport stack and passes the client in. This is the
-     * seam where consumers swap one `ITransport` implementation for
-     * another (HTTP, in-process, etc.).
-     */
-    client: SemiontClient;
-    /**
-     * Token observable shared with the transport. Caller must pass the
-     * SAME instance to both the transport (via `HttpTransport` config)
-     * and the session. The session writes refreshed tokens here; the
-     * transport reads from here.
-     */
-    token$: BehaviorSubject<AccessToken | null>;
-    /**
-     * Re-authenticate after expiry / 401. Returns a new access token
-     * (no "Bearer " prefix) on success, or null if recovery is
-     * impossible. Omit for transports where tokens don't apply.
-     */
-    refresh?: () => Promise<string | null>;
-    /**
-     * Validate the stored token at startup and populate `user$`. Omit
-     * for service-principal sessions (worker, CLI tools) where there
-     * is no user record to fetch.
-     */
-    validate?: (token: AccessToken) => Promise<UserInfo | null>;
-    /**
-     * Invoked when refresh terminally fails. Frontend consumers wire
-     * this to a UI signal that surfaces the session-expired modal.
-     */
-    onAuthFailed?: (message: string | null) => void;
-    /** Called for session-level failures (auth, refresh exhaustion). */
-    onError?: (err: SemiontSessionError) => void;
-}
-export declare class SemiontSession {
-    readonly kb: KnowledgeBase;
-    readonly client: SemiontClient;
-    readonly token$: BehaviorSubject<AccessToken | null>;
-    readonly user$: BehaviorSubject<UserInfo | null>;
-    readonly streamState$: Observable<ConnectionState>;
-    /**
-     * Stream of `SemiontError` instances surfaced by the underlying transport
-     * just before they're thrown to the caller. For `HttpTransport` this is
-     * an `APIError` (status-coded); other transports emit their own subclass.
-     * Surfaced here so a host layer (e.g. `SemiontBrowser`) can route by
-     * `err.code` to global notifications without every call site handling
-     * errors itself. Headless consumers can subscribe for logging.
-     *
-     * Re-published from `client.transport.errors$` per the `ITransport`
-     * contract — the session is purely a passthrough.
-     */
-    readonly errors$: Observable<SemiontError>;
-    /** Resolves after the initial validation round-trip completes (success or failure). */
-    readonly ready: Promise<void>;
-    private readonly storage;
-    private readonly doRefresh?;
-    private readonly doValidate?;
-    private readonly onAuthFailed;
-    private readonly onError;
-    private refreshTimer;
-    private unsubscribeStorage;
-    private disposed;
-    constructor(config: SemiontSessionConfig);
-    /**
-     * Run the initial mount-time validation. If a stored access token is
-     * present and unexpired, call the configured `validate` with it to
-     * confirm it still works and populate `user$`. If expired, try
-     * refresh first. On 401 from validate, try refresh once. Surfaces
-     * auth-failed on terminal failure.
-     *
-     * When no `validate` callback is provided (service principals), this
-     * still runs through the refresh-if-expired step so the stored
-     * token is current — it just skips the user-validation round trip.
-     */
-    private validate;
-    /**
-     * Refresh the access token via the configured `refresh` callback.
-     * On success, pushes the new token into `token$` and schedules the
-     * next proactive refresh. On failure, clears persisted state and
-     * fires `onAuthFailed` — the frontend's wiring of that callback is
-     * what surfaces the session-expired modal.
-     */
-    refresh(): Promise<AccessToken | null>;
-    private scheduleProactiveRefresh;
-    private clearRefreshTimer;
-    /**
-     * Cross-context sync: another tab/process refreshed or signed out this
-     * KB. Mirror the change into our in-memory state.
-     */
-    private handleStorageChange;
-    get expiresAt(): Date | null;
-    /**
-     * Subscribe to a session-bus channel. The single sanctioned escape hatch
-     * for generic-channel subscription (the case `useEventSubscription` needs
-     * — channel name is a hook parameter, not known statically). All other
-     * consumers must call typed namespace methods (e.g. `session.client.mark.archive(...)`).
-     *
-     * @returns disposer that unsubscribes the handler.
-     */
-    subscribe<K extends keyof EventMap>(channel: K, handler: (payload: EventMap[K]) => void): () => void;
-    dispose(): Promise<void>;
-    /**
-     * Convenience factory for the default HTTP setup. Constructs the
-     * shared `BehaviorSubject<AccessToken | null>`, an `HttpTransport`,
-     * an `HttpContentTransport`, and a `SemiontClient`, then wires
-     * the session over them. Removes the load-bearing
-     * "same-token$-instance" invariant from the caller's hands.
-     *
-     * Strings are accepted for `baseUrl` and `token`; they are branded
-     * via `baseUrl()` / `accessToken()` from `@semiont/core` automatically.
-     *
-     * The remaining options (`refresh`, `validate`, `onAuthFailed`,
-     * `onError`) match `SemiontSessionConfig` exactly.
-     */
-    static fromHttp(opts: {
-        kb: KnowledgeBase;
-        storage: SessionStorage;
-        baseUrl: BaseUrl | string;
-        token?: AccessToken | string | null;
-        refresh?: () => Promise<string | null>;
-        validate?: (token: AccessToken) => Promise<UserInfo | null>;
-        onAuthFailed?: (message: string | null) => void;
-        onError?: (err: SemiontSessionError) => void;
-    }): SemiontSession;
-    /**
-     * Async factory for the credentials-first long-running script case.
-     * Builds the HTTP transport stack, calls `auth.password(email,
-     * password)` to acquire access + refresh tokens, persists them via
-     * the storage adapter, wires a default `refresh` callback that
-     * exchanges the refresh token via `auth.refresh(...)`, and returns
-     * the ready session.
-     *
-     * The consumer-supplied `refresh` callback becomes optional — only
-     * needed for non-standard refresh flows (worker-pool shared secret,
-     * OAuth refresh-token grant, interactive re-prompt). The default
-     * uses the refresh token returned by `auth.password`.
-     *
-     * `kb` is required and must be a full `KnowledgeBase`. The `id` field
-     * is the storage key for this session — distinct scripts sharing the
-     * same `SessionStorage` instance must use distinct ids to avoid
-     * trampling each other's tokens. The factory does not synthesize a
-     * default; the consumer makes the choice.
-     *
-     * Named `signInHttp` because email+password authentication is
-     * inherently an HTTP-shaped operation in the current backend; an
-     * in-process `LocalTransport` doesn't have a credentials login
-     * path. Non-HTTP transports construct the session directly from
-     * their package's transport instance.
-     *
-     * Throws on auth failure with no resources leaked. On success, the
-     * returned session's `ready` promise has already resolved.
-     */
-    static signInHttp(opts: {
-        kb: KnowledgeBase;
-        storage: SessionStorage;
-        baseUrl: BaseUrl | string;
-        email: string;
-        password: string;
-        validate?: (token: AccessToken) => Promise<UserInfo | null>;
-        onAuthFailed?: (message: string | null) => void;
-        onError?: (err: SemiontSessionError) => void;
-    }): Promise<SemiontSession>;
-}
-//# sourceMappingURL=semiont-session.d.ts.map

