npm - @skillsmith/core - Versions diffs - 0.1.2 → 0.2.0 - Mend

@skillsmith/core 0.1.2 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (325) hide show

package/dist/src/security/rate-limiter/presets.d.ts ADDED Viewed

@@ -0,0 +1,52 @@
+/**
+ * Rate Limiter Presets - SMI-730, SMI-1189
+ *
+ * Pre-configured rate limit settings for common use cases.
+ */
+import type { RateLimitStorage } from './types.js';
+import { RateLimiter } from './RateLimiter.js';
+/**
+ * Preset rate limit configurations
+ */
+export declare const RATE_LIMIT_PRESETS: {
+    /** Very strict: 10 requests per minute, fail-closed for high security */
+    readonly STRICT: {
+        readonly maxTokens: 10;
+        readonly refillRate: number;
+        readonly windowMs: 60000;
+        readonly failMode: "closed";
+    };
+    /** Standard: 30 requests per minute (default for adapters) */
+    readonly STANDARD: {
+        readonly maxTokens: 30;
+        readonly refillRate: number;
+        readonly windowMs: 60000;
+        readonly failMode: "open";
+    };
+    /** Relaxed: 60 requests per minute */
+    readonly RELAXED: {
+        readonly maxTokens: 60;
+        readonly refillRate: number;
+        readonly windowMs: 60000;
+        readonly failMode: "open";
+    };
+    /** Generous: 120 requests per minute */
+    readonly GENEROUS: {
+        readonly maxTokens: 120;
+        readonly refillRate: number;
+        readonly windowMs: 60000;
+        readonly failMode: "open";
+    };
+    /** High throughput: 300 requests per minute */
+    readonly HIGH_THROUGHPUT: {
+        readonly maxTokens: 300;
+        readonly refillRate: number;
+        readonly windowMs: 60000;
+        readonly failMode: "open";
+    };
+};
+/**
+ * Create a rate limiter from a preset
+ */
+export declare function createRateLimiterFromPreset(preset: keyof typeof RATE_LIMIT_PRESETS, storage?: RateLimitStorage): RateLimiter;
+//# sourceMappingURL=presets.d.ts.map

package/dist/src/security/rate-limiter/presets.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"presets.d.ts","sourceRoot":"","sources":["../../../../src/security/rate-limiter/presets.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAA;AAE9C;;GAEG;AACH,eAAO,MAAM,kBAAkB;IAC7B,yEAAyE;;;;;;;IAOzE,8DAA8D;;;;;;;IAO9D,sCAAsC;;;;;;;IAOtC,wCAAwC;;;;;;;IAOxC,+CAA+C;;;;;;;CAOvC,CAAA;AAEV;;GAEG;AACH,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,MAAM,OAAO,kBAAkB,EACvC,OAAO,CAAC,EAAE,gBAAgB,GACzB,WAAW,CAEb"}

package/dist/src/security/rate-limiter/presets.js ADDED Viewed

@@ -0,0 +1,53 @@
+/**
+ * Rate Limiter Presets - SMI-730, SMI-1189
+ *
+ * Pre-configured rate limit settings for common use cases.
+ */
+import { RateLimiter } from './RateLimiter.js';
+/**
+ * Preset rate limit configurations
+ */
+export const RATE_LIMIT_PRESETS = {
+    /** Very strict: 10 requests per minute, fail-closed for high security */
+    STRICT: {
+        maxTokens: 10,
+        refillRate: 10 / 60, // 0.167 tokens/sec
+        windowMs: 60000,
+        failMode: 'closed',
+    },
+    /** Standard: 30 requests per minute (default for adapters) */
+    STANDARD: {
+        maxTokens: 30,
+        refillRate: 30 / 60, // 0.5 tokens/sec
+        windowMs: 60000,
+        failMode: 'open',
+    },
+    /** Relaxed: 60 requests per minute */
+    RELAXED: {
+        maxTokens: 60,
+        refillRate: 60 / 60, // 1 token/sec
+        windowMs: 60000,
+        failMode: 'open',
+    },
+    /** Generous: 120 requests per minute */
+    GENEROUS: {
+        maxTokens: 120,
+        refillRate: 120 / 60, // 2 tokens/sec
+        windowMs: 60000,
+        failMode: 'open',
+    },
+    /** High throughput: 300 requests per minute */
+    HIGH_THROUGHPUT: {
+        maxTokens: 300,
+        refillRate: 300 / 60, // 5 tokens/sec
+        windowMs: 60000,
+        failMode: 'open',
+    },
+};
+/**
+ * Create a rate limiter from a preset
+ */
+export function createRateLimiterFromPreset(preset, storage) {
+    return new RateLimiter(RATE_LIMIT_PRESETS[preset], storage);
+}
+//# sourceMappingURL=presets.js.map

