@strapi/core 0.0.0-experimental.e9303c99ae3c28b4b8421ab6971efae0748dd599 → 0.0.0-experimental.e99215433ba1d6e5497350812df274f426dbdba3

package/dist/middlewares/security.js

@@ -2,6 +2,7 @@
 
 var fp = require('lodash/fp');
 var helmet = require('koa-helmet');
+var strapiUtils = require('@strapi/utils');
 
 const defaults = {
     crossOriginEmbedderPolicy: false,
@@ -11,21 +12,7 @@ const defaults = {
     contentSecurityPolicy: {
         useDefaults: true,
         directives: {
-            'connect-src': [
-                "'self'",
-                'https:'
-            ],
-            'img-src': [
-                "'self'",
-                'data:',
-                'blob:',
-                'https://market-assets.strapi.io'
-            ],
-            'media-src': [
-                "'self'",
-                'data:',
-                'blob:'
-            ],
+            ...strapiUtils.CSP_DEFAULTS,
             upgradeInsecureRequests: null
         }
     },

package/dist/middlewares/security.js.map

@@ -1 +1 @@
-{"version":3,"file":"security.js","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n  crossOriginEmbedderPolicy: false,\n  crossOriginOpenerPolicy: false,\n  crossOriginResourcePolicy: false,\n  originAgentCluster: false,\n  contentSecurityPolicy: {\n    useDefaults: true,\n    directives: {\n      'connect-src': [\"'self'\", 'https:'],\n      'img-src': [\"'self'\", 'data:', 'blob:', 'https://market-assets.strapi.io'],\n      'media-src': [\"'self'\", 'data:', 'blob:'],\n      upgradeInsecureRequests: null,\n    },\n  },\n  xssFilter: false,\n  hsts: {\n    maxAge: 31536000,\n    includeSubDomains: true,\n  },\n  frameguard: {\n    action: 'sameorigin',\n  },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n  return mergeWith(\n    (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n    existingConfig,\n    newConfig\n  );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n  (config, { strapi }) =>\n  (ctx, next) => {\n    let helmetConfig: Config = defaultsDeep(defaults, config);\n\n    const specialPaths = ['/documentation'];\n\n    const directives: {\n      'script-src': string[];\n      'img-src': string[];\n      'manifest-src': string[];\n      'frame-src': string[];\n    } = {\n      'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n      'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n      'manifest-src': [],\n      'frame-src': [],\n    };\n\n    // if apollo graphql playground is enabled, add exceptions for it\n    if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n      const { config: gqlConfig } = strapi.plugin('graphql');\n      specialPaths.push(gqlConfig('endpoint'));\n\n      directives['script-src'].push(`https: 'unsafe-inline'`);\n      directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n      directives['manifest-src'].push(`'self'`);\n      directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n      directives['frame-src'].push(`'self'`);\n      directives['frame-src'].push('sandbox.embed.apollographql.com');\n    }\n\n    // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n    if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n      helmetConfig = mergeConfig(helmetConfig, {\n        crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n        contentSecurityPolicy: {\n          directives,\n        },\n      });\n    }\n\n    /**\n     * These are for vite's watch mode so it can accurately\n     * connect to the HMR websocket & reconnect on failure\n     * or when the server restarts.\n     *\n     * It only applies in development, and only on GET requests\n     * that are part of the admin route.\n     */\n\n    if (\n      ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n      ctx.method === 'GET' &&\n      ctx.path.startsWith(strapi.config.get('admin.path'))\n    ) {\n      helmetConfig = mergeConfig(helmetConfig, {\n        contentSecurityPolicy: {\n          directives: {\n            'script-src': [\"'self'\", \"'unsafe-inline'\"],\n            'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n          },\n        },\n      });\n    }\n\n    return helmet(helmetConfig)(ctx, next);\n  };\n"],"names":["defaults","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","originAgentCluster","contentSecurityPolicy","useDefaults","directives","upgradeInsecureRequests","xssFilter","hsts","maxAge","includeSubDomains","frameguard","action","mergeConfig","existingConfig","newConfig","mergeWith","obj","src","Array","isArray","concat","undefined","security","config","strapi","ctx","next","helmetConfig","defaultsDeep","specialPaths","plugin","service","playground","isEnabled","gqlConfig","push","method","some","str","path","startsWith","includes","process","env","NODE_ENV","get","helmet"],"mappings":";;;;;AAOA,MAAMA,QAAmB,GAAA;IACvBC,yBAA2B,EAAA,KAAA;IAC3BC,uBAAyB,EAAA,KAAA;IACzBC,yBAA2B,EAAA,KAAA;IAC3BC,kBAAoB,EAAA,KAAA;IACpBC,qBAAuB,EAAA;QACrBC,WAAa,EAAA,IAAA;QACbC,UAAY,EAAA;YACV,aAAe,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA;AAAS,aAAA;YACnC,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,OAAA;AAAS,gBAAA;AAAkC,aAAA;YAC1E,WAAa,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA;AAAQ,aAAA;YACzCC,uBAAyB,EAAA;AAC3B;AACF,KAAA;IACAC,SAAW,EAAA,KAAA;IACXC,IAAM,EAAA;QACJC,MAAQ,EAAA,QAAA;QACRC,iBAAmB,EAAA;AACrB,KAAA;IACAC,UAAY,EAAA;QACVC,MAAQ,EAAA;AACV;AACF,CAAA;AAEA,MAAMC,WAAAA,GAAc,CAACC,cAAwBC,EAAAA,SAAAA,GAAAA;AAC3C,IAAA,OAAOC,aACL,CAACC,GAAAA,EAAKC,GAASC,GAAAA,KAAAA,CAAMC,OAAO,CAACH,GAAAA,CAAAA,IAAQE,KAAMC,CAAAA,OAAO,CAACF,GAAOD,CAAAA,GAAAA,GAAAA,CAAII,MAAM,CAACH,GAAAA,CAAAA,GAAOI,WAC5ER,cACAC,EAAAA,SAAAA,CAAAA;AAEJ,CAAA;AAEO,MAAMQ,WACX,CAACC,MAAAA,EAAQ,EAAEC,MAAM,EAAE,GACnB,CAACC,GAAKC,EAAAA,IAAAA,GAAAA;QACJ,IAAIC,YAAAA,GAAuBC,gBAAa/B,QAAU0B,EAAAA,MAAAA,CAAAA;AAElD,QAAA,MAAMM,YAAe,GAAA;AAAC,YAAA;AAAiB,SAAA;AAEvC,QAAA,MAAMzB,UAKF,GAAA;YACF,YAAc,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,iBAAA;AAAmB,gBAAA;AAAmB,aAAA;YAC/D,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,kBAAA;AAAoB,gBAAA;AAAY,aAAA;AAC/D,YAAA,cAAA,EAAgB,EAAE;AAClB,YAAA,WAAA,EAAa;AACf,SAAA;;AAGA,QAAA,IAAIoB,OAAOM,MAAM,CAAC,YAAYC,OAAQ,CAAA,OAAA,CAAA,CAASC,WAAWC,SAAa,EAAA,EAAA;AACrE,YAAA,MAAM,EAAEV,MAAQW,EAAAA,SAAS,EAAE,GAAGV,MAAAA,CAAOM,MAAM,CAAC,SAAA,CAAA;YAC5CD,YAAaM,CAAAA,IAAI,CAACD,SAAU,CAAA,UAAA,CAAA,CAAA;AAE5B9B,YAAAA,UAAU,CAAC,YAAa,CAAA,CAAC+B,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAA;AACtD/B,YAAAA,UAAU,CAAC,SAAU,CAAA,CAAC+B,IAAI,CAAC,CAAC,kDAAkD,CAAC,CAAA;AAC/E/B,YAAAA,UAAU,CAAC,cAAe,CAAA,CAAC+B,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACxC/B,YAAAA,UAAU,CAAC,cAAA,CAAe,CAAC+B,IAAI,CAAC,kDAAA,CAAA;AAChC/B,YAAAA,UAAU,CAAC,WAAY,CAAA,CAAC+B,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACrC/B,YAAAA,UAAU,CAAC,WAAA,CAAY,CAAC+B,IAAI,CAAC,iCAAA,CAAA;AAC/B;;AAGA,QAAA,IAAIV,GAAIW,CAAAA,MAAM,KAAK,KAAA,IAASP,aAAaQ,IAAI,CAAC,CAACC,GAAAA,GAAQb,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAACF,GAAO,CAAA,CAAA,EAAA;AAChFX,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC7B,yBAA2B,EAAA,KAAA;gBAC3BI,qBAAuB,EAAA;AACrBE,oBAAAA;AACF;AACF,aAAA,CAAA;AACF;AAEA;;;;;;;AAOC,QAED,IACE;AAAC,YAAA,aAAA;AAAe,YAAA;SAAO,CAACqC,QAAQ,CAACC,OAAQC,CAAAA,GAAG,CAACC,QAAQ,IAAI,EACzDnB,CAAAA,IAAAA,GAAAA,CAAIW,MAAM,KAAK,SACfX,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAAChB,OAAOD,MAAM,CAACsB,GAAG,CAAC,YACtC,CAAA,CAAA,EAAA;AACAlB,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvCzB,qBAAuB,EAAA;oBACrBE,UAAY,EAAA;wBACV,YAAc,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA;AAAkB,yBAAA;wBAC3C,aAAe,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA,OAAA;AAAS,4BAAA,QAAA;AAAU,4BAAA;AAAM;AACrD;AACF;AACF,aAAA,CAAA;AACF;QAEA,OAAO0C,MAAAA,CAAOnB,cAAcF,GAAKC,EAAAA,IAAAA,CAAAA;;;;;"}
+{"version":3,"file":"security.js","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\nimport { CSP_DEFAULTS } from '@strapi/utils';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n  crossOriginEmbedderPolicy: false,\n  crossOriginOpenerPolicy: false,\n  crossOriginResourcePolicy: false,\n  originAgentCluster: false,\n  contentSecurityPolicy: {\n    useDefaults: true,\n    directives: {\n      ...CSP_DEFAULTS,\n      upgradeInsecureRequests: null,\n    },\n  },\n  xssFilter: false,\n  hsts: {\n    maxAge: 31536000,\n    includeSubDomains: true,\n  },\n  frameguard: {\n    action: 'sameorigin',\n  },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n  return mergeWith(\n    (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n    existingConfig,\n    newConfig\n  );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n  (config, { strapi }) =>\n  (ctx, next) => {\n    let helmetConfig: Config = defaultsDeep(defaults, config);\n    const specialPaths = ['/documentation'];\n\n    const directives: {\n      'script-src': string[];\n      'img-src': string[];\n      'manifest-src': string[];\n      'frame-src': string[];\n    } = {\n      'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n      'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n      'manifest-src': [],\n      'frame-src': [],\n    };\n\n    // if apollo graphql playground is enabled, add exceptions for it\n    if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n      const { config: gqlConfig } = strapi.plugin('graphql');\n      specialPaths.push(gqlConfig('endpoint'));\n\n      directives['script-src'].push(`https: 'unsafe-inline'`);\n      directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n      directives['manifest-src'].push(`'self'`);\n      directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n      directives['frame-src'].push(`'self'`);\n      directives['frame-src'].push('sandbox.embed.apollographql.com');\n    }\n\n    // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n    if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n      helmetConfig = mergeConfig(helmetConfig, {\n        crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n        contentSecurityPolicy: {\n          directives,\n        },\n      });\n    }\n\n    /**\n     * These are for vite's watch mode so it can accurately\n     * connect to the HMR websocket & reconnect on failure\n     * or when the server restarts.\n     *\n     * It only applies in development, and only on GET requests\n     * that are part of the admin route.\n     */\n\n    if (\n      ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n      ctx.method === 'GET' &&\n      ctx.path.startsWith(strapi.config.get('admin.path'))\n    ) {\n      helmetConfig = mergeConfig(helmetConfig, {\n        contentSecurityPolicy: {\n          directives: {\n            'script-src': [\"'self'\", \"'unsafe-inline'\"],\n            'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n          },\n        },\n      });\n    }\n\n    return helmet(helmetConfig)(ctx, next);\n  };\n"],"names":["defaults","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","originAgentCluster","contentSecurityPolicy","useDefaults","directives","CSP_DEFAULTS","upgradeInsecureRequests","xssFilter","hsts","maxAge","includeSubDomains","frameguard","action","mergeConfig","existingConfig","newConfig","mergeWith","obj","src","Array","isArray","concat","undefined","security","config","strapi","ctx","next","helmetConfig","defaultsDeep","specialPaths","plugin","service","playground","isEnabled","gqlConfig","push","method","some","str","path","startsWith","includes","process","env","NODE_ENV","get","helmet"],"mappings":";;;;;;AAQA,MAAMA,QAAmB,GAAA;IACvBC,yBAA2B,EAAA,KAAA;IAC3BC,uBAAyB,EAAA,KAAA;IACzBC,yBAA2B,EAAA,KAAA;IAC3BC,kBAAoB,EAAA,KAAA;IACpBC,qBAAuB,EAAA;QACrBC,WAAa,EAAA,IAAA;QACbC,UAAY,EAAA;AACV,YAAA,GAAGC,wBAAY;YACfC,uBAAyB,EAAA;AAC3B;AACF,KAAA;IACAC,SAAW,EAAA,KAAA;IACXC,IAAM,EAAA;QACJC,MAAQ,EAAA,QAAA;QACRC,iBAAmB,EAAA;AACrB,KAAA;IACAC,UAAY,EAAA;QACVC,MAAQ,EAAA;AACV;AACF,CAAA;AAEA,MAAMC,WAAAA,GAAc,CAACC,cAAwBC,EAAAA,SAAAA,GAAAA;AAC3C,IAAA,OAAOC,aACL,CAACC,GAAAA,EAAKC,GAASC,GAAAA,KAAAA,CAAMC,OAAO,CAACH,GAAAA,CAAAA,IAAQE,KAAMC,CAAAA,OAAO,CAACF,GAAOD,CAAAA,GAAAA,GAAAA,CAAII,MAAM,CAACH,GAAAA,CAAAA,GAAOI,WAC5ER,cACAC,EAAAA,SAAAA,CAAAA;AAEJ,CAAA;AAEO,MAAMQ,WACX,CAACC,MAAAA,EAAQ,EAAEC,MAAM,EAAE,GACnB,CAACC,GAAKC,EAAAA,IAAAA,GAAAA;QACJ,IAAIC,YAAAA,GAAuBC,gBAAahC,QAAU2B,EAAAA,MAAAA,CAAAA;AAClD,QAAA,MAAMM,YAAe,GAAA;AAAC,YAAA;AAAiB,SAAA;AAEvC,QAAA,MAAM1B,UAKF,GAAA;YACF,YAAc,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,iBAAA;AAAmB,gBAAA;AAAmB,aAAA;YAC/D,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,kBAAA;AAAoB,gBAAA;AAAY,aAAA;AAC/D,YAAA,cAAA,EAAgB,EAAE;AAClB,YAAA,WAAA,EAAa;AACf,SAAA;;AAGA,QAAA,IAAIqB,OAAOM,MAAM,CAAC,YAAYC,OAAQ,CAAA,OAAA,CAAA,CAASC,WAAWC,SAAa,EAAA,EAAA;AACrE,YAAA,MAAM,EAAEV,MAAQW,EAAAA,SAAS,EAAE,GAAGV,MAAAA,CAAOM,MAAM,CAAC,SAAA,CAAA;YAC5CD,YAAaM,CAAAA,IAAI,CAACD,SAAU,CAAA,UAAA,CAAA,CAAA;AAE5B/B,YAAAA,UAAU,CAAC,YAAa,CAAA,CAACgC,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAA;AACtDhC,YAAAA,UAAU,CAAC,SAAU,CAAA,CAACgC,IAAI,CAAC,CAAC,kDAAkD,CAAC,CAAA;AAC/EhC,YAAAA,UAAU,CAAC,cAAe,CAAA,CAACgC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACxChC,YAAAA,UAAU,CAAC,cAAA,CAAe,CAACgC,IAAI,CAAC,kDAAA,CAAA;AAChChC,YAAAA,UAAU,CAAC,WAAY,CAAA,CAACgC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACrChC,YAAAA,UAAU,CAAC,WAAA,CAAY,CAACgC,IAAI,CAAC,iCAAA,CAAA;AAC/B;;AAGA,QAAA,IAAIV,GAAIW,CAAAA,MAAM,KAAK,KAAA,IAASP,aAAaQ,IAAI,CAAC,CAACC,GAAAA,GAAQb,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAACF,GAAO,CAAA,CAAA,EAAA;AAChFX,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC9B,yBAA2B,EAAA,KAAA;gBAC3BI,qBAAuB,EAAA;AACrBE,oBAAAA;AACF;AACF,aAAA,CAAA;AACF;AAEA;;;;;;;AAOC,QAED,IACE;AAAC,YAAA,aAAA;AAAe,YAAA;SAAO,CAACsC,QAAQ,CAACC,OAAQC,CAAAA,GAAG,CAACC,QAAQ,IAAI,EACzDnB,CAAAA,IAAAA,GAAAA,CAAIW,MAAM,KAAK,SACfX,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAAChB,OAAOD,MAAM,CAACsB,GAAG,CAAC,YACtC,CAAA,CAAA,EAAA;AACAlB,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC1B,qBAAuB,EAAA;oBACrBE,UAAY,EAAA;wBACV,YAAc,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA;AAAkB,yBAAA;wBAC3C,aAAe,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA,OAAA;AAAS,4BAAA,QAAA;AAAU,4BAAA;AAAM;AACrD;AACF;AACF,aAAA,CAAA;AACF;QAEA,OAAO2C,MAAAA,CAAOnB,cAAcF,GAAKC,EAAAA,IAAAA,CAAAA;;;;;"}

