@skillsmith/core 0.4.13 → 0.4.15

package/dist/src/services/quarantine/QuarantineService.js

@@ -1,6 +1,7 @@
 /**
  * SMI-2269: Quarantine Service with Authentication
  * SMI-2277: Persist multi-approval state to database
+ * @see SMI-2741: Multi-approval workflow split to QuarantineService.multiapproval.ts
  *
  * Service layer for quarantine operations that enforces authentication
  * and authorization. Wraps QuarantineRepository with security controls.
@@ -19,17 +20,10 @@
  * @module @skillsmith/core/services/quarantine/QuarantineService
  */
 import { QuarantineServiceError, requirePermission } from './types.js';
-// ============================================================================
-// Configuration
-// ============================================================================
-/**
- * Number of approvals required for MALICIOUS severity reviews
- */
-const MALICIOUS_APPROVAL_COUNT = 2;
-/**
- * Multi-approval timeout in milliseconds (24 hours)
- */
-const MULTI_APPROVAL_TIMEOUT_MS = 24 * 60 * 60 * 1000;
+import { handleMaliciousApproval, buildMultiApprovalStatus, } from './QuarantineService.multiapproval.js';
+// Re-export multi-approval functions for public API
+export { handleMaliciousApproval, buildMultiApprovalStatus, } from './QuarantineService.multiapproval.js';
+export { MALICIOUS_APPROVAL_COUNT, MULTI_APPROVAL_TIMEOUT_MS, } from './QuarantineService.multiapproval.js';
 // ============================================================================
 // Service Implementation
 // ============================================================================
@@ -145,7 +139,7 @@ export class QuarantineService {
         }
         // For MALICIOUS severity, require multi-approval workflow
         if (entry.severity === 'MALICIOUS' && input.reviewStatus === 'approved') {
-            return this.handleMaliciousApproval(session, quarantineId, entry.skillId, input);
+            return handleMaliciousApproval(session, quarantineId, entry.skillId, input, this.repository, this.approvalRepository, this.auditLogger);
         }
         // For MALICIOUS severity rejection or non-MALICIOUS, check elevated permission
         if (entry.severity === 'MALICIOUS') {
@@ -197,171 +191,8 @@ export class QuarantineService {
         };
     }
     // ==========================================================================
-    // Multi-Approval Workflow (MALICIOUS Severity)
+    // Multi-Approval Status Operations
     // ==========================================================================
-    /**
-     * Handle approval for MALICIOUS severity skills
-     *
-     * MALICIOUS severity requires multiple reviewers to approve
-     * before a skill can be unquarantined. This prevents single
-     * reviewer compromise from allowing malicious skills.
-     *
-     * Approval state is persisted to the database (SMI-2277) so
-     * pending approvals survive service restarts.
-     *
-     * @param session - Authenticated session
-     * @param quarantineId - Quarantine entry ID
-     * @param skillId - Skill ID
-     * @param input - Review input
-     * @returns Review result with multi-approval status
-     */
-    handleMaliciousApproval(session, quarantineId, skillId, input) {
-        // Require elevated permission for MALICIOUS review
-        requirePermission(session, 'quarantine:review_malicious');
-        // Check if this reviewer already approved (database-backed)
-        if (this.approvalRepository.hasReviewerApproved(quarantineId, session.userId)) {
-            // Retrieve existing approval for error details
-            const existingApprovals = this.approvalRepository.getPendingApprovals(quarantineId);
-            const existing = existingApprovals.find((a) => a.reviewerId === session.userId);
-            throw new QuarantineServiceError('You have already approved this entry', 'ALREADY_REVIEWED', {
-                quarantineId,
-                previousApprovalAt: existing?.createdAt ?? 'unknown',
-            });
-        }
-        // Check for approval timeout
-        const startTime = this.approvalRepository.getWorkflowStartTime(quarantineId);
-        if (startTime) {
-            const timeSinceStart = Date.now() - new Date(startTime).getTime();
-            if (timeSinceStart > MULTI_APPROVAL_TIMEOUT_MS) {
-                // Capture existing approvals before clearing for audit
-                const expiredApprovals = this.approvalRepository.getPendingApprovals(quarantineId);
-                // Reset approval workflow
-                this.approvalRepository.clearApprovals(quarantineId);
-                // Log timeout event so cleared reviewer work is auditable
-                this.auditLogger.log({
-                    event_type: 'quarantine_multi_approval_timeout',
-                    actor: 'system',
-                    resource: skillId,
-                    action: 'timeout',
-                    result: 'success',
-                    metadata: {
-                        quarantineId,
-                        timeoutMs: MULTI_APPROVAL_TIMEOUT_MS,
-                        expiredApprovals: expiredApprovals.map((a) => ({
-                            reviewerId: a.reviewerId,
-                            email: a.reviewerEmail,
-                            approvedAt: a.createdAt,
-                        })),
-                        triggeredBy: {
-                            userId: session.userId,
-                            email: session.email,
-                        },
-                    },
-                });
-                throw new QuarantineServiceError('Multi-approval workflow timed out. Please start again.', 'INVALID_INPUT', { quarantineId, timeoutMs: MULTI_APPROVAL_TIMEOUT_MS });
-            }
-        }
-        // Record this approval in the database
-        this.approvalRepository.recordApproval({
-            skillId: quarantineId,
-            reviewerId: session.userId,
-            reviewerEmail: session.email,
-            decision: 'approved',
-            reason: input.reviewNotes,
-            requiredApprovals: MALICIOUS_APPROVAL_COUNT,
-        });
-        // Get current approval count and all pending approvals
-        const pendingApprovals = this.approvalRepository.getPendingApprovals(quarantineId);
