@spring-systems/server 0.8.0

package/CHANGELOG.md

@@ -0,0 +1,62 @@
+# @spring-systems/server
+
+## 0.7.5
+
+### Patch Changes
+
+- Restored backward-compatible default for `createNextUIAdapter()` dynamic imports (`ssr: true` by default).
+- Added `createClientOnlyNextUIAdapter()` helper for client-only apps (`ssr: false` by default).
+- Added a dev-time warning when `createNextUIAdapter()` is used without explicit `defaultDynamicSsr`, to prevent accidental SSR defaults in client-only apps.
+- Restricted `@spring-systems/server/client` exports to client-safe factories only (`createNextRouteAdapter`, `createClientOnlyNextUIAdapter`).
+- Applied CORS headers consistently for proxy error responses (including non-logout routes).
+- Enforced server-only root entrypoint via `import "server-only"`; client-safe adapters remain available under `@spring-systems/server/client`.
+- Updated docs to use explicit `defaultDynamicSsr` in SSR-oriented adapter examples.
+- Added dedicated `@spring-systems/server/client` export for client-only adapter imports.
+- Refactored API route internals by extracting shared utility helpers from `api-route-handler`.
+- Updated dependencies
+    - @spring-systems/core@0.7.5
+    - @spring-systems/ui@0.7.5
+
+## 0.7.4
+
+### Patch Changes
+
+- Dependency updates and version alignment.
+- Updated dependencies
+    - @spring-systems/core@0.7.4
+    - @spring-systems/ui@0.7.4
+
+## 0.7.3
+
+### Patch Changes
+
+- Updated dependencies
+    - @spring-systems/ui@0.7.3
+    - @spring-systems/core@0.7.3
+
+## 0.7.2
+
+### Patch Changes
+
+- Improve package documentation, onboarding navigation, and npm-published docs coverage.
+- Updated dependencies
+    - @spring-systems/core@0.7.2
+    - @spring-systems/ui@0.7.2
+
+## 0.7.1
+
+### Patch Changes
+
+- Align package documentation with repository docs and enforce docs quality checks in release workflow.
+- Updated dependencies
+    - @spring-systems/core@0.7.1
+    - @spring-systems/ui@0.7.1
+
+## 0.7.0
+
+### Patch Changes
+
+- Initial npm registry release
+- Updated dependencies
+    - @spring-systems/core@0.7.0
+    - @spring-systems/ui@0.7.0

package/LICENSE

@@ -0,0 +1,8 @@
+Copyright (c) 2024-2026 The Authors
+
+All rights reserved.
+
+This software and associated documentation are proprietary and confidential.
+No rights are granted except as expressly agreed in writing by the copyright holder(s).
+Use, copying, modification, distribution, sublicensing, publication, or disclosure
+without prior written permission is prohibited.

