@sonicjs-cms/core 3.0.0-beta.7 → 3.0.0-beta.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (73) hide show
  1. package/dist/{filter-bar.template-DlVYMk-T.d.cts → admin-layout-catalyst.template-DrwDUfsE.d.cts} +25 -1
  2. package/dist/{filter-bar.template-DlVYMk-T.d.ts → admin-layout-catalyst.template-DrwDUfsE.d.ts} +25 -1
  3. package/dist/{chunk-GO2NICMM.cjs → chunk-2FONGKMG.cjs} +237 -237
  4. package/dist/{chunk-GO2NICMM.cjs.map → chunk-2FONGKMG.cjs.map} +1 -1
  5. package/dist/{chunk-GVHST4D7.js → chunk-3WSZNGIK.js} +50 -4
  6. package/dist/chunk-3WSZNGIK.js.map +1 -0
  7. package/dist/{chunk-BDDABDAB.cjs → chunk-4BTBSXMR.cjs} +2 -239
  8. package/dist/chunk-4BTBSXMR.cjs.map +1 -0
  9. package/dist/{chunk-7RY3YKI7.cjs → chunk-7AMFLNK6.cjs} +3 -3
  10. package/dist/{chunk-7RY3YKI7.cjs.map → chunk-7AMFLNK6.cjs.map} +1 -1
  11. package/dist/{chunk-WACUJVXY.cjs → chunk-C5RJWUZX.cjs} +57 -11
  12. package/dist/chunk-C5RJWUZX.cjs.map +1 -0
  13. package/dist/{chunk-2JOMHEKO.js → chunk-E2LLKPFQ.js} +3 -3
  14. package/dist/{chunk-2JOMHEKO.js.map → chunk-E2LLKPFQ.js.map} +1 -1
  15. package/dist/{chunk-5QVYEAVV.cjs → chunk-ITXAUOBC.cjs} +10 -10
  16. package/dist/{chunk-5QVYEAVV.cjs.map → chunk-ITXAUOBC.cjs.map} +1 -1
  17. package/dist/{chunk-2RJDEVB3.cjs → chunk-J46JBAZX.cjs} +2 -2
  18. package/dist/{chunk-2RJDEVB3.cjs.map → chunk-J46JBAZX.cjs.map} +1 -1
  19. package/dist/{chunk-XCPIXYOP.js → chunk-NSE36XKR.js} +4 -4
  20. package/dist/{chunk-XCPIXYOP.js.map → chunk-NSE36XKR.js.map} +1 -1
  21. package/dist/{chunk-WJTMTIYR.js → chunk-PYVFXCSD.js} +255 -3
  22. package/dist/chunk-PYVFXCSD.js.map +1 -0
  23. package/dist/{chunk-OECDF2RF.cjs → chunk-R4ILO3W6.cjs} +258 -2
  24. package/dist/chunk-R4ILO3W6.cjs.map +1 -0
  25. package/dist/{chunk-ZEZ245PW.js → chunk-RQ6N3FTV.js} +3 -236
  26. package/dist/chunk-RQ6N3FTV.js.map +1 -0
  27. package/dist/{chunk-ISIRU7AK.cjs → chunk-RU5TA4J7.cjs} +4 -4
  28. package/dist/{chunk-ISIRU7AK.cjs.map → chunk-RU5TA4J7.cjs.map} +1 -1
  29. package/dist/{chunk-BYCBFBUG.js → chunk-SBVOWPJ5.js} +2 -2
  30. package/dist/{chunk-BYCBFBUG.js.map → chunk-SBVOWPJ5.js.map} +1 -1
  31. package/dist/{chunk-LH7RKNUW.js → chunk-VHYQ67LW.js} +10 -10
  32. package/dist/{chunk-LH7RKNUW.js.map → chunk-VHYQ67LW.js.map} +1 -1
  33. package/dist/{chunk-POGSN5WI.js → chunk-ZHPOJZRR.js} +3 -3
  34. package/dist/{chunk-POGSN5WI.js.map → chunk-ZHPOJZRR.js.map} +1 -1
  35. package/dist/index.cjs +264 -260
  36. package/dist/index.cjs.map +1 -1
  37. package/dist/index.d.cts +2 -1
  38. package/dist/index.d.ts +2 -1
  39. package/dist/index.js +17 -16
  40. package/dist/index.js.map +1 -1
  41. package/dist/middleware.cjs +33 -32
  42. package/dist/middleware.js +4 -3
  43. package/dist/migrations-6MRNHE2W.cjs +13 -0
  44. package/dist/{migrations-TBEFSZIV.cjs.map → migrations-6MRNHE2W.cjs.map} +1 -1
  45. package/dist/migrations-SBX554MG.js +4 -0
  46. package/dist/{migrations-IEWABLIP.js.map → migrations-SBX554MG.js.map} +1 -1
  47. package/dist/plugins.cjs +40 -40
  48. package/dist/plugins.js +3 -3
  49. package/dist/routes.cjs +28 -28
  50. package/dist/routes.js +8 -8
  51. package/dist/services.cjs +42 -42
  52. package/dist/services.d.cts +14 -1
  53. package/dist/services.d.ts +14 -1
  54. package/dist/services.js +3 -3
  55. package/dist/{telemetry-B9vIV4wh.d.cts → telemetry-Cku1ax74.d.cts} +1 -1
  56. package/dist/{telemetry-B9vIV4wh.d.ts → telemetry-Cku1ax74.d.ts} +1 -1
  57. package/dist/templates.d.cts +2 -24
  58. package/dist/templates.d.ts +2 -24
  59. package/dist/types.d.cts +1 -1
  60. package/dist/types.d.ts +1 -1
  61. package/dist/utils.cjs +8 -8
  62. package/dist/utils.d.cts +1 -1
  63. package/dist/utils.d.ts +1 -1
  64. package/dist/utils.js +2 -2
  65. package/package.json +1 -1
  66. package/dist/chunk-BDDABDAB.cjs.map +0 -1
  67. package/dist/chunk-GVHST4D7.js.map +0 -1
  68. package/dist/chunk-OECDF2RF.cjs.map +0 -1
  69. package/dist/chunk-WACUJVXY.cjs.map +0 -1
  70. package/dist/chunk-WJTMTIYR.js.map +0 -1
  71. package/dist/chunk-ZEZ245PW.js.map +0 -1
  72. package/dist/migrations-IEWABLIP.js +0 -4
  73. package/dist/migrations-TBEFSZIV.cjs +0 -13
package/dist/chunk-OECDF2RF.cjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/services/collection-registry.ts","../src/services/collection-loader.ts","../src/middleware/tenant.ts","../src/services/plugin-service.ts","../src/plugins/manifest-registry.ts","../src/services/plugin-bootstrap.ts"],"names":["getCookie","escapeHtml"],"mappings":";;;;;;AAgBO,IAAM,qBAAN,MAAyB;AAAA,EACtB,MAAA,uBAAa,GAAA,EAA8B;AAAA,EAC3C,MAAA,uBAAa,GAAA,EAA8B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMnD,SAAS,OAAA,EAAmC;AAC1C,IAAA,IAAA,CAAK,OAAO,KAAA,EAAM;AAClB,IAAA,IAAA,CAAK,OAAO,KAAA,EAAM;AAClB,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,IAAI,CAAC,OAAO,IAAA,EAAM;AAClB,MAAA,MAAM,MAAA,GAA2B;AAAA,QAC/B,GAAG,MAAA;AAAA,QACH,IAAI,MAAA,CAAO,IAAA;AAAA,QACX,MAAM,MAAA,CAAO,IAAA,IAAQ,OAAO,IAAA,CAAK,OAAA,CAAQ,MAAM,GAAG,CAAA;AAAA,QAClD,OAAA,EAAS,MAAA,CAAO,OAAA,KAAY,MAAA,GAAY,OAAO,OAAA,GAAU,IAAA;AAAA,QACzD,QAAA,EAAU,MAAA,CAAO,QAAA,KAAa,MAAA,GAAY,OAAO,QAAA,GAAW;AAAA,OAC9D;AACA,MAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,MAAA,CAAO,IAAA,EAAM,MAAM,CAAA;AACnC,MAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,MAAA,CAAO,IAAA,EAAO,MAAM,CAAA;AAAA,IACtC;AAAA,EACF;AAAA;AAAA,EAGA,IAAA,GAA2B;AACzB,IAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA;AAAA,EACxC;AAAA;AAAA,EAGA,UAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,MAAK,CAAE,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,aAAa,KAAK,CAAA;AAAA,EACvD;AAAA,EAEA,UAAU,IAAA,EAA4C;AACpD,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,IAAI,CAAA;AAAA,EAC7B;AAAA;AAAA,EAGA,QAAQ,EAAA,EAA0C;AAChD,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,EAAE,CAAA;AAAA,EAC3B;AAAA;AAAA,EAGA,UAAU,IAAA,EAA4C;AACpD,IAAA,OAAO,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,IAAI,CAAA;AAAA,EAC7B;AAAA;AAAA,EAGA,gBAAgB,UAAA,EAAkD;AAChE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAA,CAAI,UAAU,KAAK,IAAA,CAAK,MAAA,CAAO,IAAI,UAAU,CAAA;AAAA,EAClE;AAAA,EAEA,SAAS,IAAA,EAAuB;AAC9B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,IAAI,CAAA;AACnC,IAAA,OAAO,MAAA,EAAQ,QAAA,KAAa,KAAA,IAAS,MAAA,KAAW,MAAA;AAAA,EAClD;AAAA,EAEA,IAAA,GAAe;AACb,IAAA,OAAO,KAAK,MAAA,CAAO,IAAA;AAAA,EACrB;AAAA;AAAA,EAGA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,OAAO,KAAA,EAAM;AAClB,IAAA,IAAA,CAAK,OAAO,KAAA,EAAM;AAAA,EACpB;AACF;AAqBO,SAAS,sBAAsB,MAAA,EAA8C;AAClF,EAAA,OAAO;AAAA,IACL,IAAI,MAAA,CAAO,EAAA;AAAA,IACX,MAAM,MAAA,CAAO,IAAA;AAAA,IACb,cAAc,MAAA,CAAO,WAAA;AAAA,IACrB,WAAA,EAAa,OAAO,WAAA,IAAe,IAAA;AAAA,IACnC,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,SAAA,EAAW,MAAA,CAAO,QAAA,KAAa,KAAA,GAAQ,CAAA,GAAI,CAAA;AAAA,IAC3C,OAAA,EAAS,MAAA,CAAO,OAAA,KAAY,KAAA,GAAQ,CAAA,GAAI,CAAA;AAAA,IACxC,WAAA,EAAa,MAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,UAAA,EAAY,CAAA;AAAA,IACZ,UAAA,EAAY;AAAA,GACd;AACF;AAGA,IAAI,QAAA,GAAsC,IAAA;AAEnC,SAAS,qBAAA,GAA4C;AAC1D,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,QAAA,GAAW,IAAI,kBAAA,EAAmB;AAAA,EACpC;AACA,EAAA,OAAO,QAAA;AACT;AAGO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,QAAA,GAAW,IAAA;AACb;;;ACrHO,SAAS,yBAAyB,GAAA,EAAsC;AAC7E,EAAA,OAAO,IAAI,QAAA,KAAa,IAAA;AAC1B;AAGO,SAAS,oBAAoB,MAAA,EAAiC;AACnE,EAAA,OAAO,MAAA,KAAW,YAAY,MAAA,KAAW,QAAA;AAC3C;AASA,eAAsB,sBAAsB,EAAA,EAA8C;AACxF,EAAA,MAAM,YAAA,GAAe,qBAAA,EAAsB,CAAE,IAAA,EAAK;AAClD,EAAA,MAAM,OAAA,uBAAc,GAAA,EAA+B;AACnD,EAAA,KAAA,MAAW,OAAO,YAAA,EAAc;AAC9B,IAAA,IAAI,CAAC,wBAAA,CAAyB,GAAG,CAAA,EAAG;AAClC,MAAA,OAAA,CAAQ,GAAA,CAAI,GAAA,CAAI,IAAA,EAAM,EAAE,IAAA,EAAM,IAAI,IAAA,EAAM,WAAA,EAAa,GAAA,CAAI,WAAA,EAAa,CAAA;AAAA,IACxE;AAAA,EACF;AAEA,EAAA,IAAI,SAAgB,EAAC;AACrB,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,EAAA,CAAG,OAAA;AAAA,MAC3B;AAAA,MACA,GAAA,EAAI;AACN,IAAA,MAAA,GAAS,WAAW,EAAC;AAAA,EACvB,CAAA,CAAA,MAAQ;AAAA,EAER;AAEA,EAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAA+B,OAAO,CAAA;AACzD,EAAA,KAAA,MAAW,OAAO,MAAA,EAAQ;AACxB,IAAA,IAAI,CAAC,mBAAA,CAAoB,GAAA,CAAI,MAAM,CAAA,IAAK,CAAC,MAAA,CAAO,GAAA,CAAI,GAAA,CAAI,IAAI,CAAA,EAAG;AAC7D,MAAA,MAAA,CAAO,GAAA,CAAI,GAAA,CAAI,IAAA,EAAM,EAAE,MAAM,MAAA,CAAO,GAAA,CAAI,IAAI,CAAA,EAAG,WAAA,EAAa,MAAA,CAAO,GAAA,CAAI,YAAY,GAAG,CAAA;AAAA,IACxF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA,CAAM,IAAA,CAAK,MAAA,CAAO,MAAA,EAAQ,CAAA;AACnC;AAGA,IAAM,wBAA4C,EAAC;AAM5C,SAAS,oBAAoB,WAAA,EAAuC;AACzE,EAAA,KAAA,MAAW,UAAU,WAAA,EAAa;AAEhC,IAAA,IAAI,CAAC,OAAO,IAAA,IAAQ,CAAC,OAAO,WAAA,IAAe,CAAC,OAAO,MAAA,EAAQ;AACzD,MAAA,OAAA,CAAQ,KAAA,CAAM,sDAAsD,MAAM,CAAA;AAC1E,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,gBAAA,GAAqC;AAAA,MACzC,GAAG,MAAA;AAAA,MACH,OAAA,EAAS,MAAA,CAAO,OAAA,KAAY,MAAA,GAAY,OAAO,OAAA,GAAU,IAAA;AAAA,MACzD,QAAA,EAAU,MAAA,CAAO,QAAA,KAAa,MAAA,GAAY,OAAO,QAAA,GAAW;AAAA,KAC9D;AAEA,IAAA,qBAAA,CAAsB,KAAK,gBAAgB,CAAA;AAC3C,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,8BAAA,EAA4B,MAAA,CAAO,IAAI,CAAA,CAAE,CAAA;AAAA,EACvD;AACF;AAKA,eAAsB,qBAAA,GAAqD;AACzE,EAAA,MAAM,WAAA,GAAkC,CAAC,GAAG,qBAAqB,CAAA;AAGjE,EAAA,IAAI,qBAAA,CAAsB,SAAS,CAAA,EAAG;AACpC,IAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,gBAAA,EAAY,qBAAA,CAAsB,MAAM,CAAA,0CAAA,CAA4C,CAAA;AAAA,EAClG,CAAA,MAAO;AACL,IAAA,OAAA,CAAQ,IAAI,CAAA,uGAAA,CAA+F,CAAA;AAC3G,IAAA,OAAA,CAAQ,IAAI,CAAA,6EAAA,CAA+E,CAAA;AAC3F,IAAA,OAAA,CAAQ,IAAI,CAAA,+CAAA,CAAiD,CAAA;AAAA,EAC/D;AAEA,EAAA,IAAI;AAGF,IAAA,MAAM,OAAA,GAAW,SAAoB,GAAO,gCAAA,EAAkC,EAAE,KAAA,EAAO,IAAA,EAAM,CAAA,IAAK,EAAC;AACnG,IAAA,IAAI,mBAAA,GAAsB,CAAA;AAE1B,IAAA,KAAA,MAAW,CAAC,IAAA,EAAM,MAAM,KAAK,MAAA,CAAO,OAAA,CAAQ,OAAO,CAAA,EAAG;AACpD,MAAA,IAAI;AACF,QAAA,MAAM,YAAA,GAAe,MAAA;AAErB,QAAA,IAAI,CAAC,aAAa,OAAA,EAAS;AACzB,UAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,gBAAA,EAAmB,IAAI,CAAA,iCAAA,CAAmC,CAAA;AACvE,UAAA;AAAA,QACF;AAEA,QAAA,MAAM,SAAS,YAAA,CAAa,OAAA;AAG5B,QAAA,IAAI,CAAC,OAAO,IAAA,IAAQ,CAAC,OAAO,WAAA,IAAe,CAAC,OAAO,MAAA,EAAQ;AACzD,UAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,6BAAA,EAAgC,IAAI,CAAA,yBAAA,CAA2B,CAAA;AAC7E,UAAA;AAAA,QACF;AAGA,QAAA,MAAM,gBAAA,GAAqC;AAAA,UACzC,GAAG,MAAA;AAAA,UACH,OAAA,EAAS,MAAA,CAAO,OAAA,KAAY,KAAA,CAAA,GAAY,OAAO,OAAA,GAAU,IAAA;AAAA,UACzD,QAAA,EAAU,MAAA,CAAO,QAAA,KAAa,KAAA,CAAA,GAAY,OAAO,QAAA,GAAW;AAAA,SAC9D;AAEA,QAAA,WAAA,CAAY,KAAK,gBAAgB,CAAA;AACjC,QAAA,mBAAA,EAAA;AACA,QAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,+BAAA,EAA6B,MAAA,CAAO,IAAI,CAAA,CAAE,CAAA;AAAA,MACxD,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,8BAAA,EAAiC,IAAI,CAAA,CAAA,CAAA,EAAK,KAAK,CAAA;AAAA,MAC/D;AAAA,IACF;AAEA,IAAA,OAAA,CAAQ,GAAA,CAAI,iCAA0B,WAAA,CAAY,MAAM,WAAW,qBAAA,CAAsB,MAAM,CAAA,WAAA,EAAc,mBAAmB,CAAA,WAAA,CAAa,CAAA;AAC7I,IAAA,OAAO,WAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAC/D,IAAA,OAAO,WAAA;AAAA,EACT;AACF;AAOA,eAAsB,qBAAqB,IAAA,EAAgD;AACzF,EAAA,IAAI;AAGF,IAAA,OAAA,CAAQ,KAAK,uEAAuE,CAAA;AACpF,IAAA,OAAO,IAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,yBAAA,EAA4B,IAAI,CAAA,CAAA,CAAA,EAAK,KAAK,CAAA;AACxD,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAKA,eAAsB,2BAAA,GAAiD;AACrE,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAW,SAAoB,GAAO,gCAAgC,KAAK,EAAC;AAClF,IAAA,MAAM,QAAkB,EAAC;AAEzB,IAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA,EAAG;AAGvC,MAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,4BAA4B,CAAA;AACrD,MAAA,IAAI,KAAA,IAAS,KAAA,CAAM,CAAC,CAAA,EAAG;AACrB,QAAA,KAAA,CAAM,IAAA,CAAK,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,MACrB;AAAA,IACF;AAEA,IAAA,OAAO,KAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,mCAAmC,KAAK,CAAA;AACtD,IAAA,OAAO,EAAC;AAAA,EACV;AACF;AAKO,SAAS,yBAAyB,MAAA,EAAgE;AACvG,EAAA,MAAM,SAAmB,EAAC;AAG1B,EAAA,IAAI,CAAC,OAAO,IAAA,EAAM;AAChB,IAAA,MAAA,CAAO,KAAK,6BAA6B,CAAA;AAAA,EAC3C,WAAW,CAAC,eAAA,CAAgB,IAAA,CAAK,MAAA,CAAO,IAAI,CAAA,EAAG;AAC7C,IAAA,MAAA,CAAO,KAAK,wFAAwF,CAAA;AAAA,EACtG;AAEA,EAAA,IAAI,CAAC,OAAO,WAAA,EAAa;AACvB,IAAA,MAAA,CAAO,KAAK,0BAA0B,CAAA;AAAA,EACxC;AAEA,EAAA,IAAI,CAAC,OAAO,MAAA,EAAQ;AAClB,IAAA,MAAA,CAAO,KAAK,oBAAoB,CAAA;AAAA,EAClC,CAAA,MAAO;AAEL,IAAA,IAAI,MAAA,CAAO,MAAA,CAAO,IAAA,KAAS,QAAA,EAAU;AACnC,MAAA,MAAA,CAAO,KAAK,8BAA8B,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI,CAAC,OAAO,MAAA,CAAO,UAAA,IAAc,OAAO,MAAA,CAAO,MAAA,CAAO,eAAe,QAAA,EAAU;AAC7E,MAAA,MAAA,CAAO,KAAK,6BAA6B,CAAA;AAAA,IAC3C;AAGA,IAAA,KAAA,MAAW,CAAC,SAAA,EAAW,WAAW,CAAA,IAAK,MAAA,CAAO,OAAA,CAAQ,MAAA,CAAO,MAAA,CAAO,UAAA,IAAc,EAAE,CAAA,EAAG;AACrF,MAAA,IAAI,CAAC,YAAY,IAAA,EAAM;AACrB,QAAA,MAAA,CAAO,IAAA,CAAK,CAAA,OAAA,EAAU,SAAS,CAAA,iBAAA,CAAmB,CAAA;AAAA,MACpD;AAGA,MAAA,IAAI,WAAA,CAAY,IAAA,KAAS,WAAA,IAAe,CAAC,YAAY,UAAA,EAAY;AAC/D,QAAA,MAAA,CAAO,IAAA,CAAK,CAAA,iBAAA,EAAoB,SAAS,CAAA,gCAAA,CAAkC,CAAA;AAAA,MAC7E;AAEA,MAAA,MAAM,cAAc,WAAA,CAAY,YAAA;AAChC,MAAA,IAAI,gBAAgB,MAAA,EAAW;AAC7B,QAAA,IAAI,WAAA,CAAY,SAAS,QAAA,EAAU;AACjC,UAAA,MAAA,CAAO,IAAA,CAAK,CAAA,OAAA,EAAU,SAAS,CAAA,8CAAA,CAAgD,CAAA;AAAA,QACjF,CAAA,MAAA,IAAW,CAAC,CAAC,QAAA,EAAU,MAAM,CAAA,CAAE,QAAA,CAAS,WAAW,CAAA,EAAG;AACpD,UAAA,MAAA,CAAO,IAAA,CAAK,CAAA,cAAA,EAAiB,SAAS,CAAA,kDAAA,CAAoD,CAAA;AAAA,QAC5F;AAAA,MACF;AAGA,MAAA,IAAI,CAAC,QAAA,EAAU,aAAA,EAAe,OAAO,CAAA,CAAE,QAAA,CAAS,WAAA,CAAY,IAAI,CAAA,IAAK,CAAC,WAAA,CAAY,IAAA,EAAM;AACtF,QAAA,MAAA,CAAO,IAAA,CAAK,CAAA,cAAA,EAAiB,SAAS,CAAA,yBAAA,CAA2B,CAAA;AAAA,MACnE;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,OAAO,MAAA,KAAW,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AClOO,IAAM,aAAA,GAAgB;AACtB,IAAM,sBAAA,GAAyB,0BAAA;AAC/B,IAAM,sBAAA,GAAyB;AAEtC,IAAM,YAAA,GAAe,GAAA;AAkBrB,IAAM,gBAAA,GAA6C;AAAA,EACjD,UAAA,EAAY,aAAA;AAAA,EACZ,mBAAA,EAAqB,KAAA;AAAA,EACrB,UAAA,EAAY;AACd,CAAA;AAEA,IAAI,KAAA,GAAiC,IAAA;AAG9B,SAAS,qBAAA,GAA8B;AAC5C,EAAA,KAAA,GAAQ,IAAA;AACV;AAEA,eAAe,gBAAgB,EAAA,EAAoC;AACjE,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,IAAI,KAAA,IAAS,GAAA,GAAM,KAAA,CAAM,SAAA,GAAY,cAAc,OAAO,KAAA;AAE1D,EAAA,IAAI,YAAA,GAAe,KAAA;AACnB,EAAA,IAAI,QAAA,GAAW,gBAAA;AACf,EAAA,MAAM,OAAA,uBAAc,GAAA,EAA8C;AAClE,EAAA,MAAM,OAAA,uBAAc,GAAA,EAAoB;AAExC,EAAA,IAAI;AACF,IAAA,MAAM,SAAA,GAAY,MAAM,EAAA,CAAG,OAAA;AAAA,MACzB,CAAA;AAAA;AAAA,uFAAA;AAAA,KAGF,CAAE,IAAA,CAAK,sBAAsB,CAAA,CAAE,KAAA,EAAM;AAErC,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,YAAA,GAAe,IAAA;AACf,MAAA,IAAI;AACF,QAAA,MAAM,IAAA,GAAO,OAAO,SAAA,CAAU,IAAA,KAAS,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,SAAA,CAAU,IAAI,CAAA,GAAK,SAAA,CAAU,IAAA,IAAQ,EAAC;AACnG,QAAA,MAAM,CAAA,GAAI,IAAA,CAAK,QAAA,IAAY,EAAC;AAC5B,QAAA,QAAA,GAAW;AAAA,UACT,UAAA,EAAY,OAAO,CAAA,CAAE,UAAA,KAAe,YAAY,CAAA,CAAE,UAAA,CAAW,IAAA,EAAK,KAAM,EAAA,GAAK,CAAA,CAAE,UAAA,CAAW,IAAA,KAAS,gBAAA,CAAiB,UAAA;AAAA,UACpH,mBAAA,EAAqB,EAAE,mBAAA,KAAwB,IAAA;AAAA,UAC/C,UAAA,EAAY,OAAO,CAAA,CAAE,UAAA,KAAe,QAAA,GAAW,EAAE,UAAA,CAAW,IAAA,EAAK,CAAE,WAAA,EAAY,GAAI;AAAA,SACrF;AAAA,MACF,CAAA,CAAA,MAAQ;AACN,QAAA,QAAA,GAAW,gBAAA;AAAA,MACb;AAEA,MAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,EAAA,CAAG,OAAA;AAAA,QAC3B,CAAA,kDAAA;AAAA,QACA,GAAA,EAAI;AACN,MAAA,KAAA,MAAW,GAAA,IAAQ,OAAA,IAAW,EAAC,EAAa;AAC1C,QAAA,MAAM,MAAA,GAAS,GAAA,CAAI,MAAA,KAAW,UAAA,GAAa,UAAA,GAAa,QAAA;AACxD,QAAA,OAAA,CAAQ,GAAA,CAAI,GAAA,CAAI,IAAA,EAAM,EAAE,IAAA,EAAM,IAAI,IAAA,IAAQ,GAAA,CAAI,IAAA,EAAM,MAAA,EAAQ,CAAA;AAC5D,QAAA,IAAI,GAAA,CAAI,MAAA,IAAU,MAAA,KAAW,QAAA,EAAU;AACrC,UAAA,OAAA,CAAQ,GAAA,CAAI,OAAO,GAAA,CAAI,MAAM,EAAE,WAAA,EAAY,EAAG,IAAI,IAAI,CAAA;AAAA,QACxD;AAAA,MACF;AAEA,MAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,CAAI,SAAS,CAAA,EAAG,OAAA,CAAQ,GAAA,CAAI,SAAA,EAAW,EAAE,IAAA,EAAM,SAAA,EAAW,MAAA,EAAQ,UAAU,CAAA;AAAA,IAC3F;AAAA,EACF,CAAA,CAAA,MAAQ;AAEN,IAAA,YAAA,GAAe,KAAA;AAAA,EACjB;AAEA,EAAA,KAAA,GAAQ,EAAE,YAAA,EAAc,QAAA,EAAU,OAAA,EAAS,OAAA,EAAS,WAAW,GAAA,EAAI;AACnE,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,cAAA,CAAe,OAAyB,IAAA,EAAiD;AAChG,EAAA,IAAI,CAAC,MAAM,OAAO,KAAA;AAClB,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,OAAA,CAAQ,GAAA,CAAI,IAAI,CAAA;AACpC,EAAA,OAAO,CAAC,CAAC,KAAA,IAAS,KAAA,CAAM,MAAA,KAAW,QAAA;AACrC;AAUO,SAAS,iBAAA,CACd,KAAA,EACA,GAAA,EACA,IAAA,EACQ;AACR,EAAA,IAAI,CAAC,KAAA,CAAM,YAAA,EAAc,OAAO,SAAA;AAChC,EAAA,MAAM,IAAA,GAAO,KAAA;AACb,EAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,KAAsB,IAAA;AAC5C,EAAA,MAAM,MAAA,GAAS,CAAC,IAAA,KACd,CAAC,OAAA,IAAW,IAAA,KAAS,SAAA,KAAc,IAAA,EAAM,WAAA,EAAa,GAAA,CAAI,IAAI,CAAA,IAAK,KAAA,CAAA;AACrE,EAAA,MAAM,MAAA,GAAS,CAAC,IAAA,KACd,cAAA,CAAe,MAAM,IAAI,CAAA,IAAK,OAAO,IAAI,CAAA;AAE3C,EAAA,MAAM,MAAA,GAAS,GAAA,CAAI,MAAA,EAAQ,IAAA,GAAO,WAAA,EAAY;AAC9C,EAAA,IAAI,MAAA,CAAO,MAAM,CAAA,EAAG,OAAO,MAAA;AAE3B,EAAA,MAAM,MAAA,GAAS,GAAA,CAAI,MAAA,EAAQ,IAAA,GAAO,WAAA,EAAY;AAC9C,EAAA,IAAI,MAAA,CAAO,MAAM,CAAA,EAAG,OAAO,MAAA;AAE3B,EAAA,MAAM,IAAA,GAAO,IAAI,IAAA,EAAM,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,WAAA,EAAY,IAAK,EAAA;AACvD,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,MAAA,GAAS,KAAA,CAAM,OAAA,CAAQ,GAAA,CAAI,IAAI,CAAA;AACrC,IAAA,IAAI,MAAA,CAAO,MAAM,CAAA,EAAG,OAAO,MAAA;AAE3B,IAAA,MAAM,EAAE,mBAAA,EAAqB,UAAA,EAAW,GAAI,KAAA,CAAM,QAAA;AAClD,IAAA,IAAI,uBAAuB,UAAA,IAAc,IAAA,CAAK,SAAS,CAAA,CAAA,EAAI,UAAU,EAAE,CAAA,EAAG;AACxE,MAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,GAAG,EAAE,UAAA,CAAW,SAAS,CAAA,CAAE,CAAA;AAClD,MAAA,IAAI,GAAA,IAAO,CAAC,GAAA,CAAI,QAAA,CAAS,GAAG,CAAA,IAAK,MAAA,CAAO,GAAG,CAAA,EAAG,OAAO,GAAA;AAAA,IACvD;AAAA,EACF;AAEA,EAAA,OAAO,SAAA;AACT;AAGA,eAAe,eAAA,CAAgB,IAAS,MAAA,EAA8C;AACpF,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA,IAAA,CAIpC,CAAA,CAAE,IAAA,CAAK,MAAM,CAAA,CAAE,GAAA,EAAI;AACpB,IAAA,OAAO,IAAI,GAAA,CAAA,CAAK,OAAA,IAAW,IAAI,GAAA,CAAI,CAAC,CAAA,KAAW,CAAC,EAAE,IAAA,EAAiB,CAAA,CAAE,IAAA,IAAmB,QAAQ,CAAC,CAAC,CAAA;AAAA,EACpG,CAAA,CAAA,MAAQ;AACN,IAAA,2BAAW,GAAA,EAAI;AAAA,EACjB;AACF;AAEO,SAAS,gBAAA,GAAmB;AACjC,EAAA,OAAO,OAAO,GAAiB,IAAA,KAAe;AAC5C,IAAA,MAAM,EAAA,GAAM,EAAU,GAAA,EAAK,EAAA;AAC3B,IAAA,IAAI,CAAC,EAAA,EAAI;AACP,MAAA,CAAA,CAAE,GAAA,CAAI,YAAY,SAAS,CAAA;AAC3B,MAAA,OAAO,IAAA,EAAK;AAAA,IACd;AAEA,IAAA,MAAM,KAAA,GAAQ,MAAM,eAAA,CAAgB,EAAE,CAAA;AAKtC,IAAA,MAAM,IAAA,GAAO,CAAA,CAAE,GAAA,CAAI,MAAM,CAAA;AACzB,IAAA,IAAI,WAAA;AACJ,IAAA,IAAI,WAAA;AACJ,IAAA,MAAM,iBAAA,GAAoB,CAAC,EAAE,IAAA,EAAM,UAAU,KAAA,CAAM,YAAA,IAAgB,CAAC,IAAA,CAAK,YAAA,CAAA;AACzE,IAAA,IAAI,MAAM,MAAA,IAAU,KAAA,CAAM,YAAA,IAAgB,CAAC,KAAK,YAAA,EAAc;AAC5D,MAAA,WAAA,GAAc,MAAM,eAAA,CAAgB,EAAA,EAAI,IAAA,CAAK,MAAM,CAAA;AACnD,MAAA,WAAA,GAAc,IAAI,GAAA,CAAI,WAAA,CAAY,IAAA,EAAM,CAAA;AAAA,IAC1C;AAEA,IAAA,MAAM,QAAA,GAAW,iBAAA;AAAA,MACf,KAAA;AAAA,MACA;AAAA,QACE,QAAQ,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,KAAA,CAAM,SAAS,UAAU,CAAA;AAAA,QAC9C,MAAA,EAAQA,gBAAA,CAAU,CAAA,EAAG,aAAa,CAAA;AAAA,QAClC,IAAA,EAAM,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,MAAM;AAAA,OAC3B;AAAA,MACA,EAAE,aAAa,iBAAA;AAAkB,KACnC;AACA,IAAA,CAAA,CAAE,GAAA,CAAI,YAAY,QAAQ,CAAA;AAK1B,IAAA,IAAI,MAAM,MAAA,EAAQ;AAChB,MAAA,MAAM,IAAA,GACJ,QAAA,KAAa,SAAA,IAAa,IAAA,CAAK,YAAA,GAC3B,IAAA,CAAK,IAAA,GACL,WAAA,EAAa,GAAA,CAAI,QAAQ,CAAA,IAAK,IAAA,CAAK,IAAA;AACzC,MAAA,CAAA,CAAE,GAAA,CAAI,cAAc,IAAI,CAAA;AAAA,IAC1B;AAEA,IAAA,MAAM,IAAA,EAAK;AAKX,IAAA,MAAM,OAAO,IAAI,GAAA,CAAI,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA;AAChC,IAAA,IAAI,CAAC,IAAA,CAAK,UAAA,CAAW,QAAQ,CAAA,EAAG;AAChC,IAAA,IAAI,CAAC,EAAE,GAAA,CAAI,OAAA,CAAQ,IAAI,cAAc,CAAA,EAAG,QAAA,CAAS,WAAW,CAAA,EAAG;AAE/D,IAAA,MAAM,MAAA,GAAS,EAAE,GAAA,CAAI,MAAA;AACrB,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,CAAA,CAAE,IAAI,OAAO,CAAA;AACzC,IAAA,MAAM,IAAA,GAAO,MAAM,CAAA,CAAE,GAAA,CAAI,IAAA,EAAK;AAC9B,IAAA,IAAI,IAAA,CAAK,QAAA,CAAS,sBAAsB,CAAA,EAAG;AACzC,MAAA,MAAM,WAAA,GAAc,MAAM,YAAA,GACtB,oBAAA,CAAqB,OAAO,QAAA,EAAU,iBAAA,GAAoB,WAAA,GAAc,MAAS,CAAA,GACjF,EAAA;AACJ,MAAA,CAAA,CAAE,GAAA,GAAM,IAAI,QAAA,CAAS,IAAA,CAAK,KAAA,CAAM,sBAAsB,CAAA,CAAE,IAAA,CAAK,WAAW,CAAA,EAAG,EAAE,MAAA,EAAQ,SAAS,CAAA;AAAA,IAChG,CAAA,MAAO;AAEL,MAAA,CAAA,CAAE,MAAM,IAAI,QAAA,CAAS,MAAM,EAAE,MAAA,EAAQ,SAAS,CAAA;AAAA,IAChD;AAAA,EACF,CAAA;AACF;AAEA,SAAS,oBAAA,CAAqB,KAAA,EAAyB,eAAA,EAAyB,WAAA,EAAmC;AACjH,EAAA,MAAM,SAAS,CAAC,GAAG,MAAM,OAAA,CAAQ,OAAA,EAAS,CAAA,CACvC,MAAA,CAAO,CAAC,CAAC,IAAA,EAAM,CAAC,CAAA,KAAM,CAAA,CAAE,WAAW,QAAA,KAAa,CAAC,eAAe,IAAA,KAAS,SAAA,IAAa,YAAY,GAAA,CAAI,IAAI,EAAE,CAAA,CAC5G,IAAA,CAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAO,CAAA,KAAM,SAAA,GAAY,KAAK,CAAA,KAAM,SAAA,GAAY,IAAI,CAAA,CAAE,aAAA,CAAc,CAAC,CAAE,CAAA;AAEvF,EAAA,MAAM,UAAU,MAAA,CACb,GAAA;AAAA,IAAI,CAAC,CAAC,IAAA,EAAM,CAAC,CAAA,KACZ,CAAA,eAAA,EAAkBC,6BAAW,IAAI,CAAC,CAAA,EAAA,EAAK,IAAA,KAAS,kBAAkB,UAAA,GAAa,EAAE,IAAIA,4BAAA,CAAW,CAAA,CAAE,IAAI,CAAC,CAAA,SAAA;AAAA,GACzG,CACC,KAAK,EAAE,CAAA;AAEV,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,SAAA,EAYE,OAAO,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,UAAA,CAAA;AAUlB;;;AClPA,IAAM,MAAA,GAAS,SAAA;AACf,IAAM,OAAA,GAAU,QAAA;AAET,IAAM,gBAAN,MAAoB;AAAA,EACzB,YAAoB,EAAA,EAAgB;AAAhB,IAAA,IAAA,CAAA,EAAA,GAAA,EAAA;AAAA,EAAiB;AAAA,EAErC,MAAM,aAAA,GAAuC;AAC3C,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA,IAAA,CAIzC,CAAA,CAAE,IAAA,CAAK,OAAA,EAAS,MAAM,EAAE,GAAA,EAAI;AAC7B,IAAA,OAAA,CAAQ,OAAA,IAAW,EAAC,EAAG,GAAA,CAAI,mBAAmB,CAAA;AAAA,EAChD;AAAA,EAEA,MAAM,UAAU,QAAA,EAA8C;AAC5D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ;AAAA;AAAA;AAAA,IAAA,CAGjC,EAAE,IAAA,CAAK,QAAA,EAAU,OAAA,EAAS,MAAM,EAAE,KAAA,EAAM;AACzC,IAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,IAAA,OAAO,oBAAoB,GAAG,CAAA;AAAA,EAChC;AAAA,EAEA,MAAM,gBAAgB,IAAA,EAA0C;AAC9D,IAAA,OAAO,IAAA,CAAK,UAAU,IAAI,CAAA;AAAA,EAC5B;AAAA,EAEA,MAAM,cAAA,GAAuC;AAC3C,IAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAQnC,CAAA,CAAE,IAAA,CAAK,OAAA,EAAS,MAAM,EAAE,KAAA,EAAM;AAC/B,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,OAAO,KAAA,IAAS,CAAA;AAAA,MACvB,MAAA,EAAQ,OAAO,MAAA,IAAU,CAAA;AAAA,MACzB,QAAA,EAAU,OAAO,QAAA,IAAY,CAAA;AAAA,MAC7B,MAAA,EAAQ,OAAO,MAAA,IAAU,CAAA;AAAA,MACzB,WAAA,EAAa;AAAA,KACf;AAAA,EACF;AAAA,EAEA,MAAM,cAAc,UAAA,EAAsD;AACxE,IAAA,MAAM,IAAA,GAAO,WAAW,EAAA,IAAM,UAAA,CAAW,QAAQ,CAAA,OAAA,EAAU,IAAA,CAAK,KAAK,CAAA,CAAA;AACrE,IAAA,MAAM,KAAA,GAAQ,OAAO,UAAA,EAAW;AAChC,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,IAAA,GAAO,KAAK,SAAA,CAAU;AAAA,MAC1B,IAAA,EAAM,IAAA;AAAA,MACN,WAAA,EAAa,WAAW,YAAA,IAAgB,gBAAA;AAAA,MACxC,WAAA,EAAa,WAAW,WAAA,IAAe,EAAA;AAAA,MACvC,OAAA,EAAS,WAAW,OAAA,IAAW,OAAA;AAAA,MAC/B,MAAA,EAAQ,WAAW,MAAA,IAAU,SAAA;AAAA,MAC7B,QAAA,EAAU,WAAW,QAAA,IAAY,WAAA;AAAA,MACjC,IAAA,EAAM,WAAW,IAAA,IAAQ,WAAA;AAAA,MACzB,MAAA,EAAQ,QAAA;AAAA,MACR,MAAA,EAAQ,WAAW,OAAA,IAAW,KAAA;AAAA,MAC9B,QAAA,EAAU,UAAA,CAAW,QAAA,IAAY,EAAC;AAAA,MAClC,WAAA,EAAa,UAAA,CAAW,WAAA,IAAe,EAAC;AAAA,MACxC,YAAA,EAAc,UAAA,CAAW,YAAA,IAAgB,EAAC;AAAA,MAC1C,aAAA,EAAe,WAAW,cAAA,IAAkB,CAAA;AAAA,MAC5C,MAAA,EAAQ,WAAW,MAAA,IAAU;AAAA,KAC9B,CAAA;AAED,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAUrB,CAAA,CAAE,IAAA;AAAA,MACD,KAAA;AAAA,MAAO,KAAA;AAAA,MAAO,OAAA;AAAA,MACd,IAAA;AAAA,MAAM,WAAW,YAAA,IAAgB,gBAAA;AAAA,MAAkB,MAAA;AAAA,MACnD,IAAA;AAAA,MAAM,GAAA;AAAA,MAAK;AAAA,MACX,GAAA,EAAI;AAEN,IAAA,MAAM,IAAA,CAAK,YAAY,IAAA,EAAM,WAAA,EAAa,MAAM,EAAE,OAAA,EAAS,UAAA,CAAW,OAAA,EAAS,CAAA;AAC/E,IAAA,MAAM,IAAA,CAAK,WAAA,CAAY,IAAA,EAAM,WAAA,EAAa,IAAI,CAAA;AAC9C,IAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA;AAC3C,IAAA,IAAI,CAAC,SAAA,EAAW,MAAM,IAAI,MAAM,0BAA0B,CAAA;AAC1D,IAAA,OAAO,SAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,YAAA,CAAa,EAAA,EAAY,IAAA,EAKP;AACtB,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,EAAE,CAAA;AACxC,IAAA,IAAI,UAAU,OAAO,QAAA;AACrB,IAAA,OAAO,KAAK,aAAA,CAAc;AAAA,MACxB,EAAA;AAAA,MACA,IAAA,EAAM,EAAA;AAAA,MACN,YAAA,EAAc,KAAK,WAAA,IAAe,EAAA;AAAA,MAClC,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,MACjC,MAAA,EAAQ,KAAK,MAAA,IAAU,EAAA;AAAA,MACvB,OAAA,EAAS,KAAK,OAAA,IAAW;AAAA,KAC1B,CAAA;AAAA,EACH;AAAA,EAEA,MAAM,gBAAgB,QAAA,EAAiC;AACrD,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,QAAQ,CAAA;AAC5C,IAAA,IAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,MAAM,kBAAkB,CAAA;AAC/C,IAAA,IAAI,MAAA,CAAO,OAAA,EAAS,MAAM,IAAI,MAAM,+BAA+B,CAAA;AACnE,IAAA,IAAI,OAAO,MAAA,KAAW,QAAA,EAAU,MAAM,IAAA,CAAK,iBAAiB,QAAQ,CAAA;AACpE,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA,IAAA,CAIrB,CAAA,CAAE,KAAK,GAAA,EAAK,GAAA,EAAK,UAAU,OAAA,EAAS,MAAM,EAAE,GAAA,EAAI;AACjD,IAAA,MAAM,IAAA,CAAK,YAAY,QAAA,EAAU,aAAA,EAAe,MAAM,EAAE,IAAA,EAAM,MAAA,CAAO,IAAA,EAAM,CAAA;AAAA,EAC7E;AAAA,EAEA,MAAM,eAAe,QAAA,EAAiC;AACpD,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,QAAQ,CAAA;AAC5C,IAAA,IAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,MAAM,kBAAkB,CAAA;AAC/C,IAAA,IAAI,MAAA,CAAO,YAAA,IAAgB,MAAA,CAAO,YAAA,CAAa,SAAS,CAAA,EAAG;AACzD,MAAA,MAAM,IAAA,CAAK,iBAAA,CAAkB,MAAA,CAAO,YAAY,CAAA;AAAA,IAClD;AACA,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAKrB,CAAA,CAAE,KAAK,GAAA,EAAK,GAAA,EAAK,UAAU,OAAA,EAAS,MAAM,EAAE,GAAA,EAAI;AAEjD,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,CAAA,iDAAA,CAAmD,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAA,CAAE,GAAA,EAAI,CAAE,KAAA,CAAM,MAAM;AAAA,IAAC,CAAC,CAAA;AAI9G,IAAA,qBAAA,EAAsB;AACtB,IAAA,MAAM,IAAA,CAAK,WAAA,CAAY,QAAA,EAAU,WAAA,EAAa,IAAI,CAAA;AAAA,EACpD;AAAA,EAEA,MAAM,iBAAiB,QAAA,EAAiC;AACtD,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,QAAQ,CAAA;AAC5C,IAAA,IAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,MAAM,kBAAkB,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,eAAA,CAAgB,MAAA,CAAO,IAAI,CAAA;AACtC,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAKrB,EAAE,IAAA,CAAK,GAAA,EAAK,UAAU,OAAA,EAAS,MAAM,EAAE,GAAA,EAAI;AAE5C,IAAA,MAAM,IAAA,CAAK,EAAA,CAAG,OAAA,CAAQ,CAAA,mDAAA,CAAqD,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAA,CAAE,GAAA,EAAI,CAAE,KAAA,CAAM,MAAM;AAAA,IAAC,CAAC,CAAA;AAChH,IAAA,qBAAA,EAAsB;AACtB,IAAA,MAAM,IAAA,CAAK,WAAA,CAAY,QAAA,EAAU,aAAA,EAAe,IAAI,CAAA;AAAA,EACtD;AAAA,EAEA,MAAM,oBAAA,CAAqB,QAAA,EAAkB,QAAA,EAA8B;AACzE,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,SAAA,CAAU,QAAQ,CAAA;AAC5C,IAAA,IAAI,CAAC,MAAA,EAAQ,MAAM,IAAI,MAAM,kBAAkB,CAAA;AAC/C,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA,IAAA,CAIrB,CAAA,CAAE,IAAA,CAAK,IAAA,CAAK,SAAA,CAAU,QAAQ,CAAA,EAAG,GAAA,EAAK,QAAA,EAAU,OAAA,EAAS,MAAM,CAAA,CAAE,GAAA,EAAI;AAEtE,IAAA,qBAAA,EAAsB;AACtB,IAAA,MAAM,IAAA,CAAK,WAAA,CAAY,QAAA,EAAU,kBAAA,EAAoB,IAAI,CAAA;AAAA,EAC3D;AAAA,EAEA,MAAM,mBAAA,CAAoB,QAAA,EAAkB,KAAA,EAAsG;AAChJ,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAUrB,CAAA,CAAE,IAAA;AAAA,MACD,KAAA,CAAM,OAAA;AAAA,MAAS,KAAA,CAAM,WAAA;AAAA,MACrB,IAAA,CAAK,SAAA,CAAU,KAAA,CAAM,WAAW,CAAA;AAAA,MAAG,IAAA,CAAK,SAAA,CAAU,KAAA,CAAM,QAAA,IAAY,EAAE,CAAA;AAAA,MACtE,GAAA;AAAA,MAAK,QAAA;AAAA,MAAU,OAAA;AAAA,MAAS;AAAA,MACxB,GAAA,EAAI;AAAA,EACR;AAAA,EAEA,MAAM,cAAA,CAAe,QAAA,EAAkB,KAAA,EAA8B;AACnE,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAKrB,CAAA,CAAE,KAAK,KAAA,EAAO,GAAA,EAAK,UAAU,OAAA,EAAS,MAAM,EAAE,GAAA,EAAI;AACnD,IAAA,MAAM,KAAK,WAAA,CAAY,QAAA,EAAU,SAAS,IAAA,EAAM,EAAE,OAAO,CAAA;AAAA,EAC3D;AAAA,EAEA,MAAM,iBAAA,CAAkB,QAAA,EAAkB,KAAA,GAAgB,