@tyvm/knowhow 0.0.20 → 0.0.22

package/ts_build/src/services/script-execution/ScriptExecutor.js

@@ -0,0 +1,207 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ScriptExecutor = void 0;
+const isolated_vm_1 = __importDefault(require("isolated-vm"));
+const SandboxContext_1 = require("./SandboxContext");
+const ScriptTracer_1 = require("./ScriptTracer");
+const ScriptPolicy_1 = require("./ScriptPolicy");
+class ScriptExecutor {
+    toolsService;
+    clients;
+    defaultQuotas = {
+        maxToolCalls: 50,
+        maxTokens: 10000,
+        maxExecutionTimeMs: 30000,
+        maxCostUsd: 1.0,
+        maxMemoryMb: 100,
+    };
+    defaultPolicy = {
+        allowlistedTools: [],
+        denylistedTools: [
+            "execCommand",
+            "writeFileChunk",
+            "patchFile",
+        ],
+        maxScriptLength: 50000,
+        allowNetworkAccess: false,
+        allowFileSystemAccess: false,
+    };
+    constructor(toolsService = null, clients = null) {
+        this.toolsService = toolsService;
+        this.clients = clients;
+    }
+    async execute(request) {
+        const tracer = new ScriptTracer_1.ScriptTracer();
+        const quotas = { ...this.defaultQuotas, ...request.quotas };
+        const policy = { ...this.defaultPolicy, ...request.policy };
+        const policyEnforcer = new ScriptPolicy_1.ScriptPolicyEnforcer(quotas, policy);
+        tracer.emitEvent("execution_start", {
+            scriptLength: request.script.length,
+            quotas,
+            policy: {
+                ...policy,
+                allowlistedTools: `${policy.allowlistedTools.length} tools`,
+                denylistedTools: `${policy.denylistedTools.length} tools`,
+            },
+        });
+        try {
+            const validation = policyEnforcer.validateScript(request.script);
+            if (!validation.valid) {
+                tracer.emitEvent("script_validation_failed", {
+                    issues: validation.issues,
+                });
+                return {
+                    success: false,
+                    error: `Script validation failed: ${validation.issues.join(", ")}`,
+                    result: null,
+                    trace: tracer.getTrace(),
+                    artifacts: [],
+                    consoleOutput: [],
+                };
+            }
+            tracer.emitEvent("script_validation_passed", {});
+            const context = new SandboxContext_1.SandboxContext(this.toolsService, this.clients, tracer, policyEnforcer);
+            const startTime = Date.now();
+            const timeoutMs = quotas.maxExecutionTimeMs;
+            const result = await this.executeWithTimeout(request.script, context, timeoutMs, tracer, policyEnforcer);
+            const executionTime = Date.now() - startTime;
+            tracer.emitEvent("execution_complete", {
+                executionTimeMs: executionTime,
+                finalUsage: policyEnforcer.getUsage(),
+            });
+            return {
+                success: true,
+                error: null,
+                result,
+                trace: tracer.getTrace(),
+                artifacts: context.getArtifacts(),
+                consoleOutput: context.getConsoleOutput(),
+            };
+        }
+        catch (error) {
+            const errorMessage = error instanceof Error ? error.message : String(error);
+            tracer.emitEvent("execution_error", {
+                error: errorMessage,
+                finalUsage: policyEnforcer.getUsage(),
+            });
+            return {
+                success: false,
+                error: errorMessage,
+                result: null,
+                trace: tracer.getTrace(),
+                artifacts: [],
+                consoleOutput: [],
+            };
+        }
+    }
+    async executeWithTimeout(script, context, timeoutMs, tracer, policyEnforcer) {
+        return new Promise((resolve, reject) => {
+            const timeoutId = setTimeout(() => {
+                tracer.emitEvent("execution_timeout", { timeoutMs });
+                reject(new Error(`Script execution timed out after ${timeoutMs}ms`));
+            }, timeoutMs);
+            this.executeScriptSecure(script, context, tracer, policyEnforcer)
+                .then((result) => {
+                clearTimeout(timeoutId);
+                resolve(result);
+            })
+                .catch((error) => {
+                clearTimeout(timeoutId);
+                reject(error);
+            });
+        });
+    }
+    async executeScriptSecure(script, context, tracer, policyEnforcer) {
+        tracer.emitEvent("secure_execution_start", {
+            note: "Using isolated-vm for secure execution",
+        });
+        const isolate = new isolated_vm_1.default.Isolate({