package/dist/middlewares/security.mjs

@@ -1,5 +1,6 @@
 import { defaultsDeep, mergeWith } from 'lodash/fp';
 import helmet from 'koa-helmet';
+import { CSP_DEFAULTS } from '@strapi/utils';
 
 const defaults = {
     crossOriginEmbedderPolicy: false,
@@ -9,21 +10,7 @@ const defaults = {
     contentSecurityPolicy: {
         useDefaults: true,
         directives: {
-            'connect-src': [
-                "'self'",
-                'https:'
-            ],
-            'img-src': [
-                "'self'",
-                'data:',
-                'blob:',
-                'https://market-assets.strapi.io'
-            ],
-            'media-src': [
-                "'self'",
-                'data:',
-                'blob:'
-            ],
+            ...CSP_DEFAULTS,
             upgradeInsecureRequests: null
         }
     },

package/dist/middlewares/security.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"security.mjs","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n  crossOriginEmbedderPolicy: false,\n  crossOriginOpenerPolicy: false,\n  crossOriginResourcePolicy: false,\n  originAgentCluster: false,\n  contentSecurityPolicy: {\n    useDefaults: true,\n    directives: {\n      'connect-src': [\"'self'\", 'https:'],\n      'img-src': [\"'self'\", 'data:', 'blob:', 'https://market-assets.strapi.io'],\n      'media-src': [\"'self'\", 'data:', 'blob:'],\n      upgradeInsecureRequests: null,\n    },\n  },\n  xssFilter: false,\n  hsts: {\n    maxAge: 31536000,\n    includeSubDomains: true,\n  },\n  frameguard: {\n    action: 'sameorigin',\n  },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n  return mergeWith(\n    (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n    existingConfig,\n    newConfig\n  );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n  (config, { strapi }) =>\n  (ctx, next) => {\n    let helmetConfig: Config = defaultsDeep(defaults, config);\n\n    const specialPaths = ['/documentation'];\n\n    const directives: {\n      'script-src': string[];\n      'img-src': string[];\n      'manifest-src': string[];\n      'frame-src': string[];\n    } = {\n      'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n      'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n      'manifest-src': [],\n      'frame-src': [],\n    };\n\n    // if apollo graphql playground is enabled, add exceptions for it\n    if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n      const { config: gqlConfig } = strapi.plugin('graphql');\n      specialPaths.push(gqlConfig('endpoint'));\n\n      directives['script-src'].push(`https: 'unsafe-inline'`);\n      directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n      directives['manifest-src'].push(`'self'`);\n      directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n      directives['frame-src'].push(`'self'`);\n      directives['frame-src'].push('sandbox.embed.apollographql.com');\n    }\n\n    // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n    if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n      helmetConfig = mergeConfig(helmetConfig, {\n        crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n        contentSecurityPolicy: {\n          directives,\n        },\n      });\n    }\n\n    /**\n     * These are for vite's watch mode so it can accurately\n     * connect to the HMR websocket & reconnect on failure\n     * or when the server restarts.\n     *\n     * It only applies in development, and only on GET requests\n     * that are part of the admin route.\n     */\n\n    if (\n      ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n      ctx.method === 'GET' &&\n      ctx.path.startsWith(strapi.config.get('admin.path'))\n    ) {\n      helmetConfig = mergeConfig(helmetConfig, {\n        contentSecurityPolicy: {\n          directives: {\n            'script-src': [\"'self'\", \"'unsafe-inline'\"],\n            'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n          },\n        },\n      });\n    }\n\n    return helmet(helmetConfig)(ctx, next);\n  };\n"],"names":["defaults","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","originAgentCluster","contentSecurityPolicy","useDefaults","directives","upgradeInsecureRequests","xssFilter","hsts","maxAge","includeSubDomains","frameguard","action","mergeConfig","existingConfig","newConfig","mergeWith","obj","src","Array","isArray","concat","undefined","security","config","strapi","ctx","next","helmetConfig","defaultsDeep","specialPaths","plugin","service","playground","isEnabled","gqlConfig","push","method","some","str","path","startsWith","includes","process","env","NODE_ENV","get","helmet"],"mappings":";;;AAOA,MAAMA,QAAmB,GAAA;IACvBC,yBAA2B,EAAA,KAAA;IAC3BC,uBAAyB,EAAA,KAAA;IACzBC,yBAA2B,EAAA,KAAA;IAC3BC,kBAAoB,EAAA,KAAA;IACpBC,qBAAuB,EAAA;QACrBC,WAAa,EAAA,IAAA;QACbC,UAAY,EAAA;YACV,aAAe,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA;AAAS,aAAA;YACnC,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,OAAA;AAAS,gBAAA;AAAkC,aAAA;YAC1E,WAAa,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA;AAAQ,aAAA;YACzCC,uBAAyB,EAAA;AAC3B;AACF,KAAA;IACAC,SAAW,EAAA,KAAA;IACXC,IAAM,EAAA;QACJC,MAAQ,EAAA,QAAA;QACRC,iBAAmB,EAAA;AACrB,KAAA;IACAC,UAAY,EAAA;QACVC,MAAQ,EAAA;AACV;AACF,CAAA;AAEA,MAAMC,WAAAA,GAAc,CAACC,cAAwBC,EAAAA,SAAAA,GAAAA;AAC3C,IAAA,OAAOC,UACL,CAACC,GAAAA,EAAKC,GAASC,GAAAA,KAAAA,CAAMC,OAAO,CAACH,GAAAA,CAAAA,IAAQE,KAAMC,CAAAA,OAAO,CAACF,GAAOD,CAAAA,GAAAA,GAAAA,CAAII,MAAM,CAACH,GAAAA,CAAAA,GAAOI,WAC5ER,cACAC,EAAAA,SAAAA,CAAAA;AAEJ,CAAA;AAEO,MAAMQ,WACX,CAACC,MAAAA,EAAQ,EAAEC,MAAM,EAAE,GACnB,CAACC,GAAKC,EAAAA,IAAAA,GAAAA;QACJ,IAAIC,YAAAA,GAAuBC,aAAa/B,QAAU0B,EAAAA,MAAAA,CAAAA;AAElD,QAAA,MAAMM,YAAe,GAAA;AAAC,YAAA;AAAiB,SAAA;AAEvC,QAAA,MAAMzB,UAKF,GAAA;YACF,YAAc,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,iBAAA;AAAmB,gBAAA;AAAmB,aAAA;YAC/D,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,kBAAA;AAAoB,gBAAA;AAAY,aAAA;AAC/D,YAAA,cAAA,EAAgB,EAAE;AAClB,YAAA,WAAA,EAAa;AACf,SAAA;;AAGA,QAAA,IAAIoB,OAAOM,MAAM,CAAC,YAAYC,OAAQ,CAAA,OAAA,CAAA,CAASC,WAAWC,SAAa,EAAA,EAAA;AACrE,YAAA,MAAM,EAAEV,MAAQW,EAAAA,SAAS,EAAE,GAAGV,MAAAA,CAAOM,MAAM,CAAC,SAAA,CAAA;YAC5CD,YAAaM,CAAAA,IAAI,CAACD,SAAU,CAAA,UAAA,CAAA,CAAA;AAE5B9B,YAAAA,UAAU,CAAC,YAAa,CAAA,CAAC+B,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAA;AACtD/B,YAAAA,UAAU,CAAC,SAAU,CAAA,CAAC+B,IAAI,CAAC,CAAC,kDAAkD,CAAC,CAAA;AAC/E/B,YAAAA,UAAU,CAAC,cAAe,CAAA,CAAC+B,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACxC/B,YAAAA,UAAU,CAAC,cAAA,CAAe,CAAC+B,IAAI,CAAC,kDAAA,CAAA;AAChC/B,YAAAA,UAAU,CAAC,WAAY,CAAA,CAAC+B,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACrC/B,YAAAA,UAAU,CAAC,WAAA,CAAY,CAAC+B,IAAI,CAAC,iCAAA,CAAA;AAC/B;;AAGA,QAAA,IAAIV,GAAIW,CAAAA,MAAM,KAAK,KAAA,IAASP,aAAaQ,IAAI,CAAC,CAACC,GAAAA,GAAQb,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAACF,GAAO,CAAA,CAAA,EAAA;AAChFX,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC7B,yBAA2B,EAAA,KAAA;gBAC3BI,qBAAuB,EAAA;AACrBE,oBAAAA;AACF;AACF,aAAA,CAAA;AACF;AAEA;;;;;;;AAOC,QAED,IACE;AAAC,YAAA,aAAA;AAAe,YAAA;SAAO,CAACqC,QAAQ,CAACC,OAAQC,CAAAA,GAAG,CAACC,QAAQ,IAAI,EACzDnB,CAAAA,IAAAA,GAAAA,CAAIW,MAAM,KAAK,SACfX,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAAChB,OAAOD,MAAM,CAACsB,GAAG,CAAC,YACtC,CAAA,CAAA,EAAA;AACAlB,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvCzB,qBAAuB,EAAA;oBACrBE,UAAY,EAAA;wBACV,YAAc,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA;AAAkB,yBAAA;wBAC3C,aAAe,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA,OAAA;AAAS,4BAAA,QAAA;AAAU,4BAAA;AAAM;AACrD;AACF;AACF,aAAA,CAAA;AACF;QAEA,OAAO0C,MAAAA,CAAOnB,cAAcF,GAAKC,EAAAA,IAAAA,CAAAA;;;;;"}