EAAA,EAAoB;AAC5E,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAAA,CASzC,EAAE,IAAA,CAAK,MAAA,EAAQ,QAAA,EAAU,KAAK,EAAE,GAAA,EAAI;AACrC,MAAA,OAAA,CAAQ,OAAA,IAAW,EAAC,EAAG,GAAA,CAAI,CAAC,GAAA,KAAa;AACvC,QAAA,MAAM,CAAA,GAAI,OAAO,GAAA,CAAI,IAAA,KAAS,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,IAAI,CAAA,GAAK,GAAA,CAAI,IAAA,IAAQ,EAAC;AAC9E,QAAA,OAAO;AAAA,UACL,IAAI,GAAA,CAAI,EAAA;AAAA,UACR,QAAQ,CAAA,CAAE,MAAA;AAAA,UACV,MAAA,EAAQ,EAAE,MAAA,IAAU,IAAA;AAAA,UACpB,OAAA,EAAS,EAAE,OAAA,IAAW,IAAA;AAAA,UACtB,WAAW,GAAA,CAAI;AAAA,SACjB;AAAA,MACF,CAAC,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,EAAC;AAAA,IACV;AAAA,EACF;AAAA,EAEA,MAAM,YAAA,CAAa,QAAA,EAAkB,QAAA,EAAkB,WAAA,EAAqB,WAAmB,EAAA,EAAmB;AAChH,IAAA,MAAM,EAAA,GAAK,CAAA,KAAA,EAAQ,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA;AAC7B,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA,IAAA,CAGrB,CAAA,CAAE,KAAK,EAAA,EAAI,QAAA,EAAU,UAAU,WAAA,EAAa,QAAQ,EAAE,GAAA,EAAI;AAAA,EAC7D;AAAA,EAEA,MAAM,aAAA,CAAc,QAAA,EAAkB,IAAA,EAAc,MAAA,EAAgB,aAAqB,UAAA,EAAmC;AAC1H,IAAA,MAAM,EAAA,GAAK,CAAA,MAAA,EAAS,IAAA,CAAK,GAAA,EAAK,CAAA,CAAA;AAC9B,IAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA,IAAA,CAGrB,CAAA,CAAE,IAAA,CAAK,EAAA,EAAI,QAAA,EAAU,MAAM,MAAA,EAAQ,WAAA,EAAa,IAAA,CAAK,SAAA,CAAU,UAAA,IAAc,EAAE,CAAC,EAAE,GAAA,EAAI;AAAA,EACzF;AAAA,EAEA,MAAM,eAAe,QAAA,EAAkC;AACrD,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA,IAAA,CAEzC,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAA,CAAE,GAAA,EAAI;AACtB,IAAA,OAAO,WAAW,EAAC;AAAA,EACrB;AAAA,EAEA,MAAM,gBAAgB,QAAA,EAAkC;AACtD,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA,IAAA,CAEzC,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAA,CAAE,GAAA,EAAI;AACtB,IAAA,OAAO,WAAW,EAAC;AAAA,EACrB;AAAA,EAEA,MAAc,kBAAkB,YAAA,EAAuC;AACrE,IAAA,KAAA,MAAW,OAAO,YAAA,EAAc;AAC9B,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,eAAA,CAAgB,GAAG,CAAA;AAC7C,MAAA,IAAI,CAAC,MAAA,IAAU,MAAA,CAAO,MAAA,KAAW,QAAA,EAAU;AACzC,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,qBAAA,EAAwB,GAAG,CAAA,eAAA,CAAiB,CAAA;AAAA,MAC9D;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAc,gBAAgB,UAAA,EAAmC;AAC/D,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA,IAAA,CAKzC,CAAA,CAAE,KAAK,OAAA,EAAS,MAAA,EAAQ,KAAK,UAAU,CAAA,EAAA,CAAI,EAAE,GAAA,EAAI;AAClD,IAAA,IAAI,OAAA,IAAW,OAAA,CAAQ,MAAA,GAAS,CAAA,EAAG;AACjC,MAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA,KAAW,CAAA,CAAE,KAAA,IAAS,CAAA,CAAE,IAAI,CAAA,CAAE,IAAA,CAAK,IAAI,CAAA;AAClE,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6DAAA,EAAgE,KAAK,CAAA,CAAE,CAAA;AAAA,IACzF;AAAA,EACF;AAAA,EAEA,MAAc,WAAA,CAAY,QAAA,EAAkB,MAAA,EAAgB,QAAuB,OAAA,EAA8B;AAC/G,IAAA,IAAI;AACF,MAAA,MAAM,KAAA,GAAQ,OAAO,UAAA,EAAW;AAChC,MAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAExC,MAAA,MAAM,IAAA,GAAO,IAAA,CAAK,SAAA,CAAU,EAAE,QAAA,EAAU,QAAQ,MAAA,EAAQ,OAAA,EAAS,OAAA,IAAW,IAAA,EAAM,CAAA;AAClF,MAAA,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAAA,CAUrB,CAAA,CAAE,IAAA,CAAK,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,QAAQ,IAAA,EAAM,GAAA,EAAK,GAAG,CAAA,CAAE,GAAA,EAAI;AAAA,IAC3D,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AACF;AAEA,SAAS,oBAAoB,GAAA,EAAsB;AACjD,EAAA,MAAM,IAAA,GAAO,OAAO,GAAA,CAAI,IAAA,KAAS,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,IAAI,CAAA,GAAK,GAAA,CAAI,IAAA,IAAQ,EAAC;AACjF,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,GAAA,CAAI,IAAA,IAAQ,IAAA,CAAK,QAAQ,GAAA,CAAI,OAAA;AAAA,IACjC,IAAA,EAAM,IAAA,CAAK,IAAA,IAAQ,GAAA,CAAI,IAAA,IAAQ,EAAA;AAAA,IAC/B,YAAA,EAAc,IAAA,CAAK,WAAA,IAAe,GAAA,CAAI,KAAA,IAAS,EAAA;AAAA,IAC/C,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,IACjC,OAAA,EAAS,KAAK,OAAA,IAAW,OAAA;AAAA,IACzB,MAAA,EAAQ,KAAK,MAAA,IAAU,SAAA;AAAA,IACvB,QAAA,EAAU,KAAK,QAAA,IAAY,WAAA;AAAA,IAC3B,IAAA,EAAM,KAAK,IAAA,IAAQ,WAAA;AAAA,IACnB,MAAA,EAAQ,KAAK,MAAA,IAAU,UAAA;AAAA,IACvB,OAAA,EAAS,IAAA,CAAK,MAAA,KAAW,IAAA,IAAQ,KAAK,MAAA,KAAW,CAAA;AAAA,IACjD,UAAU,IAAA,CAAK,QAAA;AAAA,IACf,aAAa,IAAA,CAAK,WAAA;AAAA,IAClB,cAAc,IAAA,CAAK,YAAA;AAAA,IACnB,cAAA,EAAgB,KAAK,aAAA,IAAiB,CAAA;AAAA,IACtC,MAAA,EAAQ,KAAK,MAAA,IAAU,CAAA;AAAA,IACvB,cAAc,GAAA,CAAI,UAAA;AAAA,IAClB,YAAA,EAAc,KAAK,WAAA,IAAe,MAAA;AAAA,IAClC,cAAc,GAAA,CAAI,UAAA;AAAA,IAClB,aAAA,EAAe,KAAK,YAAA,IAAgB;AAAA,GACtC;AACF;;;AC5UO,IAAM,eAAA,GAAuD;AAAA,EAClE,WAAA,EAAa;AAAA,IACX,IAAA,EAAM,WAAA;AAAA,IACN,UAAA,EAAY,kBAAA;AAAA,IACZ,aAAA,EAAe,WAAA;AAAA,IACf,aAAA,EAAe,sIAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,SAAA;AAAA,IACV,UAAA,EAAY,SAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,gBAAA;AAAA,MACA,cAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,SAAA,EAAW,IAAA;AAAA,MACX,iBAAA,EAAmB,IAAA;AAAA,MACnB,wBAAwB,EAAC;AAAA,MACzB,yBAAyB,EAAC;AAAA,MAC1B,sBAAA,EAAwB,IAAA;AAAA,MACxB,gBAAA,EAAkB,CAAA;AAAA,MAClB,eAAA,EAAiB,EAAA;AAAA,MACjB,aAAA,EAAe;AAAA,KACjB;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,WAAA;AAAA,MACT,MAAA,EAAQ,kBAAA;AAAA,MACR,MAAA,EAAQ,0BAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,gBAAA,EAAkB;AAAA,IAChB,IAAA,EAAM,gBAAA;AAAA,IACN,UAAA,EAAY,gBAAA;AAAA,IACZ,aAAA,EAAe,sBAAA;AAAA,IACf,aAAA,EAAe,+IAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,KAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,gBAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,mBAAmB,EAAC;AAAA,IACpB,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,WAAA;AAAA,MACT,MAAA,EAAQ,WAAA;AAAA,MACR,MAAA,EAAQ,kBAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,WAAA,EAAa;AAAA,IACX,IAAA,EAAM,WAAA;AAAA,IACN,UAAA,EAAY,WAAA;AAAA,IACZ,aAAA,EAAe,uBAAA;AAAA,IACf,aAAA,EAAe,0HAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,UAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,cAAA;AAAA,MACA,cAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,gBAAA,EAAkB;AAAA,QAChB,OAAA,EAAS;AAAA,UACP,UAAA,EAAY,IAAA;AAAA,UACZ,WAAA,EAAa,CAAA;AAAA,UACb,OAAA,EAAS,OAAA;AAAA,UACT,MAAA,EAAQ;AAAA,SACV;AAAA,QACA,UAAA,EAAY;AAAA,UACV,UAAA,EAAY,IAAA;AAAA,UACZ,WAAA,EAAa,CAAA;AAAA,UACb,OAAA,EAAS,UAAA;AAAA,UACT,MAAA,EAAQ;AAAA,SACV;AAAA,QACA,WAAA,EAAa;AAAA,UACX,UAAA,EAAY,IAAA;AAAA,UACZ,WAAA,EAAa,CAAA;AAAA,UACb,OAAA,EAAS,YAAA;AAAA,UACT,MAAA,EAAQ;AAAA,SACV;AAAA,QACA,UAAA,EAAY;AAAA,UACV,UAAA,EAAY,IAAA;AAAA,UACZ,WAAA,EAAa,CAAA;AAAA,UACb,OAAA,EAAS,WAAA;AAAA,UACT,MAAA,EAAQ;AAAA;AACV,OACF;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,aAAA,EAAe,IAAA;AAAA,QACf,sBAAA,EAAwB;AAAA,UACtB,kBAAA,EAAoB,KAAA;AAAA,UACpB,kBAAA,EAAoB,KAAA;AAAA,UACpB,gBAAA,EAAkB,KAAA;AAAA,UAClB,qBAAA,EAAuB;AAAA;AACzB,OACF;AAAA,MACA,cAAA,EAAgB;AAAA,QACd,SAAA,EAAW,IAAA;AAAA,QACX,0BAAA,EAA4B,KAAA;AAAA,QAC5B,aAAA,EAAe;AAAA;AACjB,KACF;AAAA,IACA,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,YAAA,EAAc;AAAA,IACZ,IAAA,EAAM,YAAA;AAAA,IACN,UAAA,EAAY,YAAA;AAAA,IACZ,aAAA,EAAe,cAAA;AAAA,IACf,aAAA,EAAe,qLAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,SAAA;AAAA,IACV,UAAA,EAAY,QAAA;AAAA,IACZ,WAAA,EAAa,QAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,YAAA;AAAA,MACA,aAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,mBAAA,EAAqB,IAAA;AAAA,MACrB,eAAA,EAAiB,IAAA;AAAA,MACjB,qBAAA,EAAuB,IAAA;AAAA,MACvB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,OAAA;AAAA,MACT,MAAA,EAAQ,QAAA;AAAA,MACR,MAAA,EAAQ,cAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,YAAA,EAAc;AAAA,IACZ,IAAA,EAAM,YAAA;AAAA,IACN,UAAA,EAAY,YAAA;AAAA,IACZ,aAAA,EAAe,eAAA;AAAA,IACf,aAAA,EAAe,8KAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,OAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,cAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,mBAAmB,EAAC;AAAA,IACpB,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,OAAA;AAAA,MACT,MAAA,EAAQ,OAAA;AAAA,MACR,MAAA,EAAQ,cAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,gBAAA,EAAkB;AAAA,IAChB,IAAA,EAAM,gBAAA;AAAA,IACN,UAAA,EAAY,gBAAA;AAAA,IACZ,aAAA,EAAe,gBAAA;AAAA,IACf,aAAA,EAAe,iGAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,aAAA;AAAA,IACZ,WAAA,EAAa,iBAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,gBAAA,EAAkB,IAAA;AAAA,MAClB,cAAA,EAAgB,IAAA;AAAA,MAChB,kBAAA,EAAoB,IAAA;AAAA,MACpB,qBAAA,EAAuB;AAAA,KACzB;AAAA,IACA,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,mBAAA,EAAqB;AAAA,IACnB,IAAA,EAAM,mBAAA;AAAA,IACN,UAAA,EAAY,mBAAA;AAAA,IACZ,aAAA,EAAe,YAAA;AAAA,IACf,aAAA,EAAe,+DAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,WAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,eAAe,EAAC;AAAA,IAChB,cAAA,EAAgB;AAAA,MACd;AAAA,KACF;AAAA,IACA,iBAAA,EAAmB;AAAA,MACjB,cAAA,EAAgB,IAAA;AAAA,MAChB,WAAA,EAAa,mBAAA;AAAA,MACb,cAAA,EAAgB;AAAA,KAClB;AAAA,IACA,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,UAAA;AAAA,IACN,UAAA,EAAY,UAAA;AAAA,IACZ,aAAA,EAAe,yBAAA;AAAA,IACf,aAAA,EAAe,kIAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,QAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,eAAe,EAAC;AAAA,IAChB,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,eAAA,EAAiB,GAAA;AAAA,MACjB,OAAA,EAAS,MAAA;AAAA,MACT,SAAA,EAAW,MAAA;AAAA,MACX,aAAA,EAAe;AAAA,KACjB;AAAA,IACA,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,IAAA,EAAM,OAAA;AAAA,IACN,UAAA,EAAY,OAAA;AAAA,IACZ,aAAA,EAAe,OAAA;AAAA,IACf,aAAA,EAAe,sNAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,WAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,cAAA;AAAA,MACA,YAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,UAAA,EAAY,YAAA;AAAA,MACZ,cAAA,EAAgB,EAAA;AAAA,MAChB,WAAA,EAAa,EAAA;AAAA,MACb,UAAA,EAAY,EAAA;AAAA,MACZ,SAAA,EAAW,EAAA;AAAA,MACX,SAAA,EAAW,EAAA;AAAA,MACX,aAAA,EAAe,EAAA;AAAA,MACf,iBAAA,EAAmB;AAAA,KACrB;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,OAAA;AAAA,MACT,MAAA,EAAQ,UAAA;AAAA,MACR,MAAA,EAAQ,sBAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,IAAA,EAAM,OAAA;AAAA,IACN,UAAA,EAAY,OAAA;AAAA,IACZ,aAAA,EAAe,OAAA;AAAA,IACf,aAAA,EAAe,6FAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,SAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,cAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,mBAAmB,EAAC;AAAA,IACpB,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,OAAA;AAAA,MACT,MAAA,EAAQ,eAAA;AAAA,MACR,MAAA,EAAQ,cAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,kBAAA,EAAoB;AAAA,IAClB,IAAA,EAAM,kBAAA;AAAA,IACN,UAAA,EAAY,kBAAA;AAAA,IACZ,aAAA,EAAe,kBAAA;AAAA,IACf,aAAA,EAAe,2MAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,mBAAA;AAAA,IACV,UAAA,EAAY,SAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,yBAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,kBAAA,EAAoB,IAAA;AAAA,MACpB,cAAA,EAAgB,IAAA;AAAA,MAChB,UAAA,EAAY;AAAA,KACd;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,kBAAA;AAAA,MACT,MAAA,EAAQ,UAAA;AAAA,MACR,MAAA,EAAQ,yBAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,aAAA,EAAe;AAAA,IACb,IAAA,EAAM,aAAA;AAAA,IACN,UAAA,EAAY,aAAA;AAAA,IACZ,aAAA,EAAe,aAAA;AAAA,IACf,aAAA,EAAe,2CAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,WAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,mBAAmB,EAAC;AAAA,IACpB,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,aAAA;AAAA,MACT,MAAA,EAAQ,aAAA;AAAA,MACR,MAAA,EAAQ,oBAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,gBAAA,EAAkB;AAAA,IAChB,IAAA,EAAM,gBAAA;AAAA,IACN,UAAA,EAAY,gBAAA;AAAA,IACZ,aAAA,EAAe,0BAAA;AAAA,IACf,aAAA,EAAe,sIAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,QAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,eAAA,EAAiB,IAAA;AAAA,IACjB,eAAe,EAAC;AAAA,IAChB,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,eAAA,EAAiB,GAAA;AAAA,MACjB,gBAAA,EAAkB,UAAA;AAAA,MAClB,aAAA,EAAe;AAAA,KACjB;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,gBAAA;AAAA,MACT,MAAA,EAAQ,eAAA;AAAA,MACR,MAAA,EAAQ,+BAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,iBAAA,EAAmB;AAAA,IACjB,IAAA,EAAM,iBAAA;AAAA,IACN,UAAA,EAAY,iBAAA;AAAA,IACZ,aAAA,EAAe,2BAAA;AAAA,IACf,aAAA,EAAe,iIAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,UAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,eAAe,EAAC;AAAA,IAChB,cAAA,EAAgB;AAAA,MACd;AAAA,KACF;AAAA,IACA,iBAAA,EAAmB;AAAA,MACjB,mBAAA,EAAqB,EAAA;AAAA,MACrB,kBAAA,EAAoB,CAAA;AAAA,MACpB,eAAA,EAAiB;AAAA,KACnB;AAAA,IACA,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,cAAA,EAAgB;AAAA,IACd,IAAA,EAAM,cAAA;AAAA,IACN,UAAA,EAAY,cAAA;AAAA,IACZ,aAAA,EAAe,cAAA;AAAA,IACf,aAAA,EAAe,uLAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,WAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,gBAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,YAAA,EAAc,aAAA;AAAA,MACd,qBAAA,EAAuB,KAAA;AAAA,MACvB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,SAAA;AAAA,MACT,MAAA,EAAQ,iBAAA;AAAA,MACR,MAAA,EAAQ,gBAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,iBAAA,EAAmB;AAAA,IACjB,IAAA,EAAM,iBAAA;AAAA,IACN,UAAA,EAAY,iBAAA;AAAA,IACZ,aAAA,EAAe,iBAAA;AAAA,IACf,aAAA,EAAe,wDAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,gBAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,eAAe,EAAC;AAAA,IAChB,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,WAAA,EAAa;AAAA,QACX,QAAA,EAAU;AAAA,UACR,UAAA,EAAY,EAAA;AAAA,UACZ,cAAA,EAAgB,EAAA;AAAA,UAChB,SAAA,EAAW;AAAA,SACb;AAAA,QACA,QAAA,EAAU;AAAA,UACR,UAAA,EAAY,EAAA;AAAA,UACZ,cAAA,EAAgB,EAAA;AAAA,UAChB,SAAA,EAAW;AAAA;AACb;AACF,KACF;AAAA,IACA,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,WAAA,EAAa;AAAA,IACX,IAAA,EAAM,WAAA;AAAA,IACN,UAAA,EAAY,WAAA;AAAA,IACZ,aAAA,EAAe,WAAA;AAAA,IACf,aAAA,EAAe,sDAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,UAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,YAAA;AAAA,MACA,aAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,cAAA,EAAgB;AAAA,MACd;AAAA,KACF;AAAA,IACA,iBAAA,EAAmB;AAAA,MACjB,YAAA,EAAc,CAAA;AAAA,MACd,mBAAA,EAAqB,EAAA;AAAA,MACrB,aAAA,EAAe,CAAA;AAAA,MACf,kBAAA,EAAoB,CAAA;AAAA,MACpB,0BAAA,EAA4B,KAAA;AAAA,MAC5B,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,GAAA;AAAA,MACb,iBAAA,EAAmB,CAAA;AAAA,MACnB,iBAAA,EAAmB,SAAA;AAAA,MACnB,UAAA,EAAY,EAAA;AAAA,MACZ,iBAAA,EAAmB;AAAA,KACrB;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,WAAA;AAAA,MACT,MAAA,EAAQ,KAAA;AAAA,MACR,MAAA,EAAQ,mCAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,cAAA,EAAgB;AAAA,IACd,IAAA,EAAM,cAAA;AAAA,IACN,UAAA,EAAY,cAAA;AAAA,IACZ,aAAA,EAAe,wBAAA;AAAA,IACf,aAAA,EAAe,sIAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,QAAA;AAAA,IACZ,WAAA,EAAa,cAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,eAAe,EAAC;AAAA,IAChB,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,SAAA,EAAW,OAAA;AAAA,MACX,eAAA,EAAiB,GAAA;AAAA,MACjB,gBAAA,EAAkB,MAAA;AAAA,MAClB,OAAA,EAAS;AAAA,KACX;AAAA,IACA,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,qBAAA,EAAuB;AAAA,IACrB,IAAA,EAAM,qBAAA;AAAA,IACN,UAAA,EAAY,qBAAA;AAAA,IACZ,aAAA,EAAe,qBAAA;AAAA,IACf,aAAA,EAAe,iEAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,OAAA;AAAA,IACV,UAAA,EAAY,WAAA;AAAA,IACZ,WAAA,EAAa,cAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,iBAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,SAAA,EAAW,IAAA;AAAA,MACX,oBAAA,EAAsB;AAAA,KACxB;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,WAAA;AAAA,MACT,MAAA,EAAQ,aAAA;AAAA,MACR,MAAA,EAAQ,kBAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,gBAAA,EAAkB;AAAA,IAChB,IAAA,EAAM,gBAAA;AAAA,IACN,UAAA,EAAY,gBAAA;AAAA,IACZ,aAAA,EAAe,gBAAA;AAAA,IACf,aAAA,EAAe,oJAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,UAAA;AAAA,IACZ,WAAA,EAAa,iBAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,qBAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,WAAA,EAAa;AAAA,QACX,YAAA,EAAc,EAAA;AAAA,QACd,WAAA,EAAa,GAAA;AAAA,QACb,WAAA,EAAa;AAAA,OACf;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,SAAA,EAAW,IAAA;AAAA,QACX,wBAAA,EAA0B,EAAA;AAAA,QAC1B,2BAAA,EAA6B,CAAA;AAAA,QAC7B,eAAA,EAAiB,EAAA;AAAA,QACjB,wBAAA,EAA0B,EAAA;AAAA,QAC1B,gBAAA,EAAkB;AAAA,OACpB;AAAA,MACA,SAAA,EAAW;AAAA,QACT,qBAAA,EAAuB,IAAA;AAAA,QACvB,YAAA,EAAc,IAAA;AAAA,QACd,kBAAA,EAAoB,IAAA;AAAA,QACpB,mBAAA,EAAqB,IAAA;AAAA,QACrB,qBAAA,EAAuB;AAAA;AACzB,KACF;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,gBAAA;AAAA,MACT,MAAA,EAAQ,cAAA;AAAA,MACR,MAAA,EAAQ,+BAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,YAAA,EAAc;AAAA,IACZ,IAAA,EAAM,YAAA;AAAA,IACN,UAAA,EAAY,YAAA;AAAA,IACZ,aAAA,EAAe,YAAA;AAAA,IACf,aAAA,EAAe,0MAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,mBAAA;AAAA,IACV,UAAA,EAAY,SAAA;AAAA,IACZ,WAAA,EAAa,EAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,mBAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,mBAAmB,EAAC;AAAA,IACpB,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,YAAA;AAAA,MACT,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,mBAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,QAAA,EAAU;AAAA,IACR,IAAA,EAAM,QAAA;AAAA,IACN,UAAA,EAAY,QAAA;AAAA,IACZ,aAAA,EAAe,sBAAA;AAAA,IACf,aAAA,EAAe,kGAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,UAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,eAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,iBAAA,EAAmB,EAAA;AAAA,MACnB,qBAAA,EAAuB,EAAA;AAAA,MACvB,eAAA,EAAiB,EAAA;AAAA,MACjB,YAAA,EAAc,kBAAA;AAAA,MACd,WAAA,EAAa;AAAA,KACf;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,QAAA;AAAA,MACT,MAAA,EAAQ,aAAA;AAAA,MACR,MAAA,EAAQ,uBAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,gBAAA,EAAkB;AAAA,IAChB,IAAA,EAAM,gBAAA;AAAA,IACN,UAAA,EAAY,gBAAA;AAAA,IACZ,aAAA,EAAe,0BAAA;AAAA,IACf,aAAA,EAAe,0KAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,QAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,KAAA;AAAA,IACX,eAAe,EAAC;AAAA,IAChB,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,QAAA,EAAU,YAAA;AAAA,MACV,eAAA,EAAiB,GAAA;AAAA,MACjB,gBAAA,EAAkB,MAAA;AAAA,MAClB,MAAA,EAAQ;AAAA,KACV;AAAA,IACA,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,WAAA,EAAa;AAAA,IACX,IAAA,EAAM,WAAA;AAAA,IACN,UAAA,EAAY,kBAAA;AAAA,IACZ,aAAA,EAAe,sBAAA;AAAA,IACf,aAAA,EAAe,sGAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,SAAA;AAAA,IACV,UAAA,EAAY,UAAA;AAAA,IACZ,WAAA,EAAa,iBAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,aAAA,EAAe;AAAA,MACb,gBAAA;AAAA,MACA;AAAA,KACF;AAAA,IACA,gBAAgB,EAAC;AAAA,IACjB,iBAAA,EAAmB;AAAA,MACjB,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,EAAA;AAAA,MACb,OAAA,EAAS,MAAA;AAAA,MACT,MAAA,EAAQ,QAAA;AAAA,MACR,MAAA,EAAQ,SAAA;AAAA,MACR,YAAA,EAAc,QAAA;AAAA,MACd,qBAAA,EAAuB,KAAA;AAAA,MACvB,mBAAA,EAAqB,SAAA;AAAA,MACrB,SAAA,EAAW;AAAA,KACb;AAAA,IACA,WAAA,EAAa;AAAA,MACX,OAAA,EAAS,WAAA;AAAA,MACT,MAAA,EAAQ,cAAA;AAAA,MACR,MAAA,EAAQ,mCAAA;AAAA,MACR,OAAA,EAAS;AAAA;AACX,GACF;AAAA,EAEA,eAAA,EAAiB;AAAA,IACf,IAAA,EAAM,eAAA;AAAA,IACN,UAAA,EAAY,eAAA;AAAA,IACZ,aAAA,EAAe,eAAA;AAAA,IACf,aAAA,EAAe,8CAAA;AAAA,IACf,SAAA,EAAW,cAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,OAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,eAAe,EAAC;AAAA,IAChB,gBAAgB,EAAC;AAAA,IACjB,mBAAmB,EAAC;AAAA,IACpB,WAAA,EAAa;AAAA,GACf;AAAA,EAEA,YAAA,EAAc;AAAA,IACZ,IAAA,EAAM,YAAA;AAAA,IACN,UAAA,EAAY,YAAA;AAAA,IACZ,aAAA,EAAe,YAAA;AAAA,IACf,aAAA,EAAe,6EAAA;AAAA,IACf,SAAA,EAAW,OAAA;AAAA,IACX,QAAA,EAAU,cAAA;AAAA,IACV,UAAA,EAAY,SAAA;AAAA,IACZ,WAAA,EAAa,WAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,eAAe,EAAC;AAAA,IAChB,gBAAgB,EAAC;AAAA,IACjB,mBAAmB,EAAC;AAAA,IACpB,WAAA,EAAa;AAAA;AAEjB;AAKO,IAAM,cAAA,GAAiB,MAAA,CAAO,IAAA,CAAK,eAAe,CAAA;AAKjB,cAAA,CAAe,MAAA;AAAA,EACrD,CAAA,EAAA,KAAM,eAAA,CAAgB,EAAE,CAAA,EAAG,SAAA,KAAc;AAC3C;AAMO,SAAS,qBAAqB,QAAA,EAAmD;AACtF,EAAA,OAAO,MAAA,CAAO,MAAA,CAAO,eAAe,CAAA,CAAE,IAAA,CAAK,CAAA,CAAA,KAAK,CAAA,CAAE,QAAA,KAAa,QAAQ,CAAA,IAClE,eAAA,CAAgB,QAAQ,CAAA;AAC/B;;;AClvBA,IAAM,oBAAA,GAAuB;AAAA,EAC3B,WAAA;AAAA;AAAA,EAEA,GAAG,MAAA,CAAO,MAAA,CAAO,eAAe,CAAA,CAC7B,OAAO,CAAA,CAAA,KAAK,CAAA,CAAE,aAAA,KAAkB,IAAA,IAAQ,EAAE,EAAA,KAAO,WAAW,EAC5D,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,EAAE;AAClB,CAAA;AAEA,SAAS,qBAAqB,KAAA,EAAwC;AACpE,EAAA,OAAO;AAAA,IACL,IAAI,KAAA,CAAM,EAAA;AAAA,IACV,MAAM,KAAA,CAAM,QAAA;AAAA,IACZ,cAAc,KAAA,CAAM,WAAA;AAAA,IACpB,aAAa,KAAA,CAAM,WAAA;AAAA,IACnB,SAAS,KAAA,CAAM,OAAA;AAAA,IACf,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,UAAU,KAAA,CAAM,QAAA;AAAA,IAChB,MAAM,KAAA,CAAM,SAAA;AAAA,IACZ,aAAa,KAAA,CAAM,WAAA;AAAA,IACnB,cAAc,KAAA,CAAM,YAAA;AAAA,IACpB,UAAU,KAAA,CAAM;AAAA,GAClB;AACF;AAEO,IAAM,yBAAN,MAA6B;AAAA,EAGlC,YAAoB,EAAA,EAAgB;AAAhB,IAAA,IAAA,CAAA,EAAA,GAAA,EAAA;AAClB,IAAA,IAAA,CAAK,aAAA,GAAgB,IAAI,aAAA,CAAc,EAAE,CAAA;AAAA,EAC3C;AAAA,EAJQ,aAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWS,YAAA,GAA6B,qBAC3C,MAAA,CAAO,CAAC,OAAO,eAAA,CAAgB,EAAE,CAAA,KAAM,MAAA,IAAa,eAAA,CAAgB,EAAE,EAAG,OAAA,KAAY,IAAI,EACzF,GAAA,CAAI,CAAC,OAAO,oBAAA,CAAqB,eAAA,CAAgB,EAAE,CAAE,CAAC,CAAA;AAAA;AAAA;AAAA;AAAA,EAKzD,MAAM,oBAAA,GAAsC;AAC1C,IAAA,OAAA,CAAQ,IAAI,6DAA6D,CAAA;AAEzE,IAAA,IAAI;AAEF,MAAA,KAAA,MAAW,UAAA,IAAc,KAAK,YAAA,EAAc;AAC1C,QAAA,MAAM,IAAA,CAAK,sBAAsB,UAAU,CAAA;AAAA,MAC7C;AAEA,MAAA,OAAA,CAAQ,GAAA;AAAA,QACN;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,oDAAoD,KAAK,CAAA;AACvE,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,sBAAsB,MAAA,EAAmC;AACrE,IAAA,IAAI;AAEF,MAAA,MAAM,iBAAiB,MAAM,IAAA,CAAK,aAAA,CAAc,SAAA,CAAU,OAAO,EAAE,CAAA;AAEnE,MAAA,IAAI,cAAA,EAAgB;AAClB,QAAA,OAAA,CAAQ,GAAA;AAAA,UACN,CAAA,4CAAA,EAA+C,MAAA,CAAO,YAAY,CAAA,UAAA,EAAa,eAAe,MAAM,CAAA,CAAA;AAAA,SACtG;AAGA,QAAA,IAAI,cAAA,CAAe,OAAA,KAAY,MAAA,CAAO,OAAA,EAAS;AAC7C,UAAA,OAAA,CAAQ,GAAA;AAAA,YACN,CAAA,2CAAA,EAA8C,OAAO,YAAY,CAAA,MAAA,EAAS,eAAe,OAAO,CAAA,IAAA,EAAO,OAAO,OAAO,CAAA;AAAA,WACvH;AACA,UAAA,MAAM,IAAA,CAAK,aAAa,MAAM,CAAA;AAAA,QAChC;AAGA,QAAA,IAAI,MAAA,CAAO,EAAA,KAAO,WAAA,IAAe,cAAA,CAAe,WAAW,QAAA,EAAU;AACnE,UAAA,OAAA,CAAQ,GAAA;AAAA,YACN,CAAA,oEAAA;AAAA,WACF;AACA,UAAA,MAAM,IAAA,CAAK,aAAA,CAAc,cAAA,CAAe,MAAA,CAAO,EAAE,CAAA;AAAA,QACnD;AAAA,MAGF,CAAA,MAAO;AAEL,QAAA,OAAA,CAAQ,GAAA;AAAA,UACN,CAAA,qCAAA,EAAwC,OAAO,YAAY,CAAA;AAAA,SAC7D;AACA,QAAA,MAAM,IAAA,CAAK,cAAc,aAAA,CAAc;AAAA,UACrC,GAAG,MAAA;AAAA,UACH,OAAA,EAAS,MAAA,CAAO,IAAA,CAAK,UAAA,CAAW,OAAO;AAAA,SACxC,CAAA;AAGD,QAAA,OAAA,CAAQ,GAAA;AAAA,UACN,CAAA,qDAAA,EAAwD,OAAO,YAAY,CAAA;AAAA,SAC7E;AACA,QAAA,MAAM,IAAA,CAAK,aAAA,CAAc,cAAA,CAAe,MAAA,CAAO,EAAE,CAAA;AAAA,MACnD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN,CAAA,wCAAA,EAA2C,OAAO,YAAY,CAAA,CAAA,CAAA;AAAA,QAC9D;AAAA,OACF;AAAA,IAEF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,aAAa,MAAA,EAAmC;AAC5D,IAAA,MAAM,IAAA,CAAK,aAAA,CAAc,mBAAA,CAAoB,MAAA,CAAO,EAAA,EAAI;AAAA,MACtD,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,aAAa,MAAA,CAAO,WAAA;AAAA,MACpB,aAAa,MAAA,CAAO,WAAA;AAAA,MACpB,QAAA,EAAU,MAAA,CAAO,QAAA,IAAY;AAAC,KAC/B,CAAA;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAA,GAAsC;AAC1C,IAAA,IAAI;AAEF,MAAA,KAAA,MAAW,UAAA,IAAc,KAAK,YAAA,CAAa,MAAA;AAAA,QAAO,CAAC,CAAA,KACjD,CAAA,CAAE,IAAA,CAAK,WAAW,OAAO;AAAA,OAC3B,EAAG;AACD,QAAA,MAAM,SAAS,MAAM,IAAA,CAAK,aAAA,CAAc,SAAA,CAAU,WAAW,EAAE,CAAA;AAC/D,QAAA,IAAI,CAAC,MAAA,EAAQ;AACX,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AACA,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AAEd,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN,oDAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAEF","file":"chunk-OECDF2RF.cjs","sourcesContent":["/**\n * CollectionRegistry — in-memory registry of code-defined collections.\n *\n * Replaces the DB `collections` table as the source of truth for collection\n * metadata. Populated once at bootstrap from `loadCollectionConfigs()` (which\n * reads code-registered collections). Code-defined IDs are stable across envs:\n * `collection.id === collection.name`.\n */\n\nimport { CollectionConfig } from '../types/collection-config'\n\nexport interface CollectionRecord extends CollectionConfig {\n /** Stable id = collection.name. Always equals `name` for code-defined collections. */\n id: string\n}\n\nexport class CollectionRegistry {\n private byName = new Map<string, CollectionRecord>()\n private bySlug = new Map<string, CollectionRecord>()\n\n /**\n * Replace the registry contents with the given configs. Idempotent —\n * calling with the same configs twice yields the same state.\n */\n register(configs: CollectionConfig[]): void {\n this.byName.clear()\n this.bySlug.clear()\n for (const config of configs) {\n if (!config.name) continue\n const record: CollectionRecord = {\n ...config,\n id: config.name,\n slug: config.slug ?? config.name.replace(/_/g, '-'),\n managed: config.managed !== undefined ? config.managed : true,\n isActive: config.isActive !== undefined ? config.isActive : true,\n }\n this.byName.set(record.name, record)\n this.bySlug.set(record.slug!, record)\n }\n }\n\n /** All registered collections (including inactive). */\n list(): CollectionRecord[] {\n return Array.from(this.byName.values())\n }\n\n /** Active collections only. */\n listActive(): CollectionRecord[] {\n return this.list().filter((c) => c.isActive !== false)\n }\n\n getByName(name: string): CollectionRecord | undefined {\n return this.byName.get(name)\n }\n\n /** For code-defined collections, id === name. */\n getById(id: string): CollectionRecord | undefined {\n return this.byName.get(id)\n }\n\n /** Look up by the URL slug (set in CollectionConfig.slug). Falls back to getByName if needed. */\n getBySlug(slug: string): CollectionRecord | undefined {\n return this.bySlug.get(slug)\n }\n\n /** Resolve a path segment to a record — tries slug first, then name. */\n getBySlugOrName(slugOrName: string): CollectionRecord | undefined {\n return this.bySlug.get(slugOrName) ?? this.byName.get(slugOrName)\n }\n\n isActive(name: string): boolean {\n const record = this.byName.get(name)\n return record?.isActive !== false && record !== undefined\n }\n\n size(): number {\n return this.byName.size\n }\n\n /** Test helper — wipe state. */\n clear(): void {\n this.byName.clear()\n this.bySlug.clear()\n }\n}\n\n/**\n * Map a registry record to the snake_case shape historically returned by\n * `SELECT * FROM collections`. Used by API routes during the consumer\n * migration so downstream clients see no schema drift.\n */\nexport interface CollectionRowShape {\n id: string\n name: string\n display_name: string\n description: string | null\n schema: any\n is_active: number\n managed: number\n source_type: string\n source_id: string | null\n created_at: number\n updated_at: number\n}\n\nexport function collectionRecordToRow(record: CollectionRecord): CollectionRowShape {\n return {\n id: record.id,\n name: record.name,\n display_name: record.displayName,\n description: record.description ?? null,\n schema: record.schema,\n is_active: record.isActive === false ? 0 : 1,\n managed: record.managed === false ? 0 : 1,\n source_type: 'code',\n source_id: null,\n created_at: 0,\n updated_at: 0,\n }\n}\n\n// Module-level singleton. Bootstrap populates; consumers read.\nlet instance: CollectionRegistry | null = null\n\nexport function getCollectionRegistry(): CollectionRegistry {\n if (!instance) {\n instance = new CollectionRegistry()\n }\n return instance\n}\n\n/** Test helper — reset singleton between tests. */\nexport function resetCollectionRegistry(): void {\n instance = null\n}\n","/**\n * Collection Loader Service\n *\n * Loads collection configuration files from the collections directory.