@sylphx/flow 0.2.12 → 1.0.0

package/dist/assets/rules/core.md

@@ -1,144 +0,0 @@
----
-name: Shared Agent Guidelines
-description: Universal principles and standards for all agents
----
-
-# SHARED GUIDELINES
-
-## Performance
-
-**Parallel Execution**: Multiple tool calls in ONE message = parallel. Multiple messages = sequential.
-
-Use parallel whenever tools are independent. Watch for dependencies and ordering requirements.
-
----
-
-## Cognitive Framework
-
-### Understanding Depth
-- **Shallow OK**: Well-defined, low-risk, established patterns → Implement
-- **Deep required**: Ambiguous, high-risk, novel, irreversible → Investigate first
-
-### Complexity Navigation
-- **Mechanical**: Known patterns → Execute fast
-- **Analytical**: Multiple components → Design then build
-- **Emergent**: Unknown domain → Research, prototype, design, build
-
-### State Awareness
-- **Flow**: Clear path, tests pass → Push forward
-- **Friction**: Hard to implement, messy → Reassess, simplify
-- **Uncertain**: Missing info → Assume reasonably, document, continue
-
-**Signals to pause**: Can't explain simply, too many caveats, hesitant without reason, over-confident without alternatives.
-
----
-
-## Principles
-
-### Programming
-- **Functional composition**: Pure functions, immutable data, explicit side effects
-- **Composition over inheritance**: Prefer function composition, mixins, dependency injection
-- **Declarative over imperative**: Express what you want, not how
-- **Event-driven when appropriate**: Decouple components through events/messages
-
-### Quality
-- **YAGNI**: Build what's needed now, not hypothetical futures
-- **KISS**: Choose simple solutions over complex ones
-- **DRY**: Extract duplication on 3rd occurrence. Balance with readability
-- **Separation of concerns**: Each module handles one responsibility
-- **Dependency inversion**: Depend on abstractions, not implementations
-
----
-
-## Technical Standards
-
-**Code Quality**: Self-documenting names, test critical paths (100%) and business logic (80%+), comments explain WHY not WHAT, make illegal states unrepresentable.
-
-**Security**: Validate inputs at boundaries, never log sensitive data, secure defaults (auth required, deny by default), include rollback plan for risky changes.
-
-**Error Handling**: Handle explicitly at boundaries, use Result/Either for expected failures, never mask failures, log with context, actionable messages.
-
-**Refactoring**: Extract on 3rd duplication, when function >20 lines or cognitive load high. When thinking "I'll clean later" → Clean NOW. When adding TODO → Implement NOW.
-
----
-
-## Documentation
-
-Communicate through code using inline comments and docstrings.
-
-Separate documentation files only when explicitly requested.
-
----
-
-## Anti-Patterns
-
-**Technical Debt Rationalization**: "I'll clean this later" → You won't. "Just one more TODO" → Compounds. "Tests slow me down" → Bugs slow more. Refactor AS you make it work, not after.
-
-**Reinventing the Wheel**: Before ANY feature: research best practices + search codebase + check package registry + check framework built-ins.
-
-Example:
-```typescript
-Don't: Custom Result type → Do: import { Result } from 'neverthrow'
-Don't: Custom validation → Do: import { z } from 'zod'
-```
-
-**Others**: Premature optimization, analysis paralysis, skipping tests, ignoring existing patterns, blocking on missing info, asking permission for obvious choices.
-
----
-
-## Version Control
-
-Feature branches `{type}/{description}`, semantic commits `<type>(<scope>): <description>`, atomic commits.
-
----
-
-## File Handling
-
-**Scratch work**: System temp directory (/tmp on Unix, %TEMP% on Windows)
-**Final deliverables**: Working directory or user-specified location
-
----
-
-## Autonomous Decisions
-
-**Never block. Always proceed with assumptions.**
-
-Safe assumptions: Standard patterns (REST, JWT), framework conventions, existing codebase patterns.
-
-**Document in code**:
-```javascript
-// ASSUMPTION: JWT auth (REST standard, matches existing APIs)
-// ALTERNATIVE: Session-based
-```
-
-**Decision hierarchy**: existing patterns > simplicity > maintainability
-
-Important decisions: Document in commit message or PR description.
-
----
-
-## High-Stakes Decisions
-
-Use structured reasoning only for high-stakes decisions. Most decisions: decide autonomously without explanation.
-
-**When to use**:
-- Decision difficult to reverse (schema changes, architecture choices)
-- Affects >3 major components
-- Security-critical
-- Long-term maintenance impact
-
-**Quick check**: Easy to reverse? → Decide autonomously. Clear best practice? → Follow it.
-
-### Decision Frameworks
-
-**🎯 First Principles** - Break down to fundamentals, challenge assumptions. *Novel problems without precedent.*
-
-**⚖️ Decision Matrix** - Score options against weighted criteria. *3+ options with multiple criteria.*
-
-**🔄 Trade-off Analysis** - Compare competing aspects. *Performance vs cost, speed vs quality.*
-
-### Process
-1. Recognize trigger
-2. Choose framework
-3. Analyze decision
-4. Document in commit message or PR description

package/dist/assets/slash-commands/commit.md

@@ -1,23 +0,0 @@
----
-description: Create a git commit with meaningful message
----
-
-# Create Git Commit
-
-## Context
-
-- Current git status: !`git status`
-- Current git diff (staged and unstaged changes): !`git diff HEAD`
-- Current branch: !`git branch --show-current`
-- Recent commits: !`git log --oneline -10`
-
-## Your Task
-
-Based on the above changes, create a single git commit with a meaningful commit message that:
-
-1. Follows conventional commits format: `type(scope): description`
-2. Accurately describes what changed and why
-3. Includes any breaking changes or important notes
-4. Uses present tense ("add" not "added")
-
-After creating the commit, show the commit message for review.

