@sfranalytics/mcp 0.6.2 → 0.6.4

package/README.md

@@ -1,68 +1,54 @@
 # @sfranalytics/mcp
 
-MCP server for [SFR Analytics](https://www.sfranalytics.com) — single-family rental property data, buyer intelligence, and private lending insights for AI assistants.
+MCP server for [SFR Analytics](https://www.sfranalytics.com) — single-family residential property data, buyer intelligence, and private lending insights for AI assistants.
 
 ## Quick Start
 
 ### Claude Code
 
 ```bash
-claude mcp add sfra -- npx -y @sfranalytics/mcp \
-  --env SFR_API_TOKEN=your-sfr-key \
-  --env PLR_API_TOKEN=your-plr-key
+claude mcp add sfranalytics --transport http https://mcp.sfranalytics.com/mcp \
+  -H "SFR-Api-Token: YOUR_SFR_KEY" \
+  -H "PLR-Api-Token: YOUR_PLR_KEY"
 ```
 
+Provide at least one token header (`SFR-Api-Token` or `PLR-Api-Token`).
+
 ### Claude Desktop
 
+Claude Desktop currently uses stdio transport, so use `npx`:
+
 Add to your `claude_desktop_config.json`:
 
 ```json
 {
   "mcpServers": {
-    "sfra": {
+    "sfranalytics": {
       "command": "npx",
       "args": ["-y", "@sfranalytics/mcp"],
       "env": {
-        "SFR_API_TOKEN": "your-sfr-key",
-        "PLR_API_TOKEN": "your-plr-key"
+        "SFR_API_TOKEN": "YOUR_SFR_KEY",
+        "PLR_API_TOKEN": "YOUR_PLR_KEY"
       }
     }
   }
 }
 ```
 
-### Hosted HTTP Transport
+### Other MCP Clients
 
-Run the MCP server over HTTP:
+Use the hosted streamable HTTP endpoint:
 
-```bash
-npm run dev:http
-```
+- Endpoint: `https://mcp.sfranalytics.com/mcp`
+- Headers: `SFR-Api-Token` and/or `PLR-Api-Token`
 
-Connect from Claude Code:
+### Verify Setup
 
-```bash
-claude mcp add sfra-http --transport http http://localhost:3000/mcp \
-  --header "SFR-Api-Token: your-sfr-key" \
-  --header "PLR-Api-Token: your-plr-key"
-```
+After connecting, ask Claude:
 
-Production endpoint example:
+> Check my SFR Analytics connection
 
-```bash
-claude mcp add sfra-http --transport http https://mcp.sfranalytics.com/mcp \
-  --header "SFR-Api-Token: your-sfr-key" \
-  --header "PLR-Api-Token: your-plr-key"
-```
-
-Notes:
-
-- Provide at least one token header (`SFR-Api-Token` or `PLR-Api-Token`).
-- `MCP_ALLOWED_ORIGINS` controls allowed `Origin` headers.
-- `MCP_ALLOWED_HOSTS` controls allowed `Host` headers (recommended for public deployments).
-- `MCP_STRICT_TOKEN_VALIDATION=true` optionally validates token(s) on each MCP request via upstream auth probes.
-- In strict mode, explicit auth failures return `401`; temporary probe outages return `503`.
-- Raw HTTP clients should send `Accept: application/json, text/event-stream`.
+This calls `sfra_health` and confirms your configured API access.
 
 ## API Keys
 
@@ -102,7 +88,47 @@ Get your API keys at [sfranalytics.com](https://www.sfranalytics.com).
 |------|-------------|
 | `sfra_health` | Connectivity check for configured APIs |
 
