npm - @sentinel-atl/registry - Versions diffs - 0.3.0 - Mend

@sentinel-atl/registry 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

package/README.md +102 -0
package/dist/badge.d.ts +37 -0
package/dist/badge.d.ts.map +1 -0
package/dist/badge.js +114 -0
package/dist/badge.js.map +1 -0
package/dist/cli.d.ts +3 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +66 -0
package/dist/cli.js.map +1 -0
package/dist/index.d.ts +13 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +13 -0
package/dist/index.js.map +1 -0
package/dist/server.d.ts +58 -0
package/dist/server.d.ts.map +1 -0
package/dist/server.js +347 -0
package/dist/server.js.map +1 -0
package/dist/store.d.ts +104 -0
package/dist/store.d.ts.map +1 -0
package/dist/store.js +177 -0
package/dist/store.js.map +1 -0
package/package.json +47 -0
package/src/__tests__/registry.test.ts +304 -0
package/src/badge.ts +139 -0
package/src/cli.ts +74 -0
package/src/index.ts +31 -0
package/src/server.ts +407 -0
package/src/store.ts +267 -0
package/tsconfig.json +9 -0

package/dist/server.js ADDED Viewed

@@ -0,0 +1,347 @@
+/**
+ * Trust Registry HTTP API — REST endpoints for publishing and querying STCs.
+ *
+ * Endpoints:
+ *   POST   /api/v1/certificates          Register a new STC
+ *   GET    /api/v1/certificates/:id       Get certificate by ID
+ *   GET    /api/v1/certificates           Query certificates
+ *   DELETE /api/v1/certificates/:id       Remove a certificate
+ *
+ *   GET    /api/v1/packages/:name         Get latest certificate for a package
+ *   GET    /api/v1/packages/:name/history Get all certificates for a package
+ *   GET    /api/v1/packages/:name/badge   SVG badge for a package
+ *   GET    /api/v1/packages/:name/badge/score   Score badge
+ *
+ *   GET    /api/v1/stats                  Registry stats
+ *   GET    /health                        Health check
+ */
+import { CertificateStore } from './store.js';
+import { gradeBadge, scoreBadge, verifiedBadge, notFoundBadge } from './badge.js';
+import { authenticate, hasScope, sendUnauthorized, sendForbidden, applyCors, defaultCorsConfig, createSecureServer, applySecurityHeaders, } from '@sentinel-atl/hardening';
+// ─── Server ──────────────────────────────────────────────────────────
+export class RegistryServer {
+    server = null;
+    store;
+    port;
+    authConfig;
+    corsConfig;
+    tlsConfig;
+    constructor(options) {
+        this.port = options?.port ?? 3200;
+        this.store = options?.store ?? new CertificateStore();
+        this.authConfig = options?.auth ?? { enabled: false, keys: [] };
+        this.corsConfig = options?.cors ?? defaultCorsConfig();
+        this.tlsConfig = options?.tls;
+        // Badge endpoints are always public (for README embeds)
+        if (this.authConfig.enabled && !this.authConfig.publicPaths) {
+            this.authConfig.publicPaths = ['/health'];
+        }
+    }
+    getStore() {
+        return this.store;
+    }
+    async start() {
+        // Load persisted certificates from backend (no-op if in-memory only)
+        await this.store.load();
+        return new Promise((resolve, reject) => {
+            this.server = createSecureServer((req, res) => this.handleRequest(req, res), this.tlsConfig);
+            this.server.on('error', reject);
+            this.server.listen(this.port, () => {
+                resolve({ port: this.port });
+            });
+        });
+    }
+    async stop() {
+        return new Promise((resolve) => {
+            if (this.server) {
+                this.server.close(() => resolve());
+            }
+            else {
+                resolve();
+            }
+        });
+    }
+    isTLS() {
+        return !!this.tlsConfig?.certPath || !!this.tlsConfig?.cert;
+    }
+    // ─── Router ────────────────────────────────────────────────────
+    async handleRequest(req, res) {
+        const url = new URL(req.url ?? '/', `http://localhost`);
+        const path = url.pathname;
+        const method = req.method ?? 'GET';
+        // CORS (configurable origins)
+        if (applyCors(req, res, this.corsConfig))
+            return; // preflight handled
+        // Security headers
+        applySecurityHeaders(res, { hsts: this.isTLS() });
+        // Authentication
+        const authResult = authenticate(req, this.authConfig);
+        // Badge endpoints are public even when auth is enabled
+        const isBadgePath = path.includes('/badge');
+        if (!authResult.authenticated && !isBadgePath) {
+            return sendUnauthorized(res, this.authConfig, authResult.error);
+        }
+        try {
+            // Health
+            if (path === '/health' && method === 'GET') {
+                return this.sendJson(res, 200, { status: 'ok', certificates: this.store.count() });
+            }
+            // Stats
+            if (path === '/api/v1/stats' && method === 'GET') {
+                return this.sendJson(res, 200, this.store.getStats());
+            }
+            // POST /api/v1/certificates — register (requires write scope)
+            if (path === '/api/v1/certificates' && method === 'POST') {
+                if (!hasScope(authResult, 'write'))
+                    return sendForbidden(res, 'Write scope required');
+                return await this.handleRegister(req, res);
+            }
+            // GET /api/v1/certificates — query
+            if (path === '/api/v1/certificates' && method === 'GET') {
+                return this.handleQuery(url, res);
+            }
+            // GET/DELETE /api/v1/certificates/:id
+            const certMatch = path.match(/^\/api\/v1\/certificates\/(.+)$/);