\n * Supports both development (reading from filesystem) and production (bundled).\n */\n\nimport type { D1Database } from '@cloudflare/workers-types'\nimport { CollectionConfig, CollectionConfigModule } from '../types/collection-config'\nimport { getCollectionRegistry } from './collection-registry'\n\nexport interface VisibleCollection {\n name: string\n displayName: string\n}\n\n/** True when a code-registry collection should be hidden from user-facing menus. */\nexport function isCodeCollectionInternal(cfg: { internal?: boolean }): boolean {\n return cfg.internal === true\n}\n\n/** True when a document_types DB row should be hidden from user-facing menus. */\nexport function isDbDocTypeInternal(source?: string | null): boolean {\n return source === 'system' || source === 'plugin'\n}\n\n/**\n * Returns collections visible to users (non-internal) for UI menus like \"New Content\".\n * Canonical filtering logic shared with /admin/collections:\n * - Code registry: cfg.internal !== true\n * - DB document_types: source is not 'system' or 'plugin'\n * Code registry wins on name collisions.\n */\nexport async function getVisibleCollections(db: D1Database): Promise<VisibleCollection[]> {\n const codeRegistry = getCollectionRegistry().list()\n const codeMap = new Map<string, VisibleCollection>()\n for (const cfg of codeRegistry) {\n if (!isCodeCollectionInternal(cfg)) {\n codeMap.set(cfg.name, { name: cfg.name, displayName: cfg.displayName })\n }\n }\n\n let dbRows: any[] = []\n try {\n const { results } = await db.prepare(\n \"SELECT name, display_name, source FROM document_types WHERE is_active = 1 ORDER BY display_name\"\n ).all()\n dbRows = results ?? []\n } catch {\n // document_types may not exist in early dev\n }\n\n const merged = new Map<string, VisibleCollection>(codeMap)\n for (const row of dbRows) {\n if (!isDbDocTypeInternal(row.source) && !merged.has(row.name)) {\n merged.set(row.name, { name: String(row.name), displayName: String(row.display_name) })\n }\n }\n\n return Array.from(merged.values())\n}\n\n// Global registry for externally registered collections\nconst registeredCollections: CollectionConfig[] = []\n\n/**\n * Register collections from the application code\n * This should be called before creating the app\n */\nexport function registerCollections(collections: CollectionConfig[]): void {\n for (const config of collections) {\n // Validate required fields\n if (!config.name || !config.displayName || !config.schema) {\n console.error(`Invalid collection config: missing required fields`, config)\n continue\n }\n\n // Set defaults\n const normalizedConfig: CollectionConfig = {\n ...config,\n managed: config.managed !== undefined ? config.managed : true,\n isActive: config.isActive !== undefined ? config.isActive : true\n }\n\n registeredCollections.push(normalizedConfig)\n console.log(`✓ Registered collection: ${config.name}`)\n }\n}\n\n/**\n * Load all collection configurations from the collections directory\n */\nexport async function loadCollectionConfigs(): Promise<CollectionConfig[]> {\n const collections: CollectionConfig[] = [...registeredCollections]\n\n // Log registered collections summary\n if (registeredCollections.length > 0) {\n console.log(`📦 Found ${registeredCollections.length} registered collection(s) from application`)\n } else {\n console.log(`⚠️ No collections registered. Make sure to call registerCollections() in your app's index.ts`)\n console.log(` Example: import myCollection from './collections/my-collection.collection'`)\n console.log(` registerCollections([myCollection])`)\n }\n\n try {\n // Import all collection files dynamically from core package\n // In production, these will be bundled with the application\n const modules = (import.meta as any).glob?.('../collections/*.collection.ts', { eager: true }) || {}\n let coreCollectionCount = 0\n\n for (const [path, module] of Object.entries(modules)) {\n try {\n const configModule = module as CollectionConfigModule\n\n if (!configModule.default) {\n console.warn(`Collection file ${path} does not export a default config`)\n continue\n }\n\n const config = configModule.default\n\n // Validate required fields\n if (!config.name || !config.displayName || !config.schema) {\n console.error(`Invalid collection config in ${path}: missing required fields`)\n continue\n }\n\n // Set defaults\n const normalizedConfig: CollectionConfig = {\n ...config,\n managed: config.managed !== undefined ? config.managed : true,\n isActive: config.isActive !== undefined ? config.isActive : true\n }\n\n collections.push(normalizedConfig)\n coreCollectionCount++\n console.log(`✓ Loaded core collection: ${config.name}`)\n } catch (error) {\n console.error(`Error loading collection from ${path}:`, error)\n }\n }\n\n console.log(`📊 Collection summary: ${collections.length} total (${registeredCollections.length} from app, ${coreCollectionCount} from core)`)\n return collections\n } catch (error) {\n console.error('Error loading collection configurations:', error)\n return collections // Return registered collections even if core loading fails\n }\n}\n\n/**\n * Load a specific collection configuration by name\n * Note: This function requires implementation in the consuming application\n * as it depends on project-specific collection files\n */\nexport async function loadCollectionConfig(name: string): Promise<CollectionConfig | null> {\n try {\n // Dynamic imports are not supported in library builds\n // This should be implemented in the consuming application\n console.warn('loadCollectionConfig requires implementation in consuming application')\n return null\n } catch (error) {\n console.error(`Error loading collection ${name}:`, error)\n return null\n }\n}\n\n/**\n * Get list of all available collection config file names\n */\nexport async function getAvailableCollectionNames(): Promise<string[]> {\n try {\n const modules = (import.meta as any).glob?.('../collections/*.collection.ts') || {}\n const names: string[] = []\n\n for (const path of Object.keys(modules)) {\n // Extract collection name from path\n // e.g., '../collections/blog-posts.collection.ts' -> 'blog-posts'\n const match = path.match(/\\/([^/]+)\\.collection\\.ts$/)\n if (match && match[1]) {\n names.push(match[1])\n }\n }\n\n return names\n } catch (error) {\n console.error('Error getting collection names:', error)\n return []\n }\n}\n\n/**\n * Validate a collection configuration\n */\nexport function validateCollectionConfig(config: CollectionConfig): { valid: boolean; errors: string[] } {\n const errors: string[] = []\n\n // Required fields\n if (!config.name) {\n errors.push('Collection name is required')\n } else if (!/^[a-z0-9_-]+$/.test(config.name)) {\n errors.push('Collection name must contain only lowercase letters, numbers, underscores, and hyphens')\n }\n\n if (!config.displayName) {\n errors.push('Display name is required')\n }\n\n if (!config.schema) {\n errors.push('Schema is required')\n } else {\n // Validate schema structure\n if (config.schema.type !== 'object') {\n errors.push('Schema type must be \"object\"')\n }\n\n if (!config.schema.properties || typeof config.schema.properties !== 'object') {\n errors.push('Schema must have properties')\n }\n\n // Validate field types\n for (const [fieldName, fieldConfig] of Object.entries(config.schema.properties || {})) {\n if (!fieldConfig.type) {\n errors.push(`Field \"${fieldName}\" is missing type`)\n }\n\n // Validate reference fields\n if (fieldConfig.type === 'reference' && !fieldConfig.collection) {\n errors.push(`Reference field \"${fieldName}\" is missing collection property`)\n }\n\n const layoutValue = fieldConfig.objectLayout\n if (layoutValue !== undefined) {\n if (fieldConfig.type !== 'object') {\n errors.push(`Field \"${fieldName}\" uses objectLayout but is not an object field`)\n } else if (!['nested', 'flat'].includes(layoutValue)) {\n errors.push(`Object field \"${fieldName}\" has invalid objectLayout. Use \"nested\" or \"flat\"`)\n }\n }\n\n // Validate select fields\n if (['select', 'multiselect', 'radio'].includes(fieldConfig.type) && !fieldConfig.enum) {\n errors.push(`Select field \"${fieldName}\" is missing enum options`)\n }\n }\n }\n\n return {\n valid: errors.length === 0,\n errors\n }\n}\n","/**\n * Tenant resolution middleware (multi-tenant plugin runtime).\n *\n * Sets `c.set('tenantId', ...)` for every request. While the multi-tenant plugin is inactive this\n * short-circuits to 'default', making behavior identical to single-tenant SonicJS. When active,\n * the tenant is resolved (first match wins) from:\n *\n * 1. the configured tenant header (API clients, default `X-Tenant-Id`)\n * 2. the `sonicjs-tenant` cookie (admin tenant switcher)\n * 3. an exact host -> tenant domain mapping (`q_tenant_domain`)\n * 4. a subdomain of the configured root domain (`acme.example.com` -> 'acme'), when enabled\n * 5. fallback: 'default'\n *\n * Every candidate is validated against the tenant registry (must exist AND be active); invalid\n * candidates fall through to the next source. Resolution state (plugin status + settings + tenant\n * map) is cached per isolate with a short TTL and invalidated by tenant/plugin writes in the same\n * isolate.\n *\n * `getDocumentRequestContext()` reads the resolved value — the document layer chokepoint stays the\n * single place tenant scope enters queries (R3).\n */\nimport type { Context, Next } from 'hono'\nimport { getCookie } from 'hono/cookie'\nimport { escapeHtml } from '../utils/sanitize'\n\nexport const TENANT_COOKIE = 'sonicjs-tenant'\nexport const TENANT_SWITCHER_MARKER = '<!-- TENANT_SWITCHER -->'\nexport const MULTI_TENANT_PLUGIN_ID = 'multi-tenant'\n\nconst CACHE_TTL_MS = 30_000\n\nexport interface TenantResolutionSettings {\n headerName: string\n subdomainResolution: boolean\n rootDomain: string\n}\n\ninterface TenantCacheEntry {\n pluginActive: boolean\n settings: TenantResolutionSettings\n /** slug -> { name, status } for all live tenant records. */\n tenants: Map<string, { name: string; status: string }>\n /** lowercased exact domain -> slug */\n domains: Map<string, string>\n fetchedAt: number\n}\n\nconst DEFAULT_SETTINGS: TenantResolutionSettings = {\n headerName: 'X-Tenant-Id',\n subdomainResolution: false,\n rootDomain: '',\n}\n\nlet cache: TenantCacheEntry | null = null\n\n/** Busts the per-isolate resolution cache. Called by tenant writes and plugin lifecycle changes. */\nexport function invalidateTenantCache(): void {\n cache = null\n}\n\nasync function loadTenantState(db: any): Promise<TenantCacheEntry> {\n const now = Date.now()\n if (cache && now - cache.fetchedAt < CACHE_TTL_MS) return cache\n\n let pluginActive = false\n let settings = DEFAULT_SETTINGS\n const tenants = new Map<string, { name: string; status: string }>()\n const domains = new Map<string, string>()\n\n try {\n const pluginRow = await db.prepare(\n `SELECT data FROM documents\n WHERE type_id = 'plugin' AND tenant_id = 'default' AND slug = ?\n AND q_plugin_status = 'active' AND is_current_draft = 1 AND deleted_at IS NULL`\n ).bind(MULTI_TENANT_PLUGIN_ID).first() as { data?: string } | null\n\n if (pluginRow) {\n pluginActive = true\n try {\n const data = typeof pluginRow.data === 'string' ? JSON.parse(pluginRow.data) : (pluginRow.data ?? {})\n const s = data.settings ?? {}\n settings = {\n headerName: typeof s.headerName === 'string' && s.headerName.trim() !== '' ? s.headerName.trim() : DEFAULT_SETTINGS.headerName,\n subdomainResolution: s.subdomainResolution === true,\n rootDomain: typeof s.rootDomain === 'string' ? s.rootDomain.trim().toLowerCase() : '',\n }\n } catch {\n settings = DEFAULT_SETTINGS\n }\n\n const { results } = await db.prepare(\n `SELECT slug, name, status, domain FROM auth_tenant`\n ).all()\n for (const row of (results ?? []) as any[]) {\n const status = row.status === 'inactive' ? 'inactive' : 'active'\n tenants.set(row.slug, { name: row.name || row.slug, status })\n if (row.domain && status === 'active') {\n domains.set(String(row.domain).toLowerCase(), row.slug)\n }\n }\n // The default tenant always resolves, even before its registry row is materialized.\n if (!tenants.has('default')) tenants.set('default', { name: 'Default', status: 'active' })\n }\n } catch {\n // DB not migrated/seeded yet (first boot): behave as single-tenant.\n pluginActive = false\n }\n\n cache = { pluginActive, settings, tenants, domains, fetchedAt: now }\n return cache\n}\n\nfunction isActiveTenant(state: TenantCacheEntry, slug: string | undefined | null): slug is string {\n if (!slug) return false\n const entry = state.tenants.get(slug)\n return !!entry && entry.status === 'active'\n}\n\n/**\n * Pure resolution, exported for tests. Returns the tenant slug for a request snapshot.\n *\n * When `opts.enforceMembership` is set (authed requests), every non-'default' candidate must also be\n * in `opts.memberSlugs` — an authed user can only resolve into tenants they belong to. Anonymous\n * requests (public API / content serving) pass `enforceMembership: false` so domain/header routing\n * to public content is unaffected. 'default' is always allowed.\n */\nexport function resolveTenantSlug(\n state: Pick<TenantCacheEntry, 'pluginActive' | 'settings' | 'tenants' | 'domains'>,\n req: { header: string | undefined; cookie: string | undefined; host: string | undefined },\n opts?: { memberSlugs?: Set<string>; enforceMembership?: boolean }\n): string {\n if (!state.pluginActive) return 'default'\n const full = state as TenantCacheEntry\n const enforce = opts?.enforceMembership === true\n const member = (slug: string): boolean =>\n !enforce || slug === 'default' || (opts?.memberSlugs?.has(slug) ?? false)\n const accept = (slug: string | undefined | null): slug is string =>\n isActiveTenant(full, slug) && member(slug)\n\n const header = req.header?.trim().toLowerCase()\n if (accept(header)) return header\n\n const cookie = req.cookie?.trim().toLowerCase()\n if (accept(cookie)) return cookie\n\n const host = req.host?.split(':')[0]?.toLowerCase() ?? ''\n if (host) {\n const bySlug = state.domains.get(host)\n if (accept(bySlug)) return bySlug\n\n const { subdomainResolution, rootDomain } = state.settings\n if (subdomainResolution && rootDomain && host.endsWith(`.${rootDomain}`)) {\n const sub = host.slice(0, -(rootDomain.length + 1))\n if (sub && !sub.includes('.') && accept(sub)) return sub\n }\n }\n\n return 'default'\n}\n\n/** slug -> the user's role in that tenant (excludes always-open 'default'). Empty on error/anon. */\nasync function loadMemberRoles(db: any, userId: string): Promise<Map<string, string>> {\n try {\n const { results } = await db.prepare(`\n SELECT t.slug, m.role FROM auth_tenant_member m\n JOIN auth_tenant t ON t.id = m.tenant_id\n WHERE m.user_id = ?\n `).bind(userId).all()\n return new Map((results ?? []).map((r: any) => [r.slug as string, (r.role as string) || 'viewer']))\n } catch {\n return new Map()\n }\n}\n\nexport function tenantMiddleware() {\n return async (c: Context<any>, next: Next) => {\n const db = (c as any).env?.DB\n if (!db) {\n c.set('tenantId', 'default')\n return next()\n }\n\n const state = await loadTenantState(db)\n\n // Membership gate: for authed requests, resolution is restricted to the user's tenants. Anon\n // requests (public API / content) skip enforcement so public routing is unchanged. Platform\n // super-admins bypass the gate entirely (access every tenant).\n const user = c.get('user') as { userId?: string; role?: string; isSuperAdmin?: boolean } | undefined\n let memberSlugs: Set<string> | undefined\n let memberRoles: Map<string, string> | undefined\n const enforceMembership = !!(user?.userId && state.pluginActive && !user.isSuperAdmin)\n if (user?.userId && state.pluginActive && !user.isSuperAdmin) {\n memberRoles = await loadMemberRoles(db, user.userId)\n memberSlugs = new Set(memberRoles.keys())\n }\n\n const tenantId = resolveTenantSlug(\n state,\n {\n header: c.req.header(state.settings.headerName),\n cookie: getCookie(c, TENANT_COOKIE),\n host: c.req.header('host'),\n },\n { memberSlugs, enforceMembership }\n )\n c.set('tenantId', tenantId)\n\n // Per-tenant RBAC: the role principal fed to the document ACL is the user's role IN the resolved\n // tenant. For the 'default' tenant or a super-admin, the global role applies (single-tenant\n // behavior). For a resolved non-default tenant the gate guarantees membership, so the map has it.\n if (user?.userId) {\n const role =\n tenantId === 'default' || user.isSuperAdmin\n ? user.role\n : memberRoles?.get(tenantId) ?? user.role\n c.set('tenantRole', role)\n }\n\n await next()\n\n // Inject the admin tenant switcher at the layout marker (same post-response pattern as\n // pluginMenuMiddleware). Inactive plugin → marker collapses to nothing via the else branch\n // only when the marker is present; non-admin/non-HTML responses are untouched.\n const path = new URL(c.req.url).pathname\n if (!path.startsWith('/admin')) return\n if (!c.res.headers.get('content-type')?.includes('text/html')) return\n\n const status = c.res.status\n const headers = new Headers(c.res.headers)\n const html = await c.res.text()\n if (html.includes(TENANT_SWITCHER_MARKER)) {\n const replacement = state.pluginActive\n ? renderTenantSwitcher(state, tenantId, enforceMembership ? memberSlugs : undefined)\n : ''\n c.res = new Response(html.split(TENANT_SWITCHER_MARKER).join(replacement), { status, headers })\n } else {\n // Body was consumed by .text(); must rebuild the Response either way.\n c.res = new Response(html, { status, headers })\n }\n }\n}\n\nfunction renderTenantSwitcher(state: TenantCacheEntry, currentTenantId: string, memberSlugs?: Set<string>): string {\n const active = [...state.tenants.entries()]\n .filter(([slug, t]) => t.status === 'active' && (!memberSlugs || slug === 'default' || memberSlugs.has(slug)))\n .sort(([a], [b]) => (a === 'default' ? -1 : b === 'default' ? 1 : a.localeCompare(b)))\n\n const options = active\n .map(([slug, t]) =>\n `<option value=\"${escapeHtml(slug)}\" ${slug === currentTenantId ? 'selected' : ''}>${escapeHtml(t.name)}</option>`\n )\n .join('')\n\n return `\n <div class=\"border-b border-zinc-950/5 px-4 py-3 dark:border-white/5\" data-tenant-switcher>\n <label for=\"tenant-switcher-select\" class=\"mb-1 flex items-center gap-1.5 text-xs/5 font-medium text-zinc-500 dark:text-zinc-400\">\n <svg class=\"h-3.5 w-3.5\" fill=\"none\" stroke=\"currentColor\" viewBox=\"0 0 24 24\"><path stroke-linecap=\"round\" stroke-linejoin=\"round\" stroke-width=\"2\" d=\"M3.75 21h16.5M4.5 3h15M5.25 3v18m13.5-18v18M9 6.75h1.5m-1.5 3h1.5m-1.5 3h1.5m3-6H15m-1.5 3H15m-1.5 3H15M9 21v-3.375c0-.621.504-1.125 1.125-1.125h3.75c.621 0 1.125.504 1.125 1.125V21\"/></svg>\n Tenant\n </label>\n <form method=\"POST\" action=\"/admin/tenants/switch\" data-tenant-switcher-form>\n <select\n id=\"tenant-switcher-select\"\n name=\"tenant\"\n onchange=\"this.form.requestSubmit ? this.form.requestSubmit() : this.form.submit()\"\n class=\"w-full rounded-lg border border-zinc-950/10 bg-white px-2 py-1.5 text-sm/5 text-zinc-950 dark:border-white/10 dark:bg-zinc-800 dark:text-white\"\n >${options}</select>\n <input type=\"hidden\" name=\"redirect\" value=\"\" data-tenant-switcher-redirect>\n </form>\n <script>\n (function () {\n var r = document.querySelector('[data-tenant-switcher-redirect]');\n if (r) r.value = window.location.pathname + window.location.search;\n })();\n </script>\n </div>`\n}\n","import type { D1Database } from '@cloudflare/workers-types'\nimport { invalidateTenantCache } from '../middleware/tenant'\n\nexport interface PluginData {\n id: string\n name: string\n display_name: string\n description: string\n version: string\n author: string\n category: string\n icon: string\n status: 'active' | 'inactive' | 'error'\n is_core: boolean\n settings?: any\n permissions?: string[]\n dependencies?: string[]\n download_count: number\n rating: number\n installed_at: number\n activated_at?: number\n last_updated: number\n error_message?: string\n}\n\nexport interface PluginStats {\n total: number\n active: number\n inactive: number\n errors: number\n uninstalled: number\n}\n\nconst TENANT = 'default'\nconst TYPE_ID = 'plugin'\n\nexport class PluginService {\n constructor(private db: D1Database) {}\n\n async getAllPlugins(): Promise<PluginData[]> {\n const { results } = await this.db.prepare(`\n SELECT * FROM documents\n WHERE type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n ORDER BY json_extract(data, '$.isCore') DESC, title ASC\n `).bind(TYPE_ID, TENANT).all()\n return (results || []).map(mapDocumentToPlugin)\n }\n\n async getPlugin(pluginId: string): Promise<PluginData | null> {\n const row = await this.db.prepare(`\n SELECT * FROM documents\n WHERE slug = ? AND type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n `).bind(pluginId, TYPE_ID, TENANT).first()\n if (!row) return null\n return mapDocumentToPlugin(row)\n }\n\n async getPluginByName(name: string): Promise<PluginData | null> {\n return this.getPlugin(name)\n }\n\n async getPluginStats(): Promise<PluginStats> {\n const stats = await this.db.prepare(`\n SELECT\n COUNT(*) as total,\n COUNT(CASE WHEN q_plugin_status = 'active' THEN 1 END) as active,\n COUNT(CASE WHEN q_plugin_status = 'inactive' THEN 1 END) as inactive,\n COUNT(CASE WHEN q_plugin_status = 'error' THEN 1 END) as errors\n FROM documents\n WHERE type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n `).bind(TYPE_ID, TENANT).first() as any\n return {\n total: stats?.total || 0,\n active: stats?.active || 0,\n inactive: stats?.inactive || 0,\n errors: stats?.errors || 0,\n uninstalled: 0,\n }\n }\n\n async installPlugin(pluginData: Partial<PluginData>): Promise<PluginData> {\n const slug = pluginData.id || pluginData.name || `plugin-${Date.now()}`\n const docId = crypto.randomUUID()\n const now = Math.floor(Date.now() / 1000)\n const data = JSON.stringify({\n name: slug,\n displayName: pluginData.display_name || 'Unnamed Plugin',\n description: pluginData.description || '',\n version: pluginData.version || '1.0.0',\n author: pluginData.author || 'Unknown',\n category: pluginData.category || 'utilities',\n icon: pluginData.icon || '🔌',\n status: 'active',\n isCore: pluginData.is_core || false,\n settings: pluginData.settings || {},\n permissions: pluginData.permissions || [],\n dependencies: pluginData.dependencies || [],\n downloadCount: pluginData.download_count || 0,\n rating: pluginData.rating || 0,\n })\n // R5: 17 columns / 9 ? / 8 literals — verified\n await this.db.prepare(`\n INSERT INTO documents (\n id, root_id, type_id, version_number, is_current_draft, is_published, status,\n parent_root_id, slug, title, tenant_id, locale, translation_group_id,\n data, metadata, created_at, updated_at\n ) VALUES (\n ?, ?, ?, 1, 1, 1, 'published',\n '', ?, ?, ?, 'default', '',\n ?, '{}', ?, ?\n )\n `).bind(\n docId, docId, TYPE_ID,\n slug, pluginData.display_name || 'Unnamed Plugin', TENANT,\n data, now, now\n ).run()\n\n await this.logActivity(slug, 'installed', null, { version: pluginData.version })\n await this.logActivity(slug, 'activated', null)\n const installed = await this.getPlugin(slug)\n if (!installed) throw new Error('Failed to install plugin')\n return installed\n }\n\n /**\n * Ensure a definePlugin-registered plugin exists in the DB with active status.\n * No-op if already present. Used by admin routes to auto-register SDK plugins\n * that have never been explicitly installed.\n */\n async ensurePlugin(id: string, data: {\n displayName?: string\n description?: string\n author?: string\n version?: string\n }): Promise<PluginData> {\n const existing = await this.getPlugin(id)\n if (existing) return existing\n return this.installPlugin({\n id,\n name: id,\n display_name: data.displayName || id,\n description: data.description || '',\n author: data.author || '',\n version: data.version || '1.0.0',\n })\n }\n\n async uninstallPlugin(pluginId: string): Promise<void> {\n const plugin = await this.getPlugin(pluginId)\n if (!plugin) throw new Error('Plugin not found')\n if (plugin.is_core) throw new Error('Cannot uninstall core plugins')\n if (plugin.status === 'active') await this.deactivatePlugin(pluginId)\n const now = Math.floor(Date.now() / 1000)\n await this.db.prepare(`\n UPDATE documents\n SET deleted_at = ?, updated_at = ?, is_current_draft = 0, is_published = 0\n WHERE slug = ? AND type_id = ? AND tenant_id = ? AND is_current_draft = 1\n `).bind(now, now, pluginId, TYPE_ID, TENANT).run()\n await this.logActivity(pluginId, 'uninstalled', null, { name: plugin.name })\n }\n\n async activatePlugin(pluginId: string): Promise<void> {\n const plugin = await this.getPlugin(pluginId)\n if (!plugin) throw new Error('Plugin not found')\n if (plugin.dependencies && plugin.dependencies.length > 0) {\n await this.checkDependencies(plugin.dependencies)\n }\n const now = Math.floor(Date.now() / 1000)\n await this.db.prepare(`\n UPDATE documents\n SET data = json_set(data, '$.status', 'active', '$.activatedAt', ?, '$.errorMessage', null),\n updated_at = ?\n WHERE slug = ? AND type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n `).bind(now, now, pluginId, TYPE_ID, TENANT).run()\n // Sync status into the plugins table so isPluginActive() sees the change immediately.\n await this.db.prepare(`UPDATE plugins SET status = 'active' WHERE id = ?`).bind(pluginId).run().catch(() => {})\n // Plugin activation state feeds the tenant resolver cache (the multi-tenant plugin short-circuits\n // to single-tenant while inactive). The UI toggle does not run plugin lifecycle callbacks, so bust\n // the cache here. Cheap no-op for every other plugin.\n invalidateTenantCache()\n await this.logActivity(pluginId, 'activated', null)\n }\n\n async deactivatePlugin(pluginId: string): Promise<void> {\n const plugin = await this.getPlugin(pluginId)\n if (!plugin) throw new Error('Plugin not found')\n await this.checkDependents(plugin.name)\n const now = Math.floor(Date.now() / 1000)\n await this.db.prepare(`\n UPDATE documents\n SET data = json_set(data, '$.status', 'inactive', '$.activatedAt', null),\n updated_at = ?\n WHERE slug = ? AND type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n `).bind(now, pluginId, TYPE_ID, TENANT).run()\n // Sync status into the plugins table so isPluginActive() sees the change immediately.\n await this.db.prepare(`UPDATE plugins SET status = 'inactive' WHERE id = ?