+{"version":3,"file":"security.mjs","sources":["../../src/middlewares/security.ts"],"sourcesContent":["import { defaultsDeep, mergeWith } from 'lodash/fp';\nimport helmet, { KoaHelmet } from 'koa-helmet';\nimport { CSP_DEFAULTS } from '@strapi/utils';\n\nimport type { Core } from '@strapi/types';\n\nexport type Config = NonNullable<Parameters<KoaHelmet>[0]>;\n\nconst defaults: Config = {\n  crossOriginEmbedderPolicy: false,\n  crossOriginOpenerPolicy: false,\n  crossOriginResourcePolicy: false,\n  originAgentCluster: false,\n  contentSecurityPolicy: {\n    useDefaults: true,\n    directives: {\n      ...CSP_DEFAULTS,\n      upgradeInsecureRequests: null,\n    },\n  },\n  xssFilter: false,\n  hsts: {\n    maxAge: 31536000,\n    includeSubDomains: true,\n  },\n  frameguard: {\n    action: 'sameorigin',\n  },\n};\n\nconst mergeConfig = (existingConfig: Config, newConfig: Config) => {\n  return mergeWith(\n    (obj, src) => (Array.isArray(obj) && Array.isArray(src) ? obj.concat(src) : undefined),\n    existingConfig,\n    newConfig\n  );\n};\n\nexport const security: Core.MiddlewareFactory<Config> =\n  (config, { strapi }) =>\n  (ctx, next) => {\n    let helmetConfig: Config = defaultsDeep(defaults, config);\n    const specialPaths = ['/documentation'];\n\n    const directives: {\n      'script-src': string[];\n      'img-src': string[];\n      'manifest-src': string[];\n      'frame-src': string[];\n    } = {\n      'script-src': [\"'self'\", \"'unsafe-inline'\", 'cdn.jsdelivr.net'],\n      'img-src': [\"'self'\", 'data:', 'cdn.jsdelivr.net', 'strapi.io'],\n      'manifest-src': [],\n      'frame-src': [],\n    };\n\n    // if apollo graphql playground is enabled, add exceptions for it\n    if (strapi.plugin('graphql')?.service('utils').playground.isEnabled()) {\n      const { config: gqlConfig } = strapi.plugin('graphql');\n      specialPaths.push(gqlConfig('endpoint'));\n\n      directives['script-src'].push(`https: 'unsafe-inline'`);\n      directives['img-src'].push(`'apollo-server-landing-page.cdn.apollographql.com'`);\n      directives['manifest-src'].push(`'self'`);\n      directives['manifest-src'].push('apollo-server-landing-page.cdn.apollographql.com');\n      directives['frame-src'].push(`'self'`);\n      directives['frame-src'].push('sandbox.embed.apollographql.com');\n    }\n\n    // TODO: we shouldn't combine playground exceptions with documentation for all routes, we should first check the path and then return exceptions specific to that\n    if (ctx.method === 'GET' && specialPaths.some((str) => ctx.path.startsWith(str))) {\n      helmetConfig = mergeConfig(helmetConfig, {\n        crossOriginEmbedderPolicy: false, // TODO: only use this for graphql playground\n        contentSecurityPolicy: {\n          directives,\n        },\n      });\n    }\n\n    /**\n     * These are for vite's watch mode so it can accurately\n     * connect to the HMR websocket & reconnect on failure\n     * or when the server restarts.\n     *\n     * It only applies in development, and only on GET requests\n     * that are part of the admin route.\n     */\n\n    if (\n      ['development', 'test'].includes(process.env.NODE_ENV ?? '') &&\n      ctx.method === 'GET' &&\n      ctx.path.startsWith(strapi.config.get('admin.path'))\n    ) {\n      helmetConfig = mergeConfig(helmetConfig, {\n        contentSecurityPolicy: {\n          directives: {\n            'script-src': [\"'self'\", \"'unsafe-inline'\"],\n            'connect-src': [\"'self'\", 'http:', 'https:', 'ws:'],\n          },\n        },\n      });\n    }\n\n    return helmet(helmetConfig)(ctx, next);\n  };\n"],"names":["defaults","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","originAgentCluster","contentSecurityPolicy","useDefaults","directives","CSP_DEFAULTS","upgradeInsecureRequests","xssFilter","hsts","maxAge","includeSubDomains","frameguard","action","mergeConfig","existingConfig","newConfig","mergeWith","obj","src","Array","isArray","concat","undefined","security","config","strapi","ctx","next","helmetConfig","defaultsDeep","specialPaths","plugin","service","playground","isEnabled","gqlConfig","push","method","some","str","path","startsWith","includes","process","env","NODE_ENV","get","helmet"],"mappings":";;;;AAQA,MAAMA,QAAmB,GAAA;IACvBC,yBAA2B,EAAA,KAAA;IAC3BC,uBAAyB,EAAA,KAAA;IACzBC,yBAA2B,EAAA,KAAA;IAC3BC,kBAAoB,EAAA,KAAA;IACpBC,qBAAuB,EAAA;QACrBC,WAAa,EAAA,IAAA;QACbC,UAAY,EAAA;AACV,YAAA,GAAGC,YAAY;YACfC,uBAAyB,EAAA;AAC3B;AACF,KAAA;IACAC,SAAW,EAAA,KAAA;IACXC,IAAM,EAAA;QACJC,MAAQ,EAAA,QAAA;QACRC,iBAAmB,EAAA;AACrB,KAAA;IACAC,UAAY,EAAA;QACVC,MAAQ,EAAA;AACV;AACF,CAAA;AAEA,MAAMC,WAAAA,GAAc,CAACC,cAAwBC,EAAAA,SAAAA,GAAAA;AAC3C,IAAA,OAAOC,UACL,CAACC,GAAAA,EAAKC,GAASC,GAAAA,KAAAA,CAAMC,OAAO,CAACH,GAAAA,CAAAA,IAAQE,KAAMC,CAAAA,OAAO,CAACF,GAAOD,CAAAA,GAAAA,GAAAA,CAAII,MAAM,CAACH,GAAAA,CAAAA,GAAOI,WAC5ER,cACAC,EAAAA,SAAAA,CAAAA;AAEJ,CAAA;AAEO,MAAMQ,WACX,CAACC,MAAAA,EAAQ,EAAEC,MAAM,EAAE,GACnB,CAACC,GAAKC,EAAAA,IAAAA,GAAAA;QACJ,IAAIC,YAAAA,GAAuBC,aAAahC,QAAU2B,EAAAA,MAAAA,CAAAA;AAClD,QAAA,MAAMM,YAAe,GAAA;AAAC,YAAA;AAAiB,SAAA;AAEvC,QAAA,MAAM1B,UAKF,GAAA;YACF,YAAc,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,iBAAA;AAAmB,gBAAA;AAAmB,aAAA;YAC/D,SAAW,EAAA;AAAC,gBAAA,QAAA;AAAU,gBAAA,OAAA;AAAS,gBAAA,kBAAA;AAAoB,gBAAA;AAAY,aAAA;AAC/D,YAAA,cAAA,EAAgB,EAAE;AAClB,YAAA,WAAA,EAAa;AACf,SAAA;;AAGA,QAAA,IAAIqB,OAAOM,MAAM,CAAC,YAAYC,OAAQ,CAAA,OAAA,CAAA,CAASC,WAAWC,SAAa,EAAA,EAAA;AACrE,YAAA,MAAM,EAAEV,MAAQW,EAAAA,SAAS,EAAE,GAAGV,MAAAA,CAAOM,MAAM,CAAC,SAAA,CAAA;YAC5CD,YAAaM,CAAAA,IAAI,CAACD,SAAU,CAAA,UAAA,CAAA,CAAA;AAE5B/B,YAAAA,UAAU,CAAC,YAAa,CAAA,CAACgC,IAAI,CAAC,CAAC,sBAAsB,CAAC,CAAA;AACtDhC,YAAAA,UAAU,CAAC,SAAU,CAAA,CAACgC,IAAI,CAAC,CAAC,kDAAkD,CAAC,CAAA;AAC/EhC,YAAAA,UAAU,CAAC,cAAe,CAAA,CAACgC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACxChC,YAAAA,UAAU,CAAC,cAAA,CAAe,CAACgC,IAAI,CAAC,kDAAA,CAAA;AAChChC,YAAAA,UAAU,CAAC,WAAY,CAAA,CAACgC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAA;AACrChC,YAAAA,UAAU,CAAC,WAAA,CAAY,CAACgC,IAAI,CAAC,iCAAA,CAAA;AAC/B;;AAGA,QAAA,IAAIV,GAAIW,CAAAA,MAAM,KAAK,KAAA,IAASP,aAAaQ,IAAI,CAAC,CAACC,GAAAA,GAAQb,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAACF,GAAO,CAAA,CAAA,EAAA;AAChFX,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC9B,yBAA2B,EAAA,KAAA;gBAC3BI,qBAAuB,EAAA;AACrBE,oBAAAA;AACF;AACF,aAAA,CAAA;AACF;AAEA;;;;;;;AAOC,QAED,IACE;AAAC,YAAA,aAAA;AAAe,YAAA;SAAO,CAACsC,QAAQ,CAACC,OAAQC,CAAAA,GAAG,CAACC,QAAQ,IAAI,EACzDnB,CAAAA,IAAAA,GAAAA,CAAIW,MAAM,KAAK,SACfX,GAAIc,CAAAA,IAAI,CAACC,UAAU,CAAChB,OAAOD,MAAM,CAACsB,GAAG,CAAC,YACtC,CAAA,CAAA,EAAA;AACAlB,YAAAA,YAAAA,GAAef,YAAYe,YAAc,EAAA;gBACvC1B,qBAAuB,EAAA;oBACrBE,UAAY,EAAA;wBACV,YAAc,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA;AAAkB,yBAAA;wBAC3C,aAAe,EAAA;AAAC,4BAAA,QAAA;AAAU,4BAAA,OAAA;AAAS,4BAAA,QAAA;AAAU,4BAAA;AAAM;AACrD;AACF;AACF,aAAA,CAAA;AACF;QAEA,OAAO2C,MAAAA,CAAOnB,cAAcF,GAAKC,EAAAA,IAAAA,CAAAA;;;;;"}