package/dist/src/security/rate-limiter/presets.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"presets.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/presets.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAA;AAE9C;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,yEAAyE;IACzE,MAAM,EAAE;QACN,SAAS,EAAE,EAAE;QACb,UAAU,EAAE,EAAE,GAAG,EAAE,EAAE,mBAAmB;QACxC,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,QAAiB;KAC5B;IACD,8DAA8D;IAC9D,QAAQ,EAAE;QACR,SAAS,EAAE,EAAE;QACb,UAAU,EAAE,EAAE,GAAG,EAAE,EAAE,iBAAiB;QACtC,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,MAAe;KAC1B;IACD,sCAAsC;IACtC,OAAO,EAAE;QACP,SAAS,EAAE,EAAE;QACb,UAAU,EAAE,EAAE,GAAG,EAAE,EAAE,cAAc;QACnC,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,MAAe;KAC1B;IACD,wCAAwC;IACxC,QAAQ,EAAE;QACR,SAAS,EAAE,GAAG;QACd,UAAU,EAAE,GAAG,GAAG,EAAE,EAAE,eAAe;QACrC,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,MAAe;KAC1B;IACD,+CAA+C;IAC/C,eAAe,EAAE;QACf,SAAS,EAAE,GAAG;QACd,UAAU,EAAE,GAAG,GAAG,EAAE,EAAE,eAAe;QACrC,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,MAAe;KAC1B;CACO,CAAA;AAEV;;GAEG;AACH,MAAM,UAAU,2BAA2B,CACzC,MAAuC,EACvC,OAA0B;IAE1B,OAAO,IAAI,WAAW,CAAC,kBAAkB,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAA;AAC7D,CAAC"}

package/dist/src/security/rate-limiter/queue-manager.d.ts ADDED Viewed

@@ -0,0 +1,59 @@
+/**
+ * Rate Limit Queue Manager - SMI-1013, SMI-1189
+ *
+ * Queue management for rate limiting with request waiting.
+ */
+import type { RateLimitResult } from './types.js';
+/**
+ * Configuration for the queue manager
+ */
+export interface QueueManagerConfig {
+    maxQueueSize: number;
+    queueTimeoutMs: number;
+    debug: boolean;
+}
+/**
+ * Manages request queues for rate limiting
+ */
+export declare class QueueManager {
+    private readonly queues;
+    private processorInterval;
+    private isProcessing;
+    private readonly config;
+    private readonly log;
+    constructor(config: QueueManagerConfig, log?: {
+        debug: (msg: string, data?: Record<string, unknown>) => void;
+    });
+    /**
+     * Start the queue processor
+     */
+    startProcessor(tryConsumeToken: (key: string, cost: number) => Promise<RateLimitResult>, onSuccess: (key: string, allowed: boolean) => void): void;
+    /**
+     * Stop the queue processor
+     */
+    stopProcessor(): void;
+    /**
+     * Process all queues and release waiting requests when tokens become available
+     */
+    private processQueues;
+    /**
+     * Queue a request and wait for a token
+     */
+    queueRequest(key: string, cost: number, onMetricsUpdate: (allowed: boolean) => void): Promise<RateLimitResult>;
+    /**
+     * Get queue status for a key
+     */
+    getStatus(key?: string): {
+        totalQueued: number;
+        queues: Map<string, number>;
+    } | number;
+    /**
+     * Clear queue for a key
+     */
+    clear(key?: string): void;
+    /**
+     * Dispose of resources
+     */
+    dispose(): void;
+}
+//# sourceMappingURL=queue-manager.d.ts.map

