@shiftleftpt/sbd-toe-mcp 0.1.0

package/dist/bootstrap/checkout-backend.test.js

@@ -0,0 +1,158 @@
+import { describe, it, expect } from "vitest";
+import { sanitizeRunManifest, ensurePublishedIndex } from "../bootstrap/checkout-backend.js";
+// --- Tests ---
+describe("checkout-backend.ts", () => {
+    describe("sanitizeRunManifest", () => {
+        it("preserves run_id when present", () => {
+            const upstream = {
+                run_id: "test-run-123"
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result.run_id).toBe("test-run-123");
+        });
+        it("omits run_id when undefined", () => {
+            const upstream = {
+                generated_at: "2026-03-24T10:00:00Z"
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result).not.toHaveProperty("run_id");
+            expect(result.generated_at).toBe("2026-03-24T10:00:00Z");
+        });
+        it("converts SSH repo_url to HTTPS", () => {
+            const upstream = {
+                repo_url: "git@github.com:test/repo.git"
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result.repo_url).toBe("https://github.com/test/repo");
+        });
+        it("converts SSH repo_url without .git suffix", () => {
+            const upstream = {
+                repo_url: "git@github.com:test/repo"
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result.repo_url).toBe("https://github.com/test/repo");
+        });
+        it("preserves HTTPS repo_url unchanged", () => {
+            const upstream = {
+                repo_url: "https://github.com/test/repo.git"
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result.repo_url).toBe("https://github.com/test/repo.git");
+        });
+        it("handles whitespace in repo_url", () => {
+            const upstream = {
+                repo_url: "  https://github.com/test/repo  "
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result.repo_url).toBe("https://github.com/test/repo");
+        });
+        it("omits repo_url when undefined", () => {
+            const upstream = {
+                run_id: "123"
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result).not.toHaveProperty("repo_url");
+        });
+        it("omits repo_url when empty string", () => {
+            const upstream = {
+                repo_url: ""
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result).not.toHaveProperty("repo_url");
+        });
+        it("preserves all fields when all present", () => {
+            const upstream = {
+                run_id: "run-001",
+                generated_at: "2026-03-24T10:00:00Z",
+                branch: "main",
+                commit_sha: "abc123",
+                corpus_root: "/corpus",
+                repo_url: "https://github.com/test/repo",
+                sync_mode: "full",
+                version: "1.0.0"
+            };
+            const result = sanitizeRunManifest(upstream);
+            expect(result.run_id).toBe("run-001");
+            expect(result.generated_at).toBe("2026-03-24T10:00:00Z");
+            expect(result.branch).toBe("main");
+            expect(result.commit_sha).toBe("abc123");
+            expect(result.corpus_root).toBe("/corpus");
+            expect(result.repo_url).toBe("https://github.com/test/repo");
+            expect(result.sync_mode).toBe("full");
+            expect(result.version).toBe("1.0.0");
+        });
+    });
+    describe("ensurePublishedIndex", () => {
+        it("finds index by record_family", () => {
+            const items = [
+                {
+                    index_name: "test_docs",
+                    record_family: "documents",
+                    settings: { ranking: ["asc(popularity)"] }
+                }
+            ];
+            const result = ensurePublishedIndex(items, "documents", "default_docs");
+            expect(result.indexName).toBe("test_docs");
+            expect(result.recordFamily).toBe("documents");
+            expect(result.settings).toEqual({ ranking: ["asc(popularity)"] });
+        });
+        it("uses index_name as fallback when record_family not found", () => {
+            const items = [
+                {
+                    index_name: "fallback_index",
+                    record_family: "other_family"
+                }
+            ];
+            const result = ensurePublishedIndex(items, "entities", "fallback_index");
+            expect(result.indexName).toBe("fallback_index");
+            expect(result.recordFamily).toBe("entities");
+        });
+        it("throws when index not found by family or fallback", () => {
+            const items = [
+                {
+                    index_name: "some_index",
+                    record_family: "other_family"
+                }
+            ];
+            expect(() => {
+                ensurePublishedIndex(items, "documents", "missing_fallback");
+            }).toThrow(/O upstream não publicou um índice utilizável para "documents"/);
+        });
+        it("throws when items array is empty", () => {
+            expect(() => {
+                ensurePublishedIndex([], "documents", "fallback");
+            }).toThrow(/O upstream não publicou um índice utilizável/);
+        });
+        it("throws when items is undefined", () => {
+            expect(() => {
+                ensurePublishedIndex(undefined, "documents", "fallback");
+            }).toThrow(/O upstream não publicou um índice utilizável/);
+        });
+        it("defaults settings to empty object when not provided", () => {
+            const items = [
+                {
+                    index_name: "test_index",
+                    record_family: "documents"
+                    // settings omitted
+                }
+            ];
+            const result = ensurePublishedIndex(items, "documents", "fallback");
