@ttctl/core 0.0.0 → 0.1.0-rc.1

package/dist/services/profile/reviews/index.js

@@ -0,0 +1,431 @@
+// SPDX-License-Identifier: AGPL-3.0-only
+// Copyright (C) 2026 Oleksii PELYKH
+/**
+ * `profile.reviews` service module.
+ *
+ * Section reviews are the section/item review-and-approval flow: when the
+ * talent edits a sensitive section (basic info, skills, employments, etc.)
+ * the change goes into a "pending review" state; the talent must explicitly
+ * approve each pending item or section before it's published.
+ *
+ * Per issue #76 the v0 user-facing surface exposes 4 leaves:
+ *
+ *   1. {@link list}                — list pending section reviews
+ *   2. {@link approveItem}         — approve a single pending item within a section
+ *   3. {@link approveSection}      — approve all pending items in a section
+ *   4. {@link submitForReview}     — re-submit the profile for platform-side re-review
+ *
+ * ## Spec / API divergences (documented per #76 AC)
+ *
+ * The issue (#76) suggests `approve-item <id>` and `approve-section <id>` as
+ * single-positional CLI signatures. The actual GraphQL inputs require three
+ * fields each (`reviewId`, `itemId`, `itemKind` for item; `reviewId`,
+ * `section` for section — see
+ * `research/notes/10-mutation-input-patterns.md`). The CLI uses named flags
+ * (`--review-id`, `--item-id`, `--kind`, `--section`) to disambiguate.
+ *
+ * `submitForReview` is listed in
+ * `research/notes/10-mutation-input-patterns.md` § "non-obvious shapes"
+ * with no live capture. We follow Pattern 2 (`{ profileId: ID! }`) as the
+ * most plausible inferred shape; deviations would surface at runtime as
+ * `USER_ERROR`. Marked **INFERRED — UNVERIFIED** in the implementation.
+ *
+ * `ItemReviewKind` and `ReviewSection` enum values are not catalogued in
+ * the schema (`research/graphql/talent_profile/schema.graphql` types most
+ * scalars as `Unknown`). The CLI accepts these as plain strings and lets
+ * the server validate; the server's user-error response is rendered
+ * verbatim so the user sees the rejected value alongside the expected
+ * vocabulary.
+ *
+ * ## Wire-shape decisions
+ *
+ * All operations target the talent_profile surface and use
+ * {@link impersonatedTransport}. Same full-document strategy as the
+ * external sub-domain — see `services/profile/external/index.ts` § "Wire-
+ * shape decisions" for rationale.
+ */
+import { AuthRevokedError, TtctlError } from "../../../auth/errors.js";
+import { impersonatedTransport } from "../../../transport.js";
+import { ProfileError } from "../basic/index.js";
+import { extractProfileId, isAuthRevokedExtensionCode } from "../shared.js";
+// Re-export the shared `ProfileError` / `ProfileErrorCode` so consumers can
+// continue to write `profile.reviews.ProfileError`.
+export { ProfileError };
+function parseTalentProfileResponse(res, commandLabel, fallbackErrorCode = "UNKNOWN") {
+    if (res.status === 401) {
+        throw new AuthRevokedError("Session is invalid or expired.");
+    }
+    if (res.status < 200 || res.status >= 300) {
+        throw new ProfileError(fallbackErrorCode, `${commandLabel} returned HTTP ${res.status.toString()}`);
+    }
+    const body = res.body;
+    if (body && Array.isArray(body.errors) && body.errors.length > 0) {
+        const first = body.errors[0];
+        const message = first?.message ?? "GraphQL error";
+        if (isAuthRevokedExtensionCode(first?.extensions?.code)) {
+            throw new AuthRevokedError("Session is invalid or expired.");
+        }
+        throw new ProfileError("GRAPHQL_ERROR", `${commandLabel} failed: ${message}`);
+    }
+    if (!body?.data) {
+        throw new ProfileError(fallbackErrorCode, `${commandLabel} response had no \`data\` field`);
+    }
+    return body.data;
+}
+async function withNetworkErrorMapping(commandLabel, fn) {
+    try {
+        return await fn();
+    }
+    catch (err) {
+        if (err instanceof TtctlError)
+            throw err;
+        if (err instanceof ProfileError)
+            throw err;
+        throw new ProfileError("NETWORK_ERROR", `${commandLabel} request failed: ${err.message}`, {
+            cause: err,
+        });
+    }
+}
+const SECTION_REVIEWS_QUERY = `query sectionReviews($profileId: ID!) {
+  sectionReviews(id: $profileId) {
+    id
+    section
+    requestedAt
+    items {
+      id
+      itemId
+      requestedAt
+    }
+  }
+}`;
+function coerceString(value) {
+    return typeof value === "string" ? value : null;
+}
+/**
+ * Detect the talent_profile graphql-pro "field hidden due to permissions"
+ * response on the `sectionReviews` field. The server emits this when the
+ * signed-in user has no pending section reviews visible — the field is
+ * permission-gated rather than returning an empty array. The shape is:
+ *
+ *   { data: null, errors: [{
+ *       message: "An object of type SectionReview was hidden due to permissions",
+ *       path: ["sectionReviews", 0],
+ *       extensions: { code: "UNAUTHORIZED" },
+ *     }] }
+ *
+ * `extensions.code` ALONE is ambiguous (same code is used for session-revoked
+ * bearer). Two discriminators are checked, both must hold:
+ *
+ *   1. **Primary** — `path[0] === "sectionReviews"`. GraphQL spec § 7.1.7 mandates
+ *      `path` on field-level errors and prohibits it on errors raised before
+ *      field resolution (session-revoked top-level errors fire BEFORE field
+ *      resolution and therefore have no `path`). This is the structural
+ *      discriminator and survives English-wording drift of the message.
