npm - @skillsmith/core - Versions diffs - 0.1.2 → 0.2.0 - Mend

@skillsmith/core 0.1.2 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (325) hide show

package/dist/src/security/rate-limiter/RateLimiter.js ADDED Viewed

@@ -0,0 +1,260 @@
+/**
+ * Rate Limiter - SMI-730, SMI-1013, SMI-1189
+ *
+ * Token bucket algorithm for rate limiting API endpoints and adapters.
+ * Prevents abuse and DoS attacks with configurable limits and windows.
+ *
+ * Features:
+ * - Token bucket algorithm for smooth rate limiting
+ * - Per-IP and per-user limits
+ * - Configurable limits and windows
+ * - In-memory storage (Redis-compatible interface)
+ * - Graceful degradation on errors
+ * - Request queue for waiting when rate limited (SMI-1013)
+ * - Configurable timeout for queued requests (SMI-1013)
+ */
+import { createLogger } from '../../utils/logger.js';
+import { InMemoryRateLimitStorage } from './storage.js';
+import { tryConsumeToken as tryConsumeTokenCore, getTokenBucketState, resetTokenBucket, } from './token-bucket.js';
+import { MetricsManager } from './metrics-manager.js';
+import { QueueManager } from './queue-manager.js';
+const log = createLogger('RateLimiter');
+/**
+ * Rate Limiter using Token Bucket Algorithm
+ *
+ * @example
+ * ```typescript
+ * const limiter = new RateLimiter({
+ *   maxTokens: 100,
+ *   refillRate: 100 / 60,
+ *   windowMs: 60000,
+ * })
+ *
+ * const result = await limiter.checkLimit('user:123')
+ * if (result.allowed) {
+ *   // Process request
+ * } else {
+ *   // Return 429 Too Many Requests
+ * }
+ * ```
+ */
+export class RateLimiter {
+    config;
+    storage;
+    metricsManager;
+    queueManager;
+    constructor(config, storage = new InMemoryRateLimitStorage()) {
+        this.config = {
+            keyPrefix: 'ratelimit',
+            debug: false,
+            failMode: 'open',
+            enableQueue: false,
+            queueTimeoutMs: 30000,
+            maxQueueSize: 100,
+            ...config,
+        };
+        this.storage = storage;
+        this.metricsManager = new MetricsManager(this.config.debug, log);
+        this.queueManager = new QueueManager({
+            maxQueueSize: this.config.maxQueueSize,
+            queueTimeoutMs: this.config.queueTimeoutMs,
+            debug: this.config.debug,
+        }, log);
+        // Start queue processor if queuing is enabled (SMI-1013)
+        if (this.config.enableQueue) {
+            this.queueManager.startProcessor((key, cost) => this.tryConsumeToken(key, cost), (key, allowed) => this.metricsManager.update(key, allowed));
+        }
+        // Start metrics cleanup interval
+        this.metricsManager.startCleanup();
+        if (this.config.debug) {
+            log.info('Rate limiter initialized', {
+                maxTokens: this.config.maxTokens,
+                refillRate: this.config.refillRate,
+                windowMs: this.config.windowMs,
+                failMode: this.config.failMode,
+                enableQueue: this.config.enableQueue,
+                queueTimeoutMs: this.config.queueTimeoutMs,
+                maxQueueSize: this.config.maxQueueSize,
+            });
+        }
+    }
+    /**
+     * Try to consume a token without queuing (internal method)
+     */
+    async tryConsumeToken(key, cost) {
+        return tryConsumeTokenCore(this.storage, this.config, key, cost);
+    }
+    /**
+     * Check if a request is allowed under rate limit
+     */
+    async checkLimit(key, cost = 1) {
+        const storageKey = `${this.config.keyPrefix}:${key}`;
+        const now = Date.now();
+        try {
+            let bucket = await this.storage.get(storageKey);
+            if (!bucket) {
+                bucket = {
+                    tokens: this.config.maxTokens,
+                    lastRefill: now,
+                    firstRequest: now,
+                };
+            }
+            // Refill tokens
+            const elapsedMs = now - bucket.lastRefill;
+            const elapsedSeconds = elapsedMs / 1000;
+            const tokensToAdd = elapsedSeconds * this.config.refillRate;
+            if (tokensToAdd > 0) {
+                bucket.tokens = Math.min(this.config.maxTokens, bucket.tokens + tokensToAdd);
+                bucket.lastRefill = now;
+            }
+            const allowed = bucket.tokens >= cost;
+            if (allowed) {
+                bucket.tokens -= cost;
+                await this.storage.set(storageKey, bucket, this.config.windowMs);
+                if (this.config.debug) {
+                    log.debug(`Rate limit check: ${key}`, { allowed: true, remaining: bucket.tokens, cost });
+                }
+                this.metricsManager.update(key, true);
+                return {
+                    allowed: true,
+                    remaining: Math.floor(bucket.tokens),
+                    limit: this.config.maxTokens,