package/README.md

@@ -0,0 +1,94 @@
+# @spring-systems/server
+
+Next.js server-side integration for the Spring Systems SPRING framework. This package keeps the browser-to-backend boundary explicit: proxying, runtime env exposure, security headers, and server adapters live here instead of leaking into app code.
+
+## When To Use It
+
+Use this package when the app should talk to the backend through Next.js rather than directly from the browser.
+
+- use it for proxy routes, runtime environment bootstrap, server adapters, and security headers
+- skip it for client-side rendering or reusable UI behavior
+
+## Install
+
+```bash
+pnpm add @spring-systems/server @spring-systems/core @spring-systems/ui
+```
+
+## Quick Start
+
+Three files wire the server layer into a Next.js 16 app:
+
+```ts
+// src/proxy.ts — replaces middleware.ts in Next.js 16
+import "@/project-config";
+export { proxy } from "@spring-systems/server/proxy";
+
+export const config = {
+    matcher: ["/((?!_next/static|_next/image|favicon.ico|sitemap.xml|robots.txt|api/health).*)"],
+};
+```
+
+```ts
+// app/api/[...path]/route.ts
+export { GET, POST, PUT, DELETE, PATCH, OPTIONS } from "@spring-systems/server/api-handler";
+```
+
+```tsx
+// app/layout.tsx
+import { RuntimeEnvScript } from "@spring-systems/server/runtime-env";
+import { createNextRouteAdapter, createNextUIAdapter } from "@spring-systems/server/adapters";
+import { SpringProvider } from "@spring-systems/ui/components";
+
+export default function RootLayout({ children }) {
+    return (
+        <html>
+            <body>
+                <RuntimeEnvScript />
+                <SpringProvider
+                    config={{}}
+                    adapters={{
+                        route: createNextRouteAdapter(),
+                        ui: createNextUIAdapter({ defaultDynamicSsr: true }),
+                    }}
+                >
+                    {children}
+                </SpringProvider>
+            </body>
+        </html>
+    );
+}
+```
+
+The `@/project-config` side-effect import must come first — it registers framework settings (CSP, blocked paths, capabilities) before the proxy reads them.
+
+## Entry Points
+
+| Import path                               | Use it for                      |
+| ----------------------------------------- | ------------------------------- |
+| `@spring-systems/server/api-handler`      | API route handlers              |
+| `@spring-systems/server/runtime-env`      | Runtime environment bootstrap   |
+| `@spring-systems/server/adapters`         | Next.js adapter factories       |
+| `@spring-systems/server/client`           | Client-safe adapter helpers     |
+| `@spring-systems/server/proxy`            | Proxy middleware                |
+| `@spring-systems/server/rate-limiter`     | Rate limiting helpers           |
+| `@spring-systems/server/handlers`         | Shared request handlers         |
+| `@spring-systems/server/security-headers` | CSP and security header helpers |
+
+## Compatibility
+
+Requires **Next.js 16** and **React 19**. Peer dependencies: `@spring-systems/core`, `@spring-systems/ui`.
+
+## Boundary Rules
+
+- keep upstream API communication behind this package when deployment relies on cookie or CSRF protections
+- do not move browser rendering concerns here just because the consuming app uses Next.js
+- for runtime and deployment rules see [ENVIRONMENT_VARIABLES.md](https://bitbucket.org/springsystems-projects/spring-framework-frontend/blob/main/docs/ENVIRONMENT_VARIABLES.md) and [SECURITY.md](https://bitbucket.org/springsystems-projects/spring-framework-frontend/blob/main/docs/SECURITY.md) in the monorepo docs
+
+## Changelog
+
+See [CHANGELOG.md](CHANGELOG.md) for release history and breaking changes.
+
+## License
+
+UNLICENSED

package/dist/api-route-handler.d.ts

@@ -0,0 +1,49 @@
+import { NextRequest, NextResponse } from 'next/server.js';
+
+/**
+ * API proxy route handler for Next.js App Router.
+ *
+ * Proxies requests from the frontend to the backend API, handling:
+ * - Session token management (cookie-based auth)
+ * - CSRF protection and CORS headers
+ * - Login rate limiting
+ * - Request body size limits
+ * - Path normalization and version deduplication
+ *
+ * @module api-route-handler
+ */
+
+/** Handle GET requests through the API proxy. */
+declare function GET(request: NextRequest, context: {
+    params: Promise<{
+        path: string[];
+    }>;
+}): Promise<NextResponse<unknown>>;
+/** Handle POST requests through the API proxy. */
+declare function POST(request: NextRequest, context: {
+    params: Promise<{
+        path: string[];
+    }>;
+}): Promise<NextResponse<unknown>>;
+/** Handle PUT requests through the API proxy. */
+declare function PUT(request: NextRequest, context: {
+    params: Promise<{
+        path: string[];
+    }>;
+}): Promise<NextResponse<unknown>>;
+/** Handle DELETE requests through the API proxy. */
+declare function DELETE(request: NextRequest, context: {
+    params: Promise<{
+        path: string[];
+    }>;
+}): Promise<NextResponse<unknown>>;
+/** Handle PATCH requests through the API proxy. */
+declare function PATCH(request: NextRequest, context: {
+    params: Promise<{
+        path: string[];
+    }>;
+}): Promise<NextResponse<unknown>>;
+/** Handle CORS preflight requests. */
+declare function OPTIONS(request: NextRequest): Promise<NextResponse<unknown>>;
+
+export { DELETE, GET, OPTIONS, PATCH, POST, PUT };

