@sonicjs-cms/core 2.14.0 → 2.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (86) hide show
  1. package/dist/admin-layout-catalyst.template-HFD37TY5.cjs +17 -0
  2. package/dist/admin-layout-catalyst.template-HFD37TY5.cjs.map +1 -0
  3. package/dist/admin-layout-catalyst.template-UMTIN66R.js +7 -0
  4. package/dist/admin-layout-catalyst.template-UMTIN66R.js.map +1 -0
  5. package/dist/{chunk-3QCEYJLK.cjs → chunk-4ZSNJDLS.cjs} +9 -9
  6. package/dist/{chunk-3QCEYJLK.cjs.map → chunk-4ZSNJDLS.cjs.map} +1 -1
  7. package/dist/chunk-55RDMDOP.js +684 -0
  8. package/dist/chunk-55RDMDOP.js.map +1 -0
  9. package/dist/{chunk-6FHNRRJ3.cjs → chunk-635JAMSE.cjs} +76 -17
  10. package/dist/chunk-635JAMSE.cjs.map +1 -0
  11. package/dist/{chunk-DRWSHIFG.cjs → chunk-6ENX7QSA.cjs} +228 -658
  12. package/dist/chunk-6ENX7QSA.cjs.map +1 -0
  13. package/dist/{chunk-56GUBLJE.cjs → chunk-ABB34XUS.cjs} +13 -13
  14. package/dist/{chunk-56GUBLJE.cjs.map → chunk-ABB34XUS.cjs.map} +1 -1
  15. package/dist/{chunk-YYMPHM3I.cjs → chunk-CZ6BVQZX.cjs} +19 -9
  16. package/dist/chunk-CZ6BVQZX.cjs.map +1 -0
  17. package/dist/{chunk-J5WGMRSU.js → chunk-EXNEW5US.js} +76 -17
  18. package/dist/chunk-EXNEW5US.js.map +1 -0
  19. package/dist/{chunk-H3XXBAMO.js → chunk-INSDRCG3.js} +722 -212
  20. package/dist/chunk-INSDRCG3.js.map +1 -0
  21. package/dist/{chunk-GAVTTYMC.js → chunk-MVSCB4E3.js} +3 -3
  22. package/dist/{chunk-GAVTTYMC.js.map → chunk-MVSCB4E3.js.map} +1 -1
  23. package/dist/{chunk-KZ2MFGET.cjs → chunk-OCLUXJ7E.cjs} +9 -2
  24. package/dist/chunk-OCLUXJ7E.cjs.map +1 -0
  25. package/dist/{chunk-QP3OHHON.cjs → chunk-OHYBNCVL.cjs} +18 -696
  26. package/dist/chunk-OHYBNCVL.cjs.map +1 -0
  27. package/dist/{chunk-CB7ONLGB.js → chunk-ON5ZMSU4.js} +3 -3
  28. package/dist/{chunk-CB7ONLGB.js.map → chunk-ON5ZMSU4.js.map} +1 -1
  29. package/dist/{chunk-I6FFGQIT.cjs → chunk-Q5VFZUXV.cjs} +723 -211
  30. package/dist/chunk-Q5VFZUXV.cjs.map +1 -0
  31. package/dist/{chunk-2MXF4RYZ.js → chunk-TFNTM3OA.js} +3 -3
  32. package/dist/{chunk-2MXF4RYZ.js.map → chunk-TFNTM3OA.js.map} +1 -1
  33. package/dist/chunk-UYJ6TJHX.cjs +691 -0
  34. package/dist/chunk-UYJ6TJHX.cjs.map +1 -0
  35. package/dist/{chunk-JKNKO6LA.js → chunk-VFQUULAV.js} +9 -2
  36. package/dist/chunk-VFQUULAV.js.map +1 -0
  37. package/dist/{chunk-23DP6TO5.js → chunk-WLSIUKNM.js} +44 -474
  38. package/dist/chunk-WLSIUKNM.js.map +1 -0
  39. package/dist/{chunk-JTUCC6WZ.js → chunk-XWIA3HVX.js} +9 -683
  40. package/dist/chunk-XWIA3HVX.js.map +1 -0
  41. package/dist/{chunk-AFGOH2F6.js → chunk-Y5EH32F5.js} +15 -5
  42. package/dist/chunk-Y5EH32F5.js.map +1 -0
  43. package/dist/{chunk-YULUPQZV.cjs → chunk-YQW2GCJ3.cjs} +3 -3
  44. package/dist/{chunk-YULUPQZV.cjs.map → chunk-YQW2GCJ3.cjs.map} +1 -1
  45. package/dist/index.cjs +1591 -236
  46. package/dist/index.cjs.map +1 -1
  47. package/dist/index.d.cts +2 -2
  48. package/dist/index.d.ts +2 -2
  49. package/dist/index.js +1464 -109
  50. package/dist/index.js.map +1 -1
  51. package/dist/middleware.cjs +29 -29
  52. package/dist/middleware.js +3 -3
  53. package/dist/migrations-7HQ7LYAL.js +4 -0
  54. package/dist/{migrations-WKONKRN7.js.map → migrations-7HQ7LYAL.js.map} +1 -1
  55. package/dist/migrations-SVQTT7NV.cjs +13 -0
  56. package/dist/{migrations-F7KVA74T.cjs.map → migrations-SVQTT7NV.cjs.map} +1 -1
  57. package/dist/{plugin-bootstrap-BGwBraaN.d.cts → plugin-bootstrap-DfVerYV4.d.cts} +2 -1
  58. package/dist/{plugin-bootstrap-Drns7X9w.d.ts → plugin-bootstrap-P_ciLp_C.d.ts} +2 -1
  59. package/dist/plugins.cjs +11 -11
  60. package/dist/plugins.js +2 -2
  61. package/dist/routes.cjs +31 -30
  62. package/dist/routes.js +8 -7
  63. package/dist/services.cjs +23 -23
  64. package/dist/services.d.cts +1 -1
  65. package/dist/services.d.ts +1 -1
  66. package/dist/services.js +2 -2
  67. package/dist/templates.cjs +26 -25
  68. package/dist/templates.js +3 -2
  69. package/dist/utils.cjs +11 -11
  70. package/dist/utils.js +1 -1
  71. package/migrations/036_analytics_events.sql +22 -0
  72. package/package.json +1 -1
  73. package/dist/chunk-23DP6TO5.js.map +0 -1
  74. package/dist/chunk-6FHNRRJ3.cjs.map +0 -1
  75. package/dist/chunk-AFGOH2F6.js.map +0 -1
  76. package/dist/chunk-DRWSHIFG.cjs.map +0 -1
  77. package/dist/chunk-H3XXBAMO.js.map +0 -1
  78. package/dist/chunk-I6FFGQIT.cjs.map +0 -1
  79. package/dist/chunk-J5WGMRSU.js.map +0 -1
  80. package/dist/chunk-JKNKO6LA.js.map +0 -1
  81. package/dist/chunk-JTUCC6WZ.js.map +0 -1
  82. package/dist/chunk-KZ2MFGET.cjs.map +0 -1
  83. package/dist/chunk-QP3OHHON.cjs.map +0 -1
  84. package/dist/chunk-YYMPHM3I.cjs.map +0 -1
  85. package/dist/migrations-F7KVA74T.cjs +0 -13
  86. package/dist/migrations-WKONKRN7.js +0 -4
package/dist/{chunk-YYMPHM3I.cjs → chunk-CZ6BVQZX.cjs} RENAMED
@@ -1,7 +1,7 @@
1
1
  'use strict';
2
2
 
3
- var chunkI6FFGQIT_cjs = require('./chunk-I6FFGQIT.cjs');
4
- var chunkKZ2MFGET_cjs = require('./chunk-KZ2MFGET.cjs');
3
+ var chunkQ5VFZUXV_cjs = require('./chunk-Q5VFZUXV.cjs');
4
+ var chunkOCLUXJ7E_cjs = require('./chunk-OCLUXJ7E.cjs');
5
5
  var chunkRCQ2HIQD_cjs = require('./chunk-RCQ2HIQD.cjs');
6
6
  var jwt = require('hono/jwt');
7
7
  var cookie = require('hono/cookie');
@@ -57,23 +57,23 @@ function bootstrapMiddleware(config = {}) {
57
57
  try {
58
58
  console.log("[Bootstrap] Starting system initialization...");
59
59
  console.log("[Bootstrap] Running database migrations...");
60
- const migrationService = new chunkKZ2MFGET_cjs.MigrationService(c.env.DB);
60
+ const migrationService = new chunkOCLUXJ7E_cjs.MigrationService(c.env.DB);
61
61
  await migrationService.runPendingMigrations();
62
62
  console.log("[Bootstrap] Syncing collection configurations...");
63
63
  try {
64
- await chunkI6FFGQIT_cjs.syncCollections(c.env.DB);
64
+ await chunkQ5VFZUXV_cjs.syncCollections(c.env.DB);
65
65
  } catch (error) {
66
66
  console.error("[Bootstrap] Error syncing collections:", error);
67
67
  }
68
68
  console.log("[Bootstrap] Syncing form collections...");
69
69
  try {
70
- await chunkI6FFGQIT_cjs.syncAllFormCollections(c.env.DB);
70
+ await chunkQ5VFZUXV_cjs.syncAllFormCollections(c.env.DB);
71
71
  } catch (error) {
72
72
  console.error("[Bootstrap] Error syncing form collections:", error);
73
73
  }
74
74
  if (!config.plugins?.disableAll) {
75
75
  console.log("[Bootstrap] Bootstrapping core plugins...");
76
- const bootstrapService = new chunkI6FFGQIT_cjs.PluginBootstrapService(c.env.DB);
76
+ const bootstrapService = new chunkQ5VFZUXV_cjs.PluginBootstrapService(c.env.DB);
77
77
  const needsBootstrap = await bootstrapService.isBootstrapNeeded();
78
78
  if (needsBootstrap) {
79
79
  await bootstrapService.bootstrapCorePlugins();
@@ -371,7 +371,12 @@ var DEFAULT_EXEMPT_PATHS = [
371
371
  "/auth/seed-admin",
372
372
  "/auth/accept-invitation",
373
373
  "/auth/reset-password",
374
- "/auth/request-password-reset"
374
+ "/auth/request-password-reset",
375
+ "/auth/otp",
376
+ "/auth/magic-link",
377
+ "/auth/verify",
378
+ "/api/stripe/webhook",
379
+ "/api/events"
375
380
  ];
376
381
  function isExemptPath(path, extraExemptPaths = []) {
377
382
  if (path.startsWith("/forms/") || path.startsWith("/api/forms/") || path === "/forms" || path === "/api/forms") {
@@ -412,6 +417,11 @@ function csrfProtection(options = {}) {
412
417
  await next();
413
418
  return;
414
419
  }
420
+ const authHeader = c.req.header("Authorization");
421
+ if (authHeader) {
422
+ await next();
423
+ return;
424
+ }
415
425
  const cookieToken = cookie.getCookie(c, "csrf_token");
416
426
  let headerToken = c.req.header("X-CSRF-Token");
417
427
  if (!headerToken) {
@@ -570,5 +580,5 @@ exports.securityHeadersMiddleware = securityHeadersMiddleware;
570
580
  exports.securityLoggingMiddleware = securityLoggingMiddleware;
571
581
  exports.validateCsrfToken = validateCsrfToken;
572
582
  exports.verifySecurityConfig = verifySecurityConfig;
573
- //# sourceMappingURL=chunk-YYMPHM3I.cjs.map
574
- //# sourceMappingURL=chunk-YYMPHM3I.cjs.map
583
+ //# sourceMappingURL=chunk-CZ6BVQZX.cjs.map
584
+ //# sourceMappingURL=chunk-CZ6BVQZX.cjs.map
package/dist/chunk-CZ6BVQZX.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/middleware/bootstrap.ts","../src/middleware/auth.ts","../src/middleware/metrics.ts","../src/middleware/csrf.ts","../src/middleware/rate-limit.ts","../src/middleware/security-headers.ts","../src/middleware/index.ts"],"names":["MigrationService","syncCollections","syncAllFormCollections","PluginBootstrapService","sign","verify","result","setCookie","getCookie","metricsTracker","JWT_SECRET_FALLBACK"],"mappings":";;;;;;;;;AAgBA,IAAI,iBAAA,GAAoB,KAAA;AAOjB,SAAS,qBAAqB,GAAA,EAAqB;AACxD,EAAA,MAAM,WAAqB,EAAC;AAG5B,EAAA,IAAI,CAAC,IAAI,UAAA,EAAY;AACnB,IAAA,QAAA,CAAS,IAAA;AAAA,MACP;AAAA,KACF;AAAA,EACF,CAAA,MAAA,IAAW,GAAA,CAAI,UAAA,CAAW,QAAA,CAAS,sBAAsB,CAAA,EAAG;AAC1D,IAAA,QAAA,CAAS,IAAA;AAAA,MACP;AAAA,KACF;AAAA,EACF;AAGA,EAAA,IAAI,CAAC,IAAI,YAAA,EAAc;AACrB,IAAA,QAAA,CAAS,IAAA;AAAA,MACP;AAAA,KACF;AAAA,EACF;AAGA,EAAA,IAAI,CAAC,IAAI,WAAA,EAAa;AACpB,IAAA,QAAA,CAAS,IAAA;AAAA,MACP;AAAA,KACF;AAAA,EACF;AAEA,EAAA,IAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AACzB,IAAA;AAAA,EACF;AAEA,EAAA,MAAM,YAAA,GAAe,IAAI,WAAA,KAAgB,YAAA;AAEzC,EAAA,KAAA,MAAW,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,mBAAA,EAAsB,OAAO,CAAA,CAAE,CAAA;AAAA,EAC9C;AAEA,EAAA,IAAI,YAAA,EAAc;AAGhB,IAAA,MAAM,cACJ,CAAC,GAAA,CAAI,cAAc,GAAA,CAAI,UAAA,CAAW,SAAS,sBAAsB,CAAA;AACnE,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OAEF;AAAA,IACF;AAAA,EACF;AACF;AAMO,SAAS,mBAAA,CAAoB,MAAA,GAAwB,EAAC,EAAG;AAC9D,EAAA,OAAO,OAAO,GAAoC,IAAA,KAAe;AAE/D,IAAA,IAAI,iBAAA,EAAmB;AACrB,MAAA,OAAO,IAAA,EAAK;AAAA,IACd;AAGA,IAAA,MAAM,IAAA,GAAO,EAAE,GAAA,CAAI,IAAA;AACnB,IAAA,IACE,IAAA,CAAK,UAAA,CAAW,UAAU,CAAA,IAC1B,IAAA,CAAK,UAAA,CAAW,UAAU,CAAA,IAC1B,IAAA,KAAS,SAAA,IACT,IAAA,CAAK,QAAA,CAAS,KAAK,CAAA,IACnB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,EACpB;AACA,MAAA,OAAO,IAAA,EAAK;AAAA,IACd;AAEA,IAAA,IAAI;AACF,MAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAG3D,MAAA,OAAA,CAAQ,IAAI,4CAA4C,CAAA;AACxD,MAAA,MAAM,gBAAA,GAAmB,IAAIA,kCAAA,CAAiB,CAAA,CAAE,IAAI,EAAE,CAAA;AACtD,MAAA,MAAM,iBAAiB,oBAAA,EAAqB;AAG5C,MAAA,OAAA,CAAQ,IAAI,kDAAkD,CAAA;AAC9D,MAAA,IAAI;AACF,QAAA,MAAMC,iCAAA,CAAgB,CAAA,CAAE,GAAA,CAAI,EAAE,CAAA;AAAA,MAChC,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,0CAA0C,KAAK,CAAA;AAAA,MAE/D;AAGA,MAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,MAAA,IAAI;AACF,QAAA,MAAMC,wCAAA,CAAuB,CAAA,CAAE,GAAA,CAAI,EAAE,CAAA;AAAA,MACvC,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,+CAA+C,KAAK,CAAA;AAAA,MACpE;AAGA,MAAA,IAAI,CAAC,MAAA,CAAO,OAAA,EAAS,UAAA,EAAY;AAC/B,QAAA,OAAA,CAAQ,IAAI,2CAA2C,CAAA;AACvD,QAAA,MAAM,gBAAA,GAAmB,IAAIC,wCAAA,CAAuB,CAAA,CAAE,IAAI,EAAE,CAAA;AAG5D,QAAA,MAAM,cAAA,GAAiB,MAAM,gBAAA,CAAiB,iBAAA,EAAkB;AAChE,QAAA,IAAI,cAAA,EAAgB;AAClB,UAAA,MAAM,iBAAiB,oBAAA,EAAqB;AAAA,QAC9C;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AAAA,MACzE;AAGA,MAAA,iBAAA,GAAoB,IAAA;AACpB,MAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,IAC3D,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,mDAAmD,KAAK,CAAA;AAAA,IAExE;AAIA,IAAA,oBAAA,CAAqB,EAAE,GAAe,CAAA;AAEtC,IAAA,OAAO,IAAA,EAAK;AAAA,EACd,CAAA;AACF;AC7IA,IAAM,mBAAA,GAAsB,gDAAA;AAErB,IAAM,cAAN,MAAkB;AAAA,EACvB,aAAa,aAAA,CAAc,MAAA,EAAgB,KAAA,EAAe,MAAc,MAAA,EAAkC;AACxG,IAAA,MAAM,OAAA,GAAsB;AAAA,MAC1B,MAAA;AAAA,MACA,KAAA;AAAA,MACA,IAAA;AAAA,MACA,GAAA,EAAK,KAAK,KAAA,CAAM,IAAA,CAAK,KAAI,GAAI,GAAI,CAAA,GAAK,EAAA,GAAK,EAAA,GAAK,EAAA;AAAA;AAAA,MAChD,KAAK,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI;AAAA,KACnC;AAEA,IAAA,OAAO,MAAMC,QAAA,CAAK,OAAA,EAAS,MAAA,IAAU,qBAAqB,OAAO,CAAA;AAAA,EACnE;AAAA,EAEA,aAAa,WAAA,CAAY,KAAA,EAAe,MAAA,EAA6C;AACnF,IAAA,IAAI;AACF,MAAA,MAAM,UAAU,MAAMC,UAAA,CAAO,KAAA,EAAO,MAAA,IAAU,qBAAqB,OAAO,CAAA;AAG1E,MAAA,IAAI,OAAA,CAAQ,MAAM,IAAA,CAAK,KAAA,CAAM,KAAK,GAAA,EAAI,GAAI,GAAI,CAAA,EAAG;AAC/C,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO,OAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8BAA8B,KAAK,CAAA;AACjD,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,aAAa,aAAa,QAAA,EAAmC;AAC3D,IAAA,MAAM,UAAA,GAAa,GAAA;AACnB,IAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,EAAE,CAAA;AAC9B,IAAA,MAAA,CAAO,gBAAgB,IAAI,CAAA;AAE3B,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,WAAA,GAAc,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MACtC,KAAA;AAAA,MACA,OAAA,CAAQ,OAAO,QAAQ,CAAA;AAAA,MACvB,QAAA;AAAA,MACA,KAAA;AAAA,MACA,CAAC,YAAY;AAAA,KACf;AAEA,IAAA,MAAM,UAAA,GAAa,MAAM,MAAA,CAAO,MAAA,CAAO,UAAA;AAAA,MACrC;AAAA,QACE,IAAA,EAAM,QAAA;AAAA,QACN,IAAA;AAAA,QACA,UAAA;AAAA,QACA,IAAA,EAAM;AAAA,OACR;AAAA,MACA,WAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,MAAM,UAAU,KAAA,CAAM,IAAA,CAAK,IAAI,CAAA,CAAE,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAClF,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,IAAI,WAAW,UAAU,CAAC,EAAE,