+ *   2. **Confirmation** — message contains `"hidden due to permissions"`. Defense
+ *      against the (unlikely) case where a path-bearing top-level error is
+ *      emitted for some unrelated reason.
+ */
+function isFieldHiddenSectionReviews(body) {
+    if (body === null || typeof body !== "object")
+        return false;
+    const envelope = body;
+    if (envelope.data !== null && envelope.data !== undefined)
+        return false;
+    if (!Array.isArray(envelope.errors) || envelope.errors.length === 0)
+        return false;
+    const first = envelope.errors[0];
+    if (first?.extensions?.code !== "UNAUTHORIZED")
+        return false;
+    if (!Array.isArray(first.path) || first.path[0] !== "sectionReviews")
+        return false;
+    return typeof first.message === "string" && first.message.includes("hidden due to permissions");
+}
+/**
+ * List pending section reviews for the signed-in user. Returns an empty
+ * array (not a `null` or thrown error) when no reviews are pending. This
+ * includes the talent_profile "field hidden due to permissions" response
+ * (see {@link isFieldHiddenSectionReviews}) — empirically the
+ * no-pending-reviews surface form for accounts that have no review activity.
+ *
+ * Errors: `AuthRevokedError`, `ProfileError(GRAPHQL_ERROR)`,
+ * `ProfileError(NETWORK_ERROR)`, `Cf403Error` (and other `TtctlError`
+ * subclasses) propagate verbatim.
+ */
+export async function list(token) {
+    const profileId = await extractProfileId(token);
+    const res = await withNetworkErrorMapping("Section reviews list", () => impersonatedTransport({
+        surface: "talent-profile",
+        authToken: token,
+        body: {
+            operationName: "sectionReviews",
+            query: SECTION_REVIEWS_QUERY,
+            variables: { profileId },
+        },
+    }));
+    // talent_profile's graphql-pro layer overloads `extensions.code = "UNAUTHORIZED"`
+    // for two distinct conditions: (1) session-revoked bearer (handled globally by
+    // `isAuthRevokedExtensionCode` → AuthRevokedError); (2) field-level permission
+    // denial, surfaced with `data: null` + `message: "An object of type
+    // SectionReview was hidden due to permissions"`. For `sectionReviews` the
+    // field-hidden case empirically corresponds to "no pending reviews are visible
+    // to this user" (live capture 2026-05-16 against an account with no pending
+    // section reviews). Short-circuit to `[]` BEFORE the generic auth-revoked
+    // mapping fires, otherwise the user sees a misleading "Run `ttctl auth
+    // signin`" hint when the session is in fact valid for every other
+    // talent_profile op.
+    if (res.status === 200 && isFieldHiddenSectionReviews(res.body)) {
+        return [];
+    }
+    const data = parseTalentProfileResponse(res, "Section reviews list");
+    const rows = data.sectionReviews ?? [];
+    return rows
+        .filter((r) => r !== null && typeof r === "object")
+        .map((row) => {
+        const items = (row.items ?? [])
+            .filter((it) => it !== null && typeof it === "object")
+            .map((it) => ({
+            id: typeof it.id === "string" ? it.id : "",
+            itemId: typeof it.itemId === "string" ? it.itemId : "",
+            requestedAt: coerceString(it.requestedAt),
+        }))
+            .filter((it) => it.id.length > 0);
+        return {
+            id: typeof row.id === "string" ? row.id : "",
+            section: coerceString(row.section),
+            requestedAt: coerceString(row.requestedAt),
+            items,
+        };
+    })
+        .filter((row) => row.id.length > 0);
+}
+const APPROVE_ITEM_REVIEW_MUTATION = `mutation ApproveItemReview($input: ApproveItemReviewInput!) {
+  approveItemReview(input: $input) {
+    sectionReviews {
+      id
+      section
+      requestedAt
+      items {
+        id
+        itemId
+        requestedAt
+      }
+    }
+    errors {
+      code
+      key
+      message
+    }
+    notice
+    success
+  }
+}`;
+function rowsToSectionReviews(rows) {
+    return (rows ?? [])
+        .filter((r) => r !== null && typeof r === "object")
+        .map((row) => ({
+        id: typeof row.id === "string" ? row.id : "",
+        section: coerceString(row.section),
+        requestedAt: coerceString(row.requestedAt),
+        items: (row.items ?? [])
+            .filter((it) => it !== null && typeof it === "object")
+            .map((it) => ({
+            id: typeof it.id === "string" ? it.id : "",
+            itemId: typeof it.itemId === "string" ? it.itemId : "",
+            requestedAt: coerceString(it.requestedAt),
+        }))
+            .filter((it) => it.id.length > 0),
+    }))
+        .filter((row) => row.id.length > 0);
+}
+/**
+ * Approve a single pending item within a section review. Returns the
+ * server-confirmed updated list of pending section reviews.