+            expect(result.settings).toEqual({});
+        });
+        it("prefers exact family match over fallback", () => {
+            const items = [
+                {
+                    index_name: "fallback_index",
+                    record_family: "other_family"
+                },
+                {
+                    index_name: "exact_docs_index",
+                    record_family: "documents"
+                }
+            ];
+            const result = ensurePublishedIndex(items, "documents", "fallback_index");
+            expect(result.indexName).toBe("exact_docs_index");
+        });
+    });
+});
+//# sourceMappingURL=checkout-backend.test.js.map

package/dist/bootstrap/checkout-backend.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"checkout-backend.test.js","sourceRoot":"","sources":["../../src/bootstrap/checkout-backend.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AA2B7F,gBAAgB;AAEhB,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;QACnC,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,QAAQ,GAA+B;gBAC3C,MAAM,EAAE,cAAc;aACvB,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,QAAQ,GAA+B;gBAC3C,YAAY,EAAE,sBAAsB;aACrC,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC5C,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,QAAQ,GAA+B;gBAC3C,QAAQ,EAAE,8BAA8B;aACzC,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,QAAQ,GAA+B;gBAC3C,QAAQ,EAAE,0BAA0B;aACrC,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,QAAQ,GAA+B;gBAC3C,QAAQ,EAAE,kCAAkC;aAC7C,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QACnE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,QAAQ,GAA+B;gBAC3C,QAAQ,EAAE,kCAAkC;aAC7C,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,QAAQ,GAA+B;gBAC3C,MAAM,EAAE,KAAK;aACd,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,QAAQ,GAA+B;gBAC3C,QAAQ,EAAE,EAAE;aACb,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,QAAQ,GAA+B;gBAC3C,MAAM,EAAE,SAAS;gBACjB,YAAY,EAAE,sBAAsB;gBACpC,MAAM,EAAE,MAAM;gBACd,UAAU,EAAE,QAAQ;gBACpB,WAAW,EAAE,SAAS;gBACtB,QAAQ,EAAE,8BAA8B;gBACxC,SAAS,EAAE,MAAM;gBACjB,OAAO,EAAE,OAAO;aACjB,CAAC;YAEF,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAE7C,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACtC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACzD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YAC7D,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACtC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,KAAK,GAA0C;gBACnD;oBACE,UAAU,EAAE,WAAW;oBACvB,aAAa,EAAE,WAAW;oBAC1B,QAAQ,EAAE,EAAE,OAAO,EAAE,CAAC,iBAAiB,CAAC,EAAE;iBAC3C;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,oBAAoB,CAAC,KAAK,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC;YAExE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC3C,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC9C,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;YAClE,MAAM,KAAK,GAA0C;gBACnD;oBACE,UAAU,EAAE,gBAAgB;oBAC5B,aAAa,EAAE,cAAc;iBAC9B;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,oBAAoB,CAAC,KAAK,EAAE,UAAU,EAAE,gBAAgB,CAAC,CAAC;YAEzE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAChD,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;YAC3D,MAAM,KAAK,GAA0C;gBACnD;oBACE,UAAU,EAAE,YAAY;oBACxB,aAAa,EAAE,cAAc;iBAC9B;aACF,CAAC;YAEF,MAAM,CAAC,GAAG,EAAE;gBACV,oBAAoB,CAAC,KAAK,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;YAC/D,CAAC,CAAC,CAAC,OAAO,CAAC,+DAA+D,CAAC,CAAC;QAC9E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,CAAC,GAAG,EAAE;gBACV,oBAAoB,CAAC,EAAE,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC,OAAO,CAAC,8CAA8C,CAAC,CAAC;QAC7D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,CAAC,GAAG,EAAE;gBACV,oBAAoB,CAAC,SAAS,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;YAC3D,CAAC,CAAC,CAAC,OAAO,CAAC,8CAA8C,CAAC,CAAC;QAC7D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;YAC7D,MAAM,KAAK,GAA0C;gBACnD;oBACE,UAAU,EAAE,YAAY;oBACxB,aAAa,EAAE,WAAW;oBAC1B,mBAAmB;iBACpB;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,oBAAoB,CAAC,KAAK,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;YAEpE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,KAAK,GAA0C;gBACnD;oBACE,UAAU,EAAE,gBAAgB;oBAC5B,aAAa,EAAE,cAAc;iBAC9B;gBACD;oBACE,UAAU,EAAE,kBAAkB;oBAC9B,aAAa,EAAE,WAAW;iBAC3B;aACF,CAAC;YAEF,MAAM,MAAM,GAAG,oBAAoB,CAAC,KAAK,EAAE,WAAW,EAAE,gBAAgB,CAAC,CAAC;YAE1E,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/bootstrap/release-checkout.d.ts

@@ -0,0 +1,8 @@
+import type { AppConfig } from "../types.js";
+export declare function assertSafeAssetUrl(url: string): void;
+export declare function assertSafeDestPath(destPath: string, baseDir: string): void;
+export declare function fetchReleaseAssetUrl(tag: string, timeoutMs: number): Promise<{
+    assetUrl: string;
+    assetName: string;
+}>;
+export declare function checkoutFromRelease(config: AppConfig, destDir: string): Promise<void>;

package/dist/bootstrap/release-checkout.js

@@ -0,0 +1,168 @@
+import { createWriteStream } from "node:fs";
+import { copyFile, mkdir, mkdtemp, rm } from "node:fs/promises";
+import { Readable } from "node:stream";
+import os from "node:os";
+import path from "node:path";
+import { pipeline } from "node:stream/promises";
+import { spawnSync } from "node:child_process";
+// SECURITY: URL base e owner/repo são HARDCODED. Nunca aceitar de env ou input externo.
+const HARDCODED_API_BASE = "https://api.github.com/repos/Shiftleftpt/sbd-toe-knowledge-graph";
+const ALLOWED_ASSET_URL_PREFIXES = [
+    "https://github.com/Shiftleftpt/sbd-toe-knowledge-graph/",
+    "https://objects.githubusercontent.com/",
+];
+// Fixed list of files to copy from the extracted bundle to destDir.
+// SECURITY: Only known paths are copied; no dynamic traversal of extracted content.