package/dist/session/semiont-session.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"semiont-session.d.ts","sourceRoot":"","sources":["../../src/session/semiont-session.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,OAAO,EAAE,eAAe,EAAE,KAAK,UAAU,EAAE,MAAM,MAAM,CAAC;AACxD,OAAO,EAGL,KAAK,WAAW,EAChB,KAAK,OAAO,EACb,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAiD,MAAM,WAAW,CAAC;AACzF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAWtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAC/C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAExD,MAAM,MAAM,QAAQ,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,cAAc,CAAC,CAAC;AAE7D,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,aAAa,CAAC;IAClB,yDAAyD;IACzD,OAAO,EAAE,cAAc,CAAC;IACxB;;;;;OAKG;IACH,MAAM,EAAE,aAAa,CAAC;IACtB;;;;;OAKG;IACH,MAAM,EAAE,eAAe,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IAC5C;;;;OAIG;IACH,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACvC;;;;OAIG;IACH,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;IAC5D;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,KAAK,IAAI,CAAC;IAChD,oEAAoE;IACpE,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,mBAAmB,KAAK,IAAI,CAAC;CAC9C;AAED,qBAAa,cAAc;IACzB,QAAQ,CAAC,EAAE,EAAE,aAAa,CAAC;IAC3B,QAAQ,CAAC,MAAM,EAAE,aAAa,CAAC;IAC/B,QAAQ,CAAC,MAAM,EAAE,eAAe,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IACrD,QAAQ,CAAC,KAAK,EAAE,eAAe,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;IACjD,QAAQ,CAAC,YAAY,EAAE,UAAU,CAAC,eAAe,CAAC,CAAC;IACnD;;;;;;;;;;OAUG;IACH,QAAQ,CAAC,OAAO,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC;IAE3C,uFAAuF;IACvF,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;IAE9B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAiB;IACzC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAA+B;IAC1D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAmD;IAC/E,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAmC;IAChE,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqC;IAC7D,OAAO,CAAC,YAAY,CAA8C;IAClE,OAAO,CAAC,kBAAkB,CAA6B;IACvD,OAAO,CAAC,QAAQ,CAAS;gBAEb,MAAM,EAAE,oBAAoB;IAkCxC;;;;;;;;;;OAUG;YACW,QAAQ;IAyDtB;;;;;;OAMG;IACG,OAAO,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAoB5C,OAAO,CAAC,wBAAwB;IAYhC,OAAO,CAAC,iBAAiB;IAOzB;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAoB3B,IAAI,SAAS,IAAI,IAAI,GAAG,IAAI,CAG3B;IAED;;;;;;;OAOG;IACH,SAAS,CAAC,CAAC,SAAS,MAAM,QAAQ,EAChC,OAAO,EAAE,CAAC,EACV,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,KAAK,IAAI,GACtC,MAAM,IAAI;IAKP,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAgB9B;;;;;;;;;;;;OAYG;IACH,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE;QACpB,EAAE,EAAE,aAAa,CAAC;QAClB,OAAO,EAAE,cAAc,CAAC;QACxB,OAAO,EAAE,OAAO,GAAG,MAAM,CAAC;QAC1B,KAAK,CAAC,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI,CAAC;QACpC,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;QACvC,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;QAC5D,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,KAAK,IAAI,CAAC;QAChD,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,mBAAmB,KAAK,IAAI,CAAC;KAC9C,GAAG,cAAc;IAiBlB;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;WACU,UAAU,CAAC,IAAI,EAAE;QAC5B,EAAE,EAAE,aAAa,CAAC;QAClB,OAAO,EAAE,cAAc,CAAC;QACxB,OAAO,EAAE,OAAO,GAAG,MAAM,CAAC;QAC1B,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;QAC5D,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,KAAK,IAAI,CAAC;QAChD,OAAO,CAAC,EAAE,CAAC,GAAG,EAAE,mBAAmB,KAAK,IAAI,CAAC;KAC9C,GAAG,OAAO,CAAC,cAAc,CAAC;CAmD5B"}