+            if (certMatch) {
+                const id = decodeURIComponent(certMatch[1]);
+                if (method === 'GET')
+                    return this.handleGetById(id, res);
+                if (method === 'DELETE') {
+                    if (!hasScope(authResult, 'admin'))
+                        return sendForbidden(res, 'Admin scope required');
+                    return this.handleDelete(id, res);
+                }
+            }
+            // Package routes: /api/v1/packages/:name[/history|/badge|/badge/score]
+            const pkgMatch = path.match(/^\/api\/v1\/packages\/(@[^/]+\/[^/]+|[^/]+)(\/.*)?$/);
+            if (pkgMatch) {
+                const packageName = decodeURIComponent(pkgMatch[1]);
+                const suffix = pkgMatch[2] ?? '';
+                if (suffix === '' && method === 'GET')
+                    return this.handleGetPackage(packageName, res);
+                if (suffix === '/history' && method === 'GET')
+                    return this.handlePackageHistory(packageName, res);
+                if (suffix === '/badge' && method === 'GET')
+                    return this.handleBadge(packageName, url, res);
+                if (suffix === '/badge/score' && method === 'GET')
+                    return this.handleScoreBadge(packageName, url, res);
+            }
+            this.sendJson(res, 404, { error: 'Not found' });
+        }
+        catch (err) {
+            this.sendJson(res, 500, { error: 'Internal server error' });
+        }
+    }
+    // ─── Handlers ──────────────────────────────────────────────────
+    async handleRegister(req, res) {
+        // Content-Type enforcement
+        const contentType = req.headers['content-type'];
+        if (!contentType || !contentType.includes('application/json')) {
+            return this.sendJson(res, 415, { error: 'Content-Type must be application/json' });
+        }
+        const body = await readBody(req);
+        let certificate;
+        try {
+            certificate = JSON.parse(body);
+        }
+        catch {
+            return this.sendJson(res, 400, { error: 'Invalid JSON' });
+        }
+        // Comprehensive STC validation
+        const errors = validateSTC(certificate);
+        if (errors.length > 0) {
+            return this.sendJson(res, 400, { error: 'Invalid STC', details: errors });
+        }
+        // Check for duplicates
+        if (this.store.get(certificate.id)) {
+            return this.sendJson(res, 409, { error: 'Certificate already registered', id: certificate.id });
+        }
+        const entry = await this.store.register(certificate);
+        this.sendJson(res, 201, {
+            id: entry.id,
+            packageName: entry.packageName,
+            trustScore: entry.trustScore,
+            grade: entry.grade,
+            verified: entry.verified,
+            registeredAt: entry.registeredAt,
+        });
+    }
+    handleGetById(id, res) {
+        const entry = this.store.get(id);
+        if (!entry) {
+            return this.sendJson(res, 404, { error: 'Certificate not found' });
+        }
+        this.sendJson(res, 200, this.formatEntry(entry));
+    }
+    async handleDelete(id, res) {
+        const removed = await this.store.remove(id);
+        if (!removed) {
+            return this.sendJson(res, 404, { error: 'Certificate not found' });
+        }
+        this.sendJson(res, 200, { deleted: true, id });
+    }
+    handleQuery(url, res) {
+        const parseIntSafe = (val) => {
+            if (val === null)
+                return undefined;
+            const n = parseInt(val, 10);
+            return Number.isNaN(n) ? undefined : n;
+        };
+        const q = {
+            packageName: url.searchParams.get('package') ?? undefined,
+            minScore: parseIntSafe(url.searchParams.get('minScore')),
+            minGrade: url.searchParams.get('minGrade') ?? undefined,
+            verified: url.searchParams.has('verified') ? url.searchParams.get('verified') === 'true' : undefined,
+            limit: parseIntSafe(url.searchParams.get('limit')),
+            offset: parseIntSafe(url.searchParams.get('offset')),
+        };
+        const results = this.store.query(q);
+        this.sendJson(res, 200, {
+            total: this.store.count(),
+            count: results.length,
+            certificates: results.map(e => this.formatEntry(e)),
+        });
+    }
+    handleGetPackage(packageName, res) {
+        const entry = this.store.getLatestForPackage(packageName);
+        if (!entry) {
+            return this.sendJson(res, 404, { error: 'No certificates found for package', packageName });
+        }
+        this.sendJson(res, 200, this.formatEntry(entry));
+    }
+    handlePackageHistory(packageName, res) {
+        const entries = this.store.getForPackage(packageName);
+        this.sendJson(res, 200, {
+            packageName,
+            count: entries.length,
+            certificates: entries.map(e => this.formatEntry(e)),
+        });
+    }
+    handleBadge(packageName, url, res) {
+        const style = (url.searchParams.get('style') ?? 'flat');
+        const entry = this.store.getLatestForPackage(packageName);
+        let svg;
+        if (!entry) {
+            svg = notFoundBadge(style);
+        }
+        else if (entry.verified) {
+            svg = gradeBadge(entry.grade, style);
+        }
+        else {
+            svg = verifiedBadge(false, style);
+        }
+        res.writeHead(200, {
+            'Content-Type': 'image/svg+xml',
+            'Cache-Control': 'max-age=300',