package/dist/assets/slash-commands/context.md

@@ -1,112 +0,0 @@
----
-description: Display current context window usage and token breakdown
----
-
-# Context Window Usage
-
-Display detailed information about the current context window usage, including token counts for different components.
-
-## Your Task
-
-Analyze and display the context window usage with the following sections:
-
-### 1. Model Information
-Show the current model being used and its token limits.
-
-### 2. Visual Token Usage Bar
-Create a visual bar chart (10 blocks wide) showing token usage breakdown using these Unicode characters:
-- ⛁ (filled) - Used tokens
-- ⛀ (half-filled) - Partially used blocks
-- ⛶ (empty) - Reserved/System tokens
-- ⛝ (light) - Free space/buffer
-
-### 3. Token Breakdown
-
-Calculate and display tokens for each category:
-
-#### System Prompt
-- Count tokens in the system prompt
-- Show: `⛁ System prompt: X.Xk tokens (X.X%)`
-
-#### System Tools
-- Count tokens for all built-in tool definitions (filesystem, shell, search, interaction tools)
-- Show: `⛁ System tools: X.Xk tokens (X.X%)`
-
-#### MCP Tools
-- Count tokens for all MCP tool definitions
-- List each MCP tool with its token count
-- Show: `⛁ MCP tools: X.Xk tokens (X.X%)`
-
-#### Custom Agents
-- Count tokens for custom agent definitions (if any)
-- List each agent with token count
-- Show: `⛁ Custom agents: X tokens (X.X%)`
-
-#### Messages
-- Count tokens in all messages in the current session
-- Show: `⛁ Messages: X tokens (X.X%)`
-
-#### Free Space
-- Calculate remaining available tokens
-- Show: `⛶ Free space: XXXk (XX.X%)`
-
-#### Autocompact Buffer
-- Calculate reserved buffer space (typically 22.5% of total)
-- Show: `⛝ Autocompact buffer: XX.Xk tokens (XX.X%)`
-
-### 4. Detailed Listings
-
-Show expandable sections with details:
-
-```
-MCP tools · /mcp
-└ mcp__tool_name (server-name): XXX tokens
-└ ...
-
-Custom agents · /agents
-└ agent-name (Project): XX tokens
-└ ...
-
-SlashCommand Tool · X commands
-└ Total: XXX tokens
-```
-
-## Display Format
-
-Use this exact format for the output:
-
-```
-Context Usage
-⛁ ⛁ ⛁ ⛁ ⛁ ⛁ ⛁ ⛀ ⛁ ⛁   model-name · XXk/XXXk tokens (XX%)
-⛀ ⛀ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶
-⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶   ⛁ System prompt: X.Xk tokens (X.X%)
-⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶   ⛁ System tools: XX.Xk tokens (X.X%)
-⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶   ⛁ MCP tools: X.Xk tokens (X.X%)
-⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶   ⛁ Custom agents: XX tokens (X.X%)
-⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶   ⛁ Messages: XXX tokens (X.X%)
-⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛶ ⛝ ⛝ ⛝   ⛶ Free space: XXXk (XX.X%)
-⛝ ⛝ ⛝ ⛝ ⛝ ⛝ ⛝ ⛝ ⛝ ⛝   ⛝ Autocompact buffer: XX.Xk tokens (XX.X%)
-⛝ ⛝ ⛝ ⛝ ⛝ ⛝ ⛝ ⛝ ⛝ ⛝
-
-MCP tools · /mcp
-└ tool_name (server-name): XXX tokens
-└ ...
-
-Custom agents · /agents
-└ agent-name (Project): XX tokens
-└ ...
-
-SlashCommand Tool · X commands
-└ Total: XXX tokens
-```
-
-## Implementation Notes
-
-1. Use the `countTokens()` utility from `src/utils/token-counter.ts` with the current session model name
-2. Get current session from app store to access model name and messages
-3. Get system prompt from `src/core/ai-sdk.ts` (SYSTEM_PROMPT constant)
-4. Get tool definitions from `src/tools/registry.ts` (getAISDKTools())
-5. Calculate percentages based on the model's max token limit (e.g., 200k for Claude Sonnet 4.5)
-6. Round token counts appropriately (show decimals for k, no decimals for raw numbers)
-7. Ensure the bar chart accurately represents the proportions
-8. Use proper indentation and alignment for readability

package/dist/assets/slash-commands/explain.md

@@ -1,35 +0,0 @@
----
-description: Explain code in detail
----
-
-# Explain Code
-
-## Context
-
-$ARGUMENTS
-
-## Your Task
-
-Provide a comprehensive explanation of the code above (or at the specified location) that includes:
-
-1. **Overview**
-   - What does this code do?
-   - What problem does it solve?
-
-2. **How It Works**
-   - Step-by-step breakdown of the logic
-   - Key algorithms or patterns used
-   - Important design decisions
-
-3. **Components**
-   - Main functions/classes/modules
-   - Their roles and responsibilities
-   - How they interact
-
-4. **Important Details**
-   - Edge cases handled
-   - Performance considerations
-   - Security implications
-   - Dependencies and requirements
-
-Use clear language and provide examples where helpful.

package/dist/assets/slash-commands/mep.md

@@ -1,63 +0,0 @@
----
-description: Convert verbose prompt to MEP (Minimal Effective Prompt)
----
-
-# MEP - Minimal Effective Prompt
-
-## Context
-
-User's original prompt:
-```
-$ARGUMENTS
-```
-
-## Your Task
-
-Analyze the user's prompt above and refactor it into a **Minimal Effective Prompt (MEP)** that:
-
-### Remove Unnecessary Context
-❌ Remove information that AI already knows:
-- Current date/time (AI has access via hooks)
-- System information (platform, CPU, memory - provided automatically)
-- Project structure (AI can search codebase)
-- Tech stack (AI can detect from package.json and code)
-- File locations (AI can search)
-- Existing code patterns (AI can search codebase)
-
-### Keep Essential Information
-✅ Keep only what AI cannot infer:
-- Specific business requirements
-- User preferences or constraints
-- Domain-specific knowledge
-- Desired outcome or behavior
-- Acceptance criteria
-
-### Apply MEP Principles
-
-1. **Be Specific About What, Not How**
-   - ❌ "Create a React component with useState hook, useEffect for data fetching, proper error handling..."
-   - ✅ "Add user profile page with real-time data"
-
-2. **Trust AI's Knowledge**
-   - ❌ "Using TypeScript with proper types, following our code style..."
-   - ✅ "Add user authentication" (AI will use TypeScript, follow existing patterns)
-
-3. **Focus on Intent**
-   - ❌ "I need a function that takes an array and returns unique values using Set..."
-   - ✅ "Remove duplicate items from the list"
-
-4. **Remove Redundancy**
-   - ❌ "Add comprehensive error handling with try-catch blocks and proper error messages..."
-   - ✅ "Add error handling" (comprehensive is default)
-
-### Output Format
-
-Provide the refactored MEP prompt as a single, concise statement (1-3 sentences max) that captures the essence of the user's intent.
-
-**Original:** [quote the original]
-
-**MEP Version:** [your refactored minimal prompt]
-
-**Removed Context:** [list what was removed and why - explain that AI already has this info]
-
-**Preserved Intent:** [confirm the core requirement is maintained]

package/dist/assets/slash-commands/review.md

@@ -1,39 +0,0 @@
----
-description: Review code for quality, security, and best practices
----
-
-# Code Review
-
-## Context
-
-$ARGUMENTS
-
-## Your Task
-
-Review the code above (or at the specified location) and provide feedback on:
-
-1. **Code Quality**
-   - Readability and maintainability
-   - Code organization and structure
-   - Naming conventions
-   - Comments and documentation
-
-2. **Security**
-   - Potential vulnerabilities
-   - Input validation
-   - Authentication/authorization issues
-   - Data exposure risks
-
-3. **Performance**
-   - Algorithmic efficiency
-   - Resource usage
-   - Potential bottlenecks
-   - Scalability concerns
-
-4. **Best Practices**
-   - Language-specific idioms
-   - Design patterns
-   - Error handling
-   - Testing coverage
-
-Provide specific, actionable suggestions for improvement.