package/dist/session/session-factory.d.ts

@@ -1,31 +0,0 @@
-/**
- * SessionFactory — the injection point that lets `SemiontBrowser` stay
- * transport-agnostic.
- *
- * The browser knows how to manage the *lifecycle* of an active session
- * (track it in `activeSession$`, dispose on KB switch, serialize
- * overlapping activations) but does not know how to *construct* one —
- * because that's where transport choice lives. The construction step
- * is parameterized via this factory.
- *
- * The HTTP factory is provided by `createHttpSessionFactory`. A
- * future in-process variant from `@semiont/make-meaning` would expose
- * its own factory.
- */
-import type { KnowledgeBase } from './knowledge-base';
-import type { SessionSignals } from './session-signals';
-import type { SessionStorage } from './session-storage';
-import type { SemiontSession } from './semiont-session';
-import type { SemiontSessionError } from './errors';
-export interface SessionFactoryOptions {
-    /** The KB the session is being constructed for. */
-    kb: KnowledgeBase;
-    /** Persistence adapter — same one the browser uses. */
-    storage: SessionStorage;
-    /** Modal-signal sink for auth-failed / permission-denied notifications. */
-    signals: SessionSignals;
-    /** Receives session-level errors (auth-failed, refresh-exhausted, ...). */
-    onError: (err: SemiontSessionError) => void;
-}
-export type SessionFactory = (opts: SessionFactoryOptions) => SemiontSession;
-//# sourceMappingURL=session-factory.d.ts.map

package/dist/session/session-factory.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-factory.d.ts","sourceRoot":"","sources":["../../src/session/session-factory.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAEpD,MAAM,WAAW,qBAAqB;IACpC,mDAAmD;IACnD,EAAE,EAAE,aAAa,CAAC;IAClB,uDAAuD;IACvD,OAAO,EAAE,cAAc,CAAC;IACxB,2EAA2E;IAC3E,OAAO,EAAE,cAAc,CAAC;IACxB,2EAA2E;IAC3E,OAAO,EAAE,CAAC,GAAG,EAAE,mBAAmB,KAAK,IAAI,CAAC;CAC7C;AAED,MAAM,MAAM,cAAc,GAAG,CAAC,IAAI,EAAE,qBAAqB,KAAK,cAAc,CAAC"}