+        });
+        res.end(svg);
+    }
+    handleScoreBadge(packageName, url, res) {
+        const style = (url.searchParams.get('style') ?? 'flat');
+        const entry = this.store.getLatestForPackage(packageName);
+        let svg;
+        if (!entry) {
+            svg = notFoundBadge(style);
+        }
+        else {
+            svg = scoreBadge(entry.trustScore, style);
+        }
+        res.writeHead(200, {
+            'Content-Type': 'image/svg+xml',
+            'Cache-Control': 'max-age=300',
+        });
+        res.end(svg);
+    }
+    // ─── Helpers ───────────────────────────────────────────────────
+    formatEntry(entry) {
+        return {
+            id: entry.id,
+            packageName: entry.packageName,
+            packageVersion: entry.packageVersion,
+            trustScore: entry.trustScore,
+            grade: entry.grade,
+            verified: entry.verified,
+            registeredAt: entry.registeredAt,
+            issuerDid: entry.issuerDid,
+            certificate: entry.certificate,
+        };
+    }
+    sendJson(res, status, data) {
+        res.writeHead(status, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify(data));
+    }
+}
+// ─── STC Validation ───────────────────────────────────────────────────
+function validateSTC(cert) {
+    const errors = [];
+    if (!cert || typeof cert !== 'object') {
+        return ['Certificate must be a JSON object'];
+    }
+    // Required fields
+    if (!cert.id || typeof cert.id !== 'string')
+        errors.push('Missing or invalid "id" (string)');
+    if (cert.type !== 'SentinelTrustCertificate')
+        errors.push('"type" must be "SentinelTrustCertificate"');
+    if (cert['@context'] !== 'https://sentinel.trust/stc/v1')
+        errors.push('"@context" must be "https://sentinel.trust/stc/v1"');
+    // Timestamps
+    if (!cert.issuedAt || typeof cert.issuedAt !== 'string')
+        errors.push('Missing "issuedAt" (ISO date)');
+    if (!cert.expiresAt || typeof cert.expiresAt !== 'string')
+        errors.push('Missing "expiresAt" (ISO date)');
+    // Issuer
+    if (!cert.issuer || typeof cert.issuer !== 'object') {
+        errors.push('Missing "issuer" object');
+    }
+    else {
+        if (!cert.issuer.did || typeof cert.issuer.did !== 'string')
+            errors.push('Missing "issuer.did"');
+    }
+    // Subject
+    if (!cert.subject || typeof cert.subject !== 'object') {
+        errors.push('Missing "subject" object');
+    }
+    else {
+        if (!cert.subject.packageName || typeof cert.subject.packageName !== 'string')
+            errors.push('Missing "subject.packageName"');
+        if (!cert.subject.packageVersion || typeof cert.subject.packageVersion !== 'string')
+            errors.push('Missing "subject.packageVersion"');
+    }
+    // Trust score
+    if (!cert.trustScore || typeof cert.trustScore !== 'object') {
+        errors.push('Missing "trustScore" object');
+    }
+    else {
+        if (typeof cert.trustScore.overall !== 'number' || cert.trustScore.overall < 0 || cert.trustScore.overall > 100) {
+            errors.push('"trustScore.overall" must be a number 0-100');
+        }
+        if (!cert.trustScore.grade || typeof cert.trustScore.grade !== 'string') {
+            errors.push('Missing "trustScore.grade"');
+        }
+    }
+    // Proof
+    if (!cert.proof || typeof cert.proof !== 'object') {
+        errors.push('Missing "proof" object');
+    }
+    return errors;
+}
+// ─── Body Reader ──────────────────────────────────────────────────────
+function readBody(req) {
+    return new Promise((resolve, reject) => {
+        const chunks = [];
+        let size = 0;
+        const MAX_BODY = 2_097_152; // 2 MB (STC max)
+        req.on('data', (chunk) => {
+            size += chunk.length;
+            if (size > MAX_BODY) {
+                reject(new Error('Request body too large'));
+                req.destroy();
+                return;
+            }
+            chunks.push(chunk);
+        });
+        req.on('end', () => resolve(Buffer.concat(chunks).toString()));
+        req.on('error', reject);
+    });
+}
+//# sourceMappingURL=server.js.map

package/dist/server.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,EAAE,gBAAgB,EAAsB,MAAM,YAAY,CAAC;AAClE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa,EAAE,aAAa,EAAmB,MAAM,YAAY,CAAC;AACnG,OAAO,EACL,YAAY,EAAE,QAAQ,EAAE,gBAAgB,EAAE,aAAa,EACvD,SAAS,EAAE,iBAAiB,EAC5B,kBAAkB,EAClB,oBAAoB,GAErB,MAAM,yBAAyB,CAAC;AAkBjC,wEAAwE;AAExE,MAAM,OAAO,cAAc;IACjB,MAAM,GAAkB,IAAI,CAAC;IAC7B,KAAK,CAAmB;IACxB,IAAI,CAAS;IACb,UAAU,CAAa;IACvB,UAAU,CAAa;IACvB,SAAS,CAAa;IAE9B,YAAY,OAA+B;QACzC,IAAI,CAAC,IAAI,GAAG,OAAO,EAAE,IAAI,IAAI,IAAI,CAAC;QAClC,IAAI,CAAC,KAAK,GAAG,OAAO,EAAE,KAAK,IAAI,IAAI,gBAAgB,EAAE,CAAC;QACtD,IAAI,CAAC,UAAU,GAAG,OAAO,EAAE,IAAI,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;QAChE,IAAI,CAAC,UAAU,GAAG,OAAO,EAAE,IAAI,IAAI,iBAAiB,EAAE,CAAC;QACvD,IAAI,CAAC,SAAS,GAAG,OAAO,EAAE,GAAG,CAAC;QAE9B,wDAAwD;QACxD,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC;YAC5D,IAAI,CAAC,UAAU,CAAC,WAAW,GAAG,CAAC,SAAS,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,qEAAqE;QACrE,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;QAExB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,CAAC,MAAM,GAAG,kBAAkB,CAC9B,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,EAC1C,IAAI,CAAC,SAAS,CACf,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAChC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE;gBACjC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YAC/B,