+ *
+ * **Destructive**: approval is final per the platform's review semantics —
+ * once approved, the change is published and cannot be reverted from this
+ * surface. Callers are expected to confirm intent (the CLI does so by
+ * requiring explicit `--review-id` / `--item-id` / `--kind` flags rather
+ * than auto-discovering pending items).
+ *
+ * Errors:
+ *   - `ProfileError("VALIDATION_ERROR")` when any of `reviewId / itemId /
+ *     itemKind` is empty
+ *   - `ProfileError("USER_ERROR")` when the server rejects the input (e.g.
+ *     unknown item kind, item already approved)
+ *   - `AuthRevokedError`, `Cf403Error`, other `TtctlError` subclasses
+ *     propagate verbatim
+ */
+export async function approveItem(token, args) {
+    if (args.reviewId.length === 0 || args.itemId.length === 0 || args.itemKind.length === 0) {
+        throw new ProfileError("VALIDATION_ERROR", "Approve-item review requires non-empty reviewId, itemId, and itemKind.");
+    }
+    // Destructive — approval is final per platform review semantics; once
+    // approved, the change is published and cannot be reverted from this
+    // surface. No safe round-trip on a live maintainer profile. Wire shape
+    // inferred from research/notes/10. The read-side sectionReviews query
+    // is covered in packages/e2e/src/40-profile-reviews.e2e.test.ts.
+    const res = await withNetworkErrorMapping("Approve item review", () => impersonatedTransport({
+        surface: "talent-profile",
+        authToken: token,
+        body: {
+            // e2e-exempt: destructive — see comment above the withNetworkErrorMapping call.
+            operationName: "ApproveItemReview",
+            query: APPROVE_ITEM_REVIEW_MUTATION,
+            variables: {
+                input: {
+                    reviewId: args.reviewId,
+                    itemId: args.itemId,
+                    itemKind: args.itemKind,
+                },
+            },
+        },
+    }));
+    const data = parseTalentProfileResponse(res, "Approve item review");
+    const payload = data.approveItemReview;
+    if (!payload) {
+        throw new ProfileError("UNKNOWN", "Approve item review response had no payload");
+    }
+    if (Array.isArray(payload.errors) && payload.errors.length > 0) {
+        const first = payload.errors[0];
+        const fieldHint = first?.key ? ` (${first.key})` : "";
+        throw new ProfileError("USER_ERROR", `Approve item review rejected${fieldHint}: ${first?.message ?? "unknown error"}`);
+    }
+    if (payload.success === false) {
+        throw new ProfileError("USER_ERROR", `Approve item review reported success=false${payload.notice ? `: ${payload.notice}` : ""}`);
+    }
+    return {
+        sectionReviews: rowsToSectionReviews(payload.sectionReviews),
+        notice: payload.notice ?? null,
+    };
+}
+const APPROVE_SECTION_REVIEW_MUTATION = `mutation ApproveSectionReview($input: ApproveSectionReviewInput!) {
+  approveSectionReview(input: $input) {
+    sectionReviews {
+      id
+      section
+      requestedAt
+      items {
+        id
+        itemId
+        requestedAt
+      }
+    }
+    errors {
+      code
+      key
+      message
+    }
+    notice
+    success
+  }
+}`;
+/**
+ * Approve all pending items within a section review. Returns the
+ * server-confirmed updated list of pending section reviews.
+ *
+ * **Destructive**: same caveat as {@link approveItem} — approvals are final.
+ *
+ * Errors: same taxonomy as {@link approveItem}.
+ */
+export async function approveSection(token, args) {
+    if (args.reviewId.length === 0 || args.section.length === 0) {
+        throw new ProfileError("VALIDATION_ERROR", "Approve-section review requires non-empty reviewId and section.");
+    }
+    // Destructive — section-level approval is final per platform review
+    // semantics; the entire section's pending items are published in one
+    // call. No safe round-trip on a live maintainer profile. Wire shape
+    // inferred from research/notes/10. The read-side sectionReviews query
+    // is covered in packages/e2e/src/40-profile-reviews.e2e.test.ts.