package/dist/session/session-signals.d.ts

@@ -1,40 +0,0 @@
-/**
- * SessionSignals — UI-facing notification state that belongs to the host
- * surface, not to the session itself.
- *
- * `SemiontSession` is a headless per-backend client + token + user
- * holder. It can run in any process: browser, worker, CLI, test. But
- * the session-expired / permission-denied *notifications* are inherently
- * a UI-host concern. Keeping those observables on `SemiontSession` meant
- * workers and CLIs carried four dead BehaviorSubjects that nothing would
- * ever fire.
- *
- * `SessionSignals` owns the notification state and has no hard reference
- * to a session. A UI host (e.g. `SemiontBrowser`) constructs one alongside
- * every active session and wires:
- *
- *   - `session.onAuthFailed` → `signals.notifySessionExpired` so
- *     proactive-refresh failures surface as a notification
- *
- * UI consumers that need to render modal/banner state subscribe here;
- * consumers that need bus/HTTP access continue to subscribe to the session.
- *
- * Session auth-state cleanup (clearing token, clearing storage) is
- * the session's own responsibility inside `refresh()` — by the time
- * `notifySessionExpired` runs, the session has already torn down.
- * Signals only surfaces the notification.
- */
-import { BehaviorSubject } from 'rxjs';
-export declare class SessionSignals {
-    readonly sessionExpiredAt$: BehaviorSubject<number | null>;
-    readonly sessionExpiredMessage$: BehaviorSubject<string | null>;
-    readonly permissionDeniedAt$: BehaviorSubject<number | null>;
-    readonly permissionDeniedMessage$: BehaviorSubject<string | null>;
-    constructor();
-    notifySessionExpired(message: string | null): void;
-    notifyPermissionDenied(message: string | null): void;
-    acknowledgeSessionExpired(): void;
-    acknowledgePermissionDenied(): void;
-    dispose(): void;
-}
-//# sourceMappingURL=session-signals.d.ts.map

package/dist/session/session-signals.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-signals.d.ts","sourceRoot":"","sources":["../../src/session/session-signals.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAEvC,qBAAa,cAAc;IACzB,QAAQ,CAAC,iBAAiB,EAAE,eAAe,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC3D,QAAQ,CAAC,sBAAsB,EAAE,eAAe,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAChE,QAAQ,CAAC,mBAAmB,EAAE,eAAe,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC7D,QAAQ,CAAC,wBAAwB,EAAE,eAAe,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;;IASlE,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAOlD,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,GAAG,IAAI;IAOpD,yBAAyB,IAAI,IAAI;IAKjC,2BAA2B,IAAI,IAAI;IAKnC,OAAO,IAAI,IAAI;CAMhB"}

package/dist/session/session-storage.d.ts

@@ -1,41 +0,0 @@
-/**
- * SessionStorage — environment-agnostic persistence adapter for the
- * Semiont session layer. Decouples `SemiontSession` / `SemiontBrowser`
- * from `localStorage` / `window` so the same classes can run in a
- * browser, a CLI process, or tests without environment guards.
- *
- * Implementations shipped here:
- *  - `InMemorySessionStorage` — map-backed, for tests.
- *
- * Browser-backed (`WebBrowserStorage`) lives in `@semiont/react-ui`
- * because it touches browser-only globals.
- */
-/** String key/value store with optional cross-context change subscription. */
-export interface SessionStorage {
-    /** Read a string value; null if absent. */
-    get(key: string): string | null;
-    /** Write a string value. */
-    set(key: string, value: string): void;
-    /** Remove a key. No-op if absent. */
-    delete(key: string): void;
-    /**
-     * Optional: subscribe to external changes (cross-tab, cross-process).
-     * Browser implements via the `storage` event; filesystem would use
-     * fs.watch; in-memory omits this method. Returns an unsubscribe
-     * callback. If omitted, cross-context sync simply isn't available
-     * in that environment — the session still works correctly within a
-     * single process.
-     */
-    subscribe?(handler: (key: string, newValue: string | null) => void): () => void;
-}
-/**
- * Map-backed `SessionStorage`. Cross-context sync is not implemented;
- * tests that need it can drive it manually.
- */
-export declare class InMemorySessionStorage implements SessionStorage {
-    private readonly map;
-    get(key: string): string | null;
-    set(key: string, value: string): void;
-    delete(key: string): void;
-}
-//# sourceMappingURL=session-storage.d.ts.map

package/dist/session/session-storage.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-storage.d.ts","sourceRoot":"","sources":["../../src/session/session-storage.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,8EAA8E;AAC9E,MAAM,WAAW,cAAc;IAC7B,2CAA2C;IAC3C,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC;IAChC,4BAA4B;IAC5B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACtC,qCAAqC;IACrC,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B;;;;;;;OAOG;IACH,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,KAAK,IAAI,GAAG,MAAM,IAAI,CAAC;CACjF;AAED;;;GAGG;AACH,qBAAa,sBAAuB,YAAW,cAAc;IAC3D,OAAO,CAAC,QAAQ,CAAC,GAAG,CAA6B;IAEjD,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAI/B,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAIrC,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;CAG1B"}