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI;QACR,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC;YACrC,CAAC;iBAAM,CAAC;gBACN,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK;QACH,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC;IAC9D,CAAC;IAED,kEAAkE;IAE1D,KAAK,CAAC,aAAa,CAAC,GAAoB,EAAE,GAAmB;QACnE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,kBAAkB,CAAC,CAAC;QACxD,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC;QAC1B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,KAAK,CAAC;QAEnC,8BAA8B;QAC9B,IAAI,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,UAAU,CAAC;YAAE,OAAO,CAAC,oBAAoB;QAEtE,mBAAmB;QACnB,oBAAoB,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAElD,iBAAiB;QACjB,MAAM,UAAU,GAAG,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAEtD,uDAAuD;QACvD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC5C,IAAI,CAAC,UAAU,CAAC,aAAa,IAAI,CAAC,WAAW,EAAE,CAAC;YAC9C,OAAO,gBAAgB,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,CAAC;YACH,SAAS;YACT,IAAI,IAAI,KAAK,SAAS,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBAC3C,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACrF,CAAC;YAED,QAAQ;YACR,IAAI,IAAI,KAAK,eAAe,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACjD,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;YACxD,CAAC;YAED,8DAA8D;YAC9D,IAAI,IAAI,KAAK,sBAAsB,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACzD,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;oBAAE,OAAO,aAAa,CAAC,GAAG,EAAE,sBAAsB,CAAC,CAAC;gBACtF,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAC7C,CAAC;YAED,mCAAmC;YACnC,IAAI,IAAI,KAAK,sBAAsB,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACxD,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACpC,CAAC;YAED,sCAAsC;YACtC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YAChE,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,EAAE,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC5C,IAAI,MAAM,KAAK,KAAK;oBAAE,OAAO,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;gBACzD,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;oBACxB,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;wBAAE,OAAO,aAAa,CAAC,GAAG,EAAE,sBAAsB,CAAC,CAAC;oBACtF,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;YAED,uEAAuE;YACvE,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACnF,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,WAAW,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAEjC,IAAI,MAAM,KAAK,EAAE,IAAI,MAAM,KAAK,KAAK;oBAAE,OAAO,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;gBACtF,IAAI,MAAM,KAAK,UAAU,IAAI,MAAM,KAAK,KAAK;oBAAE,OAAO,IAAI,CAAC,oBAAoB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;gBAClG,IAAI,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,KAAK;oBAAE,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;gBAC5F,IAAI,MAAM,KAAK,cAAc,IAAI,MAAM,KAAK,KAAK;oBAAE,OAAO,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YACzG,CAAC;YAED,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;QAClD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,kEAAkE;IAE1D,KAAK,CAAC,cAAc,CAAC,GAAoB,EAAE,GAAmB;QACpE,2BAA2B;QAC3B,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAChD,IAAI,CAAC,WAAW,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YAC9D,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,uCAAuC,EAAE,CAAC,CAAC;QACrF,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,WAAqC,CAAC;QAE1C,IAAI,CAAC;YACH,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;QAC5D,CAAC;QAED,+BAA+B;QAC/B,MAAM,MAAM,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;QACxC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,uBAAuB;QACvB,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,gCAAgC,EAAE,EAAE,EAAE,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC;QAClG,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAErD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACtB,EAAE,EAAE,KAAK,CAAC,EAAE;YACZ,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,YAAY,EAAE,KAAK,CAAC,YAAY;SACjC,CAAC,CAAC;IACL,CAAC;IAEO,aAAa,CAAC,EAAU,EAAE,GAAmB;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,EAAU,EAAE,GAAmB;QACxD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC5C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IACjD,CAAC;IAEO,WAAW,CAAC,GAAQ,EAAE,GAAmB;QAC/C,MAAM,YAAY,GAAG,CAAC,GAAkB,EAAsB,EAAE;YAC9D,IAAI,GAAG,KAAK,IAAI;gBAAE,OAAO,SAAS,CAAC;YACnC,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAC5B,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QACzC,CAAC,CAAC;QAEF,MAAM,CAAC,GAAG;YACR,WAAW,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,SAAS;YACzD,QAAQ,EAAE,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACxD,QAAQ,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS;YACvD,QAAQ,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,SAAS;YACpG,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAClD,MAAM,EAAE,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;SACrD,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACpC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACtB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE;YACzB,KAAK,EAAE,OAAO,CAAC,MAAM;YACrB,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;SACpD,CAAC,CAAC;IACL,CAAC;IAEO,gBAAgB,CAAC,WAAmB,EAAE,GAAmB;QAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,mCAAmC,EAAE,WAAW,EAAE,CAAC,CAAC;QAC9F,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IAEO,oBAAoB,CAAC,WAAmB,EAAE,GAAmB;QACnE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;QACtD,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;YACtB,WAAW;YACX,KAAK,EAAE,OAAO,CAAC,MAAM;YACrB,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