package/dist/assets/slash-commands/test.md

@@ -1,30 +0,0 @@
----
-description: Write comprehensive tests for code
----
-
-# Write Tests
-
-## Context
-
-$ARGUMENTS
-
-## Your Task
-
-Write comprehensive tests for the code above (or at the specified location) that include:
-
-1. **Unit Tests**
-   - Test individual functions/methods
-   - Cover edge cases and boundary conditions
-   - Test error handling
-
-2. **Integration Tests** (if applicable)
-   - Test component interactions
-   - Test with realistic data
-
-3. **Test Coverage**
-   - Aim for high coverage of critical paths
-   - Include positive and negative test cases
-   - Test validation and error conditions
-
-Use the project's existing testing framework and follow its conventions.
-Ensure tests are readable, maintainable, and properly documented.

package/dist/chunk-01gv4qey.js

@@ -1,4 +0,0 @@
-import{Sb as $}from"./chunk-4vrj3f8r.js";import M from"node:fs";import Z from"node:path";import{fileURLToPath as b}from"node:url";import{execFile as U}from"node:child_process";import Y from"node:path";import{promisify as I}from"node:util";var _=I(U),C={projectName:$.string().min(1,"Project name is required").max(100,"Project name too long").regex(/^[a-zA-Z0-9_-]+$/,"Project name can only contain letters, numbers, hyphens, and underscores").refine((G)=>!/^\.+$/.test(G),"Project name cannot be only dots").refine((G)=>!/[<>:"|?*]/.test(G),"Project name contains invalid characters"),branchName:$.string().min(1,"Branch name is required").max(255,"Branch name too long").regex(/^[a-zA-Z0-9/_-]+$/,"Branch name can only contain letters, numbers, slashes, hyphens, and underscores").refine((G)=>!G.includes(".."),'Branch name cannot contain ".."').refine((G)=>!/^[/\\]/.test(G),"Branch name cannot start with path separators").refine((G)=>!/[<>:"|?*$]/.test(G),"Branch name contains invalid characters"),filePath:$.string().min(1,"File path is required").max(1000,"File path too long").refine((G)=>!G.includes(".."),'File path cannot contain ".." for path traversal protection').refine((G)=>!/^[<>:"|?*]/.test(G),"File path contains invalid characters"),commandArg:$.string().max(1000,"Command argument too long").refine((G)=>!/[<>|;&$`'"\\]/.test(G),"Command argument contains potentially dangerous characters"),envVarName:$.string().regex(/^[A-Z_][A-Z0-9_]*$/,"Invalid environment variable name format").max(100,"Environment variable name too long"),url:$.string().url("Invalid URL format").refine((G)=>G.startsWith("https://")||G.startsWith("http://localhost"),"URL must be HTTPS or localhost").refine((G)=>!G.includes("javascript:"),"URL cannot contain javascript protocol"),apiKey:$.string().min(10,"API key too short").max(500,"API key too long").regex(/^[a-zA-Z0-9._-]+$/,"Invalid API key format")},F={validatePath:(G,K)=>{let H=C.filePath.parse(G),Q=Y.normalize(H);if(Q.includes(".."))throw Error("Path traversal detected in file path");if(K){let W=Y.resolve(K,Q),X=Y.resolve(K);if(!W.startsWith(X))throw Error("File path escapes allowed base directory");return W}return Q},isPathSafe:(G,K)=>{try{let H=Y.resolve(G),Q=Y.resolve(K);return H.startsWith(Q)}catch{return!1}},safeJoin:(G,...K)=>{let H=Y.join(G,...K),Q=Y.normalize(H),W=Y.resolve(G),X=Y.resolve(Q);if(!X.startsWith(W))throw Error("Path traversal attempt detected in safeJoin");return X}};var B={string:(G,K=1000)=>{if(typeof G!=="string")throw Error("Input must be a string");return G.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g,"").substring(0,K)},logMessage:(G)=>{return G.replace(/[\r\n]/g," ").replace(/\t/g," ").substring(0,500)},fileName:(G)=>{return G.replace(/[^a-zA-Z0-9._-]/g,"_").replace(/_{2,}/g,"_").replace(/^_|_$/g,"").toLowerCase()},yamlContent:(G)=>{return G.replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g,"").replace(/<!\[CDATA\[.*?\]\]>/gs,"").replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi,"")}},k={validateEnvVar:(G,K)=>{let H=C.envVarName.parse(G);if(K===void 0)throw Error(`Environment variable ${H} is required but not set`);if(H.includes("URL")||H.includes("BASE_URL"))C.url.parse(K);else if(H.includes("KEY")||H.includes("SECRET")){if(K.length<10)throw Error(`API key ${H} is too short`)}return{name:H,value:K}},getEnvVar:(G,K)=>{try{let H=process.env[G];if(H===void 0){if(K!==void 0)return K;throw Error(`Environment variable ${G} is not set`)}return k.validateEnvVar(G,H).value}catch(H){return console.warn(`Environment variable validation failed for ${G}:`,H),K}},validateEnvVars:(G)=>{let K={};for(let[H,Q]of Object.entries(G)){let W=process.env[H];if(W===void 0){if(Q.required)throw Error(`Required environment variable ${H} is not set`);continue}try{if(Q.schema)K[H]=Q.schema.parse(W);else{let X=k.validateEnvVar(H,W);K[H]=X.value}}catch(X){throw Error(`Environment variable ${H} validation failed: ${X}`)}}return K}};function L(G){let K=b(import.meta.url),H=Z.dirname(K);for(let W=0;W<10;W++){let X=Z.join(H,"package.json");if(M.existsSync(X))return H;let J=Z.dirname(H);if(J===H)break;H=J}let Q=G?`Cannot find package.json - ${G} location unknown`:"Cannot find package.json";throw Error(Q)}var j=Z.join(L(),"assets");function w(){return Z.join(j,"agents")}function q(){return Z.join(j,"rules")}function O(){return Z.join(j,"knowledge")}function P(){return Z.join(j,"output-styles")}function y(){return Z.join(j,"slash-commands")}function S(G){if(!G||typeof G!=="string")throw Error("Filename must be a non-empty string");if(G.includes("..")||G.includes("/")||G.includes("\\"))throw Error(`Invalid filename: ${G}. Path traversal not allowed.`);if(!/^[a-zA-Z0-9._-]+$/.test(G))throw Error(`Filename contains invalid characters: ${G}`);let K=q(),H=F.safeJoin(K,G);if(!M.existsSync(H))throw Error(`Rule file not found: ${G} (looked in ${K})`);return H}
-export{C as na,F as oa,B as pa,k as qa,L as ra,w as sa,q as ta,O as ua,P as va,y as wa,S as xa};
-
-//# debugId=B36B269C3826F9AF64756E2164756E21