+                    metrics: this.metricsManager.get(key),
+                };
+            }
+            else {
+                const tokensNeeded = cost - bucket.tokens;
+                const retryAfterMs = Math.ceil((tokensNeeded / this.config.refillRate) * 1000);
+                const resetAt = new Date(now + retryAfterMs).toISOString();
+                if (this.config.debug) {
+                    log.debug(`Rate limit exceeded: ${key}`, {
+                        allowed: false,
+                        remaining: bucket.tokens,
+                        cost,
+                        retryAfterMs,
+                    });
+                }
+                this.metricsManager.update(key, false);
+                const currentMetrics = this.metricsManager.get(key);
+                if (this.config.onLimitExceeded && currentMetrics) {
+                    this.config.onLimitExceeded(key, currentMetrics);
+                }
+                return {
+                    allowed: false,
+                    remaining: Math.floor(bucket.tokens),
+                    limit: this.config.maxTokens,
+                    retryAfterMs,
+                    resetAt,
+                    metrics: currentMetrics,
+                };
+            }
+        }
+        catch (error) {
+            this.metricsManager.update(key, this.config.failMode === 'open', true);
+            if (this.config.failMode === 'closed') {
+                log.error(`Rate limiter error (fail-closed) for ${key}: ${error instanceof Error ? error.message : String(error)}`);
+                return {
+                    allowed: false,
+                    remaining: 0,
+                    limit: this.config.maxTokens,
+                    retryAfterMs: this.config.windowMs,
+                    resetAt: new Date(Date.now() + this.config.windowMs).toISOString(),
+                    metrics: this.metricsManager.get(key),
+                };
+            }
+            log.error(`Rate limiter error (fail-open) for ${key}: ${error instanceof Error ? error.message : String(error)}`);
+            return {
+                allowed: true,
+                remaining: this.config.maxTokens,
+                limit: this.config.maxTokens,
+                metrics: this.metricsManager.get(key),
+            };
+        }
+    }
+    /**
+     * Wait for a token to become available (SMI-1013)
+     */
+    async waitForToken(key, cost = 1) {
+        if (!this.config.enableQueue) {
+            return this.checkLimit(key, cost);
+        }
+        const immediateResult = await this.tryConsumeToken(key, cost);
+        if (immediateResult.allowed) {
+            this.metricsManager.update(key, true);
+            return {
+                ...immediateResult,
+                queued: false,
+                metrics: this.metricsManager.get(key),
+            };
+        }
+        const result = await this.queueManager.queueRequest(key, cost, (allowed) => this.metricsManager.update(key, allowed));
+        return {
+            ...result,
+            metrics: this.metricsManager.get(key),
+        };
+    }
+    /**
+     * Get queue status for a key (SMI-1013)
+     */
+    getQueueStatus(key) {
+        return this.queueManager.getStatus(key);
+    }
+    /**
+     * Clear queue for a key (SMI-1013)
+     */
+    clearQueue(key) {
+        this.queueManager.clear(key);
+        if (this.config.debug) {
+            log.debug(`Queue cleared${key ? ` for key: ${key}` : ' (all)'}`);
+        }
+    }
+    /**
+     * Reset rate limit for a key
+     */
+    async reset(key) {
+        await resetTokenBucket(this.storage, this.config.keyPrefix, key);
+        if (this.config.debug) {
+            log.debug(`Rate limit reset: ${key}`);
+        }
+    }
+    /**
+     * Get current state for a key
+     */
+    async getState(key) {
+        return getTokenBucketState(this.storage, this.config.keyPrefix, key);
+    }
+    /**
+     * Get metrics for a specific key or all keys
+     */
+    getMetrics(key) {
+        if (key) {
+            return this.metricsManager.get(key);
+        }
+        return this.metricsManager.getAll();
+    }
+    /**
+     * Reset metrics for a specific key or all keys
+     */
+    resetMetrics(key) {
+        if (key) {
+            this.metricsManager.delete(key);
+        }
+        else {
+            this.metricsManager.clear();
+        }
+        if (this.config.debug) {
+            log.debug(`Metrics reset${key ? ` for key: ${key}` : ' (all)'}`);
+        }
+    }
+    /**
+     * Dispose of resources
+     */
+    dispose() {
+        this.queueManager.dispose();
+        this.metricsManager.dispose();
+        if (this.storage instanceof InMemoryRateLimitStorage) {
+            this.storage.dispose();
+        }
+    }
+}
+//# sourceMappingURL=RateLimiter.js.map