-        const approvalCount = pendingApprovals.filter((a) => a.decision === 'approved').length;
-        // Build the multi-approval status from database state
-        const approvalStatus = this.buildMultiApprovalStatus(quarantineId, pendingApprovals);
-        // Log the approval
-        this.auditLogger.log({
-            event_type: 'quarantine_multi_approval',
-            actor: 'reviewer',
-            resource: skillId,
-            action: 'approve',
-            result: 'success',
-            metadata: {
-                quarantineId,
-                approvalNumber: approvalCount,
-                requiredApprovals: MALICIOUS_APPROVAL_COUNT,
-                reviewer: {
-                    userId: session.userId,
-                    email: session.email,
-                },
-            },
-        });
-        // Check if we have enough approvals
-        if (approvalCount >= MALICIOUS_APPROVAL_COUNT) {
-            // Mark approvals as complete in database
-            this.approvalRepository.markComplete(quarantineId);
-            approvalStatus.isComplete = true;
-            approvalStatus.completedAt = new Date();
-            // Perform the actual review
-            const approverEmails = pendingApprovals
-                .filter((a) => a.decision === 'approved')
-                .map((a) => a.reviewerEmail);
-            const reviewResult = this.repository.review(quarantineId, {
-                reviewedBy: approverEmails.join(', '),
-                reviewStatus: 'approved',
-                reviewNotes: `Multi-approval complete: ${approvalCount} reviewers approved. ${input.reviewNotes || ''}`,
-            });
-            // Log completion
-            this.auditLogger.log({
-                event_type: 'quarantine_multi_approval_complete',
-                actor: 'reviewer',
-                resource: skillId,
-                action: 'complete',
-                result: 'success',
-                metadata: {
-                    quarantineId,
-                    approvals: pendingApprovals
-                        .filter((a) => a.decision === 'approved')
-                        .map((a) => ({
-                        reviewerId: a.reviewerId,
-                        email: a.reviewerEmail,
-                        approvedAt: a.createdAt,
-                    })),
-                },
-            });
-            return {
-                success: true,
-                approved: true,
-                skillId,
-                severity: 'MALICIOUS',
-                canImport: reviewResult?.canImport ?? false,
-                warnings: [
-                    'MALICIOUS skill approved through multi-approval workflow',
-                    `Approved by: ${approverEmails.join(', ')}`,
-                ],
-                reviewedBy: {
-                    userId: session.userId,
-                    email: session.email,
-                    displayName: session.displayName,
-                },
-                multiApprovalStatus: approvalStatus,
-            };
-        }
-        // Need more approvals
-        return {
-            success: true,
-            approved: false,
-            skillId,
-            severity: 'MALICIOUS',
-            canImport: false,
-            warnings: [
-                `Multi-approval in progress: ${approvalCount}/${MALICIOUS_APPROVAL_COUNT} approvals received`,
-                `Requires ${MALICIOUS_APPROVAL_COUNT - approvalCount} more approval(s)`,
-            ],
-            reviewedBy: {
-                userId: session.userId,
-                email: session.email,
-                displayName: session.displayName,
-            },
-            multiApprovalStatus: approvalStatus,
-        };
-    }
     /**
      * Get pending multi-approval status for a quarantine entry
      *
@@ -375,7 +206,7 @@ export class QuarantineService {
         if (pendingApprovals.length === 0) {
             return null;
         }
-        return this.buildMultiApprovalStatus(quarantineId, pendingApprovals);
+        return buildMultiApprovalStatus(quarantineId, pendingApprovals);
     }
     /**
      * Cancel a pending multi-approval workflow
@@ -432,33 +263,5 @@ export class QuarantineService {
         this.approvalRepository.clearApprovals(id);
         return this.repository.delete(id);
     }
-    // ==========================================================================
-    // Private Helpers
-    // ==========================================================================
-    /**
-     * Build a MultiApprovalStatus from database rows
-     *
-     * Converts persisted approval entries into the MultiApprovalStatus
-     * interface expected by consumers.
-     */
-    buildMultiApprovalStatus(quarantineId, approvals) {
-        const currentApprovals = approvals.map((a) => ({
-            reviewerId: a.reviewerId,
-            reviewerEmail: a.reviewerEmail,
-            approvedAt: new Date(a.createdAt),
-            notes: a.reason ?? undefined,
-        }));
-        const startedAt = approvals.length > 0 ? new Date(approvals[0].createdAt) : new Date();
-        const isComplete = approvals.some((a) => a.isComplete);
-        const completedEntry = approvals.find((a) => a.completedAt);
-        return {
-            quarantineId,
-            requiredApprovals: MALICIOUS_APPROVAL_COUNT,
-            currentApprovals,
-            isComplete,
-            startedAt,
-            completedAt: completedEntry ? new Date(completedEntry.completedAt) : undefined,
-        };
-    }
 }
 //# sourceMappingURL=QuarantineService.js.map

package/dist/src/services/quarantine/QuarantineService.js.map

@@ -1 +1 @@