package/dist/chunk-01gv4qey.js.map

@@ -1,11 +0,0 @@
-{
-  "version": 3,
-  "sources": ["../src/utils/paths.ts", "../src/utils/security.ts"],
-  "sourcesContent": [
-    "/**\n * Centralized path resolution for all static assets\n *\n * Structure:\n *   assets/ (at project root) - single source of truth\n *\n * Path resolution:\n * - Development: src/utils/paths.ts reads ../assets\n * - Production: dist/xxx.js reads ../assets\n * - No copying needed, both read same location\n */\n\nimport fs from 'node:fs';\nimport path from 'node:path';\nimport { fileURLToPath } from 'node:url';\nimport { pathSecurity } from './security.js';\n\n/**\n * Find package root by walking up directory tree\n * Pure function - finds package.json location\n *\n * @param context - Optional context for error message (e.g., 'assets', 'migrations')\n * @returns Absolute path to package root directory\n * @throws Error if package.json cannot be found within 10 levels\n *\n * @example\n * const root = findPackageRoot(); // 'Cannot find package.json'\n * const root = findPackageRoot('drizzle migrations'); // 'Cannot find package.json - drizzle migrations location unknown'\n */\nexport function findPackageRoot(context?: string): string {\n  const __filename = fileURLToPath(import.meta.url);\n  let currentDir = path.dirname(__filename);\n\n  // Walk up max 10 levels to find package.json\n  for (let i = 0; i < 10; i++) {\n    const packageJsonPath = path.join(currentDir, 'package.json');\n    if (fs.existsSync(packageJsonPath)) {\n      return currentDir;\n    }\n\n    const parentDir = path.dirname(currentDir);\n    if (parentDir === currentDir) break; // reached filesystem root\n    currentDir = parentDir;\n  }\n\n  const errorMsg = context\n    ? `Cannot find package.json - ${context} location unknown`\n    : 'Cannot find package.json';\n  throw new Error(errorMsg);\n}\n\nconst ASSETS_ROOT = path.join(findPackageRoot(), 'assets');\n\n/**\n * Get path to agents directory\n */\nexport function getAgentsDir(): string {\n  return path.join(ASSETS_ROOT, 'agents');\n}\n\n/**\n * Get path to templates directory\n */\nexport function getTemplatesDir(): string {\n  return path.join(ASSETS_ROOT, 'templates');\n}\n\n/**\n * Get path to rules directory\n */\nexport function getRulesDir(): string {\n  return path.join(ASSETS_ROOT, 'rules');\n}\n\n/**\n * Get path to knowledge directory\n */\nexport function getKnowledgeDir(): string {\n  return path.join(ASSETS_ROOT, 'knowledge');\n}\n\n/**\n * Get path to output styles directory\n */\nexport function getOutputStylesDir(): string {\n  return path.join(ASSETS_ROOT, 'output-styles');\n}\n\n/**\n * Get path to slash commands directory\n */\nexport function getSlashCommandsDir(): string {\n  return path.join(ASSETS_ROOT, 'slash-commands');\n}\n\n/**\n * Get path to a specific rule file with path traversal protection\n */\nexport function getRuleFile(filename: string): string {\n  // Validate filename to prevent path traversal\n  if (!filename || typeof filename !== 'string') {\n    throw new Error('Filename must be a non-empty string');\n  }\n\n  // Check for path traversal attempts\n  if (filename.includes('..') || filename.includes('/') || filename.includes('\\\\')) {\n    throw new Error(`Invalid filename: ${filename}. Path traversal not allowed.`);\n  }\n\n  // Validate filename contains only safe characters\n  if (!/^[a-zA-Z0-9._-]+$/.test(filename)) {\n    throw new Error(`Filename contains invalid characters: ${filename}`);\n  }\n\n  // Safely join paths\n  const rulesDir = getRulesDir();\n  const filePath = pathSecurity.safeJoin(rulesDir, filename);\n\n  if (!fs.existsSync(filePath)) {\n    throw new Error(`Rule file not found: ${filename} (looked in ${rulesDir})`);\n  }\n\n  return filePath;\n}\n\n/**\n * Debug info - shows where assets are resolved from\n */\nexport function getPathsInfo() {\n  return {\n    assetsRoot: ASSETS_ROOT,\n    agents: getAgentsDir(),\n    templates: getTemplatesDir(),\n    rules: getRulesDir(),\n    outputStyles: getOutputStylesDir(),\n    slashCommands: getSlashCommandsDir(),\n  };\n}\n",
-    "/**\n * Security utilities for input validation, sanitization, and safe operations\n * Implements defense-in-depth security principles\n */\n\nimport { execFile } from 'node:child_process';\nimport crypto from 'node:crypto';\nimport path from 'node:path';\nimport { promisify } from 'node:util';\nimport { z } from 'zod';\n\nconst execFileAsync = promisify(execFile);\n\n// ============================================================================\n// INPUT VALIDATION SCHEMAS\n// ============================================================================\n\n/**\n * Security-focused validation schemas\n */\nexport const securitySchemas = {\n  /** Project name validation - prevents command injection and path traversal */\n  projectName: z\n    .string()\n    .min(1, 'Project name is required')\n    .max(100, 'Project name too long')\n    .regex(\n      /^[a-zA-Z0-9_-]+$/,\n      'Project name can only contain letters, numbers, hyphens, and underscores'\n    )\n    .refine((name) => !/^\\.+$/.test(name), 'Project name cannot be only dots')\n    .refine((name) => !/[<>:\"|?*]/.test(name), 'Project name contains invalid characters'),\n\n  /** Branch name validation - prevents command injection */\n  branchName: z\n    .string()\n    .min(1, 'Branch name is required')\n    .max(255, 'Branch name too long')\n    .regex(\n      /^[a-zA-Z0-9/_-]+$/,\n      'Branch name can only contain letters, numbers, slashes, hyphens, and underscores'\n    )\n    .refine((name) => !name.includes('..'), 'Branch name cannot contain \"..\"')\n    .refine((name) => !/^[/\\\\]/.test(name), 'Branch name cannot start with path separators')\n    .refine((name) => !/[<>:\"|?*$]/.test(name), 'Branch name contains invalid characters'),\n\n  /** File path validation - prevents path traversal */\n  filePath: z\n    .string()\n    .min(1, 'File path is required')\n    .max(1000, 'File path too long')\n    .refine(\n      (filePath) => !filePath.includes('..'),\n      'File path cannot contain \"..\" for path traversal protection'\n    )\n    .refine((filePath) => !/^[<>:\"|?