package/dist/src/security/rate-limiter/queue-manager.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"queue-manager.d.ts","sourceRoot":"","sources":["../../../../src/security/rate-limiter/queue-manager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAiB,MAAM,YAAY,CAAA;AAIhE;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,KAAK,EAAE,OAAO,CAAA;CACf;AAED;;GAEG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA0C;IACjE,OAAO,CAAC,iBAAiB,CAA8B;IACvD,OAAO,CAAC,YAAY,CAAQ;IAC5B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAoB;IAC3C,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAkE;gBAGpF,MAAM,EAAE,kBAAkB,EAC1B,GAAG,CAAC,EAAE;QAAE,KAAK,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,IAAI,CAAA;KAAE;IAMxE;;OAEG;IACH,cAAc,CACZ,eAAe,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,eAAe,CAAC,EACxE,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,KAAK,IAAI,GACjD,IAAI;IAOP;;OAEG;IACH,aAAa,IAAI,IAAI;IAOrB;;OAEG;YACW,aAAa;IAqD3B;;OAEG;IACG,YAAY,CAChB,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM,EACZ,eAAe,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,IAAI,GAC1C,OAAO,CAAC,eAAe,CAAC;IA2D3B;;OAEG;IACH,SAAS,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG;QAAE,WAAW,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG,MAAM;IActF;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,IAAI;IAqBzB;;OAEG;IACH,OAAO,IAAI,IAAI;CAIhB"}

package/dist/src/security/rate-limiter/queue-manager.js ADDED Viewed

@@ -0,0 +1,189 @@
+/**
+ * Rate Limit Queue Manager - SMI-1013, SMI-1189
+ *
+ * Queue management for rate limiting with request waiting.
+ */
+import { randomUUID } from 'crypto';
+import { RateLimitQueueTimeoutError, RateLimitQueueFullError } from './errors.js';
+import { MAX_UNIQUE_KEYS } from './constants.js';
+/**
+ * Manages request queues for rate limiting
+ */
+export class QueueManager {
+    queues = new Map();
+    processorInterval = null;
+    isProcessing = false;
+    config;
+    log;
+    constructor(config, log) {
+        this.config = config;
+        this.log = log || { debug: () => { } };
+    }
+    /**
+     * Start the queue processor
+     */
+    startProcessor(tryConsumeToken, onSuccess) {
+        // Check queue every 100ms
+        this.processorInterval = setInterval(() => {
+            this.processQueues(tryConsumeToken, onSuccess);
+        }, 100);
+    }
+    /**
+     * Stop the queue processor
+     */
+    stopProcessor() {
+        if (this.processorInterval) {
+            clearInterval(this.processorInterval);
+            this.processorInterval = null;
+        }
+    }
+    /**
+     * Process all queues and release waiting requests when tokens become available
+     */
+    async processQueues(tryConsumeToken, onSuccess) {
+        // Prevent concurrent queue processing
+        if (this.isProcessing) {
+            return;
+        }
+        this.isProcessing = true;
+        try {
+            for (const [key, queue] of this.queues.entries()) {
+                if (queue.length === 0) {
+                    // Clean up empty queues to prevent memory leak
+                    this.queues.delete(key);
+                    continue;
+                }
+                // Try to process the first request in the queue
+                const request = queue[0];
+                const result = await tryConsumeToken(key, request.cost);
+                if (result.allowed) {
+                    // Remove from queue by ID (not by position for safety)
+                    const index = queue.findIndex((r) => r.id === request.id);
+                    if (index !== -1) {
+                        queue.splice(index, 1);
+                    }
+                    // Clear timeout
+                    clearTimeout(request.timeoutHandle);
+                    // Resolve with queue info
+                    const queueWaitMs = Date.now() - request.queuedAt;
+                    onSuccess(key, true);
+                    request.resolve({
+                        ...result,