-{"version":3,"file":"QuarantineService.js","sourceRoot":"","sources":["../../../../src/services/quarantine/QuarantineService.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAYH,OAAO,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAA;AAEtE,+EAA+E;AAC/E,gBAAgB;AAChB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,wBAAwB,GAAG,CAAC,CAAA;AAElC;;GAEG;AACH,MAAM,yBAAyB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;AAErD,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,OAAO,iBAAiB;IAET;IACA;IACA;IAHnB,YACmB,UAAgC,EAChC,kBAAsC,EACtC,WAAwB;QAFxB,eAAU,GAAV,UAAU,CAAsB;QAChC,uBAAkB,GAAlB,kBAAkB,CAAoB;QACtC,gBAAW,GAAX,WAAW,CAAa;IACxC,CAAC;IAEJ,6EAA6E;IAC7E,uDAAuD;IACvD,6EAA6E;IAE7E;;;;;;OAMG;IACH,QAAQ,CAAC,OAA6B,EAAE,EAAU;QAChD,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;IACrC,CAAC;IAED;;;;;;OAMG;IACH,aAAa,CAAC,OAA6B,EAAE,OAAe;QAC1D,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;IAC/C,CAAC;IAED;;;;;;OAMG;IACH,OAAO,CAAC,OAA6B,EAAE,MAAuD;QAC5F,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;IACxC,CAAC;IAED;;;;;OAKG;IACH,QAAQ,CAAC,OAA6B;QACpC,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAA;IACnC,CAAC;IAED,6EAA6E;IAC7E,2DAA2D;IAC3D,6EAA6E;IAE7E;;;;;;;;;;;;;;;OAeG;IACH,MAAM,CACJ,OAA6B,EAC7B,YAAoB,EACpB,KAA+B;QAE/B,iDAAiD;QACjD,iBAAiB,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAA;QAE/C,2BAA2B;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,sBAAsB,CAAC,+BAA+B,YAAY,EAAE,EAAE,WAAW,EAAE;gBAC3F,YAAY;aACb,CAAC,CAAA;QACJ,CAAC;QAED,4BAA4B;QAC5B,IAAI,KAAK,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACrC,MAAM,IAAI,sBAAsB,CAC9B,sCAAsC,KAAK,CAAC,YAAY,EAAE,EAC1D,kBAAkB,EAClB,EAAE,YAAY,EAAE,aAAa,EAAE,KAAK,CAAC,YAAY,EAAE,CACpD,CAAA;QACH,CAAC;QAED,0DAA0D;QAC1D,IAAI,KAAK,CAAC,QAAQ,KAAK,WAAW,IAAI,KAAK,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YACxE,OAAO,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,YAAY,EAAE,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;QAClF,CAAC;QAED,+EAA+E;QAC/E,IAAI,KAAK,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;YACnC,iBAAiB,CAAC,OAAO,EAAE,6BAA6B,CAAC,CAAA;QAC3D,CAAC;QAED,4CAA4C;QAC5C,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,YAAY,EAAE;YACxD,UAAU,EAAE,OAAO,CAAC,KAAK,EAAE,8BAA8B;YACzD,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAA;QAEF,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,sBAAsB,CAAC,mCAAmC,EAAE,eAAe,EAAE;gBACrF,YAAY;aACb,CAAC,CAAA;QACJ,CAAC;QAED,4CAA4C;QAC5C,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;YACnB,UAAU,EAAE,iCAAiC;YAC7C,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,KAAK,CAAC,OAAO;YACvB,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE;gBACR,YAAY;gBACZ,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,QAAQ,EAAE;oBACR,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;oBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;iBACjC;gBACD,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,SAAS,EAAE,YAAY,CAAC,SAAS;aAClC;SACF,CAAC,CAAA;QAEF,OAAO;YACL,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,OAAO,EAAE,YAAY,CAAC,OAAO;YAC7B,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,SAAS,EAAE,YAAY,CAAC,SAAS;YACjC,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,UAAU,EAAE;gBACV,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC;SACF,CAAA;IACH,CAAC;IAED,6EAA6E;IAC7E,+CAA+C;IAC/C,6EAA6E;IAE7E;;;;;;;;;;;;;;;OAeG;IACK,uBAAuB,CAC7B,OAA6B,EAC7B,YAAoB,EACpB,OAAe,EACf,KAA+B;QAE/B,mDAAmD;QACnD,iBAAiB,CAAC,OAAO,EAAE,6BAA6B,CAAC,CAAA;QAEzD,4DAA4D;QAC5D,IAAI,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9E,+CAA+C;YAC/C,MAAM,iBAAiB,GAAG,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;YACnF,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;YAC/E,MAAM,IAAI,sBAAsB,CAAC,sCAAsC,EAAE,kBAAkB,EAAE;gBAC3F,YAAY;gBACZ,kBAAkB,EAAE,QAAQ,EAAE,SAAS,IAAI,SAAS;aACrD,CAAC,CAAA;QACJ,CAAC;QAED,6BAA6B;QAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAA;QAC5E,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAA;YACjE,IAAI,cAAc,GAAG,yBAAyB,EAAE,CAAC;gBAC/C,uDAAuD;gBACvD,MAAM,gBAAgB,GAAG,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;gBAElF,0BAA0B;gBAC1B,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,YAAY,CAAC,CAAA;gBAEpD,0DAA0D;gBAC1D,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;oBACnB,UAAU,EAAE,mCAAmC;oBAC/C,KAAK,EAAE,QAAQ;oBACf,QAAQ,EAAE,OAAO;oBACjB,MAAM,EAAE,SAAS;oBACjB,MAAM,EAAE,SAAS;oBACjB,QAAQ,EAAE;wBACR,YAAY;wBACZ,SAAS,EAAE,yBAAyB;wBACpC,gBAAgB,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;4BAC7C,UAAU,EAAE,CAAC,CAAC,UAAU;4BACxB,KAAK,EAAE,CAAC,CAAC,aAAa;4BACtB,UAAU,EAAE,CAAC,CAAC,SAAS;yBACxB,CAAC,CAAC;wBACH,WAAW,EAAE;4BACX,MAAM,EAAE,OAAO,CAAC,MAAM;4BACtB,KAAK,EAAE,OAAO,CAAC,KAAK;yBACrB;qBACF;iBACF,CAAC,CAAA;gBAEF,MAAM,IAAI,sBAAsB,CAC9B,wDAAwD,EACxD,eAAe,EACf,EAAE,YAAY,EAAE,SAAS,EAAE,yBAAyB,EAAE,CACvD,CAAA;YACH,CAAC;QACH,CAAC;QAED,uCAAuC;QACvC,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC;YACrC,OAAO,EAAE,YAAY;YACrB,UAAU,EAAE,OAAO,CAAC,MAAM;YAC1B,aAAa,EAAE,OAAO,CAAC,KAAK;YAC5B,QAAQ,EAAE,UAAU;YACpB,MAAM,EAAE,KAAK,CAAC,WAAW;YACzB,iBAAiB,EAAE,wBAAwB;SAC5C,CAAC,CAAA;QAEF,uDAAuD;QACvD,MAAM,gBAAgB,GAAG,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;QAClF,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAA;QAEtF,sDAAsD;QACtD,MAAM,cAAc,GAAG,IAAI,CAAC,wBAAwB,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAA;QAEpF,mBAAmB;QACnB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;YACnB,UAAU,EAAE,2BAA2B;YACvC,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,OAAO;YACjB,MAAM,EAAE,SAAS;YACjB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE;gBACR,YAAY;gBACZ,cAAc,EAAE,aAAa;gBAC7B,iBAAiB,EAAE,wBAAwB;gBAC3C,QAAQ,EAAE;oBACR,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;iBACrB;aACF;SACF,CAAC,CAAA;QAEF,oCAAoC;QACpC,IAAI,aAAa,IAAI,wBAAwB,EAAE,CAAC;YAC9C,yCAAyC;YACzC,IAAI,CAAC,kBAAkB,CAAC,YAAY,CAAC,YAAY,CAAC,CAAA;YAClD,cAAc,CAAC,UAAU,GAAG,IAAI,CAAA;YAChC,cAAc,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAA;YAEvC,4BAA4B;YAC5B,MAAM,cAAc,GAAG,gBAAgB;iBACpC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;iBACxC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAA;YAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,YAAY,EAAE;gBACxD,UAAU,EAAE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC;gBACrC,YAAY,EAAE,UAAU;gBACxB,WAAW,EAAE,4BAA4B,aAAa,wBAAwB,KAAK,CAAC,WAAW,IAAI,EAAE,EAAE;aACxG,CAAC,CAAA;YAEF,iBAAiB;YACjB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;gBACnB,UAAU,EAAE,oCAAoC;gBAChD,KAAK,EAAE,UAAU;gBACjB,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,UAAU;gBAClB,MAAM,EAAE,SAAS;gBACjB,QAAQ,EAAE;oBACR,YAAY;oBACZ,SAAS,EAAE,gBAAgB;yBACxB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;yBACxC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;wBACX,UAAU,EAAE,CAAC,CAAC,UAAU;wBACxB,KAAK,EAAE,CAAC,CAAC,aAAa;wBACtB,UAAU,EAAE,CAAC,CAAC,SAAS;qBACxB,CAAC,CAAC;iBACN;aACF,CAAC,CAAA;YAEF,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,IAAI;gBACd,OAAO;gBACP,QAAQ,EAAE,WAAW;gBACrB,SAAS,EAAE,YAAY,EAAE,SAAS,IAAI,KAAK;gBAC3C,QAAQ,EAAE;oBACR,0DAA0D;oBAC1D,gBAAgB,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;iBAC5C;gBACD,UAAU,EAAE;oBACV,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;oBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;iBACjC;gBACD,mBAAmB,EAAE,cAAc;aACpC,CAAA;QACH,CAAC;QAED,sBAAsB;QACtB,OAAO;YACL,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,KAAK;YACf,OAAO;YACP,QAAQ,EAAE,WAAW;YACrB,SAAS,EAAE,KAAK;YAChB,QAAQ,EAAE;gBACR,+BAA+B,aAAa,IAAI,wBAAwB,qBAAqB;gBAC7F,YAAY,wBAAwB,GAAG,aAAa,mBAAmB;aACxE;YACD,UAAU,EAAE;gBACV,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC;YACD,mBAAmB,EAAE,cAAc;SACpC,CAAA;IACH,CAAC;IAED;;;;;;OAMG;IACH,sBAAsB,CACpB,OAA6B,EAC7B,YAAoB;QAEpB,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAE7C,MAAM,gBAAgB,GAAG,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;QAClF,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClC,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,IAAI,CAAC,wBAAwB,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAA;IACtE,CAAC;IAED;;;;;;OAMG;IACH,mBAAmB,CAAC,OAA6B,EAAE,YAAoB;QACrE,iBAAiB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAA;QAE9C,MAAM,gBAAgB,GAAG,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;QAClF,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClC,OAAO,KAAK,CAAA;QACd,CAAC;QAED,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,YAAY,CAAC,CAAA;QAEpD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;YACnB,UAAU,EAAE,qCAAqC;YACjD,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,YAAY;YACtB,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE;gBACR,YAAY;gBACZ,WAAW,EAAE,OAAO,CAAC,KAAK;gBAC1B,gBAAgB,EAAE,gBAAgB,CAAC,MAAM;aAC1C;SACF,CAAC,CAAA;QAEF,OAAO,IAAI,CAAA;IACb,CAAC;IAED,6EAA6E;IAC7E,yDAAyD;IACzD,6EAA6E;IAE7E;;;;;;OAMG;IACH,MAAM,CAAC,OAA6B,EAAE,KAAoD;QACxF,iBAAiB,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAA;QAC/C,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACtC,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,OAA6B,EAAE,EAAU;QAC9C,iBAAiB,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAA;QAE/C,oCAAoC;QACpC,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,EAAE,CAAC,CAAA;QAE1C,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IACnC,CAAC;IAED,6EAA6E;IAC7E,kBAAkB;IAClB,6EAA6E;IAE7E;;;;;OAKG;IACK,wBAAwB,CAC9B,YAAoB,EACpB,SAOE;QAEF,MAAM,gBAAgB,GAAqB,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC/D,UAAU,EAAE,CAAC,CAAC,UAAU;YACxB,aAAa,EAAE,CAAC,CAAC,aAAa;YAC9B,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACjC,KAAK,EAAE,CAAC,CAAC,MAAM,IAAI,SAAS;SAC7B,CAAC,CAAC,CAAA;QAEH,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAA;QACtF,MAAM,UAAU,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;QACtD,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAA;QAE3D,OAAO;YACL,YAAY;YACZ,iBAAiB,EAAE,wBAAwB;YAC3C,gBAAgB;YAChB,UAAU;YACV,SAAS;YACT,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,cAAc,CAAC,WAAY,CAAC,CAAC,CAAC,CAAC,SAAS;SAChF,CAAA;IACH,CAAC;CACF"}
+{"version":3,"file":"QuarantineService.js","sourceRoot":"","sources":["../../../../src/services/quarantine/QuarantineService.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAWH,OAAO,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAA;AACtE,OAAO,EACL,uBAAuB,EACvB,wBAAwB,GACzB,MAAM,sCAAsC,CAAA;AAE7C,oDAAoD;AACpD,OAAO,EACL,uBAAuB,EACvB,wBAAwB,GACzB,MAAM,sCAAsC,CAAA;AAC7C,OAAO,EACL,wBAAwB,EACxB,yBAAyB,GAC1B,MAAM,sCAAsC,CAAA;AAE7C,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,OAAO,iBAAiB;IAET;IACA;IACA;IAHnB,YACmB,UAAgC,EAChC,kBAAsC,EACtC,WAAwB;QAFxB,eAAU,GAAV,UAAU,CAAsB;QAChC,uBAAkB,GAAlB,kBAAkB,CAAoB;QACtC,gBAAW,GAAX,WAAW,CAAa;IACxC,CAAC;IAEJ,6EAA6E;IAC7E,uDAAuD;IACvD,6EAA6E;IAE7E;;;;;;OAMG;IACH,QAAQ,CAAC,OAA6B,EAAE,EAAU;QAChD,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;IACrC,CAAC;IAED;;;;;;OAMG;IACH,aAAa,CAAC,OAA6B,EAAE,OAAe;QAC1D,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;IAC/C,CAAC;IAED;;;;;;OAMG;IACH,OAAO,CAAC,OAA6B,EAAE,MAAuD;QAC5F,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;IACxC,CAAC;IAED;;;;;OAKG;IACH,QAAQ,CAAC,OAA6B;QACpC,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAA;IACnC,CAAC;IAED,6EAA6E;IAC7E,2DAA2D;IAC3D,6EAA6E;IAE7E;;;;;;;;;;;;;;;OAeG;IACH,MAAM,CACJ,OAA6B,EAC7B,YAAoB,EACpB,KAA+B;QAE/B,iDAAiD;QACjD,iBAAiB,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAA;QAE/C,2BAA2B;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAA;QACpD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,sBAAsB,CAAC,+BAA+B,YAAY,EAAE,EAAE,WAAW,EAAE;gBAC3F,YAAY;aACb,CAAC,CAAA;QACJ,CAAC;QAED,4BAA4B;QAC5B,IAAI,KAAK,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACrC,MAAM,IAAI,sBAAsB,CAC9B,sCAAsC,KAAK,CAAC,YAAY,EAAE,EAC1D,kBAAkB,EAClB,EAAE,YAAY,EAAE,aAAa,EAAE,KAAK,CAAC,YAAY,EAAE,CACpD,CAAA;QACH,CAAC;QAED,0DAA0D;QAC1D,IAAI,KAAK,CAAC,QAAQ,KAAK,WAAW,IAAI,KAAK,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YACxE,OAAO,uBAAuB,CAC5B,OAAO,EACP,YAAY,EACZ,KAAK,CAAC,OAAO,EACb,KAAK,EACL,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,WAAW,CACjB,CAAA;QACH,CAAC;QAED,+EAA+E;QAC/E,IAAI,KAAK,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;YACnC,iBAAiB,CAAC,OAAO,EAAE,6BAA6B,CAAC,CAAA;QAC3D,CAAC;QAED,4CAA4C;QAC5C,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,YAAY,EAAE;YACxD,UAAU,EAAE,OAAO,CAAC,KAAK,EAAE,8BAA8B;YACzD,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B,CAAC,CAAA;QAEF,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,sBAAsB,CAAC,mCAAmC,EAAE,eAAe,EAAE;gBACrF,YAAY;aACb,CAAC,CAAA;QACJ,CAAC;QAED,4CAA4C;QAC5C,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;YACnB,UAAU,EAAE,iCAAiC;YAC7C,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,KAAK,CAAC,OAAO;YACvB,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE;gBACR,YAAY;gBACZ,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,QAAQ,EAAE;oBACR,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;oBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;iBACjC;gBACD,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,SAAS,EAAE,YAAY,CAAC,SAAS;aAClC;SACF,CAAC,CAAA;QAEF,OAAO;YACL,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