+    const res = await withNetworkErrorMapping("Approve section review", () => impersonatedTransport({
+        surface: "talent-profile",
+        authToken: token,
+        body: {
+            // e2e-exempt: destructive — see comment above the withNetworkErrorMapping call.
+            operationName: "ApproveSectionReview",
+            query: APPROVE_SECTION_REVIEW_MUTATION,
+            variables: {
+                input: {
+                    reviewId: args.reviewId,
+                    section: args.section,
+                },
+            },
+        },
+    }));
+    const data = parseTalentProfileResponse(res, "Approve section review");
+    const payload = data.approveSectionReview;
+    if (!payload) {
+        throw new ProfileError("UNKNOWN", "Approve section review response had no payload");
+    }
+    if (Array.isArray(payload.errors) && payload.errors.length > 0) {
+        const first = payload.errors[0];
+        const fieldHint = first?.key ? ` (${first.key})` : "";
+        throw new ProfileError("USER_ERROR", `Approve section review rejected${fieldHint}: ${first?.message ?? "unknown error"}`);
+    }
+    if (payload.success === false) {
+        throw new ProfileError("USER_ERROR", `Approve section review reported success=false${payload.notice ? `: ${payload.notice}` : ""}`);
+    }
+    return {
+        sectionReviews: rowsToSectionReviews(payload.sectionReviews),
+        notice: payload.notice ?? null,
+    };
+}
+const SUBMIT_FOR_REVIEW_MUTATION = `mutation submitForReview($input: SubmitForReviewInput!) {
+  submitForReview(input: $input) {
+    errors {
+      code
+      key
+      message
+    }
+    notice
+    success
+  }
+}`;
+/**
+ * Re-submit the talent's profile for platform-side re-review. Used after
+ * profile edits that require the platform reviewer to re-verify the
+ * content (skills, employments, etc.).
+ *
+ * **INFERRED — UNVERIFIED** input shape: `{ profileId: ID! }` per
+ * `research/notes/10-mutation-input-patterns.md` Pattern 2. No live curl
+ * capture exists for this mutation. Deviations would surface as
+ * `USER_ERROR` at runtime.
+ *
+ * Errors:
+ *   - `ProfileError("USER_ERROR")` when the server rejects the submission
+ *     (e.g. profile not yet ready per `getProfileReadiness`)
+ *   - `AuthRevokedError`, `Cf403Error`, other `TtctlError` subclasses
+ *     propagate verbatim
+ */
+export async function submitForReview(token) {
+    const profileId = await extractProfileId(token);
+    // Triggers an actual platform-side re-review against the maintainer's
+    // profile when called on a submittable state. No safe reverse-trip.
+    // Wire shape inferred from research/notes/10 Pattern 2
+    // (`{ profileId: ID! }`). The read-side sectionReviews query is covered
+    // in packages/e2e/src/40-profile-reviews.e2e.test.ts.
+    const res = await withNetworkErrorMapping("Submit for review", () => impersonatedTransport({
+        surface: "talent-profile",
+        authToken: token,
+        body: {
+            // e2e-exempt: destructive — see comment above the withNetworkErrorMapping call.
+            operationName: "submitForReview",
+            query: SUBMIT_FOR_REVIEW_MUTATION,
+            variables: { input: { profileId } },
+        },
+    }));
+    const data = parseTalentProfileResponse(res, "Submit for review");
+    const payload = data.submitForReview;
+    if (!payload) {
+        throw new ProfileError("UNKNOWN", "Submit-for-review response had no payload");
+    }
+    if (Array.isArray(payload.errors) && payload.errors.length > 0) {
+        const first = payload.errors[0];
+        const keyHint = first?.key ? ` (${first.key})` : "";
+        throw new ProfileError("USER_ERROR", `Submit for review rejected${keyHint}: ${first?.message ?? "unknown error"}`);
+    }
+    if (payload.success === false) {
+        throw new ProfileError("USER_ERROR", `Submit for review reported success=false${payload.notice ? `: ${payload.notice}` : ""}`);
+    }
+    return { notice: payload.notice ?? null };
+}
+//# sourceMappingURL=index.js.map