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAExG,IAAA,OAAO,CAAA,OAAA,EAAU,UAAU,CAAA,CAAA,EAAI,OAAO,IAAI,OAAO,CAAA,CAAA;AAAA,EACnD;AAAA,EAEA,aAAa,mBAAmB,QAAA,EAAmC;AACjE,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAA,GAAW,2BAA2B,CAAA;AAClE,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,IAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACvD,IAAA,OAAO,SAAA,CAAU,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAAA,EACpE;AAAA,EAEA,aAAa,cAAA,CAAe,QAAA,EAAkB,UAAA,EAAsC;AAClF,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AAEpC,MAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA;AAClC,MAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,KAAA;AAE/B,MAAA,MAAM,aAAA,GAAgB,MAAM,CAAC,CAAA;AAC7B,MAAA,MAAM,OAAA,GAAU,MAAM,CAAC,CAAA;AACvB,MAAA,MAAM,eAAA,GAAkB,MAAM,CAAC,CAAA;AAC/B,MAAA,MAAM,UAAA,GAAa,QAAA,CAAS,aAAA,EAAe,EAAE,CAAA;AAE7C,MAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,KAAA,CAAM,OAAO,CAAA;AACvC,MAAA,IAAI,CAAC,WAAW,OAAO,KAAA;AACvB,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAA,CAAU,GAAA,CAAI,UAAQ,QAAA,CAAS,IAAA,EAAM,EAAE,CAAC,CAAC,CAAA;AAErE,MAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,MAAA,MAAM,WAAA,GAAc,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,QACtC,KAAA;AAAA,QACA,OAAA,CAAQ,OAAO,QAAQ,CAAA;AAAA,QACvB,QAAA;AAAA,QACA,KAAA;AAAA,QACA,CAAC,YAAY;AAAA,OACf;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,MAAA,CAAO,MAAA,CAAO,UAAA;AAAA,QACrC;AAAA,UACE,IAAA,EAAM,QAAA;AAAA,UACN,IAAA;AAAA,UACA,UAAA;AAAA,UACA,IAAA,EAAM;AAAA,SACR;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,MAAM,aAAA,GAAgB,MAAM,IAAA,CAAK,IAAI,WAAW,UAAU,CAAC,EAAE,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAG9G,MAAA,IAAI,aAAA,CAAc,MAAA,KAAW,eAAA,CAAgB,MAAA,EAAQ,OAAO,KAAA;AAC5D,MAAA,IAAIC,OAAAA,GAAS,CAAA;AACb,MAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,aAAA,CAAc,QAAQ,CAAA,EAAA,EAAK;AAC7C,QAAAA,WAAU,aAAA,CAAc,UAAA,CAAW,CAAC,CAAA,GAAI,eAAA,CAAgB,WAAW,CAAC,CAAA;AAAA,MACtE;AACA,MAAA,OAAOA,OAAAA,KAAW,CAAA;AAAA,IACpB;AAGA,IAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,CAAA;AAEzD,IAAA,IAAI,UAAA,CAAW,MAAA,KAAW,UAAA,CAAW,MAAA,EAAQ,OAAO,KAAA;AACpD,IAAA,IAAI,MAAA,GAAS,CAAA;AACb,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,UAAA,CAAW,QAAQ,CAAA,EAAA,EAAK;AAC1C,MAAA,MAAA,IAAU,WAAW,UAAA,CAAW,CAAC,CAAA,GAAI,UAAA,CAAW,WAAW,CAAC,CAAA;AAAA,IAC9D;AACA,IAAA,OAAO,MAAA,KAAW,CAAA;AAAA,EACpB;AAAA,EAEA,OAAO,aAAa,UAAA,EAA6B;AAC/C,IAAA,OAAO,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,aAAA,CAAc,CAAA,EAAY,KAAA,EAAe,OAAA,EAKvC;AACP,IAAAC,gBAAA,CAAU,CAAA,EAAG,cAAc,KAAA,EAAO;AAAA,MAChC,QAAA,EAAU,SAAS,QAAA,IAAY,IAAA;AAAA,MAC/B,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,QAAA,EAAU,SAAS,QAAA,IAAY,QAAA;AAAA,MAC/B,MAAA,EAAQ,OAAA,EAAS,MAAA,IAAW,EAAA,GAAK,EAAA,GAAK;AAAA;AAAA,KACvC,CAAA;AAAA,EACH;AACF;AAGO,IAAM,cAAc,MAAM;AAC/B,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,IAAI;AAEF,MAAA,IAAI,KAAA,GAAQ,EAAE,GAAA,CAAI,MAAA,CAAO,eAAe,CAAA,EAAG,OAAA,CAAQ,WAAW,EAAE,CAAA;AAGhE,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,KAAA,GAAQC,gBAAA,CAAU,GAAG,YAAY,CAAA;AAAA,MACnC;AAEA,MAAA,IAAI,CAAC,KAAA,EAAO;AAEV,QAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,QAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,UAAA,OAAO,CAAA,CAAE,SAAS,yDAAyD,CAAA;AAAA,QAC7E;AACA,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,yBAAA,IAA6B,GAAG,CAAA;AAAA,MACzD;AAGA,MAAA,MAAM,EAAA,GAAK,EAAE,GAAA,EAAK,EAAA;AAClB,MAAA,IAAI,OAAA,GAA6B,IAAA;AAEjC,MAAA,IAAI,EAAA,EAAI;AACN,QAAA,MAAM,WAAW,CAAA,KAAA,EAAQ,KAAA,CAAM,SAAA,CAAU,CAAA,EAAG,EAAE,CAAC,CAAA,CAAA;AAC/C,QAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,GAAA,CAAI,UAAU,MAAM,CAAA;AAC5C,QAAA,IAAI,MAAA,EAAQ;AACV,UAAA,OAAA,GAAU,MAAA;AAAA,QACZ;AAAA,MACF;AAGA,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,SAAA,GAAa,EAAE,GAAA,EAAa,UAAA;AAClC,QAAA,OAAA,GAAU,MAAM,WAAA,CAAY,WAAA,CAAY,KAAA,EAAO,SAAS,CAAA;AAGxD,QAAA,IAAI,WAAW,EAAA,EAAI;AACjB,UAAA,MAAM,WAAW,CAAA,KAAA,EAAQ,KAAA,CAAM,SAAA,CAAU,CAAA,EAAG,EAAE,CAAC,CAAA,CAAA;AAC/C,UAAA,MAAM,EAAA,CAAG,GAAA,CAAI,QAAA,EAAU,IAAA,CAAK,SAAA,CAAU,OAAO,CAAA,EAAG,EAAE,aAAA,EAAe,GAAA,EAAK,CAAA;AAAA,QACxE;AAAA,MACF;AAEA,MAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,QAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,QAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,UAAA,OAAO,CAAA,CAAE,SAAS,gEAAgE,CAAA;AAAA,QACpF;AACA,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,0BAAA,IAA8B,GAAG,CAAA;AAAA,MAC1D;AAGA,MAAA,CAAA,CAAE,GAAA,CAAI,QAAQ,OAAO,CAAA;AAErB,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,0BAA0B,KAAK,CAAA;AAE7C,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,6DAA6D,CAAA;AAAA,MACjF;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,uBAAA,IAA2B,GAAG,CAAA;AAAA,IACvD;AAAA,EACF,CAAA;AACF;AAGO,IAAM,WAAA,GAAc,CAAC,YAAA,KAAoC;AAC9D,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,IAAA,GAAO,CAAA,CAAE,GAAA,CAAI,MAAM,CAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,EAAM;AAET,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,yDAAyD,CAAA;AAAA,MAC7E;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,yBAAA,IAA6B,GAAG,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,QAAQ,KAAA,CAAM,OAAA,CAAQ,YAAY,CAAA,GAAI,YAAA,GAAe,CAAC,YAAY,CAAA;AAExE,IAAA,IAAI,CAAC,KAAA,CAAM,QAAA,CAAS,IAAA,CAAK,IAAI,CAAA,EAAG;AAE9B,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,kEAAkE,CAAA;AAAA,MACtF;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,0BAAA,IAA8B,GAAG,CAAA;AAAA,IAC1D;AAEA,IAAA,OAAO,MAAM,IAAA,EAAK;AAAA,EACpB,CAAA;AACF;AAGO,IAAM,eAAe,MAAM;AAChC,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,IAAI;AACF,MAAA,IAAI,KAAA,GAAQ,EAAE,GAAA,CAAI,MAAA,CAAO,eAAe,CAAA,EAAG,OAAA,CAAQ,WAAW,EAAE,CAAA;AAEhE,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,KAAA,GAAQA,gBAAA,CAAU,GAAG,YAAY,CAAA;AAAA,MACnC;AAEA,MAAA,IAAI,KAAA,EAAO;AACT,QAAA,MAAM,SAAA,GAAa,EAAE,GAAA,EAAa,UAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAM,WAAA,CAAY,WAAA,CAAY,OAAO,SAAS,CAAA;AAC9D,QAAA,IAAI,OAAA,EAAS;AACX,UAAA,CAAA,CAAE,GAAA,CAAI,QAAQ,OAAO,CAAA;AAAA,QACvB;AAAA,MACF;AAEA,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB,SAAS,KAAA,EAAO;AAEd,MAAA,OAAA,CAAQ,KAAA,CAAM,wBAAwB,KAAK,CAAA;AAC3C,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB;AAAA,EACF,CAAA;AACF;;;AC1RO,IAAM,oBAAoB,MAAyB;AACxD,EAAA,OAAO,OAAO,GAAG,IAAA,KAAS;AACxB,IAAA,MAAM,OAAO,IAAI,GAAA,CAAI,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA;AAGhC,IAAA,IAAI,SAAS,8BAAA,EAAgC;AAC3C,MAAAC,gCAAA,CAAe,aAAA,EAAc;AAAA,IAC/B;AAGA,IAAA,MAAM,IAAA,EAAK;AAAA,EACb,CAAA;AACF;ACEA,IAAMC,oBAAAA,GAAsB,gDAAA;AAOrB,SAAS,uBAAuB,MAAA,EAA6B;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAE,CAAA;AAAA,EACzC;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,OAAO,EAAE,CAAA;AAC/E;AAGA,eAAe,WAAW,MAAA,EAAoC;AAC5D,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,OAAO,OAAO,MAAA,CAAO,SAAA;AAAA,IACnB,KAAA;AAAA,IACA,OAAA,CAAQ,OAAO,MAAM,CAAA;AAAA,IACrB,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,KAAA;AAAA,IACA,CAAC,QAAQ,QAAQ;AAAA,GACnB;AACF;AAWA,eAAsB,kBAAkB,MAAA,EAAiC;AACvE,EAAA,MAAM,UAAA,GAAa,IAAI,UAAA,CAAW,EAAE,CAAA;AACpC,EAAA,MAAA,CAAO,gBAAgB,UAAU,CAAA;AACjC,EAAA,MAAM,KAAA,GAAQ,sBAAA,CAAuB,UAAA,CAAW,MAAM,CAAA;AAEtD,EAAA,MAAM,GAAA,GAAM,MAAM,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,eAAA,GAAkB,MAAM,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,QAAQ,GAAA,EAAK,OAAA,CAAQ,MAAA,CAAO,KAAK,CAAC,CAAA;AACnF,EAAA,MAAM,SAAA,GAAY,uBAAuB,eAAe,CAAA;AAExD,EAAA,OAAO,CAAA,EAAG,KAAK,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA;AAC9B;AAcA,eAAsB,iBAAA,CAAkB,OAAe,MAAA,EAAkC;AACvF,EAAA,IAAI,CAAC,KAAA,IAAS,OAAO,KAAA,KAAU,UAAU,OAAO,KAAA;AAEhD,EAAA,MAAM,QAAA,GAAW,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA;AAClC,EAAA,IAAI,QAAA,KAAa,IAAI,OAAO,KAAA;AAE5B,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,SAAA,CAAU,CAAA,EAAG,QAAQ,CAAA;AACzC,EAAA,MAAM,SAAA,GAAY,KAAA,CAAM,SAAA,CAAU,QAAA,GAAW,CAAC,CAAA;AAE9C,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,SAAA,EAAW,OAAO,KAAA;AAEjC,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,MAAM,UAAA,CAAW,MAAM,CAAA;AACnC,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAGhC,IAAA,MAAM,SAAA,GAAY,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAChE,IAAA,MAAM,SAAA,GAAY,KAAK,SAAS,CAAA;AAChC,IAAA,MAAM,QAAA,GAAW,IAAI,UAAA,CAAW,SAAA,CAAU,MAAM,CAAA;AAChD,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,SAAA,CAAU,QAAQ,CAAA,EAAA,EAAK;AACzC,MAAA,QAAA,CAAS,CAAC,CAAA,GAAI,SAAA,CAAU,UAAA,CAAW,CAAC,CAAA;AAAA,IACtC;AAGA,IAAA,OAAO,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,MAAA,EAAQ,GAAA,EAAK,QAAA,CAAS,MAAA,EAAQ,OAAA,CAAQ,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACvF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAMA,IAAM,oBAAA,GAAuB;AAAA,EAC3B,aAAA;AAAA,EACA,gBAAA;AAAA,EACA,kBAAA;AAAA,EACA,yBAAA;AAAA,EACA,sBAAA;AAAA,EACA,8BAAA;AAAA,EACA,WAAA;AAAA,EACA,kBAAA;AAAA,EACA,cAAA;AAAA,EACA,qBAAA;AAAA,EACA;AACF,CAAA;AASA,SAAS,YAAA,CAAa,IAAA,EAAc,gBAAA,GAA6B,EAAC,EAAY;AAE5E,EAAA,IAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAA,IAAK,IAAA,CAAK,UAAA,CAAW,aAAa,CAAA,IAAK,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,YAAA,EAAc;AAC9G,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,IAAI,IAAA,CAAK,UAAA,CAAW,aAAa,CAAA,EAAG;AAClC,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,CAAC,GAAG,oBAAA,EAAsB,GAAG,gBAAgB,CAAA;AAC/D,EAAA,KAAA,MAAW,UAAU,SAAA,EAAW;AAC9B,IAAA,IAAI,SAAS,MAAA,IAAU,IAAA,CAAK,UAAA,CAAW,MAAA,GAAS,GAAG,CAAA,EAAG;AACpD,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAkBO,SAAS,cAAA,CAAe,OAAA,GAAuB,EAAC,EAAG;AACxD,EAAA,OAAO,OAAO,GAAY,IAAA,KAAyC;AACjE,IAAA,MAAM,MAAA,GAAS,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,WAAA,EAAY;AACxC,IAAA,MAAM,OAAO,IAAI,GAAA,CAAI,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA;AAChC,IAAA,MAAM,MAAA,GAAS,CAAA,CAAE,GAAA,EAAK,UAAA,IAAcA,oBAAAA;AAGpC,IAAA,IAAI,EAAE,GAAA,EAAK,WAAA,KAAgB,gBAAgB,CAAC,CAAA,CAAE,KAAK,UAAA,EAAY;AAC7D,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN;AAAA,OAEF;AAAA,IACF;AAGA,IAAA,IAAI,MAAA,KAAW,KAAA,IAAS,MAAA,KAAW,MAAA,IAAU,WAAW,SAAA,EAAW;AACjE,MAAA,MAAM,gBAAA,CAAiB,GAAG,MAAM,CAAA;AAChC,MAAA,MAAM,IAAA,EAAK;AACX,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,YAAA,CAAa,IAAA,EAAM,OAAA,CAAQ,WAAW,CAAA,EAAG;AAC3C,MAAA,MAAM,IAAA,EAAK;AACX,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,UAAA,GAAaF,gBAAAA,CAAU,CAAA,EAAG,YAAY,CAAA;AAC5C,IAAA,IAAI,CAAC,UAAA,EAAY;AACf,MAAA,MAAM,IAAA,EAAK;AACX,MAAA;AAAA,IACF;AAKA,IAAA,MAAM,UAAA,GAAa,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,eAAe,CAAA;AAC/C,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,IAAA,EAAK;AACX,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,WAAA,GAAcA,gBAAAA,CAAU,CAAA,EAAG,YAAY,CAAA;AAC7C,IAAA,IAAI,WAAA,GAAc,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,cAAc,CAAA;AAG7C,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,MAAM,WAAA,GAAc,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,cAAc,CAAA,IAAK,EAAA;AACpD,MAAA,IAAI,YAAY,QAAA,CAAS,mCAAmC,KAAK,WAAA,CAAY,QAAA,CAAS,qBAAqB,CAAA,EAAG;AAC5G,QAAA,IAAI;AACF,UAAA,MAAM,IAAA,GAAO,MAAM,CAAA,CAAE,GAAA,CAAI,SAAA,EAAU;AACnC,UAAA,WAAA,GAAc,KAAK,OAAO,CAAA;AAAA,QAC5B,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,WAAA,EAAa;AAChC,MAAA,OAAO,SAAA,CAAU,GAAG,oBAAoB,CAAA;AAAA,IAC1C;AAEA,IAAA,IAAI,gBAAgB,WAAA,EAAa;AAC/B,MAAA,OAAO,SAAA,CAAU,GAAG,qBAAqB,CAAA;AAAA,IAC3C;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,CAAkB,WAAA,EAAa,MAAM,CAAA;AAC3D,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,OAAO,SAAA,CAAU,GAAG,oBAAoB,CAAA;AAAA,IAC1C;AAEA,IAAA,MAAM,IAAA,EAAK;AAAA,EACb,CAAA;AACF;AAOA,eAAe,gBAAA,CAAiB,GAAY,MAAA,EAA+B;AACzE,EAAA,MAAM,QAAA,GAAWA,gBAAAA,CAAU,CAAA,EAAG,YAAY,CAAA;AAE1C,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,CAAkB,QAAA,EAAU,MAAM,CAAA;AACxD,IAAA,IAAI,OAAA,EAAS;AAEX,MAAA,CAAA,CAAE,GAAA,CAAI,aAAa,QAAQ,CAAA;AAC3B,MAAA;AAAA,IACF;AAAA,EACF;AAGA,EAAA,MAAM,KAAA,GAAQ,MAAM,iBAAA,CAAkB,MAAM,CAAA;AAC5C,EAAA,CAAA,CAAE,GAAA,CAAI,aAAa,KAAK,CAAA;AAExB,EAAA,MAAM,QAAQ,CAAA,CAAE,GAAA,EAAK,gBAAgB,aAAA,IAAiB,CAAC,EAAE,GAAA,EAAK,WAAA;AAC9D,EAAAD,gBAAAA,CAAU,CAAA,EAAG,YAAA,EAAc,KAAA,EAAO;AAAA,IAChC,QAAA,EAAU,KAAA;AAAA;AAAA,IACV,QAAQ,CAAC,KAAA;AAAA,IACT,QAAA,EAAU,QAAA;AAAA,IACV,IAAA,EAAM,GAAA;AAAA,IACN,MAAA,EAAQ;AAAA;AAAA,GACT,CAAA;AACH;AAGA,SAAS,SAAA,CAAU,GAAY,OAAA,EAA2B;AACxD,EAAA,MAAM,MAAA,GAAS,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AACzC,EAAA,IAAI,MAAA,CAAO,QAAA,CAAS,WAAW,CAAA,EAAG;AAChC,IAAA,OAAO,CAAA,CAAE,IAAA;AAAA,MACP,gGACkC,OAAO,CAAA,kBAAA,CAAA;AAAA,MACzC;AAAA,KACF;AAAA,EACF;AACA,EAAA,OAAO,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,SAAS,MAAA,EAAQ,GAAA,IAAO,GAAG,CAAA;AACpD;;;ACrRO,SAAS,UAAU,OAAA,EAA2B;AACnD,EAAA,MAAM,EAAE,GAAA,EAAK,QAAA,EAAU,SAAA,EAAU,GAAI,OAAA;AAErC,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,EAAA,GAAM,EAAE,GAAA,EAAa,QAAA;AAC3B,IAAA,IAAI,CAAC,EAAA,EAAI;AAEP,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB;AAEA,IAAA,MAAM,EAAA,GAAK,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