,OAAO,EAAE,YAAY,CAAC,OAAO;YAC7B,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,SAAS,EAAE,YAAY,CAAC,SAAS;YACjC,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,UAAU,EAAE;gBACV,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC;SACF,CAAA;IACH,CAAC;IAED,6EAA6E;IAC7E,mCAAmC;IACnC,6EAA6E;IAE7E;;;;;;OAMG;IACH,sBAAsB,CACpB,OAA6B,EAC7B,YAAoB;QAEpB,iBAAiB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAA;QAE7C,MAAM,gBAAgB,GAAG,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;QAClF,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClC,OAAO,IAAI,CAAA;QACb,CAAC;QAED,OAAO,wBAAwB,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAA;IACjE,CAAC;IAED;;;;;;OAMG;IACH,mBAAmB,CAAC,OAA6B,EAAE,YAAoB;QACrE,iBAAiB,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAA;QAE9C,MAAM,gBAAgB,GAAG,IAAI,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;QAClF,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClC,OAAO,KAAK,CAAA;QACd,CAAC;QAED,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,YAAY,CAAC,CAAA;QAEpD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC;YACnB,UAAU,EAAE,qCAAqC;YACjD,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,YAAY;YACtB,MAAM,EAAE,QAAQ;YAChB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE;gBACR,YAAY;gBACZ,WAAW,EAAE,OAAO,CAAC,KAAK;gBAC1B,gBAAgB,EAAE,gBAAgB,CAAC,MAAM;aAC1C;SACF,CAAC,CAAA;QAEF,OAAO,IAAI,CAAA;IACb,CAAC;IAED,6EAA6E;IAC7E,yDAAyD;IACzD,6EAA6E;IAE7E;;;;;;OAMG;IACH,MAAM,CAAC,OAA6B,EAAE,KAAoD;QACxF,iBAAiB,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAA;QAC/C,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACtC,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,OAA6B,EAAE,EAAU;QAC9C,iBAAiB,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAA;QAE/C,oCAAoC;QACpC,IAAI,CAAC,kBAAkB,CAAC,cAAc,CAAC,EAAE,CAAC,CAAA;QAE1C,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IACnC,CAAC;CACF"}

package/dist/src/services/quarantine/QuarantineService.multiapproval.d.ts

@@ -0,0 +1,57 @@
+/**
+ * @fileoverview Multi-Approval Workflow for MALICIOUS Severity Quarantine
+ * @module @skillsmith/core/services/quarantine/QuarantineService.multiapproval
+ * @see SMI-2277: Persist multi-approval state to database
+ * @see SMI-2741: Split from QuarantineService.ts to meet 500-line standard
+ *
+ * Handles the multi-approval workflow required for MALICIOUS severity skills.
+ * MALICIOUS severity requires multiple independent reviewers to approve before
+ * a skill can be unquarantined, preventing single-reviewer compromise.
+ */
+import type { QuarantineRepository } from '../../repositories/quarantine/index.js';
+import type { ApprovalRepository } from '../../repositories/quarantine/ApprovalRepository.js';
+import type { AuditLogger } from '../../security/AuditLogger.js';
+import type { AuthenticatedSession, AuthenticatedReviewInput, AuthenticatedReviewResult, MultiApprovalStatus } from './types.js';
+/**
+ * Number of approvals required for MALICIOUS severity reviews
+ */
+export declare const MALICIOUS_APPROVAL_COUNT = 2;
+/**
+ * Multi-approval timeout in milliseconds (24 hours)
+ */
+export declare const MULTI_APPROVAL_TIMEOUT_MS: number;
+/**
+ * Handle approval for MALICIOUS severity skills
+ *
+ * MALICIOUS severity requires multiple reviewers to approve
+ * before a skill can be unquarantined. This prevents single
+ * reviewer compromise from allowing malicious skills.
+ *
+ * Approval state is persisted to the database (SMI-2277) so
+ * pending approvals survive service restarts.
+ *
+ * @param session - Authenticated session
+ * @param quarantineId - Quarantine entry ID
+ * @param skillId - Skill ID
+ * @param input - Review input
+ * @param repository - Quarantine repository
+ * @param approvalRepository - Approval repository
+ * @param auditLogger - Audit logger
+ * @returns Review result with multi-approval status
+ */
+export declare function handleMaliciousApproval(session: AuthenticatedSession, quarantineId: string, skillId: string, input: AuthenticatedReviewInput, repository: QuarantineRepository, approvalRepository: ApprovalRepository, auditLogger: AuditLogger): AuthenticatedReviewResult;
+/**
+ * Build a MultiApprovalStatus from database rows
+ *
+ * Converts persisted approval entries into the MultiApprovalStatus
+ * interface expected by consumers.
+ */
+export declare function buildMultiApprovalStatus(quarantineId: string, approvals: Array<{
+    reviewerId: string;
+    reviewerEmail: string;
+    createdAt: string;
+    completedAt: string | null;
+    reason: string | null;
+    isComplete: boolean;
+}>): MultiApprovalStatus;
+//# sourceMappingURL=QuarantineService.multiapproval.d.ts.map

package/dist/src/services/quarantine/QuarantineService.multiapproval.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"QuarantineService.multiapproval.d.ts","sourceRoot":"","sources":["../../../../src/services/quarantine/QuarantineService.multiapproval.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,wCAAwC,CAAA;AAClF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,qDAAqD,CAAA;AAC7F,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAA;AAChE,OAAO,KAAK,EACV,oBAAoB,EACpB,wBAAwB,EACxB,yBAAyB,EACzB,mBAAmB,EAEpB,MAAM,YAAY,CAAA;AAGnB;;GAEG;AACH,eAAO,MAAM,wBAAwB,IAAI,CAAA;AAEzC;;GAEG;AACH,eAAO,MAAM,yBAAyB,QAAsB,CAAA;AAE5D;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,oBAAoB,EAC7B,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,wBAAwB,EAC/B,UAAU,EAAE,oBAAoB,EAChC,kBAAkB,EAAE,kBAAkB,EACtC,WAAW,EAAE,WAAW,GACvB,yBAAyB,CAoK3B;AAED;;;;;GAKG;AACH,wBAAgB,wBAAwB,CACtC,YAAY,EAAE,MAAM,EACpB,SAAS,EAAE,KAAK,CAAC;IACf,UAAU,EAAE,MAAM,CAAA;IAClB,aAAa,EAAE,MAAM,CAAA;IACrB,SAAS,EAAE,MAAM,CAAA;IACjB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;IACrB,UAAU,EAAE,OAAO,CAAA;CACpB,CAAC,GACD,mBAAmB,CAoBrB"}

package/dist/src/services/quarantine/QuarantineService.multiapproval.js

@@ -0,0 +1,211 @@
+/**
+ * @fileoverview Multi-Approval Workflow for MALICIOUS Severity Quarantine
+ * @module @skillsmith/core/services/quarantine/QuarantineService.multiapproval
+ * @see SMI-2277: Persist multi-approval state to database
+ * @see SMI-2741: Split from QuarantineService.ts to meet 500-line standard
+ *
+ * Handles the multi-approval workflow required for MALICIOUS severity skills.