+            memoryLimit: policyEnforcer.getQuotas().maxMemoryMb,
+        });
+        try {
+            const vmContext = await isolate.createContext();
+            tracer.emitEvent("vm_context_created", {});
+            await this.setupIsolatedContext(vmContext, context, tracer);
+            tracer.emitEvent("script_compilation_start", {});
+            const wrappedScript = `
+        (async function() {
+          "use strict";
+          ${script}
+        })()
+      `;
+            const compiledScript = await isolate.compileScript(wrappedScript);
+            tracer.emitEvent("script_compilation_complete", {});
+            tracer.emitEvent("script_execution_start", {});
+            const result = await compiledScript.run(vmContext, {
+                timeout: policyEnforcer.getQuotas().maxExecutionTimeMs,
+                promise: true,
+            });
+            tracer.emitEvent("script_execution_complete", {
+                resultType: typeof result,
+            });
+            return result;
+        }
+        finally {
+            isolate.dispose();
+            tracer.emitEvent("vm_cleanup_complete", {});
+        }
+    }
+    async setupIsolatedContext(vmContext, sandboxContext, tracer) {
+        tracer.emitEvent("context_setup_start", {});
+        const globalRef = vmContext.global;
+        await globalRef.set("globalThis", globalRef.derefInto());
+        const exposeAsync = async (name, fn) => {
+            await globalRef.set(`__host_${name}`, new isolated_vm_1.default.Reference(async (...args) => {
+                const result = await fn(...args);
+                return new isolated_vm_1.default.ExternalCopy(result).copyInto();
+            }));
+            await vmContext.eval(`
+        globalThis.${name} = (...a) =>
+          __host_${name}.apply(undefined, a,
+            { arguments: { copy: true }, result: { promise: true, copy: true } });
+      `);
+        };
+        const exposeSync = async (name, fn) => {
+            await globalRef.set(`__host_${name}`, new isolated_vm_1.default.Reference((...args) => {
+                const result = fn(...args);
+                return new isolated_vm_1.default.ExternalCopy(result).copyInto();
+            }));
+            await vmContext.eval(`
+        globalThis.${name} = (...a) =>
+          __host_${name}.apply(undefined, a,
+            { arguments: { copy: true }, result: { copy: true } });
+      `);
+        };
+        await exposeAsync("callTool", (tool, params) => sandboxContext.callTool(tool, params));
+        await exposeAsync("llm", (messages, options) => sandboxContext.llm(messages, options || {}));
+        await exposeAsync("sleep", (ms) => sandboxContext.sleep(ms));
+        await exposeSync("createArtifact", (name, content, type) => sandboxContext.createArtifact(name, content, type));
+        await exposeSync("getQuotaUsage", () => sandboxContext.getQuotaUsage());
+        for (const level of ["log", "info", "warn", "error"]) {
+            await globalRef.set(`__console_${level}`, new isolated_vm_1.default.Reference((...args) => sandboxContext.console[level](...args)));
+        }
+        await vmContext.eval(`
+      globalThis.console = {};
+      for (const lvl of ["log", "info", "warn", "error"]) {
+        globalThis.console[lvl] = (...a) =>
+          globalThis["__console_" + lvl].apply(undefined, a,
+            { arguments: { copy: true } });
+      }
+    `);
+        tracer.emitEvent("context_setup_complete", {});
+    }
+    async executeScriptFallback(script, context, tracer, policyEnforcer) {
+        throw new Error("Isolated-vm execution failed, no fallback available");
+    }
+    getDefaultQuotas() {
+        return { ...this.defaultQuotas };
+    }
+    getDefaultPolicy() {
+        return { ...this.defaultPolicy };
+    }
+}
+exports.ScriptExecutor = ScriptExecutor;
+//# sourceMappingURL=ScriptExecutor.js.map

package/ts_build/src/services/script-execution/ScriptExecutor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ScriptExecutor.js","sourceRoot":"","sources":["../../../../src/services/script-execution/ScriptExecutor.ts"],"names":[],"mappings":";;;;;;AAAA,8DAA8B;AAG9B,qDAAkD;AAClD,iDAA8C;AAC9C,iDAAsD;AAYtD,MAAa,cAAc;IAsBf;IACA;IAtBF,aAAa,GAAmB;QACtC,YAAY,EAAE,EAAE;QAChB,SAAS,EAAE,KAAK;QAChB,kBAAkB,EAAE,KAAK;QACzB,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,GAAG;KACjB,CAAC;IAEM,aAAa,GAAmB;QACtC,gBAAgB,EAAE,EAAE;QACpB,eAAe,EAAE;YACf,aAAa;YACb,gBAAgB;YAChB,WAAW;SACZ;QACD,eAAe,EAAE,KAAK;QACtB,kBAAkB,EAAE,KAAK;QACzB,qBAAqB,EAAE,KAAK;KAC7B,CAAC;IAEF,YACU,eAAoC,IAAI,EACxC,UAAiC,IAAI;QADrC,iBAAY,GAAZ,YAAY,CAA4B;QACxC,YAAO,GAAP,OAAO,CAA8B;IAC5C,CAAC;IAKJ,KAAK,CAAC,OAAO,CAAC,OAAyB;QACrC,MAAM,MAAM,GAAG,IAAI,2BAAY,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;QAC5D,MAAM,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