package/dist/src/security/rate-limiter/RateLimiter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"RateLimiter.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/RateLimiter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AAQpD,OAAO,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAA;AACvD,OAAO,EACL,eAAe,IAAI,mBAAmB,EACtC,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,mBAAmB,CAAA;AAC1B,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEjD,MAAM,GAAG,GAAG,YAAY,CAAC,aAAa,CAAC,CAAA;AAEvC;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,OAAO,WAAW;IACL,MAAM,CAWtB;IACgB,OAAO,CAAkB;IACzB,cAAc,CAAgB;IAC9B,YAAY,CAAc;IAE3C,YAAY,MAAuB,EAAE,UAA4B,IAAI,wBAAwB,EAAE;QAC7F,IAAI,CAAC,MAAM,GAAG;YACZ,SAAS,EAAE,WAAW;YACtB,KAAK,EAAE,KAAK;YACZ,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,KAAK;YAClB,cAAc,EAAE,KAAK;YACrB,YAAY,EAAE,GAAG;YACjB,GAAG,MAAM;SACV,CAAA;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QAChE,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAClC;YACE,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;YACtC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc;YAC1C,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;SACzB,EACD,GAAG,CACJ,CAAA;QAED,yDAAyD;QACzD,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5B,IAAI,CAAC,YAAY,CAAC,cAAc,CAC9B,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,IAAI,CAAC,EAC9C,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,CAC3D,CAAA;QACH,CAAC;QAED,iCAAiC;QACjC,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAA;QAElC,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACtB,GAAG,CAAC,IAAI,CAAC,0BAA0B,EAAE;gBACnC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;gBAChC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;gBAClC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC9B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc;gBAC1C,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;aACvC,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,eAAe,CAAC,GAAW,EAAE,IAAY;QACrD,OAAO,mBAAmB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;IAClE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,GAAW,EAAE,IAAI,GAAG,CAAC;QACpC,MAAM,UAAU,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,GAAG,EAAE,CAAA;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QAEtB,IAAI,CAAC;YACH,IAAI,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAE/C,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,GAAG;oBACP,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;oBAC7B,UAAU,EAAE,GAAG;oBACf,YAAY,EAAE,GAAG;iBAClB,CAAA;YACH,CAAC;YAED,gBAAgB;YAChB,MAAM,SAAS,GAAG,GAAG,GAAG,MAAM,CAAC,UAAU,CAAA;YACzC,MAAM,cAAc,GAAG,SAAS,GAAG,IAAI,CAAA;YACvC,MAAM,WAAW,GAAG,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAA;YAE3D,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;gBACpB,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,CAAA;gBAC5E,MAAM,CAAC,UAAU,GAAG,GAAG,CAAA;YACzB,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,IAAI,IAAI,CAAA;YAErC,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,CAAC,MAAM,IAAI,IAAI,CAAA;gBACrB,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;gBAEhE,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBACtB,GAAG,CAAC,KAAK,CAAC,qBAAqB,GAAG,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;gBAC1F,CAAC;gBAED,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;gBAErC,OAAO;oBACL,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;oBACpC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;oBAC5B,OAAO,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC;iBACtC,CAAA;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,YAAY,GAAG,IAAI,GAAG,MAAM,CAAC,MAAM,CAAA;gBACzC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAA;gBAC9E,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,YAAY,CAAC,CAAC,WAAW,EAAE,CAAA;gBAE1D,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;oBACtB,GAAG,CAAC,KAAK,CAAC,wBAAwB,GAAG,EAAE,EAAE;wBACvC,OAAO,EAAE,KAAK;wBACd,SAAS,EAAE,MAAM,CAAC,MAAM;wBACxB,IAAI;wBACJ,YAAY;qBACb,CAAC,CAAA;gBACJ,CAAC;gBAED,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAA;gBAEtC,MAAM,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;gBACnD,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,cAAc,EAAE,CAAC;oBAClD,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;gBAClD,CAAC;gBAED,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;oBACpC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;oBAC5B,YAAY;oBACZ,OAAO;oBACP,OAAO,EAAE,cAAc;iBACxB,CAAA;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,MAAM,EAAE,IAAI,CAAC,CAAA;YAEtE,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACtC,GAAG,CAAC,KAAK,CACP,wCAAwC,GAAG,KAAK,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACzG,CAAA;gBACD,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,CAAC;oBACZ,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;oBAC5B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAClC,OAAO,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE;oBAClE,OAAO,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC;iBACtC,CAAA;YACH,CAAC;YAED,GAAG,CAAC,KAAK,CACP,sCAAsC,GAAG,KAAK,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CACvG,CAAA;YACD,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;gBAChC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;gBAC5B,OAAO,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC;aACtC,CAAA;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,GAAW,EAAE,IAAI,GAAG,CAAC;QACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;QACnC,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;QAE7D,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;YACrC,OAAO;gBACL,GAAG,eAAe;gBAClB,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC;aACtC,CAAA;QACH,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,EAAE,CACzE,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,CACzC,CAAA;QAED,OAAO;YACL,GAAG,MAAM;YACT,OAAO,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC;SACtC,CAAA;IACH,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,GAAY;QACzB,OAAO,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;IACzC,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,GAAY;QACrB,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACtB,GAAG,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,CAAC,CAAC,aAAa,GAAG,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;QAClE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,GAAW;QACrB,MAAM,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;QAChE,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACtB,GAAG,CAAC,KAAK,CAAC,qBAAqB,GAAG,EAAE,CAAC,CAAA;QACvC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,GAAW;QACxB,OAAO,mBAAmB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IACtE,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,GAAY;QACrB,IAAI,GAAG,EAAE,CAAC;YACR,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QACrC,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAA;IACrC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,GAAY;QACvB,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QACjC,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAA;QAC7B,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACtB,GAAG,CAAC,KAAK,CAAC,gBAAgB,GAAG,CAAC,CAAC,CAAC,aAAa,GAAG,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;QAClE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAA;QAC3B,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAA;QAC7B,IAAI,IAAI,CAAC,OAAO,YAAY,wBAAwB,EAAE,CAAC;YACrD,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;QACxB,CAAC;IACH,CAAC;CACF"}