+ * MALICIOUS severity requires multiple independent reviewers to approve before
+ * a skill can be unquarantined, preventing single-reviewer compromise.
+ */
+import { QuarantineServiceError, requirePermission } from './types.js';
+/**
+ * Number of approvals required for MALICIOUS severity reviews
+ */
+export const MALICIOUS_APPROVAL_COUNT = 2;
+/**
+ * Multi-approval timeout in milliseconds (24 hours)
+ */
+export const MULTI_APPROVAL_TIMEOUT_MS = 24 * 60 * 60 * 1000;
+/**
+ * Handle approval for MALICIOUS severity skills
+ *
+ * MALICIOUS severity requires multiple reviewers to approve
+ * before a skill can be unquarantined. This prevents single
+ * reviewer compromise from allowing malicious skills.
+ *
+ * Approval state is persisted to the database (SMI-2277) so
+ * pending approvals survive service restarts.
+ *
+ * @param session - Authenticated session
+ * @param quarantineId - Quarantine entry ID
+ * @param skillId - Skill ID
+ * @param input - Review input
+ * @param repository - Quarantine repository
+ * @param approvalRepository - Approval repository
+ * @param auditLogger - Audit logger
+ * @returns Review result with multi-approval status
+ */
+export function handleMaliciousApproval(session, quarantineId, skillId, input, repository, approvalRepository, auditLogger) {
+    // Require elevated permission for MALICIOUS review
+    requirePermission(session, 'quarantine:review_malicious');
+    // Check if this reviewer already approved (database-backed)
+    if (approvalRepository.hasReviewerApproved(quarantineId, session.userId)) {
+        // Retrieve existing approval for error details
+        const existingApprovals = approvalRepository.getPendingApprovals(quarantineId);
+        const existing = existingApprovals.find((a) => a.reviewerId === session.userId);
+        throw new QuarantineServiceError('You have already approved this entry', 'ALREADY_REVIEWED', {
+            quarantineId,
+            previousApprovalAt: existing?.createdAt ?? 'unknown',
+        });
+    }
+    // Check for approval timeout
+    const startTime = approvalRepository.getWorkflowStartTime(quarantineId);
+    if (startTime) {
+        const timeSinceStart = Date.now() - new Date(startTime).getTime();
+        if (timeSinceStart > MULTI_APPROVAL_TIMEOUT_MS) {
+            // Capture existing approvals before clearing for audit
+            const expiredApprovals = approvalRepository.getPendingApprovals(quarantineId);
+            // Reset approval workflow
+            approvalRepository.clearApprovals(quarantineId);
+            // Log timeout event so cleared reviewer work is auditable
+            auditLogger.log({
+                event_type: 'quarantine_multi_approval_timeout',
+                actor: 'system',
+                resource: skillId,
+                action: 'timeout',
+                result: 'success',
+                metadata: {
+                    quarantineId,
+                    timeoutMs: MULTI_APPROVAL_TIMEOUT_MS,
+                    expiredApprovals: expiredApprovals.map((a) => ({
+                        reviewerId: a.reviewerId,
+                        email: a.reviewerEmail,
+                        approvedAt: a.createdAt,
+                    })),
+                    triggeredBy: {
+                        userId: session.userId,
+                        email: session.email,
+                    },
+                },
+            });
+            throw new QuarantineServiceError('Multi-approval workflow timed out. Please start again.', 'INVALID_INPUT', { quarantineId, timeoutMs: MULTI_APPROVAL_TIMEOUT_MS });
+        }
+    }
+    // Record this approval in the database
+    approvalRepository.recordApproval({
+        skillId: quarantineId,
+        reviewerId: session.userId,
+        reviewerEmail: session.email,
+        decision: 'approved',
+        reason: input.reviewNotes,
+        requiredApprovals: MALICIOUS_APPROVAL_COUNT,
+    });
+    // Get current approval count and all pending approvals
+    const pendingApprovals = approvalRepository.getPendingApprovals(quarantineId);
+    const approvalCount = pendingApprovals.filter((a) => a.decision === 'approved').length;
+    // Build the multi-approval status from database state
+    const approvalStatus = buildMultiApprovalStatus(quarantineId, pendingApprovals);
+    // Log the approval
+    auditLogger.log({
+        event_type: 'quarantine_multi_approval',
+        actor: 'reviewer',
+        resource: skillId,
+        action: 'approve',
+        result: 'success',
+        metadata: {
+            quarantineId,
+            approvalNumber: approvalCount,
+            requiredApprovals: MALICIOUS_APPROVAL_COUNT,
+            reviewer: {
+                userId: session.userId,
+                email: session.email,
+            },
+        },
+    });
+    // Check if we have enough approvals
+    if (approvalCount >= MALICIOUS_APPROVAL_COUNT) {
+        // Mark approvals as complete in database
+        approvalRepository.markComplete(quarantineId);
+        approvalStatus.isComplete = true;
+        approvalStatus.completedAt = new Date();
+        // Perform the actual review
+        const approverEmails = pendingApprovals
+            .filter((a) => a.decision === 'approved')
+            .map((a) => a.reviewerEmail);
+        const reviewResult = repository.review(quarantineId, {
+            reviewedBy: approverEmails.join(', '),
+            reviewStatus: 'approved',
+            reviewNotes: `Multi-approval complete: ${approvalCount} reviewers approved. ${input.reviewNotes || ''}`,
+        });
+        // Log completion
+        auditLogger.log({
+            event_type: 'quarantine_multi_approval_complete',
+            actor: 'reviewer',
+            resource: skillId,
+            action: 'complete',
+            result: 'success',
+            metadata: {
+                quarantineId,
+                approvals: pendingApprovals
+                    .filter((a) => a.decision === 'approved')
+                    .map((a) => ({
+                    reviewerId: a.reviewerId,
+                    email: a.reviewerEmail,
+                    approvedAt: a.createdAt,
+                })),
+            },
+        });
+        return {
+            success: true,
+            approved: true,
+            skillId,
+            severity: 'MALICIOUS',
+            canImport: reviewResult?.canImport ?? false,
+            warnings: [
+                'MALICIOUS skill approved through multi-approval workflow',
+                `Approved by: ${approverEmails.join(', ')}`,
+            ],
+            reviewedBy: {
+                userId: session.userId,
+                email: session.email,
+                displayName: session.displayName,
+            },
+            multiApprovalStatus: approvalStatus,
+        };
+    }
+    // Need more approvals
+    return {
+        success: true,
+        approved: false,
+        skillId,
+        severity: 'MALICIOUS',
+        canImport: false,
+        warnings: [
+            `Multi-approval in progress: ${approvalCount}/${MALICIOUS_APPROVAL_COUNT} approvals received`,
+            `Requires ${MALICIOUS_APPROVAL_COUNT - approvalCount} more approval(s)`,
+        ],
+        reviewedBy: {
+            userId: session.userId,
+            email: session.email,
+            displayName: session.displayName,
+        },
+        multiApprovalStatus: approvalStatus,
+    };
+}
+/**
+ * Build a MultiApprovalStatus from database rows
+ *
+ * Converts persisted approval entries into the MultiApprovalStatus
+ * interface expected by consumers.