;SACpD,CAAC,CAAC;IACL,CAAC;IAEO,WAAW,CAAC,WAAmB,EAAE,GAAQ,EAAE,GAAmB;QACpE,MAAM,KAAK,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,MAAM,CAAe,CAAC;QACtE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAE1D,IAAI,GAAW,CAAC;QAChB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,GAAG,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;QAC7B,CAAC;aAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC1B,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACvC,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACpC,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;YACjB,cAAc,EAAE,eAAe;YAC/B,eAAe,EAAE,aAAa;SAC/B,CAAC,CAAC;QACH,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;IAEO,gBAAgB,CAAC,WAAmB,EAAE,GAAQ,EAAE,GAAmB;QACzE,MAAM,KAAK,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,MAAM,CAAe,CAAC;QACtE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAE1D,IAAI,GAAW,CAAC;QAChB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,GAAG,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;QAC7B,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAC5C,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;YACjB,cAAc,EAAE,eAAe;YAC/B,eAAe,EAAE,aAAa;SAC/B,CAAC,CAAC;QACH,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;IAED,kEAAkE;IAE1D,WAAW,CAAC,KAAoB;QACtC,OAAO;YACL,EAAE,EAAE,KAAK,CAAC,EAAE;YACZ,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,cAAc,EAAE,KAAK,CAAC,cAAc;YACpC,UAAU,EAAE,KAAK,CAAC,UAAU;YAC5B,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC;IACJ,CAAC;IAEO,QAAQ,CAAC,GAAmB,EAAE,MAAc,EAAE,IAAa;QACjE,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC9D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAChC,CAAC;CACF;AAED,yEAAyE;AAEzE,SAAS,WAAW,CAAC,IAAS;IAC5B,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,CAAC,mCAAmC,CAAC,CAAC;IAC/C,CAAC;IAED,kBAAkB;IAClB,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ;QAAE,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAC7F,IAAI,IAAI,CAAC,IAAI,KAAK,0BAA0B;QAAE,MAAM,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;IACvG,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,+BAA+B;QAAE,MAAM,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;IAE5H,aAAa;IACb,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ;QAAE,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IACtG,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,OAAO,IAAI,CAAC,SAAS,KAAK,QAAQ;QAAE,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;IAEzG,SAAS;IACT,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACzC,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,IAAI,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,KAAK,QAAQ;YAAE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnG,CAAC;IAED,UAAU;IACV,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC1C,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,WAAW,KAAK,QAAQ;YAAE,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC5H,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,KAAK,QAAQ;YAAE,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IACvI,CAAC;IAED,cAAc;IACd,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QAC5D,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,KAAK,QAAQ,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;YAChH,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YACxE,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,QAAQ;IACR,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACxC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,yEAAyE;AAEzE,SAAS,QAAQ,CAAC,GAAoB;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,iBAAiB;QAE7C,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YAC/B,IAAI,IAAI,KAAK,CAAC,MAAM,CAAC;YACrB,IAAI,IAAI,GAAG,QAAQ,EAAE,CAAC;gBACpB,MAAM,CAAC,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC;gBAC5C,GAAG,CAAC,OAAO,EAAE,CAAC;gBACd,OAAO;YACT,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrB,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC/D,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/store.d.ts ADDED Viewed

@@ -0,0 +1,104 @@
+/**
+ * Certificate Store — persistent storage for Sentinel Trust Certificates.
+ *
+ * Backed by SentinelStore interface — supports in-memory, Redis, Postgres, SQLite.
+ * By default uses in-memory Map for zero-config development.
+ */
+import { type SentinelTrustCertificate } from '@sentinel-atl/scanner';
+import type { SentinelStore } from '@sentinel-atl/store';
+export interface RegistryEntry {
+    /** STC ID */
+    id: string;
+    /** Full certificate */
+    certificate: SentinelTrustCertificate;
+    /** Package name (for lookup) */
+    packageName: string;
+    /** Package version */
+    packageVersion: string;
+    /** Trust score */
+    trustScore: number;
+    /** Grade */
+    grade: string;
+    /** Whether signature is verified */
+    verified: boolean;
+    /** When the entry was registered */
+    registeredAt: string;
+    /** Issuer DID */
+    issuerDid: string;
+}
+export interface RegistryQuery {
+    /** Filter by package name */
+    packageName?: string;
+    /** Filter by minimum trust score */
+    minScore?: number;
+    /** Filter by minimum grade */
+    minGrade?: string;
+    /** Filter by verified status */
+    verified?: boolean;
+    /** Maximum results */
+    limit?: number;
+    /** Offset for pagination */
+    offset?: number;
+}
+export interface RegistryStats {
+    totalCertificates: number;
+    verifiedCertificates: number;
+    uniquePackages: number;
+    averageScore: number;
+    gradeDistribution: Record<string, number>;
+}
+/**
+ * Options for creating a CertificateStore.