package/dist/api-route-handler.js

@@ -0,0 +1,19 @@
+import {
+  DELETE,
+  GET,
+  OPTIONS,
+  PATCH,
+  POST,
+  PUT
+} from "./chunk-CLZU34DG.js";
+import "./chunk-FEB3UZEG.js";
+import "./chunk-7IUSTA5W.js";
+export {
+  DELETE,
+  GET,
+  OPTIONS,
+  PATCH,
+  POST,
+  PUT
+};
+//# sourceMappingURL=api-route-handler.js.map

package/dist/api-route-handler.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/chunk-7IUSTA5W.js

@@ -0,0 +1,113 @@
+// src/rate-limiter.ts
+var InMemoryRateLimiter = class {
+  ipStore = /* @__PURE__ */ new Map();
+  accountStore = /* @__PURE__ */ new Map();
+  getStore(store) {
+    return store === "ip" ? this.ipStore : this.accountStore;
+  }
+  get(store, key) {
+    return this.getStore(store).get(key) ?? null;
+  }
+  set(store, key, entry) {
+    this.getStore(store).set(key, entry);
+  }
+  delete(store, key) {
+    this.getStore(store).delete(key);
+  }
+  size(store) {
+    return this.getStore(store).size;
+  }
+  evictOldest(store, count) {
+    const map = this.getStore(store);
+    const entries = [...map.entries()].sort((a, b) => a[1].windowStartedAt - b[1].windowStartedAt);
+    for (let i = 0; i < count && i < entries.length; i++) {
+      const candidate = entries[i];
+      if (!candidate) break;
+      map.delete(candidate[0]);
+    }
+  }
+  sweepExpired(store, now, windowMs) {
+    const map = this.getStore(store);
+    for (const [key, entry] of map.entries()) {
+      const windowExpired = now - entry.windowStartedAt > windowMs;
+      const noActiveBlock = entry.blockedUntil <= now;
+      if (windowExpired && noActiveBlock) {
+        map.delete(key);
+      }
+    }
+  }
+};
+var adapter = new InMemoryRateLimiter();
+var hasWarnedInMemory = false;
+function setRateLimiterAdapter(custom) {
+  adapter = custom;
+}
+function getRateLimiterAdapter() {
+  return adapter;
+}
+function checkRateLimit(ipKey, accountKey, policy) {
+  if (!hasWarnedInMemory && adapter instanceof InMemoryRateLimiter && process.env.NODE_ENV === "production") {
+    hasWarnedInMemory = true;
+    console.warn("[server] Rate limiter is using in-memory storage in production. For multi-instance deployments, call setRateLimiterAdapter() with a shared-storage adapter.");
+  }
+  const now = Date.now();
+  const ipResult = checkSingleLimit(adapter, "ip", ipKey, policy.maxAttemptsByIpAndAccount, policy, now);
+  if (ipResult) return ipResult;
+  if (accountKey) {
+    const accountResult = checkSingleLimit(adapter, "account", accountKey, policy.maxAttemptsByAccount, policy, now);
+    if (accountResult) return accountResult;
+  }
+  return null;
+}
+function recordFailedAttempt(ipKey, accountKey, policy) {
+  const now = Date.now();
+  recordAttempt(adapter, "ip", ipKey, policy, now);
+  if (accountKey) {
+    recordAttempt(adapter, "account", accountKey, policy, now);
+  }
+}
+function clearRateLimitEntries(ipKey, accountKey) {
+  adapter.delete("ip", ipKey);
+  if (accountKey) {
+    adapter.delete("account", accountKey);
+  }
+}
+function checkSingleLimit(adap, store, key, maxAttempts, policy, now) {
+  const entry = adap.get(store, key);
+  if (!entry) return null;
+  if (entry.blockedUntil > now) {
+    const remainSec = Math.ceil((entry.blockedUntil - now) / 1e3);
+    return `Rate limited (${store}). Try again in ${remainSec}s.`;
+  }
+  if (now - entry.windowStartedAt > policy.windowMs) {
+    adap.delete(store, key);
+    return null;
+  }
+  if (entry.count >= maxAttempts) {
+    entry.blockedUntil = now + policy.blockMs;
+    adap.set(store, key, entry);
+    return `Too many attempts (${store}). Blocked for ${Math.ceil(policy.blockMs / 1e3)}s.`;
+  }
+  return null;
+}
+function recordAttempt(adap, store, key, policy, now) {
+  if (adap.size(store) >= policy.maxKeys) {
+    adap.evictOldest(store, Math.floor(policy.maxKeys * 0.1));
+  }
+  const entry = adap.get(store, key);
+  if (!entry || now - entry.windowStartedAt > policy.windowMs) {
+    adap.set(store, key, { count: 1, windowStartedAt: now, blockedUntil: 0 });
+  } else {
+    entry.count++;
+    adap.set(store, key, entry);
+  }
+}
+
+export {
+  setRateLimiterAdapter,
+  getRateLimiterAdapter,
+  checkRateLimit,
+  recordFailedAttempt,
+  clearRateLimitEntries
+};
+//# sourceMappingURL=chunk-7IUSTA5W.js.map