package/dist/services/profile/reviews/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/services/profile/reviews/index.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,oCAAoC;AAEpC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2CG;AAEH,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACvE,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAE9D,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,OAAO,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAC;AAE5E,4EAA4E;AAC5E,oDAAoD;AACpD,OAAO,EAAE,YAAY,EAAE,CAAC;AAyBxB,SAAS,0BAA0B,CACjC,GAAsB,EACtB,YAAoB,EACpB,oBAAsC,SAAS;IAE/C,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QACvB,MAAM,IAAI,gBAAgB,CAAC,gCAAgC,CAAC,CAAC;IAC/D,CAAC;IACD,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;QAC1C,MAAM,IAAI,YAAY,CAAC,iBAAiB,EAAE,GAAG,YAAY,kBAAkB,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IACtG,CAAC;IACD,MAAM,IAAI,GAAG,GAAG,CAAC,IAA6C,CAAC;IAC/D,IAAI,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjE,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,KAAK,EAAE,OAAO,IAAI,eAAe,CAAC;QAClD,IAAI,0BAA0B,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,EAAE,CAAC;YACxD,MAAM,IAAI,gBAAgB,CAAC,gCAAgC,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,IAAI,YAAY,CAAC,eAAe,EAAE,GAAG,YAAY,YAAY,OAAO,EAAE,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC;QAChB,MAAM,IAAI,YAAY,CAAC,iBAAiB,EAAE,GAAG,YAAY,iCAAiC,CAAC,CAAC;IAC9F,CAAC;IACD,OAAO,IAAI,CAAC,IAAI,CAAC;AACnB,CAAC;AAED,KAAK,UAAU,uBAAuB,CAAI,YAAoB,EAAE,EAAoB;IAClF,IAAI,CAAC;QACH,OAAO,MAAM,EAAE,EAAE,CAAC;IACpB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,UAAU;YAAE,MAAM,GAAG,CAAC;QACzC,IAAI,GAAG,YAAY,YAAY;YAAE,MAAM,GAAG,CAAC;QAC3C,MAAM,IAAI,YAAY,CAAC,eAAe,EAAE,GAAG,YAAY,oBAAqB,GAAa,CAAC,OAAO,EAAE,EAAE;YACnG,KAAK,EAAE,GAAG;SACX,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAgCD,MAAM,qBAAqB,GAAG;;;;;;;;;;;EAW5B,CAAC;AAaH,SAAS,YAAY,CAAC,KAAc;IAClC,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;AAClD,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,SAAS,2BAA2B,CAAC,IAAa;IAChD,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5D,MAAM,QAAQ,GAAG,IAA+D,CAAC;IACjF,IAAI,QAAQ,CAAC,IAAI,KAAK,IAAI,IAAI,QAAQ,CAAC,IAAI,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IACxE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAClF,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACjC,IAAI,KAAK,EAAE,UAAU,EAAE,IAAI,KAAK,cAAc;QAAE,OAAO,KAAK,CAAC;IAC7D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,gBAAgB;QAAE,OAAO,KAAK,CAAC;IACnF,OAAO,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,2BAA2B,CAAC,CAAC;AAClG,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,KAAa;IACtC,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAEhD,MAAM,GAAG,GAAG,MAAM,uBAAuB,CAAC,sBAAsB,EAAE,GAAG,EAAE,CACrE,qBAAqB,CAAC;QACpB,OAAO,EAAE,gBAAgB;QACzB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE;YACJ,aAAa,EAAE,gBAAgB;YAC/B,KAAK,EAAE,qBAAqB;YAC5B,SAAS,EAAE,EAAE,SAAS,EAAE;SACzB;KACF,CAAC,CACH,CAAC;IAEF,kFAAkF;IAClF,+EAA+E;IAC/E,+EAA+E;IAC/E,oEAAoE;IACpE,0EAA0E;IAC1E,+EAA+E;IAC/E,4EAA4E;IAC5E,0EAA0E;IAC1E,uEAAuE;IACvE,kEAAkE;IAClE,qBAAqB;IACrB,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,2BAA2B,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAChE,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,IAAI,GAAG,0BAA0B,CAAC,GAAG,EAAE,sBAAsB,CAAuB,CAAC;IAC3F,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,IAAI,EAAE,CAAC;IACvC,OAAO,IAAI;SACR,MAAM,CAAC,CAAC,CAAC,EAA8B,EAAE,CAAC,CAAC,KAAK,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,CAAC;SAC9E,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACX,MAAM,KAAK,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;aAC5B,MAAM,CAAC,CAAC,EAAE,EAAgC,EAAE,CAAC,EAAE,KAAK,IAAI,IAAI,OAAO,EAAE,KAAK,QAAQ,CAAC;aACnF,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACZ,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE;YAC1C,MAAM,EAAE,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;YACtD,WAAW,EAAE,YAAY,CAAC,EAAE,CAAC,WAAW,CAAC;SAC1C,CAAC,CAAC;aACF,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACpC,OAAO;YACL,EAAE,EAAE,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE;YAC5C,OAAO,EAAE,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC;YAClC,