package/dist/src/security/rate-limiter/constants.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+/**
+ * Rate Limiter Constants - SMI-730, SMI-1189
+ *
+ * Constants for rate limiting functionality.
+ */
+/**
+ * Maximum number of unique keys to track in queues and metrics
+ * Prevents unbounded memory growth from malicious or misconfigured clients
+ */
+export declare const MAX_UNIQUE_KEYS = 10000;
+/**
+ * Metrics TTL in milliseconds (1 hour) - metrics older than this are cleaned up
+ */
+export declare const METRICS_TTL_MS: number;
+//# sourceMappingURL=constants.d.ts.map

package/dist/src/security/rate-limiter/constants.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../../../src/security/rate-limiter/constants.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;;GAGG;AACH,eAAO,MAAM,eAAe,QAAQ,CAAA;AAEpC;;GAEG;AACH,eAAO,MAAM,cAAc,QAAiB,CAAA"}

package/dist/src/security/rate-limiter/constants.js ADDED Viewed

@@ -0,0 +1,15 @@
+/**
+ * Rate Limiter Constants - SMI-730, SMI-1189
+ *
+ * Constants for rate limiting functionality.
+ */
+/**
+ * Maximum number of unique keys to track in queues and metrics
+ * Prevents unbounded memory growth from malicious or misconfigured clients
+ */
+export const MAX_UNIQUE_KEYS = 10000;
+/**
+ * Metrics TTL in milliseconds (1 hour) - metrics older than this are cleaned up
+ */
+export const METRICS_TTL_MS = 60 * 60 * 1000;
+//# sourceMappingURL=constants.js.map

package/dist/src/security/rate-limiter/constants.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/constants.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,CAAA;AAEpC;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA"}