`).bind(pluginId).run().catch(() => {})\n invalidateTenantCache()\n await this.logActivity(pluginId, 'deactivated', null)\n }\n\n async updatePluginSettings(pluginId: string, settings: any): Promise<void> {\n const plugin = await this.getPlugin(pluginId)\n if (!plugin) throw new Error('Plugin not found')\n const now = Math.floor(Date.now() / 1000)\n await this.db.prepare(`\n UPDATE documents\n SET data = json_set(data, '$.settings', json(?)), updated_at = ?\n WHERE slug = ? AND type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n `).bind(JSON.stringify(settings), now, pluginId, TYPE_ID, TENANT).run()\n // Multi-tenant resolver settings (header name, subdomain config) live in plugin settings.\n invalidateTenantCache()\n await this.logActivity(pluginId, 'settings_updated', null)\n }\n\n async updatePluginVersion(pluginId: string, patch: { version: string; description: string; permissions: string[]; settings: any }): Promise<void> {\n const now = Math.floor(Date.now() / 1000)\n await this.db.prepare(`\n UPDATE documents\n SET data = json_set(data,\n '$.version', ?,\n '$.description', ?,\n '$.permissions', json(?),\n '$.settings', json(?)\n ),\n updated_at = ?\n WHERE slug = ? AND type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n `).bind(\n patch.version, patch.description,\n JSON.stringify(patch.permissions), JSON.stringify(patch.settings || {}),\n now, pluginId, TYPE_ID, TENANT\n ).run()\n }\n\n async setPluginError(pluginId: string, error: string): Promise<void> {\n const now = Math.floor(Date.now() / 1000)\n await this.db.prepare(`\n UPDATE documents\n SET data = json_set(data, '$.status', 'error', '$.errorMessage', ?),\n updated_at = ?\n WHERE slug = ? AND type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n `).bind(error, now, pluginId, TYPE_ID, TENANT).run()\n await this.logActivity(pluginId, 'error', null, { error })\n }\n\n async getPluginActivity(pluginId: string, limit: number = 10): Promise<any[]> {\n try {\n const { results } = await this.db.prepare(`\n SELECT id, data, created_at FROM documents\n WHERE type_id = 'plugin_activity'\n AND tenant_id = ?\n AND is_current_draft = 1\n AND deleted_at IS NULL\n AND json_extract(data, '$.pluginId') = ?\n ORDER BY created_at DESC\n LIMIT ?\n `).bind(TENANT, pluginId, limit).all()\n return (results || []).map((row: any) => {\n const d = typeof row.data === 'string' ? JSON.parse(row.data) : (row.data || {})\n return {\n id: row.id,\n action: d.action,\n userId: d.userId || null,\n details: d.details || null,\n timestamp: row.created_at,\n }\n })\n } catch {\n return []\n }\n }\n\n async registerHook(pluginId: string, hookName: string, handlerName: string, priority: number = 10): Promise<void> {\n const id = `hook-${Date.now()}`\n await this.db.prepare(`\n INSERT INTO plugin_hooks (id, plugin_id, hook_name, handler_name, priority)\n VALUES (?, ?, ?, ?, ?)\n `).bind(id, pluginId, hookName, handlerName, priority).run()\n }\n\n async registerRoute(pluginId: string, path: string, method: string, handlerName: string, middleware?: any[]): Promise<void> {\n const id = `route-${Date.now()}`\n await this.db.prepare(`\n INSERT INTO plugin_routes (id, plugin_id, path, method, handler_name, middleware)\n VALUES (?, ?, ?, ?, ?, ?)\n `).bind(id, pluginId, path, method, handlerName, JSON.stringify(middleware || [])).run()\n }\n\n async getPluginHooks(pluginId: string): Promise<any[]> {\n const { results } = await this.db.prepare(`\n SELECT * FROM plugin_hooks WHERE plugin_id = ? AND is_active = TRUE ORDER BY priority ASC\n `).bind(pluginId).all()\n return results || []\n }\n\n async getPluginRoutes(pluginId: string): Promise<any[]> {\n const { results } = await this.db.prepare(`\n SELECT * FROM plugin_routes WHERE plugin_id = ? AND is_active = TRUE\n `).bind(pluginId).all()\n return results || []\n }\n\n private async checkDependencies(dependencies: string[]): Promise<void> {\n for (const dep of dependencies) {\n const plugin = await this.getPluginByName(dep)\n if (!plugin || plugin.status !== 'active') {\n throw new Error(`Required dependency '${dep}' is not active`)\n }\n }\n }\n\n private async checkDependents(pluginName: string): Promise<void> {\n const { results } = await this.db.prepare(`\n SELECT slug, title FROM documents\n WHERE type_id = ? AND tenant_id = ? AND is_current_draft = 1 AND deleted_at IS NULL\n AND q_plugin_status = 'active'\n AND json_extract(data, '$.dependencies') LIKE ?\n `).bind(TYPE_ID, TENANT, `%\"${pluginName}\"%`).all()\n if (results && results.length > 0) {\n const names = results.map((p: any) => p.title || p.slug).join(', ')\n throw new Error(`Cannot deactivate. The following plugins depend on this one: ${names}`)\n }\n }\n\n private async logActivity(pluginId: string, action: string, userId: string | null, details?: any): Promise<void> {\n try {\n const docId = crypto.randomUUID()\n const now = Math.floor(Date.now() / 1000)\n // R5: 17 columns, 7 ? binds (docId×2, slug, title, data, now×2), 10 literals — verified\n const data = JSON.stringify({ pluginId, action, userId, details: details || null })\n await this.db.prepare(`\n INSERT INTO documents (\n id, root_id, type_id, version_number, is_current_draft, is_published, status,\n parent_root_id, slug, title, tenant_id, locale, translation_group_id,\n data, metadata, created_at, updated_at\n ) VALUES (\n ?, ?, 'plugin_activity', 1, 1, 1, 'published',\n '', ?, ?, 'default', 'default', '',\n ?, '{}', ?, ?\n )\n `).bind(docId, docId, docId, action, data, now, now).run()\n } catch {\n // Activity logging is best-effort; don't fail the main operation\n }\n }\n}\n\nfunction mapDocumentToPlugin(row: any): PluginData {\n const data = typeof row.data === 'string' ? JSON.parse(row.data) : (row.data || {})\n return {\n id: row.slug || data.name || row.root_id,\n name: data.name || row.slug || '',\n display_name: data.displayName || row.title || '',\n description: data.description || '',\n version: data.version || '1.0.0',\n author: data.author || 'Unknown',\n category: data.category || 'utilities',\n icon: data.icon || '🔌',\n status: data.status || 'inactive',\n is_core: data.isCore === true || data.isCore === 1,\n settings: data.settings,\n permissions: data.permissions,\n dependencies: data.dependencies,\n download_count: data.downloadCount || 0,\n rating: data.rating || 0,\n installed_at: row.created_at,\n activated_at: data.activatedAt || undefined,\n last_updated: row.updated_at,\n error_message: data.errorMessage || undefined,\n }\n}\n","/**\n * Plugin Registry - AUTO-GENERATED\n *\n * Generated by: packages/scripts/generate-plugin-registry.mjs\n * Generated at: 2026-06-19T01:07:29.726Z\n * Source: All manifest.json files in src/plugins/\n *\n * DO NOT EDIT MANUALLY - run the generator script instead.\n * To add a new plugin, create a manifest.json in the plugin directory.\n */\n\nexport interface PluginRegistryEntry {\n id: string\n codeName: string\n displayName: string\n description: string\n version: string\n author: string\n category: string\n iconEmoji: string\n is_core: boolean\n /** When true, the plugin is auto-installed and activated on greenfield installs. */\n defaultActive?: boolean\n permissions: string[]\n dependencies: string[]\n defaultSettings: Record<string, any>\n adminMenu: {\n label: string\n icon: string\n path: string\n order: number\n } | null\n}\n\n/**\n * All discovered plugins, keyed by plugin ID.\n */\nexport const PLUGIN_REGISTRY: Record<string, PluginRegistryEntry> = {\n 'ai-search': {\n \"id\": \"ai-search\",\n \"codeName\": \"ai-search-plugin\",\n \"displayName\": \"AI Search\",\n \"description\": \"Advanced search with Cloudflare AI Search. Full-text search, semantic search, and advanced filtering across all content collections.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS\",\n \"category\": \"content\",\n \"iconEmoji\": \"🔍\",\n \"is_core\": true,\n \"permissions\": [\n \"settings:write\",\n \"admin:access\",\n \"content:read\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"enabled\": true,\n \"ai_mode_enabled\": true,\n \"selected_collections\": [],\n \"dismissed_collections\": [],\n \"autocomplete_enabled\": true,\n \"cache_duration\": 1,\n \"results_limit\": 20,\n \"index_media\": false\n },\n \"adminMenu\": {\n \"label\": \"AI Search\",\n \"icon\": \"magnifying-glass\",\n \"path\": \"/admin/plugins/ai-search\",\n \"order\": 50\n }\n },\n\n 'core-analytics': {\n \"id\": \"core-analytics\",\n \"codeName\": \"core-analytics\",\n \"displayName\": \"Analytics & Insights\",\n \"description\": \"Core analytics system for tracking page views, user behavior, and content performance. Provides dashboards and reports with real-time metrics\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"seo\",\n \"iconEmoji\": \"📊\",\n \"is_core\": true,\n \"permissions\": [\n \"analytics:view\",\n \"analytics:export\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {},\n \"adminMenu\": {\n \"label\": \"Analytics\",\n \"icon\": \"chart-bar\",\n \"path\": \"/admin/analytics\",\n \"order\": 50\n }\n },\n\n 'core-auth': {\n \"id\": \"core-auth\",\n \"codeName\": \"core-auth\",\n \"displayName\": \"Authentication System\",\n \"description\": \"Core authentication and user management system with role-based access control, session management, and security features\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"security\",\n \"iconEmoji\": \"🔐\",\n \"is_core\": true,\n \"permissions\": [\n \"manage:users\",\n \"manage:roles\",\n \"manage:permissions\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"requiredFields\": {\n \"email\": {\n \"required\": true,\n \"minLength\": 5,\n \"label\": \"Email\",\n \"type\": \"email\"\n },\n \"password\": {\n \"required\": true,\n \"minLength\": 8,\n \"label\": \"Password\",\n \"type\": \"password\"\n },\n \"firstName\": {\n \"required\": true,\n \"minLength\": 1,\n \"label\": \"First Name\",\n \"type\": \"text\"\n },\n \"lastName\": {\n \"required\": true,\n \"minLength\": 1,\n \"label\": \"Last Name\",\n \"type\": \"text\"\n }\n },\n \"validation\": {\n \"emailFormat\": true,\n \"passwordRequirements\": {\n \"requireUppercase\": false,\n \"requireLowercase\": false,\n \"requireNumbers\": false,\n \"requireSpecialChars\": false\n }\n },\n \"registration\": {\n \"enabled\": true,\n \"requireEmailVerification\": false,\n \"defaultRole\": \"viewer\"\n }\n },\n \"adminMenu\": null\n },\n\n 'core-cache': {\n \"id\": \"core-cache\",\n \"codeName\": \"core-cache\",\n \"displayName\": \"Cache System\",\n \"description\": \"Three-tiered caching system with in-memory and KV storage. Provides automatic caching for content, users, media, and API responses with configurable TTL and invalidation patterns.\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS\",\n \"category\": \"system\",\n \"iconEmoji\": \"⚡\",\n \"is_core\": true,\n \"permissions\": [\n \"cache.view\",\n \"cache.clear\",\n \"cache.invalidate\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"enableMemoryCache\": true,\n \"enableKVCache\": true,\n \"enableDatabaseCache\": true,\n \"defaultTTL\": 3600\n },\n \"adminMenu\": {\n \"label\": \"Cache\",\n \"icon\": \"server\",\n \"path\": \"/admin/cache\",\n \"order\": 60\n }\n },\n\n 'core-media': {\n \"id\": \"core-media\",\n \"codeName\": \"core-media\",\n \"displayName\": \"Media Manager\",\n \"description\": \"Core media upload and management system with support for images, videos, and documents. Includes automatic optimization, thumbnail generation, and cloud storage integration\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"media\",\n \"iconEmoji\": \"📸\",\n \"is_core\": true,\n \"permissions\": [\n \"manage:media\",\n \"upload:files\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {},\n \"adminMenu\": {\n \"label\": \"Media\",\n \"icon\": \"image\",\n \"path\": \"/admin/media\",\n \"order\": 30\n }\n },\n\n 'database-tools': {\n \"id\": \"database-tools\",\n \"codeName\": \"database-tools\",\n \"displayName\": \"Database Tools\",\n \"description\": \"Database management and administration tools including migrations, backups, and query execution\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"development\",\n \"iconEmoji\": \"🗄️\",\n \"is_core\": true,\n \"permissions\": [\n \"database:admin\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"enableTruncate\": true,\n \"enableBackup\": true,\n \"enableValidation\": true,\n \"requireConfirmation\": true\n },\n \"adminMenu\": null\n },\n\n 'demo-login-plugin': {\n \"id\": \"demo-login-plugin\",\n \"codeName\": \"demo-login-plugin\",\n \"displayName\": \"Demo Login\",\n \"description\": \"Quick demo login functionality for testing and demonstrations\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"utilities\",\n \"iconEmoji\": \"🎯\",\n \"is_core\": false,\n \"permissions\": [],\n \"dependencies\": [\n \"core-auth\"\n ],\n \"defaultSettings\": {\n \"enableNotice\": true,\n \"demoEmail\": \"admin@sonicjs.com\",\n \"demoPassword\": \"sonicjs!\"\n },\n \"adminMenu\": null\n },\n\n 'easy-mdx': {\n \"id\": \"easy-mdx\",\n \"codeName\": \"easy-mdx\",\n \"displayName\": \"EasyMDE Markdown Editor\",\n \"description\": \"Lightweight markdown editor with live preview. Provides a simple and efficient editor with markdown support for richtext fields.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"editor\",\n \"iconEmoji\": \"📝\",\n \"is_core\": false,\n \"permissions\": [],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"defaultHeight\": 400,\n \"theme\": \"dark\",\n \"toolbar\": \"full\",\n \"placeholder\": \"Start writing your content...\"\n },\n \"adminMenu\": null\n },\n\n 'email': {\n \"id\": \"email\",\n \"codeName\": \"email\",\n \"displayName\": \"Email\",\n \"description\": \"Send transactional emails via Cloudflare Email Service. Subscribes to auth lifecycle events (welcome, password reset, password changed) and runs a 5-minute reconciliation cron against the CF GraphQL Activity Log.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"utilities\",\n \"iconEmoji\": \"📧\",\n \"is_core\": true,\n \"permissions\": [\n \"email:manage\",\n \"email:send\",\n \"email:view-logs\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"provider\": \"cloudflare\",\n \"resendApiKey\": \"\",\n \"fromEmail\": \"\",\n \"fromName\": \"\",\n \"replyTo\": \"\",\n \"logoUrl\": \"\",\n \"cfAccountId\": \"\",\n \"cfEmailApiToken\": \"\"\n },\n \"adminMenu\": {\n \"label\": \"Email\",\n \"icon\": \"envelope\",\n \"path\": \"/admin/plugins/email\",\n \"order\": 80\n }\n },\n\n 'forms': {\n \"id\": \"forms\",\n \"codeName\": \"forms\",\n \"displayName\": \"Forms\",\n \"description\": \"Form builder with Form.io integration, Turnstile CAPTCHA support, and submission management\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"content\",\n \"iconEmoji\": \"📋\",\n \"is_core\": true,\n \"permissions\": [\n \"forms:manage\",\n \"forms:view\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {},\n \"adminMenu\": {\n \"label\": \"Forms\",\n \"icon\": \"document-text\",\n \"path\": \"/admin/forms\",\n \"order\": 30\n }\n },\n\n 'global-variables': {\n \"id\": \"global-variables\",\n \"codeName\": \"global-variables\",\n \"displayName\": \"Global Variables\",\n \"description\": \"Dynamic content variables with inline token support. Manage key-value variables via admin UI and use {variable_key} syntax in rich text fields for server-side resolution. Includes full CRUD admin page.\",\n \"version\": \"1.1.0\",\n \"author\": \"SonicJS Community\",\n \"category\": \"content\",\n \"iconEmoji\": \"🔤\",\n \"is_core\": false,\n \"permissions\": [\n \"global-variables:manage\",\n \"global-variables:view\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"enableResolution\": true,\n \"cacheEnabled\": true,\n \"cacheTTL\": 300\n },\n \"adminMenu\": {\n \"label\": \"Global Variables\",\n \"icon\": \"variable\",\n \"path\": \"/admin/global-variables\",\n \"order\": 45\n }\n },\n\n 'hello-world': {\n \"id\": \"hello-world\",\n \"codeName\": \"hello-world\",\n \"displayName\": \"Hello World\",\n \"description\": \"A simple Hello World plugin demonstration\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"utilities\",\n \"iconEmoji\": \"👋\",\n \"is_core\": false,\n \"permissions\": [\n \"hello-world:view\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {},\n \"adminMenu\": {\n \"label\": \"Hello World\",\n \"icon\": \"hand-raised\",\n \"path\": \"/admin/hello-world\",\n \"order\": 90\n }\n },\n\n 'lexical-editor': {\n \"id\": \"lexical-editor\",\n \"codeName\": \"lexical-editor\",\n \"displayName\": \"Lexical Rich Text Editor\",\n \"description\": \"Lexical editor integration for rich text editing. Default rich text editor for SonicJS — on by default for greenfield installs.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"editor\",\n \"iconEmoji\": \"📝\",\n \"is_core\": true,\n \"defaultActive\": true,\n \"permissions\": [],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"defaultHeight\": 300,\n \"defaultToolbar\": \"standard\",\n \"placeholder\": \"Enter content...\"\n },\n \"adminMenu\": {\n \"label\": \"Lexical Editor\",\n \"icon\": \"pencil-square\",\n \"path\": \"/admin/plugins/lexical-editor\",\n \"order\": 80\n }\n },\n\n 'magic-link-auth': {\n \"id\": \"magic-link-auth\",\n \"codeName\": \"magic-link-auth\",\n \"displayName\": \"Magic Link Authentication\",\n \"description\": \"Passwordless authentication via email magic links. Users receive a secure one-time link to sign in without entering a password.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"security\",\n \"iconEmoji\": \"🔗\",\n \"is_core\": false,\n \"permissions\": [],\n \"dependencies\": [\n \"email\"\n ],\n \"defaultSettings\": {\n \"linkExpiryMinutes\": 15,\n \"rateLimitPerHour\": 5,\n \"allowNewUsers\": true\n },\n \"adminMenu\": null\n },\n\n 'multi-tenant': {\n \"id\": \"multi-tenant\",\n \"codeName\": \"multi-tenant\",\n \"displayName\": \"Multi-Tenant\",\n \"description\": \"Multi-tenancy for the document model: tenant registry, per-request tenant resolution (header, admin switcher cookie, or domain), and tenant-scoped content isolation. Off by default.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"utilities\",\n \"iconEmoji\": \"🏢\",\n \"is_core\": false,\n \"permissions\": [\n \"tenants.manage\",\n \"tenants.view\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"headerName\": \"X-Tenant-Id\",\n \"subdomainResolution\": false,\n \"rootDomain\": \"\"\n },\n \"adminMenu\": {\n \"label\": \"Tenants\",\n \"icon\": \"building-office\",\n \"path\": \"/admin/tenants\",\n \"order\": 80\n }\n },\n\n 'oauth-providers': {\n \"id\": \"oauth-providers\",\n \"codeName\": \"oauth-providers\",\n \"displayName\": \"OAuth Providers\",\n \"description\": \"OAuth2/OIDC social login with GitHub, Google, and more\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"authentication\",\n \"iconEmoji\": \"🔑\",\n \"is_core\": true,\n \"permissions\": [],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"providers\": {\n \"github\": {\n \"clientId\": \"\",\n \"clientSecret\": \"\",\n \"enabled\": false\n },\n \"google\": {\n \"clientId\": \"\",\n \"clientSecret\": \"\",\n \"enabled\": false\n }\n }\n },\n \"adminMenu\": null\n },\n\n 'otp-login': {\n \"id\": \"otp-login\",\n \"codeName\": \"otp-login\",\n \"displayName\": \"OTP Login\",\n \"description\": \"Passwordless authentication via email one-time codes\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"security\",\n \"iconEmoji\": \"🔢\",\n \"is_core\": false,\n \"permissions\": [\n \"otp:manage\",\n \"otp:request\",\n \"otp:verify\"\n ],\n \"dependencies\": [\n \"email\"\n ],\n \"defaultSettings\": {\n \"codeLength\": 6,\n \"codeExpiryMinutes\": 10,\n \"maxAttempts\": 3,\n \"rateLimitPerHour\": 5,\n \"allowNewUserRegistration\": false,\n \"logoUrl\": \"\",\n \"logoWidth\": 150,\n \"logoBorderWidth\": 0,\n \"logoBorderColor\": \"#ffffff\",\n \"loginUrl\": \"\",\n \"loginButtonText\": \"\"\n },\n \"adminMenu\": {\n \"label\": \"OTP Login\",\n \"icon\": \"key\",\n \"path\": \"/admin/plugins/otp-login/settings\",\n \"order\": 85\n }\n },\n\n 'quill-editor': {\n \"id\": \"quill-editor\",\n \"codeName\": \"quill-editor\",\n \"displayName\": \"Quill Rich Text Editor\",\n \"description\": \"Quill WYSIWYG editor integration for rich text editing. Lightweight, modern editor with customizable toolbars and dark mode support.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"editor\",\n \"iconEmoji\": \"✍️\",\n \"is_core\": true,\n \"permissions\": [],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"version\": \"2.0.2\",\n \"defaultHeight\": 300,\n \"defaultToolbar\": \"full\",\n \"theme\": \"snow\"\n },\n \"adminMenu\": null\n },\n\n 'redirect-management': {\n \"id\": \"redirect-management\",\n \"codeName\": \"redirect-management\",\n \"displayName\": \"Redirect Management\",\n \"description\": \"URL redirect management with exact, partial, and regex matching\",\n \"version\": \"1.0.0\",\n \"author\": \"ahaas\",\n \"category\": \"utilities\",\n \"iconEmoji\": \"↪️\",\n \"is_core\": false,\n \"permissions\": [\n \"redirect.manage\",\n \"redirect.view\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"enabled\": true,\n \"autoOffloadEnabled\": false\n },\n \"adminMenu\": {\n \"label\": \"Redirects\",\n \"icon\": \"arrow-right\",\n \"path\": \"/admin/redirects\",\n \"order\": 85\n }\n },\n\n 'security-audit': {\n \"id\": \"security-audit\",\n \"codeName\": \"security-audit\",\n \"displayName\": \"Security Audit\",\n \"description\": \"Security event logging, brute-force detection, and analytics dashboard. Monitors login attempts, registrations, lockouts, and suspicious activity.\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"security\",\n \"iconEmoji\": \"🛡️\",\n \"is_core\": false,\n \"permissions\": [\n \"security-audit:view\",\n \"security-audit:manage\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"retention\": {\n \"daysToKeep\": 90,\n \"maxEvents\": 100000,\n \"autoPurge\": true\n },\n \"bruteForce\": {\n \"enabled\": true,\n \"maxFailedAttemptsPerIP\": 10,\n \"maxFailedAttemptsPerEmail\": 5,\n \"windowMinutes\": 15,\n \"lockoutDurationMinutes\": 30,\n \"alertThreshold\": 20\n },\n \"logging\": {\n \"logSuccessfulLogins\": true,\n \"logLogouts\": true,\n \"logRegistrations\": true,\n \"logPasswordResets\": true,\n \"logPermissionDenied\": true\n }\n },\n \"adminMenu\": {\n \"label\": \"Security Audit\",\n \"icon\": \"shield-check\",\n \"path\": \"/admin/plugins/security-audit\",\n \"order\": 85\n }\n },\n\n 'shortcodes': {\n \"id\": \"shortcodes\",\n \"codeName\": \"shortcodes\",\n \"displayName\": \"Shortcodes\",\n \"description\": \"Registered shortcode functions for dynamic content. Use [[shortcode_name param=\\\"value\\\"]] syntax in rich text fields for server-side resolution. Includes handler registry, CRUD admin, and live preview.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Community\",\n \"category\": \"content\",\n \"iconEmoji\": \"\",\n \"is_core\": false,\n \"permissions\": [\n \"shortcodes:manage\",\n \"shortcodes:view\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {},\n \"adminMenu\": {\n \"label\": \"Shortcodes\",\n \"icon\": \"bolt\",\n \"path\": \"/admin/shortcodes\",\n \"order\": 46\n }\n },\n\n 'stripe': {\n \"id\": \"stripe\",\n \"codeName\": \"stripe\",\n \"displayName\": \"Stripe Subscriptions\",\n \"description\": \"Stripe subscription management with webhook handling, checkout sessions, and subscription gating\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"payments\",\n \"iconEmoji\": \"💳\",\n \"is_core\": true,\n \"permissions\": [\n \"stripe:manage\",\n \"stripe:view\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"stripeSecretKey\": \"\",\n \"stripeWebhookSecret\": \"\",\n \"stripePriceId\": \"\",\n \"successUrl\": \"/admin/dashboard\",\n \"cancelUrl\": \"/admin/dashboard\"\n },\n \"adminMenu\": {\n \"label\": \"Stripe\",\n \"icon\": \"credit-card\",\n \"path\": \"/admin/plugins/stripe\",\n \"order\": 90\n }\n },\n\n 'tinymce-plugin': {\n \"id\": \"tinymce-plugin\",\n \"codeName\": \"tinymce-plugin\",\n \"displayName\": \"TinyMCE Rich Text Editor\",\n \"description\": \"Powerful WYSIWYG rich text editor for content creation. Provides a full-featured editor with formatting, media embedding, and customizable toolbars for richtext fields.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"editor\",\n \"iconEmoji\": \"📝\",\n \"is_core\": false,\n \"permissions\": [],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"apiKey\": \"no-api-key\",\n \"defaultHeight\": 300,\n \"defaultToolbar\": \"full\",\n \"skin\": \"oxide-dark\"\n },\n \"adminMenu\": null\n },\n\n 'turnstile': {\n \"id\": \"turnstile\",\n \"codeName\": \"turnstile-plugin\",\n \"displayName\": \"Cloudflare Turnstile\",\n \"description\": \"CAPTCHA-free bot protection using Cloudflare Turnstile. Provides reusable verification for any form.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS\",\n \"category\": \"security\",\n \"iconEmoji\": \"🛡️\",\n \"is_core\": true,\n \"permissions\": [\n \"settings:write\",\n \"admin:access\"\n ],\n \"dependencies\": [],\n \"defaultSettings\": {\n \"siteKey\": \"\",\n \"secretKey\": \"\",\n \"theme\": \"auto\",\n \"size\": \"normal\",\n \"mode\": \"managed\",\n \"appearance\": \"always\",\n \"preClearanceEnabled\": false,\n \"preClearanceLevel\": \"managed\",\n \"enabled\": false\n },\n \"adminMenu\": {\n \"label\": \"Turnstile\",\n \"icon\": \"shield-check\",\n \"path\": \"/admin/plugins/turnstile/settings\",\n \"order\": 100\n }\n },\n\n 'user-profiles': {\n \"id\": \"user-profiles\",\n \"codeName\": \"user-profiles\",\n \"displayName\": \"User Profiles\",\n \"description\": \"Configurable custom profile fields for users\",\n \"version\": \"1.0.0-beta.1\",\n \"author\": \"SonicJS Team\",\n \"category\": \"users\",\n \"iconEmoji\": \"👤\",\n \"is_core\": true,\n \"permissions\": [],\n \"dependencies\": [],\n \"defaultSettings\": {},\n \"adminMenu\": null\n },\n\n 'versioning': {\n \"id\": \"versioning\",\n \"codeName\": \"versioning\",\n \"displayName\": \"Versioning\",\n \"description\": \"View and restore content version history for types with versioning enabled.\",\n \"version\": \"1.0.0\",\n \"author\": \"SonicJS Team\",\n \"category\": \"content\",\n \"iconEmoji\": \"🕑\",\n \"is_core\": true,\n \"permissions\": [],\n \"dependencies\": [],\n \"defaultSettings\": {},\n \"adminMenu\": null\n }\n} as const\n\n/**\n * All plugin IDs.