+const KNOWN_FILES = [
+    {
+        src: path.join("data", "publish", "algolia_docs_records.json"),
+        dest: path.join("data", "publish", "algolia_docs_records.json"),
+    },
+    {
+        src: path.join("data", "publish", "algolia_entities_records.json"),
+        dest: path.join("data", "publish", "algolia_entities_records.json"),
+    },
+    {
+        src: path.join("data", "publish", "algolia_docs_records_enriched.json"),
+        dest: path.join("data", "publish", "algolia_docs_records_enriched.json"),
+    },
+    {
+        src: path.join("data", "publish", "algolia_entities_records_enriched.json"),
+        dest: path.join("data", "publish", "algolia_entities_records_enriched.json"),
+    },
+    {
+        src: path.join("data", "publish", "algolia_index_settings.json"),
+        dest: path.join("data", "publish", "algolia_index_settings.json"),
+    },
+    {
+        src: path.join("data", "reports", "run_manifest.json"),
+        dest: path.join("data", "reports", "run_manifest.json"),
+    },
+];
+export function assertSafeAssetUrl(url) {
+    const allowed = ALLOWED_ASSET_URL_PREFIXES.some((prefix) => url.startsWith(prefix));
+    if (!allowed) {
+        throw new Error(`URL de asset não autorizada: ${url}`);
+    }
+}
+export function assertSafeDestPath(destPath, baseDir) {
+    const resolved = path.resolve(destPath);
+    const base = path.resolve(baseDir);
+    if (!resolved.startsWith(base + path.sep) && resolved !== base) {
+        throw new Error(`Path traversal detectado: ${destPath}`);
+    }
+}
+export async function fetchReleaseAssetUrl(tag, timeoutMs) {
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), timeoutMs);
+    try {
+        const releaseUrl = tag === "latest"
+            ? `${HARDCODED_API_BASE}/releases/latest`
+            : `${HARDCODED_API_BASE}/releases/tags/${encodeURIComponent(tag)}`;
+        const resp = await fetch(releaseUrl, {
+            signal: controller.signal,
+            headers: {
+                Accept: "application/vnd.github+json",
+                "X-GitHub-Api-Version": "2022-11-28",
+            },
+        });
+        if (!resp.ok) {
+            throw new Error(`GitHub API respondeu ${resp.status} para ${releaseUrl}`);
+        }
+        const release = (await resp.json());
+        const asset = release.assets?.find((a) => a.name.endsWith(".tar.gz") ||
+            a.name.endsWith(".zip") ||
+            a.name.includes("bundle"));
+        if (!asset) {
+            throw new Error(`Nenhum asset de bundle encontrado na release '${tag}'.`);
+        }
+        assertSafeAssetUrl(asset.browser_download_url);
+        return { assetUrl: asset.browser_download_url, assetName: asset.name };
+    }
+    finally {
+        clearTimeout(timer);
+    }
+}
+export async function checkoutFromRelease(config, destDir) {
+    const { upstreamReleaseTag, upstreamReleaseMaxBytes, upstreamReleaseTimeoutMs } = config.backend;
+    const { assetUrl, assetName } = await fetchReleaseAssetUrl(upstreamReleaseTag, upstreamReleaseTimeoutMs);
+    process.stderr.write(`[release-checkout] Downloading asset '${assetName}' from release '${upstreamReleaseTag}'.\n`);
+    // Download with timeout and size limit
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), upstreamReleaseTimeoutMs);
+    let tmpDir;
+    let tmpFile;
+    try {
+        const resp = await fetch(assetUrl, { signal: controller.signal });
+        if (!resp.ok || !resp.body) {
+            throw new Error(`Download falhou com status ${resp.status} para ${assetUrl}`);
+        }
+        tmpDir = await mkdtemp(path.join(os.tmpdir(), "sbd-release-"));
+        tmpFile = path.join(tmpDir, assetName);
+        let bytesReceived = 0;
+        const fileStream = createWriteStream(tmpFile);
+        await pipeline(Readable.fromWeb(resp.body), async function* (source) {
+            for await (const chunk of source) {
+                bytesReceived += chunk.length;
+                if (bytesReceived > upstreamReleaseMaxBytes) {
+                    throw new Error(`Asset excede o limite de tamanho (${upstreamReleaseMaxBytes} bytes): ${assetName}`);
+                }
+                yield chunk;
+            }
+        }, fileStream);
+        // Extract
+        const extractDir = path.join(tmpDir, "extracted");
+        await mkdir(extractDir, { recursive: true });
+        if (assetName.endsWith(".tar.gz") || assetName.endsWith(".tgz")) {
+            // SECURITY: argv fixos, sem shell, sem interpolação de env
+            const result = spawnSync("tar", ["-xzf", tmpFile, "-C", extractDir], {
+                stdio: ["ignore", "ignore", "pipe"],
+                timeout: upstreamReleaseTimeoutMs,
+                shell: false,
+            });
+            if (result.status !== 0) {
+                const stderr = result.stderr instanceof Buffer ? result.stderr.toString() : "";
+                throw new Error(`Extracção tar falhou (status ${result.status ?? "?"}): ${stderr.trim()}`);
+            }
+        }
+        else if (assetName.endsWith(".zip")) {
+            // SECURITY: argv fixos, sem shell, sem interpolação de env
+            const result = spawnSync("unzip", ["-q", tmpFile, "-d", extractDir], {
+                stdio: ["ignore", "ignore", "pipe"],
+                timeout: upstreamReleaseTimeoutMs,