;QAC5D,MAAM,cAAc,GAAG,IAAI,mCAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEhE,MAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE;YAClC,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM;YACnC,MAAM;YACN,MAAM,EAAE;gBACN,GAAG,MAAM;gBAET,gBAAgB,EAAE,GAAG,MAAM,CAAC,gBAAgB,CAAC,MAAM,QAAQ;gBAC3D,eAAe,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,QAAQ;aAC1D;SACF,CAAC,CAAC;QAEH,IAAI;YAEF,MAAM,UAAU,GAAG,cAAc,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACjE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE;gBACrB,MAAM,CAAC,SAAS,CAAC,0BAA0B,EAAE;oBAC3C,MAAM,EAAE,UAAU,CAAC,MAAM;iBAC1B,CAAC,CAAC;gBAEH,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,6BAA6B,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBAClE,MAAM,EAAE,IAAI;oBACZ,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE;oBACxB,SAAS,EAAE,EAAE;oBACb,aAAa,EAAE,EAAE;iBAClB,CAAC;aACH;YAED,MAAM,CAAC,SAAS,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAC;YAGjD,MAAM,OAAO,GAAG,IAAI,+BAAc,CAChC,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,OAAO,EACZ,MAAM,EACN,cAAc,CACf,CAAC;YAGF,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAC7B,MAAM,SAAS,GAAG,MAAM,CAAC,kBAAkB,CAAC;YAE5C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC1C,OAAO,CAAC,MAAM,EACd,OAAO,EACP,SAAS,EACT,MAAM,EACN,cAAc,CACf,CAAC;YAEF,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7C,MAAM,CAAC,SAAS,CAAC,oBAAoB,EAAE;gBACrC,eAAe,EAAE,aAAa;gBAC9B,UAAU,EAAE,cAAc,CAAC,QAAQ,EAAE;aACtC,CAAC,CAAC;YAEH,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,IAAI;gBACX,MAAM;gBACN,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACxB,SAAS,EAAE,OAAO,CAAC,YAAY,EAAE;gBACjC,aAAa,EAAE,OAAO,CAAC,gBAAgB,EAAE;aAC1C,CAAC;SACH;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAEzD,MAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE;gBAClC,KAAK,EAAE,YAAY;gBACnB,UAAU,EAAE,cAAc,CAAC,QAAQ,EAAE;aACtC,CAAC,CAAC;YAEH,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,YAAY;gBACnB,MAAM,EAAE,IAAI;gBACZ,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACxB,SAAS,EAAE,EAAE;gBACb,aAAa,EAAE,EAAE;aAClB,CAAC;SACH;IACH,CAAC;IAKO,KAAK,CAAC,kBAAkB,CAC9B,MAAc,EACd,OAAuB,EACvB,SAAiB,EACjB,MAAoB,EACpB,cAAoC;QAEpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;gBAChC,MAAM,CAAC,SAAS,CAAC,mBAAmB,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;gBACrD,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,SAAS,IAAI,CAAC,CAAC,CAAC;YACvE,CAAC,EAAE,SAAS,CAAC,CAAC;YAGd,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,cAAc,CAAC;iBAC9D,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE;gBACf,YAAY,CAAC,SAAS,CAAC,CAAC;gBACxB,OAAO,CAAC,MAAM,CAAC,CAAC;YAClB,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;gBACf,YAAY,CAAC,SAAS,CAAC,CAAC;gBACxB,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;QACP,CAAC,CAAC,CAAC;IACL,CAAC;IAKO,KAAK,CAAC,mBAAmB,CAC/B,MAAc,EACd,OAAuB,EACvB,MAAoB,EACpB,cAAoC;QAEpC,MAAM,CAAC,SAAS,CAAC,wBAAwB,EAAE;YACzC,IAAI,EAAE,wCAAwC;SAC/C,CAAC,CAAC;QAGH,MAAM,OAAO,GAAG,IAAI,qBAAG,CAAC,OAAO,CAAC;YAC9B,WAAW,EAAE,cAAc,CAAC,SAAS,EAAE,CAAC,WAAW;SACpD,CAAC,CAAC;QAEH,IAAI;YAEF,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,aAAa,EAAE,CAAC;YAEhD,MAAM,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;YAG3C,MAAM,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;YAE5D,MAAM,CAAC,SAAS,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAC;YAGjD,MAAM,aAAa,GAAG;;;YAGhB,MAAM;;OAEX,CAAC;YAEF,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;YAElE,MAAM,CAAC,SAAS,CAAC,6BAA6B,EAAE,EAAE,CAAC,CAAC;YACpD,MAAM,CAAC,SAAS,CAAC,wBAAwB,EAAE,EAAE,CAAC,CAAC;YAG/C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,GAAG,CAAC,SAAS,EAAE;gBACjD,OAAO,EAAE,cAAc,CAAC,SAAS,EAAE,CAAC,kBAAkB;gBACtD,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;YAEH,MAAM,CAAC,SAAS,CAAC,2BAA2B,EAAE;gBAC5C,UAAU,EAAE,OAAO,MAAM;aAC1B,CAAC,CAAC;YAEH,OAAO,MAAM,CAAC;SACf;gBAAS;YAER,OAAO,CAAC,OAAO,EAAE,CAAC;YAClB,MAAM,CAAC,SAAS,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;SAC7C;IACH,CAAC;IAKO,KAAK,CAAC,oBAAoB,CAChC,SAAsB,EACtB,cAA8B,EAC9B,MAAoB;QAEpB,MAAM,CAAC,SAAS,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;QAE5C,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC;QACnC,MAAM,SAAS,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;QAGzD,MAAM,WAAW,GAAG,KAAK,EACvB,IAAY,EACZ,EAAiC,EACjC,EAAE;YACF,MAAM,SAAS,CAAC,GAAG,CACjB,UAAU,IAAI,EAAE,EAChB,IAAI,qBAAG,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,IAAW,EAAE,EAAE;gBACzC,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBACjC,OAAO,IAAI,qBAAG,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;YACjD,CAAC,CAAC,CACH,CAAC;YACF,MAAM,SAAS,CAAC,IAAI,CAAC;qBACN,IAAI;mBACN,IAAI;;OAEhB,CAAC,CAAC;QACL,CAAC,CAAC;QAGF,MAAM,UAAU,GAAG,KAAK,EAAE,IAAY,EAAE,EAAwB,EAAE,EAAE;YAClE,MAAM,SAAS,CAAC,GAAG,CACjB,UAAU,IAAI,EAAE,EAChB,