package/dist/migrations/database/5.0.0-discard-drafts.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"5.0.0-discard-drafts.d.ts","sourceRoot":"","sources":["../../../src/migrations/database/5.0.0-discard-drafts.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAI5D,KAAK,eAAe,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAC9D,KAAK,IAAI,GAAG,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAqF3C;;;;;GAKG;AACH,wBAAuB,iBAAiB,CAAC,EACvC,EAAE,EACF,GAAG,EACH,GAAG,EACH,gBAAuB,GACxB,EAAE;IACD,EAAE,EAAE,QAAQ,CAAC;IACb,GAAG,EAAE,IAAI,CAAC;IACV,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,oDAgCA;AA2DD,eAAO,MAAM,qBAAqB,EAAE,SAQnC,CAAC"}
+{"version":3,"file":"5.0.0-discard-drafts.d.ts","sourceRoot":"","sources":["../../../src/migrations/database/5.0.0-discard-drafts.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAIH,OAAO,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAG5D,KAAK,eAAe,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAC9D,KAAK,IAAI,GAAG,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AA6S3C;;;;;GAKG;AACH,wBAAuB,iBAAiB,CAAC,EACvC,EAAE,EACF,GAAG,EACH,GAAG,EACH,gBAAuB,GACxB,EAAE;IACD,EAAE,EAAE,QAAQ,CAAC;IACb,GAAG,EAAE,IAAI,CAAC;IACV,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,oDAgCA;AAED,eAAO,MAAM,qBAAqB,EAAE,SAQnC,CAAC"}

package/dist/migrations/database/5.0.0-discard-drafts.js

@@ -1,7 +1,6 @@
 'use strict';
 
 var strapiUtils = require('@strapi/utils');
-var index = require('../../services/document-service/index.js');
 
 /**
  * Check if the model has draft and publish enabled.
@@ -58,6 +57,174 @@ var index = require('../../services/document-service/index.js');
         .whereNotNull('published_at');
     });
 }
+/**
+ * Copy relations from published entries to draft entries using direct database queries.
+ * This replaces the need to call discardDraft for each entry.
+ */ async function copyRelationsToDrafts({ db, trx, uid }) {
+    const meta = db.metadata.get(uid);
+    if (!meta) return;
+    // Get all published entries for this content type
+    const publishedEntries = await trx(meta.tableName).select([
+        'id',
+        'documentId',
+        'locale'
+    ]).whereNotNull('published_at');
+    // Get all draft entries for this content type
+    const draftEntries = await trx(meta.tableName).select([
+        'id',
+        'documentId',
+        'locale'
+    ]).whereNull('published_at');
+    if (publishedEntries.length === 0 || draftEntries.length === 0) {
+        return;
+    }
+    // Create mapping from documentId to draft entry ID (only for drafts created by migration)
+    const draftByDocumentId = new Map();
+    for (const draft of draftEntries){
+        if (draft.documentId) {
+            draftByDocumentId.set(draft.documentId, draft);
+        }
+    }
+    // Create mapping from published entry ID to draft entry ID
+    const publishedToDraftMap = new Map();
+    for (const published of publishedEntries){
+        const draft = draftByDocumentId.get(published.documentId);
+        if (draft) {
+            publishedToDraftMap.set(published.id, draft.id);
+        }
+    }
+    if (publishedToDraftMap.size === 0) {
+        return;
+    }
+    // Copy relations for this content type
+    await copyRelationsForContentType({
+        trx,
+        uid,
+        publishedToDraftMap,
+        publishedEntries
+    });
+    // Copy relations from other content types that target this content type
+    await copyRelationsFromOtherContentTypes({
+        trx,
+        uid,
+        publishedToDraftMap,
+        publishedEntries
+    });
+}
+/**
+ * Copy relations within the same content type (self-referential relations)
+ */ async function copyRelationsForContentType({ trx, uid, publishedToDraftMap }) {
+    const meta = strapi.db.metadata.get(uid);
+    if (!meta) return;
+    const publishedIds = Array.from(publishedToDraftMap.keys());
+    for (const attribute of Object.values(meta.attributes)){
+        if (attribute.type !== 'relation' || attribute.target !== uid) {
+            continue;
+        }
+        const joinTable = attribute.joinTable;
+        if (!joinTable) {
+            continue;
+        }
+        const { name: sourceColumnName } = joinTable.joinColumn;
+        const { name: targetColumnName } = joinTable.inverseJoinColumn;
+        // Get all relations where the source is a published entry
+        const relations = await trx(joinTable.name).select('*').whereIn(sourceColumnName, publishedIds);
+        if (relations.length === 0) {
+            continue;
+        }
+        // Create new relations pointing to draft entries
+        const newRelations = relations.map((relation)=>{
+            const newSourceId = publishedToDraftMap.get(relation[sourceColumnName]);
+            const newTargetId = publishedToDraftMap.get(relation[targetColumnName]);
+            if (!newSourceId || !newTargetId) {
+                return null;
+            }
+            return {
+                ...relation,
+                [sourceColumnName]: newSourceId,
+                [targetColumnName]: newTargetId
+            };
+        }).filter(Boolean);
+        if (newRelations.length > 0) {
+            await trx.batchInsert(joinTable.name, newRelations, 1000);
+        }
+    }
+}
+/**
+ * Copy relations from other content types that target this content type
+ */ async function copyRelationsFromOtherContentTypes({ trx, uid, publishedToDraftMap }) {
+    const targetIds = Array.from(publishedToDraftMap.keys());
+    // Iterate through all content types and components to find relations targeting our content type
+    const contentTypes = Object.values(strapi.contentTypes);
+    const components = Object.values(strapi.components);
+    for (const model of [
+        ...contentTypes,
+        ...components
+    ]){
+        const dbModel = strapi.db.metadata.get(model.uid);
+        if (!dbModel) continue;
+        for (const attribute of Object.values(dbModel.attributes)){
+            if (attribute.type !== 'relation' || attribute.target !== uid) {
+                continue;
+            }
+            const joinTable = attribute.joinTable;
+            if (!joinTable) {
+                continue;
+            }
+            const { name: targetColumnName } = joinTable.inverseJoinColumn;
+            // Get all relations where the target is a published entry of our content type
+            const relations = await trx(joinTable.name).select('*').whereIn(targetColumnName, targetIds);
+            if (relations.length === 0) {
+                continue;
+            }
+            // Create new relations pointing to draft entries
+            const newRelations = relations.map((relation)=>{
+                const newTargetId = publishedToDraftMap.get(relation[targetColumnName]);
+                if (!newTargetId) {
+                    return null;
+                }
+                return {
+                    ...relation,
+                    [targetColumnName]: newTargetId
+                };
+            }).filter(Boolean);
+            if (newRelations.length > 0) {
+                await trx.batchInsert(joinTable.name, newRelations, 1000);
+            }
+        }
+    }
+}
+/**
+ * 2 pass migration to create the draft entries for all the published entries.
+ * And then copy relations directly using database queries.
+ */ const migrateUp = async (trx, db)=>{
+    const dpModels = [];
+    for (const meta of db.metadata.values()){
+        const hasDP = await hasDraftAndPublish(trx, meta);
+        if (hasDP) {
+            dpModels.push(meta);
+        }
+    }
+    /**
+   * Create plain draft entries for all the entries that were published.
+   */ for (const model of dpModels){
+        await copyPublishedEntriesToDraft({
+            db,
+            trx,
+            uid: model.uid
+        });
+    }
+    /**
+   * Copy relations from published entries to draft entries using direct database queries.
+   * This is much more efficient than calling discardDraft for each entry.
+   */ for (const model of dpModels){
+        await copyRelationsToDrafts({
+            db,
+            trx,
+            uid: model.uid
+        });
+    }
+};
 /**
  * Load a batch of versions to discard.
  *
@@ -95,64 +262,6 @@ var index = require('../../services/document-service/index.js');
         yield batch;
     }
 }
-/**
- * 2 pass migration to create the draft entries for all the published entries.
- * And then discard the drafts to copy the relations.
- */ const migrateUp = async (trx, db)=>{
-    const dpModels = [];
-    for (const meta of db.metadata.values()){
-        const hasDP = await hasDraftAndPublish(trx, meta);
-        if (hasDP) {
-            dpModels.push(meta);
-        }
-    }
-    /**
-   * Create plain draft entries for all the entries that were published.
-   */ for (const model of dpModels){
-        await copyPublishedEntriesToDraft({
-            db,
-            trx,
-            uid: model.uid
-        });
-    }
-    /**
-   * Discard the drafts will copy the relations from the published entries to the newly created drafts.
-   *
-   * Load a batch of entries (batched to prevent loading millions of rows at once ),
-   * and discard them using the document service.
-   *
-   * NOTE: This is using a custom document service without any validations,
-   *       to prevent the migration from failing if users already had invalid data in V4.
-   *       E.g. @see https://github.com/strapi/strapi/issues/21583
-   */ const documentService = index.createDocumentService(strapi, {
-        async validateEntityCreation (_, data) {
-            return data;
-        },
-        async validateEntityUpdate (_, data) {
-            // Data can be partially empty on partial updates
-            // This migration doesn't trigger any update (or partial update),
-            // so it's safe to return the data as is.
-            return data;
-        }
-    });
-    for (const model of dpModels){
-        const discardDraft = async (entry)=>documentService(model.uid).discardDraft({
-                documentId: entry.documentId,
-                locale: entry.locale
-            });
-        for await (const batch of getBatchToDiscard({
-            db,
-            trx,
-            uid: model.uid
-        })){
-            // NOTE: concurrency had to be disabled to prevent a race condition with self-references
-            // TODO: improve performance in a safe way
-            await strapiUtils.async.map(batch, discardDraft, {
-                concurrency: 1
-            });
-        }
-    }
-};
 const discardDocumentDrafts = {
     name: 'core::5.0.0-discard-drafts',
     async up (trx, db) {