+                        queued: true,
+                        queueWaitMs,
+                    });
+                    if (this.config.debug) {
+                        this.log.debug(`Queue request released for ${key}`, {
+                            requestId: request.id,
+                            queueWaitMs,
+                            remaining: result.remaining,
+                        });
+                    }
+                }
+            }
+        }
+        finally {
+            this.isProcessing = false;
+        }
+    }
+    /**
+     * Queue a request and wait for a token
+     */
+    async queueRequest(key, cost, onMetricsUpdate) {
+        // Check queue size
+        const queue = this.queues.get(key) || [];
+        if (queue.length >= this.config.maxQueueSize) {
+            onMetricsUpdate(false);
+            throw new RateLimitQueueFullError(key, this.config.maxQueueSize);
+        }
+        // Check if adding new queue would exceed max unique keys
+        if (!this.queues.has(key) && this.queues.size >= MAX_UNIQUE_KEYS) {
+            onMetricsUpdate(false);
+            throw new RateLimitQueueFullError(key, this.config.maxQueueSize);
+        }
+        // Queue the request
+        return new Promise((resolve, reject) => {
+            // Use UUID for unique identification (not timestamp which can collide)
+            const requestId = randomUUID();
+            const queuedAt = Date.now();
+            // Set up timeout
+            const timeoutHandle = setTimeout(() => {
+                // Remove from queue by unique ID
+                const currentQueue = this.queues.get(key) || [];
+                const index = currentQueue.findIndex((r) => r.id === requestId);
+                if (index !== -1) {
+                    currentQueue.splice(index, 1);
+                }
+                onMetricsUpdate(false);
+                reject(new RateLimitQueueTimeoutError(key, this.config.queueTimeoutMs));
+            }, this.config.queueTimeoutMs);
+            const request = {
+                id: requestId,
+                resolve,
+                reject,
+                cost,
+                queuedAt,
+                timeoutHandle,
+            };
+            // Add to queue
+            if (!this.queues.has(key)) {
+                this.queues.set(key, []);
+            }
+            this.queues.get(key).push(request);
+            if (this.config.debug) {
+                this.log.debug(`Request queued for ${key}`, {
+                    requestId,
+                    queueSize: this.queues.get(key).length,
+                    cost,
+                    timeoutMs: this.config.queueTimeoutMs,
+                });
+            }
+        });
+    }
+    /**
+     * Get queue status for a key
+     */
+    getStatus(key) {
+        if (key) {
+            return this.queues.get(key)?.length ?? 0;
+        }
+        const queues = new Map();
+        let totalQueued = 0;
+        for (const [k, q] of this.queues.entries()) {
+            queues.set(k, q.length);
+            totalQueued += q.length;
+        }
+        return { totalQueued, queues };
+    }
+    /**
+     * Clear queue for a key
+     */
+    clear(key) {
+        const clearQueueForKey = (k) => {
+            const queue = this.queues.get(k);
+            if (queue) {
+                for (const request of queue) {
+                    clearTimeout(request.timeoutHandle);
+                    request.reject(new RateLimitQueueTimeoutError(k, 0));
+                }
+                this.queues.delete(k);
+            }
+        };
+        if (key) {
+            clearQueueForKey(key);
+        }
+        else {
+            for (const k of this.queues.keys()) {
+                clearQueueForKey(k);
+            }
+        }
+    }
+    /**
+     * Dispose of resources
+     */
+    dispose() {
+        this.stopProcessor();
+        this.clear();
+    }
+}
+//# sourceMappingURL=queue-manager.js.map