IAAI,qBAAG,CAAC,SAAS,CAAC,CAAC,GAAG,IAAW,EAAE,EAAE;gBACnC,MAAM,MAAM,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC3B,OAAO,IAAI,qBAAG,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;YACjD,CAAC,CAAC,CACH,CAAC;YACF,MAAM,SAAS,CAAC,IAAI,CAAC;qBACN,IAAI;mBACN,IAAI;;OAEhB,CAAC,CAAC;QACL,CAAC,CAAC;QAGF,MAAM,WAAW,CAAC,UAAU,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAC7C,cAAc,CAAC,QAAQ,CAAC,IAAc,EAAE,MAAM,CAAC,CAChD,CAAC;QACF,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,CAC7C,cAAc,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,IAAI,EAAE,CAAC,CAC5C,CAAC;QACF,MAAM,WAAW,CAAC,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QAG7D,MAAM,UAAU,CAAC,gBAAgB,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,CACzD,cAAc,CAAC,cAAc,CAAC,IAAc,EAAE,OAAO,EAAE,IAAI,CAAC,CAC7D,CAAC;QACF,MAAM,UAAU,CAAC,eAAe,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC,CAAC;QAGxE,KAAK,MAAM,KAAK,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAU,EAAE;YAC7D,MAAM,SAAS,CAAC,GAAG,CACjB,aAAa,KAAK,EAAE,EACpB,IAAI,qBAAG,CAAC,SAAS,CAAC,CAAC,GAAG,IAAW,EAAE,EAAE,CACnC,cAAc,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,CACvC,CACF,CAAC;SACH;QACD,MAAM,SAAS,CAAC,IAAI,CAAC;;;;;;;KAOpB,CAAC,CAAC;QAEH,MAAM,CAAC,SAAS,CAAC,wBAAwB,EAAE,EAAE,CAAC,CAAC;IACjD,CAAC;IAKO,KAAK,CAAC,qBAAqB,CACjC,MAAc,EACd,OAAuB,EACvB,MAAoB,EACpB,cAAoC;QAGpC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IAKD,gBAAgB;QACd,OAAO,EAAE,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IACnC,CAAC;IAKD,gBAAgB;QACd,OAAO,EAAE,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IACnC,CAAC;CACF;AA/TD,wCA+TC"}

package/ts_build/src/services/script-execution/ScriptPolicy.d.ts

@@ -0,0 +1,27 @@
+import { ResourceQuotas, SecurityPolicy, QuotaUsage, PolicyViolation } from './types';
+export declare class ScriptPolicyEnforcer {
+    private quotas;
+    private policy;
+    private usage;
+    private violations;
+    constructor(quotas: ResourceQuotas, policy: SecurityPolicy);
+    checkToolCall(toolName: string): boolean;
+    recordToolCall(): void;
+    checkTokenUsage(tokens: number): boolean;
+    recordTokenUsage(tokens: number): void;
+    checkExecutionTime(currentTimeMs: number): boolean;
+    checkCost(additionalCost: number): boolean;
+    recordCost(cost: number): void;
+    getUsage(): QuotaUsage;
+    getQuotas(): ResourceQuotas;
+    getViolations(): PolicyViolation[];
+    hasViolations(): boolean;
+    getLastViolation(): PolicyViolation | undefined;
+    resetUsage(): void;
+    resetViolations(): void;
+    validateScript(scriptContent: string): {
+        valid: boolean;
+        issues: string[];
+    };
+    private recordViolation;
+}

package/ts_build/src/services/script-execution/ScriptPolicy.js

@@ -0,0 +1,150 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ScriptPolicyEnforcer = void 0;
+class ScriptPolicyEnforcer {
+    quotas;
+    policy;
+    usage;
+    violations = [];
+    constructor(quotas, policy) {
+        this.quotas = quotas;
+        this.policy = policy;
+        this.usage = {
+            toolCalls: 0,
+            tokens: 0,
+            executionTimeMs: 0,
+            costUsd: 0
+        };
+    }
+    checkToolCall(toolName) {
+        if (this.policy.denylistedTools && this.policy.denylistedTools.includes(toolName)) {
+            this.recordViolation('tool_denied', `Tool '${toolName}' is in denylist`);
+            return false;
+        }
+        if (this.policy.allowlistedTools && this.policy.allowlistedTools.length > 0 &&
+            !this.policy.allowlistedTools.includes(toolName)) {
+            this.recordViolation('tool_not_allowed', `Tool '${toolName}' is not in allowlist`);
+            return false;
+        }
+        if (this.usage.toolCalls >= this.quotas.maxToolCalls) {
+            this.recordViolation('quota_exceeded', 'Maximum tool calls exceeded');
+            return false;
+        }
+        return true;
+    }
+    recordToolCall() {
+        this.usage.toolCalls++;
+    }
+    checkTokenUsage(tokens) {
+        if (this.usage.tokens + tokens > this.quotas.maxTokens) {
+            this.recordViolation('quota_exceeded', 'Maximum tokens would be exceeded');
+            return false;
+        }
+        return true;
+    }
+    recordTokenUsage(tokens) {
+        this.usage.tokens += tokens;
+    }
+    checkExecutionTime(currentTimeMs) {
+        if (currentTimeMs > this.quotas.maxExecutionTimeMs) {
+            this.recordViolation('quota_exceeded', 'Maximum execution time exceeded');
+            return false;
+        }
+        this.usage.executionTimeMs = currentTimeMs;
+        return true;
+    }
+    checkCost(additionalCost) {
+        if (this.usage.costUsd + additionalCost > this.quotas.maxCostUsd) {
+            this.recordViolation('quota_exceeded', 'Maximum cost would be exceeded');