*]/.test(filePath), 'File path contains invalid characters'),\n\n  /** Command argument validation - prevents command injection */\n  commandArg: z\n    .string()\n    .max(1000, 'Command argument too long')\n    .refine(\n      (arg) => !/[<>|;&$`'\"\\\\]/.test(arg),\n      'Command argument contains potentially dangerous characters'\n    ),\n\n  /** Environment variable validation */\n  envVarName: z\n    .string()\n    .regex(/^[A-Z_][A-Z0-9_]*$/, 'Invalid environment variable name format')\n    .max(100, 'Environment variable name too long'),\n\n  /** URL validation for API endpoints */\n  url: z\n    .string()\n    .url('Invalid URL format')\n    .refine(\n      (url) => url.startsWith('https://') || url.startsWith('http://localhost'),\n      'URL must be HTTPS or localhost'\n    )\n    .refine((url) => !url.includes('javascript:'), 'URL cannot contain javascript protocol'),\n\n  /** API key validation */\n  apiKey: z\n    .string()\n    .min(10, 'API key too short')\n    .max(500, 'API key too long')\n    .regex(/^[a-zA-Z0-9._-]+$/, 'Invalid API key format'),\n};\n\n// ============================================================================\n// PATH SECURITY UTILITIES\n// ============================================================================\n\n/**\n * Secure path utilities to prevent path traversal attacks\n */\nexport const pathSecurity = {\n  /**\n   * Validates and sanitizes a file path to prevent path traversal\n   */\n  validatePath: (inputPath: string, allowedBase?: string): string => {\n    const validated = securitySchemas.filePath.parse(inputPath);\n\n    // Normalize the path\n    const normalizedPath = path.normalize(validated);\n\n    // Check for path traversal attempts\n    if (normalizedPath.includes('..')) {\n      throw new Error('Path traversal detected in file path');\n    }\n\n    // If base path is provided, ensure the resolved path is within bounds\n    if (allowedBase) {\n      const resolvedPath = path.resolve(allowedBase, normalizedPath);\n      const resolvedBase = path.resolve(allowedBase);\n\n      if (!resolvedPath.startsWith(resolvedBase)) {\n        throw new Error('File path escapes allowed base directory');\n      }\n\n      return resolvedPath;\n    }\n\n    return normalizedPath;\n  },\n\n  /**\n   * Checks if a path is within allowed boundaries\n   */\n  isPathSafe: (targetPath: string, allowedBase: string): boolean => {\n    try {\n      const resolvedTarget = path.resolve(targetPath);\n      const resolvedBase = path.resolve(allowedBase);\n      return resolvedTarget.startsWith(resolvedBase);\n    } catch {\n      return false;\n    }\n  },\n\n  /**\n   * Creates a safe file path within a base directory\n   */\n  safeJoin: (basePath: string, ...paths: string[]): string => {\n    const result = path.join(basePath, ...paths);\n\n    // Normalize and verify it stays within base\n    const normalized = path.normalize(result);\n    const resolvedBase = path.resolve(basePath);\n    const resolvedResult = path.resolve(normalized);\n\n    if (!resolvedResult.startsWith(resolvedBase)) {\n      throw new Error('Path traversal attempt detected in safeJoin');\n    }\n\n    return resolvedResult;\n  },\n};\n\n// ============================================================================\n// COMMAND EXECUTION SECURITY\n// ============================================================================\n\n/**\n * Secure command execution utilities to prevent command injection\n */\nexport const commandSecurity = {\n  /**\n   * Safely executes a command with arguments, preventing command injection\n   */\n  async safeExecFile(\n    command: string,\n    args: string[],\n    options: {\n      cwd?: string;\n      timeout?: number;\n      maxBuffer?: number;\n      env?: Record<string, string>;\n    } = {}\n  ): Promise<{ stdout: string; stderr: string }> {\n    // Validate command\n    if (!/^[a-zA-Z0-9._-]+$/.test(command)) {\n      throw new Error(`Invalid command: ${command}`);\n    }\n\n    // Validate arguments\n    const validatedArgs = args.map((arg) => {\n      try {\n        return securitySchemas.commandArg.parse(arg);\n      } catch (_error) {\n        throw new Error(`Invalid command argument: ${arg}`);\n      }\n    });\n\n    // Set secure defaults\n    const secureOptions = {\n      timeout: options.timeout || 30000, // 30 seconds default\n      maxBuffer: options.maxBuffer || 1024 * 1024, // 1MB default\n      env: { ...process.env, ...options.env },\n      cwd: options.cwd || process.cwd(),\n      shell: false, // Never use shell to prevent injection\n      encoding: 'utf8' as const,\n    };\n\n    // Validate working directory\n    if (secureOptions.cwd) {\n      pathSecurity.validatePath(secureOptions.cwd);\n    }\n\n    try {\n      return await execFileAsync(command, validatedArgs, secureOptions);\n    } catch (error: any) {\n      // Sanitize error message to prevent information disclosure\n      const sanitizedError = new Error(`Command execution failed: ${command}`);\n      sanitizedError.code = error.code;\n      sanitizedError.signal = error.signal;\n      throw sanitizedError;\n    }\n  },\n\n  /**\n   * Validates that a command argument is safe for execution\n   */\n  validateCommandArgs: (args: string[]): string[] => {\n    return args.map((arg) => {\n      const validated = securitySchemas.commandArg.parse(arg);\n\n      // Additional checks for common injection patterns\n      const dangerousPatterns = [\n        /[;&|`'\"\\\\$()]/,\n        /\\.\\./,\n        /\\/etc\\//,\n        /\\/proc\\//,\n        /windows\\\\system32/i,\n      ];\n\n      for (const pattern of dangerousPatterns) {\n        if (pattern.test(validated)) {\n          throw new Error(`Dangerous pattern detected in command argument: ${arg}`);\n        }\n      }\n\n      return validated;\n    });\n  },\n};\n\n// ============================================================================\n// INPUT SANITIZATION UTILITIES\n// ============================================================================\n\n/**\n * Input sanitization utilities\n */\nexport const sanitize = {\n  /**\n   * Sanitizes a string for safe display\n   */\n  string: (input: string, maxLength = 1000): string => {\n    if (typeof input !