package/dist/src/security/rate-limiter/errors.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+/**
+ * Rate Limiter Errors - SMI-1013, SMI-1189
+ *
+ * Error classes for rate limiting queue functionality.
+ */
+/**
+ * Error thrown when queue timeout is exceeded (SMI-1013)
+ */
+export declare class RateLimitQueueTimeoutError extends Error {
+    readonly key: string;
+    readonly timeoutMs: number;
+    constructor(key: string, timeoutMs: number);
+}
+/**
+ * Error thrown when queue is full (SMI-1013)
+ */
+export declare class RateLimitQueueFullError extends Error {
+    readonly key: string;
+    readonly maxQueueSize: number;
+    constructor(key: string, maxQueueSize: number);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/src/security/rate-limiter/errors.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../../../src/security/rate-limiter/errors.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,qBAAa,0BAA2B,SAAQ,KAAK;aAEjC,GAAG,EAAE,MAAM;aACX,SAAS,EAAE,MAAM;gBADjB,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM;CAKpC;AAED;;GAEG;AACH,qBAAa,uBAAwB,SAAQ,KAAK;aAE9B,GAAG,EAAE,MAAM;aACX,YAAY,EAAE,MAAM;gBADpB,GAAG,EAAE,MAAM,EACX,YAAY,EAAE,MAAM;CAKvC"}

package/dist/src/security/rate-limiter/errors.js ADDED Viewed

@@ -0,0 +1,32 @@
+/**
+ * Rate Limiter Errors - SMI-1013, SMI-1189
+ *
+ * Error classes for rate limiting queue functionality.
+ */
+/**
+ * Error thrown when queue timeout is exceeded (SMI-1013)
+ */
+export class RateLimitQueueTimeoutError extends Error {
+    key;
+    timeoutMs;
+    constructor(key, timeoutMs) {
+        super(`Rate limit queue timeout exceeded for key '${key}' after ${timeoutMs}ms`);
+        this.key = key;
+        this.timeoutMs = timeoutMs;
+        this.name = 'RateLimitQueueTimeoutError';
+    }
+}
+/**
+ * Error thrown when queue is full (SMI-1013)
+ */
+export class RateLimitQueueFullError extends Error {
+    key;
+    maxQueueSize;
+    constructor(key, maxQueueSize) {
+        super(`Rate limit queue full for key '${key}' (max: ${maxQueueSize})`);
+        this.key = key;
+        this.maxQueueSize = maxQueueSize;
+        this.name = 'RateLimitQueueFullError';
+    }
+}
+//# sourceMappingURL=errors.js.map

package/dist/src/security/rate-limiter/errors.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/errors.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,OAAO,0BAA2B,SAAQ,KAAK;IAEjC;IACA;IAFlB,YACkB,GAAW,EACX,SAAiB;QAEjC,KAAK,CAAC,8CAA8C,GAAG,WAAW,SAAS,IAAI,CAAC,CAAA;QAHhE,QAAG,GAAH,GAAG,CAAQ;QACX,cAAS,GAAT,SAAS,CAAQ;QAGjC,IAAI,CAAC,IAAI,GAAG,4BAA4B,CAAA;IAC1C,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,uBAAwB,SAAQ,KAAK;IAE9B;IACA;IAFlB,YACkB,GAAW,EACX,YAAoB;QAEpC,KAAK,CAAC,kCAAkC,GAAG,WAAW,YAAY,GAAG,CAAC,CAAA;QAHtD,QAAG,GAAH,GAAG,CAAQ;QACX,iBAAY,GAAZ,YAAY,CAAQ;QAGpC,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAA;IACvC,CAAC;CACF"}

package/dist/src/security/rate-limiter/index.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Rate Limiter Module - SMI-730, SMI-1013, SMI-1189
+ *
+ * Re-exports for rate limiting functionality.
+ */
+export type { RateLimitConfig, RateLimitMetrics, RateLimitResult, RateLimitStorage, TokenBucket, QueuedRequest, } from './types.js';
+export { MAX_UNIQUE_KEYS, METRICS_TTL_MS } from './constants.js';
+export { RateLimitQueueTimeoutError, RateLimitQueueFullError } from './errors.js';
+export { InMemoryRateLimitStorage } from './storage.js';
+export { RateLimiter } from './RateLimiter.js';
+export { RATE_LIMIT_PRESETS, createRateLimiterFromPreset } from './presets.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/security/rate-limiter/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/security/rate-limiter/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,YAAY,EACV,eAAe,EACf,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EAChB,WAAW,EACX,aAAa,GACd,MAAM,YAAY,CAAA;AAGnB,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAGhE,OAAO,EAAE,0BAA0B,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAA;AAGjF,OAAO,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAA;AAGvD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAA;AAG9C,OAAO,EAAE,kBAAkB,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAA"}