,kBAAkB,KAAK,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,iBAAiB,CAAA,IAAK,SAAA;AAClF,IAAA,MAAM,GAAA,GAAM,CAAA,UAAA,EAAa,SAAS,CAAA,CAAA,EAAI,EAAE,CAAA,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,MAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,GAAA,CAAI,KAAK,MAAM,CAAA;AAEvC,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,MAAA,IAAU,MAAA,CAAO,OAAA,GAAU,GAAA,EAAK;AAClC,QAAA,KAAA,GAAQ,MAAA;AAAA,MACV,CAAA,MAAO;AACL,QAAA,KAAA,GAAQ,EAAE,KAAA,EAAO,CAAA,EAAG,OAAA,EAAS,MAAM,QAAA,EAAS;AAAA,MAC9C;AAEA,MAAA,KAAA,CAAM,KAAA,EAAA;AAGN,MAAA,MAAM,aAAa,IAAA,CAAK,IAAA,CAAA,CAAM,KAAA,CAAM,OAAA,GAAU,OAAO,GAAI,CAAA;AAEzD,MAAA,IAAI,KAAA,CAAM,QAAQ,GAAA,EAAK;AAErB,QAAA,MAAM,EAAA,CAAG,GAAA,CAAI,GAAA,EAAK,IAAA,CAAK,UAAU,KAAK,CAAA,EAAG,EAAE,aAAA,EAAe,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,EAAE,GAAG,CAAA;AAEpF,QAAA,MAAM,aAAa,IAAA,CAAK,IAAA,CAAA,CAAM,KAAA,CAAM,OAAA,GAAU,OAAO,GAAI,CAAA;AACzD,QAAA,CAAA,CAAE,MAAA,CAAO,aAAA,EAAe,MAAA,CAAO,UAAU,CAAC,CAAA;AAC1C,QAAA,CAAA,CAAE,MAAA,CAAO,mBAAA,EAAqB,MAAA,CAAO,GAAG,CAAC,CAAA;AACzC,QAAA,CAAA,CAAE,MAAA,CAAO,yBAAyB,GAAG,CAAA;AACrC,QAAA,CAAA,CAAE,MAAA,CAAO,qBAAqB,MAAA,CAAO,IAAA,CAAK,KAAK,KAAA,CAAM,OAAA,GAAU,GAAI,CAAC,CAAC,CAAA;AACrE,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,4CAAA,IAAgD,GAAG,CAAA;AAAA,MAC5E;AAEA,MAAA,MAAM,EAAA,CAAG,GAAA,CAAI,GAAA,EAAK,IAAA,CAAK,UAAU,KAAK,CAAA,EAAG,EAAE,aAAA,EAAe,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,EAAE,GAAG,CAAA;AAEpF,MAAA,CAAA,CAAE,MAAA,CAAO,mBAAA,EAAqB,MAAA,CAAO,GAAG,CAAC,CAAA;AACzC,MAAA,CAAA,CAAE,OAAO,uBAAA,EAAyB,MAAA,CAAO,GAAA,GAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAC3D,MAAA,CAAA,CAAE,MAAA,CAAO,qBAAqB,MAAA,CAAO,IAAA,CAAK,KAAK,KAAA,CAAM,OAAA,GAAU,GAAI,CAAC,CAAC,CAAA;AAErE,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB,SAAS,KAAA,EAAO;AAEd,MAAA,OAAA,CAAQ,KAAA,CAAM,mCAAmC,KAAK,CAAA;AACtD,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB;AAAA,EACF,CAAA;AACF;;;AChEO,IAAM,4BAA4B,MAAM;AAC7C,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,IAAA,EAAK;AAEX,IAAA,CAAA,CAAE,MAAA,CAAO,0BAA0B,SAAS,CAAA;AAC5C,IAAA,CAAA,CAAE,MAAA,CAAO,mBAAmB,YAAY,CAAA;AACxC,IAAA,CAAA,CAAE,MAAA,CAAO,mBAAmB,iCAAiC,CAAA;AAC7D,IAAA,CAAA,CAAE,MAAA,CAAO,sBAAsB,0CAA0C,CAAA;AAGzE,IAAA,MAAM,WAAA,GAAe,EAAE,GAAA,EAAa,WAAA;AACpC,IAAA,IAAI,gBAAgB,aAAA,EAAe;AACjC,MAAA,CAAA,CAAE,MAAA,CAAO,6BAA6B,qCAAqC,CAAA;AAAA,IAC7E;AAAA,EACF,CAAA;AACF;;;ACWO,IAAM,oBAAyB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACzE,IAAM,4BAAiC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACjF,IAAM,4BAAiC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACjF,IAAM,+BAAoC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACpF,IAAM,eAAoB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACpE,IAAM,qBAAA,GAA6B,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAIvE,IAAM,oBAAyB;AAC/B,IAAM,oBAAyB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACzE,IAAM,uBAA4B,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAC5E,IAAM,cAAmB,MAAM;AAAC;AAChC,IAAM,sBAA2B,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAC3E,IAAM,uBAA4B,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAC5E,IAAM,gBAAA,GAAwB,MAAM;AACpC,IAAM,iBAAsB,MAAM","file":"chunk-CZ6BVQZX.cjs","sourcesContent":["import { Context, Next } from \"hono\";\nimport { syncCollections } from \"../services/collection-sync\";\nimport { syncAllFormCollections } from \"../services/form-collection-sync\";\nimport { MigrationService } from \"../services/migrations\";\nimport { PluginBootstrapService } from \"../services/plugin-bootstrap\";\nimport type { SonicJSConfig } from \"../app\";\n\ntype Bindings = {\n DB: D1Database;\n KV: KVNamespace;\n JWT_SECRET?: string;\n CORS_ORIGINS?: string;\n ENVIRONMENT?: string;\n};\n\n// Track if bootstrap has been run in this worker instance\nlet bootstrapComplete = false;\n\n/**\n * Verify security-critical environment configuration at startup.\n * Logs warnings in development, throws in production to prevent\n * insecure deployments from silently running.\n */\nexport function verifySecurityConfig(env: Bindings): void {\n const warnings: string[] = [];\n\n // Check JWT secret\n if (!env.JWT_SECRET) {\n warnings.push(\n \"JWT_SECRET is not set — using hardcoded fallback. Set via `wrangler secret put JWT_SECRET`\"\n );\n } else if (env.JWT_SECRET.includes(\"change-in-production\")) {\n warnings.push(\n \"JWT_SECRET contains the default value — tokens are forgeable. Generate a strong random secret\"\n );\n }\n\n // Check CORS origins\n if (!env.CORS_ORIGINS) {\n warnings.push(\n \"CORS_ORIGINS is not set — all cross-origin API requests will be rejected\"\n );\n }\n\n // Check environment designation\n if (!env.ENVIRONMENT) {\n warnings.push(\n \"ENVIRONMENT is not set — HSTS header will not be applied. Set to \\\"production\\\" or \\\"development\\\"\"\n );\n }\n\n if (warnings.length === 0) {\n return;\n }\n\n const isProduction = env.ENVIRONMENT === \"production\";\n\n for (const warning of warnings) {\n console.warn(`[SonicJS Security] ${warning}`);\n }\n\n if (isProduction) {\n // In production, a missing or default JWT_SECRET is a hard failure —\n // every token issued would be forgeable by anyone reading the source code.\n const hasCritical =\n !env.JWT_SECRET || env.JWT_SECRET.includes(\"change-in-production\");\n if (hasCritical) {\n throw new Error(\n \"[SonicJS Security] CRITICAL: Production deployment is missing a secure JWT_SECRET. \" +\n \"Set it via `wrangler secret put JWT_SECRET` before deploying.\"\n );\n }\n }\n}\n\n/**\n * Bootstrap middleware that ensures system initialization\n * Runs once per worker instance\n */\nexport function bootstrapMiddleware(config: SonicJSConfig = {}) {\n return async (c: Context<{ Bindings: Bindings }>, next: Next) => {\n // Skip if already bootstrapped in this worker instance\n if (bootstrapComplete) {\n return next();\n }\n\n // Skip bootstrap for static assets and health checks\n const path = c.req.path;\n if (\n path.startsWith(\"/images/\") ||\n path.startsWith(\"/assets/\") ||\n path === \"/health\" ||\n path.endsWith(\".js\") ||\n path.endsWith(\".css\") ||\n path.endsWith(\".png\") ||\n path.endsWith(\".jpg\") ||\n path.endsWith(\".ico\")\n ) {\n return next();\n }\n\n try {\n console.log(\"[Bootstrap] Starting system initialization...\");\n\n // 1. Run database migrations first\n console.log(\"[Bootstrap] Running database migrations...\");\n const migrationService = new MigrationService(c.env.DB);\n await migrationService.runPendingMigrations();\n\n // 2. Sync collection configurations\n console.log(\"[Bootstrap] Syncing collection configurations...\");\n try {\n await syncCollections(c.env.DB);\n } catch (error) {\n console.error(\"[Bootstrap] Error syncing collections:\", error);\n // Continue bootstrap even if collection sync fails\n }\n\n // 2b. Sync form-derived shadow collections\n console.log(\"[Bootstrap] Syncing form collections...\");\n try {\n await syncAllFormCollections(c.env.DB);\n } catch (error) {\n console.error(\"[Bootstrap] Error syncing form collections:\", error);\n }\n\n // 3. Bootstrap core plugins (unless disableAll is set)\n if (!config.plugins?.disableAll) {\n console.log(\"[Bootstrap] Bootstrapping core plugins...\");\n const bootstrapService = new PluginBootstrapService(c.env.DB);\n\n // Check if bootstrap is needed\n const needsBootstrap = await bootstrapService.isBootstrapNeeded();\n if (needsBootstrap) {\n await bootstrapService.bootstrapCorePlugins();\n }\n } else {\n console.log(\"[Bootstrap] Plugin bootstrap skipped (disableAll is true)\");\n }\n\n // Mark bootstrap as complete for this worker instance\n bootstrapComplete = true;\n console.log(\"[Bootstrap] System initialization completed\");\n } catch (error) {\n console.error(\"[Bootstrap] Error during system initialization:\", error);\n // Don't prevent the app from starting, but log the error\n }\n\n // 4. Verify security configuration (outside try/catch so critical\n // errors in production propagate and prevent insecure deployments)\n verifySecurityConfig(c.env as Bindings);\n\n return next();\n };\n}\n\n/**\n * Reset bootstrap flag (useful for testing)\n */\nexport function resetBootstrap() {\n bootstrapComplete = false;\n}\n","import { sign, verify } from 'hono/jwt'\nimport { Context, Next } from 'hono'\nimport { getCookie, setCookie } from 'hono/cookie'\n\ntype JWTPayload = {\n userId: string\n email: string\n role: string\n exp: number\n iat: number\n}\n\n// Fallback JWT secret for local development only (no wrangler secret set)\nconst JWT_SECRET_FALLBACK = 'your-super-secret-jwt-key-change-in-production'\n\nexport class AuthManager {\n static async generateToken(userId: string, email: string, role: string, secret?: string): Promise<string> {\n const payload: JWTPayload = {\n userId,\n email,\n role,\n exp: Math.floor(Date.now() / 1000) + (60 * 60 * 24), // 24 hours\n iat: Math.floor(Date.now() / 1000)\n }\n\n return await sign(payload, secret || JWT_SECRET_FALLBACK, 'HS256')\n }\n\n static async verifyToken(token: string, secret?: string): Promise<JWTPayload | null> {\n try {\n const payload = await verify(token, secret || JWT_SECRET_FALLBACK, 'HS256') as JWTPayload\n \n // Check if token is expired\n if (payload.exp < Math.floor(Date.now() / 1000)) {\n return null\n }\n \n return payload\n } catch (error) {\n console.error('Token verification failed:', error)\n return null\n }\n }\n\n static async hashPassword(password: string): Promise<string> {\n const iterations = 100000\n const salt = new Uint8Array(16)\n crypto.getRandomValues(salt)\n\n const encoder = new TextEncoder()\n const keyMaterial = await crypto.subtle.importKey(\n 'raw',\n encoder.encode(password),\n 'PBKDF2',\n false,\n ['deriveBits']\n )\n\n const hashBuffer = await crypto.subtle.deriveBits(\n {\n name: 'PBKDF2',\n salt,\n iterations,\n hash: 'SHA-256'\n },\n keyMaterial,\n 256\n )\n\n const saltHex = Array.from(salt).map(b => b.toString(16).padStart(2, '0')).join('')\n const hashHex = Array.from(new Uint8Array(hashBuffer)).map(b => b.toString(16).padStart(2, '0')).join('')\n\n return `pbkdf2:${iterations}:${saltHex}:${hashHex}`\n }\n\n static async hashPasswordLegacy(password: string): Promise<string> {\n const encoder = new TextEncoder()\n const data = encoder.encode(password + 'salt-change-in-production')\n const hashBuffer = await crypto.subtle.digest('SHA-256', data)\n const hashArray = Array.from(new Uint8Array(hashBuffer))\n return hashArray.map(b => b.toString(16).padStart(2, '0')).join('')\n }\n\n static async verifyPassword(password: string, storedHash: string): Promise<boolean> {\n if (storedHash.startsWith('pbkdf2:')) {\n // PBKDF2 format: pbkdf2:<iterations>:<salt_hex>:<hash_hex>\n const parts = storedHash.split(':')\n if (parts.length !== 4) return false\n\n const iterationsStr = parts[1]!\n const saltHex = parts[2]!\n const expectedHashHex = parts[3]!\n const iterations = parseInt(iterationsStr, 10)\n\n const saltBytes = saltHex.match(/.{2}/g)\n if (!saltBytes) return false\n const salt = new Uint8Array(saltBytes.map(byte => parseInt(byte, 16)))\n\n const encoder = new TextEncoder()\n const keyMaterial = await crypto.subtle.importKey(\n 'raw',\n encoder.encode(password),\n 'PBKDF2',\n false,\n ['deriveBits']\n )\n\n const hashBuffer = await crypto.subtle.deriveBits(\n {\n name: 'PBKDF2',\n salt,\n iterations,\n hash: 'SHA-256'\n },\n keyMaterial,\n 256\n )\n\n const actualHashHex = Array.from(new Uint8Array(hashBuffer)).map(b => b.toString(16).padStart(2, '0')).join('')\n\n // Constant-time comparison\n if (actualHashHex.length !== expectedHashHex.length) return false\n let result = 0\n for (let i = 0; i < actualHashHex.length; i++) {\n result |= actualHashHex.charCodeAt(i) ^ expectedHashHex.charCodeAt(i)\n }\n return result === 0\n }\n\n // Legacy SHA-256 format (no colons in hash)\n const legacyHash = await this.hashPasswordLegacy(password)\n // Constant-time comparison for legacy too\n if (legacyHash.length !== storedHash.length) return false\n let result = 0\n for (let i = 0; i < legacyHash.length; i++) {\n result |= legacyHash.charCodeAt(i) ^ storedHash.charCodeAt(i)\n }\n return result === 0\n }\n\n static isLegacyHash(storedHash: string): boolean {\n return !storedHash.startsWith('pbkdf2:')\n }\n\n /**\n * Set authentication cookie - useful for plugins implementing alternative auth methods\n * @param c - Hono context\n * @param token - JWT token to set in cookie\n * @param options - Optional cookie configuration\n */\n static setAuthCookie(c: Context, token: string, options?: {\n maxAge?: number\n secure?: boolean\n httpOnly?: boolean\n sameSite?: 'Strict' | 'Lax' | 'None'\n }): void {\n setCookie(c, 'auth_token', token, {\n httpOnly: options?.httpOnly ?? true,\n secure: options?.secure ?? true,\n sameSite: options?.sameSite ?? 