WAAW,EAAE,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC;YAC1C,KAAK;SACN,CAAC;IACJ,CAAC,CAAC;SACD,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACxC,CAAC;AAoCD,MAAM,4BAA4B,GAAG;;;;;;;;;;;;;;;;;;;;EAoBnC,CAAC;AAeH,SAAS,oBAAoB,CAAC,IAA0C;IACtE,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;SAChB,MAAM,CAAC,CAAC,CAAC,EAA8B,EAAE,CAAC,CAAC,KAAK,IAAI,IAAI,OAAO,CAAC,KAAK,QAAQ,CAAC;SAC9E,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACb,EAAE,EAAE,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE;QAC5C,OAAO,EAAE,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC;QAClC,WAAW,EAAE,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC;QAC1C,KAAK,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;aACrB,MAAM,CAAC,CAAC,EAAE,EAAgC,EAAE,CAAC,EAAE,KAAK,IAAI,IAAI,OAAO,EAAE,KAAK,QAAQ,CAAC;aACnF,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YACZ,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE;YAC1C,MAAM,EAAE,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;YACtD,WAAW,EAAE,YAAY,CAAC,EAAE,CAAC,WAAW,CAAC;SAC1C,CAAC,CAAC;aACF,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;KACpC,CAAC,CAAC;SACF,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACxC,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAa,EAAE,IAA2B;IAC1E,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzF,MAAM,IAAI,YAAY,CACpB,kBAAkB,EAClB,wEAAwE,CACzE,CAAC;IACJ,CAAC;IAED,sEAAsE;IACtE,qEAAqE;IACrE,uEAAuE;IACvE,sEAAsE;IACtE,iEAAiE;IACjE,MAAM,GAAG,GAAG,MAAM,uBAAuB,CAAC,qBAAqB,EAAE,GAAG,EAAE,CACpE,qBAAqB,CAAC;QACpB,OAAO,EAAE,gBAAgB;QACzB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE;YACJ,gFAAgF;YAChF,aAAa,EAAE,mBAAmB;YAClC,KAAK,EAAE,4BAA4B;YACnC,SAAS,EAAE;gBACT,KAAK,EAAE;oBACL,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,MAAM,EAAE,IAAI,CAAC,MAAM;oBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;iBACS;aACnC;SACF;KACF,CAAC,CACH,CAAC;IAEF,MAAM,IAAI,GAAG,0BAA0B,CAAC,GAAG,EAAE,qBAAqB,CAEjE,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,CAAC,iBAAiB,CAAC;IACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,YAAY,CAAC,SAAS,EAAE,6CAA6C,CAAC,CAAC;IACnF,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/D,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,SAAS,GAAG,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACtD,MAAM,IAAI,YAAY,CACpB,YAAY,EACZ,+BAA+B,SAAS,KAAK,KAAK,EAAE,OAAO,IAAI,eAAe,EAAE,CACjF,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC9B,MAAM,IAAI,YAAY,CACpB,YAAY,EACZ,6CAA6C,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAC3F,CAAC;IACJ,CAAC;IAED,OAAO;QACL,cAAc,EAAE,oBAAoB,CAAC,OAAO,CAAC,cAAc,CAAC;QAC5D,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,IAAI;KAC/B,CAAC;AACJ,CAAC;AAsBD,MAAM,+BAA+B,GAAG;;;;;;;;;;;;;;;;;;;;EAoBtC,CAAC;AAcH;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,KAAa,EACb,IAA8B;IAE9B,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5D,MAAM,IAAI,YAAY,CAAC,kBAAkB,EAAE,iEAAiE,CAAC,CAAC;IAChH,CAAC;IAED,oEAAoE;IACpE,qEAAqE;IACrE,oEAAoE;IACpE,sEAAsE;IACtE,iEAAiE;IACjE,MAAM,GAAG,GAAG,MAAM,uBAAuB,CAAC,wBAAwB,EAAE,GAAG,EAAE,CACvE,qBAAqB,CAAC;QACpB,OAAO,EAAE,gBAAgB;QACzB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE;YACJ,gFAAgF;YAChF,aAAa,EAAE,sBAAsB;YACrC,KAAK,EAAE,+BAA+B;YACtC,SAAS,EAAE;gBACT,KAAK,EAAE;oBACL,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,OAAO,EAAE,IAAI,CAAC,OAAO;iBACc;aACtC;SACF;KACF,CAAC,CACH,CAAC;IAEF,MAAM,IAAI,GAAG,0BAA0B,CAAC,GAAG,EAAE,wBAAwB,CAEpE,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,CAAC,oBAAoB,CAAC;IAC1C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,YAAY,CAAC,SAAS,EAAE,gDAAgD,CAAC,CAAC;IACtF,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/D,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,SAAS,GAAG,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACtD,MAAM,IAAI,YAAY,CACpB,YAAY,EACZ,kCAAkC,SAAS,KAAK,KAAK,EAAE,OAAO,IAAI,eAAe,EAAE,CACpF,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC9B,MAAM,IAAI,YAAY,CACpB,YAAY,EACZ,gDAAgD,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAC9F,CAAC;IACJ,CAAC;IAED,OAAO;QACL,cAAc,EAAE,oBAAoB,CAAC,OAAO,CAAC,cAAc,CAAC;QAC5D,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,IAAI;KAC/B,