-## Configuration
+## Example Prompts
+
+The server includes built-in prompts for common workflows:
+
+- **market-screen** — Find top zip codes by investment criteria
+- **buyer-research** — Research a property investor's portfolio and strategy
+- **property-analysis** — Evaluate a property for SFR investment
+- **lending-overview** — Private lending market overview
+- **borrower-outreach** — Build a targeted borrower outreach list
+
+Prompts are scoped to your configured APIs.
+
+<details>
+<summary>Self-Hosted / Local Development</summary>
+
+### Requirements
+
+- Node.js >= 18.0.0
+- An MCP-compatible client (Claude Code, Claude Desktop, etc.)
+
+### Local stdio (npx)
+
+```bash
+npx -y @sfranalytics/mcp
+```
+
+### Local HTTP server
+
+```bash
+npm run dev:http
+```
+
+Connect from Claude Code:
+
+```bash
+claude mcp add sfranalytics-local --transport http http://localhost:3000/mcp \
+  -H "SFR-Api-Token: YOUR_SFR_KEY" \
+  -H "PLR-Api-Token: YOUR_PLR_KEY"
+```
+
+### Configuration
 
 | Variable | Required | Default | Description |
 |----------|----------|---------|-------------|
@@ -118,24 +144,15 @@ Get your API keys at [sfranalytics.com](https://www.sfranalytics.com).
 | `MCP_STRICT_TOKEN_VALIDATION` | No | `false` | If `true`, validate provided HTTP token(s) on each request using upstream auth probes |
 | `MCP_SFR_TOKEN_PROBE_ADDRESS` | No | `123 Main St, Phoenix, AZ 85004` | Address used for SFR strict-token auth probe |
 
-At least one API token must be provided.
-
-## Example Prompts
-
-The server includes built-in prompts for common workflows:
-
-- **market-screen** — Find top zip codes by investment criteria
-- **buyer-research** — Research a property investor's portfolio and strategy
-- **property-analysis** — Evaluate a property for SFR investment
-- **lending-overview** — Private lending market overview
-- **borrower-outreach** — Build a targeted borrower outreach list
-
-Prompts are scoped to your configured APIs.
+Notes:
 
-## Requirements
+- At least one token is required.
+- `MCP_ALLOWED_ORIGINS` controls allowed `Origin` headers.
+- `MCP_ALLOWED_HOSTS` controls allowed `Host` headers.
+- In strict mode, explicit auth failures return `401`; temporary probe outages return `503`.
+- Raw HTTP clients should send `Accept: application/json, text/event-stream`.
 
-- Node.js >= 18.0.0
-- An MCP-compatible client (Claude Code, Claude Desktop, etc.)
+</details>
 
 ## Support
 

package/dist/analytics/logger.d.ts

@@ -0,0 +1,3 @@
+type AnalyticsEvent = Record<string, unknown>;
+export declare function logEvent(event: AnalyticsEvent): void;
+export {};

package/dist/analytics/logger.js

@@ -0,0 +1,39 @@
+function parseBoolean(input, defaultValue) {
+    if (!input)
+        return defaultValue;
+    const normalized = input.trim().toLowerCase();
+    if (["1", "true", "yes", "on"].includes(normalized))
+        return true;
+    if (["0", "false", "no", "off"].includes(normalized))
+        return false;
+    return defaultValue;
+}
+function parseSampleRate(input) {
+    if (!input)
+        return 1;
+    const parsed = Number(input);
+    if (!Number.isFinite(parsed))
+        return 1;
+    if (parsed <= 0)
+        return 0;
+    if (parsed >= 1)
+        return 1;
+    return parsed;
+}
+const ANALYTICS_ENABLED = parseBoolean(process.env.MCP_ANALYTICS_ENABLED, true);
+const SAMPLE_RATE = parseSampleRate(process.env.MCP_ANALYTICS_SAMPLE_RATE);
+export function logEvent(event) {
+    if (!ANALYTICS_ENABLED)
+        return;
+    if (SAMPLE_RATE <= 0)
+        return;
+    if (SAMPLE_RATE < 1 && Math.random() > SAMPLE_RATE)
+        return;
+    try {
+        process.stderr.write(`${JSON.stringify(event)}\n`);
+    }
+    catch {
+        // Logging must never break tool execution.
+    }
+}
+//# sourceMappingURL=logger.js.map