\n */\nexport const ALL_PLUGIN_IDS = Object.keys(PLUGIN_REGISTRY)\n\n/**\n * Plugins that have their own admin page (have an adminMenu entry).\n */\nexport const PLUGINS_WITH_ADMIN_PAGES = ALL_PLUGIN_IDS.filter(\n id => PLUGIN_REGISTRY[id]?.adminMenu !== null\n)\n\n/**\n * Look up a plugin by its codeName (the `name` field stored in the DB).\n * Falls back to id lookup if no codeName match.\n */\nexport function findPluginByCodeName(codeName: string): PluginRegistryEntry | undefined {\n return Object.values(PLUGIN_REGISTRY).find(p => p.codeName === codeName)\n || PLUGIN_REGISTRY[codeName]\n}\n\n/**\n * Get a plugin by ID.\n */\nexport function getPlugin(id: string): PluginRegistryEntry | undefined {\n return PLUGIN_REGISTRY[id]\n}\n","import type { D1Database } from \"@cloudflare/workers-types\";\nimport { PluginService } from \"./plugin-service\";\nimport { PLUGIN_REGISTRY } from \"../plugins/manifest-registry\";\nimport type { PluginRegistryEntry } from \"../plugins/manifest-registry\";\n\nexport interface CorePlugin {\n id: string;\n name: string;\n display_name: string;\n description: string;\n version: string;\n author: string;\n category: string;\n icon: string;\n permissions: string[];\n dependencies: string[];\n settings?: any;\n}\n\n/**\n * Build the CORE_PLUGINS list from the auto-generated registry.\n * To add a new bootstrapped plugin, create a manifest.json and\n * run: node packages/scripts/generate-plugin-registry.mjs\n *\n * Only plugins that are in the BOOTSTRAP_PLUGIN_IDS list will be\n * auto-installed on first boot. Edit this list to control which\n * plugins are bootstrapped.\n */\n// core-auth always bootstrapped. Plugins with defaultActive:true in manifest.json are also\n// auto-installed and activated on greenfield installs.\nconst BOOTSTRAP_PLUGIN_IDS = [\n \"core-auth\",\n // Collect any registry entries marked defaultActive (e.g. lexical-editor)\n ...Object.values(PLUGIN_REGISTRY)\n .filter(e => e.defaultActive === true && e.id !== \"core-auth\")\n .map(e => e.id),\n];\n\nfunction registryToCorePlugin(entry: PluginRegistryEntry): CorePlugin {\n return {\n id: entry.id,\n name: entry.codeName,\n display_name: entry.displayName,\n description: entry.description,\n version: entry.version,\n author: entry.author,\n category: entry.category,\n icon: entry.iconEmoji,\n permissions: entry.permissions,\n dependencies: entry.dependencies,\n settings: entry.defaultSettings,\n };\n}\n\nexport class PluginBootstrapService {\n private pluginService: PluginService;\n\n constructor(private db: D1Database) {\n this.pluginService = new PluginService(db);\n }\n\n /**\n * Core plugins derived from the auto-generated plugin registry.\n * Only plugins listed in BOOTSTRAP_PLUGIN_IDS AND marked is_core=true are auto-installed.\n * Non-core plugins are available in the registry but not bootstrapped.\n */\n private readonly CORE_PLUGINS: CorePlugin[] = BOOTSTRAP_PLUGIN_IDS\n .filter((id) => PLUGIN_REGISTRY[id] !== undefined && PLUGIN_REGISTRY[id]!.is_core === true)\n .map((id) => registryToCorePlugin(PLUGIN_REGISTRY[id]!));\n\n /**\n * Bootstrap all core plugins - install them if they don't exist\n */\n async bootstrapCorePlugins(): Promise<void> {\n console.log(\"[PluginBootstrap] Starting core plugin bootstrap process...\");\n\n try {\n // Check each core plugin\n for (const corePlugin of this.CORE_PLUGINS) {\n await this.ensurePluginInstalled(corePlugin);\n }\n\n console.log(\n \"[PluginBootstrap] Core plugin bootstrap completed successfully\"\n );\n } catch (error) {\n console.error(\"[PluginBootstrap] Error during plugin bootstrap:\", error);\n throw error;\n }\n }\n\n /**\n * Ensure a specific plugin is installed\n */\n private async ensurePluginInstalled(plugin: CorePlugin): Promise<void> {\n try {\n // Check if plugin already exists\n const existingPlugin = await this.pluginService.getPlugin(plugin.id);\n\n if (existingPlugin) {\n console.log(\n `[PluginBootstrap] Plugin already installed: ${plugin.display_name} (status: ${existingPlugin.status})`\n );\n\n // Update plugin if version changed\n if (existingPlugin.version !== plugin.version) {\n console.log(\n `[PluginBootstrap] Updating plugin version: ${plugin.display_name} from ${existingPlugin.version} to ${plugin.version}`\n );\n await this.updatePlugin(plugin);\n }\n\n // ALWAYS ensure core-auth is active (critical for system functionality)\n if (plugin.id === 'core-auth' && existingPlugin.status !== 'active') {\n console.log(\n `[PluginBootstrap] Core-auth plugin is inactive, activating it now...`\n );\n await this.pluginService.activatePlugin(plugin.id);\n }\n\n // Only auto-activate on first install, respect user's activation state on subsequent boots\n } else {\n // Install the plugin\n console.log(\n `[PluginBootstrap] Installing plugin: ${plugin.display_name}`\n );\n await this.pluginService.installPlugin({\n ...plugin,\n is_core: plugin.name.startsWith(\"core-\"),\n });\n\n // Activate plugins immediately after installation\n console.log(\n `[PluginBootstrap] Activating newly installed plugin: ${plugin.display_name}`\n );\n await this.pluginService.activatePlugin(plugin.id);\n }\n } catch (error) {\n console.error(\n `[PluginBootstrap] Error ensuring plugin ${plugin.display_name}:`,\n error\n );\n // Don't throw - continue with other plugins\n }\n }\n\n /**\n * Update an existing plugin's version/description/permissions/settings\n */\n private async updatePlugin(plugin: CorePlugin): Promise<void> {\n await this.pluginService.updatePluginVersion(plugin.id, {\n version: plugin.version,\n description: plugin.description,\n permissions: plugin.permissions,\n settings: plugin.settings || {},\n });\n }\n\n /**\n * Check if bootstrap is needed (first run detection)\n */\n async isBootstrapNeeded(): Promise<boolean> {\n try {\n // Check if any core plugins are missing\n for (const corePlugin of this.CORE_PLUGINS.filter((p) =>\n p.name.startsWith(\"core-\")\n )) {\n const exists = await this.pluginService.getPlugin(corePlugin.id);\n if (!exists) {\n return true;\n }\n }\n return false;\n } catch (error) {\n // If there's an error (like table doesn't exist), we need bootstrap\n console.error(\n \"[PluginBootstrap] Error checking bootstrap status:\",\n error\n );\n return true;\n }\n }\n\n}\n"]}
package/dist/chunk-WACUJVXY.cjs.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/services/document-type-registry.ts","../src/services/document-types-seed.ts","../src/middleware/bootstrap.ts","../src/middleware/auth.ts","../src/middleware/metrics.ts","../src/middleware/csrf.ts","../src/middleware/rate-limit.ts","../src/middleware/security-headers.ts","../src/middleware/plugin-middleware.ts","../src/middleware/index.ts"],"names":["ensureScalarSchema","z","getCollectionRegistry","hasHookSystem","getHookSystem","MigrationService","loadCollectionConfigs","RbacService","PluginBootstrapService","sign","verify","getCookie","result","setCookie","metricsTracker","JWT_SECRET_FALLBACK"],"mappings":";;;;;;;;;;;;AASA,SAAS,kBAAkB,GAAA,EAAoC;AAC7D,EAAA,OAAO;AAAA,IACL,IAAI,GAAA,CAAI,EAAA;AAAA,IACR,MAAM,GAAA,CAAI,IAAA;AAAA,IACV,aAAa,GAAA,CAAI,YAAA;AAAA,IACjB,aAAa,GAAA,CAAI,WAAA;AAAA,IACjB,MAAA,EAAQ,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,MAAM,CAAA;AAAA,IAC7B,eAAA,EAAiB,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,gBAAgB,CAAA;AAAA,IAChD,QAAA,EAAU,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,QAAQ,CAAA;AAAA,IACjC,UAAU,GAAA,CAAI,SAAA;AAAA,IACd,QAAQ,GAAA,CAAI,MAAA;AAAA,IACZ,eAAe,GAAA,CAAI,cAAA;AAAA,IACnB,QAAA,EAAU,IAAI,SAAA,KAAc,CAAA;AAAA,IAC5B,QAAA,EAAU,IAAI,SAAA,KAAc,CAAA;AAAA,IAC5B,MAAA,EAAQ,IAAI,OAAA,KAAY,CAAA;AAAA,IACxB,WAAW,GAAA,CAAI,UAAA;AAAA,IACf,WAAW,GAAA,CAAI;AAAA,GACjB;AACF;AAEO,IAAM,uBAAN,MAA2B;AAAA,EAGhC,YAAoB,EAAA,EAAgB;AAAhB,IAAA,IAAA,CAAA,EAAA,GAAA,EAAA;AAAA,EAAiB;AAAA,EAF7B,KAAA,uBAAY,GAAA,EAA0B;AAAA;AAAA,EAK9C,MAAM,SAAS,GAAA,EAA+G;AAC5H,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,EAAE,CAAA;AAK3C,IAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,EAAE,iBAAiB,GAAA,CAAI,eAAA,IAAmB,EAAC,EAAG,QAAA,EAAU,GAAA,CAAI,QAAA,IAAY,IAAI,CAAA;AAC9G,IAAA,MAAM,gBAAgB,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,eAAA,IAAmB,EAAE,CAAA;AAC9D,IAAA,MAAM,eAAe,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,QAAA,IAAY,EAAE,CAAA;AAEtD,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAM,aAAA,GAAgB,UAAA,KAAe,IAAA,CAAK,SAAA,CAAU,SAAS,MAAM,CAAA;AACnE,MAAA,MAAM,UAAA,GAAa,aAAA,GAAgB,QAAA,CAAS,aAAA,GAAgB,IAAI,QAAA,CAAS,aAAA;AAEzE,MAAA,MAAM,KAAK,EAAA,CACR,OAAA;AAAA,QACC,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,uBAAA;AAAA,OAYF,CACC,IAAA;AAAA,QACC,GAAA,CAAI,WAAA;AAAA,QACJ,IAAI,WAAA,IAAe,IAAA;AAAA,QACnB,UAAA;AAAA,QACA,aAAA;AAAA,QACA,YAAA;AAAA,QACA,IAAI,QAAA,IAAY,IAAA;AAAA,QAChB,UAAA;AAAA,QACA,GAAA,CAAI,SAAS,CAAA,GAAI,CAAA;AAAA,QACjB,GAAA;AAAA,QACA,GAAA,CAAI;AAAA,QAEL,GAAA,EAAI;AAGP,MAAA,MAAMA,oCAAA,CAAmB,KAAK,EAAA,EAAI,GAAA,CAAI,IAAI,GAAA,CAAI,eAAA,IAAmB,EAAE,CAAA;AAEnE,MAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,EAAE,CAAA;AAC1C,MAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAA,CAAI,EAAA,EAAI,OAAQ,CAAA;AAC/B,MAAA,OAAO,OAAA;AAAA,IACT;AAEA,IAAA,MAAM,KAAK,EAAA,CACR,OAAA;AAAA,MACC,CAAA;AAAA,6DAAA;AAAA,KAEF,CACC,IAAA;AAAA,MACC,GAAA,CAAI,EAAA;AAAA,MACJ,GAAA,CAAI,QAAQ,GAAA,CAAI,EAAA;AAAA,MAChB,GAAA,CAAI,WAAA;AAAA,MACJ,IAAI,WAAA,IAAe,IAAA;AAAA,MACnB,UAAA;AAAA,MACA,aAAA;AAAA,MACA,YAAA;AAAA,MACA,IAAI,QAAA,IAAY,IAAA;AAAA,MAChB,IAAI,MAAA,IAAU,MAAA;AAAA,MACd,GAAA,CAAI,SAAS,CAAA,GAAI,CAAA;AAAA,MACjB,GAAA;AAAA,MACA;AAAA,MAED,GAAA,EAAI;AAGP,IAAA,MAAMA,oCAAA,CAAmB,KAAK,EAAA,EAAI,GAAA,CAAI,IAAI,GAAA,CAAI,eAAA,IAAmB,EAAE,CAAA;AAEnE,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,EAAE,CAAA;AAC1C,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAA,CAAI,EAAA,EAAI,OAAQ,CAAA;AAC/B,IAAA,OAAO,OAAA;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,EAAA,EAA0C;AACvD,IAAA,IAAI,IAAA,CAAK,MAAM,GAAA,CAAI,EAAE,GAAG,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAE,CAAA;AAEhD,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,EAAA,CACpB,OAAA,CAAQ,2CAA2C,CAAA,CACnD,IAAA,CAAK,EAAE,CAAA,CACP,KAAA,EAAuB;AAE1B,IAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,IAAA,MAAM,EAAA,GAAK,kBAAkB,GAAG,CAAA;AAChC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,EAAA,EAAI,EAAE,CAAA;AACrB,IAAA,OAAO,EAAA;AAAA,EACT;AAAA,EAEA,MAAM,OAAA,CAAQ,UAAA,GAAa,IAAA,EAA+B;AACxD,IAAA,MAAM,GAAA,GAAM,aACR,gEAAA,GACA,4CAAA;AAEJ,IAAA,MAAM,SAAS,MAAM,IAAA,CAAK,GAAG,OAAA,CAAQ,GAAG,EAAE,GAAA,EAAqB;AAC/D,IAAA,OAAA,CAAQ,MAAA,CAAO,OAAA,IAAW,EAAC,EAAG,IAAI,iBAAiB,CAAA;AAAA,EACrD;AAAA,EAEA,MAAM,WAAW,EAAA,EAA2B;AAC1C,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,IAAA,CAAK,GACR,OAAA,CAAQ,sEAAsE,EAC9E,IAAA,CAAK,GAAA,EAAK,EAAE,CAAA,CACZ,GAAA,EAAI;AACP,IAAA,IAAA,CAAK,KAAA,CAAM,OAAO,EAAE,CAAA;AAAA,EACtB;AAAA,EAEA,UAAA,GAAmB;AACjB,IAAA,IAAA,CAAK,MAAM,KAAA,EAAM;AAAA,EACnB;AACF;;;AC/IA,IAAM,SAAA,GAAYC,MAAE,MAAA,CAAOA,KAAA,CAAE,QAAO,EAAGA,KAAA,CAAE,SAAS,CAAA;AAKlD,eAAsB,uBAAuB,EAAA,EAA+B;AAC1E,EAAA,MAAM,QAAA,GAAW,IAAI,oBAAA,CAAqB,EAAE,CAAA;AAG5C,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,eAAA;AAAA,IACJ,IAAA,EAAM,eAAA;AAAA,IACN,WAAA,EAAa,eAAA;AAAA,IACb,WAAA,EAAa,qEAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,kBAAA,EAAoB,CAAA;AAAA,MACpB,UAAA,EAAY,EAAE,KAAA,EAAO,CAAC,QAAQ,QAAA,EAAU,QAAA,EAAU,QAAA,EAAU,QAAQ,CAAA;AAAE,KACxE;AAAA,IACA,iBAAiB;AAAC,GACnB,CAAA;AAID,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,WAAA;AAAA,IACJ,IAAA,EAAM,WAAA;AAAA,IACN,WAAA,EAAa,WAAA;AAAA,IACb,WAAA,EAAa,mEAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,UAAA,EAAY,EAAE,MAAA,EAAQ,CAAC,MAAM,GAAG,KAAA,EAAO,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAU,QAAA,EAAU,WAAW,QAAQ,CAAA,EAAG,MAAA,EAAQ,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAU,SAAS,CAAA,EAAG,MAAA,EAAQ,CAAC,MAAM,CAAA,EAAE;AAAA,MACtK,kBAAA,EAAoB;AAAA,KACtB;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,EAAE,MAAM,YAAA,EAAc,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAQ,QAAQ,mBAAA,EAAoB;AAAA,MAChF,EAAE,MAAM,QAAA,EAAc,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAQ,QAAQ,eAAA;AAAgB;AAC9E,GACD,CAAA;AAGD,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,QAAA;AAAA,IACJ,IAAA,EAAM,QAAA;AAAA,IACN,WAAA,EAAa,QAAA;AAAA,IACb,WAAA,EAAa,gEAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,UAAA,EAAY,EAAE,KAAA,EAAO,CAAC,MAAA,EAAQ,UAAU,QAAA,EAAU,QAAA,EAAU,SAAA,EAAW,QAAQ,CAAA,EAAE;AAAA,MACjF,kBAAA,EAAoB,CAAA;AAAA,MACpB,QAAA,EAAU;AAAA,KACZ;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,EAAE,MAAM,QAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,iBAAA,EAAkB;AAAA,MAC/E,EAAE,MAAM,UAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,mBAAA,EAAoB;AAAA,MACjF,EAAE,MAAM,QAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,SAAA,EAAW,QAAQ,kBAAA;AAAmB;AAClF,GACD,CAAA;AAKD,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,QAAA;AAAA,IACJ,IAAA,EAAM,QAAA;AAAA,IACN,WAAA,EAAa,QAAA;AAAA,IACb,WAAA,EAAa,sEAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,UAAA,EAAY,EAAE,KAAA,EAAO,CAAC,QAAQ,QAAA,EAAU,QAAA,EAAU,QAAA,EAAU,QAAQ,CAAA,EAAE;AAAA,MACtE,kBAAA,EAAoB,CAAA;AAAA,MACpB,QAAA,EAAU;AAAA,KACZ;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,EAAE,MAAM,QAAA,EAAU,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAQ,QAAQ,iBAAA,EAAkB;AAAA,MAC1E,EAAE,MAAM,QAAA,EAAU,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAQ,QAAQ,iBAAA;AAAkB;AAC5E,GACD,CAAA;AAID,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,cAAA;AAAA,IACJ,IAAA,EAAM,cAAA;AAAA,IACN,WAAA,EAAa,cAAA;AAAA,IACb,WAAA,EAAa,4EAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,IAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA;AAAA,MAER,QAAA,EAAU,IAAA;AAAA,MACV,kBAAA,EAAoB,CAAA;AAAA,MACpB,GAAA,EAAK,IAAA;AAAA,MACL,UAAA,EAAY,EAAE,KAAA,EAAO,CAAC,QAAQ,QAAA,EAAU,QAAA,EAAU,QAAA,EAAU,QAAQ,CAAA;AAAE,KACxE;AAAA,IACA,iBAAiB;AAAC,GACnB,CAAA;AAOD,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,aAAA;AAAA,IACJ,IAAA,EAAM,aAAA;AAAA,IACN,WAAA,EAAa,aAAA;AAAA,IACb,WAAA,EAAa,kFAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,kBAAA,EAAoB,CAAA;AAAA,MACpB,UAAA,EAAY;AAAA,QACV,OAAO,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,QACtD,MAAA,EAAQ,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAQ,CAAA;AAAA,QACnC,MAAA,EAAQ,CAAC,MAAA,EAAQ,QAAQ,CAAA;AAAA,QACzB,MAAA,EAAQ,CAAC,MAAM;AAAA;AACjB,KACF;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,EAAE,MAAM,UAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAQ,QAAQ,cAAA,EAAe;AAAA,MACzE,EAAE,MAAM,QAAA,EAAU,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAQ,QAAQ,gBAAA,EAAiB;AAAA,MACzE,EAAE,MAAM,MAAA,EAAQ,IAAA,EAAM,UAAU,IAAA,EAAM,SAAA,EAAW,QAAQ,cAAA,EAAe;AAAA,MACxE,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,OAAA,EAAS,MAAM,MAAA;AAAO;AAC9C,GACD,CAAA;AAGD,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,iBAAA;AAAA,IACJ,IAAA,EAAM,iBAAA;AAAA,IACN,WAAA,EAAa,iBAAA;AAAA,IACb,WAAA,EAAa,qFAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,kBAAA,EAAoB,CAAA;AAAA,MACpB,YAAY,EAAE,KAAA,EAAO,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAQ,CAAA;AAAE,KACpD;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,EAAE,MAAM,UAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAQ,QAAQ,6BAAA,EAA8B;AAAA,MACxF,EAAE,MAAM,QAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAQ,QAAQ,0BAAA;AAA2B;AACvF,GACD,CAAA;AAGD,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,gBAAA;AAAA,IACJ,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa,gBAAA;AAAA,IACb,WAAA,EAAa,sEAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,kBAAA,EAAoB,CAAA;AAAA,MACpB,YAAY,EAAE,KAAA,EAAO,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAQ,CAAA;AAAE,KACpD;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,EAAE,MAAM,WAAA,EAAc,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,iBAAA,EAAkB;AAAA,MACjF,EAAE,MAAM,UAAA,EAAc,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,eAAA,EAAgB;AAAA,MAC/E,EAAE,MAAM,QAAA,EAAc,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,cAAA,EAAe;AAAA,MAC9E,EAAE,MAAM,OAAA,EAAc,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,YAAA,EAAa;AAAA,MAC5E,EAAE,MAAM,WAAA,EAAc,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,iBAAA,EAAkB;AAAA,MACjF,EAAE,MAAM,SAAA,EAAc,IAAA,EAAM,UAAU,IAAA,EAAM,SAAA,EAAW,QAAQ,cAAA;AAAe;AAChF,GACD,CAAA;AAGD,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,iBAAA;AAAA,IACJ,IAAA,EAAM,iBAAA;AAAA,IACN,WAAA,EAAa,iBAAA;AAAA,IACb,WAAA,EAAa,gEAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,kBAAA,EAAoB,CAAA;AAAA,MACpB,YAAY,EAAE,KAAA,EAAO,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAQ,CAAA;AAAE,KACpD;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,EAAE,MAAM,OAAA,EAAa,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,aAAA,EAAc;AAAA,MAC5E,EAAE,MAAM,UAAA,EAAa,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,gBAAA,EAAiB;AAAA,MAC/E,EAAE,MAAM,QAAA,EAAa,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,eAAA,EAAgB;AAAA,MAC9E,EAAE,MAAM,WAAA,EAAa,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,kBAAA,EAAmB;AAAA,MACjF,EAAE,MAAM,MAAA,EAAa,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,YAAA;AAAa;AAC7E,GACD,CAAA;AAID,EAAA,MAAM,SAAS,QAAA,CAAS;AAAA,IACtB,EAAA,EAAI,aAAA;AAAA,IACJ,IAAA,EAAM,aAAA;AAAA,IACN,WAAA,EAAa,aAAA;AAAA,IACb,WAAA,EAAa,sFAAA;AAAA,IACb,MAAA,EAAQ,QAAA;AAAA,IACR,MAAA,EAAQ,SAAA;AAAA,IACR,QAAA,EAAU;AAAA,MACR,UAAA,EAAY,EAAE,MAAA,EAAQ,CAAC,MAAM,CAAA,EAAG,KAAA,EAAO,CAAC,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAA,EAAU,SAAA,EAAW,QAAQ,CAAA,EAAG,MAAA,EAAQ,CAAC,MAAA,EAAQ,QAAA,EAAU,QAAQ,CAAA,EAAE;AAAA,MACzI,kBAAA,EAAoB;AAAA,KACtB;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,EAAE,MAAM,UAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,cAAA,EAAe;AAAA,MAC5E,EAAE,MAAM,QAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,MAAA,EAAW,QAAQ,gBAAA,EAAiB;AAAA,MAC9E,EAAE,MAAM,MAAA,EAAY,IAAA,EAAM,UAAU,IAAA,EAAM,SAAA,EAAW,QAAQ,cAAA,EAAe;AAAA,MAC5E,EAAE,IAAA,EAAM,MAAA,EAAY,IAAA,EAAM,OAAA,EAAU,MAAM,MAAA;AAAO;AACnD,GACD,CAAA;AAOD,EAAA,KAAA,MAAW,CAAC,EAAA,EAAI,WAAA,EAAa,WAAW,CAAA,IAAK;AAAA,IAC3C,CAAC,WAAA,EAAa,WAAA,EAAa,+CAA+C,CAAA;AAAA,IAC1E,CAAC,WAAA,EAAa,WAAA,EAAa,8BAA8B,CAAA;AAAA,IACzD,CAAC,iBAAA,EAAmB,iBAAA,EAAmB,uDAAuD;AAAA,GAChG,EAAY;AACV,IAAA,MAAM,SAAS,QAAA,CAAS;AAAA,MACtB,EAAA;AAAA,MACA,IAAA,EAAM,EAAA;AAAA,MACN,WAAA;AAAA,MACA,WAAA;AAAA,MACA,MAAA,EAAQ,QAAA;AAAA,MACR,MAAA,EAAQ,IAAA;AAAA,MACR,MAAA,EAAQ,SAAA;AAAA,MACR,QAAA,EAAU;AAAA,QACR,QAAA,EAAU,IAAA;AAAA,QACV,kBAAA,EAAoB,CAAA;AAAA,QACpB,UAAA,EAAY,EAAE,KAAA,EAAO,CAAC,QAAQ,QAAA,EAAU,QAAA,EAAU,QAAA,EAAU,QAAQ,CAAA;AAAE,OACxE;AAAA,MACA,iBAAiB;AAAC,KACnB,CAAA;AAAA,EACH;AACF;AAUA,eAAsB,oCAAoC,EAAA,EAAmC;AAC3F,EAAA,MAAM,QAAA,GAAW,IAAI,oBAAA,CAAqB,EAAE,CAAA;AAC5C,EAAA,MAAM,WAAA,GAAcC,uCAAA,EAAsB,CAAE,UAAA,EAAW;AACvD,EAAA,MAAM,aAAuB,EAAC;AAE9B,EAAA,KAAA,MAAW,cAAc,WAAA,EAAa;AAIpC,IAAA,IAAI,WAAW,QAAA,EAAU;AACzB,IAAA,IAAI,UAAA,CAAW,SAAS,WAAA,EAAa;AAErC,IAAA,IAAI;AACF,MAAA,MAAM,SAAS,QAAA,CAAS;AAAA,QACtB,IAAI,UAAA,CAAW,IAAA;AAAA,QACf,MAAM,UAAA,CAAW,IAAA;AAAA,QACjB,aAAa,UAAA,CAAW,WAAA;AAAA,QACxB,aAAa,UAAA,CAAW,WAAA;AAAA,QACxB,MAAA,EAAQ,QAAA;AAAA,QACR,MAAA,EAAQ,SAAA;AAAA,QACR,QAAA,EAAU;AAAA,UACR,UAAA,EAAY;AAAA,YACV,MAAA,EAAQ,CAAC,MAAM,CAAA;AAAA,YACf,OAAO,CAAC,MAAA,EAAQ,UAAU,QAAA,EAAU,QAAA,EAAU,WAAW,QAAQ,CAAA;AAAA,YACjE,MAAA,EAAQ,CAAC,MAAA,EAAQ,QAAA,EAAU,UAAU,SAAS,CAAA;AAAA,YAC9C,MAAA,EAAQ,CAAC,MAAM;AAAA,WACjB;AAAA,UACA,kBAAA,EAAoB,EAAA;AAAA,UACpB,GAAI,UAAA,CAAW,UAAA,GAAa,EAAE,UAAA,EAAY,IAAA,KAAS;AAAC,SACtD;AAAA,QACA,iBAAiB;AAAC,OACnB,CAAA;AACD,MAAA,UAAA,CAAW,IAAA,CAAK,WAAW,IAAI,CAAA;AAAA,IACjC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,qDAAA,EAAwD,UAAA,CAAW,IAAI,MAAM,KAAK,CAAA;AAAA,IAClG;AAAA,EACF;AAEA,EAAA,OAAO,UAAA;AACT;;;AC5RA,IAAI,iBAAA,GAAoB,KAAA;AAOjB,SAAS,qBAAqB,GAAA,EAAqB;AACxD,EAAA,MAAM,WAAqB,EAAC;AAG5B,EAAA,IAAI,CAAC,IAAI,UAAA,EAAY;AACnB,IAAA,QAAA,CAAS,IAAA;AAAA,MACP;AAAA,KACF;AAAA,EACF,CAAA,MAAA,IAAW,GAAA,CAAI,UAAA,CAAW,QAAA,CAAS,sBAAsB,CAAA,EAAG;AAC1D,IAAA,QAAA,CAAS,IAAA;AAAA,MACP;AAAA,KACF;AAAA,EACF;AAGA,EAAA,IAAI,CAAC,IAAI,YAAA,EAAc;AACrB,IAAA,QAAA,CAAS,IAAA;AAAA,MACP;AAAA,KACF;AAAA,EACF;AAGA,EAAA,IAAI,CAAC,IAAI,WAAA,EAAa;AACpB,IAAA,QAAA,CAAS,IAAA;AAAA,MACP;AAAA,KACF;AAAA,EACF;AAEA,EAAA,IAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AACzB,IAAA;AAAA,EACF;AAEA,EAAA,MAAM,YAAA,GAAe,IAAI,WAAA,KAAgB,YAAA;AAEzC,EAAA,KAAA,MAAW,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,mBAAA,EAAsB,OAAO,CAAA,CAAE,CAAA;AAAA,EAC9C;AAEA,EAAA,IAAI,YAAA,EAAc;AAGhB,IAAA,MAAM,cACJ,CAAC,GAAA,CAAI,cAAc,GAAA,CAAI,UAAA,CAAW,SAAS,sBAAsB,CAAA;AACnE,IAAA,IAAI,WAAA,EAAa;AACf,MAAA,MAAM,IAAI,KAAA;AAAA,QACR;AAAA,OAEF;AAAA,IACF;AAAA,EACF;AACF;AAMO,SAAS,mBAAA,CAAoB,MAAA,GAAwB,EAAC,EAAG;AAC9D,EAAA,OAAO,OAAO,GAAyE,IAAA,KAAe;AAMpG,IAAA,IAAIC,iCAAc,EAAG;AAEnB,MAAC,CAAA,CAAU,GAAA,CAAI,YAAA,EAAcC,+BAAA,EAAe,CAAA;AAAA,IAC9C;AAGA,IAAA,IAAI,iBAAA,EAAmB;AACrB,MAAA,OAAO,IAAA,EAAK;AAAA,IACd;AAGA,IAAA,MAAM,IAAA,GAAO,EAAE,GAAA,CAAI,IAAA;AACnB,IAAA,IACE,IAAA,CAAK,UAAA,CAAW,UAAU,CAAA,IAC1B,IAAA,CAAK,UAAA,CAAW,UAAU,CAAA,IAC1B,IAAA,KAAS,SAAA,IACT,IAAA,CAAK,QAAA,CAAS,KAAK,CAAA,IACnB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,IACpB,IAAA,CAAK,QAAA,CAAS,MAAM,CAAA,EACpB;AACA,MAAA,OAAO,IAAA,EAAK;AAAA,IACd;AAEA,IAAA,IAAI;AACF,MAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAI3D,MAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAC1D,MAAA,MAAM,gBAAA,GAAmB,IAAIC,kCAAA,CAAiB,CAAA,CAAE,IAAI,EAAE,CAAA;AACtD,MAAA,MAAM,iBAAiB,yBAAA,EAA0B;AAKjD,MAAA,IAAI;AACF,QAAA,MAAM,EAAA,GAAM,EAAE,GAAA,CAAY,QAAA;AAC1B,QAAA,IAAI,EAAA,EAAI;AACN,UAAA,MAAM,EAAE,oBAAA,EAAqB,GAAI,MAAM,OACrC,sBACF,CAAA;AACA,UAAA,oBAAA,CAAqB,EAAE,CAAA;AAAA,QACzB;AAAA,MACF,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,gDAAgD,KAAK,CAAA;AAAA,MACrE;AAKA,MAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAC3D,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,MAAMC,uCAAA,EAAsB;AAC5C,QAAAJ,uCAAA,EAAsB,CAAE,SAAS,OAAO,CAAA;AACxC,QAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,oCAAA,EAAuC,OAAA,CAAQ,MAAM,CAAA,cAAA,CAAgB,CAAA;AAAA,MACnF,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,qDAAqD,KAAK,CAAA;AAAA,MAC1E;AAGA,MAAA,OAAA,CAAQ,IAAI,2CAA2C,CAAA;AACvD,MAAA,IAAI;AACF,QAAA,MAAM,sBAAA,CAAuB,CAAA,CAAE,GAAA,CAAI,EAAE,CAAA;AAAA,MACvC,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,iDAAiD,KAAK,CAAA;AAAA,MACtE;AAIA,MAAA,IAAI;AACF,QAAA,MAAM,+BAAA,CAAgC,CAAA,CAAE,GAAA,CAAI,EAAE,CAAA;AAAA,MAChD,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,oDAAoD,KAAK,CAAA;AAAA,MACzE;AAGA,MAAA,IAAI;AACF,QAAA,MAAM,EAAE,WAAA,EAAAK,YAAAA,EAAY,GAAI,MAAM,OAAO,qBAAkB,CAAA;AACvD,QAAA,MAAM,IAAIA,aAAY,CAAA,CAAE,GAAA,CAAI,IAAK,CAAA,CAAE,GAAA,CAAY,QAAQ,CAAA,CAAE,oBAAA,EAAqB;AAAA,MAChF,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,6CAA6C,KAAK,CAAA;AAAA,MAClE;AAGA,MAAA,IAAI;AACF,QAAA,MAAM,IAAA,GAAO,MAAM,mCAAA,CAAoC,CAAA,CAAE,IAAI,EAAE,CAAA;AAC/D,QAAA,IAAI,IAAA,CAAK,QAAQ,OAAA,CAAQ,GAAA,CAAI,uDAAuD,IAAA,CAAK,IAAA,CAAK,IAAI,CAAC,CAAA,CAAE,CAAA;AAAA,MACvG,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,iEAAiE,KAAK,CAAA;AAAA,MACtF;AAGA,MAAA,IAAI,CAAC,MAAA,CAAO,OAAA,EAAS,UAAA,EAAY;AAC/B,QAAA,OAAA,CAAQ,IAAI,2CAA2C,CAAA;AACvD,QAAA,MAAM,gBAAA,GAAmB,IAAIC,wCAAA,CAAuB,CAAA,CAAE,IAAI,EAAE,CAAA;AAG5D,QAAA,MAAM,cAAA,GAAiB,MAAM,gBAAA,CAAiB,iBAAA,EAAkB;AAChE,QAAA,IAAI,cAAA,EAAgB;AAClB,UAAA,MAAM,iBAAiB,oBAAA,EAAqB;AAAA,QAC9C;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AAAA,MACzE;AAGA,MAAA,iBAAA,GAAoB,IAAA;AACpB,MAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,IAC3D,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,mDAAmD,KAAK,CAAA;AAAA,IAExE;AAIA,IAAA,oBAAA,CAAqB,EAAE,GAAe,CAAA;AAEtC,IAAA,OAAO,IAAA,EAAK;AAAA,EACd,CAAA;AACF;AAcA,eAAe,gCAAgC,EAAA,EAA+B;AAC5E,EAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAAA,CAQpC,EAAE,GAAA,EAAI;AAEP,EAAA,IAAI,CAAC,QAAQ,MAAA,EAAQ;AAErB,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,sBAAA,EAAyB,OAAA,CAAQ,MAAM,CAAA,6CAAA,CAA+C,CAAA;AAClG,EAAA,MAAM,SAAS,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAC3C,EAAA,KAAA,MAAW,QAAQ,OAAA,EAAyD;AAC1E,IAAA,MAAM,GAAG,OAAA,CAAQ;AAAA;AAAA;AAAA,IAAA,CAGhB,CAAA,CAAE,IAAA,CAAK,CAAA,KAAA,EAAQ,IAAA,CAAK,EAAE,CAAA,CAAA,EAAI,IAAA,CAAK,EAAA,EAAI,IAAA,CAAK,IAAI,IAAA,CAAK,aAAA,EAAe,MAAA,EAAQ,MAAM,EAAE,GAAA,EAAI;AAAA,EACvF;AACA,EAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,gDAAA,EAAmD,OAAA,CAAQ,MAAM,CAAA,UAAA,CAAY,CAAA;AAC3F;ACvOA,IAAM,mBAAA,GAAsB,gDAAA;AAG5B,IAAM,8BAAA,GAAiC,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,EAAA;AAMtD,SAAS,cAAc,KAAA,EAA0D;AAC/E,EAAA,IAAI,UAAU,MAAA,IAAa,KAAA,KAAU,IAAA,IAAQ,KAAA,KAAU,IAAI,OAAO,IAAA;AAClE,EAAA,IAAI,OAAO,UAAU,QAAA,IAAY,MAAA,CAAO,SAAS,KAAK,CAAA,IAAK,QAAQ,CAAA,EAAG;AACpE,IAAA,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAAA,EACzB;AACA,EAAA,MAAM,GAAA,GAAM,MAAA,CAAO,KAAK,CAAA,CAAE,IAAA,EAAK;AAC/B,EAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAA,EAAG;AACrB,IAAA,MAAM,CAAA,GAAI,QAAA,CAAS,GAAA,EAAK,EAAE,CAAA;AAC1B,IAAA,OAAO,CAAA,GAAI,IAAI,CAAA,GAAI,IAAA;AAAA,EACrB;AACA,EAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,KAAA,CAAM,8EAA8E,CAAA;AACtG,EAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,EAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,KAAA,CAAM,CAAC,GAAI,EAAE,CAAA;AACpC,EAAA,MAAM,IAAA,GAAO,KAAA,CAAM,CAAC,CAAA,CAAG,WAAA,EAAY;AACnC,EAAA,IAAI,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,EAAG,OAAO,KAAA;AACjC,EAAA,IAAI,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,SAAU,KAAA,GAAQ,EAAA;AACzC,EAAA,IAAI,KAAK,UAAA,CAAW,GAAG,CAAA,EAAG,OAAO,QAAQ,EAAA,GAAK,EAAA;AAC9C,EAAA,IAAI,KAAK,UAAA,CAAW,GAAG,GAAG,OAAO,KAAA,GAAQ,KAAK,EAAA,GAAK,EAAA;AACnD,EAAA,OAAO,IAAA;AACT;AAMO,SAAS,oBAAoB,GAAA,EAA0C;AAC5E,EAAA,MAAM,UAAA,GAAa,aAAA,CAAc,GAAA,EAAK,cAAc,CAAA;AACpD,EAAA,OAAO,UAAA,IAAc,8BAAA;AACvB;AAYA,eAAsB,yBAAA,CACpB,IACA,GAAA,EACiB;AACjB,EAAA,MAAM,SAAA,GAAY,aAAA,CAAc,GAAA,EAAK,cAAc,CAAA;AACnD,EAAA,IAAI,WAAW,OAAO,SAAA;AAEtB,EAAA,IAAI,EAAA,EAAI;AACN,IAAA,IAAI;AACF,MAAA,MAAM,MAAM,MAAM,EAAA,CACf,OAAA,CAAQ,4JAA4J,EACpK,KAAA,EAAM;AACT,MAAA,IAAI,KAAK,IAAA,EAAM;AACb,QAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,IAAI,CAAA;AAChC,QAAA,MAAM,MAAA,GAAS,aAAA,CAAc,IAAA,CAAK,YAAY,CAAA;AAC9C,QAAA,IAAI,QAAQ,OAAO,MAAA;AAAA,MACrB;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,OAAA,CAAQ,IAAA,CAAK,uEAAuE,GAAG,CAAA;AAAA,IACzF;AAAA,EACF;AACA,EAAA,OAAO,8BAAA;AACT;AAOA,eAAsB,+BAAA,CACpB,IACA,GAAA,EACiB;AACjB,EAAA,MAAM,aAAA,GAAgB,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,CAAA;AACrC,EAAA,MAAM,SAAA,GAAY,aAAA,CAAc,GAAA,EAAK,yBAAyB,CAAA;AAC9D,EAAA,IAAI,WAAW,OAAO,SAAA;AAEtB,EAAA,IAAI,EAAA,EAAI;AACN,IAAA,IAAI;AACF,MAAA,MAAM,MAAM,MAAM,EAAA,CACf,OAAA,CAAQ,4JAA4J,EACpK,KAAA,EAAM;AACT,MAAA,IAAI,KAAK,IAAA,EAAM;AACb,QAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