package/dist/chunk-7IUSTA5W.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/rate-limiter.ts"],"sourcesContent":["/**\n * Pluggable rate limiter for API proxy authentication.\n *\n * The default implementation uses in-memory Maps (suitable for single-instance deployments).\n * Multi-instance deployments can replace this with a custom adapter via `setRateLimiterAdapter()`.\n *\n * @example\n * ```ts\n * import { setRateLimiterAdapter } from \"@spring-systems/server/rate-limiter\";\n * import { createCustomRateLimiter } from \"./my-rate-limiter\";\n *\n * setRateLimiterAdapter(createCustomRateLimiter());\n * ```\n *\n * @module rate-limiter\n */\n\nexport interface RateLimitEntry {\n    count: number;\n    windowStartedAt: number;\n    blockedUntil: number;\n}\n\nexport interface RateLimitPolicy {\n    windowMs: number;\n    blockMs: number;\n    maxAttemptsByIpAndAccount: number;\n    maxAttemptsByAccount: number;\n    maxKeys: number;\n}\n\n/**\n * Rate limiter adapter interface. Implementations must be async-safe.\n */\nexport interface RateLimiterAdapter {\n    /** Get the current rate limit entry for a key, or null if no entry exists. */\n    get(store: \"ip\" | \"account\", key: string): RateLimitEntry | null;\n\n    /** Set/update the rate limit entry for a key. */\n    set(store: \"ip\" | \"account\", key: string, entry: RateLimitEntry): void;\n\n    /** Delete an entry (e.g. on successful login). */\n    delete(store: \"ip\" | \"account\", key: string): void;\n\n    /** Get the total number of tracked keys (for eviction logic). */\n    size(store: \"ip\" | \"account\"): number;\n\n    /** Clear the oldest entries when maxKeys is exceeded. */\n    evictOldest(store: \"ip\" | \"account\", count: number): void;\n\n    /**\n     * Remove expired entries for a store.\n     * Optional to preserve compatibility with existing custom adapters.\n     */\n    sweepExpired?(store: \"ip\" | \"account\", now: number, windowMs: number): void;\n}\n\n// ---------------------------------------------------------------------------\n// Default in-memory implementation\n// ---------------------------------------------------------------------------\n\nclass InMemoryRateLimiter implements RateLimiterAdapter {\n    private ipStore = new Map<string, RateLimitEntry>();\n    private accountStore = new Map<string, RateLimitEntry>();\n\n    private getStore(store: \"ip\" | \"account\"): Map<string, RateLimitEntry> {\n        return store === \"ip\" ? this.ipStore : this.accountStore;\n    }\n\n    get(store: \"ip\" | \"account\", key: string): RateLimitEntry | null {\n        return this.getStore(store).get(key) ?? null;\n    }\n\n    set(store: \"ip\" | \"account\", key: string, entry: RateLimitEntry): void {\n        this.getStore(store).set(key, entry);\n    }\n\n    delete(store: \"ip\" | \"account\", key: string): void {\n        this.getStore(store).delete(key);\n    }\n\n    size(store: \"ip\" | \"account\"): number {\n        return this.getStore(store).size;\n    }\n\n    evictOldest(store: \"ip\" | \"account\", count: number): void {\n        const map = this.getStore(store);\n        const entries = [...map.entries()].sort((a, b) => a[1].windowStartedAt - b[1].windowStartedAt);\n        for (let i = 0; i < count && i < entries.length; i++) {\n            const candidate = entries[i];\n            if (!candidate) break;\n            map.delete(candidate[0]);\n        }\n    }\n\n    sweepExpired(store: \"ip\" | \"account\", now: number, windowMs: number): void {\n        const map = this.getStore(store);\n        for (const [key, entry] of map.entries()) {\n            const windowExpired = now - entry.windowStartedAt > windowMs;\n            const noActiveBlock = entry.blockedUntil <= now;\n            if (windowExpired && noActiveBlock) {\n                map.delete(key);\n            }\n        }\n    }\n}\n\n// Singleton adapter\nlet adapter: RateLimiterAdapter = new InMemoryRateLimiter();\nlet hasWarnedInMemory = false;\n\n/** Replace the default in-memory rate limiter with a custom adapter. */\nexport function setRateLimiterAdapter(custom: RateLimiterAdapter): void {\n    adapter = custom;\n}\n\n/** Get the current rate limiter adapter. */\nexport function getRateLimiterAdapter(): RateLimiterAdapter {\n    return adapter;\n}\n\n/**\n * Check if a login attempt should be rate-limited.\n * @returns A reason string if blocked, or null if allowed.\n */\nexport function checkRateLimit(\n    ipKey: string,\n    accountKey: string | null,\n    policy: RateLimitPolicy,\n): string | null {\n    if (!hasWarnedInMemory && adapter instanceof InMemoryRateLimiter && process.env.NODE_ENV === \"production\") {\n        hasWarnedInMemory = true;\n        console.warn(\"[server] Rate limiter is using in-memory storage in production. For multi-instance deployments, call setRateLimiterAdapter() with a shared-storage adapter.\");\n    }\n    const now = Date.now();\n\n    // Check IP-based limit\n    const ipResult = checkSingleLimit(adapter, \"ip\", ipKey, policy.maxAttemptsByIpAndAccount, policy, now);\n    if (ipResult) return ipResult;\n\n    // Check account-based limit\n    if (accountKey) {\n        const accountResult = checkSingleLimit(adapter, \"account\", accountKey, policy.maxAttemptsByAccount, policy, now);\n        if (accountResult) return accountResult;\n    }\n\n    return null;\n}\n\n/**\n * Record a failed login attempt.