package/dist/analytics/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/analytics/logger.ts"],"names":[],"mappings":"AAEA,SAAS,YAAY,CAAC,KAAyB,EAAE,YAAqB;IACpE,IAAI,CAAC,KAAK;QAAE,OAAO,YAAY,CAAC;IAChC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IACjE,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC;QAAE,OAAO,KAAK,CAAC;IACnE,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,eAAe,CAAC,KAAyB;IAChD,IAAI,CAAC,KAAK;QAAE,OAAO,CAAC,CAAC;IACrB,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,CAAC,CAAC;IACvC,IAAI,MAAM,IAAI,CAAC;QAAE,OAAO,CAAC,CAAC;IAC1B,IAAI,MAAM,IAAI,CAAC;QAAE,OAAO,CAAC,CAAC;IAC1B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,iBAAiB,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAC;AAChF,MAAM,WAAW,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;AAE3E,MAAM,UAAU,QAAQ,CAAC,KAAqB;IAC5C,IAAI,CAAC,iBAAiB;QAAE,OAAO;IAC/B,IAAI,WAAW,IAAI,CAAC;QAAE,OAAO;IAC7B,IAAI,WAAW,GAAG,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,GAAG,WAAW;QAAE,OAAO;IAE3D,IAAI,CAAC;QACH,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrD,CAAC;IAAC,MAAM,CAAC;QACP,2CAA2C;IAC7C,CAAC;AACH,CAAC"}

package/dist/analytics/requestContext.d.ts

@@ -0,0 +1,21 @@
+export type RuntimeMode = "hosted_http" | "stdio";
+export type RequestContext = {
+    requestId: string | null;
+    tokenHash: string | null;
+    tokenHashSfr: string | null;
+    tokenHashPlr: string | null;
+    mode: RuntimeMode;
+    clientIp?: string;
+};
+/**
+ * Compute a token hash for analytics correlation.
+ * If MCP_TOKEN_HASH_PEPPER is configured, use HMAC-SHA256.
+ * Otherwise use plain SHA-256 for backwards compatibility.
+ */
+export declare function computeTokenHash(token: string | null | undefined): string | null;
+export declare function buildTokenHashes(input: {
+    sfrToken?: string | null;
+    plrToken?: string | null;
+}): Pick<RequestContext, "tokenHash" | "tokenHashSfr" | "tokenHashPlr">;
+export declare function runWithRequestContext<T>(ctx: RequestContext, cb: () => T): T;
+export declare function getCtx(): RequestContext | undefined;

package/dist/analytics/requestContext.js

@@ -0,0 +1,39 @@
+import { AsyncLocalStorage } from "node:async_hooks";
+import { createHash, createHmac } from "node:crypto";
+const requestContext = new AsyncLocalStorage();
+function normalizeSecret(input) {
+    if (!input)
+        return null;
+    const trimmed = input.trim();
+    return trimmed.length > 0 ? trimmed : null;
+}
+/**
+ * Compute a token hash for analytics correlation.
+ * If MCP_TOKEN_HASH_PEPPER is configured, use HMAC-SHA256.
+ * Otherwise use plain SHA-256 for backwards compatibility.
+ */
+export function computeTokenHash(token) {
+    const normalizedToken = normalizeSecret(token);
+    if (!normalizedToken)
+        return null;
+    const pepper = normalizeSecret(process.env.MCP_TOKEN_HASH_PEPPER);
+    if (pepper) {
+        const digest = createHmac("sha256", pepper).update(normalizedToken).digest("hex");
+        return `hmac-sha256:${digest}`;
+    }
+    const digest = createHash("sha256").update(normalizedToken).digest("hex");
+    return `sha256:${digest}`;
+}
+export function buildTokenHashes(input) {
+    const tokenHashSfr = computeTokenHash(input.sfrToken);
+    const tokenHashPlr = computeTokenHash(input.plrToken);
+    const tokenHash = tokenHashSfr ?? tokenHashPlr;
+    return { tokenHash, tokenHashSfr, tokenHashPlr };
+}
+export function runWithRequestContext(ctx, cb) {
+    return requestContext.run(ctx, cb);
+}
+export function getCtx() {
+    return requestContext.getStore();
+}
+//# sourceMappingURL=requestContext.js.map