,IAAI,CAAA;AAChC,QAAA,MAAM,MAAA,GAAS,aAAA,CAAc,IAAA,CAAK,sBAAA,EAAwB,UAAU,CAAA;AACpE,QAAA,IAAI,QAAQ,OAAO,MAAA;AAAA,MACrB;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,OAAA,CAAQ,IAAA,CAAK,wDAAwD,GAAG,CAAA;AAAA,IAC1E;AAAA,EACF;AACA,EAAA,OAAO,aAAA;AACT;AAQA,SAAS,iBAAiB,KAAA,EAAkC;AAC1D,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAC7B,IAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AAC/B,IAAA,MAAM,GAAA,GAAM,KAAA,CAAM,CAAC,CAAA,CAAG,OAAA,CAAQ,MAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA;AAC1D,IAAA,MAAM,MAAA,GAAS,MAAM,GAAA,CAAI,MAAA,CAAA,CAAQ,IAAK,GAAA,CAAI,MAAA,GAAS,KAAM,CAAC,CAAA;AAC1D,IAAA,MAAM,IAAA,GAAO,KAAK,MAAM,CAAA;AACxB,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA;AAC3B,IAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,CAAI,GAAA,KAAQ,UAAU,OAAO,IAAA;AAChD,IAAA,OAAO,GAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,iBAAiB,MAAA,EAA4B;AACpD,EAAA,MAAM,GAAA,GAAM,OAAO,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AACvD,EAAA,MAAM,MAAA,GAAS,MAAM,GAAA,CAAI,MAAA,CAAA,CAAQ,IAAK,GAAA,CAAI,MAAA,GAAS,KAAM,CAAC,CAAA;AAC1D,EAAA,MAAM,GAAA,GAAM,KAAK,MAAM,CAAA;AACvB,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,GAAA,CAAI,MAAA,EAAQ,CAAA,EAAA,EAAK,KAAA,CAAM,CAAC,CAAA,GAAI,GAAA,CAAI,UAAA,CAAW,CAAC,CAAA;AAChE,EAAA,OAAO,KAAA;AACT;AAMA,eAAe,oBAAA,CAAqB,OAAe,MAAA,EAAkC;AACnF,EAAA,IAAI;AACF,IAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAC7B,IAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,KAAA;AAC/B,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MAC9B,KAAA;AAAA,MACA,OAAA,CAAQ,OAAO,MAAM,CAAA;AAAA,MACrB,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,MAChC,KAAA;AAAA,MACA,CAAC,QAAQ;AAAA,KACX;AACA,IAAA,MAAM,SAAA,GAAY,gBAAA,CAAiB,KAAA,CAAM,CAAC,CAAE,CAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,MAAA,CAAO,CAAA,EAAG,KAAA,CAAM,CAAC,CAAC,CAAA,CAAA,EAAI,KAAA,CAAM,CAAC,CAAC,CAAA,CAAE,CAAA;AACxD,IAAA,OAAO,MAAM,MAAA,CAAO,MAAA,CAAO,OAAO,MAAA,EAAQ,GAAA,EAAK,WAAW,OAAO,CAAA;AAAA,EACnE,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEO,IAAM,WAAA,GAAN,MAAM,YAAA,CAAY;AAAA,EACvB,aAAa,aAAA,CACX,MAAA,EACA,KAAA,EACA,IAAA,EACA,QACA,gBAAA,EACiB;AACjB,IAAA,MAAM,MAAM,gBAAA,IAAoB,gBAAA,GAAmB,IAC/C,IAAA,CAAK,KAAA,CAAM,gBAAgB,CAAA,GAC3B,8BAAA;AACJ,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,MAAM,OAAA,GAAsB;AAAA,MAC1B,MAAA;AAAA,MACA,KAAA;AAAA,MACA,IAAA;AAAA,MACA,KAAK,GAAA,GAAM,GAAA;AAAA,MACX,GAAA,EAAK;AAAA,KACP;AAEA,IAAA,OAAO,MAAMC,QAAA,CAAK,OAAA,EAAS,MAAA,IAAU,qBAAqB,OAAO,CAAA;AAAA,EACnE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,aAAa,WAAA,CACX,KAAA,EACA,MAAA,EACA,eAAuB,CAAA,EACK;AAC5B,IAAA,MAAM,kBAAkB,MAAA,IAAU,mBAAA;AAClC,IAAA,IAAI;AACF,MAAA,IAAI,OAAA,GAA6B,IAAA;AACjC,MAAA,IAAI;AACF,QAAA,OAAA,GAAU,MAAMC,UAAA,CAAO,KAAA,EAAO,eAAA,EAAiB,OAAO,CAAA;AAAA,MACxD,SAAS,WAAA,EAAkB;AAKzB,QAAA,MAAM,IAAA,GAAO,aAAa,IAAA,IAAQ,EAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,WAAA,EAAa,OAAA,IAAW,EAAE,CAAA;AACjD,QAAA,MAAM,SAAA,GAAY,IAAA,KAAS,iBAAA,IAAqB,OAAA,CAAQ,SAAS,SAAS,CAAA;AAC1E,QAAA,IAAI,CAAC,SAAA,IAAa,YAAA,IAAgB,CAAA,EAAG;AACnC,UAAA,MAAM,WAAA;AAAA,QACR;AACA,QAAA,MAAM,cAAA,GAAiB,MAAM,oBAAA,CAAqB,KAAA,EAAO,eAAe,CAAA;AACxE,QAAA,IAAI,CAAC,gBAAgB,OAAO,IAAA;AAC5B,QAAA,MAAM,OAAA,GAAU,iBAAiB,KAAK,CAAA;AACtC,QAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,QAAA,OAAA,GAAU,OAAA;AAAA,MACZ;AAEA,MAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AAErB,MAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,MAAA,IAAI,OAAA,CAAQ,GAAA,GAAM,GAAA,GAAM,IAAA,CAAK,GAAA,CAAI,GAAG,IAAA,CAAK,KAAA,CAAM,YAAY,CAAC,CAAA,EAAG;AAC7D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO,OAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8BAA8B,KAAK,CAAA;AACjD,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,aAAa,kBAAkB,CAAA,EAAwC;AACrE,IAAA,IAAI,KAAA,GAAQ,EAAE,GAAA,CAAI,MAAA,CAAO,eAAe,CAAA,EAAG,OAAA,CAAQ,WAAW,EAAE,CAAA;AAChE,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,KAAA,GAAQC,gBAAA,CAAU,GAAG,YAAY,CAAA;AAAA,IACnC;AACA,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,IAAA,MAAM,MAAA,GAAU,EAAE,GAAA,EAAa,UAAA;AAC/B,IAAA,OAAO,MAAM,YAAA,CAAY,WAAA,CAAY,KAAA,EAAO,MAAM,CAAA;AAAA,EACpD;AAAA,EAEA,aAAa,aAAa,QAAA,EAAmC;AAC3D,IAAA,MAAM,UAAA,GAAa,GAAA;AACnB,IAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,EAAE,CAAA;AAC9B,IAAA,MAAA,CAAO,gBAAgB,IAAI,CAAA;AAE3B,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,WAAA,GAAc,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MACtC,KAAA;AAAA,MACA,OAAA,CAAQ,OAAO,QAAQ,CAAA;AAAA,MACvB,QAAA;AAAA,MACA,KAAA;AAAA,MACA,CAAC,YAAY;AAAA,KACf;AAEA,IAAA,MAAM,UAAA,GAAa,MAAM,MAAA,CAAO,MAAA,CAAO,UAAA;AAAA,MACrC;AAAA,QACE,IAAA,EAAM,QAAA;AAAA,QACN,IAAA;AAAA,QACA,UAAA;AAAA,QACA,IAAA,EAAM;AAAA,OACR;AAAA,MACA,WAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,MAAM,UAAU,KAAA,CAAM,IAAA,CAAK,IAAI,CAAA,CAAE,IAAI,CAAA,CAAA,KAAK,CAAA,CAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAClF,IAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,IAAI,WAAW,UAAU,CAAC,EAAE,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAExG,IAAA,OAAO,CAAA,OAAA,EAAU,UAAU,CAAA,CAAA,EAAI,OAAO,IAAI,OAAO,CAAA,CAAA;AAAA,EACnD;AAAA,EAEA,aAAa,mBAAmB,QAAA,EAAmC;AACjE,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAA,GAAW,2BAA2B,CAAA;AAClE,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,IAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACvD,IAAA,OAAO,SAAA,CAAU,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAAA,EACpE;AAAA,EAEA,aAAa,cAAA,CAAe,QAAA,EAAkB,UAAA,EAAsC;AAClF,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA,EAAG;AAEpC,MAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,KAAA,CAAM,GAAG,CAAA;AAClC,MAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,KAAA;AAE/B,MAAA,MAAM,aAAA,GAAgB,MAAM,CAAC,CAAA;AAC7B,MAAA,MAAM,OAAA,GAAU,MAAM,CAAC,CAAA;AACvB,MAAA,MAAM,eAAA,GAAkB,MAAM,CAAC,CAAA;AAC/B,MAAA,MAAM,UAAA,GAAa,QAAA,CAAS,aAAA,EAAe,EAAE,CAAA;AAE7C,MAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,KAAA,CAAM,OAAO,CAAA;AACvC,MAAA,IAAI,CAAC,WAAW,OAAO,KAAA;AACvB,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAA,CAAU,GAAA,CAAI,UAAQ,QAAA,CAAS,IAAA,EAAM,EAAE,CAAC,CAAC,CAAA;AAErE,MAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,MAAA,MAAM,WAAA,GAAc,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,QACtC,KAAA;AAAA,QACA,OAAA,CAAQ,OAAO,QAAQ,CAAA;AAAA,QACvB,QAAA;AAAA,QACA,KAAA;AAAA,QACA,CAAC,YAAY;AAAA,OACf;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,MAAA,CAAO,MAAA,CAAO,UAAA;AAAA,QACrC;AAAA,UACE,IAAA,EAAM,QAAA;AAAA,UACN,IAAA;AAAA,UACA,UAAA;AAAA,UACA,IAAA,EAAM;AAAA,SACR;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,MAAM,aAAA,GAAgB,MAAM,IAAA,CAAK,IAAI,WAAW,UAAU,CAAC,EAAE,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AAG9G,MAAA,IAAI,aAAA,CAAc,MAAA,KAAW,eAAA,CAAgB,MAAA,EAAQ,OAAO,KAAA;AAC5D,MAAA,IAAIC,OAAAA,GAAS,CAAA;AACb,MAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,aAAA,CAAc,QAAQ,CAAA,EAAA,EAAK;AAC7C,QAAAA,WAAU,aAAA,CAAc,UAAA,CAAW,CAAC,CAAA,GAAI,eAAA,CAAgB,WAAW,CAAC,CAAA;AAAA,MACtE;AACA,MAAA,OAAOA,OAAAA,KAAW,CAAA;AAAA,IACpB;AAGA,IAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,kBAAA,CAAmB,QAAQ,CAAA;AAEzD,IAAA,IAAI,UAAA,CAAW,MAAA,KAAW,UAAA,CAAW,MAAA,EAAQ,OAAO,KAAA;AACpD,IAAA,IAAI,MAAA,GAAS,CAAA;AACb,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,UAAA,CAAW,QAAQ,CAAA,EAAA,EAAK;AAC1C,MAAA,MAAA,IAAU,WAAW,UAAA,CAAW,CAAC,CAAA,GAAI,UAAA,CAAW,WAAW,CAAC,CAAA;AAAA,IAC9D;AACA,IAAA,OAAO,MAAA,KAAW,CAAA;AAAA,EACpB;AAAA,EAEA,OAAO,aAAa,UAAA,EAA6B;AAC/C,IAAA,OAAO,CAAC,UAAA,CAAW,UAAA,CAAW,SAAS,CAAA;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,aAAA,CAAc,CAAA,EAAY,KAAA,EAAe,OAAA,EAKvC;AACP,IAAAC,gBAAA,CAAU,CAAA,EAAG,cAAc,KAAA,EAAO;AAAA,MAChC,QAAA,EAAU,SAAS,QAAA,IAAY,IAAA;AAAA,MAC/B,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,QAAA,EAAU,SAAS,QAAA,IAAY,QAAA;AAAA,MAC/B,MAAA,EAAQ,OAAA,EAAS,MAAA,IAAU,mBAAA,CAAqB,GAAW,GAAG;AAAA,KAC/D,CAAA;AAAA,EACH;AACF;AAKO,IAAM,cAAc,MAAM;AAC/B,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,IAAA,GAAO,CAAA,CAAE,GAAA,CAAI,MAAM,CAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,yDAAyD,CAAA;AAAA,MAC7E;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,yBAAA,IAA6B,GAAG,CAAA;AAAA,IACzD;AAEA,IAAA,OAAO,MAAM,IAAA,EAAK;AAAA,EACpB,CAAA;AACF;AAIO,IAAM,WAAA,GAAc,CAAC,YAAA,KAAoC;AAC9D,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,IAAA,GAAO,CAAA,CAAE,GAAA,CAAI,MAAM,CAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,yDAAyD,CAAA;AAAA,MAC7E;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,yBAAA,IAA6B,GAAG,CAAA;AAAA,IACzD;AAEA,IAAA,MAAM,QAAQ,KAAA,CAAM,OAAA,CAAQ,YAAY,CAAA,GAAI,YAAA,GAAe,CAAC,YAAY,CAAA;AAExE,IAAA,IAAI,CAAC,KAAA,CAAM,QAAA,CAAS,IAAA,CAAK,IAAI,CAAA,EAAG;AAC9B,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,kEAAkE,CAAA;AAAA,MACtF;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,0BAAA,IAA8B,GAAG,CAAA;AAAA,IAC1D;AAEA,IAAA,OAAO,MAAM,IAAA,EAAK;AAAA,EACpB,CAAA;AACF;AAIO,IAAM,WAAA,GAAc,CAAC,QAAA,EAAkB,IAAA,KAAiB;AAC7D,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,IAAA,GAAO,CAAA,CAAE,GAAA,CAAI,MAAM,CAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,yDAAyD,CAAA;AAAA,MAC7E;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,yBAAA,IAA6B,GAAG,CAAA;AAAA,IACzD;AAGA,IAAA,MAAM,WAAA,GAAe,CAAA,CAAU,GAAA,CAAI,WAAW,CAAA;AAC9C,IAAA,IAAI,OAAA;AACJ,IAAA,IAAI,gBAAgB,MAAA,EAAW;AAC7B,MAAA,OAAA,GAAU,YAAY,QAAA,CAAS,CAAA,EAAG,QAAQ,CAAA,CAAA,EAAI,IAAI,CAAA,CAAE,CAAA;AAAA,IACtD,CAAA,MAAO;AACL,MAAA,OAAA,GAAU,MAAM,IAAIN,6BAAA,CAAa,CAAA,CAAE,GAAA,CAAY,EAAE,CAAA,CAAE,GAAA,CAAI,IAAA,CAAK,MAAA,EAAQ,QAAA,EAAU,IAAI,CAAA;AAAA,IACpF;AAEA,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,MAAM,YAAA,GAAe,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AAC/C,MAAA,IAAI,YAAA,CAAa,QAAA,CAAS,WAAW,CAAA,EAAG;AACtC,QAAA,OAAO,CAAA,CAAE,SAAS,kEAAkE,CAAA;AAAA,MACtF;AACA,MAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,0BAAA,IAA8B,GAAG,CAAA;AAAA,IAC1D;AAEA,IAAA,OAAO,MAAM,IAAA,EAAK;AAAA,EACpB,CAAA;AACF;AAIO,IAAM,eAAe,MAAM;AAChC,EAAA,OAAO,OAAO,IAAa,IAAA,KAAe;AACxC,IAAA,OAAO,MAAM,IAAA,EAAK;AAAA,EACpB,CAAA;AACF;;;AC1dO,IAAM,oBAAoB,MAAyB;AACxD,EAAA,OAAO,OAAO,GAAG,IAAA,KAAS;AACxB,IAAA,MAAM,OAAO,IAAI,GAAA,CAAI,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA;AAGhC,IAAA,IAAI,SAAS,8BAAA,EAAgC;AAC3C,MAAAO,gCAAA,CAAe,aAAA,EAAc;AAAA,IAC/B;AAGA,IAAA,MAAM,IAAA,EAAK;AAAA,EACb,CAAA;AACF;ACEA,IAAMC,oBAAAA,GAAsB,gDAAA;AAOrB,SAAS,uBAAuB,MAAA,EAA6B;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAE,CAAA;AAAA,EACzC;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,OAAO,EAAE,CAAA;AAC/E;AAGA,eAAe,WAAW,MAAA,EAAoC;AAC5D,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,OAAO,OAAO,MAAA,CAAO,SAAA;AAAA,IACnB,KAAA;AAAA,IACA,OAAA,CAAQ,OAAO,MAAM,CAAA;AAAA,IACrB,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,KAAA;AAAA,IACA,CAAC,QAAQ,QAAQ;AAAA,GACnB;AACF;AAWA,eAAsB,kBAAkB,MAAA,EAAiC;AACvE,EAAA,MAAM,UAAA,GAAa,IAAI,UAAA,CAAW,EAAE,CAAA;AACpC,EAAA,MAAA,CAAO,gBAAgB,UAAU,CAAA;AACjC,EAAA,MAAM,KAAA,GAAQ,sBAAA,CAAuB,UAAA,CAAW,MAAM,CAAA;AAEtD,EAAA,MAAM,GAAA,GAAM,MAAM,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,eAAA,GAAkB,MAAM,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,QAAQ,GAAA,EAAK,OAAA,CAAQ,MAAA,CAAO,KAAK,CAAC,CAAA;AACnF,EAAA,MAAM,SAAA,GAAY,uBAAuB,eAAe,CAAA;AAExD,EAAA,OAAO,CAAA,EAAG,KAAK,CAAA,CAAA,EAAI,SAAS,CAAA,CAAA;AAC9B;AAcA,eAAsB,iBAAA,CAAkB,OAAe,MAAA,EAAkC;AACvF,EAAA,IAAI,CAAC,KAAA,IAAS,OAAO,KAAA,KAAU,UAAU,OAAO,KAAA;AAEhD,EAAA,MAAM,QAAA,GAAW,KAAA,CAAM,OAAA,CAAQ,GAAG,CAAA;AAClC,EAAA,IAAI,QAAA,KAAa,IAAI,OAAO,KAAA;AAE5B,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,SAAA,CAAU,CAAA,EAAG,QAAQ,CAAA;AACzC,EAAA,MAAM,SAAA,GAAY,KAAA,CAAM,SAAA,CAAU,QAAA,GAAW,CAAC,CAAA;AAE9C,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,SAAA,EAAW,OAAO,KAAA;AAEjC,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,MAAM,UAAA,CAAW,MAAM,CAAA;AACnC,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAGhC,IAAA,MAAM,SAAA,GAAY,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAChE,IAAA,MAAM,SAAA,GAAY,KAAK,SAAS,CAAA;AAChC,IAAA,MAAM,QAAA,GAAW,IAAI,UAAA,CAAW,SAAA,CAAU,MAAM,CAAA;AAChD,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,SAAA,CAAU,QAAQ,CAAA,EAAA,EAAK;AACzC,MAAA,QAAA,CAAS,CAAC,CAAA,GAAI,SAAA,CAAU,UAAA,CAAW,CAAC,CAAA;AAAA,IACtC;AAGA,IAAA,OAAO,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,MAAA,EAAQ,GAAA,EAAK,QAAA,CAAS,MAAA,EAAQ,OAAA,CAAQ,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,EACvF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAMA,IAAM,oBAAA,GAAuB;AAAA,EAC3B,aAAA;AAAA,EACA,gBAAA;AAAA,EACA,kBAAA;AAAA,EACA,qBAAA;AAAA,EACA,eAAA;AAAA,EACA,yBAAA;AAAA,EACA,sBAAA;AAAA,EACA,8BAAA;AAAA,EACA,WAAA;AAAA,EACA,kBAAA;AAAA,EACA,gBAAA;AAAA,EACA,eAAA;AAAA,EACA,eAAA;AAAA,EACA,mBAAA;AAAA,EACA,cAAA;AAAA,EACA,qBAAA;AAAA,EACA;AACF,CAAA;AASA,SAAS,YAAA,CAAa,IAAA,EAAc,gBAAA,GAA6B,EAAC,EAAY;AAE5E,EAAA,IAAI,IAAA,CAAK,UAAA,CAAW,SAAS,CAAA,IAAK,IAAA,CAAK,UAAA,CAAW,aAAa,CAAA,IAAK,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,YAAA,EAAc;AAC9G,IAAA,OAAO,IAAA;AAAA,EACT;AAGA,EAAA,IAAI,IAAA,CAAK,UAAA,CAAW,aAAa,CAAA,EAAG;AAClC,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,CAAC,GAAG,oBAAA,EAAsB,GAAG,gBAAgB,CAAA;AAC/D,EAAA,KAAA,MAAW,UAAU,SAAA,EAAW;AAC9B,IAAA,IAAI,SAAS,MAAA,IAAU,IAAA,CAAK,UAAA,CAAW,MAAA,GAAS,GAAG,CAAA,EAAG;AACpD,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAkBO,SAAS,cAAA,CAAe,OAAA,GAAuB,EAAC,EAAG;AACxD,EAAA,OAAO,OAAO,GAAY,IAAA,KAAyC;AACjE,IAAA,MAAM,MAAA,GAAS,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,WAAA,EAAY;AACxC,IAAA,MAAM,OAAO,IAAI,GAAA,CAAI,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA;AAChC,IAAA,MAAM,MAAA,GAAS,CAAA,CAAE,GAAA,EAAK,UAAA,IAAcA,oBAAAA;AAGpC,IAAA,IAAI,EAAE,GAAA,EAAK,WAAA,KAAgB,gBAAgB,CAAC,CAAA,CAAE,KAAK,UAAA,EAAY;AAC7D,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN;AAAA,OAEF;AAAA,IACF;AAGA,IAAA,IAAI,MAAA,KAAW,KAAA,IAAS,MAAA,KAAW,MAAA,IAAU,WAAW,SAAA,EAAW;AACjE,MAAA,MAAM,gBAAA,CAAiB,GAAG,MAAM,CAAA;AAChC,MAAA,MAAM,IAAA,EAAK;AACX,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,YAAA,CAAa,IAAA,EAAM,OAAA,CAAQ,WAAW,CAAA,EAAG;AAC3C,MAAA,MAAM,IAAA,EAAK;AACX,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,UAAA,GAAaJ,gBAAAA,CAAU,CAAA,EAAG,YAAY,CAAA;AAC5C,IAAA,IAAI,CAAC,UAAA,EAAY;AACf,MAAA,MAAM,IAAA,EAAK;AACX,MAAA;AAAA,IACF;AAKA,IAAA,MAAM,UAAA,GAAa,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,eAAe,CAAA;AAC/C,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,IAAA,EAAK;AACX,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,WAAA,GAAcA,gBAAAA,CAAU,CAAA,EAAG,YAAY,CAAA;AAC7C,IAAA,IAAI,WAAA,GAAc,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,cAAc,CAAA;AAG7C,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,MAAM,WAAA,GAAc,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,cAAc,CAAA,IAAK,EAAA;AACpD,MAAA,IAAI,YAAY,QAAA,CAAS,mCAAmC,KAAK,WAAA,CAAY,QAAA,CAAS,qBAAqB,CAAA,EAAG;AAC5G,QAAA,IAAI;AACF,UAAA,MAAM,IAAA,GAAO,MAAM,CAAA,CAAE,GAAA,CAAI,SAAA,EAAU;AACnC,UAAA,WAAA,GAAc,KAAK,OAAO,CAAA;AAAA,QAC5B,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,WAAA,EAAa;AAChC,MAAA,OAAO,SAAA,CAAU,GAAG,oBAAoB,CAAA;AAAA,IAC1C;AAEA,IAAA,IAAI,gBAAgB,WAAA,EAAa;AAC/B,MAAA,OAAO,SAAA,CAAU,GAAG,qBAAqB,CAAA;AAAA,IAC3C;AAEA,IAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,CAAkB,WAAA,EAAa,MAAM,CAAA;AAC3D,IAAA,IAAI,CAAC,OAAA,EAAS;AACZ,MAAA,OAAO,SAAA,CAAU,GAAG,oBAAoB,CAAA;AAAA,IAC1C;AAEA,IAAA,MAAM,IAAA,EAAK;AAAA,EACb,CAAA;AACF;AAOA,eAAe,gBAAA,CAAiB,GAAY,MAAA,EAA+B;AACzE,EAAA,MAAM,QAAA,GAAWA,gBAAAA,CAAU,CAAA,EAAG,YAAY,CAAA;AAE1C,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,MAAM,OAAA,GAAU,MAAM,iBAAA,CAAkB,QAAA,EAAU,MAAM,CAAA;AACxD,IAAA,IAAI,OAAA,EAAS;AAEX,MAAA,CAAA,CAAE,GAAA,CAAI,aAAa,QAAQ,CAAA;AAC3B,MAAA;AAAA,IACF;AAAA,EACF;AAGA,EAAA,MAAM,KAAA,GAAQ,MAAM,iBAAA,CAAkB,MAAM,CAAA;AAC5C,EAAA,CAAA,CAAE,GAAA,CAAI,aAAa,KAAK,CAAA;AAExB,EAAA,MAAM,QAAQ,CAAA,CAAE,GAAA,EAAK,gBAAgB,aAAA,IAAiB,CAAC,EAAE,GAAA,EAAK,WAAA;AAC9D,EAAAE,gBAAAA,CAAU,CAAA,EAAG,YAAA,EAAc,KAAA,EAAO;AAAA,IAChC,QAAA,EAAU,KAAA;AAAA;AAAA,IACV,QAAQ,CAAC,KAAA;AAAA,IACT,QAAA,EAAU,QAAA;AAAA,IACV,IAAA,EAAM,GAAA;AAAA,IACN,MAAA,EAAQ;AAAA;AAAA,GACT,CAAA;AACH;AAGA,SAAS,SAAA,CAAU,GAAY,OAAA,EAA2B;AACxD,EAAA,MAAM,MAAA,GAAS,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAQ,CAAA,IAAK,EAAA;AACzC,EAAA,IAAI,MAAA,CAAO,QAAA,CAAS,WAAW,CAAA,EAAG;AAChC,IAAA,OAAO,CAAA,CAAE,IAAA;AAAA,MACP,gGACkC,OAAO,CAAA,kBAAA,CAAA;AAAA,MACzC;AAAA,KACF;AAAA,EACF;AACA,EAAA,OAAO,CAAA,CAAE,KAAK,EAAE,KAAA,EAAO,SAAS,MAAA,EAAQ,GAAA,IAAO,GAAG,CAAA;AACpD;;;AC3RO,SAAS,UAAU,OAAA,EAA2B;AACnD,EAAA,MAAM,EAAE,GAAA,EAAK,QAAA,EAAU,SAAA,EAAU,GAAI,OAAA;AAErC,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,EAAA,GAAM,EAAE,GAAA,EAAa,QAAA;AAC3B,IAAA,IAAI,CAAC,EAAA,EAAI;AAEP,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB;AAEA,IAAA,MAAM,EAAA,GAAK,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,kBAAkB,KAAK,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,iBAAiB,CAAA,IAAK,SAAA;AAClF,IAAA,MAAM,GAAA,GAAM,CAAA,UAAA,EAAa,SAAS,CAAA,CAAA,EAAI,EAAE,CAAA,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,MAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,GAAA,CAAI,KAAK,MAAM,CAAA;AAEvC,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,MAAA,IAAU,MAAA,CAAO,OAAA,GAAU,GAAA,EAAK;AAClC,QAAA,KAAA,GAAQ,MAAA;AAAA,MACV,CAAA,MAAO;AACL,QAAA,KAAA,GAAQ,EAAE,KAAA,EAAO,CAAA,EAAG,OAAA,EAAS,MAAM,QAAA,EAAS;AAAA,MAC9C;AAEA,MAAA,KAAA,CAAM,KAAA,EAAA;AAGN,MAAA,MAAM,aAAa,IAAA,CAAK,IAAA,CAAA,CAAM,KAAA,CAAM,OAAA,GAAU,OAAO,GAAI,CAAA;AAEzD,MAAA,IAAI,KAAA,CAAM,QAAQ,GAAA,EAAK;AAErB,QAAA,MAAM,EAAA,CAAG,GAAA,CAAI,GAAA,EAAK,IAAA,CAAK,UAAU,KAAK,CAAA,EAAG,EAAE,aAAA,EAAe,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,EAAE,GAAG,CAAA;AAEpF,QAAA,MAAM,aAAa,IAAA,CAAK,IAAA,CAAA,CAAM,KAAA,CAAM,OAAA,GAAU,OAAO,GAAI,CAAA;AACzD,QAAA,CAAA,CAAE,MAAA,CAAO,aAAA,EAAe,MAAA,CAAO,UAAU,CAAC,CAAA;AAC1C,QAAA,CAAA,CAAE,MAAA,CAAO,mBAAA,EAAqB,MAAA,CAAO,GAAG,CAAC,CAAA;AACzC,QAAA,CAAA,CAAE,MAAA,CAAO,yBAAyB,GAAG,CAAA;AACrC,QAAA,CAAA,CAAE,MAAA,CAAO,qBAAqB,MAAA,CAAO,IAAA,CAAK,KAAK,KAAA,CAAM,OAAA,GAAU,GAAI,CAAC,CAAC,CAAA;AACrE,QAAA,OAAO,EAAE,IAAA,CAAK,EAAE,KAAA,EAAO,4CAAA,IAAgD,GAAG,CAAA;AAAA,MAC5E;AAEA,MAAA,MAAM,EAAA,CAAG,GAAA,CAAI,GAAA,EAAK,IAAA,CAAK,UAAU,KAAK,CAAA,EAAG,EAAE,aAAA,EAAe,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,EAAE,GAAG,CAAA;AAEpF,MAAA,CAAA,CAAE,MAAA,CAAO,mBAAA,EAAqB,MAAA,CAAO,GAAG,CAAC,CAAA;AACzC,MAAA,CAAA,CAAE,OAAO,uBAAA,EAAyB,MAAA,CAAO,GAAA,GAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAC3D,MAAA,CAAA,CAAE,MAAA,CAAO,qBAAqB,MAAA,CAAO,IAAA,CAAK,KAAK,KAAA,CAAM,OAAA,GAAU,GAAI,CAAC,CAAC,CAAA;AAErE,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB,SAAS,KAAA,EAAO;AAEd,MAAA,OAAA,CAAQ,KAAA,CAAM,mCAAmC,KAAK,CAAA;AACtD,MAAA,OAAO,MAAM,IAAA,EAAK;AAAA,IACpB;AAAA,EACF,CAAA;AACF;;;AChEO,IAAM,4BAA4B,MAAM;AAC7C,EAAA,OAAO,OAAO,GAAY,IAAA,KAAe;AACvC,IAAA,MAAM,IAAA,EAAK;AAEX,IAAA,CAAA,CAAE,MAAA,CAAO,0BAA0B,SAAS,CAAA;AAC5C,IAAA,CAAA,CAAE,MAAA,CAAO,mBAAmB,YAAY,CAAA;AACxC,IAAA,CAAA,CAAE,MAAA,CAAO,mBAAmB,iCAAiC,CAAA;AAC7D,IAAA,CAAA,CAAE,MAAA,CAAO,sBAAsB,0CAA0C,CAAA;AAGzE,IAAA,MAAM,WAAA,GAAe,EAAE,GAAA,EAAa,WAAA;AACpC,IAAA,IAAI,gBAAgB,aAAA,EAAe;AACjC,MAAA,CAAA,CAAE,MAAA,CAAO,6BAA6B,qCAAqC,CAAA;AAAA,IAC7E;AAAA,EACF,CAAA;AACF;;;ACRA,eAAsB,cAAA,CAAe,IAAgB,QAAA,EAAoC;AACvF,EAAA,IAAI;AAGF,IAAA,MAAM,SAAA,GAAY,MAAM,EAAA,CACrB,OAAA;AAAA,MACC,CAAA;AAAA;AAAA,0DAAA;AAAA,KAGF,CACC,IAAA,CAAK,QAAQ,CAAA,CACb,KAAA,EAAM;AACT,IAAA,OAAQ,WAAmB,MAAA,KAAW,QAAA;AAAA,EACxC,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,kDAAA,EAAqD,QAAQ,CAAA,CAAA,CAAA,EAAK,KAAK,CAAA;AACrF,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AASA,eAAsB,mBAAA,CAAoB,IAAgB,QAAA,EAAiC;AACzF,EAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,EAAA,EAAI,QAAQ,CAAA;AAClD,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,QAAA,EAAW,QAAQ,CAAA,+BAAA,CAAiC,CAAA;AAAA,EACtE;AACF;AASA,eAAsB,oBAAA,CAAqB,IAAgB,SAAA,EAAoC;AAC7F,EAAA,KAAA,MAAW,YAAY,SAAA,EAAW;AAChC,IAAA,MAAM,mBAAA,CAAoB,IAAI,QAAQ,CAAA;AAAA,EACxC;AACF;AAOA,eAAsB,iBAAiB,EAAA,EAAgC;AACrE,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,EAAA,CACvB,OAAA;AAAA,MACC,CAAA;AAAA;AAAA,yFAAA;AAAA,MAID,GAAA,EAAI;AAEP,IAAA,OAAO,WAAW,EAAC;AAAA,EACrB,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,qDAAqD,KAAK,CAAA;AACxE,IAAA,OAAO,EAAC;AAAA,EACV;AACF;;;ACvCO,IAAM,oBAAyB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACzE,IAAM,4BAAiC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACjF,IAAM,4BAAiC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACjF,IAAM,+BAAoC,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACpF,IAAM,eAAoB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACpE,IAAM,qBAAA,GAA6B,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAIvE,IAAM,oBAAyB;AAC/B,IAAM,oBAAyB,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AACzE,IAAM,uBAA4B,MAAM,OAAO,EAAA,EAAS,IAAA,KAAc,MAAM,IAAA;AAC5E,IAAM,cAAmB,MAAM;AAAC","file":"chunk-WACUJVXY.cjs","sourcesContent":["import { D1Database } from '@cloudflare/workers-types'\nimport { nanoid } from 'nanoid'\nimport type {\n PluginDocumentType,\n DocumentType,\n DocumentTypeRow,\n} from '../schemas/document'\nimport { ensureScalarSchema } from './document-scalar-schema'\n\nfunction rowToDocumentType(row: DocumentTypeRow): DocumentType {\n return {\n id: row.id,\n name: row.name,\n displayName: row.display_name,\n description: row.description,\n schema: JSON.parse(row.schema),\n queryableFields: JSON.parse(row.queryable_fields),\n settings: JSON.parse(row.settings),\n pluginId: row.plugin_id,\n source: row.source,\n schemaVersion: row.schema_version,\n isSystem: row.is_system === 1,\n isActive: row.is_active === 1,\n isAuth: row.is_auth === 1,\n createdAt: row.created_at,\n updatedAt: row.updated_at,\n }\n}\n\nexport class DocumentTypeRegistry {\n private cache = new Map<string, DocumentType>()\n\n constructor(private db: D1Database) {}\n\n // Register or update a document type. Idempotent: bumps schema_version only when schema changes.\n async register(def: PluginDocumentType & { pluginId?: string; source?: 'code' | 'plugin' | 'system' }): Promise<DocumentType> {\n const now = Math.floor(Date.now() / 1000)\n const existing = await this.findById(def.id)\n\n // A z.ZodSchema is not JSON-serializable, so persist a stable serializable shape derived from\n // the type's queryable fields + settings. This is what schemaChanged compares, so schema_version\n // bumps whenever a type's filterable shape changes (and is stamped onto documents.type_version).\n const schemaJson = JSON.stringify({ queryableFields: def.queryableFields ?? [], settings: def.settings ?? {} })\n const queryableJson = JSON.stringify(def.queryableFields ?? [])\n const settingsJson = JSON.stringify(def.settings ?? {})\n\n if (existing) {\n const schemaChanged = schemaJson !== JSON.stringify(existing.schema)\n const newVersion = schemaChanged ? existing.schemaVersion + 1 : existing.schemaVersion\n\n await this.db\n .prepare(\n `UPDATE document_types SET\n display_name = ?,\n description = ?,\n schema = ?,\n queryable_fields = ?,\n settings = ?,\n plugin_id = ?,\n schema_version = ?,\n is_active = 1,\n is_auth = ?,\n updated_at = ?\n WHERE id = ?`,\n )\n .bind(\n def.displayName,\n def.description ?? null,\n schemaJson,\n queryableJson,\n settingsJson,\n def.pluginId ?? null,\n newVersion,\n def.isAuth ? 1 : 0,\n now,\n def.id,\n )\n .run()\n\n // Auto-DDL: ensure VIRTUAL generated columns + indexes for scalar fields.\n await ensureScalarSchema(this.db, def.id, def.queryableFields ?? [])\n\n const updated = await this.findById(def.id)\n this.cache.set(def.id, updated!)\n return updated!\n }\n\n await this.db\n .prepare(\n `INSERT INTO document_types (id, name, display_name, description, schema, queryable_fields, settings, plugin_id, source, schema_version, is_system, is_active, is_auth, created_at, updated_at)\n VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, 1, 0, 1, ?, ?, ?)`,\n )\n .bind(\n def.id,\n def.name ?? def.id,\n def.displayName,\n def.description ?? null,\n schemaJson,\n queryableJson,\n settingsJson,\n def.pluginId ?? null,\n def.source ?? 'code',\n def.isAuth ? 1 : 0,\n now,\n now,\n )\n .run()\n\n // Auto-DDL: ensure VIRTUAL generated columns + indexes for scalar fields.\n await ensureScalarSchema(this.db, def.id, def.queryableFields ?? [])\n\n const created = await this.findById(def.id)\n this.cache.set(def.id, created!)\n return created!\n }\n\n async findById(id: string): Promise<DocumentType | null> {\n if (this.cache.has(id)) return this.cache.get(id)!\n\n const row = await this.db\n .prepare('SELECT * FROM document_types WHERE id = ?')\n .bind(id)\n .first<DocumentTypeRow>()\n\n if (!row) return null\n const dt = rowToDocumentType(row)\n this.cache.set(id, dt)\n return dt\n }\n\n async findAll(activeOnly = true): Promise<DocumentType[]> {\n const sql = activeOnly\n ? 'SELECT * FROM document_types WHERE is_active = 1 ORDER BY name'\n : 'SELECT * FROM document_types ORDER BY name'\n\n const result = await this.db.prepare(sql).all<DocumentTypeRow>()\n return (result.results ?? []).map(rowToDocumentType)\n }\n\n async deactivate(id: string): Promise<void> {\n const now = Math.floor(Date.now() / 1000)\n await this.db\n .prepare('UPDATE document_types SET is_active = 0, updated_at = ? WHERE id = ?')\n .bind(now, id)\n .run()\n this.cache.delete(id)\n }\n\n clearCache(): void {\n this.cache.clear()\n }\n}\n","import { D1Database } from '@cloudflare/workers-types'\nimport { z } from 'zod'\nimport { DocumentTypeRegistry } from './document-type-registry'\nimport { getCollectionRegistry } from './collection-registry'\n\n// Passthrough schema: accepts any JSON object for POC types.\n// Individual fields are validated at the queryable-field level; the full\n// payload schema is a future enhancement (addDocumentType will accept Zod schemas).\nconst anyObject = z.record(z.string(), z.unknown())\n\n// Registers the POC document types idempotently during bootstrap.\n// These are the candidate types from the document model plan.\n// Each call is a no-op if the type already exists and the schema hasn't changed.\nexport async function bootstrapDocumentTypes(db: D1Database): Promise<void> {\n const registry = new DocumentTypeRegistry(db)\n\n // Site settings: internal singleton config — never surfaced in content admin.\n await registry.register({\n id: 'site_settings',\n name: 'site_settings',\n displayName: 'Site Settings',\n description: 'Global site configuration (internal; managed via admin settings UI)',\n source: 'system',\n schema: anyObject,\n settings: {\n internal: true,\n maxVersionsPerRoot: 1,\n baseGrants: { admin: ['read', 'create', 'update', 'delete', 'manage'] },\n },\n queryableFields: [],\n })\n\n // Blog post: the code-managed `blog_post` collection is backed by the document model.