+ */
+export function buildMultiApprovalStatus(quarantineId, approvals) {
+    const currentApprovals = approvals.map((a) => ({
+        reviewerId: a.reviewerId,
+        reviewerEmail: a.reviewerEmail,
+        approvedAt: new Date(a.createdAt),
+        notes: a.reason ?? undefined,
+    }));
+    const startedAt = approvals.length > 0 ? new Date(approvals[0].createdAt) : new Date();
+    const isComplete = approvals.some((a) => a.isComplete);
+    const completedEntry = approvals.find((a) => a.completedAt);
+    return {
+        quarantineId,
+        requiredApprovals: MALICIOUS_APPROVAL_COUNT,
+        currentApprovals,
+        isComplete,
+        startedAt,
+        completedAt: completedEntry ? new Date(completedEntry.completedAt) : undefined,
+    };
+}
+//# sourceMappingURL=QuarantineService.multiapproval.js.map

package/dist/src/services/quarantine/QuarantineService.multiapproval.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"QuarantineService.multiapproval.js","sourceRoot":"","sources":["../../../../src/services/quarantine/QuarantineService.multiapproval.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAYH,OAAO,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAA;AAEtE;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,CAAA;AAEzC;;GAEG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;AAE5D;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,uBAAuB,CACrC,OAA6B,EAC7B,YAAoB,EACpB,OAAe,EACf,KAA+B,EAC/B,UAAgC,EAChC,kBAAsC,EACtC,WAAwB;IAExB,mDAAmD;IACnD,iBAAiB,CAAC,OAAO,EAAE,6BAA6B,CAAC,CAAA;IAEzD,4DAA4D;IAC5D,IAAI,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACzE,+CAA+C;QAC/C,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;QAC9E,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;QAC/E,MAAM,IAAI,sBAAsB,CAAC,sCAAsC,EAAE,kBAAkB,EAAE;YAC3F,YAAY;YACZ,kBAAkB,EAAE,QAAQ,EAAE,SAAS,IAAI,SAAS;SACrD,CAAC,CAAA;IACJ,CAAC;IAED,6BAA6B;IAC7B,MAAM,SAAS,GAAG,kBAAkB,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAA;IACvE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAA;QACjE,IAAI,cAAc,GAAG,yBAAyB,EAAE,CAAC;YAC/C,uDAAuD;YACvD,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;YAE7E,0BAA0B;YAC1B,kBAAkB,CAAC,cAAc,CAAC,YAAY,CAAC,CAAA;YAE/C,0DAA0D;YAC1D,WAAW,CAAC,GAAG,CAAC;gBACd,UAAU,EAAE,mCAAmC;gBAC/C,KAAK,EAAE,QAAQ;gBACf,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,SAAS;gBACjB,MAAM,EAAE,SAAS;gBACjB,QAAQ,EAAE;oBACR,YAAY;oBACZ,SAAS,EAAE,yBAAyB;oBACpC,gBAAgB,EAAE,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;wBAC7C,UAAU,EAAE,CAAC,CAAC,UAAU;wBACxB,KAAK,EAAE,CAAC,CAAC,aAAa;wBACtB,UAAU,EAAE,CAAC,CAAC,SAAS;qBACxB,CAAC,CAAC;oBACH,WAAW,EAAE;wBACX,MAAM,EAAE,OAAO,CAAC,MAAM;wBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;qBACrB;iBACF;aACF,CAAC,CAAA;YAEF,MAAM,IAAI,sBAAsB,CAC9B,wDAAwD,EACxD,eAAe,EACf,EAAE,YAAY,EAAE,SAAS,EAAE,yBAAyB,EAAE,CACvD,CAAA;QACH,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,kBAAkB,CAAC,cAAc,CAAC;QAChC,OAAO,EAAE,YAAY;QACrB,UAAU,EAAE,OAAO,CAAC,MAAM;QAC1B,aAAa,EAAE,OAAO,CAAC,KAAK;QAC5B,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,KAAK,CAAC,WAAW;QACzB,iBAAiB,EAAE,wBAAwB;KAC5C,CAAC,CAAA;IAEF,uDAAuD;IACvD,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAA;IAC7E,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAA;IAEtF,sDAAsD;IACtD,MAAM,cAAc,GAAG,wBAAwB,CAAC,YAAY,EAAE,gBAAgB,CAAC,CAAA;IAE/E,mBAAmB;IACnB,WAAW,CAAC,GAAG,CAAC;QACd,UAAU,EAAE,2BAA2B;QACvC,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,OAAO;QACjB,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE;YACR,YAAY;YACZ,cAAc,EAAE,aAAa;YAC7B,iBAAiB,EAAE,wBAAwB;YAC3C,QAAQ,EAAE;gBACR,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;aACrB;SACF;KACF,CAAC,CAAA;IAEF,oCAAoC;IACpC,IAAI,aAAa,IAAI,wBAAwB,EAAE,CAAC;QAC9C,yCAAyC;QACzC,kBAAkB,CAAC,YAAY,CAAC,YAAY,CAAC,CAAA;QAC7C,cAAc,CAAC,UAAU,GAAG,IAAI,CAAA;QAChC,cAAc,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAA;QAEvC,4BAA4B;QAC5B,MAAM,cAAc,GAAG,gBAAgB;aACpC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;aACxC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAA;QAC9B,MAAM,YAAY,GAAG,UAAU,CAAC,MAAM,CAAC,YAAY,EAAE;YACnD,UAAU,EAAE,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC;YACrC,YAAY,EAAE,UAAU;YACxB,WAAW,EAAE,4BAA4B,aAAa,wBAAwB,KAAK,CAAC,WAAW,IAAI,EAAE,EAAE;SACxG,CAAC,CAAA;QAEF,iBAAiB;QACjB,WAAW,CAAC,GAAG,CAAC;YACd,UAAU,EAAE,oCAAoC;YAChD,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,OAAO;YACjB,MAAM,EAAE,UAAU;YAClB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE;gBACR,YAAY;gBACZ,SAAS,EAAE,gBAAgB;qBACxB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;qBACxC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACX,UAAU,EAAE,CAAC,CAAC,UAAU;oBACxB,KAAK,EAAE,CAAC,CAAC,aAAa;oBACtB,UAAU,EAAE,CAAC,CAAC,SAAS;iBACxB,CAAC,CAAC;aACN;SACF,CAAC,CAAA;QAEF,OAAO;YACL,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,IAAI;YACd,OAAO;YACP,QAAQ,EAAE,WAAW;YACrB,SAAS,EAAE,YAAY,EAAE,SAAS,IAAI,KAAK;YAC3C,QAAQ,EAAE;gBACR,0DAA0D;gBAC1D,gBAAgB,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAC5C;YACD,UAAU,EAAE;gBACV,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC;YACD,mBAAmB,EAAE,cAAc;SACpC,CAAA;IACH,CAAC;IAED,sBAAsB;IACtB,OAAO;QACL,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,KAAK;QACf,OAAO;QACP,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,KAAK;QAChB,QAAQ,EAAE;YACR,+BAA+B,aAAa,IAAI,wBAAwB,qBAAqB;YAC7F,YAAY,wBAAwB,GAAG,aAAa,mBAAmB;SACxE;QACD,UAAU,EAAE;YACV,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC;QACD,mBAAmB,EAAE,cAAc;KACpC,CAAA;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,wBAAwB,CACtC,YAAoB,EACpB,SAOE;IAEF,MAAM,gBAAgB,GAAqB,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/D,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,aAAa,EAAE,CAAC,CAAC,aAAa;QAC9B,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;QACjC,KAAK,EAAE,CAAC,CAAC,MAAM,IAAI,SAAS;KAC7B,CAAC,CAAC,CAAA;IAEH,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAA;IACtF,MAAM,UAAU,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;IACtD,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAA;IAE3D,OAAO;QACL,YAAY;QACZ,iBAAiB,EAAE,wBAAwB;QAC3C,gBAAgB;QAChB,UAAU;QACV,SAAS;QACT,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,cAAc,CAAC,WAAY,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAA;AACH,CAAC"}

package/dist/src/session/SessionManager.d.ts

@@ -2,6 +2,7 @@
  * Session Manager for Claude-Flow Memory Integration
  * SMI-641: Session ID Storage in Claude-Flow Memory
  * SMI-1518: V3 API Migration - Use direct API calls instead of spawn
+ * SMI-2741: Split to meet 500-line standard
  *
  * Manages session lifecycle with persistent storage in claude-flow memory
  * to enable context restoration across sessions.