+                shell: false,
+            });
+            if (result.status !== 0) {
+                const stderr = result.stderr instanceof Buffer ? result.stderr.toString() : "";
+                throw new Error(`Extracção zip falhou (status ${result.status ?? "?"}): ${stderr.trim()}`);
+            }
+        }
+        else {
+            throw new Error(`Formato de asset não suportado: ${assetName}`);
+        }
+        // Copy known files from extracted bundle to destDir
+        for (const { src, dest } of KNOWN_FILES) {
+            const srcPath = path.join(extractDir, src);
+            const destPath = path.join(destDir, dest);
+            // SECURITY: validate that the destination stays within destDir
+            assertSafeDestPath(destPath, destDir);
+            await mkdir(path.dirname(destPath), { recursive: true });
+            try {
+                await copyFile(srcPath, destPath);
+                process.stderr.write(`[release-checkout] Copiado: ${dest}\n`);
+            }
+            catch (err) {
+                const message = err instanceof Error ? err.message : String(err);
+                process.stderr.write(`[release-checkout] AVISO: ficheiro não encontrado no bundle: ${src} (${message})\n`);
+            }
+        }
+        process.stderr.write(`[release-checkout] Checkout via release '${upstreamReleaseTag}' concluído.\n`);
+    }
+    finally {
+        clearTimeout(timer);
+        if (tmpDir) {
+            await rm(tmpDir, { recursive: true, force: true }).catch(() => undefined);
+        }
+    }
+}
+//# sourceMappingURL=release-checkout.js.map

package/dist/bootstrap/release-checkout.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"release-checkout.js","sourceRoot":"","sources":["../../src/bootstrap/release-checkout.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,kBAAkB,CAAC;AAChE,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAG/C,wFAAwF;AACxF,MAAM,kBAAkB,GACtB,kEAAkE,CAAC;AAErE,MAAM,0BAA0B,GAAG;IACjC,yDAAyD;IACzD,wCAAwC;CACzC,CAAC;AAEF,oEAAoE;AACpE,oFAAoF;AACpF,MAAM,WAAW,GAAyC;IACxD;QACE,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,2BAA2B,CAAC;QAC9D,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,2BAA2B,CAAC;KAChE;IACD;QACE,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,+BAA+B,CAAC;QAClE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,+BAA+B,CAAC;KACpE;IACD;QACE,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,oCAAoC,CAAC;QACvE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,oCAAoC,CAAC;KACzE;IACD;QACE,GAAG,EAAE,IAAI,CAAC,IAAI,CACZ,MAAM,EACN,SAAS,EACT,wCAAwC,CACzC;QACD,IAAI,EAAE,IAAI,CAAC,IAAI,CACb,MAAM,EACN,SAAS,EACT,wCAAwC,CACzC;KACF;IACD;QACE,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,6BAA6B,CAAC;QAChE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,6BAA6B,CAAC;KAClE;IACD;QACE,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,mBAAmB,CAAC;QACtD,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,mBAAmB,CAAC;KACxD;CACF,CAAC;AAEF,MAAM,UAAU,kBAAkB,CAAC,GAAW;IAC5C,MAAM,OAAO,GAAG,0BAA0B,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CACzD,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CACvB,CAAC;IACF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,gCAAgC,GAAG,EAAE,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,QAAgB,EAAE,OAAe;IAClE,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACxC,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACnC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QAC/D,MAAM,IAAI,KAAK,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,GAAW,EACX,SAAiB;IAEjB,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;IAE9D,IAAI,CAAC;QACH,MAAM,UAAU,GACd,GAAG,KAAK,QAAQ;YACd,CAAC,CAAC,GAAG,kBAAkB,kBAAkB;YACzC,CAAC,CAAC,GAAG,kBAAkB,kBAAkB,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC;QAEvE,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE;YACnC,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,OAAO,EAAE;gBACP,MAAM,EAAE,6BAA6B;gBACrC,sBAAsB,EAAE,YAAY;aACrC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,wBAAwB,IAAI,CAAC,MAAM,SAAS,UAAU,EAAE,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,OAAO,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAEjC,CAAC;QACF,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,EAAE,IAAI,CAChC,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;YAC1B,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;YACvB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAC5B,CAAC;QAEF,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,iDAAiD,GAAG,IAAI,CAAC,CAAC;QAC5E,CAAC;QAED,kBAAkB,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;QAC/C,OAAO,EAAE,QAAQ,EAAE,KAAK,CAAC,oBAAoB,EAAE,SAAS,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC;IACzE,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,MAAiB,EACjB,OAAe;IAEf,MAAM,EAAE,kBAAkB,EAAE,uBAAuB,EAAE,wBAAwB,EAAE,GAC7E,MAAM,CAAC,OAAO,CAAC;IAEjB,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,MAAM,oBAAoB,CACxD,kBAAkB,EAClB,wBAAwB,CACzB,CAAC;IAEF,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,yCAAyC,SAAS,mBAAmB,kBAAkB,MAAM,CAC9F,CAAC;IAEF,uCAAuC;IACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,wBAAwB,CAAC,CAAC;IAE7E,IAAI,MAA0B,CAAC;IAC/B,IAAI,OAA2B,CAAC;IAEhC,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