\n // The matching id (`blog_post` == collection name) is how content admin detects doc-backing.\n await registry.register({\n id: 'blog_post',\n name: 'blog_post',\n displayName: 'Blog Post',\n description: 'Blog post (document-backed; edited via the content collection UI)',\n source: 'system',\n schema: anyObject,\n settings: {\n baseGrants: { public: ['read'], admin: ['read', 'create', 'update', 'delete', 'publish', 'manage'], editor: ['read', 'create', 'update', 'publish'], viewer: ['read'] },\n maxVersionsPerRoot: 50,\n },\n queryableFields: [\n { name: 'difficulty', kind: 'scalar', type: 'text', column: 'q_blog_difficulty' },\n { name: 'author', kind: 'scalar', type: 'text', column: 'q_blog_author' },\n ],\n })\n\n // Plugin registry (document-backed plugin management)\n await registry.register({\n id: 'plugin',\n name: 'plugin',\n displayName: 'Plugin',\n description: 'System plugin record (managed by the plugin bootstrap service)',\n source: 'system',\n schema: anyObject,\n settings: {\n baseGrants: { admin: ['read', 'create', 'update', 'delete', 'publish', 'manage'] },\n maxVersionsPerRoot: 1,\n internal: true,\n },\n queryableFields: [\n { name: 'status', kind: 'scalar', type: 'text', column: 'q_plugin_status' },\n { name: 'category', kind: 'scalar', type: 'text', column: 'q_plugin_category' },\n { name: 'isCore', kind: 'scalar', type: 'integer', column: 'q_plugin_is_core' },\n ],\n })\n\n // Tenant registry (document-backed multi-tenancy; rows managed by the multi-tenant plugin).\n // Tenant records are platform metadata and live under the 'default' tenant themselves.\n // Zero rows until the multi-tenant plugin is activated and used.\n await registry.register({\n id: 'tenant',\n name: 'tenant',\n displayName: 'Tenant',\n description: 'Tenant record (managed by the multi-tenant plugin; slug = tenant id)',\n source: 'system',\n schema: anyObject,\n settings: {\n baseGrants: { admin: ['read', 'create', 'update', 'delete', 'manage'] },\n maxVersionsPerRoot: 1,\n internal: true,\n },\n queryableFields: [\n { name: 'status', kind: 'scalar', type: 'text', column: 'q_tenant_status' },\n { name: 'domain', kind: 'scalar', type: 'text', column: 'q_tenant_domain' },\n ],\n })\n\n // User profile (auth-owned). One document per user, addressed by slug = userId.\n // Replaces the auth_user_profiles table. Typed fields + custom fields live in `data`.\n await registry.register({\n id: 'user_profile',\n name: 'user_profile',\n displayName: 'User Profile',\n description: 'Per-user profile record (auth-owned; one document per user, slug = userId)',\n source: 'system',\n isAuth: true,\n schema: anyObject,\n settings: {\n // Hidden from the content admin surfaces; a single mutable record (no version history).\n internal: true,\n maxVersionsPerRoot: 1,\n pii: true,\n baseGrants: { admin: ['read', 'create', 'update', 'delete', 'manage'] },\n },\n queryableFields: [],\n })\n\n // Media asset (document-authoritative media library). One document per uploaded R2 object.\n // Internal: managed via the media library + media selector, not offered as a content model.\n // Registering here both satisfies the documents.type_id FK and creates the q_media_* columns\n // (DocumentTypeRegistry.register → ensureScalarSchema). Must stay in sync with MEDIA_QUERYABLE\n // in services/media-documents.ts.\n await registry.register({\n id: 'media_asset',\n name: 'media_asset',\n displayName: 'Media Asset',\n description: 'Uploaded media file metadata (managed via the media library; backs an R2 object)',\n source: 'system',\n schema: anyObject,\n settings: {\n internal: true,\n maxVersionsPerRoot: 5,\n baseGrants: {\n admin: ['read', 'create', 'update', 'delete', 'manage'],\n editor: ['read', 'create', 'update'],\n author: ['read', 'create'],\n viewer: ['read'],\n },\n },\n queryableFields: [\n { name: 'mimeType', kind: 'scalar', type: 'text', column: 'q_media_mime' },\n { name: 'folder', kind: 'scalar', type: 'text', column: 'q_media_folder' },\n { name: 'size', kind: 'scalar', type: 'integer', column: 'q_media_size' },\n { name: 'tags', kind: 'facet', type: 'text' },\n ],\n })\n\n // Plugin activity log (document-backed; replaces legacy plugin_activity_log table which was never migrated)\n await registry.register({\n id: 'plugin_activity',\n name: 'plugin_activity',\n displayName: 'Plugin Activity',\n description: 'Plugin lifecycle event log (installed/activated/deactivated/settings_updated/error)',\n source: 'system',\n schema: anyObject,\n settings: {\n internal: true,\n maxVersionsPerRoot: 1,\n baseGrants: { admin: ['read', 'create', 'manage'] },\n },\n queryableFields: [\n { name: 'pluginId', kind: 'scalar', type: 'text', column: 'q_plugin_activity_plugin_id' },\n { name: 'action', kind: 'scalar', type: 'text', column: 'q_plugin_activity_action' },\n ],\n })\n\n // Security audit event (document-backed; replaces legacy security_events table)\n await registry.register({\n id: 'security_event',\n name: 'security_event',\n displayName: 'Security Event',\n description: 'Security audit event (login attempts, lockouts, suspicious activity)',\n source: 'system',\n schema: anyObject,\n settings: {\n internal: true,\n maxVersionsPerRoot: 1,\n baseGrants: { admin: ['read', 'create', 'manage'] },\n },\n queryableFields: [\n { name: 'eventType', kind: 'scalar', type: 'text', column: 'q_sa_event_type' },\n { name: 'severity', kind: 'scalar', type: 'text', column: 'q_sa_severity' },\n { name: 'userId', kind: 'scalar', type: 'text', column: 'q_sa_user_id' },\n { name: 'email', kind: 'scalar', type: 'text', column: 'q_sa_email' },\n { name: 'ipAddress', kind: 'scalar', type: 'text', column: 'q_sa_ip_address' },\n { name: 'blocked', kind: 'scalar', type: 'integer', column: 'q_sa_blocked' },\n ],\n })\n\n // Analytics event (document-backed; replaces legacy analytics_events table)\n await registry.register({\n id: 'analytics_event',\n name: 'analytics_event',\n displayName: 'Analytics Event',\n description: 'Tracked analytics event (page view, user action, custom event)',\n source: 'system',\n schema: anyObject,\n settings: {\n internal: true,\n maxVersionsPerRoot: 1,\n baseGrants: { admin: ['read', 'create', 'manage'] },\n },\n queryableFields: [\n { name: 'event', kind: 'scalar', type: 'text', column: 'q_evt_event' },\n { name: 'category', kind: 'scalar', type: 'text', column: 'q_evt_category' },\n { name: 'userId', kind: 'scalar', type: 'text', column: 'q_evt_user_id' },\n { name: 'sessionId', kind: 'scalar', type: 'text', column: 'q_evt_session_id' },\n { name: 'path', kind: 'scalar', type: 'text', column: 'q_evt_path' },\n ],\n })\n\n // Media asset: every file upload creates a media_asset document (document-authoritative).\n // File bytes stay in R2; this document holds intrinsic metadata (dimensions, mime, r2Key…).\n await registry.register({\n id: 'media_asset',\n name: 'media_asset',\n displayName: 'Media Asset',\n description: 'Media file metadata (R2 object key + intrinsic properties; URL derived at read time)',\n source: 'system',\n schema: anyObject,\n settings: {\n baseGrants: { public: ['read'], admin: ['read', 'create', 'update', 'delete', 'publish', 'manage'], editor: ['read', 'create', 'update'] },\n maxVersionsPerRoot: 5,\n },\n queryableFields: [\n { name: 'mimeType', kind: 'scalar', type: 'text', column: 'q_media_mime' },\n { name: 'folder', kind: 'scalar', type: 'text', column: 'q_media_folder' },\n { name: 'size', kind: 'scalar', type: 'integer', column: 'q_media_size' },\n { name: 'tags', kind: 'facet', type: 'text' },\n ],\n })\n\n // ── RBAC (auth-owned). 3 document types replace 4 relational tables: ──────────\n // rbac_role slug = roleId, data.grants[] embedded (replaces role_grants)\n // rbac_verb slug = verbId\n // rbac_user_roles slug = userId, data.roleIds[] embedded (replaces user_roles)\n // All internal + is_auth so they never surface in content. See services/rbac.ts.\n for (const [id, displayName, description] of [\n ['rbac_role', 'RBAC Role', 'Role record with embedded grants (auth-owned)'],\n ['rbac_verb', 'RBAC Verb', 'Permission verb (auth-owned)'],\n ['rbac_user_roles', 'RBAC User Roles', \"Per-user role assignments (auth-owned; slug = userId)\"],\n ] as const) {\n await registry.register({\n id,\n name: id,\n displayName,\n description,\n source: 'system',\n isAuth: true,\n schema: anyObject,\n settings: {\n internal: true,\n maxVersionsPerRoot: 1,\n baseGrants: { admin: ['read', 'create', 'update', 'delete', 'manage'] },\n },\n queryableFields: [],\n })\n }\n}\n\n/**\n * Register a document type for every code-defined collection in the registry.\n *\n * Code-defined collections become document-backed automatically so that all\n * content writes against them flow through the documents repository. The\n * document type's id == collection name, matching how content admin detects\n * doc-backing.\n */\nexport async function autoRegisterCollectionDocumentTypes(db: D1Database): Promise<string[]> {\n const registry = new DocumentTypeRegistry(db)\n const collections = getCollectionRegistry().listActive()\n const registered: string[] = []\n\n for (const collection of collections) {\n // Skip system/internal collections that already have explicit document type\n // definitions in bootstrapDocumentTypes (e.g. blog_post is seeded above\n // with its own queryable fields). The explicit registration wins.\n if (collection.internal) continue\n if (collection.name === 'blog_post') continue\n\n try {\n await registry.register({\n id: collection.name,\n name: collection.name,\n displayName: collection.displayName,\n description: collection.description,\n source: 'system',\n schema: anyObject,\n settings: {\n baseGrants: {\n public: ['read'],\n admin: ['read', 'create', 'update', 'delete', 'publish', 'manage'],\n editor: ['read', 'create', 'update', 'publish'],\n viewer: ['read'],\n },\n maxVersionsPerRoot: 50,\n ...(collection.versioning ? { versioning: true } : {}),\n },\n queryableFields: [],\n })\n registered.push(collection.name)\n } catch (error) {\n console.error(`[document-types-seed] Failed to register collection \"${collection.name}\":`, error)\n }\n }\n\n return registered\n}\n","import { Context, Next } from \"hono\";\nimport { loadCollectionConfigs } from \"../services/collection-loader\";\nimport { getCollectionRegistry } from \"../services/collection-registry\";\nimport { MigrationService } from \"../services/migrations\";\nimport { PluginBootstrapService } from \"../services/plugin-bootstrap\";\nimport { bootstrapDocumentTypes, autoRegisterCollectionDocumentTypes } from \"../services/document-types-seed\";\nimport { getHookSystem, hasHookSystem } from \"../plugins/hooks/hook-system-singleton\";\nimport type { SonicJSConfig } from \"../app\";\n\ntype Bindings = {\n DB: D1Database;\n KV: KVNamespace;\n JWT_SECRET?: string;\n CORS_ORIGINS?: string;\n ENVIRONMENT?: string;\n};\n\n// Track if bootstrap has been run in this worker instance\nlet bootstrapComplete = false;\n\n/**\n * Verify security-critical environment configuration at startup.\n * Logs warnings in development, throws in production to prevent\n * insecure deployments from silently running.\n */\nexport function verifySecurityConfig(env: Bindings): void {\n const warnings: string[] = [];\n\n // Check JWT secret\n if (!env.JWT_SECRET) {\n warnings.push(\n \"JWT_SECRET is not set — using hardcoded fallback. Set via `wrangler secret put JWT_SECRET`\"\n );\n } else if (env.JWT_SECRET.includes(\"change-in-production\")) {\n warnings.push(\n \"JWT_SECRET contains the default value — tokens are forgeable. Generate a strong random secret\"\n );\n }\n\n // Check CORS origins\n if (!env.CORS_ORIGINS) {\n warnings.push(\n \"CORS_ORIGINS is not set — all cross-origin API requests will be rejected\"\n );\n }\n\n // Check environment designation\n if (!env.ENVIRONMENT) {\n warnings.push(\n \"ENVIRONMENT is not set — HSTS header will not be applied. Set to \\\"production\\\" or \\\"development\\\"\"\n );\n }\n\n if (warnings.length === 0) {\n return;\n }\n\n const isProduction = env.ENVIRONMENT === \"production\";\n\n for (const warning of warnings) {\n console.warn(`[SonicJS Security] ${warning}`);\n }\n\n if (isProduction) {\n // In production, a missing or default JWT_SECRET is a hard failure —\n // every token issued would be forgeable by anyone reading the source code.\n const hasCritical =\n !env.JWT_SECRET || env.JWT_SECRET.includes(\"change-in-production\");\n if (hasCritical) {\n throw new Error(\n \"[SonicJS Security] CRITICAL: Production deployment is missing a secure JWT_SECRET. \" +\n \"Set it via `wrangler secret put JWT_SECRET` before deploying.\"\n );\n }\n }\n}\n\n/**\n * Bootstrap middleware that ensures system initialization\n * Runs once per worker instance\n */\nexport function bootstrapMiddleware(config: SonicJSConfig = {}) {\n return async (c: Context<{ Bindings: Bindings; Variables: { hookSystem?: unknown } }>, next: Next) => {\n // Attach the hook system to the request BEFORE any heavy bootstrap work\n // runs, so anything that emits a hook during bootstrap (cron cold starts,\n // RBAC seed, document-type registration, plugin onBoot via createPluginWirer)\n // sees a live bus instead of a no-op. The process singleton was published at\n // app-factory time (app.ts); we only forward it onto the request here.\n if (hasHookSystem()) {\n // eslint-disable-next-line @typescript-eslint/no-explicit-any -- Variables typed loosely here; concrete type lives in app.ts\n (c as any).set(\"hookSystem\", getHookSystem());\n }\n\n // Skip if already bootstrapped in this worker instance\n if (bootstrapComplete) {\n return next();\n }\n\n // Skip bootstrap for static assets and health checks\n const path = c.req.path;\n if (\n path.startsWith(\"/images/\") ||\n path.startsWith(\"/assets/\") ||\n path === \"/health\" ||\n path.endsWith(\".js\") ||\n path.endsWith(\".css\") ||\n path.endsWith(\".png\") ||\n path.endsWith(\".jpg\") ||\n path.endsWith(\".ico\")\n ) {\n return next();\n }\n\n try {\n console.log(\"[Bootstrap] Starting system initialization...\");\n\n // 1. Run idempotent schema compatibility repairs. Migration state and\n // migration execution are owned by Cloudflare D1/Wrangler.\n console.log(\"[Bootstrap] Checking schema compatibility...\");\n const migrationService = new MigrationService(c.env.DB);\n await migrationService.ensureSchemaCompatibility();\n\n // 1a. Wire the CACHE_KV binding into the cache plugin's singleton store so\n // cache writes survive isolate evictions. Memory-only cache is per-isolate\n // and ephemeral, which makes /admin/cache appear \"empty\" after restarts.\n try {\n const kv = (c.env as any).CACHE_KV;\n if (kv) {\n const { setGlobalKVNamespace } = await import(\n \"../plugins/cache/services/cache\"\n );\n setGlobalKVNamespace(kv);\n }\n } catch (error) {\n console.error(\"[Bootstrap] Error wiring CACHE_KV namespace:\", error);\n }\n\n // 2. Populate the in-memory collection registry from code-defined configs.\n // This is the source of truth going forward; the DB `collections` table is\n // being decommissioned (see docs/ai/plans/drop-db-collections-plan.md).\n console.log(\"[Bootstrap] Populating collection registry...\");\n try {\n const configs = await loadCollectionConfigs();\n getCollectionRegistry().register(configs);\n console.log(`[Bootstrap] Registry populated with ${configs.length} collection(s)`);\n } catch (error) {\n console.error(\"[Bootstrap] Error populating collection registry:\", error);\n }\n\n // 3. Register document types (idempotent)\n console.log(\"[Bootstrap] Registering document types...\");\n try {\n await bootstrapDocumentTypes(c.env.DB);\n } catch (error) {\n console.error(\"[Bootstrap] Error registering document types:\", error);\n }\n\n // 2c. Repair legacy users that have password_hash in auth_user but no\n // auth_account credential row (registered before Better Auth migration).\n try {\n await repairMissingCredentialAccounts(c.env.DB)\n } catch (error) {\n console.error('[Bootstrap] Error repairing credential accounts:', error)\n }\n\n // 3a. Seed system RBAC roles/verbs/grants as documents (idempotent).\n try {\n const { RbacService } = await import(\"../services/rbac\");\n await new RbacService(c.env.DB, (c.env as any).CACHE_KV).ensureSystemRbacSeed();\n } catch (error) {\n console.error(\"[Bootstrap] Error seeding RBAC documents:\", error);\n }\n\n // 3b. Make every content collection document-backed (so all new content goes to `documents`).\n try {\n const auto = await autoRegisterCollectionDocumentTypes(c.env.DB);\n if (auto.length) console.log(`[Bootstrap] Document-backed collections registered: ${auto.join(\", \")}`);\n } catch (error) {\n console.error(\"[Bootstrap] Error auto-registering collection document types:\", error);\n }\n\n // 4. Bootstrap core plugins (unless disableAll is set)\n if (!config.plugins?.disableAll) {\n console.log(\"[Bootstrap] Bootstrapping core plugins...\");\n const bootstrapService = new PluginBootstrapService(c.env.DB);\n\n // Check if bootstrap is needed\n const needsBootstrap = await bootstrapService.isBootstrapNeeded();\n if (needsBootstrap) {\n await bootstrapService.bootstrapCorePlugins();\n }\n } else {\n console.log(\"[Bootstrap] Plugin bootstrap skipped (disableAll is true)\");\n }\n\n // Mark bootstrap as complete for this worker instance\n bootstrapComplete = true;\n console.log(\"[Bootstrap] System initialization completed\");\n } catch (error) {\n console.error(\"[Bootstrap] Error during system initialization:\", error);\n // Don't prevent the app from starting, but log the error\n }\n\n // 4. Verify security configuration (outside try/catch so critical\n // errors in production propagate and prevent insecure deployments)\n verifySecurityConfig(c.env as Bindings);\n\n return next();\n };\n}\n\n/**\n * Reset bootstrap flag (useful for testing)\n */\nexport function resetBootstrap() {\n bootstrapComplete = false;\n}\n\n/**\n * Find auth_user rows that have a password_hash but no auth_account credential\n * row (created before Better Auth migration) and repair them. Idempotent —\n * INSERT OR IGNORE means re-runs are safe.\n */\nasync function repairMissingCredentialAccounts(db: D1Database): Promise<void> {\n const { results } = await db.prepare(`\n SELECT u.id, u.password_hash\n FROM auth_user u\n WHERE u.password_hash IS NOT NULL AND u.password_hash != ''\n AND NOT EXISTS (\n SELECT 1 FROM auth_account a\n WHERE a.user_id = u.id AND a.provider_id = 'credential'\n )\n `).all()\n\n if (!results.length) return\n\n console.log(`[Bootstrap] Repairing ${results.length} user(s) missing credential auth_account rows`)\n const nowSec = Math.floor(Date.now() / 1000)\n for (const user of results as Array<{ id: string; password_hash: string }>) {\n await db.prepare(`\n INSERT OR IGNORE INTO auth_account (id, user_id, account_id, provider_id, password, created_at, updated_at)\n VALUES (?, ?, ?, 'credential', ?, ?, ?)\n `).bind(`cred-${user.id}`, user.id, user.id, user.password_hash, nowSec, nowSec).run()\n }\n console.log(`[Bootstrap] Credential account repair complete (${results.length} repaired)`)\n}\n","import { sign, verify } from 'hono/jwt'\nimport { Context, Next } from 'hono'\nimport { getCookie, setCookie } from 'hono/cookie'\nimport { RbacService } from '../services/rbac'\n\ntype JWTPayload = {\n userId: string\n email: string\n role: string\n exp: number\n iat: number\n}\n\n// Fallback JWT secret for local development only (no wrangler secret set)\nconst JWT_SECRET_FALLBACK = 'your-super-secret-jwt-key-change-in-production'\n\n// Default JWT TTL: 30 days. Can be overridden via JWT_EXPIRES_IN env var.\nconst DEFAULT_JWT_EXPIRES_IN_SECONDS = 60 * 60 * 24 * 30\n\n/**\n * Parse a TTL string like \"30d\", \"12h\", \"3600s\", or a bare number-of-seconds\n * into a seconds value. Returns null if the input is missing/unparseable.\n */\nfunction parseDuration(input: string | number | undefined | null): number | null {\n if (input === undefined || input === null || input === '') return null\n if (typeof input === 'number' && Number.isFinite(input) && input > 0) {\n return Math.floor(input)\n }\n const raw = String(input).trim()\n if (/^\\d+$/.test(raw)) {\n const n = parseInt(raw, 10)\n return n > 0 ? n : null\n }\n const match = raw.match(/^(\\d+)\\s*(s|sec|secs|seconds|m|min|mins|minutes|h|hr|hrs|hours|d|day|days)$/i)\n if (!match) return null\n const value = parseInt(match[1]!, 10)\n const unit = match[2]!.toLowerCase()\n if (unit.startsWith('s')) return value\n if (unit.startsWith('m')) return value * 60\n if (unit.startsWith('h')) return value * 60 * 60\n if (unit.startsWith('d')) return value * 60 * 60 * 24\n return null\n}\n\n/**\n * Resolve the JWT expiry in seconds from the environment.\n * Honors `JWT_EXPIRES_IN` (seconds or \"30d\"/\"12h\"/\"3600s\") with a 30-day default.\n */\nexport function getJwtExpirySeconds(env?: Record<string, any> | null): number {\n const configured = parseDuration(env?.JWT_EXPIRES_IN)\n return configured ?? DEFAULT_JWT_EXPIRES_IN_SECONDS\n}\n\n/**\n * Resolve the JWT expiry in seconds. Precedence: `JWT_EXPIRES_IN` env var\n * (authoritative ceiling) → `settings.security.jwtExpiresIn` DB value\n * (admin-configurable) → 30-day default.\n *\n * The env var wins so operators can cap runtime overrides — admins can adjust\n * the TTL from /admin/settings/security, but an env var, if set, always wins.\n * DB failures fall back to env/default so auth never breaks if the settings\n * table is unreachable.\n */\nexport async function getJwtExpirySecondsFromDb(\n db: { prepare: (query: string) => any } | null | undefined,\n env?: Record<string, any> | null\n): Promise<number> {\n const envParsed = parseDuration(env?.JWT_EXPIRES_IN)\n if (envParsed) return envParsed\n\n if (db) {\n try {\n const row = await db\n .prepare(\"SELECT data FROM documents WHERE type_id = 'site_settings' AND slug = 'security' AND tenant_id = 'default' AND is_current_draft = 1 AND deleted_at IS NULL\")\n .first() as { data: string } | null\n if (row?.data) {\n const data = JSON.parse(row.data)\n const parsed = parseDuration(data.jwtExpiresIn)\n if (parsed) return parsed\n }\n } catch (err) {\n console.warn('Failed to read jwtExpiresIn from settings, falling back to default:', err)\n }\n }\n return DEFAULT_JWT_EXPIRES_IN_SECONDS\n}\n\n/**\n * Resolve the refresh grace window (seconds) for `/auth/refresh`. Precedence:\n * `JWT_REFRESH_GRACE_SECONDS` env var → `settings.security.jwtRefreshGraceSeconds`\n * DB value → 7-day default.\n */\nexport async function getJwtRefreshGraceSecondsFromDb(\n db: { prepare: (query: string) => any } | null | undefined,\n env?: Record<string, any> | null\n): Promise<number> {\n const DEFAULT_GRACE = 60 * 60 * 24 * 7\n const envParsed = parseDuration(env?.JWT_REFRESH_GRACE_SECONDS)\n if (envParsed) return envParsed\n\n if (db) {\n try {\n const row = await db\n .prepare(\"SELECT data FROM documents WHERE type_id = 'site_settings' AND slug = 'security' AND tenant_id = 'default' AND is_current_draft = 1 AND deleted_at IS NULL\")\n .first() as { data: string } | null\n if (row?.data) {\n const data = JSON.parse(row.data)\n const parsed = parseDuration(data.jwtRefreshGraceSeconds?.toString())\n if (parsed) return parsed\n }\n } catch (err) {\n console.warn('Failed to read jwtRefreshGraceSeconds from settings:', err)\n }\n }\n return DEFAULT_GRACE\n}\n\n/**\n * Decode a JWT payload without verifying the signature. Returns null on any\n * parsing failure. Callers MUST independently verify the signature before\n * trusting this value — used from the grace-window refresh path where the\n * signature is verified explicitly via `verifyHs256Signature`.\n */\nfunction decodeJwtPayload(token: string): JWTPayload | null {\n try {\n const parts = token.split('.')\n if (parts.length !== 3) return null\n const b64 = parts[1]!.replace(/-/g, '+').replace(/_/g, '/')\n const padded = b64 + '='.repeat((4 - (b64.length % 4)) % 4)\n const json = atob(padded)\n const obj = JSON.parse(json)\n if (!obj || typeof obj.exp !== 'number') return null\n return obj as JWTPayload\n } catch {\n return null\n }\n}\n\nfunction base64UrlToBytes(b64url: string): Uint8Array {\n const b64 = b64url.replace(/-/g, '+').replace(/_/g, '/')\n const padded = b64 + '='.repeat((4 - (b64.length % 4)) % 4)\n const bin = atob(padded)\n const bytes = new Uint8Array(bin.length)\n for (let i = 0; i < bin.length; i++) bytes[i] = bin.charCodeAt(i)\n return bytes\n}\n\n/**\n * Verify a JWT's HS256 signature using Web Crypto, independent of hono/jwt.\n * Returns true iff the signature matches the header.payload portion.\n */\nasync function verifyHs256Signature(token: string, secret: string): Promise<boolean> {\n try {\n const parts = token.split('.')\n if (parts.length !== 3) return false\n const encoder = new TextEncoder()\n const key = await crypto.subtle.importKey(\n 'raw',\n encoder.encode(secret),\n { name: 'HMAC', hash: 'SHA-256' },\n false,\n ['verify']\n )\n const signature = base64UrlToBytes(parts[2]!)\n const message = encoder.encode(`${parts[0]}.${parts[1]}`)\n return await crypto.subtle.verify('HMAC', key, signature, message)\n } catch {\n return false\n }\n}\n\nexport class AuthManager {\n static async generateToken(\n userId: string,\n email: string,\n role: string,\n secret?: string,\n expiresInSeconds?: number\n ): Promise<string> {\n const ttl = expiresInSeconds && expiresInSeconds > 0\n ? Math.floor(expiresInSeconds)\n : DEFAULT_JWT_EXPIRES_IN_SECONDS\n const now = Math.floor(Date.now() / 1000)\n const payload: JWTPayload = {\n userId,\n email,\n role,\n exp: now + ttl,\n iat: now\n }\n\n return await sign(payload, secret || JWT_SECRET_FALLBACK, 'HS256')\n }\n\n /**\n * Verify a token's signature and expiration.\n *\n * IMPORTANT: pass the `JWT_SECRET` binding (e.g. `c.env.JWT_SECRET`) as the\n * `secret` argument. If omitted, this falls back to a development-only\n * placeholder secret — tokens signed with the real `JWT_SECRET` will then\n * silently fail verification. From inside a Hono handler prefer\n * `AuthManager.verifyAuthRequest(c)`, which handles header/cookie extraction\n * and pulls the secret from `c.env` for you.\n *\n * If `graceSeconds` > 0, tokens whose `exp` is within the grace window\n * (i.e. expired by no more than `graceSeconds`) are still returned. This\n * supports a sliding-session refresh endpoint that accepts recently-expired\n * tokens. Signature failures always return null.