'Strict',\n maxAge: options?.maxAge ?? (60 * 60 * 24) // 24 hours default\n })\n }\n}\n\n// Middleware to require authentication\nexport const requireAuth = () => {\n return async (c: Context, next: Next) => {\n try {\n // Try to get token from Authorization header\n let token = c.req.header('Authorization')?.replace('Bearer ', '')\n\n // If no header token, try cookie\n if (!token) {\n token = getCookie(c, 'auth_token')\n }\n\n if (!token) {\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Please login to access the admin area')\n }\n return c.json({ error: 'Authentication required' }, 401)\n }\n\n // Try to get cached token verification from KV\n const kv = c.env?.KV\n let payload: JWTPayload | null = null\n\n if (kv) {\n const cacheKey = `auth:${token.substring(0, 20)}` // Use token prefix as key\n const cached = await kv.get(cacheKey, 'json')\n if (cached) {\n payload = cached as JWTPayload\n }\n }\n\n // If not cached, verify token\n if (!payload) {\n const jwtSecret = (c.env as any)?.JWT_SECRET\n payload = await AuthManager.verifyToken(token, jwtSecret)\n\n // Cache the verified payload for 5 minutes\n if (payload && kv) {\n const cacheKey = `auth:${token.substring(0, 20)}`\n await kv.put(cacheKey, JSON.stringify(payload), { expirationTtl: 300 })\n }\n }\n\n if (!payload) {\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Your session has expired, please login again')\n }\n return c.json({ error: 'Invalid or expired token' }, 401)\n }\n\n // Add user info to context\n c.set('user', payload)\n\n return await next()\n } catch (error) {\n console.error('Auth middleware error:', error)\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Authentication failed, please login again')\n }\n return c.json({ error: 'Authentication failed' }, 401)\n }\n }\n}\n\n// Middleware to require specific role\nexport const requireRole = (requiredRole: string | string[]) => {\n return async (c: Context, next: Next) => {\n const user = c.get('user') as JWTPayload\n \n if (!user) {\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Please login to access the admin area')\n }\n return c.json({ error: 'Authentication required' }, 401)\n }\n \n const roles = Array.isArray(requiredRole) ? requiredRole : [requiredRole]\n \n if (!roles.includes(user.role)) {\n // Check if this is a browser request (HTML accept header)\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=You do not have permission to access this area')\n }\n return c.json({ error: 'Insufficient permissions' }, 403)\n }\n \n return await next()\n }\n}\n\n// Optional auth middleware (doesn't block if no token)\nexport const optionalAuth = () => {\n return async (c: Context, next: Next) => {\n try {\n let token = c.req.header('Authorization')?.replace('Bearer ', '')\n \n if (!token) {\n token = getCookie(c, 'auth_token')\n }\n \n if (token) {\n const jwtSecret = (c.env as any)?.JWT_SECRET\n const payload = await AuthManager.verifyToken(token, jwtSecret)\n if (payload) {\n c.set('user', payload)\n }\n }\n \n return await next()\n } catch (error) {\n // Don't block on auth errors in optional auth\n console.error('Optional auth error:', error)\n return await next()\n }\n }\n}\n","import { MiddlewareHandler } from 'hono'\nimport { metricsTracker } from '../utils/metrics'\n\n/**\n * Middleware to track all HTTP requests for real-time analytics\n * Excludes the metrics endpoint itself to avoid inflating the count\n */\nexport const metricsMiddleware = (): MiddlewareHandler => {\n return async (c, next) => {\n const path = new URL(c.req.url).pathname\n\n // Don't track the metrics endpoint itself to avoid self-inflating counts\n if (path !== '/admin/dashboard/api/metrics') {\n metricsTracker.recordRequest()\n }\n\n // Continue with the request\n await next()\n }\n}\n","/**\n * CSRF Protection Middleware — Signed Double-Submit Cookie\n *\n * Stateless CSRF protection for Cloudflare Workers (no session store needed).\n * Token format: `<nonce>.<hmac>` where HMAC-SHA256 is keyed with JWT_SECRET.\n *\n * Flow:\n * GET — ensureCsrfCookie(): reuse existing valid cookie or set a new one\n * POST/PUT/DELETE/PATCH — validate X-CSRF-Token header === csrf_token cookie, HMAC valid\n *\n * Exempt:\n * - Safe methods (GET, HEAD, OPTIONS)\n * - Auth routes that create sessions (/auth/login*, /auth/register*, etc.)\n * - Public form submissions (/forms/*, /api/forms/*) — NOT /admin/forms/*\n * - Requests with no auth_token cookie (Bearer-only or API-key-only)\n */\n\nimport type { Context, Next } from 'hono'\nimport { getCookie, setCookie } from 'hono/cookie'\n\n// Fallback secret — mirrors auth.ts behavior for local dev without wrangler secret\nconst JWT_SECRET_FALLBACK = 'your-super-secret-jwt-key-change-in-production'\n\n// ============================================================================\n// Helpers\n// ============================================================================\n\n/** Convert ArrayBuffer to URL-safe base64 (no padding). */\nexport function arrayBufferToBase64Url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer)\n let binary = ''\n for (let i = 0; i < bytes.length; i++) {\n binary += String.fromCharCode(bytes[i]!)\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '')\n}\n\n/** Import a string key for HMAC-SHA256. */\nasync function getHmacKey(secret: string): Promise<CryptoKey> {\n const encoder = new TextEncoder()\n return crypto.subtle.importKey(\n 'raw',\n encoder.encode(secret),\n { name: 'HMAC', hash: 'SHA-256' },\n false,\n ['sign', 'verify']\n )\n}\n\n// ============================================================================\n// Token Generation & Validation\n// ============================================================================\n\n/**\n * Generate a signed CSRF token: `<nonce>.<hmac_signature>`\n * - nonce = 32 random bytes, base64url-encoded\n * - signature = HMAC-SHA256(nonce, secret), base64url-encoded\n */\nexport async function generateCsrfToken(secret: string): Promise<string> {\n const nonceBytes = new Uint8Array(32)\n crypto.getRandomValues(nonceBytes)\n const nonce = arrayBufferToBase64Url(nonceBytes.buffer)\n\n const key = await getHmacKey(secret)\n const encoder = new TextEncoder()\n const signatureBuffer = await crypto.subtle.sign('HMAC', key, encoder.encode(nonce))\n const signature = arrayBufferToBase64Url(signatureBuffer)\n\n return `${nonce}.${signature}`\n}\n\n/**\n * Validate a signed CSRF token.\n *\n * Checks that the token has the correct `<nonce>.<signature>` format and that\n * the HMAC signature is valid for the given secret. Uses crypto.subtle.verify\n * which provides constant-time comparison.\n *\n * NOTE: No expiry check here — by design. The security property of signed\n * double-submit comes from the unpredictability of the nonce + the\n * secret-bound HMAC, not from time-bounding. The cookie's maxAge (86400s)\n * handles expiry at the browser level.\n */\nexport async function validateCsrfToken(token: string, secret: string): Promise<boolean> {\n if (!token || typeof token !== 'string') return false\n\n const dotIndex = token.indexOf('.')\n if (dotIndex === -1) return false\n\n const nonce = token.substring(0, dotIndex)\n const signature = token.substring(dotIndex + 1)\n\n if (!nonce || !signature) return false\n\n try {\n const key = await getHmacKey(secret)\n const encoder = new TextEncoder()\n\n // Decode the signature from base64url\n const sigPadded = signature.replace(/-/g, '+').replace(/_/g, '/')\n const sigBinary = atob(sigPadded)\n const sigBytes = new Uint8Array(sigBinary.length)\n for (let i = 0; i < sigBinary.length; i++) {\n sigBytes[i] = sigBinary.charCodeAt(i)\n }\n\n // crypto.subtle.verify is constant-time\n return await crypto.subtle.verify('HMAC', key, sigBytes.buffer, encoder.encode(nonce))\n } catch {\n return false\n }\n}\n\n// ============================================================================\n// Default Exempt Paths\n// ============================================================================\n\nconst DEFAULT_EXEMPT_PATHS = [\n '/auth/login',\n '/auth/register',\n '/auth/seed-admin',\n '/auth/accept-invitation',\n '/auth/reset-password',\n '/auth/request-password-reset',\n '/auth/otp',\n '/auth/magic-link',\n '/auth/verify',\n '/api/stripe/webhook',\n '/api/events',\n]\n\n/**\n * Check whether a request path is exempt from CSRF validation.\n * - Exact match or startsWith for auth routes (e.g. /auth/login/form)\n * - /forms/* and /api/forms/* are exempt (public submissions)\n * - /api/search* is exempt (read-only POST for complex query params)\n * - /admin/forms/* is NOT exempt\n */\nfunction isExemptPath(path: string, extraExemptPaths: string[] = []): boolean {\n // Public form routes — NOT /admin/forms/*\n if (path.startsWith('/forms/') || path.startsWith('/api/forms/') || path === '/forms' || path === '/api/forms') {\n return true\n }\n\n // Search API — read-only POST (includes /api/search/click, /api/search/facet-click)\n if (path.startsWith('/api/search')) {\n return true\n }\n\n const allExempt = [...DEFAULT_EXEMPT_PATHS, ...extraExemptPaths]\n for (const exempt of allExempt) {\n if (path === exempt || path.startsWith(exempt + '/')) {\n return true\n }\n }\n\n return false\n}\n\n// ============================================================================\n// Middleware\n// ============================================================================\n\nexport interface CsrfOptions {\n /** Additional paths to exempt from CSRF validation. */\n exemptPaths?: string[]\n}\n\n/**\n * CSRF protection middleware (Signed Double-Submit Cookie).\n *\n * - GET/HEAD/OPTIONS: ensure a valid csrf_token cookie exists\n * - POST/PUT/DELETE/PATCH: validate X-CSRF-Token header matches cookie, HMAC valid\n * - Exempt: auth routes, public /forms/*, Bearer-only, API-key-only\n */\nexport function csrfProtection(options: CsrfOptions = {}) {\n return async (c: Context, next: Next): Promise<Response | void> => {\n const method = c.req.method.toUpperCase()\n const path = new URL(c.req.url).pathname\n const secret = c.env?.JWT_SECRET || JWT_SECRET_FALLBACK\n\n // Warn if using fallback secret in production\n if (c.env?.ENVIRONMENT === 'production' && !c.env?.JWT_SECRET) {\n console.warn(\n '[CSRF] WARNING: JWT_SECRET is not set in production. ' +\n 'CSRF tokens are signed with the fallback key, which is insecure.'\n )\n }\n\n // Safe methods — just ensure cookie, then pass through\n if (method === 'GET' || method === 'HEAD' || method === 'OPTIONS') {\n await ensureCsrfCookie(c, secret)\n await next()\n return\n }\n\n // Exempt paths — pass through without validation\n if (isExemptPath(path, options.exemptPaths)) {\n await next()\n return\n }\n\n // Bearer-only or API-key-only requests (no auth_token cookie) — exempt\n const authCookie = getCookie(c, 'auth_token')\n if (!authCookie) {\n await next()\n return\n }\n\n // Requests with an Authorization header use token-based auth — the cookie\n // is incidental and CSRF protection is unnecessary (the attacker cannot\n // forge the Authorization header from a cross-origin page).\n const authHeader = c.req.header('Authorization')\n if (authHeader) {\n await next()\n return\n }\n\n // State-changing request with cookie auth — validate CSRF\n const cookieToken = getCookie(c, 'csrf_token')\n let headerToken = c.req.header('X-CSRF-Token')\n\n // Fallback: check _csrf field in form-encoded body (regular HTML form submissions)\n if (!headerToken) {\n const contentType = c.req.header('Content-Type') || ''\n if (contentType.includes('application/x-www-form-urlencoded') || contentType.includes('multipart/form-data')) {\n try {\n const body = await c.req.parseBody()\n headerToken = body['_csrf'] as string | undefined\n } catch {\n // Body not parseable — leave headerToken undefined\n }\n }\n }\n\n if (!cookieToken || !headerToken) {\n return csrfError(c, 'CSRF token missing')\n }\n\n if (cookieToken !== headerToken) {\n return csrfError(c, 'CSRF token mismatch')\n }\n\n const isValid = await validateCsrfToken(cookieToken, secret)\n if (!isValid) {\n return csrfError(c, 'CSRF token invalid')\n }\n\n await next()\n }\n}\n\n/**\n * Ensure a valid CSRF cookie exists. Check-then-reuse: if the existing cookie\n * has a valid HMAC signature, reuse it (no new Set-Cookie header). Only\n * generate a fresh token when the cookie is missing or has an invalid signature.