CAAC;AACJ,CAAC;AAgBD,MAAM,0BAA0B,GAAG;;;;;;;;;;EAUjC,CAAC;AAkBH;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,KAAa;IACjD,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAEhD,sEAAsE;IACtE,oEAAoE;IACpE,uDAAuD;IACvD,wEAAwE;IACxE,sDAAsD;IACtD,MAAM,GAAG,GAAG,MAAM,uBAAuB,CAAC,mBAAmB,EAAE,GAAG,EAAE,CAClE,qBAAqB,CAAC;QACpB,OAAO,EAAE,gBAAgB;QACzB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE;YACJ,gFAAgF;YAChF,aAAa,EAAE,iBAAiB;YAChC,KAAK,EAAE,0BAA0B;YACjC,SAAS,EAAE,EAAE,KAAK,EAAE,EAAE,SAAS,EAAiC,EAAE;SACnE;KACF,CAAC,CACH,CAAC;IAEF,MAAM,IAAI,GAAG,0BAA0B,CAAC,GAAG,EAAE,mBAAmB,CAE/D,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC;IACrC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,YAAY,CAAC,SAAS,EAAE,2CAA2C,CAAC,CAAC;IACjF,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/D,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,YAAY,CAAC,YAAY,EAAE,6BAA6B,OAAO,KAAK,KAAK,EAAE,OAAO,IAAI,eAAe,EAAE,CAAC,CAAC;IACrH,CAAC;IACD,IAAI,OAAO,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC9B,MAAM,IAAI,YAAY,CACpB,YAAY,EACZ,2CAA2C,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CACzF,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC;AAC5C,CAAC"}

package/dist/services/profile/shared.d.ts

@@ -0,0 +1,127 @@
+import type { z } from "zod";
+import type { TransportResponse } from "../../transport.js";
+/**
+ * Shape of an entry in the GraphQL `errors` array (top-level, not the
+ * mutation-payload `errors` field). Mirrors the inline definition in
+ * `services/profile/basic/index.ts`; declared here so the four sub-domains
+ * landing in #74 share a single source of truth.
+ */
+export interface GraphQLErrorEntry {
+    message?: string | null;
+    extensions?: {
+        code?: string | null;
+    } | null;
+}
+/**
+ * Mutation-payload `UserError` shape (`{ code, key, message }`). Same name
+ * on the wire across `updateBasicInfo`, `createEducation`, `updateEducation`,
+ * etc. — keeping the interface here lets every sub-domain surface the
+ * same error fields uniformly.
+ *
+ * The canonical schema (`packages/core/src/__generated__/talent-profile.ts`)
+ * is the authority: `UserError { code, key, message }`. Selecting `field`
+ * (a stale name from earlier inferred drafts) returns a top-level GraphQL
+ * error from the server. See #248 for the wire-shape regression.
+ */
+export interface UserError {
+    code?: string | null;
+    key?: string | null;
+    message?: string | null;
+}
+/**
+ * Returns `true` when `extensions.code` on a GraphQL error indicates the
+ * session token has been revoked or expired and the user must re-run
+ * `ttctl auth signin`.
+ *
+ * Recognized stable codes (accumulated across surfaces and history):
+ *
+ *   - `'UNAUTHENTICATED'`         — talent-profile (Cloudflare-protected, web-portal API)
+ *   - `'AUTHENTICATION_REQUIRED'` — defensive carryover from #77 (provenance unverified;
+ *                                    see "Empirical history" below)
+ *   - `'UNAUTHORIZED'`            — mobile-gateway (federated `talent_schema` subgraph,
+ *                                    empirically observed 2026-05-07 for invalid bearer
+ *                                    tokens; see `research/notes/14-auth-error-extensions-code.md`)
+ *
+ * All three collapse to `AuthRevokedError` so the CLI / MCP surfaces apply a
+ * uniform "Run `ttctl auth signin`" recovery hint regardless of which surface
+ * raised the failure.
+ *
+ * **Empirical history** (issue #89): the original predicate (#77) recognized
+ * only the first two codes. Live mobile-gateway capture for an invalid bearer
+ * token returned HTTP 200 with `errors[0].extensions.code = 'UNAUTHORIZED'`
+ * (NOT `'AUTHENTICATION_REQUIRED'` as documentation suggested). All token-
+ * shape variants (corrupted, malformed, no-auth, plausible-but-invalid) flow
+ * through the same code path with identical responses, so this single code
+ * covers every "gateway can't resolve the token to an account" case.
+ *
+ * Future drift: a server-side rename adds another `||` clause here. New codes
+ * MUST be empirically captured before being added — see the research note for
+ * the capture procedure.