== 'string') {\n      throw new Error('Input must be a string');\n    }\n\n    // Remove null bytes and control characters except newlines and tabs\n    const sanitized = input\n      .replace(/[\\x00-\\x08\\x0B\\x0C\\x0E-\\x1F\\x7F]/g, '')\n      .substring(0, maxLength);\n\n    return sanitized;\n  },\n\n  /**\n   * Sanitizes text for log messages (prevents log injection)\n   */\n  logMessage: (input: string): string => {\n    return input\n      .replace(/[\\r\\n]/g, ' ') // Remove line breaks\n      .replace(/\\t/g, ' ') // Replace tabs with spaces\n      .substring(0, 500); // Limit length\n  },\n\n  /**\n   * Sanitizes user input for file names\n   */\n  fileName: (input: string): string => {\n    return input\n      .replace(/[^a-zA-Z0-9._-]/g, '_') // Replace invalid chars with underscores\n      .replace(/_{2,}/g, '_') // Replace multiple underscores\n      .replace(/^_|_$/g, '') // Remove leading/trailing underscores\n      .toLowerCase();\n  },\n\n  /**\n   * Sanitizes content for YAML front matter\n   */\n  yamlContent: (input: string): string => {\n    // Basic YAML sanitization - remove potentially dangerous content\n    return input\n      .replace(/[\\x00-\\x08\\x0B\\x0C\\x0E-\\x1F\\x7F]/g, '')\n      .replace(/<!\\[CDATA\\[.*?\\]\\]>/gs, '') // Remove CDATA sections\n      .replace(/<script\\b[^<]*(?:(?!<\\/script>)<[^<]*)*<\\/script>/gi, ''); // Remove scripts\n  },\n};\n\n// ============================================================================\n// ENVIRONMENT VARIABLE SECURITY\n// ============================================================================\n\n/**\n * Environment variable validation utilities\n */\nexport const envSecurity = {\n  /**\n   * Validates an environment variable name and value\n   */\n  validateEnvVar: (name: string, value?: string): { name: string; value: string } => {\n    const validatedName = securitySchemas.envVarName.parse(name);\n\n    if (value === undefined) {\n      throw new Error(`Environment variable ${validatedName} is required but not set`);\n    }\n\n    // Validate based on variable type\n    if (validatedName.includes('URL') || validatedName.includes('BASE_URL')) {\n      securitySchemas.url.parse(value);\n    } else if (validatedName.includes('KEY') || validatedName.includes('SECRET')) {\n      // For keys, check minimum length and allowed characters\n      if (value.length < 10) {\n        throw new Error(`API key ${validatedName} is too short`);\n      }\n    }\n\n    return { name: validatedName, value };\n  },\n\n  /**\n   * Safely gets an environment variable with validation\n   */\n  getEnvVar: (name: string, defaultValue?: string): string | undefined => {\n    try {\n      const value = process.env[name];\n      if (value === undefined) {\n        if (defaultValue !== undefined) {\n          return defaultValue;\n        }\n        throw new Error(`Environment variable ${name} is not set`);\n      }\n\n      const validated = envSecurity.validateEnvVar(name, value);\n      return validated.value;\n    } catch (error) {\n      console.warn(`Environment variable validation failed for ${name}:`, error);\n      return defaultValue;\n    }\n  },\n\n  /**\n   * Validates multiple environment variables\n   */\n  validateEnvVars: (\n    vars: Record<string, { required?: boolean; schema?: z.ZodSchema }>\n  ): Record<string, string> => {\n    const result: Record<string, string> = {};\n\n    for (const [name, config] of Object.entries(vars)) {\n      const value = process.env[name];\n\n      if (value === undefined) {\n        if (config.required) {\n          throw new Error(`Required environment variable ${name} is not set`);\n        }\n        continue;\n      }\n\n      try {\n        // Use custom schema if provided, otherwise use default validation\n        if (config.schema) {\n          result[name] = config.schema.parse(value);\n        } else {\n          const validated = envSecurity.validateEnvVar(name, value);\n          result[name] = validated.value;\n        }\n      } catch (error) {\n        throw new Error(`Environment variable ${name} validation failed: ${error}`);\n      }\n    }\n\n    return result;\n  },\n};\n\n// ============================================================================\n// CRYPTOGRAPHIC UTILITIES\n// ============================================================================\n\n/**\n * Cryptographic utilities for security\n */\nexport const cryptoUtils = {\n  /**\n   * Generates a secure random string\n   */\n  generateSecureRandom: (length = 32): string => {\n    return crypto.randomBytes(length).toString('hex');\n  },\n\n  /**\n   * Generates a cryptographically secure random ID\n   */\n  generateSecureId: (): string => {\n    const timestamp = Date.now().toString(36);\n    const random = crypto.randomBytes(16).toString('hex');\n    return `${timestamp}-${random}`;\n  },\n\n  /**\n   * Creates a secure hash of data\n   */\n  hash: (data: string): string => {\n    return crypto.createHash('sha256').update(data).digest('hex');\n  },\n\n  /**\n   * Verifies data integrity with HMAC\n   */\n  verifyHMAC: (data: string, signature: string, secret: string): boolean => {\n    const expectedSignature = crypto.createHmac('sha256', secret).update(data).digest('hex');\n\n    return crypto.timingSafeEqual(\n      Buffer.from(signature, 'hex'),\n      Buffer.from(expectedSignature, 'hex')\n    );\n  },\n};\n\n// ============================================================================\n// RATE LIMITING UTILITIES\n// ============================================================================\n\n/**\n * Simple in-memory rate limiting\n */\nexport class RateLimiter {\n  private requests: Map<string, number[]> = new Map();\n\n  constructor(\n    private maxRequests = 100,\n    private windowMs = 60000 // 1 minute\n  ) {}\n\n  isAllowed(identifier: string): boolean {\n    const now = Date.now();\n    const windowStart = now - this.windowMs;\n\n    // Get existing requests for this identifier\n    let timestamps = this.requests.get(identifier) || [];\n\n    // Remove old requests outside the window\n    timestamps = timestamps.filter((timestamp) => timestamp > windowStart);\n\n    // Check if limit exceeded\n    if (timestamps.length >= this.maxRequests) {\n      return false;\n    }\n\n    // Add current request\n    timestamps.push(now);\n    this.requests.set(identifier, timestamps);\n\n    return true;\n  }\n\n  cleanup(): void {\n    const now = Date.now();\n    const windowStart = now - this.windowMs;\n\n    for (const [identifier, timestamps] of this.requests.entries()) {\n      const filtered = timestamps.filter((timestamp) => timestamp > windowStart);\n      if (filtered.length === 0) {\n        this.requests.delete(identifier);\n      } else {\n        this.requests.set(identifier, filtered);\n      }\n    }\n  }\n}\n\n// ============================================================================\n// SECURITY MIDDLEWARE\n// ============================================================================\n\n/**\n * Security middleware for common patterns\n */\nexport const securityMiddleware = {\n  /**\n   * Rate limiting middleware\n   */\n  rateLimit: (limiter: RateLimiter, getIdentifier: (req: any) => string) => {\n    return (req: any, res: any, next: any) => {\n      const identifier = getIdentifier(req);\n\n      if (!limiter.isAllowed(identifier)) {\n        return res.status(429).json({ error: 'Too many requests' });\n      }\n\n      next();\n    };\n  },\n\n  /**\n   * Input validation middleware\n   */\n  validateInput: (schema: z.ZodSchema, source: 'body' | 'query' | 'params' = 'body') => {\n    return (req: any, res: any, next: any) => {\n      try {\n        const data = req[source];\n        const validated = schema.parse(data);\n        req[source] = validated;\n        next();\n      } catch (error) {\n        return res.status(400).json({ error: 'Invalid input', details: error });\n      }\n    };\n  },\n};\n\nexport default {\n  securitySchemas,\n  pathSecurity,\n  commandSecurity,\n  sanitize,\n  envSecurity,\n  cryptoUtils,\n  RateLimiter,\n  securityMiddleware,\n};\n"
-  ],
-  "mappings": "yCAYA,uBACA,yBACA,wBAAS,iBCTT,mBAAS,2BAET,yBACA,oBAAS,kBAGT,IAAM,EAAgB,EAAU,CAAQ,EAS3B,EAAkB,CAE7B,YAAa,EACV,OAAO,EACP,IAAI,EAAG,0BAA0B,EACjC,IAAI,IAAK,uBAAuB,EAChC,MACC,mBACA,0EACF,EACC,OAAO,CAAC,IAAS,CAAC,QAAQ,KAAK,CAAI,EAAG,kCAAkC,EACxE,OAAO,CAAC,IAAS,CAAC,YAAY,KAAK,CAAI,EAAG,0CAA0C,EAGvF,WAAY,EACT,OAAO,EACP,IAAI,EAAG,yBAAyB,EAChC,IAAI,IAAK,sBAAsB,EAC/B,MACC,oBACA,kFACF,EACC,OAAO,CAAC,IAAS,CAAC,EAAK,SAAS,IAAI,EAAG,iCAAiC,EACxE,OAAO,CAAC,IAAS,CAAC,SAAS,KAAK,CAAI,EAAG,+CAA+C,EACtF,OAAO,CAAC,IAAS,CAAC,aAAa,KAAK,CAAI,EAAG,yCAAyC,EAGvF,SAAU,EACP,OAAO,EACP,IAAI,EAAG,uBAAuB,EAC9B,IAAI,KAAM,oBAAoB,EAC9B,OACC,CAAC,IAAa,CAAC,EAAS,SAAS,IAAI,EACrC,6DACF,EACC,OAAO,CAAC,IAAa,CAAC,aAAa,KAAK,CAAQ,EAAG,uCAAuC,EAG7F,WAAY,EACT,OAAO,EACP,IAAI,KAAM,2BAA2B,EACrC,OACC,CAAC,IAAQ,CAAC,gBAAgB,KAAK,CAAG,EAClC,4DACF,EAGF,WAAY,EACT,OAAO,EACP,MAAM,qBAAsB,0CAA0C,EACtE,IAAI,IAAK,oCAAoC,EAGhD,IAAK,EACF,OAAO,EACP,IAAI,oBAAoB,EACxB,OACC,CAAC,IAAQ,EAAI,WAAW,UAAU,GAAK,EAAI,WAAW,kBAAkB,EACxE,gCACF,EACC,OAAO,CAAC,IAAQ,CAAC,EAAI,SAAS,aAAa,EAAG,wCAAwC,EAGzF,OAAQ,EACL,OAAO,EACP,IAAI,GAAI,mBAAmB,EAC3B,IAAI,IAAK,kBAAkB,EAC3B,MAAM,oBAAqB,wBAAwB,CACxD,EASa,EAAe,CAI1B,aAAc,CAAC,EAAmB,IAAiC,CACjE,IAAM,EAAY,EAAgB,SAAS,MAAM,CAAS,EAGpD,EAAiB,EAAK,UAAU,CAAS,EAG/C,GAAI,EAAe,SAAS,IAAI,EAC9B,MAAU,MAAM,sCAAsC,EAIxD,GAAI,EAAa,CACf,IAAM,EAAe,EAAK,QAAQ,EAAa,CAAc,EACvD,EAAe,EAAK,QAAQ,CAAW,EAE7C,GAAI,CAAC,EAAa,WAAW,CAAY,EACvC,MAAU,MAAM,0CAA0C,EAG5D,OAAO,EAGT,OAAO,GAMT,WAAY,CAAC,EAAoB,IAAiC,CAChE,GAAI,CACF,IAAM,EAAiB,EAAK,QAAQ,CAAU,EACxC,EAAe,EAAK,QAAQ,CAAW,EAC7C,OAAO,EAAe,WAAW,CAAY,EAC7C,KAAM,CACN,MAAO,KAOX,SAAU,CAAC,KAAqB,IAA4B,CAC1D,IAAM,EAAS,EAAK,KAAK,EAAU,GAAG,CAAK,EAGrC,EAAa,EAAK,UAAU,CAAM,EAClC,EAAe,EAAK,QAAQ,CAAQ,EACpC,EAAiB,EAAK,QAAQ,CAAU,EAE9C,GAAI,CAAC,EAAe,WAAW,CAAY,EACzC,MAAU,MAAM,6CAA6C,EAG/D,OAAO,EAEX,EAiGO,IAAM,EAAW,CAItB,OAAQ,CAAC,EAAe,EAAY,OAAiB,CACnD,GAAI,OAAO,IAAU,SACnB,MAAU,MAAM,wBAAwB,EAQ1C,OAJkB,EACf,QAAQ,oCAAqC,EAAE,EAC/C,UAAU,EAAG,CAAS,GAQ3B,WAAY,CAAC,IAA0B,CACrC,OAAO,EACJ,QAAQ,UAAW,GAAG,EACtB,QAAQ,MAAO,GAAG,EAClB,UAAU,EAAG,GAAG,GAMrB,SAAU,CAAC,IAA0B,CACnC,OAAO,EACJ,QAAQ,mBAAoB,GAAG,EAC/B,QAAQ,SAAU,GAAG,EACrB,QAAQ,SAAU,EAAE,EACpB,YAAY,GAMjB,YAAa,CAAC,IAA0B,CAEtC,OAAO,EACJ,QAAQ,oCAAqC,EAAE,EAC/C,QAAQ,wBAAyB,EAAE,EACnC,QAAQ,sDAAuD,EAAE,EAExE,EASa,EAAc,CAIzB,eAAgB,CAAC,EAAc,IAAoD,CACjF,IAAM,EAAgB,EAAgB,WAAW,MAAM,CAAI,EAE3D,GAAI,IAAU,OACZ,MAAU,MAAM,wBAAwB,2BAAuC,EAIjF,GAAI,EAAc,SAAS,KAAK,GAAK,EAAc,SAAS,UAAU,EACpE,EAAgB,IAAI,MAAM,CAAK,EAC1B,QAAI,EAAc,SAAS,KAAK,GAAK,EAAc,SAAS,QAAQ,GAEzE,GAAI,EAAM,OAAS,GACjB,MAAU,MAAM,WAAW,gBAA4B,EAI3D,MAAO,CAAE,KAAM,EAAe,OAAM,GAMtC,UAAW,CAAC,EAAc,IAA8C,CACtE,GAAI,CACF,IAAM,EAAQ,QAAQ,IAAI,GAC1B,GAAI,IAAU,OAAW,CACvB,GAAI,IAAiB,OACnB,OAAO,EAET,MAAU,MAAM,wBAAwB,cAAiB,EAI3D,OADkB,EAAY,eAAe,EAAM,CAAK,EACvC,MACjB,MAAO,EAAO,CAEd,OADA,QAAQ,KAAK,8CAA8C,KAAS,CAAK,EAClE,IAOX,gBAAiB,CACf,IAC2B,CAC3B,IAAM,EAAiC,CAAC,EAExC,QAAY,EAAM,KAAW,OAAO,QAAQ,CAAI,EAAG,CACjD,IAAM,EAAQ,QAAQ,IAAI,GAE1B,GAAI,IAAU,OAAW,CACvB,GAAI,EAAO,SACT,MAAU,MAAM,iCAAiC,cAAiB,EAEpE,SAGF,GAAI,CAEF,GAAI,EAAO,OACT,EAAO,GAAQ,EAAO,OAAO,MAAM,CAAK,EACnC,KACL,IAAM,EAAY,EAAY,eAAe,EAAM,CAAK,EACxD,EAAO,GAAQ,EAAU,OAE3B,MAAO,EAAO,CACd,MAAU,MAAM,wBAAwB,wBAA2B,GAAO,GAI9E,OAAO,EAEX,EDxWO,SAAS,CAAe,CAAC,EAA0B,CACxD,IAAM,EAAa,EAAc,YAAY,GAAG,EAC5C,EAAa,EAAK,QAAQ,CAAU,EAGxC,QAAS,EAAI,EAAG,EAAI,GAAI,IAAK,CAC3B,IAAM,EAAkB,EAAK,KAAK,EAAY,cAAc,EAC5D,GAAI,EAAG,WAAW,CAAe,EAC/B,OAAO,EAGT,IAAM,EAAY,EAAK,QAAQ,CAAU,EACzC,GAAI,IAAc,EAAY,MAC9B,EAAa,EAGf,IAAM,EAAW,EACb,8BAA8B,qBAC9B,2BACJ,MAAU,MAAM,CAAQ,EAG1B,IAAM,EAAc,EAAK,KAAK,EAAgB,EAAG,QAAQ,EAKlD,SAAS,CAAY,EAAW,CACrC,OAAO,EAAK,KAAK,EAAa,QAAQ,EAajC,SAAS,CAAW,EAAW,CACpC,OAAO,EAAK,KAAK,EAAa,OAAO,EAMhC,SAAS,CAAe,EAAW,CACxC,OAAO,EAAK,KAAK,EAAa,WAAW,EAMpC,SAAS,CAAkB,EAAW,CAC3C,OAAO,EAAK,KAAK,EAAa,eAAe,EAMxC,SAAS,CAAmB,EAAW,CAC5C,OAAO,EAAK,KAAK,EAAa,gBAAgB,EAMzC,SAAS,CAAW,CAAC,EAA0B,CAEpD,GAAI,CAAC,GAAY,OAAO,IAAa,SACnC,MAAU,MAAM,qCAAqC,EAIvD,GAAI,EAAS,SAAS,IAAI,GAAK,EAAS,SAAS,GAAG,GAAK,EAAS,SAAS,IAAI,EAC7E,MAAU,MAAM,qBAAqB,gCAAuC,EAI9E,GAAI,CAAC,oBAAoB,KAAK,CAAQ,EACpC,MAAU,MAAM,yCAAyC,GAAU,EAIrE,IAAM,EAAW,EAAY,EACvB,EAAW,EAAa,SAAS,EAAU,CAAQ,EAEzD,GAAI,CAAC,EAAG,WAAW,CAAQ,EACzB,MAAU,MAAM,wBAAwB,gBAAuB,IAAW,EAG5E,OAAO",
-  "debugId": "B36B269C3826F9AF64756E2164756E21",
-  "names": []
-}