package/dist/src/security/rate-limiter/index.js ADDED Viewed

@@ -0,0 +1,16 @@
+/**
+ * Rate Limiter Module - SMI-730, SMI-1013, SMI-1189
+ *
+ * Re-exports for rate limiting functionality.
+ */
+// Constants
+export { MAX_UNIQUE_KEYS, METRICS_TTL_MS } from './constants.js';
+// Errors
+export { RateLimitQueueTimeoutError, RateLimitQueueFullError } from './errors.js';
+// Storage
+export { InMemoryRateLimitStorage } from './storage.js';
+// Main class
+export { RateLimiter } from './RateLimiter.js';
+// Presets
+export { RATE_LIMIT_PRESETS, createRateLimiterFromPreset } from './presets.js';
+//# sourceMappingURL=index.js.map

package/dist/src/security/rate-limiter/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAYH,YAAY;AACZ,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAEhE,SAAS;AACT,OAAO,EAAE,0BAA0B,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAA;AAEjF,UAAU;AACV,OAAO,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAA;AAEvD,aAAa;AACb,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAA;AAE9C,UAAU;AACV,OAAO,EAAE,kBAAkB,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAA"}

package/dist/src/security/rate-limiter/metrics-manager.d.ts ADDED Viewed

@@ -0,0 +1,55 @@
+/**
+ * Rate Limit Metrics Manager - SMI-730, SMI-1189
+ *
+ * Metrics tracking and management for rate limiting.
+ */
+import type { RateLimitMetrics } from './types.js';
+/**
+ * Manages rate limit metrics with bounds checking and cleanup
+ */
+export declare class MetricsManager {
+    private readonly metrics;
+    private cleanupInterval;
+    private readonly debug;
+    private readonly log;
+    constructor(debug?: boolean, log?: {
+        debug: (msg: string) => void;
+    });
+    /**
+     * Start periodic cleanup of stale metrics
+     */
+    startCleanup(): void;
+    /**
+     * Stop metrics cleanup
+     */
+    stopCleanup(): void;
+    /**
+     * Clean up metrics older than METRICS_TTL_MS
+     */
+    private cleanupStaleMetrics;
+    /**
+     * Update metrics for a key with bounds checking
+     */
+    update(key: string, allowed: boolean, error?: boolean): void;
+    /**
+     * Get metrics for a specific key
+     */
+    get(key: string): RateLimitMetrics | undefined;
+    /**
+     * Get all metrics
+     */
+    getAll(): Map<string, RateLimitMetrics>;
+    /**
+     * Delete metrics for a key
+     */
+    delete(key: string): void;
+    /**
+     * Clear all metrics
+     */
+    clear(): void;
+    /**
+     * Dispose of resources
+     */
+    dispose(): void;
+}
+//# sourceMappingURL=metrics-manager.d.ts.map

package/dist/src/security/rate-limiter/metrics-manager.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"metrics-manager.d.ts","sourceRoot":"","sources":["../../../../src/security/rate-limiter/metrics-manager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAGlD;;GAEG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAA2C;IACnE,OAAO,CAAC,eAAe,CAA8B;IACrD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAS;IAC/B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAkC;gBAE1C,KAAK,UAAQ,EAAE,GAAG,CAAC,EAAE;QAAE,KAAK,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAA;KAAE;IAKjE;;OAEG;IACH,YAAY,IAAI,IAAI;IAUpB;;OAEG;IACH,WAAW,IAAI,IAAI;IAOnB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA6B3B;;OAEG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,UAAQ,GAAG,IAAI;IAiD1D;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,gBAAgB,GAAG,SAAS;IAI9C;;OAEG;IACH,MAAM,IAAI,GAAG,CAAC,MAAM,EAAE,gBAAgB,CAAC;IAIvC;;OAEG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAIzB;;OAEG;IACH,KAAK,IAAI,IAAI;IAIb;;OAEG;IACH,OAAO,IAAI,IAAI;CAIhB"}