package/dist/src/security/rate-limiter/queue-manager.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"queue-manager.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/queue-manager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAEnC,OAAO,EAAE,0BAA0B,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAA;AACjF,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAWhD;;GAEG;AACH,MAAM,OAAO,YAAY;IACN,MAAM,GAAiC,IAAI,GAAG,EAAE,CAAA;IACzD,iBAAiB,GAA0B,IAAI,CAAA;IAC/C,YAAY,GAAG,KAAK,CAAA;IACX,MAAM,CAAoB;IAC1B,GAAG,CAAkE;IAEtF,YACE,MAA0B,EAC1B,GAAsE;QAEtE,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,GAAG,GAAG,GAAG,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC,EAAE,CAAA;IACvC,CAAC;IAED;;OAEG;IACH,cAAc,CACZ,eAAwE,EACxE,SAAkD;QAElD,0BAA0B;QAC1B,IAAI,CAAC,iBAAiB,GAAG,WAAW,CAAC,GAAG,EAAE;YACxC,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,SAAS,CAAC,CAAA;QAChD,CAAC,EAAE,GAAG,CAAC,CAAA;IACT,CAAC;IAED;;OAEG;IACH,aAAa;QACX,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,aAAa,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YACrC,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAA;QAC/B,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa,CACzB,eAAwE,EACxE,SAAkD;QAElD,sCAAsC;QACtC,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,OAAM;QACR,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAA;QAExB,IAAI,CAAC;YACH,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;gBACjD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACvB,+CAA+C;oBAC/C,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;oBACvB,SAAQ;gBACV,CAAC;gBAED,gDAAgD;gBAChD,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;gBACxB,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,CAAC,CAAA;gBAEvD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBACnB,uDAAuD;oBACvD,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,OAAO,CAAC,EAAE,CAAC,CAAA;oBACzD,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;wBACjB,KAAK,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;oBACxB,CAAC;oBACD,gBAAgB;oBAChB,YAAY,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;oBACnC,0BAA0B;oBAC1B,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,QAAQ,CAAA;oBACjD,SAAS,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;oBACpB,OAAO,CAAC,OAAO,CAAC;wBACd,GAAG,MAAM;wBACT,MAAM,EAAE,IAAI;wBACZ,WAAW;qBACZ,CAAC,CAAA;oBAEF,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;wBACtB,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,8BAA8B,GAAG,EAAE,EAAE;4BAClD,SAAS,EAAE,OAAO,CAAC,EAAE;4BACrB,WAAW;4BACX,SAAS,EAAE,MAAM,CAAC,SAAS;yBAC5B,CAAC,CAAA;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,YAAY,GAAG,KAAK,CAAA;QAC3B,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAChB,GAAW,EACX,IAAY,EACZ,eAA2C;QAE3C,mBAAmB;QACnB,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;QACxC,IAAI,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7C,eAAe,CAAC,KAAK,CAAC,CAAA;YACtB,MAAM,IAAI,uBAAuB,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;QAClE,CAAC;QAED,yDAAyD;QACzD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC;YACjE,eAAe,CAAC,KAAK,CAAC,CAAA;YACtB,MAAM,IAAI,uBAAuB,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;QAClE,CAAC;QAED,oBAAoB;QACpB,OAAO,IAAI,OAAO,CAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACtD,uEAAuE;YACvE,MAAM,SAAS,GAAG,UAAU,EAAE,CAAA;YAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;YAE3B,iBAAiB;YACjB,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE;gBACpC,iCAAiC;gBACjC,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;gBAC/C,MAAM,KAAK,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAA;gBAC/D,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;oBACjB,YAAY,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;gBAC/B,CAAC;gBAED,eAAe,CAAC,KAAK,CAAC,CAAA;gBACtB,MAAM,CAAC,IAAI,0BAA0B,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAA;YACzE,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAA;YAE9B,MAAM,OAAO,GAAkB;gBAC7B,EAAE,EAAE,SAAS;gBACb,OAAO;gBACP,MAAM;gBACN,IAAI;gBACJ,QAAQ;gBACR,aAAa;aACd,CAAA;YAED,eAAe;YACf,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;YAC1B,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YAEnC,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACtB,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,sBAAsB,GAAG,EAAE,EAAE;oBAC1C,SAAS;oBACT,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC,MAAM;oBACvC,IAAI;oBACJ,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc;iBACtC,CAAC,CAAA;YACJ,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,GAAY;QACpB,IAAI,GAAG,EAAE,CAAC;YACR,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC,CAAA;QAC1C,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,GAAG,EAAkB,CAAA;QACxC,IAAI,WAAW,GAAG,CAAC,CAAA;QACnB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;YAC3C,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAA;YACvB,WAAW,IAAI,CAAC,CAAC,MAAM,CAAA;QACzB,CAAC;QACD,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAA;IAChC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAY;QAChB,MAAM,gBAAgB,GAAG,CAAC,CAAS,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YAChC,IAAI,KAAK,EAAE,CAAC;gBACV,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;oBAC5B,YAAY,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;oBACnC,OAAO,CAAC,MAAM,CAAC,IAAI,0BAA0B,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;gBACtD,CAAC;gBACD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;YACvB,CAAC;QACH,CAAC,CAAA;QAED,IAAI,GAAG,EAAE,CAAC;YACR,gBAAgB,CAAC,GAAG,CAAC,CAAA;QACvB,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;gBACnC,gBAAgB,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,aAAa,EAAE,CAAA;QACpB,IAAI,CAAC,KAAK,EAAE,CAAA;IACd,CAAC;CACF"}