\n */\n static async verifyToken(\n token: string,\n secret?: string,\n graceSeconds: number = 0\n ): Promise<JWTPayload | null> {\n const effectiveSecret = secret || JWT_SECRET_FALLBACK\n try {\n let payload: JWTPayload | null = null\n try {\n payload = await verify(token, effectiveSecret, 'HS256') as JWTPayload\n } catch (verifyError: any) {\n // hono/jwt checks `exp` before signature, so a bad-signature token\n // that happens to be expired will throw JwtTokenExpired here. For\n // the grace window, we still require a valid HS256 signature before\n // accepting the payload.\n const name = verifyError?.name || ''\n const message = String(verifyError?.message || '')\n const isExpired = name === 'JwtTokenExpired' || message.includes('expired')\n if (!isExpired || graceSeconds <= 0) {\n throw verifyError\n }\n const signatureValid = await verifyHs256Signature(token, effectiveSecret)\n if (!signatureValid) return null\n const decoded = decodeJwtPayload(token)\n if (!decoded) return null\n payload = decoded\n }\n\n if (!payload) return null\n\n const now = Math.floor(Date.now() / 1000)\n if (payload.exp < now - Math.max(0, Math.floor(graceSeconds))) {\n return null\n }\n\n return payload\n } catch (error) {\n console.error('Token verification failed:', error)\n return null\n }\n }\n\n /**\n * Verify the JWT on an incoming Hono request using the `JWT_SECRET`\n * binding from `c.env`. Reads the token from the `Authorization: Bearer …`\n * header first, then falls back to the `auth_token` cookie. Returns the\n * decoded payload, or null when the token is missing, malformed, expired,\n * or signed with a different secret.\n *\n * Use this from custom Hono routes mounted alongside SonicJS — it\n * resolves the secret the same way `requireAuth()` does, without forcing\n * the caller to plumb it through manually.\n */\n static async verifyAuthRequest(c: Context): Promise<JWTPayload | null> {\n let token = c.req.header('Authorization')?.replace('Bearer ', '')\n if (!token) {\n token = getCookie(c, 'auth_token')\n }\n if (!token) return null\n const secret = (c.env as any)?.JWT_SECRET\n return await AuthManager.verifyToken(token, secret)\n }\n\n static async hashPassword(password: string): Promise<string> {\n const iterations = 100000\n const salt = new Uint8Array(16)\n crypto.getRandomValues(salt)\n\n const encoder = new TextEncoder()\n const keyMaterial = await crypto.subtle.importKey(\n 'raw',\n encoder.encode(password),\n 'PBKDF2',\n false,\n ['deriveBits']\n )\n\n const hashBuffer = await crypto.subtle.deriveBits(\n {\n name: 'PBKDF2',\n salt,\n iterations,\n hash: 'SHA-256'\n },\n keyMaterial,\n 256\n )\n\n const saltHex = Array.from(salt).map(b => b.toString(16).padStart(2, '0')).join('')\n const hashHex = Array.from(new Uint8Array(hashBuffer)).map(b => b.toString(16).padStart(2, '0')).join('')\n\n return `pbkdf2:${iterations}:${saltHex}:${hashHex}`\n }\n\n static async hashPasswordLegacy(password: string): Promise<string> {\n const encoder = new TextEncoder()\n const data = encoder.encode(password + 'salt-change-in-production')\n const hashBuffer = await crypto.subtle.digest('SHA-256', data)\n const hashArray = Array.from(new Uint8Array(hashBuffer))\n return hashArray.map(b => b.toString(16).padStart(2, '0')).join('')\n }\n\n static async verifyPassword(password: string, storedHash: string): Promise<boolean> {\n if (storedHash.startsWith('pbkdf2:')) {\n // PBKDF2 format: pbkdf2:<iterations>:<salt_hex>:<hash_hex>\n const parts = storedHash.split(':')\n if (parts.length !== 4) return false\n\n const iterationsStr = parts[1]!\n const saltHex = parts[2]!\n const expectedHashHex = parts[3]!\n const iterations = parseInt(iterationsStr, 10)\n\n const saltBytes = saltHex.match(/.{2}/g)\n if (!saltBytes) return false\n const salt = new Uint8Array(saltBytes.map(byte => parseInt(byte, 16)))\n\n const encoder = new TextEncoder()\n const keyMaterial = await crypto.subtle.importKey(\n 'raw',\n encoder.encode(password),\n 'PBKDF2',\n false,\n ['deriveBits']\n )\n\n const hashBuffer = await crypto.subtle.deriveBits(\n {\n name: 'PBKDF2',\n salt,\n iterations,\n hash: 'SHA-256'\n },\n keyMaterial,\n 256\n )\n\n const actualHashHex = Array.from(new Uint8Array(hashBuffer)).map(b => b.toString(16).padStart(2, '0')).join('')\n\n // Constant-time comparison\n if (actualHashHex.length !== expectedHashHex.length) return false\n let result = 0\n for (let i = 0; i < actualHashHex.length; i++) {\n result |= actualHashHex.charCodeAt(i) ^ expectedHashHex.charCodeAt(i)\n }\n return result === 0\n }\n\n // Legacy SHA-256 format (no colons in hash)\n const legacyHash = await this.hashPasswordLegacy(password)\n // Constant-time comparison for legacy too\n if (legacyHash.length !== storedHash.length) return false\n let result = 0\n for (let i = 0; i < legacyHash.length; i++) {\n result |= legacyHash.charCodeAt(i) ^ storedHash.charCodeAt(i)\n }\n return result === 0\n }\n\n static isLegacyHash(storedHash: string): boolean {\n return !storedHash.startsWith('pbkdf2:')\n }\n\n /**\n * Set authentication cookie - useful for plugins implementing alternative auth methods\n * @param c - Hono context\n * @param token - JWT token to set in cookie\n * @param options - Optional cookie configuration\n */\n static setAuthCookie(c: Context, token: string, options?: {\n maxAge?: number\n secure?: boolean\n httpOnly?: boolean\n sameSite?: 'Strict' | 'Lax' | 'None'\n }): void {\n setCookie(c, 'auth_token', token, {\n httpOnly: options?.httpOnly ?? true,\n secure: options?.secure ?? true,\n sameSite: options?.sameSite ?? 'Strict',\n maxAge: options?.maxAge ?? getJwtExpirySeconds((c as any)?.env)\n })\n }\n}\n\n// Middleware to require authentication.\n// The Better Auth session middleware (app.ts) has already populated c.get('user')\n// from the session cookie; here we just enforce its presence.\nexport const requireAuth = () => {\n return async (c: Context, next: Next) => {\n const user = c.get('user') as JWTPayload | undefined\n\n if (!user) {\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Please login to access the admin area')\n }\n return c.json({ error: 'Authentication required' }, 401)\n }\n\n return await next()\n }\n}\n\n// Middleware to require specific role. Must run after requireAuth / the session\n// middleware so c.get('user') is set.\nexport const requireRole = (requiredRole: string | string[]) => {\n return async (c: Context, next: Next) => {\n const user = c.get('user') as JWTPayload | undefined\n\n if (!user) {\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Please login to access the admin area')\n }\n return c.json({ error: 'Authentication required' }, 401)\n }\n\n const roles = Array.isArray(requiredRole) ? requiredRole : [requiredRole]\n\n if (!roles.includes(user.role)) {\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=You do not have permission to access this area')\n }\n return c.json({ error: 'Insufficient permissions' }, 403)\n }\n\n return await next()\n }\n}\n\n// Middleware to require a live RBAC grant for the signed-in user. This is the\n// dynamic replacement for legacy `users.role` checks on admin routes.\nexport const requireRbac = (resource: string, verb: string) => {\n return async (c: Context, next: Next) => {\n const user = c.get('user') as JWTPayload | undefined\n\n if (!user) {\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=Please login to access the admin area')\n }\n return c.json({ error: 'Authentication required' }, 401)\n }\n\n // Fast path: use pre-computed perms from the /admin/* middleware (avoids DB hit).\n const cachedPerms = (c as any).get('rbacPerms') as string[] | undefined\n let allowed: boolean\n if (cachedPerms !== undefined) {\n allowed = cachedPerms.includes(`${resource}:${verb}`)\n } else {\n allowed = await new RbacService((c.env as any).DB).can(user.userId, resource, verb)\n }\n\n if (!allowed) {\n const acceptHeader = c.req.header('Accept') || ''\n if (acceptHeader.includes('text/html')) {\n return c.redirect('/auth/login?error=You do not have permission to access this area')\n }\n return c.json({ error: 'Insufficient permissions' }, 403)\n }\n\n return await next()\n }\n}\n\n// Optional auth middleware. The session middleware already sets c.get('user')\n// when a valid session exists, so this is a no-op kept for API compatibility.\nexport const optionalAuth = () => {\n return async (_c: Context, next: Next) => {\n return await next()\n }\n}\n","import { MiddlewareHandler } from 'hono'\nimport { metricsTracker } from '../utils/metrics'\n\n/**\n * Middleware to track all HTTP requests for real-time analytics\n * Excludes the metrics endpoint itself to avoid inflating the count\n */\nexport const metricsMiddleware = (): MiddlewareHandler => {\n return async (c, next) => {\n const path = new URL(c.req.url).pathname\n\n // Don't track the metrics endpoint itself to avoid self-inflating counts\n if (path !== '/admin/dashboard/api/metrics') {\n metricsTracker.recordRequest()\n }\n\n // Continue with the request\n await next()\n }\n}\n","/**\n * CSRF Protection Middleware — Signed Double-Submit Cookie\n *\n * Stateless CSRF protection for Cloudflare Workers (no session store needed).\n * Token format: `<nonce>.<hmac>` where HMAC-SHA256 is keyed with JWT_SECRET.\n *\n * Flow:\n * GET — ensureCsrfCookie(): reuse existing valid cookie or set a new one\n * POST/PUT/DELETE/PATCH — validate X-CSRF-Token header === csrf_token cookie, HMAC valid\n *\n * Exempt:\n * - Safe methods (GET, HEAD, OPTIONS)\n * - Auth routes that create sessions (/auth/login*, /auth/register*, etc.)\n * - Public form submissions (/forms/*, /api/forms/*) — NOT /admin/forms/*\n * - Requests with no auth_token cookie (Bearer-only or API-key-only)\n */\n\nimport type { Context, Next } from 'hono'\nimport { getCookie, setCookie } from 'hono/cookie'\n\n// Fallback secret — mirrors auth.ts behavior for local dev without wrangler secret\nconst JWT_SECRET_FALLBACK = 'your-super-secret-jwt-key-change-in-production'\n\n// ============================================================================\n// Helpers\n// ============================================================================\n\n/** Convert ArrayBuffer to URL-safe base64 (no padding). */\nexport function arrayBufferToBase64Url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer)\n let binary = ''\n for (let i = 0; i < bytes.length; i++) {\n binary += String.fromCharCode(bytes[i]!)\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '')\n}\n\n/** Import a string key for HMAC-SHA256. */\nasync function getHmacKey(secret: string): Promise<CryptoKey> {\n const encoder = new TextEncoder()\n return crypto.subtle.importKey(\n 'raw',\n encoder.encode(secret),\n { name: 'HMAC', hash: 'SHA-256' },\n false,\n ['sign', 'verify']\n )\n}\n\n// ============================================================================\n// Token Generation & Validation\n// ============================================================================\n\n/**\n * Generate a signed CSRF token: `<nonce>.<hmac_signature>`\n * - nonce = 32 random bytes, base64url-encoded\n * - signature = HMAC-SHA256(nonce, secret), base64url-encoded\n */\nexport async function generateCsrfToken(secret: string): Promise<string> {\n const nonceBytes = new Uint8Array(32)\n crypto.getRandomValues(nonceBytes)\n const nonce = arrayBufferToBase64Url(nonceBytes.buffer)\n\n const key = await getHmacKey(secret)\n const encoder = new TextEncoder()\n const signatureBuffer = await crypto.subtle.sign('HMAC', key, encoder.encode(nonce))\n const signature = arrayBufferToBase64Url(signatureBuffer)\n\n return `${nonce}.${signature}`\n}\n\n/**\n * Validate a signed CSRF token.\n *\n * Checks that the token has the correct `<nonce>.<signature>` format and that\n * the HMAC signature is valid for the given secret. Uses crypto.subtle.verify\n * which provides constant-time comparison.\n *\n * NOTE: No expiry check here — by design. The security property of signed\n * double-submit comes from the unpredictability of the nonce + the\n * secret-bound HMAC, not from time-bounding. The cookie's maxAge (86400s)\n * handles expiry at the browser level.\n */\nexport async function validateCsrfToken(token: string, secret: string): Promise<boolean> {\n if (!token || typeof token !== 'string') return false\n\n const dotIndex = token.indexOf('.')\n if (dotIndex === -1) return false\n\n const nonce = token.substring(0, dotIndex)\n const signature = token.substring(dotIndex + 1)\n\n if (!nonce || !signature) return false\n\n try {\n const key = await getHmacKey(secret)\n const encoder = new TextEncoder()\n\n // Decode the signature from base64url\n const sigPadded = signature.replace(/-/g, '+').replace(/_/g, '/')\n const sigBinary = atob(sigPadded)\n const sigBytes = new Uint8Array(sigBinary.length)\n for (let i = 0; i < sigBinary.length; i++) {\n sigBytes[i] = sigBinary.charCodeAt(i)\n }\n\n // crypto.subtle.verify is constant-time\n return await crypto.subtle.verify('HMAC', key, sigBytes.buffer, encoder.encode(nonce))\n } catch {\n return false\n }\n}\n\n// ============================================================================\n// Default Exempt Paths\n// ============================================================================\n\nconst DEFAULT_EXEMPT_PATHS = [\n '/auth/login',\n '/auth/register',\n '/auth/seed-admin',\n '/test-seed-defaults',\n '/test-cleanup',\n '/auth/accept-invitation',\n '/auth/reset-password',\n '/auth/request-password-reset',\n '/auth/otp',\n '/auth/magic-link',\n '/auth/sign-out',\n '/auth/sign-in',\n '/auth/sign-up',\n '/auth/get-session',\n '/auth/verify',\n '/api/stripe/webhook',\n '/api/events',\n]\n\n/**\n * Check whether a request path is exempt from CSRF validation.\n * - Exact match or startsWith for auth routes (e.g. /auth/login/form)\n * - /forms/* and /api/forms/* are exempt (public submissions)\n * - /api/search* is exempt (read-only POST for complex query params)\n * - /admin/forms/* is NOT exempt\n */\nfunction isExemptPath(path: string, extraExemptPaths: string[] = []): boolean {\n // Public form routes — NOT /admin/forms/*\n if (path.startsWith('/forms/') || path.startsWith('/api/forms/') || path === '/forms' || path === '/api/forms') {\n return true\n }\n\n // Search API — read-only POST (includes /api/search/click, /api/search/facet-click)\n if (path.startsWith('/api/search')) {\n return true\n }\n\n const allExempt = [...DEFAULT_EXEMPT_PATHS, ...extraExemptPaths]\n for (const exempt of allExempt) {\n if (path === exempt || path.startsWith(exempt + '/')) {\n return true\n }\n }\n\n return false\n}\n\n// ============================================================================\n// Middleware\n// ============================================================================\n\nexport interface CsrfOptions {\n /** Additional paths to exempt from CSRF validation. */\n exemptPaths?: string[]\n}\n\n/**\n * CSRF protection middleware (Signed Double-Submit Cookie).\n *\n * - GET/HEAD/OPTIONS: ensure a valid csrf_token cookie exists\n * - POST/PUT/DELETE/PATCH: validate X-CSRF-Token header matches cookie, HMAC valid\n * - Exempt: auth routes, public /forms/*, Bearer-only, API-key-only\n */\nexport function csrfProtection(options: CsrfOptions = {}) {\n return async (c: Context, next: Next): Promise<Response | void> => {\n const method = c.req.method.toUpperCase()\n const path = new URL(c.req.url).pathname\n const secret = c.env?.JWT_SECRET || JWT_SECRET_FALLBACK\n\n // Warn if using fallback secret in production\n if (c.env?.ENVIRONMENT === 'production' && !c.env?.JWT_SECRET) {\n console.warn(\n '[CSRF] WARNING: JWT_SECRET is not set in production. ' +\n 'CSRF tokens are signed with the fallback key, which is insecure.'\n )\n }\n\n // Safe methods — just ensure cookie, then pass through\n if (method === 'GET' || method === 'HEAD' || method === 'OPTIONS') {\n await ensureCsrfCookie(c, secret)\n await next()\n return\n }\n\n // Exempt paths — pass through without validation\n if (isExemptPath(path, options.exemptPaths)) {\n await next()\n return\n }\n\n // Bearer-only or API-key-only requests (no auth_token cookie) — exempt\n const authCookie = getCookie(c, 'auth_token')\n if (!authCookie) {\n await next()\n return\n }\n\n // Requests with an Authorization header use token-based auth — the cookie\n // is incidental and CSRF protection is unnecessary (the attacker cannot\n // forge the Authorization header from a cross-origin page).\n const authHeader = c.req.header('Authorization')\n if (authHeader) {\n await next()\n return\n }\n\n // State-changing request with cookie auth — validate CSRF\n const cookieToken = getCookie(c, 'csrf_token')\n let headerToken = c.req.header('X-CSRF-Token')\n\n // Fallback: check _csrf field in form-encoded body (regular HTML form submissions)\n if (!headerToken) {\n const contentType = c.req.header('Content-Type') || ''\n if (contentType.includes('application/x-www-form-urlencoded') || contentType.includes('multipart/form-data')) {\n try {\n const body = await c.req.parseBody()\n headerToken = body['_csrf'] as string | undefined\n } catch {\n // Body not parseable — leave headerToken undefined\n }\n }\n }\n\n if (!cookieToken || !headerToken) {\n return csrfError(c, 'CSRF token missing')\n }\n\n if (cookieToken !== headerToken) {\n return csrfError(c, 'CSRF token mismatch')\n }\n\n const isValid = await validateCsrfToken(cookieToken, secret)\n if (!isValid) {\n return csrfError(c, 'CSRF token invalid')\n }\n\n await next()\n }\n}\n\n/**\n * Ensure a valid CSRF cookie exists. Check-then-reuse: if the existing cookie\n * has a valid HMAC signature, reuse it (no new Set-Cookie header). Only\n * generate a fresh token when the cookie is missing or has an invalid signature.\n */\nasync function ensureCsrfCookie(c: Context, secret: string): Promise<void> {\n const existing = getCookie(c, 'csrf_token')\n\n if (existing) {\n const isValid = await validateCsrfToken(existing, secret)\n if (isValid) {\n // Reuse existing valid token — no Set-Cookie needed\n c.set('csrfToken', existing)\n return\n }\n }\n\n // Generate fresh token\n const token = await generateCsrfToken(secret)\n c.set('csrfToken', token)\n\n const isDev = c.env?.ENVIRONMENT === 'development' || !c.env?.ENVIRONMENT\n setCookie(c, 'csrf_token', token, {\n httpOnly: false, // JS must read this cookie\n secure: !isDev,\n sameSite: 'Strict',\n path: '/',\n maxAge: 86400, // 24 hours — browser-side expiry\n })\n}\n\n/** Return a 403 CSRF error — HTML for browser requests, JSON for API. */\nfunction csrfError(c: Context, message: string): Response {\n const accept = c.req.header('Accept') || ''\n if (accept.includes('text/html')) {\n return c.html(\n `<!DOCTYPE html><html><head><title>403 Forbidden</title></head>` +\n `<body><h1>403 Forbidden</h1><p>${message}</p></body></html>`,\n 403\n )\n }\n return c.json({ error: message, status: 403 }, 403)\n}\n","import { Context, Next } from 'hono'\n\ninterface RateLimitOptions {\n max: number\n windowMs: number\n keyPrefix: string\n}\n\ninterface RateLimitEntry {\n count: number\n resetAt: number\n}\n\n/**\n * KV-based sliding window rate limiter middleware.\n * Gracefully skips if CACHE_KV binding is not available.\n */\nexport function rateLimit(options: RateLimitOptions) {\n const { max, windowMs, keyPrefix } = options\n\n return async (c: Context, next: Next) => {\n const kv = (c.env as any)?.CACHE_KV\n if (!kv) {\n // No KV binding available — skip rate limiting\n return await next()\n }\n\n const ip = c.req.header('cf-connecting-ip') || c.req.header('x-forwarded-for') || 'unknown'\n const key = `ratelimit:${keyPrefix}:${ip}`\n\n try {\n const now = Date.now()\n const stored = await kv.get(key, 'json') as RateLimitEntry | null\n\n let entry: RateLimitEntry\n if (stored && stored.resetAt > now) {\n entry = stored\n } else {\n entry = { count: 0, resetAt: now + windowMs }\n }\n\n entry.count++\n\n // Calculate TTL in seconds (KV expiration)\n const ttlSeconds = Math.ceil((entry.resetAt - now) / 1000)\n\n if (entry.count > max) {\n // Store the updated count even when rejecting\n await kv.put(key, JSON.stringify(entry), { expirationTtl: Math.max(ttlSeconds, 60) })\n\n const retryAfter = Math.ceil((entry.resetAt - now) / 1000)\n c.header('Retry-After', String(retryAfter))\n c.header('X-RateLimit-Limit', String(max))\n c.header('X-RateLimit-Remaining', '0')\n c.header('X-RateLimit-Reset', String(Math.ceil(entry.resetAt / 1000)))\n return c.json({ error: 'Too many requests. Please try again later.' }, 429)\n }\n\n await kv.put(key, JSON.stringify(entry), { expirationTtl: Math.max(ttlSeconds, 60) })\n\n c.header('X-RateLimit-Limit', String(max))\n c.header('X-RateLimit-Remaining', String(max - entry.count))\n c.header('X-RateLimit-Reset', String(Math.ceil(entry.resetAt / 1000)))\n\n return await next()\n } catch (error) {\n // Rate limiting should never break the app\n console.error('Rate limiter error (non-fatal):', error)\n return await next()\n }\n }\n}\n","import { Context, Next } from 'hono'\n\n/**\n * Security headers middleware.\n * Sets standard security headers on every response.\n * Skips HSTS in development to avoid local dev issues.\n */\nexport const securityHeadersMiddleware = () => {\n return async (c: Context, next: Next) => {\n await next()\n\n c.header('X-Content-Type-Options', 'nosniff')\n c.header('X-Frame-Options', 'SAMEORIGIN')\n c.header('Referrer-Policy', 'strict-origin-when-cross-origin')\n c.header('Permissions-Policy', 'camera=(), microphone=(), geolocation=()')\n\n // Only set HSTS in non-development environments\n const environment = (c.env as any)?.ENVIRONMENT\n if (environment !== 'development') {\n c.header('Strict-Transport-Security', 'max-age=31536000; includeSubDomains')\n }\n }\n}\n","/**\n * Plugin Middleware\n *\n * Provides middleware functions for checking plugin status and enforcing plugin requirements\n */\n\nimport type { D1Database } from '@cloudflare/workers-types'\n\n/**\n * Check if a plugin is active\n * @param db - The D1 database instance\n * @param pluginId - The plugin ID to check\n * @returns Promise<boolean> - True if the plugin is active, false otherwise\n */\nexport async function isPluginActive(db: D1Database, pluginId: string): Promise<boolean> {\n try {\n // documents table is the authoritative source — PluginService writes here on install/activate.\n // Sidebar nav uses the same query pattern; plugins table is unreliable (may not exist).\n const docResult = await db\n .prepare(\n `SELECT json_extract(data, '$.status') as status FROM documents\n WHERE slug = ? AND type_id = 'plugin' AND tenant_id = 'default'\n AND is_current_draft = 1 AND deleted_at IS NULL`\n )\n .bind(pluginId)\n .first()\n return (docResult as any)?.status === 'active'\n } catch (error) {\n console.error(`[isPluginActive] Error checking plugin status for ${pluginId}:`, error)\n return false\n }\n}\n\n/**\n * Middleware to require a plugin to be active\n * Throws an error if the plugin is not active\n * @param db - The D1 database instance\n * @param pluginId - The plugin ID to check\n * @throws Error if plugin is not active\n */\nexport async function requireActivePlugin(db: D1Database, pluginId: string): Promise<void> {\n const isActive = await isPluginActive(db, pluginId)\n if (!isActive) {\n throw new Error(`Plugin '${pluginId}' is required but is not active`)\n }\n}\n\n/**\n * Middleware to require multiple plugins to be active\n * Throws an error if any plugin is not active\n * @param db - The D1 database instance\n * @param pluginIds - Array of plugin IDs to check\n * @throws Error if any plugin is not active\n */\nexport async function requireActivePlugins(db: D1Database, pluginIds: string[]): Promise<void> {\n for (const pluginId of pluginIds) {\n await requireActivePlugin(db, pluginId)\n }\n}\n\n/**\n * Get all active plugins\n * @param db - The D1 database instance\n * @returns Promise<any[]> - Array of active plugin records\n */\nexport async function getActivePlugins(db: D1Database): Promise<any[]> {\n try {\n const { results } = await db\n .prepare(\n `SELECT slug as id, json_extract(data, '$.status') as status, data FROM documents\n WHERE type_id = 'plugin' AND tenant_id = 'default'\n AND q_plugin_status = 'active' AND is_current_draft = 1 AND deleted_at IS NULL`\n )\n .all()\n\n return results || []\n } catch (error) {\n console.error('[getActivePlugins] Error fetching active plugins:', error)\n return []\n }\n}\n","/**\n * Middleware Module Exports\n *\n * Request processing middleware for SonicJS\n *\n * Note: Most middleware is currently in the monolith and will be migrated later.\n * For now, we only export the bootstrap middleware which is used for system initialization.\n */\n\n// Bootstrap middleware\nexport { bootstrapMiddleware, verifySecurityConfig } from './bootstrap'\n\n// Auth middleware\nexport {\n AuthManager,\n requireAuth,\n requireRole,\n optionalAuth,\n getJwtExpirySeconds,\n getJwtExpirySecondsFromDb,\n getJwtRefreshGraceSecondsFromDb,\n} from './auth'\n\n// Metrics middleware\nexport { metricsMiddleware } from './metrics'\n\n// CSRF protection middleware\nexport { csrfProtection, generateCsrfToken, validateCsrfToken } from './csrf'\n\n// Rate limiting middleware\nexport { rateLimit } from './rate-limit'\n\n// Re-export types and functions that are referenced but implemented in monolith\n// These are placeholder exports to maintain API compatibility\nexport type Permission = string\nexport type UserPermissions = {\n userId: string\n permissions: Permission[]\n}\n\n// Middleware stubs - these return pass-through middleware that call next()\nexport const loggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const detailedLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const securityLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const performanceLoggingMiddleware: any = () => async (_c: any, next: any) => await next()\nexport const cacheHeaders: any = () => async (_c: any, next: any) => await next()\nexport const compressionMiddleware: any = async (_c: any, next: any) => await next()\nexport { securityHeadersMiddleware as securityHeaders } from './security-headers'\n\n// Other stubs\nexport const PermissionManager: any = {}\nexport const requirePermission: any = () => async (_c: any, next: any) => await next()\nexport const requireAnyPermission: any = () => async (_c: any, next: any) => await next()\nexport const logActivity: any = () => {}\nexport { requireActivePlugin, requireActivePlugins, getActivePlugins, isPluginActive } from './plugin-middleware'\n"]}