+ * If `backend` is provided, certificates are persisted via SentinelStore.
+ * Otherwise, an in-memory Map is used (development only).
+ */
+export interface CertificateStoreOptions {
+    /** Persistent backend — data survives restarts */
+    backend?: SentinelStore;
+    /** Key prefix for the backend (default: 'registry:') */
+    prefix?: string;
+}
+export declare class CertificateStore {
+    private cache;
+    /** Index: packageName → entry IDs (newest first) */
+    private pkgIndex;
+    private backend?;
+    private prefix;
+    private loaded;
+    constructor(options?: CertificateStoreOptions);
+    /** Load all entries from the backend into the in-memory cache. Call once on startup. */
+    load(): Promise<void>;
+    /**
+     * Register a new certificate. Verifies signature before storing.
+     */
+    register(certificate: SentinelTrustCertificate): Promise<RegistryEntry>;
+    /**
+     * Get a certificate by ID.
+     */
+    get(id: string): RegistryEntry | undefined;
+    /**
+     * Get the latest certificate for a package.
+     */
+    getLatestForPackage(packageName: string): RegistryEntry | undefined;
+    /**
+     * Get all certificates for a package.
+     */
+    getForPackage(packageName: string): RegistryEntry[];
+    /**
+     * Query certificates with filters.
+     */
+    query(q: RegistryQuery): RegistryEntry[];
+    /**
+     * Remove a certificate by ID.
+     */
+    remove(id: string): Promise<boolean>;
+    /**
+     * Get registry statistics.
+     */
+    getStats(): RegistryStats;
+    /**
+     * Get total count (for pagination).
+     */
+    count(): number;
+}
+//# sourceMappingURL=store.d.ts.map

package/dist/store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../src/store.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAa,KAAK,wBAAwB,EAAwB,MAAM,uBAAuB,CAAC;AACvG,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAIzD,MAAM,WAAW,aAAa;IAC5B,aAAa;IACb,EAAE,EAAE,MAAM,CAAC;IACX,uBAAuB;IACvB,WAAW,EAAE,wBAAwB,CAAC;IACtC,gCAAgC;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,sBAAsB;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,oCAAoC;IACpC,QAAQ,EAAE,OAAO,CAAC;IAClB,oCAAoC;IACpC,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,6BAA6B;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,oCAAoC;IACpC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,8BAA8B;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gCAAgC;IAChC,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,sBAAsB;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,aAAa;IAC5B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC3C;AAYD;;;;GAIG;AACH,MAAM,WAAW,uBAAuB;IACtC,kDAAkD;IAClD,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,wDAAwD;IACxD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAMD,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,KAAK,CAAoC;IACjD,oDAAoD;IACpD,OAAO,CAAC,QAAQ,CAA+B;IAC/C,OAAO,CAAC,OAAO,CAAC,CAAgB;IAChC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,MAAM,CAAS;gBAEX,OAAO,CAAC,EAAE,uBAAuB;IAK7C,wFAAwF;IAClF,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAsB3B;;OAEG;IACG,QAAQ,CAAC,WAAW,EAAE,wBAAwB,GAAG,OAAO,CAAC,aAAa,CAAC;IAkC7E;;OAEG;IACH,GAAG,CAAC,EAAE,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS;IAI1C;;OAEG;IACH,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS;IAMnE;;OAEG;IACH,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,aAAa,EAAE;IAKnD;;OAEG;IACH,KAAK,CAAC,CAAC,EAAE,aAAa,GAAG,aAAa,EAAE;IAwBxC;;OAEG;IACG,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA6B1C;;OAEG;IACH,QAAQ,IAAI,aAAa;IAmBzB;;OAEG;IACH,KAAK,IAAI,MAAM;CAGhB"}

package/dist/store.js ADDED Viewed

@@ -0,0 +1,177 @@
+/**
+ * Certificate Store — persistent storage for Sentinel Trust Certificates.
+ *
+ * Backed by SentinelStore interface — supports in-memory, Redis, Postgres, SQLite.
+ * By default uses in-memory Map for zero-config development.