\n */\nexport function recordFailedAttempt(\n    ipKey: string,\n    accountKey: string | null,\n    policy: RateLimitPolicy,\n): void {\n    const now = Date.now();\n    recordAttempt(adapter, \"ip\", ipKey, policy, now);\n    if (accountKey) {\n        recordAttempt(adapter, \"account\", accountKey, policy, now);\n    }\n}\n\n/**\n * Clear rate limit entries for a key (e.g. on successful login).\n */\nexport function clearRateLimitEntries(ipKey: string, accountKey: string | null): void {\n    adapter.delete(\"ip\", ipKey);\n    if (accountKey) {\n        adapter.delete(\"account\", accountKey);\n    }\n}\n\n// ---------------------------------------------------------------------------\n// Internal helpers\n// ---------------------------------------------------------------------------\n\nfunction checkSingleLimit(\n    adap: RateLimiterAdapter,\n    store: \"ip\" | \"account\",\n    key: string,\n    maxAttempts: number,\n    policy: RateLimitPolicy,\n    now: number,\n): string | null {\n    const entry = adap.get(store, key);\n    if (!entry) return null;\n\n    if (entry.blockedUntil > now) {\n        const remainSec = Math.ceil((entry.blockedUntil - now) / 1000);\n        return `Rate limited (${store}). Try again in ${remainSec}s.`;\n    }\n\n    if (now - entry.windowStartedAt > policy.windowMs) {\n        adap.delete(store, key);\n        return null;\n    }\n\n    if (entry.count >= maxAttempts) {\n        entry.blockedUntil = now + policy.blockMs;\n        adap.set(store, key, entry);\n        return `Too many attempts (${store}). Blocked for ${Math.ceil(policy.blockMs / 1000)}s.`;\n    }\n\n    return null;\n}\n\nfunction recordAttempt(\n    adap: RateLimiterAdapter,\n    store: \"ip\" | \"account\",\n    key: string,\n    policy: RateLimitPolicy,\n    now: number,\n): void {\n    // Evict old entries if needed\n    if (adap.size(store) >= policy.maxKeys) {\n        adap.evictOldest(store, Math.floor(policy.maxKeys * 0.1));\n    }\n\n    const entry = adap.get(store, key);\n    if (!entry || now - entry.windowStartedAt > policy.windowMs) {\n        adap.set(store, key, { count: 1, windowStartedAt: now, blockedUntil: 0 });\n    } else {\n        entry.count++;\n        adap.set(store, key, entry);\n    }\n}\n"],"mappings":";AA6DA,IAAM,sBAAN,MAAwD;AAAA,EAC5C,UAAU,oBAAI,IAA4B;AAAA,EAC1C,eAAe,oBAAI,IAA4B;AAAA,EAE/C,SAAS,OAAsD;AACnE,WAAO,UAAU,OAAO,KAAK,UAAU,KAAK;AAAA,EAChD;AAAA,EAEA,IAAI,OAAyB,KAAoC;AAC7D,WAAO,KAAK,SAAS,KAAK,EAAE,IAAI,GAAG,KAAK;AAAA,EAC5C;AAAA,EAEA,IAAI,OAAyB,KAAa,OAA6B;AACnE,SAAK,SAAS,KAAK,EAAE,IAAI,KAAK,KAAK;AAAA,EACvC;AAAA,EAEA,OAAO,OAAyB,KAAmB;AAC/C,SAAK,SAAS,KAAK,EAAE,OAAO,GAAG;AAAA,EACnC;AAAA,EAEA,KAAK,OAAiC;AAClC,WAAO,KAAK,SAAS,KAAK,EAAE;AAAA,EAChC;AAAA,EAEA,YAAY,OAAyB,OAAqB;AACtD,UAAM,MAAM,KAAK,SAAS,KAAK;AAC/B,UAAM,UAAU,CAAC,GAAG,IAAI,QAAQ,CAAC,EAAE,KAAK,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,kBAAkB,EAAE,CAAC,EAAE,eAAe;AAC7F,aAAS,IAAI,GAAG,IAAI,SAAS,IAAI,QAAQ,QAAQ,KAAK;AAClD,YAAM,YAAY,QAAQ,CAAC;AAC3B,UAAI,CAAC,UAAW;AAChB,UAAI,OAAO,UAAU,CAAC,CAAC;AAAA,IAC3B;AAAA,EACJ;AAAA,EAEA,aAAa,OAAyB,KAAa,UAAwB;AACvE,UAAM,MAAM,KAAK,SAAS,KAAK;AAC/B,eAAW,CAAC,KAAK,KAAK,KAAK,IAAI,QAAQ,GAAG;AACtC,YAAM,gBAAgB,MAAM,MAAM,kBAAkB;AACpD,YAAM,gBAAgB,MAAM,gBAAgB;AAC5C,UAAI,iBAAiB,eAAe;AAChC,YAAI,OAAO,GAAG;AAAA,MAClB;AAAA,IACJ;AAAA,EACJ;AACJ;AAGA,IAAI,UAA8B,IAAI,oBAAoB;AAC1D,IAAI,oBAAoB;AAGjB,SAAS,sBAAsB,QAAkC;AACpE,YAAU;AACd;AAGO,SAAS,wBAA4C;AACxD,SAAO;AACX;AAMO,SAAS,eACZ,OACA,YACA,QACa;AACb,MAAI,CAAC,qBAAqB,mBAAmB,uBAAuB,QAAQ,IAAI,aAAa,cAAc;AACvG,wBAAoB;AACpB,YAAQ,KAAK,6JAA6J;AAAA,EAC9K;AACA,QAAM,MAAM,KAAK,IAAI;AAGrB,QAAM,WAAW,iBAAiB,SAAS,MAAM,OAAO,OAAO,2BAA2B,QAAQ,GAAG;AACrG,MAAI,SAAU,QAAO;AAGrB,MAAI,YAAY;AACZ,UAAM,gBAAgB,iBAAiB,SAAS,WAAW,YAAY,OAAO,sBAAsB,QAAQ,GAAG;AAC/G,QAAI,cAAe,QAAO;AAAA,EAC9B;AAEA,SAAO;AACX;AAKO,SAAS,oBACZ,OACA,YACA,QACI;AACJ,QAAM,MAAM,KAAK,IAAI;AACrB,gBAAc,SAAS,MAAM,OAAO,QAAQ,GAAG;AAC/C,MAAI,YAAY;AACZ,kBAAc,SAAS,WAAW,YAAY,QAAQ,GAAG;AAAA,EAC7D;AACJ;AAKO,SAAS,sBAAsB,OAAe,YAAiC;AAClF,UAAQ,OAAO,MAAM,KAAK;AAC1B,MAAI,YAAY;AACZ,YAAQ,OAAO,WAAW,UAAU;AAAA,EACxC;AACJ;AAMA,SAAS,iBACL,MACA,OACA,KACA,aACA,QACA,KACa;AACb,QAAM,QAAQ,KAAK,IAAI,OAAO,GAAG;AACjC,MAAI,CAAC,MAAO,QAAO;AAEnB,MAAI,MAAM,eAAe,KAAK;AAC1B,UAAM,YAAY,KAAK,MAAM,MAAM,eAAe,OAAO,GAAI;AAC7D,WAAO,iBAAiB,KAAK,mBAAmB,SAAS;AAAA,EAC7D;AAEA,MAAI,MAAM,MAAM,kBAAkB,OAAO,UAAU;AAC/C,SAAK,OAAO,OAAO,GAAG;AACtB,WAAO;AAAA,EACX;AAEA,MAAI,MAAM,SAAS,aAAa;AAC5B,UAAM,eAAe,MAAM,OAAO;AAClC,SAAK,IAAI,OAAO,KAAK,KAAK;AAC1B,WAAO,sBAAsB,KAAK,kBAAkB,KAAK,KAAK,OAAO,UAAU,GAAI,CAAC;AAAA,EACxF;AAEA,SAAO;AACX;AAEA,SAAS,cACL,MACA,OACA,KACA,QACA,KACI;AAEJ,MAAI,KAAK,KAAK,KAAK,KAAK,OAAO,SAAS;AACpC,SAAK,YAAY,OAAO,KAAK,MAAM,OAAO,UAAU,GAAG,CAAC;AAAA,EAC5D;AAEA,QAAM,QAAQ,KAAK,IAAI,OAAO,GAAG;AACjC,MAAI,CAAC,SAAS,MAAM,MAAM,kBAAkB,OAAO,UAAU;AACzD,SAAK,IAAI,OAAO,KAAK,EAAE,OAAO,GAAG,iBAAiB,KAAK,cAAc,EAAE,CAAC;AAAA,EAC5E,OAAO;AACH,UAAM;AACN,SAAK,IAAI,OAAO,KAAK,KAAK;AAAA,EAC9B;AACJ;","names":[]}