+            return false;
+        }
+        return true;
+    }
+    recordCost(cost) {
+        this.usage.costUsd += cost;
+    }
+    getUsage() {
+        return { ...this.usage };
+    }
+    getQuotas() {
+        return { ...this.quotas };
+    }
+    getViolations() {
+        return [...this.violations];
+    }
+    hasViolations() {
+        return this.violations.length > 0;
+    }
+    getLastViolation() {
+        return this.violations[this.violations.length - 1];
+    }
+    resetUsage() {
+        this.usage = {
+            toolCalls: 0,
+            tokens: 0,
+            executionTimeMs: 0,
+            costUsd: 0
+        };
+    }
+    resetViolations() {
+        this.violations = [];
+    }
+    validateScript(scriptContent) {
+        const issues = [];
+        const dangerousPatterns = [
+            /require\s*\(/gi,
+            /import\s+.*\s+from/gi,
+            /process\./gi,
+            /global\./gi,
+            /eval\s*\(/gi,
+            /Function\s*\(/gi,
+            /setTimeout/gi,
+            /setInterval/gi,
+            /fetch\s*\(/gi,
+            /XMLHttpRequest/gi,
+            /WebSocket/gi,
+            /location\./gi,
+            /document\./gi,
+            /window\./gi,
+        ];
+        for (const pattern of dangerousPatterns) {
+            if (pattern.test(scriptContent)) {
+                issues.push(`Potentially dangerous pattern detected: ${pattern.source}`);
+            }
+        }
+        if (scriptContent.length > this.policy.maxScriptLength) {
+            issues.push(`Script too long: ${scriptContent.length} > ${this.policy.maxScriptLength}`);
+        }
+        const complexityIndicators = [
+            /for\s*\(/gi,
+            /while\s*\(/gi,
+            /function\s+\w+/gi,
+            /=>\s*{/gi,
+            /if\s*\(/gi,
+        ];
+        let complexityScore = 0;
+        for (const indicator of complexityIndicators) {
+            const matches = scriptContent.match(indicator);
+            complexityScore += matches ? matches.length : 0;
+        }
+        if (complexityScore > 50) {
+            issues.push(`Script complexity too high: ${complexityScore} constructs detected`);
+        }
+        return {
+            valid: issues.length === 0,
+            issues
+        };
+    }
+    recordViolation(type, message) {
+        const violation = {
+            id: `violation-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,
+            type,
+            message,
+            timestamp: Date.now(),
+            usage: { ...this.usage }
+        };
+        this.violations.push(violation);
+    }
+}
+exports.ScriptPolicyEnforcer = ScriptPolicyEnforcer;
+//# sourceMappingURL=ScriptPolicy.js.map

package/ts_build/src/services/script-execution/ScriptPolicy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ScriptPolicy.js","sourceRoot":"","sources":["../../../../src/services/script-execution/ScriptPolicy.ts"],"names":[],"mappings":";;;AAUA,MAAa,oBAAoB;IAKrB;IACA;IALF,KAAK,CAAa;IAClB,UAAU,GAAsB,EAAE,CAAC;IAE3C,YACU,MAAsB,EACtB,MAAsB;QADtB,WAAM,GAAN,MAAM,CAAgB;QACtB,WAAM,GAAN,MAAM,CAAgB;QAE9B,IAAI,CAAC,KAAK,GAAG;YACX,SAAS,EAAE,CAAC;YACZ,MAAM,EAAE,CAAC;YACT,eAAe,EAAE,CAAC;YAClB,OAAO,EAAE,CAAC;SACX,CAAC;IACJ,CAAC;IAKD,aAAa,CAAC,QAAgB;QAE5B,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YACjF,IAAI,CAAC,eAAe,CAAC,aAAa,EAAE,SAAS,QAAQ,kBAAkB,CAAC,CAAC;YACzE,OAAO,KAAK,CAAC;SACd;QAGD,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC;YACvE,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YACpD,IAAI,CAAC,eAAe,CAAC,kBAAkB,EAAE,SAAS,QAAQ,uBAAuB,CAAC,CAAC;YACnF,OAAO,KAAK,CAAC;SACd;QAGD,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;YACpD,IAAI,CAAC,eAAe,CAAC,gBAAgB,EAAE,6BAA6B,CAAC,CAAC;YACtE,OAAO,KAAK,CAAC;SACd;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,cAAc;QACZ,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;IACzB,CAAC;IAKD,eAAe,CAAC,MAAc;QAC5B,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE;YACtD,IAAI,CAAC,eAAe,CAAC,gBAAgB,EAAE,kCAAkC,CAAC,CAAC;YAC3E,OAAO,KAAK,CAAC;SACd;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,gBAAgB,CAAC,MAAc;QAC7B,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,MAAM,CAAC;IAC9B,CAAC;IAKD,kBAAkB,CAAC,aAAqB;QACtC,IAAI,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE;YAClD,IAAI,CAAC,eAAe,CAAC,gBAAgB,EAAE,iCAAiC,CAAC,CAAC;YAC1E,OAAO,KAAK,CAAC;SACd;QACD,IAAI,CAAC,KAAK,CAAC,eAAe,GAAG,aAAa,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,SAAS,CAAC,cAAsB;QAC9B,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE;YAChE,IAAI,CAAC,eAAe,CAAC,gBAAgB,EAAE,gCAAgC,CAAC,CAAC;YACzE,OAAO,KAAK,CAAC;SACd;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,UAAU,CAAC,IAAY;QACrB,IAAI,CAAC,KAAK,CAAC,OAAO,IAAI,IAAI,CAAC;IAC7B,CAAC;IAKD,QAAQ;QACN,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAKD,SAAS;QACP,OAAO,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;IAC5B,CAAC;IAKD,aAAa;QACX,OAAO,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;IAC9B,CAAC;IAKD,aAAa;QACX,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;IACpC,CAAC;IAKD,gBAAgB;QACd,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACrD,CAAC;IAKD,UAAU;QACR,IAAI,CAAC,KAAK,GAAG;YACX,SAAS,EAAE,CAAC;YACZ,MAAM,EAAE,CAAC;YACT,eAAe,EAAE,CAAC;YAClB,OAAO,EAAE,CAAC;SACX,CAAC;IACJ,CAAC;IAKD,eAAe;QACb,IAAI,CAAC,UAAU,GAAG,EAAE,CAAC;IACvB,CAAC;IAKD,cAAc,CAAC,aAAqB;QAClC,MAAM,MAAM,GAAa,EAAE,CAAC;QAG5B,MAAM,iBAAiB,GAAG;YACxB,gBAAgB;YAChB,sBAAsB;YACtB,aAAa;YACb,YAAY;YACZ,aAAa;YACb,iBAAiB;YACjB,cAAc;YACd,eAAe;YACf,cAAc;YACd,kBAAkB;YAClB,aAAa;YACb,cAAc;YACd,cAAc;YACd,YAAY;SACb,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE;YACvC,IAAI,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE;gBAC/B,MAAM,CAAC,IAAI,CAAC,2CAA2C,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;aAC1E;SACF;QAGD,IAAI,aAAa,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE;YACtD,MAAM,CAAC,IAAI,CAAC,oBAAoB,aAAa,CAAC,MAAM,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC;SAC1F;QAGD,MAAM,oBAAoB,GAAG;YAC3B,YAAY;YACZ,cAAc;YACd,kBAAkB;YAClB,UAAU;YACV,WAAW;SACZ,CAAC;QAEF,IAAI,eAAe,GAAG,CAAC,CAAC;QACxB,KAAK,MAAM,SAAS,IAAI,oBAAoB,EAAE;YAC5C,MAAM,OAAO,GAAG,aAAa,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAC/C,eAAe,IAAI,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;SACjD;QAED,IAAI,eAAe,GAAG,EAAE,EAAE;YACxB,MAAM,CAAC,IAAI,CAAC,+BAA+B,eAAe,sBAAsB,CAAC,CAAC;SACnF;QAED,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;YAC1B,MAAM;SACP,CAAC;IACJ,CAAC;IAKO,eAAe,CAAC,IAAiF,EAAE,OAAe;QACxH,MAAM,SAAS,GAAoB;YACjC,EAAE,EAAE,aAAa,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YACxE,IAAI;YACJ,OAAO;YACP,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,KAAK,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE;SACzB,CAAC;QAEF,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAClC,CAAC;CACF;AAjOD,oDAiOC"}

package/ts_build/src/services/script-execution/ScriptTracer.d.ts

@@ -0,0 +1,19 @@
+import { TraceEvent, TraceMetrics, ExecutionTrace, QuotaUsage } from "./types";
+export declare class ScriptTracer {
+    private events;
+    private metrics;
+    private startTime;
+    constructor();
+    emitEvent(type: string, data: any): void;
+    recordCost(costUsd: number): void;
+    getCurrentQuota(): QuotaUsage;
+    getEvents(): TraceEvent[];
+    getMetrics(): TraceMetrics;
+    getTrace(): ExecutionTrace;
+    reset(): void;
+    private updateMetrics;
+    private getLastError;
+    private sanitizeEventData;
+    private isSensitiveKey;
+    private sanitizeParameters;
+}

package/ts_build/src/services/script-execution/ScriptTracer.js

@@ -0,0 +1,186 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ScriptTracer = void 0;
+class ScriptTracer {
+    events = [];
+    metrics;
+    startTime;
+    constructor() {
+        this.startTime = Date.now();
+        this.metrics = {
+            executionTimeMs: 0,
+            toolCallCount: 0,
+            llmCallCount: 0,
+            tokenUsage: {
+                prompt: 0,
+                completion: 0,
+                total: 0,
+            },
+            memoryUsage: {
+                heapUsed: 0,
+                heapTotal: 0,
+            },
+            costUsd: 0,
+        };
+    }
+    emitEvent(type, data) {
+        const event = {
+            id: `evt-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,
+            type,
+            timestamp: Date.now(),
+            data: this.sanitizeEventData(data),
+        };
+        this.events.push(event);
+        this.updateMetrics(event);
+    }
+    recordCost(costUsd) {
+        this.metrics.costUsd += costUsd;
+        this.emitEvent("cost_recorded", {
+            costUsd,
+            totalCost: this.metrics.costUsd,
+        });
+    }
+    getCurrentQuota() {
+        return {
+            toolCalls: this.metrics.toolCallCount,
+            tokens: this.metrics.tokenUsage.total,
+            executionTimeMs: Date.now() - this.startTime,
+            costUsd: this.metrics.costUsd,
+        };
+    }
+    getEvents() {
+        return [...this.events];
+    }
+    getMetrics() {
+        return {
+            ...this.metrics,
+            executionTimeMs: Date.now() - this.startTime,
+        };
+    }
+    getTrace() {
+        return {
+            id: `trace-${Date.now()}`,
+            startTime: this.startTime,
+            endTime: Date.now(),
+            events: this.getEvents(),
+            metrics: this.getMetrics(),
+            success: !this.events.some((e) => e.type.includes("error")),
+            error: this.getLastError(),
+        };
+    }
+    reset() {
+        this.events = [];
+        this.startTime = Date.now();