+ */
+import { verifySTC } from '@sentinel-atl/scanner';
+// ─── Grade Helpers ───────────────────────────────────────────────────
+const GRADE_ORDER = { A: 4, B: 3, C: 2, D: 1, F: 0 };
+function gradeAtLeast(actual, required) {
+    return (GRADE_ORDER[actual] ?? 0) >= (GRADE_ORDER[required] ?? 0);
+}
+const KEY_PREFIX_DEFAULT = 'registry:';
+const CERT_PREFIX = 'cert:';
+const PKG_INDEX_PREFIX = 'pkg:';
+export class CertificateStore {
+    cache = new Map();
+    /** Index: packageName → entry IDs (newest first) */
+    pkgIndex = new Map();
+    backend;
+    prefix;
+    loaded = false;
+    constructor(options) {
+        this.backend = options?.backend;
+        this.prefix = options?.prefix ?? KEY_PREFIX_DEFAULT;
+    }
+    /** Load all entries from the backend into the in-memory cache. Call once on startup. */
+    async load() {
+        if (this.loaded || !this.backend)
+            return;
+        const keys = await this.backend.keys(`${this.prefix}${CERT_PREFIX}`);
+        const values = await this.backend.getMany(keys);
+        for (const [, json] of values) {
+            const entry = JSON.parse(json);
+            this.cache.set(entry.id, entry);
+            const existing = this.pkgIndex.get(entry.packageName) ?? [];
+            existing.push(entry.id);
+            this.pkgIndex.set(entry.packageName, existing);
+        }
+        // Sort each package's IDs by registeredAt descending
+        for (const [pkg, ids] of this.pkgIndex) {
+            ids.sort((a, b) => {
+                const ea = this.cache.get(a);
+                const eb = this.cache.get(b);
+                return eb.registeredAt.localeCompare(ea.registeredAt);
+            });
+        }
+        this.loaded = true;
+    }
+    /**
+     * Register a new certificate. Verifies signature before storing.
+     */
+    async register(certificate) {
+        const result = await verifySTC(certificate);
+        const entry = {
+            id: certificate.id,
+            certificate,
+            packageName: certificate.subject.packageName,
+            packageVersion: certificate.subject.packageVersion,
+            trustScore: certificate.trustScore.overall,
+            grade: certificate.trustScore.grade,
+            verified: result.valid,
+            registeredAt: new Date().toISOString(),
+            issuerDid: certificate.issuer.did,
+        };
+        this.cache.set(entry.id, entry);
+        // Update package index
+        const existing = this.pkgIndex.get(entry.packageName) ?? [];
+        existing.unshift(entry.id); // newest first
+        this.pkgIndex.set(entry.packageName, existing);
+        // Persist to backend
+        if (this.backend) {
+            await this.backend.set(`${this.prefix}${CERT_PREFIX}${entry.id}`, JSON.stringify(entry));
+            await this.backend.set(`${this.prefix}${PKG_INDEX_PREFIX}${entry.packageName}`, JSON.stringify(existing));
+        }
+        return entry;
+    }
+    /**
+     * Get a certificate by ID.
+     */
+    get(id) {
+        return this.cache.get(id);
+    }
+    /**
+     * Get the latest certificate for a package.
+     */
+    getLatestForPackage(packageName) {
+        const ids = this.pkgIndex.get(packageName);
+        if (!ids || ids.length === 0)
+            return undefined;
+        return this.cache.get(ids[0]);
+    }
+    /**
+     * Get all certificates for a package.
+     */
+    getForPackage(packageName) {
+        const ids = this.pkgIndex.get(packageName) ?? [];
+        return ids.map(id => this.cache.get(id)).filter(Boolean);
+    }
+    /**
+     * Query certificates with filters.
+     */
+    query(q) {
+        let results = Array.from(this.cache.values());
+        if (q.packageName) {
+            results = results.filter(e => e.packageName === q.packageName);
+        }
+        if (q.minScore !== undefined) {
+            results = results.filter(e => e.trustScore >= q.minScore);
+        }
+        if (q.minGrade) {
+            results = results.filter(e => gradeAtLeast(e.grade, q.minGrade));
+        }
+        if (q.verified !== undefined) {
+            results = results.filter(e => e.verified === q.verified);
+        }
+        // Sort by registeredAt descending
+        results.sort((a, b) => b.registeredAt.localeCompare(a.registeredAt));
+        const offset = q.offset ?? 0;
+        const limit = q.limit ?? 50;
+        return results.slice(offset, offset + limit);
+    }
+    /**
+     * Remove a certificate by ID.
+     */
+    async remove(id) {
+        const entry = this.cache.get(id);
+        if (!entry)
+            return false;
+        this.cache.delete(id);
+        const ids = this.pkgIndex.get(entry.packageName);
+        if (ids) {
+            const idx = ids.indexOf(id);
+            if (idx !== -1)
+                ids.splice(idx, 1);
+            if (ids.length === 0)
+                this.pkgIndex.delete(entry.packageName);
+        }
+        // Persist deletion to backend
+        if (this.backend) {
+            await this.backend.delete(`${this.prefix}${CERT_PREFIX}${id}`);
+            if (ids && ids.length > 0) {
+                await this.backend.set(`${this.prefix}${PKG_INDEX_PREFIX}${entry.packageName}`, JSON.stringify(ids));
+            }
+            else {
+                await this.backend.delete(`${this.prefix}${PKG_INDEX_PREFIX}${entry.packageName}`);
+            }
+        }
+        return true;
+    }
+    /**
+     * Get registry statistics.
+     */
+    getStats() {
+        const all = Array.from(this.cache.values());
+        const gradeDistribution = { A: 0, B: 0, C: 0, D: 0, F: 0 };
+        let totalScore = 0;
+        for (const entry of all) {
+            totalScore += entry.trustScore;
+            gradeDistribution[entry.grade] = (gradeDistribution[entry.grade] ?? 0) + 1;
+        }
+        return {
+            totalCertificates: all.length,
+            verifiedCertificates: all.filter(e => e.verified).length,
+            uniquePackages: this.pkgIndex.size,
+            averageScore: all.length > 0 ? Math.round(totalScore / all.length) : 0,
+            gradeDistribution,
+        };
+    }
+    /**
+     * Get total count (for pagination).