,CAAC,MAAM,SAAS,QAAQ,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,cAAc,CAAC,CAAC,CAAC;QAC/D,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAEvC,IAAI,aAAa,GAAG,CAAC,CAAC;QACtB,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAE9C,MAAM,QAAQ,CACZ,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,IAA4D,CAAC,EACnF,KAAK,SAAS,CAAC,EAAE,MAAiC;YAChD,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBACjC,aAAa,IAAI,KAAK,CAAC,MAAM,CAAC;gBAC9B,IAAI,aAAa,GAAG,uBAAuB,EAAE,CAAC;oBAC5C,MAAM,IAAI,KAAK,CACb,qCAAqC,uBAAuB,YAAY,SAAS,EAAE,CACpF,CAAC;gBACJ,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,EACD,UAAU,CACX,CAAC;QAEF,UAAU;QACV,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAClD,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAE7C,IAAI,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAChE,2DAA2D;YAC3D,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE;gBACnE,KAAK,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC;gBACnC,OAAO,EAAE,wBAAwB;gBACjC,KAAK,EAAE,KAAK;aACb,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,YAAY,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/E,MAAM,IAAI,KAAK,CAAC,gCAAgC,MAAM,CAAC,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAC7F,CAAC;QACH,CAAC;aAAM,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACtC,2DAA2D;YAC3D,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE;gBACnE,KAAK,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC;gBACnC,OAAO,EAAE,wBAAwB;gBACjC,KAAK,EAAE,KAAK;aACb,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,YAAY,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/E,MAAM,IAAI,KAAK,CAAC,gCAAgC,MAAM,CAAC,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAC7F,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,mCAAmC,SAAS,EAAE,CAAC,CAAC;QAClE,CAAC;QAED,oDAAoD;QACpD,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,WAAW,EAAE,CAAC;YACxC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;YAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAE1C,+DAA+D;YAC/D,kBAAkB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAEtC,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAEzD,IAAI,CAAC;gBACH,MAAM,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;gBAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,IAAI,IAAI,CAAC,CAAC;YAChE,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,gEAAgE,GAAG,KAAK,OAAO,KAAK,CACrF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,4CAA4C,kBAAkB,gBAAgB,CAC/E,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACpB,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,EAAE,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/bootstrap/release-checkout.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/bootstrap/release-checkout.test.js

@@ -0,0 +1,137 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import path from "node:path";
+import { assertSafeAssetUrl, assertSafeDestPath, fetchReleaseAssetUrl, } from "./release-checkout.js";
+// ---------------------------------------------------------------------------
+// assertSafeAssetUrl
+// ---------------------------------------------------------------------------
+describe("assertSafeAssetUrl", () => {
+    it("accepts an authorised github.com URL", () => {
+        expect(() => assertSafeAssetUrl("https://github.com/Shiftleftpt/sbd-toe-knowledge-graph/releases/download/v1.0.0/bundle.tar.gz")).not.toThrow();
+    });
+    it("accepts an authorised objects.githubusercontent.com URL", () => {
+        expect(() => assertSafeAssetUrl("https://objects.githubusercontent.com/github-production-release-asset-2e65be/123/bundle.tar.gz")).not.toThrow();
+    });
+    it("rejects an unauthorised external URL", () => {
+        expect(() => assertSafeAssetUrl("https://evil.example.com/malicious.tar.gz")).toThrow("URL de asset não autorizada");
+    });
+    it("rejects a URL that starts with an allowed prefix but has wrong host", () => {
+        expect(() => assertSafeAssetUrl("https://evil.github.com/Shiftleftpt/anything")).toThrow("URL de asset não autorizada");
+    });
+});
+// ---------------------------------------------------------------------------
+// assertSafeDestPath
+// ---------------------------------------------------------------------------
+describe("assertSafeDestPath", () => {
+    const baseDir = "/tmp/sbd-base";
+    it("accepts a path inside baseDir", () => {
+        expect(() => assertSafeDestPath(path.join(baseDir, "data", "publish", "file.json"), baseDir)).not.toThrow();
+    });
+    it("accepts a path equal to baseDir", () => {
+        expect(() => assertSafeDestPath(baseDir, baseDir)).not.toThrow();
+    });
+    it("rejects a path-traversal attempt with ../", () => {
+        expect(() => assertSafeDestPath(path.join(baseDir, "..", "..", "etc", "passwd"), baseDir)).toThrow("Path traversal detectado");
+    });
+    it("rejects an absolute path outside baseDir", () => {
+        expect(() => assertSafeDestPath("/usr/local/bin/evil", baseDir)).toThrow("Path traversal detectado");
+    });
+});
+// ---------------------------------------------------------------------------
+// fetchReleaseAssetUrl  (mocked fetch)
+// ---------------------------------------------------------------------------
+describe("fetchReleaseAssetUrl", () => {
+    beforeEach(() => {
+        vi.stubGlobal("fetch", vi.fn());