+        this.metrics = {
+            executionTimeMs: 0,
+            toolCallCount: 0,
+            llmCallCount: 0,
+            tokenUsage: {
+                prompt: 0,
+                completion: 0,
+                total: 0,
+            },
+            memoryUsage: {
+                heapUsed: 0,
+                heapTotal: 0,
+            },
+            costUsd: 0,
+        };
+    }
+    updateMetrics(event) {
+        switch (event.type) {
+            case "tool_call_start":
+                this.metrics.toolCallCount++;
+                break;
+            case "llm_call_start":
+                this.metrics.llmCallCount++;
+                break;
+            case "llm_call_success":
+                if (event.data && event.data.usage) {
+                    const usage = event.data.usage;
+                    this.metrics.tokenUsage.prompt += usage.prompt_tokens || 0;
+                    this.metrics.tokenUsage.completion += usage.completion_tokens || 0;
+                    this.metrics.tokenUsage.total += usage.total_tokens || 0;
+                }
+                break;
+        }
+        if (typeof process !== "undefined" && process.memoryUsage) {
+            const memUsage = process.memoryUsage();
+            this.metrics.memoryUsage.heapUsed = memUsage.heapUsed;
+            this.metrics.memoryUsage.heapTotal = memUsage.heapTotal;
+        }
+    }
+    getLastError() {
+        const errorEvents = this.events
+            .filter((e) => e.type.includes("error"))
+            .reverse();
+        if (errorEvents.length > 0) {
+            const lastError = errorEvents[0];
+            return (lastError.data?.error || lastError.data?.message || "Unknown error");
+        }
+        return undefined;
+    }
+    sanitizeEventData(data) {
+        if (data === null || data === undefined) {
+            return data;
+        }
+        if (typeof data === "string") {
+            return data.length > 1000
+                ? data.substring(0, 1000) + "...[TRUNCATED]"
+                : data;
+        }
+        if (Array.isArray(data)) {
+            return data.map((item) => this.sanitizeEventData(item));
+        }
+        if (typeof data === "object") {
+            const sanitized = {};
+            for (const [key, value] of Object.entries(data)) {
+                if (this.isSensitiveKey(key)) {
+                    sanitized[key] = "[REDACTED]";
+                }
+                else if (key === "parameters" && typeof value === "object") {
+                    sanitized[key] = this.sanitizeParameters(value);
+                }
+                else {
+                    sanitized[key] = this.sanitizeEventData(value);
+                }
+            }
+            return sanitized;
+        }
+        return data;
+    }
+    isSensitiveKey(key) {
+        const lowerKey = key.toLowerCase();
+        const sensitivePatterns = [
+            "password",
+            "secret",
+            "token",
+            "key",
+            "auth",
+            "credential",
+            "private",
+            "confidential",
+        ];
+        return sensitivePatterns.some((pattern) => lowerKey.includes(pattern));
+    }
+    sanitizeParameters(params) {
+        if (!params || typeof params !== "object") {
+            return params;
+        }
+        const sanitized = {};
+        for (const [key, value] of Object.entries(params)) {
+            if (this.isSensitiveKey(key)) {
+                sanitized[key] = "[REDACTED]";
+            }
+            else if (typeof value === "string" && value.length > 500) {
+                sanitized[key] = value.substring(0, 500) + "...[TRUNCATED]";
+            }
+            else {
+                sanitized[key] = this.sanitizeEventData(value);
+            }
+        }
+        return sanitized;
+    }
+}
+exports.ScriptTracer = ScriptTracer;
+//# sourceMappingURL=ScriptTracer.js.map

package/ts_build/src/services/script-execution/ScriptTracer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ScriptTracer.js","sourceRoot":"","sources":["../../../../src/services/script-execution/ScriptTracer.ts"],"names":[],"mappings":";;;AAKA,MAAa,YAAY;IACf,MAAM,GAAiB,EAAE,CAAC;IAC1B,OAAO,CAAe;IACtB,SAAS,CAAS;IAE1B;QACE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO,GAAG;YACb,eAAe,EAAE,CAAC;YAClB,aAAa,EAAE,CAAC;YAChB,YAAY,EAAE,CAAC;YACf,UAAU,EAAE;gBACV,MAAM,EAAE,CAAC;gBACT,UAAU,EAAE,CAAC;gBACb,KAAK,EAAE,CAAC;aACT;YACD,WAAW,EAAE;gBACX,QAAQ,EAAE,CAAC;gBACX,SAAS,EAAE,CAAC;aACb;YACD,OAAO,EAAE,CAAC;SACX,CAAC;IACJ,CAAC;IAKD,SAAS,CAAC,IAAY,EAAE,IAAS;QAC/B,MAAM,KAAK,GAAe;YACxB,EAAE,EAAE,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YAClE,IAAI;YACJ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,IAAI,EAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC;SACnC,CAAC;