package/dist/src/security/rate-limiter/storage.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+/**
+ * Rate Limiter Storage - SMI-730, SMI-1189
+ *
+ * Storage implementations for rate limiting.
+ */
+import type { RateLimitStorage, TokenBucket } from './types.js';
+/**
+ * In-memory storage implementation
+ */
+export declare class InMemoryRateLimitStorage implements RateLimitStorage {
+    private store;
+    private cleanupInterval;
+    constructor(cleanupIntervalMs?: number);
+    get(key: string): Promise<TokenBucket | null>;
+    set(key: string, value: TokenBucket, ttlMs: number): Promise<void>;
+    delete(key: string): Promise<void>;
+    clear(): Promise<void>;
+    /**
+     * Clean up expired entries
+     */
+    private cleanup;
+    /**
+     * Dispose of resources
+     */
+    dispose(): void;
+    /**
+     * Get storage stats (for testing/monitoring)
+     */
+    getStats(): {
+        size: number;
+        keys: string[];
+    };
+}
+//# sourceMappingURL=storage.d.ts.map

package/dist/src/security/rate-limiter/storage.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../../../../src/security/rate-limiter/storage.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAI/D;;GAEG;AACH,qBAAa,wBAAyB,YAAW,gBAAgB;IAC/D,OAAO,CAAC,KAAK,CAAgE;IAC7E,OAAO,CAAC,eAAe,CAA8B;gBAEzC,iBAAiB,SAAQ;IAO/B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAa7C,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOlE,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAI5B;;OAEG;IACH,OAAO,CAAC,OAAO;IAiBf;;OAEG;IACH,OAAO,IAAI,IAAI;IAQf;;OAEG;IACH,QAAQ,IAAI;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,EAAE,CAAA;KAAE;CAM7C"}

package/dist/src/security/rate-limiter/storage.js ADDED Viewed

@@ -0,0 +1,80 @@
+/**
+ * Rate Limiter Storage - SMI-730, SMI-1189
+ *
+ * Storage implementations for rate limiting.
+ */
+import { createLogger } from '../../utils/logger.js';
+const log = createLogger('RateLimiter');
+/**
+ * In-memory storage implementation
+ */
+export class InMemoryRateLimitStorage {
+    store = new Map();
+    cleanupInterval = null;
+    constructor(cleanupIntervalMs = 60000) {
+        // Periodic cleanup of expired entries
+        this.cleanupInterval = setInterval(() => {
+            this.cleanup();
+        }, cleanupIntervalMs);
+    }
+    async get(key) {
+        const entry = this.store.get(key);
+        if (!entry)
+            return null;
+        // Check expiration
+        if (Date.now() > entry.expiresAt) {
+            this.store.delete(key);
+            return null;
+        }
+        return entry.bucket;
+    }
+    async set(key, value, ttlMs) {
+        this.store.set(key, {
+            bucket: value,
+            expiresAt: Date.now() + ttlMs,
+        });
+    }
+    async delete(key) {
+        this.store.delete(key);
+    }
+    async clear() {
+        this.store.clear();
+    }
+    /**
+     * Clean up expired entries
+     */
+    cleanup() {
+        const now = Date.now();
+        let cleaned = 0;
+        // Use Array.from to avoid downlevelIteration requirement
+        Array.from(this.store.entries()).forEach(([key, entry]) => {
+            if (now > entry.expiresAt) {
+                this.store.delete(key);
+                cleaned++;
+            }
+        });
+        if (cleaned > 0) {
+            log.debug(`Cleaned up ${cleaned} expired rate limit entries`);
+        }
+    }
+    /**
+     * Dispose of resources
+     */
+    dispose() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+            this.cleanupInterval = null;
+        }
+        this.store.clear();
+    }
+    /**
+     * Get storage stats (for testing/monitoring)
+     */
+    getStats() {
+        return {
+            size: this.store.size,
+            keys: Array.from(this.store.keys()),
+        };
+    }
+}
+//# sourceMappingURL=storage.js.map

package/dist/src/security/rate-limiter/storage.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"storage.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/storage.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AAGpD,MAAM,GAAG,GAAG,YAAY,CAAC,aAAa,CAAC,CAAA;AAEvC;;GAEG;AACH,MAAM,OAAO,wBAAwB;IAC3B,KAAK,GAAG,IAAI,GAAG,EAAsD,CAAA;IACrE,eAAe,GAA0B,IAAI,CAAA;IAErD,YAAY,iBAAiB,GAAG,KAAK;QACnC,sCAAsC;QACtC,IAAI,CAAC,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE;YACtC,IAAI,CAAC,OAAO,EAAE,CAAA;QAChB,CAAC,EAAE,iBAAiB,CAAC,CAAA;IACvB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QACjC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QAEvB,mBAAmB;QACnB,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;YACtB,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,KAAK,CAAC,MAAM,CAAA;IACrB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAkB,EAAE,KAAa;QACtD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,MAAM,EAAE,KAAK;YACb,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;SAC9B,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;IACxB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IACpB,CAAC;IAED;;OAEG;IACK,OAAO;QACb,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACtB,IAAI,OAAO,GAAG,CAAC,CAAA;QAEf,yDAAyD;QACzD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACxD,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;gBAC1B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;gBACtB,OAAO,EAAE,CAAA;YACX,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAChB,GAAG,CAAC,KAAK,CAAC,cAAc,OAAO,6BAA6B,CAAC,CAAA;QAC/D,CAAC;IACH,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;YACnC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAA;QAC7B,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IACpB,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI;YACrB,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;SACpC,CAAA;IACH,CAAC;CACF"}