+    });
+    afterEach(() => {
+        vi.unstubAllGlobals();
+    });
+    it("throws when GitHub API returns 404", async () => {
+        vi.mocked(fetch).mockResolvedValueOnce(new Response(null, { status: 404 }));
+        await expect(fetchReleaseAssetUrl("latest", 5000)).rejects.toThrow("GitHub API respondeu 404");
+    });
+    it("throws when release has no assets", async () => {
+        vi.mocked(fetch).mockResolvedValueOnce(new Response(JSON.stringify({ assets: [] }), {
+            status: 200,
+            headers: { "Content-Type": "application/json" },
+        }));
+        await expect(fetchReleaseAssetUrl("latest", 5000)).rejects.toThrow("Nenhum asset de bundle encontrado");
+    });
+    it("throws when release has no assets property at all", async () => {
+        vi.mocked(fetch).mockResolvedValueOnce(new Response(JSON.stringify({}), {
+            status: 200,
+            headers: { "Content-Type": "application/json" },
+        }));
+        await expect(fetchReleaseAssetUrl("latest", 5000)).rejects.toThrow("Nenhum asset de bundle encontrado");
+    });
+    it("throws when asset URL is not in allowed prefixes", async () => {
+        vi.mocked(fetch).mockResolvedValueOnce(new Response(JSON.stringify({
+            assets: [
+                {
+                    name: "bundle.tar.gz",
+                    browser_download_url: "https://evil.example.com/bundle.tar.gz",
+                },
+            ],
+        }), {
+            status: 200,
+            headers: { "Content-Type": "application/json" },
+        }));
+        await expect(fetchReleaseAssetUrl("latest", 5000)).rejects.toThrow("URL de asset não autorizada");
+    });
+    it("returns assetUrl and assetName for a valid release with bundle asset", async () => {
+        const downloadUrl = "https://github.com/Shiftleftpt/sbd-toe-knowledge-graph/releases/download/v1.0.0/bundle.tar.gz";
+        vi.mocked(fetch).mockResolvedValueOnce(new Response(JSON.stringify({
+            assets: [
+                {
+                    name: "bundle.tar.gz",
+                    browser_download_url: downloadUrl,
+                },
+            ],
+        }), {
+            status: 200,
+            headers: { "Content-Type": "application/json" },
+        }));
+        const result = await fetchReleaseAssetUrl("latest", 5000);
+        expect(result.assetUrl).toBe(downloadUrl);
+        expect(result.assetName).toBe("bundle.tar.gz");
+    });
+    it("uses tag-specific URL when tag is not 'latest'", async () => {
+        const downloadUrl = "https://github.com/Shiftleftpt/sbd-toe-knowledge-graph/releases/download/v2.0.0/bundle.tar.gz";
+        vi.mocked(fetch).mockResolvedValueOnce(new Response(JSON.stringify({
+            assets: [
+                {
+                    name: "bundle.tar.gz",
+                    browser_download_url: downloadUrl,
+                },
+            ],
+        }), {
+            status: 200,
+            headers: { "Content-Type": "application/json" },
+        }));
+        await fetchReleaseAssetUrl("v2.0.0", 5000);
+        const calledUrl = vi.mocked(fetch).mock.calls[0]?.[0];
+        expect(calledUrl).toContain("/releases/tags/v2.0.0");
+    });
+});
+// ---------------------------------------------------------------------------
+// UPSTREAM_SOURCE config validation
+// ---------------------------------------------------------------------------
+describe("getConfig UPSTREAM_SOURCE validation", () => {
+    afterEach(() => {
+        vi.unstubAllGlobals();
+        // Reset module to clear cached config
+        vi.resetModules();
+    });
+    it("throws when UPSTREAM_SOURCE has an invalid value", async () => {
+        process.env["UPSTREAM_SOURCE"] = "INVALID";
+        try {
+            const { getConfig } = await import("../config.js");
+            // Reset cache by re-importing a fresh module (resetModules above)
+            expect(() => getConfig()).toThrow("UPSTREAM_SOURCE deve ser 'local' ou 'release'");
+        }
+        finally {
+            delete process.env["UPSTREAM_SOURCE"];
+        }
+    });
+});
+//# sourceMappingURL=release-checkout.test.js.map

package/dist/bootstrap/release-checkout.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"release-checkout.test.js","sourceRoot":"","sources":["../../src/bootstrap/release-checkout.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EACL,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAE/B,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,CAAC,GAAG,EAAE,CACV,kBAAkB,CAChB,+FAA+F,CAChG,CACF,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yDAAyD,EAAE,GAAG,EAAE;QACjE,MAAM,CAAC,GAAG,EAAE,CACV,kBAAkB,CAChB,gGAAgG,CACjG,CACF,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,CAAC,GAAG,EAAE,CACV,kBAAkB,CAAC,2CAA2C,CAAC,CAChE,CAAC,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qEAAqE,EAAE,GAAG,EAAE;QAC7E,MAAM,CAAC,GAAG,EAAE,CACV,kBAAkB,CAAC,8CAA8C,CAAC,CACnE,CAAC,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,MAAM,OAAO,GAAG,eAAe,CAAC;IAEhC,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,CAAC,GAAG,EAAE,CACV,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,WAAW,CAAC,EAAE,OAAO,CAAC,CAChF,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,CAAC,GAAG,EAAE,CAAC,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