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACxB,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC;IAKD,UAAU,CAAC,OAAe;QACxB,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC;QAChC,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;YAC9B,OAAO;YACP,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;SAChC,CAAC,CAAC;IACL,CAAC;IAKD,eAAe;QACb,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa;YACrC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK;YACrC,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS;YAC5C,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;SAC9B,CAAC;IACJ,CAAC;IAKD,SAAS;QACP,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1B,CAAC;IAKD,UAAU;QACR,OAAO;YACL,GAAG,IAAI,CAAC,OAAO;YACf,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS;SAC7C,CAAC;IACJ,CAAC;IAKD,QAAQ;QACN,OAAO;YACL,EAAE,EAAE,SAAS,IAAI,CAAC,GAAG,EAAE,EAAE;YACzB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE;YACnB,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE;YACxB,OAAO,EAAE,IAAI,CAAC,UAAU,EAAE;YAC1B,OAAO,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAC3D,KAAK,EAAE,IAAI,CAAC,YAAY,EAAE;SAC3B,CAAC;IACJ,CAAC;IAKD,KAAK;QACH,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACjB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO,GAAG;YACb,eAAe,EAAE,CAAC;YAClB,aAAa,EAAE,CAAC;YAChB,YAAY,EAAE,CAAC;YACf,UAAU,EAAE;gBACV,MAAM,EAAE,CAAC;gBACT,UAAU,EAAE,CAAC;gBACb,KAAK,EAAE,CAAC;aACT;YACD,WAAW,EAAE;gBACX,QAAQ,EAAE,CAAC;gBACX,SAAS,EAAE,CAAC;aACb;YACD,OAAO,EAAE,CAAC;SACX,CAAC;IACJ,CAAC;IAKO,aAAa,CAAC,KAAiB;QACrC,QAAQ,KAAK,CAAC,IAAI,EAAE;YAClB,KAAK,iBAAiB;gBACpB,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC7B,MAAM;YAER,KAAK,gBAAgB;gBACnB,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;gBAC5B,MAAM;YAER,KAAK,kBAAkB;gBACrB,IAAI,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE;oBAClC,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;oBAC/B,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,IAAI,KAAK,CAAC,aAAa,IAAI,CAAC,CAAC;oBAC3D,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,UAAU,IAAI,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC;oBACnE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,IAAI,KAAK,CAAC,YAAY,IAAI,CAAC,CAAC;iBAC1D;gBACD,MAAM;SACT;QAGD,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,OAAO,CAAC,WAAW,EAAE;YACzD,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;YACvC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC;YACtD,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAC;SACzD;IACH,CAAC;IAKO,YAAY;QAClB,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM;aAC5B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;aACvC,OAAO,EAAE,CAAC;QAEb,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE;YAC1B,MAAM,SAAS,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;YACjC,OAAO,CACL,SAAS,CAAC,IAAI,EAAE,KAAK,IAAI,SAAS,CAAC,IAAI,EAAE,OAAO,IAAI,eAAe,CACpE,CAAC;SACH;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAKO,iBAAiB,CAAC,IAAS;QACjC,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,SAAS,EAAE;YACvC,OAAO,IAAI,CAAC;SACb;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAE5B,OAAO,IAAI,CAAC,MAAM,GAAG,IAAI;gBACvB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,gBAAgB;gBAC5C,CAAC,CAAC,IAAI,CAAC;SACV;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YACvB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC;SACzD;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,MAAM,SAAS,GAAQ,EAAE,CAAC;YAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;gBAE/C,IAAI,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;oBAC5B,SAAS,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;iBAC/B;qBAAM,IAAI,GAAG,KAAK,YAAY,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;oBAE5D,SAAS,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;iBACjD;qBAAM;oBACL,SAAS,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;iBAChD;aACF;YACD,OAAO,SAAS,CAAC;SAClB;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAKO,cAAc,CAAC,GAAW;QAChC,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,iBAAiB,GAAG;YACxB,UAAU;YACV,QAAQ;YACR,OAAO;YACP,KAAK;YACL,MAAM;YACN,YAAY;YACZ,SAAS;YACT,cAAc;SACf,CAAC;QAEF,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IACzE,CAAC;IAKO,kBAAkB,CAAC,MAAW;QACpC,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE;YACzC,OAAO,MAAM,CAAC;SACf;QAED,MAAM,SAAS,GAAQ,EAAE,CAAC;QAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;YACjD,IAAI,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE;gBAC5B,SAAS,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;aAC/B;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE;gBAC1D,SAAS,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,gBAAgB,CAAC;aAC7D;iBAAM;gBACL,SAAS,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;aAChD;SACF;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;CACF;AAnPD,oCAmPC"}