package/dist/src/security/rate-limiter/token-bucket.d.ts ADDED Viewed

@@ -0,0 +1,44 @@
+/**
+ * Token Bucket Core Logic - SMI-730, SMI-1189
+ *
+ * Core token bucket algorithm implementation for rate limiting.
+ */
+import type { TokenBucket, RateLimitResult, RateLimitStorage } from './types.js';
+/**
+ * Configuration for token bucket operations
+ */
+export interface TokenBucketConfig {
+    maxTokens: number;
+    refillRate: number;
+    windowMs: number;
+    keyPrefix: string;
+    failMode: 'open' | 'closed';
+}
+/**
+ * Try to consume tokens from a bucket (internal helper)
+ *
+ * @param storage - Storage for token buckets
+ * @param config - Token bucket configuration
+ * @param key - Rate limit key
+ * @param cost - Number of tokens to consume
+ * @returns Rate limit result
+ */
+export declare function tryConsumeToken(storage: RateLimitStorage, config: TokenBucketConfig, key: string, cost: number): Promise<RateLimitResult>;
+/**
+ * Get the current state of a token bucket
+ *
+ * @param storage - Storage for token buckets
+ * @param keyPrefix - Key prefix for storage
+ * @param key - Rate limit key
+ * @returns Current bucket state or null
+ */
+export declare function getTokenBucketState(storage: RateLimitStorage, keyPrefix: string, key: string): Promise<TokenBucket | null>;
+/**
+ * Reset a token bucket
+ *
+ * @param storage - Storage for token buckets
+ * @param keyPrefix - Key prefix for storage
+ * @param key - Rate limit key
+ */
+export declare function resetTokenBucket(storage: RateLimitStorage, keyPrefix: string, key: string): Promise<void>;
+//# sourceMappingURL=token-bucket.d.ts.map

package/dist/src/security/rate-limiter/token-bucket.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token-bucket.d.ts","sourceRoot":"","sources":["../../../../src/security/rate-limiter/token-bucket.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAEhF;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAA;IACjB,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,MAAM,GAAG,QAAQ,CAAA;CAC5B;AAED;;;;;;;;GAQG;AACH,wBAAsB,eAAe,CACnC,OAAO,EAAE,gBAAgB,EACzB,MAAM,EAAE,iBAAiB,EACzB,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,eAAe,CAAC,CAkE1B;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,gBAAgB,EACzB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAG7B;AAED;;;;;;GAMG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,gBAAgB,EACzB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,IAAI,CAAC,CAGf"}

package/dist/src/security/rate-limiter/token-bucket.js ADDED Viewed

@@ -0,0 +1,99 @@
+/**
+ * Token Bucket Core Logic - SMI-730, SMI-1189
+ *
+ * Core token bucket algorithm implementation for rate limiting.
+ */
+/**
+ * Try to consume tokens from a bucket (internal helper)
+ *
+ * @param storage - Storage for token buckets
+ * @param config - Token bucket configuration
+ * @param key - Rate limit key
+ * @param cost - Number of tokens to consume
+ * @returns Rate limit result
+ */
+export async function tryConsumeToken(storage, config, key, cost) {
+    const storageKey = `${config.keyPrefix}:${key}`;
+    const now = Date.now();
+    try {
+        let bucket = await storage.get(storageKey);
+        if (!bucket) {
+            bucket = {
+                tokens: config.maxTokens,
+                lastRefill: now,
+                firstRequest: now,
+            };
+        }
+        // Refill tokens based on elapsed time
+        const elapsedMs = now - bucket.lastRefill;
+        const elapsedSeconds = elapsedMs / 1000;
+        const tokensToAdd = elapsedSeconds * config.refillRate;
+        if (tokensToAdd > 0) {
+            bucket.tokens = Math.min(config.maxTokens, bucket.tokens + tokensToAdd);
+            bucket.lastRefill = now;
+        }
+        // Check if we have enough tokens
+        const allowed = bucket.tokens >= cost;
+        if (allowed) {
+            bucket.tokens -= cost;
+            await storage.set(storageKey, bucket, config.windowMs);
+            return {
+                allowed: true,
+                remaining: Math.floor(bucket.tokens),
+                limit: config.maxTokens,
+            };
+        }
+        else {
+            const tokensNeeded = cost - bucket.tokens;
+            const retryAfterMs = Math.ceil((tokensNeeded / config.refillRate) * 1000);
+            const resetAt = new Date(now + retryAfterMs).toISOString();
+            return {
+                allowed: false,
+                remaining: Math.floor(bucket.tokens),
+                limit: config.maxTokens,
+                retryAfterMs,
+                resetAt,
+            };
+        }
+    }
+    catch {
+        // On error, return based on fail mode
+        if (config.failMode === 'closed') {
+            return {
+                allowed: false,
+                remaining: 0,
+                limit: config.maxTokens,
+                retryAfterMs: config.windowMs,
+            };
+        }
+        return {
+            allowed: true,
+            remaining: config.maxTokens,
+            limit: config.maxTokens,
+        };
+    }
+}
+/**
+ * Get the current state of a token bucket
+ *
+ * @param storage - Storage for token buckets
+ * @param keyPrefix - Key prefix for storage
+ * @param key - Rate limit key
+ * @returns Current bucket state or null
+ */
+export async function getTokenBucketState(storage, keyPrefix, key) {
+    const storageKey = `${keyPrefix}:${key}`;
+    return await storage.get(storageKey);
+}
+/**
+ * Reset a token bucket
+ *
+ * @param storage - Storage for token buckets
+ * @param keyPrefix - Key prefix for storage
+ * @param key - Rate limit key
+ */
+export async function resetTokenBucket(storage, keyPrefix, key) {
+    const storageKey = `${keyPrefix}:${key}`;
+    await storage.delete(storageKey);
+}
+//# sourceMappingURL=token-bucket.js.map