,CAAC,GAAG,EAAE,CACV,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,CAAC,EAAE,OAAO,CAAC,CAC7E,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,CAAC,GAAG,EAAE,CACV,kBAAkB,CAAC,qBAAqB,EAAE,OAAO,CAAC,CACnD,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,uCAAuC;AACvC,8EAA8E;AAE9E,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,gBAAgB,EAAE,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;QAClD,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,qBAAqB,CACpC,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CACpC,CAAC;QAEF,MAAM,MAAM,CAAC,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAChE,0BAA0B,CAC3B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;QACjD,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,qBAAqB,CACpC,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE;YAC3C,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CAAC,CACH,CAAC;QAEF,MAAM,MAAM,CAAC,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAChE,mCAAmC,CACpC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,qBAAqB,CACpC,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE;YAC/B,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CAAC,CACH,CAAC;QAEF,MAAM,MAAM,CAAC,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAChE,mCAAmC,CACpC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,qBAAqB,CACpC,IAAI,QAAQ,CACV,IAAI,CAAC,SAAS,CAAC;YACb,MAAM,EAAE;gBACN;oBACE,IAAI,EAAE,eAAe;oBACrB,oBAAoB,EAClB,wCAAwC;iBAC3C;aACF;SACF,CAAC,EACF;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CACF,CAAC;QAEF,MAAM,MAAM,CAAC,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAChE,6BAA6B,CAC9B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sEAAsE,EAAE,KAAK,IAAI,EAAE;QACpF,MAAM,WAAW,GACf,+FAA+F,CAAC;QAElG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,qBAAqB,CACpC,IAAI,QAAQ,CACV,IAAI,CAAC,SAAS,CAAC;YACb,MAAM,EAAE;gBACN;oBACE,IAAI,EAAE,eAAe;oBACrB,oBAAoB,EAAE,WAAW;iBAClC;aACF;SACF,CAAC,EACF;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CACF,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC1D,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC1C,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,KAAK,IAAI,EAAE;QAC9D,MAAM,WAAW,GACf,+FAA+F,CAAC;QAElG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,qBAAqB,CACpC,IAAI,QAAQ,CACV,IAAI,CAAC,SAAS,CAAC;YACb,MAAM,EAAE;gBACN;oBACE,IAAI,EAAE,eAAe;oBACrB,oBAAoB,EAAE,WAAW;iBAClC;aACF;SACF,CAAC,EACF;YACE,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;SAChD,CACF,CACF,CAAC;QAEF,MAAM,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAE3C,MAAM,SAAS,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAW,CAAC;QAChE,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,oCAAoC;AACpC,8EAA8E;AAE9E,QAAQ,CAAC,sCAAsC,EAAE,GAAG,EAAE;IACpD,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,gBAAgB,EAAE,CAAC;QACtB,sCAAsC;QACtC,EAAE,CAAC,YAAY,EAAE,CAAC;IACpB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,GAAG,SAAS,CAAC;QAC3C,IAAI,CAAC;YACH,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,CAAC;YACnD,kEAAkE;YAClE,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,CAAC,OAAO,CAC/B,+CAA+C,CAChD,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACxC,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/config.d.ts

@@ -0,0 +1,4 @@
+import type { AppConfig } from "./types.js";
+export declare function getAppRoot(): string;
+export declare function resolveAppPath(filePath: string): string;
+export declare function getConfig(): AppConfig;

package/dist/config.js

@@ -0,0 +1,81 @@
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+let cachedConfig;
+const moduleDir = path.dirname(fileURLToPath(import.meta.url));
+const defaultAppRoot = path.resolve(moduleDir, "..");
+function getEnv(name, fallback) {
+    const value = process.env[name];
+    if (value !== undefined && value.trim().length > 0) {
+        return value.trim();
+    }
+    if (fallback !== undefined) {
+        return fallback;
+    }
+    throw new Error(`Falta definir a variável de ambiente ${name}.`);
+}
+function parseBoolean(value) {
+    return ["1", "true", "yes", "on"].includes(value.trim().toLowerCase());
+}
+function parseInteger(name, value, fallback) {
+    const parsed = Number.parseInt(value, 10);
+    if (Number.isNaN(parsed) || parsed <= 0) {
+        throw new Error(`Configuração inválida para ${name}: "${value}".`);
+    }
+    return parsed || fallback;
+}
+function normalizeBaseUrl(url) {
+    return url.endsWith("/") ? url : `${url}/`;
+}
+export function getAppRoot() {
+    const override = process.env.SBD_TOE_APP_ROOT;
+    if (override !== undefined && override.trim().length > 0) {
+        return path.resolve(override.trim());
+    }
+    return defaultAppRoot;
+}
+export function resolveAppPath(filePath) {
+    return path.isAbsolute(filePath) ? filePath : path.resolve(getAppRoot(), filePath);
+}
+export function getConfig() {
+    if (cachedConfig) {
+        return cachedConfig;
+    }
+    cachedConfig = {
+        backend: {
+            docsIndex: getEnv("SEMANTIC_BACKEND_DOCS_INDEX", "SbD-ToE-ASKAI-Docs"),
+            entitiesIndex: getEnv("SEMANTIC_BACKEND_ENTITIES_INDEX", "SbD-ToE-ASKAI-Entities"),
+            docsHits: parseInteger("DOCS_HITS", getEnv("DOCS_HITS", "8"), 8),
+            entitiesHits: parseInteger("ENTITIES_HITS", getEnv("ENTITIES_HITS", "5"), 5),