package/dist/analytics/requestContext.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"requestContext.js","sourceRoot":"","sources":["../../src/analytics/requestContext.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAarD,MAAM,cAAc,GAAG,IAAI,iBAAiB,EAAkB,CAAC;AAE/D,SAAS,eAAe,CAAC,KAAgC;IACvD,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;AAC7C,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAgC;IAC/D,MAAM,eAAe,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IAC/C,IAAI,CAAC,eAAe;QAAE,OAAO,IAAI,CAAC;IAElC,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IAClE,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAClF,OAAO,eAAe,MAAM,EAAE,CAAC;IACjC,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1E,OAAO,UAAU,MAAM,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,KAGhC;IACC,MAAM,YAAY,GAAG,gBAAgB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACtD,MAAM,YAAY,GAAG,gBAAgB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,YAAY,IAAI,YAAY,CAAC;IAC/C,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,EAAE,CAAC;AACnD,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAI,GAAmB,EAAE,EAAW;IACvE,OAAO,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;AACrC,CAAC;AAED,MAAM,UAAU,MAAM;IACpB,OAAO,cAAc,CAAC,QAAQ,EAAE,CAAC;AACnC,CAAC"}

package/dist/analytics/sanitize.d.ts

@@ -0,0 +1 @@
+export declare function sanitizeArgs(args: unknown): Record<string, unknown>;

package/dist/analytics/sanitize.js

@@ -0,0 +1,78 @@
+const MAX_STRING_CHARS = 256;
+const MAX_ARRAY_ITEMS = 20;
+const MAX_OBJECT_KEYS = 100;
+const MAX_DEPTH = 8;
+const REDACTED = "[redacted]";
+const TRUNCATED = "[truncated]";
+const CIRCULAR = "[circular]";
+const KEY_DENYLIST = /ssn|social|address|street|dob|birth|email|phone|token|secret|password|authorization|api[-_]?key/i;
+const EMAIL_PATTERN = /^[^\s@]+@[^\s@]+\.[^\s@]+$/i;
+const PHONE_PATTERN = /^\+?[0-9()\-\s.]{10,}$/;
+const TOKENISH_PATTERN = /^(?:[a-f0-9]{32,}|[A-Za-z0-9+/_\-]{32,})$/;
+function truncateString(value) {
+    if (value.length <= MAX_STRING_CHARS)
+        return value;
+    return value.slice(0, MAX_STRING_CHARS) + TRUNCATED;
+}
+function looksSensitiveValue(value) {
+    const normalized = value.trim();
+    if (!normalized)
+        return false;
+    return EMAIL_PATTERN.test(normalized) || PHONE_PATTERN.test(normalized) || TOKENISH_PATTERN.test(normalized);
+}
+function sanitizeValue(value, keyName, depth, seen) {
+    if (depth > MAX_DEPTH)
+        return TRUNCATED;
+    if (value == null)
+        return value;
+    if (typeof value === "string") {
+        if ((keyName && KEY_DENYLIST.test(keyName)) || looksSensitiveValue(value))
+            return REDACTED;
+        return truncateString(value);
+    }
+    if (typeof value === "number") {
+        return Number.isFinite(value) ? value : String(value);
+    }
+    if (typeof value === "boolean")
+        return value;
+    if (typeof value === "bigint")
+        return value.toString();
+    if (value instanceof Date)
+        return value.toISOString();
+    if (Array.isArray(value)) {
+        const capped = value.slice(0, MAX_ARRAY_ITEMS);
+        const sanitized = capped.map((entry) => sanitizeValue(entry, keyName, depth + 1, seen));
+        if (value.length > MAX_ARRAY_ITEMS)
+            sanitized.push(TRUNCATED);
+        return sanitized;
+    }
+    if (typeof value === "object") {
+        const obj = value;
+        if (seen.has(obj))
+            return CIRCULAR;
+        seen.add(obj);
+        const out = {};
+        const entries = Object.entries(obj).slice(0, MAX_OBJECT_KEYS);
+        for (const [k, v] of entries) {
+            if (KEY_DENYLIST.test(k)) {
+                out[k] = REDACTED;
+                continue;
+            }
+            out[k] = sanitizeValue(v, k, depth + 1, seen);
+        }
+        if (Object.keys(obj).length > MAX_OBJECT_KEYS) {
+            out._truncatedKeys = true;
+        }
+        return out;
+    }
+    return truncateString(String(value));
+}
+export function sanitizeArgs(args) {
+    const seen = new WeakSet();
+    const sanitized = sanitizeValue(args, null, 0, seen);
+    if (sanitized && typeof sanitized === "object" && !Array.isArray(sanitized)) {
+        return sanitized;
+    }
+    return { value: sanitized };
+}
+//# sourceMappingURL=sanitize.js.map