package/dist/src/security/rate-limiter/token-bucket.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token-bucket.js","sourceRoot":"","sources":["../../../../src/security/rate-limiter/token-bucket.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAeH;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,OAAyB,EACzB,MAAyB,EACzB,GAAW,EACX,IAAY;IAEZ,MAAM,UAAU,GAAG,GAAG,MAAM,CAAC,SAAS,IAAI,GAAG,EAAE,CAAA;IAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IAEtB,IAAI,CAAC;QACH,IAAI,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAE1C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG;gBACP,MAAM,EAAE,MAAM,CAAC,SAAS;gBACxB,UAAU,EAAE,GAAG;gBACf,YAAY,EAAE,GAAG;aAClB,CAAA;QACH,CAAC;QAED,sCAAsC;QACtC,MAAM,SAAS,GAAG,GAAG,GAAG,MAAM,CAAC,UAAU,CAAA;QACzC,MAAM,cAAc,GAAG,SAAS,GAAG,IAAI,CAAA;QACvC,MAAM,WAAW,GAAG,cAAc,GAAG,MAAM,CAAC,UAAU,CAAA;QAEtD,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;YACpB,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,CAAA;YACvE,MAAM,CAAC,UAAU,GAAG,GAAG,CAAA;QACzB,CAAC;QAED,iCAAiC;QACjC,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,IAAI,IAAI,CAAA;QAErC,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,CAAC,MAAM,IAAI,IAAI,CAAA;YACrB,MAAM,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAA;YAEtD,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;gBACpC,KAAK,EAAE,MAAM,CAAC,SAAS;aACxB,CAAA;QACH,CAAC;aAAM,CAAC;YACN,MAAM,YAAY,GAAG,IAAI,GAAG,MAAM,CAAC,MAAM,CAAA;YACzC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,YAAY,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAA;YACzE,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,GAAG,GAAG,YAAY,CAAC,CAAC,WAAW,EAAE,CAAA;YAE1D,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;gBACpC,KAAK,EAAE,MAAM,CAAC,SAAS;gBACvB,YAAY;gBACZ,OAAO;aACR,CAAA;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sCAAsC;QACtC,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACjC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,SAAS,EAAE,CAAC;gBACZ,KAAK,EAAE,MAAM,CAAC,SAAS;gBACvB,YAAY,EAAE,MAAM,CAAC,QAAQ;aAC9B,CAAA;QACH,CAAC;QACD,OAAO;YACL,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,KAAK,EAAE,MAAM,CAAC,SAAS;SACxB,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAyB,EACzB,SAAiB,EACjB,GAAW;IAEX,MAAM,UAAU,GAAG,GAAG,SAAS,IAAI,GAAG,EAAE,CAAA;IACxC,OAAO,MAAM,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;AACtC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,OAAyB,EACzB,SAAiB,EACjB,GAAW;IAEX,MAAM,UAAU,GAAG,GAAG,SAAS,IAAI,GAAG,EAAE,CAAA;IACxC,MAAM,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAA;AAClC,CAAC"}