+            maxContextRecords: parseInteger("MAX_CONTEXT_RECORDS", getEnv("MAX_CONTEXT_RECORDS", "8"), 8),
+            upstreamRepoDir: getEnv("UPSTREAM_KNOWLEDGE_GRAPH_DIR", "../sbd-toe-knowledge-graph"),
+            checkoutFile: getEnv("BACKEND_CHECKOUT_FILE", "./data/upstream/backend-checkout.json"),
+            docsSnapshotFile: getEnv("DOCS_SNAPSHOT_FILE", "./data/publish/algolia_docs_records.json"),
+            entitiesSnapshotFile: getEnv("ENTITIES_SNAPSHOT_FILE", "./data/publish/algolia_entities_records.json"),
+            docsEnrichedSnapshotFile: getEnv("DOCS_ENRICHED_SNAPSHOT_FILE", "./data/publish/algolia_docs_records_enriched.json"),
+            entitiesEnrichedSnapshotFile: getEnv("ENTITIES_ENRICHED_SNAPSHOT_FILE", "./data/publish/algolia_entities_records_enriched.json"),
+            indexSettingsFile: getEnv("INDEX_SETTINGS_FILE", "./data/publish/algolia_index_settings.json"),
+            runManifestFile: getEnv("RUN_MANIFEST_FILE", "./data/reports/run_manifest.json"),
+            upstreamSource: (() => {
+                const v = getEnv("UPSTREAM_SOURCE", "local");
+                if (v !== "local" && v !== "release") {
+                    throw new Error(`UPSTREAM_SOURCE deve ser 'local' ou 'release', recebido: '${v}'`);
+                }
+                return v;
+            })(),
+            upstreamReleaseTag: getEnv("UPSTREAM_RELEASE_TAG", "latest"),
+            upstreamReleaseMaxBytes: 100 * 1024 * 1024,
+            upstreamReleaseTimeoutMs: 60_000
+        },
+        prompt: {
+            systemPromptFile: getEnv("SYSTEM_PROMPT_FILE", "./prompts/sbd-toe-chat-system.md"),
+            defaultLanguage: getEnv("DEFAULT_LANGUAGE", "pt-PT"),
+            siteBaseUrl: normalizeBaseUrl(getEnv("SITE_BASE_URL", "https://www.securitybydesign.dev/")),
+            manualBaseUrl: normalizeBaseUrl(getEnv("MANUAL_BASE_URL", "https://www.securitybydesign.dev/sbd-toe/sbd-manual/")),
+            crossCheckBaseUrl: normalizeBaseUrl(getEnv("CROSS_CHECK_BASE_URL", "https://www.securitybydesign.dev/sbd-toe/cross-check-normativo/")),
+            samplingMaxTokens: parseInteger("SAMPLING_MAX_TOKENS", getEnv("SAMPLING_MAX_TOKENS", "1200"), 1200)
+        },
+        debugMode: parseBoolean(getEnv("DEBUG_MODE", "false"))
+    };
+    return cachedConfig;
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAIzC,IAAI,YAAmC,CAAC;AACxC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC/D,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AAErD,SAAS,MAAM,CAAC,IAAY,EAAE,QAAiB;IAC7C,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAChC,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;IACtB,CAAC;IACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,wCAAwC,IAAI,GAAG,CAAC,CAAC;AACnE,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,YAAY,CAAC,IAAY,EAAE,KAAa,EAAE,QAAgB;IACjE,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC1C,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,MAAM,KAAK,IAAI,CAAC,CAAC;IACrE,CAAC;IACD,OAAO,MAAM,IAAI,QAAQ,CAAC;AAC5B,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW;IACnC,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC;AAC7C,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;IAC9C,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzD,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,QAAgB;IAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,QAAQ,CAAC,CAAC;AACrF,CAAC;AAED,MAAM,UAAU,SAAS;IACvB,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,YAAY,GAAG;QACb,OAAO,EAAE;YACP,SAAS,EAAE,MAAM,CAAC,6BAA6B,EAAE,oBAAoB,CAAC;YACtE,aAAa,EAAE,MAAM,CACnB,iCAAiC,EACjC,wBAAwB,CACzB;YACD,QAAQ,EAAE,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAChE,YAAY,EAAE,YAAY,CAAC,eAAe,EAAE,MAAM,CAAC,eAAe,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YAC5E,iBAAiB,EAAE,YAAY,CAC7B,qBAAqB,EACrB,MAAM,CAAC,qBAAqB,EAAE,GAAG,CAAC,EAClC,CAAC,CACF;YACD,eAAe,EAAE,MAAM,CACrB,8BAA8B,EAC9B,4BAA4B,CAC7B;YACD,YAAY,EAAE,MAAM,CAClB,uBAAuB,EACvB,uCAAuC,CACxC;YACD,gBAAgB,EAAE,MAAM,CACtB,oBAAoB,EACpB,0CAA0C,CAC3C;YACD,oBAAoB,EAAE,MAAM,CAC1B,wBAAwB,EACxB,8CAA8C,CAC/C;YACD,wBAAwB,EAAE,MAAM,CAC9B,6BAA6B,EAC7B,mDAAmD,CACpD;YACD,4BAA4B,EAAE,MAAM,CAClC,iCAAiC,EACjC,uDAAuD,CACxD;YACD,iBAAiB,EAAE,MAAM,CACvB,qBAAqB,EACrB,4CAA4C,CAC7C;YACD,eAAe,EAAE,MAAM,CACrB,mBAAmB,EACnB,kCAAkC,CACnC;YACD,cAAc,EAAE,CAAC,GAAwB,EAAE;gBACzC,MAAM,CAAC,GAAG,MAAM,CAAC,iBAAiB,EAAE,OAAO,CAAC,CAAC;gBAC7C,IAAI,CAAC,KAAK,OAAO,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;oBACrC,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC;gBACD,OAAO,CAAC,CAAC;YACX,CAAC,CAAC,EAAE;YACJ,kBAAkB,EAAE,MAAM,CAAC,sBAAsB,EAAE,QAAQ,CAAC;YAC5D,uBAAuB,EAAE,GAAG,GAAG,IAAI,GAAG,IAAI;YAC1C,wBAAwB,EAAE,MAAM;SACjC;QACD,MAAM,EAAE;YACN,gBAAgB,EAAE,MAAM,CACtB,oBAAoB,EACpB,kCAAkC,CACnC;YACD,eAAe,EAAE,MAAM,CAAC,kBAAkB,EAAE,OAAO,CAAC;YACpD,WAAW,EAAE,gBAAgB,CAC3B,MAAM,CAAC,eAAe,EAAE,mCAAmC,CAAC,CAC7D;YACD,aAAa,EAAE,gBAAgB,CAC7B,MAAM,CACJ,iBAAiB,EACjB,sDAAsD,CACvD,CACF;YACD,iBAAiB,EAAE,gBAAgB,CACjC,MAAM,CACJ,sBAAsB,EACtB,iEAAiE,CAClE,CACF;YACD,iBAAiB,EAAE,YAAY,CAC7B,qBAAqB,EACrB,MAAM,CAAC,qBAAqB,EAAE,MAAM,CAAC,EACrC,IAAI,CACL;SACF;QACD,SAAS,EAAE,YAAY,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;KACvD,CAAC;IAEF,OAAO,YAAY,CAAC;AACtB,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};