package/dist/migrations/database/5.0.0-discard-drafts.js.map

@@ -1 +1 @@
-{"version":3,"file":"5.0.0-discard-drafts.js","sources":["../../../src/migrations/database/5.0.0-discard-drafts.ts"],"sourcesContent":["/**\n * This migration is responsible for creating the draft counterpart for all the entries that were in a published state.\n *\n * In v4, entries could either be in a draft or published state, but not both at the same time.\n * In v5, we introduced the concept of document, and an entry can be in a draft or published state.\n *\n * This means the migration needs to create the draft counterpart if an entry was published.\n *\n * This migration performs the following steps:\n * 1. Creates draft entries for all published entries, without it's components, dynamic zones or relations.\n * 2. Using the document service, discard those same drafts to copy its relations.\n */\n\n/* eslint-disable no-continue */\nimport type { UID } from '@strapi/types';\nimport type { Database, Migration } from '@strapi/database';\nimport { async, contentTypes } from '@strapi/utils';\nimport { createDocumentService } from '../../services/document-service';\n\ntype DocumentVersion = { documentId: string; locale: string };\ntype Knex = Parameters<Migration['up']>[0];\n\n/**\n * Check if the model has draft and publish enabled.\n */\nconst hasDraftAndPublish = async (trx: Knex, meta: any) => {\n  const hasTable = await trx.schema.hasTable(meta.tableName);\n\n  if (!hasTable) {\n    return false;\n  }\n\n  const uid = meta.uid as UID.ContentType;\n  const model = strapi.getModel(uid);\n  const hasDP = contentTypes.hasDraftAndPublish(model);\n  if (!hasDP) {\n    return false;\n  }\n\n  return true;\n};\n\n/**\n * Copy all the published entries to draft entries, without it's components, dynamic zones or relations.\n * This ensures all necessary draft's exist before copying it's relations.\n */\nasync function copyPublishedEntriesToDraft({\n  db,\n  trx,\n  uid,\n}: {\n  db: Database;\n  trx: Knex;\n  uid: string;\n}) {\n  // Extract all scalar attributes to use in the insert query\n  const meta = db.metadata.get(uid);\n\n  // Get scalar attributes that will be copied over the new draft\n  const scalarAttributes = Object.values(meta.attributes).reduce((acc, attribute: any) => {\n    if (['id'].includes(attribute.columnName)) {\n      return acc;\n    }\n\n    if (contentTypes.isScalarAttribute(attribute)) {\n      acc.push(attribute.columnName);\n    }\n\n    return acc;\n  }, [] as string[]);\n\n  /**\n   * Query to copy the published entries into draft entries.\n   *\n   * INSERT INTO tableName (columnName1, columnName2, columnName3, ...)\n   * SELECT columnName1, columnName2, columnName3, ...\n   * FROM tableName\n   */\n  await trx\n    // INSERT INTO tableName (columnName1, columnName2, columnName3, ...)\n    .into(\n      trx.raw(`?? (${scalarAttributes.map(() => `??`).join(', ')})`, [\n        meta.tableName,\n        ...scalarAttributes,\n      ])\n    )\n    .insert((subQb: typeof trx) => {\n      // SELECT columnName1, columnName2, columnName3, ...\n      subQb\n        .select(\n          ...scalarAttributes.map((att: string) => {\n            // Override 'publishedAt' and 'updatedAt' attributes\n            if (att === 'published_at') {\n              return trx.raw('NULL as ??', 'published_at');\n            }\n\n            return att;\n          })\n        )\n        .from(meta.tableName)\n        // Only select entries that were published\n        .whereNotNull('published_at');\n    });\n}\n\n/**\n * Load a batch of versions to discard.\n *\n * Versions with only a draft version will be ignored.\n * Only versions with a published version (which always have a draft version) will be discarded.\n */\nexport async function* getBatchToDiscard({\n  db,\n  trx,\n  uid,\n  defaultBatchSize = 1000,\n}: {\n  db: Database;\n  trx: Knex;\n  uid: string;\n  defaultBatchSize?: number;\n}) {\n  const client = db.config.connection.client;\n  const isSQLite =\n    typeof client === 'string' && ['sqlite', 'sqlite3', 'better-sqlite3'].includes(client);\n\n  // The SQLite documentation states that the maximum number of terms in a\n  // compound SELECT statement is 500 by default.\n  // See: https://www.sqlite.org/limits.html\n  // To ensure a successful migration, we limit the batch size to 500 for SQLite.\n  const batchSize = isSQLite ? Math.min(defaultBatchSize, 500) : defaultBatchSize;\n  let offset = 0;\n  let hasMore = true;\n\n  while (hasMore) {\n    // Look for the published entries to discard\n    const batch: DocumentVersion[] = await db\n      .queryBuilder(uid)\n      .select(['id', 'documentId', 'locale'])\n      .where({ publishedAt: { $ne: null } })\n      .limit(batchSize)\n      .offset(offset)\n      .orderBy('id')\n      .transacting(trx)\n      .execute();\n\n    if (batch.length < batchSize) {\n      hasMore = false;\n    }\n\n    offset += batchSize;\n    yield batch;\n  }\n}\n\n/**\n * 2 pass migration to create the draft entries for all the published entries.\n * And then discard the drafts to copy the relations.\n */\nconst migrateUp = async (trx: Knex, db: Database) => {\n  const dpModels = [];\n  for (const meta of db.metadata.values()) {\n    const hasDP = await hasDraftAndPublish(trx, meta);\n    if (hasDP) {\n      dpModels.push(meta);\n    }\n  }\n\n  /**\n   * Create plain draft entries for all the entries that were published.\n   */\n  for (const model of dpModels) {\n    await copyPublishedEntriesToDraft({ db, trx, uid: model.uid });\n  }\n\n  /**\n   * Discard the drafts will copy the relations from the published entries to the newly created drafts.\n   *\n   * Load a batch of entries (batched to prevent loading millions of rows at once ),\n   * and discard them using the document service.\n   *\n   * NOTE: This is using a custom document service without any validations,\n   *       to prevent the migration from failing if users already had invalid data in V4.\n   *       E.g. @see https://github.com/strapi/strapi/issues/21583\n   */\n  const documentService = createDocumentService(strapi, {\n    async validateEntityCreation(_, data) {\n      return data;\n    },\n    async validateEntityUpdate(_, data) {\n      // Data can be partially empty on partial updates\n      // This migration doesn't trigger any update (or partial update),\n      // so it's safe to return the data as is.\n      return data as any;\n    },\n  });\n\n  for (const model of dpModels) {\n    const discardDraft = async (entry: DocumentVersion) =>\n      documentService(model.uid as UID.ContentType).discardDraft({\n        documentId: entry.documentId,\n        locale: entry.locale,\n      });\n\n    for await (const batch of getBatchToDiscard({ db, trx, uid: model.uid })) {\n      // NOTE: concurrency had to be disabled to prevent a race condition with self-references\n      // TODO: improve performance in a safe way\n      await async.map(batch, discardDraft, { concurrency: 1 });\n    }\n  }\n};\n\nexport const discardDocumentDrafts: Migration = {\n  name: 'core::5.0.0-discard-drafts',\n  async up(trx, db) {\n    await migrateUp(trx, db);\n  },\n  async down() {\n    throw new Error('not implemented');\n  },\n};\n"],"names":["hasDraftAndPublish","trx","meta","hasTable","schema","tableName","uid","model","strapi","getModel","hasDP","contentTypes","copyPublishedEntriesToDraft","db","metadata","get","scalarAttributes","Object","values","attributes","reduce","acc","attribute","includes","columnName","isScalarAttribute","push","into","raw","map","join","insert","subQb","select","att","from","whereNotNull","getBatchToDiscard","defaultBatchSize","client","config","connection","isSQLite","batchSize","Math","min","offset","hasMore","batch","queryBuilder","where","publishedAt","$ne","limit","orderBy","transacting","execute","length","migrateUp","dpModels","documentService","createDocumentService","validateEntityCreation","_","data","validateEntityUpdate","discardDraft","entry","documentId","locale","async","concurrency","discardDocumentDrafts","name","up","down","Error"],"mappings":";;;;;AAsBA;;IAGA,MAAMA,kBAAqB,GAAA,OAAOC,GAAWC,EAAAA,IAAAA,GAAAA;IAC3C,MAAMC,QAAAA,GAAW,MAAMF,GAAIG,CAAAA,MAAM,CAACD,QAAQ,CAACD,KAAKG,SAAS,CAAA;AAEzD,IAAA,IAAI,CAACF,QAAU,EAAA;QACb,OAAO,KAAA;AACT;IAEA,MAAMG,GAAAA,GAAMJ,KAAKI,GAAG;IACpB,MAAMC,KAAAA,GAAQC,MAAOC,CAAAA,QAAQ,CAACH,GAAAA,CAAAA;IAC9B,MAAMI,KAAAA,GAAQC,wBAAaX,CAAAA,kBAAkB,CAACO,KAAAA,CAAAA;AAC9C,IAAA,IAAI,CAACG,KAAO,EAAA;QACV,OAAO,KAAA;AACT;IAEA,OAAO,IAAA;AACT,CAAA;AAEA;;;IAIA,eAAeE,4BAA4B,EACzCC,EAAE,EACFZ,GAAG,EACHK,GAAG,EAKJ,EAAA;;AAEC,IAAA,MAAMJ,IAAOW,GAAAA,EAAAA,CAAGC,QAAQ,CAACC,GAAG,CAACT,GAAAA,CAAAA;;IAG7B,MAAMU,gBAAAA,GAAmBC,MAAOC,CAAAA,MAAM,CAAChB,IAAAA,CAAKiB,UAAU,CAAEC,CAAAA,MAAM,CAAC,CAACC,GAAKC,EAAAA,SAAAA,GAAAA;QACnE,IAAI;AAAC,YAAA;AAAK,SAAA,CAACC,QAAQ,CAACD,SAAUE,CAAAA,UAAU,CAAG,EAAA;YACzC,OAAOH,GAAAA;AACT;QAEA,IAAIV,wBAAAA,CAAac,iBAAiB,CAACH,SAAY,CAAA,EAAA;YAC7CD,GAAIK,CAAAA,IAAI,CAACJ,SAAAA,CAAUE,UAAU,CAAA;AAC/B;QAEA,OAAOH,GAAAA;AACT,KAAA,EAAG,EAAE,CAAA;AAEL;;;;;;MAOA,MAAMpB,GACJ;KACC0B,IAAI,CACH1B,IAAI2B,GAAG,CAAC,CAAC,IAAI,EAAEZ,iBAAiBa,GAAG,CAAC,IAAM,CAAC,EAAE,CAAC,CAAEC,CAAAA,IAAI,CAAC,IAAM,CAAA,CAAA,CAAC,CAAC,EAAE;AAC7D5B,QAAAA,IAAAA,CAAKG,SAAS;AACXW,QAAAA,GAAAA;KACJ,CAEFe,CAAAA,CAAAA,MAAM,CAAC,CAACC,KAAAA,GAAAA;;AAEPA,QAAAA,KAAAA,CACGC,MAAM,CAAA,GACFjB,gBAAiBa,CAAAA,GAAG,CAAC,CAACK,GAAAA,GAAAA;;AAEvB,YAAA,IAAIA,QAAQ,cAAgB,EAAA;gBAC1B,OAAOjC,GAAAA,CAAI2B,GAAG,CAAC,YAAc,EAAA,cAAA,CAAA;AAC/B;YAEA,OAAOM,GAAAA;AACT,SAAA,CAAA,CAAA,CAEDC,IAAI,CAACjC,IAAKG,CAAAA,SAAS,CACpB;AACC+B,SAAAA,YAAY,CAAC,cAAA,CAAA;AAClB,KAAA,CAAA;AACJ;AAEA;;;;;AAKC,IACM,gBAAgBC,iBAAkB,CAAA,EACvCxB,EAAE,EACFZ,GAAG,EACHK,GAAG,EACHgC,gBAAmB,GAAA,IAAI,EAMxB,EAAA;AACC,IAAA,MAAMC,SAAS1B,EAAG2B,CAAAA,MAAM,CAACC,UAAU,CAACF,MAAM;IAC1C,MAAMG,QAAAA,GACJ,OAAOH,MAAAA,KAAW,QAAY,IAAA;AAAC,QAAA,QAAA;AAAU,QAAA,SAAA;AAAW,QAAA;AAAiB,KAAA,CAAChB,QAAQ,CAACgB,MAAAA,CAAAA;;;;;AAMjF,IAAA,MAAMI,YAAYD,QAAWE,GAAAA,IAAAA,CAAKC,GAAG,CAACP,kBAAkB,GAAOA,CAAAA,GAAAA,gBAAAA;AAC/D,IAAA,IAAIQ,MAAS,GAAA,CAAA;AACb,IAAA,IAAIC,OAAU,GAAA,IAAA;AAEd,IAAA,MAAOA,OAAS,CAAA;;AAEd,QAAA,MAAMC,QAA2B,MAAMnC,EAAAA,CACpCoC,YAAY,CAAC3C,GAAAA,CAAAA,CACb2B,MAAM,CAAC;AAAC,YAAA,IAAA;AAAM,YAAA,YAAA;AAAc,YAAA;AAAS,SAAA,CAAA,CACrCiB,KAAK,CAAC;YAAEC,WAAa,EAAA;gBAAEC,GAAK,EAAA;AAAK;AAAE,SAAA,CAAA,CACnCC,KAAK,CAACV,SACNG,CAAAA,CAAAA,MAAM,CAACA,MAAAA,CAAAA,CACPQ,OAAO,CAAC,IACRC,CAAAA,CAAAA,WAAW,CAACtD,GAAAA,CAAAA,CACZuD,OAAO,EAAA;QAEV,IAAIR,KAAAA,CAAMS,MAAM,GAAGd,SAAW,EAAA;YAC5BI,OAAU,GAAA,KAAA;AACZ;QAEAD,MAAUH,IAAAA,SAAAA;QACV,MAAMK,KAAAA;AACR;AACF;AAEA;;;IAIA,MAAMU,SAAY,GAAA,OAAOzD,GAAWY,EAAAA,EAAAA,GAAAA;AAClC,IAAA,MAAM8C,WAAW,EAAE;AACnB,IAAA,KAAK,MAAMzD,IAAQW,IAAAA,EAAAA,CAAGC,QAAQ,CAACI,MAAM,EAAI,CAAA;QACvC,MAAMR,KAAAA,GAAQ,MAAMV,kBAAAA,CAAmBC,GAAKC,EAAAA,IAAAA,CAAAA;AAC5C,QAAA,IAAIQ,KAAO,EAAA;AACTiD,YAAAA,QAAAA,CAASjC,IAAI,CAACxB,IAAAA,CAAAA;AAChB;AACF;AAEA;;MAGA,KAAK,MAAMK,KAAAA,IAASoD,QAAU,CAAA;AAC5B,QAAA,MAAM/C,2BAA4B,CAAA;AAAEC,YAAAA,EAAAA;AAAIZ,YAAAA,GAAAA;AAAKK,YAAAA,GAAAA,EAAKC,MAAMD;AAAI,SAAA,CAAA;AAC9D;AAEA;;;;;;;;;MAUA,MAAMsD,eAAkBC,GAAAA,2BAAAA,CAAsBrD,MAAQ,EAAA;QACpD,MAAMsD,sBAAAA,CAAAA,CAAuBC,CAAC,EAAEC,IAAI,EAAA;YAClC,OAAOA,IAAAA;AACT,SAAA;QACA,MAAMC,oBAAAA,CAAAA,CAAqBF,CAAC,EAAEC,IAAI,EAAA;;;;YAIhC,OAAOA,IAAAA;AACT;AACF,KAAA,CAAA;IAEA,KAAK,MAAMzD,SAASoD,QAAU,CAAA;QAC5B,MAAMO,YAAAA,GAAe,OAAOC,KAC1BP,GAAAA,eAAAA,CAAgBrD,MAAMD,GAAG,CAAA,CAAqB4D,YAAY,CAAC;AACzDE,gBAAAA,UAAAA,EAAYD,MAAMC,UAAU;AAC5BC,gBAAAA,MAAAA,EAAQF,MAAME;AAChB,aAAA,CAAA;QAEF,WAAW,MAAMrB,SAASX,iBAAkB,CAAA;AAAExB,YAAAA,EAAAA;AAAIZ,YAAAA,GAAAA;AAAKK,YAAAA,GAAAA,EAAKC,MAAMD;SAAQ,CAAA,CAAA;;;AAGxE,YAAA,MAAMgE,iBAAMzC,CAAAA,GAAG,CAACmB,KAAAA,EAAOkB,YAAc,EAAA;gBAAEK,WAAa,EAAA;AAAE,aAAA,CAAA;AACxD;AACF;AACF,CAAA;MAEaC,qBAAmC,GAAA;IAC9CC,IAAM,EAAA,4BAAA;IACN,MAAMC,EAAAA,CAAAA,CAAGzE,GAAG,EAAEY,EAAE,EAAA;AACd,QAAA,MAAM6C,UAAUzD,GAAKY,EAAAA,EAAAA,CAAAA;AACvB,KAAA;IACA,MAAM8D,IAAAA,CAAAA,GAAAA;AACJ,QAAA,MAAM,IAAIC,KAAM,CAAA,iBAAA,CAAA;AAClB;AACF;;;;;"}
+{"version":3,"file":"5.0.0-discard-drafts.js","sources":["../../../src/migrations/database/5.0.0-discard-drafts.ts"],"sourcesContent":["/**\n * This migration is responsible for creating the draft counterpart for all the entries that were in a published state.\n *\n * In v4, entries could either be in a draft or published state, but not both at the same time.\n * In v5, we introduced the concept of document, and an entry can be in a draft or published state.\n *\n * This means the migration needs to create the draft counterpart if an entry was published.\n *\n * This migration performs the following steps:\n * 1. Creates draft entries for all published entries, without it's components, dynamic zones or relations.\n * 2. Using the document service, discard those same drafts to copy its relations.\n */\n\n/* eslint-disable no-continue */\nimport type { UID } from '@strapi/types';\nimport type { Database, Migration } from '@strapi/database';\nimport { contentTypes } from '@strapi/utils';\n\ntype DocumentVersion = { documentId: string; locale: string };\ntype Knex = Parameters<Migration['up']>[0];\n\n/**\n * Check if the model has draft and publish enabled.\n */\nconst hasDraftAndPublish = async (trx: Knex, meta: any) => {\n  const hasTable = await trx.schema.hasTable(meta.tableName);\n\n  if (!hasTable) {\n    return false;\n  }\n\n  const uid = meta.uid as UID.ContentType;\n  const model = strapi.getModel(uid);\n  const hasDP = contentTypes.hasDraftAndPublish(model);\n  if (!hasDP) {\n    return false;\n  }\n\n  return true;\n};\n\n/**\n * Copy all the published entries to draft entries, without it's components, dynamic zones or relations.\n * This ensures all necessary draft's exist before copying it's relations.\n */\nasync function copyPublishedEntriesToDraft({\n  db,\n  trx,\n  uid,\n}: {\n  db: Database;\n  trx: Knex;\n  uid: string;\n}) {\n  // Extract all scalar attributes to use in the insert query\n  const meta = db.metadata.get(uid);\n\n  // Get scalar attributes that will be copied over the new draft\n  const scalarAttributes = Object.values(meta.attributes).reduce((acc, attribute: any) => {\n    if (['id'].includes(attribute.columnName)) {\n      return acc;\n    }\n\n    if (contentTypes.isScalarAttribute(attribute)) {\n      acc.push(attribute.columnName);\n    }\n\n    return acc;\n  }, [] as string[]);\n\n  /**\n   * Query to copy the published entries into draft entries.\n   *\n   * INSERT INTO tableName (columnName1, columnName2, columnName3, ...)\n   * SELECT columnName1, columnName2, columnName3, ...\n   * FROM tableName\n   */\n  await trx\n    // INSERT INTO tableName (columnName1, columnName2, columnName3, ...)\n    .into(\n      trx.raw(`?? (${scalarAttributes.map(() => `??`).join(', ')})`, [\n        meta.tableName,\n        ...scalarAttributes,\n      ])\n    )\n    .insert((subQb: typeof trx) => {\n      // SELECT columnName1, columnName2, columnName3, ...\n      subQb\n        .select(\n          ...scalarAttributes.map((att: string) => {\n            // Override 'publishedAt' and 'updatedAt' attributes\n            if (att === 'published_at') {\n              return trx.raw('NULL as ??', 'published_at');\n            }\n\n            return att;\n          })\n        )\n        .from(meta.tableName)\n        // Only select entries that were published\n        .whereNotNull('published_at');\n    });\n}\n\n/**\n * Copy relations from published entries to draft entries using direct database queries.\n * This replaces the need to call discardDraft for each entry.