+ */
+export declare function isAuthRevokedExtensionCode(code: string | null | undefined): boolean;
+/**
+ * Resolve the signed-in user's `profileId` for use in mutation inputs that
+ * follow Pattern 2 (`{ profileId, <entity>: <Entity>Input }`) — see
+ * `research/notes/10-mutation-input-patterns.md`. Lazily fetches the
+ * profile via `profile.basic.show()` against the mobile-gateway surface,
+ * then extracts `viewerRole.profileId`.
+ *
+ * Errors propagate verbatim — a write attempt that can't read its own
+ * profile is unrecoverable, and surfacing the read-side error gives the
+ * user the same actionable message as `ttctl profile show`.
+ */
+export declare function extractProfileId(token: string): Promise<string>;
+/**
+ * Fire a GraphQL request against the talent-profile surface and turn
+ * transport-level outcomes into typed errors consistent across the four
+ * sub-domains landing in #74.
+ *
+ * Error mapping:
+ * - Underlying typed errors (`TtctlError` subclasses — `Cf403Error`,
+ *   `AuthRevokedError`, …) propagate as-is so the CLI / MCP surfaces can
+ *   render their `recovery` hints.
+ * - Other transport throws become `ProfileError("NETWORK_ERROR")` with
+ *   the underlying message tagged by `verb` (e.g. "education list").
+ * - HTTP 401 becomes `AuthRevokedError`.
+ * - Non-2xx becomes `ProfileError("UNKNOWN")`.
+ *
+ * Top-level GraphQL `errors` are NOT inspected here — callers handle
+ * those via {@link ensureNoTopLevelErrors} once they've narrowed the body
+ * to their expected shape.
+ *
+ * Optional `schema` parameter (Z-3 / #286): when provided, the
+ * response `body.data` is validated against the schema as a SIDE
+ * EFFECT before the helper returns; on `ZodError` the call throws
+ * `ProfileError("WIRE_SHAPE_ERROR")` with the original ZodError
+ * chained via `cause` and a field-level diff in the message per
+ * `docs/wire-validation-error-format.md`. The return shape is
+ * unchanged (`TransportResponse`) — callers still narrow `res.body`
+ * to their per-operation type. Schema validation is a guard rail; it
+ * does NOT mutate the response. When omitted, the existing pass-
+ * through behavior is preserved. No production op wires `schema` in
+ * Wave 3; Z-4 (#288) ships the first beachhead.
+ */
+export declare function callTalentProfile(token: string, operationName: string, query: string, variables: Record<string, unknown>, verb: string, schema?: z.ZodType): Promise<TransportResponse>;
+/**
+ * Throw a typed error when the GraphQL response carries a non-empty
+ * top-level `errors` array. Auth-revoked codes (per
+ * {@link isAuthRevokedExtensionCode}) become `AuthRevokedError`; anything
+ * else becomes `ProfileError("GRAPHQL_ERROR")` tagged by `verb`.
+ */
+export declare function ensureNoTopLevelErrors(body: {
+    errors?: GraphQLErrorEntry[] | null;
+} | null, verb: string): void;
+/**
+ * Inspect a mutation payload for `success === false` or a non-empty
+ * `errors` array and convert either into `ProfileError("USER_ERROR")`. The
+ * common shape across the four sub-domains' mutation payloads is
+ * `{ success?, notice?, errors?: UserError[] }`; this helper handles
+ * exactly that subset and lets each sub-domain narrow the rest of the
+ * payload itself.
+ */
+export declare function applyUserErrorsAndSuccess(payload: {
+    success?: boolean | null;
+    notice?: string | null;
+    errors?: UserError[] | null;
+}, verb: string): void;
+//# sourceMappingURL=shared.d.ts.map

package/dist/services/profile/shared.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../../../src/services/profile/shared.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAK7B,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAG5D;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAChC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,UAAU,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC;CAC9C;AAED;;;;;;;;;;GAUG;AACH,MAAM,WAAW,SAAS;IACxB,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAgB,0BAA0B,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAEnF;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAUrE;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAsB,iBAAiB,CACrC,KAAK,EAAE,MAAM,EACb,aAAa,EAAE,MAAM,EACrB,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAClC,IAAI,EAAE,MAAM,EACZ,MAAM,CAAC,EAAE,CAAC,CAAC,OAAO,GACjB,OAAO,CAAC,iBAAiB,CAAC,CA6B5B;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE;IAAE,MAAM,CAAC,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAA;CAAE,GAAG,IAAI,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI,CAQ/G;AAED;;;;;;;GAOG;AACH,wBAAgB,yBAAyB,CACvC,OAAO,EAAE;IAAE,OAAO,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,MAAM,CAAC,EAAE,SAAS,EAAE,GAAG,IAAI,CAAA;CAAE,EAC1F,IAAI,EAAE,MAAM,GACX,IAAI,CAYN"}