package/dist/analytics/sanitize.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize.js","sourceRoot":"","sources":["../../src/analytics/sanitize.ts"],"names":[],"mappings":"AAAA,MAAM,gBAAgB,GAAG,GAAG,CAAC;AAC7B,MAAM,eAAe,GAAG,EAAE,CAAC;AAC3B,MAAM,eAAe,GAAG,GAAG,CAAC;AAC5B,MAAM,SAAS,GAAG,CAAC,CAAC;AAEpB,MAAM,QAAQ,GAAG,YAAY,CAAC;AAC9B,MAAM,SAAS,GAAG,aAAa,CAAC;AAChC,MAAM,QAAQ,GAAG,YAAY,CAAC;AAE9B,MAAM,YAAY,GAAG,kGAAkG,CAAC;AACxH,MAAM,aAAa,GAAG,6BAA6B,CAAC;AACpD,MAAM,aAAa,GAAG,wBAAwB,CAAC;AAC/C,MAAM,gBAAgB,GAAG,2CAA2C,CAAC;AAErE,SAAS,cAAc,CAAC,KAAa;IACnC,IAAI,KAAK,CAAC,MAAM,IAAI,gBAAgB;QAAE,OAAO,KAAK,CAAC;IACnD,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,gBAAgB,CAAC,GAAG,SAAS,CAAC;AACtD,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAa;IACxC,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAChC,IAAI,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IAC9B,OAAO,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;AAC/G,CAAC;AAED,SAAS,aAAa,CACpB,KAAc,EACd,OAAsB,EACtB,KAAa,EACb,IAAqB;IAErB,IAAI,KAAK,GAAG,SAAS;QAAE,OAAO,SAAS,CAAC;IAExC,IAAI,KAAK,IAAI,IAAI;QAAE,OAAO,KAAK,CAAC;IAEhC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,IAAI,CAAC,OAAO,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,mBAAmB,CAAC,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QAC3F,OAAO,cAAc,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACxD,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IAE7C,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC,QAAQ,EAAE,CAAC;IAEvD,IAAI,KAAK,YAAY,IAAI;QAAE,OAAO,KAAK,CAAC,WAAW,EAAE,CAAC;IAEtD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC;QAC/C,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;QACxF,IAAI,KAAK,CAAC,MAAM,GAAG,eAAe;YAAE,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC9D,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,KAAgC,CAAC;QAC7C,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,QAAQ,CAAC;QACnC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEd,MAAM,GAAG,GAA4B,EAAE,CAAC;QACxC,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC;QAC9D,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;gBACzB,GAAG,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC;gBAClB,SAAS;YACX,CAAC;YACD,GAAG,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC;QAChD,CAAC;QACD,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,eAAe,EAAE,CAAC;YAC9C,GAAG,CAAC,cAAc,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,OAAO,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAAa;IACxC,MAAM,IAAI,GAAG,IAAI,OAAO,EAAU,CAAC;IACnC,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;IACrD,IAAI,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5E,OAAO,SAAoC,CAAC;IAC9C,CAAC;IACD,OAAO,EAAE,KAAK,EAAE,SAAoB,EAAE,CAAC;AACzC,CAAC"}