package/dist/src/security/rate-limiter/metrics-manager.js ADDED Viewed

@@ -0,0 +1,144 @@
+/**
+ * Rate Limit Metrics Manager - SMI-730, SMI-1189
+ *
+ * Metrics tracking and management for rate limiting.
+ */
+import { MAX_UNIQUE_KEYS, METRICS_TTL_MS } from './constants.js';
+/**
+ * Manages rate limit metrics with bounds checking and cleanup
+ */
+export class MetricsManager {
+    metrics = new Map();
+    cleanupInterval = null;
+    debug;
+    log;
+    constructor(debug = false, log) {
+        this.debug = debug;
+        this.log = log || { debug: () => { } };
+    }
+    /**
+     * Start periodic cleanup of stale metrics
+     */
+    startCleanup() {
+        // Clean up stale metrics every 5 minutes
+        this.cleanupInterval = setInterval(() => {
+            this.cleanupStaleMetrics();
+        }, 5 * 60 * 1000);
+    }
+    /**
+     * Stop metrics cleanup
+     */
+    stopCleanup() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+            this.cleanupInterval = null;
+        }
+    }
+    /**
+     * Clean up metrics older than METRICS_TTL_MS
+     */
+    cleanupStaleMetrics() {
+        const now = new Date();
+        let cleaned = 0;
+        for (const [key, metrics] of this.metrics.entries()) {
+            if (now.getTime() - metrics.lastUpdated.getTime() > METRICS_TTL_MS) {
+                this.metrics.delete(key);
+                cleaned++;
+            }
+        }
+        // Also enforce MAX_UNIQUE_KEYS limit if somehow exceeded
+        if (this.metrics.size > MAX_UNIQUE_KEYS) {
+            // Sort by lastUpdated and remove oldest entries
+            const entries = Array.from(this.metrics.entries()).sort((a, b) => a[1].lastUpdated.getTime() - b[1].lastUpdated.getTime());
+            const toRemove = entries.slice(0, this.metrics.size - MAX_UNIQUE_KEYS);
+            for (const [key] of toRemove) {
+                this.metrics.delete(key);
+                cleaned++;
+            }
+        }
+        if (cleaned > 0 && this.debug) {
+            this.log.debug(`Cleaned up ${cleaned} stale metric entries`);
+        }
+    }
+    /**
+     * Update metrics for a key with bounds checking
+     */
+    update(key, allowed, error = false) {
+        // Check if we've hit the max unique keys limit
+        if (!this.metrics.has(key) && this.metrics.size >= MAX_UNIQUE_KEYS) {
+            // Evict oldest entry before adding new one
+            let oldestKey = null;
+            let oldestTime = Infinity;
+            for (const [k, m] of this.metrics.entries()) {
+                if (m.lastUpdated.getTime() < oldestTime) {
+                    oldestTime = m.lastUpdated.getTime();
+                    oldestKey = k;
+                }
+            }
+            if (oldestKey) {
+                this.metrics.delete(oldestKey);
+                if (this.debug) {
+                    this.log.debug(`Evicted oldest metrics entry: ${oldestKey}`);
+                }
+            }
+        }
+        const now = new Date();
+        const existing = this.metrics.get(key) || {
+            allowed: 0,
+            blocked: 0,
+            errors: 0,
+            lastReset: now,
+            lastUpdated: now,
+        };
+        if (error) {
+            existing.errors++;
+            // Also track allowed/blocked for error cases (fail-open vs fail-closed)
+            if (allowed) {
+                existing.allowed++;
+            }
+            else {
+                existing.blocked++;
+            }
+        }
+        else if (allowed) {
+            existing.allowed++;
+        }
+        else {
+            existing.blocked++;
+        }
+        existing.lastUpdated = now;
+        this.metrics.set(key, existing);
+    }
+    /**
+     * Get metrics for a specific key
+     */
+    get(key) {
+        return this.metrics.get(key);
+    }
+    /**
+     * Get all metrics
+     */
+    getAll() {
+        return new Map(this.metrics);
+    }
+    /**
+     * Delete metrics for a key
+     */
+    delete(key) {
+        this.metrics.delete(key);
+    }
+    /**
+     * Clear all metrics
+     */
+    clear() {
+        this.metrics.clear();
+    }
+    /**
+     * Dispose of resources
+     */
+    dispose() {
+        this.stopCleanup();
+        this.clear();
+    }
+}
+//# sourceMappingURL=metrics-manager.js.map