@@ -10,6 +11,7 @@ import type { SessionData, Checkpoint } from './SessionContext.js';
 import type { CommandExecutor, SessionOptions } from './SessionManager.types.js';
 export type { CommandExecutor, MemoryResult, SessionOptions } from './SessionManager.types.js';
 export { DefaultCommandExecutor } from './SessionManager.helpers.js';
+export { storeMemoryEntry, retrieveMemoryEntry, deleteMemoryEntry, runPreTaskHook, runPostTaskHook, } from './SessionManager.memory.js';
 /**
  * Session Manager for claude-flow memory integration
  *
@@ -85,38 +87,5 @@ export declare class SessionManager {
      * Clear the current session pointer
      */
     private clearCurrentSession;
-    /**
-     * Store data in claude-flow memory
-     *
-     * SMI-674: Uses spawn() with argument array to prevent command injection
-     * SMI-1518: V3 API Migration - Use direct storeEntry() when available
-     */
-    private storeMemory;
-    /**
-     * Retrieve data from claude-flow memory
-     *
-     * SMI-674: Uses spawn() with argument array to prevent command injection
-     * SMI-1518: V3 API Migration - Use direct getEntry() when available
-     */
-    private retrieveMemory;
-    /**
-     * Delete data from claude-flow memory
-     *
-     * SMI-674: Uses spawn() with argument array to prevent command injection
-     * SMI-1518: V3 API Migration - Use callMCPTool('memory/delete') when available
-     */
-    private deleteMemory;
-    /**
-     * Run pre-task hook
-     * SMI-674: Uses spawn() with argument array to prevent command injection
-     * SMI-1518: V3 API Migration - Use callMCPTool('hooks/pre-task') when available
-     */
-    private runPreTaskHook;
-    /**
-     * Run post-task hook
-     * SMI-674: Uses spawn() with argument array to prevent command injection
-     * SMI-1518: V3 API Migration - Use callMCPTool('hooks/post-task') when available
-     */
-    private runPostTaskHook;
 }
 //# sourceMappingURL=SessionManager.d.ts.map

package/dist/src/session/SessionManager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SessionManager.d.ts","sourceRoot":"","sources":["../../../src/session/SessionManager.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAGlE,OAAO,KAAK,EAAE,eAAe,EAAgB,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAe9F,YAAY,EAAE,eAAe,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAC9F,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAA;AAEpE;;;;;;;;;;;;GAYG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAiB;IACjC,OAAO,CAAC,cAAc,CAA2B;IAEjD;;;OAGG;IACH,OAAO,CAAC,WAAW,CAAmC;gBAE1C,QAAQ,CAAC,EAAE,eAAe;IAItC;;;OAGG;YACW,QAAQ;IAiBtB;;OAEG;IACH,iBAAiB,IAAI,MAAM;IAI3B;;OAEG;IACG,YAAY,CAAC,OAAO,GAAE,cAAmB,GAAG,OAAO,CAAC,WAAW,CAAC;IA6BtE;;;;;OAKG;IACG,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAoDhE;;;OAGG;IACG,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAezD;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAiBjC;;OAEG;IACH,iBAAiB,IAAI,WAAW,GAAG,IAAI;IAIvC;;OAEG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAehE;;OAEG;IACG,mBAAmB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAenD;;OAEG;YACW,YAAY;IAM1B;;OAEG;YACW,iBAAiB;IAI/B;;OAEG;YACW,mBAAmB;IAIjC;;;;;OAKG;YACW,WAAW;IA4CzB;;;;;OAKG;YACW,cAAc;IAgD5B;;;;;OAKG;YACW,YAAY;IA4C1B;;;;OAIG;YACW,cAAc;IAwC5B;;;;OAIG;YACW,eAAe;CA6B9B"}
+{"version":3,"file":"SessionManager.d.ts","sourceRoot":"","sources":["../../../src/session/SessionManager.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AAGlE,OAAO,KAAK,EAAE,eAAe,EAAgB,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAgB9F,YAAY,EAAE,eAAe,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAC9F,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAA;AACpE,OAAO,EACL,gBAAgB,EAChB,mBAAmB,EACnB,iBAAiB,EACjB,cAAc,EACd,eAAe,GAChB,MAAM,4BAA4B,CAAA;AAEnC;;;;;;;;;;;;GAYG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAiB;IACjC,OAAO,CAAC,cAAc,CAA2B;IAEjD;;;OAGG;IACH,OAAO,CAAC,WAAW,CAAmC;gBAE1C,QAAQ,CAAC,EAAE,eAAe;IAItC;;;OAGG;YACW,QAAQ;IAiBtB;;OAEG;IACH,iBAAiB,IAAI,MAAM;IAI3B;;OAEG;IACG,YAAY,CAAC,OAAO,GAAE,cAAmB,GAAG,OAAO,CAAC,WAAW,CAAC;IA6BtE;;;;;OAKG;IACG,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAqDhE;;;OAGG;IACG,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAezD;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAiBjC;;OAEG;IACH,iBAAiB,IAAI,WAAW,GAAG,IAAI;IAIvC;;OAEG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAehE;;OAEG;IACG,mBAAmB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAenD;;OAEG;YACW,YAAY;IAM1B;;OAEG;YACW,iBAAiB;IAI/B;;OAEG;YACW,mBAAmB;CAGlC"}