package/dist/chunk-3m9whg4q.js

@@ -1,4 +0,0 @@
-import{createRequire as k}from"node:module";var g=Object.create;var{getPrototypeOf:h,defineProperty:f,getOwnPropertyNames:i}=Object;var j=Object.prototype.hasOwnProperty;var l=(a,b,c)=>{c=a!=null?g(h(a)):{};let d=b||!a||!a.__esModule?f(c,"default",{value:a,enumerable:!0}):c;for(let e of i(a))if(!j.call(d,e))f(d,e,{get:()=>a[e],enumerable:!0});return d};var m=(a,b)=>()=>(b||a((b={exports:{}}).exports,b),b.exports);var n=(a,b)=>{for(var c in b)f(a,c,{get:b[c],enumerable:!0,configurable:!0,set:(d)=>b[c]=()=>d})};var p=k(import.meta.url);
-export{l as Tb,m as Ub,n as Vb,p as Wb};
-
-//# debugId=1090B4E729FE0A2764756E2164756E21

package/dist/chunk-3m9whg4q.js.map

@@ -1,9 +0,0 @@
-{
-  "version": 3,
-  "sources": [],
-  "sourcesContent": [
-  ],
-  "mappings": "",
-  "debugId": "1090B4E729FE0A2764756E2164756E21",
-  "names": []
-}