+     */
+    count() {
+        return this.cache.size;
+    }
+}
+//# sourceMappingURL=store.js.map

package/dist/store.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"store.js","sourceRoot":"","sources":["../src/store.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,SAAS,EAAuD,MAAM,uBAAuB,CAAC;AAiDvG,wEAAwE;AAExE,MAAM,WAAW,GAA2B,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AAE7E,SAAS,YAAY,CAAC,MAAc,EAAE,QAAgB;IACpD,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AACpE,CAAC;AAgBD,MAAM,kBAAkB,GAAG,WAAW,CAAC;AACvC,MAAM,WAAW,GAAG,OAAO,CAAC;AAC5B,MAAM,gBAAgB,GAAG,MAAM,CAAC;AAEhC,MAAM,OAAO,gBAAgB;IACnB,KAAK,GAAG,IAAI,GAAG,EAAyB,CAAC;IACjD,oDAAoD;IAC5C,QAAQ,GAAG,IAAI,GAAG,EAAoB,CAAC;IACvC,OAAO,CAAiB;IACxB,MAAM,CAAS;IACf,MAAM,GAAG,KAAK,CAAC;IAEvB,YAAY,OAAiC;QAC3C,IAAI,CAAC,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;QAChC,IAAI,CAAC,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,kBAAkB,CAAC;IACtD,CAAC;IAED,wFAAwF;IACxF,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO;QACzC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,WAAW,EAAE,CAAC,CAAC;QACrE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAChD,KAAK,MAAM,CAAC,EAAE,IAAI,CAAC,IAAI,MAAM,EAAE,CAAC;YAC9B,MAAM,KAAK,GAAkB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC9C,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;YAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YAC5D,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACxB,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QACjD,CAAC;QACD,qDAAqD;QACrD,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACvC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBAChB,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC;gBAC9B,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC;gBAC9B,OAAO,EAAE,CAAC,YAAY,CAAC,aAAa,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC;YACxD,CAAC,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,WAAqC;QAClD,MAAM,MAAM,GAAoB,MAAM,SAAS,CAAC,WAAW,CAAC,CAAC;QAE7D,MAAM,KAAK,GAAkB;YAC3B,EAAE,EAAE,WAAW,CAAC,EAAE;YAClB,WAAW;YACX,WAAW,EAAE,WAAW,CAAC,OAAO,CAAC,WAAW;YAC5C,cAAc,EAAE,WAAW,CAAC,OAAO,CAAC,cAAc;YAClD,UAAU,EAAE,WAAW,CAAC,UAAU,CAAC,OAAO;YAC1C,KAAK,EAAE,WAAW,CAAC,UAAU,CAAC,KAAK;YACnC,QAAQ,EAAE,MAAM,CAAC,KAAK;YACtB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACtC,SAAS,EAAE,WAAW,CAAC,MAAM,CAAC,GAAG;SAClC,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAEhC,uBAAuB;QACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QAC5D,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe;QAC3C,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QAE/C,qBAAqB;QACrB,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,WAAW,GAAG,KAAK,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;YACzF,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CACpB,GAAG,IAAI,CAAC,MAAM,GAAG,gBAAgB,GAAG,KAAK,CAAC,WAAW,EAAE,EACvD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CACzB,CAAC;QACJ,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,EAAU;QACZ,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,WAAmB;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC3C,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,SAAS,CAAC;QAC/C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,WAAmB;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QACjD,OAAO,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,CAAgB;QACpB,IAAI,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAE9C,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;YAClB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC;QACjE,CAAC;QACD,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC7B,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,QAAS,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;YACf,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,QAAS,CAAC,CAAC,CAAC;QACpE,CAAC;QACD,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC7B,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC3D,CAAC;QAED,kCAAkC;QAClC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;QAErE,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC;QAC7B,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC5B,OAAO,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,KAAK,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,EAAU;QACrB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAEzB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAEtB,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACjD,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YAC5B,IAAI,GAAG,KAAK,CAAC,CAAC;gBAAE,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACnC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;gBAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAChE,CAAC;QAED,8BAA8B;QAC9B,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,WAAW,GAAG,EAAE,EAAE,CAAC,CAAC;YAC/D,IAAI,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CACpB,GAAG,IAAI,CAAC,MAAM,GAAG,gBAAgB,GAAG,KAAK,CAAC,WAAW,EAAE,EACvD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CACpB,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,gBAAgB,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;YACrF,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAC5C,MAAM,iBAAiB,GAA2B,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;QAEnF,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,KAAK,MAAM,KAAK,IAAI,GAAG,EAAE,CAAC;YACxB,UAAU,IAAI,KAAK,CAAC,UAAU,CAAC;YAC/B,iBAAiB,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC7E,CAAC;QAED,OAAO;YACL,iBAAiB,EAAE,GAAG,CAAC,MAAM;YAC7B,oBAAoB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM;YACxD,cAAc,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI;YAClC,YAAY,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;YACtE,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;IACzB,CAAC;CACF"}