package/dist/src/security/rate-limiter/metrics-manager.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"metrics-manager.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/metrics-manager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAA;AAEhE;;GAEG;AACH,MAAM,OAAO,cAAc;IACR,OAAO,GAAkC,IAAI,GAAG,EAAE,CAAA;IAC3D,eAAe,GAA0B,IAAI,CAAA;IACpC,KAAK,CAAS;IACd,GAAG,CAAkC;IAEtD,YAAY,KAAK,GAAG,KAAK,EAAE,GAAsC;QAC/D,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,GAAG,GAAG,GAAG,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC,EAAE,CAAA;IACvC,CAAC;IAED;;OAEG;IACH,YAAY;QACV,yCAAyC;QACzC,IAAI,CAAC,eAAe,GAAG,WAAW,CAChC,GAAG,EAAE;YACH,IAAI,CAAC,mBAAmB,EAAE,CAAA;QAC5B,CAAC,EACD,CAAC,GAAG,EAAE,GAAG,IAAI,CACd,CAAA;IACH,CAAC;IAED;;OAEG;IACH,WAAW;QACT,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;YACnC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAA;QAC7B,CAAC;IACH,CAAC;IAED;;OAEG;IACK,mBAAmB;QACzB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;QACtB,IAAI,OAAO,GAAG,CAAC,CAAA;QAEf,KAAK,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;YACpD,IAAI,GAAG,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;gBACnE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;gBACxB,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,eAAe,EAAE,CAAC;YACxC,gDAAgD;YAChD,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CACrD,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,OAAO,EAAE,CAClE,CAAA;YACD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,eAAe,CAAC,CAAA;YACtE,KAAK,MAAM,CAAC,GAAG,CAAC,IAAI,QAAQ,EAAE,CAAC;gBAC7B,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;gBACxB,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC;QAED,IAAI,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,OAAO,uBAAuB,CAAC,CAAA;QAC9D,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,GAAW,EAAE,OAAgB,EAAE,KAAK,GAAG,KAAK;QACjD,+CAA+C;QAC/C,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;YACnE,2CAA2C;YAC3C,IAAI,SAAS,GAAkB,IAAI,CAAA;YACnC,IAAI,UAAU,GAAG,QAAQ,CAAA;YAEzB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;gBAC5C,IAAI,CAAC,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,UAAU,EAAE,CAAC;oBACzC,UAAU,GAAG,CAAC,CAAC,WAAW,CAAC,OAAO,EAAE,CAAA;oBACpC,SAAS,GAAG,CAAC,CAAA;gBACf,CAAC;YACH,CAAC;YAED,IAAI,SAAS,EAAE,CAAC;gBACd,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;gBAC9B,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;oBACf,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,iCAAiC,SAAS,EAAE,CAAC,CAAA;gBAC9D,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;QACtB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI;YACxC,OAAO,EAAE,CAAC;YACV,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,CAAC;YACT,SAAS,EAAE,GAAG;YACd,WAAW,EAAE,GAAG;SACjB,CAAA;QAED,IAAI,KAAK,EAAE,CAAC;YACV,QAAQ,CAAC,MAAM,EAAE,CAAA;YACjB,wEAAwE;YACxE,IAAI,OAAO,EAAE,CAAC;gBACZ,QAAQ,CAAC,OAAO,EAAE,CAAA;YACpB,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,OAAO,EAAE,CAAA;YACpB,CAAC;QACH,CAAC;aAAM,IAAI,OAAO,EAAE,CAAC;YACnB,QAAQ,CAAC,OAAO,EAAE,CAAA;QACpB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,OAAO,EAAE,CAAA;QACpB,CAAC;QAED,QAAQ,CAAC,WAAW,GAAG,GAAG,CAAA;QAC1B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IACjC,CAAC;IAED;;OAEG;IACH,GAAG,CAAC,GAAW;QACb,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;IAC9B,CAAC;IAED;;OAEG;IACH,MAAM;QACJ,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC9B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,GAAW;QAChB,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;IAC1B,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAA;IACtB,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,WAAW,EAAE,CAAA;QAClB,IAAI,CAAC,KAAK,EAAE,CAAA;IACd,CAAC;CACF"}