\n */\nasync function ensureCsrfCookie(c: Context, secret: string): Promise<void> {\n const existing = getCookie(c, 'csrf_token')\n\n if (existing) {\n const isValid = await validateCsrfToken(existing, secret)\n if (isValid) {\n // Reuse existing valid token — no Set-Cookie needed\n c.set('csrfToken', existing)\n return\n }\n }\n\n // Generate fresh token\n const token = await generateCsrfToken(secret)\n c.set('csrfToken', token)\n\n const isDev = c.env?.ENVIRONMENT === 'development' || !c.env?.ENVIRONMENT\n setCookie(c, 'csrf_token', token, {\n httpOnly: false, // JS must read this cookie\n secure: !isDev,\n sameSite: 'Strict',\n path: '/',\n maxAge: 86400, // 24 hours — browser-side expiry\n })\n}\n\n/** Return a 403 CSRF error — HTML for browser requests, JSON for API. */\nfunction csrfError(c: Context, message: string): Response {\n const accept = c.req.header('Accept') || ''\n if (accept.includes('text/html')) {\n return c.html(\n `<!DOCTYPE html><html><head><title>403 Forbidden</title></head>` +\n `<body><h1>403 Forbidden</h1><p>${message}</p></body></html>`,\n 403\n )\n }\n return c.json({ error: message, status: 403 }, 403)\n}\n","import { Context, Next } from 'hono'\n\ninterface RateLimitOptions {\n max: number\n windowMs: number\n keyPrefix: string\n}\n\ninterface RateLimitEntry {\n count: number\n resetAt: number\n}\n\n/**\n * KV-based sliding window rate limiter middleware.\n * Gracefully skips if CACHE_KV binding is not available.\n */\nexport function rateLimit(options: RateLimitOptions) {\n const { max, windowMs, keyPrefix } = options\n\n return async (c: Context, next: Next) => {\n const kv = (c.env as any)?.CACHE_KV\n if (!kv) {\n // No KV binding available — skip rate limiting\n return await next()\n }\n\n const ip = c.req.header('cf-connecting-ip') || c.req.header('x-forwarded-for') || 'unknown'\n const key = `ratelimit:${keyPrefix}:${ip}`\n\n try {\n const now = Date.now()\n const stored = await kv.get(key, 'json') as RateLimitEntry | null\n\n let entry: RateLimitEntry\n if (stored && stored.resetAt > now) {\n entry = stored\n } else {\n entry = { count: 0, resetAt: now + windowMs }\n }\n\n entry.count++\n\n // Calculate TTL in seconds (KV expiration)\n const ttlSeconds = Math.ceil((entry.resetAt - now) / 1000)\n\n if (entry.count > max) {\n // Store the updated count even when rejecting\n await kv.put(key, JSON.stringify(entry), { expirationTtl: Math.max(ttlSeconds, 60) })\n\n const retryAfter = Math.ceil((entry.resetAt - now) / 1000)\n c.header('Retry-After', String(retryAfter))\n c.header('X-RateLimit-Limit', String(max))\n c.header('X-RateLimit-Remaining', '0')\n c.header('X-RateLimit-Reset', String(Math.ceil(entry.resetAt / 1000)))\n return c.json({ error: 'Too many requests. Please try again later.' }, 429)\n }\n\n await kv.put(key, JSON.stringify(entry), { expirationTtl: Math.max(ttlSeconds, 60) })\n\n c.header('X-RateLimit-Limit', String(max))\n c.header('X-RateLimit-Remaining', String(max - entry.count))\n c.header('X-RateLimit-Reset', String(Math.ceil(entry.resetAt / 1000)))\n\n return await next()\n } catch (error) {\n // Rate limiting should never break the app\n console.error('Rate limiter error (non-fatal):', error)\n return await next()\n }\n }\n}\n","import { Context, Next } from 'hono'\n\n/**\n * Security headers middleware.\n * Sets standard security headers on every response.\n * Skips HSTS in development to avoid local dev issues.\n */\nexport const securityHeadersMiddleware = () => {\n return async (c: Context, next: Next) => {\n await next()\n\n c.header('X-Content-Type-Options', 'nosniff')\n c.header('X-Frame-Options', 'SAMEORIGIN')\n c.header('Referrer-Policy', 'strict-origin-when-cross-origin')\n c.header('Permissions-Policy', 'camera=(), microphone=(), geolocation=()')\n\n // Only set HSTS in non-development environments\n const environment = (c.env as any)?.ENVIRONMENT\n if (environment !== 'development') {\n c.header('Strict-Transport-Security', 'max-age=31536000; includeSubDomains')\n }\n }\n}\n","/**\n * Middleware Module Exports\n *\n * Request processing middleware for SonicJS\n *\n * Note: Most middleware is currently in the monolith and will be migrated later.\n * For now, we only export the bootstrap middleware which is used for system initialization.\n */\n\n// Bootstrap middleware\nexport { bootstrapMiddleware, verifySecurityConfig } from './bootstrap'\n\n// Auth middleware\nexport { AuthManager, requireAuth, requireRole, optionalAuth } from './auth'\n\n// Metrics middleware\nexport { metricsMiddleware } from './metrics'\n\n// CSRF protection middleware\nexport { csrfProtection, generateCsrfToken, validateCsrfToken } from './csrf'\n\n// Rate limiting middleware\nexport { rateLimit } from './rate-limit'\n\n// Re-export types and functions that are referenced but implemented in monolith\n// These are placeholder exports to maintain API compatibility\nexport type Permission = string\nexport type UserPermissions = {\n userId: string\n permissions: Permission[]\n}\n\n// Middleware stubs - these return pass-through middleware that call next()\nexport const loggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const detailedLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const securityLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const performanceLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const cacheHeaders: any = () => async (_c: any, next: any) => await next()\nexport const compressionMiddleware: any = async (_c: any, next: any) => await next()\nexport { securityHeadersMiddleware as securityHeaders } from './security-headers'\n\n// Other stubs\nexport const PermissionManager: any = {}\nexport const requirePermission: any = () => async (_c: any, next: any) => await next()\nexport const requireAnyPermission: any = () => async (_c: any, next: any) => await next()\nexport const logActivity: any = () => {}\nexport const requireActivePlugin: any = () => async (_c: any, next: any) => await next()\nexport const requireActivePlugins: any = () => async (_c: any, next: any) => await next()\nexport const getActivePlugins: any = () => []\nexport const isPluginActive: any = () => false\n"]}
package/dist/{chunk-J5WGMRSU.js → chunk-EXNEW5US.js} RENAMED
@@ -410,7 +410,10 @@ var manifest_default = {
410
410
  homepage: "https://developers.cloudflare.com/turnstile/",
411
411
  repository: "https://github.com/sonicjs/sonicjs",
412
412
  license: "MIT",
413
- permissions: ["settings:write", "admin:access"],
413
+ permissions: [
414
+ "settings:write",
415
+ "admin:access"
416
+ ],
414
417
  dependencies: [],
415
418
  configSchema: {
416
419
  siteKey: {
@@ -432,9 +435,18 @@ var manifest_default = {
432
435
  description: "Visual theme for the Turnstile widget",
433
436
  default: "auto",
434
437
  options: [
435
- { value: "light", label: "Light" },
436
- { value: "dark", label: "Dark" },
437
- { value: "auto", label: "Auto" }
438
+ {
439
+ value: "light",
440
+ label: "Light"
441
+ },
442
+ {
443
+ value: "dark",
444
+ label: "Dark"
445
+ },
446
+ {
447
+ value: "auto",
448
+ label: "Auto"
449
+ }
438
450
  ]
439
451
  },
440
452
  size: {
@@ -443,8 +455,14 @@ var manifest_default = {
443
455
  description: "Size of the Turnstile widget",
444
456
  default: "normal",
445
457
  options: [
446
- { value: "normal", label: "Normal" },
447
- { value: "compact", label: "Compact" }
458
+ {
459
+ value: "normal",
460
+ label: "Normal"
461
+ },
462
+ {
463
+ value: "compact",
464
+ label: "Compact"
465
+ }
448
466
  ]
449
467
  },
450
468
  mode: {
@@ -453,9 +471,18 @@ var manifest_default = {
453
471
  description: "Managed: Adaptive challenge. Non-Interactive: Always visible, minimal friction. Invisible: No visible widget",
454
472
  default: "managed",
455
473
  options: [
456
- { value: "managed", label: "Managed (Recommended)" },
457
- { value: "non-interactive", label: "Non-Interactive" },
458
- { value: "invisible", label: "Invisible" }
474
+ {
475
+ value: "managed",
476
+ label: "Managed (Recommended)"
477
+ },
478
+ {
479
+ value: "non-interactive",
480
+ label: "Non-Interactive"
481
+ },
482
+ {
483
+ value: "invisible",
484
+ label: "Invisible"
485
+ }
459
486
  ]
460
487
  },
461
488
  appearance: {
@@ -464,9 +491,18 @@ var manifest_default = {
464
491
  description: "When the Turnstile challenge is executed. Always: Verifies immediately. Execute: Challenge on form submit. Interaction Only: Only after user interaction",
465
492
  default: "always",
466
493
  options: [
467
- { value: "always", label: "Always" },
468
- { value: "execute", label: "Execute" },
469
- { value: "interaction-only", label: "Interaction Only" }
494
+ {
495
+ value: "always",
496
+ label: "Always"
497
+ },
498
+ {
499
+ value: "execute",
500
+ label: "Execute"
501
+ },
502
+ {
503
+ value: "interaction-only",
504
+ label: "Interaction Only"
505
+ }
470
506
  ]
471
507
  },
472
508
  preClearance: {
@@ -481,9 +517,18 @@ var manifest_default = {
481
517
  description: "Controls which Cloudflare Firewall Rules the clearance cookie bypasses. Only applies if Pre-clearance is enabled",
482
518
  default: "managed",
483
519
  options: [
484
- { value: "interactive", label: "Interactive - Bypasses Interactive, Managed & JS Challenge Rules" },
485
- { value: "managed", label: "Managed - Bypasses Managed & JS Challenge Rules" },
486
- { value: "non-interactive", label: "Non-interactive - Bypasses JS Challenge Rules only" }
520
+ {
521
+ value: "interactive",
522
+ label: "Interactive - Bypasses Interactive, Managed & JS Challenge Rules"
523
+ },
524
+ {
525
+ value: "managed",
526
+ label: "Managed - Bypasses Managed & JS Challenge Rules"
527
+ },
528
+ {
529
+ value: "non-interactive",
530
+ label: "Non-interactive - Bypasses JS Challenge Rules only"
531
+ }
487
532
  ]
488
533
  },
489
534
  enabled: {
@@ -499,6 +544,20 @@ var manifest_default = {
499
544
  href: "/admin/plugins/turnstile/settings",
500
545
  parentId: "plugins",
501
546
  order: 100
547
+ },
548
+ codeName: "turnstile-plugin",
549
+ iconEmoji: "\u{1F6E1}\uFE0F",
550
+ is_core: true,
551
+ defaultSettings: {
552
+ siteKey: "",
553
+ secretKey: "",
554
+ theme: "auto",
555
+ size: "normal",
556
+ mode: "managed",
557
+ appearance: "always",
558
+ preClearanceEnabled: false,
559
+ preClearanceLevel: "managed",
560
+ enabled: false
502
561
  }
503
562
  };
504
563
 
@@ -585,5 +644,5 @@ var TurnstileService = class {
585
644
  };
586
645
 
587
646
  export { PluginBuilder, PluginHelpers, TurnstileService, manifest_default };
588
- //# sourceMappingURL=chunk-J5WGMRSU.js.map
589
- //# sourceMappingURL=chunk-J5WGMRSU.js.map
647
+ //# sourceMappingURL=chunk-EXNEW5US.js.map
648
+ //# sourceMappingURL=chunk-EXNEW5US.js.map
package/dist/chunk-EXNEW5US.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/plugins/sdk/plugin-builder.ts","../src/plugins/core-plugins/turnstile-plugin/manifest.json","../src/plugins/core-plugins/turnstile-plugin/services/turnstile.ts"],"names":[],"mappings":";;;;AAgCO,IAAM,aAAA,GAAN,MAAM,cAAA,CAAc;AAAA,EACjB,MAAA;AAAA,EAER,YAAY,OAAA,EAA+B;AACzC,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,MAAM,OAAA,CAAQ,IAAA;AAAA,MACd,SAAS,OAAA,CAAQ,OAAA;AAAA,MACjB,aAAa,OAAA,CAAQ,WAAA;AAAA,MACrB,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,cAAc,OAAA,CAAQ,YAAA;AAAA,MACtB,QAAQ,EAAC;AAAA,MACT,YAAY,EAAC;AAAA,MACb,QAAQ,EAAC;AAAA,MACT,UAAU,EAAC;AAAA,MACX,YAAY,EAAC;AAAA,MACb,iBAAiB,EAAC;AAAA,MAClB,WAAW,EAAC;AAAA,MACZ,OAAO;AAAC,KACV;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,OAAO,OAAA,EAA8C;AAC1D,IAAA,OAAO,IAAI,eAAc,OAAO,CAAA;AAAA,EAClC;AAAA;AAAA;AAAA;AAAA,EAKA,SAAS,QAAA,EAMS;AAChB,IAAA,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,MAAA,EAAQ,QAAQ,CAAA;AACnC,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,MAAA,EAAuC;AAC/C,IAAA,IAAA,CAAK,MAAA,CAAO,MAAA,GAAS,CAAC,GAAI,IAAA,CAAK,OAAO,MAAA,IAAU,EAAC,EAAI,GAAG,MAAM,CAAA;AAC9D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,QAAA,CAAS,IAAA,EAAc,OAAA,EAAe,OAAA,EAKpB;AAChB,IAAA,MAAM,KAAA,GAAsB;AAAA,MAC1B,IAAA;AAAA,MACA,OAAA;AAAA,MACA,GAAG;AAAA,KACL;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,SAAS,CAAC,GAAI,KAAK,MAAA,CAAO,MAAA,IAAU,EAAC,EAAI,KAAK,CAAA;AAC1D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc,UAAA,EAA+C;AAC3D,IAAA,IAAA,CAAK,MAAA,CAAO,UAAA,GAAa,CAAC,GAAI,IAAA,CAAK,OAAO,UAAA,IAAc,EAAC,EAAI,GAAG,UAAU,CAAA;AAC1E,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,mBAAA,CAAoB,IAAA,EAAc,OAAA,EAAc,OAAA,EAK9B;AAChB,IAAA,MAAM,UAAA,GAA+B;AAAA,MACnC,IAAA;AAAA,MACA,OAAA;AAAA,MACA,GAAG;AAAA,KACL;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,aAAa,CAAC,GAAI,KAAK,MAAA,CAAO,UAAA,IAAc,EAAC,EAAI,UAAU,CAAA;AACvE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,MAAA,EAAsC;AAC9C,IAAA,IAAA,CAAK,MAAA,CAAO,MAAA,GAAS,CAAC,GAAI,IAAA,CAAK,OAAO,MAAA,IAAU,EAAC,EAAI,GAAG,MAAM,CAAA;AAC9D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,QAAA,CAAS,MAAc,OAAA,EAML;AAChB,IAAA,MAAM,KAAA,GAAqB;AAAA,MACzB,IAAA;AAAA,MACA,GAAG;AAAA,KACL;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,SAAS,CAAC,GAAI,KAAK,MAAA,CAAO,MAAA,IAAU,EAAC,EAAI,KAAK,CAAA;AAC1D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,YAAY,QAAA,EAA0C;AACpD,IAAA,IAAA,CAAK,MAAA,CAAO,QAAA,GAAW,CAAC,GAAI,IAAA,CAAK,OAAO,QAAA,IAAY,EAAC,EAAI,GAAG,QAAQ,CAAA;AACpE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAA,CAAW,IAAA,EAAc,cAAA,EAAqB,OAAA,EAI5B;AAChB,IAAA,MAAM,OAAA,GAAyB;AAAA,MAC7B,IAAA;AAAA,MACA,cAAA;AAAA,MACA,GAAG;AAAA,KACL;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,WAAW,CAAC,GAAI,KAAK,MAAA,CAAO,QAAA,IAAY,EAAC,EAAI,OAAO,CAAA;AAChE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc,KAAA,EAAyC;AACrD,IAAA,IAAA,CAAK,MAAA,CAAO,UAAA,GAAa,CAAC,GAAI,IAAA,CAAK,OAAO,UAAA,IAAc,EAAC,EAAI,GAAG,KAAK,CAAA;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,YAAA,CAAa,IAAA,EAAc,KAAA,EAAe,SAAA,EAAmB,OAAA,EAK3C;AAChB,IAAA,MAAM,IAAA,GAAwB;AAAA,MAC5B,IAAA;AAAA,MACA,KAAA;AAAA,MACA,SAAA;AAAA,MACA,GAAG;AAAA,KACL;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,aAAa,CAAC,GAAI,KAAK,MAAA,CAAO,UAAA,IAAc,EAAC,EAAI,IAAI,CAAA;AACjE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc,UAAA,EAA8C;AAC1D,IAAA,IAAA,CAAK,MAAA,CAAO,eAAA,GAAkB,CAAC,GAAI,IAAA,CAAK,OAAO,eAAA,IAAmB,EAAC,EAAI,GAAG,UAAU,CAAA;AACpF,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,YAAA,CAAa,IAAA,EAAc,QAAA,EAAkC,OAAA,EAG3C;AAChB,IAAA,MAAM,SAAA,GAA6B;AAAA,MACjC,IAAA;AAAA,MACA,QAAA;AAAA,MACA,GAAG;AAAA,KACL;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,kBAAkB,CAAC,GAAI,KAAK,MAAA,CAAO,eAAA,IAAmB,EAAC,EAAI,SAAS,CAAA;AAChF,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,KAAA,EAAwC;AACnD,IAAA,IAAA,CAAK,MAAA,CAAO,SAAA,GAAY,CAAC,GAAI,IAAA,CAAK,OAAO,SAAA,IAAa,EAAC,EAAI,GAAG,KAAK,CAAA;AACnE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,WAAA,CAAY,KAAA,EAAe,IAAA,EAAc,OAAA,EAKvB;AAChB,IAAA,MAAM,QAAA,GAA2B;AAAA,MAC/B,KAAA;AAAA,MACA,IAAA;AAAA,MACA,GAAG;AAAA,KACL;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,YAAY,CAAC,GAAI,KAAK,MAAA,CAAO,SAAA,IAAa,EAAC,EAAI,QAAQ,CAAA;AACnE,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,SAAS,KAAA,EAAoC;AAC3C,IAAA,IAAA,CAAK,MAAA,CAAO,KAAA,GAAQ,CAAC,GAAI,IAAA,CAAK,OAAO,KAAA,IAAS,EAAC,EAAI,GAAG,KAAK,CAAA;AAC3D,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,OAAA,CAAQ,IAAA,EAAc,OAAA,EAAc,OAAA,EAGlB;AAChB,IAAA,MAAM,IAAA,GAAmB;AAAA,MACvB,IAAA;AAAA,MACA,OAAA;AAAA,MACA,GAAG;AAAA,KACL;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAC,GAAI,KAAK,MAAA,CAAO,KAAA,IAAS,EAAC,EAAI,IAAI,CAAA;AACvD,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,KAAA,EAMQ;AAChB,IAAA,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,MAAA,EAAQ,KAAK,CAAA;AAChC,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA,GAAgB;AAEd,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAC,IAAA,CAAK,OAAO,OAAA,EAAS;AAC7C,MAAA,MAAM,IAAI,MAAM,sCAAsC,CAAA;AAAA,IACxD;AAEA,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AACF;AAOO,IAAM,gBAAN,MAAoB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMzB,OAAO,cAAA,CAAe,SAAA,EAAmB,OAAA,EAOhC;AACP,IAAA,MAAM,GAAA,GAAM,IAAI,IAAA,EAAK;AACrB,IAAiB,OAAA,EAAS,QAAA,IAAY,CAAA,CAAA,EAAI,SAAA,CAAU,aAAa,CAAA;AAGjE,IAAA,GAAA,CAAI,GAAA,CAAI,GAAA,EAAK,OAAO,CAAA,KAAM;AAExB,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,SAAS,CAAA,KAAA,EAAQ,SAAS,UAAU,CAAA;AAAA,IACtD,CAAC,CAAA;AAGD,IAAA,GAAA,CAAI,GAAA,CAAI,MAAA,EAAQ,OAAO,CAAA,KAAM;AAC3B,MAAA,MAAM,EAAA,GAAK,CAAA,CAAE,GAAA,CAAI,KAAA,CAAM,IAAI,CAAA;AAC3B,MAAA,OAAO,CAAA,CAAE,KAAK,EAAE,OAAA,EAAS,OAAO,SAAS,CAAA,UAAA,EAAa,EAAE,CAAA,CAAA,EAAI,CAAA;AAAA,IAC9D,CAAC,CAAA;AAGD,IAAA,GAAA,CAAI,IAAA,CAAK,GAAA,EAAK,OAAO,CAAA,KAAM;AACzB,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,SAAS,CAAA,WAAA,EAAc,SAAS,IAAI,CAAA;AAAA,IACtD,CAAC,CAAA;AAGD,IAAA,GAAA,CAAI,GAAA,CAAI,MAAA,EAAQ,OAAO,CAAA,KAAM;AAC3B,MAAA,MAAM,EAAA,GAAK,CAAA,CAAE,GAAA,CAAI,KAAA,CAAM,IAAI,CAAA;AAC3B,MAAA,OAAO,CAAA,CAAE,KAAK,EAAE,OAAA,EAAS,UAAU,SAAS,CAAA,UAAA,EAAa,EAAE,CAAA,CAAA,EAAI,CAAA;AAAA,IACjE,CAAC,CAAA;AAGD,IAAA,GAAA,CAAI,MAAA,CAAO,MAAA,EAAQ,OAAO,CAAA,KAAM;AAC9B,MAAA,MAAM,EAAA,GAAK,CAAA,CAAE,GAAA,CAAI,KAAA,CAAM,IAAI,CAAA;AAC3B,MAAA,OAAO,CAAA,CAAE,KAAK,EAAE,OAAA,EAAS,UAAU,SAAS,CAAA,UAAA,EAAa,EAAE,CAAA,CAAA,EAAI,CAAA;AAAA,IACjE,CAAC,CAAA;AAED,IAAA,OAAO,GAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,OAAO,oBAAA,CAAqB,SAAA,EAAmB,OAAA,EAY7C;AACA,IAAA,MAAM,QAAA,GAAW,CAAA,OAAA,EAAU,SAAA,CAAU,WAAA,EAAa,CAAA,CAAA;AAClD,IAAA,MAAM,WAAA,GAAc,UAAU,MAAA,CAAO,CAAC,EAAE,WAAA,EAAY,GAAI,SAAA,CAAU,KAAA,CAAM,CAAC,CAAA;AAEzE,IAAA,MAAM,KAAA,GAA2B;AAAA,MAC/B;AAAA,QACE,IAAA,EAAM,QAAA;AAAA,QACN,KAAA,EAAO,GAAG,WAAW,CAAA,KAAA,CAAA;AAAA,QACrB,SAAA,EAAW,GAAG,SAAS,CAAA,IAAA,CAAA;AAAA,QACvB,aAAa,OAAA,EAAS,WAAA;AAAA,QACtB,MAAM,OAAA,EAAS;AAAA,OACjB;AAAA,MACA;AAAA,QACE,IAAA,EAAM,GAAG,QAAQ,CAAA,IAAA,CAAA;AAAA,QACjB,KAAA,EAAO,OAAO,WAAW,CAAA,CAAA;AAAA,QACzB,SAAA,EAAW,GAAG,SAAS,CAAA,IAAA,CAAA;AAAA,QACvB,aAAa,OAAA,EAAS;AAAA,OACxB;AAAA,MACA;AAAA,QACE,IAAA,EAAM,GAAG,QAAQ,CAAA,IAAA,CAAA;AAAA,QACjB,KAAA,EAAO,QAAQ,WAAW,CAAA,CAAA;AAAA,QAC1B,SAAA,EAAW,GAAG,SAAS,CAAA,IAAA,CAAA;AAAA,QACvB,aAAa,OAAA,EAAS;AAAA;AACxB,KACF;AAEA,IAAA,MAAM,SAAA,GAA8B;AAAA,MAClC;AAAA,QACE,KAAA,EAAO,WAAA;AAAA,QACP,IAAA,EAAM,QAAA;AAAA,QACN,MAAM,OAAA,EAAS,IAAA;AAAA,QACf,aAAa,OAAA,EAAS;AAAA;AACxB,KACF;AAEA,IAAA,OAAO,EAAE,OAAO,SAAA,EAAU;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,eAAA,CAAgB,SAAA,EAAmB,MAAA,EAO9B;AACV,IAAA,MAAM,OAAA,GAAU,MAAA,CAAO,GAAA,CAAI,CAAA,KAAA,KAAS;AAClC,MAAA,IAAI,aAAa,CAAA,EAAG,KAAA,CAAM,IAAI,CAAA,CAAA,EAAI,MAAM,IAAI,CAAA,CAAA;AAE5C,MAAA,IAAI,KAAA,CAAM,YAAY,UAAA,IAAc,cAAA;AACpC,MAAA,IAAI,KAAA,CAAM,QAAQ,UAAA,IAAc,SAAA;AAChC,MAAA,IAAI,CAAC,KAAA,CAAM,QAAA,IAAY,CAAC,KAAA,CAAM,YAAY,UAAA,IAAc,WAAA;AACxD,MAAA,IAAI,KAAA,CAAM,YAAA,EAAc,UAAA,IAAc,CAAA,SAAA,EAAY,MAAM,YAAY,CAAA,CAAA;AAEpE,MAAA,OAAO,UAAA;AAAA,IACT,CAAC,CAAA,CAAE,IAAA,CAAK,OAAO,CAAA;AAEf,IAAA,OAAO;AAAA,2BAAA,EACkB,SAAS,CAAA;AAAA,EAAA,EAClC,OAAO,CAAA;AAAA;AAAA;AAAA;;AAAA,6BAAA,EAKoB,SAAS,CAAA;AAAA,kBAAA,EACpB,SAAS;AAAA;AAAA,SAAA,EAElB,SAAS,CAAA;AAAA;AAAA,IAAA,CAAA,CAEd,IAAA,EAAK;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,aAAa,MAAA,EAQH;AACf,IAAA,MAAM,QAAsC,EAAC;AAE7C,IAAA,MAAM,eAAA,GAAkB,CAAC,KAAA,EAAY,MAAA,KAAyB;AAC5D,MAAA,IAAI,MAAM,UAAA,EAAY;AACpB,QAAA,IAAI,KAAA,CAAM,IAAA,KAAS,QAAA,IAAY,KAAA,CAAM,WAAW,GAAA,EAAK;AACnD,UAAA,MAAA,GAAU,MAAA,CAAuB,GAAA,CAAI,KAAA,CAAM,UAAA,CAAW,GAAG,CAAA;AAAA,QAC3D;AACA,QAAA,IAAI,KAAA,CAAM,IAAA,KAAS,QAAA,IAAY,KAAA,CAAM,WAAW,GAAA,EAAK;AACnD,UAAA,MAAA,GAAU,MAAA,CAAuB,GAAA,CAAI,KAAA,CAAM,UAAA,CAAW,GAAG,CAAA;AAAA,QAC3D;AACA,QAAA,IAAI,KAAA,CAAM,IAAA,KAAS,QAAA,IAAY,KAAA,CAAM,WAAW,KAAA,EAAO;AACrD,UAAA,MAAA,GAAU,OAAuB,KAAA,EAAM;AAAA,QACzC;AACA,QAAA,IAAI,KAAA,CAAM,IAAA,KAAS,QAAA,IAAY,KAAA,CAAM,WAAW,GAAA,EAAK;AACnD,UAAA,MAAA,GAAU,OAAuB,GAAA,EAAI;AAAA,QACvC;AAAA,MACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAA;AAEA,IAAA,MAAM,WAAA,GAAc,CAAC,KAAA,KAA6B;AAChD,MAAA,IAAI,MAAA;AAEJ,MAAA,QAAQ,MAAM,IAAA;AAAM,QAClB,KAAK,QAAA;AACH,UAAA,MAAA,GAAS,EAAE,MAAA,EAAO;AAClB,UAAA;AAAA,QACF,KAAK,QAAA;AACH,UAAA,MAAA,GAAS,EAAE,MAAA,EAAO;AAClB,UAAA;AAAA,QACF,KAAK,SAAA;AACH,UAAA,MAAA,GAAS,EAAE,OAAA,EAAQ;AACnB,UAAA;AAAA,QACF,KAAK,MAAA;AACH,UAAA,MAAA,GAAS,EAAE,IAAA,EAAK;AAChB,UAAA;AAAA,QACF,KAAK,OAAA;AACH,UAAA,IAAI,MAAM,KAAA,EAAO,MAAA,IAAU,OAAO,KAAA,CAAM,KAAA,CAAM,WAAW,QAAA,EAAU;AACjE,YAAA,MAAM,aAAA,GAAgB,OAAO,KAAA,CAAM,KAAA,CAAM,aAAA,KAAkB,QAAA,IAAY,KAAA,CAAM,KAAA,CAAM,aAAA,GAC/E,KAAA,CAAM,KAAA,CAAM,aAAA,GACZ,WAAA;AACJ,YAAA,MAAM,YAAA,GAAe,MAAA,CAAO,OAAA,CAAQ,KAAA,CAAM,KAAA,CAAM,MAAM,CAAA,CAAE,GAAA,CAAI,CAAC,CAAC,SAAA,EAAW,QAAQ,CAAA,KAAqB;AACpG,cAAA,MAAM,UAAA,GAAa,UAAU,UAAA,IAAc,OAAO,SAAS,UAAA,KAAe,QAAA,GACtE,QAAA,CAAS,UAAA,GACT,EAAC;AACL,cAAA,MAAM,UAAA,GAA2C;AAAA,gBAC/C,CAAC,aAAa,GAAG,CAAA,CAAE,QAAQ,SAAS;AAAA,eACtC;AAEA,cAAA,MAAA,CAAO,OAAA,CAAQ,UAAU,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,YAAA,EAAc,iBAAiB,CAAA,KAAM;AACxE,gBAAA,MAAM,iBAAiB,iBAAA,IAAqB,OAAO,iBAAA,KAAsB,QAAA,GACrE,oBACA,EAAC;AACL,gBAAA,MAAM,iBAAiB,WAAA,CAAY;AAAA,kBACjC,GAAG,cAAA;AAAA,kBACH,QAAA,EAAU,eAAe,QAAA,KAAa;AAAA,iBACvC,CAAA;AACD,gBAAA,UAAA,CAAW,YAAY,CAAA,GAAI,cAAA;AAAA,cAC7B,CAAC,CAAA;AAED,cAAA,OAAO,CAAA,CAAE,OAAO,UAAU,CAAA;AAAA,YAC5B,CAAC,CAAA;AAED,YAAA,IAAI,YAAA,CAAa,MAAA,KAAW,CAAA,IAAK,YAAA,CAAa,CAAC,CAAA,EAAG;AAChD,cAAA,MAAA,GAAS,CAAA,CAAE,KAAA,CAAM,YAAA,CAAa,CAAC,CAAC,CAAA;AAAA,YAClC,CAAA,MAAA,IAAW,YAAA,CAAa,MAAA,GAAS,CAAA,EAAG;AAClC,cAAA,MAAA,GAAS,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,KAAA,CAAM,YAA0E,CAAC,CAAA;AAAA,YACtG,CAAA,MAAO;AACL,cAAA,MAAA,GAAS,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,GAAA,EAAK,CAAA;AAAA,YAC1B;AACA,YAAA;AAAA,UACF;AACA,UAAA,IAAI,MAAM,KAAA,EAAO;AACf,YAAA,MAAA,GAAS,CAAA,CAAE,KAAA,CAAM,WAAA,CAAY,KAAA,CAAM,KAAK,CAAC,CAAA;AACzC,YAAA;AAAA,UACF;AACA,UAAA,MAAA,GAAS,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,GAAA,EAAK,CAAA;AACxB,UAAA;AAAA,QACF,KAAK,QAAA;AACH,UAAA,IAAI,KAAA,CAAM,UAAA,IAAc,OAAO,KAAA,CAAM,eAAe,QAAA,EAAU;AAC5D,YAAA,MAAM,cAA4C,EAAC;AACnD,YAAA,MAAA,CAAO,OAAA,CAAQ,MAAM,UAAU,CAAA,CAAE,QAAQ,CAAC,CAAC,YAAA,EAAc,iBAAiB,CAAA,KAAM;AAC9E,cAAA,MAAM,iBAAiB,iBAAA,IAAqB,OAAO,iBAAA,KAAsB,QAAA,GACrE,oBACA,EAAC;AACL,cAAA,WAAA,CAAY,YAAY,IAAI,WAAA,CAAY;AAAA,gBACtC,GAAG,cAAA;AAAA,gBACH,QAAA,EAAU,eAAe,QAAA,KAAa;AAAA,eACvC,CAAA;AAAA,YACH,CAAC,CAAA;AACD,YAAA,MAAA,GAAS,CAAA,CAAE,OAAO,WAAW,CAAA;AAC7B,YAAA;AAAA,UACF;AACA,UAAA,MAAA,GAAS,CAAA,CAAE,MAAA,CAAO,EAAE,CAAA;AACpB,UAAA;AAAA,QACF;AACE,UAAA,MAAA,GAAS,EAAE,GAAA,EAAI;AAAA;AAGnB,MAAA,MAAA,GAAS,eAAA,CAAgB,OAAO,MAAM,CAAA;AAEtC,MAAA,IAAI,KAAA,CAAM,QAAA,IAAY,KAAA,CAAM,QAAA,KAAa,KAAA,EAAO;AAC9C,QAAA,MAAA,GAAS,OAAO,QAAA,EAAS;AAAA,MAC3B;AAEA,MAAA,OAAO,MAAA;AAAA,IACT,CAAA;AAEA,IAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC1B,MAAA,KAAA,CAAM,KAAA,CAAM,IAAI,CAAA,GAAI,WAAA,CAAY,KAAK,CAAA;AAAA,IACvC;AAEA,IAAA,OAAO,CAAA,CAAE,OAAO,KAAK,CAAA;AAAA,EACvB;AACF;;;ACjkBA,IAAA,gBAAA,GAAA;AAAA,EACE,EAAA,EAAM,WAAA;AAAA,EACN,IAAA,EAAQ,sBAAA;AAAA,EACR,WAAA,EAAe,sGAAA;AAAA,EACf,OAAA,EAAW,OAAA;AAAA,EACX,MAAA,EAAU,SAAA;AAAA,EACV,QAAA,EAAY,UAAA;AAAA,EACZ,IAAA,EAAQ,cAAA;AAAA,EACR,QAAA,EAAY,8CAAA;AAAA,EACZ,UAAA,EAAc,oCAAA;AAAA,EACd,OAAA,EAAW,KAAA;AAAA,EACX,WAAA,EAAe;AAAA,IACb,gBAAA;AAAA,IACA;AAAA,GACF;AAAA,EACA,cAAgB,EAAC;AAAA,EACjB,YAAA,EAAgB;AAAA,IACd,OAAA,EAAW;AAAA,MACT,IAAA,EAAQ,QAAA;AAAA,MACR,KAAA,EAAS,UAAA;AAAA,MACT,WAAA,EAAe,6CAAA;AAAA,MACf,QAAA,EAAY;AAAA,KACd;AAAA,IACA,SAAA,EAAa;AAAA,MACX,IAAA,EAAQ,QAAA;AAAA,MACR,KAAA,EAAS,YAAA;AAAA,MACT,WAAA,EAAe,gDAAA;AAAA,MACf,QAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAa;AAAA,KACf;AAAA,IACA,KAAA,EAAS;AAAA,MACP,IAAA,EAAQ,QAAA;AAAA,MACR,KAAA,EAAS,cAAA;AAAA,MACT,WAAA,EAAe,uCAAA;AAAA,MACf,OAAA,EAAW,MAAA;AAAA,MACX,OAAA,EAAW;AAAA,QACT;AAAA,UACE,KAAA,EAAS,OAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,MAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,MAAA;AAAA,UACT,KAAA,EAAS;AAAA;AACX;AACF,KACF;AAAA,IACA,IAAA,EAAQ;AAAA,MACN,IAAA,EAAQ,QAAA;AAAA,MACR,KAAA,EAAS,aAAA;AAAA,MACT,WAAA,EAAe,8BAAA;AAAA,MACf,OAAA,EAAW,QAAA;AAAA,MACX,OAAA,EAAW;AAAA,QACT;AAAA,UACE,KAAA,EAAS,QAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,SAAA;AAAA,UACT,KAAA,EAAS;AAAA;AACX;AACF,KACF;AAAA,IACA,IAAA,EAAQ;AAAA,MACN,IAAA,EAAQ,QAAA;AAAA,MACR,KAAA,EAAS,aAAA;AAAA,MACT,WAAA,EAAe,8GAAA;AAAA,MACf,OAAA,EAAW,SAAA;AAAA,MACX,OAAA,EAAW;AAAA,QACT;AAAA,UACE,KAAA,EAAS,SAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,iBAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,WAAA;AAAA,UACT,KAAA,EAAS;AAAA;AACX;AACF,KACF;AAAA,IACA,UAAA,EAAc;AAAA,MACZ,IAAA,EAAQ,QAAA;AAAA,MACR,KAAA,EAAS,YAAA;AAAA,MACT,WAAA,EAAe,0JAAA;AAAA,MACf,OAAA,EAAW,QAAA;AAAA,MACX,OAAA,EAAW;AAAA,QACT;AAAA,UACE,KAAA,EAAS,QAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,SAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,kBAAA;AAAA,UACT,KAAA,EAAS;AAAA;AACX;AACF,KACF;AAAA,IACA,YAAA,EAAgB;AAAA,MACd,IAAA,EAAQ,SAAA;AAAA,MACR,KAAA,EAAS,sBAAA;AAAA,MACT,WAAA,EAAe,2HAAA;AAAA,MACf,OAAA,EAAW;AAAA,KACb;AAAA,IACA,iBAAA,EAAqB;AAAA,MACnB,IAAA,EAAQ,QAAA;AAAA,MACR,KAAA,EAAS,qBAAA;AAAA,MACT,WAAA,EAAe,kHAAA;AAAA,MACf,OAAA,EAAW,SAAA;AAAA,MACX,OAAA,EAAW;AAAA,QACT;AAAA,UACE,KAAA,EAAS,aAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,SAAA;AAAA,UACT,KAAA,EAAS;AAAA,SACX;AAAA,QACA;AAAA,UACE,KAAA,EAAS,iBAAA;AAAA,UACT,KAAA,EAAS;AAAA;AACX;AACF,KACF;AAAA,IACA,OAAA,EAAW;AAAA,MACT,IAAA,EAAQ,SAAA;AAAA,MACR,KAAA,EAAS,kBAAA;AAAA,MACT,WAAA,EAAe,mDAAA;AAAA,MACf,OAAA,EAAW;AAAA;AACb,GACF;AAAA,EACA,SAAA,EAAa;AAAA,IACX,KAAA,EAAS,WAAA;AAAA,IACT,IAAA,EAAQ,cAAA;AAAA,IACR,IAAA,EAAQ,mCAAA;AAAA,IACR,QAAA,EAAY,SAAA;AAAA,IACZ,KAAA,EAAS;AAAA,GACX;AAAA,EACA,QAAA,EAAY,kBAAA;AAAA,EACZ,SAAA,EAAa,iBAAA;AAAA,EACb,OAAA,EAAW,IAAA;AAAA,EACX,eAAA,EAAmB;AAAA,IACjB,OAAA,EAAW,EAAA;AAAA,IACX,SAAA,EAAa,EAAA;AAAA,IACb,KAAA,EAAS,MAAA;AAAA,IACT,IAAA,EAAQ,QAAA;AAAA,IACR,IAAA,EAAQ,SAAA;AAAA,IACR,UAAA,EAAc,QAAA;AAAA,IACd,mBAAA,EAAuB,KAAA;AAAA,IACvB,iBAAA,EAAqB,SAAA;AAAA,IACrB,OAAA,EAAW;AAAA;AAEf;;;ACzIO,IAAM,mBAAN,MAAuB;AAAA,EACpB,EAAA;AAAA,EACS,UAAA,GAAa,2DAAA;AAAA,EAE9B,YAAY,EAAA,EAAgB;AAC1B,IAAA,IAAA,CAAK,EAAA,GAAK,EAAA;AAAA,EACZ;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAA,GAAiD;AACrD,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,EAAA,CACvB,OAAA,CAAQ,CAAA,iDAAA,CAAmD,CAAA,CAC3D,IAAA,CAAK,gBAAA,CAAS,EAAE,CAAA,CAChB,KAAA,EAA4B;AAE/B,MAAA,IAAI,CAAC,MAAA,IAAU,CAAC,MAAA,CAAO,QAAA,EAAU;AAC/B,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO,IAAA,CAAK,KAAA,CAAM,MAAA,CAAO,QAAQ,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,qCAAqC,KAAK,CAAA;AACxD,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAA,CAAY,KAAA,EAAe,QAAA,EAAkE;AACjG,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,WAAA,EAAY;AAExC,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,0BAAA,EAA2B;AAAA,MAC7D;AAEA,MAAA,IAAI,CAAC,SAAS,OAAA,EAAS;AAErB,QAAA,OAAO,EAAE,SAAS,IAAA,EAAK;AAAA,MACzB;AAEA,MAAA,IAAI,CAAC,SAAS,SAAA,EAAW;AACvB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,qCAAA,EAAsC;AAAA,MACxE;AAEA,MAAA,MAAM,QAAA,GAAW,IAAI,QAAA,EAAS;AAC9B,MAAA,QAAA,CAAS,MAAA,CAAO,QAAA,EAAU,QAAA,CAAS,SAAS,CAAA;AAC5C,MAAA,QAAA,CAAS,MAAA,CAAO,YAAY,KAAK,CAAA;AACjC,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,QAAA,CAAS,MAAA,CAAO,YAAY,QAAQ,CAAA;AAAA,MACtC;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,IAAA,CAAK,UAAA,EAAY;AAAA,QAC5C,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAED,MAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,uCAAA,EAAwC;AAAA,MAC1E;AAEA,MAAA,MAAM,MAAA,GAAwC,MAAM,QAAA,CAAS,IAAA,EAAK;AAElE,MAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,QAAA,MAAM,SAAA,GAAY,MAAA,CAAO,aAAa,CAAA,GAAI,CAAC,CAAA,IAAK,eAAA;AAChD,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,CAAA,+BAAA,EAAkC,SAAS,CAAA,CAAA,EAAG;AAAA,MAChF;AAEA,MAAA,OAAO,EAAE,SAAS,IAAA,EAAK;AAAA,IACzB,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,oCAAoC,KAAK,CAAA;AACvD,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,8BAAA,EAA+B;AAAA,IACjE;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,QAAA,EAA4C;AAC7D,IAAA,IAAI;AACF,MAAA,MAAM,KAAK,EAAA,CACR,OAAA,CAAQ,CAAA,4DAAA,CAA8D,CAAA,CACtE,KAAK,IAAA,CAAK,SAAA,CAAU,QAAQ,CAAA,EAAG,KAAK,GAAA,EAAI,EAAG,gBAAA,CAAS,EAAE,EACtD,GAAA,EAAI;AACP,MAAA,OAAA,CAAQ,IAAI,uCAAuC,CAAA;AAAA,IACrD,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,oCAAoC,KAAK,CAAA;AACvD,MAAA,MAAM,IAAI,MAAM,mCAAmC,CAAA;AAAA,IACrD;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAA,GAA8B;AAClC,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,WAAA,EAAY;AACxC,IAAA,OAAO,QAAA,EAAU,YAAY,IAAA,IAAQ,CAAC,CAAC,QAAA,CAAS,OAAA,IAAW,CAAC,CAAC,QAAA,CAAS,SAAA;AAAA,EACxE;AACF","file":"chunk-EXNEW5US.js","sourcesContent":["/**\n * Plugin Builder SDK\n *\n * Provides a fluent API for building SonicJS plugins\n *\n * @packageDocumentation\n */\n\nimport { Hono } from 'hono'\nimport { z } from 'zod'\nimport { Plugin, PluginBuilderOptions, PluginRoutes, PluginMiddleware, PluginModel, PluginService, PluginAdminPage, PluginComponent, PluginHook, PluginMenuItem } from '../types'\n\n/**\n * Fluent builder for creating SonicJS plugins.\n *\n * @beta This API is in beta and may change in future releases.\n *\n * @example\n * ```typescript\n * import { PluginBuilder } from '@sonicjs-cms/core'\n *\n * const plugin = PluginBuilder.create({\n * name: 'my-plugin',\n * version: '1.0.0',\n * description: 'My custom plugin'\n * })\n * .addRoute('/api/my-plugin', routes)\n * .addHook('content:save', handler)\n * .lifecycle({ activate: async () => console.log('Activated!') })\n * .build()\n * ```\n */\nexport class PluginBuilder {\n private plugin: Partial<Plugin>\n\n constructor(options: PluginBuilderOptions) {\n this.plugin = {\n name: options.name,\n version: options.version,\n description: options.description,\n author: options.author,\n dependencies: options.dependencies,\n routes: [],\n middleware: [],\n models: [],\n services: [],\n adminPages: [],\n adminComponents: [],\n menuItems: [],\n hooks: []\n }\n }\n\n /**\n * Create a new plugin builder\n */\n static create(options: PluginBuilderOptions): PluginBuilder {\n return new PluginBuilder(options)\n }\n\n /**\n * Add metadata to the plugin\n */\n metadata(metadata: {\n description?: string\n author?: Plugin['author']\n license?: string\n compatibility?: string\n dependencies?: string[]\n }): PluginBuilder {\n Object.assign(this.plugin, metadata)\n return this\n }\n\n /**\n * Add routes to plugin\n */\n addRoutes(routes: PluginRoutes[]): PluginBuilder {\n this.plugin.routes = [...(this.plugin.routes || []), ...routes]\n return this\n }\n\n /**\n * Add a single route to plugin\n */\n addRoute(path: string, handler: Hono, options?: {\n description?: string\n requiresAuth?: boolean\n roles?: string[]\n priority?: number\n }): PluginBuilder {\n const route: PluginRoutes = {\n path,\n handler,\n ...options\n }\n this.plugin.routes = [...(this.plugin.routes || []), route]\n return this\n }\n\n /**\n * Add middleware to plugin\n */\n addMiddleware(middleware: PluginMiddleware[]): PluginBuilder {\n this.plugin.middleware = [...(this.plugin.middleware || []), ...middleware]\n return this\n }\n\n /**\n * Add a single middleware to plugin\n */\n addSingleMiddleware(name: string, handler: any, options?: {\n description?: string\n priority?: number\n routes?: string[]\n global?: boolean\n }): PluginBuilder {\n const middleware: PluginMiddleware = {\n name,\n handler,\n ...options\n }\n this.plugin.middleware = [...(this.plugin.middleware || []), middleware]\n return this\n }\n\n /**\n * Add models to plugin\n */\n addModels(models: PluginModel[]): PluginBuilder {\n this.plugin.models = [...(this.plugin.models || []), ...models]\n return this\n }\n\n /**\n * Add a single model to plugin\n */\n addModel(name: string, options: {\n tableName: string\n schema: z.ZodSchema\n migrations: string[]\n relationships?: PluginModel['relationships']\n extendsContent?: boolean\n }): PluginBuilder {\n const model: PluginModel = {\n name,\n ...options\n }\n this.plugin.models = [...(this.plugin.models || []), model]\n return this\n }\n\n /**\n * Add services to plugin\n */\n addServices(services: PluginService[]): PluginBuilder {\n this.plugin.services = [...(this.plugin.services || []), ...services]\n return this\n }\n\n /**\n * Add a single service to plugin\n */\n addService(name: string, implementation: any, options?: {\n description?: string\n dependencies?: string[]\n singleton?: boolean\n }): PluginBuilder {\n const service: PluginService = {\n name,\n implementation,\n ...options\n }\n this.plugin.services = [...(this.plugin.services || []), service]\n return this\n }\n\n /**\n * Add admin pages to plugin\n */\n addAdminPages(pages: PluginAdminPage[]): PluginBuilder {\n this.plugin.adminPages = [...(this.plugin.adminPages || []), ...pages]\n return this\n }\n\n /**\n * Add a single admin page to plugin\n */\n addAdminPage(path: string, title: string, component: string, options?: {\n description?: string\n permissions?: string[]\n icon?: string\n menuItem?: PluginMenuItem\n }): PluginBuilder {\n const page: PluginAdminPage = {\n path,\n title,\n component,\n ...options\n }\n this.plugin.adminPages = [...(this.plugin.adminPages || []), page]\n return this\n }\n\n /**\n * Add admin components to plugin\n */\n addComponents(components: PluginComponent[]): PluginBuilder {\n this.plugin.adminComponents = [...(this.plugin.adminComponents || []), ...components]\n return this\n }\n\n /**\n * Add a single admin component to plugin\n */\n addComponent(name: string, template: (props: any) => string, options?: {\n description?: string\n propsSchema?: z.ZodSchema\n }): PluginBuilder {\n const component: PluginComponent = {\n name,\n template,\n ...options\n }\n this.plugin.adminComponents = [...(this.plugin.adminComponents || []), component]\n return this\n }\n\n /**\n * Add menu items to plugin\n */\n addMenuItems(items: PluginMenuItem[]): PluginBuilder {\n this.plugin.menuItems = [...(this.plugin.menuItems || []), ...items]\n return this\n }\n\n /**\n * Add a single menu item to plugin\n */\n addMenuItem(label: string, path: string, options?: {\n icon?: string\n order?: number\n parent?: string\n permissions?: string[]\n }): PluginBuilder {\n const menuItem: PluginMenuItem = {\n label,\n path,\n ...options\n }\n this.plugin.menuItems = [...(this.plugin.menuItems || []), menuItem]\n return this\n }\n\n /**\n * Add hooks to plugin\n */\n addHooks(hooks: PluginHook[]): PluginBuilder {\n this.plugin.hooks = [...(this.plugin.hooks || []), ...hooks]\n return this\n }\n\n /**\n * Add a single hook to plugin\n */\n addHook(name: string, handler: any, options?: {\n priority?: number\n description?: string\n }): PluginBuilder {\n const hook: PluginHook = {\n name,\n handler,\n ...options\n }\n this.plugin.hooks = [...(this.plugin.hooks || []), hook]\n return this\n }\n\n /**\n * Add lifecycle hooks\n */\n lifecycle(hooks: {\n install?: Plugin['install']\n uninstall?: Plugin['uninstall']\n activate?: Plugin['activate']\n deactivate?: Plugin['deactivate']\n configure?: Plugin['configure']\n }): PluginBuilder {\n Object.assign(this.plugin, hooks)\n return this\n }\n\n /**\n * Build the plugin\n */\n build(): Plugin {\n // Validate required fields\n if (!this.plugin.name || !this.plugin.version) {\n throw new Error('Plugin name and version are required')\n }\n\n return this.plugin as Plugin\n }\n}\n\n/**\n * Helper functions for common plugin patterns.\n *\n * @beta This API is in beta and may change in future releases.\n */\nexport class PluginHelpers {\n /**\n * Create a REST API route for a model.\n *\n * @experimental This method returns placeholder routes. Full implementation coming soon.\n */\n static createModelAPI(modelName: string, options?: {\n basePath?: string\n permissions?: {\n read?: string[]\n write?: string[]\n delete?: string[]\n }\n }): Hono {\n const app = new Hono()\n const basePath = options?.basePath || `/${modelName.toLowerCase()}`\n\n // GET /models - List all\n app.get('/', async (c) => {\n // Implementation would depend on the model service\n return c.json({ message: `List ${modelName} items` })\n })\n\n // GET /models/:id - Get by ID\n app.get('/:id', async (c) => {\n const id = c.req.param('id')\n return c.json({ message: `Get ${modelName} with ID: ${id}` })\n })\n\n // POST /models - Create new\n app.post('/', async (c) => {\n return c.json({ message: `Create new ${modelName}` })\n })\n\n // PUT /models/:id - Update\n app.put('/:id', async (c) => {\n const id = c.req.param('id')\n return c.json({ message: `Update ${modelName} with ID: ${id}` })\n })\n\n // DELETE /models/:id - Delete\n app.delete('/:id', async (c) => {\n const id = c.req.param('id')\n return c.json({ message: `Delete ${modelName} with ID: ${id}` })\n })\n\n return app\n }\n\n /**\n * Create an admin CRUD interface for a model.\n *\n * @experimental This method generates basic admin page structures. Full implementation coming soon.\n */\n static createAdminInterface(modelName: string, options?: {\n icon?: string\n permissions?: string[]\n fields?: Array<{\n name: string\n type: string\n label: string\n required?: boolean\n }>\n }): {\n pages: PluginAdminPage[]\n menuItems: PluginMenuItem[]\n } {\n const basePath = `/admin/${modelName.toLowerCase()}`\n const displayName = modelName.charAt(0).toUpperCase() + modelName.slice(1)\n\n const pages: PluginAdminPage[] = [\n {\n path: basePath,\n title: `${displayName} List`,\n component: `${modelName}List`,\n permissions: options?.permissions,\n icon: options?.icon\n },\n {\n path: `${basePath}/new`,\n title: `New ${displayName}`,\n component: `${modelName}Form`,\n permissions: options?.permissions\n },\n {\n path: `${basePath}/:id`,\n title: `Edit ${displayName}`,\n component: `${modelName}Form`,\n permissions: options?.permissions\n }\n ]\n\n const menuItems: PluginMenuItem[] = [\n {\n label: displayName,\n path: basePath,\n icon: options?.icon,\n permissions: options?.permissions\n }\n ]\n\n return { pages, menuItems }\n }\n\n /**\n * Create a database migration for a model\n */\n static createMigration(tableName: string, fields: Array<{\n name: string\n type: 'TEXT' | 'INTEGER' | 'REAL' | 'BLOB'\n nullable?: boolean\n primaryKey?: boolean\n unique?: boolean\n defaultValue?: string\n }>): string {\n const columns = fields.map(field => {\n let definition = `${field.name} ${field.type}`\n \n if (field.primaryKey) definition += ' PRIMARY KEY'\n if (field.unique) definition += ' UNIQUE'\n if (!field.nullable && !field.primaryKey) definition += ' NOT NULL'\n if (field.defaultValue) definition += ` DEFAULT ${field.defaultValue}`\n \n return definition\n }).join(',\\n ')\n\n return `\nCREATE TABLE IF NOT EXISTS ${tableName} (\n ${columns},\n created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now')),\n updated_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))\n);\n\nCREATE TRIGGER IF NOT EXISTS ${tableName}_updated_at\n AFTER UPDATE ON ${tableName}\nBEGIN\n UPDATE ${tableName} SET updated_at = strftime('%s', 'now') WHERE id = NEW.id;\nEND;\n `.trim()\n }\n\n /**\n * Create a Zod schema for a model\n */\n static createSchema(fields: Array<{\n name: string\n type: 'string' | 'number' | 'boolean' | 'date' | 'array' | 'object'\n optional?: boolean\n required?: boolean\n validation?: any\n items?: any\n properties?: Record<string, any>\n }>): z.ZodSchema {\n const shape: Record<string, z.ZodTypeAny> = {}\n\n const applyValidation = (field: any, schema: z.ZodTypeAny) => {\n if (field.validation) {\n if (field.type === 'string' && field.validation.min) {\n schema = (schema as z.ZodString).min(field.validation.min)\n }\n if (field.type === 'string' && field.validation.max) {\n schema = (schema as z.ZodString).max(field.validation.max)\n }\n if (field.type === 'string' && field.validation.email) {\n schema = (schema as z.ZodString).email()\n }\n if (field.type === 'string' && field.validation.url) {\n schema = (schema as z.ZodString).url()\n }\n }\n return schema\n }\n\n const buildSchema = (field: any): z.ZodTypeAny => {\n let schema: z.ZodTypeAny\n\n switch (field.type) {\n case 'string':\n schema = z.string()\n break\n case 'number':\n schema = z.number()\n break\n case 'boolean':\n schema = z.boolean()\n break\n case 'date':\n schema = z.date()\n break\n case 'array':\n if (field.items?.blocks && typeof field.items.blocks === 'object') {\n const discriminator = typeof field.items.discriminator === 'string' && field.items.discriminator\n ? field.items.discriminator\n : 'blockType'\n const blockSchemas = Object.entries(field.items.blocks).map(([blockName, blockDef]: [string, any]) => {\n const properties = blockDef?.properties && typeof blockDef.properties === 'object'\n ? blockDef.properties\n : {}\n const blockShape: Record<string, z.ZodTypeAny> = {\n [discriminator]: z.literal(blockName)\n }\n\n Object.entries(properties).forEach(([propertyName, propertyConfigRaw]) => {\n const propertyConfig = propertyConfigRaw && typeof propertyConfigRaw === 'object'\n ? propertyConfigRaw as Record<string, any>\n : {}\n const propertySchema = buildSchema({\n ...propertyConfig,\n optional: propertyConfig.required === false\n })\n blockShape[propertyName] = propertySchema\n })\n\n return z.object(blockShape)\n })\n\n if (blockSchemas.length === 1 && blockSchemas[0]) {\n schema = z.array(blockSchemas[0])\n } else if (blockSchemas.length > 1) {\n schema = z.array(z.union(blockSchemas as unknown as [z.ZodTypeAny, z.ZodTypeAny, ...z.ZodTypeAny[]]))\n } else {\n schema = z.array(z.any())\n }\n break\n }\n if (field.items) {\n schema = z.array(buildSchema(field.items))\n break\n }\n schema = z.array(z.any())\n break\n case 'object':\n if (field.properties && typeof field.properties === 'object') {\n const objectShape: Record<string, z.ZodTypeAny> = {}\n Object.entries(field.properties).forEach(([propertyName, propertyConfigRaw]) => {\n const propertyConfig = propertyConfigRaw && typeof propertyConfigRaw === 'object'\n ? propertyConfigRaw as Record<string, any>\n : {}\n objectShape[propertyName] = buildSchema({\n ...propertyConfig,\n optional: propertyConfig.required === false\n })\n })\n schema = z.object(objectShape)\n break\n }\n schema = z.object({})\n break\n default:\n schema = z.any()\n }\n\n schema = applyValidation(field, schema)\n\n if (field.optional || field.required === false) {\n schema = schema.optional()\n }\n\n return schema\n }\n\n for (const field of fields) {\n shape[field.name] = buildSchema(field)\n }\n\n return z.object(shape)\n }\n}\n\n/**\n * Common plugin templates for rapid plugin development.\n *\n * @beta This API is in beta and may change in future releases.\n * @experimental Templates are provided as starting points and may require customization.\n */\nexport class PluginTemplates {\n /**\n * Create a simple content type plugin\n */\n static contentType(name: string, fields: Array<{\n name: string\n type: string\n label: string\n required?: boolean\n }>): Plugin {\n const builder = PluginBuilder.create({\n name: `${name}-content-type`,\n version: '1.0.0',\n description: `${name} content type plugin`\n })\n\n // Create model\n const schema = PluginHelpers.createSchema(\n fields.map(f => ({\n name: f.name,\n type: f.type as any,\n optional: !f.required\n }))\n )\n\n const migration = PluginHelpers.createMigration(\n name.toLowerCase(),\n fields.map(f => ({\n name: f.name,\n type: 'TEXT',\n nullable: !f.required\n }))\n )\n\n builder.addModel(name, {\n tableName: name.toLowerCase(),\n schema,\n migrations: [migration],\n extendsContent: true\n })\n\n // Create API routes\n const apiRoutes = PluginHelpers.createModelAPI(name)\n builder.addRoute(`/api/${name.toLowerCase()}`, apiRoutes)\n\n // Create admin interface\n const { pages, menuItems } = PluginHelpers.createAdminInterface(name, {\n fields\n })\n builder.addAdminPages(pages)\n builder.addMenuItems(menuItems)\n\n return builder.build()\n }\n\n /**\n * Create an analytics plugin\n */\n static analytics(name: string, options?: {\n endpoints?: string[]\n dashboard?: boolean\n }): Plugin {\n const builder = PluginBuilder.create({\n name: `${name}-analytics`,\n version: '1.0.0',\n description: `${name} analytics plugin`\n })\n\n // Add middleware to track requests\n builder.addSingleMiddleware('analytics-tracker', async (c: any, next: any) => {\n const start = Date.now()\n await next()\n const duration = Date.now() - start\n \n // Log analytics data\n console.info(`Analytics: ${c.req.method} ${c.req.path} - ${duration}ms`)\n }, {\n global: true,\n priority: 1\n })\n\n // Add analytics API\n const analyticsAPI = new Hono()\n analyticsAPI.get('/stats', (c) => {\n return c.json({ message: 'Analytics stats' })\n })\n builder.addRoute('/api/analytics', analyticsAPI)\n\n // Add dashboard if requested\n if (options?.dashboard) {\n builder.addAdminPage(\n '/analytics',\n 'Analytics Dashboard',\n 'AnalyticsDashboard',\n {\n description: 'View analytics and statistics',\n icon: 'chart-bar'\n }\n )\n\n builder.addMenuItem('Analytics', '/admin/analytics', {\n icon: 'chart-bar',\n order: 100\n })\n }\n\n return builder.build()\n }\n}\n","{\n \"id\": \"turnstile\",\n \"name\": \"Cloudflare Turnstile\",\n \"description\": \"CAPTCHA-free bot protection using Cloudflare Turnstile. Provides reusable verification for any form.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS\",\n \"category\": \"security\",\n \"icon\": \"shield-check\",\n \"homepage\": \"https://developers.cloudflare.com/turnstile/\",\n \"repository\": \"https://github.com/sonicjs/sonicjs\",\n \"license\": \"MIT\",\n \"permissions\": [\n \"settings:write\",\n \"admin:access\"\n ],\n \"dependencies\": [],\n \"configSchema\": {\n \"siteKey\": {\n \"type\": \"string\",\n \"label\": \"Site Key\",\n \"description\": \"Your Cloudflare Turnstile site key (public)\",\n \"required\": true\n },\n \"secretKey\": {\n \"type\": \"string\",\n \"label\": \"Secret Key\",\n \"description\": \"Your Cloudflare Turnstile secret key (private)\",\n \"required\": true,\n \"sensitive\": true\n },\n \"theme\": {\n \"type\": \"select\",\n \"label\": \"Widget Theme\",\n \"description\": \"Visual theme for the Turnstile widget\",\n \"default\": \"auto\",\n \"options\": [\n {\n \"value\": \"light\",\n \"label\": \"Light\"\n },\n {\n \"value\": \"dark\",\n \"label\": \"Dark\"\n },\n {\n \"value\": \"auto\",\n \"label\": \"Auto\"\n }\n ]\n },\n \"size\": {\n \"type\": \"select\",\n \"label\": \"Widget Size\",\n \"description\": \"Size of the Turnstile widget\",\n \"default\": \"normal\",\n \"options\": [\n {\n \"value\": \"normal\",\n \"label\": \"Normal\"\n },\n {\n \"value\": \"compact\",\n \"label\": \"Compact\"\n }\n ]\n },\n \"mode\": {\n \"type\": \"select\",\n \"label\": \"Widget Mode\",\n \"description\": \"Managed: Adaptive challenge. Non-Interactive: Always visible, minimal friction. Invisible: No visible widget\",\n \"default\": \"managed\",\n \"options\": [\n {\n \"value\": \"managed\",\n \"label\": \"Managed (Recommended)\"\n },\n {\n \"value\": \"non-interactive\",\n \"label\": \"Non-Interactive\"\n },\n {\n \"value\": \"invisible\",\n \"label\": \"Invisible\"\n }\n ]\n },\n \"appearance\": {\n \"type\": \"select\",\n \"label\": \"Appearance\",\n \"description\": \"When the Turnstile challenge is executed. Always: Verifies immediately. Execute: Challenge on form submit. Interaction Only: Only after user interaction\",\n \"default\": \"always\",\n \"options\": [\n {\n \"value\": \"always\",\n \"label\": \"Always\"\n },\n {\n \"value\": \"execute\",\n \"label\": \"Execute\"\n },\n {\n \"value\": \"interaction-only\",\n \"label\": \"Interaction Only\"\n }\n ]\n },\n \"preClearance\": {\n \"type\": \"boolean\",\n \"label\": \"Enable Pre-clearance\",\n \"description\": \"Issue a clearance cookie that bypasses Cloudflare Firewall Rules (as if the user passed a challenge on your proxied site)\",\n \"default\": false\n },\n \"preClearanceLevel\": {\n \"type\": \"select\",\n \"label\": \"Pre-clearance Level\",\n \"description\": \"Controls which Cloudflare Firewall Rules the clearance cookie bypasses. Only applies if Pre-clearance is enabled\",\n \"default\": \"managed\",\n \"options\": [\n {\n \"value\": \"interactive\",\n \"label\": \"Interactive - Bypasses Interactive, Managed & JS Challenge Rules\"\n },\n {\n \"value\": \"managed\",\n \"label\": \"Managed - Bypasses Managed & JS Challenge Rules\"\n },\n {\n \"value\": \"non-interactive\",\n \"label\": \"Non-interactive - Bypasses JS Challenge Rules only\"\n }\n ]\n },\n \"enabled\": {\n \"type\": \"boolean\",\n \"label\": \"Enable Turnstile\",\n \"description\": \"Enable or disable Turnstile verification globally\",\n \"default\": true\n }\n },\n \"adminMenu\": {\n \"label\": \"Turnstile\",\n \"icon\": \"shield-check\",\n \"href\": \"/admin/plugins/turnstile/settings\",\n \"parentId\": \"plugins\",\n \"order\": 100\n },\n \"codeName\": \"turnstile-plugin\",\n \"iconEmoji\": \"🛡️\",\n \"is_core\": true,\n \"defaultSettings\": {\n \"siteKey\": \"\",\n \"secretKey\": \"\",\n \"theme\": \"auto\",\n \"size\": \"normal\",\n \"mode\": \"managed\",\n \"appearance\": \"always\",\n \"preClearanceEnabled\": false,\n \"preClearanceLevel\": \"managed\",\n \"enabled\": false\n }\n}\n","import type { D1Database } from '@cloudflare/workers-types'\nimport manifest from '../manifest.json'\n\nexport interface TurnstileSettings {\n siteKey: string\n secretKey: string\n theme?: 'light' | 'dark' | 'auto'\n size?: 'normal' | 'compact'\n mode?: 'managed' | 'non-interactive' | 'invisible'\n appearance?: 'always' | 'execute' | 'interaction-only'\n preClearance?: boolean\n preClearanceLevel?: 'interactive' | 'managed' | 'non-interactive'\n enabled: boolean\n}\n\nexport interface TurnstileVerificationResponse {\n success: boolean\n // eslint-disable-next-line @typescript-eslint/naming-convention\n 'error-codes'?: string[] // Cloudflare API uses kebab-case for this field\n challenge_ts?: string\n hostname?: string\n}\n\nexport class TurnstileService {\n private db: D1Database\n private readonly VERIFY_URL = 'https://challenges.cloudflare.com/turnstile/v0/siteverify'\n\n constructor(db: D1Database) {\n this.db = db\n }\n\n /**\n * Get Turnstile settings from database\n */\n async getSettings(): Promise<TurnstileSettings | null> {\n try {\n const plugin = await this.db\n .prepare(`SELECT settings FROM plugins WHERE id = ? LIMIT 1`)\n .bind(manifest.id)\n .first<{ settings: string }>()\n\n if (!plugin || !plugin.settings) {\n return null\n }\n\n return JSON.parse(plugin.settings) as TurnstileSettings\n } catch (error) {\n console.error('Error getting Turnstile settings:', error)\n return null\n }\n }\n\n /**\n * Verify a Turnstile token with Cloudflare\n */\n async verifyToken(token: string, remoteIp?: string): Promise<{ success: boolean; error?: string }> {\n try {\n const settings = await this.getSettings()\n\n if (!settings) {\n return { success: false, error: 'Turnstile not configured' }\n }\n\n if (!settings.enabled) {\n // Turnstile disabled, allow through\n return { success: true }\n }\n\n if (!settings.secretKey) {\n return { success: false, error: 'Turnstile secret key not configured' }\n }\n\n const formData = new FormData()\n formData.append('secret', settings.secretKey)\n formData.append('response', token)\n if (remoteIp) {\n formData.append('remoteip', remoteIp)\n }\n\n const response = await fetch(this.VERIFY_URL, {\n method: 'POST',\n body: formData,\n })\n\n if (!response.ok) {\n return { success: false, error: 'Turnstile verification request failed' }\n }\n\n const result: TurnstileVerificationResponse = await response.json()\n\n if (!result.success) {\n const errorCode = result['error-codes']?.[0] || 'unknown-error'\n return { success: false, error: `Turnstile verification failed: ${errorCode}` }\n }\n\n return { success: true }\n } catch (error) {\n console.error('Error verifying Turnstile token:', error)\n return { success: false, error: 'Turnstile verification error' }\n }\n }\n\n /**\n * Save Turnstile settings to database\n */\n async saveSettings(settings: TurnstileSettings): Promise<void> {\n try {\n await this.db\n .prepare(`UPDATE plugins SET settings = ?, updated_at = ? WHERE id = ?`)\n .bind(JSON.stringify(settings), Date.now(), manifest.id)\n .run()\n console.log('Turnstile settings saved successfully')\n } catch (error) {\n console.error('Error saving Turnstile settings:', error)\n throw new Error('Failed to save Turnstile settings')\n }\n }\n\n /**\n * Check if Turnstile is enabled\n */\n async isEnabled(): Promise<boolean> {\n const settings = await this.getSettings()\n return settings?.enabled === true && !!settings.siteKey && !!settings.secretKey\n }\n}\n"]}