\n */\nasync function copyRelationsToDrafts({ db, trx, uid }: { db: Database; trx: Knex; uid: string }) {\n  const meta = db.metadata.get(uid);\n  if (!meta) return;\n\n  // Get all published entries for this content type\n  const publishedEntries = (await trx(meta.tableName)\n    .select(['id', 'documentId', 'locale'])\n    .whereNotNull('published_at')) as Array<{ id: number; documentId: string; locale: string }>;\n\n  // Get all draft entries for this content type\n  const draftEntries = (await trx(meta.tableName)\n    .select(['id', 'documentId', 'locale'])\n    .whereNull('published_at')) as Array<{ id: number; documentId: string; locale: string }>;\n\n  if (publishedEntries.length === 0 || draftEntries.length === 0) {\n    return;\n  }\n\n  // Create mapping from documentId to draft entry ID (only for drafts created by migration)\n  const draftByDocumentId = new Map();\n  for (const draft of draftEntries) {\n    if (draft.documentId) {\n      draftByDocumentId.set(draft.documentId, draft);\n    }\n  }\n\n  // Create mapping from published entry ID to draft entry ID\n  const publishedToDraftMap = new Map();\n  for (const published of publishedEntries) {\n    const draft = draftByDocumentId.get(published.documentId);\n    if (draft) {\n      publishedToDraftMap.set(published.id, draft.id);\n    }\n  }\n\n  if (publishedToDraftMap.size === 0) {\n    return;\n  }\n\n  // Copy relations for this content type\n  await copyRelationsForContentType({\n    trx,\n    uid,\n    publishedToDraftMap,\n    publishedEntries,\n  });\n\n  // Copy relations from other content types that target this content type\n  await copyRelationsFromOtherContentTypes({\n    trx,\n    uid,\n    publishedToDraftMap,\n    publishedEntries,\n  });\n}\n\n/**\n * Copy relations within the same content type (self-referential relations)\n */\nasync function copyRelationsForContentType({\n  trx,\n  uid,\n  publishedToDraftMap,\n}: {\n  trx: Knex;\n  uid: string;\n  publishedToDraftMap: Map<number, number>;\n  publishedEntries: Array<{ id: number; documentId: string; locale: string }>;\n}) {\n  const meta = strapi.db.metadata.get(uid);\n  if (!meta) return;\n\n  const publishedIds = Array.from(publishedToDraftMap.keys());\n\n  for (const attribute of Object.values(meta.attributes) as any) {\n    if (attribute.type !== 'relation' || attribute.target !== uid) {\n      continue;\n    }\n\n    const joinTable = attribute.joinTable;\n    if (!joinTable) {\n      continue;\n    }\n\n    const { name: sourceColumnName } = joinTable.joinColumn;\n    const { name: targetColumnName } = joinTable.inverseJoinColumn;\n\n    // Get all relations where the source is a published entry\n    const relations = await trx(joinTable.name).select('*').whereIn(sourceColumnName, publishedIds);\n\n    if (relations.length === 0) {\n      continue;\n    }\n\n    // Create new relations pointing to draft entries\n    const newRelations = relations\n      .map((relation) => {\n        const newSourceId = publishedToDraftMap.get(relation[sourceColumnName]);\n        const newTargetId = publishedToDraftMap.get(relation[targetColumnName]);\n\n        if (!newSourceId || !newTargetId) {\n          return null;\n        }\n\n        return {\n          ...relation,\n          [sourceColumnName]: newSourceId,\n          [targetColumnName]: newTargetId,\n        };\n      })\n      .filter(Boolean);\n\n    if (newRelations.length > 0) {\n      await trx.batchInsert(joinTable.name, newRelations, 1000);\n    }\n  }\n}\n\n/**\n * Copy relations from other content types that target this content type\n */\nasync function copyRelationsFromOtherContentTypes({\n  trx,\n  uid,\n  publishedToDraftMap,\n}: {\n  trx: Knex;\n  uid: string;\n  publishedToDraftMap: Map<number, number>;\n  publishedEntries: Array<{ id: number; documentId: string; locale: string }>;\n}) {\n  const targetIds = Array.from(publishedToDraftMap.keys());\n\n  // Iterate through all content types and components to find relations targeting our content type\n  const contentTypes = Object.values(strapi.contentTypes) as any[];\n  const components = Object.values(strapi.components) as any[];\n\n  for (const model of [...contentTypes, ...components]) {\n    const dbModel = strapi.db.metadata.get(model.uid);\n    if (!dbModel) continue;\n\n    for (const attribute of Object.values(dbModel.attributes) as any) {\n      if (attribute.type !== 'relation' || attribute.target !== uid) {\n        continue;\n      }\n\n      const joinTable = attribute.joinTable;\n      if (!joinTable) {\n        continue;\n      }\n\n      const { name: targetColumnName } = joinTable.inverseJoinColumn;\n\n      // Get all relations where the target is a published entry of our content type\n      const relations = await trx(joinTable.name).select('*').whereIn(targetColumnName, targetIds);\n\n      if (relations.length === 0) {\n        continue;\n      }\n\n      // Create new relations pointing to draft entries\n      const newRelations = relations\n        .map((relation) => {\n          const newTargetId = publishedToDraftMap.get(relation[targetColumnName]);\n\n          if (!newTargetId) {\n            return null;\n          }\n\n          return {\n            ...relation,\n            [targetColumnName]: newTargetId,\n          };\n        })\n        .filter(Boolean);\n\n      if (newRelations.length > 0) {\n        await trx.batchInsert(joinTable.name, newRelations, 1000);\n      }\n    }\n  }\n}\n\n/**\n * 2 pass migration to create the draft entries for all the published entries.\n * And then copy relations directly using database queries.\n */\nconst migrateUp = async (trx: Knex, db: Database) => {\n  const dpModels = [];\n  for (const meta of db.metadata.values()) {\n    const hasDP = await hasDraftAndPublish(trx, meta);\n    if (hasDP) {\n      dpModels.push(meta);\n    }\n  }\n\n  /**\n   * Create plain draft entries for all the entries that were published.\n   */\n  for (const model of dpModels) {\n    await copyPublishedEntriesToDraft({ db, trx, uid: model.uid });\n  }\n\n  /**\n   * Copy relations from published entries to draft entries using direct database queries.\n   * This is much more efficient than calling discardDraft for each entry.\n   */\n  for (const model of dpModels) {\n    await copyRelationsToDrafts({ db, trx, uid: model.uid });\n  }\n};\n\n/**\n * Load a batch of versions to discard.\n *\n * Versions with only a draft version will be ignored.\n * Only versions with a published version (which always have a draft version) will be discarded.\n */\nexport async function* getBatchToDiscard({\n  db,\n  trx,\n  uid,\n  defaultBatchSize = 1000,\n}: {\n  db: Database;\n  trx: Knex;\n  uid: string;\n  defaultBatchSize?: number;\n}) {\n  const client = db.config.connection.client;\n  const isSQLite =\n    typeof client === 'string' && ['sqlite', 'sqlite3', 'better-sqlite3'].includes(client);\n\n  // The SQLite documentation states that the maximum number of terms in a\n  // compound SELECT statement is 500 by default.\n  // See: https://www.sqlite.org/limits.html\n  // To ensure a successful migration, we limit the batch size to 500 for SQLite.\n  const batchSize = isSQLite ? Math.min(defaultBatchSize, 500) : defaultBatchSize;\n  let offset = 0;\n  let hasMore = true;\n\n  while (hasMore) {\n    // Look for the published entries to discard\n    const batch: DocumentVersion[] = await db\n      .queryBuilder(uid)\n      .select(['id', 'documentId', 'locale'])\n      .where({ publishedAt: { $ne: null } })\n      .limit(batchSize)\n      .offset(offset)\n      .orderBy('id')\n      .transacting(trx)\n      .execute();\n\n    if (batch.length < batchSize) {\n      hasMore = false;\n    }\n\n    offset += batchSize;\n    yield batch;\n  }\n}\n\nexport const discardDocumentDrafts: Migration = {\n  name: 'core::5.0.0-discard-drafts',\n  async up(trx, db) {\n    await migrateUp(trx, db);\n  },\n  async down() {\n    throw new Error('not implemented');\n  },\n};\n"],"names":["hasDraftAndPublish","trx","meta","hasTable","schema","tableName","uid","model","strapi","getModel","hasDP","contentTypes","copyPublishedEntriesToDraft","db","metadata","get","scalarAttributes","Object","values","attributes","reduce","acc","attribute","includes","columnName","isScalarAttribute","push","into","raw","map","join","insert","subQb","select","att","from","whereNotNull","copyRelationsToDrafts","publishedEntries","draftEntries","whereNull","length","draftByDocumentId","Map","draft","documentId","set","publishedToDraftMap","published","id","size","copyRelationsForContentType","copyRelationsFromOtherContentTypes","publishedIds","Array","keys","type","target","joinTable","name","sourceColumnName","joinColumn","targetColumnName","inverseJoinColumn","relations","whereIn","newRelations","relation","newSourceId","newTargetId","filter","Boolean","batchInsert","targetIds","components","dbModel","migrateUp","dpModels","getBatchToDiscard","defaultBatchSize","client","config","connection","isSQLite","batchSize","Math","min","offset","hasMore","batch","queryBuilder","where","publishedAt","$ne","limit","orderBy","transacting","execute","discardDocumentDrafts","up","down","Error"],"mappings":";;;;AAqBA;;IAGA,MAAMA,kBAAqB,GAAA,OAAOC,GAAWC,EAAAA,IAAAA,GAAAA;IAC3C,MAAMC,QAAAA,GAAW,MAAMF,GAAIG,CAAAA,MAAM,CAACD,QAAQ,CAACD,KAAKG,SAAS,CAAA;AAEzD,IAAA,IAAI,CAACF,QAAU,EAAA;QACb,OAAO,KAAA;AACT;IAEA,MAAMG,GAAAA,GAAMJ,KAAKI,GAAG;IACpB,MAAMC,KAAAA,GAAQC,MAAOC,CAAAA,QAAQ,CAACH,GAAAA,CAAAA;IAC9B,MAAMI,KAAAA,GAAQC,wBAAaX,CAAAA,kBAAkB,CAACO,KAAAA,CAAAA;AAC9C,IAAA,IAAI,CAACG,KAAO,EAAA;QACV,OAAO,KAAA;AACT;IAEA,OAAO,IAAA;AACT,CAAA;AAEA;;;IAIA,eAAeE,4BAA4B,EACzCC,EAAE,EACFZ,GAAG,EACHK,GAAG,EAKJ,EAAA;;AAEC,IAAA,MAAMJ,IAAOW,GAAAA,EAAAA,CAAGC,QAAQ,CAACC,GAAG,CAACT,GAAAA,CAAAA;;IAG7B,MAAMU,gBAAAA,GAAmBC,MAAOC,CAAAA,MAAM,CAAChB,IAAAA,CAAKiB,UAAU,CAAEC,CAAAA,MAAM,CAAC,CAACC,GAAKC,EAAAA,SAAAA,GAAAA;QACnE,IAAI;AAAC,YAAA;AAAK,SAAA,CAACC,QAAQ,CAACD,SAAUE,CAAAA,UAAU,CAAG,EAAA;YACzC,OAAOH,GAAAA;AACT;QAEA,IAAIV,wBAAAA,CAAac,iBAAiB,CAACH,SAAY,CAAA,EAAA;YAC7CD,GAAIK,CAAAA,IAAI,CAACJ,SAAAA,CAAUE,UAAU,CAAA;AAC/B;QAEA,OAAOH,GAAAA;AACT,KAAA,EAAG,EAAE,CAAA;AAEL;;;;;;MAOA,MAAMpB,GACJ;KACC0B,IAAI,CACH1B,IAAI2B,GAAG,CAAC,CAAC,IAAI,EAAEZ,iBAAiBa,GAAG,CAAC,IAAM,CAAC,EAAE,CAAC,CAAEC,CAAAA,IAAI,CAAC,IAAM,CAAA,CAAA,CAAC,CAAC,EAAE;AAC7D5B,QAAAA,IAAAA,CAAKG,SAAS;AACXW,QAAAA,GAAAA;KACJ,CAEFe,CAAAA,CAAAA,MAAM,CAAC,CAACC,KAAAA,GAAAA;;AAEPA,QAAAA,KAAAA,CACGC,MAAM,CAAA,GACFjB,gBAAiBa,CAAAA,GAAG,CAAC,CAACK,GAAAA,GAAAA;;AAEvB,YAAA,IAAIA,QAAQ,cAAgB,EAAA;gBAC1B,OAAOjC,GAAAA,CAAI2B,GAAG,CAAC,YAAc,EAAA,cAAA,CAAA;AAC/B;YAEA,OAAOM,GAAAA;AACT,SAAA,CAAA,CAAA,CAEDC,IAAI,CAACjC,IAAKG,CAAAA,SAAS,CACpB;AACC+B,SAAAA,YAAY,CAAC,cAAA,CAAA;AAClB,KAAA,CAAA;AACJ;AAEA;;;IAIA,eAAeC,sBAAsB,EAAExB,EAAE,EAAEZ,GAAG,EAAEK,GAAG,EAA4C,EAAA;AAC7F,IAAA,MAAMJ,IAAOW,GAAAA,EAAAA,CAAGC,QAAQ,CAACC,GAAG,CAACT,GAAAA,CAAAA;AAC7B,IAAA,IAAI,CAACJ,IAAM,EAAA;;AAGX,IAAA,MAAMoC,mBAAoB,MAAMrC,GAAAA,CAAIC,KAAKG,SAAS,CAAA,CAC/C4B,MAAM,CAAC;AAAC,QAAA,IAAA;AAAM,QAAA,YAAA;AAAc,QAAA;AAAS,KAAA,CAAA,CACrCG,YAAY,CAAC,cAAA,CAAA;;AAGhB,IAAA,MAAMG,eAAgB,MAAMtC,GAAAA,CAAIC,KAAKG,SAAS,CAAA,CAC3C4B,MAAM,CAAC;AAAC,QAAA,IAAA;AAAM,QAAA,YAAA;AAAc,QAAA;AAAS,KAAA,CAAA,CACrCO,SAAS,CAAC,cAAA,CAAA;AAEb,IAAA,IAAIF,iBAAiBG,MAAM,KAAK,KAAKF,YAAaE,CAAAA,MAAM,KAAK,CAAG,EAAA;AAC9D,QAAA;AACF;;AAGA,IAAA,MAAMC,oBAAoB,IAAIC,GAAAA,EAAAA;IAC9B,KAAK,MAAMC,SAASL,YAAc,CAAA;QAChC,IAAIK,KAAAA,CAAMC,UAAU,EAAE;AACpBH,YAAAA,iBAAAA,CAAkBI,GAAG,CAACF,KAAMC,CAAAA,UAAU,EAAED,KAAAA,CAAAA;AAC1C;AACF;;AAGA,IAAA,MAAMG,sBAAsB,IAAIJ,GAAAA,EAAAA;IAChC,KAAK,MAAMK,aAAaV,gBAAkB,CAAA;AACxC,QAAA,MAAMM,KAAQF,GAAAA,iBAAAA,CAAkB3B,GAAG,CAACiC,UAAUH,UAAU,CAAA;AACxD,QAAA,IAAID,KAAO,EAAA;AACTG,YAAAA,mBAAAA,CAAoBD,GAAG,CAACE,SAAAA,CAAUC,EAAE,EAAEL,MAAMK,EAAE,CAAA;AAChD;AACF;IAEA,IAAIF,mBAAAA,CAAoBG,IAAI,KAAK,CAAG,EAAA;AAClC,QAAA;AACF;;AAGA,IAAA,MAAMC,2BAA4B,CAAA;AAChClD,QAAAA,GAAAA;AACAK,QAAAA,GAAAA;AACAyC,QAAAA,mBAAAA;AACAT,QAAAA;AACF,KAAA,CAAA;;AAGA,IAAA,MAAMc,kCAAmC,CAAA;AACvCnD,QAAAA,GAAAA;AACAK,QAAAA,GAAAA;AACAyC,QAAAA,mBAAAA;AACAT,QAAAA;AACF,KAAA,CAAA;AACF;AAEA;;IAGA,eAAea,4BAA4B,EACzClD,GAAG,EACHK,GAAG,EACHyC,mBAAmB,EAMpB,EAAA;AACC,IAAA,MAAM7C,OAAOM,MAAOK,CAAAA,EAAE,CAACC,QAAQ,CAACC,GAAG,CAACT,GAAAA,CAAAA;AACpC,IAAA,IAAI,CAACJ,IAAM,EAAA;AAEX,IAAA,MAAMmD,YAAeC,GAAAA,KAAAA,CAAMnB,IAAI,CAACY,oBAAoBQ,IAAI,EAAA,CAAA;AAExD,IAAA,KAAK,MAAMjC,SAAaL,IAAAA,MAAAA,CAAOC,MAAM,CAAChB,IAAAA,CAAKiB,UAAU,CAAU,CAAA;AAC7D,QAAA,IAAIG,UAAUkC,IAAI,KAAK,cAAclC,SAAUmC,CAAAA,MAAM,KAAKnD,GAAK,EAAA;AAC7D,YAAA;AACF;QAEA,MAAMoD,SAAAA,GAAYpC,UAAUoC,SAAS;AACrC,QAAA,IAAI,CAACA,SAAW,EAAA;AACd,YAAA;AACF;AAEA,QAAA,MAAM,EAAEC,IAAMC,EAAAA,gBAAgB,EAAE,GAAGF,UAAUG,UAAU;AACvD,QAAA,MAAM,EAAEF,IAAMG,EAAAA,gBAAgB,EAAE,GAAGJ,UAAUK,iBAAiB;;QAG9D,MAAMC,SAAAA,GAAY,MAAM/D,GAAAA,CAAIyD,SAAUC,CAAAA,IAAI,CAAE1B,CAAAA,MAAM,CAAC,GAAA,CAAA,CAAKgC,OAAO,CAACL,gBAAkBP,EAAAA,YAAAA,CAAAA;QAElF,IAAIW,SAAAA,CAAUvB,MAAM,KAAK,CAAG,EAAA;AAC1B,YAAA;AACF;;AAGA,QAAA,MAAMyB,YAAeF,GAAAA,SAAAA,CAClBnC,GAAG,CAAC,CAACsC,QAAAA,GAAAA;AACJ,YAAA,MAAMC,cAAcrB,mBAAoBhC,CAAAA,GAAG,CAACoD,QAAQ,CAACP,gBAAiB,CAAA,CAAA;AACtE,YAAA,MAAMS,cAActB,mBAAoBhC,CAAAA,GAAG,CAACoD,QAAQ,CAACL,gBAAiB,CAAA,CAAA;YAEtE,IAAI,CAACM,WAAe,IAAA,CAACC,WAAa,EAAA;gBAChC,OAAO,IAAA;AACT;YAEA,OAAO;AACL,gBAAA,GAAGF,QAAQ;AACX,gBAAA,CAACP,mBAAmBQ,WAAAA;AACpB,gBAAA,CAACN,mBAAmBO;AACtB,aAAA;AACF,SAAA,CAAA,CACCC,MAAM,CAACC,OAAAA,CAAAA;QAEV,IAAIL,YAAAA,CAAazB,MAAM,GAAG,CAAG,EAAA;AAC3B,YAAA,MAAMxC,IAAIuE,WAAW,CAACd,SAAUC,CAAAA,IAAI,EAAEO,YAAc,EAAA,IAAA,CAAA;AACtD;AACF;AACF;AAEA;;IAGA,eAAed,mCAAmC,EAChDnD,GAAG,EACHK,GAAG,EACHyC,mBAAmB,EAMpB,EAAA;AACC,IAAA,MAAM0B,SAAYnB,GAAAA,KAAAA,CAAMnB,IAAI,CAACY,oBAAoBQ,IAAI,EAAA,CAAA;;AAGrD,IAAA,MAAM5C,YAAeM,GAAAA,MAAAA,CAAOC,MAAM,CAACV,OAAOG,YAAY,CAAA;AACtD,IAAA,MAAM+D,UAAazD,GAAAA,MAAAA,CAAOC,MAAM,CAACV,OAAOkE,UAAU,CAAA;AAElD,IAAA,KAAK,MAAMnE,KAAS,IAAA;AAAII,QAAAA,GAAAA,YAAAA;AAAiB+D,QAAAA,GAAAA;KAAW,CAAE;QACpD,MAAMC,OAAAA,GAAUnE,OAAOK,EAAE,CAACC,QAAQ,CAACC,GAAG,CAACR,KAAAA,CAAMD,GAAG,CAAA;AAChD,QAAA,IAAI,CAACqE,OAAS,EAAA;AAEd,QAAA,KAAK,MAAMrD,SAAaL,IAAAA,MAAAA,CAAOC,MAAM,CAACyD,OAAAA,CAAQxD,UAAU,CAAU,CAAA;AAChE,YAAA,IAAIG,UAAUkC,IAAI,KAAK,cAAclC,SAAUmC,CAAAA,MAAM,KAAKnD,GAAK,EAAA;AAC7D,gBAAA;AACF;YAEA,MAAMoD,SAAAA,GAAYpC,UAAUoC,SAAS;AACrC,YAAA,IAAI,CAACA,SAAW,EAAA;AACd,gBAAA;AACF;AAEA,YAAA,MAAM,EAAEC,IAAMG,EAAAA,gBAAgB,EAAE,GAAGJ,UAAUK,iBAAiB;;YAG9D,MAAMC,SAAAA,GAAY,MAAM/D,GAAAA,CAAIyD,SAAUC,CAAAA,IAAI,CAAE1B,CAAAA,MAAM,CAAC,GAAA,CAAA,CAAKgC,OAAO,CAACH,gBAAkBW,EAAAA,SAAAA,CAAAA;YAElF,IAAIT,SAAAA,CAAUvB,MAAM,KAAK,CAAG,EAAA;AAC1B,gBAAA;AACF;;AAGA,YAAA,MAAMyB,YAAeF,GAAAA,SAAAA,CAClBnC,GAAG,CAAC,CAACsC,QAAAA,GAAAA;AACJ,gBAAA,MAAME,cAActB,mBAAoBhC,CAAAA,GAAG,CAACoD,QAAQ,CAACL,gBAAiB,CAAA,CAAA;AAEtE,gBAAA,IAAI,CAACO,WAAa,EAAA;oBAChB,OAAO,IAAA;AACT;gBAEA,OAAO;AACL,oBAAA,GAAGF,QAAQ;AACX,oBAAA,CAACL,mBAAmBO;AACtB,iBAAA;AACF,aAAA,CAAA,CACCC,MAAM,CAACC,OAAAA,CAAAA;YAEV,IAAIL,YAAAA,CAAazB,MAAM,GAAG,CAAG,EAAA;AAC3B,gBAAA,MAAMxC,IAAIuE,WAAW,CAACd,SAAUC,CAAAA,IAAI,EAAEO,YAAc,EAAA,IAAA,CAAA;AACtD;AACF;AACF;AACF;AAEA;;;IAIA,MAAMU,SAAY,GAAA,OAAO3E,GAAWY,EAAAA,EAAAA,GAAAA;AAClC,IAAA,MAAMgE,WAAW,EAAE;AACnB,IAAA,KAAK,MAAM3E,IAAQW,IAAAA,EAAAA,CAAGC,QAAQ,CAACI,MAAM,EAAI,CAAA;QACvC,MAAMR,KAAAA,GAAQ,MAAMV,kBAAAA,CAAmBC,GAAKC,EAAAA,IAAAA,CAAAA;AAC5C,QAAA,IAAIQ,KAAO,EAAA;AACTmE,YAAAA,QAAAA,CAASnD,IAAI,CAACxB,IAAAA,CAAAA;AAChB;AACF;AAEA;;MAGA,KAAK,MAAMK,KAAAA,IAASsE,QAAU,CAAA;AAC5B,QAAA,MAAMjE,2BAA4B,CAAA;AAAEC,YAAAA,EAAAA;AAAIZ,YAAAA,GAAAA;AAAKK,YAAAA,GAAAA,EAAKC,MAAMD;AAAI,SAAA,CAAA;AAC9D;AAEA;;;MAIA,KAAK,MAAMC,KAAAA,IAASsE,QAAU,CAAA;AAC5B,QAAA,MAAMxC,qBAAsB,CAAA;AAAExB,YAAAA,EAAAA;AAAIZ,YAAAA,GAAAA;AAAKK,YAAAA,GAAAA,EAAKC,MAAMD;AAAI,SAAA,CAAA;AACxD;AACF,CAAA;AAEA;;;;;AAKC,IACM,gBAAgBwE,iBAAkB,CAAA,EACvCjE,EAAE,EACFZ,GAAG,EACHK,GAAG,EACHyE,gBAAmB,GAAA,IAAI,EAMxB,EAAA;AACC,IAAA,MAAMC,SAASnE,EAAGoE,CAAAA,MAAM,CAACC,UAAU,CAACF,MAAM;IAC1C,MAAMG,QAAAA,GACJ,OAAOH,MAAAA,KAAW,QAAY,IAAA;AAAC,QAAA,QAAA;AAAU,QAAA,SAAA;AAAW,QAAA;AAAiB,KAAA,CAACzD,QAAQ,CAACyD,MAAAA,CAAAA;;;;;AAMjF,IAAA,MAAMI,YAAYD,QAAWE,GAAAA,IAAAA,CAAKC,GAAG,CAACP,kBAAkB,GAAOA,CAAAA,GAAAA,gBAAAA;AAC/D,IAAA,IAAIQ,MAAS,GAAA,CAAA;AACb,IAAA,IAAIC,OAAU,GAAA,IAAA;AAEd,IAAA,MAAOA,OAAS,CAAA;;AAEd,QAAA,MAAMC,QAA2B,MAAM5E,EAAAA,CACpC6E,YAAY,CAACpF,GAAAA,CAAAA,CACb2B,MAAM,CAAC;AAAC,YAAA,IAAA;AAAM,YAAA,YAAA;AAAc,YAAA;AAAS,SAAA,CAAA,CACrC0D,KAAK,CAAC;YAAEC,WAAa,EAAA;gBAAEC,GAAK,EAAA;AAAK;AAAE,SAAA,CAAA,CACnCC,KAAK,CAACV,SACNG,CAAAA,CAAAA,MAAM,CAACA,MAAAA,CAAAA,CACPQ,OAAO,CAAC,IACRC,CAAAA,CAAAA,WAAW,CAAC/F,GAAAA,CAAAA,CACZgG,OAAO,EAAA;QAEV,IAAIR,KAAAA,CAAMhD,MAAM,GAAG2C,SAAW,EAAA;YAC5BI,OAAU,GAAA,KAAA;AACZ;QAEAD,MAAUH,IAAAA,SAAAA;QACV,MAAMK,KAAAA;AACR;AACF;MAEaS,qBAAmC,GAAA;IAC9CvC,IAAM,EAAA,4BAAA;IACN,MAAMwC,EAAAA,CAAAA,CAAGlG,GAAG,EAAEY,EAAE,EAAA;AACd,QAAA,MAAM+D,UAAU3E,GAAKY,EAAAA,EAAAA,CAAAA;AACvB,KAAA;IACA,MAAMuF,IAAAA,CAAAA,GAAAA;AACJ,QAAA,MAAM,IAAIC,KAAM,CAAA,iBAAA,CAAA;AAClB;AACF;;;;;"}